openSUSE Security Announce
Threads by month
- ----- 2024 -----
- June
- May
- April
- March
- February
- January
- ----- 2023 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2022 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2021 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2020 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2019 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2018 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2017 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2016 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2015 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2014 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2013 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2012 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2011 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2010 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2009 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2008 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2007 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2006 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2005 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2004 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2003 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2002 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2001 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2000 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1999 -----
- December
- November
- October
- September
- August
February 2023
- 1 participants
- 67 discussions
openSUSE-SU-2023:0062-1: moderate: Security update for python-Django
by opensuse-security@opensuse.org 28 Feb '23
by opensuse-security@opensuse.org 28 Feb '23
28 Feb '23
openSUSE Security Update: Security update for python-Django
______________________________________________________________________________
Announcement ID: openSUSE-SU-2023:0062-1
Rating: moderate
References:
Affected Products:
openSUSE Backports SLE-15-SP4
______________________________________________________________________________
An update that contains security fixes can now be installed.
Description:
python-Django was updated to fix a security issues:
- CVE-2023-24580: prevent DOS in file uploads (bsc#1208082)
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Backports SLE-15-SP4:
zypper in -t patch openSUSE-2023-62=1
Package List:
- openSUSE Backports SLE-15-SP4 (noarch):
python3-Django-2.2.28-bp154.2.9.1
References:
1
0
openSUSE-SU-2023:0061-1: important: Security update for chromium
by opensuse-security@opensuse.org 27 Feb '23
by opensuse-security@opensuse.org 27 Feb '23
27 Feb '23
openSUSE Security Update: Security update for chromium
______________________________________________________________________________
Announcement ID: openSUSE-SU-2023:0061-1
Rating: important
References: #1208589
Cross-References: CVE-2023-0927 CVE-2023-0928 CVE-2023-0929
CVE-2023-0930 CVE-2023-0931 CVE-2023-0932
CVE-2023-0933 CVE-2023-0941
Affected Products:
openSUSE Backports SLE-15-SP4
______________________________________________________________________________
An update that fixes 8 vulnerabilities is now available.
Description:
This update for chromium fixes the following issues:
Chromium 110.0.5481.177 (boo#1208589)
* CVE-2023-0927: Use after free in Web Payments API
* CVE-2023-0928: Use after free in SwiftShader
* CVE-2023-0929: Use after free in Vulkan
* CVE-2023-0930: Heap buffer overflow in Video
* CVE-2023-0931: Use after free in Video
* CVE-2023-0932: Use after free in WebRTC
* CVE-2023-0933: Integer overflow in PDF
* CVE-2023-0941: Use after free in Prompts
* Various fixes from internal audits, fuzzing and other initiatives
Chromium 110.0.5481.100
* fix regression on SAP Business Objects web UI
* fix date formatting behavior change from ICU 72
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Backports SLE-15-SP4:
zypper in -t patch openSUSE-2023-61=1
Package List:
- openSUSE Backports SLE-15-SP4 (aarch64 x86_64):
chromedriver-110.0.5481.177-bp154.2.70.1
chromium-110.0.5481.177-bp154.2.70.1
References:
https://www.suse.com/security/cve/CVE-2023-0927.html
https://www.suse.com/security/cve/CVE-2023-0928.html
https://www.suse.com/security/cve/CVE-2023-0929.html
https://www.suse.com/security/cve/CVE-2023-0930.html
https://www.suse.com/security/cve/CVE-2023-0931.html
https://www.suse.com/security/cve/CVE-2023-0932.html
https://www.suse.com/security/cve/CVE-2023-0933.html
https://www.suse.com/security/cve/CVE-2023-0941.html
https://bugzilla.suse.com/1208589
1
0
openSUSE-SU-2023:0058-1: moderate: Security update for phpMyAdmin
by opensuse-security@opensuse.org 22 Feb '23
by opensuse-security@opensuse.org 22 Feb '23
22 Feb '23
openSUSE Security Update: Security update for phpMyAdmin
______________________________________________________________________________
Announcement ID: openSUSE-SU-2023:0058-1
Rating: moderate
References: #1208186
Cross-References: CVE-2023-25727
Affected Products:
SUSE Linux Enterprise High Performance Computing 12
SUSE Linux Enterprise Server 12
SUSE Linux Enterprise Server 12-SP3
SUSE Linux Enterprise Server 12-SP4
SUSE Linux Enterprise Server 12-SP5
SUSE Linux Enterprise Server for SAP Applications 12
SUSE Linux Enterprise Server for SAP Applications 12-SP3
SUSE Linux Enterprise Server for SAP Applications 12-SP4
SUSE Linux Enterprise Server for SAP Applications 12-SP5
SUSE Package Hub for SUSE Linux Enterprise 12
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for phpMyAdmin fixes the following issues:
Update to 4.9.11:
* Fix an XSS attack through the drag-and-drop upload feature
(PMASA-2023-01, CWE-661, boo#1208186, CVE-2023-25727)
* Fix broken pagination links in the navigation sidebar
* Fix syntax error for PHP 5
* Fix hide_connection_errors being undefined when a controluser is set
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- SUSE Package Hub for SUSE Linux Enterprise 12:
zypper in -t patch openSUSE-2023-58=1
Package List:
- SUSE Package Hub for SUSE Linux Enterprise 12 (noarch):
phpMyAdmin-4.9.11-58.1
References:
https://www.suse.com/security/cve/CVE-2023-25727.html
https://bugzilla.suse.com/1208186
1
0
openSUSE-SU-2023:0057-1: moderate: Security update for python-Django
by opensuse-security@opensuse.org 21 Feb '23
by opensuse-security@opensuse.org 21 Feb '23
21 Feb '23
openSUSE Security Update: Security update for python-Django
______________________________________________________________________________
Announcement ID: openSUSE-SU-2023:0057-1
Rating: moderate
References: #1203793 #1207565
Cross-References: CVE-2022-41323 CVE-2023-23969
CVSS scores:
CVE-2022-41323 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2023-23969 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2023-23969 (SUSE): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Affected Products:
openSUSE Backports SLE-15-SP4
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for python-Django fixes the following issues:
- CVE-2023-23969: Fixed potential denial-of-service via Accept-Language
headers (boo#1207565)
- CVE-2022-41323: Fixed potential denial-of-service vulnerability in
internationalized URLs (boo#1203793)
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Backports SLE-15-SP4:
zypper in -t patch openSUSE-2023-57=1
Package List:
- openSUSE Backports SLE-15-SP4 (noarch):
python3-Django-2.2.28-bp154.2.6.1
References:
https://www.suse.com/security/cve/CVE-2022-41323.html
https://www.suse.com/security/cve/CVE-2023-23969.html
https://bugzilla.suse.com/1203793
https://bugzilla.suse.com/1207565
1
0
SUSE-SU-2023:0465-1: important: Security update for prometheus-ha_cluster_exporter
by opensuse-security@opensuse.org 21 Feb '23
by opensuse-security@opensuse.org 21 Feb '23
21 Feb '23
SUSE Security Update: Security update for prometheus-ha_cluster_exporter
______________________________________________________________________________
Announcement ID: SUSE-SU-2023:0465-1
Rating: important
References: #1208046 #1208047
Cross-References: CVE-2022-46146
CVSS scores:
CVE-2022-46146 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-46146 (SUSE): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products:
SUSE Linux Enterprise Module for SAP Applications 15-SP2
SUSE Linux Enterprise Module for SAP Applications 15-SP3
SUSE Linux Enterprise Module for SAP Applications 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP2
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
openSUSE Leap 15.4
______________________________________________________________________________
An update that solves one vulnerability and has one errata
is now available.
Description:
This update for prometheus-ha_cluster_exporter fixes the following issues:
Updated to version 1.3.1:
- CVE-2022-46146: Fixed authentication bypass via cache poisoning in
prometheus/exporter-toolkit (bsc#1208046, bsc#1208047).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2023-465=1
- SUSE Linux Enterprise Module for SAP Applications 15-SP4:
zypper in -t patch SUSE-SLE-Module-SAP-Applications-15-SP4-2023-465=1
- SUSE Linux Enterprise Module for SAP Applications 15-SP3:
zypper in -t patch SUSE-SLE-Module-SAP-Applications-15-SP3-2023-465=1
- SUSE Linux Enterprise Module for SAP Applications 15-SP2:
zypper in -t patch SUSE-SLE-Module-SAP-Applications-15-SP2-2023-465=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
prometheus-ha_cluster_exporter-1.3.1+git.1676027782.ad3c0e9-150200.3.21.1
- SUSE Linux Enterprise Module for SAP Applications 15-SP4 (aarch64 ppc64le s390x x86_64):
prometheus-ha_cluster_exporter-1.3.1+git.1676027782.ad3c0e9-150200.3.21.1
- SUSE Linux Enterprise Module for SAP Applications 15-SP3 (aarch64 ppc64le s390x x86_64):
prometheus-ha_cluster_exporter-1.3.1+git.1676027782.ad3c0e9-150200.3.21.1
- SUSE Linux Enterprise Module for SAP Applications 15-SP2 (aarch64 ppc64le s390x x86_64):
prometheus-ha_cluster_exporter-1.3.1+git.1676027782.ad3c0e9-150200.3.21.1
References:
https://www.suse.com/security/cve/CVE-2022-46146.html
https://bugzilla.suse.com/1208046
https://bugzilla.suse.com/1208047
1
0
openSUSE-SU-2023:0054-1: moderate: Security update for jhead
by opensuse-security@opensuse.org 20 Feb '23
by opensuse-security@opensuse.org 20 Feb '23
20 Feb '23
openSUSE Security Update: Security update for jhead
______________________________________________________________________________
Announcement ID: openSUSE-SU-2023:0054-1
Rating: moderate
References: #1207150
Cross-References: CVE-2022-41751
CVSS scores:
CVE-2022-41751 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected Products:
openSUSE Backports SLE-15-SP4
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for jhead fixes the following issues:
- Fixed autorotation problem caused by CVE-2022-41751 patch. [boo#1207150]
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Backports SLE-15-SP4:
zypper in -t patch openSUSE-2023-54=1
Package List:
- openSUSE Backports SLE-15-SP4 (aarch64 i586 ppc64le s390x x86_64):
jhead-3.06.0.1-bp154.2.9.1
References:
https://www.suse.com/security/cve/CVE-2022-41751.html
https://bugzilla.suse.com/1207150
1
0
20 Feb '23
SUSE Security Update: Security update for tar
______________________________________________________________________________
Announcement ID: SUSE-SU-2023:0463-1
Rating: moderate
References: #1202436 #1207753
Cross-References: CVE-2022-48303
CVSS scores:
CVE-2022-48303 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-48303 (SUSE): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Affected Products:
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Micro 5.1
SUSE Linux Enterprise Micro 5.2
SUSE Linux Enterprise Micro 5.3
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Realtime Extension 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.3
openSUSE Leap 15.4
openSUSE Leap Micro 5.2
openSUSE Leap Micro 5.3
______________________________________________________________________________
An update that solves one vulnerability and has one errata
is now available.
Description:
This update for tar fixes the following issues:
- CVE-2022-48303: Fixed a one-byte out-of-bounds read that resulted in use
of uninitialized memory for a conditional jump (bsc#1207753).
Bug fixes:
- Fix hang when unpacking test tarball (bsc#1202436).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap Micro 5.3:
zypper in -t patch openSUSE-Leap-Micro-5.3-2023-463=1
- openSUSE Leap Micro 5.2:
zypper in -t patch openSUSE-Leap-Micro-5.2-2023-463=1
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2023-463=1
- SUSE Linux Enterprise Realtime Extension 15-SP3:
zypper in -t patch SUSE-SLE-Product-RT-15-SP3-2023-463=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2023-463=1
- SUSE Linux Enterprise Micro 5.3:
zypper in -t patch SUSE-SLE-Micro-5.3-2023-463=1
- SUSE Linux Enterprise Micro 5.2:
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2023-463=1
- SUSE Linux Enterprise Micro 5.1:
zypper in -t patch SUSE-SUSE-MicroOS-5.1-2023-463=1
Package List:
- openSUSE Leap Micro 5.3 (aarch64 x86_64):
tar-1.34-150000.3.31.1
tar-debuginfo-1.34-150000.3.31.1
tar-debugsource-1.34-150000.3.31.1
- openSUSE Leap Micro 5.2 (aarch64 x86_64):
tar-1.34-150000.3.31.1
tar-debuginfo-1.34-150000.3.31.1
tar-debugsource-1.34-150000.3.31.1
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
tar-1.34-150000.3.31.1
tar-debuginfo-1.34-150000.3.31.1
tar-debugsource-1.34-150000.3.31.1
tar-rmt-1.34-150000.3.31.1
tar-rmt-debuginfo-1.34-150000.3.31.1
tar-tests-1.34-150000.3.31.1
tar-tests-debuginfo-1.34-150000.3.31.1
- openSUSE Leap 15.4 (noarch):
tar-backup-scripts-1.34-150000.3.31.1
tar-doc-1.34-150000.3.31.1
tar-lang-1.34-150000.3.31.1
- SUSE Linux Enterprise Realtime Extension 15-SP3 (noarch):
tar-lang-1.34-150000.3.31.1
- SUSE Linux Enterprise Realtime Extension 15-SP3 (x86_64):
tar-1.34-150000.3.31.1
tar-debuginfo-1.34-150000.3.31.1
tar-debugsource-1.34-150000.3.31.1
tar-rmt-1.34-150000.3.31.1
tar-rmt-debuginfo-1.34-150000.3.31.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64 ppc64le s390x x86_64):
tar-1.34-150000.3.31.1
tar-debuginfo-1.34-150000.3.31.1
tar-debugsource-1.34-150000.3.31.1
tar-rmt-1.34-150000.3.31.1
tar-rmt-debuginfo-1.34-150000.3.31.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (noarch):
tar-lang-1.34-150000.3.31.1
- SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64):
tar-1.34-150000.3.31.1
tar-debuginfo-1.34-150000.3.31.1
tar-debugsource-1.34-150000.3.31.1
- SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64):
tar-1.34-150000.3.31.1
tar-debuginfo-1.34-150000.3.31.1
tar-debugsource-1.34-150000.3.31.1
- SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64):
tar-1.34-150000.3.31.1
tar-debuginfo-1.34-150000.3.31.1
tar-debugsource-1.34-150000.3.31.1
References:
https://www.suse.com/security/cve/CVE-2022-48303.html
https://bugzilla.suse.com/1202436
https://bugzilla.suse.com/1207753
1
0
SUSE-SU-2023:0461-1: important: Security update for MozillaFirefox
by opensuse-security@opensuse.org 20 Feb '23
by opensuse-security@opensuse.org 20 Feb '23
20 Feb '23
SUSE Security Update: Security update for MozillaFirefox
______________________________________________________________________________
Announcement ID: SUSE-SU-2023:0461-1
Rating: important
References: #1208138 #1208144
Cross-References: CVE-2023-0767 CVE-2023-25728 CVE-2023-25729
CVE-2023-25730 CVE-2023-25732 CVE-2023-25734
CVE-2023-25735 CVE-2023-25737 CVE-2023-25738
CVE-2023-25739 CVE-2023-25742 CVE-2023-25743
CVE-2023-25744 CVE-2023-25746
CVSS scores:
CVE-2023-0767 (SUSE): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products:
SUSE Enterprise Storage 7
SUSE Enterprise Storage 7.1
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP3-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP3-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Desktop Applications 15-SP4
SUSE Linux Enterprise Realtime Extension 15-SP3
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server 15-SP3-LTSS
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes 14 vulnerabilities is now available.
Description:
This update for MozillaFirefox fixes the following issues:
Updated to version 102.8.0 ESR (bsc#1208144):
- CVE-2023-25728: Fixed content security policy leak in violation
reports using iframes.
- CVE-2023-25730: Fixed screen hijack via browser fullscreen mode.
- CVE-2023-25743: Fixed Fullscreen notification not being shown in
Firefox Focus.
- CVE-2023-0767: Fixed arbitrary memory write via PKCS 12 in NSS.
- CVE-2023-25735: Fixed potential use-after-free from compartment
mismatch in SpiderMonkey.
- CVE-2023-25737: Fixed invalid downcast in
SVGUtils::SetupStrokeGeometry.
- CVE-2023-25738: Fixed printing on Windows which could potentially
crash Firefox with some device drivers.
- CVE-2023-25739: Fixed use-after-free in
mozilla::dom::ScriptLoadContext::~ScriptLoadContext.
- CVE-2023-25729: Fixed extensions opening external schemes without user
knowledge.
- CVE-2023-25732: Fixed out of bounds memory write from
EncodeInputStream.
- CVE-2023-25734: Fixed opening local .url files that causes unexpected
network loads.
- CVE-2023-25742: Fixed tab crash by Web Crypto ImportKey.
- CVE-2023-25744: Fixed Memory safety bugs.
- CVE-2023-25746: Fixed Memory safety bugs.
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2023-461=1
- SUSE Linux Enterprise Server for SAP 15-SP3:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2023-461=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2023-461=1
- SUSE Linux Enterprise Server 15-SP3-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2023-461=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2023-461=1
- SUSE Linux Enterprise Realtime Extension 15-SP3:
zypper in -t patch SUSE-SLE-Product-RT-15-SP3-2023-461=1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP4:
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP4-2023-461=1
- SUSE Linux Enterprise High Performance Computing 15-SP3-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2023-461=1
- SUSE Linux Enterprise High Performance Computing 15-SP3-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-ESPOS-2023-461=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2023-461=1
- SUSE Enterprise Storage 7.1:
zypper in -t patch SUSE-Storage-7.1-2023-461=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2023-461=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
MozillaFirefox-102.8.0-150200.152.78.1
MozillaFirefox-branding-upstream-102.8.0-150200.152.78.1
MozillaFirefox-debuginfo-102.8.0-150200.152.78.1
MozillaFirefox-debugsource-102.8.0-150200.152.78.1
MozillaFirefox-devel-102.8.0-150200.152.78.1
MozillaFirefox-translations-common-102.8.0-150200.152.78.1
MozillaFirefox-translations-other-102.8.0-150200.152.78.1
- SUSE Linux Enterprise Server for SAP 15-SP3 (ppc64le x86_64):
MozillaFirefox-102.8.0-150200.152.78.1
MozillaFirefox-debuginfo-102.8.0-150200.152.78.1
MozillaFirefox-debugsource-102.8.0-150200.152.78.1
MozillaFirefox-devel-102.8.0-150200.152.78.1
MozillaFirefox-translations-common-102.8.0-150200.152.78.1
MozillaFirefox-translations-other-102.8.0-150200.152.78.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64):
MozillaFirefox-102.8.0-150200.152.78.1
MozillaFirefox-debuginfo-102.8.0-150200.152.78.1
MozillaFirefox-debugsource-102.8.0-150200.152.78.1
MozillaFirefox-devel-102.8.0-150200.152.78.1
MozillaFirefox-translations-common-102.8.0-150200.152.78.1
MozillaFirefox-translations-other-102.8.0-150200.152.78.1
- SUSE Linux Enterprise Server 15-SP3-LTSS (aarch64 ppc64le s390x x86_64):
MozillaFirefox-102.8.0-150200.152.78.1
MozillaFirefox-debuginfo-102.8.0-150200.152.78.1
MozillaFirefox-debugsource-102.8.0-150200.152.78.1
MozillaFirefox-translations-common-102.8.0-150200.152.78.1
MozillaFirefox-translations-other-102.8.0-150200.152.78.1
- SUSE Linux Enterprise Server 15-SP3-LTSS (aarch64 ppc64le x86_64):
MozillaFirefox-devel-102.8.0-150200.152.78.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64):
MozillaFirefox-102.8.0-150200.152.78.1
MozillaFirefox-debuginfo-102.8.0-150200.152.78.1
MozillaFirefox-debugsource-102.8.0-150200.152.78.1
MozillaFirefox-devel-102.8.0-150200.152.78.1
MozillaFirefox-translations-common-102.8.0-150200.152.78.1
MozillaFirefox-translations-other-102.8.0-150200.152.78.1
- SUSE Linux Enterprise Realtime Extension 15-SP3 (x86_64):
MozillaFirefox-102.8.0-150200.152.78.1
MozillaFirefox-debuginfo-102.8.0-150200.152.78.1
MozillaFirefox-debugsource-102.8.0-150200.152.78.1
MozillaFirefox-devel-102.8.0-150200.152.78.1
MozillaFirefox-translations-common-102.8.0-150200.152.78.1
MozillaFirefox-translations-other-102.8.0-150200.152.78.1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP4 (aarch64 ppc64le s390x x86_64):
MozillaFirefox-102.8.0-150200.152.78.1
MozillaFirefox-debuginfo-102.8.0-150200.152.78.1
MozillaFirefox-debugsource-102.8.0-150200.152.78.1
MozillaFirefox-translations-common-102.8.0-150200.152.78.1
MozillaFirefox-translations-other-102.8.0-150200.152.78.1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP4 (aarch64 ppc64le x86_64):
MozillaFirefox-devel-102.8.0-150200.152.78.1
- SUSE Linux Enterprise High Performance Computing 15-SP3-LTSS (aarch64 x86_64):
MozillaFirefox-102.8.0-150200.152.78.1
MozillaFirefox-debuginfo-102.8.0-150200.152.78.1
MozillaFirefox-debugsource-102.8.0-150200.152.78.1
MozillaFirefox-devel-102.8.0-150200.152.78.1
MozillaFirefox-translations-common-102.8.0-150200.152.78.1
MozillaFirefox-translations-other-102.8.0-150200.152.78.1
- SUSE Linux Enterprise High Performance Computing 15-SP3-ESPOS (aarch64 x86_64):
MozillaFirefox-102.8.0-150200.152.78.1
MozillaFirefox-debuginfo-102.8.0-150200.152.78.1
MozillaFirefox-debugsource-102.8.0-150200.152.78.1
MozillaFirefox-devel-102.8.0-150200.152.78.1
MozillaFirefox-translations-common-102.8.0-150200.152.78.1
MozillaFirefox-translations-other-102.8.0-150200.152.78.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64):
MozillaFirefox-102.8.0-150200.152.78.1
MozillaFirefox-debuginfo-102.8.0-150200.152.78.1
MozillaFirefox-debugsource-102.8.0-150200.152.78.1
MozillaFirefox-devel-102.8.0-150200.152.78.1
MozillaFirefox-translations-common-102.8.0-150200.152.78.1
MozillaFirefox-translations-other-102.8.0-150200.152.78.1
- SUSE Enterprise Storage 7.1 (aarch64 x86_64):
MozillaFirefox-102.8.0-150200.152.78.1
MozillaFirefox-debuginfo-102.8.0-150200.152.78.1
MozillaFirefox-debugsource-102.8.0-150200.152.78.1
MozillaFirefox-devel-102.8.0-150200.152.78.1
MozillaFirefox-translations-common-102.8.0-150200.152.78.1
MozillaFirefox-translations-other-102.8.0-150200.152.78.1
- SUSE Enterprise Storage 7 (aarch64 x86_64):
MozillaFirefox-102.8.0-150200.152.78.1
MozillaFirefox-debuginfo-102.8.0-150200.152.78.1
MozillaFirefox-debugsource-102.8.0-150200.152.78.1
MozillaFirefox-devel-102.8.0-150200.152.78.1
MozillaFirefox-translations-common-102.8.0-150200.152.78.1
MozillaFirefox-translations-other-102.8.0-150200.152.78.1
References:
https://www.suse.com/security/cve/CVE-2023-0767.html
https://www.suse.com/security/cve/CVE-2023-25728.html
https://www.suse.com/security/cve/CVE-2023-25729.html
https://www.suse.com/security/cve/CVE-2023-25730.html
https://www.suse.com/security/cve/CVE-2023-25732.html
https://www.suse.com/security/cve/CVE-2023-25734.html
https://www.suse.com/security/cve/CVE-2023-25735.html
https://www.suse.com/security/cve/CVE-2023-25737.html
https://www.suse.com/security/cve/CVE-2023-25738.html
https://www.suse.com/security/cve/CVE-2023-25739.html
https://www.suse.com/security/cve/CVE-2023-25742.html
https://www.suse.com/security/cve/CVE-2023-25743.html
https://www.suse.com/security/cve/CVE-2023-25744.html
https://www.suse.com/security/cve/CVE-2023-25746.html
https://bugzilla.suse.com/1208138
https://bugzilla.suse.com/1208144
1
0
SUSE-SU-2023:0450-1: important: Security update for postgresql12
by opensuse-security@opensuse.org 20 Feb '23
by opensuse-security@opensuse.org 20 Feb '23
20 Feb '23
SUSE Security Update: Security update for postgresql12
______________________________________________________________________________
Announcement ID: SUSE-SU-2023:0450-1
Rating: important
References: #1208102
Cross-References: CVE-2022-41862
CVSS scores:
CVE-2022-41862 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products:
SUSE Enterprise Storage 7
SUSE Enterprise Storage 7.1
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP3-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP3-LTSS
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server 15-SP3-LTSS
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP 15-SP3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for postgresql12 fixes the following issues:
Update to 12.14:
- CVE-2022-41862: Fixed memory leak in libpq (bsc#1208102).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2023-450=1
- SUSE Linux Enterprise Server for SAP 15-SP3:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2023-450=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2023-450=1
- SUSE Linux Enterprise Server 15-SP3-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2023-450=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2023-450=1
- SUSE Linux Enterprise High Performance Computing 15-SP3-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2023-450=1
- SUSE Linux Enterprise High Performance Computing 15-SP3-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-ESPOS-2023-450=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2023-450=1
- SUSE Enterprise Storage 7.1:
zypper in -t patch SUSE-Storage-7.1-2023-450=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2023-450=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
postgresql12-12.14-150200.8.41.1
postgresql12-contrib-12.14-150200.8.41.1
postgresql12-contrib-debuginfo-12.14-150200.8.41.1
postgresql12-debuginfo-12.14-150200.8.41.1
postgresql12-debugsource-12.14-150200.8.41.1
postgresql12-devel-12.14-150200.8.41.1
postgresql12-devel-debuginfo-12.14-150200.8.41.1
postgresql12-llvmjit-12.14-150200.8.41.1
postgresql12-llvmjit-debuginfo-12.14-150200.8.41.1
postgresql12-llvmjit-devel-12.14-150200.8.41.1
postgresql12-plperl-12.14-150200.8.41.1
postgresql12-plperl-debuginfo-12.14-150200.8.41.1
postgresql12-plpython-12.14-150200.8.41.1
postgresql12-plpython-debuginfo-12.14-150200.8.41.1
postgresql12-pltcl-12.14-150200.8.41.1
postgresql12-pltcl-debuginfo-12.14-150200.8.41.1
postgresql12-server-12.14-150200.8.41.1
postgresql12-server-debuginfo-12.14-150200.8.41.1
postgresql12-server-devel-12.14-150200.8.41.1
postgresql12-server-devel-debuginfo-12.14-150200.8.41.1
postgresql12-test-12.14-150200.8.41.1
- openSUSE Leap 15.4 (noarch):
postgresql12-docs-12.14-150200.8.41.1
- SUSE Linux Enterprise Server for SAP 15-SP3 (ppc64le x86_64):
postgresql12-12.14-150200.8.41.1
postgresql12-contrib-12.14-150200.8.41.1
postgresql12-contrib-debuginfo-12.14-150200.8.41.1
postgresql12-debuginfo-12.14-150200.8.41.1
postgresql12-debugsource-12.14-150200.8.41.1
postgresql12-devel-12.14-150200.8.41.1
postgresql12-devel-debuginfo-12.14-150200.8.41.1
postgresql12-plperl-12.14-150200.8.41.1
postgresql12-plperl-debuginfo-12.14-150200.8.41.1
postgresql12-plpython-12.14-150200.8.41.1
postgresql12-plpython-debuginfo-12.14-150200.8.41.1
postgresql12-pltcl-12.14-150200.8.41.1
postgresql12-pltcl-debuginfo-12.14-150200.8.41.1
postgresql12-server-12.14-150200.8.41.1
postgresql12-server-debuginfo-12.14-150200.8.41.1
postgresql12-server-devel-12.14-150200.8.41.1
postgresql12-server-devel-debuginfo-12.14-150200.8.41.1
- SUSE Linux Enterprise Server for SAP 15-SP3 (noarch):
postgresql12-docs-12.14-150200.8.41.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64):
postgresql12-12.14-150200.8.41.1
postgresql12-contrib-12.14-150200.8.41.1
postgresql12-contrib-debuginfo-12.14-150200.8.41.1
postgresql12-debuginfo-12.14-150200.8.41.1
postgresql12-debugsource-12.14-150200.8.41.1
postgresql12-devel-12.14-150200.8.41.1
postgresql12-devel-debuginfo-12.14-150200.8.41.1
postgresql12-plperl-12.14-150200.8.41.1
postgresql12-plperl-debuginfo-12.14-150200.8.41.1
postgresql12-plpython-12.14-150200.8.41.1
postgresql12-plpython-debuginfo-12.14-150200.8.41.1
postgresql12-pltcl-12.14-150200.8.41.1
postgresql12-pltcl-debuginfo-12.14-150200.8.41.1
postgresql12-server-12.14-150200.8.41.1
postgresql12-server-debuginfo-12.14-150200.8.41.1
postgresql12-server-devel-12.14-150200.8.41.1
postgresql12-server-devel-debuginfo-12.14-150200.8.41.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (noarch):
postgresql12-docs-12.14-150200.8.41.1
- SUSE Linux Enterprise Server 15-SP3-LTSS (aarch64 ppc64le s390x x86_64):
postgresql12-12.14-150200.8.41.1
postgresql12-contrib-12.14-150200.8.41.1
postgresql12-contrib-debuginfo-12.14-150200.8.41.1
postgresql12-debuginfo-12.14-150200.8.41.1
postgresql12-debugsource-12.14-150200.8.41.1
postgresql12-devel-12.14-150200.8.41.1
postgresql12-devel-debuginfo-12.14-150200.8.41.1
postgresql12-plperl-12.14-150200.8.41.1
postgresql12-plperl-debuginfo-12.14-150200.8.41.1
postgresql12-plpython-12.14-150200.8.41.1
postgresql12-plpython-debuginfo-12.14-150200.8.41.1
postgresql12-pltcl-12.14-150200.8.41.1
postgresql12-pltcl-debuginfo-12.14-150200.8.41.1
postgresql12-server-12.14-150200.8.41.1
postgresql12-server-debuginfo-12.14-150200.8.41.1
postgresql12-server-devel-12.14-150200.8.41.1
postgresql12-server-devel-debuginfo-12.14-150200.8.41.1
- SUSE Linux Enterprise Server 15-SP3-LTSS (noarch):
postgresql12-docs-12.14-150200.8.41.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64):
postgresql12-12.14-150200.8.41.1
postgresql12-contrib-12.14-150200.8.41.1
postgresql12-contrib-debuginfo-12.14-150200.8.41.1
postgresql12-debuginfo-12.14-150200.8.41.1
postgresql12-debugsource-12.14-150200.8.41.1
postgresql12-devel-12.14-150200.8.41.1
postgresql12-devel-debuginfo-12.14-150200.8.41.1
postgresql12-plperl-12.14-150200.8.41.1
postgresql12-plperl-debuginfo-12.14-150200.8.41.1
postgresql12-plpython-12.14-150200.8.41.1
postgresql12-plpython-debuginfo-12.14-150200.8.41.1
postgresql12-pltcl-12.14-150200.8.41.1
postgresql12-pltcl-debuginfo-12.14-150200.8.41.1
postgresql12-server-12.14-150200.8.41.1
postgresql12-server-debuginfo-12.14-150200.8.41.1
postgresql12-server-devel-12.14-150200.8.41.1
postgresql12-server-devel-debuginfo-12.14-150200.8.41.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (noarch):
postgresql12-docs-12.14-150200.8.41.1
- SUSE Linux Enterprise High Performance Computing 15-SP3-LTSS (aarch64 x86_64):
postgresql12-12.14-150200.8.41.1
postgresql12-contrib-12.14-150200.8.41.1
postgresql12-contrib-debuginfo-12.14-150200.8.41.1
postgresql12-debuginfo-12.14-150200.8.41.1
postgresql12-debugsource-12.14-150200.8.41.1
postgresql12-devel-12.14-150200.8.41.1
postgresql12-devel-debuginfo-12.14-150200.8.41.1
postgresql12-plperl-12.14-150200.8.41.1
postgresql12-plperl-debuginfo-12.14-150200.8.41.1
postgresql12-plpython-12.14-150200.8.41.1
postgresql12-plpython-debuginfo-12.14-150200.8.41.1
postgresql12-pltcl-12.14-150200.8.41.1
postgresql12-pltcl-debuginfo-12.14-150200.8.41.1
postgresql12-server-12.14-150200.8.41.1
postgresql12-server-debuginfo-12.14-150200.8.41.1
postgresql12-server-devel-12.14-150200.8.41.1
postgresql12-server-devel-debuginfo-12.14-150200.8.41.1
- SUSE Linux Enterprise High Performance Computing 15-SP3-LTSS (noarch):
postgresql12-docs-12.14-150200.8.41.1
- SUSE Linux Enterprise High Performance Computing 15-SP3-ESPOS (aarch64 x86_64):
postgresql12-12.14-150200.8.41.1
postgresql12-contrib-12.14-150200.8.41.1
postgresql12-contrib-debuginfo-12.14-150200.8.41.1
postgresql12-debuginfo-12.14-150200.8.41.1
postgresql12-debugsource-12.14-150200.8.41.1
postgresql12-devel-12.14-150200.8.41.1
postgresql12-devel-debuginfo-12.14-150200.8.41.1
postgresql12-plperl-12.14-150200.8.41.1
postgresql12-plperl-debuginfo-12.14-150200.8.41.1
postgresql12-plpython-12.14-150200.8.41.1
postgresql12-plpython-debuginfo-12.14-150200.8.41.1
postgresql12-pltcl-12.14-150200.8.41.1
postgresql12-pltcl-debuginfo-12.14-150200.8.41.1
postgresql12-server-12.14-150200.8.41.1
postgresql12-server-debuginfo-12.14-150200.8.41.1
postgresql12-server-devel-12.14-150200.8.41.1
postgresql12-server-devel-debuginfo-12.14-150200.8.41.1
- SUSE Linux Enterprise High Performance Computing 15-SP3-ESPOS (noarch):
postgresql12-docs-12.14-150200.8.41.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64):
postgresql12-12.14-150200.8.41.1
postgresql12-contrib-12.14-150200.8.41.1
postgresql12-contrib-debuginfo-12.14-150200.8.41.1
postgresql12-debuginfo-12.14-150200.8.41.1
postgresql12-debugsource-12.14-150200.8.41.1
postgresql12-devel-12.14-150200.8.41.1
postgresql12-devel-debuginfo-12.14-150200.8.41.1
postgresql12-plperl-12.14-150200.8.41.1
postgresql12-plperl-debuginfo-12.14-150200.8.41.1
postgresql12-plpython-12.14-150200.8.41.1
postgresql12-plpython-debuginfo-12.14-150200.8.41.1
postgresql12-pltcl-12.14-150200.8.41.1
postgresql12-pltcl-debuginfo-12.14-150200.8.41.1
postgresql12-server-12.14-150200.8.41.1
postgresql12-server-debuginfo-12.14-150200.8.41.1
postgresql12-server-devel-12.14-150200.8.41.1
postgresql12-server-devel-debuginfo-12.14-150200.8.41.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (noarch):
postgresql12-docs-12.14-150200.8.41.1
- SUSE Enterprise Storage 7.1 (aarch64 x86_64):
postgresql12-12.14-150200.8.41.1
postgresql12-contrib-12.14-150200.8.41.1
postgresql12-contrib-debuginfo-12.14-150200.8.41.1
postgresql12-debuginfo-12.14-150200.8.41.1
postgresql12-debugsource-12.14-150200.8.41.1
postgresql12-devel-12.14-150200.8.41.1
postgresql12-devel-debuginfo-12.14-150200.8.41.1
postgresql12-plperl-12.14-150200.8.41.1
postgresql12-plperl-debuginfo-12.14-150200.8.41.1
postgresql12-plpython-12.14-150200.8.41.1
postgresql12-plpython-debuginfo-12.14-150200.8.41.1
postgresql12-pltcl-12.14-150200.8.41.1
postgresql12-pltcl-debuginfo-12.14-150200.8.41.1
postgresql12-server-12.14-150200.8.41.1
postgresql12-server-debuginfo-12.14-150200.8.41.1
postgresql12-server-devel-12.14-150200.8.41.1
postgresql12-server-devel-debuginfo-12.14-150200.8.41.1
- SUSE Enterprise Storage 7.1 (noarch):
postgresql12-docs-12.14-150200.8.41.1
- SUSE Enterprise Storage 7 (aarch64 x86_64):
postgresql12-12.14-150200.8.41.1
postgresql12-contrib-12.14-150200.8.41.1
postgresql12-contrib-debuginfo-12.14-150200.8.41.1
postgresql12-debuginfo-12.14-150200.8.41.1
postgresql12-debugsource-12.14-150200.8.41.1
postgresql12-devel-12.14-150200.8.41.1
postgresql12-devel-debuginfo-12.14-150200.8.41.1
postgresql12-plperl-12.14-150200.8.41.1
postgresql12-plperl-debuginfo-12.14-150200.8.41.1
postgresql12-plpython-12.14-150200.8.41.1
postgresql12-plpython-debuginfo-12.14-150200.8.41.1
postgresql12-pltcl-12.14-150200.8.41.1
postgresql12-pltcl-debuginfo-12.14-150200.8.41.1
postgresql12-server-12.14-150200.8.41.1
postgresql12-server-debuginfo-12.14-150200.8.41.1
postgresql12-server-devel-12.14-150200.8.41.1
postgresql12-server-devel-debuginfo-12.14-150200.8.41.1
- SUSE Enterprise Storage 7 (noarch):
postgresql12-docs-12.14-150200.8.41.1
References:
https://www.suse.com/security/cve/CVE-2022-41862.html
https://bugzilla.suse.com/1208102
1
0
openSUSE-SU-2023:0053-1: moderate: Security update for timescaledb
by opensuse-security@opensuse.org 20 Feb '23
by opensuse-security@opensuse.org 20 Feb '23
20 Feb '23
openSUSE Security Update: Security update for timescaledb
______________________________________________________________________________
Announcement ID: openSUSE-SU-2023:0053-1
Rating: moderate
References: #1197063
Cross-References: CVE-2022-24128
CVSS scores:
CVE-2022-24128 (NVD) : 8 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Affected Products:
openSUSE Backports SLE-15-SP3
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for timescaledb fixes the following issues:
timescaledb was updated to version 2.9.3
- https://github.com/timescale/timescaledb/releases/tag/2.9.3
- enable postgresql15 build
- https://github.com/timescale/timescaledb/releases/tag/2.9.2
- https://github.com/timescale/timescaledb/releases/tag/2.9.1
- https://github.com/timescale/timescaledb/releases/tag/2.9.0
- https://github.com/timescale/timescaledb/releases/tag/2.8.1
- https://github.com/timescale/timescaledb/releases/tag/2.8.0
- https://github.com/timescale/timescaledb/releases/tag/2.7.1
- https://github.com/timescale/timescaledb/releases/tag/2.7.2
- https://github.com/timescale/timescaledb/releases/tag/2.7.0
- https://github.com/timescale/timescaledb/releases/tag/2.6.1
- CVE-2022-24128: Fixed privilege escalation during extension installation
(boo#1197063)
- https://github.com/timescale/timescaledb/releases/tag/2.6.0
- https://github.com/timescale/timescaledb/releases/tag/2.5.2
- https://github.com/timescale/timescaledb/releases/tag/2.5.1
- switch to %{pg_name}-server-devel
- https://github.com/timescale/timescaledb/releases/tag/1.7.5
- https://github.com/timescale/timescaledb/releases/tag/2.0.0
- https://github.com/timescale/timescaledb/releases/tag/2.0.1
- https://github.com/timescale/timescaledb/releases/tag/2.0.2
- https://github.com/timescale/timescaledb/releases/tag/2.1.0
- https://github.com/timescale/timescaledb/releases/tag/2.1.1
- https://github.com/timescale/timescaledb/releases/tag/2.2.0
- https://github.com/timescale/timescaledb/releases/tag/2.2.1
- https://github.com/timescale/timescaledb/releases/tag/2.3.0
- https://github.com/timescale/timescaledb/releases/tag/2.3.1
- https://github.com/timescale/timescaledb/releases/tag/2.4.0
- https://github.com/timescale/timescaledb/releases/tag/2.4.1
- https://github.com/timescale/timescaledb/releases/tag/2.4.2
- https://github.com/timescale/timescaledb/releases/tag/2.5.0
- enable postgresql14
- https://github.com/timescale/timescaledb/releases/tag/1.7.2
- https://github.com/timescale/timescaledb/releases/tag/1.7.3
- https://github.com/timescale/timescaledb/releases/tag/1.7.4
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Backports SLE-15-SP3:
zypper in -t patch openSUSE-2023-53=1
Package List:
- openSUSE Backports SLE-15-SP3 (aarch64 ppc64le s390x x86_64):
postgresql12-timescaledb-2.9.3-bp153.2.3.1
postgresql13-timescaledb-2.9.3-bp153.2.3.1
postgresql14-timescaledb-2.9.3-bp153.2.3.1
postgresql15-timescaledb-2.9.3-bp153.2.3.1
References:
https://www.suse.com/security/cve/CVE-2022-24128.html
https://bugzilla.suse.com/1197063
1
0
openSUSE-SU-2023:0048-1: moderate: Security update for gssntlmssp
by opensuse-security@opensuse.org 18 Feb '23
by opensuse-security@opensuse.org 18 Feb '23
18 Feb '23
openSUSE Security Update: Security update for gssntlmssp
______________________________________________________________________________
Announcement ID: openSUSE-SU-2023:0048-1
Rating: moderate
References: #1208278 #1208279 #1208280 #1208281 #1208282
Cross-References: CVE-2023-25563 CVE-2023-25564 CVE-2023-25565
CVE-2023-25566 CVE-2023-25567
CVSS scores:
CVE-2023-25563 (NVD) : 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2023-25564 (NVD) : 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H
CVE-2023-25565 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2023-25566 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2023-25567 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products:
openSUSE Backports SLE-15-SP4
______________________________________________________________________________
An update that fixes 5 vulnerabilities is now available.
Description:
This update for gssntlmssp fixes the following issues:
Update to version 1.2.0
* Implement gss_set_cred_option.
* Allow to gss_wrap even if NEGOTIATE_SEAL is not negotiated.
* Move HMAC code to OpenSSL EVP API.
* Fix crash bug when acceptor credentials are NULL.
* Translations update from Fedora Weblate.
Fix security issues:
* CVE-2023-25563 (boo#1208278): multiple out-of-bounds read when decoding
NTLM fields.
* CVE-2023-25564 (boo#1208279): memory corruption when decoding UTF16
strings.
* CVE-2023-25565 (boo#1208280): incorrect free when decoding target
information.
* CVE-2023-25566 (boo#1208281): memory leak when parsing usernames.
* CVE-2023-25567 (boo#1208282): out-of-bounds read when decoding target
information.
Update to version 1.1
* various build fixes and better compatibility when a MIC is requested.
Update to version 1.0
* Fix test_gssapi_rfc5587.
* Actually run tests with make check.
* Add two tests around NTLMSSP_NEGOTIATE_LMKEY.
* Refine LM compatibility level logic.
* Refactor the gssntlm_required_security function.
* Implement reading LM/NT hashes.
* Add test for smpasswd-like user files.
* Return confidentiality status.
* Fix segfault in sign/seal functions.
* Fix dummy signature generation.
* Use UCS16LE instead of UCS-2LE.
* Provide a zero lm key if the password is too long.
* Completely omit CBs AV pairs when no CB provided.
* Change license to the more permissive ISC.
* Do not require cached users with winbind.
* Add ability to pass keyfile via cred store.
* Remove unused parts of Makefile.am.
* Move attribute names to allocated strings.
* Adjust serialization for name attributes.
* Fix crash in acquiring credentials.
* Fix fallback to external_creds interface.
* Introduce parse_user_name() function.
* Add test for parse_user_name.
* Change how we assemble user names in ASC.
* Use thread local storage for winbind context.
* Make per thread winbind context optional.
* Fixed memleak of usr_cred.
* Support get_sids request via name attributes.
* Fixed memory leaks found by valgrind.
- Update to version 0.9
* add support for getting session key.
* Add gss_inquire_attrs_for_mech().
* Return actual data for RFC5587 API.
* Add new Windows version flags.
* Add Key exchange also when wanting integrity only.
* Drop support for GSS_C_MA_NOT_DFLT_MECH.
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Backports SLE-15-SP4:
zypper in -t patch openSUSE-2023-48=1
Package List:
- openSUSE Backports SLE-15-SP4 (aarch64 i586 ppc64le s390x x86_64):
gssntlmssp-1.2.0-bp154.2.3.1
gssntlmssp-devel-1.2.0-bp154.2.3.1
References:
https://www.suse.com/security/cve/CVE-2023-25563.html
https://www.suse.com/security/cve/CVE-2023-25564.html
https://www.suse.com/security/cve/CVE-2023-25565.html
https://www.suse.com/security/cve/CVE-2023-25566.html
https://www.suse.com/security/cve/CVE-2023-25567.html
https://bugzilla.suse.com/1208278
https://bugzilla.suse.com/1208279
https://bugzilla.suse.com/1208280
https://bugzilla.suse.com/1208281
https://bugzilla.suse.com/1208282
1
0
SUSE-SU-2023:0443-1: important: Security update for mozilla-nss
by opensuse-security@opensuse.org 17 Feb '23
by opensuse-security@opensuse.org 17 Feb '23
17 Feb '23
SUSE Security Update: Security update for mozilla-nss
______________________________________________________________________________
Announcement ID: SUSE-SU-2023:0443-1
Rating: important
References: #1208138
Cross-References: CVE-2023-0767
CVSS scores:
CVE-2023-0767 (SUSE): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products:
SUSE CaaS Platform 4.0
SUSE Enterprise Storage 7
SUSE Enterprise Storage 7.1
SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP3-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP3-LTSS
SUSE Linux Enterprise Micro 5.1
SUSE Linux Enterprise Micro 5.2
SUSE Linux Enterprise Realtime Extension 15-SP3
SUSE Linux Enterprise Server 15-SP1-LTSS
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server 15-SP3-LTSS
SUSE Linux Enterprise Server for SAP 15-SP1
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP 15-SP3
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.2
SUSE Manager Server 4.2
openSUSE Leap Micro 5.2
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for mozilla-nss fixes the following issues:
Updated to NSS 3.79.4 (bsc#1208138):
- CVE-2023-0767: Fixed handling of unknown PKCS#12 safe bag types.
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap Micro 5.2:
zypper in -t patch openSUSE-Leap-Micro-5.2-2023-443=1
- SUSE Manager Server 4.2:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.2-2023-443=1
- SUSE Manager Retail Branch Server 4.2:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.2-2023-443=1
- SUSE Manager Proxy 4.2:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.2-2023-443=1
- SUSE Linux Enterprise Server for SAP 15-SP3:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2023-443=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2023-443=1
- SUSE Linux Enterprise Server for SAP 15-SP1:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2023-443=1
- SUSE Linux Enterprise Server 15-SP3-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2023-443=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2023-443=1
- SUSE Linux Enterprise Server 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2023-443=1
- SUSE Linux Enterprise Realtime Extension 15-SP3:
zypper in -t patch SUSE-SLE-Product-RT-15-SP3-2023-443=1
- SUSE Linux Enterprise Micro 5.2:
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2023-443=1
- SUSE Linux Enterprise Micro 5.1:
zypper in -t patch SUSE-SUSE-MicroOS-5.1-2023-443=1
- SUSE Linux Enterprise High Performance Computing 15-SP3-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2023-443=1
- SUSE Linux Enterprise High Performance Computing 15-SP3-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-ESPOS-2023-443=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2023-443=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-LTSS-2023-443=1
- SUSE Enterprise Storage 7.1:
zypper in -t patch SUSE-Storage-7.1-2023-443=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2023-443=1
- SUSE CaaS Platform 4.0:
To install this update, use the SUSE CaaS Platform 'skuba' tool. It
will inform you if it detects new updates and let you then trigger
updating of the complete cluster in a controlled way.
Package List:
- openSUSE Leap Micro 5.2 (aarch64 x86_64):
libfreebl3-3.79.4-150000.3.93.1
libfreebl3-debuginfo-3.79.4-150000.3.93.1
libfreebl3-hmac-3.79.4-150000.3.93.1
libsoftokn3-3.79.4-150000.3.93.1
libsoftokn3-debuginfo-3.79.4-150000.3.93.1
libsoftokn3-hmac-3.79.4-150000.3.93.1
mozilla-nss-3.79.4-150000.3.93.1
mozilla-nss-certs-3.79.4-150000.3.93.1
mozilla-nss-certs-debuginfo-3.79.4-150000.3.93.1
mozilla-nss-debuginfo-3.79.4-150000.3.93.1
mozilla-nss-debugsource-3.79.4-150000.3.93.1
mozilla-nss-tools-3.79.4-150000.3.93.1
mozilla-nss-tools-debuginfo-3.79.4-150000.3.93.1
- SUSE Manager Server 4.2 (ppc64le s390x x86_64):
libfreebl3-3.79.4-150000.3.93.1
libfreebl3-debuginfo-3.79.4-150000.3.93.1
libfreebl3-hmac-3.79.4-150000.3.93.1
libsoftokn3-3.79.4-150000.3.93.1
libsoftokn3-debuginfo-3.79.4-150000.3.93.1
libsoftokn3-hmac-3.79.4-150000.3.93.1
mozilla-nss-3.79.4-150000.3.93.1
mozilla-nss-certs-3.79.4-150000.3.93.1
mozilla-nss-certs-debuginfo-3.79.4-150000.3.93.1
mozilla-nss-debuginfo-3.79.4-150000.3.93.1
mozilla-nss-debugsource-3.79.4-150000.3.93.1
mozilla-nss-devel-3.79.4-150000.3.93.1
mozilla-nss-sysinit-3.79.4-150000.3.93.1
mozilla-nss-sysinit-debuginfo-3.79.4-150000.3.93.1
mozilla-nss-tools-3.79.4-150000.3.93.1
mozilla-nss-tools-debuginfo-3.79.4-150000.3.93.1
- SUSE Manager Server 4.2 (x86_64):
libfreebl3-32bit-3.79.4-150000.3.93.1
libfreebl3-32bit-debuginfo-3.79.4-150000.3.93.1
libfreebl3-hmac-32bit-3.79.4-150000.3.93.1
libsoftokn3-32bit-3.79.4-150000.3.93.1
libsoftokn3-32bit-debuginfo-3.79.4-150000.3.93.1
libsoftokn3-hmac-32bit-3.79.4-150000.3.93.1
mozilla-nss-32bit-3.79.4-150000.3.93.1
mozilla-nss-32bit-debuginfo-3.79.4-150000.3.93.1
mozilla-nss-certs-32bit-3.79.4-150000.3.93.1
mozilla-nss-certs-32bit-debuginfo-3.79.4-150000.3.93.1
- SUSE Manager Retail Branch Server 4.2 (x86_64):
libfreebl3-3.79.4-150000.3.93.1
libfreebl3-32bit-3.79.4-150000.3.93.1
libfreebl3-32bit-debuginfo-3.79.4-150000.3.93.1
libfreebl3-debuginfo-3.79.4-150000.3.93.1
libfreebl3-hmac-3.79.4-150000.3.93.1
libfreebl3-hmac-32bit-3.79.4-150000.3.93.1
libsoftokn3-3.79.4-150000.3.93.1
libsoftokn3-32bit-3.79.4-150000.3.93.1
libsoftokn3-32bit-debuginfo-3.79.4-150000.3.93.1
libsoftokn3-debuginfo-3.79.4-150000.3.93.1
libsoftokn3-hmac-3.79.4-150000.3.93.1
libsoftokn3-hmac-32bit-3.79.4-150000.3.93.1
mozilla-nss-3.79.4-150000.3.93.1
mozilla-nss-32bit-3.79.4-150000.3.93.1
mozilla-nss-32bit-debuginfo-3.79.4-150000.3.93.1
mozilla-nss-certs-3.79.4-150000.3.93.1
mozilla-nss-certs-32bit-3.79.4-150000.3.93.1
mozilla-nss-certs-32bit-debuginfo-3.79.4-150000.3.93.1
mozilla-nss-certs-debuginfo-3.79.4-150000.3.93.1
mozilla-nss-debuginfo-3.79.4-150000.3.93.1
mozilla-nss-debugsource-3.79.4-150000.3.93.1
mozilla-nss-devel-3.79.4-150000.3.93.1
mozilla-nss-sysinit-3.79.4-150000.3.93.1
mozilla-nss-sysinit-debuginfo-3.79.4-150000.3.93.1
mozilla-nss-tools-3.79.4-150000.3.93.1
mozilla-nss-tools-debuginfo-3.79.4-150000.3.93.1
- SUSE Manager Proxy 4.2 (x86_64):
libfreebl3-3.79.4-150000.3.93.1
libfreebl3-32bit-3.79.4-150000.3.93.1
libfreebl3-32bit-debuginfo-3.79.4-150000.3.93.1
libfreebl3-debuginfo-3.79.4-150000.3.93.1
libfreebl3-hmac-3.79.4-150000.3.93.1
libfreebl3-hmac-32bit-3.79.4-150000.3.93.1
libsoftokn3-3.79.4-150000.3.93.1
libsoftokn3-32bit-3.79.4-150000.3.93.1
libsoftokn3-32bit-debuginfo-3.79.4-150000.3.93.1
libsoftokn3-debuginfo-3.79.4-150000.3.93.1
libsoftokn3-hmac-3.79.4-150000.3.93.1
libsoftokn3-hmac-32bit-3.79.4-150000.3.93.1
mozilla-nss-3.79.4-150000.3.93.1
mozilla-nss-32bit-3.79.4-150000.3.93.1
mozilla-nss-32bit-debuginfo-3.79.4-150000.3.93.1
mozilla-nss-certs-3.79.4-150000.3.93.1
mozilla-nss-certs-32bit-3.79.4-150000.3.93.1
mozilla-nss-certs-32bit-debuginfo-3.79.4-150000.3.93.1
mozilla-nss-certs-debuginfo-3.79.4-150000.3.93.1
mozilla-nss-debuginfo-3.79.4-150000.3.93.1
mozilla-nss-debugsource-3.79.4-150000.3.93.1
mozilla-nss-devel-3.79.4-150000.3.93.1
mozilla-nss-sysinit-3.79.4-150000.3.93.1
mozilla-nss-sysinit-debuginfo-3.79.4-150000.3.93.1
mozilla-nss-tools-3.79.4-150000.3.93.1
mozilla-nss-tools-debuginfo-3.79.4-150000.3.93.1
- SUSE Linux Enterprise Server for SAP 15-SP3 (ppc64le x86_64):
libfreebl3-3.79.4-150000.3.93.1
libfreebl3-debuginfo-3.79.4-150000.3.93.1
libfreebl3-hmac-3.79.4-150000.3.93.1
libsoftokn3-3.79.4-150000.3.93.1
libsoftokn3-debuginfo-3.79.4-150000.3.93.1
libsoftokn3-hmac-3.79.4-150000.3.93.1
mozilla-nss-3.79.4-150000.3.93.1
mozilla-nss-certs-3.79.4-150000.3.93.1
mozilla-nss-certs-debuginfo-3.79.4-150000.3.93.1
mozilla-nss-debuginfo-3.79.4-150000.3.93.1
mozilla-nss-debugsource-3.79.4-150000.3.93.1
mozilla-nss-devel-3.79.4-150000.3.93.1
mozilla-nss-sysinit-3.79.4-150000.3.93.1
mozilla-nss-sysinit-debuginfo-3.79.4-150000.3.93.1
mozilla-nss-tools-3.79.4-150000.3.93.1
mozilla-nss-tools-debuginfo-3.79.4-150000.3.93.1
- SUSE Linux Enterprise Server for SAP 15-SP3 (x86_64):
libfreebl3-32bit-3.79.4-150000.3.93.1
libfreebl3-32bit-debuginfo-3.79.4-150000.3.93.1
libfreebl3-hmac-32bit-3.79.4-150000.3.93.1
libsoftokn3-32bit-3.79.4-150000.3.93.1
libsoftokn3-32bit-debuginfo-3.79.4-150000.3.93.1
libsoftokn3-hmac-32bit-3.79.4-150000.3.93.1
mozilla-nss-32bit-3.79.4-150000.3.93.1
mozilla-nss-32bit-debuginfo-3.79.4-150000.3.93.1
mozilla-nss-certs-32bit-3.79.4-150000.3.93.1
mozilla-nss-certs-32bit-debuginfo-3.79.4-150000.3.93.1
mozilla-nss-sysinit-32bit-3.79.4-150000.3.93.1
mozilla-nss-sysinit-32bit-debuginfo-3.79.4-150000.3.93.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64):
libfreebl3-3.79.4-150000.3.93.1
libfreebl3-debuginfo-3.79.4-150000.3.93.1
libfreebl3-hmac-3.79.4-150000.3.93.1
libsoftokn3-3.79.4-150000.3.93.1
libsoftokn3-debuginfo-3.79.4-150000.3.93.1
libsoftokn3-hmac-3.79.4-150000.3.93.1
mozilla-nss-3.79.4-150000.3.93.1
mozilla-nss-certs-3.79.4-150000.3.93.1
mozilla-nss-certs-debuginfo-3.79.4-150000.3.93.1
mozilla-nss-debuginfo-3.79.4-150000.3.93.1
mozilla-nss-debugsource-3.79.4-150000.3.93.1
mozilla-nss-devel-3.79.4-150000.3.93.1
mozilla-nss-sysinit-3.79.4-150000.3.93.1
mozilla-nss-sysinit-debuginfo-3.79.4-150000.3.93.1
mozilla-nss-tools-3.79.4-150000.3.93.1
mozilla-nss-tools-debuginfo-3.79.4-150000.3.93.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (x86_64):
libfreebl3-32bit-3.79.4-150000.3.93.1
libfreebl3-32bit-debuginfo-3.79.4-150000.3.93.1
libfreebl3-hmac-32bit-3.79.4-150000.3.93.1
libsoftokn3-32bit-3.79.4-150000.3.93.1
libsoftokn3-32bit-debuginfo-3.79.4-150000.3.93.1
libsoftokn3-hmac-32bit-3.79.4-150000.3.93.1
mozilla-nss-32bit-3.79.4-150000.3.93.1
mozilla-nss-32bit-debuginfo-3.79.4-150000.3.93.1
mozilla-nss-certs-32bit-3.79.4-150000.3.93.1
mozilla-nss-certs-32bit-debuginfo-3.79.4-150000.3.93.1
- SUSE Linux Enterprise Server for SAP 15-SP1 (ppc64le x86_64):
libfreebl3-3.79.4-150000.3.93.1
libfreebl3-debuginfo-3.79.4-150000.3.93.1
libfreebl3-hmac-3.79.4-150000.3.93.1
libsoftokn3-3.79.4-150000.3.93.1
libsoftokn3-debuginfo-3.79.4-150000.3.93.1
libsoftokn3-hmac-3.79.4-150000.3.93.1
mozilla-nss-3.79.4-150000.3.93.1
mozilla-nss-certs-3.79.4-150000.3.93.1
mozilla-nss-certs-debuginfo-3.79.4-150000.3.93.1
mozilla-nss-debuginfo-3.79.4-150000.3.93.1
mozilla-nss-debugsource-3.79.4-150000.3.93.1
mozilla-nss-devel-3.79.4-150000.3.93.1
mozilla-nss-sysinit-3.79.4-150000.3.93.1
mozilla-nss-sysinit-debuginfo-3.79.4-150000.3.93.1
mozilla-nss-tools-3.79.4-150000.3.93.1
mozilla-nss-tools-debuginfo-3.79.4-150000.3.93.1
- SUSE Linux Enterprise Server for SAP 15-SP1 (x86_64):
libfreebl3-32bit-3.79.4-150000.3.93.1
libfreebl3-32bit-debuginfo-3.79.4-150000.3.93.1
libfreebl3-hmac-32bit-3.79.4-150000.3.93.1
libsoftokn3-32bit-3.79.4-150000.3.93.1
libsoftokn3-32bit-debuginfo-3.79.4-150000.3.93.1
libsoftokn3-hmac-32bit-3.79.4-150000.3.93.1
mozilla-nss-32bit-3.79.4-150000.3.93.1
mozilla-nss-32bit-debuginfo-3.79.4-150000.3.93.1
mozilla-nss-certs-32bit-3.79.4-150000.3.93.1
mozilla-nss-certs-32bit-debuginfo-3.79.4-150000.3.93.1
- SUSE Linux Enterprise Server 15-SP3-LTSS (aarch64 ppc64le s390x x86_64):
libfreebl3-3.79.4-150000.3.93.1
libfreebl3-debuginfo-3.79.4-150000.3.93.1
libfreebl3-hmac-3.79.4-150000.3.93.1
libsoftokn3-3.79.4-150000.3.93.1
libsoftokn3-debuginfo-3.79.4-150000.3.93.1
libsoftokn3-hmac-3.79.4-150000.3.93.1
mozilla-nss-3.79.4-150000.3.93.1
mozilla-nss-certs-3.79.4-150000.3.93.1
mozilla-nss-certs-debuginfo-3.79.4-150000.3.93.1
mozilla-nss-debuginfo-3.79.4-150000.3.93.1
mozilla-nss-debugsource-3.79.4-150000.3.93.1
mozilla-nss-devel-3.79.4-150000.3.93.1
mozilla-nss-sysinit-3.79.4-150000.3.93.1
mozilla-nss-sysinit-debuginfo-3.79.4-150000.3.93.1
mozilla-nss-tools-3.79.4-150000.3.93.1
mozilla-nss-tools-debuginfo-3.79.4-150000.3.93.1
- SUSE Linux Enterprise Server 15-SP3-LTSS (x86_64):
libfreebl3-32bit-3.79.4-150000.3.93.1
libfreebl3-32bit-debuginfo-3.79.4-150000.3.93.1
libfreebl3-hmac-32bit-3.79.4-150000.3.93.1
libsoftokn3-32bit-3.79.4-150000.3.93.1
libsoftokn3-32bit-debuginfo-3.79.4-150000.3.93.1
libsoftokn3-hmac-32bit-3.79.4-150000.3.93.1
mozilla-nss-32bit-3.79.4-150000.3.93.1
mozilla-nss-32bit-debuginfo-3.79.4-150000.3.93.1
mozilla-nss-certs-32bit-3.79.4-150000.3.93.1
mozilla-nss-certs-32bit-debuginfo-3.79.4-150000.3.93.1
mozilla-nss-sysinit-32bit-3.79.4-150000.3.93.1
mozilla-nss-sysinit-32bit-debuginfo-3.79.4-150000.3.93.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64):
libfreebl3-3.79.4-150000.3.93.1
libfreebl3-debuginfo-3.79.4-150000.3.93.1
libfreebl3-hmac-3.79.4-150000.3.93.1
libsoftokn3-3.79.4-150000.3.93.1
libsoftokn3-debuginfo-3.79.4-150000.3.93.1
libsoftokn3-hmac-3.79.4-150000.3.93.1
mozilla-nss-3.79.4-150000.3.93.1
mozilla-nss-certs-3.79.4-150000.3.93.1
mozilla-nss-certs-debuginfo-3.79.4-150000.3.93.1
mozilla-nss-debuginfo-3.79.4-150000.3.93.1
mozilla-nss-debugsource-3.79.4-150000.3.93.1
mozilla-nss-devel-3.79.4-150000.3.93.1
mozilla-nss-sysinit-3.79.4-150000.3.93.1
mozilla-nss-sysinit-debuginfo-3.79.4-150000.3.93.1
mozilla-nss-tools-3.79.4-150000.3.93.1
mozilla-nss-tools-debuginfo-3.79.4-150000.3.93.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (x86_64):
libfreebl3-32bit-3.79.4-150000.3.93.1
libfreebl3-32bit-debuginfo-3.79.4-150000.3.93.1
libfreebl3-hmac-32bit-3.79.4-150000.3.93.1
libsoftokn3-32bit-3.79.4-150000.3.93.1
libsoftokn3-32bit-debuginfo-3.79.4-150000.3.93.1
libsoftokn3-hmac-32bit-3.79.4-150000.3.93.1
mozilla-nss-32bit-3.79.4-150000.3.93.1
mozilla-nss-32bit-debuginfo-3.79.4-150000.3.93.1
mozilla-nss-certs-32bit-3.79.4-150000.3.93.1
mozilla-nss-certs-32bit-debuginfo-3.79.4-150000.3.93.1
- SUSE Linux Enterprise Server 15-SP1-LTSS (aarch64 ppc64le s390x x86_64):
libfreebl3-3.79.4-150000.3.93.1
libfreebl3-debuginfo-3.79.4-150000.3.93.1
libfreebl3-hmac-3.79.4-150000.3.93.1
libsoftokn3-3.79.4-150000.3.93.1
libsoftokn3-debuginfo-3.79.4-150000.3.93.1
libsoftokn3-hmac-3.79.4-150000.3.93.1
mozilla-nss-3.79.4-150000.3.93.1
mozilla-nss-certs-3.79.4-150000.3.93.1
mozilla-nss-certs-debuginfo-3.79.4-150000.3.93.1
mozilla-nss-debuginfo-3.79.4-150000.3.93.1
mozilla-nss-debugsource-3.79.4-150000.3.93.1
mozilla-nss-devel-3.79.4-150000.3.93.1
mozilla-nss-sysinit-3.79.4-150000.3.93.1
mozilla-nss-sysinit-debuginfo-3.79.4-150000.3.93.1
mozilla-nss-tools-3.79.4-150000.3.93.1
mozilla-nss-tools-debuginfo-3.79.4-150000.3.93.1
- SUSE Linux Enterprise Server 15-SP1-LTSS (x86_64):
libfreebl3-32bit-3.79.4-150000.3.93.1
libfreebl3-32bit-debuginfo-3.79.4-150000.3.93.1
libfreebl3-hmac-32bit-3.79.4-150000.3.93.1
libsoftokn3-32bit-3.79.4-150000.3.93.1
libsoftokn3-32bit-debuginfo-3.79.4-150000.3.93.1
libsoftokn3-hmac-32bit-3.79.4-150000.3.93.1
mozilla-nss-32bit-3.79.4-150000.3.93.1
mozilla-nss-32bit-debuginfo-3.79.4-150000.3.93.1
mozilla-nss-certs-32bit-3.79.4-150000.3.93.1
mozilla-nss-certs-32bit-debuginfo-3.79.4-150000.3.93.1
- SUSE Linux Enterprise Realtime Extension 15-SP3 (x86_64):
libfreebl3-3.79.4-150000.3.93.1
libfreebl3-32bit-3.79.4-150000.3.93.1
libfreebl3-32bit-debuginfo-3.79.4-150000.3.93.1
libfreebl3-debuginfo-3.79.4-150000.3.93.1
libfreebl3-hmac-3.79.4-150000.3.93.1
libfreebl3-hmac-32bit-3.79.4-150000.3.93.1
libsoftokn3-3.79.4-150000.3.93.1
libsoftokn3-32bit-3.79.4-150000.3.93.1
libsoftokn3-32bit-debuginfo-3.79.4-150000.3.93.1
libsoftokn3-debuginfo-3.79.4-150000.3.93.1
libsoftokn3-hmac-3.79.4-150000.3.93.1
libsoftokn3-hmac-32bit-3.79.4-150000.3.93.1
mozilla-nss-3.79.4-150000.3.93.1
mozilla-nss-32bit-3.79.4-150000.3.93.1
mozilla-nss-32bit-debuginfo-3.79.4-150000.3.93.1
mozilla-nss-certs-3.79.4-150000.3.93.1
mozilla-nss-certs-32bit-3.79.4-150000.3.93.1
mozilla-nss-certs-32bit-debuginfo-3.79.4-150000.3.93.1
mozilla-nss-certs-debuginfo-3.79.4-150000.3.93.1
mozilla-nss-debuginfo-3.79.4-150000.3.93.1
mozilla-nss-debugsource-3.79.4-150000.3.93.1
mozilla-nss-devel-3.79.4-150000.3.93.1
mozilla-nss-sysinit-3.79.4-150000.3.93.1
mozilla-nss-sysinit-debuginfo-3.79.4-150000.3.93.1
mozilla-nss-tools-3.79.4-150000.3.93.1
mozilla-nss-tools-debuginfo-3.79.4-150000.3.93.1
- SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64):
libfreebl3-3.79.4-150000.3.93.1
libfreebl3-debuginfo-3.79.4-150000.3.93.1
libfreebl3-hmac-3.79.4-150000.3.93.1
libsoftokn3-3.79.4-150000.3.93.1
libsoftokn3-debuginfo-3.79.4-150000.3.93.1
libsoftokn3-hmac-3.79.4-150000.3.93.1
mozilla-nss-3.79.4-150000.3.93.1
mozilla-nss-certs-3.79.4-150000.3.93.1
mozilla-nss-certs-debuginfo-3.79.4-150000.3.93.1
mozilla-nss-debuginfo-3.79.4-150000.3.93.1
mozilla-nss-debugsource-3.79.4-150000.3.93.1
mozilla-nss-tools-3.79.4-150000.3.93.1
mozilla-nss-tools-debuginfo-3.79.4-150000.3.93.1
- SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64):
libfreebl3-3.79.4-150000.3.93.1
libfreebl3-debuginfo-3.79.4-150000.3.93.1
libfreebl3-hmac-3.79.4-150000.3.93.1
libsoftokn3-3.79.4-150000.3.93.1
libsoftokn3-debuginfo-3.79.4-150000.3.93.1
libsoftokn3-hmac-3.79.4-150000.3.93.1
mozilla-nss-3.79.4-150000.3.93.1
mozilla-nss-certs-3.79.4-150000.3.93.1
mozilla-nss-certs-debuginfo-3.79.4-150000.3.93.1
mozilla-nss-debuginfo-3.79.4-150000.3.93.1
mozilla-nss-debugsource-3.79.4-150000.3.93.1
mozilla-nss-tools-3.79.4-150000.3.93.1
mozilla-nss-tools-debuginfo-3.79.4-150000.3.93.1
- SUSE Linux Enterprise High Performance Computing 15-SP3-LTSS (aarch64 x86_64):
libfreebl3-3.79.4-150000.3.93.1
libfreebl3-debuginfo-3.79.4-150000.3.93.1
libfreebl3-hmac-3.79.4-150000.3.93.1
libsoftokn3-3.79.4-150000.3.93.1
libsoftokn3-debuginfo-3.79.4-150000.3.93.1
libsoftokn3-hmac-3.79.4-150000.3.93.1
mozilla-nss-3.79.4-150000.3.93.1
mozilla-nss-certs-3.79.4-150000.3.93.1
mozilla-nss-certs-debuginfo-3.79.4-150000.3.93.1
mozilla-nss-debuginfo-3.79.4-150000.3.93.1
mozilla-nss-debugsource-3.79.4-150000.3.93.1
mozilla-nss-devel-3.79.4-150000.3.93.1
mozilla-nss-sysinit-3.79.4-150000.3.93.1
mozilla-nss-sysinit-debuginfo-3.79.4-150000.3.93.1
mozilla-nss-tools-3.79.4-150000.3.93.1
mozilla-nss-tools-debuginfo-3.79.4-150000.3.93.1
- SUSE Linux Enterprise High Performance Computing 15-SP3-LTSS (x86_64):
libfreebl3-32bit-3.79.4-150000.3.93.1
libfreebl3-32bit-debuginfo-3.79.4-150000.3.93.1
libfreebl3-hmac-32bit-3.79.4-150000.3.93.1
libsoftokn3-32bit-3.79.4-150000.3.93.1
libsoftokn3-32bit-debuginfo-3.79.4-150000.3.93.1
libsoftokn3-hmac-32bit-3.79.4-150000.3.93.1
mozilla-nss-32bit-3.79.4-150000.3.93.1
mozilla-nss-32bit-debuginfo-3.79.4-150000.3.93.1
mozilla-nss-certs-32bit-3.79.4-150000.3.93.1
mozilla-nss-certs-32bit-debuginfo-3.79.4-150000.3.93.1
mozilla-nss-sysinit-32bit-3.79.4-150000.3.93.1
mozilla-nss-sysinit-32bit-debuginfo-3.79.4-150000.3.93.1
- SUSE Linux Enterprise High Performance Computing 15-SP3-ESPOS (aarch64 x86_64):
libfreebl3-3.79.4-150000.3.93.1
libfreebl3-debuginfo-3.79.4-150000.3.93.1
libfreebl3-hmac-3.79.4-150000.3.93.1
libsoftokn3-3.79.4-150000.3.93.1
libsoftokn3-debuginfo-3.79.4-150000.3.93.1
libsoftokn3-hmac-3.79.4-150000.3.93.1
mozilla-nss-3.79.4-150000.3.93.1
mozilla-nss-certs-3.79.4-150000.3.93.1
mozilla-nss-certs-debuginfo-3.79.4-150000.3.93.1
mozilla-nss-debuginfo-3.79.4-150000.3.93.1
mozilla-nss-debugsource-3.79.4-150000.3.93.1
mozilla-nss-devel-3.79.4-150000.3.93.1
mozilla-nss-sysinit-3.79.4-150000.3.93.1
mozilla-nss-sysinit-debuginfo-3.79.4-150000.3.93.1
mozilla-nss-tools-3.79.4-150000.3.93.1
mozilla-nss-tools-debuginfo-3.79.4-150000.3.93.1
- SUSE Linux Enterprise High Performance Computing 15-SP3-ESPOS (x86_64):
libfreebl3-32bit-3.79.4-150000.3.93.1
libfreebl3-32bit-debuginfo-3.79.4-150000.3.93.1
libfreebl3-hmac-32bit-3.79.4-150000.3.93.1
libsoftokn3-32bit-3.79.4-150000.3.93.1
libsoftokn3-32bit-debuginfo-3.79.4-150000.3.93.1
libsoftokn3-hmac-32bit-3.79.4-150000.3.93.1
mozilla-nss-32bit-3.79.4-150000.3.93.1
mozilla-nss-32bit-debuginfo-3.79.4-150000.3.93.1
mozilla-nss-certs-32bit-3.79.4-150000.3.93.1
mozilla-nss-certs-32bit-debuginfo-3.79.4-150000.3.93.1
mozilla-nss-sysinit-32bit-3.79.4-150000.3.93.1
mozilla-nss-sysinit-32bit-debuginfo-3.79.4-150000.3.93.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64):
libfreebl3-3.79.4-150000.3.93.1
libfreebl3-debuginfo-3.79.4-150000.3.93.1
libfreebl3-hmac-3.79.4-150000.3.93.1
libsoftokn3-3.79.4-150000.3.93.1
libsoftokn3-debuginfo-3.79.4-150000.3.93.1
libsoftokn3-hmac-3.79.4-150000.3.93.1
mozilla-nss-3.79.4-150000.3.93.1
mozilla-nss-certs-3.79.4-150000.3.93.1
mozilla-nss-certs-debuginfo-3.79.4-150000.3.93.1
mozilla-nss-debuginfo-3.79.4-150000.3.93.1
mozilla-nss-debugsource-3.79.4-150000.3.93.1
mozilla-nss-devel-3.79.4-150000.3.93.1
mozilla-nss-sysinit-3.79.4-150000.3.93.1
mozilla-nss-sysinit-debuginfo-3.79.4-150000.3.93.1
mozilla-nss-tools-3.79.4-150000.3.93.1
mozilla-nss-tools-debuginfo-3.79.4-150000.3.93.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (x86_64):
libfreebl3-32bit-3.79.4-150000.3.93.1
libfreebl3-32bit-debuginfo-3.79.4-150000.3.93.1
libfreebl3-hmac-32bit-3.79.4-150000.3.93.1
libsoftokn3-32bit-3.79.4-150000.3.93.1
libsoftokn3-32bit-debuginfo-3.79.4-150000.3.93.1
libsoftokn3-hmac-32bit-3.79.4-150000.3.93.1
mozilla-nss-32bit-3.79.4-150000.3.93.1
mozilla-nss-32bit-debuginfo-3.79.4-150000.3.93.1
mozilla-nss-certs-32bit-3.79.4-150000.3.93.1
mozilla-nss-certs-32bit-debuginfo-3.79.4-150000.3.93.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (aarch64 x86_64):
libfreebl3-3.79.4-150000.3.93.1
libfreebl3-debuginfo-3.79.4-150000.3.93.1
libfreebl3-hmac-3.79.4-150000.3.93.1
libsoftokn3-3.79.4-150000.3.93.1
libsoftokn3-debuginfo-3.79.4-150000.3.93.1
libsoftokn3-hmac-3.79.4-150000.3.93.1
mozilla-nss-3.79.4-150000.3.93.1
mozilla-nss-certs-3.79.4-150000.3.93.1
mozilla-nss-certs-debuginfo-3.79.4-150000.3.93.1
mozilla-nss-debuginfo-3.79.4-150000.3.93.1
mozilla-nss-debugsource-3.79.4-150000.3.93.1
mozilla-nss-devel-3.79.4-150000.3.93.1
mozilla-nss-sysinit-3.79.4-150000.3.93.1
mozilla-nss-sysinit-debuginfo-3.79.4-150000.3.93.1
mozilla-nss-tools-3.79.4-150000.3.93.1
mozilla-nss-tools-debuginfo-3.79.4-150000.3.93.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (x86_64):
libfreebl3-32bit-3.79.4-150000.3.93.1
libfreebl3-32bit-debuginfo-3.79.4-150000.3.93.1
libfreebl3-hmac-32bit-3.79.4-150000.3.93.1
libsoftokn3-32bit-3.79.4-150000.3.93.1
libsoftokn3-32bit-debuginfo-3.79.4-150000.3.93.1
libsoftokn3-hmac-32bit-3.79.4-150000.3.93.1
mozilla-nss-32bit-3.79.4-150000.3.93.1
mozilla-nss-32bit-debuginfo-3.79.4-150000.3.93.1
mozilla-nss-certs-32bit-3.79.4-150000.3.93.1
mozilla-nss-certs-32bit-debuginfo-3.79.4-150000.3.93.1
- SUSE Enterprise Storage 7.1 (aarch64 x86_64):
libfreebl3-3.79.4-150000.3.93.1
libfreebl3-debuginfo-3.79.4-150000.3.93.1
libfreebl3-hmac-3.79.4-150000.3.93.1
libsoftokn3-3.79.4-150000.3.93.1
libsoftokn3-debuginfo-3.79.4-150000.3.93.1
libsoftokn3-hmac-3.79.4-150000.3.93.1
mozilla-nss-3.79.4-150000.3.93.1
mozilla-nss-certs-3.79.4-150000.3.93.1
mozilla-nss-certs-debuginfo-3.79.4-150000.3.93.1
mozilla-nss-debuginfo-3.79.4-150000.3.93.1
mozilla-nss-debugsource-3.79.4-150000.3.93.1
mozilla-nss-devel-3.79.4-150000.3.93.1
mozilla-nss-sysinit-3.79.4-150000.3.93.1
mozilla-nss-sysinit-debuginfo-3.79.4-150000.3.93.1
mozilla-nss-tools-3.79.4-150000.3.93.1
mozilla-nss-tools-debuginfo-3.79.4-150000.3.93.1
- SUSE Enterprise Storage 7.1 (x86_64):
libfreebl3-32bit-3.79.4-150000.3.93.1
libfreebl3-32bit-debuginfo-3.79.4-150000.3.93.1
libfreebl3-hmac-32bit-3.79.4-150000.3.93.1
libsoftokn3-32bit-3.79.4-150000.3.93.1
libsoftokn3-32bit-debuginfo-3.79.4-150000.3.93.1
libsoftokn3-hmac-32bit-3.79.4-150000.3.93.1
mozilla-nss-32bit-3.79.4-150000.3.93.1
mozilla-nss-32bit-debuginfo-3.79.4-150000.3.93.1
mozilla-nss-certs-32bit-3.79.4-150000.3.93.1
mozilla-nss-certs-32bit-debuginfo-3.79.4-150000.3.93.1
mozilla-nss-sysinit-32bit-3.79.4-150000.3.93.1
mozilla-nss-sysinit-32bit-debuginfo-3.79.4-150000.3.93.1
- SUSE Enterprise Storage 7 (aarch64 x86_64):
libfreebl3-3.79.4-150000.3.93.1
libfreebl3-debuginfo-3.79.4-150000.3.93.1
libfreebl3-hmac-3.79.4-150000.3.93.1
libsoftokn3-3.79.4-150000.3.93.1
libsoftokn3-debuginfo-3.79.4-150000.3.93.1
libsoftokn3-hmac-3.79.4-150000.3.93.1
mozilla-nss-3.79.4-150000.3.93.1
mozilla-nss-certs-3.79.4-150000.3.93.1
mozilla-nss-certs-debuginfo-3.79.4-150000.3.93.1
mozilla-nss-debuginfo-3.79.4-150000.3.93.1
mozilla-nss-debugsource-3.79.4-150000.3.93.1
mozilla-nss-devel-3.79.4-150000.3.93.1
mozilla-nss-sysinit-3.79.4-150000.3.93.1
mozilla-nss-sysinit-debuginfo-3.79.4-150000.3.93.1
mozilla-nss-tools-3.79.4-150000.3.93.1
mozilla-nss-tools-debuginfo-3.79.4-150000.3.93.1
- SUSE Enterprise Storage 7 (x86_64):
libfreebl3-32bit-3.79.4-150000.3.93.1
libfreebl3-32bit-debuginfo-3.79.4-150000.3.93.1
libfreebl3-hmac-32bit-3.79.4-150000.3.93.1
libsoftokn3-32bit-3.79.4-150000.3.93.1
libsoftokn3-32bit-debuginfo-3.79.4-150000.3.93.1
libsoftokn3-hmac-32bit-3.79.4-150000.3.93.1
mozilla-nss-32bit-3.79.4-150000.3.93.1
mozilla-nss-32bit-debuginfo-3.79.4-150000.3.93.1
mozilla-nss-certs-32bit-3.79.4-150000.3.93.1
mozilla-nss-certs-32bit-debuginfo-3.79.4-150000.3.93.1
- SUSE CaaS Platform 4.0 (x86_64):
libfreebl3-3.79.4-150000.3.93.1
libfreebl3-32bit-3.79.4-150000.3.93.1
libfreebl3-32bit-debuginfo-3.79.4-150000.3.93.1
libfreebl3-debuginfo-3.79.4-150000.3.93.1
libfreebl3-hmac-3.79.4-150000.3.93.1
libfreebl3-hmac-32bit-3.79.4-150000.3.93.1
libsoftokn3-3.79.4-150000.3.93.1
libsoftokn3-32bit-3.79.4-150000.3.93.1
libsoftokn3-32bit-debuginfo-3.79.4-150000.3.93.1
libsoftokn3-debuginfo-3.79.4-150000.3.93.1
libsoftokn3-hmac-3.79.4-150000.3.93.1
libsoftokn3-hmac-32bit-3.79.4-150000.3.93.1
mozilla-nss-3.79.4-150000.3.93.1
mozilla-nss-32bit-3.79.4-150000.3.93.1
mozilla-nss-32bit-debuginfo-3.79.4-150000.3.93.1
mozilla-nss-certs-3.79.4-150000.3.93.1
mozilla-nss-certs-32bit-3.79.4-150000.3.93.1
mozilla-nss-certs-32bit-debuginfo-3.79.4-150000.3.93.1
mozilla-nss-certs-debuginfo-3.79.4-150000.3.93.1
mozilla-nss-debuginfo-3.79.4-150000.3.93.1
mozilla-nss-debugsource-3.79.4-150000.3.93.1
mozilla-nss-devel-3.79.4-150000.3.93.1
mozilla-nss-sysinit-3.79.4-150000.3.93.1
mozilla-nss-sysinit-debuginfo-3.79.4-150000.3.93.1
mozilla-nss-tools-3.79.4-150000.3.93.1
mozilla-nss-tools-debuginfo-3.79.4-150000.3.93.1
References:
https://www.suse.com/security/cve/CVE-2023-0767.html
https://bugzilla.suse.com/1208138
1
0
SUSE-SU-2023:0444-1: important: Security update for rubygem-actionpack-5_1
by opensuse-security@opensuse.org 17 Feb '23
by opensuse-security@opensuse.org 17 Feb '23
17 Feb '23
SUSE Security Update: Security update for rubygem-actionpack-5_1
______________________________________________________________________________
Announcement ID: SUSE-SU-2023:0444-1
Rating: important
References: #1207451 #1207455
Cross-References: CVE-2023-22792 CVE-2023-22795
CVSS scores:
CVE-2023-22792 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2023-22795 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products:
SUSE Linux Enterprise High Availability 15-SP1
SUSE Linux Enterprise High Availability 15-SP2
SUSE Linux Enterprise High Availability 15-SP3
SUSE Linux Enterprise High Availability 15-SP4
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for rubygem-actionpack-5_1 fixes the following issues:
- CVE-2023-22795: Fixed ReDoS in Action Dispatch cache (bsc#1207451).
