July 2024 - openSUSE Security Announce

SUSE-SU-2024:2655-1: moderate: Security update for python-dnspython
by OPENSUSE-SECURITY-UPDATES 30 Jul '24

30 Jul '24

# Security update for python-dnspython Announcement ID: SUSE-SU-2024:2655-1 Rating: moderate References: * bsc#1222693 Cross-References: * CVE-2023-29483 CVSS scores: * CVE-2023-29483 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP5 * Basesystem Module 15-SP6 * openSUSE Leap 15.5 * openSUSE Leap Micro 5.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Package Hub 15 15-SP5 * SUSE Package Hub 15 15-SP6 An update that solves one vulnerability can now be installed. ## Description: This update for python-dnspython fixes the following issues: * CVE-2023-29483: Fixed an issue that allowed remote attackers to interfere with DNS name resolution (bsc#1222693). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap Micro 5.5 zypper in -t patch openSUSE-Leap-Micro-5.5-2024-2655=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-2655=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-2655=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-2655=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-2655=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-2655=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-2655=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-2655=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-2655=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-2655=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-2655=1 ## Package List: * openSUSE Leap Micro 5.5 (noarch) * python3-dnspython-1.15.0-150000.3.5.1 * openSUSE Leap 15.5 (noarch) * python3-dnspython-1.15.0-150000.3.5.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (noarch) * python3-dnspython-1.15.0-150000.3.5.1 * SUSE Linux Enterprise Micro 5.3 (noarch) * python3-dnspython-1.15.0-150000.3.5.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (noarch) * python3-dnspython-1.15.0-150000.3.5.1 * SUSE Linux Enterprise Micro 5.4 (noarch) * python3-dnspython-1.15.0-150000.3.5.1 * SUSE Linux Enterprise Micro 5.5 (noarch) * python3-dnspython-1.15.0-150000.3.5.1 * Basesystem Module 15-SP5 (noarch) * python3-dnspython-1.15.0-150000.3.5.1 * Basesystem Module 15-SP6 (noarch) * python3-dnspython-1.15.0-150000.3.5.1 * SUSE Package Hub 15 15-SP5 (noarch) * python2-dnspython-1.15.0-150000.3.5.1 * SUSE Package Hub 15 15-SP6 (noarch) * python2-dnspython-1.15.0-150000.3.5.1 ## References: * https://www.suse.com/security/cve/CVE-2023-29483.html * https://bugzilla.suse.com/show_bug.cgi?id=1222693

1 0

SUSE-SU-2024:2658-1: important: Security update for shadow
by OPENSUSE-SECURITY-UPDATES 30 Jul '24

30 Jul '24

# Security update for shadow Announcement ID: SUSE-SU-2024:2658-1 Rating: important References: * bsc#916845 Cross-References: * CVE-2013-4235 CVSS scores: * CVE-2013-4235 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H * CVE-2013-4235 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for shadow fixes the following issues: * CVE-2013-4235: Fixed a race condition when copying and removing directory trees (bsc#916845). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-2658=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-2658=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-2658=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-2658=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-2658=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-2658=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-2658=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-2658=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-2658=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-2658=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-2658=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-2658=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-2658=1 ## Package List: * Basesystem Module 15-SP5 (noarch) * login_defs-4.8.1-150400.10.18.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * shadow-debugsource-4.8.1-150400.10.18.1 * shadow-debuginfo-4.8.1-150400.10.18.1 * shadow-4.8.1-150400.10.18.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * login_defs-4.8.1-150400.10.18.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * shadow-debugsource-4.8.1-150400.10.18.1 * shadow-debuginfo-4.8.1-150400.10.18.1 * shadow-4.8.1-150400.10.18.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * login_defs-4.8.1-150400.10.18.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * shadow-debugsource-4.8.1-150400.10.18.1 * shadow-debuginfo-4.8.1-150400.10.18.1 * shadow-4.8.1-150400.10.18.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (noarch) * login_defs-4.8.1-150400.10.18.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * shadow-debugsource-4.8.1-150400.10.18.1 * shadow-debuginfo-4.8.1-150400.10.18.1 * shadow-4.8.1-150400.10.18.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch) * login_defs-4.8.1-150400.10.18.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * shadow-debugsource-4.8.1-150400.10.18.1 * shadow-debuginfo-4.8.1-150400.10.18.1 * shadow-4.8.1-150400.10.18.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * login_defs-4.8.1-150400.10.18.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * shadow-debugsource-4.8.1-150400.10.18.1 * shadow-debuginfo-4.8.1-150400.10.18.1 * shadow-4.8.1-150400.10.18.1 * SUSE Manager Proxy 4.3 (noarch) * login_defs-4.8.1-150400.10.18.1 * SUSE Manager Proxy 4.3 (x86_64) * shadow-debugsource-4.8.1-150400.10.18.1 * shadow-debuginfo-4.8.1-150400.10.18.1 * shadow-4.8.1-150400.10.18.1 * SUSE Manager Retail Branch Server 4.3 (noarch) * login_defs-4.8.1-150400.10.18.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * shadow-debugsource-4.8.1-150400.10.18.1 * shadow-debuginfo-4.8.1-150400.10.18.1 * shadow-4.8.1-150400.10.18.1 * SUSE Manager Server 4.3 (noarch) * login_defs-4.8.1-150400.10.18.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * shadow-debugsource-4.8.1-150400.10.18.1 * shadow-debuginfo-4.8.1-150400.10.18.1 * shadow-4.8.1-150400.10.18.1 * openSUSE Leap 15.4 (noarch) * login_defs-4.8.1-150400.10.18.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * shadow-debugsource-4.8.1-150400.10.18.1 * shadow-debuginfo-4.8.1-150400.10.18.1 * shadow-4.8.1-150400.10.18.1 * openSUSE Leap 15.5 (noarch) * login_defs-4.8.1-150400.10.18.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * shadow-debugsource-4.8.1-150400.10.18.1 * shadow-debuginfo-4.8.1-150400.10.18.1 * shadow-4.8.1-150400.10.18.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (noarch) * login_defs-4.8.1-150400.10.18.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * shadow-debugsource-4.8.1-150400.10.18.1 * shadow-debuginfo-4.8.1-150400.10.18.1 * shadow-4.8.1-150400.10.18.1 * SUSE Linux Enterprise Micro 5.3 (noarch) * login_defs-4.8.1-150400.10.18.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * shadow-debugsource-4.8.1-150400.10.18.1 * shadow-debuginfo-4.8.1-150400.10.18.1 * shadow-4.8.1-150400.10.18.1 ## References: * https://www.suse.com/security/cve/CVE-2013-4235.html * https://bugzilla.suse.com/show_bug.cgi?id=916845

1 0

SUSE-SU-2024:2663-1: important: Security update for orc
by OPENSUSE-SECURITY-UPDATES 30 Jul '24

30 Jul '24

# Security update for orc Announcement ID: SUSE-SU-2024:2663-1 Rating: important References: * bsc#1228184 Cross-References: * CVE-2024-40897 CVSS scores: * CVE-2024-40897 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP5 * Basesystem Module 15-SP6 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * openSUSE Leap Micro 5.5 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 * SUSE Package Hub 15 15-SP5 * SUSE Package Hub 15 15-SP6 An update that solves one vulnerability can now be installed. ## Description: This update for orc fixes the following issues: * CVE-2024-40897: Fixed stack-based buffer overflow in the orc compiler when formatting error messages for certain input files (bsc#1228184) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap Micro 5.5 zypper in -t patch openSUSE-Leap-Micro-5.5-2024-2663=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-2663=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-2663=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-2663=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-2663=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-2663=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-2663=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-2663=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-2663=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-2663=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-2663=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-2663=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-2663=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-2663=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-2663=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-2663=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-2663=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-2663=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-2663=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-2663=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-2663=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-2663=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-2663=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-2663=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-2663=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-2663=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-2663=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-2663=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-2663=1 ## Package List: * openSUSE Leap Micro 5.5 (aarch64 s390x x86_64) * orc-debuginfo-0.4.28-150000.3.6.1 * liborc-0_4-0-0.4.28-150000.3.6.1 * liborc-0_4-0-debuginfo-0.4.28-150000.3.6.1 * orc-debugsource-0.4.28-150000.3.6.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * orc-debuginfo-0.4.28-150000.3.6.1 * liborc-0_4-0-0.4.28-150000.3.6.1 * orc-doc-0.4.28-150000.3.6.1 * orc-0.4.28-150000.3.6.1 * liborc-0_4-0-debuginfo-0.4.28-150000.3.6.1 * orc-debugsource-0.4.28-150000.3.6.1 * openSUSE Leap 15.5 (x86_64) * liborc-0_4-0-32bit-0.4.28-150000.3.6.1 * liborc-0_4-0-32bit-debuginfo-0.4.28-150000.3.6.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * orc-debuginfo-0.4.28-150000.3.6.1 * liborc-0_4-0-0.4.28-150000.3.6.1 * orc-doc-0.4.28-150000.3.6.1 * orc-0.4.28-150000.3.6.1 * liborc-0_4-0-debuginfo-0.4.28-150000.3.6.1 * orc-debugsource-0.4.28-150000.3.6.1 * openSUSE Leap 15.6 (x86_64) * liborc-0_4-0-32bit-0.4.28-150000.3.6.1 * liborc-0_4-0-32bit-debuginfo-0.4.28-150000.3.6.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * orc-debuginfo-0.4.28-150000.3.6.1 * liborc-0_4-0-0.4.28-150000.3.6.1 * liborc-0_4-0-debuginfo-0.4.28-150000.3.6.1 * orc-debugsource-0.4.28-150000.3.6.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * orc-debuginfo-0.4.28-150000.3.6.1 * liborc-0_4-0-0.4.28-150000.3.6.1 * liborc-0_4-0-debuginfo-0.4.28-150000.3.6.1 * orc-debugsource-0.4.28-150000.3.6.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * orc-debuginfo-0.4.28-150000.3.6.1 * liborc-0_4-0-0.4.28-150000.3.6.1 * liborc-0_4-0-debuginfo-0.4.28-150000.3.6.1 * orc-debugsource-0.4.28-150000.3.6.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * orc-debuginfo-0.4.28-150000.3.6.1 * liborc-0_4-0-0.4.28-150000.3.6.1 * liborc-0_4-0-debuginfo-0.4.28-150000.3.6.1 * orc-debugsource-0.4.28-150000.3.6.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * orc-debuginfo-0.4.28-150000.3.6.1 * liborc-0_4-0-0.4.28-150000.3.6.1 * liborc-0_4-0-debuginfo-0.4.28-150000.3.6.1 * orc-debugsource-0.4.28-150000.3.6.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * orc-debuginfo-0.4.28-150000.3.6.1 * liborc-0_4-0-0.4.28-150000.3.6.1 * orc-0.4.28-150000.3.6.1 * liborc-0_4-0-debuginfo-0.4.28-150000.3.6.1 * orc-debugsource-0.4.28-150000.3.6.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * orc-debuginfo-0.4.28-150000.3.6.1 * liborc-0_4-0-0.4.28-150000.3.6.1 * orc-0.4.28-150000.3.6.1 * liborc-0_4-0-debuginfo-0.4.28-150000.3.6.1 * orc-debugsource-0.4.28-150000.3.6.1 * SUSE Package Hub 15 15-SP5 (x86_64) * liborc-0_4-0-32bit-0.4.28-150000.3.6.1 * liborc-0_4-0-32bit-debuginfo-0.4.28-150000.3.6.1 * SUSE Package Hub 15 15-SP6 (x86_64) * liborc-0_4-0-32bit-0.4.28-150000.3.6.1 * liborc-0_4-0-32bit-debuginfo-0.4.28-150000.3.6.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * orc-debuginfo-0.4.28-150000.3.6.1 * liborc-0_4-0-0.4.28-150000.3.6.1 * orc-0.4.28-150000.3.6.1 * liborc-0_4-0-debuginfo-0.4.28-150000.3.6.1 * orc-debugsource-0.4.28-150000.3.6.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * orc-debuginfo-0.4.28-150000.3.6.1 * liborc-0_4-0-0.4.28-150000.3.6.1 * orc-0.4.28-150000.3.6.1 * liborc-0_4-0-debuginfo-0.4.28-150000.3.6.1 * orc-debugsource-0.4.28-150000.3.6.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * orc-debuginfo-0.4.28-150000.3.6.1 * liborc-0_4-0-0.4.28-150000.3.6.1 * orc-0.4.28-150000.3.6.1 * liborc-0_4-0-debuginfo-0.4.28-150000.3.6.1 * orc-debugsource-0.4.28-150000.3.6.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * orc-debuginfo-0.4.28-150000.3.6.1 * liborc-0_4-0-0.4.28-150000.3.6.1 * orc-0.4.28-150000.3.6.1 * liborc-0_4-0-debuginfo-0.4.28-150000.3.6.1 * orc-debugsource-0.4.28-150000.3.6.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * orc-debuginfo-0.4.28-150000.3.6.1 * liborc-0_4-0-0.4.28-150000.3.6.1 * orc-0.4.28-150000.3.6.1 * liborc-0_4-0-debuginfo-0.4.28-150000.3.6.1 * orc-debugsource-0.4.28-150000.3.6.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * orc-debuginfo-0.4.28-150000.3.6.1 * liborc-0_4-0-0.4.28-150000.3.6.1 * orc-0.4.28-150000.3.6.1 * liborc-0_4-0-debuginfo-0.4.28-150000.3.6.1 * orc-debugsource-0.4.28-150000.3.6.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * orc-debuginfo-0.4.28-150000.3.6.1 * liborc-0_4-0-0.4.28-150000.3.6.1 * orc-0.4.28-150000.3.6.1 * liborc-0_4-0-debuginfo-0.4.28-150000.3.6.1 * orc-debugsource-0.4.28-150000.3.6.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * orc-debuginfo-0.4.28-150000.3.6.1 * liborc-0_4-0-0.4.28-150000.3.6.1 * orc-0.4.28-150000.3.6.1 * liborc-0_4-0-debuginfo-0.4.28-150000.3.6.1 * orc-debugsource-0.4.28-150000.3.6.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * orc-debuginfo-0.4.28-150000.3.6.1 * liborc-0_4-0-0.4.28-150000.3.6.1 * orc-0.4.28-150000.3.6.1 * liborc-0_4-0-debuginfo-0.4.28-150000.3.6.1 * orc-debugsource-0.4.28-150000.3.6.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * orc-debuginfo-0.4.28-150000.3.6.1 * liborc-0_4-0-0.4.28-150000.3.6.1 * orc-0.4.28-150000.3.6.1 * liborc-0_4-0-debuginfo-0.4.28-150000.3.6.1 * orc-debugsource-0.4.28-150000.3.6.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * orc-debuginfo-0.4.28-150000.3.6.1 * liborc-0_4-0-0.4.28-150000.3.6.1 * orc-0.4.28-150000.3.6.1 * liborc-0_4-0-debuginfo-0.4.28-150000.3.6.1 * orc-debugsource-0.4.28-150000.3.6.1 * SUSE Manager Proxy 4.3 (x86_64) * orc-debuginfo-0.4.28-150000.3.6.1 * liborc-0_4-0-0.4.28-150000.3.6.1 * orc-0.4.28-150000.3.6.1 * liborc-0_4-0-debuginfo-0.4.28-150000.3.6.1 * orc-debugsource-0.4.28-150000.3.6.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * orc-debuginfo-0.4.28-150000.3.6.1 * liborc-0_4-0-0.4.28-150000.3.6.1 * orc-0.4.28-150000.3.6.1 * liborc-0_4-0-debuginfo-0.4.28-150000.3.6.1 * orc-debugsource-0.4.28-150000.3.6.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * orc-debuginfo-0.4.28-150000.3.6.1 * liborc-0_4-0-0.4.28-150000.3.6.1 * orc-0.4.28-150000.3.6.1 * liborc-0_4-0-debuginfo-0.4.28-150000.3.6.1 * orc-debugsource-0.4.28-150000.3.6.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * orc-debuginfo-0.4.28-150000.3.6.1 * liborc-0_4-0-0.4.28-150000.3.6.1 * orc-0.4.28-150000.3.6.1 * liborc-0_4-0-debuginfo-0.4.28-150000.3.6.1 * orc-debugsource-0.4.28-150000.3.6.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * orc-debuginfo-0.4.28-150000.3.6.1 * liborc-0_4-0-0.4.28-150000.3.6.1 * liborc-0_4-0-debuginfo-0.4.28-150000.3.6.1 * orc-debugsource-0.4.28-150000.3.6.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * orc-debuginfo-0.4.28-150000.3.6.1 * liborc-0_4-0-0.4.28-150000.3.6.1 * liborc-0_4-0-debuginfo-0.4.28-150000.3.6.1 * orc-debugsource-0.4.28-150000.3.6.1 ## References: * https://www.suse.com/security/cve/CVE-2024-40897.html * https://bugzilla.suse.com/show_bug.cgi?id=1228184

1 0

SUSE-SU-2024:2619-1: important: Security update for libgit2
by OPENSUSE-SECURITY-UPDATES 30 Jul '24

30 Jul '24

# Security update for libgit2 Announcement ID: SUSE-SU-2024:2619-1 Rating: important References: * bsc#1219660 Cross-References: * CVE-2024-24577 CVSS scores: * CVE-2024-24577 ( SUSE ): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L * CVE-2024-24577 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * Development Tools Module 15-SP5 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for libgit2 fixes the following issues: * CVE-2024-24577: Fixed arbitrary code execution due to heap corruption in git_index_add (bsc#1219660) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-2619=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-2619=1 * Development Tools Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2024-2619=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-2619=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-2619=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-2619=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-2619=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-2619=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * libgit2-devel-1.3.0-150400.3.9.1 * libgit2-1_3-1.3.0-150400.3.9.1 * libgit2-1_3-debuginfo-1.3.0-150400.3.9.1 * libgit2-debugsource-1.3.0-150400.3.9.1 * openSUSE Leap 15.4 (x86_64) * libgit2-1_3-32bit-debuginfo-1.3.0-150400.3.9.1 * libgit2-1_3-32bit-1.3.0-150400.3.9.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libgit2-1_3-64bit-debuginfo-1.3.0-150400.3.9.1 * libgit2-1_3-64bit-1.3.0-150400.3.9.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * libgit2-devel-1.3.0-150400.3.9.1 * libgit2-1_3-1.3.0-150400.3.9.1 * libgit2-1_3-debuginfo-1.3.0-150400.3.9.1 * libgit2-debugsource-1.3.0-150400.3.9.1 * openSUSE Leap 15.5 (x86_64) * libgit2-1_3-32bit-debuginfo-1.3.0-150400.3.9.1 * libgit2-1_3-32bit-1.3.0-150400.3.9.1 * Development Tools Module 15-SP5 (aarch64 ppc64le s390x x86_64) * libgit2-devel-1.3.0-150400.3.9.1 * libgit2-1_3-1.3.0-150400.3.9.1 * libgit2-1_3-debuginfo-1.3.0-150400.3.9.1 * libgit2-debugsource-1.3.0-150400.3.9.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * libgit2-devel-1.3.0-150400.3.9.1 * libgit2-1_3-1.3.0-150400.3.9.1 * libgit2-1_3-debuginfo-1.3.0-150400.3.9.1 * libgit2-debugsource-1.3.0-150400.3.9.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * libgit2-devel-1.3.0-150400.3.9.1 * libgit2-1_3-1.3.0-150400.3.9.1 * libgit2-1_3-debuginfo-1.3.0-150400.3.9.1 * libgit2-debugsource-1.3.0-150400.3.9.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * libgit2-devel-1.3.0-150400.3.9.1 * libgit2-1_3-1.3.0-150400.3.9.1 * libgit2-1_3-debuginfo-1.3.0-150400.3.9.1 * libgit2-debugsource-1.3.0-150400.3.9.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * libgit2-devel-1.3.0-150400.3.9.1 * libgit2-1_3-1.3.0-150400.3.9.1 * libgit2-1_3-debuginfo-1.3.0-150400.3.9.1 * libgit2-debugsource-1.3.0-150400.3.9.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * libgit2-devel-1.3.0-150400.3.9.1 * libgit2-1_3-1.3.0-150400.3.9.1 * libgit2-1_3-debuginfo-1.3.0-150400.3.9.1 * libgit2-debugsource-1.3.0-150400.3.9.1 ## References: * https://www.suse.com/security/cve/CVE-2024-24577.html * https://bugzilla.suse.com/show_bug.cgi?id=1219660

1 0

SUSE-SU-2024:2625-1: important: Security update for p7zip
by OPENSUSE-SECURITY-UPDATES 30 Jul '24

30 Jul '24

# Security update for p7zip Announcement ID: SUSE-SU-2024:2625-1 Rating: important References: * bsc#1227358 * bsc#1227359 Cross-References: * CVE-2023-52168 * CVE-2023-52169 CVSS scores: * CVE-2023-52168 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H * CVE-2023-52169 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H Affected Products: * Basesystem Module 15-SP5 * Basesystem Module 15-SP6 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves two vulnerabilities can now be installed. ## Description: This update for p7zip fixes the following issues: * CVE-2023-52168: Fixed heap-based buffer overflow in the NTFS handler allows two bytes to be overwritten at multiple offsets (bsc#1227358) * CVE-2023-52169: Fixed out-of-bounds read in NTFS handler (bsc#1227359) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-2625=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-2625=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-2625=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-2625=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-2625=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-2625=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-2625=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-2625=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-2625=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-2625=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-2625=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-2625=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-2625=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-2625=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-2625=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-2625=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-2625=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-2625=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-2625=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * p7zip-full-16.02-150200.14.12.1 * p7zip-debugsource-16.02-150200.14.12.1 * p7zip-16.02-150200.14.12.1 * p7zip-full-debuginfo-16.02-150200.14.12.1 * openSUSE Leap 15.5 (noarch) * p7zip-doc-16.02-150200.14.12.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * p7zip-full-16.02-150200.14.12.1 * p7zip-debugsource-16.02-150200.14.12.1 * p7zip-16.02-150200.14.12.1 * p7zip-full-debuginfo-16.02-150200.14.12.1 * openSUSE Leap 15.6 (noarch) * p7zip-doc-16.02-150200.14.12.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * p7zip-full-16.02-150200.14.12.1 * p7zip-debugsource-16.02-150200.14.12.1 * p7zip-16.02-150200.14.12.1 * p7zip-full-debuginfo-16.02-150200.14.12.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * p7zip-full-16.02-150200.14.12.1 * p7zip-debugsource-16.02-150200.14.12.1 * p7zip-16.02-150200.14.12.1 * p7zip-full-debuginfo-16.02-150200.14.12.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * p7zip-full-16.02-150200.14.12.1 * p7zip-debugsource-16.02-150200.14.12.1 * p7zip-16.02-150200.14.12.1 * p7zip-full-debuginfo-16.02-150200.14.12.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * p7zip-full-16.02-150200.14.12.1 * p7zip-debugsource-16.02-150200.14.12.1 * p7zip-16.02-150200.14.12.1 * p7zip-full-debuginfo-16.02-150200.14.12.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * p7zip-full-16.02-150200.14.12.1 * p7zip-debugsource-16.02-150200.14.12.1 * p7zip-16.02-150200.14.12.1 * p7zip-full-debuginfo-16.02-150200.14.12.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * p7zip-full-16.02-150200.14.12.1 * p7zip-debugsource-16.02-150200.14.12.1 * p7zip-16.02-150200.14.12.1 * p7zip-full-debuginfo-16.02-150200.14.12.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * p7zip-full-16.02-150200.14.12.1 * p7zip-debugsource-16.02-150200.14.12.1 * p7zip-16.02-150200.14.12.1 * p7zip-full-debuginfo-16.02-150200.14.12.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * p7zip-full-16.02-150200.14.12.1 * p7zip-debugsource-16.02-150200.14.12.1 * p7zip-16.02-150200.14.12.1 * p7zip-full-debuginfo-16.02-150200.14.12.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * p7zip-full-16.02-150200.14.12.1 * p7zip-debugsource-16.02-150200.14.12.1 * p7zip-16.02-150200.14.12.1 * p7zip-full-debuginfo-16.02-150200.14.12.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * p7zip-full-16.02-150200.14.12.1 * p7zip-debugsource-16.02-150200.14.12.1 * p7zip-16.02-150200.14.12.1 * p7zip-full-debuginfo-16.02-150200.14.12.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * p7zip-full-16.02-150200.14.12.1 * p7zip-debugsource-16.02-150200.14.12.1 * p7zip-16.02-150200.14.12.1 * p7zip-full-debuginfo-16.02-150200.14.12.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * p7zip-full-16.02-150200.14.12.1 * p7zip-debugsource-16.02-150200.14.12.1 * p7zip-16.02-150200.14.12.1 * p7zip-full-debuginfo-16.02-150200.14.12.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * p7zip-full-16.02-150200.14.12.1 * p7zip-debugsource-16.02-150200.14.12.1 * p7zip-16.02-150200.14.12.1 * p7zip-full-debuginfo-16.02-150200.14.12.1 * SUSE Manager Proxy 4.3 (x86_64) * p7zip-full-16.02-150200.14.12.1 * p7zip-debugsource-16.02-150200.14.12.1 * p7zip-16.02-150200.14.12.1 * p7zip-full-debuginfo-16.02-150200.14.12.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * p7zip-full-16.02-150200.14.12.1 * p7zip-debugsource-16.02-150200.14.12.1 * p7zip-16.02-150200.14.12.1 * p7zip-full-debuginfo-16.02-150200.14.12.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * p7zip-full-16.02-150200.14.12.1 * p7zip-debugsource-16.02-150200.14.12.1 * p7zip-16.02-150200.14.12.1 * p7zip-full-debuginfo-16.02-150200.14.12.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * p7zip-full-16.02-150200.14.12.1 * p7zip-debugsource-16.02-150200.14.12.1 * p7zip-16.02-150200.14.12.1 * p7zip-full-debuginfo-16.02-150200.14.12.1 ## References: * https://www.suse.com/security/cve/CVE-2023-52168.html * https://www.suse.com/security/cve/CVE-2023-52169.html * https://bugzilla.suse.com/show_bug.cgi?id=1227358 * https://bugzilla.suse.com/show_bug.cgi?id=1227359

1 0

SUSE-SU-2024:2627-1: moderate: Security update for ghostscript
by OPENSUSE-SECURITY-UPDATES 30 Jul '24

30 Jul '24

# Security update for ghostscript Announcement ID: SUSE-SU-2024:2627-1 Rating: moderate References: * bsc#1227380 Cross-References: * CVE-2024-29508 CVSS scores: * CVE-2024-29508 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L Affected Products: * Basesystem Module 15-SP5 * Basesystem Module 15-SP6 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for ghostscript fixes the following issues: * CVE-2024-29508: Fixed heap pointer leak in pdf_base_font_alloc (bsc#1227380) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-2627=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-2627=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-2627=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-2627=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * ghostscript-9.52-150000.197.1 * ghostscript-debuginfo-9.52-150000.197.1 * ghostscript-debugsource-9.52-150000.197.1 * ghostscript-devel-9.52-150000.197.1 * ghostscript-x11-9.52-150000.197.1 * ghostscript-x11-debuginfo-9.52-150000.197.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * ghostscript-9.52-150000.197.1 * ghostscript-debuginfo-9.52-150000.197.1 * ghostscript-debugsource-9.52-150000.197.1 * ghostscript-devel-9.52-150000.197.1 * ghostscript-x11-9.52-150000.197.1 * ghostscript-x11-debuginfo-9.52-150000.197.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * ghostscript-9.52-150000.197.1 * ghostscript-debuginfo-9.52-150000.197.1 * ghostscript-debugsource-9.52-150000.197.1 * ghostscript-devel-9.52-150000.197.1 * ghostscript-x11-9.52-150000.197.1 * ghostscript-x11-debuginfo-9.52-150000.197.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * ghostscript-9.52-150000.197.1 * ghostscript-debuginfo-9.52-150000.197.1 * ghostscript-debugsource-9.52-150000.197.1 * ghostscript-devel-9.52-150000.197.1 * ghostscript-x11-9.52-150000.197.1 * ghostscript-x11-debuginfo-9.52-150000.197.1 ## References: * https://www.suse.com/security/cve/CVE-2024-29508.html * https://bugzilla.suse.com/show_bug.cgi?id=1227380

1 0

SUSE-SU-2024:2631-1: important: Security update for freerdp
by OPENSUSE-SECURITY-UPDATES 30 Jul '24

30 Jul '24

# Security update for freerdp Announcement ID: SUSE-SU-2024:2631-1 Rating: important References: * bsc#1219049 * bsc#1223346 * bsc#1223347 * bsc#1223348 * bsc#1223353 Cross-References: * CVE-2024-22211 * CVE-2024-32658 * CVE-2024-32659 * CVE-2024-32660 * CVE-2024-32661 CVSS scores: * CVE-2024-22211 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2024-22211 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-32658 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-32659 ( SUSE ): 7.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H * CVE-2024-32660 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-32661 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Workstation Extension 15 SP6 * SUSE Package Hub 15 15-SP6 An update that solves five vulnerabilities can now be installed. ## Description: This update for freerdp fixes the following issues: * CVE-2024-22211: Fixed integer overflow in `freerdp_bitmap_planar_context_reset` that could lead to heap-buffer overflow (bsc#1219049) * CVE-2024-32658: Fixed out-of-bounds read in Interleaved RLE Bitmap Codec in FreeRDP based clients (bsc#1223353) * CVE-2024-32659: Fixed out-of-bounds read if `((nWidth == 0) and (nHeight == 0))` (bsc#1223346) * CVE-2024-32660: Fixed client crash via invalid huge allocation size (bsc#1223347) * CVE-2024-32661: Fixed client NULL pointer dereference (bsc#1223348) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-2631=1 openSUSE-SLE-15.6-2024-2631=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-2631=1 * SUSE Linux Enterprise Workstation Extension 15 SP6 zypper in -t patch SUSE-SLE-Product-WE-15-SP6-2024-2631=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * libwinpr2-2-debuginfo-2.11.2-150600.4.3.1 * freerdp-2.11.2-150600.4.3.1 * freerdp-debuginfo-2.11.2-150600.4.3.1 * freerdp-devel-2.11.2-150600.4.3.1 * freerdp-wayland-debuginfo-2.11.2-150600.4.3.1 * libuwac0-0-2.11.2-150600.4.3.1 * libwinpr2-2-2.11.2-150600.4.3.1 * freerdp-proxy-2.11.2-150600.4.3.1 * uwac0-0-devel-2.11.2-150600.4.3.1 * freerdp-server-2.11.2-150600.4.3.1 * libfreerdp2-2-debuginfo-2.11.2-150600.4.3.1 * winpr-devel-2.11.2-150600.4.3.1 * freerdp-server-debuginfo-2.11.2-150600.4.3.1 * freerdp-proxy-debuginfo-2.11.2-150600.4.3.1 * libuwac0-0-debuginfo-2.11.2-150600.4.3.1 * freerdp-wayland-2.11.2-150600.4.3.1 * libfreerdp2-2-2.11.2-150600.4.3.1 * freerdp-debugsource-2.11.2-150600.4.3.1 * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x) * freerdp-2.11.2-150600.4.3.1 * freerdp-debuginfo-2.11.2-150600.4.3.1 * freerdp-devel-2.11.2-150600.4.3.1 * freerdp-wayland-debuginfo-2.11.2-150600.4.3.1 * libuwac0-0-2.11.2-150600.4.3.1 * uwac0-0-devel-2.11.2-150600.4.3.1 * freerdp-proxy-2.11.2-150600.4.3.1 * freerdp-server-2.11.2-150600.4.3.1 * freerdp-server-debuginfo-2.11.2-150600.4.3.1 * freerdp-proxy-debuginfo-2.11.2-150600.4.3.1 * libuwac0-0-debuginfo-2.11.2-150600.4.3.1 * freerdp-wayland-2.11.2-150600.4.3.1 * freerdp-debugsource-2.11.2-150600.4.3.1 * SUSE Linux Enterprise Workstation Extension 15 SP6 (x86_64) * libwinpr2-2-debuginfo-2.11.2-150600.4.3.1 * freerdp-2.11.2-150600.4.3.1 * freerdp-debuginfo-2.11.2-150600.4.3.1 * freerdp-devel-2.11.2-150600.4.3.1 * libwinpr2-2-2.11.2-150600.4.3.1 * freerdp-proxy-2.11.2-150600.4.3.1 * freerdp-server-2.11.2-150600.4.3.1 * libfreerdp2-2-debuginfo-2.11.2-150600.4.3.1 * winpr-devel-2.11.2-150600.4.3.1 * freerdp-server-debuginfo-2.11.2-150600.4.3.1 * freerdp-proxy-debuginfo-2.11.2-150600.4.3.1 * libfreerdp2-2-2.11.2-150600.4.3.1 * freerdp-debugsource-2.11.2-150600.4.3.1 ## References: * https://www.suse.com/security/cve/CVE-2024-22211.html * https://www.suse.com/security/cve/CVE-2024-32658.html * https://www.suse.com/security/cve/CVE-2024-32659.html * https://www.suse.com/security/cve/CVE-2024-32660.html * https://www.suse.com/security/cve/CVE-2024-32661.html * https://bugzilla.suse.com/show_bug.cgi?id=1219049 * https://bugzilla.suse.com/show_bug.cgi?id=1223346 * https://bugzilla.suse.com/show_bug.cgi?id=1223347 * https://bugzilla.suse.com/show_bug.cgi?id=1223348 * https://bugzilla.suse.com/show_bug.cgi?id=1223353

1 0

SUSE-SU-2024:2633-1: important: Security update for gtk3
by OPENSUSE-SECURITY-UPDATES 30 Jul '24

30 Jul '24

# Security update for gtk3 Announcement ID: SUSE-SU-2024:2633-1 Rating: important References: * bsc#1228120 Cross-References: * CVE-2024-6655 CVSS scores: * CVE-2024-6655 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP6 * Desktop Applications Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for gtk3 fixes the following issues: * CVE-2024-6655: Fixed library injection from current working directory (bsc#1228120) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-2633=1 openSUSE-SLE-15.6-2024-2633=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-2633=1 * Desktop Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2024-2633=1 ## Package List: * openSUSE Leap 15.6 (noarch) * gtk3-lang-3.24.38+111-150600.3.3.1 * gtk3-devel-doc-3.24.38+111-150600.3.3.1 * gtk3-branding-upstream-3.24.38+111-150600.3.3.1 * gtk3-schema-3.24.38+111-150600.3.3.1 * gettext-its-gtk3-3.24.38+111-150600.3.3.1 * gtk3-data-3.24.38+111-150600.3.3.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * typelib-1_0-Gtk-3_0-3.24.38+111-150600.3.3.1 * gtk3-immodule-thai-3.24.38+111-150600.3.3.1 * gtk3-immodule-xim-debuginfo-3.24.38+111-150600.3.3.1 * gtk3-tools-debuginfo-3.24.38+111-150600.3.3.1 * gtk3-immodule-amharic-debuginfo-3.24.38+111-150600.3.3.1 * gtk3-immodule-amharic-3.24.38+111-150600.3.3.1 * gtk3-immodule-vietnamese-debuginfo-3.24.38+111-150600.3.3.1 * libgtk-3-0-3.24.38+111-150600.3.3.1 * gtk3-immodule-thai-debuginfo-3.24.38+111-150600.3.3.1 * gtk3-immodule-inuktitut-debuginfo-3.24.38+111-150600.3.3.1 * gtk3-immodule-vietnamese-3.24.38+111-150600.3.3.1 * gtk3-devel-debuginfo-3.24.38+111-150600.3.3.1 * gtk3-immodule-broadway-3.24.38+111-150600.3.3.1 * gtk3-immodule-xim-3.24.38+111-150600.3.3.1 * gtk3-debugsource-3.24.38+111-150600.3.3.1 * gtk3-tools-3.24.38+111-150600.3.3.1 * gtk3-immodule-multipress-debuginfo-3.24.38+111-150600.3.3.1 * gtk3-devel-3.24.38+111-150600.3.3.1 * gtk3-immodule-broadway-debuginfo-3.24.38+111-150600.3.3.1 * gtk3-immodule-multipress-3.24.38+111-150600.3.3.1 * gtk3-immodule-tigrigna-3.24.38+111-150600.3.3.1 * gtk3-immodule-inuktitut-3.24.38+111-150600.3.3.1 * gtk3-immodule-tigrigna-debuginfo-3.24.38+111-150600.3.3.1 * libgtk-3-0-debuginfo-3.24.38+111-150600.3.3.1 * openSUSE Leap 15.6 (x86_64) * gtk3-immodule-vietnamese-32bit-debuginfo-3.24.38+111-150600.3.3.1 * gtk3-immodule-thai-32bit-3.24.38+111-150600.3.3.1 * gtk3-immodule-multipress-32bit-3.24.38+111-150600.3.3.1 * gtk3-devel-32bit-3.24.38+111-150600.3.3.1 * gtk3-immodule-multipress-32bit-debuginfo-3.24.38+111-150600.3.3.1 * libgtk-3-0-32bit-debuginfo-3.24.38+111-150600.3.3.1 * gtk3-devel-32bit-debuginfo-3.24.38+111-150600.3.3.1 * gtk3-immodule-amharic-32bit-debuginfo-3.24.38+111-150600.3.3.1 * gtk3-immodule-xim-32bit-3.24.38+111-150600.3.3.1 * gtk3-immodule-xim-32bit-debuginfo-3.24.38+111-150600.3.3.1 * gtk3-tools-32bit-debuginfo-3.24.38+111-150600.3.3.1 * libgtk-3-0-32bit-3.24.38+111-150600.3.3.1 * gtk3-tools-32bit-3.24.38+111-150600.3.3.1 * gtk3-immodule-amharic-32bit-3.24.38+111-150600.3.3.1 * gtk3-immodule-tigrigna-32bit-3.24.38+111-150600.3.3.1 * gtk3-immodule-thai-32bit-debuginfo-3.24.38+111-150600.3.3.1 * gtk3-immodule-inuktitut-32bit-3.24.38+111-150600.3.3.1 * gtk3-immodule-tigrigna-32bit-debuginfo-3.24.38+111-150600.3.3.1 * gtk3-immodule-vietnamese-32bit-3.24.38+111-150600.3.3.1 * gtk3-immodule-inuktitut-32bit-debuginfo-3.24.38+111-150600.3.3.1 * openSUSE Leap 15.6 (aarch64_ilp32) * gtk3-immodule-thai-64bit-3.24.38+111-150600.3.3.1 * gtk3-immodule-vietnamese-64bit-3.24.38+111-150600.3.3.1 * gtk3-immodule-amharic-64bit-3.24.38+111-150600.3.3.1 * gtk3-devel-64bit-3.24.38+111-150600.3.3.1 * gtk3-tools-64bit-debuginfo-3.24.38+111-150600.3.3.1 * gtk3-immodule-thai-64bit-debuginfo-3.24.38+111-150600.3.3.1 * gtk3-immodule-inuktitut-64bit-3.24.38+111-150600.3.3.1 * gtk3-immodule-multipress-64bit-debuginfo-3.24.38+111-150600.3.3.1 * gtk3-immodule-tigrigna-64bit-debuginfo-3.24.38+111-150600.3.3.1 * gtk3-immodule-multipress-64bit-3.24.38+111-150600.3.3.1 * libgtk-3-0-64bit-3.24.38+111-150600.3.3.1 * gtk3-immodule-inuktitut-64bit-debuginfo-3.24.38+111-150600.3.3.1 * gtk3-tools-64bit-3.24.38+111-150600.3.3.1 * libgtk-3-0-64bit-debuginfo-3.24.38+111-150600.3.3.1 * gtk3-immodule-vietnamese-64bit-debuginfo-3.24.38+111-150600.3.3.1 * gtk3-immodule-xim-64bit-3.24.38+111-150600.3.3.1 * gtk3-immodule-xim-64bit-debuginfo-3.24.38+111-150600.3.3.1 * gtk3-immodule-amharic-64bit-debuginfo-3.24.38+111-150600.3.3.1 * gtk3-immodule-tigrigna-64bit-3.24.38+111-150600.3.3.1 * gtk3-devel-64bit-debuginfo-3.24.38+111-150600.3.3.1 * Basesystem Module 15-SP6 (noarch) * gtk3-lang-3.24.38+111-150600.3.3.1 * gtk3-schema-3.24.38+111-150600.3.3.1 * gtk3-data-3.24.38+111-150600.3.3.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libgtk-3-0-3.24.38+111-150600.3.3.1 * typelib-1_0-Gtk-3_0-3.24.38+111-150600.3.3.1 * gtk3-tools-debuginfo-3.24.38+111-150600.3.3.1 * gtk3-debugsource-3.24.38+111-150600.3.3.1 * gtk3-devel-debuginfo-3.24.38+111-150600.3.3.1 * gtk3-tools-3.24.38+111-150600.3.3.1 * libgtk-3-0-debuginfo-3.24.38+111-150600.3.3.1 * gtk3-devel-3.24.38+111-150600.3.3.1 * Desktop Applications Module 15-SP6 (noarch) * gtk3-devel-doc-3.24.38+111-150600.3.3.1 ## References: * https://www.suse.com/security/cve/CVE-2024-6655.html * https://bugzilla.suse.com/show_bug.cgi?id=1228120

1 0

SUSE-SU-2024:2635-1: important: Security update for openssl-3
by OPENSUSE-SECURITY-UPDATES 30 Jul '24

30 Jul '24

# Security update for openssl-3 Announcement ID: SUSE-SU-2024:2635-1 Rating: important References: * bsc#1222899 * bsc#1223336 * bsc#1226463 * bsc#1227138 Cross-References: * CVE-2024-5535 CVSS scores: * CVE-2024-5535 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability and has three security fixes can now be installed. ## Description: This update for openssl-3 fixes the following issues: Security fixes: * CVE-2024-5535: Fixed SSL_select_next_proto buffer overread (bsc#1227138) Other fixes: * Build with no-afalgeng (bsc#1226463) * Build with enabled sm2 and sm4 support (bsc#1222899) * Fix non-reproducibility issue (bsc#1223336) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-2635=1 openSUSE-SLE-15.6-2024-2635=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-2635=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * libopenssl3-debuginfo-3.1.4-150600.5.10.1 * openssl-3-debugsource-3.1.4-150600.5.10.1 * openssl-3-3.1.4-150600.5.10.1 * libopenssl-3-fips-provider-debuginfo-3.1.4-150600.5.10.1 * libopenssl-3-fips-provider-3.1.4-150600.5.10.1 * openssl-3-debuginfo-3.1.4-150600.5.10.1 * libopenssl-3-devel-3.1.4-150600.5.10.1 * libopenssl3-3.1.4-150600.5.10.1 * openSUSE Leap 15.6 (x86_64) * libopenssl3-32bit-3.1.4-150600.5.10.1 * libopenssl-3-fips-provider-32bit-3.1.4-150600.5.10.1 * libopenssl-3-fips-provider-32bit-debuginfo-3.1.4-150600.5.10.1 * libopenssl-3-devel-32bit-3.1.4-150600.5.10.1 * libopenssl3-32bit-debuginfo-3.1.4-150600.5.10.1 * openSUSE Leap 15.6 (noarch) * openssl-3-doc-3.1.4-150600.5.10.1 * openSUSE Leap 15.6 (aarch64_ilp32) * libopenssl-3-fips-provider-64bit-debuginfo-3.1.4-150600.5.10.1 * libopenssl3-64bit-3.1.4-150600.5.10.1 * libopenssl-3-fips-provider-64bit-3.1.4-150600.5.10.1 * libopenssl3-64bit-debuginfo-3.1.4-150600.5.10.1 * libopenssl-3-devel-64bit-3.1.4-150600.5.10.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libopenssl3-debuginfo-3.1.4-150600.5.10.1 * openssl-3-debugsource-3.1.4-150600.5.10.1 * openssl-3-3.1.4-150600.5.10.1 * libopenssl-3-fips-provider-debuginfo-3.1.4-150600.5.10.1 * libopenssl-3-fips-provider-3.1.4-150600.5.10.1 * openssl-3-debuginfo-3.1.4-150600.5.10.1 * libopenssl-3-devel-3.1.4-150600.5.10.1 * libopenssl3-3.1.4-150600.5.10.1 * Basesystem Module 15-SP6 (x86_64) * libopenssl-3-fips-provider-32bit-3.1.4-150600.5.10.1 * libopenssl-3-fips-provider-32bit-debuginfo-3.1.4-150600.5.10.1 * libopenssl3-32bit-debuginfo-3.1.4-150600.5.10.1 * libopenssl3-32bit-3.1.4-150600.5.10.1 ## References: * https://www.suse.com/security/cve/CVE-2024-5535.html * https://bugzilla.suse.com/show_bug.cgi?id=1222899 * https://bugzilla.suse.com/show_bug.cgi?id=1223336 * https://bugzilla.suse.com/show_bug.cgi?id=1226463 * https://bugzilla.suse.com/show_bug.cgi?id=1227138

1 0

SUSE-SU-2024:2638-1: moderate: Security update for cdi-apiserver-container, cdi-cloner-container, cdi-controller-container, cdi-importer-container, cdi-operator-container, cdi-uploadproxy-container, cdi-uploadserver-container, cont
by OPENSUSE-SECURITY-UPDATES 30 Jul '24

30 Jul '24

# Security update for cdi-apiserver-container, cdi-cloner-container, cdi- controller-container, cdi-importer-container, cdi-operator-container, cdi- uploadproxy-container, cdi-uploadserver-container, cont Announcement ID: SUSE-SU-2024:2638-1 Rating: moderate References: Affected Products: * Containers Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that can now be installed. ## Description: This update for cdi-apiserver-container, cdi-cloner-container, cdi-controller- container, cdi-importer-container, cdi-operator-container, cdi-uploadproxy- container, cdi-uploadserver-container, containerized-data-importer fixes the following issues: Update to version 1.59.0 * Release notes https://github.com/kubevirt/containerized-data- importer/releases/tag/v1.59.0 * Release notes https://github.com/kubevirt/containerized-data- importer/releases/tag/v1.58.1 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Containers Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Containers-15-SP6-2024-2638=1 * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-2638=1 openSUSE-SLE-15.6-2024-2638=1 ## Package List: * Containers Module 15-SP6 (x86_64) * containerized-data-importer-manifests-1.59.0-150600.3.6.1 * openSUSE Leap 15.6 (x86_64) * containerized-data-importer-cloner-1.59.0-150600.3.6.1 * containerized-data-importer-uploadserver-debuginfo-1.59.0-150600.3.6.1 * containerized-data-importer-operator-debuginfo-1.59.0-150600.3.6.1 * containerized-data-importer-controller-1.59.0-150600.3.6.1 * containerized-data-importer-operator-1.59.0-150600.3.6.1 * containerized-data-importer-uploadproxy-1.59.0-150600.3.6.1 * containerized-data-importer-uploadserver-1.59.0-150600.3.6.1 * containerized-data-importer-importer-1.59.0-150600.3.6.1 * obs-service-cdi_containers_meta-1.59.0-150600.3.6.1 * containerized-data-importer-manifests-1.59.0-150600.3.6.1 * containerized-data-importer-importer-debuginfo-1.59.0-150600.3.6.1 * containerized-data-importer-uploadproxy-debuginfo-1.59.0-150600.3.6.1 * containerized-data-importer-controller-debuginfo-1.59.0-150600.3.6.1 * containerized-data-importer-api-1.59.0-150600.3.6.1 * containerized-data-importer-cloner-debuginfo-1.59.0-150600.3.6.1 * containerized-data-importer-api-debuginfo-1.59.0-150600.3.6.1

1 0

SUSE-SU-2024:2639-1: moderate: Security update for kubevirt, virt-api-container, virt-controller-container, virt-exportproxy-container, virt-exportserver-container, virt-handler-container, virt-launcher-container, virt-libguestfs-t
by OPENSUSE-SECURITY-UPDATES 30 Jul '24

30 Jul '24

# Security update for kubevirt, virt-api-container, virt-controller-container, virt-exportproxy-container, virt-exportserver-container, virt-handler-container, virt-launcher-container, virt-libguestfs-t Announcement ID: SUSE-SU-2024:2639-1 Rating: moderate References: Affected Products: * Containers Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that can now be installed. ## Description: This update for kubevirt, virt-api-container, virt-controller-container, virt- exportproxy-container, virt-exportserver-container, virt-handler-container, virt-launcher-container, virt-libguestfs-tools-container, virt-operator- container, virt-pr-helper-container fixes the following issues: * Update to version 1.2.2 Release notes https://github.com/kubevirt/kubevirt/releases/tag/v1.2.2 Release notes https://github.com/kubevirt/kubevirt/releases/tag/v1.2.1 Release notes https://github.com/kubevirt/kubevirt/releases/tag/v1.2.0 * Use predefined configuration files for libvirt * Install psmisc (provides killall for tests) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-2639=1 openSUSE-SLE-15.6-2024-2639=1 * Containers Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Containers-15-SP6-2024-2639=1 ## Package List: * openSUSE Leap 15.6 (x86_64) * kubevirt-tests-1.2.2-150600.5.6.1 * kubevirt-virt-api-1.2.2-150600.5.6.1 * kubevirt-container-disk-1.2.2-150600.5.6.1 * kubevirt-virt-exportproxy-1.2.2-150600.5.6.1 * kubevirt-virt-exportserver-1.2.2-150600.5.6.1 * kubevirt-pr-helper-conf-1.2.2-150600.5.6.1 * kubevirt-virt-api-debuginfo-1.2.2-150600.5.6.1 * kubevirt-virt-launcher-debuginfo-1.2.2-150600.5.6.1 * kubevirt-virt-launcher-1.2.2-150600.5.6.1 * kubevirt-virt-handler-debuginfo-1.2.2-150600.5.6.1 * kubevirt-virt-controller-1.2.2-150600.5.6.1 * kubevirt-virt-handler-1.2.2-150600.5.6.1 * kubevirt-virt-exportproxy-debuginfo-1.2.2-150600.5.6.1 * kubevirt-virt-controller-debuginfo-1.2.2-150600.5.6.1 * kubevirt-virt-operator-1.2.2-150600.5.6.1 * kubevirt-virt-operator-debuginfo-1.2.2-150600.5.6.1 * kubevirt-virt-exportserver-debuginfo-1.2.2-150600.5.6.1 * kubevirt-virtctl-debuginfo-1.2.2-150600.5.6.1 * kubevirt-container-disk-debuginfo-1.2.2-150600.5.6.1 * kubevirt-tests-debuginfo-1.2.2-150600.5.6.1 * kubevirt-virtctl-1.2.2-150600.5.6.1 * obs-service-kubevirt_containers_meta-1.2.2-150600.5.6.1 * kubevirt-manifests-1.2.2-150600.5.6.1 * Containers Module 15-SP6 (x86_64) * kubevirt-virtctl-1.2.2-150600.5.6.1 * kubevirt-manifests-1.2.2-150600.5.6.1 * kubevirt-virtctl-debuginfo-1.2.2-150600.5.6.1

1 0

openSUSE-SU-2024:0227-1: moderate: Security update for gh
by opensuse-security＠opensuse.org 27 Jul '24

27 Jul '24

openSUSE Security Update: Security update for gh ______________________________________________________________________________ Announcement ID: openSUSE-SU-2024:0227-1 Rating: moderate References: #1227035 Cross-References: CVE-2024-6104 CVSS scores: CVE-2024-6104 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVE-2024-6104 (SUSE): 6 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N Affected Products: openSUSE Backports SLE-15-SP5 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for gh fixes the following issues: Update to version 2.53.0: * CVE-2024-6104: gh: hashicorp/go-retryablehttp: url might write sensitive information to log file (boo#1227035) * Disable `TestGetTrustedRoot/successfully_verifies_TUF_root` test due to https://github.com/cli/cli/issues/8928 * Rename package directory and files * Rename package name to `update_branch` * Rename `gh pr update` to `gh pr update-branch` * Add test case for merge conflict error * Handle merge conflict error * Return error if PR is not mergeable * Replace literals with consts for `Mergeable` field values * Add separate type for `PullRequest.Mergeable` field * Remove unused flag * Print message on stdout instead of stderr * Raise error if editor is used in non-tty mode * Add tests for JSON field support on issue and pr view commands * docs: Update documentation for `gh repo create` to clarify owner * Ensure PR does not panic when stateReason is requested * Add `createdAt` field to tests * Add `createdAt` field to `Variable` type * Add test for exporting as JSON * Add test for JSON output * Only populate selected repo information for JSON output * Add test to verify JSON exporter gets set * Add `--json` option support * Use `Variable` type defined in `shared` package * Add tests for JSON output * Move `Variable` type and `PopulateSelectedRepositoryInformation` func to shared * Fix query parameter name * Update tests to account for ref comparison step * Improve query variable names * Check if PR branch is already up-to-date * Add `ComparePullRequestBaseBranchWith` function * Run `go mod tidy` * Add test to verify `--repo` requires non-empty selector * Require non-empty selector when `--repo` override is used * Run `go mod tidy` * Register `update` command * Add tests for `pr update` command * Add `pr update` command * Add `UpdatePullRequestBranch` method * Upgrade `shurcooL/githubv4` Update to version 2.52.0: * Attestation Verification - Buffer Fix * Remove beta note from attestation top level command * Removed beta note from `gh at download`. * Removed beta note from `gh at verify`, clarified reusable workflows use case. * add `-a` flag to `gh run list` Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15-SP5: zypper in -t patch openSUSE-2024-227=1 Package List: - openSUSE Backports SLE-15-SP5 (aarch64 i586 ppc64le s390x x86_64): gh-2.53.0-bp155.2.12.1 - openSUSE Backports SLE-15-SP5 (noarch): gh-bash-completion-2.53.0-bp155.2.12.1 gh-fish-completion-2.53.0-bp155.2.12.1 gh-zsh-completion-2.53.0-bp155.2.12.1 References: https://www.suse.com/security/cve/CVE-2024-6104.html https://bugzilla.suse.com/1227035

1 0

openSUSE-SU-2024:0225-1: moderate: Security update for assimp
by opensuse-security＠opensuse.org 27 Jul '24

27 Jul '24

openSUSE Security Update: Security update for assimp ______________________________________________________________________________ Announcement ID: openSUSE-SU-2024:0225-1 Rating: moderate References: #1218474 #1228142 Cross-References: CVE-2024-40724 CVSS scores: CVE-2024-40724 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: openSUSE Backports SLE-15-SP5 ______________________________________________________________________________ An update that solves one vulnerability and has one errata is now available. Description: This update for assimp fixes the following issues: - CVE-2024-40724: Fixed heap-based buffer overflow in the PLY importer class (boo#1228142), Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15-SP5: zypper in -t patch openSUSE-2024-225=1 Package List: - openSUSE Backports SLE-15-SP5 (aarch64 ppc64le s390x x86_64): assimp-devel-5.2.5-bp155.2.3.1 libassimp5-5.2.5-bp155.2.3.1 References: https://www.suse.com/security/cve/CVE-2024-40724.html https://bugzilla.suse.com/1218474 https://bugzilla.suse.com/1228142

1 0

openSUSE-SU-2024:0223-1: important: Security update for opera
by opensuse-security＠opensuse.org 26 Jul '24

26 Jul '24

openSUSE Security Update: Security update for opera ______________________________________________________________________________ Announcement ID: openSUSE-SU-2024:0223-1 Rating: important References: Cross-References: CVE-2024-5493 CVE-2024-5494 CVE-2024-5495 CVE-2024-5496 CVE-2024-5497 CVE-2024-5498 CVE-2024-5499 CVE-2024-5830 CVE-2024-5831 CVE-2024-5832 CVE-2024-5833 CVE-2024-5834 CVE-2024-5835 CVE-2024-5836 CVE-2024-5837 CVE-2024-5838 CVE-2024-5839 CVE-2024-5840 CVE-2024-5841 CVE-2024-5842 CVE-2024-5843 CVE-2024-5844 CVE-2024-5845 CVE-2024-5846 CVE-2024-5847 CVE-2024-6290 CVE-2024-6291 CVE-2024-6292 CVE-2024-6293 CVSS scores: CVE-2024-5830 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2024-5831 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2024-5832 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2024-5833 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2024-5834 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2024-5835 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2024-5836 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2024-5837 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2024-5838 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2024-5839 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N CVE-2024-5840 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N CVE-2024-5841 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2024-5842 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2024-5843 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N CVE-2024-5844 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2024-5845 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2024-5846 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2024-5847 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: openSUSE Leap 15.6:NonFree ______________________________________________________________________________ An update that fixes 29 vulnerabilities is now available. Description: This update for opera fixes the following issues: - Update to 112.0.5197.25 * CHR-9787 Update Chromium on desktop-stable-126-5197 to 126.0.6478.127 - The update to chromium 126.0.6478.127 fixes following issues: CVE-2024-6290, CVE-2024-6291, CVE-2024-6292, CVE-2024-6293 - Update to 112.0.5197.24 * CHR-9762 Update Chromium on desktop-stable-126-5197 to 126.0.6478.62 * DNA-117001 Crash at base::internal::check_is_test_impl (base::NotFatalUntil) * DNA-117050 [Settings][Sync] Synchronization options aren't visible * DNA-117076 [Player] Background of the icons has changed and the Tidal icon is now missing * DNA-117109 Browser freezes when trying to remove a tab * DNA-117181 Translations for O112 * DNA-117202 Crash at syncer::SyncServiceImpl::NotifyObservers() * DNA-117295 Remove emoji names field in picker * DNA-117347 Start page is not rendered on first switch to workspace after its creation * DNA-117431 Promote 112 to stable - Complete Opera 112 changelog at: https://blogs.opera.com/desktop/changelog-for-112 - The update to chromium >= 126.0.6478.54 fixes following issues: CVE-2024-5830, CVE-2024-5831, CVE-2024-5832, CVE-2024-5833, CVE-2024-5834, CVE-2024-5835, CVE-2024-5836, CVE-2024-5837, CVE-2024-5838, CVE-2024-5839, CVE-2024-5840, CVE-2024-5841, CVE-2024-5842, CVE-2024-5843, CVE-2024-5844, CVE-2024-5845, CVE-2024-5846, CVE-2024-5847 - Update to 111.0.5168.55 * DNA-116749 Unnecessary icons in the advanced sync settings * DNA-116961 Evaluate #vtvd-as-platform-sw-decoder in the field * DNA-117003 #vtvd-as-platform-sw-decoder is not registered in media unittests Update to 111.0.5168.43 * DNA-115228 Adblocker is blocking ads when turned off * DNA-116605 Crash at opera::BrowserContentsView:: NonClientHitTestPoint(gfx::Point const&) * DNA-116855 Cannot close tab island’s tab when popup was hovered * DNA-116885 Add chrome.cookies api permission to Rich Hints * DNA-116948 [Linux] Theme toggle in settings is not working Update to 111.0.5168.25 * CHR-9754 Update Chromium on desktop-stable-125-5168 to 125.0.6422.142 * DNA-116089 [Win/Lin] Fullscreen view has rounded corners * DNA-116208 The red dot on the Aria’s icon is misaligned * DNA-116693 X (twitter) logo is not available on opera:about page * DNA-116737 [Bookmarks] Bookmarks bar favicon have light theme color in new window * DNA-116769 Extension popup – pin icon is replaced * DNA-116850 Fix full package installer link * DNA-116852 Promote 111 to stable * DNA-116491 Site info popup is cut with dropdown opened * DNA-116661 [opera:settings] IPFS/IPNS Gateway box has the wrong design * DNA-116789 Translations for O111 * DNA-116813 [React emoji picker] Flag emojis are not load correctly * DNA-116893 Put 'Show emojis in tab tooltip' in Settings * DNA-116918 Translations for 'Show emojis in tab tooltip' - Complete Opera 111 changelog at: https://blogs.opera.com/desktop/changelog-for-111 - The update to chromium 125.0.6422.142 fixes following issues: CVE-2024-5493, CVE-2024-5494, CVE-2024-5495, CVE-2024-5496, CVE-2024-5497, CVE-2024-5498, CVE-2024-5499 Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.6:NonFree: zypper in -t patch openSUSE-2024-223=1 Package List: - openSUSE Leap 15.6:NonFree (x86_64): opera-112.0.5197.25-lp156.2.11.1 References: https://www.suse.com/security/cve/CVE-2024-5493.html https://www.suse.com/security/cve/CVE-2024-5494.html https://www.suse.com/security/cve/CVE-2024-5495.html https://www.suse.com/security/cve/CVE-2024-5496.html https://www.suse.com/security/cve/CVE-2024-5497.html https://www.suse.com/security/cve/CVE-2024-5498.html https://www.suse.com/security/cve/CVE-2024-5499.html https://www.suse.com/security/cve/CVE-2024-5830.html https://www.suse.com/security/cve/CVE-2024-5831.html https://www.suse.com/security/cve/CVE-2024-5832.html https://www.suse.com/security/cve/CVE-2024-5833.html https://www.suse.com/security/cve/CVE-2024-5834.html https://www.suse.com/security/cve/CVE-2024-5835.html https://www.suse.com/security/cve/CVE-2024-5836.html https://www.suse.com/security/cve/CVE-2024-5837.html https://www.suse.com/security/cve/CVE-2024-5838.html https://www.suse.com/security/cve/CVE-2024-5839.html https://www.suse.com/security/cve/CVE-2024-5840.html https://www.suse.com/security/cve/CVE-2024-5841.html https://www.suse.com/security/cve/CVE-2024-5842.html https://www.suse.com/security/cve/CVE-2024-5843.html https://www.suse.com/security/cve/CVE-2024-5844.html https://www.suse.com/security/cve/CVE-2024-5845.html https://www.suse.com/security/cve/CVE-2024-5846.html https://www.suse.com/security/cve/CVE-2024-5847.html https://www.suse.com/security/cve/CVE-2024-6290.html https://www.suse.com/security/cve/CVE-2024-6291.html https://www.suse.com/security/cve/CVE-2024-6292.html https://www.suse.com/security/cve/CVE-2024-6293.html

1 0

openSUSE-SU-2024:0222-1: important: Security update for python-nltk
by opensuse-security＠opensuse.org 26 Jul '24

26 Jul '24

openSUSE Security Update: Security update for python-nltk ______________________________________________________________________________ Announcement ID: openSUSE-SU-2024:0222-1 Rating: important References: #1227174 Cross-References: CVE-2024-39705 Affected Products: openSUSE Backports SLE-15-SP5 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for python-nltk fixes the following issues: - CVE-2024-39705: Fixed remote code execution through unsafe pickle usage (boo#1227174). Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15-SP5: zypper in -t patch openSUSE-2024-222=1 Package List: - openSUSE Backports SLE-15-SP5 (noarch): python3-nltk-3.7-bp155.3.3.1 References: https://www.suse.com/security/cve/CVE-2024-39705.html https://bugzilla.suse.com/1227174

1 0

openSUSE-SU-2024:0218-1: important: Security update for exim
by opensuse-security＠opensuse.org 25 Jul '24

25 Jul '24

openSUSE Security Update: Security update for exim ______________________________________________________________________________ Announcement ID: openSUSE-SU-2024:0218-1 Rating: important References: #1227423 Cross-References: CVE-2024-39929 Affected Products: openSUSE Backports SLE-15-SP5 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for exim fixes the following issues: - CVE-2024-39929: Fixed incorrect parsing of multiline rfc2231 header filename (boo#1227423). Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15-SP5: zypper in -t patch openSUSE-2024-218=1 Package List: - openSUSE Backports SLE-15-SP5 (aarch64 ppc64le s390x x86_64): exim-4.97.1-bp155.5.12.1 eximon-4.97.1-bp155.5.12.1 eximstats-html-4.97.1-bp155.5.12.1 References: https://www.suse.com/security/cve/CVE-2024-39929.html https://bugzilla.suse.com/1227423

1 0

openSUSE-SU-2024:0214-1: moderate: Security update for python-sentry-sdk
by opensuse-security＠opensuse.org 23 Jul '24

23 Jul '24

openSUSE Security Update: Security update for python-sentry-sdk ______________________________________________________________________________ Announcement ID: openSUSE-SU-2024:0214-1 Rating: moderate References: #1228128 Cross-References: CVE-2024-40647 Affected Products: openSUSE Backports SLE-15-SP5 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for python-sentry-sdk fixes the following issues: - CVE-2024-40647: Do not leak environment variables to child processes. (bsc#1228128) Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15-SP5: zypper in -t patch openSUSE-2024-214=1 Package List: - openSUSE Backports SLE-15-SP5 (noarch): python3-sentry-sdk-0.14.4-bp155.3.3.1 References: https://www.suse.com/security/cve/CVE-2024-40647.html https://bugzilla.suse.com/1228128

1 0

SUSE-SU-2024:2597-1: important: Security update for apache2
by OPENSUSE-SECURITY-UPDATES 23 Jul '24

23 Jul '24

# Security update for apache2 Announcement ID: SUSE-SU-2024:2597-1 Rating: important References: * bsc#1227268 * bsc#1227269 * bsc#1227272 Cross-References: * CVE-2024-36387 * CVE-2024-38475 * CVE-2024-38476 CVSS scores: * CVE-2024-36387 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38475 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N * CVE-2024-38476 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * Server Applications Module 15-SP6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Package Hub 15 15-SP6 An update that solves three vulnerabilities can now be installed. ## Description: This update for apache2 fixes the following issues: * CVE-2024-36387: Fixed DoS by null pointer in websocket over HTTP/2 (bsc#1227272) * CVE-2024-38475: Fixed improper escaping of output in mod_rewrite (bsc#1227268) * CVE-2024-38476: Fixed server may use exploitable/malicious backend application output to run local handlers via internal redirect (bsc#1227269) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-2597=1 openSUSE-SLE-15.6-2024-2597=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-2597=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-2597=1 * Server Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2024-2597=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * apache2-event-2.4.58-150600.5.18.1 * apache2-worker-debuginfo-2.4.58-150600.5.18.1 * apache2-utils-2.4.58-150600.5.18.1 * apache2-worker-2.4.58-150600.5.18.1 * apache2-event-debuginfo-2.4.58-150600.5.18.1 * apache2-debuginfo-2.4.58-150600.5.18.1 * apache2-event-debugsource-2.4.58-150600.5.18.1 * apache2-prefork-2.4.58-150600.5.18.1 * apache2-worker-debugsource-2.4.58-150600.5.18.1 * apache2-prefork-debuginfo-2.4.58-150600.5.18.1 * apache2-2.4.58-150600.5.18.1 * apache2-prefork-debugsource-2.4.58-150600.5.18.1 * apache2-utils-debuginfo-2.4.58-150600.5.18.1 * apache2-utils-debugsource-2.4.58-150600.5.18.1 * apache2-debugsource-2.4.58-150600.5.18.1 * apache2-devel-2.4.58-150600.5.18.1 * openSUSE Leap 15.6 (noarch) * apache2-manual-2.4.58-150600.5.18.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * apache2-prefork-2.4.58-150600.5.18.1 * apache2-debuginfo-2.4.58-150600.5.18.1 * apache2-prefork-debuginfo-2.4.58-150600.5.18.1 * apache2-2.4.58-150600.5.18.1 * apache2-prefork-debugsource-2.4.58-150600.5.18.1 * apache2-debugsource-2.4.58-150600.5.18.1 * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64) * apache2-event-2.4.58-150600.5.18.1 * apache2-event-debugsource-2.4.58-150600.5.18.1 * apache2-debuginfo-2.4.58-150600.5.18.1 * apache2-debugsource-2.4.58-150600.5.18.1 * apache2-event-debuginfo-2.4.58-150600.5.18.1 * Server Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * apache2-worker-debuginfo-2.4.58-150600.5.18.1 * apache2-utils-2.4.58-150600.5.18.1 * apache2-worker-2.4.58-150600.5.18.1 * apache2-worker-debugsource-2.4.58-150600.5.18.1 * apache2-utils-debuginfo-2.4.58-150600.5.18.1 * apache2-utils-debugsource-2.4.58-150600.5.18.1 * apache2-devel-2.4.58-150600.5.18.1 ## References: * https://www.suse.com/security/cve/CVE-2024-36387.html * https://www.suse.com/security/cve/CVE-2024-38475.html * https://www.suse.com/security/cve/CVE-2024-38476.html * https://bugzilla.suse.com/show_bug.cgi?id=1227268 * https://bugzilla.suse.com/show_bug.cgi?id=1227269 * https://bugzilla.suse.com/show_bug.cgi?id=1227272

1 0

SUSE-SU-2024:2572-1: moderate: Security update for python312
by OPENSUSE-SECURITY-UPDATES 22 Jul '24

22 Jul '24

# Security update for python312 Announcement ID: SUSE-SU-2024:2572-1 Rating: moderate References: * bsc#1225660 * bsc#1226447 * bsc#1226448 * bsc#1227152 * bsc#1227378 Cross-References: * CVE-2024-0397 * CVE-2024-4030 * CVE-2024-4032 CVSS scores: * CVE-2024-0397 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L * CVE-2024-4030 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2024-4032 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * openSUSE Leap 15.6 * Python 3 Module 15-SP6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves three vulnerabilities and has two security fixes can now be installed. ## Description: This update for python312 fixes the following issues: * CVE-2024-4032: Corrected information about public and private IPv4 and IPv6 address ranges (bsc#1226448). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-2572=1 SUSE-2024-2572=1 * Python 3 Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Python3-15-SP6-2024-2572=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * python312-dbm-debuginfo-3.12.4-150600.3.3.1 * libpython3_12-1_0-debuginfo-3.12.4-150600.3.3.1 * python312-base-3.12.4-150600.3.3.1 * python312-idle-3.12.4-150600.3.3.1 * python312-tools-3.12.4-150600.3.3.1 * python312-dbm-3.12.4-150600.3.3.1 * python312-debuginfo-3.12.4-150600.3.3.1 * python312-3.12.4-150600.3.3.1 * python312-devel-3.12.4-150600.3.3.1 * python312-testsuite-3.12.4-150600.3.3.1 * libpython3_12-1_0-3.12.4-150600.3.3.1 * python312-testsuite-debuginfo-3.12.4-150600.3.3.1 * python312-debugsource-3.12.4-150600.3.3.1 * python312-doc-3.12.4-150600.3.3.1 * python312-tk-3.12.4-150600.3.3.1 * python312-curses-3.12.4-150600.3.3.1 * python312-core-debugsource-3.12.4-150600.3.3.1 * python312-curses-debuginfo-3.12.4-150600.3.3.1 * python312-base-debuginfo-3.12.4-150600.3.3.1 * python312-doc-devhelp-3.12.4-150600.3.3.1 * python312-tk-debuginfo-3.12.4-150600.3.3.1 * openSUSE Leap 15.6 (x86_64) * libpython3_12-1_0-32bit-3.12.4-150600.3.3.1 * python312-32bit-3.12.4-150600.3.3.1 * python312-32bit-debuginfo-3.12.4-150600.3.3.1 * python312-base-32bit-debuginfo-3.12.4-150600.3.3.1 * python312-base-32bit-3.12.4-150600.3.3.1 * libpython3_12-1_0-32bit-debuginfo-3.12.4-150600.3.3.1 * openSUSE Leap 15.6 (aarch64_ilp32) * python312-base-64bit-debuginfo-3.12.4-150600.3.3.1 * libpython3_12-1_0-64bit-debuginfo-3.12.4-150600.3.3.1 * python312-base-64bit-3.12.4-150600.3.3.1 * python312-64bit-3.12.4-150600.3.3.1 * python312-64bit-debuginfo-3.12.4-150600.3.3.1 * libpython3_12-1_0-64bit-3.12.4-150600.3.3.1 * Python 3 Module 15-SP6 (aarch64 ppc64le s390x x86_64) * python312-debuginfo-3.12.4-150600.3.3.1 * python312-dbm-debuginfo-3.12.4-150600.3.3.1 * python312-3.12.4-150600.3.3.1 * python312-devel-3.12.4-150600.3.3.1 * python312-core-debugsource-3.12.4-150600.3.3.1 * libpython3_12-1_0-debuginfo-3.12.4-150600.3.3.1 * python312-dbm-3.12.4-150600.3.3.1 * python312-tk-debuginfo-3.12.4-150600.3.3.1 * python312-base-3.12.4-150600.3.3.1 * python312-curses-debuginfo-3.12.4-150600.3.3.1 * libpython3_12-1_0-3.12.4-150600.3.3.1 * python312-idle-3.12.4-150600.3.3.1 * python312-base-debuginfo-3.12.4-150600.3.3.1 * python312-tk-3.12.4-150600.3.3.1 * python312-tools-3.12.4-150600.3.3.1 * python312-debugsource-3.12.4-150600.3.3.1 * python312-curses-3.12.4-150600.3.3.1 ## References: * https://www.suse.com/security/cve/CVE-2024-0397.html * https://www.suse.com/security/cve/CVE-2024-4030.html * https://www.suse.com/security/cve/CVE-2024-4032.html * https://bugzilla.suse.com/show_bug.cgi?id=1225660 * https://bugzilla.suse.com/show_bug.cgi?id=1226447 * https://bugzilla.suse.com/show_bug.cgi?id=1226448 * https://bugzilla.suse.com/show_bug.cgi?id=1227152 * https://bugzilla.suse.com/show_bug.cgi?id=1227378

1 0

SUSE-SU-2024:2575-1: moderate: Security update for kernel-firmware
by OPENSUSE-SECURITY-UPDATES 22 Jul '24

22 Jul '24

# Security update for kernel-firmware Announcement ID: SUSE-SU-2024:2575-1 Rating: moderate References: * bsc#1219458 * bsc#1222319 * bsc#1225600 * bsc#1225601 Cross-References: * CVE-2023-38417 * CVE-2023-47210 CVSS scores: * CVE-2023-38417 ( SUSE ): 4.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2023-47210 ( SUSE ): 4.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves two vulnerabilities and has two security fixes can now be installed. ## Description: This update for kernel-firmware fixes the following issues: * CVE-2023-38417: Fixed improper input validation for some Intel(R) PROSet/Wireless WiFi software for linux before version 23.20 (bsc#1225600) * CVE-2023-47210: Fixed improper input validation for some Intel(R) PROSet/Wireless WiFi software before version 23.20 (bsc#1225601) * Update to version 20240712 (git commit ed874ed83cac): * amdgpu: update DMCUB to v0.0.225.0 for Various AMDGPU Asics * qcom: add gpu firmwares for x1e80100 chipset (bsc#1219458) * linux-firmware: add firmware for qat_402xx devices * amdgpu: update raven firmware * amdgpu: update SMU 13.0.10 firmware * amdgpu: update SDMA 6.0.3 firmware * amdgpu: update PSP 13.0.10 firmware * amdgpu: update GC 11.0.3 firmware * amdgpu: update vega20 firmware * amdgpu: update PSP 13.0.5 firmware * amdgpu: update PSP 13.0.8 firmware * amdgpu: update vega12 firmware * amdgpu: update vega10 firmware * amdgpu: update VCN 4.0.0 firmware * amdgpu: update SDMA 6.0.0 firmware * amdgpu: update PSP 13.0.0 firmware * amdgpu: update GC 11.0.0 firmware * amdgpu: update picasso firmware * amdgpu: update beige goby firmware * amdgpu: update vangogh firmware * amdgpu: update dimgrey cavefish firmware * amdgpu: update navy flounder firmware * amdgpu: update PSP 13.0.11 firmware * amdgpu: update GC 11.0.4 firmware * amdgpu: update green sardine firmware * amdgpu: update VCN 4.0.2 firmware * amdgpu: update SDMA 6.0.1 firmware * amdgpu: update PSP 13.0.4 firmware * amdgpu: update GC 11.0.1 firmware * amdgpu: update sienna cichlid firmware * amdgpu: update VPE 6.1.1 firmware * amdgpu: update VCN 4.0.6 firmware * amdgpu: update SDMA 6.1.1 firmware * amdgpu: update PSP 14.0.1 firmware * amdgpu: update GC 11.5.1 firmware * amdgpu: update VCN 4.0.5 firmware * amdgpu: update SDMA 6.1.0 firmware * amdgpu: update PSP 14.0.0 firmware * amdgpu: update GC 11.5.0 firmware * amdgpu: update navi14 firmware * amdgpu: update renoir firmware * amdgpu: update navi12 firmware * amdgpu: update PSP 13.0.6 firmware * amdgpu: update GC 9.4.3 firmware * amdgpu: update yellow carp firmware * amdgpu: update VCN 4.0.4 firmware * amdgpu: update SMU 13.0.7 firmware * amdgpu: update SDMA 6.0.2 firmware * amdgpu: update PSP 13.0.7 firmware * amdgpu: update GC 11.0.2 firmware * amdgpu: update navi10 firmware * amdgpu: update raven2 firmware * amdgpu: update aldebaran firmware * linux-firmware: Update AMD cpu microcode * linux-firmware: Add ISH firmware file for Intel Lunar Lake platform * amdgpu: update DMCUB to v0.0.224.0 for Various AMDGPU Asics * cirrus: cs35l41: Update various firmware for ASUS laptops using CS35L41 * amdgpu: Update ISP FW for isp v4.1.1 * Update to version 20240622 (git commit 7d931f8afa51): * linux-firmware: mediatek: Update MT8173 VPU firmware to v1.2.0 * qcom: Add AIC100 firmware files * Update to version 20240618 (git commit 7d931f8afa51): * amlogic: Update bluetooth firmware binary * linux-firmware: Update firmware file for Intel BlazarU core * linux-firmware: Update firmware file for Intel Bluetooth Magnetor core * linux-firmware: Update firmware file for Intel Bluetooth Solar core * linux-firmware: Update firmware file for Intel Bluetooth Pulsar core * rtl_bt: Update RTL8822C BT UART firmware to 0xB5D6_6DCB * rtl_bt: Update RTL8822C BT USB firmware to 0xAED6_6DCB * amdgpu: update DMCUB to v0.0.222.0 for DCN314 * iwlwifi: add ty/So/Ma firmwares for core88-87 release * iwlwifi: update cc/Qu/QuZ firmwares for core88-87 release * linux-firmware: add new cc33xx firmware for cc33xx chips * cirrus: cs35l56: Update firmware for Cirrus CS35L56 for ASUS UM5606 laptop * cirrus: cs35l56: Update firmware for Cirrus CS35L56 for various ASUS laptops * linux-firmware: Add firmware for Lenovo Thinkbooks * amdgpu: update yellow carp firmware * amdgpu: update VCN 4.0.4 firmware * amdgpu: update SDMA 6.0.2 firmware * amdgpu: update PSP 13.0.7 firmware * amdgpu: update GC 11.0.2 firmware * amdgpu: update navi10 firmware * amdgpu: update raven2 firmware * amdgpu: update raven firmware * amdgpu: update SMU 13.0.10 firmware * amdgpu: update SDMA 6.0.3 firmware * amdgpu: update PSP 13.0.10 firmware * amdgpu: update GC 11.0.3 firmware * amdgpu: update VCN 3.1.2 firmware * amdgpu: update PSP 13.0.5 firmware * amdgpu: update psp 13.0.8 firmware * amdgpu: update vega20 firmware * amdgpu: update vega12 firmware * amdgpu: update vega10 firmware * amdgpu: update VCN 4.0.0 firmware * amdgpu: update smu 13.0.0 firmware * amdgpu: update SDMA 6.0.0 firmware * amdgpu: update PSP 13.0.0 firmware * amdgpu: update GC 11.0.0 firmware * amdgpu: update picasso firmware * amdgpu: update beige goby firmware * amdgpu: update vangogh firmware * amdgpu: update dimgrey cavefish firmware * amdgpu: update green sardine firmware * amdgpu: update navy flounder firmware * amdgpu: update PSP 13.0.11 firmware * amdgpu: update GC 11.0.4 firmware * amdgpu: update VCN 4.0.2 firmware * amdgpu: update SDMA 6.0.1 firmware * amdgpu: update PSP 13.0.4 firmware * amdgpu: update GC 11.0.1 firmware * amdgpu: update sienna cichlid firmware * amdgpu: update VCN 4.0.5 firmware * amdgpu: update PSP 14.0.0 firmware * amdgpu: update GC 11.5.0 firmware * amdgpu: update navi14 firmware * amdgpu: update SMU 13.0.6 firmware * amdgpu: update PSP 13.0.6 firmware * amdgpu: update GC 9.4.3 firmware * amdgpu: update renoir firmware * amdgpu: update navi12 firmware * amdgpu: update aldebaran firmware * amdgpu: add support for PSP 14.0.1 * amdgpu: add support for VPE 6.1.1 * amdgpu: add support for VCN 4.0.6 * amdgpu: add support for SDMA 6.1.1 * amdgpu: add support for GC 11.5.1 * amdgpu: Add support for DCN 3.5.1 * QCA: Update Bluetooth QCA2066 firmware to 2.1.0-00639 * cnm: update chips&media wave521c firmware. * linux-firmware: Add ordinary firmware for RTL8821AU device * Update to version 20240519 (git commit aae8224390e2): * amdgpu: add new ISP 4.1.1 firmware * Update to version 20240510 (git commit 7c2303328d8e): * linux-firmware: Amphion: Update vpu firmware * linux-firmware: Update firmware file for Intel BlazarU core * linux-firmware: Update firmware file for Intel Bluetooth Magnetor core * linux-firmware: Update firmware file for Intel Bluetooth Solar core * linux-firmware: Update firmware file for Intel Bluetooth Solar core * i915: Add BMG DMC v2.06 * linux-firmware: Add CS35L41 HDA Firmware for Asus HN7306 * linux-firmware: Update firmware tuning for HP Consumer Laptop * amdgpu: DMCUB updates for various AMDGPU ASICs * rtl_bt: Update RTL8822C BT UART firmware to 0x0FD6_407B * rtl_bt: Update RTL8822C BT USB firmware to 0x0ED6_407B * cirrus: cs35l56: Add firmware for Cirrus CS35L56 for various ASUS laptops * linux-firmware: Add firmware and tuning for Lenovo Y770S * Update to version 20240426 (git commit 2398d264f953): * amdgpu: DMCUB updates for various AMDGPU ASICs * linux-firmware: Add firmware for Cirrus CS35L56 for various HP laptops * i915: Update Xe2LPD DMC to v2.20 * linux-firmware: Remove Calibration Firmware and Tuning for CS35L41 * linux-firmware: Add firmware for Lenovo Thinkbook 13X * ASoC: tas2781: Add dsp firmware for Thinkpad ICE-1 laptop * amdgpu: add DMCUB 3.5 firmware * amdgpu: add VPE 6.1.0 firmware * amdgpu: add VCN 4.0.5 firmware * amdgpu: add UMSCH 4.0.0 firmware * amdgpu: add SDMA 6.1.0 firmware * amdgpu: add PSP 14.0.0 firmware * amdgpu: add GC 11.5.0 firmware * amdgpu: update license date * Update to version 20240419 (git commit 7eab37522984): * Montage: update firmware for Mont-TSSE * linux-firmware: Add tuning parameter configs for CS35L41 Firmware * linux-firmware: Fix firmware names for Laptop SSID 104316a3 * linux-firmware: Add CS35L41 HDA Firmware for Lenovo Legion Slim 7 16ARHA7 * linux-firmware: update firmware for mediatek bluetooth chip (MT7922) * linux-firmware: update firmware for MT7922 WiFi device * iwlwifi: add gl FW for core87-44 release * iwlwifi: add ty/So/Ma firmwares for core87-44 release * iwlwifi: update cc/Qu/QuZ firmwares for core87-44 release * nvidia: Update Tegra210 XUSB firmware to v50.29 * amdgpu: update beige goby firmware * amdgpu: update dimgrey cavefish firmware * amdgpu: update psp 13.0.11 firmware * amdgpu: update gc 11.0.4 firmware * amdgpu: update navy flounder firmware * amdgpu: update renoir firmware * amdgpu: update vcn 4.0.2 firmware * amdgpu: update sdma 6.0.1 firmware * amdgpu: update psp 13.0.4 firmware * amdgpu: update gc 11.0.1 firmware * amdgpu: update sienna cichlid firmware * amdgpu: update vega20 firmware * amdgpu: update yellow carp firmware * amdgpu: update green sardine firmware * amdgpu: update vega12 firmware * amdgpu: update raven2 firmware * amdgpu: update vcn 4.0.4 firmware * amdgpu: update smu 13.0.7 firmware * amdgpu: update sdma 6.0.2 firmware * amdgpu: update ipsp 13.0.7 firmware * amdgpu: update gc 11.0.2 firmware * amdgpu: update vega10 firmware * amdgpu: update raven firmware * amdgpu: update navi14 firmware * amdgpu: update smu 13.0.10 firmware * amdgpu: update sdma 6.0.3 firmware * amdgpu: update psp 13.0.10 firmware * amdgpu: update gc 11.0.3 firmware * amdgpu: update vcn 3.1.2 firmware * amdgpu: update psp 13.0.5 firmware * amdgpu: update gc 10.3.6 firmware * amdgpu: update navi12 firmware * amdgpu: update arcturus firmware * amdgpu: update vangogh firmware * amdgpu: update navi10 firmware * amdgpu: update vcn 4.0.3 firmware * amdgpu: update smu 13.0.6 firmware * amdgpu: update psp 13.0.6 firmware * amdgpu: update gc 9.4.3 firmware * amdgpu: update vcn 4.0.0 firmware * amdgpu: update smu 13.0.0 firmware * amdgpu: update sdma 6.0.0 firmware * amdgpu: update psp 13.0.0 firmware * amdgpu: update gc 11.0.0 firmware * amdgpu: update firmware * amdgpu: update aldebaran firmware * amdgpu: update psp 13.0.8 firmware * amdgpu: update gc 10.3.7 firmware * linux-firmware: mediatek: Update MT8173 VPU firmware to v1.1.9 * ath10k: WCN3990: hw1.0: add qcm2290 firmware API file * ath10k: WCN3990: hw1.0: move firmware back from qcom/ location * i915: Add DG2 HuC 7.10.15 * amdgpu: DMCUB updates for various AMDGPU ASICs * linux-firmware: update firmware for en8811h 2.5G ethernet phy * rtw89: 8852c: update fw to v0.27.56.14 * rtw89: 8922a: add firmware v0.35.18.0 * rtw88: Add RTL8703B firmware v11.0.0 * Drop duplicated WHENCE from kernel-firmware-* subpackages (bsc#1222319) * Update to version 20240322 (git commit 9a6a0cc195c1): * mekdiatek: Update mt8186 SOF firmware to v2.0.1 * linux-firmware: Add firmware for Cirrus CS35L56 for Dell laptops * Montage: update firmware for Mont-TSSE * WHENCE: Link the Raspberry Pi CM4 and 5B to the 4B * Intel Bluetooth: Update firmware file for Intel Bluetooth BE200 * Intel Bluetooth: Update firmware file for Magnetor Intel Bluetooth AX101 * Intel Bluetooth: Update firmware file for Magnetor Intel Bluetooth AX203 * Intel Bluetooth: Update firmware file for Magnetor Intel Bluetooth AX211 * Intel Bluetooth: Update firmware file for SolarF Intel Bluetooth AX101 * Intel Bluetooth: Update firmware file for Solar Intel Bluetooth AX101 * Intel Bluetooth: Update firmware file for SolarF Intel Bluetooth AX203 * Intel Bluetooth: Update firmware file for Solar Intel Bluetooth AX203 * Intel Bluetooth: Update firmware file for SolarF Intel Bluetooth AX211 * Intel Bluetooth: Update firmware file for Solar Intel Bluetooth AX211 * Intel Bluetooth: Update firmware file for Solar Intel Bluetooth AX210 * Intel Bluetooth: Update firmware file for Intel Bluetooth AX200 * Intel Bluetooth: Update firmware file for Intel Bluetooth AX201 * Intel Bluetooth: Update firmware file for Intel Bluetooth 9560 * Intel Bluetooth: Update firmware file for Intel Bluetooth 9260 * amdgpu: DMCUB updates for various AMDGPU ASICs * linux-firmware: mediatek: Update MT8173 VPU firmware to v1.1.8 * imx: sdma: update firmware to v3.6/v4.6 * Update to version 20240312 (git commit 4a404b5bfdb9): * linux-firmware: update firmware for mediatek bluetooth chip (MT7921) * iwlwifi: update 9000-family firmwares to core85-89 * rtl_bt: Update RTL8852A BT USB firmware to 0xD9D6_17DA * linux-firmware: update firmware for MT7921 WiFi device * linux-firmware: update firmware for mediatek bluetooth chip (MT7922) * linux-firmware: update firmware for MT7922 WiFi device * linux-firmware: Add CS35L41 HDA Firmware for Lenovo Thinkbook 16P Laptops * Update to version 20240229 (git commit 977332782302): * amdgpu: Update VCN firmware binaries * Intel IPU2: Add firmware files * brcm: Add nvram for the Acer Iconia One 7 B1-750 tablet * i915: Add Xe2LPD DMC v2.18 * i915: Update MTL DMC v2.21 * Update to version 20240220 (git commit 73b4429fae36): * linux-firmware: update firmware for en8811h 2.5G ethernet phy * linux-firmware: add firmware for MT7996 * xe: First GuC release for LNL and Xe * i915: Add GuC v70.20.0 for ADL-P, DG1, DG2, MTL and TGL * linux-firmware: Add CS35L41 firmware for Lenovo Legion 7i gen7 laptop (16IAX7) * brcm: Add nvram for the Asus Memo Pad 7 ME176C tablet * ice: update ice DDP package to 1.3.36.0 * Intel IPU3 ImgU: Move firmware file under intel/ipu * Intel IPU6: Move firmware binaries under ipu/ * check_whence: Add a check for duplicate link entries * WHENCE: Clean up section separators * linux-firmware: Add CS35L41 firmware for additional ASUS Zenbook 2023 models * panthor: Add initial firmware for Gen10 Arm Mali GPUs * amdgpu: DMCUB Updates for DCN321: 7.0.38.0 * amdgpu: DMCUB updates for Yellow Carp: 4.0.68.0 * qcom: update venus firmware file for v5.4 * Montage: add firmware for Mont-TSSE * amdgpu: update DMCUB to v0.0.203.0 for DCN314 and DCN32 * linux-firmware: Remove 2 HP laptops using CS35L41 Audio Firmware * linux-firmware: Fix filenames for some CS35L41 firmwares for HP ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-2575=1 openSUSE-SLE-15.6-2024-2575=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-2575=1 ## Package List: * openSUSE Leap 15.6 (noarch) * kernel-firmware-ath12k-20240712-150600.3.3.1 * kernel-firmware-marvell-20240712-150600.3.3.1 * kernel-firmware-nfp-20240712-150600.3.3.1 * kernel-firmware-dpaa2-20240712-150600.3.3.1 * kernel-firmware-chelsio-20240712-150600.3.3.1 * kernel-firmware-prestera-20240712-150600.3.3.1 * kernel-firmware-realtek-20240712-150600.3.3.1 * kernel-firmware-bnx2-20240712-150600.3.3.1 * kernel-firmware-bluetooth-20240712-150600.3.3.1 * kernel-firmware-mellanox-20240712-150600.3.3.1 * kernel-firmware-liquidio-20240712-150600.3.3.1 * kernel-firmware-ath10k-20240712-150600.3.3.1 * ucode-amd-20240712-150600.3.3.1 * kernel-firmware-ueagle-20240712-150600.3.3.1 * kernel-firmware-mediatek-20240712-150600.3.3.1 * kernel-firmware-mwifiex-20240712-150600.3.3.1 * kernel-firmware-atheros-20240712-150600.3.3.1 * kernel-firmware-qcom-20240712-150600.3.3.1 * kernel-firmware-network-20240712-150600.3.3.1 * kernel-firmware-radeon-20240712-150600.3.3.1 * kernel-firmware-i915-20240712-150600.3.3.1 * kernel-firmware-iwlwifi-20240712-150600.3.3.1 * kernel-firmware-serial-20240712-150600.3.3.1 * kernel-firmware-usb-network-20240712-150600.3.3.1 * kernel-firmware-amdgpu-20240712-150600.3.3.1 * kernel-firmware-nvidia-20240712-150600.3.3.1 * kernel-firmware-intel-20240712-150600.3.3.1 * kernel-firmware-ti-20240712-150600.3.3.1 * kernel-firmware-ath11k-20240712-150600.3.3.1 * kernel-firmware-media-20240712-150600.3.3.1 * kernel-firmware-qlogic-20240712-150600.3.3.1 * kernel-firmware-all-20240712-150600.3.3.1 * kernel-firmware-20240712-150600.3.3.1 * kernel-firmware-sound-20240712-150600.3.3.1 * kernel-firmware-platform-20240712-150600.3.3.1 * kernel-firmware-brcm-20240712-150600.3.3.1 * Basesystem Module 15-SP6 (noarch) * kernel-firmware-ath12k-20240712-150600.3.3.1 * kernel-firmware-marvell-20240712-150600.3.3.1 * kernel-firmware-nfp-20240712-150600.3.3.1 * kernel-firmware-dpaa2-20240712-150600.3.3.1 * kernel-firmware-chelsio-20240712-150600.3.3.1 * kernel-firmware-prestera-20240712-150600.3.3.1 * kernel-firmware-realtek-20240712-150600.3.3.1 * kernel-firmware-bnx2-20240712-150600.3.3.1 * kernel-firmware-bluetooth-20240712-150600.3.3.1 * kernel-firmware-mellanox-20240712-150600.3.3.1 * kernel-firmware-liquidio-20240712-150600.3.3.1 * kernel-firmware-ath10k-20240712-150600.3.3.1 * ucode-amd-20240712-150600.3.3.1 * kernel-firmware-ueagle-20240712-150600.3.3.1 * kernel-firmware-mediatek-20240712-150600.3.3.1 * kernel-firmware-mwifiex-20240712-150600.3.3.1 * kernel-firmware-atheros-20240712-150600.3.3.1 * kernel-firmware-qcom-20240712-150600.3.3.1 * kernel-firmware-network-20240712-150600.3.3.1 * kernel-firmware-radeon-20240712-150600.3.3.1 * kernel-firmware-i915-20240712-150600.3.3.1 * kernel-firmware-iwlwifi-20240712-150600.3.3.1 * kernel-firmware-serial-20240712-150600.3.3.1 * kernel-firmware-usb-network-20240712-150600.3.3.1 * kernel-firmware-amdgpu-20240712-150600.3.3.1 * kernel-firmware-nvidia-20240712-150600.3.3.1 * kernel-firmware-intel-20240712-150600.3.3.1 * kernel-firmware-ti-20240712-150600.3.3.1 * kernel-firmware-ath11k-20240712-150600.3.3.1 * kernel-firmware-media-20240712-150600.3.3.1 * kernel-firmware-qlogic-20240712-150600.3.3.1 * kernel-firmware-all-20240712-150600.3.3.1 * kernel-firmware-sound-20240712-150600.3.3.1 * kernel-firmware-platform-20240712-150600.3.3.1 * kernel-firmware-brcm-20240712-150600.3.3.1 ## References: * https://www.suse.com/security/cve/CVE-2023-38417.html * https://www.suse.com/security/cve/CVE-2023-47210.html * https://bugzilla.suse.com/show_bug.cgi?id=1219458 * https://bugzilla.suse.com/show_bug.cgi?id=1222319 * https://bugzilla.suse.com/show_bug.cgi?id=1225600 * https://bugzilla.suse.com/show_bug.cgi?id=1225601

