June 2024 - openSUSE Security Announce

SUSE-SU-2024:1966-1: moderate: Security update for aws-nitro-enclaves-cli
by OPENSUSE-SECURITY-UPDATES 10 Jun '24

10 Jun '24

# Security update for aws-nitro-enclaves-cli Announcement ID: SUSE-SU-2024:1966-1 Rating: moderate References: * bsc#1218501 Cross-References: * CVE-2023-50711 CVSS scores: * CVE-2023-50711 ( SUSE ): 5.7 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:L * CVE-2023-50711 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.6 * Public Cloud Module 15-SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for aws-nitro-enclaves-cli fixes the following issues: * CVE-2023-50711: Fixed out of bounds memory accesses in embedded vmm-sys-util (bsc#1218501). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Public Cloud Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP6-2024-1966=1 * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-1966=1 openSUSE-SLE-15.6-2024-1966=1 ## Package List: * Public Cloud Module 15-SP6 (aarch64 x86_64) * aws-nitro-enclaves-cli-debugsource-1.3.0~git1.db34c02-150600.10.3.1 * aws-nitro-enclaves-binaryblobs-upstream-debuginfo-1.3.0~git1.db34c02-150600.10.3.1 * aws-nitro-enclaves-cli-debuginfo-1.3.0~git1.db34c02-150600.10.3.1 * system-group-ne-1.3.0~git1.db34c02-150600.10.3.1 * aws-nitro-enclaves-cli-1.3.0~git1.db34c02-150600.10.3.1 * aws-nitro-enclaves-binaryblobs-upstream-1.3.0~git1.db34c02-150600.10.3.1 * openSUSE Leap 15.6 (aarch64 x86_64) * aws-nitro-enclaves-cli-debugsource-1.3.0~git1.db34c02-150600.10.3.1 * aws-nitro-enclaves-binaryblobs-upstream-debuginfo-1.3.0~git1.db34c02-150600.10.3.1 * aws-nitro-enclaves-cli-debuginfo-1.3.0~git1.db34c02-150600.10.3.1 * system-group-ne-1.3.0~git1.db34c02-150600.10.3.1 * aws-nitro-enclaves-cli-1.3.0~git1.db34c02-150600.10.3.1 * aws-nitro-enclaves-binaryblobs-upstream-1.3.0~git1.db34c02-150600.10.3.1 ## References: * https://www.suse.com/security/cve/CVE-2023-50711.html * https://bugzilla.suse.com/show_bug.cgi?id=1218501

1 0

openSUSE-SU-2024:0156-1: important: Security update for opera
by opensuse-security＠opensuse.org 10 Jun '24

10 Jun '24

openSUSE Security Update: Security update for opera ______________________________________________________________________________ Announcement ID: openSUSE-SU-2024:0156-1 Rating: important References: Cross-References: CVE-2024-3832 CVE-2024-3833 CVE-2024-3834 CVE-2024-3837 CVE-2024-3838 CVE-2024-3839 CVE-2024-3840 CVE-2024-3841 CVE-2024-3843 CVE-2024-3844 CVE-2024-3845 CVE-2024-3846 CVE-2024-3847 CVE-2024-3914 CVE-2024-4671 CVE-2024-5274 CVSS scores: CVE-2024-3834 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2024-3837 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2024-3838 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N CVE-2024-3839 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N CVE-2024-4671 (NVD) : 9.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H CVE-2024-5274 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: openSUSE Leap 15.6:NonFree ______________________________________________________________________________ An update that fixes 16 vulnerabilities is now available. Description: This update for opera fixes the following issues: Update to 110.0.5130.64 * CHR-9748 Update Chromium on desktop-stable-124-5130 to 124.0.6367.243 * DNA-116317 Create outline or shadow around emojis on tab strip * DNA-116320 Create animation for emoji disappearing from tab strip * DNA-116564 Assign custom emoji from emoji picker * DNA-116690 Make chrome://emoji-picker attachable by webdriver * DNA-116732 Introduce stat event for setting / unsetting emoji on a tab * DNA-116753 Emoji picker does not follow browser theme * DNA-116755 Record tab emojis added / removed * DNA-116777 Enable #tab-art on all streams Update to 110.0.5130.49 * CHR-9416 Updating Chromium on desktop-stable-* branches * DNA-116706 [gpu-crash] Crash at SkGpuShaderImageFilter:: onFilterImage(skif::Context const&) Update to 110.0.5130.39 * DNA-115603 [Rich Hints] Pass trigger source to the Rich Hint * DNA-116680 Import 0-day fix for CVE-2024-5274 Update to 110.0.5130.35 * CHR-9721 Update Chromium on desktop-stable-124-5130 to 124.0.6367.202 * DNA-114787 Crash at views::View::DoRemoveChildView(views:: View*, bool, bool, views::View*) * DNA-115640 Tab island is not properly displayed after drag&drop in light theme * DNA-116191 Fix link in RTV Euro CoS * DNA-116218 Crash at SkGpuShaderImageFilter::onFilterImage (skif::Context const&) * DNA-116241 Update affiliation link for media expert "Continue On" * DNA-116256 Crash at TabHoverCardController::UpdateHoverCard (opera::TabDataView*, TabHoverCardController::UpdateType, bool) * DNA-116270 Show 'Suggestions' inside expanding Speed Dial field * DNA-116474 Implement the no dynamic hover approach * DNA-116493 Make sure that additional elements like (Sync your browser) etc. doesn’t shift content down on page * DNA-116515 Import 0-day fix from Chromium "[wasm-gc] Only normalize JSObject targets in SetOrCopyDataProperties" * DNA-116543 Twitter migrate to x.com * DNA-116552 Change max width of the banner * DNA-116569 Twitter in Panel loading for the first time opens two Tabs automatically * DNA-116587 Translate settings strings for every language The update to chromium 124.0.6367.202 fixes following issues: CVE-2024-4671 Update to 110.0.5130.23 * CHR-9706 Update Chromium on desktop-stable-124-5130 to 124.0.6367.62 * DNA-116450 Promote 110 to stable - Complete Opera 110 changelog at: https://blogs.opera.com/desktop/changelog-for-110/ - The update to chromium 124.0.6367.62 fixes following issues: CVE-2024-3832, CVE-2024-3833, CVE-2024-3914, CVE-2024-3834, CVE-2024-3837, CVE-2024-3838, CVE-2024-3839, CVE-2024-3840, CVE-2024-3841, CVE-2024-3843, CVE-2024-3844, CVE-2024-3845, CVE-2024-3846, CVE-2024-3847 - Update to 109.0.5097.80 * DNA-115738 Crash at extensions::ExtensionRegistry:: GetExtensionById(std::__Cr::basic_string const&, int) * DNA-115797 [Flow] Never ending loading while connecting to flow * DNA-116315 Chat GPT in Sidebar Panel doesn’t work - Update to 109.0.5097.59 * CHR-9416 Updating Chromium on desktop-stable-* branches * DNA-115810 Enable #drag-multiple-tabs on all streams Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.6:NonFree: zypper in -t patch openSUSE-2024-156=1 Package List: - openSUSE Leap 15.6:NonFree (x86_64): opera-110.0.5130.64-lp156.2.6.1 References: https://www.suse.com/security/cve/CVE-2024-3832.html https://www.suse.com/security/cve/CVE-2024-3833.html https://www.suse.com/security/cve/CVE-2024-3834.html https://www.suse.com/security/cve/CVE-2024-3837.html https://www.suse.com/security/cve/CVE-2024-3838.html https://www.suse.com/security/cve/CVE-2024-3839.html https://www.suse.com/security/cve/CVE-2024-3840.html https://www.suse.com/security/cve/CVE-2024-3841.html https://www.suse.com/security/cve/CVE-2024-3843.html https://www.suse.com/security/cve/CVE-2024-3844.html https://www.suse.com/security/cve/CVE-2024-3845.html https://www.suse.com/security/cve/CVE-2024-3846.html https://www.suse.com/security/cve/CVE-2024-3847.html https://www.suse.com/security/cve/CVE-2024-3914.html https://www.suse.com/security/cve/CVE-2024-4671.html https://www.suse.com/security/cve/CVE-2024-5274.html

