openSUSE Updates
Threads by month
- ----- 2024 -----
- April
- March
- February
- January
- ----- 2023 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2022 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2021 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2020 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2019 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2018 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2017 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2016 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2015 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2014 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2013 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2012 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2011 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2010 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
November 2022
- 2 participants
- 260 discussions
30 Nov '22
SUSE Recommended Update: Recommended update for dconf
______________________________________________________________________________
Announcement ID: SUSE-RU-2022:4299-1
Rating: moderate
References: #1203344 #971074
Affected Products:
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Module for Desktop Applications 15-SP4
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that has two recommended fixes can now be
installed.
Description:
This update for dconf fixes the following issues:
- Re-enable fix for `dconf update` to restore correct permissions on db
files (bsc#971074, bsc#1203344)
Patch Instructions:
To install this SUSE Recommended Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-4299=1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP4:
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP4-2022-4299=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-4299=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
dconf-0.40.0-150400.3.3.2
dconf-debuginfo-0.40.0-150400.3.3.2
dconf-debugsource-0.40.0-150400.3.3.2
dconf-devel-0.40.0-150400.3.3.2
gsettings-backend-dconf-0.40.0-150400.3.3.2
gsettings-backend-dconf-debuginfo-0.40.0-150400.3.3.2
libdconf1-0.40.0-150400.3.3.2
libdconf1-debuginfo-0.40.0-150400.3.3.2
- openSUSE Leap 15.4 (x86_64):
gsettings-backend-dconf-32bit-0.40.0-150400.3.3.2
gsettings-backend-dconf-32bit-debuginfo-0.40.0-150400.3.3.2
libdconf1-32bit-0.40.0-150400.3.3.2
libdconf1-32bit-debuginfo-0.40.0-150400.3.3.2
- SUSE Linux Enterprise Module for Desktop Applications 15-SP4 (aarch64 ppc64le s390x x86_64):
dconf-debuginfo-0.40.0-150400.3.3.2
dconf-debugsource-0.40.0-150400.3.3.2
dconf-devel-0.40.0-150400.3.3.2
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64 ppc64le s390x x86_64):
dconf-0.40.0-150400.3.3.2
dconf-debuginfo-0.40.0-150400.3.3.2
dconf-debugsource-0.40.0-150400.3.3.2
gsettings-backend-dconf-0.40.0-150400.3.3.2
gsettings-backend-dconf-debuginfo-0.40.0-150400.3.3.2
libdconf1-0.40.0-150400.3.3.2
libdconf1-debuginfo-0.40.0-150400.3.3.2
References:
https://bugzilla.suse.com/1203344
https://bugzilla.suse.com/971074
1
0
SUSE-RU-2022:4297-1: important: Recommended update for pdsh, slurm_22_05
by maintenance@opensuse.org 30 Nov '22
by maintenance@opensuse.org 30 Nov '22
30 Nov '22
SUSE Recommended Update: Recommended update for pdsh, slurm_22_05
______________________________________________________________________________
Announcement ID: SUSE-RU-2022:4297-1
Rating: important
References: SLE-21334
Affected Products:
SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that has 0 recommended fixes and contains one
feature can now be installed.
Description:
This update for pdsh, slurm_22_05 fixes the following issues:
Slurm was updated to 22.05.5
- Fixes a number of moderate severity issues, noteable are:
* Load hash plugin at slurmstepd launch time to prevent issues loading
the plugin at step completion if the Slurm installation is upgraded.
* Update nvml plugin to match the unique id format for MIG devices in
new Nvidia drivers.
* Fix multi-node step launch failure when nodes in the controller aren't
in natural order. This can happen with inconsistent node naming (such
as node15 and node052) or with dynamic nodes which can register in any
order.
* job_container/tmpfs - cleanup containers even when the .ns file isn't
mounted anymore.
* Wait up to PrologEpilogTimeout before shutting down slurmd to allow
prolog and epilog scripts to complete or timeout. Previously, slurmd
waited 120 seconds before timing out and killing prolog and epilog
scripts.
- Do not deduplicate files of testsuite Slurm configuration. This
directory is supposed to be mounted over /etc/slurm therefore it must
not contain softlinks to the files in this directory.
- Fix a potential security vulnerability in the test package (bsc#1201674,
CVE-2022-31251).
- update to 22.05.2 with following fixes:
* Fix regression which allowed the oversubscription of licenses.
* Fix a segfault in slurmctld when requesting gres in job arrays.
- Allow log in as user 'slurm'. This allows admins to run certain
priviledged commands more easily without becoming root.
update to 22.05.0 with following changes:
- Support for dynamic node addition and removal
- Support for native Linux cgroup v2 operation
- Newly added plugins to support HPE Slingshot 11 networks
(switch/hpe_slingshot), and Intel Xe GPUs (gpu/oneapi)
- Added new acct_gather_interconnect/sysfs plugin to collect statistics
from arbitrary network interfaces.
- Expanded and synced set of environment variables available in the
Prolog/Epilog/PrologSlurmctld/EpilogSlurmctld scripts.
- New "--prefer" option to job submissions to allow for a "soft
constraint" request to influence node selection.
- Optional support for license planning in the backfill scheduler with
"bf_licenses" option in SchedulerParameters.
- Add a comment about the CommunicationParameters=block_null_hash
option warning users who migrate - just in case.
- Update to 21.08.8 which fixes CVE-2022-29500 (bsc#1199278),
CVE-2022-29501 (bsc#1199279), and CVE-2022-29502 (bsc#1199281).
- Added 'CommunicationParameters=block_null_hash' to slurm.conf, please
add this parameter to existing configurations.
- Update to 21.08.7 with following changes:
* openapi/v0.0.37 - correct calculation for bf_queue_len_mean in /diag.
* Avoid shrinking a reservation when overlapping with downed nodes.
* Only check TRES limits against current usage for TRES requested by the
job.
* Do not allocate shared gres (MPS) in whole-node allocations
* Constrain slurmstepd to job/step cgroup like in previous versions of
Slurm.
* Fix warnings on 32-bit compilers related to printf() formats.
* Fix reconfigure issues after disabling/reenabling the GANG PreemptMode.
* Fix race condition where a cgroup was being deleted while another step
was creating it.
* Set the slurmd port correctly if multi-slurmd
* Fix FAIL mail not being sent if a job was cancelled due to preemption.
* slurmrestd - move debug logs for HTTP handling to be gated by
debugflag NETWORK to avoid unnecessary logging of communication
contents.
* Fix issue with bad memory access when shrinking running steps.
* Fix various issues with internal job accounting with GRES when jobs
are shrunk.
* Fix ipmi polling on slurmd reconfig or restart.
* Fix srun crash when reserved ports are being used and het step fails
to launch.
* openapi/dbv0.0.37 - fix DELETE execution path on /user/{user_name}.
* slurmctld - Properly requeue all components of a het job if
PrologSlurmctld fails.
* rlimits - remove final calls to limit nofiles to 4096 but to instead
use the max possible nofiles in slurmd and slurmdbd.
* Allow the DBD agent to load large messages (up to MAX_BUF_SIZE) from
state.
* Fix potential deadlock during slurmctld restart when there is a
completing job.
* slurmstepd - reduce user requested soft rlimits when they are above
max hard rlimits to avoid rlimit request being completely ignored and
processes using default limits.
* Fix Slurm user commands displaying available features as active
features when no features were active.
* Don't power down nodes that are rebooting.
* Clear pending node reboot on power down request.
* Ignore node registrations while node is powering down.
* Don't reboot any node that is power<ing|ed> down.
* Don't allow a node to reboot if it's marked for power down.
* Fix issuing reboot and downing when rebooting a powering up node.
* Clear DRAIN on node after failing to resume before ResumeTimeout.
* Prevent repeating power down if node fails to resume before
ResumeTimeout.
* Fix federated cloud node communication with srun and cloud_dns.
* Fix jobs being scheduled on nodes marked to be powered_down when idle.
* Fix problem where a privileged user could not view array tasks
specified by <array_job_id>_<task_id> when PrivateData had the jobs
value set.
- Changes in Slurm 21.08.6
* Fix plugin_name definitions in a number of plugins to improve logging.
* Close sbcast file transfers when job is cancelled.
* scrontab - fix handling of --gpus and --ntasks-per-gpu options.
* sched/backfill - fix job_queue_rec_t memory leak.
* Fix magnetic reservation logic in both main and backfill schedulers.
* job_container/tmpfs - fix memory leak when using InitScript.
* slurmrestd / openapi - fix memory leaks.
* Fix slurmctld segfault due to job array resv_list double free.
* Fix multi-reservation job testing logic.
* Fix slurmctld segfault due to insufficient job reservation parse
validation.
* Fix main and backfill schedulers handling for already rejected job
array.
* sched/backfill - restore resv_ptr after yielding locks.
* acct_gather_energy/xcc - appropriately close and destroy the IPMI
context.
* Protect slurmstepd from making multiple calls to the cleanup logic.
* Prevent slurmstepd segfault at cleanup time in mpi_fini().
* Fix slurmctld sometimes hanging if shutdown while PrologSlurmctld or
EpilogSlurmctld were running and PrologEpilogTimeout is set in
slurm.conf.
* Fix affinity of the batch step if batch host is different than the
first node in the allocation.
* slurmdbd - fix segfault after multiple failover/failback operations.
* Fix jobcomp filetxt job selection condition.
* Fix -f flag of sacct not being used.
* Select cores for job steps according to the socket distribution.
Previously, sockets were always filled before selecting cores from the
next socket.
* Keep node in Future state if epilog completes while in Future state.
* Fix erroneous --constraint behavior by preventing multiple sets of
brackets.
* Make ResetAccrueTime update the job's accrue_time to now.
* Fix sattach initialization with configless mode.
* Revert packing limit checks affecting pmi2.
* sacct - fixed assertion failure when using -c option and a federation
display
* Fix issue that allowed steps to overallocate the job's memory.
* Fix the sanity check mode of AutoDetect so that it actually works.
* Fix deallocated nodes that didn't actually launch a job from waiting
for Epilogslurmctld to complete before clearing completing node's
state.
* Job should be in a completing state if EpilogSlurmctld when being
requeued.
* Fix job not being requeued properly if all node epilog's completed
before EpilogSlurmctld finished.
* Keep job completing until EpilogSlurmctld is completed even when
"downing" a node.
* Fix handling reboot with multiple job features.
* Fix nodes getting powered down when creating new partitions.
* Fix bad bit_realloc which potentially could lead to bad memory access.
* slurmctld - remove limit on the number of open files.
* Fix bug where job_state file of size above 2GB wasn't saved without
any error message.
* Fix various issues with no_consume gres.
* Fix regression in 21.08.0rc1 where job steps failed to launch on
systems that reserved a CPU in a cgroup outside of Slurm (for example,
on systems with WekaIO).
* Fix OverTimeLimit not being reset on scontrol reconfigure when it is
removed from slurm.conf.
* serializer/yaml - use dynamic buffer to allow creation of YAML outputs
larger than 1MiB.
* Fix minor memory leak affecting openapi users at process termination.
* Fix batch jobs not resolving the username when nss_slurm is enabled.
* slurmrestd - Avoid slurmrestd ignoring invalid HTTP method if the
response serialized without error.
* openapi/dbv0.0.37 - Correct conditional that caused the diag output to
give an internal server error status on success.
* Make --mem-bind=sort work with task_affinity
* Fix sacctmgr to set MaxJobsAccruePer{User|Account} and MinPrioThres in
sacctmgr add qos, modify already worked correctly.
* job_container/tmpfs - avoid printing extraneous error messages in
Prolog and Epilog, and when the job completes.
* Fix step CPU memory allocation with --threads-per-core without --exact.
* Remove implicit --exact when --threads-per-core or
--hint=nomultithread is used.
* Do not allow a step to request more threads per core than the
allocation did.
* Remove implicit --exact when --cpus-per-task is used.
- update to 21.08.5 with following changes:
* Fix issue where typeless GRES node updates were not immediately
reflected.
* Fix setting the default scrontab job working directory so that it's
the home
of the different user (*u <user>) and not that of root or SlurmUser
editor.
* Fix stepd not respecting SlurmdSyslogDebug.
* Fix concurrency issue with squeue.
* Fix job start time not being reset after launch when job is packed
onto already booting node.
* Fix updating SLURM_NODE_ALIASES for jobs packed onto powering up nodes.
* Cray - Fix issues with starting hetjobs.
* auth/jwks - Print fatal() message when jwks is configured but file
could not be opened.
* If sacctmgr has an association with an unknown qos as the default qos
print 'UNKN*###' instead of leaving a blank name.
* Correctly determine task count when giving --cpus-per-gpu, --gpus and
*-ntasks-per-node without task count.
* slurmctld - Fix places where the global last_job_update was not being
set to the time of update when a job's reason and description were
updated.
* slurmctld - Fix case where a job submitted with more than one
partition would not have its reason updated while waiting to start.
* Fix memory leak in node feature rebooting.
* Fix time limit permanetly set to 1 minute by backfill for job array
tasks higher than the first with QOS NoReserve flag and PreemptMode
configured.
* Fix sacct -N to show jobs that started in the current second
* Fix issue on running steps where both SLURM_NTASKS_PER_TRES and
SLURM_NTASKS_PER_GPU are set.
* Handle oversubscription request correctly when also requesting
*-ntasks-per-tres.
* Correctly detect when a step requests bad gres inside an allocation.
* slurmstepd - Correct possible deadlock when UnkillableStepTimeout
triggers.
* srun - use maximum number of open files while handling job I/O.
* Fix writing to Xauthority files on root_squash NFS exports, which was
preventing X11 forwarding from completing setup.
