openSUSE Security Announce
Threads by month
- ----- 2024 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2023 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2022 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2021 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2020 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2019 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2018 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2017 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2016 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2015 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2014 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2013 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2012 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2011 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2010 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2009 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2008 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2007 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2006 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2005 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2004 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2003 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2002 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2001 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2000 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1999 -----
- December
- November
- October
- September
- August
October 2023
- 2 participants
- 109 discussions
SUSE-SU-2023:3949-1: important: Security update for MozillaFirefox
by security@lists.opensuse.org 03 Oct '23
by security@lists.opensuse.org 03 Oct '23
03 Oct '23
# Security update for MozillaFirefox
Announcement ID: SUSE-SU-2023:3949-1
Rating: important
References:
* #1215814
Cross-References:
* CVE-2023-5217
CVSS scores:
* CVE-2023-5217 ( SUSE ): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-5217 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected Products:
* Desktop Applications Module 15-SP4
* Desktop Applications Module 15-SP5
* openSUSE Leap 15.4
* openSUSE Leap 15.5
* SUSE Enterprise Storage 7.1
* SUSE Linux Enterprise Desktop 15 SP4
* SUSE Linux Enterprise Desktop 15 SP5
* SUSE Linux Enterprise High Performance Computing 15 SP2
* SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2
* SUSE Linux Enterprise High Performance Computing 15 SP3
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP3
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
* SUSE Linux Enterprise Real Time 15 SP4
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Server 15 SP2
* SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2
* SUSE Linux Enterprise Server 15 SP3
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP2
* SUSE Linux Enterprise Server for SAP Applications 15 SP3
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Manager Proxy 4.3
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Server 4.3
An update that solves one vulnerability can now be installed.
## Description:
This update for MozillaFirefox fixes the following issues:
Mozilla Firefox was updated to 115.3.1 ESR, fixing a security issue:
MFSA 2023-44 (bsc#1215814)
* CVE-2023-5217: Fixed a heap buffer overflow in libvpx
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP3
zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-ESPOS-2023-3949=1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2023-3949=1
* SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2023-3949=1
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3
zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2023-3949=1
* SUSE Linux Enterprise Server for SAP Applications 15 SP2
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2023-3949=1
* SUSE Linux Enterprise Server for SAP Applications 15 SP3
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2023-3949=1
* SUSE Enterprise Storage 7.1
zypper in -t patch SUSE-Storage-7.1-2023-3949=1
* openSUSE Leap 15.4
zypper in -t patch openSUSE-SLE-15.4-2023-3949=1
* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2023-3949=1
* Desktop Applications Module 15-SP4
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP4-2023-3949=1
* Desktop Applications Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP5-2023-3949=1
* SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2023-3949=1
## Package List:
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP3 (aarch64
x86_64)
* MozillaFirefox-debugsource-115.3.1-150200.152.111.1
* MozillaFirefox-translations-other-115.3.1-150200.152.111.1
* MozillaFirefox-115.3.1-150200.152.111.1
* MozillaFirefox-debuginfo-115.3.1-150200.152.111.1
* MozillaFirefox-translations-common-115.3.1-150200.152.111.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP3 (noarch)
* MozillaFirefox-devel-115.3.1-150200.152.111.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
x86_64)
* MozillaFirefox-debugsource-115.3.1-150200.152.111.1
* MozillaFirefox-translations-other-115.3.1-150200.152.111.1
* MozillaFirefox-115.3.1-150200.152.111.1
* MozillaFirefox-debuginfo-115.3.1-150200.152.111.1
* MozillaFirefox-translations-common-115.3.1-150200.152.111.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch)
* MozillaFirefox-devel-115.3.1-150200.152.111.1
* SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x
x86_64)
* MozillaFirefox-debugsource-115.3.1-150200.152.111.1
* MozillaFirefox-translations-other-115.3.1-150200.152.111.1
* MozillaFirefox-115.3.1-150200.152.111.1
* MozillaFirefox-debuginfo-115.3.1-150200.152.111.1
* MozillaFirefox-translations-common-115.3.1-150200.152.111.1
* SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (noarch)
* MozillaFirefox-devel-115.3.1-150200.152.111.1
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x
x86_64)
* MozillaFirefox-debugsource-115.3.1-150200.152.111.1
* MozillaFirefox-translations-other-115.3.1-150200.152.111.1
* MozillaFirefox-115.3.1-150200.152.111.1
* MozillaFirefox-debuginfo-115.3.1-150200.152.111.1
* MozillaFirefox-translations-common-115.3.1-150200.152.111.1
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch)
* MozillaFirefox-devel-115.3.1-150200.152.111.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64)
* MozillaFirefox-debugsource-115.3.1-150200.152.111.1
* MozillaFirefox-translations-other-115.3.1-150200.152.111.1
* MozillaFirefox-115.3.1-150200.152.111.1
* MozillaFirefox-debuginfo-115.3.1-150200.152.111.1
* MozillaFirefox-translations-common-115.3.1-150200.152.111.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP2 (noarch)
* MozillaFirefox-devel-115.3.1-150200.152.111.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
* MozillaFirefox-debugsource-115.3.1-150200.152.111.1
* MozillaFirefox-translations-other-115.3.1-150200.152.111.1
* MozillaFirefox-115.3.1-150200.152.111.1
* MozillaFirefox-debuginfo-115.3.1-150200.152.111.1
* MozillaFirefox-translations-common-115.3.1-150200.152.111.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch)
* MozillaFirefox-devel-115.3.1-150200.152.111.1
* SUSE Enterprise Storage 7.1 (aarch64 x86_64)
* MozillaFirefox-debugsource-115.3.1-150200.152.111.1
* MozillaFirefox-translations-other-115.3.1-150200.152.111.1
* MozillaFirefox-115.3.1-150200.152.111.1
* MozillaFirefox-debuginfo-115.3.1-150200.152.111.1
* MozillaFirefox-translations-common-115.3.1-150200.152.111.1
* SUSE Enterprise Storage 7.1 (noarch)
* MozillaFirefox-devel-115.3.1-150200.152.111.1
* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64)
* MozillaFirefox-debugsource-115.3.1-150200.152.111.1
* MozillaFirefox-translations-other-115.3.1-150200.152.111.1
* MozillaFirefox-115.3.1-150200.152.111.1
* MozillaFirefox-branding-upstream-115.3.1-150200.152.111.1
* MozillaFirefox-debuginfo-115.3.1-150200.152.111.1
* MozillaFirefox-translations-common-115.3.1-150200.152.111.1
* openSUSE Leap 15.4 (noarch)
* MozillaFirefox-devel-115.3.1-150200.152.111.1
* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64)
* MozillaFirefox-debugsource-115.3.1-150200.152.111.1
* MozillaFirefox-translations-other-115.3.1-150200.152.111.1
* MozillaFirefox-115.3.1-150200.152.111.1
* MozillaFirefox-branding-upstream-115.3.1-150200.152.111.1
* MozillaFirefox-debuginfo-115.3.1-150200.152.111.1
* MozillaFirefox-translations-common-115.3.1-150200.152.111.1
* openSUSE Leap 15.5 (noarch)
* MozillaFirefox-devel-115.3.1-150200.152.111.1
* Desktop Applications Module 15-SP4 (aarch64 ppc64le s390x x86_64)
* MozillaFirefox-debugsource-115.3.1-150200.152.111.1
* MozillaFirefox-translations-other-115.3.1-150200.152.111.1
* MozillaFirefox-115.3.1-150200.152.111.1
* MozillaFirefox-debuginfo-115.3.1-150200.152.111.1
* MozillaFirefox-translations-common-115.3.1-150200.152.111.1
* Desktop Applications Module 15-SP4 (noarch)
* MozillaFirefox-devel-115.3.1-150200.152.111.1
* Desktop Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* MozillaFirefox-debugsource-115.3.1-150200.152.111.1
* MozillaFirefox-translations-other-115.3.1-150200.152.111.1
* MozillaFirefox-115.3.1-150200.152.111.1
* MozillaFirefox-debuginfo-115.3.1-150200.152.111.1
* MozillaFirefox-translations-common-115.3.1-150200.152.111.1
* Desktop Applications Module 15-SP5 (noarch)
* MozillaFirefox-devel-115.3.1-150200.152.111.1
* SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64
x86_64)
* MozillaFirefox-debugsource-115.3.1-150200.152.111.1
* MozillaFirefox-translations-other-115.3.1-150200.152.111.1
* MozillaFirefox-115.3.1-150200.152.111.1
* MozillaFirefox-debuginfo-115.3.1-150200.152.111.1
* MozillaFirefox-translations-common-115.3.1-150200.152.111.1
* SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (noarch)
* MozillaFirefox-devel-115.3.1-150200.152.111.1
## References:
* https://www.suse.com/security/cve/CVE-2023-5217.html
* https://bugzilla.suse.com/show_bug.cgi?id=1215814
1
0
03 Oct '23
# Security update for runc
Announcement ID: SUSE-SU-2023:3952-1
Rating: important
References:
* #1212475
Affected Products:
* Containers Module 15-SP4
* Containers Module 15-SP5
* openSUSE Leap 15.4
* openSUSE Leap 15.5
* SUSE CaaS Platform 4.0
* SUSE Enterprise Storage 7
* SUSE Enterprise Storage 7.1
* SUSE Linux Enterprise High Performance Computing 15 SP1
* SUSE Linux Enterprise High Performance Computing 15 SP1 LTSS 15-SP1
* SUSE Linux Enterprise High Performance Computing 15 SP2
* SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2
* SUSE Linux Enterprise High Performance Computing 15 SP3
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP3
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
* SUSE Linux Enterprise Micro 5.1
* SUSE Linux Enterprise Micro 5.2
* SUSE Linux Enterprise Micro 5.3
* SUSE Linux Enterprise Micro 5.4
* SUSE Linux Enterprise Micro for Rancher 5.2
* SUSE Linux Enterprise Micro for Rancher 5.3
* SUSE Linux Enterprise Micro for Rancher 5.4
* SUSE Linux Enterprise Real Time 15 SP4
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Server 15 SP1
* SUSE Linux Enterprise Server 15 SP1 LTSS 15-SP1
* SUSE Linux Enterprise Server 15 SP2
* SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2
* SUSE Linux Enterprise Server 15 SP3
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP1
* SUSE Linux Enterprise Server for SAP Applications 15 SP2
* SUSE Linux Enterprise Server for SAP Applications 15 SP3
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Manager Proxy 4.3
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Server 4.3
An update that has one security fix can now be installed.
