openSUSE Updates
Threads by month
- ----- 2025 -----
- January
- ----- 2024 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2023 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2022 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2021 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2020 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2019 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2018 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2017 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2016 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2015 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2014 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2013 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2012 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2011 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2010 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
December 2022
- 2 participants
- 173 discussions
SUSE-RU-2022:4413-1: moderate: Recommended update for resource-agents
by maintenance@opensuse.org 13 Dec '22
by maintenance@opensuse.org 13 Dec '22
13 Dec '22
SUSE Recommended Update: Recommended update for resource-agents
______________________________________________________________________________
Announcement ID: SUSE-RU-2022:4413-1
Rating: moderate
References: PED-121
Affected Products:
SUSE Linux Enterprise High Availability 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that has 0 recommended fixes and contains one
feature can now be installed.
Description:
This update for resource-agents fixes the following issue:
- Pacemaker should provide a dynamic option to specify a logfile.
Patch Instructions:
To install this SUSE Recommended Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-4413=1
- SUSE Linux Enterprise High Availability 15-SP4:
zypper in -t patch SUSE-SLE-Product-HA-15-SP4-2022-4413=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
ldirectord-4.10.0+git40.0f4de473-150400.3.13.1
resource-agents-4.10.0+git40.0f4de473-150400.3.13.1
resource-agents-debuginfo-4.10.0+git40.0f4de473-150400.3.13.1
resource-agents-debugsource-4.10.0+git40.0f4de473-150400.3.13.1
- openSUSE Leap 15.4 (noarch):
monitoring-plugins-metadata-4.10.0+git40.0f4de473-150400.3.13.1
- SUSE Linux Enterprise High Availability 15-SP4 (aarch64 ppc64le s390x x86_64):
ldirectord-4.10.0+git40.0f4de473-150400.3.13.1
resource-agents-4.10.0+git40.0f4de473-150400.3.13.1
resource-agents-debuginfo-4.10.0+git40.0f4de473-150400.3.13.1
resource-agents-debugsource-4.10.0+git40.0f4de473-150400.3.13.1
- SUSE Linux Enterprise High Availability 15-SP4 (noarch):
monitoring-plugins-metadata-4.10.0+git40.0f4de473-150400.3.13.1
References:
1
0
SUSE-SU-2022:4437-1: important: Security update for SUSE Manager Client Tools
by opensuse-security@opensuse.org 13 Dec '22
by opensuse-security@opensuse.org 13 Dec '22
13 Dec '22
SUSE Security Update: Security update for SUSE Manager Client Tools
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:4437-1
Rating: important
References: #1188571 #1189520 #1192383 #1192763 #1193492
#1193686 #1199810 #1201535 #1201539 #1202945
#1203283 #1203596 #1203597 #1203599 PED-2145
Cross-References: CVE-2021-36222 CVE-2021-3711 CVE-2021-41174
CVE-2021-41244 CVE-2021-43798 CVE-2021-43813
CVE-2021-43815 CVE-2022-29170 CVE-2022-31097
CVE-2022-31107 CVE-2022-35957 CVE-2022-36062
CVSS scores:
CVE-2021-36222 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2021-36222 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2021-3711 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2021-3711 (SUSE): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2021-41174 (NVD) : 6.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:H/A:N
CVE-2021-41174 (SUSE): 6.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:H/A:N
CVE-2021-41244 (NVD) : 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CVE-2021-41244 (SUSE): 9.1 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
CVE-2021-43798 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CVE-2021-43798 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CVE-2021-43813 (NVD) : 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
CVE-2021-43813 (SUSE): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
CVE-2021-43815 (NVD) : 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
CVE-2021-43815 (SUSE): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
CVE-2022-29170 (NVD) : 8.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N
CVE-2022-29170 (SUSE): 6.6 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:L
CVE-2022-31097 (NVD) : 8.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N
CVE-2022-31097 (SUSE): 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N
CVE-2022-31107 (NVD) : 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-31107 (SUSE): 7.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L
CVE-2022-35957 (NVD) : 6.6 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
CVE-2022-35957 (SUSE): 6.6 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
CVE-2022-36062 (NVD) : 3.8 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N
CVE-2022-36062 (SUSE): 6.4 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:L
Affected Products:
SUSE Linux Enterprise Module for SUSE Manager Proxy 4.2
SUSE Linux Enterprise Module for SUSE Manager Proxy 4.3
SUSE Manager Proxy 4.2
SUSE Manager Proxy 4.3
SUSE Manager Tools 15
SUSE Manager Tools for SLE Micro 5
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that solves 12 vulnerabilities, contains one
feature and has two fixes is now available.
Description:
This update fixes the following issues:
dracut-saltboot:
- Update to version 0.1.1665997480.587fa10
* Add dependencies on xz and gzip to support compressed images
golang-github-boynux-squid_exporter:
- Exclude s390 architecture
- Enhanced to build on Enterprise Linux 8.
grafana:
- Version update from 8.3.10 to 8.5.13 (jsc#PED-2145)
- Security fixes:
* CVE-2022-36062: (bsc#1203596)
* CVE-2022-35957: (bsc#1203597)
* CVE-2022-31107: (bsc#1201539)
* CVE-2022-31097: (bsc#1201535)
* CVE-2022-29170: (bsc#1199810)
* CVE-2021-43813, CVE-2021-43815: (bsc#1193686)
* CVE-2021-43798: (bsc#1193492)
* CVE-2021-41244: (bsc#1192763)
* CVE-2021-41174: (bsc#1192383)
* CVE-2021-3711: (bsc#1189520)
* CVE-2021-36222: (bsc#1188571)
- Features and enhancements:
* AccessControl: Disable user remove and user update roles when they do
not have the permissions
* AccessControl: Provisioning for teams
* Alerting: Add custom grouping to Alert Panel
* Alerting: Add safeguard for migrations that might cause dataloss
* Alerting: AlertingProxy to elevate permissions for request forwarded
to data proxy when RBAC enabled
* Alerting: Grafana uses > instead of >= when checking the For duration
* Alerting: Move slow queries in the scheduler to another goroutine
* Alerting: Remove disabled flag for data source when migrating alerts
* Alerting: Show notification tab of legacy alerting only to editor
* Alerting: Update migration to migrate only alerts that belon to
existing org\dashboard
* Alerting: Use expanded labels in dashboard annotations
* Alerting: Use time.Ticker instead of alerting.Ticker in ngalert
* Analytics: Add user id tracking to google analytics
* Angular: Add AngularJS plugin support deprecation plan to docs site
* API: Add usage stats preview endpoint
* API: Extract OpenAPI specification from source code using go-swagger
* Auth: implement auto_sign_up for auth.jwt
* Azure monitor Logs: Optimize data fetching in resource picker
* Azure Monitor Logs: Order subscriptions in resource picker by name
* Azure Monitor: Include datasource ref when interpolating variables.
* AzureMonitor: Add support for not equals and startsWith operators when
creating Azure Metrics dimension filters.
* AzureMonitor: Do not quote variables when a custom "All" variable
option is used
* AzureMonitor: Filter list of resources by resourceType
* AzureMonitor: Update allowed namespaces
* BarChart: color by field, x time field, bar radius, label skipping
* Chore: Implement OpenTelemetry in Grafana
* Cloud Monitoring: Adds metric type to Metric drop down options
* CloudMonitor: Correctly encode default project response
* CloudWatch: Add all ElastiCache Redis Metrics
* CloudWatch: Add Data Lifecycle Manager metrics and dimension
* CloudWatch: Add Missing Elasticache Host-level metrics
* CloudWatch: Add multi-value template variable support for log group
names in logs query builder
* CloudWatch: Add new AWS/ES metrics. #43034, @sunker
* Cloudwatch: Add support for AWS/PrivateLink* metrics and dimensions
* Cloudwatch: Add support for new AWS/RDS EBS* metrics
* Cloudwatch: Add syntax highlighting and autocomplete for "Metric
Search"
* Cloudwatch: Add template variable query function for listing log groups
* Configuration: Add ability to customize okta login button name and icon
* Elasticsearch: Add deprecation notice for < 7.10 versions.
* Explore: Support custom display label for exemplar links for
Prometheus datasource
* Hotkeys: Make time range absolute/permanent
* InfluxDB: Use backend for influxDB by default via feature toggle
* Legend: Use correct unit for percent and count calculations
* Logs: Escape windows newline into single newline
* Loki: Add unpack to autocomplete suggestions
* Loki: Use millisecond steps in Grafana 8.5.x.
* Playlists: Enable sharing direct links to playlists
* Plugins: Allow using both Function and Class components for app plugins
* Plugins: Expose emotion/react to plugins to prevent load failures
* Plugins: Introduce HTTP 207 Multi Status response to api/ds/query
* Rendering: Add support for renderer token
* Setting: Support configuring feature toggles with bools instead of
just passing an array
* SQLStore: Prevent concurrent migrations
* SSE: Add Mode to drop NaN/Inf/Null in Reduction operations
* Tempo: Switch out Select with AsyncSelect component to get loading
state in Tempo Search
* TimeSeries: Add migration for Graph panel's transform series override
* TimeSeries: Add support for negative Y and constant transform
* TimeSeries: Preserve null/undefined values when performing negative y
transform
* Traces: Filter by service/span name and operation in Tempo and Jaeger
* Transformations: Add 'JSON' field type to ConvertFieldTypeTransformer
* Transformations: Add an All Unique Values Reducer
* Transformers: avoid error when the ExtractFields source field is
missing
- Breaking changes:
* For a data source query made via /api/ds/query:
+ If the DatasourceQueryMultiStatus feature is enabled and the data
source response has an error set as part of the DataResponse, the
resulting HTTP status code is now '207 Multi Status' instead of '400
Bad gateway'
+ If the DatasourceQueryMultiStatus feature is not enabled and the
data source response has an error set as part of the DataResponse,
the resulting HTTP status code is '400 BadRequest' (no breaking
change)
* For a proxied request, e.g. Grafana's datasource or plugin proxy:
+ If the request is cancelled, e.g. from the browser/by the client,
the HTTP status code is now '499 Client closed' request instead of
502 Bad gateway If the request times out, e.g. takes longer time
than allowed, the HTTP status code is now '504 Gateway timeout'
instead of '502 Bad gateway'.