1 0

SUSE-SU-2024:1961-1: moderate: Security update for squid
by OPENSUSE-SECURITY-UPDATES 10 Jun '24

10 Jun '24

# Security update for squid Announcement ID: SUSE-SU-2024:1961-1 Rating: moderate References: * bsc#1225417 Cross-References: * CVE-2024-33427 CVSS scores: * CVE-2024-33427 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.6 * Server Applications Module 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for squid fixes the following issues: * CVE-2024-33427: Fixed possible buffer overread that could have led to a denial-of-service (bsc#1225417). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-1961=1 openSUSE-SLE-15.6-2024-1961=1 * Server Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2024-1961=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * squid-debuginfo-6.9-150600.3.3.2 * squid-debugsource-6.9-150600.3.3.2 * squid-6.9-150600.3.3.2 * Server Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * squid-debuginfo-6.9-150600.3.3.2 * squid-debugsource-6.9-150600.3.3.2 * squid-6.9-150600.3.3.2 ## References: * https://www.suse.com/security/cve/CVE-2024-33427.html * https://bugzilla.suse.com/show_bug.cgi?id=1225417

1 0

SUSE-SU-2024:1962-1: moderate: Security update for libvirt
by OPENSUSE-SECURITY-UPDATES 10 Jun '24

10 Jun '24

# Security update for libvirt Announcement ID: SUSE-SU-2024:1962-1 Rating: moderate References: * bsc#1222584 * bsc#1223849 Cross-References: * CVE-2024-4418 CVSS scores: * CVE-2024-4418 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * Server Applications Module 15-SP6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for libvirt fixes the following issues: * CVE-2024-4418: Fixed a stack use-after-free by ensuring temporary GSource is removed from client event loop. (bsc#1223849) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-1962=1 SUSE-2024-1962=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-1962=1 * Server Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2024-1962=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * libvirt-daemon-proxy-10.0.0-150600.8.3.1 * libvirt-libs-10.0.0-150600.8.3.1 * libvirt-daemon-plugin-lockd-10.0.0-150600.8.3.1 * libvirt-daemon-driver-lxc-debuginfo-10.0.0-150600.8.3.1 * libvirt-daemon-driver-storage-logical-10.0.0-150600.8.3.1 * libvirt-daemon-lock-10.0.0-150600.8.3.1 * libvirt-daemon-driver-storage-10.0.0-150600.8.3.1 * libvirt-daemon-driver-nodedev-debuginfo-10.0.0-150600.8.3.1 * libvirt-daemon-driver-storage-logical-debuginfo-10.0.0-150600.8.3.1 * libvirt-daemon-plugin-lockd-debuginfo-10.0.0-150600.8.3.1 * wireshark-plugin-libvirt-10.0.0-150600.8.3.1 * libvirt-daemon-driver-interface-10.0.0-150600.8.3.1 * libvirt-daemon-driver-network-10.0.0-150600.8.3.1 * libvirt-daemon-driver-lxc-10.0.0-150600.8.3.1 * libvirt-daemon-log-debuginfo-10.0.0-150600.8.3.1 * libvirt-daemon-qemu-10.0.0-150600.8.3.1 * libvirt-daemon-driver-interface-debuginfo-10.0.0-150600.8.3.1 * libvirt-daemon-driver-qemu-debuginfo-10.0.0-150600.8.3.1 * libvirt-10.0.0-150600.8.3.1 * libvirt-client-qemu-10.0.0-150600.8.3.1 * libvirt-libs-debuginfo-10.0.0-150600.8.3.1 * libvirt-daemon-driver-storage-scsi-debuginfo-10.0.0-150600.8.3.1 * libvirt-daemon-driver-storage-core-10.0.0-150600.8.3.1 * libvirt-daemon-driver-storage-core-debuginfo-10.0.0-150600.8.3.1 * libvirt-daemon-common-debuginfo-10.0.0-150600.8.3.1 * libvirt-daemon-driver-nwfilter-debuginfo-10.0.0-150600.8.3.1 * libvirt-daemon-log-10.0.0-150600.8.3.1 * libvirt-daemon-driver-storage-disk-10.0.0-150600.8.3.1 * libvirt-daemon-driver-nodedev-10.0.0-150600.8.3.1 * libvirt-devel-10.0.0-150600.8.3.1 * libvirt-daemon-driver-storage-gluster-10.0.0-150600.8.3.1 * libvirt-daemon-common-10.0.0-150600.8.3.1 * libvirt-debugsource-10.0.0-150600.8.3.1 * libvirt-daemon-driver-qemu-10.0.0-150600.8.3.1 * libvirt-daemon-plugin-sanlock-10.0.0-150600.8.3.1 * libvirt-daemon-lock-debuginfo-10.0.0-150600.8.3.1 * libvirt-nss-10.0.0-150600.8.3.1 * libvirt-client-debuginfo-10.0.0-150600.8.3.1 * libvirt-daemon-driver-storage-gluster-debuginfo-10.0.0-150600.8.3.1 * libvirt-daemon-driver-storage-iscsi-direct-10.0.0-150600.8.3.1 * libvirt-daemon-plugin-sanlock-debuginfo-10.0.0-150600.8.3.1 * libvirt-daemon-config-nwfilter-10.0.0-150600.8.3.1 * libvirt-daemon-config-network-10.0.0-150600.8.3.1 * libvirt-daemon-lxc-10.0.0-150600.8.3.1 * libvirt-daemon-driver-storage-iscsi-direct-debuginfo-10.0.0-150600.8.3.1 * wireshark-plugin-libvirt-debuginfo-10.0.0-150600.8.3.1 * libvirt-daemon-driver-network-debuginfo-10.0.0-150600.8.3.1 * libvirt-daemon-driver-storage-iscsi-debuginfo-10.0.0-150600.8.3.1 * libvirt-daemon-driver-storage-scsi-10.0.0-150600.8.3.1 * libvirt-daemon-proxy-debuginfo-10.0.0-150600.8.3.1 * libvirt-daemon-driver-nwfilter-10.0.0-150600.8.3.1 * libvirt-client-10.0.0-150600.8.3.1 * libvirt-daemon-driver-secret-debuginfo-10.0.0-150600.8.3.1 * libvirt-daemon-driver-storage-iscsi-10.0.0-150600.8.3.1 * libvirt-daemon-driver-storage-mpath-debuginfo-10.0.0-150600.8.3.1 * libvirt-daemon-debuginfo-10.0.0-150600.8.3.1 * libvirt-daemon-driver-secret-10.0.0-150600.8.3.1 * libvirt-daemon-10.0.0-150600.8.3.1 * libvirt-daemon-hooks-10.0.0-150600.8.3.1 * libvirt-nss-debuginfo-10.0.0-150600.8.3.1 * libvirt-daemon-driver-storage-disk-debuginfo-10.0.0-150600.8.3.1 * libvirt-daemon-driver-storage-mpath-10.0.0-150600.8.3.1 * openSUSE Leap 15.6 (x86_64) * libvirt-client-32bit-debuginfo-10.0.0-150600.8.3.1 * libvirt-devel-32bit-10.0.0-150600.8.3.1 * libvirt-daemon-xen-10.0.0-150600.8.3.1 * libvirt-daemon-driver-libxl-10.0.0-150600.8.3.1 * libvirt-daemon-driver-libxl-debuginfo-10.0.0-150600.8.3.1 * openSUSE Leap 15.6 (aarch64 x86_64) * libvirt-daemon-driver-storage-rbd-10.0.0-150600.8.3.1 * libvirt-daemon-driver-storage-rbd-debuginfo-10.0.0-150600.8.3.1 * openSUSE Leap 15.6 (noarch) * libvirt-doc-10.0.0-150600.8.3.1 * openSUSE Leap 15.6 (aarch64_ilp32) * libvirt-devel-64bit-10.0.0-150600.8.3.1 * libvirt-client-64bit-debuginfo-10.0.0-150600.8.3.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libvirt-libs-10.0.0-150600.8.3.1 * libvirt-libs-debuginfo-10.0.0-150600.8.3.1 * libvirt-debugsource-10.0.0-150600.8.3.1 * Server Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libvirt-daemon-proxy-10.0.0-150600.8.3.1 * libvirt-daemon-plugin-lockd-10.0.0-150600.8.3.1 * libvirt-daemon-driver-storage-logical-10.0.0-150600.8.3.1 * libvirt-daemon-lock-10.0.0-150600.8.3.1 * libvirt-daemon-driver-storage-10.0.0-150600.8.3.1 * libvirt-daemon-driver-nodedev-debuginfo-10.0.0-150600.8.3.1 * libvirt-daemon-driver-storage-logical-debuginfo-10.0.0-150600.8.3.1 * libvirt-daemon-plugin-lockd-debuginfo-10.0.0-150600.8.3.1 * libvirt-daemon-driver-interface-10.0.0-150600.8.3.1 * libvirt-daemon-driver-network-10.0.0-150600.8.3.1 * libvirt-daemon-log-debuginfo-10.0.0-150600.8.3.1 * libvirt-daemon-qemu-10.0.0-150600.8.3.1 * libvirt-daemon-driver-interface-debuginfo-10.0.0-150600.8.3.1 * libvirt-daemon-driver-qemu-debuginfo-10.0.0-150600.8.3.1 * libvirt-10.0.0-150600.8.3.1 * libvirt-client-qemu-10.0.0-150600.8.3.1 * libvirt-daemon-driver-storage-scsi-debuginfo-10.0.0-150600.8.3.1 * libvirt-daemon-driver-storage-core-10.0.0-150600.8.3.1 * libvirt-daemon-driver-storage-core-debuginfo-10.0.0-150600.8.3.1 * libvirt-daemon-common-debuginfo-10.0.0-150600.8.3.1 * libvirt-daemon-driver-nwfilter-debuginfo-10.0.0-150600.8.3.1 * libvirt-daemon-log-10.0.0-150600.8.3.1 * libvirt-daemon-driver-storage-disk-10.0.0-150600.8.3.1 * libvirt-daemon-driver-nodedev-10.0.0-150600.8.3.1 * libvirt-devel-10.0.0-150600.8.3.1 * libvirt-daemon-common-10.0.0-150600.8.3.1 * libvirt-debugsource-10.0.0-150600.8.3.1 * libvirt-daemon-driver-qemu-10.0.0-150600.8.3.1 * libvirt-daemon-plugin-sanlock-10.0.0-150600.8.3.1 * libvirt-daemon-lock-debuginfo-10.0.0-150600.8.3.1 * libvirt-nss-10.0.0-150600.8.3.1 * libvirt-client-debuginfo-10.0.0-150600.8.3.1 * libvirt-daemon-driver-storage-iscsi-direct-10.0.0-150600.8.3.1 * libvirt-daemon-plugin-sanlock-debuginfo-10.0.0-150600.8.3.1 * libvirt-daemon-config-nwfilter-10.0.0-150600.8.3.1 * libvirt-daemon-config-network-10.0.0-150600.8.3.1 * libvirt-daemon-driver-storage-iscsi-direct-debuginfo-10.0.0-150600.8.3.1 * libvirt-daemon-driver-network-debuginfo-10.0.0-150600.8.3.1 * libvirt-daemon-driver-storage-iscsi-debuginfo-10.0.0-150600.8.3.1 * libvirt-daemon-driver-storage-scsi-10.0.0-150600.8.3.1 * libvirt-daemon-proxy-debuginfo-10.0.0-150600.8.3.1 * libvirt-daemon-driver-nwfilter-10.0.0-150600.8.3.1 * libvirt-client-10.0.0-150600.8.3.1 * libvirt-daemon-driver-secret-debuginfo-10.0.0-150600.8.3.1 * libvirt-daemon-driver-storage-iscsi-10.0.0-150600.8.3.1 * libvirt-daemon-driver-storage-mpath-debuginfo-10.0.0-150600.8.3.1 * libvirt-daemon-debuginfo-10.0.0-150600.8.3.1 * libvirt-daemon-driver-secret-10.0.0-150600.8.3.1 * libvirt-daemon-10.0.0-150600.8.3.1 * libvirt-daemon-hooks-10.0.0-150600.8.3.1 * libvirt-nss-debuginfo-10.0.0-150600.8.3.1 * libvirt-daemon-driver-storage-disk-debuginfo-10.0.0-150600.8.3.1 * libvirt-daemon-driver-storage-mpath-10.0.0-150600.8.3.1 * Server Applications Module 15-SP6 (aarch64 x86_64) * libvirt-daemon-driver-storage-rbd-10.0.0-150600.8.3.1 * libvirt-daemon-driver-storage-rbd-debuginfo-10.0.0-150600.8.3.1 * Server Applications Module 15-SP6 (noarch) * libvirt-doc-10.0.0-150600.8.3.1 * Server Applications Module 15-SP6 (x86_64) * libvirt-daemon-xen-10.0.0-150600.8.3.1 * libvirt-daemon-driver-libxl-10.0.0-150600.8.3.1 * libvirt-daemon-driver-libxl-debuginfo-10.0.0-150600.8.3.1 ## References: * https://www.suse.com/security/cve/CVE-2024-4418.html * https://bugzilla.suse.com/show_bug.cgi?id=1222584 * https://bugzilla.suse.com/show_bug.cgi?id=1223849

