openSUSE Updates
Threads by month
- ----- 2024 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2023 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2022 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2021 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2020 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2019 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2018 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2017 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2016 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2015 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2014 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2013 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2012 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2011 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2010 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
January 2023
- 2 participants
- 144 discussions
SUSE-SU-2023:0084-1: important: Security update for php7
by opensuse-security@opensuse.org 12 Jan '23
by opensuse-security@opensuse.org 12 Jan '23
12 Jan '23
SUSE Security Update: Security update for php7
______________________________________________________________________________
Announcement ID: SUSE-SU-2023:0084-1
Rating: important
References: #1206958
Cross-References: CVE-2022-31631
CVSS scores:
CVE-2022-31631 (SUSE): 6.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L
Affected Products:
SUSE CaaS Platform 4.0
SUSE Enterprise Storage 6
SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS
SUSE Linux Enterprise Server 15-SP1-LTSS
SUSE Linux Enterprise Server for SAP 15-SP1
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for php7 fixes the following issues:
- CVE-2022-31631: Fixed an issue where PDO::quote would return an unquoted
string (bsc#1206958).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2023-84=1
- SUSE Linux Enterprise Server for SAP 15-SP1:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2023-84=1
- SUSE Linux Enterprise Server 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2023-84=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-LTSS-2023-84=1
- SUSE Enterprise Storage 6:
zypper in -t patch SUSE-Storage-6-2023-84=1
- SUSE CaaS Platform 4.0:
To install this update, use the SUSE CaaS Platform 'skuba' tool. It
will inform you if it detects new updates and let you then trigger
updating of the complete cluster in a controlled way.
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
php7-wddx-7.2.34-150000.4.106.1
php7-wddx-debuginfo-7.2.34-150000.4.106.1
- SUSE Linux Enterprise Server for SAP 15-SP1 (ppc64le x86_64):
apache2-mod_php7-7.2.34-150000.4.106.1
apache2-mod_php7-debuginfo-7.2.34-150000.4.106.1
php7-7.2.34-150000.4.106.1
php7-bcmath-7.2.34-150000.4.106.1
php7-bcmath-debuginfo-7.2.34-150000.4.106.1
php7-bz2-7.2.34-150000.4.106.1
php7-bz2-debuginfo-7.2.34-150000.4.106.1
php7-calendar-7.2.34-150000.4.106.1
php7-calendar-debuginfo-7.2.34-150000.4.106.1
php7-ctype-7.2.34-150000.4.106.1
php7-ctype-debuginfo-7.2.34-150000.4.106.1
php7-curl-7.2.34-150000.4.106.1
php7-curl-debuginfo-7.2.34-150000.4.106.1
php7-dba-7.2.34-150000.4.106.1
php7-dba-debuginfo-7.2.34-150000.4.106.1
php7-debuginfo-7.2.34-150000.4.106.1
php7-debugsource-7.2.34-150000.4.106.1
php7-devel-7.2.34-150000.4.106.1
php7-dom-7.2.34-150000.4.106.1
php7-dom-debuginfo-7.2.34-150000.4.106.1
php7-enchant-7.2.34-150000.4.106.1
php7-enchant-debuginfo-7.2.34-150000.4.106.1
php7-exif-7.2.34-150000.4.106.1
php7-exif-debuginfo-7.2.34-150000.4.106.1
php7-fastcgi-7.2.34-150000.4.106.1
php7-fastcgi-debuginfo-7.2.34-150000.4.106.1
php7-fileinfo-7.2.34-150000.4.106.1
php7-fileinfo-debuginfo-7.2.34-150000.4.106.1
php7-fpm-7.2.34-150000.4.106.1
php7-fpm-debuginfo-7.2.34-150000.4.106.1
php7-ftp-7.2.34-150000.4.106.1
php7-ftp-debuginfo-7.2.34-150000.4.106.1
php7-gd-7.2.34-150000.4.106.1
php7-gd-debuginfo-7.2.34-150000.4.106.1
php7-gettext-7.2.34-150000.4.106.1
php7-gettext-debuginfo-7.2.34-150000.4.106.1
php7-gmp-7.2.34-150000.4.106.1
php7-gmp-debuginfo-7.2.34-150000.4.106.1
php7-iconv-7.2.34-150000.4.106.1
php7-iconv-debuginfo-7.2.34-150000.4.106.1
php7-intl-7.2.34-150000.4.106.1
php7-intl-debuginfo-7.2.34-150000.4.106.1
php7-json-7.2.34-150000.4.106.1
php7-json-debuginfo-7.2.34-150000.4.106.1
php7-ldap-7.2.34-150000.4.106.1
php7-ldap-debuginfo-7.2.34-150000.4.106.1
php7-mbstring-7.2.34-150000.4.106.1
php7-mbstring-debuginfo-7.2.34-150000.4.106.1
php7-mysql-7.2.34-150000.4.106.1
php7-mysql-debuginfo-7.2.34-150000.4.106.1
php7-odbc-7.2.34-150000.4.106.1
php7-odbc-debuginfo-7.2.34-150000.4.106.1
php7-opcache-7.2.34-150000.4.106.1
php7-opcache-debuginfo-7.2.34-150000.4.106.1
php7-openssl-7.2.34-150000.4.106.1
php7-openssl-debuginfo-7.2.34-150000.4.106.1
php7-pcntl-7.2.34-150000.4.106.1
php7-pcntl-debuginfo-7.2.34-150000.4.106.1
php7-pdo-7.2.34-150000.4.106.1
php7-pdo-debuginfo-7.2.34-150000.4.106.1
php7-pgsql-7.2.34-150000.4.106.1
php7-pgsql-debuginfo-7.2.34-150000.4.106.1
php7-phar-7.2.34-150000.4.106.1
php7-phar-debuginfo-7.2.34-150000.4.106.1
php7-posix-7.2.34-150000.4.106.1
php7-posix-debuginfo-7.2.34-150000.4.106.1
php7-readline-7.2.34-150000.4.106.1
php7-readline-debuginfo-7.2.34-150000.4.106.1
php7-shmop-7.2.34-150000.4.106.1
php7-shmop-debuginfo-7.2.34-150000.4.106.1
php7-snmp-7.2.34-150000.4.106.1
php7-snmp-debuginfo-7.2.34-150000.4.106.1
php7-soap-7.2.34-150000.4.106.1
php7-soap-debuginfo-7.2.34-150000.4.106.1
php7-sockets-7.2.34-150000.4.106.1
php7-sockets-debuginfo-7.2.34-150000.4.106.1
php7-sodium-7.2.34-150000.4.106.1
php7-sodium-debuginfo-7.2.34-150000.4.106.1
php7-sqlite-7.2.34-150000.4.106.1
php7-sqlite-debuginfo-7.2.34-150000.4.106.1
php7-sysvmsg-7.2.34-150000.4.106.1
php7-sysvmsg-debuginfo-7.2.34-150000.4.106.1
php7-sysvsem-7.2.34-150000.4.106.1
php7-sysvsem-debuginfo-7.2.34-150000.4.106.1
php7-sysvshm-7.2.34-150000.4.106.1
php7-sysvshm-debuginfo-7.2.34-150000.4.106.1
php7-tidy-7.2.34-150000.4.106.1
php7-tidy-debuginfo-7.2.34-150000.4.106.1
php7-tokenizer-7.2.34-150000.4.106.1
php7-tokenizer-debuginfo-7.2.34-150000.4.106.1
php7-wddx-7.2.34-150000.4.106.1
php7-wddx-debuginfo-7.2.34-150000.4.106.1
php7-xmlreader-7.2.34-150000.4.106.1
php7-xmlreader-debuginfo-7.2.34-150000.4.106.1
php7-xmlrpc-7.2.34-150000.4.106.1
php7-xmlrpc-debuginfo-7.2.34-150000.4.106.1
php7-xmlwriter-7.2.34-150000.4.106.1
php7-xmlwriter-debuginfo-7.2.34-150000.4.106.1
php7-xsl-7.2.34-150000.4.106.1
php7-xsl-debuginfo-7.2.34-150000.4.106.1
php7-zip-7.2.34-150000.4.106.1
php7-zip-debuginfo-7.2.34-150000.4.106.1
php7-zlib-7.2.34-150000.4.106.1
php7-zlib-debuginfo-7.2.34-150000.4.106.1
- SUSE Linux Enterprise Server for SAP 15-SP1 (noarch):
php7-pear-7.2.34-150000.4.106.1
php7-pear-Archive_Tar-7.2.34-150000.4.106.1
- SUSE Linux Enterprise Server 15-SP1-LTSS (aarch64 ppc64le s390x x86_64):
apache2-mod_php7-7.2.34-150000.4.106.1
apache2-mod_php7-debuginfo-7.2.34-150000.4.106.1
php7-7.2.34-150000.4.106.1
php7-bcmath-7.2.34-150000.4.106.1
php7-bcmath-debuginfo-7.2.34-150000.4.106.1
php7-bz2-7.2.34-150000.4.106.1
php7-bz2-debuginfo-7.2.34-150000.4.106.1
php7-calendar-7.2.34-150000.4.106.1
php7-calendar-debuginfo-7.2.34-150000.4.106.1
php7-ctype-7.2.34-150000.4.106.1
php7-ctype-debuginfo-7.2.34-150000.4.106.1
php7-curl-7.2.34-150000.4.106.1
php7-curl-debuginfo-7.2.34-150000.4.106.1
php7-dba-7.2.34-150000.4.106.1
php7-dba-debuginfo-7.2.34-150000.4.106.1
php7-debuginfo-7.2.34-150000.4.106.1
php7-debugsource-7.2.34-150000.4.106.1
php7-devel-7.2.34-150000.4.106.1
php7-dom-7.2.34-150000.4.106.1
php7-dom-debuginfo-7.2.34-150000.4.106.1
php7-enchant-7.2.34-150000.4.106.1
php7-enchant-debuginfo-7.2.34-150000.4.106.1
php7-exif-7.2.34-150000.4.106.1
php7-exif-debuginfo-7.2.34-150000.4.106.1
php7-fastcgi-7.2.34-150000.4.106.1
php7-fastcgi-debuginfo-7.2.34-150000.4.106.1
php7-fileinfo-7.2.34-150000.4.106.1
php7-fileinfo-debuginfo-7.2.34-150000.4.106.1
php7-fpm-7.2.34-150000.4.106.1
php7-fpm-debuginfo-7.2.34-150000.4.106.1
php7-ftp-7.2.34-150000.4.106.1
php7-ftp-debuginfo-7.2.34-150000.4.106.1
php7-gd-7.2.34-150000.4.106.1
php7-gd-debuginfo-7.2.34-150000.4.106.1
php7-gettext-7.2.34-150000.4.106.1
php7-gettext-debuginfo-7.2.34-150000.4.106.1
php7-gmp-7.2.34-150000.4.106.1
php7-gmp-debuginfo-7.2.34-150000.4.106.1
