openSUSE Security Announce
Threads by month
- ----- 2024 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2023 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2022 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2021 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2020 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2019 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2018 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2017 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2016 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2015 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2014 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2013 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2012 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2011 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2010 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2009 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2008 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2007 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2006 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2005 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2004 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2003 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2002 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2001 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2000 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1999 -----
- December
- November
- October
- September
- August
September 2022
- 1 participants
- 137 discussions
SUSE-SU-2022:2959-2: important: Security update for rsync
by opensuse-security@opensuse.org 01 Sep '22
by opensuse-security@opensuse.org 01 Sep '22
01 Sep '22
SUSE Security Update: Security update for rsync
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:2959-2
Rating: important
References: #1201840
Cross-References: CVE-2022-29154
CVSS scores:
CVE-2022-29154 (NVD) : 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H
CVE-2022-29154 (SUSE): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected Products:
openSUSE Leap Micro 5.2
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for rsync fixes the following issues:
- CVE-2022-29154: Fixed an arbitrary file write issue that could be
triggered by a malicious remote server (bsc#1201840).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap Micro 5.2:
zypper in -t patch openSUSE-Leap-Micro-5.2-2022-2959=1
Package List:
- openSUSE Leap Micro 5.2 (aarch64 x86_64):
rsync-3.1.3-150000.4.13.1
rsync-debuginfo-3.1.3-150000.4.13.1
rsync-debugsource-3.1.3-150000.4.13.1
References:
https://www.suse.com/security/cve/CVE-2022-29154.html
https://bugzilla.suse.com/1201840
1
0
SUSE-SU-2022:2988-1: important: Security update for postgresql12
by opensuse-security@opensuse.org 01 Sep '22
by opensuse-security@opensuse.org 01 Sep '22
01 Sep '22
SUSE Security Update: Security update for postgresql12
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:2988-1
Rating: important
References: #1198166 #1202368
Cross-References: CVE-2022-2625
CVSS scores:
CVE-2022-2625 (NVD) : 8 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
CVE-2022-2625 (SUSE): 7.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
Affected Products:
SUSE Enterprise Storage 7
SUSE Linux Enterprise High Performance Computing
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Module for Legacy Software 15-SP3
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3
SUSE Linux Enterprise Server
SUSE Linux Enterprise Server 15-SP2-BCL
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP Applications
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Storage 7.1
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.1
SUSE Manager Retail Branch Server 4.2
SUSE Manager Server 4.1
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that solves one vulnerability and has one errata
is now available.
Description:
This update for postgresql12 fixes the following issues:
- Update to 12.12:
- CVE-2022-2625: Fixed an issue where extension scripts would replace
objects not belonging to that extension (bsc#1202368).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-2988=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-2988=1
- SUSE Manager Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-2988=1
- SUSE Manager Retail Branch Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-2988=1
- SUSE Manager Proxy 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-2988=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-2988=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-2988=1
- SUSE Linux Enterprise Server 15-SP2-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-2988=1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3:
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP3-2022-2988=1
- SUSE Linux Enterprise Module for Legacy Software 15-SP3:
zypper in -t patch SUSE-SLE-Module-Legacy-15-SP3-2022-2988=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-2988=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-2988=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2022-2988=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
postgresql12-12.12-150200.8.35.1
postgresql12-contrib-12.12-150200.8.35.1
postgresql12-contrib-debuginfo-12.12-150200.8.35.1
postgresql12-debuginfo-12.12-150200.8.35.1
postgresql12-debugsource-12.12-150200.8.35.1
postgresql12-devel-12.12-150200.8.35.1
postgresql12-devel-debuginfo-12.12-150200.8.35.1
postgresql12-llvmjit-12.12-150200.8.35.1
postgresql12-llvmjit-debuginfo-12.12-150200.8.35.1
postgresql12-llvmjit-devel-12.12-150200.8.35.1
postgresql12-plperl-12.12-150200.8.35.1
postgresql12-plperl-debuginfo-12.12-150200.8.35.1
postgresql12-plpython-12.12-150200.8.35.1
postgresql12-plpython-debuginfo-12.12-150200.8.35.1
postgresql12-pltcl-12.12-150200.8.35.1
postgresql12-pltcl-debuginfo-12.12-150200.8.35.1
postgresql12-server-12.12-150200.8.35.1
postgresql12-server-debuginfo-12.12-150200.8.35.1
postgresql12-server-devel-12.12-150200.8.35.1
postgresql12-server-devel-debuginfo-12.12-150200.8.35.1
postgresql12-test-12.12-150200.8.35.1
- openSUSE Leap 15.4 (noarch):
postgresql12-docs-12.12-150200.8.35.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
postgresql12-12.12-150200.8.35.1
postgresql12-contrib-12.12-150200.8.35.1
postgresql12-contrib-debuginfo-12.12-150200.8.35.1
postgresql12-debuginfo-12.12-150200.8.35.1
postgresql12-debugsource-12.12-150200.8.35.1
postgresql12-devel-12.12-150200.8.35.1
postgresql12-devel-debuginfo-12.12-150200.8.35.1
postgresql12-llvmjit-12.12-150200.8.35.1
postgresql12-llvmjit-debuginfo-12.12-150200.8.35.1
postgresql12-plperl-12.12-150200.8.35.1
postgresql12-plperl-debuginfo-12.12-150200.8.35.1
postgresql12-plpython-12.12-150200.8.35.1
postgresql12-plpython-debuginfo-12.12-150200.8.35.1
postgresql12-pltcl-12.12-150200.8.35.1
postgresql12-pltcl-debuginfo-12.12-150200.8.35.1
postgresql12-server-12.12-150200.8.35.1
postgresql12-server-debuginfo-12.12-150200.8.35.1
postgresql12-server-devel-12.12-150200.8.35.1
postgresql12-server-devel-debuginfo-12.12-150200.8.35.1
postgresql12-test-12.12-150200.8.35.1
- openSUSE Leap 15.3 (noarch):
postgresql12-docs-12.12-150200.8.35.1
- SUSE Manager Server 4.1 (ppc64le s390x x86_64):
postgresql12-12.12-150200.8.35.1
postgresql12-contrib-12.12-150200.8.35.1
postgresql12-contrib-debuginfo-12.12-150200.8.35.1
postgresql12-debuginfo-12.12-150200.8.35.1
postgresql12-debugsource-12.12-150200.8.35.1
postgresql12-devel-12.12-150200.8.35.1
postgresql12-devel-debuginfo-12.12-150200.8.35.1
postgresql12-plperl-12.12-150200.8.35.1
postgresql12-plperl-debuginfo-12.12-150200.8.35.1
postgresql12-plpython-12.12-150200.8.35.1
postgresql12-plpython-debuginfo-12.12-150200.8.35.1
postgresql12-pltcl-12.12-150200.8.35.1
postgresql12-pltcl-debuginfo-12.12-150200.8.35.1
postgresql12-server-12.12-150200.8.35.1
postgresql12-server-debuginfo-12.12-150200.8.35.1
postgresql12-server-devel-12.12-150200.8.35.1
postgresql12-server-devel-debuginfo-12.12-150200.8.35.1
- SUSE Manager Server 4.1 (noarch):
postgresql12-docs-12.12-150200.8.35.1
- SUSE Manager Retail Branch Server 4.1 (x86_64):
postgresql12-12.12-150200.8.35.1
postgresql12-contrib-12.12-150200.8.35.1
postgresql12-contrib-debuginfo-12.12-150200.8.35.1
postgresql12-debuginfo-12.12-150200.8.35.1
postgresql12-debugsource-12.12-150200.8.35.1
postgresql12-devel-12.12-150200.8.35.1
postgresql12-devel-debuginfo-12.12-150200.8.35.1
postgresql12-plperl-12.12-150200.8.35.1
postgresql12-plperl-debuginfo-12.12-150200.8.35.1
postgresql12-plpython-12.12-150200.8.35.1
postgresql12-plpython-debuginfo-12.12-150200.8.35.1
postgresql12-pltcl-12.12-150200.8.35.1
postgresql12-pltcl-debuginfo-12.12-150200.8.35.1
postgresql12-server-12.12-150200.8.35.1
postgresql12-server-debuginfo-12.12-150200.8.35.1
postgresql12-server-devel-12.12-150200.8.35.1
postgresql12-server-devel-debuginfo-12.12-150200.8.35.1
- SUSE Manager Retail Branch Server 4.1 (noarch):
postgresql12-docs-12.12-150200.8.35.1
- SUSE Manager Proxy 4.1 (x86_64):
postgresql12-12.12-150200.8.35.1
postgresql12-contrib-12.12-150200.8.35.1
postgresql12-contrib-debuginfo-12.12-150200.8.35.1
postgresql12-debuginfo-12.12-150200.8.35.1
postgresql12-debugsource-12.12-150200.8.35.1
postgresql12-devel-12.12-150200.8.35.1
postgresql12-devel-debuginfo-12.12-150200.8.35.1
postgresql12-plperl-12.12-150200.8.35.1
postgresql12-plperl-debuginfo-12.12-150200.8.35.1
postgresql12-plpython-12.12-150200.8.35.1
postgresql12-plpython-debuginfo-12.12-150200.8.35.1
postgresql12-pltcl-12.12-150200.8.35.1
postgresql12-pltcl-debuginfo-12.12-150200.8.35.1
postgresql12-server-12.12-150200.8.35.1
postgresql12-server-debuginfo-12.12-150200.8.35.1
postgresql12-server-devel-12.12-150200.8.35.1
postgresql12-server-devel-debuginfo-12.12-150200.8.35.1
- SUSE Manager Proxy 4.1 (noarch):
postgresql12-docs-12.12-150200.8.35.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64):
postgresql12-12.12-150200.8.35.1
postgresql12-contrib-12.12-150200.8.35.1
postgresql12-contrib-debuginfo-12.12-150200.8.35.1
postgresql12-debuginfo-12.12-150200.8.35.1
postgresql12-debugsource-12.12-150200.8.35.1
postgresql12-devel-12.12-150200.8.35.1
postgresql12-devel-debuginfo-12.12-150200.8.35.1
postgresql12-plperl-12.12-150200.8.35.1
postgresql12-plperl-debuginfo-12.12-150200.8.35.1
postgresql12-plpython-12.12-150200.8.35.1
postgresql12-plpython-debuginfo-12.12-150200.8.35.1
postgresql12-pltcl-12.12-150200.8.35.1
postgresql12-pltcl-debuginfo-12.12-150200.8.35.1
postgresql12-server-12.12-150200.8.35.1
postgresql12-server-debuginfo-12.12-150200.8.35.1
postgresql12-server-devel-12.12-150200.8.35.1
postgresql12-server-devel-debuginfo-12.12-150200.8.35.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (noarch):
postgresql12-docs-12.12-150200.8.35.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64):
postgresql12-12.12-150200.8.35.1
postgresql12-contrib-12.12-150200.8.35.1
postgresql12-contrib-debuginfo-12.12-150200.8.35.1
postgresql12-debuginfo-12.12-150200.8.35.1
postgresql12-debugsource-12.12-150200.8.35.1
postgresql12-devel-12.12-150200.8.35.1
postgresql12-devel-debuginfo-12.12-150200.8.35.1
postgresql12-plperl-12.12-150200.8.35.1
postgresql12-plperl-debuginfo-12.12-150200.8.35.1
postgresql12-plpython-12.12-150200.8.35.1
postgresql12-plpython-debuginfo-12.12-150200.8.35.1
postgresql12-pltcl-12.12-150200.8.35.1
postgresql12-pltcl-debuginfo-12.12-150200.8.35.1
postgresql12-server-12.12-150200.8.35.1
postgresql12-server-debuginfo-12.12-150200.8.35.1
postgresql12-server-devel-12.12-150200.8.35.1
postgresql12-server-devel-debuginfo-12.12-150200.8.35.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (noarch):
postgresql12-docs-12.12-150200.8.35.1
- SUSE Linux Enterprise Server 15-SP2-BCL (x86_64):
postgresql12-12.12-150200.8.35.1
postgresql12-contrib-12.12-150200.8.35.1
postgresql12-contrib-debuginfo-12.12-150200.8.35.1
postgresql12-debuginfo-12.12-150200.8.35.1
postgresql12-debugsource-12.12-150200.8.35.1
postgresql12-devel-12.12-150200.8.35.1
postgresql12-devel-debuginfo-12.12-150200.8.35.1
postgresql12-plperl-12.12-150200.8.35.1
postgresql12-plperl-debuginfo-12.12-150200.8.35.1
postgresql12-plpython-12.12-150200.8.35.1
postgresql12-plpython-debuginfo-12.12-150200.8.35.1
postgresql12-pltcl-12.12-150200.8.35.1
postgresql12-pltcl-debuginfo-12.12-150200.8.35.1
postgresql12-server-12.12-150200.8.35.1
postgresql12-server-debuginfo-12.12-150200.8.35.1
postgresql12-server-devel-12.12-150200.8.35.1
postgresql12-server-devel-debuginfo-12.12-150200.8.35.1
- SUSE Linux Enterprise Server 15-SP2-BCL (noarch):
postgresql12-docs-12.12-150200.8.35.1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3 (aarch64 ppc64le s390x x86_64):
postgresql12-llvmjit-12.12-150200.8.35.1
postgresql12-llvmjit-debuginfo-12.12-150200.8.35.1
postgresql12-test-12.12-150200.8.35.1
- SUSE Linux Enterprise Module for Legacy Software 15-SP3 (aarch64 ppc64le s390x x86_64):
postgresql12-12.12-150200.8.35.1
postgresql12-contrib-12.12-150200.8.35.1
postgresql12-contrib-debuginfo-12.12-150200.8.35.1
postgresql12-debuginfo-12.12-150200.8.35.1
postgresql12-debugsource-12.12-150200.8.35.1
postgresql12-devel-12.12-150200.8.35.1
postgresql12-devel-debuginfo-12.12-150200.8.35.1
postgresql12-plperl-12.12-150200.8.35.1
postgresql12-plperl-debuginfo-12.12-150200.8.35.1
postgresql12-plpython-12.12-150200.8.35.1
postgresql12-plpython-debuginfo-12.12-150200.8.35.1
postgresql12-pltcl-12.12-150200.8.35.1
postgresql12-pltcl-debuginfo-12.12-150200.8.35.1
postgresql12-server-12.12-150200.8.35.1
postgresql12-server-debuginfo-12.12-150200.8.35.1
postgresql12-server-devel-12.12-150200.8.35.1
postgresql12-server-devel-debuginfo-12.12-150200.8.35.1
- SUSE Linux Enterprise Module for Legacy Software 15-SP3 (noarch):
postgresql12-docs-12.12-150200.8.35.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64):
postgresql12-12.12-150200.8.35.1
postgresql12-contrib-12.12-150200.8.35.1
postgresql12-contrib-debuginfo-12.12-150200.8.35.1
postgresql12-debuginfo-12.12-150200.8.35.1
postgresql12-debugsource-12.12-150200.8.35.1
postgresql12-devel-12.12-150200.8.35.1
postgresql12-devel-debuginfo-12.12-150200.8.35.1
postgresql12-plperl-12.12-150200.8.35.1
postgresql12-plperl-debuginfo-12.12-150200.8.35.1
postgresql12-plpython-12.12-150200.8.35.1
postgresql12-plpython-debuginfo-12.12-150200.8.35.1
postgresql12-pltcl-12.12-150200.8.35.1
postgresql12-pltcl-debuginfo-12.12-150200.8.35.1
postgresql12-server-12.12-150200.8.35.1
postgresql12-server-debuginfo-12.12-150200.8.35.1
postgresql12-server-devel-12.12-150200.8.35.1
postgresql12-server-devel-debuginfo-12.12-150200.8.35.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (noarch):
postgresql12-docs-12.12-150200.8.35.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (aarch64 x86_64):
postgresql12-12.12-150200.8.35.1
postgresql12-contrib-12.12-150200.8.35.1
postgresql12-contrib-debuginfo-12.12-150200.8.35.1
postgresql12-debuginfo-12.12-150200.8.35.1
postgresql12-debugsource-12.12-150200.8.35.1
postgresql12-devel-12.12-150200.8.35.1
postgresql12-devel-debuginfo-12.12-150200.8.35.1
postgresql12-plperl-12.12-150200.8.35.1
postgresql12-plperl-debuginfo-12.12-150200.8.35.1
postgresql12-plpython-12.12-150200.8.35.1
postgresql12-plpython-debuginfo-12.12-150200.8.35.1
postgresql12-pltcl-12.12-150200.8.35.1
postgresql12-pltcl-debuginfo-12.12-150200.8.35.1
postgresql12-server-12.12-150200.8.35.1
postgresql12-server-debuginfo-12.12-150200.8.35.1
postgresql12-server-devel-12.12-150200.8.35.1
postgresql12-server-devel-debuginfo-12.12-150200.8.35.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (noarch):
postgresql12-docs-12.12-150200.8.35.1
- SUSE Enterprise Storage 7 (aarch64 x86_64):
postgresql12-12.12-150200.8.35.1
postgresql12-contrib-12.12-150200.8.35.1
postgresql12-contrib-debuginfo-12.12-150200.8.35.1
postgresql12-debuginfo-12.12-150200.8.35.1
postgresql12-debugsource-12.12-150200.8.35.1
postgresql12-devel-12.12-150200.8.35.1
postgresql12-devel-debuginfo-12.12-150200.8.35.1
postgresql12-plperl-12.12-150200.8.35.1
postgresql12-plperl-debuginfo-12.12-150200.8.35.1
postgresql12-plpython-12.12-150200.8.35.1
postgresql12-plpython-debuginfo-12.12-150200.8.35.1
postgresql12-pltcl-12.12-150200.8.35.1
postgresql12-pltcl-debuginfo-12.12-150200.8.35.1
postgresql12-server-12.12-150200.8.35.1
postgresql12-server-debuginfo-12.12-150200.8.35.1
postgresql12-server-devel-12.12-150200.8.35.1
postgresql12-server-devel-debuginfo-12.12-150200.8.35.1
- SUSE Enterprise Storage 7 (noarch):
postgresql12-docs-12.12-150200.8.35.1
References:
https://www.suse.com/security/cve/CVE-2022-2625.html
https://bugzilla.suse.com/1198166
https://bugzilla.suse.com/1202368
1
0
SUSE-SU-2022:2989-1: important: Security update for postgresql14
by opensuse-security@opensuse.org 01 Sep '22
by opensuse-security@opensuse.org 01 Sep '22
01 Sep '22
SUSE Security Update: Security update for postgresql14
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:2989-1
Rating: important
References: #1198166 #1200437 #1202368
Cross-References: CVE-2022-2625
CVSS scores:
CVE-2022-2625 (NVD) : 8 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
CVE-2022-2625 (SUSE): 7.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
Affected Products:
SUSE Enterprise Storage 7
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3
SUSE Linux Enterprise Module for Server Applications 15-SP3
SUSE Linux Enterprise Module for Server Applications 15-SP4
SUSE Linux Enterprise Server 15-SP2-BCL
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Linux Enterprise Storage 7.1
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.1
SUSE Manager Retail Branch Server 4.2
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.1
SUSE Manager Server 4.2
SUSE Manager Server 4.3
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that solves one vulnerability and has two fixes
is now available.