* Fix regression in 21.08.0rc1 that broke --gres=none.
* Fix srun --cpus-per-task and --threads-per-core not implicitly setting
*-exact. It was meant to work this way in 21.08.
* Fix regression in 21.08.0 that broke dynamic future nodes.
* Fix dynamic future nodes remembering active state on restart.
* Fix powered down nodes getting stuck in COMPLETING+POWERED_DOWN when
job is cancelled before nodes are powering up.
updated to 21.08.4 which fixes (CVE-2021-43337) which is only present in
21.08 tree.
* CVE-2021-43337: For sites using the new
AccountingStoreFlags=job_script and/or job_env
options, an issue was reported with the access control rules in
SlurmDBD that will permit users to request job scripts and
environment files that they should not have access to.
(Scripts/environments are meant to only be accessible by user
accounts with administrator privileges, by account coordinators for
jobs submitted under their account, and by the user themselves.)
changes from 21.08.3:
* This includes a number of fixes since the last release a month ago,
including one critical fix to prevent a communication issue between
slurmctld and slurmdbd for sites that have started using the new
AccountingStoreFlags=job_script functionality.
- Utilize sysuser infrastructure to set user/group slurm. For munge
authentication slurm should have a fixed UID across all nodes including
the management server. Set it to 120
- Limit firewalld service definitions to SUSE versions >= 15.
- added service definitions for firewalld (JSC#SLE-22741)
update to 21.08.2
- major change:
* removed of support of the TaskAffinity=yes option in cgroup.conf.
Please consider using "TaskPlugins=cgroup,affinity" in slurm.conf as
an option.
- minor changes and bugfixes:
* slurmctld - fix how the max number of cores on a node in a partition
are calculated when the partition contains multi*socket nodes. This in
turn corrects certain jobs node count estimations displayed
client*side.
* job_submit/cray_aries - fix "craynetwork" GRES specification after
changes introduced in 21.08.0rc1 that made TRES always have a type
prefix.
* Ignore nonsensical check in the slurmd for [Pro|Epi]logSlurmctld.
* Fix writing to stderr/syslog when systemd runs slurmctld in the
foreground.
* Fix issue with updating job started with node range.
* Fix issue with nodes not clearing state in the database when the
slurmctld is started with clean*start.
* Fix hetjob components > 1 timing out due to InactiveLimit.
* Fix sprio printing -nan for normalized association priority if
PriorityWeightAssoc was not defined.
* Disallow FirstJobId=0.
* Preserve job start info in the database for a requeued job that hadn't
registered the first time in the database yet.
* Only send one message on prolog failure from the slurmd.
* Remove support for TaskAffinity=yes in cgroup.conf.
* accounting_storage/mysql - fix issue where querying jobs via sacct
*-whole-hetjob=yes or slurmrestd (which automatically includes this
flag) could in some cases return more records than expected.
* Fix issue for preemption of job array task that makes afterok
dependency fail. Additionally, send emails when requeueing happens due
to preemption.
* Fix sending requeue mail type.
* Properly resize a job's GRES bitmaps and counts when resizing the job.
* Fix node being able to transition to CLOUD state from non-cloud state.
* Fix regression introduced in 21.08.0rc1 which broke a step's ability
to inherit GRES from the job when the step didn't request GRES but the
job did.
* Fix errors in logic when picking nodes based on bracketed anded
constraints. This also enforces the requirement to have a count when
using such constraints.
* Handle job resize better in the database.
* Exclude currently running, resized jobs from the runaway jobs list.
* Make it possible to shrink a job more than once.
- moved pam module from /lib64 to /usr/lib64 which fixes bsc#1191095 via
the macro %_pam_moduledir
updated to 21.08.1 with following bug fixes:
* Fix potential memory leak if a problem happens while allocating GRES
for a job.
* If an overallocation of GRES happens terminate the creation of a job.
* AutoDetect=nvml: Fatal if no devices found in MIG mode.
* Print federation and cluster sacctmgr error messages to stderr.
* Fix off by one error in --gpu-bind=mask_gpu.
* Add --gpu-bind=none to disable gpu binding when using --gpus-per-task.
* Handle the burst buffer state "alloc-revoke" which previously would
not display in the job correctly.
* Fix issue in the slurmstepd SPANK prolog/epilog handler where
configuration values were used before being initialized.
* Restore a step's ability to utilize all of an allocations memory if
--mem=0.
* Fix --cpu-bind=verbose garbage taskid.
* Fix cgroup task affinity issues from garbage taskid info.
* Make gres_job_state_validate() client logging behavior as before
44466a4641.
* Fix steps with --hint overriding an allocation with --threads-per-core.
* Require requesting a GPU if --mem-per-gpu is requested.
* Return error early if a job is requesting --ntasks-per-gpu and no gpus
or task count.
* Properly clear out pending step if unavailable to run with available
resources.
* Kill all processes spawned by burst_buffer.lua including decendents.
* openapi/v0.0.{35,36,37} - Avoid setting default values of min_cpus,
job name, cwd, mail_type, and contiguous on job update.
* openapi/v0.0.{35,36,37} - Clear user hold on job update if hold=false.
* Prevent CRON_JOB flag from being cleared when loading job state.
* sacctmgr - Fix deleting WCKeys when not specifying a cluster.
* Fix getting memory for a step when the first node in the step isn't
the first node in the allocation.
* Make SelectTypeParameters=CR_Core_Memory default for cons_tres and
cons_res.
* Correctly handle mutex unlocks in the gres code if failures happen.
* Give better error message if -m plane is given with no size.
* Fix --distribution=arbitrary for salloc.
* Fix jobcomp/script regression introduced in 21.08.0rc1 0c75b9ac9d.
* Only send the batch node in the step_hostlist in the job credential.
* When setting affinity for the batch step don't assume the batch host
is node 0.
* In task/affinity better checking for node existence when laying out
affinity.
* slurmrestd - fix job submission with auth/jwt.
- Make configure arg '--with-pmix' conditional.
- Move openapi plugins to package slurm-restd.
updated to 21.08.0, major changes:
* A new "AccountingStoreFlags=job_script" option to store the job
scripts directly in SlurmDBD.
* Added "sacct -o SubmitLine" format option to get the submit line
of a job/step.
* Changes to the node state management so that nodes are marked as
PLANNED instead of IDLE if the scheduler is still accumulating
resources while waiting to launch a job on them.
* RS256 token support in auth/jwt.
* Overhaul of the cgroup subsystems to simplify operation, mitigate a
number
of inherent race conditions, and prepare for future cgroup v2 support.
* Further improvements to cloud node power state management.
* A new child process of the Slurm controller called "slurmscriptd"
responsible for executing PrologSlurmctld and EpilogSlurmctld scripts,
which significantly reduces performance issues associated with
enabling those options.
* A new burst_buffer/lua plugin allowing for site-specific asynchronous
job data management.
* Fixes to the job_container/tmpfs plugin to allow the slurmd process to
be restarted while the job is running without issue.
* Added json/yaml output to sacct, squeue, and sinfo commands.
* Added a new node_features/helpers plugin to provide a generic way to
change settings on a compute node across a reboot.
* Added support for automatically detecting and broadcasting shared
libraries for an executable launched with "srun --bcast".
* Added initial OCI container execution support with a new --container
option to sbatch and srun.
* Improved "configless" support by allowing multiple control servers to
be specified through the slurmd --conf-server option, and send
additional configuration files at startup including cli_filter.lua.
Changes in pdsh:
- Preparing pdsh for Slurm 22.05.
* No later version of Slurm builds on 32 bit.
Patch Instructions:
To install this SUSE Recommended Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-4297=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-4297=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-LTSS-2022-4297=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-ESPOS-2022-4297=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
pdsh-slurm_20_02-2.34-150100.10.14.1
pdsh-slurm_20_02-debuginfo-2.34-150100.10.14.1
pdsh_slurm_20_02-debugsource-2.34-150100.10.14.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
pdsh-slurm_20_02-2.34-150100.10.14.1
pdsh-slurm_20_02-debuginfo-2.34-150100.10.14.1
pdsh_slurm_20_02-debugsource-2.34-150100.10.14.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (aarch64 x86_64):
libnss_slurm2_22_05-22.05.5-150100.3.3.1
libnss_slurm2_22_05-debuginfo-22.05.5-150100.3.3.1
libpmi0_22_05-22.05.5-150100.3.3.1
libpmi0_22_05-debuginfo-22.05.5-150100.3.3.1
libslurm38-22.05.5-150100.3.3.1
libslurm38-debuginfo-22.05.5-150100.3.3.1
pdsh-2.34-150100.10.14.1
pdsh-debuginfo-2.34-150100.10.14.1
pdsh-debugsource-2.34-150100.10.14.1
pdsh-dshgroup-2.34-150100.10.14.1
pdsh-dshgroup-debuginfo-2.34-150100.10.14.1
pdsh-genders-2.34-150100.10.14.1
pdsh-genders-debuginfo-2.34-150100.10.14.1
pdsh-machines-2.34-150100.10.14.1
pdsh-machines-debuginfo-2.34-150100.10.14.1
pdsh-netgroup-2.34-150100.10.14.1
pdsh-netgroup-debuginfo-2.34-150100.10.14.1
pdsh-slurm-2.34-150100.10.14.1
pdsh-slurm-debuginfo-2.34-150100.10.14.1
pdsh-slurm_20_02-2.34-150100.10.14.1
pdsh-slurm_20_02-debuginfo-2.34-150100.10.14.1
pdsh-slurm_22_05-2.34-150100.10.14.1
pdsh-slurm_22_05-debuginfo-2.34-150100.10.14.1
pdsh_slurm_20_02-debugsource-2.34-150100.10.14.1
pdsh_slurm_22_05-debugsource-2.34-150100.10.14.1
perl-slurm_22_05-22.05.5-150100.3.3.1
perl-slurm_22_05-debuginfo-22.05.5-150100.3.3.1
slurm_22_05-22.05.5-150100.3.3.1
slurm_22_05-auth-none-22.05.5-150100.3.3.1
slurm_22_05-auth-none-debuginfo-22.05.5-150100.3.3.1
slurm_22_05-debuginfo-22.05.5-150100.3.3.1
slurm_22_05-debugsource-22.05.5-150100.3.3.1
slurm_22_05-devel-22.05.5-150100.3.3.1
slurm_22_05-lua-22.05.5-150100.3.3.1
slurm_22_05-lua-debuginfo-22.05.5-150100.3.3.1
slurm_22_05-munge-22.05.5-150100.3.3.1
slurm_22_05-munge-debuginfo-22.05.5-150100.3.3.1
slurm_22_05-node-22.05.5-150100.3.3.1
slurm_22_05-node-debuginfo-22.05.5-150100.3.3.1
slurm_22_05-pam_slurm-22.05.5-150100.3.3.1
slurm_22_05-pam_slurm-debuginfo-22.05.5-150100.3.3.1
slurm_22_05-plugins-22.05.5-150100.3.3.1
slurm_22_05-plugins-debuginfo-22.05.5-150100.3.3.1
slurm_22_05-rest-22.05.5-150100.3.3.1
slurm_22_05-rest-debuginfo-22.05.5-150100.3.3.1
slurm_22_05-slurmdbd-22.05.5-150100.3.3.1
slurm_22_05-slurmdbd-debuginfo-22.05.5-150100.3.3.1
slurm_22_05-sql-22.05.5-150100.3.3.1
slurm_22_05-sql-debuginfo-22.05.5-150100.3.3.1
slurm_22_05-sview-22.05.5-150100.3.3.1
slurm_22_05-sview-debuginfo-22.05.5-150100.3.3.1
slurm_22_05-torque-22.05.5-150100.3.3.1
slurm_22_05-torque-debuginfo-22.05.5-150100.3.3.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (noarch):
slurm_22_05-config-22.05.5-150100.3.3.1
slurm_22_05-config-man-22.05.5-150100.3.3.1
slurm_22_05-doc-22.05.5-150100.3.3.1
slurm_22_05-webdoc-22.05.5-150100.3.3.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (aarch64 x86_64):
libnss_slurm2_22_05-22.05.5-150100.3.3.1
libnss_slurm2_22_05-debuginfo-22.05.5-150100.3.3.1
libpmi0_22_05-22.05.5-150100.3.3.1
libpmi0_22_05-debuginfo-22.05.5-150100.3.3.1
libslurm38-22.05.5-150100.3.3.1
libslurm38-debuginfo-22.05.5-150100.3.3.1
pdsh-2.34-150100.10.14.1
pdsh-debuginfo-2.34-150100.10.14.1
pdsh-debugsource-2.34-150100.10.14.1
pdsh-dshgroup-2.34-150100.10.14.1
pdsh-dshgroup-debuginfo-2.34-150100.10.14.1
pdsh-genders-2.34-150100.10.14.1
pdsh-genders-debuginfo-2.34-150100.10.14.1
pdsh-machines-2.34-150100.10.14.1
pdsh-machines-debuginfo-2.34-150100.10.14.1
pdsh-netgroup-2.34-150100.10.14.1
pdsh-netgroup-debuginfo-2.34-150100.10.14.1
pdsh-slurm-2.34-150100.10.14.1
pdsh-slurm-debuginfo-2.34-150100.10.14.1
pdsh-slurm_20_02-2.34-150100.10.14.1
pdsh-slurm_20_02-debuginfo-2.34-150100.10.14.1
pdsh-slurm_22_05-2.34-150100.10.14.1
pdsh-slurm_22_05-debuginfo-2.34-150100.10.14.1
pdsh_slurm_20_02-debugsource-2.34-150100.10.14.1
pdsh_slurm_22_05-debugsource-2.34-150100.10.14.1
perl-slurm_22_05-22.05.5-150100.3.3.1
perl-slurm_22_05-debuginfo-22.05.5-150100.3.3.1
slurm_22_05-22.05.5-150100.3.3.1
slurm_22_05-auth-none-22.05.5-150100.3.3.1
slurm_22_05-auth-none-debuginfo-22.05.5-150100.3.3.1
slurm_22_05-debuginfo-22.05.5-150100.3.3.1
slurm_22_05-debugsource-22.05.5-150100.3.3.1
slurm_22_05-devel-22.05.5-150100.3.3.1
slurm_22_05-lua-22.05.5-150100.3.3.1
slurm_22_05-lua-debuginfo-22.05.5-150100.3.3.1
slurm_22_05-munge-22.05.5-150100.3.3.1
slurm_22_05-munge-debuginfo-22.05.5-150100.3.3.1
slurm_22_05-node-22.05.5-150100.3.3.1
slurm_22_05-node-debuginfo-22.05.5-150100.3.3.1
slurm_22_05-openlava-22.05.5-150100.3.3.1
slurm_22_05-pam_slurm-22.05.5-150100.3.3.1
slurm_22_05-pam_slurm-debuginfo-22.05.5-150100.3.3.1
slurm_22_05-plugins-22.05.5-150100.3.3.1
slurm_22_05-plugins-debuginfo-22.05.5-150100.3.3.1
slurm_22_05-rest-22.05.5-150100.3.3.1
slurm_22_05-rest-debuginfo-22.05.5-150100.3.3.1
slurm_22_05-slurmdbd-22.05.5-150100.3.3.1
slurm_22_05-slurmdbd-debuginfo-22.05.5-150100.3.3.1
slurm_22_05-sql-22.05.5-150100.3.3.1
slurm_22_05-sql-debuginfo-22.05.5-150100.3.3.1
slurm_22_05-sview-22.05.5-150100.3.3.1
slurm_22_05-sview-debuginfo-22.05.5-150100.3.3.1
slurm_22_05-torque-22.05.5-150100.3.3.1
slurm_22_05-torque-debuginfo-22.05.5-150100.3.3.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (noarch):
slurm_22_05-config-22.05.5-150100.3.3.1
slurm_22_05-config-man-22.05.5-150100.3.3.1
slurm_22_05-doc-22.05.5-150100.3.3.1
slurm_22_05-webdoc-22.05.5-150100.3.3.1
References:
1
0
openSUSE-SU-2022:10222-1: important: Security update for rxvt-unicode
by opensuse-security@opensuse.org 30 Nov '22
by opensuse-security@opensuse.org 30 Nov '22
30 Nov '22
openSUSE Security Update: Security update for rxvt-unicode
______________________________________________________________________________
Announcement ID: openSUSE-SU-2022:10222-1
Rating: important
References: #1186174
Cross-References: CVE-2008-1142 CVE-2021-33477
CVSS scores:
CVE-2021-33477 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products:
openSUSE Backports SLE-15-SP3
openSUSE Backports SLE-15-SP4
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for rxvt-unicode fixes the following issues:
Update to 9.26
- ev_iouring.c was wrongly required during compilation, and wrongly not
packaged.
