openSUSE Security Announce
Threads by month
- ----- 2024 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2023 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2022 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2021 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2020 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2019 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2018 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2017 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2016 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2015 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2014 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2013 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2012 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2011 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2010 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2009 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2008 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2007 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2006 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2005 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2004 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2003 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2002 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2001 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2000 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1999 -----
- December
- November
- October
- September
- August
August 2022
- 1 participants
- 110 discussions
SUSE-SU-2022:2834-1: important: Security update for podman
by opensuse-security@opensuse.org 17 Aug '22
by opensuse-security@opensuse.org 17 Aug '22
17 Aug '22
SUSE Security Update: Security update for podman
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:2834-1
Rating: important
References: #1182428 #1196338 #1197284
Cross-References: CVE-2022-1227 CVE-2022-21698 CVE-2022-27191
CVSS scores:
CVE-2022-1227 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-1227 (SUSE): 8 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
CVE-2022-21698 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-21698 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-27191 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-27191 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products:
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Containers 15-SP4
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes three vulnerabilities is now available.
Description:
This update for podman fixes the following issues:
Updated to version 3.4.7:
- CVE-2022-1227: Fixed an issue that could allow an attacker to publish a
malicious image to a public registry and run arbitrary code in the
victim's context via the 'podman top' command (bsc#1182428).
- CVE-2022-27191: Fixed a potential crash via SSH under specific
configurations (bsc#1197284).
- CVE-2022-21698: Fixed a potential denial of service that affected
servers that used Prometheus instrumentation (bsc#1196338).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-2834=1
- SUSE Linux Enterprise Module for Containers 15-SP4:
zypper in -t patch SUSE-SLE-Module-Containers-15-SP4-2022-2834=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
podman-3.4.7-150400.4.3.1
podman-debuginfo-3.4.7-150400.4.3.1
podman-remote-3.4.7-150400.4.3.1
podman-remote-debuginfo-3.4.7-150400.4.3.1
- openSUSE Leap 15.4 (noarch):
podman-cni-config-3.4.7-150400.4.3.1
podman-docker-3.4.7-150400.4.3.1
- SUSE Linux Enterprise Module for Containers 15-SP4 (aarch64 ppc64le s390x x86_64):
podman-3.4.7-150400.4.3.1
podman-debuginfo-3.4.7-150400.4.3.1
podman-remote-3.4.7-150400.4.3.1
podman-remote-debuginfo-3.4.7-150400.4.3.1
- SUSE Linux Enterprise Module for Containers 15-SP4 (noarch):
podman-cni-config-3.4.7-150400.4.3.1
podman-docker-3.4.7-150400.4.3.1
References:
https://www.suse.com/security/cve/CVE-2022-1227.html
https://www.suse.com/security/cve/CVE-2022-21698.html
https://www.suse.com/security/cve/CVE-2022-27191.html
https://bugzilla.suse.com/1182428
https://bugzilla.suse.com/1196338
https://bugzilla.suse.com/1197284
1
0
SUSE-SU-2022:2835-1: important: Security update for ntfs-3g_ntfsprogs
by opensuse-security@opensuse.org 17 Aug '22
by opensuse-security@opensuse.org 17 Aug '22
17 Aug '22
SUSE Security Update: Security update for ntfs-3g_ntfsprogs
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:2835-1
Rating: important
References: #1199978
Cross-References: CVE-2021-46790 CVE-2022-30783 CVE-2022-30784
CVE-2022-30785 CVE-2022-30786 CVE-2022-30787
CVE-2022-30788 CVE-2022-30789
CVSS scores:
CVE-2021-46790 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2021-46790 (SUSE): 5.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:L
CVE-2022-30783 (NVD) : 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CVE-2022-30783 (SUSE): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CVE-2022-30784 (NVD) : 6.8 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-30784 (SUSE): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
CVE-2022-30785 (NVD) : 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CVE-2022-30785 (SUSE): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CVE-2022-30786 (NVD) : 6.8 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-30786 (SUSE): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
CVE-2022-30787 (NVD) : 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CVE-2022-30787 (SUSE): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CVE-2022-30788 (NVD) : 6.8 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-30788 (SUSE): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
CVE-2022-30789 (NVD) : 6.8 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-30789 (SUSE): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
Affected Products:
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Linux Enterprise Workstation Extension 15-SP3
SUSE Linux Enterprise Workstation Extension 15-SP4
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes 8 vulnerabilities is now available.
Description:
This update for ntfs-3g_ntfsprogs fixes the following issues:
Updated to version 2022.5.17 (bsc#1199978):
- CVE-2022-30783: Fixed an issue where messages between NTFS-3G and the
kernel could be intercepted when using libfuse-lite.
- CVE-2022-30784: Fixed a memory exhaustion issue when opening a crafted
NTFS image.
- CVE-2022-30785: Fixed a bug where arbitrary memory read and write
operations could be achieved whe using libfuse-lite.
- CVE-2022-30786: Fixed a memory corruption issue when opening a crafted
NTFS image.
- CVE-2022-30787: Fixed an integer underflow which enabled arbitrary
memory read operations when using libfuse-lite.
- CVE-2022-30788: Fixed a memory corruption issue when opening a crafted
NTFS image.
- CVE-2022-30789: Fixed a memory corruption issue when opening a crafted
NTFS image.
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-2835=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-2835=1
- SUSE Linux Enterprise Workstation Extension 15-SP4:
zypper in -t patch SUSE-SLE-Product-WE-15-SP4-2022-2835=1
- SUSE Linux Enterprise Workstation Extension 15-SP3:
zypper in -t patch SUSE-SLE-Product-WE-15-SP3-2022-2835=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
libntfs-3g-devel-2022.5.17-150000.3.11.1
libntfs-3g87-2022.5.17-150000.3.11.1
libntfs-3g87-debuginfo-2022.5.17-150000.3.11.1
ntfs-3g-2022.5.17-150000.3.11.1
ntfs-3g-debuginfo-2022.5.17-150000.3.11.1
ntfs-3g_ntfsprogs-debuginfo-2022.5.17-150000.3.11.1
ntfs-3g_ntfsprogs-debugsource-2022.5.17-150000.3.11.1
ntfsprogs-2022.5.17-150000.3.11.1
ntfsprogs-debuginfo-2022.5.17-150000.3.11.1
ntfsprogs-extra-2022.5.17-150000.3.11.1
ntfsprogs-extra-debuginfo-2022.5.17-150000.3.11.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
libntfs-3g-devel-2022.5.17-150000.3.11.1
libntfs-3g87-2022.5.17-150000.3.11.1
libntfs-3g87-debuginfo-2022.5.17-150000.3.11.1
ntfs-3g-2022.5.17-150000.3.11.1
ntfs-3g-debuginfo-2022.5.17-150000.3.11.1
ntfs-3g_ntfsprogs-debuginfo-2022.5.17-150000.3.11.1
ntfs-3g_ntfsprogs-debugsource-2022.5.17-150000.3.11.1
ntfsprogs-2022.5.17-150000.3.11.1
ntfsprogs-debuginfo-2022.5.17-150000.3.11.1
ntfsprogs-extra-2022.5.17-150000.3.11.1
ntfsprogs-extra-debuginfo-2022.5.17-150000.3.11.1
- SUSE Linux Enterprise Workstation Extension 15-SP4 (x86_64):
libntfs-3g-devel-2022.5.17-150000.3.11.1
libntfs-3g87-2022.5.17-150000.3.11.1
libntfs-3g87-debuginfo-2022.5.17-150000.3.11.1
ntfs-3g-2022.5.17-150000.3.11.1
ntfs-3g-debuginfo-2022.5.17-150000.3.11.1
ntfs-3g_ntfsprogs-debuginfo-2022.5.17-150000.3.11.1
ntfs-3g_ntfsprogs-debugsource-2022.5.17-150000.3.11.1
ntfsprogs-2022.5.17-150000.3.11.1
ntfsprogs-debuginfo-2022.5.17-150000.3.11.1
- SUSE Linux Enterprise Workstation Extension 15-SP3 (x86_64):
libntfs-3g-devel-2022.5.17-150000.3.11.1
libntfs-3g87-2022.5.17-150000.3.11.1
libntfs-3g87-debuginfo-2022.5.17-150000.3.11.1
ntfs-3g-2022.5.17-150000.3.11.1
ntfs-3g-debuginfo-2022.5.17-150000.3.11.1
ntfs-3g_ntfsprogs-debuginfo-2022.5.17-150000.3.11.1
ntfs-3g_ntfsprogs-debugsource-2022.5.17-150000.3.11.1
ntfsprogs-2022.5.17-150000.3.11.1
ntfsprogs-debuginfo-2022.5.17-150000.3.11.1
References:
https://www.suse.com/security/cve/CVE-2021-46790.html
https://www.suse.com/security/cve/CVE-2022-30783.html
https://www.suse.com/security/cve/CVE-2022-30784.html
https://www.suse.com/security/cve/CVE-2022-30785.html
https://www.suse.com/security/cve/CVE-2022-30786.html
https://www.suse.com/security/cve/CVE-2022-30787.html
https://www.suse.com/security/cve/CVE-2022-30788.html
https://www.suse.com/security/cve/CVE-2022-30789.html
https://bugzilla.suse.com/1199978
1
0
SUSE-SU-2022:2831-1: moderate: Recommended update for aws-efs-utils, python-ansi2html, python-py, python-pytest-html, python-pytest-metadata, python-pytest-rerunfailures, python-coverage, python-oniconfig, python-unittest-mixins
by opensuse-security@opensuse.org 17 Aug '22
by opensuse-security@opensuse.org 17 Aug '22
17 Aug '22
SUSE Security Update: Recommended update for aws-efs-utils, python-ansi2html, python-py, python-pytest-html, python-pytest-metadata, python-pytest-rerunfailures, python-coverage, python-oniconfig, python-unittest-mixins
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:2831-1
Rating: moderate
References: #1195916 #1196696 SLE-23972
Cross-References: CVE-2020-29651
CVSS scores:
CVE-2020-29651 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2020-29651 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Affected Products:
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP1
SUSE Linux Enterprise High Performance Computing 15-SP2
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Micro 5.1
SUSE Linux Enterprise Micro 5.2
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Module for Development Tools 15-SP3
SUSE Linux Enterprise Module for Development Tools 15-SP4
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4
SUSE Linux Enterprise Module for Public Cloud 15-SP1
SUSE Linux Enterprise Module for Public Cloud 15-SP2
SUSE Linux Enterprise Module for Public Cloud 15-SP3
SUSE Linux Enterprise Module for Public Cloud 15-SP4
SUSE Linux Enterprise Module for Python2 15-SP3
SUSE Linux Enterprise Server 15-SP1
SUSE Linux Enterprise Server 15-SP2
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP1
SUSE Linux Enterprise Server for SAP Applications 15-SP2
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Linux Enterprise Storage 6
SUSE Linux Enterprise Storage 7
SUSE Linux Enterprise Storage 7.1
SUSE Manager Proxy 4.0
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.0
SUSE Manager Retail Branch Server 4.1
SUSE Manager Retail Branch Server 4.2
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.0
SUSE Manager Server 4.1
SUSE Manager Server 4.2
SUSE Manager Server 4.3
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that solves one vulnerability, contains one
feature and has one errata is now available.