1 0

SUSE-SU-2024:1963-1: important: Security update for apache2
by OPENSUSE-SECURITY-UPDATES 10 Jun '24

10 Jun '24

# Security update for apache2 Announcement ID: SUSE-SU-2024:1963-1 Rating: important References: * bsc#1221401 * bsc#1222330 * bsc#1222332 Cross-References: * CVE-2023-38709 * CVE-2024-24795 * CVE-2024-27316 CVSS scores: * CVE-2023-38709 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2024-24795 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2024-27316 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27316 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * Server Applications Module 15-SP6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Package Hub 15 15-SP6 An update that solves three vulnerabilities can now be installed. ## Description: This update for apache2 fixes the following issues: * CVE-2023-38709: Fixed HTTP response splitting (bsc#1222330). * CVE-2024-24795: Fixed HTTP response splitting in multiple modules (bsc#1222332). * CVE-2024-27316: Fixed HTTP/2 CONTINUATION frames can be utilized for DoS attacks (bsc#1221401). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-1963=1 openSUSE-SLE-15.6-2024-1963=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-1963=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-1963=1 * Server Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2024-1963=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * apache2-prefork-debuginfo-2.4.58-150600.5.3.1 * apache2-event-2.4.58-150600.5.3.1 * apache2-debuginfo-2.4.58-150600.5.3.1 * apache2-debugsource-2.4.58-150600.5.3.1 * apache2-utils-2.4.58-150600.5.3.1 * apache2-worker-2.4.58-150600.5.3.1 * apache2-2.4.58-150600.5.3.1 * apache2-utils-debugsource-2.4.58-150600.5.3.1 * apache2-devel-2.4.58-150600.5.3.1 * apache2-event-debugsource-2.4.58-150600.5.3.1 * apache2-utils-debuginfo-2.4.58-150600.5.3.1 * apache2-prefork-debugsource-2.4.58-150600.5.3.1 * apache2-worker-debugsource-2.4.58-150600.5.3.1 * apache2-event-debuginfo-2.4.58-150600.5.3.1 * apache2-prefork-2.4.58-150600.5.3.1 * apache2-worker-debuginfo-2.4.58-150600.5.3.1 * openSUSE Leap 15.6 (noarch) * apache2-manual-2.4.58-150600.5.3.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * apache2-prefork-debuginfo-2.4.58-150600.5.3.1 * apache2-debuginfo-2.4.58-150600.5.3.1 * apache2-debugsource-2.4.58-150600.5.3.1 * apache2-2.4.58-150600.5.3.1 * apache2-prefork-debugsource-2.4.58-150600.5.3.1 * apache2-prefork-2.4.58-150600.5.3.1 * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64) * apache2-event-2.4.58-150600.5.3.1 * apache2-debuginfo-2.4.58-150600.5.3.1 * apache2-debugsource-2.4.58-150600.5.3.1 * apache2-event-debugsource-2.4.58-150600.5.3.1 * apache2-event-debuginfo-2.4.58-150600.5.3.1 * Server Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * apache2-utils-2.4.58-150600.5.3.1 * apache2-worker-2.4.58-150600.5.3.1 * apache2-utils-debugsource-2.4.58-150600.5.3.1 * apache2-devel-2.4.58-150600.5.3.1 * apache2-utils-debuginfo-2.4.58-150600.5.3.1 * apache2-worker-debugsource-2.4.58-150600.5.3.1 * apache2-worker-debuginfo-2.4.58-150600.5.3.1 ## References: * https://www.suse.com/security/cve/CVE-2023-38709.html * https://www.suse.com/security/cve/CVE-2024-24795.html * https://www.suse.com/security/cve/CVE-2024-27316.html * https://bugzilla.suse.com/show_bug.cgi?id=1221401 * https://bugzilla.suse.com/show_bug.cgi?id=1222330 * https://bugzilla.suse.com/show_bug.cgi?id=1222332

1 0

SUSE-SU-2024:1947-1: moderate: Security update for openssl-3
by OPENSUSE-SECURITY-UPDATES 07 Jun '24

