SUSE-IU-2024:589-1: Security update of sles-15-sp5-chost-byos-v20240626-arm64
sle-container-updates at lists.suse.com
sle-container-updates at lists.suse.com
Mon Jul 1 07:01:43 UTC 2024
SUSE Image Update Advisory: sles-15-sp5-chost-byos-v20240626-arm64
-----------------------------------------------------------------
Image Advisory ID : SUSE-IU-2024:589-1
Image Tags : sles-15-sp5-chost-byos-v20240626-arm64:20240626
Image Release :
Severity : important
Type : security
References : 1065729 1141539 1160293 1174585 1181674 1187716 1188441 1190569
1191949 1192107 1193983 1194288 1194869 1196956 1197915 1200465
1205205 1207284 1207361 1207948 1208149 1209627 1209657 1209799
1209834 1209980 1210335 1213551 1213863 1214852 1215322 1215702
1216358 1216702 1216717 1217169 1217339 1217515 1218447 1218668
1220021 1220082 1220267 1220363 1220783 1221044 1221081 1221361
1221400 1221615 1221777 1221816 1221829 1221940 1222011 1222021
1222086 1222261 1222343 1222348 1222374 1222385 1222413 1222464
1222513 1222559 1222561 1222608 1222619 1222627 1222721 1222765
1222770 1222783 1222793 1222870 1222893 1222960 1222961 1222974
1222975 1222976 1223011 1223023 1223027 1223031 1223043 1223046
1223048 1223049 1223084 1223113 1223119 1223137 1223138 1223140
1223188 1223203 1223207 1223278 1223315 1223360 1223384 1223390
1223423 1223424 1223425 1223430 1223432 1223489 1223505 1223532
1223575 1223595 1223626 1223627 1223628 1223631 1223633 1223638
1223650 1223653 1223666 1223670 1223671 1223675 1223677 1223678
1223679 1223698 1223712 1223715 1223717 1223718 1223737 1223738
1223741 1223744 1223747 1223748 1223750 1223752 1223754 1223756
1223757 1223762 1223766 1223769 1223770 1223779 1223780 1223781
1223788 1223802 1223819 1223823 1223826 1223828 1223829 1223837
1223842 1223843 1223844 1223847 1223858 1223875 1223879 1223895
1223959 1223961 1223991 1223996 1224020 1224076 1224096 1224098
1224099 1224137 1224166 1224174 1224177 1224180 1224181 1224187
1224242 1224320 1224323 1224331 1224346 1224423 1224432 1224437
1224438 1224442 1224443 1224445 1224449 1224479 1224482 1224487
1224488 1224492 1224494 1224495 1224502 1224508 1224509 1224511
1224519 1224524 1224525 1224530 1224531 1224534 1224535 1224537
1224541 1224543 1224549 1224550 1224558 1224559 1224566 1224567
1224571 1224575 1224576 1224579 1224580 1224581 1224582 1224586
1224587 1224592 1224598 1224601 1224607 1224608 1224611 1224615
1224617 1224618 1224621 1224622 1224624 1224627 1224628 1224629
1224632 1224636 1224637 1224638 1224640 1224643 1224644 1224645
1224647 1224648 1224649 1224650 1224651 1224657 1224659 1224660
1224663 1224664 1224665 1224666 1224667 1224668 1224671 1224672
1224676 1224678 1224679 1224680 1224681 1224682 1224685 1224686
1224692 1224697 1224699 1224701 1224703 1224705 1224707 1224717
1224718 1224721 1224722 1224723 1224725 1224727 1224728 1224729
1224730 1224731 1224732 1224733 1224736 1224738 1224739 1224740
1224747 1224749 1224759 1224763 1224764 1224765 1224766 1224788
1224794 1224795 1224796 1224803 1224816 1224877 1224895 1224898
1224900 1224901 1224902 1224903 1224904 1224905 1224907 1224909
1224910 1224911 1224912 1224913 1224914 1224915 1224920 1224928
1224929 1224930 1224931 1224932 1224936 1224937 1224941 1224942
1224944 1224945 1224947 1224956 1224988 1224992 1225000 1225003
1225005 1225008 1225009 1225022 1225031 1225032 1225036 1225041
1225044 1225053 1225076 1225077 1225082 1225085 1225086 1225092
1225095 1225096 1225097 1225106 1225108 1225109 1225114 1225118
1225121 1225122 1225123 1225125 1225126 1225127 1225129 1225131
1225132 1225138 1225139 1225145 1225151 1225153 1225156 1225158
1225160 1225161 1225164 1225167 1225180 1225183 1225184 1225186
1225187 1225189 1225190 1225191 1225192 1225193 1225195 1225198
1225201 1225203 1225205 1225206 1225207 1225208 1225209 1225210
1225214 1225222 1225223 1225224 1225225 1225227 1225228 1225229
1225230 1225232 1225233 1225235 1225236 1225237 1225238 1225239
1225240 1225241 1225242 1225243 1225244 1225245 1225246 1225247
1225248 1225249 1225250 1225251 1225252 1225253 1225254 1225255
1225256 1225257 1225258 1225259 1225260 1225261 1225262 1225263
1225268 1225301 1225303 1225304 1225306 1225316 1225318 1225320
1225321 1225322 1225323 1225326 1225327 1225328 1225329 1225330
1225331 1225332 1225333 1225334 1225335 1225336 1225337 1225338
1225339 1225341 1225342 1225344 1225346 1225347 1225351 1225353
1225354 1225355 1225357 1225358 1225360 1225361 1225366 1225367
1225368 1225369 1225370 1225372 1225373 1225374 1225375 1225376
1225377 1225379 1225380 1225382 1225383 1225384 1225386 1225387
1225388 1225390 1225392 1225393 1225396 1225400 1225404 1225405
1225408 1225409 1225410 1225411 1225424 1225425 1225427 1225431
1225435 1225436 1225437 1225438 1225439 1225441 1225442 1225443
1225444 1225445 1225446 1225447 1225450 1225453 1225455 1225461
1225463 1225464 1225466 1225467 1225468 1225471 1225472 1225478
1225479 1225480 1225482 1225483 1225486 1225488 1225490 1225492
1225495 1225499 1225500 1225501 1225502 1225506 1225508 1225510
1225513 1225515 1225529 1225530 1225532 1225534 1225535 1225548
1225549 1225550 1225551 1225553 1225554 1225555 1225556 1225557
1225559 1225560 1225565 1225566 1225568 1225569 1225570 1225571
1225572 1225577 1225583 1225584 1225587 1225588 1225589 1225590
1225591 1225592 1225593 1225595 1225599 1225616 1225640 1225642
1225705 1225708 1225715 1225720 1225722 1225734 1225735 1225747
1225748 1225756 1225761 1225766 1225775 1225810 1225820 1225829
1225835 1225842 1225912 1226419 CVE-2020-36788 CVE-2021-4148
CVE-2021-43527 CVE-2021-47358 CVE-2021-47359 CVE-2021-47360 CVE-2021-47361
CVE-2021-47362 CVE-2021-47363 CVE-2021-47364 CVE-2021-47365 CVE-2021-47366
CVE-2021-47367 CVE-2021-47368 CVE-2021-47369 CVE-2021-47370 CVE-2021-47371
CVE-2021-47372 CVE-2021-47373 CVE-2021-47374 CVE-2021-47375 CVE-2021-47376
CVE-2021-47378 CVE-2021-47379 CVE-2021-47380 CVE-2021-47381 CVE-2021-47382
CVE-2021-47383 CVE-2021-47384 CVE-2021-47385 CVE-2021-47386 CVE-2021-47387
CVE-2021-47388 CVE-2021-47389 CVE-2021-47390 CVE-2021-47391 CVE-2021-47392
CVE-2021-47393 CVE-2021-47394 CVE-2021-47395 CVE-2021-47396 CVE-2021-47397
CVE-2021-47398 CVE-2021-47399 CVE-2021-47400 CVE-2021-47401 CVE-2021-47402
CVE-2021-47403 CVE-2021-47404 CVE-2021-47405 CVE-2021-47406 CVE-2021-47407
CVE-2021-47408 CVE-2021-47409 CVE-2021-47410 CVE-2021-47412 CVE-2021-47413
CVE-2021-47414 CVE-2021-47415 CVE-2021-47416 CVE-2021-47417 CVE-2021-47418
CVE-2021-47419 CVE-2021-47420 CVE-2021-47421 CVE-2021-47422 CVE-2021-47423
CVE-2021-47424 CVE-2021-47425 CVE-2021-47426 CVE-2021-47427 CVE-2021-47428
CVE-2021-47429 CVE-2021-47430 CVE-2021-47431 CVE-2021-47433 CVE-2021-47434
CVE-2021-47435 CVE-2021-47436 CVE-2021-47437 CVE-2021-47438 CVE-2021-47439
CVE-2021-47440 CVE-2021-47441 CVE-2021-47442 CVE-2021-47443 CVE-2021-47444
CVE-2021-47445 CVE-2021-47446 CVE-2021-47447 CVE-2021-47448 CVE-2021-47449
CVE-2021-47450 CVE-2021-47451 CVE-2021-47452 CVE-2021-47453 CVE-2021-47454
CVE-2021-47455 CVE-2021-47456 CVE-2021-47457 CVE-2021-47458 CVE-2021-47459
CVE-2021-47460 CVE-2021-47461 CVE-2021-47462 CVE-2021-47463 CVE-2021-47464
CVE-2021-47465 CVE-2021-47466 CVE-2021-47467 CVE-2021-47468 CVE-2021-47469
CVE-2021-47470 CVE-2021-47471 CVE-2021-47472 CVE-2021-47473 CVE-2021-47474
CVE-2021-47475 CVE-2021-47476 CVE-2021-47477 CVE-2021-47478 CVE-2021-47479
CVE-2021-47480 CVE-2021-47481 CVE-2021-47482 CVE-2021-47483 CVE-2021-47484
CVE-2021-47485 CVE-2021-47486 CVE-2021-47488 CVE-2021-47489 CVE-2021-47490
CVE-2021-47491 CVE-2021-47492 CVE-2021-47493 CVE-2021-47494 CVE-2021-47495
CVE-2021-47496 CVE-2021-47497 CVE-2021-47498 CVE-2021-47499 CVE-2021-47500
CVE-2021-47501 CVE-2021-47502 CVE-2021-47503 CVE-2021-47504 CVE-2021-47505
CVE-2021-47506 CVE-2021-47507 CVE-2021-47508 CVE-2021-47509 CVE-2021-47510
CVE-2021-47511 CVE-2021-47512 CVE-2021-47513 CVE-2021-47514 CVE-2021-47516
CVE-2021-47518 CVE-2021-47520 CVE-2021-47521 CVE-2021-47522 CVE-2021-47523
CVE-2021-47524 CVE-2021-47525 CVE-2021-47526 CVE-2021-47528 CVE-2021-47529
CVE-2021-47530 CVE-2021-47531 CVE-2021-47532 CVE-2021-47533 CVE-2021-47534
CVE-2021-47535 CVE-2021-47536 CVE-2021-47537 CVE-2021-47540 CVE-2021-47541
CVE-2021-47542 CVE-2021-47544 CVE-2021-47548 CVE-2021-47549 CVE-2021-47550
CVE-2021-47551 CVE-2021-47552 CVE-2021-47553 CVE-2021-47554 CVE-2021-47555
CVE-2021-47556 CVE-2021-47557 CVE-2021-47558 CVE-2021-47559 CVE-2021-47560
CVE-2021-47562 CVE-2021-47563 CVE-2021-47564 CVE-2021-47565 CVE-2021-47569
CVE-2022-48633 CVE-2022-48662 CVE-2022-48669 CVE-2022-48689 CVE-2022-48691
CVE-2022-48699 CVE-2022-48705 CVE-2022-48708 CVE-2022-48709 CVE-2022-48710
CVE-2023-0160 CVE-2023-1829 CVE-2023-42755 CVE-2023-45288 CVE-2023-47233
CVE-2023-52586 CVE-2023-52591 CVE-2023-52618 CVE-2023-52642 CVE-2023-52643
CVE-2023-52644 CVE-2023-52646 CVE-2023-52650 CVE-2023-52653 CVE-2023-52654
CVE-2023-52655 CVE-2023-52656 CVE-2023-52657 CVE-2023-52659 CVE-2023-52660
CVE-2023-52661 CVE-2023-52662 CVE-2023-52664 CVE-2023-52669 CVE-2023-52671
CVE-2023-52674 CVE-2023-52676 CVE-2023-52678 CVE-2023-52679 CVE-2023-52680
CVE-2023-52683 CVE-2023-52685 CVE-2023-52686 CVE-2023-52690 CVE-2023-52691
