openSUSE Security Announce
Threads by month
- ----- 2024 -----
- May
- April
- March
- February
- January
- ----- 2023 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2022 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2021 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2020 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2019 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2018 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2017 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2016 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2015 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2014 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2013 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2012 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2011 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2010 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2009 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2008 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2007 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2006 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2005 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2004 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2003 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2002 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2001 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2000 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1999 -----
- December
- November
- October
- September
- August
August 2023
- 3 participants
- 127 discussions
SUSE-SU-2023:3378-1: important: Security update for nodejs18
by security@lists.opensuse.org 22 Aug '23
by security@lists.opensuse.org 22 Aug '23
22 Aug '23
# Security update for nodejs18
Announcement ID: SUSE-SU-2023:3378-1
Rating: important
References:
* #1214150
* #1214154
* #1214156
Cross-References:
* CVE-2023-32002
* CVE-2023-32006
* CVE-2023-32559
CVSS scores:
* CVE-2023-32002 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:H
* CVE-2023-32006 ( SUSE ): 5.6 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
* CVE-2023-32006 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-32559 ( SUSE ): 5.6 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
Affected Products:
* openSUSE Leap 15.4
* openSUSE Leap 15.5
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Manager Proxy 4.3
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Server 4.3
* Web and Scripting Module 15-SP4
* Web and Scripting Module 15-SP5
An update that solves three vulnerabilities can now be installed.
## Description:
This update for nodejs18 fixes the following issues:
Update to LTS version 18.17.1.
* CVE-2023-32002: Fixed permissions policies bypass via Module._load
(bsc#1214150).
* CVE-2023-32006: Fixed permissions policies impersonation using
module.constructor.createRequire() (bsc#1214156).
* CVE-2023-32559: Fixed permissions policies bypass via process.binding
(bsc#1214154).
## Patch Instructions:
To install this SUSE Important update use the SUSE recommended installation
methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.4
zypper in -t patch SUSE-2023-3378=1 openSUSE-SLE-15.4-2023-3378=1
* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2023-3378=1
* Web and Scripting Module 15-SP4
zypper in -t patch SUSE-SLE-Module-Web-Scripting-15-SP4-2023-3378=1
* Web and Scripting Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Web-Scripting-15-SP5-2023-3378=1
## Package List:
* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
* nodejs18-debugsource-18.17.1-150400.9.12.1
* nodejs18-18.17.1-150400.9.12.1
* nodejs18-debuginfo-18.17.1-150400.9.12.1
* corepack18-18.17.1-150400.9.12.1
* npm18-18.17.1-150400.9.12.1
* nodejs18-devel-18.17.1-150400.9.12.1
* openSUSE Leap 15.4 (noarch)
* nodejs18-docs-18.17.1-150400.9.12.1
* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64)
* nodejs18-debugsource-18.17.1-150400.9.12.1
* nodejs18-18.17.1-150400.9.12.1
* nodejs18-debuginfo-18.17.1-150400.9.12.1
* corepack18-18.17.1-150400.9.12.1
* npm18-18.17.1-150400.9.12.1
* nodejs18-devel-18.17.1-150400.9.12.1
* openSUSE Leap 15.5 (noarch)
* nodejs18-docs-18.17.1-150400.9.12.1
* Web and Scripting Module 15-SP4 (aarch64 ppc64le s390x x86_64)
* nodejs18-debugsource-18.17.1-150400.9.12.1
* nodejs18-18.17.1-150400.9.12.1
* nodejs18-debuginfo-18.17.1-150400.9.12.1
* npm18-18.17.1-150400.9.12.1
* nodejs18-devel-18.17.1-150400.9.12.1
* Web and Scripting Module 15-SP4 (noarch)
* nodejs18-docs-18.17.1-150400.9.12.1
* Web and Scripting Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* nodejs18-debugsource-18.17.1-150400.9.12.1
* nodejs18-18.17.1-150400.9.12.1
* nodejs18-debuginfo-18.17.1-150400.9.12.1
* npm18-18.17.1-150400.9.12.1
* nodejs18-devel-18.17.1-150400.9.12.1
* Web and Scripting Module 15-SP5 (noarch)
* nodejs18-docs-18.17.1-150400.9.12.1
## References:
* https://www.suse.com/security/cve/CVE-2023-32002.html
* https://www.suse.com/security/cve/CVE-2023-32006.html
* https://www.suse.com/security/cve/CVE-2023-32559.html
* https://bugzilla.suse.com/show_bug.cgi?id=1214150
* https://bugzilla.suse.com/show_bug.cgi?id=1214154
* https://bugzilla.suse.com/show_bug.cgi?id=1214156
1
0
SUSE-SU-2023:3379-1: important: Security update for nodejs16
by security@lists.opensuse.org 22 Aug '23
by security@lists.opensuse.org 22 Aug '23
22 Aug '23
# Security update for nodejs16
Announcement ID: SUSE-SU-2023:3379-1
Rating: important
References:
* #1214150
* #1214154
* #1214156
Cross-References:
* CVE-2023-32002
* CVE-2023-32006
* CVE-2023-32559
CVSS scores:
* CVE-2023-32002 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:H
* CVE-2023-32006 ( SUSE ): 5.6 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
* CVE-2023-32006 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-32559 ( SUSE ): 5.6 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
Affected Products:
* openSUSE Leap 15.4
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Manager Proxy 4.3
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Server 4.3
* Web and Scripting Module 15-SP4
An update that solves three vulnerabilities can now be installed.
## Description:
This update for nodejs16 fixes the following issues:
Update to LTS version 16.20.2.
* CVE-2023-32002: Fixed permissions policies bypass via Module._load
(bsc#1214150).
* CVE-2023-32006: Fixed permissions policies impersonation using
module.constructor.createRequire() (bsc#1214156).
* CVE-2023-32559: Fixed permissions policies bypass via process.binding
(bsc#1214154).
## Patch Instructions:
To install this SUSE Important update use the SUSE recommended installation
methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.4
zypper in -t patch SUSE-2023-3379=1 openSUSE-SLE-15.4-2023-3379=1
* Web and Scripting Module 15-SP4
zypper in -t patch SUSE-SLE-Module-Web-Scripting-15-SP4-2023-3379=1
## Package List:
* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
* corepack16-16.20.2-150400.3.24.1
* nodejs16-16.20.2-150400.3.24.1
* nodejs16-debuginfo-16.20.2-150400.3.24.1
* nodejs16-devel-16.20.2-150400.3.24.1
* npm16-16.20.2-150400.3.24.1
* nodejs16-debugsource-16.20.2-150400.3.24.1
* openSUSE Leap 15.4 (noarch)
* nodejs16-docs-16.20.2-150400.3.24.1
* Web and Scripting Module 15-SP4 (aarch64 ppc64le s390x x86_64)
* nodejs16-16.20.2-150400.3.24.1
* nodejs16-debuginfo-16.20.2-150400.3.24.1
* nodejs16-devel-16.20.2-150400.3.24.1
* npm16-16.20.2-150400.3.24.1
* nodejs16-debugsource-16.20.2-150400.3.24.1
* Web and Scripting Module 15-SP4 (noarch)
* nodejs16-docs-16.20.2-150400.3.24.1
## References:
* https://www.suse.com/security/cve/CVE-2023-32002.html
* https://www.suse.com/security/cve/CVE-2023-32006.html
* https://www.suse.com/security/cve/CVE-2023-32559.html
* https://bugzilla.suse.com/show_bug.cgi?id=1214150
* https://bugzilla.suse.com/show_bug.cgi?id=1214154
* https://bugzilla.suse.com/show_bug.cgi?id=1214156
1
0
SUSE-SU-2023:3380-1: important: Security update for qt6-base
by security@lists.opensuse.org 22 Aug '23
by security@lists.opensuse.org 22 Aug '23
22 Aug '23
# Security update for qt6-base
Announcement ID: SUSE-SU-2023:3380-1
Rating: important
References:
* #1211642
* #1211797
* #1211798
* #1211994
* #1213326
Cross-References:
* CVE-2023-32762
* CVE-2023-32763
* CVE-2023-33285
* CVE-2023-34410
* CVE-2023-38197
CVSS scores:
* CVE-2023-32762 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N
* CVE-2023-32762 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
* CVE-2023-32763 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2023-32763 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-33285 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
* CVE-2023-33285 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2023-34410 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
* CVE-2023-34410 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
* CVE-2023-38197 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2023-38197 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products:
* openSUSE Leap 15.4
* SUSE Linux Enterprise Desktop 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise Micro 5.3
* SUSE Linux Enterprise Micro 5.4
* SUSE Linux Enterprise Real Time 15 SP4
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Manager Proxy 4.3
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Server 4.3
* SUSE Package Hub 15 15-SP4
An update that solves five vulnerabilities can now be installed.
## Description:
This update for qt6-base fixes the following issues:
* CVE-2023-34410: Fixed certificate validation flaw (bsc#1211994).
* CVE-2023-33285: Fixed buffer overflow in QDnsLookup (bsc#1211642).
* CVE-2023-32762: Fixed strict-transport-security (HSTS) header parsing error
(QTBUG-113392) (bsc#1211797).
* CVE-2023-38197: Fixed infinite loops in QXmlStreamReader (QTBUG-92113,
QTBUG-95188) (bsc#1213326).
* CVE-2023-32763: Fixed buffer overflow in QTextLayout (QTBUG-113337,
QTBUG-106947, QTBUG-89557, QTBUG-104986) (bsc#1211798).
## Patch Instructions:
To install this SUSE Important update use the SUSE recommended installation
methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* SUSE Package Hub 15 15-SP4
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP4-2023-3380=1
* openSUSE Leap 15.4
zypper in -t patch SUSE-2023-3380=1 openSUSE-SLE-15.4-2023-3380=1
## Package List:
* SUSE Package Hub 15 15-SP4 (aarch64 ppc64le s390x x86_64)
* libQt6Gui6-6.2.2-150400.4.6.1
* libQt6Core6-6.2.2-150400.4.6.1
* libQt6Test6-6.2.2-150400.4.6.1
* libQt6OpenGLWidgets6-debuginfo-6.2.2-150400.4.6.1
* libQt6PrintSupport6-6.2.2-150400.4.6.1
* qt6-kmssupport-private-devel-6.2.2-150400.4.6.1
* qt6-core-private-devel-6.2.2-150400.4.6.1
* qt6-network-devel-6.2.2-150400.4.6.1
* qt6-openglwidgets-devel-6.2.2-150400.4.6.1
* qt6-platformsupport-devel-static-6.2.2-150400.4.6.1
* libQt6Network6-debuginfo-6.2.2-150400.4.6.1
* qt6-core-devel-6.2.2-150400.4.6.1
* qt6-sql-sqlite-6.2.2-150400.4.6.1
* qt6-sql-sqlite-debuginfo-6.2.2-150400.4.6.1
* libQt6Sql6-debuginfo-6.2.2-150400.4.6.1
* qt6-dbus-devel-6.2.2-150400.4.6.1
* libQt6Concurrent6-6.2.2-150400.4.6.1
* libQt6Core6-debuginfo-6.2.2-150400.4.6.1
* libQt6Gui6-debuginfo-6.2.2-150400.4.6.1
* qt6-gui-private-devel-6.2.2-150400.4.6.1
* qt6-widgets-devel-6.2.2-150400.4.6.1
* qt6-network-tls-debuginfo-6.2.2-150400.4.6.1
* libQt6PrintSupport6-debuginfo-6.2.2-150400.4.6.1
* qt6-opengl-devel-6.2.2-150400.4.6.1
* libQt6Network6-6.2.2-150400.4.6.1
* libQt6Concurrent6-debuginfo-6.2.2-150400.4.6.1
* libQt6OpenGL6-debuginfo-6.2.2-150400.4.6.1
* libQt6Xml6-6.2.2-150400.4.6.1
* libQt6Sql6-6.2.2-150400.4.6.1
* qt6-concurrent-devel-6.2.2-150400.4.6.1
* libQt6Xml6-debuginfo-6.2.2-150400.4.6.1
* libQt6OpenGL6-6.2.2-150400.4.6.1
* qt6-base-common-devel-debuginfo-6.2.2-150400.4.6.1
* libQt6OpenGLWidgets6-6.2.2-150400.4.6.1
* qt6-base-common-devel-6.2.2-150400.4.6.1
* qt6-xml-devel-6.2.2-150400.4.6.1
* qt6-sql-devel-6.2.2-150400.4.6.1
* libQt6DBus6-debuginfo-6.2.2-150400.4.6.1
* libQt6DBus6-6.2.2-150400.4.6.1