+ The change in behavior is that negative-valued series are now
stacked downwards from 0 (in their own stacks), rather than
downwards from the top of the positive stacks. We now automatically
group stacks by Draw style, Line interpolation, and Bar alignment,
making it impossible to stack bars on top of lines, or smooth lines
on top of stepped lines
+ The meaning of the default data source has now changed from being a
persisted property in a panel. Before when you selected the default
data source for a panel and later changed the default data source to
another data source it would change all panels who were configured
to use the default data source. From now on the default data source
is just the default for new panels and changing the default will not
impact any currently saved dashboards
+ The Tooltip component provided by @grafana/ui is no longer
automatically interactive (that is you can hover onto it and click a
link or select text). It will from now on by default close
automatically when you mouse out from the trigger element. To make
tooltips behave like before set the new interactive property to true.
- Deprecations:
* /api/tsdb/query API has been deprecated, please use /api/ds/query
instead
* AngularJS plugin support is now in a deprecated state. The
documentation site has an article with more details on why, when, and
how
- Bug fixes:
* Alerting: Add contact points provisioning API
* Alerting: add field for custom slack endpoint
* Alerting: Add resolved count to notification title when both firing
and resolved present
* Alerting: Alert rule should wait For duration when execution error
state is Alerting
* Alerting: Allow disabling override timings for notification policies
* Alerting: Allow serving images from custom url path
* Alerting: Apply Custom Headers to datasource queries
* Alerting: Classic conditions can now display multiple values
* Alerting: correctly show all alerts in a folder
* Alerting: Display query from grafana-managed alert rules on
/api/v1/rules
* Alerting: Do not overwrite existing alert rule condition
* Alerting: Enhance support for arbitrary group names in managed alerts
* Alerting: Fix access to alerts for viewer with editor permissions when
RBAC is disabled
* Alerting: Fix anonymous access to alerting
* Alerting: Fix migrations by making send_alerts_to field nullable
* Alerting: Fix RBAC actions for notification policies
* Alerting: Fix use of > instead of >= when checking the For duration
* Alerting: Remove double quotes from matchers
* API: Include userId, orgId, uname in request logging middleware
* Auth: Guarantee consistency of signed SigV4 headers
* Azure Monitor : Adding json formatting of error messages in Panel
Header Corner and Inspect Error Tab
* Azure Monitor: Add 2 more Curated Dashboards for VM Insights
* Azure Monitor: Bug Fix for incorrect variable cascading for template
variables
* Azure Monitor: Fix space character encoding for metrics query link to
Azure Portal
* Azure Monitor: Fixes broken log queries that use workspace
* Azure Monitor: Small bug fixes for Resource Picker
* AzureAd Oauth: Fix strictMode to reject users without an assigned role
* AzureMonitor: Fixes metric definition for Azure Storage
queue/file/blob/table resources
* Cloudwatch : Fixed reseting metric name when changing namespace in
Metric Query
* CloudWatch: Added missing MemoryDB Namespace metrics
* CloudWatch: Fix MetricName resetting on Namespace change.
* Cloudwatch: Fix template variables in variable queries.
* CloudWatch: Fix variable query tag migration
* CloudWatch: Handle new error codes for MetricInsights
* CloudWatch: List all metrics properly in SQL autocomplete
* CloudWatch: Prevent log groups from being removed on query change
* CloudWatch: Remove error message when using multi-valued template vars
in region field
* CloudWatch: Run query on blur in logs query field
* CloudWatch: Use default http client from aws-sdk-go
* Dashboard: Fix dashboard update permission check
* Dashboard: Fixes random scrolling on time range change
* Dashboard: Template variables are now correctly persisted when
clicking breadcrumb links
* DashboardExport: Fix exporting and importing dashboards where query
data source ended up as incorrect
* DashboardPage: Remember scroll position when coming back panel edit /
view panel
* Dashboards: Fixes repeating by row and no refresh
* Dashboards: Show changes in save dialog
* DataSource: Default data source is no longer a persisted state but
just the default data source for new panels
* DataSourcePlugin API: Allow queries import when changing data source
type
* Elasticsearch: Respect maxConcurrentShardRequests datasource setting
* Explore: Allow users to save Explore state to a new panel in a new
dashboard
* Explore: Avoid locking timepicker when range is inverted.
* Explore: Fix closing split pane when logs panel is used
* Explore: Prevent direct access to explore if disabled via feature
toggle
* Explore: Remove return to panel button
* FileUpload: clicking the Upload file button now opens their modal
correctly
* Gauge: Fixes blank viz when data link exists and orientation was
horizontal
* GrafanaUI: Fix color of links in error Tooltips in light theme
* Histogram Panel: Take decimal into consideration
* InfluxDB: Fixes invalid no data alerts. #48295, @yesoreyeram
* Instrumentation: Fix HTTP request instrumentation of authentication
failures
* Instrumentation: Make backend plugin metrics endpoints available with
optional authentication
* Instrumentation: Proxy status code correction and various improvements
* LibraryPanels: Fix library panels not connecting properly in imported
dashboards
* LibraryPanels: Prevent long descriptions and names from obscuring the
delete button
* Logger: Use specified format for file logger
* Logging: Introduce feature toggle to activate gokit/log format
* Logs: Handle missing fields in dataframes better
* Loki: Improve unpack parser handling
* ManageDashboards: Fix error when deleting all dashboards from folder
view
* Middleware: Fix IPv6 host parsing in CSRF check
* Navigation: Prevent navbar briefly showing on login
* NewsPanel: Add support for Atom feeds. #45390, @kaydelaney
* OAuth: Fix parsing of ID token if header contains non-string value
* Panel Edit: Options search now works correctly when a logarithmic
scale option is set
* Panel Edit: Visualization search now works correctly with special
characters
* Plugins Catalog: Fix styling of hyperlinks
* Plugins: Add deprecation notice for /api/tsdb/query endpoint
* Plugins: Adding support for traceID field to accept variables
* Plugins: Ensure catching all appropriate 4xx api/ds/query scenarios
* Postgres: Return tables with hyphenated schemes
* PostgreSQL: __unixEpochGroup to support arithmetic expression as
argument
* Profile/Help: Expose option to disable profile section and help menu
* Prometheus: Enable new visual query builder by default
* Provisioning: Fix duplicate validation when multiple organizations
have been configured inserted
* RBAC: Fix Anonymous Editors missing dashboard controls
* RolePicker: Fix menu position on smaller screens
* SAML: Allow disabling of SAML signups
* Search: Sort results correctly when using postgres
* Security: Fixes minor code scanning security warnings in old vendored
javascript libs
* Table panel: Fix horizontal scrolling when pagination is enabled
* Table panel: Show datalinks for cell display modes JSON View and Gauge
derivates
* Table: Fix filter crashes table
* Table: New pagination option
* TablePanel: Add cell inspect option
* TablePanel: Do not prefix columns with frame name if multipleframes
and override active
* TagsInput: Fix tags remove button accessibility issues
* Tempo / Trace Viewer: Support Span Links in Trace Viewer
* Tempo: Download span references in data inspector
* Tempo: Separate trace to logs and loki search datasource config
* TextPanel: Sanitize after markdown has been rendered to html
* TimeRange: Fixes updating time range from url and browser history
* TimeSeries: Fix detection & rendering of sparse datapoints
* Timeseries: Fix outside range stale state
* TimeSeries: Properly stack series with missing datapoints
* TimeSeries: Sort tooltip values based on raw values
* Tooltip: Fix links not legible in Tooltips when using light theme
* Tooltip: Sort decimals using standard numeric compare
* Trace View: Show number of child spans
* Transformations: Support escaped characters in key-value pair parsing
* Transforms: Labels to fields, fix label picker layout
* Variables: Ensure variables in query params are correctly recognised
* Variables: Fix crash when changing query variable datasource
* Variables: Fixes issue with data source variables not updating queries
with variable
* Visualizations: Stack negative-valued series downwards
- Plugin development fixes:
* Card: Increase clickable area when meta items are present.
* ClipboardButton: Use a fallback when the Clipboard API is unavailable
* Loki: Fix operator description propup from being shortened.