CVE-2023-52692 CVE-2023-52693 CVE-2023-52694 CVE-2023-52696 CVE-2023-52698
CVE-2023-52699 CVE-2023-52702 CVE-2023-52703 CVE-2023-52705 CVE-2023-52707
CVE-2023-52708 CVE-2023-52730 CVE-2023-52731 CVE-2023-52732 CVE-2023-52733
CVE-2023-52736 CVE-2023-52738 CVE-2023-52739 CVE-2023-52740 CVE-2023-52741
CVE-2023-52742 CVE-2023-52743 CVE-2023-52744 CVE-2023-52745 CVE-2023-52746
CVE-2023-52747 CVE-2023-52753 CVE-2023-52754 CVE-2023-52756 CVE-2023-52757
CVE-2023-52759 CVE-2023-52763 CVE-2023-52764 CVE-2023-52766 CVE-2023-52773
CVE-2023-52774 CVE-2023-52777 CVE-2023-52781 CVE-2023-52788 CVE-2023-52789
CVE-2023-52791 CVE-2023-52795 CVE-2023-52796 CVE-2023-52798 CVE-2023-52799
CVE-2023-52800 CVE-2023-52803 CVE-2023-52804 CVE-2023-52805 CVE-2023-52806
CVE-2023-52807 CVE-2023-52808 CVE-2023-52809 CVE-2023-52810 CVE-2023-52811
CVE-2023-52814 CVE-2023-52815 CVE-2023-52816 CVE-2023-52817 CVE-2023-52818
CVE-2023-52819 CVE-2023-52821 CVE-2023-52825 CVE-2023-52826 CVE-2023-52832
CVE-2023-52833 CVE-2023-52834 CVE-2023-52838 CVE-2023-52840 CVE-2023-52841
CVE-2023-52844 CVE-2023-52847 CVE-2023-52851 CVE-2023-52853 CVE-2023-52854
CVE-2023-52855 CVE-2023-52856 CVE-2023-52858 CVE-2023-52860 CVE-2023-52861
CVE-2023-52864 CVE-2023-52865 CVE-2023-52867 CVE-2023-52868 CVE-2023-52870
CVE-2023-52871 CVE-2023-52872 CVE-2023-52873 CVE-2023-52875 CVE-2023-52876
CVE-2023-52877 CVE-2023-52878 CVE-2023-52880 CVE-2023-6531 CVE-2024-2201
CVE-2024-26597 CVE-2024-26643 CVE-2024-26679 CVE-2024-26692 CVE-2024-26698
CVE-2024-26700 CVE-2024-26715 CVE-2024-26739 CVE-2024-26742 CVE-2024-26748
CVE-2024-26758 CVE-2024-26764 CVE-2024-26775 CVE-2024-26777 CVE-2024-26778
CVE-2024-26788 CVE-2024-26791 CVE-2024-26801 CVE-2024-26822 CVE-2024-26828
CVE-2024-26829 CVE-2024-26838 CVE-2024-26839 CVE-2024-26840 CVE-2024-26846
CVE-2024-26859 CVE-2024-26870 CVE-2024-26874 CVE-2024-26876 CVE-2024-26877
CVE-2024-26880 CVE-2024-26889 CVE-2024-26894 CVE-2024-26900 CVE-2024-26907
CVE-2024-26915 CVE-2024-26916 CVE-2024-26919 CVE-2024-26920 CVE-2024-26921
CVE-2024-26922 CVE-2024-26925 CVE-2024-26928 CVE-2024-26929 CVE-2024-26930
CVE-2024-26931 CVE-2024-26933 CVE-2024-26934 CVE-2024-26935 CVE-2024-26937
CVE-2024-26938 CVE-2024-26939 CVE-2024-26940 CVE-2024-26943 CVE-2024-26957
CVE-2024-26958 CVE-2024-26964 CVE-2024-26974 CVE-2024-26977 CVE-2024-26979
CVE-2024-26984 CVE-2024-26988 CVE-2024-26989 CVE-2024-26994 CVE-2024-26996
CVE-2024-26997 CVE-2024-26999 CVE-2024-27000 CVE-2024-27001 CVE-2024-27004
CVE-2024-27008 CVE-2024-27028 CVE-2024-27037 CVE-2024-27042 CVE-2024-27045
CVE-2024-27047 CVE-2024-27051 CVE-2024-27052 CVE-2024-27053 CVE-2024-27054
CVE-2024-27059 CVE-2024-27072 CVE-2024-27073 CVE-2024-27074 CVE-2024-27075
CVE-2024-27076 CVE-2024-27077 CVE-2024-27078 CVE-2024-27388 CVE-2024-27393
CVE-2024-27395 CVE-2024-27396 CVE-2024-27398 CVE-2024-27399 CVE-2024-27400
CVE-2024-27401 CVE-2024-27405 CVE-2024-27410 CVE-2024-27412 CVE-2024-27413
CVE-2024-27416 CVE-2024-27417 CVE-2024-27419 CVE-2024-27431 CVE-2024-27435
CVE-2024-27436 CVE-2024-33599 CVE-2024-33600 CVE-2024-33601 CVE-2024-33602
CVE-2024-35195 CVE-2024-35789 CVE-2024-35791 CVE-2024-35796 CVE-2024-35799
CVE-2024-35801 CVE-2024-35804 CVE-2024-35806 CVE-2024-35809 CVE-2024-35811
CVE-2024-35812 CVE-2024-35813 CVE-2024-35815 CVE-2024-35817 CVE-2024-35821
CVE-2024-35822 CVE-2024-35823 CVE-2024-35825 CVE-2024-35828 CVE-2024-35829
CVE-2024-35830 CVE-2024-35833 CVE-2024-35845 CVE-2024-35847 CVE-2024-35849
CVE-2024-35851 CVE-2024-35852 CVE-2024-35854 CVE-2024-35860 CVE-2024-35861
CVE-2024-35862 CVE-2024-35863 CVE-2024-35864 CVE-2024-35865 CVE-2024-35866
CVE-2024-35867 CVE-2024-35868 CVE-2024-35869 CVE-2024-35870 CVE-2024-35872
CVE-2024-35875 CVE-2024-35877 CVE-2024-35878 CVE-2024-35879 CVE-2024-35885
CVE-2024-35887 CVE-2024-35895 CVE-2024-35901 CVE-2024-35904 CVE-2024-35905
CVE-2024-35907 CVE-2024-35912 CVE-2024-35914 CVE-2024-35915 CVE-2024-35922
CVE-2024-35924 CVE-2024-35930 CVE-2024-35932 CVE-2024-35933 CVE-2024-35935
CVE-2024-35936 CVE-2024-35938 CVE-2024-35939 CVE-2024-35940 CVE-2024-35943
CVE-2024-35944 CVE-2024-35947 CVE-2024-35950 CVE-2024-35951 CVE-2024-35952
CVE-2024-35955 CVE-2024-35959 CVE-2024-35963 CVE-2024-35964 CVE-2024-35965
CVE-2024-35966 CVE-2024-35967 CVE-2024-35969 CVE-2024-35973 CVE-2024-35976
CVE-2024-35978 CVE-2024-35982 CVE-2024-35984 CVE-2024-35989 CVE-2024-35990
CVE-2024-35998 CVE-2024-35999 CVE-2024-36006 CVE-2024-36007 CVE-2024-36012
CVE-2024-36014 CVE-2024-36015 CVE-2024-36016 CVE-2024-36026 CVE-2024-36029
CVE-2024-36032 CVE-2024-36880 CVE-2024-36893 CVE-2024-36896 CVE-2024-36897
CVE-2024-36906 CVE-2024-36918 CVE-2024-36924 CVE-2024-36926 CVE-2024-36928
CVE-2024-36931 CVE-2024-36938 CVE-2024-36940 CVE-2024-36941 CVE-2024-36942
CVE-2024-36944 CVE-2024-36947 CVE-2024-36950 CVE-2024-36952 CVE-2024-36955
CVE-2024-36959 CVE-2024-38428 CVE-2024-4741
-----------------------------------------------------------------
The container sles-15-sp5-chost-byos-v20240626-arm64 was updated. The following patches have been included in this update:
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:1076-1
Released: Mon Apr 1 10:51:40 2024
Summary: Recommended update for Libreoffice
Type: recommended
Severity: moderate
References:
This update for Libreoffice fixes the following issue:
libreoffice was updated from version 7.6.2.1 to 24.2.1.2 (jsc#PED-7496, jsc#PED-8096):
- Highlights of changes up to version 24.2.1.2 are listed in the following release notes:
* https://wiki.documentfoundation.org/ReleaseNotes/24.2
* https://wiki.documentfoundation.org/Releases/24.2.1/RC2
* https://wiki.documentfoundation.org/Releases/24.2.1/RC1
* https://wiki.documentfoundation.org/Releases/7.6.4/RC1
* https://wiki.documentfoundation.org/Releases/7.6.3/RC2
* https://wiki.documentfoundation.org/Releases/7.6.3/RC1
* https://wiki.documentfoundation.org/Releases/7.6.2/RC2
- Update bundled dependencies:
* curl version update from 8.2.1 to 8.6.0
* gpgme version update from 1.18.0 to 1.20.0
* harfbuzz version update from 8.0.0 to 8.2.2
* libcmis version update from 0.5.2 to 0.6.1
* libgpg-error version update from 1.43 to 1.47
* pdfium version update from 5778 to 6179
* poppler version update from 23.06.0 to 23.09.0
* skia version from m111-a31e897fb3dcbc96b2b40999751611d029bf5404 to m116-2ddcf183eb260f63698aa74d1bb380f247ad7ccd
- New bundled dependencies:
* Java-WebSocket-1.5.4.tar.gz
* fontconfig-2.14.2.tar.xz
* freetype-2.13.0.tar.xz
* phc-winner-argon2-20190702.tar.gz
* tiff-4.6.0.tar.xz
- New required dependencies:
* zxcvbn
- Build Libreoffice using OpenSSL instead of NSS, since the bundled curl does
not support the NSS backend any more
abseil-cpp was updated from version 20230802.1 to 20240116.1:
* Added absl::NoDestructor<T> to simplify defining static types
that do not need to be destructed upon program exit.
* Added configurable verbose logging (also known as VLOG).
* Added absl::Overload(), which returns a functor that provides
overloads based on the functors passed to it. Note that this
functionality requires C++17 or newer.
* Breaking Changes:
+ AbslHashValue() no longer accepts C-style arrays as a parameter, caller need to wrap C-string literals in
absl::string_view.
+ absl::weak_equality and absl::strong_equality have been removed. The corresponding std types were removed
before C++20 was finalized
libixion was updated from version 0.18.1 to 0.19.0:
- C++ API:
* Added support for renaming sheets after they have been created.
- Formula interpreter:
* Added support for inline arrays.
liborcus was updated from version 0.18.1 to 0.19.2:
- Changes in version 0.19.2:
* Fixed a build issue with gcc 14 due to a missing include for std::find_if
and std::for_each.
* Fixed a segmentation fault with the orcus-test-xml-mapped test which
manifested on hppa hardware, as originally reported on
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054376.
* Fixed a crash when loading a document that includes a style record
referencing an unnamed style record as its parent. In Excel-generated
documents, styles only reference named styles as their parents. But in
3rd-party generated documents, styles referencing unnamed styles as their
parents can occur.
* Fixed a crash when the document model returned a null pointer when a
reference resolver interface was requested.
- Changes in version 0.19.1:
* Implemented orcus::create_filter() which instantiates a filter object of
specified type. The returned object is of type
orcus::iface::import_filter.
* Moved test cases for format detection to the respective filter test files.
* Fixed a bug where the import filter did not set the formula grammer prior
to importing.
- Changes in version 0.19.0:
* Added support for allowing use of std::filesystem,
std::experimental::filesystem or boost::filesystem per build
configuration.
* Refactored styles import to use style indices returned by the document
model implementer rather than using the indices stored in the file. This
allows the implementer to aggregate some style records and re-use the same
index for records that are stored as different records in the original
file.