Update to 9.25 (boo#1186174 CVE-2021-33477)
- for the 17.5th anniversary, and because many distributions seem to
remove rxvt in favour of urxvt, this release resurrects rclock as
urclock.
- add support for systemd socket-based activation - debian bug #917105,
freebsd bug #234276.
- do not destruct perl on exit anymore: this might fail for a variety of
reasons, and takes unneccessary time.
- remove any macros from urxvtperl manpage(s), should fix debian bug
858385.
- the old bg image resources are now provided by the background extension,
and perl is thus required for bg image support. No configuration change
is needed: urxvt autoloads the background ext if any bg image
resource/option is present (for OSC sequences to work you need to enable
it explicity). The old bg image resources are also now deprecated; users
are encouraged to switch to the new bg image interface (see man
urxvt-background).
- confirm-paste now checks for any ctlchars, not just newlines.
- searchable scrollback will now ignore bracketed paste mode sequences
(prompted by Daniel Gr��ber's patch).
- drop ISO 2022 locale support. ISO 2022 encodings are not supported in
POSIX locales and clash with vt100 charset emulation (the luit program
can be used as a substitute).
- perl didn't parse rgba colours specified as an array correctly,
only allowing 0 and 100% intensity for each component (this affected
fill and tint).
- when iterating over resources, urxvt will now try to properly handle
multipart resources (such as "*background.expr"), for the benefit
of autoloading perl extensions.
- ESC G (query rxvt graphics mode) has been disabled due to security
implications. The rxvt graphics mode was removed in rxvt-unicode 1.5,
and no programs relying on being able to query the mode are known.
- work around API change breakage in perl 5.28, based on a patch by Roman
Bogorodskiy.
- improved security: rob nation's (obsolete) graphics mode queries no
longer reply with linefeed in secure/default mode.
- ISO 8613-3 direct colour SGR sequences (patch by Fengguang Wu).
- xterm focus reporting mode (patch by Daniel Hahler).
- xterm SGR mouse mode.
- implement DECRQM. Patch by P��emysl Eric Janouch.
- add missing color index parameter to OSC 4 response. Patch by P��emysl
Eric Janouch.
- in some window managers, if smart resize was enabled, urxvt erroneously
moved the window on font change - awesome bug #532, arch linux bug
##34807 (patch by Uli Schlachter).
- fix urxvtd crash when using a background expression.
- properly restore colors when using fading and reverse video is enabled
while urxvt is focused and then disabled while it is not focused, or
vice versa (patch by Daniel Hahler).
- fix high memory usage when an extension repeatedly hides and shows an
overlay (reported by Marcel Lautenbach).
- expose priv_modes member and constants to perl extensions (patch by
Rastislav Barlik).
- fix a whole slew of const sillyness, unfortunately forced upon us by ISO
C++.
- update to libecb 0x00010006.
- disable all thread support in ecb.h as we presumably don't need it.
- slightly improve Makefile source dependencies.
- work around bugs in newer Pod::Xhtml versions (flags incorrect
formatting codes in xhtml/html sections but does not interpret correct
ones).
- New file: /usr/bin/urclock
- restore the -256color binaries
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Backports SLE-15-SP4:
zypper in -t patch openSUSE-2022-10222=1
- openSUSE Backports SLE-15-SP3:
zypper in -t patch openSUSE-2022-10222=1
Package List:
- openSUSE Backports SLE-15-SP4 (aarch64 i586 ppc64le s390x x86_64):
rxvt-unicode-9.26-bp154.2.3.1
rxvt-unicode-debuginfo-9.26-bp154.2.3.1
rxvt-unicode-debugsource-9.26-bp154.2.3.1
- openSUSE Backports SLE-15-SP3 (aarch64 i586 ppc64le s390x x86_64):
rxvt-unicode-9.26-bp153.2.3.1
References:
https://www.suse.com/security/cve/CVE-2008-1142.html
https://www.suse.com/security/cve/CVE-2021-33477.html
https://bugzilla.suse.com/1186174
1
0
SUSE-SU-2022:4285-1: important: Security update for webkit2gtk3
by opensuse-security@opensuse.org 29 Nov '22
by opensuse-security@opensuse.org 29 Nov '22
29 Nov '22
SUSE Security Update: Security update for webkit2gtk3
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:4285-1
Rating: important
References: #1205120 #1205121 #1205122 #1205123 #1205124
Cross-References: CVE-2022-32888 CVE-2022-32923 CVE-2022-42799
CVE-2022-42823 CVE-2022-42824
CVSS scores:
CVE-2022-32888 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-32888 (SUSE): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-32923 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
CVE-2022-32923 (SUSE): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
CVE-2022-42799 (NVD) : 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
CVE-2022-42799 (SUSE): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
CVE-2022-42823 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-42823 (SUSE): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-42824 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
CVE-2022-42824 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Affected Products:
SUSE Enterprise Storage 7
SUSE Enterprise Storage 7.1
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Desktop Applications 15-SP3
SUSE Linux Enterprise Server 15-SP2-BCL
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.1
SUSE Manager Retail Branch Server 4.2
SUSE Manager Server 4.1
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes 5 vulnerabilities is now available.
Description:
Security fixes:
- CVE-2022-32888: Fixed possible arbitrary code execution via maliciously
crafted web content (bsc#1205121).
- CVE-2022-32923: Fixed possible information leak via maliciously crafted
web content (bsc#1205122).
- CVE-2022-42799: Fixed user interface spoofing when visiting a malicious
website (bsc#1205123).
- CVE-2022-42823: Fixed possible arbitrary code execution via maliciously
crafted web content (bsc#1205120).
- CVE-2022-42824: Fixed possible sensitive user information leak via
maliciously crafted web content (bsc#1205124).
Update to version 2.38.2:
- Fix scrolling issues in some sites having fixed background.
- Fix prolonged buffering during progressive live playback.
- Fix the build with accessibility disabled.
- Fix several crashes and rendering issues.
Update to version 2.38.1:
- Make xdg-dbus-proxy work if host session bus address is an abstract
socket.
- Use a single xdg-dbus-proxy process when sandbox is enabled.
- Fix high resolution video playback due to unimplemented changeType
operation.
- Ensure GSubprocess uses posix_spawn() again and inherit file
descriptors.
- Fix player stucking in buffering (paused) state for progressive
streaming.
- Do not try to preconnect on link click when link preconnect setting is
disabled.
- Fix close status code returned when the client closes a WebSocket in
some cases.
- Fix media player duration calculation.
- Fix several crashes and rendering issues.
Update to version 2.38.0:
- New media controls UI style.
- Add new API to set WebView's Content-Security-Policy for web
extensions support.
- Make it possible to use the remote inspector from other browsers using
WEBKIT_INSPECTOR_HTTP_SERVER env var.
- MediaSession is enabled by default, allowing remote media control
using MPRIS.
- Add support for PDF documents using PDF.js.
