openSUSE Security Announce
Threads by month
- ----- 2024 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2023 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2022 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2021 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2020 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2019 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2018 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2017 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2016 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2015 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2014 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2013 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2012 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2011 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2010 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2009 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2008 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2007 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2006 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2005 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2004 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2003 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2002 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2001 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2000 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1999 -----
- December
- November
- October
- September
- August
May 2022
- 1 participants
- 77 discussions
SUSE-SU-2022:1898-1: moderate: Security update for fribidi
by opensuse-security@opensuse.org 31 May '22
by opensuse-security@opensuse.org 31 May '22
31 May '22
SUSE Security Update: Security update for fribidi
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1898-1
Rating: moderate
References: #1196147 #1196148 #1196150
Cross-References: CVE-2022-25308 CVE-2022-25309 CVE-2022-25310
CVSS scores:
CVE-2022-25308 (SUSE): 6.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H
CVE-2022-25309 (SUSE): 6.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H
CVE-2022-25310 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Affected Products:
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Module for Desktop Applications 15-SP4
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP4
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes three vulnerabilities is now available.
Description:
This update for fribidi fixes the following issues:
- CVE-2022-25308: Fixed stack out of bounds read (bsc#1196147).
- CVE-2022-25309: Fixed heap-buffer-overflow in fribidi_cap_rtl_to_unicode
(bsc#1196148).
- CVE-2022-25310: Fixed NULL pointer dereference in
fribidi_remove_bidi_marks (bsc#1196150).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1898=1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP4:
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP4-2022-1898=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-1898=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
fribidi-1.0.10-150400.3.3.1
fribidi-debuginfo-1.0.10-150400.3.3.1
fribidi-debugsource-1.0.10-150400.3.3.1
fribidi-devel-1.0.10-150400.3.3.1
libfribidi0-1.0.10-150400.3.3.1
libfribidi0-debuginfo-1.0.10-150400.3.3.1
- openSUSE Leap 15.4 (x86_64):
libfribidi0-32bit-1.0.10-150400.3.3.1
libfribidi0-32bit-debuginfo-1.0.10-150400.3.3.1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP4 (x86_64):
fribidi-debugsource-1.0.10-150400.3.3.1
libfribidi0-32bit-1.0.10-150400.3.3.1
libfribidi0-32bit-debuginfo-1.0.10-150400.3.3.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64 ppc64le s390x x86_64):
fribidi-1.0.10-150400.3.3.1
fribidi-debuginfo-1.0.10-150400.3.3.1
fribidi-debugsource-1.0.10-150400.3.3.1
fribidi-devel-1.0.10-150400.3.3.1
libfribidi0-1.0.10-150400.3.3.1
libfribidi0-debuginfo-1.0.10-150400.3.3.1
References:
https://www.suse.com/security/cve/CVE-2022-25308.html
https://www.suse.com/security/cve/CVE-2022-25309.html
https://www.suse.com/security/cve/CVE-2022-25310.html
https://bugzilla.suse.com/1196147
https://bugzilla.suse.com/1196148
https://bugzilla.suse.com/1196150
1
0
SUSE-SU-2022:1895-1: important: Security update for postgresql13
by opensuse-security@opensuse.org 31 May '22
by opensuse-security@opensuse.org 31 May '22
31 May '22
SUSE Security Update: Security update for postgresql13
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1895-1
Rating: important
References: #1199475
Cross-References: CVE-2022-1552
CVSS scores:
CVE-2022-1552 (SUSE): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products:
SUSE Enterprise Storage 7
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise High Performance Computing
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Legacy Software 15-SP4
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3
SUSE Linux Enterprise Module for Server Applications 15-SP3
SUSE Linux Enterprise Server
SUSE Linux Enterprise Server 15-SP2-BCL
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP Applications
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.1
SUSE Manager Server 4.1
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for postgresql13 fixes the following issues:
- CVE-2022-1552: Confine additional operations within "security restricted
operation" sandboxes (bsc#1199475).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1895=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1895=1
- SUSE Manager Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-1895=1
- SUSE Manager Retail Branch Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-1895=1
- SUSE Manager Proxy 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-1895=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-1895=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-1895=1
- SUSE Linux Enterprise Server 15-SP2-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-1895=1
- SUSE Linux Enterprise Module for Server Applications 15-SP3:
zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP3-2022-1895=1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3:
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP3-2022-1895=1
- SUSE Linux Enterprise Module for Legacy Software 15-SP4:
zypper in -t patch SUSE-SLE-Module-Legacy-15-SP4-2022-1895=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-1895=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-1895=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-1895=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2022-1895=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
postgresql13-13.7-150200.5.28.1
postgresql13-contrib-13.7-150200.5.28.1
postgresql13-contrib-debuginfo-13.7-150200.5.28.1
postgresql13-debuginfo-13.7-150200.5.28.1
postgresql13-debugsource-13.7-150200.5.28.1
postgresql13-devel-13.7-150200.5.28.1
postgresql13-devel-debuginfo-13.7-150200.5.28.1
postgresql13-llvmjit-13.7-150200.5.28.1
postgresql13-llvmjit-debuginfo-13.7-150200.5.28.1
postgresql13-llvmjit-devel-13.7-150200.5.28.1
postgresql13-plperl-13.7-150200.5.28.1
postgresql13-plperl-debuginfo-13.7-150200.5.28.1
postgresql13-plpython-13.7-150200.5.28.1
postgresql13-plpython-debuginfo-13.7-150200.5.28.1
postgresql13-pltcl-13.7-150200.5.28.1
postgresql13-pltcl-debuginfo-13.7-150200.5.28.1
postgresql13-server-13.7-150200.5.28.1
postgresql13-server-debuginfo-13.7-150200.5.28.1
postgresql13-server-devel-13.7-150200.5.28.1
postgresql13-server-devel-debuginfo-13.7-150200.5.28.1
postgresql13-test-13.7-150200.5.28.1
- openSUSE Leap 15.4 (noarch):
postgresql13-docs-13.7-150200.5.28.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
postgresql13-13.7-150200.5.28.1
postgresql13-contrib-13.7-150200.5.28.1
postgresql13-contrib-debuginfo-13.7-150200.5.28.1
postgresql13-debuginfo-13.7-150200.5.28.1
postgresql13-debugsource-13.7-150200.5.28.1
postgresql13-devel-13.7-150200.5.28.1
postgresql13-devel-debuginfo-13.7-150200.5.28.1
postgresql13-llvmjit-13.7-150200.5.28.1
postgresql13-llvmjit-debuginfo-13.7-150200.5.28.1
postgresql13-plperl-13.7-150200.5.28.1
postgresql13-plperl-debuginfo-13.7-150200.5.28.1
postgresql13-plpython-13.7-150200.5.28.1
postgresql13-plpython-debuginfo-13.7-150200.5.28.1
postgresql13-pltcl-13.7-150200.5.28.1
postgresql13-pltcl-debuginfo-13.7-150200.5.28.1
postgresql13-server-13.7-150200.5.28.1
postgresql13-server-debuginfo-13.7-150200.5.28.1
postgresql13-server-devel-13.7-150200.5.28.1
postgresql13-server-devel-debuginfo-13.7-150200.5.28.1
postgresql13-test-13.7-150200.5.28.1
- openSUSE Leap 15.3 (noarch):
postgresql13-docs-13.7-150200.5.28.1
- SUSE Manager Server 4.1 (ppc64le s390x x86_64):
postgresql13-13.7-150200.5.28.1
postgresql13-contrib-13.7-150200.5.28.1
postgresql13-contrib-debuginfo-13.7-150200.5.28.1
postgresql13-debuginfo-13.7-150200.5.28.1
postgresql13-debugsource-13.7-150200.5.28.1
postgresql13-devel-13.7-150200.5.28.1
postgresql13-devel-debuginfo-13.7-150200.5.28.1
postgresql13-plperl-13.7-150200.5.28.1
postgresql13-plperl-debuginfo-13.7-150200.5.28.1
postgresql13-plpython-13.7-150200.5.28.1
postgresql13-plpython-debuginfo-13.7-150200.5.28.1
postgresql13-pltcl-13.7-150200.5.28.1
postgresql13-pltcl-debuginfo-13.7-150200.5.28.1
postgresql13-server-13.7-150200.5.28.1
postgresql13-server-debuginfo-13.7-150200.5.28.1
postgresql13-server-devel-13.7-150200.5.28.1
postgresql13-server-devel-debuginfo-13.7-150200.5.28.1
- SUSE Manager Server 4.1 (noarch):
postgresql13-docs-13.7-150200.5.28.1
- SUSE Manager Retail Branch Server 4.1 (noarch):
postgresql13-docs-13.7-150200.5.28.1
- SUSE Manager Retail Branch Server 4.1 (x86_64):
postgresql13-13.7-150200.5.28.1
postgresql13-contrib-13.7-150200.5.28.1
postgresql13-contrib-debuginfo-13.7-150200.5.28.1
postgresql13-debuginfo-13.7-150200.5.28.1
postgresql13-debugsource-13.7-150200.5.28.1
postgresql13-devel-13.7-150200.5.28.1
postgresql13-devel-debuginfo-13.7-150200.5.28.1
postgresql13-plperl-13.7-150200.5.28.1
postgresql13-plperl-debuginfo-13.7-150200.5.28.1
postgresql13-plpython-13.7-150200.5.28.1
postgresql13-plpython-debuginfo-13.7-150200.5.28.1
postgresql13-pltcl-13.7-150200.5.28.1
postgresql13-pltcl-debuginfo-13.7-150200.5.28.1
postgresql13-server-13.7-150200.5.28.1
postgresql13-server-debuginfo-13.7-150200.5.28.1
postgresql13-server-devel-13.7-150200.5.28.1
postgresql13-server-devel-debuginfo-13.7-150200.5.28.1
- SUSE Manager Proxy 4.1 (x86_64):
postgresql13-13.7-150200.5.28.1
postgresql13-contrib-13.7-150200.5.28.1
postgresql13-contrib-debuginfo-13.7-150200.5.28.1
postgresql13-debuginfo-13.7-150200.5.28.1
postgresql13-debugsource-13.7-150200.5.28.1
postgresql13-devel-13.7-150200.5.28.1
postgresql13-devel-debuginfo-13.7-150200.5.28.1
postgresql13-plperl-13.7-150200.5.28.1
postgresql13-plperl-debuginfo-13.7-150200.5.28.1
postgresql13-plpython-13.7-150200.5.28.1
postgresql13-plpython-debuginfo-13.7-150200.5.28.1
postgresql13-pltcl-13.7-150200.5.28.1
postgresql13-pltcl-debuginfo-13.7-150200.5.28.1
postgresql13-server-13.7-150200.5.28.1
postgresql13-server-debuginfo-13.7-150200.5.28.1
postgresql13-server-devel-13.7-150200.5.28.1
postgresql13-server-devel-debuginfo-13.7-150200.5.28.1
- SUSE Manager Proxy 4.1 (noarch):
postgresql13-docs-13.7-150200.5.28.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64):
postgresql13-13.7-150200.5.28.1
postgresql13-contrib-13.7-150200.5.28.1
postgresql13-contrib-debuginfo-13.7-150200.5.28.1
postgresql13-debuginfo-13.7-150200.5.28.1
postgresql13-debugsource-13.7-150200.5.28.1
postgresql13-devel-13.7-150200.5.28.1
postgresql13-devel-debuginfo-13.7-150200.5.28.1
postgresql13-plperl-13.7-150200.5.28.1
postgresql13-plperl-debuginfo-13.7-150200.5.28.1
postgresql13-plpython-13.7-150200.5.28.1
postgresql13-plpython-debuginfo-13.7-150200.5.28.1
postgresql13-pltcl-13.7-150200.5.28.1
postgresql13-pltcl-debuginfo-13.7-150200.5.28.1
postgresql13-server-13.7-150200.5.28.1
postgresql13-server-debuginfo-13.7-150200.5.28.1
postgresql13-server-devel-13.7-150200.5.28.1
postgresql13-server-devel-debuginfo-13.7-150200.5.28.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (noarch):
postgresql13-docs-13.7-150200.5.28.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64):
postgresql13-13.7-150200.5.28.1
postgresql13-contrib-13.7-150200.5.28.1
postgresql13-contrib-debuginfo-13.7-150200.5.28.1
postgresql13-debuginfo-13.7-150200.5.28.1
postgresql13-debugsource-13.7-150200.5.28.1
postgresql13-devel-13.7-150200.5.28.1
postgresql13-devel-debuginfo-13.7-150200.5.28.1
postgresql13-plperl-13.7-150200.5.28.1
postgresql13-plperl-debuginfo-13.7-150200.5.28.1
postgresql13-plpython-13.7-150200.5.28.1
postgresql13-plpython-debuginfo-13.7-150200.5.28.1
postgresql13-pltcl-13.7-150200.5.28.1
postgresql13-pltcl-debuginfo-13.7-150200.5.28.1
postgresql13-server-13.7-150200.5.28.1
postgresql13-server-debuginfo-13.7-150200.5.28.1
postgresql13-server-devel-13.7-150200.5.28.1
postgresql13-server-devel-debuginfo-13.7-150200.5.28.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (noarch):
postgresql13-docs-13.7-150200.5.28.1
- SUSE Linux Enterprise Server 15-SP2-BCL (noarch):
postgresql13-docs-13.7-150200.5.28.1
- SUSE Linux Enterprise Server 15-SP2-BCL (x86_64):
postgresql13-13.7-150200.5.28.1
postgresql13-contrib-13.7-150200.5.28.1
postgresql13-contrib-debuginfo-13.7-150200.5.28.1
postgresql13-debuginfo-13.7-150200.5.28.1
postgresql13-debugsource-13.7-150200.5.28.1
postgresql13-devel-13.7-150200.5.28.1
postgresql13-devel-debuginfo-13.7-150200.5.28.1
postgresql13-plperl-13.7-150200.5.28.1
postgresql13-plperl-debuginfo-13.7-150200.5.28.1
postgresql13-plpython-13.7-150200.5.28.1
postgresql13-plpython-debuginfo-13.7-150200.5.28.1
postgresql13-pltcl-13.7-150200.5.28.1
postgresql13-pltcl-debuginfo-13.7-150200.5.28.1
postgresql13-server-13.7-150200.5.28.1
postgresql13-server-debuginfo-13.7-150200.5.28.1
postgresql13-server-devel-13.7-150200.5.28.1
postgresql13-server-devel-debuginfo-13.7-150200.5.28.1
- SUSE Linux Enterprise Module for Server Applications 15-SP3 (aarch64 ppc64le s390x x86_64):
postgresql13-contrib-13.7-150200.5.28.1
postgresql13-contrib-debuginfo-13.7-150200.5.28.1
postgresql13-debuginfo-13.7-150200.5.28.1
postgresql13-debugsource-13.7-150200.5.28.1
postgresql13-devel-13.7-150200.5.28.1
postgresql13-devel-debuginfo-13.7-150200.5.28.1
postgresql13-plperl-13.7-150200.5.28.1
postgresql13-plperl-debuginfo-13.7-150200.5.28.1
postgresql13-plpython-13.7-150200.5.28.1
postgresql13-plpython-debuginfo-13.7-150200.5.28.1
postgresql13-pltcl-13.7-150200.5.28.1
postgresql13-pltcl-debuginfo-13.7-150200.5.28.1
postgresql13-server-13.7-150200.5.28.1
postgresql13-server-debuginfo-13.7-150200.5.28.1
postgresql13-server-devel-13.7-150200.5.28.1
postgresql13-server-devel-debuginfo-13.7-150200.5.28.1
- SUSE Linux Enterprise Module for Server Applications 15-SP3 (noarch):
postgresql13-docs-13.7-150200.5.28.1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3 (aarch64 ppc64le s390x x86_64):
postgresql13-llvmjit-13.7-150200.5.28.1
postgresql13-llvmjit-debuginfo-13.7-150200.5.28.1
postgresql13-test-13.7-150200.5.28.1
- SUSE Linux Enterprise Module for Legacy Software 15-SP4 (aarch64 ppc64le s390x x86_64):
postgresql13-13.7-150200.5.28.1
postgresql13-contrib-13.7-150200.5.28.1
postgresql13-contrib-debuginfo-13.7-150200.5.28.1
postgresql13-debuginfo-13.7-150200.5.28.1
postgresql13-debugsource-13.7-150200.5.28.1
postgresql13-devel-13.7-150200.5.28.1
postgresql13-devel-debuginfo-13.7-150200.5.28.1
postgresql13-llvmjit-13.7-150200.5.28.1
postgresql13-llvmjit-debuginfo-13.7-150200.5.28.1
postgresql13-llvmjit-devel-13.7-150200.5.28.1
postgresql13-plperl-13.7-150200.5.28.1
postgresql13-plperl-debuginfo-13.7-150200.5.28.1
postgresql13-plpython-13.7-150200.5.28.1
postgresql13-plpython-debuginfo-13.7-150200.5.28.1
postgresql13-pltcl-13.7-150200.5.28.1
postgresql13-pltcl-debuginfo-13.7-150200.5.28.1
postgresql13-server-13.7-150200.5.28.1
postgresql13-server-debuginfo-13.7-150200.5.28.1
postgresql13-server-devel-13.7-150200.5.28.1
postgresql13-server-devel-debuginfo-13.7-150200.5.28.1
- SUSE Linux Enterprise Module for Legacy Software 15-SP4 (noarch):
postgresql13-docs-13.7-150200.5.28.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64):
postgresql13-13.7-150200.5.28.1
postgresql13-debuginfo-13.7-150200.5.28.1
postgresql13-debugsource-13.7-150200.5.28.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64):
postgresql13-13.7-150200.5.28.1
postgresql13-contrib-13.7-150200.5.28.1
postgresql13-contrib-debuginfo-13.7-150200.5.28.1
postgresql13-debuginfo-13.7-150200.5.28.1
postgresql13-debugsource-13.7-150200.5.28.1
postgresql13-devel-13.7-150200.5.28.1
postgresql13-devel-debuginfo-13.7-150200.5.28.1
postgresql13-plperl-13.7-150200.5.28.1
postgresql13-plperl-debuginfo-13.7-150200.5.28.1
postgresql13-plpython-13.7-150200.5.28.1
postgresql13-plpython-debuginfo-13.7-150200.5.28.1
postgresql13-pltcl-13.7-150200.5.28.1
postgresql13-pltcl-debuginfo-13.7-150200.5.28.1
postgresql13-server-13.7-150200.5.28.1
postgresql13-server-debuginfo-13.7-150200.5.28.1
postgresql13-server-devel-13.7-150200.5.28.1
postgresql13-server-devel-debuginfo-13.7-150200.5.28.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (noarch):
postgresql13-docs-13.7-150200.5.28.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (aarch64 x86_64):
postgresql13-13.7-150200.5.28.1
postgresql13-contrib-13.7-150200.5.28.1
postgresql13-contrib-debuginfo-13.7-150200.5.28.1
postgresql13-debuginfo-13.7-150200.5.28.1
postgresql13-debugsource-13.7-150200.5.28.1
postgresql13-devel-13.7-150200.5.28.1
postgresql13-devel-debuginfo-13.7-150200.5.28.1
postgresql13-plperl-13.7-150200.5.28.1
postgresql13-plperl-debuginfo-13.7-150200.5.28.1
postgresql13-plpython-13.7-150200.5.28.1
postgresql13-plpython-debuginfo-13.7-150200.5.28.1
postgresql13-pltcl-13.7-150200.5.28.1
postgresql13-pltcl-debuginfo-13.7-150200.5.28.1
postgresql13-server-13.7-150200.5.28.1
postgresql13-server-debuginfo-13.7-150200.5.28.1
postgresql13-server-devel-13.7-150200.5.28.1
postgresql13-server-devel-debuginfo-13.7-150200.5.28.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (noarch):
postgresql13-docs-13.7-150200.5.28.1
- SUSE Enterprise Storage 7 (aarch64 x86_64):
postgresql13-13.7-150200.5.28.1
postgresql13-contrib-13.7-150200.5.28.1
postgresql13-contrib-debuginfo-13.7-150200.5.28.1
postgresql13-debuginfo-13.7-150200.5.28.1
postgresql13-debugsource-13.7-150200.5.28.1
postgresql13-devel-13.7-150200.5.28.1
postgresql13-devel-debuginfo-13.7-150200.5.28.1
postgresql13-plperl-13.7-150200.5.28.1
postgresql13-plperl-debuginfo-13.7-150200.5.28.1
postgresql13-plpython-13.7-150200.5.28.1
postgresql13-plpython-debuginfo-13.7-150200.5.28.1
postgresql13-pltcl-13.7-150200.5.28.1
postgresql13-pltcl-debuginfo-13.7-150200.5.28.1
postgresql13-server-13.7-150200.5.28.1
postgresql13-server-debuginfo-13.7-150200.5.28.1
postgresql13-server-devel-13.7-150200.5.28.1
postgresql13-server-devel-debuginfo-13.7-150200.5.28.1
- SUSE Enterprise Storage 7 (noarch):
postgresql13-docs-13.7-150200.5.28.1
References:
https://www.suse.com/security/cve/CVE-2022-1552.html
https://bugzilla.suse.com/1199475
1
0
SUSE-SU-2022:1892-1: moderate: Security update for dpdk
by opensuse-security@opensuse.org 31 May '22
by opensuse-security@opensuse.org 31 May '22
31 May '22
SUSE Security Update: Security update for dpdk
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1892-1
Rating: moderate
References: #1195172 #1198873 #1198963 #1198964
Cross-References: CVE-2021-3839 CVE-2022-0669
CVSS scores:
CVE-2021-3839 (SUSE): 5.2 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:L
CVE-2022-0669 (SUSE): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
Affected Products:
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Module for Server Applications 15-SP3
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Manager Proxy 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that solves two vulnerabilities and has two fixes
is now available.
Description:
This update for dpdk fixes the following issues:
Security:
- CVE-2021-3839: Fixed a memory corruption issue during vhost-user
communication (bsc#1198963).
- CVE-2022-0669: Fixed a denial of service that could be triggered by a
vhost-user master (bsc#1198964).
Bugfixes:
- kni: allow configuring thread granularity (bsc#1195172).
- Fixed reading of PCI device name as UTF strings (bsc#1198873).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1892=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1892=1
- SUSE Linux Enterprise Module for Server Applications 15-SP3:
zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP3-2022-1892=1
Package List:
- openSUSE Leap 15.4 (aarch64 x86_64):
dpdk-kmp-preempt-19.11.4_k5.3.18_150300.59.63-150300.11.1
dpdk-kmp-preempt-debuginfo-19.11.4_k5.3.18_150300.59.63-150300.11.1
- openSUSE Leap 15.4 (aarch64):
dpdk-thunderx-kmp-preempt-19.11.4_k5.3.18_150300.59.63-150300.11.1
dpdk-thunderx-kmp-preempt-debuginfo-19.11.4_k5.3.18_150300.59.63-150300.11.1
- openSUSE Leap 15.3 (aarch64 ppc64le x86_64):
dpdk-19.11.4-150300.11.1
dpdk-debuginfo-19.11.4-150300.11.1
dpdk-debugsource-19.11.4-150300.11.1
dpdk-devel-19.11.4-150300.11.1
dpdk-devel-debuginfo-19.11.4-150300.11.1
dpdk-examples-19.11.4-150300.11.1
dpdk-examples-debuginfo-19.11.4-150300.11.1
dpdk-kmp-default-19.11.4_k5.3.18_150300.59.63-150300.11.1
dpdk-kmp-default-debuginfo-19.11.4_k5.3.18_150300.59.63-150300.11.1
dpdk-tools-19.11.4-150300.11.1
dpdk-tools-debuginfo-19.11.4-150300.11.1
libdpdk-20_0-19.11.4-150300.11.1
libdpdk-20_0-debuginfo-19.11.4-150300.11.1
- openSUSE Leap 15.3 (aarch64 x86_64):
dpdk-kmp-preempt-19.11.4_k5.3.18_150300.59.63-150300.11.1
dpdk-kmp-preempt-debuginfo-19.11.4_k5.3.18_150300.59.63-150300.11.1
- openSUSE Leap 15.3 (aarch64):
dpdk-thunderx-19.11.4-150300.11.1
dpdk-thunderx-debuginfo-19.11.4-150300.11.1
dpdk-thunderx-debugsource-19.11.4-150300.11.1
dpdk-thunderx-devel-19.11.4-150300.11.1
dpdk-thunderx-devel-debuginfo-19.11.4-150300.11.1
dpdk-thunderx-examples-19.11.4-150300.11.1
dpdk-thunderx-examples-debuginfo-19.11.4-150300.11.1
dpdk-thunderx-kmp-default-19.11.4_k5.3.18_150300.59.63-150300.11.1
dpdk-thunderx-kmp-default-debuginfo-19.11.4_k5.3.18_150300.59.63-150300.11.1
dpdk-thunderx-kmp-preempt-19.11.4_k5.3.18_150300.59.63-150300.11.1
dpdk-thunderx-kmp-preempt-debuginfo-19.11.4_k5.3.18_150300.59.63-150300.11.1
dpdk-thunderx-tools-19.11.4-150300.11.1
dpdk-thunderx-tools-debuginfo-19.11.4-150300.11.1
- openSUSE Leap 15.3 (noarch):
dpdk-doc-19.11.4-150300.11.1
dpdk-thunderx-doc-19.11.4-150300.11.1
- SUSE Linux Enterprise Module for Server Applications 15-SP3 (aarch64 ppc64le x86_64):
dpdk-19.11.4-150300.11.1
dpdk-debuginfo-19.11.4-150300.11.1
dpdk-debugsource-19.11.4-150300.11.1
dpdk-devel-19.11.4-150300.11.1
dpdk-devel-debuginfo-19.11.4-150300.11.1
dpdk-kmp-default-19.11.4_k5.3.18_150300.59.63-150300.11.1
dpdk-kmp-default-debuginfo-19.11.4_k5.3.18_150300.59.63-150300.11.1
dpdk-tools-19.11.4-150300.11.1
dpdk-tools-debuginfo-19.11.4-150300.11.1
libdpdk-20_0-19.11.4-150300.11.1
libdpdk-20_0-debuginfo-19.11.4-150300.11.1
- SUSE Linux Enterprise Module for Server Applications 15-SP3 (aarch64):
dpdk-thunderx-19.11.4-150300.11.1
dpdk-thunderx-debuginfo-19.11.4-150300.11.1
dpdk-thunderx-debugsource-19.11.4-150300.11.1
dpdk-thunderx-devel-19.11.4-150300.11.1
dpdk-thunderx-devel-debuginfo-19.11.4-150300.11.1
dpdk-thunderx-kmp-default-19.11.4_k5.3.18_150300.59.63-150300.11.1
dpdk-thunderx-kmp-default-debuginfo-19.11.4_k5.3.18_150300.59.63-150300.11.1
References:
https://www.suse.com/security/cve/CVE-2021-3839.html
https://www.suse.com/security/cve/CVE-2022-0669.html
https://bugzilla.suse.com/1195172
https://bugzilla.suse.com/1198873
https://bugzilla.suse.com/1198963
https://bugzilla.suse.com/1198964
1
0
SUSE-SU-2022:1894-1: important: Security update for postgresql12
by opensuse-security@opensuse.org 31 May '22
by opensuse-security@opensuse.org 31 May '22
31 May '22
SUSE Security Update: Security update for postgresql12
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1894-1
Rating: important
References: #1199475
Cross-References: CVE-2022-1552
CVSS scores:
CVE-2022-1552 (SUSE): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products:
SUSE Enterprise Storage 7
SUSE Linux Enterprise High Performance Computing
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Module for Legacy Software 15-SP3
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3
SUSE Linux Enterprise Server
SUSE Linux Enterprise Server 15-SP2-BCL
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP Applications
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.1
SUSE Manager Server 4.1
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for postgresql12 fixes the following issues:
- CVE-2022-1552: Confine additional operations within "security restricted
operation" sandboxes (bsc#1199475).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1894=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1894=1
- SUSE Manager Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-1894=1
- SUSE Manager Retail Branch Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-1894=1
- SUSE Manager Proxy 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-1894=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-1894=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-1894=1
- SUSE Linux Enterprise Server 15-SP2-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-1894=1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3:
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP3-2022-1894=1
- SUSE Linux Enterprise Module for Legacy Software 15-SP3:
zypper in -t patch SUSE-SLE-Module-Legacy-15-SP3-2022-1894=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-1894=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-1894=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2022-1894=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
postgresql12-12.11-150200.8.32.1
postgresql12-contrib-12.11-150200.8.32.1
postgresql12-contrib-debuginfo-12.11-150200.8.32.1
postgresql12-debuginfo-12.11-150200.8.32.1
postgresql12-debugsource-12.11-150200.8.32.1
postgresql12-devel-12.11-150200.8.32.1
postgresql12-devel-debuginfo-12.11-150200.8.32.1
postgresql12-llvmjit-12.11-150200.8.32.1
postgresql12-llvmjit-debuginfo-12.11-150200.8.32.1
postgresql12-llvmjit-devel-12.11-150200.8.32.1
postgresql12-plperl-12.11-150200.8.32.1
postgresql12-plperl-debuginfo-12.11-150200.8.32.1
postgresql12-plpython-12.11-150200.8.32.1
postgresql12-plpython-debuginfo-12.11-150200.8.32.1
postgresql12-pltcl-12.11-150200.8.32.1
postgresql12-pltcl-debuginfo-12.11-150200.8.32.1
postgresql12-server-12.11-150200.8.32.1
postgresql12-server-debuginfo-12.11-150200.8.32.1
postgresql12-server-devel-12.11-150200.8.32.1
postgresql12-server-devel-debuginfo-12.11-150200.8.32.1
postgresql12-test-12.11-150200.8.32.1
- openSUSE Leap 15.4 (noarch):
postgresql12-docs-12.11-150200.8.32.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
postgresql12-12.11-150200.8.32.1
postgresql12-contrib-12.11-150200.8.32.1
postgresql12-contrib-debuginfo-12.11-150200.8.32.1
postgresql12-debuginfo-12.11-150200.8.32.1
postgresql12-debugsource-12.11-150200.8.32.1
postgresql12-devel-12.11-150200.8.32.1
postgresql12-devel-debuginfo-12.11-150200.8.32.1
postgresql12-llvmjit-12.11-150200.8.32.1
postgresql12-llvmjit-debuginfo-12.11-150200.8.32.1
postgresql12-plperl-12.11-150200.8.32.1
postgresql12-plperl-debuginfo-12.11-150200.8.32.1
postgresql12-plpython-12.11-150200.8.32.1
postgresql12-plpython-debuginfo-12.11-150200.8.32.1
postgresql12-pltcl-12.11-150200.8.32.1
postgresql12-pltcl-debuginfo-12.11-150200.8.32.1
postgresql12-server-12.11-150200.8.32.1
postgresql12-server-debuginfo-12.11-150200.8.32.1
postgresql12-server-devel-12.11-150200.8.32.1
postgresql12-server-devel-debuginfo-12.11-150200.8.32.1
postgresql12-test-12.11-150200.8.32.1
- openSUSE Leap 15.3 (noarch):
postgresql12-docs-12.11-150200.8.32.1
- SUSE Manager Server 4.1 (ppc64le s390x x86_64):
postgresql12-12.11-150200.8.32.1
postgresql12-contrib-12.11-150200.8.32.1
postgresql12-contrib-debuginfo-12.11-150200.8.32.1
postgresql12-debuginfo-12.11-150200.8.32.1
postgresql12-debugsource-12.11-150200.8.32.1
postgresql12-devel-12.11-150200.8.32.1
postgresql12-devel-debuginfo-12.11-150200.8.32.1
postgresql12-plperl-12.11-150200.8.32.1
postgresql12-plperl-debuginfo-12.11-150200.8.32.1
postgresql12-plpython-12.11-150200.8.32.1
postgresql12-plpython-debuginfo-12.11-150200.8.32.1
postgresql12-pltcl-12.11-150200.8.32.1
postgresql12-pltcl-debuginfo-12.11-150200.8.32.1
postgresql12-server-12.11-150200.8.32.1
postgresql12-server-debuginfo-12.11-150200.8.32.1
postgresql12-server-devel-12.11-150200.8.32.1
postgresql12-server-devel-debuginfo-12.11-150200.8.32.1
- SUSE Manager Server 4.1 (noarch):
postgresql12-docs-12.11-150200.8.32.1
- SUSE Manager Retail Branch Server 4.1 (x86_64):
postgresql12-12.11-150200.8.32.1
postgresql12-contrib-12.11-150200.8.32.1
postgresql12-contrib-debuginfo-12.11-150200.8.32.1
postgresql12-debuginfo-12.11-150200.8.32.1
postgresql12-debugsource-12.11-150200.8.32.1
postgresql12-devel-12.11-150200.8.32.1
postgresql12-devel-debuginfo-12.11-150200.8.32.1
postgresql12-plperl-12.11-150200.8.32.1
postgresql12-plperl-debuginfo-12.11-150200.8.32.1
postgresql12-plpython-12.11-150200.8.32.1
postgresql12-plpython-debuginfo-12.11-150200.8.32.1
postgresql12-pltcl-12.11-150200.8.32.1
postgresql12-pltcl-debuginfo-12.11-150200.8.32.1
postgresql12-server-12.11-150200.8.32.1
postgresql12-server-debuginfo-12.11-150200.8.32.1
postgresql12-server-devel-12.11-150200.8.32.1
postgresql12-server-devel-debuginfo-12.11-150200.8.32.1
- SUSE Manager Retail Branch Server 4.1 (noarch):
postgresql12-docs-12.11-150200.8.32.1
- SUSE Manager Proxy 4.1 (noarch):
postgresql12-docs-12.11-150200.8.32.1
- SUSE Manager Proxy 4.1 (x86_64):
postgresql12-12.11-150200.8.32.1
postgresql12-contrib-12.11-150200.8.32.1
postgresql12-contrib-debuginfo-12.11-150200.8.32.1
postgresql12-debuginfo-12.11-150200.8.32.1
postgresql12-debugsource-12.11-150200.8.32.1
postgresql12-devel-12.11-150200.8.32.1
postgresql12-devel-debuginfo-12.11-150200.8.32.1
postgresql12-plperl-12.11-150200.8.32.1
postgresql12-plperl-debuginfo-12.11-150200.8.32.1
postgresql12-plpython-12.11-150200.8.32.1
postgresql12-plpython-debuginfo-12.11-150200.8.32.1
postgresql12-pltcl-12.11-150200.8.32.1
postgresql12-pltcl-debuginfo-12.11-150200.8.32.1
postgresql12-server-12.11-150200.8.32.1
postgresql12-server-debuginfo-12.11-150200.8.32.1
postgresql12-server-devel-12.11-150200.8.32.1
postgresql12-server-devel-debuginfo-12.11-150200.8.32.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64):
postgresql12-12.11-150200.8.32.1
postgresql12-contrib-12.11-150200.8.32.1
postgresql12-contrib-debuginfo-12.11-150200.8.32.1
postgresql12-debuginfo-12.11-150200.8.32.1
postgresql12-debugsource-12.11-150200.8.32.1
postgresql12-devel-12.11-150200.8.32.1
postgresql12-devel-debuginfo-12.11-150200.8.32.1
postgresql12-plperl-12.11-150200.8.32.1
postgresql12-plperl-debuginfo-12.11-150200.8.32.1
postgresql12-plpython-12.11-150200.8.32.1
postgresql12-plpython-debuginfo-12.11-150200.8.32.1
postgresql12-pltcl-12.11-150200.8.32.1
postgresql12-pltcl-debuginfo-12.11-150200.8.32.1
postgresql12-server-12.11-150200.8.32.1
postgresql12-server-debuginfo-12.11-150200.8.32.1
postgresql12-server-devel-12.11-150200.8.32.1
postgresql12-server-devel-debuginfo-12.11-150200.8.32.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (noarch):
postgresql12-docs-12.11-150200.8.32.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64):
postgresql12-12.11-150200.8.32.1
postgresql12-contrib-12.11-150200.8.32.1
postgresql12-contrib-debuginfo-12.11-150200.8.32.1
postgresql12-debuginfo-12.11-150200.8.32.1
postgresql12-debugsource-12.11-150200.8.32.1
postgresql12-devel-12.11-150200.8.32.1
postgresql12-devel-debuginfo-12.11-150200.8.32.1
postgresql12-plperl-12.11-150200.8.32.1
postgresql12-plperl-debuginfo-12.11-150200.8.32.1
postgresql12-plpython-12.11-150200.8.32.1
postgresql12-plpython-debuginfo-12.11-150200.8.32.1
postgresql12-pltcl-12.11-150200.8.32.1
postgresql12-pltcl-debuginfo-12.11-150200.8.32.1
postgresql12-server-12.11-150200.8.32.1
postgresql12-server-debuginfo-12.11-150200.8.32.1
postgresql12-server-devel-12.11-150200.8.32.1
postgresql12-server-devel-debuginfo-12.11-150200.8.32.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (noarch):
postgresql12-docs-12.11-150200.8.32.1
- SUSE Linux Enterprise Server 15-SP2-BCL (noarch):
postgresql12-docs-12.11-150200.8.32.1
- SUSE Linux Enterprise Server 15-SP2-BCL (x86_64):
postgresql12-12.11-150200.8.32.1
postgresql12-contrib-12.11-150200.8.32.1
postgresql12-contrib-debuginfo-12.11-150200.8.32.1
postgresql12-debuginfo-12.11-150200.8.32.1
postgresql12-debugsource-12.11-150200.8.32.1
postgresql12-devel-12.11-150200.8.32.1
postgresql12-devel-debuginfo-12.11-150200.8.32.1
postgresql12-plperl-12.11-150200.8.32.1
postgresql12-plperl-debuginfo-12.11-150200.8.32.1
postgresql12-plpython-12.11-150200.8.32.1
postgresql12-plpython-debuginfo-12.11-150200.8.32.1
postgresql12-pltcl-12.11-150200.8.32.1
postgresql12-pltcl-debuginfo-12.11-150200.8.32.1
postgresql12-server-12.11-150200.8.32.1
postgresql12-server-debuginfo-12.11-150200.8.32.1
postgresql12-server-devel-12.11-150200.8.32.1
postgresql12-server-devel-debuginfo-12.11-150200.8.32.1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3 (aarch64 ppc64le s390x x86_64):
postgresql12-llvmjit-12.11-150200.8.32.1
postgresql12-llvmjit-debuginfo-12.11-150200.8.32.1
postgresql12-test-12.11-150200.8.32.1
- SUSE Linux Enterprise Module for Legacy Software 15-SP3 (aarch64 ppc64le s390x x86_64):
postgresql12-12.11-150200.8.32.1
postgresql12-contrib-12.11-150200.8.32.1
postgresql12-contrib-debuginfo-12.11-150200.8.32.1
postgresql12-debuginfo-12.11-150200.8.32.1
postgresql12-debugsource-12.11-150200.8.32.1
postgresql12-devel-12.11-150200.8.32.1
postgresql12-devel-debuginfo-12.11-150200.8.32.1
postgresql12-plperl-12.11-150200.8.32.1
postgresql12-plperl-debuginfo-12.11-150200.8.32.1
postgresql12-plpython-12.11-150200.8.32.1
postgresql12-plpython-debuginfo-12.11-150200.8.32.1
postgresql12-pltcl-12.11-150200.8.32.1
postgresql12-pltcl-debuginfo-12.11-150200.8.32.1
postgresql12-server-12.11-150200.8.32.1
postgresql12-server-debuginfo-12.11-150200.8.32.1
postgresql12-server-devel-12.11-150200.8.32.1
postgresql12-server-devel-debuginfo-12.11-150200.8.32.1
- SUSE Linux Enterprise Module for Legacy Software 15-SP3 (noarch):
postgresql12-docs-12.11-150200.8.32.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64):
postgresql12-12.11-150200.8.32.1
postgresql12-contrib-12.11-150200.8.32.1
postgresql12-contrib-debuginfo-12.11-150200.8.32.1
postgresql12-debuginfo-12.11-150200.8.32.1
postgresql12-debugsource-12.11-150200.8.32.1
postgresql12-devel-12.11-150200.8.32.1
postgresql12-devel-debuginfo-12.11-150200.8.32.1
postgresql12-plperl-12.11-150200.8.32.1
postgresql12-plperl-debuginfo-12.11-150200.8.32.1
postgresql12-plpython-12.11-150200.8.32.1
postgresql12-plpython-debuginfo-12.11-150200.8.32.1
postgresql12-pltcl-12.11-150200.8.32.1
postgresql12-pltcl-debuginfo-12.11-150200.8.32.1
postgresql12-server-12.11-150200.8.32.1
postgresql12-server-debuginfo-12.11-150200.8.32.1
postgresql12-server-devel-12.11-150200.8.32.1
postgresql12-server-devel-debuginfo-12.11-150200.8.32.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (noarch):
postgresql12-docs-12.11-150200.8.32.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (aarch64 x86_64):
postgresql12-12.11-150200.8.32.1
postgresql12-contrib-12.11-150200.8.32.1
postgresql12-contrib-debuginfo-12.11-150200.8.32.1
postgresql12-debuginfo-12.11-150200.8.32.1
postgresql12-debugsource-12.11-150200.8.32.1
postgresql12-devel-12.11-150200.8.32.1
postgresql12-devel-debuginfo-12.11-150200.8.32.1
postgresql12-plperl-12.11-150200.8.32.1
postgresql12-plperl-debuginfo-12.11-150200.8.32.1
postgresql12-plpython-12.11-150200.8.32.1
postgresql12-plpython-debuginfo-12.11-150200.8.32.1
postgresql12-pltcl-12.11-150200.8.32.1
postgresql12-pltcl-debuginfo-12.11-150200.8.32.1
postgresql12-server-12.11-150200.8.32.1
postgresql12-server-debuginfo-12.11-150200.8.32.1
postgresql12-server-devel-12.11-150200.8.32.1
postgresql12-server-devel-debuginfo-12.11-150200.8.32.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (noarch):
postgresql12-docs-12.11-150200.8.32.1
- SUSE Enterprise Storage 7 (aarch64 x86_64):
postgresql12-12.11-150200.8.32.1
postgresql12-contrib-12.11-150200.8.32.1
postgresql12-contrib-debuginfo-12.11-150200.8.32.1
postgresql12-debuginfo-12.11-150200.8.32.1
postgresql12-debugsource-12.11-150200.8.32.1
postgresql12-devel-12.11-150200.8.32.1
postgresql12-devel-debuginfo-12.11-150200.8.32.1
postgresql12-plperl-12.11-150200.8.32.1
postgresql12-plperl-debuginfo-12.11-150200.8.32.1
postgresql12-plpython-12.11-150200.8.32.1
postgresql12-plpython-debuginfo-12.11-150200.8.32.1
postgresql12-pltcl-12.11-150200.8.32.1
postgresql12-pltcl-debuginfo-12.11-150200.8.32.1
postgresql12-server-12.11-150200.8.32.1
postgresql12-server-debuginfo-12.11-150200.8.32.1
postgresql12-server-devel-12.11-150200.8.32.1
postgresql12-server-devel-debuginfo-12.11-150200.8.32.1
- SUSE Enterprise Storage 7 (noarch):
postgresql12-docs-12.11-150200.8.32.1
References:
https://www.suse.com/security/cve/CVE-2022-1552.html
https://bugzilla.suse.com/1199475
1
0
openSUSE-SU-2022:10001-1: moderate: Security update for pcmanfm
by opensuse-security@opensuse.org 31 May '22
by opensuse-security@opensuse.org 31 May '22
31 May '22
openSUSE Security Update: Security update for pcmanfm
______________________________________________________________________________
Announcement ID: openSUSE-SU-2022:10001-1
Rating: moderate
References: #1039140
Cross-References: CVE-2017-8934
CVSS scores:
CVE-2017-8934 (NVD) : 5.5 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Affected Products:
openSUSE Backports SLE-15-SP3
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for pcmanfm fixes the following issues:
update to 1.3.2:
* Fixed case when some keyboard shortcuts stopped working: Alt+Home, Alt+Up
* Fixed sytem reboot delayed for 90 seconds in some cases
new upstream release of pcmanfm 1.3.1
* fixed crash on reload while directory changes
* changed size of large thumbnails to 512
* added application/gzip to archivers.list
* added image/x-compressed-xcf to archivers.list
* allowed bigger sizes of icons and thumbnails
new upstream release of pcmanfm 1.3.0
* Fixed potential access violation, use runtime user dir instead
of tmp diri for single instance socket. boo#1039140 CVE-2017-8934
* Fixed an issue with losing icons on desktop, when file name has a
���[��� char.
* Added a missing tooltip for ���New Window��� toolbar button.
* Fixed an issue when single instance socket directory did not exist
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Backports SLE-15-SP3:
zypper in -t patch openSUSE-2022-10001=1
Package List:
- openSUSE Backports SLE-15-SP3 (aarch64 ppc64le s390x x86_64):
pcmanfm-1.3.2-bp153.2.3.1
pcmanfm-devel-1.3.2-bp153.2.3.1
- openSUSE Backports SLE-15-SP3 (noarch):
pcmanfm-lang-1.3.2-bp153.2.3.1
References:
https://www.suse.com/security/cve/CVE-2017-8934.html
https://bugzilla.suse.com/1039140
1
0
SUSE-SU-2022:1888-1: moderate: Security update for helm-mirror
by opensuse-security@opensuse.org 31 May '22
by opensuse-security@opensuse.org 31 May '22
31 May '22
SUSE Security Update: Security update for helm-mirror
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1888-1
Rating: moderate
References: #1156646 #1197728
Cross-References: CVE-2019-18658
CVSS scores:
CVE-2019-18658 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2019-18658 (SUSE): 6.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:L
Affected Products:
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Containers 15-SP3
SUSE Linux Enterprise Module for Containers 15-SP4
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that solves one vulnerability and has one errata
is now available.
Description:
This update for helm-mirror fixes the following issues:
- Updated to version 0.3.1:
- CVE-2019-18658: Fixed a potential symbolic link issue in helm that
could be used to leak sensitive files (bsc#1156646).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1888=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1888=1
- SUSE Linux Enterprise Module for Containers 15-SP4:
zypper in -t patch SUSE-SLE-Module-Containers-15-SP4-2022-1888=1
- SUSE Linux Enterprise Module for Containers 15-SP3:
zypper in -t patch SUSE-SLE-Module-Containers-15-SP3-2022-1888=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
helm-mirror-0.3.1-150000.1.13.1
helm-mirror-debuginfo-0.3.1-150000.1.13.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
helm-mirror-0.3.1-150000.1.13.1
helm-mirror-debuginfo-0.3.1-150000.1.13.1
- SUSE Linux Enterprise Module for Containers 15-SP4 (aarch64 ppc64le s390x x86_64):
helm-mirror-0.3.1-150000.1.13.1
helm-mirror-debuginfo-0.3.1-150000.1.13.1
- SUSE Linux Enterprise Module for Containers 15-SP3 (aarch64 ppc64le s390x x86_64):
helm-mirror-0.3.1-150000.1.13.1
helm-mirror-debuginfo-0.3.1-150000.1.13.1
References:
https://www.suse.com/security/cve/CVE-2019-18658.html
https://bugzilla.suse.com/1156646
https://bugzilla.suse.com/1197728
1
0
SUSE-SU-2022:1890-1: important: Security update for postgresql10
by opensuse-security@opensuse.org 31 May '22
by opensuse-security@opensuse.org 31 May '22
31 May '22
SUSE Security Update: Security update for postgresql10
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1890-1
Rating: important
References: #1199475
Cross-References: CVE-2022-1552
CVSS scores:
CVE-2022-1552 (SUSE): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products:
SUSE CaaS Platform 4.0
SUSE Enterprise Storage 6
SUSE Enterprise Storage 7
SUSE Linux Enterprise High Performance Computing
SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise Module for Legacy Software 15-SP3
SUSE Linux Enterprise Server
SUSE Linux Enterprise Server 15-SP1-BCL
SUSE Linux Enterprise Server 15-SP1-LTSS
SUSE Linux Enterprise Server 15-SP2-BCL
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server for SAP 15-SP1
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP Applications
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.1
SUSE Manager Server 4.1
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for postgresql10 fixes the following issues:
- CVE-2022-1552: Confine additional operations within "security restricted
operation" sandboxes (bsc#1199475).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1890=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1890=1
- SUSE Manager Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-1890=1
- SUSE Manager Retail Branch Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-1890=1
- SUSE Manager Proxy 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-1890=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-1890=1
- SUSE Linux Enterprise Server for SAP 15-SP1:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2022-1890=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-1890=1
- SUSE Linux Enterprise Server 15-SP2-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-1890=1
- SUSE Linux Enterprise Server 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2022-1890=1
- SUSE Linux Enterprise Server 15-SP1-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-BCL-2022-1890=1
- SUSE Linux Enterprise Module for Legacy Software 15-SP3:
zypper in -t patch SUSE-SLE-Module-Legacy-15-SP3-2022-1890=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-1890=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-1890=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-LTSS-2022-1890=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-ESPOS-2022-1890=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2022-1890=1
- SUSE Enterprise Storage 6:
zypper in -t patch SUSE-Storage-6-2022-1890=1
- SUSE CaaS Platform 4.0:
To install this update, use the SUSE CaaS Platform 'skuba' tool. It
will inform you if it detects new updates and let you then trigger
updating of the complete cluster in a controlled way.
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
postgresql10-10.21-150100.8.47.1
postgresql10-contrib-10.21-150100.8.47.1
postgresql10-contrib-debuginfo-10.21-150100.8.47.1
postgresql10-debuginfo-10.21-150100.8.47.1
postgresql10-debugsource-10.21-150100.8.47.1
postgresql10-llvmjit-devel-10.21-150100.8.47.1
postgresql10-plperl-10.21-150100.8.47.1
postgresql10-plperl-debuginfo-10.21-150100.8.47.1
postgresql10-plpython-10.21-150100.8.47.1
postgresql10-plpython-debuginfo-10.21-150100.8.47.1
postgresql10-pltcl-10.21-150100.8.47.1
postgresql10-pltcl-debuginfo-10.21-150100.8.47.1
postgresql10-server-10.21-150100.8.47.1
postgresql10-server-debuginfo-10.21-150100.8.47.1
postgresql10-test-10.21-150100.8.47.1
- openSUSE Leap 15.4 (noarch):
postgresql10-docs-10.21-150100.8.47.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
postgresql10-10.21-150100.8.47.1
postgresql10-contrib-10.21-150100.8.47.1
postgresql10-contrib-debuginfo-10.21-150100.8.47.1
postgresql10-debuginfo-10.21-150100.8.47.1
postgresql10-debugsource-10.21-150100.8.47.1
postgresql10-plperl-10.21-150100.8.47.1
postgresql10-plperl-debuginfo-10.21-150100.8.47.1
postgresql10-plpython-10.21-150100.8.47.1
postgresql10-plpython-debuginfo-10.21-150100.8.47.1
postgresql10-pltcl-10.21-150100.8.47.1
postgresql10-pltcl-debuginfo-10.21-150100.8.47.1
postgresql10-server-10.21-150100.8.47.1
postgresql10-server-debuginfo-10.21-150100.8.47.1
postgresql10-test-10.21-150100.8.47.1
- openSUSE Leap 15.3 (noarch):
postgresql10-docs-10.21-150100.8.47.1
- SUSE Manager Server 4.1 (ppc64le s390x x86_64):
postgresql10-10.21-150100.8.47.1
postgresql10-contrib-10.21-150100.8.47.1
postgresql10-contrib-debuginfo-10.21-150100.8.47.1
postgresql10-debuginfo-10.21-150100.8.47.1
postgresql10-debugsource-10.21-150100.8.47.1
postgresql10-devel-10.21-150100.8.47.1
postgresql10-devel-debuginfo-10.21-150100.8.47.1
postgresql10-plperl-10.21-150100.8.47.1
postgresql10-plperl-debuginfo-10.21-150100.8.47.1
postgresql10-plpython-10.21-150100.8.47.1
postgresql10-plpython-debuginfo-10.21-150100.8.47.1
postgresql10-pltcl-10.21-150100.8.47.1
postgresql10-pltcl-debuginfo-10.21-150100.8.47.1
postgresql10-server-10.21-150100.8.47.1
postgresql10-server-debuginfo-10.21-150100.8.47.1
- SUSE Manager Server 4.1 (noarch):
postgresql10-docs-10.21-150100.8.47.1
- SUSE Manager Retail Branch Server 4.1 (noarch):
postgresql10-docs-10.21-150100.8.47.1
- SUSE Manager Retail Branch Server 4.1 (x86_64):
postgresql10-10.21-150100.8.47.1
postgresql10-contrib-10.21-150100.8.47.1
postgresql10-contrib-debuginfo-10.21-150100.8.47.1
postgresql10-debuginfo-10.21-150100.8.47.1
postgresql10-debugsource-10.21-150100.8.47.1
postgresql10-devel-10.21-150100.8.47.1
postgresql10-devel-debuginfo-10.21-150100.8.47.1
postgresql10-plperl-10.21-150100.8.47.1
postgresql10-plperl-debuginfo-10.21-150100.8.47.1
postgresql10-plpython-10.21-150100.8.47.1
postgresql10-plpython-debuginfo-10.21-150100.8.47.1
postgresql10-pltcl-10.21-150100.8.47.1
postgresql10-pltcl-debuginfo-10.21-150100.8.47.1
postgresql10-server-10.21-150100.8.47.1
postgresql10-server-debuginfo-10.21-150100.8.47.1
- SUSE Manager Proxy 4.1 (x86_64):
postgresql10-10.21-150100.8.47.1
postgresql10-contrib-10.21-150100.8.47.1
postgresql10-contrib-debuginfo-10.21-150100.8.47.1
postgresql10-debuginfo-10.21-150100.8.47.1
postgresql10-debugsource-10.21-150100.8.47.1
postgresql10-devel-10.21-150100.8.47.1
postgresql10-devel-debuginfo-10.21-150100.8.47.1
postgresql10-plperl-10.21-150100.8.47.1
postgresql10-plperl-debuginfo-10.21-150100.8.47.1
postgresql10-plpython-10.21-150100.8.47.1
postgresql10-plpython-debuginfo-10.21-150100.8.47.1
postgresql10-pltcl-10.21-150100.8.47.1
postgresql10-pltcl-debuginfo-10.21-150100.8.47.1
postgresql10-server-10.21-150100.8.47.1
postgresql10-server-debuginfo-10.21-150100.8.47.1
- SUSE Manager Proxy 4.1 (noarch):
postgresql10-docs-10.21-150100.8.47.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64):
postgresql10-10.21-150100.8.47.1
postgresql10-contrib-10.21-150100.8.47.1
postgresql10-contrib-debuginfo-10.21-150100.8.47.1
postgresql10-debuginfo-10.21-150100.8.47.1
postgresql10-debugsource-10.21-150100.8.47.1
postgresql10-devel-10.21-150100.8.47.1
postgresql10-devel-debuginfo-10.21-150100.8.47.1
postgresql10-plperl-10.21-150100.8.47.1
postgresql10-plperl-debuginfo-10.21-150100.8.47.1
postgresql10-plpython-10.21-150100.8.47.1
postgresql10-plpython-debuginfo-10.21-150100.8.47.1
postgresql10-pltcl-10.21-150100.8.47.1
postgresql10-pltcl-debuginfo-10.21-150100.8.47.1
postgresql10-server-10.21-150100.8.47.1
postgresql10-server-debuginfo-10.21-150100.8.47.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (noarch):
postgresql10-docs-10.21-150100.8.47.1
- SUSE Linux Enterprise Server for SAP 15-SP1 (ppc64le x86_64):
postgresql10-10.21-150100.8.47.1
postgresql10-contrib-10.21-150100.8.47.1
postgresql10-contrib-debuginfo-10.21-150100.8.47.1
postgresql10-debuginfo-10.21-150100.8.47.1
postgresql10-debugsource-10.21-150100.8.47.1
postgresql10-devel-10.21-150100.8.47.1
postgresql10-devel-debuginfo-10.21-150100.8.47.1
postgresql10-plperl-10.21-150100.8.47.1
postgresql10-plperl-debuginfo-10.21-150100.8.47.1
postgresql10-plpython-10.21-150100.8.47.1
postgresql10-plpython-debuginfo-10.21-150100.8.47.1
postgresql10-pltcl-10.21-150100.8.47.1
postgresql10-pltcl-debuginfo-10.21-150100.8.47.1
postgresql10-server-10.21-150100.8.47.1
postgresql10-server-debuginfo-10.21-150100.8.47.1
- SUSE Linux Enterprise Server for SAP 15-SP1 (noarch):
postgresql10-docs-10.21-150100.8.47.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64):
postgresql10-10.21-150100.8.47.1
postgresql10-contrib-10.21-150100.8.47.1
postgresql10-contrib-debuginfo-10.21-150100.8.47.1
postgresql10-debuginfo-10.21-150100.8.47.1
postgresql10-debugsource-10.21-150100.8.47.1
postgresql10-devel-10.21-150100.8.47.1
postgresql10-devel-debuginfo-10.21-150100.8.47.1
postgresql10-plperl-10.21-150100.8.47.1
postgresql10-plperl-debuginfo-10.21-150100.8.47.1
postgresql10-plpython-10.21-150100.8.47.1
postgresql10-plpython-debuginfo-10.21-150100.8.47.1
postgresql10-pltcl-10.21-150100.8.47.1
postgresql10-pltcl-debuginfo-10.21-150100.8.47.1
postgresql10-server-10.21-150100.8.47.1
postgresql10-server-debuginfo-10.21-150100.8.47.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (noarch):
postgresql10-docs-10.21-150100.8.47.1
- SUSE Linux Enterprise Server 15-SP2-BCL (noarch):
postgresql10-docs-10.21-150100.8.47.1
- SUSE Linux Enterprise Server 15-SP2-BCL (x86_64):
postgresql10-10.21-150100.8.47.1
postgresql10-contrib-10.21-150100.8.47.1
postgresql10-contrib-debuginfo-10.21-150100.8.47.1
postgresql10-debuginfo-10.21-150100.8.47.1
postgresql10-debugsource-10.21-150100.8.47.1
postgresql10-devel-10.21-150100.8.47.1
postgresql10-devel-debuginfo-10.21-150100.8.47.1
postgresql10-plperl-10.21-150100.8.47.1
postgresql10-plperl-debuginfo-10.21-150100.8.47.1
postgresql10-plpython-10.21-150100.8.47.1
postgresql10-plpython-debuginfo-10.21-150100.8.47.1
postgresql10-pltcl-10.21-150100.8.47.1
postgresql10-pltcl-debuginfo-10.21-150100.8.47.1
postgresql10-server-10.21-150100.8.47.1
postgresql10-server-debuginfo-10.21-150100.8.47.1
- SUSE Linux Enterprise Server 15-SP1-LTSS (aarch64 ppc64le s390x x86_64):
postgresql10-10.21-150100.8.47.1
postgresql10-contrib-10.21-150100.8.47.1
postgresql10-contrib-debuginfo-10.21-150100.8.47.1
postgresql10-debuginfo-10.21-150100.8.47.1
postgresql10-debugsource-10.21-150100.8.47.1
postgresql10-devel-10.21-150100.8.47.1
postgresql10-devel-debuginfo-10.21-150100.8.47.1
postgresql10-plperl-10.21-150100.8.47.1
postgresql10-plperl-debuginfo-10.21-150100.8.47.1
postgresql10-plpython-10.21-150100.8.47.1
postgresql10-plpython-debuginfo-10.21-150100.8.47.1
postgresql10-pltcl-10.21-150100.8.47.1
postgresql10-pltcl-debuginfo-10.21-150100.8.47.1
postgresql10-server-10.21-150100.8.47.1
postgresql10-server-debuginfo-10.21-150100.8.47.1
- SUSE Linux Enterprise Server 15-SP1-LTSS (noarch):
postgresql10-docs-10.21-150100.8.47.1
- SUSE Linux Enterprise Server 15-SP1-BCL (x86_64):
postgresql10-10.21-150100.8.47.1
postgresql10-contrib-10.21-150100.8.47.1
postgresql10-contrib-debuginfo-10.21-150100.8.47.1
postgresql10-debuginfo-10.21-150100.8.47.1
postgresql10-debugsource-10.21-150100.8.47.1
postgresql10-devel-10.21-150100.8.47.1
postgresql10-devel-debuginfo-10.21-150100.8.47.1
postgresql10-plperl-10.21-150100.8.47.1
postgresql10-plperl-debuginfo-10.21-150100.8.47.1
postgresql10-plpython-10.21-150100.8.47.1
postgresql10-plpython-debuginfo-10.21-150100.8.47.1
postgresql10-pltcl-10.21-150100.8.47.1
postgresql10-pltcl-debuginfo-10.21-150100.8.47.1
postgresql10-server-10.21-150100.8.47.1
postgresql10-server-debuginfo-10.21-150100.8.47.1
- SUSE Linux Enterprise Server 15-SP1-BCL (noarch):
postgresql10-docs-10.21-150100.8.47.1
- SUSE Linux Enterprise Module for Legacy Software 15-SP3 (aarch64 ppc64le s390x x86_64):
postgresql10-10.21-150100.8.47.1
postgresql10-contrib-10.21-150100.8.47.1
postgresql10-contrib-debuginfo-10.21-150100.8.47.1
postgresql10-debuginfo-10.21-150100.8.47.1
postgresql10-debugsource-10.21-150100.8.47.1
postgresql10-devel-10.21-150100.8.47.1
postgresql10-devel-debuginfo-10.21-150100.8.47.1
postgresql10-plperl-10.21-150100.8.47.1
postgresql10-plperl-debuginfo-10.21-150100.8.47.1
postgresql10-plpython-10.21-150100.8.47.1
postgresql10-plpython-debuginfo-10.21-150100.8.47.1
postgresql10-pltcl-10.21-150100.8.47.1
postgresql10-pltcl-debuginfo-10.21-150100.8.47.1
postgresql10-server-10.21-150100.8.47.1
postgresql10-server-debuginfo-10.21-150100.8.47.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64):
postgresql10-10.21-150100.8.47.1
postgresql10-contrib-10.21-150100.8.47.1
postgresql10-contrib-debuginfo-10.21-150100.8.47.1
postgresql10-debuginfo-10.21-150100.8.47.1
postgresql10-debugsource-10.21-150100.8.47.1
postgresql10-devel-10.21-150100.8.47.1
postgresql10-devel-debuginfo-10.21-150100.8.47.1
postgresql10-plperl-10.21-150100.8.47.1
postgresql10-plperl-debuginfo-10.21-150100.8.47.1
postgresql10-plpython-10.21-150100.8.47.1
postgresql10-plpython-debuginfo-10.21-150100.8.47.1
postgresql10-pltcl-10.21-150100.8.47.1
postgresql10-pltcl-debuginfo-10.21-150100.8.47.1
postgresql10-server-10.21-150100.8.47.1
postgresql10-server-debuginfo-10.21-150100.8.47.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (noarch):
postgresql10-docs-10.21-150100.8.47.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (aarch64 x86_64):
postgresql10-10.21-150100.8.47.1
postgresql10-contrib-10.21-150100.8.47.1
postgresql10-contrib-debuginfo-10.21-150100.8.47.1
postgresql10-debuginfo-10.21-150100.8.47.1
postgresql10-debugsource-10.21-150100.8.47.1
postgresql10-devel-10.21-150100.8.47.1
postgresql10-devel-debuginfo-10.21-150100.8.47.1
postgresql10-plperl-10.21-150100.8.47.1
postgresql10-plperl-debuginfo-10.21-150100.8.47.1
postgresql10-plpython-10.21-150100.8.47.1
postgresql10-plpython-debuginfo-10.21-150100.8.47.1
postgresql10-pltcl-10.21-150100.8.47.1
postgresql10-pltcl-debuginfo-10.21-150100.8.47.1
postgresql10-server-10.21-150100.8.47.1
postgresql10-server-debuginfo-10.21-150100.8.47.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (noarch):
postgresql10-docs-10.21-150100.8.47.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (aarch64 x86_64):
postgresql10-10.21-150100.8.47.1
postgresql10-contrib-10.21-150100.8.47.1
postgresql10-contrib-debuginfo-10.21-150100.8.47.1
postgresql10-debuginfo-10.21-150100.8.47.1
postgresql10-debugsource-10.21-150100.8.47.1
postgresql10-devel-10.21-150100.8.47.1
postgresql10-devel-debuginfo-10.21-150100.8.47.1
postgresql10-plperl-10.21-150100.8.47.1
postgresql10-plperl-debuginfo-10.21-150100.8.47.1
postgresql10-plpython-10.21-150100.8.47.1
postgresql10-plpython-debuginfo-10.21-150100.8.47.1
postgresql10-pltcl-10.21-150100.8.47.1
postgresql10-pltcl-debuginfo-10.21-150100.8.47.1
postgresql10-server-10.21-150100.8.47.1
postgresql10-server-debuginfo-10.21-150100.8.47.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (noarch):
postgresql10-docs-10.21-150100.8.47.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (aarch64 x86_64):
postgresql10-10.21-150100.8.47.1
postgresql10-contrib-10.21-150100.8.47.1
postgresql10-contrib-debuginfo-10.21-150100.8.47.1
postgresql10-debuginfo-10.21-150100.8.47.1
postgresql10-debugsource-10.21-150100.8.47.1
postgresql10-devel-10.21-150100.8.47.1
postgresql10-devel-debuginfo-10.21-150100.8.47.1
postgresql10-plperl-10.21-150100.8.47.1
postgresql10-plperl-debuginfo-10.21-150100.8.47.1
postgresql10-plpython-10.21-150100.8.47.1
postgresql10-plpython-debuginfo-10.21-150100.8.47.1
postgresql10-pltcl-10.21-150100.8.47.1
postgresql10-pltcl-debuginfo-10.21-150100.8.47.1
postgresql10-server-10.21-150100.8.47.1
postgresql10-server-debuginfo-10.21-150100.8.47.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (noarch):
postgresql10-docs-10.21-150100.8.47.1
- SUSE Enterprise Storage 7 (aarch64 x86_64):
postgresql10-10.21-150100.8.47.1
postgresql10-contrib-10.21-150100.8.47.1
postgresql10-contrib-debuginfo-10.21-150100.8.47.1
postgresql10-debuginfo-10.21-150100.8.47.1
postgresql10-debugsource-10.21-150100.8.47.1
postgresql10-devel-10.21-150100.8.47.1
postgresql10-devel-debuginfo-10.21-150100.8.47.1
postgresql10-plperl-10.21-150100.8.47.1
postgresql10-plperl-debuginfo-10.21-150100.8.47.1
postgresql10-plpython-10.21-150100.8.47.1
postgresql10-plpython-debuginfo-10.21-150100.8.47.1
postgresql10-pltcl-10.21-150100.8.47.1
postgresql10-pltcl-debuginfo-10.21-150100.8.47.1
postgresql10-server-10.21-150100.8.47.1
postgresql10-server-debuginfo-10.21-150100.8.47.1
- SUSE Enterprise Storage 7 (noarch):
postgresql10-docs-10.21-150100.8.47.1
- SUSE Enterprise Storage 6 (aarch64 x86_64):
postgresql10-10.21-150100.8.47.1
postgresql10-contrib-10.21-150100.8.47.1
postgresql10-contrib-debuginfo-10.21-150100.8.47.1
postgresql10-debuginfo-10.21-150100.8.47.1
postgresql10-debugsource-10.21-150100.8.47.1
postgresql10-devel-10.21-150100.8.47.1
postgresql10-devel-debuginfo-10.21-150100.8.47.1
postgresql10-plperl-10.21-150100.8.47.1
postgresql10-plperl-debuginfo-10.21-150100.8.47.1
postgresql10-plpython-10.21-150100.8.47.1
postgresql10-plpython-debuginfo-10.21-150100.8.47.1
postgresql10-pltcl-10.21-150100.8.47.1
postgresql10-pltcl-debuginfo-10.21-150100.8.47.1
postgresql10-server-10.21-150100.8.47.1
postgresql10-server-debuginfo-10.21-150100.8.47.1
- SUSE Enterprise Storage 6 (noarch):
postgresql10-docs-10.21-150100.8.47.1
- SUSE CaaS Platform 4.0 (noarch):
postgresql10-docs-10.21-150100.8.47.1
- SUSE CaaS Platform 4.0 (x86_64):
postgresql10-10.21-150100.8.47.1
postgresql10-contrib-10.21-150100.8.47.1
postgresql10-contrib-debuginfo-10.21-150100.8.47.1
postgresql10-debuginfo-10.21-150100.8.47.1
postgresql10-debugsource-10.21-150100.8.47.1
postgresql10-devel-10.21-150100.8.47.1
postgresql10-devel-debuginfo-10.21-150100.8.47.1
postgresql10-plperl-10.21-150100.8.47.1
postgresql10-plperl-debuginfo-10.21-150100.8.47.1
postgresql10-plpython-10.21-150100.8.47.1
postgresql10-plpython-debuginfo-10.21-150100.8.47.1
postgresql10-pltcl-10.21-150100.8.47.1
postgresql10-pltcl-debuginfo-10.21-150100.8.47.1
postgresql10-server-10.21-150100.8.47.1
postgresql10-server-debuginfo-10.21-150100.8.47.1
References:
https://www.suse.com/security/cve/CVE-2022-1552.html
https://bugzilla.suse.com/1199475
1
0
SUSE-SU-2022:1883-1: important: Security update for pcre2
by opensuse-security@opensuse.org 30 May '22
by opensuse-security@opensuse.org 30 May '22
30 May '22
SUSE Security Update: Security update for pcre2
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1883-1
Rating: important
References: #1199232
Cross-References: CVE-2022-1586
CVSS scores:
CVE-2022-1586 (NVD) : 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
CVE-2022-1586 (SUSE): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L
Affected Products:
SUSE CaaS Platform 4.0
SUSE Enterprise Storage 6
SUSE Enterprise Storage 7
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise High Performance Computing 15-ESPOS
SUSE Linux Enterprise High Performance Computing 15-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Micro 5.1
SUSE Linux Enterprise Micro 5.2
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Server 15-LTSS
SUSE Linux Enterprise Server 15-SP1-BCL
SUSE Linux Enterprise Server 15-SP1-LTSS
SUSE Linux Enterprise Server 15-SP2-BCL
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP 15
SUSE Linux Enterprise Server for SAP 15-SP1
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.1
SUSE Manager Server 4.1
SUSE Manager Server 4.2
openSUSE Leap 15.3
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for pcre2 fixes the following issues:
- CVE-2022-1586: Fixed out-of-bounds read via missing Unicode property
matching issue in JIT compiled regular expressions (bsc#1199232).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1883=1
- SUSE Manager Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-1883=1
- SUSE Manager Retail Branch Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-1883=1
- SUSE Manager Proxy 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-1883=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-1883=1
- SUSE Linux Enterprise Server for SAP 15-SP1:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2022-1883=1
- SUSE Linux Enterprise Server for SAP 15:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-2022-1883=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-1883=1
- SUSE Linux Enterprise Server 15-SP2-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-1883=1
- SUSE Linux Enterprise Server 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2022-1883=1
- SUSE Linux Enterprise Server 15-SP1-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-BCL-2022-1883=1
- SUSE Linux Enterprise Server 15-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-2022-1883=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-1883=1
- SUSE Linux Enterprise Micro 5.2:
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2022-1883=1
- SUSE Linux Enterprise Micro 5.1:
zypper in -t patch SUSE-SUSE-MicroOS-5.1-2022-1883=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-1883=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-1883=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-LTSS-2022-1883=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-ESPOS-2022-1883=1
- SUSE Linux Enterprise High Performance Computing 15-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-2022-1883=1
- SUSE Linux Enterprise High Performance Computing 15-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-2022-1883=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2022-1883=1
- SUSE Enterprise Storage 6:
zypper in -t patch SUSE-Storage-6-2022-1883=1
- SUSE CaaS Platform 4.0:
To install this update, use the SUSE CaaS Platform 'skuba' tool. It
will inform you if it detects new updates and let you then trigger
updating of the complete cluster in a controlled way.
Package List:
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
libpcre2-16-0-10.31-150000.3.7.1
libpcre2-16-0-debuginfo-10.31-150000.3.7.1
libpcre2-32-0-10.31-150000.3.7.1
libpcre2-32-0-debuginfo-10.31-150000.3.7.1
libpcre2-8-0-10.31-150000.3.7.1
libpcre2-8-0-debuginfo-10.31-150000.3.7.1
libpcre2-posix2-10.31-150000.3.7.1
libpcre2-posix2-debuginfo-10.31-150000.3.7.1
pcre2-debugsource-10.31-150000.3.7.1
pcre2-devel-10.31-150000.3.7.1
pcre2-devel-static-10.31-150000.3.7.1
pcre2-tools-10.31-150000.3.7.1
pcre2-tools-debuginfo-10.31-150000.3.7.1
- openSUSE Leap 15.3 (x86_64):
libpcre2-16-0-32bit-10.31-150000.3.7.1
libpcre2-16-0-32bit-debuginfo-10.31-150000.3.7.1
libpcre2-32-0-32bit-10.31-150000.3.7.1
libpcre2-32-0-32bit-debuginfo-10.31-150000.3.7.1
libpcre2-8-0-32bit-10.31-150000.3.7.1
libpcre2-8-0-32bit-debuginfo-10.31-150000.3.7.1
libpcre2-posix2-32bit-10.31-150000.3.7.1
libpcre2-posix2-32bit-debuginfo-10.31-150000.3.7.1
- openSUSE Leap 15.3 (noarch):
pcre2-doc-10.31-150000.3.7.1
- SUSE Manager Server 4.1 (ppc64le s390x x86_64):
libpcre2-16-0-10.31-150000.3.7.1
libpcre2-16-0-debuginfo-10.31-150000.3.7.1
libpcre2-32-0-10.31-150000.3.7.1
libpcre2-32-0-debuginfo-10.31-150000.3.7.1
libpcre2-8-0-10.31-150000.3.7.1
libpcre2-8-0-debuginfo-10.31-150000.3.7.1
libpcre2-posix2-10.31-150000.3.7.1
libpcre2-posix2-debuginfo-10.31-150000.3.7.1
pcre2-debugsource-10.31-150000.3.7.1
pcre2-devel-10.31-150000.3.7.1
- SUSE Manager Retail Branch Server 4.1 (x86_64):
libpcre2-16-0-10.31-150000.3.7.1
libpcre2-16-0-debuginfo-10.31-150000.3.7.1
libpcre2-32-0-10.31-150000.3.7.1
libpcre2-32-0-debuginfo-10.31-150000.3.7.1
libpcre2-8-0-10.31-150000.3.7.1
libpcre2-8-0-debuginfo-10.31-150000.3.7.1
libpcre2-posix2-10.31-150000.3.7.1
libpcre2-posix2-debuginfo-10.31-150000.3.7.1
pcre2-debugsource-10.31-150000.3.7.1
pcre2-devel-10.31-150000.3.7.1
- SUSE Manager Proxy 4.1 (x86_64):
libpcre2-16-0-10.31-150000.3.7.1
libpcre2-16-0-debuginfo-10.31-150000.3.7.1
libpcre2-32-0-10.31-150000.3.7.1
libpcre2-32-0-debuginfo-10.31-150000.3.7.1
libpcre2-8-0-10.31-150000.3.7.1
libpcre2-8-0-debuginfo-10.31-150000.3.7.1
libpcre2-posix2-10.31-150000.3.7.1
libpcre2-posix2-debuginfo-10.31-150000.3.7.1
pcre2-debugsource-10.31-150000.3.7.1
pcre2-devel-10.31-150000.3.7.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64):
libpcre2-16-0-10.31-150000.3.7.1
libpcre2-16-0-debuginfo-10.31-150000.3.7.1
libpcre2-32-0-10.31-150000.3.7.1
libpcre2-32-0-debuginfo-10.31-150000.3.7.1
libpcre2-8-0-10.31-150000.3.7.1
libpcre2-8-0-debuginfo-10.31-150000.3.7.1
libpcre2-posix2-10.31-150000.3.7.1
libpcre2-posix2-debuginfo-10.31-150000.3.7.1
pcre2-debugsource-10.31-150000.3.7.1
pcre2-devel-10.31-150000.3.7.1
- SUSE Linux Enterprise Server for SAP 15-SP1 (ppc64le x86_64):
libpcre2-16-0-10.31-150000.3.7.1
libpcre2-16-0-debuginfo-10.31-150000.3.7.1
libpcre2-32-0-10.31-150000.3.7.1
libpcre2-32-0-debuginfo-10.31-150000.3.7.1
libpcre2-8-0-10.31-150000.3.7.1
libpcre2-8-0-debuginfo-10.31-150000.3.7.1
libpcre2-posix2-10.31-150000.3.7.1
libpcre2-posix2-debuginfo-10.31-150000.3.7.1
pcre2-debugsource-10.31-150000.3.7.1
pcre2-devel-10.31-150000.3.7.1
- SUSE Linux Enterprise Server for SAP 15 (ppc64le x86_64):
libpcre2-16-0-10.31-150000.3.7.1
libpcre2-16-0-debuginfo-10.31-150000.3.7.1
libpcre2-32-0-10.31-150000.3.7.1
libpcre2-32-0-debuginfo-10.31-150000.3.7.1
libpcre2-8-0-10.31-150000.3.7.1
libpcre2-8-0-debuginfo-10.31-150000.3.7.1
libpcre2-posix2-10.31-150000.3.7.1
libpcre2-posix2-debuginfo-10.31-150000.3.7.1
pcre2-debugsource-10.31-150000.3.7.1
pcre2-devel-10.31-150000.3.7.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64):
libpcre2-16-0-10.31-150000.3.7.1
libpcre2-16-0-debuginfo-10.31-150000.3.7.1
libpcre2-32-0-10.31-150000.3.7.1
libpcre2-32-0-debuginfo-10.31-150000.3.7.1
libpcre2-8-0-10.31-150000.3.7.1
libpcre2-8-0-debuginfo-10.31-150000.3.7.1
libpcre2-posix2-10.31-150000.3.7.1
libpcre2-posix2-debuginfo-10.31-150000.3.7.1
pcre2-debugsource-10.31-150000.3.7.1
pcre2-devel-10.31-150000.3.7.1
- SUSE Linux Enterprise Server 15-SP2-BCL (x86_64):
libpcre2-16-0-10.31-150000.3.7.1
libpcre2-16-0-debuginfo-10.31-150000.3.7.1
libpcre2-32-0-10.31-150000.3.7.1
libpcre2-32-0-debuginfo-10.31-150000.3.7.1
libpcre2-8-0-10.31-150000.3.7.1
libpcre2-8-0-debuginfo-10.31-150000.3.7.1
libpcre2-posix2-10.31-150000.3.7.1
libpcre2-posix2-debuginfo-10.31-150000.3.7.1
pcre2-debugsource-10.31-150000.3.7.1
pcre2-devel-10.31-150000.3.7.1
- SUSE Linux Enterprise Server 15-SP1-LTSS (aarch64 ppc64le s390x x86_64):
libpcre2-16-0-10.31-150000.3.7.1
libpcre2-16-0-debuginfo-10.31-150000.3.7.1
libpcre2-32-0-10.31-150000.3.7.1
libpcre2-32-0-debuginfo-10.31-150000.3.7.1
libpcre2-8-0-10.31-150000.3.7.1
libpcre2-8-0-debuginfo-10.31-150000.3.7.1
libpcre2-posix2-10.31-150000.3.7.1
libpcre2-posix2-debuginfo-10.31-150000.3.7.1
pcre2-debugsource-10.31-150000.3.7.1
pcre2-devel-10.31-150000.3.7.1
- SUSE Linux Enterprise Server 15-SP1-BCL (x86_64):
libpcre2-16-0-10.31-150000.3.7.1
libpcre2-16-0-debuginfo-10.31-150000.3.7.1
libpcre2-32-0-10.31-150000.3.7.1
libpcre2-32-0-debuginfo-10.31-150000.3.7.1
libpcre2-8-0-10.31-150000.3.7.1
libpcre2-8-0-debuginfo-10.31-150000.3.7.1
libpcre2-posix2-10.31-150000.3.7.1
libpcre2-posix2-debuginfo-10.31-150000.3.7.1
pcre2-debugsource-10.31-150000.3.7.1
pcre2-devel-10.31-150000.3.7.1
- SUSE Linux Enterprise Server 15-LTSS (aarch64 s390x):
libpcre2-16-0-10.31-150000.3.7.1
libpcre2-16-0-debuginfo-10.31-150000.3.7.1
libpcre2-32-0-10.31-150000.3.7.1
libpcre2-32-0-debuginfo-10.31-150000.3.7.1
libpcre2-8-0-10.31-150000.3.7.1
libpcre2-8-0-debuginfo-10.31-150000.3.7.1
libpcre2-posix2-10.31-150000.3.7.1
libpcre2-posix2-debuginfo-10.31-150000.3.7.1
pcre2-debugsource-10.31-150000.3.7.1
pcre2-devel-10.31-150000.3.7.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64):
libpcre2-16-0-10.31-150000.3.7.1
libpcre2-16-0-debuginfo-10.31-150000.3.7.1
libpcre2-32-0-10.31-150000.3.7.1
libpcre2-32-0-debuginfo-10.31-150000.3.7.1
libpcre2-8-0-10.31-150000.3.7.1
libpcre2-8-0-debuginfo-10.31-150000.3.7.1
libpcre2-posix2-10.31-150000.3.7.1
libpcre2-posix2-debuginfo-10.31-150000.3.7.1
pcre2-debugsource-10.31-150000.3.7.1
pcre2-devel-10.31-150000.3.7.1
- SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64):
libpcre2-8-0-10.31-150000.3.7.1
libpcre2-8-0-debuginfo-10.31-150000.3.7.1
pcre2-debugsource-10.31-150000.3.7.1
- SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64):
libpcre2-8-0-10.31-150000.3.7.1
libpcre2-8-0-debuginfo-10.31-150000.3.7.1
pcre2-debugsource-10.31-150000.3.7.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64):
libpcre2-16-0-10.31-150000.3.7.1
libpcre2-16-0-debuginfo-10.31-150000.3.7.1
libpcre2-32-0-10.31-150000.3.7.1
libpcre2-32-0-debuginfo-10.31-150000.3.7.1
libpcre2-8-0-10.31-150000.3.7.1
libpcre2-8-0-debuginfo-10.31-150000.3.7.1
libpcre2-posix2-10.31-150000.3.7.1
libpcre2-posix2-debuginfo-10.31-150000.3.7.1
pcre2-debugsource-10.31-150000.3.7.1
pcre2-devel-10.31-150000.3.7.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (aarch64 x86_64):
libpcre2-16-0-10.31-150000.3.7.1
libpcre2-16-0-debuginfo-10.31-150000.3.7.1
libpcre2-32-0-10.31-150000.3.7.1
libpcre2-32-0-debuginfo-10.31-150000.3.7.1
libpcre2-8-0-10.31-150000.3.7.1
libpcre2-8-0-debuginfo-10.31-150000.3.7.1
libpcre2-posix2-10.31-150000.3.7.1
libpcre2-posix2-debuginfo-10.31-150000.3.7.1
pcre2-debugsource-10.31-150000.3.7.1
pcre2-devel-10.31-150000.3.7.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (aarch64 x86_64):
libpcre2-16-0-10.31-150000.3.7.1
libpcre2-16-0-debuginfo-10.31-150000.3.7.1
libpcre2-32-0-10.31-150000.3.7.1
libpcre2-32-0-debuginfo-10.31-150000.3.7.1
libpcre2-8-0-10.31-150000.3.7.1
libpcre2-8-0-debuginfo-10.31-150000.3.7.1
libpcre2-posix2-10.31-150000.3.7.1
libpcre2-posix2-debuginfo-10.31-150000.3.7.1
pcre2-debugsource-10.31-150000.3.7.1
pcre2-devel-10.31-150000.3.7.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (aarch64 x86_64):
libpcre2-16-0-10.31-150000.3.7.1
libpcre2-16-0-debuginfo-10.31-150000.3.7.1
libpcre2-32-0-10.31-150000.3.7.1
libpcre2-32-0-debuginfo-10.31-150000.3.7.1
libpcre2-8-0-10.31-150000.3.7.1
libpcre2-8-0-debuginfo-10.31-150000.3.7.1
libpcre2-posix2-10.31-150000.3.7.1
libpcre2-posix2-debuginfo-10.31-150000.3.7.1
pcre2-debugsource-10.31-150000.3.7.1
pcre2-devel-10.31-150000.3.7.1
- SUSE Linux Enterprise High Performance Computing 15-LTSS (aarch64 x86_64):
libpcre2-16-0-10.31-150000.3.7.1
libpcre2-16-0-debuginfo-10.31-150000.3.7.1
libpcre2-32-0-10.31-150000.3.7.1
libpcre2-32-0-debuginfo-10.31-150000.3.7.1
libpcre2-8-0-10.31-150000.3.7.1
libpcre2-8-0-debuginfo-10.31-150000.3.7.1
libpcre2-posix2-10.31-150000.3.7.1
libpcre2-posix2-debuginfo-10.31-150000.3.7.1
pcre2-debugsource-10.31-150000.3.7.1
pcre2-devel-10.31-150000.3.7.1
- SUSE Linux Enterprise High Performance Computing 15-ESPOS (aarch64 x86_64):
libpcre2-16-0-10.31-150000.3.7.1
libpcre2-16-0-debuginfo-10.31-150000.3.7.1
libpcre2-32-0-10.31-150000.3.7.1
libpcre2-32-0-debuginfo-10.31-150000.3.7.1
libpcre2-8-0-10.31-150000.3.7.1
libpcre2-8-0-debuginfo-10.31-150000.3.7.1
libpcre2-posix2-10.31-150000.3.7.1
libpcre2-posix2-debuginfo-10.31-150000.3.7.1
pcre2-debugsource-10.31-150000.3.7.1
pcre2-devel-10.31-150000.3.7.1
- SUSE Enterprise Storage 7 (aarch64 x86_64):
libpcre2-16-0-10.31-150000.3.7.1
libpcre2-16-0-debuginfo-10.31-150000.3.7.1
libpcre2-32-0-10.31-150000.3.7.1
libpcre2-32-0-debuginfo-10.31-150000.3.7.1
libpcre2-8-0-10.31-150000.3.7.1
libpcre2-8-0-debuginfo-10.31-150000.3.7.1
libpcre2-posix2-10.31-150000.3.7.1
libpcre2-posix2-debuginfo-10.31-150000.3.7.1
pcre2-debugsource-10.31-150000.3.7.1
pcre2-devel-10.31-150000.3.7.1
- SUSE Enterprise Storage 6 (aarch64 x86_64):
libpcre2-16-0-10.31-150000.3.7.1
libpcre2-16-0-debuginfo-10.31-150000.3.7.1
libpcre2-32-0-10.31-150000.3.7.1
libpcre2-32-0-debuginfo-10.31-150000.3.7.1
libpcre2-8-0-10.31-150000.3.7.1
libpcre2-8-0-debuginfo-10.31-150000.3.7.1
libpcre2-posix2-10.31-150000.3.7.1
libpcre2-posix2-debuginfo-10.31-150000.3.7.1
pcre2-debugsource-10.31-150000.3.7.1
pcre2-devel-10.31-150000.3.7.1
- SUSE CaaS Platform 4.0 (x86_64):
libpcre2-16-0-10.31-150000.3.7.1
libpcre2-16-0-debuginfo-10.31-150000.3.7.1
libpcre2-32-0-10.31-150000.3.7.1
libpcre2-32-0-debuginfo-10.31-150000.3.7.1
libpcre2-8-0-10.31-150000.3.7.1
libpcre2-8-0-debuginfo-10.31-150000.3.7.1
libpcre2-posix2-10.31-150000.3.7.1
libpcre2-posix2-debuginfo-10.31-150000.3.7.1
pcre2-debugsource-10.31-150000.3.7.1
pcre2-devel-10.31-150000.3.7.1
References:
https://www.suse.com/security/cve/CVE-2022-1586.html
https://bugzilla.suse.com/1199232
1
0
SUSE-SU-2022:1882-1: important: Security update for tiff
by opensuse-security@opensuse.org 30 May '22
by opensuse-security@opensuse.org 30 May '22
30 May '22
SUSE Security Update: Security update for tiff
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1882-1
Rating: important
References: #1195964 #1195965 #1197066 #1197068 #1197072
#1197073 #1197074 #1197631
Cross-References: CVE-2022-0561 CVE-2022-0562 CVE-2022-0865
CVE-2022-0891 CVE-2022-0908 CVE-2022-0909
CVE-2022-0924 CVE-2022-1056
CVSS scores:
CVE-2022-0561 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2022-0561 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2022-0562 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2022-0562 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2022-0865 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2022-0865 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2022-0891 (NVD) : 7.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H
CVE-2022-0891 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-0908 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2022-0908 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2022-0909 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2022-0909 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2022-0924 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2022-0924 (SUSE): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CVE-2022-1056 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2022-1056 (SUSE): 7.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H
Affected Products:
SUSE CaaS Platform 4.0
SUSE Enterprise Storage 6
SUSE Enterprise Storage 7
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-ESPOS
SUSE Linux Enterprise High Performance Computing 15-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Micro 5.2
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Module for Desktop Applications 15-SP3
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4
SUSE Linux Enterprise Server 15-LTSS
SUSE Linux Enterprise Server 15-SP1-BCL
SUSE Linux Enterprise Server 15-SP1-LTSS
SUSE Linux Enterprise Server 15-SP2-BCL
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP 15
SUSE Linux Enterprise Server for SAP 15-SP1
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.1
SUSE Manager Server 4.1
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes 8 vulnerabilities is now available.
Description:
This update for tiff fixes the following issues:
- CVE-2022-0561: Fixed null source pointer passed as an argument to
memcpy() within TIFFFetchStripThing() in tif_dirread.c (bsc#1195964).
- CVE-2022-0562: Fixed null source pointer passed as an argument to
memcpy() within TIFFReadDirectory() in tif_dirread.c (bsc#1195965).
- CVE-2022-0865: Fixed assertion failure in TIFFReadAndRealloc
(bsc#1197066).
- CVE-2022-0909: Fixed divide by zero error in tiffcrop that could have
led to a denial-of-service via a crafted tiff file (bsc#1197072).
- CVE-2022-0924: Fixed out-of-bounds read error in tiffcp that could have
led to a denial-of-service via a crafted tiff file (bsc#1197073).
- CVE-2022-0908: Fixed null source pointer passed as an argument to memcpy
in TIFFFetchNormalTag() (bsc#1197074).
- CVE-2022-1056: Fixed out-of-bounds read error in tiffcrop that could
have led to a denial-of-service via a crafted tiff file (bsc#1197631).
- CVE-2022-0891: Fixed heap buffer overflow in extractImageSection
(bsc#1197068).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1882=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1882=1
- SUSE Manager Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-1882=1
- SUSE Manager Retail Branch Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-1882=1
- SUSE Manager Proxy 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-1882=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-1882=1
- SUSE Linux Enterprise Server for SAP 15-SP1:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2022-1882=1
- SUSE Linux Enterprise Server for SAP 15:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-2022-1882=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-1882=1
- SUSE Linux Enterprise Server 15-SP2-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-1882=1
- SUSE Linux Enterprise Server 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2022-1882=1
- SUSE Linux Enterprise Server 15-SP1-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-BCL-2022-1882=1
- SUSE Linux Enterprise Server 15-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-2022-1882=1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4:
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP4-2022-1882=1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3:
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP3-2022-1882=1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP3:
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP3-2022-1882=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-1882=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-1882=1
- SUSE Linux Enterprise Micro 5.2:
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2022-1882=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-1882=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-1882=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-LTSS-2022-1882=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-ESPOS-2022-1882=1
- SUSE Linux Enterprise High Performance Computing 15-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-2022-1882=1
- SUSE Linux Enterprise High Performance Computing 15-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-2022-1882=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2022-1882=1
- SUSE Enterprise Storage 6:
zypper in -t patch SUSE-Storage-6-2022-1882=1
- SUSE CaaS Platform 4.0:
To install this update, use the SUSE CaaS Platform 'skuba' tool. It
will inform you if it detects new updates and let you then trigger
updating of the complete cluster in a controlled way.
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
libtiff-devel-4.0.9-150000.45.8.1
libtiff5-4.0.9-150000.45.8.1
libtiff5-debuginfo-4.0.9-150000.45.8.1
tiff-4.0.9-150000.45.8.1
tiff-debuginfo-4.0.9-150000.45.8.1
tiff-debugsource-4.0.9-150000.45.8.1
- openSUSE Leap 15.4 (x86_64):
libtiff-devel-32bit-4.0.9-150000.45.8.1
libtiff5-32bit-4.0.9-150000.45.8.1
libtiff5-32bit-debuginfo-4.0.9-150000.45.8.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
libtiff-devel-4.0.9-150000.45.8.1
libtiff5-4.0.9-150000.45.8.1
libtiff5-debuginfo-4.0.9-150000.45.8.1
tiff-4.0.9-150000.45.8.1
tiff-debuginfo-4.0.9-150000.45.8.1
tiff-debugsource-4.0.9-150000.45.8.1
- openSUSE Leap 15.3 (x86_64):
libtiff-devel-32bit-4.0.9-150000.45.8.1
libtiff5-32bit-4.0.9-150000.45.8.1
libtiff5-32bit-debuginfo-4.0.9-150000.45.8.1
- SUSE Manager Server 4.1 (ppc64le s390x x86_64):
libtiff-devel-4.0.9-150000.45.8.1
libtiff5-4.0.9-150000.45.8.1
libtiff5-debuginfo-4.0.9-150000.45.8.1
tiff-debuginfo-4.0.9-150000.45.8.1
tiff-debugsource-4.0.9-150000.45.8.1
- SUSE Manager Server 4.1 (x86_64):
libtiff5-32bit-4.0.9-150000.45.8.1
libtiff5-32bit-debuginfo-4.0.9-150000.45.8.1
- SUSE Manager Retail Branch Server 4.1 (x86_64):
libtiff-devel-4.0.9-150000.45.8.1
libtiff5-32bit-4.0.9-150000.45.8.1
libtiff5-32bit-debuginfo-4.0.9-150000.45.8.1
libtiff5-4.0.9-150000.45.8.1
libtiff5-debuginfo-4.0.9-150000.45.8.1
tiff-debuginfo-4.0.9-150000.45.8.1
tiff-debugsource-4.0.9-150000.45.8.1
- SUSE Manager Proxy 4.1 (x86_64):
libtiff-devel-4.0.9-150000.45.8.1
libtiff5-32bit-4.0.9-150000.45.8.1
libtiff5-32bit-debuginfo-4.0.9-150000.45.8.1
libtiff5-4.0.9-150000.45.8.1
libtiff5-debuginfo-4.0.9-150000.45.8.1
tiff-debuginfo-4.0.9-150000.45.8.1
tiff-debugsource-4.0.9-150000.45.8.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64):
libtiff-devel-4.0.9-150000.45.8.1
libtiff5-4.0.9-150000.45.8.1
libtiff5-debuginfo-4.0.9-150000.45.8.1
tiff-debuginfo-4.0.9-150000.45.8.1
tiff-debugsource-4.0.9-150000.45.8.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (x86_64):
libtiff5-32bit-4.0.9-150000.45.8.1
libtiff5-32bit-debuginfo-4.0.9-150000.45.8.1
- SUSE Linux Enterprise Server for SAP 15-SP1 (ppc64le x86_64):
libtiff-devel-4.0.9-150000.45.8.1
libtiff5-4.0.9-150000.45.8.1
libtiff5-debuginfo-4.0.9-150000.45.8.1
tiff-debuginfo-4.0.9-150000.45.8.1
tiff-debugsource-4.0.9-150000.45.8.1
- SUSE Linux Enterprise Server for SAP 15-SP1 (x86_64):
libtiff5-32bit-4.0.9-150000.45.8.1
libtiff5-32bit-debuginfo-4.0.9-150000.45.8.1
- SUSE Linux Enterprise Server for SAP 15 (ppc64le x86_64):
libtiff-devel-4.0.9-150000.45.8.1
libtiff5-4.0.9-150000.45.8.1
libtiff5-debuginfo-4.0.9-150000.45.8.1
tiff-debuginfo-4.0.9-150000.45.8.1
tiff-debugsource-4.0.9-150000.45.8.1
- SUSE Linux Enterprise Server for SAP 15 (x86_64):
libtiff5-32bit-4.0.9-150000.45.8.1
libtiff5-32bit-debuginfo-4.0.9-150000.45.8.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64):
libtiff-devel-4.0.9-150000.45.8.1
libtiff5-4.0.9-150000.45.8.1
libtiff5-debuginfo-4.0.9-150000.45.8.1
tiff-debuginfo-4.0.9-150000.45.8.1
tiff-debugsource-4.0.9-150000.45.8.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (x86_64):
libtiff5-32bit-4.0.9-150000.45.8.1
libtiff5-32bit-debuginfo-4.0.9-150000.45.8.1
- SUSE Linux Enterprise Server 15-SP2-BCL (x86_64):
libtiff-devel-4.0.9-150000.45.8.1
libtiff5-32bit-4.0.9-150000.45.8.1
libtiff5-32bit-debuginfo-4.0.9-150000.45.8.1
libtiff5-4.0.9-150000.45.8.1
libtiff5-debuginfo-4.0.9-150000.45.8.1
tiff-debuginfo-4.0.9-150000.45.8.1
tiff-debugsource-4.0.9-150000.45.8.1
- SUSE Linux Enterprise Server 15-SP1-LTSS (aarch64 ppc64le s390x x86_64):
libtiff-devel-4.0.9-150000.45.8.1
libtiff5-4.0.9-150000.45.8.1
libtiff5-debuginfo-4.0.9-150000.45.8.1
tiff-debuginfo-4.0.9-150000.45.8.1
tiff-debugsource-4.0.9-150000.45.8.1
- SUSE Linux Enterprise Server 15-SP1-LTSS (x86_64):
libtiff5-32bit-4.0.9-150000.45.8.1
libtiff5-32bit-debuginfo-4.0.9-150000.45.8.1
- SUSE Linux Enterprise Server 15-SP1-BCL (x86_64):
libtiff-devel-4.0.9-150000.45.8.1
libtiff5-32bit-4.0.9-150000.45.8.1
libtiff5-32bit-debuginfo-4.0.9-150000.45.8.1
libtiff5-4.0.9-150000.45.8.1
libtiff5-debuginfo-4.0.9-150000.45.8.1
tiff-debuginfo-4.0.9-150000.45.8.1
tiff-debugsource-4.0.9-150000.45.8.1
- SUSE Linux Enterprise Server 15-LTSS (aarch64 s390x):
libtiff-devel-4.0.9-150000.45.8.1
libtiff5-4.0.9-150000.45.8.1
libtiff5-debuginfo-4.0.9-150000.45.8.1
tiff-debuginfo-4.0.9-150000.45.8.1
tiff-debugsource-4.0.9-150000.45.8.1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4 (aarch64 ppc64le s390x x86_64):
tiff-4.0.9-150000.45.8.1
tiff-debuginfo-4.0.9-150000.45.8.1
tiff-debugsource-4.0.9-150000.45.8.1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3 (aarch64 ppc64le s390x x86_64):
tiff-4.0.9-150000.45.8.1
tiff-debuginfo-4.0.9-150000.45.8.1
tiff-debugsource-4.0.9-150000.45.8.1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3 (x86_64):
libtiff5-32bit-4.0.9-150000.45.8.1
libtiff5-32bit-debuginfo-4.0.9-150000.45.8.1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP3 (x86_64):
libtiff5-32bit-4.0.9-150000.45.8.1
libtiff5-32bit-debuginfo-4.0.9-150000.45.8.1
tiff-debugsource-4.0.9-150000.45.8.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64 ppc64le s390x x86_64):
libtiff-devel-4.0.9-150000.45.8.1
libtiff5-4.0.9-150000.45.8.1
libtiff5-debuginfo-4.0.9-150000.45.8.1
tiff-debuginfo-4.0.9-150000.45.8.1
tiff-debugsource-4.0.9-150000.45.8.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (x86_64):
libtiff5-32bit-4.0.9-150000.45.8.1
libtiff5-32bit-debuginfo-4.0.9-150000.45.8.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64):
libtiff-devel-4.0.9-150000.45.8.1
libtiff5-4.0.9-150000.45.8.1
libtiff5-debuginfo-4.0.9-150000.45.8.1
tiff-debuginfo-4.0.9-150000.45.8.1
tiff-debugsource-4.0.9-150000.45.8.1
- SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64):
libtiff5-4.0.9-150000.45.8.1
libtiff5-debuginfo-4.0.9-150000.45.8.1
tiff-debuginfo-4.0.9-150000.45.8.1
tiff-debugsource-4.0.9-150000.45.8.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64):
libtiff-devel-4.0.9-150000.45.8.1
libtiff5-4.0.9-150000.45.8.1
libtiff5-debuginfo-4.0.9-150000.45.8.1
tiff-debuginfo-4.0.9-150000.45.8.1
tiff-debugsource-4.0.9-150000.45.8.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (x86_64):
libtiff5-32bit-4.0.9-150000.45.8.1
libtiff5-32bit-debuginfo-4.0.9-150000.45.8.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (aarch64 x86_64):
libtiff-devel-4.0.9-150000.45.8.1
libtiff5-4.0.9-150000.45.8.1
libtiff5-debuginfo-4.0.9-150000.45.8.1
tiff-debuginfo-4.0.9-150000.45.8.1
tiff-debugsource-4.0.9-150000.45.8.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (x86_64):
libtiff5-32bit-4.0.9-150000.45.8.1
libtiff5-32bit-debuginfo-4.0.9-150000.45.8.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (aarch64 x86_64):
libtiff-devel-4.0.9-150000.45.8.1
libtiff5-4.0.9-150000.45.8.1
libtiff5-debuginfo-4.0.9-150000.45.8.1
tiff-debuginfo-4.0.9-150000.45.8.1
tiff-debugsource-4.0.9-150000.45.8.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (x86_64):
libtiff5-32bit-4.0.9-150000.45.8.1
libtiff5-32bit-debuginfo-4.0.9-150000.45.8.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (aarch64 x86_64):
libtiff-devel-4.0.9-150000.45.8.1
libtiff5-4.0.9-150000.45.8.1
libtiff5-debuginfo-4.0.9-150000.45.8.1
tiff-debuginfo-4.0.9-150000.45.8.1
tiff-debugsource-4.0.9-150000.45.8.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (x86_64):
libtiff5-32bit-4.0.9-150000.45.8.1
libtiff5-32bit-debuginfo-4.0.9-150000.45.8.1
- SUSE Linux Enterprise High Performance Computing 15-LTSS (aarch64 x86_64):
libtiff-devel-4.0.9-150000.45.8.1
libtiff5-4.0.9-150000.45.8.1
libtiff5-debuginfo-4.0.9-150000.45.8.1
tiff-debuginfo-4.0.9-150000.45.8.1
tiff-debugsource-4.0.9-150000.45.8.1
- SUSE Linux Enterprise High Performance Computing 15-LTSS (x86_64):
libtiff5-32bit-4.0.9-150000.45.8.1
libtiff5-32bit-debuginfo-4.0.9-150000.45.8.1
- SUSE Linux Enterprise High Performance Computing 15-ESPOS (aarch64 x86_64):
libtiff-devel-4.0.9-150000.45.8.1
libtiff5-4.0.9-150000.45.8.1
libtiff5-debuginfo-4.0.9-150000.45.8.1
tiff-debuginfo-4.0.9-150000.45.8.1
tiff-debugsource-4.0.9-150000.45.8.1
- SUSE Linux Enterprise High Performance Computing 15-ESPOS (x86_64):
libtiff5-32bit-4.0.9-150000.45.8.1
libtiff5-32bit-debuginfo-4.0.9-150000.45.8.1
- SUSE Enterprise Storage 7 (aarch64 x86_64):
libtiff-devel-4.0.9-150000.45.8.1
libtiff5-4.0.9-150000.45.8.1
libtiff5-debuginfo-4.0.9-150000.45.8.1
tiff-debuginfo-4.0.9-150000.45.8.1
tiff-debugsource-4.0.9-150000.45.8.1
- SUSE Enterprise Storage 7 (x86_64):
libtiff5-32bit-4.0.9-150000.45.8.1
libtiff5-32bit-debuginfo-4.0.9-150000.45.8.1
- SUSE Enterprise Storage 6 (aarch64 x86_64):
libtiff-devel-4.0.9-150000.45.8.1
libtiff5-4.0.9-150000.45.8.1
libtiff5-debuginfo-4.0.9-150000.45.8.1
tiff-debuginfo-4.0.9-150000.45.8.1
tiff-debugsource-4.0.9-150000.45.8.1
- SUSE Enterprise Storage 6 (x86_64):
libtiff5-32bit-4.0.9-150000.45.8.1
libtiff5-32bit-debuginfo-4.0.9-150000.45.8.1
- SUSE CaaS Platform 4.0 (x86_64):
libtiff-devel-4.0.9-150000.45.8.1
libtiff5-32bit-4.0.9-150000.45.8.1
libtiff5-32bit-debuginfo-4.0.9-150000.45.8.1
libtiff5-4.0.9-150000.45.8.1
libtiff5-debuginfo-4.0.9-150000.45.8.1
tiff-debuginfo-4.0.9-150000.45.8.1
tiff-debugsource-4.0.9-150000.45.8.1
References:
https://www.suse.com/security/cve/CVE-2022-0561.html
https://www.suse.com/security/cve/CVE-2022-0562.html
https://www.suse.com/security/cve/CVE-2022-0865.html
https://www.suse.com/security/cve/CVE-2022-0891.html
https://www.suse.com/security/cve/CVE-2022-0908.html
https://www.suse.com/security/cve/CVE-2022-0909.html
https://www.suse.com/security/cve/CVE-2022-0924.html
https://www.suse.com/security/cve/CVE-2022-1056.html
https://bugzilla.suse.com/1195964
https://bugzilla.suse.com/1195965
https://bugzilla.suse.com/1197066
https://bugzilla.suse.com/1197068
https://bugzilla.suse.com/1197072
https://bugzilla.suse.com/1197073
https://bugzilla.suse.com/1197074
https://bugzilla.suse.com/1197631
1
0
openSUSE-SU-2022:0156-1: important: Security update for opera
by opensuse-security@opensuse.org 28 May '22
by opensuse-security@opensuse.org 28 May '22
28 May '22
openSUSE Security Update: Security update for opera
______________________________________________________________________________
Announcement ID: openSUSE-SU-2022:0156-1
Rating: important
References:
Cross-References: CVE-2022-1364 CVE-2022-1633 CVE-2022-1634
CVE-2022-1635 CVE-2022-1636 CVE-2022-1637
CVE-2022-1638 CVE-2022-1639 CVE-2022-1640
CVE-2022-1641
Affected Products:
openSUSE Leap 15.4:NonFree
______________________________________________________________________________
An update that fixes 10 vulnerabilities is now available.