* qt6-opengl-private-devel-6.2.2-150400.4.6.1
* qt6-kmssupport-devel-static-6.2.2-150400.4.6.1
* qt6-base-debuginfo-6.2.2-150400.4.6.1
* qt6-gui-devel-6.2.2-150400.4.6.1
* qt6-test-devel-6.2.2-150400.4.6.1
* qt6-network-tls-6.2.2-150400.4.6.1
* libQt6Widgets6-debuginfo-6.2.2-150400.4.6.1
* libQt6Widgets6-6.2.2-150400.4.6.1
* qt6-base-debugsource-6.2.2-150400.4.6.1
* qt6-widgets-private-devel-6.2.2-150400.4.6.1
* libQt6Test6-debuginfo-6.2.2-150400.4.6.1
* qt6-printsupport-devel-6.2.2-150400.4.6.1
* SUSE Package Hub 15 15-SP4 (noarch)
* qt6-base-devel-6.2.2-150400.4.6.1
* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
* qt6-networkinformation-nm-6.2.2-150400.4.6.1
* libQt6Gui6-6.2.2-150400.4.6.1
* libQt6Core6-6.2.2-150400.4.6.1
* qt6-platformtheme-xdgdesktopportal-debuginfo-6.2.2-150400.4.6.1
* libQt6Test6-6.2.2-150400.4.6.1
* libQt6OpenGLWidgets6-debuginfo-6.2.2-150400.4.6.1
* libQt6PrintSupport6-6.2.2-150400.4.6.1
* qt6-kmssupport-private-devel-6.2.2-150400.4.6.1
* qt6-core-private-devel-6.2.2-150400.4.6.1
* qt6-printsupport-cups-6.2.2-150400.4.6.1
* qt6-network-devel-6.2.2-150400.4.6.1
* qt6-xml-private-devel-6.2.2-150400.4.6.1
* qt6-openglwidgets-devel-6.2.2-150400.4.6.1
* qt6-platformsupport-devel-static-6.2.2-150400.4.6.1
* libQt6Network6-debuginfo-6.2.2-150400.4.6.1
* qt6-core-devel-6.2.2-150400.4.6.1
* qt6-sql-sqlite-6.2.2-150400.4.6.1
* qt6-sql-sqlite-debuginfo-6.2.2-150400.4.6.1
* qt6-platformtheme-gtk3-debuginfo-6.2.2-150400.4.6.1
* libQt6Sql6-debuginfo-6.2.2-150400.4.6.1
* qt6-dbus-devel-6.2.2-150400.4.6.1
* libQt6Concurrent6-6.2.2-150400.4.6.1
* libQt6Core6-debuginfo-6.2.2-150400.4.6.1
* libQt6Gui6-debuginfo-6.2.2-150400.4.6.1
* qt6-gui-private-devel-6.2.2-150400.4.6.1
* qt6-widgets-devel-6.2.2-150400.4.6.1
* qt6-platformtheme-xdgdesktopportal-6.2.2-150400.4.6.1
* qt6-network-private-devel-6.2.2-150400.4.6.1
* qt6-network-tls-debuginfo-6.2.2-150400.4.6.1
* libQt6PrintSupport6-debuginfo-6.2.2-150400.4.6.1
* qt6-opengl-devel-6.2.2-150400.4.6.1
* libQt6Network6-6.2.2-150400.4.6.1
* qt6-test-private-devel-6.2.2-150400.4.6.1
* libQt6Concurrent6-debuginfo-6.2.2-150400.4.6.1
* qt6-printsupport-cups-debuginfo-6.2.2-150400.4.6.1
* libQt6OpenGL6-debuginfo-6.2.2-150400.4.6.1
* libQt6Xml6-6.2.2-150400.4.6.1
* libQt6Sql6-6.2.2-150400.4.6.1
* qt6-concurrent-devel-6.2.2-150400.4.6.1
* libQt6Xml6-debuginfo-6.2.2-150400.4.6.1
* libQt6OpenGL6-6.2.2-150400.4.6.1
* qt6-base-common-devel-debuginfo-6.2.2-150400.4.6.1
* qt6-sql-unixODBC-6.2.2-150400.4.6.1
* libQt6OpenGLWidgets6-6.2.2-150400.4.6.1
* qt6-base-common-devel-6.2.2-150400.4.6.1
* qt6-sql-mysql-debuginfo-6.2.2-150400.4.6.1
* qt6-base-docs-qch-6.2.2-150400.4.6.1
* qt6-networkinformation-nm-debuginfo-6.2.2-150400.4.6.1
* qt6-sql-unixODBC-debuginfo-6.2.2-150400.4.6.1
* qt6-xml-devel-6.2.2-150400.4.6.1
* qt6-sql-devel-6.2.2-150400.4.6.1
* qt6-printsupport-private-devel-6.2.2-150400.4.6.1
* qt6-sql-private-devel-6.2.2-150400.4.6.1
* libQt6DBus6-debuginfo-6.2.2-150400.4.6.1
* libQt6DBus6-6.2.2-150400.4.6.1
* qt6-opengl-private-devel-6.2.2-150400.4.6.1
* qt6-kmssupport-devel-static-6.2.2-150400.4.6.1
* qt6-platformtheme-gtk3-6.2.2-150400.4.6.1
* qt6-base-debuginfo-6.2.2-150400.4.6.1
* qt6-base-examples-6.2.2-150400.4.6.1
* qt6-gui-devel-6.2.2-150400.4.6.1
* qt6-sql-postgresql-6.2.2-150400.4.6.1
* qt6-sql-postgresql-debuginfo-6.2.2-150400.4.6.1
* qt6-network-tls-6.2.2-150400.4.6.1
* qt6-test-devel-6.2.2-150400.4.6.1
* libQt6Widgets6-debuginfo-6.2.2-150400.4.6.1
* libQt6Widgets6-6.2.2-150400.4.6.1
* qt6-base-docs-html-6.2.2-150400.4.6.1
* qt6-base-debugsource-6.2.2-150400.4.6.1
* qt6-widgets-private-devel-6.2.2-150400.4.6.1
* libQt6Test6-debuginfo-6.2.2-150400.4.6.1
* qt6-platformsupport-private-devel-6.2.2-150400.4.6.1
* qt6-dbus-private-devel-6.2.2-150400.4.6.1
* qt6-base-examples-debuginfo-6.2.2-150400.4.6.1
* qt6-sql-mysql-6.2.2-150400.4.6.1
* qt6-printsupport-devel-6.2.2-150400.4.6.1
* openSUSE Leap 15.4 (noarch)
* qt6-base-devel-6.2.2-150400.4.6.1
* qt6-docs-common-6.2.2-150400.4.6.1
* qt6-base-private-devel-6.2.2-150400.4.6.1
## References:
* https://www.suse.com/security/cve/CVE-2023-32762.html
* https://www.suse.com/security/cve/CVE-2023-32763.html
* https://www.suse.com/security/cve/CVE-2023-33285.html
* https://www.suse.com/security/cve/CVE-2023-34410.html
* https://www.suse.com/security/cve/CVE-2023-38197.html
* https://bugzilla.suse.com/show_bug.cgi?id=1211642
* https://bugzilla.suse.com/show_bug.cgi?id=1211797
* https://bugzilla.suse.com/show_bug.cgi?id=1211798
* https://bugzilla.suse.com/show_bug.cgi?id=1211994
* https://bugzilla.suse.com/show_bug.cgi?id=1213326
1
0
SUSE-SU-2023:3376-1: important: Security update for the Linux Kernel
by security@lists.opensuse.org 22 Aug '23
by security@lists.opensuse.org 22 Aug '23
22 Aug '23
# Security update for the Linux Kernel
Announcement ID: SUSE-SU-2023:3376-1
Rating: important
References:
* #1206418
* #1207129
* #1207948
* #1210627
* #1210780
* #1210825
* #1211131
* #1211738
* #1211811
* #1212445
* #1212502
* #1212604
* #1212766
* #1212901
* #1213167
* #1213272
* #1213287
* #1213304
* #1213417
* #1213578
* #1213585
* #1213586
* #1213588
* #1213601
* #1213620
* #1213632
* #1213653
* #1213713
* #1213715
* #1213747
* #1213756
* #1213759
* #1213777
* #1213810
* #1213812
* #1213856
* #1213857
* #1213863
* #1213867
* #1213870
* #1213871
* #1213872
Cross-References:
* CVE-2022-40982
* CVE-2023-0459
* CVE-2023-20569
* CVE-2023-21400
* CVE-2023-2156
* CVE-2023-2166
* CVE-2023-31083
* CVE-2023-3268
* CVE-2023-3567
* CVE-2023-3609
* CVE-2023-3611
* CVE-2023-3776
* CVE-2023-38409
* CVE-2023-3863
* CVE-2023-4004
CVSS scores:
* CVE-2022-40982 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
* CVE-2022-40982 ( NVD ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
* CVE-2023-0459 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2023-0459 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2023-20569 ( SUSE ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
* CVE-2023-20569 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
* CVE-2023-21400 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-21400 ( NVD ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-2156 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-2156 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-2166 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-2166 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-31083 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-31083 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-3268 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L
* CVE-2023-3268 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
* CVE-2023-3567 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-3567 ( NVD ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-3609 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-3609 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-3611 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-3611 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-3776 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-3776 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-38409 ( SUSE ): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2023-38409 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-3863 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-3863 ( NVD ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-4004 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-4004 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products:
* openSUSE Leap 15.5
* Public Cloud Module 15-SP5
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
An update that solves 15 vulnerabilities and has 27 fixes can now be installed.
## Description:
The SUSE Linux Enterprise 15 SP5 Azure kernel was updated to receive various
security and bugfixes.
The following security bugs were fixed:
* CVE-2023-20569: Fixed side channel attack ‘Inception’ or ‘RAS Poisoning’
(bsc#1213287).
* CVE-2023-3268: Fixed an out of bounds memory access flaw in
relay_file_read_start_pos in the relayfs (bsc#1212502).
* CVE-2023-2166: Fixed NULL pointer dereference in can_rcv_filter
(bsc#1210627).
* CVE-2023-0459: Fixed information leak in __uaccess_begin_nospec
(bsc#1211738).
* CVE-2023-4004: Fixed improper element removal netfilter nft_set_pipapo
(bsc#1213812).
* CVE-2023-2156: Fixed a flaw in the networking subsystem within the handling
of the RPL protocol (bsc#1211131).
* CVE-2023-21400: Fixed several memory corruptions due to improper locking in
io_uring (bsc#1213272).
* CVE-2023-3776: Fixed improper refcount update in cls_fw leads to use-after-
free (bsc#1213588).
* CVE-2023-3863: Fixed a use-after-free flaw in nfc_llcp_find_local in
net/nfc/llcp_core.c in NFC. This flaw allowed a local user with special
privileges to impact a kernel information leak issue (bsc#1213601).
* CVE-2023-3567: Fixed a use-after-free in vcs_read in
drivers/tty/vt/vc_screen.c (bsc#1213167).
* CVE-2023-31083: Fixed race condition in hci_uart_tty_ioctl (bsc#1210780).
* CVE-2023-3609: Fixed reference counter leak leading to overflow in net/sched
(bsc#1213586).
* CVE-2023-3611: Fixed an out-of-bounds write in net/sched
sch_qfq(bsc#1213585).
* CVE-2023-38409: Fixed an issue in set_con2fb_map in
drivers/video/fbdev/core/fbcon.c. Because an assignment occurs only for the
first vc, the fbcon_registered_fb and fbcon_display arrays can be
desynchronized in fbcon_mode_deleted (the con2fb_map points at the old
fb_info) (bsc#1213417).
* CVE-2022-40982: Fixed transient execution attack called "Gather Data
Sampling" (bsc#1206418).
The following non-security bugs were fixed:
* ACPI: CPPC: Add ACPI disabled check to acpi_cpc_valid() (bsc#1212445).
* ACPI: CPPC: Add definition for undefined FADT preferred PM profile value
(bsc#1212445).
* ACPI: utils: Fix acpi_evaluate_dsm_typed() redefinition error (git-fixes).
* ACPI/IORT: Remove erroneous id_count check in iort_node_get_rmr_info() (git-
fixes).
* afs: Adjust ACK interpretation to try and cope with NAT (git-fixes).
* afs: Fix access after dec in put functions (git-fixes).
* afs: Fix afs_getattr() to refetch file status if callback break occurred
(git-fixes).
* afs: Fix dynamic root getattr (git-fixes).
* afs: Fix fileserver probe RTT handling (git-fixes).
* afs: Fix infinite loop found by xfstest generic/676 (git-fixes).
* afs: Fix lost servers_outstanding count (git-fixes).
* afs: Fix server->active leak in afs_put_server (git-fixes).
* afs: Fix setting of mtime when creating a file/dir/symlink (git-fixes).
* afs: Fix updating of i_size with dv jump from server (git-fixes).
* afs: Fix vlserver probe RTT handling (git-fixes).
* afs: Return -EAGAIN, not -EREMOTEIO, when a file already locked (git-fixes).
* afs: Use refcount_t rather than atomic_t (git-fixes).
* afs: Use the operation issue time instead of the reply time for callbacks
(git-fixes).
* ALSA: emu10k1: roll up loops in DSP setup code for Audigy (git-fixes).
* ALSA: hda/realtek - remove 3k pull low procedure (git-fixes).
* ALSA: hda/realtek: Add quirk for Clevo NS70AU (git-fixes).
* ALSA: hda/realtek: Add support for DELL Oasis 13/14/16 laptops (git-fixes).
* ALSA: hda/realtek: Enable Mute LED on HP Laptop 15s-eq2xxx (git-fixes).
* ALSA: hda/realtek: Fix generic fixup definition for cs35l41 amp (git-fixes).
* ALSA: hda/realtek: Support ASUS G713PV laptop (git-fixes).
* ALSA: hda/relatek: Enable Mute LED on HP 250 G8 (git-fixes).
* ALSA: usb-audio: Add FIXED_RATE quirk for JBL Quantum610 Wireless (git-
fixes).
* ALSA: usb-audio: Add new quirk FIXED_RATE for JBL Quantum810 Wireless (git-
fixes).
* ALSA: usb-audio: Add quirk for Microsoft Modern Wireless Headset
(bsc#1207129).
* ALSA: usb-audio: Add quirk for Tascam Model 12 (git-fixes).
* ALSA: usb-audio: Always initialize fixed_rate in
snd_usb_find_implicit_fb_sync_format() (git-fixes).
* ALSA: usb-audio: Apply mutex around snd_usb_endpoint_set_params() (git-
fixes).
* ALSA: usb-audio: Avoid superfluous endpoint setup (git-fixes).
* ALSA: usb-audio: Avoid unnecessary interface change at EP close (git-fixes).
