openSUSE Updates
Threads by month
- ----- 2024 -----
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2023 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2022 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2021 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2020 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2019 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2018 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2017 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2016 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2015 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2014 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2013 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2012 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2011 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2010 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
April 2022
- 2 participants
- 136 discussions
14 Apr '22
SUSE Recommended Update: Recommended update for grub2
______________________________________________________________________________
Announcement ID: SUSE-RU-2022:1201-1
Rating: moderate
References: #1179981 #1191974 #1192622 #1195204
Affected Products:
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for SUSE Manager Proxy 4.2
SUSE Linux Enterprise Module for Server Applications 15-SP3
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Manager Proxy 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.3
______________________________________________________________________________
An update that has four recommended fixes can now be
installed.
Description:
This update for grub2 fixes the following issues:
- Fix grub-install error when efi system partition is created as mdadm
software raid1 device. (bsc#1179981, bsc#1195204)
- Fix error in grub-install when linux root device is on lvm thin volume.
(bsc#1192622, bsc#1191974)
Patch Instructions:
To install this SUSE Recommended Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1201=1
- SUSE Linux Enterprise Module for Server Applications 15-SP3:
zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP3-2022-1201=1
- SUSE Linux Enterprise Module for SUSE Manager Proxy 4.2:
zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Proxy-4.2-2022-1201=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-1201=1
Package List:
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
grub2-2.04-150300.22.15.2
grub2-branding-upstream-2.04-150300.22.15.2
grub2-debuginfo-2.04-150300.22.15.2
- openSUSE Leap 15.3 (aarch64 s390x x86_64):
grub2-debugsource-2.04-150300.22.15.2
- openSUSE Leap 15.3 (noarch):
grub2-arm64-efi-2.04-150300.22.15.2
grub2-arm64-efi-debug-2.04-150300.22.15.2
grub2-i386-pc-2.04-150300.22.15.2
grub2-i386-pc-debug-2.04-150300.22.15.2
grub2-powerpc-ieee1275-2.04-150300.22.15.2
grub2-powerpc-ieee1275-debug-2.04-150300.22.15.2
grub2-snapper-plugin-2.04-150300.22.15.2
grub2-systemd-sleep-plugin-2.04-150300.22.15.2
grub2-x86_64-efi-2.04-150300.22.15.2
grub2-x86_64-efi-debug-2.04-150300.22.15.2
grub2-x86_64-xen-2.04-150300.22.15.2
- openSUSE Leap 15.3 (s390x):
grub2-s390x-emu-2.04-150300.22.15.2
grub2-s390x-emu-debug-2.04-150300.22.15.2
- SUSE Linux Enterprise Module for Server Applications 15-SP3 (noarch):
grub2-x86_64-xen-2.04-150300.22.15.2
- SUSE Linux Enterprise Module for SUSE Manager Proxy 4.2 (noarch):
grub2-arm64-efi-2.04-150300.22.15.2
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64):
grub2-2.04-150300.22.15.2
grub2-debuginfo-2.04-150300.22.15.2
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 s390x x86_64):
grub2-debugsource-2.04-150300.22.15.2
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (noarch):
grub2-arm64-efi-2.04-150300.22.15.2
grub2-i386-pc-2.04-150300.22.15.2
grub2-powerpc-ieee1275-2.04-150300.22.15.2
grub2-snapper-plugin-2.04-150300.22.15.2
grub2-systemd-sleep-plugin-2.04-150300.22.15.2
grub2-x86_64-efi-2.04-150300.22.15.2
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (s390x):
grub2-s390x-emu-2.04-150300.22.15.2
References:
https://bugzilla.suse.com/1179981
https://bugzilla.suse.com/1191974
https://bugzilla.suse.com/1192622
https://bugzilla.suse.com/1195204
1
0
SUSE-RU-2022:1190-1: important: Recommended update for cloud-init
by maintenance@opensuse.org 13 Apr '22
by maintenance@opensuse.org 13 Apr '22
13 Apr '22
SUSE Recommended Update: Recommended update for cloud-init
______________________________________________________________________________
Announcement ID: SUSE-RU-2022:1190-1
Rating: important
References: #1192343 PM-3175 PM-3181
Affected Products:
SUSE Linux Enterprise High Performance Computing 15-SP1
SUSE Linux Enterprise High Performance Computing 15-SP2
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Public Cloud 15-SP1
SUSE Linux Enterprise Module for Public Cloud 15-SP2
SUSE Linux Enterprise Module for Public Cloud 15-SP3
SUSE Linux Enterprise Module for Public Cloud 15-SP4
SUSE Linux Enterprise Server 15-SP1
SUSE Linux Enterprise Server 15-SP2
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP1
SUSE Linux Enterprise Server for SAP Applications 15-SP2
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Linux Enterprise Storage 6
SUSE Linux Enterprise Storage 7
SUSE Manager Proxy 4.0
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Server 4.0
SUSE Manager Server 4.1
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that has one recommended fix and contains two
features can now be installed.
Description:
This update for cloud-init contains the following fixes:
- Update to version 21.4 (bsc#1192343, jsc#PM-3181)
+ Also include VMWare functionality for (jsc#PM-3175)
+ Remove patches included upstream.
+ Forward port fixes.
+ Fix for VMware Test, system dependend, not properly mocked previously.
+ Azure: fallback nic needs to be reevaluated during reprovisioning
(#1094) [Anh Vo]
+ azure: pps imds (#1093) [Anh Vo]
+ testing: Remove calls to 'install_new_cloud_init' (#1092)
+ Add LXD datasource (#1040)
+ Fix unhandled apt_configure case. (#1065) [Brett Holman]
+ Allow libexec for hotplug (#1088)
+ Add necessary mocks to test_ovf unit tests (#1087)
+ Remove (deprecated) apt-key (#1068) [Brett Holman] (LP: #1836336)
+ distros: Remove a completed "TODO" comment (#1086)
+ cc_ssh.py: Add configuration for controlling ssh-keygen output (#1083)
[dermotbradley]
+ Add "install hotplug" module (SC-476) (#1069) (LP: #1946003)
+ hosts.alpine.tmpl: rearrange the order of short and long hostnames
(#1084) [dermotbradley]
+ Add max version to docutils
+ cloudinit/dmi.py: Change warning to debug to prevent console display
(#1082) [dermotbradley]
+ remove unnecessary EOF string in
disable-sshd-keygen-if-cloud-init-active.conf (#1075) [Emanuele
Giuseppe Esposito]
+ Add module 'write-files-deferred' executed in stage 'final' (#916)
[Lucendio]
+ Bump pycloudlib to fix CI (#1080)
+ Remove pin in dependencies for jsonschema (#1078)
+ Add "Google" as possible system-product-name (#1077) [vteratipally]
+ Update Debian security suite for bullseye (#1076) [Johann Queuniet]
+ Leave the details of service management to the distro (#1074) [Andy
Fiddaman]
+ Fix typos in setup.py (#1059) [Christian Clauss]
+ Update Azure _unpickle (SC-500) (#1067) (LP: #1946644)
+ cc_ssh.py: fix private key group owner and permissions (#1070)
[Emanuele Giuseppe Esposito]
+ VMware: read network-config from ISO (#1066) [Thomas Wei��schuh]
+ testing: mock sleep in gce unit tests (#1072)
+ CloudStack: fix data-server DNS resolution (#1004) [Olivier Lemasle]
(LP: #1942232)
+ Fix unit test broken by pyyaml upgrade (#1071)
+ testing: add get_cloud function (SC-461) (#1038)
+ Inhibit sshd-keygen@.service if cloud-init is active (#1028) [Ryan
Harper]
+ VMWARE: search the deployPkg plugin in multiarch dir (#1061)
[xiaofengw-vmware] (LP: #1944946)
+ Fix set-name/interface DNS bug (#1058) [Andrew Kutz] (LP: #1946493)
+ Use specified tmp location for growpart (#1046) [jshen28]
+ .gitignore: ignore tags file for ctags users (#1057) [Brett Holman]
+ Allow comments in runcmd and report failed commands correctly (#1049)
[Brett Holman] (LP: #1853146)
+ tox integration: pass the *_proxy, GOOGLE_*, GCP_* env vars (#1050)
[Paride Legovini]
+ Allow disabling of network activation (SC-307) (#1048) (LP: #1938299)
+ renderer: convert relative imports to absolute (#1052) [Paride
Legovini]
+ Support ETHx_IP6_GATEWAY, SET_HOSTNAME on OpenNebula (#1045)
[Vlastimil Holer]
+ integration-requirements: bump the pycloudlib commit (#1047) [Paride
Legovini]
+ Allow Vultr to set MTU and use as-is configs (#1037) [eb3095]
+ pin jsonschema in requirements.txt (#1043)
+ testing: remove cloud_tests (#1020)
+ Add andgein as contributor (#1042) [Andrew Gein]
+ Make wording for module frequency consistent (#1039) [Nicolas Bock]
+ Use ascii code for growpart (#1036) [jshen28]
+ Add jshen28 as contributor (#1035) [jshen28]
+ Skip test_cache_purged_on_version_change on Azure (#1033)
+ Remove invalid ssh_import_id from examples (#1031)
+ Cleanup Vultr support (#987) [eb3095]
+ docs: update cc_disk_setup for fs to raw disk (#1017)
+ HACKING.rst: change contact info to James Falcon (#1030)
+ tox: bump the pinned flake8 and pylint version (#1029) [Paride
Legovini] (LP: #1944414)
+ Add retries to DataSourceGCE.py when connecting to GCE (#1005)
[vteratipally]
+ Set Azure to apply networking config every BOOT (#1023)
+ Add connectivity_url to Oracle's EphemeralDHCPv4 (#988) (LP: #1939603)
+ docs: fix typo and include sudo for report bugs commands (#1022)
[Renan Rodrigo] (LP: #1940236)
+ VMware: Fix typo introduced in #947 and add test (#1019) [PengpengSun]
+ Update IPv6 entries in /etc/hosts (#1021) [Richard Hansen] (LP:
#1943798)
+ Integration test upgrades for the 21.3-1 SRU (#1001)
+ Add Jille to tools/.github-cla-signers (#1016) [Jille Timmermans]
+ Improve ug_util.py (#1013) [Shreenidhi Shedi]
+ Support openEuler OS (#1012) [zhuzaifangxuele]
+ ssh_utils.py: ignore when sshd_config options are not key/value pairs
(#1007) [Emanuele Giuseppe Esposito]
+ Set Azure to only update metadata on BOOT_NEW_INSTANCE (#1006)
+ cc_update_etc_hosts: Use the distribution-defined path for the hosts
file (#983) [Andy Fiddaman]
+ Add CloudLinux OS support (#1003) [Alexandr Kravchenko]
+ puppet config: add the start_agent option (#1002) [Andrew Bogott]
+ Fix `make style-check` errors (#1000) [Shreenidhi Shedi]
+ Make cloud-id copyright year (#991) [Andrii Podanenko]
+ Add support to accept-ra in networkd renderer (#999) [Shreenidhi Shedi]
+ Update ds-identify to pass shellcheck (#979) [Andrew Kutz]
+ Azure: Retry dhcp on timeouts when polling reprovisiondata (#998)
[aswinrajamannar]
+ testing: Fix ssh keys integration test (#992)
- From 21.3
+ Azure: During primary nic detection, check interface status
continuously before rebinding again (#990) [aswinrajamannar]
+ Fix home permissions modified by ssh module (SC-338) (#984) (LP:
#1940233)
+ Add integration test for sensitive jinja substitution (#986)
+ Ignore hotplug socket when collecting logs (#985) (LP: #1940235)
+ testing: Add missing mocks to test_vmware.py (#982)
+ add Zadara Edge Cloud Platform to the supported clouds list (#963)
[sarahwzadara]
+ testing: skip upgrade tests on LXD VMs (#980)
+ Only invoke hotplug socket when functionality is enabled (#952)
+ Revert unnecesary lcase in ds-identify (#978) [Andrew Kutz]
+ cc_resolv_conf: fix typos (#969) [Shreenidhi Shedi]
+ Replace broken httpretty tests with mock (SC-324) (#973)
+ Azure: Check if interface is up after sleep when trying to bring it up
(#972) [aswinrajamannar]
+ Update dscheck_VMware's rpctool check (#970) [Shreenidhi Shedi]
+ Azure: Logging the detected interfaces (#968) [Moustafa Moustafa]
+ Change netifaces dependency to 0.10.4 (#965) [Andrew Kutz]
+ Azure: Limit polling network metadata on connection errors (#961)
[aswinrajamannar]
+ Update inconsistent indentation (#962) [Andrew Kutz]
+ cc_puppet: support AIO installations and more (#960) [Gabriel Nagy]
+ Add Puppet contributors to CLA signers (#964) [Noah Fontes]
+ Datasource for VMware (#953) [Andrew Kutz]
+ photon: refactor hostname handling and add networkd activator (#958)
[sshedi]
+ Stop copying ssh system keys and check folder permissions (#956)
[Emanuele Giuseppe Esposito]
+ testing: port remaining cloud tests to integration testing framework
(SC-191) (#955)
+ generate contents for ovf-env.xml when provisioning via IMDS (#959)
[Anh Vo]
+ Add support for EuroLinux 7 && EuroLinux 8 (#957) [Aleksander
Baranowski]
+ Implementing device_aliases as described in docs (#945) [Mal Graty]
(LP: #1867532)
+ testing: fix test_ssh_import_id.py (#954)
+ Add ability to manage fallback network config on PhotonOS (#941)
[sshedi]
+ Add VZLinux support (#951) [eb3095]
+ VMware: add network-config support in ovf-env.xml (#947) [PengpengSun]
+ Update pylint to v2.9.3 and fix the new issues it spots (#946) [Paride
Legovini]
+ Azure: mount default provisioning iso before try device listing (#870)
[Anh Vo]
+ Document known hotplug limitations (#950)
