openSUSE Security Update: Security update for govulncheck-vulndb ______________________________________________________________________________ Announcement ID: openSUSE-SU-2024:0350-1 Rating: important References: PED-11136 Cross-References: CVE-2022-45157 CVE-2023-22644 CVE-2023-32197 CVE-2024-0132 CVE-2024-0133 CVE-2024-10005 CVE-2024-10006 CVE-2024-10086 CVE-2024-10214 CVE-2024-10241 CVE-2024-10452 CVE-2024-22030 CVE-2024-22036 CVE-2024-33662 CVE-2024-36814 CVE-2024-38365 CVE-2024-39223 CVE-2024-39720 CVE-2024-46872 CVE-2024-47003 CVE-2024-47067 CVE-2024-47182 CVE-2024-47401 CVE-2024-47534 CVE-2024-47616 CVE-2024-47825 CVE-2024-47827 CVE-2024-47832 CVE-2024-47877 CVE-2024-48909 CVE-2024-48921 CVE-2024-49380 CVE-2024-49381 CVE-2024-49753 CVE-2024-49757 CVE-2024-50052 CVE-2024-50312 CVE-2024-50354 CVE-2024-7558 CVE-2024-7594 CVE-2024-8037 CVE-2024-8038 CVE-2024-8185 CVE-2024-8901 CVE-2024-8975 CVE-2024-8996 CVE-2024-9180 CVE-2024-9264 CVE-2024-9312 CVE-2024-9313 CVE-2024-9341 CVE-2024-9355 CVE-2024-9407 CVE-2024-9486 CVE-2024-9594 CVE-2024-9675 CVSS scores: CVE-2024-0132 (SUSE): 8.9 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H CVE-2024-0133 (SUSE): 2.1 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N CVE-2024-10452 (SUSE): 2.1 CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N CVE-2024-39720 (SUSE): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVE-2024-8185 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2024-9264 (SUSE): 9.9 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H CVE-2024-9341 (SUSE): 5.8 CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:A/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N CVE-2024-9407 (SUSE): 5.6 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N CVE-2024-9675 (SUSE): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N Affected Products: SUSE Linux Enterprise High Performance Computing 12 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Server 12-SP3 SUSE Linux Enterprise Server 12-SP4 SUSE Linux Enterprise Server 12-SP5 SUSE Linux Enterprise Server for SAP Applications 12 SUSE Linux Enterprise Server for SAP Applications 12-SP3 SUSE Linux Enterprise Server for SAP Applications 12-SP4 SUSE Linux Enterprise Server for SAP Applications 12-SP5 SUSE Package Hub for SUSE Linux Enterprise 12 ______________________________________________________________________________ An update that fixes 56 vulnerabilities, contains one feature is now available. Description: This update for govulncheck-vulndb fixes the following issues: - Update to version 0.0.20241104T154416 2024-11-04T15:44:16Z. Refs jsc#PED-11136 Go CVE Numbering Authority IDs added or updated with aliases: * GO-2024-3233 CVE-2024-46872 GHSA-762g-9p7f-mrww * GO-2024-3234 CVE-2024-47401 GHSA-762v-rq7q-ff97 * GO-2024-3235 CVE-2024-50052 GHSA-g376-m3h3-mj4r * GO-2024-3237 CVE-2024-0133 GHSA-f748-7hpg-88ch * GO-2024-3239 CVE-2024-0132 GHSA-mjjw-553x-87pq * GO-2024-3240 CVE-2024-10452 GHSA-66c4-2g2v-54qw * GO-2024-3241 CVE-2024-10006 GHSA-5c4w-8hhh-3c3h * GO-2024-3242 CVE-2024-10086 GHSA-99wr-c2px-grmh * GO-2024-3243 CVE-2024-10005 GHSA-chgm-7r52-whjj - Update to version 0.0.20241101T215616 2024-11-01T21:56:16Z. Refs jsc#PED-11136 Go CVE Numbering Authority IDs added or updated with aliases: * GO-2024-3244 CVE-2024-50354 GHSA-cph5-3pgr-c82g * GO-2024-3245 CVE-2024-39720 * GO-2024-3246 CVE-2024-8185 GHSA-g233-2p4r-3q7v - Update to version 0.0.20241030T212825 2024-10-30T21:28:25Z. Refs jsc#PED-11136 Go CVE Numbering Authority IDs added or updated with aliases: * GO-2024-3230 CVE-2024-48921 GHSA-qjvc-p88j-j9rm * GO-2024-3232 CVE-2024-10241 GHSA-6mvp-gh77-7vwh - Update to version 0.0.20241030T160108 2024-10-30T16:01:08Z. Refs jsc#PED-11136 Go CVE Numbering Authority IDs added or updated with aliases: * GO-2024-3226 CVE-2024-47827 GHSA-ghjw-32xw-ffwr * GO-2024-3227 CVE-2024-10214 GHSA-hm57-h27x-599c * GO-2024-3228 GHSA-wcx9-ccpj-hx3c - Packaging improvments: * Backfill CVE aliases in recent changelog entries - Update to version 0.0.20241028T152002 2024-10-28T15:20:02Z. Refs jsc#PED-11136 Go CVE Numbering Authority IDs added or updated with aliases: * GO-2024-3207 GHSA-p5wf-cmr4-xrwr * GO-2024-3208 CVE-2024-47825 GHSA-3wwx-63fv-pfq6 * GO-2024-3210 CVE-2024-8901 * GO-2024-3211 CVE-2024-50312 * GO-2024-3212 GHSA-rjfv-pjvx-mjgv * GO-2024-3213 CVE-2024-49380 * GO-2024-3214 CVE-2024-49381 * GO-2024-3215 CVE-2024-9264 GHSA-q99m-qcv4-fpm7 * GO-2024-3216 CVE-2024-49753 GHSA-6cf5-w9h3-4rqv * GO-2024-3217 CVE-2024-49757 GHSA-3rmw-76m6-4gjc * GO-2024-3219 GHSA-7h65-4p22-39j6 * GO-2024-3220 CVE-2023-32197 GHSA-7h8m-pvw3-5gh4 * GO-2024-3221 CVE-2024-22036 GHSA-h99m-6755-rgwc * GO-2024-3222 GHSA-x7xj-jvwp-97rv * GO-2024-3223 CVE-2022-45157 GHSA-xj7w-r753-vj8v * GO-2024-3224 CVE-2024-39223 GHSA-8wxx-35qc-vp6r - Update to version 0.0.20241017T153730 date 2024-10-17T15:37:30Z. Refs jsc#PED-11136 Go CVE Numbering Authority IDs added or updated with aliases: * GO-2024-3189 CVE-2024-38365 GHSA-27vh-h6mc-q6g8 * GO-2024-3203 CVE-2024-9486 * GO-2024-3204 CVE-2024-9594 Go CVE Numbering Authority IDs added or updated with aliases: * GO-2024-3189 CVE-2024-38365 GHSA-27vh-h6mc-q6g8 * GO-2024-3196 CVE-2024-47877 GHSA-8rm2-93mq-jqhc * GO-2024-3199 GHSA-vv6c-69r6-chg9 * GO-2024-3200 CVE-2024-48909 GHSA-3c32-4hq9-6wgj * GO-2024-3201 CVE-2023-22644 Go CVE Numbering Authority IDs added or updated with aliases: * GO-2024-3166 CVE-2024-47534 GHSA-4f8r-qqr9-fq8j * GO-2024-3171 CVE-2024-9341 GHSA-mc76-5925-c5p6 Go CVE Numbering Authority IDs added or updated with aliases: * GO-2024-3161 CVE-2024-22030 GHSA-h4h5-9833-v2p4 * GO-2024-3162 CVE-2024-7594 GHSA-jg74-mwgw-v6x3 * GO-2024-3163 CVE-2024-47182 * GO-2024-3164 CVE-2024-47003 GHSA-59hf-mpf8-pqjh * GO-2024-3166 CVE-2024-47534 GHSA-4f8r-qqr9-fq8j * GO-2024-3167 CVE-2024-9355 GHSA-3h3x-2hwv-hr52 * GO-2024-3168 CVE-2024-8975 GHSA-chqx-36rm-rf8h * GO-2024-3169 CVE-2024-9407 GHSA-fhqq-8f65-5xfc * GO-2024-3170 CVE-2024-8996 GHSA-m5gv-m5f9-wgv4 * GO-2024-3172 CVE-2024-33662 GHSA-9mjw-79r6-c9m8 * GO-2024-3173 CVE-2024-7558 GHSA-mh98-763h-m9v4 * GO-2024-3174 CVE-2024-8037 GHSA-8v4w-f4r9-7h6x * GO-2024-3175 CVE-2024-8038 GHSA-xwgj-vpm9-q2rq * GO-2024-3179 CVE-2024-47616 GHSA-r7rh-jww5-5fjr * GO-2024-3181 CVE-2024-9313 GHSA-x5q3-c8rm-w787 * GO-2024-3182 GHSA-wpr2-j6gr-pjw9 * GO-2024-3184 CVE-2024-36814 GHSA-9cp9-8gw2-8v7m * GO-2024-3185 CVE-2024-47832 * GO-2024-3186 CVE-2024-9675 GHSA-586p-749j-fhwp * GO-2024-3188 CVE-2024-9312 GHSA-4gfw-wf7c-w6g2 * GO-2024-3190 CVE-2024-47067 GHSA-8pph-gfhp-w226 * GO-2024-3191 CVE-2024-9180 