openSUSE Security Announce
Threads by month
- ----- 2024 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2023 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2022 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2021 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2020 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2019 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2018 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2017 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2016 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2015 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2014 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2013 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2012 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2011 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2010 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2009 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2008 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2007 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2006 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2005 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2004 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2003 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2002 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2001 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2000 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1999 -----
- December
- November
- October
- September
- August
September 2023
- 2 participants
- 127 discussions
SUSE-SU-2023:3824-1: important: Security update for python310
by security@lists.opensuse.org 27 Sep '23
by security@lists.opensuse.org 27 Sep '23
27 Sep '23
# Security update for python310
Announcement ID: SUSE-SU-2023:3824-1
Rating: important
References:
* #1213463
* #1214692
Cross-References:
* CVE-2023-40217
CVSS scores:
* CVE-2023-40217 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
* CVE-2023-40217 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Affected Products:
* openSUSE Leap 15.4
* openSUSE Leap 15.5
* Python 3 Module 15-SP4
* SUSE Linux Enterprise Desktop 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Manager Proxy 4.3
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Server 4.3
An update that solves one vulnerability and has one security fix can now be
installed.
## Description:
This update for python310 fixes the following issues:
* Update to 3.10.13.
* CVE-2023-40217: Fixed TLS handshake bypass on closed sockets (bsc#1214692)
The following non-security bug was fixed:
* stabilizing FLAG_REF usage (required for reproduceability (bsc#1213463).
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.4
zypper in -t patch SUSE-2023-3824=1 openSUSE-SLE-15.4-2023-3824=1
* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2023-3824=1
* Python 3 Module 15-SP4
zypper in -t patch SUSE-SLE-Module-Python3-15-SP4-2023-3824=1
## Package List:
* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
* python310-debugsource-3.10.13-150400.4.33.1
* python310-3.10.13-150400.4.33.1
* python310-testsuite-3.10.13-150400.4.33.1
* python310-tools-3.10.13-150400.4.33.1
* python310-core-debugsource-3.10.13-150400.4.33.1
* python310-tk-debuginfo-3.10.13-150400.4.33.1
* python310-dbm-debuginfo-3.10.13-150400.4.33.1
* python310-idle-3.10.13-150400.4.33.1
* python310-curses-3.10.13-150400.4.33.1
* python310-base-3.10.13-150400.4.33.1
* libpython3_10-1_0-3.10.13-150400.4.33.1
* python310-curses-debuginfo-3.10.13-150400.4.33.1
* python310-base-debuginfo-3.10.13-150400.4.33.1
* python310-dbm-3.10.13-150400.4.33.1
* python310-doc-3.10.13-150400.4.33.1
* python310-testsuite-debuginfo-3.10.13-150400.4.33.1
* python310-devel-3.10.13-150400.4.33.1
* python310-doc-devhelp-3.10.13-150400.4.33.1
* python310-tk-3.10.13-150400.4.33.1
* libpython3_10-1_0-debuginfo-3.10.13-150400.4.33.1
* python310-debuginfo-3.10.13-150400.4.33.1
* openSUSE Leap 15.4 (x86_64)
* python310-32bit-debuginfo-3.10.13-150400.4.33.1
* libpython3_10-1_0-32bit-debuginfo-3.10.13-150400.4.33.1
* python310-base-32bit-debuginfo-3.10.13-150400.4.33.1
* python310-32bit-3.10.13-150400.4.33.1
* python310-base-32bit-3.10.13-150400.4.33.1
* libpython3_10-1_0-32bit-3.10.13-150400.4.33.1
* openSUSE Leap 15.4 (aarch64_ilp32)
* libpython3_10-1_0-64bit-3.10.13-150400.4.33.1
* python310-64bit-debuginfo-3.10.13-150400.4.33.1
* python310-64bit-3.10.13-150400.4.33.1
* libpython3_10-1_0-64bit-debuginfo-3.10.13-150400.4.33.1
* python310-base-64bit-3.10.13-150400.4.33.1
* python310-base-64bit-debuginfo-3.10.13-150400.4.33.1
* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64)
* python310-debugsource-3.10.13-150400.4.33.1
* python310-3.10.13-150400.4.33.1
* python310-testsuite-3.10.13-150400.4.33.1
* python310-tools-3.10.13-150400.4.33.1
* python310-core-debugsource-3.10.13-150400.4.33.1
* python310-tk-debuginfo-3.10.13-150400.4.33.1
* python310-dbm-debuginfo-3.10.13-150400.4.33.1
* python310-idle-3.10.13-150400.4.33.1
* python310-curses-3.10.13-150400.4.33.1
* python310-base-3.10.13-150400.4.33.1
* libpython3_10-1_0-3.10.13-150400.4.33.1
* python310-curses-debuginfo-3.10.13-150400.4.33.1
* python310-base-debuginfo-3.10.13-150400.4.33.1
* python310-dbm-3.10.13-150400.4.33.1
* python310-doc-3.10.13-150400.4.33.1
* python310-testsuite-debuginfo-3.10.13-150400.4.33.1
* python310-devel-3.10.13-150400.4.33.1
* python310-doc-devhelp-3.10.13-150400.4.33.1
* python310-tk-3.10.13-150400.4.33.1
* libpython3_10-1_0-debuginfo-3.10.13-150400.4.33.1
* python310-debuginfo-3.10.13-150400.4.33.1
* openSUSE Leap 15.5 (x86_64)
* python310-32bit-debuginfo-3.10.13-150400.4.33.1
* libpython3_10-1_0-32bit-debuginfo-3.10.13-150400.4.33.1
* python310-base-32bit-debuginfo-3.10.13-150400.4.33.1
* python310-32bit-3.10.13-150400.4.33.1
* python310-base-32bit-3.10.13-150400.4.33.1
* libpython3_10-1_0-32bit-3.10.13-150400.4.33.1
* Python 3 Module 15-SP4 (aarch64 ppc64le s390x x86_64)
* python310-core-debugsource-3.10.13-150400.4.33.1
* python310-debugsource-3.10.13-150400.4.33.1
* python310-devel-3.10.13-150400.4.33.1
* python310-tk-debuginfo-3.10.13-150400.4.33.1
* python310-tk-3.10.13-150400.4.33.1
* python310-base-debuginfo-3.10.13-150400.4.33.1
* python310-dbm-debuginfo-3.10.13-150400.4.33.1
* python310-idle-3.10.13-150400.4.33.1
* python310-dbm-3.10.13-150400.4.33.1
* python310-curses-3.10.13-150400.4.33.1
* libpython3_10-1_0-debuginfo-3.10.13-150400.4.33.1
* python310-3.10.13-150400.4.33.1
* python310-tools-3.10.13-150400.4.33.1
* python310-base-3.10.13-150400.4.33.1
* libpython3_10-1_0-3.10.13-150400.4.33.1
* python310-debuginfo-3.10.13-150400.4.33.1
* python310-curses-debuginfo-3.10.13-150400.4.33.1
## References:
* https://www.suse.com/security/cve/CVE-2023-40217.html
* https://bugzilla.suse.com/show_bug.cgi?id=1213463
* https://bugzilla.suse.com/show_bug.cgi?id=1214692
1
0
SUSE-SU-2023:3825-1: important: Security update for binutils
by security@lists.opensuse.org 27 Sep '23
by security@lists.opensuse.org 27 Sep '23
27 Sep '23
# Security update for binutils
Announcement ID: SUSE-SU-2023:3825-1
Rating: important
References:
* #1200962
* #1206080
* #1206556
* #1208037
* #1208038
* #1208040
* #1208409
* #1209642
* #1210297
* #1210733
* #1213458
* #1214565
* #1214567
* #1214579
* #1214580
* #1214604
* #1214611
* #1214619
* #1214620
* #1214623
* #1214624
* #1214625
* PED-5778
Cross-References:
* CVE-2020-19726
* CVE-2021-32256
* CVE-2022-35205
* CVE-2022-35206
* CVE-2022-4285
* CVE-2022-44840
* CVE-2022-45703
* CVE-2022-47673
* CVE-2022-47695
* CVE-2022-47696
* CVE-2022-48063
* CVE-2022-48064
* CVE-2022-48065
* CVE-2023-0687
* CVE-2023-1579
* CVE-2023-1972
* CVE-2023-2222
* CVE-2023-25585
* CVE-2023-25587
* CVE-2023-25588
CVSS scores:
* CVE-2020-19726 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2021-32256 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L
* CVE-2021-32256 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2022-35205 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
* CVE-2022-35205 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2022-35206 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2022-4285 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2022-4285 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2022-44840 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2022-45703 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2022-47673 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2022-47695 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2022-47696 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2022-48063 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2022-48064 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
* CVE-2022-48064 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2022-48065 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2023-0687 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:N
* CVE-2023-0687 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-0687 ( NVD ): 4.6 CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L
* CVE-2023-1579 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
* CVE-2023-1579 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2023-1972 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
* CVE-2023-1972 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2023-2222 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
* CVE-2023-25585 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L
* CVE-2023-25585 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2023-25587 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L
* CVE-2023-25588 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L
* CVE-2023-25588 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H
Affected Products:
* Basesystem Module 15-SP4
* Basesystem Module 15-SP5
* Development Tools Module 15-SP4
* Development Tools Module 15-SP5
* openSUSE Leap 15.4
* openSUSE Leap 15.5
* SUSE CaaS Platform 4.0
* SUSE Enterprise Storage 7.1
* SUSE Linux Enterprise Desktop 15 SP4
* SUSE Linux Enterprise Desktop 15 SP5
* SUSE Linux Enterprise High Performance Computing 15 SP1
* SUSE Linux Enterprise High Performance Computing 15 SP1 LTSS 15-SP1
* SUSE Linux Enterprise High Performance Computing 15 SP2
* SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2
* SUSE Linux Enterprise High Performance Computing 15 SP3
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP3
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
* SUSE Linux Enterprise Micro 5.3
* SUSE Linux Enterprise Micro 5.4
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Real Time 15 SP4
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Server 15 SP1
* SUSE Linux Enterprise Server 15 SP1 LTSS 15-SP1
* SUSE Linux Enterprise Server 15 SP2
* SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2
* SUSE Linux Enterprise Server 15 SP3
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP1
* SUSE Linux Enterprise Server for SAP Applications 15 SP2
* SUSE Linux Enterprise Server for SAP Applications 15 SP3
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Manager Proxy 4.2
* SUSE Manager Proxy 4.3
* SUSE Manager Retail Branch Server 4.2
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Server 4.2
* SUSE Manager Server 4.3
* SUSE Package Hub 15 15-SP4
* SUSE Package Hub 15 15-SP5
An update that solves 20 vulnerabilities, contains one feature and has two
security fixes can now be installed.
## Description:
This update for binutils fixes the following issues:
Update to version 2.41 [jsc#PED-5778]:
* The MIPS port now supports the Sony Interactive Entertainment Allegrex
processor, used with the PlayStation Portable, which implements the MIPS II
ISA along with a single-precision FPU and a few implementation-specific
integer instructions.
* Objdump's --private option can now be used on PE format files to display the
fields in the file header and section headers.
* New versioned release of libsframe: libsframe.so.1. This release introduces
versioned symbols with version node name LIBSFRAME_1.0. This release also
updates the ABI in an incompatible way: this includes removal of
sframe_get_funcdesc_with_addr API, change in the behavior of
sframe_fre_get_ra_offset and sframe_fre_get_fp_offset APIs.
* SFrame Version 2 is now the default (and only) format version supported by
gas, ld, readelf and objdump.
* Add command-line option, --strip-section-headers, to objcopy and strip to
remove ELF section header from ELF file.
* The RISC-V port now supports the following new standard extensions:
* Zicond (conditional zero instructions)
* Zfa (additional floating-point instructions)
* Zvbb, Zvbc, Zvkg, Zvkned, Zvknh[ab], Zvksed, Zvksh, Zvkn, Zvknc, Zvkng,
Zvks, Zvksc, Zvkg, Zvkt (vector crypto instructions)
* The RISC-V port now supports the following vendor-defined extensions:
* XVentanaCondOps
* Add support for Intel FRED, LKGS and AMX-COMPLEX instructions.
* A new .insn directive is recognized by x86 gas.
* Add SME2 support to the AArch64 port.