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-4285=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-4285=1
- SUSE Manager Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-4285=1
- SUSE Manager Retail Branch Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-4285=1
- SUSE Manager Proxy 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-4285=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-4285=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-4285=1
- SUSE Linux Enterprise Server 15-SP2-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-4285=1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP3:
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP3-2022-4285=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-4285=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-4285=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-4285=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2022-4285=1
Package List:
- openSUSE Leap 15.4 (noarch):
libwebkit2gtk3-lang-2.38.2-150200.54.2
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
libjavascriptcoregtk-4_0-18-2.38.2-150200.54.2
libjavascriptcoregtk-4_0-18-debuginfo-2.38.2-150200.54.2
libwebkit2gtk-4_0-37-2.38.2-150200.54.2
libwebkit2gtk-4_0-37-debuginfo-2.38.2-150200.54.2
typelib-1_0-JavaScriptCore-4_0-2.38.2-150200.54.2
typelib-1_0-WebKit2-4_0-2.38.2-150200.54.2
typelib-1_0-WebKit2WebExtension-4_0-2.38.2-150200.54.2
webkit-jsc-4-2.38.2-150200.54.2
webkit-jsc-4-debuginfo-2.38.2-150200.54.2
webkit2gtk-4_0-injected-bundles-2.38.2-150200.54.2
webkit2gtk-4_0-injected-bundles-debuginfo-2.38.2-150200.54.2
webkit2gtk3-debugsource-2.38.2-150200.54.2
webkit2gtk3-devel-2.38.2-150200.54.2
webkit2gtk3-minibrowser-2.38.2-150200.54.2
webkit2gtk3-minibrowser-debuginfo-2.38.2-150200.54.2
- openSUSE Leap 15.3 (x86_64):
libjavascriptcoregtk-4_0-18-32bit-2.38.2-150200.54.2
libjavascriptcoregtk-4_0-18-32bit-debuginfo-2.38.2-150200.54.2
libwebkit2gtk-4_0-37-32bit-2.38.2-150200.54.2
libwebkit2gtk-4_0-37-32bit-debuginfo-2.38.2-150200.54.2
- openSUSE Leap 15.3 (noarch):
libwebkit2gtk3-lang-2.38.2-150200.54.2
- SUSE Manager Server 4.1 (ppc64le s390x x86_64):
libjavascriptcoregtk-4_0-18-2.38.2-150200.54.2
libjavascriptcoregtk-4_0-18-debuginfo-2.38.2-150200.54.2
libwebkit2gtk-4_0-37-2.38.2-150200.54.2
libwebkit2gtk-4_0-37-debuginfo-2.38.2-150200.54.2
typelib-1_0-JavaScriptCore-4_0-2.38.2-150200.54.2
typelib-1_0-WebKit2-4_0-2.38.2-150200.54.2
typelib-1_0-WebKit2WebExtension-4_0-2.38.2-150200.54.2
webkit2gtk-4_0-injected-bundles-2.38.2-150200.54.2
webkit2gtk-4_0-injected-bundles-debuginfo-2.38.2-150200.54.2
webkit2gtk3-debugsource-2.38.2-150200.54.2
webkit2gtk3-devel-2.38.2-150200.54.2
- SUSE Manager Server 4.1 (noarch):
libwebkit2gtk3-lang-2.38.2-150200.54.2
- SUSE Manager Retail Branch Server 4.1 (noarch):
libwebkit2gtk3-lang-2.38.2-150200.54.2
- SUSE Manager Retail Branch Server 4.1 (x86_64):
libjavascriptcoregtk-4_0-18-2.38.2-150200.54.2
libjavascriptcoregtk-4_0-18-debuginfo-2.38.2-150200.54.2
libwebkit2gtk-4_0-37-2.38.2-150200.54.2
libwebkit2gtk-4_0-37-debuginfo-2.38.2-150200.54.2
typelib-1_0-JavaScriptCore-4_0-2.38.2-150200.54.2
typelib-1_0-WebKit2-4_0-2.38.2-150200.54.2
typelib-1_0-WebKit2WebExtension-4_0-2.38.2-150200.54.2
webkit2gtk-4_0-injected-bundles-2.38.2-150200.54.2
webkit2gtk-4_0-injected-bundles-debuginfo-2.38.2-150200.54.2
webkit2gtk3-debugsource-2.38.2-150200.54.2
webkit2gtk3-devel-2.38.2-150200.54.2
- SUSE Manager Proxy 4.1 (x86_64):
libjavascriptcoregtk-4_0-18-2.38.2-150200.54.2
libjavascriptcoregtk-4_0-18-debuginfo-2.38.2-150200.54.2
libwebkit2gtk-4_0-37-2.38.2-150200.54.2
libwebkit2gtk-4_0-37-debuginfo-2.38.2-150200.54.2
typelib-1_0-JavaScriptCore-4_0-2.38.2-150200.54.2
typelib-1_0-WebKit2-4_0-2.38.2-150200.54.2
typelib-1_0-WebKit2WebExtension-4_0-2.38.2-150200.54.2
webkit2gtk-4_0-injected-bundles-2.38.2-150200.54.2
webkit2gtk-4_0-injected-bundles-debuginfo-2.38.2-150200.54.2
webkit2gtk3-debugsource-2.38.2-150200.54.2
webkit2gtk3-devel-2.38.2-150200.54.2
- SUSE Manager Proxy 4.1 (noarch):
libwebkit2gtk3-lang-2.38.2-150200.54.2
- SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64):
libjavascriptcoregtk-4_0-18-2.38.2-150200.54.2
libjavascriptcoregtk-4_0-18-debuginfo-2.38.2-150200.54.2
libwebkit2gtk-4_0-37-2.38.2-150200.54.2
libwebkit2gtk-4_0-37-debuginfo-2.38.2-150200.54.2
typelib-1_0-JavaScriptCore-4_0-2.38.2-150200.54.2
typelib-1_0-WebKit2-4_0-2.38.2-150200.54.2
typelib-1_0-WebKit2WebExtension-4_0-2.38.2-150200.54.2
webkit2gtk-4_0-injected-bundles-2.38.2-150200.54.2
webkit2gtk-4_0-injected-bundles-debuginfo-2.38.2-150200.54.2
webkit2gtk3-debugsource-2.38.2-150200.54.2
webkit2gtk3-devel-2.38.2-150200.54.2
- SUSE Linux Enterprise Server for SAP 15-SP2 (noarch):
libwebkit2gtk3-lang-2.38.2-150200.54.2
- SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64):
libjavascriptcoregtk-4_0-18-2.38.2-150200.54.2
libjavascriptcoregtk-4_0-18-debuginfo-2.38.2-150200.54.2
libwebkit2gtk-4_0-37-2.38.2-150200.54.2
libwebkit2gtk-4_0-37-debuginfo-2.38.2-150200.54.2
typelib-1_0-JavaScriptCore-4_0-2.38.2-150200.54.2
typelib-1_0-WebKit2-4_0-2.38.2-150200.54.2
typelib-1_0-WebKit2WebExtension-4_0-2.38.2-150200.54.2
webkit2gtk-4_0-injected-bundles-2.38.2-150200.54.2
webkit2gtk-4_0-injected-bundles-debuginfo-2.38.2-150200.54.2
webkit2gtk3-debugsource-2.38.2-150200.54.2
webkit2gtk3-devel-2.38.2-150200.54.2
- SUSE Linux Enterprise Server 15-SP2-LTSS (noarch):
libwebkit2gtk3-lang-2.38.2-150200.54.2
- SUSE Linux Enterprise Server 15-SP2-BCL (noarch):
libwebkit2gtk3-lang-2.38.2-150200.54.2
- SUSE Linux Enterprise Server 15-SP2-BCL (x86_64):
libjavascriptcoregtk-4_0-18-2.38.2-150200.54.2
libjavascriptcoregtk-4_0-18-debuginfo-2.38.2-150200.54.2
libwebkit2gtk-4_0-37-2.38.2-150200.54.2
libwebkit2gtk-4_0-37-debuginfo-2.38.2-150200.54.2
typelib-1_0-JavaScriptCore-4_0-2.38.2-150200.54.2
typelib-1_0-WebKit2-4_0-2.38.2-150200.54.2
typelib-1_0-WebKit2WebExtension-4_0-2.38.2-150200.54.2
webkit2gtk-4_0-injected-bundles-2.38.2-150200.54.2
webkit2gtk-4_0-injected-bundles-debuginfo-2.38.2-150200.54.2
webkit2gtk3-debugsource-2.38.2-150200.54.2
webkit2gtk3-devel-2.38.2-150200.54.2
- SUSE Linux Enterprise Module for Desktop Applications 15-SP3 (aarch64 ppc64le s390x x86_64):
typelib-1_0-JavaScriptCore-4_0-2.38.2-150200.54.2
typelib-1_0-WebKit2-4_0-2.38.2-150200.54.2
typelib-1_0-WebKit2WebExtension-4_0-2.38.2-150200.54.2
webkit2gtk3-debugsource-2.38.2-150200.54.2
webkit2gtk3-devel-2.38.2-150200.54.2
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64):
libjavascriptcoregtk-4_0-18-2.38.2-150200.54.2
libjavascriptcoregtk-4_0-18-debuginfo-2.38.2-150200.54.2
libwebkit2gtk-4_0-37-2.38.2-150200.54.2
libwebkit2gtk-4_0-37-debuginfo-2.38.2-150200.54.2
webkit2gtk-4_0-injected-bundles-2.38.2-150200.54.2
webkit2gtk-4_0-injected-bundles-debuginfo-2.38.2-150200.54.2
webkit2gtk3-debugsource-2.38.2-150200.54.2
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (noarch):
libwebkit2gtk3-lang-2.38.2-150200.54.2
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64):
libjavascriptcoregtk-4_0-18-2.38.2-150200.54.2
libjavascriptcoregtk-4_0-18-debuginfo-2.38.2-150200.54.2
libwebkit2gtk-4_0-37-2.38.2-150200.54.2
libwebkit2gtk-4_0-37-debuginfo-2.38.2-150200.54.2
typelib-1_0-JavaScriptCore-4_0-2.38.2-150200.54.2
typelib-1_0-WebKit2-4_0-2.38.2-150200.54.2
typelib-1_0-WebKit2WebExtension-4_0-2.38.2-150200.54.2
webkit2gtk-4_0-injected-bundles-2.38.2-150200.54.2
webkit2gtk-4_0-injected-bundles-debuginfo-2.38.2-150200.54.2
webkit2gtk3-debugsource-2.38.2-150200.54.2
webkit2gtk3-devel-2.38.2-150200.54.2
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (noarch):
libwebkit2gtk3-lang-2.38.2-150200.54.2
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (aarch64 x86_64):
libjavascriptcoregtk-4_0-18-2.38.2-150200.54.2
libjavascriptcoregtk-4_0-18-debuginfo-2.38.2-150200.54.2
libwebkit2gtk-4_0-37-2.38.2-150200.54.2
libwebkit2gtk-4_0-37-debuginfo-2.38.2-150200.54.2
typelib-1_0-JavaScriptCore-4_0-2.38.2-150200.54.2
typelib-1_0-WebKit2-4_0-2.38.2-150200.54.2
typelib-1_0-WebKit2WebExtension-4_0-2.38.2-150200.54.2
webkit2gtk-4_0-injected-bundles-2.38.2-150200.54.2
webkit2gtk-4_0-injected-bundles-debuginfo-2.38.2-150200.54.2
webkit2gtk3-debugsource-2.38.2-150200.54.2
webkit2gtk3-devel-2.38.2-150200.54.2
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (noarch):
libwebkit2gtk3-lang-2.38.2-150200.54.2
- SUSE Enterprise Storage 7 (aarch64 x86_64):
libjavascriptcoregtk-4_0-18-2.38.2-150200.54.2
libjavascriptcoregtk-4_0-18-debuginfo-2.38.2-150200.54.2
libwebkit2gtk-4_0-37-2.38.2-150200.54.2
libwebkit2gtk-4_0-37-debuginfo-2.38.2-150200.54.2
typelib-1_0-JavaScriptCore-4_0-2.38.2-150200.54.2
typelib-1_0-WebKit2-4_0-2.38.2-150200.54.2
typelib-1_0-WebKit2WebExtension-4_0-2.38.2-150200.54.2
webkit2gtk-4_0-injected-bundles-2.38.2-150200.54.2
webkit2gtk-4_0-injected-bundles-debuginfo-2.38.2-150200.54.2
webkit2gtk3-debugsource-2.38.2-150200.54.2
webkit2gtk3-devel-2.38.2-150200.54.2
- SUSE Enterprise Storage 7 (noarch):
libwebkit2gtk3-lang-2.38.2-150200.54.2
References:
https://www.suse.com/security/cve/CVE-2022-32888.html
https://www.suse.com/security/cve/CVE-2022-32923.html
https://www.suse.com/security/cve/CVE-2022-42799.html
https://www.suse.com/security/cve/CVE-2022-42823.html
https://www.suse.com/security/cve/CVE-2022-42824.html
https://bugzilla.suse.com/1205120
https://bugzilla.suse.com/1205121
https://bugzilla.suse.com/1205122
https://bugzilla.suse.com/1205123
https://bugzilla.suse.com/1205124
1
0
SUSE-SU-2022:4292-1: moderate: Security update for freerdp
by opensuse-security@opensuse.org 29 Nov '22
by opensuse-security@opensuse.org 29 Nov '22
29 Nov '22
SUSE Security Update: Security update for freerdp
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:4292-1
Rating: moderate
References: #1205563 #1205564
Cross-References: CVE-2022-39318 CVE-2022-39319
CVSS scores:
CVE-2022-39318 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-39318 (SUSE): 4.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H
CVE-2022-39319 (NVD) : 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
CVE-2022-39319 (SUSE): 6.1 CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:H
Affected Products:
SUSE Enterprise Storage 7.1
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Workstation Extension 15-SP3
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.3
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for freerdp fixes the following issues:
- CVE-2022-39318: Fixed division by zero in urbdrc (bsc#1205563).
- CVE-2022-39319: Fixed missing input buffer length check in urbdrc
(bsc#1205564).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-4292=1
- SUSE Linux Enterprise Workstation Extension 15-SP3:
zypper in -t patch SUSE-SLE-Product-WE-15-SP3-2022-4292=1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3:
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP3-2022-4292=1
Package List:
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
freerdp-2.1.2-150200.15.24.1
freerdp-debuginfo-2.1.2-150200.15.24.1
freerdp-debugsource-2.1.2-150200.15.24.1
freerdp-devel-2.1.2-150200.15.24.1
freerdp-proxy-2.1.2-150200.15.24.1
freerdp-proxy-debuginfo-2.1.2-150200.15.24.1
freerdp-server-2.1.2-150200.15.24.1
freerdp-server-debuginfo-2.1.2-150200.15.24.1
freerdp-wayland-2.1.2-150200.15.24.1
freerdp-wayland-debuginfo-2.1.2-150200.15.24.1
libfreerdp2-2.1.2-150200.15.24.1
libfreerdp2-debuginfo-2.1.2-150200.15.24.1
libuwac0-0-2.1.2-150200.15.24.1
libuwac0-0-debuginfo-2.1.2-150200.15.24.1
libwinpr2-2.1.2-150200.15.24.1
libwinpr2-debuginfo-2.1.2-150200.15.24.1
uwac0-0-devel-2.1.2-150200.15.24.1
winpr2-devel-2.1.2-150200.15.24.1
- SUSE Linux Enterprise Workstation Extension 15-SP3 (x86_64):
freerdp-2.1.2-150200.15.24.1
freerdp-debuginfo-2.1.2-150200.15.24.1
freerdp-debugsource-2.1.2-150200.15.24.1
freerdp-devel-2.1.2-150200.15.24.1
freerdp-proxy-2.1.2-150200.15.24.1
freerdp-proxy-debuginfo-2.1.2-150200.15.24.1
libfreerdp2-2.1.2-150200.15.24.1
libfreerdp2-debuginfo-2.1.2-150200.15.24.1
libwinpr2-2.1.2-150200.15.24.1
libwinpr2-debuginfo-2.1.2-150200.15.24.1
winpr2-devel-2.1.2-150200.15.24.1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3 (aarch64 ppc64le s390x):
freerdp-2.1.2-150200.15.24.1
freerdp-debuginfo-2.1.2-150200.15.24.1
freerdp-debugsource-2.1.2-150200.15.24.1
freerdp-devel-2.1.2-150200.15.24.1
freerdp-proxy-2.1.2-150200.15.24.1
freerdp-proxy-debuginfo-2.1.2-150200.15.24.1
libfreerdp2-2.1.2-150200.15.24.1
libfreerdp2-debuginfo-2.1.2-150200.15.24.1
libwinpr2-2.1.2-150200.15.24.1
libwinpr2-debuginfo-2.1.2-150200.15.24.1
winpr2-devel-2.1.2-150200.15.24.1
References:
https://www.suse.com/security/cve/CVE-2022-39318.html
https://www.suse.com/security/cve/CVE-2022-39319.html
https://bugzilla.suse.com/1205563
https://bugzilla.suse.com/1205564
1
0
SUSE-RU-2022:4291-1: moderate: Recommended update for busybox-links
by maintenance@opensuse.org 29 Nov '22
by maintenance@opensuse.org 29 Nov '22
29 Nov '22
SUSE Recommended Update: Recommended update for busybox-links
______________________________________________________________________________
Announcement ID: SUSE-RU-2022:4291-1
Rating: moderate
References:
Affected Products:
openSUSE Leap 15.4
______________________________________________________________________________
An update that has 0 recommended fixes can now be installed.