* OAuth: Add setting to skip org assignment for external users
* Tooltips: Make tooltips non interactive by default
* Tracing: Add option to map tag names to log label names in trace to
logs settings
prometheus-blackbox_exporter:
- Add requirement for go1.18 (bsc#1203599)
spacecmd:
- Version 4.3.16-1
* Fix dict_keys not supporting indexing in systems_setconfigchannelorger
* Improve Proxy FQDN hint message
* Added a warning message for traditional stack deprecation
* Stop always showing help for valid proxy_container_config calls
* Remove "Undefined return code" from debug messages (bsc#1203283)
spacewalk-client-tools:
- Version 4.3.13-1
* Update translation strings
uyuni-proxy-systemd-services:
- Version 4.3.7-1
* Expose /etc/sysconfig/proxy variables to container services
(bsc#1202945)
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-4437=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-4437=1
- SUSE Manager Tools for SLE Micro 5:
zypper in -t patch SUSE-SLE-Manager-Tools-For-Micro-5-2022-4437=1
- SUSE Manager Tools 15:
zypper in -t patch SUSE-SLE-Manager-Tools-15-2022-4437=1
- SUSE Linux Enterprise Module for SUSE Manager Proxy 4.3:
zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Proxy-4.3-2022-4437=1
- SUSE Linux Enterprise Module for SUSE Manager Proxy 4.2:
zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Proxy-4.2-2022-4437=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
golang-github-boynux-squid_exporter-1.6-150000.1.9.1
golang-github-boynux-squid_exporter-debuginfo-1.6-150000.1.9.1
golang-github-prometheus-promu-0.13.0-150000.3.9.1
prometheus-blackbox_exporter-0.19.0-150000.1.14.3
wire-0.5.0-150000.1.9.3
wire-debuginfo-0.5.0-150000.1.9.3
- openSUSE Leap 15.4 (noarch):
dracut-saltboot-0.1.1665997480.587fa10-150000.1.41.1
spacecmd-4.3.16-150000.3.89.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
golang-github-boynux-squid_exporter-1.6-150000.1.9.1
golang-github-boynux-squid_exporter-debuginfo-1.6-150000.1.9.1
golang-github-prometheus-promu-0.13.0-150000.3.9.1
- openSUSE Leap 15.3 (noarch):
dracut-saltboot-0.1.1665997480.587fa10-150000.1.41.1
spacecmd-4.3.16-150000.3.89.1
- SUSE Manager Tools for SLE Micro 5 (aarch64 s390x x86_64):
prometheus-blackbox_exporter-0.19.0-150000.1.14.3
- SUSE Manager Tools for SLE Micro 5 (noarch):
dracut-saltboot-0.1.1665997480.587fa10-150000.1.41.1
uyuni-proxy-systemd-services-4.3.7-150000.1.9.3
- SUSE Manager Tools 15 (aarch64 ppc64le s390x x86_64):
golang-github-boynux-squid_exporter-1.6-150000.1.9.1
golang-github-boynux-squid_exporter-debuginfo-1.6-150000.1.9.1
grafana-8.5.13-150000.1.36.3
grafana-debuginfo-8.5.13-150000.1.36.3
prometheus-blackbox_exporter-0.19.0-150000.1.14.3
- SUSE Manager Tools 15 (noarch):
dracut-saltboot-0.1.1665997480.587fa10-150000.1.41.1
python3-spacewalk-check-4.3.13-150000.3.71.3
python3-spacewalk-client-setup-4.3.13-150000.3.71.3
python3-spacewalk-client-tools-4.3.13-150000.3.71.3
spacecmd-4.3.16-150000.3.89.1
spacewalk-check-4.3.13-150000.3.71.3
spacewalk-client-setup-4.3.13-150000.3.71.3
spacewalk-client-tools-4.3.13-150000.3.71.3
uyuni-proxy-systemd-services-4.3.7-150000.1.9.3
- SUSE Linux Enterprise Module for SUSE Manager Proxy 4.3 (aarch64 ppc64le s390x x86_64):
golang-github-boynux-squid_exporter-1.6-150000.1.9.1
golang-github-boynux-squid_exporter-debuginfo-1.6-150000.1.9.1
prometheus-blackbox_exporter-0.19.0-150000.1.14.3
- SUSE Linux Enterprise Module for SUSE Manager Proxy 4.2 (aarch64 ppc64le s390x x86_64):
golang-github-boynux-squid_exporter-1.6-150000.1.9.1
golang-github-boynux-squid_exporter-debuginfo-1.6-150000.1.9.1
prometheus-blackbox_exporter-0.19.0-150000.1.14.3
References:
https://www.suse.com/security/cve/CVE-2021-36222.html
https://www.suse.com/security/cve/CVE-2021-3711.html
https://www.suse.com/security/cve/CVE-2021-41174.html
https://www.suse.com/security/cve/CVE-2021-41244.html
https://www.suse.com/security/cve/CVE-2021-43798.html
https://www.suse.com/security/cve/CVE-2021-43813.html
https://www.suse.com/security/cve/CVE-2021-43815.html
https://www.suse.com/security/cve/CVE-2022-29170.html
https://www.suse.com/security/cve/CVE-2022-31097.html
https://www.suse.com/security/cve/CVE-2022-31107.html
https://www.suse.com/security/cve/CVE-2022-35957.html
https://www.suse.com/security/cve/CVE-2022-36062.html
https://bugzilla.suse.com/1188571
https://bugzilla.suse.com/1189520
https://bugzilla.suse.com/1192383
https://bugzilla.suse.com/1192763
https://bugzilla.suse.com/1193492
https://bugzilla.suse.com/1193686
https://bugzilla.suse.com/1199810
https://bugzilla.suse.com/1201535
https://bugzilla.suse.com/1201539
https://bugzilla.suse.com/1202945
https://bugzilla.suse.com/1203283
https://bugzilla.suse.com/1203596
https://bugzilla.suse.com/1203597
https://bugzilla.suse.com/1203599
1
0
SUSE-SU-2022:4428-1: important: Security update for grafana
by opensuse-security@opensuse.org 13 Dec '22
by opensuse-security@opensuse.org 13 Dec '22
13 Dec '22
SUSE Security Update: Security update for grafana
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:4428-1
Rating: important
References: #1188571 #1189520 #1192383 #1192763 #1193492
#1193686 #1199810 #1201535 #1201539 #1203596
#1203597 PED-2145
Cross-References: CVE-2021-36222 CVE-2021-3711 CVE-2021-41174
CVE-2021-41244 CVE-2021-43798 CVE-2021-43813
CVE-2021-43815 CVE-2022-29170 CVE-2022-31097
CVE-2022-31107 CVE-2022-35957 CVE-2022-36062
CVSS scores:
CVE-2021-36222 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2021-36222 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2021-3711 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2021-3711 (SUSE): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2021-41174 (NVD) : 6.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:H/A:N
CVE-2021-41174 (SUSE): 6.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:H/A:N
CVE-2021-41244 (NVD) : 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CVE-2021-41244 (SUSE): 9.1 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
CVE-2021-43798 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CVE-2021-43798 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CVE-2021-43813 (NVD) : 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
CVE-2021-43813 (SUSE): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
CVE-2021-43815 (NVD) : 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
CVE-2021-43815 (SUSE): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
CVE-2022-29170 (NVD) : 8.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N
CVE-2022-29170 (SUSE): 6.6 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:L
CVE-2022-31097 (NVD) : 8.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N
CVE-2022-31097 (SUSE): 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N
CVE-2022-31107 (NVD) : 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-31107 (SUSE): 7.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L
CVE-2022-35957 (NVD) : 6.6 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
CVE-2022-35957 (SUSE): 6.6 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
CVE-2022-36062 (NVD) : 3.8 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N
CVE-2022-36062 (SUSE): 6.4 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:L
Affected Products:
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.3
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes 12 vulnerabilities, contains one
feature is now available.
Description:
This update for grafana fixes the following issues:
Version update from 8.3.10 to 8.5.13 (jsc#PED-2145):
- Security fixes:
* CVE-2022-36062: (bsc#1203596)
* CVE-2022-35957: (bsc#1203597)
* CVE-2022-31107: (bsc#1201539)
* CVE-2022-31097: (bsc#1201535)
* CVE-2022-29170: (bsc#1199810)
* CVE-2021-43813, CVE-2021-43815: (bsc#1193686)
* CVE-2021-43798: (bsc#1193492)
* CVE-2021-41244: (bsc#1192763)
* CVE-2021-41174: (bsc#1192383)
* CVE-2021-3711: (bsc#1189520)
* CVE-2021-36222: (bsc#1188571)
- Features and enhancements:
* AccessControl: Disable user remove and user update roles when they do
not have the permissions
* AccessControl: Provisioning for teams
* Alerting: Add custom grouping to Alert Panel
* Alerting: Add safeguard for migrations that might cause dataloss
* Alerting: AlertingProxy to elevate permissions for request forwarded
to data proxy when RBAC enabled
* Alerting: Grafana uses > instead of >= when checking the For duration
* Alerting: Move slow queries in the scheduler to another goroutine
* Alerting: Remove disabled flag for data source when migrating alerts
* Alerting: Show notification tab of legacy alerting only to editor
* Alerting: Update migration to migrate only alerts that belon to
existing org\dashboard
* Alerting: Use expanded labels in dashboard annotations
* Alerting: Use time.Ticker instead of alerting.Ticker in ngalert
* Analytics: Add user id tracking to google analytics
* Angular: Add AngularJS plugin support deprecation plan to docs site
* API: Add usage stats preview endpoint
* API: Extract OpenAPI specification from source code using go-swagger
* Auth: implement auto_sign_up for auth.jwt
* Azure monitor Logs: Optimize data fetching in resource picker
* Azure Monitor Logs: Order subscriptions in resource picker by name
* Azure Monitor: Include datasource ref when interpolating variables.
* AzureMonitor: Add support for not equals and startsWith operators when
creating Azure Metrics dimension filters.
* AzureMonitor: Do not quote variables when a custom "All" variable
option is used
* AzureMonitor: Filter list of resources by resourceType
* AzureMonitor: Update allowed namespaces
* BarChart: color by field, x time field, bar radius, label skipping
* Chore: Implement OpenTelemetry in Grafana
* Cloud Monitoring: Adds metric type to Metric drop down options
* CloudMonitor: Correctly encode default project response
* CloudWatch: Add all ElastiCache Redis Metrics
* CloudWatch: Add Data Lifecycle Manager metrics and dimension
* CloudWatch: Add Missing Elasticache Host-level metrics
* CloudWatch: Add multi-value template variable support for log group
names in logs query builder
* CloudWatch: Add new AWS/ES metrics. #43034, @sunker
* Cloudwatch: Add support for AWS/PrivateLink* metrics and dimensions
* Cloudwatch: Add support for new AWS/RDS EBS* metrics
* Cloudwatch: Add syntax highlighting and autocomplete for "Metric
Search"
* Cloudwatch: Add template variable query function for listing log groups
* Configuration: Add ability to customize okta login button name and icon
* Elasticsearch: Add deprecation notice for < 7.10 versions.
* Explore: Support custom display label for exemplar links for
Prometheus datasource
* Hotkeys: Make time range absolute/permanent
* InfluxDB: Use backend for influxDB by default via feature toggle
* Legend: Use correct unit for percent and count calculations
* Logs: Escape windows newline into single newline
* Loki: Add unpack to autocomplete suggestions
* Loki: Use millisecond steps in Grafana 8.5.x.
