openSUSE Updates
Threads by month
- ----- 2024 -----
- May
- April
- March
- February
- January
- ----- 2023 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2022 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2021 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2020 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2019 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2018 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2017 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2016 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2015 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2014 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2013 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2012 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2011 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2010 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
February 2023
- 2 participants
- 107 discussions
SUSE-RU-2023:0415-1: important: Recommended update for powerpc-utils
by maintenance@opensuse.org 15 Feb '23
by maintenance@opensuse.org 15 Feb '23
15 Feb '23
SUSE Recommended Update: Recommended update for powerpc-utils
______________________________________________________________________________
Announcement ID: SUSE-RU-2023:0415-1
Rating: important
References: #1195404 #1206518
Affected Products:
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that has two recommended fixes can now be
installed.
Description:
This update for powerpc-utils fixes the following issues:
- Fix lparstat cpu mode display in a dedicated-donating LPAR (bsc#1206518)
- Fix cpu utilization display
- Fix setting primary HNV link when using NetworkManager (bsc#1195404)
Patch Instructions:
To install this SUSE Recommended Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2023-415=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2023-415=1
Package List:
- openSUSE Leap 15.4 (ppc64le):
powerpc-utils-1.3.10-150400.19.9.1
powerpc-utils-debuginfo-1.3.10-150400.19.9.1
powerpc-utils-debugsource-1.3.10-150400.19.9.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (ppc64le):
powerpc-utils-1.3.10-150400.19.9.1
powerpc-utils-debuginfo-1.3.10-150400.19.9.1
powerpc-utils-debugsource-1.3.10-150400.19.9.1
References:
https://bugzilla.suse.com/1195404
https://bugzilla.suse.com/1206518
1
0
SUSE-SU-2023:0419-1: moderate: Security update for nodejs18
by opensuse-security@opensuse.org 15 Feb '23
by opensuse-security@opensuse.org 15 Feb '23
15 Feb '23
SUSE Security Update: Security update for nodejs18
______________________________________________________________________________
Announcement ID: SUSE-SU-2023:0419-1
Rating: moderate
References: #1200303 #1201325 #1201326 #1201327 #1201328
#1203831 #1203832 #1205042 #1205119 #1205236
PED-2097 PED-3192
Cross-References: CVE-2022-32212 CVE-2022-32213 CVE-2022-32214
CVE-2022-32215 CVE-2022-35255 CVE-2022-35256
CVE-2022-43548
CVSS scores:
CVE-2022-32212 (NVD) : 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-32212 (SUSE): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-32213 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
CVE-2022-32213 (SUSE): 6.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:H
CVE-2022-32214 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
CVE-2022-32214 (SUSE): 6.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
CVE-2022-32215 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
CVE-2022-32215 (SUSE): 6.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
CVE-2022-35255 (NVD) : 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
CVE-2022-35255 (SUSE): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
CVE-2022-35256 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
CVE-2022-35256 (SUSE): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
CVE-2022-43548 (NVD) : 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-43548 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Affected Products:
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Web Scripting 15-SP4
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.3
openSUSE Leap 15.4
openSUSE Leap 15.5
______________________________________________________________________________
An update that solves 7 vulnerabilities, contains two
features and has three fixes is now available.
Description:
This update for nodejs18 fixes the following issues:
This update ships nodejs18 (jsc#PED-2097)
Update to NodejJS 18.13.0 LTS:
* build: disable v8 snapshot compression by default
* crypto: update root certificates
* deps: update ICU to 72.1
* doc:
+ add doc-only deprecation for headers/trailers setters
+ add Rafael to the tsc
+ deprecate use of invalid ports in url.parse
+ deprecate url.parse()
* lib: drop fetch experimental warning
* net: add autoSelectFamily and autoSelectFamilyAttemptTimeout options
* src:
+ add uvwasi version
+ add initial shadow realm support
* test_runner:
+ add t.after() hook
+ don't use a symbol for runHook()
* tls:
+ add "ca" property to certificate object
* util:
+ add fast path for utf8 encoding
+ improve textdecoder decode performance
+ add MIME utilities
- Fixes compatibility with ICU 72.1 (bsc#1205236)
- Fix migration to openssl-3 (bsc#1205042)
Update to NodeJS 18.12.1 LTS:
* inspector: DNS rebinding in --inspect via invalid octal IP (bsc#1205119,
CVE-2022-43548)
Update to NodeJS 18.12.0 LTS:
* Running in 'watch' mode using node --watch restarts the process when an
imported file is changed.
* fs: add FileHandle.prototype.readLines
* http: add writeEarlyHints function to ServerResponse
* http2: make early hints generic
* util: add default value option to parsearg
Update to NodeJS 18.11.0:
* added experimental watch mode -- running in 'watch' mode using node
--watch restarts the process when an imported file is changed
* fs: add FileHandle.prototype.readLines
* http: add writeEarlyHints function to ServerResponse
* http2: make early hints generic
* lib: refactor transferable AbortSignal
* src: add detailed embedder process initialization API
* util: add default value option to parsearg
Update to NodeJS 18.10.0:
* deps: upgrade npm to 8.19.2
* http: throw error on content-length mismatch
* stream: add ReadableByteStream.tee()
Update to Nodejs 18.9.1:
* deps: llhttp updated to 6.0.10
+ CVE-2022-32213 bypass via obs-fold mechanic (bsc#1201325)
+ Incorrect Parsing of Multi-line Transfer-Encoding (CVE-2022-32215,
bsc#1201327)
+ Incorrect Parsing of Header Fields (CVE-2022-35256, bsc#1203832)
* crypto: fix weak randomness in WebCrypto keygen (CVE-2022-35255,
bsc#1203831)
Update to Nodejs 18.9.0:
* lib - add diagnostics channel for process and worker
* os - add machine method
* report - expose report public native apis
* src - expose environment RequestInterrupt api
* vm - include vm context in the embedded snapshot
Changes in 18.8.0:
* bootstrap: implement run-time user-land snapshots via
--build-snapshot and --snapshot-blob. See
* crypto:
+ allow zero-length IKM in HKDF and in webcrypto PBKDF2
+ allow zero-length secret KeyObject
* deps: upgrade npm to 8.18.0
* http: make idle http parser count configurable
* net: add local family
* src: print source map error source on demand
* tls: pass a valid socket on tlsClientError
Update to Nodejs 18.7.0:
* events: add CustomEvent
* http: add drop request event for http server
* lib: improved diagnostics_channel subscribe/unsubscribe
* util: add tokens to parseArgs
- enable crypto policy ciphers for TW and SLE15 SP4+ (bsc#1200303)
Update to Nodejs 18.6.0:
* Experimental ESM Loader Hooks API. For details see,
https://nodejs.org/api/esm.html
* dns: export error code constants from dns/promises
* esm: add chaining to loaders
* http: add diagnostics channel for http client
* http: add perf_hooks detail for http request and client
* module: add isBuiltIn method
* net: add drop event for net server
* test_runner: expose describe and it
* v8: add v8.startupSnapshot utils
For details, see
https://github.com/nodejs/node/blob/main/doc/changelogs/CHANGELOG_V18.md#18
.6.0
Update to Nodejs 18.5.0:
* http: stricter Transfer-Encoding and header separator parsing
(bsc#1201325, bsc#1201326, bsc#1201327, CVE-2022-32213, CVE-2022-32214,
CVE-2022-32215)
* src: fix IPv4 validation in inspector_socket (bsc#1201328,
CVE-2022-32212)
For details, see
https://github.com/nodejs/node/blob/main/doc/changelogs/CHANGELOG_V18.md#18
.5.0
Update to Nodejs 18.4.0. For detailed changes see,
https://github.com/nodejs/node/blob/main/doc/changelogs/CHANGELOG_V18.md#18
.4.0
Initial packaging of Nodejs 18.2.0. For detailed changes since previous
versions, see
https://github.com/nodejs/node/blob/master/doc/changelogs/CHANGELOG_V18.md#
18.2.0
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.5:
zypper in -t patch openSUSE-SLE-15.5-2023-419=1
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2023-419=1
- SUSE Linux Enterprise Module for Web Scripting 15-SP4:
zypper in -t patch SUSE-SLE-Module-Web-Scripting-15-SP4-2023-419=1
Package List:
- openSUSE Leap 15.5 (aarch64 s390x x86_64):
corepack18-18.13.0-150400.9.3.1
nodejs18-18.13.0-150400.9.3.1
nodejs18-debuginfo-18.13.0-150400.9.3.1
nodejs18-debugsource-18.13.0-150400.9.3.1
nodejs18-devel-18.13.0-150400.9.3.1
npm18-18.13.0-150400.9.3.1
- openSUSE Leap 15.5 (noarch):
nodejs18-docs-18.13.0-150400.9.3.1
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
corepack18-18.13.0-150400.9.3.1
nodejs18-18.13.0-150400.9.3.1
nodejs18-debuginfo-18.13.0-150400.9.3.1
nodejs18-debugsource-18.13.0-150400.9.3.1
nodejs18-devel-18.13.0-150400.9.3.1
npm18-18.13.0-150400.9.3.1
- openSUSE Leap 15.4 (noarch):
nodejs18-docs-18.13.0-150400.9.3.1
- SUSE Linux Enterprise Module for Web Scripting 15-SP4 (aarch64 ppc64le s390x x86_64):
nodejs18-18.13.0-150400.9.3.1
nodejs18-debuginfo-18.13.0-150400.9.3.1
nodejs18-debugsource-18.13.0-150400.9.3.1
nodejs18-devel-18.13.0-150400.9.3.1
npm18-18.13.0-150400.9.3.1
- SUSE Linux Enterprise Module for Web Scripting 15-SP4 (noarch):
nodejs18-docs-18.13.0-150400.9.3.1
References:
https://www.suse.com/security/cve/CVE-2022-32212.html
https://www.suse.com/security/cve/CVE-2022-32213.html
https://www.suse.com/security/cve/CVE-2022-32214.html
https://www.suse.com/security/cve/CVE-2022-32215.html
https://www.suse.com/security/cve/CVE-2022-35255.html
https://www.suse.com/security/cve/CVE-2022-35256.html
https://www.suse.com/security/cve/CVE-2022-43548.html
https://bugzilla.suse.com/1200303
https://bugzilla.suse.com/1201325
https://bugzilla.suse.com/1201326
https://bugzilla.suse.com/1201327
https://bugzilla.suse.com/1201328
https://bugzilla.suse.com/1203831
https://bugzilla.suse.com/1203832
https://bugzilla.suse.com/1205042
https://bugzilla.suse.com/1205119
https://bugzilla.suse.com/1205236
1
0
openSUSE-SU-2023:0046-1: important: Security update for timescaledb
by opensuse-security@opensuse.org 14 Feb '23
by opensuse-security@opensuse.org 14 Feb '23
14 Feb '23
openSUSE Security Update: Security update for timescaledb
______________________________________________________________________________
Announcement ID: openSUSE-SU-2023:0046-1
Rating: important
References: #1197063
Cross-References: CVE-2022-24128
CVSS scores:
CVE-2022-24128 (NVD) : 8 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Affected Products:
openSUSE Backports SLE-15-SP4
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for timescaledb fixes the following issues:
Update to version 2.9.3
- https://github.com/timescale/timescaledb/releases/tag/2.9.3
- https://github.com/timescale/timescaledb/releases/tag/2.9.2
- https://github.com/timescale/timescaledb/releases/tag/2.9.1
- https://github.com/timescale/timescaledb/releases/tag/2.9.0
- https://github.com/timescale/timescaledb/releases/tag/2.8.1
- https://github.com/timescale/timescaledb/releases/tag/2.8.0
- https://github.com/timescale/timescaledb/releases/tag/2.7.1
- https://github.com/timescale/timescaledb/releases/tag/2.7.2
- https://github.com/timescale/timescaledb/releases/tag/2.7.0
- https://github.com/timescale/timescaledb/releases/tag/2.6.1
- CVE-2022-24128: Fixed privilege escalation during extension installation
(boo#1197063)
- https://github.com/timescale/timescaledb/releases/tag/2.6.0
- https://github.com/timescale/timescaledb/releases/tag/2.5.2
- https://github.com/timescale/timescaledb/releases/tag/2.5.1
- https://github.com/timescale/timescaledb/releases/tag/1.7.5
- https://github.com/timescale/timescaledb/releases/tag/2.0.0
- https://github.com/timescale/timescaledb/releases/tag/2.0.1
- https://github.com/timescale/timescaledb/releases/tag/2.0.2
- https://github.com/timescale/timescaledb/releases/tag/2.1.0
- https://github.com/timescale/timescaledb/releases/tag/2.1.1
- https://github.com/timescale/timescaledb/releases/tag/2.2.0
- https://github.com/timescale/timescaledb/releases/tag/2.2.1
- https://github.com/timescale/timescaledb/releases/tag/2.3.0
- https://github.com/timescale/timescaledb/releases/tag/2.3.1
- https://github.com/timescale/timescaledb/releases/tag/2.4.0
- https://github.com/timescale/timescaledb/releases/tag/2.4.1
- https://github.com/timescale/timescaledb/releases/tag/2.4.2
- https://github.com/timescale/timescaledb/releases/tag/2.5.0
- enable postgresql14
- https://github.com/timescale/timescaledb/releases/tag/1.7.2
- https://github.com/timescale/timescaledb/releases/tag/1.7.3
- https://github.com/timescale/timescaledb/releases/tag/1.7.4
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Backports SLE-15-SP4:
zypper in -t patch openSUSE-2023-46=1
Package List:
- openSUSE Backports SLE-15-SP4 (aarch64 i586 ppc64le s390x x86_64):
postgresql12-timescaledb-2.9.3-bp154.2.3.1
postgresql13-timescaledb-2.9.3-bp154.2.3.1
postgresql14-timescaledb-2.9.3-bp154.2.3.1
postgresql15-timescaledb-2.9.3-bp154.2.3.1
References:
https://www.suse.com/security/cve/CVE-2022-24128.html
https://bugzilla.suse.com/1197063
1
0
SUSE-SU-2023:0410-1: important: Security update for the Linux Kernel
by opensuse-security@opensuse.org 14 Feb '23
by opensuse-security@opensuse.org 14 Feb '23
14 Feb '23
SUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________
Announcement ID: SUSE-SU-2023:0410-1
Rating: important
References: #1203693 #1205149 #1206073 #1206389 #1206395
#1206664 #1206677 #1206784 #1207036 #1207186
#1207237 PED-1706
Cross-References: CVE-2022-3107 CVE-2022-3108 CVE-2022-3564
CVE-2022-4662 CVE-2022-47929 CVE-2023-23454
CVSS scores:
CVE-2022-3107 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3107 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3108 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3108 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3564 (NVD) : 7.1 CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3564 (SUSE): 8 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-4662 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-4662 (SUSE): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-47929 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-47929 (SUSE): 4.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H
CVE-2023-23454 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2023-23454 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products:
SUSE CaaS Platform 4.0
SUSE Linux Enterprise High Availability 15-SP1
SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS
SUSE Linux Enterprise Module for Live Patching 15-SP1
SUSE Linux Enterprise Server 15-SP1-LTSS
SUSE Linux Enterprise Server for SAP 15-SP1
openSUSE Leap 15.4
______________________________________________________________________________
An update that solves 6 vulnerabilities, contains one
feature and has 5 fixes is now available.
