openSUSE Security Announce
Threads by month
- ----- 2024 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2023 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2022 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2021 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2020 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2019 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2018 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2017 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2016 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2015 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2014 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2013 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2012 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2011 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2010 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2009 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2008 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2007 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2006 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2005 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2004 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2003 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2002 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2001 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2000 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1999 -----
- December
- November
- October
- September
- August
January 2024
- 2 participants
- 60 discussions
openSUSE-SU-2024:0025-1: critical: Security update for chromium
by opensuse-security@opensuse.org 19 Jan '24
by opensuse-security@opensuse.org 19 Jan '24
19 Jan '24
openSUSE Security Update: Security update for chromium
______________________________________________________________________________
Announcement ID: openSUSE-SU-2024:0025-1
Rating: critical
References: #1218892
Cross-References: CVE-2024-0517 CVE-2024-0518 CVE-2024-0519
Affected Products:
openSUSE Backports SLE-15-SP5
______________________________________________________________________________
An update that fixes three vulnerabilities is now available.
Description:
This update for chromium fixes the following issues:
Update to 120.0.6099.224 (boo#1218892):
- CVE-2024-0517: Out of bounds write in V8
- CVE-2024-0518: Type Confusion in V8
- CVE-2024-0519: Out of bounds memory access in V8
- Various fixes from internal audits, fuzzing and other initiatives
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Backports SLE-15-SP5:
zypper in -t patch openSUSE-2024-25=1
Package List:
- openSUSE Backports SLE-15-SP5 (aarch64 x86_64):
chromedriver-120.0.6099.224-bp155.2.67.1
chromium-120.0.6099.224-bp155.2.67.1
References:
https://www.suse.com/security/cve/CVE-2024-0517.html
https://www.suse.com/security/cve/CVE-2024-0518.html
https://www.suse.com/security/cve/CVE-2024-0519.html
https://bugzilla.suse.com/1218892
1
0
SUSE-SU-2024:0156-1: important: Security update for the Linux Kernel
by OPENSUSE-SECURITY-UPDATES 18 Jan '24
by OPENSUSE-SECURITY-UPDATES 18 Jan '24
18 Jan '24
# Security update for the Linux Kernel
Announcement ID: SUSE-SU-2024:0156-1
Rating: important
References:
* bsc#1179610
* bsc#1183045
* bsc#1193285
* bsc#1211162
* bsc#1211226
* bsc#1212584
* bsc#1214747
* bsc#1214823
* bsc#1215237
* bsc#1215696
* bsc#1215885
* bsc#1216057
* bsc#1216559
* bsc#1216776
* bsc#1217036
* bsc#1217217
* bsc#1217250
* bsc#1217602
* bsc#1217692
* bsc#1217790
* bsc#1217801
* bsc#1217933
* bsc#1217938
* bsc#1217946
* bsc#1217947
* bsc#1217980
* bsc#1217981
* bsc#1217982
* bsc#1218056
* bsc#1218139
* bsc#1218184
* bsc#1218234
* bsc#1218253
* bsc#1218258
* bsc#1218335
* bsc#1218357
* bsc#1218447
* bsc#1218515
* bsc#1218559
* bsc#1218569
* bsc#1218659
* jsc#PED-3459
* jsc#PED-5021
* jsc#PED-7322
Cross-References:
* CVE-2020-26555
* CVE-2023-51779
* CVE-2023-6121
* CVE-2023-6531
* CVE-2023-6546
* CVE-2023-6606
* CVE-2023-6610
* CVE-2023-6622
* CVE-2023-6931
* CVE-2023-6932
CVSS scores:
* CVE-2020-26555 ( SUSE ): 5.4 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
* CVE-2020-26555 ( NVD ): 5.4 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
* CVE-2023-51779 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-6121 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
* CVE-2023-6121 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
* CVE-2023-6531 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-6546 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-6546 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-6606 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
* CVE-2023-6606 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
* CVE-2023-6610 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
* CVE-2023-6610 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
* CVE-2023-6622 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-6622 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-6931 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-6931 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-6932 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-6932 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products:
* openSUSE Leap 15.4
* openSUSE Leap Micro 5.3
* openSUSE Leap Micro 5.4
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4
* SUSE Linux Enterprise High Availability Extension 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise Live Patching 15-SP4
* SUSE Linux Enterprise Micro 5.3
* SUSE Linux Enterprise Micro 5.4
* SUSE Linux Enterprise Micro for Rancher 5.3
* SUSE Linux Enterprise Micro for Rancher 5.4
* SUSE Linux Enterprise Real Time 15 SP4
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Manager Proxy 4.3
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Server 4.3
An update that solves 10 vulnerabilities, contains three features and has 31
security fixes can now be installed.
## Description:
The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security
bugfixes.
The following security bugs were fixed:
* CVE-2023-6531: Fixed a use-after-free flaw due to a race problem in the unix
garbage collector's deletion of SKB races with unix_stream_read_generic()on
the socket that the SKB is queued on (bsc#1218447).
* CVE-2023-6610: Fixed an out of bounds read in the SMB client when printing
debug information (bsc#1217946).
* CVE-2023-51779: Fixed a use-after-free because of a bt_sock_ioctl race
condition in bt_sock_recvmsg (bsc#1218559).
* CVE-2020-26555: Fixed an issue during BR/EDR PIN code pairing in the
Bluetooth subsystem that would allow replay attacks (bsc#1179610
bsc#1215237).
* CVE-2023-6606: Fixed an out of bounds read in the SMB client when receiving
a malformed length from a server (bsc#1217947).
* CVE-2023-6546: Fixed a race condition in the GSM 0710 tty multiplexor via
the GSMIOC_SETCONF ioctl that could lead to local privilege escalation
(bsc#1218335).
* CVE-2023-6931: Fixed an out of bounds write in the Performance Events
subsystem when adding a new event (bsc#1218258).
* CVE-2023-6932: Fixed a use-after-free issue when receiving an IGMP query
packet due to reference count mismanagement (bsc#1218253).
* CVE-2023-6622: Fixed a null pointer dereference vulnerability in
nft_dynset_init() that could allow a local attacker with CAP_NET_ADMIN user
privilege to trigger a denial of service (bsc#1217938).
* CVE-2023-6121: Fixed an information leak via dmesg when receiving a crafted
packet in the NVMe-oF/TCP subsystem (bsc#1217250).
The following non-security bugs were fixed:
* Reviewed and added more information to README.SUSE (jsc#PED-5021).
* Enabled multibuild for kernel packages (JSC-SLE#5501, boo#1211226,
bsc#1218184).
* Drop drm/bridge lt9611uxc patches that have been reverted on stable trees
* KVM: s390/mm: Properly reset no-dat (bsc#1218056).
* KVM: s390: vsie: fix wrong VIR 37 when MSO is used (bsc#1217933).
* KVM: x86: Mask LVTPC when handling a PMI (jsc#PED-7322).
* NFS: Fix O_DIRECT locking issues (bsc#1211162).
* NFS: Fix a few more clear_bit() instances that need release semantics
(bsc#1211162).
* NFS: Fix a potential data corruption (bsc#1211162).
* NFS: Fix a use after free in nfs_direct_join_group() (bsc#1211162).
* NFS: Fix error handling for O_DIRECT write scheduling (bsc#1211162).
* NFS: More O_DIRECT accounting fixes for error paths (bsc#1211162).
* NFS: More fixes for nfs_direct_write_reschedule_io() (bsc#1211162).
* NFS: Use the correct commit info in nfs_join_page_group() (bsc#1211162).
* NLM: Defend against file_lock changes after vfs_test_lock() (bsc#1217692).
* Updated SPI patches for NVIDIA Grace enablement (bsc#1212584 jsc#PED-3459)
* block: fix revalidate performance regression (bsc#1216057).
* bpf: Adjust insufficient default bpf_jit_limit (bsc#1218234).
* ceph: fix incorrect revoked caps assert in ceph_fill_file_size()
(bsc#1217980).
* ceph: fix type promotion bug on 32bit systems (bsc#1217982).
* clocksource: Add a Kconfig option for WATCHDOG_MAX_SKEW (bsc#1215885
bsc#1217217).
* clocksource: Enable TSC watchdog checking of HPET and PMTMR only when
requested (bsc#1215885 bsc#1217217).
* clocksource: Handle negative skews in "skew is too large" messages
(bsc#1215885 bsc#1217217).
* clocksource: Improve "skew is too large" messages (bsc#1215885 bsc#1217217).
* clocksource: Improve read-back-delay message (bsc#1215885 bsc#1217217).
* clocksource: Loosen clocksource watchdog constraints (bsc#1215885
bsc#1217217).
* clocksource: Print clocksource name when clocksource is tested unstable
(bsc#1215885 bsc#1217217).
* clocksource: Verify HPET and PMTMR when TSC unverified (bsc#1215885
bsc#1217217).
* dm_blk_ioctl: implement path failover for SG_IO (bsc#1183045, bsc#1216776).
* fuse: dax: set fc->dax to NULL in fuse_dax_conn_free() (bsc#1218659).
* libceph: use kernel_connect() (bsc#1217981).
* mm: kmem: drop __GFP_NOFAIL when allocating objcg vectors (bsc#1218515).
* net/smc: Fix pos miscalculation in statistics (bsc#1218139).
* net/tg3: fix race condition in tg3_reset_task() (bsc#1217801).
* nfs: only issue commit in DIO codepath if we have uncommitted data
(bsc#1211162).
* remove unnecessary WARN_ON_ONCE() (bsc#1214823 bsc#1218569).
* s390/vx: fix save/restore of fpu kernel context (bsc#1218357).
* scsi: lpfc: use unsigned type for num_sge (bsc#1214747).
* swiotlb: fix a braino in the alignment check fix (bsc#1216559).
* swiotlb: fix slot alignment checks (bsc#1216559).
* tracing: Disable preemption when using the filter buffer (bsc#1217036).
* tracing: Fix a possible race when disabling buffered events (bsc#1217036).
* tracing: Fix a warning when allocating buffered events fails (bsc#1217036).
* tracing: Fix incomplete locking when disabling buffered events
(bsc#1217036).
* tracing: Fix warning in trace_buffered_event_disable() (bsc#1217036).
* tracing: Use __this_cpu_read() in trace_event_buffer_lock_reserver()
(bsc#1217036).
* uapi: propagate __struct_group() attributes to the container union
(jsc#SLE-18978).
* vsprintf/kallsyms: Prevent invalid data when printing symbol (bsc#1217602).
* x86/entry/ia32: Ensure s32 is sign extended to s64 (bsc#1193285).
* x86/platform/uv: Use alternate source for socket to node data (bsc#1215696
bsc#1217790).
* x86/tsc: Add option to force frequency recalibration with HW timer
(bsc#1215885 bsc#1217217).
* x86/tsc: Be consistent about use_tsc_delay() (bsc#1215885 bsc#1217217).
* x86/tsc: Extend watchdog check exemption to 4-Sockets platform (bsc#1215885
bsc#1217217).
## Special Instructions and Notes:
* Please reboot the system after installing this update.
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-156=1
* SUSE Linux Enterprise Real Time 15 SP4
zypper in -t patch SUSE-SLE-Product-RT-15-SP4-2024-156=1
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4
zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-156=1
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-156=1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-156=1
* SUSE Manager Proxy 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-156=1
* SUSE Manager Retail Branch Server 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2024-156=1
* SUSE Manager Server 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-156=1
* openSUSE Leap 15.4
zypper in -t patch SUSE-2024-156=1
* openSUSE Leap Micro 5.3
zypper in -t patch openSUSE-Leap-Micro-5.3-2024-156=1
* openSUSE Leap Micro 5.4
zypper in -t patch openSUSE-Leap-Micro-5.4-2024-156=1
* SUSE Linux Enterprise Micro for Rancher 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2024-156=1
* SUSE Linux Enterprise Micro 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2024-156=1
* SUSE Linux Enterprise Micro for Rancher 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2024-156=1
* SUSE Linux Enterprise Micro 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2024-156=1
* SUSE Linux Enterprise Live Patching 15-SP4
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2024-156=1
Please note that this is the initial kernel livepatch without fixes itself, this
package is later updated by separate standalone kernel livepatch updates.