+ Initial hotplug support (#936)
+ Fix MIME policy failure on python version upgrade (#934)
+ run-container: fixup the centos repos baseurls when using http_proxy
(#944) [Paride Legovini]
+ tools: add support for building rpms on rocky linux (#940)
+ ssh-util: allow cloudinit to merge all ssh keys into a custom user
file, defined in AuthorizedKeysFile (#937) [Emanuele Giuseppe
Esposito] (LP: #1911680)
+ VMware: new "allow_raw_data" switch (#939) [xiaofengw-vmware]
+ bump pycloudlib version (#935)
+ add renanrodrigo as a contributor (#938) [Renan Rodrigo]
+ testing: simplify test_upgrade.py (#932)
+ freebsd/net_v1 format: read MTU from root (#930) [Gon��ri Le Bouder]
+ Add new network activators to bring up interfaces (#919)
+ Detect a Python version change and clear the cache (#857) [Robert
Schweikert]
+ cloud_tests: fix the Impish release name (#931) [Paride Legovini]
+ Removed distro specific network code from Photon (#929) [sshedi]
+ Add support for VMware PhotonOS (#909) [sshedi]
+ cloud_tests: add impish release definition (#927) [Paride Legovini]
+ docs: fix stale links rename master branch to main (#926)
+ Fix DNS in NetworkState (SC-133) (#923)
+ tests: Add 'adhoc' mark for integration tests (#925)
+ Fix the spelling of "DigitalOcean" (#924) [Mark Mercado]
+ Small Doc Update for ReportEventStack and Test (#920) [Mike Russell]
+ Replace deprecated collections.Iterable with abc replacement (#922)
(LP: #1932048)
+ testing: OCI availability domain is now required (SC-59) (#910)
+ add DragonFlyBSD support (#904) [Gon��ri Le Bouder]
+ Use instance-data-sensitive.json in jinja templates (SC-117) (#917)
(LP: #1931392)
+ doc: Update NoCloud docs stating required files (#918) (LP: #1931577)
+ build-on-netbsd: don't pin a specific py3 version (#913) [Gon��ri Le
Bouder]
+ Create the log file with 640 permissions (#858) [Robert Schweikert]
+ Allow braces to appear in dhclient output (#911) [eb3095]
+ Docs: Replace all freenode references with libera (#912)
+ openbsd/net: flush the route table on net restart (#908) [Gon��ri Le
Bouder]
+ Add Rocky Linux support to cloud-init (#906) [Louis Abel]
+ Add "esposem" as contributor (#907) [Emanuele Giuseppe Esposito]
+ Add integration test for #868 (#901)
+ Added support for importing keys via primary/security mirror clauses
(#882) [Paul Goins] (LP: #1925395)
+ [examples] config-user-groups expire in the future (#902) [Geert
Stappers]
+ BSD: static network, set the mtu (#894) [Gon��ri Le Bouder]
+ Add integration test for lp-1920939 (#891)
+ Fix unit tests breaking from new httpretty version (#903)
+ Allow user control over update events (#834)
+ Update test characters in substitution unit test (#893)
+ cc_disk_setup.py: remove UDEVADM_CMD definition as not used (#886)
[dermotbradley]
+ Add AlmaLinux OS support (#872) [Andrew Lukoshko]
+ Still need to consider the "network" configuration option
Patch Instructions:
To install this SUSE Recommended Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1190=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1190=1
- SUSE Linux Enterprise Module for Public Cloud 15-SP4:
zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2022-1190=1
- SUSE Linux Enterprise Module for Public Cloud 15-SP3:
zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP3-2022-1190=1
- SUSE Linux Enterprise Module for Public Cloud 15-SP2:
zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP2-2022-1190=1
- SUSE Linux Enterprise Module for Public Cloud 15-SP1:
zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP1-2022-1190=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
cloud-init-21.4-150100.8.58.1
cloud-init-config-suse-21.4-150100.8.58.1
cloud-init-doc-21.4-150100.8.58.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
cloud-init-21.4-150100.8.58.1
cloud-init-config-suse-21.4-150100.8.58.1
cloud-init-doc-21.4-150100.8.58.1
- SUSE Linux Enterprise Module for Public Cloud 15-SP4 (aarch64 ppc64le s390x x86_64):
cloud-init-21.4-150100.8.58.1
cloud-init-config-suse-21.4-150100.8.58.1
- SUSE Linux Enterprise Module for Public Cloud 15-SP3 (aarch64 ppc64le s390x x86_64):
cloud-init-21.4-150100.8.58.1
cloud-init-config-suse-21.4-150100.8.58.1
- SUSE Linux Enterprise Module for Public Cloud 15-SP2 (aarch64 ppc64le s390x x86_64):
cloud-init-21.4-150100.8.58.1
cloud-init-config-suse-21.4-150100.8.58.1
- SUSE Linux Enterprise Module for Public Cloud 15-SP1 (aarch64 ppc64le s390x x86_64):
cloud-init-21.4-150100.8.58.1
cloud-init-config-suse-21.4-150100.8.58.1
References:
https://bugzilla.suse.com/1192343
1
0
SUSE-RU-2022:1179-1: moderate: Recommended update for net-snmp
by maintenance@opensuse.org 13 Apr '22
by maintenance@opensuse.org 13 Apr '22
13 Apr '22
SUSE Recommended Update: Recommended update for net-snmp
______________________________________________________________________________
Announcement ID: SUSE-RU-2022:1179-1
Rating: moderate
References: #1196955
Affected Products:
SUSE CaaS Platform 4.0
SUSE Enterprise Storage 6
SUSE Enterprise Storage 7
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4
SUSE Linux Enterprise Realtime Extension 15-SP2
SUSE Linux Enterprise Server 15-SP1-BCL
SUSE Linux Enterprise Server 15-SP1-LTSS
SUSE Linux Enterprise Server 15-SP2-BCL
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP 15-SP1
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.1
SUSE Manager Server 4.1
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that has one recommended fix can now be installed.
Description:
This update for net-snmp fixes the following issues:
- Decouple snmp-mibs from net-snmp version to allow major version upgrade
(bsc#1196955).
Patch Instructions:
To install this SUSE Recommended Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1179=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1179=1
- SUSE Manager Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-1179=1
- SUSE Manager Retail Branch Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-1179=1
- SUSE Manager Proxy 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-1179=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-1179=1
- SUSE Linux Enterprise Server for SAP 15-SP1:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2022-1179=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-1179=1
- SUSE Linux Enterprise Server 15-SP2-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-1179=1
- SUSE Linux Enterprise Server 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2022-1179=1
- SUSE Linux Enterprise Server 15-SP1-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-BCL-2022-1179=1
- SUSE Linux Enterprise Realtime Extension 15-SP2:
zypper in -t patch SUSE-SLE-Product-RT-15-SP2-2022-1179=1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4:
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP4-2022-1179=1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3:
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP3-2022-1179=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-1179=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-1179=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-1179=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-1179=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-LTSS-2022-1179=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-ESPOS-2022-1179=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2022-1179=1
- SUSE Enterprise Storage 6:
zypper in -t patch SUSE-Storage-6-2022-1179=1
- SUSE CaaS Platform 4.0:
To install this update, use the SUSE CaaS Platform 'skuba' tool. It
will inform you if it detects new updates and let you then trigger
updating of the complete cluster in a controlled way.
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
libsnmp30-5.7.3-10.12.1
libsnmp30-debuginfo-5.7.3-10.12.1
net-snmp-5.7.3-10.12.1
net-snmp-debuginfo-5.7.3-10.12.1
net-snmp-debugsource-5.7.3-10.12.1
net-snmp-devel-5.7.3-10.12.1
perl-SNMP-5.7.3-10.12.1
perl-SNMP-debuginfo-5.7.3-10.12.1
python2-net-snmp-5.7.3-10.12.1
python2-net-snmp-debuginfo-5.7.3-10.12.1
python3-net-snmp-5.7.3-10.12.1
python3-net-snmp-debuginfo-5.7.3-10.12.1
snmp-mibs-5.7.3-10.12.1
- openSUSE Leap 15.4 (x86_64):
libsnmp30-32bit-5.7.3-10.12.1
libsnmp30-32bit-debuginfo-5.7.3-10.12.1
net-snmp-devel-32bit-5.7.3-10.12.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
libsnmp30-5.7.3-10.12.1
libsnmp30-debuginfo-5.7.3-10.12.1
net-snmp-5.7.3-10.12.1
net-snmp-debuginfo-5.7.3-10.12.1
net-snmp-debugsource-5.7.3-10.12.1
net-snmp-devel-5.7.3-10.12.1
perl-SNMP-5.7.3-10.12.1
perl-SNMP-debuginfo-5.7.3-10.12.1
python2-net-snmp-5.7.3-10.12.1
python2-net-snmp-debuginfo-5.7.3-10.12.1
python3-net-snmp-5.7.3-10.12.1
python3-net-snmp-debuginfo-5.7.3-10.12.1
snmp-mibs-5.7.3-10.12.1
- openSUSE Leap 15.3 (x86_64):
libsnmp30-32bit-5.7.3-10.12.1
libsnmp30-32bit-debuginfo-5.7.3-10.12.1
net-snmp-devel-32bit-5.7.3-10.12.1
- SUSE Manager Server 4.1 (ppc64le s390x x86_64):
libsnmp30-5.7.3-10.12.1
libsnmp30-debuginfo-5.7.3-10.12.1
net-snmp-5.7.3-10.12.1
net-snmp-debuginfo-5.7.3-10.12.1
net-snmp-debugsource-5.7.3-10.12.1
net-snmp-devel-5.7.3-10.12.1
perl-SNMP-5.7.3-10.12.1
perl-SNMP-debuginfo-5.7.3-10.12.1
snmp-mibs-5.7.3-10.12.1
- SUSE Manager Retail Branch Server 4.1 (x86_64):
libsnmp30-5.7.3-10.12.1
libsnmp30-debuginfo-5.7.3-10.12.1
net-snmp-5.7.3-10.12.1
net-snmp-debuginfo-5.7.3-10.12.1
net-snmp-debugsource-5.7.3-10.12.1
net-snmp-devel-5.7.3-10.12.1
perl-SNMP-5.7.3-10.12.1
perl-SNMP-debuginfo-5.7.3-10.12.1
snmp-mibs-5.7.3-10.12.1
- SUSE Manager Proxy 4.1 (x86_64):
libsnmp30-5.7.3-10.12.1
libsnmp30-debuginfo-5.7.3-10.12.1
net-snmp-5.7.3-10.12.1
net-snmp-debuginfo-5.7.3-10.12.1
net-snmp-debugsource-5.7.3-10.12.1
net-snmp-devel-5.7.3-10.12.1
perl-SNMP-5.7.3-10.12.1
perl-SNMP-debuginfo-5.7.3-10.12.1
snmp-mibs-5.7.3-10.12.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64):
libsnmp30-5.7.3-10.12.1
libsnmp30-debuginfo-5.7.3-10.12.1
net-snmp-5.7.3-10.12.1
net-snmp-debuginfo-5.7.3-10.12.1
net-snmp-debugsource-5.7.3-10.12.1
net-snmp-devel-5.7.3-10.12.1
perl-SNMP-5.7.3-10.12.1
perl-SNMP-debuginfo-5.7.3-10.12.1
snmp-mibs-5.7.3-10.12.1
- SUSE Linux Enterprise Server for SAP 15-SP1 (ppc64le x86_64):
libsnmp30-5.7.3-10.12.1
libsnmp30-debuginfo-5.7.3-10.12.1
net-snmp-5.7.3-10.12.1
net-snmp-debuginfo-5.7.3-10.12.1
net-snmp-debugsource-5.7.3-10.12.1
net-snmp-devel-5.7.3-10.12.1
perl-SNMP-5.7.3-10.12.1
perl-SNMP-debuginfo-5.7.3-10.12.1
snmp-mibs-5.7.3-10.12.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64):
libsnmp30-5.7.3-10.12.1
libsnmp30-debuginfo-5.7.3-10.12.1
net-snmp-5.7.3-10.12.1
net-snmp-debuginfo-5.7.3-10.12.1
net-snmp-debugsource-5.7.3-10.12.1
net-snmp-devel-5.7.3-10.12.1
perl-SNMP-5.7.3-10.12.1
perl-SNMP-debuginfo-5.7.3-10.12.1
snmp-mibs-5.7.3-10.12.1
- SUSE Linux Enterprise Server 15-SP2-BCL (x86_64):
libsnmp30-5.7.3-10.12.1
libsnmp30-debuginfo-5.7.3-10.12.1
net-snmp-5.7.3-10.12.1
net-snmp-debuginfo-5.7.3-10.12.1
net-snmp-debugsource-5.7.3-10.12.1
net-snmp-devel-5.7.3-10.12.1
perl-SNMP-5.7.3-10.12.1
perl-SNMP-debuginfo-5.7.3-10.12.1
snmp-mibs-5.7.3-10.12.1
- SUSE Linux Enterprise Server 15-SP1-LTSS (aarch64 ppc64le s390x x86_64):
libsnmp30-5.7.3-10.12.1
libsnmp30-debuginfo-5.7.3-10.12.1
net-snmp-5.7.3-10.12.1
net-snmp-debuginfo-5.7.3-10.12.1
net-snmp-debugsource-5.7.3-10.12.1
net-snmp-devel-5.7.3-10.12.1
perl-SNMP-5.7.3-10.12.1
perl-SNMP-debuginfo-5.7.3-10.12.1
snmp-mibs-5.7.3-10.12.1
- SUSE Linux Enterprise Server 15-SP1-BCL (x86_64):
libsnmp30-5.7.3-10.12.1
libsnmp30-debuginfo-5.7.3-10.12.1
net-snmp-5.7.3-10.12.1
net-snmp-debuginfo-5.7.3-10.12.1
net-snmp-debugsource-5.7.3-10.12.1
net-snmp-devel-5.7.3-10.12.1
perl-SNMP-5.7.3-10.12.1
perl-SNMP-debuginfo-5.7.3-10.12.1
snmp-mibs-5.7.3-10.12.1
- SUSE Linux Enterprise Realtime Extension 15-SP2 (x86_64):
libsnmp30-5.7.3-10.12.1
libsnmp30-debuginfo-5.7.3-10.12.1
net-snmp-5.7.3-10.12.1
net-snmp-debuginfo-5.7.3-10.12.1
net-snmp-debugsource-5.7.3-10.12.1
net-snmp-devel-5.7.3-10.12.1
perl-SNMP-5.7.3-10.12.1
perl-SNMP-debuginfo-5.7.3-10.12.1
snmp-mibs-5.7.3-10.12.1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4 (x86_64):
libsnmp30-32bit-5.7.3-10.12.1
libsnmp30-32bit-debuginfo-5.7.3-10.12.1
net-snmp-debugsource-5.7.3-10.12.1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3 (x86_64):
libsnmp30-32bit-5.7.3-10.12.1
libsnmp30-32bit-debuginfo-5.7.3-10.12.1
net-snmp-debugsource-5.7.3-10.12.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64 ppc64le s390x x86_64):
libsnmp30-5.7.3-10.12.1
libsnmp30-debuginfo-5.7.3-10.12.1
net-snmp-5.7.3-10.12.1
net-snmp-debuginfo-5.7.3-10.12.1
net-snmp-debugsource-5.7.3-10.12.1
net-snmp-devel-5.7.3-10.12.1
perl-SNMP-5.7.3-10.12.1
perl-SNMP-debuginfo-5.7.3-10.12.1
snmp-mibs-5.7.3-10.12.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64):
libsnmp30-5.7.3-10.12.1
libsnmp30-debuginfo-5.7.3-10.12.1
net-snmp-5.7.3-10.12.1
net-snmp-debuginfo-5.7.3-10.12.1
net-snmp-debugsource-5.7.3-10.12.1
net-snmp-devel-5.7.3-10.12.1
perl-SNMP-5.7.3-10.12.1
perl-SNMP-debuginfo-5.7.3-10.12.1
snmp-mibs-5.7.3-10.12.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64):
