From null at suse.de Mon Apr 1 08:30:05 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 01 Apr 2024 08:30:05 -0000 Subject: SUSE-SU-2024:1074-1: important: Security update for qpid-proton Message-ID: <171196020525.8892.8595385516212164582@smelt2.prg2.suse.org> # Security update for qpid-proton Announcement ID: SUSE-SU-2024:1074-1 Rating: important References: * bsc#1041090 * bsc#1084627 * bsc#1133158 * bsc#1172267 * bsc#1191783 Cross-References: * CVE-2019-0223 CVSS scores: * CVE-2019-0223 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2019-0223 ( NVD ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2019-0223 ( NVD ): 7.4 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Package Hub 15 15-SP5 An update that solves one vulnerability and has four security fixes can now be installed. ## Description: This update for qpid-proton fixes the following issues: * CVE-2019-0223: Fixed TLS Man in the Middle Vulnerability (bsc#1133158). The following non-security bugs were fixed: * Fix build with OpenSSL 3.0.0 (bsc#1172267) * Sort linked .o files to make package build reproducible (bsc#1041090) * Fix build with gcc8 (bsc#1084627) * Move libqpid-proton-core to a different package to fix a rpmlint error (bsc#1191783) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1074=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-1074=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * python3-python-qpid-proton-0.38.0-150000.6.3.1 * qpid-proton-debugsource-0.38.0-150000.6.3.1 * python3-python-qpid-proton-debuginfo-0.38.0-150000.6.3.1 * qpid-proton-devel-0.38.0-150000.6.3.1 * qpid-proton-debuginfo-0.38.0-150000.6.3.1 * openSUSE Leap 15.5 (noarch) * qpid-proton-devel-doc-0.38.0-150000.6.3.1 * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x x86_64) * qpid-proton-debugsource-0.38.0-150000.6.3.1 * qpid-proton-debuginfo-0.38.0-150000.6.3.1 ## References: * https://www.suse.com/security/cve/CVE-2019-0223.html * https://bugzilla.suse.com/show_bug.cgi?id=1041090 * https://bugzilla.suse.com/show_bug.cgi?id=1084627 * https://bugzilla.suse.com/show_bug.cgi?id=1133158 * https://bugzilla.suse.com/show_bug.cgi?id=1172267 * https://bugzilla.suse.com/show_bug.cgi?id=1191783 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Apr 1 16:30:04 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 01 Apr 2024 16:30:04 -0000 Subject: SUSE-SU-2024:1078-1: moderate: Security update for libvirt Message-ID: <171198900447.16540.1076460007347163108@smelt2.prg2.suse.org> # Security update for libvirt Announcement ID: SUSE-SU-2024:1078-1 Rating: moderate References: * bsc#1221815 Cross-References: * CVE-2024-2494 CVSS scores: * CVE-2024-2494 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.3 * Server Applications Module 15-SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for libvirt fixes the following issues: * CVE-2024-2494: Fixed negative g_new0 length can lead to unbounded memory allocation (bsc#1221815). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-1078=1 * Server Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP5-2024-1078=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-1078=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-1078=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-1078=1 ## Package List: * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * libvirt-lock-sanlock-debuginfo-7.1.0-150300.6.41.1 * libvirt-daemon-driver-nodedev-7.1.0-150300.6.41.1 * libvirt-daemon-driver-storage-logical-7.1.0-150300.6.41.1 * libvirt-client-debuginfo-7.1.0-150300.6.41.1 * libvirt-daemon-qemu-7.1.0-150300.6.41.1 * libvirt-daemon-driver-lxc-7.1.0-150300.6.41.1 * libvirt-daemon-driver-nwfilter-7.1.0-150300.6.41.1 * libvirt-daemon-driver-storage-mpath-7.1.0-150300.6.41.1 * libvirt-daemon-driver-storage-iscsi-direct-debuginfo-7.1.0-150300.6.41.1 * libvirt-daemon-config-nwfilter-7.1.0-150300.6.41.1 * libvirt-admin-debuginfo-7.1.0-150300.6.41.1 * libvirt-daemon-driver-storage-core-7.1.0-150300.6.41.1 * libvirt-daemon-driver-nodedev-debuginfo-7.1.0-150300.6.41.1 * libvirt-daemon-driver-storage-gluster-7.1.0-150300.6.41.1 * libvirt-daemon-driver-storage-scsi-7.1.0-150300.6.41.1 * wireshark-plugin-libvirt-debuginfo-7.1.0-150300.6.41.1 * libvirt-daemon-driver-storage-core-debuginfo-7.1.0-150300.6.41.1 * libvirt-daemon-driver-storage-7.1.0-150300.6.41.1 * libvirt-daemon-driver-interface-7.1.0-150300.6.41.1 * libvirt-admin-7.1.0-150300.6.41.1 * libvirt-debugsource-7.1.0-150300.6.41.1 * libvirt-client-7.1.0-150300.6.41.1 * libvirt-lock-sanlock-7.1.0-150300.6.41.1 * libvirt-daemon-driver-storage-mpath-debuginfo-7.1.0-150300.6.41.1 * libvirt-daemon-driver-storage-iscsi-direct-7.1.0-150300.6.41.1 * libvirt-daemon-driver-interface-debuginfo-7.1.0-150300.6.41.1 * libvirt-daemon-7.1.0-150300.6.41.1 * libvirt-nss-debuginfo-7.1.0-150300.6.41.1 * libvirt-daemon-hooks-7.1.0-150300.6.41.1 * libvirt-daemon-driver-secret-debuginfo-7.1.0-150300.6.41.1 * libvirt-daemon-driver-storage-iscsi-debuginfo-7.1.0-150300.6.41.1 * libvirt-daemon-driver-network-debuginfo-7.1.0-150300.6.41.1 * libvirt-devel-7.1.0-150300.6.41.1 * libvirt-daemon-driver-storage-scsi-debuginfo-7.1.0-150300.6.41.1 * libvirt-7.1.0-150300.6.41.1 * libvirt-daemon-driver-storage-iscsi-7.1.0-150300.6.41.1 * libvirt-daemon-driver-storage-disk-debuginfo-7.1.0-150300.6.41.1 * libvirt-libs-debuginfo-7.1.0-150300.6.41.1 * libvirt-daemon-driver-lxc-debuginfo-7.1.0-150300.6.41.1 * libvirt-daemon-driver-storage-logical-debuginfo-7.1.0-150300.6.41.1 * libvirt-daemon-driver-storage-disk-7.1.0-150300.6.41.1 * libvirt-daemon-driver-storage-gluster-debuginfo-7.1.0-150300.6.41.1 * libvirt-daemon-driver-qemu-7.1.0-150300.6.41.1 * wireshark-plugin-libvirt-7.1.0-150300.6.41.1 * libvirt-daemon-driver-network-7.1.0-150300.6.41.1 * libvirt-nss-7.1.0-150300.6.41.1 * libvirt-daemon-driver-secret-7.1.0-150300.6.41.1 * libvirt-daemon-lxc-7.1.0-150300.6.41.1 * libvirt-daemon-config-network-7.1.0-150300.6.41.1 * libvirt-libs-7.1.0-150300.6.41.1 * libvirt-daemon-driver-qemu-debuginfo-7.1.0-150300.6.41.1 * libvirt-daemon-debuginfo-7.1.0-150300.6.41.1 * libvirt-daemon-driver-nwfilter-debuginfo-7.1.0-150300.6.41.1 * openSUSE Leap 15.3 (noarch) * libvirt-bash-completion-7.1.0-150300.6.41.1 * libvirt-doc-7.1.0-150300.6.41.1 * openSUSE Leap 15.3 (x86_64) * libvirt-client-32bit-debuginfo-7.1.0-150300.6.41.1 * libvirt-daemon-driver-libxl-debuginfo-7.1.0-150300.6.41.1 * libvirt-daemon-driver-libxl-7.1.0-150300.6.41.1 * libvirt-devel-32bit-7.1.0-150300.6.41.1 * libvirt-daemon-xen-7.1.0-150300.6.41.1 * openSUSE Leap 15.3 (aarch64 x86_64) * libvirt-daemon-driver-storage-rbd-debuginfo-7.1.0-150300.6.41.1 * libvirt-daemon-driver-storage-rbd-7.1.0-150300.6.41.1 * openSUSE Leap 15.3 (aarch64_ilp32) * libvirt-devel-64bit-7.1.0-150300.6.41.1 * libvirt-client-64bit-debuginfo-7.1.0-150300.6.41.1 * Server Applications Module 15-SP5 (noarch) * libvirt-bash-completion-7.1.0-150300.6.41.1 * Server Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * libvirt-debugsource-7.1.0-150300.6.41.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * libvirt-daemon-driver-nodedev-7.1.0-150300.6.41.1 * libvirt-daemon-driver-storage-logical-7.1.0-150300.6.41.1 * libvirt-daemon-qemu-7.1.0-150300.6.41.1 * libvirt-daemon-driver-nwfilter-7.1.0-150300.6.41.1 * libvirt-daemon-driver-storage-mpath-7.1.0-150300.6.41.1 * libvirt-daemon-driver-storage-iscsi-direct-debuginfo-7.1.0-150300.6.41.1 * libvirt-daemon-driver-storage-core-7.1.0-150300.6.41.1 * libvirt-daemon-driver-nodedev-debuginfo-7.1.0-150300.6.41.1 * libvirt-daemon-driver-storage-scsi-7.1.0-150300.6.41.1 * libvirt-daemon-driver-storage-core-debuginfo-7.1.0-150300.6.41.1 * libvirt-daemon-driver-storage-7.1.0-150300.6.41.1 * libvirt-daemon-driver-interface-7.1.0-150300.6.41.1 * libvirt-debugsource-7.1.0-150300.6.41.1 * libvirt-daemon-driver-storage-mpath-debuginfo-7.1.0-150300.6.41.1 * libvirt-daemon-driver-storage-iscsi-direct-7.1.0-150300.6.41.1 * libvirt-daemon-driver-interface-debuginfo-7.1.0-150300.6.41.1 * libvirt-daemon-7.1.0-150300.6.41.1 * libvirt-daemon-driver-secret-debuginfo-7.1.0-150300.6.41.1 * libvirt-daemon-driver-storage-iscsi-debuginfo-7.1.0-150300.6.41.1 * libvirt-daemon-driver-network-debuginfo-7.1.0-150300.6.41.1 * libvirt-daemon-driver-storage-scsi-debuginfo-7.1.0-150300.6.41.1 * libvirt-daemon-driver-storage-iscsi-7.1.0-150300.6.41.1 * libvirt-libs-debuginfo-7.1.0-150300.6.41.1 * libvirt-daemon-driver-storage-disk-debuginfo-7.1.0-150300.6.41.1 * libvirt-daemon-driver-storage-logical-debuginfo-7.1.0-150300.6.41.1 * libvirt-daemon-driver-storage-disk-7.1.0-150300.6.41.1 * libvirt-daemon-driver-qemu-7.1.0-150300.6.41.1 * libvirt-daemon-driver-network-7.1.0-150300.6.41.1 * libvirt-daemon-driver-secret-7.1.0-150300.6.41.1 * libvirt-libs-7.1.0-150300.6.41.1 * libvirt-daemon-driver-qemu-debuginfo-7.1.0-150300.6.41.1 * libvirt-daemon-debuginfo-7.1.0-150300.6.41.1 * libvirt-daemon-driver-nwfilter-debuginfo-7.1.0-150300.6.41.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 x86_64) * libvirt-daemon-driver-storage-rbd-debuginfo-7.1.0-150300.6.41.1 * libvirt-daemon-driver-storage-rbd-7.1.0-150300.6.41.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * libvirt-daemon-driver-nodedev-7.1.0-150300.6.41.1 * libvirt-daemon-driver-storage-logical-7.1.0-150300.6.41.1 * libvirt-client-debuginfo-7.1.0-150300.6.41.1 * libvirt-daemon-qemu-7.1.0-150300.6.41.1 * libvirt-daemon-driver-nwfilter-7.1.0-150300.6.41.1 * libvirt-daemon-driver-storage-mpath-7.1.0-150300.6.41.1 * libvirt-daemon-driver-storage-iscsi-direct-debuginfo-7.1.0-150300.6.41.1 * libvirt-daemon-driver-storage-core-7.1.0-150300.6.41.1 * libvirt-daemon-driver-nodedev-debuginfo-7.1.0-150300.6.41.1 * libvirt-daemon-driver-storage-scsi-7.1.0-150300.6.41.1 * libvirt-daemon-driver-storage-core-debuginfo-7.1.0-150300.6.41.1 * libvirt-daemon-driver-storage-7.1.0-150300.6.41.1 * libvirt-daemon-driver-interface-7.1.0-150300.6.41.1 * libvirt-debugsource-7.1.0-150300.6.41.1 * libvirt-daemon-driver-storage-mpath-debuginfo-7.1.0-150300.6.41.1 * libvirt-daemon-driver-storage-iscsi-direct-7.1.0-150300.6.41.1 * libvirt-daemon-driver-interface-debuginfo-7.1.0-150300.6.41.1 * libvirt-daemon-debuginfo-7.1.0-150300.6.41.1 * libvirt-daemon-7.1.0-150300.6.41.1 * libvirt-daemon-driver-secret-debuginfo-7.1.0-150300.6.41.1 * libvirt-daemon-driver-storage-iscsi-debuginfo-7.1.0-150300.6.41.1 * libvirt-daemon-driver-network-debuginfo-7.1.0-150300.6.41.1 * libvirt-daemon-driver-storage-scsi-debuginfo-7.1.0-150300.6.41.1 * libvirt-daemon-driver-storage-iscsi-7.1.0-150300.6.41.1 * libvirt-libs-debuginfo-7.1.0-150300.6.41.1 * libvirt-daemon-driver-storage-disk-debuginfo-7.1.0-150300.6.41.1 * libvirt-daemon-driver-storage-logical-debuginfo-7.1.0-150300.6.41.1 * libvirt-daemon-driver-storage-disk-7.1.0-150300.6.41.1 * libvirt-daemon-driver-qemu-7.1.0-150300.6.41.1 * libvirt-daemon-driver-network-7.1.0-150300.6.41.1 * libvirt-daemon-driver-secret-7.1.0-150300.6.41.1 * libvirt-libs-7.1.0-150300.6.41.1 * libvirt-daemon-driver-qemu-debuginfo-7.1.0-150300.6.41.1 * libvirt-client-7.1.0-150300.6.41.1 * libvirt-daemon-driver-nwfilter-debuginfo-7.1.0-150300.6.41.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 x86_64) * libvirt-daemon-driver-storage-rbd-debuginfo-7.1.0-150300.6.41.1 * libvirt-daemon-driver-storage-rbd-7.1.0-150300.6.41.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * libvirt-daemon-driver-nodedev-7.1.0-150300.6.41.1 * libvirt-daemon-driver-storage-logical-7.1.0-150300.6.41.1 * libvirt-client-debuginfo-7.1.0-150300.6.41.1 * libvirt-daemon-qemu-7.1.0-150300.6.41.1 * libvirt-daemon-driver-nwfilter-7.1.0-150300.6.41.1 * libvirt-daemon-driver-storage-mpath-7.1.0-150300.6.41.1 * libvirt-daemon-driver-storage-iscsi-direct-debuginfo-7.1.0-150300.6.41.1 * libvirt-daemon-driver-storage-core-7.1.0-150300.6.41.1 * libvirt-daemon-driver-nodedev-debuginfo-7.1.0-150300.6.41.1 * libvirt-daemon-driver-storage-scsi-7.1.0-150300.6.41.1 * libvirt-daemon-driver-storage-core-debuginfo-7.1.0-150300.6.41.1 * libvirt-daemon-driver-storage-7.1.0-150300.6.41.1 * libvirt-daemon-driver-interface-7.1.0-150300.6.41.1 * libvirt-debugsource-7.1.0-150300.6.41.1 * libvirt-daemon-driver-storage-mpath-debuginfo-7.1.0-150300.6.41.1 * libvirt-daemon-driver-storage-iscsi-direct-7.1.0-150300.6.41.1 * libvirt-daemon-driver-interface-debuginfo-7.1.0-150300.6.41.1 * libvirt-daemon-debuginfo-7.1.0-150300.6.41.1 * libvirt-daemon-7.1.0-150300.6.41.1 * libvirt-daemon-driver-secret-debuginfo-7.1.0-150300.6.41.1 * libvirt-daemon-driver-storage-iscsi-debuginfo-7.1.0-150300.6.41.1 * libvirt-daemon-driver-network-debuginfo-7.1.0-150300.6.41.1 * libvirt-daemon-driver-storage-scsi-debuginfo-7.1.0-150300.6.41.1 * libvirt-daemon-driver-storage-iscsi-7.1.0-150300.6.41.1 * libvirt-libs-debuginfo-7.1.0-150300.6.41.1 * libvirt-daemon-driver-storage-disk-debuginfo-7.1.0-150300.6.41.1 * libvirt-daemon-driver-storage-logical-debuginfo-7.1.0-150300.6.41.1 * libvirt-daemon-driver-storage-disk-7.1.0-150300.6.41.1 * libvirt-daemon-driver-qemu-7.1.0-150300.6.41.1 * libvirt-daemon-driver-network-7.1.0-150300.6.41.1 * libvirt-daemon-driver-secret-7.1.0-150300.6.41.1 * libvirt-libs-7.1.0-150300.6.41.1 * libvirt-daemon-driver-qemu-debuginfo-7.1.0-150300.6.41.1 * libvirt-client-7.1.0-150300.6.41.1 * libvirt-daemon-driver-nwfilter-debuginfo-7.1.0-150300.6.41.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 x86_64) * libvirt-daemon-driver-storage-rbd-debuginfo-7.1.0-150300.6.41.1 * libvirt-daemon-driver-storage-rbd-7.1.0-150300.6.41.1 ## References: * https://www.suse.com/security/cve/CVE-2024-2494.html * https://bugzilla.suse.com/show_bug.cgi?id=1221815 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Apr 2 08:30:03 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Apr 2024 08:30:03 -0000 Subject: SUSE-SU-2024:1083-1: moderate: Security update for libvirt Message-ID: <171204660326.13584.13402271379184945539@smelt2.prg2.suse.org> # Security update for libvirt Announcement ID: SUSE-SU-2024:1083-1 Rating: moderate References: * bsc#1221815 Cross-References: * CVE-2024-2494 CVSS scores: * CVE-2024-2494 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for libvirt fixes the following issues: * CVE-2024-2494: Fixed negative g_new0 length leading to unbounded memory allocation (bsc#1221815). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1083=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1083=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1083=1 * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-1083=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * libvirt-debugsource-5.1.0-13.42.1 * libvirt-daemon-5.1.0-13.42.1 * libvirt-lock-sanlock-5.1.0-13.42.1 * libvirt-daemon-driver-storage-core-debuginfo-5.1.0-13.42.1 * libvirt-5.1.0-13.42.1 * libvirt-daemon-debuginfo-5.1.0-13.42.1 * libvirt-daemon-driver-nwfilter-debuginfo-5.1.0-13.42.1 * libvirt-daemon-config-network-5.1.0-13.42.1 * libvirt-daemon-driver-network-5.1.0-13.42.1 * libvirt-nss-debuginfo-5.1.0-13.42.1 * libvirt-daemon-lxc-5.1.0-13.42.1 * libvirt-libs-5.1.0-13.42.1 * libvirt-daemon-driver-nodedev-5.1.0-13.42.1 * libvirt-daemon-driver-storage-scsi-5.1.0-13.42.1 * libvirt-daemon-driver-storage-iscsi-debuginfo-5.1.0-13.42.1 * libvirt-lock-sanlock-debuginfo-5.1.0-13.42.1 * libvirt-daemon-driver-storage-logical-5.1.0-13.42.1 * libvirt-daemon-driver-storage-mpath-5.1.0-13.42.1 * libvirt-daemon-driver-network-debuginfo-5.1.0-13.42.1 * libvirt-client-5.1.0-13.42.1 * libvirt-nss-5.1.0-13.42.1 * libvirt-daemon-driver-interface-debuginfo-5.1.0-13.42.1 * libvirt-admin-5.1.0-13.42.1 * libvirt-daemon-driver-storage-iscsi-5.1.0-13.42.1 * libvirt-daemon-driver-secret-debuginfo-5.1.0-13.42.1 * libvirt-daemon-driver-storage-disk-debuginfo-5.1.0-13.42.1 * libvirt-daemon-driver-qemu-5.1.0-13.42.1 * libvirt-daemon-driver-storage-logical-debuginfo-5.1.0-13.42.1 * libvirt-admin-debuginfo-5.1.0-13.42.1 * libvirt-libs-debuginfo-5.1.0-13.42.1 * libvirt-daemon-driver-lxc-debuginfo-5.1.0-13.42.1 * libvirt-daemon-driver-lxc-5.1.0-13.42.1 * libvirt-daemon-driver-nwfilter-5.1.0-13.42.1 * libvirt-daemon-driver-storage-5.1.0-13.42.1 * libvirt-daemon-qemu-5.1.0-13.42.1 * libvirt-daemon-driver-interface-5.1.0-13.42.1 * libvirt-daemon-config-nwfilter-5.1.0-13.42.1 * libvirt-daemon-driver-storage-rbd-debuginfo-5.1.0-13.42.1 * libvirt-daemon-driver-storage-mpath-debuginfo-5.1.0-13.42.1 * libvirt-daemon-driver-storage-rbd-5.1.0-13.42.1 * libvirt-daemon-driver-qemu-debuginfo-5.1.0-13.42.1 * libvirt-daemon-hooks-5.1.0-13.42.1 * libvirt-daemon-driver-storage-core-5.1.0-13.42.1 * libvirt-daemon-driver-nodedev-debuginfo-5.1.0-13.42.1 * libvirt-client-debuginfo-5.1.0-13.42.1 * libvirt-daemon-driver-secret-5.1.0-13.42.1 * libvirt-daemon-driver-storage-scsi-debuginfo-5.1.0-13.42.1 * libvirt-doc-5.1.0-13.42.1 * libvirt-daemon-driver-storage-disk-5.1.0-13.42.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (x86_64) * libvirt-daemon-driver-libxl-5.1.0-13.42.1 * libvirt-daemon-driver-libxl-debuginfo-5.1.0-13.42.1 * libvirt-daemon-xen-5.1.0-13.42.