* SUSE Linux Enterprise High Availability Extension 15 SP4
zypper in -t patch SUSE-SLE-Product-HA-15-SP4-2024-156=1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-156=1
## Package List:
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 nosrc)
* kernel-64kb-5.14.21-150400.24.103.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64)
* kernel-64kb-devel-debuginfo-5.14.21-150400.24.103.1
* kernel-64kb-debugsource-5.14.21-150400.24.103.1
* kernel-64kb-debuginfo-5.14.21-150400.24.103.1
* kernel-64kb-devel-5.14.21-150400.24.103.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 nosrc
x86_64)
* kernel-default-5.14.21-150400.24.103.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
x86_64)
* reiserfs-kmp-default-debuginfo-5.14.21-150400.24.103.1
* kernel-obs-build-5.14.21-150400.24.103.1
* kernel-default-debugsource-5.14.21-150400.24.103.1
* kernel-obs-build-debugsource-5.14.21-150400.24.103.1
* reiserfs-kmp-default-5.14.21-150400.24.103.1
* kernel-default-devel-5.14.21-150400.24.103.1
* kernel-syms-5.14.21-150400.24.103.1
* kernel-default-devel-debuginfo-5.14.21-150400.24.103.1
* kernel-default-debuginfo-5.14.21-150400.24.103.1
* kernel-default-base-5.14.21-150400.24.103.1.150400.24.48.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch)
* kernel-source-5.14.21-150400.24.103.1
* kernel-macros-5.14.21-150400.24.103.1
* kernel-devel-5.14.21-150400.24.103.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch nosrc)
* kernel-docs-5.14.21-150400.24.103.1
* SUSE Linux Enterprise Real Time 15 SP4 (nosrc x86_64)
* kernel-default-5.14.21-150400.24.103.1
* SUSE Linux Enterprise Real Time 15 SP4 (x86_64)
* kernel-obs-build-5.14.21-150400.24.103.1
* kernel-default-debugsource-5.14.21-150400.24.103.1
* kernel-obs-build-debugsource-5.14.21-150400.24.103.1
* kernel-default-devel-5.14.21-150400.24.103.1
* kernel-syms-5.14.21-150400.24.103.1
* kernel-default-devel-debuginfo-5.14.21-150400.24.103.1
* kernel-default-debuginfo-5.14.21-150400.24.103.1
* kernel-default-base-5.14.21-150400.24.103.1.150400.24.48.1
* SUSE Linux Enterprise Real Time 15 SP4 (noarch)
* kernel-source-5.14.21-150400.24.103.1
* kernel-macros-5.14.21-150400.24.103.1
* kernel-devel-5.14.21-150400.24.103.1
* SUSE Linux Enterprise Real Time 15 SP4 (noarch nosrc)
* kernel-docs-5.14.21-150400.24.103.1
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (nosrc x86_64)
* kernel-default-5.14.21-150400.24.103.1
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64)
* kernel-default-extra-5.14.21-150400.24.103.1
* kernel-obs-build-5.14.21-150400.24.103.1
* kernel-default-debugsource-5.14.21-150400.24.103.1
* kernel-obs-build-debugsource-5.14.21-150400.24.103.1
* kernel-default-devel-5.14.21-150400.24.103.1
* kernel-syms-5.14.21-150400.24.103.1
* kernel-default-devel-debuginfo-5.14.21-150400.24.103.1
* kernel-default-debuginfo-5.14.21-150400.24.103.1
* kernel-default-base-5.14.21-150400.24.103.1.150400.24.48.1
* kernel-default-extra-debuginfo-5.14.21-150400.24.103.1
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (noarch)
* kernel-source-5.14.21-150400.24.103.1
* kernel-macros-5.14.21-150400.24.103.1
* kernel-devel-5.14.21-150400.24.103.1
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (noarch nosrc)
* kernel-docs-5.14.21-150400.24.103.1
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 nosrc)
* kernel-64kb-5.14.21-150400.24.103.1
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64)
* kernel-64kb-devel-debuginfo-5.14.21-150400.24.103.1
* kernel-64kb-debugsource-5.14.21-150400.24.103.1
* kernel-64kb-debuginfo-5.14.21-150400.24.103.1
* kernel-64kb-devel-5.14.21-150400.24.103.1
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x
x86_64 nosrc)
* kernel-default-5.14.21-150400.24.103.1
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le x86_64)
* kernel-default-base-5.14.21-150400.24.103.1.150400.24.48.1
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x
x86_64)
* reiserfs-kmp-default-debuginfo-5.14.21-150400.24.103.1
* kernel-obs-build-5.14.21-150400.24.103.1
* kernel-default-debugsource-5.14.21-150400.24.103.1
* kernel-obs-build-debugsource-5.14.21-150400.24.103.1
* reiserfs-kmp-default-5.14.21-150400.24.103.1
* kernel-default-devel-5.14.21-150400.24.103.1
* kernel-syms-5.14.21-150400.24.103.1
* kernel-default-devel-debuginfo-5.14.21-150400.24.103.1
* kernel-default-debuginfo-5.14.21-150400.24.103.1
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch)
* kernel-source-5.14.21-150400.24.103.1
* kernel-macros-5.14.21-150400.24.103.1
* kernel-devel-5.14.21-150400.24.103.1
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch nosrc)
* kernel-docs-5.14.21-150400.24.103.1
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (nosrc s390x)
* kernel-zfcpdump-5.14.21-150400.24.103.1
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (s390x)
* kernel-zfcpdump-debugsource-5.14.21-150400.24.103.1
* kernel-zfcpdump-debuginfo-5.14.21-150400.24.103.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (nosrc ppc64le
x86_64)
* kernel-default-5.14.21-150400.24.103.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
* reiserfs-kmp-default-debuginfo-5.14.21-150400.24.103.1
* kernel-obs-build-5.14.21-150400.24.103.1
* kernel-default-debugsource-5.14.21-150400.24.103.1
* kernel-obs-build-debugsource-5.14.21-150400.24.103.1
* reiserfs-kmp-default-5.14.21-150400.24.103.1
* kernel-default-devel-5.14.21-150400.24.103.1
* kernel-syms-5.14.21-150400.24.103.1
* kernel-default-devel-debuginfo-5.14.21-150400.24.103.1
* kernel-default-debuginfo-5.14.21-150400.24.103.1
* kernel-default-base-5.14.21-150400.24.103.1.150400.24.48.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch)
* kernel-source-5.14.21-150400.24.103.1
* kernel-macros-5.14.21-150400.24.103.1
* kernel-devel-5.14.21-150400.24.103.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch nosrc)
* kernel-docs-5.14.21-150400.24.103.1
* SUSE Manager Proxy 4.3 (nosrc x86_64)
* kernel-default-5.14.21-150400.24.103.1
* SUSE Manager Proxy 4.3 (x86_64)
* kernel-default-debugsource-5.14.21-150400.24.103.1
* kernel-default-devel-5.14.21-150400.24.103.1
* kernel-default-devel-debuginfo-5.14.21-150400.24.103.1
* kernel-default-debuginfo-5.14.21-150400.24.103.1
* kernel-default-base-5.14.21-150400.24.103.1.150400.24.48.1
* SUSE Manager Proxy 4.3 (noarch)
* kernel-macros-5.14.21-150400.24.103.1
* kernel-devel-5.14.21-150400.24.103.1
* SUSE Manager Retail Branch Server 4.3 (nosrc x86_64)
* kernel-default-5.14.21-150400.24.103.1
* SUSE Manager Retail Branch Server 4.3 (x86_64)
* kernel-default-debugsource-5.14.21-150400.24.103.1
* kernel-default-devel-5.14.21-150400.24.103.1
* kernel-default-devel-debuginfo-5.14.21-150400.24.103.1
* kernel-default-debuginfo-5.14.21-150400.24.103.1
* kernel-default-base-5.14.21-150400.24.103.1.150400.24.48.1
* SUSE Manager Retail Branch Server 4.3 (noarch)
* kernel-macros-5.14.21-150400.24.103.1
* kernel-devel-5.14.21-150400.24.103.1
* SUSE Manager Server 4.3 (nosrc ppc64le s390x x86_64)
* kernel-default-5.14.21-150400.24.103.1
* SUSE Manager Server 4.3 (ppc64le x86_64)
* kernel-default-base-5.14.21-150400.24.103.1.150400.24.48.1
* SUSE Manager Server 4.3 (ppc64le s390x x86_64)
* kernel-default-debugsource-5.14.21-150400.24.103.1
* kernel-default-devel-5.14.21-150400.24.103.1
* kernel-default-devel-debuginfo-5.14.21-150400.24.103.1
* kernel-default-debuginfo-5.14.21-150400.24.103.1
* SUSE Manager Server 4.3 (noarch)
* kernel-macros-5.14.21-150400.24.103.1
* kernel-devel-5.14.21-150400.24.103.1
* SUSE Manager Server 4.3 (nosrc s390x)
* kernel-zfcpdump-5.14.21-150400.24.103.1
* SUSE Manager Server 4.3 (s390x)
* kernel-zfcpdump-debugsource-5.14.21-150400.24.103.1
* kernel-zfcpdump-debuginfo-5.14.21-150400.24.103.1
* openSUSE Leap 15.4 (noarch nosrc)
* kernel-docs-5.14.21-150400.24.103.1
* openSUSE Leap 15.4 (noarch)
* kernel-docs-html-5.14.21-150400.24.103.1
* kernel-macros-5.14.21-150400.24.103.1
* kernel-source-vanilla-5.14.21-150400.24.103.1
* kernel-devel-5.14.21-150400.24.103.1
* kernel-source-5.14.21-150400.24.103.1
* openSUSE Leap 15.4 (nosrc ppc64le x86_64)
* kernel-debug-5.14.21-150400.24.103.1
* openSUSE Leap 15.4 (ppc64le x86_64)
* kernel-debug-devel-5.14.21-150400.24.103.1
* kernel-debug-debuginfo-5.14.21-150400.24.103.1
* kernel-debug-debugsource-5.14.21-150400.24.103.1
* kernel-debug-livepatch-devel-5.14.21-150400.24.103.1
* kernel-debug-devel-debuginfo-5.14.21-150400.24.103.1
* openSUSE Leap 15.4 (aarch64 ppc64le x86_64)
* kernel-kvmsmall-debuginfo-5.14.21-150400.24.103.1
* kernel-kvmsmall-devel-5.14.21-150400.24.103.1
* kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.103.1
* kernel-kvmsmall-debugsource-5.14.21-150400.24.103.1
* kernel-default-base-rebuild-5.14.21-150400.24.103.1.150400.24.48.1
* kernel-kvmsmall-devel-debuginfo-5.14.21-150400.24.103.1
* kernel-default-base-5.14.21-150400.24.103.1.150400.24.48.1
* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64)
* kernel-default-optional-5.14.21-150400.24.103.1
* reiserfs-kmp-default-debuginfo-5.14.21-150400.24.103.1
* dlm-kmp-default-debuginfo-5.14.21-150400.24.103.1
* reiserfs-kmp-default-5.14.21-150400.24.103.1
* ocfs2-kmp-default-5.14.21-150400.24.103.1
* cluster-md-kmp-default-debuginfo-5.14.21-150400.24.103.1
* cluster-md-kmp-default-5.14.21-150400.24.103.1
* dlm-kmp-default-5.14.21-150400.24.103.1
* kernel-obs-build-5.14.21-150400.24.103.1
* kernel-default-livepatch-devel-5.14.21-150400.24.103.1
* ocfs2-kmp-default-debuginfo-5.14.21-150400.24.103.1
* kernel-syms-5.14.21-150400.24.103.1
* gfs2-kmp-default-5.14.21-150400.24.103.1
* kernel-default-devel-debuginfo-5.14.21-150400.24.103.1
* gfs2-kmp-default-debuginfo-5.14.21-150400.24.103.1
* kernel-obs-qa-5.14.21-150400.24.103.1
* kernel-default-extra-5.14.21-150400.24.103.1
* kernel-default-debugsource-5.14.21-150400.24.103.1
* kernel-obs-build-debugsource-5.14.21-150400.24.103.1
* kernel-default-livepatch-5.14.21-150400.24.103.1
* kernel-default-devel-5.14.21-150400.24.103.1
* kselftests-kmp-default-5.14.21-150400.24.103.1
* kernel-default-optional-debuginfo-5.14.21-150400.24.103.1
* kernel-default-debuginfo-5.14.21-150400.24.103.1
* kselftests-kmp-default-debuginfo-5.14.21-150400.24.103.1
* kernel-default-extra-debuginfo-5.14.21-150400.24.103.1
* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 nosrc)
* kernel-default-5.14.21-150400.24.103.1
* openSUSE Leap 15.4 (aarch64 nosrc ppc64le x86_64)
* kernel-kvmsmall-5.14.21-150400.24.103.1
* openSUSE Leap 15.4 (ppc64le s390x x86_64)
* kernel-livepatch-5_14_21-150400_24_103-default-1-150400.9.3.1
* kernel-livepatch-5_14_21-150400_24_103-default-debuginfo-1-150400.9.3.1
* kernel-livepatch-SLE15-SP4_Update_22-debugsource-1-150400.9.3.1