* The linker now accepts a command line option of --remap-inputs
<PATTERN>=<FILE> to relace any input file that matches <PATTERN> with
<FILE>. In addition the option --remap-inputs-file=<FILE> can be used to
specify a file containing any number of these remapping directives.
* The linker command line option --print-map-locals can be used to include
local symbols in a linker map. (ELF targets only).
* For most ELF based targets, if the --enable-linker-version option is used
then the version of the linker will be inserted as a string into the
.comment section.
* The linker script syntax has a new command for output sections: ASCIZ
"string" This will insert a zero-terminated string at the current location.
* Add command-line option, -z nosectionheader, to omit ELF section header.
* Contains fixes for these non-CVEs (not security bugs per upstreams
SECURITY.md):
* bsc#1209642 aka CVE-2023-1579 aka PR29988
* bsc#1210297 aka CVE-2023-1972 aka PR30285
* bsc#1210733 aka CVE-2023-2222 aka PR29936
* bsc#1213458 aka CVE-2021-32256 aka PR105039 (gcc)
* bsc#1214565 aka CVE-2020-19726 aka PR26240
* bsc#1214567 aka CVE-2022-35206 aka PR29290
* bsc#1214579 aka CVE-2022-35205 aka PR29289
* bsc#1214580 aka CVE-2022-44840 aka PR29732
* bsc#1214604 aka CVE-2022-45703 aka PR29799
* bsc#1214611 aka CVE-2022-48065 aka PR29925
* bsc#1214619 aka CVE-2022-48064 aka PR29922
* bsc#1214620 aka CVE-2022-48063 aka PR29924
* bsc#1214623 aka CVE-2022-47696 aka PR29677
* bsc#1214624 aka CVE-2022-47695 aka PR29846
* bsc#1214625 aka CVE-2022-47673 aka PR29876
* This only existed only for a very short while in SLE-15, as the main variant
in devel:gcc subsumed this in binutils-revert-rela.diff. Hence:
* Document fixed CVEs:
* bsc#1208037 aka CVE-2023-25588 aka PR29677
* bsc#1208038 aka CVE-2023-25587 aka PR29846
* bsc#1208040 aka CVE-2023-25585 aka PR29892
* bsc#1208409 aka CVE-2023-0687 aka PR29444
* Enable bpf-none cross target and add bpf-none to the multitarget set of
supported targets.
* Disable packed-relative-relocs for old codestreams. They generate buggy
relocations when binutils-revert-rela.diff is active. [bsc#1206556]
* Disable ZSTD debug section compress by default.
* Enable zstd compression algorithm (instead of zlib) for debug info sections
by default.
* Pack libgprofng only for supported platforms.
* Move libgprofng-related libraries to the proper locations (packages).
* Add --without=bootstrap for skipping of bootstrap (faster testing of the
package).
* Remove broken arm32-avoid-copyreloc.patch to fix [gcc#108515]
Update to version 2.40:
* Objdump has a new command line option --show-all-symbols which will make it
display all symbols that match a given address when disassembling. (Normally
only the first symbol that matches an address is shown).
* Add --enable-colored-disassembly configure time option to enable colored
disassembly output by default, if the output device is a terminal. Note,
this configure option is disabled by default.
* DCO signed contributions are now accepted.
* objcopy --decompress-debug-sections now supports zstd compressed debug
sections. The new option --compress-debug-sections=zstd compresses debug
sections with zstd.
* addr2line and objdump --dwarf now support zstd compressed debug sections.
* The dlltool program now accepts --deterministic-libraries and \--non-
deterministic-libraries as command line options to control whether or not it
generates deterministic output libraries. If neither of these options are
used the default is whatever was set when the binutils were configured.
* readelf and objdump now have a newly added option --sframe which dumps the
SFrame section.
* Add support for Intel RAO-INT instructions.
* Add support for Intel AVX-NE-CONVERT instructions.
* Add support for Intel MSRLIST instructions.
* Add support for Intel WRMSRNS instructions.
* Add support for Intel CMPccXADD instructions.
* Add support for Intel AVX-VNNI-INT8 instructions.
* Add support for Intel AVX-IFMA instructions.
* Add support for Intel PREFETCHI instructions.
* Add support for Intel AMX-FP16 instructions.
* gas now supports --compress-debug-sections=zstd to compress debug sections
with zstd.
* Add --enable-default-compressed-debug-sections-algorithm={zlib,zstd} that
selects the default compression algorithm for --enable-compressed-debug-
sections.
* Add support for various T-Head extensions (XTheadBa, XTheadBb, XTheadBs,
XTheadCmo, XTheadCondMov, XTheadFMemIdx, XTheadFmv, XTheadInt, XTheadMemIdx,
XTheadMemPair, XTheadMac, and XTheadSync) from version 2.0 of the T-Head ISA
manual, which are implemented in the Allwinner D1.
* Add support for the RISC-V Zawrs extension, version 1.0-rc4.
* Add support for Cortex-X1C for Arm.
* New command line option --gsframe to generate SFrame unwind information on
x86_64 and aarch64 targets.
* The linker has a new command line option to suppress the generation of any
warning or error messages. This can be useful when there is a need to create
a known non-working binary. The option is -w or --no-warnings.
* ld now supports zstd compressed debug sections. The new option \--compress-
debug-sections=zstd compresses debug sections with zstd.
* Add --enable-default-compressed-debug-sections-algorithm={zlib,zstd} that
selects the default compression algorithm for --enable-compressed-debug-
sections.
* Remove support for -z bndplt (MPX prefix instructions).
* Includes fixes for these CVEs:
* bsc#1206080 aka CVE-2022-4285 aka PR29699
* Enable by default: --enable-colored-disassembly.
* fix build on x86_64_vX platforms
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2023-3825=1
* Basesystem Module 15-SP4
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2023-3825=1
* Basesystem Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2023-3825=1
* Development Tools Module 15-SP4
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP4-2023-3825=1
* Development Tools Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2023-3825=1
* SUSE Package Hub 15 15-SP4
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP4-2023-3825=1
* SUSE Package Hub 15 15-SP5
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2023-3825=1
* SUSE Linux Enterprise High Performance Computing 15 SP1 LTSS 15-SP1
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-LTSS-2023-3825=1
* SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2023-3825=1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP3
zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-ESPOS-2023-3825=1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2023-3825=1
* SUSE Linux Enterprise Server 15 SP1 LTSS 15-SP1
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2023-3825=1
* SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2023-3825=1
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3
zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2023-3825=1
* SUSE Linux Enterprise Server for SAP Applications 15 SP1
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2023-3825=1
* SUSE Linux Enterprise Server for SAP Applications 15 SP2
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2023-3825=1
* SUSE Linux Enterprise Server for SAP Applications 15 SP3
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2023-3825=1
* SUSE Manager Proxy 4.2
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.2-2023-3825=1
* SUSE Manager Retail Branch Server 4.2
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.2-2023-3825=1
* SUSE Manager Server 4.2
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.2-2023-3825=1
* SUSE Enterprise Storage 7.1
zypper in -t patch SUSE-Storage-7.1-2023-3825=1
* SUSE CaaS Platform 4.0
To install this update, use the SUSE CaaS Platform 'skuba' tool. It will inform
you if it detects new updates and let you then trigger updating of the complete
cluster in a controlled way.
* openSUSE Leap 15.4
zypper in -t patch openSUSE-SLE-15.4-2023-3825=1
## Package List:
* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64)
* cross-hppa64-binutils-debugsource-2.41-150100.7.46.1
* cross-sparc-binutils-debuginfo-2.41-150100.7.46.1
* cross-hppa64-binutils-debuginfo-2.41-150100.7.46.1
* cross-hppa-binutils-debugsource-2.41-150100.7.46.1
* cross-sparc-binutils-2.41-150100.7.46.1
* binutils-gold-2.41-150100.7.46.1
* cross-ia64-binutils-2.41-150100.7.46.1
* cross-spu-binutils-debuginfo-2.41-150100.7.46.1
* cross-avr-binutils-2.41-150100.7.46.1
* cross-sparc64-binutils-2.41-150100.7.46.1
* libctf-nobfd0-debuginfo-2.41-150100.7.46.1
* cross-sparc64-binutils-debuginfo-2.41-150100.7.46.1
* cross-s390-binutils-debugsource-2.41-150100.7.46.1
* cross-xtensa-binutils-2.41-150100.7.46.1
* cross-ppc-binutils-2.41-150100.7.46.1
* cross-ppc-binutils-debugsource-2.41-150100.7.46.1
* cross-epiphany-binutils-2.41-150100.7.46.1
* cross-i386-binutils-debuginfo-2.41-150100.7.46.1
* cross-riscv64-binutils-2.41-150100.7.46.1
* cross-ppc64-binutils-debugsource-2.41-150100.7.46.1
* cross-sparc64-binutils-debugsource-2.41-150100.7.46.1
* cross-hppa64-binutils-2.41-150100.7.46.1
* cross-arm-binutils-debuginfo-2.41-150100.7.46.1
* cross-arm-binutils-debugsource-2.41-150100.7.46.1
* cross-m68k-binutils-debuginfo-2.41-150100.7.46.1
* cross-rx-binutils-2.41-150100.7.46.1
* libctf-nobfd0-2.41-150100.7.46.1
* cross-xtensa-binutils-debuginfo-2.41-150100.7.46.1
* cross-i386-binutils-debugsource-2.41-150100.7.46.1
* cross-spu-binutils-debugsource-2.41-150100.7.46.1
* cross-epiphany-binutils-debuginfo-2.41-150100.7.46.1
* binutils-2.41-150100.7.46.1
* cross-riscv64-binutils-debugsource-2.41-150100.7.46.1
* cross-ia64-binutils-debugsource-2.41-150100.7.46.1
* binutils-gold-debuginfo-2.41-150100.7.46.1
* cross-rx-binutils-debugsource-2.41-150100.7.46.1
* binutils-debuginfo-2.41-150100.7.46.1
* cross-m68k-binutils-2.41-150100.7.46.1
* cross-mips-binutils-debuginfo-2.41-150100.7.46.1
* cross-hppa-binutils-2.41-150100.7.46.1
* cross-ppc64-binutils-debuginfo-2.41-150100.7.46.1
* cross-i386-binutils-2.41-150100.7.46.1
* libctf0-debuginfo-2.41-150100.7.46.1
* cross-ia64-binutils-debuginfo-2.41-150100.7.46.1
* cross-rx-binutils-debuginfo-2.41-150100.7.46.1
* cross-xtensa-binutils-debugsource-2.41-150100.7.46.1
* cross-hppa-binutils-debuginfo-2.41-150100.7.46.1
* cross-ppc64-binutils-2.41-150100.7.46.1
* cross-epiphany-binutils-debugsource-2.41-150100.7.46.1
* binutils-debugsource-2.41-150100.7.46.1
* cross-sparc-binutils-debugsource-2.41-150100.7.46.1