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * libvirt-debugsource-5.1.0-13.42.1 * libvirt-daemon-5.1.0-13.42.1 * libvirt-lock-sanlock-5.1.0-13.42.1 * libvirt-daemon-driver-storage-core-debuginfo-5.1.0-13.42.1 * libvirt-5.1.0-13.42.1 * libvirt-daemon-debuginfo-5.1.0-13.42.1 * libvirt-daemon-driver-nwfilter-debuginfo-5.1.0-13.42.1 * libvirt-daemon-config-network-5.1.0-13.42.1 * libvirt-daemon-driver-network-5.1.0-13.42.1 * libvirt-nss-debuginfo-5.1.0-13.42.1 * libvirt-daemon-lxc-5.1.0-13.42.1 * libvirt-libs-5.1.0-13.42.1 * libvirt-daemon-driver-nodedev-5.1.0-13.42.1 * libvirt-daemon-driver-storage-scsi-5.1.0-13.42.1 * libvirt-daemon-driver-storage-iscsi-debuginfo-5.1.0-13.42.1 * libvirt-lock-sanlock-debuginfo-5.1.0-13.42.1 * libvirt-daemon-driver-storage-logical-5.1.0-13.42.1 * libvirt-daemon-driver-storage-mpath-5.1.0-13.42.1 * libvirt-daemon-driver-network-debuginfo-5.1.0-13.42.1 * libvirt-client-5.1.0-13.42.1 * libvirt-nss-5.1.0-13.42.1 * libvirt-daemon-driver-interface-debuginfo-5.1.0-13.42.1 * libvirt-admin-5.1.0-13.42.1 * libvirt-daemon-driver-storage-iscsi-5.1.0-13.42.1 * libvirt-daemon-driver-secret-debuginfo-5.1.0-13.42.1 * libvirt-daemon-driver-storage-disk-debuginfo-5.1.0-13.42.1 * libvirt-daemon-driver-qemu-5.1.0-13.42.1 * libvirt-daemon-driver-storage-logical-debuginfo-5.1.0-13.42.1 * libvirt-admin-debuginfo-5.1.0-13.42.1 * libvirt-libs-debuginfo-5.1.0-13.42.1 * libvirt-daemon-driver-lxc-debuginfo-5.1.0-13.42.1 * libvirt-daemon-driver-lxc-5.1.0-13.42.1 * libvirt-daemon-driver-nwfilter-5.1.0-13.42.1 * libvirt-daemon-driver-storage-5.1.0-13.42.1 * libvirt-daemon-qemu-5.1.0-13.42.1 * libvirt-daemon-driver-interface-5.1.0-13.42.1 * libvirt-daemon-config-nwfilter-5.1.0-13.42.1 * libvirt-daemon-driver-storage-mpath-debuginfo-5.1.0-13.42.1 * libvirt-daemon-driver-qemu-debuginfo-5.1.0-13.42.1 * libvirt-daemon-hooks-5.1.0-13.42.1 * libvirt-daemon-driver-storage-core-5.1.0-13.42.1 * libvirt-daemon-driver-nodedev-debuginfo-5.1.0-13.42.1 * libvirt-client-debuginfo-5.1.0-13.42.1 * libvirt-daemon-driver-secret-5.1.0-13.42.1 * libvirt-daemon-driver-storage-scsi-debuginfo-5.1.0-13.42.1 * libvirt-doc-5.1.0-13.42.1 * libvirt-daemon-driver-storage-disk-5.1.0-13.42.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 x86_64) * libvirt-daemon-driver-storage-rbd-debuginfo-5.1.0-13.42.1 * libvirt-daemon-driver-storage-rbd-5.1.0-13.42.1 * SUSE Linux Enterprise Server 12 SP5 (x86_64) * libvirt-daemon-driver-libxl-5.1.0-13.42.1 * libvirt-daemon-driver-libxl-debuginfo-5.1.0-13.42.1 * libvirt-daemon-xen-5.1.0-13.42.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * libvirt-debugsource-5.1.0-13.42.1 * libvirt-daemon-5.1.0-13.42.1 * libvirt-lock-sanlock-5.1.0-13.42.1 * libvirt-daemon-driver-storage-core-debuginfo-5.1.0-13.42.1 * libvirt-5.1.0-13.42.1 * libvirt-daemon-debuginfo-5.1.0-13.42.1 * libvirt-daemon-driver-nwfilter-debuginfo-5.1.0-13.42.1 * libvirt-daemon-config-network-5.1.0-13.42.1 * libvirt-daemon-driver-network-5.1.0-13.42.1 * libvirt-nss-debuginfo-5.1.0-13.42.1 * libvirt-daemon-lxc-5.1.0-13.42.1 * libvirt-libs-5.1.0-13.42.1 * libvirt-daemon-driver-nodedev-5.1.0-13.42.1 * libvirt-daemon-driver-storage-scsi-5.1.0-13.42.1 * libvirt-daemon-driver-storage-iscsi-debuginfo-5.1.0-13.42.1 * libvirt-lock-sanlock-debuginfo-5.1.0-13.42.1 * libvirt-daemon-driver-storage-logical-5.1.0-13.42.1 * libvirt-daemon-driver-storage-mpath-5.1.0-13.42.1 * libvirt-daemon-driver-network-debuginfo-5.1.0-13.42.1 * libvirt-client-5.1.0-13.42.1 * libvirt-nss-5.1.0-13.42.1 * libvirt-daemon-driver-interface-debuginfo-5.1.0-13.42.1 * libvirt-admin-5.1.0-13.42.1 * libvirt-daemon-driver-storage-iscsi-5.1.0-13.42.1 * libvirt-daemon-driver-secret-debuginfo-5.1.0-13.42.1 * libvirt-daemon-driver-storage-disk-debuginfo-5.1.0-13.42.1 * libvirt-daemon-driver-qemu-5.1.0-13.42.1 * libvirt-daemon-driver-storage-logical-debuginfo-5.1.0-13.42.1 * libvirt-admin-debuginfo-5.1.0-13.42.1 * libvirt-libs-debuginfo-5.1.0-13.42.1 * libvirt-daemon-driver-lxc-debuginfo-5.1.0-13.42.1 * libvirt-daemon-driver-lxc-5.1.0-13.42.1 * libvirt-daemon-driver-nwfilter-5.1.0-13.42.1 * libvirt-daemon-driver-storage-5.1.0-13.42.1 * libvirt-daemon-qemu-5.1.0-13.42.1 * libvirt-daemon-driver-interface-5.1.0-13.42.1 * libvirt-daemon-config-nwfilter-5.1.0-13.42.1 * libvirt-daemon-driver-storage-mpath-debuginfo-5.1.0-13.42.1 * libvirt-daemon-driver-qemu-debuginfo-5.1.0-13.42.1 * libvirt-daemon-hooks-5.1.0-13.42.1 * libvirt-daemon-driver-storage-core-5.1.0-13.42.1 * libvirt-daemon-driver-nodedev-debuginfo-5.1.0-13.42.1 * libvirt-client-debuginfo-5.1.0-13.42.1 * libvirt-daemon-driver-secret-5.1.0-13.42.1 * libvirt-daemon-driver-storage-scsi-debuginfo-5.1.0-13.42.1 * libvirt-doc-5.1.0-13.42.1 * libvirt-daemon-driver-storage-disk-5.1.0-13.42.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (x86_64) * libvirt-daemon-driver-storage-rbd-debuginfo-5.1.0-13.42.1 * libvirt-daemon-driver-storage-rbd-5.1.0-13.42.1 * libvirt-daemon-driver-libxl-debuginfo-5.1.0-13.42.1 * libvirt-daemon-driver-libxl-5.1.0-13.42.1 * libvirt-daemon-xen-5.1.0-13.42.1 * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * libvirt-devel-5.1.0-13.42.1 * libvirt-debugsource-5.1.0-13.42.1 ## References: * https://www.suse.com/security/cve/CVE-2024-2494.html * https://bugzilla.suse.com/show_bug.cgi?id=1221815 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Apr 2 08:30:09 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Apr 2024 08:30:09 -0000 Subject: SUSE-SU-2024:1079-1: important: Security update for netty, netty-tcnative Message-ID: <171204660996.13584.2198185652134424730@smelt2.prg2.suse.org> # Security update for netty, netty-tcnative Announcement ID: SUSE-SU-2024:1079-1 Rating: important References: * bsc#1222045 Cross-References: * CVE-2024-29025 CVSS scores: * CVE-2024-29025 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Development Tools Module 15-SP5 * openSUSE Leap 15.5 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Package Hub 15 15-SP5 An update that solves one vulnerability can now be installed. ## Description: This update for netty, netty-tcnative fixes the following issues: * CVE-2024-29025: Fixed out of memory due to large number of form fields (bsc#1222045). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1079=1 * Development Tools Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2024-1079=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-1079=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-1079=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-1079=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-1079=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-1079=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-1079=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-1079=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-1079=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-1079=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-1079=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-1079=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-1079=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-1079=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * netty-tcnative-2.0.65-150200.3.19.1 * netty-4.1.108-150200.4.23.1 * openSUSE Leap 15.5 (noarch) * netty-javadoc-4.1.108-150200.4.23.1 * netty-poms-4.1.108-150200.4.23.1 * netty-tcnative-javadoc-2.0.65-150200.3.19.1 * Development Tools Module 15-SP5 (aarch64 ppc64le s390x x86_64) * netty-tcnative-2.0.65-150200.3.19.1 * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x x86_64) * netty-4.1.108-150200.4.23.1 * SUSE Package Hub 15 15-SP5 (noarch) * netty-javadoc-4.1.108-150200.4.23.1 * netty-poms-4.1.108-150200.4.23.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * netty-tcnative-2.0.65-150200.3.19.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * netty-tcnative-2.0.65-150200.3.19.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * netty-tcnative-2.0.65-150200.3.19.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * netty-tcnative-2.0.65-150200.3.19.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * netty-tcnative-2.0.65-150200.3.19.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * netty-tcnative-2.0.65-150200.3.19.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * netty-tcnative-2.0.65-150200.3.19.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * netty-tcnative-2.0.65-150200.3.19.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * netty-tcnative-2.0.65-150200.3.19.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * netty-tcnative-2.0.65-150200.3.19.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * netty-tcnative-2.0.65-150200.3.19.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * netty-tcnative-2.0.65-150200.3.19.1 ## References: * https://www.suse.com/security/cve/CVE-2024-29025.html * https://bugzilla.suse.com/show_bug.cgi?id=1222045 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Apr 2 12:30:07 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Apr 2024 12:30:07 -0000 Subject: SUSE-SU-2024:1086-1: moderate: Security update for perl-DBD-SQLite Message-ID: <171206100728.19297.4135101899423688121@smelt2.prg2.suse.org> # Security update for perl-DBD-SQLite Announcement ID: SUSE-SU-2024:1086-1 Rating: moderate References: * bsc#1218946 Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.3 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that has one security fix can now be installed. ## Description: This update for perl-DBD-SQLite fixes the following issues: * rebuild against current system sqlite. (bsc#1218946) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-1086=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1086=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-1086=1 ## Package List: * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * perl-DBD-SQLite-1.66-150300.3.9.1 * perl-DBD-SQLite-debuginfo-1.66-150300.3.9.1 * perl-DBD-SQLite-debugsource-1.66-150300.3.9.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * perl-DBD-SQLite-1.66-150300.3.9.1 * perl-DBD-SQLite-debuginfo-1.66-150300.3.9.1 * perl-DBD-SQLite-debugsource-1.66-150300.3.9.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * perl-DBD-SQLite-1.66-150300.3.9.1 * perl-DBD-SQLite-debuginfo-1.66-150300.3.9.1 * perl-DBD-SQLite-debugsource-1.66-150300.3.9.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1218946 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Apr 3 08:30:03 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 03 Apr 2024 08:30:03 -0000 Subject: SUSE-SU-2024:1097-1: important: Security update for the Linux Kernel RT (Live Patch 0 for SLE 15 SP5) Message-ID: <171213300376.965.15680529646023421665@smelt2.prg2.suse.org> # Security update for the Linux Kernel RT (Live Patch 0 for SLE 15 SP5) Announcement ID: SUSE-SU-2024:1097-1 Rating: important References: * bsc#1208911 * bsc#1215887 * bsc#1216898 * bsc#1218487 * bsc#1218610 Cross-References: * CVE-2023-0461 * CVE-2023-39191 * CVE-2023-46813 * CVE-2023-51779 * CVE-2023-6531 CVSS scores: * CVE-2023-0461 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-0461 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-39191 ( SUSE ): 8.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H * CVE-2023-39191 ( NVD ): 8.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H * CVE-2023-46813 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-46813 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-51779 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6531 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6531 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves five vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_11 fixes several issues. The following security issues were fixed: * CVE-2023-6531: Fixed a use-after-free flaw due to a race problem in the unix garbage collector's deletion of SKB races with unix_stream_read_generic()on the socket that the SKB is queued on (bsc#1218487). * CVE-2023-46813: Fixed a local privilege escalation with user-space programs that have access to MMIO regions (bsc#1216898). * CVE-2023-39191: Fixed a lack of validation of dynamic pointers within user- supplied eBPF programs that may have allowed an attacker with CAP_BPF privileges to escalate privileges and execute arbitrary code. (bsc#1215863) * CVE-2023-51779: Fixed a use-after-free because of a bt_sock_ioctl race condition in bt_sock_recvmsg (bsc#1218610). * CVE-2023-0461: Fixed use-after-free in icsk_ulp_data (bsc#1208911). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-1097=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-1097=1 ## Package List: * openSUSE Leap 15.5 (x86_64) * kernel-livepatch-5_14_21-150500_11-rt-9-150500.6.2 * kernel-livepatch-5_14_21-150500_11-rt-debuginfo-9-150500.6.2 * kernel-livepatch-SLE15-SP5-RT_Update_0-debugsource-9-150500.6.2 * SUSE Linux Enterprise Live Patching 15-SP5 (x86_64) * kernel-livepatch-5_14_21-150500_11-rt-9-150500.6.2 * kernel-livepatch-5_14_21-150500_11-rt-debuginfo-9-150500.6.2 * kernel-livepatch-SLE15-SP5-RT_Update_0-debugsource-9-150500.6.2 ## References: * https://www.suse.com/security/cve/CVE-2023-0461.html * https://www.suse.com/security/cve/CVE-2023-39191.html * https://www.suse.com/security/cve/CVE-2023-46813.html * https://www.suse.com/security/cve/CVE-2023-51779.html * https://www.suse.com/security/cve/CVE-2023-6531.html * https://bugzilla.suse.com/show_bug.cgi?id=1208911 * https://bugzilla.suse.com/show_bug.cgi?id=1215887 * https://bugzilla.suse.com/show_bug.cgi?id=1216898 * https://bugzilla.suse.com/show_bug.cgi?id=1218487 * https://bugzilla.suse.com/show_bug.cgi?id=1218610 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Apr 3 16:30:04 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 03 Apr 2024 16:30:04 -0000 Subject: SUSE-SU-2024:1106-1: important: Security update for util-linux Message-ID: <171216180428.13043.7953985649478480466@smelt2.prg2.suse.org> # Security update for util-linux Announcement ID: SUSE-SU-2024:1106-1 Rating: important References: * bsc#1194642 * bsc#1207987 * bsc#1221831 Cross-References: * CVE-2024-28085 CVSS scores: * CVE-2024-28085 ( SUSE ): 8.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N Affected Products: * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 An update that solves one vulnerability and has two security fixes can now be installed. ## Description: This update for util-linux fixes the following issues: * CVE-2024-28085: Properly neutralize escape sequences in wall. (bsc#1221831) * Prevent error message if `/var/lib/libuuid/clock.txt` does not exist (bsc#1194642) * Fixed performance degradation (bsc#1207987) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-1106=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-1106=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-1106=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * util-linux-debugsource-2.33.2-150100.4.45.1 * libmount-devel-2.33.2-150100.4.45.1 * libblkid-devel-static-2.33.2-150100.4.45.1 * libfdisk1-2.33.2-150100.4.45.1 * util-linux-systemd-debuginfo-2.33.2-150100.4.45.1 * libsmartcols-devel-2.33.2-150100.4.45.1 * libsmartcols1-debuginfo-2.33.2-150100.4.45.1 * libblkid1-2.33.2-150100.4.45.1 * util-linux-debuginfo-2.33.2-150100.4.45.1 * util-linux-2.33.2-150100.4.45.1 * libuuid-devel-2.33.2-150100.4.45.1 * util-linux-systemd-2.33.2-150100.4.45.1 * libfdisk-devel-2.33.2-150100.4.45.1 * libuuid-devel-static-2.33.2-150100.4.45.1 * libmount1-2.33.2-150100.4.45.1 * libsmartcols1-2.33.2-150100.4.45.1 * libblkid-devel-2.33.2-150100.4.45.1 * libuuid1-2.33.2-150100.4.45.1 * libblkid1-debuginfo-2.33.2-150100.4.45.1 * libfdisk1-debuginfo-2.33.2-150100.4.45.1 * uuidd-2.33.2-150100.4.45.1 * util-linux-systemd-debugsource-2.33.2-150100.4.45.1 * libuuid1-debuginfo-2.33.2-150100.4.45.1 * uuidd-debuginfo-2.33.2-150100.4.45.1 * libmount1-debuginfo-2.33.2-150100.4.45.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (noarch) * util-linux-lang-2.33.2-150100.4.45.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (x86_64) * libuuid1-32bit-2.33.2-150100.4.45.1 * libblkid1-32bit-2.33.2-150100.4.45.1 * libmount1-32bit-2.33.2-150100.4.45.1 * libuuid1-32bit-debuginfo-2.33.2-150100.4.45.1 * libblkid1-32bit-debuginfo-2.33.2-150100.4.45.1 * libmount1-32bit-debuginfo-2.33.2-150100.4.45.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * util-linux-debugsource-2.33.2-150100.4.45.1 * libmount-devel-2.33.2-150100.4.45.1 * libblkid-devel-static-2.33.2-150100.4.45.1 * libfdisk1-2.33.2-150100.4.45.1 * util-linux-systemd-debuginfo-2.33.2-150100.4.45.1 * libsmartcols-devel-2.33.2-150100.4.45.1 * libsmartcols1-debuginfo-2.33.2-150100.4.45.1 * libblkid1-2.33.2-150100.4.45.1 * util-linux-debuginfo-2.33.2-150100.4.45.1 * util-linux-2.33.2-150100.4.45.1 * libuuid-devel-2.33.2-150100.4.45.1 * util-linux-systemd-2.33.2-150100.4.45.1 * libfdisk-devel-2.33.2-150100.4.45.1 * libuuid-devel-static-2.33.2-150100.4.45.1 * libmount1-2.33.2-150100.4.45.1 * libsmartcols1-2.33.2-150100.4.45.1 * libblkid-devel-2.33.2-150100.4.45.1 * libuuid1-2.33.2-150100.4.45.1 * libblkid1-debuginfo-2.33.2-150100.4.45.1 * libfdisk1-debuginfo-2.33.2-150100.4.45.1 * uuidd-2.33.2-150100.4.45.1 * util-linux-systemd-debugsource-2.33.2-150100.4.45.1 * libuuid1-debuginfo-2.33.2-150100.4.45.1 * uuidd-debuginfo-2.33.2-150100.4.45.1 * libmount1-debuginfo-2.33.2-150100.4.45.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (noarch) * util-linux-lang-2.33.2-150100.4.45.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (x86_64) * libuuid1-32bit-2.33.2-150100.4.45.1 * libblkid1-32bit-2.33.2-150100.4.45.1 * libmount1-32bit-2.33.2-150100.4.45.1 * libuuid1-32bit-debuginfo-2.33.2-150100.4.45.1 * libblkid1-32bit-debuginfo-2.33.2-150100.4.45.1 * libmount1-32bit-debuginfo-2.33.2-150100.4.45.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * util-linux-debugsource-2.33.2-150100.4.45.1 * libmount-devel-2.33.2-150100.4.45.1 * libblkid-devel-static-2.33.2-150100.4.45.1 * libfdisk1-2.33.2-150100.4.45.1 * util-linux-systemd-debuginfo-2.33.2-150100.4.45.1 * libsmartcols-devel-2.33.2-150100.4.45.1 * libsmartcols1-debuginfo-2.33.2-150100.4.45.1 * libblkid1-2.33.2-150100.4.45.1 * util-linux-debuginfo-2.33.2-150100.4.45.1 * util-linux-2.33.2-150100.4.45.1 * libuuid-devel-2.33.2-150100.4.45.1 * util-linux-systemd-2.33.2-150100.4.45.1 * libfdisk-devel-2.33.2-150100.4.45.1 * libuuid-devel-static-2.33.2-150100.4.45.1 * libmount1-2.33.2-150100.4.45.1 * libsmartcols1-2.33.2-150100.4.45.1 * libblkid-devel-2.33.2-150100.4.45.1 * libuuid1-2.33.2-150100.4.45.1 * libblkid1-debuginfo-2.33.2-150100.4.45.1 * libfdisk1-debuginfo-2.33.2-150100.4.45.1 * uuidd-2.33.2-150100.4.45.1 * util-linux-systemd-debugsource-2.33.2-150100.4.45.1 * libuuid1-debuginfo-2.33.2-150100.4.45.1 * uuidd-debuginfo-2.33.2-150100.4.45.1 * libmount1-debuginfo-2.33.2-150100.4.45.