openSUSE Updates
Threads by month
- ----- 2024 -----
- May
- April
- March
- February
- January
- ----- 2023 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2022 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2021 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2020 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2019 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2018 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2017 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2016 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2015 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2014 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2013 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2012 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2011 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2010 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
November 2022
- 2 participants
- 260 discussions
SUSE-SU-2022:3932-1: moderate: Security update for python-rsa
by opensuse-security@opensuse.org 10 Nov '22
by opensuse-security@opensuse.org 10 Nov '22
10 Nov '22
SUSE Security Update: Security update for python-rsa
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:3932-1
Rating: moderate
References: #1178676
Cross-References: CVE-2020-25658
CVSS scores:
CVE-2020-25658 (NVD) : 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
CVE-2020-25658 (SUSE): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Affected Products:
SUSE Enterprise Storage 7.1
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Micro 5.2
SUSE Linux Enterprise Micro 5.3
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.2
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.2
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.2
SUSE Manager Server 4.3
openSUSE Leap 15.3
openSUSE Leap 15.4
openSUSE Leap Micro 5.2
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for python-rsa fixes the following issues:
- CVE-2020-25658: Fixed bleichenbacher timing oracle attack against RSA
decryption (bsc#1178676).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap Micro 5.2:
zypper in -t patch openSUSE-Leap-Micro-5.2-2022-3932=1
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-3932=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-3932=1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4:
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP4-2022-3932=1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3:
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP3-2022-3932=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-3932=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-3932=1
- SUSE Linux Enterprise Micro 5.3:
zypper in -t patch SUSE-SLE-Micro-5.3-2022-3932=1
- SUSE Linux Enterprise Micro 5.2:
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2022-3932=1
Package List:
- openSUSE Leap Micro 5.2 (noarch):
python3-rsa-3.4.2-150000.3.7.1
- openSUSE Leap 15.4 (noarch):
python3-rsa-3.4.2-150000.3.7.1
- openSUSE Leap 15.3 (noarch):
python2-rsa-3.4.2-150000.3.7.1
python3-rsa-3.4.2-150000.3.7.1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4 (noarch):
python2-rsa-3.4.2-150000.3.7.1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3 (noarch):
python2-rsa-3.4.2-150000.3.7.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (noarch):
python3-rsa-3.4.2-150000.3.7.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (noarch):
python3-rsa-3.4.2-150000.3.7.1
- SUSE Linux Enterprise Micro 5.3 (noarch):
python3-rsa-3.4.2-150000.3.7.1
- SUSE Linux Enterprise Micro 5.2 (noarch):
python3-rsa-3.4.2-150000.3.7.1
References:
https://www.suse.com/security/cve/CVE-2020-25658.html
https://bugzilla.suse.com/1178676
1
0
10 Nov '22
SUSE Security Update: Security update for git
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:3931-1
Rating: moderate
References: #1204455 #1204456
Cross-References: CVE-2022-39253 CVE-2022-39260
CVSS scores:
CVE-2022-39253 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
CVE-2022-39253 (SUSE): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
CVE-2022-39260 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-39260 (SUSE): 6.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
Affected Products:
SUSE Enterprise Storage 7.1
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Module for Development Tools 15-SP3
SUSE Linux Enterprise Module for Development Tools 15-SP4
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.2
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.2
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.2
SUSE Manager Server 4.3
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for git fixes the following issues:
- CVE-2022-39260: Fixed overflow in split_cmdline() (bsc#1204456).
- CVE-2022-39253: Fixed dereference issue with symbolic links via the
`--local` clone mechanism (bsc#1204455).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-3931=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-3931=1
- SUSE Linux Enterprise Module for Development Tools 15-SP4:
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP4-2022-3931=1
- SUSE Linux Enterprise Module for Development Tools 15-SP3:
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP3-2022-3931=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-3931=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-3931=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
git-2.35.3-150300.10.18.1
git-arch-2.35.3-150300.10.18.1
git-core-2.35.3-150300.10.18.1
git-core-debuginfo-2.35.3-150300.10.18.1
git-credential-gnome-keyring-2.35.3-150300.10.18.1
git-credential-gnome-keyring-debuginfo-2.35.3-150300.10.18.1
git-credential-libsecret-2.35.3-150300.10.18.1
git-credential-libsecret-debuginfo-2.35.3-150300.10.18.1
git-cvs-2.35.3-150300.10.18.1
git-daemon-2.35.3-150300.10.18.1
git-daemon-debuginfo-2.35.3-150300.10.18.1
git-debuginfo-2.35.3-150300.10.18.1
git-debugsource-2.35.3-150300.10.18.1
git-email-2.35.3-150300.10.18.1
git-gui-2.35.3-150300.10.18.1
git-p4-2.35.3-150300.10.18.1
git-svn-2.35.3-150300.10.18.1
git-web-2.35.3-150300.10.18.1
gitk-2.35.3-150300.10.18.1
perl-Git-2.35.3-150300.10.18.1
- openSUSE Leap 15.4 (noarch):
git-doc-2.35.3-150300.10.18.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
git-2.35.3-150300.10.18.1
git-arch-2.35.3-150300.10.18.1
git-core-2.35.3-150300.10.18.1
git-core-debuginfo-2.35.3-150300.10.18.1
git-credential-gnome-keyring-2.35.3-150300.10.18.1
git-credential-gnome-keyring-debuginfo-2.35.3-150300.10.18.1
git-credential-libsecret-2.35.3-150300.10.18.1
git-credential-libsecret-debuginfo-2.35.3-150300.10.18.1
git-cvs-2.35.3-150300.10.18.1
git-daemon-2.35.3-150300.10.18.1
git-daemon-debuginfo-2.35.3-150300.10.18.1
git-debuginfo-2.35.3-150300.10.18.1
git-debugsource-2.35.3-150300.10.18.1
git-email-2.35.3-150300.10.18.1
git-gui-2.35.3-150300.10.18.1
git-p4-2.35.3-150300.10.18.1
git-svn-2.35.3-150300.10.18.1
git-web-2.35.3-150300.10.18.1
gitk-2.35.3-150300.10.18.1
perl-Git-2.35.3-150300.10.18.1
- openSUSE Leap 15.3 (noarch):
git-doc-2.35.3-150300.10.18.1
- SUSE Linux Enterprise Module for Development Tools 15-SP4 (aarch64 ppc64le s390x x86_64):
git-2.35.3-150300.10.18.1
git-arch-2.35.3-150300.10.18.1
git-cvs-2.35.3-150300.10.18.1
git-daemon-2.35.3-150300.10.18.1
git-daemon-debuginfo-2.35.3-150300.10.18.1
git-debuginfo-2.35.3-150300.10.18.1
git-debugsource-2.35.3-150300.10.18.1
git-email-2.35.3-150300.10.18.1
git-gui-2.35.3-150300.10.18.1
git-svn-2.35.3-150300.10.18.1
git-web-2.35.3-150300.10.18.1
gitk-2.35.3-150300.10.18.1
perl-Git-2.35.3-150300.10.18.1
- SUSE Linux Enterprise Module for Development Tools 15-SP4 (noarch):
git-doc-2.35.3-150300.10.18.1
- SUSE Linux Enterprise Module for Development Tools 15-SP3 (aarch64 ppc64le s390x x86_64):
git-2.35.3-150300.10.18.1
git-arch-2.35.3-150300.10.18.1
git-cvs-2.35.3-150300.10.18.1
git-daemon-2.35.3-150300.10.18.1
git-daemon-debuginfo-2.35.3-150300.10.18.1
git-debuginfo-2.35.3-150300.10.18.1
git-debugsource-2.35.3-150300.10.18.1
git-email-2.35.3-150300.10.18.1
git-gui-2.35.3-150300.10.18.1
git-svn-2.35.3-150300.10.18.1
git-web-2.35.3-150300.10.18.1
gitk-2.35.3-150300.10.18.1
- SUSE Linux Enterprise Module for Development Tools 15-SP3 (noarch):
git-doc-2.35.3-150300.10.18.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64 ppc64le s390x x86_64):
git-core-2.35.3-150300.10.18.1
git-core-debuginfo-2.35.3-150300.10.18.1
git-debuginfo-2.35.3-150300.10.18.1
git-debugsource-2.35.3-150300.10.18.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64):
git-core-2.35.3-150300.10.18.1
git-core-debuginfo-2.35.3-150300.10.18.1
git-debuginfo-2.35.3-150300.10.18.1
git-debugsource-2.35.3-150300.10.18.1
perl-Git-2.35.3-150300.10.18.1
References:
https://www.suse.com/security/cve/CVE-2022-39253.html
https://www.suse.com/security/cve/CVE-2022-39260.html
https://bugzilla.suse.com/1204455
https://bugzilla.suse.com/1204456
1
0
SUSE-SU-2022:3929-1: important: Security update for the Linux Kernel
by opensuse-security@opensuse.org 10 Nov '22
by opensuse-security@opensuse.org 10 Nov '22
10 Nov '22
SUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:3929-1
Rating: important
References: #1032323 #1065729 #1196018 #1198702 #1200465
#1200788 #1201725 #1202686 #1202700 #1203066
#1203098 #1203387 #1203391 #1203496 #1204053
#1204166 #1204168 #1204354 #1204355 #1204382
#1204402 #1204415 #1204417 #1204431 #1204439
#1204470 #1204479 #1204574 #1204575 #1204619
#1204635 #1204637 #1204646 #1204647 #1204653
#1204728 #1204753 #1204754 PED-1931 SLE-13847
SLE-24559 SLE-9246
Cross-References: CVE-2021-4037 CVE-2022-2153 CVE-2022-28748
CVE-2022-2964 CVE-2022-2978 CVE-2022-3176
CVE-2022-3424 CVE-2022-3521 CVE-2022-3524
CVE-2022-3535 CVE-2022-3542 CVE-2022-3545
CVE-2022-3565 CVE-2022-3577 CVE-2022-3586
CVE-2022-3594 CVE-2022-3621 CVE-2022-3625
CVE-2022-3629 CVE-2022-3640 CVE-2022-3646
CVE-2022-3649 CVE-2022-39189 CVE-2022-42703
CVE-2022-43750
CVSS scores:
CVE-2021-4037 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2021-4037 (SUSE): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
CVE-2022-2153 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-2153 (SUSE): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
CVE-2022-28748 (SUSE): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
CVE-2022-2964 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-2964 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-2978 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-2978 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3176 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3176 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3424 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3521 (NVD) : 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
CVE-2022-3521 (SUSE): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3524 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3524 (SUSE): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3535 (NVD) : 3.5 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
CVE-2022-3535 (SUSE): 2.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L
CVE-2022-3542 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3542 (SUSE): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3545 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3545 (SUSE): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3565 (NVD) : 8 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3565 (SUSE): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3577 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3577 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3586 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3586 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3594 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3594 (SUSE): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3621 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3621 (SUSE): 4.3 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3625 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3625 (SUSE): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3629 (NVD) : 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
CVE-2022-3629 (SUSE): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
CVE-2022-3640 (NVD) : 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3640 (SUSE): 7.1 CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-3646 (NVD) : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2022-3646 (SUSE): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
CVE-2022-3649 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3649 (SUSE): 3.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
CVE-2022-39189 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-39189 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-42703 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-42703 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-43750 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-43750 (SUSE): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Affected Products:
SUSE Linux Enterprise Micro 5.1
SUSE Linux Enterprise Micro 5.2
SUSE Linux Enterprise Module for Realtime 15-SP3
SUSE Linux Enterprise Real Time 15-SP3
openSUSE Leap Micro 5.2
______________________________________________________________________________
An update that solves 25 vulnerabilities, contains four
features and has 13 fixes is now available.