Description:
This update for opera fixes the following issues:
Update to 87.0.4390.25:
- CHR-8870 Update chromium on desktop-stable-101-4390 to 101.0.4951.64
- DNA-99209 Enable #easy-files-multiupload on all streams
- DNA-99325 Use a preference to set number of recent searches and
recently closed in unfiltered dropdown
- DNA-99353 Translations for O87
- DNA-99365 Adding title to the first category duplicates categories
titles in the dropdown
- DNA-99385 Feedback button in filtered dropdown can overlap with
other web buttons for highlighted suggestion
- DNA-99391 Add bookmarks at the bottom of a bookmarks bar folder
- DNA-99491 Suggestion is not immediately removed form recent searches
view in dropdown.
- DNA-99501 Promote O87 to stable
- DNA-99504 ���Switch to tab��� button is not aligned to the right for
some categories in dropdown
- The update to chromium 101.0.4951.64 fixes following issues:
CVE-2022-1633, CVE-2022-1634, CVE-2022-1635, CVE-2022-1636,
CVE-2022-1637, CVE-2022-1638, CVE-2022-1639, CVE-2022-1640, CVE-2022-1641
- Complete Opera 87.0 changelog at:
https://blogs.opera.com/desktop/changelog-for-87/
- Update to 86.0.4363.59
- DNA-99021 Crash in sidebar when extension of sidebar item was
uninstalled
- DNA-99359 Crash at opera::
ContinueShoppingExpiredProductRemoverImpl::RemoveExpiredProducts()
- Update to 86.0.4363.50
- DNA-68493 Opera doesn���t close address field drop-down when dragging
text from the address field
- DNA-99003 Crash at views::Widget::GetNativeView() const
- DNA-99133 BrowserSidebarWithProxyAuthTest.PreloadWithWebModalDialog
fails
- DNA-99230 Switching search engine with shortcut stopped working after
DNA-99178
- DNA-99317 Make history match appear on top
- Update to 86.0.4363.32
- DNA-98510 Blank icon in sidebar setup
- DNA-98525 Unable to drag tab to far right
- DNA-98893 Sound indicator is too precise in Google Meet
- DNA-98919 Shopping corner internal API access update
- DNA-98924 Tab tooltip gets stuck on screen
- DNA-98981 Enable easy-files-multiupload on developer stream
- DNA-99041 Move Shopping Corner to sidebar entry
- DNA-99061 Enable #address-bar-dropdown-categories on all streams
- DNA-99062 Create flag to show top sites and recently closed in
unfiltered suggestions
- DNA-99064 Hard to drag & drop current URL to a specific folder
on bookmarks bar when unfiltered dropdown is displayed
- DNA-99070 Make scroll button in Continue On scroll multiple items
- DNA-99089 Shopping corner tab is not preserved after restart
- DNA-99115 Request updating the Avro schema for sidebar event
- DNA-99117 Make sure shopping corner is enabled by default
- DNA-99178 Left/right not working in address bar dropdown
- DNA-99204 Hide Shopping Corner by default
- Update to 86.0.4363.23
- CHR-8843 Update chromium on desktop-stable-100-4363 to 100.0.4896.127
- DNA-98236 Turn on #snap-text-selection on all streams
- DNA-98507 DCHECK at address_bar_controller.cc(547)
- DNA-98528 Suggestions for internal pages disappear when typing their
full name
- DNA-98538 Change name of "Opera Crypto Wallet" to "Crypto Wallet"
- DNA-98540 Booking.com used instead of custom search engine
- DNA-98587 Favicon of booking suggestion in the city category is
unexpectedly changing
- DNA-98605 City suggestions should show URL in address field when
selected
- DNA-98608 #address-bar-dropdown-categories expired
- DNA-98616 Add recent searches to 'old' BABE
- DNA-98668 Switch to tab button leads to wrong tab
- DNA-98673 Improve suggestion removal handling in suggestion providers
- DNA-98681 Remove unused suggestion consumers
- DNA-98684 Have a dedicated SuggestionList for the new address bar
dropdown
- DNA-98685 Enable #native-crypto-wallet on developer
- DNA-98688 "Disable this feature" mini-menu settings is non-intuitive
- DNA-98690 Autocompleted text stayed in address field after removing
suggestion
- DNA-98738 Inline autocomplete suggestion for SD disappears after
typing 3rd letter of SD name
- DNA-98743 Blank dropdown after pressing space key
- DNA-98783 Improve showing suggestions with long URLs or page titles
- DNA-98785 "Switch to tab" button not shown for suggestions with www
subdomain when typing domain text
- DNA-98879 "Disable suggestions before typing" mini-menu option should
change to "Enable suggestions before typing" when being selected
- DNA-98917 Translations for O86
- DNA-98975 Turn on #snap-crop-tool on all channels
- DNA-98980 Enable #native-crypto-wallet on all streams
- DNA-99005 The sidebar item is not visible for already active crypto
wallet users when #native-crypto-wallet flag is enabled.
- DNA-99007 Crash at TemplateURLRef::ParseIfNecessary(SearchTermsData
const&) const
- DNA-99047 Promote O86 to stable
- The update to chromium 100.0.4896.127 fixes following issues:
CVE-2022-1364
- Complete Opera 86.0 changelog at:
https://blogs.opera.com/desktop/changelog-for-86/
- Update to 85.0.4341.60
- DNA-98666 Set baidu as default search engine in China
- DNA-98707 Hint is not displayed for new crypto wallet sidebar icon
- DNA-98775 RichHintsSearchEngineCondition.testSogouSearchEngine errors
- Update to 85.0.4341.47
- DNA-98249 Add feature flag #native-crypto-wallet
- DNA-98250 Install extension on startup
- DNA-98251 Make Crypto Wallet setting enable / disable extension
- DNA-98252 Deactivate old desktop crypto wallet
- DNA-98253 Always show ���Crypto Wallet��� in Sidebar Setup
- DNA-98497 Crash when installing extension
- DNA-98506 Enable opera_feature_crypto_wallet_encryption
on desktop
- DNA-98510 Blank icon in sidebar setup
- DNA-98538 Change name of "Opera Crypto Wallet" to "Crypto Wallet"
- DNA-98685 Enable #native-crypto-wallet on developer
- DNA-98766 Crash at
opera::AddressBarControllerImpl::OpenNativeDropdown()
- DNA-98768 Crash at
extensions::ContentFilterPrivateIsWhitelistedFunction::Run()
- DNA-98770 Recent searches stay in address field after selecting entry
from dropdown
- DNA-98772 Screen sharing broken
- DNA-98803 Autofilled part appended after selecting address bar using
shortcut
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:NonFree:
zypper in -t patch openSUSE-2022-156=1
Package List:
- openSUSE Leap 15.4:NonFree (x86_64):
opera-87.0.4390.25-lp154.2.8.1
References:
https://www.suse.com/security/cve/CVE-2022-1364.html
https://www.suse.com/security/cve/CVE-2022-1633.html
https://www.suse.com/security/cve/CVE-2022-1634.html
https://www.suse.com/security/cve/CVE-2022-1635.html
https://www.suse.com/security/cve/CVE-2022-1636.html
https://www.suse.com/security/cve/CVE-2022-1637.html
https://www.suse.com/security/cve/CVE-2022-1638.html
https://www.suse.com/security/cve/CVE-2022-1639.html
https://www.suse.com/security/cve/CVE-2022-1640.html
https://www.suse.com/security/cve/CVE-2022-1641.html
1
0
SUSE-SU-2022:1870-1: important: Security update for curl
by opensuse-security@opensuse.org 27 May '22
by opensuse-security@opensuse.org 27 May '22
27 May '22
SUSE Security Update: Security update for curl
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1870-1
Rating: important
References: #1199223 #1199224
Cross-References: CVE-2022-27781 CVE-2022-27782
CVSS scores:
CVE-2022-27781 (SUSE): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2022-27782 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Affected Products:
SUSE Enterprise Storage 7
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Micro 5.1
SUSE Linux Enterprise Micro 5.2
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Server 15-SP2-BCL
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.1
SUSE Manager Server 4.1
SUSE Manager Server 4.2
openSUSE Leap 15.3
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for curl fixes the following issues:
- CVE-2022-27781: Fixed CERTINFO never-ending busy-loop (bsc#1199223)
- CVE-2022-27782: Fixed TLS and SSH connection too eager reuse
(bsc#1199224)
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1870=1
- SUSE Manager Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-1870=1
- SUSE Manager Retail Branch Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-1870=1
- SUSE Manager Proxy 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-1870=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-1870=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-1870=1
- SUSE Linux Enterprise Server 15-SP2-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-1870=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-1870=1
- SUSE Linux Enterprise Micro 5.2:
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2022-1870=1
- SUSE Linux Enterprise Micro 5.1:
zypper in -t patch SUSE-SUSE-MicroOS-5.1-2022-1870=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-1870=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-1870=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2022-1870=1
Package List:
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
curl-7.66.0-150200.4.33.1
curl-debuginfo-7.66.0-150200.4.33.1
curl-debugsource-7.66.0-150200.4.33.1
libcurl-devel-7.66.0-150200.4.33.1
libcurl4-7.66.0-150200.4.33.1
libcurl4-debuginfo-7.66.0-150200.4.33.1
- openSUSE Leap 15.3 (x86_64):
libcurl-devel-32bit-7.66.0-150200.4.33.1
libcurl4-32bit-7.66.0-150200.4.33.1
libcurl4-32bit-debuginfo-7.66.0-150200.4.33.1
- SUSE Manager Server 4.1 (ppc64le s390x x86_64):
curl-7.66.0-150200.4.33.1
curl-debuginfo-7.66.0-150200.4.33.1
curl-debugsource-7.66.0-150200.4.33.1
libcurl-devel-7.66.0-150200.4.33.1
libcurl4-7.66.0-150200.4.33.1
libcurl4-debuginfo-7.66.0-150200.4.33.1
- SUSE Manager Server 4.1 (x86_64):
libcurl4-32bit-7.66.0-150200.4.33.1
libcurl4-32bit-debuginfo-7.66.0-150200.4.33.1
- SUSE Manager Retail Branch Server 4.1 (x86_64):
curl-7.66.0-150200.4.33.1
curl-debuginfo-7.66.0-150200.4.33.1
curl-debugsource-7.66.0-150200.4.33.1
libcurl-devel-7.66.0-150200.4.33.1
libcurl4-32bit-7.66.0-150200.4.33.1
libcurl4-32bit-debuginfo-7.66.0-150200.4.33.1
libcurl4-7.66.0-150200.4.33.1
libcurl4-debuginfo-7.66.0-150200.4.33.1
- SUSE Manager Proxy 4.1 (x86_64):
curl-7.66.0-150200.4.33.1
curl-debuginfo-7.66.0-150200.4.33.1
curl-debugsource-7.66.0-150200.4.33.1
libcurl-devel-7.66.0-150200.4.33.1
libcurl4-32bit-7.66.0-150200.4.33.1
libcurl4-32bit-debuginfo-7.66.0-150200.4.33.1
libcurl4-7.66.0-150200.4.33.1
libcurl4-debuginfo-7.66.0-150200.4.33.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64):
curl-7.66.0-150200.4.33.1
curl-debuginfo-7.66.0-150200.4.33.1
curl-debugsource-7.66.0-150200.4.33.1
libcurl-devel-7.66.0-150200.4.33.1
libcurl4-7.66.0-150200.4.33.1
libcurl4-debuginfo-7.66.0-150200.4.33.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (x86_64):
libcurl4-32bit-7.66.0-150200.4.33.1
libcurl4-32bit-debuginfo-7.66.0-150200.4.33.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64):
curl-7.66.0-150200.4.33.1
curl-debuginfo-7.66.0-150200.4.33.1
curl-debugsource-7.66.0-150200.4.33.1
libcurl-devel-7.66.0-150200.4.33.1
libcurl4-7.66.0-150200.4.33.1
libcurl4-debuginfo-7.66.0-150200.4.33.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (x86_64):
libcurl4-32bit-7.66.0-150200.4.33.1
libcurl4-32bit-debuginfo-7.66.0-150200.4.33.1
- SUSE Linux Enterprise Server 15-SP2-BCL (x86_64):
curl-7.66.0-150200.4.33.1
curl-debuginfo-7.66.0-150200.4.33.1
curl-debugsource-7.66.0-150200.4.33.1
libcurl-devel-7.66.0-150200.4.33.1
libcurl4-32bit-7.66.0-150200.4.33.1
libcurl4-32bit-debuginfo-7.66.0-150200.4.33.1
libcurl4-7.66.0-150200.4.33.1
libcurl4-debuginfo-7.66.0-150200.4.33.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64):
curl-7.66.0-150200.4.33.1
curl-debuginfo-7.66.0-150200.4.33.1
curl-debugsource-7.66.0-150200.4.33.1
libcurl-devel-7.66.0-150200.4.33.1
libcurl4-7.66.0-150200.4.33.1
libcurl4-debuginfo-7.66.0-150200.4.33.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (x86_64):
libcurl4-32bit-7.66.0-150200.4.33.1
libcurl4-32bit-debuginfo-7.66.0-150200.4.33.1
- SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64):
curl-7.66.0-150200.4.33.1
curl-debuginfo-7.66.0-150200.4.33.1
curl-debugsource-7.66.0-150200.4.33.1
libcurl4-7.66.0-150200.4.33.1
libcurl4-debuginfo-7.66.0-150200.4.33.1
- SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64):
curl-7.66.0-150200.4.33.1
curl-debuginfo-7.66.0-150200.4.33.1
curl-debugsource-7.66.0-150200.4.33.1
libcurl4-7.66.0-150200.4.33.1
libcurl4-debuginfo-7.66.0-150200.4.33.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64):
curl-7.66.0-150200.4.33.1
curl-debuginfo-7.66.0-150200.4.33.1
curl-debugsource-7.66.0-150200.4.33.1
libcurl-devel-7.66.0-150200.4.33.1
libcurl4-7.66.0-150200.4.33.1
libcurl4-debuginfo-7.66.0-150200.4.33.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (x86_64):
libcurl4-32bit-7.66.0-150200.4.33.1
libcurl4-32bit-debuginfo-7.66.0-150200.4.33.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (aarch64 x86_64):
curl-7.66.0-150200.4.33.1
curl-debuginfo-7.66.0-150200.4.33.1
curl-debugsource-7.66.0-150200.4.33.1
libcurl-devel-7.66.0-150200.4.33.1
libcurl4-7.66.0-150200.4.33.1
libcurl4-debuginfo-7.66.0-150200.4.33.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (x86_64):
libcurl4-32bit-7.66.0-150200.4.33.1
libcurl4-32bit-debuginfo-7.66.0-150200.4.33.1
- SUSE Enterprise Storage 7 (aarch64 x86_64):
curl-7.66.0-150200.4.33.1
curl-debuginfo-7.66.0-150200.4.33.1
curl-debugsource-7.66.0-150200.4.33.1
libcurl-devel-7.66.0-150200.4.33.1
libcurl4-7.66.0-150200.4.33.1
libcurl4-debuginfo-7.66.0-150200.4.33.1
- SUSE Enterprise Storage 7 (x86_64):
libcurl4-32bit-7.66.0-150200.4.33.1
libcurl4-32bit-debuginfo-7.66.0-150200.4.33.1
References:
https://www.suse.com/security/cve/CVE-2022-27781.html
https://www.suse.com/security/cve/CVE-2022-27782.html
https://bugzilla.suse.com/1199223
https://bugzilla.suse.com/1199224
1
0
openSUSE-SU-2022:0151-1: moderate: Security update for bind
by opensuse-security@opensuse.org 27 May '22
by opensuse-security@opensuse.org 27 May '22
27 May '22
SUSE Security Update: Security update for bind
______________________________________________________________________________
Announcement ID: openSUSE-SU-2022:0151-1
Rating: moderate
References: #1192146 #1199370
Cross-References: CVE-2021-25219 CVE-2022-27114
CVSS scores:
CVE-2021-25219 (NVD) : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2021-25219 (SUSE): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2022-27114 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2022-27114 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Affected Products:
openSUSE Backports SLE-15-SP3
openSUSE Leap 15.3
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for bind fixes the following issues:
- CVE-2021-25219: Fixed flaw that allowed abusing lame cache to severely
degrade resolver performance (bsc#1192146).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-151=1
- openSUSE Backports SLE-15-SP3:
zypper in -t patch openSUSE-2022-151=1
Package List:
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
bind-9.16.6-150300.22.13.1
bind-chrootenv-9.16.6-150300.22.13.1
bind-debuginfo-9.16.6-150300.22.13.1
bind-debugsource-9.16.6-150300.22.13.1
bind-devel-9.16.6-150300.22.13.1
bind-utils-9.16.6-150300.22.13.1
bind-utils-debuginfo-9.16.6-150300.22.13.1
libbind9-1600-9.16.6-150300.22.13.1
libbind9-1600-debuginfo-9.16.6-150300.22.13.1
libdns1605-9.16.6-150300.22.13.1
libdns1605-debuginfo-9.16.6-150300.22.13.1
libirs-devel-9.16.6-150300.22.13.1
libirs1601-9.16.6-150300.22.13.1
libirs1601-debuginfo-9.16.6-150300.22.13.1
libisc1606-9.16.6-150300.22.13.1
libisc1606-debuginfo-9.16.6-150300.22.13.1
libisccc1600-9.16.6-150300.22.13.1
libisccc1600-debuginfo-9.16.6-150300.22.13.1
libisccfg1600-9.16.6-150300.22.13.1
libisccfg1600-debuginfo-9.16.6-150300.22.13.1
libns1604-9.16.6-150300.22.13.1
libns1604-debuginfo-9.16.6-150300.22.13.1
- openSUSE Leap 15.3 (noarch):
bind-doc-9.16.6-150300.22.13.1
python3-bind-9.16.6-150300.22.13.1
- openSUSE Backports SLE-15-SP3 (aarch64 i586 ppc64le s390x x86_64):
htmldoc-1.9.12-bp153.2.15.1
References:
https://www.suse.com/security/cve/CVE-2021-25219.html
https://www.suse.com/security/cve/CVE-2022-27114.html
https://bugzilla.suse.com/1192146
https://bugzilla.suse.com/1199370
1
0
openSUSE-SU-2022:0148-1: important: Security update for varnish
by opensuse-security@opensuse.org 27 May '22
by opensuse-security@opensuse.org 27 May '22
27 May '22
openSUSE Security Update: Security update for varnish
______________________________________________________________________________
Announcement ID: openSUSE-SU-2022:0148-1
Rating: important
References: #1181400 #1188470 #1195188
Cross-References: CVE-2021-36740 CVE-2022-23959
CVSS scores:
CVE-2021-36740 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
CVE-2021-36740 (SUSE): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-23959 (NVD) : 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
CVE-2022-23959 (SUSE): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
Affected Products:
openSUSE Backports SLE-15-SP3
______________________________________________________________________________
An update that solves two vulnerabilities and has one
errata is now available.
Description:
This update for varnish fixes the following issues:
varnish was updated to release 7.1.0 [boo#1195188] [CVE-2022-23959]
* VCL: It is now possible to assign a BLOB value to a BODY variable, in
addition to STRING as before.
* VMOD: New STRING strftime(TIME time, STRING format) function for UTC
formatting.
Update to release 6.6.1
* CVE-2021-36740: Fix an HTTP/2.0 request smuggling vulnerability.
[boo#1188470]
Update to release 6.6.0:
* The ban_cutoff parameter now refers to the overall length of the ban
list, including completed bans, where before only non-completed
(���active���) bans were counted towards ban_cutoff.
* Body bytes accounting has been fixed to always represent the number of
body bytes moved on the wire, exclusive of protocol-specific overhead
like HTTP/1 chunked encoding or HTTP/2 framing.
* The connection close reason has been fixed to properly report
SC_RESP_CLOSE where previously only SC_REQ_CLOSE was reported.
* Unless the new validate_headers feature is disabled, all newly set
headers are now validated to contain only characters allowed by RFC7230.
* The filter_re, keep_re and get_re functions from the bundled cookie vmod
have been changed to take the VCL_REGEX type. This implies that their
regular expression arguments now need to be literal, not e.g. string.
* The interface for private pointers in VMODs has been changed, the VRT
backend interface has been changed, many filter (VDP/VFP) related
signatures have been changed, and the stevedore API has been changed.
(Details thereto, see online changelog.)
Update to release 6.5.1
* Bump the VRT_MAJOR_VERSION number defined in the vrt.h
Update to release 6.5.0
* `PRIV_TOP` is now thread-safe to support parallel ESI implementations.
* varnishstat's JSON output format (-j option) has been changed.
* Behavior for 304-type responses was changed not to update the
Content-Encoding response header of the stored object.
- Update Git-Web repository link
Update to release 6.4.0
* The MAIN.sess_drop counter is gone.
* backend "none" was added for "no backend".
* The hash algorithm of the hash director was changed, so backend
selection will change once only when upgrading.
* It is now possible for VMOD authors to customize the connection pooling
of a dynamic backend.
* For more, see changes.rst.
Update to release 6.3.2
* Fix a denial of service vulnerability when using the proxy protocol
version 2.
Update to release 6.3.0
* The Host: header is folded to lower-case in the builtin_vcl.
* Improved performance of shared memory statistics counters.
* Synthetic objects created from vcl_backend_error {} now replace existing
stale objects as ordinary backend fetches would (for details see
changes.rst)
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Backports SLE-15-SP3:
zypper in -t patch openSUSE-2022-148=1
Package List:
- openSUSE Backports SLE-15-SP3 (aarch64 i586 ppc64le s390x x86_64):
libvarnishapi3-7.1.0-bp153.2.3.1
varnish-7.1.0-bp153.2.3.1
varnish-devel-7.1.0-bp153.2.3.1
References:
https://www.suse.com/security/cve/CVE-2021-36740.html
https://www.suse.com/security/cve/CVE-2022-23959.html
https://bugzilla.suse.com/1181400
https://bugzilla.suse.com/1188470
https://bugzilla.suse.com/1195188
1
0
openSUSE-SU-2022:0149-1: moderate: Security update for libredwg
by opensuse-security@opensuse.org 27 May '22
by opensuse-security@opensuse.org 27 May '22
27 May '22
SUSE Security Update: Security update for libredwg
______________________________________________________________________________
Announcement ID: openSUSE-SU-2022:0149-1
Rating: moderate
References: #1193372 #1194767
Cross-References: CVE-2021-28237 CVE-2022-21658
CVSS scores:
CVE-2022-21658 (NVD) : 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H
CVE-2022-21658 (SUSE): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Affected Products:
openSUSE Backports SLE-15-SP3
openSUSE Leap 15.3
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for libredwg fixes the following issues:
Update to release 0.12.5 [boo#1193372] [CVE-2021-28237]
* Restricted accepted DXF objects to all stable and unstable classes,
minus MATERIAL, ARC_DIMENSION, SUN, PROXY*. I.e. most unstable objects
do not allow unknown DXF codes anymore. This fixed most oss-fuzz errors.
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-149=1
- openSUSE Backports SLE-15-SP3:
zypper in -t patch openSUSE-2022-149=1
Package List:
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
cargo1.56-1.56.1-150300.7.6.1
cargo1.56-debuginfo-1.56.1-150300.7.6.1
rust1.56-1.56.1-150300.7.6.1
rust1.56-debuginfo-1.56.1-150300.7.6.1
- openSUSE Backports SLE-15-SP3 (aarch64 i586 ppc64le s390x x86_64):
libredwg-devel-0.12.5-bp153.2.3.1
libredwg-tools-0.12.5-bp153.2.3.1
libredwg0-0.12.5-bp153.2.3.1
References:
https://www.suse.com/security/cve/CVE-2021-28237.html
https://www.suse.com/security/cve/CVE-2022-21658.html
https://bugzilla.suse.com/1193372
https://bugzilla.suse.com/1194767
1
0
openSUSE-SU-2022:0150-1: important: Security update for seamonkey
by opensuse-security@opensuse.org 27 May '22
by opensuse-security@opensuse.org 27 May '22
27 May '22
openSUSE Security Update: Security update for seamonkey
______________________________________________________________________________
Announcement ID: openSUSE-SU-2022:0150-1
Rating: important
References: #1194735
Cross-References: CVE-2021-45417
CVSS scores:
CVE-2021-45417 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products:
openSUSE Leap 15.3
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for seamonkey fixes the following issues:
Update to SeaMonkey 2.53.12
* Format Toolbar forgets its hidden status when switching to other view
modes bug 1719020.
* Remove obsolete plugin code from SeaMonkey bug 1762733.
* Fix a few strict warnings in SeaMonkey bug 1755553.
* Remove Run Flash from Site permissions and page info bug 1758289.
* Use fixIterator and replace use of removeItemAt in FilterListDialog bug
1756359.
* Remove RDF usage in tabmail.js bug 1758282.
* Implement 'Edit Template' and 'New Message From Template' commands and
UI bug 1759376.
* [SM] Implement 'Edit Draft' command and hide it when not in a draft
folder (port Thunderbird bug 1106412) bug 1256716.
* Messages in Template folder need "Edit Template" button in header (like
for Drafts) bug 80280.
* Refactor and simplify the feed Subscribe dialog options updates bug
1420473.
* Add system memory and disk size and placeDB page limit to about:support
bug 1753729.
* Remove warning about missing plugins in SeaMonkey 2.53 and 2.57 bug
1755558.
* SeaMonkey 2.53.12 uses the same backend as Firefox and contains the
relevant Firefox 60.8 security fixes.
* SeaMonkey 2.53.12 shares most parts of the mail and news code with
Thunderbird. Please read the Thunderbird 60.8.0 release notes for
specific security fixes in this release.
* Additional important security fixes up to Current Firefox 91.9 and
Thunderbird 91.9 ESR plus many enhancements have been backported. We
will continue to enhance SeaMonkey security in subsequent 2.53.x beta
and release versions as fast as we are able to.
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-2022-150=1 openSUSE-SLE-15.3-2022-150=1
Package List:
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
aide-0.16-24.1
aide-debuginfo-0.16-24.1
aide-debugsource-0.16-24.1
aide-test-0.16-24.1
- openSUSE Leap 15.3 (i586 s390x x86_64):
seamonkey-2.53.12-lp153.17.8.2
seamonkey-debuginfo-2.53.12-lp153.17.8.2
seamonkey-debugsource-2.53.12-lp153.17.8.2
seamonkey-dom-inspector-2.53.12-lp153.17.8.2
seamonkey-irc-2.53.12-lp153.17.8.2
References:
https://www.suse.com/security/cve/CVE-2021-45417.html
https://bugzilla.suse.com/1194735
1
0
openSUSE-SU-2022:0147-1: important: Security update for opera
by opensuse-security@opensuse.org 26 May '22
by opensuse-security@opensuse.org 26 May '22
26 May '22
openSUSE Security Update: Security update for opera
______________________________________________________________________________
Announcement ID: openSUSE-SU-2022:0147-1
Rating: important
References:
Cross-References: CVE-2022-1633 CVE-2022-1634 CVE-2022-1635
CVE-2022-1636 CVE-2022-1637 CVE-2022-1638
CVE-2022-1639 CVE-2022-1640 CVE-2022-1641
Affected Products:
openSUSE Leap 15.3:NonFree
______________________________________________________________________________
An update that fixes 9 vulnerabilities is now available.
Description:
This update for opera fixes the following issues:
Update to 87.0.4390.25:
- CHR-8870 Update chromium on desktop-stable-101-4390 to 101.0.4951.64
- DNA-99209 Enable #easy-files-multiupload on all streams
- DNA-99325 Use a preference to set number of recent searches and
recently closed in unfiltered dropdown
- DNA-99353 Translations for O87
- DNA-99365 Adding title to the first category duplicates categories
titles in the dropdown
- DNA-99385 Feedback button in filtered dropdown can overlap with
other web buttons for highlighted suggestion
- DNA-99391 Add bookmarks at the bottom of a bookmarks bar folder
- DNA-99491 Suggestion is not immediately removed form recent searches
view in dropdown.
- DNA-99501 Promote O87 to stable
- DNA-99504 ���Switch to tab��� button is not aligned to the right for
some categories in dropdown
- The update to chromium 101.0.4951.64 fixes following issues:
CVE-2022-1633, CVE-2022-1634, CVE-2022-1635, CVE-2022-1636,
CVE-2022-1637, CVE-2022-1638, CVE-2022-1639, CVE-2022-1640, CVE-2022-1641
- Complete Opera 87.0 changelog at:
https://blogs.opera.com/desktop/changelog-for-87/
- Update to 86.0.4363.59
- DNA-99021 Crash in sidebar when extension of sidebar item was
uninstalled
- DNA-99359 Crash at opera::
ContinueShoppingExpiredProductRemoverImpl::RemoveExpiredProducts()
- Update to 86.0.4363.50
- DNA-68493 Opera doesn���t close address field drop-down when dragging
text from the address field
- DNA-99003 Crash at views::Widget::GetNativeView() const
- DNA-99133 BrowserSidebarWithProxyAuthTest.PreloadWithWebModalDialog
fails
- DNA-99230 Switching search engine with shortcut stopped working after
DNA-99178
- DNA-99317 Make history match appear on top
- Update to 86.0.4363.32
- DNA-98510 Blank icon in sidebar setup
- DNA-98525 Unable to drag tab to far right
- DNA-98893 Sound indicator is too precise in Google Meet
- DNA-98919 Shopping corner internal API access update
- DNA-98924 Tab tooltip gets stuck on screen
- DNA-98981 Enable easy-files-multiupload on developer stream
- DNA-99041 Move Shopping Corner to sidebar entry
- DNA-99061 Enable #address-bar-dropdown-categories on all streams
- DNA-99062 Create flag to show top sites and recently closed in
unfiltered suggestions
- DNA-99064 Hard to drag & drop current URL to a specific folder
on bookmarks bar when unfiltered dropdown is displayed
- DNA-99070 Make scroll button in Continue On scroll multiple items
- DNA-99089 Shopping corner tab is not preserved after restart
- DNA-99115 Request updating the Avro schema for sidebar event
- DNA-99117 Make sure shopping corner is enabled by default
- DNA-99178 Left/right not working in address bar dropdown
- DNA-99204 Hide Shopping Corner by default
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:NonFree:
zypper in -t patch openSUSE-2022-147=1
Package List:
- openSUSE Leap 15.3:NonFree (x86_64):
opera-87.0.4390.25-lp153.2.48.1
References:
https://www.suse.com/security/cve/CVE-2022-1633.html
https://www.suse.com/security/cve/CVE-2022-1634.html
https://www.suse.com/security/cve/CVE-2022-1635.html
https://www.suse.com/security/cve/CVE-2022-1636.html
https://www.suse.com/security/cve/CVE-2022-1637.html
https://www.suse.com/security/cve/CVE-2022-1638.html
https://www.suse.com/security/cve/CVE-2022-1639.html
https://www.suse.com/security/cve/CVE-2022-1640.html
https://www.suse.com/security/cve/CVE-2022-1641.html
1
0
SUSE-SU-2022:1862-1: moderate: Security update for go1.17
by opensuse-security@opensuse.org 26 May '22
by opensuse-security@opensuse.org 26 May '22
26 May '22
SUSE Security Update: Security update for go1.17
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1862-1
Rating: moderate
References: #1190649 #1199413
Cross-References: CVE-2022-29526
CVSS scores:
CVE-2022-29526 (SUSE): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products:
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Development Tools 15-SP3
SUSE Linux Enterprise Module for Development Tools 15-SP4
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that solves one vulnerability and has one errata
is now available.
Description:
This update for go1.17 fixes the following issues:
- CVE-2022-29526: Fixed faccessat() system call operation that checked the
wrong group (bsc#1199413).
- go1.17.10 (released 2022-05-10) (bsc#1190649).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1862=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1862=1
- SUSE Linux Enterprise Module for Development Tools 15-SP4:
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP4-2022-1862=1
- SUSE Linux Enterprise Module for Development Tools 15-SP3:
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP3-2022-1862=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
go1.17-1.17.10-150000.1.34.1
go1.17-doc-1.17.10-150000.1.34.1
- openSUSE Leap 15.4 (aarch64 x86_64):
go1.17-race-1.17.10-150000.1.34.1
- openSUSE Leap 15.3 (aarch64 i586 ppc64le s390x x86_64):
go1.17-1.17.10-150000.1.34.1
go1.17-doc-1.17.10-150000.1.34.1
- openSUSE Leap 15.3 (aarch64 x86_64):
go1.17-race-1.17.10-150000.1.34.1
- SUSE Linux Enterprise Module for Development Tools 15-SP4 (aarch64 ppc64le s390x x86_64):
go1.17-1.17.10-150000.1.34.1
go1.17-doc-1.17.10-150000.1.34.1
- SUSE Linux Enterprise Module for Development Tools 15-SP4 (aarch64 x86_64):
go1.17-race-1.17.10-150000.1.34.1
- SUSE Linux Enterprise Module for Development Tools 15-SP3 (aarch64 ppc64le s390x x86_64):
go1.17-1.17.10-150000.1.34.1
go1.17-doc-1.17.10-150000.1.34.1
- SUSE Linux Enterprise Module for Development Tools 15-SP3 (aarch64 x86_64):
go1.17-race-1.17.10-150000.1.34.1
References:
https://www.suse.com/security/cve/CVE-2022-29526.html
https://bugzilla.suse.com/1190649
https://bugzilla.suse.com/1199413
1
0
SUSE-SU-2022:1861-1: important: Security update for cups
by opensuse-security@opensuse.org 26 May '22
by opensuse-security@opensuse.org 26 May '22
26 May '22
SUSE Security Update: Security update for cups
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1861-1
Rating: important
References: #1199474
Cross-References: CVE-2022-26691
CVSS scores:
CVE-2022-26691 (SUSE): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products:
SUSE CaaS Platform 4.0
SUSE Enterprise Storage 6
SUSE Enterprise Storage 7
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-ESPOS
SUSE Linux Enterprise High Performance Computing 15-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Micro 5.2
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Module for Development Tools 15-SP3
SUSE Linux Enterprise Module for Development Tools 15-SP4
SUSE Linux Enterprise Server 15-LTSS
SUSE Linux Enterprise Server 15-SP1-BCL
SUSE Linux Enterprise Server 15-SP1-LTSS
SUSE Linux Enterprise Server 15-SP2-BCL
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP 15
SUSE Linux Enterprise Server for SAP 15-SP1
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.1
SUSE Manager Server 4.1
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for cups fixes the following issues:
- CVE-2022-26691: Fixed an authentication bypass and code execution
vulnerability (bsc#1199474)
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1861=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1861=1
- SUSE Manager Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-1861=1
- SUSE Manager Retail Branch Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-1861=1
- SUSE Manager Proxy 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-1861=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-1861=1
- SUSE Linux Enterprise Server for SAP 15-SP1:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2022-1861=1
- SUSE Linux Enterprise Server for SAP 15:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-2022-1861=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-1861=1
- SUSE Linux Enterprise Server 15-SP2-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-1861=1
- SUSE Linux Enterprise Server 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2022-1861=1
- SUSE Linux Enterprise Server 15-SP1-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-BCL-2022-1861=1
- SUSE Linux Enterprise Server 15-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-2022-1861=1
- SUSE Linux Enterprise Module for Development Tools 15-SP4:
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP4-2022-1861=1
- SUSE Linux Enterprise Module for Development Tools 15-SP3:
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP3-2022-1861=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-1861=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-1861=1
- SUSE Linux Enterprise Micro 5.2:
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2022-1861=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-1861=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-1861=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-LTSS-2022-1861=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-ESPOS-2022-1861=1
- SUSE Linux Enterprise High Performance Computing 15-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-2022-1861=1
- SUSE Linux Enterprise High Performance Computing 15-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-2022-1861=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2022-1861=1
- SUSE Enterprise Storage 6:
zypper in -t patch SUSE-Storage-6-2022-1861=1
- SUSE CaaS Platform 4.0:
To install this update, use the SUSE CaaS Platform 'skuba' tool. It
will inform you if it detects new updates and let you then trigger
updating of the complete cluster in a controlled way.
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
cups-2.2.7-150000.3.32.1
cups-client-2.2.7-150000.3.32.1
cups-client-debuginfo-2.2.7-150000.3.32.1
cups-config-2.2.7-150000.3.32.1
cups-ddk-2.2.7-150000.3.32.1
cups-ddk-debuginfo-2.2.7-150000.3.32.1
cups-debuginfo-2.2.7-150000.3.32.1
cups-debugsource-2.2.7-150000.3.32.1
cups-devel-2.2.7-150000.3.32.1
libcups2-2.2.7-150000.3.32.1
libcups2-debuginfo-2.2.7-150000.3.32.1
libcupscgi1-2.2.7-150000.3.32.1
libcupscgi1-debuginfo-2.2.7-150000.3.32.1
libcupsimage2-2.2.7-150000.3.32.1
libcupsimage2-debuginfo-2.2.7-150000.3.32.1
libcupsmime1-2.2.7-150000.3.32.1
libcupsmime1-debuginfo-2.2.7-150000.3.32.1
libcupsppdc1-2.2.7-150000.3.32.1
libcupsppdc1-debuginfo-2.2.7-150000.3.32.1
- openSUSE Leap 15.4 (x86_64):
cups-devel-32bit-2.2.7-150000.3.32.1
libcups2-32bit-2.2.7-150000.3.32.1
libcups2-32bit-debuginfo-2.2.7-150000.3.32.1
libcupscgi1-32bit-2.2.7-150000.3.32.1
libcupscgi1-32bit-debuginfo-2.2.7-150000.3.32.1
libcupsimage2-32bit-2.2.7-150000.3.32.1
libcupsimage2-32bit-debuginfo-2.2.7-150000.3.32.1
libcupsmime1-32bit-2.2.7-150000.3.32.1
libcupsmime1-32bit-debuginfo-2.2.7-150000.3.32.1
libcupsppdc1-32bit-2.2.7-150000.3.32.1
libcupsppdc1-32bit-debuginfo-2.2.7-150000.3.32.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
cups-2.2.7-150000.3.32.1
cups-client-2.2.7-150000.3.32.1
cups-client-debuginfo-2.2.7-150000.3.32.1
cups-config-2.2.7-150000.3.32.1
cups-ddk-2.2.7-150000.3.32.1
cups-ddk-debuginfo-2.2.7-150000.3.32.1
cups-debuginfo-2.2.7-150000.3.32.1
cups-debugsource-2.2.7-150000.3.32.1
cups-devel-2.2.7-150000.3.32.1
libcups2-2.2.7-150000.3.32.1
libcups2-debuginfo-2.2.7-150000.3.32.1
libcupscgi1-2.2.7-150000.3.32.1
libcupscgi1-debuginfo-2.2.7-150000.3.32.1
libcupsimage2-2.2.7-150000.3.32.1
libcupsimage2-debuginfo-2.2.7-150000.3.32.1
libcupsmime1-2.2.7-150000.3.32.1
libcupsmime1-debuginfo-2.2.7-150000.3.32.1
libcupsppdc1-2.2.7-150000.3.32.1
libcupsppdc1-debuginfo-2.2.7-150000.3.32.1
- openSUSE Leap 15.3 (x86_64):
cups-devel-32bit-2.2.7-150000.3.32.1
libcups2-32bit-2.2.7-150000.3.32.1
libcups2-32bit-debuginfo-2.2.7-150000.3.32.1
libcupscgi1-32bit-2.2.7-150000.3.32.1
libcupscgi1-32bit-debuginfo-2.2.7-150000.3.32.1
libcupsimage2-32bit-2.2.7-150000.3.32.1
libcupsimage2-32bit-debuginfo-2.2.7-150000.3.32.1
libcupsmime1-32bit-2.2.7-150000.3.32.1
libcupsmime1-32bit-debuginfo-2.2.7-150000.3.32.1
libcupsppdc1-32bit-2.2.7-150000.3.32.1
libcupsppdc1-32bit-debuginfo-2.2.7-150000.3.32.1
- SUSE Manager Server 4.1 (ppc64le s390x x86_64):
cups-2.2.7-150000.3.32.1
cups-client-2.2.7-150000.3.32.1
cups-client-debuginfo-2.2.7-150000.3.32.1
cups-config-2.2.7-150000.3.32.1
cups-ddk-2.2.7-150000.3.32.1
cups-ddk-debuginfo-2.2.7-150000.3.32.1
cups-debuginfo-2.2.7-150000.3.32.1
cups-debugsource-2.2.7-150000.3.32.1
cups-devel-2.2.7-150000.3.32.1
libcups2-2.2.7-150000.3.32.1
libcups2-debuginfo-2.2.7-150000.3.32.1
libcupscgi1-2.2.7-150000.3.32.1
libcupscgi1-debuginfo-2.2.7-150000.3.32.1
libcupsimage2-2.2.7-150000.3.32.1
libcupsimage2-debuginfo-2.2.7-150000.3.32.1
libcupsmime1-2.2.7-150000.3.32.1
libcupsmime1-debuginfo-2.2.7-150000.3.32.1
libcupsppdc1-2.2.7-150000.3.32.1
libcupsppdc1-debuginfo-2.2.7-150000.3.32.1
- SUSE Manager Server 4.1 (x86_64):
libcups2-32bit-2.2.7-150000.3.32.1
libcups2-32bit-debuginfo-2.2.7-150000.3.32.1
- SUSE Manager Retail Branch Server 4.1 (x86_64):
cups-2.2.7-150000.3.32.1
cups-client-2.2.7-150000.3.32.1
cups-client-debuginfo-2.2.7-150000.3.32.1
cups-config-2.2.7-150000.3.32.1
cups-ddk-2.2.7-150000.3.32.1
cups-ddk-debuginfo-2.2.7-150000.3.32.1
cups-debuginfo-2.2.7-150000.3.32.1
cups-debugsource-2.2.7-150000.3.32.1
cups-devel-2.2.7-150000.3.32.1
libcups2-2.2.7-150000.3.32.1
libcups2-32bit-2.2.7-150000.3.32.1
libcups2-32bit-debuginfo-2.2.7-150000.3.32.1
libcups2-debuginfo-2.2.7-150000.3.32.1
libcupscgi1-2.2.7-150000.3.32.1
libcupscgi1-debuginfo-2.2.7-150000.3.32.1
libcupsimage2-2.2.7-150000.3.32.1
libcupsimage2-debuginfo-2.2.7-150000.3.32.1
libcupsmime1-2.2.7-150000.3.32.1
libcupsmime1-debuginfo-2.2.7-150000.3.32.1
libcupsppdc1-2.2.7-150000.3.32.1
libcupsppdc1-debuginfo-2.2.7-150000.3.32.1
- SUSE Manager Proxy 4.1 (x86_64):
cups-2.2.7-150000.3.32.1
cups-client-2.2.7-150000.3.32.1
cups-client-debuginfo-2.2.7-150000.3.32.1
cups-config-2.2.7-150000.3.32.1
cups-ddk-2.2.7-150000.3.32.1
cups-ddk-debuginfo-2.2.7-150000.3.32.1
cups-debuginfo-2.2.7-150000.3.32.1
cups-debugsource-2.2.7-150000.3.32.1
cups-devel-2.2.7-150000.3.32.1
libcups2-2.2.7-150000.3.32.1
libcups2-32bit-2.2.7-150000.3.32.1
libcups2-32bit-debuginfo-2.2.7-150000.3.32.1
libcups2-debuginfo-2.2.7-150000.3.32.1
libcupscgi1-2.2.7-150000.3.32.1
libcupscgi1-debuginfo-2.2.7-150000.3.32.1
libcupsimage2-2.2.7-150000.3.32.1
libcupsimage2-debuginfo-2.2.7-150000.3.32.1
libcupsmime1-2.2.7-150000.3.32.1
libcupsmime1-debuginfo-2.2.7-150000.3.32.1
libcupsppdc1-2.2.7-150000.3.32.1
libcupsppdc1-debuginfo-2.2.7-150000.3.32.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64):
cups-2.2.7-150000.3.32.1
cups-client-2.2.7-150000.3.32.1
cups-client-debuginfo-2.2.7-150000.3.32.1
cups-config-2.2.7-150000.3.32.1
cups-ddk-2.2.7-150000.3.32.1
cups-ddk-debuginfo-2.2.7-150000.3.32.1
cups-debuginfo-2.2.7-150000.3.32.1
cups-debugsource-2.2.7-150000.3.32.1
cups-devel-2.2.7-150000.3.32.1
libcups2-2.2.7-150000.3.32.1
libcups2-debuginfo-2.2.7-150000.3.32.1
libcupscgi1-2.2.7-150000.3.32.1
libcupscgi1-debuginfo-2.2.7-150000.3.32.1
libcupsimage2-2.2.7-150000.3.32.1
libcupsimage2-debuginfo-2.2.7-150000.3.32.1
libcupsmime1-2.2.7-150000.3.32.1
libcupsmime1-debuginfo-2.2.7-150000.3.32.1
libcupsppdc1-2.2.7-150000.3.32.1
libcupsppdc1-debuginfo-2.2.7-150000.3.32.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (x86_64):
libcups2-32bit-2.2.7-150000.3.32.1
libcups2-32bit-debuginfo-2.2.7-150000.3.32.1
- SUSE Linux Enterprise Server for SAP 15-SP1 (ppc64le x86_64):
cups-2.2.7-150000.3.32.1
cups-client-2.2.7-150000.3.32.1
cups-client-debuginfo-2.2.7-150000.3.32.1
cups-config-2.2.7-150000.3.32.1
cups-ddk-2.2.7-150000.3.32.1
cups-ddk-debuginfo-2.2.7-150000.3.32.1
cups-debuginfo-2.2.7-150000.3.32.1
cups-debugsource-2.2.7-150000.3.32.1
cups-devel-2.2.7-150000.3.32.1
libcups2-2.2.7-150000.3.32.1
libcups2-debuginfo-2.2.7-150000.3.32.1
libcupscgi1-2.2.7-150000.3.32.1
libcupscgi1-debuginfo-2.2.7-150000.3.32.1
libcupsimage2-2.2.7-150000.3.32.1
libcupsimage2-debuginfo-2.2.7-150000.3.32.1
libcupsmime1-2.2.7-150000.3.32.1
libcupsmime1-debuginfo-2.2.7-150000.3.32.1
libcupsppdc1-2.2.7-150000.3.32.1
libcupsppdc1-debuginfo-2.2.7-150000.3.32.1
- SUSE Linux Enterprise Server for SAP 15-SP1 (x86_64):
libcups2-32bit-2.2.7-150000.3.32.1
libcups2-32bit-debuginfo-2.2.7-150000.3.32.1
- SUSE Linux Enterprise Server for SAP 15 (ppc64le x86_64):
cups-2.2.7-150000.3.32.1
cups-client-2.2.7-150000.3.32.1
cups-client-debuginfo-2.2.7-150000.3.32.1
cups-config-2.2.7-150000.3.32.1
cups-ddk-2.2.7-150000.3.32.1
cups-ddk-debuginfo-2.2.7-150000.3.32.1
cups-debuginfo-2.2.7-150000.3.32.1
cups-debugsource-2.2.7-150000.3.32.1
cups-devel-2.2.7-150000.3.32.1
libcups2-2.2.7-150000.3.32.1
libcups2-debuginfo-2.2.7-150000.3.32.1
libcupscgi1-2.2.7-150000.3.32.1
libcupscgi1-debuginfo-2.2.7-150000.3.32.1
libcupsimage2-2.2.7-150000.3.32.1
libcupsimage2-debuginfo-2.2.7-150000.3.32.1
libcupsmime1-2.2.7-150000.3.32.1
libcupsmime1-debuginfo-2.2.7-150000.3.32.1
libcupsppdc1-2.2.7-150000.3.32.1
libcupsppdc1-debuginfo-2.2.7-150000.3.32.1
- SUSE Linux Enterprise Server for SAP 15 (x86_64):
libcups2-32bit-2.2.7-150000.3.32.1
libcups2-32bit-debuginfo-2.2.7-150000.3.32.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64):
cups-2.2.7-150000.3.32.1
cups-client-2.2.7-150000.3.32.1
cups-client-debuginfo-2.2.7-150000.3.32.1
cups-config-2.2.7-150000.3.32.1
cups-ddk-2.2.7-150000.3.32.1
cups-ddk-debuginfo-2.2.7-150000.3.32.1
cups-debuginfo-2.2.7-150000.3.32.1
cups-debugsource-2.2.7-150000.3.32.1
cups-devel-2.2.7-150000.3.32.1
libcups2-2.2.7-150000.3.32.1
libcups2-debuginfo-2.2.7-150000.3.32.1
libcupscgi1-2.2.7-150000.3.32.1
libcupscgi1-debuginfo-2.2.7-150000.3.32.1
libcupsimage2-2.2.7-150000.3.32.1
libcupsimage2-debuginfo-2.2.7-150000.3.32.1
libcupsmime1-2.2.7-150000.3.32.1
libcupsmime1-debuginfo-2.2.7-150000.3.32.1
libcupsppdc1-2.2.7-150000.3.32.1
libcupsppdc1-debuginfo-2.2.7-150000.3.32.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (x86_64):
libcups2-32bit-2.2.7-150000.3.32.1
libcups2-32bit-debuginfo-2.2.7-150000.3.32.1
- SUSE Linux Enterprise Server 15-SP2-BCL (x86_64):
cups-2.2.7-150000.3.32.1
cups-client-2.2.7-150000.3.32.1
cups-client-debuginfo-2.2.7-150000.3.32.1
cups-config-2.2.7-150000.3.32.1
cups-ddk-2.2.7-150000.3.32.1
cups-ddk-debuginfo-2.2.7-150000.3.32.1
cups-debuginfo-2.2.7-150000.3.32.1
cups-debugsource-2.2.7-150000.3.32.1
cups-devel-2.2.7-150000.3.32.1
libcups2-2.2.7-150000.3.32.1
libcups2-32bit-2.2.7-150000.3.32.1
libcups2-32bit-debuginfo-2.2.7-150000.3.32.1
libcups2-debuginfo-2.2.7-150000.3.32.1
libcupscgi1-2.2.7-150000.3.32.1
libcupscgi1-debuginfo-2.2.7-150000.3.32.1
libcupsimage2-2.2.7-150000.3.32.1
libcupsimage2-debuginfo-2.2.7-150000.3.32.1
libcupsmime1-2.2.7-150000.3.32.1
libcupsmime1-debuginfo-2.2.7-150000.3.32.1
libcupsppdc1-2.2.7-150000.3.32.1
libcupsppdc1-debuginfo-2.2.7-150000.3.32.1
- SUSE Linux Enterprise Server 15-SP1-LTSS (aarch64 ppc64le s390x x86_64):
cups-2.2.7-150000.3.32.1
cups-client-2.2.7-150000.3.32.1
cups-client-debuginfo-2.2.7-150000.3.32.1
cups-config-2.2.7-150000.3.32.1
cups-ddk-2.2.7-150000.3.32.1
cups-ddk-debuginfo-2.2.7-150000.3.32.1
cups-debuginfo-2.2.7-150000.3.32.1
cups-debugsource-2.2.7-150000.3.32.1
cups-devel-2.2.7-150000.3.32.1
libcups2-2.2.7-150000.3.32.1
libcups2-debuginfo-2.2.7-150000.3.32.1
libcupscgi1-2.2.7-150000.3.32.1
libcupscgi1-debuginfo-2.2.7-150000.3.32.1
libcupsimage2-2.2.7-150000.3.32.1
libcupsimage2-debuginfo-2.2.7-150000.3.32.1
libcupsmime1-2.2.7-150000.3.32.1
libcupsmime1-debuginfo-2.2.7-150000.3.32.1
libcupsppdc1-2.2.7-150000.3.32.1
libcupsppdc1-debuginfo-2.2.7-150000.3.32.1
- SUSE Linux Enterprise Server 15-SP1-LTSS (x86_64):
libcups2-32bit-2.2.7-150000.3.32.1
libcups2-32bit-debuginfo-2.2.7-150000.3.32.1
- SUSE Linux Enterprise Server 15-SP1-BCL (x86_64):
cups-2.2.7-150000.3.32.1
cups-client-2.2.7-150000.3.32.1
cups-client-debuginfo-2.2.7-150000.3.32.1
cups-config-2.2.7-150000.3.32.1
cups-ddk-2.2.7-150000.3.32.1
cups-ddk-debuginfo-2.2.7-150000.3.32.1
cups-debuginfo-2.2.7-150000.3.32.1
cups-debugsource-2.2.7-150000.3.32.1
cups-devel-2.2.7-150000.3.32.1
libcups2-2.2.7-150000.3.32.1
libcups2-32bit-2.2.7-150000.3.32.1
libcups2-32bit-debuginfo-2.2.7-150000.3.32.1
libcups2-debuginfo-2.2.7-150000.3.32.1
libcupscgi1-2.2.7-150000.3.32.1
libcupscgi1-debuginfo-2.2.7-150000.3.32.1
libcupsimage2-2.2.7-150000.3.32.1
libcupsimage2-debuginfo-2.2.7-150000.3.32.1
libcupsmime1-2.2.7-150000.3.32.1
libcupsmime1-debuginfo-2.2.7-150000.3.32.1
libcupsppdc1-2.2.7-150000.3.32.1
libcupsppdc1-debuginfo-2.2.7-150000.3.32.1
- SUSE Linux Enterprise Server 15-LTSS (aarch64 s390x):
cups-2.2.7-150000.3.32.1
cups-client-2.2.7-150000.3.32.1
cups-client-debuginfo-2.2.7-150000.3.32.1
cups-config-2.2.7-150000.3.32.1
cups-ddk-2.2.7-150000.3.32.1
cups-ddk-debuginfo-2.2.7-150000.3.32.1
cups-debuginfo-2.2.7-150000.3.32.1
cups-debugsource-2.2.7-150000.3.32.1
cups-devel-2.2.7-150000.3.32.1
libcups2-2.2.7-150000.3.32.1
libcups2-debuginfo-2.2.7-150000.3.32.1
libcupscgi1-2.2.7-150000.3.32.1
libcupscgi1-debuginfo-2.2.7-150000.3.32.1
libcupsimage2-2.2.7-150000.3.32.1
libcupsimage2-debuginfo-2.2.7-150000.3.32.1
libcupsmime1-2.2.7-150000.3.32.1
libcupsmime1-debuginfo-2.2.7-150000.3.32.1
libcupsppdc1-2.2.7-150000.3.32.1
libcupsppdc1-debuginfo-2.2.7-150000.3.32.1
- SUSE Linux Enterprise Module for Development Tools 15-SP4 (aarch64 ppc64le s390x x86_64):
cups-ddk-2.2.7-150000.3.32.1
cups-ddk-debuginfo-2.2.7-150000.3.32.1
cups-debuginfo-2.2.7-150000.3.32.1
cups-debugsource-2.2.7-150000.3.32.1
- SUSE Linux Enterprise Module for Development Tools 15-SP3 (aarch64 ppc64le s390x x86_64):
cups-ddk-2.2.7-150000.3.32.1
cups-ddk-debuginfo-2.2.7-150000.3.32.1
cups-debuginfo-2.2.7-150000.3.32.1
cups-debugsource-2.2.7-150000.3.32.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64 ppc64le s390x x86_64):
cups-2.2.7-150000.3.32.1
cups-client-2.2.7-150000.3.32.1
cups-client-debuginfo-2.2.7-150000.3.32.1
cups-config-2.2.7-150000.3.32.1
cups-debuginfo-2.2.7-150000.3.32.1
cups-debugsource-2.2.7-150000.3.32.1
cups-devel-2.2.7-150000.3.32.1
libcups2-2.2.7-150000.3.32.1
libcups2-debuginfo-2.2.7-150000.3.32.1
libcupscgi1-2.2.7-150000.3.32.1
libcupscgi1-debuginfo-2.2.7-150000.3.32.1
libcupsimage2-2.2.7-150000.3.32.1
libcupsimage2-debuginfo-2.2.7-150000.3.32.1
libcupsmime1-2.2.7-150000.3.32.1
libcupsmime1-debuginfo-2.2.7-150000.3.32.1
libcupsppdc1-2.2.7-150000.3.32.1
libcupsppdc1-debuginfo-2.2.7-150000.3.32.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (x86_64):
libcups2-32bit-2.2.7-150000.3.32.1
libcups2-32bit-debuginfo-2.2.7-150000.3.32.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64):
cups-2.2.7-150000.3.32.1
cups-client-2.2.7-150000.3.32.1
cups-client-debuginfo-2.2.7-150000.3.32.1
cups-config-2.2.7-150000.3.32.1
cups-debuginfo-2.2.7-150000.3.32.1
cups-debugsource-2.2.7-150000.3.32.1
cups-devel-2.2.7-150000.3.32.1
libcups2-2.2.7-150000.3.32.1
libcups2-debuginfo-2.2.7-150000.3.32.1
libcupscgi1-2.2.7-150000.3.32.1
libcupscgi1-debuginfo-2.2.7-150000.3.32.1
libcupsimage2-2.2.7-150000.3.32.1
libcupsimage2-debuginfo-2.2.7-150000.3.32.1
libcupsmime1-2.2.7-150000.3.32.1
libcupsmime1-debuginfo-2.2.7-150000.3.32.1
libcupsppdc1-2.2.7-150000.3.32.1
libcupsppdc1-debuginfo-2.2.7-150000.3.32.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (x86_64):
libcups2-32bit-2.2.7-150000.3.32.1
libcups2-32bit-debuginfo-2.2.7-150000.3.32.1
- SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64):
cups-config-2.2.7-150000.3.32.1
cups-debuginfo-2.2.7-150000.3.32.1
cups-debugsource-2.2.7-150000.3.32.1
libcups2-2.2.7-150000.3.32.1
libcups2-debuginfo-2.2.7-150000.3.32.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64):
cups-2.2.7-150000.3.32.1
cups-client-2.2.7-150000.3.32.1
cups-client-debuginfo-2.2.7-150000.3.32.1
cups-config-2.2.7-150000.3.32.1
cups-ddk-2.2.7-150000.3.32.1
cups-ddk-debuginfo-2.2.7-150000.3.32.1
cups-debuginfo-2.2.7-150000.3.32.1
cups-debugsource-2.2.7-150000.3.32.1
cups-devel-2.2.7-150000.3.32.1
libcups2-2.2.7-150000.3.32.1
libcups2-debuginfo-2.2.7-150000.3.32.1
libcupscgi1-2.2.7-150000.3.32.1
libcupscgi1-debuginfo-2.2.7-150000.3.32.1
libcupsimage2-2.2.7-150000.3.32.1
libcupsimage2-debuginfo-2.2.7-150000.3.32.1
libcupsmime1-2.2.7-150000.3.32.1
libcupsmime1-debuginfo-2.2.7-150000.3.32.1
libcupsppdc1-2.2.7-150000.3.32.1
libcupsppdc1-debuginfo-2.2.7-150000.3.32.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (x86_64):
libcups2-32bit-2.2.7-150000.3.32.1
libcups2-32bit-debuginfo-2.2.7-150000.3.32.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (aarch64 x86_64):
cups-2.2.7-150000.3.32.1
cups-client-2.2.7-150000.3.32.1
cups-client-debuginfo-2.2.7-150000.3.32.1
cups-config-2.2.7-150000.3.32.1
cups-ddk-2.2.7-150000.3.32.1
cups-ddk-debuginfo-2.2.7-150000.3.32.1
cups-debuginfo-2.2.7-150000.3.32.1
cups-debugsource-2.2.7-150000.3.32.1
cups-devel-2.2.7-150000.3.32.1
libcups2-2.2.7-150000.3.32.1
libcups2-debuginfo-2.2.7-150000.3.32.1
libcupscgi1-2.2.7-150000.3.32.1
libcupscgi1-debuginfo-2.2.7-150000.3.32.1
libcupsimage2-2.2.7-150000.3.32.1
libcupsimage2-debuginfo-2.2.7-150000.3.32.1
libcupsmime1-2.2.7-150000.3.32.1
libcupsmime1-debuginfo-2.2.7-150000.3.32.1
libcupsppdc1-2.2.7-150000.3.32.1
libcupsppdc1-debuginfo-2.2.7-150000.3.32.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (x86_64):
libcups2-32bit-2.2.7-150000.3.32.1
libcups2-32bit-debuginfo-2.2.7-150000.3.32.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (aarch64 x86_64):
cups-2.2.7-150000.3.32.1
cups-client-2.2.7-150000.3.32.1
cups-client-debuginfo-2.2.7-150000.3.32.1
cups-config-2.2.7-150000.3.32.1
cups-ddk-2.2.7-150000.3.32.1
cups-ddk-debuginfo-2.2.7-150000.3.32.1
cups-debuginfo-2.2.7-150000.3.32.1
cups-debugsource-2.2.7-150000.3.32.1
cups-devel-2.2.7-150000.3.32.1
libcups2-2.2.7-150000.3.32.1
libcups2-debuginfo-2.2.7-150000.3.32.1
libcupscgi1-2.2.7-150000.3.32.1
libcupscgi1-debuginfo-2.2.7-150000.3.32.1
libcupsimage2-2.2.7-150000.3.32.1
libcupsimage2-debuginfo-2.2.7-150000.3.32.1
libcupsmime1-2.2.7-150000.3.32.1
libcupsmime1-debuginfo-2.2.7-150000.3.32.1
libcupsppdc1-2.2.7-150000.3.32.1
libcupsppdc1-debuginfo-2.2.7-150000.3.32.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (x86_64):
libcups2-32bit-2.2.7-150000.3.32.1
libcups2-32bit-debuginfo-2.2.7-150000.3.32.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (aarch64 x86_64):
cups-2.2.7-150000.3.32.1
cups-client-2.2.7-150000.3.32.1
cups-client-debuginfo-2.2.7-150000.3.32.1
cups-config-2.2.7-150000.3.32.1
cups-ddk-2.2.7-150000.3.32.1
cups-ddk-debuginfo-2.2.7-150000.3.32.1
cups-debuginfo-2.2.7-150000.3.32.1
cups-debugsource-2.2.7-150000.3.32.1
cups-devel-2.2.7-150000.3.32.1
libcups2-2.2.7-150000.3.32.1
libcups2-debuginfo-2.2.7-150000.3.32.1
libcupscgi1-2.2.7-150000.3.32.1
libcupscgi1-debuginfo-2.2.7-150000.3.32.1
libcupsimage2-2.2.7-150000.3.32.1
libcupsimage2-debuginfo-2.2.7-150000.3.32.1
libcupsmime1-2.2.7-150000.3.32.1
libcupsmime1-debuginfo-2.2.7-150000.3.32.1
libcupsppdc1-2.2.7-150000.3.32.1
libcupsppdc1-debuginfo-2.2.7-150000.3.32.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (x86_64):
libcups2-32bit-2.2.7-150000.3.32.1
libcups2-32bit-debuginfo-2.2.7-150000.3.32.1
- SUSE Linux Enterprise High Performance Computing 15-LTSS (aarch64 x86_64):
cups-2.2.7-150000.3.32.1
cups-client-2.2.7-150000.3.32.1
cups-client-debuginfo-2.2.7-150000.3.32.1
cups-config-2.2.7-150000.3.32.1
cups-ddk-2.2.7-150000.3.32.1
cups-ddk-debuginfo-2.2.7-150000.3.32.1
cups-debuginfo-2.2.7-150000.3.32.1
cups-debugsource-2.2.7-150000.3.32.1
cups-devel-2.2.7-150000.3.32.1
libcups2-2.2.7-150000.3.32.1
libcups2-debuginfo-2.2.7-150000.3.32.1
libcupscgi1-2.2.7-150000.3.32.1
libcupscgi1-debuginfo-2.2.7-150000.3.32.1
libcupsimage2-2.2.7-150000.3.32.1
libcupsimage2-debuginfo-2.2.7-150000.3.32.1
libcupsmime1-2.2.7-150000.3.32.1
libcupsmime1-debuginfo-2.2.7-150000.3.32.1
libcupsppdc1-2.2.7-150000.3.32.1
libcupsppdc1-debuginfo-2.2.7-150000.3.32.1
- SUSE Linux Enterprise High Performance Computing 15-LTSS (x86_64):
libcups2-32bit-2.2.7-150000.3.32.1
libcups2-32bit-debuginfo-2.2.7-150000.3.32.1
- SUSE Linux Enterprise High Performance Computing 15-ESPOS (aarch64 x86_64):
cups-2.2.7-150000.3.32.1
cups-client-2.2.7-150000.3.32.1
cups-client-debuginfo-2.2.7-150000.3.32.1
cups-config-2.2.7-150000.3.32.1
cups-ddk-2.2.7-150000.3.32.1
cups-ddk-debuginfo-2.2.7-150000.3.32.1
cups-debuginfo-2.2.7-150000.3.32.1
cups-debugsource-2.2.7-150000.3.32.1
cups-devel-2.2.7-150000.3.32.1
libcups2-2.2.7-150000.3.32.1
libcups2-debuginfo-2.2.7-150000.3.32.1
libcupscgi1-2.2.7-150000.3.32.1
libcupscgi1-debuginfo-2.2.7-150000.3.32.1
libcupsimage2-2.2.7-150000.3.32.1
libcupsimage2-debuginfo-2.2.7-150000.3.32.1
libcupsmime1-2.2.7-150000.3.32.1
libcupsmime1-debuginfo-2.2.7-150000.3.32.1
libcupsppdc1-2.2.7-150000.3.32.1
libcupsppdc1-debuginfo-2.2.7-150000.3.32.1
- SUSE Linux Enterprise High Performance Computing 15-ESPOS (x86_64):
libcups2-32bit-2.2.7-150000.3.32.1
libcups2-32bit-debuginfo-2.2.7-150000.3.32.1
- SUSE Enterprise Storage 7 (aarch64 x86_64):
cups-2.2.7-150000.3.32.1
cups-client-2.2.7-150000.3.32.1
cups-client-debuginfo-2.2.7-150000.3.32.1
cups-config-2.2.7-150000.3.32.1
cups-ddk-2.2.7-150000.3.32.1
cups-ddk-debuginfo-2.2.7-150000.3.32.1
cups-debuginfo-2.2.7-150000.3.32.1
cups-debugsource-2.2.7-150000.3.32.1
cups-devel-2.2.7-150000.3.32.1
libcups2-2.2.7-150000.3.32.1
libcups2-debuginfo-2.2.7-150000.3.32.1
libcupscgi1-2.2.7-150000.3.32.1
libcupscgi1-debuginfo-2.2.7-150000.3.32.1
libcupsimage2-2.2.7-150000.3.32.1
libcupsimage2-debuginfo-2.2.7-150000.3.32.1
libcupsmime1-2.2.7-150000.3.32.1
libcupsmime1-debuginfo-2.2.7-150000.3.32.1
libcupsppdc1-2.2.7-150000.3.32.1
libcupsppdc1-debuginfo-2.2.7-150000.3.32.1
- SUSE Enterprise Storage 7 (x86_64):
libcups2-32bit-2.2.7-150000.3.32.1
libcups2-32bit-debuginfo-2.2.7-150000.3.32.1
- SUSE Enterprise Storage 6 (aarch64 x86_64):
cups-2.2.7-150000.3.32.1
cups-client-2.2.7-150000.3.32.1
cups-client-debuginfo-2.2.7-150000.3.32.1
cups-config-2.2.7-150000.3.32.1
cups-ddk-2.2.7-150000.3.32.1
cups-ddk-debuginfo-2.2.7-150000.3.32.1
cups-debuginfo-2.2.7-150000.3.32.1
cups-debugsource-2.2.7-150000.3.32.1
cups-devel-2.2.7-150000.3.32.1
libcups2-2.2.7-150000.3.32.1
libcups2-debuginfo-2.2.7-150000.3.32.1
libcupscgi1-2.2.7-150000.3.32.1
libcupscgi1-debuginfo-2.2.7-150000.3.32.1
libcupsimage2-2.2.7-150000.3.32.1
libcupsimage2-debuginfo-2.2.7-150000.3.32.1
libcupsmime1-2.2.7-150000.3.32.1
libcupsmime1-debuginfo-2.2.7-150000.3.32.1
libcupsppdc1-2.2.7-150000.3.32.1
libcupsppdc1-debuginfo-2.2.7-150000.3.32.1
- SUSE Enterprise Storage 6 (x86_64):
libcups2-32bit-2.2.7-150000.3.32.1
libcups2-32bit-debuginfo-2.2.7-150000.3.32.1
- SUSE CaaS Platform 4.0 (x86_64):
cups-2.2.7-150000.3.32.1
cups-client-2.2.7-150000.3.32.1
cups-client-debuginfo-2.2.7-150000.3.32.1
cups-config-2.2.7-150000.3.32.1
cups-ddk-2.2.7-150000.3.32.1
cups-ddk-debuginfo-2.2.7-150000.3.32.1
cups-debuginfo-2.2.7-150000.3.32.1
cups-debugsource-2.2.7-150000.3.32.1
cups-devel-2.2.7-150000.3.32.1
libcups2-2.2.7-150000.3.32.1
libcups2-32bit-2.2.7-150000.3.32.1
libcups2-32bit-debuginfo-2.2.7-150000.3.32.1
libcups2-debuginfo-2.2.7-150000.3.32.1
libcupscgi1-2.2.7-150000.3.32.1
libcupscgi1-debuginfo-2.2.7-150000.3.32.1
libcupsimage2-2.2.7-150000.3.32.1
libcupsimage2-debuginfo-2.2.7-150000.3.32.1
libcupsmime1-2.2.7-150000.3.32.1
libcupsmime1-debuginfo-2.2.7-150000.3.32.1
libcupsppdc1-2.2.7-150000.3.32.1
libcupsppdc1-debuginfo-2.2.7-150000.3.32.1
References:
https://www.suse.com/security/cve/CVE-2022-26691.html
https://bugzilla.suse.com/1199474
1
0
SUSE-SU-2022:1844-1: moderate: Security update for fribidi
by opensuse-security@opensuse.org 25 May '22
by opensuse-security@opensuse.org 25 May '22
25 May '22
SUSE Security Update: Security update for fribidi
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1844-1
Rating: moderate
References: #1196147 #1196148 #1196150
Cross-References: CVE-2022-25308 CVE-2022-25309 CVE-2022-25310
CVSS scores:
CVE-2022-25308 (SUSE): 6.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H
CVE-2022-25309 (SUSE): 6.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H
CVE-2022-25310 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Affected Products:
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Micro 5.2
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Desktop Applications 15-SP3
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Manager Proxy 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.3
______________________________________________________________________________
An update that fixes three vulnerabilities is now available.
Description:
This update for fribidi fixes the following issues:
- CVE-2022-25308: Fixed stack out of bounds read (bsc#1196147).
- CVE-2022-25309: Fixed heap-buffer-overflow in fribidi_cap_rtl_to_unicode
(bsc#1196148).
- CVE-2022-25310: Fixed NULL pointer dereference in
fribidi_remove_bidi_marks (bsc#1196150).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1844=1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP3:
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP3-2022-1844=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-1844=1
- SUSE Linux Enterprise Micro 5.2:
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2022-1844=1
Package List:
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
fribidi-1.0.5-150200.3.6.1
fribidi-debuginfo-1.0.5-150200.3.6.1
fribidi-debugsource-1.0.5-150200.3.6.1
fribidi-devel-1.0.5-150200.3.6.1
libfribidi0-1.0.5-150200.3.6.1
libfribidi0-debuginfo-1.0.5-150200.3.6.1
- openSUSE Leap 15.3 (x86_64):
libfribidi0-32bit-1.0.5-150200.3.6.1
libfribidi0-32bit-debuginfo-1.0.5-150200.3.6.1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP3 (x86_64):
fribidi-debugsource-1.0.5-150200.3.6.1
libfribidi0-32bit-1.0.5-150200.3.6.1
libfribidi0-32bit-debuginfo-1.0.5-150200.3.6.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64):
fribidi-1.0.5-150200.3.6.1
fribidi-debuginfo-1.0.5-150200.3.6.1
fribidi-debugsource-1.0.5-150200.3.6.1
fribidi-devel-1.0.5-150200.3.6.1
libfribidi0-1.0.5-150200.3.6.1
libfribidi0-debuginfo-1.0.5-150200.3.6.1
- SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64):
fribidi-debuginfo-1.0.5-150200.3.6.1
fribidi-debugsource-1.0.5-150200.3.6.1
libfribidi0-1.0.5-150200.3.6.1
libfribidi0-debuginfo-1.0.5-150200.3.6.1
References:
https://www.suse.com/security/cve/CVE-2022-25308.html
https://www.suse.com/security/cve/CVE-2022-25309.html
https://www.suse.com/security/cve/CVE-2022-25310.html
https://bugzilla.suse.com/1196147
https://bugzilla.suse.com/1196148
https://bugzilla.suse.com/1196150
1
0
SUSE-SU-2022:1842-1: moderate: Security update for redis
by opensuse-security@opensuse.org 25 May '22
by opensuse-security@opensuse.org 25 May '22
25 May '22
SUSE Security Update: Security update for redis
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1842-1
Rating: moderate
References: #1198952 #1198953
Cross-References: CVE-2022-24735 CVE-2022-24736
CVSS scores:
CVE-2022-24735 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-24735 (SUSE): 3.9 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
CVE-2022-24736 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-24736 (SUSE): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
Affected Products:
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Module for Server Applications 15-SP3
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Manager Proxy 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.3
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for redis fixes the following issues:
- CVE-2022-24735: Fixed Lua code injection (bsc#1198952).
- CVE-2022-24736: Fixed Lua NULL pointer dereference (bsc#1198953).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1842=1
- SUSE Linux Enterprise Module for Server Applications 15-SP3:
zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP3-2022-1842=1
Package List:
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
redis-6.0.14-150200.6.11.1
redis-debuginfo-6.0.14-150200.6.11.1
redis-debugsource-6.0.14-150200.6.11.1
- SUSE Linux Enterprise Module for Server Applications 15-SP3 (aarch64 ppc64le s390x x86_64):
redis-6.0.14-150200.6.11.1
redis-debuginfo-6.0.14-150200.6.11.1
redis-debugsource-6.0.14-150200.6.11.1
References:
https://www.suse.com/security/cve/CVE-2022-24735.html
https://www.suse.com/security/cve/CVE-2022-24736.html
https://bugzilla.suse.com/1198952
https://bugzilla.suse.com/1198953
1
0
SUSE-SU-2022:1840-1: moderate: Security update for kernel-firmware
by opensuse-security@opensuse.org 25 May '22
by opensuse-security@opensuse.org 25 May '22
25 May '22
SUSE Security Update: Security update for kernel-firmware
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1840-1
Rating: moderate
References: #1199459 #1199470
Cross-References: CVE-2021-26312 CVE-2021-26339 CVE-2021-26342
CVE-2021-26347 CVE-2021-26348 CVE-2021-26349
CVE-2021-26350 CVE-2021-26364 CVE-2021-26372
CVE-2021-26373 CVE-2021-26375 CVE-2021-26376
CVE-2021-26378 CVE-2021-26388 CVE-2021-46744
CVSS scores:
CVE-2021-26312 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CVE-2021-26339 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2021-26339 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2021-26342 (NVD) : 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
CVE-2021-26342 (SUSE): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
CVE-2021-26347 (NVD) : 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2021-26348 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
CVE-2021-26349 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
CVE-2021-26350 (NVD) : 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2021-46744 (SUSE): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Affected Products:
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Micro 5.1
SUSE Linux Enterprise Micro 5.2
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Manager Proxy 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.3
______________________________________________________________________________
An update that fixes 15 vulnerabilities is now available.
Description:
This update for kernel-firmware fixes the following issues:
Update AMD ucode and SEV firmware
- (CVE-2021-26339, CVE-2021-26373, CVE-2021-26347, CVE-2021-26376,
CVE-2021-26375, CVE-2021-26378, CVE-2021-26372, CVE-2021-26339,
CVE-2021-26348, CVE-2021-26342, CVE-2021-26388, CVE-2021-26349,
CVE-2021-26364, CVE-2021-26312, CVE-2021-26350, CVE-2021-46744,
bsc#1199459, bsc#1199470)
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1840=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-1840=1
- SUSE Linux Enterprise Micro 5.2:
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2022-1840=1
- SUSE Linux Enterprise Micro 5.1:
zypper in -t patch SUSE-SUSE-MicroOS-5.1-2022-1840=1
Package List:
- openSUSE Leap 15.3 (noarch):
kernel-firmware-20210208-150300.4.10.1
kernel-firmware-all-20210208-150300.4.10.1
kernel-firmware-amdgpu-20210208-150300.4.10.1
kernel-firmware-ath10k-20210208-150300.4.10.1
kernel-firmware-ath11k-20210208-150300.4.10.1
kernel-firmware-atheros-20210208-150300.4.10.1
kernel-firmware-bluetooth-20210208-150300.4.10.1
kernel-firmware-bnx2-20210208-150300.4.10.1
kernel-firmware-brcm-20210208-150300.4.10.1
kernel-firmware-chelsio-20210208-150300.4.10.1
kernel-firmware-dpaa2-20210208-150300.4.10.1
kernel-firmware-i915-20210208-150300.4.10.1
kernel-firmware-intel-20210208-150300.4.10.1
kernel-firmware-iwlwifi-20210208-150300.4.10.1
kernel-firmware-liquidio-20210208-150300.4.10.1
kernel-firmware-marvell-20210208-150300.4.10.1
kernel-firmware-media-20210208-150300.4.10.1
kernel-firmware-mediatek-20210208-150300.4.10.1
kernel-firmware-mellanox-20210208-150300.4.10.1
kernel-firmware-mwifiex-20210208-150300.4.10.1
kernel-firmware-network-20210208-150300.4.10.1
kernel-firmware-nfp-20210208-150300.4.10.1
kernel-firmware-nvidia-20210208-150300.4.10.1
kernel-firmware-platform-20210208-150300.4.10.1
kernel-firmware-prestera-20210208-150300.4.10.1
kernel-firmware-qlogic-20210208-150300.4.10.1
kernel-firmware-radeon-20210208-150300.4.10.1
kernel-firmware-realtek-20210208-150300.4.10.1
kernel-firmware-serial-20210208-150300.4.10.1
kernel-firmware-sound-20210208-150300.4.10.1
kernel-firmware-ti-20210208-150300.4.10.1
kernel-firmware-ueagle-20210208-150300.4.10.1
kernel-firmware-usb-network-20210208-150300.4.10.1
ucode-amd-20210208-150300.4.10.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (noarch):
kernel-firmware-20210208-150300.4.10.1
kernel-firmware-brcm-20210208-150300.4.10.1
ucode-amd-20210208-150300.4.10.1
- SUSE Linux Enterprise Micro 5.2 (noarch):
kernel-firmware-all-20210208-150300.4.10.1
kernel-firmware-amdgpu-20210208-150300.4.10.1
kernel-firmware-ath10k-20210208-150300.4.10.1
kernel-firmware-ath11k-20210208-150300.4.10.1
kernel-firmware-atheros-20210208-150300.4.10.1
kernel-firmware-bluetooth-20210208-150300.4.10.1
kernel-firmware-bnx2-20210208-150300.4.10.1
kernel-firmware-brcm-20210208-150300.4.10.1
kernel-firmware-chelsio-20210208-150300.4.10.1
kernel-firmware-dpaa2-20210208-150300.4.10.1
kernel-firmware-i915-20210208-150300.4.10.1
kernel-firmware-intel-20210208-150300.4.10.1
kernel-firmware-iwlwifi-20210208-150300.4.10.1
kernel-firmware-liquidio-20210208-150300.4.10.1
kernel-firmware-marvell-20210208-150300.4.10.1
kernel-firmware-media-20210208-150300.4.10.1
kernel-firmware-mediatek-20210208-150300.4.10.1
kernel-firmware-mellanox-20210208-150300.4.10.1
kernel-firmware-mwifiex-20210208-150300.4.10.1
kernel-firmware-network-20210208-150300.4.10.1
kernel-firmware-nfp-20210208-150300.4.10.1
kernel-firmware-nvidia-20210208-150300.4.10.1
kernel-firmware-platform-20210208-150300.4.10.1
kernel-firmware-prestera-20210208-150300.4.10.1
kernel-firmware-qlogic-20210208-150300.4.10.1
kernel-firmware-radeon-20210208-150300.4.10.1
kernel-firmware-realtek-20210208-150300.4.10.1
kernel-firmware-serial-20210208-150300.4.10.1
kernel-firmware-sound-20210208-150300.4.10.1
kernel-firmware-ti-20210208-150300.4.10.1
kernel-firmware-ueagle-20210208-150300.4.10.1
kernel-firmware-usb-network-20210208-150300.4.10.1
ucode-amd-20210208-150300.4.10.1
- SUSE Linux Enterprise Micro 5.1 (noarch):
kernel-firmware-all-20210208-150300.4.10.1
kernel-firmware-amdgpu-20210208-150300.4.10.1
kernel-firmware-ath10k-20210208-150300.4.10.1
kernel-firmware-ath11k-20210208-150300.4.10.1
kernel-firmware-atheros-20210208-150300.4.10.1
kernel-firmware-bluetooth-20210208-150300.4.10.1
kernel-firmware-bnx2-20210208-150300.4.10.1
kernel-firmware-brcm-20210208-150300.4.10.1
kernel-firmware-chelsio-20210208-150300.4.10.1
kernel-firmware-dpaa2-20210208-150300.4.10.1
kernel-firmware-i915-20210208-150300.4.10.1
kernel-firmware-intel-20210208-150300.4.10.1
kernel-firmware-iwlwifi-20210208-150300.4.10.1
kernel-firmware-liquidio-20210208-150300.4.10.1
kernel-firmware-marvell-20210208-150300.4.10.1
kernel-firmware-media-20210208-150300.4.10.1
kernel-firmware-mediatek-20210208-150300.4.10.1
kernel-firmware-mellanox-20210208-150300.4.10.1
kernel-firmware-mwifiex-20210208-150300.4.10.1
kernel-firmware-network-20210208-150300.4.10.1
kernel-firmware-nfp-20210208-150300.4.10.1
kernel-firmware-nvidia-20210208-150300.4.10.1
kernel-firmware-platform-20210208-150300.4.10.1
kernel-firmware-prestera-20210208-150300.4.10.1
kernel-firmware-qlogic-20210208-150300.4.10.1
kernel-firmware-radeon-20210208-150300.4.10.1
kernel-firmware-realtek-20210208-150300.4.10.1
kernel-firmware-serial-20210208-150300.4.10.1
kernel-firmware-sound-20210208-150300.4.10.1
kernel-firmware-ti-20210208-150300.4.10.1
kernel-firmware-ueagle-20210208-150300.4.10.1
kernel-firmware-usb-network-20210208-150300.4.10.1
ucode-amd-20210208-150300.4.10.1
References:
https://www.suse.com/security/cve/CVE-2021-26312.html
https://www.suse.com/security/cve/CVE-2021-26339.html
https://www.suse.com/security/cve/CVE-2021-26342.html
https://www.suse.com/security/cve/CVE-2021-26347.html
https://www.suse.com/security/cve/CVE-2021-26348.html
https://www.suse.com/security/cve/CVE-2021-26349.html
https://www.suse.com/security/cve/CVE-2021-26350.html
https://www.suse.com/security/cve/CVE-2021-26364.html
https://www.suse.com/security/cve/CVE-2021-26372.html
https://www.suse.com/security/cve/CVE-2021-26373.html
https://www.suse.com/security/cve/CVE-2021-26375.html
https://www.suse.com/security/cve/CVE-2021-26376.html
https://www.suse.com/security/cve/CVE-2021-26378.html
https://www.suse.com/security/cve/CVE-2021-26388.html
https://www.suse.com/security/cve/CVE-2021-46744.html
https://bugzilla.suse.com/1199459
https://bugzilla.suse.com/1199470
1
0
openSUSE-SU-2022:0145-1: moderate: Security update for cacti, cacti-spine
by opensuse-security@opensuse.org 24 May '22
by opensuse-security@opensuse.org 24 May '22
24 May '22
openSUSE Security Update: Security update for cacti, cacti-spine
______________________________________________________________________________
Announcement ID: openSUSE-SU-2022:0145-1
Rating: moderate
References: #1192408 #1196692
Cross-References: CVE-2022-0730
CVSS scores:
CVE-2022-0730 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products:
SUSE Linux Enterprise High Performance Computing 12
SUSE Linux Enterprise Server 12
SUSE Linux Enterprise Server 12-SP3
SUSE Linux Enterprise Server 12-SP4
SUSE Linux Enterprise Server 12-SP5
SUSE Linux Enterprise Server for SAP Applications 12
SUSE Linux Enterprise Server for SAP Applications 12-SP3
SUSE Linux Enterprise Server for SAP Applications 12-SP4
SUSE Linux Enterprise Server for SAP Applications 12-SP5
SUSE Package Hub for SUSE Linux Enterprise 12
openSUSE Backports SLE-15-SP3
______________________________________________________________________________
An update that solves one vulnerability and has one errata
is now available.
Description:
This update for cacti, cacti-spine fixes the following issues:
cacti-spine was updated to 1.2.20:
* Add support for newer versions of MySQL/MariaDB
* When checking for uptime of device, don't assume a non-response is
always fatal
* Fix description and command trunctation issues
* Improve spine performance when only one snmp agent port is in use
cacti-spine 1.2.19:
* Fix 1ssues with polling loop may skip some datasources
* Fix ping no longer works due to hostname changes
* Fix RRD steps are not always calculated correctly
* Fix unable to build when DES no longer supported
* Fix IPv6 devices are not properly parsed
* Reduce a number of compiler warnings
* Fix compiler warnings due to lack of return in thread_mutex_trylock
* Fix Spine will not look at non-timetics uptime when sysUpTimeInstance
overflows
* Improve performance of Cacti poller on heavily loaded systems
cacti-spine 1.2.20:
* Add support for newer versions of MySQL/MariaDB
* When checking for uptime of device, don't assume a non-response is
always fatal
* Fix description and command trunctation issues
* Improve spine performance when only one snmp agent port is in use
cacti was updated to 1.2.20:
* Security fix for CVE-2022-0730, boo#1196692 Under certain ldap
conditions, Cacti authentication can be bypassed with certain
credential types.
* Security fix: Device, Graph, Graph Template, and Graph Items may be
vulnerable to XSS issues
* Security fix: Lockout policies are not properly applied to LDAP and
Domain Users
* Security fix: When using 'remember me' option, incorrect realm may be
selected
* Security fix: User and Group maintenance are vulnerable to SQL attacks
* Security fix: Color Templates are vulnerable to XSS attack
* Features:
* When creating a Data Source Profile, allow additional choices for
Heartbeat
* Change select all options to use Font Awesome icons
* Improve spine performance by storing the total number of system
snmp_ports in use
* Prevent Template User Accounts from being Removed
* When managing by users, allow filtering by Realm
* Allow plugins to supply template account names
* When viewing logs, additional message types should be filterable
* When creating a Graph Template Item, allow filtering by Data Template
* Allow language handler to be selected via UI
* Updated Device packages for Synology, Citrix NetScaler, Cisco
ASA/Cisco
* Add Advanced Ping Graph Template to initial Installable templates
* Add LDAP Debug Mode option
* Allow Reports to include devices not on a Tree
* Allow Basic Authentication to display custom failure message
* Fix: When replicating data during installation/upgrade, system may
appear to hang
* Fix: Graph Template Items may have duplicated entries
* Fix: Unable to Save Graph Settings
* Fix: Script Server may crash if an OID is missing or unavailable
* Fix: When system-wide polling is disabled, remote pollers may fail to
sync changed settings
* Fix: When updating poller name, duplicate name protection may be over
zealous
* Fix: Titles may show "Missing Datasource" incorectly
* Fix: Checking for MIB Cache can cause crashes
* Fix: Polling cycles may not always complete as expected
* Fix: When viewing graph data, non-numeric values may appear
* Fix: Utilities view has calculation errors when there are no data
sources
* Fix: When editing Reports, drag and drop may not function as intended
* Fix: When data drive is full, viewing a Graph can result in errors
* Various other bug fixes
cacti 1.2.19:
* Further fixes for grave character security protection (boo#1192408)
* Fix Over aggressive escaping causing menu visibility issues on Create
Device page
* Add SHA256 and AES256 security levels for SNMP polling
* Import graph template(Preview Only) show color_id new value as a blank
area
* Fix Editing graphs errors due to missing sequence
* Fix 2hen hovering over a Tree Graph, row shows same highlighting as
Graph Edit screen
* Fix 2hen RealTime is not active, console errors may appear
* Fix race conditions may occur when multiple RRDtool processes are
running
* Fix errors creating graphs from templates
* Fix errors when duplicating reports
* Fix Boost may be blocked by overflowing poller_output table
* Fix Template import may be blocked due to unmet dependency warnings
with snmp ports
* Fix Newer MySQL versions may error if committing a transaction when
not in one
* Fix SNMP Agent may not find a cache item
* Fix Correct issues running under PHP 8.x
* Fix When polling is disabled, boost may crash and creates many arch
tables
* Fix When poller runs, memory tables may not always be present
* Fix Timezones may sometimes be incorrectly calculated
* Fix Allow monitoring IPv6 with interface graphs
* Fix When a data source uses a Data Input Method, those without a
mapping should be flagged
* Fix When RRDfile is not yet created, errors may appear when displaying
the graph
* Fix Cacti missing key indexes that result in Preset pages slowdowns
* Fix Data Sources page shows no name when Data Source has no name cache
* Fix db_update_table function can not alter table from signed to
unsigned
* Fix data remains in poller_output table even if it's flushed to rrd
files
* Fix Parameter list for lib/database.php:db_connect_real() is not
correct in 3 places
* Fix Offset is a reserved word in MariaDB 10.6 affecting Report
* Fix Rendering large trees slowed due to lack of permission caching
* Fix Error on interpretation of snmpUtime, when to big
* Fix Applying right axis formatting creates an error-image
* Fix Unable to Save Graph Settings from the Graphs pages
* Fix Graph Template Cache is nullified too often when Graph Automation
is running
* Fix When Adding a Data Query to a Device, no Progress Spinner is shown
* Fix New Browser Breaks Plugins that depend on non UTC date time data
* Fix errors when testing remote poller connectivity
* Fix errors when renaming poller
* Fix Removing spikes by Variance does not appear to be working beyond
the first RRA
* Fix LDAP API lacks timeout options leading to bad login experiences
* Add a normal/wrap class for general use
* Limit File Types available for Template Import operations
* Fix Cacti does not provide an option of providing a client side
certificate for LDAP/AD authentication
* Support Stronger Encryption Available Starting in Net-SNMP v5.8
* Allow Cacti to use multiple possible LDAP servers
* Add a 15 minute polling/sampling interval
* Provide additional admin email notifications
* Add warnings for undesired changes to plugin hook return values
* When creating a Graph, make testing the Data Sources optional by
Template
* Update phpseclib to 2.0.33
* Update jstree.js to 3.3.12
* Improve performance of Cacti poller on heavily loaded systems
* MariaDB recommendations need some tuning for recent updates
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Backports SLE-15-SP3:
zypper in -t patch openSUSE-2022-145=1
- SUSE Package Hub for SUSE Linux Enterprise 12:
zypper in -t patch openSUSE-2022-145=1
Package List:
- openSUSE Backports SLE-15-SP3 (aarch64 i586 ppc64le s390x x86_64):
cacti-spine-1.2.20-bp153.2.9.1
- openSUSE Backports SLE-15-SP3 (noarch):
cacti-1.2.20-bp153.2.9.1
- SUSE Package Hub for SUSE Linux Enterprise 12 (aarch64 ppc64le s390x x86_64):
cacti-spine-1.2.20-20.1
- SUSE Package Hub for SUSE Linux Enterprise 12 (noarch):
cacti-1.2.20-26.1
References:
https://www.suse.com/security/cve/CVE-2022-0730.html
https://bugzilla.suse.com/1192408
https://bugzilla.suse.com/1196692
1
0
SUSE-SU-2022:1829-1: moderate: Security update for go1.18
by opensuse-security@opensuse.org 24 May '22
by opensuse-security@opensuse.org 24 May '22
24 May '22
SUSE Security Update: Security update for go1.18
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1829-1
Rating: moderate
References: #1193742 #1199413
Cross-References: CVE-2022-29526
CVSS scores:
CVE-2022-29526 (SUSE): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products:
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Development Tools 15-SP3
SUSE Linux Enterprise Module for Development Tools 15-SP4
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that solves one vulnerability and has one errata
is now available.
Description:
This update for go1.18 fixes the following issues:
- CVE-2022-29526: Fixed faccessat() system call operation that checked the
wrong group (bsc#1199413).
- go1.18.2 (released 2022-05-10) (bsc#1193742).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1829=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1829=1
- SUSE Linux Enterprise Module for Development Tools 15-SP4:
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP4-2022-1829=1
- SUSE Linux Enterprise Module for Development Tools 15-SP3:
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP3-2022-1829=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
go1.18-1.18.2-150000.1.17.1
go1.18-doc-1.18.2-150000.1.17.1
- openSUSE Leap 15.4 (aarch64 x86_64):
go1.18-race-1.18.2-150000.1.17.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
go1.18-1.18.2-150000.1.17.1
go1.18-doc-1.18.2-150000.1.17.1
- openSUSE Leap 15.3 (aarch64 x86_64):
go1.18-race-1.18.2-150000.1.17.1
- SUSE Linux Enterprise Module for Development Tools 15-SP4 (aarch64 ppc64le s390x x86_64):
go1.18-1.18.2-150000.1.17.1
go1.18-doc-1.18.2-150000.1.17.1
- SUSE Linux Enterprise Module for Development Tools 15-SP4 (aarch64 x86_64):
go1.18-race-1.18.2-150000.1.17.1
- SUSE Linux Enterprise Module for Development Tools 15-SP3 (aarch64 ppc64le s390x x86_64):
go1.18-1.18.2-150000.1.17.1
go1.18-doc-1.18.2-150000.1.17.1
- SUSE Linux Enterprise Module for Development Tools 15-SP3 (aarch64 x86_64):
go1.18-race-1.18.2-150000.1.17.1
References:
https://www.suse.com/security/cve/CVE-2022-29526.html
https://bugzilla.suse.com/1193742
https://bugzilla.suse.com/1199413
1
0
SUSE-SU-2022:1830-1: important: Security update for MozillaFirefox
by opensuse-security@opensuse.org 24 May '22
by opensuse-security@opensuse.org 24 May '22
24 May '22
SUSE Security Update: Security update for MozillaFirefox
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1830-1
Rating: important
References: #1199768
Cross-References: CVE-2022-1529 CVE-2022-1802
CVSS scores:
CVE-2022-1529 (SUSE): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-1802 (SUSE): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected Products:
SUSE Enterprise Storage 7
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Desktop Applications 15-SP3
SUSE Linux Enterprise Module for Desktop Applications 15-SP4
SUSE Linux Enterprise Server 15-SP2-BCL
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.1
SUSE Manager Server 4.1
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for MozillaFirefox fixes the following issues:
Firefox Extended Support Release 91.9.1 ESR - MFSA 2022-19 (bsc#1199768):
- CVE-2022-1802: Prototype pollution in Top-Level Await implementation
- CVE-2022-1529: Untrusted input used in JavaScript object indexing,
leading to prototype pollution
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1830=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1830=1
- SUSE Manager Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-1830=1
- SUSE Manager Retail Branch Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-1830=1
- SUSE Manager Proxy 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-1830=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-1830=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-1830=1
- SUSE Linux Enterprise Server 15-SP2-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-1830=1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP4:
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP4-2022-1830=1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP3:
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP3-2022-1830=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-1830=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-1830=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2022-1830=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
MozillaFirefox-91.9.1-150200.152.40.1
MozillaFirefox-branding-upstream-91.9.1-150200.152.40.1
MozillaFirefox-debuginfo-91.9.1-150200.152.40.1
MozillaFirefox-debugsource-91.9.1-150200.152.40.1
MozillaFirefox-devel-91.9.1-150200.152.40.1
MozillaFirefox-translations-common-91.9.1-150200.152.40.1
MozillaFirefox-translations-other-91.9.1-150200.152.40.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
MozillaFirefox-91.9.1-150200.152.40.1
MozillaFirefox-branding-upstream-91.9.1-150200.152.40.1
MozillaFirefox-debuginfo-91.9.1-150200.152.40.1
MozillaFirefox-debugsource-91.9.1-150200.152.40.1
MozillaFirefox-devel-91.9.1-150200.152.40.1
MozillaFirefox-translations-common-91.9.1-150200.152.40.1
MozillaFirefox-translations-other-91.9.1-150200.152.40.1
- SUSE Manager Server 4.1 (ppc64le s390x x86_64):
MozillaFirefox-91.9.1-150200.152.40.1
MozillaFirefox-debuginfo-91.9.1-150200.152.40.1
MozillaFirefox-debugsource-91.9.1-150200.152.40.1
MozillaFirefox-devel-91.9.1-150200.152.40.1
MozillaFirefox-translations-common-91.9.1-150200.152.40.1
MozillaFirefox-translations-other-91.9.1-150200.152.40.1
- SUSE Manager Retail Branch Server 4.1 (x86_64):
MozillaFirefox-91.9.1-150200.152.40.1
MozillaFirefox-debuginfo-91.9.1-150200.152.40.1
MozillaFirefox-debugsource-91.9.1-150200.152.40.1
MozillaFirefox-devel-91.9.1-150200.152.40.1
MozillaFirefox-translations-common-91.9.1-150200.152.40.1
MozillaFirefox-translations-other-91.9.1-150200.152.40.1
- SUSE Manager Proxy 4.1 (x86_64):
MozillaFirefox-91.9.1-150200.152.40.1
MozillaFirefox-debuginfo-91.9.1-150200.152.40.1
MozillaFirefox-debugsource-91.9.1-150200.152.40.1
MozillaFirefox-devel-91.9.1-150200.152.40.1
MozillaFirefox-translations-common-91.9.1-150200.152.40.1
MozillaFirefox-translations-other-91.9.1-150200.152.40.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64):
MozillaFirefox-91.9.1-150200.152.40.1
MozillaFirefox-debuginfo-91.9.1-150200.152.40.1
MozillaFirefox-debugsource-91.9.1-150200.152.40.1
MozillaFirefox-devel-91.9.1-150200.152.40.1
MozillaFirefox-translations-common-91.9.1-150200.152.40.1
MozillaFirefox-translations-other-91.9.1-150200.152.40.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64):
MozillaFirefox-91.9.1-150200.152.40.1
MozillaFirefox-debuginfo-91.9.1-150200.152.40.1
MozillaFirefox-debugsource-91.9.1-150200.152.40.1
MozillaFirefox-devel-91.9.1-150200.152.40.1
MozillaFirefox-translations-common-91.9.1-150200.152.40.1
MozillaFirefox-translations-other-91.9.1-150200.152.40.1
- SUSE Linux Enterprise Server 15-SP2-BCL (x86_64):
MozillaFirefox-91.9.1-150200.152.40.1
MozillaFirefox-debuginfo-91.9.1-150200.152.40.1
MozillaFirefox-debugsource-91.9.1-150200.152.40.1
MozillaFirefox-devel-91.9.1-150200.152.40.1
MozillaFirefox-translations-common-91.9.1-150200.152.40.1
MozillaFirefox-translations-other-91.9.1-150200.152.40.1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP4 (aarch64 ppc64le s390x x86_64):
MozillaFirefox-91.9.1-150200.152.40.1
MozillaFirefox-debuginfo-91.9.1-150200.152.40.1
MozillaFirefox-debugsource-91.9.1-150200.152.40.1
MozillaFirefox-translations-common-91.9.1-150200.152.40.1
MozillaFirefox-translations-other-91.9.1-150200.152.40.1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP4 (aarch64 ppc64le x86_64):
MozillaFirefox-devel-91.9.1-150200.152.40.1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP3 (aarch64 ppc64le s390x x86_64):
MozillaFirefox-91.9.1-150200.152.40.1
MozillaFirefox-debuginfo-91.9.1-150200.152.40.1
MozillaFirefox-debugsource-91.9.1-150200.152.40.1
MozillaFirefox-translations-common-91.9.1-150200.152.40.1
MozillaFirefox-translations-other-91.9.1-150200.152.40.1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP3 (aarch64 ppc64le x86_64):
MozillaFirefox-devel-91.9.1-150200.152.40.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64):
MozillaFirefox-91.9.1-150200.152.40.1
MozillaFirefox-debuginfo-91.9.1-150200.152.40.1
MozillaFirefox-debugsource-91.9.1-150200.152.40.1
MozillaFirefox-devel-91.9.1-150200.152.40.1
MozillaFirefox-translations-common-91.9.1-150200.152.40.1
MozillaFirefox-translations-other-91.9.1-150200.152.40.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (aarch64 x86_64):
MozillaFirefox-91.9.1-150200.152.40.1
MozillaFirefox-debuginfo-91.9.1-150200.152.40.1
MozillaFirefox-debugsource-91.9.1-150200.152.40.1
MozillaFirefox-devel-91.9.1-150200.152.40.1
MozillaFirefox-translations-common-91.9.1-150200.152.40.1
MozillaFirefox-translations-other-91.9.1-150200.152.40.1
- SUSE Enterprise Storage 7 (aarch64 x86_64):
MozillaFirefox-91.9.1-150200.152.40.1
MozillaFirefox-debuginfo-91.9.1-150200.152.40.1
MozillaFirefox-debugsource-91.9.1-150200.152.40.1
MozillaFirefox-devel-91.9.1-150200.152.40.1
MozillaFirefox-translations-common-91.9.1-150200.152.40.1
MozillaFirefox-translations-other-91.9.1-150200.152.40.1
References:
https://www.suse.com/security/cve/CVE-2022-1529.html
https://www.suse.com/security/cve/CVE-2022-1802.html
https://bugzilla.suse.com/1199768
1
0
SUSE-SU-2022:1831-1: important: Security update for slurm_20_11
by opensuse-security@opensuse.org 24 May '22
by opensuse-security@opensuse.org 24 May '22
24 May '22
SUSE Security Update: Security update for slurm_20_11
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1831-1
Rating: important
References: #1199278 #1199279
Cross-References: CVE-2022-29500 CVE-2022-29501
CVSS scores:
CVE-2022-29500 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-29500 (SUSE): 9.9 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
CVE-2022-29501 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-29501 (SUSE): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products:
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for slurm_20_11 fixes the following issues:
- CVE-2022-29500: Fixed architectural flaw that could have been exploited
to allow an unprivileged user to execute arbitrary processes as root
(bsc#1199278).