* Playlists: Enable sharing direct links to playlists
* Plugins: Allow using both Function and Class components for app plugins
* Plugins: Expose emotion/react to plugins to prevent load failures
* Plugins: Introduce HTTP 207 Multi Status response to api/ds/query
* Rendering: Add support for renderer token
* Setting: Support configuring feature toggles with bools instead of
just passing an array
* SQLStore: Prevent concurrent migrations
* SSE: Add Mode to drop NaN/Inf/Null in Reduction operations
* Tempo: Switch out Select with AsyncSelect component to get loading
state in Tempo Search
* TimeSeries: Add migration for Graph panel's transform series override
* TimeSeries: Add support for negative Y and constant transform
* TimeSeries: Preserve null/undefined values when performing negative y
transform
* Traces: Filter by service/span name and operation in Tempo and Jaeger
* Transformations: Add 'JSON' field type to ConvertFieldTypeTransformer
* Transformations: Add an All Unique Values Reducer
* Transformers: avoid error when the ExtractFields source field is
missing
- Breaking changes:
* For a data source query made via /api/ds/query:
+ If the DatasourceQueryMultiStatus feature is enabled and the data
source response has an error set as part of the DataResponse, the
resulting HTTP status code is now '207 Multi Status' instead of '400
Bad gateway'
+ If the DatasourceQueryMultiStatus feature is not enabled and the
data source response has an error set as part of the DataResponse,
the resulting HTTP status code is '400 BadRequest' (no breaking
change)
* For a proxied request, e.g. Grafana's datasource or plugin proxy:
+ If the request is cancelled, e.g. from the browser/by the client,
the HTTP status code is now '499 Client closed' request instead of
502 Bad gateway If the request times out, e.g. takes longer time
than allowed, the HTTP status code is now '504 Gateway timeout'
instead of '502 Bad gateway'.
+ The change in behavior is that negative-valued series are now
stacked downwards from 0 (in their own stacks), rather than
downwards from the top of the positive stacks. We now automatically
group stacks by Draw style, Line interpolation, and Bar alignment,
making it impossible to stack bars on top of lines, or smooth lines
on top of stepped lines
+ The meaning of the default data source has now changed from being a
persisted property in a panel. Before when you selected the default
data source for a panel and later changed the default data source to
another data source it would change all panels who were configured
to use the default data source. From now on the default data source
is just the default for new panels and changing the default will not
impact any currently saved dashboards
+ The Tooltip component provided by @grafana/ui is no longer
automatically interactive (that is you can hover onto it and click a
link or select text). It will from now on by default close
automatically when you mouse out from the trigger element. To make
tooltips behave like before set the new interactive property to true.
- Deprecations:
* /api/tsdb/query API has been deprecated, please use /api/ds/query
instead
* AngularJS plugin support is now in a deprecated state. The
documentation site has an article with more details on why, when, and
how
- Bug fixes:
* Alerting: Add contact points provisioning API
* Alerting: add field for custom slack endpoint
* Alerting: Add resolved count to notification title when both firing
and resolved present
* Alerting: Alert rule should wait For duration when execution error
state is Alerting
* Alerting: Allow disabling override timings for notification policies
* Alerting: Allow serving images from custom url path
* Alerting: Apply Custom Headers to datasource queries
* Alerting: Classic conditions can now display multiple values
* Alerting: correctly show all alerts in a folder
* Alerting: Display query from grafana-managed alert rules on
/api/v1/rules
* Alerting: Do not overwrite existing alert rule condition
* Alerting: Enhance support for arbitrary group names in managed alerts
* Alerting: Fix access to alerts for viewer with editor permissions when
RBAC is disabled
* Alerting: Fix anonymous access to alerting
* Alerting: Fix migrations by making send_alerts_to field nullable
* Alerting: Fix RBAC actions for notification policies
* Alerting: Fix use of > instead of >= when checking the For duration
* Alerting: Remove double quotes from matchers
* API: Include userId, orgId, uname in request logging middleware
* Auth: Guarantee consistency of signed SigV4 headers
* Azure Monitor : Adding json formatting of error messages in Panel
Header Corner and Inspect Error Tab
* Azure Monitor: Add 2 more Curated Dashboards for VM Insights
* Azure Monitor: Bug Fix for incorrect variable cascading for template
variables
* Azure Monitor: Fix space character encoding for metrics query link to
Azure Portal
* Azure Monitor: Fixes broken log queries that use workspace
* Azure Monitor: Small bug fixes for Resource Picker
* AzureAd Oauth: Fix strictMode to reject users without an assigned role
* AzureMonitor: Fixes metric definition for Azure Storage
queue/file/blob/table resources
* Cloudwatch : Fixed reseting metric name when changing namespace in
Metric Query
* CloudWatch: Added missing MemoryDB Namespace metrics
* CloudWatch: Fix MetricName resetting on Namespace change.
* Cloudwatch: Fix template variables in variable queries.
* CloudWatch: Fix variable query tag migration
* CloudWatch: Handle new error codes for MetricInsights
* CloudWatch: List all metrics properly in SQL autocomplete
* CloudWatch: Prevent log groups from being removed on query change
* CloudWatch: Remove error message when using multi-valued template vars
in region field
* CloudWatch: Run query on blur in logs query field
* CloudWatch: Use default http client from aws-sdk-go
* Dashboard: Fix dashboard update permission check
* Dashboard: Fixes random scrolling on time range change
* Dashboard: Template variables are now correctly persisted when
clicking breadcrumb links
* DashboardExport: Fix exporting and importing dashboards where query
data source ended up as incorrect
* DashboardPage: Remember scroll position when coming back panel edit /
view panel
* Dashboards: Fixes repeating by row and no refresh
* Dashboards: Show changes in save dialog
* DataSource: Default data source is no longer a persisted state but
just the default data source for new panels
* DataSourcePlugin API: Allow queries import when changing data source
type
* Elasticsearch: Respect maxConcurrentShardRequests datasource setting
* Explore: Allow users to save Explore state to a new panel in a new
dashboard
* Explore: Avoid locking timepicker when range is inverted.
* Explore: Fix closing split pane when logs panel is used
* Explore: Prevent direct access to explore if disabled via feature
toggle
* Explore: Remove return to panel button
* FileUpload: clicking the Upload file button now opens their modal
correctly
* Gauge: Fixes blank viz when data link exists and orientation was
horizontal
* GrafanaUI: Fix color of links in error Tooltips in light theme
* Histogram Panel: Take decimal into consideration
* InfluxDB: Fixes invalid no data alerts. #48295, @yesoreyeram
* Instrumentation: Fix HTTP request instrumentation of authentication
failures
* Instrumentation: Make backend plugin metrics endpoints available with
optional authentication
* Instrumentation: Proxy status code correction and various improvements
* LibraryPanels: Fix library panels not connecting properly in imported
dashboards
* LibraryPanels: Prevent long descriptions and names from obscuring the
delete button
* Logger: Use specified format for file logger
* Logging: Introduce feature toggle to activate gokit/log format
* Logs: Handle missing fields in dataframes better
* Loki: Improve unpack parser handling
* ManageDashboards: Fix error when deleting all dashboards from folder
view
* Middleware: Fix IPv6 host parsing in CSRF check
* Navigation: Prevent navbar briefly showing on login
* NewsPanel: Add support for Atom feeds. #45390, @kaydelaney
* OAuth: Fix parsing of ID token if header contains non-string value
* Panel Edit: Options search now works correctly when a logarithmic
scale option is set
* Panel Edit: Visualization search now works correctly with special
characters
* Plugins Catalog: Fix styling of hyperlinks
* Plugins: Add deprecation notice for /api/tsdb/query endpoint
* Plugins: Adding support for traceID field to accept variables
* Plugins: Ensure catching all appropriate 4xx api/ds/query scenarios
* Postgres: Return tables with hyphenated schemes
* PostgreSQL: __unixEpochGroup to support arithmetic expression as
argument
* Profile/Help: Expose option to disable profile section and help menu
* Prometheus: Enable new visual query builder by default
* Provisioning: Fix duplicate validation when multiple organizations
have been configured inserted
* RBAC: Fix Anonymous Editors missing dashboard controls
* RolePicker: Fix menu position on smaller screens
* SAML: Allow disabling of SAML signups
* Search: Sort results correctly when using postgres
* Security: Fixes minor code scanning security warnings in old vendored
javascript libs
* Table panel: Fix horizontal scrolling when pagination is enabled
* Table panel: Show datalinks for cell display modes JSON View and Gauge
derivates
* Table: Fix filter crashes table
* Table: New pagination option
* TablePanel: Add cell inspect option
* TablePanel: Do not prefix columns with frame name if multipleframes
and override active
* TagsInput: Fix tags remove button accessibility issues
* Tempo / Trace Viewer: Support Span Links in Trace Viewer
* Tempo: Download span references in data inspector
* Tempo: Separate trace to logs and loki search datasource config
* TextPanel: Sanitize after markdown has been rendered to html
* TimeRange: Fixes updating time range from url and browser history
* TimeSeries: Fix detection & rendering of sparse datapoints
* Timeseries: Fix outside range stale state
* TimeSeries: Properly stack series with missing datapoints
* TimeSeries: Sort tooltip values based on raw values
* Tooltip: Fix links not legible in Tooltips when using light theme
* Tooltip: Sort decimals using standard numeric compare
* Trace View: Show number of child spans
* Transformations: Support escaped characters in key-value pair parsing
* Transforms: Labels to fields, fix label picker layout
* Variables: Ensure variables in query params are correctly recognised
* Variables: Fix crash when changing query variable datasource
* Variables: Fixes issue with data source variables not updating queries
with variable
* Visualizations: Stack negative-valued series downwards
- Plugin development fixes:
* Card: Increase clickable area when meta items are present.
* ClipboardButton: Use a fallback when the Clipboard API is unavailable
* Loki: Fix operator description propup from being shortened.