Description:
The SUSE Linux Enterprise 15 SP1 kernel was updated receive various
security and bugfixes.
The following security bugs were fixed:
- CVE-2022-3107: Fixed missing check of return value of kvmalloc_array()
(bnc#1206395).
- CVE-2022-3108: Fixed missing check of return value of kmemdup()
(bnc#1206389).
- CVE-2022-3564: Fixed use-after-free in l2cap_core.c of the Bluetooth
component (bnc#1206073).
- CVE-2022-4662: Fixed incorrect access control in the USB core subsystem
that could lead a local user to crash the system (bnc#1206664).
- CVE-2022-47929: Fixed NULL pointer dereference bug in the traffic
control subsystem (bnc#1207237).
- CVE-2023-23454: Fixed denial or service in cbq_classify in
net/sched/sch_cbq.c (bnc#1207036).
The following non-security bugs were fixed:
- Added support for enabling livepatching related packages on -RT
(jsc#PED-1706).
- Added suse-kernel-rpm-scriptlets to kmp buildreqs (boo#1205149).
- HID: betop: check shape of output reports (git-fixes, bsc#1207186).
- HID: betop: fix slab-out-of-bounds Write in betop_probe (git-fixes,
bsc#1207186).
- HID: check empty report_list in hid_validate_values() (git-fixes,
bsc#1206784).
- Reverted "constraints: increase disk space for all architectures"
(bsc#1203693)
- net: sched: atm: dont intepret cls results when asked to drop
(bsc#1207036).
- net: sched: cbq: dont intepret cls results when asked to drop
(bsc#1207036).
- sctp: fail if no bound addresses can be used for a given scope
(bsc#1206677).
Special Instructions and Notes:
Please reboot the system after installing this update.
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2023-410=1
- SUSE Linux Enterprise Server for SAP 15-SP1:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2023-410=1
- SUSE Linux Enterprise Server 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2023-410=1
- SUSE Linux Enterprise Module for Live Patching 15-SP1:
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP1-2023-410=1
Please note that this is the initial kernel livepatch without fixes
itself, this livepatch package is later updated by seperate standalone
livepatch updates.
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-LTSS-2023-410=1
- SUSE Linux Enterprise High Availability 15-SP1:
zypper in -t patch SUSE-SLE-Product-HA-15-SP1-2023-410=1
- SUSE CaaS Platform 4.0:
To install this update, use the SUSE CaaS Platform 'skuba' tool. It
will inform you if it detects new updates and let you then trigger
updating of the complete cluster in a controlled way.
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
kernel-default-base-debuginfo-4.12.14-150100.197.134.1
kernel-vanilla-4.12.14-150100.197.134.1
kernel-vanilla-base-4.12.14-150100.197.134.1
kernel-vanilla-base-debuginfo-4.12.14-150100.197.134.1
kernel-vanilla-debuginfo-4.12.14-150100.197.134.1
kernel-vanilla-debugsource-4.12.14-150100.197.134.1
kernel-vanilla-devel-4.12.14-150100.197.134.1
kernel-vanilla-devel-debuginfo-4.12.14-150100.197.134.1
kernel-vanilla-livepatch-devel-4.12.14-150100.197.134.1
- openSUSE Leap 15.4 (ppc64le x86_64):
kernel-debug-base-4.12.14-150100.197.134.1
kernel-debug-base-debuginfo-4.12.14-150100.197.134.1
- openSUSE Leap 15.4 (x86_64):
kernel-kvmsmall-base-4.12.14-150100.197.134.1
kernel-kvmsmall-base-debuginfo-4.12.14-150100.197.134.1
- openSUSE Leap 15.4 (s390x):
kernel-default-man-4.12.14-150100.197.134.1
kernel-zfcpdump-man-4.12.14-150100.197.134.1
- SUSE Linux Enterprise Server for SAP 15-SP1 (ppc64le x86_64):
kernel-default-4.12.14-150100.197.134.1
kernel-default-base-4.12.14-150100.197.134.1
kernel-default-base-debuginfo-4.12.14-150100.197.134.1
kernel-default-debuginfo-4.12.14-150100.197.134.1
kernel-default-debugsource-4.12.14-150100.197.134.1
kernel-default-devel-4.12.14-150100.197.134.1
kernel-default-devel-debuginfo-4.12.14-150100.197.134.1
kernel-obs-build-4.12.14-150100.197.134.1
kernel-obs-build-debugsource-4.12.14-150100.197.134.1
kernel-syms-4.12.14-150100.197.134.1
reiserfs-kmp-default-4.12.14-150100.197.134.1
reiserfs-kmp-default-debuginfo-4.12.14-150100.197.134.1
- SUSE Linux Enterprise Server for SAP 15-SP1 (noarch):
kernel-devel-4.12.14-150100.197.134.1
kernel-docs-4.12.14-150100.197.134.1
kernel-macros-4.12.14-150100.197.134.1
kernel-source-4.12.14-150100.197.134.1
- SUSE Linux Enterprise Server 15-SP1-LTSS (aarch64 ppc64le s390x x86_64):
kernel-default-4.12.14-150100.197.134.1
kernel-default-base-4.12.14-150100.197.134.1
kernel-default-base-debuginfo-4.12.14-150100.197.134.1
kernel-default-debuginfo-4.12.14-150100.197.134.1
kernel-default-debugsource-4.12.14-150100.197.134.1
kernel-default-devel-4.12.14-150100.197.134.1
kernel-default-devel-debuginfo-4.12.14-150100.197.134.1
kernel-obs-build-4.12.14-150100.197.134.1
kernel-obs-build-debugsource-4.12.14-150100.197.134.1
kernel-syms-4.12.14-150100.197.134.1
reiserfs-kmp-default-4.12.14-150100.197.134.1
reiserfs-kmp-default-debuginfo-4.12.14-150100.197.134.1
- SUSE Linux Enterprise Server 15-SP1-LTSS (noarch):
kernel-devel-4.12.14-150100.197.134.1
kernel-docs-4.12.14-150100.197.134.1
kernel-macros-4.12.14-150100.197.134.1
kernel-source-4.12.14-150100.197.134.1
- SUSE Linux Enterprise Server 15-SP1-LTSS (s390x):
kernel-default-man-4.12.14-150100.197.134.1
kernel-zfcpdump-debuginfo-4.12.14-150100.197.134.1
kernel-zfcpdump-debugsource-4.12.14-150100.197.134.1
- SUSE Linux Enterprise Module for Live Patching 15-SP1 (ppc64le x86_64):
kernel-default-debuginfo-4.12.14-150100.197.134.1
kernel-default-debugsource-4.12.14-150100.197.134.1
kernel-default-livepatch-4.12.14-150100.197.134.1
kernel-default-livepatch-devel-4.12.14-150100.197.134.1
kernel-livepatch-4_12_14-150100_197_134-default-1-150100.3.3.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (aarch64 x86_64):
kernel-default-4.12.14-150100.197.134.1
kernel-default-base-4.12.14-150100.197.134.1
kernel-default-base-debuginfo-4.12.14-150100.197.134.1
kernel-default-debuginfo-4.12.14-150100.197.134.1
kernel-default-debugsource-4.12.14-150100.197.134.1
kernel-default-devel-4.12.14-150100.197.134.1
kernel-default-devel-debuginfo-4.12.14-150100.197.134.1
kernel-obs-build-4.12.14-150100.197.134.1
kernel-obs-build-debugsource-4.12.14-150100.197.134.1
kernel-syms-4.12.14-150100.197.134.1
- SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (noarch):
kernel-devel-4.12.14-150100.197.134.1
kernel-docs-4.12.14-150100.197.134.1
kernel-macros-4.12.14-150100.197.134.1
kernel-source-4.12.14-150100.197.134.1
- SUSE Linux Enterprise High Availability 15-SP1 (aarch64 ppc64le s390x x86_64):
cluster-md-kmp-default-4.12.14-150100.197.134.1
cluster-md-kmp-default-debuginfo-4.12.14-150100.197.134.1
dlm-kmp-default-4.12.14-150100.197.134.1
dlm-kmp-default-debuginfo-4.12.14-150100.197.134.1
gfs2-kmp-default-4.12.14-150100.197.134.1
gfs2-kmp-default-debuginfo-4.12.14-150100.197.134.1
kernel-default-debuginfo-4.12.14-150100.197.134.1
kernel-default-debugsource-4.12.14-150100.197.134.1
ocfs2-kmp-default-4.12.14-150100.197.134.1
ocfs2-kmp-default-debuginfo-4.12.14-150100.197.134.1
- SUSE CaaS Platform 4.0 (x86_64):
kernel-default-4.12.14-150100.197.134.1
kernel-default-base-4.12.14-150100.197.134.1
kernel-default-base-debuginfo-4.12.14-150100.197.134.1
kernel-default-debuginfo-4.12.14-150100.197.134.1
kernel-default-debugsource-4.12.14-150100.197.134.1
kernel-default-devel-4.12.14-150100.197.134.1
kernel-default-devel-debuginfo-4.12.14-150100.197.134.1
kernel-obs-build-4.12.14-150100.197.134.1
kernel-obs-build-debugsource-4.12.14-150100.197.134.1
kernel-syms-4.12.14-150100.197.134.1
reiserfs-kmp-default-4.12.14-150100.197.134.1
reiserfs-kmp-default-debuginfo-4.12.14-150100.197.134.1
- SUSE CaaS Platform 4.0 (noarch):
kernel-devel-4.12.14-150100.197.134.1
kernel-docs-4.12.14-150100.197.134.1
kernel-macros-4.12.14-150100.197.134.1
kernel-source-4.12.14-150100.197.134.1
References:
https://www.suse.com/security/cve/CVE-2022-3107.html
https://www.suse.com/security/cve/CVE-2022-3108.html
https://www.suse.com/security/cve/CVE-2022-3564.html
https://www.suse.com/security/cve/CVE-2022-4662.html
https://www.suse.com/security/cve/CVE-2022-47929.html
https://www.suse.com/security/cve/CVE-2023-23454.html
https://bugzilla.suse.com/1203693
https://bugzilla.suse.com/1205149
https://bugzilla.suse.com/1206073
https://bugzilla.suse.com/1206389
https://bugzilla.suse.com/1206395
https://bugzilla.suse.com/1206664
https://bugzilla.suse.com/1206677
https://bugzilla.suse.com/1206784
https://bugzilla.suse.com/1207036
https://bugzilla.suse.com/1207186
https://bugzilla.suse.com/1207237
1
0
SUSE-SU-2023:0409-1: important: Security update for the Linux Kernel
by opensuse-security@opensuse.org 14 Feb '23
by opensuse-security@opensuse.org 14 Feb '23
14 Feb '23
SUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________
Announcement ID: SUSE-SU-2023:0409-1
Rating: important
References: #1195175 #1204502 #1206677 #1207034 #1207497
#1207508 #1207769 #1207878
Cross-References: CVE-2022-3606 CVE-2023-0179
CVSS scores:
CVE-2022-3606 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3606 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2023-0179 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products:
SUSE Enterprise Storage 7.1
SUSE Linux Enterprise High Availability 15-SP3
SUSE Linux Enterprise High Performance Computing 15-SP3-ESPOS
SUSE Linux Enterprise High Performance Computing 15-SP3-LTSS
SUSE Linux Enterprise Micro 5.1
SUSE Linux Enterprise Micro 5.2
SUSE Linux Enterprise Module for Live Patching 15-SP3
SUSE Linux Enterprise Realtime Extension 15-SP3
SUSE Linux Enterprise Server 15-SP3-LTSS
SUSE Linux Enterprise Server for SAP 15-SP3
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.4
openSUSE Leap Micro 5.2
______________________________________________________________________________
An update that solves two vulnerabilities and has 6 fixes
is now available.