## Description:
This update of runc fixes the following issues:
* Update to runc v1.1.8.
Upstream changelog is available from
<https://github.com/opencontainers/runc/releases/tag/v1.1.8>.
* rebuild the package with the go 1.21 security release (bsc#1212475).
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.4
zypper in -t patch openSUSE-SLE-15.4-2023-3952=1
* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2023-3952=1
* SUSE Linux Enterprise Micro for Rancher 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2023-3952=1
* SUSE Linux Enterprise Micro 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2023-3952=1
* SUSE Linux Enterprise Micro for Rancher 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2023-3952=1
* SUSE Linux Enterprise Micro 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2023-3952=1
* Containers Module 15-SP4
zypper in -t patch SUSE-SLE-Module-Containers-15-SP4-2023-3952=1
* Containers Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Containers-15-SP5-2023-3952=1
* SUSE Linux Enterprise High Performance Computing 15 SP1 LTSS 15-SP1
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-LTSS-2023-3952=1
* SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2023-3952=1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP3
zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-ESPOS-2023-3952=1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2023-3952=1
* SUSE Linux Enterprise Server 15 SP1 LTSS 15-SP1
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2023-3952=1
* SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2023-3952=1
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3
zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2023-3952=1
* SUSE Linux Enterprise Server for SAP Applications 15 SP1
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2023-3952=1
* SUSE Linux Enterprise Server for SAP Applications 15 SP2
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2023-3952=1
* SUSE Linux Enterprise Server for SAP Applications 15 SP3
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2023-3952=1
* SUSE Enterprise Storage 7.1
zypper in -t patch SUSE-Storage-7.1-2023-3952=1
* SUSE Enterprise Storage 7
zypper in -t patch SUSE-Storage-7-2023-3952=1
* SUSE CaaS Platform 4.0
To install this update, use the SUSE CaaS Platform 'skuba' tool. It will inform
you if it detects new updates and let you then trigger updating of the complete
cluster in a controlled way.
* SUSE Linux Enterprise Micro 5.1
zypper in -t patch SUSE-SUSE-MicroOS-5.1-2023-3952=1
* SUSE Linux Enterprise Micro 5.2
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2023-3952=1
* SUSE Linux Enterprise Micro for Rancher 5.2
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2023-3952=1
## Package List:
* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64)
* runc-1.1.8-150000.49.1
* runc-debuginfo-1.1.8-150000.49.1
* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64)
* runc-1.1.8-150000.49.1
* runc-debuginfo-1.1.8-150000.49.1
* SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
* runc-1.1.8-150000.49.1
* runc-debuginfo-1.1.8-150000.49.1
* SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
* runc-1.1.8-150000.49.1
* runc-debuginfo-1.1.8-150000.49.1
* SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
* runc-1.1.8-150000.49.1
* runc-debuginfo-1.1.8-150000.49.1
* SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
* runc-1.1.8-150000.49.1
* runc-debuginfo-1.1.8-150000.49.1
* Containers Module 15-SP4 (aarch64 ppc64le s390x x86_64)
* runc-1.1.8-150000.49.1
* runc-debuginfo-1.1.8-150000.49.1
* Containers Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* runc-1.1.8-150000.49.1
* runc-debuginfo-1.1.8-150000.49.1
* SUSE Linux Enterprise High Performance Computing 15 SP1 LTSS 15-SP1 (aarch64
x86_64)
* runc-1.1.8-150000.49.1
* runc-debuginfo-1.1.8-150000.49.1
* SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64
x86_64)
* runc-1.1.8-150000.49.1
* runc-debuginfo-1.1.8-150000.49.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP3 (aarch64
x86_64)
* runc-1.1.8-150000.49.1
* runc-debuginfo-1.1.8-150000.49.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
x86_64)
* runc-1.1.8-150000.49.1
* runc-debuginfo-1.1.8-150000.49.1
* SUSE Linux Enterprise Server 15 SP1 LTSS 15-SP1 (aarch64 ppc64le s390x
x86_64)
* runc-1.1.8-150000.49.1
* runc-debuginfo-1.1.8-150000.49.1
* SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x
x86_64)
* runc-1.1.8-150000.49.1
* runc-debuginfo-1.1.8-150000.49.1
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x
x86_64)
* runc-1.1.8-150000.49.1
* runc-debuginfo-1.1.8-150000.49.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP1 (ppc64le x86_64)
* runc-1.1.8-150000.49.1
* runc-debuginfo-1.1.8-150000.49.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64)
* runc-1.1.8-150000.49.1
* runc-debuginfo-1.1.8-150000.49.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
* runc-1.1.8-150000.49.1
* runc-debuginfo-1.1.8-150000.49.1
* SUSE Enterprise Storage 7.1 (aarch64 x86_64)
* runc-1.1.8-150000.49.1
* runc-debuginfo-1.1.8-150000.49.1
* SUSE Enterprise Storage 7 (aarch64 x86_64)
* runc-1.1.8-150000.49.1
* runc-debuginfo-1.1.8-150000.49.1
* SUSE CaaS Platform 4.0 (x86_64)
* runc-1.1.8-150000.49.1
* runc-debuginfo-1.1.8-150000.49.1
* SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64)
* runc-1.1.8-150000.49.1
* runc-debuginfo-1.1.8-150000.49.1
* SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64)
* runc-1.1.8-150000.49.1
* runc-debuginfo-1.1.8-150000.49.1
* SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64)
* runc-1.1.8-150000.49.1
* runc-debuginfo-1.1.8-150000.49.1
## References:
* https://bugzilla.suse.com/show_bug.cgi?id=1212475
1
0
03 Oct '23
# Security update for mdadm
Announcement ID: SUSE-SU-2023:3953-1
Rating: moderate
References:
* #1214244
* #1214245
Cross-References:
* CVE-2023-28736
* CVE-2023-28938
CVSS scores:
* CVE-2023-28736 ( SUSE ): 5.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L
* CVE-2023-28736 ( NVD ): 5.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L
* CVE-2023-28938 ( SUSE ): 3.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:L
* CVE-2023-28938 ( NVD ): 3.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:L
Affected Products:
* Basesystem Module 15-SP4
* openSUSE Leap 15.4
* SUSE Linux Enterprise Desktop 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise Micro 5.1
* SUSE Linux Enterprise Micro 5.2
* SUSE Linux Enterprise Micro 5.3
* SUSE Linux Enterprise Micro 5.4
* SUSE Linux Enterprise Micro for Rancher 5.2
* SUSE Linux Enterprise Micro for Rancher 5.3
* SUSE Linux Enterprise Micro for Rancher 5.4
* SUSE Linux Enterprise Real Time 15 SP4
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Manager Proxy 4.2
* SUSE Manager Proxy 4.3
* SUSE Manager Retail Branch Server 4.2
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Server 4.2
* SUSE Manager Server 4.3
An update that solves two vulnerabilities can now be installed.
## Description:
This update for mdadm fixes the following issues:
* CVE-2023-28736: Fixed a buffer overflow (bsc#1214244).
* CVE-2023-28938: Fixed uncontrolled resource consumption (bsc#1214245).