Description:
This update for aws-efs-utils, python-ansi2html, python-py,
python-pytest-html, python-pytest-metadata, python-pytest-rerunfailures
fixes the following issues:
- Update in SLE-15 (bsc#1196696, bsc#1195916, jsc#SLE-23972)
- Remove redundant python3 dependency from Requires
- Update regular expression to fix python shebang
- Style is enforced upstream and triggers unnecessary build version
requirements
- Allow specifying fs_id in cloudwatch log group name
- Includes fix for stunnel path
- Added hardening to systemd service(s).
- Raise minimal pytest version
- Fix typo in the ansi2html Requires
- Cleanup with spec-cleaner
- Make sure the tests are really executed
- Remove useless devel dependency
- Multiprocessing support in Python 3.8 was broken, but is now fixed
- Bumpy the URL to point to github rather than to docs
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-2831=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-2831=1
- SUSE Linux Enterprise Module for Python2 15-SP3:
zypper in -t patch SUSE-SLE-Module-Python2-15-SP3-2022-2831=1
- SUSE Linux Enterprise Module for Public Cloud 15-SP4:
zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2022-2831=1
- SUSE Linux Enterprise Module for Public Cloud 15-SP3:
zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP3-2022-2831=1
- SUSE Linux Enterprise Module for Public Cloud 15-SP2:
zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP2-2022-2831=1
- SUSE Linux Enterprise Module for Public Cloud 15-SP1:
zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP1-2022-2831=1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4:
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP4-2022-2831=1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3:
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP3-2022-2831=1
- SUSE Linux Enterprise Module for Development Tools 15-SP4:
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP4-2022-2831=1
- SUSE Linux Enterprise Module for Development Tools 15-SP3:
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP3-2022-2831=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-2831=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-2831=1
- SUSE Linux Enterprise Micro 5.2:
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2022-2831=1
- SUSE Linux Enterprise Micro 5.1:
zypper in -t patch SUSE-SUSE-MicroOS-5.1-2022-2831=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
python-coverage-debuginfo-4.5.4-150000.3.3.2
python-coverage-debugsource-4.5.4-150000.3.3.2
python3-coverage-4.5.4-150000.3.3.2
python3-coverage-debuginfo-4.5.4-150000.3.3.2
- openSUSE Leap 15.4 (noarch):
python-atomicwrites-doc-1.1.5-150000.3.2.1
python3-apipkg-1.4-150000.3.2.1
python3-atomicwrites-1.1.5-150000.3.2.1
python3-py-1.10.0-150000.5.9.2
python3-pycodestyle-2.5.0-150000.3.2.2
python3-pyflakes-2.1.1-150000.3.2.2
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
python-coverage-debuginfo-4.5.4-150000.3.3.2
python-coverage-debugsource-4.5.4-150000.3.3.2
python2-coverage-4.5.4-150000.3.3.2
python2-coverage-debuginfo-4.5.4-150000.3.3.2
python3-coverage-4.5.4-150000.3.3.2
python3-coverage-debuginfo-4.5.4-150000.3.3.2
- openSUSE Leap 15.3 (noarch):
python-atomicwrites-doc-1.1.5-150000.3.2.1
python2-apipkg-1.4-150000.3.2.1
python2-atomicwrites-1.1.5-150000.3.2.1
python2-py-1.10.0-150000.5.9.2
python2-pycodestyle-2.5.0-150000.3.2.2
python2-pyflakes-2.1.1-150000.3.2.2
python3-apipkg-1.4-150000.3.2.1
python3-atomicwrites-1.1.5-150000.3.2.1
python3-py-1.10.0-150000.5.9.2
python3-pycodestyle-2.5.0-150000.3.2.2
python3-pyflakes-2.1.1-150000.3.2.2
- SUSE Linux Enterprise Module for Python2 15-SP3 (noarch):
python2-apipkg-1.4-150000.3.2.1
python2-iniconfig-1.1.1-150000.1.3.1
python2-py-1.10.0-150000.5.9.2
- SUSE Linux Enterprise Module for Public Cloud 15-SP4 (noarch):
python3-atomicwrites-1.1.5-150000.3.2.1
- SUSE Linux Enterprise Module for Public Cloud 15-SP3 (noarch):
python3-atomicwrites-1.1.5-150000.3.2.1
- SUSE Linux Enterprise Module for Public Cloud 15-SP2 (noarch):
python3-atomicwrites-1.1.5-150000.3.2.1
- SUSE Linux Enterprise Module for Public Cloud 15-SP1 (noarch):
python3-atomicwrites-1.1.5-150000.3.2.1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4 (aarch64 ppc64le s390x x86_64):
python-coverage-debuginfo-4.5.4-150000.3.3.2
python-coverage-debugsource-4.5.4-150000.3.3.2
python2-coverage-4.5.4-150000.3.3.2
python2-coverage-debuginfo-4.5.4-150000.3.3.2
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4 (noarch):
python2-atomicwrites-1.1.5-150000.3.2.1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3 (aarch64 ppc64le s390x x86_64):
python-coverage-debuginfo-4.5.4-150000.3.3.2
python-coverage-debugsource-4.5.4-150000.3.3.2
python2-coverage-4.5.4-150000.3.3.2
python2-coverage-debuginfo-4.5.4-150000.3.3.2
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3 (noarch):
python2-atomicwrites-1.1.5-150000.3.2.1
- SUSE Linux Enterprise Module for Development Tools 15-SP4 (aarch64 ppc64le s390x x86_64):
python-coverage-debuginfo-4.5.4-150000.3.3.2
python-coverage-debugsource-4.5.4-150000.3.3.2
python3-coverage-4.5.4-150000.3.3.2
python3-coverage-debuginfo-4.5.4-150000.3.3.2
- SUSE Linux Enterprise Module for Development Tools 15-SP3 (aarch64 ppc64le s390x x86_64):
python-coverage-debuginfo-4.5.4-150000.3.3.2
python-coverage-debugsource-4.5.4-150000.3.3.2
python3-coverage-4.5.4-150000.3.3.2
python3-coverage-debuginfo-4.5.4-150000.3.3.2
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (noarch):
python3-apipkg-1.4-150000.3.2.1
python3-iniconfig-1.1.1-150000.1.3.1
python3-py-1.10.0-150000.5.9.2
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (noarch):
python3-apipkg-1.4-150000.3.2.1
python3-iniconfig-1.1.1-150000.1.3.1
python3-py-1.10.0-150000.5.9.2
- SUSE Linux Enterprise Micro 5.2 (noarch):
python3-py-1.10.0-150000.5.9.2
- SUSE Linux Enterprise Micro 5.1 (noarch):
python3-py-1.10.0-150000.5.9.2
References:
https://www.suse.com/security/cve/CVE-2020-29651.html
https://bugzilla.suse.com/1195916
https://bugzilla.suse.com/1196696
1
0
SUSE-SU-2022:2825-1: important: Security update for rsync
by opensuse-security@opensuse.org 16 Aug '22
by opensuse-security@opensuse.org 16 Aug '22
16 Aug '22
SUSE Security Update: Security update for rsync
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:2825-1
Rating: important
References: #1201840
Cross-References: CVE-2022-29154
CVSS scores:
CVE-2022-29154 (NVD) : 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H
CVE-2022-29154 (SUSE): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected Products:
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for rsync fixes the following issues:
- CVE-2022-29154: Fixed an arbitrary file write when connecting to a
malicious server (bsc#1201840).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-2825=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-2825=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
rsync-3.2.3-150400.3.3.1
rsync-debuginfo-3.2.3-150400.3.3.1
rsync-debugsource-3.2.3-150400.3.3.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64 ppc64le s390x x86_64):
rsync-3.2.3-150400.3.3.1
rsync-debuginfo-3.2.3-150400.3.3.1
rsync-debugsource-3.2.3-150400.3.3.1
References:
https://www.suse.com/security/cve/CVE-2022-29154.html
https://bugzilla.suse.com/1201840
1
0
SUSE-SU-2022:2826-1: important: Security update for webkit2gtk3
by opensuse-security@opensuse.org 16 Aug '22
by opensuse-security@opensuse.org 16 Aug '22
16 Aug '22
SUSE Security Update: Security update for webkit2gtk3
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:2826-1
Rating: important
References: #1201980
Cross-References: CVE-2022-32792 CVE-2022-32816
CVSS scores:
CVE-2022-32792 (SUSE): 8.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
CVE-2022-32816 (SUSE): 5.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
Affected Products:
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Module for Desktop Applications 15-SP4
SUSE Linux Enterprise Module for Development Tools 15-SP4
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for webkit2gtk3 fixes the following issues:
- Update to version 2.36.5 (bsc#1201980):
- Add support for PAC proxy in the WebDriver implementation.
- Fix video playback when loaded through custom URIs, this fixes video
playback in the Yelp documentation browser.
- Fix WebKitWebView::context-menu when using GTK4.
- Fix LTO builds with GCC.
- Fix several crashes and rendering issues.