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (noarch) * util-linux-lang-2.33.2-150100.4.45.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (x86_64) * libuuid1-32bit-2.33.2-150100.4.45.1 * libblkid1-32bit-2.33.2-150100.4.45.1 * libmount1-32bit-2.33.2-150100.4.45.1 * libuuid1-32bit-debuginfo-2.33.2-150100.4.45.1 * libblkid1-32bit-debuginfo-2.33.2-150100.4.45.1 * libmount1-32bit-debuginfo-2.33.2-150100.4.45.1 ## References: * https://www.suse.com/security/cve/CVE-2024-28085.html * https://bugzilla.suse.com/show_bug.cgi?id=1194642 * https://bugzilla.suse.com/show_bug.cgi?id=1207987 * https://bugzilla.suse.com/show_bug.cgi?id=1221831 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Apr 3 16:30:08 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 03 Apr 2024 16:30:08 -0000 Subject: SUSE-SU-2024:1105-1: moderate: Security update for xen Message-ID: <171216180823.13043.5578745493161470148@smelt2.prg2.suse.org> # Security update for xen Announcement ID: SUSE-SU-2024:1105-1 Rating: moderate References: * bsc#1027519 * bsc#1220141 * bsc#1221332 * bsc#1221334 Cross-References: * CVE-2023-28746 * CVE-2024-2193 CVSS scores: * CVE-2023-28746 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2024-2193 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 An update that solves two vulnerabilities and has two security fixes can now be installed. ## Description: This update for xen fixes the following issues: * CVE-2023-28746: Register file data sampling. (bsc#1221332) * CVE-2024-2193: Fixed GhostRace, a speculative race conditions. (bsc#1221334) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1105=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1105=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1105=1 * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-1105=1 ## Package List: * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (x86_64) * xen-tools-domU-4.12.4_46-3.106.1 * xen-libs-debuginfo-32bit-4.12.4_46-3.106.1 * xen-tools-debuginfo-4.12.4_46-3.106.1 * xen-libs-4.12.4_46-3.106.1 * xen-debugsource-4.12.4_46-3.106.1 * xen-4.12.4_46-3.106.1 * xen-tools-domU-debuginfo-4.12.4_46-3.106.1 * xen-doc-html-4.12.4_46-3.106.1 * xen-tools-4.12.4_46-3.106.1 * xen-libs-debuginfo-4.12.4_46-3.106.1 * xen-libs-32bit-4.12.4_46-3.106.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (x86_64) * xen-tools-domU-4.12.4_46-3.106.1 * xen-libs-debuginfo-32bit-4.12.4_46-3.106.1 * xen-tools-debuginfo-4.12.4_46-3.106.1 * xen-libs-4.12.4_46-3.106.1 * xen-debugsource-4.12.4_46-3.106.1 * xen-4.12.4_46-3.106.1 * xen-tools-domU-debuginfo-4.12.4_46-3.106.1 * xen-doc-html-4.12.4_46-3.106.1 * xen-tools-4.12.4_46-3.106.1 * xen-libs-debuginfo-4.12.4_46-3.106.1 * xen-libs-32bit-4.12.4_46-3.106.1 * SUSE Linux Enterprise Server 12 SP5 (x86_64) * xen-tools-domU-4.12.4_46-3.106.1 * xen-libs-debuginfo-32bit-4.12.4_46-3.106.1 * xen-tools-debuginfo-4.12.4_46-3.106.1 * xen-libs-4.12.4_46-3.106.1 * xen-debugsource-4.12.4_46-3.106.1 * xen-4.12.4_46-3.106.1 * xen-tools-domU-debuginfo-4.12.4_46-3.106.1 * xen-doc-html-4.12.4_46-3.106.1 * xen-tools-4.12.4_46-3.106.1 * xen-libs-debuginfo-4.12.4_46-3.106.1 * xen-libs-32bit-4.12.4_46-3.106.1 * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 x86_64) * xen-devel-4.12.4_46-3.106.1 * xen-debugsource-4.12.4_46-3.106.1 ## References: * https://www.suse.com/security/cve/CVE-2023-28746.html * https://www.suse.com/security/cve/CVE-2024-2193.html * https://bugzilla.suse.com/show_bug.cgi?id=1027519 * https://bugzilla.suse.com/show_bug.cgi?id=1220141 * https://bugzilla.suse.com/show_bug.cgi?id=1221332 * https://bugzilla.suse.com/show_bug.cgi?id=1221334 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Apr 4 16:30:12 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 04 Apr 2024 16:30:12 -0000 Subject: SUSE-SU-2024:1115-1: important: Security update for squid Message-ID: <171224821271.5363.17420222947840876335@smelt2.prg2.suse.org> # Security update for squid Announcement ID: SUSE-SU-2024:1115-1 Rating: important References: * bsc#1216715 * bsc#1219960 Cross-References: * CVE-2024-25111 * CVE-2024-25617 CVSS scores: * CVE-2024-25111 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-25617 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves two vulnerabilities can now be installed. ## Description: This update for squid fixes the following issues: * CVE-2024-25617: Fixes denial of service in HTTP header parser (bsc#1219960) * CVE-2024-25111: Fixes Chunked Encoding Stack Overflow (bsc#1216715) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1115=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1115=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1115=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * squid-debuginfo-4.17-4.44.1 * squid-debugsource-4.17-4.44.1 * squid-4.17-4.44.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * squid-debuginfo-4.17-4.44.1 * squid-debugsource-4.17-4.44.1 * squid-4.17-4.44.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * squid-debuginfo-4.17-4.44.1 * squid-debugsource-4.17-4.44.1 * squid-4.17-4.44.1 ## References: * https://www.suse.com/security/cve/CVE-2024-25111.html * https://www.suse.com/security/cve/CVE-2024-25617.html * https://bugzilla.suse.com/show_bug.cgi?id=1216715 * https://bugzilla.suse.com/show_bug.cgi?id=1219960 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Apr 4 16:30:14 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 04 Apr 2024 16:30:14 -0000 Subject: SUSE-SU-2024:1114-1: important: Security update for squid Message-ID: <171224821484.5363.1397381149146985545@smelt2.prg2.suse.org> # Security update for squid Announcement ID: SUSE-SU-2024:1114-1 Rating: important References: * bsc#1216715 * bsc#1219960 Cross-References: * CVE-2024-25111 * CVE-2024-25617 CVSS scores: * CVE-2024-25111 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-25617 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves two vulnerabilities can now be installed. ## Description: This update for squid fixes the following issues: * CVE-2024-25617: Fixes denial of service in HTTP header parser (bsc#1219960) * CVE-2024-25111: Fixes Chunked Encoding Stack Overflow (bsc#1216715) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-1114=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-1114=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-1114=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-1114=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-1114=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-1114=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-1114=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * squid-4.17-150000.5.52.1 * squid-debugsource-4.17-150000.5.52.1 * squid-debuginfo-4.17-150000.5.52.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * squid-4.17-150000.5.52.1 * squid-debugsource-4.17-150000.5.52.1 * squid-debuginfo-4.17-150000.5.52.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * squid-4.17-150000.5.52.1 * squid-debugsource-4.17-150000.5.52.1 * squid-debuginfo-4.17-150000.5.52.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * squid-4.17-150000.5.52.1 * squid-debugsource-4.17-150000.5.52.1 * squid-debuginfo-4.17-150000.5.52.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * squid-4.17-150000.5.52.1 * squid-debugsource-4.17-150000.5.52.1 * squid-debuginfo-4.17-150000.5.52.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * squid-4.17-150000.5.52.1 * squid-debugsource-4.17-150000.5.52.1 * squid-debuginfo-4.17-150000.5.52.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * squid-4.17-150000.5.52.1 * squid-debugsource-4.17-150000.5.52.1 * squid-debuginfo-4.17-150000.5.52.1 ## References: * https://www.suse.com/security/cve/CVE-2024-25111.html * https://www.suse.com/security/cve/CVE-2024-25617.html * https://bugzilla.suse.com/show_bug.cgi?id=1216715 * https://bugzilla.suse.com/show_bug.cgi?id=1219960 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Apr 4 16:30:17 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 04 Apr 2024 16:30:17 -0000 Subject: SUSE-SU-2024:1113-1: important: Security update for squid Message-ID: <171224821780.5363.14508347724576094821@smelt2.prg2.suse.org> # Security update for squid Announcement ID: SUSE-SU-2024:1113-1 Rating: important References: * bsc#1216715 * bsc#1219960 Cross-References: * CVE-2024-25111 * CVE-2024-25617 CVSS scores: * CVE-2024-25111 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-25617 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.5 * Server Applications Module 15-SP5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves two vulnerabilities can now be installed. ## Description: This update for squid fixes the following issues: * CVE-2024-25617: Fixes denial of service in HTTP header parser (bsc#1219960) * CVE-2024-25111: Fixes Chunked Encoding Stack Overflow (bsc#1216715) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-1113=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1113=1 * Server Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP5-2024-1113=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-1113=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-1113=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-1113=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-1113=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-1113=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-1113=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-1113=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * squid-5.7-150400.3.26.1 * squid-debugsource-5.7-150400.3.26.1 * squid-debuginfo-5.7-150400.3.26.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * squid-5.7-150400.3.26.1 * squid-debugsource-5.7-150400.3.26.1 * squid-debuginfo-5.7-150400.3.26.1 * Server Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * squid-5.7-150400.3.26.1 * squid-debugsource-5.7-150400.3.26.1 * squid-debuginfo-5.7-150400.3.26.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * squid-5.7-150400.3.26.1 * squid-debugsource-5.7-150400.3.26.1 * squid-debuginfo-5.7-150400.3.26.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * squid-5.7-150400.3.26.1 * squid-debugsource-5.7-150400.3.26.1 * squid-debuginfo-5.7-150400.3.26.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * squid-5.7-150400.3.26.1 * squid-debugsource-5.7-150400.3.26.1 * squid-debuginfo-5.7-150400.3.26.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * squid-5.7-150400.3.26.1 * squid-debugsource-5.7-150400.3.26.1 * squid-debuginfo-5.7-150400.3.26.1 * SUSE Manager Proxy 4.3 (x86_64) * squid-5.7-150400.3.26.1 * squid-debugsource-5.7-150400.3.26.1 * squid-debuginfo-5.7-150400.3.26.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * squid-5.7-150400.3.26.1 * squid-debugsource-5.7-150400.3.26.1 * squid-debuginfo-5.7-150400.3.26.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * squid-5.7-150400.3.26.1 * squid-debugsource-5.7-150400.3.26.1 * squid-debuginfo-5.7-150400.3.26.1 ## References: * https://www.suse.com/security/cve/CVE-2024-25111.html * https://www.suse.com/security/cve/CVE-2024-25617.html * https://bugzilla.suse.com/show_bug.cgi?id=1216715 * https://bugzilla.suse.com/show_bug.cgi?id=1219960 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Apr 4 16:30:20 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 04 Apr 2024 16:30:20 -0000 Subject: SUSE-SU-2024:0586-2: important: Security update for docker Message-ID: <171224822099.5363.4625582387056808177@smelt2.prg2.suse.org> # Security update for docker Announcement ID: SUSE-SU-2024:0586-2 Rating: important References: * bsc#1219267 * bsc#1219268 * bsc#1219438 Cross-References: * CVE-2024-23651 * CVE-2024-23652 * CVE-2024-23653 CVSS scores: * CVE-2024-23651 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23651 ( NVD ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2024-23652 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H * CVE-2024-23652 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H * CVE-2024-23653 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-23653 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * Containers Module 15-SP4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves three vulnerabilities can now be installed. ## Description: This update for docker fixes the following issues: Vendor latest buildkit v0.11 including bugfixes for the following: * CVE-2024-23653: BuildKit API doesn't validate entitlement on container creation (bsc#1219438). * CVE-2024-23652: Fixed arbitrary deletion of files (bsc#1219268). * CVE-2024-23651: Fixed race condition in mount (bsc#1219267). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Containers Module 15-SP4 zypper in -t patch SUSE-SLE-Module-Containers-15-SP4-2024-586=1 ## Package List: * Containers Module 15-SP4 (aarch64 ppc64le s390x x86_64) * docker-debuginfo-24.0.7_ce-150000.193.1 * docker-24.0.7_ce-150000.193.1 * Containers Module 15-SP4 (noarch) * docker-bash-completion-24.0.7_ce-150000.193.1 * docker-rootless-extras-24.0.7_ce-150000.193.1 ## References: * https://www.suse.com/security/cve/CVE-2024-23651.html * https://www.suse.com/security/cve/CVE-2024-23652.html * https://www.suse.com/security/cve/CVE-2024-23653.html * https://bugzilla.suse.com/show_bug.cgi?id=1219267 * https://bugzilla.suse.com/show_bug.cgi?id=1219268 * https://bugzilla.suse.com/show_bug.cgi?id=1219438 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Apr 5 08:30:04 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 05 Apr 2024 08:30:04 -0000 Subject: SUSE-SU-2024:1118-1: moderate: Security update for avahi Message-ID: <171230580405.9658.7373620964352750813@smelt2.prg2.suse.org> # Security update for avahi Announcement ID: SUSE-SU-2024:1118-1 Rating: moderate References: * bsc#1216594 * bsc#1216598 Cross-References: * CVE-2023-38469 * CVE-2023-38471 CVSS scores: * CVE-2023-38469 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-38469 ( NVD ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-38471 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-38471 ( NVD ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 An update that solves two vulnerabilities can now be installed. ## Description: This update for avahi fixes the following issues: * CVE-2023-38471: Fixed reachable assertion in dbus_set_host_name (bsc#1216594). * CVE-2023-38469: Fixed reachable assertions in avahi (bsc#1216598). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-1118=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-1118=1 ## Package List: * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * avahi-0.7-150100.3.32.1 * libavahi-common3-0.7-150100.3.32.1 * libavahi-common3-debuginfo-0.7-150100.3.32.1 * libavahi-core7-0.7-150100.3.32.1 * avahi-debuginfo-0.7-150100.3.32.1 * libavahi-client3-0.7-150100.3.32.1 * libavahi-core7-debuginfo-0.7-150100.3.32.1 * libavahi-client3-debuginfo-0.7-150100.3.32.1 * avahi-debugsource-0.7-150100.3.32.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * avahi-0.7-150100.3.32.1 * libavahi-common3-0.7-150100.3.32.1 * libavahi-common3-debuginfo-0.7-150100.3.32.1 * libavahi-core7-0.7-150100.3.32.1 * avahi-debuginfo-0.7-150100.3.32.1 * libavahi-client3-0.7-150100.3.32.1 * libavahi-core7-debuginfo-0.7-150100.3.32.1 * libavahi-client3-debuginfo-0.7-150100.3.32.1 * avahi-debugsource-0.7-150100.3.32.1 ## References: * https://www.suse.com/security/cve/CVE-2023-38469.html * https://www.suse.com/security/cve/CVE-2023-38471.html * https://bugzilla.suse.com/show_bug.cgi?id=1216594 * https://bugzilla.suse.com/show_bug.cgi?id=1216598 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Apr 5 12:30:05 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 05 Apr 2024 12:30:05 -0000 Subject: SUSE-SU-2024:1119-1: important: Security update for gradle, gradle-bootstrap Message-ID: <171232020563.3995.10805651809763683043@smelt2.prg2.suse.org> # Security update for gradle, gradle-bootstrap Announcement ID: SUSE-SU-2024:1119-1 Rating: important References: * bsc#1145903 * bsc#1184799 Cross-References: * CVE-2019-15052 * CVE-2021-29429 CVSS scores: * CVE-2019-15052 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2019-15052 ( NVD ): 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2021-29429 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2021-29429 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * Development Tools Module 15-SP5 * openSUSE Leap 15.5 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves two vulnerabilities can now be installed. ## Description: This update for gradle, gradle-bootstrap fixes the following issues: * CVE-2021-29429: Fixed information disclosure through temporary directory permissions (bsc#1184799). * CVE-2019-15052: Fixed authentication credentials disclosure (bsc#1145903). gradle: * Fixed RPM package building issues due to changed dependencies gradle-bootstrap: * Added missing dependency of aopalliance ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-1119=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-1119=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-1119=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-1119=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-1119=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-1119=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-1119=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-1119=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-1119=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1119=1 * Development Tools Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2024-1119=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-1119=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-1119=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-1119=1 ## Package List: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * gradle-4.4.1-150200.3.15.