Description:
This update for postgresql14 fixes the following issues:
- Upgrade to version 14.5:
- CVE-2022-2625: Fixed an issue where extension scripts would replace
objects not belonging to that extension (bsc#1202368).
- Upgrade to version 14.4 (bsc#1200437)
- Release notes: https://www.postgresql.org/docs/release/14.4/
- Release announcement: https://www.postgresql.org/about/news/p-2470/
- Prevent possible corruption of indexes created or rebuilt with the
CONCURRENTLY option (bsc#1200437)
- Pin to llvm13 until the next patchlevel update (bsc#1198166)
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-2989=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-2989=1
- SUSE Manager Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-2989=1
- SUSE Manager Retail Branch Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-2989=1
- SUSE Manager Proxy 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-2989=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-2989=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-2989=1
- SUSE Linux Enterprise Server 15-SP2-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-2989=1
- SUSE Linux Enterprise Module for Server Applications 15-SP4:
zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP4-2022-2989=1
- SUSE Linux Enterprise Module for Server Applications 15-SP3:
zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP3-2022-2989=1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3:
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP3-2022-2989=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-2989=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-2989=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-2989=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-2989=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2022-2989=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
libecpg6-14.5-150200.5.17.1
libecpg6-debuginfo-14.5-150200.5.17.1
libpq5-14.5-150200.5.17.1
libpq5-debuginfo-14.5-150200.5.17.1
postgresql14-14.5-150200.5.17.1
postgresql14-contrib-14.5-150200.5.17.1
postgresql14-contrib-debuginfo-14.5-150200.5.17.1
postgresql14-debuginfo-14.5-150200.5.17.1
postgresql14-debugsource-14.5-150200.5.17.1
postgresql14-devel-14.5-150200.5.17.1
postgresql14-devel-debuginfo-14.5-150200.5.17.1
postgresql14-llvmjit-14.5-150200.5.17.1
postgresql14-llvmjit-debuginfo-14.5-150200.5.17.1
postgresql14-llvmjit-devel-14.5-150200.5.17.1
postgresql14-plperl-14.5-150200.5.17.1
postgresql14-plperl-debuginfo-14.5-150200.5.17.1
postgresql14-plpython-14.5-150200.5.17.1
postgresql14-plpython-debuginfo-14.5-150200.5.17.1
postgresql14-pltcl-14.5-150200.5.17.1
postgresql14-pltcl-debuginfo-14.5-150200.5.17.1
postgresql14-server-14.5-150200.5.17.1
postgresql14-server-debuginfo-14.5-150200.5.17.1
postgresql14-server-devel-14.5-150200.5.17.1
postgresql14-server-devel-debuginfo-14.5-150200.5.17.1
postgresql14-test-14.5-150200.5.17.1
- openSUSE Leap 15.4 (noarch):
postgresql14-docs-14.5-150200.5.17.1
- openSUSE Leap 15.4 (x86_64):
libecpg6-32bit-14.5-150200.5.17.1
libecpg6-32bit-debuginfo-14.5-150200.5.17.1
libpq5-32bit-14.5-150200.5.17.1
libpq5-32bit-debuginfo-14.5-150200.5.17.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
libecpg6-14.5-150200.5.17.1
libecpg6-debuginfo-14.5-150200.5.17.1
libpq5-14.5-150200.5.17.1
libpq5-debuginfo-14.5-150200.5.17.1
postgresql14-14.5-150200.5.17.1
postgresql14-contrib-14.5-150200.5.17.1
postgresql14-contrib-debuginfo-14.5-150200.5.17.1
postgresql14-debuginfo-14.5-150200.5.17.1
postgresql14-debugsource-14.5-150200.5.17.1
postgresql14-devel-14.5-150200.5.17.1
postgresql14-devel-debuginfo-14.5-150200.5.17.1
postgresql14-llvmjit-14.5-150200.5.17.1
postgresql14-llvmjit-debuginfo-14.5-150200.5.17.1
postgresql14-plperl-14.5-150200.5.17.1
postgresql14-plperl-debuginfo-14.5-150200.5.17.1
postgresql14-plpython-14.5-150200.5.17.1
postgresql14-plpython-debuginfo-14.5-150200.5.17.1
postgresql14-pltcl-14.5-150200.5.17.1
postgresql14-pltcl-debuginfo-14.5-150200.5.17.1
postgresql14-server-14.5-150200.5.17.1
postgresql14-server-debuginfo-14.5-150200.5.17.1
postgresql14-server-devel-14.5-150200.5.17.1
postgresql14-server-devel-debuginfo-14.5-150200.5.17.1
postgresql14-test-14.5-150200.5.17.1
- openSUSE Leap 15.3 (noarch):
postgresql14-docs-14.5-150200.5.17.1
- openSUSE Leap 15.3 (x86_64):
libecpg6-32bit-14.5-150200.5.17.1
libecpg6-32bit-debuginfo-14.5-150200.5.17.1
libpq5-32bit-14.5-150200.5.17.1
libpq5-32bit-debuginfo-14.5-150200.5.17.1
- SUSE Manager Server 4.1 (ppc64le s390x x86_64):
libecpg6-14.5-150200.5.17.1
libecpg6-debuginfo-14.5-150200.5.17.1
libpq5-14.5-150200.5.17.1
libpq5-debuginfo-14.5-150200.5.17.1
postgresql14-14.5-150200.5.17.1
postgresql14-contrib-14.5-150200.5.17.1
postgresql14-contrib-debuginfo-14.5-150200.5.17.1
postgresql14-debuginfo-14.5-150200.5.17.1
postgresql14-debugsource-14.5-150200.5.17.1
postgresql14-devel-14.5-150200.5.17.1
postgresql14-devel-debuginfo-14.5-150200.5.17.1
postgresql14-plperl-14.5-150200.5.17.1
postgresql14-plperl-debuginfo-14.5-150200.5.17.1
postgresql14-plpython-14.5-150200.5.17.1
postgresql14-plpython-debuginfo-14.5-150200.5.17.1
postgresql14-pltcl-14.5-150200.5.17.1
postgresql14-pltcl-debuginfo-14.5-150200.5.17.1
postgresql14-server-14.5-150200.5.17.1
postgresql14-server-debuginfo-14.5-150200.5.17.1
postgresql14-server-devel-14.5-150200.5.17.1
postgresql14-server-devel-debuginfo-14.5-150200.5.17.1
- SUSE Manager Server 4.1 (noarch):
postgresql14-docs-14.5-150200.5.17.1
- SUSE Manager Server 4.1 (x86_64):
libpq5-32bit-14.5-150200.5.17.1
libpq5-32bit-debuginfo-14.5-150200.5.17.1
- SUSE Manager Retail Branch Server 4.1 (noarch):
postgresql14-docs-14.5-150200.5.17.1
- SUSE Manager Retail Branch Server 4.1 (x86_64):
libecpg6-14.5-150200.5.17.1
libecpg6-debuginfo-14.5-150200.5.17.1
libpq5-14.5-150200.5.17.1
libpq5-32bit-14.5-150200.5.17.1
libpq5-32bit-debuginfo-14.5-150200.5.17.1
libpq5-debuginfo-14.5-150200.5.17.1
postgresql14-14.5-150200.5.17.1
postgresql14-contrib-14.5-150200.5.17.1
postgresql14-contrib-debuginfo-14.5-150200.5.17.1
postgresql14-debuginfo-14.5-150200.5.17.1
postgresql14-debugsource-14.5-150200.5.17.1
postgresql14-devel-14.5-150200.5.17.1
postgresql14-devel-debuginfo-14.5-150200.5.17.1
postgresql14-plperl-14.5-150200.5.17.1
postgresql14-plperl-debuginfo-14.5-150200.5.17.1
postgresql14-plpython-14.5-150200.5.17.1
postgresql14-plpython-debuginfo-14.5-150200.5.17.1
postgresql14-pltcl-14.5-150200.5.17.1
postgresql14-pltcl-debuginfo-14.5-150200.5.17.1
postgresql14-server-14.5-150200.5.17.1
postgresql14-server-debuginfo-14.5-150200.5.17.1
postgresql14-server-devel-14.5-150200.5.17.1
postgresql14-server-devel-debuginfo-14.5-150200.5.17.1
- SUSE Manager Proxy 4.1 (x86_64):
libecpg6-14.5-150200.5.17.1
libecpg6-debuginfo-14.5-150200.5.17.1
libpq5-14.5-150200.5.17.1
libpq5-32bit-14.5-150200.5.17.1
libpq5-32bit-debuginfo-14.5-150200.5.17.1
libpq5-debuginfo-14.5-150200.5.17.1
postgresql14-14.5-150200.5.17.1
postgresql14-contrib-14.5-150200.5.17.1
postgresql14-contrib-debuginfo-14.5-150200.5.17.1
postgresql14-debuginfo-14.5-150200.5.17.1
postgresql14-debugsource-14.5-150200.5.17.1
postgresql14-devel-14.5-150200.5.17.1
postgresql14-devel-debuginfo-14.5-150200.5.17.1
postgresql14-plperl-14.5-150200.5.17.1
postgresql14-plperl-debuginfo-14.5-150200.5.17.1
postgresql14-plpython-14.5-150200.5.17.1
postgresql14-plpython-debuginfo-14.5-150200.5.17.1
postgresql14-pltcl-14.5-150200.5.17.1
postgresql14-pltcl-debuginfo-14.5-150200.5.17.1
postgresql14-server-14.5-150200.5.17.1
postgresql14-server-debuginfo-14.5-150200.5.17.1
postgresql14-server-devel-14.5-150200.5.17.1
postgresql14-server-devel-debuginfo-14.5-150200.5.17.1
- SUSE Manager Proxy 4.1 (noarch):
postgresql14-docs-14.5-150200.5.17.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64):
libecpg6-14.5-150200.5.17.1
libecpg6-debuginfo-14.5-150200.5.17.1
libpq5-14.5-150200.5.17.1
libpq5-debuginfo-14.5-150200.5.17.1
postgresql14-14.5-150200.5.17.1
postgresql14-contrib-14.5-150200.5.17.1
postgresql14-contrib-debuginfo-14.5-150200.5.17.1
postgresql14-debuginfo-14.5-150200.5.17.1
postgresql14-debugsource-14.5-150200.5.17.1
postgresql14-devel-14.5-150200.5.17.1
postgresql14-devel-debuginfo-14.5-150200.5.17.1
postgresql14-plperl-14.5-150200.5.17.1
postgresql14-plperl-debuginfo-14.5-150200.5.17.1
postgresql14-plpython-14.5-150200.5.17.1
postgresql14-plpython-debuginfo-14.5-150200.5.17.1
postgresql14-pltcl-14.5-150200.5.17.1
postgresql14-pltcl-debuginfo-14.5-150200.5.17.1
postgresql14-server-14.5-150200.5.17.1
postgresql14-server-debuginfo-14.5-150200.5.17.1
postgresql14-server-devel-14.5-150200.5.17.1
postgresql14-server-devel-debuginfo-14.5-150200.5.17.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (noarch):
postgresql14-docs-14.5-150200.5.17.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (x86_64):
libpq5-32bit-14.5-150200.5.17.1
libpq5-32bit-debuginfo-14.5-150200.5.17.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64):
libecpg6-14.5-150200.5.17.1
libecpg6-debuginfo-14.5-150200.5.17.1
libpq5-14.5-150200.5.17.1
libpq5-debuginfo-14.5-150200.5.17.1
postgresql14-14.5-150200.5.17.1
postgresql14-contrib-14.5-150200.5.17.1
postgresql14-contrib-debuginfo-14.5-150200.5.17.1
postgresql14-debuginfo-14.5-150200.5.17.1
postgresql14-debugsource-14.5-150200.5.17.1
postgresql14-devel-14.5-150200.5.17.1
postgresql14-devel-debuginfo-14.5-150200.5.17.1
postgresql14-plperl-14.5-150200.5.17.1
postgresql14-plperl-debuginfo-14.5-150200.5.17.1
postgresql14-plpython-14.5-150200.5.17.1
postgresql14-plpython-debuginfo-14.5-150200.5.17.1
postgresql14-pltcl-14.5-150200.5.17.1
postgresql14-pltcl-debuginfo-14.5-150200.5.17.1
postgresql14-server-14.5-150200.5.17.1
postgresql14-server-debuginfo-14.5-150200.5.17.1
postgresql14-server-devel-14.5-150200.5.17.1
postgresql14-server-devel-debuginfo-14.5-150200.5.17.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (noarch):
postgresql14-docs-14.5-150200.5.17.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (x86_64):
libpq5-32bit-14.5-150200.5.17.1
libpq5-32bit-debuginfo-14.5-150200.5.17.1
- SUSE Linux Enterprise Server 15-SP2-BCL (x86_64):
libecpg6-14.5-150200.5.17.1
libecpg6-debuginfo-14.5-150200.5.17.1
libpq5-14.5-150200.5.17.1
libpq5-32bit-14.5-150200.5.17.1
libpq5-32bit-debuginfo-14.5-150200.5.17.1
libpq5-debuginfo-14.5-150200.5.17.1
postgresql14-14.5-150200.5.17.1
postgresql14-contrib-14.5-150200.5.17.1
postgresql14-contrib-debuginfo-14.5-150200.5.17.1
postgresql14-debuginfo-14.5-150200.5.17.1
postgresql14-debugsource-14.5-150200.5.17.1
postgresql14-devel-14.5-150200.5.17.1
postgresql14-devel-debuginfo-14.5-150200.5.17.1
postgresql14-plperl-14.5-150200.5.17.1
postgresql14-plperl-debuginfo-14.5-150200.5.17.1
postgresql14-plpython-14.5-150200.5.17.1
postgresql14-plpython-debuginfo-14.5-150200.5.17.1
postgresql14-pltcl-14.5-150200.5.17.1
postgresql14-pltcl-debuginfo-14.5-150200.5.17.1
postgresql14-server-14.5-150200.5.17.1
postgresql14-server-debuginfo-14.5-150200.5.17.1
postgresql14-server-devel-14.5-150200.5.17.1
postgresql14-server-devel-debuginfo-14.5-150200.5.17.1
- SUSE Linux Enterprise Server 15-SP2-BCL (noarch):
postgresql14-docs-14.5-150200.5.17.1
- SUSE Linux Enterprise Module for Server Applications 15-SP4 (aarch64 ppc64le s390x x86_64):
libecpg6-14.5-150200.5.17.1
libecpg6-debuginfo-14.5-150200.5.17.1
postgresql14-contrib-14.5-150200.5.17.1
postgresql14-contrib-debuginfo-14.5-150200.5.17.1
postgresql14-debuginfo-14.5-150200.5.17.1
postgresql14-debugsource-14.5-150200.5.17.1
postgresql14-devel-14.5-150200.5.17.1
postgresql14-devel-debuginfo-14.5-150200.5.17.1
postgresql14-plperl-14.5-150200.5.17.1
postgresql14-plperl-debuginfo-14.5-150200.5.17.1
postgresql14-plpython-14.5-150200.5.17.1
postgresql14-plpython-debuginfo-14.5-150200.5.17.1
postgresql14-pltcl-14.5-150200.5.17.1
postgresql14-pltcl-debuginfo-14.5-150200.5.17.1
postgresql14-server-14.5-150200.5.17.1
postgresql14-server-debuginfo-14.5-150200.5.17.1
postgresql14-server-devel-14.5-150200.5.17.1
postgresql14-server-devel-debuginfo-14.5-150200.5.17.1
- SUSE Linux Enterprise Module for Server Applications 15-SP4 (noarch):
postgresql14-docs-14.5-150200.5.17.1
- SUSE Linux Enterprise Module for Server Applications 15-SP3 (aarch64 ppc64le s390x x86_64):
libecpg6-14.5-150200.5.17.1
libecpg6-debuginfo-14.5-150200.5.17.1
postgresql14-contrib-14.5-150200.5.17.1
postgresql14-contrib-debuginfo-14.5-150200.5.17.1
postgresql14-debuginfo-14.5-150200.5.17.1
postgresql14-debugsource-14.5-150200.5.17.1
postgresql14-devel-14.5-150200.5.17.1