Description:
The SUSE Linux Enterprise 15-SP3 RT kernel was updated to receive various
security and bugfixes.
The following security bugs were fixed:
- CVE-2022-2964, CVE-2022-28748: Fixed memory corruption issues in
ax88179_178a devices (bnc#1202686 bsc#1196018).
- CVE-2021-4037: Fixed function logic vulnerability that allowed local
users to create files for the XFS file-system with an unintended group
ownership and with group execution and SGID permission bits set
(bnc#1198702).
- CVE-2022-2153: Fixed vulnerability in KVM that could allow an
unprivileged local attacker on the host to cause DoS (bnc#1200788).
- CVE-2022-3524: Fixed memory leak in ipv6_renew_options() in the IPv6
handler (bnc#1204354).
- CVE-2022-2978: Fixed use-after-free in the NILFS file system that could
lead to local privilege escalation or DoS (bnc#1202700).
- CVE-2022-3176: Fixed use-after-free in io_uring when using POLLFREE
(bnc#1203391).
- CVE-2022-3521: Fixed race condition in kcm_tx_work() in
net/kcm/kcmsock.c (bnc#1204355).
- CVE-2022-3424: Fixed use-after-free in gru_set_context_option(),
gru_fault() and gru_handle_user_call_os() that could lead to kernel
panic (bsc#1204166).
- CVE-2022-3535: Fixed memory leak in mvpp2_dbgfs_port_init() in
drivers/net/ethernet/marvell/mvpp2/mvpp2_debugfs.c (bnc#1204417).
- CVE-2022-3542: Fixed memory leak in bnx2x_tpa_stop() in
drivers/net/ethernet/broadcom/bnx2x/bnx2x_cmn.c (bnc#1204402).
- CVE-2022-3545: Fixed use-after-free in area_cache_get() in
drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c (bnc#1204415).
- CVE-2022-3565: Fixed use-after-free in del_timer() in
drivers/isdn/mISDN/l1oip_core.c (bnc#1204431).
- CVE-2022-3577: Fixed out-of-bounds memory write flaw in bigben device
driver that could lead to local privilege escalation or DoS
(bnc#1204470).
- CVE-2022-3586: Fixed use-after-free in socket buffer (SKB) that could
allow a local unprivileged user to cause a denial of service
(bnc#1204439).
- CVE-2022-3594: Fixed excessive data logging in intr_callback() in
drivers/net/usb/r8152.c (bnc#1204479).
- CVE-2022-3621: Fixed null pointer dereference in
nilfs_bmap_lookup_at_level() in fs/nilfs2/inode.c (bnc#1204574).
- CVE-2022-3625: Fixed use-after-free in
devlink_param_set()/devlink_param_get() in net/core/devlink.c
(bnc#1204637).
- CVE-2022-3629: Fixed memory leak in vsock_connect() in
net/vmw_vsock/af_vsock.c (bnc#1204635).
- CVE-2022-3640: Fixed use-after-free in l2cap_conn_del() in
net/bluetooth/l2cap_core.c (bnc#1204619).
- CVE-2022-3646: Fixed memory leak in nilfs_attach_log_writer() in
fs/nilfs2/segment.c (bnc#1204646).
- CVE-2022-3649: Fixed use-after-free in nilfs_new_inode() in
fs/nilfs2/inode.c (bnc#1204647).
- CVE-2022-39189: Fixed a flaw in the x86 KVM subsystem that could allow
unprivileged guest users to compromise the guest kernel via TLB flush
operations on preempted vCPU (bnc#1203066).
- CVE-2022-42703: Fixed use-after-free in mm/rmap.c related to leaf
anon_vma double reuse (bnc#1204168).
- CVE-2022-43750: Fixed vulnerability in usbmon that allowed a user-space
client to corrupt the monitor's internal memory (bnc#1204653).
The following non-security bugs were fixed:
- ACPI: APEI: do not add task_work to kernel thread to avoid memory leak
(git-fixes).
- ACPI: HMAT: Release platform device in case of
platform_device_add_data() fails (git-fixes).
- ACPI: extlog: Handle multiple records (git-fixes).
- ACPI: video: Add Toshiba Satellite/Portege Z830 quirk (git-fixes).
- ALSA: Use del_timer_sync() before freeing timer (git-fixes).
- ALSA: ac97: fix possible memory leak in snd_ac97_dev_register()
(git-fixes).
- ALSA: aoa: Fix I2S device accounting (git-fixes).
- ALSA: aoa: i2sbus: fix possible memory leak in i2sbus_add_dev()
(git-fixes).
- ALSA: asihpi - Remove useless code in hpi_meter_get_peak() (git-fixes).
- ALSA: au88x0: use explicitly signed char (git-fixes).
- ALSA: dmaengine: increment buffer pointer atomically (git-fixes).
- ALSA: hda/hdmi: Do not skip notification handling during PM operation
(git-fixes).
- ALSA: hda/realtek: Add Intel Reference SSID to support headset keys
(git-fixes).
- ALSA: hda/realtek: Add quirk for ASUS GV601R laptop (git-fixes).
- ALSA: hda/realtek: Correct pin configs for ASUS G533Z (git-fixes).
- ALSA: hda/realtek: remove ALC289_FIXUP_DUAL_SPK for Dell 5530
(git-fixes).
- ALSA: hda: Fix position reporting on Poulsbo (git-fixes).
- ALSA: oss: Fix potential deadlock at unregistration (git-fixes).
- ALSA: rawmidi: Drop register_mutex in snd_rawmidi_free() (git-fixes).
- ALSA: rme9652: use explicitly signed char (git-fixes).
- ALSA: usb-audio: Fix NULL dererence at error path (git-fixes).
- ALSA: usb-audio: Fix potential memory leaks (git-fixes).
- ASoC: eureka-tlv320: Hold reference returned from of_find_xxx API
(git-fixes).
- ASoC: fsl_sai: Remove unnecessary FIFO reset in ISR (git-fixes).
- ASoC: mt6660: Fix PM disable depth imbalance in mt6660_i2c_probe
(git-fixes).
- ASoC: rsnd: Add check for rsnd_mod_power_on (git-fixes).
- ASoC: wcd9335: fix order of Slimbus unprepare/disable (git-fixes).
- ASoC: wcd934x: fix order of Slimbus unprepare/disable (git-fixes).
- ASoC: wm5102: Fix PM disable depth imbalance in wm5102_probe (git-fixes).
- ASoC: wm5110: Fix PM disable depth imbalance in wm5110_probe (git-fixes).
- ASoC: wm8997: Fix PM disable depth imbalance in wm8997_probe (git-fixes).
- Bluetooth: L2CAP: Fix user-after-free (git-fixes).
- Bluetooth: L2CAP: initialize delayed works at l2cap_chan_create()
(git-fixes).
- Bluetooth: hci_core: Fix not handling link timeouts propertly
(git-fixes).
- Bluetooth: hci_sysfs: Fix attempting to call device_add multiple times
(git-fixes).
- HID: hidraw: fix memory leak in hidraw_release() (git-fixes).
- HID: magicmouse: Do not set BTN_MOUSE on double report (git-fixes).
- HID: multitouch: Add memory barriers (git-fixes).
- HID: roccat: Fix use-after-free in roccat_read() (git-fixes).
- HSI: omap_ssi: Fix refcount leak in ssi_probe (git-fixes).
- HSI: omap_ssi_port: Fix dma_map_sg error check (git-fixes).
- IB/cm: Cancel mad on the DREQ event when the state is MRA_REP_RCVD
(git-fixes)
- IB/cma: Allow XRC INI QPs to set their local ACK timeout (git-fixes)
- IB/core: Only update PKEY and GID caches on respective events (git-fixes)
- IB/hfi1: Adjust pkey entry in index 0 (git-fixes)
- IB/hfi1: Fix abba locking issue with sc_disable() (git-fixes)
- IB/hfi1: Fix possible null-pointer dereference in
_extend_sdma_tx_descs() (git-fixes)
- IB/mlx4: Add support for REJ due to timeout (git-fixes)
- IB/mlx4: Use port iterator and validation APIs (git-fixes)
- IB/qib: Protect from buffer overflow in struct qib_user_sdma_pkt fields
(git-fixes)
- IB/rdmavt: Add __init/__exit annotations to module init/exit funcs
(git-fixes)
- IB/srpt: Remove redundant assignment to ret (git-fixes)
- Input: i8042 - fix refount leak on sparc (git-fixes).
- Input: xpad - add supported devices as contributed on github (git-fixes).
- Input: xpad - fix wireless 360 controller breaking after suspend
(git-fixes).
- KVM: nVMX: Unconditionally purge queued/injected events on nested "exit"
(git-fixes).
- KVM: s390: Clarify SIGP orders versus STOP/RESTART (git-fixes).
- KVM: s390: VSIE: fix MVPG handling for prefixing and MSO (git-fixes).
- KVM: s390: clear kicked_mask before sleeping again (git-fixes).
- KVM: s390: preserve deliverable_mask in __airqs_kick_single_vcpu
(git-fixes).
- KVM: s390: pv: do not present the ecall interrupt twice (git-fixes).
- KVM: s390: split kvm_s390_real_to_abs (git-fixes).
- KVM: s390x: fix SCK locking (git-fixes).
- KVM: x86/emulator: Fix handing of POP SS to correctly set
interruptibility (git-fixes).
- PCI: Dynamically map ECAM regions (bsc#1204382).
- PCI: Fix used_buses calculation in pci_scan_child_bus_extend()
(git-fixes).
- PCI: Sanitise firmware BAR assignments behind a PCI-PCI bridge
(git-fixes).
- PM: domains: Fix handling of unavailable/disabled idle states
(git-fixes).
- PM: hibernate: Allow hybrid sleep to work with s2idle (git-fixes).