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * gradle-4.4.1-150200.3.15.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * gradle-4.4.1-150200.3.15.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * gradle-4.4.1-150200.3.15.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * gradle-4.4.1-150200.3.15.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * gradle-4.4.1-150200.3.15.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * gradle-4.4.1-150200.3.15.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * gradle-4.4.1-150200.3.15.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * gradle-4.4.1-150200.3.15.1 * openSUSE Leap 15.5 (noarch) * groovy-bootstrap-2.4.21-150200.3.9.1 * gpars-bootstrap-1.2.1-150200.3.9.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * gradle-4.4.1-150200.3.15.1 * gradle-bootstrap-4.4.1-150200.3.9.1 * Development Tools Module 15-SP5 (aarch64 ppc64le s390x x86_64) * gradle-4.4.1-150200.3.15.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * gradle-4.4.1-150200.3.15.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * gradle-4.4.1-150200.3.15.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * gradle-4.4.1-150200.3.15.1 ## References: * https://www.suse.com/security/cve/CVE-2019-15052.html * https://www.suse.com/security/cve/CVE-2021-29429.html * https://bugzilla.suse.com/show_bug.cgi?id=1145903 * https://bugzilla.suse.com/show_bug.cgi?id=1184799 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Apr 5 16:30:05 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 05 Apr 2024 16:30:05 -0000 Subject: SUSE-SU-2024:1121-1: important: Security update for go1.22 Message-ID: <171233460504.23502.11755321746797172124@smelt2.prg2.suse.org> # Security update for go1.22 Announcement ID: SUSE-SU-2024:1121-1 Rating: important References: * bsc#1218424 * bsc#1221400 Cross-References: * CVE-2023-45288 CVSS scores: * CVE-2023-45288 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Development Tools Module 15-SP5 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for go1.22 fixes the following issues: * CVE-2023-45288: Fixed denial of service via HTTP/2 continuation frames (bsc#1221400) Other changes: \- go minor release upgrade to 1.22.2 (bsc#1218424) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1121=1 * Development Tools Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2024-1121=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * go1.22-doc-1.22.2-150000.1.12.1 * go1.22-1.22.2-150000.1.12.1 * go1.22-race-1.22.2-150000.1.12.1 * Development Tools Module 15-SP5 (aarch64 ppc64le s390x x86_64) * go1.22-doc-1.22.2-150000.1.12.1 * go1.22-1.22.2-150000.1.12.1 * go1.22-race-1.22.2-150000.1.12.1 ## References: * https://www.suse.com/security/cve/CVE-2023-45288.html * https://bugzilla.suse.com/show_bug.cgi?id=1218424 * https://bugzilla.suse.com/show_bug.cgi?id=1221400 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Apr 5 16:30:07 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 05 Apr 2024 16:30:07 -0000 Subject: SUSE-SU-2024:1120-1: moderate: Security update for curl Message-ID: <171233460782.23502.11545118810994915735@smelt2.prg2.suse.org> # Security update for curl Announcement ID: SUSE-SU-2024:1120-1 Rating: moderate References: * bsc#1221665 * bsc#1221667 Cross-References: * CVE-2024-2004 * CVE-2024-2398 CVSS scores: * CVE-2024-2004 ( SUSE ): 3.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N * CVE-2024-2398 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 An update that solves two vulnerabilities can now be installed. ## Description: This update for curl fixes the following issues: * CVE-2024-2004: Fix the uUsage of disabled protocol logic. (bsc#1221665) * CVE-2024-2398: Fix HTTP/2 push headers memory-leak. (bsc#1221667) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-1120=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-1120=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-1120=1 ## Package List: * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * libcurl4-7.66.0-150200.4.69.1 * libcurl4-debuginfo-7.66.0-150200.4.69.1 * curl-7.66.0-150200.4.69.1 * curl-debuginfo-7.66.0-150200.4.69.1 * curl-debugsource-7.66.0-150200.4.69.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * libcurl4-7.66.0-150200.4.69.1 * libcurl4-debuginfo-7.66.0-150200.4.69.1 * curl-7.66.0-150200.4.69.1 * curl-debuginfo-7.66.0-150200.4.69.1 * curl-debugsource-7.66.0-150200.4.69.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * libcurl4-7.66.0-150200.4.69.1 * libcurl4-debuginfo-7.66.0-150200.4.69.1 * curl-7.66.0-150200.4.69.1 * curl-debuginfo-7.66.0-150200.4.69.1 * curl-debugsource-7.66.0-150200.4.69.1 ## References: * https://www.suse.com/security/cve/CVE-2024-2004.html * https://www.suse.com/security/cve/CVE-2024-2398.html * https://bugzilla.suse.com/show_bug.cgi?id=1221665 * https://bugzilla.suse.com/show_bug.cgi?id=1221667 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Apr 5 20:30:03 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 05 Apr 2024 20:30:03 -0000 Subject: SUSE-SU-2024:1122-1: important: Security update for go1.21 Message-ID: <171234900355.12246.1270747896338788663@smelt2.prg2.suse.org> # Security update for go1.21 Announcement ID: SUSE-SU-2024:1122-1 Rating: important References: * bsc#1212475 * bsc#1221400 Cross-References: * CVE-2023-45288 CVSS scores: * CVE-2023-45288 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Development Tools Module 15-SP5 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for go1.21 fixes the following issues: * CVE-2023-45288: Fixed denial of service via HTTP/2 continuation frames (bsc#1221400) Other changes: \- go minor release upgrade to 1.21.9 (bsc#1212475) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1122=1 * Development Tools Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2024-1122=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-1122=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-1122=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-1122=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-1122=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-1122=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * go1.21-1.21.9-150000.1.30.1 * go1.21-race-1.21.9-150000.1.30.1 * go1.21-doc-1.21.9-150000.1.30.1 * Development Tools Module 15-SP5 (aarch64 ppc64le s390x x86_64) * go1.21-1.21.9-150000.1.30.1 * go1.21-race-1.21.9-150000.1.30.1 * go1.21-doc-1.21.9-150000.1.30.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * go1.21-1.21.9-150000.1.30.1 * go1.21-race-1.21.9-150000.1.30.1 * go1.21-doc-1.21.9-150000.1.30.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * go1.21-1.21.9-150000.1.30.1 * go1.21-race-1.21.9-150000.1.30.1 * go1.21-doc-1.21.9-150000.1.30.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * go1.21-1.21.9-150000.1.30.1 * go1.21-race-1.21.9-150000.1.30.1 * go1.21-doc-1.21.9-150000.1.30.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * go1.21-1.21.9-150000.1.30.1 * go1.21-doc-1.21.9-150000.1.30.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 x86_64) * go1.21-race-1.21.9-150000.1.30.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * go1.21-1.21.9-150000.1.30.1 * go1.21-doc-1.21.9-150000.1.30.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64) * go1.21-race-1.21.9-150000.1.30.1 ## References: * https://www.suse.com/security/cve/CVE-2023-45288.html * https://bugzilla.suse.com/show_bug.cgi?id=1212475 * https://bugzilla.suse.com/show_bug.cgi?id=1221400 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Apr 8 08:30:04 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 08 Apr 2024 08:30:04 -0000 Subject: SUSE-SU-2024:1129-1: important: Security update for expat Message-ID: <171256500421.29713.143123984579354770@smelt2.prg2.suse.org> # Security update for expat Announcement ID: SUSE-SU-2024:1129-1 Rating: important References: * bsc#1219559 * bsc#1221289 Cross-References: * CVE-2023-52425 * CVE-2024-28757 CVSS scores: * CVE-2023-52425 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52425 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-28757 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap Micro 5.3 * openSUSE Leap Micro 5.4 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves two vulnerabilities can now be installed. ## Description: This update for expat fixes the following issues: * CVE-2023-52425: Fixed a DoS caused by processing large tokens. (bsc#1219559) * CVE-2024-28757: Fixed an XML Entity Expansion. (bsc#1221289) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-1129=1 * openSUSE Leap Micro 5.3 zypper in -t patch openSUSE-Leap-Micro-5.3-2024-1129=1 * openSUSE Leap Micro 5.4 zypper in -t patch openSUSE-Leap-Micro-5.4-2024-1129=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1129=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-1129=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-1129=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-1129=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-1129=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-1129=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-1129=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-1129=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-1129=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-1129=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-1129=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-1129=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-1129=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-1129=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-1129=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * libexpat1-2.4.4-150400.3.17.1 * expat-2.4.4-150400.3.17.1 * libexpat1-debuginfo-2.4.4-150400.3.17.1 * expat-debugsource-2.4.4-150400.3.17.1 * expat-debuginfo-2.4.4-150400.3.17.1 * libexpat-devel-2.4.4-150400.3.17.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libexpat1-64bit-debuginfo-2.4.4-150400.3.17.1 * libexpat-devel-64bit-2.4.4-150400.3.17.1 * libexpat1-64bit-2.4.4-150400.3.17.1 * expat-64bit-debuginfo-2.4.4-150400.3.17.1 * openSUSE Leap 15.4 (x86_64) * libexpat1-32bit-2.4.4-150400.3.17.1 * expat-32bit-debuginfo-2.4.4-150400.3.17.1 * libexpat-devel-32bit-2.4.4-150400.3.17.1 * libexpat1-32bit-debuginfo-2.4.4-150400.3.17.1 * openSUSE Leap Micro 5.3 (aarch64 x86_64) * expat-debuginfo-2.4.4-150400.3.17.1 * libexpat1-debuginfo-2.4.4-150400.3.17.1 * expat-debugsource-2.4.4-150400.3.17.1 * libexpat1-2.4.4-150400.3.17.1 * openSUSE Leap Micro 5.4 (aarch64 s390x x86_64) * expat-debuginfo-2.4.4-150400.3.17.1 * libexpat1-debuginfo-2.4.4-150400.3.17.1 * expat-debugsource-2.4.4-150400.3.17.1 * libexpat1-2.4.4-150400.3.17.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * libexpat1-2.4.4-150400.3.17.1 * expat-2.4.4-150400.3.17.1 * libexpat1-debuginfo-2.4.4-150400.3.17.1 * expat-debugsource-2.4.4-150400.3.17.1 * expat-debuginfo-2.4.4-150400.3.17.1 * libexpat-devel-2.4.4-150400.3.17.1 * openSUSE Leap 15.5 (x86_64) * libexpat1-32bit-2.4.4-150400.3.17.1 * expat-32bit-debuginfo-2.4.4-150400.3.17.1 * libexpat-devel-32bit-2.4.4-150400.3.17.1 * libexpat1-32bit-debuginfo-2.4.4-150400.3.17.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * expat-debuginfo-2.4.4-150400.3.17.1 * libexpat1-debuginfo-2.4.4-150400.3.17.1 * expat-debugsource-2.4.4-150400.3.17.1 * libexpat1-2.4.4-150400.3.17.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * expat-debuginfo-2.4.4-150400.3.17.1 * libexpat1-debuginfo-2.4.4-150400.3.17.1 * expat-debugsource-2.4.4-150400.3.17.1 * libexpat1-2.4.4-150400.3.17.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * expat-debuginfo-2.4.4-150400.3.17.1 * libexpat1-debuginfo-2.4.4-150400.3.17.1 * expat-debugsource-2.4.4-150400.3.17.1 * libexpat1-2.4.4-150400.3.17.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * expat-debuginfo-2.4.4-150400.3.17.1 * libexpat1-debuginfo-2.4.4-150400.3.17.1 * expat-debugsource-2.4.4-150400.3.17.1 * libexpat1-2.4.4-150400.3.17.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 s390x x86_64) * expat-debuginfo-2.4.4-150400.3.17.1 * libexpat1-debuginfo-2.4.4-150400.3.17.1 * expat-debugsource-2.4.4-150400.3.17.1 * libexpat1-2.4.4-150400.3.17.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * libexpat1-2.4.4-150400.3.17.1 * expat-2.4.4-150400.3.17.1 * libexpat1-debuginfo-2.4.4-150400.3.17.1 * expat-debugsource-2.4.4-150400.3.17.1 * expat-debuginfo-2.4.4-150400.3.17.1 * libexpat-devel-2.4.4-150400.3.17.1 * Basesystem Module 15-SP5 (x86_64) * expat-32bit-debuginfo-2.4.4-150400.3.17.1 * libexpat1-32bit-2.4.4-150400.3.17.1 * libexpat1-32bit-debuginfo-2.4.4-150400.3.17.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * libexpat1-2.4.4-150400.3.17.1 * expat-2.4.4-150400.3.17.1 * libexpat1-debuginfo-2.4.4-150400.3.17.1 * expat-debugsource-2.4.4-150400.3.17.1 * expat-debuginfo-2.4.4-150400.3.17.1 * libexpat-devel-2.4.4-150400.3.17.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64) * expat-32bit-debuginfo-2.4.4-150400.3.17.1 * libexpat1-32bit-2.4.4-150400.3.17.1 * libexpat1-32bit-debuginfo-2.4.4-150400.3.17.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * libexpat1-2.4.4-150400.3.17.1 * expat-2.4.4-150400.3.17.1 * libexpat1-debuginfo-2.4.4-150400.3.17.1 * expat-debugsource-2.4.4-150400.3.17.1 * expat-debuginfo-2.4.4-150400.3.17.1 * libexpat-devel-2.4.4-150400.3.17.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64) * expat-32bit-debuginfo-2.4.4-150400.3.17.1 * libexpat1-32bit-2.4.4-150400.3.17.1 * libexpat1-32bit-debuginfo-2.4.4-150400.3.17.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * expat-32bit-debuginfo-2.4.4-150400.3.17.1 * libexpat1-32bit-2.4.4-150400.3.17.1 * libexpat1-2.4.4-150400.3.17.1 * expat-2.4.4-150400.3.17.1 * libexpat1-debuginfo-2.4.4-150400.3.17.1 * expat-debugsource-2.4.4-150400.3.17.1 * expat-debuginfo-2.4.4-150400.3.17.1 * libexpat1-32bit-debuginfo-2.4.4-150400.3.17.1 * libexpat-devel-2.4.4-150400.3.17.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * libexpat1-2.4.4-150400.3.17.1 * expat-2.4.4-150400.3.17.1 * libexpat1-debuginfo-2.4.4-150400.3.17.1 * expat-debugsource-2.4.4-150400.3.17.1 * expat-debuginfo-2.4.4-150400.3.17.1 * libexpat-devel-2.4.4-150400.3.17.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (x86_64) * expat-32bit-debuginfo-2.4.4-150400.3.17.1 * libexpat1-32bit-2.4.4-150400.3.17.1 * libexpat1-32bit-debuginfo-2.4.4-150400.3.17.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * libexpat1-2.4.4-150400.3.17.1 * expat-2.4.4-150400.3.17.1 * libexpat1-debuginfo-2.4.4-150400.3.17.1 * expat-debugsource-2.4.4-150400.3.17.1 * expat-debuginfo-2.4.4-150400.3.17.1 * libexpat-devel-2.4.4-150400.3.17.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64) * expat-32bit-debuginfo-2.4.4-150400.3.17.1 * libexpat1-32bit-2.4.4-150400.3.17.1 * libexpat1-32bit-debuginfo-2.4.4-150400.3.17.1 * SUSE Manager Proxy 4.3 (x86_64) * expat-32bit-debuginfo-2.4.4-150400.3.17.1 * libexpat1-32bit-2.4.4-150400.3.17.1 * libexpat1-2.4.4-150400.3.17.1 * expat-2.4.4-150400.3.17.1 * libexpat1-debuginfo-2.4.4-150400.3.17.1 * expat-debugsource-2.4.4-150400.3.17.1 * expat-debuginfo-2.4.4-150400.3.17.1 * libexpat1-32bit-debuginfo-2.4.4-150400.3.17.1 * libexpat-devel-2.4.4-150400.3.17.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * expat-32bit-debuginfo-2.4.4-150400.3.17.1 * libexpat1-32bit-2.4.4-150400.3.17.1 * libexpat1-2.4.4-150400.3.17.1 * expat-2.4.4-150400.3.17.1 * libexpat1-debuginfo-2.4.4-150400.3.17.1 * expat-debugsource-2.4.4-150400.3.17.1 * expat-debuginfo-2.4.4-150400.3.17.1 * libexpat1-32bit-debuginfo-2.4.4-150400.3.17.1 * libexpat-devel-2.4.4-150400.3.17.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * libexpat1-2.4.4-150400.3.17.1 * expat-2.4.4-150400.3.17.1 * libexpat1-debuginfo-2.4.4-150400.3.17.1 * expat-debugsource-2.4.4-150400.3.17.1 * expat-debuginfo-2.4.4-150400.3.17.1 * libexpat-devel-2.4.4-150400.3.17.1 * SUSE Manager Server 4.3 (x86_64) * expat-32bit-debuginfo-2.4.4-150400.3.17.1 * libexpat1-32bit-2.4.4-150400.3.17.1 * libexpat1-32bit-debuginfo-2.4.4-150400.3.17.1 ## References: * https://www.suse.com/security/cve/CVE-2023-52425.html * https://www.suse.com/security/cve/CVE-2024-28757.html * https://bugzilla.suse.com/show_bug.cgi?id=1219559 * https://bugzilla.suse.com/show_bug.cgi?id=1221289 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Apr 8 12:30:02 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 08 Apr 2024 12:30:02 -0000 Subject: SUSE-SU-2024:1153-1: important: Security update for the Linux Kernel (Live Patch 40 for SLE 12 SP5) Message-ID: <171257940210.20598.13638430795350047308@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 40 for SLE 12 SP5) Announcement ID: SUSE-SU-2024:1153-1 Rating: important References: * bsc#1218610 Cross-References: * CVE-2023-51779 CVSS scores: * CVE-2023-51779 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Live Patching 12-SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for the Linux Kernel 4.12.14-122_150 fixes one issue. The following security issue was fixed: * CVE-2023-51779: Fixed a use-after-free because of a bt_sock_ioctl race condition in bt_sock_recvmsg (bsc#1218610). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 12-SP5 zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2024-1153=1 ## Package List: * SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64) * kgraft-patch-4_12_14-122_150-default-13-2.3 ## References: * https://www.suse.com/security/cve/CVE-2023-51779.html * https://bugzilla.suse.com/show_bug.cgi?id=1218610 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Apr 8 12:30:04 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 08 Apr 2024 12:30:04 -0000 Subject: SUSE-SU-2024:1162-1: important: Security update for python310 Message-ID: <171257940455.20598.2130030682413848706@smelt2.prg2.suse.org> # Security update for python310 Announcement ID: SUSE-SU-2024:1162-1 Rating: important References: * bsc#1189495 * bsc#1211301 * bsc#1219559 * bsc#1219666 * bsc#1221854 Cross-References: * CVE-2023-52425 * CVE-2023-6597 * CVE-2024-0450 CVSS scores: * CVE-2023-52425 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52425 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6597 ( SUSE ): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-0450 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves three vulnerabilities and has two security fixes can now be installed. ## Description: This update for python310 fixes the following issues: * CVE-2024-0450: Fixed "quoted-overlap" in zipfile module is python310 (bsc#1221854) * CVE-2023-52425: Fixed denial of service caused by processing large tokens in expat module in python310 (bsc#1219559) * CVE-2023-6597: Fixed tempfile.TemporaryDirectory fails on removing dir in some edge cases related to symlinks in python310 (bsc#1219666) Other changes: * Revert %autopatch due to missing parameter support (bsc#1189495) * Extended crypto-policies support (bsc#1211301) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-1162=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1162=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-1162=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-1162=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-1162=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-1162=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-1162=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * python310-devel-3.10.14-150400.4.45.1 * python310-debugsource-3.10.14-150400.4.45.1 * python310-dbm-3.10.14-150400.4.45.1 * python310-tools-3.10.14-150400.4.45.1 * libpython3_10-1_0-debuginfo-3.10.14-150400.4.45.1 * python310-idle-3.10.14-150400.4.45.1 * python310-tk-3.10.14-150400.4.45.1 * python310-tk-debuginfo-3.10.14-150400.4.45.1 * python310-curses-debuginfo-3.10.14-150400.4.45.1 * python310-debuginfo-3.10.14-150400.4.45.1 * python310-curses-3.10.14-150400.4.45.1 * python310-doc-devhelp-3.10.14-150400.4.45.1 * python310-base-debuginfo-3.10.14-150400.4.45.1 * python310-testsuite-debuginfo-3.10.14-150400.4.45.1 * python310-dbm-debuginfo-3.10.14-150400.4.45.1 * libpython3_10-1_0-3.10.14-150400.4.45.1 * python310-testsuite-3.10.14-150400.4.45.1 * python310-doc-3.10.14-150400.4.45.1 * python310-3.10.14-150400.4.45.1 * python310-core-debugsource-3.10.14-150400.4.45.1 * python310-base-3.10.14-150400.4.45.1 * openSUSE Leap 15.4 (x86_64) * python310-32bit-debuginfo-3.10.14-150400.4.45.1 * libpython3_10-1_0-32bit-debuginfo-3.10.14-150400.4.45.1 * libpython3_10-1_0-32bit-3.10.14-150400.4.45.1 * python310-32bit-3.10.14-150400.4.45.1 * python310-base-32bit-3.10.14-150400.4.45.1 * python310-base-32bit-debuginfo-3.10.14-150400.4.45.1 * openSUSE Leap 15.4 (aarch64_ilp32) * python310-base-64bit-3.10.14-150400.4.45.1 * python310-base-64bit-debuginfo-3.10.14-150400.4.45.1 * python310-64bit-debuginfo-3.10.14-150400.4.45.1 * libpython3_10-1_0-64bit-debuginfo-3.10.14-150400.4.45.1 * python310-64bit-3.10.14-150400.4.45.1 * libpython3_10-1_0-64bit-3.10.14-150400.4.45.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * python310-devel-3.10.14-150400.4.45.1 * python310-debugsource-3.10.14-150400.4.45.1 * python310-dbm-3.10.14-150400.4.45.1 * python310-tools-3.10.14-150400.4.45.1 * libpython3_10-1_0-debuginfo-3.10.14-150400.4.45.1 * python310-idle-3.10.14-150400.4.45.1 * python310-tk-3.10.14-150400.4.45.1 * python310-tk-debuginfo-3.10.14-150400.4.45.1 * python310-curses-debuginfo-3.10.14-150400.4.45.1 * python310-debuginfo-3.10.14-150400.4.45.1 * python310-curses-3.10.14-150400.4.45.1 * python310-doc-devhelp-3.10.14-150400.4.45.1 * python310-base-debuginfo-3.10.14-150400.4.45.1 * python310-testsuite-debuginfo-3.10.14-150400.4.45.1 * libpython3_10-1_0-3.10.14-150400.4.45.1 * python310-dbm-debuginfo-3.10.14-150400.4.45.1 * python310-doc-3.10.14-150400.4.45.1 * python310-testsuite-3.10.14-150400.4.45.1 * python310-3.10.14-150400.4.45.1 * python310-core-debugsource-3.10.14-150400.4.45.1 * python310-base-3.10.14-150400.4.45.1 * openSUSE Leap 15.5 (x86_64) * python310-32bit-debuginfo-3.10.14-150400.4.45.1 * libpython3_10-1_0-32bit-debuginfo-3.10.14-150400.4.45.1 * libpython3_10-1_0-32bit-3.10.14-150400.4.45.1 * python310-32bit-3.10.14-150400.4.45.1 * python310-base-32bit-3.10.14-150400.4.45.1 * python310-base-32bit-debuginfo-3.10.14-150400.4.45.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * python310-devel-3.10.14-150400.4.45.1 * libpython3_10-1_0-debuginfo-3.10.14-150400.4.45.1 * python310-debugsource-3.10.14-150400.4.45.1 * libpython3_10-1_0-3.10.14-150400.4.45.1 * python310-curses-3.10.14-150400.4.45.1 * python310-dbm-debuginfo-3.10.14-150400.4.45.1 * python310-idle-3.10.14-150400.4.45.1 * python310-3.10.14-150400.4.45.1 * python310-core-debugsource-3.10.14-150400.4.45.1 * python310-dbm-3.10.14-150400.4.45.1 * python310-tools-3.10.14-150400.4.45.1 * python310-base-3.10.14-150400.4.45.1 * python310-tk-3.10.14-150400.4.45.1 * python310-tk-debuginfo-3.10.14-150400.4.45.1 * python310-curses-debuginfo-3.10.14-150400.4.45.1 * python310-debuginfo-3.10.14-150400.4.45.1 * python310-base-debuginfo-3.10.14-150400.4.45.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * python310-devel-3.10.14-150400.4.45.1 * libpython3_10-1_0-debuginfo-3.10.14-150400.4.45.1 * python310-debugsource-3.10.14-150400.4.45.1 * libpython3_10-1_0-3.10.14-150400.4.45.1 * python310-curses-3.10.14-150400.4.45.1 * python310-dbm-debuginfo-3.10.14-150400.4.45.1 * python310-idle-3.10.14-150400.4.45.1 * python310-3.10.14-150400.4.45.1 * python310-core-debugsource-3.10.14-150400.4.45.1 * python310-dbm-3.10.14-150400.4.45.1 * python310-tools-3.10.14-150400.4.45.1 * python310-base-3.10.14-150400.4.45.1 * python310-tk-3.10.14-150400.4.45.1 * python310-tk-debuginfo-3.10.14-150400.4.45.1 * python310-curses-debuginfo-3.10.14-150400.4.45.1 * python310-debuginfo-3.10.14-150400.4.45.1 * python310-base-debuginfo-3.10.14-150400.4.45.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * python310-devel-3.10.14-150400.4.45.1 * libpython3_10-1_0-debuginfo-3.10.14-150400.4.45.1 * python310-debugsource-3.10.14-150400.4.45.1 * libpython3_10-1_0-3.10.14-150400.4.45.1 * python310-curses-3.10.14-150400.4.45.1 * python310-dbm-debuginfo-3.10.14-150400.4.45.1 * python310-idle-3.10.14-150400.4.45.1 * python310-3.10.14-150400.4.45.1 * python310-core-debugsource-3.10.14-150400.4.45.1 * python310-dbm-3.10.14-150400.4.45.1 * python310-tools-3.10.14-150400.4.45.1 * python310-base-3.10.14-150400.4.45.1 * python310-tk-3.10.14-150400.4.45.1 * python310-tk-debuginfo-3.10.14-150400.4.45.1 * python310-curses-debuginfo-3.10.14-150400.4.45.1 * python310-debuginfo-3.10.14-150400.4.45.1 * python310-base-debuginfo-3.10.14-150400.4.45.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * python310-devel-3.10.14-150400.4.45.1 * libpython3_10-1_0-debuginfo-3.10.14-150400.4.45.1 * python310-debugsource-3.10.14-150400.4.45.1 * libpython3_10-1_0-3.10.14-150400.4.45.1 * python310-curses-3.10.14-150400.4.45.1 * python310-dbm-debuginfo-3.10.14-150400.4.45.1 * python310-idle-3.10.14-150400.4.45.1 * python310-3.10.14-150400.4.45.1 * python310-core-debugsource-3.10.14-150400.4.45.1 * python310-dbm-3.10.14-150400.4.45.1 * python310-tools-3.10.14-150400.4.45.1 * python310-base-3.10.14-150400.4.45.1 * python310-tk-3.10.14-150400.4.45.1 * python310-tk-debuginfo-3.10.14-150400.4.45.1 * python310-curses-debuginfo-3.10.14-150400.4.45.1 * python310-debuginfo-3.10.14-150400.4.45.1 * python310-base-debuginfo-3.10.14-150400.4.45.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * python310-devel-3.10.14-150400.4.45.1 * libpython3_10-1_0-debuginfo-3.10.14-150400.4.45.1 * python310-debugsource-3.10.14-150400.4.45.1 * libpython3_10-1_0-3.10.14-150400.4.45.1 * python310-curses-3.10.14-150400.4.45.1 * python310-dbm-debuginfo-3.10.14-150400.4.45.1 * python310-idle-3.10.14-150400.4.45.1 * python310-3.10.14-150400.4.45.1 * python310-core-debugsource-3.10.14-150400.4.45.1 * python310-dbm-3.10.14-150400.4.45.1 * python310-tools-3.10.14-150400.4.45.1 * python310-base-3.10.14-150400.4.45.1 * python310-tk-3.10.14-150400.4.45.1 * python310-tk-debuginfo-3.10.14-150400.4.45.1 * python310-curses-debuginfo-3.10.14-150400.4.45.1 * python310-debuginfo-3.10.14-150400.4.45.1 * python310-base-debuginfo-3.10.14-150400.4.45.1 ## References: * https://www.suse.com/security/cve/CVE-2023-52425.html * https://www.suse.com/security/cve/CVE-2023-6597.html * https://www.suse.com/security/cve/CVE-2024-0450.html * https://bugzilla.suse.com/show_bug.cgi?id=1189495 * https://bugzilla.suse.com/show_bug.cgi?id=1211301 * https://bugzilla.suse.com/show_bug.cgi?id=1219559 * https://bugzilla.suse.com/show_bug.cgi?id=1219666 * https://bugzilla.suse.com/show_bug.cgi?id=1221854 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Apr 8 12:30:06 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 08 Apr 2024 12:30:06 -0000 Subject: SUSE-SU-2024:1161-1: important: Security update for go1.21 Message-ID: <171257940626.20598.4097011932862441384@smelt2.prg2.suse.org> # Security update for go1.21 Announcement ID: SUSE-SU-2024:1161-1 Rating: important References: * bsc#1212475 * bsc#1221400 Cross-References: * CVE-2023-45288 CVSS scores: * CVE-2023-45288 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for go1.21 fixes the following issues: * CVE-2023-45288: Fixed denial of service via HTTP/2 continuation frames (bsc#1221400) Other changes: \- go minor release upgrade to 1.21.9 (bsc#1212475) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-1161=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * go1.21-1.21.9-1.30.1 * go1.21-doc-1.21.9-1.30.1 ## References: * https://www.suse.com/security/cve/CVE-2023-45288.html * https://bugzilla.suse.com/show_bug.cgi?id=1212475 * https://bugzilla.suse.com/show_bug.cgi?id=1221400 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Apr 8 12:30:07 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 08 Apr 2024 12:30:07 -0000 Subject: SUSE-SU-2024:1160-1: important: Security update for go1.22 Message-ID: <171257940749.20598.10388320057860609059@smelt2.prg2.suse.org> # Security update for go1.22 Announcement ID: SUSE-SU-2024:1160-1 Rating: important References: * bsc#1218424 * bsc#1221400 Cross-References: * CVE-2023-45288 CVSS scores: * CVE-2023-45288 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for go1.22 fixes the following issues: * CVE-2023-45288: Fixed denial of service via HTTP/2 continuation frames (bsc#1221400) Other changes: \- go minor release upgrade to 1.22.2 (bsc#1218424) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-1160=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * go1.22-1.22.2-1.6.1 * go1.22-doc-1.22.2-1.6.1 ## References: * https://www.suse.com/security/cve/CVE-2023-45288.html * https://bugzilla.suse.com/show_bug.cgi?id=1218424 * https://bugzilla.suse.com/show_bug.cgi?id=1221400 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Apr 8 12:30:10 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 08 Apr 2024 12:30:10 -0000 Subject: SUSE-SU-2024:1158-1: important: Security update for kubevirt, virt-api-container, virt-controller-container, virt-exportproxy-container, virt-exportserver-container, virt-handler-container, virt-launcher-container, virt-libguestfs-t Message-ID: <171257941085.20598.9042017134511036793@smelt2.prg2.suse.org> # Security update for kubevirt, virt-api-container, virt-controller-container, virt-exportproxy-container, virt-exportserver-container, virt-handler-container, virt-launcher-container, virt-libguestfs-t Announcement ID: SUSE-SU-2024:1158-1 Rating: important References: * bsc#1221538 Affected Products: * Containers Module 15-SP5 * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that has one security fix can now be installed. ## Description: This update for kubevirt, virt-api-container, virt-controller-container, virt- exportproxy-container, virt-exportserver-container, virt-handler-container, virt-launcher-container, virt-libguestfs-tools-container, virt-operator- container, virt-pr-helper-container fixes the following issues: * rebuild against current security updates * Install qemu-hw-usb-host to enable USB passthrough (bsc#1221538) * Group together arch specific parts of the code * Cleanup after writing config files with augtool ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1158=1 SUSE-2024-1158=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-1158=1 * Containers Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Containers-15-SP5-2024-1158=1 ## Package List: * openSUSE Leap 15.5 (x86_64) * kubevirt-virt-controller-1.1.1-150500.8.12.1 * kubevirt-virt-exportproxy-debuginfo-1.1.1-150500.8.12.1 * obs-service-kubevirt_containers_meta-1.1.1-150500.8.12.1 * kubevirt-tests-debuginfo-1.1.1-150500.8.12.1 * kubevirt-virtctl-debuginfo-1.1.1-150500.8.12.1 * kubevirt-virt-handler-1.1.1-150500.8.12.1 * kubevirt-virtctl-1.1.1-150500.8.12.1 * kubevirt-virt-exportproxy-1.1.1-150500.8.12.1 * kubevirt-tests-1.1.1-150500.8.12.1 * kubevirt-virt-operator-debuginfo-1.1.1-150500.8.12.1 * kubevirt-manifests-1.1.1-150500.8.12.1 * kubevirt-container-disk-1.1.1-150500.8.12.1 * kubevirt-virt-controller-debuginfo-1.1.1-150500.8.12.1 * kubevirt-pr-helper-conf-1.1.1-150500.8.12.1 * kubevirt-virt-launcher-1.1.1-150500.8.12.1 * kubevirt-virt-exportserver-1.1.1-150500.8.12.1 * kubevirt-container-disk-debuginfo-1.1.1-150500.8.12.1 * kubevirt-virt-api-1.1.1-150500.8.12.1 * kubevirt-virt-exportserver-debuginfo-1.1.1-150500.8.12.1 * kubevirt-virt-handler-debuginfo-1.1.1-150500.8.12.1 * kubevirt-virt-api-debuginfo-1.1.1-150500.8.12.1 * kubevirt-virt-launcher-debuginfo-1.1.1-150500.8.12.1 * kubevirt-virt-operator-1.1.1-150500.8.12.1 * SUSE Linux Enterprise Micro 5.5 (x86_64) * kubevirt-virtctl-debuginfo-1.1.1-150500.8.12.1 * kubevirt-manifests-1.1.1-150500.8.12.1 * kubevirt-virtctl-1.1.1-150500.8.12.1 * Containers Module 15-SP5 (x86_64) * kubevirt-virtctl-debuginfo-1.1.1-150500.8.12.1 * kubevirt-manifests-1.1.1-150500.8.12.1 * kubevirt-virtctl-1.1.1-150500.8.12.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1221538 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Apr 8 12:30:12 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 08 Apr 2024 12:30:12 -0000 Subject: SUSE-SU-2024:1157-1: important: Security update for cdi-apiserver-container, cdi-cloner-container, cdi-controller-container, cdi-importer-container, cdi-operator-container, cdi-uploadproxy-container, cdi-uploadserver-container, cont Message-ID: <171257941228.20598.6840889752922254848@smelt2.prg2.suse.org> # Security update for cdi-apiserver-container, cdi-cloner-container, cdi- controller-container, cdi-importer-container, cdi-operator-container, cdi- uploadproxy-container, cdi-uploadserver-container, cont Announcement ID: SUSE-SU-2024:1157-1 Rating: important References: Affected Products: * Containers Module 15-SP5 * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that can now be installed. ## Description: This update for cdi-apiserver-container, cdi-cloner-container, cdi-controller- container, cdi-importer-container, cdi-operator-container, cdi-uploadproxy- container, cdi-uploadserver-container, containerized-data-importer fixes the following issues: * rebuild against current security and bugfixes. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-1157=1 openSUSE-SLE-15.5-2024-1157=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-1157=1 * Containers Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Containers-15-SP5-2024-1157=1 ## Package List: * openSUSE Leap 15.5 (x86_64) * containerized-data-importer-uploadserver-1.58.0-150500.6.12.1 * containerized-data-importer-controller-debuginfo-1.58.0-150500.6.12.1 * containerized-data-importer-importer-1.58.0-150500.6.12.1 * containerized-data-importer-cloner-debuginfo-1.58.0-150500.6.12.1 * containerized-data-importer-manifests-1.58.0-150500.6.12.1 * containerized-data-importer-operator-debuginfo-1.58.0-150500.6.12.1 * containerized-data-importer-uploadproxy-1.58.0-150500.6.12.1 * containerized-data-importer-api-debuginfo-1.58.0-150500.6.12.1 * obs-service-cdi_containers_meta-1.58.0-150500.6.12.1 * containerized-data-importer-cloner-1.58.0-150500.6.12.1 * containerized-data-importer-operator-1.58.0-150500.6.12.1 * containerized-data-importer-uploadproxy-debuginfo-1.58.0-150500.6.12.1 * containerized-data-importer-uploadserver-debuginfo-1.58.0-150500.6.12.1 * containerized-data-importer-controller-1.58.0-150500.6.12.1 * containerized-data-importer-importer-debuginfo-1.58.0-150500.6.12.1 * containerized-data-importer-api-1.58.0-150500.6.12.1 * SUSE Linux Enterprise Micro 5.5 (x86_64) * containerized-data-importer-manifests-1.58.0-150500.6.12.1 * Containers Module 15-SP5 (x86_64) * containerized-data-importer-manifests-1.58.0-150500.6.12.1 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Apr 8 12:30:14 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 08 Apr 2024 12:30:14 -0000 Subject: SUSE-SU-2024:1156-1: important: Security update for nghttp2 Message-ID: <171257941485.20598.17243113827588202826@smelt2.prg2.suse.org> # Security update for nghttp2 Announcement ID: SUSE-SU-2024:1156-1 Rating: important References: * bsc#1221399 Cross-References: * CVE-2024-28182 CVSS scores: * CVE-2024-28182 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for nghttp2 fixes the following issues: * CVE-2024-28182: Fixed denial of service via http/2 continuation frames (bsc#1221399) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-1156=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1156=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1156=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1156=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * libnghttp2-devel-1.39.2-3.18.