Description:
The SUSE Linux Enterprise 15 SP3 LTSS kernel was updated to receive
various security and bugfixes.
The following security bugs were fixed:
- CVE-2022-3606: Fixed a null pointer dereference inside the function
find_prog_by_sec_insn of the file tools/lib/bpf/libbpf.c of the
component BPF (bnc#1204502).
- CVE-2023-0179: Fixed incorrect arithmetics when fetching VLAN header
bits (bsc#1207034).
The following non-security bugs were fixed:
- KVM: VMX: fix crash cleanup when KVM wasn't used (bsc#1207508).
- RDMA/core: Fix ib block iterator counter overflow (bsc#1207878).
- bcache: fix set_at_max_writeback_rate() for multiple attached devices
(git-fixes).
- blktrace: Fix output non-blktrace event when blk_classic option enabled
(git-fixes).
- blktrace: ensure our debugfs dir exists (git-fixes).
- dm btree: add a defensive bounds check to insert_at() (git-fixes).
- dm cache: Fix ABBA deadlock between shrink_slab and
dm_cache_metadata_abort (git-fixes).
- dm cache: Fix UAF in destroy() (git-fixes).
- dm cache: set needs_check flag after aborting metadata (git-fixes).
- dm clone: Fix UAF in clone_dtr() (git-fixes).
- dm integrity: Fix UAF in dm_integrity_dtr() (git-fixes).
- dm integrity: fix flush with external metadata device (git-fixes).
- dm integrity: flush the journal on suspend (git-fixes).
- dm integrity: select CRYPTO_SKCIPHER (git-fixes).
- dm ioctl: fix misbehavior if list_versions races with module loading
(git-fixes).
- dm ioctl: prevent potential spectre v1 gadget (git-fixes).
- dm space map common: add bounds check to sm_ll_lookup_bitmap()
(git-fixes).
- dm space maps: do not reset space map allocation cursor when committing
(git-fixes).
- dm table: Remove BUG_ON(in_interrupt()) (git-fixes).
- dm thin: Fix ABBA deadlock between shrink_slab and
dm_pool_abort_metadata (git-fixes).
- dm thin: Fix UAF in run_timer_softirq() (git-fixes).
- dm thin: Use last transaction's pmd->root when commit failed (git-fixes).
- dm thin: resume even if in FAIL mode (git-fixes).
- dm verity: fix require_signatures module_param permissions (git-fixes).
- dm verity: skip verity work if I/O error when system is shutting down
(git-fixes).
- drivers:md:fix a potential use-after-free bug (git-fixes).
- kabi/severities: add mlx5 internal symbols
- loop: unset GENHD_FL_NO_PART_SCAN on LOOP_CONFIGURE (git-fixes).
- loop: use sysfs_emit() in the sysfs xxx show() (git-fixes).
- md/raid5: Wait for MD_SB_CHANGE_PENDING in raid5d (git-fixes).
- md: Flush workqueue md_rdev_misc_wq in md_alloc() (git-fixes).
- md: Notify sysfs sync_completed in md_reap_sync_thread() (git-fixes).
- md: protect md_unregister_thread from reentrancy (git-fixes).
- mm: /proc/pid/smaps_rollup: fix no vma's null-deref (bsc#1207769).
- nbd: Fix hung on disconnect request if socket is closed before
(git-fixes).
- nbd: Fix hung when signal interrupts nbd_start_device_ioctl()
(git-fixes).
- nbd: Fix incorrect error handle when first_minor is illegal in
nbd_dev_add (git-fixes).
- nbd: call genl_unregister_family() first in nbd_cleanup() (git-fixes).
- nbd: fix io hung while disconnecting device (git-fixes).
- nbd: fix max value for 'first_minor' (git-fixes).
- nbd: fix race between nbd_alloc_config() and module removal (git-fixes).
- nbd: make the config put is called before the notifying the waiter
(git-fixes).
- nbd: restore default timeout when setting it to zero (git-fixes).
- net/mlx5: Allocate individual capability (bsc#1195175).
- net/mlx5: Dynamically resize flow counters query buffer (bsc#1195175).
- net/mlx5: Fix flow counters SF bulk query len (bsc#1195175).
- net/mlx5: Reduce flow counters bulk query buffer size for SFs
(bsc#1195175).
- net/mlx5: Reorganize current and maximal capabilities to be per-type
(bsc#1195175).
- net/mlx5: Use order-0 allocations for EQs (bsc#1195175).
- null_blk: fix ida error handling in null_add_dev() (git-fixes).
- rbd: work around -Wuninitialized warning (git-fixes).
- scsi: 3w-9xxx: Avoid disabling device if failing to enable it
(git-fixes).
- scsi: BusLogic: Fix 64-bit system enumeration error for Buslogic
(git-fixes).
- scsi: NCR5380: Add disconnect_mask module parameter (git-fixes).
- scsi: Revert "scsi: qla2xxx: Fix disk failure to rediscover" (git-fixes).
- scsi: advansys: Fix kernel pointer leak (git-fixes).
- scsi: aha152x: Fix aha152x_setup() __setup handler return value
(git-fixes).
- scsi: aic7xxx: Adjust indentation in ahc_find_syncrate (git-fixes).
- scsi: aic7xxx: Fix unintentional sign extension issue on left shift of
u8 (git-fixes).
- scsi: atari_scsi: sun3_scsi: Set sg_tablesize to 1 instead of SG_NONE
(git-fixes).
- scsi: bfa: Replace snprintf() with sysfs_emit() (git-fixes).
- scsi: bnx2fc: Return failure if io_req is already in ABTS processing
(git-fixes).
- scsi: core: Avoid printing an error if target_alloc() returns -ENXIO
(git-fixes).
- scsi: core: Cap scsi_host cmd_per_lun at can_queue (git-fixes).
- scsi: core: Do not start concurrent async scan on same host (git-fixes).
- scsi: core: Fix a race between scsi_done() and scsi_timeout()
(git-fixes).
- scsi: core: Fix capacity set to zero after offlinining device
(git-fixes).
- scsi: core: Fix hang of freezing queue between blocking and running
device (git-fixes).
- scsi: core: Fix shost->cmd_per_lun calculation in
scsi_add_host_with_dma() (git-fixes).
- scsi: core: Restrict legal sdev_state transitions via sysfs (git-fixes).
- scsi: core: free sgtables in case command setup fails (git-fixes).
- scsi: core: sysfs: Fix hang when device state is set via sysfs
(git-fixes).
- scsi: core: sysfs: Fix setting device state to SDEV_RUNNING (git-fixes).
- scsi: cxlflash: Fix error return code in cxlflash_probe() (git-fixes).
- scsi: fcoe: Fix possible name leak when device_register() fails
(git-fixes).
- scsi: fcoe: Fix transport not deattached when fcoe_if_init() fails
(git-fixes).
- scsi: fnic: Fix memleak in vnic_dev_init_devcmd2 (git-fixes).
- scsi: fnic: fix use after free (git-fixes).
- scsi: hisi_sas: Check sas_port before using it (git-fixes).
- scsi: hisi_sas: Do not reset phy timer to wait for stray phy up
(git-fixes).
- scsi: hisi_sas: Drop free_irq() of devm_request_irq() allocated irq
(git-fixes).
- scsi: hisi_sas: Propagate errors in interrupt_init_v1_hw() (git-fixes).
- scsi: hisi_sas: Replace in_softirq() check in hisi_sas_task_exec()
(git-fixes).
- scsi: hpsa: Fix error handling in hpsa_add_sas_host() (git-fixes).
- scsi: hpsa: Fix memory leak in hpsa_init_one() (git-fixes).
- scsi: hpsa: Fix possible memory leak in hpsa_add_sas_device()
(git-fixes).
- scsi: hpsa: Fix possible memory leak in hpsa_init_one() (git-fixes).
- scsi: ipr: Fix WARNING in ipr_init() (git-fixes).
- scsi: ipr: Fix missing/incorrect resource cleanup in error case
(git-fixes).
- scsi: iscsi: Add iscsi_cls_conn refcount helpers (git-fixes).
- scsi: iscsi: Avoid potential deadlock in iscsi_if_rx func (git-fixes).
- scsi: iscsi: Do not destroy session if there are outstanding connections
(git-fixes).
- scsi: iscsi: Do not put host in iscsi_set_flashnode_param() (git-fixes).
- scsi: iscsi: Do not send data to unbound connection (git-fixes).
- scsi: iscsi: Fix reference count leak in iscsi_boot_create_kobj
(git-fixes).
- scsi: iscsi: Fix shost->max_id use (git-fixes).
- scsi: iscsi: Report unbind session event when the target has been
removed (git-fixes).
- scsi: iscsi: Unblock session then wake up error handler (git-fixes).
- scsi: libfc: Fix a format specifier (git-fixes).
- scsi: libfc: Fix use after free in fc_exch_abts_resp() (git-fixes).
- scsi: libiscsi: Fix UAF in iscsi_conn_get_param()/iscsi_conn_teardown()
(git-fixes).
- scsi: libiscsi: Fix iscsi_prep_scsi_cmd_pdu() error handling (git-fixes).
- scsi: libsas: Add LUN number check in .slave_alloc callback (git-fixes).
- scsi: megaraid: Fix error check return value of register_chrdev()
(git-fixes).
- scsi: megaraid_mm: Fix end of loop tests for list_for_each_entry()
(git-fixes).
- scsi: megaraid_sas: Fix double kfree() (git-fixes).
- scsi: megaraid_sas: Fix resource leak in case of probe failure
(git-fixes).
- scsi: megaraid_sas: Handle missing interrupts while re-enabling IRQs
(git-fixes).
- scsi: mpi3mr: Refer CONFIG_SCSI_MPI3MR in Makefile (git-fixes).
- scsi: mpt3sas: Block PCI config access from userspace during reset
(git-fixes).
- scsi: mpt3sas: Fix possible resource leaks in
mpt3sas_transport_port_add() (git-fixes).
- scsi: mpt3sas: Fix timeouts observed while reenabling IRQ (git-fixes).
- scsi: mpt3sas: Increase IOCInit request timeout to 30s (git-fixes).
- scsi: mvsas: Add PCI ID of RocketRaid 2640 (git-fixes).
- scsi: mvsas: Replace snprintf() with sysfs_emit() (git-fixes).
- scsi: mvumi: Fix error return in mvumi_io_attach() (git-fixes).
- scsi: myrb: Fix up null pointer access on myrb_cleanup() (git-fixes).
- scsi: myrs: Fix crash in error case (git-fixes).
- scsi: pm8001: Fix pm8001_mpi_task_abort_resp() (git-fixes).
- scsi: pm: Balance pm_only counter of request queue during system resume
(git-fixes).
- scsi: pmcraid: Fix missing resource cleanup in error case (git-fixes).
- scsi: qedf: Add check to synchronize abort and flush (git-fixes).
- scsi: qedf: Fix a UAF bug in __qedf_probe() (git-fixes).
- scsi: qedf: Fix refcount issue when LOGO is received during TMF
(git-fixes).
- scsi: qedf: Return SUCCESS if stale rport is encountered (git-fixes).
- scsi: qedi: Fix failed disconnect handling (git-fixes).
- scsi: qedi: Fix list_del corruption while removing active I/O
(git-fixes).
- scsi: qedi: Fix null ref during abort handling (git-fixes).
- scsi: qedi: Protect active command list to avoid list corruption
(git-fixes).
- scsi: scsi_debug: Fix a warning in resp_write_scat() (git-fixes).
- scsi: scsi_debug: Fix possible UAF in sdebug_add_host_helper()
(git-fixes).
- scsi: scsi_debug: Fix possible name leak in sdebug_add_host_helper()
(git-fixes).
- scsi: scsi_debug: num_tgts must be >= 0 (git-fixes).
- scsi: scsi_dh_alua: Check for negative result value (git-fixes).
- scsi: scsi_dh_alua: Fix signedness bug in alua_rtpg() (git-fixes).
- scsi: scsi_dh_alua: Remove check for ASC 24h in alua_rtpg() (git-fixes).
- scsi: scsi_dh_rdac: Avoid crash during rdac_bus_attach() (git-fixes).
- scsi: scsi_transport_spi: Fix function pointer check (git-fixes).
- scsi: scsi_transport_spi: Set RQF_PM for domain validation commands
(git-fixes).
- scsi: sd: Free scsi_disk device via put_device() (git-fixes).
- scsi: sd: Suppress spurious errors when WRITE SAME is being disabled
(git-fixes).
- scsi: ses: Fix unsigned comparison with less than zero (git-fixes).
- scsi: ses: Retry failed Send/Receive Diagnostic commands (git-fixes).
- scsi: snic: Fix possible UAF in snic_tgt_create() (git-fixes).
- scsi: sr: Do not use GFP_DMA (git-fixes).
- scsi: sr: Fix sr_probe() missing deallocate of device minor (git-fixes).
- scsi: sr: Return appropriate error code when disk is ejected (git-fixes).
- scsi: sr: Return correct event when media event code is 3 (git-fixes).
- scsi: st: Fix a use after free in st_open() (git-fixes).
- scsi: ufs-pci: Ensure UFS device is in PowerDown mode for
suspend-to-disk ->poweroff() (git-fixes).
- scsi: ufs: Add DELAY_BEFORE_LPM quirk for Micron devices (git-fixes).
- scsi: ufs: Clean up completed request without interrupt notification
(git-fixes).
- scsi: ufs: Fix a race condition in the tracing code (git-fixes).