postgresql14-devel-debuginfo-14.5-150200.5.17.1
postgresql14-plperl-14.5-150200.5.17.1
postgresql14-plperl-debuginfo-14.5-150200.5.17.1
postgresql14-plpython-14.5-150200.5.17.1
postgresql14-plpython-debuginfo-14.5-150200.5.17.1
postgresql14-pltcl-14.5-150200.5.17.1
postgresql14-pltcl-debuginfo-14.5-150200.5.17.1
postgresql14-server-14.5-150200.5.17.1
postgresql14-server-debuginfo-14.5-150200.5.17.1
postgresql14-server-devel-14.5-150200.5.17.1
postgresql14-server-devel-debuginfo-14.5-150200.5.17.1
- SUSE Linux Enterprise Module for Server Applications 15-SP3 (noarch):
postgresql14-docs-14.5-150200.5.17.1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3 (aarch64 ppc64le s390x x86_64):
postgresql14-llvmjit-14.5-150200.5.17.1
postgresql14-llvmjit-debuginfo-14.5-150200.5.17.1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3 (x86_64):
postgresql14-test-14.5-150200.5.17.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64 ppc64le s390x x86_64):
libpq5-14.5-150200.5.17.1
libpq5-debuginfo-14.5-150200.5.17.1
postgresql14-14.5-150200.5.17.1
postgresql14-debuginfo-14.5-150200.5.17.1
postgresql14-debugsource-14.5-150200.5.17.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64):
libpq5-14.5-150200.5.17.1
libpq5-debuginfo-14.5-150200.5.17.1
postgresql14-14.5-150200.5.17.1
postgresql14-debuginfo-14.5-150200.5.17.1
postgresql14-debugsource-14.5-150200.5.17.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64):
libecpg6-14.5-150200.5.17.1
libecpg6-debuginfo-14.5-150200.5.17.1
libpq5-14.5-150200.5.17.1
libpq5-debuginfo-14.5-150200.5.17.1
postgresql14-14.5-150200.5.17.1
postgresql14-contrib-14.5-150200.5.17.1
postgresql14-contrib-debuginfo-14.5-150200.5.17.1
postgresql14-debuginfo-14.5-150200.5.17.1
postgresql14-debugsource-14.5-150200.5.17.1
postgresql14-devel-14.5-150200.5.17.1
postgresql14-devel-debuginfo-14.5-150200.5.17.1
postgresql14-plperl-14.5-150200.5.17.1
postgresql14-plperl-debuginfo-14.5-150200.5.17.1
postgresql14-plpython-14.5-150200.5.17.1
postgresql14-plpython-debuginfo-14.5-150200.5.17.1
postgresql14-pltcl-14.5-150200.5.17.1
postgresql14-pltcl-debuginfo-14.5-150200.5.17.1
postgresql14-server-14.5-150200.5.17.1
postgresql14-server-debuginfo-14.5-150200.5.17.1
postgresql14-server-devel-14.5-150200.5.17.1
postgresql14-server-devel-debuginfo-14.5-150200.5.17.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (x86_64):
libpq5-32bit-14.5-150200.5.17.1
libpq5-32bit-debuginfo-14.5-150200.5.17.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (noarch):
postgresql14-docs-14.5-150200.5.17.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (aarch64 x86_64):
libecpg6-14.5-150200.5.17.1
libecpg6-debuginfo-14.5-150200.5.17.1
libpq5-14.5-150200.5.17.1
libpq5-debuginfo-14.5-150200.5.17.1
postgresql14-14.5-150200.5.17.1
postgresql14-contrib-14.5-150200.5.17.1
postgresql14-contrib-debuginfo-14.5-150200.5.17.1
postgresql14-debuginfo-14.5-150200.5.17.1
postgresql14-debugsource-14.5-150200.5.17.1
postgresql14-devel-14.5-150200.5.17.1
postgresql14-devel-debuginfo-14.5-150200.5.17.1
postgresql14-plperl-14.5-150200.5.17.1
postgresql14-plperl-debuginfo-14.5-150200.5.17.1
postgresql14-plpython-14.5-150200.5.17.1
postgresql14-plpython-debuginfo-14.5-150200.5.17.1
postgresql14-pltcl-14.5-150200.5.17.1
postgresql14-pltcl-debuginfo-14.5-150200.5.17.1
postgresql14-server-14.5-150200.5.17.1
postgresql14-server-debuginfo-14.5-150200.5.17.1
postgresql14-server-devel-14.5-150200.5.17.1
postgresql14-server-devel-debuginfo-14.5-150200.5.17.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (x86_64):
libpq5-32bit-14.5-150200.5.17.1
libpq5-32bit-debuginfo-14.5-150200.5.17.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (noarch):
postgresql14-docs-14.5-150200.5.17.1
- SUSE Enterprise Storage 7 (aarch64 x86_64):
libecpg6-14.5-150200.5.17.1
libecpg6-debuginfo-14.5-150200.5.17.1
libpq5-14.5-150200.5.17.1
libpq5-debuginfo-14.5-150200.5.17.1
postgresql14-14.5-150200.5.17.1
postgresql14-contrib-14.5-150200.5.17.1
postgresql14-contrib-debuginfo-14.5-150200.5.17.1
postgresql14-debuginfo-14.5-150200.5.17.1
postgresql14-debugsource-14.5-150200.5.17.1
postgresql14-devel-14.5-150200.5.17.1
postgresql14-devel-debuginfo-14.5-150200.5.17.1
postgresql14-plperl-14.5-150200.5.17.1
postgresql14-plperl-debuginfo-14.5-150200.5.17.1
postgresql14-plpython-14.5-150200.5.17.1
postgresql14-plpython-debuginfo-14.5-150200.5.17.1
postgresql14-pltcl-14.5-150200.5.17.1
postgresql14-pltcl-debuginfo-14.5-150200.5.17.1
postgresql14-server-14.5-150200.5.17.1
postgresql14-server-debuginfo-14.5-150200.5.17.1
postgresql14-server-devel-14.5-150200.5.17.1
postgresql14-server-devel-debuginfo-14.5-150200.5.17.1
- SUSE Enterprise Storage 7 (x86_64):
libpq5-32bit-14.5-150200.5.17.1
libpq5-32bit-debuginfo-14.5-150200.5.17.1
- SUSE Enterprise Storage 7 (noarch):
postgresql14-docs-14.5-150200.5.17.1
References:
https://www.suse.com/security/cve/CVE-2022-2625.html
https://bugzilla.suse.com/1198166
https://bugzilla.suse.com/1200437
https://bugzilla.suse.com/1202368
1
0
SUSE-SU-2022:2987-1: important: Security update for postgresql13
by opensuse-security@opensuse.org 01 Sep '22
by opensuse-security@opensuse.org 01 Sep '22
01 Sep '22
SUSE Security Update: Security update for postgresql13
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:2987-1
Rating: important
References: #1198166 #1202368
Cross-References: CVE-2022-2625
CVSS scores:
CVE-2022-2625 (NVD) : 8 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
CVE-2022-2625 (SUSE): 7.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
Affected Products:
SUSE Enterprise Storage 7
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise High Performance Computing
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Legacy Software 15-SP4
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3
SUSE Linux Enterprise Module for Server Applications 15-SP3
SUSE Linux Enterprise Server
SUSE Linux Enterprise Server 15-SP2-BCL
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP Applications
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Storage 7.1
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.1
SUSE Manager Retail Branch Server 4.2
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.1
SUSE Manager Server 4.2
SUSE Manager Server 4.3
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that solves one vulnerability and has one errata
is now available.
Description:
This update for postgresql13 fixes the following issues:
- Update to 13.8:
- CVE-2022-2625: Fixed an issue where extension scripts would replace
objects not belonging to that extension (bsc#1202368).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-2987=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-2987=1
- SUSE Manager Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-2987=1
- SUSE Manager Retail Branch Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-2987=1
- SUSE Manager Proxy 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-2987=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-2987=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-2987=1
- SUSE Linux Enterprise Server 15-SP2-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-2987=1
- SUSE Linux Enterprise Module for Server Applications 15-SP3:
zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP3-2022-2987=1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3:
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP3-2022-2987=1
- SUSE Linux Enterprise Module for Legacy Software 15-SP4:
zypper in -t patch SUSE-SLE-Module-Legacy-15-SP4-2022-2987=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-2987=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-2987=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-2987=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2022-2987=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
postgresql13-13.8-150200.5.31.1
postgresql13-contrib-13.8-150200.5.31.1
postgresql13-contrib-debuginfo-13.8-150200.5.31.1
postgresql13-debuginfo-13.8-150200.5.31.1
postgresql13-debugsource-13.8-150200.5.31.1
postgresql13-devel-13.8-150200.5.31.1
postgresql13-devel-debuginfo-13.8-150200.5.31.1
postgresql13-llvmjit-13.8-150200.5.31.1
postgresql13-llvmjit-debuginfo-13.8-150200.5.31.1
postgresql13-llvmjit-devel-13.8-150200.5.31.1
postgresql13-plperl-13.8-150200.5.31.1
postgresql13-plperl-debuginfo-13.8-150200.5.31.1
postgresql13-plpython-13.8-150200.5.31.1
postgresql13-plpython-debuginfo-13.8-150200.5.31.1
postgresql13-pltcl-13.8-150200.5.31.1
postgresql13-pltcl-debuginfo-13.8-150200.5.31.1
postgresql13-server-13.8-150200.5.31.1
postgresql13-server-debuginfo-13.8-150200.5.31.1
postgresql13-server-devel-13.8-150200.5.31.1
postgresql13-server-devel-debuginfo-13.8-150200.5.31.1
postgresql13-test-13.8-150200.5.31.1
- openSUSE Leap 15.4 (noarch):
postgresql13-docs-13.8-150200.5.31.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
postgresql13-13.8-150200.5.31.1
postgresql13-contrib-13.8-150200.5.31.1
postgresql13-contrib-debuginfo-13.8-150200.5.31.1
postgresql13-debuginfo-13.8-150200.5.31.1
postgresql13-debugsource-13.8-150200.5.31.1
postgresql13-devel-13.8-150200.5.31.1
postgresql13-devel-debuginfo-13.8-150200.5.31.1
postgresql13-llvmjit-13.8-150200.5.31.1
postgresql13-llvmjit-debuginfo-13.8-150200.5.31.1
postgresql13-plperl-13.8-150200.5.31.1
postgresql13-plperl-debuginfo-13.8-150200.5.31.1
postgresql13-plpython-13.8-150200.5.31.1
postgresql13-plpython-debuginfo-13.8-150200.5.31.1
postgresql13-pltcl-13.8-150200.5.31.1
postgresql13-pltcl-debuginfo-13.8-150200.5.31.1
postgresql13-server-13.8-150200.5.31.1
postgresql13-server-debuginfo-13.8-150200.5.31.1
postgresql13-server-devel-13.8-150200.5.31.1
postgresql13-server-devel-debuginfo-13.8-150200.5.31.1
postgresql13-test-13.8-150200.5.31.1
- openSUSE Leap 15.3 (noarch):
postgresql13-docs-13.8-150200.5.31.1
- SUSE Manager Server 4.1 (ppc64le s390x x86_64):
postgresql13-13.8-150200.5.31.1
postgresql13-contrib-13.8-150200.5.31.1
postgresql13-contrib-debuginfo-13.8-150200.5.31.1
postgresql13-debuginfo-13.8-150200.5.31.1
postgresql13-debugsource-13.8-150200.5.31.1
postgresql13-devel-13.8-150200.5.31.1
postgresql13-devel-debuginfo-13.8-150200.5.31.1
postgresql13-plperl-13.8-150200.5.31.1
postgresql13-plperl-debuginfo-13.8-150200.5.31.1
postgresql13-plpython-13.8-150200.5.31.1
postgresql13-plpython-debuginfo-13.8-150200.5.31.1
postgresql13-pltcl-13.8-150200.5.31.1
postgresql13-pltcl-debuginfo-13.8-150200.5.31.1
postgresql13-server-13.8-150200.5.31.1
postgresql13-server-debuginfo-13.8-150200.5.31.1
postgresql13-server-devel-13.8-150200.5.31.1
postgresql13-server-devel-debuginfo-13.8-150200.5.31.1
- SUSE Manager Server 4.1 (noarch):
postgresql13-docs-13.8-150200.5.31.1
- SUSE Manager Retail Branch Server 4.1 (x86_64):
postgresql13-13.8-150200.5.31.1
postgresql13-contrib-13.8-150200.5.31.1
postgresql13-contrib-debuginfo-13.8-150200.5.31.1
postgresql13-debuginfo-13.8-150200.5.31.1
postgresql13-debugsource-13.8-150200.5.31.1
postgresql13-devel-13.8-150200.5.31.1
postgresql13-devel-debuginfo-13.8-150200.5.31.1
postgresql13-plperl-13.8-150200.5.31.1
postgresql13-plperl-debuginfo-13.8-150200.5.31.1
postgresql13-plpython-13.8-150200.5.31.1
postgresql13-plpython-debuginfo-13.8-150200.5.31.1
postgresql13-pltcl-13.8-150200.5.31.1
postgresql13-pltcl-debuginfo-13.8-150200.5.31.1
postgresql13-server-13.8-150200.5.31.1
postgresql13-server-debuginfo-13.8-150200.5.31.1
postgresql13-server-devel-13.8-150200.5.31.1
postgresql13-server-devel-debuginfo-13.8-150200.5.31.1
- SUSE Manager Retail Branch Server 4.1 (noarch):
postgresql13-docs-13.8-150200.5.31.1
- SUSE Manager Proxy 4.1 (noarch):
postgresql13-docs-13.8-150200.5.31.1
- SUSE Manager Proxy 4.1 (x86_64):
postgresql13-13.8-150200.5.31.1
postgresql13-contrib-13.8-150200.5.31.1
postgresql13-contrib-debuginfo-13.8-150200.5.31.1
postgresql13-debuginfo-13.8-150200.5.31.1
postgresql13-debugsource-13.8-150200.5.31.1
postgresql13-devel-13.8-150200.5.31.1
postgresql13-devel-debuginfo-13.8-150200.5.31.1
postgresql13-plperl-13.8-150200.5.31.1
postgresql13-plperl-debuginfo-13.8-150200.5.31.1
postgresql13-plpython-13.8-150200.5.31.1
postgresql13-plpython-debuginfo-13.8-150200.5.31.1
postgresql13-pltcl-13.8-150200.5.31.1
postgresql13-pltcl-debuginfo-13.8-150200.5.31.1
postgresql13-server-13.8-150200.5.31.1
postgresql13-server-debuginfo-13.8-150200.5.31.1
postgresql13-server-devel-13.8-150200.5.31.1
postgresql13-server-devel-debuginfo-13.8-150200.5.31.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64):