* openSUSE Leap 15.4 (nosrc s390x)
* kernel-zfcpdump-5.14.21-150400.24.103.1
* openSUSE Leap 15.4 (s390x)
* kernel-zfcpdump-debugsource-5.14.21-150400.24.103.1
* kernel-zfcpdump-debuginfo-5.14.21-150400.24.103.1
* openSUSE Leap 15.4 (nosrc)
* dtb-aarch64-5.14.21-150400.24.103.1
* openSUSE Leap 15.4 (aarch64)
* gfs2-kmp-64kb-debuginfo-5.14.21-150400.24.103.1
* reiserfs-kmp-64kb-debuginfo-5.14.21-150400.24.103.1
* kernel-64kb-extra-5.14.21-150400.24.103.1
* dtb-socionext-5.14.21-150400.24.103.1
* kselftests-kmp-64kb-debuginfo-5.14.21-150400.24.103.1
* dtb-amazon-5.14.21-150400.24.103.1
* dtb-freescale-5.14.21-150400.24.103.1
* dlm-kmp-64kb-debuginfo-5.14.21-150400.24.103.1
* dtb-lg-5.14.21-150400.24.103.1
* ocfs2-kmp-64kb-5.14.21-150400.24.103.1
* dtb-mediatek-5.14.21-150400.24.103.1
* dtb-hisilicon-5.14.21-150400.24.103.1
* dtb-altera-5.14.21-150400.24.103.1
* dlm-kmp-64kb-5.14.21-150400.24.103.1
* dtb-sprd-5.14.21-150400.24.103.1
* dtb-amlogic-5.14.21-150400.24.103.1
* kernel-64kb-debugsource-5.14.21-150400.24.103.1
* kernel-64kb-optional-debuginfo-5.14.21-150400.24.103.1
* kernel-64kb-livepatch-devel-5.14.21-150400.24.103.1
* kernel-64kb-devel-5.14.21-150400.24.103.1
* dtb-nvidia-5.14.21-150400.24.103.1
* dtb-qcom-5.14.21-150400.24.103.1
* kernel-64kb-devel-debuginfo-5.14.21-150400.24.103.1
* gfs2-kmp-64kb-5.14.21-150400.24.103.1
* kernel-64kb-debuginfo-5.14.21-150400.24.103.1
* reiserfs-kmp-64kb-5.14.21-150400.24.103.1
* dtb-xilinx-5.14.21-150400.24.103.1
* dtb-apm-5.14.21-150400.24.103.1
* dtb-apple-5.14.21-150400.24.103.1
* dtb-marvell-5.14.21-150400.24.103.1
* cluster-md-kmp-64kb-debuginfo-5.14.21-150400.24.103.1
* kernel-64kb-extra-debuginfo-5.14.21-150400.24.103.1
* dtb-renesas-5.14.21-150400.24.103.1
* dtb-rockchip-5.14.21-150400.24.103.1
* kernel-64kb-optional-5.14.21-150400.24.103.1
* kselftests-kmp-64kb-5.14.21-150400.24.103.1
* dtb-amd-5.14.21-150400.24.103.1
* dtb-arm-5.14.21-150400.24.103.1
* dtb-cavium-5.14.21-150400.24.103.1
* dtb-allwinner-5.14.21-150400.24.103.1
* dtb-exynos-5.14.21-150400.24.103.1
* ocfs2-kmp-64kb-debuginfo-5.14.21-150400.24.103.1
* dtb-broadcom-5.14.21-150400.24.103.1
* cluster-md-kmp-64kb-5.14.21-150400.24.103.1
* openSUSE Leap 15.4 (aarch64 nosrc)
* kernel-64kb-5.14.21-150400.24.103.1
* openSUSE Leap Micro 5.3 (aarch64 nosrc x86_64)
* kernel-default-5.14.21-150400.24.103.1
* openSUSE Leap Micro 5.3 (aarch64 x86_64)
* kernel-default-base-5.14.21-150400.24.103.1.150400.24.48.1
* kernel-default-debugsource-5.14.21-150400.24.103.1
* kernel-default-debuginfo-5.14.21-150400.24.103.1
* openSUSE Leap Micro 5.4 (aarch64 nosrc s390x x86_64)
* kernel-default-5.14.21-150400.24.103.1
* openSUSE Leap Micro 5.4 (aarch64 x86_64)
* kernel-default-base-5.14.21-150400.24.103.1.150400.24.48.1
* openSUSE Leap Micro 5.4 (aarch64 s390x x86_64)
* kernel-default-debugsource-5.14.21-150400.24.103.1
* kernel-default-debuginfo-5.14.21-150400.24.103.1
* SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 nosrc s390x x86_64)
* kernel-default-5.14.21-150400.24.103.1
* SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 x86_64)
* kernel-default-base-5.14.21-150400.24.103.1.150400.24.48.1
* SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
* kernel-default-debugsource-5.14.21-150400.24.103.1
* kernel-default-debuginfo-5.14.21-150400.24.103.1
* SUSE Linux Enterprise Micro 5.3 (aarch64 nosrc s390x x86_64)
* kernel-default-5.14.21-150400.24.103.1
* SUSE Linux Enterprise Micro 5.3 (aarch64 x86_64)
* kernel-default-base-5.14.21-150400.24.103.1.150400.24.48.1
* SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
* kernel-default-debugsource-5.14.21-150400.24.103.1
* kernel-default-debuginfo-5.14.21-150400.24.103.1
* SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 nosrc s390x x86_64)
* kernel-default-5.14.21-150400.24.103.1
* SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 x86_64)
* kernel-default-base-5.14.21-150400.24.103.1.150400.24.48.1
* SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
* kernel-default-debugsource-5.14.21-150400.24.103.1
* kernel-default-debuginfo-5.14.21-150400.24.103.1
* SUSE Linux Enterprise Micro 5.4 (aarch64 nosrc s390x x86_64)
* kernel-default-5.14.21-150400.24.103.1
* SUSE Linux Enterprise Micro 5.4 (aarch64 x86_64)
* kernel-default-base-5.14.21-150400.24.103.1.150400.24.48.1
* SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
* kernel-default-debugsource-5.14.21-150400.24.103.1
* kernel-default-debuginfo-5.14.21-150400.24.103.1
* SUSE Linux Enterprise Live Patching 15-SP4 (nosrc)
* kernel-default-5.14.21-150400.24.103.1
* SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64)
* kernel-livepatch-5_14_21-150400_24_103-default-1-150400.9.3.1
* kernel-default-livepatch-devel-5.14.21-150400.24.103.1
* kernel-default-debugsource-5.14.21-150400.24.103.1
* kernel-default-livepatch-5.14.21-150400.24.103.1
* kernel-livepatch-5_14_21-150400_24_103-default-debuginfo-1-150400.9.3.1
* kernel-default-debuginfo-5.14.21-150400.24.103.1
* kernel-livepatch-SLE15-SP4_Update_22-debugsource-1-150400.9.3.1
* SUSE Linux Enterprise High Availability Extension 15 SP4 (aarch64 ppc64le
s390x x86_64)
* dlm-kmp-default-5.14.21-150400.24.103.1
* dlm-kmp-default-debuginfo-5.14.21-150400.24.103.1
* gfs2-kmp-default-debuginfo-5.14.21-150400.24.103.1
* kernel-default-debugsource-5.14.21-150400.24.103.1
* ocfs2-kmp-default-debuginfo-5.14.21-150400.24.103.1
* ocfs2-kmp-default-5.14.21-150400.24.103.1
* gfs2-kmp-default-5.14.21-150400.24.103.1
* cluster-md-kmp-default-debuginfo-5.14.21-150400.24.103.1
* kernel-default-debuginfo-5.14.21-150400.24.103.1
* cluster-md-kmp-default-5.14.21-150400.24.103.1
* SUSE Linux Enterprise High Availability Extension 15 SP4 (nosrc)
* kernel-default-5.14.21-150400.24.103.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
nosrc)
* kernel-64kb-5.14.21-150400.24.103.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64)
* kernel-64kb-devel-debuginfo-5.14.21-150400.24.103.1
* kernel-64kb-debugsource-5.14.21-150400.24.103.1
* kernel-64kb-debuginfo-5.14.21-150400.24.103.1
* kernel-64kb-devel-5.14.21-150400.24.103.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 nosrc
x86_64)
* kernel-default-5.14.21-150400.24.103.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
x86_64)
* reiserfs-kmp-default-debuginfo-5.14.21-150400.24.103.1
* kernel-obs-build-5.14.21-150400.24.103.1
* kernel-default-debugsource-5.14.21-150400.24.103.1
* kernel-obs-build-debugsource-5.14.21-150400.24.103.1
* reiserfs-kmp-default-5.14.21-150400.24.103.1
* kernel-default-devel-5.14.21-150400.24.103.1
* kernel-syms-5.14.21-150400.24.103.1
* kernel-default-devel-debuginfo-5.14.21-150400.24.103.1
* kernel-default-debuginfo-5.14.21-150400.24.103.1
* kernel-default-base-5.14.21-150400.24.103.1.150400.24.48.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch)
* kernel-source-5.14.21-150400.24.103.1
* kernel-macros-5.14.21-150400.24.103.1
* kernel-devel-5.14.21-150400.24.103.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch nosrc)
* kernel-docs-5.14.21-150400.24.103.1
## References:
* https://www.suse.com/security/cve/CVE-2020-26555.html
* https://www.suse.com/security/cve/CVE-2023-51779.html
* https://www.suse.com/security/cve/CVE-2023-6121.html
* https://www.suse.com/security/cve/CVE-2023-6531.html
* https://www.suse.com/security/cve/CVE-2023-6546.html
* https://www.suse.com/security/cve/CVE-2023-6606.html
* https://www.suse.com/security/cve/CVE-2023-6610.html
* https://www.suse.com/security/cve/CVE-2023-6622.html
* https://www.suse.com/security/cve/CVE-2023-6931.html
* https://www.suse.com/security/cve/CVE-2023-6932.html
* https://bugzilla.suse.com/show_bug.cgi?id=1179610
* https://bugzilla.suse.com/show_bug.cgi?id=1183045
* https://bugzilla.suse.com/show_bug.cgi?id=1193285
* https://bugzilla.suse.com/show_bug.cgi?id=1211162
* https://bugzilla.suse.com/show_bug.cgi?id=1211226
* https://bugzilla.suse.com/show_bug.cgi?id=1212584
* https://bugzilla.suse.com/show_bug.cgi?id=1214747
* https://bugzilla.suse.com/show_bug.cgi?id=1214823
* https://bugzilla.suse.com/show_bug.cgi?id=1215237
* https://bugzilla.suse.com/show_bug.cgi?id=1215696
* https://bugzilla.suse.com/show_bug.cgi?id=1215885
* https://bugzilla.suse.com/show_bug.cgi?id=1216057
* https://bugzilla.suse.com/show_bug.cgi?id=1216559
* https://bugzilla.suse.com/show_bug.cgi?id=1216776
* https://bugzilla.suse.com/show_bug.cgi?id=1217036
* https://bugzilla.suse.com/show_bug.cgi?id=1217217
* https://bugzilla.suse.com/show_bug.cgi?id=1217250
* https://bugzilla.suse.com/show_bug.cgi?id=1217602
* https://bugzilla.suse.com/show_bug.cgi?id=1217692
* https://bugzilla.suse.com/show_bug.cgi?id=1217790
* https://bugzilla.suse.com/show_bug.cgi?id=1217801
* https://bugzilla.suse.com/show_bug.cgi?id=1217933
* https://bugzilla.suse.com/show_bug.cgi?id=1217938
* https://bugzilla.suse.com/show_bug.cgi?id=1217946
* https://bugzilla.suse.com/show_bug.cgi?id=1217947
* https://bugzilla.suse.com/show_bug.cgi?id=1217980
* https://bugzilla.suse.com/show_bug.cgi?id=1217981
* https://bugzilla.suse.com/show_bug.cgi?id=1217982
* https://bugzilla.suse.com/show_bug.cgi?id=1218056
* https://bugzilla.suse.com/show_bug.cgi?id=1218139
* https://bugzilla.suse.com/show_bug.cgi?id=1218184
* https://bugzilla.suse.com/show_bug.cgi?id=1218234
* https://bugzilla.suse.com/show_bug.cgi?id=1218253
* https://bugzilla.suse.com/show_bug.cgi?id=1218258
* https://bugzilla.suse.com/show_bug.cgi?id=1218335
* https://bugzilla.suse.com/show_bug.cgi?id=1218357
* https://bugzilla.suse.com/show_bug.cgi?id=1218447
* https://bugzilla.suse.com/show_bug.cgi?id=1218515
* https://bugzilla.suse.com/show_bug.cgi?id=1218559
* https://bugzilla.suse.com/show_bug.cgi?id=1218569
* https://bugzilla.suse.com/show_bug.cgi?id=1218659
* https://jira.suse.com/browse/PED-3459
* https://jira.suse.com/browse/PED-5021
* https://jira.suse.com/browse/PED-7322
1
0
SUSE-SU-2024:0157-1: moderate: Security update for libcryptopp
by OPENSUSE-SECURITY-UPDATES 18 Jan '24
by OPENSUSE-SECURITY-UPDATES 18 Jan '24
18 Jan '24
# Security update for libcryptopp
Announcement ID: SUSE-SU-2024:0157-1
Rating: moderate
References:
* bsc#1218222
Cross-References:
* CVE-2023-50981
CVSS scores:
* CVE-2023-50981 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2023-50981 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products:
* Basesystem Module 15-SP5
* openSUSE Leap 15.4
* openSUSE Leap 15.5
* SUSE Linux Enterprise Desktop 15 SP5
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Real Time 15 SP4
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
An update that solves one vulnerability can now be installed.