- RDMA/bnxt_re: Add missing spin lock initialization (git-fixes)
- RDMA/bnxt_re: Fix query SRQ failure (git-fixes)
- RDMA/cm: Fix memory leak in ib_cm_insert_listen (git-fixes)
- RDMA/cma: Ensure rdma_addr_cancel() happens before issuing more requests
(git-fixes)
- RDMA/cma: Fix arguments order in net device validation (git-fixes)
- RDMA/core: Sanitize WQ state received from the userspace (git-fixes)
- RDMA/cxgb4: Remove MW support (git-fixes)
- RDMA/efa: Free IRQ vectors on error flow (git-fixes)
- RDMA/efa: Remove double QP type assignment (git-fixes)
- RDMA/efa: Use ib_umem_num_dma_pages() (git-fixes)
- RDMA/hfi1: Fix potential integer multiplication overflow errors
(git-fixes)
- RDMA/hns: Remove unnecessary check for the sgid_attr when modifying QP
(git-fixes)
- RDMA/i40iw: Use ib_umem_num_dma_pages() (git-fixes)
- RDMA/iwcm: Release resources if iw_cm module initialization fails
(git-fixes)
- RDMA/mlx4: Return missed an error if device does not support steering
(git-fixes)
- RDMA/mlx5: Add missing check for return value in get namespace flow
(git-fixes)
- RDMA/mlx5: Block FDB rules when not in switchdev mode (git-fixes)
- RDMA/mlx5: Fix memory leak in error flow for subscribe event routine
(git-fixes)
- RDMA/mlx5: Make mkeys always owned by the kernel's PD when not enabled
(git-fixes)
- RDMA/mlx5: Set user priority for DCT (git-fixes)
- RDMA/mlx5: Use set_mkc_access_pd_addr_fields() in reg_create()
(git-fixes)
- RDMA/qedr: Fix NULL deref for query_qp on the GSI QP (git-fixes)
- RDMA/qedr: Fix potential memory leak in __qedr_alloc_mr() (git-fixes)
- RDMA/qedr: Fix reporting QP timeout attribute (git-fixes)
- RDMA/qib: Remove superfluous fallthrough statements (git-fixes)
- RDMA/rtrs-srv: Pass the correct number of entries for dma mapped SGL
(git-fixes)
- RDMA/rxe: Do not overwrite errno from ib_umem_get() (git-fixes)
- RDMA/rxe: Fix "kernel NULL pointer dereference" error (git-fixes)
- RDMA/rxe: Fix error unwind in rxe_create_qp() (git-fixes)
- RDMA/rxe: Fix extra copies in build_rdma_network_hdr (git-fixes)
- RDMA/rxe: Fix extra copy in prepare_ack_packet (git-fixes)
- RDMA/rxe: Fix failure during driver load (git-fixes)
- RDMA/rxe: Fix over copying in get_srq_wqe (git-fixes)
- RDMA/rxe: Fix redundant call to ip_send_check (git-fixes)
- RDMA/rxe: Fix redundant skb_put_zero (git-fixes)
- RDMA/rxe: Fix rnr retry behavior (git-fixes)
- RDMA/rxe: Fix the error caused by qp->sk (git-fixes)
- RDMA/rxe: Fix wrong port_cap_flags (git-fixes)
- RDMA/rxe: Generate a completion for unsupported/invalid opcode
(git-fixes)
- RDMA/rxe: Remove unused pkt->offset (git-fixes)
- RDMA/rxe: Return CQE error if invalid lkey was supplied (git-fixes)
- RDMA/sa_query: Use strscpy_pad instead of memcpy to copy a string
(git-fixes)
- RDMA/siw: Always consume all skbuf data in sk_data_ready() upcall.
(git-fixes)
- RDMA/siw: Fix a condition race issue in MPA request processing
(git-fixes)
- RDMA/siw: Fix duplicated reported IW_CM_EVENT_CONNECT_REPLY event
(git-fixes)
- RDMA/siw: Pass a pointer to virt_to_page() (git-fixes)
- RDMA/usnic: fix set-but-not-unused variable 'flags' warning (git-fixes)
- RDMA: Verify port when creating flow rule (git-fixes)
- RDMA: remove useless condition in siw_create_cq() (git-fixes)
- RDMa/mthca: Work around -Wenum-conversion warning (git-fixes)
- Revert "usb: storage: Add quirk for Samsung Fit flash" (git-fixes).
- Revert "usb: storage: Add quirk for Samsung Fit flash" (git-fixes).
- USB: serial: console: move mutex_unlock() before usb_serial_put()
(git-fixes).
- USB: serial: ftdi_sio: fix 300 bps rate for SIO (git-fixes).
- USB: serial: qcserial: add new usb-id for Dell branded EM7455
(git-fixes).
- USB: serial: qcserial: add new usb-id for Dell branded EM7455
(git-fixes).
- arm64: assembler: add cond_yield macro (git-fixes)
- ata: fix ata_id_has_devslp() (git-fixes).
- ata: fix ata_id_has_dipm() (git-fixes).
- ata: fix ata_id_has_ncq_autosense() (git-fixes).
- ata: fix ata_id_sense_reporting_enabled() and
ata_id_has_sense_reporting() (git-fixes).
- ata: libahci_platform: Sanity check the DT child nodes number
(git-fixes).
- can: bcm: check the result of can_send() in bcm_can_tx() (git-fixes).
- can: kvaser_usb: Fix possible completions during init_completion
(git-fixes).
- can: kvaser_usb: Fix use of uninitialized completion (git-fixes).
- can: kvaser_usb_leaf: Fix CAN state after restart (git-fixes).
- can: kvaser_usb_leaf: Fix TX queue out of sync after restart (git-fixes).
- can: mscan: mpc5xxx: mpc5xxx_can_probe(): add missing put_clock() in
error path (git-fixes).
- cgroup/cpuset: Enable update_tasks_cpumask() on top_cpuset (bsc#1204753).
- clk: bcm2835: Make peripheral PLLC critical (git-fixes).
- clk: bcm2835: fix bcm2835_clock_rate_from_divisor declaration
(git-fixes).
- clk: berlin: Add of_node_put() for of_get_parent() (git-fixes).
- clk: mediatek: mt8183: mfgcfg: Propagate rate changes to parent
(git-fixes).
- clk: oxnas: Hold reference returned by of_get_parent() (git-fixes).
- clk: qcom: gcc-msm8916: use ARRAY_SIZE instead of specifying num_parents
(git-fixes).
- clk: qoriq: Hold reference returned by of_get_parent() (git-fixes).
- clk: tegra20: Fix refcount leak in tegra20_clock_init (git-fixes).
- clk: tegra: Fix refcount leak in tegra114_clock_init (git-fixes).
- clk: tegra: Fix refcount leak in tegra210_clock_init (git-fixes).
- clk: ti: dra7-atl: Fix reference leak in of_dra7_atl_clk_probe
(git-fixes).
- clk: zynqmp: Fix stack-out-of-bounds in strncpy` (git-fixes).
- clk: zynqmp: pll: rectify rate rounding in zynqmp_pll_round_rate
(git-fixes).
- crypto: akcipher - default implementation for setting a private key
(git-fixes).
- crypto: arm64/sha - fix function types (git-fixes)
- crypto: arm64/sha1-ce - simplify NEON yield (git-fixes)
- crypto: arm64/sha2-ce - simplify NEON yield (git-fixes)
- crypto: arm64/sha3-ce - simplify NEON yield (git-fixes)
- crypto: arm64/sha512-ce - simplify NEON yield (git-fixes)
- crypto: cavium - prevent integer overflow loading firmware (git-fixes).
- crypto: ccp - Release dma channels before dmaengine unrgister
(git-fixes).
- crypto: hisilicon/zip - fix mismatch in get/set sgl_sge_nr (git-fixes).
- device property: Fix documentation for *_match_string() APIs (git-fixes).
- dmaengine: ioat: stop mod_timer from resurrecting deleted timer in
__cleanup() (git-fixes).
- dmaengine: xilinx_dma: Report error in case of dma_set_mask_and_coherent
API failure (git-fixes).
- dmaengine: xilinx_dma: cleanup for fetching xlnx,num-fstores property
(git-fixes).
- docs: update mediator information in CoC docs (git-fixes).
- drivers: serial: jsm: fix some leaks in probe (git-fixes).
- drm/amdgpu: fix initial connector audio value (git-fixes).
- drm/bridge: Avoid uninitialized variable warning (git-fixes).
- drm/bridge: megachips: Fix a null pointer dereference bug (git-fixes).
- drm/bridge: parade-ps8640: Fix regulator supply order (git-fixes).
- drm/i915/gvt: fix a memory leak in intel_gvt_init_vgpu_types (git-fixes).
- drm/mipi-dsi: Detach devices when removing the host (git-fixes).
- drm/msm/dpu: Fix comment typo (git-fixes).
- drm/msm/dpu: index dpu_kms->hw_vbif using vbif_idx (git-fixes).
- drm/msm/dsi: fix memory corruption with too many bridges (git-fixes).
- drm/msm/hdmi: fix memory corruption with too many bridges (git-fixes).
- drm/msm: Fix return type of mdp4_lvds_connector_mode_valid (git-fixes).
- drm/msm: Make .remove and .shutdown HW shutdown consistent (git-fixes).
- drm/nouveau/nouveau_bo: fix potential memory leak in nouveau_bo_alloc()
(git-fixes).
- drm/nouveau: fix a use-after-free in nouveau_gem_prime_import_sg_table()
(git-fixes).
- drm/omap: dss: Fix refcount leak bugs (git-fixes).
- drm/scheduler: quieten kernel-doc warnings (git-fixes).
- drm/udl: Restore display mode on resume (git-fixes).
- drm: Prevent drm_copy_field() to attempt copying a NULL pointer
(git-fixes).
- drm: Use size_t type for len variable in drm_copy_field() (git-fixes).
- drm: bridge: adv7511: fix CEC power down control register offset
(git-fixes).
- drm: fix drm_mipi_dbi build errors (git-fixes).
- drm: panel-orientation-quirks: Add quirk for Anbernic Win600 (git-fixes).
- drm:pl111: Add of_node_put() when breaking out of
for_each_available_child_of_node() (git-fixes).
- dyndbg: fix module.dyndbg handling (git-fixes).
- dyndbg: let query-modname override actual module name (git-fixes).
- efi: Correct Macmini DMI match in uefi cert quirk (git-fixes).
- efi: libstub: drop pointless get_memory_map() call (git-fixes).
- exfat: Return ENAMETOOLONG consistently for oversized paths (bsc#1204053
bsc#1201725).
- fbdev: cyber2000fb: fix missing pci_disable_device() (git-fixes).
- fbdev: da8xx-fb: Fix error handling in .remove() (git-fixes).
- firmware: arm_scmi: Add SCMI PM driver remove routine (git-fixes).
- firmware: google: Test spinlock on panic path to avoid lockups
(git-fixes).