07 Jun '24

# Security update for openssl-3 Announcement ID: SUSE-SU-2024:1947-1 Rating: moderate References: * bsc#1222548 * bsc#1224388 Cross-References: * CVE-2024-2511 * CVE-2024-4603 CVSS scores: * CVE-2024-2511 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-4603 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * openSUSE Leap 15.4 * openSUSE Leap Micro 5.3 * openSUSE Leap Micro 5.4 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves two vulnerabilities can now be installed. ## Description: This update for openssl-3 fixes the following issues: * CVE-2024-2511: Fixed unconstrained session cache growth in TLSv1.3 (bsc#1222548). * CVE-2024-4603: Fixed DSA parameter checks for excessive sizes before validating (bsc#1224388). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-1947=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-1947=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-1947=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-1947=1 * openSUSE Leap Micro 5.3 zypper in -t patch openSUSE-Leap-Micro-5.3-2024-1947=1 * openSUSE Leap Micro 5.4 zypper in -t patch openSUSE-Leap-Micro-5.4-2024-1947=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-1947=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-1947=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-1947=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-1947=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-1947=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-1947=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-1947=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-1947=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-1947=1 ## Package List: * SUSE Manager Proxy 4.3 (x86_64) * libopenssl3-debuginfo-3.0.8-150400.4.54.1 * openssl-3-3.0.8-150400.4.54.1 * libopenssl-3-devel-3.0.8-150400.4.54.1 * openssl-3-debuginfo-3.0.8-150400.4.54.1 * libopenssl3-3.0.8-150400.4.54.1 * openssl-3-debugsource-3.0.8-150400.4.54.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * libopenssl3-debuginfo-3.0.8-150400.4.54.1 * openssl-3-3.0.8-150400.4.54.1 * libopenssl-3-devel-3.0.8-150400.4.54.1 * openssl-3-debuginfo-3.0.8-150400.4.54.1 * libopenssl3-3.0.8-150400.4.54.1 * openssl-3-debugsource-3.0.8-150400.4.54.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * libopenssl3-debuginfo-3.0.8-150400.4.54.1 * openssl-3-3.0.8-150400.4.54.1 * libopenssl-3-devel-3.0.8-150400.4.54.1 * openssl-3-debuginfo-3.0.8-150400.4.54.1 * libopenssl3-3.0.8-150400.4.54.1 * openssl-3-debugsource-3.0.8-150400.4.54.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * libopenssl3-debuginfo-3.0.8-150400.4.54.1 * openssl-3-3.0.8-150400.4.54.1 * libopenssl-3-devel-3.0.8-150400.4.54.1 * openssl-3-debuginfo-3.0.8-150400.4.54.1 * libopenssl3-3.0.8-150400.4.54.1 * openssl-3-debugsource-3.0.8-150400.4.54.1 * openSUSE Leap 15.4 (x86_64) * libopenssl-3-devel-32bit-3.0.8-150400.4.54.1 * libopenssl3-32bit-3.0.8-150400.4.54.1 * libopenssl3-32bit-debuginfo-3.0.8-150400.4.54.1 * openSUSE Leap 15.4 (noarch) * openssl-3-doc-3.0.8-150400.4.54.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libopenssl3-64bit-3.0.8-150400.4.54.1 * libopenssl-3-devel-64bit-3.0.8-150400.4.54.1 * libopenssl3-64bit-debuginfo-3.0.8-150400.4.54.1 * openSUSE Leap Micro 5.3 (aarch64 ppc64le s390x x86_64) * libopenssl3-debuginfo-3.0.8-150400.4.54.1 * libopenssl3-3.0.8-150400.4.54.1 * openssl-3-debugsource-3.0.8-150400.4.54.1 * openSUSE Leap Micro 5.4 (aarch64 ppc64le s390x x86_64) * libopenssl3-debuginfo-3.0.8-150400.4.54.1 * libopenssl3-3.0.8-150400.4.54.1 * openssl-3-debugsource-3.0.8-150400.4.54.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * libopenssl3-debuginfo-3.0.8-150400.4.54.1 * libopenssl3-3.0.8-150400.4.54.1 * openssl-3-debugsource-3.0.8-150400.4.54.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * libopenssl3-debuginfo-3.0.8-150400.4.54.1 * libopenssl3-3.0.8-150400.4.54.1 * openssl-3-debugsource-3.0.8-150400.4.54.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * libopenssl3-debuginfo-3.0.8-150400.4.54.1 * libopenssl3-3.0.8-150400.4.54.1 * openssl-3-debugsource-3.0.8-150400.4.54.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * libopenssl3-debuginfo-3.0.8-150400.4.54.1 * libopenssl3-3.0.8-150400.4.54.1 * openssl-3-debugsource-3.0.8-150400.4.54.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * libopenssl3-debuginfo-3.0.8-150400.4.54.1 * openssl-3-3.0.8-150400.4.54.1 * libopenssl-3-devel-3.0.8-150400.4.54.1 * openssl-3-debuginfo-3.0.8-150400.4.54.1 * libopenssl3-3.0.8-150400.4.54.1 * openssl-3-debugsource-3.0.8-150400.4.54.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * libopenssl3-debuginfo-3.0.8-150400.4.54.1 * openssl-3-3.0.8-150400.4.54.1 * libopenssl-3-devel-3.0.8-150400.4.54.1 * openssl-3-debuginfo-3.0.8-150400.4.54.1 * libopenssl3-3.0.8-150400.4.54.1 * openssl-3-debugsource-3.0.8-150400.4.54.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * libopenssl3-debuginfo-3.0.8-150400.4.54.1 * openssl-3-3.0.8-150400.4.54.1 * libopenssl-3-devel-3.0.8-150400.4.54.1 * openssl-3-debuginfo-3.0.8-150400.4.54.1 * libopenssl3-3.0.8-150400.4.54.1 * openssl-3-debugsource-3.0.8-150400.4.54.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * libopenssl3-debuginfo-3.0.8-150400.4.54.1 * openssl-3-3.0.8-150400.4.54.1 * libopenssl-3-devel-3.0.8-150400.4.54.1 * openssl-3-debuginfo-3.0.8-150400.4.54.1 * libopenssl3-3.0.8-150400.4.54.1 * openssl-3-debugsource-3.0.8-150400.4.54.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * libopenssl3-debuginfo-3.0.8-150400.4.54.1 * openssl-3-3.0.8-150400.4.54.1 * libopenssl-3-devel-3.0.8-150400.4.54.1 * openssl-3-debuginfo-3.0.8-150400.4.54.1 * libopenssl3-3.0.8-150400.4.54.1 * openssl-3-debugsource-3.0.8-150400.4.54.1 ## References: * https://www.suse.com/security/cve/CVE-2024-2511.html * https://www.suse.com/security/cve/CVE-2024-4603.html * https://bugzilla.suse.com/show_bug.cgi?id=1222548 * https://bugzilla.suse.com/show_bug.cgi?id=1224388

1 0

SUSE-SU-2024:1950-1: moderate: Security update for glib2
by OPENSUSE-SECURITY-UPDATES 07 Jun '24