Description:
This update rebuilds busybox-links to match the current busybox version.
Patch Instructions:
To install this SUSE Recommended Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-4291=1
Package List:
- openSUSE Leap 15.4 (noarch):
busybox-adduser-1.35.0-150400.4.2.1
busybox-attr-1.35.0-150400.4.2.1
busybox-bc-1.35.0-150400.4.2.1
busybox-bind-utils-1.35.0-150400.4.2.1
busybox-bzip2-1.35.0-150400.4.2.1
busybox-coreutils-1.35.0-150400.4.2.1
busybox-cpio-1.35.0-150400.4.2.1
busybox-diffutils-1.35.0-150400.4.2.1
busybox-dos2unix-1.35.0-150400.4.2.1
busybox-ed-1.35.0-150400.4.2.1
busybox-findutils-1.35.0-150400.4.2.1
busybox-gawk-1.35.0-150400.4.2.1
busybox-grep-1.35.0-150400.4.2.1
busybox-gzip-1.35.0-150400.4.2.1
busybox-hostname-1.35.0-150400.4.2.1
busybox-iproute2-1.35.0-150400.4.2.1
busybox-iputils-1.35.0-150400.4.2.1
busybox-kbd-1.35.0-150400.4.2.1
busybox-kmod-1.35.0-150400.4.2.1
busybox-less-1.35.0-150400.4.2.1
busybox-links-1.35.0-150400.4.2.1
busybox-man-1.35.0-150400.4.2.1
busybox-misc-1.35.0-150400.4.2.1
busybox-ncurses-utils-1.35.0-150400.4.2.1
busybox-net-tools-1.35.0-150400.4.2.1
busybox-netcat-1.35.0-150400.4.2.1
busybox-patch-1.35.0-150400.4.2.1
busybox-policycoreutils-1.35.0-150400.4.2.1
busybox-procps-1.35.0-150400.4.2.1
busybox-psmisc-1.35.0-150400.4.2.1
busybox-sed-1.35.0-150400.4.2.1
busybox-selinux-tools-1.35.0-150400.4.2.1
busybox-sendmail-1.35.0-150400.4.2.1
busybox-sh-1.35.0-150400.4.2.1
busybox-sharutils-1.35.0-150400.4.2.1
busybox-syslogd-1.35.0-150400.4.2.1
busybox-sysvinit-tools-1.35.0-150400.4.2.1
busybox-tar-1.35.0-150400.4.2.1
busybox-telnet-1.35.0-150400.4.2.1
busybox-tftp-1.35.0-150400.4.2.1
busybox-time-1.35.0-150400.4.2.1
busybox-traceroute-1.35.0-150400.4.2.1
busybox-tunctl-1.35.0-150400.4.2.1
busybox-unzip-1.35.0-150400.4.2.1
busybox-util-linux-1.35.0-150400.4.2.1
busybox-vi-1.35.0-150400.4.2.1
busybox-vlan-1.35.0-150400.4.2.1
busybox-wget-1.35.0-150400.4.2.1
busybox-which-1.35.0-150400.4.2.1
busybox-whois-1.35.0-150400.4.2.1
busybox-xz-1.35.0-150400.4.2.1
References:
1
0
SUSE-SU-2022:4282-1: important: Security update for vim
by opensuse-security@opensuse.org 29 Nov '22
by opensuse-security@opensuse.org 29 Nov '22
29 Nov '22
SUSE Security Update: Security update for vim
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:4282-1
Rating: important
References: #1192478 #1202962 #1203110 #1203152 #1203155
#1203194 #1203272 #1203508 #1203509 #1203796
#1203797 #1203799 #1203820 #1203924 #1204779
Cross-References: CVE-2021-3928 CVE-2022-2980 CVE-2022-2982
CVE-2022-3037 CVE-2022-3099 CVE-2022-3134
CVE-2022-3153 CVE-2022-3234 CVE-2022-3235
CVE-2022-3278 CVE-2022-3296 CVE-2022-3297
CVE-2022-3324 CVE-2022-3352 CVE-2022-3705
CVSS scores:
CVE-2021-3928 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2021-3928 (SUSE): 6.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:L
CVE-2022-2980 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2022-2980 (SUSE): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
CVE-2022-2982 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-2982 (SUSE): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
CVE-2022-3037 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-3037 (SUSE): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
CVE-2022-3099 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-3099 (SUSE): 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
CVE-2022-3134 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-3134 (SUSE): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
CVE-2022-3153 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2022-3153 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2022-3234 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-3235 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-3235 (SUSE): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
CVE-2022-3278 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2022-3278 (SUSE): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
CVE-2022-3296 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-3296 (SUSE): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
CVE-2022-3297 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-3297 (SUSE): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
CVE-2022-3324 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-3324 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-3352 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-3352 (SUSE): 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
CVE-2022-3705 (NVD) : 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-3705 (SUSE): 5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L
Affected Products:
SUSE CaaS Platform 4.0
SUSE Enterprise Storage 6
SUSE Enterprise Storage 7
SUSE Enterprise Storage 7.1
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-ESPOS
SUSE Linux Enterprise High Performance Computing 15-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Micro 5.1
SUSE Linux Enterprise Micro 5.2
SUSE Linux Enterprise Micro 5.3
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Module for Desktop Applications 15-SP3
SUSE Linux Enterprise Module for Desktop Applications 15-SP4
SUSE Linux Enterprise Server 15-LTSS
SUSE Linux Enterprise Server 15-SP1-BCL
SUSE Linux Enterprise Server 15-SP1-LTSS
SUSE Linux Enterprise Server 15-SP2-BCL
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP 15
SUSE Linux Enterprise Server for SAP 15-SP1
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.1
SUSE Manager Retail Branch Server 4.2
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.1
SUSE Manager Server 4.2
SUSE Manager Server 4.3
openSUSE Leap 15.3
openSUSE Leap 15.4
openSUSE Leap Micro 5.2
openSUSE Leap Micro 5.3
______________________________________________________________________________
An update that fixes 15 vulnerabilities is now available.
Description:
This update for vim fixes the following issues:
Updated to version 9.0 with patch level 0814:
- CVE-2021-3928: Fixed stack-based buffer overflow (bsc#1192478).
- CVE-2022-3234: Fixed heap-based buffer overflow (bsc#1203508).
- CVE-2022-3235: Fixed use-after-free (bsc#1203509).
- CVE-2022-3324: Fixed stack-based buffer overflow (bsc#1203820).
- CVE-2022-3705: Fixed use-after-free in function qf_update_buffer of the
file quickfix.c (bsc#1204779).
- CVE-2022-2982: Fixed use-after-free in qf_fill_buffer() (bsc#1203152).
- CVE-2022-3296: Fixed stack out of bounds read in ex_finally() in
ex_eval.c (bsc#1203796).
- CVE-2022-3297: Fixed use-after-free in process_next_cpt_value() at
insexpand.c (bsc#1203797).
- CVE-2022-3099: Fixed use-after-free in ex_docmd.c (bsc#1203110).
- CVE-2022-3134: Fixed use-after-free in do_tag() (bsc#1203194).
- CVE-2022-3153: Fixed NULL pointer dereference (bsc#1203272).
- CVE-2022-3278: Fixed NULL pointer dereference in eval_next_non_blank()
in eval.c (bsc#1203799).
- CVE-2022-3352: Fixed use-after-free (bsc#1203924).
- CVE-2022-2980: Fixed NULL pointer dereference in do_mouse()
(bsc#1203155).
- CVE-2022-3037: Fixed use-after-free (bsc#1202962).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap Micro 5.3:
zypper in -t patch openSUSE-Leap-Micro-5.3-2022-4282=1
- openSUSE Leap Micro 5.2:
zypper in -t patch openSUSE-Leap-Micro-5.2-2022-4282=1
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-4282=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-4282=1
- SUSE Manager Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-4282=1
- SUSE Manager Retail Branch Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-4282=1
- SUSE Manager Proxy 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-4282=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-4282=1
- SUSE Linux Enterprise Server for SAP 15-SP1:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2022-4282=1
- SUSE Linux Enterprise Server for SAP 15:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-2022-4282=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-4282=1
- SUSE Linux Enterprise Server 15-SP2-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-4282=1
- SUSE Linux Enterprise Server 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2022-4282=1
- SUSE Linux Enterprise Server 15-SP1-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-BCL-2022-4282=1
- SUSE Linux Enterprise Server 15-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-2022-4282=1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP4:
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP4-2022-4282=1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP3:
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP3-2022-4282=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-4282=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-4282=1
- SUSE Linux Enterprise Micro 5.3:
zypper in -t patch SUSE-SLE-Micro-5.3-2022-4282=1
- SUSE Linux Enterprise Micro 5.2:
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2022-4282=1
- SUSE Linux Enterprise Micro 5.1:
zypper in -t patch SUSE-SUSE-MicroOS-5.1-2022-4282=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-4282=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-4282=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-LTSS-2022-4282=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-ESPOS-2022-4282=1
- SUSE Linux Enterprise High Performance Computing 15-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-2022-4282=1
- SUSE Linux Enterprise High Performance Computing 15-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-2022-4282=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2022-4282=1
- SUSE Enterprise Storage 6:
zypper in -t patch SUSE-Storage-6-2022-4282=1
- SUSE CaaS Platform 4.0:
To install this update, use the SUSE CaaS Platform 'skuba' tool. It
will inform you if it detects new updates and let you then trigger
updating of the complete cluster in a controlled way.