- fpga: prevent integer overflow in dfl_feature_ioctl_set_irq()
(git-fixes).
- gpio: rockchip: request GPIO mux to pinctrl when setting direction
(git-fixes).
- hid: hid-logitech-hidpp: avoid unnecessary assignments in
hidpp_connect_event (git-fixes).
- hwmon/coretemp: Handle large core ID value (git-fixes).
- iio: ABI: Fix wrong format of differential capacitance channel ABI
(git-fixes).
- iio: adc: ad7923: fix channel readings for some variants (git-fixes).
- iio: adc: at91-sama5d2_adc: check return status for pressure and touch
(git-fixes).
- iio: adc: at91-sama5d2_adc: fix AT91_SAMA5D2_MR_TRACKTIM_MAX (git-fixes).
- iio: adc: at91-sama5d2_adc: lock around oversampling and sample freq
(git-fixes).
- iio: adc: mcp3911: use correct id bits (git-fixes).
- iio: dac: ad5593r: Fix i2c read protocol requirements (git-fixes).
- iio: inkern: only release the device node when done with it (git-fixes).
- iio: light: tsl2583: Fix module unloading (git-fixes).
- iio: pressure: dps310: Refactor startup procedure (git-fixes).
- iio: pressure: dps310: Reset chip after timeout (git-fixes).
- irqchip/ls-extirq: Fix invalid wait context by avoiding to use regmap
(git-fixes).
- kABI: arm64/crypto/sha512 Preserve function signature (git-fixes).
- kbuild: Add skip_encoding_btf_enum64 option to pahole (git-fixes).
- kbuild: remove the target in signal traps when interrupted (git-fixes).
- kbuild: sink stdout from cmd for silent build (git-fixes).
- kbuild: skip per-CPU BTF generation for pahole v1.18-v1.21
(jsc#SLE-24559).
- kthread: Extract KTHREAD_IS_PER_CPU (bsc#1204753).
- lib/sg_pool: change module_init(sg_pool_init) to subsys_initcall
(git-fixes).
- locking/csd_lock: Change csdlock_debug from early_param to __setup
(git-fixes).
- mISDN: fix use-after-free bugs in l1oip timer handlers (git-fixes).
- mISDN: hfcpci: Fix use-after-free bug in hfcpci_softirq (git-fixes).
- mac802154: Fix LQI recording (git-fixes).
- mailbox: bcm-ferxrm-mailbox: Fix error check for dma_map_sg (git-fixes).
- media: cedrus: Set the platform driver data earlier (git-fixes).
- media: cx88: Fix a null-ptr-deref bug in buffer_prepare() (git-fixes).
- media: v4l2-dv-timings: add sanity checks for blanking values
(git-fixes).
- media: videodev2.h: V4L2_DV_BT_BLANKING_HEIGHT should check 'interlaced'
(git-fixes).
- media: xilinx: vipp: Fix refcount leak in xvip_graph_dma_init
(git-fixes).
- memory: of: Fix refcount leak bug in of_get_ddr_timings() (git-fixes).
- memory: pl353-smc: Fix refcount leak bug in pl353_smc_probe()
(git-fixes).
- mfd: fsl-imx25: Fix an error handling path in mx25_tsadc_setup_irq()
(git-fixes).
- mfd: intel_soc_pmic: Fix an error handling path in
intel_soc_pmic_i2c_probe() (git-fixes).
- mfd: lp8788: Fix an error handling path in lp8788_irq_init() and
lp8788_irq_init() (git-fixes).
- mfd: lp8788: Fix an error handling path in lp8788_probe() (git-fixes).
- mfd: sm501: Add check for platform_driver_register() (git-fixes).
- misc: ocxl: fix possible refcount leak in afu_ioctl() (git-fixes).
- mm, memcg: avoid stale protection values when cgroup is above protection
(bsc#1204754).
- mm/hugetlb: fix races when looking up a CONT-PTE/PMD size hugetlb page
(bsc#1204575).
- mm: memcontrol: fix occasional OOMs due to proportional memory.low
reclaim (bsc#1204754).
- mmc: au1xmmc: Fix an error handling path in au1xmmc_probe() (git-fixes).
- mmc: core: Fix kernel panic when remove non-standard SDIO card
(git-fixes).
- mmc: core: Replace with already defined values for readability
(git-fixes).
- mmc: core: Terminate infinite loop in SD-UHS voltage switch (git-fixes).
- mmc: sdhci-msm: add compatible string check for sdm670 (git-fixes).
- mmc: sdhci-sprd: Fix minimum clock limit (git-fixes).
- mmc: wmt-sdmmc: Fix an error handling path in wmt_mci_probe()
(git-fixes).
- mtd: devices: docg3: check the return value of devm_ioremap() in the
probe (git-fixes).
- mtd: rawnand: atmel: Unmap streaming DMA mappings (git-fixes).
- mtd: rawnand: marvell: Use correct logic for nand-keep-config
(git-fixes).
- mtd: rawnand: meson: fix bit map use in meson_nfc_ecc_correct()
(git-fixes).
- net/ieee802154: fix uninit value bug in dgram_sendmsg (git-fixes).
- net: ieee802154: return -EINVAL for unknown addr type (git-fixes).
- net: usb: qmi_wwan: Add new usb-id for Dell branded EM7455 (git-fixes).
- net: usb: qmi_wwan: Add new usb-id for Dell branded EM7455 (git-fixes).
- openvswitch: Fix double reporting of drops in dropwatch (git-fixes).
- openvswitch: Fix overreporting of drops in dropwatch (git-fixes).
- openvswitch: switch from WARN to pr_warn (git-fixes).
- phy: qualcomm: call clk_disable_unprepare in the error handling
(git-fixes).
- pinctrl: armada-37xx: Add missing GPIO-only pins (git-fixes).
- pinctrl: armada-37xx: Checks for errors in gpio_request_enable callback
(git-fixes).
- pinctrl: armada-37xx: Fix definitions for MPP pins 20-22 (git-fixes).
- pinctrl: rockchip: add pinmux_ops.gpio_set_direction callback
(git-fixes).
- platform/x86: msi-laptop: Change DMI match / alias strings to fix module
autoloading (git-fixes).
- platform/x86: msi-laptop: Fix old-ec check for backlight registering
(git-fixes).
- platform/x86: msi-laptop: Fix resource cleanup (git-fixes).
- power: supply: adp5061: fix out-of-bounds read in adp5061_get_chg_type()
(git-fixes).
- powerpc/64: Remove unused SYS_CALL_TABLE symbol (jsc#SLE-9246 git-fixes).
- powerpc/fadump: align destination address to pagesize (bsc#1204728
ltc#200074).
- powerpc/kprobes: Fix null pointer reference in arch_prepare_kprobe()
(jsc#SLE-13847 git-fixes).
- powerpc/mm/64s: Drop pgd_huge() (bsc#1065729).
- powerpc/mm: remove pmd_huge/pud_huge stubs and include hugetlb.h
(bsc#1065729).
- powerpc/pci_dn: Add missing of_node_put() (bsc#1065729).
- powerpc/powernv: add missing of_node_put() in opal_export_attrs()
(bsc#1065729).
- powerpc/pseries: Interface to represent PAPR firmware attributes
(bsc#1200465 ltc#197256 jsc#PED-1931).
- quota: widen timestamps for the fs_disk_quota structure (bsc#1203387).
- regulator: qcom_rpm: Fix circular deferral regression (git-fixes).
- rpmsg: qcom: glink: replace strncpy() with strscpy_pad() (git-fixes).
- rtc: stmp3xxx: Add failure handling for stmp3xxx_wdt_register()
(git-fixes).
- s390/hypfs: avoid error message under KVM (bsc#1032323).
- sbitmap: Avoid leaving waitqueue in invalid state in __sbq_wake_up()
(git-fixes).
- sbitmap: fix possible io hung due to lost wakeup (git-fixes).
- scsi: libsas: Fix use-after-free bug in smp_execute_task_sg()
(git-fixes).
- scsi: mpt3sas: Fix return value check of dma_get_required_mask()
(git-fixes).
- scsi: qla2xxx: Fix disk failure to rediscover (git-fixes).
- selftest/powerpc: Add PAPR sysfs attributes sniff test (bsc#1200465
ltc#197256 jsc#PED-1931).
- selftests/powerpc: Skip energy_scale_info test on older firmware
(git-fixes).
- soc: qcom: smem_state: Add refcounting for the 'state->of_node'
(git-fixes).
- soc: qcom: smsm: Fix refcount leak bugs in qcom_smsm_probe() (git-fixes).
- soc: sunxi_sram: Make use of the helper function
devm_platform_ioremap_resource() (git-fixes).
- spi/omap100k:Fix PM disable depth imbalance in omap1_spi100k_probe
(git-fixes).
- spi: mt7621: Fix an error message in mt7621_spi_probe() (git-fixes).
- spi: qup: add missing clk_disable_unprepare on error in
spi_qup_pm_resume_runtime() (git-fixes).
- spi: qup: add missing clk_disable_unprepare on error in spi_qup_resume()
(git-fixes).
- spi: s3c64xx: Fix large transfers with DMA (git-fixes).
- staging: rtl8723bs: fix a potential memory leak in rtw_init_cmd_priv()
(git-fixes).
- staging: vt6655: fix potential memory leak (git-fixes).
- staging: vt6655: fix some erroneous memory clean-up loops (git-fixes).
- struct pci_config_window kABI workaround (bsc#1204382).
- thermal: intel_powerclamp: Use first online CPU as control_cpu
(git-fixes).
- thermal: intel_powerclamp: Use get_cpu() instead of smp_processor_id()
to avoid crash (git-fixes).
- tty: serial: fsl_lpuart: disable dma rx/tx use flags in
lpuart_dma_shutdown (git-fixes).
- tty: xilinx_uartps: Fix the ignore_status (git-fixes).
- uas: add no-uas quirk for Hiksemi usb_disk (git-fixes).
- uas: ignore UAS for Thinkplus chips (git-fixes).
- usb-storage: Add Hiksemi USB3-FW to IGNORE_UAS (git-fixes).
- usb: add quirks for Lenovo OneLink+ Dock (git-fixes).
- usb: bdc: change state when port disconnected (git-fixes).
- usb: dwc3: gadget: Do not set IMI for no_interrupt (git-fixes).
- usb: dwc3: gadget: Stop processing more requests on IMI (git-fixes).
- usb: gadget: function: fix dangling pnp_string in f_printer.c
(git-fixes).
- usb: host: xhci: Fix potential memory leak in xhci_alloc_stream_info()
(git-fixes).
- usb: idmouse: fix an uninit-value in idmouse_open (git-fixes).
- usb: mon: make mmapped memory read only (git-fixes).
- usb: musb: Fix musb_gadget.c rxstate overflow bug (git-fixes).