* cross-avr-binutils-debugsource-2.41-150100.7.46.1
* cross-avr-binutils-debuginfo-2.41-150100.7.46.1
* libctf0-2.41-150100.7.46.1
* cross-m68k-binutils-debugsource-2.41-150100.7.46.1
* cross-spu-binutils-2.41-150100.7.46.1
* cross-arm-binutils-2.41-150100.7.46.1
* cross-ppc-binutils-debuginfo-2.41-150100.7.46.1
* cross-s390-binutils-2.41-150100.7.46.1
* binutils-devel-2.41-150100.7.46.1
* cross-s390-binutils-debuginfo-2.41-150100.7.46.1
* cross-mips-binutils-debugsource-2.41-150100.7.46.1
* cross-mips-binutils-2.41-150100.7.46.1
* cross-riscv64-binutils-debuginfo-2.41-150100.7.46.1
* openSUSE Leap 15.5 (x86_64)
* binutils-devel-32bit-2.41-150100.7.46.1
* openSUSE Leap 15.5 (ppc64le s390x x86_64)
* cross-aarch64-binutils-debugsource-2.41-150100.7.46.1
* cross-aarch64-binutils-debuginfo-2.41-150100.7.46.1
* cross-aarch64-binutils-2.41-150100.7.46.1
* openSUSE Leap 15.5 (aarch64 s390x x86_64)
* cross-ppc64le-binutils-debuginfo-2.41-150100.7.46.1
* cross-ppc64le-binutils-2.41-150100.7.46.1
* cross-ppc64le-binutils-debugsource-2.41-150100.7.46.1
* openSUSE Leap 15.5 (aarch64 ppc64le x86_64)
* cross-s390x-binutils-debugsource-2.41-150100.7.46.1
* cross-s390x-binutils-2.41-150100.7.46.1
* cross-s390x-binutils-debuginfo-2.41-150100.7.46.1
* openSUSE Leap 15.5 (aarch64 ppc64le s390x)
* cross-x86_64-binutils-debugsource-2.41-150100.7.46.1
* cross-x86_64-binutils-debuginfo-2.41-150100.7.46.1
* cross-x86_64-binutils-2.41-150100.7.46.1
* Basesystem Module 15-SP4 (aarch64 ppc64le s390x x86_64)
* libctf-nobfd0-2.41-150100.7.46.1
* binutils-debugsource-2.41-150100.7.46.1
* binutils-debuginfo-2.41-150100.7.46.1
* libctf0-2.41-150100.7.46.1
* libctf-nobfd0-debuginfo-2.41-150100.7.46.1
* libctf0-debuginfo-2.41-150100.7.46.1
* binutils-2.41-150100.7.46.1
* binutils-devel-2.41-150100.7.46.1
* Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* libctf-nobfd0-2.41-150100.7.46.1
* binutils-debugsource-2.41-150100.7.46.1
* binutils-debuginfo-2.41-150100.7.46.1
* libctf0-2.41-150100.7.46.1
* libctf-nobfd0-debuginfo-2.41-150100.7.46.1
* libctf0-debuginfo-2.41-150100.7.46.1
* binutils-2.41-150100.7.46.1
* binutils-devel-2.41-150100.7.46.1
* Development Tools Module 15-SP4 (x86_64)
* binutils-devel-32bit-2.41-150100.7.46.1
* binutils-debugsource-2.41-150100.7.46.1
* Development Tools Module 15-SP5 (x86_64)
* binutils-devel-32bit-2.41-150100.7.46.1
* SUSE Package Hub 15 15-SP4 (aarch64 ppc64le s390x x86_64)
* binutils-gold-2.41-150100.7.46.1
* binutils-gold-debuginfo-2.41-150100.7.46.1
* binutils-debugsource-2.41-150100.7.46.1
* binutils-debuginfo-2.41-150100.7.46.1
* SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x x86_64)
* binutils-gold-2.41-150100.7.46.1
* binutils-gold-debuginfo-2.41-150100.7.46.1
* binutils-debugsource-2.41-150100.7.46.1
* binutils-debuginfo-2.41-150100.7.46.1
* SUSE Linux Enterprise High Performance Computing 15 SP1 LTSS 15-SP1 (aarch64
x86_64)
* libctf-nobfd0-2.41-150100.7.46.1
* binutils-debugsource-2.41-150100.7.46.1
* binutils-debuginfo-2.41-150100.7.46.1
* libctf0-2.41-150100.7.46.1
* libctf-nobfd0-debuginfo-2.41-150100.7.46.1
* libctf0-debuginfo-2.41-150100.7.46.1
* binutils-2.41-150100.7.46.1
* binutils-devel-2.41-150100.7.46.1
* SUSE Linux Enterprise High Performance Computing 15 SP1 LTSS 15-SP1 (x86_64)
* binutils-devel-32bit-2.41-150100.7.46.1
* SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64
x86_64)
* libctf-nobfd0-2.41-150100.7.46.1
* binutils-debugsource-2.41-150100.7.46.1
* binutils-debuginfo-2.41-150100.7.46.1
* libctf0-2.41-150100.7.46.1
* libctf-nobfd0-debuginfo-2.41-150100.7.46.1
* libctf0-debuginfo-2.41-150100.7.46.1
* binutils-2.41-150100.7.46.1
* binutils-devel-2.41-150100.7.46.1
* SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (x86_64)
* binutils-devel-32bit-2.41-150100.7.46.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP3 (aarch64
x86_64)
* libctf-nobfd0-2.41-150100.7.46.1
* binutils-debugsource-2.41-150100.7.46.1
* binutils-debuginfo-2.41-150100.7.46.1
* libctf0-2.41-150100.7.46.1
* libctf-nobfd0-debuginfo-2.41-150100.7.46.1
* libctf0-debuginfo-2.41-150100.7.46.1
* binutils-2.41-150100.7.46.1
* binutils-devel-2.41-150100.7.46.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP3 (x86_64)
* binutils-devel-32bit-2.41-150100.7.46.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
x86_64)
* libctf-nobfd0-2.41-150100.7.46.1
* binutils-debugsource-2.41-150100.7.46.1
* binutils-debuginfo-2.41-150100.7.46.1
* libctf0-2.41-150100.7.46.1
* libctf-nobfd0-debuginfo-2.41-150100.7.46.1
* libctf0-debuginfo-2.41-150100.7.46.1
* binutils-2.41-150100.7.46.1
* binutils-devel-2.41-150100.7.46.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (x86_64)
* binutils-devel-32bit-2.41-150100.7.46.1
* SUSE Linux Enterprise Server 15 SP1 LTSS 15-SP1 (aarch64 ppc64le s390x
x86_64)
* libctf-nobfd0-2.41-150100.7.46.1
* binutils-debugsource-2.41-150100.7.46.1
* binutils-debuginfo-2.41-150100.7.46.1
* libctf0-2.41-150100.7.46.1
* libctf-nobfd0-debuginfo-2.41-150100.7.46.1
* libctf0-debuginfo-2.41-150100.7.46.1
* binutils-2.41-150100.7.46.1
* binutils-devel-2.41-150100.7.46.1
* SUSE Linux Enterprise Server 15 SP1 LTSS 15-SP1 (x86_64)
* binutils-devel-32bit-2.41-150100.7.46.1
* SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x
x86_64)
* libctf-nobfd0-2.41-150100.7.46.1
* binutils-debugsource-2.41-150100.7.46.1
* binutils-debuginfo-2.41-150100.7.46.1
* libctf0-2.41-150100.7.46.1
* libctf-nobfd0-debuginfo-2.41-150100.7.46.1
* libctf0-debuginfo-2.41-150100.7.46.1
* binutils-2.41-150100.7.46.1
* binutils-devel-2.41-150100.7.46.1
* SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (x86_64)
* binutils-devel-32bit-2.41-150100.7.46.1
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x
x86_64)
* libctf-nobfd0-2.41-150100.7.46.1
* binutils-debugsource-2.41-150100.7.46.1
* binutils-debuginfo-2.41-150100.7.46.1
* libctf0-2.41-150100.7.46.1
* libctf-nobfd0-debuginfo-2.41-150100.7.46.1
* libctf0-debuginfo-2.41-150100.7.46.1
* binutils-2.41-150100.7.46.1
* binutils-devel-2.41-150100.7.46.1
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (x86_64)
* binutils-devel-32bit-2.41-150100.7.46.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP1 (ppc64le x86_64)
* libctf-nobfd0-2.41-150100.7.46.1
* binutils-debugsource-2.41-150100.7.46.1
* binutils-debuginfo-2.41-150100.7.46.1
* libctf0-2.41-150100.7.46.1
* libctf-nobfd0-debuginfo-2.41-150100.7.46.1
* libctf0-debuginfo-2.41-150100.7.46.1
* binutils-2.41-150100.7.46.1
* binutils-devel-2.41-150100.7.46.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP1 (x86_64)
* binutils-devel-32bit-2.41-150100.7.46.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64)
* libctf-nobfd0-2.41-150100.7.46.1
* binutils-debugsource-2.41-150100.7.46.1
* binutils-debuginfo-2.41-150100.7.46.1
* libctf0-2.41-150100.7.46.1
* libctf-nobfd0-debuginfo-2.41-150100.7.46.1
* libctf0-debuginfo-2.41-150100.7.46.1
* binutils-2.41-150100.7.46.1
* binutils-devel-2.41-150100.7.46.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP2 (x86_64)
* binutils-devel-32bit-2.41-150100.7.46.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
* libctf-nobfd0-2.41-150100.7.46.1
* binutils-debugsource-2.41-150100.7.46.1
* binutils-debuginfo-2.41-150100.7.46.1
* libctf0-2.41-150100.7.46.1
* libctf-nobfd0-debuginfo-2.41-150100.7.46.1
* libctf0-debuginfo-2.41-150100.7.46.1
* binutils-2.41-150100.7.46.1
* binutils-devel-2.41-150100.7.46.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP3 (x86_64)
* binutils-devel-32bit-2.41-150100.7.46.1
* SUSE Manager Proxy 4.2 (x86_64)
* libctf-nobfd0-2.41-150100.7.46.1
* binutils-debugsource-2.41-150100.7.46.1
* binutils-debuginfo-2.41-150100.7.46.1
* libctf0-2.41-150100.7.46.1
* libctf-nobfd0-debuginfo-2.41-150100.7.46.1
* libctf0-debuginfo-2.41-150100.7.46.1
* binutils-2.41-150100.7.46.1
* binutils-devel-2.41-150100.7.46.1
* SUSE Manager Retail Branch Server 4.2 (x86_64)
* libctf-nobfd0-2.41-150100.7.46.1
* binutils-debugsource-2.41-150100.7.46.1
* binutils-debuginfo-2.41-150100.7.46.1
* libctf0-2.41-150100.7.46.1
* libctf-nobfd0-debuginfo-2.41-150100.7.46.1
* libctf0-debuginfo-2.41-150100.7.46.1
* binutils-2.41-150100.7.46.1
* binutils-devel-2.41-150100.7.46.1
* SUSE Manager Server 4.2 (ppc64le s390x x86_64)
* libctf-nobfd0-2.41-150100.7.46.1
* binutils-debugsource-2.41-150100.7.46.1
* binutils-debuginfo-2.41-150100.7.46.1
* libctf0-2.41-150100.7.46.1
* libctf-nobfd0-debuginfo-2.41-150100.7.46.1
* libctf0-debuginfo-2.41-150100.7.46.1
* binutils-2.41-150100.7.46.1
* binutils-devel-2.41-150100.7.46.1
* SUSE Enterprise Storage 7.1 (aarch64 x86_64)
* libctf-nobfd0-2.41-150100.7.46.1
* binutils-debugsource-2.41-150100.7.46.1
* binutils-debuginfo-2.41-150100.7.46.1
* libctf0-2.41-150100.7.46.1
* libctf-nobfd0-debuginfo-2.41-150100.7.46.1
* libctf0-debuginfo-2.41-150100.7.46.1
* binutils-2.41-150100.7.46.1
* binutils-devel-2.41-150100.7.46.1
* SUSE Enterprise Storage 7.1 (x86_64)
* binutils-devel-32bit-2.41-150100.7.46.1
* SUSE CaaS Platform 4.0 (x86_64)
* libctf-nobfd0-2.41-150100.7.46.1
* binutils-debugsource-2.41-150100.7.46.1
* binutils-debuginfo-2.41-150100.7.46.1
* libctf0-2.41-150100.7.46.1
* libctf-nobfd0-debuginfo-2.41-150100.7.46.1
* libctf0-debuginfo-2.41-150100.7.46.1
* binutils-2.41-150100.7.46.1
* binutils-devel-2.41-150100.7.46.1
* binutils-devel-32bit-2.41-150100.7.46.1
* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64)
* libctf-nobfd0-2.41-150100.7.46.1
* binutils-debugsource-2.41-150100.7.46.1
* binutils-debuginfo-2.41-150100.7.46.1
* binutils-gold-2.41-150100.7.46.1
* libctf0-2.41-150100.7.46.1
* libctf-nobfd0-debuginfo-2.41-150100.7.46.1
* libctf0-debuginfo-2.41-150100.7.46.1
* binutils-2.41-150100.7.46.1
* binutils-devel-2.41-150100.7.46.1
* binutils-gold-debuginfo-2.41-150100.7.46.1
* openSUSE Leap 15.4 (x86_64)
* binutils-devel-32bit-2.41-150100.7.46.1
## References:
* https://www.suse.com/security/cve/CVE-2020-19726.html
* https://www.suse.com/security/cve/CVE-2021-32256.html
* https://www.suse.com/security/cve/CVE-2022-35205.html
* https://www.suse.com/security/cve/CVE-2022-35206.html
* https://www.suse.com/security/cve/CVE-2022-4285.html
* https://www.suse.com/security/cve/CVE-2022-44840.html
* https://www.suse.com/security/cve/CVE-2022-45703.html
* https://www.suse.com/security/cve/CVE-2022-47673.html
* https://www.suse.com/security/cve/CVE-2022-47695.html
* https://www.suse.com/security/cve/CVE-2022-47696.html