- Security fixes:
- CVE-2022-32792: Fixed processing maliciously crafted web content may
lead to arbitrary code execution.
- CVE-2022-32816: Fixed visiting a website that frames malicious content
may lead to UI spoofing.
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-2826=1
- SUSE Linux Enterprise Module for Development Tools 15-SP4:
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP4-2022-2826=1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP4:
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP4-2022-2826=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-2826=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
libjavascriptcoregtk-4_0-18-2.36.5-150400.4.9.1
libjavascriptcoregtk-4_0-18-debuginfo-2.36.5-150400.4.9.1
libjavascriptcoregtk-4_1-0-2.36.5-150400.4.9.1
libjavascriptcoregtk-4_1-0-debuginfo-2.36.5-150400.4.9.1
libjavascriptcoregtk-5_0-0-2.36.5-150400.4.9.1
libjavascriptcoregtk-5_0-0-debuginfo-2.36.5-150400.4.9.1
libwebkit2gtk-4_0-37-2.36.5-150400.4.9.1
libwebkit2gtk-4_0-37-debuginfo-2.36.5-150400.4.9.1
libwebkit2gtk-4_1-0-2.36.5-150400.4.9.1
libwebkit2gtk-4_1-0-debuginfo-2.36.5-150400.4.9.1
libwebkit2gtk-5_0-0-2.36.5-150400.4.9.1
libwebkit2gtk-5_0-0-debuginfo-2.36.5-150400.4.9.1
typelib-1_0-JavaScriptCore-4_0-2.36.5-150400.4.9.1
typelib-1_0-JavaScriptCore-4_1-2.36.5-150400.4.9.1
typelib-1_0-JavaScriptCore-5_0-2.36.5-150400.4.9.1
typelib-1_0-WebKit2-4_0-2.36.5-150400.4.9.1
typelib-1_0-WebKit2-4_1-2.36.5-150400.4.9.1
typelib-1_0-WebKit2-5_0-2.36.5-150400.4.9.1
typelib-1_0-WebKit2WebExtension-4_0-2.36.5-150400.4.9.1
typelib-1_0-WebKit2WebExtension-4_1-2.36.5-150400.4.9.1
typelib-1_0-WebKit2WebExtension-5_0-2.36.5-150400.4.9.1
webkit-jsc-4-2.36.5-150400.4.9.1
webkit-jsc-4-debuginfo-2.36.5-150400.4.9.1
webkit-jsc-4.1-2.36.5-150400.4.9.1
webkit-jsc-4.1-debuginfo-2.36.5-150400.4.9.1
webkit-jsc-5.0-2.36.5-150400.4.9.1
webkit-jsc-5.0-debuginfo-2.36.5-150400.4.9.1
webkit2gtk-4_0-injected-bundles-2.36.5-150400.4.9.1
webkit2gtk-4_0-injected-bundles-debuginfo-2.36.5-150400.4.9.1
webkit2gtk-4_1-injected-bundles-2.36.5-150400.4.9.1
webkit2gtk-4_1-injected-bundles-debuginfo-2.36.5-150400.4.9.1
webkit2gtk-5_0-injected-bundles-2.36.5-150400.4.9.1
webkit2gtk-5_0-injected-bundles-debuginfo-2.36.5-150400.4.9.1
webkit2gtk3-debugsource-2.36.5-150400.4.9.1
webkit2gtk3-devel-2.36.5-150400.4.9.1
webkit2gtk3-minibrowser-2.36.5-150400.4.9.1
webkit2gtk3-minibrowser-debuginfo-2.36.5-150400.4.9.1
webkit2gtk3-soup2-debugsource-2.36.5-150400.4.9.1
webkit2gtk3-soup2-devel-2.36.5-150400.4.9.1
webkit2gtk3-soup2-minibrowser-2.36.5-150400.4.9.1
webkit2gtk3-soup2-minibrowser-debuginfo-2.36.5-150400.4.9.1
webkit2gtk4-debugsource-2.36.5-150400.4.9.1
webkit2gtk4-devel-2.36.5-150400.4.9.1
webkit2gtk4-minibrowser-2.36.5-150400.4.9.1
webkit2gtk4-minibrowser-debuginfo-2.36.5-150400.4.9.1
- openSUSE Leap 15.4 (x86_64):
libjavascriptcoregtk-4_0-18-32bit-2.36.5-150400.4.9.1
libjavascriptcoregtk-4_0-18-32bit-debuginfo-2.36.5-150400.4.9.1
libjavascriptcoregtk-4_1-0-32bit-2.36.5-150400.4.9.1
libjavascriptcoregtk-4_1-0-32bit-debuginfo-2.36.5-150400.4.9.1
libwebkit2gtk-4_0-37-32bit-2.36.5-150400.4.9.1
libwebkit2gtk-4_0-37-32bit-debuginfo-2.36.5-150400.4.9.1
libwebkit2gtk-4_1-0-32bit-2.36.5-150400.4.9.1
libwebkit2gtk-4_1-0-32bit-debuginfo-2.36.5-150400.4.9.1
- openSUSE Leap 15.4 (noarch):
WebKit2GTK-4.0-lang-2.36.5-150400.4.9.1
WebKit2GTK-4.1-lang-2.36.5-150400.4.9.1
WebKit2GTK-5.0-lang-2.36.5-150400.4.9.1
- SUSE Linux Enterprise Module for Development Tools 15-SP4 (aarch64 ppc64le s390x x86_64):
libjavascriptcoregtk-5_0-0-2.36.5-150400.4.9.1
libjavascriptcoregtk-5_0-0-debuginfo-2.36.5-150400.4.9.1
libwebkit2gtk-5_0-0-2.36.5-150400.4.9.1
libwebkit2gtk-5_0-0-debuginfo-2.36.5-150400.4.9.1
typelib-1_0-JavaScriptCore-5_0-2.36.5-150400.4.9.1
typelib-1_0-WebKit2-5_0-2.36.5-150400.4.9.1
webkit2gtk-5_0-injected-bundles-2.36.5-150400.4.9.1
webkit2gtk-5_0-injected-bundles-debuginfo-2.36.5-150400.4.9.1
webkit2gtk4-debugsource-2.36.5-150400.4.9.1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP4 (aarch64 ppc64le s390x x86_64):
libjavascriptcoregtk-4_1-0-2.36.5-150400.4.9.1
libjavascriptcoregtk-4_1-0-debuginfo-2.36.5-150400.4.9.1
libwebkit2gtk-4_1-0-2.36.5-150400.4.9.1
libwebkit2gtk-4_1-0-debuginfo-2.36.5-150400.4.9.1
typelib-1_0-JavaScriptCore-4_1-2.36.5-150400.4.9.1
typelib-1_0-WebKit2-4_1-2.36.5-150400.4.9.1
typelib-1_0-WebKit2WebExtension-4_1-2.36.5-150400.4.9.1
webkit2gtk-4_1-injected-bundles-2.36.5-150400.4.9.1
webkit2gtk-4_1-injected-bundles-debuginfo-2.36.5-150400.4.9.1
webkit2gtk3-debugsource-2.36.5-150400.4.9.1
webkit2gtk3-devel-2.36.5-150400.4.9.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64 ppc64le s390x x86_64):
libjavascriptcoregtk-4_0-18-2.36.5-150400.4.9.1
libjavascriptcoregtk-4_0-18-debuginfo-2.36.5-150400.4.9.1
libwebkit2gtk-4_0-37-2.36.5-150400.4.9.1
libwebkit2gtk-4_0-37-debuginfo-2.36.5-150400.4.9.1
typelib-1_0-JavaScriptCore-4_0-2.36.5-150400.4.9.1
typelib-1_0-WebKit2-4_0-2.36.5-150400.4.9.1
typelib-1_0-WebKit2WebExtension-4_0-2.36.5-150400.4.9.1
webkit2gtk-4_0-injected-bundles-2.36.5-150400.4.9.1
webkit2gtk-4_0-injected-bundles-debuginfo-2.36.5-150400.4.9.1
webkit2gtk3-soup2-debugsource-2.36.5-150400.4.9.1
webkit2gtk3-soup2-devel-2.36.5-150400.4.9.1
References:
https://www.suse.com/security/cve/CVE-2022-32792.html
https://www.suse.com/security/cve/CVE-2022-32816.html
https://bugzilla.suse.com/1201980
1
0
SUSE-SU-2022:2827-1: important: Security update for the Linux Kernel
by opensuse-security@opensuse.org 16 Aug '22
by opensuse-security@opensuse.org 16 Aug '22
16 Aug '22
SUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:2827-1
Rating: important
References: #1195775 #1195926 #1198484 #1198829 #1200442
#1200598 #1200910 #1201429 #1201635 #1201636
#1201644 #1201926 #1201930 #1201940
Cross-References: CVE-2020-36557 CVE-2020-36558 CVE-2021-33655
CVE-2021-33656 CVE-2022-1462 CVE-2022-20166
CVE-2022-36946
CVSS scores:
CVE-2020-36557 (NVD) : 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2020-36557 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2020-36558 (NVD) : 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2020-36558 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2021-33655 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2021-33655 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2021-33656 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2021-33656 (SUSE): 6.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:H
CVE-2022-1462 (NVD) : 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H
CVE-2022-1462 (SUSE): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H
CVE-2022-20166 (NVD) : 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CVE-2022-20166 (SUSE): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
CVE-2022-36946 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-36946 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products:
SUSE CaaS Platform 4.0
SUSE Enterprise Storage 6
SUSE Linux Enterprise High Availability 15-SP1
SUSE Linux Enterprise High Performance Computing 15-SP1
SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS
SUSE Linux Enterprise Module for Live Patching 15-SP1
SUSE Linux Enterprise Server 15-SP1
SUSE Linux Enterprise Server 15-SP1-BCL
SUSE Linux Enterprise Server 15-SP1-LTSS
SUSE Linux Enterprise Server for SAP 15-SP1
SUSE Linux Enterprise Server for SAP Applications 15-SP1
SUSE Linux Enterprise Storage 6
SUSE Manager Proxy 4.0
SUSE Manager Retail Branch Server 4.0
SUSE Manager Server 4.0
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that solves 7 vulnerabilities and has 7 fixes is
now available.