libsnmp30-5.7.3-10.12.1
libsnmp30-debuginfo-5.7.3-10.12.1
net-snmp-5.7.3-10.12.1
net-snmp-debuginfo-5.7.3-10.12.1
net-snmp-debugsource-5.7.3-10.12.1
net-snmp-devel-5.7.3-10.12.1
perl-SNMP-5.7.3-10.12.1
perl-SNMP-debuginfo-5.7.3-10.12.1
snmp-mibs-5.7.3-10.12.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (aarch64 x86_64):
libsnmp30-5.7.3-10.12.1
libsnmp30-debuginfo-5.7.3-10.12.1
net-snmp-5.7.3-10.12.1
net-snmp-debuginfo-5.7.3-10.12.1
net-snmp-debugsource-5.7.3-10.12.1
net-snmp-devel-5.7.3-10.12.1
perl-SNMP-5.7.3-10.12.1
perl-SNMP-debuginfo-5.7.3-10.12.1
snmp-mibs-5.7.3-10.12.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (aarch64 x86_64):
libsnmp30-5.7.3-10.12.1
libsnmp30-debuginfo-5.7.3-10.12.1
net-snmp-5.7.3-10.12.1
net-snmp-debuginfo-5.7.3-10.12.1
net-snmp-debugsource-5.7.3-10.12.1
net-snmp-devel-5.7.3-10.12.1
perl-SNMP-5.7.3-10.12.1
perl-SNMP-debuginfo-5.7.3-10.12.1
snmp-mibs-5.7.3-10.12.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (aarch64 x86_64):
libsnmp30-5.7.3-10.12.1
libsnmp30-debuginfo-5.7.3-10.12.1
net-snmp-5.7.3-10.12.1
net-snmp-debuginfo-5.7.3-10.12.1
net-snmp-debugsource-5.7.3-10.12.1
net-snmp-devel-5.7.3-10.12.1
perl-SNMP-5.7.3-10.12.1
perl-SNMP-debuginfo-5.7.3-10.12.1
snmp-mibs-5.7.3-10.12.1
- SUSE Enterprise Storage 7 (aarch64 x86_64):
libsnmp30-5.7.3-10.12.1
libsnmp30-debuginfo-5.7.3-10.12.1
net-snmp-5.7.3-10.12.1
net-snmp-debuginfo-5.7.3-10.12.1
net-snmp-debugsource-5.7.3-10.12.1
net-snmp-devel-5.7.3-10.12.1
perl-SNMP-5.7.3-10.12.1
perl-SNMP-debuginfo-5.7.3-10.12.1
snmp-mibs-5.7.3-10.12.1
- SUSE Enterprise Storage 6 (aarch64 x86_64):
libsnmp30-5.7.3-10.12.1
libsnmp30-debuginfo-5.7.3-10.12.1
net-snmp-5.7.3-10.12.1
net-snmp-debuginfo-5.7.3-10.12.1
net-snmp-debugsource-5.7.3-10.12.1
net-snmp-devel-5.7.3-10.12.1
perl-SNMP-5.7.3-10.12.1
perl-SNMP-debuginfo-5.7.3-10.12.1
snmp-mibs-5.7.3-10.12.1
- SUSE CaaS Platform 4.0 (x86_64):
libsnmp30-5.7.3-10.12.1
libsnmp30-debuginfo-5.7.3-10.12.1
net-snmp-5.7.3-10.12.1
net-snmp-debuginfo-5.7.3-10.12.1
net-snmp-debugsource-5.7.3-10.12.1
net-snmp-devel-5.7.3-10.12.1
perl-SNMP-5.7.3-10.12.1
perl-SNMP-debuginfo-5.7.3-10.12.1
snmp-mibs-5.7.3-10.12.1
References:
https://bugzilla.suse.com/1196955
1
0
openSUSE-SU-2022:0112-1: important: Security update for chromium
by opensuse-security@opensuse.org 13 Apr '22
by opensuse-security@opensuse.org 13 Apr '22
13 Apr '22
openSUSE Security Update: Security update for chromium
______________________________________________________________________________
Announcement ID: openSUSE-SU-2022:0112-1
Rating: important
References: #1194511 #1194512 #1194513 #1194514 #1197680
#1198053 #1198361
Cross-References: CVE-2021-44531 CVE-2021-44532 CVE-2021-44533
CVE-2022-1125 CVE-2022-1127 CVE-2022-1128
CVE-2022-1129 CVE-2022-1130 CVE-2022-1131
CVE-2022-1132 CVE-2022-1133 CVE-2022-1134
CVE-2022-1135 CVE-2022-1136 CVE-2022-1137
CVE-2022-1138 CVE-2022-1139 CVE-2022-1141
CVE-2022-1142 CVE-2022-1143 CVE-2022-1144
CVE-2022-1145 CVE-2022-1146 CVE-2022-1232
CVE-2022-1305 CVE-2022-1306 CVE-2022-1307
CVE-2022-1308 CVE-2022-1309 CVE-2022-1310
CVE-2022-1311 CVE-2022-1312 CVE-2022-1313
CVE-2022-1314 CVE-2022-21824
CVSS scores:
CVE-2021-44531 (NVD) : 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
CVE-2021-44531 (SUSE): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
CVE-2021-44532 (NVD) : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
CVE-2021-44532 (SUSE): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
CVE-2021-44533 (NVD) : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
CVE-2021-44533 (SUSE): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
CVE-2022-21824 (NVD) : 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
CVE-2022-21824 (SUSE): 4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L
Affected Products:
openSUSE Backports SLE-15-SP3
openSUSE Leap 15.3
______________________________________________________________________________
An update that fixes 35 vulnerabilities is now available.
Description:
This update for chromium fixes the following issues:
Updated to Chromium 100.0.4896.88 (boo#1198361)
- CVE-2022-1305: Use after free in storage
- CVE-2022-1306: Inappropriate implementation in compositing
- CVE-2022-1307: Inappropriate implementation in full screen
- CVE-2022-1308: Use after free in BFCache
- CVE-2022-1309: Insufficient policy enforcement in developer tools
- CVE-2022-1310: Use after free in regular expressions
- CVE-2022-1311: Use after free in Chrome OS shell
- CVE-2022-1312: Use after free in storage
- CVE-2022-1313: Use after free in tab groups
- CVE-2022-1314: Type Confusion in V8
- Various fixes from internal audits, fuzzing and other initiatives
Updated to version 100.0.4896.75:
- CVE-2022-1232: Type Confusion in V8 (boo#1198053)
Update to version 100.0.4896.60 (boo#1197680):
- CVE-2022-1125: Use after free in Portals
- CVE-2022-1127: Use after free in QR Code Generator
- CVE-2022-1128: Inappropriate implementation in Web Share API
- CVE-2022-1129: Inappropriate implementation in Full Screen Mode
- CVE-2022-1130: Insufficient validation of untrusted input in WebOTP
- CVE-2022-1131: Use after free in Cast UI
- CVE-2022-1132: Inappropriate implementation in Virtual Keyboard
- CVE-2022-1133: Use after free in WebRTC
- CVE-2022-1134: Type Confusion in V8
- CVE-2022-1135: Use after free in Shopping Cart
- CVE-2022-1136: Use after free in Tab Strip
- CVE-2022-1137: Inappropriate implementation in Extensions
- CVE-2022-1138: Inappropriate implementation in Web Cursor
- CVE-2022-1139: Inappropriate implementation in Background Fetch API
- CVE-2022-1141: Use after free in File Manager
- CVE-2022-1142: Heap buffer overflow in WebUI
- CVE-2022-1143: Heap buffer overflow in WebUI
- CVE-2022-1144: Use after free in WebUI
- CVE-2022-1145: Use after free in Extensions
- CVE-2022-1146: Inappropriate implementation in Resource Timing
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-112=1
- openSUSE Backports SLE-15-SP3:
zypper in -t patch openSUSE-2022-112=1
Package List:
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
nodejs14-14.18.3-15.24.1
nodejs14-debuginfo-14.18.3-15.24.1
nodejs14-debugsource-14.18.3-15.24.1
nodejs14-devel-14.18.3-15.24.1
npm14-14.18.3-15.24.1
- openSUSE Leap 15.3 (noarch):
nodejs14-docs-14.18.3-15.24.1
- openSUSE Backports SLE-15-SP3 (aarch64 x86_64):
chromedriver-100.0.4896.88-bp153.2.82.1
chromedriver-debuginfo-100.0.4896.88-bp153.2.82.1
chromium-100.0.4896.88-bp153.2.82.1
chromium-debuginfo-100.0.4896.88-bp153.2.82.1
References:
https://www.suse.com/security/cve/CVE-2021-44531.html
https://www.suse.com/security/cve/CVE-2021-44532.html
https://www.suse.com/security/cve/CVE-2021-44533.html
https://www.suse.com/security/cve/CVE-2022-1125.html
https://www.suse.com/security/cve/CVE-2022-1127.html
https://www.suse.com/security/cve/CVE-2022-1128.html
https://www.suse.com/security/cve/CVE-2022-1129.html
https://www.suse.com/security/cve/CVE-2022-1130.html
https://www.suse.com/security/cve/CVE-2022-1131.html
https://www.suse.com/security/cve/CVE-2022-1132.html
https://www.suse.com/security/cve/CVE-2022-1133.html
https://www.suse.com/security/cve/CVE-2022-1134.html
https://www.suse.com/security/cve/CVE-2022-1135.html
https://www.suse.com/security/cve/CVE-2022-1136.html
https://www.suse.com/security/cve/CVE-2022-1137.html
https://www.suse.com/security/cve/CVE-2022-1138.html
https://www.suse.com/security/cve/CVE-2022-1139.html
https://www.suse.com/security/cve/CVE-2022-1141.html
https://www.suse.com/security/cve/CVE-2022-1142.html
https://www.suse.com/security/cve/CVE-2022-1143.html
https://www.suse.com/security/cve/CVE-2022-1144.html
https://www.suse.com/security/cve/CVE-2022-1145.html
https://www.suse.com/security/cve/CVE-2022-1146.html
https://www.suse.com/security/cve/CVE-2022-1232.html
https://www.suse.com/security/cve/CVE-2022-1305.html
https://www.suse.com/security/cve/CVE-2022-1306.html
https://www.suse.com/security/cve/CVE-2022-1307.html
https://www.suse.com/security/cve/CVE-2022-1308.html
https://www.suse.com/security/cve/CVE-2022-1309.html
https://www.suse.com/security/cve/CVE-2022-1310.html
https://www.suse.com/security/cve/CVE-2022-1311.html
https://www.suse.com/security/cve/CVE-2022-1312.html
https://www.suse.com/security/cve/CVE-2022-1313.html
https://www.suse.com/security/cve/CVE-2022-1314.html
https://www.suse.com/security/cve/CVE-2022-21824.html
https://bugzilla.suse.com/1194511
https://bugzilla.suse.com/1194512
https://bugzilla.suse.com/1194513
https://bugzilla.suse.com/1194514
https://bugzilla.suse.com/1197680
https://bugzilla.suse.com/1198053
https://bugzilla.suse.com/1198361
1
0
SUSE-SU-2022:1183-1: important: Security update for the Linux Kernel
by opensuse-security@opensuse.org 13 Apr '22
by opensuse-security@opensuse.org 13 Apr '22
13 Apr '22
SUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1183-1
Rating: important
References: #1065729 #1156395 #1175667 #1177028 #1178134
#1179639 #1180153 #1189562 #1194649 #1195640
#1195926 #1196018 #1196196 #1196478 #1196761
#1196823 #1197227 #1197243 #1197300 #1197302
#1197331 #1197343 #1197366 #1197389 #1197462
#1197501 #1197534 #1197661 #1197675 #1197702
#1197811 #1197812 #1197815 #1197817 #1197819
#1197820 #1197888 #1197889 #1197894 #1197914
#1198027 #1198028 #1198029 #1198030 #1198031
#1198032 #1198033
Cross-References: CVE-2021-45868 CVE-2022-0850 CVE-2022-0854
CVE-2022-1011 CVE-2022-1016 CVE-2022-1048
CVE-2022-1055 CVE-2022-1195 CVE-2022-1198
CVE-2022-1199 CVE-2022-1205 CVE-2022-27666
CVE-2022-28388 CVE-2022-28389 CVE-2022-28390
CVSS scores:
CVE-2021-45868 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2021-45868 (SUSE): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-0850 (SUSE): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L
CVE-2022-0854 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CVE-2022-0854 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CVE-2022-1011 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-1011 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-1016 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CVE-2022-1048 (SUSE): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-1055 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-1055 (SUSE): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-1195 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-1198 (SUSE): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-1199 (SUSE): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-1205 (SUSE): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-27666 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-27666 (SUSE): 7.7 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
CVE-2022-28388 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-28388 (SUSE): 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
CVE-2022-28389 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-28389 (SUSE): 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
CVE-2022-28390 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-28390 (SUSE): 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
Affected Products:
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise High Availability 15-SP3
SUSE Linux Enterprise High Performance Computing
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Micro 5.1
SUSE Linux Enterprise Micro 5.2
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Development Tools 15-SP3
SUSE Linux Enterprise Module for Legacy Software 15-SP3
SUSE Linux Enterprise Module for Live Patching 15-SP3
SUSE Linux Enterprise Server
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP Applications
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Workstation Extension 15-SP3
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that solves 15 vulnerabilities and has 32 fixes
is now available.
Description:
The SUSE Linux Enterprise 15 SP3 kernel was updated.
The following security bugs were fixed:
- CVE-2022-0854: Fixed a memory leak flaw was found in the Linux kernels
DMA subsystem. This flaw allowed a local user to read random memory from
the kernel space. (bnc#1196823)
- CVE-2022-1016: Fixed a vulnerability in the nf_tables component of the
netfilter subsystem. This vulnerability gives an attacker a powerful
primitive that can be used to both read from and write to relative stack
data, which can lead to arbitrary code execution. (bsc#1197227)
- CVE-2022-28390: Fixed a double free in drivers/net/can/usb/ems_usb.c
vulnerability in the Linux kernel. (bnc#1198031)
- CVE-2022-28388: Fixed a double free in drivers/net/can/usb/usb_8dev.c
vulnerability in the Linux kernel. (bnc#1198032)
- CVE-2022-28389: Fixed a double free in drivers/net/can/usb/mcba_usb.c
vulnerability in the Linux kernel. (bnc#1198033)
- CVE-2022-1055: Fixed a use-after-free in tc_new_tfilter that could allow
a local attacker to gain privilege escalation. (bnc#1197702)
- CVE-2022-1048: Fixed a race Condition in snd_pcm_hw_free leading to
use-after-free due to the AB/BA lock with buffer_mutex and mmap_lock.