## Description:
This update for libcryptopp fixes the following issues:
* CVE-2023-50981: Fixed a potential denial of service issue via crafted DER
public key data (bsc#1218222).
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.4
zypper in -t patch SUSE-2024-157=1
* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2024-157=1
* Basesystem Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-157=1
* SUSE Linux Enterprise Real Time 15 SP4
zypper in -t patch SUSE-SLE-Product-RT-15-SP4-2024-157=1
## Package List:
* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
* libcryptopp8_6_0-debuginfo-8.6.0-150400.3.6.1
* libcryptopp8_6_0-8.6.0-150400.3.6.1
* libcryptopp-debugsource-8.6.0-150400.3.6.1
* libcryptopp-devel-8.6.0-150400.3.6.1
* openSUSE Leap 15.4 (x86_64)
* libcryptopp8_6_0-32bit-8.6.0-150400.3.6.1
* libcryptopp8_6_0-32bit-debuginfo-8.6.0-150400.3.6.1
* openSUSE Leap 15.4 (aarch64_ilp32)
* libcryptopp8_6_0-64bit-8.6.0-150400.3.6.1
* libcryptopp8_6_0-64bit-debuginfo-8.6.0-150400.3.6.1
* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64)
* libcryptopp8_6_0-debuginfo-8.6.0-150400.3.6.1
* libcryptopp8_6_0-8.6.0-150400.3.6.1
* libcryptopp-debugsource-8.6.0-150400.3.6.1
* libcryptopp-devel-8.6.0-150400.3.6.1
* openSUSE Leap 15.5 (x86_64)
* libcryptopp8_6_0-32bit-8.6.0-150400.3.6.1
* libcryptopp8_6_0-32bit-debuginfo-8.6.0-150400.3.6.1
* Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* libcryptopp8_6_0-debuginfo-8.6.0-150400.3.6.1
* libcryptopp8_6_0-8.6.0-150400.3.6.1
* libcryptopp-debugsource-8.6.0-150400.3.6.1
* libcryptopp-devel-8.6.0-150400.3.6.1
* SUSE Linux Enterprise Real Time 15 SP4 (x86_64)
* libcryptopp8_6_0-debuginfo-8.6.0-150400.3.6.1
* libcryptopp8_6_0-8.6.0-150400.3.6.1
* libcryptopp-debugsource-8.6.0-150400.3.6.1
* libcryptopp-devel-8.6.0-150400.3.6.1
## References:
* https://www.suse.com/security/cve/CVE-2023-50981.html
* https://bugzilla.suse.com/show_bug.cgi?id=1218222
1
0
openSUSE-SU-2024:0023-1: moderate: Security update for libuev
by opensuse-security@opensuse.org 18 Jan '24
by opensuse-security@opensuse.org 18 Jan '24
18 Jan '24
openSUSE Security Update: Security update for libuev
______________________________________________________________________________
Announcement ID: openSUSE-SU-2024:0023-1
Rating: moderate
References: #1218749
Cross-References: CVE-2022-48620
Affected Products:
openSUSE Backports SLE-15-SP5
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for libuev fixes the following issues:
- Update to 2.4.1:
* Update README with list of moden Linux APIs used
* Fix #27: possible buffer overrun in uev_run() boo#1218749
CVE-2022-48620
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Backports SLE-15-SP5:
zypper in -t patch openSUSE-2024-23=1
Package List:
- openSUSE Backports SLE-15-SP5 (aarch64 i586 ppc64le s390x x86_64):
libuev-devel-2.4.1-bp155.3.3.1
libuev3-2.4.1-bp155.3.3.1
References:
https://www.suse.com/security/cve/CVE-2022-48620.html
https://bugzilla.suse.com/1218749
1
0
18 Jan '24
# Security update for pam
Announcement ID: SUSE-SU-2024:0136-1
Rating: moderate
References:
* bsc#1217000
* bsc#1218475
Cross-References:
* CVE-2024-22365
CVSS scores:
* CVE-2024-22365 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Affected Products:
* Basesystem Module 15-SP5
* Development Tools Module 15-SP5
* openSUSE Leap 15.5
* openSUSE Leap Micro 5.3
* openSUSE Leap Micro 5.4
* SUSE CaaS Platform 4.0
* SUSE Enterprise Storage 7.1
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4
* SUSE Linux Enterprise Desktop 15 SP5
* SUSE Linux Enterprise High Performance Computing 15 SP1
* SUSE Linux Enterprise High Performance Computing 15 SP1 LTSS 15-SP1
* SUSE Linux Enterprise High Performance Computing 15 SP2
* SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2
* SUSE Linux Enterprise High Performance Computing 15 SP3
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP3
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise Micro 5.1
* SUSE Linux Enterprise Micro 5.2
* SUSE Linux Enterprise Micro 5.3
* SUSE Linux Enterprise Micro 5.4
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Micro for Rancher 5.2
* SUSE Linux Enterprise Micro for Rancher 5.3
* SUSE Linux Enterprise Micro for Rancher 5.4
* SUSE Linux Enterprise Real Time 15 SP4
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Server 15 SP1
* SUSE Linux Enterprise Server 15 SP1 LTSS 15-SP1
* SUSE Linux Enterprise Server 15 SP2
* SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2
* SUSE Linux Enterprise Server 15 SP3
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP1
* SUSE Linux Enterprise Server for SAP Applications 15 SP2
* SUSE Linux Enterprise Server for SAP Applications 15 SP3
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Manager Proxy 4.3
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Server 4.3
An update that solves one vulnerability and has one security fix can now be
installed.
## Description:
This update for pam fixes the following issues:
* CVE-2024-22365: Fixed a local denial of service during PAM login due to a
missing check during path manipulation (bsc#1218475).
* Check localtime_r() return value to fix crashing (bsc#1217000)
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* SUSE Linux Enterprise Micro for Rancher 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2024-136=1
* SUSE Linux Enterprise Micro 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2024-136=1
* SUSE Linux Enterprise Micro for Rancher 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2024-136=1
* SUSE Linux Enterprise Micro 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2024-136=1
* SUSE Linux Enterprise Micro 5.5
zypper in -t patch SUSE-SLE-Micro-5.5-2024-136=1
* Basesystem Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-136=1
* Development Tools Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2024-136=1
* SUSE Linux Enterprise High Performance Computing 15 SP1 LTSS 15-SP1
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-LTSS-2024-136=1
* SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-136=1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP3
zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-ESPOS-2024-136=1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-136=1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-136=1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-136=1
* SUSE Linux Enterprise Real Time 15 SP4
zypper in -t patch SUSE-SLE-Product-RT-15-SP4-2024-136=1
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4
zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-136=1
* SUSE Linux Enterprise Server 15 SP1 LTSS 15-SP1
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2024-136=1
* SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-136=1
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3
zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-136=1
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-136=1
* SUSE Linux Enterprise Server for SAP Applications 15 SP1
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2024-136=1
* SUSE Linux Enterprise Server for SAP Applications 15 SP2
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-136=1
* SUSE Linux Enterprise Server for SAP Applications 15 SP3
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-136=1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-136=1
* SUSE Manager Proxy 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-136=1
* SUSE Manager Retail Branch Server 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2024-136=1
* SUSE Manager Server 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-136=1
* SUSE Enterprise Storage 7.1
zypper in -t patch SUSE-Storage-7.1-2024-136=1
* SUSE CaaS Platform 4.0
To install this update, use the SUSE CaaS Platform 'skuba' tool. It will inform
you if it detects new updates and let you then trigger updating of the complete
cluster in a controlled way.