php7-iconv-7.2.34-150000.4.106.1
php7-iconv-debuginfo-7.2.34-150000.4.106.1
php7-intl-7.2.34-150000.4.106.1
php7-intl-debuginfo-7.2.34-150000.4.106.1
php7-json-7.2.34-150000.4.106.1
php7-json-debuginfo-7.2.34-150000.4.106.1
php7-ldap-7.2.34-150000.4.106.1
php7-ldap-debuginfo-7.2.34-150000.4.106.1
php7-mbstring-7.2.34-150000.4.106.1
php7-mbstring-debuginfo-7.2.34-150000.4.106.1
php7-mysql-7.2.34-150000.4.106.1
php7-mysql-debuginfo-7.2.34-150000.4.106.1
php7-odbc-7.2.34-150000.4.106.1
php7-odbc-debuginfo-7.2.34-150000.4.106.1
php7-opcache-7.2.34-150000.4.106.1
php7-opcache-debuginfo-7.2.34-150000.4.106.1
php7-openssl-7.2.34-150000.4.106.1
php7-openssl-debuginfo-7.2.34-150000.4.106.1
php7-pcntl-7.2.34-150000.4.106.1
php7-pcntl-debuginfo-7.2.34-150000.4.106.1
php7-pdo-7.2.34-150000.4.106.1
php7-pdo-debuginfo-7.2.34-150000.4.106.1
php7-pgsql-7.2.34-150000.4.106.1
php7-pgsql-debuginfo-7.2.34-150000.4.106.1
php7-phar-7.2.34-150000.4.106.1
php7-phar-debuginfo-7.2.34-150000.4.106.1
php7-posix-7.2.34-150000.4.106.1
php7-posix-debuginfo-7.2.34-150000.4.106.1
php7-readline-7.2.34-150000.4.106.1
php7-readline-debuginfo-7.2.34-150000.4.106.1
php7-shmop-7.2.34-150000.4.106.1
php7-shmop-debuginfo-7.2.34-150000.4.106.1
php7-snmp-7.2.34-150000.4.106.1
php7-snmp-debuginfo-7.2.34-150000.4.106.1
php7-soap-7.2.34-150000.4.106.1
php7-soap-debuginfo-7.2.34-150000.4.106.1
php7-sockets-7.2.34-150000.4.106.1
php7-sockets-debuginfo-7.2.34-150000.4.106.1
php7-sodium-7.2.34-150000.4.106.1
php7-sodium-debuginfo-7.2.34-150000.4.106.1
php7-sqlite-7.2.34-150000.4.106.1
php7-sqlite-debuginfo-7.2.34-150000.4.106.1
php7-sysvmsg-7.2.34-150000.4.106.1
php7-sysvmsg-debuginfo-7.2.34-150000.4.106.1
php7-sysvsem-7.2.34-150000.4.106.1
php7-sysvsem-debuginfo-7.2.34-150000.4.106.1
php7-sysvshm-7.2.34-150000.4.106.1
php7-sysvshm-debuginfo-7.2.34-150000.4.106.1
php7-tidy-7.2.34-150000.4.106.1
php7-tidy-debuginfo-7.2.34-150000.4.106.1
php7-tokenizer-7.2.34-150000.4.106.1
php7-tokenizer-debuginfo-7.2.34-150000.4.106.1
php7-wddx-7.2.34-150000.4.106.1
php7-wddx-debuginfo-7.2.34-150000.4.106.1
php7-xmlreader-7.2.34-150000.4.106.1
php7-xmlreader-debuginfo-7.2.34-150000.4.106.1
php7-xmlrpc-7.2.34-150000.4.106.1
php7-xmlrpc-debuginfo-7.2.34-150000.4.106.1
php7-xmlwriter-7.2.34-150000.4.106.1
php7-xmlwriter-debuginfo-7.2.34-150000.4.106.1
php7-xsl-7.2.34-150000.4.106.1
php7-xsl-debuginfo-7.2.34-150000.4.106.1
php7-zip-7.2.34-150000.4.106.1
php7-zip-debuginfo-7.2.34-150000.4.106.1
php7-zlib-7.2.34-150000.4.106.1
php7-zlib-debuginfo-7.2.34-150000.4.106.1
- SUSE Linux Enterprise Server 15-SP1-LTSS (noarch):
php7-pear-7.2.34-150000.4.106.1
php7-pear-Archive_Tar-7.2.34-150000.4.106.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (aarch64 x86_64):
apache2-mod_php7-7.2.34-150000.4.106.1
apache2-mod_php7-debuginfo-7.2.34-150000.4.106.1
php7-7.2.34-150000.4.106.1
php7-bcmath-7.2.34-150000.4.106.1
php7-bcmath-debuginfo-7.2.34-150000.4.106.1
php7-bz2-7.2.34-150000.4.106.1
php7-bz2-debuginfo-7.2.34-150000.4.106.1
php7-calendar-7.2.34-150000.4.106.1
php7-calendar-debuginfo-7.2.34-150000.4.106.1
php7-ctype-7.2.34-150000.4.106.1
php7-ctype-debuginfo-7.2.34-150000.4.106.1
php7-curl-7.2.34-150000.4.106.1
php7-curl-debuginfo-7.2.34-150000.4.106.1
php7-dba-7.2.34-150000.4.106.1
php7-dba-debuginfo-7.2.34-150000.4.106.1
php7-debuginfo-7.2.34-150000.4.106.1
php7-debugsource-7.2.34-150000.4.106.1
php7-devel-7.2.34-150000.4.106.1
php7-dom-7.2.34-150000.4.106.1
php7-dom-debuginfo-7.2.34-150000.4.106.1
php7-enchant-7.2.34-150000.4.106.1
php7-enchant-debuginfo-7.2.34-150000.4.106.1
php7-exif-7.2.34-150000.4.106.1
php7-exif-debuginfo-7.2.34-150000.4.106.1
php7-fastcgi-7.2.34-150000.4.106.1
php7-fastcgi-debuginfo-7.2.34-150000.4.106.1
php7-fileinfo-7.2.34-150000.4.106.1
php7-fileinfo-debuginfo-7.2.34-150000.4.106.1
php7-fpm-7.2.34-150000.4.106.1
php7-fpm-debuginfo-7.2.34-150000.4.106.1
php7-ftp-7.2.34-150000.4.106.1
php7-ftp-debuginfo-7.2.34-150000.4.106.1
php7-gd-7.2.34-150000.4.106.1
php7-gd-debuginfo-7.2.34-150000.4.106.1
php7-gettext-7.2.34-150000.4.106.1
php7-gettext-debuginfo-7.2.34-150000.4.106.1
php7-gmp-7.2.34-150000.4.106.1
php7-gmp-debuginfo-7.2.34-150000.4.106.1
php7-iconv-7.2.34-150000.4.106.1
php7-iconv-debuginfo-7.2.34-150000.4.106.1
php7-intl-7.2.34-150000.4.106.1
php7-intl-debuginfo-7.2.34-150000.4.106.1
php7-json-7.2.34-150000.4.106.1
php7-json-debuginfo-7.2.34-150000.4.106.1
php7-ldap-7.2.34-150000.4.106.1
php7-ldap-debuginfo-7.2.34-150000.4.106.1
php7-mbstring-7.2.34-150000.4.106.1
php7-mbstring-debuginfo-7.2.34-150000.4.106.1
php7-mysql-7.2.34-150000.4.106.1
php7-mysql-debuginfo-7.2.34-150000.4.106.1
php7-odbc-7.2.34-150000.4.106.1
php7-odbc-debuginfo-7.2.34-150000.4.106.1
php7-opcache-7.2.34-150000.4.106.1
php7-opcache-debuginfo-7.2.34-150000.4.106.1
php7-openssl-7.2.34-150000.4.106.1
php7-openssl-debuginfo-7.2.34-150000.4.106.1
php7-pcntl-7.2.34-150000.4.106.1
php7-pcntl-debuginfo-7.2.34-150000.4.106.1
php7-pdo-7.2.34-150000.4.106.1
php7-pdo-debuginfo-7.2.34-150000.4.106.1
php7-pgsql-7.2.34-150000.4.106.1
php7-pgsql-debuginfo-7.2.34-150000.4.106.1
php7-phar-7.2.34-150000.4.106.1
php7-phar-debuginfo-7.2.34-150000.4.106.1
php7-posix-7.2.34-150000.4.106.1
php7-posix-debuginfo-7.2.34-150000.4.106.1
php7-readline-7.2.34-150000.4.106.1
php7-readline-debuginfo-7.2.34-150000.4.106.1
php7-shmop-7.2.34-150000.4.106.1
php7-shmop-debuginfo-7.2.34-150000.4.106.1
php7-snmp-7.2.34-150000.4.106.1
php7-snmp-debuginfo-7.2.34-150000.4.106.1
php7-soap-7.2.34-150000.4.106.1
php7-soap-debuginfo-7.2.34-150000.4.106.1
php7-sockets-7.2.34-150000.4.106.1
php7-sockets-debuginfo-7.2.34-150000.4.106.1
php7-sodium-7.2.34-150000.4.106.1
php7-sodium-debuginfo-7.2.34-150000.4.106.1
php7-sqlite-7.2.34-150000.4.106.1
php7-sqlite-debuginfo-7.2.34-150000.4.106.1
php7-sysvmsg-7.2.34-150000.4.106.1
php7-sysvmsg-debuginfo-7.2.34-150000.4.106.1
php7-sysvsem-7.2.34-150000.4.106.1
php7-sysvsem-debuginfo-7.2.34-150000.4.106.1
php7-sysvshm-7.2.34-150000.4.106.1
php7-sysvshm-debuginfo-7.2.34-150000.4.106.1
php7-tidy-7.2.34-150000.4.106.1
php7-tidy-debuginfo-7.2.34-150000.4.106.1
php7-tokenizer-7.2.34-150000.4.106.1
php7-tokenizer-debuginfo-7.2.34-150000.4.106.1
php7-wddx-7.2.34-150000.4.106.1
php7-wddx-debuginfo-7.2.34-150000.4.106.1
php7-xmlreader-7.2.34-150000.4.106.1
php7-xmlreader-debuginfo-7.2.34-150000.4.106.1
php7-xmlrpc-7.2.34-150000.4.106.1
php7-xmlrpc-debuginfo-7.2.34-150000.4.106.1
php7-xmlwriter-7.2.34-150000.4.106.1
php7-xmlwriter-debuginfo-7.2.34-150000.4.106.1
php7-xsl-7.2.34-150000.4.106.1
php7-xsl-debuginfo-7.2.34-150000.4.106.1
php7-zip-7.2.34-150000.4.106.1
php7-zip-debuginfo-7.2.34-150000.4.106.1
php7-zlib-7.2.34-150000.4.106.1
php7-zlib-debuginfo-7.2.34-150000.4.106.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (noarch):
php7-pear-7.2.34-150000.4.106.1
php7-pear-Archive_Tar-7.2.34-150000.4.106.1
- SUSE Enterprise Storage 6 (aarch64 x86_64):
apache2-mod_php7-7.2.34-150000.4.106.1
apache2-mod_php7-debuginfo-7.2.34-150000.4.106.1
php7-7.2.34-150000.4.106.1
php7-bcmath-7.2.34-150000.4.106.1
php7-bcmath-debuginfo-7.2.34-150000.4.106.1
php7-bz2-7.2.34-150000.4.106.1
php7-bz2-debuginfo-7.2.34-150000.4.106.1
php7-calendar-7.2.34-150000.4.106.1
php7-calendar-debuginfo-7.2.34-150000.4.106.1
php7-ctype-7.2.34-150000.4.106.1
php7-ctype-debuginfo-7.2.34-150000.4.106.1
php7-curl-7.2.34-150000.4.106.1
php7-curl-debuginfo-7.2.34-150000.4.106.1
php7-dba-7.2.34-150000.4.106.1
php7-dba-debuginfo-7.2.34-150000.4.106.1
php7-debuginfo-7.2.34-150000.4.106.1
php7-debugsource-7.2.34-150000.4.106.1
php7-devel-7.2.34-150000.4.106.1
php7-dom-7.2.34-150000.4.106.1
php7-dom-debuginfo-7.2.34-150000.4.106.1
php7-enchant-7.2.34-150000.4.106.1
php7-enchant-debuginfo-7.2.34-150000.4.106.1
php7-exif-7.2.34-150000.4.106.1
php7-exif-debuginfo-7.2.34-150000.4.106.1
php7-fastcgi-7.2.34-150000.4.106.1
php7-fastcgi-debuginfo-7.2.34-150000.4.106.1
php7-fileinfo-7.2.34-150000.4.106.1
php7-fileinfo-debuginfo-7.2.34-150000.4.106.1
php7-fpm-7.2.34-150000.4.106.1
php7-fpm-debuginfo-7.2.34-150000.4.106.1
php7-ftp-7.2.34-150000.4.106.1
php7-ftp-debuginfo-7.2.34-150000.4.106.1
php7-gd-7.2.34-150000.4.106.1
php7-gd-debuginfo-7.2.34-150000.4.106.1
php7-gettext-7.2.34-150000.4.106.1
php7-gettext-debuginfo-7.2.34-150000.4.106.1
php7-gmp-7.2.34-150000.4.106.1