postgresql13-13.8-150200.5.31.1
postgresql13-contrib-13.8-150200.5.31.1
postgresql13-contrib-debuginfo-13.8-150200.5.31.1
postgresql13-debuginfo-13.8-150200.5.31.1
postgresql13-debugsource-13.8-150200.5.31.1
postgresql13-devel-13.8-150200.5.31.1
postgresql13-devel-debuginfo-13.8-150200.5.31.1
postgresql13-plperl-13.8-150200.5.31.1
postgresql13-plperl-debuginfo-13.8-150200.5.31.1
postgresql13-plpython-13.8-150200.5.31.1
postgresql13-plpython-debuginfo-13.8-150200.5.31.1
postgresql13-pltcl-13.8-150200.5.31.1
postgresql13-pltcl-debuginfo-13.8-150200.5.31.1
postgresql13-server-13.8-150200.5.31.1
postgresql13-server-debuginfo-13.8-150200.5.31.1
postgresql13-server-devel-13.8-150200.5.31.1
postgresql13-server-devel-debuginfo-13.8-150200.5.31.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (noarch):
postgresql13-docs-13.8-150200.5.31.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64):
postgresql13-13.8-150200.5.31.1
postgresql13-contrib-13.8-150200.5.31.1
postgresql13-contrib-debuginfo-13.8-150200.5.31.1
postgresql13-debuginfo-13.8-150200.5.31.1
postgresql13-debugsource-13.8-150200.5.31.1
postgresql13-devel-13.8-150200.5.31.1
postgresql13-devel-debuginfo-13.8-150200.5.31.1
postgresql13-plperl-13.8-150200.5.31.1
postgresql13-plperl-debuginfo-13.8-150200.5.31.1
postgresql13-plpython-13.8-150200.5.31.1
postgresql13-plpython-debuginfo-13.8-150200.5.31.1
postgresql13-pltcl-13.8-150200.5.31.1
postgresql13-pltcl-debuginfo-13.8-150200.5.31.1
postgresql13-server-13.8-150200.5.31.1
postgresql13-server-debuginfo-13.8-150200.5.31.1
postgresql13-server-devel-13.8-150200.5.31.1
postgresql13-server-devel-debuginfo-13.8-150200.5.31.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (noarch):
postgresql13-docs-13.8-150200.5.31.1
- SUSE Linux Enterprise Server 15-SP2-BCL (x86_64):
postgresql13-13.8-150200.5.31.1
postgresql13-contrib-13.8-150200.5.31.1
postgresql13-contrib-debuginfo-13.8-150200.5.31.1
postgresql13-debuginfo-13.8-150200.5.31.1
postgresql13-debugsource-13.8-150200.5.31.1
postgresql13-devel-13.8-150200.5.31.1
postgresql13-devel-debuginfo-13.8-150200.5.31.1
postgresql13-plperl-13.8-150200.5.31.1
postgresql13-plperl-debuginfo-13.8-150200.5.31.1
postgresql13-plpython-13.8-150200.5.31.1
postgresql13-plpython-debuginfo-13.8-150200.5.31.1
postgresql13-pltcl-13.8-150200.5.31.1
postgresql13-pltcl-debuginfo-13.8-150200.5.31.1
postgresql13-server-13.8-150200.5.31.1
postgresql13-server-debuginfo-13.8-150200.5.31.1
postgresql13-server-devel-13.8-150200.5.31.1
postgresql13-server-devel-debuginfo-13.8-150200.5.31.1
- SUSE Linux Enterprise Server 15-SP2-BCL (noarch):
postgresql13-docs-13.8-150200.5.31.1
- SUSE Linux Enterprise Module for Server Applications 15-SP3 (aarch64 ppc64le s390x x86_64):
postgresql13-contrib-13.8-150200.5.31.1
postgresql13-contrib-debuginfo-13.8-150200.5.31.1
postgresql13-debuginfo-13.8-150200.5.31.1
postgresql13-debugsource-13.8-150200.5.31.1
postgresql13-devel-13.8-150200.5.31.1
postgresql13-devel-debuginfo-13.8-150200.5.31.1
postgresql13-plperl-13.8-150200.5.31.1
postgresql13-plperl-debuginfo-13.8-150200.5.31.1
postgresql13-plpython-13.8-150200.5.31.1
postgresql13-plpython-debuginfo-13.8-150200.5.31.1
postgresql13-pltcl-13.8-150200.5.31.1
postgresql13-pltcl-debuginfo-13.8-150200.5.31.1
postgresql13-server-13.8-150200.5.31.1
postgresql13-server-debuginfo-13.8-150200.5.31.1
postgresql13-server-devel-13.8-150200.5.31.1
postgresql13-server-devel-debuginfo-13.8-150200.5.31.1
- SUSE Linux Enterprise Module for Server Applications 15-SP3 (noarch):
postgresql13-docs-13.8-150200.5.31.1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3 (aarch64 ppc64le s390x x86_64):
postgresql13-llvmjit-13.8-150200.5.31.1
postgresql13-llvmjit-debuginfo-13.8-150200.5.31.1
postgresql13-test-13.8-150200.5.31.1
- SUSE Linux Enterprise Module for Legacy Software 15-SP4 (aarch64 ppc64le s390x x86_64):
postgresql13-13.8-150200.5.31.1
postgresql13-contrib-13.8-150200.5.31.1
postgresql13-contrib-debuginfo-13.8-150200.5.31.1
postgresql13-debuginfo-13.8-150200.5.31.1
postgresql13-debugsource-13.8-150200.5.31.1
postgresql13-devel-13.8-150200.5.31.1
postgresql13-devel-debuginfo-13.8-150200.5.31.1
postgresql13-llvmjit-13.8-150200.5.31.1
postgresql13-llvmjit-debuginfo-13.8-150200.5.31.1
postgresql13-llvmjit-devel-13.8-150200.5.31.1
postgresql13-plperl-13.8-150200.5.31.1
postgresql13-plperl-debuginfo-13.8-150200.5.31.1
postgresql13-plpython-13.8-150200.5.31.1
postgresql13-plpython-debuginfo-13.8-150200.5.31.1
postgresql13-pltcl-13.8-150200.5.31.1
postgresql13-pltcl-debuginfo-13.8-150200.5.31.1
postgresql13-server-13.8-150200.5.31.1
postgresql13-server-debuginfo-13.8-150200.5.31.1
postgresql13-server-devel-13.8-150200.5.31.1
postgresql13-server-devel-debuginfo-13.8-150200.5.31.1
- SUSE Linux Enterprise Module for Legacy Software 15-SP4 (noarch):
postgresql13-docs-13.8-150200.5.31.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64):
postgresql13-13.8-150200.5.31.1
postgresql13-debuginfo-13.8-150200.5.31.1
postgresql13-debugsource-13.8-150200.5.31.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64):
postgresql13-13.8-150200.5.31.1
postgresql13-contrib-13.8-150200.5.31.1
postgresql13-contrib-debuginfo-13.8-150200.5.31.1
postgresql13-debuginfo-13.8-150200.5.31.1
postgresql13-debugsource-13.8-150200.5.31.1
postgresql13-devel-13.8-150200.5.31.1
postgresql13-devel-debuginfo-13.8-150200.5.31.1
postgresql13-plperl-13.8-150200.5.31.1
postgresql13-plperl-debuginfo-13.8-150200.5.31.1
postgresql13-plpython-13.8-150200.5.31.1
postgresql13-plpython-debuginfo-13.8-150200.5.31.1
postgresql13-pltcl-13.8-150200.5.31.1
postgresql13-pltcl-debuginfo-13.8-150200.5.31.1
postgresql13-server-13.8-150200.5.31.1
postgresql13-server-debuginfo-13.8-150200.5.31.1
postgresql13-server-devel-13.8-150200.5.31.1
postgresql13-server-devel-debuginfo-13.8-150200.5.31.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (noarch):
postgresql13-docs-13.8-150200.5.31.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (aarch64 x86_64):
postgresql13-13.8-150200.5.31.1
postgresql13-contrib-13.8-150200.5.31.1
postgresql13-contrib-debuginfo-13.8-150200.5.31.1
postgresql13-debuginfo-13.8-150200.5.31.1
postgresql13-debugsource-13.8-150200.5.31.1
postgresql13-devel-13.8-150200.5.31.1
postgresql13-devel-debuginfo-13.8-150200.5.31.1
postgresql13-plperl-13.8-150200.5.31.1
postgresql13-plperl-debuginfo-13.8-150200.5.31.1
postgresql13-plpython-13.8-150200.5.31.1
postgresql13-plpython-debuginfo-13.8-150200.5.31.1
postgresql13-pltcl-13.8-150200.5.31.1
postgresql13-pltcl-debuginfo-13.8-150200.5.31.1
postgresql13-server-13.8-150200.5.31.1
postgresql13-server-debuginfo-13.8-150200.5.31.1
postgresql13-server-devel-13.8-150200.5.31.1
postgresql13-server-devel-debuginfo-13.8-150200.5.31.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (noarch):
postgresql13-docs-13.8-150200.5.31.1
- SUSE Enterprise Storage 7 (aarch64 x86_64):
postgresql13-13.8-150200.5.31.1
postgresql13-contrib-13.8-150200.5.31.1
postgresql13-contrib-debuginfo-13.8-150200.5.31.1
postgresql13-debuginfo-13.8-150200.5.31.1
postgresql13-debugsource-13.8-150200.5.31.1
postgresql13-devel-13.8-150200.5.31.1
postgresql13-devel-debuginfo-13.8-150200.5.31.1
postgresql13-plperl-13.8-150200.5.31.1
postgresql13-plperl-debuginfo-13.8-150200.5.31.1
postgresql13-plpython-13.8-150200.5.31.1
postgresql13-plpython-debuginfo-13.8-150200.5.31.1
postgresql13-pltcl-13.8-150200.5.31.1
postgresql13-pltcl-debuginfo-13.8-150200.5.31.1
postgresql13-server-13.8-150200.5.31.1
postgresql13-server-debuginfo-13.8-150200.5.31.1
postgresql13-server-devel-13.8-150200.5.31.1
postgresql13-server-devel-debuginfo-13.8-150200.5.31.1
- SUSE Enterprise Storage 7 (noarch):
postgresql13-docs-13.8-150200.5.31.1
References:
https://www.suse.com/security/cve/CVE-2022-2625.html
https://bugzilla.suse.com/1198166
https://bugzilla.suse.com/1202368
1
0
SUSE-SU-2022:2875-2: important: Security update for the Linux Kernel
by opensuse-security@opensuse.org 01 Sep '22
by opensuse-security@opensuse.org 01 Sep '22
01 Sep '22
SUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:2875-2
Rating: important
References: #1178134 #1196616 #1198829 #1199364 #1199647
#1199665 #1199670 #1200015 #1200521 #1200598
#1200644 #1200651 #1200762 #1200910 #1201196
#1201206 #1201251 #1201381 #1201429 #1201442
#1201458 #1201635 #1201636 #1201644 #1201645
#1201664 #1201672 #1201673 #1201676 #1201846
#1201930 #1201940 #1201954 #1201956 #1201958
#1202154 SLE-24559
Cross-References: CVE-2020-36516 CVE-2020-36557 CVE-2020-36558
CVE-2021-33655 CVE-2021-33656 CVE-2022-1116
CVE-2022-1462 CVE-2022-20166 CVE-2022-21505
CVE-2022-2318 CVE-2022-26365 CVE-2022-2639
CVE-2022-29581 CVE-2022-32250 CVE-2022-33740
CVE-2022-33741 CVE-2022-33742 CVE-2022-36946
CVSS scores:
CVE-2020-36516 (NVD) : 5.9 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:L
CVE-2020-36516 (SUSE): 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
CVE-2020-36557 (NVD) : 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2020-36557 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2020-36558 (NVD) : 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2020-36558 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2021-33655 (NVD) : 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CVE-2021-33655 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2021-33656 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2021-33656 (SUSE): 6.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:H
CVE-2022-1116 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-1116 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-1462 (NVD) : 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H
CVE-2022-1462 (SUSE): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H
CVE-2022-20166 (NVD) : 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CVE-2022-20166 (SUSE): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
CVE-2022-21505 (SUSE): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CVE-2022-2318 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-2318 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-26365 (NVD) : 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
CVE-2022-26365 (SUSE): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
CVE-2022-2639 (SUSE): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
CVE-2022-29581 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-29581 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-32250 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-32250 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-33740 (NVD) : 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
CVE-2022-33740 (SUSE): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
CVE-2022-33741 (NVD) : 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
CVE-2022-33741 (SUSE): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
CVE-2022-33742 (NVD) : 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
CVE-2022-33742 (SUSE): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
CVE-2022-36946 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-36946 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products:
openSUSE Leap Micro 5.2
______________________________________________________________________________
An update that solves 18 vulnerabilities, contains one
feature and has 18 fixes is now available.
Description:
The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various
security and bugfixes.
The following security bugs were fixed:
- CVE-2020-36516: Fixed TCP session data injection vulnerability via the
mixed IPID assignment method (bnc#1196616).
- CVE-2020-36557: Fixed race condition between the VT_DISALLOCATE ioctl
and closing/opening of ttys that could lead to a use-after-free
(bnc#1201429).
- CVE-2020-36558: Fixed race condition involving VT_RESIZEX that could
lead to a NULL pointer dereference and general protection fault
(bnc#1200910).
- CVE-2021-33655: Fixed out of bounds write with ioctl FBIOPUT_VSCREENINFO
(bnc#1201635).
- CVE-2021-33656: Fixed out of bounds write with ioctl PIO_FONT
(bnc#1201636).
- CVE-2022-1116: Fixed a integer overflow vulnerability in io_uring which
allowed a local attacker to cause memory corruption and escalate
privileges to root (bnc#1199647).
- CVE-2022-1462: Fixed an out-of-bounds read flaw in the TeleTYpe
subsystem (bnc#1198829).
- CVE-2022-2318: Fixed a use-after-free vulnerabilities in the timer
handler in net/rose/rose_timer.c that allow attackers to crash the
system without any privileges (bsc#1201251).