- CVE-2023-22792: Fixed ReDoS in Action Dispatch cookies (bnc#1207455).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2023-444=1
- SUSE Linux Enterprise High Availability 15-SP4:
zypper in -t patch SUSE-SLE-Product-HA-15-SP4-2023-444=1
- SUSE Linux Enterprise High Availability 15-SP3:
zypper in -t patch SUSE-SLE-Product-HA-15-SP3-2023-444=1
- SUSE Linux Enterprise High Availability 15-SP2:
zypper in -t patch SUSE-SLE-Product-HA-15-SP2-2023-444=1
- SUSE Linux Enterprise High Availability 15-SP1:
zypper in -t patch SUSE-SLE-Product-HA-15-SP1-2023-444=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
ruby2.5-rubygem-actionpack-5_1-5.1.4-150000.3.15.1
ruby2.5-rubygem-actionpack-doc-5_1-5.1.4-150000.3.15.1
- SUSE Linux Enterprise High Availability 15-SP4 (aarch64 ppc64le s390x x86_64):
ruby2.5-rubygem-actionpack-5_1-5.1.4-150000.3.15.1
- SUSE Linux Enterprise High Availability 15-SP3 (aarch64 ppc64le s390x x86_64):
ruby2.5-rubygem-actionpack-5_1-5.1.4-150000.3.15.1
- SUSE Linux Enterprise High Availability 15-SP2 (aarch64 ppc64le s390x x86_64):
ruby2.5-rubygem-actionpack-5_1-5.1.4-150000.3.15.1
- SUSE Linux Enterprise High Availability 15-SP1 (aarch64 ppc64le s390x x86_64):
ruby2.5-rubygem-actionpack-5_1-5.1.4-150000.3.15.1
References:
https://www.suse.com/security/cve/CVE-2023-22792.html
https://www.suse.com/security/cve/CVE-2023-22795.html
https://bugzilla.suse.com/1207451
https://bugzilla.suse.com/1207455
1
0
SUSE-SU-2023:0435-1: moderate: Security update for java-17-openjdk
by opensuse-security@opensuse.org 16 Feb '23
by opensuse-security@opensuse.org 16 Feb '23
16 Feb '23
SUSE Security Update: Security update for java-17-openjdk
______________________________________________________________________________
Announcement ID: SUSE-SU-2023:0435-1
Rating: moderate
References: #1205916 #1207246 #1207248
Cross-References: CVE-2023-21835 CVE-2023-21843
CVSS scores:
CVE-2023-21835 (NVD) : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2023-21835 (SUSE): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2023-21843 (NVD) : 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
CVE-2023-21843 (SUSE): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
Affected Products:
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that solves two vulnerabilities and has one
errata is now available.
Description:
This update for java-17-openjdk fixes the following issues:
Updated to version jdk-17.0.6.0+10:
- CVE-2023-21835: Fixed handshake DoS attack against DTLS connections
(bsc#1207246).
- CVE-2023-21843: Fixed soundbank URL remote loading (bsc#1207248).
Bugfixes:
- Avoid calling C_GetInfo() too early, before cryptoki is initialized
(bsc#1205916).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2023-435=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2023-435=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
java-17-openjdk-17.0.6.0-150400.3.12.1
java-17-openjdk-accessibility-17.0.6.0-150400.3.12.1
java-17-openjdk-accessibility-debuginfo-17.0.6.0-150400.3.12.1
java-17-openjdk-debuginfo-17.0.6.0-150400.3.12.1
java-17-openjdk-debugsource-17.0.6.0-150400.3.12.1
java-17-openjdk-demo-17.0.6.0-150400.3.12.1
java-17-openjdk-devel-17.0.6.0-150400.3.12.1
java-17-openjdk-devel-debuginfo-17.0.6.0-150400.3.12.1
java-17-openjdk-headless-17.0.6.0-150400.3.12.1
java-17-openjdk-headless-debuginfo-17.0.6.0-150400.3.12.1
java-17-openjdk-jmods-17.0.6.0-150400.3.12.1
java-17-openjdk-src-17.0.6.0-150400.3.12.1
- openSUSE Leap 15.4 (noarch):
java-17-openjdk-javadoc-17.0.6.0-150400.3.12.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64 ppc64le s390x x86_64):
java-17-openjdk-17.0.6.0-150400.3.12.1
java-17-openjdk-debuginfo-17.0.6.0-150400.3.12.1
java-17-openjdk-debugsource-17.0.6.0-150400.3.12.1
java-17-openjdk-demo-17.0.6.0-150400.3.12.1
java-17-openjdk-devel-17.0.6.0-150400.3.12.1
java-17-openjdk-devel-debuginfo-17.0.6.0-150400.3.12.1
java-17-openjdk-headless-17.0.6.0-150400.3.12.1
java-17-openjdk-headless-debuginfo-17.0.6.0-150400.3.12.1
References:
https://www.suse.com/security/cve/CVE-2023-21835.html
https://www.suse.com/security/cve/CVE-2023-21843.html
https://bugzilla.suse.com/1205916
https://bugzilla.suse.com/1207246
https://bugzilla.suse.com/1207248
1
0
SUSE-SU-2023:0434-1: important: Security update for mozilla-nss
by opensuse-security@opensuse.org 16 Feb '23
by opensuse-security@opensuse.org 16 Feb '23
16 Feb '23
SUSE Security Update: Security update for mozilla-nss
______________________________________________________________________________
Announcement ID: SUSE-SU-2023:0434-1
Rating: important
References: #1208138
Cross-References: CVE-2023-0767
CVSS scores:
CVE-2023-0767 (SUSE): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products:
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Micro 5.3
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.3
openSUSE Leap 15.4
openSUSE Leap Micro 5.3
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for mozilla-nss fixes the following issues:
Updated to NSS 3.79.4 (bsc#1208138):
- CVE-2023-0767: Fixed handling of unknown PKCS#12 safe bag types.
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap Micro 5.3:
zypper in -t patch openSUSE-Leap-Micro-5.3-2023-434=1
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2023-434=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2023-434=1
- SUSE Linux Enterprise Micro 5.3:
zypper in -t patch SUSE-SLE-Micro-5.3-2023-434=1
Package List:
- openSUSE Leap Micro 5.3 (aarch64 x86_64):
libfreebl3-3.79.4-150400.3.26.1
libfreebl3-debuginfo-3.79.4-150400.3.26.1
libfreebl3-hmac-3.79.4-150400.3.26.1
libsoftokn3-3.79.4-150400.3.26.1
libsoftokn3-debuginfo-3.79.4-150400.3.26.1
libsoftokn3-hmac-3.79.4-150400.3.26.1
mozilla-nss-3.79.4-150400.3.26.1
mozilla-nss-certs-3.79.4-150400.3.26.1
mozilla-nss-certs-debuginfo-3.79.4-150400.3.26.1
mozilla-nss-debuginfo-3.79.4-150400.3.26.1
mozilla-nss-debugsource-3.79.4-150400.3.26.1
mozilla-nss-tools-3.79.4-150400.3.26.1
mozilla-nss-tools-debuginfo-3.79.4-150400.3.26.1
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
libfreebl3-3.79.4-150400.3.26.1
libfreebl3-debuginfo-3.79.4-150400.3.26.1
libfreebl3-hmac-3.79.4-150400.3.26.1
libsoftokn3-3.79.4-150400.3.26.1
libsoftokn3-debuginfo-3.79.4-150400.3.26.1
libsoftokn3-hmac-3.79.4-150400.3.26.1
mozilla-nss-3.79.4-150400.3.26.1
mozilla-nss-certs-3.79.4-150400.3.26.1
mozilla-nss-certs-debuginfo-3.79.4-150400.3.26.1
mozilla-nss-debuginfo-3.79.4-150400.3.26.1
mozilla-nss-debugsource-3.79.4-150400.3.26.1
mozilla-nss-devel-3.79.4-150400.3.26.1
mozilla-nss-sysinit-3.79.4-150400.3.26.1
mozilla-nss-sysinit-debuginfo-3.79.4-150400.3.26.1
mozilla-nss-tools-3.79.4-150400.3.26.1
mozilla-nss-tools-debuginfo-3.79.4-150400.3.26.1
- openSUSE Leap 15.4 (x86_64):
libfreebl3-32bit-3.79.4-150400.3.26.1
libfreebl3-32bit-debuginfo-3.79.4-150400.3.26.1
libfreebl3-hmac-32bit-3.79.4-150400.3.26.1
libsoftokn3-32bit-3.79.4-150400.3.26.1
libsoftokn3-32bit-debuginfo-3.79.4-150400.3.26.1
libsoftokn3-hmac-32bit-3.79.4-150400.3.26.1
mozilla-nss-32bit-3.79.4-150400.3.26.1
mozilla-nss-32bit-debuginfo-3.79.4-150400.3.26.1
mozilla-nss-certs-32bit-3.79.4-150400.3.26.1
mozilla-nss-certs-32bit-debuginfo-3.79.4-150400.3.26.1
mozilla-nss-sysinit-32bit-3.79.4-150400.3.26.1
mozilla-nss-sysinit-32bit-debuginfo-3.79.4-150400.3.26.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64 ppc64le s390x x86_64):
libfreebl3-3.79.4-150400.3.26.1
libfreebl3-debuginfo-3.79.4-150400.3.26.1
libfreebl3-hmac-3.79.4-150400.3.26.1
libsoftokn3-3.79.4-150400.3.26.1
libsoftokn3-debuginfo-3.79.4-150400.3.26.1
libsoftokn3-hmac-3.79.4-150400.3.26.1
mozilla-nss-3.79.4-150400.3.26.1
mozilla-nss-certs-3.79.4-150400.3.26.1
mozilla-nss-certs-debuginfo-3.79.4-150400.3.26.1
mozilla-nss-debuginfo-3.79.4-150400.3.26.1
mozilla-nss-debugsource-3.79.4-150400.3.26.1
mozilla-nss-devel-3.79.4-150400.3.26.1
mozilla-nss-sysinit-3.79.4-150400.3.26.1
mozilla-nss-sysinit-debuginfo-3.79.4-150400.3.26.1
mozilla-nss-tools-3.79.4-150400.3.26.1
mozilla-nss-tools-debuginfo-3.79.4-150400.3.26.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (x86_64):
libfreebl3-32bit-3.79.4-150400.3.26.1
libfreebl3-32bit-debuginfo-3.79.4-150400.3.26.1
libfreebl3-hmac-32bit-3.79.4-150400.3.26.1
libsoftokn3-32bit-3.79.4-150400.3.26.1
libsoftokn3-32bit-debuginfo-3.79.4-150400.3.26.1
libsoftokn3-hmac-32bit-3.79.4-150400.3.26.1
mozilla-nss-32bit-3.79.4-150400.3.26.1
mozilla-nss-32bit-debuginfo-3.79.4-150400.3.26.1
mozilla-nss-certs-32bit-3.79.4-150400.3.26.1
mozilla-nss-certs-32bit-debuginfo-3.79.4-150400.3.26.1
- SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64):
libfreebl3-3.79.4-150400.3.26.1
libfreebl3-debuginfo-3.79.4-150400.3.26.1
libfreebl3-hmac-3.79.4-150400.3.26.1
libsoftokn3-3.79.4-150400.3.26.1
libsoftokn3-debuginfo-3.79.4-150400.3.26.1
libsoftokn3-hmac-3.79.4-150400.3.26.1
mozilla-nss-3.79.4-150400.3.26.1
mozilla-nss-certs-3.79.4-150400.3.26.1
mozilla-nss-certs-debuginfo-3.79.4-150400.3.26.1
mozilla-nss-debuginfo-3.79.4-150400.3.26.1
mozilla-nss-debugsource-3.79.4-150400.3.26.1
mozilla-nss-tools-3.79.4-150400.3.26.1
mozilla-nss-tools-debuginfo-3.79.4-150400.3.26.1
References:
https://www.suse.com/security/cve/CVE-2023-0767.html
https://bugzilla.suse.com/1208138
1
0
SUSE-SU-2023:0433-1: important: Security update for the Linux Kernel
by opensuse-security@opensuse.org 16 Feb '23
by opensuse-security@opensuse.org 16 Feb '23
16 Feb '23
SUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________
Announcement ID: SUSE-SU-2023:0433-1
Rating: important
References: #1065729 #1185861 #1185863 #1186449 #1191256
#1192868 #1193629 #1194869 #1195175 #1195655
#1196058 #1199701 #1204063 #1204356 #1204662
#1205495 #1206006 #1206036 #1206056 #1206057
#1206258 #1206363 #1206459 #1206616 #1206677
#1206784 #1207010 #1207034 #1207036 #1207050
#1207125 #1207134 #1207149 #1207158 #1207184
#1207186 #1207190 #1207237 #1207263 #1207269
#1207497 #1207500 #1207501 #1207506 #1207507
#1207734 #1207769 #1207795 #1207842 #1207878
#1207933 SLE-21132 SLE-24682
Cross-References: CVE-2020-24588 CVE-2022-4382 CVE-2022-47929
CVE-2023-0122 CVE-2023-0179 CVE-2023-0266
CVE-2023-0590 CVE-2023-23454 CVE-2023-23455
CVSS scores:
CVE-2020-24588 (NVD) : 3.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
CVE-2020-24588 (SUSE): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
CVE-2022-4382 (NVD) : 6.4 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-4382 (SUSE): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-47929 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-47929 (SUSE): 4.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H
CVE-2023-0122 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2023-0122 (SUSE): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2023-0179 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2023-0266 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2023-0266 (SUSE): 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2023-0590 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2023-23454 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2023-23454 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2023-23455 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2023-23455 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products:
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Availability 15-SP4
SUSE Linux Enterprise High Performance Computing
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Micro 5.3
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Module for Development Tools 15-SP4
SUSE Linux Enterprise Module for Legacy Software 15-SP4
SUSE Linux Enterprise Module for Live Patching 15-SP4
SUSE Linux Enterprise Server
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Linux Enterprise Workstation Extension 15-SP4
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.3
openSUSE Leap 15.4
openSUSE Leap Micro 5.3
______________________________________________________________________________
An update that solves 9 vulnerabilities, contains two
features and has 42 fixes is now available.
Description:
The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various
security and bugfixes.
The following security bugs were fixed:
- CVE-2023-23455: Fixed a denial of service inside atm_tc_enqueue in
net/sched/sch_atm.c because of type confusion (non-negative numbers can
sometimes indicate a TC_ACT_SHOT condition rather than valid
classification results) (bsc#1207125).
- CVE-2023-23454: Fixed denial or service in cbq_classify in
net/sched/sch_cbq.c (bnc#1207036).
- CVE-2023-0590: Fixed race condition in qdisc_graft() (bsc#1207795).
- CVE-2023-0266: Fixed a use-after-free vulnerability inside the ALSA PCM
package. SNDRV_CTL_IOCTL_ELEM_{READ|WRITE}32 was missing locks that
could have been used in a use-after-free that could have resulted in a
priviledge escalation to gain ring0 access from the system user
(bsc#1207134).
- CVE-2023-0179: Fixed incorrect arithmetics when fetching VLAN header
bits (bsc#1207034).
- CVE-2023-0122: Fixed a NULL pointer dereference vulnerability in
nvmet_setup_auth(), that allowed an attacker to perform a Pre-Auth
Denial of Service (DoS) attack on a remote machine (bnc#1207050).
- CVE-2022-4382: Fixed a use-after-free flaw that was caused by a race
condition among the superblock operations inside the gadgetfs code
(bsc#1206258).
- CVE-2020-24588: Fixed injection of arbitrary network packets against
devices that support receiving non-SSP A-MSDU frames (which is mandatory
as part of 802.11n) (bsc#1199701).
The following non-security bugs were fixed:
- ACPI: EC: Fix EC address space handler unregistration (bsc#1207149).
- ACPI: EC: Fix ECDT probe ordering issues (bsc#1207149).
- ACPI: PRM: Check whether EFI runtime is available (git-fixes).
- ACPICA: Allow address_space_handler Install and _REG execution as 2
separate steps (bsc#1207149).
- ACPICA: include/acpi/acpixf.h: Fix indentation (bsc#1207149).
- ALSA: control-led: use strscpy in set_led_id() (git-fixes).
- ALSA: hda - Enable headset mic on another Dell laptop with ALC3254
(git-fixes).
- ALSA: hda/hdmi: Add a HP device 0x8715 to force connect list (git-fixes).
- ALSA: hda/realtek - Turn on power early (git-fixes).
- ALSA: hda/realtek: Add Acer Predator PH315-54 (git-fixes).
- ALSA: hda/realtek: Enable mute/micmute LEDs on HP Spectre x360 13-aw0xxx
(git-fixes).
- ALSA: hda/realtek: fix mute/micmute LEDs do not work for a HP platform
(git-fixes).
- ALSA: hda/realtek: fix mute/micmute LEDs for a HP ProBook (git-fixes).
- ALSA: hda/realtek: fix mute/micmute LEDs, speaker do not work for a HP
platform (git-fixes).
- ALSA: hda/via: Avoid potential array out-of-bound in
add_secret_dac_path() (git-fixes).
- ALSA: hda: cs35l41: Check runtime suspend capability at runtime_idle
(git-fixes).
- ALSA: hda: cs35l41: Do not return -EINVAL from system suspend/resume
(git-fixes).
- ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF
(git-fixes).
- ALSA: usb-audio: Make sure to stop endpoints before closing EPs
(git-fixes).
- ALSA: usb-audio: Relax hw constraints for implicit fb sync (git-fixes).
- ARM: dts: at91: sam9x60: fix the ddr clock for sam9x60 (git-fixes).
- ARM: dts: imx6qdl-gw560x: Remove incorrect 'uart-has-rtscts' (git-fixes).
- ARM: dts: imx6ul-pico-dwarf: Use 'clock-frequency' (git-fixes).
- ARM: dts: imx7d-pico: Use 'clock-frequency' (git-fixes).
- ARM: dts: imx: Fix pca9547 i2c-mux node name (git-fixes).
- ARM: dts: vf610: Fix pca9548 i2c-mux node names (git-fixes).
- ARM: imx: add missing of_node_put() (git-fixes).
- ASoC: Intel: bytcr_rt5651: Drop reference count of ACPI device after use
(git-fixes).
- ASoC: Intel: bytcr_wm5102: Drop reference count of ACPI device after use
(git-fixes).
- ASoC: fsl-asoc-card: Fix naming of AC'97 CODEC widgets (git-fixes).
- ASoC: fsl_micfil: Correct the number of steps on SX controls (git-fixes).
- ASoC: fsl_ssi: Rename AC'97 streams to avoid collisions with AC'97 CODEC
(git-fixes).
- ASoC: qcom: lpass-cpu: Fix fallback SD line index handling (git-fixes).
- ASoC: wm8904: fix wrong outputs volume after power reactivation
(git-fixes).
- Bluetooth: Fix possible deadlock in rfcomm_sk_state_change (git-fixes).
- Bluetooth: hci_qca: Fix driver shutdown on closed serdev (git-fixes).
- Documentation: Remove bogus claim about del_timer_sync() (git-fixes).
- HID: betop: check shape of output reports (git-fixes).
- HID: betop: check shape of output reports (git-fixes, bsc#1207186).
- HID: check empty report_list in bigben_probe() (git-fixes).
- HID: check empty report_list in hid_validate_values() (git-fixes).
- HID: drop assumptions on non-empty lists (git-fixes, bsc#1206784).
- HID: intel_ish-hid: Add check for ishtp_dma_tx_map (git-fixes).
- HID: playstation: sanity check DualSense calibration data (git-fixes).
- HID: revert CHERRY_MOUSE_000C quirk (git-fixes).
- IB/hfi1: Fix expected receive setup error exit issues (git-fixes)
- IB/hfi1: Immediately remove invalid memory from hardware (git-fixes)
- IB/hfi1: Reject a zero-length user expected buffer (git-fixes)
- IB/hfi1: Remove user expected buffer invalidate race (git-fixes)
- IB/hfi1: Reserve user expected TIDs (git-fixes)
- IB/mad: Do not call to function that might sleep while in atomic context
(git-fixes).
- KVM: x86: Check for existing Hyper-V vCPU in kvm_hv_vcpu_init()
(bsc#1206616).
- PCI/PM: Define pci_restore_standard_config() only for CONFIG_PM_SLEEP
(bsc#1207269).
- PM: AVS: qcom-cpr: Fix an error handling path in cpr_probe() (git-fixes).
- RDMA/core: Fix ib block iterator counter overflow (bsc#1207878).
- RDMA/core: Fix ib block iterator counter overflow (git-fixes)
- RDMA/mlx5: Fix mlx5_ib_get_hw_stats when used for device (git-fixes)
- RDMA/mlx5: Fix validation of max_rd_atomic caps for DC (git-fixes)
- RDMA/rxe: Prevent faulty rkey generation (git-fixes)
- RDMA/srp: Move large values to a new enum for gcc13 (git-fixes)
- Revert "ARM: dts: armada-38x: Fix compatible string for gpios"
(git-fixes).
- Revert "ARM: dts: armada-39x: Fix compatible string for gpios"
(git-fixes).
- Revert "Input: synaptics - switch touchpad on HP Laptop 15-da3001TU to
RMI mode" (git-fixes).
- Revert "Revert "block, bfq: honor already-setup queue merges""
(git-fixes).
- Revert "arm64: dts: meson-sm1-odroid-hc4: disable unused USB PHY0"
(git-fixes).
- Revert "wifi: mac80211: fix memory leak in ieee80211_if_add()"
(git-fixes).
- SUNRPC: Do not dereference xprt->snd_task if it's a cookie (git-fixes).
- SUNRPC: Use BIT() macro in rpc_show_xprt_state() (git-fixes).
- USB: gadget: Fix use-after-free during usb config switch (git-fixes).
- USB: misc: iowarrior: fix up header size for
USB_DEVICE_ID_CODEMERCS_IOW100 (git-fixes).
- USB: serial: cp210x: add SCALANCE LPE-9000 device id (git-fixes).
- USB: serial: option: add Quectel EC200U modem (git-fixes).
- USB: serial: option: add Quectel EM05-G (CS) modem (git-fixes).
- USB: serial: option: add Quectel EM05-G (GR) modem (git-fixes).
- USB: serial: option: add Quectel EM05-G (RS) modem (git-fixes).
- USB: serial: option: add Quectel EM05CN (SG) modem (git-fixes).
- USB: serial: option: add Quectel EM05CN modem (git-fixes).
- VMCI: Use threaded irqs instead of tasklets (git-fixes).
- arm64: atomics: format whitespace consistently (git-fixes).
- arm64: dts: imx8mm-beacon: Fix ecspi2 pinmux (git-fixes).
- arm64: dts: imx8mm-venice-gw7901: fix USB2 controller OC polarity
(git-fixes).
- arm64: dts: imx8mm: Fix pad control for UART1_DTE_RX (git-fixes).
- arm64: dts: imx8mq-thor96: fix no-mmc property for SDHCI (git-fixes).
- arm64: dts: qcom: msm8992-libra: Add CPU regulators (git-fixes).
- arm64: dts: qcom: msm8992-libra: Fix the memory map (git-fixes).
- arm64: dts: qcom: msm8992: Do not use sfpb mutex (git-fixes).
- arm64: efi: Execute runtime services from a dedicated stack (git-fixes).
- ata: libata: Fix sata_down_spd_limit() when no link speed is reported
(git-fixes).
- ath11k: Fix unexpected return buffer manager error for QCA6390
(git-fixes).
- bcache: fix set_at_max_writeback_rate() for multiple attached devices
(git-fixes).
- bfq: fix use-after-free in bfq_dispatch_request (git-fixes).
- bfq: fix waker_bfqq inconsistency crash (git-fixes).
- blk-throttle: prevent overflow while calculating wait time (git-fixes).
- blk-wbt: fix that 'rwb->wc' is always set to 1 in wbt_init() (git-fixes).
- blktrace: Fix output non-blktrace event when blk_classic option enabled
(git-fixes).
- block, bfq: do not move oom_bfqq (git-fixes).
- block, bfq: fix null pointer dereference in bfq_bio_bfqg() (git-fixes).
- block, bfq: fix possible uaf for 'bfqq->bic' (git-fixes).
- block, bfq: fix uaf for bfqq in bfq_exit_icq_bfqq (git-fixes).
- block, bfq: protect 'bfqd->queued' by 'bfqd->lock' (git-fixes).
- block/bfq_wf2q: correct weight to ioprio (git-fixes).
- block/bio: remove duplicate append pages code (git-fixes).
- block: check minor range in device_add_disk() (git-fixes).
- block: ensure iov_iter advances for added pages (git-fixes).
- block: fix infinite loop for invalid zone append (git-fixes).
- block: mq-deadline: Fix dd_finish_request() for zoned devices
(git-fixes).
- block: use bdev_get_queue() in bio.c (git-fixes).
- bnx2x: fix pci device refcount leak in bnx2x_vf_is_pcie_pending()
(git-fixes).
- bnxt_en: Fix possible crash in bnxt_hwrm_set_coal() (git-fixes).
- bnxt_en: Remove debugfs when pci_register_driver failed (git-fixes).
- bnxt_en: add dynamic debug support for HWRM messages (git-fixes).
- bnxt_en: fix potentially incorrect return value for ndo_rx_flow_steer
(git-fixes).
- bnxt_en: fix the handling of PCIE-AER (git-fixes).
- bnxt_en: refactor bnxt_cancel_reservations() (git-fixes).
- btrfs: add helper to delete a dir entry from a log tree (bsc#1207263).
- btrfs: avoid inode logging during rename and link when possible
(bsc#1207263).
- btrfs: avoid logging all directory changes during renames (bsc#1207263).
- btrfs: backport recent fixes for send/receive into SLE15 SP4/SP5
(bsc#1206036 bsc#1207500 ltc#201363).
- btrfs: do not log unnecessary boundary keys when logging directory
(bsc#1207263).
- btrfs: fix assertion failure when logging directory key range item
(bsc#1207263).
- btrfs: fix processing of delayed data refs during backref walking
(bsc#1206056 bsc#1207507 ltc#201367).
- btrfs: fix processing of delayed tree block refs during backref walking
(bsc#1206057 bsc#1207506 ltc#201368).
- btrfs: fix race between quota enable and quota rescan ioctl
(bsc#1207158).
- btrfs: fix race between quota rescan and disable leading to NULL pointer
deref (bsc#1207158).
- btrfs: fix trace event name typo for FLUSH_DELAYED_REFS (git-fixes).
- btrfs: join running log transaction when logging new name (bsc#1207263).
- btrfs: move QUOTA_ENABLED check to rescan_should_stop from
btrfs_qgroup_rescan_worker (bsc#1207158).
- btrfs: pass the dentry to btrfs_log_new_name() instead of the inode
(bsc#1207263).
- btrfs: prepare extents to be logged before locking a log tree path
(bsc#1207263).
- btrfs: put initial index value of a directory in a constant
(bsc#1207263).
- btrfs: qgroup: remove duplicated check in adding qgroup relations
(bsc#1207158).
- btrfs: qgroup: remove outdated TODO comments (bsc#1207158).
- btrfs: remove unnecessary NULL check for the new inode during rename
exchange (bsc#1207263).
- btrfs: remove useless path release in the fast fsync path (bsc#1207263).
- btrfs: remove write and wait of struct walk_control (bsc#1207263).
- btrfs: stop copying old dir items when logging a directory (bsc#1207263).
- btrfs: stop doing unnecessary log updates during a rename (bsc#1207263).
- btrfs: stop trying to log subdirectories created in past transactions
(bsc#1207263).
- btrfs: use single variable to track return value at btrfs_log_inode()
(bsc#1207263).
- bus: sunxi-rsb: Fix error handling in sunxi_rsb_init() (git-fixes).
- can: j1939: fix errant WARN_ON_ONCE in j1939_session_deactivate
(git-fixes).
- cifs: Fix uninitialized memory read for smb311 posix symlink create
(git-fixes).
- cifs: avoid re-lookups in dfs_cache_find() (bsc#1193629).
- cifs: do not include page data when checking signature (git-fixes).
- cifs: do not query ifaces on smb1 mounts (git-fixes).
- cifs: don't take exclusive lock for updating target hints (bsc#1193629).
- cifs: fix double free on failed kerberos auth (git-fixes).
- cifs: fix file info setting in cifs_open_file() (git-fixes).
- cifs: fix file info setting in cifs_query_path_info() (git-fixes).
- cifs: fix potential deadlock in cache_refresh_path() (git-fixes).
- cifs: fix potential memory leaks in session setup (bsc#1193629).
- cifs: fix race in assemble_neg_contexts() (bsc#1193629).
- cifs: fix return of uninitialized rc in dfs_cache_update_tgthint()
(bsc#1193629).
- cifs: handle cache lookup errors different than -ENOENT (bsc#1193629).
- cifs: ignore ipc reconnect failures during dfs failover (bsc#1193629).
- cifs: protect access of TCP_Server_Info::{dstaddr,hostname}
(bsc#1193629).
- cifs: remove duplicate code in __refresh_tcon() (bsc#1193629).
- cifs: remove redundant assignment to the variable match (bsc#1193629).
- cifs: remove unused function (bsc#1193629).
- comedi: adv_pci1760: Fix PWM instruction handling (git-fixes).
- config: arm64: Fix Freescale LPUART dependency (boo#1204063).
- cpufreq: Add Tegra234 to cpufreq-dt-platdev blocklist (git-fixes).
- cpufreq: armada-37xx: stop using 0 as NULL pointer (git-fixes).
- crypto: fixed DH and ECDH implemention for FIPS PCT
(jsc#SLE-21132,bsc#1191256,bsc#1207184).
- dm btree: add a defensive bounds check to insert_at() (git-fixes).
- dm cache: Fix ABBA deadlock between shrink_slab and
dm_cache_metadata_abort (git-fixes).
- dm cache: Fix UAF in destroy() (git-fixes).
- dm cache: set needs_check flag after aborting metadata (git-fixes).
- dm clone: Fix UAF in clone_dtr() (git-fixes).
- dm integrity: Fix UAF in dm_integrity_dtr() (git-fixes).
- dm integrity: clear the journal on suspend (git-fixes).
- dm integrity: flush the journal on suspend (git-fixes).
- dm ioctl: fix misbehavior if list_versions races with module loading
(git-fixes).
- dm ioctl: prevent potential spectre v1 gadget (git-fixes).
- dm raid: fix address sanitizer warning in raid_resume (git-fixes).
- dm raid: fix address sanitizer warning in raid_status (git-fixes).
- dm space map common: add bounds check to sm_ll_lookup_bitmap()
(git-fixes).
- dm thin: Fix ABBA deadlock between shrink_slab and
dm_pool_abort_metadata (git-fixes).
- dm thin: Fix UAF in run_timer_softirq() (git-fixes).
- dm thin: Use last transaction's pmd->root when commit failed (git-fixes).
- dm thin: resume even if in FAIL mode (git-fixes).
- dm writecache: set a default MAX_WRITEBACK_JOBS (git-fixes).
- dm: fix alloc_dax error handling in alloc_dev (git-fixes).
- dm: requeue IO if mapping table not yet available (git-fixes).
- dmaengine: Fix double increment of client_count in dma_chan_get()
(git-fixes).
- dmaengine: idxd: Do not call DMX TX callbacks during workqueue disable
(git-fixes).
- dmaengine: idxd: Let probe fail when workqueue cannot be enabled
(git-fixes).
- dmaengine: imx-sdma: Fix a possible memory leak in sdma_transfer_init
(git-fixes).
- dmaengine: lgm: Move DT parsing after initialization (git-fixes).
- dmaengine: tegra210-adma: fix global intr clear (git-fixes).
- dmaengine: ti: k3-udma: Do conditional decrement of
UDMA_CHAN_RT_PEER_BCNT_REG (git-fixes).
- dmaengine: xilinx_dma: call of_node_put() when breaking out of
for_each_child_of_node() (git-fixes).
- docs: Fix the docs build with Sphinx 6.0 (git-fixes).
- driver core: Fix test_async_probe_init saves device in wrong array
(git-fixes).
- drivers: net: xgene: disable napi when register irq failed in
xgene_enet_open() (git-fixes).
- drivers:md:fix a potential use-after-free bug (git-fixes).
- drm/amd/display: Calculate output_color_space after pixel encoding
adjustment (git-fixes).
- drm/amd/display: Fix COLOR_SPACE_YCBCR2020_TYPE matrix (git-fixes).
- drm/amd/display: Fix set scaling doesn's work (git-fixes).
- drm/amd/display: Take emulated dc_sink into account for HDCP
(bsc#1207734).
- drm/amd/display: fix issues with driver unload (git-fixes).
- drm/amdgpu: complete gfxoff allow signal during suspend without delay
(git-fixes).
- drm/amdgpu: disable runtime pm on several sienna cichlid cards(v2)
(git-fixes).
- drm/amdgpu: drop experimental flag on aldebaran (git-fixes).
- drm/hyperv: Add error message for fb size greater than allocated
(git-fixes).
- drm/i915/adlp: Fix typo for reference clock (git-fixes).
- drm/i915/display: Check source height is > 0 (git-fixes).
- drm/i915/gt: Reset twice (git-fixes).
- drm/i915/selftest: fix intel_selftest_modify_policy argument types
(git-fixes).
- drm/i915: Fix potential bit_17 double-free (git-fixes).
- drm/i915: re-disable RC6p on Sandy Bridge (git-fixes).
- drm/msm/adreno: Make adreno quirks not overwrite each other (git-fixes).
- drm/msm/dp: do not complete dp_aux_cmd_fifo_tx() if irq is not for aux
transfer (git-fixes).
- drm/msm: another fix for the headless Adreno GPU (git-fixes).
- drm/panfrost: fix GENERIC_ATOMIC64 dependency (git-fixes).
- drm/vc4: hdmi: make CEC adapter name unique (git-fixes).
- drm/virtio: Fix GEM handle creation UAF (git-fixes).
- drm: Add orientation quirk for Lenovo ideapad D330-10IGL (git-fixes).
- dt-bindings: msm/dsi: Do not require vcca-supply on 14nm PHY (git-fixes).
- dt-bindings: msm/dsi: Do not require vdds-supply on 10nm PHY (git-fixes).
- dt-bindings: msm: dsi-controller-main: Fix description of core clock
(git-fixes).
- dt-bindings: msm: dsi-controller-main: Fix operating-points-v2
constraint (git-fixes).
- dt-bindings: msm: dsi-phy-28nm: Add missing qcom,
dsi-phy-regulator-ldo-mode (git-fixes).
- efi: fix potential NULL deref in efi_mem_reserve_persistent (git-fixes).
- efi: fix userspace infinite retry read efivars after EFI runtime
services page fault (git-fixes).
- efi: rt-wrapper: Add missing include (git-fixes).
- efi: tpm: Avoid READ_ONCE() for accessing the event log (git-fixes).
- ext4: Fixup pages without buffers (bsc#1205495).
- extcon: usbc-tusb320: fix kernel-doc warning (git-fixes).
- fbcon: Check font dimension limits (git-fixes).
- fbdev: omapfb: avoid stack overflow warning (git-fixes).
- firewire: fix memory leak for payload of request subaction to IEC
61883-1 FCP region (git-fixes).
- firmware: arm_scmi: Harden shared memory access in fetch_notification
(git-fixes).
- firmware: arm_scmi: Harden shared memory access in fetch_response
(git-fixes).
- fpga: stratix10-soc: Fix return value check in s10_ops_write_init()
(git-fixes).
- fs: remove __sync_filesystem (git-fixes).
- ftrace/x86: Add back ftrace_expected for ftrace bug reports (git-fixes).
- ftrace: Clean comments related to FTRACE_OPS_FL_PER_CPU (git-fixes).
- git_sort: add usb-linus branch for gregkh/usb
- gsmi: fix null-deref in gsmi_get_variable (git-fixes).
- hv_netvsc: Fix missed pagebuf entries in netvsc_dma_map/unmap()
(git-fixes).
- i2c: mv64xxx: Add atomic_xfer method to driver (git-fixes).
- i2c: mv64xxx: Remove shutdown method from driver (git-fixes).
- i40e: Disallow ip4 and ip6 l4_4_bytes (git-fixes).
- i40e: Fix error handling in i40e_init_module() (git-fixes).
- i40e: Fix not setting default xps_cpus after reset (git-fixes).
- igb: Allocate MSI-X vector when testing (git-fixes).
- iio: adc: berlin2-adc: Add missing of_node_put() in error path
(git-fixes).
- iio: adc: stm32-dfsdm: fill module aliases (git-fixes).
- iio: hid: fix the retval in accel_3d_capture_sample (git-fixes).
- iio: hid: fix the retval in gyro_3d_capture_sample (git-fixes).
- iio: imu: fxos8700: fix ACCEL measurement range selection (git-fixes).
- iio: imu: fxos8700: fix IMU data bits returned to user space (git-fixes).
- iio: imu: fxos8700: fix MAGN sensor scale and unit (git-fixes).
- iio: imu: fxos8700: fix failed initialization ODR mode assignment
(git-fixes).
- iio: imu: fxos8700: fix incomplete ACCEL and MAGN channels readback
(git-fixes).
- iio: imu: fxos8700: fix incorrect ODR mode readback (git-fixes).
- iio: imu: fxos8700: fix map label of channel type to MAGN sensor
(git-fixes).
- iio: imu: fxos8700: fix swapped ACCEL and MAGN channels readback
(git-fixes).
- iio: imu: fxos8700: remove definition FXOS8700_CTRL_ODR_MIN (git-fixes).
- iio:adc:twl6030: Enable measurement of VAC (git-fixes).
- iio:adc:twl6030: Enable measurements of VUSB, VBAT and others
(git-fixes).
- ipmi:ssif: Add 60ms time internal between write retries (bsc#1206459).
- ipmi:ssif: Increase the message retry time (bsc#1206459).
- ipv6: addrlabel: fix infoleak when sending struct ifaddrlblmsg to
network (git-fixes).
- ixgbevf: Fix resource leak in ixgbevf_init_module() (git-fixes).
- jbd2: use the correct print format (git-fixes).
- kABI workaround for struct acpi_ec (bsc#1207149).
- kABI: Preserve TRACE_EVENT_FL values (git-fixes).
- kabi/severities: add mlx5 internal symbols
- l2tp: Do not sleep and disable BH under writer-side sk_callback_lock
(git-fixes).
- loop: Fix the max_loop commandline argument treatment when it is set to
0 (git-fixes).
- md/raid5: Wait for MD_SB_CHANGE_PENDING in raid5d (git-fixes).
- md: Flush workqueue md_rdev_misc_wq in md_alloc() (git-fixes).
- md: Notify sysfs sync_completed in md_reap_sync_thread() (git-fixes).
- md: protect md_unregister_thread from reentrancy (git-fixes).
- mei: me: add meteor lake point M DID (git-fixes).
- memory: atmel-sdramc: Fix missing clk_disable_unprepare in
atmel_ramc_probe() (git-fixes).
- memory: mvebu-devbus: Fix missing clk_disable_unprepare in
mvebu_devbus_probe() (git-fixes).
- memory: tegra: Remove clients SID override programming (git-fixes).
- misc: fastrpc: Do not remove map on creater_process and device_release
(git-fixes).
- misc: fastrpc: Fix use-after-free race condition for maps (git-fixes).
- mm: /proc/pid/smaps_rollup: fix no vma's null-deref (bsc#1207769).
- mm: compaction: kABI: avoid pglist_data kABI breakage (bsc#1207010).
- mm: compaction: support triggering of proactive compaction by user
(bsc#1207010).
- mmc: sdhci-esdhc-imx: correct the tuning start tap and step setting
(git-fixes).
- mmc: sunxi-mmc: Fix clock refcount imbalance during unbind (git-fixes).
- module: Do not wait for GOING modules (bsc#1196058, bsc#1186449,
bsc#1204356, bsc#1204662).
- mt76: fix use-after-free by removing a non-RCU wcid pointer (git-fixes).
- mt76: mt7921: avoid unnecessary spin_lock/spin_unlock in
mt7921_mcu_tx_done_event (git-fixes).
- nbd: Fix hung on disconnect request if socket is closed before
(git-fixes).
- nbd: Fix hung when signal interrupts nbd_start_device_ioctl()
(git-fixes).
- nbd: call genl_unregister_family() first in nbd_cleanup() (git-fixes).
- nbd: fix io hung while disconnecting device (git-fixes).
- nbd: fix race between nbd_alloc_config() and module removal (git-fixes).
- net/mlx4: Check retval of mlx4_bitmap_init (git-fixes).
- net/mlx5: Dynamically resize flow counters query buffer (bsc#1195175).
- net/tg3: resolve deadlock in tg3_reset_task() during EEH (bsc#1207842).
- net: cxgb3_main: disable napi when bind qsets failed in cxgb_up()
(git-fixes).
- net: ena: Fix error handling in ena_init() (git-fixes).
- net: liquidio: release resources when liquidio driver open failed
(git-fixes).
- net: liquidio: simplify if expression (git-fixes).
- net: macvlan: Use built-in RCU list checking (git-fixes).
- net: macvlan: fix memory leaks of macvlan_common_newlink (git-fixes).
- net: mdio: validate parameter addr in mdiobus_get_phy() (git-fixes).
- net: nfc: Fix use-after-free in local_cleanup() (git-fixes).
- net: phy: dp83822: Fix null pointer access on DP83825/DP83826 devices
(git-fixes).
- net: phy: meson-gxl: Add generic dummy stubs for MMD register access
(git-fixes).
- net: tun: Fix memory leaks of napi_get_frags (git-fixes).
- net: tun: Fix use-after-free in tun_detach() (git-fixes).
- net: tun: call napi_schedule_prep() to ensure we own a napi (git-fixes).
- net: usb: cdc_ether: add support for Thales Cinterion PLS62-W modem
(git-fixes).
- net: usb: sr9700: Handle negative len (git-fixes).
- net: wan: Add checks for NULL for utdm in undo_uhdlc_init and
unmap_si_regs (git-fixes).
- netrom: Fix use-after-free caused by accept on already connected socket
(git-fixes).
- netrom: Fix use-after-free of a listening socket (git-fixes).
- nilfs2: fix general protection fault in nilfs_btree_insert() (git-fixes).
- null_blk: fix ida error handling in null_add_dev() (git-fixes).
- octeontx2-af: Fix reference count issue in rvu_sdp_init()
(jsc#SLE-24682).
- octeontx2-af: debugsfs: fix pci device refcount leak (git-fixes).
- octeontx2-pf: Add check for devm_kcalloc (git-fixes).
- octeontx2-pf: Fix potential memory leak in otx2_init_tc()
(jsc#SLE-24682).
- of/address: Return an error when no valid dma-ranges are found
(git-fixes).
- phy: Revert "phy: qualcomm: usb28nm: Add MDM9607 init sequence"
(git-fixes).
- phy: phy-can-transceiver: Skip warning if no "max-bitrate" (git-fixes).
- phy: rockchip-inno-usb2: Fix missing clk_disable_unprepare() in
rockchip_usb2phy_power_on() (git-fixes).
- phy: ti: fix Kconfig warning and operator precedence (git-fixes).
- pinctrl: amd: Add dynamic debugging for active GPIOs (git-fixes).
- pinctrl: rockchip: fix mux route data for rk3568 (git-fixes).
- platform/surface: aggregator: Add missing call to
ssam_request_sync_free() (git-fixes).
- platform/surface: aggregator: Ignore command messages not intended for
us (git-fixes).
- platform/x86: asus-nb-wmi: Add alternate mapping for KEY_SCREENLOCK
(git-fixes).
- platform/x86: dell-privacy: Fix SW_CAMERA_LENS_COVER reporting
(git-fixes).
- platform/x86: dell-privacy: Only register SW_CAMERA_LENS_COVER if
present (git-fixes).
- platform/x86: sony-laptop: Do not turn off 0x153 keyboard backlight
during probe (git-fixes).
- platform/x86: touchscreen_dmi: Add info for the CSL Panther Tab HD
(git-fixes).
- powerpc/64s/radix: Fix RWX mapping with relocated kernel (bsc#1194869).
- powerpc/64s/radix: Fix crash with unaligned relocated kernel
(bsc#1194869).
- powerpc/64s: Fix local irq disable when PMIs are disabled (bsc#1195655
ltc#1195655 git-fixes).
- powerpc/kexec_file: Count hot-pluggable memory in FDT estimate
(bsc#1194869).
- powerpc/kexec_file: Fix division by zero in extra size estimation
(bsc#1194869).
- powerpc/rtas: avoid device tree lookups in rtas_os_term() (bsc#1065729).
- powerpc/rtas: avoid scheduling in rtas_os_term() (bsc#1065729).
- powerpc/vmlinux.lds: Add an explicit symbol for the SRWX boundary
(bsc#1194869).
- powerpc/vmlinux.lds: Ensure STRICT_ALIGN_SIZE is at least page aligned
(bsc#1194869).
- powerpc: move __end_rodata to cover arch read-only sections
(bsc#1194869).
- qlcnic: fix sleep-in-atomic-context bugs caused by msleep (git-fixes).
- r8152: add vendor/device ID pair for Microsoft Devkit (git-fixes).
- r8169: move rtl_wol_enable_rx() and rtl_prepare_power_down() (git-fixes).
- regulator: da9211: Use irq handler when ready (git-fixes).
- rpm/mkspec-dtb: add riscv64 dtb-renesas subpackage
- s390/qeth: fix various format strings (git-fixes).
- sched/core: Fix arch_scale_freq_tick() on tickless systems (git-fixes)
- sched/core: Introduce sched_asym_cpucap_active() (git-fixes)
- sched/cpuset: Fix dl_cpu_busy() panic due to empty (git-fixes)
- sched/deadline: Merge dl_task_can_attach() and dl_cpu_busy() (git-fixes)
- sched/tracing: Report TASK_RTLOCK_WAIT tasks as (git-fixes)
- sched/uclamp: Make asym_fits_capacity() use util_fits_cpu() (git-fixes)
- sched: Avoid double preemption in __cond_resched_*lock*() (git-fixes)
- scsi: Revert "scsi: core: map PQ=1, PDT=other values to
SCSI_SCAN_TARGET_PRESENT" (git-fixes).
- scsi: core: Fix a race between scsi_done() and scsi_timeout()
(git-fixes).
- scsi: efct: Fix possible memleak in efct_device_init() (git-fixes).
- scsi: elx: libefc: Fix second parameter type in state callbacks
(git-fixes).
- scsi: fcoe: Fix possible name leak when device_register() fails
(git-fixes).
- scsi: fcoe: Fix transport not deattached when fcoe_if_init() fails
(git-fixes).
- scsi: hpsa: Fix allocation size for scsi_host_alloc() (git-fixes).
- scsi: hpsa: Fix error handling in hpsa_add_sas_host() (git-fixes).
- scsi: hpsa: Fix possible memory leak in hpsa_add_sas_device()
(git-fixes).
- scsi: hpsa: Fix possible memory leak in hpsa_init_one() (git-fixes).
- scsi: ipr: Fix WARNING in ipr_init() (git-fixes).
- scsi: mpi3mr: Refer CONFIG_SCSI_MPI3MR in Makefile (git-fixes).
- scsi: mpt3sas: Fix possible resource leaks in
mpt3sas_transport_port_add() (git-fixes).
- scsi: mpt3sas: Remove scsi_dma_map() error messages (git-fixes).
- scsi: scsi_debug: Fix a warning in resp_report_zones() (git-fixes).
- scsi: scsi_debug: Fix a warning in resp_verify() (git-fixes).
- scsi: scsi_debug: Fix a warning in resp_write_scat() (git-fixes).
- scsi: scsi_debug: Fix possible name leak in sdebug_add_host_helper()
(git-fixes).
- scsi: snic: Fix possible UAF in snic_tgt_create() (git-fixes).
- scsi: storvsc: Correct reporting of Hyper-V I/O size limits (git-fixes).
- scsi: storvsc: Fix swiotlb bounce buffer leak in confidential VM
(bsc#1206006).
- scsi: tracing: Fix compile error in trace_array calls when TRACING is
disabled (git-fixes).
- scsi: ufs: Stop using the clock scaling lock in the error handler
(git-fixes).
- scsi: ufs: core: Enable link lost interrupt (git-fixes).
- sctp: fail if no bound addresses can be used for a given scope
(bsc#1206677).
- selftests/vm: remove ARRAY_SIZE define from individual tests (git-fixes).
- selftests: Provide local define of __cpuid_count() (git-fixes).
- serial: 8250_dma: Fix DMA Rx rearm race (git-fixes).
- serial: atmel: fix incorrect baudrate setup (git-fixes).
- serial: pch_uart: Pass correct sg to dma_unmap_sg() (git-fixes).
- sfc: fix potential memleak in __ef100_hard_start_xmit() (git-fixes).
- soc: imx8m: Fix incorrect check for of_clk_get_by_name() (git-fixes).
- spi: spidev: remove debug messages that access spidev->spi without
locking (git-fixes).
- staging: mt7621-dts: change some node hex addresses to lower case
(git-fixes).
- staging: vchiq_arm: fix enum vchiq_status return types (git-fixes).
- swim3: add missing major.h include (git-fixes).
- tcp: prohibit TCP_REPAIR_OPTIONS if data was already sent (git-fixes).
- thermal/core: Remove duplicate information when an error occurs
(git-fixes).
- thunderbolt: Do not call PM runtime functions in tb_retimer_scan()
(git-fixes).
- thunderbolt: Do not report errors if on-board retimers are found
(git-fixes).
- thunderbolt: Use correct function to calculate maximum USB3 link rate
(git-fixes).
- tick/nohz: Use WARN_ON_ONCE() to prevent console saturation.
- tick/sched: Fix non-kernel-doc comment (git-fixes).
- tomoyo: fix broken dependency on *.conf.default (git-fixes).
- tools: fix ARRAY_SIZE defines in tools and selftests hdrs (git-fixes).
- tracing/hist: Fix issue of losting command info in error_log (git-fixes).
- tracing/hist: Fix out-of-bound write on 'action_data.var_ref_idx'
(git-fixes).
- tracing/hist: Fix wrong return value in parse_action_params()
(git-fixes).
- tracing/osnoise: Make osnoise_main to sleep for microseconds (git-fixes).
- tracing/perf: Avoid -Warray-bounds warning for __rel_loc macro
(git-fixes).
- tracing/probes: Handle system names with hyphens (git-fixes).
- tracing: Add '__rel_loc' using trace event macros (git-fixes).
- tracing: Add DYNAMIC flag for dynamic events (git-fixes).
- tracing: Add trace_event helper macros __string_len() and
__assign_str_len() (git-fixes).
- tracing: Avoid -Warray-bounds warning for __rel_loc macro (git-fixes).
- tracing: Do not use out-of-sync va_list in event printing (git-fixes).
- tracing: Ensure trace buffer is at least 4096 bytes large (git-fixes).
- tracing: Fix a kmemleak false positive in tracing_map (git-fixes).
- tracing: Fix complicated dependency of CONFIG_TRACER_MAX_TRACE
(git-fixes).
- tracing: Fix infinite loop in tracing_read_pipe on overflowed
print_trace_line (git-fixes).
- tracing: Fix issue of missing one synthetic field (git-fixes).
- tracing: Fix mismatched comment in __string_len (git-fixes).
- tracing: Fix possible memory leak in __create_synth_event() error path
(git-fixes).
- tracing: Fix race where histograms can be called before the event
(git-fixes).
- tracing: Fix sleeping function called from invalid context on RT kernel
(git-fixes).
- tracing: Fix tp_printk option related with tp_printk_stop_on_boot
(git-fixes).
- tracing: Fix warning on variable 'struct trace_array' (git-fixes).
- tracing: Have TRACE_DEFINE_ENUM affect trace event types as well
(git-fixes).
- tracing: Have syscall trace events use trace_event_buffer_lock_reserve()
(git-fixes).
- tracing: Have type enum modifications copy the strings (git-fixes).
- tracing: Make tp_printk work on syscall tracepoints (git-fixes).
- tracing: Use alignof__(struct {type b;}) instead of offsetof()
(git-fixes).
- tracing: incorrect isolate_mote_t cast in mm_vmscan_lru_isolate
(git-fixes).
- tty: fix possible null-ptr-defer in spk_ttyio_release (git-fixes).
- tty: serial: qcom-geni-serial: fix slab-out-of-bounds on RX FIFO buffer
(git-fixes).
- usb-storage: apply IGNORE_UAS only for HIKSEMI MD202 on RTL9210
(git-fixes).
- usb: acpi: add helper to check port lpm capability using acpi _DSM
(git-fixes).
- usb: cdns3: remove fetched trb from cache before dequeuing (git-fixes).
- usb: core: hub: disable autosuspend for TI TUSB8041 (git-fixes).
- usb: dwc3: qcom: enable vbus override when in OTG dr-mode (git-fixes).
- usb: fotg210-udc: Fix ages old endianness issues (git-fixes).
- usb: gadget: f_fs: Ensure ep0req is dequeued before free_request
(git-fixes).
- usb: gadget: f_fs: Fix unbalanced spinlock in __ffs_ep0_queue_wait
(git-fixes).
- usb: gadget: f_fs: Prevent race during ffs_ep0_queue_wait (git-fixes).
- usb: gadget: f_hid: fix f_hidg lifetime vs cdev (git-fixes).
- usb: gadget: f_hid: fix refcount leak on error path (git-fixes).
- usb: gadget: f_ncm: fix potential NULL ptr deref in ncm_bitrate()
(git-fixes).
- usb: gadget: f_uac2: Fix incorrect increment of bNumEndpoints
(git-fixes).
- usb: gadget: g_webcam: Send color matching descriptor per frame
(git-fixes).
- usb: gadget: udc: core: Print error code in usb_gadget_probe_driver()
(git-fixes).
- usb: gadget: udc: core: Revise comments for USB ep enable/disable
(git-fixes).
- usb: gadget: udc: core: Use pr_fmt() to prefix messages (git-fixes).
- usb: gadget: udc: core: remove usage of list iterator past the loop body
(git-fixes).
- usb: host: ehci-fsl: Fix module alias (git-fixes).
- usb: typec: altmodes/displayport: Add pin assignment helper (git-fixes).
- usb: typec: altmodes/displayport: Fix pin assignment calculation
(git-fixes).
- usb: typec: tcpm: Fix altmode re-registration causes sysfs create fail
(git-fixes).
- usb: xhci: Check endpoint is valid before dereferencing it (git-fixes).
- vc_screen: move load of struct vc_data pointer in vcs_read() to avoid
UAF (git-fixes).
- vfs: make sync_filesystem return errors from ->sync_fs (git-fixes).
- virtio-blk: modify the value type of num in virtio_queue_rq()
(git-fixes).
- virtio-net: correctly enable callback during start_xmit (git-fixes).
- virtio_pci: modify ENOENT to EINVAL (git-fixes).
- w1: fix WARNING after calling w1_process() (git-fixes).
- w1: fix deadloop in __w1_remove_master_device() (git-fixes).
- wait: Fix __wait_event_hrtimeout for RT/DL tasks (git-fixes)
- watchdog: diag288_wdt: do not use stack buffers for hardware data
(bsc#1207497).
- watchdog: diag288_wdt: fix __diag288() inline assembly (bsc#1207497).
- wifi: brcmfmac: fix regression for Broadcom PCIe wifi devices
(git-fixes).
- wifi: mac80211: sdata can be NULL during AMPDU start (git-fixes).
- wifi: mt76: mt7921: add mt7921_mutex_acquire at
mt7921_sta_set_decap_offload (git-fixes).
- wifi: mt76: mt7921e: fix race issue between reset and suspend/resume
(git-fixes).
- wifi: mt76: sdio: fix the deadlock caused by sdio->stat_work (git-fixes).