php7-gmp-debuginfo-7.2.34-150000.4.106.1
php7-iconv-7.2.34-150000.4.106.1
php7-iconv-debuginfo-7.2.34-150000.4.106.1
php7-intl-7.2.34-150000.4.106.1
php7-intl-debuginfo-7.2.34-150000.4.106.1
php7-json-7.2.34-150000.4.106.1
php7-json-debuginfo-7.2.34-150000.4.106.1
php7-ldap-7.2.34-150000.4.106.1
php7-ldap-debuginfo-7.2.34-150000.4.106.1
php7-mbstring-7.2.34-150000.4.106.1
php7-mbstring-debuginfo-7.2.34-150000.4.106.1
php7-mysql-7.2.34-150000.4.106.1
php7-mysql-debuginfo-7.2.34-150000.4.106.1
php7-odbc-7.2.34-150000.4.106.1
php7-odbc-debuginfo-7.2.34-150000.4.106.1
php7-opcache-7.2.34-150000.4.106.1
php7-opcache-debuginfo-7.2.34-150000.4.106.1
php7-openssl-7.2.34-150000.4.106.1
php7-openssl-debuginfo-7.2.34-150000.4.106.1
php7-pcntl-7.2.34-150000.4.106.1
php7-pcntl-debuginfo-7.2.34-150000.4.106.1
php7-pdo-7.2.34-150000.4.106.1
php7-pdo-debuginfo-7.2.34-150000.4.106.1
php7-pgsql-7.2.34-150000.4.106.1
php7-pgsql-debuginfo-7.2.34-150000.4.106.1
php7-phar-7.2.34-150000.4.106.1
php7-phar-debuginfo-7.2.34-150000.4.106.1
php7-posix-7.2.34-150000.4.106.1
php7-posix-debuginfo-7.2.34-150000.4.106.1
php7-readline-7.2.34-150000.4.106.1
php7-readline-debuginfo-7.2.34-150000.4.106.1
php7-shmop-7.2.34-150000.4.106.1
php7-shmop-debuginfo-7.2.34-150000.4.106.1
php7-snmp-7.2.34-150000.4.106.1
php7-snmp-debuginfo-7.2.34-150000.4.106.1
php7-soap-7.2.34-150000.4.106.1
php7-soap-debuginfo-7.2.34-150000.4.106.1
php7-sockets-7.2.34-150000.4.106.1
php7-sockets-debuginfo-7.2.34-150000.4.106.1
php7-sodium-7.2.34-150000.4.106.1
php7-sodium-debuginfo-7.2.34-150000.4.106.1
php7-sqlite-7.2.34-150000.4.106.1
php7-sqlite-debuginfo-7.2.34-150000.4.106.1
php7-sysvmsg-7.2.34-150000.4.106.1
php7-sysvmsg-debuginfo-7.2.34-150000.4.106.1
php7-sysvsem-7.2.34-150000.4.106.1
php7-sysvsem-debuginfo-7.2.34-150000.4.106.1
php7-sysvshm-7.2.34-150000.4.106.1
php7-sysvshm-debuginfo-7.2.34-150000.4.106.1
php7-tidy-7.2.34-150000.4.106.1
php7-tidy-debuginfo-7.2.34-150000.4.106.1
php7-tokenizer-7.2.34-150000.4.106.1
php7-tokenizer-debuginfo-7.2.34-150000.4.106.1
php7-wddx-7.2.34-150000.4.106.1
php7-wddx-debuginfo-7.2.34-150000.4.106.1
php7-xmlreader-7.2.34-150000.4.106.1
php7-xmlreader-debuginfo-7.2.34-150000.4.106.1
php7-xmlrpc-7.2.34-150000.4.106.1
php7-xmlrpc-debuginfo-7.2.34-150000.4.106.1
php7-xmlwriter-7.2.34-150000.4.106.1
php7-xmlwriter-debuginfo-7.2.34-150000.4.106.1
php7-xsl-7.2.34-150000.4.106.1
php7-xsl-debuginfo-7.2.34-150000.4.106.1
php7-zip-7.2.34-150000.4.106.1
php7-zip-debuginfo-7.2.34-150000.4.106.1
php7-zlib-7.2.34-150000.4.106.1
php7-zlib-debuginfo-7.2.34-150000.4.106.1
- SUSE Enterprise Storage 6 (noarch):
php7-pear-7.2.34-150000.4.106.1
php7-pear-Archive_Tar-7.2.34-150000.4.106.1
- SUSE CaaS Platform 4.0 (x86_64):
apache2-mod_php7-7.2.34-150000.4.106.1
apache2-mod_php7-debuginfo-7.2.34-150000.4.106.1
php7-7.2.34-150000.4.106.1
php7-bcmath-7.2.34-150000.4.106.1
php7-bcmath-debuginfo-7.2.34-150000.4.106.1
php7-bz2-7.2.34-150000.4.106.1
php7-bz2-debuginfo-7.2.34-150000.4.106.1
php7-calendar-7.2.34-150000.4.106.1
php7-calendar-debuginfo-7.2.34-150000.4.106.1
php7-ctype-7.2.34-150000.4.106.1
php7-ctype-debuginfo-7.2.34-150000.4.106.1
php7-curl-7.2.34-150000.4.106.1
php7-curl-debuginfo-7.2.34-150000.4.106.1
php7-dba-7.2.34-150000.4.106.1
php7-dba-debuginfo-7.2.34-150000.4.106.1
php7-debuginfo-7.2.34-150000.4.106.1
php7-debugsource-7.2.34-150000.4.106.1
php7-devel-7.2.34-150000.4.106.1
php7-dom-7.2.34-150000.4.106.1
php7-dom-debuginfo-7.2.34-150000.4.106.1
php7-enchant-7.2.34-150000.4.106.1
php7-enchant-debuginfo-7.2.34-150000.4.106.1
php7-exif-7.2.34-150000.4.106.1
php7-exif-debuginfo-7.2.34-150000.4.106.1
php7-fastcgi-7.2.34-150000.4.106.1
php7-fastcgi-debuginfo-7.2.34-150000.4.106.1
php7-fileinfo-7.2.34-150000.4.106.1
php7-fileinfo-debuginfo-7.2.34-150000.4.106.1
php7-fpm-7.2.34-150000.4.106.1
php7-fpm-debuginfo-7.2.34-150000.4.106.1
php7-ftp-7.2.34-150000.4.106.1
php7-ftp-debuginfo-7.2.34-150000.4.106.1
php7-gd-7.2.34-150000.4.106.1
php7-gd-debuginfo-7.2.34-150000.4.106.1
php7-gettext-7.2.34-150000.4.106.1
php7-gettext-debuginfo-7.2.34-150000.4.106.1
php7-gmp-7.2.34-150000.4.106.1
php7-gmp-debuginfo-7.2.34-150000.4.106.1
php7-iconv-7.2.34-150000.4.106.1
php7-iconv-debuginfo-7.2.34-150000.4.106.1
php7-intl-7.2.34-150000.4.106.1
php7-intl-debuginfo-7.2.34-150000.4.106.1
php7-json-7.2.34-150000.4.106.1
php7-json-debuginfo-7.2.34-150000.4.106.1
php7-ldap-7.2.34-150000.4.106.1
php7-ldap-debuginfo-7.2.34-150000.4.106.1
php7-mbstring-7.2.34-150000.4.106.1
php7-mbstring-debuginfo-7.2.34-150000.4.106.1
php7-mysql-7.2.34-150000.4.106.1
php7-mysql-debuginfo-7.2.34-150000.4.106.1
php7-odbc-7.2.34-150000.4.106.1
php7-odbc-debuginfo-7.2.34-150000.4.106.1
php7-opcache-7.2.34-150000.4.106.1
php7-opcache-debuginfo-7.2.34-150000.4.106.1
php7-openssl-7.2.34-150000.4.106.1
php7-openssl-debuginfo-7.2.34-150000.4.106.1
php7-pcntl-7.2.34-150000.4.106.1
php7-pcntl-debuginfo-7.2.34-150000.4.106.1
php7-pdo-7.2.34-150000.4.106.1
php7-pdo-debuginfo-7.2.34-150000.4.106.1
php7-pgsql-7.2.34-150000.4.106.1
php7-pgsql-debuginfo-7.2.34-150000.4.106.1
php7-phar-7.2.34-150000.4.106.1
php7-phar-debuginfo-7.2.34-150000.4.106.1
php7-posix-7.2.34-150000.4.106.1
php7-posix-debuginfo-7.2.34-150000.4.106.1
php7-readline-7.2.34-150000.4.106.1
php7-readline-debuginfo-7.2.34-150000.4.106.1
php7-shmop-7.2.34-150000.4.106.1
php7-shmop-debuginfo-7.2.34-150000.4.106.1
php7-snmp-7.2.34-150000.4.106.1
php7-snmp-debuginfo-7.2.34-150000.4.106.1
php7-soap-7.2.34-150000.4.106.1
php7-soap-debuginfo-7.2.34-150000.4.106.1
php7-sockets-7.2.34-150000.4.106.1
php7-sockets-debuginfo-7.2.34-150000.4.106.1
php7-sodium-7.2.34-150000.4.106.1
php7-sodium-debuginfo-7.2.34-150000.4.106.1
php7-sqlite-7.2.34-150000.4.106.1
php7-sqlite-debuginfo-7.2.34-150000.4.106.1
php7-sysvmsg-7.2.34-150000.4.106.1
php7-sysvmsg-debuginfo-7.2.34-150000.4.106.1
php7-sysvsem-7.2.34-150000.4.106.1
php7-sysvsem-debuginfo-7.2.34-150000.4.106.1
php7-sysvshm-7.2.34-150000.4.106.1
php7-sysvshm-debuginfo-7.2.34-150000.4.106.1
php7-tidy-7.2.34-150000.4.106.1
php7-tidy-debuginfo-7.2.34-150000.4.106.1
php7-tokenizer-7.2.34-150000.4.106.1
php7-tokenizer-debuginfo-7.2.34-150000.4.106.1
php7-wddx-7.2.34-150000.4.106.1
php7-wddx-debuginfo-7.2.34-150000.4.106.1
php7-xmlreader-7.2.34-150000.4.106.1
php7-xmlreader-debuginfo-7.2.34-150000.4.106.1
php7-xmlrpc-7.2.34-150000.4.106.1
php7-xmlrpc-debuginfo-7.2.34-150000.4.106.1
php7-xmlwriter-7.2.34-150000.4.106.1
php7-xmlwriter-debuginfo-7.2.34-150000.4.106.1
php7-xsl-7.2.34-150000.4.106.1
php7-xsl-debuginfo-7.2.34-150000.4.106.1
php7-zip-7.2.34-150000.4.106.1
php7-zip-debuginfo-7.2.34-150000.4.106.1
php7-zlib-7.2.34-150000.4.106.1
php7-zlib-debuginfo-7.2.34-150000.4.106.1
- SUSE CaaS Platform 4.0 (noarch):
php7-pear-7.2.34-150000.4.106.1
php7-pear-Archive_Tar-7.2.34-150000.4.106.1
References:
https://www.suse.com/security/cve/CVE-2022-31631.html
https://bugzilla.suse.com/1206958
1
0
SUSE-RU-2023:0083-1: moderate: Recommended update for postgresql
by maintenance@opensuse.org 12 Jan '23
by maintenance@opensuse.org 12 Jan '23
12 Jan '23
SUSE Recommended Update: Recommended update for postgresql
______________________________________________________________________________
Announcement ID: SUSE-RU-2023:0083-1
Rating: moderate
References: #1206796
Affected Products:
SUSE Enterprise Storage 7.1
SUSE Linux Enterprise Desktop 15-SP3
SUSE Linux Enterprise High Performance Computing
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP3-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP3-LTSS
SUSE Linux Enterprise Module for Basesystem 15-SP3
SUSE Linux Enterprise Module for Legacy Software 15-SP4
SUSE Linux Enterprise Module for Server Applications 15-SP3
SUSE Linux Enterprise Realtime Extension 15-SP3
SUSE Linux Enterprise Server
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server 15-SP3-LTSS
SUSE Linux Enterprise Server for SAP 15-SP3
SUSE Linux Enterprise Server for SAP Applications
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Manager Proxy 4.2
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.2
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.2
SUSE Manager Server 4.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that has one recommended fix can now be installed.