- CVE-2022-29501: Fixed a problem that an unprivileged user could have
sent data to arbitrary unix socket as root (bsc#1199279).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1831=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1831=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-1831=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-1831=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
libnss_slurm2_20_11-20.11.9-150200.6.10.1
libnss_slurm2_20_11-debuginfo-20.11.9-150200.6.10.1
libpmi0_20_11-20.11.9-150200.6.10.1
libpmi0_20_11-debuginfo-20.11.9-150200.6.10.1
perl-slurm_20_11-20.11.9-150200.6.10.1
perl-slurm_20_11-debuginfo-20.11.9-150200.6.10.1
slurm_20_11-20.11.9-150200.6.10.1
slurm_20_11-auth-none-20.11.9-150200.6.10.1
slurm_20_11-auth-none-debuginfo-20.11.9-150200.6.10.1
slurm_20_11-config-20.11.9-150200.6.10.1
slurm_20_11-config-man-20.11.9-150200.6.10.1
slurm_20_11-cray-20.11.9-150200.6.10.1
slurm_20_11-cray-debuginfo-20.11.9-150200.6.10.1
slurm_20_11-debuginfo-20.11.9-150200.6.10.1
slurm_20_11-debugsource-20.11.9-150200.6.10.1
slurm_20_11-devel-20.11.9-150200.6.10.1
slurm_20_11-doc-20.11.9-150200.6.10.1
slurm_20_11-hdf5-20.11.9-150200.6.10.1
slurm_20_11-hdf5-debuginfo-20.11.9-150200.6.10.1
slurm_20_11-lua-20.11.9-150200.6.10.1
slurm_20_11-lua-debuginfo-20.11.9-150200.6.10.1
slurm_20_11-munge-20.11.9-150200.6.10.1
slurm_20_11-munge-debuginfo-20.11.9-150200.6.10.1
slurm_20_11-node-20.11.9-150200.6.10.1
slurm_20_11-node-debuginfo-20.11.9-150200.6.10.1
slurm_20_11-openlava-20.11.9-150200.6.10.1
slurm_20_11-pam_slurm-20.11.9-150200.6.10.1
slurm_20_11-pam_slurm-debuginfo-20.11.9-150200.6.10.1
slurm_20_11-plugins-20.11.9-150200.6.10.1
slurm_20_11-plugins-debuginfo-20.11.9-150200.6.10.1
slurm_20_11-rest-20.11.9-150200.6.10.1
slurm_20_11-rest-debuginfo-20.11.9-150200.6.10.1
slurm_20_11-seff-20.11.9-150200.6.10.1
slurm_20_11-sjstat-20.11.9-150200.6.10.1
slurm_20_11-slurmdbd-20.11.9-150200.6.10.1
slurm_20_11-slurmdbd-debuginfo-20.11.9-150200.6.10.1
slurm_20_11-sql-20.11.9-150200.6.10.1
slurm_20_11-sql-debuginfo-20.11.9-150200.6.10.1
slurm_20_11-sview-20.11.9-150200.6.10.1
slurm_20_11-sview-debuginfo-20.11.9-150200.6.10.1
slurm_20_11-torque-20.11.9-150200.6.10.1
slurm_20_11-torque-debuginfo-20.11.9-150200.6.10.1
slurm_20_11-webdoc-20.11.9-150200.6.10.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
libnss_slurm2_20_11-20.11.9-150200.6.10.1
libnss_slurm2_20_11-debuginfo-20.11.9-150200.6.10.1
libpmi0_20_11-20.11.9-150200.6.10.1
libpmi0_20_11-debuginfo-20.11.9-150200.6.10.1
perl-slurm_20_11-20.11.9-150200.6.10.1
perl-slurm_20_11-debuginfo-20.11.9-150200.6.10.1
slurm_20_11-20.11.9-150200.6.10.1
slurm_20_11-auth-none-20.11.9-150200.6.10.1
slurm_20_11-auth-none-debuginfo-20.11.9-150200.6.10.1
slurm_20_11-config-20.11.9-150200.6.10.1
slurm_20_11-config-man-20.11.9-150200.6.10.1
slurm_20_11-cray-20.11.9-150200.6.10.1
slurm_20_11-cray-debuginfo-20.11.9-150200.6.10.1
slurm_20_11-debuginfo-20.11.9-150200.6.10.1
slurm_20_11-debugsource-20.11.9-150200.6.10.1
slurm_20_11-devel-20.11.9-150200.6.10.1
slurm_20_11-doc-20.11.9-150200.6.10.1
slurm_20_11-hdf5-20.11.9-150200.6.10.1
slurm_20_11-hdf5-debuginfo-20.11.9-150200.6.10.1
slurm_20_11-lua-20.11.9-150200.6.10.1
slurm_20_11-lua-debuginfo-20.11.9-150200.6.10.1
slurm_20_11-munge-20.11.9-150200.6.10.1
slurm_20_11-munge-debuginfo-20.11.9-150200.6.10.1
slurm_20_11-node-20.11.9-150200.6.10.1
slurm_20_11-node-debuginfo-20.11.9-150200.6.10.1
slurm_20_11-openlava-20.11.9-150200.6.10.1
slurm_20_11-pam_slurm-20.11.9-150200.6.10.1
slurm_20_11-pam_slurm-debuginfo-20.11.9-150200.6.10.1
slurm_20_11-plugins-20.11.9-150200.6.10.1
slurm_20_11-plugins-debuginfo-20.11.9-150200.6.10.1
slurm_20_11-rest-20.11.9-150200.6.10.1
slurm_20_11-rest-debuginfo-20.11.9-150200.6.10.1
slurm_20_11-seff-20.11.9-150200.6.10.1
slurm_20_11-sjstat-20.11.9-150200.6.10.1
slurm_20_11-slurmdbd-20.11.9-150200.6.10.1
slurm_20_11-slurmdbd-debuginfo-20.11.9-150200.6.10.1
slurm_20_11-sql-20.11.9-150200.6.10.1
slurm_20_11-sql-debuginfo-20.11.9-150200.6.10.1
slurm_20_11-sview-20.11.9-150200.6.10.1
slurm_20_11-sview-debuginfo-20.11.9-150200.6.10.1
slurm_20_11-torque-20.11.9-150200.6.10.1
slurm_20_11-torque-debuginfo-20.11.9-150200.6.10.1
slurm_20_11-webdoc-20.11.9-150200.6.10.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64):
libnss_slurm2_20_11-20.11.9-150200.6.10.1
libpmi0_20_11-20.11.9-150200.6.10.1
libslurm36-20.11.9-150200.6.10.1
libslurm36-debuginfo-20.11.9-150200.6.10.1
perl-slurm_20_11-20.11.9-150200.6.10.1
slurm_20_11-20.11.9-150200.6.10.1
slurm_20_11-auth-none-20.11.9-150200.6.10.1
slurm_20_11-config-20.11.9-150200.6.10.1
slurm_20_11-config-man-20.11.9-150200.6.10.1
slurm_20_11-devel-20.11.9-150200.6.10.1
slurm_20_11-doc-20.11.9-150200.6.10.1
slurm_20_11-lua-20.11.9-150200.6.10.1
slurm_20_11-munge-20.11.9-150200.6.10.1
slurm_20_11-node-20.11.9-150200.6.10.1
slurm_20_11-pam_slurm-20.11.9-150200.6.10.1
slurm_20_11-plugins-20.11.9-150200.6.10.1
slurm_20_11-slurmdbd-20.11.9-150200.6.10.1
slurm_20_11-sql-20.11.9-150200.6.10.1
slurm_20_11-sview-20.11.9-150200.6.10.1
slurm_20_11-torque-20.11.9-150200.6.10.1
slurm_20_11-webdoc-20.11.9-150200.6.10.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (aarch64 x86_64):
libnss_slurm2_20_11-20.11.9-150200.6.10.1
libpmi0_20_11-20.11.9-150200.6.10.1
libslurm36-20.11.9-150200.6.10.1
libslurm36-debuginfo-20.11.9-150200.6.10.1
perl-slurm_20_11-20.11.9-150200.6.10.1
slurm_20_11-20.11.9-150200.6.10.1
slurm_20_11-auth-none-20.11.9-150200.6.10.1
slurm_20_11-config-20.11.9-150200.6.10.1
slurm_20_11-config-man-20.11.9-150200.6.10.1
slurm_20_11-devel-20.11.9-150200.6.10.1
slurm_20_11-doc-20.11.9-150200.6.10.1
slurm_20_11-lua-20.11.9-150200.6.10.1
slurm_20_11-munge-20.11.9-150200.6.10.1
slurm_20_11-node-20.11.9-150200.6.10.1
slurm_20_11-pam_slurm-20.11.9-150200.6.10.1
slurm_20_11-plugins-20.11.9-150200.6.10.1
slurm_20_11-slurmdbd-20.11.9-150200.6.10.1
slurm_20_11-sql-20.11.9-150200.6.10.1
slurm_20_11-sview-20.11.9-150200.6.10.1
slurm_20_11-torque-20.11.9-150200.6.10.1
slurm_20_11-webdoc-20.11.9-150200.6.10.1
References:
https://www.suse.com/security/cve/CVE-2022-29500.html
https://www.suse.com/security/cve/CVE-2022-29501.html
https://bugzilla.suse.com/1199278
https://bugzilla.suse.com/1199279
1
0
openSUSE-SU-2022:0145-1: moderate: Security update for cacti, cacti-spine
by opensuse-security@opensuse.org 24 May '22
by opensuse-security@opensuse.org 24 May '22
24 May '22
openSUSE Security Update: Security update for cacti, cacti-spine
______________________________________________________________________________
Announcement ID: openSUSE-SU-2022:0145-1
Rating: moderate
References: #1192408 #1196692
Cross-References: CVE-2022-0730
CVSS scores:
CVE-2022-0730 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products:
openSUSE Backports SLE-15-SP3
______________________________________________________________________________
An update that solves one vulnerability and has one errata
is now available.
Description:
This update for cacti, cacti-spine fixes the following issues:
cacti-spine was updated to 1.2.20:
* Add support for newer versions of MySQL/MariaDB
* When checking for uptime of device, don't assume a non-response is
always fatal
* Fix description and command trunctation issues
* Improve spine performance when only one snmp agent port is in use
cacti-spine 1.2.19:
* Fix 1ssues with polling loop may skip some datasources
* Fix ping no longer works due to hostname changes
* Fix RRD steps are not always calculated correctly
* Fix unable to build when DES no longer supported
* Fix IPv6 devices are not properly parsed
* Reduce a number of compiler warnings
* Fix compiler warnings due to lack of return in thread_mutex_trylock
* Fix Spine will not look at non-timetics uptime when sysUpTimeInstance
overflows
* Improve performance of Cacti poller on heavily loaded systems
cacti-spine 1.2.20:
* Add support for newer versions of MySQL/MariaDB
* When checking for uptime of device, don't assume a non-response is
always fatal
* Fix description and command trunctation issues
* Improve spine performance when only one snmp agent port is in use
cacti was updated to 1.2.20:
* Security fix for CVE-2022-0730, boo#1196692 Under certain ldap
conditions, Cacti authentication can be bypassed with certain
credential types.
* Security fix: Device, Graph, Graph Template, and Graph Items may be
vulnerable to XSS issues
* Security fix: Lockout policies are not properly applied to LDAP and
Domain Users
* Security fix: When using 'remember me' option, incorrect realm may be
selected
* Security fix: User and Group maintenance are vulnerable to SQL attacks
* Security fix: Color Templates are vulnerable to XSS attack
* Features:
* When creating a Data Source Profile, allow additional choices for
Heartbeat
* Change select all options to use Font Awesome icons
* Improve spine performance by storing the total number of system
snmp_ports in use
* Prevent Template User Accounts from being Removed
* When managing by users, allow filtering by Realm
* Allow plugins to supply template account names
* When viewing logs, additional message types should be filterable
* When creating a Graph Template Item, allow filtering by Data Template
* Allow language handler to be selected via UI
* Updated Device packages for Synology, Citrix NetScaler, Cisco
ASA/Cisco
* Add Advanced Ping Graph Template to initial Installable templates
* Add LDAP Debug Mode option
* Allow Reports to include devices not on a Tree
* Allow Basic Authentication to display custom failure message
* Fix: When replicating data during installation/upgrade, system may
appear to hang
* Fix: Graph Template Items may have duplicated entries
* Fix: Unable to Save Graph Settings
* Fix: Script Server may crash if an OID is missing or unavailable
* Fix: When system-wide polling is disabled, remote pollers may fail to
sync changed settings
* Fix: When updating poller name, duplicate name protection may be over
zealous
* Fix: Titles may show "Missing Datasource" incorectly
* Fix: Checking for MIB Cache can cause crashes
* Fix: Polling cycles may not always complete as expected
* Fix: When viewing graph data, non-numeric values may appear
* Fix: Utilities view has calculation errors when there are no data
sources
* Fix: When editing Reports, drag and drop may not function as intended
* Fix: When data drive is full, viewing a Graph can result in errors
* Various other bug fixes
cacti 1.2.19:
* Further fixes for grave character security protection (boo#1192408)
* Fix Over aggressive escaping causing menu visibility issues on Create
Device page
* Add SHA256 and AES256 security levels for SNMP polling
* Import graph template(Preview Only) show color_id new value as a blank
area
* Fix Editing graphs errors due to missing sequence
* Fix 2hen hovering over a Tree Graph, row shows same highlighting as
Graph Edit screen
* Fix 2hen RealTime is not active, console errors may appear
* Fix race conditions may occur when multiple RRDtool processes are
running
* Fix errors creating graphs from templates
* Fix errors when duplicating reports
* Fix Boost may be blocked by overflowing poller_output table
* Fix Template import may be blocked due to unmet dependency warnings
with snmp ports
* Fix Newer MySQL versions may error if committing a transaction when
not in one
* Fix SNMP Agent may not find a cache item
* Fix Correct issues running under PHP 8.x
* Fix When polling is disabled, boost may crash and creates many arch
tables
* Fix When poller runs, memory tables may not always be present
* Fix Timezones may sometimes be incorrectly calculated
* Fix Allow monitoring IPv6 with interface graphs
* Fix When a data source uses a Data Input Method, those without a
mapping should be flagged
* Fix When RRDfile is not yet created, errors may appear when displaying
the graph
* Fix Cacti missing key indexes that result in Preset pages slowdowns
* Fix Data Sources page shows no name when Data Source has no name cache
* Fix db_update_table function can not alter table from signed to
unsigned
* Fix data remains in poller_output table even if it's flushed to rrd
files
* Fix Parameter list for lib/database.php:db_connect_real() is not
correct in 3 places
* Fix Offset is a reserved word in MariaDB 10.6 affecting Report
* Fix Rendering large trees slowed due to lack of permission caching
* Fix Error on interpretation of snmpUtime, when to big
* Fix Applying right axis formatting creates an error-image
* Fix Unable to Save Graph Settings from the Graphs pages
* Fix Graph Template Cache is nullified too often when Graph Automation
is running
* Fix When Adding a Data Query to a Device, no Progress Spinner is shown
* Fix New Browser Breaks Plugins that depend on non UTC date time data
* Fix errors when testing remote poller connectivity
* Fix errors when renaming poller
* Fix Removing spikes by Variance does not appear to be working beyond
the first RRA
* Fix LDAP API lacks timeout options leading to bad login experiences
* Add a normal/wrap class for general use
* Limit File Types available for Template Import operations
* Fix Cacti does not provide an option of providing a client side
certificate for LDAP/AD authentication
* Support Stronger Encryption Available Starting in Net-SNMP v5.8
* Allow Cacti to use multiple possible LDAP servers
* Add a 15 minute polling/sampling interval
* Provide additional admin email notifications
* Add warnings for undesired changes to plugin hook return values
* When creating a Graph, make testing the Data Sources optional by
Template
* Update phpseclib to 2.0.33
* Update jstree.js to 3.3.12
* Improve performance of Cacti poller on heavily loaded systems
* MariaDB recommendations need some tuning for recent updates
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Backports SLE-15-SP3:
zypper in -t patch openSUSE-2022-145=1
Package List:
- openSUSE Backports SLE-15-SP3 (aarch64 i586 ppc64le s390x x86_64):
cacti-spine-1.2.20-bp153.2.9.1
- openSUSE Backports SLE-15-SP3 (noarch):
cacti-1.2.20-bp153.2.9.1
References:
https://www.suse.com/security/cve/CVE-2022-0730.html
https://bugzilla.suse.com/1192408
https://bugzilla.suse.com/1196692
1
0
SUSE-SU-2022:1803-1: moderate: Security update for libarchive
by opensuse-security@opensuse.org 23 May '22
by opensuse-security@opensuse.org 23 May '22
23 May '22
SUSE Security Update: Security update for libarchive
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1803-1
Rating: moderate
References: #1197634
Cross-References: CVE-2022-26280
CVSS scores:
CVE-2022-26280 (NVD) : 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
CVE-2022-26280 (SUSE): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H
Affected Products:
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Development Tools 15-SP3
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Manager Proxy 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.3
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for libarchive fixes the following issues:
- CVE-2022-26280: Fixed out-of-bounds read via the component
zipx_lzma_alone_init (bsc#1197634).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1803=1
- SUSE Linux Enterprise Module for Development Tools 15-SP3:
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP3-2022-1803=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-1803=1
Package List:
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
bsdtar-3.4.2-150200.4.6.1
bsdtar-debuginfo-3.4.2-150200.4.6.1
libarchive-debugsource-3.4.2-150200.4.6.1
libarchive-devel-3.4.2-150200.4.6.1
libarchive13-3.4.2-150200.4.6.1
libarchive13-debuginfo-3.4.2-150200.4.6.1
- openSUSE Leap 15.3 (x86_64):
libarchive13-32bit-3.4.2-150200.4.6.1
libarchive13-32bit-debuginfo-3.4.2-150200.4.6.1
- SUSE Linux Enterprise Module for Development Tools 15-SP3 (aarch64 ppc64le s390x x86_64):
bsdtar-3.4.2-150200.4.6.1
bsdtar-debuginfo-3.4.2-150200.4.6.1
libarchive-debugsource-3.4.2-150200.4.6.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64):
libarchive-debugsource-3.4.2-150200.4.6.1
libarchive-devel-3.4.2-150200.4.6.1
libarchive13-3.4.2-150200.4.6.1
libarchive13-debuginfo-3.4.2-150200.4.6.1
References:
https://www.suse.com/security/cve/CVE-2022-26280.html
https://bugzilla.suse.com/1197634
1
0
openSUSE-SU-2022:0143-1: critical: Security update for librecad
by opensuse-security@opensuse.org 23 May '22
by opensuse-security@opensuse.org 23 May '22
23 May '22
openSUSE Security Update: Security update for librecad
______________________________________________________________________________
Announcement ID: openSUSE-SU-2022:0143-1
Rating: critical
References: #1195105 #1195122
Cross-References: CVE-2021-45341 CVE-2021-45342
CVSS scores:
CVE-2021-45341 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-45342 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected Products:
openSUSE Backports SLE-15-SP3
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for librecad fixes the following issues:
- CVE-2021-45341: Fixed a buffer overflow vulnerability in LibreCAD that
allowed an attacker to achieve remote code execution via a crafted JWW
document [boo#1195105]
- CVE-2021-45342: Fixed a buffer overflow vulnerability in jwwlib in
LibreCAD allows an attacker to achieve remote code execution via a
crafted JWW document [boo#1195122]
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Backports SLE-15-SP3:
zypper in -t patch openSUSE-2022-143=1
Package List:
- openSUSE Backports SLE-15-SP3 (aarch64 ppc64le s390x x86_64):
librecad-2.2.0~rc3-bp153.2.9.1
- openSUSE Backports SLE-15-SP3 (noarch):
librecad-parts-2.2.0~rc3-bp153.2.9.1
References:
https://www.suse.com/security/cve/CVE-2021-45341.html
https://www.suse.com/security/cve/CVE-2021-45342.html
https://bugzilla.suse.com/1195105
https://bugzilla.suse.com/1195122
1
0
openSUSE-SU-2022:0142-1: moderate: Security update for libxls
by opensuse-security@opensuse.org 21 May '22
by opensuse-security@opensuse.org 21 May '22
21 May '22
openSUSE Security Update: Security update for libxls
______________________________________________________________________________
Announcement ID: openSUSE-SU-2022:0142-1
Rating: moderate
References: #1192323
Cross-References: CVE-2021-27836
Affected Products:
openSUSE Backports SLE-15-SP3
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for libxls fixes the following issues:
- CVE-2021-27836: Fixed possible NULL pointer dereference via crafted XLS
(boo#1192323)
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Backports SLE-15-SP3:
zypper in -t patch openSUSE-2022-142=1
Package List:
- openSUSE Backports SLE-15-SP3 (aarch64 i586 ppc64le s390x x86_64):
libxls-devel-1.6.2-bp153.2.6.1
libxls-tools-1.6.2-bp153.2.6.1
libxlsreader8-1.6.2-bp153.2.6.1
References:
https://www.suse.com/security/cve/CVE-2021-27836.html
https://bugzilla.suse.com/1192323
1
0
20 May '22
SUSE Security Update: Security update for php7
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1768-1
Rating: low
References: #1197644
Affected Products:
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3
SUSE Linux Enterprise Module for Web Scripting 15-SP3
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Manager Proxy 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that contains security fixes can now be installed.
Description:
This update for php7 fixes the following issues:
- Fixed filter_var bypass vulnerability (bsc#1197644).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1768=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1768=1
- SUSE Linux Enterprise Module for Web Scripting 15-SP3:
zypper in -t patch SUSE-SLE-Module-Web-Scripting-15-SP3-2022-1768=1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3:
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP3-2022-1768=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
php7-firebird-7.4.6-150200.3.38.2
php7-firebird-debuginfo-7.4.6-150200.3.38.2
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
apache2-mod_php7-7.4.6-150200.3.38.2
apache2-mod_php7-debuginfo-7.4.6-150200.3.38.2
php7-7.4.6-150200.3.38.2
php7-bcmath-7.4.6-150200.3.38.2
php7-bcmath-debuginfo-7.4.6-150200.3.38.2
php7-bz2-7.4.6-150200.3.38.2
php7-bz2-debuginfo-7.4.6-150200.3.38.2
php7-calendar-7.4.6-150200.3.38.2
php7-calendar-debuginfo-7.4.6-150200.3.38.2
php7-ctype-7.4.6-150200.3.38.2
php7-ctype-debuginfo-7.4.6-150200.3.38.2
php7-curl-7.4.6-150200.3.38.2
php7-curl-debuginfo-7.4.6-150200.3.38.2
php7-dba-7.4.6-150200.3.38.2
php7-dba-debuginfo-7.4.6-150200.3.38.2
php7-debuginfo-7.4.6-150200.3.38.2
php7-debugsource-7.4.6-150200.3.38.2
php7-devel-7.4.6-150200.3.38.2
php7-dom-7.4.6-150200.3.38.2
php7-dom-debuginfo-7.4.6-150200.3.38.2
php7-embed-7.4.6-150200.3.38.2
php7-embed-debuginfo-7.4.6-150200.3.38.2
php7-enchant-7.4.6-150200.3.38.2
php7-enchant-debuginfo-7.4.6-150200.3.38.2
php7-exif-7.4.6-150200.3.38.2
php7-exif-debuginfo-7.4.6-150200.3.38.2
php7-fastcgi-7.4.6-150200.3.38.2
php7-fastcgi-debuginfo-7.4.6-150200.3.38.2
php7-fileinfo-7.4.6-150200.3.38.2
php7-fileinfo-debuginfo-7.4.6-150200.3.38.2
php7-firebird-7.4.6-150200.3.38.2
php7-firebird-debuginfo-7.4.6-150200.3.38.2
php7-fpm-7.4.6-150200.3.38.2
php7-fpm-debuginfo-7.4.6-150200.3.38.2
php7-ftp-7.4.6-150200.3.38.2
php7-ftp-debuginfo-7.4.6-150200.3.38.2
php7-gd-7.4.6-150200.3.38.2
php7-gd-debuginfo-7.4.6-150200.3.38.2
php7-gettext-7.4.6-150200.3.38.2
php7-gettext-debuginfo-7.4.6-150200.3.38.2
php7-gmp-7.4.6-150200.3.38.2
php7-gmp-debuginfo-7.4.6-150200.3.38.2
php7-iconv-7.4.6-150200.3.38.2
php7-iconv-debuginfo-7.4.6-150200.3.38.2
php7-intl-7.4.6-150200.3.38.2
php7-intl-debuginfo-7.4.6-150200.3.38.2
php7-json-7.4.6-150200.3.38.2
php7-json-debuginfo-7.4.6-150200.3.38.2
php7-ldap-7.4.6-150200.3.38.2
php7-ldap-debuginfo-7.4.6-150200.3.38.2
php7-mbstring-7.4.6-150200.3.38.2
php7-mbstring-debuginfo-7.4.6-150200.3.38.2
php7-mysql-7.4.6-150200.3.38.2
php7-mysql-debuginfo-7.4.6-150200.3.38.2
php7-odbc-7.4.6-150200.3.38.2
php7-odbc-debuginfo-7.4.6-150200.3.38.2
php7-opcache-7.4.6-150200.3.38.2
php7-opcache-debuginfo-7.4.6-150200.3.38.2
php7-openssl-7.4.6-150200.3.38.2
php7-openssl-debuginfo-7.4.6-150200.3.38.2
php7-pcntl-7.4.6-150200.3.38.2
php7-pcntl-debuginfo-7.4.6-150200.3.38.2
php7-pdo-7.4.6-150200.3.38.2
php7-pdo-debuginfo-7.4.6-150200.3.38.2
php7-pgsql-7.4.6-150200.3.38.2
php7-pgsql-debuginfo-7.4.6-150200.3.38.2
php7-phar-7.4.6-150200.3.38.2
php7-phar-debuginfo-7.4.6-150200.3.38.2
php7-posix-7.4.6-150200.3.38.2
php7-posix-debuginfo-7.4.6-150200.3.38.2
php7-readline-7.4.6-150200.3.38.2
php7-readline-debuginfo-7.4.6-150200.3.38.2
php7-shmop-7.4.6-150200.3.38.2
php7-shmop-debuginfo-7.4.6-150200.3.38.2
php7-snmp-7.4.6-150200.3.38.2
php7-snmp-debuginfo-7.4.6-150200.3.38.2
php7-soap-7.4.6-150200.3.38.2
php7-soap-debuginfo-7.4.6-150200.3.38.2
php7-sockets-7.4.6-150200.3.38.2
php7-sockets-debuginfo-7.4.6-150200.3.38.2
php7-sodium-7.4.6-150200.3.38.2
php7-sodium-debuginfo-7.4.6-150200.3.38.2
php7-sqlite-7.4.6-150200.3.38.2
php7-sqlite-debuginfo-7.4.6-150200.3.38.2
php7-sysvmsg-7.4.6-150200.3.38.2
php7-sysvmsg-debuginfo-7.4.6-150200.3.38.2
php7-sysvsem-7.4.6-150200.3.38.2
php7-sysvsem-debuginfo-7.4.6-150200.3.38.2
php7-sysvshm-7.4.6-150200.3.38.2
php7-sysvshm-debuginfo-7.4.6-150200.3.38.2
php7-test-7.4.6-150200.3.38.2
php7-tidy-7.4.6-150200.3.38.2
php7-tidy-debuginfo-7.4.6-150200.3.38.2
php7-tokenizer-7.4.6-150200.3.38.2
php7-tokenizer-debuginfo-7.4.6-150200.3.38.2
php7-xmlreader-7.4.6-150200.3.38.2
php7-xmlreader-debuginfo-7.4.6-150200.3.38.2
php7-xmlrpc-7.4.6-150200.3.38.2
php7-xmlrpc-debuginfo-7.4.6-150200.3.38.2
php7-xmlwriter-7.4.6-150200.3.38.2
php7-xmlwriter-debuginfo-7.4.6-150200.3.38.2
php7-xsl-7.4.6-150200.3.38.2
php7-xsl-debuginfo-7.4.6-150200.3.38.2
php7-zip-7.4.6-150200.3.38.2
php7-zip-debuginfo-7.4.6-150200.3.38.2
php7-zlib-7.4.6-150200.3.38.2
php7-zlib-debuginfo-7.4.6-150200.3.38.2
- SUSE Linux Enterprise Module for Web Scripting 15-SP3 (aarch64 ppc64le s390x x86_64):
apache2-mod_php7-7.4.6-150200.3.38.2
apache2-mod_php7-debuginfo-7.4.6-150200.3.38.2
php7-7.4.6-150200.3.38.2
php7-bcmath-7.4.6-150200.3.38.2
php7-bcmath-debuginfo-7.4.6-150200.3.38.2
php7-bz2-7.4.6-150200.3.38.2
php7-bz2-debuginfo-7.4.6-150200.3.38.2
php7-calendar-7.4.6-150200.3.38.2
php7-calendar-debuginfo-7.4.6-150200.3.38.2
php7-ctype-7.4.6-150200.3.38.2
php7-ctype-debuginfo-7.4.6-150200.3.38.2
php7-curl-7.4.6-150200.3.38.2
php7-curl-debuginfo-7.4.6-150200.3.38.2
php7-dba-7.4.6-150200.3.38.2
php7-dba-debuginfo-7.4.6-150200.3.38.2
php7-debuginfo-7.4.6-150200.3.38.2
php7-debugsource-7.4.6-150200.3.38.2
php7-devel-7.4.6-150200.3.38.2
php7-dom-7.4.6-150200.3.38.2
php7-dom-debuginfo-7.4.6-150200.3.38.2
php7-enchant-7.4.6-150200.3.38.2
php7-enchant-debuginfo-7.4.6-150200.3.38.2
php7-exif-7.4.6-150200.3.38.2
php7-exif-debuginfo-7.4.6-150200.3.38.2
php7-fastcgi-7.4.6-150200.3.38.2
php7-fastcgi-debuginfo-7.4.6-150200.3.38.2
php7-fileinfo-7.4.6-150200.3.38.2
php7-fileinfo-debuginfo-7.4.6-150200.3.38.2
php7-fpm-7.4.6-150200.3.38.2
php7-fpm-debuginfo-7.4.6-150200.3.38.2
php7-ftp-7.4.6-150200.3.38.2
php7-ftp-debuginfo-7.4.6-150200.3.38.2
php7-gd-7.4.6-150200.3.38.2
php7-gd-debuginfo-7.4.6-150200.3.38.2
php7-gettext-7.4.6-150200.3.38.2
php7-gettext-debuginfo-7.4.6-150200.3.38.2
php7-gmp-7.4.6-150200.3.38.2
php7-gmp-debuginfo-7.4.6-150200.3.38.2
php7-iconv-7.4.6-150200.3.38.2
php7-iconv-debuginfo-7.4.6-150200.3.38.2
php7-intl-7.4.6-150200.3.38.2
php7-intl-debuginfo-7.4.6-150200.3.38.2
php7-json-7.4.6-150200.3.38.2
php7-json-debuginfo-7.4.6-150200.3.38.2
php7-ldap-7.4.6-150200.3.38.2
php7-ldap-debuginfo-7.4.6-150200.3.38.2
php7-mbstring-7.4.6-150200.3.38.2
php7-mbstring-debuginfo-7.4.6-150200.3.38.2
php7-mysql-7.4.6-150200.3.38.2
php7-mysql-debuginfo-7.4.6-150200.3.38.2
php7-odbc-7.4.6-150200.3.38.2
php7-odbc-debuginfo-7.4.6-150200.3.38.2
php7-opcache-7.4.6-150200.3.38.2
php7-opcache-debuginfo-7.4.6-150200.3.38.2
php7-openssl-7.4.6-150200.3.38.2
php7-openssl-debuginfo-7.4.6-150200.3.38.2
php7-pcntl-7.4.6-150200.3.38.2
php7-pcntl-debuginfo-7.4.6-150200.3.38.2
php7-pdo-7.4.6-150200.3.38.2
php7-pdo-debuginfo-7.4.6-150200.3.38.2
php7-pgsql-7.4.6-150200.3.38.2
php7-pgsql-debuginfo-7.4.6-150200.3.38.2
php7-phar-7.4.6-150200.3.38.2
php7-phar-debuginfo-7.4.6-150200.3.38.2
php7-posix-7.4.6-150200.3.38.2
php7-posix-debuginfo-7.4.6-150200.3.38.2
php7-readline-7.4.6-150200.3.38.2
php7-readline-debuginfo-7.4.6-150200.3.38.2
php7-shmop-7.4.6-150200.3.38.2
php7-shmop-debuginfo-7.4.6-150200.3.38.2
php7-snmp-7.4.6-150200.3.38.2
php7-snmp-debuginfo-7.4.6-150200.3.38.2
php7-soap-7.4.6-150200.3.38.2
php7-soap-debuginfo-7.4.6-150200.3.38.2
php7-sockets-7.4.6-150200.3.38.2
php7-sockets-debuginfo-7.4.6-150200.3.38.2
php7-sodium-7.4.6-150200.3.38.2
php7-sodium-debuginfo-7.4.6-150200.3.38.2
php7-sqlite-7.4.6-150200.3.38.2
php7-sqlite-debuginfo-7.4.6-150200.3.38.2
php7-sysvmsg-7.4.6-150200.3.38.2
php7-sysvmsg-debuginfo-7.4.6-150200.3.38.2
php7-sysvsem-7.4.6-150200.3.38.2
php7-sysvsem-debuginfo-7.4.6-150200.3.38.2
php7-sysvshm-7.4.6-150200.3.38.2
php7-sysvshm-debuginfo-7.4.6-150200.3.38.2
php7-tidy-7.4.6-150200.3.38.2
php7-tidy-debuginfo-7.4.6-150200.3.38.2
php7-tokenizer-7.4.6-150200.3.38.2
php7-tokenizer-debuginfo-7.4.6-150200.3.38.2
php7-xmlreader-7.4.6-150200.3.38.2
php7-xmlreader-debuginfo-7.4.6-150200.3.38.2
php7-xmlrpc-7.4.6-150200.3.38.2
php7-xmlrpc-debuginfo-7.4.6-150200.3.38.2
php7-xmlwriter-7.4.6-150200.3.38.2
php7-xmlwriter-debuginfo-7.4.6-150200.3.38.2
php7-xsl-7.4.6-150200.3.38.2
php7-xsl-debuginfo-7.4.6-150200.3.38.2
php7-zip-7.4.6-150200.3.38.2
php7-zip-debuginfo-7.4.6-150200.3.38.2
php7-zlib-7.4.6-150200.3.38.2
php7-zlib-debuginfo-7.4.6-150200.3.38.2
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3 (aarch64 ppc64le s390x x86_64):
php7-debuginfo-7.4.6-150200.3.38.2
php7-debugsource-7.4.6-150200.3.38.2
php7-embed-7.4.6-150200.3.38.2
php7-embed-debuginfo-7.4.6-150200.3.38.2
References:
https://bugzilla.suse.com/1197644
1
0
SUSE-SU-2022:1762-1: moderate: Security update for ImageMagick
by opensuse-security@opensuse.org 20 May '22
by opensuse-security@opensuse.org 20 May '22
20 May '22
SUSE Security Update: Security update for ImageMagick
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1762-1
Rating: moderate
References: #1197147 #1199350
Cross-References: CVE-2022-28463
CVSS scores:
CVE-2022-28463 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-28463 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Affected Products:
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Module for Desktop Applications 15-SP3
SUSE Linux Enterprise Module for Development Tools 15-SP3
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Manager Proxy 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that solves one vulnerability and has one errata
is now available.
Description:
This update for ImageMagick fixes the following issues:
Security issues fixed:
- CVE-2022-28463: Fixed buffer overflow in coders/cin.c (bsc#1199350).
Bugfixes:
- Use png_get_eXIf_1 when available (bsc#1197147).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1762=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1762=1
- SUSE Linux Enterprise Module for Development Tools 15-SP3:
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP3-2022-1762=1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP3:
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP3-2022-1762=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
libMagick++-7_Q16HDRI4-7.0.7.34-150200.10.26.1
libMagick++-7_Q16HDRI4-debuginfo-7.0.7.34-150200.10.26.1
libMagickCore-7_Q16HDRI6-7.0.7.34-150200.10.26.1
libMagickCore-7_Q16HDRI6-debuginfo-7.0.7.34-150200.10.26.1
libMagickWand-7_Q16HDRI6-7.0.7.34-150200.10.26.1
libMagickWand-7_Q16HDRI6-debuginfo-7.0.7.34-150200.10.26.1
- openSUSE Leap 15.4 (x86_64):
libMagick++-7_Q16HDRI4-32bit-7.0.7.34-150200.10.26.1
libMagick++-7_Q16HDRI4-32bit-debuginfo-7.0.7.34-150200.10.26.1
libMagickCore-7_Q16HDRI6-32bit-7.0.7.34-150200.10.26.1
libMagickCore-7_Q16HDRI6-32bit-debuginfo-7.0.7.34-150200.10.26.1
libMagickWand-7_Q16HDRI6-32bit-7.0.7.34-150200.10.26.1
libMagickWand-7_Q16HDRI6-32bit-debuginfo-7.0.7.34-150200.10.26.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
ImageMagick-7.0.7.34-150200.10.26.1
ImageMagick-config-7-SUSE-7.0.7.34-150200.10.26.1
ImageMagick-config-7-upstream-7.0.7.34-150200.10.26.1
ImageMagick-debuginfo-7.0.7.34-150200.10.26.1
ImageMagick-debugsource-7.0.7.34-150200.10.26.1
ImageMagick-devel-7.0.7.34-150200.10.26.1
ImageMagick-extra-7.0.7.34-150200.10.26.1
ImageMagick-extra-debuginfo-7.0.7.34-150200.10.26.1
libMagick++-7_Q16HDRI4-7.0.7.34-150200.10.26.1
libMagick++-7_Q16HDRI4-debuginfo-7.0.7.34-150200.10.26.1
libMagick++-devel-7.0.7.34-150200.10.26.1
libMagickCore-7_Q16HDRI6-7.0.7.34-150200.10.26.1
libMagickCore-7_Q16HDRI6-debuginfo-7.0.7.34-150200.10.26.1
libMagickWand-7_Q16HDRI6-7.0.7.34-150200.10.26.1
libMagickWand-7_Q16HDRI6-debuginfo-7.0.7.34-150200.10.26.1
perl-PerlMagick-7.0.7.34-150200.10.26.1
perl-PerlMagick-debuginfo-7.0.7.34-150200.10.26.1
- openSUSE Leap 15.3 (noarch):
ImageMagick-doc-7.0.7.34-150200.10.26.1
- openSUSE Leap 15.3 (x86_64):
ImageMagick-devel-32bit-7.0.7.34-150200.10.26.1
libMagick++-7_Q16HDRI4-32bit-7.0.7.34-150200.10.26.1
libMagick++-7_Q16HDRI4-32bit-debuginfo-7.0.7.34-150200.10.26.1
libMagick++-devel-32bit-7.0.7.34-150200.10.26.1
libMagickCore-7_Q16HDRI6-32bit-7.0.7.34-150200.10.26.1
libMagickCore-7_Q16HDRI6-32bit-debuginfo-7.0.7.34-150200.10.26.1
libMagickWand-7_Q16HDRI6-32bit-7.0.7.34-150200.10.26.1
libMagickWand-7_Q16HDRI6-32bit-debuginfo-7.0.7.34-150200.10.26.1
- SUSE Linux Enterprise Module for Development Tools 15-SP3 (aarch64 ppc64le s390x x86_64):
ImageMagick-debuginfo-7.0.7.34-150200.10.26.1
ImageMagick-debugsource-7.0.7.34-150200.10.26.1
perl-PerlMagick-7.0.7.34-150200.10.26.1
perl-PerlMagick-debuginfo-7.0.7.34-150200.10.26.1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP3 (aarch64 ppc64le s390x x86_64):
ImageMagick-7.0.7.34-150200.10.26.1
ImageMagick-config-7-SUSE-7.0.7.34-150200.10.26.1
ImageMagick-config-7-upstream-7.0.7.34-150200.10.26.1
ImageMagick-debuginfo-7.0.7.34-150200.10.26.1
ImageMagick-debugsource-7.0.7.34-150200.10.26.1
ImageMagick-devel-7.0.7.34-150200.10.26.1
libMagick++-7_Q16HDRI4-7.0.7.34-150200.10.26.1
libMagick++-7_Q16HDRI4-debuginfo-7.0.7.34-150200.10.26.1
libMagick++-devel-7.0.7.34-150200.10.26.1
libMagickCore-7_Q16HDRI6-7.0.7.34-150200.10.26.1
libMagickCore-7_Q16HDRI6-debuginfo-7.0.7.34-150200.10.26.1
libMagickWand-7_Q16HDRI6-7.0.7.34-150200.10.26.1
libMagickWand-7_Q16HDRI6-debuginfo-7.0.7.34-150200.10.26.1
References:
https://www.suse.com/security/cve/CVE-2022-28463.html
https://bugzilla.suse.com/1197147
https://bugzilla.suse.com/1199350
1
0
SUSE-SU-2022:1750-1: important: Security update for libxml2
by opensuse-security@opensuse.org 19 May '22
by opensuse-security@opensuse.org 19 May '22
19 May '22
SUSE Security Update: Security update for libxml2
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1750-1
Rating: important
References: #1196490 #1199132
Cross-References: CVE-2022-23308 CVE-2022-29824
CVSS scores:
CVE-2022-23308 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-23308 (SUSE): 7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H
CVE-2022-29824 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2022-29824 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected Products:
SUSE CaaS Platform 4.0
SUSE Enterprise Storage 6
SUSE Enterprise Storage 7
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise High Performance Computing 15-ESPOS
SUSE Linux Enterprise High Performance Computing 15-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Micro 5.1
SUSE Linux Enterprise Micro 5.2
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Python2 15-SP3
SUSE Linux Enterprise Server 15-LTSS
SUSE Linux Enterprise Server 15-SP1-BCL
SUSE Linux Enterprise Server 15-SP1-LTSS
SUSE Linux Enterprise Server 15-SP2-BCL
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP 15
SUSE Linux Enterprise Server for SAP 15-SP1
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.1
SUSE Manager Server 4.1
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for libxml2 fixes the following issues:
- CVE-2022-23308: Fixed a use-after-free of ID and IDREF attributes
(bsc#1196490).
- CVE-2022-29824: Fixed integer overflow that could have led to an
out-of-bounds write in buf.c (xmlBuf*) and tree.c (xmlBuffer*)
(bsc#1199132).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1750=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1750=1
- SUSE Manager Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-1750=1
- SUSE Manager Retail Branch Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-1750=1
- SUSE Manager Proxy 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-1750=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-1750=1
- SUSE Linux Enterprise Server for SAP 15-SP1:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2022-1750=1
- SUSE Linux Enterprise Server for SAP 15:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-2022-1750=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-1750=1
- SUSE Linux Enterprise Server 15-SP2-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-1750=1
- SUSE Linux Enterprise Server 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2022-1750=1
- SUSE Linux Enterprise Server 15-SP1-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-BCL-2022-1750=1
- SUSE Linux Enterprise Server 15-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-2022-1750=1
- SUSE Linux Enterprise Module for Python2 15-SP3:
zypper in -t patch SUSE-SLE-Module-Python2-15-SP3-2022-1750=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-1750=1
- SUSE Linux Enterprise Micro 5.2:
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2022-1750=1
- SUSE Linux Enterprise Micro 5.1:
zypper in -t patch SUSE-SUSE-MicroOS-5.1-2022-1750=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-1750=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-1750=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-LTSS-2022-1750=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-ESPOS-2022-1750=1
- SUSE Linux Enterprise High Performance Computing 15-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-2022-1750=1
- SUSE Linux Enterprise High Performance Computing 15-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-2022-1750=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2022-1750=1
- SUSE Enterprise Storage 6:
zypper in -t patch SUSE-Storage-6-2022-1750=1
- SUSE CaaS Platform 4.0:
To install this update, use the SUSE CaaS Platform 'skuba' tool. It
will inform you if it detects new updates and let you then trigger
updating of the complete cluster in a controlled way.
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
python-libxml2-python-debugsource-2.9.7-150000.3.46.1
python2-libxml2-python-2.9.7-150000.3.46.1
python2-libxml2-python-debuginfo-2.9.7-150000.3.46.1
python3-libxml2-python-2.9.7-150000.3.46.1
python3-libxml2-python-debuginfo-2.9.7-150000.3.46.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
libxml2-2-2.9.7-150000.3.46.1
libxml2-2-debuginfo-2.9.7-150000.3.46.1
libxml2-debugsource-2.9.7-150000.3.46.1
libxml2-devel-2.9.7-150000.3.46.1
libxml2-tools-2.9.7-150000.3.46.1
libxml2-tools-debuginfo-2.9.7-150000.3.46.1
python-libxml2-python-debugsource-2.9.7-150000.3.46.1
python2-libxml2-python-2.9.7-150000.3.46.1
python2-libxml2-python-debuginfo-2.9.7-150000.3.46.1
python3-libxml2-python-2.9.7-150000.3.46.1
python3-libxml2-python-debuginfo-2.9.7-150000.3.46.1
- openSUSE Leap 15.3 (x86_64):
libxml2-2-32bit-2.9.7-150000.3.46.1
libxml2-2-32bit-debuginfo-2.9.7-150000.3.46.1
libxml2-devel-32bit-2.9.7-150000.3.46.1
- openSUSE Leap 15.3 (noarch):
libxml2-doc-2.9.7-150000.3.46.1
- SUSE Manager Server 4.1 (ppc64le s390x x86_64):
libxml2-2-2.9.7-150000.3.46.1
libxml2-2-debuginfo-2.9.7-150000.3.46.1
libxml2-debugsource-2.9.7-150000.3.46.1
libxml2-devel-2.9.7-150000.3.46.1
libxml2-tools-2.9.7-150000.3.46.1
libxml2-tools-debuginfo-2.9.7-150000.3.46.1
python-libxml2-python-debugsource-2.9.7-150000.3.46.1
python2-libxml2-python-2.9.7-150000.3.46.1
python2-libxml2-python-debuginfo-2.9.7-150000.3.46.1
python3-libxml2-python-2.9.7-150000.3.46.1
python3-libxml2-python-debuginfo-2.9.7-150000.3.46.1
- SUSE Manager Server 4.1 (x86_64):
libxml2-2-32bit-2.9.7-150000.3.46.1
libxml2-2-32bit-debuginfo-2.9.7-150000.3.46.1
- SUSE Manager Retail Branch Server 4.1 (x86_64):
libxml2-2-2.9.7-150000.3.46.1
libxml2-2-32bit-2.9.7-150000.3.46.1
libxml2-2-32bit-debuginfo-2.9.7-150000.3.46.1
libxml2-2-debuginfo-2.9.7-150000.3.46.1
libxml2-debugsource-2.9.7-150000.3.46.1
libxml2-devel-2.9.7-150000.3.46.1
libxml2-tools-2.9.7-150000.3.46.1
libxml2-tools-debuginfo-2.9.7-150000.3.46.1
python-libxml2-python-debugsource-2.9.7-150000.3.46.1
python2-libxml2-python-2.9.7-150000.3.46.1
python2-libxml2-python-debuginfo-2.9.7-150000.3.46.1
python3-libxml2-python-2.9.7-150000.3.46.1
python3-libxml2-python-debuginfo-2.9.7-150000.3.46.1
- SUSE Manager Proxy 4.1 (x86_64):
libxml2-2-2.9.7-150000.3.46.1
libxml2-2-32bit-2.9.7-150000.3.46.1
libxml2-2-32bit-debuginfo-2.9.7-150000.3.46.1
libxml2-2-debuginfo-2.9.7-150000.3.46.1
libxml2-debugsource-2.9.7-150000.3.46.1
libxml2-devel-2.9.7-150000.3.46.1
libxml2-tools-2.9.7-150000.3.46.1
libxml2-tools-debuginfo-2.9.7-150000.3.46.1
python-libxml2-python-debugsource-2.9.7-150000.3.46.1
python2-libxml2-python-2.9.7-150000.3.46.1
python2-libxml2-python-debuginfo-2.9.7-150000.3.46.1
python3-libxml2-python-2.9.7-150000.3.46.1
python3-libxml2-python-debuginfo-2.9.7-150000.3.46.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64):
libxml2-2-2.9.7-150000.3.46.1
libxml2-2-debuginfo-2.9.7-150000.3.46.1
libxml2-debugsource-2.9.7-150000.3.46.1
libxml2-devel-2.9.7-150000.3.46.1
libxml2-tools-2.9.7-150000.3.46.1
libxml2-tools-debuginfo-2.9.7-150000.3.46.1
python-libxml2-python-debugsource-2.9.7-150000.3.46.1
python2-libxml2-python-2.9.7-150000.3.46.1
python2-libxml2-python-debuginfo-2.9.7-150000.3.46.1
python3-libxml2-python-2.9.7-150000.3.46.1
python3-libxml2-python-debuginfo-2.9.7-150000.3.46.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (x86_64):
libxml2-2-32bit-2.9.7-150000.3.46.1
libxml2-2-32bit-debuginfo-2.9.7-150000.3.46.1
- SUSE Linux Enterprise Server for SAP 15-SP1 (ppc64le x86_64):
libxml2-2-2.9.7-150000.3.46.1
libxml2-2-debuginfo-2.9.7-150000.3.46.1
libxml2-debugsource-2.9.7-150000.3.46.1
libxml2-devel-2.9.7-150000.3.46.1
libxml2-tools-2.9.7-150000.3.46.1
libxml2-tools-debuginfo-2.9.7-150000.3.46.1
python-libxml2-python-debugsource-2.9.7-150000.3.46.1
python2-libxml2-python-2.9.7-150000.3.46.1
python2-libxml2-python-debuginfo-2.9.7-150000.3.46.1
python3-libxml2-python-2.9.7-150000.3.46.1
python3-libxml2-python-debuginfo-2.9.7-150000.3.46.1
- SUSE Linux Enterprise Server for SAP 15-SP1 (x86_64):
libxml2-2-32bit-2.9.7-150000.3.46.1
libxml2-2-32bit-debuginfo-2.9.7-150000.3.46.1
- SUSE Linux Enterprise Server for SAP 15 (ppc64le x86_64):
libxml2-2-2.9.7-150000.3.46.1
libxml2-2-debuginfo-2.9.7-150000.3.46.1
libxml2-debugsource-2.9.7-150000.3.46.1
libxml2-devel-2.9.7-150000.3.46.1
libxml2-tools-2.9.7-150000.3.46.1
libxml2-tools-debuginfo-2.9.7-150000.3.46.1
python-libxml2-python-debugsource-2.9.7-150000.3.46.1
python2-libxml2-python-2.9.7-150000.3.46.1
python2-libxml2-python-debuginfo-2.9.7-150000.3.46.1
python3-libxml2-python-2.9.7-150000.3.46.1
python3-libxml2-python-debuginfo-2.9.7-150000.3.46.1
- SUSE Linux Enterprise Server for SAP 15 (x86_64):
libxml2-2-32bit-2.9.7-150000.3.46.1
libxml2-2-32bit-debuginfo-2.9.7-150000.3.46.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64):
libxml2-2-2.9.7-150000.3.46.1
libxml2-2-debuginfo-2.9.7-150000.3.46.1
libxml2-debugsource-2.9.7-150000.3.46.1
libxml2-devel-2.9.7-150000.3.46.1
libxml2-tools-2.9.7-150000.3.46.1
libxml2-tools-debuginfo-2.9.7-150000.3.46.1
python-libxml2-python-debugsource-2.9.7-150000.3.46.1
python2-libxml2-python-2.9.7-150000.3.46.1
python2-libxml2-python-debuginfo-2.9.7-150000.3.46.1
python3-libxml2-python-2.9.7-150000.3.46.1
python3-libxml2-python-debuginfo-2.9.7-150000.3.46.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (x86_64):
libxml2-2-32bit-2.9.7-150000.3.46.1
libxml2-2-32bit-debuginfo-2.9.7-150000.3.46.1
- SUSE Linux Enterprise Server 15-SP2-BCL (x86_64):
libxml2-2-2.9.7-150000.3.46.1
libxml2-2-32bit-2.9.7-150000.3.46.1
libxml2-2-32bit-debuginfo-2.9.7-150000.3.46.1
libxml2-2-debuginfo-2.9.7-150000.3.46.1
libxml2-debugsource-2.9.7-150000.3.46.1
libxml2-devel-2.9.7-150000.3.46.1
libxml2-tools-2.9.7-150000.3.46.1
libxml2-tools-debuginfo-2.9.7-150000.3.46.1
python-libxml2-python-debugsource-2.9.7-150000.3.46.1
python3-libxml2-python-2.9.7-150000.3.46.1
python3-libxml2-python-debuginfo-2.9.7-150000.3.46.1
- SUSE Linux Enterprise Server 15-SP1-LTSS (aarch64 ppc64le s390x x86_64):
libxml2-2-2.9.7-150000.3.46.1
libxml2-2-debuginfo-2.9.7-150000.3.46.1
libxml2-debugsource-2.9.7-150000.3.46.1
libxml2-devel-2.9.7-150000.3.46.1
libxml2-tools-2.9.7-150000.3.46.1
libxml2-tools-debuginfo-2.9.7-150000.3.46.1
python-libxml2-python-debugsource-2.9.7-150000.3.46.1
python2-libxml2-python-2.9.7-150000.3.46.1
python2-libxml2-python-debuginfo-2.9.7-150000.3.46.1
python3-libxml2-python-2.9.7-150000.3.46.1
python3-libxml2-python-debuginfo-2.9.7-150000.3.46.1
- SUSE Linux Enterprise Server 15-SP1-LTSS (x86_64):
libxml2-2-32bit-2.9.7-150000.3.46.1
libxml2-2-32bit-debuginfo-2.9.7-150000.3.46.1
- SUSE Linux Enterprise Server 15-SP1-BCL (x86_64):
libxml2-2-2.9.7-150000.3.46.1
libxml2-2-32bit-2.9.7-150000.3.46.1
libxml2-2-32bit-debuginfo-2.9.7-150000.3.46.1
libxml2-2-debuginfo-2.9.7-150000.3.46.1
libxml2-debugsource-2.9.7-150000.3.46.1
libxml2-devel-2.9.7-150000.3.46.1
libxml2-tools-2.9.7-150000.3.46.1
libxml2-tools-debuginfo-2.9.7-150000.3.46.1
python-libxml2-python-debugsource-2.9.7-150000.3.46.1
python2-libxml2-python-2.9.7-150000.3.46.1
python2-libxml2-python-debuginfo-2.9.7-150000.3.46.1
python3-libxml2-python-2.9.7-150000.3.46.1
python3-libxml2-python-debuginfo-2.9.7-150000.3.46.1
- SUSE Linux Enterprise Server 15-LTSS (aarch64 s390x):
libxml2-2-2.9.7-150000.3.46.1
libxml2-2-debuginfo-2.9.7-150000.3.46.1
libxml2-debugsource-2.9.7-150000.3.46.1
libxml2-devel-2.9.7-150000.3.46.1
libxml2-tools-2.9.7-150000.3.46.1
libxml2-tools-debuginfo-2.9.7-150000.3.46.1
python-libxml2-python-debugsource-2.9.7-150000.3.46.1
python2-libxml2-python-2.9.7-150000.3.46.1
python2-libxml2-python-debuginfo-2.9.7-150000.3.46.1
python3-libxml2-python-2.9.7-150000.3.46.1
python3-libxml2-python-debuginfo-2.9.7-150000.3.46.1
- SUSE Linux Enterprise Module for Python2 15-SP3 (aarch64 ppc64le s390x x86_64):
python-libxml2-python-debugsource-2.9.7-150000.3.46.1
python2-libxml2-python-2.9.7-150000.3.46.1
python2-libxml2-python-debuginfo-2.9.7-150000.3.46.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64):
libxml2-2-2.9.7-150000.3.46.1
libxml2-2-debuginfo-2.9.7-150000.3.46.1
libxml2-debugsource-2.9.7-150000.3.46.1
libxml2-devel-2.9.7-150000.3.46.1
libxml2-tools-2.9.7-150000.3.46.1
libxml2-tools-debuginfo-2.9.7-150000.3.46.1
python-libxml2-python-debugsource-2.9.7-150000.3.46.1
python3-libxml2-python-2.9.7-150000.3.46.1
python3-libxml2-python-debuginfo-2.9.7-150000.3.46.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (x86_64):
libxml2-2-32bit-2.9.7-150000.3.46.1
libxml2-2-32bit-debuginfo-2.9.7-150000.3.46.1
- SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64):
libxml2-2-2.9.7-150000.3.46.1
libxml2-2-debuginfo-2.9.7-150000.3.46.1
libxml2-debugsource-2.9.7-150000.3.46.1
libxml2-tools-2.9.7-150000.3.46.1
libxml2-tools-debuginfo-2.9.7-150000.3.46.1
python-libxml2-python-debugsource-2.9.7-150000.3.46.1
python3-libxml2-python-2.9.7-150000.3.46.1
python3-libxml2-python-debuginfo-2.9.7-150000.3.46.1
- SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64):
libxml2-2-2.9.7-150000.3.46.1
libxml2-2-debuginfo-2.9.7-150000.3.46.1
libxml2-debugsource-2.9.7-150000.3.46.1
libxml2-tools-2.9.7-150000.3.46.1
libxml2-tools-debuginfo-2.9.7-150000.3.46.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64):
libxml2-2-2.9.7-150000.3.46.1
libxml2-2-debuginfo-2.9.7-150000.3.46.1
libxml2-debugsource-2.9.7-150000.3.46.1
libxml2-devel-2.9.7-150000.3.46.1
libxml2-tools-2.9.7-150000.3.46.1
libxml2-tools-debuginfo-2.9.7-150000.3.46.1
python-libxml2-python-debugsource-2.9.7-150000.3.46.1
python2-libxml2-python-2.9.7-150000.3.46.1
python2-libxml2-python-debuginfo-2.9.7-150000.3.46.1
python3-libxml2-python-2.9.7-150000.3.46.1
python3-libxml2-python-debuginfo-2.9.7-150000.3.46.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (x86_64):
libxml2-2-32bit-2.9.7-150000.3.46.1
libxml2-2-32bit-debuginfo-2.9.7-150000.3.46.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (aarch64 x86_64):
libxml2-2-2.9.7-150000.3.46.1
libxml2-2-debuginfo-2.9.7-150000.3.46.1
libxml2-debugsource-2.9.7-150000.3.46.1
libxml2-devel-2.9.7-150000.3.46.1
libxml2-tools-2.9.7-150000.3.46.1
libxml2-tools-debuginfo-2.9.7-150000.3.46.1
python-libxml2-python-debugsource-2.9.7-150000.3.46.1
python2-libxml2-python-2.9.7-150000.3.46.1
python2-libxml2-python-debuginfo-2.9.7-150000.3.46.1
python3-libxml2-python-2.9.7-150000.3.46.1
python3-libxml2-python-debuginfo-2.9.7-150000.3.46.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (x86_64):
libxml2-2-32bit-2.9.7-150000.3.46.1
libxml2-2-32bit-debuginfo-2.9.7-150000.3.46.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (aarch64 x86_64):
libxml2-2-2.9.7-150000.3.46.1
libxml2-2-debuginfo-2.9.7-150000.3.46.1
libxml2-debugsource-2.9.7-150000.3.46.1
libxml2-devel-2.9.7-150000.3.46.1
libxml2-tools-2.9.7-150000.3.46.1
libxml2-tools-debuginfo-2.9.7-150000.3.46.1
python-libxml2-python-debugsource-2.9.7-150000.3.46.1
python2-libxml2-python-2.9.7-150000.3.46.1
python2-libxml2-python-debuginfo-2.9.7-150000.3.46.1
python3-libxml2-python-2.9.7-150000.3.46.1
python3-libxml2-python-debuginfo-2.9.7-150000.3.46.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (x86_64):
libxml2-2-32bit-2.9.7-150000.3.46.1
libxml2-2-32bit-debuginfo-2.9.7-150000.3.46.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (aarch64 x86_64):
libxml2-2-2.9.7-150000.3.46.1
libxml2-2-debuginfo-2.9.7-150000.3.46.1
libxml2-debugsource-2.9.7-150000.3.46.1
libxml2-devel-2.9.7-150000.3.46.1
libxml2-tools-2.9.7-150000.3.46.1
libxml2-tools-debuginfo-2.9.7-150000.3.46.1
python-libxml2-python-debugsource-2.9.7-150000.3.46.1
python2-libxml2-python-2.9.7-150000.3.46.1
python2-libxml2-python-debuginfo-2.9.7-150000.3.46.1
python3-libxml2-python-2.9.7-150000.3.46.1
python3-libxml2-python-debuginfo-2.9.7-150000.3.46.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (x86_64):
libxml2-2-32bit-2.9.7-150000.3.46.1
libxml2-2-32bit-debuginfo-2.9.7-150000.3.46.1
- SUSE Linux Enterprise High Performance Computing 15-LTSS (aarch64 x86_64):
libxml2-2-2.9.7-150000.3.46.1
libxml2-2-debuginfo-2.9.7-150000.3.46.1
libxml2-debugsource-2.9.7-150000.3.46.1
libxml2-devel-2.9.7-150000.3.46.1
libxml2-tools-2.9.7-150000.3.46.1
libxml2-tools-debuginfo-2.9.7-150000.3.46.1
python-libxml2-python-debugsource-2.9.7-150000.3.46.1
python2-libxml2-python-2.9.7-150000.3.46.1
python2-libxml2-python-debuginfo-2.9.7-150000.3.46.1
python3-libxml2-python-2.9.7-150000.3.46.1
python3-libxml2-python-debuginfo-2.9.7-150000.3.46.1
- SUSE Linux Enterprise High Performance Computing 15-LTSS (x86_64):
libxml2-2-32bit-2.9.7-150000.3.46.1
libxml2-2-32bit-debuginfo-2.9.7-150000.3.46.1
- SUSE Linux Enterprise High Performance Computing 15-ESPOS (aarch64 x86_64):
libxml2-2-2.9.7-150000.3.46.1
libxml2-2-debuginfo-2.9.7-150000.3.46.1
libxml2-debugsource-2.9.7-150000.3.46.1
libxml2-devel-2.9.7-150000.3.46.1
libxml2-tools-2.9.7-150000.3.46.1
libxml2-tools-debuginfo-2.9.7-150000.3.46.1
python-libxml2-python-debugsource-2.9.7-150000.3.46.1
python2-libxml2-python-2.9.7-150000.3.46.1
python2-libxml2-python-debuginfo-2.9.7-150000.3.46.1
python3-libxml2-python-2.9.7-150000.3.46.1
python3-libxml2-python-debuginfo-2.9.7-150000.3.46.1
- SUSE Linux Enterprise High Performance Computing 15-ESPOS (x86_64):
libxml2-2-32bit-2.9.7-150000.3.46.1
libxml2-2-32bit-debuginfo-2.9.7-150000.3.46.1
- SUSE Enterprise Storage 7 (aarch64 x86_64):
libxml2-2-2.9.7-150000.3.46.1
libxml2-2-debuginfo-2.9.7-150000.3.46.1
libxml2-debugsource-2.9.7-150000.3.46.1
libxml2-devel-2.9.7-150000.3.46.1
libxml2-tools-2.9.7-150000.3.46.1
libxml2-tools-debuginfo-2.9.7-150000.3.46.1
python-libxml2-python-debugsource-2.9.7-150000.3.46.1
python2-libxml2-python-2.9.7-150000.3.46.1
python2-libxml2-python-debuginfo-2.9.7-150000.3.46.1
python3-libxml2-python-2.9.7-150000.3.46.1
python3-libxml2-python-debuginfo-2.9.7-150000.3.46.1
- SUSE Enterprise Storage 7 (x86_64):
libxml2-2-32bit-2.9.7-150000.3.46.1
libxml2-2-32bit-debuginfo-2.9.7-150000.3.46.1
- SUSE Enterprise Storage 6 (aarch64 x86_64):
libxml2-2-2.9.7-150000.3.46.1
libxml2-2-debuginfo-2.9.7-150000.3.46.1
libxml2-debugsource-2.9.7-150000.3.46.1
libxml2-devel-2.9.7-150000.3.46.1
libxml2-tools-2.9.7-150000.3.46.1
libxml2-tools-debuginfo-2.9.7-150000.3.46.1
python-libxml2-python-debugsource-2.9.7-150000.3.46.1
python2-libxml2-python-2.9.7-150000.3.46.1
python2-libxml2-python-debuginfo-2.9.7-150000.3.46.1
python3-libxml2-python-2.9.7-150000.3.46.1
python3-libxml2-python-debuginfo-2.9.7-150000.3.46.1
- SUSE Enterprise Storage 6 (x86_64):
libxml2-2-32bit-2.9.7-150000.3.46.1
libxml2-2-32bit-debuginfo-2.9.7-150000.3.46.1
- SUSE CaaS Platform 4.0 (x86_64):
libxml2-2-2.9.7-150000.3.46.1
libxml2-2-32bit-2.9.7-150000.3.46.1
libxml2-2-32bit-debuginfo-2.9.7-150000.3.46.1
libxml2-2-debuginfo-2.9.7-150000.3.46.1
libxml2-debugsource-2.9.7-150000.3.46.1
libxml2-devel-2.9.7-150000.3.46.1
libxml2-tools-2.9.7-150000.3.46.1
libxml2-tools-debuginfo-2.9.7-150000.3.46.1
python-libxml2-python-debugsource-2.9.7-150000.3.46.1
python2-libxml2-python-2.9.7-150000.3.46.1
python2-libxml2-python-debuginfo-2.9.7-150000.3.46.1
python3-libxml2-python-2.9.7-150000.3.46.1
python3-libxml2-python-debuginfo-2.9.7-150000.3.46.1
References:
https://www.suse.com/security/cve/CVE-2022-23308.html
https://www.suse.com/security/cve/CVE-2022-29824.html
https://bugzilla.suse.com/1196490
https://bugzilla.suse.com/1199132
1
0
19 May '22
SUSE Security Update: Security update for php7
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1755-1
Rating: low
References: #1197644
Affected Products:
SUSE Linux Enterprise High Performance Computing
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Legacy Software 15-SP4
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4
SUSE Linux Enterprise Server
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications
SUSE Linux Enterprise Server for SAP Applications 15-SP4
openSUSE Leap 15.4
______________________________________________________________________________
An update that contains security fixes can now be installed.
Description:
This update for php7 fixes the following issues:
- Fixed filter_var bypass vulnerability (bsc#1197644).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1755=1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4:
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP4-2022-1755=1
- SUSE Linux Enterprise Module for Legacy Software 15-SP4:
zypper in -t patch SUSE-SLE-Module-Legacy-15-SP4-2022-1755=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
apache2-mod_php7-7.4.25-150400.4.3.1
apache2-mod_php7-debuginfo-7.4.25-150400.4.3.1
apache2-mod_php7-debugsource-7.4.25-150400.4.3.1
php7-7.4.25-150400.4.3.1
php7-bcmath-7.4.25-150400.4.3.1
php7-bcmath-debuginfo-7.4.25-150400.4.3.1
php7-bz2-7.4.25-150400.4.3.1
php7-bz2-debuginfo-7.4.25-150400.4.3.1
php7-calendar-7.4.25-150400.4.3.1
php7-calendar-debuginfo-7.4.25-150400.4.3.1
php7-cli-7.4.25-150400.4.3.1
php7-cli-debuginfo-7.4.25-150400.4.3.1
php7-ctype-7.4.25-150400.4.3.1
php7-ctype-debuginfo-7.4.25-150400.4.3.1
php7-curl-7.4.25-150400.4.3.1
php7-curl-debuginfo-7.4.25-150400.4.3.1
php7-dba-7.4.25-150400.4.3.1
php7-dba-debuginfo-7.4.25-150400.4.3.1
php7-debuginfo-7.4.25-150400.4.3.1
php7-debugsource-7.4.25-150400.4.3.1
php7-devel-7.4.25-150400.4.3.1
php7-dom-7.4.25-150400.4.3.1
php7-dom-debuginfo-7.4.25-150400.4.3.1
php7-embed-7.4.25-150400.4.3.1
php7-embed-debuginfo-7.4.25-150400.4.3.1
php7-embed-debugsource-7.4.25-150400.4.3.1
php7-enchant-7.4.25-150400.4.3.1
php7-enchant-debuginfo-7.4.25-150400.4.3.1
php7-exif-7.4.25-150400.4.3.1
php7-exif-debuginfo-7.4.25-150400.4.3.1
php7-fastcgi-7.4.25-150400.4.3.1
php7-fastcgi-debuginfo-7.4.25-150400.4.3.1
php7-fastcgi-debugsource-7.4.25-150400.4.3.1
php7-fileinfo-7.4.25-150400.4.3.1
php7-fileinfo-debuginfo-7.4.25-150400.4.3.1
php7-fpm-7.4.25-150400.4.3.1
php7-fpm-debuginfo-7.4.25-150400.4.3.1
php7-fpm-debugsource-7.4.25-150400.4.3.1
php7-ftp-7.4.25-150400.4.3.1
php7-ftp-debuginfo-7.4.25-150400.4.3.1
php7-gd-7.4.25-150400.4.3.1
php7-gd-debuginfo-7.4.25-150400.4.3.1
php7-gettext-7.4.25-150400.4.3.1
php7-gettext-debuginfo-7.4.25-150400.4.3.1
php7-gmp-7.4.25-150400.4.3.1
php7-gmp-debuginfo-7.4.25-150400.4.3.1
php7-iconv-7.4.25-150400.4.3.1
php7-iconv-debuginfo-7.4.25-150400.4.3.1
php7-intl-7.4.25-150400.4.3.1
php7-intl-debuginfo-7.4.25-150400.4.3.1
php7-json-7.4.25-150400.4.3.1
php7-json-debuginfo-7.4.25-150400.4.3.1
php7-ldap-7.4.25-150400.4.3.1
php7-ldap-debuginfo-7.4.25-150400.4.3.1
php7-mbstring-7.4.25-150400.4.3.1
php7-mbstring-debuginfo-7.4.25-150400.4.3.1
php7-mysql-7.4.25-150400.4.3.1
php7-mysql-debuginfo-7.4.25-150400.4.3.1
php7-odbc-7.4.25-150400.4.3.1
php7-odbc-debuginfo-7.4.25-150400.4.3.1
php7-opcache-7.4.25-150400.4.3.1
php7-opcache-debuginfo-7.4.25-150400.4.3.1
php7-openssl-7.4.25-150400.4.3.1
php7-openssl-debuginfo-7.4.25-150400.4.3.1
php7-pcntl-7.4.25-150400.4.3.1
php7-pcntl-debuginfo-7.4.25-150400.4.3.1
php7-pdo-7.4.25-150400.4.3.1
php7-pdo-debuginfo-7.4.25-150400.4.3.1
php7-pgsql-7.4.25-150400.4.3.1
php7-pgsql-debuginfo-7.4.25-150400.4.3.1
php7-phar-7.4.25-150400.4.3.1
php7-phar-debuginfo-7.4.25-150400.4.3.1
php7-posix-7.4.25-150400.4.3.1
php7-posix-debuginfo-7.4.25-150400.4.3.1
php7-readline-7.4.25-150400.4.3.1
php7-readline-debuginfo-7.4.25-150400.4.3.1
php7-shmop-7.4.25-150400.4.3.1
php7-shmop-debuginfo-7.4.25-150400.4.3.1
php7-snmp-7.4.25-150400.4.3.1
php7-snmp-debuginfo-7.4.25-150400.4.3.1
php7-soap-7.4.25-150400.4.3.1
php7-soap-debuginfo-7.4.25-150400.4.3.1
php7-sockets-7.4.25-150400.4.3.1
php7-sockets-debuginfo-7.4.25-150400.4.3.1
php7-sodium-7.4.25-150400.4.3.1
php7-sodium-debuginfo-7.4.25-150400.4.3.1
php7-sqlite-7.4.25-150400.4.3.1
php7-sqlite-debuginfo-7.4.25-150400.4.3.1
php7-sysvmsg-7.4.25-150400.4.3.1
php7-sysvmsg-debuginfo-7.4.25-150400.4.3.1
php7-sysvsem-7.4.25-150400.4.3.1
php7-sysvsem-debuginfo-7.4.25-150400.4.3.1
php7-sysvshm-7.4.25-150400.4.3.1
php7-sysvshm-debuginfo-7.4.25-150400.4.3.1
php7-test-7.4.25-150400.4.3.2
php7-tidy-7.4.25-150400.4.3.1
php7-tidy-debuginfo-7.4.25-150400.4.3.1
php7-tokenizer-7.4.25-150400.4.3.1
php7-tokenizer-debuginfo-7.4.25-150400.4.3.1
php7-xmlreader-7.4.25-150400.4.3.1
php7-xmlreader-debuginfo-7.4.25-150400.4.3.1
php7-xmlrpc-7.4.25-150400.4.3.1
php7-xmlrpc-debuginfo-7.4.25-150400.4.3.1
php7-xmlwriter-7.4.25-150400.4.3.1
php7-xmlwriter-debuginfo-7.4.25-150400.4.3.1
php7-xsl-7.4.25-150400.4.3.1
php7-xsl-debuginfo-7.4.25-150400.4.3.1
php7-zip-7.4.25-150400.4.3.1
php7-zip-debuginfo-7.4.25-150400.4.3.1
php7-zlib-7.4.25-150400.4.3.1
php7-zlib-debuginfo-7.4.25-150400.4.3.1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4 (aarch64 ppc64le s390x x86_64):
php7-embed-7.4.25-150400.4.3.1
php7-embed-debuginfo-7.4.25-150400.4.3.1
php7-embed-debugsource-7.4.25-150400.4.3.1
- SUSE Linux Enterprise Module for Legacy Software 15-SP4 (aarch64 ppc64le s390x x86_64):
apache2-mod_php7-7.4.25-150400.4.3.1
apache2-mod_php7-debuginfo-7.4.25-150400.4.3.1
apache2-mod_php7-debugsource-7.4.25-150400.4.3.1
php7-7.4.25-150400.4.3.1
php7-bcmath-7.4.25-150400.4.3.1
php7-bcmath-debuginfo-7.4.25-150400.4.3.1
php7-bz2-7.4.25-150400.4.3.1
php7-bz2-debuginfo-7.4.25-150400.4.3.1
php7-calendar-7.4.25-150400.4.3.1
php7-calendar-debuginfo-7.4.25-150400.4.3.1
php7-cli-7.4.25-150400.4.3.1
php7-cli-debuginfo-7.4.25-150400.4.3.1
php7-ctype-7.4.25-150400.4.3.1
php7-ctype-debuginfo-7.4.25-150400.4.3.1
php7-curl-7.4.25-150400.4.3.1
php7-curl-debuginfo-7.4.25-150400.4.3.1
php7-dba-7.4.25-150400.4.3.1
php7-dba-debuginfo-7.4.25-150400.4.3.1
php7-debuginfo-7.4.25-150400.4.3.1
php7-debugsource-7.4.25-150400.4.3.1
php7-devel-7.4.25-150400.4.3.1
php7-dom-7.4.25-150400.4.3.1
php7-dom-debuginfo-7.4.25-150400.4.3.1
php7-enchant-7.4.25-150400.4.3.1
php7-enchant-debuginfo-7.4.25-150400.4.3.1
php7-exif-7.4.25-150400.4.3.1
php7-exif-debuginfo-7.4.25-150400.4.3.1
php7-fastcgi-7.4.25-150400.4.3.1
php7-fastcgi-debuginfo-7.4.25-150400.4.3.1
php7-fastcgi-debugsource-7.4.25-150400.4.3.1
php7-fileinfo-7.4.25-150400.4.3.1
php7-fileinfo-debuginfo-7.4.25-150400.4.3.1
php7-fpm-7.4.25-150400.4.3.1
php7-fpm-debuginfo-7.4.25-150400.4.3.1
php7-fpm-debugsource-7.4.25-150400.4.3.1
php7-ftp-7.4.25-150400.4.3.1
php7-ftp-debuginfo-7.4.25-150400.4.3.1
php7-gd-7.4.25-150400.4.3.1
php7-gd-debuginfo-7.4.25-150400.4.3.1
php7-gettext-7.4.25-150400.4.3.1
php7-gettext-debuginfo-7.4.25-150400.4.3.1
php7-gmp-7.4.25-150400.4.3.1
php7-gmp-debuginfo-7.4.25-150400.4.3.1
php7-iconv-7.4.25-150400.4.3.1
php7-iconv-debuginfo-7.4.25-150400.4.3.1
php7-intl-7.4.25-150400.4.3.1
php7-intl-debuginfo-7.4.25-150400.4.3.1
php7-json-7.4.25-150400.4.3.1
php7-json-debuginfo-7.4.25-150400.4.3.1
php7-ldap-7.4.25-150400.4.3.1
php7-ldap-debuginfo-7.4.25-150400.4.3.1
php7-mbstring-7.4.25-150400.4.3.1
php7-mbstring-debuginfo-7.4.25-150400.4.3.1
php7-mysql-7.4.25-150400.4.3.1
php7-mysql-debuginfo-7.4.25-150400.4.3.1
php7-odbc-7.4.25-150400.4.3.1
php7-odbc-debuginfo-7.4.25-150400.4.3.1
php7-opcache-7.4.25-150400.4.3.1
php7-opcache-debuginfo-7.4.25-150400.4.3.1
php7-openssl-7.4.25-150400.4.3.1
php7-openssl-debuginfo-7.4.25-150400.4.3.1
php7-pcntl-7.4.25-150400.4.3.1
php7-pcntl-debuginfo-7.4.25-150400.4.3.1
php7-pdo-7.4.25-150400.4.3.1
php7-pdo-debuginfo-7.4.25-150400.4.3.1
php7-pgsql-7.4.25-150400.4.3.1
php7-pgsql-debuginfo-7.4.25-150400.4.3.1
php7-phar-7.4.25-150400.4.3.1
php7-phar-debuginfo-7.4.25-150400.4.3.1
php7-posix-7.4.25-150400.4.3.1
php7-posix-debuginfo-7.4.25-150400.4.3.1
php7-readline-7.4.25-150400.4.3.1
php7-readline-debuginfo-7.4.25-150400.4.3.1
php7-shmop-7.4.25-150400.4.3.1
php7-shmop-debuginfo-7.4.25-150400.4.3.1
php7-snmp-7.4.25-150400.4.3.1
php7-snmp-debuginfo-7.4.25-150400.4.3.1
php7-soap-7.4.25-150400.4.3.1
php7-soap-debuginfo-7.4.25-150400.4.3.1
php7-sockets-7.4.25-150400.4.3.1
php7-sockets-debuginfo-7.4.25-150400.4.3.1
php7-sodium-7.4.25-150400.4.3.1
php7-sodium-debuginfo-7.4.25-150400.4.3.1
php7-sqlite-7.4.25-150400.4.3.1
php7-sqlite-debuginfo-7.4.25-150400.4.3.1
php7-sysvmsg-7.4.25-150400.4.3.1
php7-sysvmsg-debuginfo-7.4.25-150400.4.3.1
php7-sysvsem-7.4.25-150400.4.3.1
php7-sysvsem-debuginfo-7.4.25-150400.4.3.1
php7-sysvshm-7.4.25-150400.4.3.1
php7-sysvshm-debuginfo-7.4.25-150400.4.3.1
php7-tidy-7.4.25-150400.4.3.1
php7-tidy-debuginfo-7.4.25-150400.4.3.1
php7-tokenizer-7.4.25-150400.4.3.1
php7-tokenizer-debuginfo-7.4.25-150400.4.3.1
php7-xmlreader-7.4.25-150400.4.3.1
php7-xmlreader-debuginfo-7.4.25-150400.4.3.1
php7-xmlrpc-7.4.25-150400.4.3.1
php7-xmlrpc-debuginfo-7.4.25-150400.4.3.1
php7-xmlwriter-7.4.25-150400.4.3.1
php7-xmlwriter-debuginfo-7.4.25-150400.4.3.1
php7-xsl-7.4.25-150400.4.3.1
php7-xsl-debuginfo-7.4.25-150400.4.3.1
php7-zip-7.4.25-150400.4.3.1
php7-zip-debuginfo-7.4.25-150400.4.3.1
php7-zlib-7.4.25-150400.4.3.1
php7-zlib-debuginfo-7.4.25-150400.4.3.1
References:
https://bugzilla.suse.com/1197644
1
0
SUSE-SU-2022:1748-1: important: Security update for MozillaFirefox
by opensuse-security@opensuse.org 19 May '22
by opensuse-security@opensuse.org 19 May '22
19 May '22
SUSE Security Update: Security update for MozillaFirefox
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1748-1
Rating: important
References: #1198970
Cross-References: CVE-2022-29909 CVE-2022-29911 CVE-2022-29912
CVE-2022-29914 CVE-2022-29916 CVE-2022-29917
CVSS scores:
CVE-2022-29909 (SUSE): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-29911 (SUSE): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-29912 (SUSE): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
CVE-2022-29914 (SUSE): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-29916 (SUSE): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-29917 (SUSE): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected Products:
SUSE Enterprise Storage 7
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Desktop Applications 15-SP3
SUSE Linux Enterprise Module for Desktop Applications 15-SP4
SUSE Linux Enterprise Server 15-SP2-BCL
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.1
SUSE Manager Server 4.1
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes 6 vulnerabilities is now available.
Description:
This update for MozillaFirefox fixes the following issues:
Firefox Extended Support Release 91.9.0 ESR (MFSA 2022-17)(bsc#1198970):
- CVE-2022-29914: Fullscreen notification bypass using popups
- CVE-2022-29909: Bypassing permission prompt in nested browsing contexts
- CVE-2022-29916: Leaking browser history with CSS variables
- CVE-2022-29911: iframe Sandbox bypass
- CVE-2022-29912: Reader mode bypassed SameSite cookies
- CVE-2022-29917: Memory safety bugs fixed in Firefox 100 and Firefox ESR
91.9
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1748=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1748=1
- SUSE Manager Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-1748=1
- SUSE Manager Retail Branch Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-1748=1
- SUSE Manager Proxy 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-1748=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-1748=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-1748=1
- SUSE Linux Enterprise Server 15-SP2-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-1748=1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP4:
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP4-2022-1748=1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP3:
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP3-2022-1748=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-1748=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-1748=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2022-1748=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
MozillaFirefox-91.9.0-150200.152.37.3
MozillaFirefox-branding-upstream-91.9.0-150200.152.37.3
MozillaFirefox-debuginfo-91.9.0-150200.152.37.3
MozillaFirefox-debugsource-91.9.0-150200.152.37.3
MozillaFirefox-devel-91.9.0-150200.152.37.3
MozillaFirefox-translations-common-91.9.0-150200.152.37.3
MozillaFirefox-translations-other-91.9.0-150200.152.37.3
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
MozillaFirefox-91.9.0-150200.152.37.3
MozillaFirefox-branding-upstream-91.9.0-150200.152.37.3
MozillaFirefox-debuginfo-91.9.0-150200.152.37.3
MozillaFirefox-debugsource-91.9.0-150200.152.37.3
MozillaFirefox-devel-91.9.0-150200.152.37.3
MozillaFirefox-translations-common-91.9.0-150200.152.37.3
MozillaFirefox-translations-other-91.9.0-150200.152.37.3
- SUSE Manager Server 4.1 (ppc64le s390x x86_64):
MozillaFirefox-91.9.0-150200.152.37.3
MozillaFirefox-debuginfo-91.9.0-150200.152.37.3
MozillaFirefox-debugsource-91.9.0-150200.152.37.3
MozillaFirefox-devel-91.9.0-150200.152.37.3
MozillaFirefox-translations-common-91.9.0-150200.152.37.3
MozillaFirefox-translations-other-91.9.0-150200.152.37.3
- SUSE Manager Retail Branch Server 4.1 (x86_64):
MozillaFirefox-91.9.0-150200.152.37.3
MozillaFirefox-debuginfo-91.9.0-150200.152.37.3
MozillaFirefox-debugsource-91.9.0-150200.152.37.3
MozillaFirefox-devel-91.9.0-150200.152.37.3
MozillaFirefox-translations-common-91.9.0-150200.152.37.3
MozillaFirefox-translations-other-91.9.0-150200.152.37.3
- SUSE Manager Proxy 4.1 (x86_64):
MozillaFirefox-91.9.0-150200.152.37.3
MozillaFirefox-debuginfo-91.9.0-150200.152.37.3
MozillaFirefox-debugsource-91.9.0-150200.152.37.3
MozillaFirefox-devel-91.9.0-150200.152.37.3
MozillaFirefox-translations-common-91.9.0-150200.152.37.3
MozillaFirefox-translations-other-91.9.0-150200.152.37.3
- SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64):
MozillaFirefox-91.9.0-150200.152.37.3
MozillaFirefox-debuginfo-91.9.0-150200.152.37.3
MozillaFirefox-debugsource-91.9.0-150200.152.37.3
MozillaFirefox-devel-91.9.0-150200.152.37.3
MozillaFirefox-translations-common-91.9.0-150200.152.37.3
MozillaFirefox-translations-other-91.9.0-150200.152.37.3
- SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64):
MozillaFirefox-91.9.0-150200.152.37.3
MozillaFirefox-debuginfo-91.9.0-150200.152.37.3
MozillaFirefox-debugsource-91.9.0-150200.152.37.3
MozillaFirefox-devel-91.9.0-150200.152.37.3
MozillaFirefox-translations-common-91.9.0-150200.152.37.3
MozillaFirefox-translations-other-91.9.0-150200.152.37.3
- SUSE Linux Enterprise Server 15-SP2-BCL (x86_64):
MozillaFirefox-91.9.0-150200.152.37.3
MozillaFirefox-debuginfo-91.9.0-150200.152.37.3
MozillaFirefox-debugsource-91.9.0-150200.152.37.3
MozillaFirefox-devel-91.9.0-150200.152.37.3
MozillaFirefox-translations-common-91.9.0-150200.152.37.3
MozillaFirefox-translations-other-91.9.0-150200.152.37.3
- SUSE Linux Enterprise Module for Desktop Applications 15-SP4 (aarch64 ppc64le s390x x86_64):
MozillaFirefox-91.9.0-150200.152.37.3
MozillaFirefox-debuginfo-91.9.0-150200.152.37.3
MozillaFirefox-debugsource-91.9.0-150200.152.37.3
MozillaFirefox-translations-common-91.9.0-150200.152.37.3
MozillaFirefox-translations-other-91.9.0-150200.152.37.3
- SUSE Linux Enterprise Module for Desktop Applications 15-SP4 (aarch64 ppc64le x86_64):
MozillaFirefox-devel-91.9.0-150200.152.37.3
- SUSE Linux Enterprise Module for Desktop Applications 15-SP3 (aarch64 ppc64le s390x x86_64):
MozillaFirefox-91.9.0-150200.152.37.3
MozillaFirefox-debuginfo-91.9.0-150200.152.37.3
MozillaFirefox-debugsource-91.9.0-150200.152.37.3
MozillaFirefox-translations-common-91.9.0-150200.152.37.3
MozillaFirefox-translations-other-91.9.0-150200.152.37.3
- SUSE Linux Enterprise Module for Desktop Applications 15-SP3 (aarch64 ppc64le x86_64):
MozillaFirefox-devel-91.9.0-150200.152.37.3
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64):
MozillaFirefox-91.9.0-150200.152.37.3
MozillaFirefox-debuginfo-91.9.0-150200.152.37.3
MozillaFirefox-debugsource-91.9.0-150200.152.37.3
MozillaFirefox-devel-91.9.0-150200.152.37.3
MozillaFirefox-translations-common-91.9.0-150200.152.37.3
MozillaFirefox-translations-other-91.9.0-150200.152.37.3
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (aarch64 x86_64):
MozillaFirefox-91.9.0-150200.152.37.3
MozillaFirefox-debuginfo-91.9.0-150200.152.37.3
MozillaFirefox-debugsource-91.9.0-150200.152.37.3
MozillaFirefox-devel-91.9.0-150200.152.37.3
MozillaFirefox-translations-common-91.9.0-150200.152.37.3
MozillaFirefox-translations-other-91.9.0-150200.152.37.3
- SUSE Enterprise Storage 7 (aarch64 x86_64):
MozillaFirefox-91.9.0-150200.152.37.3
MozillaFirefox-debuginfo-91.9.0-150200.152.37.3
MozillaFirefox-debugsource-91.9.0-150200.152.37.3
MozillaFirefox-devel-91.9.0-150200.152.37.3
MozillaFirefox-translations-common-91.9.0-150200.152.37.3
MozillaFirefox-translations-other-91.9.0-150200.152.37.3
References:
https://www.suse.com/security/cve/CVE-2022-29909.html
https://www.suse.com/security/cve/CVE-2022-29911.html
https://www.suse.com/security/cve/CVE-2022-29912.html
https://www.suse.com/security/cve/CVE-2022-29914.html
https://www.suse.com/security/cve/CVE-2022-29916.html
https://www.suse.com/security/cve/CVE-2022-29917.html
https://bugzilla.suse.com/1198970
1
0
SUSE-SU-2022:1727-1: moderate: Security update for ucode-intel
by opensuse-security@opensuse.org 18 May '22
by opensuse-security@opensuse.org 18 May '22
18 May '22
SUSE Security Update: Security update for ucode-intel
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1727-1
Rating: moderate
References: #1198717 #1199423
Cross-References: CVE-2022-21151
CVSS scores:
CVE-2022-21151 (SUSE): 5.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N
Affected Products:
SUSE Enterprise Storage 7
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Micro 5.1
SUSE Linux Enterprise Micro 5.2
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Server 15-SP2-BCL
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.1
SUSE Manager Server 4.1
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that solves one vulnerability and has one errata
is now available.
Description:
This update for ucode-intel fixes the following issues:
Updated to Intel CPU Microcode 20220510 release. (bsc#1199423) Updated to
Intel CPU Microcode 20220419 release. (bsc#1198717)
- CVE-2022-21151: Processor optimization removal or modification of
security-critical code for some Intel(R) Processors may allow an
authenticated user to potentially enable information disclosure via
local access (bsc#1199423).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1727=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1727=1
- SUSE Manager Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-1727=1
- SUSE Manager Retail Branch Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-1727=1
- SUSE Manager Proxy 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-1727=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-1727=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-1727=1
- SUSE Linux Enterprise Server 15-SP2-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-1727=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-1727=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-1727=1
- SUSE Linux Enterprise Micro 5.2:
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2022-1727=1
- SUSE Linux Enterprise Micro 5.1:
zypper in -t patch SUSE-SUSE-MicroOS-5.1-2022-1727=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-1727=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-1727=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2022-1727=1
Package List:
- openSUSE Leap 15.4 (x86_64):
ucode-intel-20220510-150200.14.1
- openSUSE Leap 15.3 (x86_64):
ucode-intel-20220510-150200.14.1
- SUSE Manager Server 4.1 (x86_64):
ucode-intel-20220510-150200.14.1
- SUSE Manager Retail Branch Server 4.1 (x86_64):
ucode-intel-20220510-150200.14.1
- SUSE Manager Proxy 4.1 (x86_64):
ucode-intel-20220510-150200.14.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (x86_64):
ucode-intel-20220510-150200.14.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (x86_64):
ucode-intel-20220510-150200.14.1
- SUSE Linux Enterprise Server 15-SP2-BCL (x86_64):
ucode-intel-20220510-150200.14.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (x86_64):
ucode-intel-20220510-150200.14.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (x86_64):
ucode-intel-20220510-150200.14.1
- SUSE Linux Enterprise Micro 5.2 (x86_64):
ucode-intel-20220510-150200.14.1
- SUSE Linux Enterprise Micro 5.1 (x86_64):
ucode-intel-20220510-150200.14.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (x86_64):
ucode-intel-20220510-150200.14.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (x86_64):
ucode-intel-20220510-150200.14.1
- SUSE Enterprise Storage 7 (x86_64):
ucode-intel-20220510-150200.14.1
References:
https://www.suse.com/security/cve/CVE-2022-21151.html
https://bugzilla.suse.com/1198717
https://bugzilla.suse.com/1199423
1
0
openSUSE-SU-2022:0141-1: moderate: Security update for autotrace
by opensuse-security@opensuse.org 18 May '22
by opensuse-security@opensuse.org 18 May '22
18 May '22
SUSE Security Update: Security update for autotrace
______________________________________________________________________________
Announcement ID: openSUSE-SU-2022:0141-1
Rating: moderate
References: #1169614 #1182158 #1182159
Cross-References: CVE-2017-9182 CVE-2017-9190 CVE-2019-19004
CVE-2019-19005
CVSS scores:
CVE-2017-9182 (NVD) : 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2017-9190 (NVD) : 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2019-19004 (NVD) : 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
CVE-2019-19005 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected Products:
openSUSE Backports SLE-15-SP3
openSUSE Leap 15.3
______________________________________________________________________________
An update that fixes four vulnerabilities is now available.
Description:
This update for autotrace fixes the following issues:
- CVE-2019-19004: Fixed a biWidth*biBitCnt integer overflow fix
(boo#1182158)
- CVE-2019-19005, CVE-2017-9182, CVE-2017-9190: Bitmap double free fix
(boo#1182159)
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-141=1
- openSUSE Backports SLE-15-SP3:
zypper in -t patch openSUSE-2022-141=1
Package List:
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
permissions-20181225-23.12.1
permissions-debuginfo-20181225-23.12.1
permissions-debugsource-20181225-23.12.1
- openSUSE Leap 15.3 (noarch):
permissions-zypp-plugin-20181225-23.12.1
- openSUSE Backports SLE-15-SP3 (aarch64 i586 ppc64le s390x x86_64):
autotrace-0.31.1-bp153.2.3.1
autotrace-devel-0.31.1-bp153.2.3.1
libautotrace3-0.31.1-bp153.2.3.1
References:
https://www.suse.com/security/cve/CVE-2017-9182.html
https://www.suse.com/security/cve/CVE-2017-9190.html
https://www.suse.com/security/cve/CVE-2019-19004.html
https://www.suse.com/security/cve/CVE-2019-19005.html
https://bugzilla.suse.com/1169614
https://bugzilla.suse.com/1182158
https://bugzilla.suse.com/1182159
1
0
18 May '22
SUSE Security Update: Security update for php7
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1725-1
Rating: low
References: #1197644
Affected Products:
openSUSE Leap 15.4
______________________________________________________________________________
An update that contains security fixes can now be installed.
Description:
This update for php7 fixes the following issues:
- Fixed filter_var bypass vulnerability (bsc#1197644).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1725=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
php7-wddx-7.2.5-150000.4.92.1
php7-wddx-debuginfo-7.2.5-150000.4.92.1
References:
https://bugzilla.suse.com/1197644
1
0
SUSE-SU-2022:1730-1: important: Security update for libslirp
by opensuse-security@opensuse.org 18 May '22
by opensuse-security@opensuse.org 18 May '22
18 May '22
SUSE Security Update: Security update for libslirp
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1730-1
Rating: important
References: #1187364 #1187366 #1187367 #1198773
Cross-References: CVE-2021-3592 CVE-2021-3594 CVE-2021-3595
CVSS scores:
CVE-2021-3592 (NVD) : 3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
CVE-2021-3592 (SUSE): 3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
CVE-2021-3594 (NVD) : 3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
CVE-2021-3594 (SUSE): 3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
CVE-2021-3595 (NVD) : 3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
CVE-2021-3595 (SUSE): 3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
Affected Products:
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Micro 5.1
SUSE Linux Enterprise Micro 5.2
SUSE Linux Enterprise Module for Server Applications 15-SP3
SUSE Linux Enterprise Module for Server Applications 15-SP4
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that solves three vulnerabilities and has one
errata is now available.
Description:
This update for libslirp fixes the following issues:
- CVE-2021-3592: Fixed invalid pointer initialization may lead to
information disclosure (bootp) (bsc#1187364).
- CVE-2021-3594: Fixed invalid pointer initialization may lead to
information disclosure (udp) (bsc#1187367).
- CVE-2021-3595: Fixed invalid pointer initialization may lead to
information disclosure (tftp) (bsc#1187366).
- Fix a dhcp regression [bsc#1198773]
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1730=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1730=1
- SUSE Linux Enterprise Module for Server Applications 15-SP4:
zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP4-2022-1730=1
- SUSE Linux Enterprise Module for Server Applications 15-SP3:
zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP3-2022-1730=1
- SUSE Linux Enterprise Micro 5.2:
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2022-1730=1
- SUSE Linux Enterprise Micro 5.1:
zypper in -t patch SUSE-SUSE-MicroOS-5.1-2022-1730=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
libslirp-debugsource-4.3.1-150300.6.2
libslirp-devel-4.3.1-150300.6.2
libslirp0-4.3.1-150300.6.2
libslirp0-debuginfo-4.3.1-150300.6.2
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
libslirp-debugsource-4.3.1-150300.6.2
libslirp-devel-4.3.1-150300.6.2
libslirp0-4.3.1-150300.6.2
libslirp0-debuginfo-4.3.1-150300.6.2
- SUSE Linux Enterprise Module for Server Applications 15-SP4 (aarch64 ppc64le s390x x86_64):
libslirp-debugsource-4.3.1-150300.6.2
libslirp-devel-4.3.1-150300.6.2
libslirp0-4.3.1-150300.6.2
libslirp0-debuginfo-4.3.1-150300.6.2
- SUSE Linux Enterprise Module for Server Applications 15-SP3 (aarch64 ppc64le s390x x86_64):
libslirp-debugsource-4.3.1-150300.6.2
libslirp-devel-4.3.1-150300.6.2
libslirp0-4.3.1-150300.6.2
libslirp0-debuginfo-4.3.1-150300.6.2
- SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64):
libslirp-debugsource-4.3.1-150300.6.2
libslirp0-4.3.1-150300.6.2
libslirp0-debuginfo-4.3.1-150300.6.2
- SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64):
libslirp-debugsource-4.3.1-150300.6.2
libslirp0-4.3.1-150300.6.2
libslirp0-debuginfo-4.3.1-150300.6.2
References:
https://www.suse.com/security/cve/CVE-2021-3592.html
https://www.suse.com/security/cve/CVE-2021-3594.html
https://www.suse.com/security/cve/CVE-2021-3595.html
https://bugzilla.suse.com/1187364
https://bugzilla.suse.com/1187366
https://bugzilla.suse.com/1187367
https://bugzilla.suse.com/1198773
1
0
openSUSE-SU-2022:0136-1: moderate: Security update for MozillaFirefox
by opensuse-security@opensuse.org 18 May '22
by opensuse-security@opensuse.org 18 May '22
18 May '22
openSUSE Security Update: Security update for MozillaFirefox
______________________________________________________________________________
Announcement ID: openSUSE-SU-2022:0136-1
Rating: moderate
References: #1191938 #1194547 #1199047
Cross-References: CVE-2020-27304 CVE-2021-4140 CVE-2022-22737
CVE-2022-22738 CVE-2022-22739 CVE-2022-22740
CVE-2022-22741 CVE-2022-22742 CVE-2022-22743
CVE-2022-22744 CVE-2022-22745 CVE-2022-22746
CVE-2022-22747 CVE-2022-22748 CVE-2022-22751
CVSS scores:
CVE-2020-27304 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-22747 (SUSE): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
Affected Products:
openSUSE Leap 15.3
______________________________________________________________________________
An update that fixes 15 vulnerabilities is now available.
Description:
This update for MozillaFirefox fixes the following issues:
- CVE-2021-4140: Fixed iframe sandbox bypass with XSLT (bsc#1194547).
- CVE-2022-22737: Fixed race condition when playing audio files
(bsc#1194547).
- CVE-2022-22738: Fixed heap-buffer-overflow in blendGaussianBlur
(bsc#1194547).
- CVE-2022-22739: Fixed missing throttling on external protocol launch
dialog (bsc#1194547).
- CVE-2022-22740: Fixed use-after-free of ChannelEventQueue::mOwner
(bsc#1194547).
- CVE-2022-22741: Fixed browser window spoof using fullscreen mode
(bsc#1194547).
- CVE-2022-22742: Fixed out-of-bounds memory access when inserting text in
edit mode (bsc#1194547).
- CVE-2022-22743: Fixed browser window spoof using fullscreen mode
(bsc#1194547).
- CVE-2022-22744: Fixed possible command injection via the 'Copy as curl'
feature in DevTools (bsc#1194547).
- CVE-2022-22745: Fixed leaking cross-origin URLs through
securitypolicyviolation event (bsc#1194547).
- CVE-2022-22746: Fixed calling into reportValidity could have lead to
fullscreen window spoof (bsc#1194547).
- CVE-2022-22747: Fixed crash when handling empty pkcs7
sequence(bsc#1194547).
- CVE-2022-22748: Fixed spoofed origin on external protocol launch dialog
(bsc#1194547).
- CVE-2022-22751: Fixed memory safety bugs (bsc#1194547).