- wifi: mt76: sdio: poll sta stat when device transmits data (git-fixes).
- wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid (git-fixes).
- x86/hyperv: Remove unregister syscore call from Hyper-V cleanup
(git-fixes).
- x86/hyperv: Restore VP assist page after cpu offlining/onlining
(git-fixes).
- xfs: Fix unreferenced object reported by kmemleak in xfs_sysfs_init()
(git-fixes).
- xfs: fix incorrect error-out in xfs_remove (git-fixes).
- xfs: fix incorrect i_nlink caused by inode racing (git-fixes).
- xfs: fix maxlevels comparisons in the btree staging code (git-fixes).
- xfs: fix memory leak in xfs_errortag_init (git-fixes).
- xfs: get rid of assert from xfs_btree_islastblock (git-fixes).
- xfs: get root inode correctly at bulkstat (git-fixes).
- xfs: initialize the check_owner object fully (git-fixes).
- xfs: prevent a WARN_ONCE() in xfs_ioc_attr_list() (git-fixes).
- xfs: reject crazy array sizes being fed to XFS_IOC_GETBMAP* (git-fixes).
- xfs: return errors in xfs_fs_sync_fs (git-fixes).
- xfs: xfstest fails with error missing kernel patch (git-fixes
bsc#1207501 ltc#201370).
- xhci-pci: set the dma max_seg_size (git-fixes).
- xhci: Fix null pointer dereference when host dies (git-fixes).
- zram: Delete patch for regression addressed (bsc#1207933).
- zram: do not lookup algorithm in backends table (git-fixes).
Special Instructions and Notes:
Please reboot the system after installing this update.
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap Micro 5.3:
zypper in -t patch openSUSE-Leap-Micro-5.3-2023-433=1
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2023-433=1
- SUSE Linux Enterprise Workstation Extension 15-SP4:
zypper in -t patch SUSE-SLE-Product-WE-15-SP4-2023-433=1
- SUSE Linux Enterprise Module for Live Patching 15-SP4:
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2023-433=1
Please note that this is the initial kernel livepatch without fixes
itself, this livepatch package is later updated by seperate standalone
livepatch updates.
- SUSE Linux Enterprise Module for Legacy Software 15-SP4:
zypper in -t patch SUSE-SLE-Module-Legacy-15-SP4-2023-433=1
- SUSE Linux Enterprise Module for Development Tools 15-SP4:
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP4-2023-433=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2023-433=1
- SUSE Linux Enterprise Micro 5.3:
zypper in -t patch SUSE-SLE-Micro-5.3-2023-433=1
- SUSE Linux Enterprise High Availability 15-SP4:
zypper in -t patch SUSE-SLE-Product-HA-15-SP4-2023-433=1
Package List:
- openSUSE Leap Micro 5.3 (aarch64 x86_64):
kernel-default-5.14.21-150400.24.46.1
kernel-default-base-5.14.21-150400.24.46.1.150400.24.17.3
kernel-default-debuginfo-5.14.21-150400.24.46.1
kernel-default-debugsource-5.14.21-150400.24.46.1
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
cluster-md-kmp-default-5.14.21-150400.24.46.1
cluster-md-kmp-default-debuginfo-5.14.21-150400.24.46.1
dlm-kmp-default-5.14.21-150400.24.46.1
dlm-kmp-default-debuginfo-5.14.21-150400.24.46.1
gfs2-kmp-default-5.14.21-150400.24.46.1
gfs2-kmp-default-debuginfo-5.14.21-150400.24.46.1
kernel-default-5.14.21-150400.24.46.1
kernel-default-base-5.14.21-150400.24.46.1.150400.24.17.3
kernel-default-base-rebuild-5.14.21-150400.24.46.1.150400.24.17.3
kernel-default-debuginfo-5.14.21-150400.24.46.1
kernel-default-debugsource-5.14.21-150400.24.46.1
kernel-default-devel-5.14.21-150400.24.46.1
kernel-default-devel-debuginfo-5.14.21-150400.24.46.1
kernel-default-extra-5.14.21-150400.24.46.1
kernel-default-extra-debuginfo-5.14.21-150400.24.46.1
kernel-default-livepatch-5.14.21-150400.24.46.1
kernel-default-livepatch-devel-5.14.21-150400.24.46.1
kernel-default-optional-5.14.21-150400.24.46.1
kernel-default-optional-debuginfo-5.14.21-150400.24.46.1
kernel-obs-build-5.14.21-150400.24.46.1
kernel-obs-build-debugsource-5.14.21-150400.24.46.1
kernel-obs-qa-5.14.21-150400.24.46.1
kernel-syms-5.14.21-150400.24.46.1
kselftests-kmp-default-5.14.21-150400.24.46.1
kselftests-kmp-default-debuginfo-5.14.21-150400.24.46.1
ocfs2-kmp-default-5.14.21-150400.24.46.1
ocfs2-kmp-default-debuginfo-5.14.21-150400.24.46.1
reiserfs-kmp-default-5.14.21-150400.24.46.1
reiserfs-kmp-default-debuginfo-5.14.21-150400.24.46.1
- openSUSE Leap 15.4 (aarch64 ppc64le x86_64):
kernel-kvmsmall-5.14.21-150400.24.46.1
kernel-kvmsmall-debuginfo-5.14.21-150400.24.46.1
kernel-kvmsmall-debugsource-5.14.21-150400.24.46.1
kernel-kvmsmall-devel-5.14.21-150400.24.46.1
kernel-kvmsmall-devel-debuginfo-5.14.21-150400.24.46.1
kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.46.1
- openSUSE Leap 15.4 (ppc64le x86_64):
kernel-debug-5.14.21-150400.24.46.1
kernel-debug-debuginfo-5.14.21-150400.24.46.1
kernel-debug-debugsource-5.14.21-150400.24.46.1
kernel-debug-devel-5.14.21-150400.24.46.1
kernel-debug-devel-debuginfo-5.14.21-150400.24.46.1
kernel-debug-livepatch-devel-5.14.21-150400.24.46.1
- openSUSE Leap 15.4 (aarch64):
cluster-md-kmp-64kb-5.14.21-150400.24.46.1
cluster-md-kmp-64kb-debuginfo-5.14.21-150400.24.46.1
dlm-kmp-64kb-5.14.21-150400.24.46.1
dlm-kmp-64kb-debuginfo-5.14.21-150400.24.46.1
dtb-allwinner-5.14.21-150400.24.46.1
dtb-altera-5.14.21-150400.24.46.1
dtb-amazon-5.14.21-150400.24.46.1
dtb-amd-5.14.21-150400.24.46.1
dtb-amlogic-5.14.21-150400.24.46.1
dtb-apm-5.14.21-150400.24.46.1
dtb-apple-5.14.21-150400.24.46.1
dtb-arm-5.14.21-150400.24.46.1
dtb-broadcom-5.14.21-150400.24.46.1
dtb-cavium-5.14.21-150400.24.46.1
dtb-exynos-5.14.21-150400.24.46.1
dtb-freescale-5.14.21-150400.24.46.1
dtb-hisilicon-5.14.21-150400.24.46.1
dtb-lg-5.14.21-150400.24.46.1
dtb-marvell-5.14.21-150400.24.46.1
dtb-mediatek-5.14.21-150400.24.46.1
dtb-nvidia-5.14.21-150400.24.46.1
dtb-qcom-5.14.21-150400.24.46.1
dtb-renesas-5.14.21-150400.24.46.1
dtb-rockchip-5.14.21-150400.24.46.1
dtb-socionext-5.14.21-150400.24.46.1
dtb-sprd-5.14.21-150400.24.46.1
dtb-xilinx-5.14.21-150400.24.46.1
gfs2-kmp-64kb-5.14.21-150400.24.46.1
gfs2-kmp-64kb-debuginfo-5.14.21-150400.24.46.1
kernel-64kb-5.14.21-150400.24.46.1
kernel-64kb-debuginfo-5.14.21-150400.24.46.1
kernel-64kb-debugsource-5.14.21-150400.24.46.1
kernel-64kb-devel-5.14.21-150400.24.46.1
kernel-64kb-devel-debuginfo-5.14.21-150400.24.46.1
kernel-64kb-extra-5.14.21-150400.24.46.1
kernel-64kb-extra-debuginfo-5.14.21-150400.24.46.1
kernel-64kb-livepatch-devel-5.14.21-150400.24.46.1
kernel-64kb-optional-5.14.21-150400.24.46.1
kernel-64kb-optional-debuginfo-5.14.21-150400.24.46.1
kselftests-kmp-64kb-5.14.21-150400.24.46.1
kselftests-kmp-64kb-debuginfo-5.14.21-150400.24.46.1
ocfs2-kmp-64kb-5.14.21-150400.24.46.1
ocfs2-kmp-64kb-debuginfo-5.14.21-150400.24.46.1
reiserfs-kmp-64kb-5.14.21-150400.24.46.1
reiserfs-kmp-64kb-debuginfo-5.14.21-150400.24.46.1
- openSUSE Leap 15.4 (noarch):
kernel-devel-5.14.21-150400.24.46.1
kernel-docs-5.14.21-150400.24.46.2
kernel-docs-html-5.14.21-150400.24.46.2
kernel-macros-5.14.21-150400.24.46.1
kernel-source-5.14.21-150400.24.46.1
kernel-source-vanilla-5.14.21-150400.24.46.1
- openSUSE Leap 15.4 (s390x):
kernel-zfcpdump-5.14.21-150400.24.46.1
kernel-zfcpdump-debuginfo-5.14.21-150400.24.46.1
kernel-zfcpdump-debugsource-5.14.21-150400.24.46.1
- SUSE Linux Enterprise Workstation Extension 15-SP4 (x86_64):
kernel-default-debuginfo-5.14.21-150400.24.46.1
kernel-default-debugsource-5.14.21-150400.24.46.1
kernel-default-extra-5.14.21-150400.24.46.1
kernel-default-extra-debuginfo-5.14.21-150400.24.46.1
- SUSE Linux Enterprise Module for Live Patching 15-SP4 (ppc64le s390x x86_64):
kernel-default-debuginfo-5.14.21-150400.24.46.1
kernel-default-debugsource-5.14.21-150400.24.46.1
kernel-default-livepatch-5.14.21-150400.24.46.1
kernel-default-livepatch-devel-5.14.21-150400.24.46.1
kernel-livepatch-5_14_21-150400_24_46-default-1-150400.9.3.3
kernel-livepatch-5_14_21-150400_24_46-default-debuginfo-1-150400.9.3.3
kernel-livepatch-SLE15-SP4_Update_8-debugsource-1-150400.9.3.3
- SUSE Linux Enterprise Module for Legacy Software 15-SP4 (aarch64 ppc64le s390x x86_64):
kernel-default-debuginfo-5.14.21-150400.24.46.1
kernel-default-debugsource-5.14.21-150400.24.46.1
reiserfs-kmp-default-5.14.21-150400.24.46.1
reiserfs-kmp-default-debuginfo-5.14.21-150400.24.46.1
- SUSE Linux Enterprise Module for Development Tools 15-SP4 (aarch64 ppc64le s390x x86_64):
kernel-obs-build-5.14.21-150400.24.46.1
kernel-obs-build-debugsource-5.14.21-150400.24.46.1
kernel-syms-5.14.21-150400.24.46.1
- SUSE Linux Enterprise Module for Development Tools 15-SP4 (noarch):
kernel-docs-5.14.21-150400.24.46.2
kernel-source-5.14.21-150400.24.46.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64 ppc64le s390x x86_64):
kernel-default-5.14.21-150400.24.46.1
kernel-default-base-5.14.21-150400.24.46.1.150400.24.17.3
kernel-default-debuginfo-5.14.21-150400.24.46.1
kernel-default-debugsource-5.14.21-150400.24.46.1
kernel-default-devel-5.14.21-150400.24.46.1
kernel-default-devel-debuginfo-5.14.21-150400.24.46.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64):
kernel-64kb-5.14.21-150400.24.46.1
kernel-64kb-debuginfo-5.14.21-150400.24.46.1
kernel-64kb-debugsource-5.14.21-150400.24.46.1
kernel-64kb-devel-5.14.21-150400.24.46.1
kernel-64kb-devel-debuginfo-5.14.21-150400.24.46.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (noarch):
kernel-devel-5.14.21-150400.24.46.1
kernel-macros-5.14.21-150400.24.46.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (s390x):
kernel-zfcpdump-5.14.21-150400.24.46.1
kernel-zfcpdump-debuginfo-5.14.21-150400.24.46.1
kernel-zfcpdump-debugsource-5.14.21-150400.24.46.1
- SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64):
kernel-default-5.14.21-150400.24.46.1
kernel-default-base-5.14.21-150400.24.46.1.150400.24.17.3
kernel-default-debuginfo-5.14.21-150400.24.46.1
kernel-default-debugsource-5.14.21-150400.24.46.1
- SUSE Linux Enterprise High Availability 15-SP4 (aarch64 ppc64le s390x x86_64):
cluster-md-kmp-default-5.14.21-150400.24.46.1
cluster-md-kmp-default-debuginfo-5.14.21-150400.24.46.1
dlm-kmp-default-5.14.21-150400.24.46.1
dlm-kmp-default-debuginfo-5.14.21-150400.24.46.1
gfs2-kmp-default-5.14.21-150400.24.46.1
gfs2-kmp-default-debuginfo-5.14.21-150400.24.46.1
kernel-default-debuginfo-5.14.21-150400.24.46.1
kernel-default-debugsource-5.14.21-150400.24.46.1
ocfs2-kmp-default-5.14.21-150400.24.46.1
ocfs2-kmp-default-debuginfo-5.14.21-150400.24.46.1
References:
https://www.suse.com/security/cve/CVE-2020-24588.html
https://www.suse.com/security/cve/CVE-2022-4382.html
https://www.suse.com/security/cve/CVE-2022-47929.html
https://www.suse.com/security/cve/CVE-2023-0122.html
https://www.suse.com/security/cve/CVE-2023-0179.html
https://www.suse.com/security/cve/CVE-2023-0266.html
https://www.suse.com/security/cve/CVE-2023-0590.html
https://www.suse.com/security/cve/CVE-2023-23454.html
https://www.suse.com/security/cve/CVE-2023-23455.html
https://bugzilla.suse.com/1065729
https://bugzilla.suse.com/1185861
https://bugzilla.suse.com/1185863
https://bugzilla.suse.com/1186449
https://bugzilla.suse.com/1191256
https://bugzilla.suse.com/1192868
https://bugzilla.suse.com/1193629
https://bugzilla.suse.com/1194869
https://bugzilla.suse.com/1195175
https://bugzilla.suse.com/1195655
https://bugzilla.suse.com/1196058
https://bugzilla.suse.com/1199701
https://bugzilla.suse.com/1204063
https://bugzilla.suse.com/1204356
https://bugzilla.suse.com/1204662
https://bugzilla.suse.com/1205495
https://bugzilla.suse.com/1206006
https://bugzilla.suse.com/1206036
https://bugzilla.suse.com/1206056
https://bugzilla.suse.com/1206057
https://bugzilla.suse.com/1206258
https://bugzilla.suse.com/1206363
https://bugzilla.suse.com/1206459
https://bugzilla.suse.com/1206616
https://bugzilla.suse.com/1206677
https://bugzilla.suse.com/1206784
https://bugzilla.suse.com/1207010
https://bugzilla.suse.com/1207034
https://bugzilla.suse.com/1207036
https://bugzilla.suse.com/1207050
https://bugzilla.suse.com/1207125
https://bugzilla.suse.com/1207134
https://bugzilla.suse.com/1207149
https://bugzilla.suse.com/1207158
https://bugzilla.suse.com/1207184
https://bugzilla.suse.com/1207186
https://bugzilla.suse.com/1207190
https://bugzilla.suse.com/1207237
https://bugzilla.suse.com/1207263
https://bugzilla.suse.com/1207269
https://bugzilla.suse.com/1207497
https://bugzilla.suse.com/1207500
https://bugzilla.suse.com/1207501
https://bugzilla.suse.com/1207506
https://bugzilla.suse.com/1207507
https://bugzilla.suse.com/1207734
https://bugzilla.suse.com/1207769
https://bugzilla.suse.com/1207795
https://bugzilla.suse.com/1207842
https://bugzilla.suse.com/1207878
https://bugzilla.suse.com/1207933
1
0
SUSE-SU-2023:0431-1: important: Security update for apache2-mod_security2
by opensuse-security@opensuse.org 15 Feb '23
by opensuse-security@opensuse.org 15 Feb '23
15 Feb '23
SUSE Security Update: Security update for apache2-mod_security2
______________________________________________________________________________
Announcement ID: SUSE-SU-2023:0431-1
Rating: important
References: #1207379
Cross-References: CVE-2023-24021
CVSS scores:
CVE-2023-24021 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2023-24021 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Affected Products:
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Server Applications 15-SP4
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for apache2-mod_security2 fixes the following issues:
- CVE-2023-24021: Fixed FILES_TMP_CONTENT missing complete content
(bsc#1207379).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2023-431=1
- SUSE Linux Enterprise Module for Server Applications 15-SP4:
zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP4-2023-431=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
apache2-mod_security2-2.9.4-150400.3.6.1
apache2-mod_security2-debuginfo-2.9.4-150400.3.6.1
apache2-mod_security2-debugsource-2.9.4-150400.3.6.1
- SUSE Linux Enterprise Module for Server Applications 15-SP4 (aarch64 ppc64le s390x x86_64):
apache2-mod_security2-2.9.4-150400.3.6.1
apache2-mod_security2-debuginfo-2.9.4-150400.3.6.1
apache2-mod_security2-debugsource-2.9.4-150400.3.6.1
References:
https://www.suse.com/security/cve/CVE-2023-24021.html
https://bugzilla.suse.com/1207379
1
0
SUSE-SU-2023:0429-1: important: Security update for curl
by opensuse-security@opensuse.org 15 Feb '23
by opensuse-security@opensuse.org 15 Feb '23
15 Feb '23
SUSE Security Update: Security update for curl
______________________________________________________________________________
Announcement ID: SUSE-SU-2023:0429-1
Rating: important
References: #1207990 #1207991 #1207992
Cross-References: CVE-2023-23914 CVE-2023-23915 CVE-2023-23916
CVSS scores:
CVE-2023-23914 (SUSE): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
CVE-2023-23915 (SUSE): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
CVE-2023-23916 (SUSE): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Affected Products:
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Micro 5.3
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.3
openSUSE Leap 15.4
openSUSE Leap Micro 5.3
______________________________________________________________________________
An update that fixes three vulnerabilities is now available.
Description:
This update for curl fixes the following issues:
- CVE-2023-23914: Fixed HSTS ignored on multiple requests (bsc#1207990).
- CVE-2023-23915: Fixed HSTS amnesia with --parallel (bsc#1207991).
- CVE-2023-23916: Fixed HTTP multi-header compression denial of service
(bsc#1207992).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap Micro 5.3:
zypper in -t patch openSUSE-Leap-Micro-5.3-2023-429=1
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2023-429=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2023-429=1
- SUSE Linux Enterprise Micro 5.3:
zypper in -t patch SUSE-SLE-Micro-5.3-2023-429=1
Package List:
- openSUSE Leap Micro 5.3 (aarch64 x86_64):
curl-7.79.1-150400.5.15.1
curl-debuginfo-7.79.1-150400.5.15.1
curl-debugsource-7.79.1-150400.5.15.1
libcurl4-7.79.1-150400.5.15.1
libcurl4-debuginfo-7.79.1-150400.5.15.1
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
curl-7.79.1-150400.5.15.1
curl-debuginfo-7.79.1-150400.5.15.1
curl-debugsource-7.79.1-150400.5.15.1
libcurl-devel-7.79.1-150400.5.15.1
libcurl4-7.79.1-150400.5.15.1
libcurl4-debuginfo-7.79.1-150400.5.15.1
- openSUSE Leap 15.4 (x86_64):
libcurl-devel-32bit-7.79.1-150400.5.15.1
libcurl4-32bit-7.79.1-150400.5.15.1
libcurl4-32bit-debuginfo-7.79.1-150400.5.15.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64 ppc64le s390x x86_64):
curl-7.79.1-150400.5.15.1
curl-debuginfo-7.79.1-150400.5.15.1
curl-debugsource-7.79.1-150400.5.15.1
libcurl-devel-7.79.1-150400.5.15.1
libcurl4-7.79.1-150400.5.15.1
libcurl4-debuginfo-7.79.1-150400.5.15.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (x86_64):
libcurl4-32bit-7.79.1-150400.5.15.1
libcurl4-32bit-debuginfo-7.79.1-150400.5.15.1
- SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64):
curl-7.79.1-150400.5.15.1
curl-debuginfo-7.79.1-150400.5.15.1
curl-debugsource-7.79.1-150400.5.15.1
libcurl4-7.79.1-150400.5.15.1
libcurl4-debuginfo-7.79.1-150400.5.15.1
References:
https://www.suse.com/security/cve/CVE-2023-23914.html
https://www.suse.com/security/cve/CVE-2023-23915.html
https://www.suse.com/security/cve/CVE-2023-23916.html
https://bugzilla.suse.com/1207990
https://bugzilla.suse.com/1207991
https://bugzilla.suse.com/1207992
1
0
SUSE-SU-2023:0423-1: moderate: Security update for aws-efs-utils
by opensuse-security@opensuse.org 15 Feb '23
by opensuse-security@opensuse.org 15 Feb '23
15 Feb '23
SUSE Security Update: Security update for aws-efs-utils
______________________________________________________________________________
Announcement ID: SUSE-SU-2023:0423-1
Rating: moderate
References: #1191055 #1206737
Cross-References: CVE-2022-46174
CVSS scores:
CVE-2022-46174 (NVD) : 4.2 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L
CVE-2022-46174 (SUSE): 4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Affected Products:
SUSE Enterprise Storage 6
SUSE Enterprise Storage 7
SUSE Enterprise Storage 7.1
SUSE Linux Enterprise High Performance Computing 15-SP1
SUSE Linux Enterprise High Performance Computing 15-SP2
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Public Cloud 15-SP1
SUSE Linux Enterprise Module for Public Cloud 15-SP2
SUSE Linux Enterprise Module for Public Cloud 15-SP3
SUSE Linux Enterprise Module for Public Cloud 15-SP4
SUSE Linux Enterprise Server 15-SP1
SUSE Linux Enterprise Server 15-SP2
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP1
SUSE Linux Enterprise Server for SAP Applications 15-SP2
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.0
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.0
SUSE Manager Retail Branch Server 4.1
SUSE Manager Retail Branch Server 4.2
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.0
SUSE Manager Server 4.1
SUSE Manager Server 4.2
SUSE Manager Server 4.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that solves one vulnerability and has one errata
is now available.
Description:
This update for aws-efs-utils fixes the following issues:
- Updated to version 1.34.5:
- CVE-2022-46174: Fixed a race condition when mounting filesystems using
TLS, which could result in various failures (bsc#1206737).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2023-423=1
- SUSE Linux Enterprise Module for Public Cloud 15-SP4:
zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2023-423=1
- SUSE Linux Enterprise Module for Public Cloud 15-SP3:
zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP3-2023-423=1
- SUSE Linux Enterprise Module for Public Cloud 15-SP2:
zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP2-2023-423=1
- SUSE Linux Enterprise Module for Public Cloud 15-SP1:
zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP1-2023-423=1
Package List:
- openSUSE Leap 15.4 (noarch):
aws-efs-utils-1.34.5-150100.4.11.1
- SUSE Linux Enterprise Module for Public Cloud 15-SP4 (noarch):
aws-efs-utils-1.34.5-150100.4.11.1
- SUSE Linux Enterprise Module for Public Cloud 15-SP3 (noarch):
aws-efs-utils-1.34.5-150100.4.11.1
- SUSE Linux Enterprise Module for Public Cloud 15-SP2 (noarch):
aws-efs-utils-1.34.5-150100.4.11.1
- SUSE Linux Enterprise Module for Public Cloud 15-SP1 (noarch):
aws-efs-utils-1.34.5-150100.4.11.1
References:
https://www.suse.com/security/cve/CVE-2022-46174.html
https://bugzilla.suse.com/1191055
https://bugzilla.suse.com/1206737
1
0
SUSE-SU-2023:0427-1: important: Security update for bind
by opensuse-security@opensuse.org 15 Feb '23
by opensuse-security@opensuse.org 15 Feb '23
15 Feb '23
SUSE Security Update: Security update for bind
______________________________________________________________________________
Announcement ID: SUSE-SU-2023:0427-1
Rating: important
References: #1207471
Cross-References: CVE-2022-3094
CVSS scores:
CVE-2022-3094 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3094 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products:
SUSE Enterprise Storage 7.1
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP3-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP3-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Realtime Extension 15-SP3
SUSE Linux Enterprise Server 15-SP3-LTSS
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.2
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.2
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.2
SUSE Manager Server 4.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for bind fixes the following issues:
- CVE-2022-3094: Fixed memory exhaustion due to UPDATE message flooding
(bsc#1207471).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2023-427=1
- SUSE Manager Server 4.2:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.2-2023-427=1
- SUSE Manager Retail Branch Server 4.2:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.2-2023-427=1
- SUSE Manager Proxy 4.2:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.2-2023-427=1
- SUSE Linux Enterprise Server for SAP 15-SP3:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2023-427=1
- SUSE Linux Enterprise Server 15-SP3-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2023-427=1
- SUSE Linux Enterprise Realtime Extension 15-SP3:
zypper in -t patch SUSE-SLE-Product-RT-15-SP3-2023-427=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2023-427=1
- SUSE Linux Enterprise High Performance Computing 15-SP3-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2023-427=1
- SUSE Linux Enterprise High Performance Computing 15-SP3-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-ESPOS-2023-427=1
- SUSE Enterprise Storage 7.1:
zypper in -t patch SUSE-Storage-7.1-2023-427=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
bind-chrootenv-9.16.6-150300.22.27.1
bind-devel-9.16.6-150300.22.27.1
libbind9-1600-9.16.6-150300.22.27.1
libbind9-1600-debuginfo-9.16.6-150300.22.27.1
libdns1605-9.16.6-150300.22.27.1
libdns1605-debuginfo-9.16.6-150300.22.27.1
libirs-devel-9.16.6-150300.22.27.1
libirs1601-9.16.6-150300.22.27.1
libirs1601-debuginfo-9.16.6-150300.22.27.1
libisc1606-9.16.6-150300.22.27.1
libisc1606-debuginfo-9.16.6-150300.22.27.1
libisccc1600-9.16.6-150300.22.27.1
libisccc1600-debuginfo-9.16.6-150300.22.27.1
libisccfg1600-9.16.6-150300.22.27.1
libisccfg1600-debuginfo-9.16.6-150300.22.27.1
libns1604-9.16.6-150300.22.27.1
libns1604-debuginfo-9.16.6-150300.22.27.1
- SUSE Manager Server 4.2 (ppc64le s390x x86_64):
bind-9.16.6-150300.22.27.1
bind-chrootenv-9.16.6-150300.22.27.1
bind-debuginfo-9.16.6-150300.22.27.1
bind-debugsource-9.16.6-150300.22.27.1
bind-devel-9.16.6-150300.22.27.1
bind-utils-9.16.6-150300.22.27.1
bind-utils-debuginfo-9.16.6-150300.22.27.1
libbind9-1600-9.16.6-150300.22.27.1
libbind9-1600-debuginfo-9.16.6-150300.22.27.1
libdns1605-9.16.6-150300.22.27.1
libdns1605-debuginfo-9.16.6-150300.22.27.1
libirs-devel-9.16.6-150300.22.27.1
libirs1601-9.16.6-150300.22.27.1
libirs1601-debuginfo-9.16.6-150300.22.27.1
libisc1606-9.16.6-150300.22.27.1
libisc1606-debuginfo-9.16.6-150300.22.27.1
libisccc1600-9.16.6-150300.22.27.1
libisccc1600-debuginfo-9.16.6-150300.22.27.1
libisccfg1600-9.16.6-150300.22.27.1
libisccfg1600-debuginfo-9.16.6-150300.22.27.1
libns1604-9.16.6-150300.22.27.1
libns1604-debuginfo-9.16.6-150300.22.27.1
- SUSE Manager Server 4.2 (noarch):
bind-doc-9.16.6-150300.22.27.1
python3-bind-9.16.6-150300.22.27.1
- SUSE Manager Retail Branch Server 4.2 (x86_64):
bind-9.16.6-150300.22.27.1
bind-chrootenv-9.16.6-150300.22.27.1
bind-debuginfo-9.16.6-150300.22.27.1
bind-debugsource-9.16.6-150300.22.27.1
bind-devel-9.16.6-150300.22.27.1
bind-utils-9.16.6-150300.22.27.1
bind-utils-debuginfo-9.16.6-150300.22.27.1
libbind9-1600-9.16.6-150300.22.27.1
libbind9-1600-debuginfo-9.16.6-150300.22.27.1
libdns1605-9.16.6-150300.22.27.1
libdns1605-debuginfo-9.16.6-150300.22.27.1
libirs-devel-9.16.6-150300.22.27.1
libirs1601-9.16.6-150300.22.27.1
libirs1601-debuginfo-9.16.6-150300.22.27.1
libisc1606-9.16.6-150300.22.27.1
libisc1606-debuginfo-9.16.6-150300.22.27.1
libisccc1600-9.16.6-150300.22.27.1
libisccc1600-debuginfo-9.16.6-150300.22.27.1
libisccfg1600-9.16.6-150300.22.27.1
libisccfg1600-debuginfo-9.16.6-150300.22.27.1
libns1604-9.16.6-150300.22.27.1
libns1604-debuginfo-9.16.6-150300.22.27.1
- SUSE Manager Retail Branch Server 4.2 (noarch):
bind-doc-9.16.6-150300.22.27.1
python3-bind-9.16.6-150300.22.27.1
- SUSE Manager Proxy 4.2 (x86_64):
bind-9.16.6-150300.22.27.1
bind-chrootenv-9.16.6-150300.22.27.1
bind-debuginfo-9.16.6-150300.22.27.1
bind-debugsource-9.16.6-150300.22.27.1
bind-devel-9.16.6-150300.22.27.1
bind-utils-9.16.6-150300.22.27.1
bind-utils-debuginfo-9.16.6-150300.22.27.1
libbind9-1600-9.16.6-150300.22.27.1
libbind9-1600-debuginfo-9.16.6-150300.22.27.1
libdns1605-9.16.6-150300.22.27.1
libdns1605-debuginfo-9.16.6-150300.22.27.1
libirs-devel-9.16.6-150300.22.27.1
libirs1601-9.16.6-150300.22.27.1
libirs1601-debuginfo-9.16.6-150300.22.27.1
libisc1606-9.16.6-150300.22.27.1
libisc1606-debuginfo-9.16.6-150300.22.27.1
libisccc1600-9.16.6-150300.22.27.1
libisccc1600-debuginfo-9.16.6-150300.22.27.1
libisccfg1600-9.16.6-150300.22.27.1
libisccfg1600-debuginfo-9.16.6-150300.22.27.1
libns1604-9.16.6-150300.22.27.1
libns1604-debuginfo-9.16.6-150300.22.27.1
- SUSE Manager Proxy 4.2 (noarch):
bind-doc-9.16.6-150300.22.27.1
python3-bind-9.16.6-150300.22.27.1
- SUSE Linux Enterprise Server for SAP 15-SP3 (ppc64le x86_64):
bind-9.16.6-150300.22.27.1
bind-chrootenv-9.16.6-150300.22.27.1
bind-debuginfo-9.16.6-150300.22.27.1
bind-debugsource-9.16.6-150300.22.27.1
bind-devel-9.16.6-150300.22.27.1
bind-utils-9.16.6-150300.22.27.1
bind-utils-debuginfo-9.16.6-150300.22.27.1
libbind9-1600-9.16.6-150300.22.27.1
libbind9-1600-debuginfo-9.16.6-150300.22.27.1
libdns1605-9.16.6-150300.22.27.1
libdns1605-debuginfo-9.16.6-150300.22.27.1
libirs-devel-9.16.6-150300.22.27.1
libirs1601-9.16.6-150300.22.27.1
libirs1601-debuginfo-9.16.6-150300.22.27.1
libisc1606-9.16.6-150300.22.27.1
libisc1606-debuginfo-9.16.6-150300.22.27.1
libisccc1600-9.16.6-150300.22.27.1
libisccc1600-debuginfo-9.16.6-150300.22.27.1
libisccfg1600-9.16.6-150300.22.27.1
libisccfg1600-debuginfo-9.16.6-150300.22.27.1
libns1604-9.16.6-150300.22.27.1
libns1604-debuginfo-9.16.6-150300.22.27.1
- SUSE Linux Enterprise Server for SAP 15-SP3 (noarch):
bind-doc-9.16.6-150300.22.27.1
python3-bind-9.16.6-150300.22.27.1
- SUSE Linux Enterprise Server 15-SP3-LTSS (aarch64 ppc64le s390x x86_64):
bind-9.16.6-150300.22.27.1
bind-chrootenv-9.16.6-150300.22.27.1
bind-debuginfo-9.16.6-150300.22.27.1
bind-debugsource-9.16.6-150300.22.27.1
bind-devel-9.16.6-150300.22.27.1
bind-utils-9.16.6-150300.22.27.1
bind-utils-debuginfo-9.16.6-150300.22.27.1
libbind9-1600-9.16.6-150300.22.27.1
libbind9-1600-debuginfo-9.16.6-150300.22.27.1
libdns1605-9.16.6-150300.22.27.1
libdns1605-debuginfo-9.16.6-150300.22.27.1
libirs-devel-9.16.6-150300.22.27.1
libirs1601-9.16.6-150300.22.27.1
libirs1601-debuginfo-9.16.6-150300.22.27.1
libisc1606-9.16.6-150300.22.27.1
libisc1606-debuginfo-9.16.6-150300.22.27.1
libisccc1600-9.16.6-150300.22.27.1
libisccc1600-debuginfo-9.16.6-150300.22.27.1
libisccfg1600-9.16.6-150300.22.27.1
libisccfg1600-debuginfo-9.16.6-150300.22.27.1
libns1604-9.16.6-150300.22.27.1
libns1604-debuginfo-9.16.6-150300.22.27.1
- SUSE Linux Enterprise Server 15-SP3-LTSS (noarch):
bind-doc-9.16.6-150300.22.27.1
python3-bind-9.16.6-150300.22.27.1
- SUSE Linux Enterprise Realtime Extension 15-SP3 (noarch):
bind-doc-9.16.6-150300.22.27.1
python3-bind-9.16.6-150300.22.27.1
- SUSE Linux Enterprise Realtime Extension 15-SP3 (x86_64):
bind-9.16.6-150300.22.27.1
bind-chrootenv-9.16.6-150300.22.27.1
bind-debuginfo-9.16.6-150300.22.27.1
bind-debugsource-9.16.6-150300.22.27.1
bind-devel-9.16.6-150300.22.27.1
bind-utils-9.16.6-150300.22.27.1
bind-utils-debuginfo-9.16.6-150300.22.27.1
libbind9-1600-9.16.6-150300.22.27.1
libbind9-1600-debuginfo-9.16.6-150300.22.27.1
libdns1605-9.16.6-150300.22.27.1
libdns1605-debuginfo-9.16.6-150300.22.27.1
libirs-devel-9.16.6-150300.22.27.1
libirs1601-9.16.6-150300.22.27.1
libirs1601-debuginfo-9.16.6-150300.22.27.1
libisc1606-9.16.6-150300.22.27.1
libisc1606-debuginfo-9.16.6-150300.22.27.1
libisccc1600-9.16.6-150300.22.27.1
libisccc1600-debuginfo-9.16.6-150300.22.27.1
libisccfg1600-9.16.6-150300.22.27.1
libisccfg1600-debuginfo-9.16.6-150300.22.27.1
libns1604-9.16.6-150300.22.27.1
libns1604-debuginfo-9.16.6-150300.22.27.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64 ppc64le s390x x86_64):
bind-debuginfo-9.16.6-150300.22.27.1
bind-debugsource-9.16.6-150300.22.27.1
libbind9-1600-9.16.6-150300.22.27.1
libbind9-1600-debuginfo-9.16.6-150300.22.27.1
libdns1605-9.16.6-150300.22.27.1
libdns1605-debuginfo-9.16.6-150300.22.27.1
libirs1601-9.16.6-150300.22.27.1
libirs1601-debuginfo-9.16.6-150300.22.27.1
libisc1606-9.16.6-150300.22.27.1
libisc1606-debuginfo-9.16.6-150300.22.27.1
libisccc1600-9.16.6-150300.22.27.1
libisccc1600-debuginfo-9.16.6-150300.22.27.1
libisccfg1600-9.16.6-150300.22.27.1
libisccfg1600-debuginfo-9.16.6-150300.22.27.1
libns1604-9.16.6-150300.22.27.1
libns1604-debuginfo-9.16.6-150300.22.27.1
- SUSE Linux Enterprise High Performance Computing 15-SP3-LTSS (aarch64 x86_64):
bind-9.16.6-150300.22.27.1
bind-chrootenv-9.16.6-150300.22.27.1
bind-debuginfo-9.16.6-150300.22.27.1
bind-debugsource-9.16.6-150300.22.27.1
bind-devel-9.16.6-150300.22.27.1
bind-utils-9.16.6-150300.22.27.1
bind-utils-debuginfo-9.16.6-150300.22.27.1
libbind9-1600-9.16.6-150300.22.27.1
libbind9-1600-debuginfo-9.16.6-150300.22.27.1
libdns1605-9.16.6-150300.22.27.1
libdns1605-debuginfo-9.16.6-150300.22.27.1
libirs-devel-9.16.6-150300.22.27.1
libirs1601-9.16.6-150300.22.27.1
libirs1601-debuginfo-9.16.6-150300.22.27.1
libisc1606-9.16.6-150300.22.27.1
libisc1606-debuginfo-9.16.6-150300.22.27.1
libisccc1600-9.16.6-150300.22.27.1
libisccc1600-debuginfo-9.16.6-150300.22.27.1
libisccfg1600-9.16.6-150300.22.27.1
libisccfg1600-debuginfo-9.16.6-150300.22.27.1
libns1604-9.16.6-150300.22.27.1
libns1604-debuginfo-9.16.6-150300.22.27.1
- SUSE Linux Enterprise High Performance Computing 15-SP3-LTSS (noarch):
bind-doc-9.16.6-150300.22.27.1
python3-bind-9.16.6-150300.22.27.1
- SUSE Linux Enterprise High Performance Computing 15-SP3-ESPOS (aarch64 x86_64):
bind-9.16.6-150300.22.27.1
bind-chrootenv-9.16.6-150300.22.27.1
bind-debuginfo-9.16.6-150300.22.27.1
bind-debugsource-9.16.6-150300.22.27.1
bind-devel-9.16.6-150300.22.27.1
bind-utils-9.16.6-150300.22.27.1
bind-utils-debuginfo-9.16.6-150300.22.27.1
libbind9-1600-9.16.6-150300.22.27.1
libbind9-1600-debuginfo-9.16.6-150300.22.27.1
libdns1605-9.16.6-150300.22.27.1
libdns1605-debuginfo-9.16.6-150300.22.27.1
libirs-devel-9.16.6-150300.22.27.1
libirs1601-9.16.6-150300.22.27.1
libirs1601-debuginfo-9.16.6-150300.22.27.1
libisc1606-9.16.6-150300.22.27.1
libisc1606-debuginfo-9.16.6-150300.22.27.1
libisccc1600-9.16.6-150300.22.27.1
libisccc1600-debuginfo-9.16.6-150300.22.27.1
libisccfg1600-9.16.6-150300.22.27.1
libisccfg1600-debuginfo-9.16.6-150300.22.27.1
libns1604-9.16.6-150300.22.27.1
libns1604-debuginfo-9.16.6-150300.22.27.1
- SUSE Linux Enterprise High Performance Computing 15-SP3-ESPOS (noarch):
bind-doc-9.16.6-150300.22.27.1
python3-bind-9.16.6-150300.22.27.1
- SUSE Enterprise Storage 7.1 (aarch64 x86_64):
bind-9.16.6-150300.22.27.1
bind-chrootenv-9.16.6-150300.22.27.1
bind-debuginfo-9.16.6-150300.22.27.1
bind-debugsource-9.16.6-150300.22.27.1
bind-devel-9.16.6-150300.22.27.1
bind-utils-9.16.6-150300.22.27.1
bind-utils-debuginfo-9.16.6-150300.22.27.1
libbind9-1600-9.16.6-150300.22.27.1
libbind9-1600-debuginfo-9.16.6-150300.22.27.1
libdns1605-9.16.6-150300.22.27.1
libdns1605-debuginfo-9.16.6-150300.22.27.1
libirs-devel-9.16.6-150300.22.27.1
libirs1601-9.16.6-150300.22.27.1
libirs1601-debuginfo-9.16.6-150300.22.27.1
libisc1606-9.16.6-150300.22.27.1
libisc1606-debuginfo-9.16.6-150300.22.27.1
libisccc1600-9.16.6-150300.22.27.1
libisccc1600-debuginfo-9.16.6-150300.22.27.1
libisccfg1600-9.16.6-150300.22.27.1
libisccfg1600-debuginfo-9.16.6-150300.22.27.1
libns1604-9.16.6-150300.22.27.1
libns1604-debuginfo-9.16.6-150300.22.27.1
- SUSE Enterprise Storage 7.1 (noarch):
bind-doc-9.16.6-150300.22.27.1
python3-bind-9.16.6-150300.22.27.1
References:
https://www.suse.com/security/cve/CVE-2022-3094.html
https://bugzilla.suse.com/1207471
1
0
SUSE-SU-2023:0424-1: important: Security update for ImageMagick
by opensuse-security@opensuse.org 15 Feb '23
by opensuse-security@opensuse.org 15 Feb '23
15 Feb '23
SUSE Security Update: Security update for ImageMagick
______________________________________________________________________________
Announcement ID: SUSE-SU-2023:0424-1
Rating: important
References: #1207982 #1207983
Cross-References: CVE-2022-44267 CVE-2022-44268
CVSS scores:
CVE-2022-44267 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2022-44267 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-44268 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
CVE-2022-44268 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Affected Products:
SUSE Enterprise Storage 7
SUSE Enterprise Storage 7.1
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP3-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP3-LTSS
SUSE Linux Enterprise Realtime Extension 15-SP3
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server 15-SP3-LTSS
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP 15-SP3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for ImageMagick fixes the following issues:
- CVE-2022-44267: Fixed a denial of service when parsing a PNG image
(bsc#1207982).
- CVE-2022-44268: Fixed arbitrary file disclosure when parsing a PNG image
(bsc#1207983).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2023-424=1
- SUSE Linux Enterprise Server for SAP 15-SP3:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2023-424=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2023-424=1
- SUSE Linux Enterprise Server 15-SP3-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2023-424=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2023-424=1
- SUSE Linux Enterprise Realtime Extension 15-SP3:
zypper in -t patch SUSE-SLE-Product-RT-15-SP3-2023-424=1
- SUSE Linux Enterprise High Performance Computing 15-SP3-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2023-424=1
- SUSE Linux Enterprise High Performance Computing 15-SP3-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-ESPOS-2023-424=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2023-424=1
- SUSE Enterprise Storage 7.1:
zypper in -t patch SUSE-Storage-7.1-2023-424=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2023-424=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
libMagick++-7_Q16HDRI4-7.0.7.34-150200.10.42.1
libMagick++-7_Q16HDRI4-debuginfo-7.0.7.34-150200.10.42.1
libMagickCore-7_Q16HDRI6-7.0.7.34-150200.10.42.1
libMagickCore-7_Q16HDRI6-debuginfo-7.0.7.34-150200.10.42.1
libMagickWand-7_Q16HDRI6-7.0.7.34-150200.10.42.1
libMagickWand-7_Q16HDRI6-debuginfo-7.0.7.34-150200.10.42.1
- openSUSE Leap 15.4 (x86_64):
libMagick++-7_Q16HDRI4-32bit-7.0.7.34-150200.10.42.1
libMagick++-7_Q16HDRI4-32bit-debuginfo-7.0.7.34-150200.10.42.1
libMagickCore-7_Q16HDRI6-32bit-7.0.7.34-150200.10.42.1
libMagickCore-7_Q16HDRI6-32bit-debuginfo-7.0.7.34-150200.10.42.1
libMagickWand-7_Q16HDRI6-32bit-7.0.7.34-150200.10.42.1
libMagickWand-7_Q16HDRI6-32bit-debuginfo-7.0.7.34-150200.10.42.1
- SUSE Linux Enterprise Server for SAP 15-SP3 (ppc64le x86_64):
ImageMagick-7.0.7.34-150200.10.42.1
ImageMagick-config-7-SUSE-7.0.7.34-150200.10.42.1
ImageMagick-config-7-upstream-7.0.7.34-150200.10.42.1
ImageMagick-debuginfo-7.0.7.34-150200.10.42.1
ImageMagick-debugsource-7.0.7.34-150200.10.42.1
ImageMagick-devel-7.0.7.34-150200.10.42.1
libMagick++-7_Q16HDRI4-7.0.7.34-150200.10.42.1
libMagick++-7_Q16HDRI4-debuginfo-7.0.7.34-150200.10.42.1
libMagick++-devel-7.0.7.34-150200.10.42.1
libMagickCore-7_Q16HDRI6-7.0.7.34-150200.10.42.1
libMagickCore-7_Q16HDRI6-debuginfo-7.0.7.34-150200.10.42.1
libMagickWand-7_Q16HDRI6-7.0.7.34-150200.10.42.1
libMagickWand-7_Q16HDRI6-debuginfo-7.0.7.34-150200.10.42.1
perl-PerlMagick-7.0.7.34-150200.10.42.1
perl-PerlMagick-debuginfo-7.0.7.34-150200.10.42.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64):
ImageMagick-7.0.7.34-150200.10.42.1
ImageMagick-config-7-SUSE-7.0.7.34-150200.10.42.1
ImageMagick-config-7-upstream-7.0.7.34-150200.10.42.1
ImageMagick-debuginfo-7.0.7.34-150200.10.42.1
ImageMagick-debugsource-7.0.7.34-150200.10.42.1
ImageMagick-devel-7.0.7.34-150200.10.42.1
libMagick++-7_Q16HDRI4-7.0.7.34-150200.10.42.1
libMagick++-7_Q16HDRI4-debuginfo-7.0.7.34-150200.10.42.1
libMagick++-devel-7.0.7.34-150200.10.42.1
libMagickCore-7_Q16HDRI6-7.0.7.34-150200.10.42.1
libMagickCore-7_Q16HDRI6-debuginfo-7.0.7.34-150200.10.42.1
libMagickWand-7_Q16HDRI6-7.0.7.34-150200.10.42.1
libMagickWand-7_Q16HDRI6-debuginfo-7.0.7.34-150200.10.42.1
perl-PerlMagick-7.0.7.34-150200.10.42.1
perl-PerlMagick-debuginfo-7.0.7.34-150200.10.42.1
- SUSE Linux Enterprise Server 15-SP3-LTSS (aarch64 ppc64le s390x x86_64):
ImageMagick-7.0.7.34-150200.10.42.1
ImageMagick-config-7-SUSE-7.0.7.34-150200.10.42.1
ImageMagick-config-7-upstream-7.0.7.34-150200.10.42.1
ImageMagick-debuginfo-7.0.7.34-150200.10.42.1
ImageMagick-debugsource-7.0.7.34-150200.10.42.1
ImageMagick-devel-7.0.7.34-150200.10.42.1
libMagick++-7_Q16HDRI4-7.0.7.34-150200.10.42.1
libMagick++-7_Q16HDRI4-debuginfo-7.0.7.34-150200.10.42.1
libMagick++-devel-7.0.7.34-150200.10.42.1
libMagickCore-7_Q16HDRI6-7.0.7.34-150200.10.42.1
libMagickCore-7_Q16HDRI6-debuginfo-7.0.7.34-150200.10.42.1
libMagickWand-7_Q16HDRI6-7.0.7.34-150200.10.42.1
libMagickWand-7_Q16HDRI6-debuginfo-7.0.7.34-150200.10.42.1
perl-PerlMagick-7.0.7.34-150200.10.42.1
perl-PerlMagick-debuginfo-7.0.7.34-150200.10.42.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64):
ImageMagick-7.0.7.34-150200.10.42.1
ImageMagick-config-7-SUSE-7.0.7.34-150200.10.42.1
ImageMagick-config-7-upstream-7.0.7.34-150200.10.42.1
ImageMagick-debuginfo-7.0.7.34-150200.10.42.1
ImageMagick-debugsource-7.0.7.34-150200.10.42.1
ImageMagick-devel-7.0.7.34-150200.10.42.1
libMagick++-7_Q16HDRI4-7.0.7.34-150200.10.42.1
libMagick++-7_Q16HDRI4-debuginfo-7.0.7.34-150200.10.42.1
libMagick++-devel-7.0.7.34-150200.10.42.1
libMagickCore-7_Q16HDRI6-7.0.7.34-150200.10.42.1
libMagickCore-7_Q16HDRI6-debuginfo-7.0.7.34-150200.10.42.1
libMagickWand-7_Q16HDRI6-7.0.7.34-150200.10.42.1
libMagickWand-7_Q16HDRI6-debuginfo-7.0.7.34-150200.10.42.1
perl-PerlMagick-7.0.7.34-150200.10.42.1
perl-PerlMagick-debuginfo-7.0.7.34-150200.10.42.1
- SUSE Linux Enterprise Realtime Extension 15-SP3 (x86_64):
ImageMagick-7.0.7.34-150200.10.42.1
ImageMagick-config-7-SUSE-7.0.7.34-150200.10.42.1
ImageMagick-config-7-upstream-7.0.7.34-150200.10.42.1
ImageMagick-debuginfo-7.0.7.34-150200.10.42.1
ImageMagick-debugsource-7.0.7.34-150200.10.42.1
ImageMagick-devel-7.0.7.34-150200.10.42.1
libMagick++-7_Q16HDRI4-7.0.7.34-150200.10.42.1
libMagick++-7_Q16HDRI4-debuginfo-7.0.7.34-150200.10.42.1
libMagick++-devel-7.0.7.34-150200.10.42.1
libMagickCore-7_Q16HDRI6-7.0.7.34-150200.10.42.1
libMagickCore-7_Q16HDRI6-debuginfo-7.0.7.34-150200.10.42.1
libMagickWand-7_Q16HDRI6-7.0.7.34-150200.10.42.1
libMagickWand-7_Q16HDRI6-debuginfo-7.0.7.34-150200.10.42.1
perl-PerlMagick-7.0.7.34-150200.10.42.1
perl-PerlMagick-debuginfo-7.0.7.34-150200.10.42.1
- SUSE Linux Enterprise High Performance Computing 15-SP3-LTSS (aarch64 x86_64):
ImageMagick-7.0.7.34-150200.10.42.1
ImageMagick-config-7-SUSE-7.0.7.34-150200.10.42.1
ImageMagick-config-7-upstream-7.0.7.34-150200.10.42.1
ImageMagick-debuginfo-7.0.7.34-150200.10.42.1
ImageMagick-debugsource-7.0.7.34-150200.10.42.1
ImageMagick-devel-7.0.7.34-150200.10.42.1
libMagick++-7_Q16HDRI4-7.0.7.34-150200.10.42.1
libMagick++-7_Q16HDRI4-debuginfo-7.0.7.34-150200.10.42.1
libMagick++-devel-7.0.7.34-150200.10.42.1
libMagickCore-7_Q16HDRI6-7.0.7.34-150200.10.42.1
libMagickCore-7_Q16HDRI6-debuginfo-7.0.7.34-150200.10.42.1
libMagickWand-7_Q16HDRI6-7.0.7.34-150200.10.42.1
libMagickWand-7_Q16HDRI6-debuginfo-7.0.7.34-150200.10.42.1
perl-PerlMagick-7.0.7.34-150200.10.42.1
perl-PerlMagick-debuginfo-7.0.7.34-150200.10.42.1
- SUSE Linux Enterprise High Performance Computing 15-SP3-ESPOS (aarch64 x86_64):
ImageMagick-7.0.7.34-150200.10.42.1
ImageMagick-config-7-SUSE-7.0.7.34-150200.10.42.1
ImageMagick-config-7-upstream-7.0.7.34-150200.10.42.1
ImageMagick-debuginfo-7.0.7.34-150200.10.42.1
ImageMagick-debugsource-7.0.7.34-150200.10.42.1
ImageMagick-devel-7.0.7.34-150200.10.42.1
libMagick++-7_Q16HDRI4-7.0.7.34-150200.10.42.1
libMagick++-7_Q16HDRI4-debuginfo-7.0.7.34-150200.10.42.1
libMagick++-devel-7.0.7.34-150200.10.42.1
libMagickCore-7_Q16HDRI6-7.0.7.34-150200.10.42.1
libMagickCore-7_Q16HDRI6-debuginfo-7.0.7.34-150200.10.42.1
libMagickWand-7_Q16HDRI6-7.0.7.34-150200.10.42.1
libMagickWand-7_Q16HDRI6-debuginfo-7.0.7.34-150200.10.42.1
perl-PerlMagick-7.0.7.34-150200.10.42.1
perl-PerlMagick-debuginfo-7.0.7.34-150200.10.42.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64):
ImageMagick-7.0.7.34-150200.10.42.1
ImageMagick-config-7-SUSE-7.0.7.34-150200.10.42.1
ImageMagick-config-7-upstream-7.0.7.34-150200.10.42.1
ImageMagick-debuginfo-7.0.7.34-150200.10.42.1
ImageMagick-debugsource-7.0.7.34-150200.10.42.1
ImageMagick-devel-7.0.7.34-150200.10.42.1
libMagick++-7_Q16HDRI4-7.0.7.34-150200.10.42.1
libMagick++-7_Q16HDRI4-debuginfo-7.0.7.34-150200.10.42.1
libMagick++-devel-7.0.7.34-150200.10.42.1
libMagickCore-7_Q16HDRI6-7.0.7.34-150200.10.42.1
libMagickCore-7_Q16HDRI6-debuginfo-7.0.7.34-150200.10.42.1
libMagickWand-7_Q16HDRI6-7.0.7.34-150200.10.42.1
libMagickWand-7_Q16HDRI6-debuginfo-7.0.7.34-150200.10.42.1
perl-PerlMagick-7.0.7.34-150200.10.42.1
perl-PerlMagick-debuginfo-7.0.7.34-150200.10.42.1
- SUSE Enterprise Storage 7.1 (aarch64 x86_64):
ImageMagick-7.0.7.34-150200.10.42.1
ImageMagick-config-7-SUSE-7.0.7.34-150200.10.42.1
ImageMagick-config-7-upstream-7.0.7.34-150200.10.42.1
ImageMagick-debuginfo-7.0.7.34-150200.10.42.1
ImageMagick-debugsource-7.0.7.34-150200.10.42.1
ImageMagick-devel-7.0.7.34-150200.10.42.1
libMagick++-7_Q16HDRI4-7.0.7.34-150200.10.42.1
libMagick++-7_Q16HDRI4-debuginfo-7.0.7.34-150200.10.42.1
libMagick++-devel-7.0.7.34-150200.10.42.1
libMagickCore-7_Q16HDRI6-7.0.7.34-150200.10.42.1
libMagickCore-7_Q16HDRI6-debuginfo-7.0.7.34-150200.10.42.1
libMagickWand-7_Q16HDRI6-7.0.7.34-150200.10.42.1
libMagickWand-7_Q16HDRI6-debuginfo-7.0.7.34-150200.10.42.1
perl-PerlMagick-7.0.7.34-150200.10.42.1
perl-PerlMagick-debuginfo-7.0.7.34-150200.10.42.1
- SUSE Enterprise Storage 7 (aarch64 x86_64):
ImageMagick-7.0.7.34-150200.10.42.1
ImageMagick-config-7-SUSE-7.0.7.34-150200.10.42.1
ImageMagick-config-7-upstream-7.0.7.34-150200.10.42.1
ImageMagick-debuginfo-7.0.7.34-150200.10.42.1
ImageMagick-debugsource-7.0.7.34-150200.10.42.1
ImageMagick-devel-7.0.7.34-150200.10.42.1
libMagick++-7_Q16HDRI4-7.0.7.34-150200.10.42.1
libMagick++-7_Q16HDRI4-debuginfo-7.0.7.34-150200.10.42.1
libMagick++-devel-7.0.7.34-150200.10.42.1
libMagickCore-7_Q16HDRI6-7.0.7.34-150200.10.42.1
libMagickCore-7_Q16HDRI6-debuginfo-7.0.7.34-150200.10.42.1
libMagickWand-7_Q16HDRI6-7.0.7.34-150200.10.42.1
libMagickWand-7_Q16HDRI6-debuginfo-7.0.7.34-150200.10.42.1
perl-PerlMagick-7.0.7.34-150200.10.42.1
perl-PerlMagick-debuginfo-7.0.7.34-150200.10.42.1
References:
https://www.suse.com/security/cve/CVE-2022-44267.html
https://www.suse.com/security/cve/CVE-2022-44268.html
https://bugzilla.suse.com/1207982
https://bugzilla.suse.com/1207983
1
0
SUSE-SU-2023:0428-1: important: Security update for ImageMagick
by opensuse-security@opensuse.org 15 Feb '23
by opensuse-security@opensuse.org 15 Feb '23
15 Feb '23
SUSE Security Update: Security update for ImageMagick
______________________________________________________________________________
Announcement ID: SUSE-SU-2023:0428-1
Rating: important
References: #1207982 #1207983
Cross-References: CVE-2022-44267 CVE-2022-44268
CVSS scores:
CVE-2022-44267 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2022-44267 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-44268 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
CVE-2022-44268 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Affected Products:
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Desktop Applications 15-SP4
SUSE Linux Enterprise Module for Development Tools 15-SP4
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for ImageMagick fixes the following issues:
- CVE-2022-44267: Fixed a denial of service when parsing a PNG image
(bsc#1207982).
- CVE-2022-44268: Fixed arbitrary file disclosure when parsing a PNG image
(bsc#1207983).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2023-428=1
- SUSE Linux Enterprise Module for Development Tools 15-SP4:
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP4-2023-428=1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP4:
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP4-2023-428=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
ImageMagick-7.1.0.9-150400.6.12.1
ImageMagick-config-7-SUSE-7.1.0.9-150400.6.12.1
ImageMagick-config-7-upstream-7.1.0.9-150400.6.12.1
ImageMagick-debuginfo-7.1.0.9-150400.6.12.1
ImageMagick-debugsource-7.1.0.9-150400.6.12.1
ImageMagick-devel-7.1.0.9-150400.6.12.1
ImageMagick-extra-7.1.0.9-150400.6.12.1
ImageMagick-extra-debuginfo-7.1.0.9-150400.6.12.1
libMagick++-7_Q16HDRI5-7.1.0.9-150400.6.12.1
libMagick++-7_Q16HDRI5-debuginfo-7.1.0.9-150400.6.12.1
libMagick++-devel-7.1.0.9-150400.6.12.1
libMagickCore-7_Q16HDRI10-7.1.0.9-150400.6.12.1
libMagickCore-7_Q16HDRI10-debuginfo-7.1.0.9-150400.6.12.1
libMagickWand-7_Q16HDRI10-7.1.0.9-150400.6.12.1
libMagickWand-7_Q16HDRI10-debuginfo-7.1.0.9-150400.6.12.1
perl-PerlMagick-7.1.0.9-150400.6.12.1
perl-PerlMagick-debuginfo-7.1.0.9-150400.6.12.1
- openSUSE Leap 15.4 (x86_64):
ImageMagick-devel-32bit-7.1.0.9-150400.6.12.1
libMagick++-7_Q16HDRI5-32bit-7.1.0.9-150400.6.12.1
libMagick++-7_Q16HDRI5-32bit-debuginfo-7.1.0.9-150400.6.12.1
libMagick++-devel-32bit-7.1.0.9-150400.6.12.1
libMagickCore-7_Q16HDRI10-32bit-7.1.0.9-150400.6.12.1
libMagickCore-7_Q16HDRI10-32bit-debuginfo-7.1.0.9-150400.6.12.1
libMagickWand-7_Q16HDRI10-32bit-7.1.0.9-150400.6.12.1
libMagickWand-7_Q16HDRI10-32bit-debuginfo-7.1.0.9-150400.6.12.1
- openSUSE Leap 15.4 (noarch):
ImageMagick-doc-7.1.0.9-150400.6.12.1
- SUSE Linux Enterprise Module for Development Tools 15-SP4 (aarch64 ppc64le s390x x86_64):
ImageMagick-debuginfo-7.1.0.9-150400.6.12.1
ImageMagick-debugsource-7.1.0.9-150400.6.12.1
perl-PerlMagick-7.1.0.9-150400.6.12.1
perl-PerlMagick-debuginfo-7.1.0.9-150400.6.12.1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP4 (aarch64 ppc64le s390x x86_64):
ImageMagick-7.1.0.9-150400.6.12.1
ImageMagick-config-7-SUSE-7.1.0.9-150400.6.12.1
ImageMagick-config-7-upstream-7.1.0.9-150400.6.12.1
ImageMagick-debuginfo-7.1.0.9-150400.6.12.1
ImageMagick-debugsource-7.1.0.9-150400.6.12.1
ImageMagick-devel-7.1.0.9-150400.6.12.1
libMagick++-7_Q16HDRI5-7.1.0.9-150400.6.12.1
libMagick++-7_Q16HDRI5-debuginfo-7.1.0.9-150400.6.12.1
libMagick++-devel-7.1.0.9-150400.6.12.1
libMagickCore-7_Q16HDRI10-7.1.0.9-150400.6.12.1
libMagickCore-7_Q16HDRI10-debuginfo-7.1.0.9-150400.6.12.1
libMagickWand-7_Q16HDRI10-7.1.0.9-150400.6.12.1
libMagickWand-7_Q16HDRI10-debuginfo-7.1.0.9-150400.6.12.1
References:
https://www.suse.com/security/cve/CVE-2022-44267.html
https://www.suse.com/security/cve/CVE-2022-44268.html
https://bugzilla.suse.com/1207982
https://bugzilla.suse.com/1207983
1
0
SUSE-SU-2023:0430-1: important: Security update for git
by opensuse-security@opensuse.org 15 Feb '23
by opensuse-security@opensuse.org 15 Feb '23
15 Feb '23
SUSE Security Update: Security update for git
______________________________________________________________________________
Announcement ID: SUSE-SU-2023:0430-1
Rating: important
References: #1208027 #1208028
Cross-References: CVE-2023-22490 CVE-2023-23946
CVSS scores:
CVE-2023-22490 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
CVE-2023-22490 (SUSE): 4.8 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N
CVE-2023-23946 (NVD) : 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
CVE-2023-23946 (SUSE): 5 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N
Affected Products:
SUSE Enterprise Storage 7.1
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP3-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP3-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Module for Development Tools 15-SP4
SUSE Linux Enterprise Realtime Extension 15-SP3
SUSE Linux Enterprise Server 15-SP3-LTSS
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.2
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.2
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.2
SUSE Manager Server 4.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for git fixes the following issues:
- CVE-2023-22490: Fixed incorrectly usable local clone optimization even
when using a non-local transport (bsc#1208027).
- CVE-2023-23946: Fixed issue where a path outside the working tree can
be overwritten as the user who is running "git apply" (bsc#1208028).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2023-430=1
- SUSE Manager Server 4.2:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.2-2023-430=1
- SUSE Manager Retail Branch Server 4.2:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.2-2023-430=1
- SUSE Manager Proxy 4.2:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.2-2023-430=1
- SUSE Linux Enterprise Server for SAP 15-SP3:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2023-430=1
- SUSE Linux Enterprise Server 15-SP3-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2023-430=1
- SUSE Linux Enterprise Realtime Extension 15-SP3:
zypper in -t patch SUSE-SLE-Product-RT-15-SP3-2023-430=1
- SUSE Linux Enterprise Module for Development Tools 15-SP4:
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP4-2023-430=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2023-430=1
- SUSE Linux Enterprise High Performance Computing 15-SP3-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2023-430=1
- SUSE Linux Enterprise High Performance Computing 15-SP3-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-ESPOS-2023-430=1
- SUSE Enterprise Storage 7.1:
zypper in -t patch SUSE-Storage-7.1-2023-430=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
git-2.35.3-150300.10.24.1
git-arch-2.35.3-150300.10.24.1
git-core-2.35.3-150300.10.24.1
git-core-debuginfo-2.35.3-150300.10.24.1
git-credential-gnome-keyring-2.35.3-150300.10.24.1
git-credential-gnome-keyring-debuginfo-2.35.3-150300.10.24.1
git-credential-libsecret-2.35.3-150300.10.24.1
git-credential-libsecret-debuginfo-2.35.3-150300.10.24.1
git-cvs-2.35.3-150300.10.24.1
git-daemon-2.35.3-150300.10.24.1
git-daemon-debuginfo-2.35.3-150300.10.24.1
git-debuginfo-2.35.3-150300.10.24.1
git-debugsource-2.35.3-150300.10.24.1
git-email-2.35.3-150300.10.24.1
git-gui-2.35.3-150300.10.24.1
git-p4-2.35.3-150300.10.24.1
git-svn-2.35.3-150300.10.24.1
git-web-2.35.3-150300.10.24.1
gitk-2.35.3-150300.10.24.1
perl-Git-2.35.3-150300.10.24.1
- openSUSE Leap 15.4 (noarch):
git-doc-2.35.3-150300.10.24.1
- SUSE Manager Server 4.2 (ppc64le s390x x86_64):
git-core-2.35.3-150300.10.24.1
git-core-debuginfo-2.35.3-150300.10.24.1
git-debuginfo-2.35.3-150300.10.24.1
git-debugsource-2.35.3-150300.10.24.1
perl-Git-2.35.3-150300.10.24.1
- SUSE Manager Retail Branch Server 4.2 (x86_64):
git-core-2.35.3-150300.10.24.1
git-core-debuginfo-2.35.3-150300.10.24.1
git-debuginfo-2.35.3-150300.10.24.1
git-debugsource-2.35.3-150300.10.24.1
perl-Git-2.35.3-150300.10.24.1
- SUSE Manager Proxy 4.2 (x86_64):
git-core-2.35.3-150300.10.24.1
git-core-debuginfo-2.35.3-150300.10.24.1
git-debuginfo-2.35.3-150300.10.24.1
git-debugsource-2.35.3-150300.10.24.1
perl-Git-2.35.3-150300.10.24.1
- SUSE Linux Enterprise Server for SAP 15-SP3 (ppc64le x86_64):
git-2.35.3-150300.10.24.1
git-arch-2.35.3-150300.10.24.1
git-core-2.35.3-150300.10.24.1
git-core-debuginfo-2.35.3-150300.10.24.1
git-cvs-2.35.3-150300.10.24.1
git-daemon-2.35.3-150300.10.24.1
git-daemon-debuginfo-2.35.3-150300.10.24.1
git-debuginfo-2.35.3-150300.10.24.1
git-debugsource-2.35.3-150300.10.24.1
git-email-2.35.3-150300.10.24.1
git-gui-2.35.3-150300.10.24.1
git-svn-2.35.3-150300.10.24.1
git-web-2.35.3-150300.10.24.1
gitk-2.35.3-150300.10.24.1
perl-Git-2.35.3-150300.10.24.1
- SUSE Linux Enterprise Server for SAP 15-SP3 (noarch):
git-doc-2.35.3-150300.10.24.1
- SUSE Linux Enterprise Server 15-SP3-LTSS (aarch64 ppc64le s390x x86_64):
git-2.35.3-150300.10.24.1
git-arch-2.35.3-150300.10.24.1
git-core-2.35.3-150300.10.24.1
git-core-debuginfo-2.35.3-150300.10.24.1
git-cvs-2.35.3-150300.10.24.1
git-daemon-2.35.3-150300.10.24.1
git-daemon-debuginfo-2.35.3-150300.10.24.1
git-debuginfo-2.35.3-150300.10.24.1
git-debugsource-2.35.3-150300.10.24.1
git-email-2.35.3-150300.10.24.1
git-gui-2.35.3-150300.10.24.1
git-svn-2.35.3-150300.10.24.1
git-web-2.35.3-150300.10.24.1
gitk-2.35.3-150300.10.24.1
perl-Git-2.35.3-150300.10.24.1
- SUSE Linux Enterprise Server 15-SP3-LTSS (noarch):
git-doc-2.35.3-150300.10.24.1
- SUSE Linux Enterprise Realtime Extension 15-SP3 (x86_64):
git-2.35.3-150300.10.24.1
git-arch-2.35.3-150300.10.24.1
git-core-2.35.3-150300.10.24.1
git-core-debuginfo-2.35.3-150300.10.24.1
git-cvs-2.35.3-150300.10.24.1
git-daemon-2.35.3-150300.10.24.1
git-daemon-debuginfo-2.35.3-150300.10.24.1
git-debuginfo-2.35.3-150300.10.24.1
git-debugsource-2.35.3-150300.10.24.1
git-email-2.35.3-150300.10.24.1
git-gui-2.35.3-150300.10.24.1
git-svn-2.35.3-150300.10.24.1
git-web-2.35.3-150300.10.24.1
gitk-2.35.3-150300.10.24.1
perl-Git-2.35.3-150300.10.24.1
- SUSE Linux Enterprise Realtime Extension 15-SP3 (noarch):
git-doc-2.35.3-150300.10.24.1
- SUSE Linux Enterprise Module for Development Tools 15-SP4 (aarch64 ppc64le s390x x86_64):
git-2.35.3-150300.10.24.1
git-arch-2.35.3-150300.10.24.1
git-cvs-2.35.3-150300.10.24.1
git-daemon-2.35.3-150300.10.24.1
git-daemon-debuginfo-2.35.3-150300.10.24.1
git-debuginfo-2.35.3-150300.10.24.1
git-debugsource-2.35.3-150300.10.24.1
git-email-2.35.3-150300.10.24.1
git-gui-2.35.3-150300.10.24.1
git-svn-2.35.3-150300.10.24.1
git-web-2.35.3-150300.10.24.1
gitk-2.35.3-150300.10.24.1
perl-Git-2.35.3-150300.10.24.1
- SUSE Linux Enterprise Module for Development Tools 15-SP4 (noarch):
git-doc-2.35.3-150300.10.24.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64 ppc64le s390x x86_64):
git-core-2.35.3-150300.10.24.1
git-core-debuginfo-2.35.3-150300.10.24.1
git-debuginfo-2.35.3-150300.10.24.1
git-debugsource-2.35.3-150300.10.24.1
- SUSE Linux Enterprise High Performance Computing 15-SP3-LTSS (aarch64 x86_64):
git-2.35.3-150300.10.24.1
git-arch-2.35.3-150300.10.24.1
git-core-2.35.3-150300.10.24.1
git-core-debuginfo-2.35.3-150300.10.24.1
git-cvs-2.35.3-150300.10.24.1
git-daemon-2.35.3-150300.10.24.1
git-daemon-debuginfo-2.35.3-150300.10.24.1
git-debuginfo-2.35.3-150300.10.24.1
git-debugsource-2.35.3-150300.10.24.1
git-email-2.35.3-150300.10.24.1
git-gui-2.35.3-150300.10.24.1
git-svn-2.35.3-150300.10.24.1
git-web-2.35.3-150300.10.24.1
gitk-2.35.3-150300.10.24.1
perl-Git-2.35.3-150300.10.24.1
- SUSE Linux Enterprise High Performance Computing 15-SP3-LTSS (noarch):
git-doc-2.35.3-150300.10.24.1
- SUSE Linux Enterprise High Performance Computing 15-SP3-ESPOS (aarch64 x86_64):
git-2.35.3-150300.10.24.1
git-arch-2.35.3-150300.10.24.1
git-core-2.35.3-150300.10.24.1
git-core-debuginfo-2.35.3-150300.10.24.1
git-cvs-2.35.3-150300.10.24.1
git-daemon-2.35.3-150300.10.24.1
git-daemon-debuginfo-2.35.3-150300.10.24.1
git-debuginfo-2.35.3-150300.10.24.1
git-debugsource-2.35.3-150300.10.24.1
git-email-2.35.3-150300.10.24.1
git-gui-2.35.3-150300.10.24.1
git-svn-2.35.3-150300.10.24.1
git-web-2.35.3-150300.10.24.1
gitk-2.35.3-150300.10.24.1
perl-Git-2.35.3-150300.10.24.1
- SUSE Linux Enterprise High Performance Computing 15-SP3-ESPOS (noarch):
git-doc-2.35.3-150300.10.24.1
- SUSE Enterprise Storage 7.1 (aarch64 x86_64):
git-2.35.3-150300.10.24.1
git-arch-2.35.3-150300.10.24.1
git-core-2.35.3-150300.10.24.1
git-core-debuginfo-2.35.3-150300.10.24.1
git-cvs-2.35.3-150300.10.24.1
git-daemon-2.35.3-150300.10.24.1
git-daemon-debuginfo-2.35.3-150300.10.24.1
git-debuginfo-2.35.3-150300.10.24.1
git-debugsource-2.35.3-150300.10.24.1
git-email-2.35.3-150300.10.24.1
git-gui-2.35.3-150300.10.24.1
git-svn-2.35.3-150300.10.24.1
git-web-2.35.3-150300.10.24.1
gitk-2.35.3-150300.10.24.1
perl-Git-2.35.3-150300.10.24.1
- SUSE Enterprise Storage 7.1 (noarch):
git-doc-2.35.3-150300.10.24.1
References:
https://www.suse.com/security/cve/CVE-2023-22490.html
https://www.suse.com/security/cve/CVE-2023-23946.html
https://bugzilla.suse.com/1208027
https://bugzilla.suse.com/1208028
1
0
openSUSE-SU-2023:0047-1: important: Security update for phpMyAdmin
by opensuse-security@opensuse.org 15 Feb '23
by opensuse-security@opensuse.org 15 Feb '23
15 Feb '23
openSUSE Security Update: Security update for phpMyAdmin
______________________________________________________________________________
Announcement ID: openSUSE-SU-2023:0047-1
Rating: important
References: #1195017 #1195018 #1197036 #1208186
Cross-References: CVE-2022-0813 CVE-2022-23807 CVE-2022-23808
CVE-2023-25727
CVSS scores:
CVE-2022-0813 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CVE-2022-0813 (SUSE): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
CVE-2022-23807 (NVD) : 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
CVE-2022-23808 (NVD) : 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Affected Products:
openSUSE Backports SLE-15-SP4
______________________________________________________________________________
An update that fixes four vulnerabilities is now available.