* Fixed a bug where column styles were not applied to the correct columns
when the starting column index was not 0.
* Overhauled the Gnumeric import filter to fix many bugs and support many
missing features relative to the other filters included in orcus. Most
notable mentions are:
+ cell styles
+ rich-text strings
+ named ranges
+ row heights and column widths
+ merged cells
* Added partial support for Apache Parquet import filter. This is still
heavily experimental.
zxcvbn:
- New RPM package zxcvbn implementation needed as dependency for Libreoffice
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:1848-1
Released: Thu May 30 06:52:35 2024
Summary: Recommended update for supportutils
Type: recommended
Severity: important
References: 1220082,1222021
This update for supportutils fixes the following issues:
- Suppress file descriptor leak warnings from lvm commands (bsc#1220082)
- Add -V key:value pair option (bsc#1222021, PED-8211)
- Avoid getting duplicate kernel verifications in boot.text
- Include container log timestamps
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:1876-1
Released: Fri May 31 06:47:32 2024
Summary: Recommended update for aaa_base
Type: recommended
Severity: moderate
References: 1221361
This update for aaa_base fixes the following issues:
- Fix the typo to set JAVA_BINDIR in the csh variant of the alljava profile script (bsc#1221361)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:1880-1
Released: Fri May 31 08:45:12 2024
Summary: Security update for python-requests
Type: security
Severity: moderate
References: 1224788,CVE-2024-35195
This update for python-requests fixes the following issues:
- CVE-2024-35195: Fixed cert verification regardless of changes to the value of `verify` (bsc#1224788).
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:1883-1
Released: Fri May 31 09:31:11 2024
Summary: Recommended update for iputils
Type: recommended
Severity: moderate
References: 1224877
This update for iputils fixes the following issue:
- 'arping: Fix 1s delay on exit for unsolicited arpings',
backport upstream fix (bsc#1224877)
- Backport proposed fix for regression in upstream commit 4db1de6 (bsc#1224877)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:1888-1
Released: Fri May 31 19:09:00 2024
Summary: Recommended update for suse-module-tools
Type: recommended
Severity: moderate
References: 1216717,1223278,1224320
This update for suse-module-tools fixes the following issues:
- Include unblacklist in initramfs (bsc#1224320)
- regenerate-initrd-posttrans: run update-bootloader --refresh for XEN (bsc#1223278)
- 60-io-scheduler.rules: test for 'scheduler' sysfs attribute (bsc#1216717)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:1895-1
Released: Mon Jun 3 09:00:20 2024
Summary: Security update for glibc
Type: security
Severity: important
References: 1221940,1223423,1223424,1223425,CVE-2024-33599,CVE-2024-33600,CVE-2024-33601,CVE-2024-33602
This update for glibc fixes the following issues:
- CVE-2024-33599: Fixed a stack-based buffer overflow in netgroup cache in nscd (bsc#1223423)
- CVE-2024-33600: Avoid null pointer crashes after notfound response in nscd (bsc#1223424)
- CVE-2024-33600: Do not send missing not-found response in addgetnetgrentX in nscd (bsc#1223424)
- CVE-2024-33601, CVE-2024-33602: Fixed use of two buffers in addgetnetgrentX ( bsc#1223425)
- CVE-2024-33602: Use time_t for return type of addgetnetgrentX (bsc#1223425)
- Avoid creating userspace live patching prologue for _start routine (bsc#1221940)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:1994-1
Released: Tue Jun 11 15:03:55 2024
Summary: Recommended update for iputils
Type: recommended
Severity: moderate
References:
This update for iputils fixes the following issue:
- After upstream merged the fix, update git commit hashes.
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:2022-1
Released: Thu Jun 13 16:13:20 2024
Summary: Recommended update for chrony
Type: recommended
Severity: moderate
References: 1213551
This update for chrony fixes the following issues:
- Use shorter NTS-KE retry interval when network is down (bsc#1213551)
- Use make quickcheck instead of make check to avoid more than 1h build
times and failures due to timeouts. This was the default before
3.2 but it changed to make tests more reliable
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:2023-1
Released: Thu Jun 13 16:14:30 2024
Summary: Recommended update for socat
Type: recommended
Severity: moderate
References: 1160293
This update for socat fixes the following issues:
socat is updated to 1.8.0.0:
Primary feature is enabling TLS 1.3 support. (jsc#PED-8413)
* Support for network namespaces (option netns)
* TCP client now automatically tries all addresses (IPv4 and IPv6) provided by nameserver until success
* Implementation of POSIX message queue (mq) control and access on Linux (addresses POSIXMQ-READ and following)
* New wrapper script socat-chain.sh allows to stack two addresses, e.g.HTTP proxy connect over SSL
* New script socat-mux.sh allows n-to-1 / 1-to-n communications
* New script socat-broker.sh allows group communications
* Experimental socks5 client feature
* Address ACCEPT-FD for systemd 'inetd' mode
* UDP-Lite and DCCP address types
* Addresses SOCKETPAIR and SHELL
* New option bind-tmpname allows forked off children to bind UNIX domain client sockets to random unique pathes
* New option retrieve-vlan (with INTERFACE addresses) now makes kernel keep VLAN tags in incoming packets
* Simple statistics output with Socat option --statistics and with SIGUSR1
* A couple of new options, many fixes and corrections, see file CHANGES
Update to 1.7.4.4:
* FIX: In error.c msg2() there was a stack overflow on long messages: The
terminating \0 Byte was written behind the last position.
* FIX: UDP-RECVFROM with fork sometimes terminated when multiple packets
arrived.
* FIX: a couple of weaknesses and errors when accessing invalid or
incompatible file system entries with UNIX domain, file, and generic
addresses.
* FIX: bad parser error message on 'socat /tmp/x\'x/x -'
Update to 1.7.4.3:
* fixes the TCP_INFO issue that broke building on non-Linux platforms.
* building on AIX works again.
* A few more corrections and improvements have been added
Update to version 1.7.4.2:
* Fixes a lot of bugs, e.g., for options -r and -R.
* Further bugfixes, see the CHANGES file
Update to 1.7.4.1:
Security:
* Buffer size option (-b) is internally doubled for CR-CRLF conversion,
but not checked for integer overflow. This could lead to heap based buffer
overflow, assuming the attacker could provide this parameter.
* Many further bugfixes and new features, see the CHANGES file
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:2024-1
Released: Thu Jun 13 16:15:18 2024
Summary: Recommended update for jitterentropy
Type: recommended
Severity: moderate
References: 1209627
This update for jitterentropy fixes the following issues:
- Fixed a stack corruption on s390x: [bsc#1209627]
* Output size of the STCKE command on s390x is 16 bytes, compared
to 8 bytes of the STCK command. Fix a stack corruption in the
s390x version of jent_get_nstime(). Add some more detailed
information on the STCKE command.
Updated to 3.4.1
* add FIPS 140 hints to man page
* simplify the test tool to search for optimal configurations
* fix: jent_loop_shuffle: re-add setting the time that was lost with 3.4.0
* enhancement: add ARM64 assembler code to read high-res timer
-----------------------------------------------------------------
Advisory ID: 33664
Released: Thu Jun 13 21:03:09 2024
Summary: Recommended update for libsolv, libzypp, zypper, PackageKit-branding-SLE, PackageKit, libyui, yast2-pkg-bindings
Type: recommended
Severity: important
References: 1222086,1223430,1223766,1224242
This update for libsolv, libzypp, zypper, PackageKit-branding-SLE, PackageKit, libyui, yast2-pkg-bindings fixes the following issues:
- Fix the dependency for Packagekit-backend-zypp in SUMa 4.3 (bsc#1224242)
- Improve updating of installed multiversion packages
- Fix decision introspection going into an endless loop in some cases
- Split libsolv-tools into libsolv-tools-base [jsc#PED-8153]
- Improve checks against corrupt rpm
- Fixed check for outdated repo metadata as non-root user (bsc#1222086)
- Add ZYPP_API for exported functions and switch to visibility=hidden (jsc#PED-8153)
- Dynamically resolve libproxy (jsc#PED-8153)
- Fix download from gpgkey URL (bsc#1223430)
- Delay zypp lock until command options are parsed (bsc#1223766)
- Unify message format
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:2051-1
Released: Tue Jun 18 09:16:01 2024
Summary: Security update for openssl-1_1
Type: security
Severity: important
References: 1225551,CVE-2024-4741
This update for openssl-1_1 fixes the following issues:
- CVE-2024-4741: Fixed a use-after-free with SSL_free_buffers. (bsc#1225551)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:2085-1
Released: Wed Jun 19 11:36:00 2024
Summary: recommended update for python-requests
Type: recommended
Severity: moderate
References: 1225912
This update for python-requests fixes the following issue:
- Allow the usage of 'verify' parameter as a directory. (bsc#1225912)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:2086-1
Released: Wed Jun 19 11:48:24 2024
Summary: Recommended update for gcc13
Type: recommended
Severity: moderate
References: 1188441
This update for gcc13 fixes the following issues:
Update to GCC 13.3 release
- Removed Fiji support from the GCN offload compiler as that is requiring
Code Object version 3 which is no longer supported by llvm18.
- Avoid combine spending too much compile-time and memory doing nothing
on s390x. [bsc#1188441]
- Make requirement to lld version specific to avoid requiring the
meta-package.
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:2108-1
Released: Thu Jun 20 19:35:51 2024
Summary: Security update for containerd
Type: security
Severity: important
References: 1221400,1224323,CVE-2023-45288
This update for containerd fixes the following issues:
Update to containerd v1.7.17.
- CVE-2023-45288: Fixed the limit of CONTINUATION frames read for an HTTP/2 request (bsc#1221400).
- Fixed /sys/devices/virtual/powercap accessibility by default containers to mitigate power-based side channel attacks (bsc#1224323).