* SUSE Linux Enterprise Micro 5.1
zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-136=1
* SUSE Linux Enterprise Micro 5.2
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-136=1
* SUSE Linux Enterprise Micro for Rancher 5.2
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-136=1
* openSUSE Leap Micro 5.3
zypper in -t patch openSUSE-Leap-Micro-5.3-2024-136=1
* openSUSE Leap Micro 5.4
zypper in -t patch openSUSE-Leap-Micro-5.4-2024-136=1
* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2024-136=1
## Package List:
* SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
* pam-debugsource-1.3.0-150000.6.66.1
* pam-debuginfo-1.3.0-150000.6.66.1
* pam-1.3.0-150000.6.66.1
* SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
* pam-debugsource-1.3.0-150000.6.66.1
* pam-debuginfo-1.3.0-150000.6.66.1
* pam-1.3.0-150000.6.66.1
* SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
* pam-debugsource-1.3.0-150000.6.66.1
* pam-debuginfo-1.3.0-150000.6.66.1
* pam-1.3.0-150000.6.66.1
* SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
* pam-debugsource-1.3.0-150000.6.66.1
* pam-debuginfo-1.3.0-150000.6.66.1
* pam-1.3.0-150000.6.66.1
* SUSE Linux Enterprise Micro 5.5 (aarch64 s390x x86_64)
* pam-debugsource-1.3.0-150000.6.66.1
* pam-debuginfo-1.3.0-150000.6.66.1
* pam-1.3.0-150000.6.66.1
* Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* pam-devel-1.3.0-150000.6.66.1
* pam-debugsource-1.3.0-150000.6.66.1
* pam-extra-debuginfo-1.3.0-150000.6.66.1
* pam-extra-1.3.0-150000.6.66.1
* pam-1.3.0-150000.6.66.1
* pam-debuginfo-1.3.0-150000.6.66.1
* Basesystem Module 15-SP5 (noarch)
* pam-doc-1.3.0-150000.6.66.1
* Basesystem Module 15-SP5 (x86_64)
* pam-extra-32bit-1.3.0-150000.6.66.1
* pam-32bit-debuginfo-1.3.0-150000.6.66.1
* pam-32bit-1.3.0-150000.6.66.1
* pam-extra-32bit-debuginfo-1.3.0-150000.6.66.1
* Development Tools Module 15-SP5 (x86_64)
* pam-devel-32bit-1.3.0-150000.6.66.1
* pam-32bit-debuginfo-1.3.0-150000.6.66.1
* SUSE Linux Enterprise High Performance Computing 15 SP1 LTSS 15-SP1 (aarch64
x86_64)
* pam-devel-1.3.0-150000.6.66.1
* pam-debugsource-1.3.0-150000.6.66.1
* pam-extra-debuginfo-1.3.0-150000.6.66.1
* pam-extra-1.3.0-150000.6.66.1
* pam-1.3.0-150000.6.66.1
* pam-debuginfo-1.3.0-150000.6.66.1
* SUSE Linux Enterprise High Performance Computing 15 SP1 LTSS 15-SP1 (noarch)
* pam-doc-1.3.0-150000.6.66.1
* SUSE Linux Enterprise High Performance Computing 15 SP1 LTSS 15-SP1 (x86_64)
* pam-devel-32bit-1.3.0-150000.6.66.1
* pam-32bit-debuginfo-1.3.0-150000.6.66.1
* pam-32bit-1.3.0-150000.6.66.1
* pam-extra-32bit-1.3.0-150000.6.66.1
* pam-extra-32bit-debuginfo-1.3.0-150000.6.66.1
* SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64
x86_64)
* pam-devel-1.3.0-150000.6.66.1
* pam-debugsource-1.3.0-150000.6.66.1
* pam-extra-debuginfo-1.3.0-150000.6.66.1
* pam-extra-1.3.0-150000.6.66.1
* pam-1.3.0-150000.6.66.1
* pam-debuginfo-1.3.0-150000.6.66.1
* SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (noarch)
* pam-doc-1.3.0-150000.6.66.1
* SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (x86_64)
* pam-devel-32bit-1.3.0-150000.6.66.1
* pam-32bit-debuginfo-1.3.0-150000.6.66.1
* pam-32bit-1.3.0-150000.6.66.1
* pam-extra-32bit-1.3.0-150000.6.66.1
* pam-extra-32bit-debuginfo-1.3.0-150000.6.66.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP3 (aarch64
x86_64)
* pam-devel-1.3.0-150000.6.66.1
* pam-debugsource-1.3.0-150000.6.66.1
* pam-extra-debuginfo-1.3.0-150000.6.66.1
* pam-extra-1.3.0-150000.6.66.1
* pam-1.3.0-150000.6.66.1
* pam-debuginfo-1.3.0-150000.6.66.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP3 (noarch)
* pam-doc-1.3.0-150000.6.66.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP3 (x86_64)
* pam-devel-32bit-1.3.0-150000.6.66.1
* pam-32bit-debuginfo-1.3.0-150000.6.66.1
* pam-32bit-1.3.0-150000.6.66.1
* pam-extra-32bit-1.3.0-150000.6.66.1
* pam-extra-32bit-debuginfo-1.3.0-150000.6.66.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
x86_64)
* pam-devel-1.3.0-150000.6.66.1
* pam-debugsource-1.3.0-150000.6.66.1
* pam-extra-debuginfo-1.3.0-150000.6.66.1
* pam-extra-1.3.0-150000.6.66.1
* pam-1.3.0-150000.6.66.1
* pam-debuginfo-1.3.0-150000.6.66.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch)
* pam-doc-1.3.0-150000.6.66.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (x86_64)
* pam-devel-32bit-1.3.0-150000.6.66.1
* pam-32bit-debuginfo-1.3.0-150000.6.66.1
* pam-32bit-1.3.0-150000.6.66.1
* pam-extra-32bit-1.3.0-150000.6.66.1
* pam-extra-32bit-debuginfo-1.3.0-150000.6.66.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
x86_64)
* pam-devel-1.3.0-150000.6.66.1
* pam-debugsource-1.3.0-150000.6.66.1
* pam-extra-debuginfo-1.3.0-150000.6.66.1
* pam-extra-1.3.0-150000.6.66.1
* pam-1.3.0-150000.6.66.1
* pam-debuginfo-1.3.0-150000.6.66.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch)
* pam-doc-1.3.0-150000.6.66.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64)
* pam-devel-32bit-1.3.0-150000.6.66.1
* pam-32bit-debuginfo-1.3.0-150000.6.66.1
* pam-32bit-1.3.0-150000.6.66.1
* pam-extra-32bit-1.3.0-150000.6.66.1
* pam-extra-32bit-debuginfo-1.3.0-150000.6.66.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
x86_64)
* pam-devel-1.3.0-150000.6.66.1
* pam-debugsource-1.3.0-150000.6.66.1
* pam-extra-debuginfo-1.3.0-150000.6.66.1
* pam-extra-1.3.0-150000.6.66.1
* pam-1.3.0-150000.6.66.1
* pam-debuginfo-1.3.0-150000.6.66.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch)
* pam-doc-1.3.0-150000.6.66.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64)
* pam-devel-32bit-1.3.0-150000.6.66.1
* pam-32bit-debuginfo-1.3.0-150000.6.66.1
* pam-32bit-1.3.0-150000.6.66.1
* pam-extra-32bit-1.3.0-150000.6.66.1
* pam-extra-32bit-debuginfo-1.3.0-150000.6.66.1
* SUSE Linux Enterprise Real Time 15 SP4 (x86_64)
* pam-devel-32bit-1.3.0-150000.6.66.1
* pam-32bit-debuginfo-1.3.0-150000.6.66.1
* pam-devel-1.3.0-150000.6.66.1
* pam-debugsource-1.3.0-150000.6.66.1
* pam-extra-debuginfo-1.3.0-150000.6.66.1
* pam-extra-1.3.0-150000.6.66.1
* pam-32bit-1.3.0-150000.6.66.1
* pam-1.3.0-150000.6.66.1
* pam-extra-32bit-1.3.0-150000.6.66.1
* pam-debuginfo-1.3.0-150000.6.66.1
* pam-extra-32bit-debuginfo-1.3.0-150000.6.66.1
* SUSE Linux Enterprise Real Time 15 SP4 (noarch)
* pam-doc-1.3.0-150000.6.66.1
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64)
* pam-devel-32bit-1.3.0-150000.6.66.1
* pam-32bit-debuginfo-1.3.0-150000.6.66.1
* pam-devel-1.3.0-150000.6.66.1
* pam-debugsource-1.3.0-150000.6.66.1
* pam-extra-debuginfo-1.3.0-150000.6.66.1
* pam-extra-1.3.0-150000.6.66.1
* pam-32bit-1.3.0-150000.6.66.1
* pam-1.3.0-150000.6.66.1
* pam-extra-32bit-1.3.0-150000.6.66.1
* pam-debuginfo-1.3.0-150000.6.66.1
* pam-extra-32bit-debuginfo-1.3.0-150000.6.66.1
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (noarch)
* pam-doc-1.3.0-150000.6.66.1
* SUSE Linux Enterprise Server 15 SP1 LTSS 15-SP1 (aarch64 ppc64le s390x
x86_64)
* pam-devel-1.3.0-150000.6.66.1
* pam-debugsource-1.3.0-150000.6.66.1
* pam-extra-debuginfo-1.3.0-150000.6.66.1
* pam-extra-1.3.0-150000.6.66.1
* pam-1.3.0-150000.6.66.1
* pam-debuginfo-1.3.0-150000.6.66.1
* SUSE Linux Enterprise Server 15 SP1 LTSS 15-SP1 (noarch)
* pam-doc-1.3.0-150000.6.66.1
* SUSE Linux Enterprise Server 15 SP1 LTSS 15-SP1 (x86_64)
* pam-devel-32bit-1.3.0-150000.6.66.1
* pam-32bit-debuginfo-1.3.0-150000.6.66.1
* pam-32bit-1.3.0-150000.6.66.1
* pam-extra-32bit-1.3.0-150000.6.66.1
* pam-extra-32bit-debuginfo-1.3.0-150000.6.66.1
* SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x
x86_64)
* pam-devel-1.3.0-150000.6.66.1
* pam-debugsource-1.3.0-150000.6.66.1
* pam-extra-debuginfo-1.3.0-150000.6.66.1
* pam-extra-1.3.0-150000.6.66.1
* pam-1.3.0-150000.6.66.1
* pam-debuginfo-1.3.0-150000.6.66.1
* SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (noarch)
* pam-doc-1.3.0-150000.6.66.1
* SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (x86_64)
* pam-devel-32bit-1.3.0-150000.6.66.1
* pam-32bit-debuginfo-1.3.0-150000.6.66.1
* pam-32bit-1.3.0-150000.6.66.1
* pam-extra-32bit-1.3.0-150000.6.66.1
* pam-extra-32bit-debuginfo-1.3.0-150000.6.66.1
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x
x86_64)
* pam-devel-1.3.0-150000.6.66.1
* pam-debugsource-1.3.0-150000.6.66.1
* pam-extra-debuginfo-1.3.0-150000.6.66.1
* pam-extra-1.3.0-150000.6.66.1
* pam-1.3.0-150000.6.66.1
* pam-debuginfo-1.3.0-150000.6.66.1
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch)
* pam-doc-1.3.0-150000.6.66.1
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (x86_64)
* pam-devel-32bit-1.3.0-150000.6.66.1
* pam-32bit-debuginfo-1.3.0-150000.6.66.1
* pam-32bit-1.3.0-150000.6.66.1
* pam-extra-32bit-1.3.0-150000.6.66.1
* pam-extra-32bit-debuginfo-1.3.0-150000.6.66.1
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x
x86_64)
* pam-devel-1.3.0-150000.6.66.1
* pam-debugsource-1.3.0-150000.6.66.1
* pam-extra-debuginfo-1.3.0-150000.6.66.1
* pam-extra-1.3.0-150000.6.66.1
* pam-1.3.0-150000.6.66.1
* pam-debuginfo-1.3.0-150000.6.66.1
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch)
* pam-doc-1.3.0-150000.6.66.1
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (x86_64)
* pam-devel-32bit-1.3.0-150000.6.66.1
* pam-32bit-debuginfo-1.3.0-150000.6.66.1
* pam-32bit-1.3.0-150000.6.66.1
* pam-extra-32bit-1.3.0-150000.6.66.1
* pam-extra-32bit-debuginfo-1.3.0-150000.6.66.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP1 (ppc64le x86_64)
* pam-devel-1.3.0-150000.6.66.1
* pam-debugsource-1.3.0-150000.6.66.1
* pam-extra-debuginfo-1.3.0-150000.6.66.1
* pam-extra-1.3.0-150000.6.66.1
* pam-1.3.0-150000.6.66.1
* pam-debuginfo-1.3.0-150000.6.66.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP1 (noarch)
* pam-doc-1.3.0-150000.6.66.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP1 (x86_64)
* pam-devel-32bit-1.3.0-150000.6.66.1
* pam-32bit-debuginfo-1.3.0-150000.6.66.1
* pam-32bit-1.3.0-150000.6.66.1
* pam-extra-32bit-1.3.0-150000.6.66.1
* pam-extra-32bit-debuginfo-1.3.0-150000.6.66.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64)