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* SUSE Linux Enterprise Micro for Rancher 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2023-3953=1
* SUSE Linux Enterprise Micro 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2023-3953=1
* SUSE Linux Enterprise Micro for Rancher 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2023-3953=1
* SUSE Linux Enterprise Micro 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2023-3953=1
* Basesystem Module 15-SP4
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2023-3953=1
* SUSE Manager Proxy 4.2
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.2-2023-3953=1
* SUSE Manager Retail Branch Server 4.2
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.2-2023-3953=1
* SUSE Manager Server 4.2
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.2-2023-3953=1
* SUSE Linux Enterprise Micro 5.1
zypper in -t patch SUSE-SUSE-MicroOS-5.1-2023-3953=1
* SUSE Linux Enterprise Micro 5.2
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2023-3953=1
* SUSE Linux Enterprise Micro for Rancher 5.2
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2023-3953=1
* openSUSE Leap 15.4
zypper in -t patch openSUSE-SLE-15.4-2023-3953=1
## Package List:
* SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
* mdadm-4.1-150300.24.33.1
* mdadm-debugsource-4.1-150300.24.33.1
* mdadm-debuginfo-4.1-150300.24.33.1
* SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
* mdadm-4.1-150300.24.33.1
* mdadm-debugsource-4.1-150300.24.33.1
* mdadm-debuginfo-4.1-150300.24.33.1
* SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
* mdadm-4.1-150300.24.33.1
* mdadm-debugsource-4.1-150300.24.33.1
* mdadm-debuginfo-4.1-150300.24.33.1
* SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
* mdadm-4.1-150300.24.33.1
* mdadm-debugsource-4.1-150300.24.33.1
* mdadm-debuginfo-4.1-150300.24.33.1
* Basesystem Module 15-SP4 (aarch64 ppc64le s390x x86_64)
* mdadm-4.1-150300.24.33.1
* mdadm-debugsource-4.1-150300.24.33.1
* mdadm-debuginfo-4.1-150300.24.33.1
* SUSE Manager Proxy 4.2 (x86_64)
* mdadm-4.1-150300.24.33.1
* mdadm-debugsource-4.1-150300.24.33.1
* mdadm-debuginfo-4.1-150300.24.33.1
* SUSE Manager Retail Branch Server 4.2 (x86_64)
* mdadm-4.1-150300.24.33.1
* mdadm-debugsource-4.1-150300.24.33.1
* mdadm-debuginfo-4.1-150300.24.33.1
* SUSE Manager Server 4.2 (ppc64le s390x x86_64)
* mdadm-4.1-150300.24.33.1
* mdadm-debugsource-4.1-150300.24.33.1
* mdadm-debuginfo-4.1-150300.24.33.1
* SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64)
* mdadm-4.1-150300.24.33.1
* mdadm-debugsource-4.1-150300.24.33.1
* mdadm-debuginfo-4.1-150300.24.33.1
* SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64)
* mdadm-4.1-150300.24.33.1
* mdadm-debugsource-4.1-150300.24.33.1
* mdadm-debuginfo-4.1-150300.24.33.1
* SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64)
* mdadm-4.1-150300.24.33.1
* mdadm-debugsource-4.1-150300.24.33.1
* mdadm-debuginfo-4.1-150300.24.33.1
* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64)
* mdadm-4.1-150300.24.33.1
* mdadm-debugsource-4.1-150300.24.33.1
* mdadm-debuginfo-4.1-150300.24.33.1
## References:
* https://www.suse.com/security/cve/CVE-2023-28736.html
* https://www.suse.com/security/cve/CVE-2023-28938.html
* https://bugzilla.suse.com/show_bug.cgi?id=1214244
* https://bugzilla.suse.com/show_bug.cgi?id=1214245
1
0
SUSE-SU-2023:3954-1: important: Security update for libeconf
by security@lists.opensuse.org 03 Oct '23
by security@lists.opensuse.org 03 Oct '23
03 Oct '23
# Security update for libeconf
Announcement ID: SUSE-SU-2023:3954-1
Rating: important
References:
* #1211078
Cross-References:
* CVE-2023-22652
* CVE-2023-30078
* CVE-2023-30079
* CVE-2023-32181
CVSS scores:
* CVE-2023-22652 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-22652 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
* CVE-2023-30078 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2023-30078 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2023-30079 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2023-30079 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2023-32181 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-32181 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
Affected Products:
* Basesystem Module 15-SP4
* Basesystem Module 15-SP5
* openSUSE Leap 15.4
* openSUSE Leap 15.5
* SUSE Linux Enterprise Desktop 15 SP4
* SUSE Linux Enterprise Desktop 15 SP5
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Micro 5.3
* SUSE Linux Enterprise Micro 5.4
* SUSE Linux Enterprise Micro for Rancher 5.3
* SUSE Linux Enterprise Micro for Rancher 5.4
* SUSE Linux Enterprise Real Time 15 SP4
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Manager Proxy 4.3
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Server 4.3
An update that solves four vulnerabilities can now be installed.
## Description:
This update for libeconf fixes the following issues:
Update to version 0.5.2.
* CVE-2023-30078, CVE-2023-32181: Fixed a stack-buffer-overflow vulnerability
in "econf_writeFile" function (bsc#1211078).
* CVE-2023-30079, CVE-2023-22652: Fixed a stack-buffer-overflow vulnerability
in "read_file" function. (bsc#1211078)
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.4
zypper in -t patch SUSE-2023-3954=1 openSUSE-SLE-15.4-2023-3954=1
* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2023-3954=1
* SUSE Linux Enterprise Micro for Rancher 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2023-3954=1
* SUSE Linux Enterprise Micro 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2023-3954=1
* SUSE Linux Enterprise Micro for Rancher 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2023-3954=1
* SUSE Linux Enterprise Micro 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2023-3954=1
* Basesystem Module 15-SP4
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2023-3954=1
* Basesystem Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2023-3954=1
## Package List:
* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
* libeconf-devel-0.5.2-150400.3.6.1
* libeconf-utils-0.5.2-150400.3.6.1
* libeconf-utils-debuginfo-0.5.2-150400.3.6.1
* libeconf-debugsource-0.5.2-150400.3.6.1
* libeconf0-debuginfo-0.5.2-150400.3.6.1
* libeconf0-0.5.2-150400.3.6.1
* openSUSE Leap 15.4 (x86_64)
* libeconf0-32bit-0.5.2-150400.3.6.1
* libeconf0-32bit-debuginfo-0.5.2-150400.3.6.1
* openSUSE Leap 15.4 (aarch64_ilp32)
* libeconf0-64bit-0.5.2-150400.3.6.1
* libeconf0-64bit-debuginfo-0.5.2-150400.3.6.1
* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64)
* libeconf-devel-0.5.2-150400.3.6.1
* libeconf-utils-0.5.2-150400.3.6.1
* libeconf-utils-debuginfo-0.5.2-150400.3.6.1
* libeconf-debugsource-0.5.2-150400.3.6.1
* libeconf0-debuginfo-0.5.2-150400.3.6.1
* libeconf0-0.5.2-150400.3.6.1
* openSUSE Leap 15.5 (x86_64)
* libeconf0-32bit-0.5.2-150400.3.6.1
* libeconf0-32bit-debuginfo-0.5.2-150400.3.6.1
* SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
* libeconf0-0.5.2-150400.3.6.1
* libeconf0-debuginfo-0.5.2-150400.3.6.1
* libeconf-debugsource-0.5.2-150400.3.6.1
* SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
* libeconf0-0.5.2-150400.3.6.1
* libeconf0-debuginfo-0.5.2-150400.3.6.1
* libeconf-debugsource-0.5.2-150400.3.6.1
* SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
* libeconf0-0.5.2-150400.3.6.1
* libeconf0-debuginfo-0.5.2-150400.3.6.1
* libeconf-debugsource-0.5.2-150400.3.6.1
* SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
* libeconf0-0.5.2-150400.3.6.1
* libeconf0-debuginfo-0.5.2-150400.3.6.1
* libeconf-debugsource-0.5.2-150400.3.6.1
* Basesystem Module 15-SP4 (aarch64 ppc64le s390x x86_64)
* libeconf0-0.5.2-150400.3.6.1
* libeconf0-debuginfo-0.5.2-150400.3.6.1
* libeconf-debugsource-0.5.2-150400.3.6.1
* Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* libeconf0-0.5.2-150400.3.6.1
* libeconf0-debuginfo-0.5.2-150400.3.6.1
* libeconf-debugsource-0.5.2-150400.3.6.1
## References:
* https://www.suse.com/security/cve/CVE-2023-22652.html
* https://www.suse.com/security/cve/CVE-2023-30078.html
* https://www.suse.com/security/cve/CVE-2023-30079.html
* https://www.suse.com/security/cve/CVE-2023-32181.html
* https://bugzilla.suse.com/show_bug.cgi?id=1211078
1
0
03 Oct '23
# Security update for vim
Announcement ID: SUSE-SU-2023:3955-1
Rating: important
References:
* #1214922
* #1214924
* #1214925
* #1215004
* #1215006
* #1215033
Cross-References:
* CVE-2023-4733
* CVE-2023-4734
* CVE-2023-4735
* CVE-2023-4738
* CVE-2023-4752
* CVE-2023-4781
CVSS scores:
* CVE-2023-4733 ( SUSE ): 8.2 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H
* CVE-2023-4733 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2023-4733 ( NVD ): 7.3 CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
* CVE-2023-4734 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
* CVE-2023-4734 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2023-4734 ( NVD ): 7.8 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2023-4735 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
* CVE-2023-4735 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2023-4735 ( NVD ): 4.8 CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L
* CVE-2023-4738 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2023-4738 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2023-4738 ( NVD ): 7.8 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2023-4752 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2023-4752 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2023-4752 ( NVD ): 7.8 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2023-4781 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2023-4781 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2023-4781 ( NVD ): 7.8 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected Products:
* Basesystem Module 15-SP4
* Desktop Applications Module 15-SP4
* openSUSE Leap 15.4
* SUSE CaaS Platform 4.0
* SUSE Enterprise Storage 7.1
* SUSE Linux Enterprise Desktop 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP1
* SUSE Linux Enterprise High Performance Computing 15 SP1 LTSS 15-SP1
* SUSE Linux Enterprise High Performance Computing 15 SP2
* SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2
* SUSE Linux Enterprise High Performance Computing 15 SP3
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP3
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
* SUSE Linux Enterprise Micro 5.1
* SUSE Linux Enterprise Micro 5.2
* SUSE Linux Enterprise Micro 5.3
* SUSE Linux Enterprise Micro 5.4
* SUSE Linux Enterprise Micro for Rancher 5.2
* SUSE Linux Enterprise Micro for Rancher 5.3
* SUSE Linux Enterprise Micro for Rancher 5.4
* SUSE Linux Enterprise Real Time 15 SP4
* SUSE Linux Enterprise Server 15 SP1
* SUSE Linux Enterprise Server 15 SP1 LTSS 15-SP1
* SUSE Linux Enterprise Server 15 SP2
* SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2
* SUSE Linux Enterprise Server 15 SP3
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP1
* SUSE Linux Enterprise Server for SAP Applications 15 SP2
* SUSE Linux Enterprise Server for SAP Applications 15 SP3
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Manager Proxy 4.2
* SUSE Manager Proxy 4.3
* SUSE Manager Retail Branch Server 4.2
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Server 4.2
* SUSE Manager Server 4.3
An update that solves six vulnerabilities can now be installed.
## Description:
This update for vim fixes the following issues:
Security fixes:
* CVE-2023-4733: Fixed use-after-free in function buflist_altfpos
(bsc#1215004).
* CVE-2023-4734: Fixed segmentation fault in function f_fullcommand
(bsc#1214925).
* CVE-2023-4735: Fixed out of bounds write in ops.c (bsc#1214924).