1 0

SUSE-SU-2024:2576-1: moderate: Security update for gnome-shell
by OPENSUSE-SECURITY-UPDATES 22 Jul '24

22 Jul '24

# Security update for gnome-shell Announcement ID: SUSE-SU-2024:2576-1 Rating: moderate References: * bsc#1215485 * bsc#1225567 Cross-References: * CVE-2023-43090 * CVE-2024-36472 CVSS scores: * CVE-2023-43090 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2023-43090 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-36472 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:L Affected Products: * Desktop Applications Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Workstation Extension 15 SP6 An update that solves two vulnerabilities can now be installed. ## Description: This update for gnome-shell fixes the following issues: * CVE-2024-36472: Fixed portal helper automatically launched without user confirmation (bsc#1225567) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-2576=1 openSUSE-SLE-15.6-2024-2576=1 * Desktop Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2024-2576=1 * SUSE Linux Enterprise Workstation Extension 15 SP6 zypper in -t patch SUSE-SLE-Product-WE-15-SP6-2024-2576=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * gnome-extensions-45.3-150600.5.6.1 * gnome-shell-45.3-150600.5.6.1 * gnome-shell-debugsource-45.3-150600.5.6.1 * gnome-shell-calendar-debuginfo-45.3-150600.5.6.1 * gnome-shell-debuginfo-45.3-150600.5.6.1 * gnome-shell-devel-45.3-150600.5.6.1 * gnome-shell-calendar-45.3-150600.5.6.1 * openSUSE Leap 15.6 (noarch) * gnome-shell-lang-45.3-150600.5.6.1 * Desktop Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * gnome-extensions-45.3-150600.5.6.1 * gnome-shell-45.3-150600.5.6.1 * gnome-shell-debugsource-45.3-150600.5.6.1 * gnome-shell-debuginfo-45.3-150600.5.6.1 * gnome-shell-devel-45.3-150600.5.6.1 * Desktop Applications Module 15-SP6 (noarch) * gnome-shell-lang-45.3-150600.5.6.1 * SUSE Linux Enterprise Workstation Extension 15 SP6 (x86_64) * gnome-shell-calendar-debuginfo-45.3-150600.5.6.1 * gnome-shell-debuginfo-45.3-150600.5.6.1 * gnome-shell-debugsource-45.3-150600.5.6.1 * gnome-shell-calendar-45.3-150600.5.6.1 ## References: * https://www.suse.com/security/cve/CVE-2023-43090.html * https://www.suse.com/security/cve/CVE-2024-36472.html * https://bugzilla.suse.com/show_bug.cgi?id=1215485 * https://bugzilla.suse.com/show_bug.cgi?id=1225567

1 0

SUSE-SU-2024:2578-1: important: Security update for java-21-openjdk
by OPENSUSE-SECURITY-UPDATES 22 Jul '24

22 Jul '24

# Security update for java-21-openjdk Announcement ID: SUSE-SU-2024:2578-1 Rating: important References: * bsc#1227298 * bsc#1228046 * bsc#1228047 * bsc#1228048 * bsc#1228051 * bsc#1228052 Cross-References: * CVE-2024-21131 * CVE-2024-21138 * CVE-2024-21140 * CVE-2024-21145 * CVE-2024-21147 CVSS scores: * CVE-2024-21131 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2024-21138 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-21140 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2024-21145 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2024-21147 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves five vulnerabilities and has one security fix can now be installed. ## Description: This update for java-21-openjdk fixes the following issues: Updated to version 21.0.4+7 (July 2024 CPU): * CVE-2024-21131: Fixed a potential UTF8 size overflow (bsc#1228046). * CVE-2024-21138: Fixed an infinite loop due to excessive symbol length (bsc#1228047). * CVE-2024-21140: Fixed a pre-loop limit overflow in Range Check Elimination (bsc#1228048). * CVE-2024-21147: Fixed an out-of-bounds access in 2D image handling (bsc#1228052). * CVE-2024-21145: Fixed an index overflow in RangeCheckElimination (bsc#1228051). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-2578=1 openSUSE-SLE-15.6-2024-2578=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-2578=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * java-21-openjdk-21.0.4.0-150600.3.3.1 * java-21-openjdk-headless-debuginfo-21.0.4.0-150600.3.3.1 * java-21-openjdk-jmods-21.0.4.0-150600.3.3.1 * java-21-openjdk-debugsource-21.0.4.0-150600.3.3.1 * java-21-openjdk-headless-21.0.4.0-150600.3.3.1 * java-21-openjdk-src-21.0.4.0-150600.3.3.1 * java-21-openjdk-debuginfo-21.0.4.0-150600.3.3.1 * java-21-openjdk-devel-21.0.4.0-150600.3.3.1 * java-21-openjdk-devel-debuginfo-21.0.4.0-150600.3.3.1 * java-21-openjdk-demo-21.0.4.0-150600.3.3.1 * openSUSE Leap 15.6 (noarch) * java-21-openjdk-javadoc-21.0.4.0-150600.3.3.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * java-21-openjdk-21.0.4.0-150600.3.3.1 * java-21-openjdk-headless-debuginfo-21.0.4.0-150600.3.3.1 * java-21-openjdk-debugsource-21.0.4.0-150600.3.3.1 * java-21-openjdk-headless-21.0.4.0-150600.3.3.1 * java-21-openjdk-debuginfo-21.0.4.0-150600.3.3.1 * java-21-openjdk-devel-21.0.4.0-150600.3.3.1 * java-21-openjdk-devel-debuginfo-21.0.4.0-150600.3.3.1 * java-21-openjdk-demo-21.0.4.0-150600.3.3.1 ## References: * https://www.suse.com/security/cve/CVE-2024-21131.html * https://www.suse.com/security/cve/CVE-2024-21138.html * https://www.suse.com/security/cve/CVE-2024-21140.html * https://www.suse.com/security/cve/CVE-2024-21145.html * https://www.suse.com/security/cve/CVE-2024-21147.html * https://bugzilla.suse.com/show_bug.cgi?id=1227298 * https://bugzilla.suse.com/show_bug.cgi?id=1228046 * https://bugzilla.suse.com/show_bug.cgi?id=1228047 * https://bugzilla.suse.com/show_bug.cgi?id=1228048 * https://bugzilla.suse.com/show_bug.cgi?id=1228051 * https://bugzilla.suse.com/show_bug.cgi?id=1228052

1 0

SUSE-SU-2024:2584-1: important: Security update for libgit2
by OPENSUSE-SECURITY-UPDATES 22 Jul '24

22 Jul '24

# Security update for libgit2 Announcement ID: SUSE-SU-2024:2584-1 Rating: important References: * bsc#1219660 * bsc#1219664 Cross-References: * CVE-2024-24575 * CVE-2024-24577 CVSS scores: * CVE-2024-24575 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-24575 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-24577 ( SUSE ): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L * CVE-2024-24577 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * Development Tools Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves two vulnerabilities can now be installed. ## Description: This update for libgit2 fixes the following issues: Update to 1.7.2: Security fixes: * CVE-2024-24577: Fixed arbitrary code execution due to heap corruption in git_index_add (bsc#1219660) * CVE-2024-24575: Fixed potential infinite loop condition in git_revparse_single() (bsc#1219664) Other fixes: \- A bug in the smart transport negotiation could have caused an out-of-bounds read when a remote server did not advertise capabilities. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-2584=1 openSUSE-SLE-15.6-2024-2584=1 * Development Tools Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2024-2584=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * libgit2-tools-1.7.2-150600.3.3.1 * libgit2-devel-1.7.2-150600.3.3.1 * libgit2-1_7-debuginfo-1.7.2-150600.3.3.1 * libgit2-debuginfo-1.7.2-150600.3.3.1 * libgit2-debugsource-1.7.2-150600.3.3.1 * libgit2-tools-debuginfo-1.7.2-150600.3.3.1 * libgit2-1_7-1.7.2-150600.3.3.1 * Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libgit2-tools-1.7.2-150600.3.3.1 * libgit2-devel-1.7.2-150600.3.3.1 * libgit2-1_7-debuginfo-1.7.2-150600.3.3.1 * libgit2-debuginfo-1.7.2-150600.3.3.1 * libgit2-debugsource-1.7.2-150600.3.3.1 * libgit2-tools-debuginfo-1.7.2-150600.3.3.1 * libgit2-1_7-1.7.2-150600.3.3.1 ## References: * https://www.suse.com/security/cve/CVE-2024-24575.html * https://www.suse.com/security/cve/CVE-2024-24577.html * https://bugzilla.suse.com/show_bug.cgi?id=1219660 * https://bugzilla.suse.com/show_bug.cgi?id=1219664

1 0

openSUSE-SU-2024:0212-1: important: Security update for chromium
by opensuse-security＠opensuse.org 22 Jul '24

22 Jul '24

openSUSE Security Update: Security update for chromium ______________________________________________________________________________ Announcement ID: openSUSE-SU-2024:0212-1 Rating: important References: #1227979 Cross-References: CVE-2024-6772 CVE-2024-6773 CVE-2024-6774 CVE-2024-6775 CVE-2024-6776 CVE-2024-6777 CVE-2024-6778 CVE-2024-6779 Affected Products: openSUSE Backports SLE-15-SP5 ______________________________________________________________________________ An update that fixes 8 vulnerabilities is now available. Description: This update for chromium fixes the following issues: Chromium 126.0.6478.182 (boo#1227979): - CVE-2024-6772: Inappropriate implementation in V8 - CVE-2024-6773: Type Confusion in V8 - CVE-2024-6774: Use after free in Screen Capture - CVE-2024-6775: Use after free in Media Stream - CVE-2024-6776: Use after free in Audio - CVE-2024-6777: Use after free in Navigation - CVE-2024-6778: Race in DevTools - CVE-2024-6779: Out of bounds memory access in V8 Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15-SP5: zypper in -t patch openSUSE-2024-212=1 Package List: - openSUSE Backports SLE-15-SP5 (aarch64 x86_64): chromedriver-126.0.6478.182-bp155.2.99.1 chromium-126.0.6478.182-bp155.2.99.1 References: https://www.suse.com/security/cve/CVE-2024-6772.html https://www.suse.com/security/cve/CVE-2024-6773.html https://www.suse.com/security/cve/CVE-2024-6774.html https://www.suse.com/security/cve/CVE-2024-6775.html https://www.suse.com/security/cve/CVE-2024-6776.html https://www.suse.com/security/cve/CVE-2024-6777.html https://www.suse.com/security/cve/CVE-2024-6778.html https://www.suse.com/security/cve/CVE-2024-6779.html https://bugzilla.suse.com/1227979

1 0

openSUSE-SU-2024:0211-1: moderate: Security update for caddy
by opensuse-security＠opensuse.org 22 Jul '24

22 Jul '24

openSUSE Security Update: Security update for caddy ______________________________________________________________________________ Announcement ID: openSUSE-SU-2024:0211-1 Rating: moderate References: #1222468 Cross-References: CVE-2023-45142 CVE-2024-22189 CVSS scores: CVE-2023-45142 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2024-22189 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: openSUSE Backports SLE-15-SP5 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: This update for caddy fixes the following issues: Update to version 2.8.4: * cmd: fix regression in auto-detect of Caddyfile (#6362) * Tag v2.8.3 was mistakenly made on the v2.8.2 commit and is skipped Update to version 2.8.2: * cmd: fix auto-detetction of .caddyfile extension (#6356) * caddyhttp: properly sanitize requests for root path (#6360) * caddytls: Implement certmagic.RenewalInfoGetter Update to version 2.8.1: * caddyhttp: Fix merging consecutive `client_ip` or `remote_ip` matchers (#6350) * core: MkdirAll appDataDir in InstanceID with 0o700 (#6340) Update to version 2.8.0: * acmeserver: Add `sign_with_root` for Caddyfile (#6345) * caddyfile: Reject global request matchers earlier (#6339) * core: Fix bug in AppIfConfigured (fix #6336) * fix a typo (#6333) * autohttps: Move log WARN to INFO, reduce confusion (#6185) * reverseproxy: Support HTTP/3 transport to backend (#6312) * context: AppIfConfigured returns error; consider not-yet-provisioned modules (#6292) * Fix lint error about deprecated method in smallstep/certificates/authority * go.mod: Upgrade dependencies * caddytls: fix permission requirement with AutomationPolicy (#6328) * caddytls: remove ClientHelloSNICtxKey (#6326) * caddyhttp: Trace individual middleware handlers (#6313) * templates: Add `pathEscape` template function and use it in file browser (#6278) * caddytls: set server name in context (#6324) * chore: downgrade minimum Go version in go.mod (#6318) * caddytest: normalize the JSON config (#6316) * caddyhttp: New experimental handler for intercepting responses (#6232) * httpcaddyfile: Set challenge ports when http_port or https_port are used * logging: Add support for additional logger filters other than hostname (#6082) * caddyhttp: Log 4xx as INFO; 5xx as ERROR (close #6106) * caddyhttp: Alter log message when request is unhandled (close #5182) * reverseproxy: Pointer to struct when loading modules; remove LazyCertPool (#6307) * tracing: add trace_id var (`http.vars.trace_id` placeholder) (#6308) * go.mod: CertMagic v0.21.0 * reverseproxy: Implement health_follow_redirects (#6302) * caddypki: Allow use of root CA without a key. Fixes #6290 (#6298) * go.mod: Upgrade to quic-go v0.43.1 * reverseproxy: HTTP transport: fix PROXY protocol initialization (#6301) * caddytls: Ability to drop connections (close #6294) * httpcaddyfile: Fix expression matcher shortcut in snippets (#6288) * caddytls: Evict internal certs from cache based on issuer (#6266) * chore: add warn logs when using deprecated fields (#6276) * caddyhttp: Fix linter warning about deprecation * go.mod: Upgrade to quic-go v0.43.0 * fileserver: Set "Vary: Accept-Encoding" header (see #5849) * events: Add debug log * reverseproxy: handle buffered data during hijack (#6274) * ci: remove `android` and `plan9` from cross-build workflow (#6268) * run `golangci-lint run --fix --fast` (#6270) * caddytls: Option to configure certificate lifetime (#6253) * replacer: Implement `file.*` global replacements (#5463) * caddyhttp: Address some Go 1.20 features (#6252) * Quell linter (false positive) * reverse_proxy: Add grace_period for SRV upstreams to Caddyfile (#6264) * doc: add `verifier` in `ClientAuthentication` caddyfile marshaler doc (#6263) * caddytls: Add Caddyfile support for on-demand permission module (close #6260) * reverseproxy: Remove long-deprecated buffering properties * reverseproxy: Reuse buffered request body even if partially drained * reverseproxy: Accept EOF when buffering * logging: Fix default access logger (#6251) * fileserver: Improve Vary handling (#5849) * cmd: Only validate config is proper JSON if config slice has data (#6250) * staticresp: Use the evaluated response body for sniffing JSON content-type (#6249) * encode: Slight fix for the previous commit * encode: Improve Etag handling (fix #5849) * httpcaddyfile: Skip automate loader if disable_certs is specified (fix #6148) * caddyfile: Populate regexp matcher names by default (#6145) * caddyhttp: record num. bytes read when response writer is hijacked (#6173) * caddyhttp: Support multiple logger names per host (#6088) * chore: fix some typos in comments (#6243) * encode: Configurable compression level for zstd (#6140) * caddytls: Remove shim code supporting deprecated lego-dns (#6231) * connection policy: add `local_ip` matcher (#6074) * reverseproxy: Wait for both ends of websocket to close (#6175) * caddytls: Upgrade ACMEz to v2; support ZeroSSL API; various fixes (#6229) * caddytls: Still provision permission module if ask is specified * fileserver: read etags from precomputed files (#6222) * fileserver: Escape # and ? in img src (fix #6237) * reverseproxy: Implement modular CA provider for TLS transport (#6065) * caddyhttp: Apply auto HTTPS redir to all interfaces (fix #6226) * cmd: Fix panic related to config filename (fix #5919) * cmd: Assume Caddyfile based on filename prefix and suffix (#5919) * admin: Make `Etag` a header, not a trailer (#6208) * caddyhttp: remove duplicate strings.Count in path matcher (fixes #6233) (#6234) * caddyconfig: Use empty struct instead of bool in map (close #6224) (#6227) * gitignore: Add rule for caddyfile.go (#6225) * chore: Fix broken links in README.md (#6223) * chore: Upgrade some dependencies (#6221) * caddyhttp: Add plaintext response to `file_server browse` (#6093) * admin: Use xxhash for etag (#6207) * modules: fix some typo in conments (#6206) * caddyhttp: Replace sensitive headers with REDACTED (close #5669) * caddyhttp: close quic connections when server closes (#6202) * reverseproxy: Use xxhash instead of fnv32 for LB (#6203) * caddyhttp: add http.request.local{,.host,.port} placeholder (#6182) * chore: remove repetitive word (#6193) * Added a null check to avoid segfault on rewrite query ops (#6191) * rewrite: `uri query` replace operation (#6165) * logging: support `ms` duration format and add docs (#6187) * replacer: use RWMutex to protect static provider (#6184) * caddyhttp: Allow `header` replacement with empty string (#6163) * vars: Make nil values act as empty string instead of `"<nil>"` (#6174) * chore: Update quic-go to v0.42.0 (#6176) * caddyhttp: Accept XFF header values with ports, when parsing client IP (#6183) * reverseproxy: configurable active health_passes and health_fails (#6154) * reverseproxy: Configurable forward proxy URL (#6114) * caddyhttp: upgrade to cel v0.20.0 (#6161) * chore: Bump Chroma to v2.13.0, includes new Caddyfile lexer (#6169) * caddyhttp: suppress flushing if the response is being buffered (#6150) * chore: encode: use FlushError instead of Flush (#6168) * encode: write status immediately when status code is informational (#6164) * httpcaddyfile: Keep deprecated `skip_log` in directive order (#6153) * httpcaddyfile: Add `RegisterDirectiveOrder` function for plugin authors (#5865) * rewrite: Implement `uri query` operations (#6120) * fix struct names (#6151) * fileserver: Preserve query during canonicalization redirect (#6109) * logging: Implement `log_append` handler (#6066) * httpcaddyfile: Allow nameless regexp placeholder shorthand (#6113) * logging: Implement `append` encoder, allow flatter filters config (#6069) * ci: fix the integration test `TestLeafCertLoaders` (#6149) * vars: Allow overriding `http.auth.user.id` in replacer as a special case (#6108) * caddytls: clientauth: leaf verifier: make trusted leaf certs source pluggable (#6050) * cmd: Adjust config load logs/errors (#6032) * reverseproxy: SRV dynamic upstream failover (#5832) * ci: bump golangci/golangci-lint-action from 3 to 4 (#6141) * core: OnExit hooks (#6128) * cmd: fix the output of the `Usage` section (#6138) * caddytls: verifier: caddyfile: re-add Caddyfile support (#6127) * acmeserver: add policy field to define allow/deny rules (#5796) * reverseproxy: cookie should be Secure and SameSite=None when TLS (#6115) * caddytest: Rename adapt tests to `*.caddyfiletest` extension (#6119) * tests: uses testing.TB interface for helper to be able to use test server in benchmarks. (#6103) * caddyfile: Assert having a space after heredoc marker to simply check (#6117) * chore: Update Chroma to get the new Caddyfile lexer (#6118) * reverseproxy: use context.WithoutCancel (#6116) * caddyfile: Reject directives in the place of site addresses (#6104) * caddyhttp: Register post-shutdown callbacks (#5948) * caddyhttp: Only attempt to enable full duplex for HTTP/1.x (#6102) * caddyauth: Drop support for `scrypt` (#6091) * Revert "caddyfile: Reject long heredoc markers (#6098)" (#6100) * caddyauth: Rename `basicauth` to `basic_auth` (#6092) * logging: Inline Caddyfile syntax for `ip_mask` filter (#6094) * caddyfile: Reject long heredoc markers (#6098) * chore: Rename CI jobs, run on M1 mac (#6089) * fix: add back text/* * fix: add more media types to the compressed by default list * acmeserver: support specifying the allowed challenge types (#5794) * matchers: Drop `forwarded` option from `remote_ip` matcher (#6085) * caddyhttp: Test cases for `%2F` and `%252F` (#6084) * fileserver: Browse can show symlink target if enabled (#5973) * core: Support NO_COLOR env var to disable log coloring (#6078) * Update comment in setcap helper script * caddytls: Make on-demand 'ask' permission modular (#6055) * core: Add `ctx.Slogger()` which returns an `slog` logger (#5945) * chore: Update quic-go to v0.41.0, bump Go minimum to 1.21 (#6043) * chore: enabling a few more linters (#5961) * caddyfile: Correctly close the heredoc when the closing marker appears immediately (#6062) * caddyfile: Switch to slices.Equal for better performance (#6061) * tls: modularize trusted CA providers (#5784) * logging: Automatic `wrap` default for `filter` encoder (#5980) * caddyhttp: Fix panic when request missing ClientIPVarKey (#6040) * caddyfile: Normalize & flatten all unmarshalers (#6037) * cmd: reverseproxy: log: use caddy logger (#6042) * matchers: `query` now ANDs multiple keys (#6054) * caddyfile: Add heredoc support to `fmt` command (#6056) * refactor: move automaxprocs init in caddycmd.Main() * caddyfile: Allow heredoc blank lines (#6051) * httpcaddyfile: Add optional status code argument to `handle_errors` directive (#5965) * httpcaddyfile: Rewrite `root` and `rewrite` parsing to allow omitting matcher (#5844) * fileserver: Implement caddyfile.Unmarshaler interface (#5850) * reverseproxy: Add `tls_curves` option to HTTP transport (#5851) * caddyhttp: Security enhancements for client IP parsing (#5805) * replacer: Fix escaped closing braces (#5995) * filesystem: Globally declared filesystems, `fs` directive (#5833) * ci/cd: use the build tag `nobadger` to exclude badgerdb (#6031) * httpcaddyfile: Fix redir <to> html (#6001) * httpcaddyfile: Support client auth verifiers (#6022) * tls: add reuse_private_keys (#6025) * reverseproxy: Only change Content-Length when full request is buffered (#5830) * Switch Solaris-derivatives away from listen_unix (#6021) * chore: check against errors of `io/fs` instead of `os` (#6011) * caddyhttp: support unix sockets in `caddy respond` command (#6010) * fileserver: Add total file size to directory listing (#6003) * httpcaddyfile: Fix cert file decoding to load multiple PEM in one file (#5997) * cmd: use automaxprocs for better perf in containers (#5711) * logging: Add `zap.Option` support (#5944) * httpcaddyfile: Sort skip_hosts for deterministic JSON (#5990) * metrics: Record request metrics on HTTP errors (#5979) * go.mod: Updated quic-go to v0.40.1 (#5983) * fileserver: Enable compression for command by default (#5855) * fileserver: New --precompressed flag (#5880) * caddyhttp: Add `uuid` to access logs when used (#5859) * proxyprotocol: use github.com/pires/go-proxyproto (#5915) * cmd: Preserve LastModified date when exporting storage (#5968) * core: Always make AppDataDir for InstanceID (#5976) * chore: cross-build for AIX (#5971) * caddytls: Sync distributed storage cleaning (#5940) * caddytls: Context to DecisionFunc (#5923) * tls: accept placeholders in string values of certificate loaders (#5963) * templates: Offically make templates extensible (#5939) * http2 uses new round-robin scheduler (#5946) * panic when reading from backend failed to propagate stream error (#5952) * chore: Bump otel to v1.21.0. (#5949) * httpredirectlistener: Only set read limit for when request is HTTP (#5917) * fileserver: Add .m4v for browse template icon * Revert "caddyhttp: Use sync.Pool to reduce lengthReader allocations (#5848)" (#5924) * go.mod: update quic-go version to v0.40.0 (#5922) * update quic-go to v0.39.3 (#5918) * chore: Fix usage pool comment (#5916) * test: acmeserver: add smoke test for the ACME server directory (#5914) * Upgrade acmeserver to github.com/go-chi/chi/v5 (#5913) * caddyhttp: Adjust `scheme` placeholder docs (#5910) * go.mod: Upgrade quic-go to v0.39.1 * go.mod: CVE-2023-45142 Update opentelemetry (#5908) * templates: Delete headers on `httpError` to reset to clean slate (#5905) * httpcaddyfile: Remove port from logger names (#5881) * core: Apply SO_REUSEPORT to UDP sockets (#5725) * caddyhttp: Use sync.Pool to reduce lengthReader allocations (#5848) * cmd: Add newline character to version string in CLI output (#5895) * core: quic listener will manage the underlying socket by itself (#5749) * templates: Clarify `include` args docs, add `.ClientIP` (#5898) * httpcaddyfile: Fix TLS automation policy merging with get_certificate (#5896) * cmd: upgrade: resolve symlink of the executable (#5891) * caddyfile: Fix variadic placeholder false positive when token contains `:` (#5883) - CVEs: * CVE-2024-22189 (boo#1222468) * CVE-2023-45142 - Remove the manual user/group provides: the package uses sysusers.d; the auto-provides were not working due to the broken go_provides. - Provide user and group (due to RPM 4.19) - Update caddy.sysusers to also create a group - Update to version 2.7.6: * caddytls: Sync distributed storage cleaning (#5940) * caddytls: Context to DecisionFunc (#5923) * tls: accept placeholders in string values of certificate loaders (#5963) * templates: Offically make templates extensible (#5939) * http2 uses new round-robin scheduler (#5946) * panic when reading from backend failed to propagate stream error (#5952) * chore: Bump otel to v1.21.0. (#5949) * httpredirectlistener: Only set read limit for when request is HTTP (#5917) * fileserver: Add .m4v for browse template icon * Revert "caddyhttp: Use sync.Pool to reduce lengthReader allocations (#5848)" (#5924) * go.mod: update quic-go version to v0.40.0 (#5922) * update quic-go to v0.39.3 (#5918) * chore: Fix usage pool comment (#5916) * test: acmeserver: add smoke test for the ACME server directory (#5914) * Upgrade acmeserver to github.com/go-chi/chi/v5 (#5913) * caddyhttp: Adjust `scheme` placeholder docs (#5910) * go.mod: Upgrade quic-go to v0.39.1 * go.mod: CVE-2023-45142 Update opentelemetry (#5908) * templates: Delete headers on `httpError` to reset to clean slate (#5905) * httpcaddyfile: Remove port from logger names (#5881) * core: Apply SO_REUSEPORT to UDP sockets (#5725) * caddyhttp: Use sync.Pool to reduce lengthReader allocations (#5848) * cmd: Add newline character to version string in CLI output (#5895) * core: quic listener will manage the underlying socket by itself (#5749) * templates: Clarify `include` args docs, add `.ClientIP` (#5898) * httpcaddyfile: Fix TLS automation policy merging with get_certificate (#5896) * cmd: upgrade: resolve symlink of the executable (#5891) * caddyfile: Fix variadic placeholder false positive when token contains `:` (#5883) - Update to version 2.7.5: * admin: Respond with 4xx on non-existing config path (#5870) * ci: Force the Go version for govulncheck (#5879) * fileserver: Set canonical URL on browse template (#5867) * tls: Add X25519Kyber768Draft00 PQ "curve" behind build tag (#5852) * reverseproxy: Add more debug logs (#5793) * reverseproxy: Fix `least_conn` policy regression (#5862) * reverseproxy: Add logging for dynamic A upstreams (#5857) * reverseproxy: Replace health header placeholders (#5861) * httpcaddyfile: Sort TLS SNI matcher for deterministic JSON output (#5860) * cmd: Fix exiting with custom status code, add `caddy -v` (#5874) * reverseproxy: fix parsing Caddyfile fails for unlimited request/response buffers (#5828) * reverseproxy: Fix retries on "upstreams unavailable" error (#5841) * httpcaddyfile: Enable TLS for catch-all site if `tls` directive is specified (#5808) * encode: Add `application/wasm*` to the default content types (#5869) * fileserver: Add command shortcuts `-l` and `-a` (#5854) * go.mod: Upgrade dependencies incl. x/net/http * templates: Add dummy `RemoteAddr` to `httpInclude` request, proxy compatibility (#5845) * reverseproxy: Allow fallthrough for response handlers without routes (#5780) * fix: caddytest.AssertResponseCode error message (#5853) * caddyhttp: Use LimitedReader for HTTPRedirectListener * fileserver: browse template SVG icons and UI tweaks (#5812) * reverseproxy: fix nil pointer dereference in AUpstreams.GetUpstreams (#5811) * httpcaddyfile: fix placeholder shorthands in named routes (#5791) * cmd: Prevent overwriting existing env vars with `--envfile` (#5803) * ci: Run govulncheck (#5790) * logging: query filter for array of strings (#5779) * logging: Clone array on log filters, prevent side-effects (#5786) * fileserver: Export BrowseTemplate * ci: ensure short-sha is exported correctly on all platforms (#5781) * caddyfile: Fix case where heredoc marker is empty after newline (#5769) * go.mod: Update quic-go to v0.38.0 (#5772) * chore: Appease gosec linter (#5777) * replacer: change timezone to UTC for "time.now.http" placeholders (#5774) * caddyfile: Adjust error formatting (#5765) * update quic-go to v0.37.6 (#5767) * httpcaddyfile: Stricter errors for site and upstream address schemes (#5757) * caddyfile: Loosen heredoc parsing (#5761) * fileserver: docs: clarify the ability to produce JSON array with `browse` (#5751) * fix package typo (#5764) - Switch to sysuser for user setup Update to version 2.7.4: * go.mod: Upgrade CertMagic and quic-go * reverseproxy: Always return new upstreams (fix #5736) (#5752) * ci: use gci linter (#5708) * fileserver: Slightly more fitting icons * cmd: Require config for caddy validate (fix #5612) (#5614) * caddytls: Update docs for on-demand config * fileserver: Don't repeat error for invalid method inside error context (#5705) * ci: Update to Go 1.21 (#5719) * ci: Add riscv64 (64-bit RISC-V) to goreleaser (#5720) * go.mod: Upgrade golang.org/x/net to 0.14.0 (#5718) * ci: Use gofumpt to format code (#5707) * templates: Fix httpInclude (fix #5698) Update to version 2.7.3: * go.mod: Upgrade to quic-go v0.37.3 * cmd: Split unix sockets for admin endpoint addresses (#5696) * reverseproxy: do not parse upstream address too early if it contains replaceble parts (#5695) * caddyfile: check that matched key is not a substring of the replacement key (#5685) * chore: use `--clean` instead of `--rm-dist` for goreleaser (#5691) * go.mod: Upgrade quic-go to v0.37.2 (fix #5680) * fileserver: browse: Render SVG images in grid - Update to version 2.7.2: * reverseproxy: Fix hijack ordering which broke websockets (#5679) * httpcaddyfile: Fix `string does not match ~[]E` error (#5675) * encode: Fix infinite recursion (#5672) * caddyhttp: Make use of `http.ResponseController` (#5654) * go.mod: Upgrade dependencies esp. smallstep/certificates * core: Allow loopback hosts for admin endpoint (fix #5650) (#5664) * httpcaddyfile: Allow `hostnames` & logger name overrides for log directive (#5643) * reverseproxy: Connection termination cleanup (#5663) * go.mod: Use quic-go 0.37.1 * reverseproxy: Export ipVersions type (#5648) * go.mod: Use latest CertMagic (v0.19.1) * caddyhttp: Preserve original error (fix #5652) * fileserver: add lazy image loading (#5646) * go.mod: Update quic-go to v0.37.0, bump to Go 1.20 minimum (#5644) * core: Refine mutex during reloads (fix #5628) (#5645) * go.mod: update quic-go to v0.36.2 (#5636) * fileserver: Tweak grid view of browse template * fileserver: add `export-template` sub-command to `file-server` (#5630) * caddyfile: Fix comparing if two tokens are on the same line (#5626) * caddytls: Reuse certificate cache through reloads (#5623) * Minor tweaks to security.md * reverseproxy: Pointer receiver * caddyhttp: Trim dot/space only on Windows (fix #5613) * update quic-go to v0.36.1 (#5611) * caddyconfig: Specify config adapter for HTTP loader (close #5607) * core: Embed net.UDPConn to gain optimizations (#5606) * chore: remove deprecated property `rlcp` in goreleaser config (#5608) * core: Skip `chmod` for abstract unix sockets (#5596) * core: Add optional unix socket file permissions (#4741) * reverseproxy: Honor `tls_except_port` for active health checks (#5591) * Appease linter * Fix compile on Windows, hopefully * core: Properly preserve unix sockets (fix #5568) * go.mod: Upgrade CertMagic for hotfix * go.mod: Upgrade some dependencies * chore: upgrade otel (#5586) * go.mod: Update quic-go to v0.36.0 (#5584) * reverseproxy: weighted_round_robin load balancing policy (#5579) * reverseproxy: Experimental streaming timeouts (#5567) * chore: remove refs of deprecated io/ioutil (#5576) * headers: Allow `>` to defer shortcut for replacements (#5574) * caddyhttp: Support custom network for HTTP/3 (#5573) * reverseproxy: Fix parsing of source IP in case it's an ipv6 address (#5569) * fileserver: browse: Better grid layout (#5564) * caddytls: Clarify some JSON config docs * cmd: Implement storage import/export (#5532) * go.mod: Upgrade quic-go to 0.35.1 * update quic-go to v0.35.0 (#5560) * templates: Add `readFile` action that does not evaluate templates (#5553) * caddyfile: Track import name instead of modifying filename (#5540) * core: Use SO_REUSEPORT_LB on FreeBSD (#5554) * caddyfile: Do not replace import tokens if they are part of a snippet (#5539) * fileserver: Don't set Etag if mtime is 0 or 1 (close #5548) (#5550) * fileserver: browse: minor tweaks for grid view, dark mode (#5545) * fileserver: Only set Etag if not already set (fix #5546) (#5547) * fileserver: Fix file browser breadcrumb font (#5543) * caddyhttp: Fix h3 shutdown (#5541) * fileserver: More filetypes for browse icons * fileserver: Fix file browser footer in grid mode (#5536) * cmd: Avoid spammy log messages (fix #5538) * httpcaddyfile: Sort Caddyfile slice * caddyhttp: Implement named routes, `invoke` directive (#5107) * rewrite: use escaped path, fix #5278 (#5504) * headers: Add > Caddyfile shortcut for enabling defer (#5535) * go.mod: Upgrade several dependencies * reverseproxy: Expand port ranges to multiple upstreams in CLI + Caddyfile (#5494) * fileserver: Use EscapedPath for browse (#5534) * caddyhttp: Refactor cert Managers (fix #5415) (#5533) * Slightly more helpful error message * caddytls: Check for nil ALPN; close #5470 (#5473) * cmd: Reduce spammy logs from --watch * caddyhttp: Add a getter for Server.name (#5531) * caddytls: Configurable fallback SNI (#5527) * caddyhttp: Update quic's TLS configs after reload (#5517) (fix #4849) * Add doc comment about changing admin endpoint * feature: watch include directory (#5521) * chore: remove deprecated linters (#5525) * go.mod: Upgrade CertMagic again * go.mod: Upgrade CertMagic * reverseproxy: Optimize base case for least_conn and random_choose policies (#5487) * reverseproxy: Fix active health check header canonicalization, refactor (#5446) * reverseproxy: Add `fallback` for some policies, instead of always random (#5488) * logging: Actually honor the SoftStart parameter * logging: Soft start for net writer (close #5520) * fastcgi: Fix `capture_stderr` (#5515) * acmeserver: Configurable `resolvers`, fix smallstep deprecations (#5500) * go.mod: Update some dependencies * logging: Add traceID field to access logs when tracing is active (#5507) * caddyhttp: Impl `ResponseWriter.Unwrap()`, prep for Go 1.20's `ResponseController` (#5509) * reverseproxy: Fix reinitialize upstream healthy metrics (#5498) * fix some comments (#5508) * templates: Add `fileStat` function (#5497) * caddyfile: Stricter parsing, error for brace on new line (#5505) * core: Return default logger if no modules loaded * celmatcher: Implement `pkix.Name` conversion to string (#5492) * chore: Adjustments to CI caching (#5495) * reverseproxy: Remove deprecated `lookup_srv` (#5396) * cmd: Support `'` quotes in envfile parsing (#5437) * Update contributing guidelines (#5466) * caddyhttp: Serve http2 when listener wrapper doesn't return *tls.Conn (#4929) * reverseproxy: Add `query` and `client_ip_hash` lb policies (#5468) * cmd: Create pidfile before config load (close #5477) * fileserver: Add color-scheme meta tag (#5475) * proxyprotocol: Add PROXY protocol support to `reverse_proxy`, add HTTP listener wrapper (#5424) * reverseproxy: Add mention of which half a copyBuffer err comes from (#5472) * caddyhttp: Log request body bytes read (#5461) * log: Make sink logs encodable (#5441) * caddytls: Eval replacer on automation policy subjects (#5459) * headers: Support deleting all headers as first op (#5464) * replacer: Add HTTP time format (#5458) * reverseproxy: Header up/down support for CLI command (#5460) * caddyhttp: Determine real client IP if trusted proxies configured (#5104) * httpcaddyfile: Adjust path matcher sorting to solve for specificity (#5462) * caddytls: Zero out throttle window first (#5443) * ci: add `--yes` to cosign arguments (#5440) * reverseproxy: Reset Content-Length to prevent FastCGI from hanging (#5435) * caddytls: Allow on-demand w/o ask for internal-only * caddytls: Require 'ask' endpoint for on-demand TLS * fileserver: New file browse template (#5427) * go.mod: Upgrade dependencies * tracing: Support autoprop from OTEL_PROPAGATORS (#5147) * caddyhttp: Enable 0-RTT QUIC (#5425) * encode: flush status code when hijacked. (#5419) * fileserver: Remove trailing slash on fs filenames (#5417) * core: Eliminate unnecessary shutdown delay on Unix (#5413) * caddyhttp: Fix `vars_regexp` matcher with placeholders (#5408) * context: Rename func to `AppIfConfigured` (#5397) * reverseproxy: allow specifying ip version for dynamic `a` upstream (#5401) * caddyfile: Fix heredoc fuzz crasher, drop trailing newline (#5404) * caddyfile: Implement heredoc support (#5385) * cmd: Expand cobra support, add short flags (#5379) * ci: Update minimum Go version to 1.19 * go.mod: Upgrade quic-go to v0.33.0 (Go 1.19 min) * reverseproxy: refactor HTTP transport layer (#5369) * caddytls: Relax the warning for on-demand (#5384) * cmd: Strict unmarshal for validate (#5383) * caddyfile: Implement variadics for import args placeholders (#5249) * cmd: make `caddy fmt` hints more clear (#5378) * cmd: Adjust documentation for commands (#5377) - Update to version 2.6.4: * reverseproxy: Don't buffer chunked requests (fix #5366) (#5367) Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15-SP5: zypper in -t patch openSUSE-2024-211=1 Package List: - openSUSE Backports SLE-15-SP5 (aarch64 i586 ppc64le s390x x86_64): caddy-2.8.4-bp155.2.3.1 - openSUSE Backports SLE-15-SP5 (noarch): caddy-bash-completion-2.8.4-bp155.2.3.1 caddy-fish-completion-2.8.4-bp155.2.3.1 caddy-zsh-completion-2.8.4-bp155.2.3.1 References: https://www.suse.com/security/cve/CVE-2023-45142.html https://www.suse.com/security/cve/CVE-2024-22189.html https://bugzilla.suse.com/1222468

1 0

openSUSE-SU-2024:0210-1: important: Security update for global
by opensuse-security＠opensuse.org 22 Jul '24

22 Jul '24

openSUSE Security Update: Security update for global ______________________________________________________________________________ Announcement ID: openSUSE-SU-2024:0210-1 Rating: important References: #1226420 Cross-References: CVE-2024-38448 Affected Products: openSUSE Backports SLE-15-SP5 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for global fixes the following issues: - CVE-2024-38448: htags may allow code execution via untrusted dbpath (boo#1226420) Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15-SP5: zypper in -t patch openSUSE-2024-210=1 Package List: - openSUSE Backports SLE-15-SP5 (aarch64 i586 ppc64le s390x x86_64): global-6.6.9-bp155.2.3.1 References: https://www.suse.com/security/cve/CVE-2024-38448.html https://bugzilla.suse.com/1226420

1 0

SUSE-SU-2024:2568-1: important: Security update for mockito, snakeyaml, testng
by null＠suse.de 22 Jul '24

22 Jul '24

The content of this message was lost. It was probably cross-posted to multiple lists and previously handled on another list.

1 0

openSUSE-SU-2024:0205-1: important: Security update for opera
by opensuse-security＠opensuse.org 20 Jul '24

20 Jul '24

openSUSE Security Update: Security update for opera ______________________________________________________________________________ Announcement ID: openSUSE-SU-2024:0205-1 Rating: important References: Cross-References: CVE-2024-5830 CVE-2024-5831 CVE-2024-5832 CVE-2024-5833 CVE-2024-5834 CVE-2024-5835 CVE-2024-5836 CVE-2024-5837 CVE-2024-5838 CVE-2024-5839 CVE-2024-5840 CVE-2024-5841 CVE-2024-5842 CVE-2024-5843 CVE-2024-5844 CVE-2024-5845 CVE-2024-5846 CVE-2024-5847 CVE-2024-6290 CVE-2024-6291 CVE-2024-6292 CVE-2024-6293 CVSS scores: CVE-2024-5830 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2024-5831 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2024-5832 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2024-5833 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2024-5834 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2024-5835 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2024-5836 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2024-5837 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2024-5838 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2024-5839 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N CVE-2024-5840 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N CVE-2024-5841 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2024-5842 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2024-5843 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N CVE-2024-5844 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2024-5845 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2024-5846 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2024-5847 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: openSUSE Leap 15.5:NonFree ______________________________________________________________________________ An update that fixes 22 vulnerabilities is now available. Description: This update for opera fixes the following issues: - Update to 112.0.5197.25 * CHR-9787 Update Chromium on desktop-stable-126-5197 to 126.0.6478.127 - The update to chromium 126.0.6478.127 fixes following issues: CVE-2024-6290, CVE-2024-6291, CVE-2024-6292, CVE-2024-6293 - Update to 112.0.5197.24 * CHR-9762 Update Chromium on desktop-stable-126-5197 to 126.0.6478.62 * DNA-117001 Crash at base::internal::check_is_test_impl (base::NotFatalUntil) * DNA-117050 [Settings][Sync] Synchronization options aren't visible * DNA-117076 [Player] Background of the icons has changed and the Tidal icon is now missing * DNA-117109 Browser freezes when trying to remove a tab * DNA-117181 Translations for O112 * DNA-117202 Crash at syncer::SyncServiceImpl::NotifyObservers() * DNA-117295 Remove emoji names field in picker * DNA-117347 Start page is not rendered on first switch to workspace after its creation * DNA-117431 Promote 112 to stable - Complete Opera 112 changelog at: https://blogs.opera.com/desktop/changelog-for-112 - The update to chromium >= 126.0.6478.54 fixes following issues: CVE-2024-5830, CVE-2024-5831, CVE-2024-5832, CVE-2024-5833, CVE-2024-5834, CVE-2024-5835, CVE-2024-5836, CVE-2024-5837, CVE-2024-5838, CVE-2024-5839, CVE-2024-5840, CVE-2024-5841, CVE-2024-5842, CVE-2024-5843, CVE-2024-5844, CVE-2024-5845, CVE-2024-5846, CVE-2024-5847 - Update to 111.0.5168.55 * DNA-116749 Unnecessary icons in the advanced sync settings * DNA-116961 Evaluate #vtvd-as-platform-sw-decoder in the field * DNA-117003 #vtvd-as-platform-sw-decoder is not registered in media unittests Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.5:NonFree: zypper in -t patch openSUSE-2024-205=1 Package List: - openSUSE Leap 15.5:NonFree (x86_64): opera-112.0.5197.25-lp155.3.54.1 References: https://www.suse.com/security/cve/CVE-2024-5830.html https://www.suse.com/security/cve/CVE-2024-5831.html https://www.suse.com/security/cve/CVE-2024-5832.html https://www.suse.com/security/cve/CVE-2024-5833.html https://www.suse.com/security/cve/CVE-2024-5834.html https://www.suse.com/security/cve/CVE-2024-5835.html https://www.suse.com/security/cve/CVE-2024-5836.html https://www.suse.com/security/cve/CVE-2024-5837.html https://www.suse.com/security/cve/CVE-2024-5838.html https://www.suse.com/security/cve/CVE-2024-5839.html https://www.suse.com/security/cve/CVE-2024-5840.html https://www.suse.com/security/cve/CVE-2024-5841.html https://www.suse.com/security/cve/CVE-2024-5842.html https://www.suse.com/security/cve/CVE-2024-5843.html https://www.suse.com/security/cve/CVE-2024-5844.html https://www.suse.com/security/cve/CVE-2024-5845.html https://www.suse.com/security/cve/CVE-2024-5846.html https://www.suse.com/security/cve/CVE-2024-5847.html https://www.suse.com/security/cve/CVE-2024-6290.html https://www.suse.com/security/cve/CVE-2024-6291.html https://www.suse.com/security/cve/CVE-2024-6292.html https://www.suse.com/security/cve/CVE-2024-6293.html

1 0

SUSE-SU-2024:2567-1: important: Security update for emacs
by OPENSUSE-SECURITY-UPDATES 19 Jul '24

19 Jul '24

# Security update for emacs Announcement ID: SUSE-SU-2024:2567-1 Rating: important References: * bsc#1226957 Cross-References: * CVE-2024-39331 CVSS scores: * CVE-2024-39331 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP5 * Basesystem Module 15-SP6 * Desktop Applications Module 15-SP5 * Desktop Applications Module 15-SP6 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for emacs fixes the following issues: * CVE-2024-39331: Fixed evaluation of arbitrary unsafe Elisp code in Org mode (bsc#1226957). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-2567=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-2567=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-2567=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-2567=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-2567=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-2567=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-2567=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-2567=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-2567=1 * Desktop Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP5-2024-2567=1 * Desktop Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2024-2567=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-2567=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-2567=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-2567=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-2567=1 ## Package List: * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * emacs-debuginfo-27.2-150400.3.17.1 * emacs-nox-debuginfo-27.2-150400.3.17.1 * emacs-x11-27.2-150400.3.17.1 * emacs-x11-debuginfo-27.2-150400.3.17.1 * etags-debuginfo-27.2-150400.3.17.1 * emacs-nox-27.2-150400.3.17.1 * emacs-debugsource-27.2-150400.3.17.1 * etags-27.2-150400.3.17.1 * emacs-27.2-150400.3.17.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * emacs-el-27.2-150400.3.17.1 * emacs-info-27.2-150400.3.17.1 * SUSE Manager Proxy 4.3 (x86_64) * emacs-debuginfo-27.2-150400.3.17.1 * emacs-nox-debuginfo-27.2-150400.3.17.1 * etags-debuginfo-27.2-150400.3.17.1 * emacs-nox-27.2-150400.3.17.1 * emacs-debugsource-27.2-150400.3.17.1 * etags-27.2-150400.3.17.1 * emacs-27.2-150400.3.17.1 * SUSE Manager Proxy 4.3 (noarch) * emacs-el-27.2-150400.3.17.1 * emacs-info-27.2-150400.3.17.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * emacs-debuginfo-27.2-150400.3.17.1 * emacs-nox-debuginfo-27.2-150400.3.17.1 * etags-debuginfo-27.2-150400.3.17.1 * emacs-nox-27.2-150400.3.17.1 * emacs-debugsource-27.2-150400.3.17.1 * etags-27.2-150400.3.17.1 * emacs-27.2-150400.3.17.1 * SUSE Manager Retail Branch Server 4.3 (noarch) * emacs-el-27.2-150400.3.17.1 * emacs-info-27.2-150400.3.17.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * emacs-debuginfo-27.2-150400.3.17.1 * emacs-nox-debuginfo-27.2-150400.3.17.1 * etags-debuginfo-27.2-150400.3.17.1 * emacs-nox-27.2-150400.3.17.1 * emacs-debugsource-27.2-150400.3.17.1 * etags-27.2-150400.3.17.1 * emacs-27.2-150400.3.17.1 * SUSE Manager Server 4.3 (noarch) * emacs-el-27.2-150400.3.17.1 * emacs-info-27.2-150400.3.17.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * emacs-debuginfo-27.2-150400.3.17.1 * emacs-nox-debuginfo-27.2-150400.3.17.1 * emacs-x11-27.2-150400.3.17.1 * emacs-x11-debuginfo-27.2-150400.3.17.1 * etags-debuginfo-27.2-150400.3.17.1 * emacs-nox-27.2-150400.3.17.1 * emacs-debugsource-27.2-150400.3.17.1 * etags-27.2-150400.3.17.1 * emacs-27.2-150400.3.17.1 * openSUSE Leap 15.4 (noarch) * emacs-el-27.2-150400.3.17.1 * emacs-info-27.2-150400.3.17.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * emacs-debuginfo-27.2-150400.3.17.1 * emacs-nox-debuginfo-27.2-150400.3.17.1 * emacs-x11-27.2-150400.3.17.1 * emacs-x11-debuginfo-27.2-150400.3.17.1 * etags-debuginfo-27.2-150400.3.17.1 * emacs-nox-27.2-150400.3.17.1 * emacs-debugsource-27.2-150400.3.17.1 * etags-27.2-150400.3.17.1 * emacs-27.2-150400.3.17.1 * openSUSE Leap 15.5 (noarch) * emacs-el-27.2-150400.3.17.1 * emacs-info-27.2-150400.3.17.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * emacs-debuginfo-27.2-150400.3.17.1 * emacs-nox-debuginfo-27.2-150400.3.17.1 * emacs-x11-27.2-150400.3.17.1 * emacs-x11-debuginfo-27.2-150400.3.17.1 * etags-debuginfo-27.2-150400.3.17.1 * emacs-nox-27.2-150400.3.17.1 * emacs-debugsource-27.2-150400.3.17.1 * etags-27.2-150400.3.17.1 * emacs-27.2-150400.3.17.1 * openSUSE Leap 15.6 (noarch) * emacs-el-27.2-150400.3.17.1 * emacs-info-27.2-150400.3.17.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * emacs-debuginfo-27.2-150400.3.17.1 * emacs-nox-debuginfo-27.2-150400.3.17.1 * etags-debuginfo-27.2-150400.3.17.1 * emacs-nox-27.2-150400.3.17.1 * emacs-debugsource-27.2-150400.3.17.1 * etags-27.2-150400.3.17.1 * emacs-27.2-150400.3.17.1 * Basesystem Module 15-SP5 (noarch) * emacs-el-27.2-150400.3.17.1 * emacs-info-27.2-150400.3.17.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * emacs-debuginfo-27.2-150400.3.17.1 * emacs-nox-debuginfo-27.2-150400.3.17.1 * etags-debuginfo-27.2-150400.3.17.1 * emacs-nox-27.2-150400.3.17.1 * emacs-debugsource-27.2-150400.3.17.1 * etags-27.2-150400.3.17.1 * emacs-27.2-150400.3.17.1 * Basesystem Module 15-SP6 (noarch) * emacs-el-27.2-150400.3.17.1 * emacs-info-27.2-150400.3.17.1 * Desktop Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * emacs-x11-27.2-150400.3.17.1 * emacs-x11-debuginfo-27.2-150400.3.17.1 * emacs-debugsource-27.2-150400.3.17.1 * emacs-debuginfo-27.2-150400.3.17.1 * Desktop Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * emacs-x11-27.2-150400.3.17.1 * emacs-x11-debuginfo-27.2-150400.3.17.1 * emacs-debugsource-27.2-150400.3.17.1 * emacs-debuginfo-27.2-150400.3.17.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * emacs-debuginfo-27.2-150400.3.17.1 * emacs-nox-debuginfo-27.2-150400.3.17.1 * emacs-x11-27.2-150400.3.17.1 * emacs-x11-debuginfo-27.2-150400.3.17.1 * etags-debuginfo-27.2-150400.3.17.1 * emacs-nox-27.2-150400.3.17.1 * emacs-debugsource-27.2-150400.3.17.1 * etags-27.2-150400.3.17.1 * emacs-27.2-150400.3.17.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * emacs-el-27.2-150400.3.17.1 * emacs-info-27.2-150400.3.17.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * emacs-debuginfo-27.2-150400.3.17.1 * emacs-nox-debuginfo-27.2-150400.3.17.1 * emacs-x11-27.2-150400.3.17.1 * emacs-x11-debuginfo-27.2-150400.3.17.1 * etags-debuginfo-27.2-150400.3.17.1 * emacs-nox-27.2-150400.3.17.1 * emacs-debugsource-27.2-150400.3.17.1 * etags-27.2-150400.3.17.1 * emacs-27.2-150400.3.17.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * emacs-el-27.2-150400.3.17.1 * emacs-info-27.2-150400.3.17.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * emacs-debuginfo-27.2-150400.3.17.1 * emacs-nox-debuginfo-27.2-150400.3.17.1 * emacs-x11-27.2-150400.3.17.1 * emacs-x11-debuginfo-27.2-150400.3.17.1 * etags-debuginfo-27.2-150400.3.17.1 * emacs-nox-27.2-150400.3.17.1 * emacs-debugsource-27.2-150400.3.17.1 * etags-27.2-150400.3.17.1 * emacs-27.2-150400.3.17.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (noarch) * emacs-el-27.2-150400.3.17.1 * emacs-info-27.2-150400.3.17.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * emacs-debuginfo-27.2-150400.3.17.1 * emacs-nox-debuginfo-27.2-150400.3.17.1 * emacs-x11-27.2-150400.3.17.1 * emacs-x11-debuginfo-27.2-150400.3.17.1 * etags-debuginfo-27.2-150400.3.17.1 * emacs-nox-27.2-150400.3.17.1 * emacs-debugsource-27.2-150400.3.17.1 * etags-27.2-150400.3.17.1 * emacs-27.2-150400.3.17.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch) * emacs-el-27.2-150400.3.17.1 * emacs-info-27.2-150400.3.17.1 ## References: * https://www.suse.com/security/cve/CVE-2024-39331.html * https://bugzilla.suse.com/show_bug.cgi?id=1226957

1 0

openSUSE-SU-2024:0204-1: important: Security update for chromium
by opensuse-security＠opensuse.org 18 Jul '24

18 Jul '24

openSUSE Security Update: Security update for chromium ______________________________________________________________________________ Announcement ID: openSUSE-SU-2024:0204-1 Rating: important References: #1226170 #1226205 #1226504 #1226933 Cross-References: CVE-2024-5830 CVE-2024-5831 CVE-2024-5832 CVE-2024-5833 CVE-2024-5834 CVE-2024-5835 CVE-2024-5836 CVE-2024-5837 CVE-2024-5838 CVE-2024-5839 CVE-2024-5840 CVE-2024-5841 CVE-2024-5842 CVE-2024-5843 CVE-2024-5844 CVE-2024-5845 CVE-2024-5846 CVE-2024-5847 CVE-2024-6100 CVE-2024-6101 CVE-2024-6102 CVE-2024-6103 CVE-2024-6290 CVE-2024-6291 CVE-2024-6292 CVE-2024-6293 CVSS scores: CVE-2024-5830 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2024-5831 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2024-5832 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2024-5833 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2024-5834 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2024-5835 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2024-5836 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2024-5837 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2024-5838 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2024-5839 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N CVE-2024-5840 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N CVE-2024-5841 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2024-5842 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2024-5843 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N CVE-2024-5844 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2024-5845 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2024-5846 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2024-5847 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2024-6100 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2024-6101 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2024-6102 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2024-6103 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: openSUSE Backports SLE-15-SP5 ______________________________________________________________________________ An update that fixes 26 vulnerabilities is now available. Description: This update for chromium fixes the following issues: Chromium 126.0.6478.126 (boo#1226504, boo#1226205, boo#1226933) * CVE-2024-6290: Use after free in Dawn * CVE-2024-6291: Use after free in Swiftshader * CVE-2024-6292: Use after free in Dawn * CVE-2024-6293: Use after free in Dawn * CVE-2024-6100: Type Confusion in V8 * CVE-2024-6101: Inappropriate implementation in WebAssembly * CVE-2024-6102: Out of bounds memory access in Dawn * CVE-2024-6103: Use after free in Dawn * CVE-2024-5830: Type Confusion in V8 * CVE-2024-5831: Use after free in Dawn * CVE-2024-5832: Use after free in Dawn * CVE-2024-5833: Type Confusion in V8 * CVE-2024-5834: Inappropriate implementation in Dawn * CVE-2024-5835: Heap buffer overflow in Tab Groups * CVE-2024-5836: Inappropriate Implementation in DevTools * CVE-2024-5837: Type Confusion in V8 * CVE-2024-5838: Type Confusion in V8 * CVE-2024-5839: Inappropriate Implementation in Memory Allocator * CVE-2024-5840: Policy Bypass in CORS * CVE-2024-5841: Use after free in V8 * CVE-2024-5842: Use after free in Browser UI * CVE-2024-5843: Inappropriate implementation in Downloads * CVE-2024-5844: Heap buffer overflow in Tab Strip * CVE-2024-5845: Use after free in Audio * CVE-2024-5846: Use after free in PDFium * CVE-2024-5847: Use after free in PDFium - Amend fix_building_widevinecdm_with_chromium.patch to allow Widevine on ARM64 (boo#1226170) Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15-SP5: zypper in -t patch openSUSE-2024-204=1 Package List: - openSUSE Backports SLE-15-SP5 (aarch64 x86_64): chromedriver-126.0.6478.126-bp155.2.94.1 chromium-126.0.6478.126-bp155.2.94.1 References: https://www.suse.com/security/cve/CVE-2024-5830.html https://www.suse.com/security/cve/CVE-2024-5831.html https://www.suse.com/security/cve/CVE-2024-5832.html https://www.suse.com/security/cve/CVE-2024-5833.html https://www.suse.com/security/cve/CVE-2024-5834.html https://www.suse.com/security/cve/CVE-2024-5835.html https://www.suse.com/security/cve/CVE-2024-5836.html https://www.suse.com/security/cve/CVE-2024-5837.html https://www.suse.com/security/cve/CVE-2024-5838.html https://www.suse.com/security/cve/CVE-2024-5839.html https://www.suse.com/security/cve/CVE-2024-5840.html https://www.suse.com/security/cve/CVE-2024-5841.html https://www.suse.com/security/cve/CVE-2024-5842.html https://www.suse.com/security/cve/CVE-2024-5843.html https://www.suse.com/security/cve/CVE-2024-5844.html https://www.suse.com/security/cve/CVE-2024-5845.html https://www.suse.com/security/cve/CVE-2024-5846.html https://www.suse.com/security/cve/CVE-2024-5847.html https://www.suse.com/security/cve/CVE-2024-6100.html https://www.suse.com/security/cve/CVE-2024-6101.html https://www.suse.com/security/cve/CVE-2024-6102.html https://www.suse.com/security/cve/CVE-2024-6103.html https://www.suse.com/security/cve/CVE-2024-6290.html https://www.suse.com/security/cve/CVE-2024-6291.html https://www.suse.com/security/cve/CVE-2024-6292.html https://www.suse.com/security/cve/CVE-2024-6293.html https://bugzilla.suse.com/1226170 https://bugzilla.suse.com/1226205 https://bugzilla.suse.com/1226504 https://bugzilla.suse.com/1226933

1 0

SUSE-SU-2024:2545-1: important: Security update for python-Django
by OPENSUSE-SECURITY-UPDATES 17 Jul '24

17 Jul '24

# Security update for python-Django Announcement ID: SUSE-SU-2024:2545-1 Rating: important References: * bsc#1207565 * bsc#1227590 * bsc#1227593 * bsc#1227594 * bsc#1227595 Cross-References: * CVE-2023-23969 * CVE-2024-38875 * CVE-2024-39329 * CVE-2024-39330 * CVE-2024-39614 CVSS scores: * CVE-2023-23969 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-23969 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38875 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-39329 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2024-39330 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2024-39614 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.5 An update that solves five vulnerabilities can now be installed. ## Description: This update for python-Django fixes the following issues: * CVE-2024-38875: Fixed potential denial-of-service attack via certain inputs with a very large number of brackets (bsc#1227590) * CVE-2024-39329: Fixed username enumeration through timing difference for users with unusable passwords (bsc#1227593) * CVE-2024-39330: Fixed potential directory traversal in django.core.files.storage.Storage.save() (bsc#1227594) * CVE-2024-39614: Fixed potential denial-of-service through django.utils.translation.get_supported_language_variant() (bsc#1227595) * CVE-2023-23969: Fixed potential denial-of-service via Accept-Language headers (bsc#1207565) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-2545=1 ## Package List: * openSUSE Leap 15.5 (noarch) * python3-Django-2.0.7-150000.1.20.1 ## References: * https://www.suse.com/security/cve/CVE-2023-23969.html * https://www.suse.com/security/cve/CVE-2024-38875.html * https://www.suse.com/security/cve/CVE-2024-39329.html * https://www.suse.com/security/cve/CVE-2024-39330.html * https://www.suse.com/security/cve/CVE-2024-39614.html * https://bugzilla.suse.com/show_bug.cgi?id=1207565 * https://bugzilla.suse.com/show_bug.cgi?id=1227590 * https://bugzilla.suse.com/show_bug.cgi?id=1227593 * https://bugzilla.suse.com/show_bug.cgi?id=1227594 * https://bugzilla.suse.com/show_bug.cgi?id=1227595

1 0

SUSE-SU-2024:2542-1: moderate: Security update for nodejs18
by OPENSUSE-SECURITY-UPDATES 17 Jul '24

17 Jul '24

# Security update for nodejs18 Announcement ID: SUSE-SU-2024:2542-1 Rating: moderate References: * bsc#1222665 * bsc#1227554 * bsc#1227560 Cross-References: * CVE-2024-22020 * CVE-2024-27980 * CVE-2024-36138 CVSS scores: * CVE-2024-22020 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:H Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * Web and Scripting Module 15-SP5 An update that solves three vulnerabilities can now be installed. ## Description: This update for nodejs18 fixes the following issues: Update to 18.20.4: * CVE-2024-36138: Fixed CVE-2024-27980 fix bypass (bsc#1227560) * CVE-2024-22020: Fixed a bypass of network import restriction via data URL (bsc#1227554) Changes in 18.20.3: * This release fixes a regression introduced in Node.js 18.19.0 where http.server.close() was incorrectly closing idle connections. deps: * acorn updated to 8.11.3. * acorn-walk updated to 8.3.2. * ada updated to 2.7.8. * c-ares updated to 1.28.1. * corepack updated to 0.28.0. * nghttp2 updated to 1.61.0. * ngtcp2 updated to 1.3.0. * npm updated to 10.7.0. Includes a fix from npm(a)10.5.1 to limit the number of open connections npm/cli#7324. * simdutf updated to 5.2.4. Changes in 18.20.2: * CVE-2024-27980: Fixed command injection via args parameter of child_process.spawn without shell option enabled on Windows (bsc#1222665) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-2542=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-2542=1 * Web and Scripting Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Web-Scripting-15-SP5-2024-2542=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * nodejs18-18.20.4-150400.9.24.2 * nodejs18-debugsource-18.20.4-150400.9.24.2 * npm18-18.20.4-150400.9.24.2 * nodejs18-devel-18.20.4-150400.9.24.2 * nodejs18-debuginfo-18.20.4-150400.9.24.2 * corepack18-18.20.4-150400.9.24.2 * openSUSE Leap 15.4 (noarch) * nodejs18-docs-18.20.4-150400.9.24.2 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * nodejs18-18.20.4-150400.9.24.2 * nodejs18-debugsource-18.20.4-150400.9.24.2 * npm18-18.20.4-150400.9.24.2 * nodejs18-devel-18.20.4-150400.9.24.2 * nodejs18-debuginfo-18.20.4-150400.9.24.2 * corepack18-18.20.4-150400.9.24.2 * openSUSE Leap 15.5 (noarch) * nodejs18-docs-18.20.4-150400.9.24.2 * Web and Scripting Module 15-SP5 (aarch64 ppc64le s390x x86_64) * nodejs18-18.20.4-150400.9.24.2 * nodejs18-debugsource-18.20.4-150400.9.24.2 * npm18-18.20.4-150400.9.24.2 * nodejs18-devel-18.20.4-150400.9.24.2 * nodejs18-debuginfo-18.20.4-150400.9.24.2 * Web and Scripting Module 15-SP5 (noarch) * nodejs18-docs-18.20.4-150400.9.24.2 ## References: * https://www.suse.com/security/cve/CVE-2024-22020.html * https://www.suse.com/security/cve/CVE-2024-27980.html * https://www.suse.com/security/cve/CVE-2024-36138.html * https://bugzilla.suse.com/show_bug.cgi?id=1222665 * https://bugzilla.suse.com/show_bug.cgi?id=1227554 * https://bugzilla.suse.com/show_bug.cgi?id=1227560

1 0

SUSE-SU-2024:2531-1: important: Security update for xen
by OPENSUSE-SECURITY-UPDATES 16 Jul '24

16 Jul '24

# Security update for xen Announcement ID: SUSE-SU-2024:2531-1 Rating: important References: * bsc#1027519 * bsc#1214718 * bsc#1221984 * bsc#1225953 * bsc#1227355 Cross-References: * CVE-2023-46842 * CVE-2024-31143 CVSS scores: * CVE-2023-46842 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H * CVE-2024-31143 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * Server Applications Module 15-SP6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves two vulnerabilities and has three security fixes can now be installed. ## Description: This update for xen fixes the following issues: * CVE-2023-46842: Fixed x86 HVM hypercalls may trigger Xen bug check (XSA-454, bsc#1221984). * CVE-2024-31143: Fixed double unlock in x86 guest IRQ handling (XSA-458, bsc#1227355). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Server Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2024-2531=1 * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-2531=1 openSUSE-SLE-15.6-2024-2531=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-2531=1 ## Package List: * Server Applications Module 15-SP6 (x86_64) * xen-debugsource-4.18.2_06-150600.3.3.1 * xen-4.18.2_06-150600.3.3.1 * xen-tools-4.18.2_06-150600.3.3.1 * xen-tools-debuginfo-4.18.2_06-150600.3.3.1 * xen-devel-4.18.2_06-150600.3.3.1 * Server Applications Module 15-SP6 (noarch) * xen-tools-xendomains-wait-disk-4.18.2_06-150600.3.3.1 * openSUSE Leap 15.6 (aarch64 x86_64 i586) * xen-debugsource-4.18.2_06-150600.3.3.1 * xen-tools-domU-4.18.2_06-150600.3.3.1 * xen-devel-4.18.2_06-150600.3.3.1 * xen-libs-4.18.2_06-150600.3.3.1 * xen-libs-debuginfo-4.18.2_06-150600.3.3.1 * xen-tools-domU-debuginfo-4.18.2_06-150600.3.3.1 * openSUSE Leap 15.6 (x86_64) * xen-libs-32bit-debuginfo-4.18.2_06-150600.3.3.1 * xen-libs-32bit-4.18.2_06-150600.3.3.1 * openSUSE Leap 15.6 (aarch64 x86_64) * xen-4.18.2_06-150600.3.3.1 * xen-doc-html-4.18.2_06-150600.3.3.1 * xen-tools-4.18.2_06-150600.3.3.1 * xen-tools-debuginfo-4.18.2_06-150600.3.3.1 * openSUSE Leap 15.6 (noarch) * xen-tools-xendomains-wait-disk-4.18.2_06-150600.3.3.1 * openSUSE Leap 15.6 (aarch64_ilp32) * xen-libs-64bit-4.18.2_06-150600.3.3.1 * xen-libs-64bit-debuginfo-4.18.2_06-150600.3.3.1 * Basesystem Module 15-SP6 (x86_64) * xen-debugsource-4.18.2_06-150600.3.3.1 * xen-tools-domU-4.18.2_06-150600.3.3.1 * xen-libs-4.18.2_06-150600.3.3.1 * xen-libs-debuginfo-4.18.2_06-150600.3.3.1 * xen-tools-domU-debuginfo-4.18.2_06-150600.3.3.1 ## References: * https://www.suse.com/security/cve/CVE-2023-46842.html * https://www.suse.com/security/cve/CVE-2024-31143.html * https://bugzilla.suse.com/show_bug.cgi?id=1027519 * https://bugzilla.suse.com/show_bug.cgi?id=1214718 * https://bugzilla.suse.com/show_bug.cgi?id=1221984 * https://bugzilla.suse.com/show_bug.cgi?id=1225953 * https://bugzilla.suse.com/show_bug.cgi?id=1227355

1 0

openSUSE-SU-2024:0201-1: moderate: Security update for Botan
by opensuse-security＠opensuse.org 16 Jul '24

16 Jul '24

openSUSE Security Update: Security update for Botan ______________________________________________________________________________ Announcement ID: openSUSE-SU-2024:0201-1 Rating: moderate References: #1227238 #1227607 #1227608 Cross-References: CVE-2024-34702 CVE-2024-34703 CVE-2024-39312 CVSS scores: CVE-2024-34702 (SUSE): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2024-34703 (SUSE): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2024-39312 (SUSE): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N Affected Products: openSUSE Backports SLE-15-SP5 ______________________________________________________________________________ An update that fixes three vulnerabilities is now available. Description: This update for Botan fixes the following issues: Update to 2.19.5: * Fix multiple Denial of service attacks due to X.509 cert processing: * CVE-2024-34702 - boo#1227238 * CVE-2024-34703 - boo#1227607 * CVE-2024-39312 - boo#1227608 * Fix a crash in OCB * Fix a test failure in compression with certain versions of zlib * Fix some iterator debugging errors in TLS CBC decryption. * Avoid a miscompilation in ARIA when using XCode 14 Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15-SP5: zypper in -t patch openSUSE-2024-201=1 Package List: - openSUSE Backports SLE-15-SP5 (aarch64 i586 ppc64le s390x x86_64): Botan-2.19.5-bp155.2.3.1 libbotan-2-19-2.19.5-bp155.2.3.1 libbotan-devel-2.19.5-bp155.2.3.1 python3-botan-2.19.5-bp155.2.3.1 - openSUSE Backports SLE-15-SP5 (aarch64_ilp32): libbotan-2-19-64bit-2.19.5-bp155.2.3.1 libbotan-devel-64bit-2.19.5-bp155.2.3.1 - openSUSE Backports SLE-15-SP5 (x86_64): libbotan-2-19-32bit-2.19.5-bp155.2.3.1 libbotan-devel-32bit-2.19.5-bp155.2.3.1 - openSUSE Backports SLE-15-SP5 (noarch): Botan-doc-2.19.5-bp155.2.3.1 References: https://www.suse.com/security/cve/CVE-2024-34702.html https://www.suse.com/security/cve/CVE-2024-34703.html https://www.suse.com/security/cve/CVE-2024-39312.html https://bugzilla.suse.com/1227238 https://bugzilla.suse.com/1227607 https://bugzilla.suse.com/1227608

1 0

SUSE-SU-2024:2485-1: important: Security update for tomcat
by OPENSUSE-SECURITY-UPDATES 15 Jul '24