(bsc#1197331)
- CVE-2021-45868: Fixed a wrong validation check in fs/quota/quota_tree.c
which could lead to an use-after-free if there is a corrupted quota
file. (bnc#1197366)
- CVE-2022-27666: Fixed a buffer overflow vulnerability in IPsec ESP
transformation code. This flaw allowed a local attacker with a normal
user privilege to overwrite kernel heap objects and may cause a local
privilege escalation. (bnc#1197462)
- CVE-2022-0850: Fixed a kernel information leak vulnerability in
iov_iter.c. (bsc#1196761)
- CVE-2022-1199: Fixed null-ptr-deref and use-after-free vulnerabilities
that allow an attacker to crash the linux kernel by simulating Amateur
Radio. (bsc#1198028)
- CVE-2022-1205: Fixed null pointer dereference and use-after-free
vulnerabilities that allow an attacker to crash the linux kernel by
simulating Amateur Radio. (bsc#1198027)
- CVE-2022-1198: Fixed an use-after-free vulnerability that allow an
attacker to crash the linux kernel by simulating Amateur Radio
(bsc#1198030).
- CVE-2022-1195: Fixed an use-after-free vulnerability which could allow a
local attacker with a user privilege to execute a denial of service.
(bsc#1198029)
- CVE-2022-1011: Fixed an use-after-free vulnerability which could allow a
local attacker to retireve (partial) /etc/shadow hashes or any other
data from filesystem when he can mount a FUSE filesystems. (bnc#1197343)
The following non-security bugs were fixed:
- ACPI / x86: Work around broken XSDT on Advantech DAC-BJ01 board
(git-fixes).
- ACPI: APEI: fix return value of __setup handlers (git-fixes).
- ACPI: battery: Add device HID and quirk for Microsoft Surface Go 3
(git-fixes).
- ACPI: CPPC: Avoid out of bounds access when parsing _CPC data
(git-fixes).
- ACPI: docs: enumeration: Discourage to use custom _DSM methods
(git-fixes).
- ACPI: docs: enumeration: Remove redundant .owner assignment (git-fixes).
- ACPI: docs: enumeration: Update UART serial bus resource documentation
(git-fixes).
- ACPI: properties: Consistently return -ENOENT if there are no more
references (git-fixes).
- ACPI: video: Force backlight native for Clevo NL5xRU and NL5xNU
(git-fixes).
- ALSA: cmipci: Restore aux vol on suspend/resume (git-fixes).
- ALSA: firewire-lib: fix uninitialized flag for AV/C deferred transaction
(git-fixes).
- ALSA: hda/realtek - Fix headset mic problem for a HP machine with alc671
(git-fixes).
- ALSA: hda/realtek: Add quirk for ASUS GA402 (git-fixes).
- ALSA: oss: Fix PCM OSS buffer allocation overflow (git-fixes).
- ALSA: pci: fix reading of swapped values from pcmreg in AC97 codec
(git-fixes).
- ALSA: pcm: Add stream lock during PCM reset ioctl operations (git-fixes).
- ALSA: spi: Add check for clk_enable() (git-fixes).
- ALSA: usb-audio: Add mute TLV for playback volumes on RODE NT-USB
(git-fixes).
- ASoC: atmel_ssc_dai: Handle errors for clk_enable (git-fixes).
- ASoC: atmel: Add missing of_node_put() in at91sam9g20ek_audio_probe
(git-fixes).
- ASoC: codecs: wcd934x: Add missing of_node_put() in
wcd934x_codec_parse_data (git-fixes).
- ASoC: codecs: wcd934x: fix return value of wcd934x_rx_hph_mode_put
(git-fixes).
- ASoC: dmaengine: do not use a NULL prepare_slave_config() callback
(git-fixes).
- ASoC: dwc-i2s: Handle errors for clk_enable (git-fixes).
- ASoC: fsi: Add check for clk_enable (git-fixes).
- ASoC: fsl_spdif: Disable TX clock when stop (git-fixes).
- ASoC: imx-es8328: Fix error return code in imx_es8328_probe()
(git-fixes).
- ASoC: msm8916-wcd-analog: Fix error handling in
pm8916_wcd_analog_spmi_probe (git-fixes).
- ASoC: msm8916-wcd-digital: Fix missing clk_disable_unprepare() in
msm8916_wcd_digital_probe (git-fixes).
- ASoC: mxs-saif: Handle errors for clk_enable (git-fixes).
- ASoC: mxs: Fix error handling in mxs_sgtl5000_probe (git-fixes).
- ASoC: rt5663: check the return value of devm_kzalloc() in
rt5663_parse_dp() (git-fixes).
- ASoC: SOF: Add missing of_node_put() in imx8m_probe (git-fixes).
- ASoC: SOF: topology: remove redundant code (git-fixes).
- ASoC: sti: Fix deadlock via snd_pcm_stop_xrun() call (git-fixes).
- ASoC: ti: davinci-i2s: Add check for clk_enable() (git-fixes).
- ASoC: topology: Allow TLV control to be either read or write (git-fixes).
- ASoC: topology: Optimize soc_tplg_dapm_graph_elems_load behavior
(git-fixes).
- ASoC: wm8350: Handle error for wm8350_register_irq (git-fixes).
- ASoC: xilinx: xlnx_formatter_pcm: Handle sysclk setting (git-fixes).
- ax88179_178a: Merge memcpy + le32_to_cpus to get_unaligned_le32
(bsc#1196018).
- block: update io_ticks when io hang (bsc#1197817).
- block/wbt: fix negative inflight counter when remove scsi device
(bsc#1197819).
- bpf: Fix comment for helper bpf_current_task_under_cgroup() (git-fixes).
- bpf: Remove config check to enable bpf support for branch records
(git-fixes bsc#1177028).
- btrfs: avoid unnecessary lock and leaf splits when updating inode in the
log (bsc#1194649).
- btrfs: avoid unnecessary log mutex contention when syncing log
(bsc#1194649).
- btrfs: avoid unnecessary logging of xattrs during fast fsyncs
(bsc#1194649).
- btrfs: check error value from btrfs_update_inode in tree log
(bsc#1194649).
- btrfs: check if a log root exists before locking the log_mutex on unlink
(bsc#1194649).
- btrfs: check if a log tree exists at inode_logged() (bsc#1194649).
- btrfs: do not commit delayed inode when logging a file in full sync mode
(bsc#1194649).
- btrfs: do not log new dentries when logging that a new name exists
(bsc#1194649).
- btrfs: eliminate some false positives when checking if inode was logged
(bsc#1194649).
- btrfs: fix race leading to unnecessary transaction commit when logging
inode (bsc#1194649).
- btrfs: fix race that causes unnecessary logging of ancestor inodes
(bsc#1194649).
- btrfs: fix race that makes inode logging fallback to transaction commit
(bsc#1194649).
- btrfs: fix race that results in logging old extents during a fast fsync
(bsc#1194649).
- btrfs: fixup error handling in fixup_inode_link_counts (bsc#1194649).
- btrfs: remove no longer needed full sync flag check at inode_logged()
(bsc#1194649).
- btrfs: Remove unnecessary check from join_running_log_trans
(bsc#1194649).
- btrfs: remove unnecessary directory inode item update when deleting dir
entry (bsc#1194649).
- btrfs: remove unnecessary list head initialization when syncing log
(bsc#1194649).
- btrfs: skip unnecessary searches for xattrs when logging an inode
(bsc#1194649).
- can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error
path (git-fixes).
- can: mcba_usb: mcba_usb_start_xmit(): fix double dev_kfree_skb in error
path (git-fixes).
- can: mcba_usb: properly check endpoint type (git-fixes).
- can: rcar_canfd: rcar_canfd_channel_probe(): register the CAN device
when fully ready (git-fixes).
- cifs: use the correct max-length for dentry_path_raw() (bsc1196196).
- clk: actions: Terminate clk_div_table with sentinel element (git-fixes).
- clk: bcm2835: Remove unused variable (git-fixes).
- clk: clps711x: Terminate clk_div_table with sentinel element (git-fixes).
- clk: imx7d: Remove audio_mclk_root_clk (git-fixes).
- clk: Initialize orphan req_rate (git-fixes).
- clk: loongson1: Terminate clk_div_table with sentinel element
(git-fixes).
- clk: nxp: Remove unused variable (git-fixes).
- clk: qcom: clk-rcg2: Update logic to calculate D value for RCG
(git-fixes).
- clk: qcom: clk-rcg2: Update the frac table for pixel clock (git-fixes).
- clk: qcom: gcc-msm8994: Fix gpll4 width (git-fixes).
- clk: qcom: ipq8074: Use floor ops for SDCC1 clock (git-fixes).
- clk: tegra: tegra124-emc: Fix missing put_device() call in
emc_ensure_emc_driver (git-fixes).
- clk: uniphier: Fix fixed-rate initialization (git-fixes).
- clocksource: acpi_pm: fix return value of __setup handler (git-fixes).
- clocksource/drivers/timer-of: Check return value of of_iomap in
timer_of_base_init() (git-fixes).
- cpufreq: schedutil: Destroy mutex before kobject_put() frees (git-fixes)
- crypto: authenc - Fix sleep in atomic context in decrypt_tail
(git-fixes).
- crypto: cavium/nitrox - do not cast parameter in bit operations
(git-fixes).
- crypto: ccp - ccp_dmaengine_unregister release dma channels (git-fixes).
- crypto: ccree - do not attempt 0 len DMA mappings (git-fixes).
- crypto: mxs-dcp - Fix scatterlist processing (git-fixes).
- crypto: qat - do not cast parameter in bit operations (git-fixes).
- crypto: rsa-pkcs1pad - correctly get hash from source scatterlist
(git-fixes).
- crypto: rsa-pkcs1pad - fix buffer overread in pkcs1pad_verify_complete()
(git-fixes).
- crypto: rsa-pkcs1pad - restore signature length check (git-fixes).
- crypto: vmx - add missing dependencies (git-fixes).
- dma/pool: create dma atomic pool only if dma zone has managed pages
(bsc#1197501).
- driver core: dd: fix return value of __setup handler (git-fixes).
- drm: add a locked version of drm_is_current_master (bsc#1197914).
- drm: bridge: adv7511: Fix ADV7535 HPD enablement (git-fixes).
- drm: drm_file struct kABI compatibility workaround (bsc#1197914).
- drm: protect drm_master pointers in drm_lease.c (bsc#1197914).
- drm: serialize drm_file.master with a new spinlock (bsc#1197914).
- drm: use the lookup lock in drm_is_current_master (bsc#1197914).
- drm/amd/display: Add affected crtcs to atomic state for dsc mst unplug
(git-fixes).
- drm/amd/pm: return -ENOTSUPP if there is no get_dpm_ultimate_freq
function (git-fixes).
- drm/bridge: dw-hdmi: use safe format when first in bridge chain
(git-fixes).
- drm/bridge: nwl-dsi: Fix PM disable depth imbalance in nwl_dsi_probe
(git-fixes).
- drm/doc: overview before functions for drm_writeback.c (git-fixes).
- drm/i915: Fix dbuf slice config lookup (git-fixes).
- drm/i915/gem: add missing boundary check in vm_access (git-fixes).
- drm/imx: parallel-display: Remove bus flags check in
imx_pd_bridge_atomic_check() (git-fixes).
- drm/meson: Fix error handling when afbcd.ops->init fails (git-fixes).
- drm/meson: osd_afbcd: Add an exit callback to struct meson_afbcd_ops
(git-fixes).
- drm/msm/dpu: add DSPP blocks teardown (git-fixes).
- drm/nouveau/acr: Fix undefined behavior in nvkm_acr_hsfw_load_bl()
(git-fixes).
- drm/panel: simple: Fix Innolux G070Y2-L01 BPP settings (git-fixes).
- drm/vc4: crtc: Fix runtime_pm reference counting (git-fixes).
- drm/vc4: crtc: Make sure the HDMI controller is powered when disabling
(git-fixes).
- drm/vrr: Set VRR capable prop only if it is attached to connector
(git-fixes).
- ecryptfs: fix kernel panic with null dev_name (bsc#1197812).
- ecryptfs: Fix typo in message (bsc#1197811).
- ext2: correct max file size computing (bsc#1197820).
- firmware: google: Properly state IOMEM dependency (git-fixes).
- firmware: qcom: scm: Remove reassignment to desc following initializer
(git-fixes).
- fscrypt: do not ignore minor_hash when hash is 0 (bsc#1197815).
- HID: multitouch: fix Dell Precision 7550 and 7750 button type
(bsc#1197243).
- hwmon: (pmbus) Add mutex to regulator ops (git-fixes).
- hwmon: (pmbus) Add Vin unit off handling (git-fixes).
- hwmon: (sch56xx-common) Replace WDOG_ACTIVE with WDOG_HW_RUNNING
(git-fixes).
- hwrng: atmel - disable trng on failure path (git-fixes).
- i915_vma: Rename vma_lookup to i915_vma_lookup (git-fixes).
- ibmvnic: fix race between xmit and reset (bsc#1197302 ltc#197259).
- iio: accel: mma8452: use the correct logic to get mma8452_data
(git-fixes).
- iio: adc: Add check for devm_request_threaded_irq (git-fixes).
- iio: afe: rescale: use s64 for temporary scale calculations (git-fixes).
- iio: inkern: apply consumer scale on IIO_VAL_INT cases (git-fixes).
- iio: inkern: apply consumer scale when no channel scale is available
(git-fixes).
- iio: inkern: make a best effort on offset calculation (git-fixes).
- Input: aiptek - properly check endpoint type (git-fixes).
- iwlwifi: do not advertise TWT support (git-fixes).
- KVM: SVM: Do not flush cache if hardware enforces cache coherency across
encryption domains (bsc#1178134).
- llc: fix netdevice reference leaks in llc_ui_bind() (git-fixes).
- mac80211: fix potential double free on mesh join (git-fixes).
- mac80211: refuse aggregations sessions before authorized (git-fixes).
- media: aspeed: Correct value for h-total-pixels (git-fixes).
- media: bttv: fix WARNING regression on tunerless devices (git-fixes).
- media: coda: Fix missing put_device() call in coda_get_vdoa_data
(git-fixes).
- media: davinci: vpif: fix unbalanced runtime PM get (git-fixes).
- media: em28xx: initialize refcount before kref_get (git-fixes).
- media: hantro: Fix overfill bottom register field name (git-fixes).
- media: Revert "media: em28xx: add missing em28xx_close_extension"
(git-fixes).
- media: stk1160: If start stream fails, return buffers with
VB2_BUF_STATE_QUEUED (git-fixes).
- media: usb: go7007: s2250-board: fix leak in probe() (git-fixes).
- media: video/hdmi: handle short reads of hdmi info frame (git-fixes).
- membarrier: Execute SYNC_CORE on the calling thread (git-fixes)
- membarrier: Explicitly sync remote cores when SYNC_CORE is (git-fixes)
- memory: emif: Add check for setup_interrupts (git-fixes).
- memory: emif: check the pointer temp in get_device_details() (git-fixes).
- misc: alcor_pci: Fix an error handling path (git-fixes).
- misc: sgi-gru: Do not cast parameter in bit operations (git-fixes).
- mm_zone: add function to check if managed dma zone exists (bsc#1197501).
- mm: add vma_lookup(), update find_vma_intersection() comments
(git-fixes).