- scsi: ufs: Fix error handing during hibern8 enter (git-fixes).
- scsi: ufs: Fix illegal offset in UPIU event trace (git-fixes).
- scsi: ufs: Fix interrupt error message for shared interrupts (git-fixes).
- scsi: ufs: Fix irq return code (git-fixes).
- scsi: ufs: Fix possible infinite loop in ufshcd_hold (git-fixes).
- scsi: ufs: Fix tm request when non-fatal error happens (git-fixes).
- scsi: ufs: Fix unbalanced scsi_block_reqs_cnt caused by ufshcd_hold()
(git-fixes).
- scsi: ufs: Fix up auto hibern8 enablement (git-fixes).
- scsi: ufs: Fix wrong print message in dev_err() (git-fixes).
- scsi: ufs: Improve interrupt handling for shared interrupts (git-fixes).
- scsi: ufs: Make sure clk scaling happens only when HBA is runtime ACTIVE
(git-fixes).
- scsi: ufs: Make ufshcd_add_command_trace() easier to read (git-fixes).
- scsi: ufs: fix potential bug which ends in system hang (git-fixes).
- scsi: ufs: ufs-qcom: Fix race conditions caused by
ufs_qcom_testbus_config() (git-fixes).
- scsi: virtio_scsi: Fix spelling mistake "Unsupport" -> "Unsupported"
(git-fixes).
- scsi: vmw_pvscsi: Expand vcpuHint to 16 bits (git-fixes).
- scsi: vmw_pvscsi: Set correct residual data length (git-fixes).
- scsi: vmw_pvscsi: Set residual data length conditionally (git-fixes).
- sctp: fail if no bound addresses can be used for a given scope
(bsc#1206677).
- watchdog: diag288_wdt: do not use stack buffers for hardware data
(bsc#1207497).
- watchdog: diag288_wdt: fix __diag288() inline assembly (bsc#1207497).
Special Instructions and Notes:
Please reboot the system after installing this update.
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap Micro 5.2:
zypper in -t patch openSUSE-Leap-Micro-5.2-2023-409=1
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2023-409=1
- SUSE Manager Server 4.2:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.2-2023-409=1
- SUSE Manager Retail Branch Server 4.2:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.2-2023-409=1
- SUSE Manager Proxy 4.2:
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.2-2023-409=1
- SUSE Linux Enterprise Server for SAP 15-SP3:
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2023-409=1
- SUSE Linux Enterprise Server 15-SP3-LTSS:
zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2023-409=1
- SUSE Linux Enterprise Realtime Extension 15-SP3:
zypper in -t patch SUSE-SLE-Product-RT-15-SP3-2023-409=1
- SUSE Linux Enterprise Module for Live Patching 15-SP3:
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2023-409=1
Please note that this is the initial kernel livepatch without fixes
itself, this livepatch package is later updated by seperate standalone
livepatch updates.
- SUSE Linux Enterprise Micro 5.2:
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2023-409=1
- SUSE Linux Enterprise Micro 5.1:
zypper in -t patch SUSE-SUSE-MicroOS-5.1-2023-409=1
- SUSE Linux Enterprise High Performance Computing 15-SP3-LTSS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2023-409=1
- SUSE Linux Enterprise High Performance Computing 15-SP3-ESPOS:
zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-ESPOS-2023-409=1
- SUSE Linux Enterprise High Availability 15-SP3:
zypper in -t patch SUSE-SLE-Product-HA-15-SP3-2023-409=1
- SUSE Enterprise Storage 7.1:
zypper in -t patch SUSE-Storage-7.1-2023-409=1
Package List:
- openSUSE Leap Micro 5.2 (aarch64 x86_64):
kernel-default-5.3.18-150300.59.112.1
kernel-default-base-5.3.18-150300.59.112.1.150300.18.64.1
kernel-default-debuginfo-5.3.18-150300.59.112.1
kernel-default-debugsource-5.3.18-150300.59.112.1
- openSUSE Leap 15.4 (aarch64):
dtb-al-5.3.18-150300.59.112.1
dtb-zte-5.3.18-150300.59.112.1
- SUSE Manager Server 4.2 (ppc64le s390x x86_64):
kernel-default-5.3.18-150300.59.112.1
kernel-default-base-5.3.18-150300.59.112.1.150300.18.64.1
kernel-default-debuginfo-5.3.18-150300.59.112.1
kernel-default-debugsource-5.3.18-150300.59.112.1
kernel-default-devel-5.3.18-150300.59.112.1
kernel-default-devel-debuginfo-5.3.18-150300.59.112.1
- SUSE Manager Server 4.2 (x86_64):
kernel-preempt-5.3.18-150300.59.112.1
kernel-preempt-debuginfo-5.3.18-150300.59.112.1
kernel-preempt-debugsource-5.3.18-150300.59.112.1
- SUSE Manager Server 4.2 (noarch):
kernel-devel-5.3.18-150300.59.112.1
kernel-macros-5.3.18-150300.59.112.1
- SUSE Manager Server 4.2 (s390x):
kernel-zfcpdump-5.3.18-150300.59.112.1
kernel-zfcpdump-debuginfo-5.3.18-150300.59.112.1
kernel-zfcpdump-debugsource-5.3.18-150300.59.112.1
- SUSE Manager Retail Branch Server 4.2 (x86_64):
kernel-default-5.3.18-150300.59.112.1
kernel-default-base-5.3.18-150300.59.112.1.150300.18.64.1
kernel-default-debuginfo-5.3.18-150300.59.112.1
kernel-default-debugsource-5.3.18-150300.59.112.1
kernel-default-devel-5.3.18-150300.59.112.1
kernel-default-devel-debuginfo-5.3.18-150300.59.112.1
kernel-preempt-5.3.18-150300.59.112.1
kernel-preempt-debuginfo-5.3.18-150300.59.112.1
kernel-preempt-debugsource-5.3.18-150300.59.112.1
- SUSE Manager Retail Branch Server 4.2 (noarch):
kernel-devel-5.3.18-150300.59.112.1
kernel-macros-5.3.18-150300.59.112.1
- SUSE Manager Proxy 4.2 (noarch):
kernel-devel-5.3.18-150300.59.112.1
kernel-macros-5.3.18-150300.59.112.1
- SUSE Manager Proxy 4.2 (x86_64):
kernel-default-5.3.18-150300.59.112.1
kernel-default-base-5.3.18-150300.59.112.1.150300.18.64.1
kernel-default-debuginfo-5.3.18-150300.59.112.1
kernel-default-debugsource-5.3.18-150300.59.112.1
kernel-default-devel-5.3.18-150300.59.112.1
kernel-default-devel-debuginfo-5.3.18-150300.59.112.1
kernel-preempt-5.3.18-150300.59.112.1
kernel-preempt-debuginfo-5.3.18-150300.59.112.1
kernel-preempt-debugsource-5.3.18-150300.59.112.1
- SUSE Linux Enterprise Server for SAP 15-SP3 (ppc64le x86_64):
kernel-default-5.3.18-150300.59.112.1
kernel-default-base-5.3.18-150300.59.112.1.150300.18.64.1
kernel-default-debuginfo-5.3.18-150300.59.112.1
kernel-default-debugsource-5.3.18-150300.59.112.1
kernel-default-devel-5.3.18-150300.59.112.1
kernel-default-devel-debuginfo-5.3.18-150300.59.112.1
kernel-obs-build-5.3.18-150300.59.112.1
kernel-obs-build-debugsource-5.3.18-150300.59.112.1
kernel-syms-5.3.18-150300.59.112.1
reiserfs-kmp-default-5.3.18-150300.59.112.1
reiserfs-kmp-default-debuginfo-5.3.18-150300.59.112.1
- SUSE Linux Enterprise Server for SAP 15-SP3 (noarch):
kernel-devel-5.3.18-150300.59.112.1
kernel-docs-5.3.18-150300.59.112.1
kernel-macros-5.3.18-150300.59.112.1
kernel-source-5.3.18-150300.59.112.1
- SUSE Linux Enterprise Server for SAP 15-SP3 (x86_64):
kernel-preempt-5.3.18-150300.59.112.1
kernel-preempt-debuginfo-5.3.18-150300.59.112.1
kernel-preempt-debugsource-5.3.18-150300.59.112.1
kernel-preempt-devel-5.3.18-150300.59.112.1
kernel-preempt-devel-debuginfo-5.3.18-150300.59.112.1
- SUSE Linux Enterprise Server 15-SP3-LTSS (aarch64 ppc64le s390x x86_64):
kernel-default-5.3.18-150300.59.112.1
kernel-default-base-5.3.18-150300.59.112.1.150300.18.64.1
kernel-default-debuginfo-5.3.18-150300.59.112.1
kernel-default-debugsource-5.3.18-150300.59.112.1
kernel-default-devel-5.3.18-150300.59.112.1
kernel-default-devel-debuginfo-5.3.18-150300.59.112.1
kernel-obs-build-5.3.18-150300.59.112.1
kernel-obs-build-debugsource-5.3.18-150300.59.112.1
kernel-syms-5.3.18-150300.59.112.1
reiserfs-kmp-default-5.3.18-150300.59.112.1
reiserfs-kmp-default-debuginfo-5.3.18-150300.59.112.1
- SUSE Linux Enterprise Server 15-SP3-LTSS (aarch64 x86_64):
kernel-preempt-5.3.18-150300.59.112.1
kernel-preempt-debuginfo-5.3.18-150300.59.112.1
kernel-preempt-debugsource-5.3.18-150300.59.112.1
kernel-preempt-devel-5.3.18-150300.59.112.1
kernel-preempt-devel-debuginfo-5.3.18-150300.59.112.1
- SUSE Linux Enterprise Server 15-SP3-LTSS (aarch64):
kernel-64kb-5.3.18-150300.59.112.1
kernel-64kb-debuginfo-5.3.18-150300.59.112.1
kernel-64kb-debugsource-5.3.18-150300.59.112.1
kernel-64kb-devel-5.3.18-150300.59.112.1
kernel-64kb-devel-debuginfo-5.3.18-150300.59.112.1
- SUSE Linux Enterprise Server 15-SP3-LTSS (noarch):
kernel-devel-5.3.18-150300.59.112.1
kernel-docs-5.3.18-150300.59.112.1
kernel-macros-5.3.18-150300.59.112.1
kernel-source-5.3.18-150300.59.112.1
- SUSE Linux Enterprise Server 15-SP3-LTSS (s390x):
kernel-zfcpdump-5.3.18-150300.59.112.1
kernel-zfcpdump-debuginfo-5.3.18-150300.59.112.1
kernel-zfcpdump-debugsource-5.3.18-150300.59.112.1
- SUSE Linux Enterprise Realtime Extension 15-SP3 (x86_64):
kernel-default-5.3.18-150300.59.112.1
kernel-default-base-5.3.18-150300.59.112.1.150300.18.64.1
kernel-default-debuginfo-5.3.18-150300.59.112.1
kernel-default-debugsource-5.3.18-150300.59.112.1
kernel-default-devel-5.3.18-150300.59.112.1
kernel-default-devel-debuginfo-5.3.18-150300.59.112.1
kernel-obs-build-5.3.18-150300.59.112.1
kernel-obs-build-debugsource-5.3.18-150300.59.112.1
kernel-preempt-5.3.18-150300.59.112.1
kernel-preempt-debuginfo-5.3.18-150300.59.112.1
kernel-preempt-debugsource-5.3.18-150300.59.112.1
kernel-preempt-devel-5.3.18-150300.59.112.1
kernel-preempt-devel-debuginfo-5.3.18-150300.59.112.1
kernel-syms-5.3.18-150300.59.112.1
- SUSE Linux Enterprise Realtime Extension 15-SP3 (noarch):
kernel-devel-5.3.18-150300.59.112.1
kernel-docs-5.3.18-150300.59.112.1
kernel-macros-5.3.18-150300.59.112.1
kernel-source-5.3.18-150300.59.112.1
- SUSE Linux Enterprise Module for Live Patching 15-SP3 (ppc64le s390x x86_64):
kernel-default-debuginfo-5.3.18-150300.59.112.1
kernel-default-debugsource-5.3.18-150300.59.112.1
kernel-default-livepatch-5.3.18-150300.59.112.1
kernel-default-livepatch-devel-5.3.18-150300.59.112.1
kernel-livepatch-5_3_18-150300_59_112-default-1-150300.7.3.1
- SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64):
kernel-default-5.3.18-150300.59.112.1
kernel-default-base-5.3.18-150300.59.112.1.150300.18.64.1
kernel-default-debuginfo-5.3.18-150300.59.112.1
kernel-default-debugsource-5.3.18-150300.59.112.1
- SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64):
kernel-default-5.3.18-150300.59.112.1
kernel-default-base-5.3.18-150300.59.112.1.150300.18.64.1
kernel-default-debuginfo-5.3.18-150300.59.112.1
kernel-default-debugsource-5.3.18-150300.59.112.1
- SUSE Linux Enterprise High Performance Computing 15-SP3-LTSS (aarch64 x86_64):
kernel-default-5.3.18-150300.59.112.1
kernel-default-base-5.3.18-150300.59.112.1.150300.18.64.1
kernel-default-debuginfo-5.3.18-150300.59.112.1
kernel-default-debugsource-5.3.18-150300.59.112.1
kernel-default-devel-5.3.18-150300.59.112.1
kernel-default-devel-debuginfo-5.3.18-150300.59.112.1
kernel-obs-build-5.3.18-150300.59.112.1
kernel-obs-build-debugsource-5.3.18-150300.59.112.1
kernel-preempt-5.3.18-150300.59.112.1
kernel-preempt-debuginfo-5.3.18-150300.59.112.1
kernel-preempt-debugsource-5.3.18-150300.59.112.1
kernel-preempt-devel-5.3.18-150300.59.112.1
kernel-preempt-devel-debuginfo-5.3.18-150300.59.112.1
kernel-syms-5.3.18-150300.59.112.1
reiserfs-kmp-default-5.3.18-150300.59.112.1
reiserfs-kmp-default-debuginfo-5.3.18-150300.59.112.1
- SUSE Linux Enterprise High Performance Computing 15-SP3-LTSS (aarch64):
kernel-64kb-5.3.18-150300.59.112.1
kernel-64kb-debuginfo-5.3.18-150300.59.112.1
kernel-64kb-debugsource-5.3.18-150300.59.112.1
kernel-64kb-devel-5.3.18-150300.59.112.1
kernel-64kb-devel-debuginfo-5.3.18-150300.59.112.1
- SUSE Linux Enterprise High Performance Computing 15-SP3-LTSS (noarch):
kernel-devel-5.3.18-150300.59.112.1
kernel-docs-5.3.18-150300.59.112.1
kernel-macros-5.3.18-150300.59.112.1
kernel-source-5.3.18-150300.59.112.1
- SUSE Linux Enterprise High Performance Computing 15-SP3-ESPOS (aarch64 x86_64):
kernel-default-5.3.18-150300.59.112.1
kernel-default-base-5.3.18-150300.59.112.1.150300.18.64.1
kernel-default-debuginfo-5.3.18-150300.59.112.1
kernel-default-debugsource-5.3.18-150300.59.112.1
kernel-default-devel-5.3.18-150300.59.112.1
kernel-default-devel-debuginfo-5.3.18-150300.59.112.1
kernel-obs-build-5.3.18-150300.59.112.1
kernel-obs-build-debugsource-5.3.18-150300.59.112.1
kernel-preempt-5.3.18-150300.59.112.1
kernel-preempt-debuginfo-5.3.18-150300.59.112.1
kernel-preempt-debugsource-5.3.18-150300.59.112.1
kernel-preempt-devel-5.3.18-150300.59.112.1
kernel-preempt-devel-debuginfo-5.3.18-150300.59.112.1
kernel-syms-5.3.18-150300.59.112.1
reiserfs-kmp-default-5.3.18-150300.59.112.1
reiserfs-kmp-default-debuginfo-5.3.18-150300.59.112.1
- SUSE Linux Enterprise High Performance Computing 15-SP3-ESPOS (aarch64):
kernel-64kb-5.3.18-150300.59.112.1
kernel-64kb-debuginfo-5.3.18-150300.59.112.1
kernel-64kb-debugsource-5.3.18-150300.59.112.1
kernel-64kb-devel-5.3.18-150300.59.112.1
kernel-64kb-devel-debuginfo-5.3.18-150300.59.112.1
- SUSE Linux Enterprise High Performance Computing 15-SP3-ESPOS (noarch):
kernel-devel-5.3.18-150300.59.112.1
kernel-docs-5.3.18-150300.59.112.1
kernel-macros-5.3.18-150300.59.112.1
kernel-source-5.3.18-150300.59.112.1
- SUSE Linux Enterprise High Availability 15-SP3 (aarch64 ppc64le s390x x86_64):
cluster-md-kmp-default-5.3.18-150300.59.112.1
cluster-md-kmp-default-debuginfo-5.3.18-150300.59.112.1
dlm-kmp-default-5.3.18-150300.59.112.1
dlm-kmp-default-debuginfo-5.3.18-150300.59.112.1
gfs2-kmp-default-5.3.18-150300.59.112.1
gfs2-kmp-default-debuginfo-5.3.18-150300.59.112.1
kernel-default-debuginfo-5.3.18-150300.59.112.1
kernel-default-debugsource-5.3.18-150300.59.112.1
ocfs2-kmp-default-5.3.18-150300.59.112.1
ocfs2-kmp-default-debuginfo-5.3.18-150300.59.112.1
- SUSE Enterprise Storage 7.1 (aarch64 x86_64):
kernel-default-5.3.18-150300.59.112.1
kernel-default-base-5.3.18-150300.59.112.1.150300.18.64.1
kernel-default-debuginfo-5.3.18-150300.59.112.1
kernel-default-debugsource-5.3.18-150300.59.112.1
kernel-default-devel-5.3.18-150300.59.112.1
kernel-default-devel-debuginfo-5.3.18-150300.59.112.1
kernel-obs-build-5.3.18-150300.59.112.1
kernel-obs-build-debugsource-5.3.18-150300.59.112.1
kernel-preempt-5.3.18-150300.59.112.1
kernel-preempt-debuginfo-5.3.18-150300.59.112.1
kernel-preempt-debugsource-5.3.18-150300.59.112.1
kernel-preempt-devel-5.3.18-150300.59.112.1
kernel-preempt-devel-debuginfo-5.3.18-150300.59.112.1
kernel-syms-5.3.18-150300.59.112.1
reiserfs-kmp-default-5.3.18-150300.59.112.1
reiserfs-kmp-default-debuginfo-5.3.18-150300.59.112.1
- SUSE Enterprise Storage 7.1 (aarch64):
kernel-64kb-5.3.18-150300.59.112.1
kernel-64kb-debuginfo-5.3.18-150300.59.112.1
kernel-64kb-debugsource-5.3.18-150300.59.112.1
kernel-64kb-devel-5.3.18-150300.59.112.1
kernel-64kb-devel-debuginfo-5.3.18-150300.59.112.1
- SUSE Enterprise Storage 7.1 (noarch):
kernel-devel-5.3.18-150300.59.112.1
kernel-docs-5.3.18-150300.59.112.1
kernel-macros-5.3.18-150300.59.112.1
kernel-source-5.3.18-150300.59.112.1
References:
https://www.suse.com/security/cve/CVE-2022-3606.html
https://www.suse.com/security/cve/CVE-2023-0179.html
https://bugzilla.suse.com/1195175
https://bugzilla.suse.com/1204502
https://bugzilla.suse.com/1206677
https://bugzilla.suse.com/1207034
https://bugzilla.suse.com/1207497
https://bugzilla.suse.com/1207508
https://bugzilla.suse.com/1207769
https://bugzilla.suse.com/1207878
1
0
SUSE-SU-2023:0411-1: critical: Security update for haproxy
by opensuse-security@opensuse.org 14 Feb '23
by opensuse-security@opensuse.org 14 Feb '23
14 Feb '23
SUSE Security Update: Security update for haproxy
______________________________________________________________________________
Announcement ID: SUSE-SU-2023:0411-1
Rating: critical
References: #1208132
Cross-References: CVE-2023-25725
CVSS scores:
CVE-2023-25725 (SUSE): 9.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:L
Affected Products:
SUSE Linux Enterprise High Availability 15-SP4
SUSE Linux Enterprise Micro 5.3
openSUSE Leap 15.4
openSUSE Leap Micro 5.3
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for haproxy fixes the following issues:
- CVE-2023-25725: Fixed a serious vulnerability in the HTTP/1 parser
(bsc#1208132).
- Fixed an issue where sensitive data might leak to the backend.
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap Micro 5.3:
zypper in -t patch openSUSE-Leap-Micro-5.3-2023-411=1
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2023-411=1
- SUSE Linux Enterprise Micro 5.3:
zypper in -t patch SUSE-SLE-Micro-5.3-2023-411=1
- SUSE Linux Enterprise High Availability 15-SP4:
zypper in -t patch SUSE-SLE-Product-HA-15-SP4-2023-411=1
Package List:
- openSUSE Leap Micro 5.3 (aarch64 x86_64):
haproxy-2.4.8+git0.d1f8d41e0-150400.3.10.1
haproxy-debuginfo-2.4.8+git0.d1f8d41e0-150400.3.10.1
haproxy-debugsource-2.4.8+git0.d1f8d41e0-150400.3.10.1
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
haproxy-2.4.8+git0.d1f8d41e0-150400.3.10.1
haproxy-debuginfo-2.4.8+git0.d1f8d41e0-150400.3.10.1
haproxy-debugsource-2.4.8+git0.d1f8d41e0-150400.3.10.1
- SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64):
haproxy-2.4.8+git0.d1f8d41e0-150400.3.10.1
haproxy-debuginfo-2.4.8+git0.d1f8d41e0-150400.3.10.1
haproxy-debugsource-2.4.8+git0.d1f8d41e0-150400.3.10.1
- SUSE Linux Enterprise High Availability 15-SP4 (aarch64 ppc64le s390x x86_64):
haproxy-2.4.8+git0.d1f8d41e0-150400.3.10.1
haproxy-debuginfo-2.4.8+git0.d1f8d41e0-150400.3.10.1
haproxy-debugsource-2.4.8+git0.d1f8d41e0-150400.3.10.1
References:
https://www.suse.com/security/cve/CVE-2023-25725.html
https://bugzilla.suse.com/1208132
1
0
SUSE-SU-2023:0405-1: important: Security update for libbpf
by opensuse-security@opensuse.org 14 Feb '23
by opensuse-security@opensuse.org 14 Feb '23
14 Feb '23
SUSE Security Update: Security update for libbpf
______________________________________________________________________________
Announcement ID: SUSE-SU-2023:0405-1
Rating: important
References: #1204391 #1204502
Cross-References: CVE-2022-3534 CVE-2022-3606
CVSS scores:
CVE-2022-3534 (NVD) : 8 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3534 (SUSE): 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
CVE-2022-3606 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3606 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Affected Products:
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for libbpf fixes the following issues:
- CVE-2022-3534: Fixed use-after-free in btf_dump_name_dups
(bsc#1204391).
- CVE-2022-3606: Fixed null pointer dereference in
find_prog_by_sec_insn() (bsc#1204502).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2023-405=1
- SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2023-405=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
libbpf-debugsource-0.5.0-150400.3.3.1
libbpf-devel-0.5.0-150400.3.3.1
libbpf0-0.5.0-150400.3.3.1
libbpf0-debuginfo-0.5.0-150400.3.3.1
- openSUSE Leap 15.4 (x86_64):
libbpf0-32bit-0.5.0-150400.3.3.1
libbpf0-32bit-debuginfo-0.5.0-150400.3.3.1
- SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64 ppc64le s390x x86_64):
libbpf-debugsource-0.5.0-150400.3.3.1
libbpf0-0.5.0-150400.3.3.1
libbpf0-debuginfo-0.5.0-150400.3.3.1
References:
https://www.suse.com/security/cve/CVE-2022-3534.html
https://www.suse.com/security/cve/CVE-2022-3606.html
https://bugzilla.suse.com/1204391
https://bugzilla.suse.com/1204502
1
0
SUSE-FU-2023:0401-1: moderate: Feature update for LibreOffice
by maintenance@opensuse.org 14 Feb '23
by maintenance@opensuse.org 14 Feb '23
14 Feb '23
SUSE Feature Update: Feature update for LibreOffice
______________________________________________________________________________
Announcement ID: SUSE-FU-2023:0401-1
Rating: moderate
References: PED-1785
Affected Products:
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Linux Enterprise Workstation Extension 15-SP4
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that has 0 feature fixes and contains one feature
can now be installed.