* https://www.suse.com/security/cve/CVE-2022-48063.html
* https://www.suse.com/security/cve/CVE-2022-48064.html
* https://www.suse.com/security/cve/CVE-2022-48065.html
* https://www.suse.com/security/cve/CVE-2023-0687.html
* https://www.suse.com/security/cve/CVE-2023-1579.html
* https://www.suse.com/security/cve/CVE-2023-1972.html
* https://www.suse.com/security/cve/CVE-2023-2222.html
* https://www.suse.com/security/cve/CVE-2023-25585.html
* https://www.suse.com/security/cve/CVE-2023-25587.html
* https://www.suse.com/security/cve/CVE-2023-25588.html
* https://bugzilla.suse.com/show_bug.cgi?id=1200962
* https://bugzilla.suse.com/show_bug.cgi?id=1206080
* https://bugzilla.suse.com/show_bug.cgi?id=1206556
* https://bugzilla.suse.com/show_bug.cgi?id=1208037
* https://bugzilla.suse.com/show_bug.cgi?id=1208038
* https://bugzilla.suse.com/show_bug.cgi?id=1208040
* https://bugzilla.suse.com/show_bug.cgi?id=1208409
* https://bugzilla.suse.com/show_bug.cgi?id=1209642
* https://bugzilla.suse.com/show_bug.cgi?id=1210297
* https://bugzilla.suse.com/show_bug.cgi?id=1210733
* https://bugzilla.suse.com/show_bug.cgi?id=1213458
* https://bugzilla.suse.com/show_bug.cgi?id=1214565
* https://bugzilla.suse.com/show_bug.cgi?id=1214567
* https://bugzilla.suse.com/show_bug.cgi?id=1214579
* https://bugzilla.suse.com/show_bug.cgi?id=1214580
* https://bugzilla.suse.com/show_bug.cgi?id=1214604
* https://bugzilla.suse.com/show_bug.cgi?id=1214611
* https://bugzilla.suse.com/show_bug.cgi?id=1214619
* https://bugzilla.suse.com/show_bug.cgi?id=1214620
* https://bugzilla.suse.com/show_bug.cgi?id=1214623
* https://bugzilla.suse.com/show_bug.cgi?id=1214624
* https://bugzilla.suse.com/show_bug.cgi?id=1214625
* https://jira.suse.com/browse/PED-5778
1
0
27 Sep '23
# Security update for mutt
Announcement ID: SUSE-SU-2023:3826-1
Rating: moderate
References:
* #1215189
* #1215191
Cross-References:
* CVE-2023-4874
* CVE-2023-4875
CVSS scores:
* CVE-2023-4874 ( SUSE ): 2.2 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:L
* CVE-2023-4874 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
* CVE-2023-4875 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
* CVE-2023-4875 ( NVD ): 2.2 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:L
Affected Products:
* Basesystem Module 15-SP4
* Basesystem Module 15-SP5
* openSUSE Leap 15.4
* openSUSE Leap 15.5
* SUSE Linux Enterprise Desktop 15 SP4
* SUSE Linux Enterprise Desktop 15 SP5
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Real Time 15 SP4
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Manager Proxy 4.2
* SUSE Manager Proxy 4.3
* SUSE Manager Retail Branch Server 4.2
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Server 4.2
* SUSE Manager Server 4.3
An update that solves two vulnerabilities can now be installed.
## Description:
This update for mutt fixes the following issues:
* CVE-2023-4874: Fixed NULL pointer dereference when composing an email
(bsc#1215189).
* CVE-2023-4875: Fixed NULL pointer dereference when receiving an email
(bsc#1215191).
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.4
zypper in -t patch openSUSE-SLE-15.4-2023-3826=1
* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2023-3826=1
* Basesystem Module 15-SP4
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2023-3826=1
* Basesystem Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2023-3826=1
* SUSE Manager Proxy 4.2
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.2-2023-3826=1
* SUSE Manager Retail Branch Server 4.2
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.2-2023-3826=1
* SUSE Manager Server 4.2
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.2-2023-3826=1
## Package List:
* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64)
* mutt-debugsource-1.10.1-150000.3.26.1
* mutt-1.10.1-150000.3.26.1
* mutt-debuginfo-1.10.1-150000.3.26.1
* openSUSE Leap 15.4 (noarch)
* mutt-doc-1.10.1-150000.3.26.1
* mutt-lang-1.10.1-150000.3.26.1
* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64)
* mutt-debugsource-1.10.1-150000.3.26.1
* mutt-1.10.1-150000.3.26.1
* mutt-debuginfo-1.10.1-150000.3.26.1
* openSUSE Leap 15.5 (noarch)
* mutt-doc-1.10.1-150000.3.26.1
* mutt-lang-1.10.1-150000.3.26.1
* Basesystem Module 15-SP4 (aarch64 ppc64le s390x x86_64)
* mutt-debugsource-1.10.1-150000.3.26.1
* mutt-1.10.1-150000.3.26.1
* mutt-debuginfo-1.10.1-150000.3.26.1
* Basesystem Module 15-SP4 (noarch)
* mutt-doc-1.10.1-150000.3.26.1
* mutt-lang-1.10.1-150000.3.26.1
* Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* mutt-debugsource-1.10.1-150000.3.26.1
* mutt-1.10.1-150000.3.26.1
* mutt-debuginfo-1.10.1-150000.3.26.1
* Basesystem Module 15-SP5 (noarch)
* mutt-doc-1.10.1-150000.3.26.1
* mutt-lang-1.10.1-150000.3.26.1
* SUSE Manager Proxy 4.2 (x86_64)
* mutt-debugsource-1.10.1-150000.3.26.1
* mutt-1.10.1-150000.3.26.1
* mutt-debuginfo-1.10.1-150000.3.26.1
* SUSE Manager Proxy 4.2 (noarch)
* mutt-doc-1.10.1-150000.3.26.1
* mutt-lang-1.10.1-150000.3.26.1
* SUSE Manager Retail Branch Server 4.2 (x86_64)
* mutt-debugsource-1.10.1-150000.3.26.1
* mutt-1.10.1-150000.3.26.1
* mutt-debuginfo-1.10.1-150000.3.26.1
* SUSE Manager Retail Branch Server 4.2 (noarch)
* mutt-doc-1.10.1-150000.3.26.1
* mutt-lang-1.10.1-150000.3.26.1
* SUSE Manager Server 4.2 (ppc64le s390x x86_64)
* mutt-debugsource-1.10.1-150000.3.26.1
* mutt-1.10.1-150000.3.26.1
* mutt-debuginfo-1.10.1-150000.3.26.1
* SUSE Manager Server 4.2 (noarch)
* mutt-doc-1.10.1-150000.3.26.1
* mutt-lang-1.10.1-150000.3.26.1
## References:
* https://www.suse.com/security/cve/CVE-2023-4874.html
* https://www.suse.com/security/cve/CVE-2023-4875.html
* https://bugzilla.suse.com/show_bug.cgi?id=1215189
* https://bugzilla.suse.com/show_bug.cgi?id=1215191
1
0
SUSE-SU-2023:3827-1: moderate: Security update for python-brotlipy
by security@lists.opensuse.org 27 Sep '23
by security@lists.opensuse.org 27 Sep '23
27 Sep '23
# Security update for python-brotlipy
Announcement ID: SUSE-SU-2023:3827-1
Rating: moderate
References:
* #1175825
Cross-References:
* CVE-2020-8927
CVSS scores:
* CVE-2020-8927 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
* CVE-2020-8927 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
Affected Products:
* openSUSE Leap 15.4
* openSUSE Leap 15.5
* Public Cloud Module 15-SP3
* Public Cloud Module 15-SP4
* Public Cloud Module 15-SP5
* SUSE Linux Enterprise High Performance Computing 15 SP3
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Server 15 SP3
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP3
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Manager Proxy 4.2
* SUSE Manager Proxy 4.3
* SUSE Manager Retail Branch Server 4.2
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Server 4.2
* SUSE Manager Server 4.3
An update that solves one vulnerability can now be installed.
## Description:
This update for python-brotlipy fixes the following issues:
* CVE-2020-8927: Fixed integer overflow when input chunk is larger than 2GiB
(bsc#1175825).
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* Public Cloud Module 15-SP3
zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP3-2023-3827=1
* Public Cloud Module 15-SP4
zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2023-3827=1
* Public Cloud Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP5-2023-3827=1
* openSUSE Leap 15.4
zypper in -t patch openSUSE-SLE-15.4-2023-3827=1
* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2023-3827=1
## Package List:
* Public Cloud Module 15-SP3 (aarch64 ppc64le s390x x86_64)
* python-brotlipy-debugsource-0.7.0-150300.3.3.1
* python-brotlipy-debuginfo-0.7.0-150300.3.3.1
* python3-brotlipy-debuginfo-0.7.0-150300.3.3.1
* python3-brotlipy-0.7.0-150300.3.3.1
* Public Cloud Module 15-SP4 (aarch64 ppc64le s390x x86_64)
* python-brotlipy-debugsource-0.7.0-150300.3.3.1
* python-brotlipy-debuginfo-0.7.0-150300.3.3.1
* python3-brotlipy-debuginfo-0.7.0-150300.3.3.1
* python3-brotlipy-0.7.0-150300.3.3.1
* Public Cloud Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* python-brotlipy-debugsource-0.7.0-150300.3.3.1
* python-brotlipy-debuginfo-0.7.0-150300.3.3.1
* python3-brotlipy-debuginfo-0.7.0-150300.3.3.1
* python3-brotlipy-0.7.0-150300.3.3.1
* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64)
* python-brotlipy-debugsource-0.7.0-150300.3.3.1
* python-brotlipy-debuginfo-0.7.0-150300.3.3.1
* python3-brotlipy-debuginfo-0.7.0-150300.3.3.1
* python3-brotlipy-0.7.0-150300.3.3.1
* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64)
* python-brotlipy-debugsource-0.7.0-150300.3.3.1
* python-brotlipy-debuginfo-0.7.0-150300.3.3.1
* python3-brotlipy-debuginfo-0.7.0-150300.3.3.1
* python3-brotlipy-0.7.0-150300.3.3.1
## References:
* https://www.suse.com/security/cve/CVE-2020-8927.html
* https://bugzilla.suse.com/show_bug.cgi?id=1175825
1
0
SUSE-SU-2023:3828-1: important: Security update for python3
by security@lists.opensuse.org 27 Sep '23
by security@lists.opensuse.org 27 Sep '23
27 Sep '23
# Security update for python3
Announcement ID: SUSE-SU-2023:3828-1
Rating: important
References:
* #1214692
Cross-References:
* CVE-2023-40217
CVSS scores:
* CVE-2023-40217 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
* CVE-2023-40217 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Affected Products:
* Basesystem Module 15-SP4
* Basesystem Module 15-SP5
* Development Tools Module 15-SP4
* Development Tools Module 15-SP5
* openSUSE Leap 15.4
* openSUSE Leap 15.5
* SUSE Enterprise Storage 7.1
* SUSE Linux Enterprise Desktop 15 SP4
* SUSE Linux Enterprise Desktop 15 SP5
* SUSE Linux Enterprise High Performance Computing 15 SP3
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP3
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
* SUSE Linux Enterprise Micro 5.2
* SUSE Linux Enterprise Micro 5.3
* SUSE Linux Enterprise Micro 5.4
* SUSE Linux Enterprise Micro for Rancher 5.2
* SUSE Linux Enterprise Micro for Rancher 5.3
* SUSE Linux Enterprise Micro for Rancher 5.4
* SUSE Linux Enterprise Real Time 15 SP4
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Server 15 SP3
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP3
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Manager Proxy 4.2
* SUSE Manager Proxy 4.3
* SUSE Manager Retail Branch Server 4.2
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Server 4.2
* SUSE Manager Server 4.3
An update that solves one vulnerability can now be installed.