- vhost/vsock: Use kvmalloc/kvfree for larger packets (git-fixes).
- watchdog: armada_37xx_wdt: Fix .set_timeout callback (git-fixes).
- watchdog: ftwdt010_wdt: fix test for platform_get_irq() failure
(git-fixes).
- wifi: ath10k: add peer map clean up for peer delete in
ath10k_sta_state() (git-fixes).
- wifi: ath9k: avoid uninit memory read in ath9k_htc_rx_msg() (git-fixes).
- wifi: brcmfmac: fix invalid address access when enabling SCAN log level
(git-fixes).
- wifi: brcmfmac: fix use-after-free bug in brcmf_netdev_start_xmit()
(git-fixes).
- wifi: cfg80211: update hidden BSSes to avoid WARN_ON (git-fixes).
- wifi: iwlwifi: mvm: fix double list_add at iwl_mvm_mac_wake_tx_queue
(other cases) (git-fixes).
- wifi: mac80211: allow bw change during channel switch in mesh
(git-fixes).
- wifi: mac80211: do not drop packets smaller than the LLC-SNAP header on
fast-rx (git-fixes).
- wifi: mac80211_hwsim: avoid mac80211 warning on bad rate (git-fixes).
- wifi: rt2x00: correctly set BBP register 86 for MT7620 (git-fixes).
- wifi: rt2x00: do not run Rt5592 IQ calibration on MT7620 (git-fixes).
- wifi: rt2x00: set SoC wmac clock register (git-fixes).
- wifi: rt2x00: set VGC gain for both chains of MT7620 (git-fixes).
- wifi: rt2x00: set correct TX_SW_CFG1 MAC register for MT7620 (git-fixes).
- wifi: rtl8xxxu: Fix AIFS written to REG_EDCA_*_PARAM (git-fixes).
- wifi: rtl8xxxu: Fix skb misuse in TX queue selection (git-fixes).
- wifi: rtl8xxxu: Improve rtl8xxxu_queue_select (git-fixes).
- wifi: rtl8xxxu: Remove copy-paste leftover in gen2_update_rate_mask
(git-fixes).
- wifi: rtl8xxxu: gen2: Fix mistake in path B IQ calibration (git-fixes).
- wifi: rtl8xxxu: tighten bounds checking in rtl8xxxu_read_efuse()
(git-fixes).
- xfs: add missing assert in xfs_fsmap_owner_from_rmap (git-fixes).
- xfs: enable big timestamps (bsc#1203387).
- xfs: enable new inode btree counters feature (bsc#1203387).
- xfs: explicitly define inode timestamp range (bsc#1203387).
- xfs: fix memory corruption during remote attr value buffer invalidation
(git-fixes).
- xfs: fix s_maxbytes computation on 32-bit kernels (git-fixes).
- xfs: hoist out xfs_resizefs_init_new_ags() (git-fixes).
- xfs: move incore structures out of xfs_da_format.h (git-fixes).
- xfs: quota: move to time64_t interfaces (bsc#1203387).
- xfs: redefine xfs_ictimestamp_t (bsc#1203387).
- xfs: redefine xfs_timestamp_t (bsc#1203387).
- xfs: refactor remote attr value buffer invalidation (git-fixes).
- xfs: remove obsolete AGF counter debugging (git-fixes).
- xfs: rename `new' to `delta' in xfs_growfs_data_private() (git-fixes).
- xfs: reserve data and rt quota at the same time (bsc#1203496).
- xfs: slightly tweak an assert in xfs_fs_map_blocks (git-fixes).
- xfs: store inode btree block counts in AGI header (bsc#1203387).
- xfs: streamline xfs_attr3_leaf_inactive (git-fixes).
- xfs: use a struct timespec64 for the in-core crtime (bsc#1203387).
- xfs: use the finobt block counts to speed up mount times (bsc#1203387).
- xfs: widen ondisk inode timestamps to deal with y2038+ (bsc#1203387).
- xfs: widen ondisk quota expiration timestamps to handle y2038+
(bsc#1203387).
- xhci: Do not show warning for reinit on known broken suspend (git-fixes).
Special Instructions and Notes:
Please reboot the system after installing this update.
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap Micro 5.2:
zypper in -t patch openSUSE-Leap-Micro-5.2-2022-3929=1
- SUSE Linux Enterprise Module for Realtime 15-SP3:
zypper in -t patch SUSE-SLE-Module-RT-15-SP3-2022-3929=1
- SUSE Linux Enterprise Micro 5.2:
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2022-3929=1
- SUSE Linux Enterprise Micro 5.1:
zypper in -t patch SUSE-SUSE-MicroOS-5.1-2022-3929=1
Package List:
- openSUSE Leap Micro 5.2 (x86_64):
kernel-rt-5.3.18-150300.109.1
kernel-rt-debuginfo-5.3.18-150300.109.1
kernel-rt-debugsource-5.3.18-150300.109.1
- SUSE Linux Enterprise Module for Realtime 15-SP3 (x86_64):
cluster-md-kmp-rt-5.3.18-150300.109.1
cluster-md-kmp-rt-debuginfo-5.3.18-150300.109.1
dlm-kmp-rt-5.3.18-150300.109.1
dlm-kmp-rt-debuginfo-5.3.18-150300.109.1
gfs2-kmp-rt-5.3.18-150300.109.1
gfs2-kmp-rt-debuginfo-5.3.18-150300.109.1
kernel-rt-5.3.18-150300.109.1
kernel-rt-debuginfo-5.3.18-150300.109.1
kernel-rt-debugsource-5.3.18-150300.109.1
kernel-rt-devel-5.3.18-150300.109.1
kernel-rt-devel-debuginfo-5.3.18-150300.109.1
kernel-rt_debug-debuginfo-5.3.18-150300.109.1
kernel-rt_debug-debugsource-5.3.18-150300.109.1
kernel-rt_debug-devel-5.3.18-150300.109.1
kernel-rt_debug-devel-debuginfo-5.3.18-150300.109.1
kernel-syms-rt-5.3.18-150300.109.1
ocfs2-kmp-rt-5.3.18-150300.109.1
ocfs2-kmp-rt-debuginfo-5.3.18-150300.109.1
- SUSE Linux Enterprise Module for Realtime 15-SP3 (noarch):
kernel-devel-rt-5.3.18-150300.109.1
kernel-source-rt-5.3.18-150300.109.1
- SUSE Linux Enterprise Micro 5.2 (x86_64):
kernel-rt-5.3.18-150300.109.1
kernel-rt-debuginfo-5.3.18-150300.109.1
kernel-rt-debugsource-5.3.18-150300.109.1
- SUSE Linux Enterprise Micro 5.1 (x86_64):
kernel-rt-5.3.18-150300.109.1
kernel-rt-debuginfo-5.3.18-150300.109.1
kernel-rt-debugsource-5.3.18-150300.109.1
References:
https://www.suse.com/security/cve/CVE-2021-4037.html
https://www.suse.com/security/cve/CVE-2022-2153.html
https://www.suse.com/security/cve/CVE-2022-28748.html
https://www.suse.com/security/cve/CVE-2022-2964.html
https://www.suse.com/security/cve/CVE-2022-2978.html
https://www.suse.com/security/cve/CVE-2022-3176.html
https://www.suse.com/security/cve/CVE-2022-3424.html
https://www.suse.com/security/cve/CVE-2022-3521.html
https://www.suse.com/security/cve/CVE-2022-3524.html
https://www.suse.com/security/cve/CVE-2022-3535.html
https://www.suse.com/security/cve/CVE-2022-3542.html
https://www.suse.com/security/cve/CVE-2022-3545.html
https://www.suse.com/security/cve/CVE-2022-3565.html
https://www.suse.com/security/cve/CVE-2022-3577.html
https://www.suse.com/security/cve/CVE-2022-3586.html
https://www.suse.com/security/cve/CVE-2022-3594.html
https://www.suse.com/security/cve/CVE-2022-3621.html
https://www.suse.com/security/cve/CVE-2022-3625.html
https://www.suse.com/security/cve/CVE-2022-3629.html
https://www.suse.com/security/cve/CVE-2022-3640.html
https://www.suse.com/security/cve/CVE-2022-3646.html
https://www.suse.com/security/cve/CVE-2022-3649.html
https://www.suse.com/security/cve/CVE-2022-39189.html
https://www.suse.com/security/cve/CVE-2022-42703.html
https://www.suse.com/security/cve/CVE-2022-43750.html
https://bugzilla.suse.com/1032323
https://bugzilla.suse.com/1065729
https://bugzilla.suse.com/1196018
https://bugzilla.suse.com/1198702
https://bugzilla.suse.com/1200465
https://bugzilla.suse.com/1200788
https://bugzilla.suse.com/1201725
https://bugzilla.suse.com/1202686
https://bugzilla.suse.com/1202700
https://bugzilla.suse.com/1203066
https://bugzilla.suse.com/1203098
https://bugzilla.suse.com/1203387
https://bugzilla.suse.com/1203391
https://bugzilla.suse.com/1203496
https://bugzilla.suse.com/1204053
https://bugzilla.suse.com/1204166
https://bugzilla.suse.com/1204168
https://bugzilla.suse.com/1204354
https://bugzilla.suse.com/1204355
https://bugzilla.suse.com/1204382
https://bugzilla.suse.com/1204402
https://bugzilla.suse.com/1204415
https://bugzilla.suse.com/1204417
https://bugzilla.suse.com/1204431
https://bugzilla.suse.com/1204439
https://bugzilla.suse.com/1204470
https://bugzilla.suse.com/1204479
https://bugzilla.suse.com/1204574
https://bugzilla.suse.com/1204575
https://bugzilla.suse.com/1204619
https://bugzilla.suse.com/1204635
https://bugzilla.suse.com/1204637
https://bugzilla.suse.com/1204646
https://bugzilla.suse.com/1204647
https://bugzilla.suse.com/1204653
https://bugzilla.suse.com/1204728
https://bugzilla.suse.com/1204753
https://bugzilla.suse.com/1204754
1
0
openSUSE-RU-2022:10194-1: moderate: Recommended update for ghostwriter
by maintenance@opensuse.org 10 Nov '22
by maintenance@opensuse.org 10 Nov '22
10 Nov '22
openSUSE Recommended Update: Recommended update for ghostwriter
______________________________________________________________________________
Announcement ID: openSUSE-RU-2022:10194-1
Rating: moderate
References:
Affected Products:
openSUSE Backports SLE-15-SP4
______________________________________________________________________________
An update that has 0 recommended fixes can now be installed.
Description:
This update for ghostwriter fixes the following issues:
New upstream release, update to version 2.1.6.
For list of fixes see:
- https://github.com/KDE/ghostwriter/releases/tag/2.1.6.
- https://github.com/wereturtle/ghostwriter/releases/tag/2.1.4.