Description:
The SUSE Linux Enterprise 15 SP1 kernel was updated to receive various
security and bugfixes.
The following security bugs were fixed:
- CVE-2020-36557: Fixed race condition between the VT_DISALLOCATE ioctl
and closing/opening of ttys that could lead to a use-after-free
(bnc#1201429).
- CVE-2020-36558: Fixed race condition involving VT_RESIZEX that could
lead to a NULL pointer dereference and general protection fault
(bnc#1200910).
- CVE-2021-33655: Fixed out of bounds write with ioctl FBIOPUT_VSCREENINFO
(bnc#1201635).
- CVE-2021-33656: Fixed out of bounds write with ioctl PIO_FONT
(bnc#1201636).
- CVE-2022-1462: Fixed an out-of-bounds read flaw in the TeleTYpe
subsystem (bnc#1198829).
- CVE-2022-20166: Fixed possible out of bounds write due to sprintf
unsafety that could cause local escalation of privilege (bnc#1200598).
- CVE-2022-36946: Fixed incorrect packet truncation in nfqnl_mangle() that
could lead to remote DoS (bnc#1201940).
The following non-security bugs were fixed:
- cifs: On cifs_reconnect, resolve the hostname again (bsc#1201926).
- cifs: Simplify reconnect code when dfs upcall is enabled (bsc#1201926).
- cifs: To match file servers, make sure the server hostname matches
(bsc#1201926).
- cifs: fix memory leak of smb3_fs_context_dup::server_hostname
(bsc#1201926).
- cifs: set a minimum of 120s for next dns resolution (bsc#1201926).
- cifs: use the expiry output of dns_query to schedule next resolution
(bsc#1201926).
- kvm: emulate: Fix SETcc emulation function offsets with SLS
(bsc#1201930).
- kvm: emulate: do not adjust size of fastop and setcc subroutines
(bsc#1201930).
- rpm/*.spec.in: remove backtick usage
- rpm/constraints.in: skip SLOW_DISK workers for kernel-source
- rpm/kernel-obs-build.spec.in: Also depend on dracut-systemd (bsc#1195775)
- rpm/kernel-obs-build.spec.in: add systemd-initrd and terminfo dracut
module (bsc#1195775)
- rpm/kernel-obs-build.spec.in: use default dracut modules (bsc#1195926,
bsc#1198484)
- x86/entry: Remove skip_r11rcx (bsc#1201644).
Special Instructions and Notes:
Please reboot the system after installing this update.
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-2827=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-2827=1
- SUSE Linux Enterprise Server for SAP 15-SP1:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2022-2827=1
- SUSE Linux Enterprise Server 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2022-2827=1
- SUSE Linux Enterprise Server 15-SP1-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-BCL-2022-2827=1
- SUSE Linux Enterprise Module for Live Patching 15-SP1:
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP1-2022-2827=1
Please note that this is the initial kernel livepatch without fixes
itself, this livepatch package is later updated by seperate standalone
livepatch updates.
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-LTSS-2022-2827=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-ESPOS-2022-2827=1
- SUSE Linux Enterprise High Availability 15-SP1:
zypper in -t patch SUSE-SLE-Product-HA-15-SP1-2022-2827=1
- SUSE Enterprise Storage 6:
zypper in -t patch SUSE-Storage-6-2022-2827=1
- SUSE CaaS Platform 4.0:
To install this update, use the SUSE CaaS Platform 'skuba' tool. It
will inform you if it detects new updates and let you then trigger
updating of the complete cluster in a controlled way.
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
kernel-default-base-debuginfo-4.12.14-150100.197.120.1
kernel-vanilla-4.12.14-150100.197.120.1
kernel-vanilla-base-4.12.14-150100.197.120.1
kernel-vanilla-base-debuginfo-4.12.14-150100.197.120.1
kernel-vanilla-debuginfo-4.12.14-150100.197.120.1
kernel-vanilla-debugsource-4.12.14-150100.197.120.1
kernel-vanilla-devel-4.12.14-150100.197.120.1
kernel-vanilla-devel-debuginfo-4.12.14-150100.197.120.1
kernel-vanilla-livepatch-devel-4.12.14-150100.197.120.1
- openSUSE Leap 15.4 (ppc64le x86_64):
kernel-debug-base-4.12.14-150100.197.120.1
kernel-debug-base-debuginfo-4.12.14-150100.197.120.1
- openSUSE Leap 15.4 (x86_64):
kernel-kvmsmall-base-4.12.14-150100.197.120.1
kernel-kvmsmall-base-debuginfo-4.12.14-150100.197.120.1
- openSUSE Leap 15.4 (s390x):
kernel-default-man-4.12.14-150100.197.120.1
kernel-zfcpdump-man-4.12.14-150100.197.120.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
kernel-default-base-debuginfo-4.12.14-150100.197.120.1
kernel-vanilla-4.12.14-150100.197.120.1
kernel-vanilla-base-4.12.14-150100.197.120.1
kernel-vanilla-base-debuginfo-4.12.14-150100.197.120.1
kernel-vanilla-debuginfo-4.12.14-150100.197.120.1
kernel-vanilla-debugsource-4.12.14-150100.197.120.1
kernel-vanilla-devel-4.12.14-150100.197.120.1
kernel-vanilla-devel-debuginfo-4.12.14-150100.197.120.1
kernel-vanilla-livepatch-devel-4.12.14-150100.197.120.1
- openSUSE Leap 15.3 (ppc64le x86_64):
kernel-debug-base-4.12.14-150100.197.120.1
kernel-debug-base-debuginfo-4.12.14-150100.197.120.1
- openSUSE Leap 15.3 (x86_64):
kernel-kvmsmall-base-4.12.14-150100.197.120.1
kernel-kvmsmall-base-debuginfo-4.12.14-150100.197.120.1
- openSUSE Leap 15.3 (s390x):
kernel-default-man-4.12.14-150100.197.120.1
kernel-zfcpdump-man-4.12.14-150100.197.120.1
- SUSE Linux Enterprise Server for SAP 15-SP1 (ppc64le x86_64):
kernel-default-4.12.14-150100.197.120.1
kernel-default-base-4.12.14-150100.197.120.1
kernel-default-base-debuginfo-4.12.14-150100.197.120.1
kernel-default-debuginfo-4.12.14-150100.197.120.1
kernel-default-debugsource-4.12.14-150100.197.120.1
kernel-default-devel-4.12.14-150100.197.120.1
kernel-default-devel-debuginfo-4.12.14-150100.197.120.1
kernel-obs-build-4.12.14-150100.197.120.1
kernel-obs-build-debugsource-4.12.14-150100.197.120.1
kernel-syms-4.12.14-150100.197.120.1
reiserfs-kmp-default-4.12.14-150100.197.120.1
reiserfs-kmp-default-debuginfo-4.12.14-150100.197.120.1
- SUSE Linux Enterprise Server for SAP 15-SP1 (noarch):
kernel-devel-4.12.14-150100.197.120.1
kernel-docs-4.12.14-150100.197.120.2
kernel-macros-4.12.14-150100.197.120.1
kernel-source-4.12.14-150100.197.120.1
- SUSE Linux Enterprise Server 15-SP1-LTSS (aarch64 ppc64le s390x x86_64):
kernel-default-4.12.14-150100.197.120.1
kernel-default-base-4.12.14-150100.197.120.1
kernel-default-base-debuginfo-4.12.14-150100.197.120.1
kernel-default-debuginfo-4.12.14-150100.197.120.1
kernel-default-debugsource-4.12.14-150100.197.120.1
kernel-default-devel-4.12.14-150100.197.120.1
kernel-default-devel-debuginfo-4.12.14-150100.197.120.1
kernel-obs-build-4.12.14-150100.197.120.1
kernel-obs-build-debugsource-4.12.14-150100.197.120.1
kernel-syms-4.12.14-150100.197.120.1
reiserfs-kmp-default-4.12.14-150100.197.120.1
reiserfs-kmp-default-debuginfo-4.12.14-150100.197.120.1
- SUSE Linux Enterprise Server 15-SP1-LTSS (noarch):
kernel-devel-4.12.14-150100.197.120.1
kernel-docs-4.12.14-150100.197.120.2
kernel-macros-4.12.14-150100.197.120.1
kernel-source-4.12.14-150100.197.120.1
- SUSE Linux Enterprise Server 15-SP1-LTSS (s390x):
kernel-default-man-4.12.14-150100.197.120.1
kernel-zfcpdump-debuginfo-4.12.14-150100.197.120.1
kernel-zfcpdump-debugsource-4.12.14-150100.197.120.1
- SUSE Linux Enterprise Server 15-SP1-BCL (noarch):
kernel-devel-4.12.14-150100.197.120.1
kernel-docs-4.12.14-150100.197.120.2