Description:
This update for phpMyAdmin fixes the following issues:
phpMyAdmin was updated to 5.2.1
This is a security and bufix release.
* Security:
- Fix (PMASA-2023-01, CWE-661, boo#1208186, CVE-2023-25727) Fix an XSS
attack through the drag-and-drop upload feature.
* Bugfixes:
- issue #17522 Fix case where the routes cache file is invalid
- issue #17506 Fix error when configuring 2FA without XMLWriter or
Imagick
- issue Fix blank page when some error occurs
- issue #17519 Fix Export pages not working in certain conditions
- issue #17496 Fix error in table operation page when partitions are
broken
- issue #17386 Fix system memory and system swap values on Windows
- issue #17517 Fix Database Server panel not getting hidden by
ShowServerInfo configuration directive
- issue #17271 Fix database names not showing on Processes tab
- issue #17424 Fix export limit size calculation
- issue #17366 Fix refresh rate popup on Monitor page
- issue #17577 Fix monitor charts size on RTL languages
- issue #17121 Fix password_hash function incorrectly adding single
quotes to password before hashing
- issue #17586 Fix statistics not showing for empty databases
- issue #17592 Clicking on the New index link on the sidebar does not
throw an error anymore
- issue #17584 It's now possible to browse a database that includes two
% in its name
- issue Fix PHP 8.2 deprecated string interpolation syntax
- issue Some languages are now correctly detected from the HTTP
header
- issue #17617 Sorting is correctly remembered when
$cfg['RememberSorting'] is true
- issue #17593 Table filtering now works when action buttons are on the
right side of the row
- issue #17388 Find and Replace using regex now makes a valid query if
no matching result set found
- issue #17551 Enum/Set editor will not fail to open when creating a new
column
- issue #17659 Fix error when a database group is named tables, views,
functions, procedures or events
- issue #17673 Allow empty values to be inserted into columns
- issue #17620 Fix error handling at phpMyAdmin startup for the JS SQL
console
- issue Fixed debug queries console broken UI for query time and
group count
- issue Fixed escaping of SQL query and errors for the debug
console
- issue Fix console toolbar UI when the bookmark feature is
disabled and sql debug is enabled
- issue #17543 Fix JS error on saving a new designer page
- issue #17546 Fix JS error after using save as and open page operation
on the designer
- issue Fix PHP warning on GIS visualization when there is only
one GIS column
- issue #17728 Some select HTML tags will now have the correct UI style
- issue #17734 PHP deprecations will only be shown when in a development
environment
- issue #17369 Fix server error when blowfish_secret is not exactly 32
bytes long
- issue #17736 Add utf8mb3 as an alias of utf8 on the charset
description page
- issue #16418 Fix FAQ 1.44 about manually removing vendor folders
- issue #12359 Setup page now sends the Content-Security-Policy headers
- issue #17747 The Column Visibility Toggle will not be hidden by other
elements
- issue #17756 Edit/Copy/Delete row now works when using GROUP BY
- issue #17248 Support the UUID data type for MariaDB >= 10.7
- issue #17656 Fix replace/change/set table prefix is not working
- issue Fix monitor page filter queries only filtering the first
row
- issue Fix "Link not found!" on foreign columns for tables
having no char column to show
- issue #17390 Fix "Create view" modal doesn't show on results and empty
results
- issue #17772 Fix wrong styles for add button from central columns
- issue #17389 Fix HTML disappears when exporting settings to browser's
storage
- issue #17166 Fix "Warning: #1287 'X' is deprecated [...] Please use
ST_X instead." on search page
- issue Use jquery-migrate.min.js (14KB) instead of
jquery-migrate.min.js (31KB)
- issue #17842 Use jquery.validate.min.js (24 KB) instead of
jquery.validate.js (50 KB)
- issue #17281 Fix links to databases for information_schema.SCHEMATA
- issue #17553 Fix Metro theme unreadable links above navigation tree
- issue #17553 Metro theme UI fixes and improvements
- issue #17553 Fix Metro theme login form with
- issue #16042 Exported gzip file of database has first ~73 kB
uncompressed and rest is gzip compressed in Firefox
- issue #17705 Fix inline SQL query edit FK checkbox preventing submit
buttons from working
- issue #17777 Fix Uncaught TypeError: Cannot read properties of null
(reading 'inline') on datepickers when re-opened
- issue Fix Original theme buttons style and login form width
- issue #17892 Fix closing index edit modal and reopening causes it to
fire twice
- issue #17606 Fix preview SQL modal not working inside "Add Index" modal
- issue Fix PHP error on adding new column on create table form
- issue #17482 Default to "Full texts" when running explain statements
- issue Fixed Chrome scrolling performance issue on a textarea of
an "export as text" page
- issue #17703 Fix datepicker appears on all fields, not just date
- issue Fix space in the tree line when a DB is expanded
- issue #17340 Fix "New Table" page -> "VIRTUAL" attribute is lost when
adding a new column
- issue #17446 Fix missing option for STORED virtual column on MySQL and
PERSISTENT is not supported on MySQL
- issue #17446 Lower the check for virtual columns to MySQL>=5.7.6
nothing is supported on 5.7.5
- issue Fix column names option for CSV Export
- issue #17177 Fix preview SQL when reordering columns doesn't work on
move columns
- issue #15887 Fixed DROP TABLE errors ignored on multi table select for
DROP
- issue #17944 Fix unable to create a view from tree view button
- issue #17927 Fix key navigation between select inputs (drop an old
Firefox workaround)
- issue #17967 Fix missing icon for collapse all button
- issue #18006 Fixed UUID columns can't be moved
- issue Add `spellcheck="false"` to all password fields and some
text fields to avoid spell-jacking data leaks
- issue Remove non working "Analyze Explain at MariaDB.org"
button (MariaDB stopped this service)
- issue #17229 Add support for Web Authentication API because Chrome
removed support for the U2F API
- issue #18019 Fix "Call to a member function fetchAssoc() on bool" with
SQL mode ONLY_FULL_GROUP_BY on monitor search logs
- issue Add back UUID and UUID_SHORT to functions on MySQL and
all MariaDB versions
- issue #17398 Fix clicking on JSON columns triggers update query
- issue Fix silent JSON parse error on upload progress
- issue #17833 Fix "Add Parameter" button not working for Add Routine
Screen
- issue #17365 Fixed "Uncaught Error: regexp too big" on server status
variables page
Update to 5.2.0
* Bugfix
- issue #16521 Upgrade Bootstrap to version 5
- issue #16521 Drop support for Internet Explorer and others
- issue Upgrade to shapefile 3
- issue #16555 Bump minimum PHP version to 7.2
- issue Remove the phpseclib dependency
- issue Upgrade Symfony components to version 5.2
- issue Upgrade to Motranslator 4
- issue #16005 Improve the performance of the Export logic
- issue #16829 Add NOT LIKE %...% operator to Table search
- issue #16845 Fixed some links not passing through url.php
- issue #16382 Remove apc upload progress method (all upload progress
code was removed from the PHP extension)
- issue #16974 Replace zxcvbn by zxcvbn-ts
- issue #15691 Disable the last column checkbox in the column list
dropdown instead of not allowing un-check
- issue #16138 Ignore the length of integer types and show a warning on
MySQL >= 8.0.18
- issue Add support for the Mroonga engine
- issue Double click column name to directly copy to clipboard
- issue #16425 Add DELETE FROM table on table operations page
- issue #16482 Add a select all link for table-specific privileges
- issue #14276 Add support for account locking
- issue #17143 Use composer/ca-bundle to manage the CA cert file
- issue #17143 Require the openssl PHP extension
- issue #17171 Remove the printview.css file from themes
- issue #17203 Redesign the export and the import pages
- issue #16197 Replace the master/slave terminology
- issue #17257 Replace libraries/vendor_config.php constants with an
array
- issue Add the Bootstrap theme
- issue #17499 Remove stickyfilljs JavaScript dependency
Update to 5.1.3
This is a security and bufix release.
* Security
- Fix for boo#1197036 (CVE-2022-0813)
- Fix for path disclosure under certain server configurations (if
display_errors is on, for instance)
* Bugfix
- issue #17308 Fix broken pagination links in the navigation sidebar
- issue #17331 Fix MariaDB has no support for system variable
"disabled_storage_engines"
- issue #17315 Fix unsupported operand types in Results.php when running
"SHOW PROCESSLIST" SQL query
- issue #17288 Fixed importing browser settings question box after login
when having no pmadb
- issue #17288 Fix "First day of calendar" user override has no effect
- issue #17239 Fixed repeating headers are not working
- issue #17298 Fixed import of email-adresses or links from ODS results
in empty contents
- issue #17344 Fixed a type error on ODS import with non string values
- issue #17239 Fixed header row show/hide columns buttons on each line
after hover are shown on each row
Update to 5.1.2
This is a security and bufix release.
* Security
- Fix boo#1195017 (CVE-2022-23807, PMASA-2022-1, CWE-661) Two factor
authentication bypass
- Fix boo#1195018 (CVE-2022-23808, PMASA-2022-2, CWE-661) Multiple XSS
and HTML injection attacks in setup script
* Bugfixes
- Revert a changed to $cfg['CharTextareaRows'] allow values less than 7
- Fix encoding of enum and set values on edit value
- Fixed possible "Undefined index: clause_is_unique" error
- Fixed some situations where a user is logged out when working with
more than one server
- Fixed a problem with assigning privileges to a user using the
multiselect list when the database name has an underscore
- Enable cookie parameter "SameSite" when the PHP version is 7.3 or newer
- Correctly handle the removal of "innodb_file_format" in MariaDB and
MySQL
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Backports SLE-15-SP4:
zypper in -t patch openSUSE-2023-47=1
Package List:
- openSUSE Backports SLE-15-SP4 (noarch):
phpMyAdmin-5.2.1-bp154.2.3.1
phpMyAdmin-apache-5.2.1-bp154.2.3.1
phpMyAdmin-lang-5.2.1-bp154.2.3.1
References:
https://www.suse.com/security/cve/CVE-2022-0813.html
https://www.suse.com/security/cve/CVE-2022-23807.html
https://www.suse.com/security/cve/CVE-2022-23808.html
https://www.suse.com/security/cve/CVE-2023-25727.html
https://bugzilla.suse.com/1195017
https://bugzilla.suse.com/1195018
https://bugzilla.suse.com/1197036
https://bugzilla.suse.com/1208186
1
0
SUSE-SU-2023:0418-1: important: Security update for git
by opensuse-security@opensuse.org 15 Feb '23
by opensuse-security@opensuse.org 15 Feb '23
15 Feb '23
SUSE Security Update: Security update for git
______________________________________________________________________________
Announcement ID: SUSE-SU-2023:0418-1
Rating: important
References: #1204455 #1204456 #1208027 #1208028
Cross-References: CVE-2022-39253 CVE-2022-39260 CVE-2023-22490
CVE-2023-23946
CVSS scores:
CVE-2022-39253 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
CVE-2022-39253 (SUSE): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
CVE-2022-39260 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-39260 (SUSE): 6.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
CVE-2023-22490 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
CVE-2023-22490 (SUSE): 4.8 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N
CVE-2023-23946 (NVD) : 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
CVE-2023-23946 (SUSE): 5 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N
Affected Products:
SUSE CaaS Platform 4.0
SUSE Enterprise Storage 7
SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise Server 15-SP1-LTSS
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server for SAP 15-SP1
SUSE Linux Enterprise Server for SAP 15-SP2
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes four vulnerabilities is now available.
Description:
This update for git fixes the following issues:
- CVE-2023-22490: Fixed incorrectly usable local clone optimization even
when using a non-local transport (bsc#1208027).
- CVE-2023-23946: Fixed issue where a path outside the working tree can
be overwritten as the user who is running "git apply" (bsc#1208028).
- CVE-2022-39260: Fixed overflow in `split_cmdline()`, leading to
arbitrary heap writes and remote code execution (bsc#1204456).
- CVE-2022-39253: Fixed dereference issue with symbolic links via the
`--local` clone mechanism (bsc#1204455).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2023-418=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2023-418=1
- SUSE Linux Enterprise Server for SAP 15-SP1:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2023-418=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2023-418=1
- SUSE Linux Enterprise Server 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2023-418=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2023-418=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-LTSS-2023-418=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2023-418=1
- SUSE CaaS Platform 4.0:
To install this update, use the SUSE CaaS Platform 'skuba' tool. It
will inform you if it detects new updates and let you then trigger
updating of the complete cluster in a controlled way.
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
git-svn-debuginfo-2.26.2-150000.47.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64):
git-2.26.2-150000.47.1
git-arch-2.26.2-150000.47.1
git-core-2.26.2-150000.47.1
git-core-debuginfo-2.26.2-150000.47.1
git-cvs-2.26.2-150000.47.1
git-daemon-2.26.2-150000.47.1
git-daemon-debuginfo-2.26.2-150000.47.1
git-debuginfo-2.26.2-150000.47.1
git-debugsource-2.26.2-150000.47.1
git-email-2.26.2-150000.47.1
git-gui-2.26.2-150000.47.1
git-svn-2.26.2-150000.47.1
git-svn-debuginfo-2.26.2-150000.47.1
git-web-2.26.2-150000.47.1
gitk-2.26.2-150000.47.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (noarch):
git-doc-2.26.2-150000.47.1
- SUSE Linux Enterprise Server for SAP 15-SP1 (ppc64le x86_64):
git-2.26.2-150000.47.1
git-arch-2.26.2-150000.47.1
git-core-2.26.2-150000.47.1
git-core-debuginfo-2.26.2-150000.47.1
git-cvs-2.26.2-150000.47.1
git-daemon-2.26.2-150000.47.1
git-daemon-debuginfo-2.26.2-150000.47.1
git-debuginfo-2.26.2-150000.47.1
git-debugsource-2.26.2-150000.47.1
git-email-2.26.2-150000.47.1
git-gui-2.26.2-150000.47.1
git-svn-2.26.2-150000.47.1
git-svn-debuginfo-2.26.2-150000.47.1
git-web-2.26.2-150000.47.1
gitk-2.26.2-150000.47.1
- SUSE Linux Enterprise Server for SAP 15-SP1 (noarch):
git-doc-2.26.2-150000.47.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64):
git-2.26.2-150000.47.1
git-arch-2.26.2-150000.47.1
git-core-2.26.2-150000.47.1
git-core-debuginfo-2.26.2-150000.47.1
git-cvs-2.26.2-150000.47.1
git-daemon-2.26.2-150000.47.1
git-daemon-debuginfo-2.26.2-150000.47.1
git-debuginfo-2.26.2-150000.47.1
git-debugsource-2.26.2-150000.47.1
git-email-2.26.2-150000.47.1
git-gui-2.26.2-150000.47.1
git-svn-2.26.2-150000.47.1
git-svn-debuginfo-2.26.2-150000.47.1
git-web-2.26.2-150000.47.1
gitk-2.26.2-150000.47.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (noarch):
git-doc-2.26.2-150000.47.1
- SUSE Linux Enterprise Server 15-SP1-LTSS (aarch64 ppc64le s390x x86_64):
git-2.26.2-150000.47.1
git-arch-2.26.2-150000.47.1
git-core-2.26.2-150000.47.1
git-core-debuginfo-2.26.2-150000.47.1
git-cvs-2.26.2-150000.47.1
git-daemon-2.26.2-150000.47.1
git-daemon-debuginfo-2.26.2-150000.47.1
git-debuginfo-2.26.2-150000.47.1
git-debugsource-2.26.2-150000.47.1
git-email-2.26.2-150000.47.1
git-gui-2.26.2-150000.47.1
git-svn-2.26.2-150000.47.1
git-svn-debuginfo-2.26.2-150000.47.1
git-web-2.26.2-150000.47.1
gitk-2.26.2-150000.47.1
- SUSE Linux Enterprise Server 15-SP1-LTSS (noarch):
git-doc-2.26.2-150000.47.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64):
git-2.26.2-150000.47.1
git-arch-2.26.2-150000.47.1
git-core-2.26.2-150000.47.1
git-core-debuginfo-2.26.2-150000.47.1
git-cvs-2.26.2-150000.47.1
git-daemon-2.26.2-150000.47.1
git-daemon-debuginfo-2.26.2-150000.47.1
git-debuginfo-2.26.2-150000.47.1
git-debugsource-2.26.2-150000.47.1
git-email-2.26.2-150000.47.1
git-gui-2.26.2-150000.47.1
git-svn-2.26.2-150000.47.1
git-svn-debuginfo-2.26.2-150000.47.1
git-web-2.26.2-150000.47.1
gitk-2.26.2-150000.47.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (noarch):
git-doc-2.26.2-150000.47.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (aarch64 x86_64):
git-2.26.2-150000.47.1
git-arch-2.26.2-150000.47.1
git-core-2.26.2-150000.47.1
git-core-debuginfo-2.26.2-150000.47.1
git-cvs-2.26.2-150000.47.1
git-daemon-2.26.2-150000.47.1
git-daemon-debuginfo-2.26.2-150000.47.1
git-debuginfo-2.26.2-150000.47.1
git-debugsource-2.26.2-150000.47.1
git-email-2.26.2-150000.47.1
git-gui-2.26.2-150000.47.1
git-svn-2.26.2-150000.47.1
git-svn-debuginfo-2.26.2-150000.47.1
git-web-2.26.2-150000.47.1
gitk-2.26.2-150000.47.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (noarch):
git-doc-2.26.2-150000.47.1
- SUSE Enterprise Storage 7 (aarch64 x86_64):
git-2.26.2-150000.47.1
git-arch-2.26.2-150000.47.1
git-core-2.26.2-150000.47.1
git-core-debuginfo-2.26.2-150000.47.1
git-cvs-2.26.2-150000.47.1
git-daemon-2.26.2-150000.47.1
git-daemon-debuginfo-2.26.2-150000.47.1
git-debuginfo-2.26.2-150000.47.1
git-debugsource-2.26.2-150000.47.1
git-email-2.26.2-150000.47.1
git-gui-2.26.2-150000.47.1
git-svn-2.26.2-150000.47.1
git-svn-debuginfo-2.26.2-150000.47.1
git-web-2.26.2-150000.47.1
gitk-2.26.2-150000.47.1
- SUSE Enterprise Storage 7 (noarch):
git-doc-2.26.2-150000.47.1
- SUSE CaaS Platform 4.0 (x86_64):
git-2.26.2-150000.47.1
git-arch-2.26.2-150000.47.1
git-core-2.26.2-150000.47.1
git-core-debuginfo-2.26.2-150000.47.1
git-cvs-2.26.2-150000.47.1
git-daemon-2.26.2-150000.47.1
git-daemon-debuginfo-2.26.2-150000.47.1
git-debuginfo-2.26.2-150000.47.1
git-debugsource-2.26.2-150000.47.1
git-email-2.26.2-150000.47.1
git-gui-2.26.2-150000.47.1
git-svn-2.26.2-150000.47.1
git-svn-debuginfo-2.26.2-150000.47.1
git-web-2.26.2-150000.47.1
gitk-2.26.2-150000.47.1
- SUSE CaaS Platform 4.0 (noarch):
git-doc-2.26.2-150000.47.1
References:
https://www.suse.com/security/cve/CVE-2022-39253.html
https://www.suse.com/security/cve/CVE-2022-39260.html
https://www.suse.com/security/cve/CVE-2023-22490.html
https://www.suse.com/security/cve/CVE-2023-23946.html
https://bugzilla.suse.com/1204455
https://bugzilla.suse.com/1204456
https://bugzilla.suse.com/1208027
https://bugzilla.suse.com/1208028
1
0
SUSE-SU-2023:0419-1: moderate: Security update for nodejs18
by opensuse-security@opensuse.org 15 Feb '23
by opensuse-security@opensuse.org 15 Feb '23
15 Feb '23
SUSE Security Update: Security update for nodejs18
______________________________________________________________________________
Announcement ID: SUSE-SU-2023:0419-1
Rating: moderate
References: #1200303 #1201325 #1201326 #1201327 #1201328
#1203831 #1203832 #1205042 #1205119 #1205236
PED-2097 PED-3192
Cross-References: CVE-2022-32212 CVE-2022-32213 CVE-2022-32214
CVE-2022-32215 CVE-2022-35255 CVE-2022-35256
CVE-2022-43548
CVSS scores:
CVE-2022-32212 (NVD) : 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-32212 (SUSE): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-32213 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
CVE-2022-32213 (SUSE): 6.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:H
CVE-2022-32214 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
CVE-2022-32214 (SUSE): 6.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
CVE-2022-32215 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
CVE-2022-32215 (SUSE): 6.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
CVE-2022-35255 (NVD) : 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
CVE-2022-35255 (SUSE): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
CVE-2022-35256 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
CVE-2022-35256 (SUSE): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
CVE-2022-43548 (NVD) : 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-43548 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Affected Products:
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Web Scripting 15-SP4
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.3
openSUSE Leap 15.4
openSUSE Leap 15.5
______________________________________________________________________________
An update that solves 7 vulnerabilities, contains two
features and has three fixes is now available.
Description:
This update for nodejs18 fixes the following issues:
This update ships nodejs18 (jsc#PED-2097)
Update to NodejJS 18.13.0 LTS:
* build: disable v8 snapshot compression by default
* crypto: update root certificates
* deps: update ICU to 72.1
* doc:
+ add doc-only deprecation for headers/trailers setters
+ add Rafael to the tsc
+ deprecate use of invalid ports in url.parse
+ deprecate url.parse()
* lib: drop fetch experimental warning
* net: add autoSelectFamily and autoSelectFamilyAttemptTimeout options
* src:
+ add uvwasi version
+ add initial shadow realm support
* test_runner:
+ add t.after() hook
+ don't use a symbol for runHook()
* tls:
+ add "ca" property to certificate object
* util:
+ add fast path for utf8 encoding
+ improve textdecoder decode performance
+ add MIME utilities
- Fixes compatibility with ICU 72.1 (bsc#1205236)
- Fix migration to openssl-3 (bsc#1205042)
Update to NodeJS 18.12.1 LTS:
* inspector: DNS rebinding in --inspect via invalid octal IP (bsc#1205119,
CVE-2022-43548)
Update to NodeJS 18.12.0 LTS:
* Running in 'watch' mode using node --watch restarts the process when an
imported file is changed.
* fs: add FileHandle.prototype.readLines
* http: add writeEarlyHints function to ServerResponse
* http2: make early hints generic
* util: add default value option to parsearg
Update to NodeJS 18.11.0:
* added experimental watch mode -- running in 'watch' mode using node
--watch restarts the process when an imported file is changed
* fs: add FileHandle.prototype.readLines
* http: add writeEarlyHints function to ServerResponse
* http2: make early hints generic
* lib: refactor transferable AbortSignal
* src: add detailed embedder process initialization API
* util: add default value option to parsearg
Update to NodeJS 18.10.0:
* deps: upgrade npm to 8.19.2
* http: throw error on content-length mismatch
* stream: add ReadableByteStream.tee()
Update to Nodejs 18.9.1:
* deps: llhttp updated to 6.0.10
+ CVE-2022-32213 bypass via obs-fold mechanic (bsc#1201325)
+ Incorrect Parsing of Multi-line Transfer-Encoding (CVE-2022-32215,
bsc#1201327)
+ Incorrect Parsing of Header Fields (CVE-2022-35256, bsc#1203832)
* crypto: fix weak randomness in WebCrypto keygen (CVE-2022-35255,
bsc#1203831)
Update to Nodejs 18.9.0:
* lib - add diagnostics channel for process and worker
* os - add machine method
* report - expose report public native apis
* src - expose environment RequestInterrupt api
* vm - include vm context in the embedded snapshot
Changes in 18.8.0:
* bootstrap: implement run-time user-land snapshots via
--build-snapshot and --snapshot-blob. See
* crypto:
+ allow zero-length IKM in HKDF and in webcrypto PBKDF2
+ allow zero-length secret KeyObject
* deps: upgrade npm to 8.18.0
* http: make idle http parser count configurable
* net: add local family
* src: print source map error source on demand
* tls: pass a valid socket on tlsClientError
Update to Nodejs 18.7.0:
* events: add CustomEvent
* http: add drop request event for http server
* lib: improved diagnostics_channel subscribe/unsubscribe
* util: add tokens to parseArgs
- enable crypto policy ciphers for TW and SLE15 SP4+ (bsc#1200303)
Update to Nodejs 18.6.0:
* Experimental ESM Loader Hooks API. For details see,
https://nodejs.org/api/esm.html
* dns: export error code constants from dns/promises
* esm: add chaining to loaders
* http: add diagnostics channel for http client
* http: add perf_hooks detail for http request and client
* module: add isBuiltIn method
* net: add drop event for net server
* test_runner: expose describe and it
* v8: add v8.startupSnapshot utils
For details, see
https://github.com/nodejs/node/blob/main/doc/changelogs/CHANGELOG_V18.md#18
.6.0
Update to Nodejs 18.5.0:
* http: stricter Transfer-Encoding and header separator parsing
(bsc#1201325, bsc#1201326, bsc#1201327, CVE-2022-32213, CVE-2022-32214,
CVE-2022-32215)
* src: fix IPv4 validation in inspector_socket (bsc#1201328,
CVE-2022-32212)
For details, see
https://github.com/nodejs/node/blob/main/doc/changelogs/CHANGELOG_V18.md#18
.5.0
Update to Nodejs 18.4.0. For detailed changes see,
https://github.com/nodejs/node/blob/main/doc/changelogs/CHANGELOG_V18.md#18
.4.0
Initial packaging of Nodejs 18.2.0. For detailed changes since previous
versions, see
https://github.com/nodejs/node/blob/master/doc/changelogs/CHANGELOG_V18.md#
18.2.0
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.5:
zypper in -t patch openSUSE-SLE-15.5-2023-419=1
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2023-419=1
- SUSE Linux Enterprise Module for Web Scripting 15-SP4:
zypper in -t patch SUSE-SLE-Module-Web-Scripting-15-SP4-2023-419=1
Package List:
- openSUSE Leap 15.5 (aarch64 s390x x86_64):
corepack18-18.13.0-150400.9.3.1
nodejs18-18.13.0-150400.9.3.1
nodejs18-debuginfo-18.13.0-150400.9.3.1
nodejs18-debugsource-18.13.0-150400.9.3.1
nodejs18-devel-18.13.0-150400.9.3.1
npm18-18.13.0-150400.9.3.1
- openSUSE Leap 15.5 (noarch):
nodejs18-docs-18.13.0-150400.9.3.1
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
corepack18-18.13.0-150400.9.3.1
nodejs18-18.13.0-150400.9.3.1
nodejs18-debuginfo-18.13.0-150400.9.3.1
nodejs18-debugsource-18.13.0-150400.9.3.1
nodejs18-devel-18.13.0-150400.9.3.1
npm18-18.13.0-150400.9.3.1
- openSUSE Leap 15.4 (noarch):
nodejs18-docs-18.13.0-150400.9.3.1
- SUSE Linux Enterprise Module for Web Scripting 15-SP4 (aarch64 ppc64le s390x x86_64):
nodejs18-18.13.0-150400.9.3.1
nodejs18-debuginfo-18.13.0-150400.9.3.1
nodejs18-debugsource-18.13.0-150400.9.3.1
nodejs18-devel-18.13.0-150400.9.3.1
npm18-18.13.0-150400.9.3.1
- SUSE Linux Enterprise Module for Web Scripting 15-SP4 (noarch):
nodejs18-docs-18.13.0-150400.9.3.1
References:
https://www.suse.com/security/cve/CVE-2022-32212.html
https://www.suse.com/security/cve/CVE-2022-32213.html
https://www.suse.com/security/cve/CVE-2022-32214.html
https://www.suse.com/security/cve/CVE-2022-32215.html
https://www.suse.com/security/cve/CVE-2022-35255.html
https://www.suse.com/security/cve/CVE-2022-35256.html
https://www.suse.com/security/cve/CVE-2022-43548.html
https://bugzilla.suse.com/1200303
https://bugzilla.suse.com/1201325
https://bugzilla.suse.com/1201326
https://bugzilla.suse.com/1201327
https://bugzilla.suse.com/1201328
https://bugzilla.suse.com/1203831
https://bugzilla.suse.com/1203832
https://bugzilla.suse.com/1205042
https://bugzilla.suse.com/1205119
https://bugzilla.suse.com/1205236
1
0
openSUSE-SU-2023:0046-1: important: Security update for timescaledb
by opensuse-security@opensuse.org 14 Feb '23
by opensuse-security@opensuse.org 14 Feb '23
14 Feb '23
openSUSE Security Update: Security update for timescaledb
______________________________________________________________________________
Announcement ID: openSUSE-SU-2023:0046-1
Rating: important
References: #1197063
Cross-References: CVE-2022-24128
CVSS scores:
CVE-2022-24128 (NVD) : 8 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Affected Products:
openSUSE Backports SLE-15-SP4
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for timescaledb fixes the following issues:
Update to version 2.9.3
- https://github.com/timescale/timescaledb/releases/tag/2.9.3
- https://github.com/timescale/timescaledb/releases/tag/2.9.2
- https://github.com/timescale/timescaledb/releases/tag/2.9.1
- https://github.com/timescale/timescaledb/releases/tag/2.9.0
- https://github.com/timescale/timescaledb/releases/tag/2.8.1
- https://github.com/timescale/timescaledb/releases/tag/2.8.0
- https://github.com/timescale/timescaledb/releases/tag/2.7.1
- https://github.com/timescale/timescaledb/releases/tag/2.7.2
- https://github.com/timescale/timescaledb/releases/tag/2.7.0
- https://github.com/timescale/timescaledb/releases/tag/2.6.1
- CVE-2022-24128: Fixed privilege escalation during extension installation
(boo#1197063)
- https://github.com/timescale/timescaledb/releases/tag/2.6.0
- https://github.com/timescale/timescaledb/releases/tag/2.5.2
- https://github.com/timescale/timescaledb/releases/tag/2.5.1
- https://github.com/timescale/timescaledb/releases/tag/1.7.5
- https://github.com/timescale/timescaledb/releases/tag/2.0.0
- https://github.com/timescale/timescaledb/releases/tag/2.0.1
- https://github.com/timescale/timescaledb/releases/tag/2.0.2
- https://github.com/timescale/timescaledb/releases/tag/2.1.0
- https://github.com/timescale/timescaledb/releases/tag/2.1.1
- https://github.com/timescale/timescaledb/releases/tag/2.2.0
- https://github.com/timescale/timescaledb/releases/tag/2.2.1
- https://github.com/timescale/timescaledb/releases/tag/2.3.0
- https://github.com/timescale/timescaledb/releases/tag/2.3.1
- https://github.com/timescale/timescaledb/releases/tag/2.4.0
- https://github.com/timescale/timescaledb/releases/tag/2.4.1
- https://github.com/timescale/timescaledb/releases/tag/2.4.2
- https://github.com/timescale/timescaledb/releases/tag/2.5.0
- enable postgresql14
- https://github.com/timescale/timescaledb/releases/tag/1.7.2
- https://github.com/timescale/timescaledb/releases/tag/1.7.3
- https://github.com/timescale/timescaledb/releases/tag/1.7.4
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Backports SLE-15-SP4:
zypper in -t patch openSUSE-2023-46=1
Package List:
- openSUSE Backports SLE-15-SP4 (aarch64 i586 ppc64le s390x x86_64):
postgresql12-timescaledb-2.9.3-bp154.2.3.1
postgresql13-timescaledb-2.9.3-bp154.2.3.1
postgresql14-timescaledb-2.9.3-bp154.2.3.1
postgresql15-timescaledb-2.9.3-bp154.2.3.1
References:
https://www.suse.com/security/cve/CVE-2022-24128.html
https://bugzilla.suse.com/1197063
1
0
SUSE-SU-2023:0410-1: important: Security update for the Linux Kernel
by opensuse-security@opensuse.org 14 Feb '23
by opensuse-security@opensuse.org 14 Feb '23
14 Feb '23
SUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________
Announcement ID: SUSE-SU-2023:0410-1
Rating: important
References: #1203693 #1205149 #1206073 #1206389 #1206395
#1206664 #1206677 #1206784 #1207036 #1207186
#1207237 PED-1706
Cross-References: CVE-2022-3107 CVE-2022-3108 CVE-2022-3564
CVE-2022-4662 CVE-2022-47929 CVE-2023-23454
CVSS scores:
CVE-2022-3107 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3107 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3108 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3108 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3564 (NVD) : 7.1 CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3564 (SUSE): 8 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-4662 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-4662 (SUSE): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-47929 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-47929 (SUSE): 4.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H
CVE-2023-23454 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2023-23454 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products:
SUSE CaaS Platform 4.0
SUSE Linux Enterprise High Availability 15-SP1
SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS
SUSE Linux Enterprise Module for Live Patching 15-SP1
SUSE Linux Enterprise Server 15-SP1-LTSS
SUSE Linux Enterprise Server for SAP 15-SP1
openSUSE Leap 15.4
______________________________________________________________________________
An update that solves 6 vulnerabilities, contains one
feature and has 5 fixes is now available.
Description:
The SUSE Linux Enterprise 15 SP1 kernel was updated receive various
security and bugfixes.
The following security bugs were fixed:
- CVE-2022-3107: Fixed missing check of return value of kvmalloc_array()
(bnc#1206395).
- CVE-2022-3108: Fixed missing check of return value of kmemdup()
(bnc#1206389).
- CVE-2022-3564: Fixed use-after-free in l2cap_core.c of the Bluetooth
component (bnc#1206073).
- CVE-2022-4662: Fixed incorrect access control in the USB core subsystem
that could lead a local user to crash the system (bnc#1206664).
- CVE-2022-47929: Fixed NULL pointer dereference bug in the traffic
control subsystem (bnc#1207237).
- CVE-2023-23454: Fixed denial or service in cbq_classify in
net/sched/sch_cbq.c (bnc#1207036).
The following non-security bugs were fixed:
- Added support for enabling livepatching related packages on -RT
(jsc#PED-1706).
- Added suse-kernel-rpm-scriptlets to kmp buildreqs (boo#1205149).
- HID: betop: check shape of output reports (git-fixes, bsc#1207186).
- HID: betop: fix slab-out-of-bounds Write in betop_probe (git-fixes,
bsc#1207186).
- HID: check empty report_list in hid_validate_values() (git-fixes,
bsc#1206784).
- Reverted "constraints: increase disk space for all architectures"
(bsc#1203693)
- net: sched: atm: dont intepret cls results when asked to drop
(bsc#1207036).
- net: sched: cbq: dont intepret cls results when asked to drop
(bsc#1207036).
- sctp: fail if no bound addresses can be used for a given scope
(bsc#1206677).
Special Instructions and Notes:
Please reboot the system after installing this update.
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2023-410=1
- SUSE Linux Enterprise Server for SAP 15-SP1:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2023-410=1
- SUSE Linux Enterprise Server 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2023-410=1
- SUSE Linux Enterprise Module for Live Patching 15-SP1:
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP1-2023-410=1
Please note that this is the initial kernel livepatch without fixes
itself, this livepatch package is later updated by seperate standalone
livepatch updates.
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-LTSS-2023-410=1
- SUSE Linux Enterprise High Availability 15-SP1:
zypper in -t patch SUSE-SLE-Product-HA-15-SP1-2023-410=1
- SUSE CaaS Platform 4.0:
To install this update, use the SUSE CaaS Platform 'skuba' tool. It
will inform you if it detects new updates and let you then trigger
updating of the complete cluster in a controlled way.
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
kernel-default-base-debuginfo-4.12.14-150100.197.134.1
kernel-vanilla-4.12.14-150100.197.134.1
kernel-vanilla-base-4.12.14-150100.197.134.1
kernel-vanilla-base-debuginfo-4.12.14-150100.197.134.1
kernel-vanilla-debuginfo-4.12.14-150100.197.134.1
kernel-vanilla-debugsource-4.12.14-150100.197.134.1
kernel-vanilla-devel-4.12.14-150100.197.134.1
kernel-vanilla-devel-debuginfo-4.12.14-150100.197.134.1
kernel-vanilla-livepatch-devel-4.12.14-150100.197.134.1
- openSUSE Leap 15.4 (ppc64le x86_64):
kernel-debug-base-4.12.14-150100.197.134.1
kernel-debug-base-debuginfo-4.12.14-150100.197.134.1
- openSUSE Leap 15.4 (x86_64):
kernel-kvmsmall-base-4.12.14-150100.197.134.1
kernel-kvmsmall-base-debuginfo-4.12.14-150100.197.134.1
- openSUSE Leap 15.4 (s390x):
kernel-default-man-4.12.14-150100.197.134.1
kernel-zfcpdump-man-4.12.14-150100.197.134.1
- SUSE Linux Enterprise Server for SAP 15-SP1 (ppc64le x86_64):
kernel-default-4.12.14-150100.197.134.1
kernel-default-base-4.12.14-150100.197.134.1
kernel-default-base-debuginfo-4.12.14-150100.197.134.1
kernel-default-debuginfo-4.12.14-150100.197.134.1
kernel-default-debugsource-4.12.14-150100.197.134.1
kernel-default-devel-4.12.14-150100.197.134.1
kernel-default-devel-debuginfo-4.12.14-150100.197.134.1
kernel-obs-build-4.12.14-150100.197.134.1
kernel-obs-build-debugsource-4.12.14-150100.197.134.1
kernel-syms-4.12.14-150100.197.134.1
reiserfs-kmp-default-4.12.14-150100.197.134.1
reiserfs-kmp-default-debuginfo-4.12.14-150100.197.134.1
- SUSE Linux Enterprise Server for SAP 15-SP1 (noarch):
kernel-devel-4.12.14-150100.197.134.1
kernel-docs-4.12.14-150100.197.134.1
kernel-macros-4.12.14-150100.197.134.1
kernel-source-4.12.14-150100.197.134.1
- SUSE Linux Enterprise Server 15-SP1-LTSS (aarch64 ppc64le s390x x86_64):
kernel-default-4.12.14-150100.197.134.1
kernel-default-base-4.12.14-150100.197.134.1
kernel-default-base-debuginfo-4.12.14-150100.197.134.1
kernel-default-debuginfo-4.12.14-150100.197.134.1
kernel-default-debugsource-4.12.14-150100.197.134.1
kernel-default-devel-4.12.14-150100.197.134.1
kernel-default-devel-debuginfo-4.12.14-150100.197.134.1
kernel-obs-build-4.12.14-150100.197.134.1
kernel-obs-build-debugsource-4.12.14-150100.197.134.1
kernel-syms-4.12.14-150100.197.134.1
reiserfs-kmp-default-4.12.14-150100.197.134.1
reiserfs-kmp-default-debuginfo-4.12.14-150100.197.134.1
- SUSE Linux Enterprise Server 15-SP1-LTSS (noarch):
kernel-devel-4.12.14-150100.197.134.1
kernel-docs-4.12.14-150100.197.134.1
kernel-macros-4.12.14-150100.197.134.1
kernel-source-4.12.14-150100.197.134.1
- SUSE Linux Enterprise Server 15-SP1-LTSS (s390x):
kernel-default-man-4.12.14-150100.197.134.1
kernel-zfcpdump-debuginfo-4.12.14-150100.197.134.1
kernel-zfcpdump-debugsource-4.12.14-150100.197.134.1
- SUSE Linux Enterprise Module for Live Patching 15-SP1 (ppc64le x86_64):
kernel-default-debuginfo-4.12.14-150100.197.134.1
kernel-default-debugsource-4.12.14-150100.197.134.1
kernel-default-livepatch-4.12.14-150100.197.134.1
kernel-default-livepatch-devel-4.12.14-150100.197.134.1
kernel-livepatch-4_12_14-150100_197_134-default-1-150100.3.3.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (aarch64 x86_64):
kernel-default-4.12.14-150100.197.134.1
kernel-default-base-4.12.14-150100.197.134.1
kernel-default-base-debuginfo-4.12.14-150100.197.134.1
kernel-default-debuginfo-4.12.14-150100.197.134.1
kernel-default-debugsource-4.12.14-150100.197.134.1
kernel-default-devel-4.12.14-150100.197.134.1
kernel-default-devel-debuginfo-4.12.14-150100.197.134.1
kernel-obs-build-4.12.14-150100.197.134.1
kernel-obs-build-debugsource-4.12.14-150100.197.134.1
kernel-syms-4.12.14-150100.197.134.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (noarch):
kernel-devel-4.12.14-150100.197.134.1
kernel-docs-4.12.14-150100.197.134.1
kernel-macros-4.12.14-150100.197.134.1
kernel-source-4.12.14-150100.197.134.1
- SUSE Linux Enterprise High Availability 15-SP1 (aarch64 ppc64le s390x x86_64):
cluster-md-kmp-default-4.12.14-150100.197.134.1
cluster-md-kmp-default-debuginfo-4.12.14-150100.197.134.1
dlm-kmp-default-4.12.14-150100.197.134.1
dlm-kmp-default-debuginfo-4.12.14-150100.197.134.1
gfs2-kmp-default-4.12.14-150100.197.134.1
gfs2-kmp-default-debuginfo-4.12.14-150100.197.134.1
kernel-default-debuginfo-4.12.14-150100.197.134.1
kernel-default-debugsource-4.12.14-150100.197.134.1
ocfs2-kmp-default-4.12.14-150100.197.134.1
ocfs2-kmp-default-debuginfo-4.12.14-150100.197.134.1
- SUSE CaaS Platform 4.0 (x86_64):
kernel-default-4.12.14-150100.197.134.1
kernel-default-base-4.12.14-150100.197.134.1
kernel-default-base-debuginfo-4.12.14-150100.197.134.1
kernel-default-debuginfo-4.12.14-150100.197.134.1
kernel-default-debugsource-4.12.14-150100.197.134.1
kernel-default-devel-4.12.14-150100.197.134.1
kernel-default-devel-debuginfo-4.12.14-150100.197.134.1
kernel-obs-build-4.12.14-150100.197.134.1
kernel-obs-build-debugsource-4.12.14-150100.197.134.1
kernel-syms-4.12.14-150100.197.134.1
reiserfs-kmp-default-4.12.14-150100.197.134.1
reiserfs-kmp-default-debuginfo-4.12.14-150100.197.134.1
- SUSE CaaS Platform 4.0 (noarch):
kernel-devel-4.12.14-150100.197.134.1
kernel-docs-4.12.14-150100.197.134.1
kernel-macros-4.12.14-150100.197.134.1
kernel-source-4.12.14-150100.197.134.1
References:
https://www.suse.com/security/cve/CVE-2022-3107.html
https://www.suse.com/security/cve/CVE-2022-3108.html
https://www.suse.com/security/cve/CVE-2022-3564.html
https://www.suse.com/security/cve/CVE-2022-4662.html
https://www.suse.com/security/cve/CVE-2022-47929.html
https://www.suse.com/security/cve/CVE-2023-23454.html
https://bugzilla.suse.com/1203693
https://bugzilla.suse.com/1205149
https://bugzilla.suse.com/1206073
https://bugzilla.suse.com/1206389
https://bugzilla.suse.com/1206395
https://bugzilla.suse.com/1206664
https://bugzilla.suse.com/1206677
https://bugzilla.suse.com/1206784
https://bugzilla.suse.com/1207036
https://bugzilla.suse.com/1207186
https://bugzilla.suse.com/1207237
1
0
SUSE-SU-2023:0409-1: important: Security update for the Linux Kernel
by opensuse-security@opensuse.org 14 Feb '23
by opensuse-security@opensuse.org 14 Feb '23
14 Feb '23
SUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________
Announcement ID: SUSE-SU-2023:0409-1
Rating: important
References: #1195175 #1204502 #1206677 #1207034 #1207497
#1207508 #1207769 #1207878
Cross-References: CVE-2022-3606 CVE-2023-0179
CVSS scores:
CVE-2022-3606 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3606 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2023-0179 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products:
SUSE Enterprise Storage 7.1
SUSE Linux Enterprise High Availability 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP3-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP3-LTSS
SUSE Linux Enterprise Micro 5.1
SUSE Linux Enterprise Micro 5.2
SUSE Linux Enterprise Module for Live Patching 15-SP3
SUSE Linux Enterprise Realtime Extension 15-SP3
SUSE Linux Enterprise Server 15-SP3-LTSS
SUSE Linux Enterprise Server for SAP 15-SP3
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.4
openSUSE Leap Micro 5.2
______________________________________________________________________________
An update that solves two vulnerabilities and has 6 fixes
is now available.
Description:
The SUSE Linux Enterprise 15 SP3 LTSS kernel was updated to receive
various security and bugfixes.
The following security bugs were fixed:
- CVE-2022-3606: Fixed a null pointer dereference inside the function
find_prog_by_sec_insn of the file tools/lib/bpf/libbpf.c of the
component BPF (bnc#1204502).
- CVE-2023-0179: Fixed incorrect arithmetics when fetching VLAN header
bits (bsc#1207034).
The following non-security bugs were fixed:
- KVM: VMX: fix crash cleanup when KVM wasn't used (bsc#1207508).
- RDMA/core: Fix ib block iterator counter overflow (bsc#1207878).
- bcache: fix set_at_max_writeback_rate() for multiple attached devices
(git-fixes).
- blktrace: Fix output non-blktrace event when blk_classic option enabled
(git-fixes).
- blktrace: ensure our debugfs dir exists (git-fixes).
- dm btree: add a defensive bounds check to insert_at() (git-fixes).
- dm cache: Fix ABBA deadlock between shrink_slab and
dm_cache_metadata_abort (git-fixes).
- dm cache: Fix UAF in destroy() (git-fixes).
- dm cache: set needs_check flag after aborting metadata (git-fixes).
- dm clone: Fix UAF in clone_dtr() (git-fixes).
- dm integrity: Fix UAF in dm_integrity_dtr() (git-fixes).
- dm integrity: fix flush with external metadata device (git-fixes).
- dm integrity: flush the journal on suspend (git-fixes).
- dm integrity: select CRYPTO_SKCIPHER (git-fixes).
- dm ioctl: fix misbehavior if list_versions races with module loading
(git-fixes).
- dm ioctl: prevent potential spectre v1 gadget (git-fixes).
- dm space map common: add bounds check to sm_ll_lookup_bitmap()
(git-fixes).
- dm space maps: do not reset space map allocation cursor when committing
(git-fixes).
- dm table: Remove BUG_ON(in_interrupt()) (git-fixes).
- dm thin: Fix ABBA deadlock between shrink_slab and
dm_pool_abort_metadata (git-fixes).
- dm thin: Fix UAF in run_timer_softirq() (git-fixes).
- dm thin: Use last transaction's pmd->root when commit failed (git-fixes).
- dm thin: resume even if in FAIL mode (git-fixes).
- dm verity: fix require_signatures module_param permissions (git-fixes).
- dm verity: skip verity work if I/O error when system is shutting down
(git-fixes).
- drivers:md:fix a potential use-after-free bug (git-fixes).
- kabi/severities: add mlx5 internal symbols
- loop: unset GENHD_FL_NO_PART_SCAN on LOOP_CONFIGURE (git-fixes).
- loop: use sysfs_emit() in the sysfs xxx show() (git-fixes).
- md/raid5: Wait for MD_SB_CHANGE_PENDING in raid5d (git-fixes).
- md: Flush workqueue md_rdev_misc_wq in md_alloc() (git-fixes).
- md: Notify sysfs sync_completed in md_reap_sync_thread() (git-fixes).
- md: protect md_unregister_thread from reentrancy (git-fixes).
- mm: /proc/pid/smaps_rollup: fix no vma's null-deref (bsc#1207769).
- nbd: Fix hung on disconnect request if socket is closed before
(git-fixes).
- nbd: Fix hung when signal interrupts nbd_start_device_ioctl()
(git-fixes).
- nbd: Fix incorrect error handle when first_minor is illegal in
nbd_dev_add (git-fixes).
- nbd: call genl_unregister_family() first in nbd_cleanup() (git-fixes).
- nbd: fix io hung while disconnecting device (git-fixes).
- nbd: fix max value for 'first_minor' (git-fixes).
- nbd: fix race between nbd_alloc_config() and module removal (git-fixes).
- nbd: make the config put is called before the notifying the waiter
(git-fixes).
- nbd: restore default timeout when setting it to zero (git-fixes).
- net/mlx5: Allocate individual capability (bsc#1195175).
- net/mlx5: Dynamically resize flow counters query buffer (bsc#1195175).
- net/mlx5: Fix flow counters SF bulk query len (bsc#1195175).
- net/mlx5: Reduce flow counters bulk query buffer size for SFs
(bsc#1195175).
- net/mlx5: Reorganize current and maximal capabilities to be per-type
(bsc#1195175).
- net/mlx5: Use order-0 allocations for EQs (bsc#1195175).
- null_blk: fix ida error handling in null_add_dev() (git-fixes).
- rbd: work around -Wuninitialized warning (git-fixes).
- scsi: 3w-9xxx: Avoid disabling device if failing to enable it
(git-fixes).
- scsi: BusLogic: Fix 64-bit system enumeration error for Buslogic
(git-fixes).
- scsi: NCR5380: Add disconnect_mask module parameter (git-fixes).
- scsi: Revert "scsi: qla2xxx: Fix disk failure to rediscover" (git-fixes).
- scsi: advansys: Fix kernel pointer leak (git-fixes).
- scsi: aha152x: Fix aha152x_setup() __setup handler return value
(git-fixes).
- scsi: aic7xxx: Adjust indentation in ahc_find_syncrate (git-fixes).
- scsi: aic7xxx: Fix unintentional sign extension issue on left shift of
u8 (git-fixes).
- scsi: atari_scsi: sun3_scsi: Set sg_tablesize to 1 instead of SG_NONE
(git-fixes).
- scsi: bfa: Replace snprintf() with sysfs_emit() (git-fixes).
- scsi: bnx2fc: Return failure if io_req is already in ABTS processing
(git-fixes).
- scsi: core: Avoid printing an error if target_alloc() returns -ENXIO
(git-fixes).
- scsi: core: Cap scsi_host cmd_per_lun at can_queue (git-fixes).
- scsi: core: Do not start concurrent async scan on same host (git-fixes).
- scsi: core: Fix a race between scsi_done() and scsi_timeout()
(git-fixes).
- scsi: core: Fix capacity set to zero after offlinining device
(git-fixes).
- scsi: core: Fix hang of freezing queue between blocking and running
device (git-fixes).
- scsi: core: Fix shost->cmd_per_lun calculation in
scsi_add_host_with_dma() (git-fixes).
- scsi: core: Restrict legal sdev_state transitions via sysfs (git-fixes).
- scsi: core: free sgtables in case command setup fails (git-fixes).
- scsi: core: sysfs: Fix hang when device state is set via sysfs
(git-fixes).
- scsi: core: sysfs: Fix setting device state to SDEV_RUNNING (git-fixes).
- scsi: cxlflash: Fix error return code in cxlflash_probe() (git-fixes).
- scsi: fcoe: Fix possible name leak when device_register() fails
(git-fixes).
- scsi: fcoe: Fix transport not deattached when fcoe_if_init() fails
(git-fixes).
- scsi: fnic: Fix memleak in vnic_dev_init_devcmd2 (git-fixes).
- scsi: fnic: fix use after free (git-fixes).
- scsi: hisi_sas: Check sas_port before using it (git-fixes).
- scsi: hisi_sas: Do not reset phy timer to wait for stray phy up
(git-fixes).
- scsi: hisi_sas: Drop free_irq() of devm_request_irq() allocated irq
(git-fixes).
- scsi: hisi_sas: Propagate errors in interrupt_init_v1_hw() (git-fixes).
- scsi: hisi_sas: Replace in_softirq() check in hisi_sas_task_exec()
(git-fixes).
- scsi: hpsa: Fix error handling in hpsa_add_sas_host() (git-fixes).
- scsi: hpsa: Fix memory leak in hpsa_init_one() (git-fixes).
- scsi: hpsa: Fix possible memory leak in hpsa_add_sas_device()
(git-fixes).
- scsi: hpsa: Fix possible memory leak in hpsa_init_one() (git-fixes).
- scsi: ipr: Fix WARNING in ipr_init() (git-fixes).
- scsi: ipr: Fix missing/incorrect resource cleanup in error case
(git-fixes).
- scsi: iscsi: Add iscsi_cls_conn refcount helpers (git-fixes).
- scsi: iscsi: Avoid potential deadlock in iscsi_if_rx func (git-fixes).
- scsi: iscsi: Do not destroy session if there are outstanding connections
(git-fixes).
- scsi: iscsi: Do not put host in iscsi_set_flashnode_param() (git-fixes).
- scsi: iscsi: Do not send data to unbound connection (git-fixes).
- scsi: iscsi: Fix reference count leak in iscsi_boot_create_kobj
(git-fixes).
- scsi: iscsi: Fix shost->max_id use (git-fixes).
- scsi: iscsi: Report unbind session event when the target has been
removed (git-fixes).
- scsi: iscsi: Unblock session then wake up error handler (git-fixes).
- scsi: libfc: Fix a format specifier (git-fixes).
- scsi: libfc: Fix use after free in fc_exch_abts_resp() (git-fixes).
- scsi: libiscsi: Fix UAF in iscsi_conn_get_param()/iscsi_conn_teardown()
(git-fixes).
- scsi: libiscsi: Fix iscsi_prep_scsi_cmd_pdu() error handling (git-fixes).
- scsi: libsas: Add LUN number check in .slave_alloc callback (git-fixes).
- scsi: megaraid: Fix error check return value of register_chrdev()
(git-fixes).
- scsi: megaraid_mm: Fix end of loop tests for list_for_each_entry()
(git-fixes).
- scsi: megaraid_sas: Fix double kfree() (git-fixes).
- scsi: megaraid_sas: Fix resource leak in case of probe failure
(git-fixes).
- scsi: megaraid_sas: Handle missing interrupts while re-enabling IRQs
(git-fixes).
- scsi: mpi3mr: Refer CONFIG_SCSI_MPI3MR in Makefile (git-fixes).
- scsi: mpt3sas: Block PCI config access from userspace during reset
(git-fixes).
- scsi: mpt3sas: Fix possible resource leaks in
mpt3sas_transport_port_add() (git-fixes).
- scsi: mpt3sas: Fix timeouts observed while reenabling IRQ (git-fixes).
- scsi: mpt3sas: Increase IOCInit request timeout to 30s (git-fixes).
- scsi: mvsas: Add PCI ID of RocketRaid 2640 (git-fixes).
- scsi: mvsas: Replace snprintf() with sysfs_emit() (git-fixes).
- scsi: mvumi: Fix error return in mvumi_io_attach() (git-fixes).
- scsi: myrb: Fix up null pointer access on myrb_cleanup() (git-fixes).
- scsi: myrs: Fix crash in error case (git-fixes).
- scsi: pm8001: Fix pm8001_mpi_task_abort_resp() (git-fixes).
- scsi: pm: Balance pm_only counter of request queue during system resume
(git-fixes).
- scsi: pmcraid: Fix missing resource cleanup in error case (git-fixes).
- scsi: qedf: Add check to synchronize abort and flush (git-fixes).
- scsi: qedf: Fix a UAF bug in __qedf_probe() (git-fixes).
- scsi: qedf: Fix refcount issue when LOGO is received during TMF
(git-fixes).
- scsi: qedf: Return SUCCESS if stale rport is encountered (git-fixes).
- scsi: qedi: Fix failed disconnect handling (git-fixes).
- scsi: qedi: Fix list_del corruption while removing active I/O
(git-fixes).
- scsi: qedi: Fix null ref during abort handling (git-fixes).
- scsi: qedi: Protect active command list to avoid list corruption
(git-fixes).
- scsi: scsi_debug: Fix a warning in resp_write_scat() (git-fixes).
- scsi: scsi_debug: Fix possible UAF in sdebug_add_host_helper()
(git-fixes).
- scsi: scsi_debug: Fix possible name leak in sdebug_add_host_helper()
(git-fixes).
- scsi: scsi_debug: num_tgts must be >= 0 (git-fixes).
- scsi: scsi_dh_alua: Check for negative result value (git-fixes).
- scsi: scsi_dh_alua: Fix signedness bug in alua_rtpg() (git-fixes).
- scsi: scsi_dh_alua: Remove check for ASC 24h in alua_rtpg() (git-fixes).
- scsi: scsi_dh_rdac: Avoid crash during rdac_bus_attach() (git-fixes).
- scsi: scsi_transport_spi: Fix function pointer check (git-fixes).
- scsi: scsi_transport_spi: Set RQF_PM for domain validation commands
(git-fixes).
- scsi: sd: Free scsi_disk device via put_device() (git-fixes).
- scsi: sd: Suppress spurious errors when WRITE SAME is being disabled
(git-fixes).
- scsi: ses: Fix unsigned comparison with less than zero (git-fixes).
- scsi: ses: Retry failed Send/Receive Diagnostic commands (git-fixes).
- scsi: snic: Fix possible UAF in snic_tgt_create() (git-fixes).
- scsi: sr: Do not use GFP_DMA (git-fixes).
- scsi: sr: Fix sr_probe() missing deallocate of device minor (git-fixes).
- scsi: sr: Return appropriate error code when disk is ejected (git-fixes).
- scsi: sr: Return correct event when media event code is 3 (git-fixes).
- scsi: st: Fix a use after free in st_open() (git-fixes).
- scsi: ufs-pci: Ensure UFS device is in PowerDown mode for
suspend-to-disk ->poweroff() (git-fixes).
- scsi: ufs: Add DELAY_BEFORE_LPM quirk for Micron devices (git-fixes).
- scsi: ufs: Clean up completed request without interrupt notification
(git-fixes).
- scsi: ufs: Fix a race condition in the tracing code (git-fixes).
- scsi: ufs: Fix error handing during hibern8 enter (git-fixes).
- scsi: ufs: Fix illegal offset in UPIU event trace (git-fixes).
- scsi: ufs: Fix interrupt error message for shared interrupts (git-fixes).
- scsi: ufs: Fix irq return code (git-fixes).
- scsi: ufs: Fix possible infinite loop in ufshcd_hold (git-fixes).
- scsi: ufs: Fix tm request when non-fatal error happens (git-fixes).
- scsi: ufs: Fix unbalanced scsi_block_reqs_cnt caused by ufshcd_hold()
(git-fixes).
- scsi: ufs: Fix up auto hibern8 enablement (git-fixes).
- scsi: ufs: Fix wrong print message in dev_err() (git-fixes).
- scsi: ufs: Improve interrupt handling for shared interrupts (git-fixes).
- scsi: ufs: Make sure clk scaling happens only when HBA is runtime ACTIVE
(git-fixes).
- scsi: ufs: Make ufshcd_add_command_trace() easier to read (git-fixes).
- scsi: ufs: fix potential bug which ends in system hang (git-fixes).
- scsi: ufs: ufs-qcom: Fix race conditions caused by
ufs_qcom_testbus_config() (git-fixes).
- scsi: virtio_scsi: Fix spelling mistake "Unsupport" -> "Unsupported"
(git-fixes).
- scsi: vmw_pvscsi: Expand vcpuHint to 16 bits (git-fixes).
- scsi: vmw_pvscsi: Set correct residual data length (git-fixes).
- scsi: vmw_pvscsi: Set residual data length conditionally (git-fixes).
- sctp: fail if no bound addresses can be used for a given scope
(bsc#1206677).
- watchdog: diag288_wdt: do not use stack buffers for hardware data
(bsc#1207497).
- watchdog: diag288_wdt: fix __diag288() inline assembly (bsc#1207497).
Special Instructions and Notes:
Please reboot the system after installing this update.
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap Micro 5.2:
zypper in -t patch openSUSE-Leap-Micro-5.2-2023-409=1
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2023-409=1
- SUSE Manager Server 4.2:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.2-2023-409=1
- SUSE Manager Retail Branch Server 4.2:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.2-2023-409=1
- SUSE Manager Proxy 4.2:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.2-2023-409=1
- SUSE Linux Enterprise Server for SAP 15-SP3:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2023-409=1
- SUSE Linux Enterprise Server 15-SP3-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2023-409=1
- SUSE Linux Enterprise Realtime Extension 15-SP3:
zypper in -t patch SUSE-SLE-Product-RT-15-SP3-2023-409=1
- SUSE Linux Enterprise Module for Live Patching 15-SP3:
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2023-409=1
Please note that this is the initial kernel livepatch without fixes
itself, this livepatch package is later updated by seperate standalone
livepatch updates.