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-2022-136=1 openSUSE-SLE-15.3-2022-136=1
Package List:
- openSUSE Leap 15.3 (aarch64 i586 ppc64le s390x x86_64):
civetweb-1.15-lp153.2.3.1
civetweb-debuginfo-1.15-lp153.2.3.1
civetweb-debugsource-1.15-lp153.2.3.1
civetweb-devel-1.15-lp153.2.3.1
libcivetweb-cpp1_15_0-1.15-lp153.2.3.1
libcivetweb-cpp1_15_0-debuginfo-1.15-lp153.2.3.1
libcivetweb1_15_0-1.15-lp153.2.3.1
libcivetweb1_15_0-debuginfo-1.15-lp153.2.3.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
MozillaFirefox-91.5.0-152.12.1
MozillaFirefox-branding-upstream-91.5.0-152.12.1
MozillaFirefox-debuginfo-91.5.0-152.12.1
MozillaFirefox-debugsource-91.5.0-152.12.1
MozillaFirefox-devel-91.5.0-152.12.1
MozillaFirefox-translations-common-91.5.0-152.12.1
MozillaFirefox-translations-other-91.5.0-152.12.1
References:
https://www.suse.com/security/cve/CVE-2020-27304.html
https://www.suse.com/security/cve/CVE-2021-4140.html
https://www.suse.com/security/cve/CVE-2022-22737.html
https://www.suse.com/security/cve/CVE-2022-22738.html
https://www.suse.com/security/cve/CVE-2022-22739.html
https://www.suse.com/security/cve/CVE-2022-22740.html
https://www.suse.com/security/cve/CVE-2022-22741.html
https://www.suse.com/security/cve/CVE-2022-22742.html
https://www.suse.com/security/cve/CVE-2022-22743.html
https://www.suse.com/security/cve/CVE-2022-22744.html
https://www.suse.com/security/cve/CVE-2022-22745.html
https://www.suse.com/security/cve/CVE-2022-22746.html
https://www.suse.com/security/cve/CVE-2022-22747.html
https://www.suse.com/security/cve/CVE-2022-22748.html
https://www.suse.com/security/cve/CVE-2022-22751.html
https://bugzilla.suse.com/1191938
https://bugzilla.suse.com/1194547
https://bugzilla.suse.com/1199047
1
0
openSUSE-SU-2022:0135-1: important: Security update for busybox
by opensuse-security@opensuse.org 18 May '22
by opensuse-security@opensuse.org 18 May '22
18 May '22
SUSE Security Update: Security update for busybox
______________________________________________________________________________
Announcement ID: openSUSE-SU-2022:0135-1
Rating: important
References: #1064976 #1064978 #1069412 #1099260 #1099263
#1102912 #1121426 #1121428 #1184522 #1192869
#1198676 #1198677 #1198678 #1198679 #1198680
#1198703 #951562 #970662 #970663 #991940
Cross-References: CVE-2011-5325 CVE-2015-9261 CVE-2016-2147
CVE-2016-2148 CVE-2016-6301 CVE-2017-15873
CVE-2017-15874 CVE-2017-16544 CVE-2018-1000500
CVE-2018-1000517 CVE-2018-20679 CVE-2019-5747
CVE-2021-28831 CVE-2021-42373 CVE-2021-42374
CVE-2021-42375 CVE-2021-42376 CVE-2021-42377
CVE-2021-42378 CVE-2021-42379 CVE-2021-42380
CVE-2021-42381 CVE-2021-42382 CVE-2021-42383
CVE-2021-42384 CVE-2021-42385 CVE-2021-42386
CVE-2022-21465 CVE-2022-21471 CVE-2022-21487
CVE-2022-21488 CVE-2022-21491
CVSS scores:
CVE-2011-5325 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
CVE-2015-9261 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2015-9261 (SUSE): 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2016-2147 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2016-2148 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2016-6301 (NVD) : 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2017-15873 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2017-15873 (SUSE): 7.8 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2017-15874 (NVD) : 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2017-15874 (SUSE): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
CVE-2017-16544 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2017-16544 (SUSE): 7.8 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2018-1000500 (NVD) : 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2018-1000500 (SUSE): 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
CVE-2018-1000517 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2018-1000517 (SUSE): 5.6 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
CVE-2018-20679 (NVD) : 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CVE-2018-20679 (SUSE): 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
CVE-2019-5747 (NVD) : 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CVE-2021-28831 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2021-28831 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2021-42373 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2021-42374 (NVD) : 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H
CVE-2021-42375 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2021-42376 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2021-42377 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2021-42378 (NVD) : 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CVE-2021-42379 (NVD) : 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CVE-2021-42380 (NVD) : 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CVE-2021-42381 (NVD) : 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CVE-2021-42382 (NVD) : 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CVE-2021-42383 (NVD) : 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CVE-2021-42384 (NVD) : 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CVE-2021-42385 (NVD) : 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CVE-2021-42386 (NVD) : 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CVE-2022-21465 (NVD) : 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:H
CVE-2022-21465 (SUSE): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:H
CVE-2022-21471 (NVD) : 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
CVE-2022-21471 (SUSE): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
CVE-2022-21487 (NVD) : 3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
CVE-2022-21487 (SUSE): 3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
CVE-2022-21488 (NVD) : 3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N
CVE-2022-21488 (SUSE): 3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N
CVE-2022-21491 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-21491 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products:
openSUSE Leap 15.3
______________________________________________________________________________
An update that fixes 32 vulnerabilities is now available.
Description:
This update for busybox fixes the following issues:
- CVE-2011-5325: Fixed tar directory traversal (bsc#951562).
- CVE-2015-9261: Fixed segfalts and application crashes in huft_build
(bsc#1102912).
- CVE-2016-2147: Fixed out of bounds write (heap) due to integer underflow
in udhcpc (bsc#970663).
- CVE-2016-2148: Fixed heap-based buffer overflow in OPTION_6RD parsing
(bsc#970662).
- CVE-2016-6301: Fixed NTP server denial of service flaw (bsc#991940).
- CVE-2017-15873: Fixed integer overflow in get_next_block function in
archival/libarchive/decompress_bunzip2.c (bsc#1064976).
- CVE-2017-15874: Fixed integer underflow in
archival/libarchive/decompress_unlzma.c (bsc#1064978).
- CVE-2017-16544: Fixed Insufficient sanitization of filenames when
autocompleting (bsc#1069412).
- CVE-2018-1000500 : Fixed missing SSL certificate validation in wget
(bsc#1099263).
- CVE-2018-1000517: Fixed heap-based buffer overflow in the
retrieve_file_data() (bsc#1099260).
- CVE-2018-20679: Fixed out of bounds read in udhcp (bsc#1121426).
- CVE-2019-5747: Fixed out of bounds read in udhcp components
(bsc#1121428).
- CVE-2021-28831: Fixed invalid free or segmentation fault via malformed
gzip data (bsc#1184522).
- CVE-2021-42373: Fixed NULL pointer dereference in man leading to DoS
when a section name is supplied but no page argument is given
(bsc#1192869).
- CVE-2021-42374: Fixed out-of-bounds heap read in unlzma leading to
information leak and DoS when crafted LZMA-compressed input is
decompressed (bsc#1192869).
- CVE-2021-42375: Fixed incorrect handling of a special element in ash
leading to DoS when processing a crafted shell command, due to the shell
mistaking specific characters for reserved characters (bsc#1192869).
- CVE-2021-42376: Fixed NULL pointer dereference in hush leading to DoS
when processing a crafted shell command (bsc#1192869).
- CVE-2021-42377: Fixed attacker-controlled pointer free in hush leading
to DoS and possible code execution when processing a crafted shell
command (bsc#1192869).
- CVE-2021-42378: Fixed use-after-free in awk leading to DoS and possibly
code execution when processing a crafted awk pattern in the getvar_i
function (bsc#1192869).
- CVE-2021-42379: Fixed use-after-free in awk leading to DoS and possibly
code execution when processing a crafted awk pattern in the
next_input_file function (bsc#1192869).
- CVE-2021-42380: Fixed use-after-free in awk leading to DoS and possibly
code execution when processing a crafted awk pattern in the clrvar
function (bsc#1192869).
- CVE-2021-42381: Fixed use-after-free in awk leading to DoS and possibly
code execution when processing a crafted awk pattern in the hash_init
function (bsc#1192869).
- CVE-2021-42382: Fixed use-after-free in awk leading to DoS and possibly
code execution when processing a crafted awk pattern in the getvar_s
function (bsc#1192869).
- CVE-2021-42383: Fixed use-after-free in awk leading to DoS and possibly
code execution when processing a crafted awk pattern in the evaluate
function (bsc#1192869).
- CVE-2021-42384: Fixed use-after-free in awk leading to DoS and possibly
code execution when processing a crafted awk pattern in the
handle_special function (bsc#1192869).
- CVE-2021-42385: Fixed use-after-free in awk leading to DoS and possibly
code execution when processing a crafted awk pattern in the evaluate
function (bsc#1192869).
- CVE-2021-42386: Fixed use-after-free in awk leading to DoS and possibly
code execution when processing a crafted awk pattern in the nvalloc
function (bsc#1192869).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-2022-135=1 openSUSE-SLE-15.3-2022-135=1
Package List:
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
busybox-1.34.1-4.9.1
busybox-static-1.34.1-4.9.1
- openSUSE Leap 15.3 (noarch):
virtualbox-guest-desktop-icons-6.1.34-lp153.2.27.2
virtualbox-guest-source-6.1.34-lp153.2.27.2
virtualbox-host-source-6.1.34-lp153.2.27.2
- openSUSE Leap 15.3 (x86_64):
python3-virtualbox-6.1.34-lp153.2.27.2
python3-virtualbox-debuginfo-6.1.34-lp153.2.27.2
virtualbox-6.1.34-lp153.2.27.2
virtualbox-debuginfo-6.1.34-lp153.2.27.2
virtualbox-debugsource-6.1.34-lp153.2.27.2
virtualbox-devel-6.1.34-lp153.2.27.2
virtualbox-guest-tools-6.1.34-lp153.2.27.2
virtualbox-guest-tools-debuginfo-6.1.34-lp153.2.27.2
virtualbox-guest-x11-6.1.34-lp153.2.27.2
virtualbox-guest-x11-debuginfo-6.1.34-lp153.2.27.2
virtualbox-kmp-debugsource-6.1.34-lp153.2.27.1
virtualbox-kmp-default-6.1.34_k5.3.18_150300.59.63-lp153.2.27.1
virtualbox-kmp-default-debuginfo-6.1.34_k5.3.18_150300.59.63-lp153.2.27.1
virtualbox-kmp-preempt-6.1.34_k5.3.18_150300.59.63-lp153.2.27.1
virtualbox-kmp-preempt-debuginfo-6.1.34_k5.3.18_150300.59.63-lp153.2.27.1
virtualbox-qt-6.1.34-lp153.2.27.2
virtualbox-qt-debuginfo-6.1.34-lp153.2.27.2
virtualbox-vnc-6.1.34-lp153.2.27.2
virtualbox-websrv-6.1.34-lp153.2.27.2
virtualbox-websrv-debuginfo-6.1.34-lp153.2.27.2
References:
https://www.suse.com/security/cve/CVE-2011-5325.html
https://www.suse.com/security/cve/CVE-2015-9261.html
https://www.suse.com/security/cve/CVE-2016-2147.html
https://www.suse.com/security/cve/CVE-2016-2148.html
https://www.suse.com/security/cve/CVE-2016-6301.html
https://www.suse.com/security/cve/CVE-2017-15873.html
https://www.suse.com/security/cve/CVE-2017-15874.html
https://www.suse.com/security/cve/CVE-2017-16544.html
https://www.suse.com/security/cve/CVE-2018-1000500.html
https://www.suse.com/security/cve/CVE-2018-1000517.html
https://www.suse.com/security/cve/CVE-2018-20679.html
https://www.suse.com/security/cve/CVE-2019-5747.html
https://www.suse.com/security/cve/CVE-2021-28831.html
https://www.suse.com/security/cve/CVE-2021-42373.html
https://www.suse.com/security/cve/CVE-2021-42374.html
https://www.suse.com/security/cve/CVE-2021-42375.html
https://www.suse.com/security/cve/CVE-2021-42376.html
https://www.suse.com/security/cve/CVE-2021-42377.html
https://www.suse.com/security/cve/CVE-2021-42378.html
https://www.suse.com/security/cve/CVE-2021-42379.html
https://www.suse.com/security/cve/CVE-2021-42380.html
https://www.suse.com/security/cve/CVE-2021-42381.html
https://www.suse.com/security/cve/CVE-2021-42382.html
https://www.suse.com/security/cve/CVE-2021-42383.html
https://www.suse.com/security/cve/CVE-2021-42384.html
https://www.suse.com/security/cve/CVE-2021-42385.html
https://www.suse.com/security/cve/CVE-2021-42386.html
https://www.suse.com/security/cve/CVE-2022-21465.html
https://www.suse.com/security/cve/CVE-2022-21471.html
https://www.suse.com/security/cve/CVE-2022-21487.html
https://www.suse.com/security/cve/CVE-2022-21488.html
https://www.suse.com/security/cve/CVE-2022-21491.html
https://bugzilla.suse.com/1064976
https://bugzilla.suse.com/1064978
https://bugzilla.suse.com/1069412
https://bugzilla.suse.com/1099260
https://bugzilla.suse.com/1099263
https://bugzilla.suse.com/1102912
https://bugzilla.suse.com/1121426
https://bugzilla.suse.com/1121428
https://bugzilla.suse.com/1184522
https://bugzilla.suse.com/1192869
https://bugzilla.suse.com/1198676
https://bugzilla.suse.com/1198677
https://bugzilla.suse.com/1198678
https://bugzilla.suse.com/1198679
https://bugzilla.suse.com/1198680
https://bugzilla.suse.com/1198703
https://bugzilla.suse.com/951562
https://bugzilla.suse.com/970662
https://bugzilla.suse.com/970663
https://bugzilla.suse.com/991940
1
0
SUSE-SU-2022:1718-1: important: Security update for e2fsprogs
by opensuse-security@opensuse.org 17 May '22
by opensuse-security@opensuse.org 17 May '22
17 May '22
SUSE Security Update: Security update for e2fsprogs
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1718-1
Rating: important
References: #1198446
Cross-References: CVE-2022-1304
CVSS scores:
CVE-2022-1304 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-1304 (SUSE): 7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H
Affected Products:
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP4
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for e2fsprogs fixes the following issues:
- CVE-2022-1304: Fixed out-of-bounds read/write leading to segmentation
fault and possibly arbitrary code execution. (bsc#1198446)
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1718=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-1718=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
e2fsprogs-1.46.4-150400.3.3.1
e2fsprogs-debuginfo-1.46.4-150400.3.3.1
e2fsprogs-debugsource-1.46.4-150400.3.3.1
e2fsprogs-devel-1.46.4-150400.3.3.1
e2fsprogs-scrub-1.46.4-150400.3.3.1
libcom_err-devel-1.46.4-150400.3.3.1
libcom_err-devel-static-1.46.4-150400.3.3.1
libcom_err2-1.46.4-150400.3.3.1
libcom_err2-debuginfo-1.46.4-150400.3.3.1
libext2fs-devel-1.46.4-150400.3.3.1
libext2fs-devel-static-1.46.4-150400.3.3.1
libext2fs2-1.46.4-150400.3.3.1
libext2fs2-debuginfo-1.46.4-150400.3.3.1
- openSUSE Leap 15.4 (x86_64):
e2fsprogs-32bit-debuginfo-1.46.4-150400.3.3.1
libcom_err-devel-32bit-1.46.4-150400.3.3.1
libcom_err2-32bit-1.46.4-150400.3.3.1
libcom_err2-32bit-debuginfo-1.46.4-150400.3.3.1
libext2fs-devel-32bit-1.46.4-150400.3.3.1
libext2fs2-32bit-1.46.4-150400.3.3.1
libext2fs2-32bit-debuginfo-1.46.4-150400.3.3.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64 ppc64le s390x x86_64):
e2fsprogs-1.46.4-150400.3.3.1
e2fsprogs-debuginfo-1.46.4-150400.3.3.1
e2fsprogs-debugsource-1.46.4-150400.3.3.1
e2fsprogs-devel-1.46.4-150400.3.3.1
libcom_err-devel-1.46.4-150400.3.3.1
libcom_err-devel-static-1.46.4-150400.3.3.1
libcom_err2-1.46.4-150400.3.3.1
libcom_err2-debuginfo-1.46.4-150400.3.3.1
libext2fs-devel-1.46.4-150400.3.3.1
libext2fs-devel-static-1.46.4-150400.3.3.1
libext2fs2-1.46.4-150400.3.3.1
libext2fs2-debuginfo-1.46.4-150400.3.3.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (x86_64):
e2fsprogs-32bit-debuginfo-1.46.4-150400.3.3.1
libcom_err2-32bit-1.46.4-150400.3.3.1
libcom_err2-32bit-debuginfo-1.46.4-150400.3.3.1
References:
https://www.suse.com/security/cve/CVE-2022-1304.html
https://bugzilla.suse.com/1198446
1
0
SUSE-SU-2022:1719-1: important: Security update for MozillaThunderbird
by opensuse-security@opensuse.org 17 May '22
by opensuse-security@opensuse.org 17 May '22
17 May '22
SUSE Security Update: Security update for MozillaThunderbird
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1719-1
Rating: important
References: #1198970
Cross-References: CVE-2022-1520 CVE-2022-29909 CVE-2022-29911
CVE-2022-29912 CVE-2022-29913 CVE-2022-29914
CVE-2022-29916 CVE-2022-29917
CVSS scores:
CVE-2022-1520 (SUSE): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
CVE-2022-29909 (SUSE): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-29911 (SUSE): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-29912 (SUSE): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
CVE-2022-29913 (SUSE): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
CVE-2022-29914 (SUSE): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-29916 (SUSE): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-29917 (SUSE): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected Products:
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Linux Enterprise Workstation Extension 15-SP3
SUSE Linux Enterprise Workstation Extension 15-SP4
SUSE Manager Proxy 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes 8 vulnerabilities is now available.
Description:
This update for MozillaThunderbird fixes the following issues:
Various security fixes MFSA 2022-18 (bsc#1198970):
- CVE-2022-1520: Incorrect security status shown after viewing an attached
email (bmo#1745019).
- CVE-2022-29914: Fullscreen notification bypass using popups
(bmo#1746448).
- CVE-2022-29909: Bypassing permission prompt in nested browsing contexts
(bmo#1755081).
- CVE-2022-29916: Leaking browser history with CSS variables (bmo#1760674).
- CVE-2022-29911: iframe sandbox bypass (bmo#1761981).
- CVE-2022-29912: Reader mode bypassed SameSite cookies (bmo#1692655).
- CVE-2022-29913: Speech Synthesis feature not properly disabled
(bmo#1764778).
- CVE-2022-29917: Memory safety bugs fixed in Thunderbird 91.9
(bmo#1684739, bmo#1706441, bmo#1753298, bmo#1762614, bmo#1762620).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1719=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1719=1
- SUSE Linux Enterprise Workstation Extension 15-SP4:
zypper in -t patch SUSE-SLE-Product-WE-15-SP4-2022-1719=1
- SUSE Linux Enterprise Workstation Extension 15-SP3:
zypper in -t patch SUSE-SLE-Product-WE-15-SP3-2022-1719=1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4:
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP4-2022-1719=1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3:
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP3-2022-1719=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
MozillaThunderbird-91.9.0-150200.8.68.2
MozillaThunderbird-debuginfo-91.9.0-150200.8.68.2
MozillaThunderbird-debugsource-91.9.0-150200.8.68.2
MozillaThunderbird-translations-common-91.9.0-150200.8.68.2
MozillaThunderbird-translations-other-91.9.0-150200.8.68.2
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
MozillaThunderbird-91.9.0-150200.8.68.2
MozillaThunderbird-debuginfo-91.9.0-150200.8.68.2
MozillaThunderbird-debugsource-91.9.0-150200.8.68.2
MozillaThunderbird-translations-common-91.9.0-150200.8.68.2
MozillaThunderbird-translations-other-91.9.0-150200.8.68.2
- SUSE Linux Enterprise Workstation Extension 15-SP4 (x86_64):
MozillaThunderbird-91.9.0-150200.8.68.2
MozillaThunderbird-debuginfo-91.9.0-150200.8.68.2
MozillaThunderbird-debugsource-91.9.0-150200.8.68.2
MozillaThunderbird-translations-common-91.9.0-150200.8.68.2
MozillaThunderbird-translations-other-91.9.0-150200.8.68.2
- SUSE Linux Enterprise Workstation Extension 15-SP3 (x86_64):
MozillaThunderbird-91.9.0-150200.8.68.2
MozillaThunderbird-debuginfo-91.9.0-150200.8.68.2
MozillaThunderbird-debugsource-91.9.0-150200.8.68.2
MozillaThunderbird-translations-common-91.9.0-150200.8.68.2
MozillaThunderbird-translations-other-91.9.0-150200.8.68.2
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4 (aarch64 ppc64le s390x):
MozillaThunderbird-91.9.0-150200.8.68.2
MozillaThunderbird-debuginfo-91.9.0-150200.8.68.2
MozillaThunderbird-debugsource-91.9.0-150200.8.68.2
MozillaThunderbird-translations-common-91.9.0-150200.8.68.2
MozillaThunderbird-translations-other-91.9.0-150200.8.68.2
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3 (aarch64 ppc64le s390x):
MozillaThunderbird-91.9.0-150200.8.68.2
MozillaThunderbird-debuginfo-91.9.0-150200.8.68.2
MozillaThunderbird-debugsource-91.9.0-150200.8.68.2
MozillaThunderbird-translations-common-91.9.0-150200.8.68.2
MozillaThunderbird-translations-other-91.9.0-150200.8.68.2
References:
https://www.suse.com/security/cve/CVE-2022-1520.html
https://www.suse.com/security/cve/CVE-2022-29909.html
https://www.suse.com/security/cve/CVE-2022-29911.html
https://www.suse.com/security/cve/CVE-2022-29912.html
https://www.suse.com/security/cve/CVE-2022-29913.html
https://www.suse.com/security/cve/CVE-2022-29914.html
https://www.suse.com/security/cve/CVE-2022-29916.html
https://www.suse.com/security/cve/CVE-2022-29917.html
https://bugzilla.suse.com/1198970
1
0
SUSE-SU-2022:1717-1: important: Security update for nodejs10
by opensuse-security@opensuse.org 17 May '22
by opensuse-security@opensuse.org 17 May '22
17 May '22
SUSE Security Update: Security update for nodejs10
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1717-1
Rating: important
References: #1191962 #1191963 #1192153 #1192154 #1192696
#1194514 #1194819 #1197283 #1198247
Cross-References: CVE-2021-23343 CVE-2021-32803 CVE-2021-32804
CVE-2021-3807 CVE-2021-3918 CVE-2021-44906
CVE-2021-44907 CVE-2022-0235 CVE-2022-21824
CVSS scores:
CVE-2021-23343 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2021-23343 (SUSE): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2021-32803 (NVD) : 8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H
CVE-2021-32803 (SUSE): 8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H
CVE-2021-32804 (NVD) : 8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H
CVE-2021-32804 (SUSE): 8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H
CVE-2021-3807 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2021-3807 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2021-3918 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2021-3918 (SUSE): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2021-44906 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2021-44906 (SUSE): 5.6 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
CVE-2021-44907 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2021-44907 (SUSE): 3.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N
CVE-2022-0235 (SUSE): 6.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N
CVE-2022-21824 (NVD) : 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
CVE-2022-21824 (SUSE): 4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L
Affected Products:
SUSE CaaS Platform 4.0
SUSE Enterprise Storage 6
SUSE Enterprise Storage 7
SUSE Linux Enterprise High Performance Computing 15-ESPOS
SUSE Linux Enterprise High Performance Computing 15-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise Server 15-LTSS
SUSE Linux Enterprise Server 15-SP1-BCL
SUSE Linux Enterprise Server 15-SP1-LTSS
SUSE Linux Enterprise Server 15-SP2-BCL
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server for SAP 15
SUSE Linux Enterprise Server for SAP 15-SP1
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Manager Proxy 4.1
SUSE Manager Retail Branch Server 4.1
SUSE Manager Server 4.1
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes 9 vulnerabilities is now available.
Description:
This update for nodejs10 fixes the following issues:
- CVE-2021-23343: Fixed ReDoS via splitDeviceRe, splitTailRe and
splitPathRe (bsc#1192153).
- CVE-2021-32803: Fixed insufficient symlink protection in node-tar
allowing arbitrary file creation and overwrite (bsc#1191963).
- CVE-2021-32804: Fixed insufficient absolute path sanitization in
node-tar allowing arbitrary file creation and overwrite (bsc#1191962).
- CVE-2021-3918: Fixed improper controlled modification of object
prototype attributes in json-schema (bsc#1192696).
- CVE-2021-3807: Fixed regular expression denial of service (ReDoS)
matching ANSI escape codes in node-ansi-regex (bsc#1192154).
- CVE-2022-21824: Fixed prototype pollution via console.table
(bsc#1194514).
- CVE-2021-44906: Fixed prototype pollution in npm dependency
(bsc#1198247).
- CVE-2021-44907: Fixed insuficient sanitation in npm dependency
(bsc#1197283).
- CVE-2022-0235: Fixed passing of cookie data and sensitive headers to
different hostnames in node-fetch-npm (bsc#1194819).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1717=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1717=1
- SUSE Manager Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-1717=1
- SUSE Manager Retail Branch Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-1717=1
- SUSE Manager Proxy 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-1717=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-1717=1
- SUSE Linux Enterprise Server for SAP 15-SP1:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2022-1717=1
- SUSE Linux Enterprise Server for SAP 15:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-2022-1717=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-1717=1
- SUSE Linux Enterprise Server 15-SP2-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-1717=1
- SUSE Linux Enterprise Server 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2022-1717=1
- SUSE Linux Enterprise Server 15-SP1-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-BCL-2022-1717=1
- SUSE Linux Enterprise Server 15-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-2022-1717=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-1717=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-1717=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-LTSS-2022-1717=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-ESPOS-2022-1717=1
- SUSE Linux Enterprise High Performance Computing 15-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-2022-1717=1
- SUSE Linux Enterprise High Performance Computing 15-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-2022-1717=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2022-1717=1
- SUSE Enterprise Storage 6:
zypper in -t patch SUSE-Storage-6-2022-1717=1
- SUSE CaaS Platform 4.0:
To install this update, use the SUSE CaaS Platform 'skuba' tool. It
will inform you if it detects new updates and let you then trigger
updating of the complete cluster in a controlled way.
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
nodejs10-10.24.1-150000.1.44.1
nodejs10-debuginfo-10.24.1-150000.1.44.1
nodejs10-debugsource-10.24.1-150000.1.44.1
nodejs10-devel-10.24.1-150000.1.44.1
npm10-10.24.1-150000.1.44.1
- openSUSE Leap 15.4 (noarch):
nodejs10-docs-10.24.1-150000.1.44.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
nodejs10-10.24.1-150000.1.44.1
nodejs10-debuginfo-10.24.1-150000.1.44.1
nodejs10-debugsource-10.24.1-150000.1.44.1
nodejs10-devel-10.24.1-150000.1.44.1
npm10-10.24.1-150000.1.44.1
- openSUSE Leap 15.3 (noarch):
nodejs10-docs-10.24.1-150000.1.44.1
- SUSE Manager Server 4.1 (ppc64le s390x x86_64):
nodejs10-10.24.1-150000.1.44.1
nodejs10-debuginfo-10.24.1-150000.1.44.1
nodejs10-debugsource-10.24.1-150000.1.44.1
nodejs10-devel-10.24.1-150000.1.44.1
npm10-10.24.1-150000.1.44.1
- SUSE Manager Server 4.1 (noarch):
nodejs10-docs-10.24.1-150000.1.44.1
- SUSE Manager Retail Branch Server 4.1 (noarch):
nodejs10-docs-10.24.1-150000.1.44.1
- SUSE Manager Retail Branch Server 4.1 (x86_64):
nodejs10-10.24.1-150000.1.44.1
nodejs10-debuginfo-10.24.1-150000.1.44.1
nodejs10-debugsource-10.24.1-150000.1.44.1
nodejs10-devel-10.24.1-150000.1.44.1
npm10-10.24.1-150000.1.44.1
- SUSE Manager Proxy 4.1 (x86_64):
nodejs10-10.24.1-150000.1.44.1
nodejs10-debuginfo-10.24.1-150000.1.44.1
nodejs10-debugsource-10.24.1-150000.1.44.1
nodejs10-devel-10.24.1-150000.1.44.1
npm10-10.24.1-150000.1.44.1
- SUSE Manager Proxy 4.1 (noarch):
nodejs10-docs-10.24.1-150000.1.44.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64):
nodejs10-10.24.1-150000.1.44.1
nodejs10-debuginfo-10.24.1-150000.1.44.1
nodejs10-debugsource-10.24.1-150000.1.44.1
nodejs10-devel-10.24.1-150000.1.44.1
npm10-10.24.1-150000.1.44.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (noarch):
nodejs10-docs-10.24.1-150000.1.44.1
- SUSE Linux Enterprise Server for SAP 15-SP1 (ppc64le x86_64):
nodejs10-10.24.1-150000.1.44.1
nodejs10-debuginfo-10.24.1-150000.1.44.1
nodejs10-debugsource-10.24.1-150000.1.44.1
nodejs10-devel-10.24.1-150000.1.44.1
npm10-10.24.1-150000.1.44.1
- SUSE Linux Enterprise Server for SAP 15-SP1 (noarch):
nodejs10-docs-10.24.1-150000.1.44.1
- SUSE Linux Enterprise Server for SAP 15 (ppc64le x86_64):
nodejs10-10.24.1-150000.1.44.1
nodejs10-debuginfo-10.24.1-150000.1.44.1
nodejs10-debugsource-10.24.1-150000.1.44.1
nodejs10-devel-10.24.1-150000.1.44.1
npm10-10.24.1-150000.1.44.1
- SUSE Linux Enterprise Server for SAP 15 (noarch):
nodejs10-docs-10.24.1-150000.1.44.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64):
nodejs10-10.24.1-150000.1.44.1
nodejs10-debuginfo-10.24.1-150000.1.44.1
nodejs10-debugsource-10.24.1-150000.1.44.1
nodejs10-devel-10.24.1-150000.1.44.1
npm10-10.24.1-150000.1.44.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (noarch):
nodejs10-docs-10.24.1-150000.1.44.1
- SUSE Linux Enterprise Server 15-SP2-BCL (x86_64):
nodejs10-10.24.1-150000.1.44.1
nodejs10-debuginfo-10.24.1-150000.1.44.1
nodejs10-debugsource-10.24.1-150000.1.44.1
nodejs10-devel-10.24.1-150000.1.44.1
npm10-10.24.1-150000.1.44.1
- SUSE Linux Enterprise Server 15-SP2-BCL (noarch):
nodejs10-docs-10.24.1-150000.1.44.1
- SUSE Linux Enterprise Server 15-SP1-LTSS (aarch64 ppc64le s390x x86_64):
nodejs10-10.24.1-150000.1.44.1
nodejs10-debuginfo-10.24.1-150000.1.44.1
nodejs10-debugsource-10.24.1-150000.1.44.1
nodejs10-devel-10.24.1-150000.1.44.1
npm10-10.24.1-150000.1.44.1
- SUSE Linux Enterprise Server 15-SP1-LTSS (noarch):
nodejs10-docs-10.24.1-150000.1.44.1
- SUSE Linux Enterprise Server 15-SP1-BCL (noarch):
nodejs10-docs-10.24.1-150000.1.44.1
- SUSE Linux Enterprise Server 15-SP1-BCL (x86_64):
nodejs10-10.24.1-150000.1.44.1
nodejs10-debuginfo-10.24.1-150000.1.44.1
nodejs10-debugsource-10.24.1-150000.1.44.1
nodejs10-devel-10.24.1-150000.1.44.1
npm10-10.24.1-150000.1.44.1
- SUSE Linux Enterprise Server 15-LTSS (aarch64 s390x):
nodejs10-10.24.1-150000.1.44.1
nodejs10-debuginfo-10.24.1-150000.1.44.1
nodejs10-debugsource-10.24.1-150000.1.44.1
nodejs10-devel-10.24.1-150000.1.44.1
npm10-10.24.1-150000.1.44.1
- SUSE Linux Enterprise Server 15-LTSS (noarch):
nodejs10-docs-10.24.1-150000.1.44.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64):
nodejs10-10.24.1-150000.1.44.1
nodejs10-debuginfo-10.24.1-150000.1.44.1
nodejs10-debugsource-10.24.1-150000.1.44.1
nodejs10-devel-10.24.1-150000.1.44.1
npm10-10.24.1-150000.1.44.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (noarch):
nodejs10-docs-10.24.1-150000.1.44.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (aarch64 x86_64):
nodejs10-10.24.1-150000.1.44.1
nodejs10-debuginfo-10.24.1-150000.1.44.1
nodejs10-debugsource-10.24.1-150000.1.44.1
nodejs10-devel-10.24.1-150000.1.44.1
npm10-10.24.1-150000.1.44.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (noarch):
nodejs10-docs-10.24.1-150000.1.44.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (aarch64 x86_64):
nodejs10-10.24.1-150000.1.44.1
nodejs10-debuginfo-10.24.1-150000.1.44.1
nodejs10-debugsource-10.24.1-150000.1.44.1
nodejs10-devel-10.24.1-150000.1.44.1
npm10-10.24.1-150000.1.44.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (noarch):
nodejs10-docs-10.24.1-150000.1.44.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (aarch64 x86_64):
nodejs10-10.24.1-150000.1.44.1
nodejs10-debuginfo-10.24.1-150000.1.44.1
nodejs10-debugsource-10.24.1-150000.1.44.1
nodejs10-devel-10.24.1-150000.1.44.1
npm10-10.24.1-150000.1.44.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (noarch):
nodejs10-docs-10.24.1-150000.1.44.1
- SUSE Linux Enterprise High Performance Computing 15-LTSS (aarch64 x86_64):
nodejs10-10.24.1-150000.1.44.1
nodejs10-debuginfo-10.24.1-150000.1.44.1
nodejs10-debugsource-10.24.1-150000.1.44.1
nodejs10-devel-10.24.1-150000.1.44.1
npm10-10.24.1-150000.1.44.1
- SUSE Linux Enterprise High Performance Computing 15-LTSS (noarch):
nodejs10-docs-10.24.1-150000.1.44.1
- SUSE Linux Enterprise High Performance Computing 15-ESPOS (aarch64 x86_64):
nodejs10-10.24.1-150000.1.44.1
nodejs10-debuginfo-10.24.1-150000.1.44.1
nodejs10-debugsource-10.24.1-150000.1.44.1
nodejs10-devel-10.24.1-150000.1.44.1
npm10-10.24.1-150000.1.44.1
- SUSE Linux Enterprise High Performance Computing 15-ESPOS (noarch):
nodejs10-docs-10.24.1-150000.1.44.1
- SUSE Enterprise Storage 7 (aarch64 x86_64):
nodejs10-10.24.1-150000.1.44.1
nodejs10-debuginfo-10.24.1-150000.1.44.1
nodejs10-debugsource-10.24.1-150000.1.44.1
nodejs10-devel-10.24.1-150000.1.44.1
npm10-10.24.1-150000.1.44.1
- SUSE Enterprise Storage 7 (noarch):
nodejs10-docs-10.24.1-150000.1.44.1
- SUSE Enterprise Storage 6 (aarch64 x86_64):
nodejs10-10.24.1-150000.1.44.1
nodejs10-debuginfo-10.24.1-150000.1.44.1
nodejs10-debugsource-10.24.1-150000.1.44.1
nodejs10-devel-10.24.1-150000.1.44.1
npm10-10.24.1-150000.1.44.1
- SUSE Enterprise Storage 6 (noarch):
nodejs10-docs-10.24.1-150000.1.44.1
- SUSE CaaS Platform 4.0 (x86_64):
nodejs10-10.24.1-150000.1.44.1
nodejs10-debuginfo-10.24.1-150000.1.44.1
nodejs10-debugsource-10.24.1-150000.1.44.1
nodejs10-devel-10.24.1-150000.1.44.1
npm10-10.24.1-150000.1.44.1
- SUSE CaaS Platform 4.0 (noarch):
nodejs10-docs-10.24.1-150000.1.44.1
References:
https://www.suse.com/security/cve/CVE-2021-23343.html
https://www.suse.com/security/cve/CVE-2021-32803.html
https://www.suse.com/security/cve/CVE-2021-32804.html
https://www.suse.com/security/cve/CVE-2021-3807.html
https://www.suse.com/security/cve/CVE-2021-3918.html
https://www.suse.com/security/cve/CVE-2021-44906.html
https://www.suse.com/security/cve/CVE-2021-44907.html
https://www.suse.com/security/cve/CVE-2022-0235.html
https://www.suse.com/security/cve/CVE-2022-21824.html
https://bugzilla.suse.com/1191962
https://bugzilla.suse.com/1191963
https://bugzilla.suse.com/1192153
https://bugzilla.suse.com/1192154
https://bugzilla.suse.com/1192696
https://bugzilla.suse.com/1194514
https://bugzilla.suse.com/1194819
https://bugzilla.suse.com/1197283
https://bugzilla.suse.com/1198247
1
0
openSUSE-SU-2022:0134-1: important: Security update for python-numpy
by opensuse-security@opensuse.org 17 May '22
by opensuse-security@opensuse.org 17 May '22
17 May '22
openSUSE Security Update: Security update for python-numpy
______________________________________________________________________________
Announcement ID: openSUSE-SU-2022:0134-1
Rating: important
References: #1190345 #1193907 #1193913
Cross-References: CVE-2021-21897 CVE-2021-33430 CVE-2021-41496
CVSS scores:
CVE-2021-21897 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-21897 (SUSE): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-33430 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2021-33430 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2021-41496 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2021-41496 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Affected Products:
openSUSE Backports SLE-15-SP3
openSUSE Leap 15.3
______________________________________________________________________________
An update that fixes three vulnerabilities is now available.
Description:
This update for python-numpy fixes the following issues:
- CVE-2021-33430: Fixed buffer overflow that could lead to DoS in
PyArray_NewFromDescr_int function of ctors.c (bsc#1193913).
- CVE-2021-41496: Fixed buffer overflow that could lead to DoS in
array_from_pyobj function of fortranobject.c (bsc#1193907).
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-134=1
- openSUSE Backports SLE-15-SP3:
zypper in -t patch openSUSE-2022-134=1
Package List:
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
python-numpy-debugsource-1.17.3-10.1
python-numpy_1_17_3-gnu-hpc-debugsource-1.17.3-10.1
python3-numpy-1.17.3-10.1
python3-numpy-debuginfo-1.17.3-10.1
python3-numpy-devel-1.17.3-10.1
python3-numpy-gnu-hpc-1.17.3-10.1
python3-numpy-gnu-hpc-devel-1.17.3-10.1
python3-numpy_1_17_3-gnu-hpc-1.17.3-10.1
python3-numpy_1_17_3-gnu-hpc-debuginfo-1.17.3-10.1
python3-numpy_1_17_3-gnu-hpc-devel-1.17.3-10.1
- openSUSE Backports SLE-15-SP3 (aarch64 i586 ppc64le s390x x86_64):
dxflib-devel-3.17.0-bp153.2.3.1
libdxflib-3_17_0-1-3.17.0-bp153.2.3.1
References:
https://www.suse.com/security/cve/CVE-2021-21897.html
https://www.suse.com/security/cve/CVE-2021-33430.html
https://www.suse.com/security/cve/CVE-2021-41496.html
https://bugzilla.suse.com/1190345
https://bugzilla.suse.com/1193907
https://bugzilla.suse.com/1193913
1
0
SUSE-SU-2022:1694-1: moderate: Security update for nodejs8
by opensuse-security@opensuse.org 17 May '22
by opensuse-security@opensuse.org 17 May '22
17 May '22
SUSE Security Update: Security update for nodejs8
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1694-1
Rating: moderate
References: #1194819 #1197283 #1198247
Cross-References: CVE-2021-44906 CVE-2021-44907 CVE-2022-0235
CVSS scores:
CVE-2021-44906 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2021-44906 (SUSE): 5.6 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
CVE-2021-44907 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2021-44907 (SUSE): 3.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N
CVE-2022-0235 (SUSE): 6.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N
Affected Products:
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes three vulnerabilities is now available.
Description:
This update for nodejs8 fixes the following issues:
- CVE-2021-44906: Fixed prototype pollution in npm dependency
(bsc#1198247).
- CVE-2021-44907: Fixed insuficient sanitation in npm dependency
(bsc#1197283).
- CVE-2022-0235: Fixed passing of cookie data and sensitive headers to
different hostnames in node-fetch-npm (bsc#1194819).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1694=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1694=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
nodejs8-8.17.0-150200.10.22.1
nodejs8-debuginfo-8.17.0-150200.10.22.1
nodejs8-debugsource-8.17.0-150200.10.22.1
nodejs8-devel-8.17.0-150200.10.22.1
npm8-8.17.0-150200.10.22.1
- openSUSE Leap 15.4 (noarch):
nodejs8-docs-8.17.0-150200.10.22.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
nodejs8-8.17.0-150200.10.22.1
nodejs8-debuginfo-8.17.0-150200.10.22.1
nodejs8-debugsource-8.17.0-150200.10.22.1
nodejs8-devel-8.17.0-150200.10.22.1
npm8-8.17.0-150200.10.22.1
- openSUSE Leap 15.3 (noarch):
nodejs8-docs-8.17.0-150200.10.22.1
References:
https://www.suse.com/security/cve/CVE-2021-44906.html
https://www.suse.com/security/cve/CVE-2021-44907.html
https://www.suse.com/security/cve/CVE-2022-0235.html
https://bugzilla.suse.com/1194819
https://bugzilla.suse.com/1197283
https://bugzilla.suse.com/1198247
1
0
openSUSE-SU-2022:0133-1: important: Security update for chromium
by opensuse-security@opensuse.org 16 May '22
by opensuse-security@opensuse.org 16 May '22
16 May '22
openSUSE Security Update: Security update for chromium
______________________________________________________________________________
Announcement ID: openSUSE-SU-2022:0133-1
Rating: important
References: #1199409
Cross-References: CVE-2022-1633 CVE-2022-1634 CVE-2022-1635
CVE-2022-1636 CVE-2022-1637 CVE-2022-1638
CVE-2022-1639 CVE-2022-1640 CVE-2022-1641
Affected Products:
openSUSE Backports SLE-15-SP3
______________________________________________________________________________
An update that fixes 9 vulnerabilities is now available.
Description:
This update for chromium fixes the following issues:
Chromium was updated to 101.0.4951.64 (boo#1199409)
* CVE-2022-1633: Use after free in Sharesheet
* CVE-2022-1634: Use after free in Browser UI
* CVE-2022-1635: Use after free in Permission Prompts
* CVE-2022-1636: Use after free in Performance APIs
* CVE-2022-1637: Inappropriate implementation in Web Contents
* CVE-2022-1638: Heap buffer overflow in V8 Internationalization
* CVE-2022-1639: Use after free in ANGLE
* CVE-2022-1640: Use after free in Sharing
* CVE-2022-1641: Use after free in Web UI Diagnostics
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Backports SLE-15-SP3:
zypper in -t patch openSUSE-2022-133=1
Package List:
- openSUSE Backports SLE-15-SP3 (aarch64 x86_64):
chromedriver-101.0.4951.64-bp153.2.91.1
chromium-101.0.4951.64-bp153.2.91.1
References:
https://www.suse.com/security/cve/CVE-2022-1633.html
https://www.suse.com/security/cve/CVE-2022-1634.html
https://www.suse.com/security/cve/CVE-2022-1635.html
https://www.suse.com/security/cve/CVE-2022-1636.html
https://www.suse.com/security/cve/CVE-2022-1637.html
https://www.suse.com/security/cve/CVE-2022-1638.html
https://www.suse.com/security/cve/CVE-2022-1639.html
https://www.suse.com/security/cve/CVE-2022-1640.html
https://www.suse.com/security/cve/CVE-2022-1641.html
https://bugzilla.suse.com/1199409
1
0
SUSE-SU-2022:1687-1: important: Security update for the Linux Kernel
by opensuse-security@opensuse.org 16 May '22
by opensuse-security@opensuse.org 16 May '22
16 May '22
SUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1687-1
Rating: important
References: #1028340 #1071995 #1137728 #1152472 #1152489
#1177028 #1179878 #1182073 #1183723 #1187055
#1191647 #1193556 #1193842 #1194625 #1195651
#1195926 #1196018 #1196114 #1196367 #1196514
#1196639 #1196942 #1197157 #1197391 #1197656
#1197660 #1197677 #1197914 #1197926 #1198077
#1198217 #1198330 #1198400 #1198413 #1198437
#1198448 #1198484 #1198515 #1198516 #1198534
#1198742 #1198825 #1198989 #1199012 #1199024
SLE-13208 SLE-13513 SLE-15172 SLE-15175 SLE-18234
SLE-8449
Cross-References: CVE-2020-27835 CVE-2021-0707 CVE-2021-20292
CVE-2021-20321 CVE-2021-38208 CVE-2021-4154
CVE-2022-0812 CVE-2022-1158 CVE-2022-1280
CVE-2022-1353 CVE-2022-1419 CVE-2022-1516
CVE-2022-28356 CVE-2022-28748 CVE-2022-28893
CVE-2022-29156
CVSS scores:
CVE-2020-27835 (SUSE): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CVE-2021-0707 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2021-0707 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2021-20292 (NVD) : 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CVE-2021-20292 (SUSE): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CVE-2021-20321 (NVD) : 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2021-20321 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2021-38208 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2021-38208 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2021-4154 (NVD) : 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
CVE-2021-4154 (SUSE): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
CVE-2022-0812 (SUSE): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CVE-2022-1158 (SUSE): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-1280 (NVD) : 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H
CVE-2022-1280 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-1353 (NVD) : 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
CVE-2022-1353 (SUSE): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
CVE-2022-1419 (SUSE): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CVE-2022-1516 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-1516 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-28356 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-28356 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-28748 (SUSE): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
CVE-2022-28893 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-28893 (SUSE): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-29156 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-29156 (SUSE): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
Affected Products:
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise High Availability 15-SP3
SUSE Linux Enterprise High Performance Computing
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Micro 5.1
SUSE Linux Enterprise Micro 5.2
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Development Tools 15-SP3
SUSE Linux Enterprise Module for Legacy Software 15-SP3
SUSE Linux Enterprise Module for Live Patching 15-SP3
SUSE Linux Enterprise Server
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP Applications
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Workstation Extension 15-SP3
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that solves 16 vulnerabilities, contains 6
features and has 29 fixes is now available.
Description:
The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various
security and bugfixes.
The following security bugs were fixed:
- CVE-2022-29156: Fixed a double free related to rtrs_clt_dev_release
(bnc#1198515).
- CVE-2022-28893: Ensuring that sockets are in the intended state inside
the SUNRPC subsystem (bnc#1198330).
- CVE-2022-28748: Fixed memory lead over the network by ax88179_178a
devices (bsc#1196018).
- CVE-2022-28356: Fixed a refcount leak bug found in net/llc/af_llc.c
(bnc#1197391).
- CVE-2022-1516: Fixed null-ptr-deref caused by x25_disconnect
(bsc#1199012).
- CVE-2022-1419: Fixed a concurrency use-after-free in
vgem_gem_dumb_create (bsc#1198742).
- CVE-2022-1353: Fixed access controll to kernel memory in the
pfkey_register function in net/key/af_key.c (bnc#1198516).
- CVE-2022-1280: Fixed a use-after-free vulnerability in drm_lease_held in
drivers/gpu/drm/drm_lease.c (bnc#1197914).
- CVE-2022-1158: Fixed KVM x86/mmu compare-and-exchange of gPTE via the
user address (bsc#1197660).
- CVE-2022-0812: Fixed random memory leakage inside NFS/RDMA (bsc#1196639).
- CVE-2021-4154: Fixed a use-after-free flaw inside cgroup1_parse_param in
kernel/cgroup/cgroup-v1.c. A local attacker with a user privilege could
cause a privilege escalation by exploiting the fsconfig syscall
parameter leading to a container breakout and a denial of service on the
system (bnc#1193842).
- CVE-2021-38208: Fixed a denial of service (NULL pointer dereference and
BUG) by making a getsockname call after a certain type of failure of a
bind call (bnc#1187055).
- CVE-2021-20321: Fixed a race condition accessing file object in the
OverlayFS subsystem in the way users do rename in specific way with
OverlayFS. A local user could have used this flaw to crash the system
(bnc#1191647).
- CVE-2021-20292: Fixed object validation prior to performing operations
on the object in nouveau_sgdma_create_ttm in Nouveau DRM subsystem
(bnc#1183723).
- CVE-2021-0707: Fixed possible memory corruption due to a use after free
inside dma_buf_releas e of dma-buf.c (bnc#1198437).
- CVE-2020-27835: Fixed use after free in infiniband hfi1 driver in the
way user calls Ioctl after open dev file and fork. A local user could
use this flaw to crash the system (bnc#1179878).
The following non-security bugs were fixed:
- ACPI: processor idle: Check for architectural support for LPI
(git-fixes).
- ACPI/APEI: Limit printable size of BERT table data (git-fixes).
- ACPICA: Avoid walking the ACPI Namespace if it is not there (git-fixes).
- adm8211: fix error return code in adm8211_probe() (git-fixes).
- ALSA: cs4236: fix an incorrect NULL check on list iterator (git-fixes).
- ALSA: hda/hdmi: fix warning about PCM count when used with SOF
(git-fixes).
- ALSA: hda/realtek: Add alc256-samsung-headphone fixup (git-fixes).
- ALSA: hda/realtek: Add quirk for Clevo PD50PNT (git-fixes).
- ALSA: hda/realtek: Fix audio regression on Mi Notebook Pro 2020
(git-fixes).
- ALSA: pcm: Test for "silence" field in struct "pcm_format_data"
(git-fixes).
- ALSA: usb-audio: Cap upper limits of buffer/period bytes for implicit fb
(git-fixes).
- ALSA: usb-audio: Increase max buffer size (git-fixes).
- ALSA: usb-audio: Limit max buffer and period sizes per time (git-fixes).
- arm64: clear_page() shouldn't use DC ZVA when DCZID_EL0.DZP == 1
(git-fixes)
- arm64: dts: allwinner: h5: NanoPI Neo 2: Fix ethernet node (git-fixes)
- arm64: dts: allwinner: orangepi-zero-plus: fix PHY mode (git-fixes)
- arm64: dts: exynos: correct GIC CPU interfaces address range on
(git-fixes)
- arm64: dts: ls1028a: fix memory node (git-fixes)
- arm64: dts: ls1028a: fix node name for the sysclk (git-fixes)
- arm64: dts: lx2160a: fix scl-gpios property name (git-fixes)
- arm64: dts: marvell: armada-37xx: Extend PCIe MEM space (git-fixes)
- arm64: dts: marvell: armada-37xx: Fix reg for standard variant of
(git-fixes)
- arm64: dts: marvell: armada-37xx: Remap IO space to bus address 0x0
(git-fixes)
- arm64: dts: rockchip: Fix GPU register width for RK3328 (git-fixes)
- arm64: dts: rockchip: remove mmc-hs400-enhanced-strobe from (git-fixes)
- arm64: dts: zii-ultra: fix 12V_MAIN voltage (git-fixes)
- arm64: head: avoid over-mapping in map_memory (git-fixes)
- arm64: Update config files; arm LIBNVDIMM y->m ppc64le ND_BLK ->m
(bsc#1199024).
- arm64/sve: Use correct size when reinitialising SVE state (git-fixes)
- ASoC: atmel: Remove system clock tree configuration for at91sam9g20ek
(git-fixes).
- ASoC: codecs: wcd934x: do not switch off SIDO Buck when codec is in use
(git-fixes).
- ASoC: mediatek: mt6358: add missing EXPORT_SYMBOLs (git-fixes).
- ASoC: msm8916-wcd-digital: Check failure for
devm_snd_soc_register_component (git-fixes).
- ASoC: soc-compress: Change the check for codec_dai (git-fixes).
- ASoC: soc-compress: prevent the potentially use of null pointer
(git-fixes).
- ASoC: soc-core: skip zero num_dai component in searching dai name
(git-fixes).
- ASoC: soc-dapm: fix two incorrect uses of list iterator (git-fixes).
- ata: libata-core: Disable READ LOG DMA EXT for Samsung 840 EVOs
(git-fixes).
- ata: sata_dwc_460ex: Fix crash due to OOB write (git-fixes).
- ath10k: fix memory overwrite of the WoWLAN wakeup packet pattern
(git-fixes).
- ath5k: fix building with LEDS=m (git-fixes).
- ath5k: fix OOB in ath5k_eeprom_read_pcal_info_5111 (git-fixes).
- ath9k_htc: fix uninit value bugs (git-fixes).
- ath9k: Fix usage of driver-private space in tx_info (git-fixes).
- ath9k: Properly clear TX status area before reporting to mac80211
(git-fixes).
- backlight: qcom-wled: Respect enabled-strings in set_brightness
(bsc#1152489)
- bareudp: use ipv6_mod_enabled to check if IPv6 enabled (jsc#SLE-15172).
- bfq: Avoid merging queues with different parents (bsc#1197926).
- bfq: Drop pointless unlock-lock pair (bsc#1197926).
- bfq: Get rid of __bio_blkcg() usage (bsc#1197926).
- bfq: Make sure bfqg for which we are queueing requests is online
(bsc#1197926).
- bfq: Remove pointless bfq_init_rq() calls (bsc#1197926).
- bfq: Split shared queues on move between cgroups (bsc#1197926).
- bfq: Track whether bfq_group is still online (bsc#1197926).
- bfq: Update cgroup information before merging bio (bsc#1197926).
- block: Drop leftover references to RQF_SORTED (bsc#1182073).
- Bluetooth: btmtksdio: Fix kernel oops in btmtksdio_interrupt (git-fixes).
- Bluetooth: Fix use after free in hci_send_acl (git-fixes).
- Bluetooth: hci_serdev: call init_rwsem() before p->open() (git-fixes).
- bnx2x: fix napi API usage sequence (bsc#1198217).
- bpf: Resolve to prog->aux->dst_prog->type only for BPF_PROG_TYPE_EXT
(git-fixes bsc#1177028).
- brcmfmac: firmware: Allocate space for default boardrev in nvram
(git-fixes).
- brcmfmac: pcie: Fix crashes due to early IRQs (git-fixes).
- brcmfmac: pcie: Release firmwares in the brcmf_pcie_setup error path
(git-fixes).
- brcmfmac: pcie: Replace brcmf_pcie_copy_mem_todev with memcpy_toio
(git-fixes).
- carl9170: fix missing bit-wise or operator for tx_params (git-fixes).
- cfg80211: hold bss_lock while updating nontrans_list (git-fixes).
- cifs: do not skip link targets when an I/O fails (bsc#1194625).
- cifs: fix bad fids sent over wire (bsc#1197157).
- clk: Enforce that disjoints limits are invalid (git-fixes).
- clk: si5341: fix reported clk_rate when output divider is 2 (git-fixes).
- direct-io: clean up error paths of do_blockdev_direct_IO (bsc#1197656).
- direct-io: defer alignment check until after the EOF check (bsc#1197656).
- direct-io: do not force writeback for reads beyond EOF (bsc#1197656).
- dma-debug: fix return value of __setup handlers (git-fixes).
- dma: at_xdmac: fix a missing check on list iterator (git-fixes).
- dmaengine: idxd: add RO check for wq max_batch_size write (git-fixes).
- dmaengine: idxd: add RO check for wq max_transfer_size write (git-fixes).
- dmaengine: imx-sdma: Fix error checking in sdma_event_remap (git-fixes).
- dmaengine: mediatek:Fix PM usage reference leak of
mtk_uart_apdma_alloc_chan_resources (git-fixes).
- dmaengine: Revert "dmaengine: shdma: Fix runtime PM imbalance on error"
(git-fixes).
- Documentation: add link to stable release candidate tree (git-fixes).
- drm: add a locked version of drm_is_current_master (bsc#1197914).
- drm: Add orientation quirk for GPD Win Max (git-fixes).
- drm: drm_file struct kABI compatibility workaround (bsc#1197914).
- drm: protect drm_master pointers in drm_lease.c (bsc#1197914).
- drm: serialize drm_file.master with a new spinlock (bsc#1197914).
- drm: use the lookup lock in drm_is_current_master (bsc#1197914).
- drm/amd: Add USBC connector ID (git-fixes).
- drm/amd/amdgpu/amdgpu_cs: fix refcount leak of a dma_fence obj
(git-fixes).
- drm/amd/display: do not ignore alpha property on pre-multiplied mode
(git-fixes).
- drm/amd/display: Fix a NULL pointer dereference in
amdgpu_dm_connector_add_common_modes() (git-fixes).
- drm/amd/display: Fix allocate_mst_payload assert on resume (git-fixes).
- drm/amd/display: Fix memory leak in dcn21_clock_source_create
(bsc#1152472)
- drm/amdgpu: fix amdgpu_ras_block_late_init error handler (bsc#1152489)
- drm/amdgpu: fix off by one in amdgpu_gfx_kiq_acquire() (git-fixes).
- drm/amdgpu: Fix recursive locking warning (git-fixes).
- drm/amdkfd: Check for potential null return of kmalloc_array()
(git-fixes).
- drm/amdkfd: Fix Incorrect VMIDs passed to HWS (git-fixes).
- drm/amdkfd: make CRAT table missing message informational only
(git-fixes).
- drm/bridge: Add missing pm_runtime_disable() in __dw_mipi_dsi_probe
(git-fixes).
- drm/bridge: cdns-dsi: Make sure to to create proper aliases for dt
(git-fixes).
- drm/bridge: Fix free wrong object in sii8620_init_rcp_input_dev
(git-fixes).
- drm/cma-helper: Set VM_DONTEXPAND for mmap (bsc#1152472)
- drm/edid: check basic audio support on CEA extension block (git-fixes).
- drm/edid: Do not clear formats if using deep color (git-fixes).
- drm/fb-helper: Mark screen buffers in system memory with (bsc#1152472)
- drm/i915: Call i915_globals_exit() if pci_register_device() fails
(git-fixes).
- drm/i915: Drop all references to DRM IRQ midlayer (bsc#1152489)
- drm/i915: Keep gem ctx->vm alive until the final put (bsc#1152489)
- drm/i915: s/JSP2/ICP2/ PCH (bsc#1152489)
- drm/i915/gem: Flush coherency domains on first set-domain-ioctl
(git-fixes).
- drm/imx: Fix memory leak in imx_pd_connector_get_modes (git-fixes).
- drm/mediatek: Add AAL output size configuration (git-fixes).
- drm/mediatek: Fix aal size config (git-fixes).
- drm/msm/dsi: Use connector directly in msm_dsi_manager_connector_init()
(git-fixes).
- drm/panel/raspberrypi-touchscreen: Avoid NULL deref if not initialised
(git-fixes).
- drm/panel/raspberrypi-touchscreen: Initialise the bridge in prepare
(git-fixes).
- drm/prime: Fix use after free in mmap with drm_gem_ttm_mmap (bsc#1152472)
- drm/tegra: Fix reference leak in tegra_dsi_ganged_probe (git-fixes).
- drm/vc4: crtc: Lookup the encoder from the register at boot (bsc#1198534)
- drm/vc4: Use pm_runtime_resume_and_get to fix pm_runtime_get_sync()
usage (git-fixes).
- drm/vmwgfx: Remove unused compile options (bsc#1152472)
- e1000e: Fix possible overflow in LTR decoding (git-fixes).
- fibmap: Reject negative block numbers (bsc#1198448).
- fibmap: Use bmap instead of ->bmap method in ioctl_fibmap (bsc#1198448).
- firmware: arm_scmi: Fix sorting of retrieved clock rates (git-fixes).
- gpiolib: acpi: use correct format characters (git-fixes).
- gpu: ipu-v3: Fix dev_dbg frequency output (git-fixes).
- HID: i2c-hid: fix GET/SET_REPORT for unnumbered reports (git-fixes).
- hwrng: cavium - HW_RANDOM_CAVIUM should depend on ARCH_THUNDER
(git-fixes).
- i2c: dev: Force case user pointers in compat_i2cdev_ioctl() (git-fixes).
- IB/hfi1: Allow larger MTU without AIP (jsc#SLE-13208).
- Input: omap4-keypad - fix pm_runtime_get_sync() error checking
(git-fixes).
- ipmi: bail out if init_srcu_struct fails (git-fixes).
- ipmi: Fix UAF when uninstall ipmi_si and ipmi_msghandler module
(git-fixes).
- ipmi: Move remove_work to dedicated workqueue (git-fixes).
- iwlwifi: Fix -EIO error code that is never returned (git-fixes).
- iwlwifi: mvm: Fix an error code in iwl_mvm_up() (git-fixes).
- KEYS: fix length validation in keyctl_pkey_params_get_2() (git-fixes).
- livepatch: Do not block removal of patches that are safe to unload
(bsc#1071995).
- lz4: fix LZ4_decompress_safe_partial read out of bound (git-fixes).
- media: cx88-mpeg: clear interrupt status register before streaming video
(git-fixes).
- media: hdpvr: initialize dev->worker at hdpvr_register_videodev
(git-fixes).
- memory: atmel-ebi: Fix missing of_node_put in atmel_ebi_probe
(git-fixes).
- mfd: asic3: Add missing iounmap() on error asic3_mfd_probe (git-fixes).
- mfd: mc13xxx: Add check for mc13xxx_irq_request (git-fixes).
- mmc: host: Return an error when ->enable_sdio_irq() ops is missing
(git-fixes).
- mmc: mmci_sdmmc: Replace sg_dma_xxx macros (git-fixes).
- mmc: mmci: stm32: correctly check all elements of sg list (git-fixes).
- mmc: renesas_sdhi: do not overwrite TAP settings when HS400 tuning is
complete (git-fixes).
- mtd: onenand: Check for error irq (git-fixes).
- mtd: rawnand: atmel: fix refcount issue in atmel_nand_controller_init
(git-fixes).
- mtd: rawnand: gpmi: fix controller timings setting (git-fixes).
- mwl8k: Fix a double Free in mwl8k_probe_hw (git-fixes).
- net: asix: add proper error handling of usb read errors (git-fixes).
- net: mana: Add counter for packet dropped by XDP (bsc#1195651).
- net: mana: Add counter for XDP_TX (bsc#1195651).
- net: mana: Add handling of CQE_RX_TRUNCATED (bsc#1195651).
- net: mana: Remove unnecessary check of cqe_type in mana_process_rx_cqe()
(bsc#1195651).
- net: mana: Reuse XDP dropped page (bsc#1195651).
- net: mana: Use struct_size() helper in mana_gd_create_dma_region()
(bsc#1195651).
- net: mcs7830: handle usb read errors properly (git-fixes).
- net: usb: aqc111: Fix out-of-bounds accesses in RX fixup (git-fixes).
- nfc: nci: add flush_workqueue to prevent uaf (git-fixes).
- NFSv4: fix open failure with O_ACCMODE flag (git-fixes).
- PCI: aardvark: Fix reading PCI_EXP_RTSTA_PME bit on emulated bridge
(git-fixes).
- PCI: aardvark: Fix support for MSI interrupts (git-fixes).
- PCI: imx6: Allow to probe when dw_pcie_wait_for_link() fails (git-fixes).
- PCI: pciehp: Add Qualcomm quirk for Command Completed erratum
(git-fixes).
- PCI: pciehp: Clear cmd_busy bit in polling mode (git-fixes).
- PM: core: keep irq flags in device_pm_check_callbacks() (git-fixes).
- power: reset: gemini-poweroff: Fix IRQ check in gemini_poweroff_probe
(git-fixes).
- power: supply: ab8500: Fix memory leak in ab8500_fg_sysfs_init
(git-fixes).
- power: supply: axp20x_battery: properly report current when discharging
(git-fixes).
- power: supply: axp288-charger: Set Vhold to 4.4V (git-fixes).
- power: supply: bq24190_charger: Fix bq24190_vbus_is_enabled() wrong
false return (git-fixes).
- power: supply: wm8350-power: Add missing free in free_charger_irq
(git-fixes).
- power: supply: wm8350-power: Handle error for wm8350_register_irq
(git-fixes).
- powerpc/perf: Expose Performance Monitor Counter SPR's as part of
extended regs (bsc#1198077 ltc#197299).
- powerpc/perf: Fix power10 event alternatives (jsc#SLE-13513 git-fixes).
- powerpc/perf: Fix power9 event alternatives (bsc#1137728, LTC#178106,
git-fixes).
- powerpc/perf: Include PMCs as part of per-cpu cpuhw_events struct
(bsc#1198077 ltc#197299).
- ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE
(bsc#1198413).
- random: check for signal_pending() outside of need_resched() check
(git-fixes).
- ray_cs: Check ioremap return value (git-fixes).
- RDMA/core: Set MR type in ib_reg_user_mr (jsc#SLE-8449).
- RDMA/mlx5: Add a missing update of cache->last_add (jsc#SLE-15175).
- RDMA/mlx5: Do not remove cache MRs when a delay is needed
(jsc#SLE-15175).
- RDMA/mlx5: Fix the flow of a miss in the allocation of a cache ODP MR
(jsc#SLE-15175).
- regulator: wm8994: Add an off-on delay for WM8994 variant (git-fixes).
- rpm: Run external scriptlets on uninstall only when available
(bsc#1196514 bsc#1196114 bsc#1196942).
- rpm: Use bash for %() expansion (jsc#SLE-18234).
- rpm/*.spec.in: remove backtick usage
- rpm/constraints.in: skip SLOW_DISK workers for kernel-source
- rpm/kernel-obs-build.spec.in: use default dracut modules (bsc#1195926,
bsc#1198484)
- rtc: check if __rtc_read_time was successful (git-fixes).
- rtc: wm8350: Handle error for wm8350_register_irq (git-fixes).
- s390/tape: fix timer initialization in tape_std_assign() (bsc#1197677
LTC#197378).
- scsi: libsas: Fix sas_ata_qc_issue() handling of NCQ NON DATA commands
(git-fixes).
- scsi: mpt3sas: Fix use after free in _scsih_expander_node_remove()
(git-fixes).
- scsi: mpt3sas: Page fault in reply q processing (git-fixes).
- scsi: scsi_dh_alua: Avoid crash during alua_bus_detach() (bsc#1028340
bsc#1198825).
- spi: atmel-quadspi: Fix the buswidth adjustment between spi-mem and
controller (git-fixes).
- spi: bcm-qspi: fix MSPI only access with bcm_qspi_exec_mem_op()
(git-fixes).
- spi: Fix erroneous sgs value with min_t() (git-fixes).
- spi: Fix invalid sgs value (git-fixes).
- spi: mxic: Fix the transmit path (git-fixes).
- spi: tegra20: Use of_device_get_match_data() (git-fixes).
- staging: mt7621-dts: fix LEDs and pinctrl on GB-PC1 devicetree
(git-fixes).
- SUNRPC: change locking for xs_swap_enable/disable (bsc#1196367).
- SUNRPC: Ensure we flush any closed sockets before xs_xprt_free()
(git-fixes).
- SUNRPC: Fix the svc_deferred_event trace class (git-fixes).
- SUNRPC: Handle ENOMEM in call_transmit_status() (git-fixes).
- SUNRPC: Handle low memory situations in call_status() (git-fixes).
- USB: dwc3: core: Fix tx/rx threshold settings (git-fixes).
- USB: dwc3: core: Only handle soft-reset in DCTL (git-fixes).
- USB: dwc3: gadget: Return proper request status (git-fixes).
- USB: dwc3: omap: fix "unbalanced disables for smps10_out1" on omap5evm
(git-fixes).
- USB: gadget: uvc: Fix crash when encoding data for usb request
(git-fixes).
- USB: hcd-pci: Use PCI_STD_NUM_BARS when checking standard BARs
(bsc#1152489)
- USB: serial: pl2303: add IBM device IDs (git-fixes).
- USB: serial: simple: add Nokia phone driver (git-fixes).
- USB: storage: ums-realtek: fix error code in rts51x_read_mem()
(git-fixes).
- USB: usb-storage: Fix use of bitfields for hardware data in ene_ub6250.c
(git-fixes).
- vgacon: Propagate console boot parameters before calling `vc_resize'
(bsc#1152489)
- video: fbdev: atari: Atari 2 bpp (STe) palette bugfix (git-fixes).
- video: fbdev: cirrusfb: check pixclock to avoid divide by zero
(git-fixes).
- video: fbdev: nvidiafb: Use strscpy() to prevent buffer overflow
(git-fixes).
- video: fbdev: sm712fb: Fix crash in smtcfb_read() (git-fixes).
- video: fbdev: sm712fb: Fix crash in smtcfb_write() (git-fixes).
- video: fbdev: udlfb: properly check endpoint type (bsc#1152489)
- video: fbdev: w100fb: Reset global state (git-fixes).
- virtio_console: break out of buf poll on remove (git-fixes).
- virtio_console: eliminate anonymous module_init & module_exit
(git-fixes).
- w1: w1_therm: fixes w1_seq for ds28ea00 sensors (git-fixes).
- x86/pm: Save the MSR validity status at context setup (bsc#1198400).
- x86/sev: Unroll string mmio with CC_ATTR_GUEST_UNROLL_STRING_IO
(git-fixes).
- x86/speculation: Restore speculation related MSRs during S3 resume
(bsc#1198400).
- xen: fix is_xen_pmu() (git-fixes).
- xen/blkfront: fix comment for need_copy (git-fixes).
- xen/x86: obtain full video frame buffer address for Dom0 also under EFI
(bsc#1193556).
- xen/x86: obtain upper 32 bits of video frame buffer address for Dom0
(bsc#1193556).
- xhci: fix runtime PM imbalance in USB2 resume (git-fixes).
- xhci: fix uninitialized string returned by xhci_decode_ctrl_ctx()
(git-fixes).
Special Instructions and Notes:
Please reboot the system after installing this update.
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1687=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1687=1
- SUSE Linux Enterprise Workstation Extension 15-SP3:
zypper in -t patch SUSE-SLE-Product-WE-15-SP3-2022-1687=1
- SUSE Linux Enterprise Module for Live Patching 15-SP3:
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2022-1687=1
- SUSE Linux Enterprise Module for Legacy Software 15-SP3:
zypper in -t patch SUSE-SLE-Module-Legacy-15-SP3-2022-1687=1
- SUSE Linux Enterprise Module for Development Tools 15-SP3:
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP3-2022-1687=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-1687=1
- SUSE Linux Enterprise Micro 5.2:
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2022-1687=1
- SUSE Linux Enterprise Micro 5.1:
zypper in -t patch SUSE-SUSE-MicroOS-5.1-2022-1687=1
- SUSE Linux Enterprise High Availability 15-SP3:
zypper in -t patch SUSE-SLE-Product-HA-15-SP3-2022-1687=1
Package List:
- openSUSE Leap 15.4 (aarch64 x86_64):
cluster-md-kmp-preempt-5.3.18-150300.59.68.1
cluster-md-kmp-preempt-debuginfo-5.3.18-150300.59.68.1
dlm-kmp-preempt-5.3.18-150300.59.68.1
dlm-kmp-preempt-debuginfo-5.3.18-150300.59.68.1
gfs2-kmp-preempt-5.3.18-150300.59.68.1
gfs2-kmp-preempt-debuginfo-5.3.18-150300.59.68.1
kernel-preempt-5.3.18-150300.59.68.1
kernel-preempt-debuginfo-5.3.18-150300.59.68.1
kernel-preempt-debugsource-5.3.18-150300.59.68.1
kernel-preempt-devel-5.3.18-150300.59.68.1
kernel-preempt-devel-debuginfo-5.3.18-150300.59.68.1
kernel-preempt-extra-5.3.18-150300.59.68.1
kernel-preempt-extra-debuginfo-5.3.18-150300.59.68.1
kernel-preempt-livepatch-devel-5.3.18-150300.59.68.1
kernel-preempt-optional-5.3.18-150300.59.68.1
kernel-preempt-optional-debuginfo-5.3.18-150300.59.68.1
kselftests-kmp-preempt-5.3.18-150300.59.68.1
kselftests-kmp-preempt-debuginfo-5.3.18-150300.59.68.1
ocfs2-kmp-preempt-5.3.18-150300.59.68.1
ocfs2-kmp-preempt-debuginfo-5.3.18-150300.59.68.1
reiserfs-kmp-preempt-5.3.18-150300.59.68.1
reiserfs-kmp-preempt-debuginfo-5.3.18-150300.59.68.1
- openSUSE Leap 15.4 (aarch64):
dtb-al-5.3.18-150300.59.68.1
dtb-zte-5.3.18-150300.59.68.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
cluster-md-kmp-default-5.3.18-150300.59.68.1
cluster-md-kmp-default-debuginfo-5.3.18-150300.59.68.1
dlm-kmp-default-5.3.18-150300.59.68.1
dlm-kmp-default-debuginfo-5.3.18-150300.59.68.1
gfs2-kmp-default-5.3.18-150300.59.68.1
gfs2-kmp-default-debuginfo-5.3.18-150300.59.68.1
kernel-default-5.3.18-150300.59.68.1
kernel-default-base-5.3.18-150300.59.68.1.150300.18.41.3
kernel-default-base-rebuild-5.3.18-150300.59.68.1.150300.18.41.3
kernel-default-debuginfo-5.3.18-150300.59.68.1
kernel-default-debugsource-5.3.18-150300.59.68.1
kernel-default-devel-5.3.18-150300.59.68.1
kernel-default-devel-debuginfo-5.3.18-150300.59.68.1
kernel-default-extra-5.3.18-150300.59.68.1
kernel-default-extra-debuginfo-5.3.18-150300.59.68.1
kernel-default-livepatch-5.3.18-150300.59.68.1
kernel-default-livepatch-devel-5.3.18-150300.59.68.1
kernel-default-optional-5.3.18-150300.59.68.1
kernel-default-optional-debuginfo-5.3.18-150300.59.68.1
kernel-obs-build-5.3.18-150300.59.68.1
kernel-obs-build-debugsource-5.3.18-150300.59.68.1
kernel-obs-qa-5.3.18-150300.59.68.1
kernel-syms-5.3.18-150300.59.68.1
kselftests-kmp-default-5.3.18-150300.59.68.1
kselftests-kmp-default-debuginfo-5.3.18-150300.59.68.1
ocfs2-kmp-default-5.3.18-150300.59.68.1
ocfs2-kmp-default-debuginfo-5.3.18-150300.59.68.1
reiserfs-kmp-default-5.3.18-150300.59.68.1
reiserfs-kmp-default-debuginfo-5.3.18-150300.59.68.1
- openSUSE Leap 15.3 (aarch64 x86_64):
cluster-md-kmp-preempt-5.3.18-150300.59.68.1
cluster-md-kmp-preempt-debuginfo-5.3.18-150300.59.68.1
dlm-kmp-preempt-5.3.18-150300.59.68.1
dlm-kmp-preempt-debuginfo-5.3.18-150300.59.68.1
gfs2-kmp-preempt-5.3.18-150300.59.68.1
gfs2-kmp-preempt-debuginfo-5.3.18-150300.59.68.1
kernel-preempt-5.3.18-150300.59.68.1
kernel-preempt-debuginfo-5.3.18-150300.59.68.1
kernel-preempt-debugsource-5.3.18-150300.59.68.1
kernel-preempt-devel-5.3.18-150300.59.68.1
kernel-preempt-devel-debuginfo-5.3.18-150300.59.68.1
kernel-preempt-extra-5.3.18-150300.59.68.1
kernel-preempt-extra-debuginfo-5.3.18-150300.59.68.1
kernel-preempt-livepatch-devel-5.3.18-150300.59.68.1
kernel-preempt-optional-5.3.18-150300.59.68.1
kernel-preempt-optional-debuginfo-5.3.18-150300.59.68.1
kselftests-kmp-preempt-5.3.18-150300.59.68.1
kselftests-kmp-preempt-debuginfo-5.3.18-150300.59.68.1
ocfs2-kmp-preempt-5.3.18-150300.59.68.1
ocfs2-kmp-preempt-debuginfo-5.3.18-150300.59.68.1
reiserfs-kmp-preempt-5.3.18-150300.59.68.1
reiserfs-kmp-preempt-debuginfo-5.3.18-150300.59.68.1
- openSUSE Leap 15.3 (ppc64le x86_64):
kernel-debug-5.3.18-150300.59.68.1
kernel-debug-debuginfo-5.3.18-150300.59.68.1
kernel-debug-debugsource-5.3.18-150300.59.68.1
kernel-debug-devel-5.3.18-150300.59.68.1
kernel-debug-devel-debuginfo-5.3.18-150300.59.68.1
kernel-debug-livepatch-devel-5.3.18-150300.59.68.1
kernel-kvmsmall-5.3.18-150300.59.68.1
kernel-kvmsmall-debuginfo-5.3.18-150300.59.68.1
kernel-kvmsmall-debugsource-5.3.18-150300.59.68.1
kernel-kvmsmall-devel-5.3.18-150300.59.68.1
kernel-kvmsmall-devel-debuginfo-5.3.18-150300.59.68.1
kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.68.1
- openSUSE Leap 15.3 (aarch64):
cluster-md-kmp-64kb-5.3.18-150300.59.68.1
cluster-md-kmp-64kb-debuginfo-5.3.18-150300.59.68.1
dlm-kmp-64kb-5.3.18-150300.59.68.1
dlm-kmp-64kb-debuginfo-5.3.18-150300.59.68.1
dtb-al-5.3.18-150300.59.68.1
dtb-allwinner-5.3.18-150300.59.68.1
dtb-altera-5.3.18-150300.59.68.1
dtb-amd-5.3.18-150300.59.68.1
dtb-amlogic-5.3.18-150300.59.68.1
dtb-apm-5.3.18-150300.59.68.1
dtb-arm-5.3.18-150300.59.68.1
dtb-broadcom-5.3.18-150300.59.68.1
dtb-cavium-5.3.18-150300.59.68.1
dtb-exynos-5.3.18-150300.59.68.1
dtb-freescale-5.3.18-150300.59.68.1
dtb-hisilicon-5.3.18-150300.59.68.1
dtb-lg-5.3.18-150300.59.68.1
dtb-marvell-5.3.18-150300.59.68.1
dtb-mediatek-5.3.18-150300.59.68.1
dtb-nvidia-5.3.18-150300.59.68.1
dtb-qcom-5.3.18-150300.59.68.1
dtb-renesas-5.3.18-150300.59.68.1
dtb-rockchip-5.3.18-150300.59.68.1
dtb-socionext-5.3.18-150300.59.68.1
dtb-sprd-5.3.18-150300.59.68.1
dtb-xilinx-5.3.18-150300.59.68.1
dtb-zte-5.3.18-150300.59.68.1
gfs2-kmp-64kb-5.3.18-150300.59.68.1
gfs2-kmp-64kb-debuginfo-5.3.18-150300.59.68.1
kernel-64kb-5.3.18-150300.59.68.1
kernel-64kb-debuginfo-5.3.18-150300.59.68.1
kernel-64kb-debugsource-5.3.18-150300.59.68.1
kernel-64kb-devel-5.3.18-150300.59.68.1
kernel-64kb-devel-debuginfo-5.3.18-150300.59.68.1
kernel-64kb-extra-5.3.18-150300.59.68.1
kernel-64kb-extra-debuginfo-5.3.18-150300.59.68.1
kernel-64kb-livepatch-devel-5.3.18-150300.59.68.1
kernel-64kb-optional-5.3.18-150300.59.68.1
kernel-64kb-optional-debuginfo-5.3.18-150300.59.68.1
kselftests-kmp-64kb-5.3.18-150300.59.68.1
kselftests-kmp-64kb-debuginfo-5.3.18-150300.59.68.1
ocfs2-kmp-64kb-5.3.18-150300.59.68.1
ocfs2-kmp-64kb-debuginfo-5.3.18-150300.59.68.1
reiserfs-kmp-64kb-5.3.18-150300.59.68.1
reiserfs-kmp-64kb-debuginfo-5.3.18-150300.59.68.1
- openSUSE Leap 15.3 (noarch):
kernel-devel-5.3.18-150300.59.68.1
kernel-docs-5.3.18-150300.59.68.1
kernel-docs-html-5.3.18-150300.59.68.1
kernel-macros-5.3.18-150300.59.68.1
kernel-source-5.3.18-150300.59.68.1
kernel-source-vanilla-5.3.18-150300.59.68.1
- openSUSE Leap 15.3 (s390x):
kernel-zfcpdump-5.3.18-150300.59.68.1
kernel-zfcpdump-debuginfo-5.3.18-150300.59.68.1
kernel-zfcpdump-debugsource-5.3.18-150300.59.68.1
- SUSE Linux Enterprise Workstation Extension 15-SP3 (x86_64):
kernel-default-debuginfo-5.3.18-150300.59.68.1
kernel-default-debugsource-5.3.18-150300.59.68.1
kernel-default-extra-5.3.18-150300.59.68.1
kernel-default-extra-debuginfo-5.3.18-150300.59.68.1
kernel-preempt-debuginfo-5.3.18-150300.59.68.1
kernel-preempt-debugsource-5.3.18-150300.59.68.1
kernel-preempt-extra-5.3.18-150300.59.68.1
kernel-preempt-extra-debuginfo-5.3.18-150300.59.68.1
- SUSE Linux Enterprise Module for Live Patching 15-SP3 (ppc64le s390x x86_64):
kernel-default-debuginfo-5.3.18-150300.59.68.1
kernel-default-debugsource-5.3.18-150300.59.68.1
kernel-default-livepatch-5.3.18-150300.59.68.1
kernel-default-livepatch-devel-5.3.18-150300.59.68.1
kernel-livepatch-5_3_18-150300_59_68-default-1-150300.7.5.1
- SUSE Linux Enterprise Module for Legacy Software 15-SP3 (aarch64 ppc64le s390x x86_64):
kernel-default-debuginfo-5.3.18-150300.59.68.1
kernel-default-debugsource-5.3.18-150300.59.68.1
reiserfs-kmp-default-5.3.18-150300.59.68.1
reiserfs-kmp-default-debuginfo-5.3.18-150300.59.68.1
- SUSE Linux Enterprise Module for Development Tools 15-SP3 (aarch64 ppc64le s390x x86_64):
kernel-obs-build-5.3.18-150300.59.68.1
kernel-obs-build-debugsource-5.3.18-150300.59.68.1
kernel-syms-5.3.18-150300.59.68.1
- SUSE Linux Enterprise Module for Development Tools 15-SP3 (aarch64 x86_64):
kernel-preempt-debuginfo-5.3.18-150300.59.68.1
kernel-preempt-debugsource-5.3.18-150300.59.68.1
kernel-preempt-devel-5.3.18-150300.59.68.1
kernel-preempt-devel-debuginfo-5.3.18-150300.59.68.1
- SUSE Linux Enterprise Module for Development Tools 15-SP3 (noarch):
kernel-docs-5.3.18-150300.59.68.1
kernel-source-5.3.18-150300.59.68.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64):
kernel-default-5.3.18-150300.59.68.1
kernel-default-base-5.3.18-150300.59.68.1.150300.18.41.3
kernel-default-debuginfo-5.3.18-150300.59.68.1
kernel-default-debugsource-5.3.18-150300.59.68.1
kernel-default-devel-5.3.18-150300.59.68.1
kernel-default-devel-debuginfo-5.3.18-150300.59.68.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 x86_64):
kernel-preempt-5.3.18-150300.59.68.1
kernel-preempt-debuginfo-5.3.18-150300.59.68.1
kernel-preempt-debugsource-5.3.18-150300.59.68.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64):
kernel-64kb-5.3.18-150300.59.68.1
kernel-64kb-debuginfo-5.3.18-150300.59.68.1
kernel-64kb-debugsource-5.3.18-150300.59.68.1
kernel-64kb-devel-5.3.18-150300.59.68.1
kernel-64kb-devel-debuginfo-5.3.18-150300.59.68.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (noarch):
kernel-devel-5.3.18-150300.59.68.1
kernel-macros-5.3.18-150300.59.68.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (s390x):
kernel-zfcpdump-5.3.18-150300.59.68.1
kernel-zfcpdump-debuginfo-5.3.18-150300.59.68.1
kernel-zfcpdump-debugsource-5.3.18-150300.59.68.1
- SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64):
kernel-default-5.3.18-150300.59.68.1
kernel-default-base-5.3.18-150300.59.68.1.150300.18.41.3
kernel-default-debuginfo-5.3.18-150300.59.68.1
kernel-default-debugsource-5.3.18-150300.59.68.1
- SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64):
kernel-default-5.3.18-150300.59.68.1
kernel-default-base-5.3.18-150300.59.68.1.150300.18.41.3
kernel-default-debuginfo-5.3.18-150300.59.68.1
kernel-default-debugsource-5.3.18-150300.59.68.1
- SUSE Linux Enterprise High Availability 15-SP3 (aarch64 ppc64le s390x x86_64):
cluster-md-kmp-default-5.3.18-150300.59.68.1
cluster-md-kmp-default-debuginfo-5.3.18-150300.59.68.1
dlm-kmp-default-5.3.18-150300.59.68.1
dlm-kmp-default-debuginfo-5.3.18-150300.59.68.1
gfs2-kmp-default-5.3.18-150300.59.68.1
gfs2-kmp-default-debuginfo-5.3.18-150300.59.68.1
kernel-default-debuginfo-5.3.18-150300.59.68.1
kernel-default-debugsource-5.3.18-150300.59.68.1
ocfs2-kmp-default-5.3.18-150300.59.68.1
ocfs2-kmp-default-debuginfo-5.3.18-150300.59.68.1
References:
https://www.suse.com/security/cve/CVE-2020-27835.html
https://www.suse.com/security/cve/CVE-2021-0707.html
https://www.suse.com/security/cve/CVE-2021-20292.html
https://www.suse.com/security/cve/CVE-2021-20321.html
https://www.suse.com/security/cve/CVE-2021-38208.html
https://www.suse.com/security/cve/CVE-2021-4154.html
https://www.suse.com/security/cve/CVE-2022-0812.html
https://www.suse.com/security/cve/CVE-2022-1158.html
https://www.suse.com/security/cve/CVE-2022-1280.html
https://www.suse.com/security/cve/CVE-2022-1353.html
https://www.suse.com/security/cve/CVE-2022-1419.html
https://www.suse.com/security/cve/CVE-2022-1516.html
https://www.suse.com/security/cve/CVE-2022-28356.html
https://www.suse.com/security/cve/CVE-2022-28748.html
https://www.suse.com/security/cve/CVE-2022-28893.html
https://www.suse.com/security/cve/CVE-2022-29156.html
https://bugzilla.suse.com/1028340
https://bugzilla.suse.com/1071995
https://bugzilla.suse.com/1137728
https://bugzilla.suse.com/1152472
https://bugzilla.suse.com/1152489
https://bugzilla.suse.com/1177028
https://bugzilla.suse.com/1179878
https://bugzilla.suse.com/1182073
https://bugzilla.suse.com/1183723
https://bugzilla.suse.com/1187055
https://bugzilla.suse.com/1191647
https://bugzilla.suse.com/1193556
https://bugzilla.suse.com/1193842
https://bugzilla.suse.com/1194625
https://bugzilla.suse.com/1195651
https://bugzilla.suse.com/1195926
https://bugzilla.suse.com/1196018
https://bugzilla.suse.com/1196114
https://bugzilla.suse.com/1196367
https://bugzilla.suse.com/1196514
https://bugzilla.suse.com/1196639
https://bugzilla.suse.com/1196942
https://bugzilla.suse.com/1197157
https://bugzilla.suse.com/1197391
https://bugzilla.suse.com/1197656
https://bugzilla.suse.com/1197660
https://bugzilla.suse.com/1197677
https://bugzilla.suse.com/1197914
https://bugzilla.suse.com/1197926
https://bugzilla.suse.com/1198077
https://bugzilla.suse.com/1198217
https://bugzilla.suse.com/1198330
https://bugzilla.suse.com/1198400
https://bugzilla.suse.com/1198413
https://bugzilla.suse.com/1198437
https://bugzilla.suse.com/1198448
https://bugzilla.suse.com/1198484
https://bugzilla.suse.com/1198515
https://bugzilla.suse.com/1198516
https://bugzilla.suse.com/1198534
https://bugzilla.suse.com/1198742
https://bugzilla.suse.com/1198825
https://bugzilla.suse.com/1198989
https://bugzilla.suse.com/1199012
https://bugzilla.suse.com/1199024
1
0
SUSE-SU-2022:1688-1: important: Security update for e2fsprogs
by opensuse-security@opensuse.org 16 May '22
by opensuse-security@opensuse.org 16 May '22
16 May '22
SUSE Security Update: Security update for e2fsprogs
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1688-1
Rating: important
References: #1198446
Cross-References: CVE-2022-1304
CVSS scores:
CVE-2022-1304 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-1304 (SUSE): 7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H
Affected Products:
SUSE CaaS Platform 4.0
SUSE Enterprise Storage 6
SUSE Enterprise Storage 7
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise High Performance Computing 15-ESPOS
SUSE Linux Enterprise High Performance Computing 15-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Micro 5.0
SUSE Linux Enterprise Micro 5.1
SUSE Linux Enterprise Micro 5.2
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Realtime Extension 15-SP2
SUSE Linux Enterprise Server 15-LTSS
SUSE Linux Enterprise Server 15-SP1-BCL
SUSE Linux Enterprise Server 15-SP1-LTSS
SUSE Linux Enterprise Server 15-SP2-BCL
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP 15
SUSE Linux Enterprise Server for SAP 15-SP1
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.1
SUSE Manager Server 4.1
SUSE Manager Server 4.2
openSUSE Leap 15.3
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for e2fsprogs fixes the following issues:
- CVE-2022-1304: Fixed out-of-bounds read/write leading to segmentation
fault and possibly arbitrary code execution. (bsc#1198446)
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1688=1
- SUSE Manager Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-1688=1
- SUSE Manager Retail Branch Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-1688=1
- SUSE Manager Proxy 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-1688=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-1688=1
- SUSE Linux Enterprise Server for SAP 15-SP1:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2022-1688=1
- SUSE Linux Enterprise Server for SAP 15:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-2022-1688=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-1688=1
- SUSE Linux Enterprise Server 15-SP2-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-1688=1
- SUSE Linux Enterprise Server 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2022-1688=1
- SUSE Linux Enterprise Server 15-SP1-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-BCL-2022-1688=1
- SUSE Linux Enterprise Server 15-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-2022-1688=1
- SUSE Linux Enterprise Realtime Extension 15-SP2:
zypper in -t patch SUSE-SLE-Product-RT-15-SP2-2022-1688=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-1688=1
- SUSE Linux Enterprise Micro 5.2:
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2022-1688=1
- SUSE Linux Enterprise Micro 5.1:
zypper in -t patch SUSE-SUSE-MicroOS-5.1-2022-1688=1
- SUSE Linux Enterprise Micro 5.0:
zypper in -t patch SUSE-SUSE-MicroOS-5.0-2022-1688=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-1688=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-1688=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-LTSS-2022-1688=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-ESPOS-2022-1688=1
- SUSE Linux Enterprise High Performance Computing 15-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-2022-1688=1
- SUSE Linux Enterprise High Performance Computing 15-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-2022-1688=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2022-1688=1
- SUSE Enterprise Storage 6:
zypper in -t patch SUSE-Storage-6-2022-1688=1
- SUSE CaaS Platform 4.0:
To install this update, use the SUSE CaaS Platform 'skuba' tool. It
will inform you if it detects new updates and let you then trigger
updating of the complete cluster in a controlled way.
Package List:
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
e2fsprogs-1.43.8-150000.4.33.1
e2fsprogs-debuginfo-1.43.8-150000.4.33.1
e2fsprogs-debugsource-1.43.8-150000.4.33.1
e2fsprogs-devel-1.43.8-150000.4.33.1
libcom_err-devel-1.43.8-150000.4.33.1
libcom_err-devel-static-1.43.8-150000.4.33.1
libcom_err2-1.43.8-150000.4.33.1
libcom_err2-debuginfo-1.43.8-150000.4.33.1
libext2fs-devel-1.43.8-150000.4.33.1
libext2fs-devel-static-1.43.8-150000.4.33.1
libext2fs2-1.43.8-150000.4.33.1
libext2fs2-debuginfo-1.43.8-150000.4.33.1
- openSUSE Leap 15.3 (x86_64):
e2fsprogs-32bit-debuginfo-1.43.8-150000.4.33.1
libcom_err-devel-32bit-1.43.8-150000.4.33.1
libcom_err2-32bit-1.43.8-150000.4.33.1
libcom_err2-32bit-debuginfo-1.43.8-150000.4.33.1
libext2fs-devel-32bit-1.43.8-150000.4.33.1
libext2fs2-32bit-1.43.8-150000.4.33.1
libext2fs2-32bit-debuginfo-1.43.8-150000.4.33.1
- SUSE Manager Server 4.1 (ppc64le s390x x86_64):
e2fsprogs-1.43.8-150000.4.33.1
e2fsprogs-debuginfo-1.43.8-150000.4.33.1
e2fsprogs-debugsource-1.43.8-150000.4.33.1
e2fsprogs-devel-1.43.8-150000.4.33.1
libcom_err-devel-1.43.8-150000.4.33.1
libcom_err-devel-static-1.43.8-150000.4.33.1
libcom_err2-1.43.8-150000.4.33.1
libcom_err2-debuginfo-1.43.8-150000.4.33.1
libext2fs-devel-1.43.8-150000.4.33.1
libext2fs-devel-static-1.43.8-150000.4.33.1
libext2fs2-1.43.8-150000.4.33.1
libext2fs2-debuginfo-1.43.8-150000.4.33.1
- SUSE Manager Server 4.1 (x86_64):
e2fsprogs-32bit-debuginfo-1.43.8-150000.4.33.1
libcom_err2-32bit-1.43.8-150000.4.33.1
libcom_err2-32bit-debuginfo-1.43.8-150000.4.33.1
- SUSE Manager Retail Branch Server 4.1 (x86_64):
e2fsprogs-1.43.8-150000.4.33.1
e2fsprogs-32bit-debuginfo-1.43.8-150000.4.33.1
e2fsprogs-debuginfo-1.43.8-150000.4.33.1
e2fsprogs-debugsource-1.43.8-150000.4.33.1
e2fsprogs-devel-1.43.8-150000.4.33.1
libcom_err-devel-1.43.8-150000.4.33.1
libcom_err-devel-static-1.43.8-150000.4.33.1
libcom_err2-1.43.8-150000.4.33.1
libcom_err2-32bit-1.43.8-150000.4.33.1
libcom_err2-32bit-debuginfo-1.43.8-150000.4.33.1
libcom_err2-debuginfo-1.43.8-150000.4.33.1
libext2fs-devel-1.43.8-150000.4.33.1
libext2fs-devel-static-1.43.8-150000.4.33.1
libext2fs2-1.43.8-150000.4.33.1
libext2fs2-debuginfo-1.43.8-150000.4.33.1
- SUSE Manager Proxy 4.1 (x86_64):
e2fsprogs-1.43.8-150000.4.33.1
e2fsprogs-32bit-debuginfo-1.43.8-150000.4.33.1
e2fsprogs-debuginfo-1.43.8-150000.4.33.1
e2fsprogs-debugsource-1.43.8-150000.4.33.1
e2fsprogs-devel-1.43.8-150000.4.33.1
libcom_err-devel-1.43.8-150000.4.33.1
libcom_err-devel-static-1.43.8-150000.4.33.1
libcom_err2-1.43.8-150000.4.33.1
libcom_err2-32bit-1.43.8-150000.4.33.1
libcom_err2-32bit-debuginfo-1.43.8-150000.4.33.1
libcom_err2-debuginfo-1.43.8-150000.4.33.1
libext2fs-devel-1.43.8-150000.4.33.1
libext2fs-devel-static-1.43.8-150000.4.33.1
libext2fs2-1.43.8-150000.4.33.1
libext2fs2-debuginfo-1.43.8-150000.4.33.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64):
e2fsprogs-1.43.8-150000.4.33.1
e2fsprogs-debuginfo-1.43.8-150000.4.33.1
e2fsprogs-debugsource-1.43.8-150000.4.33.1
e2fsprogs-devel-1.43.8-150000.4.33.1
libcom_err-devel-1.43.8-150000.4.33.1
libcom_err-devel-static-1.43.8-150000.4.33.1
libcom_err2-1.43.8-150000.4.33.1
libcom_err2-debuginfo-1.43.8-150000.4.33.1
libext2fs-devel-1.43.8-150000.4.33.1
libext2fs-devel-static-1.43.8-150000.4.33.1
libext2fs2-1.43.8-150000.4.33.1
libext2fs2-debuginfo-1.43.8-150000.4.33.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (x86_64):
e2fsprogs-32bit-debuginfo-1.43.8-150000.4.33.1
libcom_err2-32bit-1.43.8-150000.4.33.1
libcom_err2-32bit-debuginfo-1.43.8-150000.4.33.1
- SUSE Linux Enterprise Server for SAP 15-SP1 (ppc64le x86_64):
e2fsprogs-1.43.8-150000.4.33.1
e2fsprogs-debuginfo-1.43.8-150000.4.33.1
e2fsprogs-debugsource-1.43.8-150000.4.33.1
e2fsprogs-devel-1.43.8-150000.4.33.1
libcom_err-devel-1.43.8-150000.4.33.1
libcom_err-devel-static-1.43.8-150000.4.33.1
libcom_err2-1.43.8-150000.4.33.1
libcom_err2-debuginfo-1.43.8-150000.4.33.1
libext2fs-devel-1.43.8-150000.4.33.1
libext2fs-devel-static-1.43.8-150000.4.33.1
libext2fs2-1.43.8-150000.4.33.1
libext2fs2-debuginfo-1.43.8-150000.4.33.1
- SUSE Linux Enterprise Server for SAP 15-SP1 (x86_64):
e2fsprogs-32bit-debuginfo-1.43.8-150000.4.33.1
libcom_err2-32bit-1.43.8-150000.4.33.1
libcom_err2-32bit-debuginfo-1.43.8-150000.4.33.1
- SUSE Linux Enterprise Server for SAP 15 (ppc64le x86_64):
e2fsprogs-1.43.8-150000.4.33.1
e2fsprogs-debuginfo-1.43.8-150000.4.33.1
e2fsprogs-debugsource-1.43.8-150000.4.33.1
e2fsprogs-devel-1.43.8-150000.4.33.1
libcom_err-devel-1.43.8-150000.4.33.1
libcom_err-devel-static-1.43.8-150000.4.33.1
libcom_err2-1.43.8-150000.4.33.1
libcom_err2-debuginfo-1.43.8-150000.4.33.1
libext2fs-devel-1.43.8-150000.4.33.1
libext2fs-devel-static-1.43.8-150000.4.33.1
libext2fs2-1.43.8-150000.4.33.1
libext2fs2-debuginfo-1.43.8-150000.4.33.1
- SUSE Linux Enterprise Server for SAP 15 (x86_64):
e2fsprogs-32bit-debuginfo-1.43.8-150000.4.33.1
libcom_err2-32bit-1.43.8-150000.4.33.1
libcom_err2-32bit-debuginfo-1.43.8-150000.4.33.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64):
e2fsprogs-1.43.8-150000.4.33.1
e2fsprogs-debuginfo-1.43.8-150000.4.33.1
e2fsprogs-debugsource-1.43.8-150000.4.33.1
e2fsprogs-devel-1.43.8-150000.4.33.1
libcom_err-devel-1.43.8-150000.4.33.1
libcom_err-devel-static-1.43.8-150000.4.33.1
libcom_err2-1.43.8-150000.4.33.1
libcom_err2-debuginfo-1.43.8-150000.4.33.1
libext2fs-devel-1.43.8-150000.4.33.1
libext2fs-devel-static-1.43.8-150000.4.33.1
libext2fs2-1.43.8-150000.4.33.1
libext2fs2-debuginfo-1.43.8-150000.4.33.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (x86_64):
e2fsprogs-32bit-debuginfo-1.43.8-150000.4.33.1
libcom_err2-32bit-1.43.8-150000.4.33.1
libcom_err2-32bit-debuginfo-1.43.8-150000.4.33.1
- SUSE Linux Enterprise Server 15-SP2-BCL (x86_64):
e2fsprogs-1.43.8-150000.4.33.1
e2fsprogs-32bit-debuginfo-1.43.8-150000.4.33.1
e2fsprogs-debuginfo-1.43.8-150000.4.33.1
e2fsprogs-debugsource-1.43.8-150000.4.33.1
e2fsprogs-devel-1.43.8-150000.4.33.1
libcom_err-devel-1.43.8-150000.4.33.1
libcom_err-devel-static-1.43.8-150000.4.33.1
libcom_err2-1.43.8-150000.4.33.1
libcom_err2-32bit-1.43.8-150000.4.33.1
libcom_err2-32bit-debuginfo-1.43.8-150000.4.33.1
libcom_err2-debuginfo-1.43.8-150000.4.33.1
libext2fs-devel-1.43.8-150000.4.33.1
libext2fs-devel-static-1.43.8-150000.4.33.1
libext2fs2-1.43.8-150000.4.33.1
libext2fs2-debuginfo-1.43.8-150000.4.33.1
- SUSE Linux Enterprise Server 15-SP1-LTSS (aarch64 ppc64le s390x x86_64):
e2fsprogs-1.43.8-150000.4.33.1
e2fsprogs-debuginfo-1.43.8-150000.4.33.1
e2fsprogs-debugsource-1.43.8-150000.4.33.1
e2fsprogs-devel-1.43.8-150000.4.33.1
libcom_err-devel-1.43.8-150000.4.33.1
libcom_err-devel-static-1.43.8-150000.4.33.1
libcom_err2-1.43.8-150000.4.33.1
libcom_err2-debuginfo-1.43.8-150000.4.33.1
libext2fs-devel-1.43.8-150000.4.33.1
libext2fs-devel-static-1.43.8-150000.4.33.1
libext2fs2-1.43.8-150000.4.33.1
libext2fs2-debuginfo-1.43.8-150000.4.33.1
- SUSE Linux Enterprise Server 15-SP1-LTSS (x86_64):
e2fsprogs-32bit-debuginfo-1.43.8-150000.4.33.1
libcom_err2-32bit-1.43.8-150000.4.33.1
libcom_err2-32bit-debuginfo-1.43.8-150000.4.33.1
- SUSE Linux Enterprise Server 15-SP1-BCL (x86_64):
e2fsprogs-1.43.8-150000.4.33.1
e2fsprogs-32bit-debuginfo-1.43.8-150000.4.33.1
e2fsprogs-debuginfo-1.43.8-150000.4.33.1
e2fsprogs-debugsource-1.43.8-150000.4.33.1
e2fsprogs-devel-1.43.8-150000.4.33.1
libcom_err-devel-1.43.8-150000.4.33.1
libcom_err-devel-static-1.43.8-150000.4.33.1
libcom_err2-1.43.8-150000.4.33.1
libcom_err2-32bit-1.43.8-150000.4.33.1
libcom_err2-32bit-debuginfo-1.43.8-150000.4.33.1
libcom_err2-debuginfo-1.43.8-150000.4.33.1
libext2fs-devel-1.43.8-150000.4.33.1
libext2fs-devel-static-1.43.8-150000.4.33.1
libext2fs2-1.43.8-150000.4.33.1
libext2fs2-debuginfo-1.43.8-150000.4.33.1
- SUSE Linux Enterprise Server 15-LTSS (aarch64 s390x):
e2fsprogs-1.43.8-150000.4.33.1
e2fsprogs-debuginfo-1.43.8-150000.4.33.1
e2fsprogs-debugsource-1.43.8-150000.4.33.1
e2fsprogs-devel-1.43.8-150000.4.33.1
libcom_err-devel-1.43.8-150000.4.33.1
libcom_err-devel-static-1.43.8-150000.4.33.1
libcom_err2-1.43.8-150000.4.33.1
libcom_err2-debuginfo-1.43.8-150000.4.33.1
libext2fs-devel-1.43.8-150000.4.33.1
libext2fs-devel-static-1.43.8-150000.4.33.1
libext2fs2-1.43.8-150000.4.33.1
libext2fs2-debuginfo-1.43.8-150000.4.33.1
- SUSE Linux Enterprise Realtime Extension 15-SP2 (x86_64):
e2fsprogs-1.43.8-150000.4.33.1
e2fsprogs-32bit-debuginfo-1.43.8-150000.4.33.1
e2fsprogs-debuginfo-1.43.8-150000.4.33.1
e2fsprogs-debugsource-1.43.8-150000.4.33.1
e2fsprogs-devel-1.43.8-150000.4.33.1
libcom_err-devel-1.43.8-150000.4.33.1
libcom_err-devel-static-1.43.8-150000.4.33.1
libcom_err2-1.43.8-150000.4.33.1
libcom_err2-32bit-1.43.8-150000.4.33.1
libcom_err2-32bit-debuginfo-1.43.8-150000.4.33.1
libcom_err2-debuginfo-1.43.8-150000.4.33.1
libext2fs-devel-1.43.8-150000.4.33.1
libext2fs-devel-static-1.43.8-150000.4.33.1
libext2fs2-1.43.8-150000.4.33.1
libext2fs2-debuginfo-1.43.8-150000.4.33.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64):
e2fsprogs-1.43.8-150000.4.33.1
e2fsprogs-debuginfo-1.43.8-150000.4.33.1
e2fsprogs-debugsource-1.43.8-150000.4.33.1
e2fsprogs-devel-1.43.8-150000.4.33.1
libcom_err-devel-1.43.8-150000.4.33.1
libcom_err-devel-static-1.43.8-150000.4.33.1
libcom_err2-1.43.8-150000.4.33.1
libcom_err2-debuginfo-1.43.8-150000.4.33.1
libext2fs-devel-1.43.8-150000.4.33.1
libext2fs-devel-static-1.43.8-150000.4.33.1
libext2fs2-1.43.8-150000.4.33.1
libext2fs2-debuginfo-1.43.8-150000.4.33.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (x86_64):
e2fsprogs-32bit-debuginfo-1.43.8-150000.4.33.1
libcom_err2-32bit-1.43.8-150000.4.33.1
libcom_err2-32bit-debuginfo-1.43.8-150000.4.33.1
- SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64):
e2fsprogs-1.43.8-150000.4.33.1
e2fsprogs-debuginfo-1.43.8-150000.4.33.1
e2fsprogs-debugsource-1.43.8-150000.4.33.1
libcom_err2-1.43.8-150000.4.33.1
libcom_err2-debuginfo-1.43.8-150000.4.33.1
libext2fs2-1.43.8-150000.4.33.1
libext2fs2-debuginfo-1.43.8-150000.4.33.1
- SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64):
e2fsprogs-1.43.8-150000.4.33.1
e2fsprogs-debuginfo-1.43.8-150000.4.33.1
e2fsprogs-debugsource-1.43.8-150000.4.33.1
libcom_err2-1.43.8-150000.4.33.1
libcom_err2-debuginfo-1.43.8-150000.4.33.1
libext2fs2-1.43.8-150000.4.33.1
libext2fs2-debuginfo-1.43.8-150000.4.33.1
- SUSE Linux Enterprise Micro 5.0 (aarch64 x86_64):
e2fsprogs-1.43.8-150000.4.33.1
e2fsprogs-debuginfo-1.43.8-150000.4.33.1
e2fsprogs-debugsource-1.43.8-150000.4.33.1
libcom_err2-1.43.8-150000.4.33.1
libcom_err2-debuginfo-1.43.8-150000.4.33.1
libext2fs2-1.43.8-150000.4.33.1
libext2fs2-debuginfo-1.43.8-150000.4.33.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64):
e2fsprogs-1.43.8-150000.4.33.1
e2fsprogs-debuginfo-1.43.8-150000.4.33.1
e2fsprogs-debugsource-1.43.8-150000.4.33.1
e2fsprogs-devel-1.43.8-150000.4.33.1
libcom_err-devel-1.43.8-150000.4.33.1
libcom_err-devel-static-1.43.8-150000.4.33.1
libcom_err2-1.43.8-150000.4.33.1
libcom_err2-debuginfo-1.43.8-150000.4.33.1
libext2fs-devel-1.43.8-150000.4.33.1
libext2fs-devel-static-1.43.8-150000.4.33.1
libext2fs2-1.43.8-150000.4.33.1
libext2fs2-debuginfo-1.43.8-150000.4.33.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (x86_64):
e2fsprogs-32bit-debuginfo-1.43.8-150000.4.33.1
libcom_err2-32bit-1.43.8-150000.4.33.1
libcom_err2-32bit-debuginfo-1.43.8-150000.4.33.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (aarch64 x86_64):
e2fsprogs-1.43.8-150000.4.33.1
e2fsprogs-debuginfo-1.43.8-150000.4.33.1
e2fsprogs-debugsource-1.43.8-150000.4.33.1
e2fsprogs-devel-1.43.8-150000.4.33.1
libcom_err-devel-1.43.8-150000.4.33.1
libcom_err-devel-static-1.43.8-150000.4.33.1
libcom_err2-1.43.8-150000.4.33.1
libcom_err2-debuginfo-1.43.8-150000.4.33.1
libext2fs-devel-1.43.8-150000.4.33.1
libext2fs-devel-static-1.43.8-150000.4.33.1
libext2fs2-1.43.8-150000.4.33.1
libext2fs2-debuginfo-1.43.8-150000.4.33.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (x86_64):
e2fsprogs-32bit-debuginfo-1.43.8-150000.4.33.1
libcom_err2-32bit-1.43.8-150000.4.33.1
libcom_err2-32bit-debuginfo-1.43.8-150000.4.33.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (aarch64 x86_64):
e2fsprogs-1.43.8-150000.4.33.1
e2fsprogs-debuginfo-1.43.8-150000.4.33.1
e2fsprogs-debugsource-1.43.8-150000.4.33.1
e2fsprogs-devel-1.43.8-150000.4.33.1
libcom_err-devel-1.43.8-150000.4.33.1
libcom_err-devel-static-1.43.8-150000.4.33.1
libcom_err2-1.43.8-150000.4.33.1
libcom_err2-debuginfo-1.43.8-150000.4.33.1
libext2fs-devel-1.43.8-150000.4.33.1
libext2fs-devel-static-1.43.8-150000.4.33.1
libext2fs2-1.43.8-150000.4.33.1
libext2fs2-debuginfo-1.43.8-150000.4.33.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (x86_64):
e2fsprogs-32bit-debuginfo-1.43.8-150000.4.33.1
libcom_err2-32bit-1.43.8-150000.4.33.1
libcom_err2-32bit-debuginfo-1.43.8-150000.4.33.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (aarch64 x86_64):
e2fsprogs-1.43.8-150000.4.33.1
e2fsprogs-debuginfo-1.43.8-150000.4.33.1
e2fsprogs-debugsource-1.43.8-150000.4.33.1
e2fsprogs-devel-1.43.8-150000.4.33.1
libcom_err-devel-1.43.8-150000.4.33.1
libcom_err-devel-static-1.43.8-150000.4.33.1
libcom_err2-1.43.8-150000.4.33.1
libcom_err2-debuginfo-1.43.8-150000.4.33.1
libext2fs-devel-1.43.8-150000.4.33.1
libext2fs-devel-static-1.43.8-150000.4.33.1
libext2fs2-1.43.8-150000.4.33.1
libext2fs2-debuginfo-1.43.8-150000.4.33.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (x86_64):
e2fsprogs-32bit-debuginfo-1.43.8-150000.4.33.1
libcom_err2-32bit-1.43.8-150000.4.33.1
libcom_err2-32bit-debuginfo-1.43.8-150000.4.33.1
- SUSE Linux Enterprise High Performance Computing 15-LTSS (aarch64 x86_64):
e2fsprogs-1.43.8-150000.4.33.1
e2fsprogs-debuginfo-1.43.8-150000.4.33.1
e2fsprogs-debugsource-1.43.8-150000.4.33.1
e2fsprogs-devel-1.43.8-150000.4.33.1
libcom_err-devel-1.43.8-150000.4.33.1
libcom_err-devel-static-1.43.8-150000.4.33.1
libcom_err2-1.43.8-150000.4.33.1
libcom_err2-debuginfo-1.43.8-150000.4.33.1
libext2fs-devel-1.43.8-150000.4.33.1
libext2fs-devel-static-1.43.8-150000.4.33.1
libext2fs2-1.43.8-150000.4.33.1
libext2fs2-debuginfo-1.43.8-150000.4.33.1
- SUSE Linux Enterprise High Performance Computing 15-LTSS (x86_64):
e2fsprogs-32bit-debuginfo-1.43.8-150000.4.33.1
libcom_err2-32bit-1.43.8-150000.4.33.1
libcom_err2-32bit-debuginfo-1.43.8-150000.4.33.1
- SUSE Linux Enterprise High Performance Computing 15-ESPOS (aarch64 x86_64):
e2fsprogs-1.43.8-150000.4.33.1
e2fsprogs-debuginfo-1.43.8-150000.4.33.1
e2fsprogs-debugsource-1.43.8-150000.4.33.1
e2fsprogs-devel-1.43.8-150000.4.33.1
libcom_err-devel-1.43.8-150000.4.33.1
libcom_err-devel-static-1.43.8-150000.4.33.1
libcom_err2-1.43.8-150000.4.33.1
libcom_err2-debuginfo-1.43.8-150000.4.33.1
libext2fs-devel-1.43.8-150000.4.33.1
libext2fs-devel-static-1.43.8-150000.4.33.1
libext2fs2-1.43.8-150000.4.33.1
libext2fs2-debuginfo-1.43.8-150000.4.33.1
- SUSE Linux Enterprise High Performance Computing 15-ESPOS (x86_64):
e2fsprogs-32bit-debuginfo-1.43.8-150000.4.33.1
libcom_err2-32bit-1.43.8-150000.4.33.1
libcom_err2-32bit-debuginfo-1.43.8-150000.4.33.1
- SUSE Enterprise Storage 7 (aarch64 x86_64):
e2fsprogs-1.43.8-150000.4.33.1
e2fsprogs-debuginfo-1.43.8-150000.4.33.1
e2fsprogs-debugsource-1.43.8-150000.4.33.1
e2fsprogs-devel-1.43.8-150000.4.33.1
libcom_err-devel-1.43.8-150000.4.33.1
libcom_err-devel-static-1.43.8-150000.4.33.1
libcom_err2-1.43.8-150000.4.33.1
libcom_err2-debuginfo-1.43.8-150000.4.33.1
libext2fs-devel-1.43.8-150000.4.33.1
libext2fs-devel-static-1.43.8-150000.4.33.1
libext2fs2-1.43.8-150000.4.33.1
libext2fs2-debuginfo-1.43.8-150000.4.33.1
- SUSE Enterprise Storage 7 (x86_64):
e2fsprogs-32bit-debuginfo-1.43.8-150000.4.33.1
libcom_err2-32bit-1.43.8-150000.4.33.1
libcom_err2-32bit-debuginfo-1.43.8-150000.4.33.1
- SUSE Enterprise Storage 6 (aarch64 x86_64):
e2fsprogs-1.43.8-150000.4.33.1
e2fsprogs-debuginfo-1.43.8-150000.4.33.1
e2fsprogs-debugsource-1.43.8-150000.4.33.1
e2fsprogs-devel-1.43.8-150000.4.33.1
libcom_err-devel-1.43.8-150000.4.33.1
libcom_err-devel-static-1.43.8-150000.4.33.1
libcom_err2-1.43.8-150000.4.33.1
libcom_err2-debuginfo-1.43.8-150000.4.33.1
libext2fs-devel-1.43.8-150000.4.33.1
libext2fs-devel-static-1.43.8-150000.4.33.1
libext2fs2-1.43.8-150000.4.33.1
libext2fs2-debuginfo-1.43.8-150000.4.33.1
- SUSE Enterprise Storage 6 (x86_64):
e2fsprogs-32bit-debuginfo-1.43.8-150000.4.33.1
libcom_err2-32bit-1.43.8-150000.4.33.1
libcom_err2-32bit-debuginfo-1.43.8-150000.4.33.1
- SUSE CaaS Platform 4.0 (x86_64):
e2fsprogs-1.43.8-150000.4.33.1
e2fsprogs-32bit-debuginfo-1.43.8-150000.4.33.1
e2fsprogs-debuginfo-1.43.8-150000.4.33.1
e2fsprogs-debugsource-1.43.8-150000.4.33.1
e2fsprogs-devel-1.43.8-150000.4.33.1
libcom_err-devel-1.43.8-150000.4.33.1
libcom_err-devel-static-1.43.8-150000.4.33.1
libcom_err2-1.43.8-150000.4.33.1
libcom_err2-32bit-1.43.8-150000.4.33.1
libcom_err2-32bit-debuginfo-1.43.8-150000.4.33.1
libcom_err2-debuginfo-1.43.8-150000.4.33.1
libext2fs-devel-1.43.8-150000.4.33.1
libext2fs-devel-static-1.43.8-150000.4.33.1
libext2fs2-1.43.8-150000.4.33.1
libext2fs2-debuginfo-1.43.8-150000.4.33.1
References:
https://www.suse.com/security/cve/CVE-2022-1304.html
https://bugzilla.suse.com/1198446
1
0
SUSE-SU-2022:1689-1: important: Security update for containerd, docker
by opensuse-security@opensuse.org 16 May '22
by opensuse-security@opensuse.org 16 May '22
16 May '22
SUSE Security Update: Security update for containerd, docker
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1689-1
Rating: important
References: #1193930 #1196441 #1197284 #1197517
Cross-References: CVE-2021-43565 CVE-2022-23648 CVE-2022-24769
CVE-2022-27191
CVSS scores:
CVE-2021-43565 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-23648 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CVE-2022-23648 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CVE-2022-24769 (NVD) : 5.9 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
CVE-2022-24769 (SUSE): 5.9 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
CVE-2022-27191 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-27191 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products:
SUSE CaaS Platform 4.0
SUSE Enterprise Storage 6
SUSE Enterprise Storage 7
SUSE Linux Enterprise High Performance Computing 15-ESPOS
SUSE Linux Enterprise High Performance Computing 15-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Micro 5.0
SUSE Linux Enterprise Micro 5.1
SUSE Linux Enterprise Micro 5.2
SUSE Linux Enterprise Module for Containers 15-SP3
SUSE Linux Enterprise Module for Containers 15-SP4
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3
SUSE Linux Enterprise Server 15-LTSS
SUSE Linux Enterprise Server 15-SP1-BCL
SUSE Linux Enterprise Server 15-SP1-LTSS
SUSE Linux Enterprise Server 15-SP2-BCL
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP 15
SUSE Linux Enterprise Server for SAP 15-SP1
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.1
SUSE Manager Server 4.1
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes four vulnerabilities is now available.