kernel-macros-4.12.14-150100.197.120.1
kernel-source-4.12.14-150100.197.120.1
- SUSE Linux Enterprise Server 15-SP1-BCL (x86_64):
kernel-default-4.12.14-150100.197.120.1
kernel-default-base-4.12.14-150100.197.120.1
kernel-default-base-debuginfo-4.12.14-150100.197.120.1
kernel-default-debuginfo-4.12.14-150100.197.120.1
kernel-default-debugsource-4.12.14-150100.197.120.1
kernel-default-devel-4.12.14-150100.197.120.1
kernel-default-devel-debuginfo-4.12.14-150100.197.120.1
kernel-obs-build-4.12.14-150100.197.120.1
kernel-obs-build-debugsource-4.12.14-150100.197.120.1
kernel-syms-4.12.14-150100.197.120.1
reiserfs-kmp-default-4.12.14-150100.197.120.1
reiserfs-kmp-default-debuginfo-4.12.14-150100.197.120.1
- SUSE Linux Enterprise Module for Live Patching 15-SP1 (ppc64le x86_64):
kernel-default-debuginfo-4.12.14-150100.197.120.1
kernel-default-debugsource-4.12.14-150100.197.120.1
kernel-default-livepatch-4.12.14-150100.197.120.1
kernel-default-livepatch-devel-4.12.14-150100.197.120.1
kernel-livepatch-4_12_14-150100_197_120-default-1-150100.3.3.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (aarch64 x86_64):
kernel-default-4.12.14-150100.197.120.1
kernel-default-base-4.12.14-150100.197.120.1
kernel-default-base-debuginfo-4.12.14-150100.197.120.1
kernel-default-debuginfo-4.12.14-150100.197.120.1
kernel-default-debugsource-4.12.14-150100.197.120.1
kernel-default-devel-4.12.14-150100.197.120.1
kernel-default-devel-debuginfo-4.12.14-150100.197.120.1
kernel-obs-build-4.12.14-150100.197.120.1
kernel-obs-build-debugsource-4.12.14-150100.197.120.1
kernel-syms-4.12.14-150100.197.120.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (noarch):
kernel-devel-4.12.14-150100.197.120.1
kernel-docs-4.12.14-150100.197.120.2
kernel-macros-4.12.14-150100.197.120.1
kernel-source-4.12.14-150100.197.120.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (aarch64 x86_64):
kernel-default-4.12.14-150100.197.120.1
kernel-default-base-4.12.14-150100.197.120.1
kernel-default-base-debuginfo-4.12.14-150100.197.120.1
kernel-default-debuginfo-4.12.14-150100.197.120.1
kernel-default-debugsource-4.12.14-150100.197.120.1
kernel-default-devel-4.12.14-150100.197.120.1
kernel-default-devel-debuginfo-4.12.14-150100.197.120.1
kernel-obs-build-4.12.14-150100.197.120.1
kernel-obs-build-debugsource-4.12.14-150100.197.120.1
kernel-syms-4.12.14-150100.197.120.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (noarch):
kernel-devel-4.12.14-150100.197.120.1
kernel-docs-4.12.14-150100.197.120.2
kernel-macros-4.12.14-150100.197.120.1
kernel-source-4.12.14-150100.197.120.1
- SUSE Linux Enterprise High Availability 15-SP1 (aarch64 ppc64le s390x x86_64):
cluster-md-kmp-default-4.12.14-150100.197.120.1
cluster-md-kmp-default-debuginfo-4.12.14-150100.197.120.1
dlm-kmp-default-4.12.14-150100.197.120.1
dlm-kmp-default-debuginfo-4.12.14-150100.197.120.1
gfs2-kmp-default-4.12.14-150100.197.120.1
gfs2-kmp-default-debuginfo-4.12.14-150100.197.120.1
kernel-default-debuginfo-4.12.14-150100.197.120.1
kernel-default-debugsource-4.12.14-150100.197.120.1
ocfs2-kmp-default-4.12.14-150100.197.120.1
ocfs2-kmp-default-debuginfo-4.12.14-150100.197.120.1
- SUSE Enterprise Storage 6 (aarch64 x86_64):
kernel-default-4.12.14-150100.197.120.1
kernel-default-base-4.12.14-150100.197.120.1
kernel-default-base-debuginfo-4.12.14-150100.197.120.1
kernel-default-debuginfo-4.12.14-150100.197.120.1
kernel-default-debugsource-4.12.14-150100.197.120.1
kernel-default-devel-4.12.14-150100.197.120.1
kernel-default-devel-debuginfo-4.12.14-150100.197.120.1
kernel-obs-build-4.12.14-150100.197.120.1
kernel-obs-build-debugsource-4.12.14-150100.197.120.1
kernel-syms-4.12.14-150100.197.120.1
reiserfs-kmp-default-4.12.14-150100.197.120.1
reiserfs-kmp-default-debuginfo-4.12.14-150100.197.120.1
- SUSE Enterprise Storage 6 (noarch):
kernel-devel-4.12.14-150100.197.120.1
kernel-docs-4.12.14-150100.197.120.2
kernel-macros-4.12.14-150100.197.120.1
kernel-source-4.12.14-150100.197.120.1
- SUSE CaaS Platform 4.0 (x86_64):
kernel-default-4.12.14-150100.197.120.1
kernel-default-base-4.12.14-150100.197.120.1
kernel-default-base-debuginfo-4.12.14-150100.197.120.1
kernel-default-debuginfo-4.12.14-150100.197.120.1
kernel-default-debugsource-4.12.14-150100.197.120.1
kernel-default-devel-4.12.14-150100.197.120.1
kernel-default-devel-debuginfo-4.12.14-150100.197.120.1
kernel-obs-build-4.12.14-150100.197.120.1
kernel-obs-build-debugsource-4.12.14-150100.197.120.1
kernel-syms-4.12.14-150100.197.120.1
reiserfs-kmp-default-4.12.14-150100.197.120.1
reiserfs-kmp-default-debuginfo-4.12.14-150100.197.120.1
- SUSE CaaS Platform 4.0 (noarch):
kernel-devel-4.12.14-150100.197.120.1
kernel-docs-4.12.14-150100.197.120.2
kernel-macros-4.12.14-150100.197.120.1
kernel-source-4.12.14-150100.197.120.1
References:
https://www.suse.com/security/cve/CVE-2020-36557.html
https://www.suse.com/security/cve/CVE-2020-36558.html
https://www.suse.com/security/cve/CVE-2021-33655.html
https://www.suse.com/security/cve/CVE-2021-33656.html
https://www.suse.com/security/cve/CVE-2022-1462.html
https://www.suse.com/security/cve/CVE-2022-20166.html
https://www.suse.com/security/cve/CVE-2022-36946.html
https://bugzilla.suse.com/1195775
https://bugzilla.suse.com/1195926
https://bugzilla.suse.com/1198484
https://bugzilla.suse.com/1198829
https://bugzilla.suse.com/1200442
https://bugzilla.suse.com/1200598
https://bugzilla.suse.com/1200910
https://bugzilla.suse.com/1201429
https://bugzilla.suse.com/1201635
https://bugzilla.suse.com/1201636
https://bugzilla.suse.com/1201644
https://bugzilla.suse.com/1201926
https://bugzilla.suse.com/1201930
https://bugzilla.suse.com/1201940
1
0
SUSE-SU-2022:2820-1: important: Security update for webkit2gtk3
by opensuse-security@opensuse.org 16 Aug '22
by opensuse-security@opensuse.org 16 Aug '22
16 Aug '22
SUSE Security Update: Security update for webkit2gtk3
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:2820-1
Rating: important
References: #1201980
Cross-References: CVE-2022-32792 CVE-2022-32816
CVSS scores:
CVE-2022-32792 (SUSE): 8.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
CVE-2022-32816 (SUSE): 5.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
Affected Products:
SUSE Enterprise Storage 7
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Desktop Applications 15-SP3
SUSE Linux Enterprise Server 15-SP2-BCL
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Storage 7.1
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.1
SUSE Manager Retail Branch Server 4.2
SUSE Manager Server 4.1
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for webkit2gtk3 fixes the following issues:
- Update to version 2.36.5 (bsc#1201980):
- Add support for PAC proxy in the WebDriver implementation.
- Fix video playback when loaded through custom URIs, this fixes video
playback in the Yelp documentation browser.
- Fix WebKitWebView::context-menu when using GTK4.
- Fix LTO builds with GCC.
- Fix several crashes and rendering issues.
- Security fixes:
- CVE-2022-32792: Fixed processing maliciously crafted web content may
lead to arbitrary code execution.
- CVE-2022-32816: Fixed visiting a website that frames malicious content
may lead to UI spoofing.