- https://github.com/wereturtle/ghostwriter/releases/tag/2.1.3.
- https://github.com/wereturtle/ghostwriter/releases/tag/2.1.2.
- https://github.com/wereturtle/ghostwriter/releases/tag/2.1.1.
Patch Instructions:
To install this openSUSE Recommended Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Backports SLE-15-SP4:
zypper in -t patch openSUSE-2022-10194=1
Package List:
- openSUSE Backports SLE-15-SP4 (aarch64 x86_64):
ghostwriter-2.1.6-bp154.2.3.1
- openSUSE Backports SLE-15-SP4 (noarch):
ghostwriter-lang-2.1.6-bp154.2.3.1
References:
1
0
openSUSE-RU-2022:10193-1: moderate: Recommended update for efl
by maintenance@opensuse.org 10 Nov '22
by maintenance@opensuse.org 10 Nov '22
10 Nov '22
openSUSE Recommended Update: Recommended update for efl
______________________________________________________________________________
Announcement ID: openSUSE-RU-2022:10193-1
Rating: moderate
References:
Affected Products:
openSUSE Backports SLE-15-SP4
______________________________________________________________________________
An update that has 0 recommended fixes can now be installed.
Description:
This update for efl fixes the following issues:
Update to 1.26.3 Bugfix release
* Fix theme issues
* Fix edje calc internal return values in some cases
* Fix ecore-x netwm moveresize request handling
* Fix ecore-x xkb handling to not leak
* Fix new xkb event handling
* Fix evas smart object to null out fields for safety
* Fix elm null cnp object handling to not crash in odd cases
* Fix ecore evas x11 dnd handling to not null out xdnd props
* Fix data checkme file so relocation at runtime works again
* Fix eina bt output to always have spaces between fields
* Fix png loader on arm to not have rgb values when a is 0
* Fix textgrid to guard against null glyphs
* Fix ecore-x vblank to use current time not vlbank time
* Fix emile to handle invalid compress types more gracefully
* Fix compile warnings
* Fix evas psd loader crash
* Fix osx sample compile conf script options
* Fix wl vsync timer to use current time not vblank time
* Work around xwayland issue where synthetic events are not sent
Patch Instructions:
To install this openSUSE Recommended Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Backports SLE-15-SP4:
zypper in -t patch openSUSE-2022-10193=1
Package List:
- openSUSE Backports SLE-15-SP4 (aarch64 s390x x86_64):
ecore_imf-module-scim-1.26.3-bp154.4.3.20
efl-1.26.3-bp154.4.3.20
efl-devel-1.26.3-bp154.4.3.20
efl-examples-1.26.3-bp154.4.3.20
efl-testsuite-1.26.3-bp154.4.3.20
elua-1.26.3-bp154.4.3.20
enlightenment-theme-Flat-0.21.0-bp154.4.3.20
enlightenment-theme-upstream-0.21.0-bp154.4.3.20
enlightenment-x-Flat-icon-theme-0.21.0-bp154.4.3.20
evas-generic-loaders-1.26.3-bp154.4.3.20
- openSUSE Backports SLE-15-SP4 (noarch):
efl-lang-1.26.3-bp154.4.3.20
References:
1
0
openSUSE-RU-2022:10195-1: moderate: Recommended update for keepassxc
by maintenance@opensuse.org 10 Nov '22
by maintenance@opensuse.org 10 Nov '22
10 Nov '22
openSUSE Recommended Update: Recommended update for keepassxc
______________________________________________________________________________
Announcement ID: openSUSE-RU-2022:10195-1
Rating: moderate
References:
Affected Products:
openSUSE Backports SLE-15-SP4
______________________________________________________________________________
An update that has 0 recommended fixes can now be installed.
Description:
This update for keepassxc fixes the following issues:
Update to 2.7.4:
- Changes
- Add 2 months expiration preset [#8687]
- CLI: Add Unicode support on Windows [#8618]
- Fixes
- Fix crash on macOS when unlocking database [#8676]
- Fix display of passwords in preview panel [#8633]
- Fix clicking links in entry preview panel [#8644]
- Prevent expired entries search if no results returned [#8643]
- Browser: Revert code causing connection problems [#8665]
- Browser: Fix socket file symbolic link on Linux [#8656]
- Flatpak: Fix launching browser proxy service [#8680]
- SSH Agent: Fix paegent support on Windows [#8619]
Patch Instructions:
To install this openSUSE Recommended Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Backports SLE-15-SP4:
zypper in -t patch openSUSE-2022-10195=1
Package List:
- openSUSE Backports SLE-15-SP4 (aarch64 s390x x86_64):
keepassxc-2.7.4-bp154.3.9.1
- openSUSE Backports SLE-15-SP4 (noarch):
keepassxc-lang-2.7.4-bp154.3.9.1
References:
1
0
09 Nov '22
SUSE Recommended Update: Recommended update for runc
______________________________________________________________________________
Announcement ID: SUSE-RU-2022:3927-1
Rating: moderate
References: #1202021 #1202821
Affected Products:
SUSE CaaS Platform 4.0
SUSE Enterprise Storage 6
SUSE Enterprise Storage 7
SUSE Enterprise Storage 7.1
SUSE Linux Enterprise High Performance Computing 15-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Micro 5.1
SUSE Linux Enterprise Micro 5.2
SUSE Linux Enterprise Micro 5.3
SUSE Linux Enterprise Module for Containers 15-SP3
SUSE Linux Enterprise Module for Containers 15-SP4
SUSE Linux Enterprise Server 15-LTSS
SUSE Linux Enterprise Server 15-SP1-BCL
SUSE Linux Enterprise Server 15-SP1-LTSS
SUSE Linux Enterprise Server 15-SP2-BCL
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP 15
SUSE Linux Enterprise Server for SAP 15-SP1
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.1
SUSE Manager Retail Branch Server 4.2
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.1
SUSE Manager Server 4.2
SUSE Manager Server 4.3
openSUSE Leap 15.3
openSUSE Leap 15.4
openSUSE Leap Micro 5.2
______________________________________________________________________________
An update that has two recommended fixes can now be
installed.
Description:
This update for runc fixes the following issues:
- Update to runc v1.1.4 (bsc#1202021)
- Fix failed exec after systemctl daemon-reload (bsc#1202821)
- Fix mounting via wrong proc
- Fix "permission denied" error from runc run on noexec filesystem
Patch Instructions:
To install this SUSE Recommended Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap Micro 5.2:
zypper in -t patch openSUSE-Leap-Micro-5.2-2022-3927=1
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-3927=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-3927=1
- SUSE Manager Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-3927=1
- SUSE Manager Retail Branch Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-3927=1
- SUSE Manager Proxy 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-3927=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-3927=1
- SUSE Linux Enterprise Server for SAP 15-SP1:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2022-3927=1
- SUSE Linux Enterprise Server for SAP 15:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-2022-3927=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-3927=1
- SUSE Linux Enterprise Server 15-SP2-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-3927=1
- SUSE Linux Enterprise Server 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2022-3927=1
- SUSE Linux Enterprise Server 15-SP1-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-BCL-2022-3927=1
- SUSE Linux Enterprise Server 15-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-2022-3927=1
- SUSE Linux Enterprise Module for Containers 15-SP4:
zypper in -t patch SUSE-SLE-Module-Containers-15-SP4-2022-3927=1
- SUSE Linux Enterprise Module for Containers 15-SP3:
zypper in -t patch SUSE-SLE-Module-Containers-15-SP3-2022-3927=1
- SUSE Linux Enterprise Micro 5.3:
zypper in -t patch SUSE-SLE-Micro-5.3-2022-3927=1
- SUSE Linux Enterprise Micro 5.2:
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2022-3927=1
- SUSE Linux Enterprise Micro 5.1:
zypper in -t patch SUSE-SUSE-MicroOS-5.1-2022-3927=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-3927=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-3927=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-LTSS-2022-3927=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-ESPOS-2022-3927=1
- SUSE Linux Enterprise High Performance Computing 15-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-2022-3927=1
- SUSE Enterprise Storage 7.1:
zypper in -t patch SUSE-Storage-7.1-2022-3927=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2022-3927=1
- SUSE Enterprise Storage 6:
zypper in -t patch SUSE-Storage-6-2022-3927=1
- SUSE CaaS Platform 4.0:
To install this update, use the SUSE CaaS Platform 'skuba' tool. It
will inform you if it detects new updates and let you then trigger
updating of the complete cluster in a controlled way.