* ALSA: usb-audio: Clear fixed clock rate at closing EP (git-fixes).
* ALSA: usb-audio: Correct the return code from snd_usb_endpoint_set_params()
(git-fixes).
* ALSA: usb-audio: Drop superfluous interface setup at parsing (git-fixes).
* ALSA: usb-audio: Fix possible NULL pointer dereference in
snd_usb_pcm_has_fixed_rate() (git-fixes).
* ALSA: usb-audio: Fix wrong kfree issue in snd_usb_endpoint_free_all (git-
fixes).
* ALSA: usb-audio: More refactoring of hw constraint rules (git-fixes).
* ALSA: usb-audio: Properly refcounting clock rate (git-fixes).
* ALSA: usb-audio: Rate limit usb_set_interface error reporting (git-fixes).
* ALSA: usb-audio: Refcount multiple accesses on the single clock (git-fixes).
* ALSA: usb-audio: Split endpoint setups for hw_params and prepare (take#2)
(git-fixes).
* ALSA: usb-audio: Update for native DSD support quirks (git-fixes).
* ALSA: usb-audio: Use atomic_try_cmpxchg in ep_state_update (git-fixes).
* ALSA: usb-audio: Workaround for XRUN at prepare (git-fixes).
* amd-pstate: Fix amd_pstate mode switch (git-fixes).
* ASoC: amd: acp: fix for invalid dai id handling in acp_get_byte_count()
(git-fixes).
* ASoC: atmel: Fix the 8K sample parameter in I2SC master (git-fixes).
* ASoc: codecs: ES8316: Fix DMIC config (git-fixes).
* ASoC: codecs: wcd-mbhc-v2: fix resource leaks on component remove (git-
fixes).
* ASoC: codecs: wcd934x: fix resource leaks on component remove (git-fixes).
* ASoC: codecs: wcd938x: fix codec initialisation race (git-fixes).
* ASoC: codecs: wcd938x: fix dB range for HPHL and HPHR (git-fixes).
* ASoC: codecs: wcd938x: fix missing clsh ctrl error handling (git-fixes).
* ASoC: codecs: wcd938x: fix soundwire initialisation race (git-fixes).
* ASoC: da7219: Check for failure reading AAD IRQ events (git-fixes).
* ASoC: da7219: Flush pending AAD IRQ when suspending (git-fixes).
* ASoC: fsl_sai: Disable bit clock with transmitter (git-fixes).
* ASoC: fsl_spdif: Silence output on stop (git-fixes).
* ASoC: rt5640: Fix sleep in atomic context (git-fixes).
* ASoC: rt5682-sdw: fix for JD event handling in ClockStop Mode0 (git-fixes).
* ASoC: rt711-sdca: fix for JD event handling in ClockStop Mode0 (git-fixes).
* ASoC: rt711: fix for JD event handling in ClockStop Mode0 (git-fixes).
* ASoC: SOF: ipc3-dtrace: uninitialized data in dfsentry_trace_filter_write()
(git-fixes).
* ASoC: tegra: Fix ADX byte map (git-fixes).
* ASoC: tegra: Fix AMX byte map (git-fixes).
* ASoC: wm8904: Fill the cache for WM8904_ADC_TEST_0 register (git-fixes).
* ata: pata_ns87415: mark ns87560_tf_read static (git-fixes).
* block, bfq: Fix division by zero error on zero wsum (bsc#1213653).
* block: Fix a source code comment in include/uapi/linux/blkzoned.h (git-
fixes).
* Bluetooth: hci_ldisc: check HCI_UART_PROTO_READY flag in HCIUARTGETPROTO
(bsc#1210780 CVE-2023-31083).
* bpf: add missing header file include (bsc#1211738 CVE-2023-0459).
* bus: mhi: add new interfaces to handle MHI channels directly (bsc#1207948).
* bus: mhi: host: add destroy_device argument to mhi_power_down()
(bsc#1207948).
* can: af_can: fix NULL pointer dereference in can_rcv_filter (bsc#1210627
CVE-2023-2166).
* can: af_can: fix NULL pointer dereference in can_rcv_filter (bsc#1210627
CVE-2023-2166).
* can: gs_usb: gs_can_close(): add missing set of CAN state to
CAN_STATE_STOPPED (git-fixes).
* ceph: do not let check_caps skip sending responses for revoke msgs
(bsc#1213856).
* coda: Avoid partial allocation of sig_inputArgs (git-fixes).
* cpufreq: amd_pstate: fix wrong lowest perf fetch (bsc#1212445).
* cpufreq: amd_pstate: map desired perf into pstate scope for powersave
governor (bsc#1212445).
* cpufreq: amd-pstate: Add ->fast_switch() callback (bsc#1212445).
* cpufreq: amd-pstate: Add AMD P-State frequencies attributes (bsc#1212445).
* cpufreq: amd-pstate: Add AMD P-State performance attributes (bsc#1212445).
* cpufreq: amd-pstate: add amd-pstate driver parameter for mode selection
(bsc#1212445).
* cpufreq: amd-pstate: Add boost mode support for AMD P-State (bsc#1212445).
* cpufreq: amd-pstate: add driver working mode switch support (bsc#1212445).
* cpufreq: amd-pstate: Add fast switch function for AMD P-State (bsc#1212445).
* cpufreq: amd-pstate: Add guided autonomous mode (bsc#1212445).
* cpufreq: amd-pstate: Add guided mode control support via sysfs
(bsc#1212445).
* cpufreq: amd-pstate: Add more tracepoint for AMD P-State module
(bsc#1212445).
* cpufreq: amd-pstate: Add resume and suspend callbacks (bsc#1212445).
* cpufreq: amd-pstate: Add trace for AMD P-State module (bsc#1212445).
* cpufreq: amd-pstate: avoid uninitialized variable use (bsc#1212445).
* cpufreq: amd-pstate: change amd-pstate driver to be built-in type
(bsc#1212445).
* cpufreq: amd-pstate: convert sprintf with sysfs_emit() (bsc#1212445).
* cpufreq: amd-pstate: cpufreq: amd-pstate: reset MSR_AMD_PERF_CTL register at
init (bsc#1212445).
* cpufreq: amd-pstate: Expose struct amd_cpudata (bsc#1212445).
* cpufreq: amd-pstate: Fix initial highest_perf value (bsc#1212445).
* cpufreq: amd-pstate: Fix invalid write to MSR_AMD_CPPC_REQ (bsc#1212445).
* cpufreq: amd-pstate: Fix Kconfig dependencies for AMD P-State (bsc#1212445).
* cpufreq: amd-pstate: fix kernel hang issue while amd-pstate unregistering
(bsc#1212445).
* cpufreq: amd-pstate: Fix struct amd_cpudata kernel-doc comment
(bsc#1212445).
* cpufreq: amd-pstate: fix white-space (bsc#1212445).
* cpufreq: amd-pstate: implement amd pstate cpu online and offline callback
(bsc#1212445).
* cpufreq: amd-pstate: implement Pstate EPP support for the AMD processors
(bsc#1212445).
* cpufreq: amd-pstate: implement suspend and resume callbacks (bsc#1212445).
* cpufreq: amd-pstate: Introduce a new AMD P-State driver to support future
processors (bsc#1212445).
* cpufreq: amd-pstate: Introduce the support for the processors with shared
memory solution (bsc#1212445).
* cpufreq: amd-pstate: Let user know amd-pstate is disabled (bsc#1212445).
* cpufreq: amd-pstate: Make amd-pstate EPP driver name hyphenated
(bsc#1212445).
* cpufreq: amd-pstate: Make varaiable mode_state_machine static (bsc#1212445).
* cpufreq: amd-pstate: optimize driver working mode selection in
amd_pstate_param() (bsc#1212445).
* cpufreq: amd-pstate: Remove fast_switch_possible flag from active driver
(bsc#1212445).
* cpufreq: amd-pstate: remove MODULE_LICENSE in non-modules (bsc#1212445).
* cpufreq: amd-pstate: Set a fallback policy based on preferred_profile
(bsc#1212445).
* cpufreq: amd-pstate: simplify cpudata pointer assignment (bsc#1212445).
* cpufreq: amd-pstate: Update policy->cur in amd_pstate_adjust_perf()
(bsc#1212445).
* cpufreq: amd-pstate: update pstate frequency transition delay time
(bsc#1212445).
* cpufreq: amd-pstate: Write CPPC enable bit per-socket (bsc#1212445).
* crypto: kpp - Add helper to set reqsize (git-fixes).
* crypto: qat - Use helper to set reqsize (git-fixes).
* dlm: fix missing lkb refcount handling (git-fixes).
* dlm: fix plock invalid read (git-fixes).
* Documentation: cpufreq: amd-pstate: Move amd_pstate param to alphabetical
order (bsc#1212445).
* Documentation: devices.txt: reconcile serial/ucc_uart minor numers (git-
fixes).
* drm/amd: Fix an error handling mistake in psp_sw_init() (git-fixes).
* drm/amd/display: Add monitor specific edid quirk (git-fixes).
* drm/amd/display: Add polling method to handle MST reply packet
(bsc#1213578).
* drm/amd/display: check TG is non-null before checking if enabled (git-
fixes).
* drm/amd/display: Correct `DMUB_FW_VERSION` macro (git-fixes).
* drm/amd/display: Disable MPC split by default on special asic (git-fixes).
* drm/amd/display: fix access hdcp_workqueue assert (git-fixes).
* drm/amd/display: fix seamless odm transitions (git-fixes).
* drm/amd/display: Keep PHY active for DP displays on DCN31 (git-fixes).
* drm/amd/display: only accept async flips for fast updates (git-fixes).
* drm/amd/display: Only update link settings after successful MST link train
(git-fixes).
* drm/amd/display: phase3 mst hdcp for multiple displays (git-fixes).
* drm/amd/display: Remove Phantom Pipe Check When Calculating K1 and K2 (git-
fixes).
* drm/amd/display: save restore hdcp state when display is unplugged from mst
hub (git-fixes).
* drm/amd/display: Unlock on error path in
dm_handle_mst_sideband_msg_ready_event() (git-fixes).
* drm/amd/pm: add abnormal fan detection for smu 13.0.0 (git-fixes).
* drm/amd/pm: conditionally disable pcie lane/speed switching for SMU13 (git-
fixes).
* drm/amd/pm: re-enable the gfx imu when smu resume (git-fixes).
* drm/amd/pm: share the code around SMU13 pcie parameters update (git-fixes).
* drm/amdgpu: add the fan abnormal detection feature (git-fixes).
* drm/amdgpu: avoid restore process run into dead loop (git-fixes).
* drm/amdgpu: fix clearing mappings for BOs that are always valid in VM (git-
fixes).
* drm/amdgpu: Fix minmax warning (git-fixes).
* drm/atomic: Allow vblank-enabled + self-refresh "disable" (git-fixes).
* drm/atomic: Fix potential use-after-free in nonblocking commits (git-fixes).
* drm/bridge: tc358768: Add atomic_get_input_bus_fmts() implementation (git-
fixes).
* drm/bridge: tc358768: fix TCLK_TRAILCNT computation (git-fixes).
* drm/bridge: tc358768: fix THS_TRAILCNT computation (git-fixes).
* drm/bridge: tc358768: fix THS_ZEROCNT computation (git-fixes).
* drm/bridge: ti-sn65dsi86: Fix auxiliary bus lifetime (git-fixes).
* drm/client: Fix memory leak in drm_client_modeset_probe (git-fixes).
* drm/dp_mst: Clear MSG_RDY flag before sending new message (bsc#1213578).
* drm/i915: Do not preserve dpll_hw_state for slave crtc in Bigjoiner (git-
fixes).
* drm/i915: Fix an error handling path in igt_write_huge() (git-fixes).
* drm/i915/dpt: Use shmem for dpt objects (git-fixes).
* drm/i915/tc: Fix system resume MST mode restore for DP-alt sinks (git-
fixes).
* drm/msm: Fix IS_ERR_OR_NULL() vs NULL check in a5xx_submit_in_rb() (git-
fixes).
* drm/msm/adreno: Fix snapshot BINDLESS_DATA size (git-fixes).
* drm/msm/disp/dpu: get timing engine status from intf status register (git-
fixes).
* drm/msm/dpu: drop enum dpu_core_perf_data_bus_id (git-fixes).
* drm/msm/dpu: Set DPU_DATA_HCTL_EN for in INTF_SC7180_MASK (git-fixes).
* drm/radeon: Fix integer overflow in radeon_cs_parser_init (git-fixes).
* drm/ttm: fix bulk_move corruption when adding a entry (git-fixes).
* drm/ttm: fix warning that we shouldn't mix (git-fixes).
* drm/vmwgfx: Fix Legacy Display Unit atomic drm support (bsc#1213632).
* drm/vmwgfx: Remove explicit and broken vblank handling (bsc#1213632).
* drm/vmwgfx: Remove rcu locks from user resources (bsc#1213632).
* fbdev: au1200fb: Fix missing IRQ check in au1200fb_drv_probe (git-fixes).
* fbdev: imxfb: Removed unneeded release_mem_region (git-fixes).
* fbdev: imxfb: warn about invalid left/right margin (git-fixes).
* file: always lock position for FMODE_ATOMIC_POS (bsc#1213759).
* fs: dlm: add midcomms init/start functions (git-fixes).
* fs: dlm: do not set stop rx flag after node reset (git-fixes).
* fs: dlm: filter user dlm messages for kernel locks (git-fixes).
* fs: dlm: fix log of lowcomms vs midcomms (git-fixes).
* fs: dlm: fix race between test_bit() and queue_work() (git-fixes).
* fs: dlm: fix race in lowcomms (git-fixes).
* fs: dlm: handle -EBUSY first in lock arg validation (git-fixes).