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-2820=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-2820=1
- SUSE Manager Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-2820=1
- SUSE Manager Retail Branch Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-2820=1
- SUSE Manager Proxy 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-2820=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-2820=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-2820=1
- SUSE Linux Enterprise Server 15-SP2-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-2820=1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP3:
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP3-2022-2820=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-2820=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-2820=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-2820=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2022-2820=1
Package List:
- openSUSE Leap 15.4 (noarch):
libwebkit2gtk3-lang-2.36.5-150200.41.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
libjavascriptcoregtk-4_0-18-2.36.5-150200.41.1
libjavascriptcoregtk-4_0-18-debuginfo-2.36.5-150200.41.1
libwebkit2gtk-4_0-37-2.36.5-150200.41.1
libwebkit2gtk-4_0-37-debuginfo-2.36.5-150200.41.1
typelib-1_0-JavaScriptCore-4_0-2.36.5-150200.41.1
typelib-1_0-WebKit2-4_0-2.36.5-150200.41.1
typelib-1_0-WebKit2WebExtension-4_0-2.36.5-150200.41.1
webkit-jsc-4-2.36.5-150200.41.1
webkit-jsc-4-debuginfo-2.36.5-150200.41.1
webkit2gtk-4_0-injected-bundles-2.36.5-150200.41.1
webkit2gtk-4_0-injected-bundles-debuginfo-2.36.5-150200.41.1
webkit2gtk3-debugsource-2.36.5-150200.41.1
webkit2gtk3-devel-2.36.5-150200.41.1
webkit2gtk3-minibrowser-2.36.5-150200.41.1
webkit2gtk3-minibrowser-debuginfo-2.36.5-150200.41.1
- openSUSE Leap 15.3 (x86_64):
libjavascriptcoregtk-4_0-18-32bit-2.36.5-150200.41.1
libjavascriptcoregtk-4_0-18-32bit-debuginfo-2.36.5-150200.41.1
libwebkit2gtk-4_0-37-32bit-2.36.5-150200.41.1
libwebkit2gtk-4_0-37-32bit-debuginfo-2.36.5-150200.41.1
- openSUSE Leap 15.3 (noarch):
libwebkit2gtk3-lang-2.36.5-150200.41.1
- SUSE Manager Server 4.1 (ppc64le s390x x86_64):
libjavascriptcoregtk-4_0-18-2.36.5-150200.41.1
libjavascriptcoregtk-4_0-18-debuginfo-2.36.5-150200.41.1
libwebkit2gtk-4_0-37-2.36.5-150200.41.1
libwebkit2gtk-4_0-37-debuginfo-2.36.5-150200.41.1
typelib-1_0-JavaScriptCore-4_0-2.36.5-150200.41.1
typelib-1_0-WebKit2-4_0-2.36.5-150200.41.1
typelib-1_0-WebKit2WebExtension-4_0-2.36.5-150200.41.1
webkit2gtk-4_0-injected-bundles-2.36.5-150200.41.1
webkit2gtk-4_0-injected-bundles-debuginfo-2.36.5-150200.41.1
webkit2gtk3-debugsource-2.36.5-150200.41.1
webkit2gtk3-devel-2.36.5-150200.41.1
- SUSE Manager Server 4.1 (noarch):
libwebkit2gtk3-lang-2.36.5-150200.41.1
- SUSE Manager Retail Branch Server 4.1 (x86_64):
libjavascriptcoregtk-4_0-18-2.36.5-150200.41.1
libjavascriptcoregtk-4_0-18-debuginfo-2.36.5-150200.41.1
libwebkit2gtk-4_0-37-2.36.5-150200.41.1
libwebkit2gtk-4_0-37-debuginfo-2.36.5-150200.41.1
typelib-1_0-JavaScriptCore-4_0-2.36.5-150200.41.1
typelib-1_0-WebKit2-4_0-2.36.5-150200.41.1
typelib-1_0-WebKit2WebExtension-4_0-2.36.5-150200.41.1
webkit2gtk-4_0-injected-bundles-2.36.5-150200.41.1
webkit2gtk-4_0-injected-bundles-debuginfo-2.36.5-150200.41.1
webkit2gtk3-debugsource-2.36.5-150200.41.1
webkit2gtk3-devel-2.36.5-150200.41.1
- SUSE Manager Retail Branch Server 4.1 (noarch):
libwebkit2gtk3-lang-2.36.5-150200.41.1
- SUSE Manager Proxy 4.1 (noarch):
libwebkit2gtk3-lang-2.36.5-150200.41.1
- SUSE Manager Proxy 4.1 (x86_64):
libjavascriptcoregtk-4_0-18-2.36.5-150200.41.1
libjavascriptcoregtk-4_0-18-debuginfo-2.36.5-150200.41.1
libwebkit2gtk-4_0-37-2.36.5-150200.41.1
libwebkit2gtk-4_0-37-debuginfo-2.36.5-150200.41.1
typelib-1_0-JavaScriptCore-4_0-2.36.5-150200.41.1
typelib-1_0-WebKit2-4_0-2.36.5-150200.41.1
typelib-1_0-WebKit2WebExtension-4_0-2.36.5-150200.41.1
webkit2gtk-4_0-injected-bundles-2.36.5-150200.41.1
webkit2gtk-4_0-injected-bundles-debuginfo-2.36.5-150200.41.1
webkit2gtk3-debugsource-2.36.5-150200.41.1
webkit2gtk3-devel-2.36.5-150200.41.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64):
libjavascriptcoregtk-4_0-18-2.36.5-150200.41.1
libjavascriptcoregtk-4_0-18-debuginfo-2.36.5-150200.41.1
libwebkit2gtk-4_0-37-2.36.5-150200.41.1
libwebkit2gtk-4_0-37-debuginfo-2.36.5-150200.41.1
typelib-1_0-JavaScriptCore-4_0-2.36.5-150200.41.1
typelib-1_0-WebKit2-4_0-2.36.5-150200.41.1
typelib-1_0-WebKit2WebExtension-4_0-2.36.5-150200.41.1
webkit2gtk-4_0-injected-bundles-2.36.5-150200.41.1
webkit2gtk-4_0-injected-bundles-debuginfo-2.36.5-150200.41.1
webkit2gtk3-debugsource-2.36.5-150200.41.1
webkit2gtk3-devel-2.36.5-150200.41.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (noarch):
libwebkit2gtk3-lang-2.36.5-150200.41.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64):
libjavascriptcoregtk-4_0-18-2.36.5-150200.41.1
libjavascriptcoregtk-4_0-18-debuginfo-2.36.5-150200.41.1
libwebkit2gtk-4_0-37-2.36.5-150200.41.1
libwebkit2gtk-4_0-37-debuginfo-2.36.5-150200.41.1
typelib-1_0-JavaScriptCore-4_0-2.36.5-150200.41.1
typelib-1_0-WebKit2-4_0-2.36.5-150200.41.1
typelib-1_0-WebKit2WebExtension-4_0-2.36.5-150200.41.1
webkit2gtk-4_0-injected-bundles-2.36.5-150200.41.1
webkit2gtk-4_0-injected-bundles-debuginfo-2.36.5-150200.41.1
webkit2gtk3-debugsource-2.36.5-150200.41.1
webkit2gtk3-devel-2.36.5-150200.41.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (noarch):
libwebkit2gtk3-lang-2.36.5-150200.41.1
- SUSE Linux Enterprise Server 15-SP2-BCL (noarch):
libwebkit2gtk3-lang-2.36.5-150200.41.1
- SUSE Linux Enterprise Server 15-SP2-BCL (x86_64):
libjavascriptcoregtk-4_0-18-2.36.5-150200.41.1
libjavascriptcoregtk-4_0-18-debuginfo-2.36.5-150200.41.1
libwebkit2gtk-4_0-37-2.36.5-150200.41.1
libwebkit2gtk-4_0-37-debuginfo-2.36.5-150200.41.1
typelib-1_0-JavaScriptCore-4_0-2.36.5-150200.41.1
typelib-1_0-WebKit2-4_0-2.36.5-150200.41.1
typelib-1_0-WebKit2WebExtension-4_0-2.36.5-150200.41.1
webkit2gtk-4_0-injected-bundles-2.36.5-150200.41.1
webkit2gtk-4_0-injected-bundles-debuginfo-2.36.5-150200.41.1
webkit2gtk3-debugsource-2.36.5-150200.41.1
webkit2gtk3-devel-2.36.5-150200.41.1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP3 (aarch64 ppc64le s390x x86_64):
typelib-1_0-JavaScriptCore-4_0-2.36.5-150200.41.1
typelib-1_0-WebKit2-4_0-2.36.5-150200.41.1
typelib-1_0-WebKit2WebExtension-4_0-2.36.5-150200.41.1
webkit2gtk3-debugsource-2.36.5-150200.41.1
webkit2gtk3-devel-2.36.5-150200.41.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64):
libjavascriptcoregtk-4_0-18-2.36.5-150200.41.1
libjavascriptcoregtk-4_0-18-debuginfo-2.36.5-150200.41.1
libwebkit2gtk-4_0-37-2.36.5-150200.41.1
libwebkit2gtk-4_0-37-debuginfo-2.36.5-150200.41.1
webkit2gtk-4_0-injected-bundles-2.36.5-150200.41.1
webkit2gtk-4_0-injected-bundles-debuginfo-2.36.5-150200.41.1
webkit2gtk3-debugsource-2.36.5-150200.41.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (noarch):
libwebkit2gtk3-lang-2.36.5-150200.41.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64):
libjavascriptcoregtk-4_0-18-2.36.5-150200.41.1
libjavascriptcoregtk-4_0-18-debuginfo-2.36.5-150200.41.1
libwebkit2gtk-4_0-37-2.36.5-150200.41.1
libwebkit2gtk-4_0-37-debuginfo-2.36.5-150200.41.1
typelib-1_0-JavaScriptCore-4_0-2.36.5-150200.41.1
typelib-1_0-WebKit2-4_0-2.36.5-150200.41.1
typelib-1_0-WebKit2WebExtension-4_0-2.36.5-150200.41.1
webkit2gtk-4_0-injected-bundles-2.36.5-150200.41.1
webkit2gtk-4_0-injected-bundles-debuginfo-2.36.5-150200.41.1
webkit2gtk3-debugsource-2.36.5-150200.41.1
webkit2gtk3-devel-2.36.5-150200.41.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (noarch):
libwebkit2gtk3-lang-2.36.5-150200.41.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (aarch64 x86_64):
libjavascriptcoregtk-4_0-18-2.36.5-150200.41.1
libjavascriptcoregtk-4_0-18-debuginfo-2.36.5-150200.41.1
libwebkit2gtk-4_0-37-2.36.5-150200.41.1
libwebkit2gtk-4_0-37-debuginfo-2.36.5-150200.41.1
typelib-1_0-JavaScriptCore-4_0-2.36.5-150200.41.1
typelib-1_0-WebKit2-4_0-2.36.5-150200.41.1
typelib-1_0-WebKit2WebExtension-4_0-2.36.5-150200.41.1
webkit2gtk-4_0-injected-bundles-2.36.5-150200.41.1
webkit2gtk-4_0-injected-bundles-debuginfo-2.36.5-150200.41.1
webkit2gtk3-debugsource-2.36.5-150200.41.1
webkit2gtk3-devel-2.36.5-150200.41.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (noarch):
libwebkit2gtk3-lang-2.36.5-150200.41.1
- SUSE Enterprise Storage 7 (aarch64 x86_64):
libjavascriptcoregtk-4_0-18-2.36.5-150200.41.1
libjavascriptcoregtk-4_0-18-debuginfo-2.36.5-150200.41.1
libwebkit2gtk-4_0-37-2.36.5-150200.41.1
libwebkit2gtk-4_0-37-debuginfo-2.36.5-150200.41.1
typelib-1_0-JavaScriptCore-4_0-2.36.5-150200.41.1
typelib-1_0-WebKit2-4_0-2.36.5-150200.41.1
typelib-1_0-WebKit2WebExtension-4_0-2.36.5-150200.41.1
webkit2gtk-4_0-injected-bundles-2.36.5-150200.41.1