- CVE-2022-2639: Fixed integer underflow that could lead to out-of-bounds
write in reserve_sfa_size() (bsc#1202154).
- CVE-2022-20166: Fixed possible out of bounds write due to sprintf
unsafety that could cause local escalation of privilege (bnc#1200598)
- CVE-2022-21505: Fixed kexec lockdown bypass with IMA policy
(bsc#1201458).
- CVE-2022-26365, CVE-2022-33740, CVE-2022-33741, CVE-2022-33742: Fixed
multiple potential data leaks with Block and Network devices when using
untrusted backends (bsc#1200762).
- CVE-2022-29581: Fixed improper update of Reference Count in net/sched
that could cause root privilege escalation (bnc#1199665).
- CVE-2022-32250: Fixed user-after-free in net/netfilter/nf_tables_api.c
that could allow local privilege escalation (bnc#1200015).
- CVE-2022-36946: Fixed incorrect packet truncation in nfqnl_mangle() that
could lead to remote DoS (bnc#1201940).
The following non-security bugs were fixed:
- ACPI: APEI: Better fix to avoid spamming the console with old error logs
(git-fixes).
- ACPI: CPPC: Do not prevent CPPC from working in the future (git-fixes).
- ACPI: video: Shortening quirk list by identifying Clevo by board_name
only (git-fixes).
- ALSA: hda - Add fixup for Dell Latitidue E5430 (git-fixes).
- ALSA: hda/conexant: Apply quirk for another HP ProDesk 600 G3 model
(git-fixes).
- ALSA: hda/realtek - Enable the headset-mic on a Xiaomi's laptop
(git-fixes).
- ALSA: hda/realtek - Fix headset mic problem for a HP machine with alc221
(git-fixes).
- ALSA: hda/realtek - Fix headset mic problem for a HP machine with alc671
(git-fixes).
- ASoC: Intel: Skylake: Correct the handling of fmt_config flexible array
(git-fixes).
- ASoC: Intel: Skylake: Correct the ssp rate discovery in
skl_get_ssp_clks() (git-fixes).
- ASoC: Remove unused hw_write_t type (git-fixes).
- ASoC: cs47l15: Fix event generation for low power mux control
(git-fixes).
- ASoC: madera: Fix event generation for OUT1 demux (git-fixes).
- ASoC: madera: Fix event generation for rate controls (git-fixes).
- ASoC: ops: Fix off by one in range control validation (git-fixes).
- ASoC: sgtl5000: Fix noise on shutdown/remove (git-fixes).
- ASoC: wm5110: Fix DRE control (git-fixes).
- Bluetooth: L2CAP: Fix use-after-free caused by l2cap_chan_put
(git-fixes).
- Bluetooth: hci_intel: Add check for platform_driver_register (git-fixes).
- FDDI: defxx: Bail out gracefully with unassigned PCI resource for CSR
(git-fixes).
- FDDI: defxx: Make MMIO the configuration default except for EISA
(git-fixes).
- Fixed a system crash related to the recent RETBLEED mitigation
(bsc#1201644, bsc#1201664, bsc#1201672, bsc#1201673, bsc#1201676).
- Fixed battery detection problem on macbooks (bnc#1201206).
- HID: cp2112: prevent a buffer overflow in cp2112_xfer() (git-fixes).
- KVM/emulate: Fix SETcc emulation function offsets with SLS (bsc#1201930).
- KVM: VMX: Add non-canonical check on writes to RTIT address MSRs
(git-fixes).
- KVM: VMX: Do not freeze guest when event delivery causes an APIC-access
exit (git-fixes).
- KVM: apic: avoid calculating pending eoi from an uninitialized val
(git-fixes).
- KVM: arm64: Avoid setting the upper 32 bits of TCR_EL2 and CPTR_EL2
(bsc#1201442)
- KVM: arm64: Fix definition of PAGE_HYP_DEVICE (git-fixes)
- KVM: emulate: do not adjust size of fastop and setcc subroutines
(bsc#1201930).
- KVM: nVMX: avoid NULL pointer dereference with incorrect EVMCS GPAs
(git-fixes).
- KVM: nVMX: handle nested posted interrupts when apicv is disabled for L1
(git-fixes).
- KVM: x86/pmu: Fix UBSAN shift-out-of-bounds warning in
intel_pmu_refresh() (git-fixes).
- KVM: x86: Do not let userspace set host-reserved cr4 bits (git-fixes).
- KVM: x86: Fix split-irqchip vs interrupt injection window request
(git-fixes).
- KVM: x86: Refactor prefix decoding to prevent Spectre-v1/L1TF attacks
(git-fixes).
- KVM: x86: Update vCPU's hv_clock before back to guest when tsc_offset is
adjusted (git-fixes).
- KVM: x86: handle !lapic_in_kernel case in kvm_cpu_*_extint (git-fixes).
- NFC: nxp-nci: do not print header length mismatch on i2c error
(git-fixes).
- PCI/portdrv: Do not disable AER reporting in
get_port_device_capability() (git-fixes).
- PCI: dwc: Add unroll iATU space support to dw_pcie_disable_atu()
(git-fixes).
- PCI: dwc: Always enable CDM check if "snps,enable-cdm-check" exists
(git-fixes).
- PCI: dwc: Deallocate EPC memory on dw_pcie_ep_init() errors (git-fixes).
- PCI: dwc: Disable outbound windows only for controllers using iATU
(git-fixes).
- PCI: dwc: Stop link on host_init errors and de-initialization
(git-fixes).
- PCI: qcom: Power on PHY before IPQ8074 DBI register accesses (git-fixes).
- PCI: qcom: Set up rev 2.1.0 PARF_PHY before enabling clocks (git-fixes).
- PCI: tegra194: Fix PM error handling in tegra_pcie_config_ep()
(git-fixes).
- PCI: tegra194: Fix Root Port interrupt handling (git-fixes).
- PCI: tegra194: Fix link up retry sequence (git-fixes).
- PM: runtime: Remove link state checks in rpm_get/put_supplier()
(git-fixes).
- Sort in RETbleed backport into the sorted section Now that it is
upstream..
- USB: Follow-up to SPDX identifiers addition - remove now useless
comments (git-fixes).
- USB: serial: fix tty-port initialized comments (git-fixes).
- USB: serial: ftdi_sio: add Belimo device ids (git-fixes).
- amd-xgbe: Update DMA coherency values (git-fixes).
- arm64 module: set plt* section addresses to 0x0 (git-fixes)
- arm64: Extend workaround for erratum 1024718 to all versions of
(git-fixes)
- arm64: asm: Add new-style position independent function annotations
(git-fixes)
- arm64: compat: Ensure upper 32 bits of x0 are zero on syscall return
(git-fixes)
- arm64: dts: marvell: armada-37xx: Set pcie_reset_pin to gpio function
(git-fixes)
- arm64: dts: marvell: espressobin: Add ethernet switch aliases (git-fixes)
- arm64: dts: marvell: espressobin: add ethernet alias (git-fixes)
- arm64: dts: mcbin: support 2W SFP modules (git-fixes)
- arm64: fix compat syscall return truncation (git-fixes)
- arm64: fix inline asm in load_unaligned_zeropad() (git-fixes)
- arm64: mm: Do not invalidate FROM_DEVICE buffers at start of DMA
(git-fixes)
- arm64: module: remove (NOLOAD) from linker script (git-fixes)
- arm64: module: rework special section handling (git-fixes)
- arm64: perf: Report the PC value in REGS_ABI_32 mode (git-fixes)
- arm64: ptrace: Consistently use pseudo-singlestep exceptions (git-fixes)
- arm64: ptrace: Override SPSR.SS when single-stepping is enabled
(git-fixes)
- arm64: stackleak: fix current_top_of_stack() (git-fixes)
- arm64: uprobe: Return EOPNOTSUPP for AARCH32 instruction probing
(git-fixes)
- arm64: vdso: Avoid ISB after reading from cntvct_el0 (git-fixes)
- ath10k: Fix error handling in ath10k_setup_msa_resources (git-fixes).
- ath10k: do not enforce interrupt trigger type (git-fixes).
- ax88179_178a: add ethtool_op_get_ts_info() (git-fixes).
- blk-zoned: allow BLKREPORTZONE without CAP_SYS_ADMIN (git-fixes).
- blk-zoned: allow zone management send operations without CAP_SYS_ADMIN
(git-fixes).
- block/compat_ioctl: fix range check in BLKGETSIZE (git-fixes).
- block: Fix fsync always failed if once failed (git-fixes).
- block: Fix wrong offset in bio_truncate() (git-fixes).
- block: bio-integrity: Advance seed correctly for larger interval sizes
(git-fixes).
- block: do not delete queue kobject before its children (git-fixes).
- block: drbd: drbd_nl: Make conversion to 'enum drbd_ret_code' explicit
(git-fixes).
- bpf, cpumap: Remove rcpu pointer from cpu_map_build_skb signature
(bsc#1199364).
- bpf: Add config to allow loading modules with BTF mismatches
(jsc#SLE-24559).
- bpf: Add in-kernel split BTF support (jsc#SLE-24559).
- bpf: Assign ID to vmlinux BTF and return extra info for BTF in
GET_OBJ_INFO (jsc#SLE-24559).
- bpf: Keep module's btf_data_size intact after load (jsc#SLE-24559).
- bpf: Load and verify kernel module BTFs (jsc#SLE-24559).
- bpf: Provide function to get vmlinux BTF information (jsc#SLE-24559).
- bpf: Sanitize BTF data pointer after module is loaded (jsc#SLE-24559).
- bus: hisi_lpc: fix missing platform_device_put() in
hisi_lpc_acpi_probe() (git-fixes).
- can: Break loopback loop on loopback documentation (git-fixes).
- can: error: specify the values of data[5..7] of CAN error frames
(git-fixes).
- can: gs_usb: gs_usb_open/close(): fix memory leak (git-fixes).
- can: hi311x: do not report txerr and rxerr during bus-off (git-fixes).
- can: kvaser_usb_hydra: do not report txerr and rxerr during bus-off
(git-fixes).
- can: kvaser_usb_leaf: do not report txerr and rxerr during bus-off
(git-fixes).
- can: pch_can: do not report txerr and rxerr during bus-off (git-fixes).
- can: pch_can: pch_can_error(): initialize errc before using it
(git-fixes).
- can: rcar_can: do not report txerr and rxerr during bus-off (git-fixes).
- can: sja1000: do not report txerr and rxerr during bus-off (git-fixes).
- can: sun4i_can: do not report txerr and rxerr during bus-off (git-fixes).
- can: usb_8dev: do not report txerr and rxerr during bus-off (git-fixes).
- clk: qcom: camcc-sdm845: Fix topology around titan_top power domain
(git-fixes).
- clk: qcom: clk-krait: unlock spin after mux completion (git-fixes).
- clk: qcom: ipq8074: SW workaround for UBI32 PLL lock (git-fixes).
- clk: qcom: ipq8074: fix NSS core PLL-s (git-fixes).
- clk: qcom: ipq8074: fix NSS port frequency tables (git-fixes).
- clk: qcom: ipq8074: set BRANCH_HALT_DELAY flag for UBI clocks
(git-fixes).
- clk: renesas: r9a06g032: Fix UART clkgrp bitsel (git-fixes).
- config: enable DEBUG_INFO_BTF This option allows users to access the btf
type information for vmlinux but not kernel modules.
- cpuidle: PSCI: Move the `has_lpi` check to the beginning of the
(git-fixes)
- crypto: qat - disable registration of algorithms (git-fixes).
- crypto: qat - fix memory leak in RSA (git-fixes).
- crypto: qat - remove dma_free_coherent() for DH (git-fixes).
- crypto: qat - remove dma_free_coherent() for RSA (git-fixes).
- crypto: qat - set to zero DH parameters before free (git-fixes).
- cxgb4: Fix the -Wmisleading-indentation warning (git-fixes).
- dm btree remove: assign new_root only when removal succeeds (git-fixes).
- dm btree remove: fix use after free in rebalance_children() (git-fixes).
- dm bufio: subtract the number of initial sectors in
dm_bufio_get_device_size (git-fixes).
- dm crypt: Avoid percpu_counter spinlock contention in crypt_page_alloc()
(git-fixes).
- dm crypt: fix get_key_size compiler warning if !CONFIG_KEYS (git-fixes).
- dm crypt: make printing of the key constant-time (git-fixes).
- dm integrity: conditionally disable "recalculate" feature (git-fixes).
- dm integrity: fix a crash if "recalculate" used without "internal_hash"
(git-fixes).
- dm integrity: fix error code in dm_integrity_ctr() (git-fixes).
- dm integrity: fix memory corruption when tag_size is less than digest
size (git-fixes).
- dm integrity: fix the maximum number of arguments (git-fixes).
- dm mirror log: round up region bitmap size to BITS_PER_LONG (git-fixes).
- dm persistent data: packed struct should have an aligned() attribute too
(git-fixes).
- dm raid: fix inconclusive reshape layout on fast raid4/5/6 table reload
sequences (git-fixes).
- dm snapshot: fix crash with transient storage and zero chunk size
(git-fixes).
- dm snapshot: flush merged data before committing metadata (git-fixes).
- dm snapshot: properly fix a crash when an origin has no snapshots
(git-fixes).
- dm space map common: fix division bug in sm_ll_find_free_block()
(git-fixes).
- dm stats: add cond_resched when looping over entries (git-fixes).
- dm verity: fix FEC for RS roots unaligned to block size (git-fixes).
- dm: fix mempool NULL pointer race when completing IO (git-fixes).
- dmaengine: at_xdma: handle errors of at_xdmac_alloc_desc() correctly
(git-fixes).
- dmaengine: imx-sdma: Allow imx8m for imx7 FW revs (git-fixes).
- dmaengine: pl330: Fix lockdep warning about non-static key (git-fixes).
- dmaengine: ti: Add missing put_device in ti_dra7_xbar_route_allocate
(git-fixes).
- dmaengine: ti: Fix refcount leak in ti_dra7_xbar_route_allocate
(git-fixes).
- do not call utsname() after ->nsproxy is NULL (bsc#1201196).
- drbd: fix potential silent data corruption (git-fixes).
- driver core: fix potential deadlock in __driver_attach (git-fixes).
- drivers/net: Fix kABI in tun.c (git-fixes).
- drivers: net: fix memory leak in atusb_probe (git-fixes).
- drivers: net: fix memory leak in peak_usb_create_dev (git-fixes).
- drm/amd/display: Enable building new display engine with KCOV enabled
(git-fixes).
- drm/bridge: tc358767: Make sure Refclk clock are enabled (git-fixes).
- drm/doc: Fix comment typo (git-fixes).
- drm/exynos/exynos7_drm_decon: free resources when clk_set_parent()
failed (git-fixes).
- drm/i915/gt: Serialize TLB invalidates with GT resets (git-fixes).
- drm/i915/selftests: fix a couple IS_ERR() vs NULL tests (git-fixes).
- drm/i915: fix a possible refcount leak in intel_dp_add_mst_connector()
(git-fixes).
- drm/mcde: Fix refcount leak in mcde_dsi_bind (git-fixes).
- drm/mediatek: Add pull-down MIPI operation in mtk_dsi_poweroff function
(git-fixes).
- drm/mediatek: dpi: Only enable dpi after the bridge is enabled
(git-fixes).
- drm/mediatek: dpi: Remove output format of YUV (git-fixes).
- drm/mipi-dbi: align max_chunk to 2 in spi_transfer (git-fixes).
- drm/msm/hdmi: enable core-vcc/core-vdda-supply for 8996 platform
(git-fixes).
- drm/msm/mdp5: Fix global state lock backoff (git-fixes).
- drm/nouveau: fix another off-by-one in nvbios_addr (git-fixes).
- drm/panfrost: Fix shrinker list corruption by madvise IOCTL (git-fixes).
- drm/panfrost: Put mapping instead of shmem obj on
panfrost_mmu_map_fault_addr() error (git-fixes).
- drm/radeon: fix incorrrect SPDX-License-Identifiers (git-fixes).
- drm/radeon: fix potential buffer overflow in
ni_set_mc_special_registers() (git-fixes).