Description:
This update for LibreOffice fixes the following issues:
libreoffice:
- Version update from 7.3.6.2 to 7.4.3.2 (jsc#PED-1785):
* For the highlights of changes of version 7.4 please consult the
official release notes:
https://wiki.documentfoundation.org/ReleaseNotes/7.4
* Updated bundled dependencies:
* boost version update from 1_77_0 to 1_79_0
* curl version update from 7.83.1 to 7.86.0
* icu4c-data version update from 70_1 to 71_1
* icu4c version update from 70_1 to 71_1
* pdfium version update from 4699 to 5058
* poppler version update from 21.11.0 to 22.09.0
* poppler-data version update from 0.4.10 to 0.4.11
* skia version from m97-a7230803d64ae9d44f4e128244480111a3ae967 to
m103-b301ff025004c9cd82816c86c547588e6c24b466
* New build dependencies:
* fixmath-devel
* libwebp-devel
* zlib-devel
* dragonbox-devel
* at-spi2-core-devel
* libtiff-devel
dragonbox:
- New package at version 1.1.3
* New dependency for LibreOffice 7.4
fixmath:
- New package at version 2022.07.20
* New dependency for LibreOffice 7.4
libmwaw:
- Version update from 0.3.20 to 0.3.21 (jsc#PED-1785):
* add debug code to read some private rsrc data
* allow to read some MacWrite which does not have printer informations
* add a parser for Scoop files
* add a parser for ScriptWriter files
* add a parser for ReadySetGo 1-4 files
Patch Instructions:
To install this SUSE Feature Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2023-401=1
- SUSE Linux Enterprise Workstation Extension 15-SP4:
zypper in -t patch SUSE-SLE-Product-WE-15-SP4-2023-401=1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4:
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP4-2023-401=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
dragonbox-devel-1.1.3-150400.9.3.2
fixmath-debugsource-2022.07.20-150400.9.3.2
fixmath-devel-2022.07.20-150400.9.3.2
fixmath-devel-debuginfo-2022.07.20-150400.9.3.2
libmwaw-0_3-3-0.3.21-150000.4.17.7
libmwaw-0_3-3-debuginfo-0.3.21-150000.4.17.7
libmwaw-debuginfo-0.3.21-150000.4.17.7
libmwaw-debugsource-0.3.21-150000.4.17.7
libmwaw-devel-0.3.21-150000.4.17.7
libmwaw-tools-0.3.21-150000.4.17.7
libmwaw-tools-debuginfo-0.3.21-150000.4.17.7
- openSUSE Leap 15.4 (aarch64 ppc64le x86_64):
libreoffice-7.4.3.2-150400.17.3.8
libreoffice-base-7.4.3.2-150400.17.3.8
libreoffice-base-debuginfo-7.4.3.2-150400.17.3.8
libreoffice-base-drivers-postgresql-7.4.3.2-150400.17.3.8
libreoffice-base-drivers-postgresql-debuginfo-7.4.3.2-150400.17.3.8
libreoffice-calc-7.4.3.2-150400.17.3.8
libreoffice-calc-debuginfo-7.4.3.2-150400.17.3.8
libreoffice-calc-extensions-7.4.3.2-150400.17.3.8
libreoffice-debuginfo-7.4.3.2-150400.17.3.8
libreoffice-debugsource-7.4.3.2-150400.17.3.8
libreoffice-draw-7.4.3.2-150400.17.3.8
libreoffice-draw-debuginfo-7.4.3.2-150400.17.3.8
libreoffice-filters-optional-7.4.3.2-150400.17.3.8
libreoffice-gnome-7.4.3.2-150400.17.3.8
libreoffice-gnome-debuginfo-7.4.3.2-150400.17.3.8
libreoffice-gtk3-7.4.3.2-150400.17.3.8
libreoffice-gtk3-debuginfo-7.4.3.2-150400.17.3.8
libreoffice-impress-7.4.3.2-150400.17.3.8
libreoffice-impress-debuginfo-7.4.3.2-150400.17.3.8
libreoffice-librelogo-7.4.3.2-150400.17.3.8
libreoffice-mailmerge-7.4.3.2-150400.17.3.8
libreoffice-math-7.4.3.2-150400.17.3.8
libreoffice-math-debuginfo-7.4.3.2-150400.17.3.8
libreoffice-officebean-7.4.3.2-150400.17.3.8
libreoffice-officebean-debuginfo-7.4.3.2-150400.17.3.8
libreoffice-pyuno-7.4.3.2-150400.17.3.8
libreoffice-pyuno-debuginfo-7.4.3.2-150400.17.3.8
libreoffice-qt5-7.4.3.2-150400.17.3.8
libreoffice-qt5-debuginfo-7.4.3.2-150400.17.3.8
libreoffice-sdk-7.4.3.2-150400.17.3.8
libreoffice-sdk-debuginfo-7.4.3.2-150400.17.3.8
libreoffice-sdk-doc-7.4.3.2-150400.17.3.8
libreoffice-writer-7.4.3.2-150400.17.3.8
libreoffice-writer-debuginfo-7.4.3.2-150400.17.3.8
libreoffice-writer-extensions-7.4.3.2-150400.17.3.8
libreofficekit-7.4.3.2-150400.17.3.8
libreofficekit-devel-7.4.3.2-150400.17.3.8
- openSUSE Leap 15.4 (noarch):
libmwaw-devel-doc-0.3.21-150000.4.17.7
libreoffice-branding-upstream-7.4.3.2-150400.17.3.8
libreoffice-gdb-pretty-printers-7.4.3.2-150400.17.3.8
libreoffice-glade-7.4.3.2-150400.17.3.8
libreoffice-icon-themes-7.4.3.2-150400.17.3.8
libreoffice-l10n-af-7.4.3.2-150400.17.3.8
libreoffice-l10n-am-7.4.3.2-150400.17.3.8
libreoffice-l10n-ar-7.4.3.2-150400.17.3.8
libreoffice-l10n-as-7.4.3.2-150400.17.3.8
libreoffice-l10n-ast-7.4.3.2-150400.17.3.8
libreoffice-l10n-be-7.4.3.2-150400.17.3.8
libreoffice-l10n-bg-7.4.3.2-150400.17.3.8
libreoffice-l10n-bn-7.4.3.2-150400.17.3.8
libreoffice-l10n-bn_IN-7.4.3.2-150400.17.3.8
libreoffice-l10n-bo-7.4.3.2-150400.17.3.8
libreoffice-l10n-br-7.4.3.2-150400.17.3.8
libreoffice-l10n-brx-7.4.3.2-150400.17.3.8
libreoffice-l10n-bs-7.4.3.2-150400.17.3.8
libreoffice-l10n-ca-7.4.3.2-150400.17.3.8
libreoffice-l10n-ca_valencia-7.4.3.2-150400.17.3.8
libreoffice-l10n-ckb-7.4.3.2-150400.17.3.8
libreoffice-l10n-cs-7.4.3.2-150400.17.3.8
libreoffice-l10n-cy-7.4.3.2-150400.17.3.8
libreoffice-l10n-da-7.4.3.2-150400.17.3.8
libreoffice-l10n-de-7.4.3.2-150400.17.3.8
libreoffice-l10n-dgo-7.4.3.2-150400.17.3.8
libreoffice-l10n-dsb-7.4.3.2-150400.17.3.8
libreoffice-l10n-dz-7.4.3.2-150400.17.3.8
libreoffice-l10n-el-7.4.3.2-150400.17.3.8
libreoffice-l10n-en-7.4.3.2-150400.17.3.8
libreoffice-l10n-en_GB-7.4.3.2-150400.17.3.8
libreoffice-l10n-en_ZA-7.4.3.2-150400.17.3.8
libreoffice-l10n-eo-7.4.3.2-150400.17.3.8
libreoffice-l10n-es-7.4.3.2-150400.17.3.8
libreoffice-l10n-et-7.4.3.2-150400.17.3.8
libreoffice-l10n-eu-7.4.3.2-150400.17.3.8
libreoffice-l10n-fa-7.4.3.2-150400.17.3.8
libreoffice-l10n-fi-7.4.3.2-150400.17.3.8
libreoffice-l10n-fr-7.4.3.2-150400.17.3.8
libreoffice-l10n-fur-7.4.3.2-150400.17.3.8
libreoffice-l10n-fy-7.4.3.2-150400.17.3.8
libreoffice-l10n-ga-7.4.3.2-150400.17.3.8
libreoffice-l10n-gd-7.4.3.2-150400.17.3.8
libreoffice-l10n-gl-7.4.3.2-150400.17.3.8
libreoffice-l10n-gu-7.4.3.2-150400.17.3.8
libreoffice-l10n-gug-7.4.3.2-150400.17.3.8
libreoffice-l10n-he-7.4.3.2-150400.17.3.8
libreoffice-l10n-hi-7.4.3.2-150400.17.3.8
libreoffice-l10n-hr-7.4.3.2-150400.17.3.8
libreoffice-l10n-hsb-7.4.3.2-150400.17.3.8
libreoffice-l10n-hu-7.4.3.2-150400.17.3.8
libreoffice-l10n-id-7.4.3.2-150400.17.3.8
libreoffice-l10n-is-7.4.3.2-150400.17.3.8
libreoffice-l10n-it-7.4.3.2-150400.17.3.8
libreoffice-l10n-ja-7.4.3.2-150400.17.3.8
libreoffice-l10n-ka-7.4.3.2-150400.17.3.8
libreoffice-l10n-kab-7.4.3.2-150400.17.3.8
libreoffice-l10n-kk-7.4.3.2-150400.17.3.8
libreoffice-l10n-km-7.4.3.2-150400.17.3.8
libreoffice-l10n-kmr_Latn-7.4.3.2-150400.17.3.8
libreoffice-l10n-kn-7.4.3.2-150400.17.3.8
libreoffice-l10n-ko-7.4.3.2-150400.17.3.8
libreoffice-l10n-kok-7.4.3.2-150400.17.3.8
libreoffice-l10n-ks-7.4.3.2-150400.17.3.8
libreoffice-l10n-lb-7.4.3.2-150400.17.3.8
libreoffice-l10n-lo-7.4.3.2-150400.17.3.8
libreoffice-l10n-lt-7.4.3.2-150400.17.3.8
libreoffice-l10n-lv-7.4.3.2-150400.17.3.8
libreoffice-l10n-mai-7.4.3.2-150400.17.3.8
libreoffice-l10n-mk-7.4.3.2-150400.17.3.8
libreoffice-l10n-ml-7.4.3.2-150400.17.3.8
libreoffice-l10n-mn-7.4.3.2-150400.17.3.8
libreoffice-l10n-mni-7.4.3.2-150400.17.3.8
libreoffice-l10n-mr-7.4.3.2-150400.17.3.8
libreoffice-l10n-my-7.4.3.2-150400.17.3.8
libreoffice-l10n-nb-7.4.3.2-150400.17.3.8
libreoffice-l10n-ne-7.4.3.2-150400.17.3.8
libreoffice-l10n-nl-7.4.3.2-150400.17.3.8
libreoffice-l10n-nn-7.4.3.2-150400.17.3.8
libreoffice-l10n-nr-7.4.3.2-150400.17.3.8
libreoffice-l10n-nso-7.4.3.2-150400.17.3.8
libreoffice-l10n-oc-7.4.3.2-150400.17.3.8
libreoffice-l10n-om-7.4.3.2-150400.17.3.8
libreoffice-l10n-or-7.4.3.2-150400.17.3.8
libreoffice-l10n-pa-7.4.3.2-150400.17.3.8
libreoffice-l10n-pl-7.4.3.2-150400.17.3.8
libreoffice-l10n-pt_BR-7.4.3.2-150400.17.3.8
libreoffice-l10n-pt_PT-7.4.3.2-150400.17.3.8
libreoffice-l10n-ro-7.4.3.2-150400.17.3.8
libreoffice-l10n-ru-7.4.3.2-150400.17.3.8
libreoffice-l10n-rw-7.4.3.2-150400.17.3.8
libreoffice-l10n-sa_IN-7.4.3.2-150400.17.3.8
libreoffice-l10n-sat-7.4.3.2-150400.17.3.8
libreoffice-l10n-sd-7.4.3.2-150400.17.3.8
libreoffice-l10n-si-7.4.3.2-150400.17.3.8
libreoffice-l10n-sid-7.4.3.2-150400.17.3.8
libreoffice-l10n-sk-7.4.3.2-150400.17.3.8
libreoffice-l10n-sl-7.4.3.2-150400.17.3.8
libreoffice-l10n-sq-7.4.3.2-150400.17.3.8
libreoffice-l10n-sr-7.4.3.2-150400.17.3.8
libreoffice-l10n-ss-7.4.3.2-150400.17.3.8
libreoffice-l10n-st-7.4.3.2-150400.17.3.8
libreoffice-l10n-sv-7.4.3.2-150400.17.3.8
libreoffice-l10n-sw_TZ-7.4.3.2-150400.17.3.8
libreoffice-l10n-szl-7.4.3.2-150400.17.3.8
libreoffice-l10n-ta-7.4.3.2-150400.17.3.8
libreoffice-l10n-te-7.4.3.2-150400.17.3.8
libreoffice-l10n-tg-7.4.3.2-150400.17.3.8
libreoffice-l10n-th-7.4.3.2-150400.17.3.8
libreoffice-l10n-tn-7.4.3.2-150400.17.3.8
libreoffice-l10n-tr-7.4.3.2-150400.17.3.8
libreoffice-l10n-ts-7.4.3.2-150400.17.3.8
libreoffice-l10n-tt-7.4.3.2-150400.17.3.8
libreoffice-l10n-ug-7.4.3.2-150400.17.3.8
libreoffice-l10n-uk-7.4.3.2-150400.17.3.8
libreoffice-l10n-uz-7.4.3.2-150400.17.3.8
libreoffice-l10n-ve-7.4.3.2-150400.17.3.8
libreoffice-l10n-vec-7.4.3.2-150400.17.3.8
libreoffice-l10n-vi-7.4.3.2-150400.17.3.8
libreoffice-l10n-xh-7.4.3.2-150400.17.3.8
libreoffice-l10n-zh_CN-7.4.3.2-150400.17.3.8
libreoffice-l10n-zh_TW-7.4.3.2-150400.17.3.8
libreoffice-l10n-zu-7.4.3.2-150400.17.3.8
- SUSE Linux Enterprise Workstation Extension 15-SP4 (noarch):
libreoffice-branding-upstream-7.4.3.2-150400.17.3.8
libreoffice-icon-themes-7.4.3.2-150400.17.3.8
libreoffice-l10n-af-7.4.3.2-150400.17.3.8
libreoffice-l10n-ar-7.4.3.2-150400.17.3.8