Package List:
- openSUSE Leap Micro 5.3 (aarch64 x86_64):
vim-debuginfo-9.0.0814-150000.5.28.1
vim-debugsource-9.0.0814-150000.5.28.1
vim-small-9.0.0814-150000.5.28.1
vim-small-debuginfo-9.0.0814-150000.5.28.1
- openSUSE Leap Micro 5.3 (noarch):
vim-data-common-9.0.0814-150000.5.28.1
- openSUSE Leap Micro 5.2 (aarch64 x86_64):
vim-debuginfo-9.0.0814-150000.5.28.1
vim-debugsource-9.0.0814-150000.5.28.1
vim-small-9.0.0814-150000.5.28.1
vim-small-debuginfo-9.0.0814-150000.5.28.1
- openSUSE Leap Micro 5.2 (noarch):
vim-data-common-9.0.0814-150000.5.28.1
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
gvim-9.0.0814-150000.5.28.1
gvim-debuginfo-9.0.0814-150000.5.28.1
vim-9.0.0814-150000.5.28.1
vim-debuginfo-9.0.0814-150000.5.28.1
vim-debugsource-9.0.0814-150000.5.28.1
vim-small-9.0.0814-150000.5.28.1
vim-small-debuginfo-9.0.0814-150000.5.28.1
- openSUSE Leap 15.4 (noarch):
vim-data-9.0.0814-150000.5.28.1
vim-data-common-9.0.0814-150000.5.28.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
gvim-9.0.0814-150000.5.28.1
gvim-debuginfo-9.0.0814-150000.5.28.1
vim-9.0.0814-150000.5.28.1
vim-debuginfo-9.0.0814-150000.5.28.1
vim-debugsource-9.0.0814-150000.5.28.1
vim-small-9.0.0814-150000.5.28.1
vim-small-debuginfo-9.0.0814-150000.5.28.1
- openSUSE Leap 15.3 (noarch):
vim-data-9.0.0814-150000.5.28.1
vim-data-common-9.0.0814-150000.5.28.1
- SUSE Manager Server 4.1 (ppc64le s390x x86_64):
gvim-9.0.0814-150000.5.28.1
gvim-debuginfo-9.0.0814-150000.5.28.1
vim-9.0.0814-150000.5.28.1
vim-debuginfo-9.0.0814-150000.5.28.1
vim-debugsource-9.0.0814-150000.5.28.1
- SUSE Manager Server 4.1 (noarch):
vim-data-9.0.0814-150000.5.28.1
vim-data-common-9.0.0814-150000.5.28.1
- SUSE Manager Retail Branch Server 4.1 (x86_64):
gvim-9.0.0814-150000.5.28.1
gvim-debuginfo-9.0.0814-150000.5.28.1
vim-9.0.0814-150000.5.28.1
vim-debuginfo-9.0.0814-150000.5.28.1
vim-debugsource-9.0.0814-150000.5.28.1
- SUSE Manager Retail Branch Server 4.1 (noarch):
vim-data-9.0.0814-150000.5.28.1
vim-data-common-9.0.0814-150000.5.28.1
- SUSE Manager Proxy 4.1 (x86_64):
gvim-9.0.0814-150000.5.28.1
gvim-debuginfo-9.0.0814-150000.5.28.1
vim-9.0.0814-150000.5.28.1
vim-debuginfo-9.0.0814-150000.5.28.1
vim-debugsource-9.0.0814-150000.5.28.1
- SUSE Manager Proxy 4.1 (noarch):
vim-data-9.0.0814-150000.5.28.1
vim-data-common-9.0.0814-150000.5.28.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64):
gvim-9.0.0814-150000.5.28.1
gvim-debuginfo-9.0.0814-150000.5.28.1
vim-9.0.0814-150000.5.28.1
vim-debuginfo-9.0.0814-150000.5.28.1
vim-debugsource-9.0.0814-150000.5.28.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (noarch):
vim-data-9.0.0814-150000.5.28.1
vim-data-common-9.0.0814-150000.5.28.1
- SUSE Linux Enterprise Server for SAP 15-SP1 (ppc64le x86_64):
gvim-9.0.0814-150000.5.28.1
gvim-debuginfo-9.0.0814-150000.5.28.1
vim-9.0.0814-150000.5.28.1
vim-debuginfo-9.0.0814-150000.5.28.1
vim-debugsource-9.0.0814-150000.5.28.1
- SUSE Linux Enterprise Server for SAP 15-SP1 (noarch):
vim-data-9.0.0814-150000.5.28.1
vim-data-common-9.0.0814-150000.5.28.1
- SUSE Linux Enterprise Server for SAP 15 (ppc64le x86_64):
gvim-9.0.0814-150000.5.28.1
gvim-debuginfo-9.0.0814-150000.5.28.1
vim-9.0.0814-150000.5.28.1
vim-debuginfo-9.0.0814-150000.5.28.1
vim-debugsource-9.0.0814-150000.5.28.1
- SUSE Linux Enterprise Server for SAP 15 (noarch):
vim-data-9.0.0814-150000.5.28.1
vim-data-common-9.0.0814-150000.5.28.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64):
gvim-9.0.0814-150000.5.28.1
gvim-debuginfo-9.0.0814-150000.5.28.1
vim-9.0.0814-150000.5.28.1
vim-debuginfo-9.0.0814-150000.5.28.1
vim-debugsource-9.0.0814-150000.5.28.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (noarch):
vim-data-9.0.0814-150000.5.28.1
vim-data-common-9.0.0814-150000.5.28.1
- SUSE Linux Enterprise Server 15-SP2-BCL (x86_64):
gvim-9.0.0814-150000.5.28.1
gvim-debuginfo-9.0.0814-150000.5.28.1
vim-9.0.0814-150000.5.28.1
vim-debuginfo-9.0.0814-150000.5.28.1
vim-debugsource-9.0.0814-150000.5.28.1
- SUSE Linux Enterprise Server 15-SP2-BCL (noarch):
vim-data-9.0.0814-150000.5.28.1
vim-data-common-9.0.0814-150000.5.28.1
- SUSE Linux Enterprise Server 15-SP1-LTSS (aarch64 ppc64le s390x x86_64):
gvim-9.0.0814-150000.5.28.1
gvim-debuginfo-9.0.0814-150000.5.28.1
vim-9.0.0814-150000.5.28.1
vim-debuginfo-9.0.0814-150000.5.28.1
vim-debugsource-9.0.0814-150000.5.28.1
- SUSE Linux Enterprise Server 15-SP1-LTSS (noarch):
vim-data-9.0.0814-150000.5.28.1
vim-data-common-9.0.0814-150000.5.28.1
- SUSE Linux Enterprise Server 15-SP1-BCL (x86_64):
gvim-9.0.0814-150000.5.28.1
gvim-debuginfo-9.0.0814-150000.5.28.1
vim-9.0.0814-150000.5.28.1
vim-debuginfo-9.0.0814-150000.5.28.1
vim-debugsource-9.0.0814-150000.5.28.1
- SUSE Linux Enterprise Server 15-SP1-BCL (noarch):
vim-data-9.0.0814-150000.5.28.1
vim-data-common-9.0.0814-150000.5.28.1
- SUSE Linux Enterprise Server 15-LTSS (aarch64 s390x):
gvim-9.0.0814-150000.5.28.1
gvim-debuginfo-9.0.0814-150000.5.28.1
vim-9.0.0814-150000.5.28.1
vim-debuginfo-9.0.0814-150000.5.28.1
vim-debugsource-9.0.0814-150000.5.28.1
- SUSE Linux Enterprise Server 15-LTSS (noarch):
vim-data-9.0.0814-150000.5.28.1
vim-data-common-9.0.0814-150000.5.28.1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP4 (aarch64 ppc64le s390x x86_64):
gvim-9.0.0814-150000.5.28.1
gvim-debuginfo-9.0.0814-150000.5.28.1
vim-debuginfo-9.0.0814-150000.5.28.1
vim-debugsource-9.0.0814-150000.5.28.1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP3 (aarch64 ppc64le s390x x86_64):
gvim-9.0.0814-150000.5.28.1
gvim-debuginfo-9.0.0814-150000.5.28.1
vim-debuginfo-9.0.0814-150000.5.28.1
vim-debugsource-9.0.0814-150000.5.28.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64 ppc64le s390x x86_64):
vim-9.0.0814-150000.5.28.1
vim-debuginfo-9.0.0814-150000.5.28.1
vim-debugsource-9.0.0814-150000.5.28.1
vim-small-9.0.0814-150000.5.28.1
vim-small-debuginfo-9.0.0814-150000.5.28.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (noarch):
vim-data-9.0.0814-150000.5.28.1
vim-data-common-9.0.0814-150000.5.28.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64):
vim-9.0.0814-150000.5.28.1
vim-debuginfo-9.0.0814-150000.5.28.1
vim-debugsource-9.0.0814-150000.5.28.1
vim-small-9.0.0814-150000.5.28.1
vim-small-debuginfo-9.0.0814-150000.5.28.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (noarch):
vim-data-9.0.0814-150000.5.28.1
vim-data-common-9.0.0814-150000.5.28.1
- SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64):
vim-debuginfo-9.0.0814-150000.5.28.1
vim-debugsource-9.0.0814-150000.5.28.1
vim-small-9.0.0814-150000.5.28.1
vim-small-debuginfo-9.0.0814-150000.5.28.1
- SUSE Linux Enterprise Micro 5.3 (noarch):
vim-data-common-9.0.0814-150000.5.28.1
- SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64):
vim-debuginfo-9.0.0814-150000.5.28.1
vim-debugsource-9.0.0814-150000.5.28.1
vim-small-9.0.0814-150000.5.28.1
vim-small-debuginfo-9.0.0814-150000.5.28.1
- SUSE Linux Enterprise Micro 5.2 (noarch):
vim-data-common-9.0.0814-150000.5.28.1
- SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64):
vim-debuginfo-9.0.0814-150000.5.28.1
vim-debugsource-9.0.0814-150000.5.28.1
vim-small-9.0.0814-150000.5.28.1
vim-small-debuginfo-9.0.0814-150000.5.28.1
- SUSE Linux Enterprise Micro 5.1 (noarch):
vim-data-common-9.0.0814-150000.5.28.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64):
gvim-9.0.0814-150000.5.28.1
gvim-debuginfo-9.0.0814-150000.5.28.1
vim-9.0.0814-150000.5.28.1
vim-debuginfo-9.0.0814-150000.5.28.1
vim-debugsource-9.0.0814-150000.5.28.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (noarch):
vim-data-9.0.0814-150000.5.28.1
vim-data-common-9.0.0814-150000.5.28.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (aarch64 x86_64):
gvim-9.0.0814-150000.5.28.1
gvim-debuginfo-9.0.0814-150000.5.28.1
vim-9.0.0814-150000.5.28.1
vim-debuginfo-9.0.0814-150000.5.28.1
vim-debugsource-9.0.0814-150000.5.28.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (noarch):
vim-data-9.0.0814-150000.5.28.1
vim-data-common-9.0.0814-150000.5.28.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (aarch64 x86_64):
gvim-9.0.0814-150000.5.28.1
gvim-debuginfo-9.0.0814-150000.5.28.1
vim-9.0.0814-150000.5.28.1
vim-debuginfo-9.0.0814-150000.5.28.1
vim-debugsource-9.0.0814-150000.5.28.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (noarch):
vim-data-9.0.0814-150000.5.28.1
vim-data-common-9.0.0814-150000.5.28.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (aarch64 x86_64):
gvim-9.0.0814-150000.5.28.1
gvim-debuginfo-9.0.0814-150000.5.28.1
vim-9.0.0814-150000.5.28.1
vim-debuginfo-9.0.0814-150000.5.28.1
vim-debugsource-9.0.0814-150000.5.28.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (noarch):
vim-data-9.0.0814-150000.5.28.1
vim-data-common-9.0.0814-150000.5.28.1
- SUSE Linux Enterprise High Performance Computing 15-LTSS (aarch64 x86_64):
gvim-9.0.0814-150000.5.28.1
gvim-debuginfo-9.0.0814-150000.5.28.1
vim-9.0.0814-150000.5.28.1
vim-debuginfo-9.0.0814-150000.5.28.1
vim-debugsource-9.0.0814-150000.5.28.1
- SUSE Linux Enterprise High Performance Computing 15-LTSS (noarch):
vim-data-9.0.0814-150000.5.28.1
vim-data-common-9.0.0814-150000.5.28.1
- SUSE Linux Enterprise High Performance Computing 15-ESPOS (aarch64 x86_64):
gvim-9.0.0814-150000.5.28.1
gvim-debuginfo-9.0.0814-150000.5.28.1
vim-9.0.0814-150000.5.28.1
vim-debuginfo-9.0.0814-150000.5.28.1
vim-debugsource-9.0.0814-150000.5.28.1
- SUSE Linux Enterprise High Performance Computing 15-ESPOS (noarch):
vim-data-9.0.0814-150000.5.28.1
vim-data-common-9.0.0814-150000.5.28.1
- SUSE Enterprise Storage 7 (aarch64 x86_64):
gvim-9.0.0814-150000.5.28.1
gvim-debuginfo-9.0.0814-150000.5.28.1
vim-9.0.0814-150000.5.28.1
vim-debuginfo-9.0.0814-150000.5.28.1
vim-debugsource-9.0.0814-150000.5.28.1
- SUSE Enterprise Storage 7 (noarch):
vim-data-9.0.0814-150000.5.28.1
vim-data-common-9.0.0814-150000.5.28.1
- SUSE Enterprise Storage 6 (aarch64 x86_64):
gvim-9.0.0814-150000.5.28.1
gvim-debuginfo-9.0.0814-150000.5.28.1
vim-9.0.0814-150000.5.28.1
vim-debuginfo-9.0.0814-150000.5.28.1
vim-debugsource-9.0.0814-150000.5.28.1
- SUSE Enterprise Storage 6 (noarch):
vim-data-9.0.0814-150000.5.28.1
vim-data-common-9.0.0814-150000.5.28.1
- SUSE CaaS Platform 4.0 (x86_64):
gvim-9.0.0814-150000.5.28.1
gvim-debuginfo-9.0.0814-150000.5.28.1
vim-9.0.0814-150000.5.28.1
vim-debuginfo-9.0.0814-150000.5.28.1
vim-debugsource-9.0.0814-150000.5.28.1
- SUSE CaaS Platform 4.0 (noarch):
vim-data-9.0.0814-150000.5.28.1
vim-data-common-9.0.0814-150000.5.28.1
References:
https://www.suse.com/security/cve/CVE-2021-3928.html
https://www.suse.com/security/cve/CVE-2022-2980.html
https://www.suse.com/security/cve/CVE-2022-2982.html
https://www.suse.com/security/cve/CVE-2022-3037.html
https://www.suse.com/security/cve/CVE-2022-3099.html
https://www.suse.com/security/cve/CVE-2022-3134.html
https://www.suse.com/security/cve/CVE-2022-3153.html
https://www.suse.com/security/cve/CVE-2022-3234.html
https://www.suse.com/security/cve/CVE-2022-3235.html
https://www.suse.com/security/cve/CVE-2022-3278.html
https://www.suse.com/security/cve/CVE-2022-3296.html
https://www.suse.com/security/cve/CVE-2022-3297.html
https://www.suse.com/security/cve/CVE-2022-3324.html
https://www.suse.com/security/cve/CVE-2022-3352.html
https://www.suse.com/security/cve/CVE-2022-3705.html
https://bugzilla.suse.com/1192478
https://bugzilla.suse.com/1202962
https://bugzilla.suse.com/1203110
https://bugzilla.suse.com/1203152
https://bugzilla.suse.com/1203155
https://bugzilla.suse.com/1203194
https://bugzilla.suse.com/1203272
https://bugzilla.suse.com/1203508
https://bugzilla.suse.com/1203509
https://bugzilla.suse.com/1203796
https://bugzilla.suse.com/1203797
https://bugzilla.suse.com/1203799
https://bugzilla.suse.com/1203820
https://bugzilla.suse.com/1203924
https://bugzilla.suse.com/1204779
1
0
SUSE-SU-2022:4281-1: important: Security update for python3
by opensuse-security@opensuse.org 29 Nov '22
by opensuse-security@opensuse.org 29 Nov '22
29 Nov '22
SUSE Security Update: Security update for python3
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:4281-1
Rating: important
References: #1188607 #1203125 #1204577
Cross-References: CVE-2019-18348 CVE-2020-10735 CVE-2020-8492
CVE-2022-37454
CVSS scores:
CVE-2019-18348 (NVD) : 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
CVE-2019-18348 (SUSE): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
CVE-2020-10735 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2020-10735 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2020-8492 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2020-8492 (SUSE): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2022-37454 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-37454 (SUSE): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products:
SUSE Enterprise Storage 7.1
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Micro 5.2
SUSE Linux Enterprise Micro 5.3
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Module for Development Tools 15-SP3
SUSE Linux Enterprise Module for Development Tools 15-SP4
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.2
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.2
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.2
SUSE Manager Server 4.3
openSUSE Leap 15.3
openSUSE Leap 15.4
openSUSE Leap Micro 5.2
openSUSE Leap Micro 5.3
______________________________________________________________________________
An update that fixes four vulnerabilities is now available.