Description:
This update for postgresql fixes the following issues:
- revert to old user creation method, as sysusers on suse linux enterprise
15 sp3 and older does not support shell specification. bsc#1206796
Patch Instructions:
To install this SUSE Recommended Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2023-83=1
- SUSE Manager Server 4.2:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.2-2023-83=1
- SUSE Manager Retail Branch Server 4.2:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.2-2023-83=1
- SUSE Manager Proxy 4.2:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.2-2023-83=1
- SUSE Linux Enterprise Server for SAP 15-SP3:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2023-83=1
- SUSE Linux Enterprise Server 15-SP3-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2023-83=1
- SUSE Linux Enterprise Realtime Extension 15-SP3:
zypper in -t patch SUSE-SLE-Product-RT-15-SP3-2023-83=1
- SUSE Linux Enterprise Module for Server Applications 15-SP3:
zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP3-2023-83=1
- SUSE Linux Enterprise Module for Legacy Software 15-SP4:
zypper in -t patch SUSE-SLE-Module-Legacy-15-SP4-2023-83=1
- SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2023-83=1
- SUSE Linux Enterprise High Performance Computing 15-SP3-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2023-83=1
- SUSE Linux Enterprise High Performance Computing 15-SP3-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-ESPOS-2023-83=1
- SUSE Enterprise Storage 7.1:
zypper in -t patch SUSE-Storage-7.1-2023-83=1
Package List:
- openSUSE Leap 15.4 (noarch):
postgresql-llvmjit-devel-15-150300.10.15.1
- SUSE Manager Server 4.2 (noarch):
postgresql-15-150300.10.15.1
postgresql-contrib-15-150300.10.15.1
postgresql-devel-15-150300.10.15.1
postgresql-docs-15-150300.10.15.1
postgresql-plperl-15-150300.10.15.1
postgresql-plpython-15-150300.10.15.1
postgresql-pltcl-15-150300.10.15.1
postgresql-server-15-150300.10.15.1
postgresql-server-devel-15-150300.10.15.1
- SUSE Manager Retail Branch Server 4.2 (noarch):
postgresql-15-150300.10.15.1
postgresql-contrib-15-150300.10.15.1
postgresql-devel-15-150300.10.15.1
postgresql-docs-15-150300.10.15.1
postgresql-plperl-15-150300.10.15.1
postgresql-plpython-15-150300.10.15.1
postgresql-pltcl-15-150300.10.15.1
postgresql-server-15-150300.10.15.1
postgresql-server-devel-15-150300.10.15.1
- SUSE Manager Proxy 4.2 (noarch):
postgresql-15-150300.10.15.1
postgresql-contrib-15-150300.10.15.1
postgresql-devel-15-150300.10.15.1
postgresql-docs-15-150300.10.15.1
postgresql-plperl-15-150300.10.15.1
postgresql-plpython-15-150300.10.15.1
postgresql-pltcl-15-150300.10.15.1
postgresql-server-15-150300.10.15.1
postgresql-server-devel-15-150300.10.15.1
- SUSE Linux Enterprise Server for SAP 15-SP3 (noarch):
postgresql-15-150300.10.15.1
postgresql-contrib-15-150300.10.15.1
postgresql-devel-15-150300.10.15.1
postgresql-docs-15-150300.10.15.1
postgresql-plperl-15-150300.10.15.1
postgresql-plpython-15-150300.10.15.1
postgresql-pltcl-15-150300.10.15.1
postgresql-server-15-150300.10.15.1
postgresql-server-devel-15-150300.10.15.1
- SUSE Linux Enterprise Server 15-SP3-LTSS (noarch):
postgresql-15-150300.10.15.1
postgresql-contrib-15-150300.10.15.1
postgresql-devel-15-150300.10.15.1
postgresql-docs-15-150300.10.15.1
postgresql-plperl-15-150300.10.15.1
postgresql-plpython-15-150300.10.15.1
postgresql-pltcl-15-150300.10.15.1
postgresql-server-15-150300.10.15.1
postgresql-server-devel-15-150300.10.15.1
- SUSE Linux Enterprise Realtime Extension 15-SP3 (noarch):
postgresql-15-150300.10.15.1
postgresql-contrib-15-150300.10.15.1
postgresql-devel-15-150300.10.15.1
postgresql-docs-15-150300.10.15.1
postgresql-plperl-15-150300.10.15.1
postgresql-plpython-15-150300.10.15.1
postgresql-pltcl-15-150300.10.15.1
postgresql-server-15-150300.10.15.1
postgresql-server-devel-15-150300.10.15.1
- SUSE Linux Enterprise Module for Server Applications 15-SP3 (noarch):
postgresql-contrib-15-150300.10.15.1
postgresql-devel-15-150300.10.15.1
postgresql-docs-15-150300.10.15.1
postgresql-plperl-15-150300.10.15.1
postgresql-plpython-15-150300.10.15.1
postgresql-pltcl-15-150300.10.15.1
postgresql-server-15-150300.10.15.1
postgresql-server-devel-15-150300.10.15.1
- SUSE Linux Enterprise Module for Legacy Software 15-SP4 (noarch):
postgresql-llvmjit-devel-15-150300.10.15.1
- SUSE Linux Enterprise Module for Basesystem 15-SP3 (noarch):
postgresql-15-150300.10.15.1
- SUSE Linux Enterprise High Performance Computing 15-SP3-LTSS (noarch):
postgresql-15-150300.10.15.1
postgresql-contrib-15-150300.10.15.1
postgresql-devel-15-150300.10.15.1
postgresql-docs-15-150300.10.15.1
postgresql-plperl-15-150300.10.15.1
postgresql-plpython-15-150300.10.15.1
postgresql-pltcl-15-150300.10.15.1
postgresql-server-15-150300.10.15.1
postgresql-server-devel-15-150300.10.15.1
- SUSE Linux Enterprise High Performance Computing 15-SP3-ESPOS (noarch):
postgresql-15-150300.10.15.1
postgresql-contrib-15-150300.10.15.1
postgresql-devel-15-150300.10.15.1
postgresql-docs-15-150300.10.15.1
postgresql-plperl-15-150300.10.15.1
postgresql-plpython-15-150300.10.15.1
postgresql-pltcl-15-150300.10.15.1
postgresql-server-15-150300.10.15.1
postgresql-server-devel-15-150300.10.15.1
- SUSE Enterprise Storage 7.1 (noarch):
postgresql-15-150300.10.15.1
postgresql-contrib-15-150300.10.15.1
postgresql-devel-15-150300.10.15.1
postgresql-docs-15-150300.10.15.1
postgresql-plperl-15-150300.10.15.1
postgresql-plpython-15-150300.10.15.1
postgresql-pltcl-15-150300.10.15.1
postgresql-server-15-150300.10.15.1
postgresql-server-devel-15-150300.10.15.1
References:
https://bugzilla.suse.com/1206796
1
0
SUSE-RU-2023:0082-1: moderate: Recommended update for scap-security-guide
by maintenance@opensuse.org 12 Jan '23
by maintenance@opensuse.org 12 Jan '23
12 Jan '23
SUSE Recommended Update: Recommended update for scap-security-guide
______________________________________________________________________________
Announcement ID: SUSE-RU-2023:0082-1
Rating: moderate
References: #1203602 ECO-3319
Affected Products:
SUSE CaaS Platform 4.0
SUSE Enterprise Storage 6
SUSE Enterprise Storage 7
SUSE Enterprise Storage 7.1
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP3-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP3-LTSS
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Realtime Extension 15-SP3
SUSE Linux Enterprise Server 15-SP1-BCL
SUSE Linux Enterprise Server 15-SP1-LTSS
SUSE Linux Enterprise Server 15-SP2-BCL
SUSE Linux Enterprise Server 15-SP2-LTSS
SUSE Linux Enterprise Server 15-SP3-BCL
SUSE Linux Enterprise Server 15-SP3-LTSS
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP 15-SP1
SUSE Linux Enterprise Server for SAP 15-SP2
SUSE Linux Enterprise Server for SAP 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.1
SUSE Manager Retail Branch Server 4.2
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.1
SUSE Manager Server 4.2
SUSE Manager Server 4.3
SUSE Manager Tools for SLE Micro 5
openSUSE Leap 15.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that has one recommended fix and contains one
feature can now be installed.
Description:
This update for scap-security-guide fixes the following issues:
scap-security-guide was updated to 0.1.65 (jsc#ECO-3319)
- Introduce cui profile for OL9
- Remove Support for OVAL 5.10
- Rename account_passwords_pam_faillock_audit
- CI ansible hardening and rename of existing Bash hardening
- Update contributors list for v0.1.65 release
- various SUSE profile specific fixes
- require sudo, as remediations touch sudo config or use sudo.
(bsc#1203602)
Patch Instructions:
To install this SUSE Recommended Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2023-82=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2023-82=1
- SUSE Manager Tools for SLE Micro 5:
zypper in -t patch SUSE-SLE-Manager-Tools-For-Micro-5-2023-82=1
- SUSE Manager Server 4.2:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.2-2023-82=1
- SUSE Manager Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2023-82=1
- SUSE Manager Retail Branch Server 4.2:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.2-2023-82=1
- SUSE Manager Retail Branch Server 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2023-82=1
- SUSE Manager Proxy 4.2:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.2-2023-82=1
- SUSE Manager Proxy 4.1:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2023-82=1
- SUSE Linux Enterprise Server for SAP 15-SP3:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2023-82=1
- SUSE Linux Enterprise Server for SAP 15-SP2:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2023-82=1
- SUSE Linux Enterprise Server for SAP 15-SP1:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2023-82=1
- SUSE Linux Enterprise Server 15-SP3-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2023-82=1
- SUSE Linux Enterprise Server 15-SP3-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-BCL-2023-82=1
- SUSE Linux Enterprise Server 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2023-82=1
- SUSE Linux Enterprise Server 15-SP2-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2023-82=1
- SUSE Linux Enterprise Server 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2023-82=1
- SUSE Linux Enterprise Server 15-SP1-BCL:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-BCL-2023-82=1
- SUSE Linux Enterprise Realtime Extension 15-SP3:
zypper in -t patch SUSE-SLE-Product-RT-15-SP3-2023-82=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2023-82=1
- SUSE Linux Enterprise High Performance Computing 15-SP3-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2023-82=1
- SUSE Linux Enterprise High Performance Computing 15-SP3-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-ESPOS-2023-82=1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2023-82=1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-LTSS-2023-82=1
- SUSE Enterprise Storage 7.1:
zypper in -t patch SUSE-Storage-7.1-2023-82=1
- SUSE Enterprise Storage 7:
zypper in -t patch SUSE-Storage-7-2023-82=1
- SUSE Enterprise Storage 6:
zypper in -t patch SUSE-Storage-6-2023-82=1
- SUSE CaaS Platform 4.0:
To install this update, use the SUSE CaaS Platform 'skuba' tool. It
will inform you if it detects new updates and let you then trigger
updating of the complete cluster in a controlled way.