* pam-devel-1.3.0-150000.6.66.1
* pam-debugsource-1.3.0-150000.6.66.1
* pam-extra-debuginfo-1.3.0-150000.6.66.1
* pam-extra-1.3.0-150000.6.66.1
* pam-1.3.0-150000.6.66.1
* pam-debuginfo-1.3.0-150000.6.66.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP2 (noarch)
* pam-doc-1.3.0-150000.6.66.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP2 (x86_64)
* pam-devel-32bit-1.3.0-150000.6.66.1
* pam-32bit-debuginfo-1.3.0-150000.6.66.1
* pam-32bit-1.3.0-150000.6.66.1
* pam-extra-32bit-1.3.0-150000.6.66.1
* pam-extra-32bit-debuginfo-1.3.0-150000.6.66.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
* pam-devel-1.3.0-150000.6.66.1
* pam-debugsource-1.3.0-150000.6.66.1
* pam-extra-debuginfo-1.3.0-150000.6.66.1
* pam-extra-1.3.0-150000.6.66.1
* pam-1.3.0-150000.6.66.1
* pam-debuginfo-1.3.0-150000.6.66.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch)
* pam-doc-1.3.0-150000.6.66.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP3 (x86_64)
* pam-devel-32bit-1.3.0-150000.6.66.1
* pam-32bit-debuginfo-1.3.0-150000.6.66.1
* pam-32bit-1.3.0-150000.6.66.1
* pam-extra-32bit-1.3.0-150000.6.66.1
* pam-extra-32bit-debuginfo-1.3.0-150000.6.66.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
* pam-devel-1.3.0-150000.6.66.1
* pam-debugsource-1.3.0-150000.6.66.1
* pam-extra-debuginfo-1.3.0-150000.6.66.1
* pam-extra-1.3.0-150000.6.66.1
* pam-1.3.0-150000.6.66.1
* pam-debuginfo-1.3.0-150000.6.66.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch)
* pam-doc-1.3.0-150000.6.66.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64)
* pam-devel-32bit-1.3.0-150000.6.66.1
* pam-32bit-debuginfo-1.3.0-150000.6.66.1
* pam-32bit-1.3.0-150000.6.66.1
* pam-extra-32bit-1.3.0-150000.6.66.1
* pam-extra-32bit-debuginfo-1.3.0-150000.6.66.1
* SUSE Manager Proxy 4.3 (x86_64)
* pam-32bit-debuginfo-1.3.0-150000.6.66.1
* pam-devel-1.3.0-150000.6.66.1
* pam-debugsource-1.3.0-150000.6.66.1
* pam-extra-debuginfo-1.3.0-150000.6.66.1
* pam-extra-1.3.0-150000.6.66.1
* pam-32bit-1.3.0-150000.6.66.1
* pam-1.3.0-150000.6.66.1
* pam-extra-32bit-1.3.0-150000.6.66.1
* pam-debuginfo-1.3.0-150000.6.66.1
* pam-extra-32bit-debuginfo-1.3.0-150000.6.66.1
* SUSE Manager Proxy 4.3 (noarch)
* pam-doc-1.3.0-150000.6.66.1
* SUSE Manager Retail Branch Server 4.3 (x86_64)
* pam-32bit-debuginfo-1.3.0-150000.6.66.1
* pam-devel-1.3.0-150000.6.66.1
* pam-debugsource-1.3.0-150000.6.66.1
* pam-extra-debuginfo-1.3.0-150000.6.66.1
* pam-extra-1.3.0-150000.6.66.1
* pam-32bit-1.3.0-150000.6.66.1
* pam-1.3.0-150000.6.66.1
* pam-extra-32bit-1.3.0-150000.6.66.1
* pam-debuginfo-1.3.0-150000.6.66.1
* pam-extra-32bit-debuginfo-1.3.0-150000.6.66.1
* SUSE Manager Retail Branch Server 4.3 (noarch)
* pam-doc-1.3.0-150000.6.66.1
* SUSE Manager Server 4.3 (ppc64le s390x x86_64)
* pam-devel-1.3.0-150000.6.66.1
* pam-debugsource-1.3.0-150000.6.66.1
* pam-extra-debuginfo-1.3.0-150000.6.66.1
* pam-extra-1.3.0-150000.6.66.1
* pam-1.3.0-150000.6.66.1
* pam-debuginfo-1.3.0-150000.6.66.1
* SUSE Manager Server 4.3 (noarch)
* pam-doc-1.3.0-150000.6.66.1
* SUSE Manager Server 4.3 (x86_64)
* pam-extra-32bit-1.3.0-150000.6.66.1
* pam-32bit-debuginfo-1.3.0-150000.6.66.1
* pam-32bit-1.3.0-150000.6.66.1
* pam-extra-32bit-debuginfo-1.3.0-150000.6.66.1
* SUSE Enterprise Storage 7.1 (aarch64 x86_64)
* pam-devel-1.3.0-150000.6.66.1
* pam-debugsource-1.3.0-150000.6.66.1
* pam-extra-debuginfo-1.3.0-150000.6.66.1
* pam-extra-1.3.0-150000.6.66.1
* pam-1.3.0-150000.6.66.1
* pam-debuginfo-1.3.0-150000.6.66.1
* SUSE Enterprise Storage 7.1 (noarch)
* pam-doc-1.3.0-150000.6.66.1
* SUSE Enterprise Storage 7.1 (x86_64)
* pam-devel-32bit-1.3.0-150000.6.66.1
* pam-32bit-debuginfo-1.3.0-150000.6.66.1
* pam-32bit-1.3.0-150000.6.66.1
* pam-extra-32bit-1.3.0-150000.6.66.1
* pam-extra-32bit-debuginfo-1.3.0-150000.6.66.1
* SUSE CaaS Platform 4.0 (x86_64)
* pam-devel-32bit-1.3.0-150000.6.66.1
* pam-32bit-debuginfo-1.3.0-150000.6.66.1
* pam-devel-1.3.0-150000.6.66.1
* pam-debugsource-1.3.0-150000.6.66.1
* pam-extra-debuginfo-1.3.0-150000.6.66.1
* pam-32bit-1.3.0-150000.6.66.1
* pam-extra-1.3.0-150000.6.66.1
* pam-1.3.0-150000.6.66.1
* pam-extra-32bit-1.3.0-150000.6.66.1
* pam-debuginfo-1.3.0-150000.6.66.1
* pam-extra-32bit-debuginfo-1.3.0-150000.6.66.1
* SUSE CaaS Platform 4.0 (noarch)
* pam-doc-1.3.0-150000.6.66.1
* SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64)
* pam-debugsource-1.3.0-150000.6.66.1
* pam-debuginfo-1.3.0-150000.6.66.1
* pam-1.3.0-150000.6.66.1
* SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64)
* pam-debugsource-1.3.0-150000.6.66.1
* pam-debuginfo-1.3.0-150000.6.66.1
* pam-1.3.0-150000.6.66.1
* SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64)
* pam-debugsource-1.3.0-150000.6.66.1
* pam-debuginfo-1.3.0-150000.6.66.1
* pam-1.3.0-150000.6.66.1
* openSUSE Leap Micro 5.3 (aarch64 x86_64)
* pam-debugsource-1.3.0-150000.6.66.1
* pam-debuginfo-1.3.0-150000.6.66.1
* pam-1.3.0-150000.6.66.1
* openSUSE Leap Micro 5.4 (aarch64 s390x x86_64)
* pam-debugsource-1.3.0-150000.6.66.1
* pam-debuginfo-1.3.0-150000.6.66.1
* pam-1.3.0-150000.6.66.1
* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64)
* pam-devel-1.3.0-150000.6.66.1
* pam-debugsource-1.3.0-150000.6.66.1
* pam-extra-debuginfo-1.3.0-150000.6.66.1
* pam-extra-1.3.0-150000.6.66.1
* pam-1.3.0-150000.6.66.1
* pam-debuginfo-1.3.0-150000.6.66.1
* openSUSE Leap 15.5 (x86_64)
* pam-devel-32bit-1.3.0-150000.6.66.1
* pam-32bit-debuginfo-1.3.0-150000.6.66.1
* pam-32bit-1.3.0-150000.6.66.1
* pam-extra-32bit-1.3.0-150000.6.66.1
* pam-extra-32bit-debuginfo-1.3.0-150000.6.66.1
* openSUSE Leap 15.5 (noarch)
* pam-doc-1.3.0-150000.6.66.1
## References:
* https://www.suse.com/security/cve/CVE-2024-22365.html
* https://bugzilla.suse.com/show_bug.cgi?id=1217000
* https://bugzilla.suse.com/show_bug.cgi?id=1218475
1
0
SUSE-SU-2024:0129-1: important: Security update for the Linux Kernel
by OPENSUSE-SECURITY-UPDATES 16 Jan '24
by OPENSUSE-SECURITY-UPDATES 16 Jan '24
16 Jan '24
# Security update for the Linux Kernel
Announcement ID: SUSE-SU-2024:0129-1
Rating: important
References:
* bsc#1179610
* bsc#1183045
* bsc#1193285
* bsc#1211162
* bsc#1211226
* bsc#1212584
* bsc#1214747
* bsc#1214823
* bsc#1215237
* bsc#1215696
* bsc#1215885
* bsc#1216057
* bsc#1216559
* bsc#1216776
* bsc#1217036
* bsc#1217217
* bsc#1217250
* bsc#1217602
* bsc#1217692
* bsc#1217790
* bsc#1217801
* bsc#1217933
* bsc#1217938
* bsc#1217946
* bsc#1217947
* bsc#1217980
* bsc#1217981
* bsc#1217982
* bsc#1218056
* bsc#1218139
* bsc#1218184
* bsc#1218234
* bsc#1218253
* bsc#1218258
* bsc#1218335
* bsc#1218357
* bsc#1218447
* bsc#1218515
* bsc#1218559
* bsc#1218569
* bsc#1218659
* jsc#PED-3459
* jsc#PED-5021
* jsc#PED-7322
Cross-References:
* CVE-2020-26555
* CVE-2023-51779
* CVE-2023-6121
* CVE-2023-6531
* CVE-2023-6546
* CVE-2023-6606
* CVE-2023-6610
* CVE-2023-6622
* CVE-2023-6931
* CVE-2023-6932
CVSS scores:
* CVE-2020-26555 ( SUSE ): 5.4 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
* CVE-2020-26555 ( NVD ): 5.4 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
* CVE-2023-51779 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-6121 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
* CVE-2023-6121 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
* CVE-2023-6531 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-6546 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-6546 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-6606 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
* CVE-2023-6606 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
* CVE-2023-6610 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
* CVE-2023-6610 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
* CVE-2023-6622 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-6622 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-6931 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-6931 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-6932 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-6932 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products:
* openSUSE Leap Micro 5.3
* openSUSE Leap Micro 5.4
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise Live Patching 15-SP4
* SUSE Linux Enterprise Micro 5.3
* SUSE Linux Enterprise Micro 5.4
* SUSE Linux Enterprise Micro for Rancher 5.3
* SUSE Linux Enterprise Micro for Rancher 5.4
* SUSE Linux Enterprise Real Time 15 SP4
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Real Time Module 15-SP4
An update that solves 10 vulnerabilities, contains three features and has 31
security fixes can now be installed.
## Description:
The SUSE Linux Enterprise 15 SP4 RT kernel was updated to receive various
security bugfixes.
The following security bugs were fixed:
* CVE-2023-6531: Fixed a use-after-free flaw due to a race problem in the unix
garbage collector's deletion of SKB races with unix_stream_read_generic() on
the socket that the SKB is queued on (bsc#1218447).
* CVE-2023-6610: Fixed an out of bounds read in the SMB client when printing
debug information (bsc#1217946).
* CVE-2023-51779: Fixed a use-after-free because of a bt_sock_ioctl race
condition in bt_sock_recvmsg (bsc#1218559).
* CVE-2020-26555: Fixed an issue during BR/EDR PIN code pairing in the
Bluetooth subsystem that would allow replay attacks (bsc#1179610
bsc#1215237).
* CVE-2023-6606: Fixed an out of bounds read in the SMB client when receiving
a malformed length from a server (bsc#1217947).
* CVE-2023-6546: Fixed a race condition in the GSM 0710 tty multiplexor via
the GSMIOC_SETCONF ioctl that could lead to local privilege escalation
(bsc#1218335).
* CVE-2023-6931: Fixed a heap out-of-bounds write vulnerability in the Linux
kernel's Performance Events system component that could lead to local
privilege escalation. (bsc#1218258).
* CVE-2023-6932: Fixed a use-after-free vulnerability in the Linux kernel's
ipv4: igmp component that could lead to local privilege escalation
(bsc#1218253).