Description:
This update for containerd, docker fixes the following issues:
- CVE-2022-24769: Fixed incorrect default inheritable capabilities
(bsc#1197517).
- CVE-2022-23648: Fixed directory traversal issue (bsc#1196441).
- CVE-2022-27191: Fixed a crash in a golang.org/x/crypto/ssh server
(bsc#1197284).
- CVE-2021-43565: Fixed a panic in golang.org/x/crypto by empty plaintext
packet (bsc#1193930).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1689=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1689=1
- SUSE Manager Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-1689=1
- SUSE Manager Retail Branch Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-1689=1
- SUSE Manager Proxy 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-1689=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-1689=1
- SUSE Linux Enterprise Server for SAP 15-SP1:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2022-1689=1
- SUSE Linux Enterprise Server for SAP 15:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-2022-1689=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-1689=1
- SUSE Linux Enterprise Server 15-SP2-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-1689=1
- SUSE Linux Enterprise Server 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2022-1689=1
- SUSE Linux Enterprise Server 15-SP1-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-BCL-2022-1689=1
- SUSE Linux Enterprise Server 15-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-2022-1689=1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3:
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP3-2022-1689=1
- SUSE Linux Enterprise Module for Containers 15-SP4:
zypper in -t patch SUSE-SLE-Module-Containers-15-SP4-2022-1689=1
- SUSE Linux Enterprise Module for Containers 15-SP3:
zypper in -t patch SUSE-SLE-Module-Containers-15-SP3-2022-1689=1
- SUSE Linux Enterprise Micro 5.2:
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2022-1689=1
- SUSE Linux Enterprise Micro 5.1:
zypper in -t patch SUSE-SUSE-MicroOS-5.1-2022-1689=1
- SUSE Linux Enterprise Micro 5.0:
zypper in -t patch SUSE-SUSE-MicroOS-5.0-2022-1689=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-1689=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-1689=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-LTSS-2022-1689=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-ESPOS-2022-1689=1
- SUSE Linux Enterprise High Performance Computing 15-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-2022-1689=1
- SUSE Linux Enterprise High Performance Computing 15-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-2022-1689=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2022-1689=1
- SUSE Enterprise Storage 6:
zypper in -t patch SUSE-Storage-6-2022-1689=1
- SUSE CaaS Platform 4.0:
To install this update, use the SUSE CaaS Platform 'skuba' tool. It
will inform you if it detects new updates and let you then trigger
updating of the complete cluster in a controlled way.
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
containerd-1.5.11-150000.68.1
containerd-ctr-1.5.11-150000.68.1
docker-20.10.14_ce-150000.163.1
docker-debuginfo-20.10.14_ce-150000.163.1
docker-kubic-20.10.14_ce-150000.163.1
docker-kubic-debuginfo-20.10.14_ce-150000.163.1
docker-kubic-kubeadm-criconfig-20.10.14_ce-150000.163.1
- openSUSE Leap 15.4 (noarch):
docker-bash-completion-20.10.14_ce-150000.163.1
docker-fish-completion-20.10.14_ce-150000.163.1
docker-kubic-bash-completion-20.10.14_ce-150000.163.1
docker-kubic-fish-completion-20.10.14_ce-150000.163.1
docker-kubic-zsh-completion-20.10.14_ce-150000.163.1
docker-zsh-completion-20.10.14_ce-150000.163.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
containerd-1.5.11-150000.68.1
containerd-ctr-1.5.11-150000.68.1
docker-20.10.14_ce-150000.163.1
docker-debuginfo-20.10.14_ce-150000.163.1
docker-kubic-20.10.14_ce-150000.163.1
docker-kubic-debuginfo-20.10.14_ce-150000.163.1
docker-kubic-kubeadm-criconfig-20.10.14_ce-150000.163.1
- openSUSE Leap 15.3 (noarch):
docker-bash-completion-20.10.14_ce-150000.163.1
docker-fish-completion-20.10.14_ce-150000.163.1
docker-kubic-bash-completion-20.10.14_ce-150000.163.1
docker-kubic-fish-completion-20.10.14_ce-150000.163.1
docker-kubic-zsh-completion-20.10.14_ce-150000.163.1
docker-zsh-completion-20.10.14_ce-150000.163.1
- SUSE Manager Server 4.1 (ppc64le s390x x86_64):
containerd-1.5.11-150000.68.1
containerd-ctr-1.5.11-150000.68.1
docker-20.10.14_ce-150000.163.1
docker-debuginfo-20.10.14_ce-150000.163.1
- SUSE Manager Server 4.1 (noarch):
docker-bash-completion-20.10.14_ce-150000.163.1
- SUSE Manager Retail Branch Server 4.1 (noarch):
docker-bash-completion-20.10.14_ce-150000.163.1
- SUSE Manager Retail Branch Server 4.1 (x86_64):
containerd-1.5.11-150000.68.1
containerd-ctr-1.5.11-150000.68.1
docker-20.10.14_ce-150000.163.1
docker-debuginfo-20.10.14_ce-150000.163.1
- SUSE Manager Proxy 4.1 (x86_64):
containerd-1.5.11-150000.68.1
containerd-ctr-1.5.11-150000.68.1
docker-20.10.14_ce-150000.163.1
docker-debuginfo-20.10.14_ce-150000.163.1
- SUSE Manager Proxy 4.1 (noarch):
docker-bash-completion-20.10.14_ce-150000.163.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64):
containerd-1.5.11-150000.68.1
containerd-ctr-1.5.11-150000.68.1
docker-20.10.14_ce-150000.163.1
docker-debuginfo-20.10.14_ce-150000.163.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (noarch):
docker-bash-completion-20.10.14_ce-150000.163.1
- SUSE Linux Enterprise Server for SAP 15-SP1 (ppc64le x86_64):
containerd-1.5.11-150000.68.1
containerd-ctr-1.5.11-150000.68.1
docker-20.10.14_ce-150000.163.1
docker-debuginfo-20.10.14_ce-150000.163.1
- SUSE Linux Enterprise Server for SAP 15-SP1 (noarch):
docker-bash-completion-20.10.14_ce-150000.163.1
- SUSE Linux Enterprise Server for SAP 15 (ppc64le x86_64):
containerd-1.5.11-150000.68.1
containerd-ctr-1.5.11-150000.68.1
docker-20.10.14_ce-150000.163.1
docker-debuginfo-20.10.14_ce-150000.163.1
- SUSE Linux Enterprise Server for SAP 15 (noarch):
docker-bash-completion-20.10.14_ce-150000.163.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64):
containerd-1.5.11-150000.68.1
containerd-ctr-1.5.11-150000.68.1
docker-20.10.14_ce-150000.163.1
docker-debuginfo-20.10.14_ce-150000.163.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (noarch):
docker-bash-completion-20.10.14_ce-150000.163.1
- SUSE Linux Enterprise Server 15-SP2-BCL (noarch):
docker-bash-completion-20.10.14_ce-150000.163.1
- SUSE Linux Enterprise Server 15-SP2-BCL (x86_64):
containerd-1.5.11-150000.68.1
containerd-ctr-1.5.11-150000.68.1
docker-20.10.14_ce-150000.163.1
docker-debuginfo-20.10.14_ce-150000.163.1
- SUSE Linux Enterprise Server 15-SP1-LTSS (aarch64 ppc64le s390x x86_64):
containerd-1.5.11-150000.68.1
containerd-ctr-1.5.11-150000.68.1
docker-20.10.14_ce-150000.163.1
docker-debuginfo-20.10.14_ce-150000.163.1
- SUSE Linux Enterprise Server 15-SP1-LTSS (noarch):
docker-bash-completion-20.10.14_ce-150000.163.1
- SUSE Linux Enterprise Server 15-SP1-BCL (x86_64):
containerd-1.5.11-150000.68.1
containerd-ctr-1.5.11-150000.68.1
docker-20.10.14_ce-150000.163.1
docker-debuginfo-20.10.14_ce-150000.163.1
- SUSE Linux Enterprise Server 15-SP1-BCL (noarch):
docker-bash-completion-20.10.14_ce-150000.163.1
- SUSE Linux Enterprise Server 15-LTSS (noarch):
docker-bash-completion-20.10.14_ce-150000.163.1
- SUSE Linux Enterprise Server 15-LTSS (s390x):
containerd-1.5.11-150000.68.1
containerd-ctr-1.5.11-150000.68.1
docker-20.10.14_ce-150000.163.1
docker-debuginfo-20.10.14_ce-150000.163.1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3 (aarch64 ppc64le s390x x86_64):
containerd-ctr-1.5.11-150000.68.1
- SUSE Linux Enterprise Module for Containers 15-SP4 (aarch64 ppc64le s390x x86_64):
containerd-1.5.11-150000.68.1
docker-20.10.14_ce-150000.163.1
docker-debuginfo-20.10.14_ce-150000.163.1
- SUSE Linux Enterprise Module for Containers 15-SP4 (noarch):
docker-bash-completion-20.10.14_ce-150000.163.1
- SUSE Linux Enterprise Module for Containers 15-SP3 (aarch64 ppc64le s390x x86_64):
containerd-1.5.11-150000.68.1
containerd-ctr-1.5.11-150000.68.1
docker-20.10.14_ce-150000.163.1
docker-debuginfo-20.10.14_ce-150000.163.1
- SUSE Linux Enterprise Module for Containers 15-SP3 (noarch):
docker-bash-completion-20.10.14_ce-150000.163.1
docker-fish-completion-20.10.14_ce-150000.163.1
- SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64):
containerd-1.5.11-150000.68.1
docker-20.10.14_ce-150000.163.1
docker-debuginfo-20.10.14_ce-150000.163.1
- SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64):
containerd-1.5.11-150000.68.1
docker-20.10.14_ce-150000.163.1
docker-debuginfo-20.10.14_ce-150000.163.1
- SUSE Linux Enterprise Micro 5.0 (aarch64 x86_64):
containerd-1.5.11-150000.68.1
docker-20.10.14_ce-150000.163.1
docker-debuginfo-20.10.14_ce-150000.163.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64):
containerd-1.5.11-150000.68.1
containerd-ctr-1.5.11-150000.68.1
docker-20.10.14_ce-150000.163.1
docker-debuginfo-20.10.14_ce-150000.163.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (noarch):
docker-bash-completion-20.10.14_ce-150000.163.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (aarch64 x86_64):
containerd-1.5.11-150000.68.1
containerd-ctr-1.5.11-150000.68.1
docker-20.10.14_ce-150000.163.1
docker-debuginfo-20.10.14_ce-150000.163.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (noarch):
docker-bash-completion-20.10.14_ce-150000.163.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (aarch64 x86_64):
containerd-1.5.11-150000.68.1
containerd-ctr-1.5.11-150000.68.1
docker-20.10.14_ce-150000.163.1
docker-debuginfo-20.10.14_ce-150000.163.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (noarch):
docker-bash-completion-20.10.14_ce-150000.163.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (aarch64 x86_64):
containerd-1.5.11-150000.68.1
containerd-ctr-1.5.11-150000.68.1
docker-20.10.14_ce-150000.163.1
docker-debuginfo-20.10.14_ce-150000.163.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (noarch):
docker-bash-completion-20.10.14_ce-150000.163.1
- SUSE Linux Enterprise High Performance Computing 15-LTSS (noarch):
docker-bash-completion-20.10.14_ce-150000.163.1
- SUSE Linux Enterprise High Performance Computing 15-LTSS (x86_64):
containerd-1.5.11-150000.68.1
containerd-ctr-1.5.11-150000.68.1
docker-20.10.14_ce-150000.163.1
docker-debuginfo-20.10.14_ce-150000.163.1
- SUSE Linux Enterprise High Performance Computing 15-ESPOS (noarch):
docker-bash-completion-20.10.14_ce-150000.163.1
- SUSE Linux Enterprise High Performance Computing 15-ESPOS (x86_64):
containerd-1.5.11-150000.68.1
containerd-ctr-1.5.11-150000.68.1
docker-20.10.14_ce-150000.163.1
docker-debuginfo-20.10.14_ce-150000.163.1
- SUSE Enterprise Storage 7 (aarch64 x86_64):
containerd-1.5.11-150000.68.1
containerd-ctr-1.5.11-150000.68.1
docker-20.10.14_ce-150000.163.1
docker-debuginfo-20.10.14_ce-150000.163.1
- SUSE Enterprise Storage 7 (noarch):
docker-bash-completion-20.10.14_ce-150000.163.1
- SUSE Enterprise Storage 6 (aarch64 x86_64):
containerd-1.5.11-150000.68.1
containerd-ctr-1.5.11-150000.68.1
docker-20.10.14_ce-150000.163.1
docker-debuginfo-20.10.14_ce-150000.163.1
- SUSE Enterprise Storage 6 (noarch):
docker-bash-completion-20.10.14_ce-150000.163.1
- SUSE CaaS Platform 4.0 (x86_64):
containerd-1.5.11-150000.68.1
containerd-ctr-1.5.11-150000.68.1
docker-20.10.14_ce-150000.163.1
docker-debuginfo-20.10.14_ce-150000.163.1
- SUSE CaaS Platform 4.0 (noarch):
docker-bash-completion-20.10.14_ce-150000.163.1
References:
https://www.suse.com/security/cve/CVE-2021-43565.html
https://www.suse.com/security/cve/CVE-2022-23648.html
https://www.suse.com/security/cve/CVE-2022-24769.html
https://www.suse.com/security/cve/CVE-2022-27191.html
https://bugzilla.suse.com/1193930
https://bugzilla.suse.com/1196441
https://bugzilla.suse.com/1197284
https://bugzilla.suse.com/1197517
1
0
SUSE-SU-2022:1670-1: important: Security update for openldap2
by opensuse-security@opensuse.org 16 May '22
by opensuse-security@opensuse.org 16 May '22
16 May '22
SUSE Security Update: Security update for openldap2
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1670-1
Rating: important
References: #1199240
Cross-References: CVE-2022-29155
CVSS scores:
CVE-2022-29155 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-29155 (SUSE): 9.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H
Affected Products:
SUSE Enterprise Storage 7
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Micro 5.1
SUSE Linux Enterprise Micro 5.2
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Module for Development Tools 15-SP3
SUSE Linux Enterprise Module for Development Tools 15-SP4
SUSE Linux Enterprise Module for Legacy Software 15-SP3
SUSE Linux Enterprise Server
SUSE Linux Enterprise Server 15-SP2-BCL
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP Applications
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.1
SUSE Manager Server 4.1
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for openldap2 fixes the following issues:
- CVE-2022-29155: Fixed SQL injection in back-sql (bsc#1199240).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1670=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1670=1
- SUSE Manager Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-1670=1
- SUSE Manager Retail Branch Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-1670=1
- SUSE Manager Proxy 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-1670=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-1670=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-1670=1
- SUSE Linux Enterprise Server 15-SP2-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-1670=1
- SUSE Linux Enterprise Module for Legacy Software 15-SP3:
zypper in -t patch SUSE-SLE-Module-Legacy-15-SP3-2022-1670=1
- SUSE Linux Enterprise Module for Development Tools 15-SP4:
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP4-2022-1670=1
- SUSE Linux Enterprise Module for Development Tools 15-SP3:
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP3-2022-1670=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-1670=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-1670=1
- SUSE Linux Enterprise Micro 5.2:
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2022-1670=1
- SUSE Linux Enterprise Micro 5.1:
zypper in -t patch SUSE-SUSE-MicroOS-5.1-2022-1670=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-1670=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-1670=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2022-1670=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
libldap-2_4-2-2.4.46-150200.14.8.1
libldap-2_4-2-debuginfo-2.4.46-150200.14.8.1
openldap2-2.4.46-150200.14.8.1
openldap2-back-meta-2.4.46-150200.14.8.1
openldap2-back-meta-debuginfo-2.4.46-150200.14.8.1
openldap2-back-perl-2.4.46-150200.14.8.1
openldap2-back-perl-debuginfo-2.4.46-150200.14.8.1
openldap2-back-sock-2.4.46-150200.14.8.1
openldap2-back-sock-debuginfo-2.4.46-150200.14.8.1
openldap2-back-sql-2.4.46-150200.14.8.1
openldap2-back-sql-debuginfo-2.4.46-150200.14.8.1
openldap2-client-2.4.46-150200.14.8.1
openldap2-client-debuginfo-2.4.46-150200.14.8.1
openldap2-contrib-2.4.46-150200.14.8.1
openldap2-contrib-debuginfo-2.4.46-150200.14.8.1
openldap2-debuginfo-2.4.46-150200.14.8.1
openldap2-debugsource-2.4.46-150200.14.8.1
openldap2-devel-2.4.46-150200.14.8.1
openldap2-devel-static-2.4.46-150200.14.8.1
openldap2-ppolicy-check-password-1.2-150200.14.8.1
openldap2-ppolicy-check-password-debuginfo-1.2-150200.14.8.1
- openSUSE Leap 15.4 (x86_64):
libldap-2_4-2-32bit-2.4.46-150200.14.8.1
libldap-2_4-2-32bit-debuginfo-2.4.46-150200.14.8.1
openldap2-devel-32bit-2.4.46-150200.14.8.1
- openSUSE Leap 15.4 (noarch):
libldap-data-2.4.46-150200.14.8.1
openldap2-doc-2.4.46-150200.14.8.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
libldap-2_4-2-2.4.46-150200.14.8.1
libldap-2_4-2-debuginfo-2.4.46-150200.14.8.1
openldap2-2.4.46-150200.14.8.1
openldap2-back-meta-2.4.46-150200.14.8.1
openldap2-back-meta-debuginfo-2.4.46-150200.14.8.1
openldap2-back-perl-2.4.46-150200.14.8.1
openldap2-back-perl-debuginfo-2.4.46-150200.14.8.1
openldap2-back-sock-2.4.46-150200.14.8.1
openldap2-back-sock-debuginfo-2.4.46-150200.14.8.1
openldap2-back-sql-2.4.46-150200.14.8.1
openldap2-back-sql-debuginfo-2.4.46-150200.14.8.1
openldap2-client-2.4.46-150200.14.8.1
openldap2-client-debuginfo-2.4.46-150200.14.8.1
openldap2-contrib-2.4.46-150200.14.8.1
openldap2-contrib-debuginfo-2.4.46-150200.14.8.1
openldap2-debuginfo-2.4.46-150200.14.8.1
openldap2-debugsource-2.4.46-150200.14.8.1
openldap2-devel-2.4.46-150200.14.8.1
openldap2-devel-static-2.4.46-150200.14.8.1
openldap2-ppolicy-check-password-1.2-150200.14.8.1
openldap2-ppolicy-check-password-debuginfo-1.2-150200.14.8.1
- openSUSE Leap 15.3 (noarch):
libldap-data-2.4.46-150200.14.8.1
openldap2-doc-2.4.46-150200.14.8.1
- openSUSE Leap 15.3 (x86_64):
libldap-2_4-2-32bit-2.4.46-150200.14.8.1
libldap-2_4-2-32bit-debuginfo-2.4.46-150200.14.8.1
openldap2-devel-32bit-2.4.46-150200.14.8.1
- SUSE Manager Server 4.1 (ppc64le s390x x86_64):
libldap-2_4-2-2.4.46-150200.14.8.1
libldap-2_4-2-debuginfo-2.4.46-150200.14.8.1
openldap2-2.4.46-150200.14.8.1
openldap2-back-meta-2.4.46-150200.14.8.1
openldap2-back-meta-debuginfo-2.4.46-150200.14.8.1
openldap2-back-perl-2.4.46-150200.14.8.1
openldap2-back-perl-debuginfo-2.4.46-150200.14.8.1
openldap2-client-2.4.46-150200.14.8.1
openldap2-client-debuginfo-2.4.46-150200.14.8.1
openldap2-contrib-2.4.46-150200.14.8.1
openldap2-contrib-debuginfo-2.4.46-150200.14.8.1
openldap2-debuginfo-2.4.46-150200.14.8.1
openldap2-debugsource-2.4.46-150200.14.8.1
openldap2-devel-2.4.46-150200.14.8.1
openldap2-devel-static-2.4.46-150200.14.8.1
openldap2-ppolicy-check-password-1.2-150200.14.8.1
openldap2-ppolicy-check-password-debuginfo-1.2-150200.14.8.1
- SUSE Manager Server 4.1 (noarch):
libldap-data-2.4.46-150200.14.8.1
- SUSE Manager Server 4.1 (x86_64):
libldap-2_4-2-32bit-2.4.46-150200.14.8.1
libldap-2_4-2-32bit-debuginfo-2.4.46-150200.14.8.1
openldap2-devel-32bit-2.4.46-150200.14.8.1
- SUSE Manager Retail Branch Server 4.1 (x86_64):
libldap-2_4-2-2.4.46-150200.14.8.1
libldap-2_4-2-32bit-2.4.46-150200.14.8.1
libldap-2_4-2-32bit-debuginfo-2.4.46-150200.14.8.1
libldap-2_4-2-debuginfo-2.4.46-150200.14.8.1
openldap2-2.4.46-150200.14.8.1
openldap2-back-meta-2.4.46-150200.14.8.1
openldap2-back-meta-debuginfo-2.4.46-150200.14.8.1
openldap2-back-perl-2.4.46-150200.14.8.1
openldap2-back-perl-debuginfo-2.4.46-150200.14.8.1
openldap2-client-2.4.46-150200.14.8.1
openldap2-client-debuginfo-2.4.46-150200.14.8.1
openldap2-contrib-2.4.46-150200.14.8.1
openldap2-contrib-debuginfo-2.4.46-150200.14.8.1
openldap2-debuginfo-2.4.46-150200.14.8.1
openldap2-debugsource-2.4.46-150200.14.8.1
openldap2-devel-2.4.46-150200.14.8.1
openldap2-devel-32bit-2.4.46-150200.14.8.1
openldap2-devel-static-2.4.46-150200.14.8.1
openldap2-ppolicy-check-password-1.2-150200.14.8.1
openldap2-ppolicy-check-password-debuginfo-1.2-150200.14.8.1
- SUSE Manager Retail Branch Server 4.1 (noarch):
libldap-data-2.4.46-150200.14.8.1
- SUSE Manager Proxy 4.1 (noarch):
libldap-data-2.4.46-150200.14.8.1
- SUSE Manager Proxy 4.1 (x86_64):
libldap-2_4-2-2.4.46-150200.14.8.1
libldap-2_4-2-32bit-2.4.46-150200.14.8.1
libldap-2_4-2-32bit-debuginfo-2.4.46-150200.14.8.1
libldap-2_4-2-debuginfo-2.4.46-150200.14.8.1
openldap2-2.4.46-150200.14.8.1
openldap2-back-meta-2.4.46-150200.14.8.1
openldap2-back-meta-debuginfo-2.4.46-150200.14.8.1
openldap2-back-perl-2.4.46-150200.14.8.1
openldap2-back-perl-debuginfo-2.4.46-150200.14.8.1
openldap2-client-2.4.46-150200.14.8.1
openldap2-client-debuginfo-2.4.46-150200.14.8.1
openldap2-contrib-2.4.46-150200.14.8.1
openldap2-contrib-debuginfo-2.4.46-150200.14.8.1
openldap2-debuginfo-2.4.46-150200.14.8.1
openldap2-debugsource-2.4.46-150200.14.8.1
openldap2-devel-2.4.46-150200.14.8.1
openldap2-devel-32bit-2.4.46-150200.14.8.1
openldap2-devel-static-2.4.46-150200.14.8.1
openldap2-ppolicy-check-password-1.2-150200.14.8.1
openldap2-ppolicy-check-password-debuginfo-1.2-150200.14.8.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64):
libldap-2_4-2-2.4.46-150200.14.8.1
libldap-2_4-2-debuginfo-2.4.46-150200.14.8.1
openldap2-2.4.46-150200.14.8.1
openldap2-back-meta-2.4.46-150200.14.8.1
openldap2-back-meta-debuginfo-2.4.46-150200.14.8.1
openldap2-back-perl-2.4.46-150200.14.8.1
openldap2-back-perl-debuginfo-2.4.46-150200.14.8.1
openldap2-client-2.4.46-150200.14.8.1
openldap2-client-debuginfo-2.4.46-150200.14.8.1
openldap2-contrib-2.4.46-150200.14.8.1
openldap2-contrib-debuginfo-2.4.46-150200.14.8.1
openldap2-debuginfo-2.4.46-150200.14.8.1
openldap2-debugsource-2.4.46-150200.14.8.1
openldap2-devel-2.4.46-150200.14.8.1
openldap2-devel-static-2.4.46-150200.14.8.1
openldap2-ppolicy-check-password-1.2-150200.14.8.1
openldap2-ppolicy-check-password-debuginfo-1.2-150200.14.8.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (noarch):
libldap-data-2.4.46-150200.14.8.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (x86_64):
libldap-2_4-2-32bit-2.4.46-150200.14.8.1
libldap-2_4-2-32bit-debuginfo-2.4.46-150200.14.8.1
openldap2-devel-32bit-2.4.46-150200.14.8.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64):
libldap-2_4-2-2.4.46-150200.14.8.1
libldap-2_4-2-debuginfo-2.4.46-150200.14.8.1
openldap2-2.4.46-150200.14.8.1
openldap2-back-meta-2.4.46-150200.14.8.1
openldap2-back-meta-debuginfo-2.4.46-150200.14.8.1
openldap2-back-perl-2.4.46-150200.14.8.1
openldap2-back-perl-debuginfo-2.4.46-150200.14.8.1
openldap2-client-2.4.46-150200.14.8.1
openldap2-client-debuginfo-2.4.46-150200.14.8.1
openldap2-contrib-2.4.46-150200.14.8.1
openldap2-contrib-debuginfo-2.4.46-150200.14.8.1
openldap2-debuginfo-2.4.46-150200.14.8.1
openldap2-debugsource-2.4.46-150200.14.8.1
openldap2-devel-2.4.46-150200.14.8.1
openldap2-devel-static-2.4.46-150200.14.8.1
openldap2-ppolicy-check-password-1.2-150200.14.8.1
openldap2-ppolicy-check-password-debuginfo-1.2-150200.14.8.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (noarch):
libldap-data-2.4.46-150200.14.8.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (x86_64):
libldap-2_4-2-32bit-2.4.46-150200.14.8.1
libldap-2_4-2-32bit-debuginfo-2.4.46-150200.14.8.1
openldap2-devel-32bit-2.4.46-150200.14.8.1
- SUSE Linux Enterprise Server 15-SP2-BCL (noarch):
libldap-data-2.4.46-150200.14.8.1
- SUSE Linux Enterprise Server 15-SP2-BCL (x86_64):
libldap-2_4-2-2.4.46-150200.14.8.1
libldap-2_4-2-32bit-2.4.46-150200.14.8.1
libldap-2_4-2-32bit-debuginfo-2.4.46-150200.14.8.1
libldap-2_4-2-debuginfo-2.4.46-150200.14.8.1
openldap2-client-2.4.46-150200.14.8.1
openldap2-client-debuginfo-2.4.46-150200.14.8.1
openldap2-debugsource-2.4.46-150200.14.8.1
openldap2-devel-2.4.46-150200.14.8.1
openldap2-devel-32bit-2.4.46-150200.14.8.1
openldap2-devel-static-2.4.46-150200.14.8.1
- SUSE Linux Enterprise Module for Legacy Software 15-SP3 (aarch64 ppc64le s390x x86_64):
openldap2-2.4.46-150200.14.8.1
openldap2-back-meta-2.4.46-150200.14.8.1
openldap2-back-meta-debuginfo-2.4.46-150200.14.8.1
openldap2-back-perl-2.4.46-150200.14.8.1
openldap2-back-perl-debuginfo-2.4.46-150200.14.8.1
openldap2-contrib-2.4.46-150200.14.8.1
openldap2-contrib-debuginfo-2.4.46-150200.14.8.1
openldap2-debuginfo-2.4.46-150200.14.8.1
openldap2-debugsource-2.4.46-150200.14.8.1
openldap2-ppolicy-check-password-1.2-150200.14.8.1
openldap2-ppolicy-check-password-debuginfo-1.2-150200.14.8.1
- SUSE Linux Enterprise Module for Development Tools 15-SP4 (x86_64):
openldap2-debugsource-2.4.46-150200.14.8.1
openldap2-devel-32bit-2.4.46-150200.14.8.1
- SUSE Linux Enterprise Module for Development Tools 15-SP3 (x86_64):
openldap2-debugsource-2.4.46-150200.14.8.1
openldap2-devel-32bit-2.4.46-150200.14.8.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64 ppc64le s390x x86_64):
libldap-2_4-2-2.4.46-150200.14.8.1
libldap-2_4-2-debuginfo-2.4.46-150200.14.8.1
openldap2-client-2.4.46-150200.14.8.1
openldap2-client-debuginfo-2.4.46-150200.14.8.1
openldap2-debuginfo-2.4.46-150200.14.8.1
openldap2-debugsource-2.4.46-150200.14.8.1
openldap2-devel-2.4.46-150200.14.8.1
openldap2-devel-static-2.4.46-150200.14.8.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (noarch):
libldap-data-2.4.46-150200.14.8.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (x86_64):
libldap-2_4-2-32bit-2.4.46-150200.14.8.1
libldap-2_4-2-32bit-debuginfo-2.4.46-150200.14.8.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64):
libldap-2_4-2-2.4.46-150200.14.8.1
libldap-2_4-2-debuginfo-2.4.46-150200.14.8.1
openldap2-client-2.4.46-150200.14.8.1
openldap2-client-debuginfo-2.4.46-150200.14.8.1
openldap2-debuginfo-2.4.46-150200.14.8.1
openldap2-debugsource-2.4.46-150200.14.8.1
openldap2-devel-2.4.46-150200.14.8.1
openldap2-devel-static-2.4.46-150200.14.8.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (noarch):
libldap-data-2.4.46-150200.14.8.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (x86_64):
libldap-2_4-2-32bit-2.4.46-150200.14.8.1
libldap-2_4-2-32bit-debuginfo-2.4.46-150200.14.8.1
- SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64):
libldap-2_4-2-2.4.46-150200.14.8.1
libldap-2_4-2-debuginfo-2.4.46-150200.14.8.1
openldap2-debuginfo-2.4.46-150200.14.8.1
openldap2-debugsource-2.4.46-150200.14.8.1
- SUSE Linux Enterprise Micro 5.2 (noarch):
libldap-data-2.4.46-150200.14.8.1
- SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64):
libldap-2_4-2-2.4.46-150200.14.8.1
libldap-2_4-2-debuginfo-2.4.46-150200.14.8.1
openldap2-debuginfo-2.4.46-150200.14.8.1
openldap2-debugsource-2.4.46-150200.14.8.1
- SUSE Linux Enterprise Micro 5.1 (noarch):
libldap-data-2.4.46-150200.14.8.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64):
libldap-2_4-2-2.4.46-150200.14.8.1
libldap-2_4-2-debuginfo-2.4.46-150200.14.8.1
openldap2-client-2.4.46-150200.14.8.1
openldap2-client-debuginfo-2.4.46-150200.14.8.1
openldap2-debugsource-2.4.46-150200.14.8.1
openldap2-devel-2.4.46-150200.14.8.1
openldap2-devel-static-2.4.46-150200.14.8.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (noarch):
libldap-data-2.4.46-150200.14.8.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (x86_64):
libldap-2_4-2-32bit-2.4.46-150200.14.8.1
libldap-2_4-2-32bit-debuginfo-2.4.46-150200.14.8.1
openldap2-devel-32bit-2.4.46-150200.14.8.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (aarch64 x86_64):
libldap-2_4-2-2.4.46-150200.14.8.1
libldap-2_4-2-debuginfo-2.4.46-150200.14.8.1
openldap2-client-2.4.46-150200.14.8.1
openldap2-client-debuginfo-2.4.46-150200.14.8.1
openldap2-debugsource-2.4.46-150200.14.8.1
openldap2-devel-2.4.46-150200.14.8.1
openldap2-devel-static-2.4.46-150200.14.8.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (x86_64):
libldap-2_4-2-32bit-2.4.46-150200.14.8.1
libldap-2_4-2-32bit-debuginfo-2.4.46-150200.14.8.1
openldap2-devel-32bit-2.4.46-150200.14.8.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (noarch):
libldap-data-2.4.46-150200.14.8.1
- SUSE Enterprise Storage 7 (aarch64 x86_64):
libldap-2_4-2-2.4.46-150200.14.8.1
libldap-2_4-2-debuginfo-2.4.46-150200.14.8.1
openldap2-2.4.46-150200.14.8.1
openldap2-back-meta-2.4.46-150200.14.8.1
openldap2-back-meta-debuginfo-2.4.46-150200.14.8.1
openldap2-back-perl-2.4.46-150200.14.8.1
openldap2-back-perl-debuginfo-2.4.46-150200.14.8.1
openldap2-client-2.4.46-150200.14.8.1
openldap2-client-debuginfo-2.4.46-150200.14.8.1
openldap2-contrib-2.4.46-150200.14.8.1
openldap2-contrib-debuginfo-2.4.46-150200.14.8.1
openldap2-debuginfo-2.4.46-150200.14.8.1
openldap2-debugsource-2.4.46-150200.14.8.1
openldap2-devel-2.4.46-150200.14.8.1
openldap2-devel-static-2.4.46-150200.14.8.1
openldap2-ppolicy-check-password-1.2-150200.14.8.1
openldap2-ppolicy-check-password-debuginfo-1.2-150200.14.8.1
- SUSE Enterprise Storage 7 (x86_64):
libldap-2_4-2-32bit-2.4.46-150200.14.8.1
libldap-2_4-2-32bit-debuginfo-2.4.46-150200.14.8.1
openldap2-devel-32bit-2.4.46-150200.14.8.1
- SUSE Enterprise Storage 7 (noarch):
libldap-data-2.4.46-150200.14.8.1
References:
https://www.suse.com/security/cve/CVE-2022-29155.html
https://bugzilla.suse.com/1199240
1
0
SUSE-SU-2022:1666-1: important: Security update for slurm
by opensuse-security@opensuse.org 16 May '22
by opensuse-security@opensuse.org 16 May '22
16 May '22
SUSE Security Update: Security update for slurm
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1666-1
Rating: important
References: #1199278 #1199279
Cross-References: CVE-2022-29500 CVE-2022-29501
CVSS scores:
CVE-2022-29500 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-29500 (SUSE): 9.9 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
CVE-2022-29501 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-29501 (SUSE): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products:
SUSE Linux Enterprise Module for HPC 15-SP3
SUSE Linux Enterprise Module for HPC 15-SP4
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for slurm fixes the following issues:
- CVE-2022-29500: Fixed architectural flaw that could have been exploited
to allow an unprivileged user to execute arbitrary processes as root
(bsc#1199278).
- CVE-2022-29501: Fixed a problem that an unprivileged user could have
sent data to arbitrary unix socket as root (bsc#1199279).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1666=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1666=1
- SUSE Linux Enterprise Module for HPC 15-SP4:
zypper in -t patch SUSE-SLE-Module-HPC-15-SP4-2022-1666=1
- SUSE Linux Enterprise Module for HPC 15-SP3:
zypper in -t patch SUSE-SLE-Module-HPC-15-SP3-2022-1666=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
libnss_slurm2-20.11.9-150300.4.6.1
libnss_slurm2-debuginfo-20.11.9-150300.4.6.1
libpmi0-20.11.9-150300.4.6.1
libpmi0-debuginfo-20.11.9-150300.4.6.1
libslurm36-20.11.9-150300.4.6.1
libslurm36-debuginfo-20.11.9-150300.4.6.1
perl-slurm-20.11.9-150300.4.6.1
perl-slurm-debuginfo-20.11.9-150300.4.6.1
slurm-20.11.9-150300.4.6.1
slurm-auth-none-20.11.9-150300.4.6.1
slurm-auth-none-debuginfo-20.11.9-150300.4.6.1
slurm-config-20.11.9-150300.4.6.1
slurm-config-man-20.11.9-150300.4.6.1
slurm-cray-20.11.9-150300.4.6.1
slurm-cray-debuginfo-20.11.9-150300.4.6.1
slurm-debuginfo-20.11.9-150300.4.6.1
slurm-debugsource-20.11.9-150300.4.6.1
slurm-devel-20.11.9-150300.4.6.1
slurm-doc-20.11.9-150300.4.6.1
slurm-hdf5-20.11.9-150300.4.6.1
slurm-hdf5-debuginfo-20.11.9-150300.4.6.1
slurm-lua-20.11.9-150300.4.6.1
slurm-lua-debuginfo-20.11.9-150300.4.6.1
slurm-munge-20.11.9-150300.4.6.1
slurm-munge-debuginfo-20.11.9-150300.4.6.1
slurm-node-20.11.9-150300.4.6.1
slurm-node-debuginfo-20.11.9-150300.4.6.1
slurm-openlava-20.11.9-150300.4.6.1
slurm-pam_slurm-20.11.9-150300.4.6.1
slurm-pam_slurm-debuginfo-20.11.9-150300.4.6.1
slurm-plugins-20.11.9-150300.4.6.1
slurm-plugins-debuginfo-20.11.9-150300.4.6.1
slurm-rest-20.11.9-150300.4.6.1
slurm-rest-debuginfo-20.11.9-150300.4.6.1
slurm-seff-20.11.9-150300.4.6.1
slurm-sjstat-20.11.9-150300.4.6.1
slurm-slurmdbd-20.11.9-150300.4.6.1
slurm-slurmdbd-debuginfo-20.11.9-150300.4.6.1
slurm-sql-20.11.9-150300.4.6.1
slurm-sql-debuginfo-20.11.9-150300.4.6.1
slurm-sview-20.11.9-150300.4.6.1
slurm-sview-debuginfo-20.11.9-150300.4.6.1
slurm-torque-20.11.9-150300.4.6.1
slurm-torque-debuginfo-20.11.9-150300.4.6.1
slurm-webdoc-20.11.9-150300.4.6.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
libnss_slurm2-20.11.9-150300.4.6.1
libnss_slurm2-debuginfo-20.11.9-150300.4.6.1
libpmi0-20.11.9-150300.4.6.1
libpmi0-debuginfo-20.11.9-150300.4.6.1
libslurm36-20.11.9-150300.4.6.1
libslurm36-debuginfo-20.11.9-150300.4.6.1
perl-slurm-20.11.9-150300.4.6.1
perl-slurm-debuginfo-20.11.9-150300.4.6.1
slurm-20.11.9-150300.4.6.1
slurm-auth-none-20.11.9-150300.4.6.1
slurm-auth-none-debuginfo-20.11.9-150300.4.6.1
slurm-config-20.11.9-150300.4.6.1
slurm-config-man-20.11.9-150300.4.6.1
slurm-cray-20.11.9-150300.4.6.1
slurm-cray-debuginfo-20.11.9-150300.4.6.1
slurm-debuginfo-20.11.9-150300.4.6.1
slurm-debugsource-20.11.9-150300.4.6.1
slurm-devel-20.11.9-150300.4.6.1
slurm-doc-20.11.9-150300.4.6.1
slurm-hdf5-20.11.9-150300.4.6.1
slurm-hdf5-debuginfo-20.11.9-150300.4.6.1
slurm-lua-20.11.9-150300.4.6.1
slurm-lua-debuginfo-20.11.9-150300.4.6.1
slurm-munge-20.11.9-150300.4.6.1
slurm-munge-debuginfo-20.11.9-150300.4.6.1
slurm-node-20.11.9-150300.4.6.1
slurm-node-debuginfo-20.11.9-150300.4.6.1
slurm-openlava-20.11.9-150300.4.6.1
slurm-pam_slurm-20.11.9-150300.4.6.1
slurm-pam_slurm-debuginfo-20.11.9-150300.4.6.1
slurm-plugins-20.11.9-150300.4.6.1
slurm-plugins-debuginfo-20.11.9-150300.4.6.1
slurm-rest-20.11.9-150300.4.6.1
slurm-rest-debuginfo-20.11.9-150300.4.6.1
slurm-seff-20.11.9-150300.4.6.1
slurm-sjstat-20.11.9-150300.4.6.1
slurm-slurmdbd-20.11.9-150300.4.6.1
slurm-slurmdbd-debuginfo-20.11.9-150300.4.6.1
slurm-sql-20.11.9-150300.4.6.1
slurm-sql-debuginfo-20.11.9-150300.4.6.1
slurm-sview-20.11.9-150300.4.6.1
slurm-sview-debuginfo-20.11.9-150300.4.6.1
slurm-torque-20.11.9-150300.4.6.1
slurm-torque-debuginfo-20.11.9-150300.4.6.1
slurm-webdoc-20.11.9-150300.4.6.1
- SUSE Linux Enterprise Module for HPC 15-SP4 (aarch64 x86_64):
libnss_slurm2-20.11.9-150300.4.6.1
libnss_slurm2-debuginfo-20.11.9-150300.4.6.1
libpmi0-20.11.9-150300.4.6.1
libpmi0-debuginfo-20.11.9-150300.4.6.1
libslurm36-20.11.9-150300.4.6.1
libslurm36-debuginfo-20.11.9-150300.4.6.1
perl-slurm-20.11.9-150300.4.6.1
perl-slurm-debuginfo-20.11.9-150300.4.6.1
slurm-20.11.9-150300.4.6.1
slurm-auth-none-20.11.9-150300.4.6.1
slurm-auth-none-debuginfo-20.11.9-150300.4.6.1
slurm-config-20.11.9-150300.4.6.1
slurm-config-man-20.11.9-150300.4.6.1
slurm-cray-20.11.9-150300.4.6.1
slurm-cray-debuginfo-20.11.9-150300.4.6.1
slurm-debuginfo-20.11.9-150300.4.6.1
slurm-debugsource-20.11.9-150300.4.6.1
slurm-devel-20.11.9-150300.4.6.1
slurm-doc-20.11.9-150300.4.6.1
slurm-lua-20.11.9-150300.4.6.1
slurm-lua-debuginfo-20.11.9-150300.4.6.1
slurm-munge-20.11.9-150300.4.6.1
slurm-munge-debuginfo-20.11.9-150300.4.6.1
slurm-node-20.11.9-150300.4.6.1
slurm-node-debuginfo-20.11.9-150300.4.6.1
slurm-pam_slurm-20.11.9-150300.4.6.1
slurm-pam_slurm-debuginfo-20.11.9-150300.4.6.1
slurm-plugins-20.11.9-150300.4.6.1
slurm-plugins-debuginfo-20.11.9-150300.4.6.1
slurm-rest-20.11.9-150300.4.6.1
slurm-rest-debuginfo-20.11.9-150300.4.6.1
slurm-slurmdbd-20.11.9-150300.4.6.1
slurm-slurmdbd-debuginfo-20.11.9-150300.4.6.1
slurm-sql-20.11.9-150300.4.6.1
slurm-sql-debuginfo-20.11.9-150300.4.6.1
slurm-sview-20.11.9-150300.4.6.1
slurm-sview-debuginfo-20.11.9-150300.4.6.1
slurm-torque-20.11.9-150300.4.6.1
slurm-torque-debuginfo-20.11.9-150300.4.6.1
slurm-webdoc-20.11.9-150300.4.6.1
- SUSE Linux Enterprise Module for HPC 15-SP3 (aarch64 x86_64):
libnss_slurm2-20.11.9-150300.4.6.1
libnss_slurm2-debuginfo-20.11.9-150300.4.6.1
libpmi0-20.11.9-150300.4.6.1
libpmi0-debuginfo-20.11.9-150300.4.6.1
libslurm36-20.11.9-150300.4.6.1
libslurm36-debuginfo-20.11.9-150300.4.6.1
perl-slurm-20.11.9-150300.4.6.1
perl-slurm-debuginfo-20.11.9-150300.4.6.1
slurm-20.11.9-150300.4.6.1
slurm-auth-none-20.11.9-150300.4.6.1
slurm-auth-none-debuginfo-20.11.9-150300.4.6.1
slurm-config-20.11.9-150300.4.6.1
slurm-config-man-20.11.9-150300.4.6.1
slurm-debuginfo-20.11.9-150300.4.6.1
slurm-debugsource-20.11.9-150300.4.6.1
slurm-devel-20.11.9-150300.4.6.1
slurm-doc-20.11.9-150300.4.6.1
slurm-lua-20.11.9-150300.4.6.1
slurm-lua-debuginfo-20.11.9-150300.4.6.1
slurm-munge-20.11.9-150300.4.6.1
slurm-munge-debuginfo-20.11.9-150300.4.6.1
slurm-node-20.11.9-150300.4.6.1
slurm-node-debuginfo-20.11.9-150300.4.6.1
slurm-pam_slurm-20.11.9-150300.4.6.1
slurm-pam_slurm-debuginfo-20.11.9-150300.4.6.1
slurm-plugins-20.11.9-150300.4.6.1
slurm-plugins-debuginfo-20.11.9-150300.4.6.1
slurm-rest-20.11.9-150300.4.6.1
slurm-rest-debuginfo-20.11.9-150300.4.6.1
slurm-slurmdbd-20.11.9-150300.4.6.1
slurm-slurmdbd-debuginfo-20.11.9-150300.4.6.1
slurm-sql-20.11.9-150300.4.6.1
slurm-sql-debuginfo-20.11.9-150300.4.6.1
slurm-sview-20.11.9-150300.4.6.1
slurm-sview-debuginfo-20.11.9-150300.4.6.1
slurm-torque-20.11.9-150300.4.6.1
slurm-torque-debuginfo-20.11.9-150300.4.6.1
slurm-webdoc-20.11.9-150300.4.6.1
References:
https://www.suse.com/security/cve/CVE-2022-29500.html
https://www.suse.com/security/cve/CVE-2022-29501.html
https://bugzilla.suse.com/1199278
https://bugzilla.suse.com/1199279
1
0
SUSE-SU-2022:1676-1: important: Security update for the Linux Kernel
by opensuse-security@opensuse.org 16 May '22
by opensuse-security@opensuse.org 16 May '22
16 May '22
SUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1676-1
Rating: important
References: #1028340 #1065729 #1071995 #1121726 #1137728
#1152489 #1177028 #1179878 #1182073 #1183723
#1187055 #1191647 #1193556 #1193842 #1195926
#1196018 #1196114 #1196367 #1196514 #1196639
#1196942 #1197157 #1197391 #1197656 #1197660
#1197914 #1197926 #1198217 #1198330 #1198400
#1198413 #1198437 #1198448 #1198484 #1198515
#1198516 #1198660 #1198742 #1198825 #1199012
#1199024 SLE-13208 SLE-13513 SLE-15172 SLE-15175
SLE-15176 SLE-8449
Cross-References: CVE-2020-27835 CVE-2021-0707 CVE-2021-20292
CVE-2021-20321 CVE-2021-38208 CVE-2021-4154
CVE-2022-0812 CVE-2022-1158 CVE-2022-1280
CVE-2022-1353 CVE-2022-1419 CVE-2022-1516
CVE-2022-28356 CVE-2022-28748 CVE-2022-28893
CVE-2022-29156
CVSS scores:
CVE-2020-27835 (SUSE): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CVE-2021-0707 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2021-0707 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2021-20292 (NVD) : 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CVE-2021-20292 (SUSE): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CVE-2021-20321 (NVD) : 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2021-20321 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2021-38208 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2021-38208 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2021-4154 (NVD) : 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
CVE-2021-4154 (SUSE): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
CVE-2022-0812 (SUSE): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CVE-2022-1158 (SUSE): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-1280 (NVD) : 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H
CVE-2022-1280 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-1353 (NVD) : 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
CVE-2022-1353 (SUSE): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
CVE-2022-1419 (SUSE): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CVE-2022-1516 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-1516 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-28356 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-28356 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-28748 (SUSE): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
CVE-2022-28893 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-28893 (SUSE): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-29156 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-29156 (SUSE): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
Affected Products:
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Module for Public Cloud 15-SP3
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Manager Proxy 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.3
______________________________________________________________________________
An update that solves 16 vulnerabilities, contains 6
features and has 25 fixes is now available.
Description:
The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various
security and bugfixes.
The following security bugs were fixed:
- CVE-2020-27835: Fixed a use after free vulnerability in infiniband hfi1
driver in the way user calls Ioctl after open dev file and fork. A local
user could use this flaw to crash the system (bnc#1179878).
- CVE-2021-0707: Fixed a use after free vulnerability in dma_buf_release
of dma-buf.c, which may lead to local escalation of privilege with no
additional execution privileges needed (bnc#1198437).
- CVE-2021-20292: Fixed object validation prior to performing operations
on the object in nouveau_sgdma_create_ttm in Nouveau DRM subsystem
(bnc#1183723).
- CVE-2021-20321: Fixed a race condition accessing file object in the
OverlayFS subsystem in the way users do rename in specific way with
OverlayFS. A local user could have used this flaw to crash the system
(bnc#1191647).
- CVE-2021-38208: Fixed a denial of service (NULL pointer dereference and
BUG) by making a getsockname call after a certain type of failure of a
bind call (bnc#1187055).
- CVE-2021-4154: Fixed a use-after-free vulnerability in
cgroup1_parse_param in kernel/cgroup/cgroup-v1.c, allowing a local
privilege escalation by an attacker with user privileges by exploiting
the fsconfig syscall parameter, leading to a container breakout and a
denial of service on the system (bnc#1193842).
- CVE-2022-0812: Fixed information leak when a file is read from RDMA
(bsc#1196639)
- CVE-2022-1158: Fixed a vulnerability in the kvm module that may lead to
a use-after-free write or denial of service (bsc#1197660).
- CVE-2022-1280: Fixed a use-after-free vulnerability in drm_lease_held in
drivers/gpu/drm/drm_lease.c (bnc#1197914).
- CVE-2022-1353: Fixed access controll to kernel memory in the
pfkey_register function in net/key/af_key.c (bnc#1198516).
- CVE-2022-1419: Fixed a concurrency use-after-free in
vgem_gem_dumb_create (bsc#1198742).
- CVE-2022-1516: Fixed null-ptr-deref caused by x25_disconnect
(bsc#1199012).
- CVE-2022-28356: Fixed a refcount leak bug in net/llc/af_llc.c
(bnc#1197391).
- CVE-2022-28748: Fixed memory lead over the network by ax88179_178a
devices (bsc#1196018).
- CVE-2022-28893: Fixed a use after free vulnerability in inet_put_port
where some sockets are not closed before xs_xprt_free() (bsc#1198330).
- CVE-2022-29156: Fixed a double free vulnerability related to
rtrs_clt_dev_release.ate (jsc#SLE-15176 bsc#1198515).
The following non-security bugs were fixed:
- ACPI/APEI: Limit printable size of BERT table data (git-fixes).
- ACPI: processor idle: Check for architectural support for LPI
(git-fixes).
- ACPICA: Avoid walking the ACPI Namespace if it is not there (git-fixes).
- ALSA: cs4236: fix an incorrect NULL check on list iterator (git-fixes).
- ALSA: hda/hdmi: fix warning about PCM count when used with SOF
(git-fixes).
- ALSA: hda/realtek: Add alc256-samsung-headphone fixup (git-fixes).
- ALSA: hda/realtek: Add quirk for Clevo PD50PNT (git-fixes).
- ALSA: hda/realtek: Fix audio regression on Mi Notebook Pro 2020
(git-fixes).
- ALSA: pcm: Test for "silence" field in struct "pcm_format_data"
(git-fixes).
- ALSA: usb-audio: Cap upper limits of buffer/period bytes for implicit fb
(git-fixes).
- ALSA: usb-audio: Increase max buffer size (git-fixes).
- ALSA: usb-audio: Limit max buffer and period sizes per time (git-fixes).
- ASoC: atmel: Remove system clock tree configuration for at91sam9g20ek
(git-fixes).
- ASoC: codecs: wcd934x: do not switch off SIDO Buck when codec is in use
(git-fixes).
- ASoC: mediatek: mt6358: add missing EXPORT_SYMBOLs (git-fixes).
- ASoC: msm8916-wcd-digital: Check failure for
devm_snd_soc_register_component (git-fixes).
- ASoC: soc-compress: Change the check for codec_dai (git-fixes).
- ASoC: soc-compress: prevent the potentially use of null pointer
(git-fixes).
- ASoC: soc-core: skip zero num_dai component in searching dai name
(git-fixes).
- ASoC: soc-dapm: fix two incorrect uses of list iterator (git-fixes).
- Bluetooth: Fix use after free in hci_send_acl (git-fixes).
- Bluetooth: btmtksdio: Fix kernel oops in btmtksdio_interrupt (git-fixes).
- Bluetooth: hci_serdev: call init_rwsem() before p->open() (git-fixes).
- Documentation: add link to stable release candidate tree (git-fixes).
- HID: i2c-hid: fix GET/SET_REPORT for unnumbered reports (git-fixes).
- IB/hfi1: Allow larger MTU without AIP (jsc#SLE-13208).
- Input: omap4-keypad - fix pm_runtime_get_sync() error checking
(git-fixes).
- KEYS: fix length validation in keyctl_pkey_params_get_2() (git-fixes).
- NFSv4: fix open failure with O_ACCMODE flag (git-fixes).
- PCI: aardvark: Fix reading PCI_EXP_RTSTA_PME bit on emulated bridge
(git-fixes).
- PCI: aardvark: Fix support for MSI interrupts (git-fixes).
- PCI: imx6: Allow to probe when dw_pcie_wait_for_link() fails (git-fixes).
- PCI: pciehp: Add Qualcomm quirk for Command Completed erratum
(git-fixes).
- PCI: pciehp: Clear cmd_busy bit in polling mode (git-fixes).
- PM: core: keep irq flags in device_pm_check_callbacks() (git-fixes).
- RDMA/core: Set MR type in ib_reg_user_mr (jsc#SLE-8449).
- RDMA/mlx5: Add a missing update of cache->last_add (jsc#SLE-15175).
- RDMA/mlx5: Do not remove cache MRs when a delay is needed
(jsc#SLE-15175).
- RDMA/mlx5: Fix the flow of a miss in the allocation of a cache ODP MR
(jsc#SLE-15175).
- SUNRPC: Ensure we flush any closed sockets before xs_xprt_free()
(git-fixes).
- SUNRPC: Fix the svc_deferred_event trace class (git-fixes).
- SUNRPC: Handle ENOMEM in call_transmit_status() (git-fixes).
- SUNRPC: Handle low memory situations in call_status() (git-fixes).
- SUNRPC: change locking for xs_swap_enable/disable (bsc#1196367).
- USB: serial: pl2303: add IBM device IDs (git-fixes).
- USB: serial: simple: add Nokia phone driver (git-fixes).
- USB: storage: ums-realtek: fix error code in rts51x_read_mem()
(git-fixes).
- USB: usb-storage: Fix use of bitfields for hardware data in ene_ub6250.c
(git-fixes).
- USB: dwc3: omap: fix "unbalanced disables for smps10_out1" on omap5evm
(git-fixes).
- USB: gadget: uvc: Fix crash when encoding data for usb request
(git-fixes).
- adm8211: fix error return code in adm8211_probe() (git-fixes).
- arm64/sve: Use correct size when reinitialising SVE state (git-fixes)
- arm64: clear_page() shouldn't use DC ZVA when DCZID_EL0.DZP == 1
(git-fixes)
- arm64: dts: allwinner: h5: NanoPI Neo 2: Fix ethernet node (git-fixes)
- arm64: dts: allwinner: orangepi-zero-plus: fix PHY mode (git-fixes)
- arm64: dts: exynos: correct GIC CPU interfaces address range on
(git-fixes)
- arm64: dts: ls1028a: fix memory node (git-fixes)
- arm64: dts: ls1028a: fix node name for the sysclk (git-fixes)
- arm64: dts: lx2160a: fix scl-gpios property name (git-fixes)
- arm64: dts: marvell: armada-37xx: Extend PCIe MEM space (git-fixes)
- arm64: dts: marvell: armada-37xx: Fix reg for standard variant of
(git-fixes)
- arm64: dts: marvell: armada-37xx: Remap IO space to bus address 0x0
(git-fixes)
- arm64: dts: rockchip: Fix GPU register width for RK3328 (git-fixes)
- arm64: dts: rockchip: remove mmc-hs400-enhanced-strobe from (git-fixes)
- arm64: dts: zii-ultra: fix 12V_MAIN voltage (git-fixes)
- arm64: head: avoid over-mapping in map_memory (git-fixes)
- ata: libata-core: Disable READ LOG DMA EXT for Samsung 840 EVOs
(git-fixes).
- ata: sata_dwc_460ex: Fix crash due to OOB write (git-fixes).
- ath10k: fix memory overwrite of the WoWLAN wakeup packet pattern
(git-fixes).
- ath5k: fix OOB in ath5k_eeprom_read_pcal_info_5111 (git-fixes).
- ath5k: fix building with LEDS=m (git-fixes).
- ath9k: Fix usage of driver-private space in tx_info (git-fixes).
- ath9k: Properly clear TX status area before reporting to mac80211
(git-fixes).
- ath9k_htc: fix uninit value bugs (git-fixes).
- bareudp: use ipv6_mod_enabled to check if IPv6 enabled (jsc#SLE-15172).
- bfq: Avoid merging queues with different parents (bsc#1197926).
- bfq: Drop pointless unlock-lock pair (bsc#1197926).
- bfq: Get rid of __bio_blkcg() usage (bsc#1197926).
- bfq: Make sure bfqg for which we are queueing requests is online
(bsc#1197926).
- bfq: Remove pointless bfq_init_rq() calls (bsc#1197926).
- bfq: Split shared queues on move between cgroups (bsc#1197926).
- bfq: Track whether bfq_group is still online (bsc#1197926).
- bfq: Update cgroup information before merging bio (bsc#1197926).
- block: Drop leftover references to RQF_SORTED (bsc#1182073).
- bnx2x: fix napi API usage sequence (bsc#1198217).
- bpf: Resolve to prog->aux->dst_prog->type only for BPF_PROG_TYPE_EXT
(git-fixes bsc#1177028).
- brcmfmac: firmware: Allocate space for default boardrev in nvram
(git-fixes).
- brcmfmac: pcie: Fix crashes due to early IRQs (git-fixes).
- brcmfmac: pcie: Release firmwares in the brcmf_pcie_setup error path
(git-fixes).
- brcmfmac: pcie: Replace brcmf_pcie_copy_mem_todev with memcpy_toio
(git-fixes).
- carl9170: fix missing bit-wise or operator for tx_params (git-fixes).
- cfg80211: hold bss_lock while updating nontrans_list (git-fixes).
- cifs: fix bad fids sent over wire (bsc#1197157).
- clk: Enforce that disjoints limits are invalid (git-fixes).
- clk: si5341: fix reported clk_rate when output divider is 2 (git-fixes).
- direct-io: clean up error paths of do_blockdev_direct_IO (bsc#1197656).
- direct-io: defer alignment check until after the EOF check (bsc#1197656).
- direct-io: do not force writeback for reads beyond EOF (bsc#1197656).
- dma-debug: fix return value of __setup handlers (git-fixes).
- dma: at_xdmac: fix a missing check on list iterator (git-fixes).
- dmaengine: Revert "dmaengine: shdma: Fix runtime PM imbalance on error"
(git-fixes).
- dmaengine: idxd: add RO check for wq max_batch_size write (git-fixes).
- dmaengine: idxd: add RO check for wq max_transfer_size write (git-fixes).
- dmaengine: imx-sdma: Fix error checking in sdma_event_remap (git-fixes).
- dmaengine: mediatek:Fix PM usage reference leak of
mtk_uart_apdma_alloc_chan_resources (git-fixes).
- drm/amd/amdgpu/amdgpu_cs: fix refcount leak of a dma_fence obj
(git-fixes).
- drm/amd/display: Fix a NULL pointer dereference in
amdgpu_dm_connector_add_common_modes() (git-fixes).
- drm/amd/display: Fix allocate_mst_payload assert on resume (git-fixes).
- drm/amd/display: do not ignore alpha property on pre-multiplied mode
(git-fixes).
- drm/amd: Add USBC connector ID (git-fixes).
- drm/amdgpu: Fix recursive locking warning (git-fixes).
- drm/amdgpu: fix off by one in amdgpu_gfx_kiq_acquire() (git-fixes).
- drm/amdkfd: Check for potential null return of kmalloc_array()
(git-fixes).
- drm/amdkfd: Fix Incorrect VMIDs passed to HWS (git-fixes).
- drm/amdkfd: make CRAT table missing message informational only
(git-fixes).
- drm/bridge: Add missing pm_runtime_disable() in __dw_mipi_dsi_probe
(git-fixes).
- drm/bridge: Fix free wrong object in sii8620_init_rcp_input_dev
(git-fixes).
- drm/bridge: cdns-dsi: Make sure to to create proper aliases for dt
(git-fixes).
- drm/edid: Do not clear formats if using deep color (git-fixes).
- drm/edid: check basic audio support on CEA extension block (git-fixes).
- drm/i915/gem: Flush coherency domains on first set-domain-ioctl
(git-fixes).
- drm/i915: Call i915_globals_exit() if pci_register_device() fails
(git-fixes).
- drm/imx: Fix memory leak in imx_pd_connector_get_modes (git-fixes).
- drm/mediatek: Add AAL output size configuration (git-fixes).
- drm/mediatek: Fix aal size config (git-fixes).
- drm/msm/dsi: Use connector directly in msm_dsi_manager_connector_init()
(git-fixes).
- drm/panel/raspberrypi-touchscreen: Avoid NULL deref if not initialised
(git-fixes).
- drm/panel/raspberrypi-touchscreen: Initialise the bridge in prepare
(git-fixes).
- drm/tegra: Fix reference leak in tegra_dsi_ganged_probe (git-fixes).
- drm/vc4: Use pm_runtime_resume_and_get to fix pm_runtime_get_sync()
usage (git-fixes).
- drm: Add orientation quirk for GPD Win Max (git-fixes).
- drm: add a locked version of drm_is_current_master (bsc#1197914).
- drm: add a locked version of drm_is_current_master (bsc#1197914).
- drm: drm_file struct kABI compatibility workaround (bsc#1197914).
- drm: drm_file struct kABI compatibility workaround (bsc#1197914).
- drm: protect drm_master pointers in drm_lease.c (bsc#1197914).
- drm: protect drm_master pointers in drm_lease.c (bsc#1197914).
- drm: serialize drm_file.master with a new spinlock (bsc#1197914).
- drm: serialize drm_file.master with a new spinlock (bsc#1197914).
- drm: use the lookup lock in drm_is_current_master (bsc#1197914).
- drm: use the lookup lock in drm_is_current_master (bsc#1197914).
- e1000e: Fix possible overflow in LTR decoding (git-fixes).
- fibmap: Reject negative block numbers (bsc#1198448).
- fibmap: Use bmap instead of ->bmap method in ioctl_fibmap (bsc#1198448).
- firmware: arm_scmi: Fix sorting of retrieved clock rates (git-fixes).
- gpiolib: acpi: use correct format characters (git-fixes).
- gpu: ipu-v3: Fix dev_dbg frequency output (git-fixes).
- hwrng: cavium - HW_RANDOM_CAVIUM should depend on ARCH_THUNDER
(git-fixes).
- i2c: dev: Force case user pointers in compat_i2cdev_ioctl() (git-fixes).
- ipmi: Fix UAF when uninstall ipmi_si and ipmi_msghandler module
(git-fixes).
- ipmi: Move remove_work to dedicated workqueue (git-fixes).
- ipmi: bail out if init_srcu_struct fails (git-fixes).
- iwlwifi: Fix -EIO error code that is never returned (git-fixes).
- iwlwifi: mvm: Fix an error code in iwl_mvm_up() (git-fixes).
- livepatch: Do not block removal of patches that are safe to unload
(bsc#1071995).
- lz4: fix LZ4_decompress_safe_partial read out of bound (git-fixes).
- media: cx88-mpeg: clear interrupt status register before streaming video
(git-fixes).
- media: hdpvr: initialize dev->worker at hdpvr_register_videodev
(git-fixes).
- memory: atmel-ebi: Fix missing of_node_put in atmel_ebi_probe
(git-fixes).
- mfd: asic3: Add missing iounmap() on error asic3_mfd_probe (git-fixes).
- mfd: mc13xxx: Add check for mc13xxx_irq_request (git-fixes).
- mmc: host: Return an error when ->enable_sdio_irq() ops is missing
(git-fixes).
- mmc: mmci: stm32: correctly check all elements of sg list (git-fixes).
- mmc: mmci_sdmmc: Replace sg_dma_xxx macros (git-fixes).
- mmc: renesas_sdhi: do not overwrite TAP settings when HS400 tuning is
complete (git-fixes).
- mtd: onenand: Check for error irq (git-fixes).
- mtd: rawnand: atmel: fix refcount issue in atmel_nand_controller_init
(git-fixes).
- mtd: rawnand: gpmi: fix controller timings setting (git-fixes).
- mwl8k: Fix a double Free in mwl8k_probe_hw (git-fixes).
- net: asix: add proper error handling of usb read errors (git-fixes).
- net: mcs7830: handle usb read errors properly (git-fixes).
- net: usb: aqc111: Fix out-of-bounds accesses in RX fixup (git-fixes).
- nfc: nci: add flush_workqueue to prevent uaf (git-fixes).
- power: reset: gemini-poweroff: Fix IRQ check in gemini_poweroff_probe
(git-fixes).
- power: supply: ab8500: Fix memory leak in ab8500_fg_sysfs_init
(git-fixes).
- power: supply: axp20x_battery: properly report current when discharging
(git-fixes).
- power: supply: axp288-charger: Set Vhold to 4.4V (git-fixes).
- power: supply: bq24190_charger: Fix bq24190_vbus_is_enabled() wrong
false return (git-fixes).
- power: supply: wm8350-power: Add missing free in free_charger_irq
(git-fixes).
- power: supply: wm8350-power: Handle error for wm8350_register_irq
(git-fixes).
- powerpc/perf: Fix power10 event alternatives (jsc#SLE-13513 git-fixes).
- powerpc/perf: Fix power9 event alternatives (bsc#1137728, LTC#178106,
git-fixes).
- ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE
(bsc#1198413).
- random: check for signal_pending() outside of need_resched() check
(git-fixes).
- ray_cs: Check ioremap return value (git-fixes).
- regulator: wm8994: Add an off-on delay for WM8994 variant (git-fixes).
- rtc: check if __rtc_read_time was successful (git-fixes).
- rtc: wm8350: Handle error for wm8350_register_irq (git-fixes).
- scsi: libsas: Fix sas_ata_qc_issue() handling of NCQ NON DATA commands
(git-fixes).
- scsi: mpt3sas: Fix use after free in _scsih_expander_node_remove()
(git-fixes).
- scsi: mpt3sas: Page fault in reply q processing (git-fixes).
- scsi: scsi_dh_alua: Avoid crash during alua_bus_detach() (bsc#1028340
bsc#1198825).
- spi: Fix erroneous sgs value with min_t() (git-fixes).
- spi: Fix invalid sgs value (git-fixes).
- spi: atmel-quadspi: Fix the buswidth adjustment between spi-mem and
controller (git-fixes).
- spi: bcm-qspi: fix MSPI only access with bcm_qspi_exec_mem_op()
(git-fixes).
- spi: mxic: Fix the transmit path (git-fixes).
- spi: tegra20: Use of_device_get_match_data() (git-fixes).
- staging: mt7621-dts: fix LEDs and pinctrl on GB-PC1 devicetree
(git-fixes).
- vgacon: Propagate console boot parameters before calling `vc_resize'
(bsc#1152489)
- video: fbdev: atari: Atari 2 bpp (STe) palette bugfix (git-fixes).
- video: fbdev: cirrusfb: check pixclock to avoid divide by zero
(git-fixes).
- video: fbdev: nvidiafb: Use strscpy() to prevent buffer overflow
(git-fixes).
- video: fbdev: sm712fb: Fix crash in smtcfb_read() (git-fixes).
- video: fbdev: sm712fb: Fix crash in smtcfb_write() (git-fixes).
- video: fbdev: udlfb: properly check endpoint type (bsc#1152489)
- video: fbdev: w100fb: Reset global state (git-fixes).
- virtio_console: break out of buf poll on remove (git-fixes).
- virtio_console: eliminate anonymous module_init & module_exit
(git-fixes).
- w1: w1_therm: fixes w1_seq for ds28ea00 sensors (git-fixes).
- x86/pm: Save the MSR validity status at context setup (bsc#1198400).
- x86/sev: Unroll string mmio with CC_ATTR_GUEST_UNROLL_STRING_IO
(git-fixes).
- x86/speculation: Restore speculation related MSRs during S3 resume
(bsc#1198400).
- xen/blkfront: fix comment for need_copy (git-fixes).
- xen/x86: obtain full video frame buffer address for Dom0 also under EFI
(bsc#1193556).
- xen/x86: obtain upper 32 bits of video frame buffer address for Dom0
(bsc#1193556).
- xen: fix is_xen_pmu() (git-fixes).
- xhci: fix runtime PM imbalance in USB2 resume (git-fixes).
- xhci: fix uninitialized string returned by xhci_decode_ctrl_ctx()
(git-fixes).
Special Instructions and Notes:
Please reboot the system after installing this update.
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1676=1
- SUSE Linux Enterprise Module for Public Cloud 15-SP3:
zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP3-2022-1676=1
Package List:
- openSUSE Leap 15.3 (noarch):
kernel-devel-azure-5.3.18-150300.38.56.1
kernel-source-azure-5.3.18-150300.38.56.1
- openSUSE Leap 15.3 (x86_64):
cluster-md-kmp-azure-5.3.18-150300.38.56.1
cluster-md-kmp-azure-debuginfo-5.3.18-150300.38.56.1
dlm-kmp-azure-5.3.18-150300.38.56.1
dlm-kmp-azure-debuginfo-5.3.18-150300.38.56.1
gfs2-kmp-azure-5.3.18-150300.38.56.1
gfs2-kmp-azure-debuginfo-5.3.18-150300.38.56.1
kernel-azure-5.3.18-150300.38.56.1
kernel-azure-debuginfo-5.3.18-150300.38.56.1
kernel-azure-debugsource-5.3.18-150300.38.56.1
kernel-azure-devel-5.3.18-150300.38.56.1
kernel-azure-devel-debuginfo-5.3.18-150300.38.56.1
kernel-azure-extra-5.3.18-150300.38.56.1
kernel-azure-extra-debuginfo-5.3.18-150300.38.56.1
kernel-azure-livepatch-devel-5.3.18-150300.38.56.1
kernel-azure-optional-5.3.18-150300.38.56.1
kernel-azure-optional-debuginfo-5.3.18-150300.38.56.1
kernel-syms-azure-5.3.18-150300.38.56.1
kselftests-kmp-azure-5.3.18-150300.38.56.1
kselftests-kmp-azure-debuginfo-5.3.18-150300.38.56.1
ocfs2-kmp-azure-5.3.18-150300.38.56.1
ocfs2-kmp-azure-debuginfo-5.3.18-150300.38.56.1
reiserfs-kmp-azure-5.3.18-150300.38.56.1
reiserfs-kmp-azure-debuginfo-5.3.18-150300.38.56.1
- SUSE Linux Enterprise Module for Public Cloud 15-SP3 (noarch):
kernel-devel-azure-5.3.18-150300.38.56.1
kernel-source-azure-5.3.18-150300.38.56.1
- SUSE Linux Enterprise Module for Public Cloud 15-SP3 (x86_64):
kernel-azure-5.3.18-150300.38.56.1
kernel-azure-debuginfo-5.3.18-150300.38.56.1
kernel-azure-debugsource-5.3.18-150300.38.56.1
kernel-azure-devel-5.3.18-150300.38.56.1
kernel-azure-devel-debuginfo-5.3.18-150300.38.56.1
kernel-syms-azure-5.3.18-150300.38.56.1
References:
https://www.suse.com/security/cve/CVE-2020-27835.html
https://www.suse.com/security/cve/CVE-2021-0707.html
https://www.suse.com/security/cve/CVE-2021-20292.html
https://www.suse.com/security/cve/CVE-2021-20321.html
https://www.suse.com/security/cve/CVE-2021-38208.html
https://www.suse.com/security/cve/CVE-2021-4154.html
https://www.suse.com/security/cve/CVE-2022-0812.html
https://www.suse.com/security/cve/CVE-2022-1158.html
https://www.suse.com/security/cve/CVE-2022-1280.html
https://www.suse.com/security/cve/CVE-2022-1353.html
https://www.suse.com/security/cve/CVE-2022-1419.html
https://www.suse.com/security/cve/CVE-2022-1516.html
https://www.suse.com/security/cve/CVE-2022-28356.html
https://www.suse.com/security/cve/CVE-2022-28748.html
https://www.suse.com/security/cve/CVE-2022-28893.html
https://www.suse.com/security/cve/CVE-2022-29156.html
https://bugzilla.suse.com/1028340
https://bugzilla.suse.com/1065729
https://bugzilla.suse.com/1071995
https://bugzilla.suse.com/1121726
https://bugzilla.suse.com/1137728
https://bugzilla.suse.com/1152489
https://bugzilla.suse.com/1177028
https://bugzilla.suse.com/1179878
https://bugzilla.suse.com/1182073
https://bugzilla.suse.com/1183723
https://bugzilla.suse.com/1187055
https://bugzilla.suse.com/1191647
https://bugzilla.suse.com/1193556
https://bugzilla.suse.com/1193842
https://bugzilla.suse.com/1195926
https://bugzilla.suse.com/1196018
https://bugzilla.suse.com/1196114
https://bugzilla.suse.com/1196367
https://bugzilla.suse.com/1196514
https://bugzilla.suse.com/1196639
https://bugzilla.suse.com/1196942
https://bugzilla.suse.com/1197157
https://bugzilla.suse.com/1197391
https://bugzilla.suse.com/1197656
https://bugzilla.suse.com/1197660
https://bugzilla.suse.com/1197914
https://bugzilla.suse.com/1197926
https://bugzilla.suse.com/1198217
https://bugzilla.suse.com/1198330
https://bugzilla.suse.com/1198400
https://bugzilla.suse.com/1198413
https://bugzilla.suse.com/1198437
https://bugzilla.suse.com/1198448
https://bugzilla.suse.com/1198484
https://bugzilla.suse.com/1198515
https://bugzilla.suse.com/1198516
https://bugzilla.suse.com/1198660
https://bugzilla.suse.com/1198742
https://bugzilla.suse.com/1198825
https://bugzilla.suse.com/1199012
https://bugzilla.suse.com/1199024
1
0
SUSE-SU-2022:1678-1: important: Security update for jackson-databind, jackson-dataformats-binary, jackson-annotations, jackson-bom, jackson-core
by opensuse-security@opensuse.org 16 May '22
by opensuse-security@opensuse.org 16 May '22
16 May '22
SUSE Security Update: Security update for jackson-databind, jackson-dataformats-binary, jackson-annotations, jackson-bom, jackson-core
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1678-1
Rating: important
References: #1177616 #1182481 #1197132
Cross-References: CVE-2020-25649 CVE-2020-28491 CVE-2020-36518
CVSS scores:
CVE-2020-25649 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
CVE-2020-25649 (SUSE): 5.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
CVE-2020-28491 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2020-28491 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2020-36518 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2020-36518 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products:
SUSE Enterprise Storage 7
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Module for Development Tools 15-SP3
SUSE Linux Enterprise Module for Development Tools 15-SP4
SUSE Linux Enterprise Module for SUSE Manager Server 4.3
SUSE Linux Enterprise Realtime Extension 15-SP2
SUSE Linux Enterprise Server 15-SP2-BCL
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.1
SUSE Manager Server 4.1
SUSE Manager Server 4.2
SUSE Manager Server 4.3
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes three vulnerabilities is now available.
Description:
This update for jackson-databind, jackson-dataformats-binary,
jackson-annotations, jackson-bom, jackson-core fixes the following issues:
Security issues fixed:
- CVE-2020-36518: Fixed a Java stack overflow exception and denial of
service via a large depth of nested objects in jackson-databind.
(bsc#1197132)
- CVE-2020-25649: Fixed an insecure entity expansion in jackson-databind
which was vulnerable to XML external entity (XXE). (bsc#1177616)
- CVE-2020-28491: Fixed a bug which could cause
`java.lang.OutOfMemoryError` exception in jackson-dataformats-binary.
(bsc#1182481)
Non security fixes:
jackson-annotations - update from version 2.10.2 to version 2.13.0:
+ Build with source/target levels 8
+ Add 'mvnw' wrapper
+ 'JsonSubType.Type' should accept array of names
+ Jackson version alignment with Gradle 6
+ Add '@JsonIncludeProperties'
+ Add '@JsonTypeInfo(use=DEDUCTION)'
+ Ability to use '@JsonAnyGetter' on fields
+ Add '@JsonKey' annotation
+ Allow repeated calls to 'SimpleObjectIdResolver.bindItem()' for same
mapping
+ Add 'namespace' property for '@JsonProperty' (for XML module)
+ Add target 'ElementType.ANNOTATION_TYPE' for '@JsonEnumDefaultValue'
+ 'JsonPattern.Value.pattern' retained as "", never (accidentally)
exposed as 'null'
+ Rewrite to use `ant` for building in order to be able to use it in
packages that have to be built before maven
jackson-bom - update from version 2.10.2 to version 2.13.0:
+ Configure moditect plugin with '<jvmVersion>11</jvmVersion>'
+ jackson-bom manages the version of 'junit:junit'
+ Drop 'jackson-datatype-hibernate3' (support for Hibernate 3.x
datatypes)
+ Removed "jakarta" classifier variants of JAXB/JSON-P/JAX-RS modules
due to the addition of new Jakarta artifacts (Jakarta-JSONP,
Jakarta-xmlbind-annotations, Jakarta-rs-providers)
+ Add version for 'jackson-datatype-jakarta-jsonp' module (introduced
after 2.12.2)
+ Add (beta) version for 'jackson-dataformat-toml'
+ Jakarta 9 artifact versions are missing from jackson-bom
+ Add default settings for 'gradle-module-metadata-maven-plugin'
(gradle metadata)
+ Add default settings for 'build-helper-maven-plugin'
+ Drop 'jackson-module-scala_2.10' entry (not released for Jackson 2.12
or later)
+ Add override for 'version.plugin.bundle' (for 5.1.1) to help build on
JDK 15+
+ Add missing version for jackson-datatype-eclipse-collections
jackson-core - update from version 2.10.2 to version 2.13.0:
+ Build with source and target levels 8
+ Misleading exception for input source when processing byte buffer
with start offset
+ Escape contents of source document snippet for
'JsonLocation._appendSourceDesc()'
+ Add 'StreamWriteException' type to eventually replace
'JsonGenerationException'
+ Replace 'getCurrentLocation()'/'getTokenLocation()' with
'currentLocation()'/'currentTokenLocation()' in 'JsonParser'
+ Replace 'JsonGenerator.writeObject()' (and related) with 'writePOJO()'
+ Replace 'getCurrentValue()'/'setCurrentValue()' with
'currentValue()'/'assignCurrentValue()' in 'JsonParser'/'JsonGenerator
+ Introduce O(n^1.5) BigDecimal parser implementation
+ ByteQuadsCanonicalizer.addName(String, int, int) has incorrect
handling for case of q2 == null
+ UTF32Reader ArrayIndexOutOfBoundsException
+ Improve exception/JsonLocation handling for binary content: don't
show content, include byte offset
+ Fix an issue with the TokenFilter unable to ignore properties when
deserializing.
+ Optimize array allocation by 'JsonStringEncoder'
+ Add 'mvnw' wrapper
+ (partial) Optimize array allocation by 'JsonStringEncoder'
+ Add back accidentally removed 'JsonStringEncoder' related methods in
'BufferRecyclers' (like 'getJsonStringEncoder()')
+ 'ArrayOutOfBoundException' at
'WriterBasedJsonGenerator.writeString(Reader, int)'
+ Allow "optional-padding" for 'Base64Variant'
+ More customizable TokenFilter inclusion (using
'Tokenfilter.Inclusion')
+ Publish Gradle Module Metadata
+ Add 'StreamReadCapability' for further format-based/format-agnostic
handling improvements
+ Add 'JsonParser.isExpectedNumberIntToken()' convenience method
+ Add 'StreamWriteCapability' for further format-based/format-agnostic
handling improvements
+ Add 'JsonParser.getNumberValueExact()' to allow precision-retaining
buffering
+ Limit initial allocated block size by 'ByteArrayBuilder' to max block
size
+ Add 'JacksonException' as parent class of 'JsonProcessingException'
+ Make 'JsonWriteContext.reset()' and 'JsonReadContext.reset()' methods
public
+ Deprecate 'JsonParser.getCurrentTokenId()' (use '#currentTokenId()'
instead)
+ Full "LICENSE" included in jar for easier access by compliancy tools
+ Fix NPE in 'writeNumber(String)' method of 'UTF8JsonGenerator',
'WriterBasedJsonGenerator'
+ Add a String Array write method in the Streaming API
+ Synchronize variants of 'JsonGenerator#writeNumberField' with
'JsonGenerator#writeNumber'
+ Add JsonGenerator#writeNumber(char[], int, int) method
+ Do not clear aggregated contents of 'TextBuffer' when
'releaseBuffers()' called
+ 'FilteringGeneratorDelegate' does not handle 'writeString(Reader,
int)'
+ Optionally allow leading decimal in float tokens
+ Rewrite to use ant for building in order to be able to use it in
packages that have to be built before maven
+ Parsing JSON with 'ALLOW_MISSING_VALUE' enabled results in endless
stream of 'VALUE_NULL' tokens
+ Handle case when system property access is restricted
+ 'FilteringGeneratorDelegate' does not handle 'writeString(Reader,
int)'
+ DataFormatMatcher#getMatchedFormatName throws NPE when no match exists
+ 'JsonParser.getCurrentLocation()' byte/char offset update incorrectly
for big payloads
jackson-databind - update from version 2.10.5.1 to version 2.13.0:
+ '@JsonValue' with integer for enum does not deserialize correctly
+ 'AnnotatedMethod.getValue()/setValue()' doesn't have useful exception
message
+ Add 'DatabindException' as intermediate subtype of
'JsonMappingException'
+ Jackson does not support deserializing new Java 9 unmodifiable
collections
+ Allocate TokenBuffer instance via context objects (to allow
format-specific buffer types)
+ Add mechanism for setting default 'ContextAttributes' for
'ObjectMapper'
+ Add 'DeserializationContext.readTreeAsValue()' methods for more
convenient conversions for deserializers to use
+ Clean up support of typed "unmodifiable", "singleton"
Maps/Sets/Collections
+ Extend internal bitfield of 'MapperFeature' to be 'long'
+ Add 'removeMixIn()' method in 'MapperBuilder'
+ Backport 'MapperBuilder' lambda-taking methods:
'withConfigOverride()', 'withCoercionConfig()',
'withCoercionConfigDefaults()'
+ configOverrides(boolean.class) silently ignored, whereas
.configOverride(Boolean.class) works for both primitives and boxed
boolean values
+ Dont track unknown props in buffer if 'ignoreAllUnknown' is true
+ Should allow deserialization of java.time types via
opaque 'JsonToken.VALUE_EMBEDDED_OBJECT'
+ Optimize "AnnotatedConstructor.call()" case by passing explicit null
+ Add AnnotationIntrospector.XmlExtensions interface for decoupling
javax dependencies
+ Custom SimpleModule not included in list returned by
ObjectMapper.getRegisteredModuleIds() after registration
+ Use more limiting default visibility settings for JDK types (java.*,
javax.*)
+ Deep merge for 'JsonNode' using 'ObjectReader.readTree()'
+ IllegalArgumentException: Conflicting setter definitions for property
with more than 2 setters
+ Serializing java.lang.Thread fails on JDK 11 and above
+ String-based 'Map' key deserializer is not deterministic when there
is no single arg constructor
+ Add ArrayNode#set(int index, primitive_type value)
+ JsonStreamContext "currentValue" wrongly references to
'@JsonTypeInfo' annotated object
+ DOM 'Node' serialization omits the default namespace declaration
+ Support 'suppressed' property when deserializing 'Throwable'
+ 'AnnotatedMember.equals()' does not work reliably
+ Add 'MapperFeature.APPLY_DEFAULT_VALUES', initially for Scala module
+ For an absent property Jackson injects 'NullNode' instead of 'null'
to a JsonNode-typed constructor argument of a
'@ConstructorProperties'-annotated constructor
+ 'XMLGregorianCalendar' doesn't work with default typing
+ Content 'null' handling not working for root values
+ StdDeserializer rejects blank (all-whitespace) strings for ints
+ 'USE_BASE_TYPE_AS_DEFAULT_IMPL' not working with
'DefaultTypeResolverBuilder'
+ Add PropertyNamingStrategies.UpperSnakeCaseStrategy (and
UPPER_SNAKE_CASE constant)
+ StackOverflowError when serializing JsonProcessingException
+ Support for BCP 47 'java.util.Locale' serialization/deserialization
+ String property deserializes null as "null" for
JsonTypeInfo.As.EXISTING_PROPERTY
+ Can not deserialize json to enum value with Object-/Array-valued
input, '@JsonCreator'
+ Fix to avoid problem with 'BigDecimalNode', scale of
'Integer.MIN_VALUE'
+ Extend handling of 'FAIL_ON_NULL_FOR_PRIMITIVES' to cover coercion
from (Empty) String via 'AsNull'
+ Add 'mvnw' wrapper
+ (regression) Factory method generic type resolution does not use
Class-bound type parameter
+ Deserialization of "empty" subtype with DEDUCTION failed
+ Merge findInjectableValues() results in AnnotationIntrospectorPair
+ READ_UNKNOWN_ENUM_VALUES_USING_DEFAULT_VALUE doesn't work with empty
strings
+ 'TypeFactory' cannot convert 'Collection' sub-type without type
parameters to canonical form and back
+ Fix for [modules-java8#207]: prevent fail on secondary Java 8
date/time types
+ EXTERNAL_PROPERTY does not work well with '@JsonCreator' and
'FAIL_ON_UNKNOWN_PROPERTIES'
+ String property deserializes null as "null" for
'JsonTypeInfo.As.EXTERNAL_PROPERTY'
+ Property ignorals cause 'BeanDeserializer 'to forget how to read from
arrays (not copying '_arrayDelegateDeserializer')
+ UntypedObjectDeserializer' mixes multiple unwrapped collections
(related to #2733)
+ Two cases of incorrect error reporting about DeserializationFeature
+ Bug in polymorphic deserialization with '@JsonCreator',
'@JsonAnySetter', 'JsonTypeInfo.As.EXTERNAL_PROPERTY'
+ Polymorphic subtype deduction ignores 'defaultImpl' attribute
+ MismatchedInputException: Cannot deserialize instance
of 'com.fasterxml.jackson.databind.node.ObjectNode' out of
VALUE_NULL token
+ Missing override for 'hasAsKey()' in 'AnnotationIntrospectorPair'
+ Creator lookup fails with 'InvalidDefinitionException' for conflict
between single-double/single-Double arg constructor
+ 'MapDeserializer' forcing 'JsonMappingException' wrapping even if
WRAP_EXCEPTIONS set to false
+ Auto-detection of constructor-based creator method skipped if there
is an annotated factory-based creator method (regression from 2.11)
+ 'ObjectMapper.treeToValue()' no longer invokes
'JsonDeserializer.getNullValue()'
+ DeserializationProblemHandler is not invoked when trying to
deserialize String
+ Fix failing 'double' JsonCreators in jackson 2.12.0
+ Conflicting in POJOPropertiesCollector when having namingStrategy
+ Breaking API change in 'BasicClassIntrospector' (2.12.0)
+ 'JsonNode.requiredAt()' does NOT fail on some path expressions
+ Exception thrown when 'Collections.synchronizedList()' is serialized
with type info, deserialized
+ Add option to resolve type from multiple existing properties,
'@JsonTypeInfo(use=DEDUCTION)'
+ '@JsonIgnoreProperties' does not prevent Exception Conflicting
getter/setter definitions for property
+ Deserialization Not Working Right with Generic Types and Builders
+ Add '@JsonIncludeProperties(propertyNames)' (reverse of
'@JsonIgnoreProperties')
+ '@JsonAnyGetter' should be allowed on a field
+ Allow handling of single-arg constructor as property based by default
+ Allow case insensitive deserialization of String value into
'boolean'/'Boolean' (esp for Excel)
+ Allow use of '@JsonFormat(with=JsonFormat.Feature
.ACCEPT_CASE_INSENSITIVE_PROPERTIES)' on Class
+ Abstract class included as part of known type ids for error message
when using JsonSubTypes
+ Distinguish null from empty string for UUID deserialization
+ 'ReferenceType' does not expose valid containedType
+ Add 'CoercionConfig[s]' mechanism for configuring allowed coercions
+ 'JsonProperty.Access.READ_ONLY' does not work with "getter-as-setter"
'Collection's
+ Support 'BigInteger' and 'BigDecimal' creators in
'StdValueInstantiator'
+ 'JsonProperty.Access.READ_ONLY' fails with collections when a
property name is specified
+ 'BigDecimal' precision not retained for polymorphic deserialization
+ Support use of 'Void' valued properties
('MapperFeature.ALLOW_VOID_VALUED_PROPERTIES')
+ Explicitly fail (de)serialization of 'java.time.*' types in absence
of registered custom (de)serializers
+ Improve description included in by
'DeserializationContext.handleUnexpectedToken()'
+ Support for JDK 14 record types ('java.lang.Record')
+ 'PropertyNamingStrategy' class initialization depends
on its subclass, this can lead to class loading deadlock
+ 'FAIL_ON_IGNORED_PROPERTIES' does not throw on 'READONLY' properties
with an explicit name
+ Add Gradle Module Metadata for version alignment with Gradle 6
+ Allow 'JsonNode' auto-convert into 'ArrayNode' if duplicates found
(for XML)
+ Allow values of "untyped" auto-convert into 'List' if duplicates
found (for XML)
+ Add 'ValueInstantiator.createContextual(...)