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * libnghttp2-14-1.39.2-3.18.1 * nghttp2-debuginfo-1.39.2-3.18.1 * nghttp2-debugsource-1.39.2-3.18.1 * libnghttp2-14-debuginfo-1.39.2-3.18.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (x86_64) * libnghttp2-14-debuginfo-32bit-1.39.2-3.18.1 * libnghttp2-14-32bit-1.39.2-3.18.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * libnghttp2-14-1.39.2-3.18.1 * nghttp2-debuginfo-1.39.2-3.18.1 * nghttp2-debugsource-1.39.2-3.18.1 * libnghttp2-14-debuginfo-1.39.2-3.18.1 * SUSE Linux Enterprise Server 12 SP5 (s390x x86_64) * libnghttp2-14-debuginfo-32bit-1.39.2-3.18.1 * libnghttp2-14-32bit-1.39.2-3.18.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * libnghttp2-14-1.39.2-3.18.1 * nghttp2-debuginfo-1.39.2-3.18.1 * nghttp2-debugsource-1.39.2-3.18.1 * libnghttp2-14-debuginfo-1.39.2-3.18.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (x86_64) * libnghttp2-14-debuginfo-32bit-1.39.2-3.18.1 * libnghttp2-14-32bit-1.39.2-3.18.1 ## References: * https://www.suse.com/security/cve/CVE-2024-28182.html * https://bugzilla.suse.com/show_bug.cgi?id=1221399 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Apr 8 12:30:18 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 08 Apr 2024 12:30:18 -0000 Subject: SUSE-SU-2024:1154-1: important: Security update for python-Pillow Message-ID: <171257941841.20598.1196514005742246100@smelt2.prg2.suse.org> # Security update for python-Pillow Announcement ID: SUSE-SU-2024:1154-1 Rating: important References: * bsc#1222262 Cross-References: * CVE-2024-28219 CVSS scores: * CVE-2024-28219 ( SUSE ): 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H Affected Products: * openSUSE Leap 15.3 * openSUSE Leap 15.5 An update that solves one vulnerability can now be installed. ## Description: This update for python-Pillow fixes the following issues: * CVE-2024-28219: Fixed buffer overflow in _imagingcms.c (bsc#1222262) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-1154=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1154=1 ## Package List: * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * python-Pillow-debuginfo-7.2.0-150300.3.9.1 * python-Pillow-debugsource-7.2.0-150300.3.9.1 * python3-Pillow-7.2.0-150300.3.9.1 * python3-Pillow-tk-7.2.0-150300.3.9.1 * python3-Pillow-debuginfo-7.2.0-150300.3.9.1 * python3-Pillow-tk-debuginfo-7.2.0-150300.3.9.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * python-Pillow-debuginfo-7.2.0-150300.3.9.1 * python-Pillow-debugsource-7.2.0-150300.3.9.1 * python3-Pillow-7.2.0-150300.3.9.1 * python3-Pillow-tk-7.2.0-150300.3.9.1 * python3-Pillow-debuginfo-7.2.0-150300.3.9.1 * python3-Pillow-tk-debuginfo-7.2.0-150300.3.9.1 ## References: * https://www.suse.com/security/cve/CVE-2024-28219.html * https://bugzilla.suse.com/show_bug.cgi?id=1222262 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Apr 8 12:30:20 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 08 Apr 2024 12:30:20 -0000 Subject: SUSE-SU-2024:1152-1: moderate: Security update for xen Message-ID: <171257942019.20598.15002872457745067213@smelt2.prg2.suse.org> # Security update for xen Announcement ID: SUSE-SU-2024:1152-1 Rating: moderate References: * bsc#1221332 * bsc#1221334 Cross-References: * CVE-2023-28746 * CVE-2024-2193 CVSS scores: * CVE-2023-28746 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2024-2193 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 An update that solves two vulnerabilities can now be installed. ## Description: This update for xen fixes the following issues: * CVE-2023-28746: Register File Data Sampling (bsc#1221332) * CVE-2024-2193: Fixed GhostRace, a speculative race conditions. (bsc#1221334) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-1152=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-1152=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-1152=1 * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-1152=1 ## Package List: * SUSE Linux Enterprise Micro 5.1 (x86_64) * xen-debugsource-4.14.6_12-150300.3.69.1 * xen-libs-debuginfo-4.14.6_12-150300.3.69.1 * xen-libs-4.14.6_12-150300.3.69.1 * SUSE Linux Enterprise Micro 5.2 (x86_64) * xen-debugsource-4.14.6_12-150300.3.69.1 * xen-libs-debuginfo-4.14.6_12-150300.3.69.1 * xen-libs-4.14.6_12-150300.3.69.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (x86_64) * xen-debugsource-4.14.6_12-150300.3.69.1 * xen-libs-debuginfo-4.14.6_12-150300.3.69.1 * xen-libs-4.14.6_12-150300.3.69.1 * openSUSE Leap 15.3 (aarch64 x86_64 i586) * xen-debugsource-4.14.6_12-150300.3.69.1 * xen-devel-4.14.6_12-150300.3.69.1 * xen-tools-domU-debuginfo-4.14.6_12-150300.3.69.1 * xen-libs-debuginfo-4.14.6_12-150300.3.69.1 * xen-libs-4.14.6_12-150300.3.69.1 * xen-tools-domU-4.14.6_12-150300.3.69.1 * openSUSE Leap 15.3 (x86_64) * xen-libs-32bit-debuginfo-4.14.6_12-150300.3.69.1 * xen-libs-32bit-4.14.6_12-150300.3.69.1 * openSUSE Leap 15.3 (aarch64 x86_64) * xen-tools-4.14.6_12-150300.3.69.1 * xen-4.14.6_12-150300.3.69.1 * xen-tools-debuginfo-4.14.6_12-150300.3.69.1 * xen-doc-html-4.14.6_12-150300.3.69.1 * openSUSE Leap 15.3 (noarch) * xen-tools-xendomains-wait-disk-4.14.6_12-150300.3.69.1 * openSUSE Leap 15.3 (aarch64_ilp32) * xen-libs-64bit-4.14.6_12-150300.3.69.1 * xen-libs-64bit-debuginfo-4.14.6_12-150300.3.69.1 ## References: * https://www.suse.com/security/cve/CVE-2023-28746.html * https://www.suse.com/security/cve/CVE-2024-2193.html * https://bugzilla.suse.com/show_bug.cgi?id=1221332 * https://bugzilla.suse.com/show_bug.cgi?id=1221334 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Apr 8 12:30:25 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 08 Apr 2024 12:30:25 -0000 Subject: SUSE-SU-2024:1151-1: moderate: Security update for curl Message-ID: <171257942514.20598.12422282613008487973@smelt2.prg2.suse.org> # Security update for curl Announcement ID: SUSE-SU-2024:1151-1 Rating: moderate References: * bsc#1221665 * bsc#1221667 Cross-References: * CVE-2024-2004 * CVE-2024-2398 CVSS scores: * CVE-2024-2004 ( SUSE ): 3.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N * CVE-2024-2398 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap Micro 5.3 * openSUSE Leap Micro 5.4 * SUSE Linux Enterprise Desktop 15 SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves two vulnerabilities can now be installed. ## Description: This update for curl fixes the following issues: * CVE-2024-2004: Fix the uUsage of disabled protocol logic. (bsc#1221665) * CVE-2024-2398: Fix HTTP/2 push headers memory-leak. (bsc#1221667) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-1151=1 * openSUSE Leap Micro 5.3 zypper in -t patch openSUSE-Leap-Micro-5.3-2024-1151=1 * openSUSE Leap Micro 5.4 zypper in -t patch openSUSE-Leap-Micro-5.4-2024-1151=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1151=1 * SUSE Linux Enterprise High Performance Computing 15 SP4 zypper in -t patch SUSE-SLE-INSTALLER-15-SP4-2024-1151=1 * SUSE Linux Enterprise Server 15 SP4 zypper in -t patch SUSE-SLE-INSTALLER-15-SP4-2024-1151=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-INSTALLER-15-SP4-2024-1151=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-INSTALLER-15-SP4-2024-1151=1 * SUSE Linux Enterprise Desktop 15 SP4 zypper in -t patch SUSE-SLE-INSTALLER-15-SP4-2024-1151=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-INSTALLER-15-SP4-2024-1151=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-INSTALLER-15-SP4-2024-1151=1 * SUSE Linux Enterprise High Performance Computing 15 SP5 zypper in -t patch SUSE-SLE-INSTALLER-15-SP5-2024-1151=1 * SUSE Linux Enterprise Server 15 SP5 zypper in -t patch SUSE-SLE-INSTALLER-15-SP5-2024-1151=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-INSTALLER-15-SP5-2024-1151=1 * SUSE Linux Enterprise Desktop 15 SP5 zypper in -t patch SUSE-SLE-INSTALLER-15-SP5-2024-1151=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-1151=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-1151=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-1151=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-1151=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-1151=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-1151=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * libcurl4-debuginfo-8.0.1-150400.5.44.1 * curl-8.0.1-150400.5.44.1 * libcurl4-8.0.1-150400.5.44.1 * libcurl-devel-8.0.1-150400.5.44.1 * curl-debugsource-8.0.1-150400.5.44.1 * curl-debuginfo-8.0.1-150400.5.44.1 * openSUSE Leap 15.4 (x86_64) * libcurl-devel-32bit-8.0.1-150400.5.44.1 * libcurl4-32bit-8.0.1-150400.5.44.1 * libcurl4-32bit-debuginfo-8.0.1-150400.5.44.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libcurl-devel-64bit-8.0.1-150400.5.44.1 * libcurl4-64bit-8.0.1-150400.5.44.1 * libcurl4-64bit-debuginfo-8.0.1-150400.5.44.1 * openSUSE Leap Micro 5.3 (aarch64 x86_64) * libcurl4-debuginfo-8.0.1-150400.5.44.1 * curl-8.0.1-150400.5.44.1 * libcurl4-8.0.1-150400.5.44.1 * curl-debugsource-8.0.1-150400.5.44.1 * curl-debuginfo-8.0.1-150400.5.44.1 * openSUSE Leap Micro 5.4 (aarch64 s390x x86_64) * libcurl4-debuginfo-8.0.1-150400.5.44.1 * curl-8.0.1-150400.5.44.1 * libcurl4-8.0.1-150400.5.44.1 * curl-debugsource-8.0.1-150400.5.44.1 * curl-debuginfo-8.0.1-150400.5.44.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * libcurl4-debuginfo-8.0.1-150400.5.44.1 * curl-8.0.1-150400.5.44.1 * libcurl4-8.0.1-150400.5.44.1 * libcurl-devel-8.0.1-150400.5.44.1 * curl-debugsource-8.0.1-150400.5.44.1 * curl-debuginfo-8.0.1-150400.5.44.1 * openSUSE Leap 15.5 (x86_64) * libcurl-devel-32bit-8.0.1-150400.5.44.1 * libcurl4-32bit-8.0.1-150400.5.44.1 * libcurl4-32bit-debuginfo-8.0.1-150400.5.44.1 * SUSE Linux Enterprise High Performance Computing 15 SP4 (aarch64 x86_64) * libcurl4-8.0.1-150400.5.44.1 * SUSE Linux Enterprise Server 15 SP4 (aarch64 ppc64le s390x x86_64) * libcurl4-8.0.1-150400.5.44.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * libcurl4-8.0.1-150400.5.44.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * libcurl4-8.0.1-150400.5.44.1 * SUSE Linux Enterprise Desktop 15 SP4 (x86_64) * libcurl4-8.0.1-150400.5.44.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * libcurl4-8.0.1-150400.5.44.1 * SUSE Manager Proxy 4.3 (x86_64) * libcurl4-8.0.1-150400.5.44.1 * SUSE Linux Enterprise High Performance Computing 15 SP5 (aarch64 x86_64) * libcurl4-8.0.1-150400.5.44.1 * SUSE Linux Enterprise Server 15 SP5 (aarch64 ppc64le s390x x86_64) * libcurl4-8.0.1-150400.5.44.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * libcurl4-8.0.1-150400.5.44.1 * SUSE Linux Enterprise Desktop 15 SP5 (x86_64) * libcurl4-8.0.1-150400.5.44.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * libcurl4-debuginfo-8.0.1-150400.5.44.1 * curl-8.0.1-150400.5.44.1 * libcurl4-8.0.1-150400.5.44.1 * curl-debugsource-8.0.1-150400.5.44.1 * curl-debuginfo-8.0.1-150400.5.44.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * libcurl4-debuginfo-8.0.1-150400.5.44.1 * curl-8.0.1-150400.5.44.1 * libcurl4-8.0.1-150400.5.44.1 * curl-debugsource-8.0.1-150400.5.44.1 * curl-debuginfo-8.0.1-150400.5.44.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * libcurl4-debuginfo-8.0.1-150400.5.44.1 * curl-8.0.1-150400.5.44.1 * libcurl4-8.0.1-150400.5.44.1 * curl-debugsource-8.0.1-150400.5.44.1 * curl-debuginfo-8.0.1-150400.5.44.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * libcurl4-debuginfo-8.0.1-150400.5.44.1 * curl-8.0.1-150400.5.44.1 * libcurl4-8.0.1-150400.5.44.1 * curl-debugsource-8.0.1-150400.5.44.1 * curl-debuginfo-8.0.1-150400.5.44.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 s390x x86_64) * libcurl4-debuginfo-8.0.1-150400.5.44.1 * curl-8.0.1-150400.5.44.1 * libcurl4-8.0.1-150400.5.44.1 * curl-debugsource-8.0.1-150400.5.44.1 * curl-debuginfo-8.0.1-150400.5.44.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * libcurl4-debuginfo-8.0.1-150400.5.44.1 * curl-8.0.1-150400.5.44.1 * libcurl4-8.0.1-150400.5.44.1 * libcurl-devel-8.0.1-150400.5.44.1 * curl-debugsource-8.0.1-150400.5.44.1 * curl-debuginfo-8.0.1-150400.5.44.1 * Basesystem Module 15-SP5 (x86_64) * libcurl4-32bit-8.0.1-150400.5.44.1 * libcurl4-32bit-debuginfo-8.0.1-150400.5.44.1 ## References: * https://www.suse.com/security/cve/CVE-2024-2004.html * https://www.suse.com/security/cve/CVE-2024-2398.html * https://bugzilla.suse.com/show_bug.cgi?id=1221665 * https://bugzilla.suse.com/show_bug.cgi?id=1221667 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Apr 8 12:30:33 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 08 Apr 2024 12:30:33 -0000 Subject: SUSE-SU-2024:1150-1: moderate: Security update for curl Message-ID: <171257943356.20598.16783170616172684329@smelt2.prg2.suse.org> # Security update for curl Announcement ID: SUSE-SU-2024:1150-1 Rating: moderate References: * bsc#1221665 * bsc#1221667 Cross-References: * CVE-2024-2004 * CVE-2024-2398 CVSS scores: * CVE-2024-2004 ( SUSE ): 3.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N * CVE-2024-2398 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 An update that solves two vulnerabilities can now be installed. ## Description: This update for curl fixes the following issues: * CVE-2024-2004: Fix the uUsage of disabled protocol logic. (bsc#1221665) * CVE-2024-2398: Fix HTTP/2 push headers memory-leak. (bsc#1221667) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-1150=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1150=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1150=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1150=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * curl-debuginfo-8.0.1-11.86.2 * libcurl-devel-8.0.1-11.86.2 * curl-debugsource-8.0.1-11.86.2 * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * curl-debuginfo-8.0.1-11.86.2 * libcurl4-debuginfo-8.0.1-11.86.2 * curl-debugsource-8.0.1-11.86.2 * libcurl4-8.0.1-11.86.2 * curl-8.0.1-11.86.2 * SUSE Linux Enterprise High Performance Computing 12 SP5 (x86_64) * libcurl4-debuginfo-32bit-8.0.1-11.86.2 * libcurl4-32bit-8.0.1-11.86.2 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * curl-debuginfo-8.0.1-11.86.2 * libcurl4-debuginfo-8.0.1-11.86.2 * curl-debugsource-8.0.1-11.86.2 * libcurl4-8.0.1-11.86.2 * curl-8.0.1-11.86.2 * SUSE Linux Enterprise Server 12 SP5 (s390x x86_64) * libcurl4-debuginfo-32bit-8.0.1-11.86.2 * libcurl4-32bit-8.0.1-11.86.2 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * curl-debuginfo-8.0.1-11.86.2 * libcurl4-debuginfo-8.0.1-11.86.2 * curl-debugsource-8.0.1-11.86.2 * libcurl4-8.0.1-11.86.2 * curl-8.0.1-11.86.2 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (x86_64) * libcurl4-debuginfo-32bit-8.0.1-11.86.2 * libcurl4-32bit-8.0.1-11.86.2 ## References: * https://www.suse.com/security/cve/CVE-2024-2004.html * https://www.suse.com/security/cve/CVE-2024-2398.html * https://bugzilla.suse.com/show_bug.cgi?id=1221665 * https://bugzilla.suse.com/show_bug.cgi?id=1221667 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Apr 8 12:30:35 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 08 Apr 2024 12:30:35 -0000 Subject: SUSE-SU-2024:1149-1: moderate: Security update for postfix Message-ID: <171257943517.20598.6084868384993445995@smelt2.prg2.suse.org> # Security update for postfix Announcement ID: SUSE-SU-2024:1149-1 Rating: moderate References: * bsc#1218304 * bsc#1218314 Cross-References: * CVE-2023-51764 CVSS scores: * CVE-2023-51764 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2023-51764 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for postfix fixes the following issues: * CVE-2023-51764: Prevent SMTP smuggling attack. (bsc#1218304) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-1149=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1149=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1149=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1149=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * postfix-debuginfo-3.2.10-3.30.1 * postfix-debugsource-3.2.10-3.30.1 * postfix-devel-3.2.10-3.30.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * postfix-debuginfo-3.2.10-3.30.1 * postfix-mysql-3.2.10-3.30.1 * postfix-3.2.10-3.30.1 * postfix-mysql-debuginfo-3.2.10-3.30.1 * postfix-debugsource-3.2.10-3.30.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (noarch) * postfix-doc-3.2.10-3.30.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * postfix-debuginfo-3.2.10-3.30.1 * postfix-mysql-3.2.10-3.30.1 * postfix-3.2.10-3.30.1 * postfix-mysql-debuginfo-3.2.10-3.30.1 * postfix-debugsource-3.2.10-3.30.1 * SUSE Linux Enterprise Server 12 SP5 (noarch) * postfix-doc-3.2.10-3.30.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * postfix-debuginfo-3.2.10-3.30.1 * postfix-mysql-3.2.10-3.30.1 * postfix-3.2.10-3.30.1 * postfix-mysql-debuginfo-3.2.10-3.30.1 * postfix-debugsource-3.2.10-3.30.