- SUSE Linux Enterprise Micro 5.2:
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2023-409=1
- SUSE Linux Enterprise Micro 5.1:
zypper in -t patch SUSE-SUSE-MicroOS-5.1-2023-409=1
- SUSE Linux Enterprise High Performance Computing 15-SP3-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2023-409=1
- SUSE Linux Enterprise High Performance Computing 15-SP3-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-ESPOS-2023-409=1
- SUSE Linux Enterprise High Availability 15-SP3:
zypper in -t patch SUSE-SLE-Product-HA-15-SP3-2023-409=1
- SUSE Enterprise Storage 7.1:
zypper in -t patch SUSE-Storage-7.1-2023-409=1
Package List:
- openSUSE Leap Micro 5.2 (aarch64 x86_64):
kernel-default-5.3.18-150300.59.112.1
kernel-default-base-5.3.18-150300.59.112.1.150300.18.64.1
kernel-default-debuginfo-5.3.18-150300.59.112.1
kernel-default-debugsource-5.3.18-150300.59.112.1
- openSUSE Leap 15.4 (aarch64):
dtb-al-5.3.18-150300.59.112.1
dtb-zte-5.3.18-150300.59.112.1
- SUSE Manager Server 4.2 (ppc64le s390x x86_64):
kernel-default-5.3.18-150300.59.112.1
kernel-default-base-5.3.18-150300.59.112.1.150300.18.64.1
kernel-default-debuginfo-5.3.18-150300.59.112.1
kernel-default-debugsource-5.3.18-150300.59.112.1
kernel-default-devel-5.3.18-150300.59.112.1
kernel-default-devel-debuginfo-5.3.18-150300.59.112.1
- SUSE Manager Server 4.2 (x86_64):
kernel-preempt-5.3.18-150300.59.112.1
kernel-preempt-debuginfo-5.3.18-150300.59.112.1
kernel-preempt-debugsource-5.3.18-150300.59.112.1
- SUSE Manager Server 4.2 (noarch):
kernel-devel-5.3.18-150300.59.112.1
kernel-macros-5.3.18-150300.59.112.1
- SUSE Manager Server 4.2 (s390x):
kernel-zfcpdump-5.3.18-150300.59.112.1
kernel-zfcpdump-debuginfo-5.3.18-150300.59.112.1
kernel-zfcpdump-debugsource-5.3.18-150300.59.112.1
- SUSE Manager Retail Branch Server 4.2 (x86_64):
kernel-default-5.3.18-150300.59.112.1
kernel-default-base-5.3.18-150300.59.112.1.150300.18.64.1
kernel-default-debuginfo-5.3.18-150300.59.112.1
kernel-default-debugsource-5.3.18-150300.59.112.1
kernel-default-devel-5.3.18-150300.59.112.1
kernel-default-devel-debuginfo-5.3.18-150300.59.112.1
kernel-preempt-5.3.18-150300.59.112.1
kernel-preempt-debuginfo-5.3.18-150300.59.112.1
kernel-preempt-debugsource-5.3.18-150300.59.112.1
- SUSE Manager Retail Branch Server 4.2 (noarch):
kernel-devel-5.3.18-150300.59.112.1
kernel-macros-5.3.18-150300.59.112.1
- SUSE Manager Proxy 4.2 (noarch):
kernel-devel-5.3.18-150300.59.112.1
kernel-macros-5.3.18-150300.59.112.1
- SUSE Manager Proxy 4.2 (x86_64):
kernel-default-5.3.18-150300.59.112.1
kernel-default-base-5.3.18-150300.59.112.1.150300.18.64.1
kernel-default-debuginfo-5.3.18-150300.59.112.1
kernel-default-debugsource-5.3.18-150300.59.112.1
kernel-default-devel-5.3.18-150300.59.112.1
kernel-default-devel-debuginfo-5.3.18-150300.59.112.1
kernel-preempt-5.3.18-150300.59.112.1
kernel-preempt-debuginfo-5.3.18-150300.59.112.1
kernel-preempt-debugsource-5.3.18-150300.59.112.1
- SUSE Linux Enterprise Server for SAP 15-SP3 (ppc64le x86_64):
kernel-default-5.3.18-150300.59.112.1
kernel-default-base-5.3.18-150300.59.112.1.150300.18.64.1
kernel-default-debuginfo-5.3.18-150300.59.112.1
kernel-default-debugsource-5.3.18-150300.59.112.1
kernel-default-devel-5.3.18-150300.59.112.1
kernel-default-devel-debuginfo-5.3.18-150300.59.112.1
kernel-obs-build-5.3.18-150300.59.112.1
kernel-obs-build-debugsource-5.3.18-150300.59.112.1
kernel-syms-5.3.18-150300.59.112.1
reiserfs-kmp-default-5.3.18-150300.59.112.1
reiserfs-kmp-default-debuginfo-5.3.18-150300.59.112.1
- SUSE Linux Enterprise Server for SAP 15-SP3 (noarch):
kernel-devel-5.3.18-150300.59.112.1
kernel-docs-5.3.18-150300.59.112.1
kernel-macros-5.3.18-150300.59.112.1
kernel-source-5.3.18-150300.59.112.1
- SUSE Linux Enterprise Server for SAP 15-SP3 (x86_64):
kernel-preempt-5.3.18-150300.59.112.1
kernel-preempt-debuginfo-5.3.18-150300.59.112.1
kernel-preempt-debugsource-5.3.18-150300.59.112.1
kernel-preempt-devel-5.3.18-150300.59.112.1
kernel-preempt-devel-debuginfo-5.3.18-150300.59.112.1
- SUSE Linux Enterprise Server 15-SP3-LTSS (aarch64 ppc64le s390x x86_64):
kernel-default-5.3.18-150300.59.112.1
kernel-default-base-5.3.18-150300.59.112.1.150300.18.64.1
kernel-default-debuginfo-5.3.18-150300.59.112.1
kernel-default-debugsource-5.3.18-150300.59.112.1
kernel-default-devel-5.3.18-150300.59.112.1
kernel-default-devel-debuginfo-5.3.18-150300.59.112.1
kernel-obs-build-5.3.18-150300.59.112.1
kernel-obs-build-debugsource-5.3.18-150300.59.112.1
kernel-syms-5.3.18-150300.59.112.1
reiserfs-kmp-default-5.3.18-150300.59.112.1
reiserfs-kmp-default-debuginfo-5.3.18-150300.59.112.1
- SUSE Linux Enterprise Server 15-SP3-LTSS (aarch64 x86_64):
kernel-preempt-5.3.18-150300.59.112.1
kernel-preempt-debuginfo-5.3.18-150300.59.112.1
kernel-preempt-debugsource-5.3.18-150300.59.112.1
kernel-preempt-devel-5.3.18-150300.59.112.1
kernel-preempt-devel-debuginfo-5.3.18-150300.59.112.1
- SUSE Linux Enterprise Server 15-SP3-LTSS (aarch64):
kernel-64kb-5.3.18-150300.59.112.1
kernel-64kb-debuginfo-5.3.18-150300.59.112.1
kernel-64kb-debugsource-5.3.18-150300.59.112.1
kernel-64kb-devel-5.3.18-150300.59.112.1
kernel-64kb-devel-debuginfo-5.3.18-150300.59.112.1
- SUSE Linux Enterprise Server 15-SP3-LTSS (noarch):
kernel-devel-5.3.18-150300.59.112.1
kernel-docs-5.3.18-150300.59.112.1
kernel-macros-5.3.18-150300.59.112.1
kernel-source-5.3.18-150300.59.112.1
- SUSE Linux Enterprise Server 15-SP3-LTSS (s390x):
kernel-zfcpdump-5.3.18-150300.59.112.1
kernel-zfcpdump-debuginfo-5.3.18-150300.59.112.1
kernel-zfcpdump-debugsource-5.3.18-150300.59.112.1
- SUSE Linux Enterprise Realtime Extension 15-SP3 (x86_64):
kernel-default-5.3.18-150300.59.112.1
kernel-default-base-5.3.18-150300.59.112.1.150300.18.64.1
kernel-default-debuginfo-5.3.18-150300.59.112.1
kernel-default-debugsource-5.3.18-150300.59.112.1
kernel-default-devel-5.3.18-150300.59.112.1
kernel-default-devel-debuginfo-5.3.18-150300.59.112.1
kernel-obs-build-5.3.18-150300.59.112.1
kernel-obs-build-debugsource-5.3.18-150300.59.112.1
kernel-preempt-5.3.18-150300.59.112.1
kernel-preempt-debuginfo-5.3.18-150300.59.112.1
kernel-preempt-debugsource-5.3.18-150300.59.112.1
kernel-preempt-devel-5.3.18-150300.59.112.1
kernel-preempt-devel-debuginfo-5.3.18-150300.59.112.1
kernel-syms-5.3.18-150300.59.112.1
- SUSE Linux Enterprise Realtime Extension 15-SP3 (noarch):
kernel-devel-5.3.18-150300.59.112.1
kernel-docs-5.3.18-150300.59.112.1
kernel-macros-5.3.18-150300.59.112.1
kernel-source-5.3.18-150300.59.112.1
- SUSE Linux Enterprise Module for Live Patching 15-SP3 (ppc64le s390x x86_64):
kernel-default-debuginfo-5.3.18-150300.59.112.1
kernel-default-debugsource-5.3.18-150300.59.112.1
kernel-default-livepatch-5.3.18-150300.59.112.1
kernel-default-livepatch-devel-5.3.18-150300.59.112.1
kernel-livepatch-5_3_18-150300_59_112-default-1-150300.7.3.1
- SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64):
kernel-default-5.3.18-150300.59.112.1
kernel-default-base-5.3.18-150300.59.112.1.150300.18.64.1
kernel-default-debuginfo-5.3.18-150300.59.112.1
kernel-default-debugsource-5.3.18-150300.59.112.1
- SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64):
kernel-default-5.3.18-150300.59.112.1
kernel-default-base-5.3.18-150300.59.112.1.150300.18.64.1
kernel-default-debuginfo-5.3.18-150300.59.112.1
kernel-default-debugsource-5.3.18-150300.59.112.1
- SUSE Linux Enterprise High Performance Computing 15-SP3-LTSS (aarch64 x86_64):
kernel-default-5.3.18-150300.59.112.1
kernel-default-base-5.3.18-150300.59.112.1.150300.18.64.1
kernel-default-debuginfo-5.3.18-150300.59.112.1
kernel-default-debugsource-5.3.18-150300.59.112.1
kernel-default-devel-5.3.18-150300.59.112.1
kernel-default-devel-debuginfo-5.3.18-150300.59.112.1
kernel-obs-build-5.3.18-150300.59.112.1
kernel-obs-build-debugsource-5.3.18-150300.59.112.1
kernel-preempt-5.3.18-150300.59.112.1
kernel-preempt-debuginfo-5.3.18-150300.59.112.1
kernel-preempt-debugsource-5.3.18-150300.59.112.1
kernel-preempt-devel-5.3.18-150300.59.112.1
kernel-preempt-devel-debuginfo-5.3.18-150300.59.112.1
kernel-syms-5.3.18-150300.59.112.1
reiserfs-kmp-default-5.3.18-150300.59.112.1
reiserfs-kmp-default-debuginfo-5.3.18-150300.59.112.1
- SUSE Linux Enterprise High Performance Computing 15-SP3-LTSS (aarch64):
kernel-64kb-5.3.18-150300.59.112.1
kernel-64kb-debuginfo-5.3.18-150300.59.112.1
kernel-64kb-debugsource-5.3.18-150300.59.112.1
kernel-64kb-devel-5.3.18-150300.59.112.1
kernel-64kb-devel-debuginfo-5.3.18-150300.59.112.1
- SUSE Linux Enterprise High Performance Computing 15-SP3-LTSS (noarch):
kernel-devel-5.3.18-150300.59.112.1
kernel-docs-5.3.18-150300.59.112.1
kernel-macros-5.3.18-150300.59.112.1
kernel-source-5.3.18-150300.59.112.1
- SUSE Linux Enterprise High Performance Computing 15-SP3-ESPOS (aarch64 x86_64):
kernel-default-5.3.18-150300.59.112.1
kernel-default-base-5.3.18-150300.59.112.1.150300.18.64.1
kernel-default-debuginfo-5.3.18-150300.59.112.1
kernel-default-debugsource-5.3.18-150300.59.112.1
kernel-default-devel-5.3.18-150300.59.112.1
kernel-default-devel-debuginfo-5.3.18-150300.59.112.1
kernel-obs-build-5.3.18-150300.59.112.1
kernel-obs-build-debugsource-5.3.18-150300.59.112.1
kernel-preempt-5.3.18-150300.59.112.1
kernel-preempt-debuginfo-5.3.18-150300.59.112.1
kernel-preempt-debugsource-5.3.18-150300.59.112.1
kernel-preempt-devel-5.3.18-150300.59.112.1
kernel-preempt-devel-debuginfo-5.3.18-150300.59.112.1
kernel-syms-5.3.18-150300.59.112.1
reiserfs-kmp-default-5.3.18-150300.59.112.1
reiserfs-kmp-default-debuginfo-5.3.18-150300.59.112.1
- SUSE Linux Enterprise High Performance Computing 15-SP3-ESPOS (aarch64):
kernel-64kb-5.3.18-150300.59.112.1
kernel-64kb-debuginfo-5.3.18-150300.59.112.1
kernel-64kb-debugsource-5.3.18-150300.59.112.1
kernel-64kb-devel-5.3.18-150300.59.112.1
kernel-64kb-devel-debuginfo-5.3.18-150300.59.112.1
- SUSE Linux Enterprise High Performance Computing 15-SP3-ESPOS (noarch):
kernel-devel-5.3.18-150300.59.112.1
kernel-docs-5.3.18-150300.59.112.1
kernel-macros-5.3.18-150300.59.112.1
kernel-source-5.3.18-150300.59.112.1
- SUSE Linux Enterprise High Availability 15-SP3 (aarch64 ppc64le s390x x86_64):
cluster-md-kmp-default-5.3.18-150300.59.112.1
cluster-md-kmp-default-debuginfo-5.3.18-150300.59.112.1
dlm-kmp-default-5.3.18-150300.59.112.1
dlm-kmp-default-debuginfo-5.3.18-150300.59.112.1
gfs2-kmp-default-5.3.18-150300.59.112.1
gfs2-kmp-default-debuginfo-5.3.18-150300.59.112.1
kernel-default-debuginfo-5.3.18-150300.59.112.1
kernel-default-debugsource-5.3.18-150300.59.112.1
ocfs2-kmp-default-5.3.18-150300.59.112.1
ocfs2-kmp-default-debuginfo-5.3.18-150300.59.112.1
- SUSE Enterprise Storage 7.1 (aarch64 x86_64):
kernel-default-5.3.18-150300.59.112.1
kernel-default-base-5.3.18-150300.59.112.1.150300.18.64.1
kernel-default-debuginfo-5.3.18-150300.59.112.1
kernel-default-debugsource-5.3.18-150300.59.112.1
kernel-default-devel-5.3.18-150300.59.112.1
kernel-default-devel-debuginfo-5.3.18-150300.59.112.1
kernel-obs-build-5.3.18-150300.59.112.1
kernel-obs-build-debugsource-5.3.18-150300.59.112.1
kernel-preempt-5.3.18-150300.59.112.1
kernel-preempt-debuginfo-5.3.18-150300.59.112.1
kernel-preempt-debugsource-5.3.18-150300.59.112.1
kernel-preempt-devel-5.3.18-150300.59.112.1
kernel-preempt-devel-debuginfo-5.3.18-150300.59.112.1
kernel-syms-5.3.18-150300.59.112.1
reiserfs-kmp-default-5.3.18-150300.59.112.1
reiserfs-kmp-default-debuginfo-5.3.18-150300.59.112.1
- SUSE Enterprise Storage 7.1 (aarch64):
kernel-64kb-5.3.18-150300.59.112.1
kernel-64kb-debuginfo-5.3.18-150300.59.112.1
kernel-64kb-debugsource-5.3.18-150300.59.112.1
kernel-64kb-devel-5.3.18-150300.59.112.1
kernel-64kb-devel-debuginfo-5.3.18-150300.59.112.1
- SUSE Enterprise Storage 7.1 (noarch):
kernel-devel-5.3.18-150300.59.112.1
kernel-docs-5.3.18-150300.59.112.1
kernel-macros-5.3.18-150300.59.112.1
kernel-source-5.3.18-150300.59.112.1
References:
https://www.suse.com/security/cve/CVE-2022-3606.html
https://www.suse.com/security/cve/CVE-2023-0179.html
https://bugzilla.suse.com/1195175
https://bugzilla.suse.com/1204502
https://bugzilla.suse.com/1206677
https://bugzilla.suse.com/1207034
https://bugzilla.suse.com/1207497
https://bugzilla.suse.com/1207508
https://bugzilla.suse.com/1207769
https://bugzilla.suse.com/1207878
1
0
SUSE-SU-2023:0411-1: critical: Security update for haproxy
by opensuse-security@opensuse.org 14 Feb '23
by opensuse-security@opensuse.org 14 Feb '23
14 Feb '23
SUSE Security Update: Security update for haproxy
______________________________________________________________________________
Announcement ID: SUSE-SU-2023:0411-1
Rating: critical
References: #1208132
Cross-References: CVE-2023-25725
CVSS scores:
CVE-2023-25725 (SUSE): 9.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:L
Affected Products:
SUSE Linux Enterprise High Availability 15-SP4
SUSE Linux Enterprise Micro 5.3
openSUSE Leap 15.4
openSUSE Leap Micro 5.3
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for haproxy fixes the following issues:
- CVE-2023-25725: Fixed a serious vulnerability in the HTTP/1 parser
(bsc#1208132).
- Fixed an issue where sensitive data might leak to the backend.
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap Micro 5.3:
zypper in -t patch openSUSE-Leap-Micro-5.3-2023-411=1
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2023-411=1
- SUSE Linux Enterprise Micro 5.3:
zypper in -t patch SUSE-SLE-Micro-5.3-2023-411=1
- SUSE Linux Enterprise High Availability 15-SP4:
zypper in -t patch SUSE-SLE-Product-HA-15-SP4-2023-411=1
Package List:
- openSUSE Leap Micro 5.3 (aarch64 x86_64):
haproxy-2.4.8+git0.d1f8d41e0-150400.3.10.1
haproxy-debuginfo-2.4.8+git0.d1f8d41e0-150400.3.10.1
haproxy-debugsource-2.4.8+git0.d1f8d41e0-150400.3.10.1
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
haproxy-2.4.8+git0.d1f8d41e0-150400.3.10.1
haproxy-debuginfo-2.4.8+git0.d1f8d41e0-150400.3.10.1
haproxy-debugsource-2.4.8+git0.d1f8d41e0-150400.3.10.1
- SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64):
haproxy-2.4.8+git0.d1f8d41e0-150400.3.10.1
haproxy-debuginfo-2.4.8+git0.d1f8d41e0-150400.3.10.1
haproxy-debugsource-2.4.8+git0.d1f8d41e0-150400.3.10.1
- SUSE Linux Enterprise High Availability 15-SP4 (aarch64 ppc64le s390x x86_64):
haproxy-2.4.8+git0.d1f8d41e0-150400.3.10.1
haproxy-debuginfo-2.4.8+git0.d1f8d41e0-150400.3.10.1
haproxy-debugsource-2.4.8+git0.d1f8d41e0-150400.3.10.1
References:
https://www.suse.com/security/cve/CVE-2023-25725.html
https://bugzilla.suse.com/1208132
1
0
SUSE-SU-2023:0405-1: important: Security update for libbpf
by opensuse-security@opensuse.org 14 Feb '23
by opensuse-security@opensuse.org 14 Feb '23
14 Feb '23
SUSE Security Update: Security update for libbpf
______________________________________________________________________________
Announcement ID: SUSE-SU-2023:0405-1
Rating: important
References: #1204391 #1204502
Cross-References: CVE-2022-3534 CVE-2022-3606
CVSS scores:
CVE-2022-3534 (NVD) : 8 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3534 (SUSE): 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
CVE-2022-3606 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3606 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Affected Products:
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for libbpf fixes the following issues:
- CVE-2022-3534: Fixed use-after-free in btf_dump_name_dups
(bsc#1204391).
- CVE-2022-3606: Fixed null pointer dereference in
find_prog_by_sec_insn() (bsc#1204502).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2023-405=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2023-405=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
libbpf-debugsource-0.5.0-150400.3.3.1
libbpf-devel-0.5.0-150400.3.3.1
libbpf0-0.5.0-150400.3.3.1
libbpf0-debuginfo-0.5.0-150400.3.3.1
- openSUSE Leap 15.4 (x86_64):
libbpf0-32bit-0.5.0-150400.3.3.1
libbpf0-32bit-debuginfo-0.5.0-150400.3.3.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64 ppc64le s390x x86_64):
libbpf-debugsource-0.5.0-150400.3.3.1
libbpf0-0.5.0-150400.3.3.1
libbpf0-debuginfo-0.5.0-150400.3.3.1
References:
https://www.suse.com/security/cve/CVE-2022-3534.html
https://www.suse.com/security/cve/CVE-2022-3606.html
https://bugzilla.suse.com/1204391
https://bugzilla.suse.com/1204502
1
0
SUSE-SU-2023:0399-1: moderate: Security update for freerdp
by opensuse-security@opensuse.org 13 Feb '23
by opensuse-security@opensuse.org 13 Feb '23
13 Feb '23
SUSE Security Update: Security update for freerdp
______________________________________________________________________________
Announcement ID: SUSE-SU-2023:0399-1
Rating: moderate
References: #1205512
Cross-References: CVE-2022-39316 CVE-2022-39317 CVE-2022-39320
CVE-2022-39347 CVE-2022-41877
CVSS scores:
CVE-2022-39316 (NVD) : 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H
CVE-2022-39316 (SUSE): 4.8 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
CVE-2022-39317 (NVD) : 4.6 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L
CVE-2022-39317 (SUSE): 3.7 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:L
CVE-2022-39320 (NVD) : 4.6 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L
CVE-2022-39320 (SUSE): 3.7 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:L
CVE-2022-39347 (NVD) : 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
CVE-2022-39347 (SUSE): 4.8 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N
CVE-2022-41877 (NVD) : 4.6 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L
CVE-2022-41877 (SUSE): 3.7 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:L
Affected Products:
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Linux Enterprise Workstation Extension 15-SP4
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes 5 vulnerabilities is now available.
Description:
This update for freerdp fixes the following issues:
- CVE-2022-39316: Fixed out of bound read in zgfx decoder (bsc#1205512).
- CVE-2022-39317: Fixed undefined behaviour in zgfx decoder (bsc#1205512).
- CVE-2022-39320: Fixed heap buffer overflow in urbdrc channel
(bsc#1205512).
- CVE-2022-39347: Fixed missing path sanitation with drive channel
(bsc#1205512).
- CVE-2022-41877: Fixed missing input length validation in drive channel
(bsc#1205512).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2023-399=1
- SUSE Linux Enterprise Workstation Extension 15-SP4:
zypper in -t patch SUSE-SLE-Product-WE-15-SP4-2023-399=1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4:
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP4-2023-399=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
freerdp-2.4.0-150400.3.18.1
freerdp-debuginfo-2.4.0-150400.3.18.1
freerdp-debugsource-2.4.0-150400.3.18.1
freerdp-devel-2.4.0-150400.3.18.1
freerdp-proxy-2.4.0-150400.3.18.1
freerdp-proxy-debuginfo-2.4.0-150400.3.18.1
freerdp-server-2.4.0-150400.3.18.1
freerdp-server-debuginfo-2.4.0-150400.3.18.1
freerdp-wayland-2.4.0-150400.3.18.1
freerdp-wayland-debuginfo-2.4.0-150400.3.18.1
libfreerdp2-2.4.0-150400.3.18.1
libfreerdp2-debuginfo-2.4.0-150400.3.18.1
libuwac0-0-2.4.0-150400.3.18.1
libuwac0-0-debuginfo-2.4.0-150400.3.18.1
libwinpr2-2.4.0-150400.3.18.1
libwinpr2-debuginfo-2.4.0-150400.3.18.1
uwac0-0-devel-2.4.0-150400.3.18.1
winpr2-devel-2.4.0-150400.3.18.1
- SUSE Linux Enterprise Workstation Extension 15-SP4 (x86_64):
freerdp-2.4.0-150400.3.18.1
freerdp-debuginfo-2.4.0-150400.3.18.1
freerdp-debugsource-2.4.0-150400.3.18.1
freerdp-devel-2.4.0-150400.3.18.1
freerdp-proxy-2.4.0-150400.3.18.1
freerdp-proxy-debuginfo-2.4.0-150400.3.18.1
libfreerdp2-2.4.0-150400.3.18.1
libfreerdp2-debuginfo-2.4.0-150400.3.18.1
libwinpr2-2.4.0-150400.3.18.1
libwinpr2-debuginfo-2.4.0-150400.3.18.1
winpr2-devel-2.4.0-150400.3.18.1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4 (aarch64 ppc64le s390x):
freerdp-2.4.0-150400.3.18.1
freerdp-debuginfo-2.4.0-150400.3.18.1
freerdp-debugsource-2.4.0-150400.3.18.1
freerdp-devel-2.4.0-150400.3.18.1
freerdp-proxy-2.4.0-150400.3.18.1
freerdp-proxy-debuginfo-2.4.0-150400.3.18.1
libfreerdp2-2.4.0-150400.3.18.1
libfreerdp2-debuginfo-2.4.0-150400.3.18.1
libwinpr2-2.4.0-150400.3.18.1
libwinpr2-debuginfo-2.4.0-150400.3.18.1
winpr2-devel-2.4.0-150400.3.18.1
References:
https://www.suse.com/security/cve/CVE-2022-39316.html
https://www.suse.com/security/cve/CVE-2022-39317.html
https://www.suse.com/security/cve/CVE-2022-39320.html
https://www.suse.com/security/cve/CVE-2022-39347.html
https://www.suse.com/security/cve/CVE-2022-41877.html
https://bugzilla.suse.com/1205512
1
0
openSUSE-SU-2023:0045-1: important: Security update for chromium
by opensuse-security@opensuse.org 13 Feb '23
by opensuse-security@opensuse.org 13 Feb '23
13 Feb '23
openSUSE Security Update: Security update for chromium
______________________________________________________________________________
Announcement ID: openSUSE-SU-2023:0045-1
Rating: important
References: #1208029
Cross-References: CVE-2023-0696 CVE-2023-0697 CVE-2023-0698
CVE-2023-0699 CVE-2023-0700 CVE-2023-0701
CVE-2023-0702 CVE-2023-0703 CVE-2023-0704
CVE-2023-0705
Affected Products:
openSUSE Backports SLE-15-SP4
______________________________________________________________________________
An update that fixes 10 vulnerabilities is now available.
Description:
This update for chromium fixes the following issues:
Chromium 110.0.5481.77 (boo#1208029):
* CVE-2023-0696: Type Confusion in V8
* CVE-2023-0697: Inappropriate implementation in Full screen mode
* CVE-2023-0698: Out of bounds read in WebRTC
* CVE-2023-0699: Use after free in GPU
* CVE-2023-0700: Inappropriate implementation in Download
* CVE-2023-0701: Heap buffer overflow in WebUI
* CVE-2023-0702: Type Confusion in Data Transfer
* CVE-2023-0703: Type Confusion in DevTools
* CVE-2023-0704: Insufficient policy enforcement in DevTools
* CVE-2023-0705: Integer overflow in Core
* Various fixes from internal audits, fuzzing and other initiatives
- build with bundled libavif
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Backports SLE-15-SP4:
zypper in -t patch openSUSE-2023-45=1
Package List:
- openSUSE Backports SLE-15-SP4 (aarch64 x86_64):
chromedriver-110.0.5481.77-bp154.2.67.1
chromium-110.0.5481.77-bp154.2.67.1
References:
https://www.suse.com/security/cve/CVE-2023-0696.html
https://www.suse.com/security/cve/CVE-2023-0697.html
https://www.suse.com/security/cve/CVE-2023-0698.html
https://www.suse.com/security/cve/CVE-2023-0699.html
https://www.suse.com/security/cve/CVE-2023-0700.html
https://www.suse.com/security/cve/CVE-2023-0701.html
https://www.suse.com/security/cve/CVE-2023-0702.html
https://www.suse.com/security/cve/CVE-2023-0703.html
https://www.suse.com/security/cve/CVE-2023-0704.html
https://www.suse.com/security/cve/CVE-2023-0705.html
https://bugzilla.suse.com/1208029
1
0
SUSE-SU-2023:0389-1: critical: Security update for apr-util
by opensuse-security@opensuse.org 13 Feb '23
by opensuse-security@opensuse.org 13 Feb '23
13 Feb '23
SUSE Security Update: Security update for apr-util
______________________________________________________________________________
Announcement ID: SUSE-SU-2023:0389-1
Rating: critical
References: #1207866
Cross-References: CVE-2022-25147
CVSS scores:
CVE-2022-25147 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-25147 (SUSE): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products:
SUSE Enterprise Storage 7.1
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP3-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP3-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Module for Server Applications 15-SP4
SUSE Linux Enterprise Realtime Extension 15-SP3
SUSE Linux Enterprise Server 15-SP3-LTSS
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.2
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.2
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.2
SUSE Manager Server 4.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for apr-util fixes the following issues:
- CVE-2022-25147: Fixed a buffer overflow possible with specially crafted
input during base64 encoding (bsc#1207866)
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2023-389=1
- SUSE Manager Server 4.2:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.2-2023-389=1
- SUSE Manager Retail Branch Server 4.2:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.2-2023-389=1
- SUSE Manager Proxy 4.2:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.2-2023-389=1
- SUSE Linux Enterprise Server for SAP 15-SP3:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2023-389=1
- SUSE Linux Enterprise Server 15-SP3-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2023-389=1
- SUSE Linux Enterprise Realtime Extension 15-SP3:
zypper in -t patch SUSE-SLE-Product-RT-15-SP3-2023-389=1
- SUSE Linux Enterprise Module for Server Applications 15-SP4:
zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP4-2023-389=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2023-389=1
- SUSE Linux Enterprise High Performance Computing 15-SP3-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2023-389=1
- SUSE Linux Enterprise High Performance Computing 15-SP3-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-ESPOS-2023-389=1
- SUSE Enterprise Storage 7.1:
zypper in -t patch SUSE-Storage-7.1-2023-389=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
apr-util-debuginfo-1.6.1-150300.18.5.1
apr-util-debugsource-1.6.1-150300.18.5.1
apr-util-devel-1.6.1-150300.18.5.1
libapr-util1-1.6.1-150300.18.5.1
libapr-util1-dbd-mysql-1.6.1-150300.18.5.1
libapr-util1-dbd-mysql-debuginfo-1.6.1-150300.18.5.1
libapr-util1-dbd-pgsql-1.6.1-150300.18.5.1
libapr-util1-dbd-pgsql-debuginfo-1.6.1-150300.18.5.1
libapr-util1-dbd-sqlite3-1.6.1-150300.18.5.1
libapr-util1-dbd-sqlite3-debuginfo-1.6.1-150300.18.5.1
libapr-util1-dbm-db-1.6.1-150300.18.5.1
libapr-util1-dbm-db-debuginfo-1.6.1-150300.18.5.1
libapr-util1-debuginfo-1.6.1-150300.18.5.1
- SUSE Manager Server 4.2 (ppc64le s390x x86_64):
apr-util-debuginfo-1.6.1-150300.18.5.1
apr-util-debugsource-1.6.1-150300.18.5.1
apr-util-devel-1.6.1-150300.18.5.1
libapr-util1-1.6.1-150300.18.5.1
libapr-util1-dbd-mysql-1.6.1-150300.18.5.1
libapr-util1-dbd-mysql-debuginfo-1.6.1-150300.18.5.1
libapr-util1-dbd-pgsql-1.6.1-150300.18.5.1
libapr-util1-dbd-pgsql-debuginfo-1.6.1-150300.18.5.1
libapr-util1-dbd-sqlite3-1.6.1-150300.18.5.1
libapr-util1-dbd-sqlite3-debuginfo-1.6.1-150300.18.5.1
libapr-util1-debuginfo-1.6.1-150300.18.5.1
- SUSE Manager Retail Branch Server 4.2 (x86_64):
apr-util-debuginfo-1.6.1-150300.18.5.1
apr-util-debugsource-1.6.1-150300.18.5.1
apr-util-devel-1.6.1-150300.18.5.1
libapr-util1-1.6.1-150300.18.5.1
libapr-util1-dbd-mysql-1.6.1-150300.18.5.1
libapr-util1-dbd-mysql-debuginfo-1.6.1-150300.18.5.1
libapr-util1-dbd-pgsql-1.6.1-150300.18.5.1
libapr-util1-dbd-pgsql-debuginfo-1.6.1-150300.18.5.1
libapr-util1-dbd-sqlite3-1.6.1-150300.18.5.1
libapr-util1-dbd-sqlite3-debuginfo-1.6.1-150300.18.5.1
libapr-util1-debuginfo-1.6.1-150300.18.5.1
- SUSE Manager Proxy 4.2 (x86_64):
apr-util-debuginfo-1.6.1-150300.18.5.1
apr-util-debugsource-1.6.1-150300.18.5.1
apr-util-devel-1.6.1-150300.18.5.1
libapr-util1-1.6.1-150300.18.5.1
libapr-util1-dbd-mysql-1.6.1-150300.18.5.1
libapr-util1-dbd-mysql-debuginfo-1.6.1-150300.18.5.1
libapr-util1-dbd-pgsql-1.6.1-150300.18.5.1
libapr-util1-dbd-pgsql-debuginfo-1.6.1-150300.18.5.1
libapr-util1-dbd-sqlite3-1.6.1-150300.18.5.1
libapr-util1-dbd-sqlite3-debuginfo-1.6.1-150300.18.5.1
libapr-util1-debuginfo-1.6.1-150300.18.5.1
- SUSE Linux Enterprise Server for SAP 15-SP3 (ppc64le x86_64):
apr-util-debuginfo-1.6.1-150300.18.5.1
apr-util-debugsource-1.6.1-150300.18.5.1
apr-util-devel-1.6.1-150300.18.5.1
libapr-util1-1.6.1-150300.18.5.1
libapr-util1-dbd-mysql-1.6.1-150300.18.5.1
libapr-util1-dbd-mysql-debuginfo-1.6.1-150300.18.5.1
libapr-util1-dbd-pgsql-1.6.1-150300.18.5.1
libapr-util1-dbd-pgsql-debuginfo-1.6.1-150300.18.5.1
libapr-util1-dbd-sqlite3-1.6.1-150300.18.5.1
libapr-util1-dbd-sqlite3-debuginfo-1.6.1-150300.18.5.1
libapr-util1-dbm-db-1.6.1-150300.18.5.1
libapr-util1-dbm-db-debuginfo-1.6.1-150300.18.5.1
libapr-util1-debuginfo-1.6.1-150300.18.5.1
- SUSE Linux Enterprise Server 15-SP3-LTSS (aarch64 ppc64le s390x x86_64):
apr-util-debuginfo-1.6.1-150300.18.5.1
apr-util-debugsource-1.6.1-150300.18.5.1
apr-util-devel-1.6.1-150300.18.5.1
libapr-util1-1.6.1-150300.18.5.1
libapr-util1-dbd-mysql-1.6.1-150300.18.5.1
libapr-util1-dbd-mysql-debuginfo-1.6.1-150300.18.5.1
libapr-util1-dbd-pgsql-1.6.1-150300.18.5.1
libapr-util1-dbd-pgsql-debuginfo-1.6.1-150300.18.5.1
libapr-util1-dbd-sqlite3-1.6.1-150300.18.5.1
libapr-util1-dbd-sqlite3-debuginfo-1.6.1-150300.18.5.1
libapr-util1-dbm-db-1.6.1-150300.18.5.1
libapr-util1-dbm-db-debuginfo-1.6.1-150300.18.5.1
libapr-util1-debuginfo-1.6.1-150300.18.5.1
- SUSE Linux Enterprise Realtime Extension 15-SP3 (x86_64):
apr-util-debuginfo-1.6.1-150300.18.5.1
apr-util-debugsource-1.6.1-150300.18.5.1
apr-util-devel-1.6.1-150300.18.5.1
libapr-util1-1.6.1-150300.18.5.1
libapr-util1-dbd-mysql-1.6.1-150300.18.5.1
libapr-util1-dbd-mysql-debuginfo-1.6.1-150300.18.5.1
libapr-util1-dbd-pgsql-1.6.1-150300.18.5.1
libapr-util1-dbd-pgsql-debuginfo-1.6.1-150300.18.5.1
libapr-util1-dbd-sqlite3-1.6.1-150300.18.5.1
libapr-util1-dbd-sqlite3-debuginfo-1.6.1-150300.18.5.1
libapr-util1-debuginfo-1.6.1-150300.18.5.1
- SUSE Linux Enterprise Module for Server Applications 15-SP4 (aarch64 ppc64le s390x x86_64):
apr-util-debuginfo-1.6.1-150300.18.5.1
apr-util-debugsource-1.6.1-150300.18.5.1
libapr-util1-dbd-mysql-1.6.1-150300.18.5.1
libapr-util1-dbd-mysql-debuginfo-1.6.1-150300.18.5.1
libapr-util1-dbd-pgsql-1.6.1-150300.18.5.1
libapr-util1-dbd-pgsql-debuginfo-1.6.1-150300.18.5.1
libapr-util1-dbd-sqlite3-1.6.1-150300.18.5.1
libapr-util1-dbd-sqlite3-debuginfo-1.6.1-150300.18.5.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64 ppc64le s390x x86_64):
apr-util-debuginfo-1.6.1-150300.18.5.1
apr-util-debugsource-1.6.1-150300.18.5.1
apr-util-devel-1.6.1-150300.18.5.1
libapr-util1-1.6.1-150300.18.5.1
libapr-util1-debuginfo-1.6.1-150300.18.5.1
- SUSE Linux Enterprise High Performance Computing 15-SP3-LTSS (aarch64 x86_64):
apr-util-debuginfo-1.6.1-150300.18.5.1
apr-util-debugsource-1.6.1-150300.18.5.1
apr-util-devel-1.6.1-150300.18.5.1
libapr-util1-1.6.1-150300.18.5.1
libapr-util1-dbd-mysql-1.6.1-150300.18.5.1
libapr-util1-dbd-mysql-debuginfo-1.6.1-150300.18.5.1
libapr-util1-dbd-pgsql-1.6.1-150300.18.5.1
libapr-util1-dbd-pgsql-debuginfo-1.6.1-150300.18.5.1
libapr-util1-dbd-sqlite3-1.6.1-150300.18.5.1
libapr-util1-dbd-sqlite3-debuginfo-1.6.1-150300.18.5.1
libapr-util1-dbm-db-1.6.1-150300.18.5.1
libapr-util1-dbm-db-debuginfo-1.6.1-150300.18.5.1
libapr-util1-debuginfo-1.6.1-150300.18.5.1
- SUSE Linux Enterprise High Performance Computing 15-SP3-ESPOS (aarch64 x86_64):
apr-util-debuginfo-1.6.1-150300.18.5.1
apr-util-debugsource-1.6.1-150300.18.5.1
apr-util-devel-1.6.1-150300.18.5.1
libapr-util1-1.6.1-150300.18.5.1
libapr-util1-dbd-mysql-1.6.1-150300.18.5.1
libapr-util1-dbd-mysql-debuginfo-1.6.1-150300.18.5.1
libapr-util1-dbd-pgsql-1.6.1-150300.18.5.1
libapr-util1-dbd-pgsql-debuginfo-1.6.1-150300.18.5.1
libapr-util1-dbd-sqlite3-1.6.1-150300.18.5.1
libapr-util1-dbd-sqlite3-debuginfo-1.6.1-150300.18.5.1
libapr-util1-dbm-db-1.6.1-150300.18.5.1
libapr-util1-dbm-db-debuginfo-1.6.1-150300.18.5.1
libapr-util1-debuginfo-1.6.1-150300.18.5.1
- SUSE Enterprise Storage 7.1 (aarch64 x86_64):
apr-util-debuginfo-1.6.1-150300.18.5.1
apr-util-debugsource-1.6.1-150300.18.5.1
apr-util-devel-1.6.1-150300.18.5.1
libapr-util1-1.6.1-150300.18.5.1
libapr-util1-dbd-mysql-1.6.1-150300.18.5.1
libapr-util1-dbd-mysql-debuginfo-1.6.1-150300.18.5.1
libapr-util1-dbd-pgsql-1.6.1-150300.18.5.1
libapr-util1-dbd-pgsql-debuginfo-1.6.1-150300.18.5.1
libapr-util1-dbd-sqlite3-1.6.1-150300.18.5.1
libapr-util1-dbd-sqlite3-debuginfo-1.6.1-150300.18.5.1
libapr-util1-dbm-db-1.6.1-150300.18.5.1
libapr-util1-dbm-db-debuginfo-1.6.1-150300.18.5.1
libapr-util1-debuginfo-1.6.1-150300.18.5.1
References:
https://www.suse.com/security/cve/CVE-2022-25147.html
https://bugzilla.suse.com/1207866
1
0
SUSE-SU-2023:0394-1: important: Security update for the Linux Kernel
by opensuse-security@opensuse.org 13 Feb '23
by opensuse-security@opensuse.org 13 Feb '23
13 Feb '23
SUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________
Announcement ID: SUSE-SU-2023:0394-1
Rating: important
References: #1185861 #1185863 #1186449 #1191256 #1192868
#1193629 #1194869 #1195175 #1195655 #1196058
#1199701 #1204063 #1204356 #1204662 #1205495
#1206006 #1206036 #1206056 #1206057 #1206258
#1206363 #1206459 #1206616 #1206677 #1206784
#1207010 #1207034 #1207134 #1207149 #1207158
#1207184 #1207186 #1207190 #1207237 #1207263
#1207269 #1207497 #1207500 #1207501 #1207506
#1207507 #1207734 #1207769 #1207842 #1207878
#1207933 SLE-21132 SLE-24682
Cross-References: CVE-2020-24588 CVE-2022-4382 CVE-2022-47929
CVE-2023-0179 CVE-2023-0266
CVSS scores:
CVE-2020-24588 (NVD) : 3.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
CVE-2020-24588 (SUSE): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
CVE-2022-4382 (NVD) : 6.4 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-4382 (SUSE): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-47929 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-47929 (SUSE): 4.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H
CVE-2023-0179 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2023-0266 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2023-0266 (SUSE): 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products:
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Public Cloud 15-SP4
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that solves 5 vulnerabilities, contains two
features and has 41 fixes is now available.
Description:
The SUSE Linux Enterprise 15 SP4 AZURE kernel was updated to receive
various security and bugfixes.
The following security bugs were fixed:
- CVE-2023-0266: Fixed a use-after-free vulnerability inside the ALSA PCM
package. SNDRV_CTL_IOCTL_ELEM_{READ|WRITE}32 was missing locks that
could have been used in a use-after-free that could have resulted in a
priviledge escalation to gain ring0 access from the system user
(bsc#1207134).
- CVE-2023-0179: Fixed incorrect arithmetics when fetching VLAN header
bits (bsc#1207034).
- CVE-2022-47929: Fixed NULL pointer dereference bug in the traffic
control subsystem (bnc#1207237).
- CVE-2022-4382: Fixed a use-after-free flaw that was caused by a race
condition among the superblock operations inside the gadgetfs code
(bsc#1206258).
- CVE-2020-24588: Fixed injection of arbitrary network packets against
devices that support receiving non-SSP A-MSDU frames (which is mandatory
as part of 802.11n) (bsc#1199701).
The following non-security bugs were fixed:
- ACPI: EC: Fix EC address space handler unregistration (bsc#1207149).
- ACPI: EC: Fix ECDT probe ordering issues (bsc#1207149).
- ACPI: PRM: Check whether EFI runtime is available (git-fixes).
- ACPICA: Allow address_space_handler Install and _REG execution as 2
separate steps (bsc#1207149).
- ACPICA: include/acpi/acpixf.h: Fix indentation (bsc#1207149).
- ALSA: control-led: use strscpy in set_led_id() (git-fixes).
- ALSA: hda - Enable headset mic on another Dell laptop with ALC3254
(git-fixes).
- ALSA: hda/hdmi: Add a HP device 0x8715 to force connect list (git-fixes).
- ALSA: hda/realtek - Turn on power early (git-fixes).
- ALSA: hda/realtek: Add Acer Predator PH315-54 (git-fixes).
- ALSA: hda/realtek: Enable mute/micmute LEDs on HP Spectre x360 13-aw0xxx
(git-fixes).
- ALSA: hda/realtek: fix mute/micmute LEDs do not work for a HP platform
(git-fixes).
- ALSA: hda/realtek: fix mute/micmute LEDs for a HP ProBook (git-fixes).
- ALSA: hda/realtek: fix mute/micmute LEDs, speaker do not work for a HP
platform (git-fixes).
- ALSA: hda/via: Avoid potential array out-of-bound in
add_secret_dac_path() (git-fixes).
- ALSA: hda: cs35l41: Check runtime suspend capability at runtime_idle
(git-fixes).
- ALSA: hda: cs35l41: Do not return -EINVAL from system suspend/resume
(git-fixes).
- ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF
(git-fixes).
- ALSA: usb-audio: Make sure to stop endpoints before closing EPs
(git-fixes).
- ALSA: usb-audio: Relax hw constraints for implicit fb sync (git-fixes).
- ARM: dts: at91: sam9x60: fix the ddr clock for sam9x60 (git-fixes).
- ARM: dts: imx6qdl-gw560x: Remove incorrect 'uart-has-rtscts' (git-fixes).
- ARM: dts: imx6ul-pico-dwarf: Use 'clock-frequency' (git-fixes).
- ARM: dts: imx7d-pico: Use 'clock-frequency' (git-fixes).
- ARM: dts: imx: Fix pca9547 i2c-mux node name (git-fixes).
- ARM: dts: vf610: Fix pca9548 i2c-mux node names (git-fixes).
- ARM: imx: add missing of_node_put() (git-fixes).
- ASoC: Intel: bytcr_rt5651: Drop reference count of ACPI device after use
(git-fixes).
- ASoC: Intel: bytcr_wm5102: Drop reference count of ACPI device after use
(git-fixes).
- ASoC: fsl-asoc-card: Fix naming of AC'97 CODEC widgets (git-fixes).
- ASoC: fsl_micfil: Correct the number of steps on SX controls (git-fixes).
- ASoC: fsl_ssi: Rename AC'97 streams to avoid collisions with AC'97 CODEC
(git-fixes).
- ASoC: qcom: lpass-cpu: Fix fallback SD line index handling (git-fixes).
- ASoC: wm8904: fix wrong outputs volume after power reactivation
(git-fixes).
- Bluetooth: Fix possible deadlock in rfcomm_sk_state_change (git-fixes).
- Bluetooth: hci_qca: Fix driver shutdown on closed serdev (git-fixes).
- Documentation: Remove bogus claim about del_timer_sync() (git-fixes).
- HID: betop: check shape of output reports (git-fixes).
- HID: betop: check shape of output reports (git-fixes, bsc#1207186).
- HID: check empty report_list in bigben_probe() (git-fixes).
- HID: check empty report_list in hid_validate_values() (git-fixes).
- HID: drop assumptions on non-empty lists (git-fixes, bsc#1206784).
- HID: intel_ish-hid: Add check for ishtp_dma_tx_map (git-fixes).
- HID: playstation: sanity check DualSense calibration data (git-fixes).
- HID: revert CHERRY_MOUSE_000C quirk (git-fixes).
- IB/hfi1: Fix expected receive setup error exit issues (git-fixes)
- IB/hfi1: Immediately remove invalid memory from hardware (git-fixes)
- IB/hfi1: Reject a zero-length user expected buffer (git-fixes)
- IB/hfi1: Remove user expected buffer invalidate race (git-fixes)
- IB/hfi1: Reserve user expected TIDs (git-fixes)
- IB/mad: Do not call to function that might sleep while in atomic context
(git-fixes).
- KVM: x86: Check for existing Hyper-V vCPU in kvm_hv_vcpu_init()
(bsc#1206616).
- PCI/PM: Define pci_restore_standard_config() only for CONFIG_PM_SLEEP
(bsc#1207269).
- PM: AVS: qcom-cpr: Fix an error handling path in cpr_probe() (git-fixes).
- RDMA/core: Fix ib block iterator counter overflow (bsc#1207878).
- RDMA/core: Fix ib block iterator counter overflow (git-fixes)
- RDMA/mlx5: Fix mlx5_ib_get_hw_stats when used for device (git-fixes)
- RDMA/mlx5: Fix validation of max_rd_atomic caps for DC (git-fixes)
- RDMA/rxe: Prevent faulty rkey generation (git-fixes)
- RDMA/srp: Move large values to a new enum for gcc13 (git-fixes)
- Revert "ARM: dts: armada-38x: Fix compatible string for gpios"
(git-fixes).
- Revert "ARM: dts: armada-39x: Fix compatible string for gpios"
(git-fixes).
- Revert "Input: synaptics - switch touchpad on HP Laptop 15-da3001TU to
RMI mode" (git-fixes).
- Revert "Revert "block, bfq: honor already-setup queue merges""
(git-fixes).
- Revert "arm64: dts: meson-sm1-odroid-hc4: disable unused USB PHY0"
(git-fixes).
- Revert "wifi: mac80211: fix memory leak in ieee80211_if_add()"
(git-fixes).
- SUNRPC: Do not dereference xprt->snd_task if it's a cookie (git-fixes).
- SUNRPC: Use BIT() macro in rpc_show_xprt_state() (git-fixes).
- USB: gadget: Fix use-after-free during usb config switch (git-fixes).
- USB: misc: iowarrior: fix up header size for
USB_DEVICE_ID_CODEMERCS_IOW100 (git-fixes).
- USB: serial: cp210x: add SCALANCE LPE-9000 device id (git-fixes).
- USB: serial: option: add Quectel EC200U modem (git-fixes).
- USB: serial: option: add Quectel EM05-G (CS) modem (git-fixes).
- USB: serial: option: add Quectel EM05-G (GR) modem (git-fixes).
- USB: serial: option: add Quectel EM05-G (RS) modem (git-fixes).
- USB: serial: option: add Quectel EM05CN (SG) modem (git-fixes).
- USB: serial: option: add Quectel EM05CN modem (git-fixes).
- VMCI: Use threaded irqs instead of tasklets (git-fixes).
- arm64: atomics: format whitespace consistently (git-fixes).
- arm64: dts: imx8mm-beacon: Fix ecspi2 pinmux (git-fixes).
- arm64: dts: imx8mm-venice-gw7901: fix USB2 controller OC polarity
(git-fixes).
- arm64: dts: imx8mm: Fix pad control for UART1_DTE_RX (git-fixes).
- arm64: dts: imx8mq-thor96: fix no-mmc property for SDHCI (git-fixes).
- arm64: dts: qcom: msm8992-libra: Add CPU regulators (git-fixes).
- arm64: dts: qcom: msm8992-libra: Fix the memory map (git-fixes).
- arm64: dts: qcom: msm8992: Do not use sfpb mutex (git-fixes).
- arm64: efi: Execute runtime services from a dedicated stack (git-fixes).
- ata: libata: Fix sata_down_spd_limit() when no link speed is reported
(git-fixes).
- ath11k: Fix unexpected return buffer manager error for QCA6390
(git-fixes).
- bcache: fix set_at_max_writeback_rate() for multiple attached devices
(git-fixes).
- bfq: fix use-after-free in bfq_dispatch_request (git-fixes).
- bfq: fix waker_bfqq inconsistency crash (git-fixes).
- blk-throttle: prevent overflow while calculating wait time (git-fixes).
- blk-wbt: fix that 'rwb->wc' is always set to 1 in wbt_init() (git-fixes).
- blktrace: Fix output non-blktrace event when blk_classic option enabled
(git-fixes).
- block, bfq: do not move oom_bfqq (git-fixes).
- block, bfq: fix null pointer dereference in bfq_bio_bfqg() (git-fixes).
- block, bfq: fix possible uaf for 'bfqq->bic' (git-fixes).
- block, bfq: fix uaf for bfqq in bfq_exit_icq_bfqq (git-fixes).
- block, bfq: protect 'bfqd->queued' by 'bfqd->lock' (git-fixes).
- block/bfq_wf2q: correct weight to ioprio (git-fixes).
- block/bio: remove duplicate append pages code (git-fixes).
- block: check minor range in device_add_disk() (git-fixes).
- block: ensure iov_iter advances for added pages (git-fixes).
- block: fix infinite loop for invalid zone append (git-fixes).
- block: mq-deadline: Fix dd_finish_request() for zoned devices
(git-fixes).
- block: use bdev_get_queue() in bio.c (git-fixes).
- bnx2x: fix pci device refcount leak in bnx2x_vf_is_pcie_pending()
(git-fixes).
- bnxt_en: Fix possible crash in bnxt_hwrm_set_coal() (git-fixes).
- bnxt_en: Remove debugfs when pci_register_driver failed (git-fixes).
- bnxt_en: add dynamic debug support for HWRM messages (git-fixes).
- bnxt_en: fix potentially incorrect return value for ndo_rx_flow_steer
(git-fixes).
- bnxt_en: fix the handling of PCIE-AER (git-fixes).
- bnxt_en: refactor bnxt_cancel_reservations() (git-fixes).
- btrfs: add helper to delete a dir entry from a log tree (bsc#1207263).
- btrfs: avoid inode logging during rename and link when possible
(bsc#1207263).
- btrfs: avoid logging all directory changes during renames (bsc#1207263).
- btrfs: backport recent fixes for send/receive into SLE15 SP4/SP5
(bsc#1206036 bsc#1207500 ltc#201363).
- btrfs: do not log unnecessary boundary keys when logging directory
(bsc#1207263).
- btrfs: fix assertion failure when logging directory key range item
(bsc#1207263).
- btrfs: fix processing of delayed data refs during backref walking
(bsc#1206056 bsc#1207507 ltc#201367).
- btrfs: fix processing of delayed tree block refs during backref walking
(bsc#1206057 bsc#1207506 ltc#201368).
- btrfs: fix race between quota enable and quota rescan ioctl
(bsc#1207158).
- btrfs: fix race between quota rescan and disable leading to NULL pointer
deref (bsc#1207158).
- btrfs: fix trace event name typo for FLUSH_DELAYED_REFS (git-fixes).
- btrfs: join running log transaction when logging new name (bsc#1207263).
- btrfs: move QUOTA_ENABLED check to rescan_should_stop from
btrfs_qgroup_rescan_worker (bsc#1207158).
- btrfs: pass the dentry to btrfs_log_new_name() instead of the inode
(bsc#1207263).
- btrfs: prepare extents to be logged before locking a log tree path
(bsc#1207263).
- btrfs: put initial index value of a directory in a constant
(bsc#1207263).
- btrfs: qgroup: remove duplicated check in adding qgroup relations
(bsc#1207158).
- btrfs: qgroup: remove outdated TODO comments (bsc#1207158).
- btrfs: remove unnecessary NULL check for the new inode during rename
exchange (bsc#1207263).
- btrfs: remove useless path release in the fast fsync path (bsc#1207263).
- btrfs: remove write and wait of struct walk_control (bsc#1207263).
- btrfs: stop copying old dir items when logging a directory (bsc#1207263).
- btrfs: stop doing unnecessary log updates during a rename (bsc#1207263).
- btrfs: stop trying to log subdirectories created in past transactions
(bsc#1207263).
- btrfs: use single variable to track return value at btrfs_log_inode()
(bsc#1207263).
- bus: sunxi-rsb: Fix error handling in sunxi_rsb_init() (git-fixes).
- can: j1939: fix errant WARN_ON_ONCE in j1939_session_deactivate
(git-fixes).
- cifs: Fix uninitialized memory read for smb311 posix symlink create
(git-fixes).
- cifs: do not query ifaces on smb1 mounts (git-fixes).
- cifs: fix double free on failed kerberos auth (git-fixes).
- cifs: fix file info setting in cifs_open_file() (git-fixes).
- cifs: fix file info setting in cifs_query_path_info() (git-fixes).
- cifs: fix potential memory leaks in session setup (bsc#1193629).
- cifs: fix race in assemble_neg_contexts() (bsc#1193629).
- cifs: ignore ipc reconnect failures during dfs failover (bsc#1193629).
- cifs: protect access of TCP_Server_Info::{dstaddr,hostname}
(bsc#1193629).
- cifs: remove redundant assignment to the variable match (bsc#1193629).
- comedi: adv_pci1760: Fix PWM instruction handling (git-fixes).
- config: arm64: Fix Freescale LPUART dependency (boo#1204063).
- cpufreq: Add Tegra234 to cpufreq-dt-platdev blocklist (git-fixes).
- cpufreq: armada-37xx: stop using 0 as NULL pointer (git-fixes).
- crypto: fixed DH and ECDH implemention for FIPS PCT
(jsc#SLE-21132,bsc#1191256,bsc#1207184).
- dm btree: add a defensive bounds check to insert_at() (git-fixes).
- dm cache: Fix ABBA deadlock between shrink_slab and
dm_cache_metadata_abort (git-fixes).
- dm cache: Fix UAF in destroy() (git-fixes).
- dm cache: set needs_check flag after aborting metadata (git-fixes).
- dm clone: Fix UAF in clone_dtr() (git-fixes).
- dm integrity: Fix UAF in dm_integrity_dtr() (git-fixes).
- dm integrity: clear the journal on suspend (git-fixes).
- dm integrity: flush the journal on suspend (git-fixes).
- dm ioctl: fix misbehavior if list_versions races with module loading
(git-fixes).
- dm ioctl: prevent potential spectre v1 gadget (git-fixes).
- dm raid: fix address sanitizer warning in raid_resume (git-fixes).
- dm raid: fix address sanitizer warning in raid_status (git-fixes).
- dm space map common: add bounds check to sm_ll_lookup_bitmap()
(git-fixes).
- dm thin: Fix ABBA deadlock between shrink_slab and
dm_pool_abort_metadata (git-fixes).
- dm thin: Fix UAF in run_timer_softirq() (git-fixes).
- dm thin: Use last transaction's pmd->root when commit failed (git-fixes).
- dm thin: resume even if in FAIL mode (git-fixes).
- dm writecache: set a default MAX_WRITEBACK_JOBS (git-fixes).
- dm: fix alloc_dax error handling in alloc_dev (git-fixes).
- dm: requeue IO if mapping table not yet available (git-fixes).
- dmaengine: Fix double increment of client_count in dma_chan_get()
(git-fixes).
- dmaengine: idxd: Do not call DMX TX callbacks during workqueue disable
(git-fixes).
- dmaengine: idxd: Let probe fail when workqueue cannot be enabled
(git-fixes).
- dmaengine: imx-sdma: Fix a possible memory leak in sdma_transfer_init
(git-fixes).
- dmaengine: lgm: Move DT parsing after initialization (git-fixes).
- dmaengine: tegra210-adma: fix global intr clear (git-fixes).
- dmaengine: ti: k3-udma: Do conditional decrement of
UDMA_CHAN_RT_PEER_BCNT_REG (git-fixes).
- dmaengine: xilinx_dma: call of_node_put() when breaking out of
for_each_child_of_node() (git-fixes).
- docs: Fix the docs build with Sphinx 6.0 (git-fixes).
- driver core: Fix test_async_probe_init saves device in wrong array
(git-fixes).
- drivers: net: xgene: disable napi when register irq failed in
xgene_enet_open() (git-fixes).
- drivers:md:fix a potential use-after-free bug (git-fixes).
- drm/amd/display: Calculate output_color_space after pixel encoding
adjustment (git-fixes).
- drm/amd/display: Fix COLOR_SPACE_YCBCR2020_TYPE matrix (git-fixes).
- drm/amd/display: Fix set scaling doesn's work (git-fixes).
- drm/amd/display: Take emulated dc_sink into account for HDCP
(bsc#1207734).
- drm/amd/display: fix issues with driver unload (git-fixes).
- drm/amdgpu: complete gfxoff allow signal during suspend without delay
(git-fixes).
- drm/amdgpu: disable runtime pm on several sienna cichlid cards(v2)
(git-fixes).
- drm/amdgpu: drop experimental flag on aldebaran (git-fixes).
- drm/hyperv: Add error message for fb size greater than allocated
(git-fixes).
- drm/i915/adlp: Fix typo for reference clock (git-fixes).
- drm/i915/display: Check source height is > 0 (git-fixes).
- drm/i915/gt: Reset twice (git-fixes).
- drm/i915/selftest: fix intel_selftest_modify_policy argument types
(git-fixes).
- drm/i915: Fix potential bit_17 double-free (git-fixes).
- drm/i915: re-disable RC6p on Sandy Bridge (git-fixes).
- drm/msm/adreno: Make adreno quirks not overwrite each other (git-fixes).
- drm/msm/dp: do not complete dp_aux_cmd_fifo_tx() if irq is not for aux
transfer (git-fixes).
- drm/msm: another fix for the headless Adreno GPU (git-fixes).
- drm/panfrost: fix GENERIC_ATOMIC64 dependency (git-fixes).
- drm/vc4: hdmi: make CEC adapter name unique (git-fixes).
- drm/virtio: Fix GEM handle creation UAF (git-fixes).
- drm: Add orientation quirk for Lenovo ideapad D330-10IGL (git-fixes).
- dt-bindings: msm/dsi: Do not require vcca-supply on 14nm PHY (git-fixes).
- dt-bindings: msm/dsi: Do not require vdds-supply on 10nm PHY (git-fixes).
- dt-bindings: msm: dsi-controller-main: Fix description of core clock
(git-fixes).
- dt-bindings: msm: dsi-controller-main: Fix operating-points-v2
constraint (git-fixes).
- dt-bindings: msm: dsi-phy-28nm: Add missing qcom,
dsi-phy-regulator-ldo-mode (git-fixes).
- efi: fix potential NULL deref in efi_mem_reserve_persistent (git-fixes).
- efi: fix userspace infinite retry read efivars after EFI runtime
services page fault (git-fixes).
- efi: rt-wrapper: Add missing include (git-fixes).
- efi: tpm: Avoid READ_ONCE() for accessing the event log (git-fixes).
- ext4: Fixup pages without buffers (bsc#1205495).
- extcon: usbc-tusb320: fix kernel-doc warning (git-fixes).
- fbcon: Check font dimension limits (git-fixes).
- fbdev: omapfb: avoid stack overflow warning (git-fixes).
- firewire: fix memory leak for payload of request subaction to IEC
61883-1 FCP region (git-fixes).
- firmware: arm_scmi: Harden shared memory access in fetch_notification
(git-fixes).
- firmware: arm_scmi: Harden shared memory access in fetch_response
(git-fixes).
- fpga: stratix10-soc: Fix return value check in s10_ops_write_init()
(git-fixes).
- fs: remove __sync_filesystem (git-fixes).
- ftrace/x86: Add back ftrace_expected for ftrace bug reports (git-fixes).
- ftrace: Clean comments related to FTRACE_OPS_FL_PER_CPU (git-fixes).
- git_sort: add usb-linus branch for gregkh/usb
- gsmi: fix null-deref in gsmi_get_variable (git-fixes).
- hv_netvsc: Fix missed pagebuf entries in netvsc_dma_map/unmap()
(git-fixes).
- i2c: mv64xxx: Add atomic_xfer method to driver (git-fixes).
- i2c: mv64xxx: Remove shutdown method from driver (git-fixes).
- i40e: Disallow ip4 and ip6 l4_4_bytes (git-fixes).
- i40e: Fix error handling in i40e_init_module() (git-fixes).
- i40e: Fix not setting default xps_cpus after reset (git-fixes).
- igb: Allocate MSI-X vector when testing (git-fixes).
- iio: adc: berlin2-adc: Add missing of_node_put() in error path
(git-fixes).
- iio: adc: stm32-dfsdm: fill module aliases (git-fixes).
- iio: hid: fix the retval in accel_3d_capture_sample (git-fixes).
- iio: hid: fix the retval in gyro_3d_capture_sample (git-fixes).
- iio: imu: fxos8700: fix ACCEL measurement range selection (git-fixes).
- iio: imu: fxos8700: fix IMU data bits returned to user space (git-fixes).
- iio: imu: fxos8700: fix MAGN sensor scale and unit (git-fixes).
- iio: imu: fxos8700: fix failed initialization ODR mode assignment
(git-fixes).
- iio: imu: fxos8700: fix incomplete ACCEL and MAGN channels readback
(git-fixes).
- iio: imu: fxos8700: fix incorrect ODR mode readback (git-fixes).
- iio: imu: fxos8700: fix map label of channel type to MAGN sensor
(git-fixes).
- iio: imu: fxos8700: fix swapped ACCEL and MAGN channels readback
(git-fixes).
- iio: imu: fxos8700: remove definition FXOS8700_CTRL_ODR_MIN (git-fixes).
- iio:adc:twl6030: Enable measurement of VAC (git-fixes).
- iio:adc:twl6030: Enable measurements of VUSB, VBAT and others
(git-fixes).
- ipmi:ssif: Add 60ms time internal between write retries (bsc#1206459).
- ipmi:ssif: Increase the message retry time (bsc#1206459).
- ipv6: addrlabel: fix infoleak when sending struct ifaddrlblmsg to
network (git-fixes).
- ixgbevf: Fix resource leak in ixgbevf_init_module() (git-fixes).
- jbd2: use the correct print format (git-fixes).
- kABI workaround for struct acpi_ec (bsc#1207149).
- kABI: Preserve TRACE_EVENT_FL values (git-fixes).
- kabi/severities: add mlx5 internal symbols
- l2tp: Do not sleep and disable BH under writer-side sk_callback_lock
(git-fixes).
- loop: Fix the max_loop commandline argument treatment when it is set to
0 (git-fixes).
- md/raid5: Wait for MD_SB_CHANGE_PENDING in raid5d (git-fixes).
- md: Flush workqueue md_rdev_misc_wq in md_alloc() (git-fixes).
- md: Notify sysfs sync_completed in md_reap_sync_thread() (git-fixes).
- md: protect md_unregister_thread from reentrancy (git-fixes).
- mei: me: add meteor lake point M DID (git-fixes).
- memory: atmel-sdramc: Fix missing clk_disable_unprepare in
atmel_ramc_probe() (git-fixes).
- memory: mvebu-devbus: Fix missing clk_disable_unprepare in
mvebu_devbus_probe() (git-fixes).
- memory: tegra: Remove clients SID override programming (git-fixes).
- misc: fastrpc: Do not remove map on creater_process and device_release
(git-fixes).
- misc: fastrpc: Fix use-after-free race condition for maps (git-fixes).
- mm: /proc/pid/smaps_rollup: fix no vma's null-deref (bsc#1207769).
- mm: compaction: kABI: avoid pglist_data kABI breakage (bsc#1207010).
- mm: compaction: support triggering of proactive compaction by user
(bsc#1207010).
- mmc: sdhci-esdhc-imx: correct the tuning start tap and step setting
(git-fixes).
- mmc: sunxi-mmc: Fix clock refcount imbalance during unbind (git-fixes).
- module: Do not wait for GOING modules (bsc#1196058, bsc#1186449,
bsc#1204356, bsc#1204662).
- mt76: fix use-after-free by removing a non-RCU wcid pointer (git-fixes).
- mt76: mt7921: avoid unnecessary spin_lock/spin_unlock in
mt7921_mcu_tx_done_event (git-fixes).
- nbd: Fix hung on disconnect request if socket is closed before
(git-fixes).
- nbd: Fix hung when signal interrupts nbd_start_device_ioctl()
(git-fixes).
- nbd: call genl_unregister_family() first in nbd_cleanup() (git-fixes).
- nbd: fix io hung while disconnecting device (git-fixes).
- nbd: fix race between nbd_alloc_config() and module removal (git-fixes).
- net/mlx4: Check retval of mlx4_bitmap_init (git-fixes).
- net/mlx5: Dynamically resize flow counters query buffer (bsc#1195175).
- net/tg3: resolve deadlock in tg3_reset_task() during EEH (bsc#1207842).
- net: cxgb3_main: disable napi when bind qsets failed in cxgb_up()
(git-fixes).
- net: ena: Fix error handling in ena_init() (git-fixes).
- net: liquidio: release resources when liquidio driver open failed
(git-fixes).
- net: liquidio: simplify if expression (git-fixes).
- net: macvlan: Use built-in RCU list checking (git-fixes).
- net: macvlan: fix memory leaks of macvlan_common_newlink (git-fixes).
- net: mdio: validate parameter addr in mdiobus_get_phy() (git-fixes).
- net: nfc: Fix use-after-free in local_cleanup() (git-fixes).
- net: phy: dp83822: Fix null pointer access on DP83825/DP83826 devices
(git-fixes).
- net: phy: meson-gxl: Add generic dummy stubs for MMD register access
(git-fixes).
- net: tun: Fix memory leaks of napi_get_frags (git-fixes).
- net: tun: Fix use-after-free in tun_detach() (git-fixes).
- net: tun: call napi_schedule_prep() to ensure we own a napi (git-fixes).
- net: usb: cdc_ether: add support for Thales Cinterion PLS62-W modem
(git-fixes).
- net: usb: sr9700: Handle negative len (git-fixes).
- net: wan: Add checks for NULL for utdm in undo_uhdlc_init and
unmap_si_regs (git-fixes).
- netrom: Fix use-after-free caused by accept on already connected socket
(git-fixes).
- netrom: Fix use-after-free of a listening socket (git-fixes).
- nilfs2: fix general protection fault in nilfs_btree_insert() (git-fixes).
- null_blk: fix ida error handling in null_add_dev() (git-fixes).
- octeontx2-af: Fix reference count issue in rvu_sdp_init()
(jsc#SLE-24682).
- octeontx2-af: debugsfs: fix pci device refcount leak (git-fixes).
- octeontx2-pf: Add check for devm_kcalloc (git-fixes).
- octeontx2-pf: Fix potential memory leak in otx2_init_tc()
(jsc#SLE-24682).
- phy: Revert "phy: qualcomm: usb28nm: Add MDM9607 init sequence"
(git-fixes).
- phy: phy-can-transceiver: Skip warning if no "max-bitrate" (git-fixes).
- phy: rockchip-inno-usb2: Fix missing clk_disable_unprepare() in
rockchip_usb2phy_power_on() (git-fixes).
- phy: ti: fix Kconfig warning and operator precedence (git-fixes).
- pinctrl: amd: Add dynamic debugging for active GPIOs (git-fixes).
- pinctrl: rockchip: fix mux route data for rk3568 (git-fixes).
- platform/surface: aggregator: Add missing call to
ssam_request_sync_free() (git-fixes).
- platform/surface: aggregator: Ignore command messages not intended for
us (git-fixes).
- platform/x86: asus-nb-wmi: Add alternate mapping for KEY_SCREENLOCK
(git-fixes).
- platform/x86: dell-privacy: Fix SW_CAMERA_LENS_COVER reporting
(git-fixes).
- platform/x86: dell-privacy: Only register SW_CAMERA_LENS_COVER if
present (git-fixes).
- platform/x86: sony-laptop: Do not turn off 0x153 keyboard backlight
during probe (git-fixes).
- platform/x86: touchscreen_dmi: Add info for the CSL Panther Tab HD
(git-fixes).
- powerpc/64s/radix: Fix RWX mapping with relocated kernel (bsc#1194869).
- powerpc/64s/radix: Fix crash with unaligned relocated kernel
(bsc#1194869).
- powerpc/64s: Fix local irq disable when PMIs are disabled (bsc#1195655
ltc#1195655 git-fixes).
- powerpc/kexec_file: Count hot-pluggable memory in FDT estimate
(bsc#1194869).
- powerpc/kexec_file: Fix division by zero in extra size estimation
(bsc#1194869).
- powerpc/vmlinux.lds: Add an explicit symbol for the SRWX boundary
(bsc#1194869).
- powerpc/vmlinux.lds: Ensure STRICT_ALIGN_SIZE is at least page aligned
(bsc#1194869).
- powerpc: move __end_rodata to cover arch read-only sections
(bsc#1194869).
- qlcnic: fix sleep-in-atomic-context bugs caused by msleep (git-fixes).
- r8152: add vendor/device ID pair for Microsoft Devkit (git-fixes).
- r8169: move rtl_wol_enable_rx() and rtl_prepare_power_down() (git-fixes).
- regulator: da9211: Use irq handler when ready (git-fixes).
- s390/qeth: fix various format strings (git-fixes).
- sched/core: Fix arch_scale_freq_tick() on tickless systems (git-fixes)
- sched/core: Introduce sched_asym_cpucap_active() (git-fixes)
- sched/cpuset: Fix dl_cpu_busy() panic due to empty (git-fixes)
- sched/deadline: Merge dl_task_can_attach() and dl_cpu_busy() (git-fixes)
- sched/tracing: Report TASK_RTLOCK_WAIT tasks as (git-fixes)
- sched/uclamp: Make asym_fits_capacity() use util_fits_cpu() (git-fixes)
- sched: Avoid double preemption in __cond_resched_*lock*() (git-fixes)
- scsi: Revert "scsi: core: map PQ=1, PDT=other values to
SCSI_SCAN_TARGET_PRESENT" (git-fixes).
- scsi: core: Fix a race between scsi_done() and scsi_timeout()
(git-fixes).
- scsi: efct: Fix possible memleak in efct_device_init() (git-fixes).
- scsi: elx: libefc: Fix second parameter type in state callbacks
(git-fixes).
- scsi: fcoe: Fix possible name leak when device_register() fails
(git-fixes).
- scsi: fcoe: Fix transport not deattached when fcoe_if_init() fails
(git-fixes).
- scsi: hpsa: Fix allocation size for scsi_host_alloc() (git-fixes).
- scsi: hpsa: Fix error handling in hpsa_add_sas_host() (git-fixes).
- scsi: hpsa: Fix possible memory leak in hpsa_add_sas_device()
(git-fixes).
- scsi: hpsa: Fix possible memory leak in hpsa_init_one() (git-fixes).
- scsi: ipr: Fix WARNING in ipr_init() (git-fixes).
- scsi: mpi3mr: Refer CONFIG_SCSI_MPI3MR in Makefile (git-fixes).
- scsi: mpt3sas: Fix possible resource leaks in
mpt3sas_transport_port_add() (git-fixes).
- scsi: mpt3sas: Remove scsi_dma_map() error messages (git-fixes).
- scsi: scsi_debug: Fix a warning in resp_report_zones() (git-fixes).
- scsi: scsi_debug: Fix a warning in resp_verify() (git-fixes).
- scsi: scsi_debug: Fix a warning in resp_write_scat() (git-fixes).
- scsi: scsi_debug: Fix possible name leak in sdebug_add_host_helper()
(git-fixes).
- scsi: snic: Fix possible UAF in snic_tgt_create() (git-fixes).
- scsi: storvsc: Correct reporting of Hyper-V I/O size limits (git-fixes).
- scsi: storvsc: Fix swiotlb bounce buffer leak in confidential VM
(bsc#1206006).
- scsi: tracing: Fix compile error in trace_array calls when TRACING is
disabled (git-fixes).
- scsi: ufs: Stop using the clock scaling lock in the error handler
(git-fixes).
- scsi: ufs: core: Enable link lost interrupt (git-fixes).
- sctp: fail if no bound addresses can be used for a given scope
(bsc#1206677).
- selftests/vm: remove ARRAY_SIZE define from individual tests (git-fixes).
- selftests: Provide local define of __cpuid_count() (git-fixes).
- serial: 8250_dma: Fix DMA Rx rearm race (git-fixes).
- serial: atmel: fix incorrect baudrate setup (git-fixes).
- serial: pch_uart: Pass correct sg to dma_unmap_sg() (git-fixes).
- sfc: fix potential memleak in __ef100_hard_start_xmit() (git-fixes).
- soc: imx8m: Fix incorrect check for of_clk_get_by_name() (git-fixes).
- spi: spidev: remove debug messages that access spidev->spi without
locking (git-fixes).
- staging: mt7621-dts: change some node hex addresses to lower case
(git-fixes).
- staging: vchiq_arm: fix enum vchiq_status return types (git-fixes).
- swim3: add missing major.h include (git-fixes).
- tcp: prohibit TCP_REPAIR_OPTIONS if data was already sent (git-fixes).
- thermal/core: Remove duplicate information when an error occurs
(git-fixes).
- thunderbolt: Do not call PM runtime functions in tb_retimer_scan()
(git-fixes).
- thunderbolt: Do not report errors if on-board retimers are found
(git-fixes).