+ Support multiple names in 'JsonSubType.Type'
+ Disabling 'FAIL_ON_INVALID_SUBTYPE' breaks polymorphic
deserialization of Enums
+ Explicitly fail (de)serialization of 'org.joda.time.*' types in
absence of registered custom (de)serializers
+ Trailing zeros are stripped when deserializing BigDecimal values
inside a @JsonUnwrapped property
+ Extract getter/setter/field name mangling from 'BeanUtil' into
pluggable 'AccessorNamingStrategy'
+ Throw 'InvalidFormatException' instead of 'MismatchedInputException'
for ACCEPT_FLOAT_AS_INT coercion failures
+ Add '@JsonKey' annotation (similar to '@JsonValue') for customizable
serialization of Map keys
+ 'MapperFeature.ACCEPT_CASE_INSENSITIVE_ENUMS' should work for enum as
keys
+ Add support for disabling special handling of "Creator properties"
wrt alphabetic property ordering
+ Add 'JsonNode.canConvertToExactIntegral()' to indicate whether
floating-point/BigDecimal values could be converted to integers
losslessly
+ Improve static factory method generic type resolution logic
+ Allow preventing "Enum from integer" coercion using new
'CoercionConfig' system
+ '@JsonValue' not considered when evaluating inclusion
+ Make some java platform modules optional
+ Add support for serializing 'java.sql.Blob'
+ 'AnnotatedCreatorCollector' should avoid processing synthetic static
(factory) methods
+ Add errorprone static analysis profile to detect bugs at build time
+ Problem with implicit creator name detection for constructor detection
+ Add 'BeanDeserializerBase.isCaseInsensitive()'
+ Refactoring of 'CollectionDeserializer' to solve CSV array handling
issues
+ Full "LICENSE" included in jar for easier access by compliancy tools
+ Fix type resolution for static methods (regression in 2.11.3)
+ '@JsonCreator' on constructor not compatible with
'@JsonIdentityInfo', 'PropertyGenerator'
+ Add debug improvements about 'ClassUtil.getClassMethods()'
+ Cannot detect creator arguments of mixins for JDK types
+ Add 'JsonFormat.Shape' awareness for UUID serialization
('UUIDSerializer')
+ Json serialization fails or a specific case that contains generics
and static methods with generic parameters (2.11.1 -> 2.11.2
regression)
+ 'ObjectMapper.activateDefaultTypingAsProperty()' is not using
parameter 'PolymorphicTypeValidator'
+ Problem deserialization "raw generic" fields (like 'Map') in 2.11.2
+ Fix issues with 'MapLikeType.isTrueMapType()',
'CollectionLikeType.isTrueCollectionType()'
+ Parser/Generator features not set when using
'ObjectMapper.createParser()', 'createGenerator()'
+ Polymorphic subtypes not registering on copied ObjectMapper (2.11.1)
+ Failure to read AnnotatedField value in Jackson 2.11
+ 'TypeFactory.constructType()' does not take 'TypeBindings' correctly
+ Builder Deserialization with JsonCreator Value vs Array
+ JsonCreator on static method in Enum and Enum used as key in map
fails randomly
+ 'StdSubtypeResolver' is not thread safe (possibly due to copy not
being made with 'ObjectMapper.copy()')
+ "Conflicting setter definitions for property" exception for 'Map'
subtype during deserialization
+ Fail to deserialize local Records
+ Rearranging of props when property-based generator is in use leads to
incorrect output
+ Jackson doesn't respect 'CAN_OVERRIDE_ACCESS_MODIFIERS=false' for
deserializer properties
+ 'DeserializationFeature.UNWRAP_SINGLE_VALUE_ARRAYS' don't support
'Map' type field
+ JsonParser from MismatchedInputException cannot getText() for
floating-point value
+ i-I case conversion problem in Turkish locale with case-insensitive
deserialization
+ '@JsonInject' fails on trying to find deserializer even if inject-only
+ Polymorphic deserialization should handle case-insensitive Type Id
property name if 'MapperFeature.ACCEPT_CASE_INSENSITIVE_PROPERTIES'
is enabled
+ TreeTraversingParser and UTF8StreamJsonParser create contexts
differently
+ Support use of '@JsonAlias' for enum values
+ 'declaringClass' of "enum-as-POJO" not removed for 'ObjectMapper'
with a naming strategy
+ Fix 'JavaType.isEnumType()' to support sub-classes
+ BeanDeserializerBuilder Protected Factory Method for Extension
+ Support '@JsonSerialize(keyUsing)' and '@JsonDeserialize(keyUsing)'
on Key class
+ Add 'SerializationFeature.WRITE_SELF_REFERENCES_AS_NULL'
+ 'ObjectMapper.registerSubtypes(NamedType...)' doesn't allow
registering same POJO for two different type ids
+ 'DeserializationContext.handleMissingInstantiator()' throws
'MismatchedInputException' for non-static inner classes
+ Incorrect 'JsonStreamContext' for 'TokenBuffer' and
'TreeTraversingParser'
+ Add 'AnnotationIntrospector.findRenameByField()' to support Kotlin's
"is-getter" naming convention
+ Use '@JsonProperty(index)' for sorting properties on serialization
+ Java 8 'Optional' not working with '@JsonUnwrapped' on unwrappable
type
+ Add 'MapperFeature.BLOCK_UNSAFE_POLYMORPHIC_BASE_TYPES' to allow
blocking use of unsafe base type for polymorphic deserialization
+ 'ObjectMapper.setSerializationInclusion()' is ignored for
'JsonAnyGetter'
+ 'ValueInstantiationException' when deserializing using a builder and
'UNWRAP_SINGLE_VALUE_ARRAYS'
+ JsonIgnoreProperties(ignoreUnknown = true) does not work on field and
method level
+ Failure to resolve generic type parameters on serialization
+ JsonParser cannot getText() for input stream on
MismatchedInputException
+ ObjectReader readValue lacks Class<T> argument
+ Change default textual serialization of 'java.util.Date'/'Calendar'
to include colon in timezone
offset
+ Add 'ObjectMapper.createParser()' and 'createGenerator()' methods
+ Allow serialization of 'Properties' with non-String values
+ Add new factory method for creating custom 'EnumValues' to pass to
'EnumDeserializer
+ 'IllegalArgumentException' thrown for mismatched subclass
deserialization
+ Add convenience methods for creating 'List', 'Map' valued
'ObjectReader's (ObjectMapper.readerForListOf())
+ 'SerializerProvider.findContentValueSerializer()' methods
jackson-dataformats-binary - update from version 2.10.1 to version 2.13.0:
+ (cbor) Should validate UTF-8 multi-byte validity for short decode
path too
+ (ion) Deprecate 'CloseSafeUTF8Writer', remove use
+ (smile) Make 'SmileFactory' support
'JsonFactory.Feature.CANONICALIZE_FIELD_NAMES'
+ (cbor) Make 'CBORFactory' support
'JsonFactory.Feature.CANONICALIZE_FIELD_NAMES'
+ (cbor) Handle case of BigDecimal with Integer.MIN_VALUE for scale
gracefully
+ (cbor) Uncaught exception in CBORParser._nextChunkedByte2 (by
ossfuzzer)
+ (cbor) Another uncaught exception in CBORParser._nextChunkedByte2 (by
ossfuzzer)
+ (smile) Add 'SmileGenerator.Feature.LENIENT_UTF_ENCODING' for lenient
handling of broken Unicode surrogate pairs on writing
+ (avro) Add 'logicalType' support for some 'java.time' types; add
'AvroJavaTimeModule' for native ser/deser
+ Support base64 strings in 'getBinaryValue()' for CBOR and Smile
+ (cbor) 'ArrayIndexOutOfBounds' for truncated UTF-8 name
+ (avro) Generate logicalType switch
+ (smile) 'ArrayIndexOutOfBounds' for truncated UTF-8 name
+ (ion) 'jackson-dataformat-ion' does not handle null.struct
deserialization correctly
+ 'Ion-java' dep 1.4.0 -> 1.8.0
+ Minor change to Ion module registration names (fully-qualified)
+ (cbor) Uncaught exception in CBORParser._nextChunkedByte2 (by
ossfuzzer)
+ (cbor) Uncaught exception in CBORParser._findDecodedFromSymbols() (by
ossfuzzer)
+ (smile) Uncaught validation problem wrt Smile "BigDecimal" type
+ (smile) ArrayIndexOutOfBoundsException for malformed Smile header
+ (cbor) Failed to handle case of alleged String with length of
Integer.MAX_VALUE
+ (smile) Allocate byte[] lazily for longer Smile binary data payloads
+ (cbor) CBORParser need to validate zero-length byte[] for BigInteger
+ (smile) Handle invalid chunked-binary-format length gracefully
+ (smile) Allocate byte[] lazily for longer Smile binary data payloads
(7-bit encoded)
+ (smile) ArrayIndexOutOfBoundsException in
SmileParser._decodeShortUnicodeValue()
+ (smile) Handle sequence of Smile header markers without recursion
+ (cbor) CBOR loses 'Map' entries with specific 'long' Map key values
(32-bit boundary)
+ (ion) Ion Polymorphic deserialization in 2.12 breaks wrt use of
Native Type Ids when upgrading from 2.8
+ (cbor) 'ArrayIndexOutOfBoundsException' in 'CBORParser' for invalid
UTF-8 String
+ (cbor) Handle invalid CBOR content like '[0x84]' (incomplete array)
+ (ion) Respect 'WRITE_ENUMS_USING_TO_STRING' in
'EnumAsIonSymbolSerializer'
+ (ion) Add support for generating IonSexps
+ (ion) Add support for deserializing IonTimestamps and IonBlobs
+ (ion) Add 'IonObjectMapper.builderForBinaryWriters()' /
'.builderforTextualWriters()' convenience methods
+ (ion) Enabling pretty-printing fails Ion serialization
+ (ion) Allow disabling native type ids in IonMapper
+ (smile) Small bug in byte-alignment for long field names in Smile,
symbol table reuse
+ (ion) Add 'IonFactory.getIonSystem()' accessor
+ (ion) Optimize 'IonParser.getNumberType()' using
'IonReader.getIntegerSize()'
+ (cbor) Add 'CBORGenerator.Feature.LENIENT_UTF_ENCODING' for lenient
handling of Unicode surrogate pairs on writing
+ (cbor) Add support for decoding unassigned "simple values" (type 7)
+ Add Gradle Module Metadata
(https://blog.gradle.org/alignment-with-gradle-module-metadata)
+ (avro) Cache record names to avoid hitting class loader
+ (avro) Avro null deserialization
+ (ion) Add 'IonFactory.getIonSystem()' accessor
+ (avro) Add 'AvroGenerator.canWriteBinaryNatively()' to support binary
writes, fix 'java.util.UUID' representation
+ (ion) Allow 'IonObjectMapper' with class name annotation introspector
to deserialize generic subtypes
+ Remove dependencies upon Jackson 1.X and Avro's JacksonUtils
+ 'jackson-databind' should not be full dependency for (cbor, protobuf,
smile) modules
+ 'CBORGenerator.Feature.WRITE_MINIMAL_INTS' does not write most
compact form for all integers
+ 'AvroGenerator' overrides 'getOutputContext()' properly
+ (ion) Add 'IonFactory.getIonSystem()' accessor
+ (avro) Fix schema evolution involving maps of non-scalar
+ (protobuf) Parsing a protobuf message doesn't properly skip unknown
fields
+ (ion) IonObjectMapper close()s the provided IonWriter unnecessarily
+ ion-java dependency 1.4.0 -> 1.5.1
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1678=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1678=1
- SUSE Manager Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-1678=1
- SUSE Manager Retail Branch Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-1678=1
- SUSE Manager Proxy 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-1678=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-1678=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-1678=1
- SUSE Linux Enterprise Server 15-SP2-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-1678=1
- SUSE Linux Enterprise Realtime Extension 15-SP2:
zypper in -t patch SUSE-SLE-Product-RT-15-SP2-2022-1678=1
- SUSE Linux Enterprise Module for SUSE Manager Server 4.3:
zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Server-4.3-2022-1678=1
- SUSE Linux Enterprise Module for Development Tools 15-SP4:
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP4-2022-1678=1
- SUSE Linux Enterprise Module for Development Tools 15-SP3:
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP3-2022-1678=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-1678=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-1678=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-1678=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-1678=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2022-1678=1
Package List:
- openSUSE Leap 15.4 (noarch):
jackson-annotations-2.13.0-150200.3.6.1
jackson-annotations-javadoc-2.13.0-150200.3.6.1
jackson-bom-2.13.0-150200.3.3.1
jackson-core-2.13.0-150200.3.6.1
jackson-core-javadoc-2.13.0-150200.3.6.1
jackson-databind-2.13.0-150200.3.9.1
jackson-databind-javadoc-2.13.0-150200.3.9.1
jackson-dataformat-cbor-2.13.0-150200.3.3.3
jackson-dataformat-smile-2.13.0-150200.3.3.3
jackson-dataformats-binary-2.13.0-150200.3.3.3
jackson-dataformats-binary-javadoc-2.13.0-150200.3.3.3
- openSUSE Leap 15.3 (noarch):
jackson-annotations-2.13.0-150200.3.6.1
jackson-annotations-javadoc-2.13.0-150200.3.6.1
jackson-bom-2.13.0-150200.3.3.1
jackson-core-2.13.0-150200.3.6.1
jackson-core-javadoc-2.13.0-150200.3.6.1
jackson-databind-2.13.0-150200.3.9.1
jackson-databind-javadoc-2.13.0-150200.3.9.1
jackson-dataformat-cbor-2.13.0-150200.3.3.3
jackson-dataformat-smile-2.13.0-150200.3.3.3
jackson-dataformats-binary-2.13.0-150200.3.3.3
jackson-dataformats-binary-javadoc-2.13.0-150200.3.3.3
- SUSE Manager Server 4.1 (noarch):
jackson-annotations-2.13.0-150200.3.6.1
jackson-core-2.13.0-150200.3.6.1
jackson-databind-2.13.0-150200.3.9.1
jackson-dataformat-cbor-2.13.0-150200.3.3.3
- SUSE Manager Retail Branch Server 4.1 (noarch):
jackson-annotations-2.13.0-150200.3.6.1
jackson-core-2.13.0-150200.3.6.1
jackson-databind-2.13.0-150200.3.9.1
jackson-dataformat-cbor-2.13.0-150200.3.3.3
- SUSE Manager Proxy 4.1 (noarch):
jackson-annotations-2.13.0-150200.3.6.1
jackson-core-2.13.0-150200.3.6.1
jackson-databind-2.13.0-150200.3.9.1
jackson-dataformat-cbor-2.13.0-150200.3.3.3
- SUSE Linux Enterprise Server for SAP 15-SP2 (noarch):
jackson-annotations-2.13.0-150200.3.6.1
jackson-core-2.13.0-150200.3.6.1
jackson-databind-2.13.0-150200.3.9.1
jackson-dataformat-cbor-2.13.0-150200.3.3.3
- SUSE Linux Enterprise Server 15-SP2-LTSS (noarch):
jackson-annotations-2.13.0-150200.3.6.1
jackson-core-2.13.0-150200.3.6.1
jackson-databind-2.13.0-150200.3.9.1
jackson-dataformat-cbor-2.13.0-150200.3.3.3
- SUSE Linux Enterprise Server 15-SP2-BCL (noarch):
jackson-annotations-2.13.0-150200.3.6.1
jackson-core-2.13.0-150200.3.6.1
jackson-databind-2.13.0-150200.3.9.1
jackson-dataformat-cbor-2.13.0-150200.3.3.3
- SUSE Linux Enterprise Realtime Extension 15-SP2 (noarch):
jackson-annotations-2.13.0-150200.3.6.1
jackson-core-2.13.0-150200.3.6.1
jackson-databind-2.13.0-150200.3.9.1
jackson-dataformat-cbor-2.13.0-150200.3.3.3
- SUSE Linux Enterprise Module for SUSE Manager Server 4.3 (noarch):
jackson-annotations-2.13.0-150200.3.6.1
jackson-core-2.13.0-150200.3.6.1
jackson-databind-2.13.0-150200.3.9.1
- SUSE Linux Enterprise Module for Development Tools 15-SP4 (noarch):
jackson-dataformat-cbor-2.13.0-150200.3.3.3
- SUSE Linux Enterprise Module for Development Tools 15-SP3 (noarch):
jackson-annotations-2.13.0-150200.3.6.1
jackson-core-2.13.0-150200.3.6.1
jackson-databind-2.13.0-150200.3.9.1
jackson-dataformat-cbor-2.13.0-150200.3.3.3
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (noarch):
jackson-annotations-2.13.0-150200.3.6.1
jackson-core-2.13.0-150200.3.6.1
jackson-databind-2.13.0-150200.3.9.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (noarch):
jackson-annotations-2.13.0-150200.3.6.1
jackson-annotations-javadoc-2.13.0-150200.3.6.1
jackson-core-2.13.0-150200.3.6.1
jackson-core-javadoc-2.13.0-150200.3.6.1
jackson-databind-2.13.0-150200.3.9.1
jackson-databind-javadoc-2.13.0-150200.3.9.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (noarch):
jackson-annotations-2.13.0-150200.3.6.1
jackson-core-2.13.0-150200.3.6.1
jackson-databind-2.13.0-150200.3.9.1
jackson-dataformat-cbor-2.13.0-150200.3.3.3
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (noarch):
jackson-annotations-2.13.0-150200.3.6.1
jackson-core-2.13.0-150200.3.6.1
jackson-databind-2.13.0-150200.3.9.1
jackson-dataformat-cbor-2.13.0-150200.3.3.3
- SUSE Enterprise Storage 7 (noarch):
jackson-annotations-2.13.0-150200.3.6.1
jackson-core-2.13.0-150200.3.6.1
jackson-databind-2.13.0-150200.3.9.1
jackson-dataformat-cbor-2.13.0-150200.3.3.3
References:
https://www.suse.com/security/cve/CVE-2020-25649.html
https://www.suse.com/security/cve/CVE-2020-28491.html
https://www.suse.com/security/cve/CVE-2020-36518.html
https://bugzilla.suse.com/1177616
https://bugzilla.suse.com/1182481
https://bugzilla.suse.com/1197132
1
0
SUSE-SU-2022:1665-1: important: Security update for pidgin
by opensuse-security@opensuse.org 16 May '22
by opensuse-security@opensuse.org 16 May '22
16 May '22
SUSE Security Update: Security update for pidgin
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1665-1
Rating: important
References: #1199025
Cross-References: CVE-2022-26491
CVSS scores:
CVE-2022-26491 (SUSE): 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Affected Products:
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Workstation Extension 15-SP3
SUSE Manager Proxy 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for pidgin fixes the following issues:
- CVE-2022-26491: Fixed MITM vulnerability when DNSSEC wasn't used
(bsc#1199025).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1665=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1665=1
- SUSE Linux Enterprise Workstation Extension 15-SP3:
zypper in -t patch SUSE-SLE-Product-WE-15-SP3-2022-1665=1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3:
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP3-2022-1665=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
finch-2.13.0-150200.12.6.1
finch-debuginfo-2.13.0-150200.12.6.1
finch-devel-2.13.0-150200.12.6.1
libpurple-2.13.0-150200.12.6.1
libpurple-debuginfo-2.13.0-150200.12.6.1
libpurple-devel-2.13.0-150200.12.6.1
libpurple-plugin-sametime-2.13.0-150200.12.6.1
libpurple-plugin-sametime-debuginfo-2.13.0-150200.12.6.1
libpurple-tcl-2.13.0-150200.12.6.1
libpurple-tcl-debuginfo-2.13.0-150200.12.6.1
pidgin-2.13.0-150200.12.6.1
pidgin-debuginfo-2.13.0-150200.12.6.1
pidgin-debugsource-2.13.0-150200.12.6.1
pidgin-devel-2.13.0-150200.12.6.1
- openSUSE Leap 15.4 (noarch):
libpurple-branding-upstream-2.13.0-150200.12.6.1
libpurple-lang-2.13.0-150200.12.6.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
finch-2.13.0-150200.12.6.1
finch-debuginfo-2.13.0-150200.12.6.1
finch-devel-2.13.0-150200.12.6.1
libpurple-2.13.0-150200.12.6.1
libpurple-debuginfo-2.13.0-150200.12.6.1
libpurple-devel-2.13.0-150200.12.6.1
libpurple-plugin-sametime-2.13.0-150200.12.6.1
libpurple-plugin-sametime-debuginfo-2.13.0-150200.12.6.1
libpurple-tcl-2.13.0-150200.12.6.1
libpurple-tcl-debuginfo-2.13.0-150200.12.6.1
pidgin-2.13.0-150200.12.6.1
pidgin-debuginfo-2.13.0-150200.12.6.1
pidgin-debugsource-2.13.0-150200.12.6.1
pidgin-devel-2.13.0-150200.12.6.1
- openSUSE Leap 15.3 (noarch):
libpurple-branding-upstream-2.13.0-150200.12.6.1
libpurple-lang-2.13.0-150200.12.6.1
- SUSE Linux Enterprise Workstation Extension 15-SP3 (noarch):
libpurple-branding-upstream-2.13.0-150200.12.6.1
libpurple-lang-2.13.0-150200.12.6.1
- SUSE Linux Enterprise Workstation Extension 15-SP3 (x86_64):
libpurple-2.13.0-150200.12.6.1
libpurple-debuginfo-2.13.0-150200.12.6.1
libpurple-devel-2.13.0-150200.12.6.1
libpurple-plugin-sametime-2.13.0-150200.12.6.1
libpurple-plugin-sametime-debuginfo-2.13.0-150200.12.6.1
pidgin-2.13.0-150200.12.6.1
pidgin-debuginfo-2.13.0-150200.12.6.1
pidgin-debugsource-2.13.0-150200.12.6.1
pidgin-devel-2.13.0-150200.12.6.1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3 (aarch64 ppc64le s390x):
finch-2.13.0-150200.12.6.1
finch-debuginfo-2.13.0-150200.12.6.1
finch-devel-2.13.0-150200.12.6.1
libpurple-2.13.0-150200.12.6.1
libpurple-debuginfo-2.13.0-150200.12.6.1
libpurple-devel-2.13.0-150200.12.6.1
libpurple-plugin-sametime-2.13.0-150200.12.6.1
libpurple-plugin-sametime-debuginfo-2.13.0-150200.12.6.1
libpurple-tcl-2.13.0-150200.12.6.1
libpurple-tcl-debuginfo-2.13.0-150200.12.6.1
pidgin-2.13.0-150200.12.6.1
pidgin-debuginfo-2.13.0-150200.12.6.1
pidgin-debugsource-2.13.0-150200.12.6.1
pidgin-devel-2.13.0-150200.12.6.1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3 (noarch):
libpurple-branding-upstream-2.13.0-150200.12.6.1
libpurple-lang-2.13.0-150200.12.6.1
References:
https://www.suse.com/security/cve/CVE-2022-26491.html
https://bugzilla.suse.com/1199025
1
0
SUSE-SU-2022:1657-1: moderate: Security update for curl
by opensuse-security@opensuse.org 13 May '22
by opensuse-security@opensuse.org 13 May '22
13 May '22
SUSE Security Update: Security update for curl
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1657-1
Rating: moderate
References: #1198614 #1198723 #1198766
Cross-References: CVE-2022-22576 CVE-2022-27775 CVE-2022-27776
CVSS scores:
CVE-2022-22576 (SUSE): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
CVE-2022-27775 (SUSE): 5.6 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
CVE-2022-27776 (SUSE): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Affected Products:
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Micro 5.1
SUSE Linux Enterprise Micro 5.2
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Manager Proxy 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.3
______________________________________________________________________________
An update that fixes three vulnerabilities is now available.
Description:
This update for curl fixes the following issues:
- CVE-2022-27776: Fixed auth/cookie leak on redirect (bsc#1198766)
- CVE-2022-27775: Fixed bad local IPv6 connection reuse (bsc#1198723)
- CVE-2022-22576: Fixed OAUTH2 bearer bypass in connection re-use
(bsc#1198614)
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1657=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-1657=1
- SUSE Linux Enterprise Micro 5.2:
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2022-1657=1
- SUSE Linux Enterprise Micro 5.1:
zypper in -t patch SUSE-SUSE-MicroOS-5.1-2022-1657=1
Package List:
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
curl-7.66.0-150200.4.30.1
curl-debuginfo-7.66.0-150200.4.30.1
curl-debugsource-7.66.0-150200.4.30.1
libcurl-devel-7.66.0-150200.4.30.1
libcurl4-7.66.0-150200.4.30.1
libcurl4-debuginfo-7.66.0-150200.4.30.1
- openSUSE Leap 15.3 (x86_64):
libcurl-devel-32bit-7.66.0-150200.4.30.1
libcurl4-32bit-7.66.0-150200.4.30.1
libcurl4-32bit-debuginfo-7.66.0-150200.4.30.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64):
curl-7.66.0-150200.4.30.1
curl-debuginfo-7.66.0-150200.4.30.1
curl-debugsource-7.66.0-150200.4.30.1
libcurl-devel-7.66.0-150200.4.30.1
libcurl4-7.66.0-150200.4.30.1
libcurl4-debuginfo-7.66.0-150200.4.30.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (x86_64):
libcurl4-32bit-7.66.0-150200.4.30.1
libcurl4-32bit-debuginfo-7.66.0-150200.4.30.1
- SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64):
curl-7.66.0-150200.4.30.1
curl-debuginfo-7.66.0-150200.4.30.1
curl-debugsource-7.66.0-150200.4.30.1
libcurl4-7.66.0-150200.4.30.1
libcurl4-debuginfo-7.66.0-150200.4.30.1
- SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64):
curl-7.66.0-150200.4.30.1
curl-debuginfo-7.66.0-150200.4.30.1
curl-debugsource-7.66.0-150200.4.30.1
libcurl4-7.66.0-150200.4.30.1
libcurl4-debuginfo-7.66.0-150200.4.30.1
References:
https://www.suse.com/security/cve/CVE-2022-22576.html
https://www.suse.com/security/cve/CVE-2022-27775.html
https://www.suse.com/security/cve/CVE-2022-27776.html
https://bugzilla.suse.com/1198614
https://bugzilla.suse.com/1198723
https://bugzilla.suse.com/1198766
1
0
SUSE-SU-2022:1644-1: important: Security update for clamav
by opensuse-security@opensuse.org 12 May '22
by opensuse-security@opensuse.org 12 May '22
12 May '22
SUSE Security Update: Security update for clamav
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1644-1
Rating: important
References: #1199242 #1199244 #1199245 #1199246 #1199274
Cross-References: CVE-2022-20770 CVE-2022-20771 CVE-2022-20785
CVE-2022-20792 CVE-2022-20796
CVSS scores:
CVE-2022-20770 (SUSE): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2022-20771 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-20785 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-20792 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-20796 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products:
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes 5 vulnerabilities is now available.
Description:
This update for clamav fixes the following issues:
- CVE-2022-20770: Fixed a possible infinite loop vulnerability in the CHM
file parser (bsc#1199242).
- CVE-2022-20796: Fixed a possible NULL-pointer dereference crash in the
scan verdict cache check (bsc#1199246).
- CVE-2022-20771: Fixed a possible infinite loop vulnerability in the TIFF
file parser (bsc#1199244).
- CVE-2022-20785: Fixed a possible memory leak in the HTML file parser /
Javascript normalizer (bsc#1199245).
- CVE-2022-20792: Fixed a possible multi-byte heap buffer overflow write
vulnerability in the signature database load module (bsc#1199274).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1644=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1644=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-1644=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-1644=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
clamav-0.103.6-150000.3.38.1
clamav-debuginfo-0.103.6-150000.3.38.1
clamav-debugsource-0.103.6-150000.3.38.1
clamav-devel-0.103.6-150000.3.38.1
libclamav9-0.103.6-150000.3.38.1
libclamav9-debuginfo-0.103.6-150000.3.38.1
libfreshclam2-0.103.6-150000.3.38.1
libfreshclam2-debuginfo-0.103.6-150000.3.38.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
clamav-0.103.6-150000.3.38.1
clamav-debuginfo-0.103.6-150000.3.38.1
clamav-debugsource-0.103.6-150000.3.38.1
clamav-devel-0.103.6-150000.3.38.1
libclamav9-0.103.6-150000.3.38.1
libclamav9-debuginfo-0.103.6-150000.3.38.1
libfreshclam2-0.103.6-150000.3.38.1
libfreshclam2-debuginfo-0.103.6-150000.3.38.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64 ppc64le s390x x86_64):
clamav-0.103.6-150000.3.38.1
clamav-debuginfo-0.103.6-150000.3.38.1
clamav-debugsource-0.103.6-150000.3.38.1
clamav-devel-0.103.6-150000.3.38.1
libclamav9-0.103.6-150000.3.38.1
libclamav9-debuginfo-0.103.6-150000.3.38.1
libfreshclam2-0.103.6-150000.3.38.1
libfreshclam2-debuginfo-0.103.6-150000.3.38.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64):
clamav-0.103.6-150000.3.38.1
clamav-debuginfo-0.103.6-150000.3.38.1
clamav-debugsource-0.103.6-150000.3.38.1
clamav-devel-0.103.6-150000.3.38.1
libclamav9-0.103.6-150000.3.38.1
libclamav9-debuginfo-0.103.6-150000.3.38.1
libfreshclam2-0.103.6-150000.3.38.1
libfreshclam2-debuginfo-0.103.6-150000.3.38.1
References:
https://www.suse.com/security/cve/CVE-2022-20770.html
https://www.suse.com/security/cve/CVE-2022-20771.html
https://www.suse.com/security/cve/CVE-2022-20785.html
https://www.suse.com/security/cve/CVE-2022-20792.html
https://www.suse.com/security/cve/CVE-2022-20796.html
https://bugzilla.suse.com/1199242
https://bugzilla.suse.com/1199244
https://bugzilla.suse.com/1199245
https://bugzilla.suse.com/1199246
https://bugzilla.suse.com/1199274
1
0
SUSE-SU-2022:1617-1: important: Security update for gzip
by opensuse-security@opensuse.org 10 May '22
by opensuse-security@opensuse.org 10 May '22
10 May '22
SUSE Security Update: Security update for gzip
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1617-1
Rating: important
References: #1198062 #1198922
Cross-References: CVE-2022-1271
CVSS scores:
CVE-2022-1271 (SUSE): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products:
SUSE Enterprise Storage 7
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Micro 5.0
SUSE Linux Enterprise Micro 5.1
SUSE Linux Enterprise Micro 5.2
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Realtime Extension 15-SP2
SUSE Linux Enterprise Server 15-SP2-BCL
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.1
SUSE Manager Server 4.1
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that solves one vulnerability and has one errata
is now available.
Description:
This update for gzip fixes the following issues:
- CVE-2022-1271: Fix escaping of malicious filenames. (bsc#1198062)
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1617=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1617=1
- SUSE Manager Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-1617=1
- SUSE Manager Retail Branch Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-1617=1
- SUSE Manager Proxy 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-1617=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-1617=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-1617=1
- SUSE Linux Enterprise Server 15-SP2-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-1617=1
- SUSE Linux Enterprise Realtime Extension 15-SP2:
zypper in -t patch SUSE-SLE-Product-RT-15-SP2-2022-1617=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-1617=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-1617=1
- SUSE Linux Enterprise Micro 5.2:
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2022-1617=1
- SUSE Linux Enterprise Micro 5.1:
zypper in -t patch SUSE-SUSE-MicroOS-5.1-2022-1617=1
- SUSE Linux Enterprise Micro 5.0:
zypper in -t patch SUSE-SUSE-MicroOS-5.0-2022-1617=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-1617=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-1617=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2022-1617=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
gzip-1.10-150200.10.1
gzip-debuginfo-1.10-150200.10.1
gzip-debugsource-1.10-150200.10.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
gzip-1.10-150200.10.1
gzip-debuginfo-1.10-150200.10.1
gzip-debugsource-1.10-150200.10.1
- SUSE Manager Server 4.1 (ppc64le s390x x86_64):
gzip-1.10-150200.10.1
gzip-debuginfo-1.10-150200.10.1
gzip-debugsource-1.10-150200.10.1
- SUSE Manager Retail Branch Server 4.1 (x86_64):
gzip-1.10-150200.10.1
gzip-debuginfo-1.10-150200.10.1
gzip-debugsource-1.10-150200.10.1
- SUSE Manager Proxy 4.1 (x86_64):
gzip-1.10-150200.10.1
gzip-debuginfo-1.10-150200.10.1
gzip-debugsource-1.10-150200.10.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64):
gzip-1.10-150200.10.1
gzip-debuginfo-1.10-150200.10.1
gzip-debugsource-1.10-150200.10.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64):
gzip-1.10-150200.10.1
gzip-debuginfo-1.10-150200.10.1
gzip-debugsource-1.10-150200.10.1
- SUSE Linux Enterprise Server 15-SP2-BCL (x86_64):
gzip-1.10-150200.10.1
gzip-debuginfo-1.10-150200.10.1
gzip-debugsource-1.10-150200.10.1
- SUSE Linux Enterprise Realtime Extension 15-SP2 (x86_64):
gzip-1.10-150200.10.1
gzip-debuginfo-1.10-150200.10.1
gzip-debugsource-1.10-150200.10.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64 ppc64le s390x x86_64):
gzip-1.10-150200.10.1
gzip-debuginfo-1.10-150200.10.1
gzip-debugsource-1.10-150200.10.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64):
gzip-1.10-150200.10.1
gzip-debuginfo-1.10-150200.10.1
gzip-debugsource-1.10-150200.10.1
- SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64):
gzip-1.10-150200.10.1
gzip-debuginfo-1.10-150200.10.1
gzip-debugsource-1.10-150200.10.1
- SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64):
gzip-1.10-150200.10.1
gzip-debuginfo-1.10-150200.10.1
gzip-debugsource-1.10-150200.10.1
- SUSE Linux Enterprise Micro 5.0 (aarch64 x86_64):
gzip-1.10-150200.10.1
gzip-debuginfo-1.10-150200.10.1
gzip-debugsource-1.10-150200.10.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64):
gzip-1.10-150200.10.1
gzip-debuginfo-1.10-150200.10.1
gzip-debugsource-1.10-150200.10.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (aarch64 x86_64):
gzip-1.10-150200.10.1
gzip-debuginfo-1.10-150200.10.1
gzip-debugsource-1.10-150200.10.1
- SUSE Enterprise Storage 7 (aarch64 x86_64):
gzip-1.10-150200.10.1
gzip-debuginfo-1.10-150200.10.1
gzip-debugsource-1.10-150200.10.1
References:
https://www.suse.com/security/cve/CVE-2022-1271.html
https://bugzilla.suse.com/1198062
https://bugzilla.suse.com/1198922
1
0
openSUSE-SU-2022:0132-1: important: Security update for php-composer
by opensuse-security@opensuse.org 10 May '22
by opensuse-security@opensuse.org 10 May '22
10 May '22
openSUSE Security Update: Security update for php-composer
______________________________________________________________________________
Announcement ID: openSUSE-SU-2022:0132-1
Rating: important
References: #1198494
Cross-References: CVE-2021-41116 CVE-2022-24828
CVSS scores:
CVE-2021-41116 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-24828 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-24828 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected Products:
openSUSE Backports SLE-15-SP3
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for php-composer fixes the following issues:
php-composer was updated to version 1.10.26:
* Security: Fixed command injection vulnerability in HgDriver/GitDriver:
CVE-2022-24828 boo#1198494
Update to version 1.10.25
* Fix regression with PHP 8.1.0 and 8.1.1
Update to version 1.10.24
* Fixed PHP 8.1 compatibility
Update to version 1.10.23
* Security: Fixed command injection vulnerability CVE-2021-41116
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Backports SLE-15-SP3:
zypper in -t patch openSUSE-2022-132=1
Package List:
- openSUSE Backports SLE-15-SP3 (noarch):
php-composer-1.10.26-bp153.2.6.1
References:
https://www.suse.com/security/cve/CVE-2021-41116.html
https://www.suse.com/security/cve/CVE-2022-24828.html
https://bugzilla.suse.com/1198494
1
0
SUSE-SU-2022:1583-1: important: Security update for rsyslog
by opensuse-security@opensuse.org 09 May '22
by opensuse-security@opensuse.org 09 May '22
09 May '22
SUSE Security Update: Security update for rsyslog
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1583-1
Rating: important
References: #1199061
Cross-References: CVE-2022-24903
CVSS scores:
CVE-2022-24903 (SUSE): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products:
SUSE Enterprise Storage 7
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Server Applications 15-SP3
SUSE Linux Enterprise Realtime Extension 15-SP2
SUSE Linux Enterprise Server 15-SP2-BCL
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.1
SUSE Manager Server 4.1
SUSE Manager Server 4.2
openSUSE Leap 15.3
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for rsyslog fixes the following issues:
- CVE-2022-24903: Fixed potential heap buffer overflow in modules for TCP
syslog reception (bsc#1199061).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1583=1
- SUSE Manager Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-1583=1
- SUSE Manager Retail Branch Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-1583=1
- SUSE Manager Proxy 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-1583=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-1583=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-1583=1
- SUSE Linux Enterprise Server 15-SP2-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-1583=1
- SUSE Linux Enterprise Realtime Extension 15-SP2:
zypper in -t patch SUSE-SLE-Product-RT-15-SP2-2022-1583=1
- SUSE Linux Enterprise Module for Server Applications 15-SP3:
zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP3-2022-1583=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-1583=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-1583=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-1583=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2022-1583=1
Package List:
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
rsyslog-8.2106.0-150200.4.26.1
rsyslog-debuginfo-8.2106.0-150200.4.26.1
rsyslog-debugsource-8.2106.0-150200.4.26.1
rsyslog-diag-tools-8.2106.0-150200.4.26.1
rsyslog-diag-tools-debuginfo-8.2106.0-150200.4.26.1
rsyslog-doc-8.2106.0-150200.4.26.1
rsyslog-module-dbi-8.2106.0-150200.4.26.1
rsyslog-module-dbi-debuginfo-8.2106.0-150200.4.26.1
rsyslog-module-elasticsearch-8.2106.0-150200.4.26.1
rsyslog-module-elasticsearch-debuginfo-8.2106.0-150200.4.26.1
rsyslog-module-gcrypt-8.2106.0-150200.4.26.1
rsyslog-module-gcrypt-debuginfo-8.2106.0-150200.4.26.1
rsyslog-module-gssapi-8.2106.0-150200.4.26.1
rsyslog-module-gssapi-debuginfo-8.2106.0-150200.4.26.1
rsyslog-module-gtls-8.2106.0-150200.4.26.1
rsyslog-module-gtls-debuginfo-8.2106.0-150200.4.26.1
rsyslog-module-mmnormalize-8.2106.0-150200.4.26.1
rsyslog-module-mmnormalize-debuginfo-8.2106.0-150200.4.26.1
rsyslog-module-mysql-8.2106.0-150200.4.26.1
rsyslog-module-mysql-debuginfo-8.2106.0-150200.4.26.1
rsyslog-module-omamqp1-8.2106.0-150200.4.26.1
rsyslog-module-omamqp1-debuginfo-8.2106.0-150200.4.26.1
rsyslog-module-omhttpfs-8.2106.0-150200.4.26.1
rsyslog-module-omhttpfs-debuginfo-8.2106.0-150200.4.26.1
rsyslog-module-omtcl-8.2106.0-150200.4.26.1
rsyslog-module-omtcl-debuginfo-8.2106.0-150200.4.26.1
rsyslog-module-ossl-8.2106.0-150200.4.26.1
rsyslog-module-ossl-debuginfo-8.2106.0-150200.4.26.1
rsyslog-module-pgsql-8.2106.0-150200.4.26.1
rsyslog-module-pgsql-debuginfo-8.2106.0-150200.4.26.1
rsyslog-module-relp-8.2106.0-150200.4.26.1
rsyslog-module-relp-debuginfo-8.2106.0-150200.4.26.1
rsyslog-module-snmp-8.2106.0-150200.4.26.1
rsyslog-module-snmp-debuginfo-8.2106.0-150200.4.26.1
rsyslog-module-udpspoof-8.2106.0-150200.4.26.1
rsyslog-module-udpspoof-debuginfo-8.2106.0-150200.4.26.1
- SUSE Manager Server 4.1 (ppc64le s390x x86_64):
rsyslog-8.2106.0-150200.4.26.1
rsyslog-debuginfo-8.2106.0-150200.4.26.1
rsyslog-debugsource-8.2106.0-150200.4.26.1
rsyslog-module-gssapi-8.2106.0-150200.4.26.1
rsyslog-module-gssapi-debuginfo-8.2106.0-150200.4.26.1
rsyslog-module-gtls-8.2106.0-150200.4.26.1
rsyslog-module-gtls-debuginfo-8.2106.0-150200.4.26.1
rsyslog-module-mmnormalize-8.2106.0-150200.4.26.1
rsyslog-module-mmnormalize-debuginfo-8.2106.0-150200.4.26.1
rsyslog-module-mysql-8.2106.0-150200.4.26.1
rsyslog-module-mysql-debuginfo-8.2106.0-150200.4.26.1
rsyslog-module-pgsql-8.2106.0-150200.4.26.1
rsyslog-module-pgsql-debuginfo-8.2106.0-150200.4.26.1
rsyslog-module-relp-8.2106.0-150200.4.26.1
rsyslog-module-relp-debuginfo-8.2106.0-150200.4.26.1
rsyslog-module-snmp-8.2106.0-150200.4.26.1
rsyslog-module-snmp-debuginfo-8.2106.0-150200.4.26.1
rsyslog-module-udpspoof-8.2106.0-150200.4.26.1
rsyslog-module-udpspoof-debuginfo-8.2106.0-150200.4.26.1
- SUSE Manager Retail Branch Server 4.1 (x86_64):
rsyslog-8.2106.0-150200.4.26.1
rsyslog-debuginfo-8.2106.0-150200.4.26.1
rsyslog-debugsource-8.2106.0-150200.4.26.1
rsyslog-module-gssapi-8.2106.0-150200.4.26.1
rsyslog-module-gssapi-debuginfo-8.2106.0-150200.4.26.1
rsyslog-module-gtls-8.2106.0-150200.4.26.1
rsyslog-module-gtls-debuginfo-8.2106.0-150200.4.26.1
rsyslog-module-mmnormalize-8.2106.0-150200.4.26.1
rsyslog-module-mmnormalize-debuginfo-8.2106.0-150200.4.26.1
rsyslog-module-mysql-8.2106.0-150200.4.26.1
rsyslog-module-mysql-debuginfo-8.2106.0-150200.4.26.1
rsyslog-module-pgsql-8.2106.0-150200.4.26.1
rsyslog-module-pgsql-debuginfo-8.2106.0-150200.4.26.1
rsyslog-module-relp-8.2106.0-150200.4.26.1
rsyslog-module-relp-debuginfo-8.2106.0-150200.4.26.1
rsyslog-module-snmp-8.2106.0-150200.4.26.1
rsyslog-module-snmp-debuginfo-8.2106.0-150200.4.26.1
rsyslog-module-udpspoof-8.2106.0-150200.4.26.1
rsyslog-module-udpspoof-debuginfo-8.2106.0-150200.4.26.1
- SUSE Manager Proxy 4.1 (x86_64):
rsyslog-8.2106.0-150200.4.26.1
rsyslog-debuginfo-8.2106.0-150200.4.26.1
rsyslog-debugsource-8.2106.0-150200.4.26.1
rsyslog-module-gssapi-8.2106.0-150200.4.26.1
rsyslog-module-gssapi-debuginfo-8.2106.0-150200.4.26.1
rsyslog-module-gtls-8.2106.0-150200.4.26.1
rsyslog-module-gtls-debuginfo-8.2106.0-150200.4.26.1
rsyslog-module-mmnormalize-8.2106.0-150200.4.26.1
rsyslog-module-mmnormalize-debuginfo-8.2106.0-150200.4.26.1
rsyslog-module-mysql-8.2106.0-150200.4.26.1
rsyslog-module-mysql-debuginfo-8.2106.0-150200.4.26.1
rsyslog-module-pgsql-8.2106.0-150200.4.26.1
rsyslog-module-pgsql-debuginfo-8.2106.0-150200.4.26.1
rsyslog-module-relp-8.2106.0-150200.4.26.1
rsyslog-module-relp-debuginfo-8.2106.0-150200.4.26.1
rsyslog-module-snmp-8.2106.0-150200.4.26.1
rsyslog-module-snmp-debuginfo-8.2106.0-150200.4.26.1
rsyslog-module-udpspoof-8.2106.0-150200.4.26.1
rsyslog-module-udpspoof-debuginfo-8.2106.0-150200.4.26.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64):
rsyslog-8.2106.0-150200.4.26.1
rsyslog-debuginfo-8.2106.0-150200.4.26.1
rsyslog-debugsource-8.2106.0-150200.4.26.1
rsyslog-module-gssapi-8.2106.0-150200.4.26.1
rsyslog-module-gssapi-debuginfo-8.2106.0-150200.4.26.1
rsyslog-module-gtls-8.2106.0-150200.4.26.1
rsyslog-module-gtls-debuginfo-8.2106.0-150200.4.26.1
rsyslog-module-mmnormalize-8.2106.0-150200.4.26.1
rsyslog-module-mmnormalize-debuginfo-8.2106.0-150200.4.26.1
rsyslog-module-mysql-8.2106.0-150200.4.26.1
rsyslog-module-mysql-debuginfo-8.2106.0-150200.4.26.1
rsyslog-module-pgsql-8.2106.0-150200.4.26.1
rsyslog-module-pgsql-debuginfo-8.2106.0-150200.4.26.1
rsyslog-module-relp-8.2106.0-150200.4.26.1
rsyslog-module-relp-debuginfo-8.2106.0-150200.4.26.1
rsyslog-module-snmp-8.2106.0-150200.4.26.1
rsyslog-module-snmp-debuginfo-8.2106.0-150200.4.26.1
rsyslog-module-udpspoof-8.2106.0-150200.4.26.1
rsyslog-module-udpspoof-debuginfo-8.2106.0-150200.4.26.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64):
rsyslog-8.2106.0-150200.4.26.1
rsyslog-debuginfo-8.2106.0-150200.4.26.1
rsyslog-debugsource-8.2106.0-150200.4.26.1
rsyslog-module-gssapi-8.2106.0-150200.4.26.1
rsyslog-module-gssapi-debuginfo-8.2106.0-150200.4.26.1
rsyslog-module-gtls-8.2106.0-150200.4.26.1
rsyslog-module-gtls-debuginfo-8.2106.0-150200.4.26.1
rsyslog-module-mmnormalize-8.2106.0-150200.4.26.1
rsyslog-module-mmnormalize-debuginfo-8.2106.0-150200.4.26.1
rsyslog-module-mysql-8.2106.0-150200.4.26.1
rsyslog-module-mysql-debuginfo-8.2106.0-150200.4.26.1
rsyslog-module-pgsql-8.2106.0-150200.4.26.1
rsyslog-module-pgsql-debuginfo-8.2106.0-150200.4.26.1
rsyslog-module-relp-8.2106.0-150200.4.26.1
rsyslog-module-relp-debuginfo-8.2106.0-150200.4.26.1
rsyslog-module-snmp-8.2106.0-150200.4.26.1
rsyslog-module-snmp-debuginfo-8.2106.0-150200.4.26.1
rsyslog-module-udpspoof-8.2106.0-150200.4.26.1
rsyslog-module-udpspoof-debuginfo-8.2106.0-150200.4.26.1
- SUSE Linux Enterprise Server 15-SP2-BCL (x86_64):
rsyslog-8.2106.0-150200.4.26.1
rsyslog-debuginfo-8.2106.0-150200.4.26.1
rsyslog-debugsource-8.2106.0-150200.4.26.1
rsyslog-module-gssapi-8.2106.0-150200.4.26.1
rsyslog-module-gssapi-debuginfo-8.2106.0-150200.4.26.1
rsyslog-module-gtls-8.2106.0-150200.4.26.1
rsyslog-module-gtls-debuginfo-8.2106.0-150200.4.26.1
rsyslog-module-mmnormalize-8.2106.0-150200.4.26.1
rsyslog-module-mmnormalize-debuginfo-8.2106.0-150200.4.26.1
rsyslog-module-mysql-8.2106.0-150200.4.26.1
rsyslog-module-mysql-debuginfo-8.2106.0-150200.4.26.1
rsyslog-module-pgsql-8.2106.0-150200.4.26.1
rsyslog-module-pgsql-debuginfo-8.2106.0-150200.4.26.1
rsyslog-module-relp-8.2106.0-150200.4.26.1
rsyslog-module-relp-debuginfo-8.2106.0-150200.4.26.1
rsyslog-module-snmp-8.2106.0-150200.4.26.1
rsyslog-module-snmp-debuginfo-8.2106.0-150200.4.26.1
rsyslog-module-udpspoof-8.2106.0-150200.4.26.1
rsyslog-module-udpspoof-debuginfo-8.2106.0-150200.4.26.1
- SUSE Linux Enterprise Realtime Extension 15-SP2 (x86_64):
rsyslog-8.2106.0-150200.4.26.1
rsyslog-debuginfo-8.2106.0-150200.4.26.1
rsyslog-debugsource-8.2106.0-150200.4.26.1
rsyslog-module-gssapi-8.2106.0-150200.4.26.1
rsyslog-module-gssapi-debuginfo-8.2106.0-150200.4.26.1
rsyslog-module-gtls-8.2106.0-150200.4.26.1
rsyslog-module-gtls-debuginfo-8.2106.0-150200.4.26.1
rsyslog-module-mmnormalize-8.2106.0-150200.4.26.1
rsyslog-module-mmnormalize-debuginfo-8.2106.0-150200.4.26.1
rsyslog-module-mysql-8.2106.0-150200.4.26.1
rsyslog-module-mysql-debuginfo-8.2106.0-150200.4.26.1
rsyslog-module-pgsql-8.2106.0-150200.4.26.1
rsyslog-module-pgsql-debuginfo-8.2106.0-150200.4.26.1
rsyslog-module-relp-8.2106.0-150200.4.26.1
rsyslog-module-relp-debuginfo-8.2106.0-150200.4.26.1
rsyslog-module-snmp-8.2106.0-150200.4.26.1
rsyslog-module-snmp-debuginfo-8.2106.0-150200.4.26.1
rsyslog-module-udpspoof-8.2106.0-150200.4.26.1
rsyslog-module-udpspoof-debuginfo-8.2106.0-150200.4.26.1
- SUSE Linux Enterprise Module for Server Applications 15-SP3 (aarch64 ppc64le s390x x86_64):
rsyslog-debuginfo-8.2106.0-150200.4.26.1
rsyslog-debugsource-8.2106.0-150200.4.26.1
rsyslog-module-gssapi-8.2106.0-150200.4.26.1
rsyslog-module-gssapi-debuginfo-8.2106.0-150200.4.26.1
rsyslog-module-gtls-8.2106.0-150200.4.26.1
rsyslog-module-gtls-debuginfo-8.2106.0-150200.4.26.1
rsyslog-module-mmnormalize-8.2106.0-150200.4.26.1
rsyslog-module-mmnormalize-debuginfo-8.2106.0-150200.4.26.1
rsyslog-module-mysql-8.2106.0-150200.4.26.1
rsyslog-module-mysql-debuginfo-8.2106.0-150200.4.26.1
rsyslog-module-pgsql-8.2106.0-150200.4.26.1
rsyslog-module-pgsql-debuginfo-8.2106.0-150200.4.26.1
rsyslog-module-relp-8.2106.0-150200.4.26.1
rsyslog-module-relp-debuginfo-8.2106.0-150200.4.26.1
rsyslog-module-snmp-8.2106.0-150200.4.26.1
rsyslog-module-snmp-debuginfo-8.2106.0-150200.4.26.1
rsyslog-module-udpspoof-8.2106.0-150200.4.26.1
rsyslog-module-udpspoof-debuginfo-8.2106.0-150200.4.26.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64):
rsyslog-8.2106.0-150200.4.26.1
rsyslog-debuginfo-8.2106.0-150200.4.26.1
rsyslog-debugsource-8.2106.0-150200.4.26.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64):
rsyslog-8.2106.0-150200.4.26.1
rsyslog-debuginfo-8.2106.0-150200.4.26.1
rsyslog-debugsource-8.2106.0-150200.4.26.1
rsyslog-module-gssapi-8.2106.0-150200.4.26.1
rsyslog-module-gssapi-debuginfo-8.2106.0-150200.4.26.1
rsyslog-module-gtls-8.2106.0-150200.4.26.1
rsyslog-module-gtls-debuginfo-8.2106.0-150200.4.26.1
rsyslog-module-mmnormalize-8.2106.0-150200.4.26.1
rsyslog-module-mmnormalize-debuginfo-8.2106.0-150200.4.26.1
rsyslog-module-mysql-8.2106.0-150200.4.26.1
rsyslog-module-mysql-debuginfo-8.2106.0-150200.4.26.1
rsyslog-module-pgsql-8.2106.0-150200.4.26.1
rsyslog-module-pgsql-debuginfo-8.2106.0-150200.4.26.1
rsyslog-module-relp-8.2106.0-150200.4.26.1
rsyslog-module-relp-debuginfo-8.2106.0-150200.4.26.1
rsyslog-module-snmp-8.2106.0-150200.4.26.1
rsyslog-module-snmp-debuginfo-8.2106.0-150200.4.26.1
rsyslog-module-udpspoof-8.2106.0-150200.4.26.1
rsyslog-module-udpspoof-debuginfo-8.2106.0-150200.4.26.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (aarch64 x86_64):
rsyslog-8.2106.0-150200.4.26.1
rsyslog-debuginfo-8.2106.0-150200.4.26.1
rsyslog-debugsource-8.2106.0-150200.4.26.1
rsyslog-module-gssapi-8.2106.0-150200.4.26.1
rsyslog-module-gssapi-debuginfo-8.2106.0-150200.4.26.1
rsyslog-module-gtls-8.2106.0-150200.4.26.1
rsyslog-module-gtls-debuginfo-8.2106.0-150200.4.26.1
rsyslog-module-mmnormalize-8.2106.0-150200.4.26.1
rsyslog-module-mmnormalize-debuginfo-8.2106.0-150200.4.26.1
rsyslog-module-mysql-8.2106.0-150200.4.26.1
rsyslog-module-mysql-debuginfo-8.2106.0-150200.4.26.1
rsyslog-module-pgsql-8.2106.0-150200.4.26.1
rsyslog-module-pgsql-debuginfo-8.2106.0-150200.4.26.1
rsyslog-module-relp-8.2106.0-150200.4.26.1
rsyslog-module-relp-debuginfo-8.2106.0-150200.4.26.1
rsyslog-module-snmp-8.2106.0-150200.4.26.1
rsyslog-module-snmp-debuginfo-8.2106.0-150200.4.26.1
rsyslog-module-udpspoof-8.2106.0-150200.4.26.1
rsyslog-module-udpspoof-debuginfo-8.2106.0-150200.4.26.1
- SUSE Enterprise Storage 7 (aarch64 x86_64):
rsyslog-8.2106.0-150200.4.26.1
rsyslog-debuginfo-8.2106.0-150200.4.26.1
rsyslog-debugsource-8.2106.0-150200.4.26.1
rsyslog-module-gssapi-8.2106.0-150200.4.26.1
rsyslog-module-gssapi-debuginfo-8.2106.0-150200.4.26.1
rsyslog-module-gtls-8.2106.0-150200.4.26.1
rsyslog-module-gtls-debuginfo-8.2106.0-150200.4.26.1
rsyslog-module-mmnormalize-8.2106.0-150200.4.26.1
rsyslog-module-mmnormalize-debuginfo-8.2106.0-150200.4.26.1
rsyslog-module-mysql-8.2106.0-150200.4.26.1
rsyslog-module-mysql-debuginfo-8.2106.0-150200.4.26.1
rsyslog-module-pgsql-8.2106.0-150200.4.26.1
rsyslog-module-pgsql-debuginfo-8.2106.0-150200.4.26.1
rsyslog-module-relp-8.2106.0-150200.4.26.1
rsyslog-module-relp-debuginfo-8.2106.0-150200.4.26.1
rsyslog-module-snmp-8.2106.0-150200.4.26.1
rsyslog-module-snmp-debuginfo-8.2106.0-150200.4.26.1
rsyslog-module-udpspoof-8.2106.0-150200.4.26.1
rsyslog-module-udpspoof-debuginfo-8.2106.0-150200.4.26.1
References:
https://www.suse.com/security/cve/CVE-2022-24903.html
https://bugzilla.suse.com/1199061
1
0
09 May '22
SUSE Security Update: Security update for ldb
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1576-1
Rating: low
References: #1198397
Cross-References: CVE-2021-3670
CVSS scores:
CVE-2021-3670 (SUSE): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Affected Products:
SUSE Enterprise Storage 7.1
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Micro 5.1
SUSE Linux Enterprise Micro 5.2
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Manager Proxy 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.3
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for ldb fixes the following issues:
- Update to version 2.4.2
- CVE-2021-3670: Fixed an issue where the LDAP server MaxQueryDuration
value would not be honoured (bsc#1198397).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1576=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-1576=1
- SUSE Linux Enterprise Micro 5.2:
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2022-1576=1
- SUSE Linux Enterprise Micro 5.1:
zypper in -t patch SUSE-SUSE-MicroOS-5.1-2022-1576=1
- SUSE Enterprise Storage 7.1:
zypper in -t patch SUSE-Storage-7.1-2022-1576=1
Package List:
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
ldb-debugsource-2.4.2-150300.3.15.1
ldb-tools-2.4.2-150300.3.15.1
ldb-tools-debuginfo-2.4.2-150300.3.15.1
libldb-devel-2.4.2-150300.3.15.1
libldb2-2.4.2-150300.3.15.1
libldb2-debuginfo-2.4.2-150300.3.15.1
python3-ldb-2.4.2-150300.3.15.1
python3-ldb-debuginfo-2.4.2-150300.3.15.1
python3-ldb-devel-2.4.2-150300.3.15.1
- openSUSE Leap 15.3 (x86_64):
libldb2-32bit-2.4.2-150300.3.15.1
libldb2-32bit-debuginfo-2.4.2-150300.3.15.1
python3-ldb-32bit-2.4.2-150300.3.15.1
python3-ldb-32bit-debuginfo-2.4.2-150300.3.15.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64):
ldb-debugsource-2.4.2-150300.3.15.1
ldb-tools-2.4.2-150300.3.15.1
ldb-tools-debuginfo-2.4.2-150300.3.15.1
libldb-devel-2.4.2-150300.3.15.1
libldb2-2.4.2-150300.3.15.1
libldb2-debuginfo-2.4.2-150300.3.15.1
python3-ldb-2.4.2-150300.3.15.1
python3-ldb-debuginfo-2.4.2-150300.3.15.1
python3-ldb-devel-2.4.2-150300.3.15.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (x86_64):
libldb2-32bit-2.4.2-150300.3.15.1
libldb2-32bit-debuginfo-2.4.2-150300.3.15.1
- SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64):
ldb-debugsource-2.4.2-150300.3.15.1
libldb2-2.4.2-150300.3.15.1
libldb2-debuginfo-2.4.2-150300.3.15.1
- SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64):
ldb-debugsource-2.4.2-150300.3.15.1
libldb2-2.4.2-150300.3.15.1
libldb2-debuginfo-2.4.2-150300.3.15.1
- SUSE Enterprise Storage 7.1 (aarch64 x86_64):
ldb-debugsource-2.4.2-150300.3.15.1
libldb2-2.4.2-150300.3.15.1
libldb2-debuginfo-2.4.2-150300.3.15.1
python3-ldb-2.4.2-150300.3.15.1
python3-ldb-debuginfo-2.4.2-150300.3.15.1
References:
https://www.suse.com/security/cve/CVE-2021-3670.html
https://bugzilla.suse.com/1198397
1
0
openSUSE-SU-2022:0131-1: important: Security update for the Linux Kernel
by opensuse-security@opensuse.org 07 May '22
by opensuse-security@opensuse.org 07 May '22
07 May '22
SUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________
Announcement ID: openSUSE-SU-2022:0131-1
Rating: important
References: #1139944 #1151927 #1152489 #1153275 #1154353
#1154355 #1161907 #1164565 #1166780 #1169514
#1176242 #1176447 #1176536 #1176544 #1176545
#1176546 #1176548 #1176558 #1176559 #1176774
#1176940 #1176956 #1177440 #1178134 #1178270
#1179211 #1179424 #1179426 #1179427 #1179599
#1181148 #1181507 #1181710 #1182404 #1183534
#1183540 #1183897 #1184318 #1185726 #1185902
#1186332 #1187541 #1189126 #1189158 #1191793
#1191876 #1192267 #1192320 #1192507 #1192511
#1192569 #1192606 #1192691 #1192845 #1192847
#1192874 #1192946 #1192969 #1192987 #1192990
#1192998 #1193002 #1193042 #1193139 #1193169
#1193306 #1193318 #1193349 #1193440 #1193442
#1193655 #1193993 #1194087 #1194094 #1195323
SLE-22574
Cross-References: CVE-2020-24504 CVE-2020-27820 CVE-2021-2032
CVE-2021-28711 CVE-2021-28712 CVE-2021-28713
CVE-2021-28714 CVE-2021-28715 CVE-2021-4001
CVE-2021-4002 CVE-2021-43975 CVE-2021-43976
CVE-2021-45485 CVE-2021-45486
CVSS scores:
CVE-2020-24504 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2020-24504 (SUSE): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
CVE-2020-27820 (SUSE): 3.1 CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:L
CVE-2021-2032 (NVD) : 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
CVE-2021-28711 (NVD) : 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
CVE-2021-28711 (SUSE): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2021-28712 (NVD) : 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
CVE-2021-28712 (SUSE): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2021-28713 (NVD) : 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
CVE-2021-28713 (SUSE): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2021-28714 (NVD) : 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
CVE-2021-28714 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2021-28715 (NVD) : 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
CVE-2021-28715 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2021-4001 (SUSE): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2021-4002 (NVD) : 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
CVE-2021-4002 (SUSE): 5.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
CVE-2021-43975 (NVD) : 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CVE-2021-43975 (SUSE): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CVE-2021-43976 (NVD) : 4.6 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2021-43976 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2021-45485 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CVE-2021-45485 (SUSE): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
CVE-2021-45486 (NVD) : 3.5 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
CVE-2021-45486 (SUSE): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
Affected Products:
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that solves 14 vulnerabilities, contains one
feature and has 61 fixes is now available.
Description:
The SUSE Linux Enterprise 15 SP3 kernel was updated
- Unprivileged BPF has been disabled by default to reduce attack surface
as too many security issues have happened in the past (jsc#SLE-22573)
You can reenable via systemctl setting
/proc/sys/kernel/unprivileged_bpf_disabled to 0.
(kernel.unprivileged_bpf_disabled = 0)
The following security bugs were fixed:
- CVE-2021-45485: Fixed an information leak because of certain use of a
hash table which use IPv6 source addresses. (bsc#1194094)
- CVE-2021-45486: Fixed an information leak because the hash table is very
small in net/ipv4/route.c. (bnc#1194087).
- CVE-2021-4001: Fixed a race condition when the EBPF map is frozen.
(bsc#1192990)
- CVE-2021-28715: Fixed an issue where a guest could force Linux netback
driver to hog large amounts of kernel memory by do not queueing
unlimited number of packages. (bsc#1193442)
- CVE-2021-28714: Fixed an issue where a guest could force Linux netback
driver to hog large amounts of kernel memory by fixing rx queue stall
detection. (bsc#1193442)
- CVE-2021-28713: Fixed a rogue backends that could cause DoS of guests
via high frequency events by hardening hvc_xen against event channel
storms. (bsc#1193440)
- CVE-2021-28712: Fixed a rogue backends that could cause DoS of guests
via high frequency events by hardening netfront against event channel
storms. (bsc#1193440)
- CVE-2021-28711: Fixed a rogue backends that could cause DoS of guests
via high frequency events by hardening blkfront against event channel
storms. (bsc#1193440)
- CVE-2020-24504: Fixed an uncontrolled resource consumption in some
Intel(R) Ethernet E810 Adapter drivers that may have allowed an
authenticated user to potentially enable denial of service via local
access. (bnc#1182404)
- CVE-2021-43975: Fixed a flaw in hw_atl_utils_fw_rpc_wait that could
allow an attacker (who can introduce a crafted device) to trigger an
out-of-bounds write via a crafted length value. (bnc#1192845)
- CVE-2021-43976: Fixed a flaw that could allow an attacker (who can
connect a crafted USB device) to cause a denial of service. (bnc#1192847)
- CVE-2021-4002: Added a missing TLB flush that could lead to leak or
corruption of data in hugetlbfs. (bsc#1192946)
- CVE-2020-27820: Fixed a vulnerability where a use-after-frees in
nouveau's postclose() handler could happen if removing device.
(bnc#1179599)
The following non-security bugs were fixed:
- ACPI: battery: Accept charges over the design capacity as full
(git-fixes).
- ACPI: PMIC: Fix intel_pmic_regs_handler() read accesses (git-fixes).
- ACPICA: Avoid evaluating methods too early during system resume
(git-fixes).
- Add SMB 2 support for getting and setting SACLs (bsc#1192606).
- Add to supported.conf: fs/smbfs_common/cifs_arc4 fs/smbfs_common/cifs_md4
- ALSA: ctxfi: Fix out-of-range access (git-fixes).
- ALSA: gus: fix null pointer dereference on pointer block (git-fixes).
- ALSA: hda: hdac_ext_stream: fix potential locking issues (git-fixes).
- ALSA: hda: hdac_stream: fix potential locking issue in
snd_hdac_stream_assign() (git-fixes).
- ALSA: hda/realtek: Add a quirk for Acer Spin SP513-54N (git-fixes).
- ALSA: hda/realtek: Add quirk for ASUS UX550VE (git-fixes).
- ALSA: hda/realtek: Add quirk for Clevo PC70HS (git-fixes).
- ALSA: hda/realtek: Add quirk for HP EliteBook 840 G7 mute LED
(git-fixes).
- ALSA: ISA: not for M68K (git-fixes).
- ALSA: synth: missing check for possible NULL after the call to kstrdup
(git-fixes).
- ALSA: timer: Fix use-after-free problem (git-fixes).
- ALSA: timer: Unconditionally unlink slave instances, too (git-fixes).
- ALSA: usb-audio: Add registration quirk for JBL Quantum 400 (git-fixes).
- ARM: 8970/1: decompressor: increase tag size (git-fixes).
- ARM: 8974/1: use SPARSMEM_STATIC when SPARSEMEM is enabled (git-fixes)
- ARM: 8986/1: hw_breakpoint: Do not invoke overflow handler on uaccess
watchpoints (git-fixes)
- ARM: 9007/1: l2c: fix prefetch bits init in L2X0_AUX_CTRL using DT
(git-fixes)
- ARM: 9019/1: kprobes: Avoid fortify_panic() when copying optprobe
(git-fixes)
- ARM: 9046/1: decompressor: Do not clear SCTLR.nTLSMD for ARMv7+ cores
(git-fixes)
- ARM: 9064/1: hw_breakpoint: Do not directly check the event's (git-fixes)
- ARM: 9071/1: uprobes: Do not hook on thumb instructions (git-fixes)
- ARM: 9081/1: fix gcc-10 thumb2-kernel regression (git-fixes)
- ARM: 9091/1: Revert "mm: qsd8x50: Fix incorrect permission faults"
(git-fixes)
- ARM: 9133/1: mm: proc-macros: ensure *_tlb_fns are 4B aligned (git-fixes)
- ARM: 9134/1: remove duplicate memcpy() definition (git-fixes)
- ARM: 9139/1: kprobes: fix arch_init_kprobes() prototype (git-fixes)
- ARM: 9141/1: only warn about XIP address when not compile testing
(git-fixes)
- ARM: 9155/1: fix early early_iounmap() (git-fixes)
- ARM: at91: pm: add missing put_device() call in at91_pm_sram_init()
(git-fixes)
- ARM: at91: pm: of_node_put() after its usage (git-fixes)
- ARM: at91: pm: use proper master clock register offset (git-fixes)
- ARM: bcm: Select ARM_TIMER_SP804 for ARCH_BCM_NSP (git-fixes)
- ARM: dts sunxi: Relax a bit the CMA pool allocation range (git-fixes)
- ARM: dts: am335x-pocketbeagle: Fix mmc0 Write Protect (git-fixes)
- ARM: dts: am335x: align ti,pindir-d0-out-d1-in property with dt-shema
(git-fixes)
- ARM: dts: am437x-idk-evm: Fix incorrect OPP node names (git-fixes)
- ARM: dts: am437x-l4: fix typo in can@0 node (git-fixes)
- ARM: dts: armada-38x: fix NETA lockup when repeatedly switching speeds
(git-fixes)
- ARM: dts: armada388-helios4: assign pinctrl to each fan (git-fixes)
- ARM: dts: armada388-helios4: assign pinctrl to LEDs (git-fixes)
- ARM: dts: aspeed: s2600wf: Fix VGA memory region location (git-fixes)
- ARM: dts: aspeed: tiogapass: Remove vuart (git-fixes)
- ARM: dts: at91-sama5d27_som1: fix phy address to 7 (git-fixes)
- ARM: dts: at91: add pinctrl-{names, 0} for all gpios (git-fixes)
- ARM: dts: at91: at91sam9rl: fix ADC triggers (git-fixes)
- ARM: dts: at91: sama5d2_ptc_ek: fix sdmmc0 node description (git-fixes)
- ARM: dts: at91: sama5d2_ptc_ek: fix vbus pin (git-fixes)
- ARM: dts: at91: sama5d2_xplained: classd: pull-down the R1 and R3 lines
(git-fixes)
- ARM: dts: at91: sama5d2: fix CAN message ram offset and size (git-fixes)
- ARM: dts: at91: sama5d2: map securam as device (git-fixes)
- ARM: dts: at91: sama5d3_xplained: add pincontrol for USB Host (git-fixes)
- ARM: dts: at91: sama5d4_xplained: add pincontrol for USB Host (git-fixes)
- ARM: dts: at91: sama5d4: fix pinctrl muxing (git-fixes)
- ARM: dts: at91: tse850: the emaclt;->phy interface is rmii (git-fixes)
- ARM: dts: bcm: HR2: Fix PPI interrupt types (git-fixes)
- ARM: dts: bcm: HR2: Fixed QSPI compatible string (git-fixes)
- ARM: dts: bcm2835-rpi-zero-w: Fix led polarity (git-fixes)
- ARM: dts: BCM5301X: Add interrupt properties to GPIO node (git-fixes)
- ARM: dts: BCM5301X: Fix I2C controller interrupt (git-fixes)
- ARM: dts: BCM5301X: Fixed QSPI compatible string (git-fixes)
- ARM: dts: colibri-imx6ull: limit SDIO clock to 25MHz (git-fixes)
- ARM: dts: Configure missing thermal interrupt for 4430 (git-fixes)
- ARM: dts: dra76x: Fix mmc3 max-frequency (git-fixes)
- ARM: dts: dra76x: m_can: fix order of clocks (git-fixes)
- ARM: dts: dra7xx-clocks: Fixup IPU1 mux clock parent source (git-fixes)
- ARM: dts: exynos: correct fuel gauge interrupt trigger level on Midas
(git-fixes)
- ARM: dts: exynos: correct MUIC interrupt trigger level on Midas
(git-fixes)
- ARM: dts: exynos: correct PMIC interrupt trigger level on Arndale
(git-fixes)
- ARM: dts: exynos: correct PMIC interrupt trigger level on Artik 5
(git-fixes)
- ARM: dts: exynos: correct PMIC interrupt trigger level on Midas
(git-fixes)
- ARM: dts: exynos: correct PMIC interrupt trigger level on Monk
(git-fixes)
- ARM: dts: exynos: correct PMIC interrupt trigger level on Odroid X/U3
(git-fixes)
- ARM: dts: exynos: correct PMIC interrupt trigger level on Odroid XU3
(git-fixes)
- ARM: dts: exynos: correct PMIC interrupt trigger level on Rinato
(git-fixes)
- ARM: dts: exynos: correct PMIC interrupt trigger level on SMDK5250
(git-fixes)
- ARM: dts: exynos: correct PMIC interrupt trigger level on Snow
(git-fixes)
- ARM: dts: exynos: correct PMIC interrupt trigger level on Spring
(git-fixes)
- ARM: dts: exynos: Fix GPIO polarity for thr GalaxyS3 CM36651 sensor's
bus (git-fixes)
- ARM: dts: exynos: fix PWM LED max brightness on Odroid HC1 (git-fixes)
- ARM: dts: exynos: fix PWM LED max brightness on Odroid XU/XU3 (git-fixes)
- ARM: dts: exynos: fix PWM LED max brightness on Odroid XU4 (git-fixes)
- ARM: dts: exynos: fix roles of USB 3.0 ports on Odroid XU (git-fixes)
- ARM: dts: exynos: fix USB 3.0 pins supply being turned off on Odroid
(git-fixes)
- ARM: dts: exynos: fix USB 3.0 VBUS control and over-current pins on
(git-fixes)
- ARM: dts: Fix dcan driver probe failed on am437x platform (git-fixes)
- ARM: dts: Fix duovero smsc interrupt for suspend (git-fixes)
- ARM: dts: gemini-rut1xx: remove duplicate ethernet node (git-fixes)
- ARM: dts: gose: Fix ports node name for adv7180 (git-fixes)
- ARM: dts: gose: Fix ports node name for adv7612 (git-fixes)
- ARM: dts: imx: emcon-avari: Fix nxp,pca8574 #gpio-cells (git-fixes)
- ARM: dts: imx: Fix USB host power regulator polarity on M53Menlo
(git-fixes)
- ARM: dts: imx: Swap M53Menlo pinctrl_power_button/pinctrl_power_out
(git-fixes)
- ARM: dts: imx27-phytec-phycard-s-rdk: Fix the I2C1 pinctrl entries
(git-fixes)
- ARM: dts: imx50-evk: Fix the chip select 1 IOMUX (git-fixes)
- ARM: dts: imx6: pbab01: Set vmmc supply for both SD interfaces
(git-fixes)
- ARM: dts: imx6: phycore-som: fix arm and soc minimum voltage (git-fixes)
- ARM: dts: imx6: phycore-som: fix emmc supply (git-fixes)
- ARM: dts: imx6: Use gpc for FEC interrupt controller to fix wake on LAN
(git-fixes)
- ARM: dts: imx6dl-colibri-eval-v3: fix sram compatible properties
(git-fixes).
- ARM: dts: imx6dl-yapp4: Fix RGMII connection to QCA8334 switch
(git-fixes)
- ARM: dts: imx6dl-yapp4: Fix Ursa board Ethernet connection (git-fixes)
- ARM: dts: imx6q-dhcom: Add gpios pinctrl for i2c bus recovery (git-fixes)
- ARM: dts: imx6q-dhcom: Add PU,VDD1P1,VDD2P5 regulators (git-fixes)
- ARM: dts: imx6q-dhcom: Fix ethernet plugin detection problems (git-fixes)
- ARM: dts: imx6q-dhcom: Fix ethernet reset time properties (git-fixes)
- ARM: dts: imx6qdl-gw52xx: fix duplicate regulator naming (git-fixes)
- ARM: dts: imx6qdl-gw551x: Do not use 'simple-audio-card,dai-link'
(git-fixes)
- ARM: dts: imx6qdl-gw551x: fix audio SSI (git-fixes)
- ARM: dts: imx6qdl-icore: Fix OTG_ID pin and sdcard detect (git-fixes)
- ARM: dts: imx6qdl-kontron-samx6i: fix i2c_lcd/cam default status
(git-fixes)
- ARM: dts: imx6qdl-kontron-samx6i: fix I2C_PM scl pin (git-fixes)
- ARM: dts: imx6qdl-sr-som: Increase the PHY reset duration to 10ms
(git-fixes)
- ARM: dts: imx6qdl-udoo: fix rgmii phy-mode for ksz9031 phy (git-fixes)
- ARM: dts: imx6sl: fix rng node (git-fixes)
- ARM: dts: imx6sx-sabreauto: Fix the phy-mode on fec2 (git-fixes)
- ARM: dts: imx6sx-sdb: Fix the phy-mode on fec2 (git-fixes)
- ARM: dts: imx6sx: Add missing UART RTS/CTS pins mux (git-fixes)
- ARM: dts: imx6sx: fix the pad QSPI1B_SCLK mux mode for uart3 (git-fixes)
- ARM: dts: imx6sx: Improve UART pins macro defines (git-fixes)
- ARM: dts: imx7-colibri: Fix frequency for sd/mmc (git-fixes)
- ARM: dts: imx7-colibri: fix muxing of usbc_det pin (git-fixes)
- ARM: dts: imx7-colibri: prepare module device tree for FlexCAN
(git-fixes)
- ARM: dts: imx7d-meerkat96: Fix the 'tuning-step' property (git-fixes)
- ARM: dts: imx7d-pico: Fix the 'tuning-step' property (git-fixes)
- ARM: dts: imx7d: Correct speed grading fuse settings (git-fixes)
- ARM: dts: imx7d: fix opp-supported-hw (git-fixes)
- ARM: dts: imx7ulp: Correct gpio ranges (git-fixes)
- ARM: dts: logicpd-som-lv-baseboard: Fix broken audio (git-fixes)
- ARM: dts: logicpd-som-lv-baseboard: Fix missing video (git-fixes)
- ARM: dts: logicpd-torpedo-baseboard: Fix broken audio (git-fixes)
- ARM: dts: lpc32xx: Revert set default clock rate of HCLK PLL (git-fixes)
- ARM: dts: ls1021a: fix QuadSPI-memory reg range (git-fixes)
- ARM: dts: ls1021a: Restore MDIO compatible to gianfar (git-fixes)
- ARM: dts: meson: fix PHY deassert timing requirements (git-fixes)
- ARM: dts: meson8: remove two invalid interrupt lines from the GPU
(git-fixes)
- ARM: dts: meson8: Use a higher default GPU clock frequency (git-fixes)
- ARM: dts: meson8b: ec100: Fix the pwm regulator supply properties
(git-fixes)
- ARM: dts: meson8b: mxq: Fix the pwm regulator supply properties
(git-fixes)
- ARM: dts: meson8b: odroidc1: Fix the pwm regulator supply properties
(git-fixes)
- ARM: dts: mt7623: add missing pause for switchport (git-fixes)
- ARM: dts: N900: fix onenand timings (git-fixes).
- ARM: dts: NSP: Correct FA2 mailbox node (git-fixes)
- ARM: dts: NSP: Disable PL330 by default, add dma-coherent property
(git-fixes)
- ARM: dts: NSP: Fixed QSPI compatible string (git-fixes)
- ARM: dts: omap3-gta04a4: accelerometer irq fix (git-fixes)
- ARM: dts: omap3430-sdp: Fix NAND device node (git-fixes)
- ARM: dts: owl-s500: Fix incorrect PPI interrupt specifiers (git-fixes)
- ARM: dts: oxnas: Fix clear-mask property (git-fixes)
- ARM: dts: pandaboard: fix pinmux for gpio user button of Pandaboard
(git-fixes)
- ARM: dts: qcom: apq8064: Use 27MHz PXO clock as DSI PLL reference
(git-fixes)
- ARM: dts: qcom: msm8974: Add xo_board reference clock to DSI0 PHY
(git-fixes)
- ARM: dts: r7s9210: Remove bogus clock-names from OSTM nodes (git-fixes)
- ARM: dts: r8a73a4: Add missing CMT1 interrupts (git-fixes)
- ARM: dts: r8a7740: Add missing extal2 to CPG node (git-fixes)
- ARM: dts: r8a7779, marzen: Fix DU clock names (git-fixes)
- ARM: dts: Remove non-existent i2c1 from 98dx3236 (git-fixes)
- ARM: dts: renesas: Fix IOMMU device node names (git-fixes)
- ARM: dts: s5pv210: Set keep-power-in-suspend for SDHCI1 on Aries
(git-fixes)
- ARM: dts: socfpga: Align L2 cache-controller nodename with dtschema
(git-fixes)
- ARM: dts: socfpga: fix register entry for timer3 on Arria10 (git-fixes)
- ARM: dts: stm32: fix a typo for DAC io-channel-cells on stm32f429
(git-fixes)
- ARM: dts: stm32: fix a typo for DAC io-channel-cells on stm32h743
(git-fixes)
- ARM: dts: sun6i: a31-hummingbird: Enable RGMII RX/TX delay on (git-fixes)
- ARM: dts: sun7i: a20: bananapro: Fix ethernet phy-mode (git-fixes)
- ARM: dts: sun7i: bananapi-m1-plus: Enable RGMII RX/TX delay on
(git-fixes)
- ARM: dts: sun7i: bananapi: Enable RGMII RX/TX delay on Ethernet PHY
(git-fixes)
- ARM: dts: sun7i: cubietruck: Enable RGMII RX/TX delay on Ethernet PHY
(git-fixes)
- ARM: dts: sun7i: pcduino3-nano: enable RGMII RX/TX delay on PHY
(git-fixes)
- ARM: dts: sun8i-a83t-tbs-a711: Fix USB OTG mode detection (git-fixes)
- ARM: dts: sun8i-h2-plus-bananapi-m2-zero: Fix led polarity (git-fixes)
- ARM: dts: sun8i: a83t: Enable both RGMII RX/TX delay on Ethernet PHY
(git-fixes)
- ARM: dts: sun8i: h3: orangepi-plus2e: Enable RGMII RX/TX delay on
(git-fixes)
- ARM: dts: sun8i: r40: bananapi-m2-berry: Fix dcdc1 regulator (git-fixes)
- ARM: dts: sun8i: r40: bananapi-m2-ultra: Fix dcdc1 regulator (git-fixes)
- ARM: dts: sun8i: r40: bananapi-m2-ultra: Fix ethernet node (git-fixes)
- ARM: dts: sun8i: r40: Move AHCI device node based on address order
(git-fixes)
- ARM: dts: sun8i: v3s: fix GIC node memory range (git-fixes)
- ARM: dts: sun8i: v40: bananapi-m2-berry: Fix ethernet node (git-fixes)
- ARM: dts: sun9i: Enable both RGMII RX/TX delay on Ethernet PHY
(git-fixes)
- ARM: dts: sunxi: bananapi-m2-plus-v1.2: Fix CPU supply voltages
(git-fixes)
- ARM: dts: sunxi: bananapi-m2-plus: Enable RGMII RX/TX delay on
(git-fixes)
- ARM: dts: sunxi: Fix DE2 clocks register range (git-fixes)
- ARM: dts: turris-omnia: add comphy handle to eth2 (git-fixes)
- ARM: dts: turris-omnia: add SFP node (git-fixes)
- ARM: dts: turris-omnia: configure LED[2]/INTn pin as interrupt pin
(git-fixes)
- ARM: dts: turris-omnia: describe switch interrupt (git-fixes)
- ARM: dts: turris-omnia: enable HW buffer management (git-fixes)
- ARM: dts: turris-omnia: fix hardware buffer management (git-fixes)
- ARM: dts: uniphier: Change phy-mode to RGMII-ID to enable delay pins
(git-fixes)
- ARM: dts: uniphier: Set SCSSI clock and reset IDs for each channel
(git-fixes).
- ARM: dts: vf610-zii-dev-rev-b: Remove #address-cells and #size-cells
(git-fixes)
- ARM: dts: vfxxx: Add syscon compatible with OCOTP (git-fixes)
- ARM: exynos: add missing of_node_put for loop iteration (git-fixes)
- ARM: exynos: MCPM: Restore big.LITTLE cpuidle support (git-fixes)
- ARM: footbridge: fix PCI interrupt mapping (git-fixes)
- ARM: imx: add missing clk_disable_unprepare() (git-fixes)
- ARM: imx: add missing iounmap() (git-fixes)
- ARM: imx: build suspend-imx6.S with arm instruction set (git-fixes)
- ARM: imx: fix missing 3rd argument in macro imx_mmdc_perf_init
(git-fixes)
- ARM: imx5: add missing put_device() call in imx_suspend_alloc_ocram()
(git-fixes)
- ARM: imx6: disable the GIC CPU interface before calling stby-poweroff
(git-fixes)
- ARM: mvebu: drop pointless check for coherency_base (git-fixes)
- ARM: OMAP2+: Fix legacy mode dss_reset (git-fixes)
- ARM: OMAP2+: omap_device: fix idling of devices during probe (git-fixes)
- ARM: OMAP2+: pm33xx-core: Make am43xx_get_rtc_base_addr static
(git-fixes)
- ARM: p2v: fix handling of LPAE translation in BE mode (git-fixes)
- ARM: s3c: irq-s3c24xx: Fix return value check for s3c24xx_init_intc()
(git-fixes)
- ARM: s3c24xx: fix missing system reset (git-fixes)
- ARM: s3c24xx: fix mmc gpio lookup tables (git-fixes)
- ARM: samsung: do not build plat/pm-common for Exynos (git-fixes)
- ARM: samsung: fix PM debug build with DEBUG_LL but !MMU (git-fixes)
- ARM: socfpga: PM: add missing put_device() call in
socfpga_setup_ocram_self_refresh() (git-fixes)
- ASoC: DAPM: Cover regression by kctl change notification fix (git-fixes).
- ASoC: nau8824: Add DMI quirk mechanism for active-high jack-detect
(git-fixes).
- ASoC: qdsp6: q6routing: Conditionally reset FrontEnd Mixer (git-fixes).
- ASoC: SOF: Intel: hda-dai: fix potential locking issue (git-fixes).
- ASoC: topology: Add missing rwsem around snd_ctl_remove() calls
(git-fixes).
- ath: dfs_pattern_detector: Fix possible null-pointer dereference in
channel_detector_create() (git-fixes).
- ath10k: fix invalid dma_addr_t token assignment (git-fixes).
- ath10k: high latency fixes for beacon buffer (git-fixes).
- Bbluetooth: btusb: Add another Bluetooth part for Realtek 8852AE
(bsc#1193655).
- bfq: Limit number of requests consumed by each cgroup (bsc#1184318).
- bfq: Store full bitmap depth in bfq_data (bsc#1184318).
- bfq: Track number of allocated requests in bfq_entity (bsc#1184318).
- block: Fix use-after-free issue accessing struct io_cq (bsc#1193042).
- block: Provide blk_mq_sched_get_icq() (bsc#1184318).
- Bluetooth: Add additional Bluetooth part for Realtek 8852AE
(bsc#1193655).
- Bluetooth: btrtl: Refine the ic_id_table for clearer and more regular
(bsc#1193655).
- Bluetooth: btusb: Add the more support IDs for Realtek RTL8822CE
(bsc#1193655).
- Bluetooth: btusb: Add the new support ID for Realtek RTL8852A
(bsc#1193655).
- Bluetooth: btusb: btrtl: Add support for RTL8852A (bsc#1193655).
- Bluetooth: fix use-after-free error in lock_sock_nested() (git-fixes).
- bnxt_en: reject indirect blk offload when hw-tc-offload is off
(jsc#SLE-8372 bsc#1153275).
- bonding: Fix a use-after-free problem when bond_sysfs_slave_add() failed
(git-fixes).
- bpf, arm: Fix register clobbering in div/mod implementation (git-fixes)
- bpf, s390: Fix potential memory leak about jit_data (git-fixes).
- bpf, x86: Fix "no previous prototype" warning (git-fixes).
- brcmfmac: Add DMI nvram filename quirk for Cyberbook T116 tablet
(git-fixes).
- btrfs: do not ignore error from btrfs_next_leaf() when inserting
checksums (bsc#1193002).
- btrfs: fix fsync failure and transaction abort after writes to prealloc
extents (bsc#1193002).
- btrfs: fix lost inode on log replay after mix of fsync, rename and inode
eviction (bsc#1192998).
- btrfs: fix race causing unnecessary inode logging during link and rename
(bsc#1192998).
- btrfs: make checksum item extension more efficient (bsc#1193002).
- cfg80211: call cfg80211_stop_ap when switch from P2P_GO type (git-fixes).
- cifs use true,false for bool variable (bsc#1164565).
- cifs_atomic_open(): fix double-put on late allocation failure
(bsc#1192606).
- cifs_debug: use %pd instead of messing with ->d_name (bsc#1192606).
- cifs: add a debug macro that prints \\server\share for errors
(bsc#1164565).
- cifs: add a function to get a cached dir based on its dentry
(bsc#1192606).
- cifs: add a helper to find an existing readable handle to a file
(bsc#1154355).
- cifs: add a timestamp to track when the lease of the cached dir was
taken (bsc#1192606).
- cifs: add an smb3_fs_context to cifs_sb (bsc#1192606).
- cifs: add FALLOC_FL_INSERT_RANGE support (bsc#1192606).
- cifs: add files to host new mount api (bsc#1192606).
- cifs: add fs_context param to parsing helpers (bsc#1192606).
- cifs: Add get_security_type_str function to return sec type
(bsc#1192606).
- cifs: add initial reconfigure support (bsc#1192606).
- cifs: add missing mount option to /proc/mounts (bsc#1164565).
- cifs: add missing parsing of backupuid (bsc#1192606).
- cifs: Add missing sentinel to smb3_fs_parameters (bsc#1192606).
- cifs: add mount parameter tcpnodelay (bsc#1192606).
- cifs: add multichannel mount options and data structs (bsc#1192606).
- cifs: add new debugging macro cifs_server_dbg (bsc#1164565).
- cifs: Add new mount parameter "acdirmax" to allow caching directory
metadata (bsc#1192606).
- cifs: Add new parameter "acregmax" for distinct file and directory
metadata timeout (bsc#1192606).
- cifs: add NULL check for ses->tcon_ipc (bsc#1178270).
- cifs: add passthrough for smb2 setinfo (bsc#1164565).
- cifs: add server param (bsc#1192606).
- cifs: add shutdown support (bsc#1192606).
- cifs: add smb2 POSIX info level (bsc#1164565).
- cifs: add SMB2_open() arg to return POSIX data (bsc#1164565).
- cifs: add SMB3 change notification support (bsc#1164565).
- cifs: add support for FALLOC_FL_COLLAPSE_RANGE (bsc#1192606).
- cifs: add support for fallocate mode 0 for non-sparse files
(bsc#1164565).
- cifs: add support for flock (bsc#1164565).
- cifs: Add support for setting owner info, dos attributes, and create
time (bsc#1164565).
- cifs: Add tracepoints for errors on flush or fsync (bsc#1164565).
- cifs: Add witness information to debug data dump (bsc#1192606).
- cifs: add witness mount option and data structs (bsc#1192606).
- cifs: added WARN_ON for all the count decrements (bsc#1192606).
- cifs: Adjust indentation in smb2_open_file (bsc#1164565).
- cifs: Adjust key sizes and key generation routines for AES256 encryption
(bsc#1192606).
- cifs: allocate buffer in the caller of build_path_from_dentry()
(bsc#1192606).
- cifs: Allocate crypto structures on the fly for calculating signatures
of incoming packets (bsc#1192606).
- cifs: Allocate encryption header through kmalloc (bsc#1192606).
- cifs: allow chmod to set mode bits using special sid (bsc#1164565).
- cifs: allow syscalls to be restarted in __smb_send_rqst() (bsc#1176956).
- cifs: allow unlock flock and OFD lock across fork (bsc#1192606).
- cifs: Always update signing key of first channel (bsc#1192606).
- cifs: ask for more credit on async read/write code paths (bsc#1192606).
- cifs: Assign boolean values to a bool variable (bsc#1192606).
- cifs: Avoid doing network I/O while holding cache lock (bsc#1164565).
- cifs: Avoid error pointer dereference (bsc#1192606).
- cifs: avoid extra calls in posix_info_parse (bsc#1192606).
- cifs: Avoid field over-reading memcpy() (bsc#1192606).
- cifs: avoid starvation when refreshing dfs cache (bsc#1185902).
- cifs: avoid using MID 0xFFFF (bnc#1151927 5.3.8).
- cifs: call wake_up(server->response_q) inside of cifs_reconnect()
(bsc#1164565).
- cifs: change confusing field serverName (to ip_addr) (bsc#1192606).
- cifs: change format of CIFS_FULL_KEY_DUMP ioctl (bsc#1192606).
- cifs: change noisy error message to FYI (bsc#1181507).
- cifs: Change SIDs in ACEs while transferring file ownership
(bsc#1192606).
- cifs: check all path components in resolved dfs target (bsc#1181710).
- cifs: check new file size when extending file by fallocate (bsc#1192606).
- cifs: check pointer before freeing (bsc#1183534).
- cifs: check the timestamp for the cached dirent when deciding on
revalidate (bsc#1192606).
- cifs: cifs_md4 convert to SPDX identifier (bsc#1192606).
- cifs: cifspdu.h: Replace one-element array with flexible-array member
(bsc#1192606).
- cifs: cifspdu.h: Replace zero-length array with flexible-array member
(bsc#1192606).
- cifs: cifsssmb: remove redundant assignment to variable ret
(bsc#1164565).
- cifs: clarify comment about timestamp granularity for old servers
(bsc#1192606).
- cifs: clarify hostname vs ip address in /proc/fs/cifs/DebugData
(bsc#1192606).
- cifs: Clarify SMB1 code for delete (bsc#1192606).
- cifs: Clarify SMB1 code for POSIX Create (bsc#1192606).
- cifs: Clarify SMB1 code for POSIX delete file (bsc#1192606).
- cifs: Clarify SMB1 code for POSIX Lock (bsc#1192606).
- cifs: Clarify SMB1 code for rename open file (bsc#1192606).
- cifs: Clarify SMB1 code for SetFileSize (bsc#1192606).
- cifs: clarify SMB1 code for UnixCreateHardLink (bsc#1192606).
- cifs: Clarify SMB1 code for UnixCreateSymLink (bsc#1192606).
- cifs: Clarify SMB1 code for UnixSetPathInfo (bsc#1192606).
- cifs: Clean up DFS referral cache (bsc#1164565).
- cifs: cleanup a few le16 vs. le32 uses in cifsacl.c (bsc#1192606).
- cifs: cleanup misc.c (bsc#1192606).
- cifs: clear PF_MEMALLOC before exiting demultiplex thread (bsc#1192606).
- cifs: Close cached root handle only if it had a lease (bsc#1164565).
- cifs: Close open handle after interrupted close (bsc#1164565).
- cifs: close the shared root handle on tree disconnect (bsc#1164565).
- cifs: compute full_path already in cifs_readdir() (bsc#1192606).
- cifs: connect individual channel servers to primary channel server
(bsc#1192606).
- cifs: connect: style: Simplify bool comparison (bsc#1192606).
- cifs: constify get_normalized_path() properly (bsc#1185902).
- cifs: constify path argument of ->make_node() (bsc#1192606).
- cifs: constify pathname arguments in a bunch of helpers (bsc#1192606).
- cifs: Constify static struct genl_ops (bsc#1192606).
- cifs: convert list_for_each to entry variant (bsc#1192606,
jsc#SLE-20042).
- cifs: convert list_for_each to entry variant in cifs_debug.c
(bsc#1192606).
- cifs: convert list_for_each to entry variant in smb2misc.c (bsc#1192606).
- cifs: convert revalidate of directories to using directory metadata
cache timeout (bsc#1192606).
- cifs: convert to use be32_add_cpu() (bsc#1192606).
- cifs: Convert to use the fallthrough macro (bsc#1192606).
- cifs: correct comments explaining internal semaphore usage in the module
(bsc#1192606).
- cifs: correct four aliased mount parms to allow use of previous names
(bsc#1192606).
- cifs: create a helper function to parse the query-directory response
buffer (bsc#1164565).
- cifs: create a helper to find a writeable handle by path name
(bsc#1154355).
- cifs: create a MD4 module and switch cifs.ko to use it (bsc#1192606).
- cifs: Create a new shared file holding smb2 pdu definitions
(bsc#1192606).
- cifs: create sd context must be a multiple of 8 (bsc#1192606).
- cifs: Deal with some warnings from W=1 (bsc#1192606).
- cifs: Delete a stray unlock in cifs_swn_reconnect() (bsc#1192606).
- cifs: delete duplicated words in header files (bsc#1192606).
- cifs: detect dead connections only when echoes are enabled (bsc#1192606).
- cifs: Display local UID details for SMB sessions in DebugData
(bsc#1192606).
- cifs: do d_move in rename (bsc#1164565).
- cifs: do not allow changing posix_paths during remount (bsc#1192606).
- cifs: do not cargo-cult strndup() (bsc#1185902).
- cifs: do not create a temp nls in cifs_setup_ipc (bsc#1192606).
- cifs: do not disable noperm if multiuser mount option is not provided
(bsc#1192606).
- cifs: Do not display RDMA transport on reconnect (bsc#1164565).
- cifs: do not duplicate fscache cookie for secondary channels
(bsc#1192606).
- cifs: do not fail __smb_send_rqst if non-fatal signals are pending
(git-fixes).
- cifs: do not ignore the SYNC flags in getattr (bsc#1164565).
- cifs: do not leak -EAGAIN for stat() during reconnect (bsc#1164565).
- cifs: Do not leak EDEADLK to dgetents64 for STATUS_USER_SESSION_DELETED
(bsc#1192606).
- cifs: Do not miss cancelled OPEN responses (bsc#1164565).
- cifs: do not negotiate session if session already exists (bsc#1192606).
- cifs: do not send close in compound create+close requests (bsc#1181507).
- cifs: do not send tree disconnect to ipc shares (bsc#1185902).
- cifs: do not share tcons with DFS (bsc#1178270).
- cifs: do not share tcp servers with dfs mounts (bsc#1185902).
- cifs: do not share tcp sessions of dfs connections (bsc#1185902).
- cifs: do not use 'pre:' for MODULE_SOFTDEP (bsc#1164565).
- cifs: Do not use iov_iter::type directly (bsc#1192606).
- cifs: Do not use the original cruid when following DFS links for
multiuser mounts (bsc#1192606).
- cifs: document and cleanup dfs mount (bsc#1178270).
- cifs: dump channel info in DebugData (bsc#1192606).
- cifs: dump Security Type info in DebugData (bsc#1192606).
- cifs: dump the session id and keys also for SMB2 sessions (bsc#1192606).
- cifs: enable change notification for SMB2.1 dialect (bsc#1164565).
- cifs: enable extended stats by default (bsc#1192606).
- cifs: Enable sticky bit with cifsacl mount option (bsc#1192606).
- cifs: ensure correct super block for DFS reconnect (bsc#1178270).
- cifs: escape spaces in share names (bsc#1192606).
- cifs: export supported mount options via new mount_params /proc file
(bsc#1192606).
- cifs: fail i/o on soft mounts if sessionsetup errors out (bsc#1164565).
- cifs: fiemap: do not return EINVAL if get nothing (bsc#1192606).
- cifs: fix a comment for the timeouts when sending echos (bsc#1164565).
- cifs: fix a memleak with modefromsid (bsc#1192606).
- cifs: fix a sign extension bug (bsc#1192606).
- cifs: fix a white space issue in cifs_get_inode_info() (bsc#1164565).
- cifs: fix allocation size on newly created files (bsc#1192606).
- cifs: Fix an error pointer dereference in cifs_mount() (bsc#1178270).
- cifs: Fix atime update check vs mtime (bsc#1164565).
- cifs: Fix bug which the return value by asynchronous read is error
(bsc#1192606).
- cifs: Fix cached_fid refcnt leak in open_shroot (bsc#1192606).
- cifs: fix channel signing (bsc#1192606).
- cifs: fix check of dfs interlinks (bsc#1185902).
- cifs: fix check of tcon dfs in smb1 (bsc#1178270).
- cifs: Fix chmod with modefromsid when an older ACE already exists
(bsc#1192606).
- cifs: fix chown and chgrp when idsfromsid mount option enabled
(bsc#1192606).
- cifs: Fix cifsacl ACE mask for group and others (bsc#1192606).
- cifs: Fix cifsInodeInfo lock_sem deadlock when reconnect occurs
(bnc#1151927 5.3.10).
- cifs: fix credit accounting for extra channel (bsc#1192606).
- cifs: fix dereference on ses before it is null checked (bsc#1164565).
- cifs: fix dfs domain referrals (bsc#1192606).
- cifs: fix DFS failover (bsc#1192606).
- cifs: fix DFS mount with cifsacl/modefromsid (bsc#1178270).
- cifs: fix dfs-links (bsc#1192606).
- cifs: fix doc warnings in cifs_dfs_ref.c (bsc#1192606).
- cifs: Fix double add page to memcg when cifs_readpages (bsc#1192606).
- cifs: fix double free error on share and prefix (bsc#1178270).
- cifs: Fix fall-through warnings for Clang (bsc#1192606).
- cifs: fix fallocate when trying to allocate a hole (bsc#1192606).
- cifs: fix gcc warning in sid_to_id (bsc#1192606).
- cifs: fix handling of escaped ',' in the password mount argument
(bsc#1192606).
- cifs: Fix in error types returned for out-of-credit situations
(bsc#1192606).
- cifs: Fix incomplete memory allocation on setxattr path (bsc#1179211).
- cifs: Fix inconsistent indenting (bsc#1192606).
- cifs: Fix inconsistent IS_ERR and PTR_ERR (bsc#1192606).
- cifs: fix incorrect check for null pointer in header_assemble
(bsc#1192606).
- cifs: fix incorrect kernel doc comments (bsc#1192606).
- cifs: fix interrupted close commands (git-fixes).
- cifs: fix ipv6 formating in cifs_ses_add_channel (bsc#1192606).
- cifs: fix leak in cifs_smb3_do_mount() ctx (bsc#1192606).
- cifs: Fix leak when handling lease break for cached root fid
(bsc#1176242).
- cifs: fix leaked reference on requeued write (bsc#1178270).
- cifs: Fix lookup of root ses in DFS referral cache (bsc#1164565).
- cifs: Fix lookup of SMB connections on multichannel (bsc#1192606).
- cifs: fix max ea value size (bnc#1151927 5.3.4).
- cifs: Fix memory allocation in __smb2_handle_cancelled_cmd()
(bsc#1164565).
- cifs: fix memory leak in smb2_copychunk_range (git-fixes).
- cifs: fix memory leak of smb3_fs_context_dup::server_hostname
(bsc#1192606).
- cifs: fix minor typos in comments and log messages (bsc#1192606).
- cifs: Fix missed free operations (bnc#1151927 5.3.8).
- cifs: fix missing null session check in mount (bsc#1192606).
- cifs: fix missing spinlock around update to ses->status (bsc#1192606).
- cifs: fix misspellings using codespell tool (bsc#1192606).
- cifs: fix mode bits from dir listing when mounted with modefromsid
(bsc#1164565).
- cifs: Fix mode output in debugging statements (bsc#1164565).
- cifs: fix mount option display for sec=krb5i (bsc#1161907).
- cifs: Fix mount options set in automount (bsc#1164565).
- cifs: fix mounts to subdirectories of target (bsc#1192606).
- cifs: fix nodfs mount option (bsc#1181710).
- cifs: fix NULL dereference in match_prepath (bsc#1164565).
- cifs: fix NULL dereference in smb2_check_message() (bsc#1192606).
- cifs: Fix null pointer check in cifs_read (bsc#1192606).
- cifs: Fix NULL pointer dereference in mid callback (bsc#1164565).
- cifs: Fix NULL-pointer dereference in smb2_push_mandatory_locks
(bnc#1151927 5.3.16).
- cifs: Fix oplock handling for SMB 2.1+ protocols (bnc#1151927 5.3.4).
- cifs: fix out-of-bound memory access when calling smb3_notify() at mount
point (bsc#1192606).
- cifs: fix path comparison and hash calc (bsc#1185902).
- cifs: fix possible uninitialized access and race on iface_list
(bsc#1192606).
- cifs: Fix potential deadlock when updating vol in cifs_reconnect()
(bsc#1164565).
- cifs: fix potential mismatch of UNC paths (bsc#1164565).
- cifs: Fix potential softlockups while refreshing DFS cache (bsc#1164565).
- cifs: fix potential use-after-free bugs (bsc#1192606, jsc#SLE-20042).
- cifs: fix potential use-after-free in cifs_echo_request() (bsc#1139944).
- cifs: Fix preauth hash corruption (git-fixes).
- cifs: fix print of hdr_flags in dfscache_proc_show() (bsc#1192606,
jsc#SLE-20042).
- cifs: fix reference leak for tlink (bsc#1192606).
- cifs: fix regression when mounting shares with prefix paths
(bsc#1192606).
- cifs: fix rename() by ensuring source handle opened with DELETE bit
(bsc#1164565).
- cifs: Fix resource leak (bsc#1192606).
- cifs: Fix retrieval of DFS referrals in cifs_mount() (bsc#1164565).
- cifs: Fix retry mid list corruption on reconnects (bnc#1151927 5.3.10).
- cifs: Fix return value in __update_cache_entry (bsc#1164565).
- cifs: fix rsize/wsize to be negotiated values (bsc#1192606).
- cifs: fix SMB1 error path in cifs_get_file_info_unix (bsc#1192606).
- cifs: Fix SMB2 oplock break processing (bsc#1154355 bnc#1151927 5.3.16).
- cifs: fix soft mounts hanging in the reconnect code (bsc#1164565).
- cifs: fix soft mounts hanging in the reconnect code (bsc#1164565).