15 Jul '24

# Security update for tomcat Announcement ID: SUSE-SU-2024:2485-1 Rating: important References: * bsc#1227399 Cross-References: * CVE-2024-34750 CVSS scores: * CVE-2024-34750 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Server 4.3 * Web and Scripting Module 15-SP5 * Web and Scripting Module 15-SP6 An update that solves one vulnerability can now be installed. ## Description: This update for tomcat fixes the following issues: Updated to version 9.0.91: * CVE-2024-34750: Fixed an improper handling of exceptional conditions (bsc#1227399). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-2485=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-2485=1 * Web and Scripting Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Web-Scripting-15-SP5-2024-2485=1 * Web and Scripting Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Web-Scripting-15-SP6-2024-2485=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-2485=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-2485=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-2485=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-2485=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-2485=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-2485=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-2485=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-2485=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-2485=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-2485=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-2485=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-2485=1 ## Package List: * openSUSE Leap 15.5 (noarch) * tomcat-jsvc-9.0.91-150200.68.1 * tomcat-docs-webapp-9.0.91-150200.68.1 * tomcat-admin-webapps-9.0.91-150200.68.1 * tomcat-javadoc-9.0.91-150200.68.1 * tomcat-webapps-9.0.91-150200.68.1 * tomcat-embed-9.0.91-150200.68.1 * tomcat-lib-9.0.91-150200.68.1 * tomcat-el-3_0-api-9.0.91-150200.68.1 * tomcat-jsp-2_3-api-9.0.91-150200.68.1 * tomcat-9.0.91-150200.68.1 * tomcat-servlet-4_0-api-9.0.91-150200.68.1 * openSUSE Leap 15.6 (noarch) * tomcat-jsvc-9.0.91-150200.68.1 * tomcat-docs-webapp-9.0.91-150200.68.1 * tomcat-admin-webapps-9.0.91-150200.68.1 * tomcat-javadoc-9.0.91-150200.68.1 * tomcat-webapps-9.0.91-150200.68.1 * tomcat-embed-9.0.91-150200.68.1 * tomcat-lib-9.0.91-150200.68.1 * tomcat-el-3_0-api-9.0.91-150200.68.1 * tomcat-jsp-2_3-api-9.0.91-150200.68.1 * tomcat-9.0.91-150200.68.1 * tomcat-servlet-4_0-api-9.0.91-150200.68.1 * Web and Scripting Module 15-SP5 (noarch) * tomcat-admin-webapps-9.0.91-150200.68.1 * tomcat-webapps-9.0.91-150200.68.1 * tomcat-lib-9.0.91-150200.68.1 * tomcat-el-3_0-api-9.0.91-150200.68.1 * tomcat-jsp-2_3-api-9.0.91-150200.68.1 * tomcat-9.0.91-150200.68.1 * tomcat-servlet-4_0-api-9.0.91-150200.68.1 * Web and Scripting Module 15-SP6 (noarch) * tomcat-admin-webapps-9.0.91-150200.68.1 * tomcat-webapps-9.0.91-150200.68.1 * tomcat-lib-9.0.91-150200.68.1 * tomcat-el-3_0-api-9.0.91-150200.68.1 * tomcat-jsp-2_3-api-9.0.91-150200.68.1 * tomcat-9.0.91-150200.68.1 * tomcat-servlet-4_0-api-9.0.91-150200.68.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (noarch) * tomcat-admin-webapps-9.0.91-150200.68.1 * tomcat-webapps-9.0.91-150200.68.1 * tomcat-lib-9.0.91-150200.68.1 * tomcat-el-3_0-api-9.0.91-150200.68.1 * tomcat-jsp-2_3-api-9.0.91-150200.68.1 * tomcat-9.0.91-150200.68.1 * tomcat-servlet-4_0-api-9.0.91-150200.68.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * tomcat-admin-webapps-9.0.91-150200.68.1 * tomcat-webapps-9.0.91-150200.68.1 * tomcat-lib-9.0.91-150200.68.1 * tomcat-el-3_0-api-9.0.91-150200.68.1 * tomcat-jsp-2_3-api-9.0.91-150200.68.1 * tomcat-9.0.91-150200.68.1 * tomcat-servlet-4_0-api-9.0.91-150200.68.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * tomcat-admin-webapps-9.0.91-150200.68.1 * tomcat-webapps-9.0.91-150200.68.1 * tomcat-lib-9.0.91-150200.68.1 * tomcat-el-3_0-api-9.0.91-150200.68.1 * tomcat-jsp-2_3-api-9.0.91-150200.68.1 * tomcat-9.0.91-150200.68.1 * tomcat-servlet-4_0-api-9.0.91-150200.68.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * tomcat-admin-webapps-9.0.91-150200.68.1 * tomcat-webapps-9.0.91-150200.68.1 * tomcat-lib-9.0.91-150200.68.1 * tomcat-el-3_0-api-9.0.91-150200.68.1 * tomcat-jsp-2_3-api-9.0.91-150200.68.1 * tomcat-9.0.91-150200.68.1 * tomcat-servlet-4_0-api-9.0.91-150200.68.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (noarch) * tomcat-admin-webapps-9.0.91-150200.68.1 * tomcat-webapps-9.0.91-150200.68.1 * tomcat-lib-9.0.91-150200.68.1 * tomcat-el-3_0-api-9.0.91-150200.68.1 * tomcat-jsp-2_3-api-9.0.91-150200.68.1 * tomcat-9.0.91-150200.68.1 * tomcat-servlet-4_0-api-9.0.91-150200.68.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch) * tomcat-admin-webapps-9.0.91-150200.68.1 * tomcat-webapps-9.0.91-150200.68.1 * tomcat-lib-9.0.91-150200.68.1 * tomcat-el-3_0-api-9.0.91-150200.68.1 * tomcat-jsp-2_3-api-9.0.91-150200.68.1 * tomcat-9.0.91-150200.68.1 * tomcat-servlet-4_0-api-9.0.91-150200.68.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch) * tomcat-admin-webapps-9.0.91-150200.68.1 * tomcat-webapps-9.0.91-150200.68.1 * tomcat-lib-9.0.91-150200.68.1 * tomcat-el-3_0-api-9.0.91-150200.68.1 * tomcat-jsp-2_3-api-9.0.91-150200.68.1 * tomcat-9.0.91-150200.68.1 * tomcat-servlet-4_0-api-9.0.91-150200.68.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (noarch) * tomcat-admin-webapps-9.0.91-150200.68.1 * tomcat-webapps-9.0.91-150200.68.1 * tomcat-lib-9.0.91-150200.68.1 * tomcat-el-3_0-api-9.0.91-150200.68.1 * tomcat-jsp-2_3-api-9.0.91-150200.68.1 * tomcat-9.0.91-150200.68.1 * tomcat-servlet-4_0-api-9.0.91-150200.68.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * tomcat-admin-webapps-9.0.91-150200.68.1 * tomcat-webapps-9.0.91-150200.68.1 * tomcat-lib-9.0.91-150200.68.1 * tomcat-el-3_0-api-9.0.91-150200.68.1 * tomcat-jsp-2_3-api-9.0.91-150200.68.1 * tomcat-9.0.91-150200.68.1 * tomcat-servlet-4_0-api-9.0.91-150200.68.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * tomcat-admin-webapps-9.0.91-150200.68.1 * tomcat-webapps-9.0.91-150200.68.1 * tomcat-lib-9.0.91-150200.68.1 * tomcat-el-3_0-api-9.0.91-150200.68.1 * tomcat-jsp-2_3-api-9.0.91-150200.68.1 * tomcat-9.0.91-150200.68.1 * tomcat-servlet-4_0-api-9.0.91-150200.68.1 * SUSE Manager Server 4.3 (noarch) * tomcat-admin-webapps-9.0.91-150200.68.1 * tomcat-webapps-9.0.91-150200.68.1 * tomcat-lib-9.0.91-150200.68.1 * tomcat-el-3_0-api-9.0.91-150200.68.1 * tomcat-jsp-2_3-api-9.0.91-150200.68.1 * tomcat-9.0.91-150200.68.1 * tomcat-servlet-4_0-api-9.0.91-150200.68.1 * SUSE Enterprise Storage 7.1 (noarch) * tomcat-admin-webapps-9.0.91-150200.68.1 * tomcat-webapps-9.0.91-150200.68.1 * tomcat-lib-9.0.91-150200.68.1 * tomcat-el-3_0-api-9.0.91-150200.68.1 * tomcat-jsp-2_3-api-9.0.91-150200.68.1 * tomcat-9.0.91-150200.68.1 * tomcat-servlet-4_0-api-9.0.91-150200.68.1 ## References: * https://www.suse.com/security/cve/CVE-2024-34750.html * https://bugzilla.suse.com/show_bug.cgi?id=1227399

1 0

SUSE-SU-2024:2409-1: important: Security update for libvpx
by OPENSUSE-SECURITY-UPDATES 11 Jul '24

11 Jul '24

# Security update for libvpx Announcement ID: SUSE-SU-2024:2409-1 Rating: important References: * bsc#1216879 * bsc#1225403 * bsc#1225879 Cross-References: * CVE-2023-44488 * CVE-2023-6349 * CVE-2024-5197 CVSS scores: * CVE-2023-44488 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-44488 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6349 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-5197 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP5 * Basesystem Module 15-SP6 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 * SUSE Package Hub 15 15-SP5 * SUSE Package Hub 15 15-SP6 An update that solves three vulnerabilities can now be installed. ## Description: This update for libvpx fixes the following issues: * CVE-2024-5197: Fixed interger overflow when calling vpx_img_alloc() or vpx_img_wrap() with large parameters (bsc#1225879). * CVE-2023-6349: Fixed heap overflow when encoding a frame that has larger dimensions than the originally configured size (bsc#1225403). * CVE-2023-44488: Fixed heap buffer overflow in vp8 encoding (bsc#1216879). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-2409=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-2409=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-2409=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-2409=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-2409=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-2409=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-2409=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-2409=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-2409=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-2409=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-2409=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-2409=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-2409=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-2409=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-2409=1 ## Package List: * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * libvpx7-debuginfo-1.11.0-150400.3.7.1 * libvpx7-1.11.0-150400.3.7.1 * libvpx-devel-1.11.0-150400.3.7.1 * libvpx-debugsource-1.11.0-150400.3.7.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * libvpx7-debuginfo-1.11.0-150400.3.7.1 * libvpx7-1.11.0-150400.3.7.1 * libvpx-devel-1.11.0-150400.3.7.1 * vpx-tools-1.11.0-150400.3.7.1 * vpx-tools-debuginfo-1.11.0-150400.3.7.1 * libvpx-debugsource-1.11.0-150400.3.7.1 * openSUSE Leap 15.4 (x86_64) * libvpx7-32bit-debuginfo-1.11.0-150400.3.7.1 * libvpx7-32bit-1.11.0-150400.3.7.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libvpx7-64bit-1.11.0-150400.3.7.1 * libvpx7-64bit-debuginfo-1.11.0-150400.3.7.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * libvpx7-debuginfo-1.11.0-150400.3.7.1 * libvpx7-1.11.0-150400.3.7.1 * libvpx-devel-1.11.0-150400.3.7.1 * vpx-tools-1.11.0-150400.3.7.1 * vpx-tools-debuginfo-1.11.0-150400.3.7.1 * libvpx-debugsource-1.11.0-150400.3.7.1 * openSUSE Leap 15.5 (x86_64) * libvpx7-32bit-debuginfo-1.11.0-150400.3.7.1 * libvpx7-32bit-1.11.0-150400.3.7.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * libvpx7-debuginfo-1.11.0-150400.3.7.1 * libvpx7-1.11.0-150400.3.7.1 * libvpx-devel-1.11.0-150400.3.7.1 * vpx-tools-1.11.0-150400.3.7.1 * vpx-tools-debuginfo-1.11.0-150400.3.7.1 * libvpx-debugsource-1.11.0-150400.3.7.1 * openSUSE Leap 15.6 (x86_64) * libvpx7-32bit-debuginfo-1.11.0-150400.3.7.1 * libvpx7-32bit-1.11.0-150400.3.7.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * libvpx7-debuginfo-1.11.0-150400.3.7.1 * libvpx7-1.11.0-150400.3.7.1 * libvpx-devel-1.11.0-150400.3.7.1 * libvpx-debugsource-1.11.0-150400.3.7.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libvpx7-debuginfo-1.11.0-150400.3.7.1 * libvpx7-1.11.0-150400.3.7.1 * libvpx-devel-1.11.0-150400.3.7.1 * libvpx-debugsource-1.11.0-150400.3.7.1 * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x x86_64) * vpx-tools-1.11.0-150400.3.7.1 * vpx-tools-debuginfo-1.11.0-150400.3.7.1 * libvpx-debugsource-1.11.0-150400.3.7.1 * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64) * vpx-tools-1.11.0-150400.3.7.1 * vpx-tools-debuginfo-1.11.0-150400.3.7.1 * libvpx-debugsource-1.11.0-150400.3.7.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * libvpx7-debuginfo-1.11.0-150400.3.7.1 * libvpx7-1.11.0-150400.3.7.1 * libvpx-devel-1.11.0-150400.3.7.1 * libvpx-debugsource-1.11.0-150400.3.7.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * libvpx7-debuginfo-1.11.0-150400.3.7.1 * libvpx7-1.11.0-150400.3.7.1 * libvpx-devel-1.11.0-150400.3.7.1 * libvpx-debugsource-1.11.0-150400.3.7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * libvpx7-debuginfo-1.11.0-150400.3.7.1 * libvpx7-1.11.0-150400.3.7.1 * libvpx-devel-1.11.0-150400.3.7.1 * libvpx-debugsource-1.11.0-150400.3.7.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * libvpx7-debuginfo-1.11.0-150400.3.7.1 * libvpx7-1.11.0-150400.3.7.1 * libvpx-devel-1.11.0-150400.3.7.1 * libvpx-debugsource-1.11.0-150400.3.7.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * libvpx7-debuginfo-1.11.0-150400.3.7.1 * libvpx7-1.11.0-150400.3.7.1 * libvpx-devel-1.11.0-150400.3.7.1 * libvpx-debugsource-1.11.0-150400.3.7.1 * SUSE Manager Proxy 4.3 (x86_64) * libvpx7-debuginfo-1.11.0-150400.3.7.1 * libvpx7-1.11.0-150400.3.7.1 * libvpx-devel-1.11.0-150400.3.7.1 * libvpx-debugsource-1.11.0-150400.3.7.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * libvpx7-debuginfo-1.11.0-150400.3.7.1 * libvpx7-1.11.0-150400.3.7.1 * libvpx-devel-1.11.0-150400.3.7.1 * libvpx-debugsource-1.11.0-150400.3.7.1 ## References: * https://www.suse.com/security/cve/CVE-2023-44488.html * https://www.suse.com/security/cve/CVE-2023-6349.html * https://www.suse.com/security/cve/CVE-2024-5197.html * https://bugzilla.suse.com/show_bug.cgi?id=1216879 * https://bugzilla.suse.com/show_bug.cgi?id=1225403 * https://bugzilla.suse.com/show_bug.cgi?id=1225879

1 0

SUSE-SU-2024:2400-1: low: Security update for python-zipp
by OPENSUSE-SECURITY-UPDATES 11 Jul '24

11 Jul '24

# Security update for python-zipp Announcement ID: SUSE-SU-2024:2400-1 Rating: low References: * bsc#1227547 Cross-References: * CVE-2024-5569 CVSS scores: * CVE-2024-5569 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * Public Cloud Module 15-SP4 * Python 3 Module 15-SP5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for python-zipp fixes the following issues: * CVE-2024-5569: Fixed DoS vulnerability when processing a specially crafted zip file (bsc#1227547). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-2400=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-2400=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-2400=1 * Public Cloud Module 15-SP4 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2024-2400=1 * Python 3 Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Python3-15-SP5-2024-2400=1 ## Package List: * openSUSE Leap 15.4 (noarch) * python311-zipp-3.15.0-150400.10.10.1 * openSUSE Leap 15.5 (noarch) * python311-zipp-3.15.0-150400.10.10.1 * openSUSE Leap 15.6 (noarch) * python311-zipp-3.15.0-150400.10.10.1 * Public Cloud Module 15-SP4 (noarch) * python311-zipp-3.15.0-150400.10.10.1 * Python 3 Module 15-SP5 (noarch) * python311-zipp-3.15.0-150400.10.10.1 ## References: * https://www.suse.com/security/cve/CVE-2024-5569.html * https://bugzilla.suse.com/show_bug.cgi?id=1227547

1 0

SUSE-SU-2024:2413-1: important: Security update for tomcat10
by OPENSUSE-SECURITY-UPDATES 11 Jul '24

11 Jul '24

# Security update for tomcat10 Announcement ID: SUSE-SU-2024:2413-1 Rating: important References: * bsc#1227399 Cross-References: * CVE-2024-34750 CVSS scores: * CVE-2024-34750 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * Web and Scripting Module 15-SP5 * Web and Scripting Module 15-SP6 An update that solves one vulnerability can now be installed. ## Description: This update for tomcat10 fixes the following issues: * CVE-2024-34750: Fixed an improper handling of exceptional conditions (bsc#1227399). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-2413=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-2413=1 * Web and Scripting Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Web-Scripting-15-SP5-2024-2413=1 * Web and Scripting Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Web-Scripting-15-SP6-2024-2413=1 ## Package List: * openSUSE Leap 15.5 (noarch) * tomcat10-admin-webapps-10.1.25-150200.5.25.1 * tomcat10-servlet-6_0-api-10.1.25-150200.5.25.1 * tomcat10-10.1.25-150200.5.25.1 * tomcat10-lib-10.1.25-150200.5.25.1 * tomcat10-docs-webapp-10.1.25-150200.5.25.1 * tomcat10-jsp-3_1-api-10.1.25-150200.5.25.1 * tomcat10-jsvc-10.1.25-150200.5.25.1 * tomcat10-embed-10.1.25-150200.5.25.1 * tomcat10-webapps-10.1.25-150200.5.25.1 * tomcat10-el-5_0-api-10.1.25-150200.5.25.1 * openSUSE Leap 15.6 (noarch) * tomcat10-admin-webapps-10.1.25-150200.5.25.1 * tomcat10-servlet-6_0-api-10.1.25-150200.5.25.1 * tomcat10-10.1.25-150200.5.25.1 * tomcat10-lib-10.1.25-150200.5.25.1 * tomcat10-docs-webapp-10.1.25-150200.5.25.1 * tomcat10-doc-10.1.25-150200.5.25.1 * tomcat10-jsp-3_1-api-10.1.25-150200.5.25.1 * tomcat10-jsvc-10.1.25-150200.5.25.1 * tomcat10-embed-10.1.25-150200.5.25.1 * tomcat10-webapps-10.1.25-150200.5.25.1 * tomcat10-el-5_0-api-10.1.25-150200.5.25.1 * Web and Scripting Module 15-SP5 (noarch) * tomcat10-admin-webapps-10.1.25-150200.5.25.1 * tomcat10-servlet-6_0-api-10.1.25-150200.5.25.1 * tomcat10-10.1.25-150200.5.25.1 * tomcat10-lib-10.1.25-150200.5.25.1 * tomcat10-jsp-3_1-api-10.1.25-150200.5.25.1 * tomcat10-webapps-10.1.25-150200.5.25.1 * tomcat10-el-5_0-api-10.1.25-150200.5.25.1 * Web and Scripting Module 15-SP6 (noarch) * tomcat10-admin-webapps-10.1.25-150200.5.25.1 * tomcat10-servlet-6_0-api-10.1.25-150200.5.25.1 * tomcat10-10.1.25-150200.5.25.1 * tomcat10-lib-10.1.25-150200.5.25.1 * tomcat10-jsp-3_1-api-10.1.25-150200.5.25.1 * tomcat10-webapps-10.1.25-150200.5.25.1 * tomcat10-el-5_0-api-10.1.25-150200.5.25.1 ## References: * https://www.suse.com/security/cve/CVE-2024-34750.html * https://bugzilla.suse.com/show_bug.cgi?id=1227399

1 0

SUSE-SU-2024:2409-1: important: Security update for libvpx
by OPENSUSE-SECURITY-UPDATES 11 Jul '24

11 Jul '24

# Security update for libvpx Announcement ID: SUSE-SU-2024:2409-1 Rating: important References: * bsc#1216879 * bsc#1225403 * bsc#1225879 Cross-References: * CVE-2023-44488 * CVE-2023-6349 * CVE-2024-5197 CVSS scores: * CVE-2023-44488 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-44488 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6349 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-5197 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP5 * Basesystem Module 15-SP6 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 * SUSE Package Hub 15 15-SP5 * SUSE Package Hub 15 15-SP6 An update that solves three vulnerabilities can now be installed. ## Description: This update for libvpx fixes the following issues: * CVE-2024-5197: Fixed interger overflow when calling vpx_img_alloc() or vpx_img_wrap() with large parameters (bsc#1225879). * CVE-2023-6349: Fixed heap overflow when encoding a frame that has larger dimensions than the originally configured size (bsc#1225403). * CVE-2023-44488: Fixed heap buffer overflow in vp8 encoding (bsc#1216879). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-2409=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-2409=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-2409=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-2409=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-2409=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-2409=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-2409=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-2409=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-2409=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-2409=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-2409=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-2409=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-2409=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-2409=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-2409=1 ## Package List: * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * libvpx7-debuginfo-1.11.0-150400.3.7.1 * libvpx7-1.11.0-150400.3.7.1 * libvpx-devel-1.11.0-150400.3.7.1 * libvpx-debugsource-1.11.0-150400.3.7.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * libvpx7-debuginfo-1.11.0-150400.3.7.1 * libvpx7-1.11.0-150400.3.7.1 * libvpx-devel-1.11.0-150400.3.7.1 * vpx-tools-1.11.0-150400.3.7.1 * vpx-tools-debuginfo-1.11.0-150400.3.7.1 * libvpx-debugsource-1.11.0-150400.3.7.1 * openSUSE Leap 15.4 (x86_64) * libvpx7-32bit-debuginfo-1.11.0-150400.3.7.1 * libvpx7-32bit-1.11.0-150400.3.7.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libvpx7-64bit-1.11.0-150400.3.7.1 * libvpx7-64bit-debuginfo-1.11.0-150400.3.7.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * libvpx7-debuginfo-1.11.0-150400.3.7.1 * libvpx7-1.11.0-150400.3.7.1 * libvpx-devel-1.11.0-150400.3.7.1 * vpx-tools-1.11.0-150400.3.7.1 * vpx-tools-debuginfo-1.11.0-150400.3.7.1 * libvpx-debugsource-1.11.0-150400.3.7.1 * openSUSE Leap 15.5 (x86_64) * libvpx7-32bit-debuginfo-1.11.0-150400.3.7.1 * libvpx7-32bit-1.11.0-150400.3.7.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * libvpx7-debuginfo-1.11.0-150400.3.7.1 * libvpx7-1.11.0-150400.3.7.1 * libvpx-devel-1.11.0-150400.3.7.1 * vpx-tools-1.11.0-150400.3.7.1 * vpx-tools-debuginfo-1.11.0-150400.3.7.1 * libvpx-debugsource-1.11.0-150400.3.7.1 * openSUSE Leap 15.6 (x86_64) * libvpx7-32bit-debuginfo-1.11.0-150400.3.7.1 * libvpx7-32bit-1.11.0-150400.3.7.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * libvpx7-debuginfo-1.11.0-150400.3.7.1 * libvpx7-1.11.0-150400.3.7.1 * libvpx-devel-1.11.0-150400.3.7.1 * libvpx-debugsource-1.11.0-150400.3.7.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libvpx7-debuginfo-1.11.0-150400.3.7.1 * libvpx7-1.11.0-150400.3.7.1 * libvpx-devel-1.11.0-150400.3.7.1 * libvpx-debugsource-1.11.0-150400.3.7.1 * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x x86_64) * vpx-tools-1.11.0-150400.3.7.1 * vpx-tools-debuginfo-1.11.0-150400.3.7.1 * libvpx-debugsource-1.11.0-150400.3.7.1 * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64) * vpx-tools-1.11.0-150400.3.7.1 * vpx-tools-debuginfo-1.11.0-150400.3.7.1 * libvpx-debugsource-1.11.0-150400.3.7.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * libvpx7-debuginfo-1.11.0-150400.3.7.1 * libvpx7-1.11.0-150400.3.7.1 * libvpx-devel-1.11.0-150400.3.7.1 * libvpx-debugsource-1.11.0-150400.3.7.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * libvpx7-debuginfo-1.11.0-150400.3.7.1 * libvpx7-1.11.0-150400.3.7.1 * libvpx-devel-1.11.0-150400.3.7.1 * libvpx-debugsource-1.11.0-150400.3.7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * libvpx7-debuginfo-1.11.0-150400.3.7.1 * libvpx7-1.11.0-150400.3.7.1 * libvpx-devel-1.11.0-150400.3.7.1 * libvpx-debugsource-1.11.0-150400.3.7.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * libvpx7-debuginfo-1.11.0-150400.3.7.1 * libvpx7-1.11.0-150400.3.7.1 * libvpx-devel-1.11.0-150400.3.7.1 * libvpx-debugsource-1.11.0-150400.3.7.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * libvpx7-debuginfo-1.11.0-150400.3.7.1 * libvpx7-1.11.0-150400.3.7.1 * libvpx-devel-1.11.0-150400.3.7.1 * libvpx-debugsource-1.11.0-150400.3.7.1 * SUSE Manager Proxy 4.3 (x86_64) * libvpx7-debuginfo-1.11.0-150400.3.7.1 * libvpx7-1.11.0-150400.3.7.1 * libvpx-devel-1.11.0-150400.3.7.1 * libvpx-debugsource-1.11.0-150400.3.7.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * libvpx7-debuginfo-1.11.0-150400.3.7.1 * libvpx7-1.11.0-150400.3.7.1 * libvpx-devel-1.11.0-150400.3.7.1 * libvpx-debugsource-1.11.0-150400.3.7.1 ## References: * https://www.suse.com/security/cve/CVE-2023-44488.html * https://www.suse.com/security/cve/CVE-2023-6349.html * https://www.suse.com/security/cve/CVE-2024-5197.html * https://bugzilla.suse.com/show_bug.cgi?id=1216879 * https://bugzilla.suse.com/show_bug.cgi?id=1225403 * https://bugzilla.suse.com/show_bug.cgi?id=1225879

1 0

SUSE-SU-2024:2394-1: important: Security update for the Linux Kernel
by OPENSUSE-SECURITY-UPDATES 10 Jul '24

10 Jul '24

# Security update for the Linux Kernel Announcement ID: SUSE-SU-2024:2394-1 Rating: important References: * bsc#1156395 * bsc#1190336 * bsc#1191958 * bsc#1193883 * bsc#1194826 * bsc#1195065 * bsc#1195254 * bsc#1195341 * bsc#1195349 * bsc#1195775 * bsc#1196746 * bsc#1197915 * bsc#1198014 * bsc#1199295 * bsc#1202767 * bsc#1202780 * bsc#1205205 * bsc#1207361 * bsc#1217912 * bsc#1218148 * bsc#1218570 * bsc#1218820 * bsc#1219224 * bsc#1219633 * bsc#1219847 * bsc#1220368 * bsc#1220812 * bsc#1220958 * bsc#1221086 * bsc#1221282 * bsc#1221958 * bsc#1222015 * bsc#1222072 * bsc#1222080 * bsc#1222241 * bsc#1222254 * bsc#1222364 * bsc#1222893 * bsc#1223013 * bsc#1223018 * bsc#1223265 * bsc#1223384 * bsc#1223641 * bsc#1224020 * bsc#1224331 * bsc#1224488 * bsc#1224497 * bsc#1224498 * bsc#1224504 * bsc#1224520 * bsc#1224539 * bsc#1224540 * bsc#1224552 * bsc#1224583 * bsc#1224588 * bsc#1224602 * bsc#1224603 * bsc#1224605 * bsc#1224612 * bsc#1224614 * bsc#1224619 * bsc#1224661 * bsc#1224662 * bsc#1224670 * bsc#1224671 * bsc#1224674 * bsc#1224677 * bsc#1224679 * bsc#1224696 * bsc#1224703 * bsc#1224712 * bsc#1224716 * bsc#1224719 * bsc#1224735 * bsc#1224749 * bsc#1224764 * bsc#1224765 * bsc#1224766 * bsc#1224935 * bsc#1224946 * bsc#1224951 * bsc#1225050 * bsc#1225098 * bsc#1225105 * bsc#1225300 * bsc#1225389 * bsc#1225391 * bsc#1225419 * bsc#1225426 * bsc#1225448 * bsc#1225452 * bsc#1225467 * bsc#1225475 * bsc#1225484 * bsc#1225487 * bsc#1225514 * bsc#1225518 * bsc#1225535 * bsc#1225585 * bsc#1225602 * bsc#1225611 * bsc#1225681 * bsc#1225692 * bsc#1225698 * bsc#1225699 * bsc#1225704 * bsc#1225714 * bsc#1225726 * bsc#1225732 * bsc#1225737 * bsc#1225749 * bsc#1225758 * bsc#1225759 * bsc#1225760 * bsc#1225767 * bsc#1225770 * bsc#1225823 * bsc#1225834 * bsc#1225840 * bsc#1225866 * bsc#1225872 * bsc#1225894 * bsc#1226022 * bsc#1226131 * bsc#1226145 * bsc#1226149 * bsc#1226155 * bsc#1226211 * bsc#1226212 * bsc#1226226 * bsc#1226514 * bsc#1226520 * bsc#1226537 * bsc#1226538 * bsc#1226539 * bsc#1226550 * bsc#1226552 * bsc#1226553 * bsc#1226554 * bsc#1226556 * bsc#1226557 * bsc#1226558 * bsc#1226559 * bsc#1226561 * bsc#1226562 * bsc#1226563 * bsc#1226564 * bsc#1226566 * bsc#1226567 * bsc#1226569 * bsc#1226572 * bsc#1226575 * bsc#1226576 * bsc#1226577 * bsc#1226579 * bsc#1226580 * bsc#1226581 * bsc#1226582 * bsc#1226583 * bsc#1226585 * bsc#1226587 * bsc#1226588 * bsc#1226593 * bsc#1226595 * bsc#1226597 * bsc#1226601 * bsc#1226602 * bsc#1226603 * bsc#1226607 * bsc#1226610 * bsc#1226614 * bsc#1226616 * bsc#1226617 * bsc#1226618 * bsc#1226619 * bsc#1226621 * bsc#1226622 * bsc#1226624 * bsc#1226626 * bsc#1226628 * bsc#1226629 * bsc#1226632 * bsc#1226633 * bsc#1226634 * bsc#1226637 * bsc#1226643 * bsc#1226644 * bsc#1226645 * bsc#1226647 * bsc#1226650 * bsc#1226653 * bsc#1226657 * bsc#1226658 * bsc#1226669 * bsc#1226670 * bsc#1226672 * bsc#1226673 * bsc#1226674 * bsc#1226675 * bsc#1226678 * bsc#1226679 * bsc#1226683 * bsc#1226685 * bsc#1226686 * bsc#1226690 * bsc#1226691 * bsc#1226692 * bsc#1226693 * bsc#1226696 * bsc#1226697 * bsc#1226698 * bsc#1226699 * bsc#1226701 * bsc#1226702 * bsc#1226703 * bsc#1226704 * bsc#1226705 * bsc#1226706 * bsc#1226708 * bsc#1226709 * bsc#1226710 * bsc#1226711 * bsc#1226712 * bsc#1226713 * bsc#1226715 * bsc#1226716 * bsc#1226718 * bsc#1226719 * bsc#1226720 * bsc#1226721 * bsc#1226730 * bsc#1226732 * bsc#1226734 * bsc#1226735 * bsc#1226737 * bsc#1226738 * bsc#1226739 * bsc#1226740 * bsc#1226744 * bsc#1226746 * bsc#1226747 * bsc#1226749 * bsc#1226754 * bsc#1226762 * bsc#1226764 * bsc#1226767 * bsc#1226768 * bsc#1226769 * bsc#1226771 * bsc#1226774 * bsc#1226777 * bsc#1226780 * bsc#1226781 * bsc#1226785 * bsc#1226786 * bsc#1226789 * bsc#1226791 * bsc#1226839 * bsc#1226840 * bsc#1226841 * bsc#1226842 * bsc#1226848 * bsc#1226852 * bsc#1226857 * bsc#1226861 * bsc#1226863 * bsc#1226864 * bsc#1226867 * bsc#1226868 * bsc#1226876 * bsc#1226878 * bsc#1226883 * bsc#1226886 * bsc#1226890 * bsc#1226891 * bsc#1226895 * bsc#1226908 * bsc#1226915 * bsc#1226928 * bsc#1226948 * bsc#1226949 * bsc#1226950 * bsc#1226953 * bsc#1226962 * bsc#1226976 * bsc#1226992 * bsc#1226994 * bsc#1226996 * bsc#1227066 * bsc#1227096 * bsc#1227101 * bsc#1227103 * bsc#1227274 * jsc#PED-8491 * jsc#PED-8570 * jsc#PED-8690 Cross-References: * CVE-2021-4439 * CVE-2021-47089 * CVE-2021-47432 * CVE-2021-47515 * CVE-2021-47534 * CVE-2021-47538 * CVE-2021-47539 * CVE-2021-47555 * CVE-2021-47566 * CVE-2021-47571 * CVE-2021-47572 * CVE-2021-47576 * CVE-2021-47577 * CVE-2021-47578 * CVE-2021-47580 * CVE-2021-47582 * CVE-2021-47583 * CVE-2021-47584 * CVE-2021-47585 * CVE-2021-47586 * CVE-2021-47587 * CVE-2021-47589 * CVE-2021-47592 * CVE-2021-47595 * CVE-2021-47596 * CVE-2021-47597 * CVE-2021-47600 * CVE-2021-47601 * CVE-2021-47602 * CVE-2021-47603 * CVE-2021-47604 * CVE-2021-47605 * CVE-2021-47607 * CVE-2021-47608 * CVE-2021-47609 * CVE-2021-47610 * CVE-2021-47611 * CVE-2021-47612 * CVE-2021-47614 * CVE-2021-47615 * CVE-2021-47616 * CVE-2021-47617 * CVE-2021-47618 * CVE-2021-47619 * CVE-2021-47620 * CVE-2022-48711 * CVE-2022-48712 * CVE-2022-48713 * CVE-2022-48714 * CVE-2022-48715 * CVE-2022-48716 * CVE-2022-48717 * CVE-2022-48718 * CVE-2022-48720 * CVE-2022-48721 * CVE-2022-48722 * CVE-2022-48723 * CVE-2022-48724 * CVE-2022-48725 * CVE-2022-48726 * CVE-2022-48727 * CVE-2022-48728 * CVE-2022-48729 * CVE-2022-48730 * CVE-2022-48732 * CVE-2022-48733 * CVE-2022-48734 * CVE-2022-48735 * CVE-2022-48736 * CVE-2022-48737 * CVE-2022-48738 * CVE-2022-48739 * CVE-2022-48740 * CVE-2022-48743 * CVE-2022-48744 * CVE-2022-48745 * CVE-2022-48746 * CVE-2022-48747 * CVE-2022-48748 * CVE-2022-48749 * CVE-2022-48751 * CVE-2022-48752 * CVE-2022-48753 * CVE-2022-48754 * CVE-2022-48755 * CVE-2022-48756 * CVE-2022-48758 * CVE-2022-48759 * CVE-2022-48760 * CVE-2022-48761 * CVE-2022-48763 * CVE-2022-48765 * CVE-2022-48766 * CVE-2022-48767 * CVE-2022-48768 * CVE-2022-48769 * CVE-2022-48770 * CVE-2022-48771 * CVE-2022-48772 * CVE-2023-24023 * CVE-2023-52622 * CVE-2023-52658 * CVE-2023-52667 * CVE-2023-52670 * CVE-2023-52672 * CVE-2023-52675 * CVE-2023-52735 * CVE-2023-52737 * CVE-2023-52752 * CVE-2023-52766 * CVE-2023-52784 * CVE-2023-52787 * CVE-2023-52800 * CVE-2023-52835 * CVE-2023-52837 * CVE-2023-52843 * CVE-2023-52845 * CVE-2023-52846 * CVE-2023-52869 * CVE-2023-52881 * CVE-2023-52882 * CVE-2023-52884 * CVE-2024-26625 * CVE-2024-26644 * CVE-2024-26720 * CVE-2024-26842 * CVE-2024-26845 * CVE-2024-26923 * CVE-2024-26973 * CVE-2024-27432 * CVE-2024-33619 * CVE-2024-35247 * CVE-2024-35789 * CVE-2024-35790 * CVE-2024-35807 * CVE-2024-35814 * CVE-2024-35835 * CVE-2024-35848 * CVE-2024-35857 * CVE-2024-35861 * CVE-2024-35862 * CVE-2024-35864 * CVE-2024-35869 * CVE-2024-35878 * CVE-2024-35884 * CVE-2024-35886 * CVE-2024-35896 * CVE-2024-35898 * CVE-2024-35900 * CVE-2024-35905 * CVE-2024-35925 * CVE-2024-35950 * CVE-2024-35956 * CVE-2024-35958 * CVE-2024-35960 * CVE-2024-35962 * CVE-2024-35997 * CVE-2024-36005 * CVE-2024-36008 * CVE-2024-36017 * CVE-2024-36020 * CVE-2024-36021 * CVE-2024-36025 * CVE-2024-36477 * CVE-2024-36478 * CVE-2024-36479 * CVE-2024-36890 * CVE-2024-36894 * CVE-2024-36899 * CVE-2024-36900 * CVE-2024-36904 * CVE-2024-36915 * CVE-2024-36916 * CVE-2024-36917 * CVE-2024-36919 * CVE-2024-36934 * CVE-2024-36937 * CVE-2024-36940 * CVE-2024-36945 * CVE-2024-36949 * CVE-2024-36960 * CVE-2024-36964 * CVE-2024-36965 * CVE-2024-36967 * CVE-2024-36969 * CVE-2024-36971 * CVE-2024-36975 * CVE-2024-36978 * CVE-2024-37021 * CVE-2024-37078 * CVE-2024-37354 * CVE-2024-38381 * CVE-2024-38388 * CVE-2024-38390 * CVE-2024-38540 * CVE-2024-38541 * CVE-2024-38544 * CVE-2024-38545 * CVE-2024-38546 * CVE-2024-38547 * CVE-2024-38548 * CVE-2024-38549 * CVE-2024-38550 * CVE-2024-38552 * CVE-2024-38553 * CVE-2024-38555 * CVE-2024-38556 * CVE-2024-38557 * CVE-2024-38559 * CVE-2024-38560 * CVE-2024-38564 * CVE-2024-38565 * CVE-2024-38567 * CVE-2024-38568 * CVE-2024-38571 * CVE-2024-38573 * CVE-2024-38578 * CVE-2024-38579 * CVE-2024-38580 * CVE-2024-38581 * CVE-2024-38582 * CVE-2024-38583 * CVE-2024-38587 * CVE-2024-38590 * CVE-2024-38591 * CVE-2024-38594 * CVE-2024-38597 * CVE-2024-38599 * CVE-2024-38600 * CVE-2024-38601 * CVE-2024-38603 * CVE-2024-38605 * CVE-2024-38608 * CVE-2024-38616 * CVE-2024-38618 * CVE-2024-38619 * CVE-2024-38621 * CVE-2024-38627 * CVE-2024-38630 * CVE-2024-38633 * CVE-2024-38634 * CVE-2024-38635 * CVE-2024-38659 * CVE-2024-38661 * CVE-2024-38780 * CVE-2024-39301 * CVE-2024-39468 * CVE-2024-39469 * CVE-2024-39471 CVSS scores: * CVE-2021-4439 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2021-47089 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2021-47432 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47515 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47534 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47538 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2021-47539 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2021-47555 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L * CVE-2021-47566 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2021-47571 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47571 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47572 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47572 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47576 ( SUSE ): 3.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:L * CVE-2021-47577 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47578 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47580 ( SUSE ): 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L * CVE-2021-47582 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47583 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47584 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47585 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47586 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47587 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47589 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47592 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47595 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47596 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47597 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2021-47600 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47601 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47602 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47603 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47604 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47605 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47607 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2021-47608 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47609 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47610 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47611 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47612 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47614 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47615 ( SUSE ): 3.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:L * CVE-2021-47616 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47617 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47618 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47619 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47620 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2022-48711 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48712 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2022-48713 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48714 ( SUSE ): 2.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L * CVE-2022-48715 ( SUSE ): 3.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2022-48716 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2022-48717 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2022-48718 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48720 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-48721 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48722 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48723 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48724 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48725 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48726 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48727 ( SUSE ): 4.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2022-48728 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48729 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48730 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2022-48732 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48733 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48734 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48735 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48736 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N * CVE-2022-48737 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N * CVE-2022-48738 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48739 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2022-48740 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48743 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48744 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48745 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48746 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48747 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2022-48748 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L * CVE-2022-48749 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48751 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48752 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48753 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48754 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48755 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48756 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48758 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48759 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48760 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48761 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48763 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48765 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48766 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48767 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48768 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48769 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48770 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48771 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48772 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-24023 ( SUSE ): 6.8 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2023-24023 ( NVD ): 6.8 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2023-52622 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52658 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52667 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52670 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52672 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52675 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52735 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52737 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52752 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52752 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52766 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2023-52784 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52787 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52800 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52835 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2023-52837 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52843 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52845 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52846 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52869 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52881 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:L * CVE-2023-52882 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52884 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26625 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26644 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26720 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26842 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26845 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26973 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27432 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-33619 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35247 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35789 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35790 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35807 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35814 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35835 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35848 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35857 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35861 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35862 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35864 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35869 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35878 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35884 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35886 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35896 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35898 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35900 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35905 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35925 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35950 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35956 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35958 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35960 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35997 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35997 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36005 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36008 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36008 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36017 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-36020 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36021 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36025 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L * CVE-2024-36477 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2024-36477 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36478 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36479 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36890 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36894 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36899 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36900 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36904 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36915 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-36916 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-36917 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36919 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36934 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:L * CVE-2024-36937 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36940 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-36945 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36949 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36960 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-36964 ( SUSE ): 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36965 ( SUSE ): 5.6 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:H * CVE-2024-36967 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36969 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36971 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36971 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36975 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36978 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L * CVE-2024-37021 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-37078 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-37354 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2024-38381 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2024-38388 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-38390 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38540 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38541 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-38544 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38545 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38546 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38547 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38549 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38550 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38552 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-38553 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38555 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38556 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38557 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38559 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-38560 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-38564 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-38565 ( SUSE ): 5.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-38567 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38568 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L * CVE-2024-38571 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38573 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38578 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2024-38579 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-38580 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38581 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-38582 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38583 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-38587 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L * CVE-2024-38590 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38591 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38594 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2024-38597 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38599 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-38600 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38601 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38603 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38605 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38608 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L * CVE-2024-38616 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38618 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38619 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38621 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38627 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38630 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-38633 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38634 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38635 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38659 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:H * CVE-2024-38661 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38780 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38780 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-39301 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-39468 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-39469 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-39471 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Real Time Module 15-SP5 An update that solves 249 vulnerabilities, contains three features and has 44 security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2021-47089: kfence: fix memory leak when cat kfence objects (bsc#1220958. * CVE-2021-47432: lib/generic-radix-tree.c: Do not overflow in peek() (bsc#1225391). * CVE-2021-47515: seg6: fix the iif in the IPv6 socket control block (bsc#1225426). * CVE-2021-47538: rxrpc: Fix rxrpc_local leak in rxrpc_lookup_peer() (bsc#1225448). * CVE-2021-47539: rxrpc: Fix rxrpc_peer leak in rxrpc_look_up_bundle() (bsc#1225452). * CVE-2021-47555: net: vlan: fix underflow for the real_dev refcnt (bsc#1225467). * CVE-2021-47566: Fix clearing user buffer by properly using clear_user() (bsc#1225514). * CVE-2021-47571: staging: rtl8192e: Fix use after free in _rtl92e_pci_disconnect() (bsc#1225518). * CVE-2021-47572: net: nexthop: fix null pointer dereference when IPv6 is not enabled (bsc#1225389). * CVE-2022-48716: ASoC: codecs: wcd938x: fix incorrect used of portid (bsc#1226678). * CVE-2023-24023: Bluetooth: Add more enc key size check (bsc#1218148). * CVE-2023-52622: ext4: avoid online resizing failures due to oversized flex bg (bsc#1222080). * CVE-2023-52658: Revert "net/mlx5: Block entering switchdev mode with ns inconsistency" (bsc#1224719). * CVE-2023-52667: net/mlx5e: fix a potential double-free in fs_any_create_groups (bsc#1224603). * CVE-2023-52670: rpmsg: virtio: Free driver_override when rpmsg_remove() (bsc#1224696). * CVE-2023-52672: pipe: wakeup wr_wait after setting max_usage (bsc#1224614). * CVE-2023-52675: powerpc/imc-pmu: Add a null pointer check in update_events_in_group() (bsc#1224504). * CVE-2023-52735: bpf, sockmap: Don't let sock_map_{close,destroy,unhash} call itself (bsc#1225475). * CVE-2023-52737: btrfs: lock the inode in shared mode before starting fiemap (bsc#1225484). * CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225487). * CVE-2023-52784: bonding: stop the device in bond_setup_by_slave() (bsc#1224946). * CVE-2023-52787: blk-mq: make sure active queue usage is held for bio_integrity_prep() (bsc#1225105). * CVE-2023-52835: perf/core: Bail out early if the request AUX area is out of bound (bsc#1225602). * CVE-2023-52837: nbd: fix uaf in nbd_open (bsc#1224935). * CVE-2023-52843: llc: verify mac len before reading mac header (bsc#1224951). * CVE-2023-52845: tipc: Change nla_policy for bearer-related names to NLA_NUL_STRING (bsc#1225585). * CVE-2023-52846: hsr: Prevent use after free in prp_create_tagged_frame() (bsc#1225098). * CVE-2023-52869: pstore/platform: Add check for kstrdup (bsc#1225050). * CVE-2023-52881: tcp: do not accept ACK of bytes we never sent (bsc#1225611). * CVE-2023-52882: clk: sunxi-ng: h6: Reparent CPUX during PLL CPUX rate change (bsc#1225692). * CVE-2024-26625: Call sock_orphan() at release time (bsc#1221086) * CVE-2024-26644: btrfs: do not abort filesystem when attempting to snapshot deleted subvolume (bsc#1221282, bsc#1222072). * CVE-2024-26720: mm: Avoid overflows in dirty throttling logic (bsc#1222364). * CVE-2024-26845: scsi: target: core: Add TMF to tmr_list handling (bsc#1223018). * CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223384). * CVE-2024-26973: fat: fix uninitialized field in nostale filehandles (bsc#1223641). * CVE-2024-27432: net: ethernet: mtk_eth_soc: fix PPE hanging issue (bsc#1224716). * CVE-2024-35247: fpga: region: add owner module and take its refcount (bsc#1226948). * CVE-2024-35789: Check fast rx for non-4addr sta VLAN changes (bsc#1224749). * CVE-2024-35790: usb: typec: altmodes/displayport: create sysfs nodes as driver's default device attribute group (bsc#1224712). * CVE-2024-35807: ext4: fix corruption during on-line resize (bsc#1224735). * CVE-2024-35835: net/mlx5e: fix a double-free in arfs_create_groups (bsc#1224605). * CVE-2024-35848: eeprom: at24: fix memory corruption race condition (bsc#1224612). * CVE-2024-35857: icmp: prevent possible NULL dereferences from icmp_build_probe() (bsc#1224619). * CVE-2024-35861: Fixed potential UAF in cifs_signal_cifsd_for_reconnect() (bsc#1224766). * CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted() (bsc#1224764). * CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break() (bsc#1224765). * CVE-2024-35869: smb: client: guarantee refcounted children from parent session (bsc#1224679). * CVE-2024-35884: udp: do not accept non-tunnel GSO skbs landing in a tunnel (bsc#1224520). * CVE-2024-35886: ipv6: Fix infinite recursion in fib6_dump_done() (bsc#1224670). * CVE-2024-35898: netfilter: nf_tables: Fix potential data-race in __nft_flowtable_type_get() (bsc#1224498). * CVE-2024-35900: netfilter: nf_tables: reject new basechain after table flag update (bsc#1224497). * CVE-2024-35925: block: prevent division by zero in blk_rq_stat_sum() (bsc#1224661). * CVE-2024-35950: drm/client: Fully protect modes with dev->mode_config.mutex (bsc#1224703). * CVE-2024-35956: Fixed qgroup prealloc rsv leak in subvolume operations (bsc#1224674) * CVE-2024-35958: net: ena: Fix incorrect descriptor free behavior (bsc#1224677). * CVE-2024-35960: net/mlx5: Properly link new fs rules into the tree (bsc#1224588). * CVE-2024-35997: Remove I2C_HID_READ_PENDING flag to prevent lock-up (bsc#1224552). * CVE-2024-36005: netfilter: nf_tables: honor table dormant flag from netdev release event path (bsc#1224539). * CVE-2024-36008: ipv4: check for NULL idev in ip_route_use_hint() (bsc#1224540). * CVE-2024-36017: rtnetlink: Correct nested IFLA_VF_VLAN_LIST attribute validation (bsc#1225681). * CVE-2024-36020: i40e: fix vf may be used uninitialized in this function warning (bsc#1225698). * CVE-2024-36021: net: hns3: fix kernel crash when devlink reload during pf initialization (bsc#1225699). * CVE-2024-36478: null_blk: fix null-ptr-dereference while configuring 'power' and 'submit_queues' (bsc#1226841). * CVE-2024-36479: fpga: bridge: add owner module and take its refcount (bsc#1226949). * CVE-2024-36890: mm/slab: make __free(kfree) accept error pointers (bsc#1225714). * CVE-2024-36894: usb: gadget: f_fs: Fix race between aio_cancel() and AIO request complete (bsc#1225749). * CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1225737). * CVE-2024-36900: net: hns3: fix kernel crash when devlink reload during initialization (bsc#1225726). * CVE-2024-36904: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique() (bsc#1225732). * CVE-2024-36915: nfc: llcp: fix nfc_llcp_setsockopt() unsafe copies (bsc#1225758). * CVE-2024-36916: blk-iocost: avoid out of bounds shift (bsc#1225759). * CVE-2024-36917: block: fix overflow in blk_ioctl_discard() (bsc#1225770). * CVE-2024-36919: scsi: bnx2fc: Remove spin_lock_bh while releasing resources after upload (bsc#1225767). * CVE-2024-36934: bna: ensure the copied buf is NUL terminated (bsc#1225760). * CVE-2024-36937: xdp: use flags field to disambiguate broadcast redirect (bsc#1225834). * CVE-2024-36940: pinctrl: core: delete incorrect free in pinctrl_enable() (bsc#1225840). * CVE-2024-36945: net/smc: fix neighbour and rtable leak in smc_ib_find_route() (bsc#1225823). * CVE-2024-36949: amd/amdkfd: sync all devices to wait all processes being evicted (bsc#1225872) * CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000 (bsc#1225866). * CVE-2024-36971: net: fix __dst_negative_advice() race (bsc#1226145). * CVE-2024-36978: net: sched: sch_multiq: fix possible OOB write in multiq_tune() (bsc#1226514). * CVE-2024-37021: fpga: manager: add owner module and take its refcount (bsc#1226950). * CVE-2024-37078: nilfs2: fix potential kernel bug due to lack of writeback flag waiting (bsc#1227066). * CVE-2024-37354: btrfs: fix crash on racing fsync and size-extending write into prealloc (bsc#1227101). * CVE-2024-38541: of: module: add buffer overflow check in of_modalias() (bsc#1226587). * CVE-2024-38545: RDMA/hns: Fix UAF for cq async event (bsc#1226595). * CVE-2024-38553: net: fec: remove .ndo_poll_controller to avoid deadlock (bsc#1226744). * CVE-2024-38555: net/mlx5: Discard command completions in internal error (bsc#1226607). * CVE-2024-38556: net/mlx5: Add a timeout to acquire the command queue semaphore (bsc#1226774). * CVE-2024-38557: net/mlx5: Reload only IB representors upon lag disable/enable (bsc#1226781). * CVE-2024-38559: scsi: qedf: Ensure the copied buf is NUL terminated (bsc#1226785). * CVE-2024-38560: scsi: bfa: Ensure the copied buf is NUL terminated (bsc#1226786). * CVE-2024-38564: bpf: Add BPF_PROG_TYPE_CGROUP_SKB attach type enforcement in BPF_LINK_CREATE (bsc#1226789). * CVE-2024-38568: drivers/perf: hisi: hns3: Fix out-of-bound access when valid event group (bsc#1226771). * CVE-2024-38578: ecryptfs: Fix buffer size for tag 66 packet (bsc#1226634). * CVE-2024-38580: epoll: be better about file lifetimes (bsc#1226610). * CVE-2024-38594: net: stmmac: move the EST lock to struct stmmac_priv (bsc#1226734). * CVE-2024-38597: eth: sungem: remove .ndo_poll_controller to avoid deadlocks (bsc#1226749). * CVE-2024-38603: drivers/perf: hisi: hns3: Actually use devm_add_action_or_reset() (bsc#1226842). * CVE-2024-38608: net/mlx5e: Fix netif state handling (bsc#1226746). * CVE-2024-38627: stm class: Fix a double free in stm_register_device() (bsc#1226857). * CVE-2024-38659: enic: Validate length of nl attributes in enic_set_vf_port (bsc#1226883). * CVE-2024-38661: s390/ap: Fix crash in AP internal function modify_bitmap() (bsc#1226996). * CVE-2024-38780: dma-buf/sw-sync: do not enable IRQ from sync_print_obj() (bsc#1226886). * CVE-2024-39301: net/9p: fix uninit-value in p9_client_rpc() (bsc#1226994). * CVE-2024-39468: smb: client: fix deadlock in smb2_find_smb_tcon() (bsc#1227103. * CVE-2024-39469: nilfs2: fix nilfs_empty_dir() misjudgment and long loop on I/O errors (bsc#1226992). The following non-security bugs were fixed: * ACPI: resource: Do IRQ override on TongFang GXxHRXx and GMxHGxx (stable- fixes). * ACPICA: Revert "ACPICA: avoid Info: mapping multiple BARs. Your kernel is fine." (git-fixes). * ALSA/hda: intel-dsp-config: Document AVS as dsp_driver option (git-fixes). * ALSA: Fix deadlocks with kctl removals at disconnection (stable-fixes). * ALSA: hda/realtek: Add quirks for Lenovo 13X (stable-fixes). * ALSA: hda/realtek: Adjust G814JZR to use SPI init for amp (git-fixes). * ALSA: hda/realtek: Enable headset mic on IdeaPad 330-17IKB 81DM (git-fixes). * ALSA: hda/realtek: Fix conflicting quirk for PCI SSID 17aa:3820 (git-fixes). * ALSA: hda/realtek: Limit mic boost on N14AP7 (stable-fixes). * ALSA: hda/realtek: Remove Framework Laptop 16 from quirks (git-fixes). * ALSA: hda/realtek: fix mute/micmute LEDs do not work for ProBook 440/460 G11 (stable-fixes). * ALSA: hda/realtek: fix mute/micmute LEDs do not work for ProBook 445/465 G11 (stable-fixes). * ALSA: hda: intel-dsp-config: harden I2C/I2S codec detection (stable-fixes). * ALSA: timer: Set lower bound of start tick time (stable-fixes). * ASoC: amd: acp: add a null check for chip_pdev structure (git-fixes). * ASoC: amd: acp: remove i2s configuration check in acp_i2s_probe() (git- fixes). * ASoC: da7219-aad: fix usage of device_get_named_child_node() (stable-fixes). * ASoC: fsl-asoc-card: set priv->pdev before using it (git-fixes). * ASoC: rt5645: Fix the electric noise due to the CBJ contacts floating (stable-fixes). * ASoC: rt715-sdca: volume step modification (stable-fixes). * ASoC: rt715: add vendor clear control register (stable-fixes). * Add remote for nfs maintainer * Bluetooth: L2CAP: Fix rejecting L2CAP_CONN_PARAM_UPDATE_REQ (git-fixes). * Fix new build warnings regarding unused variables: Changed build warnings: **_*_ 2 warnings ***** * unused-variable (cl) in ../fs/ceph/mds_client.c in ceph_queue_cap_unlink_work ../fs/ceph/mds_client.c: In function 'ceph_queue_cap_unlink_work': ../fs/ceph/mds_client.c:2421:22: warning: unused variable 'cl' [-Wunused-variable] * unused-variable (cl) in ../fs/ceph/mds_client.c in ceph_cap_unlink_work ../fs/ceph/mds_client.c: In function 'ceph_cap_unlink_work': ../fs/ceph/mds_client.c:2436:22: warning: unused variable 'cl' [-Wunused-variable] * HID: core: remove unnecessary WARN_ON() in implement() (git-fixes). * HID: logitech-dj: Fix memory leak in logi_dj_recv_switch_to_dj_mode() (git- fixes). * Input: ili210x - fix ili251x_read_touch_data() return value (git-fixes). * NFS: abort nfs_atomic_open_v23 if name is too long (bsc#1219847). * NFS: add atomic_open for NFSv3 to handle O_TRUNC correctly (bsc#1219847). * NFS: avoid infinite loop in pnfs_update_layout (bsc#1219633 bsc#1226226). * PCI/ASPM: Update save_state when configuration changes (bsc#1226915) * PCI: Clear Secondary Status errors after enumeration (bsc#1226928) * RAS/AMD/ATL: Fix MI300 bank hash (bsc#1225300). * RAS/AMD/ATL: Use system settings for MI300 DRAM to normalized address translation (bsc#1225300). * RDMA/hns: Fix incorrect sge nums calculation (git-fixes) * RDMA/irdma: Drop unused kernel push code (git-fixes) * RDMA/mlx5: Add check for srq max_sge attribute (git-fixes) * Revert "Add remote for nfs maintainer" * Revert "build initrd without systemd" (bsc#1195775)" * USB: class: cdc-wdm: Fix CPU lockup caused by excessive log messages (git- fixes). * USB: xen-hcd: Traverse host/ when CONFIG_USB_XEN_HCD is selected (git- fixes). * X.509: Fix the parser of extended key usage for length (bsc#1218820). * arm64: asm-bug: Add .align 2 to the end of __BUG_ENTRY (git-fixes). * arm64: mm: Batch dsb and isb when populating pgtables (jsc#PED-8690). * arm64: mm: Do not remap pgtables for allocate vs populate (jsc#PED-8690). * arm64: mm: Do not remap pgtables per-cont(pte|pmd) block (jsc#PED-8690). * arm64: mm: do not acquire mutex when rewriting swapper (jsc#PED-8690). * ata: ahci: Clean up sysfs file on error (git-fixes). * ata: libata-core: Fix double free on error (git-fixes). * ata: libata-core: Fix null pointer dereference on error (git-fixes). * batman-adv: Do not accept TT entries for out-of-spec VIDs (git-fixes). * bpf, sockmap: Check for any of tcp_bpf_prots when cloning a listener (git- fixes). * btrfs: avoid copying BTRFS_ROOT_SUBVOL_DEAD flag to snapshot of subvolume being deleted (bsc#1221282). * cachefiles: remove requests from xarray during flushing requests (bsc#1226588). * ceph: add ceph_cap_unlink_work to fire check_caps() immediately (bsc#1226022). * ceph: always check dir caps asynchronously (bsc#1226022). * ceph: always queue a writeback when revoking the Fb caps (bsc#1226022). * ceph: break the check delayed cap loop every 5s (bsc#1226022). * ceph: switch to use cap_delay_lock for the unlink delay list (bsc#1226022). * cgroup: Add annotation for holding namespace_sem in current_cgns_cgroup_from_root() (bsc#1222254). * cgroup: Eliminate the need for cgroup_mutex in proc_cgroup_show() (bsc#1222254). * cgroup: Make operations on the cgroup root_list RCU safe (bsc#1222254). * cgroup: Remove unnecessary list_empty() (bsc#1222254). * cgroup: preserve KABI of cgroup_root (bsc#1222254). * cifs: fix hang in wait_for_response() (bsc#1220812, bsc#1220368). * cpufreq: amd-pstate: Fix the inconsistency in max frequency units (git- fixes). * crypto: ecrdsa - Fix module auto-load on add_key (stable-fixes). * dmaengine: idxd: Fix possible Use-After-Free in irq_process_work_list (git- fixes). * dmaengine: ioatdma: Fix missing kmem_cache_destroy() (git-fixes). * drivers: core: synchronize really_probe() and dev_uevent() (git-fixes). * drm/amd/display: Add VCO speed parameter for DCN31 FPU (stable-fixes). * drm/amd/display: Add dtbclk access to dcn315 (stable-fixes). * drm/amd/display: Exit idle optimizations before HDCP execution (stable- fixes). * drm/amd/display: Set color_mgmt_changed to true on unsuspend (stable-fixes). * drm/amd/display: drop unnecessary NULL checks in debugfs (stable-fixes). * drm/amd/display: revert Exit idle optimizations before HDCP execution (stable-fixes). * drm/amd: Fix shutdown (again) on some SMU v13.0.4/11 platforms (git-fixes). * drm/amdgpu/atomfirmware: add intergrated info v2.3 table (stable-fixes). * drm/amdgpu/mes: fix use-after-free issue (stable-fixes). * drm/amdgpu: Fix the ring buffer size for queue VM flush (stable-fixes). * drm/amdgpu: Update BO eviction priorities (stable-fixes). * drm/amdgpu: add error handle to avoid out-of-bounds (stable-fixes). * drm/amdgpu: fix UBSAN warning in kv_dpm.c (stable-fixes). * drm/amdkfd: Flush the process wq before creating a kfd_process (stable- fixes). * drm/amdkfd: Rework kfd_locked handling (bsc#1225872) * drm/bridge/panel: Fix runtime warning on panel bridge release (git-fixes). * drm/exynos/vidi: fix memory leak in .get_modes() (stable-fixes). * drm/exynos: hdmi: report safe 640x480 mode as a fallback when no EDID found (git-fixes). * drm/i915/dpt: Make DPT object unshrinkable (git-fixes). * drm/i915/gt: Disarm breadcrumbs if engines are already idle (git-fixes). * drm/i915/gt: Fix potential UAF by revoke of fence registers (git-fixes). * drm/i915/guc: avoid FIELD_PREP warning (git-fixes). * drm/i915/mso: using joiner is not possible with eDP MSO (git-fixes). * drm/komeda: check for error-valued pointer (git-fixes). * drm/lima: add mask irq callback to gp and pp (stable-fixes). * drm/lima: mask irqs in timeout path before hard reset (stable-fixes). * drm/msm/a6xx: Avoid a nullptr dereference when speedbin setting fails (git- fixes). * drm/msm/dp: Avoid a long timeout for AUX transfer if nothing connected (git- fixes). * drm/msm/dp: Return IRQ_NONE for unhandled interrupts (stable-fixes). * drm/msm: Enable clamp_to_idle for 7c3 (stable-fixes). * drm/panel-samsung-atna33xc20: Use ktime_get_boottime for delays (stable- fixes). * drm/panel: simple: Add missing display timing flags for KOE TX26D202VM0BWA (git-fixes). * drm/radeon: fix UBSAN warning in kv_dpm.c (stable-fixes). * drm/vmwgfx: 3D disabled should not effect STDU memory limits (git-fixes). * drm/vmwgfx: Filter modes which exceed graphics memory (git-fixes). * gpio: davinci: Validate the obtained number of IRQs (git-fixes). * gpio: tqmx86: fix typo in Kconfig label (git-fixes). * gpio: tqmx86: introduce shadow register for GPIO output value (git-fixes). * gpiolib: cdev: Disallow reconfiguration without direction (uAPI v1) (git- fixes). * hwmon: (shtc1) Fix property misspelling (git-fixes). * i2c: at91: Fix the functionality flags of the slave-only interface (git- fixes). * i2c: designware: Fix the functionality flags of the slave-only interface (git-fixes). * i2c: ocores: set IACK bit after core is enabled (git-fixes). * i2c: testunit: discard write requests while old command is running (git- fixes). * i2c: testunit: do not erase registers after STOP (git-fixes). * iio: accel: fxls8962af: select IIO_BUFFER & IIO_KFIFO_BUF (git-fixes). * iio: adc: ad7266: Fix variable checking bug (git-fixes). * iio: adc: ad9467: fix scan type sign (git-fixes). * iio: chemical: bme680: Fix calibration data variable (git-fixes). * iio: chemical: bme680: Fix overflows in compensate() functions (git-fixes). * iio: chemical: bme680: Fix pressure value output (git-fixes). * iio: chemical: bme680: Fix sensor data read operation (git-fixes). * iio: dac: ad5592r: fix temperature channel scaling value (git-fixes). * iio: imu: inv_icm42600: delete unneeded update watermark call (git-fixes). * intel_th: pci: Add Meteor Lake-S CPU support (stable-fixes). * iommu/amd: Fix sysfs leak in iommu init (git-fixes). * iommu: Return right value in iommu_sva_bind_device() (git-fixes). * iommu: mtk: fix module autoloading (git-fixes). * ipvs: Fix checksumming on GSO of SCTP packets (bsc#1221958) * kbuild: Install dtb files as 0644 in Makefile.dtbinst (git-fixes). * kbuild: do not include include/config/auto.conf from shell scripts (bsc#1227274). * kconfig: doc: fix a typo in the note about 'imply' (git-fixes). * kconfig: fix comparison to constant symbols, 'm', 'n' (git-fixes). * kernel-doc: fix struct_group_tagged() parsing (git-fixes). * lib: memcpy_kunit: Fix an invalid format specifier in an assertion msg (git- fixes). * media: flexcop-usb: clean up endpoint sanity checks (stable-fixes). * media: flexcop-usb: fix sanity check of bNumEndpoints (git-fixes). * media: ipu3-cio2: Use temporary storage for struct device pointer (stable- fixes). * media: lgdt3306a: Add a check against null-pointer-def (stable-fixes). * media: mxl5xx: Move xpt structures off stack (stable-fixes). * media: radio-shark2: Avoid led_names truncations (git-fixes). * media: v4l2-core: hold videodev_lock until dev reg, finishes (stable-fixes). * mei: me: release irq in mei_me_pci_resume error path (git-fixes). * mkspec-dtb: add toplevel symlinks also on arm * mmc: core: Add mmc_gpiod_set_cd_config() function (stable-fixes). * mmc: core: Do not force a retune before RPMB switch (stable-fixes). * mmc: sdhci-acpi: Disable write protect detection on Toshiba WT10-A (stable- fixes). * mmc: sdhci-acpi: Fix Lenovo Yoga Tablet 2 Pro 1380 sdcard slot not working (stable-fixes). * mmc: sdhci-acpi: Sort DMI quirks alphabetically (stable-fixes). * mmc: sdhci-pci: Convert PCIBIOS_* return codes to errnos (git-fixes). * mmc: sdhci: Do not invert write-protect twice (git-fixes). * mmc: sdhci: Do not lock spinlock around mmc_gpio_get_ro() (git-fixes). * mmc: sdhci_am654: Add ITAPDLYSEL in sdhci_j721e_4bit_set_clock (git-fixes). * mmc: sdhci_am654: Add OTAP/ITAP delay enable (git-fixes). * mmc: sdhci_am654: Drop lookup for deprecated ti,otap-del-sel (stable-fixes). * mmc: sdhci_am654: Fix ITAPDLY for HS400 timing (git-fixes). * mtd: rawnand: Bypass a couple of sanity checks during NAND identification (git-fixes). * mtd: rawnand: Ensure ECC configuration is propagated to upper layers (git- fixes). * mtd: rawnand: rockchip: ensure NVDDR timings are rejected (git-fixes). * net/mlx5e: Fix a race in command alloc flow (git-fixes). * net: can: j1939: Initialize unused data in j1939_send_one() (git-fixes). * net: can: j1939: enhanced error handling for tightly received RTS messages in xtp_rx_rts_session_new (git-fixes). * net: can: j1939: recover socket queue on CAN bus error during BAM transmission (git-fixes). * net: ena: Fix redundant device NUMA node override (jsc#PED-8690). * net: mana: Enable MANA driver on ARM64 with 4K page size (jsc#PED-8491). * net: phy: Micrel KSZ8061: fix errata solution not taking effect problem (git-fixes). * net: phy: micrel: add Microchip KSZ 9477 to the device table (git-fixes). * net: usb: ax88179_178a: improve link status logs (git-fixes). * net: usb: ax88179_178a: improve reset check (git-fixes). * net: usb: qmi_wwan: add Telit FN920C04 compositions (stable-fixes). * net: usb: rtl8150 fix unintiatilzed variables in rtl8150_get_link_ksettings (git-fixes). * net: usb: smsc95xx: fix changing LED_SEL bit value updated from EEPROM (git- fixes). * nfsd: optimise recalculate_deny_mode() for a common case (bsc#1217912). * nilfs2: fix potential hang in nilfs_detach_log_writer() (stable-fixes). * nvme: find numa distance only if controller has valid numa id (git-fixes). * nvmet-passthru: propagate status from id override functions (git-fixes). * ocfs2: adjust enabling place for la window (bsc#1219224). * ocfs2: fix sparse warnings (bsc#1219224). * ocfs2: improve write IO performance when fragmentation is high (bsc#1219224). * ocfs2: speed up chain-list searching (bsc#1219224). * pinctrl: fix deadlock in create_pinctrl() when handling -EPROBE_DEFER (git- fixes). * pinctrl: qcom: spmi-gpio: drop broken pm8008 support (git-fixes). * pinctrl: rockchip: fix pinmux bits for RK3328 GPIO2-B pins (git-fixes). * pinctrl: rockchip: fix pinmux bits for RK3328 GPIO3-B pins (git-fixes). * pinctrl: rockchip: fix pinmux reset in rockchip_pmx_set (git-fixes). * pinctrl: rockchip: use dedicated pinctrl type for RK3328 (git-fixes). * random: treat bootloader trust toggle the same way as cpu trust toggle (bsc#1226953). * regulator: bd71815: fix ramp values (git-fixes). * regulator: core: Fix modpost error "regulator_get_regmap" undefined (git- fixes). * regulator: irq_helpers: duplicate IRQ name (stable-fixes). * regulator: vqmmc-ipq4019: fix module autoloading (stable-fixes). * rpm/kernel-obs-build.spec.in: Add iso9660 (bsc#1226212) Some builds do not just create an iso9660 image, but also mount it during build. * rpm/kernel-obs-build.spec.in: Add networking modules for docker (bsc#1226211) docker needs more networking modules, even legacy iptable_nat and _filter. * rpm/kernel-obs-build.spec.in: Include algif_hash, aegis128 and xts modules afgif_hash is needed by some packages (e.g. iwd) for tests, xts is used for LUKS2 volumes by default and aegis128 is useful as AEAD cipher for LUKS2. Wrap the long line to make it readable. * rpm/mkspec-dtb: dtbs have moved to vendor sub-directories in 6.5 By commit 724ba6751532 ("ARM: dts: Move .dts files to vendor sub-directories"). So switch to them. * sched/core: Fix incorrect initialization of the 'burst' parameter in cpu_max_write() (bsc#1226791). * scsi: sd: Update DIX config every time sd_revalidate_disk() is called (bsc#1218570). * smb: client: ensure to try all targets when finding nested links (bsc#1224020). * smb: client: guarantee refcounted children from parent session (bsc#1224679). * soundwire: cadence: fix invalid PDI offset (stable-fixes). * spi: stm32: Do not warn about spurious interrupts (git-fixes). * supported.conf: Add APM X-Gene SoC hardware monitoring driver (bsc#1223265 jsc#PED-8570) * supported.conf: mark orangefs as optional We do not support orangefs at all (and it is already marked as such), but since there are no SLE consumers of it, mark it as optional. * supported.conf: mark ufs as unsupported UFS is an unsupported filesystem, mark it as such. We still keep it around (not marking as optional), to accommodate any potential migrations from BSD systems. * tty: mcf: MCF54418 has 10 UARTS (git-fixes). * usb-storage: alauda: Check whether the media is initialized (git-fixes). * usb: atm: cxacru: fix endpoint checking in cxacru_bind() (git-fixes). * usb: dwc3: core: remove lock of otg mode during gadget suspend/resume to avoid deadlock (git-fixes). * usb: fotg210-hcd: delete an incorrect bounds test (git-fixes). * usb: gadget: printer: fix races against disable (git-fixes). * usb: musb: da8xx: fix a resource leak in probe() (git-fixes). * usb: typec: tcpm: Ignore received Hard Reset in TOGGLING state (git-fixes). * usb: typec: tcpm: fix use-after-free case in tcpm_register_source_caps (git- fixes). * usb: typec: ucsi: Ack also failed Get Error commands (git-fixes). * usb: typec: ucsi: Never send a lone connector change ack (git-fixes). * usb: xhci: Implement xhci_handshake_check_state() helper (git-fixes). * usb: xhci: address off-by-one in xhci_num_trbs_free() (git-fixes). * usb: xhci: improve debug message in xhci_ring_expansion_needed() (git- fixes). * watchdog: bd9576: Drop "always-running" property (git-fixes). * watchdog: bd9576_wdt: switch to using devm_fwnode_gpiod_get() (stable- fixes). * wifi: cfg80211: Lock wiphy in cfg80211_get_station (git-fixes). * wifi: cfg80211: fix the order of arguments for trace events of the tx_rx_evt class (stable-fixes). * wifi: cfg80211: pmsr: use correct nla_get_uX functions (git-fixes). * wifi: iwlwifi: dbg_ini: move iwl_dbg_tlv_free outside of debugfs ifdef (git- fixes). * wifi: iwlwifi: mvm: check n_ssids before accessing the ssids (git-fixes). * wifi: iwlwifi: mvm: do not read past the mfuart notifcation (git-fixes). * wifi: iwlwifi: mvm: revert gen2 TX A-MPDU size to 64 (git-fixes). * wifi: mac80211: Fix deadlock in ieee80211_sta_ps_deliver_wakeup() (git- fixes). * wifi: mac80211: correctly parse Spatial Reuse Parameter Set element (git- fixes). * wifi: mac80211: mesh: Fix leak of mesh_preq_queue objects (git-fixes). * wifi: rtl8xxxu: Fix the TX power of RTL8192CU, RTL8723AU (stable-fixes). * wifi: rtlwifi: rtl8192de: Fix endianness issue in RX path (stable-fixes). * wifi: rtlwifi: rtl8192de: Fix low speed with WPA3-SAE (stable-fixes). * x86/mce: Dynamically size space for machine check records (bsc#1222241). * x86/tsc: Trust initial offset in architectural TSC-adjust MSRs (bsc#1222015 bsc#1226962). * xfs: make sure sb_fdblocks is non-negative (bsc#1225419). * xhci: Fix failure to detect ring expansion need (git-fixes). * xhci: Fix transfer ring expansion size calculation (git-fixes). * xhci: Handle TD clearing for multiple streams case (git-fixes). * xhci: Simplify event ring dequeue pointer update for port change events (git-fixes). * xhci: Stop unnecessary tracking of free trbs in a ring (git-fixes). * xhci: fix matching completion events with TDs (git-fixes). * xhci: remove unused stream_id parameter from xhci_handle_halted_endpoint() (git-fixes). * xhci: restre deleted trb fields for tracing (git-fixes). * xhci: retry Stop Endpoint on buggy NEC controllers (git-fixes). * xhci: simplify event ring dequeue tracking for transfer events (git-fixes). * xhci: update event ring dequeue pointer position to controller correctly (git-fixes). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-2394=1 openSUSE-SLE-15.5-2024-2394=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-2394=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-2394=1 * SUSE Real Time Module 15-SP5 zypper in -t patch SUSE-SLE-Module-RT-15-SP5-2024-2394=1 ## Package List: * openSUSE Leap 15.5 (noarch) * kernel-devel-rt-5.14.21-150500.13.61.1 * kernel-source-rt-5.14.21-150500.13.61.1 * openSUSE Leap 15.5 (x86_64) * kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1 * kselftests-kmp-rt-debuginfo-5.14.21-150500.13.61.1 * reiserfs-kmp-rt-debuginfo-5.14.21-150500.13.61.1 * kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo-1-150500.11.3.1 * cluster-md-kmp-rt-5.14.21-150500.13.61.1 * kernel-rt_debug-devel-debuginfo-5.14.21-150500.13.61.1 * kernel-rt-devel-debuginfo-5.14.21-150500.13.61.1 * kernel-rt_debug-vdso-5.14.21-150500.13.61.1 * kernel-syms-rt-5.14.21-150500.13.61.1 * dlm-kmp-rt-debuginfo-5.14.21-150500.13.61.1 * dlm-kmp-rt-5.14.21-150500.13.61.1 * kernel-rt-optional-debuginfo-5.14.21-150500.13.61.1 * kernel-rt-debuginfo-5.14.21-150500.13.61.1 * kernel-rt-optional-5.14.21-150500.13.61.1 * reiserfs-kmp-rt-5.14.21-150500.13.61.1 * kernel-rt_debug-vdso-debuginfo-5.14.21-150500.13.61.1 * kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource-1-150500.11.3.1 * kernel-rt_debug-devel-5.14.21-150500.13.61.1 * ocfs2-kmp-rt-debuginfo-5.14.21-150500.13.61.1 * kselftests-kmp-rt-5.14.21-150500.13.61.1 * kernel-rt-livepatch-5.14.21-150500.13.61.1 * gfs2-kmp-rt-debuginfo-5.14.21-150500.13.61.1 * kernel-rt-extra-debuginfo-5.14.21-150500.13.61.1 * kernel-rt-vdso-5.14.21-150500.13.61.1 * kernel-rt-vdso-debuginfo-5.14.21-150500.13.61.1 * kernel-rt-debugsource-5.14.21-150500.13.61.1 * kernel-rt_debug-debugsource-5.14.21-150500.13.61.1 * kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1 * ocfs2-kmp-rt-5.14.21-150500.13.61.1 * kernel-rt_debug-debuginfo-5.14.21-150500.13.61.1 * kernel-rt-livepatch-devel-5.14.21-150500.13.61.1 * kernel-rt-extra-5.14.21-150500.13.61.1 * kernel-rt-devel-5.14.21-150500.13.61.1 * cluster-md-kmp-rt-debuginfo-5.14.21-150500.13.61.1 * gfs2-kmp-rt-5.14.21-150500.13.61.1 * openSUSE Leap 15.5 (nosrc x86_64) * kernel-rt-5.14.21-150500.13.61.1 * kernel-rt_debug-5.14.21-150500.13.61.1 * SUSE Linux Enterprise Micro 5.5 (nosrc x86_64) * kernel-rt-5.14.21-150500.13.61.1 * SUSE Linux Enterprise Micro 5.5 (x86_64) * kernel-rt-debugsource-5.14.21-150500.13.61.1 * kernel-rt-debuginfo-5.14.21-150500.13.61.1 * SUSE Linux Enterprise Micro 5.5 (noarch) * kernel-source-rt-5.14.21-150500.13.61.1 * SUSE Linux Enterprise Live Patching 15-SP5 (x86_64) * kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo-1-150500.11.3.1 * kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1 * kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource-1-150500.11.3.1 * SUSE Real Time Module 15-SP5 (x86_64) * cluster-md-kmp-rt-5.14.21-150500.13.61.1 * kernel-rt_debug-devel-debuginfo-5.14.21-150500.13.61.1 * kernel-rt-devel-debuginfo-5.14.21-150500.13.61.1 * kernel-rt_debug-vdso-5.14.21-150500.13.61.1 * kernel-syms-rt-5.14.21-150500.13.61.1 * dlm-kmp-rt-debuginfo-5.14.21-150500.13.61.1 * dlm-kmp-rt-5.14.21-150500.13.61.1 * kernel-rt-debuginfo-5.14.21-150500.13.61.1 * kernel-rt_debug-vdso-debuginfo-5.14.21-150500.13.61.1 * kernel-rt_debug-devel-5.14.21-150500.13.61.1 * ocfs2-kmp-rt-debuginfo-5.14.21-150500.13.61.1 * gfs2-kmp-rt-debuginfo-5.14.21-150500.13.61.1 * kernel-rt-vdso-5.14.21-150500.13.61.1 * kernel-rt-vdso-debuginfo-5.14.21-150500.13.61.1 * kernel-rt_debug-debugsource-5.14.21-150500.13.61.1 * kernel-rt-debugsource-5.14.21-150500.13.61.1 * ocfs2-kmp-rt-5.14.21-150500.13.61.1 * kernel-rt_debug-debuginfo-5.14.21-150500.13.61.1 * kernel-rt-devel-5.14.21-150500.13.61.1 * cluster-md-kmp-rt-debuginfo-5.14.21-150500.13.61.1 * gfs2-kmp-rt-5.14.21-150500.13.61.1 * SUSE Real Time Module 15-SP5 (noarch) * kernel-devel-rt-5.14.21-150500.13.61.1 * kernel-source-rt-5.14.21-150500.13.61.1 * SUSE Real Time Module 15-SP5 (nosrc x86_64) * kernel-rt-5.14.21-150500.13.61.1 * kernel-rt_debug-5.14.21-150500.13.61.1 ## References: * https://www.suse.com/security/cve/CVE-2021-4439.html * https://www.suse.com/security/cve/CVE-2021-47089.html * https://www.suse.com/security/cve/CVE-2021-47432.html * https://www.suse.com/security/cve/CVE-2021-47515.html * https://www.suse.com/security/cve/CVE-2021-47534.html * https://www.suse.com/security/cve/CVE-2021-47538.html * https://www.suse.com/security/cve/CVE-2021-47539.html * https://www.suse.com/security/cve/CVE-2021-47555.html * https://www.suse.com/security/cve/CVE-2021-47566.html * https://www.suse.com/security/cve/CVE-2021-47571.html * https://www.suse.com/security/cve/CVE-2021-47572.html * https://www.suse.com/security/cve/CVE-2021-47576.html * https://www.suse.com/security/cve/CVE-2021-47577.html * https://www.suse.com/security/cve/CVE-2021-47578.html * https://www.suse.com/security/cve/CVE-2021-47580.html * https://www.suse.com/security/cve/CVE-2021-47582.html * https://www.suse.com/security/cve/CVE-2021-47583.html * https://www.suse.com/security/cve/CVE-2021-47584.html * https://www.suse.com/security/cve/CVE-2021-47585.html * https://www.suse.com/security/cve/CVE-2021-47586.html * https://www.suse.com/security/cve/CVE-2021-47587.html * https://www.suse.com/security/cve/CVE-2021-47589.html * https://www.suse.com/security/cve/CVE-2021-47592.html * https://www.suse.com/security/cve/CVE-2021-47595.html * https://www.suse.com/security/cve/CVE-2021-47596.html * https://www.suse.com/security/cve/CVE-2021-47597.html * https://www.suse.com/security/cve/CVE-2021-47600.html * https://www.suse.com/security/cve/CVE-2021-47601.html * https://www.suse.com/security/cve/CVE-2021-47602.html * https://www.suse.com/security/cve/CVE-2021-47603.html * https://www.suse.com/security/cve/CVE-2021-47604.html * https://www.suse.com/security/cve/CVE-2021-47605.html * https://www.suse.com/security/cve/CVE-2021-47607.html * https://www.suse.com/security/cve/CVE-2021-47608.html * https://www.suse.com/security/cve/CVE-2021-47609.html * https://www.suse.com/security/cve/CVE-2021-47610.html * https://www.suse.com/security/cve/CVE-2021-47611.html * https://www.suse.com/security/cve/CVE-2021-47612.html * https://www.suse.com/security/cve/CVE-2021-47614.html * https://www.suse.com/security/cve/CVE-2021-47615.html * https://www.suse.com/security/cve/CVE-2021-47616.html * https://www.suse.com/security/cve/CVE-2021-47617.html * https://www.suse.com/security/cve/CVE-2021-47618.html * https://www.suse.com/security/cve/CVE-2021-47619.html * https://www.suse.com/security/cve/CVE-2021-47620.html * https://www.suse.com/security/cve/CVE-2022-48711.html * https://www.suse.com/security/cve/CVE-2022-48712.html * https://www.suse.com/security/cve/CVE-2022-48713.html * https://www.suse.com/security/cve/CVE-2022-48714.html * https://www.suse.com/security/cve/CVE-2022-48715.html * https://www.suse.com/security/cve/CVE-2022-48716.html * https://www.suse.com/security/cve/CVE-2022-48717.html * https://www.suse.com/security/cve/CVE-2022-48718.html * https://www.suse.com/security/cve/CVE-2022-48720.html * https://www.suse.com/security/cve/CVE-2022-48721.html * https://www.suse.com/security/cve/CVE-2022-48722.html * https://www.suse.com/security/cve/CVE-2022-48723.html * https://www.suse.com/security/cve/CVE-2022-48724.html * https://www.suse.com/security/cve/CVE-2022-48725.html * https://www.suse.com/security/cve/CVE-2022-48726.html * https://www.suse.com/security/cve/CVE-2022-48727.html * https://www.suse.com/security/cve/CVE-2022-48728.html * https://www.suse.com/security/cve/CVE-2022-48729.html * https://www.suse.com/security/cve/CVE-2022-48730.html * https://www.suse.com/security/cve/CVE-2022-48732.html * https://www.suse.com/security/cve/CVE-2022-48733.html * https://www.suse.com/security/cve/CVE-2022-48734.html * https://www.suse.com/security/cve/CVE-2022-48735.html * https://www.suse.com/security/cve/CVE-2022-48736.html * https://www.suse.com/security/cve/CVE-2022-48737.html * https://www.suse.com/security/cve/CVE-2022-48738.html * https://www.suse.com/security/cve/CVE-2022-48739.html * https://www.suse.com/security/cve/CVE-2022-48740.html * https://www.suse.com/security/cve/CVE-2022-48743.html * https://www.suse.com/security/cve/CVE-2022-48744.html * https://www.suse.com/security/cve/CVE-2022-48745.html * https://www.suse.com/security/cve/CVE-2022-48746.html * https://www.suse.com/security/cve/CVE-2022-48747.html * https://www.suse.com/security/cve/CVE-2022-48748.html * https://www.suse.com/security/cve/CVE-2022-48749.html * https://www.suse.com/security/cve/CVE-2022-48751.html * https://www.suse.com/security/cve/CVE-2022-48752.html * https://www.suse.com/security/cve/CVE-2022-48753.html * https://www.suse.com/security/cve/CVE-2022-48754.html * https://www.suse.com/security/cve/CVE-2022-48755.html * https://www.suse.com/security/cve/CVE-2022-48756.html * https://www.suse.com/security/cve/CVE-2022-48758.html * https://www.suse.com/security/cve/CVE-2022-48759.html * https://www.suse.com/security/cve/CVE-2022-48760.html * https://www.suse.com/security/cve/CVE-2022-48761.html * https://www.suse.com/security/cve/CVE-2022-48763.html * https://www.suse.com/security/cve/CVE-2022-48765.html * https://www.suse.com/security/cve/CVE-2022-48766.html * https://www.suse.com/security/cve/CVE-2022-48767.html * https://www.suse.com/security/cve/CVE-2022-48768.html * https://www.suse.com/security/cve/CVE-2022-48769.html * https://www.suse.com/security/cve/CVE-2022-48770.html * https://www.suse.com/security/cve/CVE-2022-48771.html * https://www.suse.com/security/cve/CVE-2022-48772.html * https://www.suse.com/security/cve/CVE-2023-24023.html * https://www.suse.com/security/cve/CVE-2023-52622.html * https://www.suse.com/security/cve/CVE-2023-52658.html * https://www.suse.com/security/cve/CVE-2023-52667.html * https://www.suse.com/security/cve/CVE-2023-52670.html * https://www.suse.com/security/cve/CVE-2023-52672.html * https://www.suse.com/security/cve/CVE-2023-52675.html * https://www.suse.com/security/cve/CVE-2023-52735.html * https://www.suse.com/security/cve/CVE-2023-52737.html * https://www.suse.com/security/cve/CVE-2023-52752.html * https://www.suse.com/security/cve/CVE-2023-52766.html * https://www.suse.com/security/cve/CVE-2023-52784.html * https://www.suse.com/security/cve/CVE-2023-52787.html * https://www.suse.com/security/cve/CVE-2023-52800.html * https://www.suse.com/security/cve/CVE-2023-52835.html * https://www.suse.com/security/cve/CVE-2023-52837.html * https://www.suse.com/security/cve/CVE-2023-52843.html * https://www.suse.com/security/cve/CVE-2023-52845.html * https://www.suse.com/security/cve/CVE-2023-52846.html * https://www.suse.com/security/cve/CVE-2023-52869.html * https://www.suse.com/security/cve/CVE-2023-52881.html * https://www.suse.com/security/cve/CVE-2023-52882.html * https://www.suse.com/security/cve/CVE-2023-52884.html * https://www.suse.com/security/cve/CVE-2024-26625.html * https://www.suse.com/security/cve/CVE-2024-26644.html * https://www.suse.com/security/cve/CVE-2024-26720.html * https://www.suse.com/security/cve/CVE-2024-26842.html * https://www.suse.com/security/cve/CVE-2024-26845.html * https://www.suse.com/security/cve/CVE-2024-26923.html * https://www.suse.com/security/cve/CVE-2024-26973.html * https://www.suse.com/security/cve/CVE-2024-27432.html * https://www.suse.com/security/cve/CVE-2024-33619.html * https://www.suse.com/security/cve/CVE-2024-35247.html * https://www.suse.com/security/cve/CVE-2024-35789.html * https://www.suse.com/security/cve/CVE-2024-35790.html * https://www.suse.com/security/cve/CVE-2024-35807.html * https://www.suse.com/security/cve/CVE-2024-35814.html * https://www.suse.com/security/cve/CVE-2024-35835.html * https://www.suse.com/security/cve/CVE-2024-35848.html * https://www.suse.com/security/cve/CVE-2024-35857.html * https://www.suse.com/security/cve/CVE-2024-35861.html * https://www.suse.com/security/cve/CVE-2024-35862.html * https://www.suse.com/security/cve/CVE-2024-35864.html * https://www.suse.com/security/cve/CVE-2024-35869.html * https://www.suse.com/security/cve/CVE-2024-35878.html * https://www.suse.com/security/cve/CVE-2024-35884.html * https://www.suse.com/security/cve/CVE-2024-35886.html * https://www.suse.com/security/cve/CVE-2024-35896.html * https://www.suse.com/security/cve/CVE-2024-35898.html * https://www.suse.com/security/cve/CVE-2024-35900.html * https://www.suse.com/security/cve/CVE-2024-35905.html * https://www.suse.com/security/cve/CVE-2024-35925.html * https://www.suse.com/security/cve/CVE-2024-35950.html * https://www.suse.com/security/cve/CVE-2024-35956.html * https://www.suse.com/security/cve/CVE-2024-35958.html * https://www.suse.com/security/cve/CVE-2024-35960.html * https://www.suse.com/security/cve/CVE-2024-35962.html * https://www.suse.com/security/cve/CVE-2024-35997.html * https://www.suse.com/security/cve/CVE-2024-36005.html * https://www.suse.com/security/cve/CVE-2024-36008.html * https://www.suse.com/security/cve/CVE-2024-36017.html * https://www.suse.com/security/cve/CVE-2024-36020.html * https://www.suse.com/security/cve/CVE-2024-36021.html * https://www.suse.com/security/cve/CVE-2024-36025.html * https://www.suse.com/security/cve/CVE-2024-36477.html * https://www.suse.com/security/cve/CVE-2024-36478.html * https://www.suse.com/security/cve/CVE-2024-36479.html * https://www.suse.com/security/cve/CVE-2024-36890.html * https://www.suse.com/security/cve/CVE-2024-36894.html * https://www.suse.com/security/cve/CVE-2024-36899.html * https://www.suse.com/security/cve/CVE-2024-36900.html * https://www.suse.com/security/cve/CVE-2024-36904.html * https://www.suse.com/security/cve/CVE-2024-36915.html * https://www.suse.com/security/cve/CVE-2024-36916.html * https://www.suse.com/security/cve/CVE-2024-36917.html * https://www.suse.com/security/cve/CVE-2024-36919.html * https://www.suse.com/security/cve/CVE-2024-36934.html * https://www.suse.com/security/cve/CVE-2024-36937.html * https://www.suse.com/security/cve/CVE-2024-36940.html * https://www.suse.com/security/cve/CVE-2024-36945.html * https://www.suse.com/security/cve/CVE-2024-36949.html * https://www.suse.com/security/cve/CVE-2024-36960.html * https://www.suse.com/security/cve/CVE-2024-36964.html * https://www.suse.com/security/cve/CVE-2024-36965.html * https://www.suse.com/security/cve/CVE-2024-36967.html * https://www.suse.com/security/cve/CVE-2024-36969.html * https://www.suse.com/security/cve/CVE-2024-36971.html * https://www.suse.com/security/cve/CVE-2024-36975.html * https://www.suse.com/security/cve/CVE-2024-36978.html * https://www.suse.com/security/cve/CVE-2024-37021.html * https://www.suse.com/security/cve/CVE-2024-37078.html * https://www.suse.com/security/cve/CVE-2024-37354.html * https://www.suse.com/security/cve/CVE-2024-38381.html * https://www.suse.com/security/cve/CVE-2024-38388.html * https://www.suse.com/security/cve/CVE-2024-38390.html * https://www.suse.com/security/cve/CVE-2024-38540.html * https://www.suse.com/security/cve/CVE-2024-38541.html * https://www.suse.com/security/cve/CVE-2024-38544.html * https://www.suse.com/security/cve/CVE-2024-38545.html * https://www.suse.com/security/cve/CVE-2024-38546.html * https://www.suse.com/security/cve/CVE-2024-38547.html * https://www.suse.com/security/cve/CVE-2024-38548.html * https://www.suse.com/security/cve/CVE-2024-38549.html * https://www.suse.com/security/cve/CVE-2024-38550.html * https://www.suse.com/security/cve/CVE-2024-38552.html * https://www.suse.com/security/cve/CVE-2024-38553.html * https://www.suse.com/security/cve/CVE-2024-38555.html * https://www.suse.com/security/cve/CVE-2024-38556.html * https://www.suse.com/security/cve/CVE-2024-38557.html * https://www.suse.com/security/cve/CVE-2024-38559.html * https://www.suse.com/security/cve/CVE-2024-38560.html * https://www.suse.com/security/cve/CVE-2024-38564.html * https://www.suse.com/security/cve/CVE-2024-38565.html * https://www.suse.com/security/cve/CVE-2024-38567.html * https://www.suse.com/security/cve/CVE-2024-38568.html * https://www.suse.com/security/cve/CVE-2024-38571.html * https://www.suse.com/security/cve/CVE-2024-38573.html * https://www.suse.com/security/cve/CVE-2024-38578.html * https://www.suse.com/security/cve/CVE-2024-38579.html * https://www.suse.com/security/cve/CVE-2024-38580.html * https://www.suse.com/security/cve/CVE-2024-38581.html * https://www.suse.com/security/cve/CVE-2024-38582.html * https://www.suse.com/security/cve/CVE-2024-38583.html * https://www.suse.com/security/cve/CVE-2024-38587.html * https://www.suse.com/security/cve/CVE-2024-38590.html * https://www.suse.com/security/cve/CVE-2024-38591.html * https://www.suse.com/security/cve/CVE-2024-38594.html * https://www.suse.com/security/cve/CVE-2024-38597.html * https://www.suse.com/security/cve/CVE-2024-38599.html * https://www.suse.com/security/cve/CVE-2024-38600.html * https://www.suse.com/security/cve/CVE-2024-38601.html * https://www.suse.com/security/cve/CVE-2024-38603.html * https://www.suse.com/security/cve/CVE-2024-38605.html * https://www.suse.com/security/cve/CVE-2024-38608.html * https://www.suse.com/security/cve/CVE-2024-38616.html * https://www.suse.com/security/cve/CVE-2024-38618.html * https://www.suse.com/security/cve/CVE-2024-38619.html * https://www.suse.com/security/cve/CVE-2024-38621.html * https://www.suse.com/security/cve/CVE-2024-38627.html * https://www.suse.com/security/cve/CVE-2024-38630.html * https://www.suse.com/security/cve/CVE-2024-38633.html * https://www.suse.com/security/cve/CVE-2024-38634.html * https://www.suse.com/security/cve/CVE-2024-38635.html * https://www.suse.com/security/cve/CVE-2024-38659.html * https://www.suse.com/security/cve/CVE-2024-38661.html * https://www.suse.com/security/cve/CVE-2024-38780.html * https://www.suse.com/security/cve/CVE-2024-39301.html * https://www.suse.com/security/cve/CVE-2024-39468.html * https://www.suse.com/security/cve/CVE-2024-39469.html * https://www.suse.com/security/cve/CVE-2024-39471.html * https://bugzilla.suse.com/show_bug.cgi?id=1156395 * https://bugzilla.suse.com/show_bug.cgi?id=1190336 * https://bugzilla.suse.com/show_bug.cgi?id=1191958 * https://bugzilla.suse.com/show_bug.cgi?id=1193883 * https://bugzilla.suse.com/show_bug.cgi?id=1194826 * https://bugzilla.suse.com/show_bug.cgi?id=1195065 * https://bugzilla.suse.com/show_bug.cgi?id=1195254 * https://bugzilla.suse.com/show_bug.cgi?id=1195341 * https://bugzilla.suse.com/show_bug.cgi?id=1195349 * https://bugzilla.suse.com/show_bug.cgi?id=1195775 * https://bugzilla.suse.com/show_bug.cgi?id=1196746 * https://bugzilla.suse.com/show_bug.cgi?id=1197915 * https://bugzilla.suse.com/show_bug.cgi?id=1198014 * https://bugzilla.suse.com/show_bug.cgi?id=1199295 * https://bugzilla.suse.com/show_bug.cgi?id=1202767 * https://bugzilla.suse.com/show_bug.cgi?id=1202780 * https://bugzilla.suse.com/show_bug.cgi?id=1205205 * https://bugzilla.suse.com/show_bug.cgi?id=1207361 * https://bugzilla.suse.com/show_bug.cgi?id=1217912 * https://bugzilla.suse.com/show_bug.cgi?id=1218148 * https://bugzilla.suse.com/show_bug.cgi?id=1218570 * https://bugzilla.suse.com/show_bug.cgi?id=1218820 * https://bugzilla.suse.com/show_bug.cgi?id=1219224 * https://bugzilla.suse.com/show_bug.cgi?id=1219633 * https://bugzilla.suse.com/show_bug.cgi?id=1219847 * https://bugzilla.suse.com/show_bug.cgi?id=1220368 * https://bugzilla.suse.com/show_bug.cgi?id=1220812 * https://bugzilla.suse.com/show_bug.cgi?id=1220958 * https://bugzilla.suse.com/show_bug.cgi?id=1221086 * https://bugzilla.suse.com/show_bug.cgi?id=1221282 * https://bugzilla.suse.com/show_bug.cgi?id=1221958 * https://bugzilla.suse.com/show_bug.cgi?id=1222015 * https://bugzilla.suse.com/show_bug.cgi?id=1222072 * https://bugzilla.suse.com/show_bug.cgi?id=1222080 * https://bugzilla.suse.com/show_bug.cgi?id=1222241 * https://bugzilla.suse.com/show_bug.cgi?id=1222254 * https://bugzilla.suse.com/show_bug.cgi?id=1222364 * https://bugzilla.suse.com/show_bug.cgi?id=1222893 * https://bugzilla.suse.com/show_bug.cgi?id=1223013 * https://bugzilla.suse.com/show_bug.cgi?id=1223018 * https://bugzilla.suse.com/show_bug.cgi?id=1223265 * https://bugzilla.suse.com/show_bug.cgi?id=1223384 * https://bugzilla.suse.com/show_bug.cgi?id=1223641 * https://bugzilla.suse.com/show_bug.cgi?id=1224020 * https://bugzilla.suse.com/show_bug.cgi?id=1224331 * https://bugzilla.suse.com/show_bug.cgi?id=1224488 * https://bugzilla.suse.com/show_bug.cgi?id=1224497 * https://bugzilla.suse.com/show_bug.cgi?id=1224498 * https://bugzilla.suse.com/show_bug.cgi?id=1224504 * https://bugzilla.suse.com/show_bug.cgi?id=1224520 * https://bugzilla.suse.com/show_bug.cgi?id=1224539 * https://bugzilla.suse.com/show_bug.cgi?id=1224540 * https://bugzilla.suse.com/show_bug.cgi?id=1224552 * https://bugzilla.suse.com/show_bug.cgi?id=1224583 * https://bugzilla.suse.com/show_bug.cgi?id=1224588 * https://bugzilla.suse.com/show_bug.cgi?id=1224602 * https://bugzilla.suse.com/show_bug.cgi?id=1224603 * https://bugzilla.suse.com/show_bug.cgi?id=1224605 * https://bugzilla.suse.com/show_bug.cgi?id=1224612 * https://bugzilla.suse.com/show_bug.cgi?id=1224614 * https://bugzilla.suse.com/show_bug.cgi?id=1224619 * https://bugzilla.suse.com/show_bug.cgi?id=1224661 * https://bugzilla.suse.com/show_bug.cgi?id=1224662 * https://bugzilla.suse.com/show_bug.cgi?id=1224670 * https://bugzilla.suse.com/show_bug.cgi?id=1224671 * https://bugzilla.suse.com/show_bug.cgi?id=1224674 * https://bugzilla.suse.com/show_bug.cgi?id=1224677 * https://bugzilla.suse.com/show_bug.cgi?id=1224679 * https://bugzilla.suse.com/show_bug.cgi?id=1224696 * https://bugzilla.suse.com/show_bug.cgi?id=1224703 * https://bugzilla.suse.com/show_bug.cgi?id=1224712 * https://bugzilla.suse.com/show_bug.cgi?id=1224716 * https://bugzilla.suse.com/show_bug.cgi?id=1224719 * https://bugzilla.suse.com/show_bug.cgi?id=1224735 * https://bugzilla.suse.com/show_bug.cgi?id=1224749 * https://bugzilla.suse.com/show_bug.cgi?id=1224764 * https://bugzilla.suse.com/show_bug.cgi?id=1224765 * https://bugzilla.suse.com/show_bug.cgi?id=1224766 * https://bugzilla.suse.com/show_bug.cgi?id=1224935 * https://bugzilla.suse.com/show_bug.cgi?id=1224946 * https://bugzilla.suse.com/show_bug.cgi?id=1224951 * https://bugzilla.suse.com/show_bug.cgi?id=1225050 * https://bugzilla.suse.com/show_bug.cgi?id=1225098 * https://bugzilla.suse.com/show_bug.cgi?id=1225105 * https://bugzilla.suse.com/show_bug.cgi?id=1225300 * https://bugzilla.suse.com/show_bug.cgi?id=1225389 * https://bugzilla.suse.com/show_bug.cgi?id=1225391 * https://bugzilla.suse.com/show_bug.cgi?id=1225419 * https://bugzilla.suse.com/show_bug.cgi?id=1225426 * https://bugzilla.suse.com/show_bug.cgi?id=1225448 * https://bugzilla.suse.com/show_bug.cgi?id=1225452 * https://bugzilla.suse.com/show_bug.cgi?id=1225467 * https://bugzilla.suse.com/show_bug.cgi?id=1225475 * https://bugzilla.suse.com/show_bug.cgi?id=1225484 * https://bugzilla.suse.com/show_bug.cgi?id=1225487 * https://bugzilla.suse.com/show_bug.cgi?id=1225514 * https://bugzilla.suse.com/show_bug.cgi?id=1225518 * https://bugzilla.suse.com/show_bug.cgi?id=1225535 * https://bugzilla.suse.com/show_bug.cgi?id=1225585 * https://bugzilla.suse.com/show_bug.cgi?id=1225602 * https://bugzilla.suse.com/show_bug.cgi?id=1225611 * https://bugzilla.suse.com/show_bug.cgi?id=1225681 * https://bugzilla.suse.com/show_bug.cgi?id=1225692 * https://bugzilla.suse.com/show_bug.cgi?id=1225698 * https://bugzilla.suse.com/show_bug.cgi?id=1225699 * https://bugzilla.suse.com/show_bug.cgi?id=1225704 * https://bugzilla.suse.com/show_bug.cgi?id=1225714 * https://bugzilla.suse.com/show_bug.cgi?id=1225726 * https://bugzilla.suse.com/show_bug.cgi?id=1225732 * https://bugzilla.suse.com/show_bug.cgi?id=1225737 * https://bugzilla.suse.com/show_bug.cgi?id=1225749 * https://bugzilla.suse.com/show_bug.cgi?id=1225758 * https://bugzilla.suse.com/show_bug.cgi?id=1225759 * https://bugzilla.suse.com/show_bug.cgi?id=1225760 * https://bugzilla.suse.com/show_bug.cgi?id=1225767 * https://bugzilla.suse.com/show_bug.cgi?id=1225770 * https://bugzilla.suse.com/show_bug.cgi?id=1225823 * https://bugzilla.suse.com/show_bug.cgi?id=1225834 * https://bugzilla.suse.com/show_bug.cgi?id=1225840 * https://bugzilla.suse.com/show_bug.cgi?id=1225866 * https://bugzilla.suse.com/show_bug.cgi?id=1225872 * https://bugzilla.suse.com/show_bug.cgi?id=1225894 * https://bugzilla.suse.com/show_bug.cgi?id=1226022 * https://bugzilla.suse.com/show_bug.cgi?id=1226131 * https://bugzilla.suse.com/show_bug.cgi?id=1226145 * https://bugzilla.suse.com/show_bug.cgi?id=1226149 * https://bugzilla.suse.com/show_bug.cgi?id=1226155 * https://bugzilla.suse.com/show_bug.cgi?id=1226211 * https://bugzilla.suse.com/show_bug.cgi?id=1226212 * https://bugzilla.suse.com/show_bug.cgi?id=1226226 * https://bugzilla.suse.com/show_bug.cgi?id=1226514 * https://bugzilla.suse.com/show_bug.cgi?id=1226520 * https://bugzilla.suse.com/show_bug.cgi?id=1226537 * https://bugzilla.suse.com/show_bug.cgi?id=1226538 * https://bugzilla.suse.com/show_bug.cgi?id=1226539 * https://bugzilla.suse.com/show_bug.cgi?id=1226550 * https://bugzilla.suse.com/show_bug.cgi?id=1226552 * https://bugzilla.suse.com/show_bug.cgi?id=1226553 * https://bugzilla.suse.com/show_bug.cgi?id=1226554 * https://bugzilla.suse.com/show_bug.cgi?id=1226556 * https://bugzilla.suse.com/show_bug.cgi?id=1226557 * https://bugzilla.suse.com/show_bug.cgi?id=1226558 * https://bugzilla.suse.com/show_bug.cgi?id=1226559 * https://bugzilla.suse.com/show_bug.cgi?id=1226561 * https://bugzilla.suse.com/show_bug.cgi?id=1226562 * https://bugzilla.suse.com/show_bug.cgi?id=1226563 * https://bugzilla.suse.com/show_bug.cgi?id=1226564 * https://bugzilla.suse.com/show_bug.cgi?id=1226566 * https://bugzilla.suse.com/show_bug.cgi?id=1226567 * https://bugzilla.suse.com/show_bug.cgi?id=1226569 * https://bugzilla.suse.com/show_bug.cgi?id=1226572 * https://bugzilla.suse.com/show_bug.cgi?id=1226575 * https://bugzilla.suse.com/show_bug.cgi?id=1226576 * https://bugzilla.suse.com/show_bug.cgi?id=1226577 * https://bugzilla.suse.com/show_bug.cgi?id=1226579 * https://bugzilla.suse.com/show_bug.cgi?id=1226580 * https://bugzilla.suse.com/show_bug.cgi?id=1226581 * https://bugzilla.suse.com/show_bug.cgi?id=1226582 * https://bugzilla.suse.com/show_bug.cgi?id=1226583 * https://bugzilla.suse.com/show_bug.cgi?id=1226585 * https://bugzilla.suse.com/show_bug.cgi?id=1226587 * https://bugzilla.suse.com/show_bug.cgi?id=1226588 * https://bugzilla.suse.com/show_bug.cgi?id=1226593 * https://bugzilla.suse.com/show_bug.cgi?id=1226595 * https://bugzilla.suse.com/show_bug.cgi?id=1226597 * https://bugzilla.suse.com/show_bug.cgi?id=1226601 * https://bugzilla.suse.com/show_bug.cgi?id=1226602 * https://bugzilla.suse.com/show_bug.cgi?id=1226603 * https://bugzilla.suse.com/show_bug.cgi?id=1226607 * https://bugzilla.suse.com/show_bug.cgi?id=1226610 * https://bugzilla.suse.com/show_bug.cgi?id=1226614 * https://bugzilla.suse.com/show_bug.cgi?id=1226616 * https://bugzilla.suse.com/show_bug.cgi?id=1226617 * https://bugzilla.suse.com/show_bug.cgi?id=1226618 * https://bugzilla.suse.com/show_bug.cgi?id=1226619 * https://bugzilla.suse.com/show_bug.cgi?id=1226621 * https://bugzilla.suse.com/show_bug.cgi?id=1226622 * https://bugzilla.suse.com/show_bug.cgi?id=1226624 * https://bugzilla.suse.com/show_bug.cgi?id=1226626 * https://bugzilla.suse.com/show_bug.cgi?id=1226628 * https://bugzilla.suse.com/show_bug.cgi?id=1226629 * https://bugzilla.suse.com/show_bug.cgi?id=1226632 * https://bugzilla.suse.com/show_bug.cgi?id=1226633 * https://bugzilla.suse.com/show_bug.cgi?id=1226634 * https://bugzilla.suse.com/show_bug.cgi?id=1226637 * https://bugzilla.suse.com/show_bug.cgi?id=1226643 * https://bugzilla.suse.com/show_bug.cgi?id=1226644 * https://bugzilla.suse.com/show_bug.cgi?id=1226645 * https://bugzilla.suse.com/show_bug.cgi?id=1226647 * https://bugzilla.suse.com/show_bug.cgi?id=1226650 * https://bugzilla.suse.com/show_bug.cgi?id=1226653 * https://bugzilla.suse.com/show_bug.cgi?id=1226657 * https://bugzilla.suse.com/show_bug.cgi?id=1226658 * https://bugzilla.suse.com/show_bug.cgi?id=1226669 * https://bugzilla.suse.com/show_bug.cgi?id=1226670 * https://bugzilla.suse.com/show_bug.cgi?id=1226672 * https://bugzilla.suse.com/show_bug.cgi?id=1226673 * https://bugzilla.suse.com/show_bug.cgi?id=1226674 * https://bugzilla.suse.com/show_bug.cgi?id=1226675 * https://bugzilla.suse.com/show_bug.cgi?id=1226678 * https://bugzilla.suse.com/show_bug.cgi?id=1226679 * https://bugzilla.suse.com/show_bug.cgi?id=1226683 * https://bugzilla.suse.com/show_bug.cgi?id=1226685 * https://bugzilla.suse.com/show_bug.cgi?id=1226686 * https://bugzilla.suse.com/show_bug.cgi?id=1226690 * https://bugzilla.suse.com/show_bug.cgi?id=1226691 * https://bugzilla.suse.com/show_bug.cgi?id=1226692 * https://bugzilla.suse.com/show_bug.cgi?id=1226693 * https://bugzilla.suse.com/show_bug.cgi?id=1226696 * https://bugzilla.suse.com/show_bug.cgi?id=1226697 * https://bugzilla.suse.com/show_bug.cgi?id=1226698 * https://bugzilla.suse.com/show_bug.cgi?id=1226699 * https://bugzilla.suse.com/show_bug.cgi?id=1226701 * https://bugzilla.suse.com/show_bug.cgi?id=1226702 * https://bugzilla.suse.com/show_bug.cgi?id=1226703 * https://bugzilla.suse.com/show_bug.cgi?id=1226704 * https://bugzilla.suse.com/show_bug.cgi?id=1226705 * https://bugzilla.suse.com/show_bug.cgi?id=1226706 * https://bugzilla.suse.com/show_bug.cgi?id=1226708 * https://bugzilla.suse.com/show_bug.cgi?id=1226709 * https://bugzilla.suse.com/show_bug.cgi?id=1226710 * https://bugzilla.suse.com/show_bug.cgi?id=1226711 * https://bugzilla.suse.com/show_bug.cgi?id=1226712 * https://bugzilla.suse.com/show_bug.cgi?id=1226713 * https://bugzilla.suse.com/show_bug.cgi?id=1226715 * https://bugzilla.suse.com/show_bug.cgi?id=1226716 * https://bugzilla.suse.com/show_bug.cgi?id=1226718 * https://bugzilla.suse.com/show_bug.cgi?id=1226719 * https://bugzilla.suse.com/show_bug.cgi?id=1226720 * https://bugzilla.suse.com/show_bug.cgi?id=1226721 * https://bugzilla.suse.com/show_bug.cgi?id=1226730 * https://bugzilla.suse.com/show_bug.cgi?id=1226732 * https://bugzilla.suse.com/show_bug.cgi?id=1226734 * https://bugzilla.suse.com/show_bug.cgi?id=1226735 * https://bugzilla.suse.com/show_bug.cgi?id=1226737 * https://bugzilla.suse.com/show_bug.cgi?id=1226738 * https://bugzilla.suse.com/show_bug.cgi?id=1226739 * https://bugzilla.suse.com/show_bug.cgi?id=1226740 * https://bugzilla.suse.com/show_bug.cgi?id=1226744 * https://bugzilla.suse.com/show_bug.cgi?id=1226746 * https://bugzilla.suse.com/show_bug.cgi?id=1226747 * https://bugzilla.suse.com/show_bug.cgi?id=1226749 * https://bugzilla.suse.com/show_bug.cgi?id=1226754 * https://bugzilla.suse.com/show_bug.cgi?id=1226762 * https://bugzilla.suse.com/show_bug.cgi?id=1226764 * https://bugzilla.suse.com/show_bug.cgi?id=1226767 * https://bugzilla.suse.com/show_bug.cgi?id=1226768 * https://bugzilla.suse.com/show_bug.cgi?id=1226769 * https://bugzilla.suse.com/show_bug.cgi?id=1226771 * https://bugzilla.suse.com/show_bug.cgi?id=1226774 * https://bugzilla.suse.com/show_bug.cgi?id=1226777 * https://bugzilla.suse.com/show_bug.cgi?id=1226780 * https://bugzilla.suse.com/show_bug.cgi?id=1226781 * https://bugzilla.suse.com/show_bug.cgi?id=1226785 * https://bugzilla.suse.com/show_bug.cgi?id=1226786 * https://bugzilla.suse.com/show_bug.cgi?id=1226789 * https://bugzilla.suse.com/show_bug.cgi?id=1226791 * https://bugzilla.suse.com/show_bug.cgi?id=1226839 * https://bugzilla.suse.com/show_bug.cgi?id=1226840 * https://bugzilla.suse.com/show_bug.cgi?id=1226841 * https://bugzilla.suse.com/show_bug.cgi?id=1226842 * https://bugzilla.suse.com/show_bug.cgi?id=1226848 * https://bugzilla.suse.com/show_bug.cgi?id=1226852 * https://bugzilla.suse.com/show_bug.cgi?id=1226857 * https://bugzilla.suse.com/show_bug.cgi?id=1226861 * https://bugzilla.suse.com/show_bug.cgi?id=1226863 * https://bugzilla.suse.com/show_bug.cgi?id=1226864 * https://bugzilla.suse.com/show_bug.cgi?id=1226867 * https://bugzilla.suse.com/show_bug.cgi?id=1226868 * https://bugzilla.suse.com/show_bug.cgi?id=1226876 * https://bugzilla.suse.com/show_bug.cgi?id=1226878 * https://bugzilla.suse.com/show_bug.cgi?id=1226883 * https://bugzilla.suse.com/show_bug.cgi?id=1226886 * https://bugzilla.suse.com/show_bug.cgi?id=1226890 * https://bugzilla.suse.com/show_bug.cgi?id=1226891 * https://bugzilla.suse.com/show_bug.cgi?id=1226895 * https://bugzilla.suse.com/show_bug.cgi?id=1226908 * https://bugzilla.suse.com/show_bug.cgi?id=1226915 * https://bugzilla.suse.com/show_bug.cgi?id=1226928 * https://bugzilla.suse.com/show_bug.cgi?id=1226948 * https://bugzilla.suse.com/show_bug.cgi?id=1226949 * https://bugzilla.suse.com/show_bug.cgi?id=1226950 * https://bugzilla.suse.com/show_bug.cgi?id=1226953 * https://bugzilla.suse.com/show_bug.cgi?id=1226962 * https://bugzilla.suse.com/show_bug.cgi?id=1226976 * https://bugzilla.suse.com/show_bug.cgi?id=1226992 * https://bugzilla.suse.com/show_bug.cgi?id=1226994 * https://bugzilla.suse.com/show_bug.cgi?id=1226996 * https://bugzilla.suse.com/show_bug.cgi?id=1227066 * https://bugzilla.suse.com/show_bug.cgi?id=1227096 * https://bugzilla.suse.com/show_bug.cgi?id=1227101 * https://bugzilla.suse.com/show_bug.cgi?id=1227103 * https://bugzilla.suse.com/show_bug.cgi?id=1227274 * https://jira.suse.com/browse/PED-8491 * https://jira.suse.com/browse/PED-8570 * https://jira.suse.com/browse/PED-8690