* CVE-2023-4738: Fixed heap buffer overflow in vim_regsub_both (bsc#1214922).
* CVE-2023-4752: Fixed heap use-after-free in function ins_compl_get_exp
(bsc#1215006).
* CVE-2023-4781: Fixed heap buffer overflow in function vim_regsub_both
(bsc#1215033).
Other fixes:
* Update to version 9.0 with patch level 1894, for the complete list of
changes see https://github.com/vim/vim/compare/v9.0.1443...v9.0.1894
* Use app icons generated from vimlogo.eps in the source tarball; add higher
resolution icons of sizes 128x128, 256x256, and 512x512 as png sources
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.4
zypper in -t patch openSUSE-SLE-15.4-2023-3955=1
* SUSE Linux Enterprise Micro for Rancher 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2023-3955=1
* SUSE Linux Enterprise Micro 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2023-3955=1
* SUSE Linux Enterprise Micro for Rancher 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2023-3955=1
* SUSE Linux Enterprise Micro 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2023-3955=1
* Basesystem Module 15-SP4
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2023-3955=1
* Desktop Applications Module 15-SP4
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP4-2023-3955=1
* SUSE Linux Enterprise High Performance Computing 15 SP1 LTSS 15-SP1
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-LTSS-2023-3955=1
* SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2023-3955=1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP3
zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-ESPOS-2023-3955=1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2023-3955=1
* SUSE Linux Enterprise Server 15 SP1 LTSS 15-SP1
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2023-3955=1
* SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2023-3955=1
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3
zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2023-3955=1
* SUSE Linux Enterprise Server for SAP Applications 15 SP1
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2023-3955=1
* SUSE Linux Enterprise Server for SAP Applications 15 SP2
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2023-3955=1
* SUSE Linux Enterprise Server for SAP Applications 15 SP3
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2023-3955=1
* SUSE Manager Proxy 4.2
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.2-2023-3955=1
* SUSE Manager Retail Branch Server 4.2
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.2-2023-3955=1
* SUSE Manager Server 4.2
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.2-2023-3955=1
* SUSE Enterprise Storage 7.1
zypper in -t patch SUSE-Storage-7.1-2023-3955=1
* SUSE CaaS Platform 4.0
To install this update, use the SUSE CaaS Platform 'skuba' tool. It will inform
you if it detects new updates and let you then trigger updating of the complete
cluster in a controlled way.
* SUSE Linux Enterprise Micro 5.1
zypper in -t patch SUSE-SUSE-MicroOS-5.1-2023-3955=1
* SUSE Linux Enterprise Micro 5.2
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2023-3955=1
* SUSE Linux Enterprise Micro for Rancher 5.2
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2023-3955=1
## Package List:
* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64)
* vim-debuginfo-9.0.1894-150000.5.54.1
* gvim-9.0.1894-150000.5.54.1
* vim-debugsource-9.0.1894-150000.5.54.1
* vim-small-9.0.1894-150000.5.54.1
* gvim-debuginfo-9.0.1894-150000.5.54.1
* vim-9.0.1894-150000.5.54.1
* vim-small-debuginfo-9.0.1894-150000.5.54.1
* openSUSE Leap 15.4 (noarch)
* vim-data-common-9.0.1894-150000.5.54.1
* vim-data-9.0.1894-150000.5.54.1
* SUSE Linux Enterprise Micro for Rancher 5.3 (noarch)
* vim-data-common-9.0.1894-150000.5.54.1
* SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
* vim-debuginfo-9.0.1894-150000.5.54.1
* vim-debugsource-9.0.1894-150000.5.54.1
* vim-small-9.0.1894-150000.5.54.1
* vim-small-debuginfo-9.0.1894-150000.5.54.1
* SUSE Linux Enterprise Micro 5.3 (noarch)
* vim-data-common-9.0.1894-150000.5.54.1
* SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
* vim-debuginfo-9.0.1894-150000.5.54.1
* vim-debugsource-9.0.1894-150000.5.54.1
* vim-small-9.0.1894-150000.5.54.1
* vim-small-debuginfo-9.0.1894-150000.5.54.1
* SUSE Linux Enterprise Micro for Rancher 5.4 (noarch)
* vim-data-common-9.0.1894-150000.5.54.1
* SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
* vim-debuginfo-9.0.1894-150000.5.54.1
* vim-debugsource-9.0.1894-150000.5.54.1
* vim-small-9.0.1894-150000.5.54.1
* vim-small-debuginfo-9.0.1894-150000.5.54.1
* SUSE Linux Enterprise Micro 5.4 (noarch)
* vim-data-common-9.0.1894-150000.5.54.1
* SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
* vim-debuginfo-9.0.1894-150000.5.54.1
* vim-debugsource-9.0.1894-150000.5.54.1
* vim-small-9.0.1894-150000.5.54.1
* vim-small-debuginfo-9.0.1894-150000.5.54.1
* Basesystem Module 15-SP4 (aarch64 ppc64le s390x x86_64)
* vim-debuginfo-9.0.1894-150000.5.54.1
* vim-debugsource-9.0.1894-150000.5.54.1
* vim-small-9.0.1894-150000.5.54.1
* vim-9.0.1894-150000.5.54.1
* vim-small-debuginfo-9.0.1894-150000.5.54.1
* Basesystem Module 15-SP4 (noarch)
* vim-data-common-9.0.1894-150000.5.54.1
* vim-data-9.0.1894-150000.5.54.1
* Desktop Applications Module 15-SP4 (aarch64 ppc64le s390x x86_64)
* vim-debuginfo-9.0.1894-150000.5.54.1
* gvim-9.0.1894-150000.5.54.1
* vim-debugsource-9.0.1894-150000.5.54.1
* gvim-debuginfo-9.0.1894-150000.5.54.1
* SUSE Linux Enterprise High Performance Computing 15 SP1 LTSS 15-SP1 (aarch64
x86_64)
* vim-debuginfo-9.0.1894-150000.5.54.1
* gvim-9.0.1894-150000.5.54.1
* vim-debugsource-9.0.1894-150000.5.54.1
* gvim-debuginfo-9.0.1894-150000.5.54.1
* vim-9.0.1894-150000.5.54.1
* SUSE Linux Enterprise High Performance Computing 15 SP1 LTSS 15-SP1 (noarch)
* vim-data-common-9.0.1894-150000.5.54.1
* vim-data-9.0.1894-150000.5.54.1
* SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64
x86_64)
* vim-debuginfo-9.0.1894-150000.5.54.1
* gvim-9.0.1894-150000.5.54.1
* vim-debugsource-9.0.1894-150000.5.54.1
* gvim-debuginfo-9.0.1894-150000.5.54.1
* vim-9.0.1894-150000.5.54.1
* SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (noarch)
* vim-data-common-9.0.1894-150000.5.54.1
* vim-data-9.0.1894-150000.5.54.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP3 (aarch64
x86_64)
* vim-debuginfo-9.0.1894-150000.5.54.1
* gvim-9.0.1894-150000.5.54.1
* vim-debugsource-9.0.1894-150000.5.54.1
* vim-small-9.0.1894-150000.5.54.1
* gvim-debuginfo-9.0.1894-150000.5.54.1
* vim-9.0.1894-150000.5.54.1
* vim-small-debuginfo-9.0.1894-150000.5.54.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP3 (noarch)
* vim-data-common-9.0.1894-150000.5.54.1
* vim-data-9.0.1894-150000.5.54.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
x86_64)
* vim-debuginfo-9.0.1894-150000.5.54.1
* gvim-9.0.1894-150000.5.54.1
* vim-debugsource-9.0.1894-150000.5.54.1
* vim-small-9.0.1894-150000.5.54.1
* gvim-debuginfo-9.0.1894-150000.5.54.1
* vim-9.0.1894-150000.5.54.1
* vim-small-debuginfo-9.0.1894-150000.5.54.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch)
* vim-data-common-9.0.1894-150000.5.54.1
* vim-data-9.0.1894-150000.5.54.1
* SUSE Linux Enterprise Server 15 SP1 LTSS 15-SP1 (aarch64 ppc64le s390x
x86_64)
* vim-debuginfo-9.0.1894-150000.5.54.1
* gvim-9.0.1894-150000.5.54.1
* vim-debugsource-9.0.1894-150000.5.54.1
* gvim-debuginfo-9.0.1894-150000.5.54.1
* vim-9.0.1894-150000.5.54.1
* SUSE Linux Enterprise Server 15 SP1 LTSS 15-SP1 (noarch)
* vim-data-common-9.0.1894-150000.5.54.1
* vim-data-9.0.1894-150000.5.54.1
* SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x
x86_64)
* vim-debuginfo-9.0.1894-150000.5.54.1
* gvim-9.0.1894-150000.5.54.1
* vim-debugsource-9.0.1894-150000.5.54.1
* gvim-debuginfo-9.0.1894-150000.5.54.1
* vim-9.0.1894-150000.5.54.1
* SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (noarch)
* vim-data-common-9.0.1894-150000.5.54.1
* vim-data-9.0.1894-150000.5.54.1
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x
x86_64)
* vim-debuginfo-9.0.1894-150000.5.54.1
* gvim-9.0.1894-150000.5.54.1
* vim-debugsource-9.0.1894-150000.5.54.1
* vim-small-9.0.1894-150000.5.54.1
* gvim-debuginfo-9.0.1894-150000.5.54.1
* vim-9.0.1894-150000.5.54.1
* vim-small-debuginfo-9.0.1894-150000.5.54.1
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch)
* vim-data-common-9.0.1894-150000.5.54.1
* vim-data-9.0.1894-150000.5.54.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP1 (ppc64le x86_64)
* vim-debuginfo-9.0.1894-150000.5.54.1
* gvim-9.0.1894-150000.5.54.1
* vim-debugsource-9.0.1894-150000.5.54.1
* gvim-debuginfo-9.0.1894-150000.5.54.1
* vim-9.0.1894-150000.5.54.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP1 (noarch)
* vim-data-common-9.0.1894-150000.5.54.1
* vim-data-9.0.1894-150000.5.54.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64)
* vim-debuginfo-9.0.1894-150000.5.54.1
* gvim-9.0.1894-150000.5.54.1