* OAuth: Add setting to skip org assignment for external users
* Tooltips: Make tooltips non interactive by default
* Tracing: Add option to map tag names to log label names in trace to
logs settings
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-4428=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-4428=1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4:
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP4-2022-4428=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
grafana-8.5.13-150200.3.29.5
grafana-debuginfo-8.5.13-150200.3.29.5
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
grafana-8.5.13-150200.3.29.5
grafana-debuginfo-8.5.13-150200.3.29.5
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4 (aarch64 ppc64le s390x x86_64):
grafana-8.5.13-150200.3.29.5
References:
https://www.suse.com/security/cve/CVE-2021-36222.html
https://www.suse.com/security/cve/CVE-2021-3711.html
https://www.suse.com/security/cve/CVE-2021-41174.html
https://www.suse.com/security/cve/CVE-2021-41244.html
https://www.suse.com/security/cve/CVE-2021-43798.html
https://www.suse.com/security/cve/CVE-2021-43813.html
https://www.suse.com/security/cve/CVE-2021-43815.html
https://www.suse.com/security/cve/CVE-2022-29170.html
https://www.suse.com/security/cve/CVE-2022-31097.html
https://www.suse.com/security/cve/CVE-2022-31107.html
https://www.suse.com/security/cve/CVE-2022-35957.html
https://www.suse.com/security/cve/CVE-2022-36062.html
https://bugzilla.suse.com/1188571
https://bugzilla.suse.com/1189520
https://bugzilla.suse.com/1192383
https://bugzilla.suse.com/1192763
https://bugzilla.suse.com/1193492
https://bugzilla.suse.com/1193686
https://bugzilla.suse.com/1199810
https://bugzilla.suse.com/1201535
https://bugzilla.suse.com/1201539
https://bugzilla.suse.com/1203596
https://bugzilla.suse.com/1203597
1
0
SUSE-SU-2022:4411-1: important: Security update for tiff
by opensuse-security@opensuse.org 13 Dec '22
by opensuse-security@opensuse.org 13 Dec '22
13 Dec '22
SUSE Security Update: Security update for tiff
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:4411-1
Rating: important
References: #1204642 #1205422
Cross-References: CVE-2022-3570 CVE-2022-3598
CVSS scores:
CVE-2022-3570 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2022-3570 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-3598 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2022-3598 (SUSE): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Affected Products:
SUSE CaaS Platform 4.0
SUSE Enterprise Storage 6
SUSE Enterprise Storage 7
SUSE Enterprise Storage 7.1
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-ESPOS
SUSE Linux Enterprise High Performance Computing 15-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Micro 5.2
SUSE Linux Enterprise Micro 5.3
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Module for Desktop Applications 15-SP3
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4
SUSE Linux Enterprise Server 15-LTSS
SUSE Linux Enterprise Server 15-SP1-BCL
SUSE Linux Enterprise Server 15-SP1-LTSS
SUSE Linux Enterprise Server 15-SP2-BCL
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP 15
SUSE Linux Enterprise Server for SAP 15-SP1
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.1
SUSE Manager Retail Branch Server 4.2
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.1
SUSE Manager Server 4.2
SUSE Manager Server 4.3
openSUSE Leap 15.3
openSUSE Leap 15.4
openSUSE Leap Micro 5.2
openSUSE Leap Micro 5.3
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for tiff fixes the following issues:
- CVE-2022-3570: Fixed heap buffer overflows in tiffcrop.c (bsc#1205422).
- CVE-2022-3598: Fixed out-of-bounds write in
extractContigSamplesShifted24bits in tools/tiffcrop.c [bsc#1204642]
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap Micro 5.3:
zypper in -t patch openSUSE-Leap-Micro-5.3-2022-4411=1
- openSUSE Leap Micro 5.2:
zypper in -t patch openSUSE-Leap-Micro-5.2-2022-4411=1
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-4411=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-4411=1
- SUSE Manager Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-4411=1
- SUSE Manager Retail Branch Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-4411=1
- SUSE Manager Proxy 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-4411=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-4411=1
- SUSE Linux Enterprise Server for SAP 15-SP1:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2022-4411=1
- SUSE Linux Enterprise Server for SAP 15:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-2022-4411=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-4411=1
- SUSE Linux Enterprise Server 15-SP2-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-4411=1
- SUSE Linux Enterprise Server 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2022-4411=1
- SUSE Linux Enterprise Server 15-SP1-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-BCL-2022-4411=1
- SUSE Linux Enterprise Server 15-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-2022-4411=1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4:
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP4-2022-4411=1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3:
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP3-2022-4411=1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP3:
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP3-2022-4411=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-4411=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-4411=1
- SUSE Linux Enterprise Micro 5.3:
zypper in -t patch SUSE-SLE-Micro-5.3-2022-4411=1
- SUSE Linux Enterprise Micro 5.2:
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2022-4411=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-4411=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-4411=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-LTSS-2022-4411=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-ESPOS-2022-4411=1
- SUSE Linux Enterprise High Performance Computing 15-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-2022-4411=1
- SUSE Linux Enterprise High Performance Computing 15-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-2022-4411=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2022-4411=1
- SUSE Enterprise Storage 6:
zypper in -t patch SUSE-Storage-6-2022-4411=1
- SUSE CaaS Platform 4.0:
To install this update, use the SUSE CaaS Platform 'skuba' tool. It
will inform you if it detects new updates and let you then trigger
updating of the complete cluster in a controlled way.
Package List:
- openSUSE Leap Micro 5.3 (aarch64 x86_64):
libtiff5-4.0.9-150000.45.22.1
libtiff5-debuginfo-4.0.9-150000.45.22.1
tiff-debuginfo-4.0.9-150000.45.22.1
tiff-debugsource-4.0.9-150000.45.22.1
- openSUSE Leap Micro 5.2 (aarch64 x86_64):
libtiff5-4.0.9-150000.45.22.1
libtiff5-debuginfo-4.0.9-150000.45.22.1
tiff-debuginfo-4.0.9-150000.45.22.1
tiff-debugsource-4.0.9-150000.45.22.1
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
libtiff-devel-4.0.9-150000.45.22.1
libtiff5-4.0.9-150000.45.22.1
libtiff5-debuginfo-4.0.9-150000.45.22.1
tiff-4.0.9-150000.45.22.1
tiff-debuginfo-4.0.9-150000.45.22.1
tiff-debugsource-4.0.9-150000.45.22.1
- openSUSE Leap 15.4 (x86_64):
libtiff-devel-32bit-4.0.9-150000.45.22.1
libtiff5-32bit-4.0.9-150000.45.22.1
libtiff5-32bit-debuginfo-4.0.9-150000.45.22.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
libtiff-devel-4.0.9-150000.45.22.1
libtiff5-4.0.9-150000.45.22.1
libtiff5-debuginfo-4.0.9-150000.45.22.1
tiff-4.0.9-150000.45.22.1
tiff-debuginfo-4.0.9-150000.45.22.1
tiff-debugsource-4.0.9-150000.45.22.1
- openSUSE Leap 15.3 (x86_64):
libtiff-devel-32bit-4.0.9-150000.45.22.1
libtiff5-32bit-4.0.9-150000.45.22.1
libtiff5-32bit-debuginfo-4.0.9-150000.45.22.1
- SUSE Manager Server 4.1 (ppc64le s390x x86_64):
libtiff-devel-4.0.9-150000.45.22.1
libtiff5-4.0.9-150000.45.22.1
libtiff5-debuginfo-4.0.9-150000.45.22.1
tiff-debuginfo-4.0.9-150000.45.22.1
tiff-debugsource-4.0.9-150000.45.22.1
- SUSE Manager Server 4.1 (x86_64):
libtiff5-32bit-4.0.9-150000.45.22.1
libtiff5-32bit-debuginfo-4.0.9-150000.45.22.1
- SUSE Manager Retail Branch Server 4.1 (x86_64):
libtiff-devel-4.0.9-150000.45.22.1
libtiff5-32bit-4.0.9-150000.45.22.1
libtiff5-32bit-debuginfo-4.0.9-150000.45.22.1
libtiff5-4.0.9-150000.45.22.1
libtiff5-debuginfo-4.0.9-150000.45.22.1
tiff-debuginfo-4.0.9-150000.45.22.1
tiff-debugsource-4.0.9-150000.45.22.1
- SUSE Manager Proxy 4.1 (x86_64):
libtiff-devel-4.0.9-150000.45.22.1
libtiff5-32bit-4.0.9-150000.45.22.1
libtiff5-32bit-debuginfo-4.0.9-150000.45.22.1
libtiff5-4.0.9-150000.45.22.1
libtiff5-debuginfo-4.0.9-150000.45.22.1
tiff-debuginfo-4.0.9-150000.45.22.1
tiff-debugsource-4.0.9-150000.45.22.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64):
libtiff-devel-4.0.9-150000.45.22.1
libtiff5-4.0.9-150000.45.22.1
libtiff5-debuginfo-4.0.9-150000.45.22.1
tiff-debuginfo-4.0.9-150000.45.22.1
tiff-debugsource-4.0.9-150000.45.22.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (x86_64):
libtiff5-32bit-4.0.9-150000.45.22.1