1 0

SUSE-SU-2024:2359-1: important: Security update for freeradius-server
by OPENSUSE-SECURITY-UPDATES 09 Jul '24

09 Jul '24

# Security update for freeradius-server Announcement ID: SUSE-SU-2024:2359-1 Rating: important References: * bsc#1223414 Cross-References: * CVE-2024-3596 CVSS scores: * CVE-2024-3596 ( SUSE ): 7.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N Affected Products: * openSUSE Leap 15.6 * Server Applications Module 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for freeradius-server fixes the following issues: * CVE-2024-3596: Fixed chosen-prefix collision attack against MD5 (bsc#1223414). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-2359=1 openSUSE-SLE-15.6-2024-2359=1 * Server Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2024-2359=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * freeradius-server-libs-3.2.4-150600.3.3.2 * freeradius-server-debuginfo-3.2.4-150600.3.3.2 * freeradius-server-sqlite-3.2.4-150600.3.3.2 * freeradius-server-devel-3.2.4-150600.3.3.2 * freeradius-server-debugsource-3.2.4-150600.3.3.2 * freeradius-server-postgresql-debuginfo-3.2.4-150600.3.3.2 * freeradius-server-postgresql-3.2.4-150600.3.3.2 * freeradius-server-utils-debuginfo-3.2.4-150600.3.3.2 * freeradius-server-utils-3.2.4-150600.3.3.2 * freeradius-server-mysql-debuginfo-3.2.4-150600.3.3.2 * freeradius-server-perl-debuginfo-3.2.4-150600.3.3.2 * freeradius-server-doc-3.2.4-150600.3.3.2 * freeradius-server-sqlite-debuginfo-3.2.4-150600.3.3.2 * freeradius-server-ldap-schemas-3.2.4-150600.3.3.2 * freeradius-server-perl-3.2.4-150600.3.3.2 * freeradius-server-krb5-3.2.4-150600.3.3.2 * freeradius-server-ldap-3.2.4-150600.3.3.2 * freeradius-server-libs-debuginfo-3.2.4-150600.3.3.2 * freeradius-server-ldap-debuginfo-3.2.4-150600.3.3.2 * freeradius-server-krb5-debuginfo-3.2.4-150600.3.3.2 * freeradius-server-mysql-3.2.4-150600.3.3.2 * freeradius-server-python3-debuginfo-3.2.4-150600.3.3.2 * freeradius-server-3.2.4-150600.3.3.2 * freeradius-server-python3-3.2.4-150600.3.3.2 * Server Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * freeradius-server-libs-3.2.4-150600.3.3.2 * freeradius-server-debuginfo-3.2.4-150600.3.3.2 * freeradius-server-sqlite-3.2.4-150600.3.3.2 * freeradius-server-devel-3.2.4-150600.3.3.2 * freeradius-server-debugsource-3.2.4-150600.3.3.2 * freeradius-server-postgresql-debuginfo-3.2.4-150600.3.3.2 * freeradius-server-postgresql-3.2.4-150600.3.3.2 * freeradius-server-utils-debuginfo-3.2.4-150600.3.3.2 * freeradius-server-utils-3.2.4-150600.3.3.2 * freeradius-server-mysql-debuginfo-3.2.4-150600.3.3.2 * freeradius-server-perl-debuginfo-3.2.4-150600.3.3.2 * freeradius-server-sqlite-debuginfo-3.2.4-150600.3.3.2 * freeradius-server-perl-3.2.4-150600.3.3.2 * freeradius-server-krb5-3.2.4-150600.3.3.2 * freeradius-server-ldap-3.2.4-150600.3.3.2 * freeradius-server-libs-debuginfo-3.2.4-150600.3.3.2 * freeradius-server-ldap-debuginfo-3.2.4-150600.3.3.2 * freeradius-server-krb5-debuginfo-3.2.4-150600.3.3.2 * freeradius-server-mysql-3.2.4-150600.3.3.2 * freeradius-server-python3-debuginfo-3.2.4-150600.3.3.2 * freeradius-server-3.2.4-150600.3.3.2 * freeradius-server-python3-3.2.4-150600.3.3.2 ## References: * https://www.suse.com/security/cve/CVE-2024-3596.html * https://bugzilla.suse.com/show_bug.cgi?id=1223414

1 0

SUSE-SU-2024:2366-1: important: Security update for freeradius-server
by OPENSUSE-SECURITY-UPDATES 09 Jul '24

09 Jul '24

# Security update for freeradius-server Announcement ID: SUSE-SU-2024:2366-1 Rating: important References: * bsc#1223414 Cross-References: * CVE-2024-3596 CVSS scores: * CVE-2024-3596 ( SUSE ): 7.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.5 * Server Applications Module 15-SP5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for freeradius-server fixes the following issues: * CVE-2024-3596: Fixed chosen-prefix collision attack against MD5 (bsc#1223414). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-2366=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-2366=1 * Server Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP5-2024-2366=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-2366=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-2366=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-2366=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-2366=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-2366=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-2366=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-2366=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * freeradius-server-libs-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-ldap-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-sqlite-3.0.25-150400.4.7.1 * freeradius-server-utils-3.0.25-150400.4.7.1 * freeradius-server-mysql-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-ldap-schemas-3.0.25-150400.4.7.1 * freeradius-server-perl-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-perl-3.0.25-150400.4.7.1 * freeradius-server-ldap-3.0.25-150400.4.7.1 * freeradius-server-krb5-3.0.25-150400.4.7.1 * freeradius-server-debugsource-3.0.25-150400.4.7.1 * freeradius-server-3.0.25-150400.4.7.1 * freeradius-server-postgresql-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-krb5-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-postgresql-3.0.25-150400.4.7.1 * freeradius-server-devel-3.0.25-150400.4.7.1 * freeradius-server-mysql-3.0.25-150400.4.7.1 * freeradius-server-python3-3.0.25-150400.4.7.1 * freeradius-server-doc-3.0.25-150400.4.7.1 * freeradius-server-sqlite-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-utils-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-python3-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-libs-3.0.25-150400.4.7.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * freeradius-server-libs-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-ldap-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-sqlite-3.0.25-150400.4.7.1 * freeradius-server-utils-3.0.25-150400.4.7.1 * freeradius-server-mysql-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-ldap-schemas-3.0.25-150400.4.7.1 * freeradius-server-perl-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-perl-3.0.25-150400.4.7.1 * freeradius-server-ldap-3.0.25-150400.4.7.1 * freeradius-server-krb5-3.0.25-150400.4.7.1 * freeradius-server-debugsource-3.0.25-150400.4.7.1 * freeradius-server-3.0.25-150400.4.7.1 * freeradius-server-postgresql-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-krb5-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-postgresql-3.0.25-150400.4.7.1 * freeradius-server-devel-3.0.25-150400.4.7.1 * freeradius-server-mysql-3.0.25-150400.4.7.1 * freeradius-server-python3-3.0.25-150400.4.7.1 * freeradius-server-doc-3.0.25-150400.4.7.1 * freeradius-server-sqlite-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-utils-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-python3-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-libs-3.0.25-150400.4.7.1 * Server Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * freeradius-server-libs-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-ldap-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-sqlite-3.0.25-150400.4.7.1 * freeradius-server-utils-3.0.25-150400.4.7.1 * freeradius-server-mysql-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-perl-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-perl-3.0.25-150400.4.7.1 * freeradius-server-ldap-3.0.25-150400.4.7.1 * freeradius-server-krb5-3.0.25-150400.4.7.1 * freeradius-server-debugsource-3.0.25-150400.4.7.1 * freeradius-server-3.0.25-150400.4.7.1 * freeradius-server-postgresql-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-krb5-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-postgresql-3.0.25-150400.4.7.1 * freeradius-server-devel-3.0.25-150400.4.7.1 * freeradius-server-mysql-3.0.25-150400.4.7.1 * freeradius-server-python3-3.0.25-150400.4.7.1 * freeradius-server-sqlite-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-utils-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-python3-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-libs-3.0.25-150400.4.7.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * freeradius-server-libs-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-ldap-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-sqlite-3.0.25-150400.4.7.1 * freeradius-server-utils-3.0.25-150400.4.7.1 * freeradius-server-mysql-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-perl-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-perl-3.0.25-150400.4.7.1 * freeradius-server-ldap-3.0.25-150400.4.7.1 * freeradius-server-krb5-3.0.25-150400.4.7.1 * freeradius-server-debugsource-3.0.25-150400.4.7.1 * freeradius-server-3.0.25-150400.4.7.1 * freeradius-server-postgresql-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-krb5-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-postgresql-3.0.25-150400.4.7.1 * freeradius-server-devel-3.0.25-150400.4.7.1 * freeradius-server-mysql-3.0.25-150400.4.7.1 * freeradius-server-python3-3.0.25-150400.4.7.1 * freeradius-server-sqlite-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-utils-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-python3-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-libs-3.0.25-150400.4.7.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * freeradius-server-libs-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-ldap-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-sqlite-3.0.25-150400.4.7.1 * freeradius-server-utils-3.0.25-150400.4.7.1 * freeradius-server-mysql-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-perl-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-perl-3.0.25-150400.4.7.1 * freeradius-server-ldap-3.0.25-150400.4.7.1 * freeradius-server-krb5-3.0.25-150400.4.7.1 * freeradius-server-debugsource-3.0.25-150400.4.7.1 * freeradius-server-3.0.25-150400.4.7.1 * freeradius-server-postgresql-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-krb5-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-postgresql-3.0.25-150400.4.7.1 * freeradius-server-devel-3.0.25-150400.4.7.1 * freeradius-server-mysql-3.0.25-150400.4.7.1 * freeradius-server-python3-3.0.25-150400.4.7.1 * freeradius-server-sqlite-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-utils-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-python3-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-libs-3.0.25-150400.4.7.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * freeradius-server-libs-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-ldap-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-sqlite-3.0.25-150400.4.7.1 * freeradius-server-utils-3.0.25-150400.4.7.1 * freeradius-server-mysql-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-perl-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-perl-3.0.25-150400.4.7.1 * freeradius-server-ldap-3.0.25-150400.4.7.1 * freeradius-server-krb5-3.0.25-150400.4.7.1 * freeradius-server-debugsource-3.0.25-150400.4.7.1 * freeradius-server-3.0.25-150400.4.7.1 * freeradius-server-postgresql-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-krb5-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-postgresql-3.0.25-150400.4.7.1 * freeradius-server-devel-3.0.25-150400.4.7.1 * freeradius-server-mysql-3.0.25-150400.4.7.1 * freeradius-server-python3-3.0.25-150400.4.7.1 * freeradius-server-sqlite-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-utils-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-python3-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-libs-3.0.25-150400.4.7.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * freeradius-server-libs-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-ldap-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-sqlite-3.0.25-150400.4.7.1 * freeradius-server-utils-3.0.25-150400.4.7.1 * freeradius-server-mysql-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-perl-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-perl-3.0.25-150400.4.7.1 * freeradius-server-ldap-3.0.25-150400.4.7.1 * freeradius-server-krb5-3.0.25-150400.4.7.1 * freeradius-server-debugsource-3.0.25-150400.4.7.1 * freeradius-server-3.0.25-150400.4.7.1 * freeradius-server-postgresql-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-krb5-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-postgresql-3.0.25-150400.4.7.1 * freeradius-server-devel-3.0.25-150400.4.7.1 * freeradius-server-mysql-3.0.25-150400.4.7.1 * freeradius-server-python3-3.0.25-150400.4.7.1 * freeradius-server-sqlite-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-utils-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-python3-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-libs-3.0.25-150400.4.7.1 * SUSE Manager Proxy 4.3 (x86_64) * freeradius-server-libs-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-ldap-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-sqlite-3.0.25-150400.4.7.1 * freeradius-server-utils-3.0.25-150400.4.7.1 * freeradius-server-mysql-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-perl-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-perl-3.0.25-150400.4.7.1 * freeradius-server-ldap-3.0.25-150400.4.7.1 * freeradius-server-krb5-3.0.25-150400.4.7.1 * freeradius-server-debugsource-3.0.25-150400.4.7.1 * freeradius-server-3.0.25-150400.4.7.1 * freeradius-server-postgresql-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-krb5-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-postgresql-3.0.25-150400.4.7.1 * freeradius-server-devel-3.0.25-150400.4.7.1 * freeradius-server-mysql-3.0.25-150400.4.7.1 * freeradius-server-python3-3.0.25-150400.4.7.1 * freeradius-server-sqlite-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-utils-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-python3-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-libs-3.0.25-150400.4.7.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * freeradius-server-libs-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-ldap-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-sqlite-3.0.25-150400.4.7.1 * freeradius-server-utils-3.0.25-150400.4.7.1 * freeradius-server-mysql-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-perl-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-perl-3.0.25-150400.4.7.1 * freeradius-server-ldap-3.0.25-150400.4.7.1 * freeradius-server-krb5-3.0.25-150400.4.7.1 * freeradius-server-debugsource-3.0.25-150400.4.7.1 * freeradius-server-3.0.25-150400.4.7.1 * freeradius-server-postgresql-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-krb5-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-postgresql-3.0.25-150400.4.7.1 * freeradius-server-devel-3.0.25-150400.4.7.1 * freeradius-server-mysql-3.0.25-150400.4.7.1 * freeradius-server-python3-3.0.25-150400.4.7.1 * freeradius-server-sqlite-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-utils-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-python3-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-libs-3.0.25-150400.4.7.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * freeradius-server-libs-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-ldap-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-sqlite-3.0.25-150400.4.7.1 * freeradius-server-utils-3.0.25-150400.4.7.1 * freeradius-server-mysql-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-perl-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-perl-3.0.25-150400.4.7.1 * freeradius-server-ldap-3.0.25-150400.4.7.1 * freeradius-server-krb5-3.0.25-150400.4.7.1 * freeradius-server-debugsource-3.0.25-150400.4.7.1 * freeradius-server-3.0.25-150400.4.7.1 * freeradius-server-postgresql-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-krb5-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-postgresql-3.0.25-150400.4.7.1 * freeradius-server-devel-3.0.25-150400.4.7.1 * freeradius-server-mysql-3.0.25-150400.4.7.1 * freeradius-server-python3-3.0.25-150400.4.7.1 * freeradius-server-sqlite-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-utils-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-python3-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-libs-3.0.25-150400.4.7.1 ## References: * https://www.suse.com/security/cve/CVE-2024-3596.html * https://bugzilla.suse.com/show_bug.cgi?id=1223414

1 0

SUSE-SU-2024:2372-1: important: Security update for the Linux Kernel
by OPENSUSE-SECURITY-UPDATES 09 Jul '24