* vim-debugsource-9.0.1894-150000.5.54.1
* gvim-debuginfo-9.0.1894-150000.5.54.1
* vim-9.0.1894-150000.5.54.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP2 (noarch)
* vim-data-common-9.0.1894-150000.5.54.1
* vim-data-9.0.1894-150000.5.54.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
* vim-debuginfo-9.0.1894-150000.5.54.1
* gvim-9.0.1894-150000.5.54.1
* vim-debugsource-9.0.1894-150000.5.54.1
* vim-small-9.0.1894-150000.5.54.1
* gvim-debuginfo-9.0.1894-150000.5.54.1
* vim-9.0.1894-150000.5.54.1
* vim-small-debuginfo-9.0.1894-150000.5.54.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch)
* vim-data-common-9.0.1894-150000.5.54.1
* vim-data-9.0.1894-150000.5.54.1
* SUSE Manager Proxy 4.2 (x86_64)
* vim-debuginfo-9.0.1894-150000.5.54.1
* vim-debugsource-9.0.1894-150000.5.54.1
* vim-small-9.0.1894-150000.5.54.1
* vim-9.0.1894-150000.5.54.1
* vim-small-debuginfo-9.0.1894-150000.5.54.1
* SUSE Manager Proxy 4.2 (noarch)
* vim-data-common-9.0.1894-150000.5.54.1
* vim-data-9.0.1894-150000.5.54.1
* SUSE Manager Retail Branch Server 4.2 (x86_64)
* vim-debuginfo-9.0.1894-150000.5.54.1
* vim-debugsource-9.0.1894-150000.5.54.1
* vim-small-9.0.1894-150000.5.54.1
* vim-9.0.1894-150000.5.54.1
* vim-small-debuginfo-9.0.1894-150000.5.54.1
* SUSE Manager Retail Branch Server 4.2 (noarch)
* vim-data-common-9.0.1894-150000.5.54.1
* vim-data-9.0.1894-150000.5.54.1
* SUSE Manager Server 4.2 (ppc64le s390x x86_64)
* vim-debuginfo-9.0.1894-150000.5.54.1
* vim-debugsource-9.0.1894-150000.5.54.1
* vim-small-9.0.1894-150000.5.54.1
* vim-9.0.1894-150000.5.54.1
* vim-small-debuginfo-9.0.1894-150000.5.54.1
* SUSE Manager Server 4.2 (noarch)
* vim-data-common-9.0.1894-150000.5.54.1
* vim-data-9.0.1894-150000.5.54.1
* SUSE Enterprise Storage 7.1 (aarch64 x86_64)
* vim-debuginfo-9.0.1894-150000.5.54.1
* gvim-9.0.1894-150000.5.54.1
* vim-debugsource-9.0.1894-150000.5.54.1
* vim-small-9.0.1894-150000.5.54.1
* gvim-debuginfo-9.0.1894-150000.5.54.1
* vim-9.0.1894-150000.5.54.1
* vim-small-debuginfo-9.0.1894-150000.5.54.1
* SUSE Enterprise Storage 7.1 (noarch)
* vim-data-common-9.0.1894-150000.5.54.1
* vim-data-9.0.1894-150000.5.54.1
* SUSE CaaS Platform 4.0 (x86_64)
* vim-debuginfo-9.0.1894-150000.5.54.1
* gvim-9.0.1894-150000.5.54.1
* vim-debugsource-9.0.1894-150000.5.54.1
* gvim-debuginfo-9.0.1894-150000.5.54.1
* vim-9.0.1894-150000.5.54.1
* SUSE CaaS Platform 4.0 (noarch)
* vim-data-common-9.0.1894-150000.5.54.1
* vim-data-9.0.1894-150000.5.54.1
* SUSE Linux Enterprise Micro 5.1 (noarch)
* vim-data-common-9.0.1894-150000.5.54.1
* SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64)
* vim-debuginfo-9.0.1894-150000.5.54.1
* vim-debugsource-9.0.1894-150000.5.54.1
* vim-small-9.0.1894-150000.5.54.1
* vim-small-debuginfo-9.0.1894-150000.5.54.1
* SUSE Linux Enterprise Micro 5.2 (noarch)
* vim-data-common-9.0.1894-150000.5.54.1
* SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64)
* vim-debuginfo-9.0.1894-150000.5.54.1
* vim-debugsource-9.0.1894-150000.5.54.1
* vim-small-9.0.1894-150000.5.54.1
* vim-small-debuginfo-9.0.1894-150000.5.54.1
* SUSE Linux Enterprise Micro for Rancher 5.2 (noarch)
* vim-data-common-9.0.1894-150000.5.54.1
* SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64)
* vim-debuginfo-9.0.1894-150000.5.54.1
* vim-debugsource-9.0.1894-150000.5.54.1
* vim-small-9.0.1894-150000.5.54.1
* vim-small-debuginfo-9.0.1894-150000.5.54.1
## References:
* https://www.suse.com/security/cve/CVE-2023-4733.html
* https://www.suse.com/security/cve/CVE-2023-4734.html
* https://www.suse.com/security/cve/CVE-2023-4735.html
* https://www.suse.com/security/cve/CVE-2023-4738.html
* https://www.suse.com/security/cve/CVE-2023-4752.html
* https://www.suse.com/security/cve/CVE-2023-4781.html
* https://bugzilla.suse.com/show_bug.cgi?id=1214922
* https://bugzilla.suse.com/show_bug.cgi?id=1214924
* https://bugzilla.suse.com/show_bug.cgi?id=1214925
* https://bugzilla.suse.com/show_bug.cgi?id=1215004
* https://bugzilla.suse.com/show_bug.cgi?id=1215006
* https://bugzilla.suse.com/show_bug.cgi?id=1215033
1
0
openSUSE-SU-2023:0285-1: moderate: Security update for roundcubemail
by opensuse-security@opensuse.org 02 Oct '23
by opensuse-security@opensuse.org 02 Oct '23
02 Oct '23
openSUSE Security Update: Security update for roundcubemail
______________________________________________________________________________
Announcement ID: openSUSE-SU-2023:0285-1
Rating: moderate
References: #1215433
Affected Products:
openSUSE Backports SLE-15-SP5
______________________________________________________________________________
An update that contains security fixes can now be installed.
Description:
This update for roundcubemail fixes the following issues:
Update to 1.6.3 (boo#1215433)
* Fix bug where installto.sh/update.sh scripts were removing some
essential options from the config file (#9051)
* Update jQuery-UI to version 1.13.2 (#9041)
* Fix regression that broke use_secure_urls feature (#9052)
* Fix potential PHP fatal error when opening a message with message/rfc822
part (#8953)
* Fix bug where a duplicate <title> tag in HTML email could cause some
parts being cut off (#9029)
* Fix bug where a list of folders could have been sorted incorrectly
(#9057)
* Fix regression where LDAP addressbook 'filter' option was ignored (#9061)
* Fix wrong order of a multi-folder search result when sorting by size
(#9065)
* Fix so install/update scripts do not require PEAR (#9037)
* Fix regression where some mail parts could have been decoded
incorrectly, or not at all (#9096)
* Fix handling of an error case in Cyrus IMAP BINARY FETCH, fallback to
non-binary FETCH (#9097)
* Fix PHP8 deprecation warning in the reconnect plugin (#9083)
* Fix "Show source" on mobile with x_frame_options = deny (#9084)
* Fix various PHP warnings (#9098)
* Fix deprecated use of ldap_connect() in password's ldap_simple driver
(#9060)
* Fix cross-site scripting (XSS) vulnerability in handling of linkrefs in
plain text messages
Update to 1.6.2
* Add Uyghur localization
* Fix regression in OAuth request URI caused by use of REQUEST_URI instead
of SCRIPT_NAME as a default (#8878)
* Fix bug where false attachment reminder was displayed on HTML mail with
inline images (#8885)
* Fix bug where a non-ASCII character in app.js could cause error in
javascript engine (#8894)
* Fix JWT decoding with url safe base64 schema (#8890)
* Fix bug where .wav instead of .mp3 file was used for the new mail
notification in Firefox (#8895)
* Fix PHP8 warning (#8891)
* Fix support for Windows-31J charset (#8869)
* Fix so LDAP VLV option is disabled by default as documented (#8833)
* Fix so an email address with name is supported as input to the
managesieve notify :from parameter (#8918)
* Fix Help plugin menu (#8898)
* Fix invalid onclick handler on the logo image when using non-array
skin_logo setting (#8933)
* Fix duplicate recipients in "To" and "Cc" on reply (#8912)
* Fix bug where it wasn't possible to scroll lists by clicking middle
mouse button (#8942)
* Fix bug where label text in a single-input dialog could be partially
invisible in some locales (#8905)
* Fix bug where LDAP (fulltext) search didn't work without 'search_fields'
in config (#8874)
* Fix extra leading newlines in plain text converted from HTML (#8973)
* Fix so recipients with a domain ending with .s are allowed (#8854)
* Fix so vCard output does not contain non-standard/redundant TYPE=OTHER
and TYPE=INTERNET (#8838)
* Fix QR code images for contacts with non-ASCII characters (#9001)
* Fix PHP8 warnings when using list_flags and list_cols properties by
plugins (#8998)
* Fix bug where subfolders could loose subscription on parent folder
rename (#8892)
* Fix connecting to LDAP using an URI with ldapi:// scheme (#8990)
* Fix insecure shell command params handling in cmd_learn driver of
markasjunk plugin (#9005)
* Fix bug where some mail headers didn't work in cmd_learn driver of
markasjunk plugin (#9005)
* Fix PHP fatal error when importing vcf file using PHP 8.2 (#9025)
* Fix so output of log_date_format with microseconds contains time in
server time zone, not UTC
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Backports SLE-15-SP5:
zypper in -t patch openSUSE-2023-285=1
Package List:
- openSUSE Backports SLE-15-SP5 (noarch):
roundcubemail-1.6.3-bp155.2.3.1
References:
https://bugzilla.suse.com/1215433
1
0
openSUSE-SU-2023:0279-1: important: Security update for python-bugzilla
by opensuse-security@opensuse.org 02 Oct '23
by opensuse-security@opensuse.org 02 Oct '23
02 Oct '23
openSUSE Security Update: Security update for python-bugzilla
______________________________________________________________________________
Announcement ID: openSUSE-SU-2023:0279-1
Rating: important
References: #1215718
Affected Products:
openSUSE Backports SLE-15-SP4
______________________________________________________________________________
An update that contains security fixes can now be installed.