- drm/rockchip: Fix an error handling path rockchip_dp_probe() (git-fixes).
- drm/rockchip: vop: Do not crash for invalid duplicate_state()
(git-fixes).
- drm/st7735r: Fix module autoloading for Okaya RH128128T (git-fixes).
- drm/vc4: dsi: Add correct stop condition to vc4_dsi_encoder_disable
iteration (git-fixes).
- drm/vc4: dsi: Correct DSI divider calculations (git-fixes).
- drm/vc4: dsi: Correct pixel order for DSI0 (git-fixes).
- drm/vc4: hdmi: Correct HDMI timing registers for interlaced modes
(git-fixes).
- drm/vc4: hdmi: Fix timings for interlaced modes (git-fixes).
- drm/vc4: plane: Fix margin calculations for the right/bottom edges
(git-fixes).
- drm/vc4: plane: Remove subpixel positioning check (git-fixes).
- drm: adv7511: override i2c address of cec before accessing it
(git-fixes).
- drm: bridge: adv7511: Add check for mipi_dsi_driver_register (git-fixes).
- drm: bridge: sii8620: fix possible off-by-one (git-fixes).
- fbcon: Disallow setting font bigger than screen size (git-fixes).
- fbcon: Prevent that screen size is smaller than font size (git-fixes).
- fbdev: fbmem: Fix logo center image dx issue (git-fixes).
- fbmem: Check virtual screen sizes in fb_set_var() (git-fixes).
- fpga: altera-pr-ip: fix unsigned comparison with less than zero
(git-fixes).
- ftgmac100: Restart MAC HW once (git-fixes).
- gpio: gpiolib-of: Fix refcount bugs in of_mm_gpiochip_add_data()
(git-fixes).
- gpio: pca953x: only use single read/write for No AI mode (git-fixes).
- gpio: pca953x: use the correct range when do regmap sync (git-fixes).
- gpio: pca953x: use the correct register address when regcache sync
during init (git-fixes).
- hex2bin: make the function hex_to_bin constant-time (git-fixes).
- hv_netvsc: Add (more) validation for untrusted Hyper-V values
(bsc#1199364).
- hv_netvsc: Add comment of netvsc_xdp_xmit() (bsc#1199364).
- hv_netvsc: Add support for XDP_REDIRECT (bsc#1199364).
- hv_netvsc: Copy packets sent by Hyper-V out of the receive buffer
(bsc#1199364).
- hv_netvsc: Fix validation in netvsc_linkstatus_callback() (bsc#1199364).
- i2c: Fix a potential use after free (git-fixes).
- i2c: cadence: Change large transfer count reset logic to be
unconditional (git-fixes).
- i2c: cadence: Support PEC for SMBus block read (git-fixes).
- i2c: cadence: Unregister the clk notifier in error path (git-fixes).
- i2c: mux-gpmux: Add of_node_put() when breaking out of loop (git-fixes).
- ida: do not use BUG_ON() for debugging (git-fixes).
- igb: Enable RSS for Intel I211 Ethernet Controller (git-fixes).
- iio: accel: bma220: Fix alignment for DMA safety (git-fixes).
- iio: accel: sca3000: Fix alignment for DMA safety (git-fixes).
- iio: adc: ad7266: Fix alignment for DMA safety (git-fixes).
- iio: adc: ad7298: Fix alignment for DMA safety (git-fixes).
- iio: adc: ad7476: Fix alignment for DMA safety (git-fixes).
- iio: adc: ad7766: Fix alignment for DMA safety (git-fixes).
- iio: adc: ad7768-1: Fix alignment for DMA safety (git-fixes).
- iio: adc: ad7887: Fix alignment for DMA safety (git-fixes).
- iio: adc: hi8435: Fix alignment for DMA safety (git-fixes).
- iio: adc: ltc2497: Fix alignment for DMA safety (git-fixes).
- iio: adc: max1027: Fix alignment for DMA safety (git-fixes).
- iio: adc: max11100: Fix alignment for DMA safety (git-fixes).
- iio: adc: max1118: Fix alignment for DMA safety (git-fixes).
- iio: adc: mcp320x: Fix alignment for DMA safety (git-fixes).
- iio: adc: ti-adc0832: Fix alignment for DMA safety (git-fixes).
- iio: adc: ti-adc084s021: Fix alignment for DMA safety (git-fixes).
- iio: adc: ti-adc12138: Fix alignment for DMA safety (git-fixes).
- iio: adc: ti-adc128s052: Fix alignment for DMA safety (git-fixes).
- iio: adc: ti-adc161s626: Fix alignment for DMA safety (git-fixes).
- iio: adc: ti-ads124s08: Fix alignment for DMA safety (git-fixes).
- iio: adc: ti-ads7950: Fix alignment for DMA safety (git-fixes).
- iio: adc: ti-ads8344: Fix alignment for DMA safety (git-fixes).
- iio: adc: ti-ads8688: Fix alignment for DMA safety (git-fixes).
- iio: adc: ti-tlc4541: Fix alignment for DMA safety (git-fixes).
- iio: amplifiers: ad8366: Fix alignment for DMA safety (git-fixes).
- iio: core: Fix IIO_ALIGN and rename as it was not sufficiently large
(git-fixes).
- iio: dac: ad5064: Fix alignment for DMA safety (git-fixes).
- iio: dac: ad5360: Fix alignment for DMA safety (git-fixes).
- iio: dac: ad5421: Fix alignment for DMA safety (git-fixes).
- iio: dac: ad5449: Fix alignment for DMA safety (git-fixes).
- iio: dac: ad5504: Fix alignment for DMA safety (git-fixes).
- iio: dac: ad5755: Fix alignment for DMA safety (git-fixes).
- iio: dac: ad5761: Fix alignment for DMA safety (git-fixes).
- iio: dac: ad5764: Fix alignment for DMA safety (git-fixes).
- iio: dac: ad5791: Fix alignment for DMA saftey (git-fixes).
- iio: dac: ad7303: Fix alignment for DMA safety (git-fixes).
- iio: dac: ad8801: Fix alignment for DMA safety (git-fixes).
- iio: dac: mcp4922: Fix alignment for DMA safety (git-fixes).
- iio: dac: ti-dac082s085: Fix alignment for DMA safety (git-fixes).
- iio: dac: ti-dac5571: Fix alignment for DMA safety (git-fixes).
- iio: dac: ti-dac7311: Fix alignment for DMA safety (git-fixes).
- iio: dac: ti-dac7612: Fix alignment for DMA safety (git-fixes).
- iio: frequency: ad9523: Fix alignment for DMA safety (git-fixes).
- iio: frequency: adf4350: Fix alignment for DMA safety (git-fixes).
- iio: frequency: adf4371: Fix alignment for DMA safety (git-fixes).
- iio: gyro: adis16080: Fix alignment for DMA safety (git-fixes).
- iio: gyro: adis16130: Fix alignment for DMA safety (git-fixes).
- iio: gyro: adxrs450: Fix alignment for DMA safety (git-fixes).
- iio: gyro: fxas210002c: Fix alignment for DMA safety (git-fixes).
- iio: light: isl29028: Fix the warning in isl29028_remove() (git-fixes).
- iio: potentiometer: ad5272: Fix alignment for DMA safety (git-fixes).
- iio: potentiometer: max5481: Fix alignment for DMA safety (git-fixes).
- iio: potentiometer: mcp41010: Fix alignment for DMA safety (git-fixes).
- iio: potentiometer: mcp4131: Fix alignment for DMA safety (git-fixes).
- iio: proximity: as3935: Fix alignment for DMA safety (git-fixes).
- iio: resolver: ad2s1200: Fix alignment for DMA safety (git-fixes).
- iio: resolver: ad2s90: Fix alignment for DMA safety (git-fixes).
- ima: Fix a potential integer overflow in ima_appraise_measurement
(git-fixes).
- ima: Fix potential memory leak in ima_init_crypto() (git-fixes).
- intel_th: Fix a resource leak in an error handling path (git-fixes).
- intel_th: msu-sink: Potential dereference of null pointer (git-fixes).
- intel_th: msu: Fix vmalloced buffers (git-fixes).
- kABI workaround for rtsx_usb (git-fixes).
- kabi: create module private struct to hold btf size/data (jsc#SLE-24559).
- kbuild: Build kernel module BTFs if BTF is enabled and pahole supports
it (jsc#SLE-24559).
- kbuild: Skip module BTF generation for out-of-tree external modules
(jsc#SLE-24559).
- kbuild: add marker for build log of *.mod.o (jsc#SLE-24559).
- kbuild: drop $(wildcard $^) check in if_changed* for faster rebuild
(jsc#SLE-24559).
- kbuild: rebuild modules when module linker scripts are updated
(jsc#SLE-24559).
- kbuild: rename any-prereq to newer-prereqs (jsc#SLE-24559).
- kbuild: split final module linking out into Makefile.modfinal
(jsc#SLE-24559).
- lib/string.c: implement stpcpy (git-fixes).
- linux/random.h: Mark CONFIG_ARCH_RANDOM functions __must_check
(git-fixes).
- linux/random.h: Remove arch_has_random, arch_has_random_seed (git-fixes).
- linux/random.h: Use false with bool (git-fixes).
- lkdtm: Disable return thunks in rodata.c (bsc#1178134).
- macvlan: remove redundant null check on data (git-fixes).
- md/bitmap: wait for external bitmap writes to complete during tear down
(git-fixes).
- md/raid0: Ignore RAID0 layout if the second zone has only one device
(git-fixes).
- md: Set prev_flush_start and flush_bio in an atomic way (git-fixes).
- md: bcache: check the return value of kzalloc() in
detached_dev_do_request() (git-fixes).
- media: hdpvr: fix error value returns in hdpvr_read (git-fixes).
- media: rc: increase rc-mm tolerance and add debug message (git-fixes).
- media: rtl28xxu: Add support for PROlectrix DV107669 DVB-T dongle
(git-fixes).
- media: rtl28xxu: add missing sleep before probing slave demod
(git-fixes).
- media: rtl28xxu: set keymap for Astrometa DVB-T2 (git-fixes).
- media: smipcie: fix interrupt handling and IR timeout (git-fixes).
- media: tw686x: Register the irq at the end of probe (git-fixes).
- media: usb: dvb-usb-v2: rtl28xxu: convert to use i2c_new_client_device()
(git-fixes).
- media: v4l2-mem2mem: always consider OUTPUT queue during poll
(git-fixes).
- media: v4l2-mem2mem: reorder checks in v4l2_m2m_poll() (git-fixes).
- mediatek: mt76: mac80211: Fix missing of_node_put() in mt76_led_init()
(git-fixes).
- memregion: Fix memregion_free() fallback definition (git-fixes).
- memstick/ms_block: Fix a memory leak (git-fixes).
- memstick/ms_block: Fix some incorrect memory allocation (git-fixes).
- meson-mx-socinfo: Fix refcount leak in meson_mx_socinfo_init (git-fixes).
- misc: rtsx: Fix an error handling path in rtsx_pci_probe() (git-fixes).
- misc: rtsx_usb: fix use of dma mapped buffer for usb bulk transfer
(git-fixes).
- misc: rtsx_usb: set return value in rsp_buf alloc err path (git-fixes).
- misc: rtsx_usb: use separate command and response buffers (git-fixes).
- mm/slub: add missing TID updates on slab deactivation (git-fixes).
- mm: fix page reference leak in soft_offline_page() (git fixes
(mm/memory-failure)).
- mmc: cavium-octeon: Add of_node_put() when breaking out of loop
(git-fixes).
- mmc: cavium-thunderx: Add of_node_put() when breaking out of loop
(git-fixes).
- mmc: sdhci-of-at91: fix set_uhs_signaling rewriting of MC1R (git-fixes).
- mmc: sdhci-of-esdhc: Fix refcount leak in esdhc_signal_voltage_switch
(git-fixes).
- mt7601u: add USB device ID for some versions of XiaoDu WiFi Dongle
(git-fixes).
- mt76: mt76x02u: fix possible memory leak in __mt76x02u_mcu_send_msg
(git-fixes).
- net, xdp: Introduce __xdp_build_skb_from_frame utility routine
(bsc#1199364).
- net, xdp: Introduce xdp_build_skb_from_frame utility routine
(bsc#1199364).
- net/mlx5e: When changing XDP program without reset, take refs for XSK
RQs (git-fixes).
- net/sonic: Fix some resource leaks in error handling paths (git-fixes).
- net: ag71xx: remove unnecessary MTU reservation (git-fixes).
- net: allwinner: Fix some resources leak in the error handling path of
the probe and in the remove function (git-fixes).
- net: amd-xgbe: Fix NETDEV WATCHDOG transmit queue timeout warning
(git-fixes).
- net: amd-xgbe: Fix network fluctuations when using 1G BELFUSE SFP
(git-fixes).
- net: amd-xgbe: Reset link when the link never comes back (git-fixes).
- net: amd-xgbe: Reset the PHY rx data path when mailbox command timeout
(git-fixes).
- net: axienet: Handle deferred probe on clock properly (git-fixes).
- net: dsa: bcm_sf2: Qualify phydev->dev_flags based on port (git-fixes).
- net: dsa: bcm_sf2: put device node before return (git-fixes).
- net: dsa: lantiq_gswip: Exclude RMII from modes that report 1 GbE
(git-fixes).
- net: dsa: lantiq_gswip: Let GSWIP automatically set the xMII clock
(git-fixes).
- net: enetc: fix incorrect TPID when receiving 802.1ad tagged packets
(git-fixes).
- net: enetc: keep RX ring consumer index in sync with hardware
(git-fixes).
- net: evaluate net.ipv4.conf.all.proxy_arp_pvlan (git-fixes).
- net: evaluate net.ipvX.conf.all.ignore_routes_with_linkdown (git-fixes).
- net: hns3: fix error mask definition of flow director (git-fixes).
- net: hso: bail out on interrupt URB allocation failure (git-fixes).
- net: lapbether: Remove netif_start_queue / netif_stop_queue (git-fixes).
- net: ll_temac: Fix potential NULL dereference in temac_probe()
(git-fixes).
- net: ll_temac: Use devm_platform_ioremap_resource_byname() (git-fixes).
- net: macb: add function to disable all macb clocks (git-fixes).
- net: macb: restore cmp registers on resume path (git-fixes).
- net: macb: unprepare clocks in case of failure (git-fixes).
- net: mscc: Fix OF_MDIO config check (git-fixes).
- net: mvneta: Remove per-cpu queue mapping for Armada 3700 (git-fixes).
- net: rose: fix UAF bug caused by rose_t0timer_expiry (git-fixes).
- net: stmmac: dwmac-sun8i: Provide TX and RX fifo sizes (git-fixes).
- net: stmmac: dwmac1000: provide multicast filter fallback (git-fixes).
- net: stmmac: fix CBS idleslope and sendslope calculation (git-fixes).
- net: stmmac: fix incorrect DMA channel intr enable setting of EQoS v4.10
(git-fixes).
- net: stmmac: fix watchdog timeout during suspend/resume stress test
(git-fixes).
- net: stmmac: stop each tx channel independently (git-fixes).
- net: tun: set tun->dev->addr_len during TUNSETLINK processing
(git-fixes).
- net: usb: ax88179_178a: add Allied Telesis AT-UMCs (git-fixes).
- net: usb: ax88179_178a: add MCT usb 3.0 adapter (git-fixes).
- net: usb: ax88179_178a: add Toshiba usb 3.0 adapter (git-fixes).
- net: usb: ax88179_178a: remove redundant assignment to variable ret
(git-fixes).
- net: usb: ax88179_178a: write mac to hardware in get_mac_addr
(git-fixes).
- net: usb: qmi_wwan: add Telit 0x1060 composition (git-fixes).
- net: usb: qmi_wwan: add Telit 0x1070 composition (git-fixes).
- net: usb: use eth_hw_addr_set() (git-fixes).
- nvme: consider also host_iface when checking ip options (bsc#1199670).
- octeontx2-af: fix memory leak of lmac and lmac->name (git-fixes).