09 Jul '24

# Security update for the Linux Kernel Announcement ID: SUSE-SU-2024:2372-1 Rating: important References: * bsc#1156395 * bsc#1190336 * bsc#1191958 * bsc#1193883 * bsc#1194826 * bsc#1195065 * bsc#1195254 * bsc#1195341 * bsc#1195349 * bsc#1195775 * bsc#1196746 * bsc#1197915 * bsc#1198014 * bsc#1199295 * bsc#1202767 * bsc#1202780 * bsc#1205205 * bsc#1207361 * bsc#1217912 * bsc#1218148 * bsc#1218570 * bsc#1218820 * bsc#1219224 * bsc#1219633 * bsc#1219847 * bsc#1220368 * bsc#1220812 * bsc#1220958 * bsc#1221086 * bsc#1221282 * bsc#1221958 * bsc#1222015 * bsc#1222072 * bsc#1222080 * bsc#1222241 * bsc#1222254 * bsc#1222364 * bsc#1222893 * bsc#1223013 * bsc#1223018 * bsc#1223265 * bsc#1223384 * bsc#1223641 * bsc#1224020 * bsc#1224331 * bsc#1224488 * bsc#1224497 * bsc#1224498 * bsc#1224504 * bsc#1224520 * bsc#1224539 * bsc#1224540 * bsc#1224552 * bsc#1224583 * bsc#1224588 * bsc#1224602 * bsc#1224603 * bsc#1224605 * bsc#1224612 * bsc#1224614 * bsc#1224619 * bsc#1224661 * bsc#1224662 * bsc#1224670 * bsc#1224671 * bsc#1224674 * bsc#1224677 * bsc#1224679 * bsc#1224696 * bsc#1224703 * bsc#1224712 * bsc#1224716 * bsc#1224719 * bsc#1224735 * bsc#1224749 * bsc#1224764 * bsc#1224765 * bsc#1224766 * bsc#1224935 * bsc#1224946 * bsc#1224951 * bsc#1225050 * bsc#1225098 * bsc#1225105 * bsc#1225300 * bsc#1225389 * bsc#1225391 * bsc#1225419 * bsc#1225426 * bsc#1225448 * bsc#1225452 * bsc#1225467 * bsc#1225475 * bsc#1225484 * bsc#1225487 * bsc#1225514 * bsc#1225518 * bsc#1225535 * bsc#1225585 * bsc#1225602 * bsc#1225611 * bsc#1225681 * bsc#1225692 * bsc#1225698 * bsc#1225699 * bsc#1225704 * bsc#1225714 * bsc#1225726 * bsc#1225732 * bsc#1225737 * bsc#1225749 * bsc#1225758 * bsc#1225759 * bsc#1225760 * bsc#1225767 * bsc#1225770 * bsc#1225823 * bsc#1225834 * bsc#1225840 * bsc#1225866 * bsc#1225872 * bsc#1225894 * bsc#1225945 * bsc#1226022 * bsc#1226131 * bsc#1226145 * bsc#1226149 * bsc#1226155 * bsc#1226211 * bsc#1226212 * bsc#1226226 * bsc#1226514 * bsc#1226520 * bsc#1226537 * bsc#1226538 * bsc#1226539 * bsc#1226550 * bsc#1226552 * bsc#1226553 * bsc#1226554 * bsc#1226556 * bsc#1226557 * bsc#1226558 * bsc#1226559 * bsc#1226561 * bsc#1226562 * bsc#1226563 * bsc#1226564 * bsc#1226566 * bsc#1226567 * bsc#1226569 * bsc#1226572 * bsc#1226575 * bsc#1226576 * bsc#1226577 * bsc#1226579 * bsc#1226580 * bsc#1226581 * bsc#1226582 * bsc#1226583 * bsc#1226585 * bsc#1226587 * bsc#1226588 * bsc#1226593 * bsc#1226595 * bsc#1226597 * bsc#1226601 * bsc#1226602 * bsc#1226603 * bsc#1226607 * bsc#1226610 * bsc#1226614 * bsc#1226616 * bsc#1226617 * bsc#1226618 * bsc#1226619 * bsc#1226621 * bsc#1226622 * bsc#1226624 * bsc#1226626 * bsc#1226628 * bsc#1226629 * bsc#1226632 * bsc#1226633 * bsc#1226634 * bsc#1226637 * bsc#1226643 * bsc#1226644 * bsc#1226645 * bsc#1226647 * bsc#1226650 * bsc#1226653 * bsc#1226657 * bsc#1226658 * bsc#1226669 * bsc#1226670 * bsc#1226672 * bsc#1226673 * bsc#1226674 * bsc#1226675 * bsc#1226678 * bsc#1226679 * bsc#1226683 * bsc#1226685 * bsc#1226686 * bsc#1226690 * bsc#1226691 * bsc#1226692 * bsc#1226693 * bsc#1226696 * bsc#1226697 * bsc#1226698 * bsc#1226699 * bsc#1226701 * bsc#1226702 * bsc#1226703 * bsc#1226704 * bsc#1226705 * bsc#1226706 * bsc#1226708 * bsc#1226709 * bsc#1226710 * bsc#1226711 * bsc#1226712 * bsc#1226713 * bsc#1226715 * bsc#1226716 * bsc#1226718 * bsc#1226719 * bsc#1226720 * bsc#1226721 * bsc#1226730 * bsc#1226732 * bsc#1226734 * bsc#1226735 * bsc#1226737 * bsc#1226738 * bsc#1226739 * bsc#1226740 * bsc#1226744 * bsc#1226746 * bsc#1226747 * bsc#1226749 * bsc#1226754 * bsc#1226762 * bsc#1226764 * bsc#1226767 * bsc#1226768 * bsc#1226769 * bsc#1226771 * bsc#1226774 * bsc#1226777 * bsc#1226780 * bsc#1226781 * bsc#1226785 * bsc#1226786 * bsc#1226789 * bsc#1226791 * bsc#1226839 * bsc#1226840 * bsc#1226841 * bsc#1226842 * bsc#1226848 * bsc#1226852 * bsc#1226857 * bsc#1226861 * bsc#1226863 * bsc#1226864 * bsc#1226867 * bsc#1226868 * bsc#1226876 * bsc#1226878 * bsc#1226883 * bsc#1226886 * bsc#1226890 * bsc#1226891 * bsc#1226895 * bsc#1226908 * bsc#1226915 * bsc#1226928 * bsc#1226948 * bsc#1226949 * bsc#1226950 * bsc#1226953 * bsc#1226962 * bsc#1226976 * bsc#1226992 * bsc#1226994 * bsc#1226996 * bsc#1227066 * bsc#1227096 * bsc#1227101 * bsc#1227103 * bsc#1227274 * jsc#PED-8491 * jsc#PED-8570 * jsc#PED-8690 Cross-References: * CVE-2021-4439 * CVE-2021-47089 * CVE-2021-47432 * CVE-2021-47515 * CVE-2021-47534 * CVE-2021-47538 * CVE-2021-47539 * CVE-2021-47555 * CVE-2021-47566 * CVE-2021-47571 * CVE-2021-47572 * CVE-2021-47576 * CVE-2021-47577 * CVE-2021-47578 * CVE-2021-47580 * CVE-2021-47582 * CVE-2021-47583 * CVE-2021-47584 * CVE-2021-47585 * CVE-2021-47586 * CVE-2021-47587 * CVE-2021-47589 * CVE-2021-47592 * CVE-2021-47595 * CVE-2021-47596 * CVE-2021-47597 * CVE-2021-47600 * CVE-2021-47601 * CVE-2021-47602 * CVE-2021-47603 * CVE-2021-47604 * CVE-2021-47605 * CVE-2021-47607 * CVE-2021-47608 * CVE-2021-47609 * CVE-2021-47610 * CVE-2021-47611 * CVE-2021-47612 * CVE-2021-47614 * CVE-2021-47615 * CVE-2021-47616 * CVE-2021-47617 * CVE-2021-47618 * CVE-2021-47619 * CVE-2021-47620 * CVE-2022-48711 * CVE-2022-48712 * CVE-2022-48713 * CVE-2022-48714 * CVE-2022-48715 * CVE-2022-48716 * CVE-2022-48717 * CVE-2022-48718 * CVE-2022-48720 * CVE-2022-48721 * CVE-2022-48722 * CVE-2022-48723 * CVE-2022-48724 * CVE-2022-48725 * CVE-2022-48726 * CVE-2022-48727 * CVE-2022-48728 * CVE-2022-48729 * CVE-2022-48730 * CVE-2022-48732 * CVE-2022-48733 * CVE-2022-48734 * CVE-2022-48735 * CVE-2022-48736 * CVE-2022-48737 * CVE-2022-48738 * CVE-2022-48739 * CVE-2022-48740 * CVE-2022-48743 * CVE-2022-48744 * CVE-2022-48745 * CVE-2022-48746 * CVE-2022-48747 * CVE-2022-48748 * CVE-2022-48749 * CVE-2022-48751 * CVE-2022-48752 * CVE-2022-48753 * CVE-2022-48754 * CVE-2022-48755 * CVE-2022-48756 * CVE-2022-48758 * CVE-2022-48759 * CVE-2022-48760 * CVE-2022-48761 * CVE-2022-48763 * CVE-2022-48765 * CVE-2022-48766 * CVE-2022-48767 * CVE-2022-48768 * CVE-2022-48769 * CVE-2022-48770 * CVE-2022-48771 * CVE-2022-48772 * CVE-2023-24023 * CVE-2023-52622 * CVE-2023-52658 * CVE-2023-52667 * CVE-2023-52670 * CVE-2023-52672 * CVE-2023-52675 * CVE-2023-52735 * CVE-2023-52737 * CVE-2023-52752 * CVE-2023-52766 * CVE-2023-52784 * CVE-2023-52787 * CVE-2023-52800 * CVE-2023-52835 * CVE-2023-52837 * CVE-2023-52843 * CVE-2023-52845 * CVE-2023-52846 * CVE-2023-52869 * CVE-2023-52881 * CVE-2023-52882 * CVE-2023-52884 * CVE-2024-26625 * CVE-2024-26644 * CVE-2024-26720 * CVE-2024-26842 * CVE-2024-26845 * CVE-2024-26923 * CVE-2024-26973 * CVE-2024-27432 * CVE-2024-33619 * CVE-2024-35247 * CVE-2024-35789 * CVE-2024-35790 * CVE-2024-35807 * CVE-2024-35814 * CVE-2024-35835 * CVE-2024-35848 * CVE-2024-35857 * CVE-2024-35861 * CVE-2024-35862 * CVE-2024-35864 * CVE-2024-35869 * CVE-2024-35878 * CVE-2024-35884 * CVE-2024-35886 * CVE-2024-35896 * CVE-2024-35898 * CVE-2024-35900 * CVE-2024-35905 * CVE-2024-35925 * CVE-2024-35950 * CVE-2024-35956 * CVE-2024-35958 * CVE-2024-35960 * CVE-2024-35962 * CVE-2024-35997 * CVE-2024-36005 * CVE-2024-36008 * CVE-2024-36017 * CVE-2024-36020 * CVE-2024-36021 * CVE-2024-36025 * CVE-2024-36477 * CVE-2024-36478 * CVE-2024-36479 * CVE-2024-36890 * CVE-2024-36894 * CVE-2024-36899 * CVE-2024-36900 * CVE-2024-36904 * CVE-2024-36915 * CVE-2024-36916 * CVE-2024-36917 * CVE-2024-36919 * CVE-2024-36934 * CVE-2024-36937 * CVE-2024-36940 * CVE-2024-36945 * CVE-2024-36949 * CVE-2024-36960 * CVE-2024-36964 * CVE-2024-36965 * CVE-2024-36967 * CVE-2024-36969 * CVE-2024-36971 * CVE-2024-36975 * CVE-2024-36978 * CVE-2024-37021 * CVE-2024-37078 * CVE-2024-37354 * CVE-2024-38381 * CVE-2024-38388 * CVE-2024-38390 * CVE-2024-38540 * CVE-2024-38541 * CVE-2024-38544 * CVE-2024-38545 * CVE-2024-38546 * CVE-2024-38547 * CVE-2024-38548 * CVE-2024-38549 * CVE-2024-38550 * CVE-2024-38552 * CVE-2024-38553 * CVE-2024-38555 * CVE-2024-38556 * CVE-2024-38557 * CVE-2024-38559 * CVE-2024-38560 * CVE-2024-38564 * CVE-2024-38565 * CVE-2024-38567 * CVE-2024-38568 * CVE-2024-38571 * CVE-2024-38573 * CVE-2024-38578 * CVE-2024-38579 * CVE-2024-38580 * CVE-2024-38581 * CVE-2024-38582 * CVE-2024-38583 * CVE-2024-38587 * CVE-2024-38590 * CVE-2024-38591 * CVE-2024-38594 * CVE-2024-38597 * CVE-2024-38599 * CVE-2024-38600 * CVE-2024-38601 * CVE-2024-38603 * CVE-2024-38605 * CVE-2024-38608 * CVE-2024-38616 * CVE-2024-38618 * CVE-2024-38619 * CVE-2024-38621 * CVE-2024-38627 * CVE-2024-38630 * CVE-2024-38633 * CVE-2024-38634 * CVE-2024-38635 * CVE-2024-38659 * CVE-2024-38661 * CVE-2024-38780 * CVE-2024-39301 * CVE-2024-39468 * CVE-2024-39469 * CVE-2024-39471 CVSS scores: * CVE-2021-4439 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2021-47089 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2021-47432 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47515 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47534 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47538 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2021-47539 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2021-47555 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L * CVE-2021-47566 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2021-47571 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47571 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47572 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47572 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47576 ( SUSE ): 3.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:L * CVE-2021-47577 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47578 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47580 ( SUSE ): 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L * CVE-2021-47582 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47583 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47584 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47585 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47586 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47587 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47589 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47592 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47595 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47596 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47597 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2021-47600 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47601 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47602 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47603 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47604 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47605 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47607 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2021-47608 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47609 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47610 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47611 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47612 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47614 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47615 ( SUSE ): 3.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:L * CVE-2021-47616 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47617 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47618 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47619 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47620 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2022-48711 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48712 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2022-48713 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48714 ( SUSE ): 2.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L * CVE-2022-48715 ( SUSE ): 3.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2022-48716 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2022-48717 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2022-48718 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48720 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-48721 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48722 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48723 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48724 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48725 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48726 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48727 ( SUSE ): 4.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2022-48728 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48729 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48730 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2022-48732 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48733 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48734 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48735 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48736 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N * CVE-2022-48737 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N * CVE-2022-48738 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48739 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2022-48740 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48743 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48744 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48745 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48746 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48747 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2022-48748 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L * CVE-2022-48749 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48751 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48752 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48753 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48754 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48755 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48756 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48758 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48759 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48760 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48761 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48763 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48765 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48766 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48767 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48768 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48769 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48770 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48771 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48772 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-24023 ( SUSE ): 6.8 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2023-24023 ( NVD ): 6.8 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2023-52622 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52658 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52667 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52670 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52672 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52675 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52735 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52737 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52752 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52752 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52766 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2023-52784 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52787 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52800 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52835 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2023-52837 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52843 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52845 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52846 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52869 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52881 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:L * CVE-2023-52882 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52884 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26625 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26644 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26720 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26842 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26845 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26973 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27432 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-33619 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35247 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35789 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35790 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35807 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35814 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35835 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35848 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35857 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35861 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35862 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35864 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35869 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35878 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35884 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35886 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35896 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35898 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35900 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35905 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35925 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35950 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35956 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35958 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35960 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35997 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35997 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36005 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36008 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36008 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36017 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-36020 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36021 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36025 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L * CVE-2024-36477 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2024-36477 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36478 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36479 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36890 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36894 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36899 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36900 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36904 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36915 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-36916 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-36917 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36919 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36934 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:L * CVE-2024-36937 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36940 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-36945 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36949 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36960 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-36964 ( SUSE ): 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36965 ( SUSE ): 5.6 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:H * CVE-2024-36967 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36969 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36971 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36971 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36975 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36978 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L * CVE-2024-37021 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-37078 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-37354 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2024-38381 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2024-38388 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-38390 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38540 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38541 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-38544 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38545 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38546 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38547 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38549 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38550 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38552 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-38553 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38555 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38556 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38557 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38559 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-38560 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-38564 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-38565 ( SUSE ): 5.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-38567 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38568 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L * CVE-2024-38571 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38573 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38578 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2024-38579 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-38580 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38581 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-38582 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38583 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-38587 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L * CVE-2024-38590 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38591 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38594 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2024-38597 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38599 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-38600 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38601 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38603 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38605 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38608 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L * CVE-2024-38616 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38618 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38619 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38621 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38627 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38630 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-38633 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38634 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38635 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38659 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:H * CVE-2024-38661 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38780 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38780 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-39301 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-39468 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-39469 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-39471 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.5 * Public Cloud Module 15-SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves 249 vulnerabilities, contains three features and has 45 security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP5 Azure kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2021-47089: kfence: fix memory leak when cat kfence objects (bsc#1220958. * CVE-2021-47432: lib/generic-radix-tree.c: Do not overflow in peek() (bsc#1225391). * CVE-2021-47515: seg6: fix the iif in the IPv6 socket control block (bsc#1225426). * CVE-2021-47538: rxrpc: Fix rxrpc_local leak in rxrpc_lookup_peer() (bsc#1225448). * CVE-2021-47539: rxrpc: Fix rxrpc_peer leak in rxrpc_look_up_bundle() (bsc#1225452). * CVE-2021-47555: net: vlan: fix underflow for the real_dev refcnt (bsc#1225467). * CVE-2021-47566: Fix clearing user buffer by properly using clear_user() (bsc#1225514). * CVE-2021-47571: staging: rtl8192e: Fix use after free in _rtl92e_pci_disconnect() (bsc#1225518). * CVE-2021-47572: net: nexthop: fix null pointer dereference when IPv6 is not enabled (bsc#1225389). * CVE-2022-48716: ASoC: codecs: wcd938x: fix incorrect used of portid (bsc#1226678). * CVE-2023-24023: Bluetooth: Add more enc key size check (bsc#1218148). * CVE-2023-52622: ext4: avoid online resizing failures due to oversized flex bg (bsc#1222080). * CVE-2023-52658: Revert "net/mlx5: Block entering switchdev mode with ns inconsistency" (bsc#1224719). * CVE-2023-52667: net/mlx5e: fix a potential double-free in fs_any_create_groups (bsc#1224603). * CVE-2023-52670: rpmsg: virtio: Free driver_override when rpmsg_remove() (bsc#1224696). * CVE-2023-52672: pipe: wakeup wr_wait after setting max_usage (bsc#1224614). * CVE-2023-52675: powerpc/imc-pmu: Add a null pointer check in update_events_in_group() (bsc#1224504). * CVE-2023-52735: bpf, sockmap: Don't let sock_map_{close,destroy,unhash} call itself (bsc#1225475). * CVE-2023-52737: btrfs: lock the inode in shared mode before starting fiemap (bsc#1225484). * CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225487). * CVE-2023-52784: bonding: stop the device in bond_setup_by_slave() (bsc#1224946). * CVE-2023-52787: blk-mq: make sure active queue usage is held for bio_integrity_prep() (bsc#1225105). * CVE-2023-52835: perf/core: Bail out early if the request AUX area is out of bound (bsc#1225602). * CVE-2023-52837: nbd: fix uaf in nbd_open (bsc#1224935). * CVE-2023-52843: llc: verify mac len before reading mac header (bsc#1224951). * CVE-2023-52845: tipc: Change nla_policy for bearer-related names to NLA_NUL_STRING (bsc#1225585). * CVE-2023-52846: hsr: Prevent use after free in prp_create_tagged_frame() (bsc#1225098). * CVE-2023-52869: pstore/platform: Add check for kstrdup (bsc#1225050). * CVE-2023-52881: tcp: do not accept ACK of bytes we never sent (bsc#1225611). * CVE-2023-52882: clk: sunxi-ng: h6: Reparent CPUX during PLL CPUX rate change (bsc#1225692). * CVE-2024-26625: Call sock_orphan() at release time (bsc#1221086) * CVE-2024-26644: btrfs: do not abort filesystem when attempting to snapshot deleted subvolume (bsc#1221282bsc#1222072). * CVE-2024-26720: mm: Avoid overflows in dirty throttling logic (bsc#1222364). * CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223384). * CVE-2024-26973: fat: fix uninitialized field in nostale filehandles (git- fixesbsc#1223641). * CVE-2024-27432: net: ethernet: mtk_eth_soc: fix PPE hanging issue (bsc#1224716). * CVE-2024-35247: fpga: region: add owner module and take its refcount (bsc#1226948). * CVE-2024-35789: Check fast rx for non-4addr sta VLAN changes (bsc#1224749). * CVE-2024-35790: usb: typec: altmodes/displayport: create sysfs nodes as driver's default device attribute group (bsc#1224712). * CVE-2024-35807: ext4: fix corruption during on-line resize (bsc#1224735). * CVE-2024-35835: net/mlx5e: fix a double-free in arfs_create_groups (bsc#1224605). * CVE-2024-35848: eeprom: at24: fix memory corruption race condition (bsc#1224612). * CVE-2024-35857: icmp: prevent possible NULL dereferences from icmp_build_probe() (bsc#1224619). * CVE-2024-35861: Fixed potential UAF in cifs_signal_cifsd_for_reconnect() (bsc#1224766). * CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted() (bsc#1224764). * CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break() (bsc#1224765). * CVE-2024-35869: smb: client: guarantee refcounted children from parent session (bsc#1224679). * CVE-2024-35884: udp: do not accept non-tunnel GSO skbs landing in a tunnel (bsc#1224520). * CVE-2024-35886: ipv6: Fix infinite recursion in fib6_dump_done() (bsc#1224670). * CVE-2024-35898: netfilter: nf_tables: Fix potential data-race in __nft_flowtable_type_get() (bsc#1224498). * CVE-2024-35900: netfilter: nf_tables: reject new basechain after table flag update (bsc#1224497). * CVE-2024-35925: block: prevent division by zero in blk_rq_stat_sum() (bsc#1224661). * CVE-2024-35950: drm/client: Fully protect modes with dev->mode_config.mutex (bsc#1224703). * CVE-2024-35958: net: ena: Fix incorrect descriptor free behavior (bsc#1224677). * CVE-2024-35960: net/mlx5: Properly link new fs rules into the tree (bsc#1224588). * CVE-2024-35997: Remove I2C_HID_READ_PENDING flag to prevent lock-up (bsc#1224552). * CVE-2024-36005: netfilter: nf_tables: honor table dormant flag from netdev release event path (bsc#1224539). * CVE-2024-36008: ipv4: check for NULL idev in ip_route_use_hint() (bsc#1224540). * CVE-2024-36017: rtnetlink: Correct nested IFLA_VF_VLAN_LIST attribute validation (bsc#1225681). * CVE-2024-36020: i40e: fix vf may be used uninitialized in this function warning (bsc#1225698). * CVE-2024-36021: net: hns3: fix kernel crash when devlink reload during pf initialization (bsc#1225699). * CVE-2024-36478: null_blk: fix null-ptr-dereference while configuring 'power' and 'submit_queues' (bsc#1226841). * CVE-2024-36479: fpga: bridge: add owner module and take its refcount (bsc#1226949). * CVE-2024-36890: mm/slab: make __free(kfree) accept error pointers (bsc#1225714). * CVE-2024-36894: usb: gadget: f_fs: Fix race between aio_cancel() and AIO request complete (bsc#1225749). * CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1225737). * CVE-2024-36900: net: hns3: fix kernel crash when devlink reload during initialization (bsc#1225726). * CVE-2024-36904: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique() (bsc#1225732). * CVE-2024-36915: nfc: llcp: fix nfc_llcp_setsockopt() unsafe copies (bsc#1225758). * CVE-2024-36916: blk-iocost: avoid out of bounds shift (bsc#1225759). * CVE-2024-36917: block: fix overflow in blk_ioctl_discard() (bsc#1225770). * CVE-2024-36919: scsi: bnx2fc: Remove spin_lock_bh while releasing resources after upload (bsc#1225767). * CVE-2024-36934: bna: ensure the copied buf is NUL terminated (bsc#1225760). * CVE-2024-36937: xdp: use flags field to disambiguate broadcast redirect (bsc#1225834). * CVE-2024-36940: pinctrl: core: delete incorrect free in pinctrl_enable() (bsc#1225840). * CVE-2024-36945: net/smc: fix neighbour and rtable leak in smc_ib_find_route() (bsc#1225823). * CVE-2024-36949: amd/amdkfd: sync all devices to wait all processes being evicted (bsc#1225872) * CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000 (bsc#1225866). * CVE-2024-36971: net: fix __dst_negative_advice() race (bsc#1226145). * CVE-2024-36978: net: sched: sch_multiq: fix possible OOB write in multiq_tune() (bsc#1226514). * CVE-2024-37021: fpga: manager: add owner module and take its refcount (bsc#1226950). * CVE-2024-37078: nilfs2: fix potential kernel bug due to lack of writeback flag waiting (bsc#1227066). * CVE-2024-37354: btrfs: fix crash on racing fsync and size-extending write into prealloc (bsc#1227101). * CVE-2024-38545: RDMA/hns: Fix UAF for cq async event (bsc#1226595). * CVE-2024-38553: net: fec: remove .ndo_poll_controller to avoid deadlock (bsc#1226744). * CVE-2024-38555: net/mlx5: Discard command completions in internal error (bsc#1226607). * CVE-2024-38556: net/mlx5: Add a timeout to acquire the command queue semaphore (bsc#1226774). * CVE-2024-38557: net/mlx5: Reload only IB representors upon lag disable/enable (bsc#1226781). * CVE-2024-38559: scsi: qedf: Ensure the copied buf is NUL terminated (bsc#1226785). * CVE-2024-38560: scsi: bfa: Ensure the copied buf is NUL terminated (bsc#1226786). * CVE-2024-38564: bpf: Add BPF_PROG_TYPE_CGROUP_SKB attach type enforcement in BPF_LINK_CREATE (bsc#1226789). * CVE-2024-38568: drivers/perf: hisi: hns3: Fix out-of-bound access when valid event group (bsc#1226771). * CVE-2024-38578: ecryptfs: Fix buffer size for tag 66 packet (bsc#1226634,). * CVE-2024-38580: epoll: be better about file lifetimes (bsc#1226610). * CVE-2024-38594: net: stmmac: move the EST lock to struct stmmac_priv (bsc#1226734). * CVE-2024-38597: eth: sungem: remove .ndo_poll_controller to avoid deadlocks (bsc#1226749). * CVE-2024-38603: drivers/perf: hisi: hns3: Actually use devm_add_action_or_reset() (bsc#1226842). * CVE-2024-38608: net/mlx5e: Fix netif state handling (bsc#1226746). * CVE-2024-38627: stm class: Fix a double free in stm_register_device() (bsc#1226857). * CVE-2024-38659: enic: Validate length of nl attributes in enic_set_vf_port (bsc#1226883). * CVE-2024-38661: s390/ap: Fix crash in AP internal function modify_bitmap() (bsc#1226996). * CVE-2024-38780: dma-buf/sw-sync: do not enable IRQ from sync_print_obj() (bsc#1226886). * CVE-2024-39301: net/9p: fix uninit-value in p9_client_rpc() (bsc#1226994). * CVE-2024-39468: smb: client: fix deadlock in smb2_find_smb_tcon() (bsc#1227103. * CVE-2024-39469: nilfs2: fix nilfs_empty_dir() misjudgment and long loop on I/O errors (bsc#1226992). The following non-security bugs were fixed: * ACPI: resource: Do IRQ override on TongFang GXxHRXx and GMxHGxx (stable- fixes). * ACPICA: Revert "ACPICA: avoid Info: mapping multiple BARs. Your kernel is fine." (git-fixes). * ALSA/hda: intel-dsp-config: Document AVS as dsp_driver option (git-fixes). * ALSA: Fix deadlocks with kctl removals at disconnection (stable-fixes). * ALSA: hda/realtek: Add quirks for Lenovo 13X (stable-fixes). * ALSA: hda/realtek: Adjust G814JZR to use SPI init for amp (git-fixes). * ALSA: hda/realtek: Enable headset mic on IdeaPad 330-17IKB 81DM (git-fixes). * ALSA: hda/realtek: Fix conflicting quirk for PCI SSID 17aa:3820 (git-fixes). * ALSA: hda/realtek: Limit mic boost on N14AP7 (stable-fixes). * ALSA: hda/realtek: Remove Framework Laptop 16 from quirks (git-fixes). * ALSA: hda/realtek: fix mute/micmute LEDs do not work for ProBook 440/460 G11 (stable-fixes). * ALSA: hda/realtek: fix mute/micmute LEDs do not work for ProBook 445/465 G11 (stable-fixes). * ALSA: hda: intel-dsp-config: harden I2C/I2S codec detection (stable-fixes). * ALSA: timer: Set lower bound of start tick time (stable-fixes). * ASoC: amd: acp: add a null check for chip_pdev structure (git-fixes). * ASoC: amd: acp: remove i2s configuration check in acp_i2s_probe() (git- fixes). * ASoC: da7219-aad: fix usage of device_get_named_child_node() (stable-fixes). * ASoC: fsl-asoc-card: set priv->pdev before using it (git-fixes). * ASoC: rt5645: Fix the electric noise due to the CBJ contacts floating (stable-fixes). * ASoC: rt715-sdca: volume step modification (stable-fixes). * ASoC: rt715: add vendor clear control register (stable-fixes). * Add remote for nfs maintainer * Bluetooth: L2CAP: Fix rejecting L2CAP_CONN_PARAM_UPDATE_REQ (git-fixes). * Fix new build warnings regarding unused variables: Changed build warnings: **_*_ 2 warnings ***** * unused-variable (cl) in ../fs/ceph/mds_client.c in ceph_queue_cap_unlink_work ../fs/ceph/mds_client.c: In function 'ceph_queue_cap_unlink_work': ../fs/ceph/mds_client.c:2421:22: warning: unused variable 'cl' [-Wunused-variable] * unused-variable (cl) in ../fs/ceph/mds_client.c in ceph_cap_unlink_work ../fs/ceph/mds_client.c: In function 'ceph_cap_unlink_work': ../fs/ceph/mds_client.c:2436:22: warning: unused variable 'cl' [-Wunused-variable] * HID: core: remove unnecessary WARN_ON() in implement() (git-fixes). * HID: logitech-dj: Fix memory leak in logi_dj_recv_switch_to_dj_mode() (git- fixes). * Input: ili210x - fix ili251x_read_touch_data() return value (git-fixes). * NFS: abort nfs_atomic_open_v23 if name is too long (bsc#1219847). * NFS: add atomic_open for NFSv3 to handle O_TRUNC correctly (bsc#1219847). * NFS: avoid infinite loop in pnfs_update_layout (bsc#1219633 bsc#1226226). * PCI/ASPM: Update save_state when configuration changes (bsc#1226915) * PCI: Clear Secondary Status errors after enumeration (bsc#1226928) * RAS/AMD/ATL: Fix MI300 bank hash (bsc#1225300). * RAS/AMD/ATL: Use system settings for MI300 DRAM to normalized address translation (bsc#1225300). * RDMA/hns: Fix incorrect sge nums calculation (git-fixes) * RDMA/irdma: Drop unused kernel push code (git-fixes) * RDMA/mlx5: Add check for srq max_sge attribute (git-fixes) * USB: class: cdc-wdm: Fix CPU lockup caused by excessive log messages (git- fixes). * USB: xen-hcd: Traverse host/ when CONFIG_USB_XEN_HCD is selected (git- fixes). * X.509: Fix the parser of extended key usage for length (bsc#1218820). * arm64: asm-bug: Add .align 2 to the end of __BUG_ENTRY (git-fixes). * arm64: mm: Batch dsb and isb when populating pgtables (jsc#PED-8690). * arm64: mm: Do not remap pgtables for allocate vs populate (jsc#PED-8690). * arm64: mm: Do not remap pgtables per-cont(pte|pmd) block (jsc#PED-8690). * arm64: mm: do not acquire mutex when rewriting swapper (jsc#PED-8690). * ata: ahci: Clean up sysfs file on error (git-fixes). * ata: libata-core: Fix double free on error (git-fixes). * ata: libata-core: Fix null pointer dereference on error (git-fixes). * batman-adv: Do not accept TT entries for out-of-spec VIDs (git-fixes). * bpf, sockmap: Check for any of tcp_bpf_prots when cloning a listener (git- fixes). * btrfs: avoid copying BTRFS_ROOT_SUBVOL_DEAD flag to snapshot of subvolume being deleted (bsc#1221282). * cachefiles: remove requests from xarray during flushing requests (bsc#1226588). * ceph: add ceph_cap_unlink_work to fire check_caps() immediately (bsc#1226022). * ceph: always check dir caps asynchronously (bsc#1226022). * ceph: always queue a writeback when revoking the Fb caps (bsc#1226022). * ceph: break the check delayed cap loop every 5s (bsc#1226022). * ceph: switch to use cap_delay_lock for the unlink delay list (bsc#1226022). * cgroup: Add annotation for holding namespace_sem in current_cgns_cgroup_from_root() (bsc#1222254). * cgroup: Eliminate the need for cgroup_mutex in proc_cgroup_show() (bsc#1222254). * cgroup: Make operations on the cgroup root_list RCU safe (bsc#1222254). * cgroup: Remove unnecessary list_empty() (bsc#1222254). * cgroup: preserve KABI of cgroup_root (bsc#1222254). * cifs: fix hang in wait_for_response() (bsc#1220812, bsc#1220368). * cpufreq: amd-pstate: Fix the inconsistency in max frequency units (git- fixes). * crypto: ecrdsa - Fix module auto-load on add_key (stable-fixes). * dmaengine: idxd: Fix possible Use-After-Free in irq_process_work_list (git- fixes). * dmaengine: ioatdma: Fix missing kmem_cache_destroy() (git-fixes). * drivers: core: synchronize really_probe() and dev_uevent() (git-fixes). * drm/amd/display: Add VCO speed parameter for DCN31 FPU (stable-fixes). * drm/amd/display: Add dtbclk access to dcn315 (stable-fixes). * drm/amd/display: Exit idle optimizations before HDCP execution (stable- fixes). * drm/amd/display: Set color_mgmt_changed to true on unsuspend (stable-fixes). * drm/amd/display: drop unnecessary NULL checks in debugfs (stable-fixes). * drm/amd/display: revert Exit idle optimizations before HDCP execution (stable-fixes). * drm/amd: Fix shutdown (again) on some SMU v13.0.4/11 platforms (git-fixes). * drm/amdgpu/atomfirmware: add intergrated info v2.3 table (stable-fixes). * drm/amdgpu/mes: fix use-after-free issue (stable-fixes). * drm/amdgpu: Fix the ring buffer size for queue VM flush (stable-fixes). * drm/amdgpu: Update BO eviction priorities (stable-fixes). * drm/amdgpu: add error handle to avoid out-of-bounds (stable-fixes). * drm/amdgpu: fix UBSAN warning in kv_dpm.c (stable-fixes). * drm/amdkfd: Flush the process wq before creating a kfd_process (stable- fixes). * drm/amdkfd: Rework kfd_locked handling (bsc#1225872) * drm/bridge/panel: Fix runtime warning on panel bridge release (git-fixes). * drm/exynos/vidi: fix memory leak in .get_modes() (stable-fixes). * drm/exynos: hdmi: report safe 640x480 mode as a fallback when no EDID found (git-fixes). * drm/i915/dpt: Make DPT object unshrinkable (git-fixes). * drm/i915/gt: Disarm breadcrumbs if engines are already idle (git-fixes). * drm/i915/gt: Fix potential UAF by revoke of fence registers (git-fixes). * drm/i915/guc: avoid FIELD_PREP warning (git-fixes). * drm/i915/mso: using joiner is not possible with eDP MSO (git-fixes). * drm/komeda: check for error-valued pointer (git-fixes). * drm/lima: add mask irq callback to gp and pp (stable-fixes). * drm/lima: mask irqs in timeout path before hard reset (stable-fixes). * drm/msm/a6xx: Avoid a nullptr dereference when speedbin setting fails (git- fixes). * drm/msm/dp: Avoid a long timeout for AUX transfer if nothing connected (git- fixes). * drm/msm/dp: Return IRQ_NONE for unhandled interrupts (stable-fixes). * drm/msm: Enable clamp_to_idle for 7c3 (stable-fixes). * drm/panel-samsung-atna33xc20: Use ktime_get_boottime for delays (stable- fixes). * drm/panel: simple: Add missing display timing flags for KOE TX26D202VM0BWA (git-fixes). * drm/radeon: fix UBSAN warning in kv_dpm.c (stable-fixes). * drm/vmwgfx: 3D disabled should not effect STDU memory limits (git-fixes). * drm/vmwgfx: Filter modes which exceed graphics memory (git-fixes). * gpio: davinci: Validate the obtained number of IRQs (git-fixes). * gpio: tqmx86: fix typo in Kconfig label (git-fixes). * gpio: tqmx86: introduce shadow register for GPIO output value (git-fixes). * gpiolib: cdev: Disallow reconfiguration without direction (uAPI v1) (git- fixes). * hwmon: (shtc1) Fix property misspelling (git-fixes). * i2c: at91: Fix the functionality flags of the slave-only interface (git- fixes). * i2c: designware: Fix the functionality flags of the slave-only interface (git-fixes). * i2c: ocores: set IACK bit after core is enabled (git-fixes). * i2c: testunit: discard write requests while old command is running (git- fixes). * i2c: testunit: do not erase registers after STOP (git-fixes). * iio: accel: fxls8962af: select IIO_BUFFER & IIO_KFIFO_BUF (git-fixes). * iio: adc: ad7266: Fix variable checking bug (git-fixes). * iio: adc: ad9467: fix scan type sign (git-fixes). * iio: chemical: bme680: Fix calibration data variable (git-fixes). * iio: chemical: bme680: Fix overflows in compensate() functions (git-fixes). * iio: chemical: bme680: Fix pressure value output (git-fixes). * iio: chemical: bme680: Fix sensor data read operation (git-fixes). * iio: dac: ad5592r: fix temperature channel scaling value (git-fixes). * iio: imu: inv_icm42600: delete unneeded update watermark call (git-fixes). * intel_th: pci: Add Meteor Lake-S CPU support (stable-fixes). * iommu/amd: Fix sysfs leak in iommu init (git-fixes). * iommu: Return right value in iommu_sva_bind_device() (git-fixes). * iommu: mtk: fix module autoloading (git-fixes). * ipvs: Fix checksumming on GSO of SCTP packets (bsc#1221958) * kbuild: Install dtb files as 0644 in Makefile.dtbinst (git-fixes). * kbuild: do not include include/config/auto.conf from shell scripts (bsc#1227274). * kconfig: doc: fix a typo in the note about 'imply' (git-fixes). * kconfig: fix comparison to constant symbols, 'm', 'n' (git-fixes). * kernel-doc: fix struct_group_tagged() parsing (git-fixes). * lib: memcpy_kunit: Fix an invalid format specifier in an assertion msg (git- fixes). * media: flexcop-usb: clean up endpoint sanity checks (stable-fixes). * media: flexcop-usb: fix sanity check of bNumEndpoints (git-fixes). * media: ipu3-cio2: Use temporary storage for struct device pointer (stable- fixes). * media: lgdt3306a: Add a check against null-pointer-def (stable-fixes). * media: mxl5xx: Move xpt structures off stack (stable-fixes). * media: radio-shark2: Avoid led_names truncations (git-fixes). * media: v4l2-core: hold videodev_lock until dev reg, finishes (stable-fixes). * mei: me: release irq in mei_me_pci_resume error path (git-fixes). * mkspec-dtb: add toplevel symlinks also on arm * mmc: core: Add mmc_gpiod_set_cd_config() function (stable-fixes). * mmc: core: Do not force a retune before RPMB switch (stable-fixes). * mmc: sdhci-acpi: Disable write protect detection on Toshiba WT10-A (stable- fixes). * mmc: sdhci-acpi: Fix Lenovo Yoga Tablet 2 Pro 1380 sdcard slot not working (stable-fixes). * mmc: sdhci-acpi: Sort DMI quirks alphabetically (stable-fixes). * mmc: sdhci-pci: Convert PCIBIOS_* return codes to errnos (git-fixes). * mmc: sdhci: Do not invert write-protect twice (git-fixes). * mmc: sdhci: Do not lock spinlock around mmc_gpio_get_ro() (git-fixes). * mmc: sdhci_am654: Add ITAPDLYSEL in sdhci_j721e_4bit_set_clock (git-fixes). * mmc: sdhci_am654: Add OTAP/ITAP delay enable (git-fixes). * mmc: sdhci_am654: Drop lookup for deprecated ti,otap-del-sel (stable-fixes). * mmc: sdhci_am654: Fix ITAPDLY for HS400 timing (git-fixes). * mtd: rawnand: Bypass a couple of sanity checks during NAND identification (git-fixes). * mtd: rawnand: Ensure ECC configuration is propagated to upper layers (git- fixes). * mtd: rawnand: rockchip: ensure NVDDR timings are rejected (git-fixes). * net/mlx5e: Fix a race in command alloc flow (git-fixes). * net: can: j1939: Initialize unused data in j1939_send_one() (git-fixes). * net: can: j1939: enhanced error handling for tightly received RTS messages in xtp_rx_rts_session_new (git-fixes). * net: can: j1939: recover socket queue on CAN bus error during BAM transmission (git-fixes). * net: ena: Fix redundant device NUMA node override (jsc#PED-8690). * net: mana: Enable MANA driver on ARM64 with 4K page size (jsc#PED-8491). * net: phy: Micrel KSZ8061: fix errata solution not taking effect problem (git-fixes). * net: phy: micrel: add Microchip KSZ 9477 to the device table (git-fixes). * net: usb: ax88179_178a: improve link status logs (git-fixes). * net: usb: ax88179_178a: improve reset check (git-fixes). * net: usb: qmi_wwan: add Telit FN920C04 compositions (stable-fixes). * net: usb: rtl8150 fix unintiatilzed variables in rtl8150_get_link_ksettings (git-fixes). * net: usb: smsc95xx: fix changing LED_SEL bit value updated from EEPROM (git- fixes). * nfsd: optimise recalculate_deny_mode() for a common case (bsc#1217912). * nilfs2: fix potential hang in nilfs_detach_log_writer() (stable-fixes). * nvme: find numa distance only if controller has valid numa id (git-fixes). * nvmet-passthru: propagate status from id override functions (git-fixes). * ocfs2: adjust enabling place for la window (bsc#1219224). * ocfs2: fix sparse warnings (bsc#1219224). * ocfs2: improve write IO performance when fragmentation is high (bsc#1219224). * ocfs2: speed up chain-list searching (bsc#1219224). * pinctrl: fix deadlock in create_pinctrl() when handling -EPROBE_DEFER (git- fixes). * pinctrl: qcom: spmi-gpio: drop broken pm8008 support (git-fixes). * pinctrl: rockchip: fix pinmux bits for RK3328 GPIO2-B pins (git-fixes). * pinctrl: rockchip: fix pinmux bits for RK3328 GPIO3-B pins (git-fixes). * pinctrl: rockchip: fix pinmux reset in rockchip_pmx_set (git-fixes). * pinctrl: rockchip: use dedicated pinctrl type for RK3328 (git-fixes). * random: treat bootloader trust toggle the same way as cpu trust toggle (bsc#1226953). * regulator: bd71815: fix ramp values (git-fixes). * regulator: core: Fix modpost error "regulator_get_regmap" undefined (git- fixes). * regulator: irq_helpers: duplicate IRQ name (stable-fixes). * regulator: vqmmc-ipq4019: fix module autoloading (stable-fixes). * rpm/kernel-obs-build.spec.in: Add iso9660 (bsc#1226212) Some builds do not just create an iso9660 image, but also mount it during build. * rpm/kernel-obs-build.spec.in: Add networking modules for docker (bsc#1226211) docker needs more networking modules, even legacy iptable_nat and _filter. * rpm/kernel-obs-build.spec.in: Include algif_hash, aegis128 and xts modules afgif_hash is needed by some packages (e.g. iwd) for tests, xts is used for LUKS2 volumes by default and aegis128 is useful as AEAD cipher for LUKS2. Wrap the long line to make it readable. * rpm/mkspec-dtb: dtbs have moved to vendor sub-directories in 6.5 By commit 724ba6751532 ("ARM: dts: Move .dts files to vendor sub-directories"). So switch to them. * sched/core: Fix incorrect initialization of the 'burst' parameter in cpu_max_write() (bsc#1226791). * scsi: sd: Update DIX config every time sd_revalidate_disk() is called (bsc#1218570). * smb: client: ensure to try all targets when finding nested links (bsc#1224020). * smb: client: guarantee refcounted children from parent session (bsc#1224679, CVE-35869). * soundwire: cadence: fix invalid PDI offset (stable-fixes). * spi: stm32: Do not warn about spurious interrupts (git-fixes). * supported.conf: Add APM X-Gene SoC hardware monitoring driver (bsc#1223265 jsc#PED-8570) * supported.conf: mark orangefs as optional We do not support orangefs at all (and it is already marked as such), but since there are no SLE consumers of it, mark it as optional. * supported.conf: mark ufs as unsupported UFS is an unsupported filesystem, mark it as such. We still keep it around (not marking as optional), to accommodate any potential migrations from BSD systems. * tty: mcf: MCF54418 has 10 UARTS (git-fixes). * usb-storage: alauda: Check whether the media is initialized (git-fixes). * usb: atm: cxacru: fix endpoint checking in cxacru_bind() (git-fixes). * usb: dwc3: core: remove lock of otg mode during gadget suspend/resume to avoid deadlock (git-fixes). * usb: fotg210-hcd: delete an incorrect bounds test (git-fixes). * usb: gadget: printer: fix races against disable (git-fixes). * usb: musb: da8xx: fix a resource leak in probe() (git-fixes). * usb: typec: tcpm: Ignore received Hard Reset in TOGGLING state (git-fixes). * usb: typec: tcpm: fix use-after-free case in tcpm_register_source_caps (git- fixes). * usb: typec: ucsi: Ack also failed Get Error commands (git-fixes). * usb: typec: ucsi: Never send a lone connector change ack (git-fixes). * usb: xhci: Implement xhci_handshake_check_state() helper (git-fixes). * usb: xhci: address off-by-one in xhci_num_trbs_free() (git-fixes). * usb: xhci: improve debug message in xhci_ring_expansion_needed() (git- fixes). * watchdog: bd9576: Drop "always-running" property (git-fixes). * watchdog: bd9576_wdt: switch to using devm_fwnode_gpiod_get() (stable- fixes). * wifi: cfg80211: Lock wiphy in cfg80211_get_station (git-fixes). * wifi: cfg80211: fix the order of arguments for trace events of the tx_rx_evt class (stable-fixes). * wifi: cfg80211: pmsr: use correct nla_get_uX functions (git-fixes). * wifi: iwlwifi: dbg_ini: move iwl_dbg_tlv_free outside of debugfs ifdef (git- fixes). * wifi: iwlwifi: mvm: check n_ssids before accessing the ssids (git-fixes). * wifi: iwlwifi: mvm: do not read past the mfuart notifcation (git-fixes). * wifi: iwlwifi: mvm: revert gen2 TX A-MPDU size to 64 (git-fixes). * wifi: mac80211: Fix deadlock in ieee80211_sta_ps_deliver_wakeup() (git- fixes). * wifi: mac80211: correctly parse Spatial Reuse Parameter Set element (git- fixes). * wifi: mac80211: mesh: Fix leak of mesh_preq_queue objects (git-fixes). * wifi: rtl8xxxu: Fix the TX power of RTL8192CU, RTL8723AU (stable-fixes). * wifi: rtlwifi: rtl8192de: Fix endianness issue in RX path (stable-fixes). * wifi: rtlwifi: rtl8192de: Fix low speed with WPA3-SAE (stable-fixes). * x86/mce: Dynamically size space for machine check records (bsc#1222241). * x86/tsc: Trust initial offset in architectural TSC-adjust MSRs (bsc#1222015 bsc#1226962). * xfs: make sure sb_fdblocks is non-negative (bsc#1225419). * xhci: Fix failure to detect ring expansion need (git-fixes). * xhci: Fix transfer ring expansion size calculation (git-fixes). * xhci: Handle TD clearing for multiple streams case (git-fixes). * xhci: Simplify event ring dequeue pointer update for port change events (git-fixes). * xhci: Stop unnecessary tracking of free trbs in a ring (git-fixes). * xhci: fix matching completion events with TDs (git-fixes). * xhci: remove unused stream_id parameter from xhci_handle_halted_endpoint() (git-fixes). * xhci: restre deleted trb fields for tracing (git-fixes). * xhci: retry Stop Endpoint on buggy NEC controllers (git-fixes). * xhci: simplify event ring dequeue tracking for transfer events (git-fixes). * xhci: update event ring dequeue pointer position to controller correctly (git-fixes). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Public Cloud Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP5-2024-2372=1 * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-2372=1 openSUSE-SLE-15.5-2024-2372=1 ## Package List: * Public Cloud Module 15-SP5 (aarch64 nosrc x86_64) * kernel-azure-5.14.21-150500.33.60.1 * Public Cloud Module 15-SP5 (aarch64 x86_64) * kernel-azure-devel-debuginfo-5.14.21-150500.33.60.1 * kernel-syms-azure-5.14.21-150500.33.60.1 * kernel-azure-devel-5.14.21-150500.33.60.1 * kernel-azure-debugsource-5.14.21-150500.33.60.1 * kernel-azure-debuginfo-5.14.21-150500.33.60.1 * Public Cloud Module 15-SP5 (noarch) * kernel-devel-azure-5.14.21-150500.33.60.1 * kernel-source-azure-5.14.21-150500.33.60.1 * openSUSE Leap 15.5 (aarch64 x86_64) * kernel-syms-azure-5.14.21-150500.33.60.1 * kernel-azure-optional-5.14.21-150500.33.60.1 * kernel-azure-extra-debuginfo-5.14.21-150500.33.60.1 * kernel-azure-debugsource-5.14.21-150500.33.60.1 * ocfs2-kmp-azure-5.14.21-150500.33.60.1 * kernel-azure-debuginfo-5.14.21-150500.33.60.1 * kselftests-kmp-azure-debuginfo-5.14.21-150500.33.60.1 * dlm-kmp-azure-debuginfo-5.14.21-150500.33.60.1 * reiserfs-kmp-azure-5.14.21-150500.33.60.1 * cluster-md-kmp-azure-debuginfo-5.14.21-150500.33.60.1 * kernel-azure-devel-5.14.21-150500.33.60.1 * reiserfs-kmp-azure-debuginfo-5.14.21-150500.33.60.1 * kernel-azure-livepatch-devel-5.14.21-150500.33.60.1 * kselftests-kmp-azure-5.14.21-150500.33.60.1 * gfs2-kmp-azure-debuginfo-5.14.21-150500.33.60.1 * kernel-azure-extra-5.14.21-150500.33.60.1 * ocfs2-kmp-azure-debuginfo-5.14.21-150500.33.60.1 * kernel-azure-devel-debuginfo-5.14.21-150500.33.60.1 * kernel-azure-optional-debuginfo-5.14.21-150500.33.60.1 * gfs2-kmp-azure-5.14.21-150500.33.60.1 * cluster-md-kmp-azure-5.14.21-150500.33.60.1 * dlm-kmp-azure-5.14.21-150500.33.60.1 * openSUSE Leap 15.5 (aarch64 nosrc x86_64) * kernel-azure-5.14.21-150500.33.60.1 * openSUSE Leap 15.5 (x86_64) * kernel-azure-vdso-5.14.21-150500.33.60.1 * kernel-azure-vdso-debuginfo-5.14.21-150500.33.60.1 * openSUSE Leap 15.5 (noarch) * kernel-devel-azure-5.14.21-150500.33.60.1 * kernel-source-azure-5.14.21-150500.33.60.1 ## References: * https://www.suse.com/security/cve/CVE-2021-4439.html * https://www.suse.com/security/cve/CVE-2021-47089.html * https://www.suse.com/security/cve/CVE-2021-47432.html * https://www.suse.com/security/cve/CVE-2021-47515.html * https://www.suse.com/security/cve/CVE-2021-47534.html * https://www.suse.com/security/cve/CVE-2021-47538.html * https://www.suse.com/security/cve/CVE-2021-47539.html * https://www.suse.com/security/cve/CVE-2021-47555.html * https://www.suse.com/security/cve/CVE-2021-47566.html * https://www.suse.com/security/cve/CVE-2021-47571.html * https://www.suse.com/security/cve/CVE-2021-47572.html * https://www.suse.com/security/cve/CVE-2021-47576.html * https://www.suse.com/security/cve/CVE-2021-47577.html * https://www.suse.com/security/cve/CVE-2021-47578.html * https://www.suse.com/security/cve/CVE-2021-47580.html * https://www.suse.com/security/cve/CVE-2021-47582.html * https://www.suse.com/security/cve/CVE-2021-47583.html * https://www.suse.com/security/cve/CVE-2021-47584.html * https://www.suse.com/security/cve/CVE-2021-47585.html * https://www.suse.com/security/cve/CVE-2021-47586.html * https://www.suse.com/security/cve/CVE-2021-47587.html * https://www.suse.com/security/cve/CVE-2021-47589.html * https://www.suse.com/security/cve/CVE-2021-47592.html * https://www.suse.com/security/cve/CVE-2021-47595.html * https://www.suse.com/security/cve/CVE-2021-47596.html * https://www.suse.com/security/cve/CVE-2021-47597.html * https://www.suse.com/security/cve/CVE-2021-47600.html * https://www.suse.com/security/cve/CVE-2021-47601.html * https://www.suse.com/security/cve/CVE-2021-47602.html * https://www.suse.com/security/cve/CVE-2021-47603.html * https://www.suse.com/security/cve/CVE-2021-47604.html * https://www.suse.com/security/cve/CVE-2021-47605.html * https://www.suse.com/security/cve/CVE-2021-47607.html * https://www.suse.com/security/cve/CVE-2021-47608.html * https://www.suse.com/security/cve/CVE-2021-47609.html * https://www.suse.com/security/cve/CVE-2021-47610.html * https://www.suse.com/security/cve/CVE-2021-47611.html * https://www.suse.com/security/cve/CVE-2021-47612.html * https://www.suse.com/security/cve/CVE-2021-47614.html * https://www.suse.com/security/cve/CVE-2021-47615.html * https://www.suse.com/security/cve/CVE-2021-47616.html * https://www.suse.com/security/cve/CVE-2021-47617.html * https://www.suse.com/security/cve/CVE-2021-47618.html * https://www.suse.com/security/cve/CVE-2021-47619.html * https://www.suse.com/security/cve/CVE-2021-47620.html * https://www.suse.com/security/cve/CVE-2022-48711.html * https://www.suse.com/security/cve/CVE-2022-48712.html * https://www.suse.com/security/cve/CVE-2022-48713.html * https://www.suse.com/security/cve/CVE-2022-48714.html * https://www.suse.com/security/cve/CVE-2022-48715.html * https://www.suse.com/security/cve/CVE-2022-48716.html * https://www.suse.com/security/cve/CVE-2022-48717.html * https://www.suse.com/security/cve/CVE-2022-48718.html * https://www.suse.com/security/cve/CVE-2022-48720.html * https://www.suse.com/security/cve/CVE-2022-48721.html * https://www.suse.com/security/cve/CVE-2022-48722.html * https://www.suse.com/security/cve/CVE-2022-48723.html * https://www.suse.com/security/cve/CVE-2022-48724.html * https://www.suse.com/security/cve/CVE-2022-48725.html * https://www.suse.com/security/cve/CVE-2022-48726.html * https://www.suse.com/security/cve/CVE-2022-48727.html * https://www.suse.com/security/cve/CVE-2022-48728.html * https://www.suse.com/security/cve/CVE-2022-48729.html * https://www.suse.com/security/cve/CVE-2022-48730.html * https://www.suse.com/security/cve/CVE-2022-48732.html * https://www.suse.com/security/cve/CVE-2022-48733.html * https://www.suse.com/security/cve/CVE-2022-48734.html * https://www.suse.com/security/cve/CVE-2022-48735.html * https://www.suse.com/security/cve/CVE-2022-48736.html * https://www.suse.com/security/cve/CVE-2022-48737.html * https://www.suse.com/security/cve/CVE-2022-48738.html * https://www.suse.com/security/cve/CVE-2022-48739.html * https://www.suse.com/security/cve/CVE-2022-48740.html * https://www.suse.com/security/cve/CVE-2022-48743.html * https://www.suse.com/security/cve/CVE-2022-48744.html * https://www.suse.com/security/cve/CVE-2022-48745.html * https://www.suse.com/security/cve/CVE-2022-48746.html * https://www.suse.com/security/cve/CVE-2022-48747.html * https://www.suse.com/security/cve/CVE-2022-48748.html * https://www.suse.com/security/cve/CVE-2022-48749.html * https://www.suse.com/security/cve/CVE-2022-48751.html * https://www.suse.com/security/cve/CVE-2022-48752.html * https://www.suse.com/security/cve/CVE-2022-48753.html * https://www.suse.com/security/cve/CVE-2022-48754.html * https://www.suse.com/security/cve/CVE-2022-48755.html * https://www.suse.com/security/cve/CVE-2022-48756.html * https://www.suse.com/security/cve/CVE-2022-48758.html * https://www.suse.com/security/cve/CVE-2022-48759.html * https://www.suse.com/security/cve/CVE-2022-48760.html * https://www.suse.com/security/cve/CVE-2022-48761.html * https://www.suse.com/security/cve/CVE-2022-48763.html * https://www.suse.com/security/cve/CVE-2022-48765.html * https://www.suse.com/security/cve/CVE-2022-48766.html * https://www.suse.com/security/cve/CVE-2022-48767.html * https://www.suse.com/security/cve/CVE-2022-48768.html * https://www.suse.com/security/cve/CVE-2022-48769.html * https://www.suse.com/security/cve/CVE-2022-48770.html * https://www.suse.com/security/cve/CVE-2022-48771.html * https://www.suse.com/security/cve/CVE-2022-48772.html * https://www.suse.com/security/cve/CVE-2023-24023.html * https://www.suse.com/security/cve/CVE-2023-52622.html * https://www.suse.com/security/cve/CVE-2023-52658.html * https://www.suse.com/security/cve/CVE-2023-52667.html * https://www.suse.com/security/cve/CVE-2023-52670.html * https://www.suse.com/security/cve/CVE-2023-52672.html * https://www.suse.com/security/cve/CVE-2023-52675.html * https://www.suse.com/security/cve/CVE-2023-52735.html * https://www.suse.com/security/cve/CVE-2023-52737.html * https://www.suse.com/security/cve/CVE-2023-52752.html * https://www.suse.com/security/cve/CVE-2023-52766.html * https://www.suse.com/security/cve/CVE-2023-52784.html * https://www.suse.com/security/cve/CVE-2023-52787.html * https://www.suse.com/security/cve/CVE-2023-52800.html * https://www.suse.com/security/cve/CVE-2023-52835.html * https://www.suse.com/security/cve/CVE-2023-52837.html * https://www.suse.com/security/cve/CVE-2023-52843.html * https://www.suse.com/security/cve/CVE-2023-52845.html * https://www.suse.com/security/cve/CVE-2023-52846.html * https://www.suse.com/security/cve/CVE-2023-52869.html * https://www.suse.com/security/cve/CVE-2023-52881.html * https://www.suse.com/security/cve/CVE-2023-52882.html * https://www.suse.com/security/cve/CVE-2023-52884.html * https://www.suse.com/security/cve/CVE-2024-26625.html * https://www.suse.com/security/cve/CVE-2024-26644.html * https://www.suse.com/security/cve/CVE-2024-26720.html * https://www.suse.com/security/cve/CVE-2024-26842.html * https://www.suse.com/security/cve/CVE-2024-26845.html * https://www.suse.com/security/cve/CVE-2024-26923.html * https://www.suse.com/security/cve/CVE-2024-26973.html * https://www.suse.com/security/cve/CVE-2024-27432.html * https://www.suse.com/security/cve/CVE-2024-33619.html * https://www.suse.com/security/cve/CVE-2024-35247.html * https://www.suse.com/security/cve/CVE-2024-35789.html * https://www.suse.com/security/cve/CVE-2024-35790.html * https://www.suse.com/security/cve/CVE-2024-35807.html * https://www.suse.com/security/cve/CVE-2024-35814.html * https://www.suse.com/security/cve/CVE-2024-35835.html * https://www.suse.com/security/cve/CVE-2024-35848.html * https://www.suse.com/security/cve/CVE-2024-35857.html * https://www.suse.com/security/cve/CVE-2024-35861.html * https://www.suse.com/security/cve/CVE-2024-35862.html * https://www.suse.com/security/cve/CVE-2024-35864.html * https://www.suse.com/security/cve/CVE-2024-35869.html * https://www.suse.com/security/cve/CVE-2024-35878.html * https://www.suse.com/security/cve/CVE-2024-35884.html * https://www.suse.com/security/cve/CVE-2024-35886.html * https://www.suse.com/security/cve/CVE-2024-35896.html * https://www.suse.com/security/cve/CVE-2024-35898.html * https://www.suse.com/security/cve/CVE-2024-35900.html * https://www.suse.com/security/cve/CVE-2024-35905.html * https://www.suse.com/security/cve/CVE-2024-35925.html * https://www.suse.com/security/cve/CVE-2024-35950.html * https://www.suse.com/security/cve/CVE-2024-35956.html * https://www.suse.com/security/cve/CVE-2024-35958.html * https://www.suse.com/security/cve/CVE-2024-35960.html * https://www.suse.com/security/cve/CVE-2024-35962.html * https://www.suse.com/security/cve/CVE-2024-35997.html * https://www.suse.com/security/cve/CVE-2024-36005.html * https://www.suse.com/security/cve/CVE-2024-36008.html * https://www.suse.com/security/cve/CVE-2024-36017.html * https://www.suse.com/security/cve/CVE-2024-36020.html * https://www.suse.com/security/cve/CVE-2024-36021.html * https://www.suse.com/security/cve/CVE-2024-36025.html * https://www.suse.com/security/cve/CVE-2024-36477.html * https://www.suse.com/security/cve/CVE-2024-36478.html * https://www.suse.com/security/cve/CVE-2024-36479.html * https://www.suse.com/security/cve/CVE-2024-36890.html * https://www.suse.com/security/cve/CVE-2024-36894.html * https://www.suse.com/security/cve/CVE-2024-36899.html * https://www.suse.com/security/cve/CVE-2024-36900.html * https://www.suse.com/security/cve/CVE-2024-36904.html * https://www.suse.com/security/cve/CVE-2024-36915.html * https://www.suse.com/security/cve/CVE-2024-36916.html * https://www.suse.com/security/cve/CVE-2024-36917.html * https://www.suse.com/security/cve/CVE-2024-36919.html * https://www.suse.com/security/cve/CVE-2024-36934.html * https://www.suse.com/security/cve/CVE-2024-36937.html * https://www.suse.com/security/cve/CVE-2024-36940.html * https://www.suse.com/security/cve/CVE-2024-36945.html * https://www.suse.com/security/cve/CVE-2024-36949.html * https://www.suse.com/security/cve/CVE-2024-36960.html * https://www.suse.com/security/cve/CVE-2024-36964.html * https://www.suse.com/security/cve/CVE-2024-36965.html * https://www.suse.com/security/cve/CVE-2024-36967.html * https://www.suse.com/security/cve/CVE-2024-36969.html * https://www.suse.com/security/cve/CVE-2024-36971.html * https://www.suse.com/security/cve/CVE-2024-36975.html * https://www.suse.com/security/cve/CVE-2024-36978.html * https://www.suse.com/security/cve/CVE-2024-37021.html * https://www.suse.com/security/cve/CVE-2024-37078.html * https://www.suse.com/security/cve/CVE-2024-37354.html * https://www.suse.com/security/cve/CVE-2024-38381.html * https://www.suse.com/security/cve/CVE-2024-38388.html * https://www.suse.com/security/cve/CVE-2024-38390.html * https://www.suse.com/security/cve/CVE-2024-38540.html * https://www.suse.com/security/cve/CVE-2024-38541.html * https://www.suse.com/security/cve/CVE-2024-38544.html * https://www.suse.com/security/cve/CVE-2024-38545.html * https://www.suse.com/security/cve/CVE-2024-38546.html * https://www.suse.com/security/cve/CVE-2024-38547.html * https://www.suse.com/security/cve/CVE-2024-38548.html * https://www.suse.com/security/cve/CVE-2024-38549.html * https://www.suse.com/security/cve/CVE-2024-38550.html * https://www.suse.com/security/cve/CVE-2024-38552.html * https://www.suse.com/security/cve/CVE-2024-38553.html * https://www.suse.com/security/cve/CVE-2024-38555.html * https://www.suse.com/security/cve/CVE-2024-38556.html * https://www.suse.com/security/cve/CVE-2024-38557.html * https://www.suse.com/security/cve/CVE-2024-38559.html * https://www.suse.com/security/cve/CVE-2024-38560.html * https://www.suse.com/security/cve/CVE-2024-38564.html * https://www.suse.com/security/cve/CVE-2024-38565.html * https://www.suse.com/security/cve/CVE-2024-38567.html * https://www.suse.com/security/cve/CVE-2024-38568.html * https://www.suse.com/security/cve/CVE-2024-38571.html * https://www.suse.com/security/cve/CVE-2024-38573.html * https://www.suse.com/security/cve/CVE-2024-38578.html * https://www.suse.com/security/cve/CVE-2024-38579.html * https://www.suse.com/security/cve/CVE-2024-38580.html * https://www.suse.com/security/cve/CVE-2024-38581.html * https://www.suse.com/security/cve/CVE-2024-38582.html * https://www.suse.com/security/cve/CVE-2024-38583.html * https://www.suse.com/security/cve/CVE-2024-38587.html * https://www.suse.com/security/cve/CVE-2024-38590.html * https://www.suse.com/security/cve/CVE-2024-38591.html * https://www.suse.com/security/cve/CVE-2024-38594.html * https://www.suse.com/security/cve/CVE-2024-38597.html * https://www.suse.com/security/cve/CVE-2024-38599.html * https://www.suse.com/security/cve/CVE-2024-38600.html * https://www.suse.com/security/cve/CVE-2024-38601.html * https://www.suse.com/security/cve/CVE-2024-38603.html * https://www.suse.com/security/cve/CVE-2024-38605.html * https://www.suse.com/security/cve/CVE-2024-38608.html * https://www.suse.com/security/cve/CVE-2024-38616.html * https://www.suse.com/security/cve/CVE-2024-38618.html * https://www.suse.com/security/cve/CVE-2024-38619.html * https://www.suse.com/security/cve/CVE-2024-38621.html * https://www.suse.com/security/cve/CVE-2024-38627.html * https://www.suse.com/security/cve/CVE-2024-38630.html * https://www.suse.com/security/cve/CVE-2024-38633.html * https://www.suse.com/security/cve/CVE-2024-38634.html * https://www.suse.com/security/cve/CVE-2024-38635.html * https://www.suse.com/security/cve/CVE-2024-38659.html * https://www.suse.com/security/cve/CVE-2024-38661.html * https://www.suse.com/security/cve/CVE-2024-38780.html * https://www.suse.com/security/cve/CVE-2024-39301.html * https://www.suse.com/security/cve/CVE-2024-39468.html * https://www.suse.com/security/cve/CVE-2024-39469.html * https://www.suse.com/security/cve/CVE-2024-39471.html * https://bugzilla.suse.com/show_bug.cgi?id=1156395 * https://bugzilla.suse.com/show_bug.cgi?id=1190336 * https://bugzilla.suse.com/show_bug.cgi?id=1191958 * https://bugzilla.suse.com/show_bug.cgi?id=1193883 * https://bugzilla.suse.com/show_bug.cgi?id=1194826 * https://bugzilla.suse.com/show_bug.cgi?id=1195065 * https://bugzilla.suse.com/show_bug.cgi?id=1195254 * https://bugzilla.suse.com/show_bug.cgi?id=1195341 * https://bugzilla.suse.com/show_bug.cgi?id=1195349 * https://bugzilla.suse.com/show_bug.cgi?id=1195775 * https://bugzilla.suse.com/show_bug.cgi?id=1196746 * https://bugzilla.suse.com/show_bug.cgi?id=1197915 * https://bugzilla.suse.com/show_bug.cgi?id=1198014 * https://bugzilla.suse.com/show_bug.cgi?id=1199295 * https://bugzilla.suse.com/show_bug.cgi?id=1202767 * https://bugzilla.suse.com/show_bug.cgi?id=1202780 * https://bugzilla.suse.com/show_bug.cgi?id=1205205 * https://bugzilla.suse.com/show_bug.cgi?id=1207361 * https://bugzilla.suse.com/show_bug.cgi?id=1217912 * https://bugzilla.suse.com/show_bug.cgi?id=1218148 * https://bugzilla.suse.com/show_bug.cgi?id=1218570 * https://bugzilla.suse.com/show_bug.cgi?id=1218820 * https://bugzilla.suse.com/show_bug.cgi?id=1219224 * https://bugzilla.suse.com/show_bug.cgi?id=1219633 * https://bugzilla.suse.com/show_bug.cgi?id=1219847 * https://bugzilla.suse.com/show_bug.cgi?id=1220368 * https://bugzilla.suse.com/show_bug.cgi?id=1220812 * https://bugzilla.suse.com/show_bug.cgi?id=1220958 * https://bugzilla.suse.com/show_bug.cgi?id=1221086 * https://bugzilla.suse.com/show_bug.cgi?id=1221282 * https://bugzilla.suse.com/show_bug.cgi?id=1221958 * https://bugzilla.suse.com/show_bug.cgi?id=1222015 * https://bugzilla.suse.com/show_bug.cgi?id=1222072 * https://bugzilla.suse.com/show_bug.cgi?id=1222080 * https://bugzilla.suse.com/show_bug.cgi?id=1222241 * https://bugzilla.suse.com/show_bug.cgi?id=1222254 * https://bugzilla.suse.com/show_bug.cgi?id=1222364 * https://bugzilla.suse.com/show_bug.cgi?id=1222893 * https://bugzilla.suse.com/show_bug.cgi?id=1223013 * https://bugzilla.suse.com/show_bug.cgi?id=1223018 * https://bugzilla.suse.com/show_bug.cgi?id=1223265 * https://bugzilla.suse.com/show_bug.cgi?id=1223384 * https://bugzilla.suse.com/show_bug.cgi?id=1223641 * https://bugzilla.suse.com/show_bug.cgi?id=1224020 * https://bugzilla.suse.com/show_bug.cgi?id=1224331 * https://bugzilla.suse.com/show_bug.cgi?id=1224488 * https://bugzilla.suse.com/show_bug.cgi?id=1224497 * https://bugzilla.suse.com/show_bug.cgi?id=1224498 * https://bugzilla.suse.com/show_bug.cgi?id=1224504 * https://bugzilla.suse.com/show_bug.cgi?id=1224520 * https://bugzilla.suse.com/show_bug.cgi?id=1224539 * https://bugzilla.suse.com/show_bug.cgi?id=1224540 * https://bugzilla.suse.com/show_bug.cgi?id=1224552 * https://bugzilla.suse.com/show_bug.cgi?id=1224583 * https://bugzilla.suse.com/show_bug.cgi?id=1224588 * https://bugzilla.suse.com/show_bug.cgi?id=1224602 * https://bugzilla.suse.com/show_bug.cgi?id=1224603 * https://bugzilla.suse.com/show_bug.cgi?id=1224605 * https://bugzilla.suse.com/show_bug.cgi?id=1224612 * https://bugzilla.suse.com/show_bug.cgi?id=1224614 * https://bugzilla.suse.com/show_bug.cgi?id=1224619 * https://bugzilla.suse.com/show_bug.cgi?id=1224661 * https://bugzilla.suse.com/show_bug.cgi?id=1224662 * https://bugzilla.suse.com/show_bug.cgi?id=1224670 * https://bugzilla.suse.com/show_bug.cgi?id=1224671 * https://bugzilla.suse.com/show_bug.cgi?id=1224674 * https://bugzilla.suse.com/show_bug.cgi?id=1224677 * https://bugzilla.suse.com/show_bug.cgi?id=1224679 * https://bugzilla.suse.com/show_bug.cgi?id=1224696 * https://bugzilla.suse.com/show_bug.cgi?id=1224703 * https://bugzilla.suse.com/show_bug.cgi?id=1224712 * https://bugzilla.suse.com/show_bug.cgi?id=1224716 * https://bugzilla.suse.com/show_bug.cgi?id=1224719 * https://bugzilla.suse.com/show_bug.cgi?id=1224735 * https://bugzilla.suse.com/show_bug.cgi?id=1224749 * https://bugzilla.suse.com/show_bug.cgi?id=1224764 * https://bugzilla.suse.com/show_bug.cgi?id=1224765 * https://bugzilla.suse.com/show_bug.cgi?id=1224766 * https://bugzilla.suse.com/show_bug.cgi?id=1224935 * https://bugzilla.suse.com/show_bug.cgi?id=1224946 * https://bugzilla.suse.com/show_bug.cgi?id=1224951 * https://bugzilla.suse.com/show_bug.cgi?id=1225050 * https://bugzilla.suse.com/show_bug.cgi?id=1225098 * https://bugzilla.suse.com/show_bug.cgi?id=1225105 * https://bugzilla.suse.com/show_bug.cgi?id=1225300 * https://bugzilla.suse.com/show_bug.cgi?id=1225389 * https://bugzilla.suse.com/show_bug.cgi?id=1225391 * https://bugzilla.suse.com/show_bug.cgi?id=1225419 * https://bugzilla.suse.com/show_bug.cgi?id=1225426 * https://bugzilla.suse.com/show_bug.cgi?id=1225448 * https://bugzilla.suse.com/show_bug.cgi?id=1225452 * https://bugzilla.suse.com/show_bug.cgi?id=1225467 * https://bugzilla.suse.com/show_bug.cgi?id=1225475 * https://bugzilla.suse.com/show_bug.cgi?id=1225484 * https://bugzilla.suse.com/show_bug.cgi?id=1225487 * https://bugzilla.suse.com/show_bug.cgi?id=1225514 * https://bugzilla.suse.com/show_bug.cgi?id=1225518 * https://bugzilla.suse.com/show_bug.cgi?id=1225535 * https://bugzilla.suse.com/show_bug.cgi?id=1225585 * https://bugzilla.suse.com/show_bug.cgi?id=1225602 * https://bugzilla.suse.com/show_bug.cgi?id=1225611 * https://bugzilla.suse.com/show_bug.cgi?id=1225681 * https://bugzilla.suse.com/show_bug.cgi?id=1225692 * https://bugzilla.suse.com/show_bug.cgi?id=1225698 * https://bugzilla.suse.com/show_bug.cgi?id=1225699 * https://bugzilla.suse.com/show_bug.cgi?id=1225704 * https://bugzilla.suse.com/show_bug.cgi?id=1225714 * https://bugzilla.suse.com/show_bug.cgi?id=1225726 * https://bugzilla.suse.com/show_bug.cgi?id=1225732 * https://bugzilla.suse.com/show_bug.cgi?id=1225737 * https://bugzilla.suse.com/show_bug.cgi?id=1225749 * https://bugzilla.suse.com/show_bug.cgi?id=1225758 * https://bugzilla.suse.com/show_bug.cgi?id=1225759 * https://bugzilla.suse.com/show_bug.cgi?id=1225760 * https://bugzilla.suse.com/show_bug.cgi?id=1225767 * https://bugzilla.suse.com/show_bug.cgi?id=1225770 * https://bugzilla.suse.com/show_bug.cgi?id=1225823 * https://bugzilla.suse.com/show_bug.cgi?id=1225834 * https://bugzilla.suse.com/show_bug.cgi?id=1225840 * https://bugzilla.suse.com/show_bug.cgi?id=1225866 * https://bugzilla.suse.com/show_bug.cgi?id=1225872 * https://bugzilla.suse.com/show_bug.cgi?id=1225894 * https://bugzilla.suse.com/show_bug.cgi?id=1225945 * https://bugzilla.suse.com/show_bug.cgi?id=1226022 * https://bugzilla.suse.com/show_bug.cgi?id=1226131 * https://bugzilla.suse.com/show_bug.cgi?id=1226145 * https://bugzilla.suse.com/show_bug.cgi?id=1226149 * https://bugzilla.suse.com/show_bug.cgi?id=1226155 * https://bugzilla.suse.com/show_bug.cgi?id=1226211 * https://bugzilla.suse.com/show_bug.cgi?id=1226212 * https://bugzilla.suse.com/show_bug.cgi?id=1226226 * https://bugzilla.suse.com/show_bug.cgi?id=1226514 * https://bugzilla.suse.com/show_bug.cgi?id=1226520 * https://bugzilla.suse.com/show_bug.cgi?id=1226537 * https://bugzilla.suse.com/show_bug.cgi?id=1226538 * https://bugzilla.suse.com/show_bug.cgi?id=1226539 * https://bugzilla.suse.com/show_bug.cgi?id=1226550 * https://bugzilla.suse.com/show_bug.cgi?id=1226552 * https://bugzilla.suse.com/show_bug.cgi?id=1226553 * https://bugzilla.suse.com/show_bug.cgi?id=1226554 * https://bugzilla.suse.com/show_bug.cgi?id=1226556 * https://bugzilla.suse.com/show_bug.cgi?id=1226557 * https://bugzilla.suse.com/show_bug.cgi?id=1226558 * https://bugzilla.suse.com/show_bug.cgi?id=1226559 * https://bugzilla.suse.com/show_bug.cgi?id=1226561 * https://bugzilla.suse.com/show_bug.cgi?id=1226562 * https://bugzilla.suse.com/show_bug.cgi?id=1226563 * https://bugzilla.suse.com/show_bug.cgi?id=1226564 * https://bugzilla.suse.com/show_bug.cgi?id=1226566 * https://bugzilla.suse.com/show_bug.cgi?id=1226567 * https://bugzilla.suse.com/show_bug.cgi?id=1226569 * https://bugzilla.suse.com/show_bug.cgi?id=1226572 * https://bugzilla.suse.com/show_bug.cgi?id=1226575 * https://bugzilla.suse.com/show_bug.cgi?id=1226576 * https://bugzilla.suse.com/show_bug.cgi?id=1226577 * https://bugzilla.suse.com/show_bug.cgi?id=1226579 * https://bugzilla.suse.com/show_bug.cgi?id=1226580 * https://bugzilla.suse.com/show_bug.cgi?id=1226581 * https://bugzilla.suse.com/show_bug.cgi?id=1226582 * https://bugzilla.suse.com/show_bug.cgi?id=1226583 * https://bugzilla.suse.com/show_bug.cgi?id=1226585 * https://bugzilla.suse.com/show_bug.cgi?id=1226587 * https://bugzilla.suse.com/show_bug.cgi?id=1226588 * https://bugzilla.suse.com/show_bug.cgi?id=1226593 * https://bugzilla.suse.com/show_bug.cgi?id=1226595 * https://bugzilla.suse.com/show_bug.cgi?id=1226597 * https://bugzilla.suse.com/show_bug.cgi?id=1226601 * https://bugzilla.suse.com/show_bug.cgi?id=1226602 * https://bugzilla.suse.com/show_bug.cgi?id=1226603 * https://bugzilla.suse.com/show_bug.cgi?id=1226607 * https://bugzilla.suse.com/show_bug.cgi?id=1226610 * https://bugzilla.suse.com/show_bug.cgi?id=1226614 * https://bugzilla.suse.com/show_bug.cgi?id=1226616 * https://bugzilla.suse.com/show_bug.cgi?id=1226617 * https://bugzilla.suse.com/show_bug.cgi?id=1226618 * https://bugzilla.suse.com/show_bug.cgi?id=1226619 * https://bugzilla.suse.com/show_bug.cgi?id=1226621 * https://bugzilla.suse.com/show_bug.cgi?id=1226622 * https://bugzilla.suse.com/show_bug.cgi?id=1226624 * https://bugzilla.suse.com/show_bug.cgi?id=1226626 * https://bugzilla.suse.com/show_bug.cgi?id=1226628 * https://bugzilla.suse.com/show_bug.cgi?id=1226629 * https://bugzilla.suse.com/show_bug.cgi?id=1226632 * https://bugzilla.suse.com/show_bug.cgi?id=1226633 * https://bugzilla.suse.com/show_bug.cgi?id=1226634 * https://bugzilla.suse.com/show_bug.cgi?id=1226637 * https://bugzilla.suse.com/show_bug.cgi?id=1226643 * https://bugzilla.suse.com/show_bug.cgi?id=1226644 * https://bugzilla.suse.com/show_bug.cgi?id=1226645 * https://bugzilla.suse.com/show_bug.cgi?id=1226647 * https://bugzilla.suse.com/show_bug.cgi?id=1226650 * https://bugzilla.suse.com/show_bug.cgi?id=1226653 * https://bugzilla.suse.com/show_bug.cgi?id=1226657 * https://bugzilla.suse.com/show_bug.cgi?id=1226658 * https://bugzilla.suse.com/show_bug.cgi?id=1226669 * https://bugzilla.suse.com/show_bug.cgi?id=1226670 * https://bugzilla.suse.com/show_bug.cgi?id=1226672 * https://bugzilla.suse.com/show_bug.cgi?id=1226673 * https://bugzilla.suse.com/show_bug.cgi?id=1226674 * https://bugzilla.suse.com/show_bug.cgi?id=1226675 * https://bugzilla.suse.com/show_bug.cgi?id=1226678 * https://bugzilla.suse.com/show_bug.cgi?id=1226679 * https://bugzilla.suse.com/show_bug.cgi?id=1226683 * https://bugzilla.suse.com/show_bug.cgi?id=1226685 * https://bugzilla.suse.com/show_bug.cgi?id=1226686 * https://bugzilla.suse.com/show_bug.cgi?id=1226690 * https://bugzilla.suse.com/show_bug.cgi?id=1226691 * https://bugzilla.suse.com/show_bug.cgi?id=1226692 * https://bugzilla.suse.com/show_bug.cgi?id=1226693 * https://bugzilla.suse.com/show_bug.cgi?id=1226696 * https://bugzilla.suse.com/show_bug.cgi?id=1226697 * https://bugzilla.suse.com/show_bug.cgi?id=1226698 * https://bugzilla.suse.com/show_bug.cgi?id=1226699 * https://bugzilla.suse.com/show_bug.cgi?id=1226701 * https://bugzilla.suse.com/show_bug.cgi?id=1226702 * https://bugzilla.suse.com/show_bug.cgi?id=1226703 * https://bugzilla.suse.com/show_bug.cgi?id=1226704 * https://bugzilla.suse.com/show_bug.cgi?id=1226705 * https://bugzilla.suse.com/show_bug.cgi?id=1226706 * https://bugzilla.suse.com/show_bug.cgi?id=1226708 * https://bugzilla.suse.com/show_bug.cgi?id=1226709 * https://bugzilla.suse.com/show_bug.cgi?id=1226710 * https://bugzilla.suse.com/show_bug.cgi?id=1226711 * https://bugzilla.suse.com/show_bug.cgi?id=1226712 * https://bugzilla.suse.com/show_bug.cgi?id=1226713 * https://bugzilla.suse.com/show_bug.cgi?id=1226715 * https://bugzilla.suse.com/show_bug.cgi?id=1226716 * https://bugzilla.suse.com/show_bug.cgi?id=1226718 * https://bugzilla.suse.com/show_bug.cgi?id=1226719 * https://bugzilla.suse.com/show_bug.cgi?id=1226720 * https://bugzilla.suse.com/show_bug.cgi?id=1226721 * https://bugzilla.suse.com/show_bug.cgi?id=1226730 * https://bugzilla.suse.com/show_bug.cgi?id=1226732 * https://bugzilla.suse.com/show_bug.cgi?id=1226734 * https://bugzilla.suse.com/show_bug.cgi?id=1226735 * https://bugzilla.suse.com/show_bug.cgi?id=1226737 * https://bugzilla.suse.com/show_bug.cgi?id=1226738 * https://bugzilla.suse.com/show_bug.cgi?id=1226739 * https://bugzilla.suse.com/show_bug.cgi?id=1226740 * https://bugzilla.suse.com/show_bug.cgi?id=1226744 * https://bugzilla.suse.com/show_bug.cgi?id=1226746 * https://bugzilla.suse.com/show_bug.cgi?id=1226747 * https://bugzilla.suse.com/show_bug.cgi?id=1226749 * https://bugzilla.suse.com/show_bug.cgi?id=1226754 * https://bugzilla.suse.com/show_bug.cgi?id=1226762 * https://bugzilla.suse.com/show_bug.cgi?id=1226764 * https://bugzilla.suse.com/show_bug.cgi?id=1226767 * https://bugzilla.suse.com/show_bug.cgi?id=1226768 * https://bugzilla.suse.com/show_bug.cgi?id=1226769 * https://bugzilla.suse.com/show_bug.cgi?id=1226771 * https://bugzilla.suse.com/show_bug.cgi?id=1226774 * https://bugzilla.suse.com/show_bug.cgi?id=1226777 * https://bugzilla.suse.com/show_bug.cgi?id=1226780 * https://bugzilla.suse.com/show_bug.cgi?id=1226781 * https://bugzilla.suse.com/show_bug.cgi?id=1226785 * https://bugzilla.suse.com/show_bug.cgi?id=1226786 * https://bugzilla.suse.com/show_bug.cgi?id=1226789 * https://bugzilla.suse.com/show_bug.cgi?id=1226791 * https://bugzilla.suse.com/show_bug.cgi?id=1226839 * https://bugzilla.suse.com/show_bug.cgi?id=1226840 * https://bugzilla.suse.com/show_bug.cgi?id=1226841 * https://bugzilla.suse.com/show_bug.cgi?id=1226842 * https://bugzilla.suse.com/show_bug.cgi?id=1226848 * https://bugzilla.suse.com/show_bug.cgi?id=1226852 * https://bugzilla.suse.com/show_bug.cgi?id=1226857 * https://bugzilla.suse.com/show_bug.cgi?id=1226861 * https://bugzilla.suse.com/show_bug.cgi?id=1226863 * https://bugzilla.suse.com/show_bug.cgi?id=1226864 * https://bugzilla.suse.com/show_bug.cgi?id=1226867 * https://bugzilla.suse.com/show_bug.cgi?id=1226868 * https://bugzilla.suse.com/show_bug.cgi?id=1226876 * https://bugzilla.suse.com/show_bug.cgi?id=1226878 * https://bugzilla.suse.com/show_bug.cgi?id=1226883 * https://bugzilla.suse.com/show_bug.cgi?id=1226886 * https://bugzilla.suse.com/show_bug.cgi?id=1226890 * https://bugzilla.suse.com/show_bug.cgi?id=1226891 * https://bugzilla.suse.com/show_bug.cgi?id=1226895 * https://bugzilla.suse.com/show_bug.cgi?id=1226908 * https://bugzilla.suse.com/show_bug.cgi?id=1226915 * https://bugzilla.suse.com/show_bug.cgi?id=1226928 * https://bugzilla.suse.com/show_bug.cgi?id=1226948 * https://bugzilla.suse.com/show_bug.cgi?id=1226949 * https://bugzilla.suse.com/show_bug.cgi?id=1226950 * https://bugzilla.suse.com/show_bug.cgi?id=1226953 * https://bugzilla.suse.com/show_bug.cgi?id=1226962 * https://bugzilla.suse.com/show_bug.cgi?id=1226976 * https://bugzilla.suse.com/show_bug.cgi?id=1226992 * https://bugzilla.suse.com/show_bug.cgi?id=1226994 * https://bugzilla.suse.com/show_bug.cgi?id=1226996 * https://bugzilla.suse.com/show_bug.cgi?id=1227066 * https://bugzilla.suse.com/show_bug.cgi?id=1227096 * https://bugzilla.suse.com/show_bug.cgi?id=1227101 * https://bugzilla.suse.com/show_bug.cgi?id=1227103 * https://bugzilla.suse.com/show_bug.cgi?id=1227274 * https://jira.suse.com/browse/PED-8491 * https://jira.suse.com/browse/PED-8570 * https://jira.suse.com/browse/PED-8690

1 0

SUSE-SU-2024:2362-1: important: Security update for the Linux Kernel
by OPENSUSE-SECURITY-UPDATES 09 Jul '24

09 Jul '24

# Security update for the Linux Kernel Announcement ID: SUSE-SU-2024:2362-1 Rating: important References: * bsc#1156395 * bsc#1171988 * bsc#1176447 * bsc#1176774 * bsc#1181147 * bsc#1191958 * bsc#1195065 * bsc#1195254 * bsc#1195798 * bsc#1202623 * bsc#1218148 * bsc#1219224 * bsc#1219633 * bsc#1222015 * bsc#1223011 * bsc#1223384 * bsc#1224671 * bsc#1224703 * bsc#1224749 * bsc#1224764 * bsc#1224765 * bsc#1224766 * bsc#1224865 * bsc#1225010 * bsc#1225047 * bsc#1225109 * bsc#1225161 * bsc#1225184 * bsc#1225203 * bsc#1225487 * bsc#1225518 * bsc#1225611 * bsc#1225732 * bsc#1225749 * bsc#1225840 * bsc#1225866 * bsc#1226226 * bsc#1226537 * bsc#1226552 * bsc#1226554 * bsc#1226557 * bsc#1226558 * bsc#1226562 * bsc#1226563 * bsc#1226575 * bsc#1226583 * bsc#1226585 * bsc#1226587 * bsc#1226595 * bsc#1226614 * bsc#1226619 * bsc#1226621 * bsc#1226624 * bsc#1226643 * bsc#1226644 * bsc#1226645 * bsc#1226647 * bsc#1226650 * bsc#1226669 * bsc#1226670 * bsc#1226672 * bsc#1226674 * bsc#1226679 * bsc#1226686 * bsc#1226691 * bsc#1226692 * bsc#1226698 * bsc#1226703 * bsc#1226708 * bsc#1226709 * bsc#1226711 * bsc#1226712 * bsc#1226713 * bsc#1226715 * bsc#1226716 * bsc#1226720 * bsc#1226721 * bsc#1226732 * bsc#1226758 * bsc#1226762 * bsc#1226786 * bsc#1226962 Cross-References: * CVE-2021-3896 * CVE-2021-43389 * CVE-2021-4439 * CVE-2021-47247 * CVE-2021-47311 * CVE-2021-47328 * CVE-2021-47368 * CVE-2021-47372 * CVE-2021-47379 * CVE-2021-47571 * CVE-2021-47576 * CVE-2021-47583 * CVE-2021-47589 * CVE-2021-47595 * CVE-2021-47596 * CVE-2021-47600 * CVE-2021-47602 * CVE-2021-47609 * CVE-2021-47611 * CVE-2021-47612 * CVE-2021-47617 * CVE-2021-47618 * CVE-2021-47619 * CVE-2021-47620 * CVE-2022-0435 * CVE-2022-22942 * CVE-2022-2938 * CVE-2022-48711 * CVE-2022-48715 * CVE-2022-48717 * CVE-2022-48722 * CVE-2022-48724 * CVE-2022-48726 * CVE-2022-48728 * CVE-2022-48730 * CVE-2022-48732 * CVE-2022-48736 * CVE-2022-48737 * CVE-2022-48738 * CVE-2022-48746 * CVE-2022-48747 * CVE-2022-48748 * CVE-2022-48749 * CVE-2022-48752 * CVE-2022-48754 * CVE-2022-48756 * CVE-2022-48758 * CVE-2022-48759 * CVE-2022-48760 * CVE-2022-48767 * CVE-2022-48768 * CVE-2022-48771 * CVE-2023-24023 * CVE-2023-52707 * CVE-2023-52752 * CVE-2023-52881 * CVE-2024-26822 * CVE-2024-26923 * CVE-2024-35789 * CVE-2024-35861 * CVE-2024-35862 * CVE-2024-35864 * CVE-2024-35878 * CVE-2024-35950 * CVE-2024-36894 * CVE-2024-36904 * CVE-2024-36940 * CVE-2024-36964 * CVE-2024-38541 * CVE-2024-38545 * CVE-2024-38559 * CVE-2024-38560 CVSS scores: * CVE-2021-3896 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-43389 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-43389 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-4439 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2021-47247 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47311 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47328 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47368 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2021-47372 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47379 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47571 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47571 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47576 ( SUSE ): 3.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:L * CVE-2021-47583 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47589 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47595 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47596 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47600 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47602 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47609 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47611 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47612 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47617 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47618 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47619 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47620 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2022-0435 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2022-0435 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-22942 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-22942 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-2938 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H * CVE-2022-2938 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48711 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48715 ( SUSE ): 3.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2022-48717 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2022-48722 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48724 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48726 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48728 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48730 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2022-48732 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48736 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N * CVE-2022-48737 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N * CVE-2022-48738 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48746 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48747 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2022-48748 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L * CVE-2022-48749 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48752 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48754 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48756 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48758 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48759 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48760 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48767 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48768 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48771 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2023-24023 ( SUSE ): 6.8 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2023-24023 ( NVD ): 6.8 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2023-52707 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52752 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52752 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52881 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:L * CVE-2024-26822 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35789 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35861 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35862 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35864 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35878 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35950 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36894 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36904 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36940 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-36964 ( SUSE ): 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-38541 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-38545 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38559 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-38560 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Availability Extension 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Live Patching 15-SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 Business Critical Linux 15-SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Manager Proxy 4.2 * SUSE Manager Retail Branch Server 4.2 * SUSE Manager Server 4.2 An update that solves 72 vulnerabilities and has 10 security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2021-47247: net/mlx5e: Fix use-after-free of encap entry in neigh update handler (bsc#1224865). * CVE-2021-47311: net: qcom/emac: fix UAF in emac_remove (bsc#1225010). * CVE-2021-47368: enetc: Fix illegal access when reading affinity_hint (bsc#1225161). * CVE-2021-47372: net: macb: fix use after free on rmmod (bsc#1225184). * CVE-2021-47379: blk-cgroup: fix UAF by grabbing blkcg lock before destroying blkg pd (bsc#1225203). * CVE-2021-47571: staging: rtl8192e: Fix use after free in _rtl92e_pci_disconnect() (bsc#1225518). * CVE-2022-48760: USB: core: Fix hang in usb_kill_urb by adding memory barriers (bsc#1226712). * CVE-2023-52707: sched/psi: Fix use-after-free in ep_remove_wait_queue() (bsc#1225109). polled (bsc#1202623). * CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225487). * CVE-2023-52881: tcp: do not accept ACK of bytes we never sent (bsc#1225611). * CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223384). * CVE-2024-35789: Check fast rx for non-4addr sta VLAN changes (bsc#1224749). * CVE-2024-35861: Fixed potential UAF in cifs_signal_cifsd_for_reconnect() (bsc#1224766). * CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted() (bsc#1224764). * CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break() (bsc#1224765). * CVE-2024-35950: drm/client: Fully protect modes with dev->mode_config.mutex (bsc#1224703). * CVE-2024-36894: usb: gadget: f_fs: Fix race between aio_cancel() and AIO request complete (bsc#1225749). * CVE-2024-36904: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique() (bsc#1225732). * CVE-2024-36940: pinctrl: core: delete incorrect free in pinctrl_enable() (bsc#1225840). * CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000 (bsc#1225866). * CVE-2024-38545: RDMA/hns: Fix UAF for cq async event (bsc#1226595) * CVE-2024-38559: scsi: qedf: Ensure the copied buf is NUL terminated (bsc#1226758). * CVE-2024-38560: scsi: bfa: Ensure the copied buf is NUL terminated (bsc#1226786). The following non-security bugs were fixed: * NFS: avoid infinite loop in pnfs_update_layout (bsc#1219633 bsc#1226226). * ocfs2: adjust enabling place for la window (bsc#1219224). * ocfs2: fix sparse warnings (bsc#1219224). * ocfs2: improve write IO performance when fragmentation is high (bsc#1219224). * ocfs2: speed up chain-list searching (bsc#1219224). * psi: Fix uaf issue when psi trigger is destroyed while being * x86/tsc: Trust initial offset in architectural TSC-adjust MSRs (bsc#1222015 bsc#1226962). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-2362=1 * SUSE Linux Enterprise Live Patching 15-SP3 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2024-2362=1 * SUSE Linux Enterprise High Availability Extension 15 SP3 zypper in -t patch SUSE-SLE-Product-HA-15-SP3-2024-2362=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-2362=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-2362=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-2362=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-2362=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-2362=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-2362=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-2362=1 ## Package List: * openSUSE Leap 15.3 (noarch nosrc) * kernel-docs-5.3.18-150300.59.167.1 * openSUSE Leap 15.3 (noarch) * kernel-docs-html-5.3.18-150300.59.167.1 * kernel-source-vanilla-5.3.18-150300.59.167.1 * kernel-source-5.3.18-150300.59.167.1 * kernel-devel-5.3.18-150300.59.167.1 * kernel-macros-5.3.18-150300.59.167.1 * openSUSE Leap 15.3 (nosrc ppc64le x86_64) * kernel-kvmsmall-5.3.18-150300.59.167.1 * kernel-debug-5.3.18-150300.59.167.1 * openSUSE Leap 15.3 (ppc64le x86_64) * kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.167.1 * kernel-debug-devel-debuginfo-5.3.18-150300.59.167.1 * kernel-debug-livepatch-devel-5.3.18-150300.59.167.1 * kernel-debug-debugsource-5.3.18-150300.59.167.1 * kernel-kvmsmall-devel-5.3.18-150300.59.167.1 * kernel-kvmsmall-devel-debuginfo-5.3.18-150300.59.167.1 * kernel-kvmsmall-debuginfo-5.3.18-150300.59.167.1 * kernel-debug-debuginfo-5.3.18-150300.59.167.1 * kernel-kvmsmall-debugsource-5.3.18-150300.59.167.1 * kernel-debug-devel-5.3.18-150300.59.167.1 * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64) * gfs2-kmp-default-5.3.18-150300.59.167.1 * kernel-default-livepatch-devel-5.3.18-150300.59.167.1 * kernel-syms-5.3.18-150300.59.167.1 * reiserfs-kmp-default-debuginfo-5.3.18-150300.59.167.1 * kernel-obs-qa-5.3.18-150300.59.167.1 * kselftests-kmp-default-5.3.18-150300.59.167.1 * kernel-default-devel-5.3.18-150300.59.167.1 * kernel-default-extra-debuginfo-5.3.18-150300.59.167.1 * kernel-obs-build-5.3.18-150300.59.167.1 * cluster-md-kmp-default-5.3.18-150300.59.167.1 * ocfs2-kmp-default-5.3.18-150300.59.167.1 * kselftests-kmp-default-debuginfo-5.3.18-150300.59.167.1 * kernel-default-debuginfo-5.3.18-150300.59.167.1 * gfs2-kmp-default-debuginfo-5.3.18-150300.59.167.1 * ocfs2-kmp-default-debuginfo-5.3.18-150300.59.167.1 * kernel-default-base-5.3.18-150300.59.167.1.150300.18.98.1 * kernel-default-extra-5.3.18-150300.59.167.1 * cluster-md-kmp-default-debuginfo-5.3.18-150300.59.167.1 * kernel-default-optional-debuginfo-5.3.18-150300.59.167.1 * kernel-default-devel-debuginfo-5.3.18-150300.59.167.1 * reiserfs-kmp-default-5.3.18-150300.59.167.1 * kernel-default-debugsource-5.3.18-150300.59.167.1 * dlm-kmp-default-5.3.18-150300.59.167.1 * kernel-default-optional-5.3.18-150300.59.167.1 * kernel-obs-build-debugsource-5.3.18-150300.59.167.1 * kernel-default-livepatch-5.3.18-150300.59.167.1 * dlm-kmp-default-debuginfo-5.3.18-150300.59.167.1 * kernel-default-base-rebuild-5.3.18-150300.59.167.1.150300.18.98.1 * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-5.3.18-150300.59.167.1 * openSUSE Leap 15.3 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP3_Update_46-debugsource-1-150300.7.3.1 * kernel-livepatch-5_3_18-150300_59_167-default-1-150300.7.3.1 * kernel-livepatch-5_3_18-150300_59_167-default-debuginfo-1-150300.7.3.1 * openSUSE Leap 15.3 (x86_64) * kernel-livepatch-5_3_18-150300_59_167-preempt-1-150300.7.3.1 * kernel-livepatch-5_3_18-150300_59_167-preempt-debuginfo-1-150300.7.3.1 * openSUSE Leap 15.3 (aarch64 x86_64) * cluster-md-kmp-preempt-5.3.18-150300.59.167.1 * kernel-preempt-extra-5.3.18-150300.59.167.1 * reiserfs-kmp-preempt-5.3.18-150300.59.167.1 * reiserfs-kmp-preempt-debuginfo-5.3.18-150300.59.167.1 * dlm-kmp-preempt-5.3.18-150300.59.167.1 * cluster-md-kmp-preempt-debuginfo-5.3.18-150300.59.167.1 * kernel-preempt-extra-debuginfo-5.3.18-150300.59.167.1 * kernel-preempt-optional-debuginfo-5.3.18-150300.59.167.1 * ocfs2-kmp-preempt-5.3.18-150300.59.167.1 * dlm-kmp-preempt-debuginfo-5.3.18-150300.59.167.1 * gfs2-kmp-preempt-5.3.18-150300.59.167.1 * kernel-preempt-debuginfo-5.3.18-150300.59.167.1 * kselftests-kmp-preempt-debuginfo-5.3.18-150300.59.167.1 * ocfs2-kmp-preempt-debuginfo-5.3.18-150300.59.167.1 * kernel-preempt-devel-5.3.18-150300.59.167.1 * kernel-preempt-devel-debuginfo-5.3.18-150300.59.167.1 * kernel-preempt-livepatch-devel-5.3.18-150300.59.167.1 * gfs2-kmp-preempt-debuginfo-5.3.18-150300.59.167.1 * kernel-preempt-optional-5.3.18-150300.59.167.1 * kselftests-kmp-preempt-5.3.18-150300.59.167.1 * kernel-preempt-debugsource-5.3.18-150300.59.167.1 * openSUSE Leap 15.3 (aarch64 nosrc x86_64) * kernel-preempt-5.3.18-150300.59.167.1 * openSUSE Leap 15.3 (nosrc s390x) * kernel-zfcpdump-5.3.18-150300.59.167.1 * openSUSE Leap 15.3 (s390x) * kernel-zfcpdump-debuginfo-5.3.18-150300.59.167.1 * kernel-zfcpdump-debugsource-5.3.18-150300.59.167.1 * openSUSE Leap 15.3 (nosrc) * dtb-aarch64-5.3.18-150300.59.167.1 * openSUSE Leap 15.3 (aarch64) * cluster-md-kmp-64kb-debuginfo-5.3.18-150300.59.167.1 * dtb-socionext-5.3.18-150300.59.167.1 * dtb-marvell-5.3.18-150300.59.167.1 * dtb-nvidia-5.3.18-150300.59.167.1 * reiserfs-kmp-64kb-5.3.18-150300.59.167.1 * dlm-kmp-64kb-debuginfo-5.3.18-150300.59.167.1 * dtb-hisilicon-5.3.18-150300.59.167.1 * dlm-kmp-64kb-5.3.18-150300.59.167.1 * kernel-64kb-livepatch-devel-5.3.18-150300.59.167.1 * dtb-altera-5.3.18-150300.59.167.1 * gfs2-kmp-64kb-debuginfo-5.3.18-150300.59.167.1 * dtb-cavium-5.3.18-150300.59.167.1 * kernel-64kb-debugsource-5.3.18-150300.59.167.1 * kselftests-kmp-64kb-debuginfo-5.3.18-150300.59.167.1 * dtb-xilinx-5.3.18-150300.59.167.1 * dtb-exynos-5.3.18-150300.59.167.1 * kernel-64kb-optional-5.3.18-150300.59.167.1 * dtb-apm-5.3.18-150300.59.167.1 * dtb-amlogic-5.3.18-150300.59.167.1 * gfs2-kmp-64kb-5.3.18-150300.59.167.1 * dtb-qcom-5.3.18-150300.59.167.1 * dtb-freescale-5.3.18-150300.59.167.1 * kselftests-kmp-64kb-5.3.18-150300.59.167.1 * dtb-sprd-5.3.18-150300.59.167.1 * dtb-renesas-5.3.18-150300.59.167.1 * kernel-64kb-optional-debuginfo-5.3.18-150300.59.167.1 * dtb-mediatek-5.3.18-150300.59.167.1 * dtb-broadcom-5.3.18-150300.59.167.1 * dtb-rockchip-5.3.18-150300.59.167.1 * ocfs2-kmp-64kb-debuginfo-5.3.18-150300.59.167.1 * cluster-md-kmp-64kb-5.3.18-150300.59.167.1 * dtb-zte-5.3.18-150300.59.167.1 * kernel-64kb-devel-5.3.18-150300.59.167.1 * kernel-64kb-devel-debuginfo-5.3.18-150300.59.167.1 * kernel-64kb-extra-5.3.18-150300.59.167.1 * reiserfs-kmp-64kb-debuginfo-5.3.18-150300.59.167.1 * dtb-arm-5.3.18-150300.59.167.1 * dtb-al-5.3.18-150300.59.167.1 * dtb-lg-5.3.18-150300.59.167.1 * ocfs2-kmp-64kb-5.3.18-150300.59.167.1 * dtb-amd-5.3.18-150300.59.167.1 * dtb-allwinner-5.3.18-150300.59.167.1 * kernel-64kb-extra-debuginfo-5.3.18-150300.59.167.1 * kernel-64kb-debuginfo-5.3.18-150300.59.167.1 * openSUSE Leap 15.3 (aarch64 nosrc) * kernel-64kb-5.3.18-150300.59.167.1 * SUSE Linux Enterprise Live Patching 15-SP3 (nosrc) * kernel-default-5.3.18-150300.59.167.1 * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64) * kernel-default-livepatch-devel-5.3.18-150300.59.167.1 * kernel-default-debugsource-5.3.18-150300.59.167.1 * kernel-livepatch-5_3_18-150300_59_167-default-1-150300.7.3.1 * kernel-default-livepatch-5.3.18-150300.59.167.1 * kernel-default-debuginfo-5.3.18-150300.59.167.1 * SUSE Linux Enterprise High Availability Extension 15 SP3 (aarch64 ppc64le s390x x86_64) * gfs2-kmp-default-debuginfo-5.3.18-150300.59.167.1 * gfs2-kmp-default-5.3.18-150300.59.167.1 * kernel-default-debugsource-5.3.18-150300.59.167.1 * ocfs2-kmp-default-debuginfo-5.3.18-150300.59.167.1 * dlm-kmp-default-5.3.18-150300.59.167.1 * cluster-md-kmp-default-debuginfo-5.3.18-150300.59.167.1 * cluster-md-kmp-default-5.3.18-150300.59.167.1 * dlm-kmp-default-debuginfo-5.3.18-150300.59.167.1 * kernel-default-debuginfo-5.3.18-150300.59.167.1 * ocfs2-kmp-default-5.3.18-150300.59.167.1 * SUSE Linux Enterprise High Availability Extension 15 SP3 (nosrc) * kernel-default-5.3.18-150300.59.167.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 nosrc) * kernel-64kb-5.3.18-150300.59.167.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64) * kernel-64kb-devel-5.3.18-150300.59.167.1 * kernel-64kb-devel-debuginfo-5.3.18-150300.59.167.1 * kernel-64kb-debugsource-5.3.18-150300.59.167.1 * kernel-64kb-debuginfo-5.3.18-150300.59.167.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 nosrc x86_64) * kernel-preempt-5.3.18-150300.59.167.1 * kernel-default-5.3.18-150300.59.167.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * reiserfs-kmp-default-5.3.18-150300.59.167.1 * kernel-preempt-devel-5.3.18-150300.59.167.1 * kernel-default-debugsource-5.3.18-150300.59.167.1 * kernel-preempt-devel-debuginfo-5.3.18-150300.59.167.1 * kernel-default-base-5.3.18-150300.59.167.1.150300.18.98.1 * kernel-default-devel-5.3.18-150300.59.167.1 * kernel-preempt-debuginfo-5.3.18-150300.59.167.1 * kernel-syms-5.3.18-150300.59.167.1 * kernel-obs-build-5.3.18-150300.59.167.1 * kernel-obs-build-debugsource-5.3.18-150300.59.167.1 * kernel-preempt-debugsource-5.3.18-150300.59.167.1 * reiserfs-kmp-default-debuginfo-5.3.18-150300.59.167.1 * kernel-default-devel-debuginfo-5.3.18-150300.59.167.1 * kernel-default-debuginfo-5.3.18-150300.59.167.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * kernel-source-5.3.18-150300.59.167.1 * kernel-macros-5.3.18-150300.59.167.1 * kernel-devel-5.3.18-150300.59.167.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch nosrc) * kernel-docs-5.3.18-150300.59.167.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 nosrc) * kernel-64kb-5.3.18-150300.59.167.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64) * kernel-64kb-devel-5.3.18-150300.59.167.1 * kernel-64kb-devel-debuginfo-5.3.18-150300.59.167.1 * kernel-64kb-debugsource-5.3.18-150300.59.167.1 * kernel-64kb-debuginfo-5.3.18-150300.59.167.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-5.3.18-150300.59.167.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * reiserfs-kmp-default-5.3.18-150300.59.167.1 * kernel-default-debugsource-5.3.18-150300.59.167.1 * kernel-default-base-5.3.18-150300.59.167.1.150300.18.98.1 * kernel-default-devel-5.3.18-150300.59.167.1 * kernel-syms-5.3.18-150300.59.167.1 * kernel-obs-build-5.3.18-150300.59.167.1 * kernel-obs-build-debugsource-5.3.18-150300.59.167.1 * reiserfs-kmp-default-debuginfo-5.3.18-150300.59.167.1 * kernel-default-devel-debuginfo-5.3.18-150300.59.167.1 * kernel-default-debuginfo-5.3.18-150300.59.167.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch) * kernel-source-5.3.18-150300.59.167.1 * kernel-macros-5.3.18-150300.59.167.1 * kernel-devel-5.3.18-150300.59.167.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch nosrc) * kernel-docs-5.3.18-150300.59.167.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 nosrc x86_64) * kernel-preempt-5.3.18-150300.59.167.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 x86_64) * kernel-preempt-debuginfo-5.3.18-150300.59.167.1 * kernel-preempt-devel-5.3.18-150300.59.167.1 * kernel-preempt-debugsource-5.3.18-150300.59.167.1 * kernel-preempt-devel-debuginfo-5.3.18-150300.59.167.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (nosrc s390x) * kernel-zfcpdump-5.3.18-150300.59.167.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (s390x) * kernel-zfcpdump-debuginfo-5.3.18-150300.59.167.1 * kernel-zfcpdump-debugsource-5.3.18-150300.59.167.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (nosrc ppc64le x86_64) * kernel-default-5.3.18-150300.59.167.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * reiserfs-kmp-default-5.3.18-150300.59.167.1 * kernel-default-debugsource-5.3.18-150300.59.167.1 * kernel-default-base-5.3.18-150300.59.167.1.150300.18.98.1 * kernel-default-devel-5.3.18-150300.59.167.1 * kernel-syms-5.3.18-150300.59.167.1 * kernel-obs-build-5.3.18-150300.59.167.1 * kernel-obs-build-debugsource-5.3.18-150300.59.167.1 * reiserfs-kmp-default-debuginfo-5.3.18-150300.59.167.1 * kernel-default-devel-debuginfo-5.3.18-150300.59.167.1 * kernel-default-debuginfo-5.3.18-150300.59.167.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * kernel-source-5.3.18-150300.59.167.1 * kernel-macros-5.3.18-150300.59.167.1 * kernel-devel-5.3.18-150300.59.167.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch nosrc) * kernel-docs-5.3.18-150300.59.167.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (nosrc x86_64) * kernel-preempt-5.3.18-150300.59.167.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (x86_64) * kernel-preempt-debuginfo-5.3.18-150300.59.167.1 * kernel-preempt-devel-5.3.18-150300.59.167.1 * kernel-preempt-debugsource-5.3.18-150300.59.167.1 * kernel-preempt-devel-debuginfo-5.3.18-150300.59.167.1 * SUSE Enterprise Storage 7.1 (aarch64 nosrc) * kernel-64kb-5.3.18-150300.59.167.1 * SUSE Enterprise Storage 7.1 (aarch64) * kernel-64kb-devel-5.3.18-150300.59.167.1 * kernel-64kb-devel-debuginfo-5.3.18-150300.59.167.1 * kernel-64kb-debugsource-5.3.18-150300.59.167.1 * kernel-64kb-debuginfo-5.3.18-150300.59.167.1 * SUSE Enterprise Storage 7.1 (aarch64 nosrc x86_64) * kernel-preempt-5.3.18-150300.59.167.1 * kernel-default-5.3.18-150300.59.167.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * reiserfs-kmp-default-5.3.18-150300.59.167.1 * kernel-preempt-devel-5.3.18-150300.59.167.1 * kernel-default-debugsource-5.3.18-150300.59.167.1 * kernel-preempt-devel-debuginfo-5.3.18-150300.59.167.1 * kernel-default-base-5.3.18-150300.59.167.1.150300.18.98.1 * kernel-default-devel-5.3.18-150300.59.167.1 * kernel-preempt-debuginfo-5.3.18-150300.59.167.1 * kernel-syms-5.3.18-150300.59.167.1 * kernel-obs-build-5.3.18-150300.59.167.1 * kernel-obs-build-debugsource-5.3.18-150300.59.167.1 * kernel-preempt-debugsource-5.3.18-150300.59.167.1 * reiserfs-kmp-default-debuginfo-5.3.18-150300.59.167.1 * kernel-default-devel-debuginfo-5.3.18-150300.59.167.1 * kernel-default-debuginfo-5.3.18-150300.59.167.1 * SUSE Enterprise Storage 7.1 (noarch) * kernel-source-5.3.18-150300.59.167.1 * kernel-macros-5.3.18-150300.59.167.1 * kernel-devel-5.3.18-150300.59.167.1 * SUSE Enterprise Storage 7.1 (noarch nosrc) * kernel-docs-5.3.18-150300.59.167.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 nosrc s390x x86_64) * kernel-default-5.3.18-150300.59.167.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * kernel-default-debuginfo-5.3.18-150300.59.167.1 * kernel-default-debugsource-5.3.18-150300.59.167.1 * kernel-default-base-5.3.18-150300.59.167.1.150300.18.98.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 nosrc s390x x86_64) * kernel-default-5.3.18-150300.59.167.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 x86_64) * kernel-default-base-5.3.18-150300.59.167.1.150300.18.98.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * kernel-default-debuginfo-5.3.18-150300.59.167.1 * kernel-default-debugsource-5.3.18-150300.59.167.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 nosrc s390x x86_64) * kernel-default-5.3.18-150300.59.167.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 x86_64) * kernel-default-base-5.3.18-150300.59.167.1.150300.18.98.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * kernel-default-debuginfo-5.3.18-150300.59.167.1 * kernel-default-debugsource-5.3.18-150300.59.167.1 ## References: * https://www.suse.com/security/cve/CVE-2021-3896.html * https://www.suse.com/security/cve/CVE-2021-43389.html * https://www.suse.com/security/cve/CVE-2021-4439.html * https://www.suse.com/security/cve/CVE-2021-47247.html * https://www.suse.com/security/cve/CVE-2021-47311.html * https://www.suse.com/security/cve/CVE-2021-47328.html * https://www.suse.com/security/cve/CVE-2021-47368.html * https://www.suse.com/security/cve/CVE-2021-47372.html * https://www.suse.com/security/cve/CVE-2021-47379.html * https://www.suse.com/security/cve/CVE-2021-47571.html * https://www.suse.com/security/cve/CVE-2021-47576.html * https://www.suse.com/security/cve/CVE-2021-47583.html * https://www.suse.com/security/cve/CVE-2021-47589.html * https://www.suse.com/security/cve/CVE-2021-47595.html * https://www.suse.com/security/cve/CVE-2021-47596.html * https://www.suse.com/security/cve/CVE-2021-47600.html * https://www.suse.com/security/cve/CVE-2021-47602.html * https://www.suse.com/security/cve/CVE-2021-47609.html * https://www.suse.com/security/cve/CVE-2021-47611.html * https://www.suse.com/security/cve/CVE-2021-47612.html * https://www.suse.com/security/cve/CVE-2021-47617.html * https://www.suse.com/security/cve/CVE-2021-47618.html * https://www.suse.com/security/cve/CVE-2021-47619.html * https://www.suse.com/security/cve/CVE-2021-47620.html * https://www.suse.com/security/cve/CVE-2022-0435.html * https://www.suse.com/security/cve/CVE-2022-22942.html * https://www.suse.com/security/cve/CVE-2022-2938.html * https://www.suse.com/security/cve/CVE-2022-48711.html * https://www.suse.com/security/cve/CVE-2022-48715.html * https://www.suse.com/security/cve/CVE-2022-48717.html * https://www.suse.com/security/cve/CVE-2022-48722.html * https://www.suse.com/security/cve/CVE-2022-48724.html * https://www.suse.com/security/cve/CVE-2022-48726.html * https://www.suse.com/security/cve/CVE-2022-48728.html * https://www.suse.com/security/cve/CVE-2022-48730.html * https://www.suse.com/security/cve/CVE-2022-48732.html * https://www.suse.com/security/cve/CVE-2022-48736.html * https://www.suse.com/security/cve/CVE-2022-48737.html * https://www.suse.com/security/cve/CVE-2022-48738.html * https://www.suse.com/security/cve/CVE-2022-48746.html * https://www.suse.com/security/cve/CVE-2022-48747.html * https://www.suse.com/security/cve/CVE-2022-48748.html * https://www.suse.com/security/cve/CVE-2022-48749.html * https://www.suse.com/security/cve/CVE-2022-48752.html * https://www.suse.com/security/cve/CVE-2022-48754.html * https://www.suse.com/security/cve/CVE-2022-48756.html * https://www.suse.com/security/cve/CVE-2022-48758.html * https://www.suse.com/security/cve/CVE-2022-48759.html * https://www.suse.com/security/cve/CVE-2022-48760.html * https://www.suse.com/security/cve/CVE-2022-48767.html * https://www.suse.com/security/cve/CVE-2022-48768.html * https://www.suse.com/security/cve/CVE-2022-48771.html * https://www.suse.com/security/cve/CVE-2023-24023.html * https://www.suse.com/security/cve/CVE-2023-52707.html * https://www.suse.com/security/cve/CVE-2023-52752.html * https://www.suse.com/security/cve/CVE-2023-52881.html * https://www.suse.com/security/cve/CVE-2024-26822.html * https://www.suse.com/security/cve/CVE-2024-26923.html * https://www.suse.com/security/cve/CVE-2024-35789.html * https://www.suse.com/security/cve/CVE-2024-35861.html * https://www.suse.com/security/cve/CVE-2024-35862.html * https://www.suse.com/security/cve/CVE-2024-35864.html * https://www.suse.com/security/cve/CVE-2024-35878.html * https://www.suse.com/security/cve/CVE-2024-35950.html * https://www.suse.com/security/cve/CVE-2024-36894.html * https://www.suse.com/security/cve/CVE-2024-36904.html * https://www.suse.com/security/cve/CVE-2024-36940.html * https://www.suse.com/security/cve/CVE-2024-36964.html * https://www.suse.com/security/cve/CVE-2024-38541.html * https://www.suse.com/security/cve/CVE-2024-38545.html * https://www.suse.com/security/cve/CVE-2024-38559.html * https://www.suse.com/security/cve/CVE-2024-38560.html * https://bugzilla.suse.com/show_bug.cgi?id=1156395 * https://bugzilla.suse.com/show_bug.cgi?id=1171988 * https://bugzilla.suse.com/show_bug.cgi?id=1176447 * https://bugzilla.suse.com/show_bug.cgi?id=1176774 * https://bugzilla.suse.com/show_bug.cgi?id=1181147 * https://bugzilla.suse.com/show_bug.cgi?id=1191958 * https://bugzilla.suse.com/show_bug.cgi?id=1195065 * https://bugzilla.suse.com/show_bug.cgi?id=1195254 * https://bugzilla.suse.com/show_bug.cgi?id=1195798 * https://bugzilla.suse.com/show_bug.cgi?id=1202623 * https://bugzilla.suse.com/show_bug.cgi?id=1218148 * https://bugzilla.suse.com/show_bug.cgi?id=1219224 * https://bugzilla.suse.com/show_bug.cgi?id=1219633 * https://bugzilla.suse.com/show_bug.cgi?id=1222015 * https://bugzilla.suse.com/show_bug.cgi?id=1223011 * https://bugzilla.suse.com/show_bug.cgi?id=1223384 * https://bugzilla.suse.com/show_bug.cgi?id=1224671 * https://bugzilla.suse.com/show_bug.cgi?id=1224703 * https://bugzilla.suse.com/show_bug.cgi?id=1224749 * https://bugzilla.suse.com/show_bug.cgi?id=1224764 * https://bugzilla.suse.com/show_bug.cgi?id=1224765 * https://bugzilla.suse.com/show_bug.cgi?id=1224766 * https://bugzilla.suse.com/show_bug.cgi?id=1224865 * https://bugzilla.suse.com/show_bug.cgi?id=1225010 * https://bugzilla.suse.com/show_bug.cgi?id=1225047 * https://bugzilla.suse.com/show_bug.cgi?id=1225109 * https://bugzilla.suse.com/show_bug.cgi?id=1225161 * https://bugzilla.suse.com/show_bug.cgi?id=1225184 * https://bugzilla.suse.com/show_bug.cgi?id=1225203 * https://bugzilla.suse.com/show_bug.cgi?id=1225487 * https://bugzilla.suse.com/show_bug.cgi?id=1225518 * https://bugzilla.suse.com/show_bug.cgi?id=1225611 * https://bugzilla.suse.com/show_bug.cgi?id=1225732 * https://bugzilla.suse.com/show_bug.cgi?id=1225749 * https://bugzilla.suse.com/show_bug.cgi?id=1225840 * https://bugzilla.suse.com/show_bug.cgi?id=1225866 * https://bugzilla.suse.com/show_bug.cgi?id=1226226 * https://bugzilla.suse.com/show_bug.cgi?id=1226537 * https://bugzilla.suse.com/show_bug.cgi?id=1226552 * https://bugzilla.suse.com/show_bug.cgi?id=1226554 * https://bugzilla.suse.com/show_bug.cgi?id=1226557 * https://bugzilla.suse.com/show_bug.cgi?id=1226558 * https://bugzilla.suse.com/show_bug.cgi?id=1226562 * https://bugzilla.suse.com/show_bug.cgi?id=1226563 * https://bugzilla.suse.com/show_bug.cgi?id=1226575 * https://bugzilla.suse.com/show_bug.cgi?id=1226583 * https://bugzilla.suse.com/show_bug.cgi?id=1226585 * https://bugzilla.suse.com/show_bug.cgi?id=1226587 * https://bugzilla.suse.com/show_bug.cgi?id=1226595 * https://bugzilla.suse.com/show_bug.cgi?id=1226614 * https://bugzilla.suse.com/show_bug.cgi?id=1226619 * https://bugzilla.suse.com/show_bug.cgi?id=1226621 * https://bugzilla.suse.com/show_bug.cgi?id=1226624 * https://bugzilla.suse.com/show_bug.cgi?id=1226643 * https://bugzilla.suse.com/show_bug.cgi?id=1226644 * https://bugzilla.suse.com/show_bug.cgi?id=1226645 * https://bugzilla.suse.com/show_bug.cgi?id=1226647 * https://bugzilla.suse.com/show_bug.cgi?id=1226650 * https://bugzilla.suse.com/show_bug.cgi?id=1226669 * https://bugzilla.suse.com/show_bug.cgi?id=1226670 * https://bugzilla.suse.com/show_bug.cgi?id=1226672 * https://bugzilla.suse.com/show_bug.cgi?id=1226674 * https://bugzilla.suse.com/show_bug.cgi?id=1226679 * https://bugzilla.suse.com/show_bug.cgi?id=1226686 * https://bugzilla.suse.com/show_bug.cgi?id=1226691 * https://bugzilla.suse.com/show_bug.cgi?id=1226692 * https://bugzilla.suse.com/show_bug.cgi?id=1226698 * https://bugzilla.suse.com/show_bug.cgi?id=1226703 * https://bugzilla.suse.com/show_bug.cgi?id=1226708 * https://bugzilla.suse.com/show_bug.cgi?id=1226709 * https://bugzilla.suse.com/show_bug.cgi?id=1226711 * https://bugzilla.suse.com/show_bug.cgi?id=1226712 * https://bugzilla.suse.com/show_bug.cgi?id=1226713 * https://bugzilla.suse.com/show_bug.cgi?id=1226715 * https://bugzilla.suse.com/show_bug.cgi?id=1226716 * https://bugzilla.suse.com/show_bug.cgi?id=1226720 * https://bugzilla.suse.com/show_bug.cgi?id=1226721 * https://bugzilla.suse.com/show_bug.cgi?id=1226732 * https://bugzilla.suse.com/show_bug.cgi?id=1226758 * https://bugzilla.suse.com/show_bug.cgi?id=1226762 * https://bugzilla.suse.com/show_bug.cgi?id=1226786 * https://bugzilla.suse.com/show_bug.cgi?id=1226962

1 0

SUSE-SU-2024:2322-1: important: Security update for krb5
by OPENSUSE-SECURITY-UPDATES 08 Jul '24