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (noarch) * postfix-doc-3.2.10-3.30.1 ## References: * https://www.suse.com/security/cve/CVE-2023-51764.html * https://bugzilla.suse.com/show_bug.cgi?id=1218304 * https://bugzilla.suse.com/show_bug.cgi?id=1218314 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Apr 8 12:30:38 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 08 Apr 2024 12:30:38 -0000 Subject: SUSE-SU-2024:1148-1: important: Security update for krb5 Message-ID: <171257943866.20598.12101342100780318186@smelt2.prg2.suse.org> # Security update for krb5 Announcement ID: SUSE-SU-2024:1148-1 Rating: important References: * bsc#1220770 * bsc#1220771 Cross-References: * CVE-2024-26458 * CVE-2024-26461 CVSS scores: * CVE-2024-26458 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26461 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 An update that solves two vulnerabilities can now be installed. ## Description: This update for krb5 fixes the following issues: * CVE-2024-26458: Fixed a memory leak in pmap_rmt.c (bsc#1220770) * CVE-2024-26461: Fixed a memory leak in k5sealv3.c (bsc#1220771) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1148=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1148=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1148=1 * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-1148=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * krb5-plugin-preauth-pkinit-1.16.3-46.6.1 * krb5-doc-1.16.3-46.6.1 * krb5-plugin-kdb-ldap-1.16.3-46.6.1 * krb5-server-1.16.3-46.6.1 * krb5-server-debuginfo-1.16.3-46.6.1 * krb5-plugin-preauth-otp-debuginfo-1.16.3-46.6.1 * krb5-client-1.16.3-46.6.1 * krb5-plugin-kdb-ldap-debuginfo-1.16.3-46.6.1 * krb5-plugin-preauth-pkinit-debuginfo-1.16.3-46.6.1 * krb5-1.16.3-46.6.1 * krb5-debuginfo-1.16.3-46.6.1 * krb5-client-debuginfo-1.16.3-46.6.1 * krb5-debugsource-1.16.3-46.6.1 * krb5-plugin-preauth-otp-1.16.3-46.6.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (x86_64) * krb5-32bit-1.16.3-46.6.1 * krb5-debuginfo-32bit-1.16.3-46.6.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * krb5-plugin-preauth-pkinit-1.16.3-46.6.1 * krb5-doc-1.16.3-46.6.1 * krb5-plugin-kdb-ldap-1.16.3-46.6.1 * krb5-server-1.16.3-46.6.1 * krb5-server-debuginfo-1.16.3-46.6.1 * krb5-plugin-preauth-otp-debuginfo-1.16.3-46.6.1 * krb5-client-1.16.3-46.6.1 * krb5-plugin-kdb-ldap-debuginfo-1.16.3-46.6.1 * krb5-plugin-preauth-pkinit-debuginfo-1.16.3-46.6.1 * krb5-1.16.3-46.6.1 * krb5-debuginfo-1.16.3-46.6.1 * krb5-client-debuginfo-1.16.3-46.6.1 * krb5-debugsource-1.16.3-46.6.1 * krb5-plugin-preauth-otp-1.16.3-46.6.1 * SUSE Linux Enterprise Server 12 SP5 (s390x x86_64) * krb5-32bit-1.16.3-46.6.1 * krb5-debuginfo-32bit-1.16.3-46.6.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * krb5-plugin-preauth-pkinit-1.16.3-46.6.1 * krb5-doc-1.16.3-46.6.1 * krb5-plugin-kdb-ldap-1.16.3-46.6.1 * krb5-server-1.16.3-46.6.1 * krb5-server-debuginfo-1.16.3-46.6.1 * krb5-plugin-preauth-otp-debuginfo-1.16.3-46.6.1 * krb5-client-1.16.3-46.6.1 * krb5-plugin-kdb-ldap-debuginfo-1.16.3-46.6.1 * krb5-plugin-preauth-pkinit-debuginfo-1.16.3-46.6.1 * krb5-1.16.3-46.6.1 * krb5-debuginfo-1.16.3-46.6.1 * krb5-client-debuginfo-1.16.3-46.6.1 * krb5-debugsource-1.16.3-46.6.1 * krb5-plugin-preauth-otp-1.16.3-46.6.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (x86_64) * krb5-32bit-1.16.3-46.6.1 * krb5-debuginfo-32bit-1.16.3-46.6.1 * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * krb5-debuginfo-1.16.3-46.6.1 * krb5-devel-1.16.3-46.6.1 * krb5-debugsource-1.16.3-46.6.1 ## References: * https://www.suse.com/security/cve/CVE-2024-26458.html * https://www.suse.com/security/cve/CVE-2024-26461.html * https://bugzilla.suse.com/show_bug.cgi?id=1220770 * https://bugzilla.suse.com/show_bug.cgi?id=1220771 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Apr 8 12:30:40 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 08 Apr 2024 12:30:40 -0000 Subject: SUSE-SU-2024:1147-1: important: Security update for MozillaThunderbird Message-ID: <171257944013.20598.17276631815547123857@smelt2.prg2.suse.org> # Security update for MozillaThunderbird Announcement ID: SUSE-SU-2024:1147-1 Rating: important References: * bsc#1221327 Cross-References: * CVE-2023-5388 * CVE-2024-0743 * CVE-2024-2605 * CVE-2024-2607 * CVE-2024-2608 * CVE-2024-2610 * CVE-2024-2611 * CVE-2024-2612 * CVE-2024-2614 * CVE-2024-2616 CVSS scores: * CVE-2023-5388 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-0743 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0743 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-2605 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2024-2607 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2024-2608 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-2610 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-2611 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2024-2612 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-2614 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-2616 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Workstation Extension 15 SP5 * SUSE Package Hub 15 15-SP5 An update that solves 10 vulnerabilities can now be installed. ## Description: This update for MozillaThunderbird fixes the following issues: * Mozilla Thunderbird 115.9 (bsc#1221327) * CVE-2024-0743: Crash in NSS TLS method * CVE-2024-2605: Windows Error Reporter could be used as a Sandbox escape vector * CVE-2024-2607: JIT code failed to save return registers on Armv7-A * CVE-2024-2608: Integer overflow could have led to out of bounds write * CVE-2024-2616: Improve handling of out-of-memory conditions in ICU * CVE-2023-5388: NSS susceptible to timing attack against RSA decryption * CVE-2024-2610: Improper handling of html and body tags enabled CSP nonce leakage * CVE-2024-2611: Clickjacking vulnerability could have led to a user accidentally granting permissions * CVE-2024-2612: Self referencing object could have potentially led to a use- after-free * CVE-2024-2614: Memory safety bugs fixed in Firefox 124, Firefox ESR 115.9, and Thunderbird 115.9 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1147=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-1147=1 * SUSE Linux Enterprise Workstation Extension 15 SP5 zypper in -t patch SUSE-SLE-Product-WE-15-SP5-2024-1147=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * MozillaThunderbird-debuginfo-115.9.0-150200.8.154.1 * MozillaThunderbird-115.9.0-150200.8.154.1 * MozillaThunderbird-debugsource-115.9.0-150200.8.154.1 * MozillaThunderbird-translations-common-115.9.0-150200.8.154.1 * MozillaThunderbird-translations-other-115.9.0-150200.8.154.1 * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x) * MozillaThunderbird-debuginfo-115.9.0-150200.8.154.1 * MozillaThunderbird-115.9.0-150200.8.154.1 * MozillaThunderbird-debugsource-115.9.0-150200.8.154.1 * MozillaThunderbird-translations-common-115.9.0-150200.8.154.1 * MozillaThunderbird-translations-other-115.9.0-150200.8.154.1 * SUSE Linux Enterprise Workstation Extension 15 SP5 (x86_64) * MozillaThunderbird-debuginfo-115.9.0-150200.8.154.1 * MozillaThunderbird-115.9.0-150200.8.154.1 * MozillaThunderbird-debugsource-115.9.0-150200.8.154.1 * MozillaThunderbird-translations-common-115.9.0-150200.8.154.1 * MozillaThunderbird-translations-other-115.9.0-150200.8.154.1 ## References: * https://www.suse.com/security/cve/CVE-2023-5388.html * https://www.suse.com/security/cve/CVE-2024-0743.html * https://www.suse.com/security/cve/CVE-2024-2605.html * https://www.suse.com/security/cve/CVE-2024-2607.html * https://www.suse.com/security/cve/CVE-2024-2608.html * https://www.suse.com/security/cve/CVE-2024-2610.html * https://www.suse.com/security/cve/CVE-2024-2611.html * https://www.suse.com/security/cve/CVE-2024-2612.html * https://www.suse.com/security/cve/CVE-2024-2614.html * https://www.suse.com/security/cve/CVE-2024-2616.html * https://bugzilla.suse.com/show_bug.cgi?id=1221327 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Apr 8 12:30:41 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 08 Apr 2024 12:30:41 -0000 Subject: SUSE-SU-2024:1146-1: important: Security update for podman Message-ID: <171257944174.20598.1223127707681166574@smelt2.prg2.suse.org> # Security update for podman Announcement ID: SUSE-SU-2024:1146-1 Rating: important References: * bsc#1221677 Cross-References: * CVE-2024-1753 CVSS scores: * CVE-2024-1753 ( SUSE ): 8.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H Affected Products: * Containers Module 15-SP5 * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for podman fixes the following issues: * CVE-2024-1753: Fixed an issue to prevent a full container escape at build time. (bsc#1221677) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-1146=1 openSUSE-SLE-15.5-2024-1146=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-1146=1 * Containers Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Containers-15-SP5-2024-1146=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * podman-remote-debuginfo-4.8.3-150500.3.9.1 * podman-remote-4.8.3-150500.3.9.1 * podman-4.8.3-150500.3.9.1 * podmansh-4.8.3-150500.3.9.1 * podman-debuginfo-4.8.3-150500.3.9.1 * openSUSE Leap 15.5 (noarch) * podman-docker-4.8.3-150500.3.9.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 s390x x86_64) * podman-remote-debuginfo-4.8.3-150500.3.9.1 * podman-remote-4.8.3-150500.3.9.1 * podman-4.8.3-150500.3.9.1 * podmansh-4.8.3-150500.3.9.1 * podman-debuginfo-4.8.3-150500.3.9.1 * SUSE Linux Enterprise Micro 5.5 (noarch) * podman-docker-4.8.3-150500.3.9.1 * Containers Module 15-SP5 (aarch64 ppc64le s390x x86_64) * podman-remote-debuginfo-4.8.3-150500.3.9.1 * podman-remote-4.8.3-150500.3.9.1 * podman-4.8.3-150500.3.9.1 * podmansh-4.8.3-150500.3.9.1 * podman-debuginfo-4.8.3-150500.3.9.1 * Containers Module 15-SP5 (noarch) * podman-docker-4.8.3-150500.3.9.1 ## References: * https://www.suse.com/security/cve/CVE-2024-1753.html * https://bugzilla.suse.com/show_bug.cgi?id=1221677 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Apr 8 12:30:45 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 08 Apr 2024 12:30:45 -0000 Subject: SUSE-SU-2024:1145-1: important: Security update for buildah Message-ID: <171257944548.20598.6730445220348141323@smelt2.prg2.suse.org> # Security update for buildah Announcement ID: SUSE-SU-2024:1145-1 Rating: important References: * bsc#1219563 * bsc#1220568 * bsc#1221677 Cross-References: * CVE-2024-1753 CVSS scores: * CVE-2024-1753 ( SUSE ): 8.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves one vulnerability and has two security fixes can now be installed. ## Description: This update for buildah fixes the following issues: * CVE-2024-1753: Fixed an issue to prevent a full container escape at build time. (bsc#1221677) * Update to version 1.34.1 for compatibility with Docker 25.0 (which is not in SLES yet, but will eventually be) (bsc#1219563). See the corresponding release notes: * https://github.com/containers/buildah/releases/tag/v1.34.1 * https://github.com/containers/buildah/releases/tag/v1.34.0 * https://github.com/containers/buildah/releases/tag/v1.33.0 * https://github.com/containers/buildah/releases/tag/v1.32.0 * https://github.com/containers/buildah/releases/tag/v1.31.0 * https://github.com/containers/buildah/releases/tag/v1.30.0 * Require cni-plugins (bsc#1220568) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-1145=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-1145=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-1145=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-1145=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-1145=1 ## Package List: * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * buildah-1.34.1-150300.8.22.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * buildah-1.34.1-150300.8.22.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * buildah-1.34.1-150300.8.22.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * buildah-1.34.1-150300.8.22.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * buildah-1.34.1-150300.8.22.1 ## References: * https://www.suse.com/security/cve/CVE-2024-1753.html * https://bugzilla.suse.com/show_bug.cgi?id=1219563 * https://bugzilla.suse.com/show_bug.cgi?id=1220568 * https://bugzilla.suse.com/show_bug.cgi?id=1221677 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Apr 8 12:30:47 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 08 Apr 2024 12:30:47 -0000 Subject: SUSE-SU-2024:1144-1: important: Security update for buildah Message-ID: <171257944798.20598.6753464872285051936@smelt2.prg2.suse.org> # Security update for buildah Announcement ID: SUSE-SU-2024:1144-1 Rating: important References: * bsc#1219563 * bsc#1220568 * bsc#1221677 Cross-References: * CVE-2024-1753 CVSS scores: * CVE-2024-1753 ( SUSE ): 8.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * openSUSE Leap Micro 5.3 * openSUSE Leap Micro 5.4 * Public Cloud Module 15-SP2 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Manager Proxy 4.1 * SUSE Manager Retail Branch Server 4.1 * SUSE Manager Server 4.1 An update that solves one vulnerability and has two security fixes can now be installed. ## Description: This update for buildah fixes the following issues: * CVE-2024-1753: Fixed an issue to prevent a full container escape at build time. (bsc#1221677) * Update to version 1.34.1 for compatibility with Docker 25.0 (which is not in SLES yet, but will eventually be) (bsc#1219563). See the corresponding release notes: * https://github.com/containers/buildah/releases/tag/v1.34.1 * https://github.com/containers/buildah/releases/tag/v1.34.0 * https://github.com/containers/buildah/releases/tag/v1.33.0 * https://github.com/containers/buildah/releases/tag/v1.32.0 * https://github.com/containers/buildah/releases/tag/v1.31.0 * https://github.com/containers/buildah/releases/tag/v1.30.0 * Require cni-plugins (bsc#1220568) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-1144=1 * openSUSE Leap Micro 5.3 zypper in -t patch openSUSE-Leap-Micro-5.3-2024-1144=1 * openSUSE Leap Micro 5.4 zypper in -t patch openSUSE-Leap-Micro-5.4-2024-1144=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-1144=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-1144=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-1144=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-1144=1 * Public Cloud Module 15-SP2 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP2-2024-1144=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-1144=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-1144=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-1144=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-1144=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-1144=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-1144=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-1144=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-1144=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-1144=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-1144=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-1144=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-1144=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-1144=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-1144=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * buildah-1.34.1-150400.3.27.1 * openSUSE Leap Micro 5.3 (aarch64 x86_64) * cni-plugins-0.8.6-150100.3.22.3 * cni-0.7.1-150100.3.18.1 * openSUSE Leap Micro 5.4 (aarch64 s390x x86_64) * cni-plugins-0.8.6-150100.3.22.3 * cni-0.7.1-150100.3.18.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * cni-plugins-0.8.6-150100.3.22.3 * cni-0.7.1-150100.3.18.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * cni-plugins-0.8.6-150100.3.22.3 * cni-0.7.1-150100.3.18.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * cni-plugins-0.8.6-150100.3.22.3 * cni-0.7.1-150100.3.18.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * cni-plugins-0.8.6-150100.3.22.3 * cni-0.7.1-150100.3.18.1 * Public Cloud Module 15-SP2 (aarch64 ppc64le s390x x86_64) * cni-plugins-0.8.6-150100.3.22.3 * cni-0.7.1-150100.3.18.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * cni-plugins-0.8.6-150100.3.22.3 * cni-0.7.1-150100.3.18.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * cni-plugins-0.8.6-150100.3.22.3 * cni-0.7.1-150100.3.18.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * cni-plugins-0.8.6-150100.3.22.3 * cni-0.7.1-150100.3.18.1 * buildah-1.34.1-150400.3.27.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * cni-plugins-0.8.6-150100.3.22.3 * cni-0.7.1-150100.3.18.1 * buildah-1.34.1-150400.3.27.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * cni-plugins-0.8.6-150100.3.22.3 * cni-0.7.1-150100.3.18.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * cni-plugins-0.8.6-150100.3.22.3 * cni-0.7.1-150100.3.18.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * cni-plugins-0.8.6-150100.3.22.3 * cni-0.7.1-150100.3.18.1 * buildah-1.34.1-150400.3.27.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * cni-plugins-0.8.6-150100.3.22.3 * cni-0.7.1-150100.3.18.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * cni-plugins-0.8.6-150100.3.22.3 * cni-0.7.1-150100.3.18.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * cni-plugins-0.8.6-150100.3.22.3 * cni-0.7.1-150100.3.18.1 * buildah-1.34.1-150400.3.27.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * cni-plugins-0.8.6-150100.3.22.3 * cni-0.7.1-150100.3.18.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * cni-plugins-0.8.6-150100.3.22.3 * cni-0.7.1-150100.3.18.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * cni-plugins-0.8.6-150100.3.22.3 * cni-0.7.1-150100.3.18.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * cni-plugins-0.8.6-150100.3.22.3 * cni-0.7.1-150100.3.18.1 ## References: * https://www.suse.com/security/cve/CVE-2024-1753.html * https://bugzilla.suse.com/show_bug.cgi?id=1219563 * https://bugzilla.suse.com/show_bug.cgi?id=1220568 * https://bugzilla.suse.com/show_bug.cgi?id=1221677 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Apr 8 12:30:50 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 08 Apr 2024 12:30:50 -0000 Subject: SUSE-SU-2024:1143-1: important: Security update for buildah Message-ID: <171257945019.20598.18023155437281804470@smelt2.prg2.suse.org> # Security update for buildah Announcement ID: SUSE-SU-2024:1143-1 Rating: important References: * bsc#1219563 * bsc#1220568 * bsc#1221677 Cross-References: * CVE-2024-1753 CVSS scores: * CVE-2024-1753 ( SUSE ): 8.