- pinctrl: sunxi: a83t: Fix NAND function name for some pins (git-fixes).
- pinctrl: sunxi: sunxi_pconf_set: use correct offset (git-fixes).
- platform/olpc: Fix uninitialized data in debugfs write (git-fixes).
- platform/x86: hp-wmi: Ignore Sanitization Mode event (git-fixes).
- power/reset: arm-versatile: Fix refcount leak in versatile_reboot_probe
(git-fixes).
- powerpc/mobility: wait for memory transfer to complete (bsc#1201846
ltc#198761).
- powerpc/pseries/mobility: set NMI watchdog factor during an LPM
(bsc#1201846 ltc#198761).
- powerpc/watchdog: introduce a NMI watchdog's factor (bsc#1201846
ltc#198761).
- profiling: fix shift-out-of-bounds bugs (git fixes).
- qla2xxx: drop patch which prevented nvme port discovery (bsc#1200651
bsc#1200644 bsc#1201954 bsc#1201958).
- r8169: fix accessing unset transport header (git-fixes).
- random: document add_hwgenerator_randomness() with other input functions
(git-fixes).
- random: fix typo in comments (git-fixes).
- random: remove useless header comment (git fixes).
- raw: Fix a data-race around sysctl_raw_l3mdev_accept (git-fixes).
- regulator: of: Fix refcount leak bug in of_get_regulation_constraints()
(git-fixes).
- rpm/kernel-binary.spec.in: Require dwarves >= 1.22 on SLE15-SP3 or newer
Dwarves 1.22 or newer is required to build kernels with BTF information
embedded in modules.
- sched/debug: Remove mpol_get/put and task_lock/unlock from (git-fixes)
- sched/fair: Revise comment about lb decision matrix (git fixes
(sched/fair)).
- sched/membarrier: fix missing local execution of ipi_sync_rq_state()
(git fixes (sched/membarrier)).
- scripts: dummy-tools, add pahole (jsc#SLE-24559).
- scsi: core: Fix error handling of scsi_host_alloc() (git-fixes).
- scsi: core: Fix failure handling of scsi_add_host_with_dma() (git-fixes).
- scsi: core: Only put parent device if host state differs from
SHOST_CREATED (git-fixes).
- scsi: core: Put .shost_dev in failure path if host state changes to
RUNNING (git-fixes).
- scsi: core: Put LLD module refcnt after SCSI device is released
(git-fixes).
- scsi: core: Retry I/O for Notify (Enable Spinup) Required error
(git-fixes).
- scsi: lpfc: Copyright updates for 14.2.0.5 patches (bsc#1201956).
- scsi: lpfc: Fix attempted FA-PWWN usage after feature disable
(bsc#1201956).
- scsi: lpfc: Fix lost NVMe paths during LIF bounce stress test
(bsc#1201956 bsc#1200521).
- scsi: lpfc: Fix possible memory leak when failing to issue CMF WQE
(bsc#1201956).
- scsi: lpfc: Fix uninitialized cqe field in lpfc_nvme_cancel_iocb()
(bsc#1201956).
- scsi: lpfc: Prevent buffer overflow crashes in debugfs with malformed
user input (bsc#1201956).
- scsi: lpfc: Refactor lpfc_nvmet_prep_abort_wqe() into
lpfc_sli_prep_abort_xri() (bsc#1201956).
- scsi: lpfc: Remove Menlo/Hornet related code (bsc#1201956).
- scsi: lpfc: Remove extra atomic_inc on cmd_pending in queuecommand after
VMID (bsc#1201956).
- scsi: lpfc: Revert RSCN_MEMENTO workaround for misbehaved configuration
(bsc#1201956).
- scsi: lpfc: Set PU field when providing D_ID in XMIT_ELS_RSP64_CX iocb
(bsc#1201956).
- scsi: lpfc: Update lpfc version to 14.2.0.5 (bsc#1201956).
- scsi: qla2xxx: Check correct variable in qla24xx_async_gffid()
(bsc#1201958).
- scsi: qla2xxx: Fix discovery issues in FC-AL topology (bsc#1201958).
- scsi: qla2xxx: Fix imbalance vha->vref_count (bsc#1201958).
- scsi: qla2xxx: Fix incorrect display of max frame size (bsc#1201958).
- scsi: qla2xxx: Fix response queue handler reading stale packets
(bsc#1201958).
- scsi: qla2xxx: Fix sparse warning for dport_data (bsc#1201958).
- scsi: qla2xxx: Update manufacturer details (bsc#1201958).
- scsi: qla2xxx: Update version to 10.02.07.800-k (bsc#1201958).
- scsi: qla2xxx: Zero undefined mailbox IN registers (bsc#1201958).
- scsi: qla2xxx: edif: Fix dropped IKE message (bsc#1201958).
- scsi: scsi_debug: Sanity check block descriptor length in
resp_mode_select() (git-fixes).
- scsi: sd: Fix potential NULL pointer dereference (git-fixes).
- scsi: ufs: Release clock if DMA map fails (git-fixes).
- scsi: ufs: handle cleanup correctly on devm_reset_control_get error
(git-fixes).
- serial: 8250: fix return error code in serial8250_request_std_resource()
(git-fixes).
- serial: pl011: UPSTAT_AUTORTS requires .throttle/unthrottle (git-fixes).
- serial: stm32: Clear prev values before setting RTS delays (git-fixes).
- soc: fsl: guts: machine variable might be unset (git-fixes).
- soc: ixp4xx/npe: Fix unused match warning (git-fixes).
- soundwire: bus_type: fix remove and shutdown support (git-fixes).
- spi: <linux/spi/spi.h>: add missing struct kernel-doc entry
(git-fixes).
- spi: amd: Limit max transfer and message size (git-fixes).
- staging: rtl8192u: Fix sleep in atomic context bug in
dm_fsync_timer_callback (git-fixes).
- sysctl: Fix data races in proc_dointvec() (git-fixes).
- sysctl: Fix data races in proc_dointvec_jiffies() (git-fixes).
- sysctl: Fix data races in proc_dointvec_minmax() (git-fixes).
- sysctl: Fix data races in proc_douintvec() (git-fixes).
- sysctl: Fix data races in proc_douintvec_minmax() (git-fixes).
- sysctl: Fix data-races in proc_dointvec_ms_jiffies() (git-fixes).
- thermal/tools/tmon: Include pthread and time headers in tmon.h
(git-fixes).
- tick/nohz: Use WARN_ON_ONCE() to prevent console saturation (git fixes
(kernel/time)).
- usb: dwc3: add cancelled reasons for dwc3 requests (git-fixes).
- usb: dwc3: gadget: Fix event pending check (git-fixes).
- usb: gadget: udc: amd5536 depends on HAS_DMA (git-fixes).
- usb: host: Fix refcount leak in ehci_hcd_ppc_of_probe (git-fixes).
- usb: host: xhci: use snprintf() in xhci_decode_trb() (git-fixes).
- usb: ohci-nxp: Fix refcount leak in ohci_hcd_nxp_probe (git-fixes).
- usb: typec: add missing uevent when partner support PD (git-fixes).
- usb: typec: ucsi: Acknowledge the GET_ERROR_STATUS command completion
(git-fixes).
- usb: xhci: tegra: Fix error check (git-fixes).
- usbnet: fix memory leak in error case (git-fixes).
- video: of_display_timing.h: include errno.h (git-fixes).
- virtio-gpu: fix a missing check to avoid NULL dereference (git-fixes).
- virtio-net: fix the race between refill work and close (git-fixes).
- virtio_mmio: Add missing PM calls to freeze/restore (git-fixes).
- virtio_mmio: Restore guest page size on resume (git-fixes).
- watchdog: export lockup_detector_reconfigure (bsc#1201846 ltc#198761).
- wifi: iwlegacy: 4965: fix potential off-by-one overflow in
il4965_rs_fill_link_cmd() (git-fixes).
- wifi: iwlwifi: mvm: fix double list_add at iwl_mvm_mac_wake_tx_queue
(git-fixes).
- wifi: libertas: Fix possible refcount leak in if_usb_probe() (git-fixes).
- wifi: mac80211: fix queue selection for mesh/OCB interfaces (git-fixes).
- wifi: p54: Fix an error handling path in p54spi_probe() (git-fixes).
- wifi: p54: add missing parentheses in p54_flush() (git-fixes).
- wifi: rtlwifi: fix error codes in rtl_debugfs_set_write_h2c()
(git-fixes).
- wifi: wil6210: debugfs: fix info leak in wil_write_file_wmi()
(git-fixes).
- wifi: wil6210: debugfs: fix uninitialized variable use in
`wil_write_file_wmi()` (git-fixes).
- x86/bugs: Remove apostrophe typo (bsc#1178134).
- x86/kvmclock: Move this_cpu_pvti into kvmclock.h (git-fixes).
- x86/retbleed: Add fine grained Kconfig knobs (bsc#1178134).
- xen/netback: avoid entering xenvif_rx_next_skb() with an empty rx queue
(bsc#1201381).
- xen: detect uninitialized xenbus in xenbus_init (git-fixes).
- xen: do not continue xenstore initialization in case of errors
(git-fixes).
Special Instructions and Notes:
Please reboot the system after installing this update.
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap Micro 5.2:
zypper in -t patch openSUSE-Leap-Micro-5.2-2022-2875=1
Package List:
- openSUSE Leap Micro 5.2 (aarch64 x86_64):
kernel-default-5.3.18-150300.59.90.1
kernel-default-base-5.3.18-150300.59.90.1.150300.18.52.1
kernel-default-debuginfo-5.3.18-150300.59.90.1
kernel-default-debugsource-5.3.18-150300.59.90.1
References:
https://www.suse.com/security/cve/CVE-2020-36516.html
https://www.suse.com/security/cve/CVE-2020-36557.html
https://www.suse.com/security/cve/CVE-2020-36558.html
https://www.suse.com/security/cve/CVE-2021-33655.html
https://www.suse.com/security/cve/CVE-2021-33656.html
https://www.suse.com/security/cve/CVE-2022-1116.html
https://www.suse.com/security/cve/CVE-2022-1462.html
https://www.suse.com/security/cve/CVE-2022-20166.html
https://www.suse.com/security/cve/CVE-2022-21505.html
https://www.suse.com/security/cve/CVE-2022-2318.html
https://www.suse.com/security/cve/CVE-2022-26365.html
https://www.suse.com/security/cve/CVE-2022-2639.html
https://www.suse.com/security/cve/CVE-2022-29581.html
https://www.suse.com/security/cve/CVE-2022-32250.html
https://www.suse.com/security/cve/CVE-2022-33740.html
https://www.suse.com/security/cve/CVE-2022-33741.html
https://www.suse.com/security/cve/CVE-2022-33742.html
https://www.suse.com/security/cve/CVE-2022-36946.html
https://bugzilla.suse.com/1178134
https://bugzilla.suse.com/1196616
https://bugzilla.suse.com/1198829
https://bugzilla.suse.com/1199364
https://bugzilla.suse.com/1199647
https://bugzilla.suse.com/1199665
https://bugzilla.suse.com/1199670
https://bugzilla.suse.com/1200015
https://bugzilla.suse.com/1200521
https://bugzilla.suse.com/1200598
https://bugzilla.suse.com/1200644
https://bugzilla.suse.com/1200651
https://bugzilla.suse.com/1200762
https://bugzilla.suse.com/1200910
https://bugzilla.suse.com/1201196
https://bugzilla.suse.com/1201206
https://bugzilla.suse.com/1201251
https://bugzilla.suse.com/1201381
https://bugzilla.suse.com/1201429
https://bugzilla.suse.com/1201442
https://bugzilla.suse.com/1201458
https://bugzilla.suse.com/1201635
https://bugzilla.suse.com/1201636
https://bugzilla.suse.com/1201644
https://bugzilla.suse.com/1201645
https://bugzilla.suse.com/1201664
https://bugzilla.suse.com/1201672
https://bugzilla.suse.com/1201673
https://bugzilla.suse.com/1201676
https://bugzilla.suse.com/1201846
https://bugzilla.suse.com/1201930
https://bugzilla.suse.com/1201940
https://bugzilla.suse.com/1201954
https://bugzilla.suse.com/1201956
https://bugzilla.suse.com/1201958
https://bugzilla.suse.com/1202154
1
0
SUSE-SU-2022:2251-2: moderate: Security update for openssl-1_1
by opensuse-security@opensuse.org 01 Sep '22
by opensuse-security@opensuse.org 01 Sep '22
01 Sep '22
SUSE Security Update: Security update for openssl-1_1
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:2251-2
Rating: moderate
References: #1185637 #1199166 #1200550
Cross-References: CVE-2022-1292 CVE-2022-2068
CVSS scores:
CVE-2022-1292 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-1292 (SUSE): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CVE-2022-2068 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-2068 (SUSE): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Affected Products:
openSUSE Leap Micro 5.2
______________________________________________________________________________
An update that solves two vulnerabilities and has one
errata is now available.
Description:
This update for openssl-1_1 fixes the following issues:
- CVE-2022-1292: Fixed command injection in c_rehash (bsc#1199166).
- CVE-2022-2068: Fixed more shell code injection issues in c_rehash.
(bsc#1200550)
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap Micro 5.2:
zypper in -t patch openSUSE-Leap-Micro-5.2-2022-2251=1
Package List:
- openSUSE Leap Micro 5.2 (aarch64 x86_64):
libopenssl-1_1-devel-1.1.1d-150200.11.48.1
libopenssl1_1-1.1.1d-150200.11.48.1
libopenssl1_1-debuginfo-1.1.1d-150200.11.48.1
libopenssl1_1-hmac-1.1.1d-150200.11.48.1
openssl-1_1-1.1.1d-150200.11.48.1
openssl-1_1-debuginfo-1.1.1d-150200.11.48.1
openssl-1_1-debugsource-1.1.1d-150200.11.48.1
References:
https://www.suse.com/security/cve/CVE-2022-1292.html
https://www.suse.com/security/cve/CVE-2022-2068.html
https://bugzilla.suse.com/1185637
https://bugzilla.suse.com/1199166
https://bugzilla.suse.com/1200550
1
0
SUSE-SU-2022:2960-2: moderate: Security update for ucode-intel
by opensuse-security@opensuse.org 01 Sep '22
by opensuse-security@opensuse.org 01 Sep '22
01 Sep '22
SUSE Security Update: Security update for ucode-intel
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:2960-2
Rating: moderate
References: #1201727
Cross-References: CVE-2022-21233
CVSS scores:
CVE-2022-21233 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CVE-2022-21233 (SUSE): 6 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
Affected Products:
openSUSE Leap Micro 5.2
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for ucode-intel fixes the following issues:
Updated to Intel CPU Microcode 20220809 release (bsc#1201727):
- CVE-2022-21233: Fixed an issue where stale data may have been leaked
from the legacy xAPIC MMIO region, which could be used to compromise an
SGX enclave (INTEL-SA-00657). See also:
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-0
0657.html
Other fixes:
- Update for functional issues. See also:
https://www.intel.com/content/www/us/en/processors/xeon/scalable/xeon-scala
ble-spec-update.html?wapkw=processor+specification+update
- Updated Platforms:
| Processor | Stepping | F-M-S/PI | Old Ver | New Ver |
Products
|:---------------|:---------|:------------|:---------|:---------|:---------
| SKX-SP | B1 | 06-55-03/97 | 0100015d | 0100015e | Xeon
Scalable | SKX-SP | H0/M0/U0 | 06-55-04/b7 | 02006d05 | 02006e05 |
Xeon Scalable | SKX-D | M1 | 06-55-04/b7 | 02006d05 |
02006e05 | Xeon D-21xx | ICX-SP | D0 | 06-6a-06/87 |
0d000363 | 0d000375 | Xeon Scalable Gen3 | GLK | B0 |
06-7a-01/01 | 0000003a | 0000003c | Pentium Silver N/J5xxx, Celeron
N/J4xxx | GLK-R | R0 | 06-7a-08/01 | 0000001e | 00000020 |
Pentium J5040/N5030, Celeron J4125/J4025/N4020/N4120 | ICL-U/Y |
D1 | 06-7e-05/80 | 000000b0 | 000000b2 | Core Gen10 Mobile |
TGL-R | C0 | 06-8c-02/c2 | 00000026 | 00000028 | Core Gen11
Mobile | TGL-H | R0 | 06-8d-01/c2 | 0000003e | 00000040 |
Core Gen11 Mobile | RKL-S | B0 | 06-a7-01/02 | 00000053 |
00000054 | Core Gen11 | ADL | C0 | 06-97-02/03 | 0000001f
| 00000022 | Core Gen12 | ADL | C0 | 06-97-05/03 |
0000001f | 00000022 | Core Gen12 | ADL | L0 | 06-9a-03/80
| 0000041c | 00000421 | Core Gen12 | ADL | L0 |
06-9a-04/80 | 0000041c | 00000421 | Core Gen12 | ADL | C0
| 06-bf-02/03 | 0000001f | 00000022 | Core Gen12 | ADL |
C0 | 06-bf-05/03 | 0000001f | 00000022 | Core Gen12
------------------------------------------------------------------
Special Instructions and Notes:
Please reboot the system after installing this update.