07 Jun '24

# Security update for glib2 Announcement ID: SUSE-SU-2024:1950-1 Rating: moderate References: * bsc#1224044 Cross-References: * CVE-2024-34397 CVSS scores: * CVE-2024-34397 ( SUSE ): 3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for glib2 fixes the following issues: Update to version 2.78.6: * Fix a regression with IBus caused by the fix for CVE-2024-34397 Changes in version 2.78.5: * Fix CVE-2024-34397: GDBus signal subscriptions for well-known names are vulnerable to unicast spoofing. (bsc#1224044) * Bugs fixed: * gvfs-udisks2-volume-monitor SIGSEGV in g_content_type_guess_for_tree() due to filename with bad encoding * gcontenttype: Make filename valid utf-8 string before processing. * gdbusconnection: Don't deliver signals if the sender doesn't match. Changes in version 2.78.4: * Bugs fixed: * Fix generated RST anchors for methods, signals and properties. * docs/reference: depend on a native gtk-doc. * gobject_gdb.py: Do not break bt on optimized build. * gregex: clean up usage of _GRegex.jit_status. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-1950=1 openSUSE-SLE-15.6-2024-1950=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-1950=1 ## Package List: * openSUSE Leap 15.6 (noarch) * gio-branding-upstream-2.78.6-150600.4.3.1 * gio-branding-SLE-15-150600.35.2.1 * glib2-lang-2.78.6-150600.4.3.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * glib2-devel-debuginfo-2.78.6-150600.4.3.1 * glib2-tools-2.78.6-150600.4.3.1 * libgobject-2_0-0-debuginfo-2.78.6-150600.4.3.1 * libgthread-2_0-0-debuginfo-2.78.6-150600.4.3.1 * libgio-2_0-0-2.78.6-150600.4.3.1 * libgmodule-2_0-0-2.78.6-150600.4.3.1 * libglib-2_0-0-debuginfo-2.78.6-150600.4.3.1 * libgobject-2_0-0-2.78.6-150600.4.3.1 * glib2-tests-devel-debuginfo-2.78.6-150600.4.3.1 * glib2-devel-2.78.6-150600.4.3.1 * libglib-2_0-0-2.78.6-150600.4.3.1 * libgthread-2_0-0-2.78.6-150600.4.3.1 * glib2-tests-devel-2.78.6-150600.4.3.1 * glib2-debugsource-2.78.6-150600.4.3.1 * libgio-2_0-0-debuginfo-2.78.6-150600.4.3.1 * glib2-tools-debuginfo-2.78.6-150600.4.3.1 * libgmodule-2_0-0-debuginfo-2.78.6-150600.4.3.1 * glib2-devel-static-2.78.6-150600.4.3.1 * glib2-doc-2.78.6-150600.4.3.1 * openSUSE Leap 15.6 (x86_64) * glib2-devel-32bit-2.78.6-150600.4.3.1 * libgio-2_0-0-32bit-2.78.6-150600.4.3.1 * libgthread-2_0-0-32bit-2.78.6-150600.4.3.1 * libgobject-2_0-0-32bit-2.78.6-150600.4.3.1 * libgio-2_0-0-32bit-debuginfo-2.78.6-150600.4.3.1 * libgobject-2_0-0-32bit-debuginfo-2.78.6-150600.4.3.1 * glib2-devel-32bit-debuginfo-2.78.6-150600.4.3.1 * glib2-tools-32bit-2.78.6-150600.4.3.1 * glib2-tools-32bit-debuginfo-2.78.6-150600.4.3.1 * libgmodule-2_0-0-32bit-2.78.6-150600.4.3.1 * libglib-2_0-0-32bit-2.78.6-150600.4.3.1 * libgthread-2_0-0-32bit-debuginfo-2.78.6-150600.4.3.1 * libglib-2_0-0-32bit-debuginfo-2.78.6-150600.4.3.1 * libgmodule-2_0-0-32bit-debuginfo-2.78.6-150600.4.3.1 * openSUSE Leap 15.6 (aarch64_ilp32) * glib2-devel-64bit-2.78.6-150600.4.3.1 * libgmodule-2_0-0-64bit-debuginfo-2.78.6-150600.4.3.1 * libglib-2_0-0-64bit-2.78.6-150600.4.3.1 * glib2-devel-64bit-debuginfo-2.78.6-150600.4.3.1 * libgio-2_0-0-64bit-2.78.6-150600.4.3.1 * libgthread-2_0-0-64bit-debuginfo-2.78.6-150600.4.3.1 * libglib-2_0-0-64bit-debuginfo-2.78.6-150600.4.3.1 * libgio-2_0-0-64bit-debuginfo-2.78.6-150600.4.3.1 * libgthread-2_0-0-64bit-2.78.6-150600.4.3.1 * glib2-tools-64bit-debuginfo-2.78.6-150600.4.3.1 * libgobject-2_0-0-64bit-2.78.6-150600.4.3.1 * libgobject-2_0-0-64bit-debuginfo-2.78.6-150600.4.3.1 * glib2-tools-64bit-2.78.6-150600.4.3.1 * libgmodule-2_0-0-64bit-2.78.6-150600.4.3.1 * Basesystem Module 15-SP6 (noarch) * gio-branding-SLE-15-150600.35.2.1 * glib2-lang-2.78.6-150600.4.3.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * glib2-devel-debuginfo-2.78.6-150600.4.3.1 * glib2-tools-2.78.6-150600.4.3.1 * libgobject-2_0-0-debuginfo-2.78.6-150600.4.3.1 * libgthread-2_0-0-debuginfo-2.78.6-150600.4.3.1 * libgio-2_0-0-2.78.6-150600.4.3.1 * libgmodule-2_0-0-2.78.6-150600.4.3.1 * libglib-2_0-0-debuginfo-2.78.6-150600.4.3.1 * libgobject-2_0-0-2.78.6-150600.4.3.1 * libglib-2_0-0-2.78.6-150600.4.3.1 * glib2-devel-2.78.6-150600.4.3.1 * libgthread-2_0-0-2.78.6-150600.4.3.1 * glib2-debugsource-2.78.6-150600.4.3.1 * libgio-2_0-0-debuginfo-2.78.6-150600.4.3.1 * glib2-tools-debuginfo-2.78.6-150600.4.3.1 * libgmodule-2_0-0-debuginfo-2.78.6-150600.4.3.1 * Basesystem Module 15-SP6 (x86_64) * libgio-2_0-0-32bit-2.78.6-150600.4.3.1 * libgobject-2_0-0-32bit-2.78.6-150600.4.3.1 * libgio-2_0-0-32bit-debuginfo-2.78.6-150600.4.3.1 * libgobject-2_0-0-32bit-debuginfo-2.78.6-150600.4.3.1 * libgmodule-2_0-0-32bit-2.78.6-150600.4.3.1 * libglib-2_0-0-32bit-2.78.6-150600.4.3.1 * libglib-2_0-0-32bit-debuginfo-2.78.6-150600.4.3.1 * libgmodule-2_0-0-32bit-debuginfo-2.78.6-150600.4.3.1 ## References: * https://www.suse.com/security/cve/CVE-2024-34397.html * https://bugzilla.suse.com/show_bug.cgi?id=1224044

1 0

SUSE-SU-2024:1949-1: moderate: Security update for openssl-1_1
by OPENSUSE-SECURITY-UPDATES 07 Jun '24