Package List:
- openSUSE Leap Micro 5.2 (aarch64 x86_64):
runc-1.1.4-150000.36.1
runc-debuginfo-1.1.4-150000.36.1
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
runc-1.1.4-150000.36.1
runc-debuginfo-1.1.4-150000.36.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
runc-1.1.4-150000.36.1
runc-debuginfo-1.1.4-150000.36.1
- SUSE Manager Server 4.1 (ppc64le s390x x86_64):
runc-1.1.4-150000.36.1
runc-debuginfo-1.1.4-150000.36.1
- SUSE Manager Retail Branch Server 4.1 (x86_64):
runc-1.1.4-150000.36.1
runc-debuginfo-1.1.4-150000.36.1
- SUSE Manager Proxy 4.1 (x86_64):
runc-1.1.4-150000.36.1
runc-debuginfo-1.1.4-150000.36.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64):
runc-1.1.4-150000.36.1
runc-debuginfo-1.1.4-150000.36.1
- SUSE Linux Enterprise Server for SAP 15-SP1 (ppc64le x86_64):
runc-1.1.4-150000.36.1
runc-debuginfo-1.1.4-150000.36.1
- SUSE Linux Enterprise Server for SAP 15 (ppc64le x86_64):
runc-1.1.4-150000.36.1
runc-debuginfo-1.1.4-150000.36.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64):
runc-1.1.4-150000.36.1
runc-debuginfo-1.1.4-150000.36.1
- SUSE Linux Enterprise Server 15-SP2-BCL (x86_64):
runc-1.1.4-150000.36.1
runc-debuginfo-1.1.4-150000.36.1
- SUSE Linux Enterprise Server 15-SP1-LTSS (aarch64 ppc64le s390x x86_64):
runc-1.1.4-150000.36.1
runc-debuginfo-1.1.4-150000.36.1
- SUSE Linux Enterprise Server 15-SP1-BCL (x86_64):
runc-1.1.4-150000.36.1
runc-debuginfo-1.1.4-150000.36.1
- SUSE Linux Enterprise Server 15-LTSS (aarch64 s390x):
runc-1.1.4-150000.36.1
runc-debuginfo-1.1.4-150000.36.1
- SUSE Linux Enterprise Module for Containers 15-SP4 (aarch64 ppc64le s390x x86_64):
runc-1.1.4-150000.36.1
runc-debuginfo-1.1.4-150000.36.1
- SUSE Linux Enterprise Module for Containers 15-SP3 (aarch64 ppc64le s390x x86_64):
runc-1.1.4-150000.36.1
runc-debuginfo-1.1.4-150000.36.1
- SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64):
runc-1.1.4-150000.36.1
runc-debuginfo-1.1.4-150000.36.1
- SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64):
runc-1.1.4-150000.36.1
runc-debuginfo-1.1.4-150000.36.1
- SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64):
runc-1.1.4-150000.36.1
runc-debuginfo-1.1.4-150000.36.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64):
runc-1.1.4-150000.36.1
runc-debuginfo-1.1.4-150000.36.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (aarch64 x86_64):
runc-1.1.4-150000.36.1
runc-debuginfo-1.1.4-150000.36.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (aarch64 x86_64):
runc-1.1.4-150000.36.1
runc-debuginfo-1.1.4-150000.36.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (aarch64 x86_64):
runc-1.1.4-150000.36.1
runc-debuginfo-1.1.4-150000.36.1
- SUSE Linux Enterprise High Performance Computing 15-LTSS (x86_64):
runc-1.1.4-150000.36.1
runc-debuginfo-1.1.4-150000.36.1
- SUSE Enterprise Storage 7.1 (aarch64 x86_64):
runc-1.1.4-150000.36.1
runc-debuginfo-1.1.4-150000.36.1
- SUSE Enterprise Storage 7 (aarch64 x86_64):
runc-1.1.4-150000.36.1
runc-debuginfo-1.1.4-150000.36.1
- SUSE Enterprise Storage 6 (aarch64 x86_64):
runc-1.1.4-150000.36.1
runc-debuginfo-1.1.4-150000.36.1
- SUSE CaaS Platform 4.0 (x86_64):
runc-1.1.4-150000.36.1
runc-debuginfo-1.1.4-150000.36.1
References:
https://bugzilla.suse.com/1202021
https://bugzilla.suse.com/1202821
1
0
SUSE-SU-2022:3922-1: important: Security update for protobuf
by opensuse-security@opensuse.org 09 Nov '22
by opensuse-security@opensuse.org 09 Nov '22
09 Nov '22
SUSE Security Update: Security update for protobuf
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:3922-1
Rating: important
References: #1194530 #1203681 #1204256
Cross-References: CVE-2021-22569 CVE-2022-1941 CVE-2022-3171
CVSS scores:
CVE-2021-22569 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2021-22569 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2022-1941 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-1941 (SUSE): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3171 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3171 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products:
SUSE Enterprise Storage 7
SUSE Enterprise Storage 7.1
SUSE Linux Enterprise Desktop 15-SP2
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP2
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Installer 15-SP2
SUSE Linux Enterprise Micro 5.1
SUSE Linux Enterprise Micro 5.2
SUSE Linux Enterprise Micro 5.3
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Module for Development Tools 15-SP3
SUSE Linux Enterprise Module for Development Tools 15-SP4
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4
SUSE Linux Enterprise Module for Public Cloud 15-SP2
SUSE Linux Enterprise Module for Public Cloud 15-SP3
SUSE Linux Enterprise Module for Public Cloud 15-SP4
SUSE Linux Enterprise Module for SUSE Manager Server 4.1
SUSE Linux Enterprise Module for SUSE Manager Server 4.2
SUSE Linux Enterprise Module for SUSE Manager Server 4.3
SUSE Linux Enterprise Server 15-SP2
SUSE Linux Enterprise Server 15-SP2-BCL
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP Applications 15-SP2
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.1
SUSE Manager Retail Branch Server 4.2
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.1
SUSE Manager Server 4.2
SUSE Manager Server 4.3
openSUSE Leap 15.3
openSUSE Leap 15.4
openSUSE Leap Micro 5.2
______________________________________________________________________________
An update that fixes three vulnerabilities is now available.
Description:
This update for protobuf fixes the following issues:
- CVE-2021-22569: Fixed Denial of Service in protobuf-java in the parsing
procedure for binary data (bsc#1194530).
- CVE-2022-1941: Fix a potential DoS issue in protobuf-cpp and
protobuf-python (bsc#1203681)
- CVE-2022-3171: Fix a potential DoS issue when parsing with binary data
in protobuf-java (bsc#1204256)
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap Micro 5.2:
zypper in -t patch openSUSE-Leap-Micro-5.2-2022-3922=1
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-3922=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-3922=1
- SUSE Manager Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-3922=1
- SUSE Manager Retail Branch Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-3922=1
- SUSE Manager Proxy 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-3922=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-3922=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-3922=1
- SUSE Linux Enterprise Server 15-SP2-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-3922=1
- SUSE Linux Enterprise Module for SUSE Manager Server 4.3:
zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Server-4.3-2022-3922=1
- SUSE Linux Enterprise Module for SUSE Manager Server 4.2:
zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Server-4.2-2022-3922=1
- SUSE Linux Enterprise Module for SUSE Manager Server 4.1:
zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Server-4.1-2022-3922=1
- SUSE Linux Enterprise Module for Public Cloud 15-SP4:
zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2022-3922=1
- SUSE Linux Enterprise Module for Public Cloud 15-SP3:
zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP3-2022-3922=1
- SUSE Linux Enterprise Module for Public Cloud 15-SP2:
zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP2-2022-3922=1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4:
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP4-2022-3922=1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3:
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP3-2022-3922=1
- SUSE Linux Enterprise Module for Development Tools 15-SP4:
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP4-2022-3922=1
- SUSE Linux Enterprise Module for Development Tools 15-SP3:
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP3-2022-3922=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-3922=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-3922=1
- SUSE Linux Enterprise Micro 5.3:
zypper in -t patch SUSE-SLE-Micro-5.3-2022-3922=1
- SUSE Linux Enterprise Micro 5.2:
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2022-3922=1
- SUSE Linux Enterprise Micro 5.1:
zypper in -t patch SUSE-SUSE-MicroOS-5.1-2022-3922=1
- SUSE Linux Enterprise Installer 15-SP2:
zypper in -t patch SUSE-SLE-INSTALLER-15-SP2-2022-3922=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-3922=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-3922=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2022-3922=1
Package List:
- openSUSE Leap Micro 5.2 (aarch64 x86_64):
libprotobuf-lite20-3.9.2-150200.4.19.2
libprotobuf-lite20-debuginfo-3.9.2-150200.4.19.2
protobuf-debugsource-3.9.2-150200.4.19.2
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
libprotobuf-lite20-3.9.2-150200.4.19.2
libprotobuf-lite20-debuginfo-3.9.2-150200.4.19.2
libprotobuf20-3.9.2-150200.4.19.2
libprotobuf20-debuginfo-3.9.2-150200.4.19.2
libprotoc20-3.9.2-150200.4.19.2
libprotoc20-debuginfo-3.9.2-150200.4.19.2
protobuf-debugsource-3.9.2-150200.4.19.2
protobuf-devel-3.9.2-150200.4.19.2
protobuf-devel-debuginfo-3.9.2-150200.4.19.2
protobuf-java-3.9.2-150200.4.19.2
python3-protobuf-3.9.2-150200.4.19.2
- openSUSE Leap 15.4 (noarch):
protobuf-source-3.9.2-150200.4.19.2
- openSUSE Leap 15.4 (x86_64):
libprotobuf-lite20-32bit-3.9.2-150200.4.19.2
libprotobuf-lite20-32bit-debuginfo-3.9.2-150200.4.19.2
libprotobuf20-32bit-3.9.2-150200.4.19.2
libprotobuf20-32bit-debuginfo-3.9.2-150200.4.19.2
libprotoc20-32bit-3.9.2-150200.4.19.2
libprotoc20-32bit-debuginfo-3.9.2-150200.4.19.2
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
libprotobuf-lite20-3.9.2-150200.4.19.2
libprotobuf-lite20-debuginfo-3.9.2-150200.4.19.2
libprotobuf20-3.9.2-150200.4.19.2
libprotobuf20-debuginfo-3.9.2-150200.4.19.2
libprotoc20-3.9.2-150200.4.19.2
libprotoc20-debuginfo-3.9.2-150200.4.19.2
protobuf-debugsource-3.9.2-150200.4.19.2
protobuf-devel-3.9.2-150200.4.19.2
protobuf-devel-debuginfo-3.9.2-150200.4.19.2