webkit2gtk-4_0-injected-bundles-debuginfo-2.36.5-150200.41.1
webkit2gtk3-debugsource-2.36.5-150200.41.1
webkit2gtk3-devel-2.36.5-150200.41.1
- SUSE Enterprise Storage 7 (noarch):
libwebkit2gtk3-lang-2.36.5-150200.41.1
References:
https://www.suse.com/security/cve/CVE-2022-32792.html
https://www.suse.com/security/cve/CVE-2022-32816.html
https://bugzilla.suse.com/1201980
1
0
SUSE-SU-2022:2822-1: important: Security update for python-Twisted
by opensuse-security@opensuse.org 16 Aug '22
by opensuse-security@opensuse.org 16 Aug '22
16 Aug '22
SUSE Security Update: Security update for python-Twisted
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:2822-1
Rating: important
References: #1166458
Cross-References: CVE-2020-10109
CVSS scores:
CVE-2020-10109 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2020-10109 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Affected Products:
SUSE Enterprise Storage 7
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3
SUSE Linux Enterprise Module for Server Applications 15-SP3
SUSE Linux Enterprise Server 15-SP2-BCL
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Storage 7.1
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.1
SUSE Manager Retail Branch Server 4.2
SUSE Manager Server 4.1
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for python-Twisted fixes the following issues:
- CVE-2020-10109: Fixed an HTTP request smuggling issue (bsc#1166458).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-2822=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-2822=1
- SUSE Manager Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-2822=1
- SUSE Manager Retail Branch Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-2822=1
- SUSE Manager Proxy 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-2822=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-2822=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-2822=1
- SUSE Linux Enterprise Server 15-SP2-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-2822=1
- SUSE Linux Enterprise Module for Server Applications 15-SP3:
zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP3-2022-2822=1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3:
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP3-2022-2822=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-2822=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-2822=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2022-2822=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
python-Twisted-debuginfo-19.10.0-150200.3.15.1
python-Twisted-debugsource-19.10.0-150200.3.15.1
python3-Twisted-debuginfo-19.10.0-150200.3.15.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
python-Twisted-debuginfo-19.10.0-150200.3.15.1
python-Twisted-debugsource-19.10.0-150200.3.15.1
python-Twisted-doc-19.10.0-150200.3.15.1
python2-Twisted-19.10.0-150200.3.15.1
python2-Twisted-debuginfo-19.10.0-150200.3.15.1
python3-Twisted-19.10.0-150200.3.15.1
python3-Twisted-debuginfo-19.10.0-150200.3.15.1
- SUSE Manager Server 4.1 (ppc64le s390x x86_64):
python3-Twisted-19.10.0-150200.3.15.1
python3-Twisted-debuginfo-19.10.0-150200.3.15.1
- SUSE Manager Retail Branch Server 4.1 (x86_64):
python3-Twisted-19.10.0-150200.3.15.1
python3-Twisted-debuginfo-19.10.0-150200.3.15.1
- SUSE Manager Proxy 4.1 (x86_64):
python3-Twisted-19.10.0-150200.3.15.1
python3-Twisted-debuginfo-19.10.0-150200.3.15.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64):
python3-Twisted-19.10.0-150200.3.15.1
python3-Twisted-debuginfo-19.10.0-150200.3.15.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64):
python3-Twisted-19.10.0-150200.3.15.1
python3-Twisted-debuginfo-19.10.0-150200.3.15.1
- SUSE Linux Enterprise Server 15-SP2-BCL (x86_64):
python3-Twisted-19.10.0-150200.3.15.1
python3-Twisted-debuginfo-19.10.0-150200.3.15.1
- SUSE Linux Enterprise Module for Server Applications 15-SP3 (aarch64 ppc64le s390x x86_64):
python-Twisted-debuginfo-19.10.0-150200.3.15.1
python-Twisted-debugsource-19.10.0-150200.3.15.1
python3-Twisted-19.10.0-150200.3.15.1
python3-Twisted-debuginfo-19.10.0-150200.3.15.1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3 (aarch64 ppc64le s390x x86_64):
python-Twisted-debugsource-19.10.0-150200.3.15.1
python3-Twisted-19.10.0-150200.3.15.1
python3-Twisted-debuginfo-19.10.0-150200.3.15.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64):
python3-Twisted-19.10.0-150200.3.15.1
python3-Twisted-debuginfo-19.10.0-150200.3.15.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (aarch64 x86_64):
python3-Twisted-19.10.0-150200.3.15.1
python3-Twisted-debuginfo-19.10.0-150200.3.15.1
- SUSE Enterprise Storage 7 (aarch64 x86_64):
python3-Twisted-19.10.0-150200.3.15.1
python3-Twisted-debuginfo-19.10.0-150200.3.15.1
References:
https://www.suse.com/security/cve/CVE-2020-10109.html
https://bugzilla.suse.com/1166458
1
0
SUSE-SU-2022:2818-1: important: Security update for ceph
by opensuse-security@opensuse.org 16 Aug '22
by opensuse-security@opensuse.org 16 Aug '22
16 Aug '22
SUSE Security Update: Security update for ceph
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:2818-1
Rating: important
References: #1194131 #1195359 #1196044 #1196785 #1200064
#1200553 SES-2515
Cross-References: CVE-2021-3979
CVSS scores:
CVE-2021-3979 (SUSE): 6.8 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products:
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that solves one vulnerability, contains one
feature and has 5 fixes is now available.
Description:
This update for ceph fixes the following issues:
- Update to 16.2.9-536-g41a9f9a5573:
+ (bsc#1195359, bsc#1200553) rgw: check bucket shard init status in
RGWRadosBILogTrimCR
+ (bsc#1194131) ceph-volume: honour osd_dmcrypt_key_size option
(CVE-2021-3979)
- Update to 16.2.9-158-gd93952c7eea:
+ cmake: check for python(\d)\.(\d+) when building boost
+ make-dist: patch boost source to support python 3.10
- Update to ceph-16.2.9-58-ge2e5cb80063:
+ (bsc#1200064, pr#480) Remove last vestiges of docker.io image paths
- Update to 16.2.9.50-g7d9f12156fb:
+ (jsc#SES-2515) High-availability NFS export
+ (bsc#1196044) cephadm: prometheus: The generatorURL in alerts is only
using hostname
+ (bsc#1196785) cephadm: avoid crashing on expected non-zero exit
- Update to 16.2.7-969-g6195a460d89
+ (jsc#SES-2515) High-availability NFS export
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-2818=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-2818=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
ceph-16.2.9.536+g41a9f9a5573-150400.3.3.1
ceph-base-16.2.9.536+g41a9f9a5573-150400.3.3.1
ceph-base-debuginfo-16.2.9.536+g41a9f9a5573-150400.3.3.1
ceph-common-16.2.9.536+g41a9f9a5573-150400.3.3.1
ceph-common-debuginfo-16.2.9.536+g41a9f9a5573-150400.3.3.1
ceph-debugsource-16.2.9.536+g41a9f9a5573-150400.3.3.1
ceph-fuse-16.2.9.536+g41a9f9a5573-150400.3.3.1
ceph-fuse-debuginfo-16.2.9.536+g41a9f9a5573-150400.3.3.1
ceph-immutable-object-cache-16.2.9.536+g41a9f9a5573-150400.3.3.1
ceph-immutable-object-cache-debuginfo-16.2.9.536+g41a9f9a5573-150400.3.3.1
ceph-mds-16.2.9.536+g41a9f9a5573-150400.3.3.1
ceph-mds-debuginfo-16.2.9.536+g41a9f9a5573-150400.3.3.1
ceph-mgr-16.2.9.536+g41a9f9a5573-150400.3.3.1
ceph-mgr-debuginfo-16.2.9.536+g41a9f9a5573-150400.3.3.1
ceph-mon-16.2.9.536+g41a9f9a5573-150400.3.3.1
ceph-mon-debuginfo-16.2.9.536+g41a9f9a5573-150400.3.3.1
ceph-osd-16.2.9.536+g41a9f9a5573-150400.3.3.1
ceph-osd-debuginfo-16.2.9.536+g41a9f9a5573-150400.3.3.1
ceph-radosgw-16.2.9.536+g41a9f9a5573-150400.3.3.1
ceph-radosgw-debuginfo-16.2.9.536+g41a9f9a5573-150400.3.3.1
cephfs-mirror-16.2.9.536+g41a9f9a5573-150400.3.3.1
cephfs-mirror-debuginfo-16.2.9.536+g41a9f9a5573-150400.3.3.1
cephfs-shell-16.2.9.536+g41a9f9a5573-150400.3.3.1
libcephfs-devel-16.2.9.536+g41a9f9a5573-150400.3.3.1
libcephfs2-16.2.9.536+g41a9f9a5573-150400.3.3.1
libcephfs2-debuginfo-16.2.9.536+g41a9f9a5573-150400.3.3.1
libcephsqlite-16.2.9.536+g41a9f9a5573-150400.3.3.1
libcephsqlite-debuginfo-16.2.9.536+g41a9f9a5573-150400.3.3.1
libcephsqlite-devel-16.2.9.536+g41a9f9a5573-150400.3.3.1
librados-devel-16.2.9.536+g41a9f9a5573-150400.3.3.1
librados-devel-debuginfo-16.2.9.536+g41a9f9a5573-150400.3.3.1
librados2-16.2.9.536+g41a9f9a5573-150400.3.3.1
librados2-debuginfo-16.2.9.536+g41a9f9a5573-150400.3.3.1
libradospp-devel-16.2.9.536+g41a9f9a5573-150400.3.3.1
librbd-devel-16.2.9.536+g41a9f9a5573-150400.3.3.1
librbd1-16.2.9.536+g41a9f9a5573-150400.3.3.1
librbd1-debuginfo-16.2.9.536+g41a9f9a5573-150400.3.3.1
librgw-devel-16.2.9.536+g41a9f9a5573-150400.3.3.1
librgw2-16.2.9.536+g41a9f9a5573-150400.3.3.1
librgw2-debuginfo-16.2.9.536+g41a9f9a5573-150400.3.3.1
python3-ceph-argparse-16.2.9.536+g41a9f9a5573-150400.3.3.1
python3-ceph-common-16.2.9.536+g41a9f9a5573-150400.3.3.1
python3-cephfs-16.2.9.536+g41a9f9a5573-150400.3.3.1