Description:
This update for python3 fixes the following issues:
- CVE-2022-37454: Fixed a buffer overflow in hashlib.sha3_*
implementations. (bsc#1204577)
- CVE-2020-10735: Fixed a bug to limit amount of digits converting text to
int and vice vera. (bsc#1203125)
The following non-security bug was fixed:
- Fixed a crash in the garbage collection (bsc#1188607).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap Micro 5.3:
zypper in -t patch openSUSE-Leap-Micro-5.3-2022-4281=1
- openSUSE Leap Micro 5.2:
zypper in -t patch openSUSE-Leap-Micro-5.2-2022-4281=1
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-4281=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-4281=1
- SUSE Linux Enterprise Module for Development Tools 15-SP4:
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP4-2022-4281=1
- SUSE Linux Enterprise Module for Development Tools 15-SP3:
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP3-2022-4281=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-4281=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-4281=1
- SUSE Linux Enterprise Micro 5.3:
zypper in -t patch SUSE-SLE-Micro-5.3-2022-4281=1
- SUSE Linux Enterprise Micro 5.2:
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2022-4281=1
Package List:
- openSUSE Leap Micro 5.3 (aarch64 x86_64):
libpython3_6m1_0-3.6.15-150300.10.37.2
libpython3_6m1_0-debuginfo-3.6.15-150300.10.37.2
python3-3.6.15-150300.10.37.2
python3-base-3.6.15-150300.10.37.2
python3-base-debuginfo-3.6.15-150300.10.37.2
python3-core-debugsource-3.6.15-150300.10.37.2
python3-debuginfo-3.6.15-150300.10.37.2
python3-debugsource-3.6.15-150300.10.37.2
- openSUSE Leap Micro 5.2 (aarch64 x86_64):
libpython3_6m1_0-3.6.15-150300.10.37.2
libpython3_6m1_0-debuginfo-3.6.15-150300.10.37.2
python3-3.6.15-150300.10.37.2
python3-base-3.6.15-150300.10.37.2
python3-base-debuginfo-3.6.15-150300.10.37.2
python3-core-debugsource-3.6.15-150300.10.37.2
python3-debuginfo-3.6.15-150300.10.37.2
python3-debugsource-3.6.15-150300.10.37.2
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
libpython3_6m1_0-3.6.15-150300.10.37.2
libpython3_6m1_0-debuginfo-3.6.15-150300.10.37.2
python3-3.6.15-150300.10.37.2
python3-base-3.6.15-150300.10.37.2
python3-base-debuginfo-3.6.15-150300.10.37.2
python3-core-debugsource-3.6.15-150300.10.37.2
python3-curses-3.6.15-150300.10.37.2
python3-curses-debuginfo-3.6.15-150300.10.37.2
python3-dbm-3.6.15-150300.10.37.2
python3-dbm-debuginfo-3.6.15-150300.10.37.2
python3-debuginfo-3.6.15-150300.10.37.2
python3-debugsource-3.6.15-150300.10.37.2
python3-devel-3.6.15-150300.10.37.2
python3-devel-debuginfo-3.6.15-150300.10.37.2
python3-doc-3.6.15-150300.10.37.1
python3-doc-devhelp-3.6.15-150300.10.37.1
python3-idle-3.6.15-150300.10.37.2
python3-testsuite-3.6.15-150300.10.37.2
python3-testsuite-debuginfo-3.6.15-150300.10.37.2
python3-tk-3.6.15-150300.10.37.2
python3-tk-debuginfo-3.6.15-150300.10.37.2
python3-tools-3.6.15-150300.10.37.2
- openSUSE Leap 15.4 (x86_64):
libpython3_6m1_0-32bit-3.6.15-150300.10.37.2
libpython3_6m1_0-32bit-debuginfo-3.6.15-150300.10.37.2
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
libpython3_6m1_0-3.6.15-150300.10.37.2
libpython3_6m1_0-debuginfo-3.6.15-150300.10.37.2
python3-3.6.15-150300.10.37.2
python3-base-3.6.15-150300.10.37.2
python3-base-debuginfo-3.6.15-150300.10.37.2
python3-core-debugsource-3.6.15-150300.10.37.2
python3-curses-3.6.15-150300.10.37.2
python3-curses-debuginfo-3.6.15-150300.10.37.2
python3-dbm-3.6.15-150300.10.37.2
python3-dbm-debuginfo-3.6.15-150300.10.37.2
python3-debuginfo-3.6.15-150300.10.37.2
python3-debugsource-3.6.15-150300.10.37.2
python3-devel-3.6.15-150300.10.37.2
python3-devel-debuginfo-3.6.15-150300.10.37.2
python3-doc-3.6.15-150300.10.37.1
python3-doc-devhelp-3.6.15-150300.10.37.1
python3-idle-3.6.15-150300.10.37.2
python3-testsuite-3.6.15-150300.10.37.2
python3-testsuite-debuginfo-3.6.15-150300.10.37.2
python3-tk-3.6.15-150300.10.37.2
python3-tk-debuginfo-3.6.15-150300.10.37.2
python3-tools-3.6.15-150300.10.37.2
- openSUSE Leap 15.3 (x86_64):
libpython3_6m1_0-32bit-3.6.15-150300.10.37.2
libpython3_6m1_0-32bit-debuginfo-3.6.15-150300.10.37.2
- SUSE Linux Enterprise Module for Development Tools 15-SP4 (aarch64 ppc64le s390x x86_64):
python3-core-debugsource-3.6.15-150300.10.37.2
python3-tools-3.6.15-150300.10.37.2
- SUSE Linux Enterprise Module for Development Tools 15-SP3 (aarch64 ppc64le s390x x86_64):
python3-core-debugsource-3.6.15-150300.10.37.2
python3-tools-3.6.15-150300.10.37.2
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64 ppc64le s390x x86_64):
libpython3_6m1_0-3.6.15-150300.10.37.2
libpython3_6m1_0-debuginfo-3.6.15-150300.10.37.2
python3-3.6.15-150300.10.37.2
python3-base-3.6.15-150300.10.37.2
python3-base-debuginfo-3.6.15-150300.10.37.2
python3-core-debugsource-3.6.15-150300.10.37.2
python3-curses-3.6.15-150300.10.37.2
python3-curses-debuginfo-3.6.15-150300.10.37.2
python3-dbm-3.6.15-150300.10.37.2
python3-dbm-debuginfo-3.6.15-150300.10.37.2
python3-debuginfo-3.6.15-150300.10.37.2
python3-debugsource-3.6.15-150300.10.37.2
python3-devel-3.6.15-150300.10.37.2
python3-devel-debuginfo-3.6.15-150300.10.37.2
python3-idle-3.6.15-150300.10.37.2
python3-tk-3.6.15-150300.10.37.2
python3-tk-debuginfo-3.6.15-150300.10.37.2
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64):
libpython3_6m1_0-3.6.15-150300.10.37.2
libpython3_6m1_0-debuginfo-3.6.15-150300.10.37.2
python3-3.6.15-150300.10.37.2
python3-base-3.6.15-150300.10.37.2
python3-base-debuginfo-3.6.15-150300.10.37.2
python3-core-debugsource-3.6.15-150300.10.37.2
python3-curses-3.6.15-150300.10.37.2
python3-curses-debuginfo-3.6.15-150300.10.37.2
python3-dbm-3.6.15-150300.10.37.2
python3-dbm-debuginfo-3.6.15-150300.10.37.2
python3-debuginfo-3.6.15-150300.10.37.2
python3-debugsource-3.6.15-150300.10.37.2
python3-devel-3.6.15-150300.10.37.2
python3-devel-debuginfo-3.6.15-150300.10.37.2
python3-idle-3.6.15-150300.10.37.2
python3-tk-3.6.15-150300.10.37.2
python3-tk-debuginfo-3.6.15-150300.10.37.2
- SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64):
libpython3_6m1_0-3.6.15-150300.10.37.2
libpython3_6m1_0-debuginfo-3.6.15-150300.10.37.2
python3-3.6.15-150300.10.37.2
python3-base-3.6.15-150300.10.37.2
python3-base-debuginfo-3.6.15-150300.10.37.2
python3-core-debugsource-3.6.15-150300.10.37.2
python3-debuginfo-3.6.15-150300.10.37.2
python3-debugsource-3.6.15-150300.10.37.2
- SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64):
libpython3_6m1_0-3.6.15-150300.10.37.2
libpython3_6m1_0-debuginfo-3.6.15-150300.10.37.2
python3-3.6.15-150300.10.37.2
python3-base-3.6.15-150300.10.37.2
python3-base-debuginfo-3.6.15-150300.10.37.2
python3-core-debugsource-3.6.15-150300.10.37.2
python3-debuginfo-3.6.15-150300.10.37.2
python3-debugsource-3.6.15-150300.10.37.2
References:
https://www.suse.com/security/cve/CVE-2019-18348.html
https://www.suse.com/security/cve/CVE-2020-10735.html
https://www.suse.com/security/cve/CVE-2020-8492.html
https://www.suse.com/security/cve/CVE-2022-37454.html
https://bugzilla.suse.com/1188607
https://bugzilla.suse.com/1203125
https://bugzilla.suse.com/1204577
1
0
SUSE-SU-2022:4278-1: moderate: Security update for supportutils
by opensuse-security@opensuse.org 29 Nov '22
by opensuse-security@opensuse.org 29 Nov '22
29 Nov '22
SUSE Security Update: Security update for supportutils
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:4278-1
Rating: moderate
References: #1184689 #1188086 #1192252 #1192648 #1197428
#1200330 #1202269 #1202337 #1202417 #1203818
Affected Products:
SUSE Enterprise Storage 7.1
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Micro 5.1
SUSE Linux Enterprise Micro 5.2
SUSE Linux Enterprise Micro 5.3
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.2
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.2
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.2
SUSE Manager Server 4.3
openSUSE Leap 15.3
openSUSE Leap 15.4
openSUSE Leap Micro 5.2
openSUSE Leap Micro 5.3
______________________________________________________________________________
An update that contains security fixes can now be installed.
Description:
This update for supportutils fixes the following issues:
Security issues fixed:
- Passwords correctly removed from email.txt, updates.txt and fs-iscsi.txt
(bsc#1203818)
Bug fixes:
- Added lifecycle information
- Fixed KVM virtualization detection on bare metal (bsc#1184689)
- Added logging using journalctl (bsc#1200330)
- Get current sar data before collecting files (bsc#1192648)
- Collects everything in /etc/multipath/ (bsc#1192252)
- Collects power management information in hardware.txt (bsc#1197428)
- Checks for suseconnect-ng or SUSEConnect packages (bsc#1202337)
- Fixed conf_files and conf_text_files so y2log is gathered (bsc#1202269)
- Update to nvme_info and block_info (bsc#1202417)
- Added includedir directories from /etc/sudoers (bsc#1188086)
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap Micro 5.3:
zypper in -t patch openSUSE-Leap-Micro-5.3-2022-4278=1
- openSUSE Leap Micro 5.2:
zypper in -t patch openSUSE-Leap-Micro-5.2-2022-4278=1
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-4278=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-4278=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-4278=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-4278=1
- SUSE Linux Enterprise Micro 5.3:
zypper in -t patch SUSE-SLE-Micro-5.3-2022-4278=1
- SUSE Linux Enterprise Micro 5.2:
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2022-4278=1
- SUSE Linux Enterprise Micro 5.1:
zypper in -t patch SUSE-SUSE-MicroOS-5.1-2022-4278=1
Package List:
- openSUSE Leap Micro 5.3 (noarch):
supportutils-3.1.21-150300.7.35.15.1
- openSUSE Leap Micro 5.2 (noarch):
supportutils-3.1.21-150300.7.35.15.1
- openSUSE Leap 15.4 (noarch):
supportutils-3.1.21-150300.7.35.15.1
- openSUSE Leap 15.3 (noarch):
supportutils-3.1.21-150300.7.35.15.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (noarch):
supportutils-3.1.21-150300.7.35.15.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (noarch):
supportutils-3.1.21-150300.7.35.15.1
- SUSE Linux Enterprise Micro 5.3 (noarch):
supportutils-3.1.21-150300.7.35.15.1
- SUSE Linux Enterprise Micro 5.2 (noarch):
supportutils-3.1.21-150300.7.35.15.1
- SUSE Linux Enterprise Micro 5.1 (noarch):
supportutils-3.1.21-150300.7.35.15.1
References:
https://bugzilla.suse.com/1184689
https://bugzilla.suse.com/1188086
https://bugzilla.suse.com/1192252
https://bugzilla.suse.com/1192648
https://bugzilla.suse.com/1197428
https://bugzilla.suse.com/1200330
https://bugzilla.suse.com/1202269
https://bugzilla.suse.com/1202337
https://bugzilla.suse.com/1202417
https://bugzilla.suse.com/1203818
1
0
SUSE-SU-2022:4276-1: important: Security update for exiv2
by opensuse-security@opensuse.org 29 Nov '22
by opensuse-security@opensuse.org 29 Nov '22
29 Nov '22
SUSE Security Update: Security update for exiv2
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:4276-1
Rating: important
References: #1050257 #1095070 #1110282 #1119559 #1119560
#1119562 #1142677 #1142678 #1153577 #1186231
#1189337
Cross-References: CVE-2017-11591 CVE-2018-11531 CVE-2018-17581
CVE-2018-20097 CVE-2018-20098 CVE-2018-20099
CVE-2019-13109 CVE-2019-13110 CVE-2019-17402
CVE-2021-29473 CVE-2021-32815
CVSS scores:
CVE-2017-11591 (NVD) : 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2017-11591 (SUSE): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
CVE-2018-11531 (NVD) : 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2018-11531 (SUSE): 5.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
CVE-2018-17581 (NVD) : 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2018-17581 (SUSE): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
CVE-2018-20097 (NVD) : 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2018-20097 (SUSE): 4 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2018-20098 (NVD) : 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2018-20098 (SUSE): 4 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2018-20099 (NVD) : 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2018-20099 (SUSE): 4 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2019-13109 (NVD) : 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2019-13109 (SUSE): 4.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
CVE-2019-13110 (NVD) : 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2019-13110 (SUSE): 4.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
CVE-2019-17402 (SUSE): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
CVE-2021-29473 (NVD) : 2.5 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L
CVE-2021-29473 (SUSE): 4.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2021-32815 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2021-32815 (SUSE): 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L
Affected Products:
SUSE CaaS Platform 4.0
SUSE Enterprise Storage 6
SUSE Enterprise Storage 7
SUSE Enterprise Storage 7.1
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise High Performance Computing 15-ESPOS
SUSE Linux Enterprise High Performance Computing 15-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Module for Desktop Applications 15-SP3
SUSE Linux Enterprise Server 15-LTSS
SUSE Linux Enterprise Server 15-SP1-BCL
SUSE Linux Enterprise Server 15-SP1-LTSS
SUSE Linux Enterprise Server 15-SP2-BCL
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP 15
SUSE Linux Enterprise Server for SAP 15-SP1
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.1
SUSE Manager Retail Branch Server 4.2
SUSE Manager Server 4.1
SUSE Manager Server 4.2
openSUSE Leap 15.3
______________________________________________________________________________
An update that fixes 11 vulnerabilities is now available.