Package List:
- openSUSE Leap 15.4 (noarch):
scap-security-guide-0.1.65-150000.1.53.1
scap-security-guide-debian-0.1.65-150000.1.53.1
scap-security-guide-redhat-0.1.65-150000.1.53.1
scap-security-guide-ubuntu-0.1.65-150000.1.53.1
- openSUSE Leap 15.3 (noarch):
scap-security-guide-0.1.65-150000.1.53.1
scap-security-guide-debian-0.1.65-150000.1.53.1
scap-security-guide-redhat-0.1.65-150000.1.53.1
scap-security-guide-ubuntu-0.1.65-150000.1.53.1
- SUSE Manager Tools for SLE Micro 5 (noarch):
scap-security-guide-0.1.65-150000.1.53.1
- SUSE Manager Server 4.2 (noarch):
scap-security-guide-0.1.65-150000.1.53.1
scap-security-guide-debian-0.1.65-150000.1.53.1
scap-security-guide-redhat-0.1.65-150000.1.53.1
scap-security-guide-ubuntu-0.1.65-150000.1.53.1
- SUSE Manager Server 4.1 (noarch):
scap-security-guide-0.1.65-150000.1.53.1
scap-security-guide-debian-0.1.65-150000.1.53.1
scap-security-guide-redhat-0.1.65-150000.1.53.1
scap-security-guide-ubuntu-0.1.65-150000.1.53.1
- SUSE Manager Retail Branch Server 4.2 (noarch):
scap-security-guide-0.1.65-150000.1.53.1
scap-security-guide-debian-0.1.65-150000.1.53.1
scap-security-guide-redhat-0.1.65-150000.1.53.1
scap-security-guide-ubuntu-0.1.65-150000.1.53.1
- SUSE Manager Retail Branch Server 4.1 (noarch):
scap-security-guide-0.1.65-150000.1.53.1
scap-security-guide-debian-0.1.65-150000.1.53.1
scap-security-guide-redhat-0.1.65-150000.1.53.1
scap-security-guide-ubuntu-0.1.65-150000.1.53.1
- SUSE Manager Proxy 4.2 (noarch):
scap-security-guide-0.1.65-150000.1.53.1
scap-security-guide-debian-0.1.65-150000.1.53.1
scap-security-guide-redhat-0.1.65-150000.1.53.1
scap-security-guide-ubuntu-0.1.65-150000.1.53.1
- SUSE Manager Proxy 4.1 (noarch):
scap-security-guide-0.1.65-150000.1.53.1
scap-security-guide-debian-0.1.65-150000.1.53.1
scap-security-guide-redhat-0.1.65-150000.1.53.1
scap-security-guide-ubuntu-0.1.65-150000.1.53.1
- SUSE Linux Enterprise Server for SAP 15-SP3 (noarch):
scap-security-guide-0.1.65-150000.1.53.1
scap-security-guide-debian-0.1.65-150000.1.53.1
scap-security-guide-redhat-0.1.65-150000.1.53.1
scap-security-guide-ubuntu-0.1.65-150000.1.53.1
- SUSE Linux Enterprise Server for SAP 15-SP2 (noarch):
scap-security-guide-0.1.65-150000.1.53.1
scap-security-guide-debian-0.1.65-150000.1.53.1
scap-security-guide-redhat-0.1.65-150000.1.53.1
scap-security-guide-ubuntu-0.1.65-150000.1.53.1
- SUSE Linux Enterprise Server for SAP 15-SP1 (noarch):
scap-security-guide-0.1.65-150000.1.53.1
scap-security-guide-debian-0.1.65-150000.1.53.1
scap-security-guide-redhat-0.1.65-150000.1.53.1
scap-security-guide-ubuntu-0.1.65-150000.1.53.1
- SUSE Linux Enterprise Server 15-SP3-LTSS (noarch):
scap-security-guide-0.1.65-150000.1.53.1
scap-security-guide-debian-0.1.65-150000.1.53.1
scap-security-guide-redhat-0.1.65-150000.1.53.1
scap-security-guide-ubuntu-0.1.65-150000.1.53.1
- SUSE Linux Enterprise Server 15-SP3-BCL (noarch):
scap-security-guide-0.1.65-150000.1.53.1
scap-security-guide-debian-0.1.65-150000.1.53.1
scap-security-guide-redhat-0.1.65-150000.1.53.1
scap-security-guide-ubuntu-0.1.65-150000.1.53.1
- SUSE Linux Enterprise Server 15-SP2-LTSS (noarch):
scap-security-guide-0.1.65-150000.1.53.1
scap-security-guide-debian-0.1.65-150000.1.53.1
scap-security-guide-redhat-0.1.65-150000.1.53.1
scap-security-guide-ubuntu-0.1.65-150000.1.53.1
- SUSE Linux Enterprise Server 15-SP2-BCL (noarch):
scap-security-guide-0.1.65-150000.1.53.1
scap-security-guide-debian-0.1.65-150000.1.53.1
scap-security-guide-redhat-0.1.65-150000.1.53.1
scap-security-guide-ubuntu-0.1.65-150000.1.53.1
- SUSE Linux Enterprise Server 15-SP1-LTSS (noarch):
scap-security-guide-0.1.65-150000.1.53.1
scap-security-guide-debian-0.1.65-150000.1.53.1
scap-security-guide-redhat-0.1.65-150000.1.53.1
scap-security-guide-ubuntu-0.1.65-150000.1.53.1
- SUSE Linux Enterprise Server 15-SP1-BCL (noarch):
scap-security-guide-0.1.65-150000.1.53.1
scap-security-guide-debian-0.1.65-150000.1.53.1
scap-security-guide-redhat-0.1.65-150000.1.53.1
scap-security-guide-ubuntu-0.1.65-150000.1.53.1
- SUSE Linux Enterprise Realtime Extension 15-SP3 (noarch):
scap-security-guide-0.1.65-150000.1.53.1
scap-security-guide-debian-0.1.65-150000.1.53.1
scap-security-guide-redhat-0.1.65-150000.1.53.1
scap-security-guide-ubuntu-0.1.65-150000.1.53.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (noarch):
scap-security-guide-0.1.65-150000.1.53.1
scap-security-guide-debian-0.1.65-150000.1.53.1
scap-security-guide-redhat-0.1.65-150000.1.53.1
scap-security-guide-ubuntu-0.1.65-150000.1.53.1
- SUSE Linux Enterprise High Performance Computing 15-SP3-LTSS (noarch):
scap-security-guide-0.1.65-150000.1.53.1
scap-security-guide-debian-0.1.65-150000.1.53.1
scap-security-guide-redhat-0.1.65-150000.1.53.1
scap-security-guide-ubuntu-0.1.65-150000.1.53.1
- SUSE Linux Enterprise High Performance Computing 15-SP3-ESPOS (noarch):
scap-security-guide-0.1.65-150000.1.53.1
scap-security-guide-debian-0.1.65-150000.1.53.1
scap-security-guide-redhat-0.1.65-150000.1.53.1
scap-security-guide-ubuntu-0.1.65-150000.1.53.1
- SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (noarch):
scap-security-guide-0.1.65-150000.1.53.1
scap-security-guide-debian-0.1.65-150000.1.53.1
scap-security-guide-redhat-0.1.65-150000.1.53.1
scap-security-guide-ubuntu-0.1.65-150000.1.53.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (noarch):
scap-security-guide-0.1.65-150000.1.53.1
scap-security-guide-debian-0.1.65-150000.1.53.1
scap-security-guide-redhat-0.1.65-150000.1.53.1
scap-security-guide-ubuntu-0.1.65-150000.1.53.1
- SUSE Enterprise Storage 7.1 (noarch):
scap-security-guide-0.1.65-150000.1.53.1
scap-security-guide-debian-0.1.65-150000.1.53.1
scap-security-guide-redhat-0.1.65-150000.1.53.1
scap-security-guide-ubuntu-0.1.65-150000.1.53.1
- SUSE Enterprise Storage 7 (noarch):
scap-security-guide-0.1.65-150000.1.53.1
scap-security-guide-debian-0.1.65-150000.1.53.1
scap-security-guide-redhat-0.1.65-150000.1.53.1
scap-security-guide-ubuntu-0.1.65-150000.1.53.1
- SUSE Enterprise Storage 6 (noarch):
scap-security-guide-0.1.65-150000.1.53.1
scap-security-guide-debian-0.1.65-150000.1.53.1
scap-security-guide-redhat-0.1.65-150000.1.53.1
scap-security-guide-ubuntu-0.1.65-150000.1.53.1
- SUSE CaaS Platform 4.0 (noarch):
scap-security-guide-0.1.65-150000.1.53.1
scap-security-guide-debian-0.1.65-150000.1.53.1
scap-security-guide-redhat-0.1.65-150000.1.53.1
scap-security-guide-ubuntu-0.1.65-150000.1.53.1
References:
https://bugzilla.suse.com/1203602
1
0
SUSE-SU-2023:0075-1: moderate: Security update for net-snmp
by opensuse-security@opensuse.org 12 Jan '23
by opensuse-security@opensuse.org 12 Jan '23
12 Jan '23
SUSE Security Update: Security update for net-snmp
______________________________________________________________________________
Announcement ID: SUSE-SU-2023:0075-1
Rating: moderate
References: #1205148 #1205150 #1206044 #1206828
Cross-References: CVE-2022-44792 CVE-2022-44793
CVSS scores:
CVE-2022-44792 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2022-44792 (SUSE): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-44793 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2022-44793 (SUSE): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Affected Products:
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Micro 5.3
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4
SUSE Linux Enterprise Realtime Extension 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.3
openSUSE Leap 15.4
openSUSE Leap Micro 5.3
______________________________________________________________________________
An update that solves two vulnerabilities and has two fixes
is now available.
Description:
This update for net-snmp fixes the following issues:
- CVE-2022-44793: Fixed a NULL pointer dereference issue that could allow
a remote attacker with write access to crash the server instance
(bsc#1205148).
- CVE-2022-44792: Fixed a NULL pointer dereference issue that could allow
a remote attacker with write access to crash the server instance
(bsc#1205150).
Other fixes:
- Enabled AES-192 and AES-256 privacy protocols (bsc#1206828).
- Fixed an incorrect systemd hardening that caused home directory size and
allocation to be listed incorrectly (bsc#1206044)
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap Micro 5.3:
zypper in -t patch openSUSE-Leap-Micro-5.3-2023-75=1
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2023-75=1
- SUSE Linux Enterprise Realtime Extension 15-SP3:
zypper in -t patch SUSE-SLE-Product-RT-15-SP3-2023-75=1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4:
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP4-2023-75=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2023-75=1
- SUSE Linux Enterprise Micro 5.3:
zypper in -t patch SUSE-SLE-Micro-5.3-2023-75=1
Package List:
- openSUSE Leap Micro 5.3 (aarch64 x86_64):
libsnmp40-5.9.3-150300.15.8.1
libsnmp40-debuginfo-5.9.3-150300.15.8.1
net-snmp-debuginfo-5.9.3-150300.15.8.1
net-snmp-debugsource-5.9.3-150300.15.8.1
snmp-mibs-5.9.3-150300.15.8.1
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
libsnmp40-5.9.3-150300.15.8.1
libsnmp40-debuginfo-5.9.3-150300.15.8.1
net-snmp-5.9.3-150300.15.8.1
net-snmp-debuginfo-5.9.3-150300.15.8.1
net-snmp-debugsource-5.9.3-150300.15.8.1
net-snmp-devel-5.9.3-150300.15.8.1
perl-SNMP-5.9.3-150300.15.8.1
perl-SNMP-debuginfo-5.9.3-150300.15.8.1
python3-net-snmp-5.9.3-150300.15.8.1
python3-net-snmp-debuginfo-5.9.3-150300.15.8.1
snmp-mibs-5.9.3-150300.15.8.1
- openSUSE Leap 15.4 (x86_64):
libsnmp40-32bit-5.9.3-150300.15.8.1
libsnmp40-32bit-debuginfo-5.9.3-150300.15.8.1
net-snmp-devel-32bit-5.9.3-150300.15.8.1
- SUSE Linux Enterprise Realtime Extension 15-SP3 (x86_64):