- thunderbolt: Use correct function to calculate maximum USB3 link rate
(git-fixes).
- tick/nohz: Use WARN_ON_ONCE() to prevent console saturation.
- tick/sched: Fix non-kernel-doc comment (git-fixes).
- tomoyo: fix broken dependency on *.conf.default (git-fixes).
- tools: fix ARRAY_SIZE defines in tools and selftests hdrs (git-fixes).
- tracing/hist: Fix issue of losting command info in error_log (git-fixes).
- tracing/hist: Fix out-of-bound write on 'action_data.var_ref_idx'
(git-fixes).
- tracing/hist: Fix wrong return value in parse_action_params()
(git-fixes).
- tracing/osnoise: Make osnoise_main to sleep for microseconds (git-fixes).
- tracing/perf: Avoid -Warray-bounds warning for __rel_loc macro
(git-fixes).
- tracing/probes: Handle system names with hyphens (git-fixes).
- tracing: Add '__rel_loc' using trace event macros (git-fixes).
- tracing: Add DYNAMIC flag for dynamic events (git-fixes).
- tracing: Add trace_event helper macros __string_len() and
__assign_str_len() (git-fixes).
- tracing: Avoid -Warray-bounds warning for __rel_loc macro (git-fixes).
- tracing: Do not use out-of-sync va_list in event printing (git-fixes).
- tracing: Ensure trace buffer is at least 4096 bytes large (git-fixes).
- tracing: Fix a kmemleak false positive in tracing_map (git-fixes).
- tracing: Fix complicated dependency of CONFIG_TRACER_MAX_TRACE
(git-fixes).
- tracing: Fix infinite loop in tracing_read_pipe on overflowed
print_trace_line (git-fixes).
- tracing: Fix issue of missing one synthetic field (git-fixes).
- tracing: Fix mismatched comment in __string_len (git-fixes).
- tracing: Fix possible memory leak in __create_synth_event() error path
(git-fixes).
- tracing: Fix race where histograms can be called before the event
(git-fixes).
- tracing: Fix sleeping function called from invalid context on RT kernel
(git-fixes).
- tracing: Fix tp_printk option related with tp_printk_stop_on_boot
(git-fixes).
- tracing: Fix warning on variable 'struct trace_array' (git-fixes).
- tracing: Have TRACE_DEFINE_ENUM affect trace event types as well
(git-fixes).
- tracing: Have syscall trace events use trace_event_buffer_lock_reserve()
(git-fixes).
- tracing: Have type enum modifications copy the strings (git-fixes).
- tracing: Make tp_printk work on syscall tracepoints (git-fixes).
- tracing: Use alignof__(struct {type b;}) instead of offsetof()
(git-fixes).
- tracing: incorrect isolate_mote_t cast in mm_vmscan_lru_isolate
(git-fixes).
- tty: fix possible null-ptr-defer in spk_ttyio_release (git-fixes).
- tty: serial: qcom-geni-serial: fix slab-out-of-bounds on RX FIFO buffer
(git-fixes).
- usb-storage: apply IGNORE_UAS only for HIKSEMI MD202 on RTL9210
(git-fixes).
- usb: acpi: add helper to check port lpm capability using acpi _DSM
(git-fixes).
- usb: cdns3: remove fetched trb from cache before dequeuing (git-fixes).
- usb: core: hub: disable autosuspend for TI TUSB8041 (git-fixes).
- usb: dwc3: qcom: enable vbus override when in OTG dr-mode (git-fixes).
- usb: fotg210-udc: Fix ages old endianness issues (git-fixes).
- usb: gadget: f_fs: Ensure ep0req is dequeued before free_request
(git-fixes).
- usb: gadget: f_fs: Fix unbalanced spinlock in __ffs_ep0_queue_wait
(git-fixes).
- usb: gadget: f_fs: Prevent race during ffs_ep0_queue_wait (git-fixes).
- usb: gadget: f_ncm: fix potential NULL ptr deref in ncm_bitrate()
(git-fixes).
- usb: gadget: f_uac2: Fix incorrect increment of bNumEndpoints
(git-fixes).
- usb: gadget: g_webcam: Send color matching descriptor per frame
(git-fixes).
- usb: gadget: udc: core: Print error code in usb_gadget_probe_driver()
(git-fixes).
- usb: gadget: udc: core: Revise comments for USB ep enable/disable
(git-fixes).
- usb: gadget: udc: core: Use pr_fmt() to prefix messages (git-fixes).
- usb: gadget: udc: core: remove usage of list iterator past the loop body
(git-fixes).
- usb: host: ehci-fsl: Fix module alias (git-fixes).
- usb: typec: altmodes/displayport: Add pin assignment helper (git-fixes).
- usb: typec: altmodes/displayport: Fix pin assignment calculation
(git-fixes).
- usb: typec: tcpm: Fix altmode re-registration causes sysfs create fail
(git-fixes).
- usb: xhci: Check endpoint is valid before dereferencing it (git-fixes).
- vc_screen: move load of struct vc_data pointer in vcs_read() to avoid
UAF (git-fixes).
- vfs: make sync_filesystem return errors from ->sync_fs (git-fixes).
- virtio-blk: modify the value type of num in virtio_queue_rq()
(git-fixes).
- virtio-net: correctly enable callback during start_xmit (git-fixes).
- virtio_pci: modify ENOENT to EINVAL (git-fixes).
- w1: fix WARNING after calling w1_process() (git-fixes).
- w1: fix deadloop in __w1_remove_master_device() (git-fixes).
- wait: Fix __wait_event_hrtimeout for RT/DL tasks (git-fixes)
- watchdog: diag288_wdt: do not use stack buffers for hardware data
(bsc#1207497).
- watchdog: diag288_wdt: fix __diag288() inline assembly (bsc#1207497).
- wifi: brcmfmac: fix regression for Broadcom PCIe wifi devices
(git-fixes).
- wifi: mac80211: sdata can be NULL during AMPDU start (git-fixes).
- wifi: mt76: mt7921: add mt7921_mutex_acquire at
mt7921_sta_set_decap_offload (git-fixes).
- wifi: mt76: mt7921e: fix race issue between reset and suspend/resume
(git-fixes).
- wifi: mt76: sdio: fix the deadlock caused by sdio->stat_work (git-fixes).
- wifi: mt76: sdio: poll sta stat when device transmits data (git-fixes).
- wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid (git-fixes).
- x86/hyperv: Remove unregister syscore call from Hyper-V cleanup
(git-fixes).
- x86/hyperv: Restore VP assist page after cpu offlining/onlining
(git-fixes).
- xfs: Fix unreferenced object reported by kmemleak in xfs_sysfs_init()
(git-fixes).
- xfs: fix incorrect error-out in xfs_remove (git-fixes).
- xfs: fix incorrect i_nlink caused by inode racing (git-fixes).
- xfs: fix maxlevels comparisons in the btree staging code (git-fixes).
- xfs: fix memory leak in xfs_errortag_init (git-fixes).
- xfs: get rid of assert from xfs_btree_islastblock (git-fixes).
- xfs: get root inode correctly at bulkstat (git-fixes).
- xfs: initialize the check_owner object fully (git-fixes).
- xfs: prevent a WARN_ONCE() in xfs_ioc_attr_list() (git-fixes).
- xfs: reject crazy array sizes being fed to XFS_IOC_GETBMAP* (git-fixes).
- xfs: return errors in xfs_fs_sync_fs (git-fixes).
- xfs: xfstest fails with error missing kernel patch (git-fixes
bsc#1207501 ltc#201370).
- xhci-pci: set the dma max_seg_size (git-fixes).
- xhci: Fix null pointer dereference when host dies (git-fixes).
- zram: Delete patch for regression addressed (bsc#1207933).
- zram: do not lookup algorithm in backends table (git-fixes).
Special Instructions and Notes:
Please reboot the system after installing this update.
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2023-394=1
- SUSE Linux Enterprise Module for Public Cloud 15-SP4:
zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2023-394=1
Package List:
- openSUSE Leap 15.4 (aarch64 x86_64):
cluster-md-kmp-azure-5.14.21-150400.14.34.1
cluster-md-kmp-azure-debuginfo-5.14.21-150400.14.34.1
dlm-kmp-azure-5.14.21-150400.14.34.1
dlm-kmp-azure-debuginfo-5.14.21-150400.14.34.1
gfs2-kmp-azure-5.14.21-150400.14.34.1
gfs2-kmp-azure-debuginfo-5.14.21-150400.14.34.1
kernel-azure-5.14.21-150400.14.34.1
kernel-azure-debuginfo-5.14.21-150400.14.34.1
kernel-azure-debugsource-5.14.21-150400.14.34.1
kernel-azure-devel-5.14.21-150400.14.34.1
kernel-azure-devel-debuginfo-5.14.21-150400.14.34.1
kernel-azure-extra-5.14.21-150400.14.34.1
kernel-azure-extra-debuginfo-5.14.21-150400.14.34.1
kernel-azure-livepatch-devel-5.14.21-150400.14.34.1
kernel-azure-optional-5.14.21-150400.14.34.1
kernel-azure-optional-debuginfo-5.14.21-150400.14.34.1
kernel-syms-azure-5.14.21-150400.14.34.1
kselftests-kmp-azure-5.14.21-150400.14.34.1
kselftests-kmp-azure-debuginfo-5.14.21-150400.14.34.1
ocfs2-kmp-azure-5.14.21-150400.14.34.1
ocfs2-kmp-azure-debuginfo-5.14.21-150400.14.34.1
reiserfs-kmp-azure-5.14.21-150400.14.34.1
reiserfs-kmp-azure-debuginfo-5.14.21-150400.14.34.1
- openSUSE Leap 15.4 (noarch):
kernel-devel-azure-5.14.21-150400.14.34.1
kernel-source-azure-5.14.21-150400.14.34.1
- SUSE Linux Enterprise Module for Public Cloud 15-SP4 (aarch64 x86_64):
kernel-azure-5.14.21-150400.14.34.1
kernel-azure-debuginfo-5.14.21-150400.14.34.1
kernel-azure-debugsource-5.14.21-150400.14.34.1
kernel-azure-devel-5.14.21-150400.14.34.1
kernel-azure-devel-debuginfo-5.14.21-150400.14.34.1
kernel-syms-azure-5.14.21-150400.14.34.1
- SUSE Linux Enterprise Module for Public Cloud 15-SP4 (noarch):
kernel-devel-azure-5.14.21-150400.14.34.1
kernel-source-azure-5.14.21-150400.14.34.1
References:
https://www.suse.com/security/cve/CVE-2020-24588.html
https://www.suse.com/security/cve/CVE-2022-4382.html
https://www.suse.com/security/cve/CVE-2022-47929.html
https://www.suse.com/security/cve/CVE-2023-0179.html
https://www.suse.com/security/cve/CVE-2023-0266.html
https://bugzilla.suse.com/1185861
https://bugzilla.suse.com/1185863
https://bugzilla.suse.com/1186449
https://bugzilla.suse.com/1191256
https://bugzilla.suse.com/1192868
https://bugzilla.suse.com/1193629
https://bugzilla.suse.com/1194869
https://bugzilla.suse.com/1195175
https://bugzilla.suse.com/1195655
https://bugzilla.suse.com/1196058
https://bugzilla.suse.com/1199701
https://bugzilla.suse.com/1204063
https://bugzilla.suse.com/1204356
https://bugzilla.suse.com/1204662
https://bugzilla.suse.com/1205495
https://bugzilla.suse.com/1206006
https://bugzilla.suse.com/1206036
https://bugzilla.suse.com/1206056
https://bugzilla.suse.com/1206057
https://bugzilla.suse.com/1206258
https://bugzilla.suse.com/1206363
https://bugzilla.suse.com/1206459
https://bugzilla.suse.com/1206616
https://bugzilla.suse.com/1206677
https://bugzilla.suse.com/1206784
https://bugzilla.suse.com/1207010
https://bugzilla.suse.com/1207034
https://bugzilla.suse.com/1207134
https://bugzilla.suse.com/1207149
https://bugzilla.suse.com/1207158
https://bugzilla.suse.com/1207184
https://bugzilla.suse.com/1207186
https://bugzilla.suse.com/1207190
https://bugzilla.suse.com/1207237
https://bugzilla.suse.com/1207263
https://bugzilla.suse.com/1207269
https://bugzilla.suse.com/1207497
https://bugzilla.suse.com/1207500
https://bugzilla.suse.com/1207501
https://bugzilla.suse.com/1207506
https://bugzilla.suse.com/1207507
https://bugzilla.suse.com/1207734
https://bugzilla.suse.com/1207769
https://bugzilla.suse.com/1207842
https://bugzilla.suse.com/1207878
https://bugzilla.suse.com/1207933
1
0
openSUSE-SU-2023:0044-1: important: Security update for opera
by opensuse-security@opensuse.org 12 Feb '23
by opensuse-security@opensuse.org 12 Feb '23
12 Feb '23
openSUSE Security Update: Security update for opera
______________________________________________________________________________
Announcement ID: openSUSE-SU-2023:0044-1
Rating: important
References:
Cross-References: CVE-2023-0471 CVE-2023-0472 CVE-2023-0473
CVE-2023-0474
CVSS scores:
CVE-2023-0471 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2023-0472 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2023-0473 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2023-0474 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected Products:
openSUSE Leap 15.4:NonFree
______________________________________________________________________________
An update that fixes four vulnerabilities is now available.
Description:
This update for opera fixes the following issues:
Update to 95.0.4635.25
* CHR-9173 Update Chromium on desktop-stable-109-4635 to 109.0.5414.120
* DNA-104150 Turn on #consent-flow-settings on master
* DNA-104733 Crash at extensions::SyncPrivateGetSyncStateFunction::Run()
* DNA-104761 Translations for O95
* DNA-104814 [StartPage] Inline autocomplete messes up selection
* DNA-104887 Promote O95 to stable
* DNA-104908 Enable #consent-flow-settings on all streams
- Complete Opera 95.0 changelog at:
https://blogs.opera.com/desktop/changelog-for-95/
- The update to chromium 109.0.5414.120 fixes following issues:
CVE-2023-0471, CVE-2023-0472, CVE-2023-0473, CVE-2023-0474
- Update to 94.0.4606.76
* DNA-104276 News categories layers messed up in other languages
- Update to 94.0.4606.65
* DNA-102726 [SD][Folder] When trying to drop SD from folder back to
folder, new folder is created
* DNA-102730 [SD][Add to Opera] Remove strip at the top of modal and
move 'x' button to be in line with ���Add to Opera' text
* DNA-102732 [SD][Folders] Add option to merge folders by drag and drop
* DNA-102747 [SD][Folders] Empty SD folder is not visible
* DNA-102763 [SD] Animate changing between Use bigger tiles
on and off
* DNA-102847 [SD][Folders] SD displayed on folder tile should be aligned
to left
* DNA-102855 [SD] Add SD by drag and dropping link
* DNA-102882 [SD][News][Continue on][Suggestion] Do not focus on
opened page when opening in new tab
* DNA-102936 [News Categories] Categories become invisible after
minimizing browser window
* DNA-102988 [News categories] Only games category displayed after
changing browser language
* DNA-103000 [News Categories] Selected categories not saved after
restarting browser
* DNA-103001 [News Categories] 'x' button invisible in 'Choose language
and country' on light theme
* DNA-103002 [News Categories] Changes in 'Choose language and country'
modal not saved on esc or clicking outside of modal
* DNA-103015 [News locales] Pref startpage.news_locales udated
only when close/done the moda, initial value not set
* DNA-103097 [Settings] Enable 'Adjust Speed Dial animations for slower
hardware' settings option to have effect
* DNA-103098 [SD] No big icon for decathlon.pl
* DNA-103110 Strange animation when dragging tiles
* DNA-103112 [Continue on] Offers opened on current tab
* DNA-103116 [Continue on] Not possible to drag tiles from continue
on section
* DNA-103131 [Feedback] Implement 'Rate Opera' element and modal
* DNA-103193 [SD][Edit] Set OK button to read only when typed in address
is invalid
* DNA-103293 [SD][Add to Opera] '/' added in autocomplete for URL
* DNA-103360 [SD][Add to Opera] Tile graphic does not update
automatically when adding suggestion through Add to Opera modal
* DNA-103393 [Continue on] Start page needs to be reloaded in
order to show "Continue on" section
* DNA-103545 [Banner] Wide banner have no background
* DNA-103550 [Banners] Black Friday deals promoted on Start Page with
related settings off
* DNA-103569 No margin under suggested speed dials
* DNA-103578 [SD] Impressions should be reported every time user comes
back to start page tab
* DNA-103593 [Navigation] Change which elements on start page are
possible to navigate through with keyboard shortcuts
* DNA-103595 [Navigation] Show which element is focused when navigating
with keyboard shortcuts
* DNA-103605 Dark stripe blinks in Speed Dial Search box when changing
color mode
* DNA-103618 [SD][Folder] Not possible to drag SD into empty folder
* DNA-103619 [SD][Suggestions] Blue border on tile when it is being
dragged
* DNA-103678 Font modification from themes not applied
* DNA-103723 [SD][Folders][Edit] Confirm change to SD folder name with
Enter key
* DNA-103738 Disable Updater diagnostic metrics that surpass session
lifetime and verify if it solves DNA-102940
* DNA-103739 Try to record metrics disabled in DNA-103738 in histograms.
* DNA-103759 [SD][Add to Opera] Wrong position of Add to Opera button
* DNA-103781 [News Categories] Choose language and country shows
options in 2 columns instead of adapting to wider window
* DNA-103787 [Continue on] No margin between search box and continue on
section
* DNA-103908 [Search box] Blurred text in search box suggestions in dark
theme
* DNA-103909 [SD] Not possible to drop SD in empty place when hovering
over edge of other tile
* DNA-103911 [SD][Add to Opera] Modal dialog stays open after adding
suggestion to SD
* DNA-103915 [SD][Folders] Difficult to drop SD from start page between
SD in folder
* DNA-103932 [SD][Add to Opera] Remove https://www and / from tile title
when adding SD
* DNA-103933 [SD][Add to Opera] Do not return focus to the end
of the URL after pressing backspace when editing it
* DNA-104005 Change activation pop-up
* DNA-104035 [SD] Browser crashes when dragging tiles with fresh profile
* DNA-104040 Can not drag tile to open folder
* DNA-104049 Can not drag suggestion when only [+] tile and no speed
dials
* DNA-104053 Right mouse click open speed dial instead of context menu
* DNA-104055 News article opens in active tab
* DNA-104080 Tab not activated after opening speed dial folder in new
tabs
* DNA-104088 Create new welcome pop-up for Rich Hints
* DNA-104139 [Weather] Long time to load Weather widget after browser
was running for some time
* DNA-104141 [News] Improve news loading UX
* DNA-104167 Add feature flag #speed-dial-custom-image
* DNA-104168 Allow setting custom image for Speed Dial
* DNA-104196 [News Categories] News categories do not work
* DNA-104201 Set back Baidu as default search engine in China
* DNA-104218 [Search box] Search engine icon does not change
* DNA-104251 Add option to reset to default icon
* DNA-104256 [Suggestions][ContinueOn][AMG] Scroll button does not
update its visibility when resizing window
* DNA-104313 Search bar on Speed Dials doesn't fit it size
* DNA-104382 Shopping corner is unredible in light theme and dark
wallpaper
- Changes in 94.0.4606.54
* CHR-1854 Run gn hooks in gyp_chromium
* DNA-102035 [Settings] Shortcut search does not work
* DNA-103451 Add impression and click events for VPN keyword suggestion
* DNA-103643 Prepare for showing Lucid Mode button without text
* DNA-103675 URL shown for promoted VPN suggestion
* DNA-104201 Set back Baidu as default search engine in China
* DNA-104234 Opera update resets all consents to False value
* DNA-104278 Don���t show Lucid Mode button on videos when hardware
acceleration is off
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:NonFree:
zypper in -t patch openSUSE-2023-44=1
Package List:
- openSUSE Leap 15.4:NonFree (x86_64):
opera-95.0.4635.25-lp154.2.38.1
References:
https://www.suse.com/security/cve/CVE-2023-0471.html
https://www.suse.com/security/cve/CVE-2023-0472.html
https://www.suse.com/security/cve/CVE-2023-0473.html
https://www.suse.com/security/cve/CVE-2023-0474.html
1
0
SUSE-SU-2023:0375-1: moderate: Security update for java-1_8_0-ibm
by opensuse-security@opensuse.org 10 Feb '23
by opensuse-security@opensuse.org 10 Feb '23
10 Feb '23
SUSE Security Update: Security update for java-1_8_0-ibm
______________________________________________________________________________
Announcement ID: SUSE-SU-2023:0375-1
Rating: moderate
References: #1204703 #1205302
Cross-References: CVE-2022-3676
CVSS scores:
CVE-2022-3676 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
CVE-2022-3676 (SUSE): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Affected Products:
SUSE CaaS Platform 4.0
SUSE Enterprise Storage 6
SUSE Enterprise Storage 7
SUSE Enterprise Storage 7.1
SUSE Linux Enterprise High Performance Computing
SUSE Linux Enterprise High Performance Computing 15-SP3-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP3-LTSS
SUSE Linux Enterprise Module for Legacy Software 15-SP4
SUSE Linux Enterprise Server
SUSE Linux Enterprise Server 15-SP1-LTSS
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server 15-SP3-LTSS
SUSE Linux Enterprise Server for SAP 15-SP1
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP 15-SP3
SUSE Linux Enterprise Server for SAP Applications
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that solves one vulnerability and has one errata
is now available.
Description:
This update for java-1_8_0-ibm fixes the following issues:
IBM Security Update November 2022: (bsc#1205302, bsc#1204703)
- CVE-2022-3676: A security vulnerability was fixed in version 8.0.7.20,
adding the reference here.
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2023-375=1
- SUSE Linux Enterprise Server for SAP 15-SP3:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2023-375=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2023-375=1
- SUSE Linux Enterprise Server for SAP 15-SP1:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2023-375=1
- SUSE Linux Enterprise Server 15-SP3-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2023-375=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2023-375=1
- SUSE Linux Enterprise Server 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2023-375=1
- SUSE Linux Enterprise Module for Legacy Software 15-SP4:
zypper in -t patch SUSE-SLE-Module-Legacy-15-SP4-2023-375=1
- SUSE Linux Enterprise High Performance Computing 15-SP3-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2023-375=1
- SUSE Linux Enterprise High Performance Computing 15-SP3-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-ESPOS-2023-375=1
- SUSE Enterprise Storage 7.1:
zypper in -t patch SUSE-Storage-7.1-2023-375=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2023-375=1
- SUSE Enterprise Storage 6:
zypper in -t patch SUSE-Storage-6-2023-375=1
- SUSE CaaS Platform 4.0:
To install this update, use the SUSE CaaS Platform 'skuba' tool. It
will inform you if it detects new updates and let you then trigger
updating of the complete cluster in a controlled way.
Package List:
- openSUSE Leap 15.4 (ppc64le s390x x86_64):
java-1_8_0-ibm-1.8.0_sr7.20-150000.3.68.1
java-1_8_0-ibm-demo-1.8.0_sr7.20-150000.3.68.1
java-1_8_0-ibm-devel-1.8.0_sr7.20-150000.3.68.1
java-1_8_0-ibm-src-1.8.0_sr7.20-150000.3.68.1
- openSUSE Leap 15.4 (x86_64):
java-1_8_0-ibm-32bit-1.8.0_sr7.20-150000.3.68.1
java-1_8_0-ibm-alsa-1.8.0_sr7.20-150000.3.68.1
java-1_8_0-ibm-devel-32bit-1.8.0_sr7.20-150000.3.68.1
java-1_8_0-ibm-plugin-1.8.0_sr7.20-150000.3.68.1
- SUSE Linux Enterprise Server for SAP 15-SP3 (ppc64le x86_64):
java-1_8_0-ibm-1.8.0_sr7.20-150000.3.68.1
java-1_8_0-ibm-devel-1.8.0_sr7.20-150000.3.68.1
- SUSE Linux Enterprise Server for SAP 15-SP3 (x86_64):
java-1_8_0-ibm-alsa-1.8.0_sr7.20-150000.3.68.1
java-1_8_0-ibm-plugin-1.8.0_sr7.20-150000.3.68.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64):
java-1_8_0-ibm-1.8.0_sr7.20-150000.3.68.1
java-1_8_0-ibm-devel-1.8.0_sr7.20-150000.3.68.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (x86_64):
java-1_8_0-ibm-alsa-1.8.0_sr7.20-150000.3.68.1
java-1_8_0-ibm-plugin-1.8.0_sr7.20-150000.3.68.1
- SUSE Linux Enterprise Server for SAP 15-SP1 (ppc64le x86_64):
java-1_8_0-ibm-1.8.0_sr7.20-150000.3.68.1
java-1_8_0-ibm-devel-1.8.0_sr7.20-150000.3.68.1
- SUSE Linux Enterprise Server for SAP 15-SP1 (x86_64):
java-1_8_0-ibm-alsa-1.8.0_sr7.20-150000.3.68.1
java-1_8_0-ibm-plugin-1.8.0_sr7.20-150000.3.68.1
- SUSE Linux Enterprise Server 15-SP3-LTSS (ppc64le s390x x86_64):
java-1_8_0-ibm-1.8.0_sr7.20-150000.3.68.1
java-1_8_0-ibm-devel-1.8.0_sr7.20-150000.3.68.1
- SUSE Linux Enterprise Server 15-SP3-LTSS (x86_64):
java-1_8_0-ibm-alsa-1.8.0_sr7.20-150000.3.68.1
java-1_8_0-ibm-plugin-1.8.0_sr7.20-150000.3.68.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (ppc64le s390x x86_64):
java-1_8_0-ibm-1.8.0_sr7.20-150000.3.68.1
java-1_8_0-ibm-devel-1.8.0_sr7.20-150000.3.68.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (x86_64):
java-1_8_0-ibm-alsa-1.8.0_sr7.20-150000.3.68.1
java-1_8_0-ibm-plugin-1.8.0_sr7.20-150000.3.68.1
- SUSE Linux Enterprise Server 15-SP1-LTSS (ppc64le s390x x86_64):
java-1_8_0-ibm-1.8.0_sr7.20-150000.3.68.1
java-1_8_0-ibm-devel-1.8.0_sr7.20-150000.3.68.1
- SUSE Linux Enterprise Server 15-SP1-LTSS (x86_64):
java-1_8_0-ibm-alsa-1.8.0_sr7.20-150000.3.68.1
java-1_8_0-ibm-plugin-1.8.0_sr7.20-150000.3.68.1
- SUSE Linux Enterprise Module for Legacy Software 15-SP4 (ppc64le s390x x86_64):
java-1_8_0-ibm-1.8.0_sr7.20-150000.3.68.1
java-1_8_0-ibm-devel-1.8.0_sr7.20-150000.3.68.1
- SUSE Linux Enterprise Module for Legacy Software 15-SP4 (x86_64):
java-1_8_0-ibm-alsa-1.8.0_sr7.20-150000.3.68.1
java-1_8_0-ibm-plugin-1.8.0_sr7.20-150000.3.68.1
- SUSE Linux Enterprise High Performance Computing 15-SP3-LTSS (x86_64):
java-1_8_0-ibm-1.8.0_sr7.20-150000.3.68.1
java-1_8_0-ibm-alsa-1.8.0_sr7.20-150000.3.68.1
java-1_8_0-ibm-devel-1.8.0_sr7.20-150000.3.68.1
java-1_8_0-ibm-plugin-1.8.0_sr7.20-150000.3.68.1
- SUSE Linux Enterprise High Performance Computing 15-SP3-ESPOS (x86_64):
java-1_8_0-ibm-1.8.0_sr7.20-150000.3.68.1
java-1_8_0-ibm-alsa-1.8.0_sr7.20-150000.3.68.1
java-1_8_0-ibm-devel-1.8.0_sr7.20-150000.3.68.1
java-1_8_0-ibm-plugin-1.8.0_sr7.20-150000.3.68.1
- SUSE Enterprise Storage 7.1 (x86_64):
java-1_8_0-ibm-1.8.0_sr7.20-150000.3.68.1
java-1_8_0-ibm-alsa-1.8.0_sr7.20-150000.3.68.1
java-1_8_0-ibm-devel-1.8.0_sr7.20-150000.3.68.1
java-1_8_0-ibm-plugin-1.8.0_sr7.20-150000.3.68.1
- SUSE Enterprise Storage 7 (x86_64):
java-1_8_0-ibm-1.8.0_sr7.20-150000.3.68.1
java-1_8_0-ibm-alsa-1.8.0_sr7.20-150000.3.68.1
java-1_8_0-ibm-devel-1.8.0_sr7.20-150000.3.68.1
java-1_8_0-ibm-plugin-1.8.0_sr7.20-150000.3.68.1
- SUSE Enterprise Storage 6 (x86_64):
java-1_8_0-ibm-1.8.0_sr7.20-150000.3.68.1
java-1_8_0-ibm-alsa-1.8.0_sr7.20-150000.3.68.1
java-1_8_0-ibm-devel-1.8.0_sr7.20-150000.3.68.1
java-1_8_0-ibm-plugin-1.8.0_sr7.20-150000.3.68.1
- SUSE CaaS Platform 4.0 (x86_64):
java-1_8_0-ibm-1.8.0_sr7.20-150000.3.68.1
java-1_8_0-ibm-alsa-1.8.0_sr7.20-150000.3.68.1
java-1_8_0-ibm-devel-1.8.0_sr7.20-150000.3.68.1
java-1_8_0-ibm-plugin-1.8.0_sr7.20-150000.3.68.1
References:
https://www.suse.com/security/cve/CVE-2022-3676.html
https://bugzilla.suse.com/1204703
https://bugzilla.suse.com/1205302
1
0
SUSE-SU-2023:0362-1: moderate: Security update for grafana
by opensuse-security@opensuse.org 10 Feb '23
by opensuse-security@opensuse.org 10 Feb '23
10 Feb '23
SUSE Security Update: Security update for grafana
______________________________________________________________________________
Announcement ID: SUSE-SU-2023:0362-1
Rating: moderate
References: #1204302 #1204303 #1204304 #1204305 #1205225
#1205227
Cross-References: CVE-2022-31123 CVE-2022-31130 CVE-2022-39201
CVE-2022-39229 CVE-2022-39306 CVE-2022-39307
CVSS scores:
CVE-2022-31123 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-31123 (SUSE): 4 CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:L
CVE-2022-31130 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CVE-2022-31130 (SUSE): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
CVE-2022-39201 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CVE-2022-39201 (SUSE): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
CVE-2022-39229 (NVD) : 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
CVE-2022-39229 (SUSE): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
CVE-2022-39306 (NVD) : 8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
CVE-2022-39306 (SUSE): 6.4 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N
CVE-2022-39307 (NVD) : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
CVE-2022-39307 (SUSE): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Affected Products:
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes 6 vulnerabilities is now available.
Description:
This update for grafana fixes the following issues:
- Version update from 8.5.13 to 8.5.15 (jsc#PED-2617):
* CVE-2022-39306: Security fix for privilege escalation (bsc#1205225)
* CVE-2022-39307: Omit error from http response when user does not
exists (bsc#1205227)
* CVE-2022-39201: Do not forward login cookie in outgoing requests
(bsc#1204303)
* CVE-2022-31130: Make proxy endpoints not leak sensitive HTTP headers
(bsc#1204305)
* CVE-2022-31123: Fix plugin signature bypass (bsc#1204302)
* CVE-2022-39229: Fix blocking other users from signing in (bsc#1204304)
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2023-362=1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4:
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP4-2023-362=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
grafana-8.5.15-150200.3.32.1
grafana-debuginfo-8.5.15-150200.3.32.1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4 (aarch64 ppc64le s390x x86_64):
grafana-8.5.15-150200.3.32.1
grafana-debuginfo-8.5.15-150200.3.32.1
References:
https://www.suse.com/security/cve/CVE-2022-31123.html
https://www.suse.com/security/cve/CVE-2022-31130.html
https://www.suse.com/security/cve/CVE-2022-39201.html
https://www.suse.com/security/cve/CVE-2022-39229.html
https://www.suse.com/security/cve/CVE-2022-39306.html
https://www.suse.com/security/cve/CVE-2022-39307.html
https://bugzilla.suse.com/1204302
https://bugzilla.suse.com/1204303
https://bugzilla.suse.com/1204304
https://bugzilla.suse.com/1204305
https://bugzilla.suse.com/1205225
https://bugzilla.suse.com/1205227
1
0
SUSE-SU-2023:0353-1: moderate: Security update for SUSE Manager Client Tools
by opensuse-security@opensuse.org 10 Feb '23
by opensuse-security@opensuse.org 10 Feb '23
10 Feb '23
SUSE Security Update: Security update for SUSE Manager Client Tools
______________________________________________________________________________
Announcement ID: SUSE-SU-2023:0353-1
Rating: moderate
References: #1172110 #1204032 #1204126 #1204302 #1204303
#1204304 #1204305 #1205207 #1205225 #1205227
#1205599 #1206470 PED-2617
Cross-References: CVE-2022-31123 CVE-2022-31130 CVE-2022-39201
CVE-2022-39229 CVE-2022-39306 CVE-2022-39307
CVSS scores:
CVE-2022-31123 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-31123 (SUSE): 4 CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:L
CVE-2022-31130 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CVE-2022-31130 (SUSE): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
CVE-2022-39201 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CVE-2022-39201 (SUSE): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
CVE-2022-39229 (NVD) : 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
CVE-2022-39229 (SUSE): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
CVE-2022-39306 (NVD) : 8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
CVE-2022-39306 (SUSE): 6.4 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N
CVE-2022-39307 (NVD) : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
CVE-2022-39307 (SUSE): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Affected Products:
SUSE Manager Tools 15
SUSE Manager Tools for SLE Micro 5
openSUSE Leap 15.4
______________________________________________________________________________
An update that solves 6 vulnerabilities, contains one
feature and has 6 fixes is now available.
Description:
This update fixes the following issues:
dracut-saltboot:
- Update to version 0.1.1673279145.e7616bd
* Add failsafe stop file when salt-minion does not stop (bsc#1172110)
* Copy existing wicked config instead of generating new (bsc#1205599)
grafana:
- Update to version 8.5.15 (jsc#PED-2617):
* CVE-2022-39306: Fix for privilege escalation (bsc#1205225)
* CVE-2022-39307: Omit error from http response when user does not
exists (bsc#1205227)
- Update to version 8.5.14:
* CVE-2022-39201: Fix do not forward login cookie in outgoing requests
(bsc#1204303)
* CVE-2022-31130: Make proxy endpoints not leak sensitive HTTP headers
(bsc#1204305)
* CVE-2022-31123: Fix plugin signature bypass (bsc#1204302)
* CVE-2022-39229: Fix blocknig other users from signing in (bsc#1204304)
mgr-osad:
- Version 4.3.7-1
* Updated logrotate configuration (bsc#1206470)
mgr-push:
- Version 4.3.5-1
* Update translation strings
rhnlib:
- Version 4.3.5-1
* Don't get stuck at the end of SSL transfers (bsc#1204032)
spacecmd:
- Version 4.3.18-1
* Add python-dateutil dependency, required to process date values in
spacecmd api calls
- Version 4.3.17-1
* Remove python3-simplejson dependency
* Correctly understand 'ssm' keyword on scap scheduling
* Add vendor_advisory information to errata_details call (bsc#1205207)
* Added two missing options to schedule product migration:
allow-vendor-change and remove-products-without-successor (bsc#1204126)
* Changed schedule product migration to use the correct API method
* Change default port of "Containerized Proxy configuration" 8022
spacewalk-client-tools:
- Version 4.3.14-1
* Update translation strings
uyuni-common-libs:
- Version 4.3.7-1
* unify user notification code on java side
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2023-353=1
- SUSE Manager Tools for SLE Micro 5:
zypper in -t patch SUSE-SLE-Manager-Tools-For-Micro-5-2023-353=1
- SUSE Manager Tools 15:
zypper in -t patch SUSE-SLE-Manager-Tools-15-2023-353=1
Package List:
- openSUSE Leap 15.4 (noarch):
dracut-saltboot-0.1.1673279145.e7616bd-150000.1.44.1
spacecmd-4.3.18-150000.3.92.1
- SUSE Manager Tools for SLE Micro 5 (noarch):
dracut-saltboot-0.1.1673279145.e7616bd-150000.1.44.1
- SUSE Manager Tools 15 (aarch64 ppc64le s390x x86_64):
grafana-8.5.15-150000.1.39.1
grafana-debuginfo-8.5.15-150000.1.39.1
python3-uyuni-common-libs-4.3.7-150000.1.30.1
- SUSE Manager Tools 15 (noarch):
dracut-saltboot-0.1.1673279145.e7616bd-150000.1.44.1
mgr-osad-4.3.7-150000.1.42.1
mgr-push-4.3.5-150000.1.24.2
python3-mgr-osa-common-4.3.7-150000.1.42.1
python3-mgr-osad-4.3.7-150000.1.42.1
python3-mgr-push-4.3.5-150000.1.24.2
python3-rhnlib-4.3.5-150000.3.40.1
python3-spacewalk-check-4.3.14-150000.3.74.1
python3-spacewalk-client-setup-4.3.14-150000.3.74.1
python3-spacewalk-client-tools-4.3.14-150000.3.74.1
spacecmd-4.3.18-150000.3.92.1
spacewalk-check-4.3.14-150000.3.74.1
spacewalk-client-setup-4.3.14-150000.3.74.1
spacewalk-client-tools-4.3.14-150000.3.74.1
References:
https://www.suse.com/security/cve/CVE-2022-31123.html
https://www.suse.com/security/cve/CVE-2022-31130.html
https://www.suse.com/security/cve/CVE-2022-39201.html
https://www.suse.com/security/cve/CVE-2022-39229.html
https://www.suse.com/security/cve/CVE-2022-39306.html
https://www.suse.com/security/cve/CVE-2022-39307.html
https://bugzilla.suse.com/1172110
https://bugzilla.suse.com/1204032
https://bugzilla.suse.com/1204126
https://bugzilla.suse.com/1204302
https://bugzilla.suse.com/1204303
https://bugzilla.suse.com/1204304
https://bugzilla.suse.com/1204305
https://bugzilla.suse.com/1205207
https://bugzilla.suse.com/1205225
https://bugzilla.suse.com/1205227
https://bugzilla.suse.com/1205599
https://bugzilla.suse.com/1206470
1
0
SUSE-SU-2023:0343-1: important: Security update for wireshark
by opensuse-security@opensuse.org 10 Feb '23
by opensuse-security@opensuse.org 10 Feb '23
10 Feb '23
SUSE Security Update: Security update for wireshark
______________________________________________________________________________
Announcement ID: SUSE-SU-2023:0343-1
Rating: important
References: #1206189 #1207447 #1207663 #1207664 #1207665
#1207667 #1207668 #1207669
Cross-References: CVE-2022-4345 CVE-2023-0411 CVE-2023-0412
CVE-2023-0413 CVE-2023-0415 CVE-2023-0416
CVE-2023-0417
CVSS scores:
CVE-2022-4345 (NVD) : 6.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
CVE-2022-4345 (SUSE): 6.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
CVE-2023-0411 (NVD) : 6.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
CVE-2023-0411 (SUSE): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2023-0412 (NVD) : 6.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
CVE-2023-0412 (SUSE): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2023-0413 (NVD) : 6.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
CVE-2023-0413 (SUSE): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2023-0415 (NVD) : 6.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
CVE-2023-0415 (SUSE): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2023-0416 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2023-0416 (SUSE): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2023-0417 (NVD) : 6.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
CVE-2023-0417 (SUSE): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Affected Products:
SUSE CaaS Platform 4.0
SUSE Enterprise Storage 6
SUSE Enterprise Storage 7
SUSE Enterprise Storage 7.1
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP3-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP3-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Module for Desktop Applications 15-SP4
SUSE Linux Enterprise Realtime Extension 15-SP3
SUSE Linux Enterprise Server 15-SP1-LTSS
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server 15-SP3-LTSS
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP 15-SP1
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.2
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.2
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.2
SUSE Manager Server 4.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that solves 7 vulnerabilities and has one errata
is now available.
Description:
This update for wireshark fixes the following issues:
- Updated to version 3.6.11 (bsc#1207447):
- CVE-2023-0417: Fixed a memory leak in the NFS dissector (bsc#1207669).
- CVE-2023-0413: Fixed a crash in the dissection engine (bsc#1207665).
- CVE-2023-0416: Fixed a crash in the GNW dissector (bsc#1207668).
- CVE-2023-0415: Fixed a crash in the iSCSI dissector (bsc#1207667).
- CVE-2023-0411: Fixed several issues where an excessive CPU consumption
could be triggered in multiple dissectors (bsc#1207663).
- CVE-2023-0412: Fixed a crash in the TIPC dissector (bsc#1207664).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2023-343=1
- SUSE Manager Server 4.2:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.2-2023-343=1
- SUSE Manager Retail Branch Server 4.2:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.2-2023-343=1
- SUSE Manager Proxy 4.2:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.2-2023-343=1
- SUSE Linux Enterprise Server for SAP 15-SP3:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2023-343=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2023-343=1
- SUSE Linux Enterprise Server for SAP 15-SP1:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2023-343=1
- SUSE Linux Enterprise Server 15-SP3-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2023-343=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2023-343=1
- SUSE Linux Enterprise Server 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2023-343=1
- SUSE Linux Enterprise Realtime Extension 15-SP3:
zypper in -t patch SUSE-SLE-Product-RT-15-SP3-2023-343=1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP4:
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP4-2023-343=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2023-343=1
- SUSE Linux Enterprise High Performance Computing 15-SP3-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2023-343=1
- SUSE Linux Enterprise High Performance Computing 15-SP3-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-ESPOS-2023-343=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2023-343=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-LTSS-2023-343=1
- SUSE Enterprise Storage 7.1:
zypper in -t patch SUSE-Storage-7.1-2023-343=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2023-343=1
- SUSE Enterprise Storage 6:
zypper in -t patch SUSE-Storage-6-2023-343=1
- SUSE CaaS Platform 4.0:
To install this update, use the SUSE CaaS Platform 'skuba' tool. It
will inform you if it detects new updates and let you then trigger
updating of the complete cluster in a controlled way.
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
libwireshark15-3.6.11-150000.3.83.1
libwireshark15-debuginfo-3.6.11-150000.3.83.1
libwiretap12-3.6.11-150000.3.83.1
libwiretap12-debuginfo-3.6.11-150000.3.83.1
libwsutil13-3.6.11-150000.3.83.1
libwsutil13-debuginfo-3.6.11-150000.3.83.1
wireshark-3.6.11-150000.3.83.1
wireshark-debuginfo-3.6.11-150000.3.83.1
wireshark-debugsource-3.6.11-150000.3.83.1
wireshark-devel-3.6.11-150000.3.83.1
wireshark-ui-qt-3.6.11-150000.3.83.1
wireshark-ui-qt-debuginfo-3.6.11-150000.3.83.1
- SUSE Manager Server 4.2 (ppc64le s390x x86_64):
libwireshark15-3.6.11-150000.3.83.1
libwireshark15-debuginfo-3.6.11-150000.3.83.1
libwiretap12-3.6.11-150000.3.83.1
libwiretap12-debuginfo-3.6.11-150000.3.83.1
libwsutil13-3.6.11-150000.3.83.1
libwsutil13-debuginfo-3.6.11-150000.3.83.1
wireshark-3.6.11-150000.3.83.1
wireshark-debuginfo-3.6.11-150000.3.83.1
wireshark-debugsource-3.6.11-150000.3.83.1
- SUSE Manager Retail Branch Server 4.2 (x86_64):
libwireshark15-3.6.11-150000.3.83.1
libwireshark15-debuginfo-3.6.11-150000.3.83.1
libwiretap12-3.6.11-150000.3.83.1
libwiretap12-debuginfo-3.6.11-150000.3.83.1
libwsutil13-3.6.11-150000.3.83.1
libwsutil13-debuginfo-3.6.11-150000.3.83.1
wireshark-3.6.11-150000.3.83.1
wireshark-debuginfo-3.6.11-150000.3.83.1
wireshark-debugsource-3.6.11-150000.3.83.1
- SUSE Manager Proxy 4.2 (x86_64):
libwireshark15-3.6.11-150000.3.83.1
libwireshark15-debuginfo-3.6.11-150000.3.83.1
libwiretap12-3.6.11-150000.3.83.1
libwiretap12-debuginfo-3.6.11-150000.3.83.1
libwsutil13-3.6.11-150000.3.83.1
libwsutil13-debuginfo-3.6.11-150000.3.83.1
wireshark-3.6.11-150000.3.83.1
wireshark-debuginfo-3.6.11-150000.3.83.1
wireshark-debugsource-3.6.11-150000.3.83.1
- SUSE Linux Enterprise Server for SAP 15-SP3 (ppc64le x86_64):
libwireshark15-3.6.11-150000.3.83.1
libwireshark15-debuginfo-3.6.11-150000.3.83.1
libwiretap12-3.6.11-150000.3.83.1
libwiretap12-debuginfo-3.6.11-150000.3.83.1
libwsutil13-3.6.11-150000.3.83.1
libwsutil13-debuginfo-3.6.11-150000.3.83.1
wireshark-3.6.11-150000.3.83.1
wireshark-debuginfo-3.6.11-150000.3.83.1
wireshark-debugsource-3.6.11-150000.3.83.1
wireshark-devel-3.6.11-150000.3.83.1
wireshark-ui-qt-3.6.11-150000.3.83.1
wireshark-ui-qt-debuginfo-3.6.11-150000.3.83.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64):
libwireshark15-3.6.11-150000.3.83.1
libwireshark15-debuginfo-3.6.11-150000.3.83.1
libwiretap12-3.6.11-150000.3.83.1
libwiretap12-debuginfo-3.6.11-150000.3.83.1
libwsutil13-3.6.11-150000.3.83.1
libwsutil13-debuginfo-3.6.11-150000.3.83.1
wireshark-3.6.11-150000.3.83.1
wireshark-debuginfo-3.6.11-150000.3.83.1
wireshark-debugsource-3.6.11-150000.3.83.1
wireshark-devel-3.6.11-150000.3.83.1
wireshark-ui-qt-3.6.11-150000.3.83.1
wireshark-ui-qt-debuginfo-3.6.11-150000.3.83.1
- SUSE Linux Enterprise Server for SAP 15-SP1 (ppc64le x86_64):
libwireshark15-3.6.11-150000.3.83.1
libwireshark15-debuginfo-3.6.11-150000.3.83.1
libwiretap12-3.6.11-150000.3.83.1
libwiretap12-debuginfo-3.6.11-150000.3.83.1
libwsutil13-3.6.11-150000.3.83.1
libwsutil13-debuginfo-3.6.11-150000.3.83.1
wireshark-3.6.11-150000.3.83.1
wireshark-debuginfo-3.6.11-150000.3.83.1
wireshark-debugsource-3.6.11-150000.3.83.1
wireshark-devel-3.6.11-150000.3.83.1
wireshark-ui-qt-3.6.11-150000.3.83.1
wireshark-ui-qt-debuginfo-3.6.11-150000.3.83.1
- SUSE Linux Enterprise Server 15-SP3-LTSS (aarch64 ppc64le s390x x86_64):
libwireshark15-3.6.11-150000.3.83.1
libwireshark15-debuginfo-3.6.11-150000.3.83.1
libwiretap12-3.6.11-150000.3.83.1
libwiretap12-debuginfo-3.6.11-150000.3.83.1
libwsutil13-3.6.11-150000.3.83.1
libwsutil13-debuginfo-3.6.11-150000.3.83.1
wireshark-3.6.11-150000.3.83.1
wireshark-debuginfo-3.6.11-150000.3.83.1
wireshark-debugsource-3.6.11-150000.3.83.1
wireshark-devel-3.6.11-150000.3.83.1
wireshark-ui-qt-3.6.11-150000.3.83.1
wireshark-ui-qt-debuginfo-3.6.11-150000.3.83.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64):
libwireshark15-3.6.11-150000.3.83.1
libwireshark15-debuginfo-3.6.11-150000.3.83.1
libwiretap12-3.6.11-150000.3.83.1
libwiretap12-debuginfo-3.6.11-150000.3.83.1
libwsutil13-3.6.11-150000.3.83.1
libwsutil13-debuginfo-3.6.11-150000.3.83.1
wireshark-3.6.11-150000.3.83.1
wireshark-debuginfo-3.6.11-150000.3.83.1
wireshark-debugsource-3.6.11-150000.3.83.1
wireshark-devel-3.6.11-150000.3.83.1
wireshark-ui-qt-3.6.11-150000.3.83.1
wireshark-ui-qt-debuginfo-3.6.11-150000.3.83.1
- SUSE Linux Enterprise Server 15-SP1-LTSS (aarch64 ppc64le s390x x86_64):
libwireshark15-3.6.11-150000.3.83.1
libwireshark15-debuginfo-3.6.11-150000.3.83.1
libwiretap12-3.6.11-150000.3.83.1
libwiretap12-debuginfo-3.6.11-150000.3.83.1
libwsutil13-3.6.11-150000.3.83.1
libwsutil13-debuginfo-3.6.11-150000.3.83.1
wireshark-3.6.11-150000.3.83.1
wireshark-debuginfo-3.6.11-150000.3.83.1
wireshark-debugsource-3.6.11-150000.3.83.1
wireshark-devel-3.6.11-150000.3.83.1
wireshark-ui-qt-3.6.11-150000.3.83.1
wireshark-ui-qt-debuginfo-3.6.11-150000.3.83.1
- SUSE Linux Enterprise Realtime Extension 15-SP3 (x86_64):
libwireshark15-3.6.11-150000.3.83.1
libwireshark15-debuginfo-3.6.11-150000.3.83.1
libwiretap12-3.6.11-150000.3.83.1
libwiretap12-debuginfo-3.6.11-150000.3.83.1
libwsutil13-3.6.11-150000.3.83.1
libwsutil13-debuginfo-3.6.11-150000.3.83.1
wireshark-3.6.11-150000.3.83.1
wireshark-debuginfo-3.6.11-150000.3.83.1
wireshark-debugsource-3.6.11-150000.3.83.1
wireshark-devel-3.6.11-150000.3.83.1
wireshark-ui-qt-3.6.11-150000.3.83.1
wireshark-ui-qt-debuginfo-3.6.11-150000.3.83.1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP4 (aarch64 ppc64le s390x x86_64):
wireshark-debuginfo-3.6.11-150000.3.83.1
wireshark-debugsource-3.6.11-150000.3.83.1
wireshark-devel-3.6.11-150000.3.83.1
wireshark-ui-qt-3.6.11-150000.3.83.1
wireshark-ui-qt-debuginfo-3.6.11-150000.3.83.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64 ppc64le s390x x86_64):
libwireshark15-3.6.11-150000.3.83.1
libwireshark15-debuginfo-3.6.11-150000.3.83.1
libwiretap12-3.6.11-150000.3.83.1
libwiretap12-debuginfo-3.6.11-150000.3.83.1
libwsutil13-3.6.11-150000.3.83.1
libwsutil13-debuginfo-3.6.11-150000.3.83.1
wireshark-3.6.11-150000.3.83.1
wireshark-debuginfo-3.6.11-150000.3.83.1
wireshark-debugsource-3.6.11-150000.3.83.1
- SUSE Linux Enterprise High Performance Computing 15-SP3-LTSS (aarch64 x86_64):
libwireshark15-3.6.11-150000.3.83.1
libwireshark15-debuginfo-3.6.11-150000.3.83.1
libwiretap12-3.6.11-150000.3.83.1
libwiretap12-debuginfo-3.6.11-150000.3.83.1
libwsutil13-3.6.11-150000.3.83.1
libwsutil13-debuginfo-3.6.11-150000.3.83.1
wireshark-3.6.11-150000.3.83.1
wireshark-debuginfo-3.6.11-150000.3.83.1
wireshark-debugsource-3.6.11-150000.3.83.1
wireshark-devel-3.6.11-150000.3.83.1
wireshark-ui-qt-3.6.11-150000.3.83.1
wireshark-ui-qt-debuginfo-3.6.11-150000.3.83.1
- SUSE Linux Enterprise High Performance Computing 15-SP3-ESPOS (aarch64 x86_64):
libwireshark15-3.6.11-150000.3.83.1
libwireshark15-debuginfo-3.6.11-150000.3.83.1
libwiretap12-3.6.11-150000.3.83.1
libwiretap12-debuginfo-3.6.11-150000.3.83.1
libwsutil13-3.6.11-150000.3.83.1
libwsutil13-debuginfo-3.6.11-150000.3.83.1
wireshark-3.6.11-150000.3.83.1
wireshark-debuginfo-3.6.11-150000.3.83.1
wireshark-debugsource-3.6.11-150000.3.83.1
wireshark-devel-3.6.11-150000.3.83.1
wireshark-ui-qt-3.6.11-150000.3.83.1
wireshark-ui-qt-debuginfo-3.6.11-150000.3.83.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64):
libwireshark15-3.6.11-150000.3.83.1
libwireshark15-debuginfo-3.6.11-150000.3.83.1
libwiretap12-3.6.11-150000.3.83.1
libwiretap12-debuginfo-3.6.11-150000.3.83.1
libwsutil13-3.6.11-150000.3.83.1
libwsutil13-debuginfo-3.6.11-150000.3.83.1
wireshark-3.6.11-150000.3.83.1
wireshark-debuginfo-3.6.11-150000.3.83.1
wireshark-debugsource-3.6.11-150000.3.83.1
wireshark-devel-3.6.11-150000.3.83.1
wireshark-ui-qt-3.6.11-150000.3.83.1
wireshark-ui-qt-debuginfo-3.6.11-150000.3.83.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (aarch64 x86_64):
libwireshark15-3.6.11-150000.3.83.1
libwireshark15-debuginfo-3.6.11-150000.3.83.1
libwiretap12-3.6.11-150000.3.83.1
libwiretap12-debuginfo-3.6.11-150000.3.83.1
libwsutil13-3.6.11-150000.3.83.1
libwsutil13-debuginfo-3.6.11-150000.3.83.1
wireshark-3.6.11-150000.3.83.1
wireshark-debuginfo-3.6.11-150000.3.83.1
wireshark-debugsource-3.6.11-150000.3.83.1
wireshark-devel-3.6.11-150000.3.83.1
wireshark-ui-qt-3.6.11-150000.3.83.1
wireshark-ui-qt-debuginfo-3.6.11-150000.3.83.1
- SUSE Enterprise Storage 7.1 (aarch64 x86_64):
libwireshark15-3.6.11-150000.3.83.1
libwireshark15-debuginfo-3.6.11-150000.3.83.1
libwiretap12-3.6.11-150000.3.83.1
libwiretap12-debuginfo-3.6.11-150000.3.83.1
libwsutil13-3.6.11-150000.3.83.1
libwsutil13-debuginfo-3.6.11-150000.3.83.1
wireshark-3.6.11-150000.3.83.1
wireshark-debuginfo-3.6.11-150000.3.83.1
wireshark-debugsource-3.6.11-150000.3.83.1
wireshark-devel-3.6.11-150000.3.83.1
wireshark-ui-qt-3.6.11-150000.3.83.1
wireshark-ui-qt-debuginfo-3.6.11-150000.3.83.1
- SUSE Enterprise Storage 7 (aarch64 x86_64):
libwireshark15-3.6.11-150000.3.83.1
libwireshark15-debuginfo-3.6.11-150000.3.83.1
libwiretap12-3.6.11-150000.3.83.1
libwiretap12-debuginfo-3.6.11-150000.3.83.1
libwsutil13-3.6.11-150000.3.83.1
libwsutil13-debuginfo-3.6.11-150000.3.83.1
wireshark-3.6.11-150000.3.83.1
wireshark-debuginfo-3.6.11-150000.3.83.1
wireshark-debugsource-3.6.11-150000.3.83.1
wireshark-devel-3.6.11-150000.3.83.1
wireshark-ui-qt-3.6.11-150000.3.83.1
wireshark-ui-qt-debuginfo-3.6.11-150000.3.83.1
- SUSE Enterprise Storage 6 (aarch64 x86_64):
libwireshark15-3.6.11-150000.3.83.1
libwireshark15-debuginfo-3.6.11-150000.3.83.1
libwiretap12-3.6.11-150000.3.83.1
libwiretap12-debuginfo-3.6.11-150000.3.83.1
libwsutil13-3.6.11-150000.3.83.1
libwsutil13-debuginfo-3.6.11-150000.3.83.1
wireshark-3.6.11-150000.3.83.1
wireshark-debuginfo-3.6.11-150000.3.83.1
wireshark-debugsource-3.6.11-150000.3.83.1
wireshark-devel-3.6.11-150000.3.83.1
wireshark-ui-qt-3.6.11-150000.3.83.1
wireshark-ui-qt-debuginfo-3.6.11-150000.3.83.1
- SUSE CaaS Platform 4.0 (x86_64):
libwireshark15-3.6.11-150000.3.83.1
libwireshark15-debuginfo-3.6.11-150000.3.83.1
libwiretap12-3.6.11-150000.3.83.1
libwiretap12-debuginfo-3.6.11-150000.3.83.1
libwsutil13-3.6.11-150000.3.83.1
libwsutil13-debuginfo-3.6.11-150000.3.83.1
wireshark-3.6.11-150000.3.83.1
wireshark-debuginfo-3.6.11-150000.3.83.1
wireshark-debugsource-3.6.11-150000.3.83.1
wireshark-devel-3.6.11-150000.3.83.1
wireshark-ui-qt-3.6.11-150000.3.83.1
wireshark-ui-qt-debuginfo-3.6.11-150000.3.83.1
References:
https://www.suse.com/security/cve/CVE-2022-4345.html
https://www.suse.com/security/cve/CVE-2023-0411.html
https://www.suse.com/security/cve/CVE-2023-0412.html
https://www.suse.com/security/cve/CVE-2023-0413.html
https://www.suse.com/security/cve/CVE-2023-0415.html
https://www.suse.com/security/cve/CVE-2023-0416.html
https://www.suse.com/security/cve/CVE-2023-0417.html
https://bugzilla.suse.com/1206189
https://bugzilla.suse.com/1207447
https://bugzilla.suse.com/1207663
https://bugzilla.suse.com/1207664
https://bugzilla.suse.com/1207665
https://bugzilla.suse.com/1207667
https://bugzilla.suse.com/1207668
https://bugzilla.suse.com/1207669
1
0
SUSE-SU-2023:0348-1: moderate: Security update for less
by opensuse-security@opensuse.org 10 Feb '23
by opensuse-security@opensuse.org 10 Feb '23
10 Feb '23
SUSE Security Update: Security update for less
______________________________________________________________________________
Announcement ID: SUSE-SU-2023:0348-1
Rating: moderate
References: #1207815
Cross-References: CVE-2022-46663
CVSS scores:
CVE-2022-46663 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Affected Products:
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Micro 5.3
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.3
openSUSE Leap 15.4
openSUSE Leap Micro 5.3
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for less fixes the following issues:
- CVE-2022-46663: Fixed denial-of-service by printing specially crafted
escape sequences to the terminal (bsc#1207815).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap Micro 5.3:
zypper in -t patch openSUSE-Leap-Micro-5.3-2023-348=1
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2023-348=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2023-348=1
- SUSE Linux Enterprise Micro 5.3:
zypper in -t patch SUSE-SLE-Micro-5.3-2023-348=1
Package List:
- openSUSE Leap Micro 5.3 (aarch64 x86_64):
less-590-150400.3.3.1
less-debuginfo-590-150400.3.3.1
less-debugsource-590-150400.3.3.1
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
less-590-150400.3.3.1
less-debuginfo-590-150400.3.3.1
less-debugsource-590-150400.3.3.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64 ppc64le s390x x86_64):
less-590-150400.3.3.1
less-debuginfo-590-150400.3.3.1
less-debugsource-590-150400.3.3.1
- SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64):
less-590-150400.3.3.1
less-debuginfo-590-150400.3.3.1
less-debugsource-590-150400.3.3.1
References:
https://www.suse.com/security/cve/CVE-2022-46663.html
https://bugzilla.suse.com/1207815
1
0
SUSE-SU-2023:0341-1: important: Security update for bind
by opensuse-security@opensuse.org 10 Feb '23
by opensuse-security@opensuse.org 10 Feb '23
10 Feb '23
SUSE Security Update: Security update for bind
______________________________________________________________________________
Announcement ID: SUSE-SU-2023:0341-1
Rating: important
References: #1207471 #1207473 #1207475 SLE-24600
Cross-References: CVE-2022-3094 CVE-2022-3736 CVE-2022-3924
CVSS scores:
CVE-2022-3094 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3094 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3736 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3736 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3924 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3924 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products:
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Module for Server Applications 15-SP4
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes three vulnerabilities, contains one
feature is now available.
Description:
This update for bind fixes the following issues:
- Updated to version 9.16.37 (jsc#SLE-24600):
- CVE-2022-3094: Fixed an issue where a message flood could exhaust all
available memory (bsc#1207471).
- CVE-2022-3736: Fixed a potential crash upon receiving an RRSIG in
configurations with stale cache and stale answers enabled and
stale-answer-client-timeout set to a positive value (bsc#1207473).
- CVE-2022-3924: Fixed a potential crash upon reaching the
recursive-clients soft quota in configurations with stale answers
enabled and stale-answer-client-timeout set to a positive value
(bsc#1207475).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2023-341=1
- SUSE Linux Enterprise Module for Server Applications 15-SP4:
zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP4-2023-341=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2023-341=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
bind-9.16.37-150400.5.17.1
bind-debuginfo-9.16.37-150400.5.17.1
bind-debugsource-9.16.37-150400.5.17.1
bind-utils-9.16.37-150400.5.17.1
bind-utils-debuginfo-9.16.37-150400.5.17.1
- openSUSE Leap 15.4 (noarch):
bind-doc-9.16.37-150400.5.17.1
python3-bind-9.16.37-150400.5.17.1
- SUSE Linux Enterprise Module for Server Applications 15-SP4 (aarch64 ppc64le s390x x86_64):
bind-9.16.37-150400.5.17.1
bind-debuginfo-9.16.37-150400.5.17.1
bind-debugsource-9.16.37-150400.5.17.1
- SUSE Linux Enterprise Module for Server Applications 15-SP4 (noarch):
bind-doc-9.16.37-150400.5.17.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64 ppc64le s390x x86_64):
bind-debuginfo-9.16.37-150400.5.17.1
bind-debugsource-9.16.37-150400.5.17.1
bind-utils-9.16.37-150400.5.17.1
bind-utils-debuginfo-9.16.37-150400.5.17.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (noarch):
python3-bind-9.16.37-150400.5.17.1
References:
https://www.suse.com/security/cve/CVE-2022-3094.html
https://www.suse.com/security/cve/CVE-2022-3736.html
https://www.suse.com/security/cve/CVE-2022-3924.html
https://bugzilla.suse.com/1207471
https://bugzilla.suse.com/1207473
https://bugzilla.suse.com/1207475
1
0
SUSE-SU-2023:0342-1: important: Security update for tiff
by opensuse-security@opensuse.org 10 Feb '23
by opensuse-security@opensuse.org 10 Feb '23
10 Feb '23
SUSE Security Update: Security update for tiff
______________________________________________________________________________
Announcement ID: SUSE-SU-2023:0342-1
Rating: important
References: #1207413
Cross-References: CVE-2022-48281
CVSS scores:
CVE-2022-48281 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2022-48281 (SUSE): 7.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
Affected Products:
SUSE CaaS Platform 4.0
SUSE Enterprise Storage 6
SUSE Enterprise Storage 7
SUSE Enterprise Storage 7.1
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP3-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP3-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Micro 5.2
SUSE Linux Enterprise Micro 5.3
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4
SUSE Linux Enterprise Realtime Extension 15-SP3
SUSE Linux Enterprise Server 15-SP1-LTSS
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server 15-SP3-LTSS
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP 15-SP1
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.2
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.2
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.2
SUSE Manager Server 4.3
openSUSE Leap 15.4
openSUSE Leap Micro 5.2
openSUSE Leap Micro 5.3
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for tiff fixes the following issues:
- CVE-2022-48281: Fixed a buffer overflow that could be triggered via a
crafted image (bsc#1207413).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap Micro 5.3:
zypper in -t patch openSUSE-Leap-Micro-5.3-2023-342=1
- openSUSE Leap Micro 5.2:
zypper in -t patch openSUSE-Leap-Micro-5.2-2023-342=1
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2023-342=1
- SUSE Manager Server 4.2:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.2-2023-342=1
- SUSE Manager Retail Branch Server 4.2:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.2-2023-342=1
- SUSE Manager Proxy 4.2:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.2-2023-342=1
- SUSE Linux Enterprise Server for SAP 15-SP3:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2023-342=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2023-342=1
- SUSE Linux Enterprise Server for SAP 15-SP1:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2023-342=1
- SUSE Linux Enterprise Server 15-SP3-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2023-342=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2023-342=1
- SUSE Linux Enterprise Server 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2023-342=1
- SUSE Linux Enterprise Realtime Extension 15-SP3:
zypper in -t patch SUSE-SLE-Product-RT-15-SP3-2023-342=1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4:
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP4-2023-342=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2023-342=1
- SUSE Linux Enterprise Micro 5.3:
zypper in -t patch SUSE-SLE-Micro-5.3-2023-342=1
- SUSE Linux Enterprise Micro 5.2:
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2023-342=1
- SUSE Linux Enterprise High Performance Computing 15-SP3-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2023-342=1
- SUSE Linux Enterprise High Performance Computing 15-SP3-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-ESPOS-2023-342=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2023-342=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-LTSS-2023-342=1
- SUSE Enterprise Storage 7.1:
zypper in -t patch SUSE-Storage-7.1-2023-342=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2023-342=1
- SUSE Enterprise Storage 6:
zypper in -t patch SUSE-Storage-6-2023-342=1
- SUSE CaaS Platform 4.0:
To install this update, use the SUSE CaaS Platform 'skuba' tool. It
will inform you if it detects new updates and let you then trigger
updating of the complete cluster in a controlled way.