Description:
This update for python-bugzilla fixes the following issues:
- Fixed potential API Key leak (boo#1215718).
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Backports SLE-15-SP4:
zypper in -t patch openSUSE-2023-279=1
Package List:
- openSUSE Backports SLE-15-SP4 (noarch):
python3-bugzilla-3.2.0-bp154.3.8.1
References:
https://bugzilla.suse.com/1215718
1
0
openSUSE-SU-2023:0278-1: important: Security update for seamonkey
by opensuse-security@opensuse.org 02 Oct '23
by opensuse-security@opensuse.org 02 Oct '23
02 Oct '23
openSUSE Security Update: Security update for seamonkey
______________________________________________________________________________
Announcement ID: openSUSE-SU-2023:0278-1
Rating: important
References: #1207332 #1209994 #1213986
Cross-References: CVE-2023-4863
CVSS scores:
CVE-2023-4863 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2023-4863 (SUSE): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected Products:
openSUSE Backports SLE-15-SP5
______________________________________________________________________________
An update that solves one vulnerability and has two fixes
is now available.
Description:
This update for seamonkey fixes the following issues:
update to SeaMonkey 2.53.17.1
* Upstream libwebp security fix bug 1852749.
* CVE-2023-4863: Heap buffer overflow in libwebp bug 1852649.
* Fix bad string encoded in ansi. l10n fr problem only bug 1847887.
* SeaMonkey 2.53.17 uses the same backend as Firefox and contains the
relevant Firefox 60.8 security fixes.
* SeaMonkey 2.53.17 shares most parts of the mail and news code with
Thunderbird. Please read the Thunderbird 60.8.0 release notes for
specific security fixes in this release.
* Additional important security fixes up to Current Firefox 115.3 and
Thunderbird 115.3 ESR plus many enhancements have been backported. We
will continue to enhance SeaMonkey security in subsequent 2.53.x beta
and release versions as fast as we are able to.
update to SeaMonkey 2.53.17
* Fix macOS Contacts permission request bug 1826719.
* Remove SeaMonkey 2.57 links from debugQA bug 1829683.
* Treat opening urls from the library as external bug 1619108.
* Disable spam warning for autogenerated links in plaintext messages bug
619031.
* Switch SeaMonkey build files to Python 3 bug 1635849.
* Remove empty overlays from Composer bug 1828533.
* Move xpfe autocomplete to comm-central suite bug 1418512.
* Remove nsIPrefBranch2 and nsIPrefBranchInternal bug 1374847.
* SeaMonkey 2.53.17 uses the same backend as Firefox and contains the
relevant Firefox 60.8 security fixes.
* SeaMonkey 2.53.17 shares most parts of the mail and news code with
Thunderbird. Please read the Thunderbird 60.8.0 release notes for
specific security fixes in this release.
* Additional important security fixes up to Current Firefox 102.11 and
Thunderbird 102.11 ESR plus many enhancements have been backported. We
will continue to enhance SeaMonkey security in subsequent 2.53.x beta
and release versions as fast as we are able to.
Update to SeaMonkey 2.53.16
* No throbber in plaintext editor bug 85498.
* Remove unused gridlines class from EdAdvancedEdit bug 1806632.
* Remove ESR 91 links from debugQA bug 1804534.
* Rename devtools/shim to devtools/startup bug 1812367.
* Remove unused seltype=text|cell css bug 1806653.
* Implement new shared tree styling bug 1807802.
* Use `win.focus()` in macWindowMenu.js bug 1807817.
* Remove WCAP provider bug 1579020.
* Remove ftp/file tree view support bug 1239239.
* Change calendar list tree to a list bug 1561530.
* Various other updates to the calendar code.
* Continue the switch from Python 2 to Python 3 in the build system.
* Verified compatibility with Rust 1.66.1.
* SeaMonkey 2.53.16 uses the same backend as Firefox and contains the
relevant Firefox 60.8 security fixes.
* SeaMonkey 2.53.16 shares most parts of the mail and news code with
Thunderbird. Please read the Thunderbird 60.8.0 release notes for
specific security fixes in this release.
* Additional important security fixes up to Current Firefox 102.9 and
Thunderbird 102.9 ESR plus many enhancements have been backported. We
will continue to enhance SeaMonkey security in subsequent 2.53.x beta
and release versions as fast as we are able to.
Update to SeaMonkey 2.53.15
* Microtasks and promises bug 1193394.
* Implement queueMicrotask()bug 1480236.
* Remove old synchronous contentPrefService from the tree bug 886907 and
bug 1392929.
* Remove remaining uses of 'general.useragent.locale' bug 1410736 and
bug 1410738.
* Migrate to intl.locale.requested.locale list from
'general.useragent.locale' bug 1441016.
* Introduce a pref to store BCP47 locale list bug 1414390, bug 1423532
and bug 1441026.
* Remove synchronous certificate verification APIs from nsIX509CertDB
bug 1453741 and bug 1453778.
* Taskbar preview's favicon appears blank bug 1475524.
* Call Imagelibs decodeImageAsyncWindows using a callback bug 1790695.
* Remove PermissionsService from process Windows sandboxing code bug
1788233, bug 1789782 and bug 1794394.
* Security info dialog doesn't show cert status anymore bug 1293378.
* Replace nsIPlatfromCharset in mailnews bug 1381762.
* Replace use of nsMsgI18NFileSystemCharset() with
NS_CopyUnicodeToNative/NS_CopyNativeToUnicode() bug 1506422.
* Cater for Outlook's/Hotmail's 'Deleted' folder bug 1320191.
* Make some filter methods scriptable bug 1497513.
* Fix crash in nsMsgFilterAfterTheFact::ApplyFilter() caused by async
reset of 'm_curFolder' bug 537017.
* Localize messages from nsIMsgFolder.logRuleHitFail() bug 1352731.
* Add logging of message filter runs and actions bug 697522.
* Check that we got a non-null header before running a filter on it (and
crashing) bug 1563959.
* With CONDSTORE, eliminate unneeded flag fetches at startup bug 1428097.
* Fix so custom tags (keywords) are visible to all users bug 583677.
* Improve handling of tags on shared folders bug 1596371.
* Allow setting/resetting junk marking by user for yahoo/aol to stick
bug 1260059.
* Don't check subject if spellchecker is not ready bug 1069787.
* Grammar issues in mailnews_account_settings.xhtml bug 1793291.
* Remove use of nsIMemory bug 1792578.
* Replace obsolete GetStringBundleService call in SeaMonkey bug 1794400.
* SeaMonkey crashes on MacOS Ventura 13.0 bug 1797696.
* Continue the switch from Python 2 to Python 3 in the build system.
* Added support for clang 15 and macOS SDK 11.3.
* Verified compatibility with Rust 1.65.
* SeaMonkey 2.53.15 uses the same backend as Firefox and contains the
relevant Firefox 60.8 security fixes.
* SeaMonkey 2.53.15 shares most parts of the mail and news code with
Thunderbird. Please read the Thunderbird 60.8.0 release notes for
specific security fixes in this release.
* Additional important security fixes up to Current Firefox 102.6 and
Thunderbird 102.5 ESR plus many enhancements have been backported. We
will continue to enhance SeaMonkey security in subsequent 2.53.x beta
and release versions as fast as we are able to.
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Backports SLE-15-SP5:
zypper in -t patch openSUSE-2023-278=1
Package List:
- openSUSE Backports SLE-15-SP5 (aarch64 x86_64):
seamonkey-2.53.17.1-bp155.2.3.1
seamonkey-dom-inspector-2.53.17.1-bp155.2.3.1
seamonkey-irc-2.53.17.1-bp155.2.3.1
References:
https://www.suse.com/security/cve/CVE-2023-4863.html
https://bugzilla.suse.com/1207332
https://bugzilla.suse.com/1209994
https://bugzilla.suse.com/1213986
1
0
SUSE-SU-2023:3933-1: important: Security update for python
by security@lists.opensuse.org 02 Oct '23
by security@lists.opensuse.org 02 Oct '23
02 Oct '23
# Security update for python
Announcement ID: SUSE-SU-2023:3933-1
Rating: important
References:
* #1214692
Cross-References:
* CVE-2023-40217
CVSS scores:
* CVE-2023-40217 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
* CVE-2023-40217 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Affected Products:
* openSUSE Leap 15.4
* openSUSE Leap 15.5
* SUSE CaaS Platform 4.0
* SUSE Enterprise Storage 7.1
* SUSE Linux Enterprise Desktop 15 SP4
* SUSE Linux Enterprise Desktop 15 SP5
* SUSE Linux Enterprise High Performance Computing 15 SP1
* SUSE Linux Enterprise High Performance Computing 15 SP1 LTSS 15-SP1
* SUSE Linux Enterprise High Performance Computing 15 SP2
* SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2
* SUSE Linux Enterprise High Performance Computing 15 SP3
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP3
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
* SUSE Linux Enterprise Micro 5.3
* SUSE Linux Enterprise Micro 5.4
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Real Time 15 SP4
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Server 15 SP1
* SUSE Linux Enterprise Server 15 SP1 LTSS 15-SP1
* SUSE Linux Enterprise Server 15 SP2
* SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2
* SUSE Linux Enterprise Server 15 SP3
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP1
* SUSE Linux Enterprise Server for SAP Applications 15 SP2
* SUSE Linux Enterprise Server for SAP Applications 15 SP3
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Manager Proxy 4.2
* SUSE Manager Proxy 4.3
* SUSE Manager Retail Branch Server 4.2
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Server 4.2
* SUSE Manager Server 4.3
* SUSE Package Hub 15 15-SP4
* SUSE Package Hub 15 15-SP5
An update that solves one vulnerability can now be installed.