* CVE-2023-6622: Fixed a null pointer dereference vulnerability in
nft_dynset_init() that could allow a local attacker with CAP_NET_ADMIN user
privilege to trigger a denial of service (bsc#1217938).
* CVE-2023-6121: Fixed an information leak via dmesg when receiving a crafted
packet in the NVMe-oF/TCP subsystem (bsc#1217250).
The following non-security bugs were fixed:
* Reviewed and added more information to README.SUSE (jsc#PED-5021).
* Build in the correct KOTD repository with multibuild (JSC-SLE#5501,
boo#1211226, bsc#1218184) With multibuild setting repository flags is no
longer supported for individual spec files - see
https://github.com/openSUSE/open-build-service/issues/3574 Add ExclusiveArch
conditional that depends on a macro set up by bs-upload-kernel instead. With
that each package should build only in one repository - either standard or
QA. Note: bs-upload-kernel does not interpret rpm conditionals, and only
uses the first ExclusiveArch line to determine the architectures to enable.
* KVM: s390/mm: Properly reset no-dat (bsc#1218056).
* KVM: s390: vsie: fix wrong VIR 37 when MSO is used (bsc#1217933).
* KVM: x86: Mask LVTPC when handling a PMI (jsc#PED-7322).
* NFS: Fix O_DIRECT locking issues (bsc#1211162).
* NFS: Fix a few more clear_bit() instances that need release semantics
(bsc#1211162).
* NFS: Fix a potential data corruption (bsc#1211162).
* NFS: Fix a use after free in nfs_direct_join_group() (bsc#1211162).
* NFS: Fix error handling for O_DIRECT write scheduling (bsc#1211162).
* NFS: More O_DIRECT accounting fixes for error paths (bsc#1211162).
* NFS: More fixes for nfs_direct_write_reschedule_io() (bsc#1211162).
* NFS: Use the correct commit info in nfs_join_page_group() (bsc#1211162).
* NLM: Defend against file_lock changes after vfs_test_lock() (bsc#1217692).
* Updated SPI patches for NVIDIA Grace enablement (bsc#1212584, jsc#PED-3459).
* block: fix revalidate performance regression (bsc#1216057).
* bpf: Adjust insufficient default bpf_jit_limit (bsc#1218234).
* ceph: fix incorrect revoked caps assert in ceph_fill_file_size()
(bsc#1217980).
* ceph: fix type promotion bug on 32bit systems (bsc#1217982).
* clocksource: Add a Kconfig option for WATCHDOG_MAX_SKEW (bsc#1215885
bsc#1217217).
* clocksource: Enable TSC watchdog checking of HPET and PMTMR only when
requested (bsc#1215885 bsc#1217217).
* clocksource: Handle negative skews in "skew is too large" messages
(bsc#1215885 bsc#1217217).
* clocksource: Improve "skew is too large" messages (bsc#1215885 bsc#1217217).
* clocksource: Improve read-back-delay message (bsc#1215885 bsc#1217217).
* clocksource: Loosen clocksource watchdog constraints (bsc#1215885
bsc#1217217).
* clocksource: Print clocksource name when clocksource is tested unstable
(bsc#1215885 bsc#1217217).
* clocksource: Verify HPET and PMTMR when TSC unverified (bsc#1215885
bsc#1217217).
* dm_blk_ioctl: implement path failover for SG_IO (bsc#1183045, bsc#1216776).
* fuse: dax: set fc->dax to NULL in fuse_dax_conn_free() (bsc#1218659).
* kabi/severities: ignore kABI for asus-wmi drivers Tolerate the kABI changes,
as used only locally for asus-wmi stuff
* libceph: use kernel_connect() (bsc#1217981).
* mkspec: Add multibuild support (JSC-SLE#5501, boo#1211226, bsc#1218184) When
MULTIBUILD option in config.sh is enabled generate a _multibuild file
listing all spec files.
* mm: kmem: drop __GFP_NOFAIL when allocating objcg vectors (bsc#1218515).
* net/smc: Fix pos miscalculation in statistics (bsc#1218139).
* net/tg3: fix race condition in tg3_reset_task() (bsc#1217801).
* nfs: only issue commit in DIO codepath if we have uncommitted data
(bsc#1211162).
* remove unnecessary WARN_ON_ONCE() (bsc#1214823 bsc#1218569).
* s390/vx: fix save/restore of fpu kernel context (bsc#1218357).
* scsi: lpfc: use unsigned type for num_sge (bsc#1214747).
* swiotlb: fix a braino in the alignment check fix (bsc#1216559).
* swiotlb: fix slot alignment checks (bsc#1216559).
* tracing: Disable preemption when using the filter buffer (bsc#1217036).
* tracing: Fix a possible race when disabling buffered events (bsc#1217036).
* tracing: Fix a warning when allocating buffered events fails (bsc#1217036).
* tracing: Fix incomplete locking when disabling buffered events
(bsc#1217036).
* tracing: Fix warning in trace_buffered_event_disable() (bsc#1217036).
* tracing: Use __this_cpu_read() in trace_event_buffer_lock_reserver()
(bsc#1217036).
* uapi: propagate __struct_group() attributes to the container union
(jsc#SLE-18978).
* vsprintf/kallsyms: Prevent invalid data when printing symbol (bsc#1217602).
* x86/entry/ia32: Ensure s32 is sign extended to s64 (bsc#1193285).
* x86/platform/uv: Use alternate source for socket to node data (bsc#1215696
bsc#1217790).
* x86/tsc: Add option to force frequency recalibration with HW timer
(bsc#1215885 bsc#1217217).
* x86/tsc: Be consistent about use_tsc_delay() (bsc#1215885 bsc#1217217).
* x86/tsc: Extend watchdog check exemption to 4-Sockets platform (bsc#1215885
bsc#1217217).
## Special Instructions and Notes:
* Please reboot the system after installing this update.
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* SUSE Real Time Module 15-SP4
zypper in -t patch SUSE-SLE-Module-RT-15-SP4-2024-129=1
* openSUSE Leap Micro 5.3
zypper in -t patch openSUSE-Leap-Micro-5.3-2024-129=1
* openSUSE Leap Micro 5.4
zypper in -t patch openSUSE-Leap-Micro-5.4-2024-129=1
* SUSE Linux Enterprise Micro for Rancher 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2024-129=1
* SUSE Linux Enterprise Micro 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2024-129=1
* SUSE Linux Enterprise Micro for Rancher 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2024-129=1
* SUSE Linux Enterprise Micro 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2024-129=1
* SUSE Linux Enterprise Live Patching 15-SP4
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2024-129=1
## Package List:
* SUSE Real Time Module 15-SP4 (x86_64)
* kernel-rt-devel-debuginfo-5.14.21-150400.15.65.1
* kernel-rt-debuginfo-5.14.21-150400.15.65.1
* kernel-rt_debug-debuginfo-5.14.21-150400.15.65.1
* gfs2-kmp-rt-debuginfo-5.14.21-150400.15.65.1
* kernel-rt_debug-devel-5.14.21-150400.15.65.1
* cluster-md-kmp-rt-5.14.21-150400.15.65.1
* dlm-kmp-rt-debuginfo-5.14.21-150400.15.65.1
* kernel-rt-devel-5.14.21-150400.15.65.1
* ocfs2-kmp-rt-debuginfo-5.14.21-150400.15.65.1
* cluster-md-kmp-rt-debuginfo-5.14.21-150400.15.65.1
* kernel-syms-rt-5.14.21-150400.15.65.1
* ocfs2-kmp-rt-5.14.21-150400.15.65.1
* dlm-kmp-rt-5.14.21-150400.15.65.1
* kernel-rt_debug-debugsource-5.14.21-150400.15.65.1
* kernel-rt_debug-devel-debuginfo-5.14.21-150400.15.65.1
* kernel-rt-debugsource-5.14.21-150400.15.65.1
* gfs2-kmp-rt-5.14.21-150400.15.65.1
* SUSE Real Time Module 15-SP4 (noarch)
* kernel-devel-rt-5.14.21-150400.15.65.1
* kernel-source-rt-5.14.21-150400.15.65.1
* SUSE Real Time Module 15-SP4 (nosrc x86_64)
* kernel-rt_debug-5.14.21-150400.15.65.1
* kernel-rt-5.14.21-150400.15.65.1
* openSUSE Leap Micro 5.3 (nosrc x86_64)
* kernel-rt-5.14.21-150400.15.65.1
* openSUSE Leap Micro 5.3 (x86_64)
* kernel-rt-debuginfo-5.14.21-150400.15.65.1
* kernel-rt-debugsource-5.14.21-150400.15.65.1
* openSUSE Leap Micro 5.4 (nosrc x86_64)
* kernel-rt-5.14.21-150400.15.65.1
* openSUSE Leap Micro 5.4 (x86_64)
* kernel-rt-debuginfo-5.14.21-150400.15.65.1
* kernel-rt-debugsource-5.14.21-150400.15.65.1
* SUSE Linux Enterprise Micro for Rancher 5.3 (nosrc x86_64)
* kernel-rt-5.14.21-150400.15.65.1
* SUSE Linux Enterprise Micro for Rancher 5.3 (x86_64)
* kernel-rt-debuginfo-5.14.21-150400.15.65.1
* kernel-rt-debugsource-5.14.21-150400.15.65.1
* SUSE Linux Enterprise Micro 5.3 (nosrc x86_64)
* kernel-rt-5.14.21-150400.15.65.1
* SUSE Linux Enterprise Micro 5.3 (x86_64)
* kernel-rt-debuginfo-5.14.21-150400.15.65.1
* kernel-rt-debugsource-5.14.21-150400.15.65.1
* SUSE Linux Enterprise Micro for Rancher 5.4 (nosrc x86_64)
* kernel-rt-5.14.21-150400.15.65.1
* SUSE Linux Enterprise Micro for Rancher 5.4 (x86_64)
* kernel-rt-debuginfo-5.14.21-150400.15.65.1
* kernel-rt-debugsource-5.14.21-150400.15.65.1
* SUSE Linux Enterprise Micro 5.4 (nosrc x86_64)
* kernel-rt-5.14.21-150400.15.65.1
* SUSE Linux Enterprise Micro 5.4 (x86_64)
* kernel-rt-debuginfo-5.14.21-150400.15.65.1
* kernel-rt-debugsource-5.14.21-150400.15.65.1
* SUSE Linux Enterprise Live Patching 15-SP4 (x86_64)
* kernel-livepatch-SLE15-SP4-RT_Update_17-debugsource-1-150400.1.3.1
* kernel-livepatch-5_14_21-150400_15_65-rt-debuginfo-1-150400.1.3.1
* kernel-livepatch-5_14_21-150400_15_65-rt-1-150400.1.3.1
## References:
* https://www.suse.com/security/cve/CVE-2020-26555.html
* https://www.suse.com/security/cve/CVE-2023-51779.html
* https://www.suse.com/security/cve/CVE-2023-6121.html
* https://www.suse.com/security/cve/CVE-2023-6531.html
* https://www.suse.com/security/cve/CVE-2023-6546.html
* https://www.suse.com/security/cve/CVE-2023-6606.html
* https://www.suse.com/security/cve/CVE-2023-6610.html
* https://www.suse.com/security/cve/CVE-2023-6622.html
* https://www.suse.com/security/cve/CVE-2023-6931.html
* https://www.suse.com/security/cve/CVE-2023-6932.html
* https://bugzilla.suse.com/show_bug.cgi?id=1179610
* https://bugzilla.suse.com/show_bug.cgi?id=1183045
* https://bugzilla.suse.com/show_bug.cgi?id=1193285
* https://bugzilla.suse.com/show_bug.cgi?id=1211162
* https://bugzilla.suse.com/show_bug.cgi?id=1211226
* https://bugzilla.suse.com/show_bug.cgi?id=1212584
* https://bugzilla.suse.com/show_bug.cgi?id=1214747
* https://bugzilla.suse.com/show_bug.cgi?id=1214823
* https://bugzilla.suse.com/show_bug.cgi?id=1215237
* https://bugzilla.suse.com/show_bug.cgi?id=1215696
* https://bugzilla.suse.com/show_bug.cgi?id=1215885
* https://bugzilla.suse.com/show_bug.cgi?id=1216057
* https://bugzilla.suse.com/show_bug.cgi?id=1216559
* https://bugzilla.suse.com/show_bug.cgi?id=1216776
* https://bugzilla.suse.com/show_bug.cgi?id=1217036
* https://bugzilla.suse.com/show_bug.cgi?id=1217217
* https://bugzilla.suse.com/show_bug.cgi?id=1217250
* https://bugzilla.suse.com/show_bug.cgi?id=1217602
* https://bugzilla.suse.com/show_bug.cgi?id=1217692
* https://bugzilla.suse.com/show_bug.cgi?id=1217790
* https://bugzilla.suse.com/show_bug.cgi?id=1217801
* https://bugzilla.suse.com/show_bug.cgi?id=1217933
* https://bugzilla.suse.com/show_bug.cgi?id=1217938
* https://bugzilla.suse.com/show_bug.cgi?id=1217946
* https://bugzilla.suse.com/show_bug.cgi?id=1217947