libsnmp40-5.9.3-150300.15.8.1
libsnmp40-debuginfo-5.9.3-150300.15.8.1
net-snmp-5.9.3-150300.15.8.1
net-snmp-debuginfo-5.9.3-150300.15.8.1
net-snmp-debugsource-5.9.3-150300.15.8.1
net-snmp-devel-5.9.3-150300.15.8.1
perl-SNMP-5.9.3-150300.15.8.1
perl-SNMP-debuginfo-5.9.3-150300.15.8.1
snmp-mibs-5.9.3-150300.15.8.1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4 (x86_64):
net-snmp-debugsource-5.9.3-150300.15.8.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64 ppc64le s390x x86_64):
libsnmp40-5.9.3-150300.15.8.1
libsnmp40-debuginfo-5.9.3-150300.15.8.1
net-snmp-5.9.3-150300.15.8.1
net-snmp-debuginfo-5.9.3-150300.15.8.1
net-snmp-debugsource-5.9.3-150300.15.8.1
net-snmp-devel-5.9.3-150300.15.8.1
perl-SNMP-5.9.3-150300.15.8.1
perl-SNMP-debuginfo-5.9.3-150300.15.8.1
snmp-mibs-5.9.3-150300.15.8.1
- SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64):
libsnmp40-5.9.3-150300.15.8.1
libsnmp40-debuginfo-5.9.3-150300.15.8.1
net-snmp-debuginfo-5.9.3-150300.15.8.1
net-snmp-debugsource-5.9.3-150300.15.8.1
snmp-mibs-5.9.3-150300.15.8.1
References:
https://www.suse.com/security/cve/CVE-2022-44792.html
https://www.suse.com/security/cve/CVE-2022-44793.html
https://bugzilla.suse.com/1205148
https://bugzilla.suse.com/1205150
https://bugzilla.suse.com/1206044
https://bugzilla.suse.com/1206828
1
0
SUSE-SU-2023:0079-1: moderate: Security update for python-future
by opensuse-security@opensuse.org 12 Jan '23
by opensuse-security@opensuse.org 12 Jan '23
12 Jan '23
SUSE Security Update: Security update for python-future
______________________________________________________________________________
Announcement ID: SUSE-SU-2023:0079-1
Rating: moderate
References: #1206673
Cross-References: CVE-2022-40899
CVSS scores:
CVE-2022-40899 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-40899 (SUSE): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Affected Products:
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Micro 5.1
SUSE Linux Enterprise Micro 5.2
SUSE Linux Enterprise Micro 5.3
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Realtime Extension 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.3
openSUSE Leap 15.4
openSUSE Leap Micro 5.2
openSUSE Leap Micro 5.3
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for python-future fixes the following issues:
- CVE-2022-40899: Fixed an issue that could allow attackers to cause an
excessive CPU usage via a crafted Set-Cookie header (bsc#1206673).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap Micro 5.3:
zypper in -t patch openSUSE-Leap-Micro-5.3-2023-79=1
- openSUSE Leap Micro 5.2:
zypper in -t patch openSUSE-Leap-Micro-5.2-2023-79=1
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2023-79=1
- SUSE Linux Enterprise Realtime Extension 15-SP3:
zypper in -t patch SUSE-SLE-Product-RT-15-SP3-2023-79=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2023-79=1
- SUSE Linux Enterprise Micro 5.3:
zypper in -t patch SUSE-SLE-Micro-5.3-2023-79=1
- SUSE Linux Enterprise Micro 5.2:
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2023-79=1
- SUSE Linux Enterprise Micro 5.1:
zypper in -t patch SUSE-SUSE-MicroOS-5.1-2023-79=1
Package List:
- openSUSE Leap Micro 5.3 (noarch):
python3-future-0.18.2-150300.3.3.1
- openSUSE Leap Micro 5.2 (noarch):
python3-future-0.18.2-150300.3.3.1
- openSUSE Leap 15.4 (noarch):
python3-future-0.18.2-150300.3.3.1
- SUSE Linux Enterprise Realtime Extension 15-SP3 (noarch):
python3-future-0.18.2-150300.3.3.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (noarch):
python3-future-0.18.2-150300.3.3.1
- SUSE Linux Enterprise Micro 5.3 (noarch):
python3-future-0.18.2-150300.3.3.1
- SUSE Linux Enterprise Micro 5.2 (noarch):
python3-future-0.18.2-150300.3.3.1
- SUSE Linux Enterprise Micro 5.1 (noarch):
python3-future-0.18.2-150300.3.3.1
References:
https://www.suse.com/security/cve/CVE-2022-40899.html
https://bugzilla.suse.com/1206673
1
0
SUSE-SU-2023:0073-1: important: Security update for php7
by opensuse-security@opensuse.org 11 Jan '23
by opensuse-security@opensuse.org 11 Jan '23
11 Jan '23
SUSE Security Update: Security update for php7
______________________________________________________________________________
Announcement ID: SUSE-SU-2023:0073-1
Rating: important
References: #1206958
Cross-References: CVE-2022-31631
CVSS scores:
CVE-2022-31631 (SUSE): 6.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L
Affected Products:
SUSE Linux Enterprise High Performance Computing
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Legacy Software 15-SP4
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4
SUSE Linux Enterprise Server
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for php7 fixes the following issues:
- CVE-2022-31631: Fixed an issue where PDO::quote would return an unquoted
string (bsc#1206958).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2023-73=1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4:
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP4-2023-73=1
- SUSE Linux Enterprise Module for Legacy Software 15-SP4:
zypper in -t patch SUSE-SLE-Module-Legacy-15-SP4-2023-73=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
apache2-mod_php7-7.4.33-150400.4.16.1
apache2-mod_php7-debuginfo-7.4.33-150400.4.16.1
apache2-mod_php7-debugsource-7.4.33-150400.4.16.1
php7-7.4.33-150400.4.16.1
php7-bcmath-7.4.33-150400.4.16.1
php7-bcmath-debuginfo-7.4.33-150400.4.16.1
php7-bz2-7.4.33-150400.4.16.1
php7-bz2-debuginfo-7.4.33-150400.4.16.1
php7-calendar-7.4.33-150400.4.16.1
php7-calendar-debuginfo-7.4.33-150400.4.16.1
php7-cli-7.4.33-150400.4.16.1
php7-cli-debuginfo-7.4.33-150400.4.16.1
php7-ctype-7.4.33-150400.4.16.1
php7-ctype-debuginfo-7.4.33-150400.4.16.1
php7-curl-7.4.33-150400.4.16.1
php7-curl-debuginfo-7.4.33-150400.4.16.1
php7-dba-7.4.33-150400.4.16.1
php7-dba-debuginfo-7.4.33-150400.4.16.1
php7-debuginfo-7.4.33-150400.4.16.1
php7-debugsource-7.4.33-150400.4.16.1
php7-devel-7.4.33-150400.4.16.1
php7-dom-7.4.33-150400.4.16.1
php7-dom-debuginfo-7.4.33-150400.4.16.1
php7-embed-7.4.33-150400.4.16.1
php7-embed-debuginfo-7.4.33-150400.4.16.1
php7-embed-debugsource-7.4.33-150400.4.16.1
php7-enchant-7.4.33-150400.4.16.1
php7-enchant-debuginfo-7.4.33-150400.4.16.1
php7-exif-7.4.33-150400.4.16.1
php7-exif-debuginfo-7.4.33-150400.4.16.1
php7-fastcgi-7.4.33-150400.4.16.1
php7-fastcgi-debuginfo-7.4.33-150400.4.16.1
php7-fastcgi-debugsource-7.4.33-150400.4.16.1
php7-fileinfo-7.4.33-150400.4.16.1
php7-fileinfo-debuginfo-7.4.33-150400.4.16.1
php7-fpm-7.4.33-150400.4.16.1
php7-fpm-debuginfo-7.4.33-150400.4.16.1
php7-fpm-debugsource-7.4.33-150400.4.16.1
php7-ftp-7.4.33-150400.4.16.1
php7-ftp-debuginfo-7.4.33-150400.4.16.1
php7-gd-7.4.33-150400.4.16.1
php7-gd-debuginfo-7.4.33-150400.4.16.1
php7-gettext-7.4.33-150400.4.16.1
php7-gettext-debuginfo-7.4.33-150400.4.16.1
php7-gmp-7.4.33-150400.4.16.1
php7-gmp-debuginfo-7.4.33-150400.4.16.1
php7-iconv-7.4.33-150400.4.16.1
php7-iconv-debuginfo-7.4.33-150400.4.16.1
php7-intl-7.4.33-150400.4.16.1
php7-intl-debuginfo-7.4.33-150400.4.16.1
php7-json-7.4.33-150400.4.16.1
php7-json-debuginfo-7.4.33-150400.4.16.1
php7-ldap-7.4.33-150400.4.16.1
php7-ldap-debuginfo-7.4.33-150400.4.16.1
php7-mbstring-7.4.33-150400.4.16.1
php7-mbstring-debuginfo-7.4.33-150400.4.16.1
php7-mysql-7.4.33-150400.4.16.1
php7-mysql-debuginfo-7.4.33-150400.4.16.1
php7-odbc-7.4.33-150400.4.16.1
php7-odbc-debuginfo-7.4.33-150400.4.16.1
php7-opcache-7.4.33-150400.4.16.1
php7-opcache-debuginfo-7.4.33-150400.4.16.1
php7-openssl-7.4.33-150400.4.16.1
php7-openssl-debuginfo-7.4.33-150400.4.16.1
php7-pcntl-7.4.33-150400.4.16.1
php7-pcntl-debuginfo-7.4.33-150400.4.16.1
php7-pdo-7.4.33-150400.4.16.1
php7-pdo-debuginfo-7.4.33-150400.4.16.1
php7-pgsql-7.4.33-150400.4.16.1
php7-pgsql-debuginfo-7.4.33-150400.4.16.1
php7-phar-7.4.33-150400.4.16.1
php7-phar-debuginfo-7.4.33-150400.4.16.1
php7-posix-7.4.33-150400.4.16.1
php7-posix-debuginfo-7.4.33-150400.4.16.1
php7-readline-7.4.33-150400.4.16.1
php7-readline-debuginfo-7.4.33-150400.4.16.1
php7-shmop-7.4.33-150400.4.16.1
php7-shmop-debuginfo-7.4.33-150400.4.16.1
php7-snmp-7.4.33-150400.4.16.1
php7-snmp-debuginfo-7.4.33-150400.4.16.1
php7-soap-7.4.33-150400.4.16.1
php7-soap-debuginfo-7.4.33-150400.4.16.1
php7-sockets-7.4.33-150400.4.16.1
php7-sockets-debuginfo-7.4.33-150400.4.16.1
php7-sodium-7.4.33-150400.4.16.1
php7-sodium-debuginfo-7.4.33-150400.4.16.1
php7-sqlite-7.4.33-150400.4.16.1
php7-sqlite-debuginfo-7.4.33-150400.4.16.1
php7-sysvmsg-7.4.33-150400.4.16.1
php7-sysvmsg-debuginfo-7.4.33-150400.4.16.1
php7-sysvsem-7.4.33-150400.4.16.1
php7-sysvsem-debuginfo-7.4.33-150400.4.16.1
php7-sysvshm-7.4.33-150400.4.16.1
php7-sysvshm-debuginfo-7.4.33-150400.4.16.1
php7-test-7.4.33-150400.4.16.1
php7-tidy-7.4.33-150400.4.16.1
php7-tidy-debuginfo-7.4.33-150400.4.16.1
php7-tokenizer-7.4.33-150400.4.16.1
php7-tokenizer-debuginfo-7.4.33-150400.4.16.1
php7-xmlreader-7.4.33-150400.4.16.1
php7-xmlreader-debuginfo-7.4.33-150400.4.16.1
php7-xmlrpc-7.4.33-150400.4.16.1
php7-xmlrpc-debuginfo-7.4.33-150400.4.16.1
php7-xmlwriter-7.4.33-150400.4.16.1
php7-xmlwriter-debuginfo-7.4.33-150400.4.16.1
php7-xsl-7.4.33-150400.4.16.1
php7-xsl-debuginfo-7.4.33-150400.4.16.1
php7-zip-7.4.33-150400.4.16.1
php7-zip-debuginfo-7.4.33-150400.4.16.1
php7-zlib-7.4.33-150400.4.16.1
php7-zlib-debuginfo-7.4.33-150400.4.16.1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4 (aarch64 ppc64le s390x x86_64):
php7-embed-7.4.33-150400.4.16.1
php7-embed-debuginfo-7.4.33-150400.4.16.1
php7-embed-debugsource-7.4.33-150400.4.16.1
- SUSE Linux Enterprise Module for Legacy Software 15-SP4 (aarch64 ppc64le s390x x86_64):
apache2-mod_php7-7.4.33-150400.4.16.1