- cifs: Fix some error pointers handling detected by static checker
(bsc#1192606).
- cifs: Fix spelling of 'security' (bsc#1192606).
- cifs: fix string declarations and assignments in tracepoints
(bsc#1192606).
- cifs: Fix support for remount when not changing rsize/wsize
(bsc#1192606).
- cifs: Fix task struct use-after-free on reconnect (bsc#1164565).
- cifs: fix the out of range assignment to bit fields in
parse_server_interfaces (bsc#1192606).
- cifs: Fix the target file was deleted when rename failed (bsc#1192606).
- cifs: fix trivial typo (bsc#1192606).
- cifs: fix uninitialised lease_key in open_shroot() (bsc#1178270).
- cifs: fix uninitialized variable in smb3_fs_context_parse_param
(bsc#1192606).
- cifs: fix unitialized variable poential problem with network I/O cache
lock patch (bsc#1164565).
- cifs: Fix unix perm bits to cifsacl conversion for "other" bits
(bsc#1192606).
- cifs: fix unneeded null check (bsc#1192606).
- cifs: fix use after free in cifs_smb3_do_mount() (bsc#1192606).
- cifs: Fix use after free of file info structures (bnc#1151927 5.3.8).
- cifs: Fix use-after-free bug in cifs_reconnect() (bsc#1164565).
- cifs: fix wrong release in sess_alloc_buffer() failed path (bsc#1192606).
- cifs: for compound requests, use open handle if possible (bsc#1192606).
- cifs: Force reval dentry if LOOKUP_REVAL flag is set (bnc#1151927 5.3.7).
- cifs: Force revalidate inode when dentry is stale (bnc#1151927 5.3.7).
- cifs: fork arc4 and create a separate module for it for cifs and other
users (bsc#1192606).
- cifs: get mode bits from special sid on stat (bsc#1164565).
- cifs: get rid of @noreq param in __dfs_cache_find() (bsc#1185902).
- cifs: get rid of cifs_sb->mountdata (bsc#1192606).
- cifs: Get rid of kstrdup_const()'d paths (bsc#1164565).
- cifs: get rid of unused parameter in reconn_setup_dfs_targets()
(bsc#1178270).
- cifs: Grab a reference for the dentry of the cached directory during the
lifetime of the cache (bsc#1192606).
- cifs: Gracefully handle QueryInfo errors during open (bnc#1151927 5.3.7).
- cifs: handle -EINTR in cifs_setattr (bsc#1192606).
- cifs: handle "guest" mount parameter (bsc#1192606).
- cifs: handle "nolease" option for vers=1.0 (bsc#1192606).
- cifs: handle different charsets in dfs cache (bsc#1185902).
- cifs: handle empty list of targets in cifs_reconnect() (bsc#1178270).
- cifs: handle hostnames that resolve to same ip in failover (bsc#1178270).
- cifs: handle prefix paths in reconnect (bsc#1164565).
- cifs: handle reconnect of tcon when there is no cached dfs referral
(bsc#1192606).
- cifs: handle RESP_GET_DFS_REFERRAL.PathConsumed in reconnect
(bsc#1178270).
- cifs: Handle witness client move notification (bsc#1192606).
- cifs: have ->mkdir() handle race with another client sanely
(bsc#1192606).
- cifs: have cifs_fattr_to_inode() refuse to change type on live inode
(bsc#1192606).
- cifs: Identify a connection by a conn_id (bsc#1192606).
- cifs: If a corrupted DACL is returned by the server, bail out
(bsc#1192606).
- cifs: ignore auto and noauto options if given (bsc#1192606).
- cifs: ignore cached share root handle closing errors (bsc#1166780).
- cifs: improve fallocate emulation (bsc#1192606).
- cifs: improve read performance for page size 64KB cache=strict vers=2.1+
(bsc#1192606).
- cifs: In the new mount api we get the full devname as source=
(bsc#1192606).
- cifs: Increment num_remote_opens stats counter even in case of
smb2_query_dir_first (bsc#1192606).
- cifs: Initialize filesystem timestamp ranges (bsc#1164565).
- cifs: introduce cifs_ses_mark_for_reconnect() helper (bsc#1192606).
- cifs: introduce helper for finding referral server (bsc#1181710).
- cifs: Introduce helpers for finding TCP connection (bsc#1164565).
- cifs: introduce new helper for cifs_reconnect() (bsc#1192606,
jsc#SLE-20042).
- cifs: keep referral server sessions alive (bsc#1185902).
- cifs: log mount errors using cifs_errorf() (bsc#1192606).
- cifs: log warning message (once) if out of disk space (bsc#1164565).
- cifs: make build_path_from_dentry() return const char * (bsc#1192606).
- cifs: make const array static, makes object smaller (bsc#1192606).
- cifs: Make extract_hostname function public (bsc#1192606).
- cifs: Make extract_sharename function public (bsc#1192606).
- cifs: make fs_context error logging wrapper (bsc#1192606).
- cifs: make locking consistent around the server session status
(bsc#1192606).
- cifs: make multichannel warning more visible (bsc#1192606).
- cifs: Make SMB2_notify_init static (bsc#1164565).
- cifs: make sure we do not overflow the max EA buffer size (bsc#1164565).
- cifs: make use of cap_unix(ses) in cifs_reconnect_tcon() (bsc#1164565).
- cifs: map STATUS_ACCOUNT_LOCKED_OUT to -EACCES (bsc#1192606).
- cifs: merge __{cifs,smb2}_reconnect[_tcon]() into cifs_tree_connect()
(bsc#1178270).
- cifs: Merge is_path_valid() into get_normalized_path() (bsc#1164565).
- cifs: minor fix to two debug messages (bsc#1192606).
- cifs: minor kernel style fixes for comments (bsc#1192606).
- cifs: minor simplification to smb2_is_network_name_deleted (bsc#1192606).
- cifs: minor update to comments around the cifs_tcp_ses_lock mutex
(bsc#1192606).
- cifs: minor updates to Kconfig (bsc#1192606).
- cifs: misc: Use array_size() in if-statement controlling expression
(bsc#1192606).
- cifs: missed ref-counting smb session in find (bsc#1192606).
- cifs: missing null check for newinode pointer (bsc#1192606).
- cifs: missing null pointer check in cifs_mount (bsc#1185902).
- cifs: modefromsid: make room for 4 ACE (bsc#1164565).
- cifs: modefromsid: write mode ACE first (bsc#1164565).
- cifs: move [brw]size from cifs_sb to cifs_sb->ctx (bsc#1192606).
- cifs: move cache mount options to fs_context.ch (bsc#1192606).
- cifs: move cifs_cleanup_volume_info[_content] to fs_context.c
(bsc#1192606).
- cifs: move cifs_parse_devname to fs_context.c (bsc#1192606).
- cifs: move cifsFileInfo_put logic into a work-queue (bsc#1154355).
- cifs: move debug print out of spinlock (bsc#1192606).
- cifs: Move more definitions into the shared area (bsc#1192606).
- cifs: move NEGOTIATE_PROTOCOL definitions out into the common area
(bsc#1192606).
- cifs: move security mount options into fs_context.ch (bsc#1192606).
- cifs: move SMB FSCTL definitions to common code (bsc#1192606).
- cifs: move smb version mount options into fs_context.c (bsc#1192606).
- cifs: Move SMB2_Create definitions to the shared area (bsc#1192606).
- cifs: move some variables off the stack in smb2_ioctl_query_info
(bsc#1192606).
- cifs: move the check for nohandlecache into open_shroot (bsc#1192606).
- cifs: move the enum for cifs parameters into fs_context.h (bsc#1192606).
- cifs: move update of flags into a separate function (bsc#1192606).
- cifs: multichannel: always zero struct cifs_io_parms (bsc#1192606).
- cifs: multichannel: move channel selection above transport layer
(bsc#1192606).
- cifs: multichannel: move channel selection in function (bsc#1192606).
- cifs: multichannel: try to rebind when reconnecting a channel
(bsc#1192606).
- cifs: multichannel: use pointer for binding channel (bsc#1192606).
- cifs: mute -Wunused-const-variable message (bnc#1151927 5.3.9).
- cifs: New optype for session operations (bsc#1181507).
- cifs: nosharesock should be set on new server (bsc#1192606).
- cifs: nosharesock should not share socket with future sessions
(bsc#1192606).
- cifs: On cifs_reconnect, resolve the hostname again (bsc#1192606).
- cifs: only update prefix path of DFS links in cifs_tree_connect()
(bsc#1178270).
- cifs: only write 64kb at a time when fallocating a small region of a
file (bsc#1192606).
- cifs: Optimize readdir on reparse points (bsc#1164565).
- cifs: pass a path to open_shroot and check if it is the root or not
(bsc#1192606).
- cifs: pass the dentry instead of the inode down to the revalidation
check functions (bsc#1192606).
- cifs: plumb smb2 POSIX dir enumeration (bsc#1164565).
- cifs: populate server_hostname for extra channels (bsc#1192606).
- cifs: potential unintitliazed error code in cifs_getattr() (bsc#1164565).
- cifs: prepare SMB2_Flush to be usable in compounds (bsc#1154355).
- cifs: prepare SMB2_query_directory to be used with compounding
(bsc#1164565).
- cifs: prevent NULL deref in cifs_compose_mount_options() (bsc#1185902).
- cifs: prevent truncation from long to int in wait_for_free_credits
(bsc#1192606).
- cifs: print MIDs in decimal notation (bsc#1181507).
- cifs: Print the address and port we are connecting to in
generic_ip_connect() (bsc#1192606).
- cifs: print warning mounting with vers=1.0 (bsc#1164565).
- cifs: properly invalidate cached root handle when closing it
(bsc#1192606).
- cifs: Properly process SMB3 lease breaks (bsc#1164565).
- cifs: protect session channel fields with chan_lock (bsc#1192606).
- cifs: protect srv_count with cifs_tcp_ses_lock (bsc#1192606).
- cifs: protect updating server->dstaddr with a spinlock (bsc#1192606).
- cifs: Re-indent cifs_swn_reconnect() (bsc#1192606).
- cifs: reduce number of referral requests in DFS link lookups
(bsc#1178270).
- cifs: reduce stack use in smb2_compound_op (bsc#1192606).
- cifs: refactor cifs_get_inode_info() (bsc#1164565).
- cifs: refactor create_sd_buf() and and avoid corrupting the buffer
(bsc#1192606).
- cifs: Reformat DebugData and index connections by conn_id (bsc#1192606).
- cifs: Register generic netlink family (bsc#1192606). Update configs with
CONFIG_SWN_UPCALL unset.
- cifs: release lock earlier in dequeue_mid error case (bsc#1192606).
- cifs: remove [gu]id/backup[gu]id/file_mode/dir_mode from cifs_sb
(bsc#1192606).
- cifs: remove actimeo from cifs_sb (bsc#1192606).
- cifs: remove bogus debug code (bsc#1179427).
- cifs: remove ctx argument from cifs_setup_cifs_sb (bsc#1192606).
- cifs: remove duplicated prototype (bsc#1192606).
- cifs: remove old dead code (bsc#1192606).
- cifs: remove pathname for file from SPDX header (bsc#1192606).
- cifs: remove redundant assignment to pointer pneg_ctxt (bsc#1164565).
- cifs: remove redundant assignment to variable rc (bsc#1164565).
- cifs: remove redundant initialization of variable rc (bsc#1192606).
- cifs: remove redundant initialization of variable rc (bsc#1192606).
- cifs: Remove repeated struct declaration (bsc#1192606).
- cifs: Remove set but not used variable 'capabilities' (bsc#1164565).
- cifs: remove set but not used variable 'server' (bsc#1164565).
- cifs: remove set but not used variables 'cinode' and 'netfid'
(bsc#1164565).
- cifs: remove set but not used variables (bsc#1164565).
- cifs: remove some minor warnings pointed out by kernel test robot
(bsc#1192606).
- cifs: remove the devname argument to cifs_compose_mount_options
(bsc#1192606).
- cifs: remove the retry in cifs_poxis_lock_set (bsc#1192606).
- cifs: Remove the superfluous break (bsc#1192606).
- cifs: remove two cases where rc is set unnecessarily in sid_to_id
(bsc#1192606).
- cifs: remove unnecessary copies of tcon->crfid.fid (bsc#1192606).
- cifs: Remove unnecessary struct declaration (bsc#1192606).
- cifs: remove unneeded variable in smb3_fs_context_dup (bsc#1192606).
- cifs: Remove unused inline function is_sysvol_or_netlogon()
(bsc#1185902).
- cifs: remove unused variable 'server' (bsc#1192606).
- cifs: remove unused variable 'sid_user' (bsc#1164565).
- cifs: remove unused variable (bsc#1164565).
- cifs: Remove useless variable (bsc#1192606).
- cifs: remove various function description warnings (bsc#1192606).
- cifs: rename a variable in SendReceive() (bsc#1164565).
- cifs: rename cifs_common to smbfs_common (bsc#1192606).
- cifs: rename dup_vol to smb3_fs_context_dup and move it into
fs_context.c (bsc#1192606).
- cifs: rename posix create rsp (bsc#1164565).
- cifs: rename reconn_inval_dfs_target() (bsc#1178270).
- cifs: rename smb_vol as smb3_fs_context and move it to fs_context.h
(bsc#1192606).
- cifs: rename the *_shroot* functions to *_cached_dir* (bsc#1192606).
- cifs: report error instead of invalid when revalidating a dentry fails
(bsc#1177440).
- cifs: Respect O_SYNC and O_DIRECT flags during reconnect (bsc#1164565).
- cifs: Retain old ACEs when converting between mode bits and ACL
(bsc#1192606).
- cifs: retry lookup and readdir when EAGAIN is returned (bsc#1192606).
- cifs: return cached_fid from open_shroot (bsc#1192606).
- cifs: Return correct error code from smb2_get_enc_key (git-fixes).
- cifs: Return directly after a failed build_path_from_dentry() in
cifs_do_create() (bsc#1164565).
- cifs: return proper error code in statfs(2) (bsc#1181507).
- cifs: Return the error from crypt_message when enc/dec key not found
(bsc#1179426).
- cifs: returning mount parm processing errors correctly (bsc#1192606).
- cifs: revalidate mapping when we open files for SMB1 POSIX (bsc#1192606).
- cifs: Send witness register and unregister commands to userspace daemon
(bsc#1192606).
- cifs: Send witness register messages to userspace daemon in echo task
(bsc#1192606).
- cifs: send workstation name during ntlmssp session setup (bsc#1192606).
- cifs: set a minimum of 120s for next dns resolution (bsc#1192606).
- cifs: set a minimum of 2 minutes for refreshing dfs cache (bsc#1185902).
- cifs: Set CIFS_MOUNT_USE_PREFIX_PATH flag on setting cifs_sb->prepath
(bsc#1192606).
- cifs: set correct max-buffer-size for smb2_ioctl_init() (bsc#1164565).
- cifs: set server->cipher_type to AES-128-CCM for SMB3.0 (bsc#1192606).
- cifs: set up next DFS target before generic_ip_connect() (bsc#1178270).
- cifs: Set witness notification handler for messages from userspace
daemon (bsc#1192606).
- cifs: Silently ignore unknown oplock break handle (bsc#1192606).
- cifs: Simplify bool comparison (bsc#1192606).
- cifs: simplify handling of cifs_sb/ctx->local_nls (bsc#1192606).
- cifs: Simplify reconnect code when dfs upcall is enabled (bsc#1192606).
- cifs: simplify SWN code with dummy funcs instead of ifdefs (bsc#1192606).
- cifs: smb1: Try failing back to SetFileInfo if SetPathInfo fails
(bsc#1192606).
- cifs: smb2pdu.h: Replace zero-length array with flexible-array member
(bsc#1192606).
- cifs: smbd: Add messages on RDMA session destroy and reconnection
(bsc#1164565).
- cifs: smbd: Calculate the correct maximum packet size for segmented
SMBDirect send/receive (bsc#1192606).
- cifs: smbd: Check and extend sender credits in interrupt context
(bsc#1192606).
- cifs: smbd: Check send queue size before posting a send (bsc#1192606).
- cifs: smbd: Do not schedule work to send immediate packet on every
receive (bsc#1192606).
- cifs: smbd: Invalidate and deregister memory registration on re-send for
direct I/O (bsc#1164565).
- cifs: smbd: Merge code to track pending packets (bsc#1192606).
- cifs: smbd: Only queue work for error recovery on memory registration
(bsc#1164565).
- cifs: smbd: Properly process errors on ib_post_send (bsc#1192606).
- cifs: smbd: Return -EAGAIN when transport is reconnecting (bsc#1164565).
- cifs: smbd: Return -ECONNABORTED when trasnport is not in connected
state (bsc#1164565).
- cifs: smbd: Return -EINVAL when the number of iovs exceeds
SMBDIRECT_MAX_SGE (bsc#1164565).
- cifs: smbd: Update receive credits before sending and deal with credits
roll back on failure before sending (bsc#1192606).
- cifs: sort interface list by speed (bsc#1192606).
- cifs: Spelling s/EACCESS/EACCES/ (bsc#1192606).
- cifs: split out dfs code from cifs_reconnect() (bsc#1192606,
jsc#SLE-20042).
- cifs: Standardize logging output (bsc#1192606).
- cifs: store a pointer to the root dentry in cifs_sb_info once we have
completed mounting the share (bsc#1192606).
- cifs: style: replace one-element array with flexible-array (bsc#1192606).
- cifs: support nested dfs links over reconnect (bsc#1192606,
jsc#SLE-20042).
- cifs: support share failover when remounting (bsc#1192606,
jsc#SLE-20042).
- cifs: switch build_path_from_dentry() to using dentry_path_raw()
(bsc#1192606).
- cifs: switch servers depending on binding state (bsc#1192606).
- cifs: switch to new mount api (bsc#1192606).
- cifs: To match file servers, make sure the server hostname matches
(bsc#1192606).
- cifs: Tracepoints and logs for tracing credit changes (bsc#1181507).
- cifs: try harder to open new channels (bsc#1192606).
- cifs: try opening channels after mounting (bsc#1192606).
- cifs: uncomplicate printing the iocharset parameter (bsc#1192606).
- cifs: Unlock on errors in cifs_swn_reconnect() (bsc#1192606).
- cifs: update ctime and mtime during truncate (bsc#1192606).
- cifs: update FSCTL definitions (bsc#1192606).
- cifs: update internal module version number (bsc#1192606).
- cifs: update internal module version number (bsc#1192606).
- cifs: update internal module version number (bsc#1192606).
- cifs: update internal module version number (bsc#1192606).
- cifs: update internal module version number (bsc#1192606).
- cifs: update internal module version number (bsc#1192606).
- cifs: update internal module version number (bsc#1192606).
- cifs: update internal module version number (bsc#1192606).
- cifs: update internal version number (bsc#1192606).
- cifs: update internal version number (bsc#1192606).
- cifs: update internal version number (bsc#1192606).
- cifs: update internal version number (bsc#1192606).
- cifs: update mnt_cifs_flags during reconfigure (bsc#1192606).
- cifs: update new ACE pointer after populate_new_aces (bsc#1192606).
- cifs: update super_operations to show_devname (bsc#1192606).
- cifs: Use #define in cifs_dbg (bsc#1164565).
- cifs: use cifsInodeInfo->open_file_lock while iterating to avoid a panic
(bnc#1151927 5.3.7).
- cifs: Use common error handling code in smb2_ioctl_query_info()
(bsc#1164565).
- cifs: use compounding for open and first query-dir for readdir()
(bsc#1164565).
- cifs: use discard iterator to discard unneeded network data more
efficiently (bsc#1192606).
- cifs: use echo_interval even when connection not ready (bsc#1192606).
- cifs: use existing handle for compound_op(OP_SET_INFO) when possible
(bsc#1154355).
- cifs: use helpers when parsing uid/gid mount options and validate them
(bsc#1192606).
- cifs: Use memdup_user() rather than duplicating its implementation
(bsc#1164565).
- cifs: use mod_delayed_work() for server->reconnect if already queued
(bsc#1164565).
- cifs: use PTR_ERR_OR_ZERO() to simplify code (bsc#1164565).
- cifs: use SPDX-Licence-Identifier (bsc#1192606).
- cifs: use the expiry output of dns_query to schedule next resolution
(bsc#1192606).
- cifs: use true,false for bool variable (bsc#1164565).
- cifs: warn and fail if trying to use rootfs without the config option
(bsc#1192606).
- cifs: Warn less noisily on default mount (bsc#1192606).
- cifs: we do not allow changing username/password/unc/... during remount
(bsc#1192606).
- cifs/smb3: Fix data inconsistent when punch hole (bsc#1176544).
- cifs/smb3: Fix data inconsistent when zero file range (bsc#1176536).
- cifs`: handle ERRBaduid for SMB1 (bsc#1192606).
- clk: imx: imx6ul: Move csi_sel mux to correct base register (git-fixes).
- clk: ingenic: Fix bugs with divided dividers (git-fixes).
- config: refresh BPF configs (jsc#SLE-22574) The SUSE-commit 9a413cc7eb56
("config: disable unprivileged BPF by default (jsc#SLE-22573)")
inherited from SLE15-SP2 puts the BPF config into the wrong place due to
SLE15-SP3 additionally backported b24abcff918a ("bpf, kconfig: Add
consolidated menu entry for bpf with core options"), and leads to
duplicate CONFIG_BPF_UNPRIV_DEFAULT_OFF entires; this commit remove
those BPF config. Also, disable unprivileged BPF for armv7hl, which did
not inherit the config change from SLE15-SP2.
- constraints: Build aarch64 on recent ARMv8.1 builders. Request asimdrdm
feature which is available only on recent ARMv8.1 CPUs. This should
prevent scheduling the kernel on an older slower builder.
- Convert trailing spaces and periods in path components (bsc#1179424).
- crypto: ecc - fix CRYPTO_DEFAULT_RNG dependency (git-fixes).
- crypto: pcrypt - Delay write to padata->info (git-fixes).
- crypto: s5p-sss - Add error handling in s5p_aes_probe() (git-fixes).
- cxgb4: fix eeprom len when diagnostics not implemented (git-fixes).
- dm raid: remove unnecessary discard limits for raid0 and raid10
(bsc#1192320).
- dm: fix deadlock when swapping to encrypted device (bsc#1186332).
- dmaengine: at_xdmac: fix AT_XDMAC_CC_PERID() macro (git-fixes).
- dmaengine: dmaengine_desc_callback_valid(): Check for `callback_result`
(git-fixes).
- do_cifs_create(): do not set ->i_mode of something we had not created
(bsc#1192606).
- drm: panel-orientation-quirks: Add quirk for Aya Neo 2021 (git-fixes).
- drm: panel-orientation-quirks: Add quirk for GPD Win3 (git-fixes).
- drm: panel-orientation-quirks: Add quirk for KD Kurio Smart C15200
2-in-1 (git-fixes).
- drm: panel-orientation-quirks: Add quirk for the Samsung Galaxy Book
10.6 (git-fixes).
- drm: panel-orientation-quirks: Update the Lenovo Ideapad D330 quirk (v2)
(git-fixes).
- drm/amd/display: Set plane update flags for all planes in reset
(git-fixes).
- drm/amdgpu: fix set scaling mode Full/Full aspect/Center not works on
vga and dvi connectors (git-fixes).
- drm/msm: Do hw_init() before capturing GPU state (git-fixes).
- drm/msm/a6xx: Allocate enough space for GMU registers (git-fixes).
- drm/nouveau: hdmigv100.c: fix corrupted HDMI Vendor InfoFrame
(git-fixes).
- drm/nouveau/acr: fix a couple NULL vs IS_ERR() checks (git-fixes).
- drm/nouveau/svm: Fix refcount leak bug and missing check against null
bug (git-fixes).
- drm/panel-orientation-quirks: add Valve Steam Deck (git-fixes).
- drm/pl111: Actually fix CONFIG_VEXPRESS_CONFIG depends (git-fixes).
- drm/plane-helper: fix uninitialized variable reference (git-fixes).
- drm/vc4: fix error code in vc4_create_object() (git-fixes).
- drop superfluous empty lines
- e1000e: Separate TGP board type from SPT (bsc#1192874).
- EDAC/amd64: Handle three rank interleaving mode (bsc#1152489).
- elfcore: correct reference to CONFIG_UML (git-fixes).
- elfcore: fix building with clang (bsc#1169514).
- ethtool: fix ethtool msg len calculation for pause stats (jsc#SLE-15075).
- firmware: qcom_scm: Mark string array const (git-fixes).
- fuse: release pipe buf after last use (bsc#1193318).
- gve: Add netif_set_xps_queue call (bsc#1176940).
- gve: Add rx buffer pagecnt bias (bsc#1176940).
- gve: Allow pageflips on larger pages (bsc#1176940).
- gve: Do lazy cleanup in TX path (git-fixes).
- gve: DQO: avoid unused variable warnings (bsc#1176940).
- gve: Switch to use napi_complete_done (git-fixes).
- gve: Track RX buffer allocation failures (bsc#1176940).
- hwmon: (k10temp) Add additional missing Zen2 and Zen3 APUs
(jsc#SLE-17823 jsc#SLE-23139 jsc#ECO-3666).
- hwmon: (k10temp) Add support for yellow carp (jsc#SLE-17823
jsc#SLE-23139 jsc#ECO-3666).
- hwmon: (k10temp) Add support for Zen3 CPUs (jsc#SLE-17823 jsc#SLE-23139
jsc#ECO-3666).
- hwmon: (k10temp) Create common functions and macros for Zen CPU families
(jsc#SLE-17823 jsc#SLE-23139 jsc#ECO-3666).
- hwmon: (k10temp) Define SVI telemetry and current factors for Zen2 CPUs
(jsc#SLE-17823 jsc#SLE-23139 jsc#ECO-3666).
- hwmon: (k10temp) Do not show Tdie for all Zen/Zen2/Zen3 CPU/APU
(jsc#SLE-17823 jsc#SLE-23139 jsc#ECO-3666).
- hwmon: (k10temp) make some symbols static (jsc#SLE-17823 jsc#SLE-23139
jsc#ECO-3666).
- hwmon: (k10temp) Remove residues of current and voltage (jsc#SLE-17823
jsc#SLE-23139 jsc#ECO-3666).
- hwmon: (k10temp) Remove support for displaying voltage and current on
Zen CPUs (jsc#SLE-17823 jsc#SLE-23139 jsc#ECO-3666).
- hwmon: (k10temp) Reorganize and simplify temperature support detection
(jsc#SLE-17823 jsc#SLE-23139 jsc#ECO-3666).
- hwmon: (k10temp) Rework the temperature offset calculation
(jsc#SLE-17823 jsc#SLE-23139 jsc#ECO-3666).
- hwmon: (k10temp) support Zen3 APUs (jsc#SLE-17823 jsc#SLE-23139
jsc#ECO-3666).
- hwmon: (k10temp) Swap Tdie and Tctl on Family 17h CPUs (jsc#SLE-17823
jsc#SLE-23139 jsc#ECO-3666).
- hwmon: (k10temp) Update documentation and add temp2_input info
(jsc#SLE-17823 jsc#SLE-23139 jsc#ECO-3666).
- hwmon: (k10temp) Update driver documentation (jsc#SLE-17823
jsc#SLE-23139 jsc#ECO-3666).
- hwmon: (k10temp) Zen3 Ryzen Desktop CPUs support (jsc#SLE-17823
jsc#SLE-23139 jsc#ECO-3666).
- i2c: cbus-gpio: set atomic transfer callback (git-fixes).
- i2c: stm32f7: flush TX FIFO upon transfer errors (git-fixes).
- i2c: stm32f7: recover the bus on access timeout (git-fixes).
- i2c: stm32f7: stop dma transfer in case of NACK (git-fixes).
- i2c: xlr: Fix a resource leak in the error handling path of
'xlr_i2c_probe()' (git-fixes).
- i40e: Fix changing previously set num_queue_pairs for PFs (git-fixes).
- i40e: Fix correct max_pkt_size on VF RX queue (git-fixes).
- i40e: Fix creation of first queue by omitting it if is not power of two
(git-fixes).
- i40e: Fix display error code in dmesg (git-fixes).
- i40e: Fix failed opcode appearing if handling messages from VF
(git-fixes).
- i40e: Fix NULL ptr dereference on VSI filter sync (git-fixes).
- i40e: Fix ping is lost after configuring ADq on VF (git-fixes).
- i40e: Fix pre-set max number of queues for VF (git-fixes).
- i40e: Fix warning message and call stack during rmmod i40e driver
(git-fixes).
- iavf: check for null in iavf_fix_features (git-fixes).
- iavf: do not clear a lock we do not hold (git-fixes).
- iavf: Fix failure to exit out from last all-multicast mode (git-fixes).
- iavf: Fix for setting queues to 0 (jsc#SLE-12877).
- iavf: Fix for the false positive ASQ/ARQ errors while issuing VF reset
(git-fixes).
- iavf: Fix reporting when setting descriptor count (git-fixes).
- iavf: Fix return of set the new channel count (jsc#SLE-12877).
- iavf: free q_vectors before queues in iavf_disable_vf (git-fixes).
- iavf: prevent accidental free of filter structure (git-fixes).
- iavf: Prevent changing static ITR values if adaptive moderation is on
(git-fixes).
- iavf: Restore VLAN filters after link down (git-fixes).
- iavf: validate pointers (git-fixes).
- ibmvnic: drop bad optimization in reuse_rx_pools() (bsc#1193349
ltc#195568).
- ibmvnic: drop bad optimization in reuse_tx_pools() (bsc#1193349
ltc#195568).
- ice: avoid bpf_prog refcount underflow (jsc#SLE-7926).
- ice: avoid bpf_prog refcount underflow (jsc#SLE-7926).
- ice: Delete always true check of PF pointer (git-fixes).
- ice: Fix not stopping Tx queues for VFs (jsc#SLE-7926).
- ice: Fix VF true promiscuous mode (jsc#SLE-12878).
- ice: fix vsi->txq_map sizing (jsc#SLE-7926).
- ice: ignore dropped packets during init (git-fixes).
- ice: Remove toggling of antispoof for VF trusted promiscuous mode
(jsc#SLE-12878).
- igb: fix netpoll exit with traffic (git-fixes).
- igc: Remove _I_PHY_ID checking (bsc#1193169).
- igc: Remove phy->type checking (bsc#1193169).
- iio: imu: st_lsm6dsx: Avoid potential array overflow in
st_lsm6dsx_set_odr() (git-fixes).
- Input: iforce - fix control-message timeout (git-fixes).
- iommu: Check if group is NULL before remove device (git-fixes).
- iommu/amd: Relocate GAMSup check to early_enable_iommus (git-fixes).
- iommu/amd: Remove iommu_init_ga() (git-fixes).
- iommu/mediatek: Fix out-of-range warning with clang (git-fixes).
- iommu/vt-d: Consolidate duplicate cache invaliation code (git-fixes).
- iommu/vt-d: Fix incomplete cache flush in intel_pasid_tear_down_entry()
(git-fixes).
- iommu/vt-d: Update the virtual command related registers (git-fixes).
- ipmi: Disable some operations during a panic (git-fixes).
- kABI: dm: fix deadlock when swapping to encrypted device (bsc#1186332).
- kabi: hide changes to struct uv_info (git-fixes).
- kernel-obs-build: include the preferred kernel parameters Currently the
Open Build Service hardcodes the kernel boot parameters globally.
Recently functionality was added to control the parameters by the
kernel-obs-build package, so make use of that. parameters here will
overwrite what is used by OBS otherwise.
- kernel-obs-build: inform build service about virtio-serial Inform the
build worker code that this kernel supports virtio-serial, which
improves performance and relability of logging.
- kernel-obs-build: remove duplicated/unused parameters lbs=0 - this
parameters is just giving "unused parameter" and it looks like I can not
find any version that implemented this. rd.driver.pre=binfmt_misc is not
needed when setup_obs is used, it alread loads the kernel module. quiet
and panic=1 will now be also always added by OBS, so we do not have to
set it here anymore.
- kernel-source.spec: install-kernel-tools also required on 15.4
- lib/xz: Avoid overlapping memcpy() with invalid input with in-place
decompression (git-fixes).
- lib/xz: Validate the value before assigning it to an enum variable
(git-fixes).
- libata: fix checking of DMA state (git-fixes).
- linux/parser.h: add include guards (bsc#1192606).
- lpfc: Reintroduce old IRQ probe logic (bsc#1183897).
- md: add md_submit_discard_bio() for submitting discard bio (bsc#1192320).
- md: fix a lock order reversal in md_alloc (git-fixes).
- md/raid10: extend r10bio devs to raid disks (bsc#1192320).
- md/raid10: improve discard request for far layout (bsc#1192320).
- md/raid10: improve raid10 discard request (bsc#1192320).
- md/raid10: initialize r10_bio->read_slot before use (bsc#1192320).
- md/raid10: pull the code that wait for blocked dev into one function
(bsc#1192320).
- md/raid10: Remove unnecessary rcu_dereference in raid10_handle_discard
(bsc#1192320).
- mdio: aspeed: Fix "Link is Down" issue (bsc#1176447).
- media: imx: set a media_device bus_info string (git-fixes).
- media: ipu3-imgu: imgu_fmt: Handle properly try (git-fixes).
- media: ipu3-imgu: VIDIOC_QUERYCAP: Fix bus_info (git-fixes).
- media: ir-kbd-i2c: improve responsiveness of hauppauge zilog receivers
(git-fixes).
- media: mceusb: return without resubmitting URB in case of -EPROTO error
(git-fixes).
- media: mt9p031: Fix corrupted frame after restarting stream (git-fixes).
- media: netup_unidvb: handle interrupt properly according to the firmware
(git-fixes).
- media: rcar-csi2: Add checking to rcsi2_start_receiver() (git-fixes).
- media: s5p-mfc: fix possible null-pointer dereference in s5p_mfc_probe()
(git-fixes).
- media: stm32: Potential NULL pointer dereference in dcmi_irq_thread()
(git-fixes).
- media: usb: dvd-usb: fix uninit-value bug in dibusb_read_eeprom_byte()
(git-fixes).
- media: uvcvideo: Return -EIO for control errors (git-fixes).
- media: uvcvideo: Set capability in s_param (git-fixes).
- media: uvcvideo: Set unique vdev name based in type (git-fixes).
- memstick: r592: Fix a UAF bug when removing the driver (git-fixes).
- MM: reclaim mustn't enter FS for swap-over-NFS (bsc#1191876).
- mmc: dw_mmc: Dont wait for DRTO on Write RSP error (git-fixes).
- mmc: winbond: do not build on M68K (git-fixes).
- mtd: core: do not remove debugfs directory if device is in use
(git-fixes).
- mwifiex: Properly initialize private structure on interface type changes
(git-fixes).
- mwifiex: Read a PCI register after writing the TX ring write pointer
(git-fixes).
- mwifiex: Run SET_BSS_MODE when changing from P2P to STATION vif-type
(git-fixes).
- mwl8k: Fix use-after-free in mwl8k_fw_state_machine() (git-fixes).
- net: asix: fix uninit value bugs (git-fixes).
- net: bnx2x: fix variable dereferenced before check (git-fixes).
- net: bridge: fix under estimation in br_get_linkxstats_size()
(bsc#1176447).
- net: cdc_ncm: Allow for dwNtbOutMaxSize to be unset or zero (git-fixes).
- net: delete redundant function declaration (git-fixes).
- net: hns3: change affinity_mask to numa node range (bsc#1154353).
- net: hns3: fix misuse vf id and vport id in some logs (bsc#1154353).
- net: hns3: remove check VF uc mac exist when set by PF (bsc#1154353).
- net: hso: fix control-request directions (git-fixes).
- net: hso: fix muxed tty registration (git-fixes).
- net: linkwatch: fix failure to restore device state across
suspend/resume (bsc#1192511).
- net: mana: Allow setting the number of queues while the NIC is down
(jsc#SLE-18779, bsc#1185726).
- net: mana: Fix memory leak in mana_hwc_create_wq (jsc#SLE-18779,
bsc#1185726).
- net: mana: Fix spelling mistake "calledd" -> "called" (jsc#SLE-18779,
bsc#1185726).
- net: mana: Fix the netdev_err()'s vPort argument in mana_init_port()
(jsc#SLE-18779, bsc#1185726).
- net: mana: Improve the HWC error handling (jsc#SLE-18779, bsc#1185726).
- net: mana: Support hibernation and kexec (jsc#SLE-18779, bsc#1185726).
- net: mana: Use kcalloc() instead of kzalloc() (jsc#SLE-18779,
bsc#1185726).
- net: pegasus: fix uninit-value in get_interrupt_interval (git-fixes).
- net: qlogic: qlcnic: Fix a NULL pointer dereference in
qlcnic_83xx_add_rings() (git-fixes).
- net: stmmac: add EHL 2.5Gbps PCI info and PCI ID (bsc#1192691).
- net: stmmac: add EHL PSE0 PSE1 1Gbps PCI info and PCI ID (bsc#1192691).
- net: stmmac: add EHL RGMII 1Gbps PCI info and PCI ID (bsc#1192691).
- net: stmmac: add EHL SGMII 1Gbps PCI info and PCI ID (bsc#1192691).
- net: stmmac: add TGL SGMII 1Gbps PCI info and PCI ID (bsc#1192691).
- net: stmmac: create dwmac-intel.c to contain all Intel platform
(bsc#1192691).
- net: stmmac: pci: Add HAPS support using GMAC5 (bsc#1192691).
- net: usb: lan78xx: lan78xx_phy_init(): use PHY_POLL instead of "0" if no
IRQ is available (git-fixes).
- net: usb: lan78xx: lan78xx_phy_init(): use PHY_POLL instead of "0" if no
IRQ is available (git-fixes).
- net: usb: Merge cpu_to_le32s + memcpy to put_unaligned_le32 (git-fixes).
- net/mlx4_en: Fix an use-after-free bug in mlx4_en_try_alloc_resources()
(git-fixes).
- net/mlx5: E-Switch, return error if encap isn't supported
(jsc#SLE-15172).
- net/mlx5e: reset XPS on error flow if netdev isn't registered yet
(git-fixes).
- net/sched: sch_ets: do not peek at classes beyond 'nbands' (bsc#1176774).
- netfilter: ctnetlink: do not erase error code with EINVAL (bsc#1176447).
- netfilter: ctnetlink: fix filtering with CTA_TUPLE_REPLY (bsc#1176447).
- netfilter: flowtable: fix IPv6 tunnel addr match (bsc#1176447).
- NFC: add NCI_UNREG flag to eliminate the race (git-fixes).
- NFC: pn533: Fix double free when pn533_fill_fragment_skbs() fails
(git-fixes).
- NFC: reorder the logic in nfc_{un,}register_device (git-fixes).
- NFC: reorganize the functions in nci_request (git-fixes).
- nfp: checking parameter process for rx-usecs/tx-usecs is invalid
(git-fixes).
- nfp: Fix memory leak in nfp_cpp_area_cache_add() (git-fixes).
- NFS: Do not set NFS_INO_DATA_INVAL_DEFER and NFS_INO_INVALID_DATA
(git-fixes).
- NFS: do not take i_rwsem for swap IO (bsc#1191876).
- NFS: Fix deadlocks in nfs_scan_commit_list() (git-fixes).
- NFS: Fix up commit deadlocks (git-fixes).
- NFS: move generic_write_checks() call from nfs_file_direct_write() to
nfs_file_write() (bsc#1191876).
- nfsd: do not alloc under spinlock in rpc_parse_scope_id (git-fixes).
- nfsd: fix error handling of register_pernet_subsys() in init_nfsd()
(git-fixes).
- nfsd4: Handle the NFSv4 READDIR 'dircount' hint being zero (git-fixes).
- NFSv4: Fix a regression in nfs_set_open_stateid_locked() (git-fixes).
- nvme-multipath: Skip not ready namespaces when revalidating paths
(bsc#1191793 bsc#1192507 bsc#1192969).
- nvme-pci: add NO APST quirk for Kioxia device (git-fixes).
- objtool: Support Clang non-section symbols in ORC generation
(bsc#1169514).
- PCI: Add PCI_EXP_DEVCTL_PAYLOAD_* macros (git-fixes).
- PCI: Mark Atheros QCA6174 to avoid bus reset (git-fixes).
- PCI/MSI: Deal with devices lying about their MSI mask capability
(git-fixes).
- perf: Correctly handle failed perf_get_aux_event() (git-fixes).
- perf/x86/intel: Fix unchecked MSR access error caused by VLBR_EVENT
(git-fixes).
- perf/x86/intel/uncore: Fix Intel ICX IIO event constraints (git-fixes).
- perf/x86/intel/uncore: Fix M2M event umask for Ice Lake server
(git-fixes).
- perf/x86/intel/uncore: Fix the scale of the IMC free-running events
(git-fixes).
- perf/x86/intel/uncore: Support extra IMC channel on Ice Lake server
(git-fixes).
- perf/x86/vlbr: Add c->flags to vlbr event constraints (git-fixes).
- platform/x86: hp_accel: Fix an error handling path in
'lis3lv02d_probe()' (git-fixes).
- platform/x86: wmi: do not fail if disabling fails (git-fixes).
- PM: hibernate: Get block device exclusively in swsusp_check()
(git-fixes).
- PM: hibernate: use correct mode for swsusp_close() (git-fixes).
- pnfs/flexfiles: Fix misplaced barrier in nfs4_ff_layout_prepare_ds
(git-fixes).
- powerpc: fix unbalanced node refcount in check_kvm_guest()
(jsc#SLE-15869 jsc#SLE-16321 git-fixes).
- powerpc/iommu: Report the correct most efficient DMA mask for PCI
devices (git-fixes).
- powerpc/paravirt: correct preempt debug splat in vcpu_is_preempted()
(bsc#1181148 ltc#190702 git-fixes).
- powerpc/paravirt: vcpu_is_preempted() commentary (bsc#1181148 ltc#190702
git-fixes).
- powerpc/perf: Fix cycles/instructions as PM_CYC/PM_INST_CMPL in power10
(jsc#SLE-13513 git-fixes).
- powerpc/pseries: Move some PAPR paravirt functions to their own file
(bsc#1181148 ltc#190702 git-fixes).
- powerpc/watchdog: Avoid holding wd_smp_lock over printk and
smp_send_nmi_ipi (bsc#1187541 ltc#192129).
- powerpc/watchdog: Fix missed watchdog reset due to memory ordering race
(bsc#1187541 ltc#192129).
- powerpc/watchdog: Fix wd_smp_last_reset_tb reporting (bsc#1187541
ltc#192129).
- powerpc/watchdog: read TB close to where it is used (bsc#1187541
ltc#192129).
- powerpc/watchdog: tighten non-atomic read-modify-write access
(bsc#1187541 ltc#192129).
- printk: Remove printk.h inclusion in percpu.h (bsc#1192987).
- qede: validate non LSO skb length (git-fixes).
- r8152: limit the RX buffer size of RTL8153A for USB 2.0 (git-fixes).
- r8169: Add device 10ec:8162 to driver r8169 (git-fixes).
- RDMA/bnxt_re: Update statistics counter name (jsc#SLE-16649).
- recordmcount.pl: fix typo in s390 mcount regex (bsc#1192267).
- recordmcount.pl: look for jgnop instruction as well as bcrl on s390
(bsc#1192267).
- reset: socfpga: add empty driver allowing consumers to probe (git-fixes).
- ring-buffer: Protect ring_buffer_reset() from reentrancy (bsc#1179960).
- rpm/*.spec.in: use buildroot macro instead of env variable The
RPM_BUILD_ROOT variable is considered deprecated over a buildroot macro.
future proof the spec files.
- rpm/kernel-binary.spec.in: do not strip vmlinux again (bsc#1193306)
After usrmerge, vmlinux file is not named vmlinux-lt;version>, but
simply vmlinux. And this is not reflected in STRIP_KEEP_SYMTAB we set.
So fix this by removing the dash...
- rpm/kernel-obs-build.spec.in: move to zstd for the initrd Newer distros
have capability to decompress zstd, which provides a 2-5% better
compression ratio at very similar cpu overhead. Plus this tests the zstd
codepaths now as well.
- rt2x00: do not mark device gone on EPROTO errors during start
(git-fixes).
- rxrpc: Fix rxrpc_local leak in rxrpc_lookup_peer() (bsc#1154353
bnc#1151927 5.3.9).
- s390: mm: Fix secure storage access exception handling (git-fixes).
- s390/bpf: Fix branch shortening during codegen pass (bsc#1193993).
- s390/uv: fully validate the VMA before calling follow_page() (git-fixes).
- scsi: iscsi: Adjust iface sysfs attr detection (git-fixes).
- scsi: lpfc: Fix non-recovery of remote ports following an unsolicited
LOGO (bsc#1189126).
- scsi: mpi3mr: Fix duplicate device entries when scanning through sysfs
(git-fixes).
- scsi: mpt3sas: Fix kernel panic during drive powercycle test (git-fixes).
- scsi: mpt3sas: Fix system going into read-only mode (git-fixes).
- scsi: pm80xx: Do not call scsi_remove_host() in pm8001_alloc()
(git-fixes).
- scsi: qla2xxx: Fix gnl list corruption (git-fixes).
- scsi: qla2xxx: Relogin during fabric disturbance (git-fixes).
- scsi: qla2xxx: Turn off target reset during issue_lip (git-fixes).
- serial: 8250_pci: Fix ACCES entries in pci_serial_quirks array
(git-fixes).
- serial: 8250_pci: rewrite pericom_do_set_divisor() (git-fixes).
- serial: 8250: Fix RTS modem control while in rs485 mode (git-fixes).
- serial: core: fix transmit-buffer reset and memleak (git-fixes).
- smb2: clarify rc initialization in smb2_reconnect (bsc#1192606).
- smb2: fix use-after-free in smb2_ioctl_query_info() (bsc#1192606).
- smb3: add additional null check in SMB2_ioctl (bsc#1192606).
- smb3: add additional null check in SMB2_open (bsc#1192606).
- smb3: add additional null check in SMB2_tcon (bsc#1192606).
- smb3: add additional null check in SMB311_posix_mkdir (bsc#1192606).
- smb3: Add debug message for new file creation with idsfromsid mount
option (bsc#1192606).
- smb3: add debug messages for closing unmatched open (bsc#1164565).
- smb3: add defines for new crypto algorithms (bsc#1192606).
- smb3: Add defines for new information level, FileIdInformation
(bsc#1164565).
- smb3: add defines for new signing negotiate context (bsc#1192606).
- smb3: add dynamic trace point to trace when credits obtained
(bsc#1181507).
- smb3: add dynamic trace points for socket connection (bsc#1192606).
- smb3: add dynamic tracepoints for flush and close (bsc#1164565).
- smb3: add indatalen that can be a non-zero value to calculation of
credit charge in smb2 ioctl (bsc#1192606).
- smb3: add missing flag definitions (bsc#1164565).
- smb3: Add missing reparse tags (bsc#1164565).
- smb3: add missing worker function for SMB3 change notify (bsc#1164565).
- smb3: add mount option to allow forced caching of read only share
(bsc#1164565).
- smb3: add mount option to allow RW caching of share accessed by only 1
client (bsc#1164565).
- smb3: Add new compression flags (bsc#1192606).
- smb3: Add new info level for query directory (bsc#1192606).
- smb3: add new module load parm enable_gcm_256 (bsc#1192606).
- smb3: add new module load parm require_gcm_256 (bsc#1192606).
- smb3: Add new parm "nodelete" (bsc#1192606).
- smb3: add one more dynamic tracepoint missing from strict fsync path
(bsc#1164565).
- smb3: add rasize mount parameter to improve readahead performance
(bsc#1192606).
- smb3: add some missing definitions from MS-FSCC (bsc#1192606).
- smb3: add some more descriptive messages about share when mounting
cache=ro (bsc#1164565).
- smb3: Add support for getting and setting SACLs (bsc#1192606).
- smb3: Add support for lookup with posix extensions query info
(bsc#1192606).
- smb3: Add support for negotiating signing algorithm (bsc#1192606).
- smb3: Add support for query info using posix extensions (level 100)
(bsc#1192606).
- smb3: add support for recognizing WSL reparse tags (bsc#1192606).
- smb3: Add support for SMB311 query info (non-compounded) (bsc#1192606).
- smb3: add support for stat of WSL reparse points for special file types
(bsc#1192606).
- smb3: add support for using info level for posix extensions query
(bsc#1192606).
- smb3: Add tracepoints for new compound posix query info (bsc#1192606).
- smb3: Additional compression structures (bsc#1192606).
- smb3: allow decryption keys to be dumped by admin for debugging
(bsc#1164565).
- smb3: allow disabling requesting leases (bnc#1151927 5.3.4).
- smb3: allow dumping GCM256 keys to improve debugging of encrypted shares
(bsc#1192606).
- smb3: allow dumping keys for multiuser mounts (bsc#1192606).
- smb3: allow parallelizing decryption of reads (bsc#1164565).
- smb3: allow skipping signature verification for perf sensitive
configurations (bsc#1164565).
- smb3: allow uid and gid owners to be set on create with idsfromsid mount
option (bsc#1192606).
- smb3: avoid confusing warning message on mount to Azure (bsc#1192606).
- smb3: Avoid Mid pending list corruption (bsc#1192606).
- smb3: Backup intent flag missing from some more ops (bsc#1164565).
- smb3: Call cifs reconnect from demultiplex thread (bsc#1192606).
- smb3: change noisy error message to FYI (bsc#1192606).
- smb3: cleanup some recent endian errors spotted by updated sparse
(bsc#1164565).
- smb3: correct server pointer dereferencing check to be more consistent
(bsc#1192606).
- smb3: correct smb3 ACL security descriptor (bsc#1192606).
- smb3: default to minimum of two channels when multichannel specified
(bsc#1192606).
- smb3: display max smb3 requests in flight at any one time (bsc#1164565).
- smb3: do not attempt multichannel to server which does not support it
(bsc#1192606).
- smb3: do not error on fsync when readonly (bsc#1192606).
- smb3: do not fail if no encryption required but server does not support
it (bsc#1192606).
- smb3: do not log warning message if server does not populate salt
(bsc#1192606).
- smb3: do not setup the fscache_super_cookie until fsinfo initialized
(bsc#1192606).
- smb3: do not try to cache root directory if dir leases not supported
(bsc#1192606).
- smb3: dump in_send and num_waiters stats counters by default
(bsc#1164565).
- smb3: enable negotiating stronger encryption by default (bsc#1192606).
- smb3: enable offload of decryption of large reads via mount option
(bsc#1164565).
- smb3: enable swap on SMB3 mounts (bsc#1192606).
- smb3: extend fscache mount volume coherency check (bsc#1192606).
- smb3: fix access denied on change notify request to some servers
(bsc#1192606).
- smb3: fix cached file size problems in duplicate extents (reflink)
(bsc#1192606).
- smb3: Fix crash in SMB2_open_init due to uninitialized field in
compounding path (bsc#1164565).
- smb3: fix crediting for compounding when only one request in flight
(bsc#1181507).
- smb3: fix default permissions on new files when mounting with
modefromsid (bsc#1164565).
- smb3: Fix ids returned in POSIX query dir (bsc#1192606).
- smb3: fix incorrect number of credits when ioctl MaxOutputResponse > 64K
(bsc#1192606).
- smb3: fix leak in "open on server" perf counter (bnc#1151927 5.3.4).
- smb3: Fix mkdir when idsfromsid configured on mount (bsc#1192606).
- smb3: fix mode passed in on create for modetosid mount option
(bsc#1164565).
- smb3: fix mount failure to some servers when compression enabled
(bsc#1192606).
- smb3: Fix out-of-bounds bug in SMB2_negotiate() (bsc#1183540).
- smb3: fix performance regression with setting mtime (bsc#1164565).
- smb3: Fix persistent handles reconnect (bnc#1151927 5.3.11).
- smb3: fix posix extensions mount option (bsc#1192606).
- smb3: fix possible access to uninitialized pointer to DACL (bsc#1192606).
- smb3: fix potential null dereference in decrypt offload (bsc#1164565).
- smb3: fix problem with null cifs super block with previous patch
(bsc#1164565).
- smb3: fix readpage for large swap cache (bsc#1192606).
- smb3: fix refcount underflow warning on unmount when no directory leases
(bsc#1164565).
- smb3: Fix regression in time handling (bsc#1164565).
- smb3: fix signing verification of large reads (bsc#1154355).
- smb3: fix stat when special device file and mounted with modefromsid
(bsc#1192606).
- smb3: fix typo in compression flag (bsc#1192606).
- smb3: fix typo in header file (bsc#1192606).
- smb3: fix typo in mount options displayed in /proc/mounts (bsc#1192606).
- smb3: fix uninitialized value for port in witness protocol move
(bsc#1192606).
- smb3: fix unmount hang in open_shroot (bnc#1151927 5.3.4).
- smb3: fix unneeded error message on change notify (bsc#1192606).
- smb3: Handle error case during offload read path (bsc#1192606).
- smb3: Honor 'handletimeout' flag for multiuser mounts (bsc#1176558).
- smb3: Honor 'posix' flag for multiuser mounts (bsc#1176559).
- smb3: Honor 'seal' flag for multiuser mounts (bsc#1176545).
- smb3: Honor lease disabling for multiuser mounts (git-fixes).
- smb3: Honor persistent/resilient handle flags for multiuser mounts
(bsc#1176546).
- smb3: if max_channels set to more than one channel request multichannel
(bsc#1192606).
- smb3: improve check for when we send the security descriptor context on
create (bsc#1164565).
- smb3: improve handling of share deleted (and share recreated)
(bsc#1154355).
- smb3: incorrect file id in requests compounded with open (bsc#1192606).
- smb3: Incorrect size for netname negotiate context (bsc#1154355).
- smb3: limit noisy error (bsc#1192606).
- smb3: log warning if CSC policy conflicts with cache mount option
(bsc#1164565).
- smb3: Minor cleanup of protocol definitions (bsc#1192606).
- smb3: minor update to compression header definitions (bsc#1192606).
- smb3: missing ACL related flags (bsc#1164565).
- smb3: negotiate current dialect (SMB3.1.1) when version 3 or greater
requested (bsc#1192606).
- smb3: only offload decryption of read responses if multiple requests
(bsc#1164565).
- smb3: pass mode bits into create calls (bsc#1164565).
- smb3: prevent races updating CurrentMid (bsc#1192606).
- smb3: print warning if server does not support requested encryption type
(bsc#1192606).
- smb3: print warning once if posix context returned on open
(bsc#1164565).
- smb3: query attributes on file close (bsc#1164565).
- smb3: rc uninitialized in one fallocate path (bsc#1192606).
- smb3: remind users that witness protocol is experimental (bsc#1192606).
- smb3: remove confusing dmesg when mounting with encryption ("seal")
(bsc#1164565).
- smb3: remove confusing mount warning when no SPNEGO info on negprot rsp
(bsc#1192606).
- smb3: remove dead code for non compounded posix query info (bsc#1192606).
- smb3: remove noisy debug message and minor cleanup (bsc#1164565).
- smb3: remove overly noisy debug line in signing errors (bsc#1192606).
- smb3: remove static checker warning (bsc#1192606).
- smb3: remove trivial dfs compile warning (bsc#1192606, jsc#SLE-20042).
- smb3: remove two unused variables (bsc#1192606).
- smb3: remove unused flag passed into close functions (bsc#1164565).
- smb3: rename nonces used for GCM and CCM encryption (bsc#1192606).
- smb3: Resolve data corruption of TCP server info fields (bsc#1192606).
- smb3: set COMPOUND_FID to FileID field of subsequent compound request
(bsc#1192606).
- smb3: set gcm256 when requested (bsc#1192606).
- smb3: smbdirect support can be configured by default (bsc#1192606).
- smb3: update comments clarifying SPNEGO info in negprot response
(bsc#1192606).
- smb3: update protocol header definitions based to include new flags
(bsc#1192606).
- smb3: update structures for new compression protocol definitions
(bsc#1192606).
- smb3: use SMB2_SIGNATURE_SIZE define (bsc#1192606).
- smb3: warn on confusing error scenario with sec=krb5 (bsc#1176548).
- smb3: when mounting with multichannel include it in requested
capabilities (bsc#1192606).
- smbdirect: missing rc checks while waiting for rdma events (bsc#1192606).
- soc/tegra: Fix an error handling path in tegra_powergate_power_up()
(git-fixes).
- soc/tegra: pmc: Fix imbalanced clock disabling in error code path
(git-fixes).
- spi: bcm-qspi: Fix missing clk_disable_unprepare() on error in
bcm_qspi_probe() (git-fixes).
- spi: spl022: fix Microwire full duplex mode (git-fixes).
- SUNRPC: improve 'swap' handling: scheduling and PF_MEMALLOC
(bsc#1191876).
- SUNRPC: remove scheduling boost for "SWAPPER" tasks (bsc#1191876).
- SUNRPC/auth: async tasks mustn't block waiting for memory (bsc#1191876).
- SUNRPC/call_alloc: async tasks mustn't block waiting for memory
(bsc#1191876).
- SUNRPC/xprt: async tasks mustn't block waiting for memory (bsc#1191876).
- supported.conf: add pwm-rockchip References: jsc#SLE-22615
- swiotlb: avoid double free (git-fixes).
- swiotlb: Fix the type of index (git-fixes).
- TCON Reconnect during STATUS_NETWORK_NAME_DELETED (bsc#1192606).
- tlb: mmu_gather: add tlb_flush_*_range APIs
- tracing: Add length protection to histogram string copies (git-fixes).
- tracing: Change STR_VAR_MAX_LEN (git-fixes).
- tracing: Check pid filtering when creating events (git-fixes).
- tracing: Fix pid filtering when triggers are attached (git-fixes).
- tracing: use %ps format string to print symbols (git-fixes).
- tracing/histogram: Do not copy the fixed-size char array field over the
field size (git-fixes).
- tty: hvc: replace BUG_ON() with negative return value (git-fixes).
- tty: serial: msm_serial: Deactivate RX DMA for polling support
(git-fixes).
- tty: tty_buffer: Fix the softlockup issue in flush_to_ldisc (git-fixes).
- usb-storage: Add compatibility quirk flags for iODD 2531/2541
(git-fixes).
- usb: chipidea: ci_hdrc_imx: fix potential error pointer dereference in
probe (git-fixes).
- usb: dwc2: gadget: Fix ISOC flow for elapsed frames (git-fixes).
- usb: dwc2: hcd_queue: Fix use of floating point literal (git-fixes).
- usb: host: ohci-tmio: check return value after calling
platform_get_resource() (git-fixes).
- usb: musb: tusb6010: check return value after calling
platform_get_resource() (git-fixes).
- usb: serial: option: add Fibocom FM101-GL variants (git-fixes).
- usb: serial: option: add Telit LE910S1 0x9200 composition (git-fixes).
- usb: typec: fusb302: Fix masking of comparator and bc_lvl interrupts
(git-fixes).
- usb: typec: tcpm: Wait in SNK_DEBOUNCED until disconnect (git-fixes).
- usb: typec: tcpm: Wait in SNK_DEBOUNCED until disconnect (git-fixes).
- usb: xhci: Enable runtime-pm by default on AMD Yellow Carp platform
(git-fixes).
- vfs: do not parse forbidden flags (bsc#1192606).
- x86/amd_nb: Add AMD family 19h model 50h PCI ids (jsc#SLE-17823
jsc#SLE-23139 jsc#ECO-3666).
- x86/cpu: Fix migration safety with X86_BUG_NULL_SEL (bsc#1152489).
- x86/efi: Restore Firmware IDT before calling ExitBootServices()
(git-fixes).
- x86/entry: Add a fence for kernel entry SWAPGS in paranoid_entry()
(bsc#1178134).
- x86/mpx: Disable MPX for 32-bit userland (bsc#1193139).
- x86/pkey: Fix undefined behaviour with PKRU_WD_BIT (bsc#1152489).
- x86/pvh: add prototype for xen_pvh_init() (git-fixes).
- x86/sev: Allow #VC exceptions on the VC2 stack (git-fixes).
- x86/sev: Fix SEV-ES INS/OUTS instructions for word, dword, and qword
(bsc#1178134).
- x86/sev: Fix stack type check in vc_switch_off_ist() (git-fixes).
- x86/xen: Add xenpv_restore_regs_and_return_to_usermode() (bsc#1152489).
- x86/Xen: swap NX determination and GDT setup on BSP (git-fixes).
- xen: sync include/xen/interface/io/ring.h with Xen's newest version
(git-fixes).
- xen/blkfront: do not take local copy of a request from the ring page
(git-fixes).
- xen/blkfront: do not trust the backend response data blindly (git-fixes).
- xen/blkfront: read response from backend only once (git-fixes).
- xen/netfront: disentangle tx_skb_freelist (git-fixes).
- xen/netfront: do not read data from request on the ring page (git-fixes).
- xen/netfront: do not trust the backend response data blindly (git-fixes).
- xen/netfront: read response from backend only once (git-fixes).
- xen/privcmd: fix error handling in mmap-resource processing (git-fixes).
- xen/pvh: add missing prototype to header (git-fixes).
- xen/x86: fix PV trap handling on secondary processors (git-fixes).
- xhci: Fix commad ring abort, write all 64 bits to CRCR register
(bsc#1192569).
- xhci: Fix commad ring abort, write all 64 bits to CRCR register
(bsc#1192569).
- xhci: Fix commad ring abort, write all 64 bits to CRCR register
(git-fixes).
- xhci: Fix USB 3.1 enumeration issues by increasing roothub power-on-good
delay (git-fixes).
- zram: fix return value on writeback_store (git-fixes).
- zram: off by one in read_block_state() (git-fixes).
Special Instructions and Notes:
Please reboot the system after installing this update.
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-2022-131=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-131=1
Package List:
- openSUSE Leap 15.4 (x86_64):
keycloak-18.0.0-lp154.2.3.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
cluster-md-kmp-default-5.3.18-59.40.1
cluster-md-kmp-default-debuginfo-5.3.18-59.40.1
dlm-kmp-default-5.3.18-59.40.1
dlm-kmp-default-debuginfo-5.3.18-59.40.1
gfs2-kmp-default-5.3.18-59.40.1
gfs2-kmp-default-debuginfo-5.3.18-59.40.1
kernel-default-5.3.18-59.40.1
kernel-default-base-5.3.18-59.40.1.18.25.1
kernel-default-base-rebuild-5.3.18-59.40.1.18.25.1
kernel-default-debuginfo-5.3.18-59.40.1
kernel-default-debugsource-5.3.18-59.40.1
kernel-default-devel-5.3.18-59.40.1
kernel-default-devel-debuginfo-5.3.18-59.40.1
kernel-default-extra-5.3.18-59.40.1
kernel-default-extra-debuginfo-5.3.18-59.40.1
kernel-default-livepatch-5.3.18-59.40.1
kernel-default-livepatch-devel-5.3.18-59.40.1
kernel-default-optional-5.3.18-59.40.1
kernel-default-optional-debuginfo-5.3.18-59.40.1
kernel-obs-build-5.3.18-59.40.1
kernel-obs-build-debugsource-5.3.18-59.40.1
kernel-obs-qa-5.3.18-59.40.1
kernel-syms-5.3.18-59.40.1
kselftests-kmp-default-5.3.18-59.40.1
kselftests-kmp-default-debuginfo-5.3.18-59.40.1
ocfs2-kmp-default-5.3.18-59.40.1
ocfs2-kmp-default-debuginfo-5.3.18-59.40.1
reiserfs-kmp-default-5.3.18-59.40.1
reiserfs-kmp-default-debuginfo-5.3.18-59.40.1
- openSUSE Leap 15.3 (aarch64 x86_64):
cluster-md-kmp-preempt-5.3.18-59.40.1
cluster-md-kmp-preempt-debuginfo-5.3.18-59.40.1
dlm-kmp-preempt-5.3.18-59.40.1
dlm-kmp-preempt-debuginfo-5.3.18-59.40.1
gfs2-kmp-preempt-5.3.18-59.40.1
gfs2-kmp-preempt-debuginfo-5.3.18-59.40.1
kernel-preempt-5.3.18-59.40.1
kernel-preempt-debuginfo-5.3.18-59.40.1
kernel-preempt-debugsource-5.3.18-59.40.1
kernel-preempt-devel-5.3.18-59.40.1
kernel-preempt-devel-debuginfo-5.3.18-59.40.1
kernel-preempt-extra-5.3.18-59.40.1
kernel-preempt-extra-debuginfo-5.3.18-59.40.1
kernel-preempt-livepatch-devel-5.3.18-59.40.1
kernel-preempt-optional-5.3.18-59.40.1
kernel-preempt-optional-debuginfo-5.3.18-59.40.1
kselftests-kmp-preempt-5.3.18-59.40.1
kselftests-kmp-preempt-debuginfo-5.3.18-59.40.1
ocfs2-kmp-preempt-5.3.18-59.40.1
ocfs2-kmp-preempt-debuginfo-5.3.18-59.40.1
reiserfs-kmp-preempt-5.3.18-59.40.1
reiserfs-kmp-preempt-debuginfo-5.3.18-59.40.1
- openSUSE Leap 15.3 (ppc64le x86_64):
kernel-debug-5.3.18-59.40.1
kernel-debug-debuginfo-5.3.18-59.40.1
kernel-debug-debugsource-5.3.18-59.40.1
kernel-debug-devel-5.3.18-59.40.1
kernel-debug-devel-debuginfo-5.3.18-59.40.1
kernel-debug-livepatch-devel-5.3.18-59.40.1
kernel-kvmsmall-5.3.18-59.40.1
kernel-kvmsmall-debuginfo-5.3.18-59.40.1
kernel-kvmsmall-debugsource-5.3.18-59.40.1
kernel-kvmsmall-devel-5.3.18-59.40.1
kernel-kvmsmall-devel-debuginfo-5.3.18-59.40.1
kernel-kvmsmall-livepatch-devel-5.3.18-59.40.1
- openSUSE Leap 15.3 (aarch64):
cluster-md-kmp-64kb-5.3.18-59.40.1
cluster-md-kmp-64kb-debuginfo-5.3.18-59.40.1
dlm-kmp-64kb-5.3.18-59.40.1
dlm-kmp-64kb-debuginfo-5.3.18-59.40.1
dtb-al-5.3.18-59.40.1
dtb-allwinner-5.3.18-59.40.1
dtb-altera-5.3.18-59.40.1
dtb-amd-5.3.18-59.40.1
dtb-amlogic-5.3.18-59.40.1
dtb-apm-5.3.18-59.40.1
dtb-arm-5.3.18-59.40.1
dtb-broadcom-5.3.18-59.40.1
dtb-cavium-5.3.18-59.40.1
dtb-exynos-5.3.18-59.40.1
dtb-freescale-5.3.18-59.40.1
dtb-hisilicon-5.3.18-59.40.1
dtb-lg-5.3.18-59.40.1
dtb-marvell-5.3.18-59.40.1
dtb-mediatek-5.3.18-59.40.1
dtb-nvidia-5.3.18-59.40.1
dtb-qcom-5.3.18-59.40.1
dtb-renesas-5.3.18-59.40.1
dtb-rockchip-5.3.18-59.40.1
dtb-socionext-5.3.18-59.40.1
dtb-sprd-5.3.18-59.40.1
dtb-xilinx-5.3.18-59.40.1
dtb-zte-5.3.18-59.40.1
gfs2-kmp-64kb-5.3.18-59.40.1
gfs2-kmp-64kb-debuginfo-5.3.18-59.40.1
kernel-64kb-5.3.18-59.40.1
kernel-64kb-debuginfo-5.3.18-59.40.1
kernel-64kb-debugsource-5.3.18-59.40.1
kernel-64kb-devel-5.3.18-59.40.1
kernel-64kb-devel-debuginfo-5.3.18-59.40.1
kernel-64kb-extra-5.3.18-59.40.1
kernel-64kb-extra-debuginfo-5.3.18-59.40.1
kernel-64kb-livepatch-devel-5.3.18-59.40.1
kernel-64kb-optional-5.3.18-59.40.1
kernel-64kb-optional-debuginfo-5.3.18-59.40.1
kselftests-kmp-64kb-5.3.18-59.40.1
kselftests-kmp-64kb-debuginfo-5.3.18-59.40.1
ocfs2-kmp-64kb-5.3.18-59.40.1
ocfs2-kmp-64kb-debuginfo-5.3.18-59.40.1
reiserfs-kmp-64kb-5.3.18-59.40.1
reiserfs-kmp-64kb-debuginfo-5.3.18-59.40.1
- openSUSE Leap 15.3 (noarch):
kernel-devel-5.3.18-59.40.1
kernel-docs-5.3.18-59.40.1
kernel-docs-html-5.3.18-59.40.1
kernel-macros-5.3.18-59.40.1
kernel-source-5.3.18-59.40.1
kernel-source-vanilla-5.3.18-59.40.1
- openSUSE Leap 15.3 (s390x):
kernel-zfcpdump-5.3.18-59.40.1
kernel-zfcpdump-debuginfo-5.3.18-59.40.1
kernel-zfcpdump-debugsource-5.3.18-59.40.1
References:
https://www.suse.com/security/cve/CVE-2020-24504.html
https://www.suse.com/security/cve/CVE-2020-27820.html
https://www.suse.com/security/cve/CVE-2021-2032.html
https://www.suse.com/security/cve/CVE-2021-28711.html
https://www.suse.com/security/cve/CVE-2021-28712.html
https://www.suse.com/security/cve/CVE-2021-28713.html
https://www.suse.com/security/cve/CVE-2021-28714.html
https://www.suse.com/security/cve/CVE-2021-28715.html
https://www.suse.com/security/cve/CVE-2021-4001.html
https://www.suse.com/security/cve/CVE-2021-4002.html
https://www.suse.com/security/cve/CVE-2021-43975.html
https://www.suse.com/security/cve/CVE-2021-43976.html
https://www.suse.com/security/cve/CVE-2021-45485.html
https://www.suse.com/security/cve/CVE-2021-45486.html
https://bugzilla.suse.com/1139944
https://bugzilla.suse.com/1151927
https://bugzilla.suse.com/1152489
https://bugzilla.suse.com/1153275
https://bugzilla.suse.com/1154353
https://bugzilla.suse.com/1154355
https://bugzilla.suse.com/1161907
https://bugzilla.suse.com/1164565
https://bugzilla.suse.com/1166780
https://bugzilla.suse.com/1169514
https://bugzilla.suse.com/1176242
https://bugzilla.suse.com/1176447
https://bugzilla.suse.com/1176536
https://bugzilla.suse.com/1176544
https://bugzilla.suse.com/1176545
https://bugzilla.suse.com/1176546
https://bugzilla.suse.com/1176548
https://bugzilla.suse.com/1176558
https://bugzilla.suse.com/1176559
https://bugzilla.suse.com/1176774
https://bugzilla.suse.com/1176940
https://bugzilla.suse.com/1176956
https://bugzilla.suse.com/1177440
https://bugzilla.suse.com/1178134
https://bugzilla.suse.com/1178270
https://bugzilla.suse.com/1179211
https://bugzilla.suse.com/1179424
https://bugzilla.suse.com/1179426
https://bugzilla.suse.com/1179427
https://bugzilla.suse.com/1179599
https://bugzilla.suse.com/1181148
https://bugzilla.suse.com/1181507
https://bugzilla.suse.com/1181710
https://bugzilla.suse.com/1182404
https://bugzilla.suse.com/1183534
https://bugzilla.suse.com/1183540
https://bugzilla.suse.com/1183897
https://bugzilla.suse.com/1184318
https://bugzilla.suse.com/1185726
https://bugzilla.suse.com/1185902
https://bugzilla.suse.com/1186332
https://bugzilla.suse.com/1187541
https://bugzilla.suse.com/1189126
https://bugzilla.suse.com/1189158
https://bugzilla.suse.com/1191793
https://bugzilla.suse.com/1191876
https://bugzilla.suse.com/1192267
https://bugzilla.suse.com/1192320
https://bugzilla.suse.com/1192507
https://bugzilla.suse.com/1192511
https://bugzilla.suse.com/1192569
https://bugzilla.suse.com/1192606
https://bugzilla.suse.com/1192691
https://bugzilla.suse.com/1192845
https://bugzilla.suse.com/1192847
https://bugzilla.suse.com/1192874
https://bugzilla.suse.com/1192946
https://bugzilla.suse.com/1192969
https://bugzilla.suse.com/1192987
https://bugzilla.suse.com/1192990
https://bugzilla.suse.com/1192998
https://bugzilla.suse.com/1193002
https://bugzilla.suse.com/1193042
https://bugzilla.suse.com/1193139
https://bugzilla.suse.com/1193169
https://bugzilla.suse.com/1193306
https://bugzilla.suse.com/1193318
https://bugzilla.suse.com/1193349
https://bugzilla.suse.com/1193440
https://bugzilla.suse.com/1193442
https://bugzilla.suse.com/1193655
https://bugzilla.suse.com/1193993
https://bugzilla.suse.com/1194087
https://bugzilla.suse.com/1194094
https://bugzilla.suse.com/1195323
1
0
SUSE-SU-2022:1565-1: moderate: Security update for giflib
by opensuse-security@opensuse.org 06 May '22
by opensuse-security@opensuse.org 06 May '22
06 May '22
SUSE Security Update: Security update for giflib
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1565-1
Rating: moderate
References: #1094832 #1146299 #1184123 #974847
Cross-References: CVE-2016-3977 CVE-2018-11490 CVE-2019-15133
CVSS scores:
CVE-2016-3977 (NVD) : 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2018-11490 (NVD) : 8.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2018-11490 (SUSE): 4 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2019-15133 (SUSE): 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Affected Products:
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Realtime Extension 15-SP2
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that solves three vulnerabilities and has one
errata is now available.
Description:
This update for giflib fixes the following issues:
- CVE-2019-15133: Fixed a divide-by-zero exception in the decoder function
DGifSlurp in dgif_lib.c if the height field of the ImageSize data
structure is equal to zero (bsc#1146299).
- CVE-2018-11490: Fixed a heap-based buffer overflow in DGifDecompressLine
function in dgif_lib.c (bsc#1094832).
- CVE-2016-3977: Fixed a heap buffer overflow in gif2rgb (bsc#974847).
Update to version 5.2.1
* In gifbuild.c, avoid a core dump on no color map.
* Restore inadvertently removed library version numbers in Makefile.
Changes in version 5.2.0
* The undocumented and deprecated GifQuantizeBuffer() entry point has
been moved to the util library to reduce libgif size and attack
surface. Applications needing this function are couraged to link the
util library or make their own copy.
* The following obsolete utility programs are no longer installed:
gifecho, giffilter, gifinto, gifsponge. These were either installed in
error or have been obsolesced by modern image-transformmation tools
like ImageMagick convert. They may be removed entirely in a future
release.
* Address SourceForge issue #136: Stack-buffer-overflow in gifcolor.c:84
* Address SF bug #134: Giflib fails to slurp significant number of gifs
* Apply SPDX convention for license tagging.
Changes in version 5.1.9
* The documentation directory now includes an HTMlified version of the
GIF89 standard, and a more detailed description of how LZW compression
is applied to GIFs.
* Address SF bug #129: The latest version of giflib cannot be build on
windows.
* Address SF bug #126: Cannot compile giflib using c89
Changes in version 5.1.8
* Address SF bug #119: MemorySanitizer: FPE on unknown address
(CVE-2019-15133 bsc#1146299)
* Address SF bug #125: 5.1.7: xmlto is still required for tarball
* Address SF bug #124: 5.1.7: ar invocation is not crosscompile
compatible
* Address SF bug #122: 5.1.7 installs manpages to wrong directory
* Address SF bug #121: make: getversion: Command not found
* Address SF bug #120: 5.1.7 does not build a proper library - no
Changes in version 5.1.7
* Correct a minor packaging error (superfluous symlinks) in the 5.1.6
tarballs.
Changes in version 5.1.6
* Fix library installation in the Makefile.
Changes in version 5.1.5
* Fix SF bug #114: Null dereferences in main() of gifclrmp
* Fix SF bug #113: Heap Buffer Overflow-2 in function
DGifDecompressLine() in cgif.c. This had been assigned
(CVE-2018-11490 bsc#1094832).
* Fix SF bug #111: segmentation fault in PrintCodeBlock
* Fix SF bug #109: Segmentation fault of giftool reading a crafted file
* Fix SF bug #107: Floating point exception in giftext utility
* Fix SF bug #105: heap buffer overflow in DumpScreen2RGB in
gif2rgb.c:317
* Fix SF bug #104: Ineffective bounds check in DGifSlurp
* Fix SF bug #103: GIFLIB 5.1.4: DGifSlurp fails on empty comment
* Fix SF bug #87: Heap buffer overflow in 5.1.2 (gif2rgb).
(CVE-2016-3977 bsc#974847)
* The horrible old autoconf build system has been removed with extreme
prejudice. You now build this simply by running "make" from the
top-level directory.
The following non-security bugs were fixed:
- build path independent objects and inherit CFLAGS from the build system
(bsc#1184123)
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1565=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1565=1
- SUSE Linux Enterprise Realtime Extension 15-SP2:
zypper in -t patch SUSE-SLE-Product-RT-15-SP2-2022-1565=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-1565=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-1565=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
giflib-debugsource-5.2.1-150000.4.8.1
giflib-devel-5.2.1-150000.4.8.1
giflib-progs-5.2.1-150000.4.8.1
giflib-progs-debuginfo-5.2.1-150000.4.8.1
libgif7-5.2.1-150000.4.8.1
libgif7-debuginfo-5.2.1-150000.4.8.1
- openSUSE Leap 15.4 (x86_64):
giflib-devel-32bit-5.2.1-150000.4.8.1
libgif7-32bit-5.2.1-150000.4.8.1
libgif7-32bit-debuginfo-5.2.1-150000.4.8.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
giflib-debugsource-5.2.1-150000.4.8.1
giflib-devel-5.2.1-150000.4.8.1
giflib-progs-5.2.1-150000.4.8.1
giflib-progs-debuginfo-5.2.1-150000.4.8.1
libgif7-5.2.1-150000.4.8.1
libgif7-debuginfo-5.2.1-150000.4.8.1
- openSUSE Leap 15.3 (x86_64):
giflib-devel-32bit-5.2.1-150000.4.8.1
libgif7-32bit-5.2.1-150000.4.8.1
libgif7-32bit-debuginfo-5.2.1-150000.4.8.1
- SUSE Linux Enterprise Realtime Extension 15-SP2 (x86_64):
giflib-debugsource-5.2.1-150000.4.8.1
giflib-devel-5.2.1-150000.4.8.1
libgif7-5.2.1-150000.4.8.1
libgif7-debuginfo-5.2.1-150000.4.8.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64 ppc64le s390x x86_64):
giflib-debugsource-5.2.1-150000.4.8.1
giflib-devel-5.2.1-150000.4.8.1
libgif7-5.2.1-150000.4.8.1
libgif7-debuginfo-5.2.1-150000.4.8.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64):
giflib-debugsource-5.2.1-150000.4.8.1
giflib-devel-5.2.1-150000.4.8.1
libgif7-5.2.1-150000.4.8.1
libgif7-debuginfo-5.2.1-150000.4.8.1
References:
https://www.suse.com/security/cve/CVE-2016-3977.html
https://www.suse.com/security/cve/CVE-2018-11490.html
https://www.suse.com/security/cve/CVE-2019-15133.html
https://bugzilla.suse.com/1094832
https://bugzilla.suse.com/1146299
https://bugzilla.suse.com/1184123
https://bugzilla.suse.com/974847
1
0
openSUSE-SU-2022:0125-1: important: Security update for chromium
by opensuse-security@opensuse.org 06 May '22
by opensuse-security@opensuse.org 06 May '22
06 May '22
openSUSE Security Update: Security update for chromium
______________________________________________________________________________
Announcement ID: openSUSE-SU-2022:0125-1
Rating: important
References: #1198917 #1199118
Cross-References: CVE-2022-1477 CVE-2022-1478 CVE-2022-1479
CVE-2022-1480 CVE-2022-1481 CVE-2022-1482
CVE-2022-1483 CVE-2022-1484 CVE-2022-1485
CVE-2022-1486 CVE-2022-1487 CVE-2022-1488
CVE-2022-1489 CVE-2022-1490 CVE-2022-1491
CVE-2022-1492 CVE-2022-1493 CVE-2022-1494
CVE-2022-1495 CVE-2022-1496 CVE-2022-1497
CVE-2022-1498 CVE-2022-1499 CVE-2022-1500
CVE-2022-1501
Affected Products:
openSUSE Backports SLE-15-SP3
______________________________________________________________________________
An update that fixes 25 vulnerabilities is now available.
Description:
This update for chromium fixes the following issues:
Chromium 101.0.4951.54 (boo#1199118)
Chromium 101.0.4951.41 (boo#1198917):
* CVE-2022-1477: Use after free in Vulkan
* CVE-2022-1478: Use after free in SwiftShader
* CVE-2022-1479: Use after free in ANGLE
* CVE-2022-1480: Use after free in Device API
* CVE-2022-1481: Use after free in Sharing
* CVE-2022-1482: Inappropriate implementation in WebGL
* CVE-2022-1483: Heap buffer overflow in WebGPU
* CVE-2022-1484: Heap buffer overflow in Web UI Settings
* CVE-2022-1485: Use after free in File System API
* CVE-2022-1486: Type Confusion in V8
* CVE-2022-1487: Use after free in Ozone
* CVE-2022-1488: Inappropriate implementation in Extensions API
* CVE-2022-1489: Out of bounds memory access in UI Shelf
* CVE-2022-1490: Use after free in Browser Switcher
* CVE-2022-1491: Use after free in Bookmarks
* CVE-2022-1492: Insufficient data validation in Blink Editing
* CVE-2022-1493: Use after free in Dev Tools
* CVE-2022-1494: Insufficient data validation in Trusted Types
* CVE-2022-1495: Incorrect security UI in Downloads
* CVE-2022-1496: Use after free in File Manager
* CVE-2022-1497: Inappropriate implementation in Input
* CVE-2022-1498: Inappropriate implementation in HTML Parser
* CVE-2022-1499: Inappropriate implementation in WebAuthentication
* CVE-2022-1500: Insufficient data validation in Dev Tools
* CVE-2022-1501: Inappropriate implementation in iframe
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Backports SLE-15-SP3:
zypper in -t patch openSUSE-2022-125=1
Package List:
- openSUSE Backports SLE-15-SP3 (aarch64 x86_64):
chromedriver-101.0.4951.54-bp153.2.88.1
chromium-101.0.4951.54-bp153.2.88.1
References:
https://www.suse.com/security/cve/CVE-2022-1477.html
https://www.suse.com/security/cve/CVE-2022-1478.html
https://www.suse.com/security/cve/CVE-2022-1479.html
https://www.suse.com/security/cve/CVE-2022-1480.html
https://www.suse.com/security/cve/CVE-2022-1481.html
https://www.suse.com/security/cve/CVE-2022-1482.html
https://www.suse.com/security/cve/CVE-2022-1483.html
https://www.suse.com/security/cve/CVE-2022-1484.html
https://www.suse.com/security/cve/CVE-2022-1485.html
https://www.suse.com/security/cve/CVE-2022-1486.html
https://www.suse.com/security/cve/CVE-2022-1487.html
https://www.suse.com/security/cve/CVE-2022-1488.html
https://www.suse.com/security/cve/CVE-2022-1489.html
https://www.suse.com/security/cve/CVE-2022-1490.html
https://www.suse.com/security/cve/CVE-2022-1491.html
https://www.suse.com/security/cve/CVE-2022-1492.html
https://www.suse.com/security/cve/CVE-2022-1493.html
https://www.suse.com/security/cve/CVE-2022-1494.html
https://www.suse.com/security/cve/CVE-2022-1495.html
https://www.suse.com/security/cve/CVE-2022-1496.html
https://www.suse.com/security/cve/CVE-2022-1497.html
https://www.suse.com/security/cve/CVE-2022-1498.html
https://www.suse.com/security/cve/CVE-2022-1499.html
https://www.suse.com/security/cve/CVE-2022-1500.html
https://www.suse.com/security/cve/CVE-2022-1501.html
https://bugzilla.suse.com/1198917
https://bugzilla.suse.com/1199118
1
0
05 May '22
SUSE Security Update: Security update for tar
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1548-1
Rating: moderate
References: #1029961 #1120610 #1130496 #1181131
Cross-References: CVE-2018-20482 CVE-2019-9923 CVE-2021-20193
CVSS scores:
CVE-2018-20482 (NVD) : 4.7 CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2018-20482 (SUSE): 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2019-9923 (NVD) : 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2019-9923 (SUSE): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
CVE-2021-20193 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2021-20193 (SUSE): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
Affected Products:
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Micro 5.0
SUSE Linux Enterprise Micro 5.1
SUSE Linux Enterprise Micro 5.2
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Realtime Extension 15-SP2
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Manager Proxy 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.3
______________________________________________________________________________
An update that solves three vulnerabilities and has one
errata is now available.
Description:
This update for tar fixes the following issues:
- CVE-2021-20193: Fixed a memory leak in read_header() in list.c
(bsc#1181131).
- CVE-2019-9923: Fixed a null-pointer dereference in pax_decode_header in
sparse.c (bsc#1130496).
- CVE-2018-20482: Fixed infinite read loop in sparse_dump_region in
sparse.c (bsc#1120610).
- Update to GNU tar 1.34:
* Fix extraction over pipe
* Fix memory leak in read_header (CVE-2021-20193) (bsc#1181131)
* Fix extraction when . and .. are unreadable
* Gracefully handle duplicate symlinks when extracting
* Re-initialize supplementary groups when switching to user privileges
- Update to GNU tar 1.33:
* POSIX extended format headers do not include PID by default
* --delay-directory-restore works for archives with reversed member
ordering
* Fix extraction of a symbolic link hardlinked to another symbolic link
* Wildcards in exclude-vcs-ignore mode don't match slash
* Fix the --no-overwrite-dir option
* Fix handling of chained renames in incremental backups
* Link counting works for file names supplied with -T
* Accept only position-sensitive (file-selection) options in file list
files
- prepare usrmerge (bsc#1029961)
- Update to GNU 1.32
* Fix the use of --checkpoint without explicit --checkpoint-action
* Fix extraction with the -U option
* Fix iconv usage on BSD-based systems
* Fix possible NULL dereference (savannah bug #55369) [bsc#1130496]
[CVE-2019-9923]
* Improve the testsuite
- Update to GNU 1.31
* Fix heap-buffer-overrun with --one-top-level, bug introduced with the
addition of that option in 1.28
* Support for zstd compression
* New option '--zstd' instructs tar to use zstd as compression program.
When listing, extractng and comparing, zstd compressed archives are
recognized automatically. When '-a' option is in effect, zstd
compression is selected if the destination archive name ends in '.zst'
or '.tzst'.
* The -K option interacts properly with member names given in the
command line. Names of members to extract can be specified along with
the "-K NAME" option. In this case, tar will extract NAME and those of
named members that appear in the archive after it, which is consistent
with the semantics of the option. Previous versions of tar extracted
NAME, those of named members that appeared before it, and everything
after it.
* Fix CVE-2018-20482 - When creating archives with the --sparse
option, previous versions of tar would loop endlessly if a sparse file
had been truncated while being archived.
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1548=1
- SUSE Linux Enterprise Realtime Extension 15-SP2:
zypper in -t patch SUSE-SLE-Product-RT-15-SP2-2022-1548=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-1548=1
- SUSE Linux Enterprise Micro 5.2:
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2022-1548=1
- SUSE Linux Enterprise Micro 5.1:
zypper in -t patch SUSE-SUSE-MicroOS-5.1-2022-1548=1
- SUSE Linux Enterprise Micro 5.0:
zypper in -t patch SUSE-SUSE-MicroOS-5.0-2022-1548=1
Package List:
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
tar-1.34-150000.3.12.1
tar-debuginfo-1.34-150000.3.12.1
tar-debugsource-1.34-150000.3.12.1
tar-rmt-1.34-150000.3.12.1
tar-rmt-debuginfo-1.34-150000.3.12.1
tar-tests-1.34-150000.3.12.1
tar-tests-debuginfo-1.34-150000.3.12.1
- openSUSE Leap 15.3 (noarch):
tar-backup-scripts-1.34-150000.3.12.1
tar-doc-1.34-150000.3.12.1
tar-lang-1.34-150000.3.12.1
- SUSE Linux Enterprise Realtime Extension 15-SP2 (x86_64):
tar-1.34-150000.3.12.1
tar-debuginfo-1.34-150000.3.12.1
tar-debugsource-1.34-150000.3.12.1
tar-rmt-1.34-150000.3.12.1
tar-rmt-debuginfo-1.34-150000.3.12.1
- SUSE Linux Enterprise Realtime Extension 15-SP2 (noarch):
tar-lang-1.34-150000.3.12.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64):
tar-1.34-150000.3.12.1
tar-debuginfo-1.34-150000.3.12.1
tar-debugsource-1.34-150000.3.12.1
tar-rmt-1.34-150000.3.12.1
tar-rmt-debuginfo-1.34-150000.3.12.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (noarch):
tar-lang-1.34-150000.3.12.1
- SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64):
tar-1.34-150000.3.12.1
tar-debuginfo-1.34-150000.3.12.1
tar-debugsource-1.34-150000.3.12.1
- SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64):
tar-1.34-150000.3.12.1
tar-debuginfo-1.34-150000.3.12.1
tar-debugsource-1.34-150000.3.12.1
- SUSE Linux Enterprise Micro 5.0 (aarch64 x86_64):
tar-1.34-150000.3.12.1
tar-debuginfo-1.34-150000.3.12.1
tar-debugsource-1.34-150000.3.12.1
References:
https://www.suse.com/security/cve/CVE-2018-20482.html
https://www.suse.com/security/cve/CVE-2019-9923.html
https://www.suse.com/security/cve/CVE-2021-20193.html
https://bugzilla.suse.com/1029961
https://bugzilla.suse.com/1120610
https://bugzilla.suse.com/1130496
https://bugzilla.suse.com/1181131
1
0
SUSE-SU-2022:1549-1: moderate: Security update for libvirt
by opensuse-security@opensuse.org 05 May '22
by opensuse-security@opensuse.org 05 May '22
05 May '22
SUSE Security Update: Security update for libvirt
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1549-1
Rating: moderate
References: #1193364 #1196625 #1197636
Cross-References: CVE-2022-0897
CVSS scores:
CVE-2022-0897 (NVD) : 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
CVE-2022-0897 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Affected Products:
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Micro 5.1
SUSE Linux Enterprise Micro 5.2
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Server Applications 15-SP3
SUSE Linux Enterprise Module for Server Applications 15-SP4
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that solves one vulnerability and has two fixes
is now available.
Description:
This update for libvirt fixes the following issues:
- CVE-2022-0897: Fixed a crash in nwfilter when counting number of network
filters (bsc#1197636).
The following non-security bugs were fixed:
- qemu: Improve save operation by increasing pipe size
c61d1e9b-virfile-set-pipe-size.patch, 47d6d185-virfile-fix-indent.patch,
cd7acb33-virfile-report-error.patch bsc#1196625
- qemu: Directly query KVM for TSC scaling support
5df2c492-use-kvm-for-tsc-scaling.patch bsc#1193364
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1549=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1549=1
- SUSE Linux Enterprise Module for Server Applications 15-SP4:
zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP4-2022-1549=1
- SUSE Linux Enterprise Module for Server Applications 15-SP3:
zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP3-2022-1549=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-1549=1
- SUSE Linux Enterprise Micro 5.2:
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2022-1549=1
- SUSE Linux Enterprise Micro 5.1:
zypper in -t patch SUSE-SUSE-MicroOS-5.1-2022-1549=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
libvirt-admin-7.1.0-150300.6.29.1
libvirt-admin-debuginfo-7.1.0-150300.6.29.1
- openSUSE Leap 15.4 (noarch):
libvirt-bash-completion-7.1.0-150300.6.29.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
libvirt-7.1.0-150300.6.29.1
libvirt-admin-7.1.0-150300.6.29.1
libvirt-admin-debuginfo-7.1.0-150300.6.29.1
libvirt-client-7.1.0-150300.6.29.1
libvirt-client-debuginfo-7.1.0-150300.6.29.1
libvirt-daemon-7.1.0-150300.6.29.1
libvirt-daemon-config-network-7.1.0-150300.6.29.1
libvirt-daemon-config-nwfilter-7.1.0-150300.6.29.1
libvirt-daemon-debuginfo-7.1.0-150300.6.29.1
libvirt-daemon-driver-interface-7.1.0-150300.6.29.1
libvirt-daemon-driver-interface-debuginfo-7.1.0-150300.6.29.1
libvirt-daemon-driver-lxc-7.1.0-150300.6.29.1
libvirt-daemon-driver-lxc-debuginfo-7.1.0-150300.6.29.1
libvirt-daemon-driver-network-7.1.0-150300.6.29.1
libvirt-daemon-driver-network-debuginfo-7.1.0-150300.6.29.1
libvirt-daemon-driver-nodedev-7.1.0-150300.6.29.1
libvirt-daemon-driver-nodedev-debuginfo-7.1.0-150300.6.29.1
libvirt-daemon-driver-nwfilter-7.1.0-150300.6.29.1
libvirt-daemon-driver-nwfilter-debuginfo-7.1.0-150300.6.29.1
libvirt-daemon-driver-qemu-7.1.0-150300.6.29.1
libvirt-daemon-driver-qemu-debuginfo-7.1.0-150300.6.29.1
libvirt-daemon-driver-secret-7.1.0-150300.6.29.1
libvirt-daemon-driver-secret-debuginfo-7.1.0-150300.6.29.1
libvirt-daemon-driver-storage-7.1.0-150300.6.29.1
libvirt-daemon-driver-storage-core-7.1.0-150300.6.29.1
libvirt-daemon-driver-storage-core-debuginfo-7.1.0-150300.6.29.1
libvirt-daemon-driver-storage-disk-7.1.0-150300.6.29.1
libvirt-daemon-driver-storage-disk-debuginfo-7.1.0-150300.6.29.1
libvirt-daemon-driver-storage-gluster-7.1.0-150300.6.29.1
libvirt-daemon-driver-storage-gluster-debuginfo-7.1.0-150300.6.29.1
libvirt-daemon-driver-storage-iscsi-7.1.0-150300.6.29.1
libvirt-daemon-driver-storage-iscsi-debuginfo-7.1.0-150300.6.29.1
libvirt-daemon-driver-storage-iscsi-direct-7.1.0-150300.6.29.1
libvirt-daemon-driver-storage-iscsi-direct-debuginfo-7.1.0-150300.6.29.1
libvirt-daemon-driver-storage-logical-7.1.0-150300.6.29.1
libvirt-daemon-driver-storage-logical-debuginfo-7.1.0-150300.6.29.1
libvirt-daemon-driver-storage-mpath-7.1.0-150300.6.29.1
libvirt-daemon-driver-storage-mpath-debuginfo-7.1.0-150300.6.29.1
libvirt-daemon-driver-storage-scsi-7.1.0-150300.6.29.1
libvirt-daemon-driver-storage-scsi-debuginfo-7.1.0-150300.6.29.1
libvirt-daemon-hooks-7.1.0-150300.6.29.1
libvirt-daemon-lxc-7.1.0-150300.6.29.1
libvirt-daemon-qemu-7.1.0-150300.6.29.1
libvirt-debugsource-7.1.0-150300.6.29.1
libvirt-devel-7.1.0-150300.6.29.1
libvirt-libs-7.1.0-150300.6.29.1
libvirt-libs-debuginfo-7.1.0-150300.6.29.1
libvirt-lock-sanlock-7.1.0-150300.6.29.1
libvirt-lock-sanlock-debuginfo-7.1.0-150300.6.29.1
libvirt-nss-7.1.0-150300.6.29.1
libvirt-nss-debuginfo-7.1.0-150300.6.29.1
wireshark-plugin-libvirt-7.1.0-150300.6.29.1
wireshark-plugin-libvirt-debuginfo-7.1.0-150300.6.29.1
- openSUSE Leap 15.3 (aarch64 x86_64):
libvirt-daemon-driver-storage-rbd-7.1.0-150300.6.29.1
libvirt-daemon-driver-storage-rbd-debuginfo-7.1.0-150300.6.29.1
- openSUSE Leap 15.3 (noarch):
libvirt-bash-completion-7.1.0-150300.6.29.1
libvirt-doc-7.1.0-150300.6.29.1
- openSUSE Leap 15.3 (x86_64):
libvirt-client-32bit-debuginfo-7.1.0-150300.6.29.1
libvirt-daemon-driver-libxl-7.1.0-150300.6.29.1
libvirt-daemon-driver-libxl-debuginfo-7.1.0-150300.6.29.1
libvirt-daemon-xen-7.1.0-150300.6.29.1
libvirt-devel-32bit-7.1.0-150300.6.29.1
- SUSE Linux Enterprise Module for Server Applications 15-SP4 (noarch):
libvirt-bash-completion-7.1.0-150300.6.29.1
- SUSE Linux Enterprise Module for Server Applications 15-SP3 (aarch64 ppc64le s390x x86_64):
libvirt-7.1.0-150300.6.29.1
libvirt-admin-7.1.0-150300.6.29.1
libvirt-admin-debuginfo-7.1.0-150300.6.29.1
libvirt-client-7.1.0-150300.6.29.1
libvirt-client-debuginfo-7.1.0-150300.6.29.1
libvirt-daemon-7.1.0-150300.6.29.1
libvirt-daemon-config-network-7.1.0-150300.6.29.1
libvirt-daemon-config-nwfilter-7.1.0-150300.6.29.1
libvirt-daemon-debuginfo-7.1.0-150300.6.29.1
libvirt-daemon-driver-interface-7.1.0-150300.6.29.1
libvirt-daemon-driver-interface-debuginfo-7.1.0-150300.6.29.1
libvirt-daemon-driver-lxc-7.1.0-150300.6.29.1
libvirt-daemon-driver-lxc-debuginfo-7.1.0-150300.6.29.1
libvirt-daemon-driver-network-7.1.0-150300.6.29.1
libvirt-daemon-driver-network-debuginfo-7.1.0-150300.6.29.1
libvirt-daemon-driver-nodedev-7.1.0-150300.6.29.1
libvirt-daemon-driver-nodedev-debuginfo-7.1.0-150300.6.29.1
libvirt-daemon-driver-nwfilter-7.1.0-150300.6.29.1
libvirt-daemon-driver-nwfilter-debuginfo-7.1.0-150300.6.29.1
libvirt-daemon-driver-qemu-7.1.0-150300.6.29.1
libvirt-daemon-driver-qemu-debuginfo-7.1.0-150300.6.29.1
libvirt-daemon-driver-secret-7.1.0-150300.6.29.1
libvirt-daemon-driver-secret-debuginfo-7.1.0-150300.6.29.1
libvirt-daemon-driver-storage-7.1.0-150300.6.29.1
libvirt-daemon-driver-storage-core-7.1.0-150300.6.29.1
libvirt-daemon-driver-storage-core-debuginfo-7.1.0-150300.6.29.1
libvirt-daemon-driver-storage-disk-7.1.0-150300.6.29.1
libvirt-daemon-driver-storage-disk-debuginfo-7.1.0-150300.6.29.1
libvirt-daemon-driver-storage-iscsi-7.1.0-150300.6.29.1
libvirt-daemon-driver-storage-iscsi-debuginfo-7.1.0-150300.6.29.1
libvirt-daemon-driver-storage-iscsi-direct-7.1.0-150300.6.29.1
libvirt-daemon-driver-storage-iscsi-direct-debuginfo-7.1.0-150300.6.29.1
libvirt-daemon-driver-storage-logical-7.1.0-150300.6.29.1
libvirt-daemon-driver-storage-logical-debuginfo-7.1.0-150300.6.29.1
libvirt-daemon-driver-storage-mpath-7.1.0-150300.6.29.1
libvirt-daemon-driver-storage-mpath-debuginfo-7.1.0-150300.6.29.1
libvirt-daemon-driver-storage-scsi-7.1.0-150300.6.29.1
libvirt-daemon-driver-storage-scsi-debuginfo-7.1.0-150300.6.29.1
libvirt-daemon-hooks-7.1.0-150300.6.29.1
libvirt-daemon-lxc-7.1.0-150300.6.29.1
libvirt-daemon-qemu-7.1.0-150300.6.29.1
libvirt-debugsource-7.1.0-150300.6.29.1
libvirt-devel-7.1.0-150300.6.29.1
libvirt-lock-sanlock-7.1.0-150300.6.29.1
libvirt-lock-sanlock-debuginfo-7.1.0-150300.6.29.1
libvirt-nss-7.1.0-150300.6.29.1
libvirt-nss-debuginfo-7.1.0-150300.6.29.1
- SUSE Linux Enterprise Module for Server Applications 15-SP3 (aarch64 x86_64):
libvirt-daemon-driver-storage-rbd-7.1.0-150300.6.29.1
libvirt-daemon-driver-storage-rbd-debuginfo-7.1.0-150300.6.29.1
- SUSE Linux Enterprise Module for Server Applications 15-SP3 (noarch):
libvirt-bash-completion-7.1.0-150300.6.29.1
libvirt-doc-7.1.0-150300.6.29.1
- SUSE Linux Enterprise Module for Server Applications 15-SP3 (x86_64):
libvirt-daemon-driver-libxl-7.1.0-150300.6.29.1
libvirt-daemon-driver-libxl-debuginfo-7.1.0-150300.6.29.1
libvirt-daemon-xen-7.1.0-150300.6.29.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64):
libvirt-debugsource-7.1.0-150300.6.29.1
libvirt-libs-7.1.0-150300.6.29.1
libvirt-libs-debuginfo-7.1.0-150300.6.29.1
- SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64):
libvirt-client-7.1.0-150300.6.29.1
libvirt-client-debuginfo-7.1.0-150300.6.29.1
libvirt-daemon-7.1.0-150300.6.29.1
libvirt-daemon-debuginfo-7.1.0-150300.6.29.1
libvirt-daemon-driver-interface-7.1.0-150300.6.29.1
libvirt-daemon-driver-interface-debuginfo-7.1.0-150300.6.29.1
libvirt-daemon-driver-network-7.1.0-150300.6.29.1
libvirt-daemon-driver-network-debuginfo-7.1.0-150300.6.29.1
libvirt-daemon-driver-nodedev-7.1.0-150300.6.29.1
libvirt-daemon-driver-nodedev-debuginfo-7.1.0-150300.6.29.1
libvirt-daemon-driver-nwfilter-7.1.0-150300.6.29.1
libvirt-daemon-driver-nwfilter-debuginfo-7.1.0-150300.6.29.1
libvirt-daemon-driver-qemu-7.1.0-150300.6.29.1
libvirt-daemon-driver-qemu-debuginfo-7.1.0-150300.6.29.1
libvirt-daemon-driver-secret-7.1.0-150300.6.29.1
libvirt-daemon-driver-secret-debuginfo-7.1.0-150300.6.29.1
libvirt-daemon-driver-storage-7.1.0-150300.6.29.1
libvirt-daemon-driver-storage-core-7.1.0-150300.6.29.1
libvirt-daemon-driver-storage-core-debuginfo-7.1.0-150300.6.29.1
libvirt-daemon-driver-storage-disk-7.1.0-150300.6.29.1
libvirt-daemon-driver-storage-disk-debuginfo-7.1.0-150300.6.29.1
libvirt-daemon-driver-storage-iscsi-7.1.0-150300.6.29.1
libvirt-daemon-driver-storage-iscsi-debuginfo-7.1.0-150300.6.29.1
libvirt-daemon-driver-storage-iscsi-direct-7.1.0-150300.6.29.1
libvirt-daemon-driver-storage-iscsi-direct-debuginfo-7.1.0-150300.6.29.1
libvirt-daemon-driver-storage-logical-7.1.0-150300.6.29.1
libvirt-daemon-driver-storage-logical-debuginfo-7.1.0-150300.6.29.1
libvirt-daemon-driver-storage-mpath-7.1.0-150300.6.29.1
libvirt-daemon-driver-storage-mpath-debuginfo-7.1.0-150300.6.29.1
libvirt-daemon-driver-storage-scsi-7.1.0-150300.6.29.1
libvirt-daemon-driver-storage-scsi-debuginfo-7.1.0-150300.6.29.1
libvirt-daemon-qemu-7.1.0-150300.6.29.1
libvirt-debugsource-7.1.0-150300.6.29.1
libvirt-libs-7.1.0-150300.6.29.1
libvirt-libs-debuginfo-7.1.0-150300.6.29.1
- SUSE Linux Enterprise Micro 5.2 (aarch64 x86_64):
libvirt-daemon-driver-storage-rbd-7.1.0-150300.6.29.1
libvirt-daemon-driver-storage-rbd-debuginfo-7.1.0-150300.6.29.1
- SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64):
libvirt-daemon-7.1.0-150300.6.29.1
libvirt-daemon-debuginfo-7.1.0-150300.6.29.1
libvirt-daemon-driver-interface-7.1.0-150300.6.29.1
libvirt-daemon-driver-interface-debuginfo-7.1.0-150300.6.29.1
libvirt-daemon-driver-network-7.1.0-150300.6.29.1
libvirt-daemon-driver-network-debuginfo-7.1.0-150300.6.29.1
libvirt-daemon-driver-nodedev-7.1.0-150300.6.29.1
libvirt-daemon-driver-nodedev-debuginfo-7.1.0-150300.6.29.1
libvirt-daemon-driver-nwfilter-7.1.0-150300.6.29.1
libvirt-daemon-driver-nwfilter-debuginfo-7.1.0-150300.6.29.1
libvirt-daemon-driver-qemu-7.1.0-150300.6.29.1
libvirt-daemon-driver-qemu-debuginfo-7.1.0-150300.6.29.1
libvirt-daemon-driver-secret-7.1.0-150300.6.29.1
libvirt-daemon-driver-secret-debuginfo-7.1.0-150300.6.29.1
libvirt-daemon-driver-storage-7.1.0-150300.6.29.1
libvirt-daemon-driver-storage-core-7.1.0-150300.6.29.1
libvirt-daemon-driver-storage-core-debuginfo-7.1.0-150300.6.29.1
libvirt-daemon-driver-storage-disk-7.1.0-150300.6.29.1
libvirt-daemon-driver-storage-disk-debuginfo-7.1.0-150300.6.29.1
libvirt-daemon-driver-storage-iscsi-7.1.0-150300.6.29.1
libvirt-daemon-driver-storage-iscsi-debuginfo-7.1.0-150300.6.29.1
libvirt-daemon-driver-storage-iscsi-direct-7.1.0-150300.6.29.1
libvirt-daemon-driver-storage-iscsi-direct-debuginfo-7.1.0-150300.6.29.1
libvirt-daemon-driver-storage-logical-7.1.0-150300.6.29.1
libvirt-daemon-driver-storage-logical-debuginfo-7.1.0-150300.6.29.1
libvirt-daemon-driver-storage-mpath-7.1.0-150300.6.29.1
libvirt-daemon-driver-storage-mpath-debuginfo-7.1.0-150300.6.29.1
libvirt-daemon-driver-storage-scsi-7.1.0-150300.6.29.1
libvirt-daemon-driver-storage-scsi-debuginfo-7.1.0-150300.6.29.1
libvirt-daemon-qemu-7.1.0-150300.6.29.1
libvirt-debugsource-7.1.0-150300.6.29.1
libvirt-libs-7.1.0-150300.6.29.1
libvirt-libs-debuginfo-7.1.0-150300.6.29.1
- SUSE Linux Enterprise Micro 5.1 (aarch64 x86_64):
libvirt-daemon-driver-storage-rbd-7.1.0-150300.6.29.1
libvirt-daemon-driver-storage-rbd-debuginfo-7.1.0-150300.6.29.1
References:
https://www.suse.com/security/cve/CVE-2022-0897.html
https://bugzilla.suse.com/1193364
https://bugzilla.suse.com/1196625
https://bugzilla.suse.com/1197636
1
0
SUSE-SU-2022:1541-1: important: Security update for pgadmin4
by opensuse-security@opensuse.org 04 May '22
by opensuse-security@opensuse.org 04 May '22
04 May '22
SUSE Security Update: Security update for pgadmin4
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1541-1
Rating: important
References: #1197143
Cross-References: CVE-2022-0959
CVSS scores:
CVE-2022-0959 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
CVE-2022-0959 (SUSE): 7.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N
Affected Products:
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Server Applications 15-SP3
SUSE Linux Enterprise Module for Server Applications 15-SP4
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for pgadmin4 fixes the following issues:
- CVE-2022-0959: Fixed an unrestricted file upload (bsc#1197143).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1541=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1541=1
- SUSE Linux Enterprise Module for Server Applications 15-SP4:
zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP4-2022-1541=1
- SUSE Linux Enterprise Module for Server Applications 15-SP3:
zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP3-2022-1541=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
pgadmin4-4.30-150300.3.3.1
pgadmin4-debuginfo-4.30-150300.3.3.1
- openSUSE Leap 15.4 (noarch):
pgadmin4-doc-4.30-150300.3.3.1
pgadmin4-web-4.30-150300.3.3.1
pgadmin4-web-uwsgi-4.30-150300.3.3.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
pgadmin4-4.30-150300.3.3.1
pgadmin4-debuginfo-4.30-150300.3.3.1
- openSUSE Leap 15.3 (noarch):
pgadmin4-doc-4.30-150300.3.3.1
pgadmin4-web-4.30-150300.3.3.1
pgadmin4-web-uwsgi-4.30-150300.3.3.1
- SUSE Linux Enterprise Module for Server Applications 15-SP4 (aarch64 ppc64le s390x x86_64):
pgadmin4-4.30-150300.3.3.1
pgadmin4-debuginfo-4.30-150300.3.3.1
- SUSE Linux Enterprise Module for Server Applications 15-SP4 (noarch):
pgadmin4-doc-4.30-150300.3.3.1
pgadmin4-web-4.30-150300.3.3.1
- SUSE Linux Enterprise Module for Server Applications 15-SP3 (aarch64 ppc64le s390x x86_64):
pgadmin4-4.30-150300.3.3.1
pgadmin4-debuginfo-4.30-150300.3.3.1
- SUSE Linux Enterprise Module for Server Applications 15-SP3 (noarch):
pgadmin4-doc-4.30-150300.3.3.1
pgadmin4-web-4.30-150300.3.3.1
References:
https://www.suse.com/security/cve/CVE-2022-0959.html
https://bugzilla.suse.com/1197143
1
0
SUSE-SU-2022:1524-1: moderate: Security update for apache2-mod_auth_mellon
by opensuse-security@opensuse.org 04 May '22
by opensuse-security@opensuse.org 04 May '22
04 May '22
SUSE Security Update: Security update for apache2-mod_auth_mellon
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1524-1
Rating: moderate
References: #1188926
Cross-References: CVE-2021-3639
CVSS scores:
CVE-2021-3639 (SUSE): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Affected Products:
SUSE Enterprise Storage 7
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Server Applications 15-SP3
SUSE Linux Enterprise Module for Server Applications 15-SP4
SUSE Linux Enterprise Realtime Extension 15-SP2
SUSE Linux Enterprise Server 15-SP2-BCL
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.1
SUSE Manager Server 4.1
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for apache2-mod_auth_mellon fixes the following issues:
- CVE-2021-3639: Fixed open Redirect vulnerability in logout URLs
(bsc#1188926)
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1524=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1524=1
- SUSE Manager Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-1524=1
- SUSE Manager Retail Branch Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-1524=1
- SUSE Manager Proxy 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-1524=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-1524=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-1524=1
- SUSE Linux Enterprise Server 15-SP2-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-1524=1
- SUSE Linux Enterprise Realtime Extension 15-SP2:
zypper in -t patch SUSE-SLE-Product-RT-15-SP2-2022-1524=1
- SUSE Linux Enterprise Module for Server Applications 15-SP4:
zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP4-2022-1524=1
- SUSE Linux Enterprise Module for Server Applications 15-SP3:
zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP3-2022-1524=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-1524=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-1524=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2022-1524=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
apache2-mod_auth_mellon-0.17.0-150200.5.7.1
apache2-mod_auth_mellon-debuginfo-0.17.0-150200.5.7.1
apache2-mod_auth_mellon-debugsource-0.17.0-150200.5.7.1
apache2-mod_auth_mellon-diagnostics-0.17.0-150200.5.7.1
apache2-mod_auth_mellon-diagnostics-debuginfo-0.17.0-150200.5.7.1
apache2-mod_auth_mellon-doc-0.17.0-150200.5.7.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
apache2-mod_auth_mellon-0.17.0-150200.5.7.1
apache2-mod_auth_mellon-debuginfo-0.17.0-150200.5.7.1
apache2-mod_auth_mellon-debugsource-0.17.0-150200.5.7.1
apache2-mod_auth_mellon-diagnostics-0.17.0-150200.5.7.1
apache2-mod_auth_mellon-diagnostics-debuginfo-0.17.0-150200.5.7.1
apache2-mod_auth_mellon-doc-0.17.0-150200.5.7.1
- SUSE Manager Server 4.1 (ppc64le s390x x86_64):
apache2-mod_auth_mellon-0.17.0-150200.5.7.1
- SUSE Manager Retail Branch Server 4.1 (x86_64):
apache2-mod_auth_mellon-0.17.0-150200.5.7.1
- SUSE Manager Proxy 4.1 (x86_64):
apache2-mod_auth_mellon-0.17.0-150200.5.7.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64):
apache2-mod_auth_mellon-0.17.0-150200.5.7.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64):
apache2-mod_auth_mellon-0.17.0-150200.5.7.1
- SUSE Linux Enterprise Server 15-SP2-BCL (x86_64):
apache2-mod_auth_mellon-0.17.0-150200.5.7.1
- SUSE Linux Enterprise Realtime Extension 15-SP2 (x86_64):
apache2-mod_auth_mellon-0.17.0-150200.5.7.1
- SUSE Linux Enterprise Module for Server Applications 15-SP4 (aarch64 ppc64le s390x x86_64):
apache2-mod_auth_mellon-0.17.0-150200.5.7.1
apache2-mod_auth_mellon-debuginfo-0.17.0-150200.5.7.1
apache2-mod_auth_mellon-debugsource-0.17.0-150200.5.7.1
apache2-mod_auth_mellon-diagnostics-0.17.0-150200.5.7.1
apache2-mod_auth_mellon-diagnostics-debuginfo-0.17.0-150200.5.7.1
apache2-mod_auth_mellon-doc-0.17.0-150200.5.7.1
- SUSE Linux Enterprise Module for Server Applications 15-SP3 (aarch64 ppc64le s390x x86_64):
apache2-mod_auth_mellon-0.17.0-150200.5.7.1
apache2-mod_auth_mellon-debuginfo-0.17.0-150200.5.7.1
apache2-mod_auth_mellon-debugsource-0.17.0-150200.5.7.1
apache2-mod_auth_mellon-diagnostics-0.17.0-150200.5.7.1
apache2-mod_auth_mellon-diagnostics-debuginfo-0.17.0-150200.5.7.1
apache2-mod_auth_mellon-doc-0.17.0-150200.5.7.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64):
apache2-mod_auth_mellon-0.17.0-150200.5.7.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (aarch64 x86_64):
apache2-mod_auth_mellon-0.17.0-150200.5.7.1
- SUSE Enterprise Storage 7 (aarch64 x86_64):
apache2-mod_auth_mellon-0.17.0-150200.5.7.1
References:
https://www.suse.com/security/cve/CVE-2021-3639.html
https://bugzilla.suse.com/1188926
1
0
SUSE-SU-2022:1516-1: important: Security update for libwmf
by opensuse-security@opensuse.org 04 May '22
by opensuse-security@opensuse.org 04 May '22
04 May '22
SUSE Security Update: Security update for libwmf
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1516-1
Rating: important
References: #1006739 #1123522 #1174075
Cross-References: CVE-2016-9011 CVE-2019-6978
CVSS scores:
CVE-2016-9011 (NVD) : 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2019-6978 (NVD) : 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2019-6978 (SUSE): 4.8 CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L
Affected Products:
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Linux Enterprise Workstation Extension 15-SP3
SUSE Linux Enterprise Workstation Extension 15-SP4
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that solves two vulnerabilities and has one
errata is now available.