* fs: dlm: move sending fin message into state change handling (git-fixes).
* fs: dlm: retry accept() until -EAGAIN or error returns (git-fixes).
* fs: dlm: return positive pid value for F_GETLK (git-fixes).
* fs: dlm: start midcomms before scand (git-fixes).
* fs: hfsplus: remove WARN_ON() from hfsplus_cat_{read,write}_inode() (git-
fixes).
* FS: JFS: Check for read-only mounted filesystem in txBegin (git-fixes).
* FS: JFS: Fix null-ptr-deref Read in txBegin (git-fixes).
* fs: jfs: Fix UBSAN: array-index-out-of-bounds in dbAllocDmapLev (git-fixes).
* gve: Set default duplex configuration to full (git-fixes).
* gve: unify driver name usage (git-fixes).
* hwmon: (adm1275) Allow setting sample averaging (git-fixes).
* hwmon: (k10temp) Enable AMD3255 Proc to show negative temperature (git-
fixes).
* hwmon: (nct7802) Fix for temp6 (PECI1) processed even if PECI1 disabled
(git-fixes).
* hwmon: (pmbus/adm1275) Fix problems with temperature monitoring on ADM1272
(git-fixes).
* i2c: xiic: Defer xiic_wakeup() and __xiic_start_xfer() in xiic_process()
(git-fixes).
* i2c: xiic: Do not try to handle more interrupt events after error (git-
fixes).
* iavf: check for removal state before IAVF_FLAG_PF_COMMS_FAILED (git-fixes).
* iavf: fix a deadlock caused by rtnl and driver's lock circular dependencies
(git-fixes).
* iavf: Fix out-of-bounds when setting channels on remove (git-fixes).
* iavf: fix potential deadlock on allocation failure (git-fixes).
* iavf: fix reset task race with iavf_remove() (git-fixes).
* iavf: Fix use-after-free in free_netdev (git-fixes).
* iavf: Move netdev_update_features() into watchdog task (git-fixes).
* iavf: use internal state to free traffic IRQs (git-fixes).
* iavf: Wait for reset in callbacks which trigger it (git-fixes).
* IB/hfi1: Use bitmap_zalloc() when applicable (git-fixes)
* ice: Fix max_rate check while configuring TX rate limits (git-fixes).
* ice: Fix memory management in ice_ethtool_fdir.c (git-fixes).
* ice: handle extts in the miscellaneous interrupt thread (git-fixes).
* igc: Check if hardware TX timestamping is enabled earlier (git-fixes).
* igc: Enable and fix RX hash usage by netstack (git-fixes).
* igc: Fix inserting of empty frame for launchtime (git-fixes).
* igc: Fix Kernel Panic during ndo_tx_timeout callback (git-fixes).
* igc: Fix launchtime before start of cycle (git-fixes).
* igc: Fix race condition in PTP tx code (git-fixes).
* igc: Handle PPS start time programming for past time values (git-fixes).
* igc: Prevent garbled TX queue with XDP ZEROCOPY (git-fixes).
* igc: Remove delay during TX ring configuration (git-fixes).
* igc: set TP bit in 'supported' and 'advertising' fields of
ethtool_link_ksettings (git-fixes).
* igc: Work around HW bug causing missing timestamps (git-fixes).
* Input: i8042 - add Clevo PCX0DX to i8042 quirk table (git-fixes).
* Input: iqs269a - do not poll during ATI (git-fixes).
* Input: iqs269a - do not poll during suspend or resume (git-fixes).
* io_uring: ensure IOPOLL locks around deferred work (bsc#1213272
CVE-2023-21400).
* ipv6: rpl: Fix Route of Death (CVE-2023-2156 bsc#1211131).
* jffs2: fix memory leak in jffs2_do_fill_super (git-fixes).
* jffs2: fix memory leak in jffs2_do_mount_fs (git-fixes).
* jffs2: fix memory leak in jffs2_scan_medium (git-fixes).
* jffs2: fix use-after-free in jffs2_clear_xattr_subsystem (git-fixes).
* jffs2: GC deadlock reading a page that is used in jffs2_write_begin() (git-
fixes).
* jffs2: reduce stack usage in jffs2_build_xattr_subsystem() (git-fixes).
* jfs: jfs_dmap: Validate db_l2nbperpage while mounting (git-fixes).
* kabi/severities: relax kABI for ath11k local symbols (bsc#1207948)
* kselftest: vDSO: Fix accumulation of uninitialized ret when CLOCK_REALTIME
is undefined (git-fixes).
* KVM: Add GDS_NO support to KVM (bsc#1206418, CVE-2022-40982).
* KVM: arm64: Do not read a HW interrupt pending state in user context (git-
fixes)
* KVM: arm64: Warn if accessing timer pending state outside of vcpu
(bsc#1213620)
* KVM: Do not null dereference ops->destroy (git-fixes)
* KVM: downgrade two BUG_ONs to WARN_ON_ONCE (git-fixes)
* KVM: Initialize debugfs_dentry when a VM is created to avoid NULL (git-
fixes)
* KVM: s390: pv: fix index value of replaced ASCE (git-fixes bsc#1213867).
* KVM: VMX: Inject #GP on ENCLS if vCPU has paging disabled (CR0.PG==0) (git-
fixes).
* KVM: VMX: Inject #GP, not #UD, if SGX2 ENCLS leafs are unsupported (git-
fixes).
* KVM: VMX: restore vmx_vmexit alignment (git-fixes).
* KVM: x86: Account fastpath-only VM-Exits in vCPU stats (git-fixes).
* leds: trigger: netdev: Recheck NETDEV_LED_MODE_LINKUP on dev rename (git-
fixes).
* libceph: harden msgr2.1 frame segment length checks (bsc#1213857).
* md: add error_handlers for raid0 and linear (bsc#1212766).
* media: staging: atomisp: select V4L2_FWNODE (git-fixes).
* mhi_power_down() kABI workaround (bsc#1207948).
* mmc: core: disable TRIM on Kingston EMMC04G-M627 (git-fixes).
* mmc: sdhci: fix DMA configure compatibility issue when 64bit DMA mode is
used (git-fixes).
* net: ena: fix shift-out-of-bounds in exponential backoff (git-fixes).
* net: mana: Batch ringing RX queue doorbell on receiving packets
(bsc#1212901).
* net: mana: Use the correct WQE count for ringing RQ doorbell (bsc#1212901).
* net: nfc: Fix use-after-free caused by nfc_llcp_find_local (bsc#1213601
CVE-2023-3863).
* net: phy: marvell10g: fix 88x3310 power up (git-fixes).
* net/mlx5: DR, Support SW created encap actions for FW table (git-fixes).
* net/mlx5e: Check for NOT_READY flag state after locking (git-fixes).
* net/mlx5e: fix double free in mlx5e_destroy_flow_table (git-fixes).
* net/mlx5e: fix memory leak in mlx5e_fs_tt_redirect_any_create (git-fixes).
* net/mlx5e: fix memory leak in mlx5e_ptp_open (git-fixes).
* net/mlx5e: XDP, Allow growing tail for XDP multi buffer (git-fixes).
* net/mlx5e: xsk: Set napi_id to support busy polling on XSK RQ (git-fixes).
* net/sched: cls_fw: Fix improper refcount update leads to use-after-free
(CVE-2023-3776 bsc#1213588).
* net/sched: cls_u32: Fix reference counter leak leading to overflow
(CVE-2023-3609 bsc#1213586).
* net/sched: sch_qfq: account for stab overhead in qfq_enqueue (CVE-2023-3611
bsc#1213585).
* net/sched: sch_qfq: refactor parsing of netlink parameters (bsc#1213585).
* net/sched: sch_qfq: reintroduce lmax bound check for MTU (bsc#1213585).
* netfilter: nft_set_pipapo: fix improper element removal (bsc#1213812
CVE-2023-4004).
* nfc: llcp: simplify llcp_sock_connect() error paths (bsc#1213601
CVE-2023-3863).
* nfsd: add encoding of op_recall flag for write delegation (git-fixes).
* nfsd: fix double fget() bug in __write_ports_addfd() (git-fixes).
* nfsd: Fix sparse warning (git-fixes).
* nfsd: Remove open coding of string copy (git-fixes).
* NFSv4.1: Always send a RECLAIM_COMPLETE after establishing lease (git-
fixes).
* NFSv4.1: freeze the session table upon receiving NFS4ERR_BADSESSION (git-
fixes).
* nvme-pci: fix DMA direction of unmapping integrity data (git-fixes).
* nvme-pci: remove nvme_queue from nvme_iod (git-fixes).
* nvme: do not reject probe due to duplicate IDs for single-ported PCIe
devices (git-fixes).
* nvme: fix the NVME_ID_NS_NVM_STS_MASK definition (git-fixes).
* octeontx-af: fix hardware timestamp configuration (git-fixes).
* octeontx2-af: Move validation of ptp pointer before its usage (git-fixes).
* octeontx2-pf: Add additional check for MCAM rules (git-fixes).
* PCI: Add function 1 DMA alias quirk for Marvell 88SE9235 (git-fixes).
* PCI/PM: Avoid putting EloPOS E2/S2/H2 PCIe Ports in D3cold (git-fixes).
* phy: hisilicon: Fix an out of bounds check in hisi_inno_phy_probe() (git-
fixes).
* pinctrl: amd: Detect internal GPIO0 debounce handling (git-fixes).
* pinctrl: amd: Do not show Invalid config param errors (git-fixes).
* pinctrl: amd: Fix mistake in handling clearing pins at startup (git-fixes).
* pinctrl: amd: Only use special debounce behavior for GPIO 0 (git-fixes).
* pinctrl: amd: Use amd_pinconf_set() for all config options (git-fixes).
* platform/x86: msi-laptop: Fix rfkill out-of-sync on MSI Wind U100 (git-
fixes).
* RDMA/bnxt_re: Fix hang during driver unload (git-fixes)
* RDMA/bnxt_re: Prevent handling any completions after qp destroy (git-fixes)
* RDMA/core: Update CMA destination address on rdma_resolve_addr (git-fixes)
* RDMA/irdma: Add missing read barriers (git-fixes)
* RDMA/irdma: Fix data race on CQP completion stats (git-fixes)
* RDMA/irdma: Fix data race on CQP request done (git-fixes)
* RDMA/irdma: Fix op_type reporting in CQEs (git-fixes)
* RDMA/irdma: Report correct WC error (git-fixes)
* RDMA/mlx4: Make check for invalid flags stricter (git-fixes)
* RDMA/mthca: Fix crash when polling CQ for shared QPs (git-fixes)
* regmap: Account for register length in SMBus I/O limits (git-fixes).
* regmap: Drop initial version of maximum transfer length fixes (git-fixes).
* relayfs: fix out-of-bounds access in relay_file_read (bsc#1212502
CVE-2023-3268).
* rxrpc, afs: Fix selection of abort codes (git-fixes).
* s390: introduce nospec_uses_trampoline() (git-fixes bsc#1213870).
* s390/bpf: Add expoline to tail calls (git-fixes bsc#1213870).
* s390/dasd: fix hanging device after quiesce/resume (git-fixes bsc#1213810).
* s390/dasd: print copy pair message only for the correct error (git-fixes
bsc#1213872).
* s390/decompressor: specify __decompress() buf len to avoid overflow (git-
fixes bsc#1213863).
* s390/ipl: add missing intersection check to ipl_report handling (git-fixes
bsc#1213871).
* s390/qeth: Fix vipa deletion (git-fixes bsc#1213713).
* s390/vmem: fix empty page tables cleanup under KASAN (git-fixes
bsc#1213715).
* scftorture: Count reschedule IPIs (git-fixes).
* scsi: lpfc: Abort outstanding ELS cmds when mailbox timeout error is
detected (bsc#1213756).
* scsi: lpfc: Avoid -Wstringop-overflow warning (bsc#1213756).
* scsi: lpfc: Clean up SLI-4 sysfs resource reporting (bsc#1213756).
* scsi: lpfc: Copyright updates for 14.2.0.14 patches (bsc#1213756).
* scsi: lpfc: Fix a possible data race in lpfc_unregister_fcf_rescan()
(bsc#1213756).
* scsi: lpfc: Fix incorrect big endian type assignment in bsg loopback path
(bsc#1213756).
* scsi: lpfc: Fix incorrect big endian type assignments in FDMI and VMID paths
(bsc#1213756).
* scsi: lpfc: Fix lpfc_name struct packing (bsc#1213756).
* scsi: lpfc: Make fabric zone discovery more robust when handling unsolicited
LOGO (bsc#1213756).
* scsi: lpfc: Pull out fw diagnostic dump log message from driver's trace
buffer (bsc#1213756).
* scsi: lpfc: Qualify ndlp discovery state when processing RSCN (bsc#1213756).
* scsi: lpfc: Refactor cpu affinity assignment paths (bsc#1213756).
* scsi: lpfc: Remove extra ndlp kref decrement in FLOGI cmpl for loop topology
(bsc#1213756).
* scsi: lpfc: Replace all non-returning strlcpy() with strscpy()
(bsc#1213756).
* scsi: lpfc: Replace one-element array with flexible-array member
(bsc#1213756).
* scsi: lpfc: Revise ndlp kref handling for dev_loss_tmo_callbk and
lpfc_drop_node (bsc#1213756).
* scsi: lpfc: Set Establish Image Pair service parameter only for Target
Functions (bsc#1213756).
* scsi: lpfc: Simplify fcp_abort transport callback log message (bsc#1213756).
* scsi: lpfc: Update lpfc version to 14.2.0.14 (bsc#1213756).
* scsi: lpfc: Use struct_size() helper (bsc#1213756).