Package List:
- openSUSE Leap Micro 5.3 (aarch64 x86_64):
libtiff5-4.0.9-150000.45.25.1
libtiff5-debuginfo-4.0.9-150000.45.25.1
tiff-debuginfo-4.0.9-150000.45.25.1
tiff-debugsource-4.0.9-150000.45.25.1
- openSUSE Leap Micro 5.2 (aarch64 x86_64):
libtiff5-4.0.9-150000.45.25.1
libtiff5-debuginfo-4.0.9-150000.45.25.1
tiff-debuginfo-4.0.9-150000.45.25.1
tiff-debugsource-4.0.9-150000.45.25.1
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
libtiff-devel-4.0.9-150000.45.25.1
libtiff5-4.0.9-150000.45.25.1
libtiff5-debuginfo-4.0.9-150000.45.25.1
tiff-4.0.9-150000.45.25.1
tiff-debuginfo-4.0.9-150000.45.25.1
tiff-debugsource-4.0.9-150000.45.25.1
- openSUSE Leap 15.4 (x86_64):
libtiff-devel-32bit-4.0.9-150000.45.25.1
libtiff5-32bit-4.0.9-150000.45.25.1
libtiff5-32bit-debuginfo-4.0.9-150000.45.25.1
- SUSE Manager Server 4.2 (ppc64le s390x x86_64):
libtiff-devel-4.0.9-150000.45.25.1
libtiff5-4.0.9-150000.45.25.1
libtiff5-debuginfo-4.0.9-150000.45.25.1
tiff-debuginfo-4.0.9-150000.45.25.1
tiff-debugsource-4.0.9-150000.45.25.1
- SUSE Manager Retail Branch Server 4.2 (x86_64):
libtiff-devel-4.0.9-150000.45.25.1
libtiff5-4.0.9-150000.45.25.1
libtiff5-debuginfo-4.0.9-150000.45.25.1
tiff-debuginfo-4.0.9-150000.45.25.1
tiff-debugsource-4.0.9-150000.45.25.1
- SUSE Manager Proxy 4.2 (x86_64):
libtiff-devel-4.0.9-150000.45.25.1
libtiff5-4.0.9-150000.45.25.1
libtiff5-debuginfo-4.0.9-150000.45.25.1
tiff-debuginfo-4.0.9-150000.45.25.1
tiff-debugsource-4.0.9-150000.45.25.1
- SUSE Linux Enterprise Server for SAP 15-SP3 (ppc64le x86_64):
libtiff-devel-4.0.9-150000.45.25.1
libtiff5-4.0.9-150000.45.25.1
libtiff5-debuginfo-4.0.9-150000.45.25.1
tiff-debuginfo-4.0.9-150000.45.25.1
tiff-debugsource-4.0.9-150000.45.25.1
- SUSE Linux Enterprise Server for SAP 15-SP3 (x86_64):
libtiff5-32bit-4.0.9-150000.45.25.1
libtiff5-32bit-debuginfo-4.0.9-150000.45.25.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64):
libtiff-devel-4.0.9-150000.45.25.1
libtiff5-4.0.9-150000.45.25.1
libtiff5-debuginfo-4.0.9-150000.45.25.1
tiff-debuginfo-4.0.9-150000.45.25.1
tiff-debugsource-4.0.9-150000.45.25.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (x86_64):
libtiff5-32bit-4.0.9-150000.45.25.1
libtiff5-32bit-debuginfo-4.0.9-150000.45.25.1
- SUSE Linux Enterprise Server for SAP 15-SP1 (ppc64le x86_64):
libtiff-devel-4.0.9-150000.45.25.1
libtiff5-4.0.9-150000.45.25.1
libtiff5-debuginfo-4.0.9-150000.45.25.1
tiff-debuginfo-4.0.9-150000.45.25.1
tiff-debugsource-4.0.9-150000.45.25.1
- SUSE Linux Enterprise Server for SAP 15-SP1 (x86_64):
libtiff5-32bit-4.0.9-150000.45.25.1
libtiff5-32bit-debuginfo-4.0.9-150000.45.25.1
- SUSE Linux Enterprise Server 15-SP3-LTSS (aarch64 ppc64le s390x x86_64):
libtiff-devel-4.0.9-150000.45.25.1
libtiff5-4.0.9-150000.45.25.1
libtiff5-debuginfo-4.0.9-150000.45.25.1
tiff-debuginfo-4.0.9-150000.45.25.1
tiff-debugsource-4.0.9-150000.45.25.1
- SUSE Linux Enterprise Server 15-SP3-LTSS (x86_64):
libtiff5-32bit-4.0.9-150000.45.25.1
libtiff5-32bit-debuginfo-4.0.9-150000.45.25.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64):
libtiff-devel-4.0.9-150000.45.25.1
libtiff5-4.0.9-150000.45.25.1
libtiff5-debuginfo-4.0.9-150000.45.25.1
tiff-debuginfo-4.0.9-150000.45.25.1
tiff-debugsource-4.0.9-150000.45.25.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (x86_64):
libtiff5-32bit-4.0.9-150000.45.25.1
libtiff5-32bit-debuginfo-4.0.9-150000.45.25.1
- SUSE Linux Enterprise Server 15-SP1-LTSS (aarch64 ppc64le s390x x86_64):
libtiff-devel-4.0.9-150000.45.25.1
libtiff5-4.0.9-150000.45.25.1
libtiff5-debuginfo-4.0.9-150000.45.25.1
tiff-debuginfo-4.0.9-150000.45.25.1
tiff-debugsource-4.0.9-150000.45.25.1
- SUSE Linux Enterprise Server 15-SP1-LTSS (x86_64):
libtiff5-32bit-4.0.9-150000.45.25.1
libtiff5-32bit-debuginfo-4.0.9-150000.45.25.1
- SUSE Linux Enterprise Realtime Extension 15-SP3 (x86_64):
libtiff-devel-4.0.9-150000.45.25.1
libtiff5-32bit-4.0.9-150000.45.25.1
libtiff5-32bit-debuginfo-4.0.9-150000.45.25.1
libtiff5-4.0.9-150000.45.25.1
libtiff5-debuginfo-4.0.9-150000.45.25.1
tiff-debuginfo-4.0.9-150000.45.25.1
tiff-debugsource-4.0.9-150000.45.25.1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4 (aarch64 ppc64le s390x x86_64):
tiff-4.0.9-150000.45.25.1
tiff-debuginfo-4.0.9-150000.45.25.1
tiff-debugsource-4.0.9-150000.45.25.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64 ppc64le s390x x86_64):
libtiff-devel-4.0.9-150000.45.25.1
libtiff5-4.0.9-150000.45.25.1
libtiff5-debuginfo-4.0.9-150000.45.25.1
tiff-debuginfo-4.0.9-150000.45.25.1
tiff-debugsource-4.0.9-150000.45.25.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (x86_64):
libtiff5-32bit-4.0.9-150000.45.25.1
libtiff5-32bit-debuginfo-4.0.9-150000.45.25.1
- SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64):
libtiff5-4.0.9-150000.45.25.1
libtiff5-debuginfo-4.0.9-150000.45.25.1
tiff-debuginfo-4.0.9-150000.45.25.1
tiff-debugsource-4.0.9-150000.45.25.1
- SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64):
libtiff5-4.0.9-150000.45.25.1
libtiff5-debuginfo-4.0.9-150000.45.25.1
tiff-debuginfo-4.0.9-150000.45.25.1
tiff-debugsource-4.0.9-150000.45.25.1
- SUSE Linux Enterprise High Performance Computing 15-SP3-LTSS (aarch64 x86_64):
libtiff-devel-4.0.9-150000.45.25.1
libtiff5-4.0.9-150000.45.25.1
libtiff5-debuginfo-4.0.9-150000.45.25.1
tiff-debuginfo-4.0.9-150000.45.25.1
tiff-debugsource-4.0.9-150000.45.25.1
- SUSE Linux Enterprise High Performance Computing 15-SP3-LTSS (x86_64):
libtiff5-32bit-4.0.9-150000.45.25.1
libtiff5-32bit-debuginfo-4.0.9-150000.45.25.1
- SUSE Linux Enterprise High Performance Computing 15-SP3-ESPOS (aarch64 x86_64):
libtiff-devel-4.0.9-150000.45.25.1
libtiff5-4.0.9-150000.45.25.1
libtiff5-debuginfo-4.0.9-150000.45.25.1
tiff-debuginfo-4.0.9-150000.45.25.1
tiff-debugsource-4.0.9-150000.45.25.1
- SUSE Linux Enterprise High Performance Computing 15-SP3-ESPOS (x86_64):
libtiff5-32bit-4.0.9-150000.45.25.1
libtiff5-32bit-debuginfo-4.0.9-150000.45.25.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64):
libtiff-devel-4.0.9-150000.45.25.1
libtiff5-4.0.9-150000.45.25.1
libtiff5-debuginfo-4.0.9-150000.45.25.1
tiff-debuginfo-4.0.9-150000.45.25.1
tiff-debugsource-4.0.9-150000.45.25.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (x86_64):
libtiff5-32bit-4.0.9-150000.45.25.1
libtiff5-32bit-debuginfo-4.0.9-150000.45.25.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (aarch64 x86_64):
libtiff-devel-4.0.9-150000.45.25.1
libtiff5-4.0.9-150000.45.25.1
libtiff5-debuginfo-4.0.9-150000.45.25.1
tiff-debuginfo-4.0.9-150000.45.25.1
tiff-debugsource-4.0.9-150000.45.25.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (x86_64):
libtiff5-32bit-4.0.9-150000.45.25.1
libtiff5-32bit-debuginfo-4.0.9-150000.45.25.1
- SUSE Enterprise Storage 7.1 (aarch64 x86_64):
libtiff-devel-4.0.9-150000.45.25.1
libtiff5-4.0.9-150000.45.25.1
libtiff5-debuginfo-4.0.9-150000.45.25.1
tiff-debuginfo-4.0.9-150000.45.25.1
tiff-debugsource-4.0.9-150000.45.25.1
- SUSE Enterprise Storage 7.1 (x86_64):
libtiff5-32bit-4.0.9-150000.45.25.1
libtiff5-32bit-debuginfo-4.0.9-150000.45.25.1
- SUSE Enterprise Storage 7 (aarch64 x86_64):
libtiff-devel-4.0.9-150000.45.25.1
libtiff5-4.0.9-150000.45.25.1
libtiff5-debuginfo-4.0.9-150000.45.25.1
tiff-debuginfo-4.0.9-150000.45.25.1
tiff-debugsource-4.0.9-150000.45.25.1
- SUSE Enterprise Storage 7 (x86_64):
libtiff5-32bit-4.0.9-150000.45.25.1
libtiff5-32bit-debuginfo-4.0.9-150000.45.25.1
- SUSE Enterprise Storage 6 (aarch64 x86_64):
libtiff-devel-4.0.9-150000.45.25.1
libtiff5-4.0.9-150000.45.25.1
libtiff5-debuginfo-4.0.9-150000.45.25.1
tiff-debuginfo-4.0.9-150000.45.25.1
tiff-debugsource-4.0.9-150000.45.25.1
- SUSE Enterprise Storage 6 (x86_64):
libtiff5-32bit-4.0.9-150000.45.25.1
libtiff5-32bit-debuginfo-4.0.9-150000.45.25.1
- SUSE CaaS Platform 4.0 (x86_64):
libtiff-devel-4.0.9-150000.45.25.1
libtiff5-32bit-4.0.9-150000.45.25.1
libtiff5-32bit-debuginfo-4.0.9-150000.45.25.1
libtiff5-4.0.9-150000.45.25.1
libtiff5-debuginfo-4.0.9-150000.45.25.1
tiff-debuginfo-4.0.9-150000.45.25.1
tiff-debugsource-4.0.9-150000.45.25.1
References:
https://www.suse.com/security/cve/CVE-2022-48281.html
https://bugzilla.suse.com/1207413
1
0
openSUSE-SU-2023:0043-1: moderate: Security update for pkgconf
by opensuse-security@opensuse.org 10 Feb '23
by opensuse-security@opensuse.org 10 Feb '23
10 Feb '23
openSUSE Security Update: Security update for pkgconf
______________________________________________________________________________
Announcement ID: openSUSE-SU-2023:0043-1
Rating: moderate
References: #1207394
Cross-References: CVE-2023-24056
CVSS scores:
CVE-2023-24056 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2023-24056 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Affected Products:
openSUSE Backports SLE-15-SP3
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for pkgconf fixes the following issues:
- CVE-2023-24056: FIxed variable duplication can cause unbounded string
expansion due to incorrect checks in libpkgconf/tuple.c (boo#1207394).
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Backports SLE-15-SP3:
zypper in -t patch openSUSE-2023-43=1
Package List:
- openSUSE Backports SLE-15-SP3 (aarch64 i586 ppc64le s390x x86_64):
libpkgconf-devel-1.5.3-bp153.2.3.1
libpkgconf3-1.5.3-bp153.2.3.1
pkgconf-1.5.3-bp153.2.3.1
References:
https://www.suse.com/security/cve/CVE-2023-24056.html
https://bugzilla.suse.com/1207394
1
0
SUSE-SU-2023:0329-1: important: Security update for MozillaThunderbird
by opensuse-security@opensuse.org 09 Feb '23
by opensuse-security@opensuse.org 09 Feb '23
09 Feb '23
SUSE Security Update: Security update for MozillaThunderbird
______________________________________________________________________________
Announcement ID: SUSE-SU-2023:0329-1
Rating: important
References: #1207119
Cross-References: CVE-2022-46871 CVE-2022-46877 CVE-2023-0430
CVE-2023-23598 CVE-2023-23599 CVE-2023-23601
CVE-2023-23602 CVE-2023-23603 CVE-2023-23605
CVSS scores:
CVE-2022-46871 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-46877 (NVD) : 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
CVE-2023-0430 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Affected Products:
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Linux Enterprise Workstation Extension 15-SP4
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes 9 vulnerabilities is now available.
Description:
This update for MozillaThunderbird fixes the following issues:
Updated to version 102.7.1 (bsc#1207119):
* CVE-2022-46871: Fixed out of date libusrsctp.
* CVE-2023-23598: Fixed arbitrary file read from GTK drag and drop on
Linux.
* CVE-2023-23599: Fixed issue where malicious command that could be
hidden in devtools output on Windows.
* CVE-2023-23601: Fixed issue where URL being dragged from cross-origin
iframe into same tab triggers navigation.
* CVE-2023-23602: Fixed Content Security Policy not being correctly
applied to WebSockets in WebWorkers.
* CVE-2022-46877: Fixed fullscreen notification bypass.
* CVE-2023-23603: Fixed issue where calls to code tag allowed bypassing
Content Security Policy via format directive.
* CVE-2023-23605: Fixed memory safety bugs.
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2023-329=1
- SUSE Linux Enterprise Workstation Extension 15-SP4:
zypper in -t patch SUSE-SLE-Product-WE-15-SP4-2023-329=1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4:
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP4-2023-329=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
MozillaThunderbird-102.7.1-150200.8.102.1
MozillaThunderbird-debuginfo-102.7.1-150200.8.102.1
MozillaThunderbird-debugsource-102.7.1-150200.8.102.1
MozillaThunderbird-translations-common-102.7.1-150200.8.102.1
MozillaThunderbird-translations-other-102.7.1-150200.8.102.1
- SUSE Linux Enterprise Workstation Extension 15-SP4 (x86_64):
MozillaThunderbird-102.7.1-150200.8.102.1
MozillaThunderbird-debuginfo-102.7.1-150200.8.102.1
MozillaThunderbird-debugsource-102.7.1-150200.8.102.1
MozillaThunderbird-translations-common-102.7.1-150200.8.102.1
MozillaThunderbird-translations-other-102.7.1-150200.8.102.1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4 (aarch64 ppc64le s390x):
MozillaThunderbird-102.7.1-150200.8.102.1
MozillaThunderbird-debuginfo-102.7.1-150200.8.102.1
MozillaThunderbird-debugsource-102.7.1-150200.8.102.1
MozillaThunderbird-translations-common-102.7.1-150200.8.102.1
MozillaThunderbird-translations-other-102.7.1-150200.8.102.1
References:
https://www.suse.com/security/cve/CVE-2022-46871.html
https://www.suse.com/security/cve/CVE-2022-46877.html
https://www.suse.com/security/cve/CVE-2023-0430.html
https://www.suse.com/security/cve/CVE-2023-23598.html
https://www.suse.com/security/cve/CVE-2023-23599.html
https://www.suse.com/security/cve/CVE-2023-23601.html
https://www.suse.com/security/cve/CVE-2023-23602.html
https://www.suse.com/security/cve/CVE-2023-23603.html
https://www.suse.com/security/cve/CVE-2023-23605.html
https://bugzilla.suse.com/1207119
1
0
SUSE-SU-2023:0322-1: important: Security update for apache2
by opensuse-security@opensuse.org 09 Feb '23
by opensuse-security@opensuse.org 09 Feb '23
09 Feb '23
SUSE Security Update: Security update for apache2
______________________________________________________________________________
Announcement ID: SUSE-SU-2023:0322-1
Rating: important
References: #1207247 #1207250 #1207251
Cross-References: CVE-2006-20001 CVE-2022-36760 CVE-2022-37436
CVSS scores:
CVE-2006-20001 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2006-20001 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-36760 (NVD) : 9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
CVE-2022-36760 (SUSE): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L
CVE-2022-37436 (NVD) : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
CVE-2022-37436 (SUSE): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
Affected Products:
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4
SUSE Linux Enterprise Module for Server Applications 15-SP4
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes three vulnerabilities is now available.
Description:
This update for apache2 fixes the following issues:
- CVE-2022-37436: Fixed an issue in mod_proxy where a malicious backend
could cause the response headers to be truncated early, resulting in
some headers being incorporated into the response body (bsc#1207251).
- CVE-2022-36760: Fixed an issue in mod_proxy_ajp that could allow request
smuggling attacks (bsc#1207250).
- CVE-2006-20001: Fixed an issue in mod_proxy_ajp where a request header
could cause memory corruption (bsc#1207247).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2023-322=1
- SUSE Linux Enterprise Module for Server Applications 15-SP4:
zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP4-2023-322=1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4:
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP4-2023-322=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2023-322=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
apache2-2.4.51-150400.6.6.1
apache2-debuginfo-2.4.51-150400.6.6.1
apache2-debugsource-2.4.51-150400.6.6.1
apache2-devel-2.4.51-150400.6.6.1
apache2-event-2.4.51-150400.6.6.1
apache2-event-debuginfo-2.4.51-150400.6.6.1
apache2-example-pages-2.4.51-150400.6.6.1
apache2-prefork-2.4.51-150400.6.6.1
apache2-prefork-debuginfo-2.4.51-150400.6.6.1
apache2-utils-2.4.51-150400.6.6.1
apache2-utils-debuginfo-2.4.51-150400.6.6.1
apache2-worker-2.4.51-150400.6.6.1
apache2-worker-debuginfo-2.4.51-150400.6.6.1
- openSUSE Leap 15.4 (noarch):
apache2-doc-2.4.51-150400.6.6.1
- SUSE Linux Enterprise Module for Server Applications 15-SP4 (aarch64 ppc64le s390x x86_64):
apache2-debuginfo-2.4.51-150400.6.6.1
apache2-debugsource-2.4.51-150400.6.6.1
apache2-devel-2.4.51-150400.6.6.1
apache2-worker-2.4.51-150400.6.6.1
apache2-worker-debuginfo-2.4.51-150400.6.6.1
- SUSE Linux Enterprise Module for Server Applications 15-SP4 (noarch):
apache2-doc-2.4.51-150400.6.6.1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4 (aarch64 ppc64le s390x x86_64):
apache2-debuginfo-2.4.51-150400.6.6.1
apache2-debugsource-2.4.51-150400.6.6.1
apache2-event-2.4.51-150400.6.6.1
apache2-event-debuginfo-2.4.51-150400.6.6.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64 ppc64le s390x x86_64):
apache2-2.4.51-150400.6.6.1
apache2-debuginfo-2.4.51-150400.6.6.1
apache2-debugsource-2.4.51-150400.6.6.1
apache2-prefork-2.4.51-150400.6.6.1
apache2-prefork-debuginfo-2.4.51-150400.6.6.1
apache2-utils-2.4.51-150400.6.6.1
apache2-utils-debuginfo-2.4.51-150400.6.6.1
References:
https://www.suse.com/security/cve/CVE-2006-20001.html
https://www.suse.com/security/cve/CVE-2022-36760.html
https://www.suse.com/security/cve/CVE-2022-37436.html
https://bugzilla.suse.com/1207247
https://bugzilla.suse.com/1207250
https://bugzilla.suse.com/1207251
1
0
SUSE-SU-2023:0326-1: important: Security update for podman
by opensuse-security@opensuse.org 09 Feb '23
by opensuse-security@opensuse.org 09 Feb '23
09 Feb '23
SUSE Security Update: Security update for podman
______________________________________________________________________________
Announcement ID: SUSE-SU-2023:0326-1
Rating: important
References: #1181640 #1181961 #1193166 #1193273 #1197672
#1199790 #1202809 PED-2771
Cross-References: CVE-2021-20199 CVE-2021-20206 CVE-2021-4024
CVE-2021-41190 CVE-2022-27649 CVE-2022-2989
CVSS scores:
CVE-2021-20199 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
CVE-2021-20199 (SUSE): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
CVE-2021-20206 (NVD) : 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CVE-2021-20206 (SUSE): 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CVE-2021-4024 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
CVE-2021-4024 (SUSE): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L
CVE-2021-41190 (NVD) : 3 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:N
CVE-2021-41190 (SUSE): 5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N
CVE-2022-27649 (NVD) : 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-27649 (SUSE): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
CVE-2022-2989 (NVD) : 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
CVE-2022-2989 (SUSE): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
Affected Products:
SUSE Enterprise Storage 7.1
SUSE Linux Enterprise High Performance Computing 15-SP3-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP3-LTSS
SUSE Linux Enterprise Micro 5.1
SUSE Linux Enterprise Micro 5.2
SUSE Linux Enterprise Server 15-SP3-LTSS
SUSE Linux Enterprise Server for SAP 15-SP3
openSUSE Leap Micro 5.2
______________________________________________________________________________
An update that solves 6 vulnerabilities, contains one
feature and has one errata is now available.
Description:
This update for podman fixes the following issues:
podman was updated to version 4.3.1:
4.3.1:
* Bugfixes
- Fixed a deadlock between the `podman ps` and `podman container inspect`
commands
* Misc
- Updated the containers/image library to v5.23.1
4.3.0:
* Features
- A new command, `podman generate spec`, has been added, which creates a
JSON struct based on a given container that can be used with the Podman
REST API to create containers.
- A new command, `podman update`, has been added,which makes changes to
the resource limits of existing containers. Please note that these
changes do not persist if the container is restarted
- A new command, `podman kube down`, has been added, which removes pods
and containers created by the given Kubernetes YAML (functionality is
identical to `podman kube play --down`, but it now has its own command).
- The `podman kube play` command now supports Kubernetes secrets using
Podman's secrets backend.
- Systemd-managed pods created by the `podman kube play` command now
integrate with sd-notify, using the `io.containers.sdnotify` annotation
(or `io.containers.sdnotify/$name` for specific containers).
- Systemd-managed pods created by `podman kube play` can now be
auto-updated, using the `io.containers.auto-update` annotation (or
`io.containers.auto-update/$name` for specific containers).
- The `podman kube play` command can now read YAML from URLs, e.g. `podman
kube play https://example.com/demo.yml`
- The `podman kube play` command now supports the `emptyDir` volume type
- The `podman kube play` command now supports the `HostUsers` field in the
pod spec.
- The `podman play kube` command now supports `binaryData` in ConfigMaps.
- The `podman pod create` command can now set additional resource limits
for pods using the new `--memory-swap`, `--cpuset-mems`,
`--device-read-bps`, `--device-write-bps`, `--blkio-weight`,
`--blkio-weight-device`, and `--cpu-shares` options.
- The `podman machine init` command now supports a new option,
`--username`, to set the username that will be used to connect to the VM
as a non-root user
- The `podman volume create` command's `-o timeout=` option can now set a
timeout of 0, indicating volume plugin operations will never time out.
- Added support for a new volume driver, `image`, which allows volumes to
be created that are backed by images.
- The `podman run` and `podman create` commands support a new option,
`--env-merge`, allowing environment variables to be specified relative
to other environment variables in the image (e.g. `podman run
--env-merge "PATH=$PATH:/my/app" ...`)
- The `podman run` and `podman create` commands support a new option,
`--on-failure`, to allow action to be taken when a container fails
health checks, with the following supported actions: `none` (take no
action, the default), `kill` (kill the container), `restart` (restart
the container), and `stop` (stop the container).
- The `--keep-id` option to `podman create` and `podman run` now supports
new options, `uid` and `gid`, to set the UID and GID of the user in the
container that will be mapped to the user running Podman (e.g.
`--userns=keep-id:uid=11` will made the user running Podman to UID 11 in
the container)
- The `podman generate systemd` command now supports a new option,
`--env`/`-e`, to set environment variables in the generated unit file
- The `podman pause` and `podman unpause` commands now support the
`--latest`, `--cidfile`, and `--filter` options.
- The `podman restart` command now supports the `--cidfile` and `--filter`
options.
- The `podman rm` command now supports the `--filter` option to select
which containers will be removed.
- The `podman rmi` command now supports a new option, `--no-prune`, to
prevent the removal of dangling parents of removed images.
- The `--dns-opt` option to `podman create`, `podman run`, and `podman pod
create` has received a new alias, `--dns-option`, to improve Docker
compatibility.
- The `podman` command now features a new global flag, `--debug`/`-D`,
which enables debug-level logging (identical to `--log-level=debug`),
improving Docker compatibility.
- The `podman` command now features a new global flag, `--config`. This
flag is ignored, and is only included for Docker compatibility
- The `podman manifest create` command now accepts a new option,
`--amend`/`-a`.
- The `podman manifest create`, `podman manifest add` and `podman manifest
push` commands now accept a new option, `--insecure` (identical to
`--tls-verify=false`), improving Docker compatibility.
- The `podman secret create` command's `--driver` and `--format` options
now have new aliases, `-d` for `--driver` and `-f` for `--format`.
- The `podman secret create` command now supports a new option,
`--label`/`-l`, to add labels to created secrets.
- The `podman secret ls` command now accepts the `--quiet`/`-q` option.
- The `podman secret inspect` command now accepts a new option,
`--pretty`, to print output in human-readable format.
- The `podman stats` command now accepts the `--no-trunc` option.
- The `podman save` command now accepts the `--signature-policy` option
- The `podman pod inspect` command now allows multiple arguments to be
passed. If so, it will return a JSON array of the inspected pods
- A series of new hidden commands have been added under `podman context`
as aliases to existing `podman system connection` commands, to improve
Docker compatibility.
- The remote Podman client now supports proxying signals for attach
sessions when the `--sig-proxy` option is set
### Changes
- Duplicate volume mounts are now allowed with the `-v` option to `podman
run`, `podman create`, and `podman pod create`, so long as source,
destination, and options all match
- The `podman generate kube` and `podman play kube` commands have been
renamed to `podman kube generate` and `podman kube play` to group
Kubernetes-related commands. Aliases have been added to ensure the old
command names still function.
- A number of Podman commands (`podman init`, `podman container
checkpoint`, `podman container restore`, `podman container cleanup`) now
print the user-inputted name of the container, instead of its full ID,
on success.
- When an unsupported option (e.g. resource limit) is specified for a
rootless container on a cgroups v1 system, a warning message is now
printed that the limit will not be honored.
- The installer for the Windows Podman client has been improved.
- The `--cpu-rt-period` and `--cpu-rt-runtime` options to `podman run` and
`podman create` now print a warning and are ignored on cgroups v2
systems (cgroups v2 having dropped support for these controllers)
- Privileged containers running systemd will no longer mount `/dev/tty*`
devices other than `/dev/tty` itself into the container
- Events for containers that are part of a pod now include the ID of the
pod in the event.
- SSH functionality for `podman machine` commands has seen a thorough
rework, addressing many issues about authentication.
- The `--network` option to `podman kube play` now allows passing `host`
to set the pod to use host networking, even if the YAML does not request
this.
- The `podman inspect` command on containers now includes the digest of
the image used to create the container.
- Pods created by `podman play kube` are now, by default, placed into a
network named `podman-kube`. If the `podman-kube` network does not
exist, it will be created. This ensures pods can connect to each other
by their names, as the network has DNS enabled.
Update to version 4.2.0:
* Features
- Podman now supports the Gitlab Runner (using the Docker executor),
allowing its use in Gitlab CI/CD pipelines.
- A new command has been added, podman pod clone, to create a copy of an
existing pod. It supports several options, including --start to start
the new pod, --destroy to remove the original pod, and --name to change
the name of the new pod
- A new command has been added, podman volume reload, to sync changes in
state between Podman's database and any configured volume plugins
- A new command has been added, podman machine info, which displays
information about the host and the versions of various machine
components.
- Pods created by podman play kube can now be managed by systemd unit
files. This can be done via a new systemd service, podman-kube@.service
- e.g. systemctl --user start podman-play-kube@$(systemd-escape
my.yaml).service will run the Kubernetes pod or deployment contained in
my.yaml under systemd.
- The podman play kube command now honors the RunAsUser, RunAsGroup, and
SupplementalGroups setting from the Kubernetes pod's security context.
- The podman play kube command now supports volumes with the BlockDevice
and CharDevice types
- The podman play kube command now features a new flag, --userns, to set
the user namespace of created pods. Two values are allowed at present:
host and auto
- The podman play kube command now supports setting the type of created
init containers via the io.podman.annotations.init.container.type
annotation.
- Pods now have include an exit policy (configurable via the --exit-policy
option to podman pod create), which determines what will happen to the
pod's infra container when the entire pod stops. The default, continue,
acts as Podman currently does, while a new option, stop, stops the infra
container after the last container in the pod stops, and is used by
default for pods from podman play kube
- The podman pod create command now allows the pod's name to be specified
as an argument, instead of using the --name option - for example, podman
pod create mypod instead of the prior podman pod create --name mypod.
Please note that the --name option is not deprecated and will continue
to work.
- The podman pod create command's --share option now supports adding
namespaces to the set by prefacing them with + (as opposed to specifying
all namespaces that should be shared)
- The podman pod create command has a new option, --shm-size, to specify
the size of the /dev/shm mount that will be shared if the pod shares its
UTS namespace (#14609).
- The podman pod create command has a new option, --uts, to configure the
UTS namespace that will be shared by containers in the pod.
- The podman pod create command now supports setting pod-level resource
limits via the --cpus, --cpuset-cpus, and --memory options. These will
set a limit for all containers in the pod, while individual containers
within the pod are allowed to set further limits. Look forward to more
options for resource limits in our next release!
- The podman create and podman run commands now include the -c short
option for the --cpu-shares option.
- The podman create and podman run commands can now create containers from
a manifest list (and not an image) as long as the --platform option is
specified (#14773).
- The podman build command now supports a new option, --cpp-flag, to
specify options for the C preprocessor when using Containerfile.in files
that require preprocessing.
- The podman build command now supports a new option, --build-context,
allowing the user to specify an additional build context.
- The podman machine inspect command now prints the location of the VM's
Podman API socket on the host (#14231).
- The podman machine init command on Windows now fetches an image with
packages pre-installed (#14698).
- Unused, cached Podman machine VM images are now cleaned up
automatically. Note that because Podman now caches in a different
directory, this will not clean up old images pulled before this change
(#14697).
- The default for the --image-volume option to podman run and podman
create can now have its default set through the image_volume_mode
setting in containers.conf (#14230).
- Overlay volumes now support two new options, workdir and upperdir, to
allow multiple overlay volumes from different containers to reuse the
same workdir or upperdir (#14427).
- The podman volume create command now supports two new options, copy and
nocopy, to control whether contents from the overmounted folder in a
container will be copied into the newly-created named volume (copy-up).
- Volumes created using a volume plugin can now specify a timeout for all
operations that contact the volume plugin (replacing the standard 5
second timeout) via the --opt o=timeout= option to podman volume create
(BZ 2080458).
- The podman volume ls command's --filter name= option now supports
regular expression matching for volume names (#14583).
- When used with a podman machine VM, volumes now support specification of
the 9p security model using the security_model option to podman create
-v and podman run -v.
- The remote Podman client's podman push command now supports the
--remove-signatures option (#14558).
- The remote Podman client now supports the podman image scp command.
- The podman image scp command now supports tagging the transferred image
with a new name.
- The podman network ls command supports a new filter, --filter dangling=,
to list networks not presently used by any containers (#14595).
- The --condition option to podman wait can now be specified multiple
times to wait on any one of multiple conditions.
- The podman events command now includes the -f short option for the
--filter option.
- The podman pull command now includes the -a short option for the
--all-tags option.
- The podman stop command now includes a new flag, --filter, to filter
which containers will be stopped (e.g. podman stop --all --filter
label=COM.MY.APP).
- The Podman global option --url now has two aliases: -H and --host.
- The podman network create command now supports a new option with the
default bridge driver, --opt isolate=, which isolates the network by
blocking any traffic from it to any other network with the isolate
option enabled. This option is enabled by default for networks created
using the Docker-compatible API.
- Added the ability to create sigstore signatures in podman push and
podman manifest push.
- Added an option to read image signing passphrase from a file.
* Changes
- Paused containers can now be killed with the podman kill command.
- The podman system prune command now removes unused networks.
- The --userns=keep-id and --userns=nomap options to the podman run and
podman create commands are no longer allowed (instead of simply being
ignored) with root Podman.
- If the /run directory for a container is part of a volume, Podman will
not create the /run/.containerenv file (#14577).
- The podman machine stop command on macOS now waits for the machine to be
completely stopped to exit (#14148).
- All podman machine commands now only support being run as rootless,
given that VMs only functioned when run rootless.
- The podman unpause --all command will now only attempt to unpause
containers that are paused, not all containers.
- Init containers created with podman play kube now default to the once
type (#14877).
- Pods created with no shared namespaces will no longer create an infra
container unless one is explicitly requested (#15048).
- The podman create, podman run, and podman cp commands can now
autocomplete paths in the image or container via the shell completion.
- The libpod/common package has been removed as it's not used anywhere.
- The --userns option to podman create and podman run is no longer
accepted when an explicit UID or GID mapping is specified (#15233).
* Misc
- Podman will now check for nameservers in
/run/NetworkManager/no-stub-resolv.conf if the /etc/resolv.conf file
only contains a localhost server.
- The podman build command now supports caching with builds that specify
--squash-all by allowing the --layers flag to be used at the same time.
- Podman Machine support for QEMU installations at non-default paths has
been improved.
- The podman machine ssh command no longer prints spurious warnings every
time it is run.
- When accessing the WSL prompt on Windows, the rootless user will be
preferred.
- The podman info command now includes a field for information on
supported authentication plugins for improved Docker compatibility.
Authentication plugins are not presently supported by Podman, so this
field is always empty.
- The podman system prune command now no longer prints the Deleted Images
header if no images were pruned.
- The podman system service command now automatically creates and moves to
a sub-cgroup when running in the root cgroup (#14573).
- Updated Buildah to v1.27.0 (fixes CVE-2022-21698 / bsc#1196338)
- Updated the containers/image library to v5.22.0
- Updated the containers/storage library to v1.42.0 (fixes bsc#1196751)
- Updated the containers/common library to v0.49.1
- Podman will automatically create a sub-cgroup and move itself into it
when it detects that it is running inside a container (#14884).
- Fixed an incorrect release note about regexp.
- A new MacOS installer (via pkginstaller) is now supported.
Update to version 4.1.1:
* The output of the podman load command now mirrors that of docker load.
* Podman now supports Docker Compose v2.2 and higher. Please note that it
may be necessary to disable the use of Buildkit by setting the
environment variable DOCKER_BUILDKIT=0.
* A new container command has been added, podman container clone. This
command makes a copy of an existing container, with the ability to
change some settings (e.g. resource limits) while doing so.
* Podman now supports sending JSON events related to machines to a Unix
socket named machine_events.*\.sock in XDG_RUNTIME_DIR/podman or to a
socket whose path is set in the PODMAN_MACHINE_EVENTS_SOCK environment
variable.
* Two new volume commands have been added, podman volume mount and podman
volume unmount. These allow for Podman-managed named volumes to be
mounted and accessed from outside containers.
* The podman container checkpoint and podman container restore options now
support checkpointing to and restoring from OCI images. This allows
checkpoints to be distributed via standard image registries.
* The podman play kube command now supports environment variables that are
specified using the fieldRef and resourceFieldRef sources.
* The podman play kube command will now set default resource limits when
the provided YAML does not include them.
* The podman play kube command now supports a new option, --annotation, to
add annotations to created containers.
* The podman play kube --build command now supports a new option,
--context-dir, which allows the user to specify the context directory to
use when building the Containerfile.
* The podman container commit command now supports a new option, --squash,
which squashes the generated image into a single layer.
* The podman pod logs command now supports two new options, --names, which
identifies which container generated a log message by name, instead of
ID and --color, which colors messages based on what container generated
them.
* The podman rmi command now supports a new option, --ignore, which will
ignore errors caused by missing images.
* The podman network create command now features a new option,
--ipam-driver, to specify details about how IP addresses are assigned to
containers in the network.
* The podman machine list command now features a new option, --quiet, to
print only the names of configured VMs and no other information.
* The --ipc option to the podman create, podman run, and podman pod create
commands now supports three new modes: none, private, and shareable. The
default IPC mode is now shareable, indicating the the IPC namespace can
be shared with other containers.
* The --mount option to the podman create and podman run commands can now
set options for created named volumes via the volume-opt parameter.
* The --mount option to the podman create and podman run commands now
allows parameters to be passed in CSV format.
* The --userns option to the podman create and podman run commands now
supports a new option, nomap, that (only for rootless containers) does
not map the UID of the user that started the container into the
container, increasing security.
* The podman import command now supports three new options, --arch, --os,
and --variant, to specify what system the imported image was built for.
* The podman inspect command now includes information on the network
configuration of containers that joined a pre-configured network
namespace with the --net ns: option to podman run, podman create, and
podman pod create.
* The podman run and podman create commands now support a new option,
--chrootdirs, which specifies additional locations where
container-specific files managed by Podman (e.g. /etc/hosts,
`/etc/resolv.conf, etc) will be mounted inside the container (#12961).
* The podman run and podman create commands now support a new option,
--passwd-entry, allowing entries to be added to the container's
/etc/passwd file.
* The podman images --format command now accepts two new format
directives: {{.CreatedAt}} and {{.CreatedSince}}.
* The podman volume create command's -o option now accepts a new argument,
o=noquota, to disable XFS quotas entirely and avoid potential issues
when Podman is run on an XFS filesystem with existing quotas defined.
* The podman info command now includes additional information on the
machine Podman is running on, including disk utilization on the drive
Podman is storing containers and images on, and CPU utilization.
* Fix CVE-2022-27191 / bsc#1197284
- Require catatonit >= 0.1.7 for pause functionality needed by pods
Update to version 4.0.3:
* Security
- This release fixes CVE-2022-27649, where containers run by Podman
would have excess inheritable capabilities set.
* Changes
- The podman machine rm --force command will now remove running machines
as well (such machines are shut down first, then removed) (#13448).
- When a podman machine VM is started that is using a too-old VM image,
it will now start in a reduced functionality mode, and provide
instructions on how to recreate it (previously, VMs were effectively
unusable) (#13510).
- Updated the containers/common library to v0.47.5
- This release addresses CVE-2021-4024 / bsc#1193166, where the podman
machine command opened the gvproxy API (used to forward ports to podman
machine VMs) to the public internet on port 7777.
- This release addresses CVE-2021-41190 / bsc#1193273, where incomplete
specification of behavior regarding image manifests could lead to
inconsistent decoding on different clients.
Update to version 3.1.0: (bsc#1181961, CVE-2021-20206)
- A fix for CVE-2021-20199 / bsc#1181640 is included. Podman between
v1.8.0 and v2.2.1 used 127.0.0.1 as the source address for all traffic
forwarded into rootless containers by a forwarded port; this has been
changed to address the issue.
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap Micro 5.2:
zypper in -t patch openSUSE-Leap-Micro-5.2-2023-326=1
- SUSE Linux Enterprise Server for SAP 15-SP3:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2023-326=1
- SUSE Linux Enterprise Server 15-SP3-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2023-326=1
- SUSE Linux Enterprise Micro 5.2:
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2023-326=1
- SUSE Linux Enterprise Micro 5.1:
zypper in -t patch SUSE-SUSE-MicroOS-5.1-2023-326=1
- SUSE Linux Enterprise High Performance Computing 15-SP3-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2023-326=1
- SUSE Linux Enterprise High Performance Computing 15-SP3-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-ESPOS-2023-326=1
- SUSE Enterprise Storage 7.1:
zypper in -t patch SUSE-Storage-7.1-2023-326=1
Package List:
- openSUSE Leap Micro 5.2 (aarch64 x86_64):
podman-4.3.1-150300.9.15.1
podman-debuginfo-4.3.1-150300.9.15.1
- openSUSE Leap Micro 5.2 (noarch):
podman-cni-config-4.3.1-150300.9.15.1
- SUSE Linux Enterprise Server for SAP 15-SP3 (ppc64le x86_64):
podman-4.3.1-150300.9.15.1
- SUSE Linux Enterprise Server for SAP 15-SP3 (noarch):
podman-cni-config-4.3.1-150300.9.15.1
- SUSE Linux Enterprise Server 15-SP3-LTSS (aarch64 ppc64le s390x x86_64):
podman-4.3.1-150300.9.15.1
- SUSE Linux Enterprise Server 15-SP3-LTSS (noarch):
podman-cni-config-4.3.1-150300.9.15.1
- SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64):
podman-4.3.1-150300.9.15.1
podman-debuginfo-4.3.1-150300.9.15.1
- SUSE Linux Enterprise Micro 5.2 (noarch):
podman-cni-config-4.3.1-150300.9.15.1
- SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64):
podman-4.3.1-150300.9.15.1
- SUSE Linux Enterprise Micro 5.1 (noarch):
podman-cni-config-4.3.1-150300.9.15.1
- SUSE Linux Enterprise High Performance Computing 15-SP3-LTSS (aarch64 x86_64):
podman-4.3.1-150300.9.15.1
- SUSE Linux Enterprise High Performance Computing 15-SP3-LTSS (noarch):
podman-cni-config-4.3.1-150300.9.15.1
- SUSE Linux Enterprise High Performance Computing 15-SP3-ESPOS (aarch64 x86_64):
podman-4.3.1-150300.9.15.1
- SUSE Linux Enterprise High Performance Computing 15-SP3-ESPOS (noarch):
podman-cni-config-4.3.1-150300.9.15.1
- SUSE Enterprise Storage 7.1 (aarch64 x86_64):
podman-4.3.1-150300.9.15.1
podman-debuginfo-4.3.1-150300.9.15.1
- SUSE Enterprise Storage 7.1 (noarch):
podman-cni-config-4.3.1-150300.9.15.1
References:
https://www.suse.com/security/cve/CVE-2021-20199.html
https://www.suse.com/security/cve/CVE-2021-20206.html
https://www.suse.com/security/cve/CVE-2021-4024.html
https://www.suse.com/security/cve/CVE-2021-41190.html
https://www.suse.com/security/cve/CVE-2022-27649.html
https://www.suse.com/security/cve/CVE-2022-2989.html
https://bugzilla.suse.com/1181640
https://bugzilla.suse.com/1181961
https://bugzilla.suse.com/1193166
https://bugzilla.suse.com/1193273
https://bugzilla.suse.com/1197672
https://bugzilla.suse.com/1199790
https://bugzilla.suse.com/1202809
1
0
SUSE-SU-2023:0328-1: moderate: Security update for rubygem-globalid
by opensuse-security@opensuse.org 09 Feb '23
by opensuse-security@opensuse.org 09 Feb '23
09 Feb '23
SUSE Security Update: Security update for rubygem-globalid
______________________________________________________________________________
Announcement ID: SUSE-SU-2023:0328-1
Rating: moderate
References: #1207587
Cross-References: CVE-2023-22799
CVSS scores:
CVE-2023-22799 (SUSE): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products:
SUSE Linux Enterprise High Availability 15-SP1
SUSE Linux Enterprise High Availability 15-SP2
SUSE Linux Enterprise High Availability 15-SP3
SUSE Linux Enterprise High Availability 15-SP4
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for rubygem-globalid fixes the following issues:
- CVE-2023-22799: Fixed ReDoS vulnerability (bsc#1207587).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2023-328=1
- SUSE Linux Enterprise High Availability 15-SP4:
zypper in -t patch SUSE-SLE-Product-HA-15-SP4-2023-328=1
- SUSE Linux Enterprise High Availability 15-SP3:
zypper in -t patch SUSE-SLE-Product-HA-15-SP3-2023-328=1
- SUSE Linux Enterprise High Availability 15-SP2:
zypper in -t patch SUSE-SLE-Product-HA-15-SP2-2023-328=1
- SUSE Linux Enterprise High Availability 15-SP1:
zypper in -t patch SUSE-SLE-Product-HA-15-SP1-2023-328=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
ruby2.5-rubygem-globalid-0.4.1-150000.3.3.1
ruby2.5-rubygem-globalid-doc-0.4.1-150000.3.3.1
- SUSE Linux Enterprise High Availability 15-SP4 (aarch64 ppc64le s390x x86_64):
ruby2.5-rubygem-globalid-0.4.1-150000.3.3.1
- SUSE Linux Enterprise High Availability 15-SP3 (aarch64 ppc64le s390x x86_64):
ruby2.5-rubygem-globalid-0.4.1-150000.3.3.1
- SUSE Linux Enterprise High Availability 15-SP2 (aarch64 ppc64le s390x x86_64):
ruby2.5-rubygem-globalid-0.4.1-150000.3.3.1
- SUSE Linux Enterprise High Availability 15-SP1 (aarch64 ppc64le s390x x86_64):
ruby2.5-rubygem-globalid-0.4.1-150000.3.3.1
References:
https://www.suse.com/security/cve/CVE-2023-22799.html
https://bugzilla.suse.com/1207587
1
0
SUSE-SU-2023:0314-1: important: Security update for apache2-mod_security2
by opensuse-security@opensuse.org 09 Feb '23
by opensuse-security@opensuse.org 09 Feb '23
09 Feb '23
SUSE Security Update: Security update for apache2-mod_security2
______________________________________________________________________________
Announcement ID: SUSE-SU-2023:0314-1
Rating: important
References: #1207378
Cross-References: CVE-2022-48279
CVSS scores:
CVE-2022-48279 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CVE-2022-48279 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Affected Products:
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Server Applications 15-SP4
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for apache2-mod_security2 fixes the following issues:
- CVE-2022-48279: Fixed a potential firewall bypass due to an incorrect
parsing of HTTP multipart requests (bsc#1207378).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2023-314=1
- SUSE Linux Enterprise Module for Server Applications 15-SP4:
zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP4-2023-314=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
apache2-mod_security2-2.9.4-150400.3.3.1
apache2-mod_security2-debuginfo-2.9.4-150400.3.3.1
apache2-mod_security2-debugsource-2.9.4-150400.3.3.1
- SUSE Linux Enterprise Module for Server Applications 15-SP4 (aarch64 ppc64le s390x x86_64):
apache2-mod_security2-2.9.4-150400.3.3.1
apache2-mod_security2-debuginfo-2.9.4-150400.3.3.1
apache2-mod_security2-debugsource-2.9.4-150400.3.3.1
References:
https://www.suse.com/security/cve/CVE-2022-48279.html
https://bugzilla.suse.com/1207378
1
0
openSUSE-SU-2023:0041-1: important: Security update for EternalTerminal
by opensuse-security@opensuse.org 08 Feb '23
by opensuse-security@opensuse.org 08 Feb '23
08 Feb '23
openSUSE Security Update: Security update for EternalTerminal
______________________________________________________________________________
Announcement ID: openSUSE-SU-2023:0041-1
Rating: important
References: #1207123 #1207124
Cross-References: CVE-2022-48257 CVE-2022-48258
CVSS scores:
CVE-2022-48257 (NVD) : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
CVE-2022-48258 (NVD) : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Affected Products:
openSUSE Backports SLE-15-SP4
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for EternalTerminal fixes the following issues:
EternalTerminal was updated to 6.2.4:
* CVE-2022-48257, CVE-2022-48258 remedied
* fix readme regarding port forwarding #522
* Fix test failures that started appearing in CI #526
* Add documentation for the EternalTerminal protocol #523
* ssh-et: apply upstream updates #527
* docs: write gpg key to trusted.gpg.d for APT #530
* Support for ipv6 addresses (with or without port specified) #536
* ipv6 abbreviated address support #539
* Fix launchd plist config to remove daemonization. #540
* Explicitly set verbosity from cxxopts value. #542
* Remove daemon flag in systemd config #549
* Format all source with clang-format. #552
* Fix tunnel parsing exception handling. #550
* Fix SIGTERM behavior that causes systemd control of etserver to
timeout. #554
* Parse telemetry ini config as boolean and make telemetry opt-in. #553
* Logfile open mode and permission plus location configurability. #556
- boo#1207123 (CVE-2022-48257) Fix predictable logfile names in /tmp
- boo#1207124 (CVE-2022-48258) Fix etserver and etclient have
world-readable logfiles
- Note: Upstream released 6.2.2 with fixes then 6.2.4 and later removed
6.2.2 and redid 6.2.4
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Backports SLE-15-SP4:
zypper in -t patch openSUSE-2023-41=1
Package List:
- openSUSE Backports SLE-15-SP4 (aarch64 x86_64):
EternalTerminal-6.2.4-bp154.2.6.1
References:
https://www.suse.com/security/cve/CVE-2022-48257.html
https://www.suse.com/security/cve/CVE-2022-48258.html
https://bugzilla.suse.com/1207123
https://bugzilla.suse.com/1207124
1
0
SUSE-SU-2023:0310-1: important: Security update for openssl-1_1
by opensuse-security@opensuse.org 07 Feb '23
by opensuse-security@opensuse.org 07 Feb '23
07 Feb '23
SUSE Security Update: Security update for openssl-1_1
______________________________________________________________________________
Announcement ID: SUSE-SU-2023:0310-1
Rating: important
References: #1121365 #1198472 #1207533 #1207534 #1207536
#1207538
Cross-References: CVE-2022-4304 CVE-2022-4450 CVE-2023-0215
CVE-2023-0286
CVSS scores:
CVE-2022-4304 (SUSE): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
CVE-2022-4450 (SUSE): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2023-0215 (SUSE): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2023-0286 (SUSE): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H
Affected Products:
SUSE Enterprise Storage 7
SUSE Enterprise Storage 7.1
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP3-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP3-LTSS
SUSE Linux Enterprise Micro 5.1
SUSE Linux Enterprise Micro 5.2
SUSE Linux Enterprise Realtime Extension 15-SP3
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server 15-SP3-LTSS
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP 15-SP3
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.2
SUSE Manager Server 4.2
openSUSE Leap Micro 5.2
______________________________________________________________________________
An update that solves four vulnerabilities and has two
fixes is now available.
Description:
This update for openssl-1_1 fixes the following issues:
- CVE-2023-0286: Fixed X.400 address type confusion in X.509
GENERAL_NAME_cmp for x400Address (bsc#1207533).
- CVE-2023-0215: Fixed use-after-free following BIO_new_NDEF()
(bsc#1207536).
- CVE-2022-4450: Fixed double free after calling PEM_read_bio_ex()
(bsc#1207538).
- CVE-2022-4304: Fixed timing Oracle in RSA Decryption (bsc#1207534).
- FIPS: list only FIPS approved public key algorithms (bsc#1121365,
bsc#1198472)
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap Micro 5.2:
zypper in -t patch openSUSE-Leap-Micro-5.2-2023-310=1
- SUSE Manager Server 4.2:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.2-2023-310=1
- SUSE Manager Retail Branch Server 4.2:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.2-2023-310=1
- SUSE Manager Proxy 4.2:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.2-2023-310=1
- SUSE Linux Enterprise Server for SAP 15-SP3:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2023-310=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2023-310=1
- SUSE Linux Enterprise Server 15-SP3-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2023-310=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2023-310=1
- SUSE Linux Enterprise Realtime Extension 15-SP3:
zypper in -t patch SUSE-SLE-Product-RT-15-SP3-2023-310=1
- SUSE Linux Enterprise Micro 5.2:
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2023-310=1
- SUSE Linux Enterprise Micro 5.1:
zypper in -t patch SUSE-SUSE-MicroOS-5.1-2023-310=1
- SUSE Linux Enterprise High Performance Computing 15-SP3-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2023-310=1
- SUSE Linux Enterprise High Performance Computing 15-SP3-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-ESPOS-2023-310=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2023-310=1
- SUSE Enterprise Storage 7.1:
zypper in -t patch SUSE-Storage-7.1-2023-310=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2023-310=1
Package List:
- openSUSE Leap Micro 5.2 (aarch64 x86_64):
libopenssl-1_1-devel-1.1.1d-150200.11.57.1
libopenssl1_1-1.1.1d-150200.11.57.1
libopenssl1_1-debuginfo-1.1.1d-150200.11.57.1
libopenssl1_1-hmac-1.1.1d-150200.11.57.1
openssl-1_1-1.1.1d-150200.11.57.1
openssl-1_1-debuginfo-1.1.1d-150200.11.57.1
openssl-1_1-debugsource-1.1.1d-150200.11.57.1
- SUSE Manager Server 4.2 (ppc64le s390x x86_64):
libopenssl-1_1-devel-1.1.1d-150200.11.57.1
libopenssl1_1-1.1.1d-150200.11.57.1
libopenssl1_1-debuginfo-1.1.1d-150200.11.57.1
libopenssl1_1-hmac-1.1.1d-150200.11.57.1
openssl-1_1-1.1.1d-150200.11.57.1
openssl-1_1-debuginfo-1.1.1d-150200.11.57.1
openssl-1_1-debugsource-1.1.1d-150200.11.57.1
- SUSE Manager Server 4.2 (x86_64):
libopenssl-1_1-devel-32bit-1.1.1d-150200.11.57.1
libopenssl1_1-32bit-1.1.1d-150200.11.57.1
libopenssl1_1-32bit-debuginfo-1.1.1d-150200.11.57.1
libopenssl1_1-hmac-32bit-1.1.1d-150200.11.57.1
- SUSE Manager Retail Branch Server 4.2 (x86_64):
libopenssl-1_1-devel-1.1.1d-150200.11.57.1
libopenssl-1_1-devel-32bit-1.1.1d-150200.11.57.1
libopenssl1_1-1.1.1d-150200.11.57.1
libopenssl1_1-32bit-1.1.1d-150200.11.57.1
libopenssl1_1-32bit-debuginfo-1.1.1d-150200.11.57.1
libopenssl1_1-debuginfo-1.1.1d-150200.11.57.1
libopenssl1_1-hmac-1.1.1d-150200.11.57.1
libopenssl1_1-hmac-32bit-1.1.1d-150200.11.57.1
openssl-1_1-1.1.1d-150200.11.57.1
openssl-1_1-debuginfo-1.1.1d-150200.11.57.1
openssl-1_1-debugsource-1.1.1d-150200.11.57.1
- SUSE Manager Proxy 4.2 (x86_64):
libopenssl-1_1-devel-1.1.1d-150200.11.57.1
libopenssl-1_1-devel-32bit-1.1.1d-150200.11.57.1
libopenssl1_1-1.1.1d-150200.11.57.1
libopenssl1_1-32bit-1.1.1d-150200.11.57.1
libopenssl1_1-32bit-debuginfo-1.1.1d-150200.11.57.1
libopenssl1_1-debuginfo-1.1.1d-150200.11.57.1
libopenssl1_1-hmac-1.1.1d-150200.11.57.1
libopenssl1_1-hmac-32bit-1.1.1d-150200.11.57.1
openssl-1_1-1.1.1d-150200.11.57.1
openssl-1_1-debuginfo-1.1.1d-150200.11.57.1
openssl-1_1-debugsource-1.1.1d-150200.11.57.1
- SUSE Linux Enterprise Server for SAP 15-SP3 (ppc64le x86_64):
libopenssl-1_1-devel-1.1.1d-150200.11.57.1
libopenssl1_1-1.1.1d-150200.11.57.1
libopenssl1_1-debuginfo-1.1.1d-150200.11.57.1
libopenssl1_1-hmac-1.1.1d-150200.11.57.1
openssl-1_1-1.1.1d-150200.11.57.1
openssl-1_1-debuginfo-1.1.1d-150200.11.57.1
openssl-1_1-debugsource-1.1.1d-150200.11.57.1
- SUSE Linux Enterprise Server for SAP 15-SP3 (noarch):
openssl-1_1-doc-1.1.1d-150200.11.57.1
- SUSE Linux Enterprise Server for SAP 15-SP3 (x86_64):
libopenssl-1_1-devel-32bit-1.1.1d-150200.11.57.1
libopenssl1_1-32bit-1.1.1d-150200.11.57.1
libopenssl1_1-32bit-debuginfo-1.1.1d-150200.11.57.1
libopenssl1_1-hmac-32bit-1.1.1d-150200.11.57.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64):
libopenssl-1_1-devel-1.1.1d-150200.11.57.1
libopenssl1_1-1.1.1d-150200.11.57.1
libopenssl1_1-debuginfo-1.1.1d-150200.11.57.1
libopenssl1_1-hmac-1.1.1d-150200.11.57.1
openssl-1_1-1.1.1d-150200.11.57.1
openssl-1_1-debuginfo-1.1.1d-150200.11.57.1
openssl-1_1-debugsource-1.1.1d-150200.11.57.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (x86_64):
libopenssl1_1-32bit-1.1.1d-150200.11.57.1
libopenssl1_1-32bit-debuginfo-1.1.1d-150200.11.57.1
libopenssl1_1-hmac-32bit-1.1.1d-150200.11.57.1
- SUSE Linux Enterprise Server 15-SP3-LTSS (aarch64 ppc64le s390x x86_64):
libopenssl-1_1-devel-1.1.1d-150200.11.57.1
libopenssl1_1-1.1.1d-150200.11.57.1
libopenssl1_1-debuginfo-1.1.1d-150200.11.57.1
libopenssl1_1-hmac-1.1.1d-150200.11.57.1
openssl-1_1-1.1.1d-150200.11.57.1
openssl-1_1-debuginfo-1.1.1d-150200.11.57.1
openssl-1_1-debugsource-1.1.1d-150200.11.57.1
- SUSE Linux Enterprise Server 15-SP3-LTSS (noarch):
openssl-1_1-doc-1.1.1d-150200.11.57.1
- SUSE Linux Enterprise Server 15-SP3-LTSS (x86_64):
libopenssl-1_1-devel-32bit-1.1.1d-150200.11.57.1
libopenssl1_1-32bit-1.1.1d-150200.11.57.1
libopenssl1_1-32bit-debuginfo-1.1.1d-150200.11.57.1
libopenssl1_1-hmac-32bit-1.1.1d-150200.11.57.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64):
libopenssl-1_1-devel-1.1.1d-150200.11.57.1
libopenssl1_1-1.1.1d-150200.11.57.1
libopenssl1_1-debuginfo-1.1.1d-150200.11.57.1
libopenssl1_1-hmac-1.1.1d-150200.11.57.1
openssl-1_1-1.1.1d-150200.11.57.1
openssl-1_1-debuginfo-1.1.1d-150200.11.57.1
openssl-1_1-debugsource-1.1.1d-150200.11.57.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (x86_64):
libopenssl1_1-32bit-1.1.1d-150200.11.57.1
libopenssl1_1-32bit-debuginfo-1.1.1d-150200.11.57.1
libopenssl1_1-hmac-32bit-1.1.1d-150200.11.57.1
- SUSE Linux Enterprise Realtime Extension 15-SP3 (x86_64):
libopenssl-1_1-devel-1.1.1d-150200.11.57.1
libopenssl-1_1-devel-32bit-1.1.1d-150200.11.57.1
libopenssl1_1-1.1.1d-150200.11.57.1
libopenssl1_1-32bit-1.1.1d-150200.11.57.1
libopenssl1_1-32bit-debuginfo-1.1.1d-150200.11.57.1
libopenssl1_1-debuginfo-1.1.1d-150200.11.57.1
libopenssl1_1-hmac-1.1.1d-150200.11.57.1
libopenssl1_1-hmac-32bit-1.1.1d-150200.11.57.1
openssl-1_1-1.1.1d-150200.11.57.1
openssl-1_1-debuginfo-1.1.1d-150200.11.57.1
openssl-1_1-debugsource-1.1.1d-150200.11.57.1
- SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64):
libopenssl-1_1-devel-1.1.1d-150200.11.57.1
libopenssl1_1-1.1.1d-150200.11.57.1
libopenssl1_1-debuginfo-1.1.1d-150200.11.57.1
libopenssl1_1-hmac-1.1.1d-150200.11.57.1
openssl-1_1-1.1.1d-150200.11.57.1
openssl-1_1-debuginfo-1.1.1d-150200.11.57.1
openssl-1_1-debugsource-1.1.1d-150200.11.57.1
- SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64):
libopenssl-1_1-devel-1.1.1d-150200.11.57.1
libopenssl1_1-1.1.1d-150200.11.57.1
libopenssl1_1-debuginfo-1.1.1d-150200.11.57.1
libopenssl1_1-hmac-1.1.1d-150200.11.57.1
openssl-1_1-1.1.1d-150200.11.57.1
openssl-1_1-debuginfo-1.1.1d-150200.11.57.1
openssl-1_1-debugsource-1.1.1d-150200.11.57.1
- SUSE Linux Enterprise High Performance Computing 15-SP3-LTSS (aarch64 x86_64):
libopenssl-1_1-devel-1.1.1d-150200.11.57.1
libopenssl1_1-1.1.1d-150200.11.57.1
libopenssl1_1-debuginfo-1.1.1d-150200.11.57.1
libopenssl1_1-hmac-1.1.1d-150200.11.57.1
openssl-1_1-1.1.1d-150200.11.57.1
openssl-1_1-debuginfo-1.1.1d-150200.11.57.1
openssl-1_1-debugsource-1.1.1d-150200.11.57.1
- SUSE Linux Enterprise High Performance Computing 15-SP3-LTSS (x86_64):
libopenssl-1_1-devel-32bit-1.1.1d-150200.11.57.1
libopenssl1_1-32bit-1.1.1d-150200.11.57.1
libopenssl1_1-32bit-debuginfo-1.1.1d-150200.11.57.1
libopenssl1_1-hmac-32bit-1.1.1d-150200.11.57.1
- SUSE Linux Enterprise High Performance Computing 15-SP3-LTSS (noarch):
openssl-1_1-doc-1.1.1d-150200.11.57.1
- SUSE Linux Enterprise High Performance Computing 15-SP3-ESPOS (aarch64 x86_64):
libopenssl-1_1-devel-1.1.1d-150200.11.57.1
libopenssl1_1-1.1.1d-150200.11.57.1
libopenssl1_1-debuginfo-1.1.1d-150200.11.57.1
libopenssl1_1-hmac-1.1.1d-150200.11.57.1
openssl-1_1-1.1.1d-150200.11.57.1
openssl-1_1-debuginfo-1.1.1d-150200.11.57.1
openssl-1_1-debugsource-1.1.1d-150200.11.57.1
- SUSE Linux Enterprise High Performance Computing 15-SP3-ESPOS (x86_64):
libopenssl-1_1-devel-32bit-1.1.1d-150200.11.57.1
libopenssl1_1-32bit-1.1.1d-150200.11.57.1
libopenssl1_1-32bit-debuginfo-1.1.1d-150200.11.57.1
libopenssl1_1-hmac-32bit-1.1.1d-150200.11.57.1
- SUSE Linux Enterprise High Performance Computing 15-SP3-ESPOS (noarch):
openssl-1_1-doc-1.1.1d-150200.11.57.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64):
libopenssl-1_1-devel-1.1.1d-150200.11.57.1
libopenssl1_1-1.1.1d-150200.11.57.1
libopenssl1_1-debuginfo-1.1.1d-150200.11.57.1
libopenssl1_1-hmac-1.1.1d-150200.11.57.1
openssl-1_1-1.1.1d-150200.11.57.1
openssl-1_1-debuginfo-1.1.1d-150200.11.57.1
openssl-1_1-debugsource-1.1.1d-150200.11.57.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (x86_64):
libopenssl1_1-32bit-1.1.1d-150200.11.57.1
libopenssl1_1-32bit-debuginfo-1.1.1d-150200.11.57.1
libopenssl1_1-hmac-32bit-1.1.1d-150200.11.57.1
- SUSE Enterprise Storage 7.1 (aarch64 x86_64):
libopenssl-1_1-devel-1.1.1d-150200.11.57.1
libopenssl1_1-1.1.1d-150200.11.57.1
libopenssl1_1-debuginfo-1.1.1d-150200.11.57.1
libopenssl1_1-hmac-1.1.1d-150200.11.57.1
openssl-1_1-1.1.1d-150200.11.57.1
openssl-1_1-debuginfo-1.1.1d-150200.11.57.1
openssl-1_1-debugsource-1.1.1d-150200.11.57.1
- SUSE Enterprise Storage 7.1 (noarch):
openssl-1_1-doc-1.1.1d-150200.11.57.1
- SUSE Enterprise Storage 7.1 (x86_64):
libopenssl-1_1-devel-32bit-1.1.1d-150200.11.57.1
libopenssl1_1-32bit-1.1.1d-150200.11.57.1
libopenssl1_1-32bit-debuginfo-1.1.1d-150200.11.57.1
libopenssl1_1-hmac-32bit-1.1.1d-150200.11.57.1
- SUSE Enterprise Storage 7 (aarch64 x86_64):
libopenssl-1_1-devel-1.1.1d-150200.11.57.1
libopenssl1_1-1.1.1d-150200.11.57.1
libopenssl1_1-debuginfo-1.1.1d-150200.11.57.1
libopenssl1_1-hmac-1.1.1d-150200.11.57.1
openssl-1_1-1.1.1d-150200.11.57.1
openssl-1_1-debuginfo-1.1.1d-150200.11.57.1
openssl-1_1-debugsource-1.1.1d-150200.11.57.1
- SUSE Enterprise Storage 7 (x86_64):
libopenssl1_1-32bit-1.1.1d-150200.11.57.1
libopenssl1_1-32bit-debuginfo-1.1.1d-150200.11.57.1
libopenssl1_1-hmac-32bit-1.1.1d-150200.11.57.1
References:
https://www.suse.com/security/cve/CVE-2022-4304.html
https://www.suse.com/security/cve/CVE-2022-4450.html
https://www.suse.com/security/cve/CVE-2023-0215.html
https://www.suse.com/security/cve/CVE-2023-0286.html
https://bugzilla.suse.com/1121365
https://bugzilla.suse.com/1198472
https://bugzilla.suse.com/1207533
https://bugzilla.suse.com/1207534
https://bugzilla.suse.com/1207536
https://bugzilla.suse.com/1207538
1
0
SUSE-SU-2023:0311-1: important: Security update for openssl-1_1
by opensuse-security@opensuse.org 07 Feb '23
by opensuse-security@opensuse.org 07 Feb '23
07 Feb '23
SUSE Security Update: Security update for openssl-1_1
______________________________________________________________________________
Announcement ID: SUSE-SU-2023:0311-1
Rating: important
References: #1207533 #1207534 #1207536 #1207538
Cross-References: CVE-2022-4304 CVE-2022-4450 CVE-2023-0215
CVE-2023-0286
CVSS scores:
CVE-2022-4304 (SUSE): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
CVE-2022-4450 (SUSE): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2023-0215 (SUSE): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2023-0286 (SUSE): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H
Affected Products:
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Micro 5.3
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.3
openSUSE Leap 15.4
openSUSE Leap Micro 5.3
______________________________________________________________________________
An update that fixes four vulnerabilities is now available.
Description:
This update for openssl-1_1 fixes the following issues:
- CVE-2023-0286: Fixed X.400 address type confusion in X.509
GENERAL_NAME_cmp for x400Address (bsc#1207533).
- CVE-2023-0215: Fixed use-after-free following BIO_new_NDEF()
(bsc#1207536).
- CVE-2022-4450: Fixed double free after calling PEM_read_bio_ex()
(bsc#1207538).
- CVE-2022-4304: Fixed timing Oracle in RSA Decryption (bsc#1207534).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap Micro 5.3:
zypper in -t patch openSUSE-Leap-Micro-5.3-2023-311=1
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2023-311=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2023-311=1
- SUSE Linux Enterprise Micro 5.3:
zypper in -t patch SUSE-SLE-Micro-5.3-2023-311=1
Package List:
- openSUSE Leap Micro 5.3 (aarch64 x86_64):
libopenssl-1_1-devel-1.1.1l-150400.7.22.1
libopenssl1_1-1.1.1l-150400.7.22.1
libopenssl1_1-debuginfo-1.1.1l-150400.7.22.1
libopenssl1_1-hmac-1.1.1l-150400.7.22.1
openssl-1_1-1.1.1l-150400.7.22.1
openssl-1_1-debuginfo-1.1.1l-150400.7.22.1
openssl-1_1-debugsource-1.1.1l-150400.7.22.1
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
libopenssl-1_1-devel-1.1.1l-150400.7.22.1
libopenssl1_1-1.1.1l-150400.7.22.1
libopenssl1_1-debuginfo-1.1.1l-150400.7.22.1
libopenssl1_1-hmac-1.1.1l-150400.7.22.1
openssl-1_1-1.1.1l-150400.7.22.1
openssl-1_1-debuginfo-1.1.1l-150400.7.22.1
openssl-1_1-debugsource-1.1.1l-150400.7.22.1
- openSUSE Leap 15.4 (x86_64):
libopenssl-1_1-devel-32bit-1.1.1l-150400.7.22.1
libopenssl1_1-32bit-1.1.1l-150400.7.22.1
libopenssl1_1-32bit-debuginfo-1.1.1l-150400.7.22.1
libopenssl1_1-hmac-32bit-1.1.1l-150400.7.22.1
- openSUSE Leap 15.4 (noarch):
openssl-1_1-doc-1.1.1l-150400.7.22.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64 ppc64le s390x x86_64):
libopenssl-1_1-devel-1.1.1l-150400.7.22.1
libopenssl1_1-1.1.1l-150400.7.22.1
libopenssl1_1-debuginfo-1.1.1l-150400.7.22.1
libopenssl1_1-hmac-1.1.1l-150400.7.22.1
openssl-1_1-1.1.1l-150400.7.22.1
openssl-1_1-debuginfo-1.1.1l-150400.7.22.1
openssl-1_1-debugsource-1.1.1l-150400.7.22.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (x86_64):
libopenssl-1_1-devel-32bit-1.1.1l-150400.7.22.1
libopenssl1_1-32bit-1.1.1l-150400.7.22.1
libopenssl1_1-32bit-debuginfo-1.1.1l-150400.7.22.1
libopenssl1_1-hmac-32bit-1.1.1l-150400.7.22.1
- SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64):
libopenssl-1_1-devel-1.1.1l-150400.7.22.1
libopenssl1_1-1.1.1l-150400.7.22.1
libopenssl1_1-debuginfo-1.1.1l-150400.7.22.1
libopenssl1_1-hmac-1.1.1l-150400.7.22.1
openssl-1_1-1.1.1l-150400.7.22.1
openssl-1_1-debuginfo-1.1.1l-150400.7.22.1
openssl-1_1-debugsource-1.1.1l-150400.7.22.1
References:
https://www.suse.com/security/cve/CVE-2022-4304.html
https://www.suse.com/security/cve/CVE-2022-4450.html
https://www.suse.com/security/cve/CVE-2023-0215.html
https://www.suse.com/security/cve/CVE-2023-0286.html
https://bugzilla.suse.com/1207533
https://bugzilla.suse.com/1207534
https://bugzilla.suse.com/1207536
https://bugzilla.suse.com/1207538
1
0
SUSE-SU-2023:0305-1: important: Security update for openssl-1_0_0
by opensuse-security@opensuse.org 07 Feb '23
by opensuse-security@opensuse.org 07 Feb '23
07 Feb '23
SUSE Security Update: Security update for openssl-1_0_0
______________________________________________________________________________
Announcement ID: SUSE-SU-2023:0305-1
Rating: important
References: #1207533 #1207534 #1207536
Cross-References: CVE-2022-4304 CVE-2023-0215 CVE-2023-0286
CVSS scores:
CVE-2022-4304 (SUSE): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
CVE-2023-0215 (SUSE): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2023-0286 (SUSE): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H
Affected Products:
SUSE CaaS Platform 4.0
SUSE Enterprise Storage 7
SUSE Enterprise Storage 7.1
SUSE Linux Enterprise High Performance Computing
SUSE Linux Enterprise High Performance Computing 15-SP3-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP3-LTSS
SUSE Linux Enterprise Module for Legacy Software 15-SP4
SUSE Linux Enterprise Server
SUSE Linux Enterprise Server 15-SP1-LTSS
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server 15-SP3-LTSS
SUSE Linux Enterprise Server for SAP 15-SP1
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP 15-SP3
SUSE Linux Enterprise Server for SAP Applications
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes three vulnerabilities is now available.
Description:
This update for openssl-1_0_0 fixes the following issues:
- CVE-2023-0286: Fixed X.400 address type confusion in X.509
GENERAL_NAME_cmp for x400Address (bsc#1207533).
- CVE-2023-0215: Fixed use-after-free following BIO_new_NDEF()
(bsc#1207536).
- CVE-2022-4304: Fixed timing Oracle in RSA Decryption (bsc#1207534).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2023-305=1
- SUSE Linux Enterprise Server for SAP 15-SP3:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2023-305=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2023-305=1
- SUSE Linux Enterprise Server for SAP 15-SP1:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2023-305=1
- SUSE Linux Enterprise Server 15-SP3-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2023-305=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2023-305=1
- SUSE Linux Enterprise Server 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2023-305=1
- SUSE Linux Enterprise Module for Legacy Software 15-SP4:
zypper in -t patch SUSE-SLE-Module-Legacy-15-SP4-2023-305=1
- SUSE Linux Enterprise High Performance Computing 15-SP3-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2023-305=1
- SUSE Linux Enterprise High Performance Computing 15-SP3-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-ESPOS-2023-305=1
- SUSE Enterprise Storage 7.1:
zypper in -t patch SUSE-Storage-7.1-2023-305=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2023-305=1
- SUSE CaaS Platform 4.0:
To install this update, use the SUSE CaaS Platform 'skuba' tool. It
will inform you if it detects new updates and let you then trigger
updating of the complete cluster in a controlled way.