libtiff5-32bit-debuginfo-4.0.9-150000.45.22.1
- SUSE Linux Enterprise Server for SAP 15-SP1 (ppc64le x86_64):
libtiff-devel-4.0.9-150000.45.22.1
libtiff5-4.0.9-150000.45.22.1
libtiff5-debuginfo-4.0.9-150000.45.22.1
tiff-debuginfo-4.0.9-150000.45.22.1
tiff-debugsource-4.0.9-150000.45.22.1
- SUSE Linux Enterprise Server for SAP 15-SP1 (x86_64):
libtiff5-32bit-4.0.9-150000.45.22.1
libtiff5-32bit-debuginfo-4.0.9-150000.45.22.1
- SUSE Linux Enterprise Server for SAP 15 (ppc64le x86_64):
libtiff-devel-4.0.9-150000.45.22.1
libtiff5-4.0.9-150000.45.22.1
libtiff5-debuginfo-4.0.9-150000.45.22.1
tiff-debuginfo-4.0.9-150000.45.22.1
tiff-debugsource-4.0.9-150000.45.22.1
- SUSE Linux Enterprise Server for SAP 15 (x86_64):
libtiff5-32bit-4.0.9-150000.45.22.1
libtiff5-32bit-debuginfo-4.0.9-150000.45.22.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64):
libtiff-devel-4.0.9-150000.45.22.1
libtiff5-4.0.9-150000.45.22.1
libtiff5-debuginfo-4.0.9-150000.45.22.1
tiff-debuginfo-4.0.9-150000.45.22.1
tiff-debugsource-4.0.9-150000.45.22.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (x86_64):
libtiff5-32bit-4.0.9-150000.45.22.1
libtiff5-32bit-debuginfo-4.0.9-150000.45.22.1
- SUSE Linux Enterprise Server 15-SP2-BCL (x86_64):
libtiff-devel-4.0.9-150000.45.22.1
libtiff5-32bit-4.0.9-150000.45.22.1
libtiff5-32bit-debuginfo-4.0.9-150000.45.22.1
libtiff5-4.0.9-150000.45.22.1
libtiff5-debuginfo-4.0.9-150000.45.22.1
tiff-debuginfo-4.0.9-150000.45.22.1
tiff-debugsource-4.0.9-150000.45.22.1
- SUSE Linux Enterprise Server 15-SP1-LTSS (aarch64 ppc64le s390x x86_64):
libtiff-devel-4.0.9-150000.45.22.1
libtiff5-4.0.9-150000.45.22.1
libtiff5-debuginfo-4.0.9-150000.45.22.1
tiff-debuginfo-4.0.9-150000.45.22.1
tiff-debugsource-4.0.9-150000.45.22.1
- SUSE Linux Enterprise Server 15-SP1-LTSS (x86_64):
libtiff5-32bit-4.0.9-150000.45.22.1
libtiff5-32bit-debuginfo-4.0.9-150000.45.22.1
- SUSE Linux Enterprise Server 15-SP1-BCL (x86_64):
libtiff-devel-4.0.9-150000.45.22.1
libtiff5-32bit-4.0.9-150000.45.22.1
libtiff5-32bit-debuginfo-4.0.9-150000.45.22.1
libtiff5-4.0.9-150000.45.22.1
libtiff5-debuginfo-4.0.9-150000.45.22.1
tiff-debuginfo-4.0.9-150000.45.22.1
tiff-debugsource-4.0.9-150000.45.22.1
- SUSE Linux Enterprise Server 15-LTSS (aarch64 s390x):
libtiff-devel-4.0.9-150000.45.22.1
libtiff5-4.0.9-150000.45.22.1
libtiff5-debuginfo-4.0.9-150000.45.22.1
tiff-debuginfo-4.0.9-150000.45.22.1
tiff-debugsource-4.0.9-150000.45.22.1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4 (aarch64 ppc64le s390x x86_64):
tiff-4.0.9-150000.45.22.1
tiff-debuginfo-4.0.9-150000.45.22.1
tiff-debugsource-4.0.9-150000.45.22.1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3 (aarch64 ppc64le s390x x86_64):
tiff-4.0.9-150000.45.22.1
tiff-debuginfo-4.0.9-150000.45.22.1
tiff-debugsource-4.0.9-150000.45.22.1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3 (x86_64):
libtiff5-32bit-4.0.9-150000.45.22.1
libtiff5-32bit-debuginfo-4.0.9-150000.45.22.1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP3 (x86_64):
libtiff5-32bit-4.0.9-150000.45.22.1
libtiff5-32bit-debuginfo-4.0.9-150000.45.22.1
tiff-debugsource-4.0.9-150000.45.22.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64 ppc64le s390x x86_64):
libtiff-devel-4.0.9-150000.45.22.1
libtiff5-4.0.9-150000.45.22.1
libtiff5-debuginfo-4.0.9-150000.45.22.1
tiff-debuginfo-4.0.9-150000.45.22.1
tiff-debugsource-4.0.9-150000.45.22.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (x86_64):
libtiff5-32bit-4.0.9-150000.45.22.1
libtiff5-32bit-debuginfo-4.0.9-150000.45.22.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64):
libtiff-devel-4.0.9-150000.45.22.1
libtiff5-4.0.9-150000.45.22.1
libtiff5-debuginfo-4.0.9-150000.45.22.1
tiff-debuginfo-4.0.9-150000.45.22.1
tiff-debugsource-4.0.9-150000.45.22.1
- SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64):
libtiff5-4.0.9-150000.45.22.1
libtiff5-debuginfo-4.0.9-150000.45.22.1
tiff-debuginfo-4.0.9-150000.45.22.1
tiff-debugsource-4.0.9-150000.45.22.1
- SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64):
libtiff5-4.0.9-150000.45.22.1
libtiff5-debuginfo-4.0.9-150000.45.22.1
tiff-debuginfo-4.0.9-150000.45.22.1
tiff-debugsource-4.0.9-150000.45.22.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64):
libtiff-devel-4.0.9-150000.45.22.1
libtiff5-4.0.9-150000.45.22.1
libtiff5-debuginfo-4.0.9-150000.45.22.1
tiff-debuginfo-4.0.9-150000.45.22.1
tiff-debugsource-4.0.9-150000.45.22.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (x86_64):
libtiff5-32bit-4.0.9-150000.45.22.1
libtiff5-32bit-debuginfo-4.0.9-150000.45.22.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (aarch64 x86_64):
libtiff-devel-4.0.9-150000.45.22.1
libtiff5-4.0.9-150000.45.22.1
libtiff5-debuginfo-4.0.9-150000.45.22.1
tiff-debuginfo-4.0.9-150000.45.22.1
tiff-debugsource-4.0.9-150000.45.22.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (x86_64):
libtiff5-32bit-4.0.9-150000.45.22.1
libtiff5-32bit-debuginfo-4.0.9-150000.45.22.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (aarch64 x86_64):
libtiff-devel-4.0.9-150000.45.22.1
libtiff5-4.0.9-150000.45.22.1
libtiff5-debuginfo-4.0.9-150000.45.22.1
tiff-debuginfo-4.0.9-150000.45.22.1
tiff-debugsource-4.0.9-150000.45.22.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (x86_64):
libtiff5-32bit-4.0.9-150000.45.22.1
libtiff5-32bit-debuginfo-4.0.9-150000.45.22.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (aarch64 x86_64):
libtiff-devel-4.0.9-150000.45.22.1
libtiff5-4.0.9-150000.45.22.1
libtiff5-debuginfo-4.0.9-150000.45.22.1
tiff-debuginfo-4.0.9-150000.45.22.1
tiff-debugsource-4.0.9-150000.45.22.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (x86_64):
libtiff5-32bit-4.0.9-150000.45.22.1
libtiff5-32bit-debuginfo-4.0.9-150000.45.22.1
- SUSE Linux Enterprise High Performance Computing 15-LTSS (aarch64 x86_64):
libtiff-devel-4.0.9-150000.45.22.1
libtiff5-4.0.9-150000.45.22.1
libtiff5-debuginfo-4.0.9-150000.45.22.1
tiff-debuginfo-4.0.9-150000.45.22.1
tiff-debugsource-4.0.9-150000.45.22.1
- SUSE Linux Enterprise High Performance Computing 15-LTSS (x86_64):
libtiff5-32bit-4.0.9-150000.45.22.1
libtiff5-32bit-debuginfo-4.0.9-150000.45.22.1
- SUSE Linux Enterprise High Performance Computing 15-ESPOS (aarch64 x86_64):
libtiff-devel-4.0.9-150000.45.22.1
libtiff5-4.0.9-150000.45.22.1
libtiff5-debuginfo-4.0.9-150000.45.22.1
tiff-debuginfo-4.0.9-150000.45.22.1
tiff-debugsource-4.0.9-150000.45.22.1
- SUSE Linux Enterprise High Performance Computing 15-ESPOS (x86_64):
libtiff5-32bit-4.0.9-150000.45.22.1
libtiff5-32bit-debuginfo-4.0.9-150000.45.22.1
- SUSE Enterprise Storage 7 (aarch64 x86_64):
libtiff-devel-4.0.9-150000.45.22.1
libtiff5-4.0.9-150000.45.22.1
libtiff5-debuginfo-4.0.9-150000.45.22.1
tiff-debuginfo-4.0.9-150000.45.22.1
tiff-debugsource-4.0.9-150000.45.22.1
- SUSE Enterprise Storage 7 (x86_64):
libtiff5-32bit-4.0.9-150000.45.22.1
libtiff5-32bit-debuginfo-4.0.9-150000.45.22.1
- SUSE Enterprise Storage 6 (aarch64 x86_64):
libtiff-devel-4.0.9-150000.45.22.1
libtiff5-4.0.9-150000.45.22.1
libtiff5-debuginfo-4.0.9-150000.45.22.1
tiff-debuginfo-4.0.9-150000.45.22.1
tiff-debugsource-4.0.9-150000.45.22.1
- SUSE Enterprise Storage 6 (x86_64):
libtiff5-32bit-4.0.9-150000.45.22.1
libtiff5-32bit-debuginfo-4.0.9-150000.45.22.1
- SUSE CaaS Platform 4.0 (x86_64):
libtiff-devel-4.0.9-150000.45.22.1
libtiff5-32bit-4.0.9-150000.45.22.1
libtiff5-32bit-debuginfo-4.0.9-150000.45.22.1
libtiff5-4.0.9-150000.45.22.1
libtiff5-debuginfo-4.0.9-150000.45.22.1
tiff-debuginfo-4.0.9-150000.45.22.1
tiff-debugsource-4.0.9-150000.45.22.1
References:
https://www.suse.com/security/cve/CVE-2022-3570.html
https://www.suse.com/security/cve/CVE-2022-3598.html
https://bugzilla.suse.com/1204642
https://bugzilla.suse.com/1205422
1
0
SUSE-RU-2022:4412-1: moderate: Recommended update for suse-build-key
by maintenance@opensuse.org 13 Dec '22
by maintenance@opensuse.org 13 Dec '22
13 Dec '22
SUSE Recommended Update: Recommended update for suse-build-key
______________________________________________________________________________
Announcement ID: SUSE-RU-2022:4412-1
Rating: moderate
References: #1204706
Affected Products:
SUSE CaaS Platform 4.0
SUSE Enterprise Storage 6
SUSE Enterprise Storage 7
SUSE Enterprise Storage 7.1
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-ESPOS
SUSE Linux Enterprise High Performance Computing 15-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Micro 5.1
SUSE Linux Enterprise Micro 5.2
SUSE Linux Enterprise Micro 5.3
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Server 15-LTSS
SUSE Linux Enterprise Server 15-SP1-BCL
SUSE Linux Enterprise Server 15-SP1-LTSS
SUSE Linux Enterprise Server 15-SP2-BCL
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP 15
SUSE Linux Enterprise Server for SAP 15-SP1
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.1
SUSE Manager Retail Branch Server 4.2
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.1
SUSE Manager Server 4.2
SUSE Manager Server 4.3
openSUSE Leap 15.3
openSUSE Leap 15.4
openSUSE Leap Micro 5.2
______________________________________________________________________________
An update that has one recommended fix can now be installed.