## Description:
This update for python fixes the following issues:
* CVE-2023-40217: Fixed TLS handshake bypass on closed sockets (bsc#1214692).
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.4
zypper in -t patch openSUSE-SLE-15.4-2023-3933=1
* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2023-3933=1
* SUSE Package Hub 15 15-SP4
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP4-2023-3933=1
* SUSE Package Hub 15 15-SP5
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2023-3933=1
* SUSE Linux Enterprise High Performance Computing 15 SP1 LTSS 15-SP1
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-LTSS-2023-3933=1
* SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2023-3933=1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP3
zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-ESPOS-2023-3933=1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2023-3933=1
* SUSE Linux Enterprise Server 15 SP1 LTSS 15-SP1
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2023-3933=1
* SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2023-3933=1
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3
zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2023-3933=1
* SUSE Linux Enterprise Server for SAP Applications 15 SP1
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2023-3933=1
* SUSE Linux Enterprise Server for SAP Applications 15 SP2
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2023-3933=1
* SUSE Linux Enterprise Server for SAP Applications 15 SP3
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2023-3933=1
* SUSE Manager Proxy 4.2
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.2-2023-3933=1
* SUSE Manager Retail Branch Server 4.2
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.2-2023-3933=1
* SUSE Manager Server 4.2
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.2-2023-3933=1
* SUSE Enterprise Storage 7.1
zypper in -t patch SUSE-Storage-7.1-2023-3933=1
* SUSE CaaS Platform 4.0
To install this update, use the SUSE CaaS Platform 'skuba' tool. It will inform
you if it detects new updates and let you then trigger updating of the complete
cluster in a controlled way.
## Package List:
* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64)
* python-base-2.7.18-150000.54.1
* python-debugsource-2.7.18-150000.54.1
* python-devel-2.7.18-150000.54.1
* libpython2_7-1_0-debuginfo-2.7.18-150000.54.1
* python-curses-debuginfo-2.7.18-150000.54.1
* python-2.7.18-150000.54.1
* libpython2_7-1_0-2.7.18-150000.54.1
* python-base-debuginfo-2.7.18-150000.54.1
* python-curses-2.7.18-150000.54.1
* python-idle-2.7.18-150000.54.1
* python-demo-2.7.18-150000.54.1
* python-gdbm-debuginfo-2.7.18-150000.54.1
* python-debuginfo-2.7.18-150000.54.1
* python-xml-2.7.18-150000.54.1
* python-tk-debuginfo-2.7.18-150000.54.1
* python-xml-debuginfo-2.7.18-150000.54.1
* python-base-debugsource-2.7.18-150000.54.1
* python-gdbm-2.7.18-150000.54.1
* python-tk-2.7.18-150000.54.1
* openSUSE Leap 15.4 (x86_64)
* python-32bit-debuginfo-2.7.18-150000.54.1
* python-base-32bit-debuginfo-2.7.18-150000.54.1
* libpython2_7-1_0-32bit-debuginfo-2.7.18-150000.54.1
* libpython2_7-1_0-32bit-2.7.18-150000.54.1
* python-base-32bit-2.7.18-150000.54.1
* python-32bit-2.7.18-150000.54.1
* openSUSE Leap 15.4 (noarch)
* python-doc-2.7.18-150000.54.1
* python-doc-pdf-2.7.18-150000.54.1
* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64)
* python-base-2.7.18-150000.54.1
* python-debugsource-2.7.18-150000.54.1
* python-devel-2.7.18-150000.54.1
* libpython2_7-1_0-debuginfo-2.7.18-150000.54.1
* python-curses-debuginfo-2.7.18-150000.54.1
* python-2.7.18-150000.54.1
* libpython2_7-1_0-2.7.18-150000.54.1
* python-base-debuginfo-2.7.18-150000.54.1
* python-curses-2.7.18-150000.54.1
* python-idle-2.7.18-150000.54.1
* python-demo-2.7.18-150000.54.1
* python-gdbm-debuginfo-2.7.18-150000.54.1
* python-debuginfo-2.7.18-150000.54.1
* python-xml-2.7.18-150000.54.1
* python-tk-debuginfo-2.7.18-150000.54.1
* python-xml-debuginfo-2.7.18-150000.54.1
* python-base-debugsource-2.7.18-150000.54.1
* python-gdbm-2.7.18-150000.54.1
* python-tk-2.7.18-150000.54.1
* openSUSE Leap 15.5 (x86_64)
* python-32bit-debuginfo-2.7.18-150000.54.1
* python-base-32bit-debuginfo-2.7.18-150000.54.1
* libpython2_7-1_0-32bit-debuginfo-2.7.18-150000.54.1
* libpython2_7-1_0-32bit-2.7.18-150000.54.1
* python-base-32bit-2.7.18-150000.54.1
* python-32bit-2.7.18-150000.54.1
* openSUSE Leap 15.5 (noarch)
* python-doc-2.7.18-150000.54.1
* python-doc-pdf-2.7.18-150000.54.1
* SUSE Package Hub 15 15-SP4 (aarch64 ppc64le s390x x86_64)
* python-base-debuginfo-2.7.18-150000.54.1
* python-base-debugsource-2.7.18-150000.54.1
* python-devel-2.7.18-150000.54.1
* SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x x86_64)
* python-base-2.7.18-150000.54.1
* python-debugsource-2.7.18-150000.54.1
* python-devel-2.7.18-150000.54.1
* libpython2_7-1_0-debuginfo-2.7.18-150000.54.1
* python-curses-debuginfo-2.7.18-150000.54.1
* python-2.7.18-150000.54.1
* libpython2_7-1_0-2.7.18-150000.54.1
* python-base-debuginfo-2.7.18-150000.54.1
* python-curses-2.7.18-150000.54.1
* python-xml-debuginfo-2.7.18-150000.54.1
* python-gdbm-debuginfo-2.7.18-150000.54.1
* python-debuginfo-2.7.18-150000.54.1
* python-base-debugsource-2.7.18-150000.54.1
* python-gdbm-2.7.18-150000.54.1
* python-xml-2.7.18-150000.54.1
* SUSE Linux Enterprise High Performance Computing 15 SP1 LTSS 15-SP1 (aarch64
x86_64)
* python-base-2.7.18-150000.54.1
* python-debugsource-2.7.18-150000.54.1
* python-devel-2.7.18-150000.54.1
* libpython2_7-1_0-debuginfo-2.7.18-150000.54.1
* python-curses-debuginfo-2.7.18-150000.54.1
* python-2.7.18-150000.54.1
* libpython2_7-1_0-2.7.18-150000.54.1
* python-base-debuginfo-2.7.18-150000.54.1
* python-curses-2.7.18-150000.54.1
* python-xml-2.7.18-150000.54.1
* python-xml-debuginfo-2.7.18-150000.54.1
* python-gdbm-debuginfo-2.7.18-150000.54.1
* python-debuginfo-2.7.18-150000.54.1
* python-tk-debuginfo-2.7.18-150000.54.1
* python-base-debugsource-2.7.18-150000.54.1
* python-gdbm-2.7.18-150000.54.1
* python-tk-2.7.18-150000.54.1
* SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64
x86_64)
* python-base-2.7.18-150000.54.1
* python-debugsource-2.7.18-150000.54.1
* python-devel-2.7.18-150000.54.1
* libpython2_7-1_0-debuginfo-2.7.18-150000.54.1
* python-curses-debuginfo-2.7.18-150000.54.1
* python-2.7.18-150000.54.1
* libpython2_7-1_0-2.7.18-150000.54.1
* python-base-debuginfo-2.7.18-150000.54.1
* python-curses-2.7.18-150000.54.1
* python-xml-2.7.18-150000.54.1
* python-xml-debuginfo-2.7.18-150000.54.1
* python-gdbm-debuginfo-2.7.18-150000.54.1
* python-debuginfo-2.7.18-150000.54.1
* python-tk-debuginfo-2.7.18-150000.54.1
* python-base-debugsource-2.7.18-150000.54.1
* python-gdbm-2.7.18-150000.54.1
* python-tk-2.7.18-150000.54.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP3 (aarch64
x86_64)
* python-base-2.7.18-150000.54.1
* python-debugsource-2.7.18-150000.54.1
* python-devel-2.7.18-150000.54.1
* libpython2_7-1_0-debuginfo-2.7.18-150000.54.1
* python-2.7.18-150000.54.1
* libpython2_7-1_0-2.7.18-150000.54.1
* python-base-debuginfo-2.7.18-150000.54.1
* python-xml-2.7.18-150000.54.1
* python-xml-debuginfo-2.7.18-150000.54.1
* python-debuginfo-2.7.18-150000.54.1
* python-tk-debuginfo-2.7.18-150000.54.1