## Description:
This update for python3 fixes the following issues:
* CVE-2023-40217: Fixed TLS handshake bypass on closed sockets (bsc#1214692).
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.4
zypper in -t patch openSUSE-SLE-15.4-2023-3828=1
* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2023-3828=1
* SUSE Linux Enterprise Micro for Rancher 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2023-3828=1
* SUSE Linux Enterprise Micro 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2023-3828=1
* SUSE Linux Enterprise Micro for Rancher 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2023-3828=1
* SUSE Linux Enterprise Micro 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2023-3828=1
* Basesystem Module 15-SP4
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2023-3828=1
* Basesystem Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2023-3828=1
* Development Tools Module 15-SP4
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP4-2023-3828=1
* Development Tools Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2023-3828=1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP3
zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-ESPOS-2023-3828=1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2023-3828=1
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3
zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2023-3828=1
* SUSE Linux Enterprise Server for SAP Applications 15 SP3
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2023-3828=1
* SUSE Manager Proxy 4.2
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.2-2023-3828=1
* SUSE Manager Retail Branch Server 4.2
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.2-2023-3828=1
* SUSE Manager Server 4.2
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.2-2023-3828=1
* SUSE Enterprise Storage 7.1
zypper in -t patch SUSE-Storage-7.1-2023-3828=1
* SUSE Linux Enterprise Micro 5.2
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2023-3828=1
* SUSE Linux Enterprise Micro for Rancher 5.2
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2023-3828=1
## Package List:
* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64)
* python3-3.6.15-150300.10.51.1
* python3-doc-devhelp-3.6.15-150300.10.51.1
* python3-base-3.6.15-150300.10.51.1
* python3-tools-3.6.15-150300.10.51.1
* python3-core-debugsource-3.6.15-150300.10.51.1
* python3-idle-3.6.15-150300.10.51.1
* python3-testsuite-3.6.15-150300.10.51.1
* python3-devel-debuginfo-3.6.15-150300.10.51.1
* python3-dbm-3.6.15-150300.10.51.1
* libpython3_6m1_0-debuginfo-3.6.15-150300.10.51.1
* python3-dbm-debuginfo-3.6.15-150300.10.51.1
* python3-debuginfo-3.6.15-150300.10.51.1
* python3-devel-3.6.15-150300.10.51.1
* libpython3_6m1_0-3.6.15-150300.10.51.1
* python3-base-debuginfo-3.6.15-150300.10.51.1
* python3-curses-debuginfo-3.6.15-150300.10.51.1
* python3-tk-debuginfo-3.6.15-150300.10.51.1
* python3-curses-3.6.15-150300.10.51.1
* python3-testsuite-debuginfo-3.6.15-150300.10.51.1
* python3-debugsource-3.6.15-150300.10.51.1
* python3-doc-3.6.15-150300.10.51.1
* python3-tk-3.6.15-150300.10.51.1
* openSUSE Leap 15.4 (x86_64)
* libpython3_6m1_0-32bit-3.6.15-150300.10.51.1
* libpython3_6m1_0-32bit-debuginfo-3.6.15-150300.10.51.1
* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64)
* python3-3.6.15-150300.10.51.1
* python3-doc-devhelp-3.6.15-150300.10.51.1
* python3-base-3.6.15-150300.10.51.1
* python3-tools-3.6.15-150300.10.51.1
* python3-core-debugsource-3.6.15-150300.10.51.1
* python3-idle-3.6.15-150300.10.51.1
* python3-testsuite-3.6.15-150300.10.51.1
* python3-devel-debuginfo-3.6.15-150300.10.51.1
* python3-dbm-3.6.15-150300.10.51.1
* libpython3_6m1_0-debuginfo-3.6.15-150300.10.51.1
* python3-dbm-debuginfo-3.6.15-150300.10.51.1
* python3-debuginfo-3.6.15-150300.10.51.1
* python3-devel-3.6.15-150300.10.51.1
* libpython3_6m1_0-3.6.15-150300.10.51.1
* python3-base-debuginfo-3.6.15-150300.10.51.1
* python3-curses-debuginfo-3.6.15-150300.10.51.1
* python3-tk-debuginfo-3.6.15-150300.10.51.1
* python3-curses-3.6.15-150300.10.51.1
* python3-testsuite-debuginfo-3.6.15-150300.10.51.1
* python3-debugsource-3.6.15-150300.10.51.1
* python3-doc-3.6.15-150300.10.51.1
* python3-tk-3.6.15-150300.10.51.1
* openSUSE Leap 15.5 (x86_64)
* libpython3_6m1_0-32bit-3.6.15-150300.10.51.1
* libpython3_6m1_0-32bit-debuginfo-3.6.15-150300.10.51.1
* SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
* python3-3.6.15-150300.10.51.1
* libpython3_6m1_0-debuginfo-3.6.15-150300.10.51.1
* python3-base-3.6.15-150300.10.51.1
* python3-debugsource-3.6.15-150300.10.51.1
* python3-core-debugsource-3.6.15-150300.10.51.1
* python3-debuginfo-3.6.15-150300.10.51.1
* libpython3_6m1_0-3.6.15-150300.10.51.1
* python3-base-debuginfo-3.6.15-150300.10.51.1
* SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
* python3-3.6.15-150300.10.51.1
* libpython3_6m1_0-debuginfo-3.6.15-150300.10.51.1
* python3-base-3.6.15-150300.10.51.1
* python3-debugsource-3.6.15-150300.10.51.1
* python3-core-debugsource-3.6.15-150300.10.51.1
* python3-debuginfo-3.6.15-150300.10.51.1
* libpython3_6m1_0-3.6.15-150300.10.51.1
* python3-base-debuginfo-3.6.15-150300.10.51.1
* SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
* python3-3.6.15-150300.10.51.1
* libpython3_6m1_0-debuginfo-3.6.15-150300.10.51.1
* python3-base-3.6.15-150300.10.51.1
* python3-debugsource-3.6.15-150300.10.51.1
* python3-core-debugsource-3.6.15-150300.10.51.1
* python3-debuginfo-3.6.15-150300.10.51.1
* libpython3_6m1_0-3.6.15-150300.10.51.1
* python3-base-debuginfo-3.6.15-150300.10.51.1
* SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
* python3-3.6.15-150300.10.51.1
* libpython3_6m1_0-debuginfo-3.6.15-150300.10.51.1
* python3-base-3.6.15-150300.10.51.1
* python3-debugsource-3.6.15-150300.10.51.1
* python3-core-debugsource-3.6.15-150300.10.51.1
* python3-debuginfo-3.6.15-150300.10.51.1
* libpython3_6m1_0-3.6.15-150300.10.51.1
* python3-base-debuginfo-3.6.15-150300.10.51.1
* Basesystem Module 15-SP4 (aarch64 ppc64le s390x x86_64)
* python3-3.6.15-150300.10.51.1
* libpython3_6m1_0-debuginfo-3.6.15-150300.10.51.1
* python3-curses-debuginfo-3.6.15-150300.10.51.1
* python3-tk-debuginfo-3.6.15-150300.10.51.1
* python3-idle-3.6.15-150300.10.51.1
* python3-curses-3.6.15-150300.10.51.1
* python3-base-3.6.15-150300.10.51.1
* python3-debugsource-3.6.15-150300.10.51.1
* python3-dbm-debuginfo-3.6.15-150300.10.51.1
* python3-devel-3.6.15-150300.10.51.1
* python3-devel-debuginfo-3.6.15-150300.10.51.1
* python3-core-debugsource-3.6.15-150300.10.51.1
* python3-debuginfo-3.6.15-150300.10.51.1
* python3-tk-3.6.15-150300.10.51.1
* libpython3_6m1_0-3.6.15-150300.10.51.1
* python3-dbm-3.6.15-150300.10.51.1
* python3-base-debuginfo-3.6.15-150300.10.51.1
* Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* python3-3.6.15-150300.10.51.1
* libpython3_6m1_0-debuginfo-3.6.15-150300.10.51.1
* python3-curses-debuginfo-3.6.15-150300.10.51.1
* python3-tk-debuginfo-3.6.15-150300.10.51.1
* python3-idle-3.6.15-150300.10.51.1
* python3-curses-3.6.15-150300.10.51.1
* python3-base-3.6.15-150300.10.51.1
* python3-debugsource-3.6.15-150300.10.51.1
* python3-dbm-debuginfo-3.6.15-150300.10.51.1
* python3-devel-3.6.15-150300.10.51.1
* python3-devel-debuginfo-3.6.15-150300.10.51.1
* python3-core-debugsource-3.6.15-150300.10.51.1
* python3-debuginfo-3.6.15-150300.10.51.1
* python3-tk-3.6.15-150300.10.51.1
* libpython3_6m1_0-3.6.15-150300.10.51.1
* python3-dbm-3.6.15-150300.10.51.1
* python3-base-debuginfo-3.6.15-150300.10.51.1
* Development Tools Module 15-SP4 (aarch64 ppc64le s390x x86_64)
* python3-tools-3.6.15-150300.10.51.1
* python3-core-debugsource-3.6.15-150300.10.51.1
* Development Tools Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* python3-tools-3.6.15-150300.10.51.1
* python3-core-debugsource-3.6.15-150300.10.51.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP3 (aarch64
x86_64)
* python3-3.6.15-150300.10.51.1
* libpython3_6m1_0-debuginfo-3.6.15-150300.10.51.1
* python3-curses-debuginfo-3.6.15-150300.10.51.1
* python3-tk-debuginfo-3.6.15-150300.10.51.1
* python3-idle-3.6.15-150300.10.51.1
* python3-curses-3.6.15-150300.10.51.1
* python3-base-3.6.15-150300.10.51.1
* python3-debugsource-3.6.15-150300.10.51.1
* python3-dbm-debuginfo-3.6.15-150300.10.51.1
* python3-devel-3.6.15-150300.10.51.1
* python3-devel-debuginfo-3.6.15-150300.10.51.1
* python3-core-debugsource-3.6.15-150300.10.51.1
* python3-debuginfo-3.6.15-150300.10.51.1
* python3-tk-3.6.15-150300.10.51.1
* libpython3_6m1_0-3.6.15-150300.10.51.1
* python3-tools-3.6.15-150300.10.51.1
* python3-dbm-3.6.15-150300.10.51.1
* python3-base-debuginfo-3.6.15-150300.10.51.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
x86_64)
* python3-3.6.15-150300.10.51.1
* libpython3_6m1_0-debuginfo-3.6.15-150300.10.51.1
* python3-curses-debuginfo-3.6.15-150300.10.51.1