python3-cephfs-debuginfo-16.2.9.536+g41a9f9a5573-150400.3.3.1
python3-rados-16.2.9.536+g41a9f9a5573-150400.3.3.1
python3-rados-debuginfo-16.2.9.536+g41a9f9a5573-150400.3.3.1
python3-rbd-16.2.9.536+g41a9f9a5573-150400.3.3.1
python3-rbd-debuginfo-16.2.9.536+g41a9f9a5573-150400.3.3.1
python3-rgw-16.2.9.536+g41a9f9a5573-150400.3.3.1
python3-rgw-debuginfo-16.2.9.536+g41a9f9a5573-150400.3.3.1
rados-objclass-devel-16.2.9.536+g41a9f9a5573-150400.3.3.1
rbd-fuse-16.2.9.536+g41a9f9a5573-150400.3.3.1
rbd-fuse-debuginfo-16.2.9.536+g41a9f9a5573-150400.3.3.1
rbd-mirror-16.2.9.536+g41a9f9a5573-150400.3.3.1
rbd-mirror-debuginfo-16.2.9.536+g41a9f9a5573-150400.3.3.1
rbd-nbd-16.2.9.536+g41a9f9a5573-150400.3.3.1
rbd-nbd-debuginfo-16.2.9.536+g41a9f9a5573-150400.3.3.1
- openSUSE Leap 15.4 (x86_64):
ceph-test-16.2.9.536+g41a9f9a5573-150400.3.3.1
ceph-test-debuginfo-16.2.9.536+g41a9f9a5573-150400.3.3.1
ceph-test-debugsource-16.2.9.536+g41a9f9a5573-150400.3.3.1
- openSUSE Leap 15.4 (noarch):
ceph-grafana-dashboards-16.2.9.536+g41a9f9a5573-150400.3.3.1
ceph-mgr-cephadm-16.2.9.536+g41a9f9a5573-150400.3.3.1
ceph-mgr-dashboard-16.2.9.536+g41a9f9a5573-150400.3.3.1
ceph-mgr-diskprediction-local-16.2.9.536+g41a9f9a5573-150400.3.3.1
ceph-mgr-k8sevents-16.2.9.536+g41a9f9a5573-150400.3.3.1
ceph-mgr-modules-core-16.2.9.536+g41a9f9a5573-150400.3.3.1
ceph-mgr-rook-16.2.9.536+g41a9f9a5573-150400.3.3.1
ceph-prometheus-alerts-16.2.9.536+g41a9f9a5573-150400.3.3.1
cephadm-16.2.9.536+g41a9f9a5573-150400.3.3.1
cephfs-top-16.2.9.536+g41a9f9a5573-150400.3.3.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64 ppc64le s390x x86_64):
ceph-common-16.2.9.536+g41a9f9a5573-150400.3.3.1
ceph-common-debuginfo-16.2.9.536+g41a9f9a5573-150400.3.3.1
ceph-debugsource-16.2.9.536+g41a9f9a5573-150400.3.3.1
libcephfs-devel-16.2.9.536+g41a9f9a5573-150400.3.3.1
libcephfs2-16.2.9.536+g41a9f9a5573-150400.3.3.1
libcephfs2-debuginfo-16.2.9.536+g41a9f9a5573-150400.3.3.1
librados-devel-16.2.9.536+g41a9f9a5573-150400.3.3.1
librados-devel-debuginfo-16.2.9.536+g41a9f9a5573-150400.3.3.1
librados2-16.2.9.536+g41a9f9a5573-150400.3.3.1
librados2-debuginfo-16.2.9.536+g41a9f9a5573-150400.3.3.1
libradospp-devel-16.2.9.536+g41a9f9a5573-150400.3.3.1
librbd-devel-16.2.9.536+g41a9f9a5573-150400.3.3.1
librbd1-16.2.9.536+g41a9f9a5573-150400.3.3.1
librbd1-debuginfo-16.2.9.536+g41a9f9a5573-150400.3.3.1
librgw-devel-16.2.9.536+g41a9f9a5573-150400.3.3.1
librgw2-16.2.9.536+g41a9f9a5573-150400.3.3.1
librgw2-debuginfo-16.2.9.536+g41a9f9a5573-150400.3.3.1
python3-ceph-argparse-16.2.9.536+g41a9f9a5573-150400.3.3.1
python3-ceph-common-16.2.9.536+g41a9f9a5573-150400.3.3.1
python3-cephfs-16.2.9.536+g41a9f9a5573-150400.3.3.1
python3-cephfs-debuginfo-16.2.9.536+g41a9f9a5573-150400.3.3.1
python3-rados-16.2.9.536+g41a9f9a5573-150400.3.3.1
python3-rados-debuginfo-16.2.9.536+g41a9f9a5573-150400.3.3.1
python3-rbd-16.2.9.536+g41a9f9a5573-150400.3.3.1
python3-rbd-debuginfo-16.2.9.536+g41a9f9a5573-150400.3.3.1
python3-rgw-16.2.9.536+g41a9f9a5573-150400.3.3.1
python3-rgw-debuginfo-16.2.9.536+g41a9f9a5573-150400.3.3.1
rados-objclass-devel-16.2.9.536+g41a9f9a5573-150400.3.3.1
rbd-nbd-16.2.9.536+g41a9f9a5573-150400.3.3.1
rbd-nbd-debuginfo-16.2.9.536+g41a9f9a5573-150400.3.3.1
References:
https://www.suse.com/security/cve/CVE-2021-3979.html
https://bugzilla.suse.com/1194131
https://bugzilla.suse.com/1195359
https://bugzilla.suse.com/1196044
https://bugzilla.suse.com/1196785
https://bugzilla.suse.com/1200064
https://bugzilla.suse.com/1200553
1
0
openSUSE-SU-2022:10092-1: important: Security update for chromium
by opensuse-security@opensuse.org 16 Aug '22
by opensuse-security@opensuse.org 16 Aug '22
16 Aug '22
openSUSE Security Update: Security update for chromium
______________________________________________________________________________
Announcement ID: openSUSE-SU-2022:10092-1
Rating: important
References: #1202075
Cross-References: CVE-2022-2603 CVE-2022-2604 CVE-2022-2605
CVE-2022-2606 CVE-2022-2607 CVE-2022-2608
CVE-2022-2609 CVE-2022-2610 CVE-2022-2611
CVE-2022-2612 CVE-2022-2613 CVE-2022-2614
CVE-2022-2615 CVE-2022-2616 CVE-2022-2617
CVE-2022-2618 CVE-2022-2619 CVE-2022-2620
CVE-2022-2621 CVE-2022-2622 CVE-2022-2623
CVE-2022-2624
CVSS scores:
CVE-2022-2603 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-2604 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-2605 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
CVE-2022-2606 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-2607 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-2608 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-2609 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-2610 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
CVE-2022-2611 (NVD) : 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
CVE-2022-2612 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
CVE-2022-2613 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-2614 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-2615 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
CVE-2022-2616 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
CVE-2022-2617 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-2618 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
CVE-2022-2619 (NVD) : 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
CVE-2022-2620 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-2621 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-2622 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
CVE-2022-2623 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-2624 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected Products:
openSUSE Backports SLE-15-SP3
______________________________________________________________________________
An update that fixes 22 vulnerabilities is now available.
Description:
This update for chromium fixes the following issues:
Chromium 104.0.5112.79 (boo#1202075)
* CVE-2022-2603: Use after free in Omnibox
* CVE-2022-2604: Use after free in Safe Browsing
* CVE-2022-2605: Out of bounds read in Dawn
* CVE-2022-2606: Use after free in Managed devices API
* CVE-2022-2607: Use after free in Tab Strip
* CVE-2022-2608: Use after free in Overview Mode
* CVE-2022-2609: Use after free in Nearby Share
* CVE-2022-2610: Insufficient policy enforcement in Background Fetch
* CVE-2022-2611: Inappropriate implementation in Fullscreen API
* CVE-2022-2612: Side-channel information leakage in Keyboard input
* CVE-2022-2613: Use after free in Input
* CVE-2022-2614: Use after free in Sign-In Flow
* CVE-2022-2615: Insufficient policy enforcement in Cookies
* CVE-2022-2616: Inappropriate implementation in Extensions API
* CVE-2022-2617: Use after free in Extensions API
* CVE-2022-2618: Insufficient validation of untrusted input in Internals
* CVE-2022-2619: Insufficient validation of untrusted input in Settings
* CVE-2022-2620: Use after free in WebUI
* CVE-2022-2621: Use after free in Extensions
* CVE-2022-2622: Insufficient validation of untrusted input in Safe
Browsing
* CVE-2022-2623: Use after free in Offline
* CVE-2022-2624: Heap buffer overflow in PDF
- Switch back to Clang so that we can use BTI on aarch64
* Gold is too old - doesn't understand BTI
* LD crashes on aarch64
- Re-enable LTO
- Prepare move to FFmpeg 5 for new channel layout (requires 5.1+)
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Backports SLE-15-SP3:
zypper in -t patch openSUSE-2022-10092=1
Package List:
- openSUSE Backports SLE-15-SP3 (aarch64 x86_64):
chromedriver-104.0.5112.79-bp153.2.113.1
chromium-104.0.5112.79-bp153.2.113.1
References:
https://www.suse.com/security/cve/CVE-2022-2603.html
https://www.suse.com/security/cve/CVE-2022-2604.html
https://www.suse.com/security/cve/CVE-2022-2605.html
https://www.suse.com/security/cve/CVE-2022-2606.html
https://www.suse.com/security/cve/CVE-2022-2607.html
https://www.suse.com/security/cve/CVE-2022-2608.html
https://www.suse.com/security/cve/CVE-2022-2609.html
https://www.suse.com/security/cve/CVE-2022-2610.html
https://www.suse.com/security/cve/CVE-2022-2611.html
https://www.suse.com/security/cve/CVE-2022-2612.html
https://www.suse.com/security/cve/CVE-2022-2613.html
https://www.suse.com/security/cve/CVE-2022-2614.html
https://www.suse.com/security/cve/CVE-2022-2615.html
https://www.suse.com/security/cve/CVE-2022-2616.html
https://www.suse.com/security/cve/CVE-2022-2617.html
https://www.suse.com/security/cve/CVE-2022-2618.html
https://www.suse.com/security/cve/CVE-2022-2619.html
https://www.suse.com/security/cve/CVE-2022-2620.html
https://www.suse.com/security/cve/CVE-2022-2621.html
https://www.suse.com/security/cve/CVE-2022-2622.html
https://www.suse.com/security/cve/CVE-2022-2623.html
https://www.suse.com/security/cve/CVE-2022-2624.html
https://bugzilla.suse.com/1202075
1
0