Announcement ID: | SUSE-SU-2024:0057-1 |
---|---|
Rating: | important |
References: | |
Cross-References: | |
CVSS scores: |
|
Affected Products: |
|
An update that solves one vulnerability, contains two features and has two security fixes can now be installed.
This update for eclipse-jgit, jsch fixes the following issues:
Security fix: - CVE-2023-4759: Fixed an arbitrary file overwrite which might have occurred with a specially crafted git repository and a case-insensitive filesystem. (bsc#1215298)
Other fixes:
jsch was updated to version 0.2.9:
- Added support for various algorithms
- Migrated from com.jcraft:jsch
to com.github.mwiede:jsch
fork (bsc#1211955):
* Alias to the old artifact since the new one is drop-in
replacement
* Keep the old OSGi bundle symbolic name to avoid extensive
patching of eclipse stack
- Updated to version 0.2.9:
* For the full list of changes please consult the upstream changelogs below for each version updated:
+ https://github.com/mwiede/jsch/releases/tag/jsch-0.2.9
+ https://github.com/mwiede/jsch/releases/tag/jsch-0.2.8
+ https://github.com/mwiede/jsch/releases/tag/jsch-0.2.7
+ https://github.com/mwiede/jsch/releases/tag/jsch-0.2.6
+ https://github.com/mwiede/jsch/releases/tag/jsch-0.2.5
+ https://github.com/mwiede/jsch/releases/tag/jsch-0.2.4
+ https://github.com/mwiede/jsch/releases/tag/jsch-0.2.3
+ https://github.com/mwiede/jsch/releases/tag/jsch-0.2.2
+ https://github.com/mwiede/jsch/releases/tag/jsch-0.2.1
+ https://github.com/mwiede/jsch/releases/tag/jsch-0.2.0
+ https://github.com/mwiede/jsch/releases/tag/jsch-0.1.71
+ https://github.com/mwiede/jsch/releases/tag/jsch-0.1.70
+ https://github.com/mwiede/jsch/releases/tag/jsch-0.1.69
+ https://github.com/mwiede/jsch/releases/tag/jsch-0.1.68
+ https://github.com/mwiede/jsch/releases/tag/jsch-0.1.67
+ https://github.com/mwiede/jsch/releases/tag/jsch-0.1.66
+ https://github.com/mwiede/jsch/releases/tag/jsch-0.1.65
+ https://github.com/mwiede/jsch/releases/tag/jsch-0.1.64
+ https://github.com/mwiede/jsch/releases/tag/jsch-0.1.63
+ https://github.com/mwiede/jsch/releases/tag/jsch-0.1.62
+ https://github.com/mwiede/jsch/releases/tag/jsch-0.1.61
+ https://github.com/mwiede/jsch/releases/tag/jsch-0.1.60
+ https://github.com/mwiede/jsch/releases/tag/jsch-0.1.59
+ https://github.com/mwiede/jsch/releases/tag/jsch-0.1.58
+ https://github.com/mwiede/jsch/releases/tag/jsch-0.1.57
+ https://github.com/mwiede/jsch/releases/tag/jsch-0.1.56
eclipse-jgit:
To install this SUSE update use the SUSE recommended
installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
zypper in -t patch openSUSE-SLE-15.4-2024-57=1
zypper in -t patch openSUSE-SLE-15.5-2024-57=1
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP4-2024-57=1
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2024-57=1
zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Server-4.3-2024-57=1
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-57=1
zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-ESPOS-2024-57=1
zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-57=1
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-57=1
zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-57=1
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-57=1
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-57=1
zypper in -t patch SUSE-Storage-7.1-2024-57=1