libreoffice-l10n-as-7.4.3.2-150400.17.3.8
libreoffice-l10n-bg-7.4.3.2-150400.17.3.8
libreoffice-l10n-bn-7.4.3.2-150400.17.3.8
libreoffice-l10n-br-7.4.3.2-150400.17.3.8
libreoffice-l10n-ca-7.4.3.2-150400.17.3.8
libreoffice-l10n-ckb-7.4.3.2-150400.17.3.8
libreoffice-l10n-cs-7.4.3.2-150400.17.3.8
libreoffice-l10n-cy-7.4.3.2-150400.17.3.8
libreoffice-l10n-da-7.4.3.2-150400.17.3.8
libreoffice-l10n-de-7.4.3.2-150400.17.3.8
libreoffice-l10n-dz-7.4.3.2-150400.17.3.8
libreoffice-l10n-el-7.4.3.2-150400.17.3.8
libreoffice-l10n-en-7.4.3.2-150400.17.3.8
libreoffice-l10n-eo-7.4.3.2-150400.17.3.8
libreoffice-l10n-es-7.4.3.2-150400.17.3.8
libreoffice-l10n-et-7.4.3.2-150400.17.3.8
libreoffice-l10n-eu-7.4.3.2-150400.17.3.8
libreoffice-l10n-fa-7.4.3.2-150400.17.3.8
libreoffice-l10n-fi-7.4.3.2-150400.17.3.8
libreoffice-l10n-fr-7.4.3.2-150400.17.3.8
libreoffice-l10n-fur-7.4.3.2-150400.17.3.8
libreoffice-l10n-ga-7.4.3.2-150400.17.3.8
libreoffice-l10n-gl-7.4.3.2-150400.17.3.8
libreoffice-l10n-gu-7.4.3.2-150400.17.3.8
libreoffice-l10n-he-7.4.3.2-150400.17.3.8
libreoffice-l10n-hi-7.4.3.2-150400.17.3.8
libreoffice-l10n-hr-7.4.3.2-150400.17.3.8
libreoffice-l10n-hu-7.4.3.2-150400.17.3.8
libreoffice-l10n-it-7.4.3.2-150400.17.3.8
libreoffice-l10n-ja-7.4.3.2-150400.17.3.8
libreoffice-l10n-kk-7.4.3.2-150400.17.3.8
libreoffice-l10n-kn-7.4.3.2-150400.17.3.8
libreoffice-l10n-ko-7.4.3.2-150400.17.3.8
libreoffice-l10n-lt-7.4.3.2-150400.17.3.8
libreoffice-l10n-lv-7.4.3.2-150400.17.3.8
libreoffice-l10n-mai-7.4.3.2-150400.17.3.8
libreoffice-l10n-ml-7.4.3.2-150400.17.3.8
libreoffice-l10n-mr-7.4.3.2-150400.17.3.8
libreoffice-l10n-nb-7.4.3.2-150400.17.3.8
libreoffice-l10n-nl-7.4.3.2-150400.17.3.8
libreoffice-l10n-nn-7.4.3.2-150400.17.3.8
libreoffice-l10n-nr-7.4.3.2-150400.17.3.8
libreoffice-l10n-nso-7.4.3.2-150400.17.3.8
libreoffice-l10n-or-7.4.3.2-150400.17.3.8
libreoffice-l10n-pa-7.4.3.2-150400.17.3.8
libreoffice-l10n-pl-7.4.3.2-150400.17.3.8
libreoffice-l10n-pt_BR-7.4.3.2-150400.17.3.8
libreoffice-l10n-pt_PT-7.4.3.2-150400.17.3.8
libreoffice-l10n-ro-7.4.3.2-150400.17.3.8
libreoffice-l10n-ru-7.4.3.2-150400.17.3.8
libreoffice-l10n-si-7.4.3.2-150400.17.3.8
libreoffice-l10n-sk-7.4.3.2-150400.17.3.8
libreoffice-l10n-sl-7.4.3.2-150400.17.3.8
libreoffice-l10n-sr-7.4.3.2-150400.17.3.8
libreoffice-l10n-ss-7.4.3.2-150400.17.3.8
libreoffice-l10n-st-7.4.3.2-150400.17.3.8
libreoffice-l10n-sv-7.4.3.2-150400.17.3.8
libreoffice-l10n-ta-7.4.3.2-150400.17.3.8
libreoffice-l10n-te-7.4.3.2-150400.17.3.8
libreoffice-l10n-th-7.4.3.2-150400.17.3.8
libreoffice-l10n-tn-7.4.3.2-150400.17.3.8
libreoffice-l10n-tr-7.4.3.2-150400.17.3.8
libreoffice-l10n-ts-7.4.3.2-150400.17.3.8
libreoffice-l10n-uk-7.4.3.2-150400.17.3.8
libreoffice-l10n-ve-7.4.3.2-150400.17.3.8
libreoffice-l10n-xh-7.4.3.2-150400.17.3.8
libreoffice-l10n-zh_CN-7.4.3.2-150400.17.3.8
libreoffice-l10n-zh_TW-7.4.3.2-150400.17.3.8
libreoffice-l10n-zu-7.4.3.2-150400.17.3.8
- SUSE Linux Enterprise Workstation Extension 15-SP4 (x86_64):
dragonbox-devel-1.1.3-150400.9.3.2
fixmath-debugsource-2022.07.20-150400.9.3.2
fixmath-devel-2022.07.20-150400.9.3.2
fixmath-devel-debuginfo-2022.07.20-150400.9.3.2
libmwaw-0_3-3-0.3.21-150000.4.17.7
libmwaw-0_3-3-debuginfo-0.3.21-150000.4.17.7
libmwaw-debuginfo-0.3.21-150000.4.17.7
libmwaw-debugsource-0.3.21-150000.4.17.7
libreoffice-7.4.3.2-150400.17.3.8
libreoffice-base-7.4.3.2-150400.17.3.8
libreoffice-base-debuginfo-7.4.3.2-150400.17.3.8
libreoffice-base-drivers-postgresql-7.4.3.2-150400.17.3.8
libreoffice-base-drivers-postgresql-debuginfo-7.4.3.2-150400.17.3.8
libreoffice-calc-7.4.3.2-150400.17.3.8
libreoffice-calc-debuginfo-7.4.3.2-150400.17.3.8
libreoffice-calc-extensions-7.4.3.2-150400.17.3.8
libreoffice-debuginfo-7.4.3.2-150400.17.3.8
libreoffice-debugsource-7.4.3.2-150400.17.3.8
libreoffice-draw-7.4.3.2-150400.17.3.8
libreoffice-draw-debuginfo-7.4.3.2-150400.17.3.8
libreoffice-filters-optional-7.4.3.2-150400.17.3.8
libreoffice-gnome-7.4.3.2-150400.17.3.8
libreoffice-gnome-debuginfo-7.4.3.2-150400.17.3.8
libreoffice-gtk3-7.4.3.2-150400.17.3.8
libreoffice-gtk3-debuginfo-7.4.3.2-150400.17.3.8
libreoffice-impress-7.4.3.2-150400.17.3.8
libreoffice-impress-debuginfo-7.4.3.2-150400.17.3.8
libreoffice-mailmerge-7.4.3.2-150400.17.3.8
libreoffice-math-7.4.3.2-150400.17.3.8
libreoffice-math-debuginfo-7.4.3.2-150400.17.3.8
libreoffice-officebean-7.4.3.2-150400.17.3.8
libreoffice-officebean-debuginfo-7.4.3.2-150400.17.3.8
libreoffice-pyuno-7.4.3.2-150400.17.3.8
libreoffice-pyuno-debuginfo-7.4.3.2-150400.17.3.8
libreoffice-writer-7.4.3.2-150400.17.3.8
libreoffice-writer-debuginfo-7.4.3.2-150400.17.3.8
libreoffice-writer-extensions-7.4.3.2-150400.17.3.8
libreofficekit-7.4.3.2-150400.17.3.8
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4 (aarch64 ppc64le s390x x86_64):
dragonbox-devel-1.1.3-150400.9.3.2
fixmath-debugsource-2022.07.20-150400.9.3.2
fixmath-devel-2022.07.20-150400.9.3.2
fixmath-devel-debuginfo-2022.07.20-150400.9.3.2
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4 (aarch64 ppc64le s390x):
libmwaw-0_3-3-0.3.21-150000.4.17.7
libmwaw-0_3-3-debuginfo-0.3.21-150000.4.17.7
libmwaw-debuginfo-0.3.21-150000.4.17.7
libmwaw-debugsource-0.3.21-150000.4.17.7
libmwaw-devel-0.3.21-150000.4.17.7
libmwaw-tools-0.3.21-150000.4.17.7
libmwaw-tools-debuginfo-0.3.21-150000.4.17.7
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4 (aarch64 ppc64le):
libreoffice-7.4.3.2-150400.17.3.8
libreoffice-base-7.4.3.2-150400.17.3.8
libreoffice-base-debuginfo-7.4.3.2-150400.17.3.8
libreoffice-base-drivers-postgresql-7.4.3.2-150400.17.3.8
libreoffice-base-drivers-postgresql-debuginfo-7.4.3.2-150400.17.3.8
libreoffice-calc-7.4.3.2-150400.17.3.8
libreoffice-calc-debuginfo-7.4.3.2-150400.17.3.8
libreoffice-calc-extensions-7.4.3.2-150400.17.3.8
libreoffice-debuginfo-7.4.3.2-150400.17.3.8
libreoffice-debugsource-7.4.3.2-150400.17.3.8
libreoffice-draw-7.4.3.2-150400.17.3.8
libreoffice-draw-debuginfo-7.4.3.2-150400.17.3.8
libreoffice-filters-optional-7.4.3.2-150400.17.3.8
libreoffice-gnome-7.4.3.2-150400.17.3.8
libreoffice-gnome-debuginfo-7.4.3.2-150400.17.3.8
libreoffice-gtk3-7.4.3.2-150400.17.3.8
libreoffice-gtk3-debuginfo-7.4.3.2-150400.17.3.8
libreoffice-impress-7.4.3.2-150400.17.3.8
libreoffice-impress-debuginfo-7.4.3.2-150400.17.3.8
libreoffice-librelogo-7.4.3.2-150400.17.3.8
libreoffice-mailmerge-7.4.3.2-150400.17.3.8
libreoffice-math-7.4.3.2-150400.17.3.8
libreoffice-math-debuginfo-7.4.3.2-150400.17.3.8
libreoffice-officebean-7.4.3.2-150400.17.3.8
libreoffice-officebean-debuginfo-7.4.3.2-150400.17.3.8
libreoffice-pyuno-7.4.3.2-150400.17.3.8
libreoffice-pyuno-debuginfo-7.4.3.2-150400.17.3.8
libreoffice-qt5-7.4.3.2-150400.17.3.8
libreoffice-qt5-debuginfo-7.4.3.2-150400.17.3.8
libreoffice-sdk-7.4.3.2-150400.17.3.8
libreoffice-sdk-debuginfo-7.4.3.2-150400.17.3.8
libreoffice-sdk-doc-7.4.3.2-150400.17.3.8
libreoffice-writer-7.4.3.2-150400.17.3.8
libreoffice-writer-debuginfo-7.4.3.2-150400.17.3.8
libreoffice-writer-extensions-7.4.3.2-150400.17.3.8
libreofficekit-7.4.3.2-150400.17.3.8
libreofficekit-devel-7.4.3.2-150400.17.3.8
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4 (noarch):
libmwaw-devel-doc-0.3.21-150000.4.17.7
libreoffice-branding-upstream-7.4.3.2-150400.17.3.8
libreoffice-gdb-pretty-printers-7.4.3.2-150400.17.3.8
libreoffice-glade-7.4.3.2-150400.17.3.8
libreoffice-icon-themes-7.4.3.2-150400.17.3.8
libreoffice-l10n-af-7.4.3.2-150400.17.3.8
libreoffice-l10n-am-7.4.3.2-150400.17.3.8
libreoffice-l10n-ar-7.4.3.2-150400.17.3.8
libreoffice-l10n-as-7.4.3.2-150400.17.3.8
libreoffice-l10n-ast-7.4.3.2-150400.17.3.8
libreoffice-l10n-be-7.4.3.2-150400.17.3.8
libreoffice-l10n-bg-7.4.3.2-150400.17.3.8
libreoffice-l10n-bn-7.4.3.2-150400.17.3.8
libreoffice-l10n-bn_IN-7.4.3.2-150400.17.3.8
libreoffice-l10n-bo-7.4.3.2-150400.17.3.8
libreoffice-l10n-br-7.4.3.2-150400.17.3.8
libreoffice-l10n-brx-7.4.3.2-150400.17.3.8
libreoffice-l10n-bs-7.4.3.2-150400.17.3.8
libreoffice-l10n-ca-7.4.3.2-150400.17.3.8
libreoffice-l10n-ca_valencia-7.4.3.2-150400.17.3.8
libreoffice-l10n-ckb-7.4.3.2-150400.17.3.8
libreoffice-l10n-cs-7.4.3.2-150400.17.3.8
libreoffice-l10n-cy-7.4.3.2-150400.17.3.8
libreoffice-l10n-da-7.4.3.2-150400.17.3.8
libreoffice-l10n-de-7.4.3.2-150400.17.3.8
libreoffice-l10n-dgo-7.4.3.2-150400.17.3.8
libreoffice-l10n-dsb-7.4.3.2-150400.17.3.8
libreoffice-l10n-dz-7.4.3.2-150400.17.3.8
libreoffice-l10n-el-7.4.3.2-150400.17.3.8
libreoffice-l10n-en-7.4.3.2-150400.17.3.8
libreoffice-l10n-en_GB-7.4.3.2-150400.17.3.8
libreoffice-l10n-en_ZA-7.4.3.2-150400.17.3.8
libreoffice-l10n-eo-7.4.3.2-150400.17.3.8
libreoffice-l10n-es-7.4.3.2-150400.17.3.8
libreoffice-l10n-et-7.4.3.2-150400.17.3.8
libreoffice-l10n-eu-7.4.3.2-150400.17.3.8
libreoffice-l10n-fa-7.4.3.2-150400.17.3.8
libreoffice-l10n-fi-7.4.3.2-150400.17.3.8
libreoffice-l10n-fr-7.4.3.2-150400.17.3.8
libreoffice-l10n-fur-7.4.3.2-150400.17.3.8
libreoffice-l10n-fy-7.4.3.2-150400.17.3.8
libreoffice-l10n-ga-7.4.3.2-150400.17.3.8
libreoffice-l10n-gd-7.4.3.2-150400.17.3.8
libreoffice-l10n-gl-7.4.3.2-150400.17.3.8
libreoffice-l10n-gu-7.4.3.2-150400.17.3.8
libreoffice-l10n-gug-7.4.3.2-150400.17.3.8
libreoffice-l10n-he-7.4.3.2-150400.17.3.8
libreoffice-l10n-hi-7.4.3.2-150400.17.3.8
libreoffice-l10n-hr-7.4.3.2-150400.17.3.8
libreoffice-l10n-hsb-7.4.3.2-150400.17.3.8
libreoffice-l10n-hu-7.4.3.2-150400.17.3.8
libreoffice-l10n-id-7.4.3.2-150400.17.3.8
libreoffice-l10n-is-7.4.3.2-150400.17.3.8
libreoffice-l10n-it-7.4.3.2-150400.17.3.8