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:2174-1
Released: Mon Jun 24 07:20:48 2024
Summary: Security update for wget
Type: security
Severity: moderate
References: 1226419,CVE-2024-38428
This update for wget fixes the following issues:
- CVE-2024-38428: Fix mishandled semicolons in the userinfo subcomponent of a URI. (bsc#1226419)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:2176-1
Released: Mon Jun 24 08:55:56 2024
Summary: Recommended update for grpc, libzypp, protobuf, python-grpcio. re2, zypper
Type: recommended
Severity: moderate
References: 1222261,1222343,1222348
This update for grpc, libzypp, protobuf, python-grpcio, re2, zypper fixes the following issues:
- rebuild packages using protobuf against newer protobuf and abseil-cpp libraries. (bsc#1222261)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:2190-1
Released: Tue Jun 25 10:50:51 2024
Summary: Security update for the Linux Kernel
Type: security
Severity: important
References: 1065729,1141539,1174585,1181674,1187716,1190569,1191949,1192107,1193983,1194288,1194869,1196956,1197915,1200465,1205205,1207284,1207361,1207948,1208149,1209657,1209799,1209834,1209980,1210335,1213863,1214852,1215322,1215702,1216358,1216702,1217169,1217339,1217515,1218447,1220021,1220267,1220363,1220783,1221044,1221081,1221615,1221777,1221816,1221829,1222011,1222374,1222385,1222413,1222464,1222513,1222559,1222561,1222608,1222619,1222627,1222721,1222765,1222770,1222783,1222793,1222870,1222893,1222960,1222961,1222974,1222975,1222976,1223011,1223023,1223027,1223031,1223043,1223046,1223048,1223049,1223084,1223113,1223119,1223137,1223138,1223140,1223188,1223203,1223207,1223315,1223360,1223384,1223390,1223432,1223489,1223505,1223532,1223575,1223595,1223626,1223627,1223628,1223631,1223633,1223638,1223650,1223653,1223666,1223670,1223671,1223675,1223677,1223678,1223679,1223698,1223712,1223715,1223717,1223718,1223737,1223738,1223741,1223744,1223747,1223748,1223750,1223752,1223754,1
223756,1223757,1223762,1223769,1223770,1223779,1223780,1223781,1223788,1223802,1223819,1223823,1223826,1223828,1223829,1223837,1223842,1223843,1223844,1223847,1223858,1223875,1223879,1223895,1223959,1223961,1223991,1223996,1224020,1224076,1224096,1224098,1224099,1224137,1224166,1224174,1224177,1224180,1224181,1224187,1224331,1224346,1224423,1224432,1224437,1224438,1224442,1224443,1224445,1224449,1224479,1224482,1224487,1224488,1224492,1224494,1224495,1224502,1224508,1224509,1224511,1224519,1224524,1224525,1224530,1224531,1224534,1224535,1224537,1224541,1224543,1224549,1224550,1224558,1224559,1224566,1224567,1224571,1224575,1224576,1224579,1224580,1224581,1224582,1224586,1224587,1224592,1224598,1224601,1224607,1224608,1224611,1224615,1224617,1224618,1224621,1224622,1224624,1224627,1224628,1224629,1224632,1224636,1224637,1224638,1224640,1224643,1224644,1224645,1224647,1224648,1224649,1224650,1224651,1224657,1224659,1224660,1224663,1224664,1224665,1224666,1224667,1224668,1224671,122467
2,1224676,1224678,1224679,1224680,1224681,1224682,1224685,1224686,1224692,1224697,1224699,1224701,1224703,1224705,1224707,1224717,1224718,1224721,1224722,1224723,1224725,1224727,1224728,1224729,1224730,1224731,1224732,1224733,1224736,1224738,1224739,1224740,1224747,1224749,1224759,1224763,1224764,1224765,1224766,1224794,1224795,1224796,1224803,1224816,1224895,1224898,1224900,1224901,1224902,1224903,1224904,1224905,1224907,1224909,1224910,1224911,1224912,1224913,1224914,1224915,1224920,1224928,1224929,1224930,1224931,1224932,1224936,1224937,1224941,1224942,1224944,1224945,1224947,1224956,1224988,1224992,1225000,1225003,1225005,1225008,1225009,1225022,1225031,1225032,1225036,1225041,1225044,1225053,1225076,1225077,1225082,1225085,1225086,1225092,1225095,1225096,1225097,1225106,1225108,1225109,1225114,1225118,1225121,1225122,1225123,1225125,1225126,1225127,1225129,1225131,1225132,1225138,1225139,1225145,1225151,1225153,1225156,1225158,1225160,1225161,1225164,1225167,1225180,1225183,122
5184,1225186,1225187,1225189,1225190,1225191,1225192,1225193,1225195,1225198,1225201,1225203,1225205,1225206,1225207,1225208,1225209,1225210,1225214,1225222,1225223,1225224,1225225,1225227,1225228,1225229,1225230,1225232,1225233,1225235,1225236,1225237,1225238,1225239,1225240,1225241,1225242,1225243,1225244,1225245,1225246,1225247,1225248,1225249,1225250,1225251,1225252,1225253,1225254,1225255,1225256,1225257,1225258,1225259,1225260,1225261,1225262,1225263,1225268,1225301,1225303,1225304,1225306,1225316,1225318,1225320,1225321,1225322,1225323,1225326,1225327,1225328,1225329,1225330,1225331,1225332,1225333,1225334,1225335,1225336,1225337,1225338,1225339,1225341,1225342,1225344,1225346,1225347,1225351,1225353,1225354,1225355,1225357,1225358,1225360,1225361,1225366,1225367,1225368,1225369,1225370,1225372,1225373,1225374,1225375,1225376,1225377,1225379,1225380,1225382,1225383,1225384,1225386,1225387,1225388,1225390,1225392,1225393,1225396,1225400,1225404,1225405,1225408,1225409,1225410,
1225411,1225424,1225425,1225427,1225431,1225435,1225436,1225437,1225438,1225439,1225441,1225442,1225443,1225444,1225445,1225446,1225447,1225450,1225453,1225455,1225461,1225463,1225464,1225466,1225467,1225468,1225471,1225472,1225478,1225479,1225480,1225482,1225483,1225486,1225488,1225490,1225492,1225495,1225499,1225500,1225501,1225502,1225506,1225508,1225510,1225513,1225515,1225529,1225530,1225532,1225534,1225535,1225548,1225549,1225550,1225553,1225554,1225555,1225556,1225557,1225559,1225560,1225565,1225566,1225568,1225569,1225570,1225571,1225572,1225577,1225583,1225584,1225587,1225588,1225589,1225590,1225591,1225592,1225593,1225595,1225599,1225616,1225640,1225642,1225705,1225708,1225715,1225720,1225722,1225734,1225735,1225747,1225748,1225756,1225761,1225766,1225775,1225810,1225820,1225829,1225835,1225842,CVE-2020-36788,CVE-2021-4148,CVE-2021-43527,CVE-2021-47358,CVE-2021-47359,CVE-2021-47360,CVE-2021-47361,CVE-2021-47362,CVE-2021-47363,CVE-2021-47364,CVE-2021-47365,CVE-2021-47366,CV
E-2021-47367,CVE-2021-47368,CVE-2021-47369,CVE-2021-47370,CVE-2021-47371,CVE-2021-47372,CVE-2021-47373,CVE-2021-47374,CVE-2021-47375,CVE-2021-47376,CVE-2021-47378,CVE-2021-47379,CVE-2021-47380,CVE-2021-47381,CVE-2021-47382,CVE-2021-47383,CVE-2021-47384,CVE-2021-47385,CVE-2021-47386,CVE-2021-47387,CVE-2021-47388,CVE-2021-47389,CVE-2021-47390,CVE-2021-47391,CVE-2021-47392,CVE-2021-47393,CVE-2021-47394,CVE-2021-47395,CVE-2021-47396,CVE-2021-47397,CVE-2021-47398,CVE-2021-47399,CVE-2021-47400,CVE-2021-47401,CVE-2021-47402,CVE-2021-47403,CVE-2021-47404,CVE-2021-47405,CVE-2021-47406,CVE-2021-47407,CVE-2021-47408,CVE-2021-47409,CVE-2021-47410,CVE-2021-47412,CVE-2021-47413,CVE-2021-47414,CVE-2021-47415,CVE-2021-47416,CVE-2021-47417,CVE-2021-47418,CVE-2021-47419,CVE-2021-47420,CVE-2021-47421,CVE-2021-47422,CVE-2021-47423,CVE-2021-47424,CVE-2021-47425,CVE-2021-47426,CVE-2021-47427,CVE-2021-47428,CVE-2021-47429,CVE-2021-47430,CVE-2021-47431,CVE-2021-47433,CVE-2021-47434,CVE-2021-47435,CVE-2021-
47436,CVE-2021-47437,CVE-2021-47438,CVE-2021-47439,CVE-2021-47440,CVE-2021-47441,CVE-2021-47442,CVE-2021-47443,CVE-2021-47444,CVE-2021-47445,CVE-2021-47446,CVE-2021-47447,CVE-2021-47448,CVE-2021-47449,CVE-2021-47450,CVE-2021-47451,CVE-2021-47452,CVE-2021-47453,CVE-2021-47454,CVE-2021-47455,CVE-2021-47456,CVE-2021-47457,CVE-2021-47458,CVE-2021-47459,CVE-2021-47460,CVE-2021-47461,CVE-2021-47462,CVE-2021-47463,CVE-2021-47464,CVE-2021-47465,CVE-2021-47466,CVE-2021-47467,CVE-2021-47468,CVE-2021-47469,CVE-2021-47470,CVE-2021-47471,CVE-2021-47472,CVE-2021-47473,CVE-2021-47474,CVE-2021-47475,CVE-2021-47476,CVE-2021-47477,CVE-2021-47478,CVE-2021-47479,CVE-2021-47480,CVE-2021-47481,CVE-2021-47482,CVE-2021-47483,CVE-2021-47484,CVE-2021-47485,CVE-2021-47486,CVE-2021-47488,CVE-2021-47489,CVE-2021-47490,CVE-2021-47491,CVE-2021-47492,CVE-2021-47493,CVE-2021-47494,CVE-2021-47495,CVE-2021-47496,CVE-2021-47497,CVE-2021-47498,CVE-2021-47499,CVE-2021-47500,CVE-2021-47501,CVE-2021-47502,CVE-2021-47503,C
VE-2021-47504,CVE-2021-47505,CVE-2021-47506,CVE-2021-47507,CVE-2021-47508,CVE-2021-47509,CVE-2021-47510,CVE-2021-47511,CVE-2021-47512,CVE-2021-47513,CVE-2021-47514,CVE-2021-47516,CVE-2021-47518,CVE-2021-47520,CVE-2021-47521,CVE-2021-47522,CVE-2021-47523,CVE-2021-47524,CVE-2021-47525,CVE-2021-47526,CVE-2021-47528,CVE-2021-47529,CVE-2021-47530,CVE-2021-47531,CVE-2021-47532,CVE-2021-47533,CVE-2021-47534,CVE-2021-47535,CVE-2021-47536,CVE-2021-47537,CVE-2021-47540,CVE-2021-47541,CVE-2021-47542,CVE-2021-47544,CVE-2021-47548,CVE-2021-47549,CVE-2021-47550,CVE-2021-47551,CVE-2021-47552,CVE-2021-47553,CVE-2021-47554,CVE-2021-47555,CVE-2021-47556,CVE-2021-47557,CVE-2021-47558,CVE-2021-47559,CVE-2021-47560,CVE-2021-47562,CVE-2021-47563,CVE-2021-47564,CVE-2021-47565,CVE-2021-47569,CVE-2022-48633,CVE-2022-48662,CVE-2022-48669,CVE-2022-48689,CVE-2022-48691,CVE-2022-48699,CVE-2022-48705,CVE-2022-48708,CVE-2022-48709,CVE-2022-48710,CVE-2023-0160,CVE-2023-1829,CVE-2023-42755,CVE-2023-47233,CVE-2023-5
2586,CVE-2023-52591,CVE-2023-52618,CVE-2023-52642,CVE-2023-52643,CVE-2023-52644,CVE-2023-52646,CVE-2023-52650,CVE-2023-52653,CVE-2023-52654,CVE-2023-52655,CVE-2023-52656,CVE-2023-52657,CVE-2023-52659,CVE-2023-52660,CVE-2023-52661,CVE-2023-52662,CVE-2023-52664,CVE-2023-52669,CVE-2023-52671,CVE-2023-52674,CVE-2023-52676,CVE-2023-52678,CVE-2023-52679,CVE-2023-52680,CVE-2023-52683,CVE-2023-52685,CVE-2023-52686,CVE-2023-52690,CVE-2023-52691,CVE-2023-52692,CVE-2023-52693,CVE-2023-52694,CVE-2023-52696,CVE-2023-52698,CVE-2023-52699,CVE-2023-52702,CVE-2023-52703,CVE-2023-52705,CVE-2023-52707,CVE-2023-52708,CVE-2023-52730,CVE-2023-52731,CVE-2023-52732,CVE-2023-52733,CVE-2023-52736,CVE-2023-52738,CVE-2023-52739,CVE-2023-52740,CVE-2023-52741,CVE-2023-52742,CVE-2023-52743,CVE-2023-52744,CVE-2023-52745,CVE-2023-52746,CVE-2023-52747,CVE-2023-52753,CVE-2023-52754,CVE-2023-52756,CVE-2023-52757,CVE-2023-52759,CVE-2023-52763,CVE-2023-52764,CVE-2023-52766,CVE-2023-52773,CVE-2023-52774,CVE-2023-52777,CV