* scsi: qla2xxx: Adjust IOCB resource on qpair create (bsc#1213747).
* scsi: qla2xxx: Array index may go out of bound (bsc#1213747).
* scsi: qla2xxx: Avoid fcport pointer dereference (bsc#1213747).
* scsi: qla2xxx: Check valid rport returned by fc_bsg_to_rport()
(bsc#1213747).
* scsi: qla2xxx: Correct the index of array (bsc#1213747).
* scsi: qla2xxx: Drop useless LIST_HEAD (bsc#1213747).
* scsi: qla2xxx: Fix buffer overrun (bsc#1213747).
* scsi: qla2xxx: Fix command flush during TMF (bsc#1213747).
* scsi: qla2xxx: Fix deletion race condition (bsc#1213747).
* scsi: qla2xxx: Fix end of loop test (bsc#1213747).
* scsi: qla2xxx: Fix erroneous link up failure (bsc#1213747).
* scsi: qla2xxx: Fix error code in qla2x00_start_sp() (bsc#1213747).
* scsi: qla2xxx: fix inconsistent TMF timeout (bsc#1213747).
* scsi: qla2xxx: Fix NULL pointer dereference in target mode (bsc#1213747).
* scsi: qla2xxx: Fix potential NULL pointer dereference (bsc#1213747).
* scsi: qla2xxx: Fix session hang in gnl (bsc#1213747).
* scsi: qla2xxx: Fix TMF leak through (bsc#1213747).
* scsi: qla2xxx: Limit TMF to 8 per function (bsc#1213747).
* scsi: qla2xxx: Pointer may be dereferenced (bsc#1213747).
* scsi: qla2xxx: Remove unused nvme_ls_waitq wait queue (bsc#1213747).
* scsi: qla2xxx: Replace one-element array with DECLARE_FLEX_ARRAY() helper
(bsc#1213747).
* scsi: qla2xxx: Silence a static checker warning (bsc#1213747).
* scsi: qla2xxx: Turn off noisy message log (bsc#1213747).
* scsi: qla2xxx: Update version to 10.02.08.400-k (bsc#1213747).
* scsi: qla2xxx: Update version to 10.02.08.500-k (bsc#1213747).
* scsi: qla2xxx: Use vmalloc_array() and vcalloc() (bsc#1213747).
* selftests: rtnetlink: remove netdevsim device after ipsec offload test (git-
fixes).
* serial: qcom-geni: drop bogus runtime pm state update (git-fixes).
* serial: sifive: Fix sifive_serial_console_setup() section (git-fixes).
* sfc: fix crash when reading stats while NIC is resetting (git-fixes).
* sfc: fix XDP queues mode with legacy IRQ (git-fixes).
* sfc: use budget for TX completions (git-fixes).
* soundwire: qcom: update status correctly with mask (git-fixes).
* staging: ks7010: potential buffer overflow in ks_wlan_set_encode_ext() (git-
fixes).
* staging: r8712: Fix memory leak in _r8712_init_xmit_priv() (git-fixes).
* SUNRPC: always free ctxt when freeing deferred request (git-fixes).
* SUNRPC: double free xprt_ctxt while still in use (git-fixes).
* SUNRPC: Fix trace_svc_register() call site (git-fixes).
* SUNRPC: Fix UAF in svc_tcp_listen_data_ready() (git-fixes).
* SUNRPC: Remove dead code in svc_tcp_release_rqst() (git-fixes).
* SUNRPC: remove the maximum number of retries in call_bind_status (git-
fixes).
* svcrdma: Prevent page release when nothing was received (git-fixes).
* tpm_tis: Explicitly check for error code (git-fixes).
* tty: n_gsm: fix UAF in gsm_cleanup_mux (git-fixes).
* tty: serial: fsl_lpuart: add earlycon for imx8ulp platform (git-fixes).
* uaccess: Add speculation barrier to copy_from_user() (bsc#1211738
CVE-2023-0459).
* ubifs: Add missing iput if do_tmpfile() failed in rename whiteout (git-
fixes).
* ubifs: do_rename: Fix wrong space budget when target inode's nlink > 1 (git-
fixes).
* ubifs: Error path in ubifs_remount_rw() seems to wrongly free write buffers
(git-fixes).
* ubifs: Fix 'ui->dirty' race between do_tmpfile() and writeback work (git-
fixes).
* ubifs: Fix AA deadlock when setting xattr for encrypted file (git-fixes).
* ubifs: Fix build errors as symbol undefined (git-fixes).
* ubifs: Fix deadlock in concurrent rename whiteout and inode writeback (git-
fixes).
* ubifs: Fix memory leak in alloc_wbufs() (git-fixes).
* ubifs: Fix memory leak in do_rename (git-fixes).
* ubifs: Fix read out-of-bounds in ubifs_wbuf_write_nolock() (git-fixes).
* ubifs: Fix to add refcount once page is set private (git-fixes).
* ubifs: Fix wrong dirty space budget for dirty inode (git-fixes).
* ubifs: Free memory for tmpfile name (git-fixes).
* ubifs: Re-statistic cleaned znode count if commit failed (git-fixes).
* ubifs: Rectify space amount budget for mkdir/tmpfile operations (git-fixes).
* ubifs: Rectify space budget for ubifs_symlink() if symlink is encrypted
(git-fixes).
* ubifs: Rectify space budget for ubifs_xrename() (git-fixes).
* ubifs: Rename whiteout atomically (git-fixes).
* ubifs: rename_whiteout: correct old_dir size computing (git-fixes).
* ubifs: rename_whiteout: Fix double free for whiteout_ui->data (git-fixes).
* ubifs: Reserve one leb for each journal head while doing budget (git-fixes).
* ubifs: setflags: Make dirtied_ino_d 8 bytes aligned (git-fixes).
* ubifs: ubifs_writepage: Mark page dirty after writing inode failed (git-
fixes).
* usb: dwc2: platform: Improve error reporting for problems during .remove()
(git-fixes).
* usb: dwc3: do not reset device side if dwc3 was configured as host-only
(git-fixes).
* usb: dwc3: pci: skip BYT GPIO lookup table for hardwired phy (git-fixes).
* usb: gadget: core: remove unbalanced mutex_unlock in usb_gadget_activate
(git-fixes).
* USB: serial: option: add LARA-R6 01B PIDs (git-fixes).
* usb: typec: Iterate pds array when showing the pd list (git-fixes).
* usb: typec: Set port->pd before adding device for typec_port (git-fixes).
* usb: typec: Use sysfs_emit_at when concatenating the string (git-fixes).
* usb: xhci-mtk: set the dma max_seg_size (git-fixes).
* vhost_net: revert upend_idx only on retriable error (git-fixes).
* vhost: support PACKED when setting-getting vring_base (git-fixes).
* virtio_net: Fix error unwinding of XDP initialization (git-fixes).
* virtio-net: Maintain reverse cleanup order (git-fixes).
* wifi: ath11k: add support for suspend in power down state (bsc#1207948).
* wifi: ath11k: handle irq enable/disable in several code path (bsc#1207948).
* wifi: ath11k: handle thermal device registeration together with MAC
(bsc#1207948).
* wifi: ath11k: remove MHI LOOPBACK channels (bsc#1207948).
* wifi: ray_cs: Drop useless status variable in parse_addr() (git-fixes).
* wifi: ray_cs: Utilize strnlen() in parse_addr() (git-fixes).
* wl3501_cs: use eth_hw_addr_set() (git-fixes).
* x86/PVH: obtain VGA console info in Dom0 (git-fixes).
* x86/speculation: Add Kconfig option for GDS (bsc#1206418, CVE-2022-40982).
* x86/srso: Add IBPB on VMEXIT (bsc#1213287, CVE-2023-20569).
* x86/srso: Tie SBPB bit setting to microcode patch detection (bsc#1213287,
CVE-2023-20569).
* xen/blkfront: Only check REQ_FUA for writes (git-fixes).
* xen/pvcalls-back: fix double frees with pvcalls_new_active_socket() (git-
fixes).
* xfs: AIL needs asynchronous CIL forcing (bsc#1211811).
* xfs: async CIL flushes need pending pushes to be made stable (bsc#1211811).
* xfs: attach iclog callbacks in xlog_cil_set_ctx_write_state() (bsc#1211811).
* xfs: CIL work is serialised, not pipelined (bsc#1211811).
* xfs: do not run shutdown callbacks on active iclogs (bsc#1211811).
* xfs: drop async cache flushes from CIL commits (bsc#1211811).
* xfs: factor out log write ordering from xlog_cil_push_work() (bsc#1211811).
* xfs: move the CIL workqueue to the CIL (bsc#1211811).
* xfs: move xlog_commit_record to xfs_log_cil.c (bsc#1211811).
* xfs: order CIL checkpoint start records (bsc#1211811).
* xfs: pass a CIL context to xlog_write() (bsc#1211811).
* xfs: rework xlog_state_do_callback() (bsc#1211811).
* xfs: run callbacks before waking waiters in xlog_state_shutdown_callbacks
(bsc#1211811).
* xfs: separate out log shutdown callback processing (bsc#1211811).
* xfs: wait iclog complete before tearing down AIL (bsc#1211811).
* xfs: XLOG_STATE_IOERROR must die (bsc#1211811).
* xhci: Fix resume issue of some ZHAOXIN hosts (git-fixes).
* xhci: Fix TRB prefetch issue of ZHAOXIN hosts (git-fixes).
* xhci: Show ZHAOXIN xHCI root hub speed correctly (git-fixes).
## Special Instructions and Notes:
* Please reboot the system after installing this update.
## Patch Instructions:
To install this SUSE Important update use the SUSE recommended installation
methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.5
zypper in -t patch SUSE-2023-3376=1 openSUSE-SLE-15.5-2023-3376=1
* Public Cloud Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP5-2023-3376=1
## Package List:
* openSUSE Leap 15.5 (aarch64 x86_64)
* kernel-syms-azure-5.14.21-150500.33.14.1
* kselftests-kmp-azure-5.14.21-150500.33.14.1
* kernel-azure-debuginfo-5.14.21-150500.33.14.1
* cluster-md-kmp-azure-5.14.21-150500.33.14.1
* kernel-azure-extra-5.14.21-150500.33.14.1
* reiserfs-kmp-azure-debuginfo-5.14.21-150500.33.14.1
* reiserfs-kmp-azure-5.14.21-150500.33.14.1
* gfs2-kmp-azure-5.14.21-150500.33.14.1
* kernel-azure-devel-5.14.21-150500.33.14.1
* kernel-azure-extra-debuginfo-5.14.21-150500.33.14.1
* kernel-azure-optional-debuginfo-5.14.21-150500.33.14.1
* ocfs2-kmp-azure-debuginfo-5.14.21-150500.33.14.1
* kernel-azure-debugsource-5.14.21-150500.33.14.1
* cluster-md-kmp-azure-debuginfo-5.14.21-150500.33.14.1
* kernel-azure-devel-debuginfo-5.14.21-150500.33.14.1
* kselftests-kmp-azure-debuginfo-5.14.21-150500.33.14.1
* kernel-azure-livepatch-devel-5.14.21-150500.33.14.1
* dlm-kmp-azure-debuginfo-5.14.21-150500.33.14.1
* ocfs2-kmp-azure-5.14.21-150500.33.14.1
* dlm-kmp-azure-5.14.21-150500.33.14.1
* kernel-azure-optional-5.14.21-150500.33.14.1
* gfs2-kmp-azure-debuginfo-5.14.21-150500.33.14.1
* openSUSE Leap 15.5 (aarch64 nosrc x86_64)
* kernel-azure-5.14.21-150500.33.14.1
* openSUSE Leap 15.5 (x86_64)
* kernel-azure-vdso-debuginfo-5.14.21-150500.33.14.1
* kernel-azure-vdso-5.14.21-150500.33.14.1
* openSUSE Leap 15.5 (noarch)
* kernel-source-azure-5.14.21-150500.33.14.1
* kernel-devel-azure-5.14.21-150500.33.14.1
* Public Cloud Module 15-SP5 (aarch64 nosrc x86_64)
* kernel-azure-5.14.21-150500.33.14.1
* Public Cloud Module 15-SP5 (aarch64 x86_64)
* kernel-syms-azure-5.14.21-150500.33.14.1
* kernel-azure-debuginfo-5.14.21-150500.33.14.1
* kernel-azure-debugsource-5.14.21-150500.33.14.1
* kernel-azure-devel-debuginfo-5.14.21-150500.33.14.1
* kernel-azure-devel-5.14.21-150500.33.14.1
* Public Cloud Module 15-SP5 (noarch)
* kernel-source-azure-5.14.21-150500.33.14.1
* kernel-devel-azure-5.14.21-150500.33.14.1
## References:
* https://www.suse.com/security/cve/CVE-2022-40982.html
* https://www.suse.com/security/cve/CVE-2023-0459.html
* https://www.suse.com/security/cve/CVE-2023-20569.html
* https://www.suse.com/security/cve/CVE-2023-21400.html
* https://www.suse.com/security/cve/CVE-2023-2156.html
* https://www.suse.com/security/cve/CVE-2023-2166.html
* https://www.suse.com/security/cve/CVE-2023-31083.html
* https://www.suse.com/security/cve/CVE-2023-3268.html
* https://www.suse.com/security/cve/CVE-2023-3567.html
* https://www.suse.com/security/cve/CVE-2023-3609.html
* https://www.suse.com/security/cve/CVE-2023-3611.html
* https://www.suse.com/security/cve/CVE-2023-3776.html
* https://www.suse.com/security/cve/CVE-2023-38409.html
* https://www.suse.com/security/cve/CVE-2023-3863.html
* https://www.suse.com/security/cve/CVE-2023-4004.html
* https://bugzilla.suse.com/show_bug.cgi?id=1206418
* https://bugzilla.suse.com/show_bug.cgi?id=1207129
* https://bugzilla.suse.com/show_bug.cgi?id=1207948
* https://bugzilla.suse.com/show_bug.cgi?id=1210627
* https://bugzilla.suse.com/show_bug.cgi?id=1210780
* https://bugzilla.suse.com/show_bug.cgi?id=1210825
* https://bugzilla.suse.com/show_bug.cgi?id=1211131
* https://bugzilla.suse.com/show_bug.cgi?id=1211738
* https://bugzilla.suse.com/show_bug.cgi?id=1211811
* https://bugzilla.suse.com/show_bug.cgi?id=1212445
* https://bugzilla.suse.com/show_bug.cgi?id=1212502
* https://bugzilla.suse.com/show_bug.cgi?id=1212604
* https://bugzilla.suse.com/show_bug.cgi?id=1212766
* https://bugzilla.suse.com/show_bug.cgi?id=1212901
* https://bugzilla.suse.com/show_bug.cgi?id=1213167
* https://bugzilla.suse.com/show_bug.cgi?id=1213272
* https://bugzilla.suse.com/show_bug.cgi?id=1213287
* https://bugzilla.suse.com/show_bug.cgi?id=1213304
* https://bugzilla.suse.com/show_bug.cgi?id=1213417
* https://bugzilla.suse.com/show_bug.cgi?id=1213578
* https://bugzilla.suse.com/show_bug.cgi?id=1213585