apache2-mod_php7-debuginfo-7.4.33-150400.4.16.1
apache2-mod_php7-debugsource-7.4.33-150400.4.16.1
php7-7.4.33-150400.4.16.1
php7-bcmath-7.4.33-150400.4.16.1
php7-bcmath-debuginfo-7.4.33-150400.4.16.1
php7-bz2-7.4.33-150400.4.16.1
php7-bz2-debuginfo-7.4.33-150400.4.16.1
php7-calendar-7.4.33-150400.4.16.1
php7-calendar-debuginfo-7.4.33-150400.4.16.1
php7-cli-7.4.33-150400.4.16.1
php7-cli-debuginfo-7.4.33-150400.4.16.1
php7-ctype-7.4.33-150400.4.16.1
php7-ctype-debuginfo-7.4.33-150400.4.16.1
php7-curl-7.4.33-150400.4.16.1
php7-curl-debuginfo-7.4.33-150400.4.16.1
php7-dba-7.4.33-150400.4.16.1
php7-dba-debuginfo-7.4.33-150400.4.16.1
php7-debuginfo-7.4.33-150400.4.16.1
php7-debugsource-7.4.33-150400.4.16.1
php7-devel-7.4.33-150400.4.16.1
php7-dom-7.4.33-150400.4.16.1
php7-dom-debuginfo-7.4.33-150400.4.16.1
php7-enchant-7.4.33-150400.4.16.1
php7-enchant-debuginfo-7.4.33-150400.4.16.1
php7-exif-7.4.33-150400.4.16.1
php7-exif-debuginfo-7.4.33-150400.4.16.1
php7-fastcgi-7.4.33-150400.4.16.1
php7-fastcgi-debuginfo-7.4.33-150400.4.16.1
php7-fastcgi-debugsource-7.4.33-150400.4.16.1
php7-fileinfo-7.4.33-150400.4.16.1
php7-fileinfo-debuginfo-7.4.33-150400.4.16.1
php7-fpm-7.4.33-150400.4.16.1
php7-fpm-debuginfo-7.4.33-150400.4.16.1
php7-fpm-debugsource-7.4.33-150400.4.16.1
php7-ftp-7.4.33-150400.4.16.1
php7-ftp-debuginfo-7.4.33-150400.4.16.1
php7-gd-7.4.33-150400.4.16.1
php7-gd-debuginfo-7.4.33-150400.4.16.1
php7-gettext-7.4.33-150400.4.16.1
php7-gettext-debuginfo-7.4.33-150400.4.16.1
php7-gmp-7.4.33-150400.4.16.1
php7-gmp-debuginfo-7.4.33-150400.4.16.1
php7-iconv-7.4.33-150400.4.16.1
php7-iconv-debuginfo-7.4.33-150400.4.16.1
php7-intl-7.4.33-150400.4.16.1
php7-intl-debuginfo-7.4.33-150400.4.16.1
php7-json-7.4.33-150400.4.16.1
php7-json-debuginfo-7.4.33-150400.4.16.1
php7-ldap-7.4.33-150400.4.16.1
php7-ldap-debuginfo-7.4.33-150400.4.16.1
php7-mbstring-7.4.33-150400.4.16.1
php7-mbstring-debuginfo-7.4.33-150400.4.16.1
php7-mysql-7.4.33-150400.4.16.1
php7-mysql-debuginfo-7.4.33-150400.4.16.1
php7-odbc-7.4.33-150400.4.16.1
php7-odbc-debuginfo-7.4.33-150400.4.16.1
php7-opcache-7.4.33-150400.4.16.1
php7-opcache-debuginfo-7.4.33-150400.4.16.1
php7-openssl-7.4.33-150400.4.16.1
php7-openssl-debuginfo-7.4.33-150400.4.16.1
php7-pcntl-7.4.33-150400.4.16.1
php7-pcntl-debuginfo-7.4.33-150400.4.16.1
php7-pdo-7.4.33-150400.4.16.1
php7-pdo-debuginfo-7.4.33-150400.4.16.1
php7-pgsql-7.4.33-150400.4.16.1
php7-pgsql-debuginfo-7.4.33-150400.4.16.1
php7-phar-7.4.33-150400.4.16.1
php7-phar-debuginfo-7.4.33-150400.4.16.1
php7-posix-7.4.33-150400.4.16.1
php7-posix-debuginfo-7.4.33-150400.4.16.1
php7-readline-7.4.33-150400.4.16.1
php7-readline-debuginfo-7.4.33-150400.4.16.1
php7-shmop-7.4.33-150400.4.16.1
php7-shmop-debuginfo-7.4.33-150400.4.16.1
php7-snmp-7.4.33-150400.4.16.1
php7-snmp-debuginfo-7.4.33-150400.4.16.1
php7-soap-7.4.33-150400.4.16.1
php7-soap-debuginfo-7.4.33-150400.4.16.1
php7-sockets-7.4.33-150400.4.16.1
php7-sockets-debuginfo-7.4.33-150400.4.16.1
php7-sodium-7.4.33-150400.4.16.1
php7-sodium-debuginfo-7.4.33-150400.4.16.1
php7-sqlite-7.4.33-150400.4.16.1
php7-sqlite-debuginfo-7.4.33-150400.4.16.1
php7-sysvmsg-7.4.33-150400.4.16.1
php7-sysvmsg-debuginfo-7.4.33-150400.4.16.1
php7-sysvsem-7.4.33-150400.4.16.1
php7-sysvsem-debuginfo-7.4.33-150400.4.16.1
php7-sysvshm-7.4.33-150400.4.16.1
php7-sysvshm-debuginfo-7.4.33-150400.4.16.1
php7-tidy-7.4.33-150400.4.16.1
php7-tidy-debuginfo-7.4.33-150400.4.16.1
php7-tokenizer-7.4.33-150400.4.16.1
php7-tokenizer-debuginfo-7.4.33-150400.4.16.1
php7-xmlreader-7.4.33-150400.4.16.1
php7-xmlreader-debuginfo-7.4.33-150400.4.16.1
php7-xmlrpc-7.4.33-150400.4.16.1
php7-xmlrpc-debuginfo-7.4.33-150400.4.16.1
php7-xmlwriter-7.4.33-150400.4.16.1
php7-xmlwriter-debuginfo-7.4.33-150400.4.16.1
php7-xsl-7.4.33-150400.4.16.1
php7-xsl-debuginfo-7.4.33-150400.4.16.1
php7-zip-7.4.33-150400.4.16.1
php7-zip-debuginfo-7.4.33-150400.4.16.1
php7-zlib-7.4.33-150400.4.16.1
php7-zlib-debuginfo-7.4.33-150400.4.16.1
References:
https://www.suse.com/security/cve/CVE-2022-31631.html
https://bugzilla.suse.com/1206958
1
0
SUSE-SU-2023:0074-1: important: Security update for php8
by opensuse-security@opensuse.org 11 Jan '23
by opensuse-security@opensuse.org 11 Jan '23
11 Jan '23
SUSE Security Update: Security update for php8
______________________________________________________________________________
Announcement ID: SUSE-SU-2023:0074-1
Rating: important
References: #1206958
Cross-References: CVE-2022-31631
CVSS scores:
CVE-2022-31631 (SUSE): 6.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L
Affected Products:
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Web Scripting 15-SP4
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for php8 fixes the following issues:
- Updated to version 8.0.27:
- CVE-2022-31631: Fixed an issue where PDO::quote would return an
unquoted string (bsc#1206958).
Non-security fixes:
- Fixed a NULL pointer dereference with -w/-s options.
- Fixed a crash in Generator when interrupted during argument evaluation
with extra named params.
- Fixed a crash in Generator when memory limit was exceeded during
initialization.
- Fixed a memory leak in Generator when interrupted during argument
evaluation.
- Fixed an issue in the DateTimeZone constructor where an extra null
byte could be added to the input.
- Fixed a hang in SaltStack when using php-fpm 8.1.11.
- Fixed mysqli_query warnings being shown despite using silenced error
mode.
- Fixed a NULL pointer dereference when serializing a SOAP response call.
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2023-74=1
- SUSE Linux Enterprise Module for Web Scripting 15-SP4:
zypper in -t patch SUSE-SLE-Module-Web-Scripting-15-SP4-2023-74=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
apache2-mod_php8-8.0.27-150400.4.23.1
apache2-mod_php8-debuginfo-8.0.27-150400.4.23.1
apache2-mod_php8-debugsource-8.0.27-150400.4.23.1
php8-8.0.27-150400.4.23.1
php8-bcmath-8.0.27-150400.4.23.1
php8-bcmath-debuginfo-8.0.27-150400.4.23.1
php8-bz2-8.0.27-150400.4.23.1
php8-bz2-debuginfo-8.0.27-150400.4.23.1
php8-calendar-8.0.27-150400.4.23.1
php8-calendar-debuginfo-8.0.27-150400.4.23.1
php8-cli-8.0.27-150400.4.23.1
php8-cli-debuginfo-8.0.27-150400.4.23.1
php8-ctype-8.0.27-150400.4.23.1
php8-ctype-debuginfo-8.0.27-150400.4.23.1
php8-curl-8.0.27-150400.4.23.1
php8-curl-debuginfo-8.0.27-150400.4.23.1
php8-dba-8.0.27-150400.4.23.1
php8-dba-debuginfo-8.0.27-150400.4.23.1
php8-debuginfo-8.0.27-150400.4.23.1
php8-debugsource-8.0.27-150400.4.23.1
php8-devel-8.0.27-150400.4.23.1
php8-dom-8.0.27-150400.4.23.1
php8-dom-debuginfo-8.0.27-150400.4.23.1
php8-embed-8.0.27-150400.4.23.1
php8-embed-debuginfo-8.0.27-150400.4.23.1
php8-embed-debugsource-8.0.27-150400.4.23.1
php8-enchant-8.0.27-150400.4.23.1
php8-enchant-debuginfo-8.0.27-150400.4.23.1
php8-exif-8.0.27-150400.4.23.1
php8-exif-debuginfo-8.0.27-150400.4.23.1
php8-fastcgi-8.0.27-150400.4.23.1
php8-fastcgi-debuginfo-8.0.27-150400.4.23.1
php8-fastcgi-debugsource-8.0.27-150400.4.23.1
php8-fileinfo-8.0.27-150400.4.23.1
php8-fileinfo-debuginfo-8.0.27-150400.4.23.1
php8-fpm-8.0.27-150400.4.23.1
php8-fpm-debuginfo-8.0.27-150400.4.23.1
php8-fpm-debugsource-8.0.27-150400.4.23.1
php8-ftp-8.0.27-150400.4.23.1
php8-ftp-debuginfo-8.0.27-150400.4.23.1
php8-gd-8.0.27-150400.4.23.1
php8-gd-debuginfo-8.0.27-150400.4.23.1
php8-gettext-8.0.27-150400.4.23.1
php8-gettext-debuginfo-8.0.27-150400.4.23.1
php8-gmp-8.0.27-150400.4.23.1
php8-gmp-debuginfo-8.0.27-150400.4.23.1
php8-iconv-8.0.27-150400.4.23.1
php8-iconv-debuginfo-8.0.27-150400.4.23.1
php8-intl-8.0.27-150400.4.23.1
php8-intl-debuginfo-8.0.27-150400.4.23.1
php8-ldap-8.0.27-150400.4.23.1
php8-ldap-debuginfo-8.0.27-150400.4.23.1
php8-mbstring-8.0.27-150400.4.23.1
php8-mbstring-debuginfo-8.0.27-150400.4.23.1
php8-mysql-8.0.27-150400.4.23.1
php8-mysql-debuginfo-8.0.27-150400.4.23.1
php8-odbc-8.0.27-150400.4.23.1
php8-odbc-debuginfo-8.0.27-150400.4.23.1
php8-opcache-8.0.27-150400.4.23.1
php8-opcache-debuginfo-8.0.27-150400.4.23.1
php8-openssl-8.0.27-150400.4.23.1
php8-openssl-debuginfo-8.0.27-150400.4.23.1
php8-pcntl-8.0.27-150400.4.23.1
php8-pcntl-debuginfo-8.0.27-150400.4.23.1
php8-pdo-8.0.27-150400.4.23.1
php8-pdo-debuginfo-8.0.27-150400.4.23.1
php8-pgsql-8.0.27-150400.4.23.1
php8-pgsql-debuginfo-8.0.27-150400.4.23.1
php8-phar-8.0.27-150400.4.23.1
php8-phar-debuginfo-8.0.27-150400.4.23.1
php8-posix-8.0.27-150400.4.23.1
php8-posix-debuginfo-8.0.27-150400.4.23.1
php8-readline-8.0.27-150400.4.23.1
php8-readline-debuginfo-8.0.27-150400.4.23.1
php8-shmop-8.0.27-150400.4.23.1
php8-shmop-debuginfo-8.0.27-150400.4.23.1
php8-snmp-8.0.27-150400.4.23.1
php8-snmp-debuginfo-8.0.27-150400.4.23.1
php8-soap-8.0.27-150400.4.23.1
php8-soap-debuginfo-8.0.27-150400.4.23.1
php8-sockets-8.0.27-150400.4.23.1
php8-sockets-debuginfo-8.0.27-150400.4.23.1
php8-sodium-8.0.27-150400.4.23.1
php8-sodium-debuginfo-8.0.27-150400.4.23.1
php8-sqlite-8.0.27-150400.4.23.1
php8-sqlite-debuginfo-8.0.27-150400.4.23.1
php8-sysvmsg-8.0.27-150400.4.23.1
php8-sysvmsg-debuginfo-8.0.27-150400.4.23.1
php8-sysvsem-8.0.27-150400.4.23.1
php8-sysvsem-debuginfo-8.0.27-150400.4.23.1
php8-sysvshm-8.0.27-150400.4.23.1
php8-sysvshm-debuginfo-8.0.27-150400.4.23.1
php8-test-8.0.27-150400.4.23.1
php8-tidy-8.0.27-150400.4.23.1
php8-tidy-debuginfo-8.0.27-150400.4.23.1
php8-tokenizer-8.0.27-150400.4.23.1
php8-tokenizer-debuginfo-8.0.27-150400.4.23.1
php8-xmlreader-8.0.27-150400.4.23.1
php8-xmlreader-debuginfo-8.0.27-150400.4.23.1
php8-xmlwriter-8.0.27-150400.4.23.1
php8-xmlwriter-debuginfo-8.0.27-150400.4.23.1
php8-xsl-8.0.27-150400.4.23.1
php8-xsl-debuginfo-8.0.27-150400.4.23.1
php8-zip-8.0.27-150400.4.23.1