* python-base-debugsource-2.7.18-150000.54.1
* python-tk-2.7.18-150000.54.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
x86_64)
* python-base-2.7.18-150000.54.1
* python-debugsource-2.7.18-150000.54.1
* python-devel-2.7.18-150000.54.1
* libpython2_7-1_0-debuginfo-2.7.18-150000.54.1
* python-2.7.18-150000.54.1
* libpython2_7-1_0-2.7.18-150000.54.1
* python-base-debuginfo-2.7.18-150000.54.1
* python-xml-2.7.18-150000.54.1
* python-xml-debuginfo-2.7.18-150000.54.1
* python-debuginfo-2.7.18-150000.54.1
* python-tk-debuginfo-2.7.18-150000.54.1
* python-base-debugsource-2.7.18-150000.54.1
* python-tk-2.7.18-150000.54.1
* SUSE Linux Enterprise Server 15 SP1 LTSS 15-SP1 (aarch64 ppc64le s390x
x86_64)
* python-base-2.7.18-150000.54.1
* python-debugsource-2.7.18-150000.54.1
* python-devel-2.7.18-150000.54.1
* libpython2_7-1_0-debuginfo-2.7.18-150000.54.1
* python-curses-debuginfo-2.7.18-150000.54.1
* python-2.7.18-150000.54.1
* libpython2_7-1_0-2.7.18-150000.54.1
* python-base-debuginfo-2.7.18-150000.54.1
* python-curses-2.7.18-150000.54.1
* python-xml-2.7.18-150000.54.1
* python-xml-debuginfo-2.7.18-150000.54.1
* python-gdbm-debuginfo-2.7.18-150000.54.1
* python-debuginfo-2.7.18-150000.54.1
* python-tk-debuginfo-2.7.18-150000.54.1
* python-base-debugsource-2.7.18-150000.54.1
* python-gdbm-2.7.18-150000.54.1
* python-tk-2.7.18-150000.54.1
* SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x
x86_64)
* python-base-2.7.18-150000.54.1
* python-debugsource-2.7.18-150000.54.1
* python-devel-2.7.18-150000.54.1
* libpython2_7-1_0-debuginfo-2.7.18-150000.54.1
* python-curses-debuginfo-2.7.18-150000.54.1
* python-2.7.18-150000.54.1
* libpython2_7-1_0-2.7.18-150000.54.1
* python-base-debuginfo-2.7.18-150000.54.1
* python-curses-2.7.18-150000.54.1
* python-xml-2.7.18-150000.54.1
* python-xml-debuginfo-2.7.18-150000.54.1
* python-gdbm-debuginfo-2.7.18-150000.54.1
* python-debuginfo-2.7.18-150000.54.1
* python-tk-debuginfo-2.7.18-150000.54.1
* python-base-debugsource-2.7.18-150000.54.1
* python-gdbm-2.7.18-150000.54.1
* python-tk-2.7.18-150000.54.1
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x
x86_64)
* python-base-2.7.18-150000.54.1
* python-debugsource-2.7.18-150000.54.1
* python-devel-2.7.18-150000.54.1
* libpython2_7-1_0-debuginfo-2.7.18-150000.54.1
* python-2.7.18-150000.54.1
* libpython2_7-1_0-2.7.18-150000.54.1
* python-base-debuginfo-2.7.18-150000.54.1
* python-xml-2.7.18-150000.54.1
* python-xml-debuginfo-2.7.18-150000.54.1
* python-debuginfo-2.7.18-150000.54.1
* python-tk-debuginfo-2.7.18-150000.54.1
* python-base-debugsource-2.7.18-150000.54.1
* python-tk-2.7.18-150000.54.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP1 (ppc64le x86_64)
* python-base-2.7.18-150000.54.1
* python-debugsource-2.7.18-150000.54.1
* python-devel-2.7.18-150000.54.1
* libpython2_7-1_0-debuginfo-2.7.18-150000.54.1
* python-curses-debuginfo-2.7.18-150000.54.1
* python-2.7.18-150000.54.1
* libpython2_7-1_0-2.7.18-150000.54.1
* python-base-debuginfo-2.7.18-150000.54.1
* python-curses-2.7.18-150000.54.1
* python-xml-2.7.18-150000.54.1
* python-xml-debuginfo-2.7.18-150000.54.1
* python-gdbm-debuginfo-2.7.18-150000.54.1
* python-debuginfo-2.7.18-150000.54.1
* python-tk-debuginfo-2.7.18-150000.54.1
* python-base-debugsource-2.7.18-150000.54.1
* python-gdbm-2.7.18-150000.54.1
* python-tk-2.7.18-150000.54.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64)
* python-base-2.7.18-150000.54.1
* python-debugsource-2.7.18-150000.54.1
* python-devel-2.7.18-150000.54.1
* libpython2_7-1_0-debuginfo-2.7.18-150000.54.1
* python-curses-debuginfo-2.7.18-150000.54.1
* python-2.7.18-150000.54.1
* libpython2_7-1_0-2.7.18-150000.54.1
* python-base-debuginfo-2.7.18-150000.54.1
* python-curses-2.7.18-150000.54.1
* python-xml-2.7.18-150000.54.1
* python-xml-debuginfo-2.7.18-150000.54.1
* python-gdbm-debuginfo-2.7.18-150000.54.1
* python-debuginfo-2.7.18-150000.54.1
* python-tk-debuginfo-2.7.18-150000.54.1
* python-base-debugsource-2.7.18-150000.54.1
* python-gdbm-2.7.18-150000.54.1
* python-tk-2.7.18-150000.54.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
* python-base-2.7.18-150000.54.1
* python-debugsource-2.7.18-150000.54.1
* python-devel-2.7.18-150000.54.1
* libpython2_7-1_0-debuginfo-2.7.18-150000.54.1
* python-2.7.18-150000.54.1
* libpython2_7-1_0-2.7.18-150000.54.1
* python-base-debuginfo-2.7.18-150000.54.1
* python-xml-2.7.18-150000.54.1
* python-xml-debuginfo-2.7.18-150000.54.1
* python-debuginfo-2.7.18-150000.54.1
* python-tk-debuginfo-2.7.18-150000.54.1
* python-base-debugsource-2.7.18-150000.54.1
* python-tk-2.7.18-150000.54.1
* SUSE Manager Proxy 4.2 (x86_64)
* python-base-2.7.18-150000.54.1
* python-debugsource-2.7.18-150000.54.1
* libpython2_7-1_0-debuginfo-2.7.18-150000.54.1
* python-2.7.18-150000.54.1
* libpython2_7-1_0-2.7.18-150000.54.1
* python-base-debuginfo-2.7.18-150000.54.1
* python-debuginfo-2.7.18-150000.54.1
* python-base-debugsource-2.7.18-150000.54.1
* SUSE Manager Retail Branch Server 4.2 (x86_64)
* python-base-2.7.18-150000.54.1
* python-debugsource-2.7.18-150000.54.1
* libpython2_7-1_0-debuginfo-2.7.18-150000.54.1
* python-2.7.18-150000.54.1
* libpython2_7-1_0-2.7.18-150000.54.1
* python-base-debuginfo-2.7.18-150000.54.1
* python-debuginfo-2.7.18-150000.54.1
* python-base-debugsource-2.7.18-150000.54.1
* SUSE Manager Server 4.2 (ppc64le s390x x86_64)
* python-base-2.7.18-150000.54.1
* python-debugsource-2.7.18-150000.54.1
* python-devel-2.7.18-150000.54.1
* libpython2_7-1_0-debuginfo-2.7.18-150000.54.1
* python-curses-debuginfo-2.7.18-150000.54.1
* python-2.7.18-150000.54.1
* libpython2_7-1_0-2.7.18-150000.54.1
* python-base-debuginfo-2.7.18-150000.54.1
* python-curses-2.7.18-150000.54.1
* python-xml-debuginfo-2.7.18-150000.54.1
* python-gdbm-debuginfo-2.7.18-150000.54.1
* python-debuginfo-2.7.18-150000.54.1
* python-base-debugsource-2.7.18-150000.54.1
* python-gdbm-2.7.18-150000.54.1
* python-xml-2.7.18-150000.54.1
* SUSE Enterprise Storage 7.1 (aarch64 x86_64)
* python-base-2.7.18-150000.54.1
* python-debugsource-2.7.18-150000.54.1
* python-devel-2.7.18-150000.54.1
* libpython2_7-1_0-debuginfo-2.7.18-150000.54.1
* python-2.7.18-150000.54.1
* libpython2_7-1_0-2.7.18-150000.54.1
* python-base-debuginfo-2.7.18-150000.54.1
* python-xml-2.7.18-150000.54.1
* python-xml-debuginfo-2.7.18-150000.54.1
* python-debuginfo-2.7.18-150000.54.1
* python-tk-debuginfo-2.7.18-150000.54.1
* python-base-debugsource-2.7.18-150000.54.1
* python-tk-2.7.18-150000.54.1
* SUSE CaaS Platform 4.0 (x86_64)
* python-base-2.7.18-150000.54.1
* python-debugsource-2.7.18-150000.54.1
* python-devel-2.7.18-150000.54.1
* libpython2_7-1_0-debuginfo-2.7.18-150000.54.1
* python-curses-debuginfo-2.7.18-150000.54.1
* python-2.7.18-150000.54.1
* libpython2_7-1_0-2.7.18-150000.54.1
* python-base-debuginfo-2.7.18-150000.54.1
* python-curses-2.7.18-150000.54.1
* python-xml-2.7.18-150000.54.1
* python-xml-debuginfo-2.7.18-150000.54.1
* python-gdbm-debuginfo-2.7.18-150000.54.1
* python-debuginfo-2.7.18-150000.54.1
* python-tk-debuginfo-2.7.18-150000.54.1
* python-base-debugsource-2.7.18-150000.54.1
* python-gdbm-2.7.18-150000.54.1
* python-tk-2.7.18-150000.54.1
## References:
* https://www.suse.com/security/cve/CVE-2023-40217.html
* https://bugzilla.suse.com/show_bug.cgi?id=1214692
1
0