08 Jul '24

# Security update for krb5 Announcement ID: SUSE-SU-2024:2322-1 Rating: important References: * bsc#1227186 * bsc#1227187 Cross-References: * CVE-2024-37370 * CVE-2024-37371 CVSS scores: * CVE-2024-37370 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H * CVE-2024-37371 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves two vulnerabilities can now be installed. ## Description: This update for krb5 fixes the following issues: * CVE-2024-37370: Fixed confidential GSS krb5 wrap tokens with invalid fields were errouneously accepted (bsc#1227186). * CVE-2024-37371: Fixed invalid memory read when processing message tokens with invalid length fields (bsc#1227187). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-2322=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-2322=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-2322=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-2322=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-2322=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-2322=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-2322=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-2322=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-2322=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-2322=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-2322=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-2322=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-2322=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * krb5-plugin-preauth-pkinit-debuginfo-1.19.2-150400.3.12.1 * krb5-plugin-preauth-spake-debuginfo-1.19.2-150400.3.12.1 * krb5-client-1.19.2-150400.3.12.1 * krb5-mini-1.19.2-150400.3.12.1 * krb5-mini-debugsource-1.19.2-150400.3.12.1 * krb5-plugin-preauth-otp-debuginfo-1.19.2-150400.3.12.1 * krb5-mini-debuginfo-1.19.2-150400.3.12.1 * krb5-plugin-kdb-ldap-1.19.2-150400.3.12.1 * krb5-1.19.2-150400.3.12.1 * krb5-client-debuginfo-1.19.2-150400.3.12.1 * krb5-debugsource-1.19.2-150400.3.12.1 * krb5-devel-1.19.2-150400.3.12.1 * krb5-debuginfo-1.19.2-150400.3.12.1 * krb5-plugin-preauth-spake-1.19.2-150400.3.12.1 * krb5-mini-devel-1.19.2-150400.3.12.1 * krb5-server-1.19.2-150400.3.12.1 * krb5-server-debuginfo-1.19.2-150400.3.12.1 * krb5-plugin-preauth-pkinit-1.19.2-150400.3.12.1 * krb5-plugin-preauth-otp-1.19.2-150400.3.12.1 * krb5-plugin-kdb-ldap-debuginfo-1.19.2-150400.3.12.1 * openSUSE Leap 15.4 (x86_64) * krb5-32bit-1.19.2-150400.3.12.1 * krb5-32bit-debuginfo-1.19.2-150400.3.12.1 * krb5-devel-32bit-1.19.2-150400.3.12.1 * openSUSE Leap 15.4 (aarch64_ilp32) * krb5-devel-64bit-1.19.2-150400.3.12.1 * krb5-64bit-debuginfo-1.19.2-150400.3.12.1 * krb5-64bit-1.19.2-150400.3.12.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * krb5-debugsource-1.19.2-150400.3.12.1 * krb5-debuginfo-1.19.2-150400.3.12.1 * krb5-1.19.2-150400.3.12.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * krb5-debugsource-1.19.2-150400.3.12.1 * krb5-debuginfo-1.19.2-150400.3.12.1 * krb5-1.19.2-150400.3.12.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * krb5-debugsource-1.19.2-150400.3.12.1 * krb5-debuginfo-1.19.2-150400.3.12.1 * krb5-1.19.2-150400.3.12.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * krb5-debugsource-1.19.2-150400.3.12.1 * krb5-debuginfo-1.19.2-150400.3.12.1 * krb5-1.19.2-150400.3.12.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * krb5-plugin-preauth-pkinit-debuginfo-1.19.2-150400.3.12.1 * krb5-plugin-preauth-otp-debuginfo-1.19.2-150400.3.12.1 * krb5-plugin-kdb-ldap-1.19.2-150400.3.12.1 * krb5-1.19.2-150400.3.12.1 * krb5-client-debuginfo-1.19.2-150400.3.12.1 * krb5-debugsource-1.19.2-150400.3.12.1 * krb5-devel-1.19.2-150400.3.12.1 * krb5-debuginfo-1.19.2-150400.3.12.1 * krb5-client-1.19.2-150400.3.12.1 * krb5-server-1.19.2-150400.3.12.1 * krb5-server-debuginfo-1.19.2-150400.3.12.1 * krb5-plugin-preauth-pkinit-1.19.2-150400.3.12.1 * krb5-plugin-preauth-otp-1.19.2-150400.3.12.1 * krb5-plugin-kdb-ldap-debuginfo-1.19.2-150400.3.12.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64) * krb5-32bit-1.19.2-150400.3.12.1 * krb5-32bit-debuginfo-1.19.2-150400.3.12.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * krb5-plugin-preauth-pkinit-debuginfo-1.19.2-150400.3.12.1 * krb5-plugin-preauth-otp-debuginfo-1.19.2-150400.3.12.1 * krb5-plugin-kdb-ldap-1.19.2-150400.3.12.1 * krb5-1.19.2-150400.3.12.1 * krb5-client-debuginfo-1.19.2-150400.3.12.1 * krb5-debugsource-1.19.2-150400.3.12.1 * krb5-devel-1.19.2-150400.3.12.1 * krb5-debuginfo-1.19.2-150400.3.12.1 * krb5-client-1.19.2-150400.3.12.1 * krb5-server-1.19.2-150400.3.12.1 * krb5-server-debuginfo-1.19.2-150400.3.12.1 * krb5-plugin-preauth-pkinit-1.19.2-150400.3.12.1 * krb5-plugin-preauth-otp-1.19.2-150400.3.12.1 * krb5-plugin-kdb-ldap-debuginfo-1.19.2-150400.3.12.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64) * krb5-32bit-1.19.2-150400.3.12.1 * krb5-32bit-debuginfo-1.19.2-150400.3.12.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * krb5-plugin-preauth-pkinit-debuginfo-1.19.2-150400.3.12.1 * krb5-plugin-preauth-otp-debuginfo-1.19.2-150400.3.12.1 * krb5-1.19.2-150400.3.12.1 * krb5-plugin-preauth-pkinit-1.19.2-150400.3.12.1 * krb5-client-debuginfo-1.19.2-150400.3.12.1 * krb5-debugsource-1.19.2-150400.3.12.1 * krb5-devel-1.19.2-150400.3.12.1 * krb5-32bit-1.19.2-150400.3.12.1 * krb5-debuginfo-1.19.2-150400.3.12.1 * krb5-client-1.19.2-150400.3.12.1 * krb5-32bit-debuginfo-1.19.2-150400.3.12.1 * krb5-plugin-preauth-otp-1.19.2-150400.3.12.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * krb5-plugin-preauth-pkinit-debuginfo-1.19.2-150400.3.12.1 * krb5-plugin-preauth-otp-debuginfo-1.19.2-150400.3.12.1 * krb5-plugin-kdb-ldap-1.19.2-150400.3.12.1 * krb5-1.19.2-150400.3.12.1 * krb5-client-debuginfo-1.19.2-150400.3.12.1 * krb5-debugsource-1.19.2-150400.3.12.1 * krb5-devel-1.19.2-150400.3.12.1 * krb5-debuginfo-1.19.2-150400.3.12.1 * krb5-client-1.19.2-150400.3.12.1 * krb5-server-1.19.2-150400.3.12.1 * krb5-server-debuginfo-1.19.2-150400.3.12.1 * krb5-plugin-preauth-pkinit-1.19.2-150400.3.12.1 * krb5-plugin-preauth-otp-1.19.2-150400.3.12.1 * krb5-plugin-kdb-ldap-debuginfo-1.19.2-150400.3.12.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (x86_64) * krb5-32bit-1.19.2-150400.3.12.1 * krb5-32bit-debuginfo-1.19.2-150400.3.12.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * krb5-plugin-preauth-pkinit-debuginfo-1.19.2-150400.3.12.1 * krb5-plugin-preauth-otp-debuginfo-1.19.2-150400.3.12.1 * krb5-plugin-kdb-ldap-1.19.2-150400.3.12.1 * krb5-1.19.2-150400.3.12.1 * krb5-client-debuginfo-1.19.2-150400.3.12.1 * krb5-debugsource-1.19.2-150400.3.12.1 * krb5-devel-1.19.2-150400.3.12.1 * krb5-debuginfo-1.19.2-150400.3.12.1 * krb5-client-1.19.2-150400.3.12.1 * krb5-server-1.19.2-150400.3.12.1 * krb5-server-debuginfo-1.19.2-150400.3.12.1 * krb5-plugin-preauth-pkinit-1.19.2-150400.3.12.1 * krb5-plugin-preauth-otp-1.19.2-150400.3.12.1 * krb5-plugin-kdb-ldap-debuginfo-1.19.2-150400.3.12.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64) * krb5-32bit-1.19.2-150400.3.12.1 * krb5-32bit-debuginfo-1.19.2-150400.3.12.1 * SUSE Manager Proxy 4.3 (x86_64) * krb5-plugin-preauth-pkinit-debuginfo-1.19.2-150400.3.12.1 * krb5-plugin-preauth-otp-debuginfo-1.19.2-150400.3.12.1 * krb5-plugin-kdb-ldap-1.19.2-150400.3.12.1 * krb5-1.19.2-150400.3.12.1 * krb5-plugin-preauth-pkinit-1.19.2-150400.3.12.1 * krb5-client-debuginfo-1.19.2-150400.3.12.1 * krb5-debugsource-1.19.2-150400.3.12.1 * krb5-devel-1.19.2-150400.3.12.1 * krb5-32bit-1.19.2-150400.3.12.1 * krb5-debuginfo-1.19.2-150400.3.12.1 * krb5-client-1.19.2-150400.3.12.1 * krb5-server-1.19.2-150400.3.12.1 * krb5-server-debuginfo-1.19.2-150400.3.12.1 * krb5-32bit-debuginfo-1.19.2-150400.3.12.1 * krb5-plugin-preauth-otp-1.19.2-150400.3.12.1 * krb5-plugin-kdb-ldap-debuginfo-1.19.2-150400.3.12.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * krb5-plugin-preauth-pkinit-debuginfo-1.19.2-150400.3.12.1 * krb5-plugin-preauth-otp-debuginfo-1.19.2-150400.3.12.1 * krb5-plugin-kdb-ldap-1.19.2-150400.3.12.1 * krb5-1.19.2-150400.3.12.1 * krb5-plugin-preauth-pkinit-1.19.2-150400.3.12.1 * krb5-client-debuginfo-1.19.2-150400.3.12.1 * krb5-debugsource-1.19.2-150400.3.12.1 * krb5-devel-1.19.2-150400.3.12.1 * krb5-32bit-1.19.2-150400.3.12.1 * krb5-debuginfo-1.19.2-150400.3.12.1 * krb5-client-1.19.2-150400.3.12.1 * krb5-server-1.19.2-150400.3.12.1 * krb5-server-debuginfo-1.19.2-150400.3.12.1 * krb5-32bit-debuginfo-1.19.2-150400.3.12.1 * krb5-plugin-preauth-otp-1.19.2-150400.3.12.1 * krb5-plugin-kdb-ldap-debuginfo-1.19.2-150400.3.12.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * krb5-plugin-preauth-pkinit-debuginfo-1.19.2-150400.3.12.1 * krb5-plugin-preauth-otp-debuginfo-1.19.2-150400.3.12.1 * krb5-plugin-kdb-ldap-1.19.2-150400.3.12.1 * krb5-1.19.2-150400.3.12.1 * krb5-client-debuginfo-1.19.2-150400.3.12.1 * krb5-debugsource-1.19.2-150400.3.12.1 * krb5-devel-1.19.2-150400.3.12.1 * krb5-debuginfo-1.19.2-150400.3.12.1 * krb5-client-1.19.2-150400.3.12.1 * krb5-server-1.19.2-150400.3.12.1 * krb5-server-debuginfo-1.19.2-150400.3.12.1 * krb5-plugin-preauth-pkinit-1.19.2-150400.3.12.1 * krb5-plugin-preauth-otp-1.19.2-150400.3.12.1 * krb5-plugin-kdb-ldap-debuginfo-1.19.2-150400.3.12.1 * SUSE Manager Server 4.3 (x86_64) * krb5-32bit-1.19.2-150400.3.12.1 * krb5-32bit-debuginfo-1.19.2-150400.3.12.1 ## References: * https://www.suse.com/security/cve/CVE-2024-37370.html * https://www.suse.com/security/cve/CVE-2024-37371.html * https://bugzilla.suse.com/show_bug.cgi?id=1227186 * https://bugzilla.suse.com/show_bug.cgi?id=1227187

1 0

SUSE-SU-2024:1937-2: moderate: Security update for python-docker
by OPENSUSE-SECURITY-UPDATES 08 Jul '24

08 Jul '24

# Security update for python-docker Announcement ID: SUSE-SU-2024:1937-2 Rating: moderate References: * bsc#1224788 Cross-References: * CVE-2024-35195 CVSS scores: * CVE-2024-35195 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N Affected Products: * openSUSE Leap 15.5 * openSUSE Leap 15.6 * Public Cloud Module 15-SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for python-docker fixes the following issues: * CVE-2024-35195: Fixed missing certificate verification (bsc#1224788). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1937=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-1937=1 * Public Cloud Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP6-2024-1937=1 ## Package List: * openSUSE Leap 15.5 (noarch) * python311-docker-7.0.0-150400.8.7.1 * openSUSE Leap 15.6 (noarch) * python311-docker-7.0.0-150400.8.7.1 * Public Cloud Module 15-SP6 (noarch) * python311-docker-7.0.0-150400.8.7.1 ## References: * https://www.suse.com/security/cve/CVE-2024-35195.html * https://bugzilla.suse.com/show_bug.cgi?id=1224788

1 0

SUSE-SU-2024:2332-1: low: Security update for poppler
by OPENSUSE-SECURITY-UPDATES 08 Jul '24

08 Jul '24

# Security update for poppler Announcement ID: SUSE-SU-2024:2332-1 Rating: low References: * bsc#1226916 Cross-References: * CVE-2024-6239 CVSS scores: * CVE-2024-6239 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2024-6239 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Package Hub 15 15-SP5 An update that solves one vulnerability can now be installed. ## Description: This update for poppler fixes the following issues: * CVE-2024-6239: Fixed crash when using pdfinfo with -dests parameter on malformed input files (bsc#1226916). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-2332=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-2332=1 * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-2332=1 openSUSE-SLE-15.5-2024-2332=1 ## Package List: * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * poppler-tools-debuginfo-23.01.0-150500.3.11.1 * libpoppler-cpp0-23.01.0-150500.3.11.1 * libpoppler-cpp0-debuginfo-23.01.0-150500.3.11.1 * libpoppler-devel-23.01.0-150500.3.11.1 * libpoppler-glib8-debuginfo-23.01.0-150500.3.11.1 * typelib-1_0-Poppler-0_18-23.01.0-150500.3.11.1 * poppler-debugsource-23.01.0-150500.3.11.1 * poppler-tools-23.01.0-150500.3.11.1 * libpoppler126-debuginfo-23.01.0-150500.3.11.1 * libpoppler126-23.01.0-150500.3.11.1 * libpoppler-glib8-23.01.0-150500.3.11.1 * libpoppler-glib-devel-23.01.0-150500.3.11.1 * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x x86_64) * libpoppler-qt5-1-23.01.0-150500.3.11.1 * libpoppler-qt5-1-debuginfo-23.01.0-150500.3.11.1 * libpoppler-cpp0-23.01.0-150500.3.11.1 * libpoppler-qt5-devel-23.01.0-150500.3.11.1 * libpoppler-cpp0-debuginfo-23.01.0-150500.3.11.1 * libpoppler-devel-23.01.0-150500.3.11.1 * poppler-qt5-debugsource-23.01.0-150500.3.11.1 * poppler-debugsource-23.01.0-150500.3.11.1 * SUSE Package Hub 15 15-SP5 (x86_64) * libpoppler-glib8-32bit-23.01.0-150500.3.11.1 * libpoppler126-32bit-debuginfo-23.01.0-150500.3.11.1 * libpoppler-glib8-32bit-debuginfo-23.01.0-150500.3.11.1 * libpoppler126-32bit-23.01.0-150500.3.11.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * poppler-tools-debuginfo-23.01.0-150500.3.11.1 * poppler-qt6-debugsource-23.01.0-150500.3.11.1 * libpoppler-qt5-1-23.01.0-150500.3.11.1 * libpoppler-qt5-1-debuginfo-23.01.0-150500.3.11.1 * libpoppler-cpp0-23.01.0-150500.3.11.1 * libpoppler-qt5-devel-23.01.0-150500.3.11.1 * libpoppler-cpp0-debuginfo-23.01.0-150500.3.11.1 * libpoppler-devel-23.01.0-150500.3.11.1 * libpoppler-qt6-3-23.01.0-150500.3.11.1 * libpoppler-glib8-debuginfo-23.01.0-150500.3.11.1 * poppler-qt5-debugsource-23.01.0-150500.3.11.1 * typelib-1_0-Poppler-0_18-23.01.0-150500.3.11.1 * libpoppler-qt6-3-debuginfo-23.01.0-150500.3.11.1 * libpoppler-qt6-devel-23.01.0-150500.3.11.1 * poppler-debugsource-23.01.0-150500.3.11.1 * poppler-tools-23.01.0-150500.3.11.1 * libpoppler126-debuginfo-23.01.0-150500.3.11.1 * libpoppler126-23.01.0-150500.3.11.1 * libpoppler-glib8-23.01.0-150500.3.11.1 * libpoppler-glib-devel-23.01.0-150500.3.11.1 * openSUSE Leap 15.5 (x86_64) * libpoppler-glib8-32bit-23.01.0-150500.3.11.1 * libpoppler-cpp0-32bit-debuginfo-23.01.0-150500.3.11.1 * libpoppler126-32bit-debuginfo-23.01.0-150500.3.11.1 * libpoppler-cpp0-32bit-23.01.0-150500.3.11.1 * libpoppler-glib8-32bit-debuginfo-23.01.0-150500.3.11.1 * libpoppler-qt5-1-32bit-23.01.0-150500.3.11.1 * libpoppler-qt5-1-32bit-debuginfo-23.01.0-150500.3.11.1 * libpoppler126-32bit-23.01.0-150500.3.11.1 * openSUSE Leap 15.5 (aarch64_ilp32) * libpoppler-qt5-1-64bit-23.01.0-150500.3.11.1 * libpoppler126-64bit-debuginfo-23.01.0-150500.3.11.1 * libpoppler-qt5-1-64bit-debuginfo-23.01.0-150500.3.11.1 * libpoppler126-64bit-23.01.0-150500.3.11.1 * libpoppler-cpp0-64bit-debuginfo-23.01.0-150500.3.11.1 * libpoppler-cpp0-64bit-23.01.0-150500.3.11.1 * libpoppler-glib8-64bit-debuginfo-23.01.0-150500.3.11.1 * libpoppler-glib8-64bit-23.01.0-150500.3.11.1 ## References: * https://www.suse.com/security/cve/CVE-2024-6239.html * https://bugzilla.suse.com/show_bug.cgi?id=1226916

1 0

SUSE-SU-2024:2333-1: low: Security update for poppler
by OPENSUSE-SECURITY-UPDATES 08 Jul '24

08 Jul '24

# Security update for poppler Announcement ID: SUSE-SU-2024:2333-1 Rating: low References: * bsc#1226916 Cross-References: * CVE-2024-6239 CVSS scores: * CVE-2024-6239 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2024-6239 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Workstation Extension 15 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for poppler fixes the following issues: * CVE-2024-6239: Fixed crash when using pdfinfo with -dests parameter on malformed input files (bsc#12269160). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-2333=1 * SUSE Linux Enterprise Workstation Extension 15 SP5 zypper in -t patch SUSE-SLE-Product-WE-15-SP5-2024-2333=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * poppler-tools-debuginfo-22.01.0-150400.3.22.1 * typelib-1_0-Poppler-0_18-22.01.0-150400.3.22.1 * libpoppler-devel-22.01.0-150400.3.22.1 * poppler-qt5-debugsource-22.01.0-150400.3.22.1 * libpoppler-cpp0-22.01.0-150400.3.22.1 * libpoppler-glib-devel-22.01.0-150400.3.22.1 * poppler-qt6-debugsource-22.01.0-150400.3.22.1 * libpoppler-qt5-1-debuginfo-22.01.0-150400.3.22.1 * libpoppler117-debuginfo-22.01.0-150400.3.22.1 * libpoppler-qt5-devel-22.01.0-150400.3.22.1 * poppler-debugsource-22.01.0-150400.3.22.1 * poppler-tools-22.01.0-150400.3.22.1 * libpoppler-qt5-1-22.01.0-150400.3.22.1 * libpoppler-qt6-3-22.01.0-150400.3.22.1 * libpoppler-qt6-3-debuginfo-22.01.0-150400.3.22.1 * libpoppler-qt6-devel-22.01.0-150400.3.22.1 * libpoppler-glib8-22.01.0-150400.3.22.1 * libpoppler117-22.01.0-150400.3.22.1 * libpoppler-cpp0-debuginfo-22.01.0-150400.3.22.1 * libpoppler-glib8-debuginfo-22.01.0-150400.3.22.1 * openSUSE Leap 15.4 (x86_64) * libpoppler117-32bit-22.01.0-150400.3.22.1 * libpoppler-glib8-32bit-22.01.0-150400.3.22.1 * libpoppler117-32bit-debuginfo-22.01.0-150400.3.22.1 * libpoppler-qt5-1-32bit-debuginfo-22.01.0-150400.3.22.1 * libpoppler-qt5-1-32bit-22.01.0-150400.3.22.1 * libpoppler-cpp0-32bit-22.01.0-150400.3.22.1 * libpoppler-glib8-32bit-debuginfo-22.01.0-150400.3.22.1 * libpoppler-cpp0-32bit-debuginfo-22.01.0-150400.3.22.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libpoppler-cpp0-64bit-debuginfo-22.01.0-150400.3.22.1 * libpoppler-glib8-64bit-22.01.0-150400.3.22.1 * libpoppler-glib8-64bit-debuginfo-22.01.0-150400.3.22.1 * libpoppler117-64bit-22.01.0-150400.3.22.1 * libpoppler117-64bit-debuginfo-22.01.0-150400.3.22.1 * libpoppler-qt5-1-64bit-debuginfo-22.01.0-150400.3.22.1 * libpoppler-qt5-1-64bit-22.01.0-150400.3.22.1 * libpoppler-cpp0-64bit-22.01.0-150400.3.22.1 * SUSE Linux Enterprise Workstation Extension 15 SP5 (x86_64) * libpoppler117-22.01.0-150400.3.22.1 * libpoppler117-debuginfo-22.01.0-150400.3.22.1 * poppler-debugsource-22.01.0-150400.3.22.1 ## References: * https://www.suse.com/security/cve/CVE-2024-6239.html * https://bugzilla.suse.com/show_bug.cgi?id=1226916

1 0

SUSE-SU-2024:2313-1: important: Security update for netty3
by OPENSUSE-SECURITY-UPDATES 08 Jul '24

08 Jul '24

# Security update for netty3 Announcement ID: SUSE-SU-2024:2313-1 Rating: important References: * bsc#1222045 Cross-References: * CVE-2024-29025 CVSS scores: * CVE-2024-29025 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Development Tools Module 15-SP5 * Development Tools Module 15-SP6 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for netty3 fixes the following issues: * CVE-2024-29025: Fixed HttpPostRequestDecoder can out of memory due to large number of form fields (bsc#1222045). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-2313=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-2313=1 * Development Tools Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2024-2313=1 * Development Tools Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2024-2313=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-2313=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-2313=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-2313=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-2313=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-2313=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-2313=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-2313=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-2313=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-2313=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-2313=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-2313=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-2313=1 ## Package List: * openSUSE Leap 15.5 (noarch) * netty3-3.10.6-150200.3.10.1 * netty3-javadoc-3.10.6-150200.3.10.1 * openSUSE Leap 15.6 (noarch) * netty3-3.10.6-150200.3.10.1 * netty3-javadoc-3.10.6-150200.3.10.1 * Development Tools Module 15-SP5 (noarch) * netty3-3.10.6-150200.3.10.1 * Development Tools Module 15-SP6 (noarch) * netty3-3.10.6-150200.3.10.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (noarch) * netty3-3.10.6-150200.3.10.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * netty3-3.10.6-150200.3.10.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * netty3-3.10.6-150200.3.10.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * netty3-3.10.6-150200.3.10.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (noarch) * netty3-3.10.6-150200.3.10.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (noarch) * netty3-3.10.6-150200.3.10.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch) * netty3-3.10.6-150200.3.10.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch) * netty3-3.10.6-150200.3.10.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (noarch) * netty3-3.10.6-150200.3.10.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * netty3-3.10.6-150200.3.10.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * netty3-3.10.6-150200.3.10.1 * SUSE Enterprise Storage 7.1 (noarch) * netty3-3.10.6-150200.3.10.1 ## References: * https://www.suse.com/security/cve/CVE-2024-29025.html * https://bugzilla.suse.com/show_bug.cgi?id=1222045

1 0

SUSE-SU-2024:2320-1: moderate: Security update for python-urllib3
by OPENSUSE-SECURITY-UPDATES 08 Jul '24

08 Jul '24

# Security update for python-urllib3 Announcement ID: SUSE-SU-2024:2320-1 Rating: moderate References: * bsc#1226469 Cross-References: * CVE-2024-37891 CVSS scores: * CVE-2024-37891 ( SUSE ): 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * Public Cloud Module 15-SP4 * Python 3 Module 15-SP5 * Python 3 Module 15-SP6 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for python-urllib3 fixes the following issues: * CVE-2024-37891: Fixed proxy-authorization request header not stripped during cross-origin redirects (bsc#1226469). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-2320=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-2320=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-2320=1 * Public Cloud Module 15-SP4 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2024-2320=1 * Python 3 Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Python3-15-SP5-2024-2320=1 * Python 3 Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Python3-15-SP6-2024-2320=1 ## Package List: * openSUSE Leap 15.4 (noarch) * python311-urllib3-2.0.7-150400.7.18.1 * openSUSE Leap 15.5 (noarch) * python311-urllib3-2.0.7-150400.7.18.1 * openSUSE Leap 15.6 (noarch) * python311-urllib3-2.0.7-150400.7.18.1 * Public Cloud Module 15-SP4 (noarch) * python311-urllib3-2.0.7-150400.7.18.1 * Python 3 Module 15-SP5 (noarch) * python311-urllib3-2.0.7-150400.7.18.1 * Python 3 Module 15-SP6 (noarch) * python311-urllib3-2.0.7-150400.7.18.1 ## References: * https://www.suse.com/security/cve/CVE-2024-37891.html * https://bugzilla.suse.com/show_bug.cgi?id=1226469

1 0

openSUSE-SU-2024:0187-1: important: Security update for opera
by opensuse-security＠opensuse.org 06 Jul '24

06 Jul '24

openSUSE Security Update: Security update for opera ______________________________________________________________________________ Announcement ID: openSUSE-SU-2024:0187-1 Rating: important References: Cross-References: CVE-2024-5493 CVE-2024-5494 CVE-2024-5495 CVE-2024-5496 CVE-2024-5497 CVE-2024-5498 CVE-2024-5499 Affected Products: openSUSE Leap 15.5:NonFree ______________________________________________________________________________ An update that fixes 7 vulnerabilities is now available. Description: This update for opera fixes the following issues: - Update to 111.0.5168.43 * DNA-115228 Adblocker is blocking ads when turned off * DNA-116605 Crash at opera::BrowserContentsView:: NonClientHitTestPoint(gfx::Point const&) * DNA-116855 Cannot close tab island’s tab when popup was hovered * DNA-116885 Add chrome.cookies api permission to Rich Hints * DNA-116948 [Linux] Theme toggle in settings is not working - Update to 111.0.5168.25 * CHR-9754 Update Chromium on desktop-stable-125-5168 to 125.0.6422.142 * DNA-116089 [Win/Lin] Fullscreen view has rounded corners * DNA-116208 The red dot on the Aria’s icon is misaligned * DNA-116693 X (twitter) logo is not available on opera:about page * DNA-116737 [Bookmarks] Bookmarks bar favicon have light theme color in new window * DNA-116769 Extension popup – pin icon is replaced * DNA-116850 Fix full package installer link * DNA-116852 Promote 111 to stable * DNA-116491 Site info popup is cut with dropdown opened * DNA-116661 [opera:settings] IPFS/IPNS Gateway box has the wrong design * DNA-116789 Translations for O111 * DNA-116813 [React emoji picker] Flag emojis are not load correctly * DNA-116893 Put 'Show emojis in tab tooltip' in Settings * DNA-116918 Translations for 'Show emojis in tab tooltip' - Complete Opera 111 changelog at: https://blogs.opera.com/desktop/changelog-for-111 - The update to chromium 125.0.6422.142 fixes following issues: CVE-2024-5493, CVE-2024-5494, CVE-2024-5495, CVE-2024-5496, CVE-2024-5497, CVE-2024-5498, CVE-2024-5499 - Update to 110.0.5130.64 * CHR-9748 Update Chromium on desktop-stable-124-5130 to 124.0.6367.243 * DNA-116317 Create outline or shadow around emojis on tab strip * DNA-116320 Create animation for emoji disappearing from tab strip * DNA-116564 Assign custom emoji from emoji picker * DNA-116690 Make chrome://emoji-picker attachable by webdriver * DNA-116732 Introduce stat event for setting / unsetting emoji on a tab * DNA-116753 Emoji picker does not follow browser theme * DNA-116755 Record tab emojis added / removed * DNA-116777 Enable #tab-art on all streams - Update to 110.0.5130.49 * CHR-9416 Updating Chromium on desktop-stable-* branches * DNA-116706 [gpu-crash] Crash at SkGpuShaderImageFilter:: onFilterImage(skif::Context const&) Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.5:NonFree: zypper in -t patch openSUSE-2024-187=1 Package List: - openSUSE Leap 15.5:NonFree (x86_64): opera-111.0.5168.43-lp155.3.51.1 References: https://www.suse.com/security/cve/CVE-2024-5493.html https://www.suse.com/security/cve/CVE-2024-5494.html https://www.suse.com/security/cve/CVE-2024-5495.html https://www.suse.com/security/cve/CVE-2024-5496.html https://www.suse.com/security/cve/CVE-2024-5497.html https://www.suse.com/security/cve/CVE-2024-5498.html https://www.suse.com/security/cve/CVE-2024-5499.html

1 0

SUSE-SU-2024:2307-1: important: Security update for krb5
by OPENSUSE-SECURITY-UPDATES 05 Jul '24

05 Jul '24

# Security update for krb5 Announcement ID: SUSE-SU-2024:2307-1 Rating: important References: * bsc#1227186 * bsc#1227187 Cross-References: * CVE-2024-37370 * CVE-2024-37371 CVSS scores: * CVE-2024-37370 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H * CVE-2024-37371 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * Server Applications Module 15-SP6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves two vulnerabilities can now be installed. ## Description: This update for krb5 fixes the following issues: * CVE-2024-37370: Fixed confidential GSS krb5 wrap tokens with invalid fields were errouneously accepted (bsc#1227186). * CVE-2024-37371: Fixed invalid memory read when processing message tokens with invalid length fields (bsc#1227187). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-2307=1 openSUSE-SLE-15.6-2024-2307=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-2307=1 * Server Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2024-2307=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * krb5-plugin-preauth-pkinit-debuginfo-1.20.1-150600.11.3.1 * krb5-mini-1.20.1-150600.11.3.1 * krb5-mini-debugsource-1.20.1-150600.11.3.1 * krb5-plugin-preauth-pkinit-1.20.1-150600.11.3.1 * krb5-client-debuginfo-1.20.1-150600.11.3.1 * krb5-debugsource-1.20.1-150600.11.3.1 * krb5-plugin-kdb-ldap-debuginfo-1.20.1-150600.11.3.1 * krb5-1.20.1-150600.11.3.1 * krb5-server-1.20.1-150600.11.3.1 * krb5-server-debuginfo-1.20.1-150600.11.3.1 * krb5-devel-1.20.1-150600.11.3.1 * krb5-plugin-preauth-otp-debuginfo-1.20.1-150600.11.3.1 * krb5-mini-debuginfo-1.20.1-150600.11.3.1 * krb5-debuginfo-1.20.1-150600.11.3.1 * krb5-plugin-preauth-spake-1.20.1-150600.11.3.1 * krb5-plugin-kdb-ldap-1.20.1-150600.11.3.1 * krb5-client-1.20.1-150600.11.3.1 * krb5-plugin-preauth-otp-1.20.1-150600.11.3.1 * krb5-mini-devel-1.20.1-150600.11.3.1 * krb5-plugin-preauth-spake-debuginfo-1.20.1-150600.11.3.1 * openSUSE Leap 15.6 (x86_64) * krb5-32bit-debuginfo-1.20.1-150600.11.3.1 * krb5-devel-32bit-1.20.1-150600.11.3.1 * krb5-32bit-1.20.1-150600.11.3.1 * openSUSE Leap 15.6 (aarch64_ilp32) * krb5-64bit-debuginfo-1.20.1-150600.11.3.1 * krb5-64bit-1.20.1-150600.11.3.1 * krb5-devel-64bit-1.20.1-150600.11.3.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * krb5-plugin-preauth-pkinit-debuginfo-1.20.1-150600.11.3.1 * krb5-plugin-preauth-pkinit-1.20.1-150600.11.3.1 * krb5-client-debuginfo-1.20.1-150600.11.3.1 * krb5-debugsource-1.20.1-150600.11.3.1 * krb5-1.20.1-150600.11.3.1 * krb5-devel-1.20.1-150600.11.3.1 * krb5-plugin-preauth-otp-debuginfo-1.20.1-150600.11.3.1 * krb5-client-1.20.1-150600.11.3.1 * krb5-plugin-preauth-otp-1.20.1-150600.11.3.1 * krb5-debuginfo-1.20.1-150600.11.3.1 * Basesystem Module 15-SP6 (x86_64) * krb5-32bit-debuginfo-1.20.1-150600.11.3.1 * krb5-32bit-1.20.1-150600.11.3.1 * Server Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * krb5-debugsource-1.20.1-150600.11.3.1 * krb5-server-debuginfo-1.20.1-150600.11.3.1 * krb5-server-1.20.1-150600.11.3.1 * krb5-plugin-kdb-ldap-debuginfo-1.20.1-150600.11.3.1 * krb5-plugin-kdb-ldap-1.20.1-150600.11.3.1 * krb5-debuginfo-1.20.1-150600.11.3.1 ## References: * https://www.suse.com/security/cve/CVE-2024-37370.html * https://www.suse.com/security/cve/CVE-2024-37371.html * https://bugzilla.suse.com/show_bug.cgi?id=1227186 * https://bugzilla.suse.com/show_bug.cgi?id=1227187

1 0

SUSE-SU-2024:2308-1: important: Security update for go1.21
by OPENSUSE-SECURITY-UPDATES 05 Jul '24

05 Jul '24

# Security update for go1.21 Announcement ID: SUSE-SU-2024:2308-1 Rating: important References: * bsc#1212475 * bsc#1227314 Cross-References: * CVE-2024-24791 CVSS scores: * CVE-2024-24791 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * Development Tools Module 15-SP5 * Development Tools Module 15-SP6 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for go1.21 fixes the following issues: Updated to version 1.21.12 (bsc#1212475): * CVE-2024-24791: Fixed a potential denial of service due to improper handling of HTTP 100-continue headers (bsc#1227314). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-2308=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-2308=1 * Development Tools Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2024-2308=1 * Development Tools Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2024-2308=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-2308=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-2308=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-2308=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-2308=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-2308=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * go1.21-1.21.12-150000.1.39.1 * go1.21-race-1.21.12-150000.1.39.1 * go1.21-doc-1.21.12-150000.1.39.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * go1.21-1.21.12-150000.1.39.1 * go1.21-race-1.21.12-150000.1.39.1 * go1.21-doc-1.21.12-150000.1.39.1 * Development Tools Module 15-SP5 (aarch64 ppc64le s390x x86_64) * go1.21-1.21.12-150000.1.39.1 * go1.21-race-1.21.12-150000.1.39.1 * go1.21-doc-1.21.12-150000.1.39.1 * Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64) * go1.21-1.21.12-150000.1.39.1 * go1.21-race-1.21.12-150000.1.39.1 * go1.21-doc-1.21.12-150000.1.39.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * go1.21-1.21.12-150000.1.39.1 * go1.21-race-1.21.12-150000.1.39.1 * go1.21-doc-1.21.12-150000.1.39.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * go1.21-1.21.12-150000.1.39.1 * go1.21-race-1.21.12-150000.1.39.1 * go1.21-doc-1.21.12-150000.1.39.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * go1.21-1.21.12-150000.1.39.1 * go1.21-race-1.21.12-150000.1.39.1 * go1.21-doc-1.21.12-150000.1.39.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * go1.21-1.21.12-150000.1.39.1 * go1.21-doc-1.21.12-150000.1.39.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 x86_64) * go1.21-race-1.21.12-150000.1.39.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * go1.21-1.21.12-150000.1.39.1 * go1.21-doc-1.21.12-150000.1.39.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64) * go1.21-race-1.21.12-150000.1.39.1 ## References: * https://www.suse.com/security/cve/CVE-2024-24791.html * https://bugzilla.suse.com/show_bug.cgi?id=1212475 * https://bugzilla.suse.com/show_bug.cgi?id=1227314

1 0

SUSE-SU-2024:2302-1: important: Security update for krb5
by OPENSUSE-SECURITY-UPDATES 04 Jul '24

04 Jul '24

# Security update for krb5 Announcement ID: SUSE-SU-2024:2302-1 Rating: important References: * bsc#1227186 * bsc#1227187 Cross-References: * CVE-2024-37370 * CVE-2024-37371 CVSS scores: * CVE-2024-37370 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H * CVE-2024-37371 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.5 * Server Applications Module 15-SP5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves two vulnerabilities can now be installed. ## Description: This update for krb5 fixes the following issues: * CVE-2024-37370: Fixed confidential GSS krb5 wrap tokens with invalid fields were errouneously accepted (bsc#1227186). * CVE-2024-37371: Fixed invalid memory read when processing message tokens with invalid length fields (bsc#1227187). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-2302=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-2302=1 * Server Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP5-2024-2302=1 * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-2302=1 openSUSE-SLE-15.5-2024-2302=1 ## Package List: * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * krb5-debugsource-1.20.1-150500.3.9.1 * krb5-debuginfo-1.20.1-150500.3.9.1 * krb5-1.20.1-150500.3.9.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * krb5-plugin-preauth-otp-1.20.1-150500.3.9.1 * krb5-plugin-preauth-otp-debuginfo-1.20.1-150500.3.9.1 * krb5-1.20.1-150500.3.9.1 * krb5-debuginfo-1.20.1-150500.3.9.1 * krb5-plugin-preauth-pkinit-1.20.1-150500.3.9.1 * krb5-plugin-preauth-pkinit-debuginfo-1.20.1-150500.3.9.1 * krb5-client-1.20.1-150500.3.9.1 * krb5-devel-1.20.1-150500.3.9.1 * krb5-client-debuginfo-1.20.1-150500.3.9.1 * krb5-debugsource-1.20.1-150500.3.9.1 * Basesystem Module 15-SP5 (x86_64) * krb5-32bit-debuginfo-1.20.1-150500.3.9.1 * krb5-32bit-1.20.1-150500.3.9.1 * Server Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * krb5-server-debuginfo-1.20.1-150500.3.9.1 * krb5-plugin-kdb-ldap-debuginfo-1.20.1-150500.3.9.1 * krb5-debuginfo-1.20.1-150500.3.9.1 * krb5-plugin-kdb-ldap-1.20.1-150500.3.9.1 * krb5-server-1.20.1-150500.3.9.1 * krb5-debugsource-1.20.1-150500.3.9.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * krb5-plugin-preauth-otp-1.20.1-150500.3.9.1 * krb5-plugin-preauth-otp-debuginfo-1.20.1-150500.3.9.1 * krb5-mini-debuginfo-1.20.1-150500.3.9.1 * krb5-plugin-preauth-spake-debuginfo-1.20.1-150500.3.9.1 * krb5-plugin-kdb-ldap-debuginfo-1.20.1-150500.3.9.1 * krb5-server-debuginfo-1.20.1-150500.3.9.1 * krb5-mini-devel-1.20.1-150500.3.9.1 * krb5-1.20.1-150500.3.9.1 * krb5-debuginfo-1.20.1-150500.3.9.1 * krb5-plugin-preauth-pkinit-1.20.1-150500.3.9.1 * krb5-mini-debugsource-1.20.1-150500.3.9.1 * krb5-plugin-kdb-ldap-1.20.1-150500.3.9.1 * krb5-plugin-preauth-pkinit-debuginfo-1.20.1-150500.3.9.1 * krb5-client-1.20.1-150500.3.9.1 * krb5-mini-1.20.1-150500.3.9.1 * krb5-devel-1.20.1-150500.3.9.1 * krb5-client-debuginfo-1.20.1-150500.3.9.1 * krb5-debugsource-1.20.1-150500.3.9.1 * krb5-plugin-preauth-spake-1.20.1-150500.3.9.1 * krb5-server-1.20.1-150500.3.9.1 * openSUSE Leap 15.5 (x86_64) * krb5-32bit-debuginfo-1.20.1-150500.3.9.1 * krb5-devel-32bit-1.20.1-150500.3.9.1 * krb5-32bit-1.20.1-150500.3.9.1 * openSUSE Leap 15.5 (aarch64_ilp32) * krb5-devel-64bit-1.20.1-150500.3.9.1 * krb5-64bit-debuginfo-1.20.1-150500.3.9.1 * krb5-64bit-1.20.1-150500.3.9.1 ## References: * https://www.suse.com/security/cve/CVE-2024-37370.html * https://www.suse.com/security/cve/CVE-2024-37371.html * https://bugzilla.suse.com/show_bug.cgi?id=1227186 * https://bugzilla.suse.com/show_bug.cgi?id=1227187

1 0

SUSE-SU-2024:2303-1: important: Security update for krb5
by OPENSUSE-SECURITY-UPDATES 04 Jul '24

04 Jul '24

# Security update for krb5 Announcement ID: SUSE-SU-2024:2303-1 Rating: important References: * bsc#1227186 * bsc#1227187 Cross-References: * CVE-2024-37370 * CVE-2024-37371 CVSS scores: * CVE-2024-37370 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H * CVE-2024-37371 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves two vulnerabilities can now be installed. ## Description: This update for krb5 fixes the following issues: * CVE-2024-37370: Fixed confidential GSS krb5 wrap tokens with invalid fields were errouneously accepted (bsc#1227186). * CVE-2024-37371: Fixed invalid memory read when processing message tokens with invalid length fields (bsc#1227187). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-2303=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-2303=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-2303=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-2303=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-2303=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-2303=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-2303=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-2303=1 ## Package List: * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * krb5-plugin-kdb-ldap-debuginfo-1.19.2-150300.19.1 * krb5-plugin-preauth-otp-1.19.2-150300.19.1 * krb5-1.19.2-150300.19.1 * krb5-debugsource-1.19.2-150300.19.1 * krb5-plugin-preauth-otp-debuginfo-1.19.2-150300.19.1 * krb5-plugin-preauth-pkinit-debuginfo-1.19.2-150300.19.1 * krb5-plugin-kdb-ldap-1.19.2-150300.19.1 * krb5-server-1.19.2-150300.19.1 * krb5-client-1.19.2-150300.19.1 * krb5-server-debuginfo-1.19.2-150300.19.1 * krb5-mini-debuginfo-1.19.2-150300.19.1 * krb5-plugin-preauth-spake-1.19.2-150300.19.1 * krb5-debuginfo-1.19.2-150300.19.1 * krb5-plugin-preauth-spake-debuginfo-1.19.2-150300.19.1 * krb5-mini-debugsource-1.19.2-150300.19.1 * krb5-mini-devel-1.19.2-150300.19.1 * krb5-devel-1.19.2-150300.19.1 * krb5-mini-1.19.2-150300.19.1 * krb5-plugin-preauth-pkinit-1.19.2-150300.19.1 * krb5-client-debuginfo-1.19.2-150300.19.1 * openSUSE Leap 15.3 (x86_64) * krb5-devel-32bit-1.19.2-150300.19.1 * krb5-32bit-1.19.2-150300.19.1 * krb5-32bit-debuginfo-1.19.2-150300.19.1 * openSUSE Leap 15.3 (aarch64_ilp32) * krb5-64bit-debuginfo-1.19.2-150300.19.1 * krb5-devel-64bit-1.19.2-150300.19.1 * krb5-64bit-1.19.2-150300.19.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * krb5-plugin-kdb-ldap-debuginfo-1.19.2-150300.19.1 * krb5-plugin-preauth-otp-1.19.2-150300.19.1 * krb5-debugsource-1.19.2-150300.19.1 * krb5-1.19.2-150300.19.1 * krb5-plugin-preauth-otp-debuginfo-1.19.2-150300.19.1 * krb5-plugin-preauth-pkinit-debuginfo-1.19.2-150300.19.1 * krb5-plugin-kdb-ldap-1.19.2-150300.19.1 * krb5-server-1.19.2-150300.19.1 * krb5-client-1.19.2-150300.19.1 * krb5-server-debuginfo-1.19.2-150300.19.1 * krb5-plugin-preauth-spake-1.19.2-150300.19.1 * krb5-plugin-preauth-spake-debuginfo-1.19.2-150300.19.1 * krb5-debuginfo-1.19.2-150300.19.1 * krb5-devel-1.19.2-150300.19.1 * krb5-plugin-preauth-pkinit-1.19.2-150300.19.1 * krb5-client-debuginfo-1.19.2-150300.19.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (x86_64) * krb5-32bit-1.19.2-150300.19.1 * krb5-32bit-debuginfo-1.19.2-150300.19.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * krb5-plugin-kdb-ldap-debuginfo-1.19.2-150300.19.1 * krb5-plugin-preauth-otp-1.19.2-150300.19.1 * krb5-debugsource-1.19.2-150300.19.1 * krb5-1.19.2-150300.19.1 * krb5-plugin-preauth-otp-debuginfo-1.19.2-150300.19.1 * krb5-plugin-preauth-pkinit-debuginfo-1.19.2-150300.19.1 * krb5-plugin-kdb-ldap-1.19.2-150300.19.1 * krb5-server-1.19.2-150300.19.1 * krb5-client-1.19.2-150300.19.1 * krb5-server-debuginfo-1.19.2-150300.19.1 * krb5-plugin-preauth-spake-1.19.2-150300.19.1 * krb5-plugin-preauth-spake-debuginfo-1.19.2-150300.19.1 * krb5-debuginfo-1.19.2-150300.19.1 * krb5-devel-1.19.2-150300.19.1 * krb5-plugin-preauth-pkinit-1.19.2-150300.19.1 * krb5-client-debuginfo-1.19.2-150300.19.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (x86_64) * krb5-32bit-1.19.2-150300.19.1 * krb5-32bit-debuginfo-1.19.2-150300.19.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * krb5-plugin-kdb-ldap-debuginfo-1.19.2-150300.19.1 * krb5-plugin-preauth-otp-1.19.2-150300.19.1 * krb5-debugsource-1.19.2-150300.19.1 * krb5-1.19.2-150300.19.1 * krb5-plugin-preauth-otp-debuginfo-1.19.2-150300.19.1 * krb5-plugin-preauth-pkinit-debuginfo-1.19.2-150300.19.1 * krb5-plugin-kdb-ldap-1.19.2-150300.19.1 * krb5-server-1.19.2-150300.19.1 * krb5-client-1.19.2-150300.19.1 * krb5-server-debuginfo-1.19.2-150300.19.1 * krb5-plugin-preauth-spake-1.19.2-150300.19.1 * krb5-plugin-preauth-spake-debuginfo-1.19.2-150300.19.1 * krb5-debuginfo-1.19.2-150300.19.1 * krb5-devel-1.19.2-150300.19.1 * krb5-plugin-preauth-pkinit-1.19.2-150300.19.1 * krb5-client-debuginfo-1.19.2-150300.19.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (x86_64) * krb5-32bit-1.19.2-150300.19.1 * krb5-32bit-debuginfo-1.19.2-150300.19.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * krb5-plugin-kdb-ldap-debuginfo-1.19.2-150300.19.1 * krb5-plugin-preauth-otp-1.19.2-150300.19.1 * krb5-debugsource-1.19.2-150300.19.1 * krb5-1.19.2-150300.19.1 * krb5-plugin-preauth-otp-debuginfo-1.19.2-150300.19.1 * krb5-plugin-preauth-pkinit-debuginfo-1.19.2-150300.19.1 * krb5-plugin-kdb-ldap-1.19.2-150300.19.1 * krb5-server-1.19.2-150300.19.1 * krb5-client-1.19.2-150300.19.1 * krb5-server-debuginfo-1.19.2-150300.19.1 * krb5-plugin-preauth-spake-1.19.2-150300.19.1 * krb5-plugin-preauth-spake-debuginfo-1.19.2-150300.19.1 * krb5-debuginfo-1.19.2-150300.19.1 * krb5-devel-1.19.2-150300.19.1 * krb5-plugin-preauth-pkinit-1.19.2-150300.19.1 * krb5-client-debuginfo-1.19.2-150300.19.1 * SUSE Enterprise Storage 7.1 (x86_64) * krb5-32bit-1.19.2-150300.19.1 * krb5-32bit-debuginfo-1.19.2-150300.19.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * krb5-debugsource-1.19.2-150300.19.1 * krb5-1.19.2-150300.19.1 * krb5-debuginfo-1.19.2-150300.19.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * krb5-debugsource-1.19.2-150300.19.1 * krb5-1.19.2-150300.19.1 * krb5-debuginfo-1.19.2-150300.19.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * krb5-debugsource-1.19.2-150300.19.1 * krb5-1.19.2-150300.19.1 * krb5-debuginfo-1.19.2-150300.19.1 ## References: * https://www.suse.com/security/cve/CVE-2024-37370.html * https://www.suse.com/security/cve/CVE-2024-37371.html * https://bugzilla.suse.com/show_bug.cgi?id=1227186 * https://bugzilla.suse.com/show_bug.cgi?id=1227187

1 0

SUSE-SU-2024:2299-1: important: Security update for apache2-mod_auth_openidc
by OPENSUSE-SECURITY-UPDATES 04 Jul '24

04 Jul '24

# Security update for apache2-mod_auth_openidc Announcement ID: SUSE-SU-2024:2299-1 Rating: important References: * bsc#1219911 * bsc#1227261 Cross-References: * CVE-2024-24814 CVSS scores: * CVE-2024-24814 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.6 * Server Applications Module 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for apache2-mod_auth_openidc fixes the following issues: * CVE-2024-24814: Fixed a bug that can led to DoS when `OIDCSessionType client-cookie` is set and a crafted Cookie header is supplied. (bsc#1219911) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-2299=1 SUSE-2024-2299=1 * Server Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2024-2299=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * apache2-mod_auth_openidc-2.3.8-150600.16.5.1 * apache2-mod_auth_openidc-debugsource-2.3.8-150600.16.5.1 * apache2-mod_auth_openidc-debuginfo-2.3.8-150600.16.5.1 * Server Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * apache2-mod_auth_openidc-2.3.8-150600.16.5.1 * apache2-mod_auth_openidc-debugsource-2.3.8-150600.16.5.1 * apache2-mod_auth_openidc-debuginfo-2.3.8-150600.16.5.1 ## References: * https://www.suse.com/security/cve/CVE-2024-24814.html * https://bugzilla.suse.com/show_bug.cgi?id=1219911 * https://bugzilla.suse.com/show_bug.cgi?id=1227261

1 0

SUSE-SU-2024:2275-2: important: Security update for openssh
by OPENSUSE-SECURITY-UPDATES 04 Jul '24

04 Jul '24

# Security update for openssh Announcement ID: SUSE-SU-2024:2275-2 Rating: important References: * bsc#1226642 Cross-References: * CVE-2024-6387 CVSS scores: * CVE-2024-6387 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.6 An update that solves one vulnerability can now be installed. ## Description: This update for openssh fixes the following issues: * CVE-2024-6387: Fixed race condition in a signal handler (bsc#1226642) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-2275=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * openssh-clients-debuginfo-9.6p1-150600.6.3.1 * openssh-askpass-gnome-debugsource-9.6p1-150600.6.3.1 * openssh-askpass-gnome-9.6p1-150600.6.3.1 * openssh-helpers-debuginfo-9.6p1-150600.6.3.1 * openssh-server-config-disallow-rootlogin-9.6p1-150600.6.3.1 * openssh-clients-9.6p1-150600.6.3.1 * openssh-helpers-9.6p1-150600.6.3.1 * openssh-9.6p1-150600.6.3.1 * openssh-debuginfo-9.6p1-150600.6.3.1 * openssh-fips-9.6p1-150600.6.3.1 * openssh-debugsource-9.6p1-150600.6.3.1 * openssh-server-9.6p1-150600.6.3.1 * openssh-common-debuginfo-9.6p1-150600.6.3.1 * openssh-cavs-debuginfo-9.6p1-150600.6.3.1 * openssh-askpass-gnome-debuginfo-9.6p1-150600.6.3.1 * openssh-server-debuginfo-9.6p1-150600.6.3.1 * openssh-common-9.6p1-150600.6.3.1 * openssh-cavs-9.6p1-150600.6.3.1 ## References: * https://www.suse.com/security/cve/CVE-2024-6387.html * https://bugzilla.suse.com/show_bug.cgi?id=1226642

1 0

SUSE-SU-2024:2292-1: important: Security update for ghostscript
by OPENSUSE-SECURITY-UPDATES 03 Jul '24

03 Jul '24

# Security update for ghostscript Announcement ID: SUSE-SU-2024:2292-1 Rating: important References: * bsc#1226944 * bsc#1226945 * bsc#1226946 Cross-References: * CVE-2024-29510 * CVE-2024-33869 * CVE-2024-33870 CVSS scores: * CVE-2024-29510 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2024-33869 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2024-33870 ( SUSE ): 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L Affected Products: * Basesystem Module 15-SP5 * Basesystem Module 15-SP6 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves three vulnerabilities can now be installed. ## Description: This update for ghostscript fixes the following issues: * CVE-2024-29510: Fixed an arbitrary path traversal when running in a permitted path (bsc#1226945). * CVE-2024-33870: Fixed a format string injection that could lead to command execution (bsc#1226944). * CVE-2024-33869: Fixed a path validation bypass that could lead to path traversal (bsc#1226946). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-2292=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-2292=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-2292=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-2292=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-2292=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-2292=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-2292=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-2292=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-2292=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-2292=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-2292=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-2292=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-2292=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-2292=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-2292=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-2292=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-2292=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-2292=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-2292=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * ghostscript-x11-debuginfo-9.52-150000.194.1 * ghostscript-x11-9.52-150000.194.1 * ghostscript-devel-9.52-150000.194.1 * ghostscript-debugsource-9.52-150000.194.1 * ghostscript-9.52-150000.194.1 * ghostscript-debuginfo-9.52-150000.194.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * ghostscript-x11-debuginfo-9.52-150000.194.1 * ghostscript-x11-9.52-150000.194.1 * ghostscript-devel-9.52-150000.194.1 * ghostscript-debugsource-9.52-150000.194.1 * ghostscript-9.52-150000.194.1 * ghostscript-debuginfo-9.52-150000.194.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * ghostscript-x11-debuginfo-9.52-150000.194.1 * ghostscript-x11-9.52-150000.194.1 * ghostscript-devel-9.52-150000.194.1 * ghostscript-debugsource-9.52-150000.194.1 * ghostscript-9.52-150000.194.1 * ghostscript-debuginfo-9.52-150000.194.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * ghostscript-x11-debuginfo-9.52-150000.194.1 * ghostscript-x11-9.52-150000.194.1 * ghostscript-devel-9.52-150000.194.1 * ghostscript-debugsource-9.52-150000.194.1 * ghostscript-9.52-150000.194.1 * ghostscript-debuginfo-9.52-150000.194.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * ghostscript-x11-debuginfo-9.52-150000.194.1 * ghostscript-x11-9.52-150000.194.1 * ghostscript-devel-9.52-150000.194.1 * ghostscript-debugsource-9.52-150000.194.1 * ghostscript-9.52-150000.194.1 * ghostscript-debuginfo-9.52-150000.194.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * ghostscript-x11-debuginfo-9.52-150000.194.1 * ghostscript-x11-9.52-150000.194.1 * ghostscript-devel-9.52-150000.194.1 * ghostscript-debugsource-9.52-150000.194.1 * ghostscript-9.52-150000.194.1 * ghostscript-debuginfo-9.52-150000.194.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * ghostscript-x11-debuginfo-9.52-150000.194.1 * ghostscript-x11-9.52-150000.194.1 * ghostscript-devel-9.52-150000.194.1 * ghostscript-debugsource-9.52-150000.194.1 * ghostscript-9.52-150000.194.1 * ghostscript-debuginfo-9.52-150000.194.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * ghostscript-x11-debuginfo-9.52-150000.194.1 * ghostscript-x11-9.52-150000.194.1 * ghostscript-devel-9.52-150000.194.1 * ghostscript-debugsource-9.52-150000.194.1 * ghostscript-9.52-150000.194.1 * ghostscript-debuginfo-9.52-150000.194.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * ghostscript-x11-debuginfo-9.52-150000.194.1 * ghostscript-x11-9.52-150000.194.1 * ghostscript-devel-9.52-150000.194.1 * ghostscript-debugsource-9.52-150000.194.1 * ghostscript-9.52-150000.194.1 * ghostscript-debuginfo-9.52-150000.194.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * ghostscript-x11-debuginfo-9.52-150000.194.1 * ghostscript-x11-9.52-150000.194.1 * ghostscript-devel-9.52-150000.194.1 * ghostscript-debugsource-9.52-150000.194.1 * ghostscript-9.52-150000.194.1 * ghostscript-debuginfo-9.52-150000.194.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * ghostscript-x11-debuginfo-9.52-150000.194.1 * ghostscript-x11-9.52-150000.194.1 * ghostscript-devel-9.52-150000.194.1 * ghostscript-debugsource-9.52-150000.194.1 * ghostscript-9.52-150000.194.1 * ghostscript-debuginfo-9.52-150000.194.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * ghostscript-x11-debuginfo-9.52-150000.194.1 * ghostscript-x11-9.52-150000.194.1 * ghostscript-devel-9.52-150000.194.1 * ghostscript-debugsource-9.52-150000.194.1 * ghostscript-9.52-150000.194.1 * ghostscript-debuginfo-9.52-150000.194.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * ghostscript-x11-debuginfo-9.52-150000.194.1 * ghostscript-x11-9.52-150000.194.1 * ghostscript-devel-9.52-150000.194.1 * ghostscript-debugsource-9.52-150000.194.1 * ghostscript-9.52-150000.194.1 * ghostscript-debuginfo-9.52-150000.194.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * ghostscript-x11-debuginfo-9.52-150000.194.1 * ghostscript-x11-9.52-150000.194.1 * ghostscript-devel-9.52-150000.194.1 * ghostscript-debugsource-9.52-150000.194.1 * ghostscript-9.52-150000.194.1 * ghostscript-debuginfo-9.52-150000.194.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * ghostscript-x11-debuginfo-9.52-150000.194.1 * ghostscript-x11-9.52-150000.194.1 * ghostscript-devel-9.52-150000.194.1 * ghostscript-debugsource-9.52-150000.194.1 * ghostscript-9.52-150000.194.1 * ghostscript-debuginfo-9.52-150000.194.1 * SUSE Manager Proxy 4.3 (x86_64) * ghostscript-x11-debuginfo-9.52-150000.194.1 * ghostscript-x11-9.52-150000.194.1 * ghostscript-devel-9.52-150000.194.1 * ghostscript-debugsource-9.52-150000.194.1 * ghostscript-9.52-150000.194.1 * ghostscript-debuginfo-9.52-150000.194.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * ghostscript-x11-debuginfo-9.52-150000.194.1 * ghostscript-x11-9.52-150000.194.1 * ghostscript-devel-9.52-150000.194.1 * ghostscript-debugsource-9.52-150000.194.1 * ghostscript-9.52-150000.194.1 * ghostscript-debuginfo-9.52-150000.194.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * ghostscript-x11-debuginfo-9.52-150000.194.1 * ghostscript-x11-9.52-150000.194.1 * ghostscript-devel-9.52-150000.194.1 * ghostscript-debugsource-9.52-150000.194.1 * ghostscript-9.52-150000.194.1 * ghostscript-debuginfo-9.52-150000.194.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * ghostscript-x11-debuginfo-9.52-150000.194.1 * ghostscript-x11-9.52-150000.194.1 * ghostscript-devel-9.52-150000.194.1 * ghostscript-debugsource-9.52-150000.194.1 * ghostscript-9.52-150000.194.1 * ghostscript-debuginfo-9.52-150000.194.1 ## References: * https://www.suse.com/security/cve/CVE-2024-29510.html * https://www.suse.com/security/cve/CVE-2024-33869.html * https://www.suse.com/security/cve/CVE-2024-33870.html * https://bugzilla.suse.com/show_bug.cgi?id=1226944 * https://bugzilla.suse.com/show_bug.cgi?id=1226945 * https://bugzilla.suse.com/show_bug.cgi?id=1226946

1 0

SUSE-SU-2024:2290-1: low: Security update for libxml2
by OPENSUSE-SECURITY-UPDATES 03 Jul '24

03 Jul '24

# Security update for libxml2 Announcement ID: SUSE-SU-2024:2290-1 Rating: low References: * bsc#1224282 Cross-References: * CVE-2024-34459 CVSS scores: * CVE-2024-34459 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N Affected Products: * Basesystem Module 15-SP5 * Basesystem Module 15-SP6 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * Python 3 Module 15-SP5 * Python 3 Module 15-SP6 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for libxml2 fixes the following issues: * CVE-2024-34459: Fixed buffer over-read in xmlHTMLPrintFileContext in xmllint.c (bsc#1224282). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-2290=1 SUSE-2024-2290=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-2290=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-2290=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-2290=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-2290=1 * Python 3 Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Python3-15-SP5-2024-2290=1 * Python 3 Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Python3-15-SP6-2024-2290=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * libxml2-2-debuginfo-2.10.3-150500.5.17.1 * libxml2-tools-2.10.3-150500.5.17.1 * python3-libxml2-debuginfo-2.10.3-150500.5.17.1 * libxml2-2-2.10.3-150500.5.17.1 * python3-libxml2-2.10.3-150500.5.17.1 * libxml2-python-debugsource-2.10.3-150500.5.17.1 * python311-libxml2-2.10.3-150500.5.17.1 * libxml2-devel-2.10.3-150500.5.17.1 * libxml2-tools-debuginfo-2.10.3-150500.5.17.1 * libxml2-debugsource-2.10.3-150500.5.17.1 * python311-libxml2-debuginfo-2.10.3-150500.5.17.1 * openSUSE Leap 15.5 (x86_64) * libxml2-devel-32bit-2.10.3-150500.5.17.1 * libxml2-2-32bit-debuginfo-2.10.3-150500.5.17.1 * libxml2-2-32bit-2.10.3-150500.5.17.1 * openSUSE Leap 15.5 (noarch) * libxml2-doc-2.10.3-150500.5.17.1 * openSUSE Leap 15.5 (aarch64_ilp32) * libxml2-2-64bit-2.10.3-150500.5.17.1 * libxml2-devel-64bit-2.10.3-150500.5.17.1 * libxml2-2-64bit-debuginfo-2.10.3-150500.5.17.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * libxml2-2-debuginfo-2.10.3-150500.5.17.1 * libxml2-tools-2.10.3-150500.5.17.1 * python3-libxml2-debuginfo-2.10.3-150500.5.17.1 * libxml2-2-2.10.3-150500.5.17.1 * python3-libxml2-2.10.3-150500.5.17.1 * libxml2-python-debugsource-2.10.3-150500.5.17.1 * python311-libxml2-2.10.3-150500.5.17.1 * libxml2-devel-2.10.3-150500.5.17.1 * libxml2-tools-debuginfo-2.10.3-150500.5.17.1 * libxml2-debugsource-2.10.3-150500.5.17.1 * python311-libxml2-debuginfo-2.10.3-150500.5.17.1 * openSUSE Leap 15.6 (x86_64) * libxml2-devel-32bit-2.10.3-150500.5.17.1 * libxml2-2-32bit-debuginfo-2.10.3-150500.5.17.1 * libxml2-2-32bit-2.10.3-150500.5.17.1 * openSUSE Leap 15.6 (noarch) * libxml2-doc-2.10.3-150500.5.17.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * libxml2-2-debuginfo-2.10.3-150500.5.17.1 * libxml2-tools-2.10.3-150500.5.17.1 * python3-libxml2-debuginfo-2.10.3-150500.5.17.1 * libxml2-2-2.10.3-150500.5.17.1 * python3-libxml2-2.10.3-150500.5.17.1 * libxml2-python-debugsource-2.10.3-150500.5.17.1 * libxml2-tools-debuginfo-2.10.3-150500.5.17.1 * libxml2-debugsource-2.10.3-150500.5.17.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * libxml2-2-debuginfo-2.10.3-150500.5.17.1 * libxml2-tools-2.10.3-150500.5.17.1 * python3-libxml2-debuginfo-2.10.3-150500.5.17.1 * libxml2-2-2.10.3-150500.5.17.1 * python3-libxml2-2.10.3-150500.5.17.1 * libxml2-python-debugsource-2.10.3-150500.5.17.1 * libxml2-devel-2.10.3-150500.5.17.1 * libxml2-tools-debuginfo-2.10.3-150500.5.17.1 * libxml2-debugsource-2.10.3-150500.5.17.1 * Basesystem Module 15-SP5 (x86_64) * libxml2-2-32bit-debuginfo-2.10.3-150500.5.17.1 * libxml2-2-32bit-2.10.3-150500.5.17.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libxml2-2-debuginfo-2.10.3-150500.5.17.1 * libxml2-tools-2.10.3-150500.5.17.1 * python3-libxml2-debuginfo-2.10.3-150500.5.17.1 * libxml2-2-2.10.3-150500.5.17.1 * python3-libxml2-2.10.3-150500.5.17.1 * libxml2-python-debugsource-2.10.3-150500.5.17.1 * libxml2-devel-2.10.3-150500.5.17.1 * libxml2-tools-debuginfo-2.10.3-150500.5.17.1 * libxml2-debugsource-2.10.3-150500.5.17.1 * Basesystem Module 15-SP6 (x86_64) * libxml2-2-32bit-debuginfo-2.10.3-150500.5.17.1 * libxml2-2-32bit-2.10.3-150500.5.17.1 * Python 3 Module 15-SP5 (aarch64 ppc64le s390x x86_64) * python311-libxml2-debuginfo-2.10.3-150500.5.17.1 * python311-libxml2-2.10.3-150500.5.17.1 * Python 3 Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libxml2-python-debugsource-2.10.3-150500.5.17.1 * python311-libxml2-debuginfo-2.10.3-150500.5.17.1 * python311-libxml2-2.10.3-150500.5.17.1 ## References: * https://www.suse.com/security/cve/CVE-2024-34459.html * https://bugzilla.suse.com/show_bug.cgi?id=1224282

1 0

SUSE-SU-2024:2283-1: important: Security update for libndp
by OPENSUSE-SECURITY-UPDATES 03 Jul '24

03 Jul '24

# Security update for libndp Announcement ID: SUSE-SU-2024:2283-1 Rating: important References: * bsc#1225771 Cross-References: * CVE-2024-5564 CVSS scores: * CVE-2024-5564 ( SUSE ): 7.5 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * Desktop Applications Module 15-SP5 * Desktop Applications Module 15-SP6 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for libndp fixes the following issues: * CVE-2024-5564: Add a check on the route information option length field. (bsc#1225771) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-2283=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-2283=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-2283=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-2283=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-2283=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-2283=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-2283=1 * Desktop Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP5-2024-2283=1 * Desktop Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2024-2283=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-2283=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-2283=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-2283=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-2283=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-2283=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-2283=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-2283=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-2283=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-2283=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-2283=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-2283=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-2283=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * libndp-devel-1.6-150000.3.3.1 * libndp-debugsource-1.6-150000.3.3.1 * libndp-1.6-150000.3.3.1 * libndp0-debuginfo-1.6-150000.3.3.1 * libndp-debuginfo-1.6-150000.3.3.1 * libndp0-1.6-150000.3.3.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * libndp-devel-1.6-150000.3.3.1 * libndp-debugsource-1.6-150000.3.3.1 * libndp-1.6-150000.3.3.1 * libndp0-debuginfo-1.6-150000.3.3.1 * libndp-debuginfo-1.6-150000.3.3.1 * libndp0-1.6-150000.3.3.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * libndp0-debuginfo-1.6-150000.3.3.1 * libndp-debuginfo-1.6-150000.3.3.1 * libndp-debugsource-1.6-150000.3.3.1 * libndp0-1.6-150000.3.3.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * libndp0-debuginfo-1.6-150000.3.3.1 * libndp-debuginfo-1.6-150000.3.3.1 * libndp-debugsource-1.6-150000.3.3.1 * libndp0-1.6-150000.3.3.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * libndp0-debuginfo-1.6-150000.3.3.1 * libndp-debuginfo-1.6-150000.3.3.1 * libndp-debugsource-1.6-150000.3.3.1 * libndp0-1.6-150000.3.3.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * libndp0-debuginfo-1.6-150000.3.3.1 * libndp-debuginfo-1.6-150000.3.3.1 * libndp-debugsource-1.6-150000.3.3.1 * libndp0-1.6-150000.3.3.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * libndp0-debuginfo-1.6-150000.3.3.1 * libndp-debuginfo-1.6-150000.3.3.1 * libndp-debugsource-1.6-150000.3.3.1 * libndp0-1.6-150000.3.3.1 * Desktop Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * libndp-devel-1.6-150000.3.3.1 * libndp-debugsource-1.6-150000.3.3.1 * libndp0-debuginfo-1.6-150000.3.3.1 * libndp-debuginfo-1.6-150000.3.3.1 * libndp0-1.6-150000.3.3.1 * Desktop Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libndp-devel-1.6-150000.3.3.1 * libndp-debugsource-1.6-150000.3.3.1 * libndp0-debuginfo-1.6-150000.3.3.1 * libndp-debuginfo-1.6-150000.3.3.1 * libndp0-1.6-150000.3.3.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * libndp-devel-1.6-150000.3.3.1 * libndp-debugsource-1.6-150000.3.3.1 * libndp0-debuginfo-1.6-150000.3.3.1 * libndp-debuginfo-1.6-150000.3.3.1 * libndp0-1.6-150000.3.3.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * libndp-devel-1.6-150000.3.3.1 * libndp-debugsource-1.6-150000.3.3.1 * libndp0-debuginfo-1.6-150000.3.3.1 * libndp-debuginfo-1.6-150000.3.3.1 * libndp0-1.6-150000.3.3.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * libndp-devel-1.6-150000.3.3.1 * libndp-debugsource-1.6-150000.3.3.1 * libndp0-debuginfo-1.6-150000.3.3.1 * libndp-debuginfo-1.6-150000.3.3.1 * libndp0-1.6-150000.3.3.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * libndp-devel-1.6-150000.3.3.1 * libndp-debugsource-1.6-150000.3.3.1 * libndp0-debuginfo-1.6-150000.3.3.1 * libndp-debuginfo-1.6-150000.3.3.1 * libndp0-1.6-150000.3.3.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * libndp-devel-1.6-150000.3.3.1 * libndp-debugsource-1.6-150000.3.3.1 * libndp0-debuginfo-1.6-150000.3.3.1 * libndp-debuginfo-1.6-150000.3.3.1 * libndp0-1.6-150000.3.3.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * libndp-devel-1.6-150000.3.3.1 * libndp-debugsource-1.6-150000.3.3.1 * libndp0-debuginfo-1.6-150000.3.3.1 * libndp-debuginfo-1.6-150000.3.3.1 * libndp0-1.6-150000.3.3.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * libndp-devel-1.6-150000.3.3.1 * libndp-debugsource-1.6-150000.3.3.1 * libndp0-debuginfo-1.6-150000.3.3.1 * libndp-debuginfo-1.6-150000.3.3.1 * libndp0-1.6-150000.3.3.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * libndp-devel-1.6-150000.3.3.1 * libndp-debugsource-1.6-150000.3.3.1 * libndp0-debuginfo-1.6-150000.3.3.1 * libndp-debuginfo-1.6-150000.3.3.1 * libndp0-1.6-150000.3.3.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * libndp-devel-1.6-150000.3.3.1 * libndp-debugsource-1.6-150000.3.3.1 * libndp0-debuginfo-1.6-150000.3.3.1 * libndp-debuginfo-1.6-150000.3.3.1 * libndp0-1.6-150000.3.3.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * libndp-devel-1.6-150000.3.3.1 * libndp-debugsource-1.6-150000.3.3.1 * libndp0-debuginfo-1.6-150000.3.3.1 * libndp-debuginfo-1.6-150000.3.3.1 * libndp0-1.6-150000.3.3.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * libndp-devel-1.6-150000.3.3.1 * libndp-debugsource-1.6-150000.3.3.1 * libndp0-debuginfo-1.6-150000.3.3.1 * libndp-debuginfo-1.6-150000.3.3.1 * libndp0-1.6-150000.3.3.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * libndp-devel-1.6-150000.3.3.1 * libndp-debugsource-1.6-150000.3.3.1 * libndp0-debuginfo-1.6-150000.3.3.1 * libndp-debuginfo-1.6-150000.3.3.1 * libndp0-1.6-150000.3.3.1 ## References: * https://www.suse.com/security/cve/CVE-2024-5564.html * https://bugzilla.suse.com/show_bug.cgi?id=1225771

1 0

SUSE-SU-2024:2286-1: moderate: Security update for podman
by OPENSUSE-SECURITY-UPDATES 03 Jul '24

03 Jul '24

# Security update for podman Announcement ID: SUSE-SU-2024:2286-1 Rating: moderate References: * bsc#1227052 Cross-References: * CVE-2024-6104 CVSS scores: * CVE-2024-6104 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N * CVE-2024-6104 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * Containers Module 15-SP5 * Containers Module 15-SP6 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for podman fixes the following issues: * CVE-2024-6104: Fixed a potential leak of sensitive information on HTTP log file (bsc#1227052). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-2286=1 openSUSE-SLE-15.5-2024-2286=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-2286=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-2286=1 * Containers Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Containers-15-SP5-2024-2286=1 * Containers Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Containers-15-SP6-2024-2286=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * podmansh-4.9.5-150500.3.15.1 * podman-4.9.5-150500.3.15.1 * podman-debuginfo-4.9.5-150500.3.15.1 * podman-remote-4.9.5-150500.3.15.1 * podman-remote-debuginfo-4.9.5-150500.3.15.1 * openSUSE Leap 15.5 (noarch) * podman-docker-4.9.5-150500.3.15.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * podmansh-4.9.5-150500.3.15.1 * podman-4.9.5-150500.3.15.1 * podman-debuginfo-4.9.5-150500.3.15.1 * podman-remote-4.9.5-150500.3.15.1 * podman-remote-debuginfo-4.9.5-150500.3.15.1 * openSUSE Leap 15.6 (noarch) * podman-docker-4.9.5-150500.3.15.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * podmansh-4.9.5-150500.3.15.1 * podman-4.9.5-150500.3.15.1 * podman-debuginfo-4.9.5-150500.3.15.1 * podman-remote-4.9.5-150500.3.15.1 * podman-remote-debuginfo-4.9.5-150500.3.15.1 * SUSE Linux Enterprise Micro 5.5 (noarch) * podman-docker-4.9.5-150500.3.15.1 * Containers Module 15-SP5 (aarch64 ppc64le s390x x86_64) * podmansh-4.9.5-150500.3.15.1 * podman-4.9.5-150500.3.15.1 * podman-debuginfo-4.9.5-150500.3.15.1 * podman-remote-4.9.5-150500.3.15.1 * podman-remote-debuginfo-4.9.5-150500.3.15.1 * Containers Module 15-SP5 (noarch) * podman-docker-4.9.5-150500.3.15.1 * Containers Module 15-SP6 (aarch64 ppc64le s390x x86_64) * podmansh-4.9.5-150500.3.15.1 * podman-4.9.5-150500.3.15.1 * podman-debuginfo-4.9.5-150500.3.15.1 * podman-remote-4.9.5-150500.3.15.1 * podman-remote-debuginfo-4.9.5-150500.3.15.1 * Containers Module 15-SP6 (noarch) * podman-docker-4.9.5-150500.3.15.1 ## References: * https://www.suse.com/security/cve/CVE-2024-6104.html * https://bugzilla.suse.com/show_bug.cgi?id=1227052

1 0

SUSE-SU-2024:2280-1: moderate: Security update for python39
by OPENSUSE-SECURITY-UPDATES 02 Jul '24

02 Jul '24

# Security update for python39 Announcement ID: SUSE-SU-2024:2280-1 Rating: moderate References: * bsc#1226447 * bsc#1226448 Cross-References: * CVE-2024-0397 * CVE-2024-4032 CVSS scores: * CVE-2024-0397 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L * CVE-2024-4032 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * Legacy Module 15-SP5 * openSUSE Leap 15.3 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves two vulnerabilities can now be installed. ## Description: This update for python39 fixes the following issues: * CVE-2024-4032: Rearranging definition of private v global IP. (bsc#1226448) * CVE-2024-0397: Remove a memory race condition in ssl.SSLContext certificate store methods. (bsc#1226447) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-2280=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-2280=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-2280=1 * Legacy Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Legacy-15-SP5-2024-2280=1 ## Package List: * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * python39-3.9.19-150300.4.46.1 * python39-core-debugsource-3.9.19-150300.4.46.1 * python39-idle-3.9.19-150300.4.46.1 * python39-base-3.9.19-150300.4.46.1 * libpython3_9-1_0-debuginfo-3.9.19-150300.4.46.1 * python39-devel-3.9.19-150300.4.46.1 * python39-doc-devhelp-3.9.19-150300.4.46.1 * libpython3_9-1_0-3.9.19-150300.4.46.1 * python39-testsuite-3.9.19-150300.4.46.1 * python39-tools-3.9.19-150300.4.46.1 * python39-dbm-3.9.19-150300.4.46.1 * python39-testsuite-debuginfo-3.9.19-150300.4.46.1 * python39-curses-debuginfo-3.9.19-150300.4.46.1 * python39-base-debuginfo-3.9.19-150300.4.46.1 * python39-debuginfo-3.9.19-150300.4.46.1 * python39-tk-3.9.19-150300.4.46.1 * python39-tk-debuginfo-3.9.19-150300.4.46.1 * python39-debugsource-3.9.19-150300.4.46.1 * python39-dbm-debuginfo-3.9.19-150300.4.46.1 * python39-curses-3.9.19-150300.4.46.1 * python39-doc-3.9.19-150300.4.46.1 * openSUSE Leap 15.3 (x86_64) * python39-32bit-3.9.19-150300.4.46.1 * python39-base-32bit-3.9.19-150300.4.46.1 * python39-32bit-debuginfo-3.9.19-150300.4.46.1 * python39-base-32bit-debuginfo-3.9.19-150300.4.46.1 * libpython3_9-1_0-32bit-3.9.19-150300.4.46.1 * libpython3_9-1_0-32bit-debuginfo-3.9.19-150300.4.46.1 * openSUSE Leap 15.3 (aarch64_ilp32) * python39-base-64bit-3.9.19-150300.4.46.1 * python39-base-64bit-debuginfo-3.9.19-150300.4.46.1 * python39-64bit-3.9.19-150300.4.46.1 * libpython3_9-1_0-64bit-3.9.19-150300.4.46.1 * libpython3_9-1_0-64bit-debuginfo-3.9.19-150300.4.46.1 * python39-64bit-debuginfo-3.9.19-150300.4.46.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * python39-3.9.19-150300.4.46.1 * python39-core-debugsource-3.9.19-150300.4.46.1 * python39-idle-3.9.19-150300.4.46.1 * python39-base-3.9.19-150300.4.46.1 * libpython3_9-1_0-debuginfo-3.9.19-150300.4.46.1 * python39-doc-devhelp-3.9.19-150300.4.46.1 * python39-devel-3.9.19-150300.4.46.1 * libpython3_9-1_0-3.9.19-150300.4.46.1 * python39-testsuite-3.9.19-150300.4.46.1 * python39-tools-3.9.19-150300.4.46.1 * python39-dbm-3.9.19-150300.4.46.1 * python39-testsuite-debuginfo-3.9.19-150300.4.46.1 * python39-base-debuginfo-3.9.19-150300.4.46.1 * python39-curses-debuginfo-3.9.19-150300.4.46.1 * python39-debuginfo-3.9.19-150300.4.46.1 * python39-tk-3.9.19-150300.4.46.1 * python39-tk-debuginfo-3.9.19-150300.4.46.1 * python39-debugsource-3.9.19-150300.4.46.1 * python39-dbm-debuginfo-3.9.19-150300.4.46.1 * python39-curses-3.9.19-150300.4.46.1 * python39-doc-3.9.19-150300.4.46.1 * openSUSE Leap 15.5 (x86_64) * libpython3_9-1_0-32bit-3.9.19-150300.4.46.1 * python39-base-32bit-3.9.19-150300.4.46.1 * python39-32bit-debuginfo-3.9.19-150300.4.46.1 * python39-base-32bit-debuginfo-3.9.19-150300.4.46.1 * python39-32bit-3.9.19-150300.4.46.1 * libpython3_9-1_0-32bit-debuginfo-3.9.19-150300.4.46.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * python39-3.9.19-150300.4.46.1 * python39-core-debugsource-3.9.19-150300.4.46.1 * python39-idle-3.9.19-150300.4.46.1 * python39-base-3.9.19-150300.4.46.1 * libpython3_9-1_0-debuginfo-3.9.19-150300.4.46.1 * python39-doc-devhelp-3.9.19-150300.4.46.1 * python39-devel-3.9.19-150300.4.46.1 * libpython3_9-1_0-3.9.19-150300.4.46.1 * python39-testsuite-3.9.19-150300.4.46.1 * python39-tools-3.9.19-150300.4.46.1 * python39-dbm-3.9.19-150300.4.46.1 * python39-testsuite-debuginfo-3.9.19-150300.4.46.1 * python39-base-debuginfo-3.9.19-150300.4.46.1 * python39-curses-debuginfo-3.9.19-150300.4.46.1 * python39-debuginfo-3.9.19-150300.4.46.1 * python39-tk-3.9.19-150300.4.46.1 * python39-tk-debuginfo-3.9.19-150300.4.46.1 * python39-debugsource-3.9.19-150300.4.46.1 * python39-dbm-debuginfo-3.9.19-150300.4.46.1 * python39-curses-3.9.19-150300.4.46.1 * python39-doc-3.9.19-150300.4.46.1 * openSUSE Leap 15.6 (x86_64) * libpython3_9-1_0-32bit-3.9.19-150300.4.46.1 * python39-base-32bit-3.9.19-150300.4.46.1 * python39-32bit-debuginfo-3.9.19-150300.4.46.1 * python39-base-32bit-debuginfo-3.9.19-150300.4.46.1 * python39-32bit-3.9.19-150300.4.46.1 * libpython3_9-1_0-32bit-debuginfo-3.9.19-150300.4.46.1 * Legacy Module 15-SP5 (aarch64 ppc64le s390x x86_64) * python39-3.9.19-150300.4.46.1 * libpython3_9-1_0-3.9.19-150300.4.46.1 * python39-base-3.9.19-150300.4.46.1 * python39-curses-3.9.19-150300.4.46.1 * python39-dbm-3.9.19-150300.4.46.1 ## References: * https://www.suse.com/security/cve/CVE-2024-0397.html * https://www.suse.com/security/cve/CVE-2024-4032.html * https://bugzilla.suse.com/show_bug.cgi?id=1226447 * https://bugzilla.suse.com/show_bug.cgi?id=1226448

1 0

SUSE-SU-2024:2281-1: low: Security update for podofo
by OPENSUSE-SECURITY-UPDATES 02 Jul '24

02 Jul '24

# Security update for podofo Announcement ID: SUSE-SU-2024:2281-1 Rating: low References: * bsc#1213720 Affected Products: * openSUSE Leap 15.3 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Package Hub 15 15-SP5 * SUSE Package Hub 15 15-SP6 An update that has one security fix can now be installed. ## Description: This update for podofo fixes the following issues: * PdfEncrypt: Validate more encrypt dictionary parameters (bsc#1213720) * PdfXRefStreamParserObject: Fixed handling of invalid XRef stream entries (bsc#1213720) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-2281=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-2281=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-2281=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-2281=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-2281=1 ## Package List: * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * podofo-debugsource-0.9.6-150300.3.12.1 * libpodofo0_9_6-0.9.6-150300.3.12.1 * podofo-debuginfo-0.9.6-150300.3.12.1 * libpodofo0_9_6-debuginfo-0.9.6-150300.3.12.1 * libpodofo-devel-0.9.6-150300.3.12.1 * podofo-0.9.6-150300.3.12.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * podofo-debugsource-0.9.6-150300.3.12.1 * libpodofo0_9_6-0.9.6-150300.3.12.1 * podofo-debuginfo-0.9.6-150300.3.12.1 * libpodofo0_9_6-debuginfo-0.9.6-150300.3.12.1 * libpodofo-devel-0.9.6-150300.3.12.1 * podofo-0.9.6-150300.3.12.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * podofo-debugsource-0.9.6-150300.3.12.1 * libpodofo0_9_6-0.9.6-150300.3.12.1 * podofo-debuginfo-0.9.6-150300.3.12.1 * libpodofo0_9_6-debuginfo-0.9.6-150300.3.12.1 * libpodofo-devel-0.9.6-150300.3.12.1 * podofo-0.9.6-150300.3.12.1 * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x x86_64) * podofo-debugsource-0.9.6-150300.3.12.1 * libpodofo0_9_6-0.9.6-150300.3.12.1 * podofo-debuginfo-0.9.6-150300.3.12.1 * libpodofo0_9_6-debuginfo-0.9.6-150300.3.12.1 * libpodofo-devel-0.9.6-150300.3.12.1 * podofo-0.9.6-150300.3.12.1 * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64) * podofo-debugsource-0.9.6-150300.3.12.1 * libpodofo0_9_6-0.9.6-150300.3.12.1 * podofo-debuginfo-0.9.6-150300.3.12.1 * libpodofo0_9_6-debuginfo-0.9.6-150300.3.12.1 * libpodofo-devel-0.9.6-150300.3.12.1 * podofo-0.9.6-150300.3.12.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1213720

1 0

SUSE-SU-2024:2279-1: low: Security update for libxml2
by OPENSUSE-SECURITY-UPDATES 02 Jul '24