* python3-tk-debuginfo-3.6.15-150300.10.51.1
* python3-idle-3.6.15-150300.10.51.1
* python3-curses-3.6.15-150300.10.51.1
* python3-base-3.6.15-150300.10.51.1
* python3-debugsource-3.6.15-150300.10.51.1
* python3-dbm-debuginfo-3.6.15-150300.10.51.1
* python3-devel-3.6.15-150300.10.51.1
* python3-devel-debuginfo-3.6.15-150300.10.51.1
* python3-core-debugsource-3.6.15-150300.10.51.1
* python3-debuginfo-3.6.15-150300.10.51.1
* python3-tk-3.6.15-150300.10.51.1
* libpython3_6m1_0-3.6.15-150300.10.51.1
* python3-tools-3.6.15-150300.10.51.1
* python3-dbm-3.6.15-150300.10.51.1
* python3-base-debuginfo-3.6.15-150300.10.51.1
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x
x86_64)
* python3-3.6.15-150300.10.51.1
* libpython3_6m1_0-debuginfo-3.6.15-150300.10.51.1
* python3-curses-debuginfo-3.6.15-150300.10.51.1
* python3-tk-debuginfo-3.6.15-150300.10.51.1
* python3-idle-3.6.15-150300.10.51.1
* python3-curses-3.6.15-150300.10.51.1
* python3-base-3.6.15-150300.10.51.1
* python3-debugsource-3.6.15-150300.10.51.1
* python3-dbm-debuginfo-3.6.15-150300.10.51.1
* python3-devel-3.6.15-150300.10.51.1
* python3-devel-debuginfo-3.6.15-150300.10.51.1
* python3-core-debugsource-3.6.15-150300.10.51.1
* python3-debuginfo-3.6.15-150300.10.51.1
* python3-tk-3.6.15-150300.10.51.1
* libpython3_6m1_0-3.6.15-150300.10.51.1
* python3-tools-3.6.15-150300.10.51.1
* python3-dbm-3.6.15-150300.10.51.1
* python3-base-debuginfo-3.6.15-150300.10.51.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
* python3-3.6.15-150300.10.51.1
* libpython3_6m1_0-debuginfo-3.6.15-150300.10.51.1
* python3-curses-debuginfo-3.6.15-150300.10.51.1
* python3-tk-debuginfo-3.6.15-150300.10.51.1
* python3-idle-3.6.15-150300.10.51.1
* python3-curses-3.6.15-150300.10.51.1
* python3-base-3.6.15-150300.10.51.1
* python3-debugsource-3.6.15-150300.10.51.1
* python3-dbm-debuginfo-3.6.15-150300.10.51.1
* python3-devel-3.6.15-150300.10.51.1
* python3-devel-debuginfo-3.6.15-150300.10.51.1
* python3-core-debugsource-3.6.15-150300.10.51.1
* python3-debuginfo-3.6.15-150300.10.51.1
* python3-tk-3.6.15-150300.10.51.1
* libpython3_6m1_0-3.6.15-150300.10.51.1
* python3-tools-3.6.15-150300.10.51.1
* python3-dbm-3.6.15-150300.10.51.1
* python3-base-debuginfo-3.6.15-150300.10.51.1
* SUSE Manager Proxy 4.2 (x86_64)
* python3-3.6.15-150300.10.51.1
* libpython3_6m1_0-debuginfo-3.6.15-150300.10.51.1
* python3-curses-debuginfo-3.6.15-150300.10.51.1
* python3-tk-debuginfo-3.6.15-150300.10.51.1
* python3-idle-3.6.15-150300.10.51.1
* python3-curses-3.6.15-150300.10.51.1
* python3-base-3.6.15-150300.10.51.1
* python3-debugsource-3.6.15-150300.10.51.1
* python3-dbm-debuginfo-3.6.15-150300.10.51.1
* python3-devel-3.6.15-150300.10.51.1
* python3-devel-debuginfo-3.6.15-150300.10.51.1
* python3-core-debugsource-3.6.15-150300.10.51.1
* python3-debuginfo-3.6.15-150300.10.51.1
* python3-tk-3.6.15-150300.10.51.1
* libpython3_6m1_0-3.6.15-150300.10.51.1
* python3-dbm-3.6.15-150300.10.51.1
* python3-base-debuginfo-3.6.15-150300.10.51.1
* SUSE Manager Retail Branch Server 4.2 (x86_64)
* python3-3.6.15-150300.10.51.1
* libpython3_6m1_0-debuginfo-3.6.15-150300.10.51.1
* python3-curses-debuginfo-3.6.15-150300.10.51.1
* python3-tk-debuginfo-3.6.15-150300.10.51.1
* python3-idle-3.6.15-150300.10.51.1
* python3-curses-3.6.15-150300.10.51.1
* python3-base-3.6.15-150300.10.51.1
* python3-debugsource-3.6.15-150300.10.51.1
* python3-dbm-debuginfo-3.6.15-150300.10.51.1
* python3-devel-3.6.15-150300.10.51.1
* python3-devel-debuginfo-3.6.15-150300.10.51.1
* python3-core-debugsource-3.6.15-150300.10.51.1
* python3-debuginfo-3.6.15-150300.10.51.1
* python3-tk-3.6.15-150300.10.51.1
* libpython3_6m1_0-3.6.15-150300.10.51.1
* python3-dbm-3.6.15-150300.10.51.1
* python3-base-debuginfo-3.6.15-150300.10.51.1
* SUSE Manager Server 4.2 (ppc64le s390x x86_64)
* python3-3.6.15-150300.10.51.1
* libpython3_6m1_0-debuginfo-3.6.15-150300.10.51.1
* python3-curses-debuginfo-3.6.15-150300.10.51.1
* python3-tk-debuginfo-3.6.15-150300.10.51.1
* python3-idle-3.6.15-150300.10.51.1
* python3-curses-3.6.15-150300.10.51.1
* python3-base-3.6.15-150300.10.51.1
* python3-debugsource-3.6.15-150300.10.51.1
* python3-dbm-debuginfo-3.6.15-150300.10.51.1
* python3-devel-3.6.15-150300.10.51.1
* python3-devel-debuginfo-3.6.15-150300.10.51.1
* python3-core-debugsource-3.6.15-150300.10.51.1
* python3-debuginfo-3.6.15-150300.10.51.1
* python3-tk-3.6.15-150300.10.51.1
* libpython3_6m1_0-3.6.15-150300.10.51.1
* python3-dbm-3.6.15-150300.10.51.1
* python3-base-debuginfo-3.6.15-150300.10.51.1
* SUSE Enterprise Storage 7.1 (aarch64 x86_64)
* python3-3.6.15-150300.10.51.1
* libpython3_6m1_0-debuginfo-3.6.15-150300.10.51.1
* python3-curses-debuginfo-3.6.15-150300.10.51.1
* python3-tk-debuginfo-3.6.15-150300.10.51.1
* python3-idle-3.6.15-150300.10.51.1
* python3-curses-3.6.15-150300.10.51.1
* python3-base-3.6.15-150300.10.51.1
* python3-debugsource-3.6.15-150300.10.51.1
* python3-dbm-debuginfo-3.6.15-150300.10.51.1
* python3-devel-3.6.15-150300.10.51.1
* python3-devel-debuginfo-3.6.15-150300.10.51.1
* python3-core-debugsource-3.6.15-150300.10.51.1
* python3-debuginfo-3.6.15-150300.10.51.1
* python3-tk-3.6.15-150300.10.51.1
* libpython3_6m1_0-3.6.15-150300.10.51.1
* python3-tools-3.6.15-150300.10.51.1
* python3-dbm-3.6.15-150300.10.51.1
* python3-base-debuginfo-3.6.15-150300.10.51.1
* SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64)
* python3-3.6.15-150300.10.51.1
* libpython3_6m1_0-debuginfo-3.6.15-150300.10.51.1
* python3-base-3.6.15-150300.10.51.1
* python3-debugsource-3.6.15-150300.10.51.1
* python3-core-debugsource-3.6.15-150300.10.51.1
* python3-debuginfo-3.6.15-150300.10.51.1
* libpython3_6m1_0-3.6.15-150300.10.51.1
* python3-base-debuginfo-3.6.15-150300.10.51.1
* SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64)
* python3-3.6.15-150300.10.51.1
* libpython3_6m1_0-debuginfo-3.6.15-150300.10.51.1
* python3-base-3.6.15-150300.10.51.1
* python3-debugsource-3.6.15-150300.10.51.1
* python3-core-debugsource-3.6.15-150300.10.51.1
* python3-debuginfo-3.6.15-150300.10.51.1
* libpython3_6m1_0-3.6.15-150300.10.51.1
* python3-base-debuginfo-3.6.15-150300.10.51.1
## References:
* https://www.suse.com/security/cve/CVE-2023-40217.html
* https://bugzilla.suse.com/show_bug.cgi?id=1214692
1
0
SUSE-SU-2023:3829-1: critical: Security update for libwebp
by security@lists.opensuse.org 27 Sep '23
by security@lists.opensuse.org 27 Sep '23
27 Sep '23
# Security update for libwebp
Announcement ID: SUSE-SU-2023:3829-1
Rating: critical
References:
* #1215231
Cross-References:
* CVE-2023-4863
CVSS scores:
* CVE-2023-4863 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2023-4863 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected Products:
* openSUSE Leap 15.4
* SUSE CaaS Platform 4.0
* SUSE Linux Enterprise Desktop 15 SP4
* SUSE Linux Enterprise Desktop 15 SP5
* SUSE Linux Enterprise High Performance Computing 15 SP1
* SUSE Linux Enterprise High Performance Computing 15 SP1 LTSS 15-SP1
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Micro 5.3
* SUSE Linux Enterprise Micro 5.4
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Real Time 15 SP4
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Server 15 SP1
* SUSE Linux Enterprise Server 15 SP1 LTSS 15-SP1
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Linux Enterprise Workstation Extension 15 SP4
* SUSE Linux Enterprise Workstation Extension 15 SP5
* SUSE Manager Proxy 4.3
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Server 4.3
* SUSE Package Hub 15 15-SP4
* SUSE Package Hub 15 15-SP5
An update that solves one vulnerability can now be installed.
## Description:
This update for libwebp fixes the following issues:
* CVE-2023-4863: Fixed heap buffer overflow (bsc#1215231).
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.4
zypper in -t patch openSUSE-SLE-15.4-2023-3829=1
* SUSE Package Hub 15 15-SP4
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP4-2023-3829=1
* SUSE Package Hub 15 15-SP5
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2023-3829=1
* SUSE Linux Enterprise High Performance Computing 15 SP1 LTSS 15-SP1
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-LTSS-2023-3829=1
* SUSE Linux Enterprise Server 15 SP1 LTSS 15-SP1
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2023-3829=1
* SUSE Linux Enterprise Server for SAP Applications 15 SP1
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2023-3829=1
* SUSE Linux Enterprise Workstation Extension 15 SP4
zypper in -t patch SUSE-SLE-Product-WE-15-SP4-2023-3829=1
* SUSE Linux Enterprise Workstation Extension 15 SP5
zypper in -t patch SUSE-SLE-Product-WE-15-SP5-2023-3829=1
* SUSE CaaS Platform 4.0
To install this update, use the SUSE CaaS Platform 'skuba' tool. It will inform
you if it detects new updates and let you then trigger updating of the complete
cluster in a controlled way.