07 Jun '24

# Security update for openssl-1_1 Announcement ID: SUSE-SU-2024:1949-1 Rating: moderate References: * bsc#1222548 Cross-References: * CVE-2024-2511 CVSS scores: * CVE-2024-2511 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.4 * openSUSE Leap Micro 5.3 * openSUSE Leap Micro 5.4 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for openssl-1_1 fixes the following issues: * CVE-2024-2511: Fixed unconstrained session cache growth in TLSv1.3 (bsc#1222548). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-1949=1 * openSUSE Leap Micro 5.3 zypper in -t patch openSUSE-Leap-Micro-5.3-2024-1949=1 * openSUSE Leap Micro 5.4 zypper in -t patch openSUSE-Leap-Micro-5.4-2024-1949=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-1949=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-1949=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-1949=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-1949=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-1949=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-1949=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-1949=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-1949=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-1949=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-1949=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-1949=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-1949=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * openssl-1_1-1.1.1l-150400.7.66.2 * openssl-1_1-debugsource-1.1.1l-150400.7.66.2 * libopenssl-1_1-devel-1.1.1l-150400.7.66.2 * libopenssl1_1-hmac-1.1.1l-150400.7.66.2 * libopenssl1_1-1.1.1l-150400.7.66.2 * openssl-1_1-debuginfo-1.1.1l-150400.7.66.2 * libopenssl1_1-debuginfo-1.1.1l-150400.7.66.2 * openSUSE Leap 15.4 (x86_64) * libopenssl1_1-32bit-1.1.1l-150400.7.66.2 * libopenssl-1_1-devel-32bit-1.1.1l-150400.7.66.2 * libopenssl1_1-hmac-32bit-1.1.1l-150400.7.66.2 * libopenssl1_1-32bit-debuginfo-1.1.1l-150400.7.66.2 * openSUSE Leap 15.4 (noarch) * openssl-1_1-doc-1.1.1l-150400.7.66.2 * openSUSE Leap 15.4 (aarch64_ilp32) * libopenssl-1_1-devel-64bit-1.1.1l-150400.7.66.2 * libopenssl1_1-64bit-debuginfo-1.1.1l-150400.7.66.2 * libopenssl1_1-64bit-1.1.1l-150400.7.66.2 * libopenssl1_1-hmac-64bit-1.1.1l-150400.7.66.2 * openSUSE Leap Micro 5.3 (aarch64 x86_64) * openssl-1_1-1.1.1l-150400.7.66.2 * openssl-1_1-debugsource-1.1.1l-150400.7.66.2 * libopenssl-1_1-devel-1.1.1l-150400.7.66.2 * libopenssl1_1-hmac-1.1.1l-150400.7.66.2 * libopenssl1_1-1.1.1l-150400.7.66.2 * openssl-1_1-debuginfo-1.1.1l-150400.7.66.2 * libopenssl1_1-debuginfo-1.1.1l-150400.7.66.2 * openSUSE Leap Micro 5.4 (aarch64 s390x x86_64) * openssl-1_1-1.1.1l-150400.7.66.2 * openssl-1_1-debugsource-1.1.1l-150400.7.66.2 * libopenssl-1_1-devel-1.1.1l-150400.7.66.2 * libopenssl1_1-hmac-1.1.1l-150400.7.66.2 * libopenssl1_1-1.1.1l-150400.7.66.2 * openssl-1_1-debuginfo-1.1.1l-150400.7.66.2 * libopenssl1_1-debuginfo-1.1.1l-150400.7.66.2 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * openssl-1_1-1.1.1l-150400.7.66.2 * openssl-1_1-debugsource-1.1.1l-150400.7.66.2 * libopenssl-1_1-devel-1.1.1l-150400.7.66.2 * libopenssl1_1-hmac-1.1.1l-150400.7.66.2 * libopenssl1_1-1.1.1l-150400.7.66.2 * openssl-1_1-debuginfo-1.1.1l-150400.7.66.2 * libopenssl1_1-debuginfo-1.1.1l-150400.7.66.2 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * openssl-1_1-1.1.1l-150400.7.66.2 * openssl-1_1-debugsource-1.1.1l-150400.7.66.2 * libopenssl-1_1-devel-1.1.1l-150400.7.66.2 * libopenssl1_1-hmac-1.1.1l-150400.7.66.2 * libopenssl1_1-1.1.1l-150400.7.66.2 * openssl-1_1-debuginfo-1.1.1l-150400.7.66.2 * libopenssl1_1-debuginfo-1.1.1l-150400.7.66.2 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * openssl-1_1-1.1.1l-150400.7.66.2 * openssl-1_1-debugsource-1.1.1l-150400.7.66.2 * libopenssl-1_1-devel-1.1.1l-150400.7.66.2 * libopenssl1_1-hmac-1.1.1l-150400.7.66.2 * libopenssl1_1-1.1.1l-150400.7.66.2 * openssl-1_1-debuginfo-1.1.1l-150400.7.66.2 * libopenssl1_1-debuginfo-1.1.1l-150400.7.66.2 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * openssl-1_1-1.1.1l-150400.7.66.2 * openssl-1_1-debugsource-1.1.1l-150400.7.66.2 * libopenssl-1_1-devel-1.1.1l-150400.7.66.2 * libopenssl1_1-hmac-1.1.1l-150400.7.66.2 * libopenssl1_1-1.1.1l-150400.7.66.2 * openssl-1_1-debuginfo-1.1.1l-150400.7.66.2 * libopenssl1_1-debuginfo-1.1.1l-150400.7.66.2 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * openssl-1_1-1.1.1l-150400.7.66.2 * openssl-1_1-debugsource-1.1.1l-150400.7.66.2 * libopenssl-1_1-devel-1.1.1l-150400.7.66.2 * libopenssl1_1-hmac-1.1.1l-150400.7.66.2 * libopenssl1_1-1.1.1l-150400.7.66.2 * openssl-1_1-debuginfo-1.1.1l-150400.7.66.2 * libopenssl1_1-debuginfo-1.1.1l-150400.7.66.2 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64) * libopenssl1_1-32bit-1.1.1l-150400.7.66.2 * libopenssl-1_1-devel-32bit-1.1.1l-150400.7.66.2 * libopenssl1_1-hmac-32bit-1.1.1l-150400.7.66.2 * libopenssl1_1-32bit-debuginfo-1.1.1l-150400.7.66.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * openssl-1_1-1.1.1l-150400.7.66.2 * openssl-1_1-debugsource-1.1.1l-150400.7.66.2 * libopenssl-1_1-devel-1.1.1l-150400.7.66.2 * libopenssl1_1-hmac-1.1.1l-150400.7.66.2 * libopenssl1_1-1.1.1l-150400.7.66.2 * openssl-1_1-debuginfo-1.1.1l-150400.7.66.2 * libopenssl1_1-debuginfo-1.1.1l-150400.7.66.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64) * libopenssl1_1-32bit-1.1.1l-150400.7.66.2 * libopenssl-1_1-devel-32bit-1.1.1l-150400.7.66.2 * libopenssl1_1-hmac-32bit-1.1.1l-150400.7.66.2 * libopenssl1_1-32bit-debuginfo-1.1.1l-150400.7.66.2 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * openssl-1_1-1.1.1l-150400.7.66.2 * libopenssl1_1-hmac-32bit-1.1.1l-150400.7.66.2 * libopenssl1_1-32bit-1.1.1l-150400.7.66.2 * libopenssl-1_1-devel-32bit-1.1.1l-150400.7.66.2 * libopenssl-1_1-devel-1.1.1l-150400.7.66.2 * libopenssl1_1-hmac-1.1.1l-150400.7.66.2 * openssl-1_1-debugsource-1.1.1l-150400.7.66.2 * libopenssl1_1-1.1.1l-150400.7.66.2 * openssl-1_1-debuginfo-1.1.1l-150400.7.66.2 * libopenssl1_1-debuginfo-1.1.1l-150400.7.66.2 * libopenssl1_1-32bit-debuginfo-1.1.1l-150400.7.66.2 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * openssl-1_1-1.1.1l-150400.7.66.2 * openssl-1_1-debugsource-1.1.1l-150400.7.66.2 * libopenssl-1_1-devel-1.1.1l-150400.7.66.2 * libopenssl1_1-hmac-1.1.1l-150400.7.66.2 * libopenssl1_1-1.1.1l-150400.7.66.2 * openssl-1_1-debuginfo-1.1.1l-150400.7.66.2 * libopenssl1_1-debuginfo-1.1.1l-150400.7.66.2 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (x86_64) * libopenssl1_1-32bit-1.1.1l-150400.7.66.2 * libopenssl-1_1-devel-32bit-1.1.1l-150400.7.66.2 * libopenssl1_1-hmac-32bit-1.1.1l-150400.7.66.2 * libopenssl1_1-32bit-debuginfo-1.1.1l-150400.7.66.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * openssl-1_1-1.1.1l-150400.7.66.2 * openssl-1_1-debugsource-1.1.1l-150400.7.66.2 * libopenssl-1_1-devel-1.1.1l-150400.7.66.2 * libopenssl1_1-hmac-1.1.1l-150400.7.66.2 * libopenssl1_1-1.1.1l-150400.7.66.2 * openssl-1_1-debuginfo-1.1.1l-150400.7.66.2 * libopenssl1_1-debuginfo-1.1.1l-150400.7.66.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64) * libopenssl1_1-32bit-1.1.1l-150400.7.66.2 * libopenssl-1_1-devel-32bit-1.1.1l-150400.7.66.2 * libopenssl1_1-hmac-32bit-1.1.1l-150400.7.66.2 * libopenssl1_1-32bit-debuginfo-1.1.1l-150400.7.66.2 * SUSE Manager Proxy 4.3 (x86_64) * openssl-1_1-1.1.1l-150400.7.66.2 * libopenssl1_1-hmac-32bit-1.1.1l-150400.7.66.2 * libopenssl1_1-32bit-1.1.1l-150400.7.66.2 * libopenssl-1_1-devel-32bit-1.1.1l-150400.7.66.2 * libopenssl-1_1-devel-1.1.1l-150400.7.66.2 * libopenssl1_1-hmac-1.1.1l-150400.7.66.2 * openssl-1_1-debugsource-1.1.1l-150400.7.66.2 * libopenssl1_1-1.1.1l-150400.7.66.2 * openssl-1_1-debuginfo-1.1.1l-150400.7.66.2 * libopenssl1_1-debuginfo-1.1.1l-150400.7.66.2 * libopenssl1_1-32bit-debuginfo-1.1.1l-150400.7.66.2 * SUSE Manager Retail Branch Server 4.3 (x86_64) * openssl-1_1-1.1.1l-150400.7.66.2 * libopenssl1_1-hmac-32bit-1.1.1l-150400.7.66.2 * libopenssl1_1-32bit-1.1.1l-150400.7.66.2 * libopenssl-1_1-devel-32bit-1.1.1l-150400.7.66.2 * libopenssl-1_1-devel-1.1.1l-150400.7.66.2 * libopenssl1_1-hmac-1.1.1l-150400.7.66.2 * openssl-1_1-debugsource-1.1.1l-150400.7.66.2 * libopenssl1_1-1.1.1l-150400.7.66.2 * openssl-1_1-debuginfo-1.1.1l-150400.7.66.2 * libopenssl1_1-debuginfo-1.1.1l-150400.7.66.2 * libopenssl1_1-32bit-debuginfo-1.1.1l-150400.7.66.2 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * openssl-1_1-1.1.1l-150400.7.66.2 * openssl-1_1-debugsource-1.1.1l-150400.7.66.2 * libopenssl-1_1-devel-1.1.1l-150400.7.66.2 * libopenssl1_1-hmac-1.1.1l-150400.7.66.2 * libopenssl1_1-1.1.1l-150400.7.66.2 * openssl-1_1-debuginfo-1.1.1l-150400.7.66.2 * libopenssl1_1-debuginfo-1.1.1l-150400.7.66.2 * SUSE Manager Server 4.3 (x86_64) * libopenssl1_1-32bit-1.1.1l-150400.7.66.2 * libopenssl-1_1-devel-32bit-1.1.1l-150400.7.66.2 * libopenssl1_1-hmac-32bit-1.1.1l-150400.7.66.2 * libopenssl1_1-32bit-debuginfo-1.1.1l-150400.7.66.2 ## References: * https://www.suse.com/security/cve/CVE-2024-2511.html * https://bugzilla.suse.com/show_bug.cgi?id=1222548