GHSA-rr8j-7w34-xp5j Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Package Hub for SUSE Linux Enterprise 12: zypper in -t patch openSUSE-2024-350=1 Package List: - SUSE Package Hub for SUSE Linux Enterprise 12 (noarch): govulncheck-vulndb-0.0.20241104T154416-5.1 References: https://www.suse.com/security/cve/CVE-2022-45157.html https://www.suse.com/security/cve/CVE-2023-22644.html https://www.suse.com/security/cve/CVE-2023-32197.html https://www.suse.com/security/cve/CVE-2024-0132.html https://www.suse.com/security/cve/CVE-2024-0133.html https://www.suse.com/security/cve/CVE-2024-10005.html https://www.suse.com/security/cve/CVE-2024-10006.html https://www.suse.com/security/cve/CVE-2024-10086.html https://www.suse.com/security/cve/CVE-2024-10214.html https://www.suse.com/security/cve/CVE-2024-10241.html https://www.suse.com/security/cve/CVE-2024-10452.html https://www.suse.com/security/cve/CVE-2024-22030.html https://www.suse.com/security/cve/CVE-2024-22036.html https://www.suse.com/security/cve/CVE-2024-33662.html https://www.suse.com/security/cve/CVE-2024-36814.html https://www.suse.com/security/cve/CVE-2024-38365.html https://www.suse.com/security/cve/CVE-2024-39223.html https://www.suse.com/security/cve/CVE-2024-39720.html https://www.suse.com/security/cve/CVE-2024-46872.html https://www.suse.com/security/cve/CVE-2024-47003.html https://www.suse.com/security/cve/CVE-2024-47067.html https://www.suse.com/security/cve/CVE-2024-47182.html https://www.suse.com/security/cve/CVE-2024-47401.html https://www.suse.com/security/cve/CVE-2024-47534.html https://www.suse.com/security/cve/CVE-2024-47616.html https://www.suse.com/security/cve/CVE-2024-47825.html https://www.suse.com/security/cve/CVE-2024-47827.html https://www.suse.com/security/cve/CVE-2024-47832.html https://www.suse.com/security/cve/CVE-2024-47877.html https://www.suse.com/security/cve/CVE-2024-48909.html https://www.suse.com/security/cve/CVE-2024-48921.html https://www.suse.com/security/cve/CVE-2024-49380.html https://www.suse.com/security/cve/CVE-2024-49381.html https://www.suse.com/security/cve/CVE-2024-49753.html https://www.suse.com/security/cve/CVE-2024-49757.html https://www.suse.com/security/cve/CVE-2024-50052.html https://www.suse.com/security/cve/CVE-2024-50312.html https://www.suse.com/security/cve/CVE-2024-50354.html https://www.suse.com/security/cve/CVE-2024-7558.html https://www.suse.com/security/cve/CVE-2024-7594.html https://www.suse.com/security/cve/CVE-2024-8037.html https://www.suse.com/security/cve/CVE-2024-8038.html https://www.suse.com/security/cve/CVE-2024-8185.html https://www.suse.com/security/cve/CVE-2024-8901.html https://www.suse.com/security/cve/CVE-2024-8975.html https://www.suse.com/security/cve/CVE-2024-8996.html https://www.suse.com/security/cve/CVE-2024-9180.html https://www.suse.com/security/cve/CVE-2024-9264.html https://www.suse.com/security/cve/CVE-2024-9312.html https://www.suse.com/security/cve/CVE-2024-9313.html https://www.suse.com/security/cve/CVE-2024-9341.html https://www.suse.com/security/cve/CVE-2024-9355.html https://www.suse.com/security/cve/CVE-2024-9407.html https://www.suse.com/security/cve/CVE-2024-9486.html https://www.suse.com/security/cve/CVE-2024-9594.html https://www.suse.com/security/cve/CVE-2024-9675.html