* https://bugzilla.suse.com/show_bug.cgi?id=1217980
* https://bugzilla.suse.com/show_bug.cgi?id=1217981
* https://bugzilla.suse.com/show_bug.cgi?id=1217982
* https://bugzilla.suse.com/show_bug.cgi?id=1218056
* https://bugzilla.suse.com/show_bug.cgi?id=1218139
* https://bugzilla.suse.com/show_bug.cgi?id=1218184
* https://bugzilla.suse.com/show_bug.cgi?id=1218234
* https://bugzilla.suse.com/show_bug.cgi?id=1218253
* https://bugzilla.suse.com/show_bug.cgi?id=1218258
* https://bugzilla.suse.com/show_bug.cgi?id=1218335
* https://bugzilla.suse.com/show_bug.cgi?id=1218357
* https://bugzilla.suse.com/show_bug.cgi?id=1218447
* https://bugzilla.suse.com/show_bug.cgi?id=1218515
* https://bugzilla.suse.com/show_bug.cgi?id=1218559
* https://bugzilla.suse.com/show_bug.cgi?id=1218569
* https://bugzilla.suse.com/show_bug.cgi?id=1218659
* https://jira.suse.com/browse/PED-3459
* https://jira.suse.com/browse/PED-5021
* https://jira.suse.com/browse/PED-7322
1
0
openSUSE-SU-2024:0021-1: moderate: Security update for perl-Spreadsheet-ParseXLSX
by opensuse-security@opensuse.org 16 Jan '24
by opensuse-security@opensuse.org 16 Jan '24
16 Jan '24
openSUSE Security Update: Security update for perl-Spreadsheet-ParseXLSX
______________________________________________________________________________
Announcement ID: openSUSE-SU-2024:0021-1
Rating: moderate
References: #1218651
Cross-References: CVE-2024-22368
Affected Products:
openSUSE Backports SLE-15-SP5
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for perl-Spreadsheet-ParseXLSX fixes the following issues:
Updated to 0.29:
see /usr/share/doc/packages/perl-Spreadsheet-ParseXLSX/Changes
0.29:
- Fix for 'Argument "" isn't numeric in addition (+) at /usr/local/shar…
- Incorrect cell values due to phonetic data doy#72
- Fix die message in parse()
- Cannot open password protected SHA1 encrypted files. doy#68
- use date format detection based on Spreadsheet::XLSX
- Add rudimentary support for hyperlinks in cells
0.28:
- CVE-2024-22368: out-of-memory condition during parsing of a crafted XLSX
document (boo#1218651)
- Fix possible memory bomb as reported in
https://github.com/haile01/perl_spreadsheet_excel_rce_poc/blob/main/parse_x
lsx_bomb.md
- Updated Dist::Zilla configuration fixing deprecation warnings
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Backports SLE-15-SP5:
zypper in -t patch openSUSE-2024-21=1
Package List:
- openSUSE Backports SLE-15-SP5 (noarch):
perl-Spreadsheet-ParseXLSX-0.290.0-bp155.2.3.1
References:
https://www.suse.com/security/cve/CVE-2024-22368.html
https://bugzilla.suse.com/1218651
1
0
openSUSE-SU-2024:0020-1: important: Security update for chromium
by opensuse-security@opensuse.org 16 Jan '24
by opensuse-security@opensuse.org 16 Jan '24
16 Jan '24
openSUSE Security Update: Security update for chromium
______________________________________________________________________________
Announcement ID: openSUSE-SU-2024:0020-1
Rating: important
References: #1217839 #1218048 #1218302 #1218303 #1218533
#1218719
Cross-References: CVE-2023-6508 CVE-2023-6509 CVE-2023-6510
CVE-2023-6511 CVE-2023-6512 CVE-2023-6702
CVE-2023-6703 CVE-2023-6704 CVE-2023-6705
CVE-2023-6706 CVE-2023-6707 CVE-2023-7024
CVE-2024-0222 CVE-2024-0223 CVE-2024-0224
CVE-2024-0225 CVE-2024-0333
CVSS scores:
CVE-2023-6508 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2023-6509 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2023-6510 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2023-6511 (NVD) : 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
CVE-2023-6512 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
CVE-2023-6702 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2023-6703 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2023-6704 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2023-6704 (SUSE): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2023-6705 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2023-6706 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2023-6707 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2023-7024 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2024-0222 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2024-0223 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2024-0224 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2024-0225 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected Products:
openSUSE Backports SLE-15-SP5
______________________________________________________________________________
An update that fixes 17 vulnerabilities is now available.
Description:
This update for chromium fixes the following issues:
- Chromium 120.0.6099.216 (boo#1217839, boo#1218048, boo#1218302,
boo#1218533, boo#1218719)
* CVE-2024-0333: Insufficient data validation in Extensions
* CVE-2024-0222: Use after free in ANGLE
* CVE-2024-0223: Heap buffer overflow in ANGLE
* CVE-2024-0224: Use after free in WebAudio
* CVE-2024-0225: Use after free in WebGPU
* CVE-2023-7024: Heap buffer overflow in WebRTC
* CVE-2023-6702: Type Confusion in V8
* CVE-2023-6703: Use after free in Blink
* CVE-2023-6704: Use after free in libavif (boo#1218303)
* CVE-2023-6705: Use after free in WebRTC
* CVE-2023-6706: Use after free in FedCM
* CVE-2023-6707: Use after free in CSS
* CVE-2023-6508: Use after free in Media Stream
* CVE-2023-6509: Use after free in Side Panel Search
* CVE-2023-6510: Use after free in Media Capture
* CVE-2023-6511: Inappropriate implementation in Autofill
* CVE-2023-6512: Inappropriate implementation in Web Browser UI
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Backports SLE-15-SP5:
zypper in -t patch openSUSE-2024-20=1
Package List:
- openSUSE Backports SLE-15-SP5 (aarch64 x86_64):
chromedriver-120.0.6099.216-bp155.2.64.1
chromium-120.0.6099.216-bp155.2.64.1
References:
https://www.suse.com/security/cve/CVE-2023-6508.html
https://www.suse.com/security/cve/CVE-2023-6509.html
https://www.suse.com/security/cve/CVE-2023-6510.html
https://www.suse.com/security/cve/CVE-2023-6511.html
https://www.suse.com/security/cve/CVE-2023-6512.html
https://www.suse.com/security/cve/CVE-2023-6702.html
https://www.suse.com/security/cve/CVE-2023-6703.html
https://www.suse.com/security/cve/CVE-2023-6704.html
https://www.suse.com/security/cve/CVE-2023-6705.html
https://www.suse.com/security/cve/CVE-2023-6706.html
https://www.suse.com/security/cve/CVE-2023-6707.html
https://www.suse.com/security/cve/CVE-2023-7024.html
https://www.suse.com/security/cve/CVE-2024-0222.html
https://www.suse.com/security/cve/CVE-2024-0223.html
https://www.suse.com/security/cve/CVE-2024-0224.html
https://www.suse.com/security/cve/CVE-2024-0225.html
https://www.suse.com/security/cve/CVE-2024-0333.html
https://bugzilla.suse.com/1217839
https://bugzilla.suse.com/1218048
https://bugzilla.suse.com/1218302
https://bugzilla.suse.com/1218303
https://bugzilla.suse.com/1218533
https://bugzilla.suse.com/1218719
1
0
openSUSE-SU-2024:0017-1: moderate: Security update for python-django-grappelli
by opensuse-security@opensuse.org 11 Jan '24
by opensuse-security@opensuse.org 11 Jan '24
11 Jan '24
openSUSE Security Update: Security update for python-django-grappelli
______________________________________________________________________________
Announcement ID: openSUSE-SU-2024:0017-1
Rating: moderate
References: #1216481
Cross-References: CVE-2021-46898
CVSS scores:
CVE-2021-46898 (NVD) : 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Affected Products:
openSUSE Backports SLE-15-SP5
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for python-django-grappelli fixes the following issues:
Update to 2.14.4:
- CVE-2021-46898: Fixed views/switch.py vulnerable to protocol-relative
URL attacks (boo#1216481)
- Fixed: Redirect with switch user.
- Improved: Remove extra filtering in AutocompleteLookup.
- Improved: Added import statement with URLs for quickstart docs.
- Improved: Added additional blocks with inlines to allow override.
- Fixed: Compatibility with Django 3.1.
- Fixed: Docs about adding Grappelli documentation URLS.
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Backports SLE-15-SP5:
zypper in -t patch openSUSE-2024-17=1
Package List:
- openSUSE Backports SLE-15-SP5 (noarch):
python3-django-grappelli-2.14.4-bp155.3.3.1
References:
https://www.suse.com/security/cve/CVE-2021-46898.html
https://bugzilla.suse.com/1216481
1
0
SUSE-SU-2024:0090-1: moderate: Security update for gstreamer-plugins-rs
by OPENSUSE-SECURITY-UPDATES 11 Jan '24
by OPENSUSE-SECURITY-UPDATES 11 Jan '24
11 Jan '24
# Security update for gstreamer-plugins-rs
Announcement ID: SUSE-SU-2024:0090-1
Rating: moderate
References:
* bsc#1208556
Cross-References:
* CVE-2022-31394
CVSS scores:
* CVE-2022-31394 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2022-31394 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products:
* Desktop Applications Module 15-SP5
* openSUSE Leap 15.4
* SUSE Linux Enterprise Desktop 15 SP5
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Real Time 15 SP4
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
An update that solves one vulnerability can now be installed.
## Description:
This update for gstreamer-plugins-rs fixes the following issues:
* CVE-2022-31394: Fixed a potential denial of service in the HTTP/2
implementation (bsc#1208556).
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.4
zypper in -t patch SUSE-2024-90=1
* Desktop Applications Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP5-2024-90=1
* SUSE Linux Enterprise Real Time 15 SP4
zypper in -t patch SUSE-SLE-Product-RT-15-SP4-2024-90=1
## Package List:
* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
* gstreamer-plugins-rs-debuginfo-0.8.2-150400.3.3.1
* gstreamer-plugins-rs-devel-0.8.2-150400.3.3.1
* gstreamer-plugins-rs-debugsource-0.8.2-150400.3.3.1
* gstreamer-plugins-rs-0.8.2-150400.3.3.1
* Desktop Applications Module 15-SP5 (ppc64le)
* gstreamer-plugins-rs-debuginfo-0.8.2-150400.3.3.1
* gstreamer-plugins-rs-devel-0.8.2-150400.3.3.1
* gstreamer-plugins-rs-debugsource-0.8.2-150400.3.3.1
* gstreamer-plugins-rs-0.8.2-150400.3.3.1
* SUSE Linux Enterprise Real Time 15 SP4 (x86_64)
* gstreamer-plugins-rs-debuginfo-0.8.2-150400.3.3.1
* gstreamer-plugins-rs-devel-0.8.2-150400.3.3.1
* gstreamer-plugins-rs-debugsource-0.8.2-150400.3.3.1
* gstreamer-plugins-rs-0.8.2-150400.3.3.1
## References:
* https://www.suse.com/security/cve/CVE-2022-31394.html
* https://bugzilla.suse.com/show_bug.cgi?id=1208556
1
0