- mm/page_alloc.c: do not warn allocation failure on zone DMA if no
managed pages (bsc#1197501).
- mmc: davinci_mmc: Handle error for clk_enable (git-fixes).
- net: dsa: mv88e6xxx: override existent unicast portvec in port_fdb_add
(git-fixes).
- net: enetc: initialize the RFS and RSS memories (git-fixes).
- net: hns3: add a check for tqp_index in hclge_get_ring_chain_from_mbx()
(git-fixes).
- net: phy: broadcom: Fix brcm_fet_config_init() (git-fixes).
- net: phy: marvell: Fix invalid comparison in the resume and suspend
functions (git-fixes).
- net: stmmac: set TxQ mode back to DCB after disabling CBS (git-fixes).
- net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup
(bsc#1196018).
- net: watchdog: hold device global xmit lock during tx disable
(git-fixes).
- net/smc: Fix loop in smc_listen (git-fixes).
- net/smc: fix using of uninitialized completions (git-fixes).
- net/smc: fix wrong list_del in smc_lgr_cleanup_early (git-fixes).
- net/smc: Make sure the link_id is unique (git-fixes).
- net/smc: Reset conn->lgr when link group registration fails (git-fixes).
- netfilter: conntrack: do not refresh sctp entries in closed state
(bsc#1197389).
- netxen_nic: fix MSI/MSI-x interrupts (git-fixes).
- NFS: Avoid duplicate uncached readdir calls on eof (git-fixes).
- NFS: Do not report writeback errors in nfs_getattr() (git-fixes).
- NFS: Do not skip directory entries when doing uncached readdir
(git-fixes).
- NFS: Ensure the server had an up to date ctime before hardlinking
(git-fixes).
- NFS: Fix initialisation of nfs_client cl_flags field (git-fixes).
- NFS: LOOKUP_DIRECTORY is also ok with symlinks (git-fixes).
- NFS: Return valid errors from nfs2/3_decode_dirent() (git-fixes).
- NFS: Use of mapping_set_error() results in spurious errors (git-fixes).
- NFS: nfsd4_setclientid_confirm mistakenly expires confirmed client
(git-fixes).
- NFS: do not retry BIND_CONN_TO_SESSION on session error (git-fixes).
- NFS: Fix another issue with a list iterator pointing to the head
(git-fixes).
- nl80211: Update bss channel on channel switch for P2P_CLIENT (git-fixes).
- pinctrl: mediatek: Fix missing of_node_put() in mtk_pctrl_init
(git-fixes).
- pinctrl: mediatek: paris: Fix "argument" argument type for
mtk_pinconf_get() (git-fixes).
- pinctrl: mediatek: paris: Fix pingroup pin config state readback
(git-fixes).
- pinctrl: nomadik: Add missing of_node_put() in nmk_pinctrl_probe
(git-fixes).
- pinctrl: nuvoton: npcm7xx: Rename DS() macro to DSTR() (git-fixes).
- pinctrl: nuvoton: npcm7xx: Use %zu printk format for ARRAY_SIZE()
(git-fixes).
- pinctrl: pinconf-generic: Print arguments for bias-pull-* (git-fixes).
- pinctrl: samsung: drop pin banks references on error paths (git-fixes).
- pinctrl/rockchip: Add missing of_node_put() in rockchip_pinctrl_probe
(git-fixes).
- PM: hibernate: fix __setup handler error handling (git-fixes).
- PM: suspend: fix return value of __setup handler (git-fixes).
- powerpc/lib/sstep: Fix 'sthcx' instruction (bsc#1156395).
- powerpc/mm: Fix verification of MMU_FTR_TYPE_44x (bsc#1156395).
- powerpc/mm/numa: skip NUMA_NO_NODE onlining in parse_numa_properties()
(bsc#1179639 ltc#189002 git-fixes).
- powerpc/perf: Do not use perf_hw_context for trace IMC PMU (bsc#1156395).
- powerpc/pseries: Fix use after free in remove_phb_dynamic()
(bsc#1065729).
- powerpc/sysdev: fix incorrect use to determine if list is empty
(bsc#1065729).
- powerpc/tm: Fix more userspace r13 corruption (bsc#1065729).
- powerpc/xive: fix return value of __setup handler (bsc#1065729).
- printk: Add panic_in_progress helper (bsc#1197894).
- printk: disable optimistic spin during panic (bsc#1197894).
- pwm: lpc18xx-sct: Initialize driver data and hardware before
pwmchip_add() (git-fixes).
- regulator: qcom_smd: fix for_each_child.cocci warnings (git-fixes).
- remoteproc: qcom_wcnss: Add missing of_node_put() in
wcnss_alloc_memory_region (git-fixes).
- remoteproc: qcom: Fix missing of_node_put in adsp_alloc_memory_region
(git-fixes).
- s390/bpf: Perform r1 range checking before accessing jit->seen_reg
(git-fixes).
- s390/gmap: do not unconditionally call pte_unmap_unlock() in
__gmap_zap() (git-fixes).
- s390/gmap: validate VMA in __gmap_zap() (git-fixes).
- s390/hypfs: include z/VM guests with access control group set
(bsc#1195640 LTC#196352).
- s390/kexec_file: fix error handling when applying relocations
(git-fixes).
- s390/kexec: fix memory leak of ipl report buffer (git-fixes).
- s390/kexec: fix return code handling (git-fixes).
- s390/mm: fix VMA and page table handling code in storage key handling
functions (git-fixes).
- s390/mm: validate VMA in PGSTE manipulation functions (git-fixes).
- s390/module: fix loading modules with a lot of relocations (git-fixes).
- s390/pci_mmio: fully validate the VMA before calling follow_pte()
(git-fixes).
- scsi: lpfc: Copyright updates for 14.2.0.0 patches (bsc#1197675).
- scsi: lpfc: Drop lpfc_no_handler() (bsc#1197675).
- scsi: lpfc: Fix broken SLI4 abort path (bsc#1197675).
- scsi: lpfc: Fix locking for lpfc_sli_iocbq_lookup() (bsc#1197675).
- scsi: lpfc: Fix queue failures when recovering from PCI parity error
(bsc#1197675 bsc#1196478).
- scsi: lpfc: Fix typos in comments (bsc#1197675).
- scsi: lpfc: Fix unload hang after back to back PCI EEH faults
(bsc#1197675 bsc#1196478).
- scsi: lpfc: Improve PCI EEH Error and Recovery Handling (bsc#1197675
bsc#1196478).
- scsi: lpfc: Kill lpfc_bus_reset_handler() (bsc#1197675).
- scsi: lpfc: Reduce log messages seen after firmware download
(bsc#1197675).
- scsi: lpfc: Remove failing soft_wwn support (bsc#1197675).
- scsi: lpfc: Remove NVMe support if kernel has NVME_FC disabled
(bsc#1197675).
- scsi: lpfc: Remove redundant flush_workqueue() call (bsc#1197675).
- scsi: lpfc: SLI path split: Introduce lpfc_prep_wqe (bsc#1197675).
- scsi: lpfc: SLI path split: Refactor Abort paths (bsc#1197675).
- scsi: lpfc: SLI path split: Refactor base ELS paths and the FLOGI path
(bsc#1197675).
- scsi: lpfc: SLI path split: Refactor BSG paths (bsc#1197675).
- scsi: lpfc: SLI path split: Refactor CT paths (bsc#1197675).
- scsi: lpfc: SLI path split: Refactor fast and slow paths to native SLI4
(bsc#1197675).
- scsi: lpfc: SLI path split: Refactor FDISC paths (bsc#1197675).
- scsi: lpfc: SLI path split: Refactor lpfc_iocbq (bsc#1197675).
- scsi: lpfc: SLI path split: Refactor LS_ACC paths (bsc#1197675).
- scsi: lpfc: SLI path split: Refactor LS_RJT paths (bsc#1197675).
- scsi: lpfc: SLI path split: Refactor misc ELS paths (bsc#1197675).
- scsi: lpfc: SLI path split: Refactor PLOGI/PRLI/ADISC/LOGO paths
(bsc#1197675).
- scsi: lpfc: SLI path split: Refactor SCSI paths (bsc#1197675).
- scsi: lpfc: SLI path split: Refactor the RSCN/SCR/RDF/EDC/FARPR paths
(bsc#1197675).
- scsi: lpfc: SLI path split: Refactor VMID paths (bsc#1197675).
- scsi: lpfc: Update lpfc version to 14.2.0.0 (bsc#1197675).
- scsi: lpfc: Update lpfc version to 14.2.0.1 (bsc#1197675).
- scsi: lpfc: Use fc_block_rport() (bsc#1197675).
- scsi: lpfc: Use kcalloc() (bsc#1197675).
- scsi: lpfc: Use rport as argument for lpfc_chk_tgt_mapped()
(bsc#1197675).
- scsi: lpfc: Use rport as argument for lpfc_send_taskmgmt() (bsc#1197675).
- scsi: qla2xxx: Fix crash during module load unload test (bsc#1197661).
- scsi: qla2xxx: Fix disk failure to rediscover (bsc#1197661).
- scsi: qla2xxx: Fix hang due to session stuck (bsc#1197661).
- scsi: qla2xxx: Fix incorrect reporting of task management failure
(bsc#1197661).
- scsi: qla2xxx: Fix laggy FC remote port session recovery (bsc#1197661).
- scsi: qla2xxx: Fix loss of NVMe namespaces after driver reload test
(bsc#1197661).
- scsi: qla2xxx: Fix missed DMA unmap for NVMe ls requests (bsc#1197661).
- scsi: qla2xxx: Fix N2N inconsistent PLOGI (bsc#1197661).
- scsi: qla2xxx: Fix stuck session of PRLI reject (bsc#1197661).
- scsi: qla2xxx: Fix typos in comments (bsc#1197661).
- scsi: qla2xxx: Increase max limit of ql2xnvme_queues (bsc#1197661).
- scsi: qla2xxx: Reduce false trigger to login (bsc#1197661).
- scsi: qla2xxx: Stop using the SCSI pointer (bsc#1197661).
- scsi: qla2xxx: Update version to 10.02.07.400-k (bsc#1197661).
- scsi: qla2xxx: Use correct feature type field during RFF_ID processing
(bsc#1197661).
- scsi: qla2xxx: Use named initializers for port_state_str (bsc#1197661).
- scsi: qla2xxx: Use named initializers for q_dev_state (bsc#1197661).
- serial: 8250_lpss: Balance reference count for PCI DMA device
(git-fixes).
- serial: 8250_mid: Balance reference count for PCI DMA device (git-fixes).
- serial: 8250: Fix race condition in RTS-after-send handling (git-fixes).
- serial: core: Fix the definition name in the comment of UPF_* flags
(git-fixes).
- soc: qcom: aoss: remove spurious IRQF_ONESHOT flags (git-fixes).
- soc: qcom: rpmpd: Check for null return of devm_kcalloc (git-fixes).
- soc: ti: wkup_m3_ipc: Fix IRQ check in wkup_m3_ipc_probe (git-fixes).
- soundwire: intel: fix wrong register name in intel_shim_wake (git-fixes).
- spi: pxa2xx-pci: Balance reference count for PCI DMA device (git-fixes).
- spi: tegra114: Add missing IRQ check in tegra_spi_probe (git-fixes).
- staging:iio:adc:ad7280a: Fix handing of device address bit reversing
(git-fixes).
- tcp: add some entropy in __inet_hash_connect() (bsc#1180153).
- tcp: change source port randomizarion at connect() time (bsc#1180153).
- thermal: int340x: Check for NULL after calling kmemdup() (git-fixes).
- thermal: int340x: Increase bitmap size (git-fixes).
- udp_tunnel: Fix end of loop test in udp_tunnel_nic_unregister()
(git-fixes).
- Update config files (bsc#1195926 bsc#1175667). VIRTIO_PCI=m ->
VIRTIO_PCI=y
- usb: bdc: Adb shows offline after resuming from S2 (git-fixes).
- usb: bdc: Fix a resource leak in the error handling path of
'bdc_probe()' (git-fixes).
- usb: bdc: Fix unused assignment in bdc_probe() (git-fixes).
- usb: bdc: remove duplicated error message (git-fixes).
- usb: bdc: Use devm_clk_get_optional() (git-fixes).
- usb: bdc: use devm_platform_ioremap_resource() to simplify code
(git-fixes).
- usb: dwc3: gadget: Use list_replace_init() before traversing lists
(git-fixes).
- usb: dwc3: qcom: add IRQ check (git-fixes).
- usb: gadget: bdc: use readl_poll_timeout() to simplify code (git-fixes).
- usb: gadget: Fix use-after-free bug by not setting udc->dev.driver
(git-fixes).
- usb: gadget: rndis: prevent integer overflow in rndis_set_response()
(git-fixes).
- usb: usbtmc: Fix bug in pipe direction for control transfers (git-fixes).
- VFS: filename_create(): fix incorrect intent (bsc#1197534).
- video: fbdev: atmel_lcdfb: fix an error code in atmel_lcdfb_probe()
(git-fixes).
- video: fbdev: controlfb: Fix COMPILE_TEST build (git-fixes).
- video: fbdev: fbcvt.c: fix printing in fb_cvt_print_name() (git-fixes).
- video: fbdev: matroxfb: set maxvram of vbG200eW to the same as vbG200 to
avoid black screen (git-fixes).
- video: fbdev: matroxfb: set maxvram of vbG200eW to the same as vbG200 to
avoid black screen (git-fixes).
- video: fbdev: omapfb: Add missing of_node_put() in dvic_probe_of
(git-fixes).
- video: fbdev: smscufx: Fix null-ptr-deref in ufx_usb_probe() (git-fixes).
- VMCI: Fix the description of vmci_check_host_caps() (git-fixes).
- vsprintf: Fix %pK with kptr_restrict == 0 (bsc#1197889).
- wireguard: queueing: use CFI-safe ptr_ring cleanup function (git-fixes).
- wireguard: selftests: rename DEBUG_PI_LIST to DEBUG_PLIST (git-fixes).
- wireguard: socket: free skb in send6 when ipv6 is disabled (git-fixes).
- wireguard: socket: ignore v6 endpoints when ipv6 is disabled (git-fixes).
- x86/cpu: Add hardware-enforced cache coherency as a CPUID feature
(bsc#1178134).
- x86/mm/pat: Do not flush cache if hardware enforces cache coherency
across encryption domnains (bsc#1178134).
- x86/speculation: Warn about eIBRS + LFENCE + Unprivileged eBPF + SMT
(bsc#1178134).
- x86/speculation: Warn about Spectre v2 LFENCE mitigation (bsc#1178134).
- xhci: fix garbage USBSTS being logged in some cases (git-fixes).
Special Instructions and Notes:
Please reboot the system after installing this update.