Description:
This update for exiv2 fixes the following issues:
- CVE-2019-13110: Fixed an integer-overflow and out-of-bounds read in
CiffDirectory:readDirectory leads to denail of service (bsc#1142678).
- CVE-2019-13109: Fixed a denial of service in PngImage:readMetadata
(bsc#1142677).
- CVE-2018-17581: Fixed an excessive stack consumption
CiffDirectory:readDirectory() at crwimage_int.cpp (bsc#1110282).
- CVE-2017-11591: Fixed a floating point exception in Exiv2::ValueType
(bsc#1050257).
- CVE-2019-17402: Fixed an improper validation of the total size to the
offset and size leads to a crash in Exiv2::getULong in types.cpp
(bsc#1153577).
- CVE-2021-32815: Fixed a deny-of-service due to assertion failure in
crwimage_int.cpp (bsc#1189337).
- CVE-2018-20097: Fixed SEGV in
Exiv2::Internal::TiffParserWorker::findPrimaryGroupsu (bsc#1119562).
- CVE-2021-29473: Fixed out-of-bounds read in
Exiv2::Jp2Image:doWriteMetadata (bsc#1186231).
- CVE-2018-20098: Fixed a heap-based buffer over-read in
Exiv2::Jp2Image::encodeJp2Header (bsc#1119560).
- CVE-2018-11531: Fixed a heap-based buffer overflow in getData in
preview.cpp (bsc#1095070).
- CVE-2018-20099: exiv2: infinite loop in Exiv2::Jp2Image::encodeJp2Header
(bsc#1119559).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-4276=1
- SUSE Manager Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-4276=1
- SUSE Manager Retail Branch Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-4276=1
- SUSE Manager Proxy 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-4276=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-4276=1
- SUSE Linux Enterprise Server for SAP 15-SP1:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2022-4276=1
- SUSE Linux Enterprise Server for SAP 15:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-2022-4276=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-4276=1
- SUSE Linux Enterprise Server 15-SP2-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-4276=1
- SUSE Linux Enterprise Server 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2022-4276=1
- SUSE Linux Enterprise Server 15-SP1-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-BCL-2022-4276=1
- SUSE Linux Enterprise Server 15-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-2022-4276=1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP3:
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP3-2022-4276=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-4276=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-4276=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-LTSS-2022-4276=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-ESPOS-2022-4276=1
- SUSE Linux Enterprise High Performance Computing 15-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-2022-4276=1
- SUSE Linux Enterprise High Performance Computing 15-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-2022-4276=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2022-4276=1
- SUSE Enterprise Storage 6:
zypper in -t patch SUSE-Storage-6-2022-4276=1
- SUSE CaaS Platform 4.0:
To install this update, use the SUSE CaaS Platform 'skuba' tool. It
will inform you if it detects new updates and let you then trigger
updating of the complete cluster in a controlled way.
Package List:
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
exiv2-0.26-150000.6.26.1
exiv2-debuginfo-0.26-150000.6.26.1
exiv2-debugsource-0.26-150000.6.26.1
libexiv2-26-0.26-150000.6.26.1
libexiv2-26-debuginfo-0.26-150000.6.26.1
libexiv2-devel-0.26-150000.6.26.1
libexiv2-doc-0.26-150000.6.26.1
- openSUSE Leap 15.3 (noarch):
exiv2-lang-0.26-150000.6.26.1
- openSUSE Leap 15.3 (x86_64):
libexiv2-26-32bit-0.26-150000.6.26.1
libexiv2-26-32bit-debuginfo-0.26-150000.6.26.1
- SUSE Manager Server 4.1 (ppc64le s390x x86_64):
exiv2-debuginfo-0.26-150000.6.26.1
exiv2-debugsource-0.26-150000.6.26.1
libexiv2-26-0.26-150000.6.26.1
libexiv2-26-debuginfo-0.26-150000.6.26.1
libexiv2-devel-0.26-150000.6.26.1
- SUSE Manager Retail Branch Server 4.1 (x86_64):
exiv2-debuginfo-0.26-150000.6.26.1
exiv2-debugsource-0.26-150000.6.26.1
libexiv2-26-0.26-150000.6.26.1
libexiv2-26-debuginfo-0.26-150000.6.26.1
libexiv2-devel-0.26-150000.6.26.1
- SUSE Manager Proxy 4.1 (x86_64):
exiv2-debuginfo-0.26-150000.6.26.1
exiv2-debugsource-0.26-150000.6.26.1
libexiv2-26-0.26-150000.6.26.1
libexiv2-26-debuginfo-0.26-150000.6.26.1
libexiv2-devel-0.26-150000.6.26.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64):
exiv2-debuginfo-0.26-150000.6.26.1
exiv2-debugsource-0.26-150000.6.26.1
libexiv2-26-0.26-150000.6.26.1
libexiv2-26-debuginfo-0.26-150000.6.26.1
libexiv2-devel-0.26-150000.6.26.1
- SUSE Linux Enterprise Server for SAP 15-SP1 (ppc64le x86_64):
exiv2-debuginfo-0.26-150000.6.26.1
exiv2-debugsource-0.26-150000.6.26.1
libexiv2-26-0.26-150000.6.26.1
libexiv2-26-debuginfo-0.26-150000.6.26.1
libexiv2-devel-0.26-150000.6.26.1
- SUSE Linux Enterprise Server for SAP 15 (ppc64le x86_64):
exiv2-debuginfo-0.26-150000.6.26.1
exiv2-debugsource-0.26-150000.6.26.1
libexiv2-26-0.26-150000.6.26.1
libexiv2-26-debuginfo-0.26-150000.6.26.1
libexiv2-devel-0.26-150000.6.26.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64):
exiv2-debuginfo-0.26-150000.6.26.1
exiv2-debugsource-0.26-150000.6.26.1
libexiv2-26-0.26-150000.6.26.1
libexiv2-26-debuginfo-0.26-150000.6.26.1
libexiv2-devel-0.26-150000.6.26.1
- SUSE Linux Enterprise Server 15-SP2-BCL (x86_64):
exiv2-debuginfo-0.26-150000.6.26.1
exiv2-debugsource-0.26-150000.6.26.1
libexiv2-26-0.26-150000.6.26.1
libexiv2-26-debuginfo-0.26-150000.6.26.1
libexiv2-devel-0.26-150000.6.26.1
- SUSE Linux Enterprise Server 15-SP1-LTSS (aarch64 ppc64le s390x x86_64):
exiv2-debuginfo-0.26-150000.6.26.1
exiv2-debugsource-0.26-150000.6.26.1
libexiv2-26-0.26-150000.6.26.1
libexiv2-26-debuginfo-0.26-150000.6.26.1
libexiv2-devel-0.26-150000.6.26.1
- SUSE Linux Enterprise Server 15-SP1-BCL (x86_64):
exiv2-debuginfo-0.26-150000.6.26.1
exiv2-debugsource-0.26-150000.6.26.1
libexiv2-26-0.26-150000.6.26.1
libexiv2-26-debuginfo-0.26-150000.6.26.1
libexiv2-devel-0.26-150000.6.26.1
- SUSE Linux Enterprise Server 15-LTSS (aarch64 s390x):
exiv2-debuginfo-0.26-150000.6.26.1
exiv2-debugsource-0.26-150000.6.26.1
libexiv2-26-0.26-150000.6.26.1
libexiv2-26-debuginfo-0.26-150000.6.26.1
libexiv2-devel-0.26-150000.6.26.1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP3 (aarch64 ppc64le s390x x86_64):
exiv2-debuginfo-0.26-150000.6.26.1
exiv2-debugsource-0.26-150000.6.26.1
libexiv2-26-0.26-150000.6.26.1
libexiv2-26-debuginfo-0.26-150000.6.26.1
libexiv2-devel-0.26-150000.6.26.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64):
exiv2-debuginfo-0.26-150000.6.26.1
exiv2-debugsource-0.26-150000.6.26.1
libexiv2-26-0.26-150000.6.26.1
libexiv2-26-debuginfo-0.26-150000.6.26.1
libexiv2-devel-0.26-150000.6.26.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (aarch64 x86_64):
exiv2-debuginfo-0.26-150000.6.26.1
exiv2-debugsource-0.26-150000.6.26.1
libexiv2-26-0.26-150000.6.26.1
libexiv2-26-debuginfo-0.26-150000.6.26.1
libexiv2-devel-0.26-150000.6.26.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (aarch64 x86_64):
exiv2-debuginfo-0.26-150000.6.26.1
exiv2-debugsource-0.26-150000.6.26.1
libexiv2-26-0.26-150000.6.26.1
libexiv2-26-debuginfo-0.26-150000.6.26.1
libexiv2-devel-0.26-150000.6.26.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (aarch64 x86_64):
exiv2-debuginfo-0.26-150000.6.26.1
exiv2-debugsource-0.26-150000.6.26.1
libexiv2-26-0.26-150000.6.26.1
libexiv2-26-debuginfo-0.26-150000.6.26.1
libexiv2-devel-0.26-150000.6.26.1
- SUSE Linux Enterprise High Performance Computing 15-LTSS (aarch64 x86_64):
exiv2-debuginfo-0.26-150000.6.26.1
exiv2-debugsource-0.26-150000.6.26.1
libexiv2-26-0.26-150000.6.26.1
libexiv2-26-debuginfo-0.26-150000.6.26.1
libexiv2-devel-0.26-150000.6.26.1
- SUSE Linux Enterprise High Performance Computing 15-ESPOS (aarch64 x86_64):
exiv2-debuginfo-0.26-150000.6.26.1
exiv2-debugsource-0.26-150000.6.26.1
libexiv2-26-0.26-150000.6.26.1
libexiv2-26-debuginfo-0.26-150000.6.26.1
libexiv2-devel-0.26-150000.6.26.1
- SUSE Enterprise Storage 7 (aarch64 x86_64):
exiv2-debuginfo-0.26-150000.6.26.1
exiv2-debugsource-0.26-150000.6.26.1
libexiv2-26-0.26-150000.6.26.1
libexiv2-26-debuginfo-0.26-150000.6.26.1
libexiv2-devel-0.26-150000.6.26.1
- SUSE Enterprise Storage 6 (aarch64 x86_64):
exiv2-debuginfo-0.26-150000.6.26.1
exiv2-debugsource-0.26-150000.6.26.1
libexiv2-26-0.26-150000.6.26.1
libexiv2-26-debuginfo-0.26-150000.6.26.1
libexiv2-devel-0.26-150000.6.26.1
- SUSE CaaS Platform 4.0 (x86_64):
exiv2-debuginfo-0.26-150000.6.26.1
exiv2-debugsource-0.26-150000.6.26.1
libexiv2-26-0.26-150000.6.26.1
libexiv2-26-debuginfo-0.26-150000.6.26.1
libexiv2-devel-0.26-150000.6.26.1
References:
https://www.suse.com/security/cve/CVE-2017-11591.html
https://www.suse.com/security/cve/CVE-2018-11531.html
https://www.suse.com/security/cve/CVE-2018-17581.html
https://www.suse.com/security/cve/CVE-2018-20097.html
https://www.suse.com/security/cve/CVE-2018-20098.html
https://www.suse.com/security/cve/CVE-2018-20099.html
https://www.suse.com/security/cve/CVE-2019-13109.html
https://www.suse.com/security/cve/CVE-2019-13110.html
https://www.suse.com/security/cve/CVE-2019-17402.html
https://www.suse.com/security/cve/CVE-2021-29473.html
https://www.suse.com/security/cve/CVE-2021-32815.html
https://bugzilla.suse.com/1050257
https://bugzilla.suse.com/1095070
https://bugzilla.suse.com/1110282
https://bugzilla.suse.com/1119559
https://bugzilla.suse.com/1119560
https://bugzilla.suse.com/1119562
https://bugzilla.suse.com/1142677
https://bugzilla.suse.com/1142678
https://bugzilla.suse.com/1153577
https://bugzilla.suse.com/1186231
https://bugzilla.suse.com/1189337
1
0