02 Jul '24

# Security update for libxml2 Announcement ID: SUSE-SU-2024:2279-1 Rating: low References: * bsc#1224282 Cross-References: * CVE-2024-34459 CVSS scores: * CVE-2024-34459 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 An update that solves one vulnerability can now be installed. ## Description: This update for libxml2 fixes the following issues: * CVE-2024-34459: Fixed buffer over-read in xmlHTMLPrintFileContext in xmllint.c (bsc#1224282). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-2279=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-2279=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-2279=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-2279=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-2279=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * libxml2-2-2.9.14-150400.5.32.1 * python311-libxml2-2.9.14-150400.5.32.1 * libxml2-devel-2.9.14-150400.5.32.1 * libxml2-tools-2.9.14-150400.5.32.1 * libxml2-tools-debuginfo-2.9.14-150400.5.32.1 * libxml2-2-debuginfo-2.9.14-150400.5.32.1 * libxml2-python-debugsource-2.9.14-150400.5.32.1 * libxml2-debugsource-2.9.14-150400.5.32.1 * python3-libxml2-debuginfo-2.9.14-150400.5.32.1 * python3-libxml2-2.9.14-150400.5.32.1 * python311-libxml2-debuginfo-2.9.14-150400.5.32.1 * openSUSE Leap 15.4 (x86_64) * libxml2-2-32bit-debuginfo-2.9.14-150400.5.32.1 * libxml2-2-32bit-2.9.14-150400.5.32.1 * libxml2-devel-32bit-2.9.14-150400.5.32.1 * openSUSE Leap 15.4 (noarch) * libxml2-doc-2.9.14-150400.5.32.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libxml2-2-64bit-2.9.14-150400.5.32.1 * libxml2-2-64bit-debuginfo-2.9.14-150400.5.32.1 * libxml2-devel-64bit-2.9.14-150400.5.32.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * libxml2-2-2.9.14-150400.5.32.1 * libxml2-tools-2.9.14-150400.5.32.1 * libxml2-tools-debuginfo-2.9.14-150400.5.32.1 * libxml2-2-debuginfo-2.9.14-150400.5.32.1 * libxml2-python-debugsource-2.9.14-150400.5.32.1 * libxml2-debugsource-2.9.14-150400.5.32.1 * python3-libxml2-debuginfo-2.9.14-150400.5.32.1 * python3-libxml2-2.9.14-150400.5.32.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * libxml2-2-2.9.14-150400.5.32.1 * libxml2-tools-2.9.14-150400.5.32.1 * libxml2-tools-debuginfo-2.9.14-150400.5.32.1 * libxml2-2-debuginfo-2.9.14-150400.5.32.1 * libxml2-python-debugsource-2.9.14-150400.5.32.1 * libxml2-debugsource-2.9.14-150400.5.32.1 * python3-libxml2-debuginfo-2.9.14-150400.5.32.1 * python3-libxml2-2.9.14-150400.5.32.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * libxml2-2-2.9.14-150400.5.32.1 * libxml2-tools-2.9.14-150400.5.32.1 * libxml2-tools-debuginfo-2.9.14-150400.5.32.1 * libxml2-2-debuginfo-2.9.14-150400.5.32.1 * libxml2-python-debugsource-2.9.14-150400.5.32.1 * libxml2-debugsource-2.9.14-150400.5.32.1 * python3-libxml2-debuginfo-2.9.14-150400.5.32.1 * python3-libxml2-2.9.14-150400.5.32.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * libxml2-2-2.9.14-150400.5.32.1 * libxml2-tools-2.9.14-150400.5.32.1 * libxml2-tools-debuginfo-2.9.14-150400.5.32.1 * libxml2-2-debuginfo-2.9.14-150400.5.32.1 * libxml2-python-debugsource-2.9.14-150400.5.32.1 * libxml2-debugsource-2.9.14-150400.5.32.1 * python3-libxml2-debuginfo-2.9.14-150400.5.32.1 * python3-libxml2-2.9.14-150400.5.32.1 ## References: * https://www.suse.com/security/cve/CVE-2024-34459.html * https://bugzilla.suse.com/show_bug.cgi?id=1224282

1 0

SUSE-SU-2024:2275-1: important: Security update for openssh
by OPENSUSE-SECURITY-UPDATES 02 Jul '24

02 Jul '24

# Security update for openssh Announcement ID: SUSE-SU-2024:2275-1 Rating: important References: * bsc#1226642 Cross-References: * CVE-2024-6387 CVSS scores: * CVE-2024-6387 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP6 * Desktop Applications Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for openssh fixes the following issues: * CVE-2024-6387: Fixed race condition in a signal handler (bsc#1226642) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-2275=1 openSUSE-SLE-15.6-2024-2275=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-2275=1 * Desktop Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2024-2275=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * openssh-clients-debuginfo-9.6p1-150600.6.3.1 * openssh-askpass-gnome-debugsource-9.6p1-150600.6.3.1 * openssh-askpass-gnome-9.6p1-150600.6.3.1 * openssh-helpers-debuginfo-9.6p1-150600.6.3.1 * openssh-server-config-disallow-rootlogin-9.6p1-150600.6.3.1 * openssh-clients-9.6p1-150600.6.3.1 * openssh-helpers-9.6p1-150600.6.3.1 * openssh-9.6p1-150600.6.3.1 * openssh-debuginfo-9.6p1-150600.6.3.1 * openssh-fips-9.6p1-150600.6.3.1 * openssh-debugsource-9.6p1-150600.6.3.1 * openssh-server-9.6p1-150600.6.3.1 * openssh-common-debuginfo-9.6p1-150600.6.3.1 * openssh-cavs-debuginfo-9.6p1-150600.6.3.1 * openssh-askpass-gnome-debuginfo-9.6p1-150600.6.3.1 * openssh-server-debuginfo-9.6p1-150600.6.3.1 * openssh-common-9.6p1-150600.6.3.1 * openssh-cavs-9.6p1-150600.6.3.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * openssh-clients-debuginfo-9.6p1-150600.6.3.1 * openssh-server-config-disallow-rootlogin-9.6p1-150600.6.3.1 * openssh-clients-9.6p1-150600.6.3.1 * openssh-helpers-9.6p1-150600.6.3.1 * openssh-9.6p1-150600.6.3.1 * openssh-debuginfo-9.6p1-150600.6.3.1 * openssh-fips-9.6p1-150600.6.3.1 * openssh-debugsource-9.6p1-150600.6.3.1 * openssh-server-9.6p1-150600.6.3.1 * openssh-common-debuginfo-9.6p1-150600.6.3.1 * openssh-helpers-debuginfo-9.6p1-150600.6.3.1 * openssh-server-debuginfo-9.6p1-150600.6.3.1 * openssh-common-9.6p1-150600.6.3.1 * Desktop Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * openssh-askpass-gnome-9.6p1-150600.6.3.1 * openssh-askpass-gnome-debugsource-9.6p1-150600.6.3.1 * openssh-askpass-gnome-debuginfo-9.6p1-150600.6.3.1 ## References: * https://www.suse.com/security/cve/CVE-2024-6387.html * https://bugzilla.suse.com/show_bug.cgi?id=1226642

1 0

SUSE-SU-2024:2277-1: important: Security update for git
by OPENSUSE-SECURITY-UPDATES 02 Jul '24

02 Jul '24

# Security update for git Announcement ID: SUSE-SU-2024:2277-1 Rating: important References: * bsc#1224168 * bsc#1224170 * bsc#1224171 * bsc#1224172 * bsc#1224173 Cross-References: * CVE-2024-32002 * CVE-2024-32004 * CVE-2024-32020 * CVE-2024-32021 * CVE-2024-32465 CVSS scores: * CVE-2024-32002 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-32002 ( NVD ): 9.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H * CVE-2024-32004 ( SUSE ): 8.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H * CVE-2024-32020 ( SUSE ): 3.9 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:L * CVE-2024-32021 ( SUSE ): 3.9 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:L * CVE-2024-32465 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP6 * Development Tools Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves five vulnerabilities can now be installed. ## Description: This update for git fixes the following issues: * CVE-2024-32002: Fix recursive clones on case-insensitive filesystems that support symbolic links are susceptible to case confusion. (bsc#1224168) * CVE-2024-32004: Fixed arbitrary code execution during local clones. (bsc#1224170) * CVE-2024-32020: Fix file overwriting vulnerability during local clones. (bsc#1224171) * CVE-2024-32021: Git may create hardlinks to arbitrary user-readable files. (bsc#1224172) * CVE-2024-32465: Fixed arbitrary code execution during clone operations. (bsc#1224173) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-2277=1 * Development Tools Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2024-2277=1 * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-2277=1 openSUSE-SLE-15.6-2024-2277=1 ## Package List: * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * git-core-debuginfo-2.43.0-150600.3.3.1 * git-debugsource-2.43.0-150600.3.3.1 * git-debuginfo-2.43.0-150600.3.3.1 * git-core-2.43.0-150600.3.3.1 * Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64) * gitk-2.43.0-150600.3.3.1 * git-email-2.43.0-150600.3.3.1 * git-web-2.43.0-150600.3.3.1 * git-svn-2.43.0-150600.3.3.1 * git-arch-2.43.0-150600.3.3.1 * git-cvs-2.43.0-150600.3.3.1 * git-daemon-debuginfo-2.43.0-150600.3.3.1 * git-daemon-2.43.0-150600.3.3.1 * git-debuginfo-2.43.0-150600.3.3.1 * git-debugsource-2.43.0-150600.3.3.1 * perl-Git-2.43.0-150600.3.3.1 * git-gui-2.43.0-150600.3.3.1 * git-2.43.0-150600.3.3.1 * Development Tools Module 15-SP6 (noarch) * git-doc-2.43.0-150600.3.3.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * gitk-2.43.0-150600.3.3.1 * git-email-2.43.0-150600.3.3.1 * git-web-2.43.0-150600.3.3.1 * git-core-2.43.0-150600.3.3.1 * git-svn-2.43.0-150600.3.3.1 * git-arch-2.43.0-150600.3.3.1 * git-cvs-2.43.0-150600.3.3.1 * git-gui-2.43.0-150600.3.3.1 * git-daemon-debuginfo-2.43.0-150600.3.3.1 * git-debugsource-2.43.0-150600.3.3.1 * git-p4-2.43.0-150600.3.3.1 * git-daemon-2.43.0-150600.3.3.1 * git-debuginfo-2.43.0-150600.3.3.1 * git-core-debuginfo-2.43.0-150600.3.3.1 * perl-Git-2.43.0-150600.3.3.1 * git-credential-libsecret-debuginfo-2.43.0-150600.3.3.1 * git-credential-libsecret-2.43.0-150600.3.3.1 * git-2.43.0-150600.3.3.1 * openSUSE Leap 15.6 (noarch) * git-doc-2.43.0-150600.3.3.1 ## References: * https://www.suse.com/security/cve/CVE-2024-32002.html * https://www.suse.com/security/cve/CVE-2024-32004.html * https://www.suse.com/security/cve/CVE-2024-32020.html * https://www.suse.com/security/cve/CVE-2024-32021.html * https://www.suse.com/security/cve/CVE-2024-32465.html * https://bugzilla.suse.com/show_bug.cgi?id=1224168 * https://bugzilla.suse.com/show_bug.cgi?id=1224170 * https://bugzilla.suse.com/show_bug.cgi?id=1224171 * https://bugzilla.suse.com/show_bug.cgi?id=1224172 * https://bugzilla.suse.com/show_bug.cgi?id=1224173

1 0

SUSE-SU-2024:2265-1: moderate: Security update for wireshark
by OPENSUSE-SECURITY-UPDATES 02 Jul '24

02 Jul '24

# Security update for wireshark Announcement ID: SUSE-SU-2024:2265-1 Rating: moderate References: * bsc#1224259 * bsc#1224274 * bsc#1224276 Cross-References: * CVE-2024-4853 * CVE-2024-4854 * CVE-2024-4855 CVSS scores: * CVE-2024-4853 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-4854 ( SUSE ): 5.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-4855 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L Affected Products: * Basesystem Module 15-SP6 * Desktop Applications Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves three vulnerabilities can now be installed. ## Description: This update for wireshark fixes the following issues: Update to version 3.6.22: * CVE-2024-4854: MONGO and ZigBee TLV dissector infinite loops (bsc#1224274) * CVE-2024-4853: The editcap command line utility could crash when chopping bytes from the beginning of a packet (bsc#1224259) * CVE-2024-4855: The editcap command line utility could crash when injecting secrets while writing multiple files (bsc#1224276) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-2265=1 openSUSE-SLE-15.6-2024-2265=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-2265=1 * Desktop Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2024-2265=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * libwireshark15-3.6.23-150600.18.3.1 * wireshark-devel-3.6.23-150600.18.3.1 * libwsutil13-debuginfo-3.6.23-150600.18.3.1 * wireshark-debuginfo-3.6.23-150600.18.3.1 * libwsutil13-3.6.23-150600.18.3.1 * libwiretap12-3.6.23-150600.18.3.1 * libwireshark15-debuginfo-3.6.23-150600.18.3.1 * wireshark-3.6.23-150600.18.3.1 * wireshark-ui-qt-3.6.23-150600.18.3.1 * wireshark-ui-qt-debuginfo-3.6.23-150600.18.3.1 * libwiretap12-debuginfo-3.6.23-150600.18.3.1 * wireshark-debugsource-3.6.23-150600.18.3.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libwireshark15-3.6.23-150600.18.3.1 * libwsutil13-debuginfo-3.6.23-150600.18.3.1 * wireshark-debuginfo-3.6.23-150600.18.3.1 * libwsutil13-3.6.23-150600.18.3.1 * libwiretap12-3.6.23-150600.18.3.1 * libwireshark15-debuginfo-3.6.23-150600.18.3.1 * wireshark-3.6.23-150600.18.3.1 * libwiretap12-debuginfo-3.6.23-150600.18.3.1 * wireshark-debugsource-3.6.23-150600.18.3.1 * Desktop Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * wireshark-devel-3.6.23-150600.18.3.1 * wireshark-debuginfo-3.6.23-150600.18.3.1 * wireshark-ui-qt-3.6.23-150600.18.3.1 * wireshark-ui-qt-debuginfo-3.6.23-150600.18.3.1 * wireshark-debugsource-3.6.23-150600.18.3.1 ## References: * https://www.suse.com/security/cve/CVE-2024-4853.html * https://www.suse.com/security/cve/CVE-2024-4854.html * https://www.suse.com/security/cve/CVE-2024-4855.html * https://bugzilla.suse.com/show_bug.cgi?id=1224259 * https://bugzilla.suse.com/show_bug.cgi?id=1224274 * https://bugzilla.suse.com/show_bug.cgi?id=1224276

1 0

SUSE-SU-2024:2269-1: moderate: Security update for squid
by OPENSUSE-SECURITY-UPDATES 02 Jul '24

02 Jul '24

# Security update for squid Announcement ID: SUSE-SU-2024:2269-1 Rating: moderate References: * bsc#1227086 Cross-References: * CVE-2024-37894 CVSS scores: * CVE-2024-37894 ( SUSE ): 6.3 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.5 * Server Applications Module 15-SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for squid fixes the following issues: * CVE-2024-37894: Fixed a denial of Service issue in ESI processing (bsc#1227086) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-2269=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-2269=1 * Server Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP5-2024-2269=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * squid-debuginfo-5.7-150400.3.32.1 * squid-debugsource-5.7-150400.3.32.1 * squid-5.7-150400.3.32.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * squid-debuginfo-5.7-150400.3.32.1 * squid-debugsource-5.7-150400.3.32.1 * squid-5.7-150400.3.32.1 * Server Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * squid-debuginfo-5.7-150400.3.32.1 * squid-debugsource-5.7-150400.3.32.1 * squid-5.7-150400.3.32.1 ## References: * https://www.suse.com/security/cve/CVE-2024-37894.html * https://bugzilla.suse.com/show_bug.cgi?id=1227086

1 0

SUSE-SU-2024:2273-1: moderate: Security update for podman
by OPENSUSE-SECURITY-UPDATES 02 Jul '24

02 Jul '24

# Security update for podman Announcement ID: SUSE-SU-2024:2273-1 Rating: moderate References: * bsc#1227052 Cross-References: * CVE-2024-6104 CVSS scores: * CVE-2024-6104 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N * CVE-2024-6104 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 An update that solves one vulnerability can now be installed. ## Description: This update for podman fixes the following issues: * CVE-2024-6104: Fixed a potential leak of sensitive information on HTTP log file (bsc#1227052). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-2273=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-2273=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-2273=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-2273=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-2273=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * podman-remote-debuginfo-4.9.5-150400.4.30.1 * podman-debuginfo-4.9.5-150400.4.30.1 * podman-remote-4.9.5-150400.4.30.1 * podman-4.9.5-150400.4.30.1 * podmansh-4.9.5-150400.4.30.1 * openSUSE Leap 15.4 (noarch) * podman-docker-4.9.5-150400.4.30.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * podman-4.9.5-150400.4.30.1 * podman-debuginfo-4.9.5-150400.4.30.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * podman-4.9.5-150400.4.30.1 * podman-debuginfo-4.9.5-150400.4.30.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * podman-4.9.5-150400.4.30.1 * podman-debuginfo-4.9.5-150400.4.30.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * podman-4.9.5-150400.4.30.1 * podman-debuginfo-4.9.5-150400.4.30.1 ## References: * https://www.suse.com/security/cve/CVE-2024-6104.html * https://bugzilla.suse.com/show_bug.cgi?id=1227052

1 0

SUSE-SU-2024:2260-1: important: Security update for pgadmin4
by OPENSUSE-SECURITY-UPDATES 02 Jul '24

02 Jul '24

# Security update for pgadmin4 Announcement ID: SUSE-SU-2024:2260-1 Rating: important References: * bsc#1223867 * bsc#1223868 Cross-References: * CVE-2024-4215 * CVE-2024-4216 CVSS scores: * CVE-2024-4215 ( SUSE ): 8.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2024-4216 ( SUSE ): 5.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:L Affected Products: * openSUSE Leap 15.6 * Python 3 Module 15-SP6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves two vulnerabilities can now be installed. ## Description: This update for pgadmin4 fixes the following issues: * CVE-2024-4216: Fixed XSS in /settings/store endpoint (bsc#1223868). * CVE-2024-4215: Fixed multi-factor authentication bypass (bsc#1223867). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Python 3 Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Python3-15-SP6-2024-2260=1 * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-2260=1 openSUSE-SLE-15.6-2024-2260=1 ## Package List: * Python 3 Module 15-SP6 (noarch) * pgadmin4-8.5-150600.3.3.1 * system-user-pgadmin-8.5-150600.3.3.1 * pgadmin4-doc-8.5-150600.3.3.1 * openSUSE Leap 15.6 (noarch) * pgadmin4-desktop-8.5-150600.3.3.1 * pgadmin4-cloud-8.5-150600.3.3.1 * system-user-pgadmin-8.5-150600.3.3.1 * pgadmin4-doc-8.5-150600.3.3.1 * pgadmin4-web-uwsgi-8.5-150600.3.3.1 * pgadmin4-8.5-150600.3.3.1 ## References: * https://www.suse.com/security/cve/CVE-2024-4215.html * https://www.suse.com/security/cve/CVE-2024-4216.html * https://bugzilla.suse.com/show_bug.cgi?id=1223867 * https://bugzilla.suse.com/show_bug.cgi?id=1223868

1 0

SUSE-SU-2024:2261-1: moderate: Security update for postgresql15
by OPENSUSE-SECURITY-UPDATES 02 Jul '24

02 Jul '24

# Security update for postgresql15 Announcement ID: SUSE-SU-2024:2261-1 Rating: moderate References: * bsc#1224038 * bsc#1224051 Cross-References: * CVE-2024-4317 CVSS scores: * CVE-2024-4317 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Products: * Legacy Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for postgresql15 fixes the following issues: * Upgrade to 15.7. (bsc#1224051) * CVE-2024-4317: Restrict visibility of pg_stats_ext and pg_stats_ext_exprs entries to the table owner. See release notes for the steps that have to be taken to fix existing PostgreSQL instances. (bsc#1224038) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-2261=1 openSUSE-SLE-15.6-2024-2261=1 * Legacy Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Legacy-15-SP6-2024-2261=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * postgresql15-debuginfo-15.7-150600.16.3.1 * postgresql15-plperl-debuginfo-15.7-150600.16.3.1 * postgresql15-debugsource-15.7-150600.16.3.1 * postgresql15-llvmjit-devel-15.7-150600.16.3.1 * postgresql15-plpython-debuginfo-15.7-150600.16.3.1 * postgresql15-plpython-15.7-150600.16.3.1 * postgresql15-contrib-debuginfo-15.7-150600.16.3.1 * postgresql15-15.7-150600.16.3.1 * postgresql15-server-devel-15.7-150600.16.3.1 * postgresql15-server-15.7-150600.16.3.1 * postgresql15-devel-15.7-150600.16.3.1 * postgresql15-llvmjit-15.7-150600.16.3.1 * postgresql15-plperl-15.7-150600.16.3.1 * postgresql15-server-debuginfo-15.7-150600.16.3.1 * postgresql15-pltcl-15.7-150600.16.3.1 * postgresql15-pltcl-debuginfo-15.7-150600.16.3.1 * postgresql15-server-devel-debuginfo-15.7-150600.16.3.1 * postgresql15-devel-debuginfo-15.7-150600.16.3.1 * postgresql15-test-15.7-150600.16.3.1 * postgresql15-contrib-15.7-150600.16.3.1 * postgresql15-llvmjit-debuginfo-15.7-150600.16.3.1 * openSUSE Leap 15.6 (noarch) * postgresql15-docs-15.7-150600.16.3.1 * Legacy Module 15-SP6 (aarch64 ppc64le s390x x86_64) * postgresql15-15.7-150600.16.3.1 * postgresql15-debuginfo-15.7-150600.16.3.1 * postgresql15-server-15.7-150600.16.3.1 * postgresql15-debugsource-15.7-150600.16.3.1 * postgresql15-server-debuginfo-15.7-150600.16.3.1 * postgresql15-contrib-15.7-150600.16.3.1 * postgresql15-contrib-debuginfo-15.7-150600.16.3.1 ## References: * https://www.suse.com/security/cve/CVE-2024-4317.html * https://bugzilla.suse.com/show_bug.cgi?id=1224038 * https://bugzilla.suse.com/show_bug.cgi?id=1224051

1 0

SUSE-SU-2024:2266-1: moderate: Security update for postgresql16
by OPENSUSE-SECURITY-UPDATES 02 Jul '24

02 Jul '24

# Security update for postgresql16 Announcement ID: SUSE-SU-2024:2266-1 Rating: moderate References: * bsc#1224038 * bsc#1224051 Cross-References: * CVE-2024-4317 CVSS scores: * CVE-2024-4317 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * Server Applications Module 15-SP6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for postgresql16 fixes the following issues: PostgreSQL upgrade to version 16.3 (bsc#1224051): * CVE-2024-4317: Fixed visibility restriction of pg_stats_ext and pg_stats_ext_exprs entries to the table owner (bsc#1224038). Bug fixes: * Fix incompatibility with LLVM 18. * Prepare for PostgreSQL 17. * Make sure all compilation and doc generation happens in %build. * Require LLVM <= 17 for now, because LLVM 18 doesn't seem to work. * Remove constraints file because improved memory usage for s390x * Use %patch -P N instead of deprecated %patchN. Release notes: * https://www.postgresql.org/docs/release/16.3/ ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-2266=1 openSUSE-SLE-15.6-2024-2266=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-2266=1 * Server Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2024-2266=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * postgresql16-plperl-16.2-150600.16.2.1 * postgresql16-plpython-16.2-150600.16.2.1 * postgresql16-devel-mini-16.2-150600.16.2.1 * postgresql16-server-devel-16.2-150600.16.2.1 * postgresql16-debuginfo-16.2-150600.16.2.1 * libecpg6-16.2-150600.16.2.1 * libpq5-debuginfo-16.2-150600.16.2.1 * postgresql16-devel-debuginfo-16.2-150600.16.2.1 * postgresql16-devel-mini-debuginfo-16.2-150600.16.2.1 * postgresql16-contrib-16.2-150600.16.2.1 * postgresql16-test-16.2-150600.16.2.1 * postgresql16-debugsource-16.2-150600.16.2.1 * postgresql16-pltcl-debuginfo-16.2-150600.16.2.1 * postgresql16-mini-debugsource-16.2-150600.16.2.1 * postgresql16-server-16.2-150600.16.2.1 * postgresql16-plperl-debuginfo-16.2-150600.16.2.1 * postgresql16-server-devel-debuginfo-16.2-150600.16.2.1 * libpq5-16.2-150600.16.2.1 * postgresql16-devel-16.2-150600.16.2.1 * libecpg6-debuginfo-16.2-150600.16.2.1 * postgresql16-llvmjit-devel-16.2-150600.16.2.1 * postgresql16-16.2-150600.16.2.1 * postgresql16-plpython-debuginfo-16.2-150600.16.2.1 * postgresql16-server-debuginfo-16.2-150600.16.2.1 * postgresql16-pltcl-16.2-150600.16.2.1 * postgresql16-contrib-debuginfo-16.2-150600.16.2.1 * postgresql16-llvmjit-16.2-150600.16.2.1 * postgresql16-llvmjit-debuginfo-16.2-150600.16.2.1 * openSUSE Leap 15.6 (x86_64) * libecpg6-32bit-debuginfo-16.2-150600.16.2.1 * libecpg6-32bit-16.2-150600.16.2.1 * libpq5-32bit-debuginfo-16.2-150600.16.2.1 * libpq5-32bit-16.2-150600.16.2.1 * openSUSE Leap 15.6 (noarch) * postgresql16-docs-16.2-150600.16.2.1 * openSUSE Leap 15.6 (aarch64_ilp32) * libpq5-64bit-debuginfo-16.2-150600.16.2.1 * libecpg6-64bit-debuginfo-16.2-150600.16.2.1 * libpq5-64bit-16.2-150600.16.2.1 * libecpg6-64bit-16.2-150600.16.2.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * postgresql16-16.2-150600.16.2.1 * postgresql16-debuginfo-16.2-150600.16.2.1 * postgresql16-debugsource-16.2-150600.16.2.1 * libpq5-16.2-150600.16.2.1 * libpq5-debuginfo-16.2-150600.16.2.1 * Basesystem Module 15-SP6 (x86_64) * libpq5-32bit-16.2-150600.16.2.1 * libpq5-32bit-debuginfo-16.2-150600.16.2.1 * Server Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * postgresql16-server-16.2-150600.16.2.1 * postgresql16-plpython-debuginfo-16.2-150600.16.2.1 * postgresql16-plperl-16.2-150600.16.2.1 * postgresql16-plperl-debuginfo-16.2-150600.16.2.1 * postgresql16-plpython-16.2-150600.16.2.1 * postgresql16-server-debuginfo-16.2-150600.16.2.1 * postgresql16-pltcl-16.2-150600.16.2.1 * postgresql16-server-devel-debuginfo-16.2-150600.16.2.1 * postgresql16-contrib-16.2-150600.16.2.1 * postgresql16-contrib-debuginfo-16.2-150600.16.2.1 * postgresql16-server-devel-16.2-150600.16.2.1 * postgresql16-debuginfo-16.2-150600.16.2.1 * libecpg6-16.2-150600.16.2.1 * postgresql16-debugsource-16.2-150600.16.2.1 * postgresql16-pltcl-debuginfo-16.2-150600.16.2.1 * postgresql16-devel-16.2-150600.16.2.1 * libecpg6-debuginfo-16.2-150600.16.2.1 * postgresql16-devel-debuginfo-16.2-150600.16.2.1 * Server Applications Module 15-SP6 (noarch) * postgresql16-docs-16.2-150600.16.2.1 ## References: * https://www.suse.com/security/cve/CVE-2024-4317.html * https://bugzilla.suse.com/show_bug.cgi?id=1224038 * https://bugzilla.suse.com/show_bug.cgi?id=1224051

1 0

SUSE-SU-2024:2267-1: low: Security update for libxml2
by OPENSUSE-SECURITY-UPDATES 02 Jul '24

02 Jul '24

# Security update for libxml2 Announcement ID: SUSE-SU-2024:2267-1 Rating: low References: * bsc#1224282 Cross-References: * CVE-2024-34459 CVSS scores: * CVE-2024-34459 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N Affected Products: * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 An update that solves one vulnerability can now be installed. ## Description: This update for libxml2 fixes the following issues: * CVE-2024-34459: Fixed buffer over-read in xmlHTMLPrintFileContext in xmllint.c (bsc#1224282). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-2267=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-2267=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-2267=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-2267=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-2267=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * python3-libxml2-python-debuginfo-2.9.7-150000.3.70.1 * python-libxml2-python-debugsource-2.9.7-150000.3.70.1 * python3-libxml2-python-2.9.7-150000.3.70.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * python3-libxml2-python-debuginfo-2.9.7-150000.3.70.1 * python-libxml2-python-debugsource-2.9.7-150000.3.70.1 * python3-libxml2-python-2.9.7-150000.3.70.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * libxml2-2-debuginfo-2.9.7-150000.3.70.1 * libxml2-tools-debuginfo-2.9.7-150000.3.70.1 * libxml2-tools-2.9.7-150000.3.70.1 * libxml2-2-2.9.7-150000.3.70.1 * libxml2-debugsource-2.9.7-150000.3.70.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * libxml2-2-debuginfo-2.9.7-150000.3.70.1 * libxml2-tools-debuginfo-2.9.7-150000.3.70.1 * python3-libxml2-python-debuginfo-2.9.7-150000.3.70.1 * python3-libxml2-python-2.9.7-150000.3.70.1 * libxml2-tools-2.9.7-150000.3.70.1 * libxml2-2-2.9.7-150000.3.70.1 * python-libxml2-python-debugsource-2.9.7-150000.3.70.1 * libxml2-debugsource-2.9.7-150000.3.70.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * libxml2-2-debuginfo-2.9.7-150000.3.70.1 * libxml2-tools-debuginfo-2.9.7-150000.3.70.1 * python3-libxml2-python-debuginfo-2.9.7-150000.3.70.1 * python3-libxml2-python-2.9.7-150000.3.70.1 * libxml2-tools-2.9.7-150000.3.70.1 * libxml2-2-2.9.7-150000.3.70.1 * python-libxml2-python-debugsource-2.9.7-150000.3.70.1 * libxml2-debugsource-2.9.7-150000.3.70.1 ## References: * https://www.suse.com/security/cve/CVE-2024-34459.html * https://bugzilla.suse.com/show_bug.cgi?id=1224282

1 0

SUSE-SU-2024:2268-1: moderate: Security update for squid
by OPENSUSE-SECURITY-UPDATES 02 Jul '24

02 Jul '24

# Security update for squid Announcement ID: SUSE-SU-2024:2268-1 Rating: moderate References: * bsc#1227086 Cross-References: * CVE-2024-37894 CVSS scores: * CVE-2024-37894 ( SUSE ): 6.3 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.6 * Server Applications Module 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for squid fixes the following issues: * Update to version 6.10 * CVE-2024-37894: Fixed a denial of Service issue in ESI processing (bsc#1227086) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-2268=1 openSUSE-SLE-15.6-2024-2268=1 * Server Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2024-2268=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * squid-6.10-150600.3.6.1 * squid-debuginfo-6.10-150600.3.6.1 * squid-debugsource-6.10-150600.3.6.1 * Server Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * squid-6.10-150600.3.6.1 * squid-debuginfo-6.10-150600.3.6.1 * squid-debugsource-6.10-150600.3.6.1 ## References: * https://www.suse.com/security/cve/CVE-2024-37894.html * https://bugzilla.suse.com/show_bug.cgi?id=1227086

1 0

SUSE-SU-2024:2272-1: critical: Security update for python-Js2Py
by OPENSUSE-SECURITY-UPDATES 02 Jul '24

02 Jul '24

# Security update for python-Js2Py Announcement ID: SUSE-SU-2024:2272-1 Rating: critical References: * bsc#1226660 Cross-References: * CVE-2024-28397 CVSS scores: * CVE-2024-28397 ( SUSE ): 9.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.6 An update that solves one vulnerability can now be installed. ## Description: This update for python-Js2Py fixes the following issues: * CVE-2024-28397: Fixed a potential sandbox escape via untrusted JavaScript code (bsc#1226660). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-2272=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-2272=1 ## Package List: * openSUSE Leap 15.4 (noarch) * python311-Js2Py-0.74-150400.9.6.1 * openSUSE Leap 15.6 (noarch) * python311-Js2Py-0.74-150400.9.6.1 ## References: * https://www.suse.com/security/cve/CVE-2024-28397.html * https://bugzilla.suse.com/show_bug.cgi?id=1226660

1 0

SUSE-SU-2024:2254-1: low: Security update for python310
by OPENSUSE-SECURITY-UPDATES 02 Jul '24

02 Jul '24

# Security update for python310 Announcement ID: SUSE-SU-2024:2254-1 Rating: low References: * bsc#1226448 Cross-References: * CVE-2024-4032 CVSS scores: * CVE-2024-4032 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap 15.6 An update that solves one vulnerability can now be installed. ## Description: This update for python310 fixes the following issues: * CVE-2024-4032: Rearranging definition of private v global IP. (bsc#1226448) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-2254=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-2254=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-2254=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * libpython3_10-1_0-debuginfo-3.10.14-150400.4.51.1 * python310-3.10.14-150400.4.51.1 * python310-curses-3.10.14-150400.4.51.1 * python310-tk-debuginfo-3.10.14-150400.4.51.1 * python310-idle-3.10.14-150400.4.51.1 * python310-curses-debuginfo-3.10.14-150400.4.51.1 * python310-devel-3.10.14-150400.4.51.1 * python310-doc-devhelp-3.10.14-150400.4.51.1 * python310-doc-3.10.14-150400.4.51.1 * python310-dbm-3.10.14-150400.4.51.1 * python310-debugsource-3.10.14-150400.4.51.1 * python310-core-debugsource-3.10.14-150400.4.51.1 * python310-testsuite-3.10.14-150400.4.51.1 * python310-tools-3.10.14-150400.4.51.1 * python310-tk-3.10.14-150400.4.51.1 * python310-testsuite-debuginfo-3.10.14-150400.4.51.1 * python310-debuginfo-3.10.14-150400.4.51.1 * libpython3_10-1_0-3.10.14-150400.4.51.1 * python310-base-3.10.14-150400.4.51.1 * python310-dbm-debuginfo-3.10.14-150400.4.51.1 * python310-base-debuginfo-3.10.14-150400.4.51.1 * openSUSE Leap 15.5 (x86_64) * libpython3_10-1_0-32bit-3.10.14-150400.4.51.1 * python310-base-32bit-3.10.14-150400.4.51.1 * python310-base-32bit-debuginfo-3.10.14-150400.4.51.1 * libpython3_10-1_0-32bit-debuginfo-3.10.14-150400.4.51.1 * python310-32bit-3.10.14-150400.4.51.1 * python310-32bit-debuginfo-3.10.14-150400.4.51.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * libpython3_10-1_0-debuginfo-3.10.14-150400.4.51.1 * python310-3.10.14-150400.4.51.1 * python310-curses-3.10.14-150400.4.51.1 * python310-tk-debuginfo-3.10.14-150400.4.51.1 * python310-idle-3.10.14-150400.4.51.1 * python310-curses-debuginfo-3.10.14-150400.4.51.1 * python310-devel-3.10.14-150400.4.51.1 * python310-doc-devhelp-3.10.14-150400.4.51.1 * python310-doc-3.10.14-150400.4.51.1 * python310-dbm-3.10.14-150400.4.51.1 * python310-debugsource-3.10.14-150400.4.51.1 * python310-core-debugsource-3.10.14-150400.4.51.1 * python310-testsuite-3.10.14-150400.4.51.1 * python310-tools-3.10.14-150400.4.51.1 * python310-tk-3.10.14-150400.4.51.1 * python310-testsuite-debuginfo-3.10.14-150400.4.51.1 * python310-debuginfo-3.10.14-150400.4.51.1 * libpython3_10-1_0-3.10.14-150400.4.51.1 * python310-base-3.10.14-150400.4.51.1 * python310-dbm-debuginfo-3.10.14-150400.4.51.1 * python310-base-debuginfo-3.10.14-150400.4.51.1 * openSUSE Leap 15.6 (x86_64) * libpython3_10-1_0-32bit-3.10.14-150400.4.51.1 * python310-base-32bit-3.10.14-150400.4.51.1 * python310-base-32bit-debuginfo-3.10.14-150400.4.51.1 * libpython3_10-1_0-32bit-debuginfo-3.10.14-150400.4.51.1 * python310-32bit-3.10.14-150400.4.51.1 * python310-32bit-debuginfo-3.10.14-150400.4.51.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * libpython3_10-1_0-debuginfo-3.10.14-150400.4.51.1 * python310-3.10.14-150400.4.51.1 * python310-curses-3.10.14-150400.4.51.1 * python310-tk-debuginfo-3.10.14-150400.4.51.1 * python310-idle-3.10.14-150400.4.51.1 * python310-curses-debuginfo-3.10.14-150400.4.51.1 * python310-devel-3.10.14-150400.4.51.1 * python310-doc-devhelp-3.10.14-150400.4.51.1 * python310-doc-3.10.14-150400.4.51.1 * python310-dbm-3.10.14-150400.4.51.1 * python310-debugsource-3.10.14-150400.4.51.1 * python310-core-debugsource-3.10.14-150400.4.51.1 * python310-testsuite-3.10.14-150400.4.51.1 * python310-tools-3.10.14-150400.4.51.1 * python310-testsuite-debuginfo-3.10.14-150400.4.51.1 * python310-tk-3.10.14-150400.4.51.1 * python310-debuginfo-3.10.14-150400.4.51.1 * python310-dbm-debuginfo-3.10.14-150400.4.51.1 * libpython3_10-1_0-3.10.14-150400.4.51.1 * python310-base-3.10.14-150400.4.51.1 * python310-base-debuginfo-3.10.14-150400.4.51.1 * openSUSE Leap 15.4 (x86_64) * libpython3_10-1_0-32bit-3.10.14-150400.4.51.1 * python310-base-32bit-3.10.14-150400.4.51.1 * python310-base-32bit-debuginfo-3.10.14-150400.4.51.1 * libpython3_10-1_0-32bit-debuginfo-3.10.14-150400.4.51.1 * python310-32bit-3.10.14-150400.4.51.1 * python310-32bit-debuginfo-3.10.14-150400.4.51.1 * openSUSE Leap 15.4 (aarch64_ilp32) * python310-64bit-3.10.14-150400.4.51.1 * libpython3_10-1_0-64bit-3.10.14-150400.4.51.1 * python310-base-64bit-3.10.14-150400.4.51.1 * python310-64bit-debuginfo-3.10.14-150400.4.51.1 * libpython3_10-1_0-64bit-debuginfo-3.10.14-150400.4.51.1 * python310-base-64bit-debuginfo-3.10.14-150400.4.51.1 ## References: * https://www.suse.com/security/cve/CVE-2024-4032.html * https://bugzilla.suse.com/show_bug.cgi?id=1226448

1 0

SUSE-SU-2024:1639-2: important: Security update for python-arcomplete, python-Fabric, python-PyGithub, python-antlr4-python3-runtime, python-avro, python-chardet, python-distro, python-docker, python-fakeredis, python-fixedint, pyth
by OPENSUSE-SECURITY-UPDATES 01 Jul '24