1 0

SUSE-SU-2024:1937-1: moderate: Security update for python-docker
by OPENSUSE-SECURITY-UPDATES 07 Jun '24

07 Jun '24

# Security update for python-docker Announcement ID: SUSE-SU-2024:1937-1 Rating: moderate References: * bsc#1224788 Cross-References: * CVE-2024-35195 CVSS scores: * CVE-2024-35195 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N Affected Products: * openSUSE Leap 15.4 * Public Cloud Module 15-SP4 * Public Cloud Module 15-SP5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for python-docker fixes the following issues: * CVE-2024-35195: Fixed missing certificate verification (bsc#1224788). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Public Cloud Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP5-2024-1937=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-1937=1 * Public Cloud Module 15-SP4 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2024-1937=1 ## Package List: * Public Cloud Module 15-SP5 (noarch) * python311-docker-7.0.0-150400.8.7.1 * openSUSE Leap 15.4 (noarch) * python311-docker-7.0.0-150400.8.7.1 * Public Cloud Module 15-SP4 (noarch) * python311-docker-7.0.0-150400.8.7.1 ## References: * https://www.suse.com/security/cve/CVE-2024-35195.html * https://bugzilla.suse.com/show_bug.cgi?id=1224788

1 0

SUSE-SU-2024:1925-1: important: Security update for python-PyMySQL
by OPENSUSE-SECURITY-UPDATES 05 Jun '24

05 Jun '24

# Security update for python-PyMySQL Announcement ID: SUSE-SU-2024:1925-1 Rating: important References: * bsc#1225070 Cross-References: * CVE-2024-36039 CVSS scores: * CVE-2024-36039 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.6 An update that solves one vulnerability can now be installed. ## Description: This update for python-PyMySQL fixes the following issues: * CVE-2024-36039: Fixed SQL injection when used with untrusted JSON input (bsc#1225070). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-1925=1 SUSE-2024-1925=1 ## Package List: * openSUSE Leap 15.6 (noarch) * python311-PyMySQL-1.1.0-150600.3.3.1 ## References: * https://www.suse.com/security/cve/CVE-2024-36039.html * https://bugzilla.suse.com/show_bug.cgi?id=1225070

1 0