protobuf-java-3.9.2-150200.4.19.2
python2-protobuf-3.9.2-150200.4.19.2
python3-protobuf-3.9.2-150200.4.19.2
- openSUSE Leap 15.3 (x86_64):
libprotobuf-lite20-32bit-3.9.2-150200.4.19.2
libprotobuf-lite20-32bit-debuginfo-3.9.2-150200.4.19.2
libprotobuf20-32bit-3.9.2-150200.4.19.2
libprotobuf20-32bit-debuginfo-3.9.2-150200.4.19.2
libprotoc20-32bit-3.9.2-150200.4.19.2
libprotoc20-32bit-debuginfo-3.9.2-150200.4.19.2
- openSUSE Leap 15.3 (noarch):
protobuf-source-3.9.2-150200.4.19.2
- SUSE Manager Server 4.1 (ppc64le s390x x86_64):
libprotobuf-lite20-3.9.2-150200.4.19.2
libprotobuf-lite20-debuginfo-3.9.2-150200.4.19.2
libprotobuf20-3.9.2-150200.4.19.2
libprotobuf20-debuginfo-3.9.2-150200.4.19.2
libprotoc20-3.9.2-150200.4.19.2
libprotoc20-debuginfo-3.9.2-150200.4.19.2
protobuf-debugsource-3.9.2-150200.4.19.2
protobuf-devel-3.9.2-150200.4.19.2
protobuf-devel-debuginfo-3.9.2-150200.4.19.2
- SUSE Manager Retail Branch Server 4.1 (x86_64):
libprotobuf-lite20-3.9.2-150200.4.19.2
libprotobuf-lite20-debuginfo-3.9.2-150200.4.19.2
libprotobuf20-3.9.2-150200.4.19.2
libprotobuf20-debuginfo-3.9.2-150200.4.19.2
libprotoc20-3.9.2-150200.4.19.2
libprotoc20-debuginfo-3.9.2-150200.4.19.2
protobuf-debugsource-3.9.2-150200.4.19.2
protobuf-devel-3.9.2-150200.4.19.2
protobuf-devel-debuginfo-3.9.2-150200.4.19.2
- SUSE Manager Proxy 4.1 (x86_64):
libprotobuf-lite20-3.9.2-150200.4.19.2
libprotobuf-lite20-debuginfo-3.9.2-150200.4.19.2
libprotobuf20-3.9.2-150200.4.19.2
libprotobuf20-debuginfo-3.9.2-150200.4.19.2
libprotoc20-3.9.2-150200.4.19.2
libprotoc20-debuginfo-3.9.2-150200.4.19.2
protobuf-debugsource-3.9.2-150200.4.19.2
protobuf-devel-3.9.2-150200.4.19.2
protobuf-devel-debuginfo-3.9.2-150200.4.19.2
- SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64):
libprotobuf-lite20-3.9.2-150200.4.19.2
libprotobuf-lite20-debuginfo-3.9.2-150200.4.19.2
libprotobuf20-3.9.2-150200.4.19.2
libprotobuf20-debuginfo-3.9.2-150200.4.19.2
libprotoc20-3.9.2-150200.4.19.2
libprotoc20-debuginfo-3.9.2-150200.4.19.2
protobuf-debugsource-3.9.2-150200.4.19.2
protobuf-devel-3.9.2-150200.4.19.2
protobuf-devel-debuginfo-3.9.2-150200.4.19.2
- SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64):
libprotobuf-lite20-3.9.2-150200.4.19.2
libprotobuf-lite20-debuginfo-3.9.2-150200.4.19.2
libprotobuf20-3.9.2-150200.4.19.2
libprotobuf20-debuginfo-3.9.2-150200.4.19.2
libprotoc20-3.9.2-150200.4.19.2
libprotoc20-debuginfo-3.9.2-150200.4.19.2
protobuf-debugsource-3.9.2-150200.4.19.2
protobuf-devel-3.9.2-150200.4.19.2
protobuf-devel-debuginfo-3.9.2-150200.4.19.2
- SUSE Linux Enterprise Server 15-SP2-BCL (x86_64):
libprotobuf-lite20-3.9.2-150200.4.19.2
libprotobuf-lite20-debuginfo-3.9.2-150200.4.19.2
libprotobuf20-3.9.2-150200.4.19.2
libprotobuf20-debuginfo-3.9.2-150200.4.19.2
libprotoc20-3.9.2-150200.4.19.2
libprotoc20-debuginfo-3.9.2-150200.4.19.2
protobuf-debugsource-3.9.2-150200.4.19.2
protobuf-devel-3.9.2-150200.4.19.2
protobuf-devel-debuginfo-3.9.2-150200.4.19.2
- SUSE Linux Enterprise Module for SUSE Manager Server 4.3 (aarch64 ppc64le s390x x86_64):
protobuf-debugsource-3.9.2-150200.4.19.2
protobuf-java-3.9.2-150200.4.19.2
- SUSE Linux Enterprise Module for SUSE Manager Server 4.2 (aarch64 ppc64le s390x x86_64):
protobuf-debugsource-3.9.2-150200.4.19.2
protobuf-java-3.9.2-150200.4.19.2
- SUSE Linux Enterprise Module for SUSE Manager Server 4.1 (aarch64 ppc64le s390x x86_64):
protobuf-debugsource-3.9.2-150200.4.19.2
protobuf-java-3.9.2-150200.4.19.2
- SUSE Linux Enterprise Module for Public Cloud 15-SP4 (aarch64 ppc64le s390x x86_64):
protobuf-debugsource-3.9.2-150200.4.19.2
python3-protobuf-3.9.2-150200.4.19.2
- SUSE Linux Enterprise Module for Public Cloud 15-SP3 (aarch64 ppc64le s390x x86_64):
protobuf-debugsource-3.9.2-150200.4.19.2
python3-protobuf-3.9.2-150200.4.19.2
- SUSE Linux Enterprise Module for Public Cloud 15-SP2 (aarch64 ppc64le s390x x86_64):
python3-protobuf-3.9.2-150200.4.19.2
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4 (aarch64 ppc64le s390x x86_64):
protobuf-debugsource-3.9.2-150200.4.19.2
python2-protobuf-3.9.2-150200.4.19.2
python3-protobuf-3.9.2-150200.4.19.2
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3 (aarch64 ppc64le s390x x86_64):
protobuf-debugsource-3.9.2-150200.4.19.2
python2-protobuf-3.9.2-150200.4.19.2
python3-protobuf-3.9.2-150200.4.19.2
- SUSE Linux Enterprise Module for Development Tools 15-SP4 (aarch64 ppc64le s390x x86_64):
libprotoc20-3.9.2-150200.4.19.2
libprotoc20-debuginfo-3.9.2-150200.4.19.2
protobuf-debugsource-3.9.2-150200.4.19.2
protobuf-devel-3.9.2-150200.4.19.2
protobuf-devel-debuginfo-3.9.2-150200.4.19.2
- SUSE Linux Enterprise Module for Development Tools 15-SP3 (aarch64 ppc64le s390x x86_64):
libprotobuf-lite20-3.9.2-150200.4.19.2
libprotobuf-lite20-debuginfo-3.9.2-150200.4.19.2
libprotoc20-3.9.2-150200.4.19.2
libprotoc20-debuginfo-3.9.2-150200.4.19.2
protobuf-debugsource-3.9.2-150200.4.19.2
protobuf-devel-3.9.2-150200.4.19.2
protobuf-devel-debuginfo-3.9.2-150200.4.19.2
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64 ppc64le s390x x86_64):
libprotobuf-lite20-3.9.2-150200.4.19.2
libprotobuf-lite20-debuginfo-3.9.2-150200.4.19.2
libprotobuf20-3.9.2-150200.4.19.2
libprotobuf20-debuginfo-3.9.2-150200.4.19.2
protobuf-debugsource-3.9.2-150200.4.19.2
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64):
libprotobuf-lite20-3.9.2-150200.4.19.2
libprotobuf20-3.9.2-150200.4.19.2
libprotobuf20-debuginfo-3.9.2-150200.4.19.2
protobuf-debugsource-3.9.2-150200.4.19.2
- SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64):
libprotobuf-lite20-3.9.2-150200.4.19.2
libprotobuf-lite20-debuginfo-3.9.2-150200.4.19.2
protobuf-debugsource-3.9.2-150200.4.19.2
- SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64):
libprotobuf-lite20-3.9.2-150200.4.19.2
libprotobuf-lite20-debuginfo-3.9.2-150200.4.19.2
protobuf-debugsource-3.9.2-150200.4.19.2
- SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64):
libprotobuf-lite20-3.9.2-150200.4.19.2
- SUSE Linux Enterprise Installer 15-SP2 (aarch64 ppc64le s390x x86_64):
libprotobuf-lite20-3.9.2-150200.4.19.2
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64):
libprotobuf-lite20-3.9.2-150200.4.19.2
libprotobuf-lite20-debuginfo-3.9.2-150200.4.19.2
libprotobuf20-3.9.2-150200.4.19.2
libprotobuf20-debuginfo-3.9.2-150200.4.19.2
libprotoc20-3.9.2-150200.4.19.2
libprotoc20-debuginfo-3.9.2-150200.4.19.2
protobuf-debugsource-3.9.2-150200.4.19.2
protobuf-devel-3.9.2-150200.4.19.2
protobuf-devel-debuginfo-3.9.2-150200.4.19.2
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (aarch64 x86_64):
libprotobuf-lite20-3.9.2-150200.4.19.2
libprotobuf-lite20-debuginfo-3.9.2-150200.4.19.2
libprotobuf20-3.9.2-150200.4.19.2
libprotobuf20-debuginfo-3.9.2-150200.4.19.2
libprotoc20-3.9.2-150200.4.19.2
libprotoc20-debuginfo-3.9.2-150200.4.19.2
protobuf-debugsource-3.9.2-150200.4.19.2
protobuf-devel-3.9.2-150200.4.19.2
protobuf-devel-debuginfo-3.9.2-150200.4.19.2
- SUSE Enterprise Storage 7 (aarch64 x86_64):
libprotobuf-lite20-3.9.2-150200.4.19.2
libprotobuf-lite20-debuginfo-3.9.2-150200.4.19.2
libprotobuf20-3.9.2-150200.4.19.2
libprotobuf20-debuginfo-3.9.2-150200.4.19.2
libprotoc20-3.9.2-150200.4.19.2
libprotoc20-debuginfo-3.9.2-150200.4.19.2
protobuf-debugsource-3.9.2-150200.4.19.2
protobuf-devel-3.9.2-150200.4.19.2
protobuf-devel-debuginfo-3.9.2-150200.4.19.2
References:
https://www.suse.com/security/cve/CVE-2021-22569.html
https://www.suse.com/security/cve/CVE-2022-1941.html
https://www.suse.com/security/cve/CVE-2022-3171.html
https://bugzilla.suse.com/1194530
https://bugzilla.suse.com/1203681
https://bugzilla.suse.com/1204256
1
0
openSUSE-RU-2022:10192-1: moderate: Recommended update for orthanc-dicomweb
by maintenance@opensuse.org 09 Nov '22
by maintenance@opensuse.org 09 Nov '22
09 Nov '22
openSUSE Recommended Update: Recommended update for orthanc-dicomweb
______________________________________________________________________________
Announcement ID: openSUSE-RU-2022:10192-1
Rating: moderate
References:
Affected Products:
openSUSE Backports SLE-15-SP3
______________________________________________________________________________
An update that has 0 recommended fixes can now be installed.
Description:
This update for orthanc-dicomweb fixes the following issues:
version 1.10
* bugfix release, see 'NEWS' for details
Version 1.8
* Show an error message when trying to send studies > 4GB via STOW-RS
* Optimized QIDO-RS to build its responses from DB if tags are saved in
"ExtraMainDicomTags".
* New configuration "PublicRoot"
Version 1.7
* Detection of windowing and rescale in ".../rendered" for Philips
multiframe images
Patch Instructions:
To install this openSUSE Recommended Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Backports SLE-15-SP3:
zypper in -t patch openSUSE-2022-10192=1
Package List:
- openSUSE Backports SLE-15-SP3 (aarch64 ppc64le x86_64):
orthanc-dicomweb-1.10-bp153.2.3.1
References:
1
0
openSUSE-SU-2022:10191-1: important: Security update for exim
by opensuse-security@opensuse.org 08 Nov '22
by opensuse-security@opensuse.org 08 Nov '22
08 Nov '22
openSUSE Security Update: Security update for exim
______________________________________________________________________________
Announcement ID: openSUSE-SU-2022:10191-1
Rating: important
References: #1204427
Cross-References: CVE-2022-3559
CVSS scores:
CVE-2022-3559 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products:
openSUSE Backports SLE-15-SP3
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for exim fixes the following issues:
- CVE-2022-3559: Fixed use after free in processing of the component Regex
Handler (boo#1204427, Bug 2915)
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Backports SLE-15-SP3:
zypper in -t patch openSUSE-2022-10191=1
Package List:
- openSUSE Backports SLE-15-SP3 (aarch64 ppc64le s390x x86_64):
exim-4.94.2-bp153.5.1
eximon-4.94.2-bp153.5.1
eximstats-html-4.94.2-bp153.5.1
References:
https://www.suse.com/security/cve/CVE-2022-3559.html
https://bugzilla.suse.com/1204427
1
0