libreoffice-l10n-ja-7.4.3.2-150400.17.3.8
libreoffice-l10n-ka-7.4.3.2-150400.17.3.8
libreoffice-l10n-kab-7.4.3.2-150400.17.3.8
libreoffice-l10n-kk-7.4.3.2-150400.17.3.8
libreoffice-l10n-km-7.4.3.2-150400.17.3.8
libreoffice-l10n-kmr_Latn-7.4.3.2-150400.17.3.8
libreoffice-l10n-kn-7.4.3.2-150400.17.3.8
libreoffice-l10n-ko-7.4.3.2-150400.17.3.8
libreoffice-l10n-kok-7.4.3.2-150400.17.3.8
libreoffice-l10n-ks-7.4.3.2-150400.17.3.8
libreoffice-l10n-lb-7.4.3.2-150400.17.3.8
libreoffice-l10n-lo-7.4.3.2-150400.17.3.8
libreoffice-l10n-lt-7.4.3.2-150400.17.3.8
libreoffice-l10n-lv-7.4.3.2-150400.17.3.8
libreoffice-l10n-mai-7.4.3.2-150400.17.3.8
libreoffice-l10n-mk-7.4.3.2-150400.17.3.8
libreoffice-l10n-ml-7.4.3.2-150400.17.3.8
libreoffice-l10n-mn-7.4.3.2-150400.17.3.8
libreoffice-l10n-mni-7.4.3.2-150400.17.3.8
libreoffice-l10n-mr-7.4.3.2-150400.17.3.8
libreoffice-l10n-my-7.4.3.2-150400.17.3.8
libreoffice-l10n-nb-7.4.3.2-150400.17.3.8
libreoffice-l10n-ne-7.4.3.2-150400.17.3.8
libreoffice-l10n-nl-7.4.3.2-150400.17.3.8
libreoffice-l10n-nn-7.4.3.2-150400.17.3.8
libreoffice-l10n-nr-7.4.3.2-150400.17.3.8
libreoffice-l10n-nso-7.4.3.2-150400.17.3.8
libreoffice-l10n-oc-7.4.3.2-150400.17.3.8
libreoffice-l10n-om-7.4.3.2-150400.17.3.8
libreoffice-l10n-or-7.4.3.2-150400.17.3.8
libreoffice-l10n-pa-7.4.3.2-150400.17.3.8
libreoffice-l10n-pl-7.4.3.2-150400.17.3.8
libreoffice-l10n-pt_BR-7.4.3.2-150400.17.3.8
libreoffice-l10n-pt_PT-7.4.3.2-150400.17.3.8
libreoffice-l10n-ro-7.4.3.2-150400.17.3.8
libreoffice-l10n-ru-7.4.3.2-150400.17.3.8
libreoffice-l10n-rw-7.4.3.2-150400.17.3.8
libreoffice-l10n-sa_IN-7.4.3.2-150400.17.3.8
libreoffice-l10n-sat-7.4.3.2-150400.17.3.8
libreoffice-l10n-sd-7.4.3.2-150400.17.3.8
libreoffice-l10n-si-7.4.3.2-150400.17.3.8
libreoffice-l10n-sid-7.4.3.2-150400.17.3.8
libreoffice-l10n-sk-7.4.3.2-150400.17.3.8
libreoffice-l10n-sl-7.4.3.2-150400.17.3.8
libreoffice-l10n-sq-7.4.3.2-150400.17.3.8
libreoffice-l10n-sr-7.4.3.2-150400.17.3.8
libreoffice-l10n-ss-7.4.3.2-150400.17.3.8
libreoffice-l10n-st-7.4.3.2-150400.17.3.8
libreoffice-l10n-sv-7.4.3.2-150400.17.3.8
libreoffice-l10n-sw_TZ-7.4.3.2-150400.17.3.8
libreoffice-l10n-szl-7.4.3.2-150400.17.3.8
libreoffice-l10n-ta-7.4.3.2-150400.17.3.8
libreoffice-l10n-te-7.4.3.2-150400.17.3.8
libreoffice-l10n-tg-7.4.3.2-150400.17.3.8
libreoffice-l10n-th-7.4.3.2-150400.17.3.8
libreoffice-l10n-tn-7.4.3.2-150400.17.3.8
libreoffice-l10n-tr-7.4.3.2-150400.17.3.8
libreoffice-l10n-ts-7.4.3.2-150400.17.3.8
libreoffice-l10n-tt-7.4.3.2-150400.17.3.8
libreoffice-l10n-ug-7.4.3.2-150400.17.3.8
libreoffice-l10n-uk-7.4.3.2-150400.17.3.8
libreoffice-l10n-uz-7.4.3.2-150400.17.3.8
libreoffice-l10n-ve-7.4.3.2-150400.17.3.8
libreoffice-l10n-vec-7.4.3.2-150400.17.3.8
libreoffice-l10n-vi-7.4.3.2-150400.17.3.8
libreoffice-l10n-xh-7.4.3.2-150400.17.3.8
libreoffice-l10n-zh_CN-7.4.3.2-150400.17.3.8
libreoffice-l10n-zh_TW-7.4.3.2-150400.17.3.8
libreoffice-l10n-zu-7.4.3.2-150400.17.3.8
References:
1
0
SUSE-SU-2023:0399-1: moderate: Security update for freerdp
by opensuse-security@opensuse.org 13 Feb '23
by opensuse-security@opensuse.org 13 Feb '23
13 Feb '23
SUSE Security Update: Security update for freerdp
______________________________________________________________________________
Announcement ID: SUSE-SU-2023:0399-1
Rating: moderate
References: #1205512
Cross-References: CVE-2022-39316 CVE-2022-39317 CVE-2022-39320
CVE-2022-39347 CVE-2022-41877
CVSS scores:
CVE-2022-39316 (NVD) : 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H
CVE-2022-39316 (SUSE): 4.8 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
CVE-2022-39317 (NVD) : 4.6 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L
CVE-2022-39317 (SUSE): 3.7 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:L
CVE-2022-39320 (NVD) : 4.6 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L
CVE-2022-39320 (SUSE): 3.7 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:L
CVE-2022-39347 (NVD) : 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
CVE-2022-39347 (SUSE): 4.8 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N
CVE-2022-41877 (NVD) : 4.6 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L
CVE-2022-41877 (SUSE): 3.7 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:L
Affected Products:
SUSE Linux Enterprise Desktop 15-SP4
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Linux Enterprise Workstation Extension 15-SP4
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes 5 vulnerabilities is now available.
Description:
This update for freerdp fixes the following issues:
- CVE-2022-39316: Fixed out of bound read in zgfx decoder (bsc#1205512).
- CVE-2022-39317: Fixed undefined behaviour in zgfx decoder (bsc#1205512).
- CVE-2022-39320: Fixed heap buffer overflow in urbdrc channel
(bsc#1205512).
- CVE-2022-39347: Fixed missing path sanitation with drive channel
(bsc#1205512).
- CVE-2022-41877: Fixed missing input length validation in drive channel
(bsc#1205512).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2023-399=1
- SUSE Linux Enterprise Workstation Extension 15-SP4:
zypper in -t patch SUSE-SLE-Product-WE-15-SP4-2023-399=1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4:
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP4-2023-399=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
freerdp-2.4.0-150400.3.18.1
freerdp-debuginfo-2.4.0-150400.3.18.1
freerdp-debugsource-2.4.0-150400.3.18.1
freerdp-devel-2.4.0-150400.3.18.1
freerdp-proxy-2.4.0-150400.3.18.1
freerdp-proxy-debuginfo-2.4.0-150400.3.18.1
freerdp-server-2.4.0-150400.3.18.1
freerdp-server-debuginfo-2.4.0-150400.3.18.1
freerdp-wayland-2.4.0-150400.3.18.1
freerdp-wayland-debuginfo-2.4.0-150400.3.18.1
libfreerdp2-2.4.0-150400.3.18.1
libfreerdp2-debuginfo-2.4.0-150400.3.18.1
libuwac0-0-2.4.0-150400.3.18.1
libuwac0-0-debuginfo-2.4.0-150400.3.18.1
libwinpr2-2.4.0-150400.3.18.1
libwinpr2-debuginfo-2.4.0-150400.3.18.1
uwac0-0-devel-2.4.0-150400.3.18.1
winpr2-devel-2.4.0-150400.3.18.1
- SUSE Linux Enterprise Workstation Extension 15-SP4 (x86_64):
freerdp-2.4.0-150400.3.18.1
freerdp-debuginfo-2.4.0-150400.3.18.1
freerdp-debugsource-2.4.0-150400.3.18.1
freerdp-devel-2.4.0-150400.3.18.1
freerdp-proxy-2.4.0-150400.3.18.1
freerdp-proxy-debuginfo-2.4.0-150400.3.18.1
libfreerdp2-2.4.0-150400.3.18.1
libfreerdp2-debuginfo-2.4.0-150400.3.18.1
libwinpr2-2.4.0-150400.3.18.1
libwinpr2-debuginfo-2.4.0-150400.3.18.1
winpr2-devel-2.4.0-150400.3.18.1
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4 (aarch64 ppc64le s390x):
freerdp-2.4.0-150400.3.18.1
freerdp-debuginfo-2.4.0-150400.3.18.1
freerdp-debugsource-2.4.0-150400.3.18.1
freerdp-devel-2.4.0-150400.3.18.1
freerdp-proxy-2.4.0-150400.3.18.1
freerdp-proxy-debuginfo-2.4.0-150400.3.18.1
libfreerdp2-2.4.0-150400.3.18.1
libfreerdp2-debuginfo-2.4.0-150400.3.18.1
libwinpr2-2.4.0-150400.3.18.1
libwinpr2-debuginfo-2.4.0-150400.3.18.1
winpr2-devel-2.4.0-150400.3.18.1
References:
https://www.suse.com/security/cve/CVE-2022-39316.html
https://www.suse.com/security/cve/CVE-2022-39317.html
https://www.suse.com/security/cve/CVE-2022-39320.html
https://www.suse.com/security/cve/CVE-2022-39347.html
https://www.suse.com/security/cve/CVE-2022-41877.html
https://bugzilla.suse.com/1205512
1
0
openSUSE-SU-2023:0045-1: important: Security update for chromium
by opensuse-security@opensuse.org 13 Feb '23
by opensuse-security@opensuse.org 13 Feb '23
13 Feb '23
openSUSE Security Update: Security update for chromium
______________________________________________________________________________
Announcement ID: openSUSE-SU-2023:0045-1
Rating: important
References: #1208029
Cross-References: CVE-2023-0696 CVE-2023-0697 CVE-2023-0698
CVE-2023-0699 CVE-2023-0700 CVE-2023-0701
CVE-2023-0702 CVE-2023-0703 CVE-2023-0704
CVE-2023-0705
Affected Products:
openSUSE Backports SLE-15-SP4
______________________________________________________________________________
An update that fixes 10 vulnerabilities is now available.
Description:
This update for chromium fixes the following issues:
Chromium 110.0.5481.77 (boo#1208029):
* CVE-2023-0696: Type Confusion in V8
* CVE-2023-0697: Inappropriate implementation in Full screen mode
* CVE-2023-0698: Out of bounds read in WebRTC
* CVE-2023-0699: Use after free in GPU
* CVE-2023-0700: Inappropriate implementation in Download
* CVE-2023-0701: Heap buffer overflow in WebUI
* CVE-2023-0702: Type Confusion in Data Transfer
* CVE-2023-0703: Type Confusion in DevTools
* CVE-2023-0704: Insufficient policy enforcement in DevTools
* CVE-2023-0705: Integer overflow in Core
* Various fixes from internal audits, fuzzing and other initiatives
- build with bundled libavif
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Backports SLE-15-SP4:
zypper in -t patch openSUSE-2023-45=1
Package List:
- openSUSE Backports SLE-15-SP4 (aarch64 x86_64):
chromedriver-110.0.5481.77-bp154.2.67.1
chromium-110.0.5481.77-bp154.2.67.1
References:
https://www.suse.com/security/cve/CVE-2023-0696.html
https://www.suse.com/security/cve/CVE-2023-0697.html
https://www.suse.com/security/cve/CVE-2023-0698.html
https://www.suse.com/security/cve/CVE-2023-0699.html
https://www.suse.com/security/cve/CVE-2023-0700.html
https://www.suse.com/security/cve/CVE-2023-0701.html
https://www.suse.com/security/cve/CVE-2023-0702.html
https://www.suse.com/security/cve/CVE-2023-0703.html
https://www.suse.com/security/cve/CVE-2023-0704.html
https://www.suse.com/security/cve/CVE-2023-0705.html
https://bugzilla.suse.com/1208029
1
0