E-2023-52781,CVE-2023-52788,CVE-2023-52789,CVE-2023-52791,CVE-2023-52795,CVE-2023-52796,CVE-2023-52798,CVE-2023-52799,CVE-2023-52800,CVE-2023-52803,CVE-2023-52804,CVE-2023-52805,CVE-2023-52806,CVE-2023-52807,CVE-2023-52808,CVE-2023-52809,CVE-2023-52810,CVE-2023-52811,CVE-2023-52814,CVE-2023-52815,CVE-2023-52816,CVE-2023-52817,CVE-2023-52818,CVE-2023-52819,CVE-2023-52821,CVE-2023-52825,CVE-2023-52826,CVE-2023-52832,CVE-2023-52833,CVE-2023-52834,CVE-2023-52838,CVE-2023-52840,CVE-2023-52841,CVE-2023-52844,CVE-2023-52847,CVE-2023-52851,CVE-2023-52853,CVE-2023-52854,CVE-2023-52855,CVE-2023-52856,CVE-2023-52858,CVE-2023-52860,CVE-2023-52861,CVE-2023-52864,CVE-2023-52865,CVE-2023-52867,CVE-2023-52868,CVE-2023-52870,CVE-2023-52871,CVE-2023-52872,CVE-2023-52873,CVE-2023-52875,CVE-2023-52876,CVE-2023-52877,CVE-2023-52878,CVE-2023-52880,CVE-2023-6531,CVE-2024-2201,CVE-2024-26597,CVE-2024-26643,CVE-2024-26679,CVE-2024-26692,CVE-2024-26698,CVE-2024-26700,CVE-2024-26715,CVE-2024-26739,CVE-2024-26
742,CVE-2024-26748,CVE-2024-26758,CVE-2024-26764,CVE-2024-26775,CVE-2024-26777,CVE-2024-26778,CVE-2024-26788,CVE-2024-26791,CVE-2024-26801,CVE-2024-26822,CVE-2024-26828,CVE-2024-26829,CVE-2024-26838,CVE-2024-26839,CVE-2024-26840,CVE-2024-26846,CVE-2024-26859,CVE-2024-26870,CVE-2024-26874,CVE-2024-26876,CVE-2024-26877,CVE-2024-26880,CVE-2024-26889,CVE-2024-26894,CVE-2024-26900,CVE-2024-26907,CVE-2024-26915,CVE-2024-26916,CVE-2024-26919,CVE-2024-26920,CVE-2024-26921,CVE-2024-26922,CVE-2024-26925,CVE-2024-26928,CVE-2024-26929,CVE-2024-26930,CVE-2024-26931,CVE-2024-26933,CVE-2024-26934,CVE-2024-26935,CVE-2024-26937,CVE-2024-26938,CVE-2024-26939,CVE-2024-26940,CVE-2024-26943,CVE-2024-26957,CVE-2024-26958,CVE-2024-26964,CVE-2024-26974,CVE-2024-26977,CVE-2024-26979,CVE-2024-26984,CVE-2024-26988,CVE-2024-26989,CVE-2024-26994,CVE-2024-26996,CVE-2024-26997,CVE-2024-26999,CVE-2024-27000,CVE-2024-27001,CVE-2024-27004,CVE-2024-27008,CVE-2024-27028,CVE-2024-27037,CVE-2024-27042,CVE-2024-27045,CVE
-2024-27047,CVE-2024-27051,CVE-2024-27052,CVE-2024-27053,CVE-2024-27054,CVE-2024-27059,CVE-2024-27072,CVE-2024-27073,CVE-2024-27074,CVE-2024-27075,CVE-2024-27076,CVE-2024-27077,CVE-2024-27078,CVE-2024-27388,CVE-2024-27393,CVE-2024-27395,CVE-2024-27396,CVE-2024-27398,CVE-2024-27399,CVE-2024-27400,CVE-2024-27401,CVE-2024-27405,CVE-2024-27410,CVE-2024-27412,CVE-2024-27413,CVE-2024-27416,CVE-2024-27417,CVE-2024-27419,CVE-2024-27431,CVE-2024-27435,CVE-2024-27436,CVE-2024-35789,CVE-2024-35791,CVE-2024-35796,CVE-2024-35799,CVE-2024-35801,CVE-2024-35804,CVE-2024-35806,CVE-2024-35809,CVE-2024-35811,CVE-2024-35812,CVE-2024-35813,CVE-2024-35815,CVE-2024-35817,CVE-2024-35821,CVE-2024-35822,CVE-2024-35823,CVE-2024-35825,CVE-2024-35828,CVE-2024-35829,CVE-2024-35830,CVE-2024-35833,CVE-2024-35845,CVE-2024-35847,CVE-2024-35849,CVE-2024-35851,CVE-2024-35852,CVE-2024-35854,CVE-2024-35860,CVE-2024-35861,CVE-2024-35862,CVE-2024-35863,CVE-2024-35864,CVE-2024-35865,CVE-2024-35866,CVE-2024-35867,CVE-2024-3
5868,CVE-2024-35869,CVE-2024-35870,CVE-2024-35872,CVE-2024-35875,CVE-2024-35877,CVE-2024-35878,CVE-2024-35879,CVE-2024-35885,CVE-2024-35887,CVE-2024-35895,CVE-2024-35901,CVE-2024-35904,CVE-2024-35905,CVE-2024-35907,CVE-2024-35912,CVE-2024-35914,CVE-2024-35915,CVE-2024-35922,CVE-2024-35924,CVE-2024-35930,CVE-2024-35932,CVE-2024-35933,CVE-2024-35935,CVE-2024-35936,CVE-2024-35938,CVE-2024-35939,CVE-2024-35940,CVE-2024-35943,CVE-2024-35944,CVE-2024-35947,CVE-2024-35950,CVE-2024-35951,CVE-2024-35952,CVE-2024-35955,CVE-2024-35959,CVE-2024-35963,CVE-2024-35964,CVE-2024-35965,CVE-2024-35966,CVE-2024-35967,CVE-2024-35969,CVE-2024-35973,CVE-2024-35976,CVE-2024-35978,CVE-2024-35982,CVE-2024-35984,CVE-2024-35989,CVE-2024-35990,CVE-2024-35998,CVE-2024-35999,CVE-2024-36006,CVE-2024-36007,CVE-2024-36012,CVE-2024-36014,CVE-2024-36015,CVE-2024-36016,CVE-2024-36026,CVE-2024-36029,CVE-2024-36032,CVE-2024-36880,CVE-2024-36893,CVE-2024-36896,CVE-2024-36897,CVE-2024-36906,CVE-2024-36918,CVE-2024-36924,CV
E-2024-36926,CVE-2024-36928,CVE-2024-36931,CVE-2024-36938,CVE-2024-36940,CVE-2024-36941,CVE-2024-36942,CVE-2024-36944,CVE-2024-36947,CVE-2024-36950,CVE-2024-36952,CVE-2024-36955,CVE-2024-36959
The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2021-47548: Fixed a possible array out-of=bounds (bsc#1225506)
- CVE-2022-48689: Fixed data-race in lru_add_fn (bsc#1223959)
- CVE-2022-48691: Fixed memory leak in netfilter (bsc#1223961)
- CVE-2023-1829: Fixed a use-after-free vulnerability in the control index filter (tcindex) (bsc#1210335).
- CVE-2023-42755: Check user supplied offsets (bsc#1215702).
- CVE-2023-52586: Fixed mutex lock in control vblank irq (bsc#1221081).
- CVE-2023-52618: Fixed string overflow in block/rnbd-srv (bsc#1221615).
- CVE-2023-52655: Check packet for fixup for true limit (bsc#1217169).
- CVE-2023-52656: Dropped any code related to SCM_RIGHTS (bsc#1224187).
- CVE-2023-52660: Fiedx IRQ handling due to shared interrupts (bsc#1224443).
- CVE-2023-52664: Eliminate double free in error handling logic (bsc#1224747).
- CVE-2023-52671: Fixed hang/underflow when transitioning to ODM4:1 (bsc#1224729).
- CVE-2023-52674: Add clamp() in scarlett2_mixer_ctl_put() (bsc#1224727).
- CVE-2023-52680: Fixed missing error checks to *_ctl_get() (bsc#1224608).
- CVE-2023-52692: Fixed missing error check to scarlett2_usb_set_config() (bsc#1224628).
- CVE-2023-52698: Fixed memory leak in netlbl_calipso_add_pass() (bsc#1224621)
- CVE-2023-52746: Prevent potential spectre v1 gadget in xfrm_xlate32_attr() (bsc#1225114)
- CVE-2023-52757: Fixed potential deadlock when releasing mids (bsc#1225548).
- CVE-2023-52795: Fixed use after free in vhost_vdpa_probe() (bsc#1225085).
- CVE-2023-52796: Add ipvlan_route_v6_outbound() helper (bsc#1224930).
- CVE-2023-52807: Fixed out-of-bounds access may occur when coalesce info is read via debugfs (bsc#1225097).
- CVE-2023-52860: Fixed null pointer dereference in hisi_hns3 (bsc#1224936).
- CVE-2023-6531: Fixed a use-after-free flaw due to a race problem in the unix garbage collector's deletion of SKB races with unix_stream_read_generic()on the socket that the SKB is queued on (bsc#1218447).
- CVE-2024-2201: Fixed information leak in x86/BHI (bsc#1217339).
- CVE-2024-26643: Fixed mark set as dead when unbinding anonymous set with timeout (bsc#1221829).
- CVE-2024-26679: Fixed read sk->sk_family once in inet_recv_error() (bsc#1222385).
- CVE-2024-26692: Fixed regression in writes when non-standard maximum write size negotiated (bsc#1222464).
- CVE-2024-26700: Fixed drm/amd/display: Fix MST Null Ptr for RV (bsc#1222870)
- CVE-2024-26715: Fixed NULL pointer dereference in dwc3_gadget_suspend (bsc#1222561).
- CVE-2024-26742: Fixed disable_managed_interrupts (git-fixes bsc#1222608).
- CVE-2024-26775: Fixed potential deadlock at set_capacity (bsc#1222627).
- CVE-2024-26777: Error out if pixclock equals zero in fbdev/sis (bsc#1222765)
- CVE-2024-26778: Error out if pixclock equals zero in fbdev/savage (bsc#1222770)
- CVE-2024-26791: Fixed properly validate device names in btrfs (bsc#1222793)
- CVE-2024-26822: Set correct id, uid and cruid for multiuser automounts (bsc#1223011).
- CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223084).
- CVE-2024-26839: Fixed a memleak in init_credit_return() (bsc#1222975)
- CVE-2024-26876: Fixed crash on irq during probe (bsc#1223119).
- CVE-2024-26900: Fixed kmemleak of rdev->serial (bsc#1223046).
- CVE-2024-26907: Fixed a fortify source warning while accessing Eth segment in mlx5 (bsc#1223203).
- CVE-2024-26915: Reset IH OVERFLOW_CLEAR bit (bsc#1223207)
- CVE-2024-26919: Fixed debugfs directory leak (bsc#1223847).
- CVE-2024-26921: Preserve kabi for sk_buff (bsc#1223138).
- CVE-2024-26925: Release mutex after nft_gc_seq_end from abort path (bsc#1223390).
- CVE-2024-26928: Fixed potential UAF in cifs_debug_files_proc_show() (bsc#1223532).
- CVE-2024-26939: Fixed UAF on destroy against retire race (bsc#1223679).
- CVE-2024-26958: Fixed UAF in direct writes (bsc#1223653).
- CVE-2024-27042: Fixed potential out-of-bounds access in 'amdgpu_discovery_reg_base_init()' (bsc#1223823).
- CVE-2024-27395: Fixed Use-After-Free in ovs_ct_exit (bsc#1224098).
- CVE-2024-27396: Fixed Use-After-Free in gtp_dellink (bsc#1224096).
- CVE-2024-27398: Fixed use-after-free bugs caused by sco_sock_timeout (bsc#1224174).
- CVE-2024-27401: Fixed user_length taken into account when fetching packet contents (bsc#1224181).
- CVE-2024-27413: Fixed incorrect allocation size (bsc#1224438).
- CVE-2024-27417: Fixed potential 'struct net' leak in inet6_rtm_getaddr() (bsc#1224721)
- CVE-2024-27419: Fixed data-races around sysctl_net_busy_read (bsc#1224759)
- CVE-2024-27431: Zero-initialise xdp_rxq_info struct before running XDP program (bsc#1224718).
- CVE-2024-35791: Flush pages under kvm->lock to fix UAF in svm_register_enc_region() (bsc#1224725).
- CVE-2024-35799: Prevent crash when disable stream (bsc#1224740).
- CVE-2024-35804: Mark target gfn of emulated atomic instruction as dirty (bsc#1224638).
- CVE-2024-35817: Set gtt bound flag in amdgpu_ttm_gart_bind (bsc#1224736).
- CVE-2024-35852: Fixed memory leak when canceling rehash work (bsc#1224502).
- CVE-2024-35854: Fixed possible use-after-free during rehash (bsc#1224636).
- CVE-2024-35860: Struct bpf_link and bpf_link_ops kABI workaround (bsc#1224531).
- CVE-2024-35861: Fixed potential UAF in cifs_signal_cifsd_for_reconnect() (bsc#1224766).
- CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted() (bsc#1224764).
- CVE-2024-35863: Fixed potential UAF in is_valid_oplock_break() (bsc#1224763).
- CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break() (bsc#1224765,).
- CVE-2024-35865: Fixed potential UAF in smb2_is_valid_oplock_break() (bsc#1224668).
- CVE-2024-35866: Fixed potential UAF in cifs_dump_full_key() (bsc#1224667).
- CVE-2024-35867: Fixed potential UAF in cifs_stats_proc_show() (bsc#1224664).
- CVE-2024-35868: Fixed potential UAF in cifs_stats_proc_write() (bsc#1224678).
- CVE-2024-35869: Guarantee refcounted children from parent session (bsc#1224679).
- CVE-2024-35870: Fixed UAF in smb2_reconnect_server() (bsc#1224020, bsc#1224672).
- CVE-2024-35872: Fixed GUP-fast succeeding on secretmem folios (bsc#1224530).
- CVE-2024-35875: Require seeding RNG with RDRAND on CoCo systems (bsc#1224665).
- CVE-2024-35877: Fixed VM_PAT handling in COW mappings (bsc#1224525).
- CVE-2024-35878: Prevent NULL pointer dereference in vsnprintf() (bsc#1224671).
- CVE-2024-35879: kABI workaround for drivers/of/dynamic.c (bsc#1224524).
- CVE-2024-35885: Stop interface during shutdown (bsc#1224519).
- CVE-2024-35904: Fixed dereference of garbage after mount failure (bsc#1224494).
- CVE-2024-35905: Fixed int overflow for stack access size (bsc#1224488).
- CVE-2024-35907: Call request_irq() after NAPI initialized (bsc#1224492).
- CVE-2024-35924: Limit read size on v1.2 (bsc#1224657).
- CVE-2024-35939: Fixed leak pages on dma_set_decrypted() failure (bsc#1224535).
- CVE-2024-35943: Fixed a null pointer dereference in omap_prm_domain_init (bsc#1224649).
- CVE-2024-35944: Fixed memcpy() run-time warning in dg_dispatch_as_host() (bsc#1224648).
- CVE-2024-35951: Fixed the error path in panfrost_mmu_map_fault_addr() (bsc#1224701).
- CVE-2024-35959: Fixed mlx5e_priv_init() cleanup flow (bsc#1224666).
- CVE-2024-35964: Fixed not validating setsockopt user input (bsc#1224581).
- CVE-2024-35969: Fixed race condition between ipv6_get_ifaddr and ipv6_del_addr (bsc#1224580).
- CVE-2024-35973: Fixed header validation in geneve[6]_xmit_skb (bsc#1224586).
- CVE-2024-35976: Validate user input for XDP_{UMEM|COMPLETION}_FILL_RING (bsc#1224575).
- CVE-2024-35998: Fixed lock ordering potential deadlock in cifs_sync_mid_result (bsc#1224549).
- CVE-2024-35999: Fixed missing lock when picking channel (bsc#1224550).
- CVE-2024-36006: Fixed incorrect list API usage (bsc#1224541).
- CVE-2024-36007: Fixed warning during rehash (bsc#1224543).
- CVE-2024-36938: Fixed NULL pointer dereference in sk_psock_skb_ingress_enqueue (bsc#1225761).
The following non-security bugs were fixed:
- 9p: explicitly deny setlease attempts (git-fixes).
- ACPI: bus: Indicate support for _TFP thru _OSC (git-fixes).
- ACPI: disable -Wstringop-truncation (git-fixes).
- ACPI: Fix Generic Initiator Affinity _OSC bit (git-fixes).
- ACPI: LPSS: Advertise number of chip selects via property (git-fixes).
- admin-guide/hw-vuln/core-scheduling: fix return type of PR_SCHED_CORE_GET (git-fixes).
- af_unix: annote lockless accesses to unix_tot_inflight & gc_in_progress (bsc#1223384).
- af_unix: Do not use atomic ops for unix_sk(sk)->inflight (bsc#1223384).
- af_unix: Replace BUG_ON() with WARN_ON_ONCE() (bsc#1223384).
- ALSA: core: Fix NULL module pointer assignment at card init (git-fixes).
- ALSA: hda/cs_dsp_ctl: Use private_free for control cleanup (git-fixes).
- ALSA: line6: Zero-initialize message buffers (stable-fixes).
- ARM: 9381/1: kasan: clear stale stack poison (git-fixes).
- ASoC: Intel: avs: Fix ASRC module initialization (git-fixes).
- ASoC: Intel: avs: Fix potential integer overflow (git-fixes).
- ASoC: Intel: avs: ssm4567: Do not ignore route checks (git-fixes).
- ASoC: Intel: Disable route checks for Skylake boards (git-fixes).
- ASoC: kirkwood: Fix potential NULL dereference (git-fixes).
- ASoC: mediatek: mt8192: fix register configuration for tdm (git-fixes).
- ASoC: meson: axg-fifo: use FIELD helpers (stable-fixes).
- ASoC: meson: axg-fifo: use threaded irq to check periods (git-fixes).
- ASoC: tas2552: Add TX path for capturing AUDIO-OUT data (git-fixes).
- ASoC: tracing: Export SND_SOC_DAPM_DIR_OUT to its value (git-fixes).
- ata: pata_legacy: make legacy_exit() work again (git-fixes).
- ata: sata_gemini: Check clk_enable() result (stable-fixes).
- autofs: use wake_up() instead of wake_up_interruptible(() (bsc#1224166).
- Bluetooth: Fix use-after-free bugs caused by sco_sock_timeout (git-fixes).
- Bluetooth: hci_sync: Avoid use-after-free in dbg for hci_add_adv_monitor() (git-fixes).
- Bluetooth: hci_sync: Do not double print name in add/remove adv_monitor (bsc#1216358).
- Bluetooth: l2cap: fix null-ptr-deref in l2cap_chan_timeout (git-fixes).
- Bluetooth: msft: fix slab-use-after-free in msft_do_close() (git-fixes).
- Bluetooth: qca: add missing firmware sanity checks (git-fixes).
- Bluetooth: qca: Fix error code in qca_read_fw_build_info() (git-fixes).
- Bluetooth: qca: fix firmware check error path (git-fixes).
- Bluetooth: qca: fix info leak when fetching fw build id (git-fixes).
- Bluetooth: qca: fix NVM configuration parsing (git-fixes).
- bnxt_re: avoid shift undefined behavior in bnxt_qplib_alloc_init_hwq (git-fixes)
- bpf: decouple prune and jump points (bsc#1225756).
- bpf: fix precision backtracking instruction iteration (bsc#1225756).
- bpf: Fix precision tracking for BPF_ALU | BPF_TO_BE | BPF_END (git-fixes).
- bpf: handle ldimm64 properly in check_cfg() (bsc#1225756).
- bpf: mostly decouple jump history management from is_state_visited() (bsc#1225756).
- bpf: remove unnecessary prune and jump points (bsc#1225756).
- btrfs: add error messages to all unrecognized mount options (git-fixes)
- btrfs: add missing mutex_unlock in btrfs_relocate_sys_chunks() (git-fixes)
- btrfs: export: handle invalid inode or root reference in btrfs_get_parent() (git-fixes)
- btrfs: extend locking to all space_info members accesses (git-fixes)
- btrfs: fix btrfs_submit_compressed_write cgroup attribution (git-fixes)
- btrfs: fix information leak in btrfs_ioctl_logical_to_ino() (git-fixes)
- btrfs: fix missing blkdev_put() call in btrfs_scan_one_device() (git-fixes)
- btrfs: fix off-by-one chunk length calculation at contains_pending_extent() (git-fixes)
- btrfs: fix qgroup reserve overflow the qgroup limit (git-fixes)
- btrfs: fix silent failure when deleting root reference (git-fixes)
- btrfs: fix use-after-free after failure to create a snapshot (git-fixes)
- btrfs: free exchange changeset on failures (git-fixes)
- btrfs: handle chunk tree lookup error in btrfs_relocate_sys_chunks() (git-fixes)
- btrfs: make search_csum_tree return 0 if we get -EFBIG (git-fixes)
- btrfs: prevent copying too big compressed lzo segment (git-fixes)
- btrfs: remove BUG_ON(!eie) in find_parent_nodes (git-fixes)
- btrfs: remove BUG_ON() in find_parent_nodes() (git-fixes)
- btrfs: repair super block num_devices automatically (git-fixes)
- btrfs: replace the BUG_ON in btrfs_del_root_ref with proper error handling (git-fixes)
- btrfs: send: ensure send_fd is writable (git-fixes)
- btrfs: send: handle path ref underflow in header iterate_inode_ref() (git-fixes)
- btrfs: send: in case of IO error log it (git-fixes)
- btrfs: send: return EOPNOTSUPP on unknown flags (git-fixes)
- btrfs: tree-checker: check item_size for dev_item (git-fixes)
- btrfs: tree-checker: check item_size for inode_item (git-fixes)
- cifs: account for primary channel in the interface list (bsc#1224020).
- cifs: cifs_chan_is_iface_active should be called with chan_lock held (bsc#1224020).
- cifs: distribute channels across interfaces based on speed (bsc#1224020).
- cifs: do not pass cifs_sb when trying to add channels (bsc#1224020).
- cifs: failure to add channel on iface should bump up weight (git-fixes, bsc#1224020).
- cifs: fix charset issue in reconnection (bsc#1224020).
- cifs: fix leak of iface for primary channel (git-fixes, bsc#1224020).
- cifs: handle cases where a channel is closed (bsc#1224020).
- cifs: handle cases where multiple sessions share connection (bsc#1224020).
- cifs: reconnect work should have reference on server struct (bsc#1224020).
- clk: Do not hold prepare_lock when calling kref_put() (stable-fixes).
- clk: qcom: mmcc-msm8998: fix venus clock issue (git-fixes).
- counter: stm32-lptimer-cnt: Provide defines for clock polarities (git-fixes).
- counter: stm32-timer-cnt: Provide defines for slave mode selection (git-fixes).
- cppc_cpufreq: Fix possible null pointer dereference (git-fixes).
- cpu/hotplug: Remove the 'cpu' member of cpuhp_cpu_state (git-fixes).
- cpumask: Add for_each_cpu_from() (bsc#1225053).
- crypto: bcm - Fix pointer arithmetic (git-fixes).
- crypto: ccp - drop platform ifdef checks (git-fixes).
- crypto: ecdsa - Fix module auto-load on add-key (git-fixes).
- crypto: x86/nh-avx2 - add missing vzeroupper (git-fixes).
- crypto: x86/sha256-avx2 - add missing vzeroupper (git-fixes).
- crypto: x86/sha512-avx2 - add missing vzeroupper (git-fixes).
- dmaengine: axi-dmac: fix possible race in remove() (git-fixes).
- dmaengine: idma64: Add check for dma_set_max_seg_size (git-fixes).
- dm/amd/pm: Fix problems with reboot/shutdown for some SMU 13.0.4/13.0.11 users (git-fixes).
- dm-multipath: dont't attempt SG_IO on non-SCSI-disks (bsc#1223575).
- docs: kernel_include.py: Cope with docutils 0.21 (stable-fixes).
- drivers/nvme: Add quirks for device 126f:2262 (git-fixes).
- drm/amd/display: Atom Integrated System Info v2_2 for DCN35 (stable-fixes).
- drm/amd/display: Fix division by zero in setup_dsc_config (stable-fixes).
- drm/amd/display: Fix potential index out of bounds in color transformation function (git-fixes).
- drm/amd/display: Handle Y carry-over in VCP X.Y calculation (stable-fixes).
- drm/amd: Flush GFXOFF requests in prepare stage (git-fixes).
- drm/amdgpu: Refine IB schedule error logging (stable-fixes).
- drm/amdkfd: do not allow mapping the MMIO HDP page with large pages (git-fixes).
- drm/arm/malidp: fix a possible null pointer dereference (git-fixes).
- drm/bridge: anx7625: Do not log an error when DSI host can't be found (git-fixes).
- drm: bridge: cdns-mhdp8546: Fix possible null pointer dereference (git-fixes).
- drm/bridge: dpc3433: Do not log an error when DSI host can't be found (git-fixes).
- drm/bridge: icn6211: Do not log an error when DSI host can't be found (git-fixes).
- drm/bridge: lt8912b: Do not log an error when DSI host can't be found (git-fixes).
- drm/bridge: lt9611: Do not log an error when DSI host can't be found (git-fixes).