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1183=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1183=1
- SUSE Linux Enterprise Workstation Extension 15-SP3:
zypper in -t patch SUSE-SLE-Product-WE-15-SP3-2022-1183=1
- SUSE Linux Enterprise Module for Live Patching 15-SP3:
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2022-1183=1
- SUSE Linux Enterprise Module for Legacy Software 15-SP3:
zypper in -t patch SUSE-SLE-Module-Legacy-15-SP3-2022-1183=1
- SUSE Linux Enterprise Module for Development Tools 15-SP3:
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP3-2022-1183=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-1183=1
- SUSE Linux Enterprise Micro 5.2:
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2022-1183=1
- SUSE Linux Enterprise Micro 5.1:
zypper in -t patch SUSE-SUSE-MicroOS-5.1-2022-1183=1
- SUSE Linux Enterprise High Availability 15-SP3:
zypper in -t patch SUSE-SLE-Product-HA-15-SP3-2022-1183=1
Package List:
- openSUSE Leap 15.4 (aarch64 x86_64):
cluster-md-kmp-preempt-5.3.18-150300.59.63.1
cluster-md-kmp-preempt-debuginfo-5.3.18-150300.59.63.1
dlm-kmp-preempt-5.3.18-150300.59.63.1
dlm-kmp-preempt-debuginfo-5.3.18-150300.59.63.1
gfs2-kmp-preempt-5.3.18-150300.59.63.1
gfs2-kmp-preempt-debuginfo-5.3.18-150300.59.63.1
kernel-preempt-5.3.18-150300.59.63.1
kernel-preempt-debuginfo-5.3.18-150300.59.63.1
kernel-preempt-debugsource-5.3.18-150300.59.63.1
kernel-preempt-devel-5.3.18-150300.59.63.1
kernel-preempt-devel-debuginfo-5.3.18-150300.59.63.1
kernel-preempt-extra-5.3.18-150300.59.63.1
kernel-preempt-extra-debuginfo-5.3.18-150300.59.63.1
kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1
kernel-preempt-optional-5.3.18-150300.59.63.1
kernel-preempt-optional-debuginfo-5.3.18-150300.59.63.1
kselftests-kmp-preempt-5.3.18-150300.59.63.1
kselftests-kmp-preempt-debuginfo-5.3.18-150300.59.63.1
ocfs2-kmp-preempt-5.3.18-150300.59.63.1
ocfs2-kmp-preempt-debuginfo-5.3.18-150300.59.63.1
reiserfs-kmp-preempt-5.3.18-150300.59.63.1
reiserfs-kmp-preempt-debuginfo-5.3.18-150300.59.63.1
- openSUSE Leap 15.4 (aarch64):
dtb-al-5.3.18-150300.59.63.1
dtb-zte-5.3.18-150300.59.63.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
cluster-md-kmp-default-5.3.18-150300.59.63.1
cluster-md-kmp-default-debuginfo-5.3.18-150300.59.63.1
dlm-kmp-default-5.3.18-150300.59.63.1
dlm-kmp-default-debuginfo-5.3.18-150300.59.63.1
gfs2-kmp-default-5.3.18-150300.59.63.1
gfs2-kmp-default-debuginfo-5.3.18-150300.59.63.1
kernel-default-5.3.18-150300.59.63.1
kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1
kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1
kernel-default-debuginfo-5.3.18-150300.59.63.1
kernel-default-debugsource-5.3.18-150300.59.63.1
kernel-default-devel-5.3.18-150300.59.63.1
kernel-default-devel-debuginfo-5.3.18-150300.59.63.1
kernel-default-extra-5.3.18-150300.59.63.1
kernel-default-extra-debuginfo-5.3.18-150300.59.63.1
kernel-default-livepatch-5.3.18-150300.59.63.1
kernel-default-livepatch-devel-5.3.18-150300.59.63.1
kernel-default-optional-5.3.18-150300.59.63.1
kernel-default-optional-debuginfo-5.3.18-150300.59.63.1
kernel-obs-build-5.3.18-150300.59.63.1
kernel-obs-build-debugsource-5.3.18-150300.59.63.1
kernel-obs-qa-5.3.18-150300.59.63.1
kernel-syms-5.3.18-150300.59.63.1
kselftests-kmp-default-5.3.18-150300.59.63.1
kselftests-kmp-default-debuginfo-5.3.18-150300.59.63.1
ocfs2-kmp-default-5.3.18-150300.59.63.1
ocfs2-kmp-default-debuginfo-5.3.18-150300.59.63.1
reiserfs-kmp-default-5.3.18-150300.59.63.1
reiserfs-kmp-default-debuginfo-5.3.18-150300.59.63.1
- openSUSE Leap 15.3 (aarch64 x86_64):
cluster-md-kmp-preempt-5.3.18-150300.59.63.1
cluster-md-kmp-preempt-debuginfo-5.3.18-150300.59.63.1
dlm-kmp-preempt-5.3.18-150300.59.63.1
dlm-kmp-preempt-debuginfo-5.3.18-150300.59.63.1
gfs2-kmp-preempt-5.3.18-150300.59.63.1
gfs2-kmp-preempt-debuginfo-5.3.18-150300.59.63.1
kernel-preempt-5.3.18-150300.59.63.1
kernel-preempt-debuginfo-5.3.18-150300.59.63.1
kernel-preempt-debugsource-5.3.18-150300.59.63.1
kernel-preempt-devel-5.3.18-150300.59.63.1
kernel-preempt-devel-debuginfo-5.3.18-150300.59.63.1
kernel-preempt-extra-5.3.18-150300.59.63.1
kernel-preempt-extra-debuginfo-5.3.18-150300.59.63.1
kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1
kernel-preempt-optional-5.3.18-150300.59.63.1
kernel-preempt-optional-debuginfo-5.3.18-150300.59.63.1
kselftests-kmp-preempt-5.3.18-150300.59.63.1
kselftests-kmp-preempt-debuginfo-5.3.18-150300.59.63.1
ocfs2-kmp-preempt-5.3.18-150300.59.63.1
ocfs2-kmp-preempt-debuginfo-5.3.18-150300.59.63.1
reiserfs-kmp-preempt-5.3.18-150300.59.63.1
reiserfs-kmp-preempt-debuginfo-5.3.18-150300.59.63.1
- openSUSE Leap 15.3 (ppc64le x86_64):
kernel-debug-5.3.18-150300.59.63.1
kernel-debug-debuginfo-5.3.18-150300.59.63.1
kernel-debug-debugsource-5.3.18-150300.59.63.1
kernel-debug-devel-5.3.18-150300.59.63.1
kernel-debug-devel-debuginfo-5.3.18-150300.59.63.1
kernel-debug-livepatch-devel-5.3.18-150300.59.63.1
kernel-kvmsmall-5.3.18-150300.59.63.1
kernel-kvmsmall-debuginfo-5.3.18-150300.59.63.1
kernel-kvmsmall-debugsource-5.3.18-150300.59.63.1
kernel-kvmsmall-devel-5.3.18-150300.59.63.1
kernel-kvmsmall-devel-debuginfo-5.3.18-150300.59.63.1
kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.63.1
- openSUSE Leap 15.3 (aarch64):
cluster-md-kmp-64kb-5.3.18-150300.59.63.1
cluster-md-kmp-64kb-debuginfo-5.3.18-150300.59.63.1
dlm-kmp-64kb-5.3.18-150300.59.63.1
dlm-kmp-64kb-debuginfo-5.3.18-150300.59.63.1
dtb-al-5.3.18-150300.59.63.1
dtb-allwinner-5.3.18-150300.59.63.1
dtb-altera-5.3.18-150300.59.63.1
dtb-amd-5.3.18-150300.59.63.1
dtb-amlogic-5.3.18-150300.59.63.1
dtb-apm-5.3.18-150300.59.63.1
dtb-arm-5.3.18-150300.59.63.1
dtb-broadcom-5.3.18-150300.59.63.1
dtb-cavium-5.3.18-150300.59.63.1
dtb-exynos-5.3.18-150300.59.63.1
dtb-freescale-5.3.18-150300.59.63.1
dtb-hisilicon-5.3.18-150300.59.63.1
dtb-lg-5.3.18-150300.59.63.1
dtb-marvell-5.3.18-150300.59.63.1
dtb-mediatek-5.3.18-150300.59.63.1
dtb-nvidia-5.3.18-150300.59.63.1
dtb-qcom-5.3.18-150300.59.63.1
dtb-renesas-5.3.18-150300.59.63.1
dtb-rockchip-5.3.18-150300.59.63.1
dtb-socionext-5.3.18-150300.59.63.1
dtb-sprd-5.3.18-150300.59.63.1
dtb-xilinx-5.3.18-150300.59.63.1
dtb-zte-5.3.18-150300.59.63.1
gfs2-kmp-64kb-5.3.18-150300.59.63.1
gfs2-kmp-64kb-debuginfo-5.3.18-150300.59.63.1
kernel-64kb-5.3.18-150300.59.63.1
kernel-64kb-debuginfo-5.3.18-150300.59.63.1
kernel-64kb-debugsource-5.3.18-150300.59.63.1
kernel-64kb-devel-5.3.18-150300.59.63.1
kernel-64kb-devel-debuginfo-5.3.18-150300.59.63.1
kernel-64kb-extra-5.3.18-150300.59.63.1
kernel-64kb-extra-debuginfo-5.3.18-150300.59.63.1
kernel-64kb-livepatch-devel-5.3.18-150300.59.63.1
kernel-64kb-optional-5.3.18-150300.59.63.1
kernel-64kb-optional-debuginfo-5.3.18-150300.59.63.1
kselftests-kmp-64kb-5.3.18-150300.59.63.1
kselftests-kmp-64kb-debuginfo-5.3.18-150300.59.63.1
ocfs2-kmp-64kb-5.3.18-150300.59.63.1
ocfs2-kmp-64kb-debuginfo-5.3.18-150300.59.63.1
reiserfs-kmp-64kb-5.3.18-150300.59.63.1
reiserfs-kmp-64kb-debuginfo-5.3.18-150300.59.63.1
- openSUSE Leap 15.3 (noarch):
kernel-devel-5.3.18-150300.59.63.1
kernel-docs-5.3.18-150300.59.63.1
kernel-docs-html-5.3.18-150300.59.63.1
kernel-macros-5.3.18-150300.59.63.1
kernel-source-5.3.18-150300.59.63.1
kernel-source-vanilla-5.3.18-150300.59.63.1
- openSUSE Leap 15.3 (s390x):
kernel-zfcpdump-5.3.18-150300.59.63.1
kernel-zfcpdump-debuginfo-5.3.18-150300.59.63.1
kernel-zfcpdump-debugsource-5.3.18-150300.59.63.1
- SUSE Linux Enterprise Workstation Extension 15-SP3 (x86_64):
kernel-default-debuginfo-5.3.18-150300.59.63.1
kernel-default-debugsource-5.3.18-150300.59.63.1
kernel-default-extra-5.3.18-150300.59.63.1
kernel-default-extra-debuginfo-5.3.18-150300.59.63.1
kernel-preempt-debuginfo-5.3.18-150300.59.63.1
kernel-preempt-debugsource-5.3.18-150300.59.63.1
kernel-preempt-extra-5.3.18-150300.59.63.1
kernel-preempt-extra-debuginfo-5.3.18-150300.59.63.1
- SUSE Linux Enterprise Module for Live Patching 15-SP3 (ppc64le s390x x86_64):
kernel-default-debuginfo-5.3.18-150300.59.63.1
kernel-default-debugsource-5.3.18-150300.59.63.1
kernel-default-livepatch-5.3.18-150300.59.63.1
kernel-default-livepatch-devel-5.3.18-150300.59.63.1
kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1
- SUSE Linux Enterprise Module for Legacy Software 15-SP3 (aarch64 ppc64le s390x x86_64):
kernel-default-debuginfo-5.3.18-150300.59.63.1
kernel-default-debugsource-5.3.18-150300.59.63.1
reiserfs-kmp-default-5.3.18-150300.59.63.1
reiserfs-kmp-default-debuginfo-5.3.18-150300.59.63.1
- SUSE Linux Enterprise Module for Development Tools 15-SP3 (aarch64 ppc64le s390x x86_64):
kernel-obs-build-5.3.18-150300.59.63.1
kernel-obs-build-debugsource-5.3.18-150300.59.63.1
kernel-syms-5.3.18-150300.59.63.1
- SUSE Linux Enterprise Module for Development Tools 15-SP3 (aarch64 x86_64):
kernel-preempt-debuginfo-5.3.18-150300.59.63.1
kernel-preempt-debugsource-5.3.18-150300.59.63.1
kernel-preempt-devel-5.3.18-150300.59.63.1
kernel-preempt-devel-debuginfo-5.3.18-150300.59.63.1
- SUSE Linux Enterprise Module for Development Tools 15-SP3 (noarch):
kernel-docs-5.3.18-150300.59.63.1
kernel-source-5.3.18-150300.59.63.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64):
kernel-default-5.3.18-150300.59.63.1
kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1
kernel-default-debuginfo-5.3.18-150300.59.63.1
kernel-default-debugsource-5.3.18-150300.59.63.1
kernel-default-devel-5.3.18-150300.59.63.1
kernel-default-devel-debuginfo-5.3.18-150300.59.63.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 x86_64):
kernel-preempt-5.3.18-150300.59.63.1
kernel-preempt-debuginfo-5.3.18-150300.59.63.1
kernel-preempt-debugsource-5.3.18-150300.59.63.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64):
kernel-64kb-5.3.18-150300.59.63.1
kernel-64kb-debuginfo-5.3.18-150300.59.63.1
kernel-64kb-debugsource-5.3.18-150300.59.63.1
kernel-64kb-devel-5.3.18-150300.59.63.1
kernel-64kb-devel-debuginfo-5.3.18-150300.59.63.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (noarch):
kernel-devel-5.3.18-150300.59.63.1
kernel-macros-5.3.18-150300.59.63.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (s390x):
kernel-zfcpdump-5.3.18-150300.59.63.1
kernel-zfcpdump-debuginfo-5.3.18-150300.59.63.1
kernel-zfcpdump-debugsource-5.3.18-150300.59.63.1
- SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64):
kernel-default-5.3.18-150300.59.63.1
kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1
kernel-default-debuginfo-5.3.18-150300.59.63.1
kernel-default-debugsource-5.3.18-150300.59.63.1
- SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64):
kernel-default-5.3.18-150300.59.63.1
kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1
kernel-default-debuginfo-5.3.18-150300.59.63.1
kernel-default-debugsource-5.3.18-150300.59.63.1
- SUSE Linux Enterprise High Availability 15-SP3 (aarch64 ppc64le s390x x86_64):
cluster-md-kmp-default-5.3.18-150300.59.63.1
cluster-md-kmp-default-debuginfo-5.3.18-150300.59.63.1
dlm-kmp-default-5.3.18-150300.59.63.1
dlm-kmp-default-debuginfo-5.3.18-150300.59.63.1
gfs2-kmp-default-5.3.18-150300.59.63.1
gfs2-kmp-default-debuginfo-5.3.18-150300.59.63.1
kernel-default-debuginfo-5.3.18-150300.59.63.1
kernel-default-debugsource-5.3.18-150300.59.63.1
ocfs2-kmp-default-5.3.18-150300.59.63.1
ocfs2-kmp-default-debuginfo-5.3.18-150300.59.63.1
References:
https://www.suse.com/security/cve/CVE-2021-45868.html
https://www.suse.com/security/cve/CVE-2022-0850.html
https://www.suse.com/security/cve/CVE-2022-0854.html
https://www.suse.com/security/cve/CVE-2022-1011.html
https://www.suse.com/security/cve/CVE-2022-1016.html
https://www.suse.com/security/cve/CVE-2022-1048.html
https://www.suse.com/security/cve/CVE-2022-1055.html
https://www.suse.com/security/cve/CVE-2022-1195.html
https://www.suse.com/security/cve/CVE-2022-1198.html
https://www.suse.com/security/cve/CVE-2022-1199.html
https://www.suse.com/security/cve/CVE-2022-1205.html
https://www.suse.com/security/cve/CVE-2022-27666.html
https://www.suse.com/security/cve/CVE-2022-28388.html
https://www.suse.com/security/cve/CVE-2022-28389.html
https://www.suse.com/security/cve/CVE-2022-28390.html
https://bugzilla.suse.com/1065729
https://bugzilla.suse.com/1156395
https://bugzilla.suse.com/1175667
https://bugzilla.suse.com/1177028
https://bugzilla.suse.com/1178134
https://bugzilla.suse.com/1179639
https://bugzilla.suse.com/1180153
https://bugzilla.suse.com/1189562
https://bugzilla.suse.com/1194649
https://bugzilla.suse.com/1195640
https://bugzilla.suse.com/1195926
https://bugzilla.suse.com/1196018
https://bugzilla.suse.com/1196196
https://bugzilla.suse.com/1196478
https://bugzilla.suse.com/1196761
https://bugzilla.suse.com/1196823
https://bugzilla.suse.com/1197227
https://bugzilla.suse.com/1197243
https://bugzilla.suse.com/1197300
https://bugzilla.suse.com/1197302
https://bugzilla.suse.com/1197331
https://bugzilla.suse.com/1197343
https://bugzilla.suse.com/1197366
https://bugzilla.suse.com/1197389
https://bugzilla.suse.com/1197462
https://bugzilla.suse.com/1197501
https://bugzilla.suse.com/1197534
https://bugzilla.suse.com/1197661
https://bugzilla.suse.com/1197675
https://bugzilla.suse.com/1197702
https://bugzilla.suse.com/1197811
https://bugzilla.suse.com/1197812
https://bugzilla.suse.com/1197815
https://bugzilla.suse.com/1197817
https://bugzilla.suse.com/1197819
https://bugzilla.suse.com/1197820
https://bugzilla.suse.com/1197888
https://bugzilla.suse.com/1197889
https://bugzilla.suse.com/1197894
https://bugzilla.suse.com/1197914
https://bugzilla.suse.com/1198027
https://bugzilla.suse.com/1198028
https://bugzilla.suse.com/1198029
https://bugzilla.suse.com/1198030
https://bugzilla.suse.com/1198031
https://bugzilla.suse.com/1198032
https://bugzilla.suse.com/1198033
1
0
13 Apr '22
SUSE Recommended Update: Recommended update for crmsh
______________________________________________________________________________
Announcement ID: SUSE-RU-2022:1175-1
Rating: moderate
References: #1196726 #1197351
Affected Products:
SUSE Linux Enterprise High Availability 15-SP2
SUSE Linux Enterprise High Availability 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP2
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Server 15-SP2
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP2
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.1
SUSE Manager Retail Branch Server 4.2
SUSE Manager Server 4.1
SUSE Manager Server 4.2
openSUSE Leap 15.3
______________________________________________________________________________
An update that has two recommended fixes can now be
installed.
