SUSE-RU-2024:2023-1: moderate: Recommended update for socat
![](https://seccdn.libravatar.org/avatar/028f1977ff6c9cfc88042aaf1e9f9aa8.jpg?s=120&d=mm&r=g)
# Recommended update for socat Announcement ID: SUSE-RU-2024:2023-1 Rating: moderate References: * bsc#1160293 * jsc#PED-8413 Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap Micro 5.3 * openSUSE Leap Micro 5.4 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that contains one feature and has one fix can now be installed. ## Description: This update for socat fixes the following issues: socat is updated to 1.8.0.0: Primary feature is enabling TLS 1.3 support. (jsc#PED-8413) * Support for network namespaces (option netns) * TCP client now automatically tries all addresses (IPv4 and IPv6) provided by nameserver until success * Implementation of POSIX message queue (mq) control and access on Linux (addresses POSIXMQ-READ and following) * New wrapper script socat-chain.sh allows to stack two addresses, e.g.HTTP proxy connect over SSL * New script socat-mux.sh allows n-to-1 / 1-to-n communications * New script socat-broker.sh allows group communications * Experimental socks5 client feature * Address ACCEPT-FD for systemd "inetd" mode * UDP-Lite and DCCP address types * Addresses SOCKETPAIR and SHELL * New option bind-tmpname allows forked off children to bind UNIX domain client sockets to random unique pathes * New option retrieve-vlan (with INTERFACE addresses) now makes kernel keep VLAN tags in incoming packets * Simple statistics output with Socat option --statistics and with SIGUSR1 * A couple of new options, many fixes and corrections, see file CHANGES Update to 1.7.4.4: * FIX: In error.c msg2() there was a stack overflow on long messages: The terminating \0 Byte was written behind the last position. * FIX: UDP-RECVFROM with fork sometimes terminated when multiple packets arrived. * FIX: a couple of weaknesses and errors when accessing invalid or incompatible file system entries with UNIX domain, file, and generic addresses. * FIX: bad parser error message on "socat /tmp/x\"x/x -" Update to 1.7.4.3: * fixes the TCP_INFO issue that broke building on non-Linux platforms. * building on AIX works again. * A few more corrections and improvements have been added Update to version 1.7.4.2: * Fixes a lot of bugs, e.g., for options -r and -R. * Further bugfixes, see the CHANGES file Update to 1.7.4.1: Security: * Buffer size option (-b) is internally doubled for CR-CRLF conversion, but not checked for integer overflow. This could lead to heap based buffer overflow, assuming the attacker could provide this parameter. * Many further bugfixes and new features, see the CHANGES file ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-2023=1 * openSUSE Leap Micro 5.3 zypper in -t patch openSUSE-Leap-Micro-5.3-2024-2023=1 * openSUSE Leap Micro 5.4 zypper in -t patch openSUSE-Leap-Micro-5.4-2024-2023=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-2023=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-2023=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-2023=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-2023=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-2023=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-2023=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-2023=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-2023=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-2023=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-2023=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-2023=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-2023=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * socat-debuginfo-1.8.0.0-150400.14.3.1 * socat-extra-1.8.0.0-150400.14.3.1 * socat-debugsource-1.8.0.0-150400.14.3.1 * socat-1.8.0.0-150400.14.3.1 * openSUSE Leap Micro 5.3 (aarch64 x86_64) * socat-debuginfo-1.8.0.0-150400.14.3.1 * socat-debugsource-1.8.0.0-150400.14.3.1 * socat-1.8.0.0-150400.14.3.1 * openSUSE Leap Micro 5.4 (aarch64 s390x x86_64) * socat-debuginfo-1.8.0.0-150400.14.3.1 * socat-debugsource-1.8.0.0-150400.14.3.1 * socat-1.8.0.0-150400.14.3.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * socat-debuginfo-1.8.0.0-150400.14.3.1 * socat-debugsource-1.8.0.0-150400.14.3.1 * socat-1.8.0.0-150400.14.3.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * socat-debuginfo-1.8.0.0-150400.14.3.1 * socat-debugsource-1.8.0.0-150400.14.3.1 * socat-1.8.0.0-150400.14.3.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * socat-debuginfo-1.8.0.0-150400.14.3.1 * socat-debugsource-1.8.0.0-150400.14.3.1 * socat-1.8.0.0-150400.14.3.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * socat-debuginfo-1.8.0.0-150400.14.3.1 * socat-debugsource-1.8.0.0-150400.14.3.1 * socat-1.8.0.0-150400.14.3.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * socat-debuginfo-1.8.0.0-150400.14.3.1 * socat-debugsource-1.8.0.0-150400.14.3.1 * socat-1.8.0.0-150400.14.3.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 s390x x86_64) * socat-debuginfo-1.8.0.0-150400.14.3.1 * socat-debugsource-1.8.0.0-150400.14.3.1 * socat-1.8.0.0-150400.14.3.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * socat-debuginfo-1.8.0.0-150400.14.3.1 * socat-debugsource-1.8.0.0-150400.14.3.1 * socat-1.8.0.0-150400.14.3.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * socat-debuginfo-1.8.0.0-150400.14.3.1 * socat-debugsource-1.8.0.0-150400.14.3.1 * socat-1.8.0.0-150400.14.3.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * socat-debuginfo-1.8.0.0-150400.14.3.1 * socat-debugsource-1.8.0.0-150400.14.3.1 * socat-1.8.0.0-150400.14.3.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * socat-debuginfo-1.8.0.0-150400.14.3.1 * socat-debugsource-1.8.0.0-150400.14.3.1 * socat-1.8.0.0-150400.14.3.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * socat-debuginfo-1.8.0.0-150400.14.3.1 * socat-debugsource-1.8.0.0-150400.14.3.1 * socat-1.8.0.0-150400.14.3.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * socat-debuginfo-1.8.0.0-150400.14.3.1 * socat-debugsource-1.8.0.0-150400.14.3.1 * socat-1.8.0.0-150400.14.3.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1160293 * https://jira.suse.com/browse/PED-8413
participants (1)
-
OPENSUSE-UPDATES