- drm/bridge: tc358775: Do not log an error when DSI host can't be found (git-fixes).
- drm/bridge: tc358775: fix support for jeida-18 and jeida-24 (git-fixes).
- drm/connector: Add \n to message about demoting connector force-probes (git-fixes).
- drm/i915/bios: Fix parsing backlight BDB data (git-fixes).
- drm/lcdif: Do not disable clocks on already suspended hardware (git-fixes).
- drm/mediatek: Add 0 size check to mtk_drm_gem_obj (git-fixes).
- drm/meson: dw-hdmi: add bandgap setting for g12 (git-fixes).
- drm/meson: dw-hdmi: power up phy on device init (git-fixes).
- drm/meson: vclk: fix calculation of 59.94 fractional rates (git-fixes).
- drm/msm/dp: allow voltage swing / pre emphasis of 3 (git-fixes).
- drm/msm/dpu: Always flush the slave INTF on the CTL (git-fixes).
- drm/msm/dsi: Print dual-DSI-adjusted pclk instead of original mode pclk (git-fixes).
- drm/nouveau/dp: Do not probe eDP ports twice harder (stable-fixes).
- drm/panel: atna33xc20: Fix unbalanced regulator in the case HPD does not assert (git-fixes).
- drm/panel: novatek-nt35950: Do not log an error when DSI host can't be found (git-fixes).
- drm/panel: simple: Add missing Innolux G121X1-L03 format, flags, connector (git-fixes).
- drm: vc4: Fix possible null pointer dereference (git-fixes).
- dt-bindings: clock: qcom: Add missing UFS QREF clocks (git-fixes)
- dyndbg: fix old BUG_ON in >control parser (stable-fixes).
- efi: libstub: only free priv.runtime_map when allocated (git-fixes).
- extcon: max8997: select IRQ_DOMAIN instead of depending on it (git-fixes).
- fail_function: fix wrong use of fei_attr_remove().
- fbdev: savage: Handle err return when savagefb_check_var failed (git-fixes).
- fbdev: shmobile: fix snprintf truncation (git-fixes).
- fbdev: sisfb: hide unused variables (git-fixes).
- firewire: ohci: mask bus reset interrupts between ISR and bottom half (stable-fixes).
- firmware: dmi-id: add a release callback function (git-fixes).
- firmware: raspberrypi: Use correct device for DMA mappings (git-fixes).
- fs/9p: drop inodes immediately on non-.L too (git-fixes).
- fs/9p: only translate RWX permissions for plain 9P2000 (git-fixes).
- fs/9p: translate O_TRUNC into OTRUNC (git-fixes).
- gpio: crystalcove: Use -ENOTSUPP consistently (stable-fixes).
- gpio: wcove: Use -ENOTSUPP consistently (stable-fixes).
- gpu: host1x: Do not setup DMA for virtual devices (stable-fixes).
- HID: intel-ish-hid: ipc: Add check for pci_alloc_irq_vectors (git-fixes).
- hwmon: (corsair-cpro) Protect ccp->wait_input_report with a spinlock (git-fixes).
- hwmon: (corsair-cpro) Use a separate buffer for sending commands (git-fixes).
- hwmon: (corsair-cpro) Use complete_all() instead of complete() in ccp_raw_event() (git-fixes).
- hwmon: (lm70) fix links in doc and comments (git-fixes).
- hwmon: (pmbus/ucd9000) Increase delay from 250 to 500us (git-fixes).
- i3c: master: svc: change ENXIO to EAGAIN when IBI occurs during start frame (git-fixes).
- i3c: master: svc: fix invalidate IBI type and miss call client IBI handler (git-fixes).
- IB/mlx5: Use __iowrite64_copy() for write combining stores (git-fixes)
- idpf: extend tx watchdog timeout (bsc#1224137).
- iio: core: Leave private pointer NULL when no private data supplied (git-fixes).
- iio: pressure: dps310: support negative temperature values (git-fixes).
- Input: cyapa - add missing input core locking to suspend/resume functions (git-fixes).
- Input: ims-pcu - fix printf string overflow (git-fixes).
- Input: pm8xxx-vibrator - correct VIB_MAX_LEVELS calculation (git-fixes).
- iomap: Fix inline extent handling in iomap_readpage (git-fixes)
- iomap: iomap: fix memory corruption when recording errors during writeback (git-fixes)
- iomap: Support partial direct I/O on user copy failures (git-fixes)
- iommu/dma: Force swiotlb_max_mapping_size on an untrusted device (bsc#1224331)
- io_uring/unix: drop usage of io_uring socket (git-fixes).
- irqchip/gic-v3-its: Prevent double free on error (git-fixes).
- jffs2: prevent xattr node from overflowing the eraseblock (git-fixes).
- kABI: bpf: struct bpf_insn_aux_data kABI workaround (bsc#1225756).
- kcm: do not sense pfmemalloc status in kcm_sendpage() (git-fixes bsc#1223959)
- KEYS: trusted: Do not use WARN when encode fails (git-fixes).
- KEYS: trusted: Fix memory leak in tpm2_key_encode() (git-fixes).
- KVM: s390: Check kvm pointer when testing KVM_CAP_S390_HPAGE_1M (git-fixes bsc#1224794).
- leds: pwm: Disable PWM when going to suspend (git-fixes).
- libsubcmd: Fix parse-options memory leak (git-fixes).
- locking/atomic: Make test_and_*_bit() ordered on failure (git-fixes).
- media: atomisp: ssh_css: Fix a null-pointer dereference in load_video_binaries (git-fixes).
- media: dt-bindings: ovti,ov2680: Fix the power supply names (git-fixes).
- media: mc: mark the media devnode as registered from the, start (git-fixes).
- media: ngene: Add dvb_ca_en50221_init return value check (git-fixes).
- media: stk1160: fix bounds checking in stk1160_copy_video() (git-fixes).
- mei: me: add lunar lake point M DID (stable-fixes).
- mfd: intel-lpss: Revert 'Add missing check for platform_get_resource' (git-fixes).
- mfd: ti_am335x_tscadc: Support the correctly spelled DT property (git-fixes).
- mfd: tqmx86: Specify IO port register range more precisely (git-fixes).
- mlxbf_gige: Enable the GigE port in mlxbf_gige_open (git-fixes).
- mlxbf_gige: Fix intermittent no ip issue (git-fixes).
- mlxbf_gige: stop PHY during open() error paths (git-fixes).
- mmc: sdhci_am654: Add tuning algorithm for delay chain (git-fixes).
- mmc: sdhci_am654: Write ITAPDLY for DDR52 timing (git-fixes).
- Move upstreamed patches into sorted section
- mtd: core: Report error if first mtd_otp_size() call fails in mtd_otp_nvmem_add() (git-fixes).
- mtd: rawnand: hynix: fixed typo (git-fixes).
- net: do not sense pfmemalloc status in skb_append_pagefrags() (git-fixes bsc#1223959)
- netfilter: nf_tables: bail out early if hardware offload is not supported (git-fixes bsc#1223961)
- net: introduce __skb_fill_page_desc_noacc (git-fixes bsc#1223959)
- net: nfc: remove inappropriate attrs check (stable-fixes).
- net: qualcomm: rmnet: fix global oob in rmnet_policy (git-fixes).
- net: usb: ax88179_178a: fix link status when link is set to down/up (git-fixes).
- net:usb:qmi_wwan: support Rolling modules (stable-fixes).
- net: usb: smsc95xx: stop lying about skb->truesize (git-fixes).
- net: usb: sr9700: stop lying about skb->truesize (git-fixes).
- net: vmxnet3: Fix NULL pointer dereference in vmxnet3_rq_rx_complete() (bsc#1223360).
- nfc: nci: Fix handling of zero-length payload packets in nci_rx_work() (git-fixes).
- nfc: nci: Fix uninit-value in nci_rx_work (git-fixes).
- nilfs2: fix out-of-range warning (git-fixes).
- nilfs2: fix unexpected freezing of nilfs_segctor_sync() (git-fixes).
- nilfs2: fix use-after-free of timer for log writer thread (git-fixes).
- nilfs2: make superblock data array index computation sparse friendly (git-fixes).
- nvme: ensure disabling pairs with unquiesce (bsc#1224534).
- nvme: fix miss command type check (git-fixes).
- nvme: fix multipath batched completion accounting (git-fixes).
- nvme-multipath: fix io accounting on failover (git-fixes).
- nvmet: fix ns enable/disable possible hang (git-fixes).
- PCI: dwc: Detect iATU settings after getting 'addr_space' resource (git-fixes).
- PCI: dwc: ep: Fix DBI access failure for drivers requiring refclk from host (git-fixes).
- PCI: dwc: Use the bitmap API to allocate bitmaps (git-fixes).
- PCI/EDR: Align EDR_PORT_DPC_ENABLE_DSM with PCI Firmware r3.3 (git-fixes).
- PCI/EDR: Align EDR_PORT_LOCATE_DSM with PCI Firmware r3.3 (git-fixes).
- PCI: rockchip-ep: Remove wrong mask on subsys_vendor_id (git-fixes).
- PCI: tegra194: Fix probe path for Endpoint mode (git-fixes).
- pinctrl: armada-37xx: remove an unused variable (git-fixes).
- pinctrl: core: delete incorrect free in pinctrl_enable() (git-fixes).
- pinctrl: core: handle radix_tree_insert() errors in pinctrl_register_one_pin() (stable-fixes).
- pinctrl: devicetree: fix refcount leak in pinctrl_dt_to_map() (git-fixes).
- pinctrl/meson: fix typo in PDM's pin name (git-fixes).
- pinctrl: pinctrl-aspeed-g6: Fix register offset for pinconf of GPIOR-T (git-fixes).
- platform/x86/intel-uncore-freq: Do not present root domain on error (git-fixes).
- platform/x86: xiaomi-wmi: Fix race condition when reporting key events (git-fixes).
- powerpc/eeh: Permanently disable the removed device (bsc#1223991 ltc#205740).
- powerpc/eeh: Small refactor of eeh_handle_normal_event() (bsc#1223991 ltc#205740).
- powerpc/eeh: Use a goto for recovery failures (bsc#1223991 ltc#205740).
- powerpc/powernv: Add a null pointer check in opal_event_init() (bsc#1065729).
- powerpc/pseries/lparcfg: drop error message from guest name lookup (bsc#1187716 ltc#193451 git-fixes).
- powerpc/pseries/vio: Do not return ENODEV if node or compatible missing (bsc#1220783).
- powerpc/uaccess: Fix build errors seen with GCC 13/14 (bsc#1194869).
- powerpc/uaccess: Use YZ asm constraint for ld (bsc#1194869).
- power: rt9455: hide unused rt9455_boost_voltage_values (git-fixes).
- ppdev: Add an error check in register_device (git-fixes).
- printk: Update @console_may_schedule in console_trylock_spinning() (bsc#1225616).
- qibfs: fix dentry leak (git-fixes)
- RDMA/hns: Add max_ah and cq moderation capacities in query_device() (git-fixes)
- RDMA/hns: Fix deadlock on SRQ async events. (git-fixes)
- RDMA/hns: Fix GMV table pagesize (git-fixes)
- RDMA/hns: Fix return value in hns_roce_map_mr_sg (git-fixes)
- RDMA/hns: Fix UAF for cq async event (git-fixes)
- RDMA/hns: Modify the print level of CQE error (git-fixes)
- RDMA/hns: Use complete parentheses in macros (git-fixes)
- RDMA/IPoIB: Fix format truncation compilation errors (git-fixes)
- RDMA/mlx5: Adding remote atomic access flag to updatable flags (git-fixes)
- RDMA/mlx5: Fix port number for counter query in multi-port configuration (git-fixes)
- RDMA/rxe: Add ibdev_dbg macros for rxe (git-fixes)
- RDMA/rxe: Fix incorrect rxe_put in error path (git-fixes)
- RDMA/rxe: Fix seg fault in rxe_comp_queue_pkt (git-fixes)
- RDMA/rxe: Fix the problem 'mutex_destroy missing' (git-fixes)
- RDMA/rxe: Replace pr_xxx by rxe_dbg_xxx in rxe_net.c (git-fixes)
- RDMA/rxe: Split rxe_run_task() into two subroutines (git-fixes)
- regulator: bd71828: Do not overwrite runtime voltages (git-fixes).