Description:
This update for suse-build-key fixes the following issues:
- added /usr/share/pki/containers directory for container pem keys
(cosign/sigstore style), put the SUSE Container signing PEM key there
too (bsc#1204706)
Patch Instructions:
To install this SUSE Recommended Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap Micro 5.2:
zypper in -t patch openSUSE-Leap-Micro-5.2-2022-4412=1
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-4412=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-4412=1
- SUSE Manager Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-4412=1
- SUSE Manager Retail Branch Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-4412=1
- SUSE Manager Proxy 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-4412=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-4412=1
- SUSE Linux Enterprise Server for SAP 15-SP1:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2022-4412=1
- SUSE Linux Enterprise Server for SAP 15:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-2022-4412=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-4412=1
- SUSE Linux Enterprise Server 15-SP2-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-4412=1
- SUSE Linux Enterprise Server 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2022-4412=1
- SUSE Linux Enterprise Server 15-SP1-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-BCL-2022-4412=1
- SUSE Linux Enterprise Server 15-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-2022-4412=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-4412=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-4412=1
- SUSE Linux Enterprise Micro 5.3:
zypper in -t patch SUSE-SLE-Micro-5.3-2022-4412=1
- SUSE Linux Enterprise Micro 5.2:
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2022-4412=1
- SUSE Linux Enterprise Micro 5.1:
zypper in -t patch SUSE-SUSE-MicroOS-5.1-2022-4412=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-4412=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-4412=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-LTSS-2022-4412=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-ESPOS-2022-4412=1
- SUSE Linux Enterprise High Performance Computing 15-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-2022-4412=1
- SUSE Linux Enterprise High Performance Computing 15-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-2022-4412=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2022-4412=1
- SUSE Enterprise Storage 6:
zypper in -t patch SUSE-Storage-6-2022-4412=1
- SUSE CaaS Platform 4.0:
To install this update, use the SUSE CaaS Platform 'skuba' tool. It
will inform you if it detects new updates and let you then trigger
updating of the complete cluster in a controlled way.
Package List:
- openSUSE Leap Micro 5.2 (noarch):
suse-build-key-12.0-150000.8.28.1
- openSUSE Leap 15.4 (noarch):
suse-build-key-12.0-150000.8.28.1
- openSUSE Leap 15.3 (noarch):
suse-build-key-12.0-150000.8.28.1
- SUSE Manager Server 4.1 (noarch):
suse-build-key-12.0-150000.8.28.1
- SUSE Manager Retail Branch Server 4.1 (noarch):
suse-build-key-12.0-150000.8.28.1
- SUSE Manager Proxy 4.1 (noarch):
suse-build-key-12.0-150000.8.28.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (noarch):
suse-build-key-12.0-150000.8.28.1
- SUSE Linux Enterprise Server for SAP 15-SP1 (noarch):
suse-build-key-12.0-150000.8.28.1
- SUSE Linux Enterprise Server for SAP 15 (noarch):
suse-build-key-12.0-150000.8.28.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (noarch):
suse-build-key-12.0-150000.8.28.1
- SUSE Linux Enterprise Server 15-SP2-BCL (noarch):
suse-build-key-12.0-150000.8.28.1
- SUSE Linux Enterprise Server 15-SP1-LTSS (noarch):
suse-build-key-12.0-150000.8.28.1
- SUSE Linux Enterprise Server 15-SP1-BCL (noarch):
suse-build-key-12.0-150000.8.28.1
- SUSE Linux Enterprise Server 15-LTSS (noarch):
suse-build-key-12.0-150000.8.28.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (noarch):
suse-build-key-12.0-150000.8.28.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (noarch):
suse-build-key-12.0-150000.8.28.1
- SUSE Linux Enterprise Micro 5.3 (noarch):
suse-build-key-12.0-150000.8.28.1
- SUSE Linux Enterprise Micro 5.2 (noarch):
suse-build-key-12.0-150000.8.28.1
- SUSE Linux Enterprise Micro 5.1 (noarch):
suse-build-key-12.0-150000.8.28.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (noarch):
suse-build-key-12.0-150000.8.28.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (noarch):
suse-build-key-12.0-150000.8.28.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (noarch):
suse-build-key-12.0-150000.8.28.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (noarch):
suse-build-key-12.0-150000.8.28.1
- SUSE Linux Enterprise High Performance Computing 15-LTSS (noarch):
suse-build-key-12.0-150000.8.28.1
- SUSE Linux Enterprise High Performance Computing 15-ESPOS (noarch):
suse-build-key-12.0-150000.8.28.1
- SUSE Enterprise Storage 7 (noarch):
suse-build-key-12.0-150000.8.28.1
- SUSE Enterprise Storage 6 (noarch):
suse-build-key-12.0-150000.8.28.1
- SUSE CaaS Platform 4.0 (noarch):
suse-build-key-12.0-150000.8.28.1
References:
https://bugzilla.suse.com/1204706
1
0
openSUSE-RU-2022:10243-1: moderate: Recommended update for kernel modules
by maintenance@opensuse.org 12 Dec '22
by maintenance@opensuse.org 12 Dec '22
12 Dec '22
openSUSE Recommended Update: Recommended update for kernel modules
______________________________________________________________________________
Announcement ID: openSUSE-RU-2022:10243-1
Rating: moderate
References:
Affected Products:
openSUSE Leap 15.4
______________________________________________________________________________
An update that has 0 recommended fixes can now be installed.
Description:
This update for Leap 15.4 kernel modules rebuilds them with the new UEFI
secure boot key.