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
libopenssl-1_0_0-devel-1.0.2p-150000.3.65.1
libopenssl10-1.0.2p-150000.3.65.1
libopenssl10-debuginfo-1.0.2p-150000.3.65.1
libopenssl1_0_0-1.0.2p-150000.3.65.1
libopenssl1_0_0-debuginfo-1.0.2p-150000.3.65.1
libopenssl1_0_0-hmac-1.0.2p-150000.3.65.1
libopenssl1_0_0-steam-1.0.2p-150000.3.65.1
libopenssl1_0_0-steam-debuginfo-1.0.2p-150000.3.65.1
openssl-1_0_0-1.0.2p-150000.3.65.1
openssl-1_0_0-cavs-1.0.2p-150000.3.65.1
openssl-1_0_0-cavs-debuginfo-1.0.2p-150000.3.65.1
openssl-1_0_0-debuginfo-1.0.2p-150000.3.65.1
openssl-1_0_0-debugsource-1.0.2p-150000.3.65.1
- openSUSE Leap 15.4 (x86_64):
libopenssl-1_0_0-devel-32bit-1.0.2p-150000.3.65.1
libopenssl1_0_0-32bit-1.0.2p-150000.3.65.1
libopenssl1_0_0-32bit-debuginfo-1.0.2p-150000.3.65.1
libopenssl1_0_0-hmac-32bit-1.0.2p-150000.3.65.1
libopenssl1_0_0-steam-32bit-1.0.2p-150000.3.65.1
libopenssl1_0_0-steam-32bit-debuginfo-1.0.2p-150000.3.65.1
- openSUSE Leap 15.4 (noarch):
openssl-1_0_0-doc-1.0.2p-150000.3.65.1
- SUSE Linux Enterprise Server for SAP 15-SP3 (ppc64le x86_64):
libopenssl-1_0_0-devel-1.0.2p-150000.3.65.1
libopenssl10-1.0.2p-150000.3.65.1
libopenssl10-debuginfo-1.0.2p-150000.3.65.1
libopenssl1_0_0-1.0.2p-150000.3.65.1
libopenssl1_0_0-debuginfo-1.0.2p-150000.3.65.1
openssl-1_0_0-1.0.2p-150000.3.65.1
openssl-1_0_0-debuginfo-1.0.2p-150000.3.65.1
openssl-1_0_0-debugsource-1.0.2p-150000.3.65.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64):
libopenssl-1_0_0-devel-1.0.2p-150000.3.65.1
libopenssl1_0_0-1.0.2p-150000.3.65.1
libopenssl1_0_0-debuginfo-1.0.2p-150000.3.65.1
openssl-1_0_0-1.0.2p-150000.3.65.1
openssl-1_0_0-debuginfo-1.0.2p-150000.3.65.1
openssl-1_0_0-debugsource-1.0.2p-150000.3.65.1
- SUSE Linux Enterprise Server for SAP 15-SP1 (ppc64le x86_64):
libopenssl-1_0_0-devel-1.0.2p-150000.3.65.1
libopenssl1_0_0-1.0.2p-150000.3.65.1
libopenssl1_0_0-debuginfo-1.0.2p-150000.3.65.1
openssl-1_0_0-1.0.2p-150000.3.65.1
openssl-1_0_0-debuginfo-1.0.2p-150000.3.65.1
openssl-1_0_0-debugsource-1.0.2p-150000.3.65.1
- SUSE Linux Enterprise Server 15-SP3-LTSS (aarch64 ppc64le s390x x86_64):
libopenssl-1_0_0-devel-1.0.2p-150000.3.65.1
libopenssl10-1.0.2p-150000.3.65.1
libopenssl10-debuginfo-1.0.2p-150000.3.65.1
libopenssl1_0_0-1.0.2p-150000.3.65.1
libopenssl1_0_0-debuginfo-1.0.2p-150000.3.65.1
openssl-1_0_0-1.0.2p-150000.3.65.1
openssl-1_0_0-debuginfo-1.0.2p-150000.3.65.1
openssl-1_0_0-debugsource-1.0.2p-150000.3.65.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64):
libopenssl-1_0_0-devel-1.0.2p-150000.3.65.1
libopenssl1_0_0-1.0.2p-150000.3.65.1
libopenssl1_0_0-debuginfo-1.0.2p-150000.3.65.1
openssl-1_0_0-1.0.2p-150000.3.65.1
openssl-1_0_0-debuginfo-1.0.2p-150000.3.65.1
openssl-1_0_0-debugsource-1.0.2p-150000.3.65.1
- SUSE Linux Enterprise Server 15-SP1-LTSS (aarch64 ppc64le s390x x86_64):
libopenssl-1_0_0-devel-1.0.2p-150000.3.65.1
libopenssl1_0_0-1.0.2p-150000.3.65.1
libopenssl1_0_0-debuginfo-1.0.2p-150000.3.65.1
openssl-1_0_0-1.0.2p-150000.3.65.1
openssl-1_0_0-debuginfo-1.0.2p-150000.3.65.1
openssl-1_0_0-debugsource-1.0.2p-150000.3.65.1
- SUSE Linux Enterprise Module for Legacy Software 15-SP4 (aarch64 ppc64le s390x x86_64):
libopenssl-1_0_0-devel-1.0.2p-150000.3.65.1
libopenssl10-1.0.2p-150000.3.65.1
libopenssl10-debuginfo-1.0.2p-150000.3.65.1
libopenssl1_0_0-1.0.2p-150000.3.65.1
libopenssl1_0_0-debuginfo-1.0.2p-150000.3.65.1
openssl-1_0_0-1.0.2p-150000.3.65.1
openssl-1_0_0-debuginfo-1.0.2p-150000.3.65.1
openssl-1_0_0-debugsource-1.0.2p-150000.3.65.1
- SUSE Linux Enterprise High Performance Computing 15-SP3-LTSS (aarch64 x86_64):
libopenssl-1_0_0-devel-1.0.2p-150000.3.65.1
libopenssl10-1.0.2p-150000.3.65.1
libopenssl10-debuginfo-1.0.2p-150000.3.65.1
libopenssl1_0_0-1.0.2p-150000.3.65.1
libopenssl1_0_0-debuginfo-1.0.2p-150000.3.65.1
openssl-1_0_0-1.0.2p-150000.3.65.1
openssl-1_0_0-debuginfo-1.0.2p-150000.3.65.1
openssl-1_0_0-debugsource-1.0.2p-150000.3.65.1
- SUSE Linux Enterprise High Performance Computing 15-SP3-ESPOS (aarch64 x86_64):
libopenssl-1_0_0-devel-1.0.2p-150000.3.65.1
libopenssl10-1.0.2p-150000.3.65.1
libopenssl10-debuginfo-1.0.2p-150000.3.65.1
libopenssl1_0_0-1.0.2p-150000.3.65.1
libopenssl1_0_0-debuginfo-1.0.2p-150000.3.65.1
openssl-1_0_0-1.0.2p-150000.3.65.1
openssl-1_0_0-debuginfo-1.0.2p-150000.3.65.1
openssl-1_0_0-debugsource-1.0.2p-150000.3.65.1
- SUSE Enterprise Storage 7.1 (aarch64 x86_64):
libopenssl-1_0_0-devel-1.0.2p-150000.3.65.1
libopenssl10-1.0.2p-150000.3.65.1
libopenssl10-debuginfo-1.0.2p-150000.3.65.1
libopenssl1_0_0-1.0.2p-150000.3.65.1
libopenssl1_0_0-debuginfo-1.0.2p-150000.3.65.1
openssl-1_0_0-1.0.2p-150000.3.65.1
openssl-1_0_0-debuginfo-1.0.2p-150000.3.65.1
openssl-1_0_0-debugsource-1.0.2p-150000.3.65.1
- SUSE Enterprise Storage 7 (aarch64 x86_64):
libopenssl-1_0_0-devel-1.0.2p-150000.3.65.1
libopenssl1_0_0-1.0.2p-150000.3.65.1
libopenssl1_0_0-debuginfo-1.0.2p-150000.3.65.1
openssl-1_0_0-1.0.2p-150000.3.65.1
openssl-1_0_0-debuginfo-1.0.2p-150000.3.65.1
openssl-1_0_0-debugsource-1.0.2p-150000.3.65.1
- SUSE CaaS Platform 4.0 (x86_64):
libopenssl-1_0_0-devel-1.0.2p-150000.3.65.1
libopenssl1_0_0-1.0.2p-150000.3.65.1
libopenssl1_0_0-debuginfo-1.0.2p-150000.3.65.1
openssl-1_0_0-1.0.2p-150000.3.65.1
openssl-1_0_0-debuginfo-1.0.2p-150000.3.65.1
openssl-1_0_0-debugsource-1.0.2p-150000.3.65.1
References:
https://www.suse.com/security/cve/CVE-2022-4304.html
https://www.suse.com/security/cve/CVE-2023-0215.html
https://www.suse.com/security/cve/CVE-2023-0286.html
https://bugzilla.suse.com/1207533
https://bugzilla.suse.com/1207534
https://bugzilla.suse.com/1207536
1
0
SUSE-SU-2023:0312-1: important: Security update for openssl-3
by opensuse-security@opensuse.org 07 Feb '23
by opensuse-security@opensuse.org 07 Feb '23
07 Feb '23
SUSE Security Update: Security update for openssl-3
______________________________________________________________________________
Announcement ID: SUSE-SU-2023:0312-1
Rating: important
References: #1195149 #1206222 #1207533 #1207534 #1207535
#1207536 #1207538 #1207539 #1207540 #1207541
Cross-References: CVE-2022-4203 CVE-2022-4304 CVE-2022-4450
CVE-2023-0215 CVE-2023-0216 CVE-2023-0217
CVE-2023-0286 CVE-2023-0401
CVSS scores:
CVE-2022-4203 (SUSE): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H
CVE-2022-4304 (SUSE): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
CVE-2022-4450 (SUSE): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2023-0215 (SUSE): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2023-0216 (SUSE): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2023-0217 (SUSE): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2023-0286 (SUSE): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H
CVE-2023-0401 (SUSE): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products:
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that solves 8 vulnerabilities and has two fixes
is now available.
Description:
This update for openssl-3 fixes the following issues:
Security fixes:
- CVE-2023-0286: Fixed X.400 address type confusion in X.509
GENERAL_NAME_cmp for x400Address (bsc#1207533).
- CVE-2023-0401: Fixed NULL pointer dereference during PKCS7 data
verification (bsc#1207541).
- CVE-2023-0217: Fixed NULL pointer dereference validating DSA public key
(bsc#1207540).
- CVE-2023-0216: Fixed invalid pointer dereference in d2i_PKCS7 functions
(bsc#1207539).
- CVE-2023-0215: Fixed use-after-free following BIO_new_NDEF()
(bsc#1207536).
- CVE-2022-4450: Fixed double free after calling PEM_read_bio_ex()
(bsc#1207538).
- CVE-2022-4304: Fixed timing Oracle in RSA Decryption (bsc#1207534).
- CVE-2022-4203: Fixed read Buffer Overflow with X.509 Name Constraints
(bsc#1207535).
Non-security fixes:
- Fix SHA, SHAKE, KECCAK ASM and EC ASM flag passing (bsc#1206222).
- Enable zlib compression support (bsc#1195149).
- Add crypto-policies dependency.
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2023-312=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2023-312=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
libopenssl-3-devel-3.0.1-150400.4.17.1
libopenssl3-3.0.1-150400.4.17.1
libopenssl3-debuginfo-3.0.1-150400.4.17.1
openssl-3-3.0.1-150400.4.17.1
openssl-3-debuginfo-3.0.1-150400.4.17.1
openssl-3-debugsource-3.0.1-150400.4.17.1
- openSUSE Leap 15.4 (x86_64):
libopenssl-3-devel-32bit-3.0.1-150400.4.17.1
libopenssl3-32bit-3.0.1-150400.4.17.1
libopenssl3-32bit-debuginfo-3.0.1-150400.4.17.1
- openSUSE Leap 15.4 (noarch):
openssl-3-doc-3.0.1-150400.4.17.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64 ppc64le s390x x86_64):
libopenssl-3-devel-3.0.1-150400.4.17.1
libopenssl3-3.0.1-150400.4.17.1
libopenssl3-debuginfo-3.0.1-150400.4.17.1
openssl-3-3.0.1-150400.4.17.1
openssl-3-debuginfo-3.0.1-150400.4.17.1
openssl-3-debugsource-3.0.1-150400.4.17.1
References:
https://www.suse.com/security/cve/CVE-2022-4203.html
https://www.suse.com/security/cve/CVE-2022-4304.html
https://www.suse.com/security/cve/CVE-2022-4450.html
https://www.suse.com/security/cve/CVE-2023-0215.html
https://www.suse.com/security/cve/CVE-2023-0216.html
https://www.suse.com/security/cve/CVE-2023-0217.html
https://www.suse.com/security/cve/CVE-2023-0286.html
https://www.suse.com/security/cve/CVE-2023-0401.html
https://bugzilla.suse.com/1195149
https://bugzilla.suse.com/1206222
https://bugzilla.suse.com/1207533
https://bugzilla.suse.com/1207534
https://bugzilla.suse.com/1207535
https://bugzilla.suse.com/1207536
https://bugzilla.suse.com/1207538
https://bugzilla.suse.com/1207539
https://bugzilla.suse.com/1207540
https://bugzilla.suse.com/1207541
1
0
SUSE-SU-2022:3198-2: moderate: Security update for php8-pear
by opensuse-security@opensuse.org 07 Feb '23
by opensuse-security@opensuse.org 07 Feb '23
07 Feb '23
SUSE Security Update: Security update for php8-pear
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:3198-2
Rating: moderate
References: SLE-24728
Cross-References: CVE-2021-32610
CVSS scores:
CVE-2021-32610 (NVD) : 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Affected Products:
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes one vulnerability, contains one
feature is now available.
Description:
This update for php8-pear fixes the following issues:
- Add php8-pear to SLE15-SP4 (jsc#SLE-24728)
- Update to 1.10.21
- PEAR 1.10.13
* unsupported protocol - use --force to continue
* Add $this operator to _determineIfPowerpc calls
- Update to 1.10.20
- Archive_Tar 1.4.14
* Properly fix symbolic link path traversal (CVE-2021-32610)
- Archive_Tar 1.4.13
* Relative symlinks failing (out-of path file extraction)
- Archive_Tar 1.4.12
- Archive_Tar 1.4.11
- Archive_Tar 1.4.10
* Fix block padding when the file buffer length is a multiple
of 512 and smaller than Archive_Tar buffer length
* Don't try to copy username/groupname in chroot jail
- provides and obsoletes php7-pear-Archive_Tar, former location
of PEAR/Archive/Tar.php
- Update to version 1.10.19
- PEAR 1.10.12
* adjust dependencies based on new releases
- XML_Util 1.4.5
* fix Trying to access array offset on value of type int
- Update to version 1.10.18
- Remove pear-cacheid-array-check.patch (upstreamed)
- Contents of .filemap are now sorted internally
- Sort contents of .filemap to make build reproducible
- Recommend php7-openssl to allow https sources to be used
- Modify metadata_dir for system configuration only
- Add /var/lib/pear directory where xml files are stored
- Cleanup %files section
- Only use the GPG keys of Chuck Burgess. Extracted from the Release
Manager public keys.
- Add release versions of PEAR modules
- Install metadata files (registry, filemap, channels, ...) in
/var/lib/pear/ instead of /usr/share/php7/PEAR/
- Update to version 1.10.17
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2023-291=1
Package List:
- openSUSE Leap 15.4 (noarch):
php8-pear-1.10.21-150400.9.3.1
php8-pecl-1.10.21-150400.9.3.1
References:
https://www.suse.com/security/cve/CVE-2021-32610.html
1
0
SUSE-SU-2023:0288-1: important: Security update for xorg-x11-server
by opensuse-security@opensuse.org 07 Feb '23
by opensuse-security@opensuse.org 07 Feb '23
07 Feb '23
SUSE Security Update: Security update for xorg-x11-server
______________________________________________________________________________
Announcement ID: SUSE-SU-2023:0288-1
Rating: important
References: #1207783
Cross-References: CVE-2023-0494
CVSS scores:
CVE-2023-0494 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products:
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Module for Development Tools 15-SP4
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for xorg-x11-server fixes the following issues:
- CVE-2023-0494: Fixed a use-after-free in DeepCopyPointerClasses
(bsc#1207783).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2023-288=1
- SUSE Linux Enterprise Module for Development Tools 15-SP4:
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP4-2023-288=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2023-288=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
xorg-x11-server-1.20.3-150400.38.16.1
xorg-x11-server-debuginfo-1.20.3-150400.38.16.1
xorg-x11-server-debugsource-1.20.3-150400.38.16.1
xorg-x11-server-extra-1.20.3-150400.38.16.1
xorg-x11-server-extra-debuginfo-1.20.3-150400.38.16.1
xorg-x11-server-sdk-1.20.3-150400.38.16.1
xorg-x11-server-source-1.20.3-150400.38.16.1
- SUSE Linux Enterprise Module for Development Tools 15-SP4 (aarch64 ppc64le s390x x86_64):
xorg-x11-server-debuginfo-1.20.3-150400.38.16.1
xorg-x11-server-debugsource-1.20.3-150400.38.16.1
xorg-x11-server-sdk-1.20.3-150400.38.16.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64 ppc64le s390x x86_64):
xorg-x11-server-1.20.3-150400.38.16.1
xorg-x11-server-debuginfo-1.20.3-150400.38.16.1
xorg-x11-server-debugsource-1.20.3-150400.38.16.1
xorg-x11-server-extra-1.20.3-150400.38.16.1
xorg-x11-server-extra-debuginfo-1.20.3-150400.38.16.1
References:
https://www.suse.com/security/cve/CVE-2023-0494.html
https://bugzilla.suse.com/1207783
1
0
SUSE-SU-2023:0285-1: important: Security update for xorg-x11-server
by opensuse-security@opensuse.org 07 Feb '23
by opensuse-security@opensuse.org 07 Feb '23
07 Feb '23
SUSE Security Update: Security update for xorg-x11-server
______________________________________________________________________________
Announcement ID: SUSE-SU-2023:0285-1
Rating: important
References: #1207783
Cross-References: CVE-2023-0494
CVSS scores:
CVE-2023-0494 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products:
SUSE Enterprise Storage 7
SUSE Enterprise Storage 7.1
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP3-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP3-LTSS
SUSE Linux Enterprise Realtime Extension 15-SP3
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server 15-SP3-LTSS
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Linux Enterprise Workstation Extension 15-SP4
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for xorg-x11-server fixes the following issues:
- CVE-2023-0494: Fixed a use-after-free in DeepCopyPointerClasses
(bsc#1207783).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2023-285=1
- SUSE Manager Server 4.2:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.2-2023-285=1
- SUSE Manager Retail Branch Server 4.2:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.2-2023-285=1
- SUSE Manager Proxy 4.2:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.2-2023-285=1
- SUSE Linux Enterprise Workstation Extension 15-SP4:
zypper in -t patch SUSE-SLE-Product-WE-15-SP4-2023-285=1
- SUSE Linux Enterprise Server for SAP 15-SP3:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2023-285=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2023-285=1
- SUSE Linux Enterprise Server 15-SP3-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2023-285=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2023-285=1
- SUSE Linux Enterprise Realtime Extension 15-SP3:
zypper in -t patch SUSE-SLE-Product-RT-15-SP3-2023-285=1
- SUSE Linux Enterprise High Performance Computing 15-SP3-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2023-285=1
- SUSE Linux Enterprise High Performance Computing 15-SP3-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-ESPOS-2023-285=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2023-285=1
- SUSE Enterprise Storage 7.1:
zypper in -t patch SUSE-Storage-7.1-2023-285=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2023-285=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
xorg-x11-server-wayland-1.20.3-150200.22.5.66.1
xorg-x11-server-wayland-debuginfo-1.20.3-150200.22.5.66.1
- SUSE Manager Server 4.2 (ppc64le s390x x86_64):
xorg-x11-server-1.20.3-150200.22.5.66.1
xorg-x11-server-debuginfo-1.20.3-150200.22.5.66.1
xorg-x11-server-debugsource-1.20.3-150200.22.5.66.1
xorg-x11-server-extra-1.20.3-150200.22.5.66.1
xorg-x11-server-extra-debuginfo-1.20.3-150200.22.5.66.1
- SUSE Manager Retail Branch Server 4.2 (x86_64):
xorg-x11-server-1.20.3-150200.22.5.66.1
xorg-x11-server-debuginfo-1.20.3-150200.22.5.66.1
xorg-x11-server-debugsource-1.20.3-150200.22.5.66.1
xorg-x11-server-extra-1.20.3-150200.22.5.66.1
xorg-x11-server-extra-debuginfo-1.20.3-150200.22.5.66.1
- SUSE Manager Proxy 4.2 (x86_64):
xorg-x11-server-1.20.3-150200.22.5.66.1
xorg-x11-server-debuginfo-1.20.3-150200.22.5.66.1
xorg-x11-server-debugsource-1.20.3-150200.22.5.66.1
xorg-x11-server-extra-1.20.3-150200.22.5.66.1
xorg-x11-server-extra-debuginfo-1.20.3-150200.22.5.66.1
- SUSE Linux Enterprise Workstation Extension 15-SP4 (x86_64):
xorg-x11-server-debuginfo-1.20.3-150200.22.5.66.1
xorg-x11-server-debugsource-1.20.3-150200.22.5.66.1
xorg-x11-server-wayland-1.20.3-150200.22.5.66.1
xorg-x11-server-wayland-debuginfo-1.20.3-150200.22.5.66.1
- SUSE Linux Enterprise Server for SAP 15-SP3 (ppc64le x86_64):
xorg-x11-server-1.20.3-150200.22.5.66.1
xorg-x11-server-debuginfo-1.20.3-150200.22.5.66.1
xorg-x11-server-debugsource-1.20.3-150200.22.5.66.1
xorg-x11-server-extra-1.20.3-150200.22.5.66.1
xorg-x11-server-extra-debuginfo-1.20.3-150200.22.5.66.1
xorg-x11-server-sdk-1.20.3-150200.22.5.66.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64):
xorg-x11-server-1.20.3-150200.22.5.66.1
xorg-x11-server-debuginfo-1.20.3-150200.22.5.66.1
xorg-x11-server-debugsource-1.20.3-150200.22.5.66.1
xorg-x11-server-extra-1.20.3-150200.22.5.66.1
xorg-x11-server-extra-debuginfo-1.20.3-150200.22.5.66.1
xorg-x11-server-sdk-1.20.3-150200.22.5.66.1
- SUSE Linux Enterprise Server 15-SP3-LTSS (aarch64 ppc64le s390x x86_64):
xorg-x11-server-1.20.3-150200.22.5.66.1
xorg-x11-server-debuginfo-1.20.3-150200.22.5.66.1
xorg-x11-server-debugsource-1.20.3-150200.22.5.66.1
xorg-x11-server-extra-1.20.3-150200.22.5.66.1
xorg-x11-server-extra-debuginfo-1.20.3-150200.22.5.66.1
xorg-x11-server-sdk-1.20.3-150200.22.5.66.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64):
xorg-x11-server-1.20.3-150200.22.5.66.1
xorg-x11-server-debuginfo-1.20.3-150200.22.5.66.1
xorg-x11-server-debugsource-1.20.3-150200.22.5.66.1
xorg-x11-server-extra-1.20.3-150200.22.5.66.1
xorg-x11-server-extra-debuginfo-1.20.3-150200.22.5.66.1
xorg-x11-server-sdk-1.20.3-150200.22.5.66.1
- SUSE Linux Enterprise Realtime Extension 15-SP3 (x86_64):
xorg-x11-server-1.20.3-150200.22.5.66.1
xorg-x11-server-debuginfo-1.20.3-150200.22.5.66.1
xorg-x11-server-debugsource-1.20.3-150200.22.5.66.1
xorg-x11-server-extra-1.20.3-150200.22.5.66.1
xorg-x11-server-extra-debuginfo-1.20.3-150200.22.5.66.1
xorg-x11-server-sdk-1.20.3-150200.22.5.66.1
- SUSE Linux Enterprise High Performance Computing 15-SP3-LTSS (aarch64 x86_64):
xorg-x11-server-1.20.3-150200.22.5.66.1
xorg-x11-server-debuginfo-1.20.3-150200.22.5.66.1
xorg-x11-server-debugsource-1.20.3-150200.22.5.66.1
xorg-x11-server-extra-1.20.3-150200.22.5.66.1
xorg-x11-server-extra-debuginfo-1.20.3-150200.22.5.66.1
xorg-x11-server-sdk-1.20.3-150200.22.5.66.1
- SUSE Linux Enterprise High Performance Computing 15-SP3-ESPOS (aarch64 x86_64):
xorg-x11-server-1.20.3-150200.22.5.66.1
xorg-x11-server-debuginfo-1.20.3-150200.22.5.66.1
xorg-x11-server-debugsource-1.20.3-150200.22.5.66.1
xorg-x11-server-extra-1.20.3-150200.22.5.66.1
xorg-x11-server-extra-debuginfo-1.20.3-150200.22.5.66.1
xorg-x11-server-sdk-1.20.3-150200.22.5.66.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64):
xorg-x11-server-1.20.3-150200.22.5.66.1
xorg-x11-server-debuginfo-1.20.3-150200.22.5.66.1
xorg-x11-server-debugsource-1.20.3-150200.22.5.66.1
xorg-x11-server-extra-1.20.3-150200.22.5.66.1
xorg-x11-server-extra-debuginfo-1.20.3-150200.22.5.66.1
xorg-x11-server-sdk-1.20.3-150200.22.5.66.1
- SUSE Enterprise Storage 7.1 (aarch64 x86_64):
xorg-x11-server-1.20.3-150200.22.5.66.1
xorg-x11-server-debuginfo-1.20.3-150200.22.5.66.1
xorg-x11-server-debugsource-1.20.3-150200.22.5.66.1
xorg-x11-server-extra-1.20.3-150200.22.5.66.1
xorg-x11-server-extra-debuginfo-1.20.3-150200.22.5.66.1
xorg-x11-server-sdk-1.20.3-150200.22.5.66.1
- SUSE Enterprise Storage 7 (aarch64 x86_64):
xorg-x11-server-1.20.3-150200.22.5.66.1
xorg-x11-server-debuginfo-1.20.3-150200.22.5.66.1
xorg-x11-server-debugsource-1.20.3-150200.22.5.66.1
xorg-x11-server-extra-1.20.3-150200.22.5.66.1
xorg-x11-server-extra-debuginfo-1.20.3-150200.22.5.66.1
xorg-x11-server-sdk-1.20.3-150200.22.5.66.1
References:
https://www.suse.com/security/cve/CVE-2023-0494.html
https://bugzilla.suse.com/1207783
1
0
SUSE-SU-2023:0289-1: important: Security update for xwayland
by opensuse-security@opensuse.org 07 Feb '23
by opensuse-security@opensuse.org 07 Feb '23
07 Feb '23
SUSE Security Update: Security update for xwayland
______________________________________________________________________________
Announcement ID: SUSE-SU-2023:0289-1
Rating: important
References: #1207783
Cross-References: CVE-2023-0494
CVSS scores:
CVE-2023-0494 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products:
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Linux Enterprise Workstation Extension 15-SP4
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for xwayland fixes the following issues:
- CVE-2023-0494: Fixed a use-after-free in DeepCopyPointerClasses
(bsc#1207783).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2023-289=1
- SUSE Linux Enterprise Workstation Extension 15-SP4:
zypper in -t patch SUSE-SLE-Product-WE-15-SP4-2023-289=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
xwayland-21.1.4-150400.3.9.1
xwayland-debuginfo-21.1.4-150400.3.9.1
xwayland-debugsource-21.1.4-150400.3.9.1
xwayland-devel-21.1.4-150400.3.9.1
- SUSE Linux Enterprise Workstation Extension 15-SP4 (x86_64):
xwayland-21.1.4-150400.3.9.1
xwayland-debuginfo-21.1.4-150400.3.9.1
xwayland-debugsource-21.1.4-150400.3.9.1
References:
https://www.suse.com/security/cve/CVE-2023-0494.html
https://bugzilla.suse.com/1207783
1
0
SUSE-SU-2023:0295-1: important: Security update for redis
by opensuse-security@opensuse.org 07 Feb '23
by opensuse-security@opensuse.org 07 Feb '23
07 Feb '23
SUSE Security Update: Security update for redis
______________________________________________________________________________
Announcement ID: SUSE-SU-2023:0295-1
Rating: important
References: #1207202 #1207203 #1207448
Cross-References: CVE-2022-35977 CVE-2023-22458
CVSS scores:
CVE-2022-35977 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-35977 (SUSE): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2023-22458 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2023-22458 (SUSE): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Affected Products:
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Server Applications 15-SP4
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that solves two vulnerabilities and has one
errata is now available.
Description:
This update for redis fixes the following issues:
- CVE-2022-35977: Fixed an integer overflow that could allow authenticated
users to cause a crash (bsc#1207202).
- CVE-2023-22458: Fixed a missing check that could allow authenticated
users to cause a crash (bsc#1207203).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2023-295=1
- SUSE Linux Enterprise Module for Server Applications 15-SP4:
zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP4-2023-295=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
redis-6.2.6-150400.3.11.1
redis-debuginfo-6.2.6-150400.3.11.1
redis-debugsource-6.2.6-150400.3.11.1
- SUSE Linux Enterprise Module for Server Applications 15-SP4 (aarch64 ppc64le s390x x86_64):
redis-6.2.6-150400.3.11.1
redis-debuginfo-6.2.6-150400.3.11.1
redis-debugsource-6.2.6-150400.3.11.1
References:
https://www.suse.com/security/cve/CVE-2022-35977.html
https://www.suse.com/security/cve/CVE-2023-22458.html
https://bugzilla.suse.com/1207202
https://bugzilla.suse.com/1207203
https://bugzilla.suse.com/1207448
1
0
SUSE-SU-2023:0275-1: moderate: Security update for rubygem-activesupport-5_1
by opensuse-security@opensuse.org 06 Feb '23
by opensuse-security@opensuse.org 06 Feb '23
06 Feb '23
SUSE Security Update: Security update for rubygem-activesupport-5_1
______________________________________________________________________________
Announcement ID: SUSE-SU-2023:0275-1
Rating: moderate
References: #1207454
Cross-References: CVE-2023-22796
CVSS scores:
CVE-2023-22796 (SUSE): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products:
SUSE Enterprise Storage 6
SUSE Enterprise Storage 7
SUSE Enterprise Storage 7.1
SUSE Linux Enterprise High Availability 15-SP1
SUSE Linux Enterprise High Availability 15-SP2
SUSE Linux Enterprise High Availability 15-SP3
SUSE Linux Enterprise High Availability 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP1
SUSE Linux Enterprise High Performance Computing 15-SP2
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Server 15-SP1
SUSE Linux Enterprise Server 15-SP2
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP1
SUSE Linux Enterprise Server for SAP Applications 15-SP2
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.0
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.0
SUSE Manager Retail Branch Server 4.1
SUSE Manager Retail Branch Server 4.2
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.0
SUSE Manager Server 4.1
SUSE Manager Server 4.2
SUSE Manager Server 4.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for rubygem-activesupport-5_1 fixes the following issues:
- CVE-2023-22796: Fixed a potential denial of service when passing a
crafted input to the underscore method due to an inefficient regular
expression (bsc#1207454).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2023-275=1
- SUSE Linux Enterprise High Availability 15-SP4:
zypper in -t patch SUSE-SLE-Product-HA-15-SP4-2023-275=1
- SUSE Linux Enterprise High Availability 15-SP3:
zypper in -t patch SUSE-SLE-Product-HA-15-SP3-2023-275=1
- SUSE Linux Enterprise High Availability 15-SP2:
zypper in -t patch SUSE-SLE-Product-HA-15-SP2-2023-275=1
- SUSE Linux Enterprise High Availability 15-SP1:
zypper in -t patch SUSE-SLE-Product-HA-15-SP1-2023-275=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
ruby2.5-rubygem-activesupport-5_1-5.1.4-150000.3.12.1
ruby2.5-rubygem-activesupport-doc-5_1-5.1.4-150000.3.12.1
- SUSE Linux Enterprise High Availability 15-SP4 (aarch64 ppc64le s390x x86_64):
ruby2.5-rubygem-activesupport-5_1-5.1.4-150000.3.12.1
- SUSE Linux Enterprise High Availability 15-SP3 (aarch64 ppc64le s390x x86_64):
ruby2.5-rubygem-activesupport-5_1-5.1.4-150000.3.12.1
- SUSE Linux Enterprise High Availability 15-SP2 (aarch64 ppc64le s390x x86_64):
ruby2.5-rubygem-activesupport-5_1-5.1.4-150000.3.12.1
- SUSE Linux Enterprise High Availability 15-SP1 (aarch64 ppc64le s390x x86_64):
ruby2.5-rubygem-activesupport-5_1-5.1.4-150000.3.12.1
References:
https://www.suse.com/security/cve/CVE-2023-22796.html
https://bugzilla.suse.com/1207454
1
0
SUSE-SU-2023:0276-1: moderate: Security update for rubygem-rack
by opensuse-security@opensuse.org 06 Feb '23
by opensuse-security@opensuse.org 06 Feb '23
06 Feb '23
SUSE Security Update: Security update for rubygem-rack
______________________________________________________________________________
Announcement ID: SUSE-SU-2023:0276-1
Rating: moderate
References: #1207596 #1207597 #1207599
Cross-References: CVE-2022-44570 CVE-2022-44571 CVE-2022-44572
CVSS scores:
CVE-2022-44570 (SUSE): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-44571 (SUSE): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-44572 (SUSE): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products:
SUSE Enterprise Storage 6
SUSE Enterprise Storage 7
SUSE Enterprise Storage 7.1
SUSE Linux Enterprise High Availability 15-SP1
SUSE Linux Enterprise High Availability 15-SP2
SUSE Linux Enterprise High Availability 15-SP3
SUSE Linux Enterprise High Availability 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP1
SUSE Linux Enterprise High Performance Computing 15-SP2
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Server 15-SP1
SUSE Linux Enterprise Server 15-SP2
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP1
SUSE Linux Enterprise Server for SAP Applications 15-SP2
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.0
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.0
SUSE Manager Retail Branch Server 4.1
SUSE Manager Retail Branch Server 4.2
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.0
SUSE Manager Server 4.1
SUSE Manager Server 4.2
SUSE Manager Server 4.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes three vulnerabilities is now available.
Description:
This update for rubygem-rack fixes the following issues:
- CVE-2022-44570: Fixed a potential denial of service when parsing a
RFC2183 multipart boundary (bsc#1207597).
- CVE-2022-44571: Fixed a potential denial of service when parsing a Range
header (bsc#1207599).
- CVE-2022-44572: Fixed a potential denial of service when parsing a
Content-Disposition header (bsc#1207596).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2023-276=1
- SUSE Linux Enterprise High Availability 15-SP4:
zypper in -t patch SUSE-SLE-Product-HA-15-SP4-2023-276=1
- SUSE Linux Enterprise High Availability 15-SP3:
zypper in -t patch SUSE-SLE-Product-HA-15-SP3-2023-276=1
- SUSE Linux Enterprise High Availability 15-SP2:
zypper in -t patch SUSE-SLE-Product-HA-15-SP2-2023-276=1
- SUSE Linux Enterprise High Availability 15-SP1:
zypper in -t patch SUSE-SLE-Product-HA-15-SP1-2023-276=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
ruby2.5-rubygem-rack-2.0.8-150000.3.12.1
ruby2.5-rubygem-rack-doc-2.0.8-150000.3.12.1
ruby2.5-rubygem-rack-testsuite-2.0.8-150000.3.12.1
- SUSE Linux Enterprise High Availability 15-SP4 (aarch64 ppc64le s390x x86_64):
ruby2.5-rubygem-rack-2.0.8-150000.3.12.1
- SUSE Linux Enterprise High Availability 15-SP3 (aarch64 ppc64le s390x x86_64):
ruby2.5-rubygem-rack-2.0.8-150000.3.12.1
- SUSE Linux Enterprise High Availability 15-SP2 (aarch64 ppc64le s390x x86_64):
ruby2.5-rubygem-rack-2.0.8-150000.3.12.1
- SUSE Linux Enterprise High Availability 15-SP1 (aarch64 ppc64le s390x x86_64):
ruby2.5-rubygem-rack-2.0.8-150000.3.12.1
References:
https://www.suse.com/security/cve/CVE-2022-44570.html
https://www.suse.com/security/cve/CVE-2022-44571.html
https://www.suse.com/security/cve/CVE-2022-44572.html
https://bugzilla.suse.com/1207596
https://bugzilla.suse.com/1207597
https://bugzilla.suse.com/1207599
1
0
openSUSE-SU-2023:0040-1: moderate: Security update for syslog-ng
by opensuse-security@opensuse.org 04 Feb '23
by opensuse-security@opensuse.org 04 Feb '23
04 Feb '23
openSUSE Security Update: Security update for syslog-ng
______________________________________________________________________________
Announcement ID: openSUSE-SU-2023:0040-1
Rating: moderate
References: #1207460
Cross-References: CVE-2022-38725
CVSS scores:
CVE-2022-38725 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-38725 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products:
openSUSE Backports SLE-15-SP4
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for syslog-ng fixes the following issues:
- CVE-2022-38725: Fixed integer overflow in parsers that allowed a remote
denial of service (boo#1207460)
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Backports SLE-15-SP4:
zypper in -t patch openSUSE-2023-40=1
Package List:
- openSUSE Backports SLE-15-SP4 (aarch64 ppc64le s390x x86_64):
libevtlog-3_35-0-3.35.1-bp154.3.3.1
syslog-ng-3.35.1-bp154.3.3.1
syslog-ng-curl-3.35.1-bp154.3.3.1
syslog-ng-devel-3.35.1-bp154.3.3.1
syslog-ng-geoip-3.35.1-bp154.3.3.1
syslog-ng-java-3.35.1-bp154.3.3.1
syslog-ng-mqtt-3.35.1-bp154.3.3.1
syslog-ng-python-3.35.1-bp154.3.3.1
syslog-ng-redis-3.35.1-bp154.3.3.1
syslog-ng-smtp-3.35.1-bp154.3.3.1
syslog-ng-snmp-3.35.1-bp154.3.3.1
syslog-ng-sql-3.35.1-bp154.3.3.1
References:
https://www.suse.com/security/cve/CVE-2022-38725.html
https://bugzilla.suse.com/1207460
1
0
SUSE-SU-2023:0220-1: moderate: Security update for tmux
by opensuse-security@opensuse.org 01 Feb '23
by opensuse-security@opensuse.org 01 Feb '23
01 Feb '23
SUSE Security Update: Security update for tmux
______________________________________________________________________________
Announcement ID: SUSE-SU-2023:0220-1
Rating: moderate
References: #1207393
Cross-References: CVE-2022-47016
CVSS scores:
CVE-2022-47016 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-47016 (SUSE): 4.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H
Affected Products:
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for tmux fixes the following issues:
- CVE-2022-47016: Fixed a null pointer dereference in window.c.
(bsc#1207393)
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2023-220=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
tmux-3.1c-150300.3.3.1
tmux-debuginfo-3.1c-150300.3.3.1
tmux-debugsource-3.1c-150300.3.3.1
References:
https://www.suse.com/security/cve/CVE-2022-47016.html
https://bugzilla.suse.com/1207393
1
0
SUSE-SU-2023:0221-1: important: Security update for xterm
by opensuse-security@opensuse.org 01 Feb '23
by opensuse-security@opensuse.org 01 Feb '23
01 Feb '23
SUSE Security Update: Security update for xterm
______________________________________________________________________________
Announcement ID: SUSE-SU-2023:0221-1
Rating: important
References: #1205305
Cross-References: CVE-2022-45063
CVSS scores:
CVE-2022-45063 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-45063 (SUSE): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected Products:
SUSE Enterprise Storage 7
SUSE Enterprise Storage 7.1
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP3-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP3-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Realtime Extension 15-SP3
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server 15-SP3-LTSS
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.2
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.2
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.2
SUSE Manager Server 4.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for xterm fixes the following issues:
- CVE-2022-45063: Fixed an arbitrary code execution issue under
configurations using vi and zsh (bsc#1205305).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2023-221=1
- SUSE Manager Server 4.2:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.2-2023-221=1
- SUSE Manager Retail Branch Server 4.2:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.2-2023-221=1
- SUSE Manager Proxy 4.2:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.2-2023-221=1
- SUSE Linux Enterprise Server for SAP 15-SP3:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2023-221=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2023-221=1
- SUSE Linux Enterprise Server 15-SP3-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2023-221=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2023-221=1
- SUSE Linux Enterprise Realtime Extension 15-SP3:
zypper in -t patch SUSE-SLE-Product-RT-15-SP3-2023-221=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2023-221=1
- SUSE Linux Enterprise High Performance Computing 15-SP3-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2023-221=1
- SUSE Linux Enterprise High Performance Computing 15-SP3-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-ESPOS-2023-221=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2023-221=1
- SUSE Enterprise Storage 7.1:
zypper in -t patch SUSE-Storage-7.1-2023-221=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2023-221=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
xterm-330-150200.11.9.1
xterm-bin-330-150200.11.9.1
xterm-bin-debuginfo-330-150200.11.9.1
xterm-debugsource-330-150200.11.9.1
- SUSE Manager Server 4.2 (ppc64le s390x x86_64):
xterm-330-150200.11.9.1
xterm-bin-330-150200.11.9.1
xterm-bin-debuginfo-330-150200.11.9.1
xterm-debugsource-330-150200.11.9.1
- SUSE Manager Retail Branch Server 4.2 (x86_64):
xterm-330-150200.11.9.1
xterm-bin-330-150200.11.9.1
xterm-bin-debuginfo-330-150200.11.9.1
xterm-debugsource-330-150200.11.9.1
- SUSE Manager Proxy 4.2 (x86_64):
xterm-330-150200.11.9.1
xterm-bin-330-150200.11.9.1
xterm-bin-debuginfo-330-150200.11.9.1
xterm-debugsource-330-150200.11.9.1
- SUSE Linux Enterprise Server for SAP 15-SP3 (ppc64le x86_64):
xterm-330-150200.11.9.1
xterm-bin-330-150200.11.9.1
xterm-bin-debuginfo-330-150200.11.9.1
xterm-debugsource-330-150200.11.9.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64):
xterm-330-150200.11.9.1
xterm-bin-330-150200.11.9.1
xterm-bin-debuginfo-330-150200.11.9.1
xterm-debugsource-330-150200.11.9.1
- SUSE Linux Enterprise Server 15-SP3-LTSS (aarch64 ppc64le s390x x86_64):
xterm-330-150200.11.9.1
xterm-bin-330-150200.11.9.1
xterm-bin-debuginfo-330-150200.11.9.1
xterm-debugsource-330-150200.11.9.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64):
xterm-330-150200.11.9.1
xterm-bin-330-150200.11.9.1
xterm-bin-debuginfo-330-150200.11.9.1
xterm-debugsource-330-150200.11.9.1
- SUSE Linux Enterprise Realtime Extension 15-SP3 (x86_64):
xterm-330-150200.11.9.1
xterm-bin-330-150200.11.9.1
xterm-bin-debuginfo-330-150200.11.9.1
xterm-debugsource-330-150200.11.9.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64 ppc64le s390x x86_64):
xterm-330-150200.11.9.1
xterm-bin-330-150200.11.9.1
xterm-bin-debuginfo-330-150200.11.9.1
xterm-debugsource-330-150200.11.9.1
- SUSE Linux Enterprise High Performance Computing 15-SP3-LTSS (aarch64 x86_64):
xterm-330-150200.11.9.1
xterm-bin-330-150200.11.9.1
xterm-bin-debuginfo-330-150200.11.9.1
xterm-debugsource-330-150200.11.9.1
- SUSE Linux Enterprise High Performance Computing 15-SP3-ESPOS (aarch64 x86_64):
xterm-330-150200.11.9.1
xterm-bin-330-150200.11.9.1
xterm-bin-debuginfo-330-150200.11.9.1
xterm-debugsource-330-150200.11.9.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64):
xterm-330-150200.11.9.1
xterm-bin-330-150200.11.9.1
xterm-bin-debuginfo-330-150200.11.9.1
xterm-debugsource-330-150200.11.9.1
- SUSE Enterprise Storage 7.1 (aarch64 x86_64):
xterm-330-150200.11.9.1
xterm-bin-330-150200.11.9.1
xterm-bin-debuginfo-330-150200.11.9.1
xterm-debugsource-330-150200.11.9.1
- SUSE Enterprise Storage 7 (aarch64 x86_64):
xterm-330-150200.11.9.1
xterm-bin-330-150200.11.9.1
xterm-bin-debuginfo-330-150200.11.9.1
xterm-debugsource-330-150200.11.9.1
References:
https://www.suse.com/security/cve/CVE-2022-45063.html
https://bugzilla.suse.com/1205305
1
0
SUSE-SU-2023:0223-1: moderate: Security update for python-setuptools
by opensuse-security@opensuse.org 01 Feb '23
by opensuse-security@opensuse.org 01 Feb '23
01 Feb '23
SUSE Security Update: Security update for python-setuptools
______________________________________________________________________________
Announcement ID: SUSE-SU-2023:0223-1
Rating: moderate
References: #1206667
Cross-References: CVE-2022-40897
CVSS scores:
CVE-2022-40897 (NVD) : 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-40897 (SUSE): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
Affected Products:
SUSE Linux Enterprise Micro 5.1
SUSE Linux Enterprise Micro 5.2
SUSE Linux Enterprise Realtime Extension 15-SP3
openSUSE Leap Micro 5.2
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for python-setuptools fixes the following issues:
- CVE-2022-40897: Fixed an excessive CPU usage that could be triggered by
fetching a malicious HTML document (bsc#1206667).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap Micro 5.2:
zypper in -t patch openSUSE-Leap-Micro-5.2-2023-223=1
- SUSE Linux Enterprise Realtime Extension 15-SP3:
zypper in -t patch SUSE-SLE-Product-RT-15-SP3-2023-223=1
- SUSE Linux Enterprise Micro 5.2:
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2023-223=1
- SUSE Linux Enterprise Micro 5.1:
zypper in -t patch SUSE-SUSE-MicroOS-5.1-2023-223=1
Package List:
- openSUSE Leap Micro 5.2 (noarch):
python3-setuptools-40.5.0-150100.6.6.1
- SUSE Linux Enterprise Realtime Extension 15-SP3 (noarch):
python3-setuptools-40.5.0-150100.6.6.1
python3-setuptools-test-40.5.0-150100.6.6.1
python3-setuptools-wheel-40.5.0-150100.6.6.1
- SUSE Linux Enterprise Micro 5.2 (noarch):
python3-setuptools-40.5.0-150100.6.6.1
- SUSE Linux Enterprise Micro 5.1 (noarch):
python3-setuptools-40.5.0-150100.6.6.1
References:
https://www.suse.com/security/cve/CVE-2022-40897.html
https://bugzilla.suse.com/1206667
1
0
SUSE-SU-2023:0225-1: important: Security update for ctags
by opensuse-security@opensuse.org 01 Feb '23
by opensuse-security@opensuse.org 01 Feb '23
01 Feb '23
SUSE Security Update: Security update for ctags
______________________________________________________________________________
Announcement ID: SUSE-SU-2023:0225-1
Rating: important
References: #1206543
Cross-References: CVE-2022-4515
CVSS scores:
CVE-2022-4515 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-4515 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected Products:
SUSE CaaS Platform 4.0
SUSE Enterprise Storage 6
SUSE Enterprise Storage 7
SUSE Enterprise Storage 7.1
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP3-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP3-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Development Tools 15-SP4
SUSE Linux Enterprise Realtime Extension 15-SP3
SUSE Linux Enterprise Server 15-SP1-LTSS
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server 15-SP3-LTSS
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP 15-SP1
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for ctags fixes the following issues:
- CVE-2022-4515: Fixed a command injection issue via a tag file wih a
crafted filename (bsc#1206543).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2023-225=1
- SUSE Linux Enterprise Server for SAP 15-SP3:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2023-225=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2023-225=1
- SUSE Linux Enterprise Server for SAP 15-SP1:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2023-225=1
- SUSE Linux Enterprise Server 15-SP3-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2023-225=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2023-225=1
- SUSE Linux Enterprise Server 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2023-225=1
- SUSE Linux Enterprise Realtime Extension 15-SP3:
zypper in -t patch SUSE-SLE-Product-RT-15-SP3-2023-225=1
- SUSE Linux Enterprise Module for Development Tools 15-SP4:
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP4-2023-225=1
- SUSE Linux Enterprise High Performance Computing 15-SP3-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2023-225=1
- SUSE Linux Enterprise High Performance Computing 15-SP3-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-ESPOS-2023-225=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2023-225=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-LTSS-2023-225=1
- SUSE Enterprise Storage 7.1:
zypper in -t patch SUSE-Storage-7.1-2023-225=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2023-225=1
- SUSE Enterprise Storage 6:
zypper in -t patch SUSE-Storage-6-2023-225=1
- SUSE CaaS Platform 4.0:
To install this update, use the SUSE CaaS Platform 'skuba' tool. It
will inform you if it detects new updates and let you then trigger
updating of the complete cluster in a controlled way.
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
ctags-5.8-150000.3.3.1
ctags-debuginfo-5.8-150000.3.3.1
ctags-debugsource-5.8-150000.3.3.1
- SUSE Linux Enterprise Server for SAP 15-SP3 (ppc64le x86_64):
ctags-5.8-150000.3.3.1
ctags-debuginfo-5.8-150000.3.3.1
ctags-debugsource-5.8-150000.3.3.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64):
ctags-5.8-150000.3.3.1
ctags-debuginfo-5.8-150000.3.3.1
ctags-debugsource-5.8-150000.3.3.1
- SUSE Linux Enterprise Server for SAP 15-SP1 (ppc64le x86_64):
ctags-5.8-150000.3.3.1
ctags-debuginfo-5.8-150000.3.3.1
ctags-debugsource-5.8-150000.3.3.1
- SUSE Linux Enterprise Server 15-SP3-LTSS (aarch64 ppc64le s390x x86_64):
ctags-5.8-150000.3.3.1
ctags-debuginfo-5.8-150000.3.3.1
ctags-debugsource-5.8-150000.3.3.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64):
ctags-5.8-150000.3.3.1
ctags-debuginfo-5.8-150000.3.3.1
ctags-debugsource-5.8-150000.3.3.1
- SUSE Linux Enterprise Server 15-SP1-LTSS (aarch64 ppc64le s390x x86_64):
ctags-5.8-150000.3.3.1
ctags-debuginfo-5.8-150000.3.3.1
ctags-debugsource-5.8-150000.3.3.1
- SUSE Linux Enterprise Realtime Extension 15-SP3 (x86_64):
ctags-5.8-150000.3.3.1
ctags-debuginfo-5.8-150000.3.3.1
ctags-debugsource-5.8-150000.3.3.1
- SUSE Linux Enterprise Module for Development Tools 15-SP4 (aarch64 ppc64le s390x x86_64):
ctags-5.8-150000.3.3.1
ctags-debuginfo-5.8-150000.3.3.1
ctags-debugsource-5.8-150000.3.3.1
- SUSE Linux Enterprise High Performance Computing 15-SP3-LTSS (aarch64 x86_64):
ctags-5.8-150000.3.3.1
ctags-debuginfo-5.8-150000.3.3.1
ctags-debugsource-5.8-150000.3.3.1
- SUSE Linux Enterprise High Performance Computing 15-SP3-ESPOS (aarch64 x86_64):
ctags-5.8-150000.3.3.1
ctags-debuginfo-5.8-150000.3.3.1
ctags-debugsource-5.8-150000.3.3.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64):
ctags-5.8-150000.3.3.1
ctags-debuginfo-5.8-150000.3.3.1
ctags-debugsource-5.8-150000.3.3.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (aarch64 x86_64):
ctags-5.8-150000.3.3.1
ctags-debuginfo-5.8-150000.3.3.1
ctags-debugsource-5.8-150000.3.3.1
- SUSE Enterprise Storage 7.1 (aarch64 x86_64):
ctags-5.8-150000.3.3.1
ctags-debuginfo-5.8-150000.3.3.1
ctags-debugsource-5.8-150000.3.3.1
- SUSE Enterprise Storage 7 (aarch64 x86_64):
ctags-5.8-150000.3.3.1
ctags-debuginfo-5.8-150000.3.3.1
ctags-debugsource-5.8-150000.3.3.1
- SUSE Enterprise Storage 6 (aarch64 x86_64):
ctags-5.8-150000.3.3.1
ctags-debuginfo-5.8-150000.3.3.1
ctags-debugsource-5.8-150000.3.3.1
- SUSE CaaS Platform 4.0 (x86_64):
ctags-5.8-150000.3.3.1
ctags-debuginfo-5.8-150000.3.3.1
ctags-debugsource-5.8-150000.3.3.1
References:
https://www.suse.com/security/cve/CVE-2022-4515.html
https://bugzilla.suse.com/1206543
1
0
SUSE-SU-2023:0222-1: important: Security update for samba
by opensuse-security@opensuse.org 01 Feb '23
by opensuse-security@opensuse.org 01 Feb '23
01 Feb '23
SUSE Security Update: Security update for samba
______________________________________________________________________________
Announcement ID: SUSE-SU-2023:0222-1
Rating: important
References: #1205385 #1206504 #1206546
Cross-References: CVE-2021-20251 CVE-2022-37966 CVE-2022-38023
CVSS scores:
CVE-2021-20251 (SUSE): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-37966 (NVD) : 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-37966 (SUSE): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-38023 (NVD) : 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-38023 (SUSE): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products:
SUSE CaaS Platform 4.0
SUSE Enterprise Storage 6
SUSE Linux Enterprise High Availability 15-SP1
SUSE Linux Enterprise High Performance Computing 15-SP1
SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS
SUSE Linux Enterprise Server 15-SP1
SUSE Linux Enterprise Server 15-SP1-LTSS
SUSE Linux Enterprise Server for SAP 15-SP1
SUSE Linux Enterprise Server for SAP Applications 15-SP1
SUSE Manager Proxy 4.0
SUSE Manager Retail Branch Server 4.0
SUSE Manager Server 4.0
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes three vulnerabilities is now available.
Description:
This update for samba fixes the following issues:
- CVE-2021-20251: Fixed an issue where the bad password count would not be
properly incremented, which could allow attackers to brute force a
user's password (bsc#1206546).
- CVE-2022-38023: Disabled weak ciphers by default in the Netlogon Secure
channel (bsc#1206504).
- CVE-2022-37966: Fixed an issue where a weak cipher would be selected to
encrypt session keys, which could lead to privilege escalation
(bsc#1205385).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2023-222=1
- SUSE Linux Enterprise Server for SAP 15-SP1:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2023-222=1
- SUSE Linux Enterprise Server 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2023-222=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-LTSS-2023-222=1
- SUSE Linux Enterprise High Availability 15-SP1:
zypper in -t patch SUSE-SLE-Product-HA-15-SP1-2023-222=1
- SUSE Enterprise Storage 6:
zypper in -t patch SUSE-Storage-6-2023-222=1
- SUSE CaaS Platform 4.0:
To install this update, use the SUSE CaaS Platform 'skuba' tool. It
will inform you if it detects new updates and let you then trigger
updating of the complete cluster in a controlled way.
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
libsamba-policy-python-devel-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-policy0-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-policy0-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-libs-python-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-libs-python-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-python-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-python-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
- openSUSE Leap 15.4 (x86_64):
libsamba-policy0-32bit-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-policy0-32bit-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-libs-python-32bit-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-libs-python-32bit-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
- SUSE Linux Enterprise Server for SAP 15-SP1 (ppc64le x86_64):
libdcerpc-binding0-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libdcerpc-binding0-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libdcerpc-devel-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libdcerpc-samr-devel-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libdcerpc-samr0-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libdcerpc-samr0-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libdcerpc0-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libdcerpc0-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libndr-devel-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libndr-krb5pac-devel-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libndr-krb5pac0-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libndr-krb5pac0-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libndr-nbt-devel-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libndr-nbt0-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libndr-nbt0-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libndr-standard-devel-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libndr-standard0-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libndr-standard0-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libndr0-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libndr0-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libnetapi-devel-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libnetapi0-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libnetapi0-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-credentials-devel-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-credentials0-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-credentials0-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-errors-devel-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-errors0-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-errors0-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-hostconfig-devel-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-hostconfig0-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-hostconfig0-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-passdb-devel-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-passdb0-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-passdb0-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-policy-devel-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-policy-python3-devel-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-policy0-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-policy0-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-policy0-python3-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-policy0-python3-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-util-devel-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-util0-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-util0-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamdb-devel-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamdb0-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamdb0-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsmbclient-devel-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsmbclient0-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsmbclient0-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsmbconf-devel-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsmbconf0-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsmbconf0-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsmbldap-devel-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsmbldap2-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsmbldap2-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libtevent-util-devel-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libtevent-util0-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libtevent-util0-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libwbclient-devel-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libwbclient0-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libwbclient0-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-ad-dc-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-ad-dc-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-client-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-client-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-core-devel-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-debugsource-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-dsdb-modules-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-dsdb-modules-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-libs-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-libs-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-libs-python-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-libs-python-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-libs-python3-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-libs-python3-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-python-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-python-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-python3-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-python3-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-winbind-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-winbind-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
- SUSE Linux Enterprise Server for SAP 15-SP1 (x86_64):
libdcerpc-binding0-32bit-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libdcerpc-binding0-32bit-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libdcerpc0-32bit-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libdcerpc0-32bit-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libndr-krb5pac0-32bit-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libndr-krb5pac0-32bit-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libndr-nbt0-32bit-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libndr-nbt0-32bit-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libndr-standard0-32bit-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libndr-standard0-32bit-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libndr0-32bit-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libndr0-32bit-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libnetapi0-32bit-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libnetapi0-32bit-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-credentials0-32bit-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-credentials0-32bit-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-errors0-32bit-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-errors0-32bit-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-hostconfig0-32bit-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-hostconfig0-32bit-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-passdb0-32bit-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-passdb0-32bit-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-util0-32bit-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-util0-32bit-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamdb0-32bit-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamdb0-32bit-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsmbconf0-32bit-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsmbconf0-32bit-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsmbldap2-32bit-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsmbldap2-32bit-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libtevent-util0-32bit-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libtevent-util0-32bit-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libwbclient0-32bit-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libwbclient0-32bit-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-libs-32bit-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-libs-32bit-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-winbind-32bit-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-winbind-32bit-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
- SUSE Linux Enterprise Server 15-SP1-LTSS (aarch64 ppc64le s390x x86_64):
libdcerpc-binding0-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libdcerpc-binding0-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libdcerpc-devel-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libdcerpc-samr-devel-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libdcerpc-samr0-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libdcerpc-samr0-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libdcerpc0-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libdcerpc0-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libndr-devel-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libndr-krb5pac-devel-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libndr-krb5pac0-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libndr-krb5pac0-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libndr-nbt-devel-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libndr-nbt0-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libndr-nbt0-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libndr-standard-devel-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libndr-standard0-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libndr-standard0-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libndr0-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libndr0-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libnetapi-devel-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libnetapi0-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libnetapi0-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-credentials-devel-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-credentials0-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-credentials0-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-errors-devel-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-errors0-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-errors0-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-hostconfig-devel-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-hostconfig0-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-hostconfig0-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-passdb-devel-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-passdb0-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-passdb0-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-policy-devel-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-policy-python3-devel-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-policy0-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-policy0-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-policy0-python3-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-policy0-python3-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-util-devel-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-util0-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-util0-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamdb-devel-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamdb0-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamdb0-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsmbclient-devel-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsmbclient0-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsmbclient0-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsmbconf-devel-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsmbconf0-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsmbconf0-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsmbldap-devel-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsmbldap2-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsmbldap2-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libtevent-util-devel-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libtevent-util0-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libtevent-util0-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libwbclient-devel-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libwbclient0-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libwbclient0-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-ad-dc-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-ad-dc-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-client-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-client-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-core-devel-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-debugsource-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-dsdb-modules-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-dsdb-modules-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-libs-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-libs-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-libs-python-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-libs-python-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-libs-python3-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-libs-python3-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-python-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-python-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-python3-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-python3-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-winbind-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-winbind-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
- SUSE Linux Enterprise Server 15-SP1-LTSS (x86_64):
libdcerpc-binding0-32bit-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libdcerpc-binding0-32bit-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libdcerpc0-32bit-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libdcerpc0-32bit-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libndr-krb5pac0-32bit-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libndr-krb5pac0-32bit-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libndr-nbt0-32bit-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libndr-nbt0-32bit-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libndr-standard0-32bit-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libndr-standard0-32bit-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libndr0-32bit-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libndr0-32bit-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libnetapi0-32bit-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libnetapi0-32bit-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-credentials0-32bit-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-credentials0-32bit-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-errors0-32bit-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-errors0-32bit-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-hostconfig0-32bit-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-hostconfig0-32bit-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-passdb0-32bit-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-passdb0-32bit-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-util0-32bit-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-util0-32bit-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamdb0-32bit-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamdb0-32bit-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsmbconf0-32bit-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsmbconf0-32bit-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsmbldap2-32bit-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsmbldap2-32bit-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libtevent-util0-32bit-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libtevent-util0-32bit-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libwbclient0-32bit-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libwbclient0-32bit-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-libs-32bit-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-libs-32bit-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-winbind-32bit-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-winbind-32bit-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (aarch64 x86_64):
libdcerpc-binding0-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libdcerpc-binding0-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libdcerpc-devel-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libdcerpc-samr-devel-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libdcerpc-samr0-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libdcerpc-samr0-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libdcerpc0-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libdcerpc0-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libndr-devel-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libndr-krb5pac-devel-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libndr-krb5pac0-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libndr-krb5pac0-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libndr-nbt-devel-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libndr-nbt0-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libndr-nbt0-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libndr-standard-devel-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libndr-standard0-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libndr-standard0-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libndr0-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libndr0-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libnetapi-devel-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libnetapi0-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libnetapi0-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-credentials-devel-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-credentials0-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-credentials0-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-errors-devel-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-errors0-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-errors0-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-hostconfig-devel-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-hostconfig0-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-hostconfig0-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-passdb-devel-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-passdb0-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-passdb0-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-policy-devel-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-policy-python3-devel-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-policy0-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-policy0-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-policy0-python3-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-policy0-python3-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-util-devel-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-util0-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-util0-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamdb-devel-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamdb0-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamdb0-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsmbclient-devel-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsmbclient0-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsmbclient0-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsmbconf-devel-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsmbconf0-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsmbconf0-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsmbldap-devel-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsmbldap2-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsmbldap2-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libtevent-util-devel-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libtevent-util0-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libtevent-util0-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libwbclient-devel-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libwbclient0-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libwbclient0-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-ad-dc-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-ad-dc-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-client-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-client-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-core-devel-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-debugsource-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-dsdb-modules-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-dsdb-modules-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-libs-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-libs-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-libs-python-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-libs-python-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-libs-python3-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-libs-python3-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-python-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-python-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-python3-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-python3-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-winbind-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-winbind-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (x86_64):
libdcerpc-binding0-32bit-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libdcerpc-binding0-32bit-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libdcerpc0-32bit-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libdcerpc0-32bit-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libndr-krb5pac0-32bit-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libndr-krb5pac0-32bit-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libndr-nbt0-32bit-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libndr-nbt0-32bit-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libndr-standard0-32bit-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libndr-standard0-32bit-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libndr0-32bit-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libndr0-32bit-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libnetapi0-32bit-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libnetapi0-32bit-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-credentials0-32bit-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-credentials0-32bit-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-errors0-32bit-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-errors0-32bit-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-hostconfig0-32bit-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-hostconfig0-32bit-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-passdb0-32bit-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-passdb0-32bit-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-util0-32bit-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-util0-32bit-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamdb0-32bit-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamdb0-32bit-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsmbconf0-32bit-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsmbconf0-32bit-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsmbldap2-32bit-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsmbldap2-32bit-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libtevent-util0-32bit-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libtevent-util0-32bit-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libwbclient0-32bit-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libwbclient0-32bit-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-libs-32bit-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-libs-32bit-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-winbind-32bit-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-winbind-32bit-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
- SUSE Linux Enterprise High Availability 15-SP1 (aarch64 ppc64le s390x x86_64):
ctdb-4.9.5+git.552.fec1a5e57a-150100.3.73.1
ctdb-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-debugsource-4.9.5+git.552.fec1a5e57a-150100.3.73.1
- SUSE Enterprise Storage 6 (aarch64 x86_64):
libdcerpc-binding0-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libdcerpc-binding0-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libdcerpc-devel-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libdcerpc-samr-devel-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libdcerpc-samr0-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libdcerpc-samr0-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libdcerpc0-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libdcerpc0-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libndr-devel-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libndr-krb5pac-devel-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libndr-krb5pac0-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libndr-krb5pac0-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libndr-nbt-devel-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libndr-nbt0-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libndr-nbt0-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libndr-standard-devel-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libndr-standard0-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libndr-standard0-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libndr0-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libndr0-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libnetapi-devel-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libnetapi0-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libnetapi0-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-credentials-devel-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-credentials0-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-credentials0-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-errors-devel-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-errors0-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-errors0-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-hostconfig-devel-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-hostconfig0-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-hostconfig0-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-passdb-devel-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-passdb0-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-passdb0-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-policy-devel-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-policy-python3-devel-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-policy0-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-policy0-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-policy0-python3-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-policy0-python3-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-util-devel-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-util0-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-util0-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamdb-devel-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamdb0-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamdb0-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsmbclient-devel-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsmbclient0-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsmbclient0-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsmbconf-devel-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsmbconf0-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsmbconf0-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsmbldap-devel-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsmbldap2-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsmbldap2-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libtevent-util-devel-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libtevent-util0-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libtevent-util0-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libwbclient-devel-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libwbclient0-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libwbclient0-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-ad-dc-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-ad-dc-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-ceph-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-ceph-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-client-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-client-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-core-devel-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-debugsource-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-dsdb-modules-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-dsdb-modules-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-libs-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-libs-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-libs-python-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-libs-python-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-libs-python3-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-libs-python3-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-python-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-python-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-python3-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-python3-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-winbind-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-winbind-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
- SUSE Enterprise Storage 6 (x86_64):
libdcerpc-binding0-32bit-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libdcerpc-binding0-32bit-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libdcerpc0-32bit-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libdcerpc0-32bit-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libndr-krb5pac0-32bit-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libndr-krb5pac0-32bit-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libndr-nbt0-32bit-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libndr-nbt0-32bit-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libndr-standard0-32bit-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libndr-standard0-32bit-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libndr0-32bit-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libndr0-32bit-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libnetapi0-32bit-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libnetapi0-32bit-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-credentials0-32bit-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-credentials0-32bit-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-errors0-32bit-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-errors0-32bit-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-hostconfig0-32bit-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-hostconfig0-32bit-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-passdb0-32bit-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-passdb0-32bit-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-util0-32bit-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-util0-32bit-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamdb0-32bit-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamdb0-32bit-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsmbconf0-32bit-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsmbconf0-32bit-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsmbldap2-32bit-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsmbldap2-32bit-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libtevent-util0-32bit-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libtevent-util0-32bit-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libwbclient0-32bit-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libwbclient0-32bit-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-libs-32bit-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-libs-32bit-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-winbind-32bit-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-winbind-32bit-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
- SUSE CaaS Platform 4.0 (x86_64):
libdcerpc-binding0-32bit-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libdcerpc-binding0-32bit-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libdcerpc-binding0-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libdcerpc-binding0-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libdcerpc-devel-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libdcerpc-samr-devel-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libdcerpc-samr0-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libdcerpc-samr0-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libdcerpc0-32bit-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libdcerpc0-32bit-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libdcerpc0-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libdcerpc0-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libndr-devel-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libndr-krb5pac-devel-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libndr-krb5pac0-32bit-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libndr-krb5pac0-32bit-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libndr-krb5pac0-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libndr-krb5pac0-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libndr-nbt-devel-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libndr-nbt0-32bit-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libndr-nbt0-32bit-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libndr-nbt0-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libndr-nbt0-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libndr-standard-devel-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libndr-standard0-32bit-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libndr-standard0-32bit-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libndr-standard0-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libndr-standard0-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libndr0-32bit-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libndr0-32bit-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libndr0-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libndr0-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libnetapi-devel-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libnetapi0-32bit-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libnetapi0-32bit-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libnetapi0-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libnetapi0-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-credentials-devel-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-credentials0-32bit-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-credentials0-32bit-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-credentials0-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-credentials0-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-errors-devel-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-errors0-32bit-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-errors0-32bit-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-errors0-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-errors0-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-hostconfig-devel-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-hostconfig0-32bit-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-hostconfig0-32bit-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-hostconfig0-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-hostconfig0-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-passdb-devel-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-passdb0-32bit-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-passdb0-32bit-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-passdb0-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-passdb0-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-policy-devel-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-policy-python3-devel-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-policy0-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-policy0-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-policy0-python3-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-policy0-python3-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-util-devel-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-util0-32bit-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-util0-32bit-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-util0-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamba-util0-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamdb-devel-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamdb0-32bit-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamdb0-32bit-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamdb0-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsamdb0-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsmbclient-devel-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsmbclient0-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsmbclient0-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsmbconf-devel-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsmbconf0-32bit-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsmbconf0-32bit-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsmbconf0-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsmbconf0-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsmbldap-devel-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsmbldap2-32bit-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsmbldap2-32bit-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsmbldap2-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libsmbldap2-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libtevent-util-devel-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libtevent-util0-32bit-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libtevent-util0-32bit-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libtevent-util0-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libtevent-util0-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libwbclient-devel-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libwbclient0-32bit-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libwbclient0-32bit-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libwbclient0-4.9.5+git.552.fec1a5e57a-150100.3.73.1
libwbclient0-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-ad-dc-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-ad-dc-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-client-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-client-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-core-devel-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-debugsource-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-dsdb-modules-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-dsdb-modules-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-libs-32bit-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-libs-32bit-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-libs-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-libs-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-libs-python-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-libs-python-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-libs-python3-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-libs-python3-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-python-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-python-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-python3-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-python3-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-winbind-32bit-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-winbind-32bit-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-winbind-4.9.5+git.552.fec1a5e57a-150100.3.73.1
samba-winbind-debuginfo-4.9.5+git.552.fec1a5e57a-150100.3.73.1
References:
https://www.suse.com/security/cve/CVE-2021-20251.html
https://www.suse.com/security/cve/CVE-2022-37966.html
https://www.suse.com/security/cve/CVE-2022-38023.html
https://bugzilla.suse.com/1205385
https://bugzilla.suse.com/1206504
https://bugzilla.suse.com/1206546
1
0