* https://bugzilla.suse.com/show_bug.cgi?id=1213586
* https://bugzilla.suse.com/show_bug.cgi?id=1213588
* https://bugzilla.suse.com/show_bug.cgi?id=1213601
* https://bugzilla.suse.com/show_bug.cgi?id=1213620
* https://bugzilla.suse.com/show_bug.cgi?id=1213632
* https://bugzilla.suse.com/show_bug.cgi?id=1213653
* https://bugzilla.suse.com/show_bug.cgi?id=1213713
* https://bugzilla.suse.com/show_bug.cgi?id=1213715
* https://bugzilla.suse.com/show_bug.cgi?id=1213747
* https://bugzilla.suse.com/show_bug.cgi?id=1213756
* https://bugzilla.suse.com/show_bug.cgi?id=1213759
* https://bugzilla.suse.com/show_bug.cgi?id=1213777
* https://bugzilla.suse.com/show_bug.cgi?id=1213810
* https://bugzilla.suse.com/show_bug.cgi?id=1213812
* https://bugzilla.suse.com/show_bug.cgi?id=1213856
* https://bugzilla.suse.com/show_bug.cgi?id=1213857
* https://bugzilla.suse.com/show_bug.cgi?id=1213863
* https://bugzilla.suse.com/show_bug.cgi?id=1213867
* https://bugzilla.suse.com/show_bug.cgi?id=1213870
* https://bugzilla.suse.com/show_bug.cgi?id=1213871
* https://bugzilla.suse.com/show_bug.cgi?id=1213872
1
0
SUSE-SU-2023:3369-1: low: Security update for python-configobj
by security@lists.opensuse.org 22 Aug '23
by security@lists.opensuse.org 22 Aug '23
22 Aug '23
# Security update for python-configobj
Announcement ID: SUSE-SU-2023:3369-1
Rating: low
References:
* #1210070
Cross-References:
* CVE-2023-26112
CVSS scores:
* CVE-2023-26112 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2023-26112 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
Affected Products:
* Basesystem Module 15-SP4
* Basesystem Module 15-SP5
* openSUSE Leap 15.4
* openSUSE Leap 15.5
* openSUSE Leap Micro 5.4
* SUSE Linux Enterprise Desktop 15 SP4
* SUSE Linux Enterprise Desktop 15 SP5
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Micro 5.4
* SUSE Linux Enterprise Micro for Rancher 5.4
* SUSE Linux Enterprise Real Time 15 SP3
* SUSE Linux Enterprise Real Time 15 SP4
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Manager Proxy 4.2
* SUSE Manager Proxy 4.3
* SUSE Manager Retail Branch Server 4.2
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Server 4.2
* SUSE Manager Server 4.3
An update that solves one vulnerability can now be installed.
## Description:
This update for python-configobj fixes the following issues:
* CVE-2023-26112: Fixed regular expression denial of service vulnerability in
validate.py (bsc#1210070).
## Patch Instructions:
To install this SUSE Low update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap Micro 5.4
zypper in -t patch openSUSE-Leap-Micro-5.4-2023-3369=1
* openSUSE Leap 15.4
zypper in -t patch openSUSE-SLE-15.4-2023-3369=1
* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2023-3369=1
* SUSE Linux Enterprise Micro for Rancher 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2023-3369=1
* SUSE Linux Enterprise Micro 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2023-3369=1
* Basesystem Module 15-SP4
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2023-3369=1
* Basesystem Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2023-3369=1
* SUSE Linux Enterprise Real Time 15 SP3
zypper in -t patch SUSE-SLE-Product-RT-15-SP3-2023-3369=1
* SUSE Manager Proxy 4.2
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.2-2023-3369=1
* SUSE Manager Retail Branch Server 4.2
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.2-2023-3369=1
* SUSE Manager Server 4.2
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.2-2023-3369=1
## Package List:
* openSUSE Leap Micro 5.4 (noarch)
* python3-configobj-5.0.6-150000.3.3.1
* openSUSE Leap 15.4 (noarch)
* python3-configobj-5.0.6-150000.3.3.1
* openSUSE Leap 15.5 (noarch)
* python3-configobj-5.0.6-150000.3.3.1
* SUSE Linux Enterprise Micro for Rancher 5.4 (noarch)
* python3-configobj-5.0.6-150000.3.3.1
* SUSE Linux Enterprise Micro 5.4 (noarch)
* python3-configobj-5.0.6-150000.3.3.1
* Basesystem Module 15-SP4 (noarch)
* python3-configobj-5.0.6-150000.3.3.1
* Basesystem Module 15-SP5 (noarch)
* python3-configobj-5.0.6-150000.3.3.1
* SUSE Linux Enterprise Real Time 15 SP3 (noarch)
* python3-configobj-5.0.6-150000.3.3.1
* SUSE Manager Proxy 4.2 (noarch)
* python3-configobj-5.0.6-150000.3.3.1
* SUSE Manager Retail Branch Server 4.2 (noarch)
* python3-configobj-5.0.6-150000.3.3.1
* SUSE Manager Server 4.2 (noarch)
* python2-configobj-5.0.6-150000.3.3.1
* python3-configobj-5.0.6-150000.3.3.1
## References:
* https://www.suse.com/security/cve/CVE-2023-26112.html
* https://bugzilla.suse.com/show_bug.cgi?id=1210070
1
0
openSUSE-SU-2023:0234-1: important: Security update for chromium
by opensuse-security@opensuse.org 21 Aug '23
by opensuse-security@opensuse.org 21 Aug '23
21 Aug '23
openSUSE Security Update: Security update for chromium
______________________________________________________________________________
Announcement ID: openSUSE-SU-2023:0234-1
Rating: important
References: #1214003 #1214301
Cross-References: CVE-2023-2312 CVE-2023-4349 CVE-2023-4350
CVE-2023-4351 CVE-2023-4352 CVE-2023-4353
CVE-2023-4354 CVE-2023-4355 CVE-2023-4356
CVE-2023-4357 CVE-2023-4358 CVE-2023-4359
CVE-2023-4360 CVE-2023-4361 CVE-2023-4362
CVE-2023-4363 CVE-2023-4364 CVE-2023-4365
CVE-2023-4366 CVE-2023-4367 CVE-2023-4368
Affected Products:
openSUSE Backports SLE-15-SP4
openSUSE Backports SLE-15-SP5
______________________________________________________________________________
An update that fixes 21 vulnerabilities is now available.
Description:
This update for chromium fixes the following issues:
Chromium 116.0.5845.96
* New CSS features: Motion Path, and "display" and "content-visibility"
animations
* Web APIs: AbortSignal.any(), BYOB support for Fetch, Back/ forward cache
NotRestoredReason API, Document Picture-in- Picture, Expanded Wildcards
in Permissions Policy Origins, FedCM bundle: Login Hint API, User Info
API, and RP Context API, Non-composed Mouse and Pointer enter/leave
events, Remove document.open sandbox inheritance, Report Critical-CH
caused restart in NavigationTiming
This update fixes a number of security issues (boo#1214301):
* CVE-2023-2312: Use after free in Offline
* CVE-2023-4349: Use after free in Device Trust Connectors
* CVE-2023-4350: Inappropriate implementation in Fullscreen
* CVE-2023-4351: Use after free in Network
* CVE-2023-4352: Type Confusion in V8
* CVE-2023-4353: Heap buffer overflow in ANGLE
* CVE-2023-4354: Heap buffer overflow in Skia
* CVE-2023-4355: Out of bounds memory access in V8
* CVE-2023-4356: Use after free in Audio
* CVE-2023-4357: Insufficient validation of untrusted input in XML
* CVE-2023-4358: Use after free in DNS
* CVE-2023-4359: Inappropriate implementation in App Launcher
* CVE-2023-4360: Inappropriate implementation in Color
* CVE-2023-4361: Inappropriate implementation in Autofill
* CVE-2023-4362: Heap buffer overflow in Mojom IDL
* CVE-2023-4363: Inappropriate implementation in WebShare
* CVE-2023-4364: Inappropriate implementation in Permission Prompts
* CVE-2023-4365: Inappropriate implementation in Fullscreen
* CVE-2023-4366: Use after free in Extensions
* CVE-2023-4367: Insufficient policy enforcement in Extensions API
* CVE-2023-4368: Insufficient policy enforcement in Extensions API
- Fix crash with extensions (boo#1214003)
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Backports SLE-15-SP5:
zypper in -t patch openSUSE-2023-234=1
- openSUSE Backports SLE-15-SP4:
zypper in -t patch openSUSE-2023-234=1
Package List:
- openSUSE Backports SLE-15-SP5 (aarch64 x86_64):
chromedriver-116.0.5845.96-bp155.2.19.1
chromedriver-debuginfo-116.0.5845.96-bp155.2.19.1
chromium-116.0.5845.96-bp155.2.19.1
chromium-debuginfo-116.0.5845.96-bp155.2.19.1
- openSUSE Backports SLE-15-SP4 (aarch64 x86_64):
chromedriver-116.0.5845.96-bp154.2.105.1
chromium-116.0.5845.96-bp154.2.105.1
References:
https://www.suse.com/security/cve/CVE-2023-2312.html
https://www.suse.com/security/cve/CVE-2023-4349.html
https://www.suse.com/security/cve/CVE-2023-4350.html
https://www.suse.com/security/cve/CVE-2023-4351.html
https://www.suse.com/security/cve/CVE-2023-4352.html
https://www.suse.com/security/cve/CVE-2023-4353.html
https://www.suse.com/security/cve/CVE-2023-4354.html
https://www.suse.com/security/cve/CVE-2023-4355.html
https://www.suse.com/security/cve/CVE-2023-4356.html
https://www.suse.com/security/cve/CVE-2023-4357.html
https://www.suse.com/security/cve/CVE-2023-4358.html
https://www.suse.com/security/cve/CVE-2023-4359.html
https://www.suse.com/security/cve/CVE-2023-4360.html
https://www.suse.com/security/cve/CVE-2023-4361.html
https://www.suse.com/security/cve/CVE-2023-4362.html
https://www.suse.com/security/cve/CVE-2023-4363.html
https://www.suse.com/security/cve/CVE-2023-4364.html
https://www.suse.com/security/cve/CVE-2023-4365.html
https://www.suse.com/security/cve/CVE-2023-4366.html
https://www.suse.com/security/cve/CVE-2023-4367.html
https://www.suse.com/security/cve/CVE-2023-4368.html
https://bugzilla.suse.com/1214003
https://bugzilla.suse.com/1214301
1
0
openSUSE-SU-2023:0232-1: moderate: Security update for python-mitmproxy
by opensuse-security@opensuse.org 20 Aug '23
by opensuse-security@opensuse.org 20 Aug '23
20 Aug '23
openSUSE Security Update: Security update for python-mitmproxy
______________________________________________________________________________
Announcement ID: openSUSE-SU-2023:0232-1
Rating: moderate
References: #1190603
Cross-References: CVE-2021-39214
CVSS scores:
CVE-2021-39214 (NVD) : 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products:
openSUSE Backports SLE-15-SP4
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for python-mitmproxy fixes the following issues:
- CVE-2021-39214: Fixed HTTP smuggling attacks (boo#1190603)
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Backports SLE-15-SP4:
zypper in -t patch openSUSE-2023-232=1
Package List:
- openSUSE Backports SLE-15-SP4 (noarch):
python3-mitmproxy-3.0.4-bp154.2.3.1
References:
https://www.suse.com/security/cve/CVE-2021-39214.html
https://bugzilla.suse.com/1190603
1
0
openSUSE-SU-2023:0233-1: moderate: Security update for python-mitmproxy
by opensuse-security@opensuse.org 20 Aug '23
by opensuse-security@opensuse.org 20 Aug '23
20 Aug '23
openSUSE Security Update: Security update for python-mitmproxy
______________________________________________________________________________
Announcement ID: openSUSE-SU-2023:0233-1
Rating: moderate
References: #1190603
Cross-References: CVE-2021-39214
CVSS scores:
CVE-2021-39214 (NVD) : 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products:
openSUSE Backports SLE-15-SP5
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for python-mitmproxy fixes the following issues:
- CVE-2021-39214: Fixed HTTP smuggling attacks (boo#1190603)
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Backports SLE-15-SP5:
zypper in -t patch openSUSE-2023-233=1
Package List:
- openSUSE Backports SLE-15-SP5 (noarch):
python3-mitmproxy-3.0.4-bp155.3.3.1
References:
https://www.suse.com/security/cve/CVE-2021-39214.html
https://bugzilla.suse.com/1190603
1
0
SUSE-SU-2023:3360-1: moderate: Security update for kernel-firmware
by security@lists.opensuse.org 18 Aug '23
by security@lists.opensuse.org 18 Aug '23
18 Aug '23
# Security update for kernel-firmware
Announcement ID: SUSE-SU-2023:3360-1
Rating: moderate
References:
* #1213287
Cross-References:
* CVE-2023-20569
CVSS scores:
* CVE-2023-20569 ( SUSE ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
Affected Products:
* Basesystem Module 15-SP4
* openSUSE Leap 15.4
* openSUSE Leap Micro 5.3
* openSUSE Leap Micro 5.4
* SUSE Linux Enterprise Desktop 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise Micro 5.3
* SUSE Linux Enterprise Micro 5.4
* SUSE Linux Enterprise Micro for Rancher 5.3
* SUSE Linux Enterprise Micro for Rancher 5.4
* SUSE Linux Enterprise Real Time 15 SP4
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Manager Proxy 4.3
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Server 4.3
An update that solves one vulnerability can now be installed.