php8-zip-debuginfo-8.0.27-150400.4.23.1
php8-zlib-8.0.27-150400.4.23.1
php8-zlib-debuginfo-8.0.27-150400.4.23.1
- SUSE Linux Enterprise Module for Web Scripting 15-SP4 (aarch64 ppc64le s390x x86_64):
apache2-mod_php8-8.0.27-150400.4.23.1
apache2-mod_php8-debuginfo-8.0.27-150400.4.23.1
apache2-mod_php8-debugsource-8.0.27-150400.4.23.1
php8-8.0.27-150400.4.23.1
php8-bcmath-8.0.27-150400.4.23.1
php8-bcmath-debuginfo-8.0.27-150400.4.23.1
php8-bz2-8.0.27-150400.4.23.1
php8-bz2-debuginfo-8.0.27-150400.4.23.1
php8-calendar-8.0.27-150400.4.23.1
php8-calendar-debuginfo-8.0.27-150400.4.23.1
php8-cli-8.0.27-150400.4.23.1
php8-cli-debuginfo-8.0.27-150400.4.23.1
php8-ctype-8.0.27-150400.4.23.1
php8-ctype-debuginfo-8.0.27-150400.4.23.1
php8-curl-8.0.27-150400.4.23.1
php8-curl-debuginfo-8.0.27-150400.4.23.1
php8-dba-8.0.27-150400.4.23.1
php8-dba-debuginfo-8.0.27-150400.4.23.1
php8-debuginfo-8.0.27-150400.4.23.1
php8-debugsource-8.0.27-150400.4.23.1
php8-devel-8.0.27-150400.4.23.1
php8-dom-8.0.27-150400.4.23.1
php8-dom-debuginfo-8.0.27-150400.4.23.1
php8-embed-8.0.27-150400.4.23.1
php8-embed-debuginfo-8.0.27-150400.4.23.1
php8-embed-debugsource-8.0.27-150400.4.23.1
php8-enchant-8.0.27-150400.4.23.1
php8-enchant-debuginfo-8.0.27-150400.4.23.1
php8-exif-8.0.27-150400.4.23.1
php8-exif-debuginfo-8.0.27-150400.4.23.1
php8-fastcgi-8.0.27-150400.4.23.1
php8-fastcgi-debuginfo-8.0.27-150400.4.23.1
php8-fastcgi-debugsource-8.0.27-150400.4.23.1
php8-fileinfo-8.0.27-150400.4.23.1
php8-fileinfo-debuginfo-8.0.27-150400.4.23.1
php8-fpm-8.0.27-150400.4.23.1
php8-fpm-debuginfo-8.0.27-150400.4.23.1
php8-fpm-debugsource-8.0.27-150400.4.23.1
php8-ftp-8.0.27-150400.4.23.1
php8-ftp-debuginfo-8.0.27-150400.4.23.1
php8-gd-8.0.27-150400.4.23.1
php8-gd-debuginfo-8.0.27-150400.4.23.1
php8-gettext-8.0.27-150400.4.23.1
php8-gettext-debuginfo-8.0.27-150400.4.23.1
php8-gmp-8.0.27-150400.4.23.1
php8-gmp-debuginfo-8.0.27-150400.4.23.1
php8-iconv-8.0.27-150400.4.23.1
php8-iconv-debuginfo-8.0.27-150400.4.23.1
php8-intl-8.0.27-150400.4.23.1
php8-intl-debuginfo-8.0.27-150400.4.23.1
php8-ldap-8.0.27-150400.4.23.1
php8-ldap-debuginfo-8.0.27-150400.4.23.1
php8-mbstring-8.0.27-150400.4.23.1
php8-mbstring-debuginfo-8.0.27-150400.4.23.1
php8-mysql-8.0.27-150400.4.23.1
php8-mysql-debuginfo-8.0.27-150400.4.23.1
php8-odbc-8.0.27-150400.4.23.1
php8-odbc-debuginfo-8.0.27-150400.4.23.1
php8-opcache-8.0.27-150400.4.23.1
php8-opcache-debuginfo-8.0.27-150400.4.23.1
php8-openssl-8.0.27-150400.4.23.1
php8-openssl-debuginfo-8.0.27-150400.4.23.1
php8-pcntl-8.0.27-150400.4.23.1
php8-pcntl-debuginfo-8.0.27-150400.4.23.1
php8-pdo-8.0.27-150400.4.23.1
php8-pdo-debuginfo-8.0.27-150400.4.23.1
php8-pgsql-8.0.27-150400.4.23.1
php8-pgsql-debuginfo-8.0.27-150400.4.23.1
php8-phar-8.0.27-150400.4.23.1
php8-phar-debuginfo-8.0.27-150400.4.23.1
php8-posix-8.0.27-150400.4.23.1
php8-posix-debuginfo-8.0.27-150400.4.23.1
php8-readline-8.0.27-150400.4.23.1
php8-readline-debuginfo-8.0.27-150400.4.23.1
php8-shmop-8.0.27-150400.4.23.1
php8-shmop-debuginfo-8.0.27-150400.4.23.1
php8-snmp-8.0.27-150400.4.23.1
php8-snmp-debuginfo-8.0.27-150400.4.23.1
php8-soap-8.0.27-150400.4.23.1
php8-soap-debuginfo-8.0.27-150400.4.23.1
php8-sockets-8.0.27-150400.4.23.1
php8-sockets-debuginfo-8.0.27-150400.4.23.1
php8-sodium-8.0.27-150400.4.23.1
php8-sodium-debuginfo-8.0.27-150400.4.23.1
php8-sqlite-8.0.27-150400.4.23.1
php8-sqlite-debuginfo-8.0.27-150400.4.23.1
php8-sysvmsg-8.0.27-150400.4.23.1
php8-sysvmsg-debuginfo-8.0.27-150400.4.23.1
php8-sysvsem-8.0.27-150400.4.23.1
php8-sysvsem-debuginfo-8.0.27-150400.4.23.1
php8-sysvshm-8.0.27-150400.4.23.1
php8-sysvshm-debuginfo-8.0.27-150400.4.23.1
php8-test-8.0.27-150400.4.23.1
php8-tidy-8.0.27-150400.4.23.1
php8-tidy-debuginfo-8.0.27-150400.4.23.1
php8-tokenizer-8.0.27-150400.4.23.1
php8-tokenizer-debuginfo-8.0.27-150400.4.23.1
php8-xmlreader-8.0.27-150400.4.23.1
php8-xmlreader-debuginfo-8.0.27-150400.4.23.1
php8-xmlwriter-8.0.27-150400.4.23.1
php8-xmlwriter-debuginfo-8.0.27-150400.4.23.1
php8-xsl-8.0.27-150400.4.23.1
php8-xsl-debuginfo-8.0.27-150400.4.23.1
php8-zip-8.0.27-150400.4.23.1
php8-zip-debuginfo-8.0.27-150400.4.23.1
php8-zlib-8.0.27-150400.4.23.1
php8-zlib-debuginfo-8.0.27-150400.4.23.1
References:
https://www.suse.com/security/cve/CVE-2022-31631.html
https://bugzilla.suse.com/1206958
1
0
11 Jan '23
SUSE Security Update: Security update for w3m
______________________________________________________________________________
Announcement ID: SUSE-SU-2023:0065-1
Rating: moderate
References: #1202684
Cross-References: CVE-2022-38223
CVSS scores:
CVE-2022-38223 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-38223 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Affected Products:
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Realtime Extension 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for w3m fixes the following issues:
- CVE-2022-38223: Fixed a memory safety issue when dumping crafted input
to standard out (bsc#1202684).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2023-65=1
- SUSE Linux Enterprise Realtime Extension 15-SP3:
zypper in -t patch SUSE-SLE-Product-RT-15-SP3-2023-65=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2023-65=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
w3m-0.5.3+git20180125-150000.3.3.1
w3m-debuginfo-0.5.3+git20180125-150000.3.3.1
w3m-debugsource-0.5.3+git20180125-150000.3.3.1
w3m-inline-image-0.5.3+git20180125-150000.3.3.1
w3m-inline-image-debuginfo-0.5.3+git20180125-150000.3.3.1
- SUSE Linux Enterprise Realtime Extension 15-SP3 (x86_64):
w3m-0.5.3+git20180125-150000.3.3.1
w3m-debuginfo-0.5.3+git20180125-150000.3.3.1
w3m-debugsource-0.5.3+git20180125-150000.3.3.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64 ppc64le s390x x86_64):
w3m-0.5.3+git20180125-150000.3.3.1
w3m-debuginfo-0.5.3+git20180125-150000.3.3.1
w3m-debugsource-0.5.3+git20180125-150000.3.3.1
References:
https://www.suse.com/security/cve/CVE-2022-38223.html
https://bugzilla.suse.com/1202684
1
0
SUSE-SU-2023:0069-1: moderate: Security update for SDL2
by opensuse-security@opensuse.org 11 Jan '23
by opensuse-security@opensuse.org 11 Jan '23
11 Jan '23
SUSE Security Update: Security update for SDL2
______________________________________________________________________________
Announcement ID: SUSE-SU-2023:0069-1
Rating: moderate
References: #1206727
Cross-References: CVE-2022-4743
CVSS scores:
CVE-2022-4743 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Affected Products:
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Desktop Applications 15-SP4
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4
SUSE Linux Enterprise Realtime Extension 15-SP3
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for SDL2 fixes the following issues:
- CVE-2022-4743: Fixed a potential memory leak when creating a texture for
an OpenGL ES image (bsc#1206727).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2023-69=1
- SUSE Linux Enterprise Realtime Extension 15-SP3:
zypper in -t patch SUSE-SLE-Product-RT-15-SP3-2023-69=1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4:
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP4-2023-69=1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP4:
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP4-2023-69=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
SDL2-debugsource-2.0.8-150200.11.9.1
libSDL2-2_0-0-2.0.8-150200.11.9.1
libSDL2-2_0-0-debuginfo-2.0.8-150200.11.9.1
libSDL2-devel-2.0.8-150200.11.9.1
- openSUSE Leap 15.4 (x86_64):
libSDL2-2_0-0-32bit-2.0.8-150200.11.9.1
libSDL2-2_0-0-32bit-debuginfo-2.0.8-150200.11.9.1
libSDL2-devel-32bit-2.0.8-150200.11.9.1
- SUSE Linux Enterprise Realtime Extension 15-SP3 (x86_64):
SDL2-debugsource-2.0.8-150200.11.9.1
libSDL2-2_0-0-2.0.8-150200.11.9.1
libSDL2-2_0-0-debuginfo-2.0.8-150200.11.9.1
libSDL2-devel-2.0.8-150200.11.9.1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4 (x86_64):
SDL2-debugsource-2.0.8-150200.11.9.1
libSDL2-2_0-0-32bit-2.0.8-150200.11.9.1
libSDL2-2_0-0-32bit-debuginfo-2.0.8-150200.11.9.1
- SUSE Linux Enterprise Module for Desktop Applications 15-SP4 (aarch64 ppc64le s390x x86_64):
SDL2-debugsource-2.0.8-150200.11.9.1
libSDL2-2_0-0-2.0.8-150200.11.9.1
libSDL2-2_0-0-debuginfo-2.0.8-150200.11.9.1
libSDL2-devel-2.0.8-150200.11.9.1
References:
https://www.suse.com/security/cve/CVE-2022-4743.html
https://bugzilla.suse.com/1206727
1
0
openSUSE-SU-2023:0009-1: important: Security update for rubygem-activerecord-5.2
by opensuse-security@opensuse.org 11 Jan '23
by opensuse-security@opensuse.org 11 Jan '23
11 Jan '23
openSUSE Security Update: Security update for rubygem-activerecord-5.2
______________________________________________________________________________
Announcement ID: openSUSE-SU-2023:0009-1
Rating: important
References: #1201465
Cross-References: CVE-2022-32224
CVSS scores:
CVE-2022-32224 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-32224 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products:
openSUSE Backports SLE-15-SP4
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for rubygem-activerecord-5.2 fixes the following issues:
- CVE-2022-32224: Fixed possible remote code execution when using YAML
serialized columns in Active Record (boo#1201465).
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Backports SLE-15-SP4:
zypper in -t patch openSUSE-2023-9=1
Package List:
- openSUSE Backports SLE-15-SP4 (aarch64 i586 ppc64le s390x x86_64):
ruby2.5-rubygem-activerecord-5.2-5.2.3-bp154.2.3.1
ruby2.5-rubygem-activerecord-doc-5.2-5.2.3-bp154.2.3.1
References:
https://www.suse.com/security/cve/CVE-2022-32224.html
https://bugzilla.suse.com/1201465
1
0