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap Micro 5.2:
zypper in -t patch openSUSE-Leap-Micro-5.2-2022-2960=1
Package List:
- openSUSE Leap Micro 5.2 (x86_64):
ucode-intel-20220809-150200.18.1
References:
https://www.suse.com/security/cve/CVE-2022-21233.html
https://bugzilla.suse.com/1201727
1
0
SUSE-SU-2022:2178-2: important: Security update for salt
by opensuse-security@opensuse.org 01 Sep '22
by opensuse-security@opensuse.org 01 Sep '22
01 Sep '22
SUSE Security Update: Security update for salt
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:2178-2
Rating: important
References: #1200566
Cross-References: CVE-2022-22967
CVSS scores:
CVE-2022-22967 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-22967 (SUSE): 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products:
openSUSE Leap Micro 5.2
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for salt fixes the following issues:
- CVE-2022-22967: Fixed missing check for PAM_ACCT_MGM return value that
could be used to bypass PAM authentication (bsc#1200566)
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap Micro 5.2:
zypper in -t patch openSUSE-Leap-Micro-5.2-2022-2178=1
Package List:
- openSUSE Leap Micro 5.2 (aarch64 x86_64):
python3-salt-3004-150300.53.24.1
salt-3004-150300.53.24.1
salt-minion-3004-150300.53.24.1
salt-transactional-update-3004-150300.53.24.1
References:
https://www.suse.com/security/cve/CVE-2022-22967.html
https://bugzilla.suse.com/1200566
1
0
SUSE-SU-2022:2533-2: important: Security update for mozilla-nss
by opensuse-security@opensuse.org 01 Sep '22
by opensuse-security@opensuse.org 01 Sep '22
01 Sep '22
SUSE Security Update: Security update for mozilla-nss
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:2533-2
Rating: important
References: #1192079 #1192080 #1192086 #1192087 #1192228
#1198486 #1200027
Cross-References: CVE-2022-31741
CVSS scores:
CVE-2022-31741 (SUSE): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected Products:
openSUSE Leap Micro 5.2
______________________________________________________________________________
An update that solves one vulnerability and has 6 fixes is
now available.
Description:
This update for mozilla-nss fixes the following issues:
Various FIPS 140-3 related fixes were backported from SUSE Linux
Enterprise 15 SP4:
- Makes the PBKDF known answer test compliant with NIST SP800-132.
(bsc#1192079).
- FIPS: Add on-demand integrity tests through
sftk_FIPSRepeatIntegrityCheck() (bsc#1198980).
- FIPS: mark algorithms as approved/non-approved according to security
policy (bsc#1191546, bsc#1201298).
- FIPS: remove hard disabling of unapproved algorithms. This requirement
is now fulfilled by the service level indicator (bsc#1200325).
- Run test suite at build time, and make it pass (bsc#1198486).
- FIPS: skip algorithms that are hard disabled in FIPS mode.
- Prevent expired PayPalEE cert from failing the tests.
- Allow checksumming to be disabled, but only if we entered FIPS mode due
to NSS_FIPS being set, not if it came from /proc.
- FIPS: Make the PBKDF known answer test compliant with NIST SP800-132.
- Update FIPS validation string to version-release format.
- FIPS: remove XCBC MAC from list of FIPS approved algorithms.
- Enable NSS_ENABLE_FIPS_INDICATORS and set NSS_FIPS_MODULE_ID for build.
- FIPS: claim 3DES unapproved in FIPS mode (bsc#1192080).
- FIPS: allow testing of unapproved algorithms (bsc#1192228).
- FIPS: add version indicators. (bmo#1729550, bsc#1192086).
- FIPS: fix some secret clearing (bmo#1697303, bsc#1192087).
Version update to NSS 3.79:
- Use PK11_GetSlotInfo instead of raw C_GetSlotInfo calls.
- Update mercurial in clang-format docker image.
- Use of uninitialized pointer in lg_init after alloc fail.
- selfserv and tstclnt should use PR_GetPrefLoopbackAddrInfo.
- Add SECMOD_LockedModuleHasRemovableSlots.
- Fix secasn1d parsing of indefinite SEQUENCE inside indefinite GROUP.
- Added RFC8422 compliant TLS <= 1.2 undefined/compressed ECPointFormat
extension alerts.
- TLS 1.3 Server: Send protocol_version alert on unsupported
ClientHello.legacy_version.
- Correct invalid record inner and outer content type alerts.
- NSS does not properly import or export pkcs12 files with large passwords
and pkcs5v2 encoding.
- improve error handling after nssCKFWInstance_CreateObjectHandle.
- Initialize pointers passed to NSS_CMSDigestContext_FinishMultiple.
- NSS 3.79 should depend on NSPR 4.34
Version update to NSS 3.78.1:
- Initialize pointers passed to NSS_CMSDigestContext_FinishMultiple
Version update to NSS 3.78:
- Added TLS 1.3 zero-length inner plaintext checks and tests, zero-length
record/fragment handling tests.
- Reworked overlong record size checks and added TLS1.3 specific
boundaries.
- Add ECH Grease Support to tstclnt
- Add a strict variant of moz::pkix::CheckCertHostname.
- Change SSL_REUSE_SERVER_ECDHE_KEY default to false.
- Make SEC_PKCS12EnableCipher succeed
- Update zlib in NSS to 1.2.12.
Version update to NSS 3.77:
- Fix link to TLS page on wireshark wiki
- Add two D-TRUST 2020 root certificates.
- Add Telia Root CA v2 root certificate.
- Remove expired explicitly distrusted certificates from certdata.txt.
- support specific RSA-PSS parameters in mozilla::pkix
- Remove obsolete stateEnd check in SEC_ASN1DecoderUpdate.
- Remove token member from NSSSlot struct.
- Provide secure variants of mpp_pprime and mpp_make_prime.
- Support UTF-8 library path in the module spec string.
- Update nssUTF8_Length to RFC 3629 and fix buffer overrun.
- Update googletest to 1.11.0
- Add SetTls13GreaseEchSize to experimental API.
- TLS 1.3 Illegal legacy_version handling/alerts.
- Fix calculation of ECH HRR Transcript.
- Allow ld path to be set as environment variable.
- Ensure we don't read uninitialized memory in ssl gtests.
- Fix DataBuffer Move Assignment.
- internal_error alert on Certificate Request with sha1+ecdsa in TLS 1.3
- rework signature verification in mozilla::pkix
Version update to NSS 3.76.1
- Remove token member from NSSSlot struct.
- Hold tokensLock through nssToken_GetSlot calls in
nssTrustDomain_GetActiveSlots.
- Check return value of PK11Slot_GetNSSToken.
- Use Wycheproof JSON for RSASSA-PSS
- Add SHA256 fingerprint comments to old certdata.txt entries.
- Avoid truncating files in nss-release-helper.py.
- Throw illegal_parameter alert for illegal extensions in handshake
message.
Version update to NSS 3.75
- Make DottedOIDToCode.py compatible with python3.
- Avoid undefined shift in SSL_CERT_IS while fuzzing.
- Remove redundant key type check.
- Update ABI expectations to match ECH changes.
- Enable CKM_CHACHA20.
- check return on NSS_NoDB_Init and NSS_Shutdown.
- Run ECDSA test vectors from bltest as part of the CI tests.
- Add ECDSA test vectors to the bltest command line tool.
- Allow to build using clang's integrated assembler.
- Allow to override python for the build.
- test HKDF output rather than input.
- Use ASSERT macros to end failed tests early.
- move assignment operator for DataBuffer.
- Add test cases for ECH compression and unexpected extensions in SH.
- Update tests for ECH-13.
- Tidy up error handling.
- Add tests for ECH HRR Changes.
- Server only sends GREASE HRR extension if enabled by preference.
- Update generation of the Associated Data for ECH-13.
- When ECH is accepted, reject extensions which were only advertised in
the Outer Client Hello.
- Allow for compressed, non-contiguous, extensions.
- Scramble the PSK extension in CHOuter.
- Split custom extension handling for ECH.
- Add ECH-13 HRR Handling.
- Client side ECH padding.
- Stricter ClientHelloInner Decompression.
- Remove ECH_inner extension, use new enum format.
- Update the version number for ECH-13 and adjust the ECHConfig size.
Version update to NSS 3.74
- mozilla::pkix: support SHA-2 hashes in CertIDs in OCSP responses
- Ensure clients offer consistent ciphersuites after HRR
- NSS does not properly restrict server keys based on policy
- Set nssckbi version number to 2.54
- Replace Google Trust Services LLC (GTS) R4 root certificate
- Replace Google Trust Services LLC (GTS) R3 root certificate
- Replace Google Trust Services LLC (GTS) R2 root certificate
- Replace Google Trust Services LLC (GTS) R1 root certificate
- Replace GlobalSign ECC Root CA R4
- Remove Expired Root Certificates - DST Root CA X3
- Remove Expiring Cybertrust Global Root and GlobalSign root certificates
- Add renewed Autoridad de Certificacion Firmaprofesional CIF A62634068
root certificate
- Add iTrusChina ECC root certificate
- Add iTrusChina RSA root certificate
- Add ISRG Root X2 root certificate
- Add Chunghwa Telecom's HiPKI Root CA - G1 root certificate
- Avoid a clang 13 unused variable warning in opt build
- Check for missing signedData field
- Ensure DER encoded signatures are within size limits
- enable key logging option (boo#1195040)
Version update to NSS 3.73.1:
- Add SHA-2 support to mozilla::pkix's OSCP implementation
Version update to NSS 3.73
- check for missing signedData field.
- Ensure DER encoded signatures are within size limits.
- NSS needs FiPS 140-3 version indicators.
- pkix_CacheCert_Lookup doesn't return cached certs
- sunset Coverity from NSS
Fixed MFSA 2021-51 (bsc#1193170) CVE-2021-43527: Memory corruption via
DER-encoded DSA and RSA-PSS signatures
Version update to NSS 3.72
- Fix nsinstall parallel failure.
- Increase KDF cache size to mitigate perf regression in about:logins
Version update to NSS 3.71
- Set nssckbi version number to 2.52.
- Respect server requirements of
tlsfuzzer/test-tls13-signature-algorithms.py
- Import of PKCS#12 files with Camellia encryption is not supported
- Add HARICA Client ECC Root CA 2021.
- Add HARICA Client RSA Root CA 2021.
- Add HARICA TLS ECC Root CA 2021.
- Add HARICA TLS RSA Root CA 2021.
- Add TunTrust Root CA certificate to NSS.
Version update to NSS 3.70
- Update test case to verify fix.
- Explicitly disable downgrade check in
TlsConnectStreamTls13.EchOuterWith12Max
- Explicitly disable downgrade check in
TlsConnectTest.DisableFalseStartOnFallback
- Avoid using a lookup table in nssb64d.
- Use HW accelerated SHA2 on AArch64 Big Endian.
- Change default value of enableHelloDowngradeCheck to true.
- Cache additional PBE entries.
- Read HPKE vectors from official JSON.
Version update to NSS 3.69.1:
- Disable DTLS 1.0 and 1.1 by default
- integrity checks in key4.db not happening on private components with
AES_CBC
NSS 3.69:
- Disable DTLS 1.0 and 1.1 by default (backed out again)
- integrity checks in key4.db not happening on private components with
AES_CBC (backed out again)
- SSL handling of signature algorithms ignores environmental invalid
algorithms.
- sqlite 3.34 changed it's open semantics, causing nss failures.
- Gtest update changed the gtest reports, losing gtest details in all.sh
reports.
- NSS incorrectly accepting 1536 bit DH primes in FIPS mode
- SQLite calls could timeout in starvation situations.
- Coverity/cpp scanner errors found in nss 3.67
- Import the NSS documentation from MDN in nss/doc.
- NSS using a tempdir to measure sql performance not active
Version Update to 3.68.4 (bsc#1200027)
- CVE-2022-31741: Initialize pointers passed to
NSS_CMSDigestContext_FinishMultiple. (bmo#1767590)
Mozilla NSPR was updated to version 4.34:
* add an API that returns a preferred loopback IP on hosts that have two
IP stacks available.
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap Micro 5.2:
zypper in -t patch openSUSE-Leap-Micro-5.2-2022-2533=1
Package List:
- openSUSE Leap Micro 5.2 (aarch64 x86_64):
libfreebl3-3.79-150000.3.74.1
libfreebl3-debuginfo-3.79-150000.3.74.1
libfreebl3-hmac-3.79-150000.3.74.1
libsoftokn3-3.79-150000.3.74.1
libsoftokn3-debuginfo-3.79-150000.3.74.1
libsoftokn3-hmac-3.79-150000.3.74.1
mozilla-nspr-4.34-150000.3.23.1
mozilla-nspr-debuginfo-4.34-150000.3.23.1
mozilla-nspr-debugsource-4.34-150000.3.23.1
mozilla-nss-3.79-150000.3.74.1
mozilla-nss-certs-3.79-150000.3.74.1
mozilla-nss-certs-debuginfo-3.79-150000.3.74.1
mozilla-nss-debuginfo-3.79-150000.3.74.1
mozilla-nss-debugsource-3.79-150000.3.74.1
mozilla-nss-tools-3.79-150000.3.74.1
mozilla-nss-tools-debuginfo-3.79-150000.3.74.1
References:
https://www.suse.com/security/cve/CVE-2022-31741.html
https://bugzilla.suse.com/1192079
https://bugzilla.suse.com/1192080
https://bugzilla.suse.com/1192086
https://bugzilla.suse.com/1192087
https://bugzilla.suse.com/1192228
https://bugzilla.suse.com/1198486
https://bugzilla.suse.com/1200027
1
0
SUSE-SU-2022:2717-2: moderate: Security update for ncurses
by opensuse-security@opensuse.org 01 Sep '22
by opensuse-security@opensuse.org 01 Sep '22
01 Sep '22
SUSE Security Update: Security update for ncurses
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:2717-2
Rating: moderate
References: #1198627
Cross-References: CVE-2022-29458
CVSS scores:
CVE-2022-29458 (NVD) : 7.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H
CVE-2022-29458 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Affected Products:
openSUSE Leap Micro 5.2
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for ncurses fixes the following issues:
- CVE-2022-29458: Fixed segfaulting out-of-bounds read in convert_strings
in tinfo/read_entry.c (bsc#1198627).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap Micro 5.2:
zypper in -t patch openSUSE-Leap-Micro-5.2-2022-2717=1
Package List:
- openSUSE Leap Micro 5.2 (aarch64 x86_64):
libncurses6-6.1-150000.5.12.1
libncurses6-debuginfo-6.1-150000.5.12.1
ncurses-debugsource-6.1-150000.5.12.1
ncurses-utils-6.1-150000.5.12.1
ncurses-utils-debuginfo-6.1-150000.5.12.1
terminfo-6.1-150000.5.12.1
terminfo-base-6.1-150000.5.12.1
References:
https://www.suse.com/security/cve/CVE-2022-29458.html
https://bugzilla.suse.com/1198627
1
0