## Description:
This update for kernel-firmware fixes the following issues:
* CVE-2023-20569: Fixed AMD 19h ucode to mitigate a side channel vulnerability
in some of the AMD CPUs. (bsc#1213287)
## Special Instructions and Notes:
* Please reboot the system after installing this update.
## Patch Instructions:
To install this SUSE Moderate update use the SUSE recommended installation
methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.4
zypper in -t patch SUSE-2023-3360=1 openSUSE-SLE-15.4-2023-3360=1
* openSUSE Leap Micro 5.3
zypper in -t patch openSUSE-Leap-Micro-5.3-2023-3360=1
* openSUSE Leap Micro 5.4
zypper in -t patch openSUSE-Leap-Micro-5.4-2023-3360=1
* SUSE Linux Enterprise Micro for Rancher 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2023-3360=1
* SUSE Linux Enterprise Micro 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2023-3360=1
* SUSE Linux Enterprise Micro for Rancher 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2023-3360=1
* SUSE Linux Enterprise Micro 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2023-3360=1
* Basesystem Module 15-SP4
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2023-3360=1
## Package List:
* openSUSE Leap 15.4 (noarch)
* kernel-firmware-mellanox-20220509-150400.4.22.1
* kernel-firmware-iwlwifi-20220509-150400.4.22.1
* kernel-firmware-media-20220509-150400.4.22.1
* kernel-firmware-mwifiex-20220509-150400.4.22.1
* ucode-amd-20220509-150400.4.22.1
* kernel-firmware-realtek-20220509-150400.4.22.1
* kernel-firmware-atheros-20220509-150400.4.22.1
* kernel-firmware-i915-20220509-150400.4.22.1
* kernel-firmware-liquidio-20220509-150400.4.22.1
* kernel-firmware-ti-20220509-150400.4.22.1
* kernel-firmware-chelsio-20220509-150400.4.22.1
* kernel-firmware-sound-20220509-150400.4.22.1
* kernel-firmware-all-20220509-150400.4.22.1
* kernel-firmware-bluetooth-20220509-150400.4.22.1
* kernel-firmware-qlogic-20220509-150400.4.22.1
* kernel-firmware-radeon-20220509-150400.4.22.1
* kernel-firmware-qcom-20220509-150400.4.22.1
* kernel-firmware-platform-20220509-150400.4.22.1
* kernel-firmware-mediatek-20220509-150400.4.22.1
* kernel-firmware-ath11k-20220509-150400.4.22.1
* kernel-firmware-20220509-150400.4.22.1
* kernel-firmware-nvidia-20220509-150400.4.22.1
* kernel-firmware-usb-network-20220509-150400.4.22.1
* kernel-firmware-nfp-20220509-150400.4.22.1
* kernel-firmware-prestera-20220509-150400.4.22.1
* kernel-firmware-marvell-20220509-150400.4.22.1
* kernel-firmware-bnx2-20220509-150400.4.22.1
* kernel-firmware-amdgpu-20220509-150400.4.22.1
* kernel-firmware-serial-20220509-150400.4.22.1
* kernel-firmware-brcm-20220509-150400.4.22.1
* kernel-firmware-network-20220509-150400.4.22.1
* kernel-firmware-ath10k-20220509-150400.4.22.1
* kernel-firmware-ueagle-20220509-150400.4.22.1
* kernel-firmware-intel-20220509-150400.4.22.1
* kernel-firmware-dpaa2-20220509-150400.4.22.1
* openSUSE Leap Micro 5.3 (noarch)
* kernel-firmware-mellanox-20220509-150400.4.22.1
* kernel-firmware-iwlwifi-20220509-150400.4.22.1
* kernel-firmware-media-20220509-150400.4.22.1
* kernel-firmware-mwifiex-20220509-150400.4.22.1
* ucode-amd-20220509-150400.4.22.1
* kernel-firmware-realtek-20220509-150400.4.22.1
* kernel-firmware-atheros-20220509-150400.4.22.1
* kernel-firmware-i915-20220509-150400.4.22.1
* kernel-firmware-liquidio-20220509-150400.4.22.1
* kernel-firmware-ti-20220509-150400.4.22.1
* kernel-firmware-chelsio-20220509-150400.4.22.1
* kernel-firmware-sound-20220509-150400.4.22.1
* kernel-firmware-all-20220509-150400.4.22.1
* kernel-firmware-bluetooth-20220509-150400.4.22.1
* kernel-firmware-qlogic-20220509-150400.4.22.1
* kernel-firmware-radeon-20220509-150400.4.22.1
* kernel-firmware-qcom-20220509-150400.4.22.1
* kernel-firmware-platform-20220509-150400.4.22.1
* kernel-firmware-mediatek-20220509-150400.4.22.1
* kernel-firmware-ath11k-20220509-150400.4.22.1
* kernel-firmware-usb-network-20220509-150400.4.22.1
* kernel-firmware-nvidia-20220509-150400.4.22.1
* kernel-firmware-nfp-20220509-150400.4.22.1
* kernel-firmware-prestera-20220509-150400.4.22.1
* kernel-firmware-marvell-20220509-150400.4.22.1
* kernel-firmware-bnx2-20220509-150400.4.22.1
* kernel-firmware-amdgpu-20220509-150400.4.22.1
* kernel-firmware-serial-20220509-150400.4.22.1
* kernel-firmware-brcm-20220509-150400.4.22.1
* kernel-firmware-network-20220509-150400.4.22.1
* kernel-firmware-ath10k-20220509-150400.4.22.1
* kernel-firmware-ueagle-20220509-150400.4.22.1
* kernel-firmware-intel-20220509-150400.4.22.1
* kernel-firmware-dpaa2-20220509-150400.4.22.1
* openSUSE Leap Micro 5.4 (noarch)
* kernel-firmware-mellanox-20220509-150400.4.22.1
* kernel-firmware-iwlwifi-20220509-150400.4.22.1
* kernel-firmware-media-20220509-150400.4.22.1
* kernel-firmware-mwifiex-20220509-150400.4.22.1
* ucode-amd-20220509-150400.4.22.1
* kernel-firmware-realtek-20220509-150400.4.22.1
* kernel-firmware-atheros-20220509-150400.4.22.1
* kernel-firmware-i915-20220509-150400.4.22.1
* kernel-firmware-liquidio-20220509-150400.4.22.1
* kernel-firmware-ti-20220509-150400.4.22.1
* kernel-firmware-chelsio-20220509-150400.4.22.1
* kernel-firmware-sound-20220509-150400.4.22.1
* kernel-firmware-all-20220509-150400.4.22.1
* kernel-firmware-bluetooth-20220509-150400.4.22.1
* kernel-firmware-qlogic-20220509-150400.4.22.1
* kernel-firmware-radeon-20220509-150400.4.22.1
* kernel-firmware-qcom-20220509-150400.4.22.1
* kernel-firmware-platform-20220509-150400.4.22.1
* kernel-firmware-mediatek-20220509-150400.4.22.1
* kernel-firmware-ath11k-20220509-150400.4.22.1
* kernel-firmware-usb-network-20220509-150400.4.22.1
* kernel-firmware-nvidia-20220509-150400.4.22.1
* kernel-firmware-nfp-20220509-150400.4.22.1
* kernel-firmware-prestera-20220509-150400.4.22.1
* kernel-firmware-marvell-20220509-150400.4.22.1
* kernel-firmware-bnx2-20220509-150400.4.22.1
* kernel-firmware-amdgpu-20220509-150400.4.22.1
* kernel-firmware-serial-20220509-150400.4.22.1
* kernel-firmware-brcm-20220509-150400.4.22.1
* kernel-firmware-network-20220509-150400.4.22.1
* kernel-firmware-ath10k-20220509-150400.4.22.1
* kernel-firmware-ueagle-20220509-150400.4.22.1
* kernel-firmware-intel-20220509-150400.4.22.1
* kernel-firmware-dpaa2-20220509-150400.4.22.1
* SUSE Linux Enterprise Micro for Rancher 5.3 (noarch)
* kernel-firmware-mellanox-20220509-150400.4.22.1
* kernel-firmware-iwlwifi-20220509-150400.4.22.1
* kernel-firmware-media-20220509-150400.4.22.1
* kernel-firmware-mwifiex-20220509-150400.4.22.1
* ucode-amd-20220509-150400.4.22.1
* kernel-firmware-realtek-20220509-150400.4.22.1
* kernel-firmware-atheros-20220509-150400.4.22.1
* kernel-firmware-i915-20220509-150400.4.22.1
* kernel-firmware-liquidio-20220509-150400.4.22.1
* kernel-firmware-ti-20220509-150400.4.22.1
* kernel-firmware-chelsio-20220509-150400.4.22.1
* kernel-firmware-sound-20220509-150400.4.22.1
* kernel-firmware-all-20220509-150400.4.22.1
* kernel-firmware-bluetooth-20220509-150400.4.22.1
* kernel-firmware-qlogic-20220509-150400.4.22.1
* kernel-firmware-radeon-20220509-150400.4.22.1
* kernel-firmware-qcom-20220509-150400.4.22.1
* kernel-firmware-platform-20220509-150400.4.22.1
* kernel-firmware-mediatek-20220509-150400.4.22.1
* kernel-firmware-ath11k-20220509-150400.4.22.1
* kernel-firmware-usb-network-20220509-150400.4.22.1
* kernel-firmware-nvidia-20220509-150400.4.22.1
* kernel-firmware-nfp-20220509-150400.4.22.1
* kernel-firmware-prestera-20220509-150400.4.22.1
* kernel-firmware-marvell-20220509-150400.4.22.1
* kernel-firmware-bnx2-20220509-150400.4.22.1
* kernel-firmware-amdgpu-20220509-150400.4.22.1
* kernel-firmware-serial-20220509-150400.4.22.1
* kernel-firmware-brcm-20220509-150400.4.22.1
* kernel-firmware-network-20220509-150400.4.22.1
* kernel-firmware-ath10k-20220509-150400.4.22.1
* kernel-firmware-ueagle-20220509-150400.4.22.1
* kernel-firmware-intel-20220509-150400.4.22.1
* kernel-firmware-dpaa2-20220509-150400.4.22.1
* SUSE Linux Enterprise Micro 5.3 (noarch)
* kernel-firmware-mellanox-20220509-150400.4.22.1
* kernel-firmware-iwlwifi-20220509-150400.4.22.1
* kernel-firmware-media-20220509-150400.4.22.1
* kernel-firmware-mwifiex-20220509-150400.4.22.1
* ucode-amd-20220509-150400.4.22.1
* kernel-firmware-realtek-20220509-150400.4.22.1
* kernel-firmware-atheros-20220509-150400.4.22.1
* kernel-firmware-i915-20220509-150400.4.22.1
* kernel-firmware-liquidio-20220509-150400.4.22.1
* kernel-firmware-ti-20220509-150400.4.22.1
* kernel-firmware-chelsio-20220509-150400.4.22.1
* kernel-firmware-sound-20220509-150400.4.22.1
* kernel-firmware-all-20220509-150400.4.22.1
* kernel-firmware-bluetooth-20220509-150400.4.22.1
* kernel-firmware-qlogic-20220509-150400.4.22.1
* kernel-firmware-radeon-20220509-150400.4.22.1
* kernel-firmware-qcom-20220509-150400.4.22.1
* kernel-firmware-platform-20220509-150400.4.22.1
* kernel-firmware-mediatek-20220509-150400.4.22.1
* kernel-firmware-ath11k-20220509-150400.4.22.1
* kernel-firmware-usb-network-20220509-150400.4.22.1
* kernel-firmware-nvidia-20220509-150400.4.22.1
* kernel-firmware-nfp-20220509-150400.4.22.1
* kernel-firmware-prestera-20220509-150400.4.22.1
* kernel-firmware-marvell-20220509-150400.4.22.1
* kernel-firmware-bnx2-20220509-150400.4.22.1
* kernel-firmware-amdgpu-20220509-150400.4.22.1
* kernel-firmware-serial-20220509-150400.4.22.1
* kernel-firmware-brcm-20220509-150400.4.22.1
* kernel-firmware-network-20220509-150400.4.22.1
* kernel-firmware-ath10k-20220509-150400.4.22.1
* kernel-firmware-ueagle-20220509-150400.4.22.1
* kernel-firmware-intel-20220509-150400.4.22.1
* kernel-firmware-dpaa2-20220509-150400.4.22.1
* SUSE Linux Enterprise Micro for Rancher 5.4 (noarch)
* kernel-firmware-mellanox-20220509-150400.4.22.1
* kernel-firmware-iwlwifi-20220509-150400.4.22.1
* kernel-firmware-media-20220509-150400.4.22.1
* kernel-firmware-mwifiex-20220509-150400.4.22.1
* ucode-amd-20220509-150400.4.22.1
* kernel-firmware-realtek-20220509-150400.4.22.1
* kernel-firmware-atheros-20220509-150400.4.22.1
* kernel-firmware-i915-20220509-150400.4.22.1