Description:
This update for libwmf fixes the following issues:
libwmf was updated to 0.2.12:
* upstream changed to fork from Fedora: https://github.com/caolanm/libwmf
* merged all the pending fixes
* merge in fixes for libgd CVE-2019-6978 (bsc#1123522)
* fixed memory allocation failure (CVE-2016-9011)
* Fixes for %_libexecdir changing to /usr/libexec (bsc#1174075)
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1516=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1516=1
- SUSE Linux Enterprise Workstation Extension 15-SP4:
zypper in -t patch SUSE-SLE-Product-WE-15-SP4-2022-1516=1
- SUSE Linux Enterprise Workstation Extension 15-SP3:
zypper in -t patch SUSE-SLE-Product-WE-15-SP3-2022-1516=1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4:
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP4-2022-1516=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
libwmf-0_2-7-0.2.12-150000.4.4.1
libwmf-0_2-7-debuginfo-0.2.12-150000.4.4.1
libwmf-debugsource-0.2.12-150000.4.4.1
libwmf-devel-0.2.12-150000.4.4.1
libwmf-gnome-0.2.12-150000.4.4.1
libwmf-gnome-debuginfo-0.2.12-150000.4.4.1
libwmf-tools-0.2.12-150000.4.4.1
libwmf-tools-debuginfo-0.2.12-150000.4.4.1
- openSUSE Leap 15.4 (x86_64):
libwmf-0_2-7-32bit-0.2.12-150000.4.4.1
libwmf-0_2-7-32bit-debuginfo-0.2.12-150000.4.4.1
libwmf-gnome-32bit-0.2.12-150000.4.4.1
libwmf-gnome-32bit-debuginfo-0.2.12-150000.4.4.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
libwmf-0_2-7-0.2.12-150000.4.4.1
libwmf-0_2-7-debuginfo-0.2.12-150000.4.4.1
libwmf-debugsource-0.2.12-150000.4.4.1
libwmf-devel-0.2.12-150000.4.4.1
libwmf-gnome-0.2.12-150000.4.4.1
libwmf-gnome-debuginfo-0.2.12-150000.4.4.1
libwmf-tools-0.2.12-150000.4.4.1
libwmf-tools-debuginfo-0.2.12-150000.4.4.1
- openSUSE Leap 15.3 (x86_64):
libwmf-0_2-7-32bit-0.2.12-150000.4.4.1
libwmf-0_2-7-32bit-debuginfo-0.2.12-150000.4.4.1
libwmf-gnome-32bit-0.2.12-150000.4.4.1
libwmf-gnome-32bit-debuginfo-0.2.12-150000.4.4.1
- SUSE Linux Enterprise Workstation Extension 15-SP4 (x86_64):
libwmf-0_2-7-0.2.12-150000.4.4.1
libwmf-0_2-7-debuginfo-0.2.12-150000.4.4.1
libwmf-debugsource-0.2.12-150000.4.4.1
libwmf-devel-0.2.12-150000.4.4.1
libwmf-gnome-0.2.12-150000.4.4.1
libwmf-gnome-debuginfo-0.2.12-150000.4.4.1
- SUSE Linux Enterprise Workstation Extension 15-SP3 (x86_64):
libwmf-0_2-7-0.2.12-150000.4.4.1
libwmf-0_2-7-debuginfo-0.2.12-150000.4.4.1
libwmf-debugsource-0.2.12-150000.4.4.1
libwmf-devel-0.2.12-150000.4.4.1
libwmf-gnome-0.2.12-150000.4.4.1
libwmf-gnome-debuginfo-0.2.12-150000.4.4.1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4 (aarch64 ppc64le s390x):
libwmf-0_2-7-0.2.12-150000.4.4.1
libwmf-0_2-7-debuginfo-0.2.12-150000.4.4.1
libwmf-debugsource-0.2.12-150000.4.4.1
libwmf-devel-0.2.12-150000.4.4.1
libwmf-gnome-0.2.12-150000.4.4.1
libwmf-gnome-debuginfo-0.2.12-150000.4.4.1
References:
https://www.suse.com/security/cve/CVE-2016-9011.html
https://www.suse.com/security/cve/CVE-2019-6978.html
https://bugzilla.suse.com/1006739
https://bugzilla.suse.com/1123522
https://bugzilla.suse.com/1174075
1
0
SUSE-SU-2022:1515-1: important: Security update for rubygem-puma
by opensuse-security@opensuse.org 04 May '22
by opensuse-security@opensuse.org 04 May '22
04 May '22
SUSE Security Update: Security update for rubygem-puma
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1515-1
Rating: important
References: #1188527 #1191681 #1196222
Cross-References: CVE-2021-29509 CVE-2021-41136 CVE-2022-23634
CVSS scores:
CVE-2021-29509 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2021-29509 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2021-41136 (NVD) : 3.7 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N
CVE-2021-41136 (SUSE): 3.7 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N
CVE-2022-23634 (NVD) : 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Affected Products:
SUSE Linux Enterprise High Availability 15
SUSE Linux Enterprise High Availability 15-SP1
SUSE Linux Enterprise High Availability 15-SP2
SUSE Linux Enterprise High Availability 15-SP3
SUSE Linux Enterprise High Availability 15-SP4
SUSE Linux Enterprise High Performance Computing 15
SUSE Linux Enterprise High Performance Computing 15-SP1
SUSE Linux Enterprise High Performance Computing 15-SP2
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Server 15
SUSE Linux Enterprise Server 15-SP1
SUSE Linux Enterprise Server 15-SP2
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15
SUSE Linux Enterprise Server for SAP Applications 15-SP1
SUSE Linux Enterprise Server for SAP Applications 15-SP2
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.0
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.0
SUSE Manager Retail Branch Server 4.1
SUSE Manager Retail Branch Server 4.2
SUSE Manager Server 4.0
SUSE Manager Server 4.1
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes three vulnerabilities is now available.
Description:
This update for rubygem-puma fixes the following issues:
rubygem-puma was updated to version 4.3.11:
* CVE-2021-29509: Adjusted an incomplete fix for allows Denial of Service
(DoS) (bsc#1188527)
* CVE-2021-41136: Fixed request smuggling if HTTP header value contains
the LF character (bsc#1191681)
* CVE-2022-23634: Fixed information leak between requests (bsc#1196222)
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1515=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1515=1
- SUSE Linux Enterprise High Availability 15-SP4:
zypper in -t patch SUSE-SLE-Product-HA-15-SP4-2022-1515=1
- SUSE Linux Enterprise High Availability 15-SP3:
zypper in -t patch SUSE-SLE-Product-HA-15-SP3-2022-1515=1
- SUSE Linux Enterprise High Availability 15-SP2:
zypper in -t patch SUSE-SLE-Product-HA-15-SP2-2022-1515=1
- SUSE Linux Enterprise High Availability 15-SP1:
zypper in -t patch SUSE-SLE-Product-HA-15-SP1-2022-1515=1
- SUSE Linux Enterprise High Availability 15:
zypper in -t patch SUSE-SLE-Product-HA-15-2022-1515=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
ruby2.5-rubygem-puma-4.3.11-150000.3.6.2
ruby2.5-rubygem-puma-debuginfo-4.3.11-150000.3.6.2
ruby2.5-rubygem-puma-doc-4.3.11-150000.3.6.2
rubygem-puma-debugsource-4.3.11-150000.3.6.2
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
ruby2.5-rubygem-puma-4.3.11-150000.3.6.2
ruby2.5-rubygem-puma-debuginfo-4.3.11-150000.3.6.2
ruby2.5-rubygem-puma-doc-4.3.11-150000.3.6.2
rubygem-puma-debugsource-4.3.11-150000.3.6.2
- SUSE Linux Enterprise High Availability 15-SP4 (aarch64 ppc64le s390x x86_64):
ruby2.5-rubygem-puma-4.3.11-150000.3.6.2
ruby2.5-rubygem-puma-debuginfo-4.3.11-150000.3.6.2
rubygem-puma-debugsource-4.3.11-150000.3.6.2
- SUSE Linux Enterprise High Availability 15-SP3 (aarch64 ppc64le s390x x86_64):
ruby2.5-rubygem-puma-4.3.11-150000.3.6.2
ruby2.5-rubygem-puma-debuginfo-4.3.11-150000.3.6.2
rubygem-puma-debugsource-4.3.11-150000.3.6.2
- SUSE Linux Enterprise High Availability 15-SP2 (aarch64 ppc64le s390x x86_64):
ruby2.5-rubygem-puma-4.3.11-150000.3.6.2
ruby2.5-rubygem-puma-debuginfo-4.3.11-150000.3.6.2
- SUSE Linux Enterprise High Availability 15-SP1 (aarch64 ppc64le s390x x86_64):
ruby2.5-rubygem-puma-4.3.11-150000.3.6.2
ruby2.5-rubygem-puma-debuginfo-4.3.11-150000.3.6.2
- SUSE Linux Enterprise High Availability 15 (aarch64 ppc64le s390x x86_64):
ruby2.5-rubygem-puma-4.3.11-150000.3.6.2
ruby2.5-rubygem-puma-debuginfo-4.3.11-150000.3.6.2
References:
https://www.suse.com/security/cve/CVE-2021-29509.html
https://www.suse.com/security/cve/CVE-2021-41136.html
https://www.suse.com/security/cve/CVE-2022-23634.html
https://bugzilla.suse.com/1188527
https://bugzilla.suse.com/1191681
https://bugzilla.suse.com/1196222
1
0
03 May '22
SUSE Security Update: Security update for pcp
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1509-1
Rating: moderate
References: #1171883
Cross-References: CVE-2020-8025
CVSS scores:
CVE-2020-8025 (SUSE): 6.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
Affected Products:
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for pcp fixes the following issues:
- CVE-2020-8025: Fixed outdated entries in permissions profiles for
/var/lib/pcp/tmp/* (bsc#1171883).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1509=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1509=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
pcp-pmda-kvm-3.11.9-150000.5.14.1
pcp-pmda-lmsensors-debuginfo-3.11.9-150000.5.14.1
pcp-pmda-postgresql-3.11.9-150000.5.14.1
python-pcp-3.11.9-150000.5.14.1
python-pcp-debuginfo-3.11.9-150000.5.14.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
pcp-pmda-kvm-3.11.9-150000.5.14.1
pcp-pmda-lmsensors-debuginfo-3.11.9-150000.5.14.1
pcp-pmda-postgresql-3.11.9-150000.5.14.1
python-pcp-3.11.9-150000.5.14.1
python-pcp-debuginfo-3.11.9-150000.5.14.1
References:
https://www.suse.com/security/cve/CVE-2020-8025.html
https://bugzilla.suse.com/1171883
1
0
SUSE-SU-2022:1512-1: important: Security update for ruby2.5
by opensuse-security@opensuse.org 03 May '22
by opensuse-security@opensuse.org 03 May '22
03 May '22
SUSE Security Update: Security update for ruby2.5
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1512-1
Rating: important
References: #1188160 #1188161 #1190375 #1193035 #1198441
Cross-References: CVE-2021-31799 CVE-2021-31810 CVE-2021-32066
CVE-2021-41817 CVE-2022-28739
CVSS scores:
CVE-2021-31799 (NVD) : 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2021-31799 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2021-31810 (NVD) : 5.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
CVE-2021-31810 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CVE-2021-32066 (NVD) : 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
CVE-2021-32066 (SUSE): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
CVE-2021-41817 (SUSE): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2022-28739 (SUSE): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Affected Products:
SUSE CaaS Platform 4.0
SUSE Enterprise Storage 6
SUSE Enterprise Storage 7
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-ESPOS
SUSE Linux Enterprise High Performance Computing 15-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Micro 5.0
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Realtime Extension 15-SP2
SUSE Linux Enterprise Server 15-LTSS
SUSE Linux Enterprise Server 15-SP1-BCL
SUSE Linux Enterprise Server 15-SP1-LTSS
SUSE Linux Enterprise Server 15-SP2-BCL
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP 15
SUSE Linux Enterprise Server for SAP 15-SP1
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.1
SUSE Manager Server 4.1
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes 5 vulnerabilities is now available.
Description:
This update for ruby2.5 fixes the following issues:
- CVE-2022-28739: Fixed a buffer overrun in String-to-Float conversion
(bsc#1198441).
- CVE-2021-41817: Fixed a regular expression denial of service in Date
Parsing Methods (bsc#1193035).
- CVE-2021-32066: Fixed a StartTLS stripping vulnerability in Net:IMAP
(bsc#1188160).
- CVE-2021-31810: Fixed a trusting FTP PASV responses vulnerability in
Net:FTP (bsc#1188161).
- CVE-2021-31799: Fixed a command injection vulnerability in RDoc
(bsc#1190375).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1512=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1512=1
- SUSE Manager Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-1512=1
- SUSE Manager Retail Branch Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-1512=1
- SUSE Manager Proxy 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-1512=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-1512=1
- SUSE Linux Enterprise Server for SAP 15-SP1:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2022-1512=1
- SUSE Linux Enterprise Server for SAP 15:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-2022-1512=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-1512=1
- SUSE Linux Enterprise Server 15-SP2-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-1512=1
- SUSE Linux Enterprise Server 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2022-1512=1
- SUSE Linux Enterprise Server 15-SP1-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-BCL-2022-1512=1
- SUSE Linux Enterprise Server 15-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-2022-1512=1
- SUSE Linux Enterprise Realtime Extension 15-SP2:
zypper in -t patch SUSE-SLE-Product-RT-15-SP2-2022-1512=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-1512=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-1512=1
- SUSE Linux Enterprise Micro 5.0:
zypper in -t patch SUSE-SUSE-MicroOS-5.0-2022-1512=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-1512=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-1512=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-LTSS-2022-1512=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-ESPOS-2022-1512=1
- SUSE Linux Enterprise High Performance Computing 15-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-2022-1512=1
- SUSE Linux Enterprise High Performance Computing 15-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-2022-1512=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2022-1512=1
- SUSE Enterprise Storage 6:
zypper in -t patch SUSE-Storage-6-2022-1512=1
- SUSE CaaS Platform 4.0:
To install this update, use the SUSE CaaS Platform 'skuba' tool. It
will inform you if it detects new updates and let you then trigger
updating of the complete cluster in a controlled way.
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
libruby2_5-2_5-2.5.9-150000.4.23.1
libruby2_5-2_5-debuginfo-2.5.9-150000.4.23.1
ruby2.5-2.5.9-150000.4.23.1
ruby2.5-debuginfo-2.5.9-150000.4.23.1
ruby2.5-debugsource-2.5.9-150000.4.23.1
ruby2.5-devel-2.5.9-150000.4.23.1
ruby2.5-devel-extra-2.5.9-150000.4.23.1
ruby2.5-doc-2.5.9-150000.4.23.1
ruby2.5-stdlib-2.5.9-150000.4.23.1
ruby2.5-stdlib-debuginfo-2.5.9-150000.4.23.1
- openSUSE Leap 15.4 (noarch):
ruby2.5-doc-ri-2.5.9-150000.4.23.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
libruby2_5-2_5-2.5.9-150000.4.23.1
libruby2_5-2_5-debuginfo-2.5.9-150000.4.23.1
ruby2.5-2.5.9-150000.4.23.1
ruby2.5-debuginfo-2.5.9-150000.4.23.1
ruby2.5-debugsource-2.5.9-150000.4.23.1
ruby2.5-devel-2.5.9-150000.4.23.1
ruby2.5-devel-extra-2.5.9-150000.4.23.1
ruby2.5-doc-2.5.9-150000.4.23.1
ruby2.5-stdlib-2.5.9-150000.4.23.1
ruby2.5-stdlib-debuginfo-2.5.9-150000.4.23.1
- openSUSE Leap 15.3 (noarch):
ruby2.5-doc-ri-2.5.9-150000.4.23.1
- SUSE Manager Server 4.1 (ppc64le s390x x86_64):
libruby2_5-2_5-2.5.9-150000.4.23.1
libruby2_5-2_5-debuginfo-2.5.9-150000.4.23.1
ruby2.5-2.5.9-150000.4.23.1
ruby2.5-debuginfo-2.5.9-150000.4.23.1
ruby2.5-debugsource-2.5.9-150000.4.23.1
ruby2.5-devel-2.5.9-150000.4.23.1
ruby2.5-devel-extra-2.5.9-150000.4.23.1
ruby2.5-stdlib-2.5.9-150000.4.23.1
ruby2.5-stdlib-debuginfo-2.5.9-150000.4.23.1
- SUSE Manager Retail Branch Server 4.1 (x86_64):
libruby2_5-2_5-2.5.9-150000.4.23.1
libruby2_5-2_5-debuginfo-2.5.9-150000.4.23.1
ruby2.5-2.5.9-150000.4.23.1
ruby2.5-debuginfo-2.5.9-150000.4.23.1
ruby2.5-debugsource-2.5.9-150000.4.23.1
ruby2.5-devel-2.5.9-150000.4.23.1
ruby2.5-devel-extra-2.5.9-150000.4.23.1
ruby2.5-stdlib-2.5.9-150000.4.23.1
ruby2.5-stdlib-debuginfo-2.5.9-150000.4.23.1
- SUSE Manager Proxy 4.1 (x86_64):
libruby2_5-2_5-2.5.9-150000.4.23.1
libruby2_5-2_5-debuginfo-2.5.9-150000.4.23.1
ruby2.5-2.5.9-150000.4.23.1
ruby2.5-debuginfo-2.5.9-150000.4.23.1
ruby2.5-debugsource-2.5.9-150000.4.23.1
ruby2.5-devel-2.5.9-150000.4.23.1
ruby2.5-devel-extra-2.5.9-150000.4.23.1
ruby2.5-stdlib-2.5.9-150000.4.23.1
ruby2.5-stdlib-debuginfo-2.5.9-150000.4.23.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64):
libruby2_5-2_5-2.5.9-150000.4.23.1
libruby2_5-2_5-debuginfo-2.5.9-150000.4.23.1
ruby2.5-2.5.9-150000.4.23.1
ruby2.5-debuginfo-2.5.9-150000.4.23.1
ruby2.5-debugsource-2.5.9-150000.4.23.1
ruby2.5-devel-2.5.9-150000.4.23.1
ruby2.5-devel-extra-2.5.9-150000.4.23.1
ruby2.5-stdlib-2.5.9-150000.4.23.1
ruby2.5-stdlib-debuginfo-2.5.9-150000.4.23.1
- SUSE Linux Enterprise Server for SAP 15-SP1 (ppc64le x86_64):
libruby2_5-2_5-2.5.9-150000.4.23.1
libruby2_5-2_5-debuginfo-2.5.9-150000.4.23.1
ruby2.5-2.5.9-150000.4.23.1
ruby2.5-debuginfo-2.5.9-150000.4.23.1
ruby2.5-debugsource-2.5.9-150000.4.23.1
ruby2.5-devel-2.5.9-150000.4.23.1
ruby2.5-devel-extra-2.5.9-150000.4.23.1
ruby2.5-stdlib-2.5.9-150000.4.23.1
ruby2.5-stdlib-debuginfo-2.5.9-150000.4.23.1
- SUSE Linux Enterprise Server for SAP 15 (ppc64le x86_64):
libruby2_5-2_5-2.5.9-150000.4.23.1
libruby2_5-2_5-debuginfo-2.5.9-150000.4.23.1
ruby2.5-2.5.9-150000.4.23.1
ruby2.5-debuginfo-2.5.9-150000.4.23.1
ruby2.5-debugsource-2.5.9-150000.4.23.1
ruby2.5-devel-2.5.9-150000.4.23.1
ruby2.5-devel-extra-2.5.9-150000.4.23.1
ruby2.5-stdlib-2.5.9-150000.4.23.1
ruby2.5-stdlib-debuginfo-2.5.9-150000.4.23.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64):
libruby2_5-2_5-2.5.9-150000.4.23.1
libruby2_5-2_5-debuginfo-2.5.9-150000.4.23.1
ruby2.5-2.5.9-150000.4.23.1
ruby2.5-debuginfo-2.5.9-150000.4.23.1
ruby2.5-debugsource-2.5.9-150000.4.23.1
ruby2.5-devel-2.5.9-150000.4.23.1
ruby2.5-devel-extra-2.5.9-150000.4.23.1
ruby2.5-stdlib-2.5.9-150000.4.23.1
ruby2.5-stdlib-debuginfo-2.5.9-150000.4.23.1
- SUSE Linux Enterprise Server 15-SP2-BCL (x86_64):
libruby2_5-2_5-2.5.9-150000.4.23.1
libruby2_5-2_5-debuginfo-2.5.9-150000.4.23.1
ruby2.5-2.5.9-150000.4.23.1
ruby2.5-debuginfo-2.5.9-150000.4.23.1
ruby2.5-debugsource-2.5.9-150000.4.23.1
ruby2.5-devel-2.5.9-150000.4.23.1
ruby2.5-devel-extra-2.5.9-150000.4.23.1
ruby2.5-stdlib-2.5.9-150000.4.23.1
ruby2.5-stdlib-debuginfo-2.5.9-150000.4.23.1
- SUSE Linux Enterprise Server 15-SP1-LTSS (aarch64 ppc64le s390x x86_64):
libruby2_5-2_5-2.5.9-150000.4.23.1
libruby2_5-2_5-debuginfo-2.5.9-150000.4.23.1
ruby2.5-2.5.9-150000.4.23.1
ruby2.5-debuginfo-2.5.9-150000.4.23.1
ruby2.5-debugsource-2.5.9-150000.4.23.1
ruby2.5-devel-2.5.9-150000.4.23.1
ruby2.5-devel-extra-2.5.9-150000.4.23.1
ruby2.5-stdlib-2.5.9-150000.4.23.1
ruby2.5-stdlib-debuginfo-2.5.9-150000.4.23.1
- SUSE Linux Enterprise Server 15-SP1-BCL (x86_64):
libruby2_5-2_5-2.5.9-150000.4.23.1
libruby2_5-2_5-debuginfo-2.5.9-150000.4.23.1
ruby2.5-2.5.9-150000.4.23.1
ruby2.5-debuginfo-2.5.9-150000.4.23.1
ruby2.5-debugsource-2.5.9-150000.4.23.1
ruby2.5-devel-2.5.9-150000.4.23.1
ruby2.5-devel-extra-2.5.9-150000.4.23.1
ruby2.5-stdlib-2.5.9-150000.4.23.1
ruby2.5-stdlib-debuginfo-2.5.9-150000.4.23.1
- SUSE Linux Enterprise Server 15-LTSS (aarch64 s390x):
libruby2_5-2_5-2.5.9-150000.4.23.1
libruby2_5-2_5-debuginfo-2.5.9-150000.4.23.1
ruby2.5-2.5.9-150000.4.23.1
ruby2.5-debuginfo-2.5.9-150000.4.23.1
ruby2.5-debugsource-2.5.9-150000.4.23.1
ruby2.5-devel-2.5.9-150000.4.23.1
ruby2.5-devel-extra-2.5.9-150000.4.23.1
ruby2.5-stdlib-2.5.9-150000.4.23.1
ruby2.5-stdlib-debuginfo-2.5.9-150000.4.23.1
- SUSE Linux Enterprise Realtime Extension 15-SP2 (x86_64):
libruby2_5-2_5-2.5.9-150000.4.23.1
libruby2_5-2_5-debuginfo-2.5.9-150000.4.23.1
ruby2.5-2.5.9-150000.4.23.1
ruby2.5-debuginfo-2.5.9-150000.4.23.1
ruby2.5-debugsource-2.5.9-150000.4.23.1
ruby2.5-devel-2.5.9-150000.4.23.1
ruby2.5-devel-extra-2.5.9-150000.4.23.1
ruby2.5-stdlib-2.5.9-150000.4.23.1
ruby2.5-stdlib-debuginfo-2.5.9-150000.4.23.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64 ppc64le s390x x86_64):
libruby2_5-2_5-2.5.9-150000.4.23.1
libruby2_5-2_5-debuginfo-2.5.9-150000.4.23.1
ruby2.5-2.5.9-150000.4.23.1
ruby2.5-debuginfo-2.5.9-150000.4.23.1
ruby2.5-debugsource-2.5.9-150000.4.23.1
ruby2.5-devel-2.5.9-150000.4.23.1
ruby2.5-devel-extra-2.5.9-150000.4.23.1
ruby2.5-stdlib-2.5.9-150000.4.23.1
ruby2.5-stdlib-debuginfo-2.5.9-150000.4.23.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64):
libruby2_5-2_5-2.5.9-150000.4.23.1
libruby2_5-2_5-debuginfo-2.5.9-150000.4.23.1
ruby2.5-2.5.9-150000.4.23.1
ruby2.5-debuginfo-2.5.9-150000.4.23.1
ruby2.5-debugsource-2.5.9-150000.4.23.1
ruby2.5-devel-2.5.9-150000.4.23.1
ruby2.5-devel-extra-2.5.9-150000.4.23.1
ruby2.5-stdlib-2.5.9-150000.4.23.1
ruby2.5-stdlib-debuginfo-2.5.9-150000.4.23.1
- SUSE Linux Enterprise Micro 5.0 (aarch64 x86_64):
libruby2_5-2_5-2.5.9-150000.4.23.1
libruby2_5-2_5-debuginfo-2.5.9-150000.4.23.1
ruby2.5-2.5.9-150000.4.23.1
ruby2.5-debuginfo-2.5.9-150000.4.23.1
ruby2.5-debugsource-2.5.9-150000.4.23.1
ruby2.5-stdlib-2.5.9-150000.4.23.1
ruby2.5-stdlib-debuginfo-2.5.9-150000.4.23.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64):
libruby2_5-2_5-2.5.9-150000.4.23.1
libruby2_5-2_5-debuginfo-2.5.9-150000.4.23.1
ruby2.5-2.5.9-150000.4.23.1
ruby2.5-debuginfo-2.5.9-150000.4.23.1
ruby2.5-debugsource-2.5.9-150000.4.23.1
ruby2.5-devel-2.5.9-150000.4.23.1
ruby2.5-devel-extra-2.5.9-150000.4.23.1
ruby2.5-stdlib-2.5.9-150000.4.23.1
ruby2.5-stdlib-debuginfo-2.5.9-150000.4.23.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (aarch64 x86_64):
libruby2_5-2_5-2.5.9-150000.4.23.1
libruby2_5-2_5-debuginfo-2.5.9-150000.4.23.1
ruby2.5-2.5.9-150000.4.23.1
ruby2.5-debuginfo-2.5.9-150000.4.23.1
ruby2.5-debugsource-2.5.9-150000.4.23.1
ruby2.5-devel-2.5.9-150000.4.23.1
ruby2.5-devel-extra-2.5.9-150000.4.23.1
ruby2.5-stdlib-2.5.9-150000.4.23.1
ruby2.5-stdlib-debuginfo-2.5.9-150000.4.23.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (aarch64 x86_64):
libruby2_5-2_5-2.5.9-150000.4.23.1
libruby2_5-2_5-debuginfo-2.5.9-150000.4.23.1
ruby2.5-2.5.9-150000.4.23.1
ruby2.5-debuginfo-2.5.9-150000.4.23.1
ruby2.5-debugsource-2.5.9-150000.4.23.1
ruby2.5-devel-2.5.9-150000.4.23.1
ruby2.5-devel-extra-2.5.9-150000.4.23.1
ruby2.5-stdlib-2.5.9-150000.4.23.1
ruby2.5-stdlib-debuginfo-2.5.9-150000.4.23.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (aarch64 x86_64):
libruby2_5-2_5-2.5.9-150000.4.23.1
libruby2_5-2_5-debuginfo-2.5.9-150000.4.23.1
ruby2.5-2.5.9-150000.4.23.1
ruby2.5-debuginfo-2.5.9-150000.4.23.1
ruby2.5-debugsource-2.5.9-150000.4.23.1
ruby2.5-devel-2.5.9-150000.4.23.1
ruby2.5-devel-extra-2.5.9-150000.4.23.1
ruby2.5-stdlib-2.5.9-150000.4.23.1
ruby2.5-stdlib-debuginfo-2.5.9-150000.4.23.1
- SUSE Linux Enterprise High Performance Computing 15-LTSS (aarch64 x86_64):
libruby2_5-2_5-2.5.9-150000.4.23.1
libruby2_5-2_5-debuginfo-2.5.9-150000.4.23.1
ruby2.5-2.5.9-150000.4.23.1
ruby2.5-debuginfo-2.5.9-150000.4.23.1
ruby2.5-debugsource-2.5.9-150000.4.23.1
ruby2.5-devel-2.5.9-150000.4.23.1
ruby2.5-devel-extra-2.5.9-150000.4.23.1
ruby2.5-stdlib-2.5.9-150000.4.23.1
ruby2.5-stdlib-debuginfo-2.5.9-150000.4.23.1
- SUSE Linux Enterprise High Performance Computing 15-ESPOS (aarch64 x86_64):
libruby2_5-2_5-2.5.9-150000.4.23.1
libruby2_5-2_5-debuginfo-2.5.9-150000.4.23.1
ruby2.5-2.5.9-150000.4.23.1
ruby2.5-debuginfo-2.5.9-150000.4.23.1
ruby2.5-debugsource-2.5.9-150000.4.23.1
ruby2.5-devel-2.5.9-150000.4.23.1
ruby2.5-devel-extra-2.5.9-150000.4.23.1
ruby2.5-stdlib-2.5.9-150000.4.23.1
ruby2.5-stdlib-debuginfo-2.5.9-150000.4.23.1
- SUSE Enterprise Storage 7 (aarch64 x86_64):
libruby2_5-2_5-2.5.9-150000.4.23.1
libruby2_5-2_5-debuginfo-2.5.9-150000.4.23.1
ruby2.5-2.5.9-150000.4.23.1
ruby2.5-debuginfo-2.5.9-150000.4.23.1
ruby2.5-debugsource-2.5.9-150000.4.23.1
ruby2.5-devel-2.5.9-150000.4.23.1
ruby2.5-devel-extra-2.5.9-150000.4.23.1
ruby2.5-stdlib-2.5.9-150000.4.23.1
ruby2.5-stdlib-debuginfo-2.5.9-150000.4.23.1
- SUSE Enterprise Storage 6 (aarch64 x86_64):
libruby2_5-2_5-2.5.9-150000.4.23.1
libruby2_5-2_5-debuginfo-2.5.9-150000.4.23.1
ruby2.5-2.5.9-150000.4.23.1
ruby2.5-debuginfo-2.5.9-150000.4.23.1
ruby2.5-debugsource-2.5.9-150000.4.23.1
ruby2.5-devel-2.5.9-150000.4.23.1
ruby2.5-devel-extra-2.5.9-150000.4.23.1
ruby2.5-stdlib-2.5.9-150000.4.23.1
ruby2.5-stdlib-debuginfo-2.5.9-150000.4.23.1
- SUSE CaaS Platform 4.0 (x86_64):
libruby2_5-2_5-2.5.9-150000.4.23.1
libruby2_5-2_5-debuginfo-2.5.9-150000.4.23.1
ruby2.5-2.5.9-150000.4.23.1
ruby2.5-debuginfo-2.5.9-150000.4.23.1
ruby2.5-debugsource-2.5.9-150000.4.23.1
ruby2.5-devel-2.5.9-150000.4.23.1
ruby2.5-devel-extra-2.5.9-150000.4.23.1
ruby2.5-stdlib-2.5.9-150000.4.23.1
ruby2.5-stdlib-debuginfo-2.5.9-150000.4.23.1
References:
https://www.suse.com/security/cve/CVE-2021-31799.html
https://www.suse.com/security/cve/CVE-2021-31810.html
https://www.suse.com/security/cve/CVE-2021-32066.html
https://www.suse.com/security/cve/CVE-2021-41817.html
https://www.suse.com/security/cve/CVE-2022-28739.html
https://bugzilla.suse.com/1188160
https://bugzilla.suse.com/1188161
https://bugzilla.suse.com/1190375
https://bugzilla.suse.com/1193035
https://bugzilla.suse.com/1198441
1
0
SUSE-SU-2022:1513-1: important: Security update for java-11-openjdk
by opensuse-security@opensuse.org 03 May '22
by opensuse-security@opensuse.org 03 May '22
03 May '22
SUSE Security Update: Security update for java-11-openjdk
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1513-1
Rating: important
References: #1198671 #1198672 #1198673 #1198674 #1198675
Cross-References: CVE-2022-21426 CVE-2022-21434 CVE-2022-21443
CVE-2022-21476 CVE-2022-21496
CVSS scores:
CVE-2022-21426 (NVD) : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2022-21426 (SUSE): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2022-21434 (NVD) : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
CVE-2022-21434 (SUSE): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
CVE-2022-21443 (NVD) : 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2022-21443 (SUSE): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2022-21476 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CVE-2022-21476 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CVE-2022-21496 (NVD) : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
CVE-2022-21496 (SUSE): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Affected Products:
SUSE CaaS Platform 4.0
SUSE Enterprise Storage 6
SUSE Enterprise Storage 7
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-ESPOS
SUSE Linux Enterprise High Performance Computing 15-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4
SUSE Linux Enterprise Realtime Extension 15-SP2
SUSE Linux Enterprise Server 15-LTSS
SUSE Linux Enterprise Server 15-SP1-BCL
SUSE Linux Enterprise Server 15-SP1-LTSS
SUSE Linux Enterprise Server 15-SP2-BCL
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP 15
SUSE Linux Enterprise Server for SAP 15-SP1
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.1
SUSE Manager Server 4.1
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes 5 vulnerabilities is now available.
Description:
This update for java-11-openjdk fixes the following issues:
- CVE-2022-21426: Fixed Oracle Java SE compromission via unauthenticated
attacker with network access via multiple protocols (bsc#1198672).
- CVE-2022-21434: Fixed Oracle Java SE compromission via unauthenticated
attacker with network access via multiple protocols (bsc#1198674).
- CVE-2022-21496: Fixed Oracle Java SE compromission via unauthenticated
attacker with network access via multiple protocols (bsc#1198673).
- CVE-2022-21443: Fixed Oracle Java SE compromission via unauthenticated
attacker with network access via multiple protocols (bsc#1198675).
- CVE-2022-21476: Fixed Oracle Java SE compromission via unauthenticated
attacker with network access via multiple protocols (bsc#1198671).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1513=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1513=1
- SUSE Manager Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-1513=1
- SUSE Manager Retail Branch Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-1513=1
- SUSE Manager Proxy 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-1513=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-1513=1
- SUSE Linux Enterprise Server for SAP 15-SP1:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2022-1513=1
- SUSE Linux Enterprise Server for SAP 15:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-2022-1513=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-1513=1
- SUSE Linux Enterprise Server 15-SP2-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-1513=1
- SUSE Linux Enterprise Server 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2022-1513=1
- SUSE Linux Enterprise Server 15-SP1-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-BCL-2022-1513=1
- SUSE Linux Enterprise Server 15-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-2022-1513=1
- SUSE Linux Enterprise Realtime Extension 15-SP2:
zypper in -t patch SUSE-SLE-Product-RT-15-SP2-2022-1513=1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4:
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP4-2022-1513=1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3:
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP3-2022-1513=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-1513=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-1513=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-1513=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-1513=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-LTSS-2022-1513=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-ESPOS-2022-1513=1
- SUSE Linux Enterprise High Performance Computing 15-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-2022-1513=1
- SUSE Linux Enterprise High Performance Computing 15-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-2022-1513=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2022-1513=1
- SUSE Enterprise Storage 6:
zypper in -t patch SUSE-Storage-6-2022-1513=1
- SUSE CaaS Platform 4.0:
To install this update, use the SUSE CaaS Platform 'skuba' tool. It
will inform you if it detects new updates and let you then trigger
updating of the complete cluster in a controlled way.
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
java-11-openjdk-11.0.15.0-150000.3.80.1
java-11-openjdk-accessibility-11.0.15.0-150000.3.80.1
java-11-openjdk-accessibility-debuginfo-11.0.15.0-150000.3.80.1
java-11-openjdk-debugsource-11.0.15.0-150000.3.80.1
java-11-openjdk-demo-11.0.15.0-150000.3.80.1
java-11-openjdk-devel-11.0.15.0-150000.3.80.1
java-11-openjdk-headless-11.0.15.0-150000.3.80.1
java-11-openjdk-jmods-11.0.15.0-150000.3.80.1
java-11-openjdk-src-11.0.15.0-150000.3.80.1
- openSUSE Leap 15.4 (noarch):
java-11-openjdk-javadoc-11.0.15.0-150000.3.80.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
java-11-openjdk-11.0.15.0-150000.3.80.1
java-11-openjdk-accessibility-11.0.15.0-150000.3.80.1
java-11-openjdk-accessibility-debuginfo-11.0.15.0-150000.3.80.1
java-11-openjdk-debugsource-11.0.15.0-150000.3.80.1
java-11-openjdk-demo-11.0.15.0-150000.3.80.1
java-11-openjdk-devel-11.0.15.0-150000.3.80.1
java-11-openjdk-headless-11.0.15.0-150000.3.80.1
java-11-openjdk-jmods-11.0.15.0-150000.3.80.1
java-11-openjdk-src-11.0.15.0-150000.3.80.1
- openSUSE Leap 15.3 (noarch):
java-11-openjdk-javadoc-11.0.15.0-150000.3.80.1
- SUSE Manager Server 4.1 (ppc64le s390x x86_64):
java-11-openjdk-11.0.15.0-150000.3.80.1
java-11-openjdk-debugsource-11.0.15.0-150000.3.80.1
java-11-openjdk-demo-11.0.15.0-150000.3.80.1
java-11-openjdk-devel-11.0.15.0-150000.3.80.1
java-11-openjdk-headless-11.0.15.0-150000.3.80.1
- SUSE Manager Retail Branch Server 4.1 (x86_64):
java-11-openjdk-11.0.15.0-150000.3.80.1
java-11-openjdk-debugsource-11.0.15.0-150000.3.80.1
java-11-openjdk-demo-11.0.15.0-150000.3.80.1
java-11-openjdk-devel-11.0.15.0-150000.3.80.1
java-11-openjdk-headless-11.0.15.0-150000.3.80.1
- SUSE Manager Proxy 4.1 (x86_64):
java-11-openjdk-11.0.15.0-150000.3.80.1
java-11-openjdk-debugsource-11.0.15.0-150000.3.80.1
java-11-openjdk-demo-11.0.15.0-150000.3.80.1
java-11-openjdk-devel-11.0.15.0-150000.3.80.1
java-11-openjdk-headless-11.0.15.0-150000.3.80.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64):
java-11-openjdk-11.0.15.0-150000.3.80.1
java-11-openjdk-debugsource-11.0.15.0-150000.3.80.1
java-11-openjdk-demo-11.0.15.0-150000.3.80.1
java-11-openjdk-devel-11.0.15.0-150000.3.80.1
java-11-openjdk-headless-11.0.15.0-150000.3.80.1
- SUSE Linux Enterprise Server for SAP 15-SP1 (ppc64le x86_64):
java-11-openjdk-11.0.15.0-150000.3.80.1
java-11-openjdk-debugsource-11.0.15.0-150000.3.80.1
java-11-openjdk-demo-11.0.15.0-150000.3.80.1
java-11-openjdk-devel-11.0.15.0-150000.3.80.1
java-11-openjdk-headless-11.0.15.0-150000.3.80.1
- SUSE Linux Enterprise Server for SAP 15 (ppc64le x86_64):
java-11-openjdk-11.0.15.0-150000.3.80.1
java-11-openjdk-debugsource-11.0.15.0-150000.3.80.1
java-11-openjdk-demo-11.0.15.0-150000.3.80.1
java-11-openjdk-devel-11.0.15.0-150000.3.80.1
java-11-openjdk-headless-11.0.15.0-150000.3.80.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64):
java-11-openjdk-11.0.15.0-150000.3.80.1
java-11-openjdk-debugsource-11.0.15.0-150000.3.80.1
java-11-openjdk-demo-11.0.15.0-150000.3.80.1
java-11-openjdk-devel-11.0.15.0-150000.3.80.1
java-11-openjdk-headless-11.0.15.0-150000.3.80.1
- SUSE Linux Enterprise Server 15-SP2-BCL (x86_64):
java-11-openjdk-11.0.15.0-150000.3.80.1
java-11-openjdk-debugsource-11.0.15.0-150000.3.80.1
java-11-openjdk-demo-11.0.15.0-150000.3.80.1
java-11-openjdk-devel-11.0.15.0-150000.3.80.1
java-11-openjdk-headless-11.0.15.0-150000.3.80.1
- SUSE Linux Enterprise Server 15-SP1-LTSS (aarch64 ppc64le s390x x86_64):
java-11-openjdk-11.0.15.0-150000.3.80.1
java-11-openjdk-debugsource-11.0.15.0-150000.3.80.1
java-11-openjdk-demo-11.0.15.0-150000.3.80.1
java-11-openjdk-devel-11.0.15.0-150000.3.80.1
java-11-openjdk-headless-11.0.15.0-150000.3.80.1
- SUSE Linux Enterprise Server 15-SP1-BCL (x86_64):
java-11-openjdk-11.0.15.0-150000.3.80.1
java-11-openjdk-debugsource-11.0.15.0-150000.3.80.1
java-11-openjdk-demo-11.0.15.0-150000.3.80.1
java-11-openjdk-devel-11.0.15.0-150000.3.80.1
java-11-openjdk-headless-11.0.15.0-150000.3.80.1
- SUSE Linux Enterprise Server 15-LTSS (aarch64 s390x):
java-11-openjdk-11.0.15.0-150000.3.80.1
java-11-openjdk-debugsource-11.0.15.0-150000.3.80.1
java-11-openjdk-demo-11.0.15.0-150000.3.80.1
java-11-openjdk-devel-11.0.15.0-150000.3.80.1
java-11-openjdk-headless-11.0.15.0-150000.3.80.1
- SUSE Linux Enterprise Realtime Extension 15-SP2 (x86_64):
java-11-openjdk-11.0.15.0-150000.3.80.1
java-11-openjdk-debugsource-11.0.15.0-150000.3.80.1
java-11-openjdk-demo-11.0.15.0-150000.3.80.1
java-11-openjdk-devel-11.0.15.0-150000.3.80.1
java-11-openjdk-headless-11.0.15.0-150000.3.80.1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4 (noarch):
java-11-openjdk-javadoc-11.0.15.0-150000.3.80.1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3 (aarch64 ppc64le s390x x86_64):
java-11-openjdk-jmods-11.0.15.0-150000.3.80.1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3 (noarch):
java-11-openjdk-javadoc-11.0.15.0-150000.3.80.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64 ppc64le s390x x86_64):
java-11-openjdk-11.0.15.0-150000.3.80.1
java-11-openjdk-debugsource-11.0.15.0-150000.3.80.1
java-11-openjdk-demo-11.0.15.0-150000.3.80.1
java-11-openjdk-devel-11.0.15.0-150000.3.80.1
java-11-openjdk-headless-11.0.15.0-150000.3.80.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64):
java-11-openjdk-11.0.15.0-150000.3.80.1
java-11-openjdk-debugsource-11.0.15.0-150000.3.80.1
java-11-openjdk-demo-11.0.15.0-150000.3.80.1
java-11-openjdk-devel-11.0.15.0-150000.3.80.1
java-11-openjdk-headless-11.0.15.0-150000.3.80.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64):
java-11-openjdk-11.0.15.0-150000.3.80.1
java-11-openjdk-debugsource-11.0.15.0-150000.3.80.1
java-11-openjdk-demo-11.0.15.0-150000.3.80.1
java-11-openjdk-devel-11.0.15.0-150000.3.80.1
java-11-openjdk-headless-11.0.15.0-150000.3.80.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (aarch64 x86_64):
java-11-openjdk-11.0.15.0-150000.3.80.1
java-11-openjdk-debugsource-11.0.15.0-150000.3.80.1
java-11-openjdk-demo-11.0.15.0-150000.3.80.1
java-11-openjdk-devel-11.0.15.0-150000.3.80.1
java-11-openjdk-headless-11.0.15.0-150000.3.80.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (aarch64 x86_64):
java-11-openjdk-11.0.15.0-150000.3.80.1
java-11-openjdk-debugsource-11.0.15.0-150000.3.80.1
java-11-openjdk-demo-11.0.15.0-150000.3.80.1
java-11-openjdk-devel-11.0.15.0-150000.3.80.1
java-11-openjdk-headless-11.0.15.0-150000.3.80.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (aarch64 x86_64):
java-11-openjdk-11.0.15.0-150000.3.80.1
java-11-openjdk-debugsource-11.0.15.0-150000.3.80.1
java-11-openjdk-demo-11.0.15.0-150000.3.80.1
java-11-openjdk-devel-11.0.15.0-150000.3.80.1
java-11-openjdk-headless-11.0.15.0-150000.3.80.1
- SUSE Linux Enterprise High Performance Computing 15-LTSS (aarch64 x86_64):
java-11-openjdk-11.0.15.0-150000.3.80.1
java-11-openjdk-debugsource-11.0.15.0-150000.3.80.1
java-11-openjdk-demo-11.0.15.0-150000.3.80.1
java-11-openjdk-devel-11.0.15.0-150000.3.80.1
java-11-openjdk-headless-11.0.15.0-150000.3.80.1
- SUSE Linux Enterprise High Performance Computing 15-ESPOS (aarch64 x86_64):
java-11-openjdk-11.0.15.0-150000.3.80.1
java-11-openjdk-debugsource-11.0.15.0-150000.3.80.1
java-11-openjdk-demo-11.0.15.0-150000.3.80.1
java-11-openjdk-devel-11.0.15.0-150000.3.80.1
java-11-openjdk-headless-11.0.15.0-150000.3.80.1
- SUSE Enterprise Storage 7 (aarch64 x86_64):
java-11-openjdk-11.0.15.0-150000.3.80.1
java-11-openjdk-debugsource-11.0.15.0-150000.3.80.1
java-11-openjdk-demo-11.0.15.0-150000.3.80.1
java-11-openjdk-devel-11.0.15.0-150000.3.80.1
java-11-openjdk-headless-11.0.15.0-150000.3.80.1
- SUSE Enterprise Storage 6 (aarch64 x86_64):
java-11-openjdk-11.0.15.0-150000.3.80.1
java-11-openjdk-debugsource-11.0.15.0-150000.3.80.1
java-11-openjdk-demo-11.0.15.0-150000.3.80.1
java-11-openjdk-devel-11.0.15.0-150000.3.80.1
java-11-openjdk-headless-11.0.15.0-150000.3.80.1
- SUSE CaaS Platform 4.0 (x86_64):
java-11-openjdk-11.0.15.0-150000.3.80.1
java-11-openjdk-debugsource-11.0.15.0-150000.3.80.1
java-11-openjdk-demo-11.0.15.0-150000.3.80.1
java-11-openjdk-devel-11.0.15.0-150000.3.80.1
java-11-openjdk-headless-11.0.15.0-150000.3.80.1
References:
https://www.suse.com/security/cve/CVE-2022-21426.html
https://www.suse.com/security/cve/CVE-2022-21434.html
https://www.suse.com/security/cve/CVE-2022-21443.html
https://www.suse.com/security/cve/CVE-2022-21476.html
https://www.suse.com/security/cve/CVE-2022-21496.html
https://bugzilla.suse.com/1198671
https://bugzilla.suse.com/1198672
https://bugzilla.suse.com/1198673
https://bugzilla.suse.com/1198674
https://bugzilla.suse.com/1198675
1
0
03 May '22
SUSE Security Update: Security update for xen
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1506-1
Rating: moderate
References: #1197423 #1197425 #1197426
Cross-References: CVE-2022-26356 CVE-2022-26357 CVE-2022-26358
CVE-2022-26359 CVE-2022-26360 CVE-2022-26361
CVSS scores:
CVE-2022-26356 (NVD) : 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H
CVE-2022-26356 (SUSE): 6.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H
CVE-2022-26357 (NVD) : 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-26357 (SUSE): 5.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H
CVE-2022-26358 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-26358 (SUSE): 5.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H
CVE-2022-26359 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-26359 (SUSE): 5.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H
CVE-2022-26360 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-26360 (SUSE): 5.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H
CVE-2022-26361 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-26361 (SUSE): 5.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H
Affected Products:
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Micro 5.1
SUSE Linux Enterprise Micro 5.2
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Server Applications 15-SP3
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Manager Proxy 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.3
______________________________________________________________________________
An update that fixes 6 vulnerabilities is now available.
Description:
This update for xen fixes the following issues:
- CVE-2022-26356: Fixed potential race conditions in dirty memory tracking
that could cause a denial of service in the host (bsc#1197423).
- CVE-2022-26357: Fixed a potential race condition in memory cleanup for
hosts using VT-d IOMMU hardware, which could lead to a denial of service
in the host (bsc#1197425).
- CVE-2022-26358,CVE-2022-26359,CVE-2022-26360,CVE-2022-26361: Fixed
various memory corruption issues for hosts using VT-d or AMD-Vi IOMMU
hardware. These could be leveraged by an attacker to cause a denial of
service in the host (bsc#1197426).
Special Instructions and Notes:
Please reboot the system after installing this update.
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1506=1
- SUSE Linux Enterprise Module for Server Applications 15-SP3:
zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP3-2022-1506=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-1506=1
- SUSE Linux Enterprise Micro 5.2:
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2022-1506=1
- SUSE Linux Enterprise Micro 5.1:
zypper in -t patch SUSE-SUSE-MicroOS-5.1-2022-1506=1
Package List:
- openSUSE Leap 15.3 (aarch64 x86_64):
xen-4.14.4_04-150300.3.24.1
xen-debugsource-4.14.4_04-150300.3.24.1
xen-devel-4.14.4_04-150300.3.24.1
xen-doc-html-4.14.4_04-150300.3.24.1
xen-libs-4.14.4_04-150300.3.24.1
xen-libs-debuginfo-4.14.4_04-150300.3.24.1
xen-tools-4.14.4_04-150300.3.24.1
xen-tools-debuginfo-4.14.4_04-150300.3.24.1
xen-tools-domU-4.14.4_04-150300.3.24.1
xen-tools-domU-debuginfo-4.14.4_04-150300.3.24.1
- openSUSE Leap 15.3 (noarch):
xen-tools-xendomains-wait-disk-4.14.4_04-150300.3.24.1
- openSUSE Leap 15.3 (x86_64):
xen-libs-32bit-4.14.4_04-150300.3.24.1
xen-libs-32bit-debuginfo-4.14.4_04-150300.3.24.1
- SUSE Linux Enterprise Module for Server Applications 15-SP3 (noarch):
xen-tools-xendomains-wait-disk-4.14.4_04-150300.3.24.1
- SUSE Linux Enterprise Module for Server Applications 15-SP3 (x86_64):
xen-4.14.4_04-150300.3.24.1
xen-debugsource-4.14.4_04-150300.3.24.1
xen-devel-4.14.4_04-150300.3.24.1
xen-tools-4.14.4_04-150300.3.24.1
xen-tools-debuginfo-4.14.4_04-150300.3.24.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (x86_64):
xen-debugsource-4.14.4_04-150300.3.24.1
xen-libs-4.14.4_04-150300.3.24.1
xen-libs-debuginfo-4.14.4_04-150300.3.24.1
xen-tools-domU-4.14.4_04-150300.3.24.1
xen-tools-domU-debuginfo-4.14.4_04-150300.3.24.1
- SUSE Linux Enterprise Micro 5.2 (x86_64):
xen-debugsource-4.14.4_04-150300.3.24.1
xen-libs-4.14.4_04-150300.3.24.1
xen-libs-debuginfo-4.14.4_04-150300.3.24.1
- SUSE Linux Enterprise Micro 5.1 (x86_64):
xen-debugsource-4.14.4_04-150300.3.24.1
xen-libs-4.14.4_04-150300.3.24.1
xen-libs-debuginfo-4.14.4_04-150300.3.24.1
References:
https://www.suse.com/security/cve/CVE-2022-26356.html
https://www.suse.com/security/cve/CVE-2022-26357.html
https://www.suse.com/security/cve/CVE-2022-26358.html
https://www.suse.com/security/cve/CVE-2022-26359.html
https://www.suse.com/security/cve/CVE-2022-26360.html
https://www.suse.com/security/cve/CVE-2022-26361.html
https://bugzilla.suse.com/1197423
https://bugzilla.suse.com/1197425
https://bugzilla.suse.com/1197426
1
0
SUSE-SU-2022:1510-1: important: Security update for amazon-ssm-agent
by opensuse-security@opensuse.org 03 May '22
by opensuse-security@opensuse.org 03 May '22
03 May '22
SUSE Security Update: Security update for amazon-ssm-agent
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1510-1
Rating: important
References: #1196556
Cross-References: CVE-2022-29527
CVSS scores:
CVE-2022-29527 (SUSE): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products:
SUSE Linux Enterprise High Performance Computing 15
SUSE Linux Enterprise High Performance Computing 15-SP1
SUSE Linux Enterprise High Performance Computing 15-SP2
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Public Cloud 15
SUSE Linux Enterprise Module for Public Cloud 15-SP1
SUSE Linux Enterprise Module for Public Cloud 15-SP2
SUSE Linux Enterprise Module for Public Cloud 15-SP3
SUSE Linux Enterprise Module for Public Cloud 15-SP4
SUSE Linux Enterprise Server 15
SUSE Linux Enterprise Server 15-SP1
SUSE Linux Enterprise Server 15-SP2
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15
SUSE Linux Enterprise Server for SAP Applications 15-SP1
SUSE Linux Enterprise Server for SAP Applications 15-SP2
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Linux Enterprise Storage 6
SUSE Linux Enterprise Storage 7
SUSE Manager Proxy 4.0
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Server 4.0
SUSE Manager Server 4.1
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for amazon-ssm-agent fixes the following issues:
- CVE-2022-29527: Fixed unsafe file creation mode of ssm-agent-users
sudoer file (bsc#1196556).
Update to version 3.1.1260.0
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1510=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1510=1
- SUSE Linux Enterprise Module for Public Cloud 15-SP4:
zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2022-1510=1
- SUSE Linux Enterprise Module for Public Cloud 15-SP3:
zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP3-2022-1510=1
- SUSE Linux Enterprise Module for Public Cloud 15-SP2:
zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP2-2022-1510=1
- SUSE Linux Enterprise Module for Public Cloud 15-SP1:
zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP1-2022-1510=1
- SUSE Linux Enterprise Module for Public Cloud 15:
zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-2022-1510=1
Package List:
- openSUSE Leap 15.4 (aarch64 x86_64):
amazon-ssm-agent-3.1.1260.0-150000.5.9.2
- openSUSE Leap 15.3 (aarch64 x86_64):
amazon-ssm-agent-3.1.1260.0-150000.5.9.2
- SUSE Linux Enterprise Module for Public Cloud 15-SP4 (aarch64 x86_64):
amazon-ssm-agent-3.1.1260.0-150000.5.9.2
- SUSE Linux Enterprise Module for Public Cloud 15-SP3 (aarch64 x86_64):
amazon-ssm-agent-3.1.1260.0-150000.5.9.2
- SUSE Linux Enterprise Module for Public Cloud 15-SP2 (aarch64 x86_64):
amazon-ssm-agent-3.1.1260.0-150000.5.9.2
- SUSE Linux Enterprise Module for Public Cloud 15-SP1 (aarch64 x86_64):
amazon-ssm-agent-3.1.1260.0-150000.5.9.2
- SUSE Linux Enterprise Module for Public Cloud 15 (aarch64 x86_64):
amazon-ssm-agent-3.1.1260.0-150000.5.9.2
References:
https://www.suse.com/security/cve/CVE-2022-29527.html
https://bugzilla.suse.com/1196556
1
0
SUSE-SU-2022:1485-1: moderate: Security update for python39
by opensuse-security@opensuse.org 02 May '22
by opensuse-security@opensuse.org 02 May '22
02 May '22
SUSE Security Update: Security update for python39
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1485-1
Rating: moderate
References: #1186819 #1189241 #1189287 #1189356 #1193179
SLE-23849
Cross-References: CVE-2021-3572 CVE-2021-3733 CVE-2021-3737
CVSS scores:
CVE-2021-3572 (NVD) : 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N
CVE-2021-3572 (SUSE): 4.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N
CVE-2021-3733 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2021-3733 (SUSE): 4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2021-3737 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2021-3737 (SUSE): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Affected Products:
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Development Tools 15-SP3
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Manager Proxy 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that solves three vulnerabilities, contains one
feature and has two fixes is now available.
Description:
This update for python39 fixes the following issues:
- CVE-2021-3572: Fixed an improper handling of unicode characters in pip
(bsc#1186819).
- Update to 3.9.10 (jsc#SLE-23849)
- Remove shebangs from from python-base libraries in _libdir. (bsc#1193179)
- Update to 3.9.9:
* Core and Builtins
+ bpo-30570: Fixed a crash in issubclass() from infinite recursion
when searching pathological __bases__ tuples.
+ bpo-45494: Fix parser crash when reporting errors involving invalid
continuation characters. Patch by Pablo Galindo.
+ bpo-45385: Fix reference leak from descr_check. Patch by Dong-hee Na.
+ bpo-45167: Fix deepcopying of types.GenericAlias objects.
+ bpo-44219: Release the GIL while performing isatty system calls on
arbitrary file descriptors. In particular, this affects os.isatty(),
os.device_encoding() and io.TextIOWrapper. By extension, io.open()
in text mode is also affected. This change solves a deadlock in
os.isatty(). Patch by Vincent Michel in bpo-44219.
+ bpo-44959: Added fallback to extension modules with '.sl' suffix on
HP-UX
+ bpo-44050: Extensions that indicate they use global state (by
setting m_size to -1) can again be used in multiple interpreters.
This reverts to behavior of Python 3.8.
+ bpo-45121: Fix issue where Protocol.__init__ raises RecursionError
when it's called directly or via super(). Patch provided by Yurii
Karabas.
+ bpo-45083: When the interpreter renders an exception, its name now
has a complete qualname. Previously only the class name was
concatenated to the module name, which sometimes resulted in an
incorrect full name being displayed.
+ bpo-45738: Fix computation of error location for invalid
continuation characters in the parser. Patch by Pablo Galindo.
+ Library
+ bpo-45678: Fix bug in Python 3.9 that meant
functools.singledispatchmethod failed to properly wrap the
attributes of the target method. Patch by Alex Waygood.
+ bpo-45679: Fix caching of multi-value typing.Literal. Literal[True,
2] is no longer equal to Literal[1, 2].
+ bpo-45438: Fix typing.Signature string representation for generic
builtin types.
+ bpo-45581: sqlite3.connect() now correctly raises MemoryError if the
underlying SQLite API signals memory error. Patch by Erlend E.
Aasland.
+ bpo-39679: Fix bug in functools.singledispatchmethod that caused it
to fail when attempting to register a classmethod() or
staticmethod() using type annotations. Patch contributed by Alex
Waygood.
+ bpo-45515: Add references to zoneinfo in the datetime documentation,
mostly replacing outdated references to dateutil.tz. Change by Paul
Ganssle.
+ bpo-45467: Fix incremental decoder and stream reader in the
"raw-unicode-escape" codec. Previously they failed if the escape
sequence was split.
+ bpo-45461: Fix incremental decoder and stream reader in the
"unicode-escape" codec. Previously they failed if the escape
sequence was split.
+ bpo-45239: Fixed email.utils.parsedate_tz() crashing with
UnboundLocalError on certain invalid input instead of returning
None. Patch by Ben Hoyt.
+ bpo-44904: Fix bug in the doctest module that caused it to fail if a
docstring included an example with a classmethod property. Patch by
Alex Waygood.
+ bpo-45406: Make inspect.getmodule() catch FileNotFoundError raised
by :'func:inspect.getabsfile, and return None to indicate that the
module could not be determined.
+ bpo-45262: Prevent use-after-free in asyncio. Make sure the cached
running loop holder gets cleared on dealloc to prevent
use-after-free in get_running_loop
+ bpo-45386: Make xmlrpc.client more robust to C runtimes where the
underlying C strftime function results in a ValueError when testing
for year formatting options.
+ bpo-45371: Fix clang rpath issue in distutils. The UnixCCompiler now
uses correct clang option to add a runtime library directory (rpath)
to a shared library.
+ bpo-20028: Improve error message of csv.Dialect when initializing.
Patch by Vajrasky Kok and Dong-hee Na.
+ bpo-45343: Update bundled pip to 21.2.4 and setuptools to 58.1.0
+ bpo-41710: On Unix, if the sem_clockwait() function is available in
the C library (glibc 2.30 and newer), the threading.Lock.acquire()
method now uses the monotonic clock (time.CLOCK_MONOTONIC) for the
timeout, rather than using the system clock (time.CLOCK_REALTIME),
to not be affected by system clock changes. Patch by Victor Stinner.
+ bpo-45328: Fixed http.client.HTTPConnection to work properly in OSs
that don't support the TCP_NODELAY socket option.
+ bpo-1596321: Fix the threading._shutdown() function when the
threading module was imported first from a thread different than the
main thread: no longer log an error at Python exit.
+ bpo-45274: Fix a race condition in the Thread.join() method of the
threading module. If the function is interrupted by a signal and the
signal handler raises an exception, make sure that the thread
remains in a consistent state to prevent a deadlock. Patch by Victor
Stinner.
+ bpo-45238: Fix unittest.IsolatedAsyncioTestCase.debug(): it runs now
asynchronous methods and callbacks.
+ bpo-36674: unittest.TestCase.debug() raises now a unittest.SkipTest
if the class or the test method are decorated with the skipping
decorator.
+ bpo-45235: Fix an issue where argparse would not preserve values in
a provided namespace when using a subparser with defaults.
+ bpo-45234: Fixed a regression in copyfile(), copy(), copy2() raising
FileNotFoundError when source is a directory, which should raise
IsADirectoryError
+ bpo-45228: Fix stack buffer overflow in parsing J1939 network
address.
+ bpo-45192: Fix the tempfile._infer_return_type function so that the
dir argument of the tempfile functions accepts an object
implementing the os.PathLike protocol.
+ bpo-45160: When tracing a tkinter variable used by a ttk OptionMenu,
callbacks are no longer made twice.
+ bpo-35474: Calling mimetypes.guess_all_extensions() with
strict=False no longer affects the result of the following call with
strict=True. Also, mutating the returned list no longer affects the
global state.
+ bpo-45166: typing.get_type_hints() now works with Final wrapped in
ForwardRef.
+ bpo-45097: Remove deprecation warnings about the loop argument in
asyncio incorrectly emitted in cases when the user does not pass the
loop argument.
+ bpo-45081: Fix issue when dataclasses that inherit from
typing.Protocol subclasses have wrong __init__. Patch provided by
Yurii Karabas.
+ bpo-24444: Fixed an error raised in argparse help display when help
for an option is set to 1+ blank spaces or when choices arg is an
empty container.
+ bpo-45021: Fix a potential deadlock at shutdown of forked children
when using concurrent.futures module
+ bpo-45030: Fix integer overflow in pickling and copying the range
iterator.
+ bpo-39039: tarfile.open raises ReadError when a zlib error occurs
during file extraction.
+ bpo-44594: Fix an edge case of ExitStack and AsyncExitStack
exception chaining. They will now match with block behavior when
__context__ is explicitly set to None when the exception is in
flight.
* Documentation
+ bpo-45726: Improve documentation for functools.singledispatch() and
functools.singledispatchmethod.
+ bpo-45680: Amend the docs on GenericAlias objects to clarify that
non-container classes can also implement __class_getitem__. Patch
contributed by Alex Waygood.
+ bpo-45655: Add a new "relevant PEPs" section to the top of the
documentation for the typing module. Patch by Alex Waygood.
+ bpo-45604: Add level argument to multiprocessing.log_to_stderr
function docs.
+ bpo-45464: Mention in the documentation of Built-in Exceptions that
inheriting from multiple exception types in a single subclass is not
recommended due to possible memory layout incompatibility.
+ bpo-45449: Add note about PEP 585 in collections.abc.
+ bpo-45516: Add protocol description to the importlib.abc.Traversable
documentation.
+ bpo-20692: Add Programming FAQ entry explaining that int literal
attribute access requires either a space after or parentheses around
the literal.
+ bpo-45216: Remove extra documentation listing methods in difflib. It
was rendering twice in pydoc and was outdated in some places.
+ bpo-45772: socket.socket documentation is corrected to a class from
a function.
+ bpo-45392: Update the docstring of the type built-in to remove a
redundant line and to mention keyword arguments for the constructor.
* Tests
+ bpo-45578: Add tests for dis.distb()
+ bpo-45577: Add subtests for all pickle protocols in test_zoneinfo.
+ bpo-43592: test.libregrtest now raises the soft resource limit for
the maximum number of file descriptors when the default is too low
for our test suite as was often the case on macOS.
+ bpo-40173: Fix test.support.import_helper.import_fresh_module().
+ bpo-45280: Add a test case for empty typing.NamedTuple.
+ bpo-45269: Cover case when invalid markers type is supplied to
c_make_encoder.
+ bpo-45209: Fix UserWarning: resource_tracker warning in
_test_multiprocessing._TestSharedMemory.test_shared_memory_cleaned_after_pr
ocess_termination
+ bpo-45195: Fix test_readline.test_nonascii(): sometimes, the newline
character is not written at the end, so don't expect it in the
output. Patch by Victor Stinner.
+ bpo-45156: Fixes infinite loop on unittest.mock.seal() of mocks
created by create_autospec().
+ bpo-45042: Fixes that test classes decorated with
@hashlib_helper.requires_hashdigest were skipped all the time.
+ bpo-45235: Reverted an argparse bugfix that caused regression in the
handling of default arguments for subparsers. This prevented leaf
level arguments from taking precedence over root level arguments.
+ bpo-45765: In importlib.metadata, fix distribution discovery for an
empty path.
+ bpo-45644: In-place JSON file formatting using python3 -m json.tool
infile infile now works correctly, previously it left the file
empty. Patch by Chris Wesseling.
* Build
+ bpo-43158: setup.py now uses values from configure script to build
the _uuid extension module. Configure now detects util-linux's
libuuid, too.
+ bpo-45571: Modules/Setup now use PY_CFLAGS_NODIST instead of
PY_CFLAGS to compile shared modules.
+ bpo-45532: Update sys.version to use main as fallback information.
Patch by Jeong YunWon.
+ bpo-45405: Prevent internal configure error when running configure
with recent versions of non-Apple clang. Patch by David Bohman.
+ bpo-45220: Avoid building with the Windows 11 SDK previews
automatically. This may be overridden by setting the
DefaultWindowsSDKVersion environment variable before building.
* C API
+ bpo-44687: BufferedReader.peek() no longer raises ValueError when
the entire file has already been buffered.
+ bpo-44751: Remove crypt.h include from the public Python.h header.
- rpm-build-python dependency is available on the current Factory, not
with SLE.
- BuildRequire rpm-build-python: The provider to inject python(abi) has
been moved there. rpm-build pulls rpm-build-python automatically in when
building anything against python3-base, but this implies that the
initial build of python3-base does not trigger the automatic
installation.
- Update to 3.9.7:
- Security
- Replaced usage of tempfile.mktemp() with TemporaryDirectory to avoid
a potential race condition.
- Add auditing events to the marshal module, and stop raising
code.__init__ events for every unmarshalled code object. Directly
instantiated code objects will continue to raise an event, and audit
event handlers should inspect or collect the raw marshal data. This
reduces a significant performance overhead when loading from .pyc
files.
- Made the internal putcmd function in smtplib sanitize input for
presence of \r and \n characters to avoid (unlikely) command
injection.
- Core and Builtins
- Fixed pickling of range iterators that iterated for over 2**32 times.
- Fix a race in WeakKeyDictionary, WeakValueDictionary and WeakSet
when two threads attempt to commit the last pending removal. This
fixes asyncio.create_task and fixes a data loss in asyncio.run where
shutdown_asyncgens is not run
- Fixed a corner case bug where the result of
float.fromhex('0x.8p-1074') was rounded the wrong way.
- Refine the syntax error for trailing commas in import statements.
Patch by Pablo Galindo.
- Restore behaviour of complex exponentiation with integer-valued
exponent of type float or complex.
- Correct the ast locations of f-strings with format specs and
repeated expressions. Patch by Pablo Galindo
- Use new trashcan macros (Py_TRASHCAN_BEGIN/END) in frameobject.c
instead of the old ones (Py_TRASHCAN_SAFE_BEGIN/END).
- Fix segmentation fault with deep recursion when cleaning method
objects. Patch by Augusto Goulart and Pablo Galindo.
- Fix bug where PyErr_SetObject hangs when the current exception has a
cycle in its context chain.
- Fix reference leaks in the error paths of update_bases() and
__build_class__. Patch by Pablo Galindo.
- Fix undefined behaviour in complex object exponentiation.
- Remove uses of PyObject_GC_Del() in error path when initializing
types.GenericAlias.
- Remove the pass-through for hash() of weakref.proxy objects to
prevent unintended consequences when the original referred object
dies while the proxy is part of a hashable
object. Patch by Pablo Galindo.
- Fix ltrace functionality when exceptions are raised. Patch by Pablo
Galindo
- Fix a crash at Python exit when a deallocator function removes the
last strong reference to a heap type. Patch by Victor Stinner.
- Fix crash when using passing a non-exception to a generator's
throw() method. Patch by Noah Oxer
- Library
- run() now always return a TestResult instance. Previously it
returned None if the test class or method was decorated with a
skipping decorator.
- Fix bugs in cleaning up classes and modules in unittest:
- Functions registered with addModuleCleanup() were not called
unless the user defines tearDownModule() in their test module.
- Functions registered with addClassCleanup() were not called if
tearDownClass is set to None.
- Buffering in TestResult did not work with functions registered
with addClassCleanup() and addModuleCleanup().
- Errors in functions registered with addClassCleanup() and
addModuleCleanup() were not handled correctly in buffered and debug modes.
- Errors in setUpModule() and functions registered with
addModuleCleanup() were reported in wrong order.
- And several lesser bugs.
- Made email date parsing more robust against malformed input, namely
a whitespace-only Date: header. Patch by Wouter Bolsterlee.
- Fix a crash in the signal handler of the faulthandler module: no
longer modify the reference count of frame
objects. Patch by Victor Stinner.
- Method stopTestRun() is now always called in pair with method
startTestRun() for TestResult objects implicitly created in run().
Previously it was not called for test methods and classes decorated
with a skipping decorator.
- argparse.BooleanOptionalAction's default value is no longer printed
twice when used with argparse.ArgumentDefaultsHelpFormatter.
- Upgrade bundled pip to 21.2.3 and setuptools to 57.4.0
- Fix the os.set_inheritable() function on FreeBSD 14 for file
descriptor opened with the O_PATH flag: ignore the EBADF error on
ioctl(), fallback on the fcntl() implementation. Patch by Victor
Stinner.
- The @functools.total_ordering() decorator now works with metaclasses.
- sqlite3 user-defined functions and aggregators returning strings
with embedded NUL characters are no longer truncated. Patch by
Erlend E. Aasland.
- Always show loop= arg deprecations in asyncio.gather() and
asyncio.sleep()
- Non-protocol subclasses of typing.Protocol ignore now the __init__
method inherited from protocol base classes.
- The tokenize.tokenize() doesn't incorrectly generate a NEWLINE token
if the source doesn't end with a new line character but the last
line is a comment, as the function is already generating a NL token.
Patch by Pablo Galindo
- Fix http.client.HTTPSConnection fails to download >2GiB data.
- rcompleter does not call getattr() on property objects to avoid the
side-effect of evaluating the corresponding method.
- weakref.proxy objects referencing non-iterators now raise TypeError
rather than dereferencing the null tp_iternext slot and crashing.
- The implementation of collections.abc.Set._hash() now matches that
of frozenset.__hash__().
- Fixed issue in compileall.compile_file() when sys.stdout is
redirected. Patch by Stefan H��lzl.
- Give priority to using the current class constructor in
inspect.signature(). Patch by Weipeng Hong.
- Fix memory leak in _tkinter._flatten() if it is called with a
sequence or set, but not list or tuple.
- Update shutil.copyfile() to raise FileNotFoundError instead
of confusing IsADirectoryError when a path ending with a os.path.sep
does not exist; shutil.copy() and shutil.copy2() are also affected.
- handle StopIteration subclass raised from @contextlib.contextmanager
generator
- Make the implementation consistency of indexOf() between C and
Python versions. Patch by Dong-hee Na.
- Fixes TypedDict to work with typing.get_type_hints() and postponed
evaluation of annotations across modules.
- Fix bug with pdb's handling of import error due to a package which
does not have a __main__ module
- Fixed an exception thrown while parsing a malformed multipart email
by email.message.EmailMessage.
- pathlib.PureWindowsPath.is_reserved() now identifies a greater range
of reserved filenames, including those with trailing spaces or
colons.
- Handle exceptions from parsing the arg of pdb's run/restart command.
- The sqlite3 context manager now performs a rollback (thus releasing
the database lock) if commit failed. Patch by Luca Citi and Erlend
E. Aasland.
- Improved string handling for sqlite3 user-defined functions and
aggregates:
- It is now possible to pass strings with embedded null characters
to UDFs
- Conversion failures now correctly raise MemoryError
- Patch by Erlend E. Aasland.
- Handle RecursionError in TracebackException's constructor, so that
long exceptions chains are truncated instead of causing traceback
formatting to fail.
- Fix email.message.EmailMessage.set_content() when called with binary
data and 7bit content transfer encoding.
- The compresslevel and preset keyword arguments of tarfile.open() are
now both documented and tested.
- Fixed a Y2k38 bug in the compileall module where it would fail to
compile files with a modification time after the year 2038.
- Fix test___all__ on platforms lacking a shared memory implementation.
- Pass multiprocessing BaseProxy argument manager_owned through
AutoProxy.
- email.utils.getaddresses() now accepts email.header.Header
objects along with string values. Patch by Zackery Spytz.
- lib2to3 now recognizes async generators everywhere.
- Fix TypeError when required subparsers without dest do not receive
arguments. Patch by Anthony Sottile.
- Documentation
- Removed the othergui.rst file, any references to it, and the list of
GUI frameworks in the FAQ. In their place I've added links to the
Python Wiki page on GUI frameworks.
- Update the definition of __future__ in the glossary by replacing the
confusing word "pseudo-module" with a more accurate description.
- Add typical examples to os.path.splitext docs
- Clarify that shutil.make_archive() is not thread-safe due to
reliance on changing the current working directory.
- Update of three expired hyperlinks in Doc/distributing/index.rst:
"Project structure", "Building and packaging the project", and
"Uploading the project to the Python Packaging Index".
- Updated the docstring and docs of filecmp.cmp() to be more accurate
and less confusing especially in respect to shallow arg.
- Match the docstring and python implementation of countOf() to the
behavior of its c implementation.
- List all kwargs for textwrap.wrap(), textwrap.fill(), and
textwrap.shorten(). Now, there are nav links to attributes
of TextWrap, which makes navigation much easier while minimizing
duplication in the documentation.
- Clarify that atexit uses equality comparisons internally.
- Documentation of csv.Dialect is more descriptive.
- Fix documentation for the return type of sysconfig.get_path().
- Add a "Security Considerations" index which links to standard
library modules that have explicitly documented security
considerations.
- Remove the unqualified claim that tkinter is threadsafe. It has not
been true for several years and likely never was. An explanation of
what is true may be added later, after more discussion, and possibly
after patching _tkinter.c,
- Tests
- Add calls of gc.collect() in tests to support PyPy.
- Made tests relying on the _asyncio C extension module
optional to allow running on alternative Python implementations.
Patch by Serhiy Storchaka.
- Fix auto history tests of test_readline: sometimes, the newline
character is not written at the end, so don't expect it in the
output.
- Add ability to wholesale silence DeprecationWarnings while running
the regression test suite.
- Notify users running test_decimal regression tests on macOS
of potential harmless "malloc can't allocate region" messages spewed
by test_decimal.
- Fixed floating point precision issue in turtle tests.
- Regression tests, when run with -w, are now re-running only the
affected test methods instead of re-running the entire test file.
- Add test for nested queues when using multiprocessing shared objects
AutoProxy[Queue] inside ListProxy and DictProxy
- Add building with --with-system-libmpdec option (bsc#1189356).
- test_faulthandler is still problematic under qemu linux-user emulation,
disable it there
- Reenable profileopt with qemu emulation, test_faulthandler is no longer
run during profiling
- bpo-44022 (bsc#1189241, CVE-2021-3737): http.client now avoids
infinitely reading potential HTTP headers after a 100 Continue
status response from the server.
- bpo-43075 (CVE-2021-3733, bsc#1189287): Fix Regular Expression
Denial of Service (ReDoS) vulnerability in
urllib.request.AbstractBasicAuthHandler. The ReDoS-vulnerable regex
has quadratic worst-case complexity and it allows cause a denial of
service when identifying crafted invalid RFCs. This ReDoS issue is
on the client side and needs remote attackers to control the HTTP
server.
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1485=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1485=1
- SUSE Linux Enterprise Module for Development Tools 15-SP3:
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP3-2022-1485=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-1485=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
libpython3_9-1_0-3.9.10-150300.4.8.1
libpython3_9-1_0-debuginfo-3.9.10-150300.4.8.1
python39-3.9.10-150300.4.8.2
python39-base-3.9.10-150300.4.8.1
python39-base-debuginfo-3.9.10-150300.4.8.1
python39-core-debugsource-3.9.10-150300.4.8.1
python39-curses-3.9.10-150300.4.8.2
python39-curses-debuginfo-3.9.10-150300.4.8.2
python39-dbm-3.9.10-150300.4.8.2
python39-dbm-debuginfo-3.9.10-150300.4.8.2
python39-debuginfo-3.9.10-150300.4.8.2
python39-debugsource-3.9.10-150300.4.8.2
python39-devel-3.9.10-150300.4.8.1
python39-doc-3.9.10-150300.4.8.1
python39-doc-devhelp-3.9.10-150300.4.8.1
python39-idle-3.9.10-150300.4.8.2
python39-testsuite-3.9.10-150300.4.8.1
python39-testsuite-debuginfo-3.9.10-150300.4.8.1
python39-tk-3.9.10-150300.4.8.2
python39-tk-debuginfo-3.9.10-150300.4.8.2
python39-tools-3.9.10-150300.4.8.1
- openSUSE Leap 15.4 (x86_64):
libpython3_9-1_0-32bit-3.9.10-150300.4.8.1
libpython3_9-1_0-32bit-debuginfo-3.9.10-150300.4.8.1
python39-32bit-3.9.10-150300.4.8.2
python39-32bit-debuginfo-3.9.10-150300.4.8.2
python39-base-32bit-3.9.10-150300.4.8.1
python39-base-32bit-debuginfo-3.9.10-150300.4.8.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
libpython3_9-1_0-3.9.10-150300.4.8.1
libpython3_9-1_0-debuginfo-3.9.10-150300.4.8.1
python39-3.9.10-150300.4.8.2
python39-base-3.9.10-150300.4.8.1
python39-base-debuginfo-3.9.10-150300.4.8.1
python39-core-debugsource-3.9.10-150300.4.8.1
python39-curses-3.9.10-150300.4.8.2
python39-curses-debuginfo-3.9.10-150300.4.8.2
python39-dbm-3.9.10-150300.4.8.2
python39-dbm-debuginfo-3.9.10-150300.4.8.2
python39-debuginfo-3.9.10-150300.4.8.2
python39-debugsource-3.9.10-150300.4.8.2
python39-devel-3.9.10-150300.4.8.1
python39-doc-3.9.10-150300.4.8.1
python39-doc-devhelp-3.9.10-150300.4.8.1
python39-idle-3.9.10-150300.4.8.2
python39-testsuite-3.9.10-150300.4.8.1
python39-testsuite-debuginfo-3.9.10-150300.4.8.1
python39-tk-3.9.10-150300.4.8.2
python39-tk-debuginfo-3.9.10-150300.4.8.2
python39-tools-3.9.10-150300.4.8.1
- openSUSE Leap 15.3 (x86_64):
libpython3_9-1_0-32bit-3.9.10-150300.4.8.1
libpython3_9-1_0-32bit-debuginfo-3.9.10-150300.4.8.1
python39-32bit-3.9.10-150300.4.8.2
python39-32bit-debuginfo-3.9.10-150300.4.8.2
python39-base-32bit-3.9.10-150300.4.8.1
python39-base-32bit-debuginfo-3.9.10-150300.4.8.1
- SUSE Linux Enterprise Module for Development Tools 15-SP3 (aarch64 ppc64le s390x x86_64):
python39-core-debugsource-3.9.10-150300.4.8.1
python39-tools-3.9.10-150300.4.8.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64):
libpython3_9-1_0-3.9.10-150300.4.8.1
libpython3_9-1_0-debuginfo-3.9.10-150300.4.8.1
python39-3.9.10-150300.4.8.2
python39-base-3.9.10-150300.4.8.1
python39-base-debuginfo-3.9.10-150300.4.8.1
python39-core-debugsource-3.9.10-150300.4.8.1
python39-curses-3.9.10-150300.4.8.2
python39-curses-debuginfo-3.9.10-150300.4.8.2
python39-dbm-3.9.10-150300.4.8.2
python39-dbm-debuginfo-3.9.10-150300.4.8.2
python39-debuginfo-3.9.10-150300.4.8.2
python39-debugsource-3.9.10-150300.4.8.2
python39-devel-3.9.10-150300.4.8.1
python39-idle-3.9.10-150300.4.8.2
python39-tk-3.9.10-150300.4.8.2
python39-tk-debuginfo-3.9.10-150300.4.8.2
References:
https://www.suse.com/security/cve/CVE-2021-3572.html
https://www.suse.com/security/cve/CVE-2021-3733.html
https://www.suse.com/security/cve/CVE-2021-3737.html
https://bugzilla.suse.com/1186819
https://bugzilla.suse.com/1189241
https://bugzilla.suse.com/1189287
https://bugzilla.suse.com/1189356
https://bugzilla.suse.com/1193179
1
0
SUSE-SU-2022:1484-1: important: Security update for git
by opensuse-security@opensuse.org 02 May '22
by opensuse-security@opensuse.org 02 May '22
02 May '22
SUSE Security Update: Security update for git
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1484-1
Rating: important
References: #1181400 #1198234
Cross-References: CVE-2022-24765
CVSS scores:
CVE-2022-24765 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-24765 (SUSE): 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Affected Products:
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Module for Development Tools 15-SP3
SUSE Linux Enterprise Module for Development Tools 15-SP4
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that solves one vulnerability and has one errata
is now available.
Description:
This update for git fixes the following issues:
- Updated to version 2.35.3:
- CVE-2022-24765: Fixed a potential command injection via git worktree
(bsc#1198234).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1484=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1484=1
- SUSE Linux Enterprise Module for Development Tools 15-SP4:
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP4-2022-1484=1
- SUSE Linux Enterprise Module for Development Tools 15-SP3:
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP3-2022-1484=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-1484=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-1484=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
git-2.35.3-150300.10.12.1
git-arch-2.35.3-150300.10.12.1
git-core-2.35.3-150300.10.12.1
git-core-debuginfo-2.35.3-150300.10.12.1
git-credential-gnome-keyring-2.35.3-150300.10.12.1
git-credential-gnome-keyring-debuginfo-2.35.3-150300.10.12.1
git-credential-libsecret-2.35.3-150300.10.12.1
git-credential-libsecret-debuginfo-2.35.3-150300.10.12.1
git-cvs-2.35.3-150300.10.12.1
git-daemon-2.35.3-150300.10.12.1
git-daemon-debuginfo-2.35.3-150300.10.12.1
git-debuginfo-2.35.3-150300.10.12.1
git-debugsource-2.35.3-150300.10.12.1
git-email-2.35.3-150300.10.12.1
git-gui-2.35.3-150300.10.12.1
git-p4-2.35.3-150300.10.12.1
git-svn-2.35.3-150300.10.12.1
git-web-2.35.3-150300.10.12.1
gitk-2.35.3-150300.10.12.1
perl-Git-2.35.3-150300.10.12.1
- openSUSE Leap 15.4 (noarch):
git-doc-2.35.3-150300.10.12.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
git-2.35.3-150300.10.12.1
git-arch-2.35.3-150300.10.12.1
git-core-2.35.3-150300.10.12.1
git-core-debuginfo-2.35.3-150300.10.12.1
git-credential-gnome-keyring-2.35.3-150300.10.12.1
git-credential-gnome-keyring-debuginfo-2.35.3-150300.10.12.1
git-credential-libsecret-2.35.3-150300.10.12.1
git-credential-libsecret-debuginfo-2.35.3-150300.10.12.1
git-cvs-2.35.3-150300.10.12.1
git-daemon-2.35.3-150300.10.12.1
git-daemon-debuginfo-2.35.3-150300.10.12.1
git-debuginfo-2.35.3-150300.10.12.1
git-debugsource-2.35.3-150300.10.12.1
git-email-2.35.3-150300.10.12.1
git-gui-2.35.3-150300.10.12.1
git-p4-2.35.3-150300.10.12.1
git-svn-2.35.3-150300.10.12.1
git-web-2.35.3-150300.10.12.1
gitk-2.35.3-150300.10.12.1
perl-Git-2.35.3-150300.10.12.1
- openSUSE Leap 15.3 (noarch):
git-doc-2.35.3-150300.10.12.1
- SUSE Linux Enterprise Module for Development Tools 15-SP4 (aarch64 ppc64le s390x x86_64):
git-2.35.3-150300.10.12.1
git-arch-2.35.3-150300.10.12.1
git-cvs-2.35.3-150300.10.12.1
git-daemon-2.35.3-150300.10.12.1
git-daemon-debuginfo-2.35.3-150300.10.12.1
git-debuginfo-2.35.3-150300.10.12.1
git-debugsource-2.35.3-150300.10.12.1
git-email-2.35.3-150300.10.12.1
git-gui-2.35.3-150300.10.12.1
git-svn-2.35.3-150300.10.12.1
git-web-2.35.3-150300.10.12.1
gitk-2.35.3-150300.10.12.1
perl-Git-2.35.3-150300.10.12.1
- SUSE Linux Enterprise Module for Development Tools 15-SP4 (noarch):
git-doc-2.35.3-150300.10.12.1
- SUSE Linux Enterprise Module for Development Tools 15-SP3 (aarch64 ppc64le s390x x86_64):
git-2.35.3-150300.10.12.1
git-arch-2.35.3-150300.10.12.1
git-cvs-2.35.3-150300.10.12.1
git-daemon-2.35.3-150300.10.12.1
git-daemon-debuginfo-2.35.3-150300.10.12.1
git-debuginfo-2.35.3-150300.10.12.1
git-debugsource-2.35.3-150300.10.12.1
git-email-2.35.3-150300.10.12.1
git-gui-2.35.3-150300.10.12.1
git-svn-2.35.3-150300.10.12.1
git-web-2.35.3-150300.10.12.1
gitk-2.35.3-150300.10.12.1
- SUSE Linux Enterprise Module for Development Tools 15-SP3 (noarch):
git-doc-2.35.3-150300.10.12.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64 ppc64le s390x x86_64):
git-core-2.35.3-150300.10.12.1
git-core-debuginfo-2.35.3-150300.10.12.1
git-debuginfo-2.35.3-150300.10.12.1
git-debugsource-2.35.3-150300.10.12.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64):
git-core-2.35.3-150300.10.12.1
git-core-debuginfo-2.35.3-150300.10.12.1
git-debuginfo-2.35.3-150300.10.12.1
git-debugsource-2.35.3-150300.10.12.1
perl-Git-2.35.3-150300.10.12.1
References:
https://www.suse.com/security/cve/CVE-2022-24765.html
https://bugzilla.suse.com/1181400
https://bugzilla.suse.com/1198234
1
0
openSUSE-SU-2022:0123-1: important: Security update for opera
by opensuse-security@opensuse.org 01 May '22
by opensuse-security@opensuse.org 01 May '22
01 May '22
openSUSE Security Update: Security update for opera
______________________________________________________________________________
Announcement ID: openSUSE-SU-2022:0123-1
Rating: important
References:
Cross-References: CVE-2022-1364
Affected Products:
openSUSE Leap 15.3:NonFree
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for opera fixes the following issues:
Update to 86.0.4363.23:
- CHR-8843 Update chromium on desktop-stable-100-4363 to 100.0.4896.127
- DNA-98236 Turn on #snap-text-selection on all streams
- DNA-98507 DCHECK at address_bar_controller.cc(547)
- DNA-98528 Suggestions for internal pages disappear when typing their
full name
- DNA-98538 Change name of "Opera Crypto Wallet" to "Crypto Wallet"
- DNA-98540 Booking.com used instead of custom search engine
- DNA-98587 Favicon of booking suggestion in the city category is
unexpectedly changing
- DNA-98605 City suggestions should show URL in address field when
selected
- DNA-98608 #address-bar-dropdown-categories expired
- DNA-98616 Add recent searches to 'old' BABE
- DNA-98668 Switch to tab button leads to wrong tab
- DNA-98673 Improve suggestion removal handling in suggestion providers
- DNA-98681 Remove unused suggestion consumers
- DNA-98684 Have a dedicated SuggestionList for the new address bar
dropdown
- DNA-98685 Enable #native-crypto-wallet on developer
- DNA-98688 "Disable this feature" mini-menu settings is non-intuitive
- DNA-98690 Autocompleted text stayed in address field after removing
suggestion
- DNA-98738 Inline autocomplete suggestion for SD disappears after
typing 3rd letter of SD name
- DNA-98743 Blank dropdown after pressing space key
- DNA-98783 Improve showing suggestions with long URLs or page titles
- DNA-98785 "Switch to tab" button not shown for suggestions with www
subdomain when typing domain text
- DNA-98879 "Disable suggestions before typing" mini-menu option should
change to "Enable suggestions before typing" when being selected
- DNA-98917 Translations for O86
- DNA-98975 Turn on #snap-crop-tool on all channels
- DNA-98980 Enable #native-crypto-wallet on all streams
- DNA-99005 The sidebar item is not visible for already active crypto
wallet users when #native-crypto-wallet flag is enabled.
- DNA-99007 Crash at TemplateURLRef::ParseIfNecessary(SearchTermsData
const&) const
- DNA-99047 Promote O86 to stable
- The update to chromium 100.0.4896.127 fixes following issues:
CVE-2022-1364
- Complete Opera 86.0 changelog at:
https://blogs.opera.com/desktop/changelog-for-86/
Update to 85.0.4341.60:
- DNA-98666 Set baidu as default search engine in China
- DNA-98707 Hint is not displayed for new crypto wallet sidebar icon
- DNA-98775 RichHintsSearchEngineCondition.testSogouSearchEngine errors
Update to 85.0.4341.47:
- DNA-98249 Add feature flag #native-crypto-wallet
- DNA-98250 Install extension on startup
- DNA-98251 Make Crypto Wallet setting enable / disable extension
- DNA-98252 Deactivate old desktop crypto wallet
- DNA-98253 Always show ���Crypto Wallet��� in Sidebar Setup
- DNA-98497 Crash when installing extension
- DNA-98506 Enable opera_feature_crypto_wallet_encryption
on desktop
- DNA-98510 Blank icon in sidebar setup
- DNA-98538 Change name of "Opera Crypto Wallet" to "Crypto Wallet"
- DNA-98685 Enable #native-crypto-wallet on developer
- DNA-98766 Crash at
opera::AddressBarControllerImpl::OpenNativeDropdown()
- DNA-98768 Crash at
extensions::ContentFilterPrivateIsWhitelistedFunction::Run()
- DNA-98770 Recent searches stay in address field after selecting entry
from dropdown
- DNA-98772 Screen sharing broken
- DNA-98803 Autofilled part appended after selecting address bar using
shortcut
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:NonFree:
zypper in -t patch openSUSE-2022-123=1
Package List:
- openSUSE Leap 15.3:NonFree (x86_64):
opera-86.0.4363.23-lp153.2.45.1
References:
https://www.suse.com/security/cve/CVE-2022-1364.html
1
0