Patch Instructions:
To install this openSUSE Recommended Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-2022-10243=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
mhvtl-1.64_release+835.6beb0aa01437-lp154.2.2.1
mhvtl-debuginfo-1.64_release+835.6beb0aa01437-lp154.2.2.1
mhvtl-debugsource-1.64_release+835.6beb0aa01437-lp154.2.2.1
mhvtl-kmp-default-1.64_release+835.6beb0aa01437_k5.14.21_150400.24.33-lp154.2.2.1
mhvtl-kmp-default-debuginfo-1.64_release+835.6beb0aa01437_k5.14.21_150400.24.33-lp154.2.2.1
openafs-1.8.8-lp154.2.2.1
openafs-authlibs-1.8.8-lp154.2.2.1
openafs-authlibs-debuginfo-1.8.8-lp154.2.2.1
openafs-authlibs-devel-1.8.8-lp154.2.2.1
openafs-client-1.8.8-lp154.2.2.1
openafs-client-debuginfo-1.8.8-lp154.2.2.1
openafs-debuginfo-1.8.8-lp154.2.2.1
openafs-debugsource-1.8.8-lp154.2.2.1
openafs-devel-1.8.8-lp154.2.2.1
openafs-devel-debuginfo-1.8.8-lp154.2.2.1
openafs-fuse_client-1.8.8-lp154.2.2.1
openafs-fuse_client-debuginfo-1.8.8-lp154.2.2.1
openafs-kernel-source-1.8.8-lp154.2.2.1
openafs-server-1.8.8-lp154.2.2.1
openafs-server-debuginfo-1.8.8-lp154.2.2.1
vhba-kmp-default-20211023_k5.14.21_150400.24.33-lp154.2.2.1
vhba-kmp-default-debuginfo-20211023_k5.14.21_150400.24.33-lp154.2.2.1
xtables-addons-3.18-lp154.2.2.1
xtables-addons-debuginfo-3.18-lp154.2.2.1
xtables-addons-kmp-default-3.18_k5.14.21_150400.24.33-lp154.2.2.1
xtables-addons-kmp-default-debuginfo-3.18_k5.14.21_150400.24.33-lp154.2.2.1
- openSUSE Leap 15.4 (aarch64 ppc64le x86_64):
pcfclock-0.44-lp154.2.2.1
pcfclock-debuginfo-0.44-lp154.2.2.1
pcfclock-debugsource-0.44-lp154.2.2.1
pcfclock-kmp-default-0.44_k5.14.21_150400.24.33-lp154.2.2.1
pcfclock-kmp-default-debuginfo-0.44_k5.14.21_150400.24.33-lp154.2.2.1
rtl8812au-5.9.3.2+git20210427.6ef5d8f-lp154.3.2.1
rtl8812au-debugsource-5.9.3.2+git20210427.6ef5d8f-lp154.3.2.1
rtl8812au-kmp-default-5.9.3.2+git20210427.6ef5d8f_k5.14.21_150400.24.33-lp154.3.2.1
rtl8812au-kmp-default-debuginfo-5.9.3.2+git20210427.6ef5d8f_k5.14.21_150400.24.33-lp154.3.2.1
- openSUSE Leap 15.4 (aarch64 s390x x86_64):
openafs-kmp-default-1.8.8_k5.14.21_150400.24.33-lp154.2.2.1
openafs-kmp-default-debuginfo-1.8.8_k5.14.21_150400.24.33-lp154.2.2.1
- openSUSE Leap 15.4 (aarch64 x86_64):
v4l2loopback-debugsource-0.12.5-lp154.3.5.1
v4l2loopback-kmp-default-0.12.5_k5.14.21_150400.24.33-lp154.3.5.1
v4l2loopback-kmp-default-debuginfo-0.12.5_k5.14.21_150400.24.33-lp154.3.5.1
- openSUSE Leap 15.4 (aarch64):
mhvtl-kmp-64kb-1.64_release+835.6beb0aa01437_k5.14.21_150400.24.33-lp154.2.2.1
mhvtl-kmp-64kb-debuginfo-1.64_release+835.6beb0aa01437_k5.14.21_150400.24.33-lp154.2.2.1
openafs-kmp-64kb-1.8.8_k5.14.21_150400.24.33-lp154.2.2.1
openafs-kmp-64kb-debuginfo-1.8.8_k5.14.21_150400.24.33-lp154.2.2.1
pcfclock-kmp-64kb-0.44_k5.14.21_150400.24.33-lp154.2.2.1
pcfclock-kmp-64kb-debuginfo-0.44_k5.14.21_150400.24.33-lp154.2.2.1
rtl8812au-kmp-64kb-5.9.3.2+git20210427.6ef5d8f_k5.14.21_150400.24.33-lp154.3.2.1
rtl8812au-kmp-64kb-debuginfo-5.9.3.2+git20210427.6ef5d8f_k5.14.21_150400.24.33-lp154.3.2.1
v4l2loopback-kmp-64kb-0.12.5_k5.14.21_150400.24.33-lp154.3.5.1
v4l2loopback-kmp-64kb-debuginfo-0.12.5_k5.14.21_150400.24.33-lp154.3.5.1
vhba-kmp-64kb-20211023_k5.14.21_150400.24.33-lp154.2.2.1
vhba-kmp-64kb-debuginfo-20211023_k5.14.21_150400.24.33-lp154.2.2.1
xtables-addons-kmp-64kb-3.18_k5.14.21_150400.24.33-lp154.2.2.1
xtables-addons-kmp-64kb-debuginfo-3.18_k5.14.21_150400.24.33-lp154.2.2.1
- openSUSE Leap 15.4 (noarch):
v4l2loopback-autoload-0.12.5-lp154.3.5.1
v4l2loopback-utils-0.12.5-lp154.3.5.1
- openSUSE Leap 15.4 (x86_64):
bbswitch-0.8-lp154.2.2.1
bbswitch-debugsource-0.8-lp154.2.2.1
bbswitch-kmp-default-0.8_k5.14.21_150400.24.33-lp154.2.2.1
bbswitch-kmp-default-debuginfo-0.8_k5.14.21_150400.24.33-lp154.2.2.1
References:
1
0
SUSE-RU-2022:4405-1: moderate: Recommended update for selinux-policy
by maintenance@opensuse.org 12 Dec '22
by maintenance@opensuse.org 12 Dec '22
12 Dec '22
SUSE Recommended Update: Recommended update for selinux-policy
______________________________________________________________________________
Announcement ID: SUSE-RU-2022:4405-1
Rating: moderate
References: #1201015
Affected Products:
SUSE Linux Enterprise Micro 5.2
openSUSE Leap Micro 5.2
______________________________________________________________________________
An update that has one recommended fix can now be installed.
Description:
This update for selinux-policy fixes the following issues:
- Fix cloud-init runcmd issue with snapper (bsc#1201015)
Patch Instructions:
To install this SUSE Recommended Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap Micro 5.2:
zypper in -t patch openSUSE-Leap-Micro-5.2-2022-4405=1
- SUSE Linux Enterprise Micro 5.2:
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2022-4405=1
Package List:
- openSUSE Leap Micro 5.2 (noarch):
selinux-policy-20210716-150300.13.8.1
selinux-policy-devel-20210716-150300.13.8.1
selinux-policy-targeted-20210716-150300.13.8.1
- SUSE Linux Enterprise Micro 5.2 (noarch):
selinux-policy-20210716-150300.13.8.1
selinux-policy-devel-20210716-150300.13.8.1
selinux-policy-targeted-20210716-150300.13.8.1
References:
https://bugzilla.suse.com/1201015
1
0
SUSE-RU-2022:4404-1: moderate: Recommended update for libpulp
by maintenance@opensuse.org 12 Dec '22
by maintenance@opensuse.org 12 Dec '22
12 Dec '22
SUSE Recommended Update: Recommended update for libpulp
______________________________________________________________________________
Announcement ID: SUSE-RU-2022:4404-1
Rating: moderate
References: #1200129 #1200316
Affected Products:
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Live Patching 15-SP4
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP4
openSUSE Leap 15.4
______________________________________________________________________________
An update that has two recommended fixes can now be
installed.
Description:
This update for libpulp fixes the following issues:
- Fix ulp tool not patching on highly stressed environments. The reason
behind it is that a 10s timeout was not enough depending of how stressed
the machine is (bsc#1200316)
- Fix HANA testcase failures (bsc#1200129)
- Add support for searching for patches recursively so that to include
subdirectories
- Improve the process patching performance. This is achieved by reducing
ptrace calls and switching to 'process_vm_readv/writev' when possible,
and moving process discovery to a different thread.
Patch Instructions:
To install this SUSE Recommended Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-4404=1
- SUSE Linux Enterprise Module for Live Patching 15-SP4:
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2022-4404=1
Package List:
- openSUSE Leap 15.4 (x86_64):
libpulp-debuginfo-0.2.5-150400.3.6.1
libpulp-debugsource-0.2.5-150400.3.6.1
libpulp-tools-0.2.5-150400.3.6.1
libpulp-tools-debuginfo-0.2.5-150400.3.6.1
libpulp0-0.2.5-150400.3.6.1
libpulp0-debuginfo-0.2.5-150400.3.6.1
- SUSE Linux Enterprise Module for Live Patching 15-SP4 (x86_64):
libpulp-debuginfo-0.2.5-150400.3.6.1
libpulp-debugsource-0.2.5-150400.3.6.1
libpulp-tools-0.2.5-150400.3.6.1
libpulp-tools-debuginfo-0.2.5-150400.3.6.1
libpulp0-0.2.5-150400.3.6.1
libpulp0-debuginfo-0.2.5-150400.3.6.1
References:
https://bugzilla.suse.com/1200129
https://bugzilla.suse.com/1200316
1
0
SUSE-RU-2022:4404-1: moderate: Recommended update for libpulp
by maintenance@opensuse.org 12 Dec '22
by maintenance@opensuse.org 12 Dec '22
12 Dec '22
SUSE Recommended Update: Recommended update for libpulp
______________________________________________________________________________
Announcement ID: SUSE-RU-2022:4404-1
Rating: moderate
References: #1200129 #1200316
Affected Products:
openSUSE Leap 15.4
______________________________________________________________________________
An update that has two recommended fixes can now be
installed.
Description:
This update for libpulp fixes the following issues:
- Fix ulp tool not patching on highly stressed environments. The reason
behind it is that a 10s timeout was not enough depending of how stressed
the machine is (bsc#1200316)
- Fix HANA testcase failures (bsc#1200129)
- Add support for searching for patches recursively so that to include
subdirectories
- Improve the process patching performance. This is achieved by reducing
ptrace calls and switching to 'process_vm_readv/writev' when possible,
and moving process discovery to a different thread.
Patch Instructions:
To install this SUSE Recommended Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-4404=1
Package List:
- openSUSE Leap 15.4 (x86_64):
libpulp-debuginfo-0.2.5-150400.3.6.1
libpulp-debugsource-0.2.5-150400.3.6.1
libpulp-tools-0.2.5-150400.3.6.1
libpulp-tools-debuginfo-0.2.5-150400.3.6.1
libpulp0-0.2.5-150400.3.6.1
libpulp0-debuginfo-0.2.5-150400.3.6.1
References:
https://bugzilla.suse.com/1200129
https://bugzilla.suse.com/1200316
1
0
SUSE-RU-2022:4407-1: moderate: Recommended update for gfxboot
by maintenance@opensuse.org 12 Dec '22
by maintenance@opensuse.org 12 Dec '22
12 Dec '22
SUSE Recommended Update: Recommended update for gfxboot
______________________________________________________________________________
Announcement ID: SUSE-RU-2022:4407-1
Rating: moderate
References: #1149754 #1199896
Affected Products:
openSUSE Leap 15.4
______________________________________________________________________________
An update that has two recommended fixes can now be
installed.
Description:
This update for gfxboot fixes the following issues:
- Fix Legacy Video BIOS "graphic initialization" failing (bsc#1199896)
- Updated README.md adding how to to build and view the bincode reference
- Translated using Weblate (Slovenian) (bsc#1149754)
Patch Instructions:
To install this SUSE Recommended Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-4407=1
Package List:
- openSUSE Leap 15.4 (x86_64):
gfxboot-4.5.85-150400.3.3.1
gfxboot-branding-KDE-4.5.85-150400.3.3.1
gfxboot-branding-SLED-4.5.85-150400.3.3.1
gfxboot-branding-SLES-4.5.85-150400.3.3.1
gfxboot-branding-upstream-4.5.85-150400.3.3.1
gfxboot-debugsource-4.5.85-150400.3.3.1
gfxboot-devel-4.5.85-150400.3.3.1
gfxboot-devel-debuginfo-4.5.85-150400.3.3.1
References:
https://bugzilla.suse.com/1149754
https://bugzilla.suse.com/1199896
1
0