* kernel-firmware-liquidio-20220509-150400.4.22.1
* kernel-firmware-ti-20220509-150400.4.22.1
* kernel-firmware-chelsio-20220509-150400.4.22.1
* kernel-firmware-sound-20220509-150400.4.22.1
* kernel-firmware-all-20220509-150400.4.22.1
* kernel-firmware-bluetooth-20220509-150400.4.22.1
* kernel-firmware-qlogic-20220509-150400.4.22.1
* kernel-firmware-radeon-20220509-150400.4.22.1
* kernel-firmware-qcom-20220509-150400.4.22.1
* kernel-firmware-platform-20220509-150400.4.22.1
* kernel-firmware-mediatek-20220509-150400.4.22.1
* kernel-firmware-ath11k-20220509-150400.4.22.1
* kernel-firmware-usb-network-20220509-150400.4.22.1
* kernel-firmware-nvidia-20220509-150400.4.22.1
* kernel-firmware-nfp-20220509-150400.4.22.1
* kernel-firmware-prestera-20220509-150400.4.22.1
* kernel-firmware-marvell-20220509-150400.4.22.1
* kernel-firmware-bnx2-20220509-150400.4.22.1
* kernel-firmware-amdgpu-20220509-150400.4.22.1
* kernel-firmware-serial-20220509-150400.4.22.1
* kernel-firmware-brcm-20220509-150400.4.22.1
* kernel-firmware-network-20220509-150400.4.22.1
* kernel-firmware-ath10k-20220509-150400.4.22.1
* kernel-firmware-ueagle-20220509-150400.4.22.1
* kernel-firmware-intel-20220509-150400.4.22.1
* kernel-firmware-dpaa2-20220509-150400.4.22.1
* SUSE Linux Enterprise Micro 5.4 (noarch)
* kernel-firmware-mellanox-20220509-150400.4.22.1
* kernel-firmware-iwlwifi-20220509-150400.4.22.1
* kernel-firmware-media-20220509-150400.4.22.1
* kernel-firmware-mwifiex-20220509-150400.4.22.1
* ucode-amd-20220509-150400.4.22.1
* kernel-firmware-realtek-20220509-150400.4.22.1
* kernel-firmware-atheros-20220509-150400.4.22.1
* kernel-firmware-i915-20220509-150400.4.22.1
* kernel-firmware-liquidio-20220509-150400.4.22.1
* kernel-firmware-ti-20220509-150400.4.22.1
* kernel-firmware-chelsio-20220509-150400.4.22.1
* kernel-firmware-sound-20220509-150400.4.22.1
* kernel-firmware-all-20220509-150400.4.22.1
* kernel-firmware-bluetooth-20220509-150400.4.22.1
* kernel-firmware-qlogic-20220509-150400.4.22.1
* kernel-firmware-radeon-20220509-150400.4.22.1
* kernel-firmware-qcom-20220509-150400.4.22.1
* kernel-firmware-platform-20220509-150400.4.22.1
* kernel-firmware-mediatek-20220509-150400.4.22.1
* kernel-firmware-ath11k-20220509-150400.4.22.1
* kernel-firmware-usb-network-20220509-150400.4.22.1
* kernel-firmware-nvidia-20220509-150400.4.22.1
* kernel-firmware-nfp-20220509-150400.4.22.1
* kernel-firmware-prestera-20220509-150400.4.22.1
* kernel-firmware-marvell-20220509-150400.4.22.1
* kernel-firmware-bnx2-20220509-150400.4.22.1
* kernel-firmware-amdgpu-20220509-150400.4.22.1
* kernel-firmware-serial-20220509-150400.4.22.1
* kernel-firmware-brcm-20220509-150400.4.22.1
* kernel-firmware-network-20220509-150400.4.22.1
* kernel-firmware-ath10k-20220509-150400.4.22.1
* kernel-firmware-ueagle-20220509-150400.4.22.1
* kernel-firmware-intel-20220509-150400.4.22.1
* kernel-firmware-dpaa2-20220509-150400.4.22.1
* Basesystem Module 15-SP4 (noarch)
* kernel-firmware-mellanox-20220509-150400.4.22.1
* kernel-firmware-iwlwifi-20220509-150400.4.22.1
* kernel-firmware-media-20220509-150400.4.22.1
* kernel-firmware-mwifiex-20220509-150400.4.22.1
* ucode-amd-20220509-150400.4.22.1
* kernel-firmware-realtek-20220509-150400.4.22.1
* kernel-firmware-atheros-20220509-150400.4.22.1
* kernel-firmware-i915-20220509-150400.4.22.1
* kernel-firmware-liquidio-20220509-150400.4.22.1
* kernel-firmware-ti-20220509-150400.4.22.1
* kernel-firmware-chelsio-20220509-150400.4.22.1
* kernel-firmware-sound-20220509-150400.4.22.1
* kernel-firmware-all-20220509-150400.4.22.1
* kernel-firmware-bluetooth-20220509-150400.4.22.1
* kernel-firmware-qlogic-20220509-150400.4.22.1
* kernel-firmware-radeon-20220509-150400.4.22.1
* kernel-firmware-qcom-20220509-150400.4.22.1
* kernel-firmware-platform-20220509-150400.4.22.1
* kernel-firmware-mediatek-20220509-150400.4.22.1
* kernel-firmware-ath11k-20220509-150400.4.22.1
* kernel-firmware-usb-network-20220509-150400.4.22.1
* kernel-firmware-nvidia-20220509-150400.4.22.1
* kernel-firmware-nfp-20220509-150400.4.22.1
* kernel-firmware-prestera-20220509-150400.4.22.1
* kernel-firmware-marvell-20220509-150400.4.22.1
* kernel-firmware-bnx2-20220509-150400.4.22.1
* kernel-firmware-amdgpu-20220509-150400.4.22.1
* kernel-firmware-serial-20220509-150400.4.22.1
* kernel-firmware-brcm-20220509-150400.4.22.1
* kernel-firmware-network-20220509-150400.4.22.1
* kernel-firmware-ath10k-20220509-150400.4.22.1
* kernel-firmware-ueagle-20220509-150400.4.22.1
* kernel-firmware-intel-20220509-150400.4.22.1
* kernel-firmware-dpaa2-20220509-150400.4.22.1
## References:
* https://www.suse.com/security/cve/CVE-2023-20569.html
* https://bugzilla.suse.com/show_bug.cgi?id=1213287
1
0
18 Aug '23
# Security update for krb5
Announcement ID: SUSE-SU-2023:3363-1
Rating: important
References:
* #1214054
Cross-References:
* CVE-2023-36054
CVSS scores:
* CVE-2023-36054 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-36054 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Affected Products:
* Basesystem Module 15-SP4
* openSUSE Leap 15.4
* openSUSE Leap Micro 5.3
* openSUSE Leap Micro 5.4
* Server Applications Module 15-SP4
* SUSE Linux Enterprise Desktop 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise Micro 5.3
* SUSE Linux Enterprise Micro 5.4
* SUSE Linux Enterprise Micro for Rancher 5.3
* SUSE Linux Enterprise Micro for Rancher 5.4
* SUSE Linux Enterprise Real Time 15 SP4
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Manager Proxy 4.3
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Server 4.3
An update that solves one vulnerability can now be installed.
## Description:
This update for krb5 fixes the following issues:
* CVE-2023-36054: Fixed a DoS that could be triggered by an authenticated
remote user. (bsc#1214054)
## Patch Instructions:
To install this SUSE Important update use the SUSE recommended installation
methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap Micro 5.4
zypper in -t patch openSUSE-Leap-Micro-5.4-2023-3363=1
* openSUSE Leap 15.4
zypper in -t patch openSUSE-SLE-15.4-2023-3363=1 SUSE-2023-3363=1
* SUSE Linux Enterprise Micro for Rancher 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2023-3363=1
* SUSE Linux Enterprise Micro 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2023-3363=1
* SUSE Linux Enterprise Micro for Rancher 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2023-3363=1
* SUSE Linux Enterprise Micro 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2023-3363=1
* Basesystem Module 15-SP4
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2023-3363=1
* Server Applications Module 15-SP4
zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP4-2023-3363=1
* openSUSE Leap Micro 5.3
zypper in -t patch openSUSE-Leap-Micro-5.3-2023-3363=1
## Package List:
* openSUSE Leap Micro 5.4 (aarch64 s390x x86_64)
* krb5-debugsource-1.19.2-150400.3.6.1
* krb5-debuginfo-1.19.2-150400.3.6.1
* krb5-1.19.2-150400.3.6.1
* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
* krb5-mini-1.19.2-150400.3.6.1
* krb5-server-1.19.2-150400.3.6.1
* krb5-plugin-preauth-pkinit-debuginfo-1.19.2-150400.3.6.1
* krb5-plugin-preauth-spake-1.19.2-150400.3.6.1
* krb5-plugin-preauth-spake-debuginfo-1.19.2-150400.3.6.1
* krb5-plugin-kdb-ldap-debuginfo-1.19.2-150400.3.6.1
* krb5-debugsource-1.19.2-150400.3.6.1
* krb5-plugin-kdb-ldap-1.19.2-150400.3.6.1
* krb5-plugin-preauth-otp-1.19.2-150400.3.6.1
* krb5-plugin-preauth-otp-debuginfo-1.19.2-150400.3.6.1
* krb5-server-debuginfo-1.19.2-150400.3.6.1
* krb5-mini-debugsource-1.19.2-150400.3.6.1
* krb5-mini-devel-1.19.2-150400.3.6.1
* krb5-mini-debuginfo-1.19.2-150400.3.6.1
* krb5-plugin-preauth-pkinit-1.19.2-150400.3.6.1
* krb5-client-debuginfo-1.19.2-150400.3.6.1
* krb5-debuginfo-1.19.2-150400.3.6.1
* krb5-1.19.2-150400.3.6.1
* krb5-client-1.19.2-150400.3.6.1
* krb5-devel-1.19.2-150400.3.6.1
* openSUSE Leap 15.4 (x86_64)
* krb5-devel-32bit-1.19.2-150400.3.6.1
* krb5-32bit-1.19.2-150400.3.6.1
* krb5-32bit-debuginfo-1.19.2-150400.3.6.1
* openSUSE Leap 15.4 (aarch64_ilp32)
* krb5-64bit-debuginfo-1.19.2-150400.3.6.1
* krb5-64bit-1.19.2-150400.3.6.1
* krb5-devel-64bit-1.19.2-150400.3.6.1
* SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
* krb5-debugsource-1.19.2-150400.3.6.1
* krb5-debuginfo-1.19.2-150400.3.6.1
* krb5-1.19.2-150400.3.6.1
* SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
* krb5-debugsource-1.19.2-150400.3.6.1
* krb5-debuginfo-1.19.2-150400.3.6.1
* krb5-1.19.2-150400.3.6.1
* SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
* krb5-debugsource-1.19.2-150400.3.6.1
* krb5-debuginfo-1.19.2-150400.3.6.1
* krb5-1.19.2-150400.3.6.1
* SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
* krb5-debugsource-1.19.2-150400.3.6.1
* krb5-debuginfo-1.19.2-150400.3.6.1
* krb5-1.19.2-150400.3.6.1
* Basesystem Module 15-SP4 (aarch64 ppc64le s390x x86_64)
* krb5-plugin-preauth-pkinit-debuginfo-1.19.2-150400.3.6.1
* krb5-debugsource-1.19.2-150400.3.6.1
* krb5-plugin-preauth-otp-debuginfo-1.19.2-150400.3.6.1
* krb5-plugin-preauth-otp-1.19.2-150400.3.6.1
* krb5-plugin-preauth-pkinit-1.19.2-150400.3.6.1
* krb5-client-debuginfo-1.19.2-150400.3.6.1
* krb5-debuginfo-1.19.2-150400.3.6.1
* krb5-1.19.2-150400.3.6.1
* krb5-client-1.19.2-150400.3.6.1
* krb5-devel-1.19.2-150400.3.6.1
* Basesystem Module 15-SP4 (x86_64)
* krb5-32bit-1.19.2-150400.3.6.1
* krb5-32bit-debuginfo-1.19.2-150400.3.6.1
* Server Applications Module 15-SP4 (aarch64 ppc64le s390x x86_64)
* krb5-server-1.19.2-150400.3.6.1
* krb5-plugin-kdb-ldap-debuginfo-1.19.2-150400.3.6.1
* krb5-debugsource-1.19.2-150400.3.6.1
* krb5-plugin-kdb-ldap-1.19.2-150400.3.6.1
* krb5-server-debuginfo-1.19.2-150400.3.6.1
* krb5-debuginfo-1.19.2-150400.3.6.1
* openSUSE Leap Micro 5.3 (aarch64 x86_64)
* krb5-debugsource-1.19.2-150400.3.6.1
* krb5-debuginfo-1.19.2-150400.3.6.1
* krb5-1.19.2-150400.3.6.1
## References:
* https://www.suse.com/security/cve/CVE-2023-36054.html
* https://bugzilla.suse.com/show_bug.cgi?id=1214054
1
0