## Package List:
* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64)
* libwebpdecoder2-debuginfo-0.5.0-150000.3.14.1
* libwebpdecoder2-0.5.0-150000.3.14.1
* libwebpmux2-0.5.0-150000.3.14.1
* libwebpextras0-0.5.0-150000.3.14.1
* libwebp6-0.5.0-150000.3.14.1
* libwebpmux2-debuginfo-0.5.0-150000.3.14.1
* libwebp6-debuginfo-0.5.0-150000.3.14.1
* libwebpextras0-debuginfo-0.5.0-150000.3.14.1
* openSUSE Leap 15.4 (x86_64)
* libwebp6-32bit-0.5.0-150000.3.14.1
* libwebpextras0-32bit-0.5.0-150000.3.14.1
* libwebpdecoder2-32bit-debuginfo-0.5.0-150000.3.14.1
* libwebp6-32bit-debuginfo-0.5.0-150000.3.14.1
* libwebpextras0-32bit-debuginfo-0.5.0-150000.3.14.1
* libwebpdecoder2-32bit-0.5.0-150000.3.14.1
* libwebpmux2-32bit-debuginfo-0.5.0-150000.3.14.1
* libwebpmux2-32bit-0.5.0-150000.3.14.1
* SUSE Package Hub 15 15-SP4 (x86_64)
* libwebp6-32bit-0.5.0-150000.3.14.1
* libwebp-debugsource-0.5.0-150000.3.14.1
* libwebp6-32bit-debuginfo-0.5.0-150000.3.14.1
* SUSE Package Hub 15 15-SP5 (x86_64)
* libwebp6-32bit-0.5.0-150000.3.14.1
* libwebp6-32bit-debuginfo-0.5.0-150000.3.14.1
* SUSE Linux Enterprise High Performance Computing 15 SP1 LTSS 15-SP1 (aarch64
x86_64)
* libwebpdecoder2-debuginfo-0.5.0-150000.3.14.1
* libwebpdecoder2-0.5.0-150000.3.14.1
* libwebp6-debuginfo-0.5.0-150000.3.14.1
* libwebpmux2-0.5.0-150000.3.14.1
* libwebpextras0-0.5.0-150000.3.14.1
* libwebp6-0.5.0-150000.3.14.1
* libwebpmux2-debuginfo-0.5.0-150000.3.14.1
* libwebp-debugsource-0.5.0-150000.3.14.1
* libwebpdemux2-0.5.0-150000.3.14.1
* libwebpdemux2-debuginfo-0.5.0-150000.3.14.1
* libwebp-devel-0.5.0-150000.3.14.1
* libwebpextras0-debuginfo-0.5.0-150000.3.14.1
* SUSE Linux Enterprise High Performance Computing 15 SP1 LTSS 15-SP1 (x86_64)
* libwebp6-32bit-0.5.0-150000.3.14.1
* libwebpdemux2-32bit-debuginfo-0.5.0-150000.3.14.1
* libwebpextras0-32bit-0.5.0-150000.3.14.1
* libwebpdecoder2-32bit-debuginfo-0.5.0-150000.3.14.1
* libwebpdemux2-32bit-0.5.0-150000.3.14.1
* libwebp6-32bit-debuginfo-0.5.0-150000.3.14.1
* libwebpextras0-32bit-debuginfo-0.5.0-150000.3.14.1
* libwebpdecoder2-32bit-0.5.0-150000.3.14.1
* libwebpmux2-32bit-debuginfo-0.5.0-150000.3.14.1
* libwebpmux2-32bit-0.5.0-150000.3.14.1
* SUSE Linux Enterprise Server 15 SP1 LTSS 15-SP1 (aarch64 ppc64le s390x
x86_64)
* libwebpdecoder2-debuginfo-0.5.0-150000.3.14.1
* libwebpdecoder2-0.5.0-150000.3.14.1
* libwebp6-debuginfo-0.5.0-150000.3.14.1
* libwebpmux2-0.5.0-150000.3.14.1
* libwebpextras0-0.5.0-150000.3.14.1
* libwebp6-0.5.0-150000.3.14.1
* libwebpmux2-debuginfo-0.5.0-150000.3.14.1
* libwebp-debugsource-0.5.0-150000.3.14.1
* libwebpdemux2-0.5.0-150000.3.14.1
* libwebpdemux2-debuginfo-0.5.0-150000.3.14.1
* libwebp-devel-0.5.0-150000.3.14.1
* libwebpextras0-debuginfo-0.5.0-150000.3.14.1
* SUSE Linux Enterprise Server 15 SP1 LTSS 15-SP1 (x86_64)
* libwebp6-32bit-0.5.0-150000.3.14.1
* libwebpdemux2-32bit-debuginfo-0.5.0-150000.3.14.1
* libwebpextras0-32bit-0.5.0-150000.3.14.1
* libwebpdecoder2-32bit-debuginfo-0.5.0-150000.3.14.1
* libwebpdemux2-32bit-0.5.0-150000.3.14.1
* libwebp6-32bit-debuginfo-0.5.0-150000.3.14.1
* libwebpextras0-32bit-debuginfo-0.5.0-150000.3.14.1
* libwebpdecoder2-32bit-0.5.0-150000.3.14.1
* libwebpmux2-32bit-debuginfo-0.5.0-150000.3.14.1
* libwebpmux2-32bit-0.5.0-150000.3.14.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP1 (ppc64le x86_64)
* libwebpdecoder2-debuginfo-0.5.0-150000.3.14.1
* libwebpdecoder2-0.5.0-150000.3.14.1
* libwebp6-debuginfo-0.5.0-150000.3.14.1
* libwebpmux2-0.5.0-150000.3.14.1
* libwebpextras0-0.5.0-150000.3.14.1
* libwebp6-0.5.0-150000.3.14.1
* libwebpmux2-debuginfo-0.5.0-150000.3.14.1
* libwebp-debugsource-0.5.0-150000.3.14.1
* libwebpdemux2-0.5.0-150000.3.14.1
* libwebpdemux2-debuginfo-0.5.0-150000.3.14.1
* libwebp-devel-0.5.0-150000.3.14.1
* libwebpextras0-debuginfo-0.5.0-150000.3.14.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP1 (x86_64)
* libwebp6-32bit-0.5.0-150000.3.14.1
* libwebpdemux2-32bit-debuginfo-0.5.0-150000.3.14.1
* libwebpextras0-32bit-0.5.0-150000.3.14.1
* libwebpdecoder2-32bit-debuginfo-0.5.0-150000.3.14.1
* libwebpdemux2-32bit-0.5.0-150000.3.14.1
* libwebp6-32bit-debuginfo-0.5.0-150000.3.14.1
* libwebpextras0-32bit-debuginfo-0.5.0-150000.3.14.1
* libwebpdecoder2-32bit-0.5.0-150000.3.14.1
* libwebpmux2-32bit-debuginfo-0.5.0-150000.3.14.1
* libwebpmux2-32bit-0.5.0-150000.3.14.1
* SUSE Linux Enterprise Workstation Extension 15 SP4 (x86_64)
* libwebp6-debuginfo-0.5.0-150000.3.14.1
* libwebp6-0.5.0-150000.3.14.1
* libwebp-debugsource-0.5.0-150000.3.14.1
* SUSE Linux Enterprise Workstation Extension 15 SP5 (x86_64)
* libwebp6-debuginfo-0.5.0-150000.3.14.1
* libwebp6-0.5.0-150000.3.14.1
* libwebp-debugsource-0.5.0-150000.3.14.1
* SUSE CaaS Platform 4.0 (x86_64)
* libwebp6-32bit-0.5.0-150000.3.14.1
* libwebp6-0.5.0-150000.3.14.1
* libwebp6-32bit-debuginfo-0.5.0-150000.3.14.1
* libwebp-debugsource-0.5.0-150000.3.14.1
* libwebpdecoder2-32bit-0.5.0-150000.3.14.1
* libwebpextras0-debuginfo-0.5.0-150000.3.14.1
* libwebpextras0-32bit-0.5.0-150000.3.14.1
* libwebp-devel-0.5.0-150000.3.14.1
* libwebpmux2-debuginfo-0.5.0-150000.3.14.1
* libwebpdemux2-debuginfo-0.5.0-150000.3.14.1
* libwebpdecoder2-debuginfo-0.5.0-150000.3.14.1
* libwebpdemux2-32bit-debuginfo-0.5.0-150000.3.14.1
* libwebpdecoder2-32bit-debuginfo-0.5.0-150000.3.14.1
* libwebpdemux2-32bit-0.5.0-150000.3.14.1
* libwebpmux2-0.5.0-150000.3.14.1
* libwebpextras0-0.5.0-150000.3.14.1
* libwebpextras0-32bit-debuginfo-0.5.0-150000.3.14.1
* libwebpmux2-32bit-debuginfo-0.5.0-150000.3.14.1
* libwebpdecoder2-0.5.0-150000.3.14.1
* libwebpdemux2-0.5.0-150000.3.14.1
* libwebp6-debuginfo-0.5.0-150000.3.14.1
* libwebpmux2-32bit-0.5.0-150000.3.14.1
## References:
* https://www.suse.com/security/cve/CVE-2023-4863.html
* https://bugzilla.suse.com/show_bug.cgi?id=1215231
1
0
27 Sep '23
# Security update for xrdp
Announcement ID: SUSE-SU-2023:3830-1
Rating: moderate
References:
* #1214805
Cross-References:
* CVE-2023-40184
CVSS scores:
* CVE-2023-40184 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
* CVE-2023-40184 ( NVD ): 2.6 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:L
Affected Products:
* Basesystem Module 15-SP4
* Basesystem Module 15-SP5
* openSUSE Leap 15.4
* openSUSE Leap 15.5
* SUSE Linux Enterprise Desktop 15 SP4
* SUSE Linux Enterprise Desktop 15 SP5
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Real Time 15 SP4
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Manager Proxy 4.2
* SUSE Manager Proxy 4.3
* SUSE Manager Retail Branch Server 4.2
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Server 4.2
* SUSE Manager Server 4.3
An update that solves one vulnerability can now be installed.
## Description:
This update for xrdp fixes the following issues:
* CVE-2023-40184: Fixed restriction bypass via improper session handling
(bsc#1214805).
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.4
zypper in -t patch openSUSE-SLE-15.4-2023-3830=1
* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2023-3830=1
* Basesystem Module 15-SP4
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2023-3830=1
* Basesystem Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2023-3830=1
* SUSE Manager Proxy 4.2
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.2-2023-3830=1
* SUSE Manager Retail Branch Server 4.2
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.2-2023-3830=1
* SUSE Manager Server 4.2
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.2-2023-3830=1
## Package List:
* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64)
* xrdp-debugsource-0.9.13.1-150200.4.24.1
* libpainter0-debuginfo-0.9.13.1-150200.4.24.1
* xrdp-debuginfo-0.9.13.1-150200.4.24.1
* xrdp-devel-0.9.13.1-150200.4.24.1
* libpainter0-0.9.13.1-150200.4.24.1
* librfxencode0-debuginfo-0.9.13.1-150200.4.24.1
* xrdp-0.9.13.1-150200.4.24.1
* librfxencode0-0.9.13.1-150200.4.24.1
* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64)
* xrdp-debugsource-0.9.13.1-150200.4.24.1
* libpainter0-debuginfo-0.9.13.1-150200.4.24.1
* xrdp-debuginfo-0.9.13.1-150200.4.24.1
* xrdp-devel-0.9.13.1-150200.4.24.1
* libpainter0-0.9.13.1-150200.4.24.1
* librfxencode0-debuginfo-0.9.13.1-150200.4.24.1
* xrdp-0.9.13.1-150200.4.24.1
* librfxencode0-0.9.13.1-150200.4.24.1
* Basesystem Module 15-SP4 (aarch64 ppc64le s390x x86_64)
* xrdp-debugsource-0.9.13.1-150200.4.24.1
* libpainter0-debuginfo-0.9.13.1-150200.4.24.1
* xrdp-debuginfo-0.9.13.1-150200.4.24.1
* xrdp-devel-0.9.13.1-150200.4.24.1
* libpainter0-0.9.13.1-150200.4.24.1
* librfxencode0-debuginfo-0.9.13.1-150200.4.24.1
* xrdp-0.9.13.1-150200.4.24.1
* librfxencode0-0.9.13.1-150200.4.24.1
* Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* xrdp-debugsource-0.9.13.1-150200.4.24.1
* libpainter0-debuginfo-0.9.13.1-150200.4.24.1
* xrdp-debuginfo-0.9.13.1-150200.4.24.1
* xrdp-devel-0.9.13.1-150200.4.24.1
* libpainter0-0.9.13.1-150200.4.24.1
* librfxencode0-debuginfo-0.9.13.1-150200.4.24.1
* xrdp-0.9.13.1-150200.4.24.1
* librfxencode0-0.9.13.1-150200.4.24.1
* SUSE Manager Proxy 4.2 (x86_64)
* xrdp-debugsource-0.9.13.1-150200.4.24.1
* libpainter0-debuginfo-0.9.13.1-150200.4.24.1
* xrdp-debuginfo-0.9.13.1-150200.4.24.1
* xrdp-devel-0.9.13.1-150200.4.24.1
* libpainter0-0.9.13.1-150200.4.24.1
* librfxencode0-debuginfo-0.9.13.1-150200.4.24.1
* xrdp-0.9.13.1-150200.4.24.1
* librfxencode0-0.9.13.1-150200.4.24.1
* SUSE Manager Retail Branch Server 4.2 (x86_64)
* xrdp-debugsource-0.9.13.1-150200.4.24.1
* libpainter0-debuginfo-0.9.13.1-150200.4.24.1
* xrdp-debuginfo-0.9.13.1-150200.4.24.1
* xrdp-devel-0.9.13.1-150200.4.24.1
* libpainter0-0.9.13.1-150200.4.24.1
* librfxencode0-debuginfo-0.9.13.1-150200.4.24.1
* xrdp-0.9.13.1-150200.4.24.1
* librfxencode0-0.9.13.1-150200.4.24.1
* SUSE Manager Server 4.2 (ppc64le s390x x86_64)
* xrdp-debugsource-0.9.13.1-150200.4.24.1
* libpainter0-debuginfo-0.9.13.1-150200.4.24.1
* xrdp-debuginfo-0.9.13.1-150200.4.24.1
* xrdp-devel-0.9.13.1-150200.4.24.1
* libpainter0-0.9.13.1-150200.4.24.1
* librfxencode0-debuginfo-0.9.13.1-150200.4.24.1
* xrdp-0.9.13.1-150200.4.24.1
* librfxencode0-0.9.13.1-150200.4.24.1
## References:
* https://www.suse.com/security/cve/CVE-2023-40184.html
* https://bugzilla.suse.com/show_bug.cgi?id=1214805
1
0
27 Sep '23
# Security update for xen
Announcement ID: SUSE-SU-2023:3831-1
Rating: important
References:
* #1215145
* #1215474
Cross-References:
* CVE-2023-20588
* CVE-2023-34322
CVSS scores:
* CVE-2023-20588 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
* CVE-2023-20588 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2023-34322 ( SUSE ): 7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
Affected Products:
* Basesystem Module 15-SP5
* openSUSE Leap 15.5
* Server Applications Module 15-SP5
* SUSE Linux Enterprise Desktop 15 SP5
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
An update that solves two vulnerabilities can now be installed.