- regulator: core: fix debugfs creation regression (git-fixes).
- regulator: mt6360: De-capitalize devicetree regulator subnodes (git-fixes).
- remoteproc: mediatek: Make sure IPI buffer fits in L2TCM (git-fixes).
- Revert 'cifs: reconnect work should have reference on server struct' (git-fixes, bsc#1224020).
- Revert 'drm/bridge: ti-sn65dsi83: Fix enable error path' (git-fixes).
- ring-buffer: Fix a race between readers and resize checks (git-fixes).
- s390/bpf: Emit a barrier for BPF_FETCH instructions (git-fixes bsc#1224795).
- s390/cio: fix tracepoint subchannel type field (git-fixes bsc#1224796).
- s390/cpum_cf: make crypto counters upward compatible across machine types (bsc#1224346).
- s390/ipl: Fix incorrect initialization of len fields in nvme reipl block (git-fixes bsc#1225139).
- s390/ipl: Fix incorrect initialization of nvme dump block (git-fixes bsc#1225138).
- sched/topology: Optimize topology_span_sane() (bsc#1225053).
- scsi: arcmsr: Support new PCI device IDs 1883 and 1886 (git-fixes).
- scsi: bfa: Fix function pointer type mismatch for hcb_qe->cbfn (git-fixes).
- scsi: core: Consult supported VPD page list prior to fetching page (git-fixes).
- scsi: core: Fix unremoved procfs host directory regression (git-fixes).
- scsi: csiostor: Avoid function pointer casts (git-fixes).
- scsi: libfc: Do not schedule abort twice (git-fixes).
- scsi: libfc: Fix up timeout error in fc_fcp_rec_error() (git-fixes).
- scsi: lpfc: Add support for 32 byte CDBs (bsc#1225842).
- scsi: lpfc: Change default logging level for unsolicited CT MIB commands (bsc#1225842).
- scsi: lpfc: Change lpfc_hba hba_flag member into a bitmask (bsc#1225842).
- scsi: lpfc: Clear deferred RSCN processing flag when driver is unloading (bsc#1225842).
- scsi: lpfc: Copyright updates for 14.4.0.2 patches (bsc#1225842).
- scsi: lpfc: Introduce rrq_list_lock to protect active_rrq_list (bsc#1225842).
- scsi: lpfc: Update logging of protection type for T10 DIF I/O (bsc#1225842).
- scsi: lpfc: Update lpfc version to 14.4.0.2 (bsc#1225842).
- scsi: mpt3sas: Prevent sending diag_reset when the controller is ready (git-fixes).
- scsi: mylex: Fix sysfs buffer lengths (git-fixes).
- scsi: qla2xxx: Fix off by one in qla_edif_app_getstats() (git-fixes).
- scsi: sd: Unregister device if device_add_disk() failed in sd_probe() (git-fixes).
- selftests/pidfd: Fix config for pidfd_setns_test (git-fixes).
- serial: 8250_bcm7271: use default_mux_rate if possible (git-fixes).
- serial: kgdboc: Fix NMI-safety problems from keyboard reset code (stable-fixes).
- serial: max3100: Fix bitwise types (git-fixes).
- serial: max3100: Lock port->lock when calling uart_handle_cts_change() (git-fixes).
- serial: sc16is7xx: add proper sched.h include for sched_set_fifo() (git-fixes).
- serial: sc16is7xx: fix bug in sc16is7xx_set_baud() when using prescaler (git-fixes).
- serial: sh-sci: protect invalidating RXDMA on shutdown (git-fixes).
- smb3: show beginning time for per share stats (bsc#1224020).
- smb: client: ensure to try all targets when finding nested links (bsc#1224020).
- smb: client: fix mount when dns_resolver key is not available (git-fixes, bsc#1224020).
- smb: client: get rid of dfs code dep in namespace.c (bsc#1224020).
- smb: client: get rid of dfs naming in automount code (bsc#1224020).
- smb: client: introduce DFS_CACHE_TGT_LIST() (bsc#1224020).
- smb: client: reduce stack usage in cifs_try_adding_channels() (bsc#1224020).
- smb: client: remove extra @chan_count check in __cifs_put_smb_ses() (bsc#1224020).
- smb: client: rename cifs_dfs_ref.c to namespace.c (bsc#1224020).
- soc: mediatek: cmdq: Fix typo of CMDQ_JUMP_RELATIVE (git-fixes).
- soc: qcom: rpmh-rsc: Enhance check for VRM in-flight request (git-fixes).
- Sort recent BHI patches
- speakup: Fix sizeof() vs ARRAY_SIZE() bug (git-fixes).
- spmi: Add a check for remove callback when removing a SPMI driver (git-fixes).
- spmi: hisi-spmi-controller: Do not override device identifier (git-fixes).
- swiotlb: extend buffer pre-padding to alloc_align_mask if necessary (bsc#1224331).
- swiotlb: Fix alignment checks when both allocation and DMA masks are (bsc#1224331)
- swiotlb: Fix double-allocation of slots due to broken alignment (bsc#1224331)
- swiotlb: Honour dma_alloc_coherent() alignment in swiotlb_alloc() (bsc#1224331)
- sysv: do not call sb_bread() with pointers_lock held (git-fixes).
- thermal/drivers/tsens: Fix null pointer dereference (git-fixes).
- tools/latency-collector: Fix -Wformat-security compile warns (git-fixes).
- tpm_tis_spi: Account for SPI header when allocating TPM SPI xfer (bsc#1225535)
- tpm_tis_spi: Account for SPI header when allocating TPM SPI xfer buffer (git-fixes).
- tracing: Add MODULE_DESCRIPTION() to preemptirq_delay_test (git-fixes).
- tracing: hide unused ftrace_event_id_fops (git-fixes).
- tty: n_gsm: fix missing receive state reset after mode switch (git-fixes).
- tty: n_gsm: fix possible out-of-bounds in gsm0_receive() (git-fixes).
- usb: aqc111: stop lying about skb->truesize (git-fixes).
- USB: core: Add hub_get() and hub_put() routines (git-fixes).
- USB: core: Fix access violation during port device removal (git-fixes).
- USB: core: Fix deadlock in port 'disable' sysfs attribute (git-fixes).
- usb: dwc3: core: Prevent phy suspend during init (Git-fixes).
- usb: gadget: u_audio: Clear uac pointer when freed (git-fixes).
- usb: typec: tipd: fix event checking for tps6598x (git-fixes).
- usb: typec: ucsi: displayport: Fix potential deadlock (git-fixes).
- VMCI: Fix an error handling path in vmci_guest_probe_device() (git-fixes).
- VMCI: Fix possible memcpy() run-time warning in vmci_datagram_invoke_guest_handler() (stable-fixes).
- vmci: prevent speculation leaks by sanitizing event in event_deliver() (git-fixes).
- watchdog: cpu5wdt.c: Fix use-after-free bug caused by cpu5wdt_trigger (git-fixes).
- watchdog: ixp4xx: Make sure restart always works (git-fixes).
- watchdog: rti_wdt: Set min_hw_heartbeat_ms to accommodate a safety margin (git-fixes).
- wifi: ar5523: enable proper endpoint verification (git-fixes).
- wifi: ath10k: Fix an error code problem in ath10k_dbg_sta_write_peer_debug_trigger() (git-fixes).
- wifi: ath10k: poll service ready message before failing (git-fixes).
- wifi: ath10k: populate board data for WCN3990 (git-fixes).
- wifi: ath11k: do not force enable power save on non-running vdevs (git-fixes).
- wifi: carl9170: add a proper sanity check for endpoints (git-fixes).
- wifi: carl9170: re-fix fortified-memset warning (git-fixes).
- wifi: cfg80211: fix rdev_dump_mpp() arguments order (stable-fixes).
- wifi: mac80211: fix ieee80211_bss_*_flags kernel-doc (stable-fixes).
- wifi: mwl8k: initialize cmd->addr[] properly (git-fixes).
- x86/boot: Ignore NMIs during very early boot (git-fixes).
- x86/bugs: Cache the value of MSR_IA32_ARCH_CAPABILITIES (git-fixes).
- x86/bugs: Change commas to semicolons in 'spectre_v2' sysfs file (git-fixes).
- x86/bugs: Fix BHI documentation (git-fixes).
- x86/bugs: Fix BHI handling of RRSBA (git-fixes).
- x86/bugs: Fix BHI retpoline check (git-fixes).
- x86/bugs: Fix return type of spectre_bhi_state() (git-fixes).
- x86/bugs: Remove CONFIG_BHI_MITIGATION_AUTO and spectre_bhi=auto (git-fixes).
- x86/bugs: Rename various 'ia32_cap' variables to 'x86_arch_cap_msr' (git-fixes).
- x86/bugs: Replace CONFIG_SPECTRE_BHI_{ON,OFF} with CONFIG_MITIGATION_SPECTRE_BHI (git-fixes).
- x86: Fix CPUIDLE_FLAG_IRQ_ENABLE leaking timer reprogram (git-fixes).
- x86/kvm: Do not try to disable kvmclock if it was not enabled (git-fixes).
- x86/lib: Fix overflow when counting digits (git-fixes).
- x86/mce: Make sure to grab mce_sysfs_mutex in set_bank() (git-fixes).
- x86/nmi: Drop unused declaration of proc_nmi_enabled() (git-fixes).
- x86/retpoline: Do the necessary fixup to the Zen3/4 srso return thunk for !SRSO (git-fixes).
- x86/sev: Check for MWAITX and MONITORX opcodes in the #VC handler (git-fixes).
- x86/sme: Fix memory encryption setting if enabled by default and not overridden (git-fixes).
- x86/tdx: Preserve shared bit on mprotect() (git-fixes).
- xfs: fix exception caused by unexpected illegal bestcount in leaf dir (git-fixes).
- xfs: Fix false ENOSPC when performing direct write on a delalloc extent in cow fork (git-fixes).
- xfs: fix imprecise logic in xchk_btree_check_block_owner (git-fixes).
- xfs: fix inode reservation space for removing transaction (git-fixes).
- xfs: shrink failure needs to hold AGI buffer (git-fixes).
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:2242-1
Released: Wed Jun 26 15:42:01 2024
Summary: Recommended update for wicked
Type: recommended
Severity: important
References: 1218668
This update for wicked fixes the following issues:
- Fix VLANs/bonds randomly not coming up after reboot or wicked restart. [bsc#1218668]
The following package changes have been done:
- aaa_base-84.87+git20180409.04c9dae-150300.10.20.1 updated
- chrony-pool-suse-4.1-150400.21.5.7 updated
- chrony-4.1-150400.21.5.7 updated
- containerd-ctr-1.7.17-150000.111.3 updated
- containerd-1.7.17-150000.111.3 updated
- glibc-locale-base-2.31-150300.83.1 updated
- glibc-locale-2.31-150300.83.1 updated
- glibc-2.31-150300.83.1 updated
- iputils-20221126-150500.3.8.2 updated
- kernel-default-5.14.21-150500.55.68.1 updated
- libabsl2401_0_0-20240116.1-150500.13.7.8 added
- libgcc_s1-13.3.0+git8781-150000.1.12.1 updated
- libjitterentropy3-3.4.1-150000.1.12.1 updated
- libopenssl1_1-1.1.1l-150500.17.31.1 updated
- libprotobuf-lite25_1_0-25.1-150500.12.2.2 updated
- libsolv-tools-base-0.7.29-150400.3.22.4 added
- libsolv-tools-0.7.29-150400.3.22.4 updated
- libstdc++6-13.3.0+git8781-150000.1.12.1 updated
- libzypp-17.34.1-150500.6.2.1 updated
- openssl-1_1-1.1.1l-150500.17.31.1 updated
- python3-requests-2.25.1-150300.3.12.2 updated
- socat-1.8.0.0-150400.14.3.1 updated
- supportutils-3.1.30-150300.7.35.30.1 updated
- suse-module-tools-15.5.5-150500.3.12.2 updated
- wget-1.20.3-150000.3.20.1 updated
- wicked-service-0.6.75-150500.3.29.1 updated
- wicked-0.6.75-150500.3.29.1 updated
- zypper-1.14.73-150500.6.2.1 updated
- libabsl2308_0_0-20230802.1-150400.10.4.1 removed
More information about the sle-container-updates
mailing list