Description:
This update for crmsh fixes the following issues:
- utils: Update 'detect_cloud' pattern for 'aws'. (bsc#1197351)
- Fix: utils: Only raise exception when return code of systemctl command
over ssh larger than 4. (bsc#1196726)
Patch Instructions:
To install this SUSE Recommended Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1175=1
- SUSE Linux Enterprise High Availability 15-SP3:
zypper in -t patch SUSE-SLE-Product-HA-15-SP3-2022-1175=1
- SUSE Linux Enterprise High Availability 15-SP2:
zypper in -t patch SUSE-SLE-Product-HA-15-SP2-2022-1175=1
Package List:
- openSUSE Leap 15.3 (noarch):
crmsh-4.3.1+20220321.bd33abac-150200.5.77.1
crmsh-scripts-4.3.1+20220321.bd33abac-150200.5.77.1
crmsh-test-4.3.1+20220321.bd33abac-150200.5.77.1
- SUSE Linux Enterprise High Availability 15-SP3 (noarch):
crmsh-4.3.1+20220321.bd33abac-150200.5.77.1
crmsh-scripts-4.3.1+20220321.bd33abac-150200.5.77.1
- SUSE Linux Enterprise High Availability 15-SP2 (noarch):
crmsh-4.3.1+20220321.bd33abac-150200.5.77.1
crmsh-scripts-4.3.1+20220321.bd33abac-150200.5.77.1
References:
https://bugzilla.suse.com/1196726
https://bugzilla.suse.com/1197351
1
0
SUSE-SU-2022:1176-1: important: Security update for MozillaThunderbird
by opensuse-security@opensuse.org 13 Apr '22
by opensuse-security@opensuse.org 13 Apr '22
13 Apr '22
SUSE Security Update: Security update for MozillaThunderbird
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1176-1
Rating: important
References: #1197903
Cross-References: CVE-2022-1097 CVE-2022-1196 CVE-2022-1197
CVE-2022-24713 CVE-2022-28281 CVE-2022-28282
CVE-2022-28285 CVE-2022-28286 CVE-2022-28289
CVSS scores:
CVE-2022-1097 (SUSE): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-1196 (SUSE): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
CVE-2022-1197 (SUSE): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
CVE-2022-24713 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-24713 (SUSE): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
CVE-2022-28281 (SUSE): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-28282 (SUSE): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
CVE-2022-28285 (SUSE): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
CVE-2022-28286 (SUSE): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
CVE-2022-28289 (SUSE): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected Products:
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Linux Enterprise Workstation Extension 15-SP3
SUSE Linux Enterprise Workstation Extension 15-SP4
SUSE Manager Proxy 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes 9 vulnerabilities is now available.
Description:
This update for MozillaThunderbird fixes the following issues:
- Updated to version 91.8 (bsc#1197903):
- CVE-2022-1097: Fixed a memory corruption issue with NSSToken objects.
- CVE-2022-28281: Fixed a memory corruption issue due to unexpected
WebAuthN Extensions.
- CVE-2022-1197: Fixed an issue where OpenPGP revocation information was
ignored.
- CVE-2022-1196: Fixed a memory corruption issue after VR process
destruction.
- CVE-2022-28282: Fixed a memory corruption issue in document
translation.
- CVE-2022-28285: Fixed a memory corruption issue in JIT code generation.
- CVE-2022-28286: Fixed an iframe layout issue that could have been
exploited to stage spoofing attacks.
- CVE-2022-24713: Fixed a potential denial of service via complex
regular expressions.
- CVE-2022-28289: Fixed multiple memory corruption issues.
Non-security fixes:
- Changed Google accounts using password authentication to use OAuth2.
- Fixed an issue where OpenPGP ECC keys created by Thunderbird could not
be imported into GnuPG.
- Fixed an issue where exporting multiple public PGP keys from Thunderbird
was not possible.
- Fixed an issue where replying to a newsgroup message erroneously
displayed a "No-reply" popup warning.
- Fixed an issue with opening older address books.
- Fixed an issue where LDAP directories would be lost when switching to
"Offline" mode.
- Fixed an issue when importing webcals.
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1176=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1176=1
- SUSE Linux Enterprise Workstation Extension 15-SP4:
zypper in -t patch SUSE-SLE-Product-WE-15-SP4-2022-1176=1
- SUSE Linux Enterprise Workstation Extension 15-SP3:
zypper in -t patch SUSE-SLE-Product-WE-15-SP3-2022-1176=1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4:
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP4-2022-1176=1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3:
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP3-2022-1176=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
MozillaThunderbird-91.8.0-150200.8.65.1
MozillaThunderbird-debuginfo-91.8.0-150200.8.65.1
MozillaThunderbird-debugsource-91.8.0-150200.8.65.1
MozillaThunderbird-translations-common-91.8.0-150200.8.65.1
MozillaThunderbird-translations-other-91.8.0-150200.8.65.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
MozillaThunderbird-91.8.0-150200.8.65.1
MozillaThunderbird-debuginfo-91.8.0-150200.8.65.1
MozillaThunderbird-debugsource-91.8.0-150200.8.65.1
MozillaThunderbird-translations-common-91.8.0-150200.8.65.1
MozillaThunderbird-translations-other-91.8.0-150200.8.65.1
- SUSE Linux Enterprise Workstation Extension 15-SP4 (x86_64):
MozillaThunderbird-91.8.0-150200.8.65.1
MozillaThunderbird-debuginfo-91.8.0-150200.8.65.1
MozillaThunderbird-debugsource-91.8.0-150200.8.65.1
MozillaThunderbird-translations-common-91.8.0-150200.8.65.1
MozillaThunderbird-translations-other-91.8.0-150200.8.65.1
- SUSE Linux Enterprise Workstation Extension 15-SP3 (x86_64):
MozillaThunderbird-91.8.0-150200.8.65.1
MozillaThunderbird-debuginfo-91.8.0-150200.8.65.1
MozillaThunderbird-debugsource-91.8.0-150200.8.65.1
MozillaThunderbird-translations-common-91.8.0-150200.8.65.1
MozillaThunderbird-translations-other-91.8.0-150200.8.65.1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4 (aarch64 ppc64le s390x):
MozillaThunderbird-91.8.0-150200.8.65.1
MozillaThunderbird-debuginfo-91.8.0-150200.8.65.1
MozillaThunderbird-debugsource-91.8.0-150200.8.65.1
MozillaThunderbird-translations-common-91.8.0-150200.8.65.1
MozillaThunderbird-translations-other-91.8.0-150200.8.65.1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3 (aarch64 ppc64le s390x):
MozillaThunderbird-91.8.0-150200.8.65.1
MozillaThunderbird-debuginfo-91.8.0-150200.8.65.1
MozillaThunderbird-debugsource-91.8.0-150200.8.65.1
MozillaThunderbird-translations-common-91.8.0-150200.8.65.1
MozillaThunderbird-translations-other-91.8.0-150200.8.65.1
References:
https://www.suse.com/security/cve/CVE-2022-1097.html
https://www.suse.com/security/cve/CVE-2022-1196.html
https://www.suse.com/security/cve/CVE-2022-1197.html
https://www.suse.com/security/cve/CVE-2022-24713.html
https://www.suse.com/security/cve/CVE-2022-28281.html
https://www.suse.com/security/cve/CVE-2022-28282.html
https://www.suse.com/security/cve/CVE-2022-28285.html
https://www.suse.com/security/cve/CVE-2022-28286.html
https://www.suse.com/security/cve/CVE-2022-28289.html
https://bugzilla.suse.com/1197903
1
0
SUSE-RU-2022:1170-1: moderate: Recommended update for systemd
by maintenance@opensuse.org 12 Apr '22
by maintenance@opensuse.org 12 Apr '22
12 Apr '22
SUSE Recommended Update: Recommended update for systemd
______________________________________________________________________________
Announcement ID: SUSE-RU-2022:1170-1
Rating: moderate
References: #1191502 #1193086 #1195247 #1195529 #1195899
#1196567 SLE-23867
Affected Products:
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Micro 5.1
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Manager Proxy 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that has 6 recommended fixes and contains one
feature can now be installed.
Description:
This update for systemd fixes the following issues:
- Fix the default target when it's been incorrectly set to one of the
runlevel targets (bsc#1196567)
- When migrating from sysvinit to systemd (it probably won't happen
anymore), let's use the default systemd target, which is the
graphical.target one.
- Don't open /var journals in volatile mode when runtime_journal==NULL
- udev: 60-persistent-storage-tape.rules: handle duplicate device ID
(bsc#1195529)
- man: tweak description of auto/noauto (bsc#1191502)
- shared/install: ignore failures for auxiliary files
- install: make UnitFileChangeType enum anonymous
- shared/install: reduce scope of iterator variables
- systemd-coredump: allow setting external core size to infinity
(bsc#1195899 jsc#SLE-23867)
- Update s390 udev rules conversion script to include the case when the
legacy rule was also 41-* (bsc#1195247)
- Drop or soften some of the deprecation warnings (bsc#1193086)
Special Instructions and Notes:
Please reboot the system after installing this update.