## Description:
This update for xen fixes the following issues:
* CVE-2023-20588: Fixed AMD CPU transitional execution leak via division by
zero (XSA-439) (bsc#1215474).
* CVE-2023-34322: Fixed top-level shadow reference dropped too early for
64-bit PV guests (XSA-438) (bsc#1215145).
## Special Instructions and Notes:
* Please reboot the system after installing this update.
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2023-3831=1 SUSE-2023-3831=1
* Basesystem Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2023-3831=1
* Server Applications Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP5-2023-3831=1
## Package List:
* openSUSE Leap 15.5 (aarch64 x86_64)
* xen-tools-debuginfo-4.17.2_04-150500.3.9.1
* xen-4.17.2_04-150500.3.9.1
* xen-doc-html-4.17.2_04-150500.3.9.1
* xen-tools-4.17.2_04-150500.3.9.1
* openSUSE Leap 15.5 (aarch64 x86_64 i586)
* xen-tools-domU-debuginfo-4.17.2_04-150500.3.9.1
* xen-devel-4.17.2_04-150500.3.9.1
* xen-libs-4.17.2_04-150500.3.9.1
* xen-tools-domU-4.17.2_04-150500.3.9.1
* xen-debugsource-4.17.2_04-150500.3.9.1
* xen-libs-debuginfo-4.17.2_04-150500.3.9.1
* openSUSE Leap 15.5 (x86_64)
* xen-libs-32bit-4.17.2_04-150500.3.9.1
* xen-libs-32bit-debuginfo-4.17.2_04-150500.3.9.1
* openSUSE Leap 15.5 (noarch)
* xen-tools-xendomains-wait-disk-4.17.2_04-150500.3.9.1
* openSUSE Leap 15.5 (aarch64_ilp32)
* xen-libs-64bit-debuginfo-4.17.2_04-150500.3.9.1
* xen-libs-64bit-4.17.2_04-150500.3.9.1
* Basesystem Module 15-SP5 (x86_64)
* xen-tools-domU-debuginfo-4.17.2_04-150500.3.9.1
* xen-libs-4.17.2_04-150500.3.9.1
* xen-tools-domU-4.17.2_04-150500.3.9.1
* xen-debugsource-4.17.2_04-150500.3.9.1
* xen-libs-debuginfo-4.17.2_04-150500.3.9.1
* Server Applications Module 15-SP5 (x86_64)
* xen-tools-4.17.2_04-150500.3.9.1
* xen-devel-4.17.2_04-150500.3.9.1
* xen-debugsource-4.17.2_04-150500.3.9.1
* xen-tools-debuginfo-4.17.2_04-150500.3.9.1
* xen-4.17.2_04-150500.3.9.1
* Server Applications Module 15-SP5 (noarch)
* xen-tools-xendomains-wait-disk-4.17.2_04-150500.3.9.1
## References:
* https://www.suse.com/security/cve/CVE-2023-20588.html
* https://www.suse.com/security/cve/CVE-2023-34322.html
* https://bugzilla.suse.com/show_bug.cgi?id=1215145
* https://bugzilla.suse.com/show_bug.cgi?id=1215474
1
0
27 Sep '23
# Security update for xen
Announcement ID: SUSE-SU-2023:3832-1
Rating: important
References:
* #1215145
* #1215474
Cross-References:
* CVE-2023-20588
* CVE-2023-34322
CVSS scores:
* CVE-2023-20588 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
* CVE-2023-20588 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2023-34322 ( SUSE ): 7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
Affected Products:
* Basesystem Module 15-SP4
* openSUSE Leap 15.4
* Server Applications Module 15-SP4
* SUSE Linux Enterprise Desktop 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise Micro 5.3
* SUSE Linux Enterprise Micro 5.4
* SUSE Linux Enterprise Micro for Rancher 5.3
* SUSE Linux Enterprise Micro for Rancher 5.4
* SUSE Linux Enterprise Real Time 15 SP4
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Manager Proxy 4.3
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Server 4.3
An update that solves two vulnerabilities can now be installed.
## Description:
This update for xen fixes the following issues:
* CVE-2023-20588: Fixed AMD CPU transitional execution leak via division by
zero (XSA-439) (bsc#1215474).
* CVE-2023-34322: Fixed top-level shadow reference dropped too early for
64-bit PV guests (XSA-438) (bsc#1215145).
## Special Instructions and Notes:
* Please reboot the system after installing this update.
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.4
zypper in -t patch SUSE-2023-3832=1 openSUSE-SLE-15.4-2023-3832=1
* SUSE Linux Enterprise Micro for Rancher 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2023-3832=1
* SUSE Linux Enterprise Micro 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2023-3832=1
* SUSE Linux Enterprise Micro for Rancher 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2023-3832=1
* SUSE Linux Enterprise Micro 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2023-3832=1
* Basesystem Module 15-SP4
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2023-3832=1
* Server Applications Module 15-SP4
zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP4-2023-3832=1
## Package List:
* openSUSE Leap 15.4 (aarch64 x86_64 i586)
* xen-libs-4.16.5_04-150400.4.34.1
* xen-devel-4.16.5_04-150400.4.34.1
* xen-tools-domU-debuginfo-4.16.5_04-150400.4.34.1
* xen-debugsource-4.16.5_04-150400.4.34.1
* xen-tools-domU-4.16.5_04-150400.4.34.1
* xen-libs-debuginfo-4.16.5_04-150400.4.34.1
* openSUSE Leap 15.4 (x86_64)
* xen-libs-32bit-4.16.5_04-150400.4.34.1
* xen-libs-32bit-debuginfo-4.16.5_04-150400.4.34.1
* openSUSE Leap 15.4 (aarch64 x86_64)
* xen-tools-4.16.5_04-150400.4.34.1
* xen-tools-debuginfo-4.16.5_04-150400.4.34.1
* xen-4.16.5_04-150400.4.34.1
* xen-doc-html-4.16.5_04-150400.4.34.1
* openSUSE Leap 15.4 (noarch)
* xen-tools-xendomains-wait-disk-4.16.5_04-150400.4.34.1
* openSUSE Leap 15.4 (aarch64_ilp32)
* xen-libs-64bit-4.16.5_04-150400.4.34.1
* xen-libs-64bit-debuginfo-4.16.5_04-150400.4.34.1
* SUSE Linux Enterprise Micro for Rancher 5.3 (x86_64)
* xen-libs-4.16.5_04-150400.4.34.1
* xen-debugsource-4.16.5_04-150400.4.34.1
* xen-libs-debuginfo-4.16.5_04-150400.4.34.1
* SUSE Linux Enterprise Micro 5.3 (x86_64)
* xen-libs-4.16.5_04-150400.4.34.1
* xen-debugsource-4.16.5_04-150400.4.34.1
* xen-libs-debuginfo-4.16.5_04-150400.4.34.1
* SUSE Linux Enterprise Micro for Rancher 5.4 (x86_64)
* xen-libs-4.16.5_04-150400.4.34.1
* xen-debugsource-4.16.5_04-150400.4.34.1
* xen-libs-debuginfo-4.16.5_04-150400.4.34.1
* SUSE Linux Enterprise Micro 5.4 (x86_64)
* xen-libs-4.16.5_04-150400.4.34.1
* xen-debugsource-4.16.5_04-150400.4.34.1
* xen-libs-debuginfo-4.16.5_04-150400.4.34.1
* Basesystem Module 15-SP4 (x86_64)
* xen-libs-4.16.5_04-150400.4.34.1
* xen-debugsource-4.16.5_04-150400.4.34.1
* xen-libs-debuginfo-4.16.5_04-150400.4.34.1
* xen-tools-domU-4.16.5_04-150400.4.34.1
* xen-tools-domU-debuginfo-4.16.5_04-150400.4.34.1
* Server Applications Module 15-SP4 (x86_64)
* xen-devel-4.16.5_04-150400.4.34.1
* xen-tools-debuginfo-4.16.5_04-150400.4.34.1
* xen-debugsource-4.16.5_04-150400.4.34.1
* xen-4.16.5_04-150400.4.34.1
* xen-tools-4.16.5_04-150400.4.34.1
* Server Applications Module 15-SP4 (noarch)
* xen-tools-xendomains-wait-disk-4.16.5_04-150400.4.34.1
## References:
* https://www.suse.com/security/cve/CVE-2023-20588.html
* https://www.suse.com/security/cve/CVE-2023-34322.html
* https://bugzilla.suse.com/show_bug.cgi?id=1215145
* https://bugzilla.suse.com/show_bug.cgi?id=1215474
1
0
27 Sep '23
# Security update for exempi
Announcement ID: SUSE-SU-2023:3833-1
Rating: moderate
References:
* #1214486
Cross-References:
* CVE-2020-18651
CVSS scores:
* CVE-2020-18651 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2020-18651 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Affected Products:
* Desktop Applications Module 15-SP4
* Desktop Applications Module 15-SP5
* openSUSE Leap 15.4
* openSUSE Leap 15.5
* SUSE Linux Enterprise Desktop 15 SP4
* SUSE Linux Enterprise Desktop 15 SP5
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Real Time 15 SP4
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Manager Proxy 4.3
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Server 4.3
An update that solves one vulnerability can now be installed.
## Description:
This update for exempi fixes the following issues:
* CVE-2020-18651: Fixed a buffer overflow in ID3 support (bsc#1214486).
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.4
zypper in -t patch openSUSE-SLE-15.4-2023-3833=1
* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2023-3833=1
* Desktop Applications Module 15-SP4
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP4-2023-3833=1
* Desktop Applications Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP5-2023-3833=1
## Package List:
* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64)
* libexempi-devel-2.4.5-150000.3.9.1
* libexempi3-debuginfo-2.4.5-150000.3.9.1
* exempi-tools-debuginfo-2.4.5-150000.3.9.1
* exempi-debugsource-2.4.5-150000.3.9.1
* exempi-tools-2.4.5-150000.3.9.1
* libexempi3-2.4.5-150000.3.9.1
* openSUSE Leap 15.4 (x86_64)
* libexempi3-32bit-2.4.5-150000.3.9.1
* libexempi3-32bit-debuginfo-2.4.5-150000.3.9.1
* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64)
* libexempi-devel-2.4.5-150000.3.9.1
* libexempi3-debuginfo-2.4.5-150000.3.9.1
* exempi-tools-debuginfo-2.4.5-150000.3.9.1
* exempi-debugsource-2.4.5-150000.3.9.1
* exempi-tools-2.4.5-150000.3.9.1
* libexempi3-2.4.5-150000.3.9.1
* openSUSE Leap 15.5 (x86_64)
* libexempi3-32bit-2.4.5-150000.3.9.1
* libexempi3-32bit-debuginfo-2.4.5-150000.3.9.1
* Desktop Applications Module 15-SP4 (aarch64 ppc64le s390x x86_64)
* libexempi-devel-2.4.5-150000.3.9.1
* exempi-debugsource-2.4.5-150000.3.9.1
* libexempi3-2.4.5-150000.3.9.1
* libexempi3-debuginfo-2.4.5-150000.3.9.1
* Desktop Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* libexempi-devel-2.4.5-150000.3.9.1
* exempi-debugsource-2.4.5-150000.3.9.1
* libexempi3-2.4.5-150000.3.9.1
* libexempi3-debuginfo-2.4.5-150000.3.9.1
## References:
* https://www.suse.com/security/cve/CVE-2020-18651.html
* https://bugzilla.suse.com/show_bug.cgi?id=1214486
1
0