01 Jul '24

# Security update for python-arcomplete, python-Fabric, python-PyGithub, python- antlr4-python3-runtime, python-avro, python-chardet, python-distro, python- docker, python-fakeredis, python-fixedint, pyth Announcement ID: SUSE-SU-2024:1639-2 Rating: important References: * bsc#1209571 * bsc#1209811 * bsc#1209812 * bsc#1216606 * bsc#1222880 * bsc#761162 Cross-References: * CVE-2023-28858 * CVE-2023-28859 CVSS scores: * CVE-2023-28858 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2023-28858 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2023-28859 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2023-28859 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * openSUSE Leap 15.5 * openSUSE Leap 15.6 * Public Cloud Module 15-SP6 * Python 3 Module 15-SP6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Package Hub 15 15-SP6 An update that solves two vulnerabilities and has four security fixes can now be installed. ## Description: This update for python-argcomplete, python-Fabric, python-PyGithub, python- antlr4-python3-runtime, python-avro, python-chardet, python-distro, python- docker, python-fakeredis, python-fixedint, python-httplib2, python-httpretty, python-javaproperties, python-jsondiff, python-knack, python-marshmallow, python-opencensus, python-opencensus-context, python-opencensus-ext-threading, python-opentelemetry-api, python-opentelemetry-sdk, python-opentelemetry- semantic-conventions, python-opentelemetry-test-utils, python-pycomposefile, python-pydash, python-redis, python-retrying, python-semver, python-sshtunnel, python-strictyaml, python-sure, python-vcrpy, python-xmltodict contains the following fixes: Changes in python-argcomplete \- Update to 3.3.0 (bsc#1222880): * Preserve compatibility with argparse option tuples of length 4. This update is required to use argcomplete on Python 3.11.9+ or 3.12.3+. \- update to 3.2.3: * Allow register-python-argcomplete output to be used as lazy-loaded zsh completion module (#475) \- Move debug_stream initialization to helper method to allow fd 9 behavior to be overridden in subclasses (#471) * update to 3.2.2: * Expand tilde in zsh * Remove coverage check * Fix zsh test failures: avoid coloring terminal * update to 3.2.1: * Allow explicit zsh global completion activation (#467) * Fix and test global completion in zsh (#463, #466) * Add –yes option to activate-global-python-argcomplete (#461) * Test suite improvements * drop without_zsh.patch: obsolete * update to 3.1.6: * Respect user choice in activate-global-python-argcomplete * Escape colon in zsh completions. Fixes #456 * Call _default as a fallback in zsh global completion * update to 3.1.4: * Call _default as a fallback in zsh global completion * zsh: Allow to use external script (#453) * Add support for Python 3.12 and drop EOL 3.6 and 3.7 (#449) * Use homebrew prefix by default * zsh: Allow to use external script (#453) Changes in python-Fabric: \- Update to 3.2.2 \- add fix-test-deps.patch to remove vendored dependencies *[Bug]: fabric.runners.Remote failed to properly deregister its SIGWINCH signal handler on shutdown; in rare situations this could cause tracebacks when the Python process receives SIGWINCH while no remote session is active. This has been fixed. * [Bug] #2204: The signal handling functionality added in Fabric 2.6 caused unrecoverable tracebacks when invoked from inside a thread (such as the use of fabric.group.ThreadingGroup) under certain interpreter versions. This has been fixed by simply refusing to register signal handlers when not in the main thread. Thanks to Francesco Giordano and others for the reports. * [Bug]: Neglected to actually add deprecated to our runtime dependency specification (it was still in our development dependencies). This has been fixed. * [Feature]: Enhanced fabric.testing in ways large and small: Backwards-compatibly merged the functionality of MockSFTP into MockRemote (may be opted-into by instantiating the latter with enable_sftp=True) so you can mock out both SSH and SFTP functionality in the same test, which was previously impossible. It also means you can use this in a Pytest autouse fixture to prevent any tests from accidentally hitting the network! A new pytest fixture, remote_with_sftp, has been added which leverages the previous bullet point (an all-in-one fixture suitable for, eg, preventing any incidental ssh/sftp attempts during test execution). A pile of documentation and test enhancements (yes, testing our testing helpers is a thing). * [Support]: Added a new runtime dependency on the Deprecated library. * [Support]: Language update: applied s/sanity/safety/g to the codebase (with the few actual API members using the term now marked deprecated & new ones added in the meantime, mostly in fabric.testing). * [Feature]: Add a new CLI flag to fab, fab --list-agent-keys, which will attempt to connect to your local SSH agent and print a key list, similarly to ssh-add -l. This is mostly useful for expectations-checking Fabric and Paramiko’s agent functionality, or for situations where you might not have ssh-add handy. * [Feature]: Implement opt-in support for Paramiko 3.2’s AuthStrategy machinery, as follows: Added a new module and class, fabric.auth.OpenSSHAuthStrategy, which leverages aforementioned new Paramiko functionality to marry loaded SSH config files with Fabric-level and runtime- level parameters, arriving at what should be OpenSSH-client-compatible authentication behavior. See its API docs for details. Added new configuration settings: authentication.strategy_class, which defaults to None, but can be set to OpenSSHAuthStrategy to opt-in to the new behavior. authentication.identities, which defaults to the empty list, and can be a list of private key paths for use by the new strategy class. * [Bug] #2263: Explicitly add our dependency on decorator to setup.py instead of using Invoke’s old, now removed, vendored copy of same. This allows Fabric to happily use Invoke 2.1 and above * Update to 3.0.1 * [Bug] #2241: A typo prevented Fabric’s command runner from properly calling its superclass stop() method, which in tandem with a related Invoke bug meant messy or long shutdowns in many scenarios. * Changes from 3.0.0 * [Feature]: Change the default configuration value for inline_ssh_env from False to True, to better align with the practicalities of common SSH server configurations. * Warning This change is backwards incompatible if you were using environment-variable-setting kwargs or config settings, such as Connection.run(command, env={'SOME': 'ENV VARS'}), and were not already explicitly specifying the value of inline_ssh_env. * [Bug] #1981: (fixed in #2195) Automatically close any open SFTP session during fabric.connection.Connection.close; this avoids issues encountered upon re-opening a previously-closed connection object. * [Support]: Drop support for Python <3.6, including Python 2. * Warning This is a backwards incompatible change if you are not yet on Python 3.6 or above; however, pip shouldn’t offer you this version of Fabric as long as your pip version understands python_requires metadata. * Drop remove-mock.patch because now in upstream. * Drop remove-pathlib2.patch because now in upstream. * Add %{?sle15_python_module_pythons} * Remove conditional definition of python_module. * Add patch remove-pathlib2.patch: * Drop install_requires on pathlib2. * Update to 2.7.1: * [Bug] #1924: (also #2007) Overhaul behavior and testing re: merging together different sources for the key_filename parameter in Connection.connect_kwargs. This fixes a number of type-related errors (string objects have no extend attribute, cannot add lists to strings, etc). * Update to 2.7.0: * Add ~fabric.connection.Connection.shell, a belated port of the v1 open_shell() feature. * Forward local terminal resizes to the remote end, when applicable. (For the technical: this means we now turn SIGWINCH into SSH window-change messages.) * Update ~fabric.connection.Connection temporarily so that it doesn't incidentally apply replace_env=True to local shell commands, only remote ones. * Add patch remove-mock.patch: * Use unittest.mock, instead of mock * pytest-relaxed now supports pytest 6, so test on all python versions. * Don't test on python310 -- gh#bitprophet/pytest-relaxed#12 (This is mainly required by azure-cli in the primary python3 flavor) * Update to 2.6.0: * [Feature] #1999: Add sudo support to Group. Thanks to Bonnie Hardin for the report and to Winston Nolan for an early patchset. * [Feature] #1810: Add put/get support to Group. * [Feature] #1868: Ported a feature from v1: interpolating the local path argument in Transfer.get with connection and remote filepath attributes. For example, cxn.get(remote="/var/log/foo.log", local="{host}/") is now feasible for storing a file in per-host-named directories or files, and in fact Group.get does this by default. * [Feature]: When the local path argument to Transfer.get contains nonexistent directories, they are now created instead of raising an error. Warning: This change introduces a new runtime dependency: pathlib2. * [Bug]: Fix a handful of issues in the handling and mocking of SFTP local paths and os.path members within fabric.testing; this should remove some occasional “useless Mocks” as well as hewing closer to the real behavior of things like os.path.abspath re: path normalization. * Update Requires from setup.py Changes in python-PyGithub: \- Switch package to modern Python Stack on SLE-15 \+ Add %{?sle15_python_module_pythons} \+ Drop %{?!python_module:%define python_module() python-%{ **} python3-%{** }} \+ Drop %define skip_python2 1 * Update to 1.57 Breaking Changes * Add support for Python 3.11, drop support for Python 3.6 (#2332) (1e2f10d) Bug Fixes & Improvements * Speed up get requested reviewers and teams for pr (#2349) (6725ece) * [WorkflowRun] - Add missing attributes (run_started_at & run_attempt), remove deprecated unicode type (#2273) (3a6235b) * Add support for repository autolink references (#2016) (0fadd6b) * Add retry and pool_size to typing (#2151) (784a3ef) * Fix/types for repo topic team (#2341) (db9337a) * Add class Artifact (#2313) (#2319) (437ff84) * Update to 1.56 This is the last release that will support Python 3.6. *Bug Fixes & Improvements Create repo from template (#2090) (b50283a) Improve signature of Repository.create_repo (#2118) (001970d) Add support for 'visibility' attribute preview for Repositories (#1872) (8d1397a) Add Repository.rename_branch method (#2089) (6452ddf) Add function to delete pending reviews on a pull request (#1897) (c8a945b) Cover all code paths in search_commits (#2087) (f1faf94) Correctly deal when PaginatedList's data is a dict (#2084) (93b92cd) Add two_factor_authentication in AuthenticatedUser. (#1972) (4f00cbf) Add ProjectCard.edit() to the type stub (#2080) (d417e4c) Add method to delete Workflow runs (#2078) (b1c8eec) Implement organization.cancel_invitation() (#2072) (53fb498) Feat: Add html_url property in Team Class. (#1983) (6570892) Add support for Python 3.10 (#2073) (aa694f8) Add github actions secrets to org (#2006) (bc5e595) Correct replay for Organization.create_project() test (#2075) (fcc1236) Fix install command example (#2043) (99e00a2) Fix: #1671 Convert Python Bool to API Parameter for Authenticated User Notifications (#2001) (1da600a) Do not transform requestHeaders when logging (#1965) (1265747) Add type to OrderedDict (#1954) (ed7d0fe) Add Commit.get_pulls() to pyi (#1958) (b466470) Adding headers in GithubException is a breaking change (#1931) (d1644e3) * Update to 1.55: * Remove client_id/client_secret authentication (#1888) (901af8c8) * Adjust to Github API changes regarding emails (#1890) (2c77cfad) * This impacts what AuthenticatedUser.get_emails() returns * Export headers in GithubException (#1887) (ddd437a7) * Do not import from unpackaged paths in typing (#1926) (27ba7838) * Implement hash for CompletableGithubObject (#1922) (4faff23c) * Use right variable in both get_check_runs() (#1889) (3003e065) * fix bad assertions in github.Project.edit (#1817) (6bae9e5c) * Add support for deleting repository secrets (#1868) (696793de) * Adding github actions secrets (#1681) (c90c050e) * Drop support for Python 3.5 (#1770) (63e4fae9) * Fix stubs file for Repository (fab682a5) * The Github.get_installation(integer) method has been removed. * Repository.create_deployment()'s payload parameter is now a dictionary. * Add support for Check Suites (#1764) (6d501b28) * Add missing preview features of Deployment and Deployment Statuses API * Add Support for Check Runs (#1727) (c77c0676) * Add WorkflowRun.workflow_id (#1737) (78a29a7c) * Added support for the Self-Hosted actions runners API (#1684) (24251f4b) * Fix Branch protection status in the examples (#1729) (88800844) * Filter the DeprecationWarning in Team tests (#1728) (23f47539) * Added get_installations() to Organizations (#1695) (b42fb244) * Fix #1507: Add new Teams: Add or update team repository endpoint * Added support for `Repository.get_workflow_runs` parameters * feat(pullrequest): add the rebaseable attribute (#1690) (ee4c7a7e) * Add support for deleting reactions (#1708) (f7d203c0) * Add get_timeline() to Issue's type stubs (#1663) (6bc9ecc8) * Update to 1.53: * Add method get_team_membership for user to Team (#1658) (749e8d35) * PaginatedList's totalCount is 0 if no last page (#1641) (69b37b4a) * Add initial support for Github Apps. (#1631) (260558c1) * Add delete_branch_on_merge arg to Repository.edit type stub (#1639) (15b5ae0c) * upload_asset with data in memory (#1601) (a7786393) * Make Issue.closed_by nullable (#1629) (06dae387) * Add support for workflow dispatch event (#1625) (16850ef1) * Do not check reaction_type before sending (#1592) (136a3e80) * more flexible header splitting (#1616) (85e71361) * Add support for deployment statuses (#1588) (048c8a1d) * Adds the 'twitter_username' attribute to NamedUser. (#1585) (079f75a7) * Add support for Workflow Runs (#1583) (4fb1d23f) * Small documentation correction in Repository.py (#1565) (f0f6ec83) * Remove "api_preview" parameter from type stubs and docstrings (#1559) (cc1b884c) * Repository.update_file() content also accepts bytes (#1543) (9fb8588b) * Fix Repository.get_issues stub (#1540) (b40b75f8) * Check all arguments of NamedUser.get_repos() (#1532) (69bfc325) * Remove RateLimit.rate (#1529) (7abf6004) * PullRequestReview is not a completable object (#1528) (19fc43ab) * Remove pointless setters in GitReleaseAsset (#1527) (1dd1cf9c) * Drop some unimplemented methods in GitRef (#1525) (d4b61311) * Fixed formatting of docstrings for `Repository.create_git_tag_and_release()` and `StatsPunchCard`. (#1520) (ce400bc7) * Remove Repository.topics (#1505) (53d58d2b) * Correct Repository.get_workflows() (#1518) (8727003f) * correct Repository.stargazers_count return type to int (#1513) (b5737d41) * Raise a FutureWarning on use of client_{id,secret} (#1506) (2475fa66) * Improve type signature for create_from_raw_data (#1503) (c7b5eff0) * feat(column): move, edit and delete project columns (#1497) (a32a8965) * Add support for Workflows (#1496) (a1ed7c0e) * Add OAuth support for GitHub applications (4b437110) * Create AccessToken entity (4a6468aa) * Extend installation attributes (61808da1) * Update to 1.51 * New features * PyGithub now supports type checking * Ability to retrieve public events * Add and handle the maintainer_can_modify attribute in PullRequest * List matching references * Add create_repository_dispatch * Add some Organization and Repository attributes. * Add create project method * Bug Fixes & Improvements * Drop use of shadow-cat for draft PRs * AuthenticatedUser.get_organization_membership() should be str * Drop documentation for len() of PaginatedList * Fix param name of projectcard's move function * Correct typos found with codespell * Export IncompletableObject in the github namespace * Add GitHub Action workflow for checks * Drop unneeded ignore rule for flake8 * Use pytest to parametrize tests * Type stubs are now packaged with the build * Get the project column by id * Drop parametrized and pytest-cov from BuildRequires. * Update to 1.47 * Bug Fixes & Improvements * Add support to edit and delete a project (#1434) (f11f739) * Add method for fetching pull requests associated with a commit (#1433) (0c55381) * Add "get_repo_permission" to Team class (#1416) (219bde5) * Add list projects support, update tests (#1431) (e44d11d) * Don't transform completely in PullRequest.*assignees (#1428) (b1c3549) * Add create_project support, add tests (#1429) (bf62f75) * Add draft attribute, update test (bd28524) * Docstring for Repository.create_git_tag_and_release (#1425) (bfeacde) * Create a tox docs environment (#1426) (b30c09a) * Add Deployments API (#1424) (3d93ee1) * Add support for editing project cards (#1418) (425280c) * Add draft flag parameter, update tests (bd0211e) * Switch to using pytest (#1423) (c822dd1) * Fix GitMembership with a hammer (#1420) (f2939eb) * Add support to reply to a Pull request comment (#1374) (1c82573) * PullRequest.update_branch(): allow expected_head_sha to be empty (#1412) (806130e) * Implement ProjectCard.delete() (#1417) (aeb27b7) * Add pre-commit plugin for black/isort/flake8 (#1398) (08b1c47) * Add tox (#1388) (125536f) * Open file in text mode in scripts/add_attribute.py (#1396) (0396a49) * Silence most ResourceWarnings (#1393) (dd31a70) * Assert more attributes in Membership (#1391) (d6dee01) * Assert on changed Repository attributes (#1390) (6e3ceb1) * Add reset to the repr for Rate (#1389) (0829af8) * Update to 1.46 * Bug Fixes & Improvements * Add repo edit support for delete_branch_on_merge * Fix mistake in Repository.create_fork() * Correct two attributes in Invitation * Search repo issues by string label * Correct Repository.create_git_tag_and_release() * exposed seats and filled_seats for Github Organization Plan * Repository.create_project() body is optional * Implement move action for ProjectCard * Tidy up ProjectCard.get_content() * Added nested teams and parent * Correct parameter for Label.edit * doc: example of Pull Request creation * Fix PyPI wheel deployment * No longer build Python 2 package * Drop BuildRequires on mock, no longer required * Drop no-hardcoded-dep.patch, no longer required * Update to 1.45: * Breaking Changes * Branch.edit_{user,team} _push_restrictions() have been removed The new API is: Branch.add_ {user,team} _push_restrictions() to add new members Branch.replace_ {user,team} _push_restrictions() to replace all members Branch.remove_ {user,team}_push_restrictions() to remove members * The api_preview parameter to Github() has been removed. * Bug Fixes & Improvements * Allow sha=None for InputGitTreeElement * Support github timeline events. * Add support for update branch * Refactor Logging tests * Fix rtd build * Apply black to whole codebase * Fix class used returning pull request comments * Support for create_fork * Use Repository.get_contents() in tests * Allow GithubObject.update() to be passed headers * Correct URL for assignees on PRs * Use inclusive ordered comparison for 'parameterized' requirement * Deprecate Repository.get_dir_contents() * Apply some polish to manage.sh * Refresh no-hardcoded-dep.patch * Add patch to not pull in hardcoded dependencies: * no-hardcoded-dep.patch * Update to 1.44.1: * Too many changes to enumerate. * Drop PyGithub-drop-network-tests.patch, the test in question no longer requires network access. * Drop fix-httpretty-dep.patch, the httpretty requirement has been relaxed upstream. * Use %python_expand to run the test suite, it works fine on Python 3 now. * Add mock and parameterized to BuildRequires, the test suite requires them. * Update to 1.43.8: * Add two factor attributes on organizations (#1132) (a073168) * Add Repository methods for pending invitations (#1159) (57af1e0) * Adds get_issue_events to PullRequest object (#1154) (acd515a) * Add invitee and inviter to Invitation (#1156) (0f2beac) * Adding support for pending team invitations (#993) (edab176) * Add support for custom base_url in GithubIntegration class (#1093) (6cd0d64) * GithubIntegration: enable getting installation (#1135) (1818704) * Add sorting capability to Organization.get_repos() (#1139) (ef6f009) * Add new Organization.get_team_by_slug method (#1144) (4349bca) * Add description field when creating a new team (#1125) (4a37860) * Handle a path of / in Repository.get_contents() (#1070) (102c820) * Add issue lock/unlock (#1107) (ec7bbcf) * Fix bug in recursive repository contents example (#1166) (8b6b450) * Allow name to be specified for upload_asset (#1151) (8d2a6b5) * Fixes #1106 for GitHub Enterprise API (#1110) (5406579) * Update to 1.43.7: * Exclude tests from PyPI distribution (#1031) (78d283b9) * Add codecov badge (#1090) (4c0b54c0) * Update to 1.43.6: * New features o Add support for Python 3.7 (#1028) (6faa00ac) o Adding HTTP retry functionality via urllib3 (#1002) (5ae7af55) o Add new dismiss() method on PullRequestReview (#1053) (8ef71b1b) o Add since and before to get_notifications (#1074) (7ee6c417) o Add url parameter to include anonymous contributors in get_contributors (#1075) (293846be) o Provide option to extend expiration of jwt token (#1068) (86a9d8e9) * Bug Fixes & Improvements o Fix the default parameter for PullRequest.create_review (#1058) (118def30) o Fix get_access_token (#1042) (6a89eb64) o Fix Organization.add_to_members role passing (#1039) (480f91cf) * Deprecation o Remove Status API (6efd6318) * Add patch fix-httpretty-dep.patch Changes in python-antlr4-python3-runtime: * Switch package to modern Python Stack on SLE-15 * Add %{?sle15_python_module_pythons} * Drop %{?!python_module:%define python_module() python-%{ **} python3-%{** }} * Drop %define skip_python2 1 * Drop support for older Python 3.x versions * fix build for python 3.12 * require setuptools * Update to version 4.13.1 csharp target * [CSharp] Fix for #4386 -- change signatures for ReportAttemptingFullContext() and ReportContextSensitivity() to be identical to all other targets (target:csharp, type:cleanup) go target * Move GetText(), SetText(), and String() from CommonToken to BaseToken (target:go, type:cleanup) * Restore "Obtained from string" source name. (target:go, type:cleanup) * fix: Fix very minor code issues spotted by goreportcard.com (target:go, type:cleanup) java target * Java: suppress this-escape warning introduced in JDK 21. (actions, target:java) javascript target * Adds default targets for babel configuration (target:javascript) * fix dependabot warnings (target:javascript, type:cleanup) swift target * [SWIFT] Add Antlr4Dynamic product (target:swift) * Cleanup duplicate SwiftTarget code (target:swift, type:cleanup) dart target * [Dart] Fix for #4320--export additional types (type:bug, target:dart) * from version 4.13.0 Issues fixed * antlr4 jar doubled in size in 4.9.3 (unicode, comp:performance) * Go: exponentially bad/absymal performance as of ... (type:bug, target:go) * Go runtime panic (type:bug, target:go) Improvements, features * Update LexerATNSimulator.cs with virtual Consume (type:improvement, target:csharp) * Feature/fixembedding (type:improvement, target:go, comp:performance) * Provide Javascript port of TokenStreamRewriter (type:feature, target:javascript, target:typescript) * from version 4.12.0 Issues fixed * github actions now fail for python2 and ubuntu clang and ubuntu swift (comp:runtime, comp:build, comp:testing) * js mergeArrays output differs from java (atn-analysis, target:javascript) * C++ target fails Performance/DropLoopEntryBranchInLRRule_4.txt (atn- analysis, type:bug, target:cpp) * Wrong grammarFileName in generated code (code-gen, type:bug) * C++ crashes on new test ParserExec/ListLabelsOnRuleRefStartOfAlt.txt (atn- analysis, type:bug, target:cpp) * [JavaScript runtime] Bad field name, bad comments (type:bug) Improvements, features * Fully qualify std::move invocations to fix -Wunqualified-std-cast-call (type:improvement, target:cpp) * Extract FileUtils updates by @ericvergnaud (type:improvement, cross- platform-issue, comp:testing) * Extract unit test updates by @ericvergnaud needed for TypeScript (type:improvement, comp:testing) * [Go target] Fix for #3926: Add accessors for tree navigation to interfaces in generated parser (trees-contexts, code-gen, type:improvement, target:go) * GitHub Workflows security hardening (actions, type:improvement, comp:testing) * from version 4.11.1 * Just fixes 4.11.0 release issue. I forgot to change runtime tool version so it didn't say SNAPSHOT. * from version 4.11.0 Issues fixed * Disable failing CI tests in master (comp:build, comp:testing) * Create accessor for Go-based IntervalSet.intervals (target:go) * Grammar Name Conflict Golang with SPARQL issue (target:go, type:cleanup) * Dependency declaration error in ANTLR 4.10.1 (comp:build) * Drop old version of Visual Studio C++ (2013, 2015, 2017) (comp:build, target:cpp) * Circular grammar inclusion causes stack overflow in the tool. (comp:tool, type:bug) * Cpp, Go, JavaScript, Python2/3: Template rendering error. (code-gen, comp:runtime, target:java, target:javascript, target:python2, target:python3, target:go) Improvements, features * Augment error message during testing to include full cause of problem. (type:improvement, comp:testing) * Include swift & tool verification in CI workflow (type:improvement, comp:build, cross-platform-issue, target:swift) * Issue #3783: CI Check Builds (type:improvement, comp:build, cross-platform- issue, comp:testing) * Parallel lock free testing, remove potential deadlocks, cache static data, go to descriptor via test (comp:runtime, type:improvement, comp:testing) * update getting-started doc (type:improvement, comp:doc) * Getting Started has error (type:improvement, comp:doc) * new nuget directory for building ANTLR4 C++ runtime as 3 Nuget packages (type:improvement, comp:build, target:cpp) * Add interp tool like TestRig (comp:tool, type:feature) * Issue 3720: Java 2 Security issue (type:improvement, target:java) * Cpp: Disable warnings for external project (type:bug, type:improvement, target:cpp) * Fix Docker README for arm OS user (type:improvement, comp:doc) * from version 4.10.1 * [C++] Remove reference to antlrcpp:s2ws * Update publishing instruction for Dart * from version 4.10.0 Issues fixed * C++ runtime: Version identifier macro ? (target:cpp, type:cleanup) * Generating XPath lexer/parser (actions, type:bug) * do we need this C++ ATN serialization? (target:cpp, type:cleanup) * Incorrect type of token with number 0xFFFF because of incorrect ATN serialization (atn-analysis, type:bug) * Clean up ATN serialization: rm UUID and shifting by value of 2 (atn- analysis, type:cleanup) * The parseFile method of the InterpreterDataReader class is missing code: "line = br.readLine();" (type:bug, target:java) * antlr.runtime.standard 4.9.3 invalid strong name. (type:bug, comp:build, target:csharp) * Serialized ATN data element 810567 element 11 out of range 0..65535 (atn- analysis, type:cleanup) * Go target, unable to check when custom error strategy is in recovery mode (target:go) * Escape issue for characeters (grammars, type:bug) * antlr4 java.lang.NullPointerException Antlr 4 4.8 (grammars, comp:tool, type:bug) * UnsupportedOperationException while generating code for large grammars. (atn-analysis, type:cleanup) * Add a more understandable message than "Serialized ATN data element .... element ... out of range 0..65535" (atn-analysis, type:cleanup) * avoid java.lang.StackOverflowError (lexers, error-handling) * Getting this error: Exception in thread "main" java.lang.UnsupportedOperationException: Serialized ATN data element out of range (atn-analysis, type:cleanup) Improvements, features * Updated getting started with Cpp documentation. (type:improvement, comp:doc) * Escape bad words during grammar generation (code-gen, type:improvement) * Implement caseInsensitive option (lexers, options, type:improvement) * Some tool bugfixes (error-handling, comp:tool, type:improvement, type:cleanup) * Run testsuite using the tests/run.py script instead of %pyunittest * Switch build systemd from setuptools to pyproject.toml * Update BuildRequires from pyproject.toml * Update filename pattern in %files section * Update to version 4.9.3 Issues fixed * Swift Target Crashes with Multi-Threading * JavaScript Runtime bug * Go target, cannot use superClass for the lexer grammar! * Python runtime is inconsistent with Java * FunctionDef source extract using getText() * Provide .NET Framework target in the csharp nuget package * Go target for Antlr tool, type ",int8" => "int8" * Flutter/Dart web support * Allow Antlr Javascript runtime to be loaded into Kindle Touch * Fix Go test suite * Weird error Improvements, features * [C++] Use faster alternative to dynamic_cast when not testing inherit * Stackoverflow after upgrading from 4.6 to 4.7 * from version 4.9.2 Issues fixed * CSharp and Java produce different results for identical input, identical tokens Improvements, features * Moved away from travis-ci.com * Source upstream tarball from Github since PyPi tarball no longer ships testsuite * Update to version 4.9.1. * Improve python3 performance by adding slots * Fix incorrect python token string templates * Add testing. * Skip python2 because this is for python3. * Use python_alternative Changes in python-avro: * Switch package to modern Python Stack on SLE-15 * Add %{?sle15_python_module_pythons} * Drop %define skip_python2 1 * Update to version 1.11.3: * See jira board for all the fixes addressed in this release: https://issues.apache.org/jira/browse/AVRO-3855?jql=project%3DAVRO%20AND%20… * Drop py311.patch: fixed upstream. * Add py311.patch to make tests compatible with python 3.11 gh#apache/avro#1961 * Update to 1.11.1 (from GitHub release notes): * Avro specification * Clarify which names are allowed to be qualified with namespaces * Inconsistent behaviour on types as invalid names * Clarify how fullnames are created, with example * IDL: add syntax to create optional fields * Improve docs for logical type annotation * Python * Scale assignment optimization * "Scale" property from decimal object * Byte reading in avro.io does not assert bytes read * validate the default value of an enum field * Pass LogicalType to BytesDecimalSchema * Website * Website refactor * Document IDL support in IDEs Changes in python-chardet: * update to 5.2.0: * Adds support for running chardet CLI via `python -m chardet` Changes in python-distro: \- Switch to autosetup macro. * update to 1.9.0: * Refactor distro.info() method to return an InfoDict [#360] * Ignore the file '/etc/board-release' [#353] * Ignore the file '/etc/ec2_version' [#359] * Test on modern versions of CPython and PyPy and macOS [#362] * Add support for ALT Linux Server 10.1 distribution [#354] * Add Debian Testing to the tests [#356] * Update archlinux resource for tests [#352] * Remove duplicate files calling %fdupes * add sle15_python_module_pythons * update to 1.8.0: * Lowered `LinuxDistribution._distro_release_info` method complexity [#327] * Added official support for Buildroot distribution [#329] * Added official support for Guix distribution [#330] * Added support for `/etc/debian_version` [#333] & [#349] * Fixed a typography in CONTRIBUTING.md [#340] * Improved README.md "Usage" code block [#343] * Bumped black to v22.3.0 in pre-commit.ci configuration [#331] * Enabled GitHub Dependabot to keep GitHub Actions up to date [#335] * remove shebang from distro.py * update to version 1.7.0: * BACKWARD COMPATIBILITY: * Dropped support for EOL Pythons 2.7, 3.4 and 3.5 [#281] * Dropped support for LSB and `uname` back-ends when `--root-dir` is specified [#311] * Moved `distro.py` to `src/distro/distro.py` [#315] * ENHANCEMENTS: * Documented that `distro.version()` can return an empty string on rolling releases [#312] * Documented support for Python 3.10 [#316] * Added official support for Rocky Linux distribution [#318] * Added a shebang to `distro.py` to allow standalone execution [#313] * Added support for AIX platforms [#311] * Added compliance for PEP-561 [#315] * BUG FIXES: * Fixed `include_uname` parameter oversight [#305] * Fixed crash when `uname -rs` output is empty [#304] * Fixed Amazon Linux identifier in `distro.id()` documentation [#318] * Fixed OpenSuse >= 15 support [#319] * Fixed encoding issues when opening distro release files [#324] * Fixed `linux_distribution` regression introduced in [#230] [#325] * Tests: Set locale to UTF-8 to fix tests on Leap 15.3. * Expliciting setting of locale is not necessary anymore (gh#python- distro/distro#223). * Update to version 1.6.0 * Deprecated the distro.linux_distribution() function. Use distro.id(), distro.version() and distro.name() instead [#296] * Deprecated Python 2.7, 3.4 and 3.5 support. Further releases will only support Python 3.6+ * Added type hints to distro module [#269] * Added **version** for checking distro version [#292] * Added support for arbitrary rootfs via the root_dir parameter [#247] * Added the --root-dir option to CLI [#161] * Added fallback to /usr/lib/os-release when /etc/os-release isn't available [#262] * Fixed subprocess.CalledProcessError when running lsb_release [#261] * Ignore /etc/iredmail-release file while parsing distribution [#268] * Use a binary file for /dev/null to avoid TextIOWrapper overhead [#271] * use %pytest macro * Enable tests properly (this is pytest, not unittest), Changes in python- docker: * update to 7.0.0: * Removed SSL version (`ssl_version`) and explicit hostname check (`assert_hostname`) options (#3185) * Python 3.7+ supports TLSv1.3 by default * Websocket support is no longer included by default (#3123) * Use `pip install docker[websockets]` to include `websocket- client` dependency * By default, `docker-py` hijacks the TCP connection and does not use Websockets * Websocket client is only required to use `attach_socket(container, ws=True)` * Python 3.7 no longer supported (reached end-of-life June 2023) (#3187) * Python 3.12 support (#3185) * Full `networking_config` support for `containers.create()` * Replaces `network_driver_opt` (added in 6.1.0) * Add `health()` property to container that returns status (e.g. `unhealthy`) * Add `pause` option to `container.commit()` (#3159) * Add support for bind mount propagation (e.g. `rshared`, `private`) * Add support for `filters`, `keep_storage`, and `all` in `prune_builds()` on API v1.39+ (#3192) * Consistently return `docker.errors.NotFound` on 404 responses * Validate tag format before push (#3191) * update to 6.1.3: * Bugfixes * Fix eventlet compatibility (#3132) * update to 6.1.2: * Bugfixes * Fix for socket timeouts on long docker exec calls (#3125) * Respect timeout param on Windows (#3112) * update to 6.1.1: * Upgrade Notes (6.1.x) * Errors are no longer returned during client initialization if the credential helper cannot be found. A warning will be emitted instead, and an error is returned if the credential helper is used. * Bugfixes * Fix containers.stats() hanging with stream=True * Correct return type in docs for containers.diff() method * update to 6.1.0: * Upgrade Notes * Errors are no longer returned during client initialization if the credential helper cannot be found. A warning will be emitted instead, and an error is returned if the credential helper is used. * Features * Python 3.11 support * Use poll() instead of select() on non-Windows platforms * New API fields * network_driver_opt on container run / create * one-shot on container stats * status on services list * Bugfixes * Support for requests 2.29.0+ and urllib3 2.x * Do not strip characters from volume names * Fix connection leak on container.exec_* operations * Fix errors closing named pipes on Windows * update to 6.0.1: * Notice This version is not compatible with requests 2.29+ or urllib3 2.x. Either add requests < 2.29 and urllib3 < 2 to your requirements or upgrade to to the latest docker-py release. * Bugfixes * Fix for The pipe has been ended errors on Windows (#3056) * Support floats for timestamps in Docker logs (since / until) (#3031) * update to 6.0.0: * Upgrade Notes * Minimum supported Python version is 3.7+ * When installing with pip, the docker[tls] extra is deprecated and a no-op, use docker for same functionality (TLS support is always available now) * Native Python SSH client (used by default / use_ssh_client=False) will now * reject unknown host keys with paramiko.ssh_exception.SSHException * Short IDs are now 12 characters instead of 10 characters (same as Docker CLI) * Version metadata is now exposed as **version** * Features * Python 3.10 support * Automatically negotiate most secure TLS version * Add platform (e.g. linux/amd64, darwin/arm64) to container create & run * Add support for GlobalJob and ReplicatedJobs for Swarm * Add remove() method on Image * Add force param to disable() on Plugin * Bugfixes * Fix install issues on Windows related to pywin32 * Do not accept unknown SSH host keys in native Python SSH mode * Use 12 character short IDs for consistency with Docker CLI * Ignore trailing whitespace in .dockerignore files * Fix IPv6 host parsing when explicit port specified * Fix ProxyCommand option for SSH connections * Do not spawn extra subshell when launching external SSH client * Improve exception semantics to preserve context * Documentation improvements (formatting, examples, typos, missing params) * Miscellaneous * Upgrade dependencies in requirements.txt to latest versions * Remove extraneous transitive dependencies * Eliminate usages of deprecated functions/methods * Test suite reliability improvements * GitHub Actions workflows for linting, unit tests, integration tests, and publishing releases * add sle15_python_module_pythons * python-six is not required as well * python-mock actually not required for build * update to 5.0.3: * Add cap_add and cap_drop parameters to service create and ContainerSpec * Add templating parameter to config create * Bump urllib3 to 1.26.5 * Bump requests to 2.26.0 * Remove support for Python 2.7 * Make Python 3.6 the minimum version supported * Update to 4.4.4 From project changelog: 4.4.4 Bugfixes Remove LD_LIBRARY_PATH and SSL_CERT_FILE environment variables when shelling out to the ssh client 4.4.3 Features Add support for docker.types.Placement.MaxReplicas Bugfixes Fix SSH port parsing when shelling out to the ssh client 4.4.2 Bugfixes Fix SSH connection bug where the hostname was incorrectly trimmed and the error was hidden Fix docs example Miscellaneous Add Python3.8 and 3.9 in setup.py classifier list 4.4.1 Bugfixes Avoid setting unsuported parameter for subprocess.Popen on Windows Replace use of deprecated "filter" argument on ""docker/api/image" * update to 4.4.0: * Add an alternative SSH connection to the paramiko one, based on shelling out to the SSh client. Similar to the behaviour of Docker cli * Default image tag to `latest` on `pull` * Fix plugin model upgrade * Fix examples URL in ulimits * Improve exception messages for server and client errors * Bump cryptography from 2.3 to 3.2 * Set default API version to `auto` * Fix conversion to bytes for `float` * Support OpenSSH `identityfile` option * Add `DeviceRequest` type to expose host resources such as GPUs * Add support for `DriverOpts` in EndpointConfig * Disable compression by default when using container.get_archive method * Update default API version to v1.39 * Update test engine version to 19.03.12 * update to 4.2.2: * Fix context load for non-docker endpoints * update to 4.2.1: * Add option on when to use `tls` on Context constructor * Make context orchestrator field optional * Bump required version of pycreds to 0.4.0 (sync with requirements.txt) * update to 3.7.0 (mandatory for latest docker-compose) * add python-dockerpycreds dependency in the spec file rebase hide_py_pckgmgmt.patch Changes in python-fakeredis: * update to 2.21.0: * Implement all TOP-K commands (`TOPK.INFO`, `TOPK.LIST`, `TOPK.RESERVE`, * `TOPK.ADD`, `TOPK.COUNT`, `TOPK.QUERY`, `TOPK.INCRBY`) #278 * Implement all cuckoo filter commands #276 * Implement all Count-Min Sketch commands #277 * Fix XREAD blocking bug #274 #275 * EXAT option does not work #279 * update to 2.20.1: * Fix `XREAD` bug #256 * Testing for python 3.12 * update to 2.20.0: * Implement `BITFIELD` command #247 * Implement `COMMAND`, `COMMAND INFO`, `COMMAND COUNT` #248 * Remove unnecessary BR on python-lupa * update to 2.19.0: * Implement Bloom filters commands #239 * Fix error on blocking XREADGROUP #237 * update to 2.18.1: * Fix stream type issue #233 * update to 2.18.0: * Implement `PUBSUB NUMPAT` #195, `SSUBSCRIBE` #199, `SPUBLISH` #198, `SUNSUBSCRIBE` #200, `PUBSUB SHARDCHANNELS` #196, `PUBSUB SHARDNUMSUB` #197 * Fix All aio.FakeRedis instances share the same server #218 * update to 2.17.0: * Implement `LPOS` #207, `LMPOP` #184, and `BLMPOP` #183 * Implement `ZMPOP` #191, `BZMPOP` #186 * Fix incorrect error msg for group not found #210 * fix: use same server_key within pipeline when issued watch issue with ZRANGE and ZRANGESTORE with BYLEX #214 * Implemented support for `JSON.MSET` #174, `JSON.MERGE` #181 * Add support for version for async FakeRedis #205 * Updated how to test django_rq #204 * update to 2.15.0: * Implemented support for various stream groups commands: * `XGROUP CREATE` #161, `XGROUP DESTROY` #164, `XGROUP SETID` #165, `XGROUP DELCONSUMER` #162, * `XGROUP CREATECONSUMER` #163, `XINFO GROUPS` #168, `XINFO CONSUMERS` #168, `XINFO STREAM` #169, `XREADGROUP` #171, * `XACK` #157, `XPENDING` #170, `XCLAIM` #159, `XAUTOCLAIM` * Implemented sorted set commands: * `ZRANDMEMBER` #192, `ZDIFF` #187, `ZINTER` #189, `ZUNION` #194, `ZDIFFSTORE` #188, * `ZINTERCARD` #190, `ZRANGESTORE` #193 * Implemented list commands: * `BLMOVE` #182, * Improved documentation. * Fix documentation link * Fix requirement for packaging.Version #177 * Implement `HRANDFIELD` #156 * Implement `JSON.MSET` * Improve streams code * update to 2.13.0: * Fixed xadd timestamp (fixes #151) (#152) * Implement XDEL #153 * Improve test code * Fix reported security issue * Add support for `Connection.read_response` arguments used in redis-py 4.5.5 and 5.0.0 * Adding state for scan commands (#99) * Improved documentation (added async sample, etc.) * update to 2.12.0: * Implement `XREAD` #147 * Unique FakeServer when no connection params are provided * Minor fixes supporting multiple connections * Update documentation * connection parameters awareness: * Creating multiple clients with the same connection parameters will result in the same server data structure. * Fix creating fakeredis.aioredis using url with user/password * add sle15_python_module_pythons * Update to 2.10.3: * Support for redis-py 5.0.0b1 * Include tests in sdist (#133) * Fix import used in GenericCommandsMixin.randomkey (#135) * Fix async_timeout usage on py3.11 (#132) * Enable testing django-cache using FakeConnection. * All geo commands implemented * Fix bug for xrange * Fix bug for xrevrange * Implement XTRIM * Add support for MAXLEN, MAXID, LIMIT arguments for XADD command * Add support for ZRANGE arguments for ZRANGE command #127 * Relax python version requirement #128 * Support for redis-py 4.5.0 #125 * update to 2.7.1: * Fix import error for NoneType (#120) * Implement * JSON.ARRINDEX * JSON.OBJLEN * JSON.OBJKEYS * JSON.ARRPOP * JSON.ARRTRIM * JSON.NUMINCRBY * JSON.NUMMULTBY * XADD * XLEN * XRANGE * XREVRANGE * Implement `JSON.TYPE`, `JSON.ARRLEN` and `JSON.ARRAPPEND` * Fix encoding of None (#118) * update to v2.5.0: * Implement support for BITPOS (bitmap command) (#112) * Fix json mget when dict is returned (#114) * fix: properly export (#116) * Extract param handling (#113) * update to v2.4.0: * Implement LCS (#111), BITOP (#110) * Fix bug checking type in scan_iter (#109) * Implement GETEX (#102) * Implement support for JSON.STRAPPEND (json command) (#98) * Implement JSON.STRLEN, JSON.TOGGLE and fix bugs with JSON.DEL (#96) * Implement PUBSUB CHANNELS, PUBSUB NUMSUB * Implement JSON.CLEAR (#87) * Support for redis-py v4.4.0 * Implement json.mget (#85) * Initial json module support - JSON.GET, JSON.SET and JSON.DEL (#80) * fix: add nowait for asyncio disconnect (#76) * Refactor how commands are registered (#79) * Refactor tests from redispy4_plus (#77) * Remove support for aioredis separate from redis-py (redis-py versions 4.1.2 and below). (#65) * Add support for redis-py v4.4rc4 (#73) * Add mypy support (#74) * Implement support for zmscore by @the-wondersmith in #67 * What's Changed * implement GETDEL and SINTERCARD support by @cunla in #57 * Test get float-type behavior by @cunla in #59 * Implement BZPOPMIN/BZPOPMAX support by @cunla in #60 * drop fakeredis-pr54-fix-ensure_str.patch (upstream) * Update to 1.9.3 * Removed python-six dependency * zadd support for GT/LT by @cunla in #49 * Remove six dependency by @cunla in #51 * Add host to conn_pool_args by @cunla in #51 * Drop python-fakeredis-no-six.patch which was incomplete * all commits, including the missing ones in release now * Add fakeredis-pr54-fix-ensure_str.patch * use upstream https://github.com/cunla/fakeredis-py/pull/51/ * modified patches % python-fakeredis-no-six.patch (refreshed) * version update to 1.9.1 * Zrange byscore by @cunla in #44 * Expire options by @cunla in #46 * Enable redis7 support by @cunla in #42 * added patches fix https://github.com/cunla/fakeredis-py/issues/50 * python-fakeredis-no-six.patch * Update to 1.8.1 * fix: allow redis 4.3.* by @terencehonles in #30 * Release 1.8 * Fix handling url with username and password by @cunla in #27 * Refactor tests by @cunla in #28 * Release 1.7.6 * add IMOVE operation by @BGroever in #11 * Add SMISMEMBER command by @OlegZv in #20 * fix: work with redis.asyncio by @zhongkechen in #10 * Migrate to poetry by @cunla in #12 * Create annotation for redis4+ tests by @cunla in #14 * Make aioredis and lupa optional dependencies by @cunla in #16 * Remove aioredis requirement if redis-py 4.2+ by @ikornaselur in #19 * update to 1.7.0 * Change a number of corner-case behaviours to match Redis 6.2.6. * Fix DeprecationWarning for sampling from a set * Improved support for constructor arguments * Support redis-py 4 * Add support for GET option to SET * PERSIST and EXPIRE should invalidate watches * Update to 1.6.1 * # 305 Some packaging modernisation * # 306 Fix FakeRedisMixin.from_url for unix sockets * # 308 Remove use of async_generator from tests * Release 1.6.0 * # 304 Support aioredis 2 * # 302 Switch CI from Travis CI to Github Actions * update to 1.5.2 * support python 3.9 * support aioredis * Disable py2 as upstream actually disabled python2 support competely * The syntax simply is not compatible * Update to 1.3.0: * No upstream changelog * python2 tests are dysfunctional, test with python3 only * Update to 1.0.5: * No upstream changelog * Update to 1.0.4: * various bugfixes all around * Update to v1.0.3 * Support for redis 3.2 (no effective changes in v1.0.2) * Initial spec for v1.0.1 Changes in python-fixedint: * Switch build system from setuptools to pyproject.toml * Add python-pip and python-wheel to BuildRequires * Replace %python_build with %pyproject_wheel * Replace %python_install with %pyproject_install * Fix capitalization in Summary * Limit Python files matched in %files section * Switch package to modern Python Stack on SLE-15 * Add %{?sle15_python_module_pythons} * Drop %{?!python_module:%define python_module() python-%{ **} python3-%{** }} * Initial build * Version 0.2.0 Changes in python-httplib2: * require setuptools * Clean up SPEC file. * Add %{?sle15_python_module_pythons} * update to 0.22.0: * https: disable_ssl_certificate_validation caused ValueError: Cannot set verify_mode to CERT_NONE when check_hostname is enabled * Update to 0.21.0: * http: `Content-Encoding: deflate` must accept zlib encapsulation * https://github.com/httplib2/httplib2/pull/230 * Begin support and CI against CPython 3.10 and 3.11. * update to 0.20.4: proxy: support proxy urls with ipv6 address Tests compatible with Python3.10 and recent pytest. * add pyparsing dependency * update to 0.20.2: auth: support pyparsing v3 proxy: correct extraction of errno from pysocks ProxyConnectionError IMPORTANT cacerts: remove expired DST Root CA X3, add ISRG Root X1, X2 * update to 0.19.1: * auth header parsing performance optimizations; Thanks to Paul McGuire * Use mock from the standard library on Python>=3.3 set first, othewise a "ValueError: Cannot set verify_mode to CERT_NONE when check_hostname instead (bnc#761162) item not in cache \- initial version of python-httplib2 (0.2.0) Changes in python-httpretty: \- Add patch 0001-Fix- test_417_openssl.py-if-pyOpenSSL-not-available.patch: * Fix tests without pyOpenSSL support in urllib3 * Allow building with python-urllib3 >= 2.x * Do not use python-boto3 when building in SLE where it's currently not available for python311 * Add %{?sle15_python_module_pythons} * skip failing testsuite tests after requests update * Add patch relax-test-callback-response.patch: * Relax timeout for test_callback_response (bsc#1209571) * Add patch 460-miliseconds_tests.patch (gh#gabrielfalcao/HTTPretty#460): * Correct tests for s390x and aarch64 because of timeout failures after 2 miliseconds * Fix test suite: * Remove nose idioms * Remove outdated test skips * Add patch double-slash-paths.patch: * http.request may replace // with /, handle that in the testcase. * Add 453-fix-tests-pytest.patch (gh#gabrielfalcao/HTTPretty#449) to make tests compatible with pytest. * Add patch remove-mock.patch: * Use unittest.mock in the functional tests. * specfile: * update copyright year * update to version 1.1.4: * Bugfix: #435 Fallback to WARNING when logging.getLogger().level is None. * changes from version 1.1.3: * Bugfix: #430 Respect socket timeout. * changes from version 1.1.2: * Bugfix: #426 Segmentation fault when running against a large amount of tests with pytest --mypy. * changes from version 1.1.1: * Bugfix: httpretty.disable() injects pyopenssl into :py:mod:`urllib3` even if it originally wasn't #417 * Bugfix: "Incompatibility with boto3 S3 put_object" #416 * Bugfix: "Regular expression for URL -> TypeError: wrap_socket() missing 1 required" #413 * Bugfix: "Making requests to non-stadard port throws TimeoutError "#387 * changes from version 1.1.0: * Feature: Display mismatched URL within UnmockedError whenever possible. #388 * Feature: Display mismatched URL via logging. #419 * Add new properties to :py:class:`httpretty.core.HTTPrettyRequest` (protocol, host, url, path, method). * Updater to 1.0.5 * Bugfix: Support socket.socketpair() . #402 * Bugfix: Prevent exceptions from re-applying monkey patches. #406 * Release 1.0.4 * Python 3.8 and 3.9 support. #407 * Update to 1.0.3 * Fix compatibility with urllib3>=1.26. #410 * Replace nose with nose2 * avoid reading DNS resolver settings gh#gabrielfalcao/HTTPretty#405 * remove unnecessary test packages * Update to 1.0.2 * Drop Python 2 support. * Fix usage with redis and improve overall real-socket passthrough. * Fix TypeError: wrap_socket() missing 1 required positional argument: 'sock'. * Fix simple typo: neighter -> neither. * Updated documentation for register_uri concerning using ports. * Clarify relation between `enabled` and `httprettized` in API docs. * Align signature with builtin socket. * Version update to 0.9.6: * Many fixes all around * Support for python 3.7 * Make sure we really run the tests * Remove superfluous devel dependency for noarch package Changes in python-javaproperties: \- Switch package to modern Python Stack on SLE-15 \+ Add %{?sle15_python_module_pythons} * version update to 0.8.1 v0.8.1 (2021-10-05) * * * * Fix a typing issue in Python 3.9 * Support Python 3.10 v0.8.0 (2020-11-28) * * * * Drop support for Python 2.7, 3.4, and 3.5 * Support Python 3.9 * `ensure_ascii` parameter added to `PropertiesFile.dump()` and `PropertiesFile.dumps()` * **Bugfix** : When parsing XML input, empty `<entry>` tags now produce an empty string as a value, not `None` * Added type annotations * `Properties` and `PropertiesFile` no longer raise `TypeError` when given a non-string key or value, as type correctness is now expected to be enforced through static type checking * The `PropertiesElement` classes returned by `parse()` are no longer subclasses of `namedtuple`, but they can still be iterated over to retrieve their fields like a tuple * python-six is not required Changes in python-jsondiff: * Switch build system from setuptools to pyproject.toml * Add python-pip and python-wheel to BuildRequires * Replace %python_build with %pyproject_wheel * Replace %python_install with %pyproject_install * Limit Python files matched in %files section * Add %{?sle15_python_module_pythons} * Update to version 2.0.0 * Removed deprecated function * Remove deprecated jsondiff entry point * from version 1.3.1 * Optionally allow different escape_str than '$' * Clarified the readme, closes #23 * Fixed readme * Remove jsondiff command from %install, %post, %postun and %files sections Changes in python-knack: * Switch package to modern Python Stack on SLE-15 * Add %{?sle15_python_module_pythons} * Drop %{?!python_module:%define python_module() python-%{ **} python3-%{** }} * Drop %define skip_python2 1 * Update to version 0.11.0 * Declare support for Python 3.11 and drop support for Python 3.7 (#275) * Stop converting argument's `bool` default value to `DefaultInt` (#273) * Update to version 0.10.1 * Support bytearray serialization (#268) * Update to version 0.10.0 * Enable Virtual Terminal mode on legacy Windows terminal to support ANSI escape sequences (#265) * Drop Python 3.6 support (#259) * python-mock is not required for build Changes in python-marshmallow: * Switch build system from setuptools to pyproject.toml * Add python-pip and python-wheel to BuildRequires * Replace %python_build with %pyproject_wheel * Replace %python_install with %pyproject_install * Limit Python files matched in %files section * update to 3.20.2: * Bug fixes: - Fix Nested field type hint for lambda Schema types (:pr:`2164`). * Other changes: - Officially support Python 3.12 (:pr:`2188`). * update to 3.20.1: * Fix call to `get_declared_fields`: pass `dict_cls` again * Add `absolute` parameter to `URL` validator and `Url` * Use Abstract Base Classes to define `FieldABC` and `SchemaABC` * Use `OrderedSet` as default `set_class`. Schemas are now ordered by default. * Handle `OSError` and `OverflowError` in `utils.from_timestamp` (:pr:`2102`). * Fix the default inheritance of nested partial schemas * Officially support Python 3.11 (:pr:`2067`). * Drop support for Python 3.7 (:pr:`2135`). * Switch documentation to be within the main package on SLE15 * rename docs subpackage to the more common doc name * Update to 3.19.0 * Add timestamp and timestamp_ms formats to fields.DateTime (#612). Thanks @vgavro for the suggestion and thanks @vanHoi for the PR. Changes in python-opencensus: \- Add Obsoletes for old python3 package on SLE-15 \- Switch build system from setuptools to pyproject.toml \+ Add python-pip and python-wheel to BuildRequires \+ Replace %python_build with %pyproject_wheel \+ Replace %python_install with %pyproject_install \- Update to 0.11.4 * Changed bit-mapping for `httpx` and `fastapi` integrations \- Refresh patches for new version * opencensus-pr1002-remove-mock.patch \- Switch package to modern Python Stack on SLE-15 * Add %{?sle15_python_module_pythons} * Drop %{?!python_module:%define python_module() python-%{ **} python3-%{** }} * update to 0.11.3 * Updated azure modules * sorry, six is still needed :( * update to 0.11.2: * Updated `azure`, `fastapi`,`flask` modules * Updated `azure`, `httpx` modules * Update to 0.11.0 * Updated `azure`, `context`, `flask`, `requests` modules * from version 0.10.0 * Add kwargs to derived gauge (#1135) * from version 0.9.0 * Make sure handler.flush() doesn't deadlock (#1112) * Refresh patches for new version * opencensus-pr1002-remove-mock.patch * Update Requires from setup.py Changes in python-opencensus-context: \- Clean up the SPEC file \- Switch package to modern Python Stack on SLE-15 \+ Add %{?sle15_python_module_pythons} \+ Drop %{?!python_module:%define python_module() python-%{ **} python3-%{** }} \- Update to 0.1.3 * Move `version.py` file into `runtime_context` folder (#1143) Changes in python-opencensus-ext-threading: \- Switch package to modern Python Stack on SLE-15 \+ Add %{?sle15_python_module_pythons} \+ Drop %{?!python_module:%define python_module() python-%{ **} python3-%{** }} \+ Drop build support for Python 2.x Changes in python-opentelemetry-api: \- update to 1.23.0: * Use Attribute rather than boundattribute in logrecord (#3567) * Fix flush error when no LoggerProvider configured for LoggingHandler (#3608) * Fix OTLPMetricExporter ignores preferred_aggregation property (#3603) * Logs: set observed_timestamp field (#3565) * Add missing Resource SchemaURL in OTLP exporters (#3652) * Fix loglevel warning text (#3566) * Prometheus Exporter string representation for target_info labels (#3659) * Logs: ObservedTimestamp field is missing in console exporter output (#3564) * Fix explicit bucket histogram aggregation (#3429) * Add code.lineno, code.function and code.filepath to all logs (#3645) * Add Synchronous Gauge instrument (#3462) * Drop support for 3.7 (#3668) * Include key in attribute sequence warning (#3639) * Upgrade markupsafe, Flask and related dependencies to dev and test environments (#3609) * Handle HTTP 2XX responses as successful in OTLP exporters (#3623) * Improve Resource Detector timeout messaging (#3645) * Add Proxy classes for logging (#3575) * Remove dependency on 'backoff' library (#3679) * update to 1.22.0: * Prometheus exporter sanitize info metric (#3572) * Remove Jaeger exporters (#3554) * Log stacktrace on `UNKNOWN` status OTLP export error (#3536) * Fix OTLPExporterMixin shutdown timeout period (#3524) * Handle `taskName` `logrecord` attribute (#3557) * update to 1.21.0: * Fix `SumAggregation`(#3390) * Fix handling of empty metric collection cycles (#3335) * Fix error when no LoggerProvider configured for LoggingHandler (#3423) * Make `opentelemetry_metrics_exporter` entrypoint support pull exporters (#3428) * Allow instrument names to have '/' and up to 255 characters (#3442) * Do not load Resource on sdk import (#3447) * Update semantic conventions to version 1.21.0 (#3251) * Add missing schema_url in global api for logging and metrics (#3251) * Prometheus exporter support for auto instrumentation (#3413) * Modify Prometheus exporter to translate non-monotonic Sums into Gauges (#3306) * Update the body type in the log ($3343) * Add max_scale option to Exponential Bucket Histogram Aggregation (#3323) * Use BoundedAttributes instead of raw dict to extract attributes from LogRecord (#3310) * Support dropped_attributes_count in LogRecord and exporters (#3351) * Add unit to view instrument selection criteria (#3341) * Upgrade opentelemetry-proto to 0.20 and regen #3355) * Include endpoint in Grpc transient error warning #3362) * Fixed bug where logging export is tracked as trace #3375) * Select histogram aggregation with an environment variable * Move Protobuf encoding to its own package (#3169) * Add experimental feature to detect resource detectors in auto instrumentation (#3181) * Fix exporting of ExponentialBucketHistogramAggregation from opentelemetry.sdk.metrics.view (#3240) * Fix headers types mismatch for OTLP Exporters (#3226) * Fix suppress instrumentation for log batch processor (#3223) * Add speced out environment variables and arguments for BatchLogRecordProcessor (#3237) * Fix `ParentBased` sampler for implicit parent spans. Fix also `trace_state` erasure for dropped spans or spans sampled by the `TraceIdRatioBased` sampler. Changes in python-opentelemetry-sdk: * Add missing python-wheel build dependency to BuildRequires * update to 1.23.0: * Use Attribute rather than boundattribute in logrecord (#3567) * Fix flush error when no LoggerProvider configured for LoggingHandler (#3608) * Fix OTLPMetricExporter ignores preferred_aggregation property (#3603) * Logs: set observed_timestamp field (#3565) * Add missing Resource SchemaURL in OTLP exporters (#3652) * Fix loglevel warning text (#3566) * Prometheus Exporter string representation for target_info labels (#3659) * Logs: ObservedTimestamp field is missing in console exporter output (#3564) * Fix explicit bucket histogram aggregation (#3429) * Add code.lineno, code.function and code.filepath to all logs (#3645) * Add Synchronous Gauge instrument (#3462) * Drop support for 3.7 (#3668) * Include key in attribute sequence warning (#3639) * Upgrade markupsafe, Flask and related dependencies to dev and test environments (#3609) * Handle HTTP 2XX responses as successful in OTLP exporters (#3623) * Improve Resource Detector timeout messaging (#3645) * Add Proxy classes for logging (#3575) * Remove dependency on 'backoff' library (#3679) * update to 1.23.0: * Use Attribute rather than boundattribute in logrecord (#3567) * Fix flush error when no LoggerProvider configured for LoggingHandler (#3608) * Fix OTLPMetricExporter ignores preferred_aggregation property (#3603) * Logs: set observed_timestamp field (#3565) * Add missing Resource SchemaURL in OTLP exporters (#3652) * Fix loglevel warning text (#3566) * Prometheus Exporter string representation for target_info labels (#3659) * Logs: ObservedTimestamp field is missing in console exporter output (#3564) * Fix explicit bucket histogram aggregation (#3429) * Add code.lineno, code.function and code.filepath to all logs (#3645) * Add Synchronous Gauge instrument (#3462) * Drop support for 3.7 (#3668) * Include key in attribute sequence warning (#3639) * Upgrade markupsafe, Flask and related dependencies to dev and test environments (#3609) * Handle HTTP 2XX responses as successful in OTLP exporters (#3623) * Improve Resource Detector timeout messaging (#3645) * Add Proxy classes for logging (#3575) * Remove dependency on 'backoff' library (#3679) * Switch package to modern Python Stack on SLE-15 * Add %{?sle15_python_module_pythons} * Initial package (1.22.0) Changes in python-opentelemetry-semantic- conventions: * update to 0.44b0: * Use Attribute rather than boundattribute in logrecord (#3567) * Fix flush error when no LoggerProvider configured for LoggingHandler (#3608) * Fix OTLPMetricExporter ignores preferred_aggregation property (#3603) * Logs: set observed_timestamp field (#3565) * Add missing Resource SchemaURL in OTLP exporters (#3652) * Fix loglevel warning text (#3566) * Prometheus Exporter string representation for target_info labels (#3659) * Logs: ObservedTimestamp field is missing in console exporter output (#3564) * Fix explicit bucket histogram aggregation (#3429) * Add code.lineno, code.function and code.filepath to all logs (#3645) * Add Synchronous Gauge instrument (#3462) * Drop support for 3.7 (#3668) * Include key in attribute sequence warning (#3639) * Upgrade markupsafe, Flask and related dependencies to dev and test environments (#3609) * Handle HTTP 2XX responses as successful in OTLP exporters (#3623) * Improve Resource Detector timeout messaging (#3645) * Add Proxy classes for logging (#3575) * Remove dependency on 'backoff' library (#3679) * update to 0.43b0: * Prometheus exporter sanitize info metric * Remove Jaeger exporters * Log stacktrace on `UNKNOWN` status OTLP export error * Fix OTLPExporterMixin shutdown timeout period * Handle `taskName` `logrecord` attribute * Fix `SumAggregation` * Fix handling of empty metric collection cycles * Fix error when no LoggerProvider configured for LoggingHandler * Make `opentelemetry_metrics_exporter` entrypoint support pull exporters * Allow instrument names to have '/' and up to 255 characters * Do not load Resource on sdk import * Update semantic conventions to version 1.21.0 * Add missing schema_url in global api for logging and metrics * Prometheus exporter support for auto instrumentation * Drop `setuptools` runtime requirement. * Update the body type in the log ($3343) * Add max_scale option to Exponential Bucket Histogram Aggregation * Use BoundedAttributes instead of raw dict to extract attributes from LogRecord * Support dropped_attributes_count in LogRecord and exporters * Add unit to view instrument selection criteria * Upgrade opentelemetry-proto to 0.20 and regen #3355) * Include endpoint in Grpc transient error warning #3362) * Fixed bug where logging export is tracked as trace #3375) * Select histogram aggregation with an environment variable * Move Protobuf encoding to its own package * Add experimental feature to detect resource detectors in auto instrumentation * Fix exporting of ExponentialBucketHistogramAggregation from opentelemetry.sdk.metrics.view * Fix headers types mismatch for OTLP Exporters * Fix suppress instrumentation for log batch processor * Add speced out environment variables and arguments for BatchLogRecordProcessor * Initial build * Version 0.25b2 Changes in python-opentelemetry-test-utils: * update to 0.44b0: * Use Attribute rather than boundattribute in logrecord (#3567) * Fix flush error when no LoggerProvider configured for LoggingHandler (#3608) * Fix OTLPMetricExporter ignores preferred_aggregation property (#3603) * Logs: set observed_timestamp field (#3565) * Add missing Resource SchemaURL in OTLP exporters (#3652) * Fix loglevel warning text (#3566) * Prometheus Exporter string representation for target_info labels (#3659) * Logs: ObservedTimestamp field is missing in console exporter output (#3564) * Fix explicit bucket histogram aggregation (#3429) * Add code.lineno, code.function and code.filepath to all logs (#3645) * Add Synchronous Gauge instrument (#3462) * Drop support for 3.7 (#3668) * Include key in attribute sequence warning (#3639) * Upgrade markupsafe, Flask and related dependencies to dev and test environments (#3609) * Handle HTTP 2XX responses as successful in OTLP exporters (#3623) * Improve Resource Detector timeout messaging (#3645) * Add Proxy classes for logging (#3575) * Remove dependency on 'backoff' library (#3679) * Initial package (0.43b0) Changes in python-pycomposefile: * Switch package to modern Python Stack on SLE-15 * Add %{?sle15_python_module_pythons} * Initial build * Version 0.0.30 Changes in python-pydash: * Switch package to modern Python Stack on SLE-15 * Add %{?sle15_python_module_pythons} * Drop %{?!python_module:%define python_module() python-%{ **} python3-%{** }} * Update to version 6.0.2 * Only prevent access to object paths containing `__globals__` or `__builtins__` instead of all dunder-methods for non-dict/list objects. * from version 6.0.1 * Fix exception raised due to mishandling of non-string keys in functions like `get()` for non-dict/list objects that used integer index references like `"[0]"`. * from version 6.0.0 * Prevent access to object paths containing dunder-methods in functions like `get()` for non-dict/list objects. Attempting to access dunder-methods using get-path keys will raise a `KeyError` (e.g. `get(SomeClass(), '__init__'` will raise). Access to dict keys are unaffected (e.g. `get({"__init__": True}, "__init__")` will return `True`). ( **breaking change** ) * Add support for Python 3.11. * Drop support for Python 3.6 ( **breaking change** ) * from version 5.1.2 * Remove unnecessary type check and conversion for `exceptions` argument in `pydash.retry`. * from version 5.1.1 * Add support for Python 3.10. * Fix timing assertion issue in test for `pydash.delay` where it could fail on certain environments. * Switch build system from setuptools to pyproject.toml * Update BuildRequires from pyproject.toml * version update to 5.1.0 v5.1.0 (2021-10-02) * * * * Support matches-style callbacks on non-dictionary objects that are compatible with `pydash.get` in functions like `pydash.find`. v5.0.2 (2021-07-15) * * * * Fix compatibility issue between `pydash.py_` / `pydash._` and `typing.Protocol` \+ `typing.runtime_checkable` that caused an exception to be raised for `isinstance(py_, SomeRuntimeCheckableProtocol)`. v5.0.1 (2021-06-27) * * * * Fix bug in `merge_with` that prevented custom iteratee from being used when recursively merging. Thanks weineel_! v5.0.0 (2021-03-29) * * * * Drop support for Python 2.7. ( **breaking change** ) * Improve Unicode word splitting in string functions to be inline with Lodash. Thanks mervynlee94_! ( **breaking change** ) * `camel_case` * `human_case` * `kebab_case` * `lower_case` * `pascal_case` * `separator_case` * `slugify` * `snake_case` * `start_case` * `upper_case` * Optimize regular expression constants used in `pydash.strings` by pre- compiling them to regular expression pattern objects. v4.9.3 (2021-03-03) * * * * Fix regression introduced in `v4.8.0` that caused `merge` and `merge_with` to raise an exception when passing `None` as the first argument. v4.9.2 (2020-12-24) * * * * Fix regression introduced in `v4.9.1` that broke `pydash.get` for dictionaries and dot-delimited keys that reference integer dict-keys. v4.9.1 (2020-12-14) * * * * Fix bug in `get/has` that caused `defaultdict` objects to get populated on key access. v4.9.0 (2020-10-27) * * * * Add `default_to_any`. Thanks gonzalonaveira_! * Fix mishandling of key names containing `\.` in `set_`, `set_with`, and `update_with` where the `.` was not treated as a literal value within the key name. Thanks zhaowb_! * python-mock is not required for build * Activate test suite * Update to v4.8.0 * Initial spec for v4.7.6 Changes in python-redis: * Switch build system from setuptools to pyproject.toml * Add python-pip and python-wheel to BuildRequires * Replace %python_build with %pyproject_wheel * Replace %python_install with %pyproject_install * add https://github.com/redis/redis-py/pull/3005 as Close-various-objects- created-during-asyncio-tests.patch to fix tests for python 3.12 * Add patch to increase timeouts in s390x where tests take longer to run: * increase-test-timeout.patch * Disable broken tests for ppc64le, bsc#1216606 * Add pytest.ini source needed to run tests * Remove/disable broken tests because of suse environment * drop tox.ini. seems it does no longer exist in 5.0.1 * add support to easily disable the testsuite at build time * update to 5.0.1 * New Features * Provide aclose() / close() for classes requiring lifetime management (#2898) * Add support for ModuleCommands in cluster (#2951) * Add support for multiple values in RPUSHX (#2949) * Add Redis.from_pool() class method, for explicitly owning and closing a ConnectionPool (#2913) * Bug Fixes * Fixing monitor parsing for messages containing specific substrings (#2950) * Cluster determine slot command name need to be upper (#2919) * Support timeout = 0 in search query (#2934) * Fix async sentinel: add push_request keyword argument to read_response (#2922) * Fix protocol checking for search commands (#2923) * Fix: SentinelManagedConnection.read_response() got an unexpected keyword argument 'push_request' (#2894) * Fix: automatically close connection pool for async Sentinel (#2900) * Save a reference to created async tasks, to avoid tasks potentially disappearing (#2816) * Avoid reference cycling by the garbage collector during response reading (#2932) * Maintenance * Type hint improvements (#2952) * Replace clear_connect_callbacks with _deregister_connect_callback (#2955) * Async fixes, remove del and other things (#2870) * Add pagination, sorting and grouping examples to search json example (#2890) * Remove process-id checks from asyncio. Asyncio and fork() does not mix. (#2911) * Fix resource usage and cleanup Mocks in the unit tests (#2936) * Remove mentions of tox (#2929) * Add 7.2 to supported Redis versions (#2896) * Fix resource warnings in unit tests (#2899) * Fix typo in redis-stream-example.ipynb (#2918) * Deprecate RedisGraph (#2927) * Fix redis 7.2.0 tests (#2902) * Fix test_scorer (search) (#2920) * changes from 5.0.0 * What's new? * Triggers and Functions support Triggers and Functions allow you to execute server-side functions triggered when key values are modified or created in Redis, a stream entry arrival, or explicitly calling them. Simply put, you can replace Lua scripts with easy-to-develop JavaScript or TypeScript code. Move your business logic closer to the data to ensure a lower latency, and forget about updating dependent key values manually in your code. Try it for yourself with Quick start * Full Redis 7.2 and RESP3 support * Python 3.7 End-of-Life * Python 3.7 has reached its end-of-life (EOL) as of June 1. This means that starting from this date, Python 3.7 will no longer receive any updates, including security patches, bug fixes, or improvements. If you continue to use Python 3.7 post-EOL, you may expose your projects and systems to potential security vulnerabilities. We ended its support in this version and strongly recommend migrating to Python 3.10. * Bug Fixes * Fix timeout retrying on pipeline execution (#2812) * Fix socket garbage collection (#2859) * Maintenance * Updating client license to clear, MIT (#2884) * Add py.typed in accordance with PEP-561 (#2738) * Dependabot label change (#2880) * Fix type hints in SearchCommands (#2817) * Add sync modules (except search) tests to cluster CI (#2850) * Fix a duplicate word in CONTRIBUTING.md (#2848) * Fixing doc builds (#2869) * Change cluster docker to edge and enable debug command (#2853) * changes from 4.6.0 * Experimental Features * Support JSON.MERGE command (#2761) * Support JSON.MSET command (#2766) * New Features * Extract abstract async connection class (#2734) * Add support for WAITAOF (#2760) * Introduce OutOfMemoryError exception for Redis write command rejections due to OOM errors (#2778) * Add WITHSCORE argument to ZRANK (#2758) * Bug Fixes * Fix dead weakref in sentinel connection causing ReferenceError (#2767) (#2771) * Fix Key Error in parse_xinfo_stream (#2788) * Remove unnecessary **del** handlers (#2755) * Added support for missing argument to SentinelManagedConnection.read_response() (#2756) * Maintenance * Fix type hint for retry_on_error in async cluster (#2804) * Clean up documents and fix some redirects (#2801) * Add unit tests for the connect method of all Redis connection classes (#2631) * Docstring formatting fix (#2796) * update to 4.5.5: * Add support for CLIENT NO-TOUCH * Add support for CLUSTER MYSHARDID * Add "address_remap" feature to RedisCluster * Add WITHSCORES argument to ZREVRANK command * Improve error output for master discovery * Fix XADD: allow non negative maxlen * Fix create single connection client from url * Optionally disable disconnects in read_response * Fix SLOWLOG GET return value * Fix potential race condition during disconnection * Return response in case of KeyError * Fix incorrect usage of once flag in async Sentinel * Fix memory leak caused by hiredis in asyncio case * Really do not use asyncio's timeout lib before 3.11.2 * add sle15_python_module_pythons * Update to 4.5.4: * Security * Cancelling an async future does not, properly trigger, leading to a potential data leak in specific cases. (CVE-2023-28858, bsc#1209811) * Cancelling an async future does not, properly trigger, leading to a potential data leak in specific cases. (CVE-2023-28859, bsc#1209812) * New Features * Introduce AbstractConnection so that UnixDomainSocketConnection can call super().init (#2588) * Added queue_class to REDIS_ALLOWED_KEYS (#2577) * Made search document subscriptable (#2615) * Sped up the protocol parsing (#2596) * Use hiredis::pack_command to serialized the commands. (#2570) * Add support for unlink in cluster pipeline (#2562) * Bug Fixes * Fixing cancelled async futures (#2666) * Fix: do not use asyncio's timeout lib before 3.11.2 (#2659) * Fix UDS in v4.5.2: UnixDomainSocketConnection missing constructor argument (#2630) * CWE-404 AsyncIO Race Condition Fix (#2624, #2579) * Fix behaviour of async PythonParser to match RedisParser as for issue #2349 (#2582) * Replace async_timeout by asyncio.timeout (#2602) * Update json().arrindex() default values (#2611) * Fix #2581 UnixDomainSocketConnection object has no attribute _command_packer (#2583) * Fix issue with pack_commands returning an empty byte sequence (#2416) * Async HiredisParser should finish parsing after a Connection.disconnect() (#2557) * Check for none, prior to raising exception (#2569) * Tuple function cannot be passed more than one argument (#2573) * Synchronise concurrent command calls to single-client to single-client mode (#2568) * Async: added 'blocking' argument to call lock method (#2454) * Added a replacement for the default cluster node in the event of failure. (#2463) * Fixed geosearch: Wrong number of arguments for geosearch command (#2464) * Clean up BuildRequires and Requires. * Disable broken test test_xautoclaim gh#redis/redis-py#2554 * udpate to 4.3.5: * Add support for TIMESERIES 1.8 (#2296) * Graph - add counters for removed labels and properties (#2292) * Add support for TDIGEST.QUANTILE extensions (#2317) * Add TDIGEST.TRIMMED_MEAN (#2300) * Add support for async GRAPH module (#2273) * Support TDIGEST.MERGESTORE and make compression optional on TDIGEST.CREATE (#2319) * Adding reserve as an alias for create, so that we have BF.RESERVE and CF.RESERVE accuratenly supported (#2331) * Fix async connection.is_connected to return a boolean value (#2278) * Fix: workaround asyncio bug on connection reset by peer (#2259) * Fix crash: key expire while search (#2270) * Async cluster: fix concurrent pipeline (#2280) * Fix async SEARCH pipeline (#2316) * Fix KeyError in async cluster - initialize before execute multi key commands (#2439) * Supply chain risk reduction: remove dependency on library named deprecated (#2386) * Search test - Ignore order of the items in the response (#2322) * Fix GRAPH.LIST & TDIGEST.QUANTILE tests (#2335) * Fix TimeSeries range aggregation (twa) tests (#2358) * Mark TOPK.COUNT as deprecated (#2363) * update to 4.3.4: * Fix backward compatibility from 4.3.2 in Lock.acquire() * Fix XAUTOCLAIM to return the full response, instead of only keys 2+ * Added dynamic_startup_nodes configuration to RedisCluster. * Fix retries in async mode * Async cluster: fix simultaneous initialize * Uppercased commands in CommandsParser.get_keys * Late eval of the skip condition in async tests * Reuse the old nodes' connections when a cluster topology refresh is being done * Docs: add pipeline examples * Correct retention_msecs value * Cluster: use pipeline to execute split commands * Docs: Add a note about client_setname and client_name difference * Delete unused redismod.conf, remove duplicate Source entry for tox.ini * Add redismod.conf and tox.ini as Sources to SPEC file. * Update to version 4.3.3 * Fix Lock crash, and versioning 4.3.3 (#2210) * Async cluster: improve docs (#2208) * Release 4.3.2 * SHUTDOWN - add support for the new NOW, FORCE and ABORT modifiers (#2150) * Adding pipeline support for async cluster (#2199) * Support CF.MEXISTS + Clean bf/commands.py (#2184) * Extending query_params for FT.PROFILE (#2198) * Implementing ClusterPipeline Lock (#2190) * Set default response_callbacks to redis.asyncio.cluster.ClusterNode (#2201) * Add default None for maxlen at xtrim command (#2188) * Async cluster: add/update typing (#2195) * Changed list type to single element type (#2203) * Made sync lock consistent and added types to it (#2137) * Async cluster: optimisations (#2205) * Fix typos in README (#2206) * Fix modules links to https://redis.io/commands/ (#2185) * Update to version 4.3.1 * Allow negative `retries` for `Retry` class to retry forever * Add `items` parameter to `hset` signature * Create codeql-analysis.yml (#1988). Thanks @chayim * Add limited support for Lua scripting with RedisCluster * Implement `.lock()` method on RedisCluster * Fix cursor returned by SCAN for RedisCluster & change default target to PRIMARIES * Fix scan_iter for RedisCluster * Remove verbose logging when initializing ClusterPubSub, ClusterPipeline or RedisCluster * Fix broken connection writer lock-up for asyncio (#2065) * Fix auth bug when provided with no username (#2086) * Release 4.1.3 * Fix flushdb and flushall (#1926) * Add redis5 and redis4 dockers (#1871) * Change json.clear test multi to be up to date with redisjson (#1922) * Fixing volume for unstable_cluster docker (#1914) * Update changes file with changes since 4.0.0-beta2 (#1915) * Release 4.1.2 * Invalid OCSP certificates should raise ConnectionError on failed validation (#1907) * Added retry mechanism on socket timeouts when connecting to the server (#1895) * LMOVE, BLMOVE return incorrect responses (#1906) * Fixing AttributeError in UnixDomainSocketConnection (#1903) * Fixing TypeError in GraphCommands.explain (#1901) * For tests, increasing wait time for the cluster (#1908) * Increased pubsub's wait_for_messages timeout to prevent flaky tests (#1893) * README code snippets formatted to highlight properly (#1888) * Fix link in the main page (#1897) * Documentation fixes: JSON Example, SSL Connection Examples, RTD version (#1887) * Direct link to readthedocs (#1885) * Release 4.1.1 * Add retries to connections in Sentinel Pools (#1879) * OCSP Stapling Support (#1873) * Define incr/decr as aliases of incrby/decrby (#1874) * FT.CREATE - support MAXTEXTFIELDS, TEMPORARY, NOHL, NOFREQS, SKIPINITIALSCAN (#1847) * Timeseries docs fix (#1877) * get_connection: catch OSError too (#1832) * Set keys var otherwise variable not created (#1853) * Clusters should optionally require full slot coverage (#1845) * Triple quote docstrings in client.py PEP 257 (#1876) * syncing requirements (#1870) * Typo and typing in GraphCommands documentation (#1855) * Allowing poetry and redis-py to install together (#1854) * setup.py: Add project_urls for PyPI (#1867) * Support test with redis unstable docker (#1850) * Connection examples (#1835) * Documentation cleanup (#1841) * Release 4.1.0 * OCSP stapling support (#1820) * Support for SELECT (#1825) * Support for specifying error types with retry (#1817) * Support for RESET command since Redis 6.2.0 (#1824) * Support CLIENT TRACKING (#1612) * Support WRITE in CLIENT PAUSE (#1549) * JSON set_file and set_path support (#1818) * Allow ssl_ca_path with rediss:// urls (#1814) * Support for password-encrypted SSL private keys (#1782) * Support SYNC and PSYNC (#1741) * Retry on error exception and timeout fixes (#1821) * Fixing read race condition during pubsub (#1737) * Fixing exception in listen (#1823) * Fixed MovedError, and stopped iterating through startup nodes when slots are fully covered (#1819) * Socket not closing after server disconnect (#1797) * Single sourcing the package version (#1791) * Ensure redis_connect_func is set on uds connection (#1794) * SRTALGO - Skip for redis versions greater than 7.0.0 (#1831) * Documentation updates (#1822) * Add CI action to install package from repository commit hash (#1781) (#1790) * Fix link in lmove docstring (#1793) * Disabling JSON.DEBUG tests (#1787) * Migrated targeted nodes to kwargs in Cluster Mode (#1762) * Added support for MONITOR in clusters (#1756) * Adding ROLE Command (#1610) * Integrate RedisBloom support (#1683) * Adding RedisGraph support (#1556) * Allow overriding connection class via keyword arguments (#1752) * Aggregation LOAD * support for RediSearch (#1735) * Adding cluster, bloom, and graph docs (#1779) * Add packaging to setup_requires, and use >= to play nice to setup.py (fixes #1625) (#1780) * Fixing the license link in the readme (#1778) * Removing distutils from tests (#1773) * Fix cluster ACL tests (#1774) * Improved RedisCluster's reinitialize_steps and documentation (#1765) * Added black and isort (#1734) * Link Documents for all module commands (#1711) * Pyupgrade + flynt + f-strings (#1759) * Remove unused aggregation subclasses in RediSearch (#1754) * Adding RedisCluster client to support Redis Cluster Mode (#1660) * Support RediSearch FT.PROFILE command (#1727) * Adding support for non-decodable commands (#1731) * COMMAND GETKEYS support (#1738) * RedisJSON 2.0.4 behaviour support (#1747) * Removing deprecating distutils (PEP 632) (#1730) * Updating PR template (#1745) * Removing duplication of Script class (#1751) * Splitting documentation for read the docs (#1743) * Improve code coverage for aggregation tests (#1713) * Fixing COMMAND GETKEYS tests (#1750) * GitHub release improvements (#1684) * Release 4.0.2 * Restoring Sentinel commands to redis client (#1723) * Better removal of hiredis warning (#1726) * Adding links to redis documents in function calls (#1719) * Release 4.0.1 * Removing command on initial connections (#1722) * Removing hiredis warning when not installed (#1721) * Release 4.0.0 * FT.EXPLAINCLI intentionally raising NotImplementedError * Restoring ZRANGE desc for Redis < 6.2.0 (#1697) * Response parsing occasionally fails to parse floats (#1692) * Re-enabling read-the-docs (#1707) * Call HSET after FT.CREATE to avoid keyspace scan (#1706) * Unit tests fixes for compatibility (#1703) * Improve documentation about Locks (#1701) * Fixes to allow --redis-url to pass through all tests (#1700) * Fix unit tests running against Redis 4.0.0 (#1699) * Search alias test fix (#1695) * Adding RediSearch/RedisJSON tests (#1691) * Updating codecov rules (#1689) * Tests to validate custom JSON decoders (#1681) * Added breaking icon to release drafter (#1702) * Removing dependency on six (#1676) * Re-enable pipeline support for JSON and TimeSeries (#1674) * Export Sentinel, and SSL like other classes (#1671) * Restore zrange functionality for older versions of Redis (#1670) * Fixed garbage collection deadlock (#1578) * Tests to validate built python packages (#1678) * Sleep for flaky search test (#1680) * Test function renames, to match standards (#1679) * Docstring improvements for Redis class (#1675) * Fix georadius tests (#1672) * Improvements to JSON coverage (#1666) * Add python_requires setuptools check for python > 3.6 (#1656) * SMISMEMBER support (#1667) * Exposing the module version in loaded_modules (#1648) * RedisTimeSeries support (#1652) * Support for json multipath ($) (#1663) * Added boolean parsing to PEXPIRE and PEXPIREAT (#1665) * Add python_requires setuptools check for python > 3.6 (#1656) * Adding vulture for static analysis (#1655) * Starting to clean the docs (#1657) * Update README.md (#1654) * Adding description format for package (#1651) * Publish to pypi as releases are generated with the release drafter (#1647) * Restore actions to prs (#1653) * Fixing the package to include commands (#1649) * Re-enabling codecov as part of CI process (#1646) * Adding support for redisearch (#1640) Thanks @chayim * redisjson support (#1636) Thanks @chayim * Sentinel: Add SentinelManagedSSLConnection (#1419) Thanks @AbdealiJK * Enable floating parameters in SET (ex and px) (#1635) Thanks @AvitalFineRedis * Add warning when hiredis not installed. Recommend installation. (#1621) Thanks @adiamzn * Raising NotImplementedError for SCRIPT DEBUG and DEBUG SEGFAULT (#1624) Thanks @chayim * CLIENT REDIR command support (#1623) Thanks @chayim * REPLICAOF command implementation (#1622) Thanks @chayim * Add support to NX XX and CH to GEOADD (#1605) Thanks @AvitalFineRedis * Add support to ZRANGE and ZRANGESTORE parameters (#1603) Thanks @AvitalFineRedis * Pre 6.2 redis should default to None for script flush (#1641) Thanks @chayim * Add FULL option to XINFO SUMMARY (#1638) Thanks @agusdmb * Geosearch test should use any=True (#1594) Thanks @Andrew-Chen-Wang * Removing packaging dependency (#1626) Thanks @chayim * Fix client_kill_filter docs for skimpy (#1596) Thanks @Andrew-Chen-Wang * Normalize minid and maxlen docs (#1593) Thanks @Andrew-Chen-Wang * Update docs for multiple usernames for ACL DELUSER (#1595) Thanks @Andrew-Chen-Wang * Fix grammar of get param in set command (#1588) Thanks @Andrew-Chen-Wang * Fix docs for client_kill_filter (#1584) Thanks @Andrew-Chen-Wang * Convert README & CONTRIBUTING from rst to md (#1633) Thanks @davidylee * Test BYLEX param in zrangestore (#1634) Thanks @AvitalFineRedis * Tox integrations with invoke and docker (#1632) Thanks @chayim * Adding the release drafter to help simplify release notes (#1618). Thanks @chayim * BACKWARDS INCOMPATIBLE: Removed support for end of life Python 2.7. #1318 * BACKWARDS INCOMPATIBLE: All values within Redis URLs are unquoted via urllib.parse.unquote. Prior versions of redis-py supported this by specifying the `decode_components` flag to the `from_url` functions. This is now done by default and cannot be disabled. #589 * POTENTIALLY INCOMPATIBLE: Redis commands were moved into a mixin (see commands.py). Anyone importing `redis.client` to access commands directly should import `redis.commands`. #1534, #1550 * Removed technical debt on REDIS_6_VERSION placeholder. Thanks @chayim #1582. * Various docus fixes. Thanks @Andrew-Chen-Wang #1585, #1586. * Support for LOLWUT command, available since Redis 5.0.0. Thanks @brainix #1568. * Added support for CLIENT REPLY, available in Redis 3.2.0. Thanks @chayim #1581. * Support for Auto-reconnect PubSub on get_message. Thanks @luhn #1574. * Fix RST syntax error in README/ Thanks @JanCBrammer #1451. * IDLETIME and FREQ support for RESTORE. Thanks @chayim #1580. * Supporting args with MODULE LOAD. Thanks @chayim #1579. * Updating RedisLabs with Redis. Thanks @gkorland #1575. * Added support for ASYNC to SCRIPT FLUSH available in Redis 6.2.0. Thanks @chayim. #1567 * Added CLIENT LIST fix to support multiple client ids available in Redis 2.8.12. Thanks @chayim #1563. * Added DISCARD support for pipelines available in Redis 2.0.0. Thanks @chayim #1565. * Added ACL DELUSER support for deleting lists of users available in Redis 6.2.0. Thanks @chayim. #1562 * Added CLIENT TRACKINFO support available in Redis 6.2.0. Thanks @chayim. #1560 * Added GEOSEARCH and GEOSEARCHSTORE support available in Redis 6.2.0. Thanks @AvitalFine Redis. #1526 * Added LPUSHX support for lists available in Redis 4.0.0. Thanks @chayim. #1559 * Added support for QUIT available in Redis 1.0.0. Thanks @chayim. #1558 * Added support for COMMAND COUNT available in Redis 2.8.13. Thanks @chayim. #1554. * Added CREATECONSUMER support for XGROUP available in Redis 6.2.0. Thanks @AvitalFineRedis. #1553 * Including slowly complexity in INFO if available. Thanks @ian28223 #1489. * Added support for STRALGO available in Redis 6.0.0. Thanks @AvitalFineRedis. #1528 * Addes support for ZMSCORE available in Redis 6.2.0. Thanks @2014BDuck and @jiekun.zhu. #1437 * Support MINID and LIMIT on XADD available in Redis 6.2.0. Thanks @AvitalFineRedis. #1548 * Added sentinel commands FLUSHCONFIG, CKQUORUM, FAILOVER, and RESET available in Redis 2.8.12. Thanks @otherpirate. #834 * Migrated Version instead of StrictVersion for Python 3.10. Thanks @tirkarthi. #1552 * Added retry mechanism with backoff. Thanks @nbraun-amazon. #1494 * Migrated commands to a mixin. Thanks @chayim. #1534 * Added support for ZUNION, available in Redis 6.2.0. Thanks @AvitalFineRedis. #1522 * Added support for CLIENT LIST with ID, available in Redis 6.2.0. Thanks @chayim. #1505 * Added support for MINID and LIMIT with xtrim, available in Reds 6.2.0. Thanks @chayim. #1508 * Implemented LMOVE and BLMOVE commands, available in Redis 6.2.0. Thanks @chayim. #1504 * Added GET argument to SET command, available in Redis 6.2.0. Thanks @2014BDuck. #1412 * Documentation fixes. Thanks @enjoy-binbin @jonher937. #1496 #1532 * Added support for XAUTOCLAIM, available in Redis 6.2.0. Thanks @AvitalFineRedis. #1529 * Added IDLE support for XPENDING, available in Redis 6.2.0. Thanks @AvitalFineRedis. #1523 * Add a count parameter to lpop/rpop, available in Redis 6.2.0. Thanks @wavenator. #1487 * Added a (pypy) trove classifier for Python 3.9. Thanks @D3X. #1535 * Added ZINTER support, available in Redis 6.2.0. Thanks @AvitalFineRedis. #1520 * Added ZINTER support, available in Redis 6.2.0. Thanks @AvitalFineRedis. #1520 * Added ZDIFF and ZDIFFSTORE support, available in Redis 6.2.0. Thanks @AvitalFineRedis. #1518 * Added ZRANGESTORE support, available in Redis 6.2.0. Thanks @AvitalFineRedis. #1521 * Added LT and GT support for ZADD, available in Redis 6.2.0. Thanks @chayim. #1509 * Added ZRANDMEMBER support, available in Redis 6.2.0. Thanks @AvitalFineRedis. #1519 * Added GETDEL support, available in Redis 6.2.0. Thanks @AvitalFineRedis. #1514 * Added CLIENT KILL laddr filter, available in Redis 6.2.0. Thanks @chayim. #1506 * Added CLIENT UNPAUSE, available in Redis 6.2.0. Thanks @chayim. #1512 * Added NOMKSTREAM support for XADD, available in Redis 6.2.0. Thanks @chayim. #1507 * Added HRANDFIELD support, available in Redis 6.2.0. Thanks @AvitalFineRedis. #1513 * Added CLIENT INFO support, available in Redis 6.2.0. Thanks @AvitalFineRedis. #1517 * Added GETEX support, available in Redis 6.2.0. Thanks @AvitalFineRedis. #1515 * Added support for COPY command, available in Redis 6.2.0. Thanks @malinaa96. #1492 * Provide a development and testing environment via docker. Thanks @abrookins. #1365 * Added support for the LPOS command available in Redis 6.0.6. Thanks @aparcar #1353/#1354 * Added support for the ACL LOG command available in Redis 6. Thanks @2014BDuck. #1307 * Added support for ABSTTL option of the RESTORE command available in Redis 5.0. Thanks @charettes. #1423 * Drop account-defaults-redis.patch merged upstream * Add account-defaults-redis.patch which fixes failing tests by taking into consideration redis defaults, not overwriting them (gh#andymccurdy/redis- py#1499). * Skipp two tests because of gh#andymccurdy/redis-py#1459. * update to 3.5.3 * Restore try/except clauses to **del** methods. These will be removed in 4.0 when more explicit resource management if enforced. #1339 * Update the master_address when Sentinels promote a new master. #847 * Update SentinelConnectionPool to not forcefully disconnect other in-use connections which can negatively affect threaded applications. #1345 3.5.2 * Tune the locking in ConnectionPool.get_connection so that the lock is not held while waiting for the socket to establish and validate the TCP connection. 3.5.1 * Fix for HSET argument validation to allow any non-None key. Thanks @AleksMat, #1337, #1341 3.5.0 * Removed exception trapping from **del** methods. redis-py objects that hold various resources implement **del** cleanup methods to release those resources when the object goes out of scope. This provides a fallback for when these objects aren't explicitly closed by user code. Prior to this change any errors encountered in closing these resources would be hidden from the user. Thanks @jdufresne. #1281 * Expanded support for connection strings specifying a username connecting to pre-v6 servers. #1274 * Optimized Lock's blocking_timeout and sleep. If the lock cannot be acquired and the sleep value would cause the loop to sleep beyond blocking_timeout, fail immediately. Thanks @clslgrnc. #1263 * Added support for passing Python memoryviews to Redis command args that expect strings or bytes. The memoryview instance is sent directly to the socket such that there are zero copies made of the underlying data during command packing. Thanks @Cody-G. #1265, #1285 * HSET command now can accept multiple pairs. HMSET has been marked as deprecated now. Thanks to @laixintao #1271 * Don't manually DISCARD when encountering an ExecAbortError. Thanks @nickgaya, #1300/#1301 * Reset the watched state of pipelines after calling exec. This saves a roundtrip to the server by not having to call UNWATCH within Pipeline.reset(). Thanks @nickgaya, #1299/#1302 * Added the KEEPTTL option for the SET command. Thanks @laixintao #1304/#1280 * Added the MEMORY STATS command. #1268 * Lock.extend() now has a new option, `replace_ttl`. When False (the default), Lock.extend() adds the `additional_time` to the lock's existing TTL. When replace_ttl=True, the lock's existing TTL is replaced with the value of `additional_time`. * Add testing and support for PyPy. * downgrade requires for redis to recommends * Better error handling Changes in python-retrying: * Switch package to modern Python Stack on SLE-15 * Add %{?sle15_python_module_pythons} * require setuptools * Switch to pyproject macros. * Stop using greedy globs in %files. * Update to version 1.3.4 * Added Greg Roodt as maintainer * Formatted code with black * Updated repository references * Improve summary. * Remove superfluous devel dependency for noarch package * Initial package Changes in python-semver: * update to 3.0.2: * :pr:`418`: Replace :class:`~collection.OrderedDict` with :class:`dict`. * The dict datatype is ordered since Python 3.7. As we do not support Python 3.6 anymore, it can be considered safe to avoid :class:`~collection.OrderedDict`. * :pr:`431`: Clarify version policy for the different semver versions (v2, v3, >v3) and the supported Python versions. * :gh:`432`: Improve external doc links to Python and Pydantic. * :pr:`417`: Amend GitHub Actions to check against MacOS. * remove obsolete setup-remove-asterisk.patch * update to version 3.0.1: * Remove incorrect dependencies from build-system section of pyproject.toml by @mgorny in #405 * correct typo in function description of next_version by @treee111 in #406 * Improve GitHub Action by @tomschr in #408 * Add CITATION.cff for citation by @tomschr in #409 * Add Version class to **all** export. Fix #410 by @Soneji in #411 * Configure docformatter by @tomschr in #412 * Prepare version 3.0.1 by @tomschr in #413 * update to version 3.0.0: * Bugfixes * :gh:`291`: Disallow negative numbers in VersionInfo arguments for `major`, `minor`, and `patch`. * :gh:`310`: Rework API documentation. Follow a more "semi-manual" attempt and add auto directives into :file:`docs/api.rst`. * :gh:`344`: Allow empty string, a string with a prefix, or `None` as token in :meth:`~semver.version.Version.bump_build` and :meth:`~semver.version.Version.bump_prerelease`. * :pr:`384`: General cleanup, reformat files: * Reformat source code with black again as some config options did accidentely exclude the semver source code. Mostly remove some includes/excludes in the black config. * Integrate concurrency in GH Action * Ignore Python files on project dirs in .gitignore * Remove unused patterns in MANIFEST.in * Use `extend-exclude` for flake in :file:`setup.cfg`` and adapt list. * Use `skip_install=True` in :file:`tox.ini` for black * :pr:`393`: Fix command :command:`python -m semver` to avoid the error "invalid choice" * :pr:`396`: Calling :meth:`~semver.version.Version.parse` on a derived class will show correct type of derived class. * Deprecations * :gh:`169`: Deprecate CLI functions not imported from `semver.cli`. * :gh:`234`: In :file:`setup.py` simplified file and remove `Tox` and `Clean` classes * :gh:`284`: Deprecate the use of :meth:`~Version.isvalid`. Rename :meth:`~semver.version.Version.isvalid` to :meth:`~semver.version.Version.is_valid` for consistency reasons with :meth:`~semver.version.Version.is_compatible`. * :pr:`402`: Keep :func:`semver.compare <semver._deprecated.compare>`. Although it breaks consistency with module level functions, it seems it's a much needed/used function. It's still unclear if we should deprecate this function or not (that's why we use :py:exc:`PendingDeprecationWarning`). As we don't have a uniform initializer yet, this function stays in the :file:`_deprecated.py` file for the time being until we find a better solution. See :gh:`258` for details. * Features * Remove :file:`semver.py` * Create :file:`src/semver/__init__.py` * Create :file:`src/semver/cli.py` for all CLI methods * Create :file:`src/semver/_deprecated.py` for the `deprecated` decorator and other deprecated functions * Create :file:`src/semver/__main__.py` to allow calling the CLI using :command:`python -m semver` * Create :file:`src/semver/_types.py` to hold type aliases * Create :file:`src/semver/version.py` to hold the :class:`Version` class (old name :class:`VersionInfo`) and its utility functions * Create :file:`src/semver/__about__.py` for all the metadata variables * :gh:`213`: Add typing information * :gh:`284`: Implement :meth:`~semver.version.Version.is_compatible` to make "is self compatible with X". * :gh:`305`: Rename :class:`~semver.version.VersionInfo` to :class:`~semver.version.Version` but keep an alias for compatibility * add setup-remove-asterisk.patch to fix build error * update to version 3.0.0-dev.4: * Bug Fixes: * :gh:`374`: Correct Towncrier's config entries in the :file:`pyproject.toml` file. The old entries `[[tool.towncrier.type]]` are deprecated and need to be replaced by `[tool.towncrier.fragment.<TYPE>]`. * Deprecations: * :gh:`372`: Deprecate support for Python 3.6. Python 3.6 reached its end of life and isn't supported anymore. At the time of writing (Dec 2022), the lowest version is 3.7. Although the `poll <https://github.com/python- semver/python-semver/discussions/371>`_ didn't cast many votes, the majority agree to remove support for Python 3.6. * Improved Documentation: * :gh:`335`: Add new section "Converting versions between PyPI and semver" the limitations and possible use cases to convert from one into the other versioning scheme. * :gh:`340`: Describe how to get version from a file * :gh:`343`: Describe combining Pydantic with semver in the "Advanced topic" section. * :gh:`350`: Restructure usage section. Create subdirectory "usage/" and splitted all section into different files. * :gh:`351`: Introduce new topics for: * "Migration to semver3" * "Advanced topics" * Features: * :pr:`359`: Add optional parameter `optional_minor_and_patch` in :meth:`.Version.parse` to allow optional minor and patch parts. * :pr:`362`: Make :meth:`.Version.match` accept a bare version string as match expression, defaulting to equality testing. * :gh:`364`: Enhance :file:`pyproject.toml` to make it possible to use the :command:`pyproject-build` command from the build module. For more information, see :ref:`build-semver`. * :gh:`365`: Improve :file:`pyproject.toml`. * Use setuptools, add metadata. Taken approach from `A Practical Guide to Setuptools and Pyproject.toml <https://godatadriven.com/blog/a-practical- guide-to-setuptools-and-pyproject-toml/>`_. * Doc: Describe building of semver * Remove :file:`.travis.yml` in :file:`MANIFEST.in` (not needed anymore) * Distinguish between Python 3.6 and others in :file:`tox.ini` * Add skip_missing_interpreters option for :file:`tox.ini` * GH Action: Upgrade setuptools and setuptools-scm and test against 3.11.0-rc.2 * Trivial/Internal Changes: * :gh:`378`: Fix some typos in Towncrier configuration * switch to the tagged version rather than a gh branch tarball * fix support for Python 3.10 with update to development version: * update to revision g4d2df08: * Changes for the upcoming release can be found in: * the `"changelog.d" directory <https://github.com/python- semver/python-semver/tree/master/changelog.d>`_: * in our repository.: * update to version 3.0.0-dev.2: * Deprecations: * :gh:`169`: Deprecate CLI functions not imported from `semver.cli`. * Features: * :gh:`169`: Create semver package and split code among different modules in the packages. * Remove :file:`semver.py` * Create :file:`src/semver/__init__.py` * Create :file:`src/semver/cli.py` for all CLI methods * Create :file:`src/semver/_deprecated.py` for the `deprecated` decorator and other deprecated functions * Create :file:`src/semver/__main__.py` to allow calling the CLI using :command:`python -m semver` * Create :file:`src/semver/_types.py` to hold type aliases * Create :file:`src/semver/version.py` to hold the :class:`Version` class (old name :class:`VersionInfo`) and its utility functions * Create :file:`src/semver/__about__.py` for all the metadata variables * :gh:`305`: Rename :class:`VersionInfo` to :class:`Version` but keep an alias for compatibility * Improved Documentation: * :gh:`304`: Several improvements in documentation: * Reorganize API documentation. * Add migration chapter from semver2 to semver3. * Distinguish between changlog for version 2 and 3 * :gh:`305`: Add note about :class:`Version` rename. * Trivial/Internal Changes: * :gh:`169`: Adapted infrastructure code to the new project layout. * Replace :file:`setup.py` with :file:`setup.cfg` because the :file:`setup.cfg` is easier to use * Adapt documentation code snippets where needed * Adapt tests * Changed the `deprecated` to hardcode the `semver` package name in the warning. Increase coverage to 100% for all non-deprecated APIs * :gh:`304`: Support PEP-561 :file:`py.typed`. According to the mentioned PEP: "Package maintainers who wish to support type checking of their code MUST add a marker file named :file:`py.typed` to their package supporting typing." Add package_data to :file:`setup.cfg` to include this marker in dist and whl file. * update to version 3.0.0-dev.1: * Deprecations: * :pr:`290`: For semver 3.0.0-alpha0: * Remove anything related to Python2 * In :file:`tox.ini` and :file:`.travis.yml` Remove targets py27, py34, py35, and pypy. Add py38, py39, and nightly (allow to fail) * In :file:`setup.py` simplified file and remove `Tox` and `Clean` classes * Remove old Python versions (2.7, 3.4, 3.5, and pypy) from Travis * :gh:`234`: In :file:`setup.py` simplified file and remove `Tox` and `Clean` classes * Features: * :pr:`290`: Create semver 3.0.0-alpha0 * Update :file:`README.rst`, mention maintenance branch `maint/v2`. * Remove old code mainly used for Python2 compatibility, adjusted code to support Python3 features. * Split test suite into separate files under :file:`tests/` directory * Adjust and update :file:`setup.py`. Requires Python >=3.6.* Extract metadata directly from source (affects all the `__version__`, `__author__` etc. variables) * :gh:`270`: Configure Towncrier (:pr:`273`:) * Add :file:`changelog.d/.gitignore` to keep this directory * Create :file:`changelog.d/README.rst` with some descriptions * Add :file:`changelog.d/_template.rst` as Towncrier template * Add `[tool.towncrier]` section in :file:`pyproject.toml` * Add "changelog" target into :file:`tox.ini`. Use it like :command:`tox -e changelog -- CMD` whereas `CMD` is a Towncrier command. The default :command:`tox -e changelog` calls Towncrier to create a draft of the changelog file and output it to stdout. * Update documentation and add include a new section "Changelog" included from :file:`changelog.d/README.rst`. * :gh:`276`: Document how to create a sublass from :class:`VersionInfo` class * :gh:`213`: Add typing information * Bug Fixes: * :gh:`291`: Disallow negative numbers in VersionInfo arguments for `major`, `minor`, and `patch`. * Improved Documentation: * :pr:`290`: Several improvements in the documentation: * New layout to distinguish from the semver2 development line. * Create new logo. * Remove any occurances of Python2. * Describe changelog process with Towncrier. * Update the release process. * Trivial/Internal Changes: * :pr:`290`: Add supported Python versions to :command:`black`. * PR #62. Support custom default names for pre and build Changes in python- sshtunnel: * Require update-alternatives for the scriptlets. * Switch build system from setuptools to pyproject.toml * Add python-pip and python-wheel to BuildRequires * Replace %python_build with %pyproject_wheel * Replace %python_install with %pyproject_install * Limit Python files matched in %files section * Use %sle15_python_module_pythons * do not require python-mock for build * update to 0.4.0: * Change the daemon mod flag for all tunnel threads (is not fully backward compatible) to prevent unexpected hangs (`#219`_) + Add docker based end to end functinal tests for Mongo/Postgres/MySQL * Add docker based end to end hangs tests * Fix host key directory detection * Unify default ssh config folder to `~/.ssh` * Increase open connection timeout to 10 secods * Change default with context behavior to use `.stop(force=True)` on exit * Remove useless `daemon_forward_servers = True` hack for hangs prevention * Set transport keepalive to 5 second by default * Set default transport timeout to 0.1 * Deprecate and remove `block_on_close` option * Fix "deadlocks" / "tunneling hangs" * Add `.stop(force=True)` for force close active connections * Fixes bug with orphan thread for a tunnel that is DOWN * Support IPv6 without proxy command. Use built-in paramiko create socket logic. The logic tries to use ipv6 socket family first, then ipv4 socket family. Changes in python-strictyaml: * require setuptools * update to 1.7.3: * REFACTOR : Fix pipeline. * TOOLING : Improvements to pyenv multi-environment tester. * FEATURE : Upgraded package to use pyproject.toml files * REFACTOR : Fixed linter errors. * TOOLING : Build wheel and sdist that both work. * Add %{?sle15_python_module_pythons} * Update to 1.6.2 No relevant code changes. see details changelog: https://hitchdev.com/strictyaml/changelog/#latest * update to 1.6.1 too many changes to be listed here see detailed changelog: https://hitchdev.com/strictyaml/changelog/ * update to 1.4.4 * Add support for NaN and infinity representations * Optional keys in mappings and set value to None * Support underscores in int and decimal * NullNone - parse 'null' as None like YAML 1.2 does. * Bundle last propertly working ruamel.yaml version in with strictyaml. * version update to 1.0.6 * BUGFIX : Fix accidental python 2 breakage. * BUGFIX : Accidental misrecognition of boolean values as numbers - cause of #85. * BUGFIX : Fix for #86 - handle changing multiline strings. * BUGFIX: handle deprecated collections import in the parser (#82) * Update to 1.0.5: * BUGFIX : Fixed python 2 bug introduced when fixing #72. * FEATURE : Include tests / stories in package. * BUG: issue #72. Now setitem uses schema. * Expand %description. * Initial spec for v1.0.3 Changes in python-sure: * Switch build system from setuptools to pyproject.toml * Add python-pip and python-wheel to BuildRequires * Replace %python_build with %pyproject_wheel * Replace %python_install with %pyproject_install * update to 2.0.1: * Fixes CI build (Github Actions) * Fixes broken tests * Housekeeping: Licensing * Disable nosetests for testing leaving only pytest as supported test-runner for now * Add %{?sle15_python_module_pythons} * Remove mock from BuildRequires. * Rebase python-sure-no-mock.patch to remove one missed import. * do not require mock for build nor runtime * added patches fix https://github.com/gabrielfalcao/sure/pull/161 * python-sure-no-mock.patch * Update to 2.0.0 * No longer patch the builtin dir() function, which fixes pytest in some cases such as projects using gevent. * switch to pytest * Version update to 1.4.11: * Reading the version dynamically was causing import errors that caused error when installing package. Refs #144 Changes in python-vcrpy: \- Update to 6.0.1 * BREAKING: Fix issue with httpx support (thanks @parkerhancock) in #784. * BREAKING: Drop support for `boto` (vcrpy still supports boto3, but is dropping the deprecated `boto` support in this release. (thanks @jairhenrique) * Fix compatibility issue with Python 3.12 (thanks @hartwork) * Drop simplejson (fixes some compatibility issues) (thanks @jairhenrique) * Run CI on Python 3.12 and PyPy 3.9-3.10 (thanks @mgorny) * Various linting and docs improvements (thanks @jairhenrique) * Tornado fixes (thanks @graingert) * version update to 5.1.0 * Use ruff for linting (instead of current flake8/isort/pyflakes) - thanks @jairhenrique * Enable rule B (flake8-bugbear) on ruff - thanks @jairhenrique * Configure read the docs V2 - thanks @jairhenrique * Fix typo in docs - thanks @quasimik * Make json.loads of Python >=3.6 decode bytes by itself - thanks @hartwork * Fix body matcher for chunked requests (fixes #734) - thanks @hartwork * Fix query param filter for aiohttp (fixes #517) - thanks @hartwork and @salomvary * Remove unnecessary dependency on six. - thanks @charettes * build(deps): update sphinx requirement from <7 to <8 - thanks @jairhenrique * Add action to validate docs - thanks @jairhenrique * Add editorconfig file - thanks @jairhenrique * Drop iscoroutinefunction fallback function for unsupported python thanks @jairhenrique * for changelog for older releases refer to https://github.com/kevin1024/vcrpy/releases * six is not required * Use sle15_python_module_pythons * Restrict urllib3 < 2 -- gh#kevin1024/vcrpy#688 * Update to version 4.2.1 * Fix a bug where the first request in a redirect chain was not being recorded with aiohttp * Various typos and small fixes, thanks @jairhenrique, @timgates42 * Update to 4.1.1: * Fix HTTPX support for versions greater than 0.15 (thanks @jairhenrique) * Include a trailing newline on json cassettes (thanks @AaronRobson) * Update to 4.1.0: * Add support for httpx!! (thanks @herdigiorgi) * Add the new allow_playback_repeats option (thanks @tysonholub) * Several aiohttp improvements (cookie support, multiple headers with same key) (Thanks @pauloromeira) * Use enums for record modes (thanks @aaronbannin) * Bugfix: Do not redirect on 304 in aiohttp (Thanks @royjs) * Bugfix: Fix test suite by switching to mockbin (thanks @jairhenrique) * Remove patch 0001-Revert-v4.0.x-Remove-legacy-python-and-add-python3.8.patch as we dropped py2 integration support on Tumbleweed * Added patch 0001-Revert-v4.0.x-Remove-legacy-python-and-add-python3.8.patch * Enable python2 again since it breaks many packages * Fix locale on Leap * update to version 4.0.2 * Remove Python2 support * Add Python 3.8 TravisCI support * Correct mock imports Changes in python-xmltodict: \- Clean up the SPEC file. * add sle15_python_module_pythons * update to 0.13.0: * Add install info to readme for openSUSE. (#205) * Support defaultdict for namespace mapping (#211) * parse(generator) is now possible (#212) * Processing comments on parsing from xml to dict (connected to #109) (#221) * Add expand_iter kw to unparse to expand iterables (#213) * Fixed some typos * Add support for python3.8 * Drop Jython/Python 2 and add Python 3.9/3.10. * Drop OrderedDict in Python >= 3.7 * Do not use len() to determine if a sequence is empty * Add more namespace attribute tests * Fix encoding issue in setup.py * Add patch skip-tests-expat-245.patch: * Do not run tests that make no sense with a current Expat. Changes in python-asgiref: First package shipment. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-1639=1 * Public Cloud Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP6-2024-1639=1 * Python 3 Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Python3-15-SP6-2024-1639=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1639=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-1639=1 ## Package List: * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64) * python-wrapt-debugsource-1.15.0-150400.12.7.1 * SUSE Package Hub 15 15-SP6 (noarch) * python311-asgiref-3.6.0-150400.9.7.3 * Public Cloud Module 15-SP6 (noarch) * python311-PyGithub-1.57-150400.10.4.4 * python311-opencensus-ext-threading-0.1.2-150400.10.6.1 * python311-marshmallow-3.20.2-150400.9.7.1 * python311-avro-1.11.3-150400.10.4.1 * python311-chardet-5.2.0-150400.13.7.2 * python311-strictyaml-1.7.3-150400.9.3.4 * python311-retrying-1.3.4-150400.12.4.1 * python311-semver-3.0.2-150400.10.4.1 * python311-opencensus-0.11.4-150400.10.6.3 * python311-vcrpy-6.0.1-150400.7.4.4 * python311-docker-7.0.0-150400.8.4.4 * python311-Fabric-3.2.2-150400.10.4.1 * python311-asgiref-3.6.0-150400.9.7.3 * python311-pydash-6.0.2-150400.9.4.1 * python311-opentelemetry-semantic-conventions-0.44b0-150400.9.3.1 * python311-pycomposefile-0.0.30-150400.9.3.1 * python311-jsondiff-2.0.0-150400.10.4.1 * python311-knack-0.11.0-150400.10.4.4 * python311-opencensus-context-0.1.3-150400.10.6.1 * python311-javaproperties-0.8.1-150400.10.4.4 * python311-fixedint-0.2.0-150400.9.3.1 * python311-antlr4-python3-runtime-4.13.1-150400.10.4.1 * python311-opentelemetry-test-utils-0.44b0-150400.9.3.1 * python311-opentelemetry-sdk-1.23.0-150400.9.3.1 * python311-opentelemetry-api-1.23.0-150400.10.7.1 * Python 3 Module 15-SP6 (aarch64 ppc64le s390x x86_64) * python311-zope.interface-debuginfo-6.0-150400.12.7.4 * python-yarl-debugsource-1.9.2-150400.8.7.4 * python311-multidict-debuginfo-6.0.4-150400.7.7.4 * python-multidict-debugsource-6.0.4-150400.7.7.4 * python311-psutil-5.9.5-150400.6.9.4 * python311-aiohttp-debuginfo-3.9.3-150400.10.18.4 * python311-zope.interface-6.0-150400.12.7.4 * python311-wrapt-debuginfo-1.15.0-150400.12.7.1 * python-zope.interface-debugsource-6.0-150400.12.7.4 * python311-frozenlist-debuginfo-1.3.3-150400.9.7.2 * python311-multidict-6.0.4-150400.7.7.4 * python-frozenlist-debugsource-1.3.3-150400.9.7.2 * python311-wrapt-1.15.0-150400.12.7.1 * python311-frozenlist-1.3.3-150400.9.7.2 * python311-psutil-debuginfo-5.9.5-150400.6.9.4 * python-wrapt-debugsource-1.15.0-150400.12.7.1 * python311-yarl-1.9.2-150400.8.7.4 * python311-aiohttp-3.9.3-150400.10.18.4 * python311-yarl-debuginfo-1.9.2-150400.8.7.4 * python-psutil-debugsource-5.9.5-150400.6.9.4 * python-aiohttp-debugsource-3.9.3-150400.10.18.4 * Python 3 Module 15-SP6 (noarch) * python311-aiosignal-1.3.1-150400.9.7.2 * python311-websocket-client-1.5.1-150400.13.7.1 * python311-portalocker-2.7.0-150400.10.7.4 * python311-Automat-22.10.0-150400.3.7.2 * python311-fluidity-sm-0.2.0-150400.10.7.2 * python311-Twisted-conch_nacl-22.10.0-150400.5.17.4 * python311-Pygments-2.15.1-150400.7.7.4 * python311-blinker-1.6.2-150400.12.7.4 * python311-constantly-15.1.0-150400.12.7.2 * python311-chardet-5.2.0-150400.13.7.2 * python311-Twisted-http2-22.10.0-150400.5.17.4 * python311-tabulate-0.9.0-150400.11.7.4 * python311-Twisted-contextvars-22.10.0-150400.5.17.4 * python311-sortedcontainers-2.4.0-150400.8.7.4 * python311-async_timeout-4.0.2-150400.10.7.2 * python311-lexicon-2.0.1-150400.10.7.1 * python311-PyJWT-2.8.0-150400.8.7.2 * python-paramiko-doc-3.4.0-150400.13.10.4 * python311-service_identity-23.1.0-150400.8.7.1 * python311-isodate-0.6.1-150400.12.7.2 * python311-humanfriendly-10.0-150400.13.7.4 * python311-Twisted-all_non_platform-22.10.0-150400.5.17.4 * python311-requests-oauthlib-1.3.1-150400.12.7.1 * python311-Twisted-conch-22.10.0-150400.5.17.4 * python311-Twisted-tls-22.10.0-150400.5.17.4 * python311-oauthlib-3.2.2-150400.12.7.4 * python311-paramiko-3.4.0-150400.13.10.4 * python311-Twisted-serial-22.10.0-150400.5.17.4 * python311-tqdm-4.66.1-150400.9.7.4 * python311-Deprecated-1.2.14-150400.10.7.2 * python311-scp-0.14.5-150400.12.7.4 * python311-invoke-2.1.2-150400.10.7.4 * python311-pkginfo-1.9.6-150400.7.7.1 * python311-decorator-5.1.1-150400.12.7.4 * python311-incremental-22.10.0-150400.3.7.2 * python311-argcomplete-3.3.0-150400.12.12.2 * python311-pathspec-0.11.1-150400.9.7.2 * python311-pyparsing-3.0.9-150400.5.7.4 * python311-pip-22.3.1-150400.17.16.4 * python311-importlib-metadata-6.8.0-150400.10.9.2 * python311-hyperlink-21.0.0-150400.12.7.4 * python311-Twisted-22.10.0-150400.5.17.4 * python-tqdm-bash-completion-4.66.1-150400.9.7.4 * python311-opentelemetry-api-1.23.0-150400.10.7.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * python311-zope.interface-debuginfo-6.0-150400.12.7.4 * python-yarl-debugsource-1.9.2-150400.8.7.4 * python311-multidict-debuginfo-6.0.4-150400.7.7.4 * python-multidict-debugsource-6.0.4-150400.7.7.4 * python311-psutil-5.9.5-150400.6.9.4 * python311-aiohttp-debuginfo-3.9.3-150400.10.18.4 * python311-zope.interface-6.0-150400.12.7.4 * python311-wrapt-debuginfo-1.15.0-150400.12.7.1 * python-zope.interface-debugsource-6.0-150400.12.7.4 * python311-frozenlist-debuginfo-1.3.3-150400.9.7.2 * python311-multidict-6.0.4-150400.7.7.4 * python-frozenlist-debugsource-1.3.3-150400.9.7.2 * python311-wrapt-1.15.0-150400.12.7.1 * python311-frozenlist-1.3.3-150400.9.7.2 * python311-psutil-debuginfo-5.9.5-150400.6.9.4 * python-wrapt-debugsource-1.15.0-150400.12.7.1 * python311-yarl-1.9.2-150400.8.7.4 * python311-aiohttp-3.9.3-150400.10.18.4 * python311-yarl-debuginfo-1.9.2-150400.8.7.4 * python-psutil-debugsource-5.9.5-150400.6.9.4 * python-aiohttp-debugsource-3.9.3-150400.10.18.4 * openSUSE Leap 15.5 (noarch) * python311-aiosignal-1.3.1-150400.9.7.2 * python311-PyGithub-1.57-150400.10.4.4 * python311-opencensus-ext-threading-0.1.2-150400.10.6.1 * python311-websocket-client-1.5.1-150400.13.7.1 * python311-marshmallow-3.20.2-150400.9.7.1 * python311-avro-1.11.3-150400.10.4.1 * python311-portalocker-2.7.0-150400.10.7.4 * python311-Automat-22.10.0-150400.3.7.2 * python311-fluidity-sm-0.2.0-150400.10.7.2 * python311-distro-1.9.0-150400.12.4.1 * python311-Twisted-conch_nacl-22.10.0-150400.5.17.4 * python311-Pygments-2.15.1-150400.7.7.4 * python311-blinker-1.6.2-150400.12.7.4 * python311-constantly-15.1.0-150400.12.7.2 * python311-zipp-3.15.0-150400.10.7.1 * python311-chardet-5.2.0-150400.13.7.2 * python311-httplib2-0.22.0-150400.10.4.1 * python311-strictyaml-1.7.3-150400.9.3.4 * python311-retrying-1.3.4-150400.12.4.1 * python311-semver-3.0.2-150400.10.4.1 * python311-opencensus-0.11.4-150400.10.6.3 * python311-vcrpy-6.0.1-150400.7.4.4 * python311-Twisted-http2-22.10.0-150400.5.17.4 * python311-Fabric-3.2.2-150400.10.4.1 * python311-docker-7.0.0-150400.8.4.4 * python311-tabulate-0.9.0-150400.11.7.4 * python311-asgiref-3.6.0-150400.9.7.3 * python311-Twisted-contextvars-22.10.0-150400.5.17.4 * python311-sortedcontainers-2.4.0-150400.8.7.4 * python311-pydash-6.0.2-150400.9.4.1 * python311-async_timeout-4.0.2-150400.10.7.2 * python311-lexicon-2.0.1-150400.10.7.1 * python311-PyJWT-2.8.0-150400.8.7.2 * python311-httpretty-1.1.4-150400.11.4.1 * python-paramiko-doc-3.4.0-150400.13.10.4 * python311-opentelemetry-semantic-conventions-0.44b0-150400.9.3.1 * python311-pycomposefile-0.0.30-150400.9.3.1 * python311-service_identity-23.1.0-150400.8.7.1 * python311-isodate-0.6.1-150400.12.7.2 * python311-humanfriendly-10.0-150400.13.7.4 * python311-Twisted-all_non_platform-22.10.0-150400.5.17.4 * python311-requests-oauthlib-1.3.1-150400.12.7.1 * python311-redis-5.0.1-150400.12.4.4 * python311-sshtunnel-0.4.0-150400.5.4.4 * python311-wheel-0.40.0-150400.13.7.4 * python311-Twisted-conch-22.10.0-150400.5.17.4 * python311-jsondiff-2.0.0-150400.10.4.1 * python311-typing_extensions-4.5.0-150400.3.9.1 * python311-knack-0.11.0-150400.10.4.4 * python311-Twisted-tls-22.10.0-150400.5.17.4 * python311-oauthlib-3.2.2-150400.12.7.4 * python311-opencensus-context-0.1.3-150400.10.6.1 * python311-paramiko-3.4.0-150400.13.10.4 * python311-Twisted-serial-22.10.0-150400.5.17.4 * python311-tqdm-4.66.1-150400.9.7.4 * python311-Deprecated-1.2.14-150400.10.7.2 * python311-javaproperties-0.8.1-150400.10.4.4 * python311-fixedint-0.2.0-150400.9.3.1 * python311-scp-0.14.5-150400.12.7.4 * python311-xmltodict-0.13.0-150400.12.4.1 * python311-invoke-2.1.2-150400.10.7.4 * python311-fakeredis-2.21.0-150400.9.3.4 * python311-antlr4-python3-runtime-4.13.1-150400.10.4.1 * python311-decorator-5.1.1-150400.12.7.4 * python311-argcomplete-3.3.0-150400.12.12.2 * python311-incremental-22.10.0-150400.3.7.2 * python311-opentelemetry-test-utils-0.44b0-150400.9.3.1 * python311-pathspec-0.11.1-150400.9.7.2 * python311-pkginfo-1.9.6-150400.7.7.1 * python311-opentelemetry-sdk-1.23.0-150400.9.3.1 * python311-pip-22.3.1-150400.17.16.4 * python311-importlib-metadata-6.8.0-150400.10.9.2 * python311-pyparsing-3.0.9-150400.5.7.4 * python311-sure-2.0.1-150400.12.4.4 * python311-hyperlink-21.0.0-150400.12.7.4 * python311-Twisted-22.10.0-150400.5.17.4 * python-tqdm-bash-completion-4.66.1-150400.9.7.4 * python311-opentelemetry-api-1.23.0-150400.10.7.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * python311-zope.interface-debuginfo-6.0-150400.12.7.4 * python-yarl-debugsource-1.9.2-150400.8.7.4 * python311-multidict-debuginfo-6.0.4-150400.7.7.4 * python-multidict-debugsource-6.0.4-150400.7.7.4 * python311-psutil-5.9.5-150400.6.9.4 * python311-aiohttp-debuginfo-3.9.3-150400.10.18.4 * python311-zope.interface-6.0-150400.12.7.4 * python311-wrapt-debuginfo-1.15.0-150400.12.7.1 * python-zope.interface-debugsource-6.0-150400.12.7.4 * python311-frozenlist-debuginfo-1.3.3-150400.9.7.2 * python311-multidict-6.0.4-150400.7.7.4 * python-frozenlist-debugsource-1.3.3-150400.9.7.2 * python311-wrapt-1.15.0-150400.12.7.1 * python311-frozenlist-1.3.3-150400.9.7.2 * python311-psutil-debuginfo-5.9.5-150400.6.9.4 * python-wrapt-debugsource-1.15.0-150400.12.7.1 * python311-yarl-1.9.2-150400.8.7.4 * python311-aiohttp-3.9.3-150400.10.18.4 * python311-yarl-debuginfo-1.9.2-150400.8.7.4 * python-psutil-debugsource-5.9.5-150400.6.9.4 * python-aiohttp-debugsource-3.9.3-150400.10.18.4 * openSUSE Leap 15.6 (noarch) * python311-aiosignal-1.3.1-150400.9.7.2 * python311-PyGithub-1.57-150400.10.4.4 * python311-opencensus-ext-threading-0.1.2-150400.10.6.1 * python311-websocket-client-1.5.1-150400.13.7.1 * python311-marshmallow-3.20.2-150400.9.7.1 * python311-avro-1.11.3-150400.10.4.1 * python311-portalocker-2.7.0-150400.10.7.4 * python311-Automat-22.10.0-150400.3.7.2 * python311-fluidity-sm-0.2.0-150400.10.7.2 * python311-distro-1.9.0-150400.12.4.1 * python311-Twisted-conch_nacl-22.10.0-150400.5.17.4 * python311-Pygments-2.15.1-150400.7.7.4 * python311-blinker-1.6.2-150400.12.7.4 * python311-constantly-15.1.0-150400.12.7.2 * python311-zipp-3.15.0-150400.10.7.1 * python311-chardet-5.2.0-150400.13.7.2 * python311-httplib2-0.22.0-150400.10.4.1 * python311-strictyaml-1.7.3-150400.9.3.4 * python311-retrying-1.3.4-150400.12.4.1 * python311-semver-3.0.2-150400.10.4.1 * python311-opencensus-0.11.4-150400.10.6.3 * python311-vcrpy-6.0.1-150400.7.4.4 * python311-Twisted-http2-22.10.0-150400.5.17.4 * python311-Fabric-3.2.2-150400.10.4.1 * python311-docker-7.0.0-150400.8.4.4 * python311-tabulate-0.9.0-150400.11.7.4 * python311-asgiref-3.6.0-150400.9.7.3 * python311-Twisted-contextvars-22.10.0-150400.5.17.4 * python311-sortedcontainers-2.4.0-150400.8.7.4 * python311-pydash-6.0.2-150400.9.4.1 * python311-async_timeout-4.0.2-150400.10.7.2 * python311-lexicon-2.0.1-150400.10.7.1 * python311-PyJWT-2.8.0-150400.8.7.2 * python311-httpretty-1.1.4-150400.11.4.1 * python-paramiko-doc-3.4.0-150400.13.10.4 * python311-opentelemetry-semantic-conventions-0.44b0-150400.9.3.1 * python311-pycomposefile-0.0.30-150400.9.3.1 * python311-service_identity-23.1.0-150400.8.7.1 * python311-isodate-0.6.1-150400.12.7.2 * python311-humanfriendly-10.0-150400.13.7.4 * python311-Twisted-all_non_platform-22.10.0-150400.5.17.4 * python311-requests-oauthlib-1.3.1-150400.12.7.1 * python311-redis-5.0.1-150400.12.4.4 * python311-sshtunnel-0.4.0-150400.5.4.4 * python311-wheel-0.40.0-150400.13.7.4 * python311-Twisted-conch-22.10.0-150400.5.17.4 * python311-jsondiff-2.0.0-150400.10.4.1 * python311-typing_extensions-4.5.0-150400.3.9.1 * python311-knack-0.11.0-150400.10.4.4 * python311-Twisted-tls-22.10.0-150400.5.17.4 * python311-oauthlib-3.2.2-150400.12.7.4 * python311-opencensus-context-0.1.3-150400.10.6.1 * python311-paramiko-3.4.0-150400.13.10.4 * python311-Twisted-serial-22.10.0-150400.5.17.4 * python311-tqdm-4.66.1-150400.9.7.4 * python311-Deprecated-1.2.14-150400.10.7.2 * python311-javaproperties-0.8.1-150400.10.4.4 * python311-fixedint-0.2.0-150400.9.3.1 * python311-scp-0.14.5-150400.12.7.4 * python311-invoke-2.1.2-150400.10.7.4 * python311-fakeredis-2.21.0-150400.9.3.4 * python311-antlr4-python3-runtime-4.13.1-150400.10.4.1 * python311-decorator-5.1.1-150400.12.7.4 * python311-argcomplete-3.3.0-150400.12.12.2 * python311-incremental-22.10.0-150400.3.7.2 * python311-opentelemetry-test-utils-0.44b0-150400.9.3.1 * python311-pathspec-0.11.1-150400.9.7.2 * python311-pkginfo-1.9.6-150400.7.7.1 * python311-opentelemetry-sdk-1.23.0-150400.9.3.1 * python311-pip-22.3.1-150400.17.16.4 * python311-importlib-metadata-6.8.0-150400.10.9.2 * python311-pyparsing-3.0.9-150400.5.7.4 * python311-hyperlink-21.0.0-150400.12.7.4 * python311-Twisted-22.10.0-150400.5.17.4 * python-tqdm-bash-completion-4.66.1-150400.9.7.4 * python311-opentelemetry-api-1.23.0-150400.10.7.1 ## References: * https://www.suse.com/security/cve/CVE-2023-28858.html * https://www.suse.com/security/cve/CVE-2023-28859.html * https://bugzilla.suse.com/show_bug.cgi?id=1209571 * https://bugzilla.suse.com/show_bug.cgi?id=1209811 * https://bugzilla.suse.com/show_bug.cgi?id=1209812 * https://bugzilla.suse.com/show_bug.cgi?id=1216606 * https://bugzilla.suse.com/show_bug.cgi?id=1222880 * https://bugzilla.suse.com/show_bug.cgi?id=761162

1 0