Patch Instructions:
To install this SUSE Recommended Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1170=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1170=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-1170=1
- SUSE Linux Enterprise Micro 5.1:
zypper in -t patch SUSE-SUSE-MicroOS-5.1-2022-1170=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
libudev-devel-246.16-150300.7.42.1
nss-mymachines-246.16-150300.7.42.1
nss-mymachines-debuginfo-246.16-150300.7.42.1
nss-resolve-246.16-150300.7.42.1
nss-resolve-debuginfo-246.16-150300.7.42.1
systemd-logger-246.16-150300.7.42.1
- openSUSE Leap 15.4 (x86_64):
libudev-devel-32bit-246.16-150300.7.42.1
nss-mymachines-32bit-246.16-150300.7.42.1
nss-mymachines-32bit-debuginfo-246.16-150300.7.42.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
libsystemd0-246.16-150300.7.42.1
libsystemd0-debuginfo-246.16-150300.7.42.1
libudev-devel-246.16-150300.7.42.1
libudev1-246.16-150300.7.42.1
libudev1-debuginfo-246.16-150300.7.42.1
nss-myhostname-246.16-150300.7.42.1
nss-myhostname-debuginfo-246.16-150300.7.42.1
nss-mymachines-246.16-150300.7.42.1
nss-mymachines-debuginfo-246.16-150300.7.42.1
nss-resolve-246.16-150300.7.42.1
nss-resolve-debuginfo-246.16-150300.7.42.1
nss-systemd-246.16-150300.7.42.1
nss-systemd-debuginfo-246.16-150300.7.42.1
systemd-246.16-150300.7.42.1
systemd-container-246.16-150300.7.42.1
systemd-container-debuginfo-246.16-150300.7.42.1
systemd-coredump-246.16-150300.7.42.1
systemd-coredump-debuginfo-246.16-150300.7.42.1
systemd-debuginfo-246.16-150300.7.42.1
systemd-debugsource-246.16-150300.7.42.1
systemd-devel-246.16-150300.7.42.1
systemd-doc-246.16-150300.7.42.1
systemd-journal-remote-246.16-150300.7.42.1
systemd-journal-remote-debuginfo-246.16-150300.7.42.1
systemd-logger-246.16-150300.7.42.1
systemd-network-246.16-150300.7.42.1
systemd-network-debuginfo-246.16-150300.7.42.1
systemd-sysvinit-246.16-150300.7.42.1
udev-246.16-150300.7.42.1
udev-debuginfo-246.16-150300.7.42.1
- openSUSE Leap 15.3 (noarch):
systemd-lang-246.16-150300.7.42.1
- openSUSE Leap 15.3 (x86_64):
libsystemd0-32bit-246.16-150300.7.42.1
libsystemd0-32bit-debuginfo-246.16-150300.7.42.1
libudev-devel-32bit-246.16-150300.7.42.1
libudev1-32bit-246.16-150300.7.42.1
libudev1-32bit-debuginfo-246.16-150300.7.42.1
nss-myhostname-32bit-246.16-150300.7.42.1
nss-myhostname-32bit-debuginfo-246.16-150300.7.42.1
nss-mymachines-32bit-246.16-150300.7.42.1
nss-mymachines-32bit-debuginfo-246.16-150300.7.42.1
systemd-32bit-246.16-150300.7.42.1
systemd-32bit-debuginfo-246.16-150300.7.42.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64):
libsystemd0-246.16-150300.7.42.1
libsystemd0-debuginfo-246.16-150300.7.42.1
libudev-devel-246.16-150300.7.42.1
libudev1-246.16-150300.7.42.1
libudev1-debuginfo-246.16-150300.7.42.1
systemd-246.16-150300.7.42.1
systemd-container-246.16-150300.7.42.1
systemd-container-debuginfo-246.16-150300.7.42.1
systemd-coredump-246.16-150300.7.42.1
systemd-coredump-debuginfo-246.16-150300.7.42.1
systemd-debuginfo-246.16-150300.7.42.1
systemd-debugsource-246.16-150300.7.42.1
systemd-devel-246.16-150300.7.42.1
systemd-doc-246.16-150300.7.42.1
systemd-journal-remote-246.16-150300.7.42.1
systemd-journal-remote-debuginfo-246.16-150300.7.42.1
systemd-sysvinit-246.16-150300.7.42.1
udev-246.16-150300.7.42.1
udev-debuginfo-246.16-150300.7.42.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (noarch):
systemd-lang-246.16-150300.7.42.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (x86_64):
libsystemd0-32bit-246.16-150300.7.42.1
libsystemd0-32bit-debuginfo-246.16-150300.7.42.1
libudev1-32bit-246.16-150300.7.42.1
libudev1-32bit-debuginfo-246.16-150300.7.42.1
systemd-32bit-246.16-150300.7.42.1
systemd-32bit-debuginfo-246.16-150300.7.42.1
- SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64):
libsystemd0-246.16-150300.7.42.1
libsystemd0-debuginfo-246.16-150300.7.42.1
libudev1-246.16-150300.7.42.1
libudev1-debuginfo-246.16-150300.7.42.1
systemd-246.16-150300.7.42.1
systemd-container-246.16-150300.7.42.1
systemd-container-debuginfo-246.16-150300.7.42.1
systemd-debuginfo-246.16-150300.7.42.1
systemd-debugsource-246.16-150300.7.42.1
systemd-journal-remote-246.16-150300.7.42.1
systemd-journal-remote-debuginfo-246.16-150300.7.42.1
systemd-sysvinit-246.16-150300.7.42.1
udev-246.16-150300.7.42.1
udev-debuginfo-246.16-150300.7.42.1
References:
https://bugzilla.suse.com/1191502
https://bugzilla.suse.com/1193086
https://bugzilla.suse.com/1195247
https://bugzilla.suse.com/1195529
https://bugzilla.suse.com/1195899
https://bugzilla.suse.com/1196567
1
0
SUSE-RU-2022:1166-1: important: Recommended update for cloud-regionsrv-client
by maintenance@opensuse.org 12 Apr '22
by maintenance@opensuse.org 12 Apr '22
12 Apr '22
SUSE Recommended Update: Recommended update for cloud-regionsrv-client
______________________________________________________________________________
Announcement ID: SUSE-RU-2022:1166-1
Rating: important
References: MSC-282
Affected Products:
SUSE Linux Enterprise High Performance Computing 15
SUSE Linux Enterprise High Performance Computing 15-SP1
SUSE Linux Enterprise High Performance Computing 15-SP2
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Public Cloud 15
SUSE Linux Enterprise Module for Public Cloud 15-SP1
SUSE Linux Enterprise Module for Public Cloud 15-SP2
SUSE Linux Enterprise Module for Public Cloud 15-SP3
SUSE Linux Enterprise Module for Public Cloud 15-SP4
SUSE Linux Enterprise Server 15
SUSE Linux Enterprise Server 15-SP1
SUSE Linux Enterprise Server 15-SP2
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15
SUSE Linux Enterprise Server for SAP Applications 15-SP1
SUSE Linux Enterprise Server for SAP Applications 15-SP2
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Linux Enterprise Storage 6
SUSE Linux Enterprise Storage 7
SUSE Manager Proxy 4.0
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Server 4.0
SUSE Manager Server 4.1
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that has 0 recommended fixes and contains one
feature can now be installed.
Description:
Recommended update for cloud-regionsrv-client contains the following fix:
cloud-regionsrv-client: Shipping cloud-regionsrv-client-addon-azure to
unrestricted channels. (#MSC-282)
Patch Instructions:
To install this SUSE Recommended Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1166=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1166=1
- SUSE Linux Enterprise Module for Public Cloud 15-SP4:
zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2022-1166=1
- SUSE Linux Enterprise Module for Public Cloud 15-SP3:
zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP3-2022-1166=1
- SUSE Linux Enterprise Module for Public Cloud 15-SP2:
zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP2-2022-1166=1
- SUSE Linux Enterprise Module for Public Cloud 15-SP1:
zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP1-2022-1166=1
- SUSE Linux Enterprise Module for Public Cloud 15:
zypper in -t patch SUSE-SLE-Module-Public-Cloud-Unrestricted-15-2022-1166=1
Package List:
- openSUSE Leap 15.4 (noarch):
cloud-regionsrv-client-10.0.2-150000.6.67.1
cloud-regionsrv-client-addon-azure-1.0.3-150000.6.67.1
cloud-regionsrv-client-generic-config-1.0.0-150000.6.67.1
cloud-regionsrv-client-plugin-azure-2.0.0-150000.6.67.1
cloud-regionsrv-client-plugin-ec2-1.0.2-150000.6.67.1
cloud-regionsrv-client-plugin-gce-1.0.0-150000.6.67.1
- openSUSE Leap 15.3 (noarch):
cloud-regionsrv-client-10.0.2-150000.6.67.1
cloud-regionsrv-client-generic-config-1.0.0-150000.6.67.1
cloud-regionsrv-client-plugin-azure-2.0.0-150000.6.67.1
cloud-regionsrv-client-plugin-ec2-1.0.2-150000.6.67.1
cloud-regionsrv-client-plugin-gce-1.0.0-150000.6.67.1
- SUSE Linux Enterprise Module for Public Cloud 15-SP4 (noarch):
cloud-regionsrv-client-10.0.2-150000.6.67.1
cloud-regionsrv-client-addon-azure-1.0.3-150000.6.67.1
cloud-regionsrv-client-generic-config-1.0.0-150000.6.67.1
cloud-regionsrv-client-plugin-azure-2.0.0-150000.6.67.1
cloud-regionsrv-client-plugin-ec2-1.0.2-150000.6.67.1
cloud-regionsrv-client-plugin-gce-1.0.0-150000.6.67.1
- SUSE Linux Enterprise Module for Public Cloud 15-SP3 (noarch):
cloud-regionsrv-client-10.0.2-150000.6.67.1
cloud-regionsrv-client-addon-azure-1.0.3-150000.6.67.1
cloud-regionsrv-client-generic-config-1.0.0-150000.6.67.1
cloud-regionsrv-client-plugin-azure-2.0.0-150000.6.67.1
cloud-regionsrv-client-plugin-ec2-1.0.2-150000.6.67.1
cloud-regionsrv-client-plugin-gce-1.0.0-150000.6.67.1
- SUSE Linux Enterprise Module for Public Cloud 15-SP2 (noarch):
cloud-regionsrv-client-10.0.2-150000.6.67.1
cloud-regionsrv-client-addon-azure-1.0.3-150000.6.67.1
cloud-regionsrv-client-generic-config-1.0.0-150000.6.67.1
cloud-regionsrv-client-plugin-azure-2.0.0-150000.6.67.1
cloud-regionsrv-client-plugin-ec2-1.0.2-150000.6.67.1
cloud-regionsrv-client-plugin-gce-1.0.0-150000.6.67.1
- SUSE Linux Enterprise Module for Public Cloud 15-SP1 (noarch):
cloud-regionsrv-client-10.0.2-150000.6.67.1
cloud-regionsrv-client-addon-azure-1.0.3-150000.6.67.1
cloud-regionsrv-client-generic-config-1.0.0-150000.6.67.1
cloud-regionsrv-client-plugin-azure-2.0.0-150000.6.67.1
cloud-regionsrv-client-plugin-ec2-1.0.2-150000.6.67.1
cloud-regionsrv-client-plugin-gce-1.0.0-150000.6.67.1
- SUSE Linux Enterprise Module for Public Cloud 15 (noarch):
cloud-regionsrv-client-10.0.2-150000.6.67.1
cloud-regionsrv-client-addon-azure-1.0.3-150000.6.67.1
cloud-regionsrv-client-plugin-azure-2.0.0-150000.6.67.1
cloud-regionsrv-client-plugin-ec2-1.0.2-150000.6.67.1
References:
1
0
SUSE-SU-2022:1167-1: important: Security update for go1.17
by opensuse-security@opensuse.org 12 Apr '22
by opensuse-security@opensuse.org 12 Apr '22
12 Apr '22
SUSE Security Update: Security update for go1.17
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:1167-1
Rating: important
References: #1183043 #1190649 #1196732
Cross-References: CVE-2022-24921
CVSS scores:
CVE-2022-24921 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-24921 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products:
SUSE Enterprise Storage 7
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Development Tools 15-SP3
SUSE Linux Enterprise Module for Development Tools 15-SP4
SUSE Linux Enterprise Realtime Extension 15-SP2
SUSE Linux Enterprise Server 15-SP2-BCL
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.1
SUSE Manager Server 4.1
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that solves one vulnerability and has two fixes
is now available.
Description:
This update for go1.17 fixes the following issues:
Update to version 1.17.8 (bsc#1190649):
- CVE-2022-24921: Fixed a potential denial of service via large regular
expressions (bsc#1196732).
Non-security fixes:
- Fixed an issue with v2 modules (go#51332).
- Fixed an issue when building source in riscv64 (go#51199).
- Increased compatibility for the DNS protocol in the net module
(go#51162).
- Fixed an issue with histograms in the runtime/metrics module
(go#50734).
- Fixed an issue when parsing x509 certificates (go#51000).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-1167=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-1167=1
- SUSE Manager Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-1167=1
- SUSE Manager Retail Branch Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-1167=1
- SUSE Manager Proxy 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-1167=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-1167=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-1167=1
- SUSE Linux Enterprise Server 15-SP2-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-1167=1
- SUSE Linux Enterprise Realtime Extension 15-SP2:
zypper in -t patch SUSE-SLE-Product-RT-15-SP2-2022-1167=1
- SUSE Linux Enterprise Module for Development Tools 15-SP4:
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP4-2022-1167=1
- SUSE Linux Enterprise Module for Development Tools 15-SP3:
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP3-2022-1167=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-1167=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-1167=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2022-1167=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
go1.17-1.17.8-150000.1.25.1
go1.17-doc-1.17.8-150000.1.25.1
- openSUSE Leap 15.4 (aarch64 x86_64):
go1.17-race-1.17.8-150000.1.25.1
- openSUSE Leap 15.3 (aarch64 i586 ppc64le s390x x86_64):
go1.17-1.17.8-150000.1.25.1
go1.17-doc-1.17.8-150000.1.25.1
- openSUSE Leap 15.3 (aarch64 x86_64):
go1.17-race-1.17.8-150000.1.25.1
- SUSE Manager Server 4.1 (ppc64le s390x x86_64):
go1.17-1.17.8-150000.1.25.1
go1.17-doc-1.17.8-150000.1.25.1
- SUSE Manager Server 4.1 (x86_64):
go1.17-race-1.17.8-150000.1.25.1
- SUSE Manager Retail Branch Server 4.1 (x86_64):
go1.17-1.17.8-150000.1.25.1
go1.17-doc-1.17.8-150000.1.25.1
go1.17-race-1.17.8-150000.1.25.1
- SUSE Manager Proxy 4.1 (x86_64):
go1.17-1.17.8-150000.1.25.1
go1.17-doc-1.17.8-150000.1.25.1
go1.17-race-1.17.8-150000.1.25.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64):
go1.17-1.17.8-150000.1.25.1
go1.17-doc-1.17.8-150000.1.25.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (x86_64):
go1.17-race-1.17.8-150000.1.25.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64):
go1.17-1.17.8-150000.1.25.1
go1.17-doc-1.17.8-150000.1.25.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 x86_64):
go1.17-race-1.17.8-150000.1.25.1
- SUSE Linux Enterprise Server 15-SP2-BCL (x86_64):
go1.17-1.17.8-150000.1.25.1
go1.17-doc-1.17.8-150000.1.25.1
go1.17-race-1.17.8-150000.1.25.1
- SUSE Linux Enterprise Realtime Extension 15-SP2 (x86_64):
go1.17-1.17.8-150000.1.25.1
go1.17-doc-1.17.8-150000.1.25.1
go1.17-race-1.17.8-150000.1.25.1
- SUSE Linux Enterprise Module for Development Tools 15-SP4 (aarch64 ppc64le s390x x86_64):
go1.17-1.17.8-150000.1.25.1
go1.17-doc-1.17.8-150000.1.25.1
- SUSE Linux Enterprise Module for Development Tools 15-SP4 (aarch64 x86_64):
go1.17-race-1.17.8-150000.1.25.1
- SUSE Linux Enterprise Module for Development Tools 15-SP3 (aarch64 ppc64le s390x x86_64):
go1.17-1.17.8-150000.1.25.1
go1.17-doc-1.17.8-150000.1.25.1
- SUSE Linux Enterprise Module for Development Tools 15-SP3 (aarch64 x86_64):
go1.17-race-1.17.8-150000.1.25.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64):
go1.17-1.17.8-150000.1.25.1
go1.17-doc-1.17.8-150000.1.25.1
go1.17-race-1.17.8-150000.1.25.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (aarch64 x86_64):
go1.17-1.17.8-150000.1.25.1
go1.17-doc-1.17.8-150000.1.25.1
go1.17-race-1.17.8-150000.1.25.1
- SUSE Enterprise Storage 7 (aarch64 x86_64):
go1.17-1.17.8-150000.1.25.1
go1.17-doc-1.17.8-150000.1.25.1
go1.17-race-1.17.8-150000.1.25.1
References:
https://www.suse.com/security/cve/CVE-2022-24921.html
https://bugzilla.suse.com/1183043
https://bugzilla.suse.com/1190649
https://bugzilla.suse.com/1196732
1
0