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H Affected Products: * Containers Module 15-SP5 * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves one vulnerability and has two security fixes can now be installed. ## Description: This update for buildah fixes the following issues: * CVE-2024-1753: Fixed an issue to prevent a full container escape at build time. (bsc#1221677) * Update to version 1.34.1 for compatibility with Docker 25.0 (which is not in SLES yet, but will eventually be) (bsc#1219563). See the corresponding release notes: * https://github.com/containers/buildah/releases/tag/v1.34.1 * https://github.com/containers/buildah/releases/tag/v1.34.0 * https://github.com/containers/buildah/releases/tag/v1.33.0 * https://github.com/containers/buildah/releases/tag/v1.32.0 * https://github.com/containers/buildah/releases/tag/v1.31.0 * https://github.com/containers/buildah/releases/tag/v1.30.0 * Require cni-plugins (bsc#1220568) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-1143=1 openSUSE-SLE-15.5-2024-1143=1 * Containers Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Containers-15-SP5-2024-1143=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * buildah-1.34.1-150500.3.7.1 * Containers Module 15-SP5 (aarch64 ppc64le s390x x86_64) * buildah-1.34.1-150500.3.7.1 ## References: * https://www.suse.com/security/cve/CVE-2024-1753.html * https://bugzilla.suse.com/show_bug.cgi?id=1219563 * https://bugzilla.suse.com/show_bug.cgi?id=1220568 * https://bugzilla.suse.com/show_bug.cgi?id=1221677 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Apr 8 12:30:52 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 08 Apr 2024 12:30:52 -0000 Subject: SUSE-SU-2024:1142-1: important: Security update for buildah Message-ID: <171257945219.20598.8050025432652271815@smelt2.prg2.suse.org> # Security update for buildah Announcement ID: SUSE-SU-2024:1142-1 Rating: important References: * bsc#1221677 Cross-References: * CVE-2024-1753 CVSS scores: * CVE-2024-1753 ( SUSE ): 8.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 An update that solves one vulnerability can now be installed. ## Description: This update for buildah fixes the following issues: * CVE-2024-1753: Fixed an issue to prevent a full container escape at build time. (bsc#1221677) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-1142=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-1142=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-1142=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * buildah-1.25.1-150100.3.23.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * buildah-1.25.1-150100.3.23.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * buildah-1.25.1-150100.3.23.1 ## References: * https://www.suse.com/security/cve/CVE-2024-1753.html * https://bugzilla.suse.com/show_bug.cgi?id=1221677 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Apr 8 12:30:54 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 08 Apr 2024 12:30:54 -0000 Subject: SUSE-SU-2024:1141-1: important: Security update for python-Django Message-ID: <171257945441.20598.10131417667966325231@smelt2.prg2.suse.org> # Security update for python-Django Announcement ID: SUSE-SU-2024:1141-1 Rating: important References: * bsc#1220358 Cross-References: * CVE-2024-27351 CVSS scores: * CVE-2024-27351 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * HPE Helion OpenStack 8 * SUSE Linux Enterprise High Performance Computing 12 SP3 * SUSE Linux Enterprise Server 12 SP3 * SUSE OpenStack Cloud 8 * SUSE OpenStack Cloud Crowbar 8 An update that solves one vulnerability can now be installed. ## Description: This update for python-Django fixes the following issues: * CVE-2024-27351: Align the patch with the upstream one and make it more robust. (bsc#1220358) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE OpenStack Cloud 8 zypper in -t patch SUSE-OpenStack-Cloud-8-2024-1141=1 * SUSE OpenStack Cloud Crowbar 8 zypper in -t patch SUSE-OpenStack-Cloud-Crowbar-8-2024-1141=1 * HPE Helion OpenStack 8 zypper in -t patch HPE-Helion-OpenStack-8-2024-1141=1 ## Package List: * SUSE OpenStack Cloud 8 (noarch) * python-Django-1.11.29-3.62.1 * venv-openstack-horizon-x86_64-12.0.5~dev6-14.56.1 * SUSE OpenStack Cloud Crowbar 8 (noarch) * python-Django-1.11.29-3.62.1 * HPE Helion OpenStack 8 (noarch) * python-Django-1.11.29-3.62.1 * venv-openstack-horizon-hpe-x86_64-12.0.5~dev6-14.56.1 ## References: * https://www.suse.com/security/cve/CVE-2024-27351.html * https://bugzilla.suse.com/show_bug.cgi?id=1220358 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Apr 8 12:30:57 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 08 Apr 2024 12:30:57 -0000 Subject: SUSE-SU-2024:1140-1: important: Security update for python-Django Message-ID: <171257945770.20598.7020607499091962893@smelt2.prg2.suse.org> # Security update for python-Django Announcement ID: SUSE-SU-2024:1140-1 Rating: important References: * bsc#1220358 Cross-References: * CVE-2024-27351 CVSS scores: * CVE-2024-27351 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Server 12 SP4 * SUSE OpenStack Cloud 9 * SUSE OpenStack Cloud Crowbar 9 An update that solves one vulnerability can now be installed. ## Description: This update for python-Django fixes the following issues: * CVE-2024-27351: Align the patch with the upstream one and make it more robust. (bsc#1220358) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE OpenStack Cloud 9 zypper in -t patch SUSE-OpenStack-Cloud-9-2024-1140=1 * SUSE OpenStack Cloud Crowbar 9 zypper in -t patch SUSE-OpenStack-Cloud-Crowbar-9-2024-1140=1 ## Package List: * SUSE OpenStack Cloud 9 (noarch) * venv-openstack-horizon-x86_64-14.1.1~dev11-4.53.1 * python-Django1-1.11.29-3.61.1 * SUSE OpenStack Cloud Crowbar 9 (noarch) * python-Django1-1.11.29-3.61.1 ## References: * https://www.suse.com/security/cve/CVE-2024-27351.html * https://bugzilla.suse.com/show_bug.cgi?id=1220358 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Apr 8 12:30:59 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 08 Apr 2024 12:30:59 -0000 Subject: SUSE-SU-2024:1139-1: moderate: Security update for ucode-intel Message-ID: <171257945933.20598.16331304921503159431@smelt2.prg2.suse.org> # Security update for ucode-intel Announcement ID: SUSE-SU-2024:1139-1 Rating: moderate References: * bsc#1221323 Cross-References: * CVE-2023-22655 * CVE-2023-28746 * CVE-2023-38575 * CVE-2023-39368 * CVE-2023-43490 CVSS scores: * CVE-2023-22655 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:H/A:N * CVE-2023-28746 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2023-38575 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2023-39368 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2023-43490 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.5 * openSUSE Leap Micro 5.3 * openSUSE Leap Micro 5.4 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves five vulnerabilities can now be installed. ## Description: This update for ucode-intel fixes the following issues: * Updated to Intel CPU Microcode 20240312 release. (bsc#1221323) * CVE-2023-39368: Protection mechanism failure of bus lock regulator for some Intel Processors may allow an unauthenticated user to potentially enable denial of service via network access * CVE-2023-38575: Non-transparent sharing of return predictor targets between contexts in some Intel Processors may allow an authorized user to potentially enable information disclosure via local access. * CVE-2023-28746: Information exposure through microarchitectural state after transient execution from some register files for some Intel Atom Processors may allow an authenticated user to potentially enable information disclosure via local access. * CVE-2023-22655 Protection mechanism failure in some 3rd and 4th Generation Intel Xeon Processors when using Intel SGX or Intel TDX may allow a privileged user to potentially enable escalation of privilege via local access. * CVE-2023-43490: Incorrect calculation in microcode keying mechanism for some Intel Xeon D Processors with Intel? SGX may allow a privileged user to potentially enable information disclosure via local access. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap Micro 5.3 zypper in -t patch openSUSE-Leap-Micro-5.3-2024-1139=1 * openSUSE Leap Micro 5.4 zypper in -t patch openSUSE-Leap-Micro-5.4-2024-1139=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1139=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-1139=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-1139=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-1139=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-1139=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-1139=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-1139=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-1139=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-1139=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-1139=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-1139=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-1139=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-1139=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-1139=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-1139=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-1139=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-1139=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-1139=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-1139=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-1139=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-1139=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-1139=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-1139=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-1139=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-1139=1 ## Package List: * openSUSE Leap Micro 5.3 (x86_64) * ucode-intel-20240312-150200.38.1 * openSUSE Leap Micro 5.4 (x86_64) * ucode-intel-20240312-150200.38.1 * openSUSE Leap 15.5 (x86_64) * ucode-intel-20240312-150200.38.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (x86_64) * ucode-intel-20240312-150200.38.1 * SUSE Linux Enterprise Micro 5.3 (x86_64) * ucode-intel-20240312-150200.38.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (x86_64) * ucode-intel-20240312-150200.38.1 * SUSE Linux Enterprise Micro 5.4 (x86_64) * ucode-intel-20240312-150200.38.1 * SUSE Linux Enterprise Micro 5.5 (x86_64) * ucode-intel-20240312-150200.38.1 * Basesystem Module 15-SP5 (x86_64) * ucode-intel-20240312-150200.38.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (x86_64) * ucode-intel-20240312-150200.38.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (x86_64) * ucode-intel-20240312-150200.38.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64) * ucode-intel-20240312-150200.38.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64) * ucode-intel-20240312-150200.38.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * ucode-intel-20240312-150200.38.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (x86_64) * ucode-intel-20240312-150200.38.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (x86_64) * ucode-intel-20240312-150200.38.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (x86_64) * ucode-intel-20240312-150200.38.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (x86_64) * ucode-intel-20240312-150200.38.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (x86_64) * ucode-intel-20240312-150200.38.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64) * ucode-intel-20240312-150200.38.1 * SUSE Manager Proxy 4.3 (x86_64) * ucode-intel-20240312-150200.38.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * ucode-intel-20240312-150200.38.1 * SUSE Manager Server 4.3 (x86_64) * ucode-intel-20240312-150200.38.1 * SUSE Enterprise Storage 7.1 (x86_64) * ucode-intel-20240312-150200.38.1 * SUSE Linux Enterprise Micro 5.1 (x86_64) * ucode-intel-20240312-150200.38.1 * SUSE Linux Enterprise Micro 5.2 (x86_64) * ucode-intel-20240312-150200.38.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (x86_64) * ucode-intel-20240312-150200.38.1 ## References: * https://www.suse.com/security/cve/CVE-2023-22655.html * https://www.suse.com/security/cve/CVE-2023-28746.html * https://www.suse.com/security/cve/CVE-2023-38575.html * https://www.suse.com/security/cve/CVE-2023-39368.html * https://www.suse.com/security/cve/CVE-2023-43490.html * https://bugzilla.suse.com/show_bug.cgi?id=1221323 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Apr 8 12:31:01 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 08 Apr 2024 12:31:01 -0000 Subject: SUSE-SU-2024:1138-1: moderate: Security update for guava Message-ID: <171257946166.20598.6001212225629264636@smelt2.prg2.suse.org> # Security update for guava Announcement ID: SUSE-SU-2024:1138-1 Rating: moderate References: * bsc#1179926 * bsc#1212401 Cross-References: * CVE-2020-8908 * CVE-2023-2976 CVSS scores: * CVE-2020-8908 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2020-8908 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2023-2976 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2023-2976 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N Affected Products: * SUSE Manager Server 4.3 * SUSE Manager Server 4.3 Module 4.3 An update that solves two vulnerabilities can now be installed. ## Description: This update for guava fixes the following issues: * Upgrade to guava from v30.1.1 to v32.0.1 * CVE-2023-2976: Fixed Predictable temporary files and directories used in FileBackedOutputStream. (bsc#1212401) * CVE-2020-8908: Fixed a bug that could allow an attacker with access to the machine to potentially access data in a temporary directory created by the Guava. (bsc#1179926) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Server 4.3 Module 4.3 zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Server-4.3-2024-1138=1 ## Package List: * SUSE Manager Server 4.3 Module 4.3 (noarch) * guava-32.0.1-150400.3.3.1 ## References: * https://www.suse.com/security/cve/CVE-2020-8908.html * https://www.suse.com/security/cve/CVE-2023-2976.html * https://bugzilla.suse.com/show_bug.cgi?id=1179926 * https://bugzilla.suse.com/show_bug.cgi?id=1212401 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Apr 8 12:31:06 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 08 Apr 2024 12:31:06 -0000 Subject: SUSE-SU-2024:1137-1: moderate: Security update for helm Message-ID: <171257946621.20598.17655059964377741968@smelt2.prg2.suse.org> # Security update for helm Announcement ID: SUSE-SU-2024:1137-1 Rating: moderate References: * bsc#1219969 * bsc#1220207 Cross-References: * CVE-2024-25620 * CVE-2024-26147 CVSS scores: * CVE-2024-25620 ( SUSE ): 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N * CVE-2024-26147 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Containers Module 15-SP5 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Package Hub 15 15-SP5 An update that solves two vulnerabilities can now be installed. ## Description: This update for helm fixes the following issues: * CVE-2024-25620: Fixed with dependency management path traversal (bsc#1219969). * CVE-2024-26147: Fixed uninitialized variable in yaml parsing (bsc#1220207). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1137=1 * Containers Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Containers-15-SP5-2024-1137=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-1137=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * helm-3.13.3-150000.1.32.1 * helm-debuginfo-3.13.3-150000.1.32.1 * openSUSE Leap 15.5 (noarch) * helm-zsh-completion-3.13.3-150000.1.32.1 * helm-bash-completion-3.13.3-150000.1.32.1 * helm-fish-completion-3.13.3-150000.1.32.1 * Containers Module 15-SP5 (aarch64 ppc64le s390x x86_64) * helm-3.13.3-150000.1.32.1 * helm-debuginfo-3.13.3-150000.1.32.1 * Containers Module 15-SP5 (noarch) * helm-zsh-completion-3.13.3-150000.1.32.1 * helm-bash-completion-3.13.3-150000.1.32.1 * SUSE Package Hub 15 15-SP5 (noarch) * helm-fish-completion-3.13.3-150000.1.32.1 ## References: * https://www.suse.com/security/cve/CVE-2024-25620.html * https://www.suse.com/security/cve/CVE-2024-26147.html * https://bugzilla.suse.com/show_bug.cgi?id=1219969 * https://bugzilla.suse.com/show_bug.cgi?id=1220207 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Apr 8 12:31:07 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 08 Apr 2024 12:31:07 -0000 Subject: SUSE-SU-2024:1136-1: moderate: Security update for c-ares Message-ID: <171257946792.20598.8850943050082047217@smelt2.prg2.suse.org> # Security update for c-ares Announcement ID: SUSE-SU-2024:1136-1 Rating: moderate References: * bsc#1220279 Cross-References: * CVE-2024-25629 CVSS scores: * CVE-2024-25629 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.5 * openSUSE Leap Micro 5.3 * openSUSE Leap Micro 5.4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for c-ares fixes the following issues: * CVE-2024-25629: Fixed out of bounds read in ares__read_line() (bsc#1220279). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap Micro 5.3 zypper in -t patch openSUSE-Leap-Micro-5.3-2024-1136=1 * openSUSE Leap Micro 5.4 zypper in -t patch openSUSE-Leap-Micro-5.4-2024-1136=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1136=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-1136=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-1136=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-1136=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-1136=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-1136=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-1136=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-1136=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-1136=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-1136=1 ## Package List: * openSUSE Leap Micro 5.3 (aarch64 x86_64) * c-ares-debugsource-1.19.1-150000.3.26.1 * libcares2-1.19.1-150000.3.26.1 * libcares2-debuginfo-1.19.1-150000.3.26.1 * openSUSE Leap Micro 5.4 (aarch64 s390x x86_64) * c-ares-debugsource-1.19.1-150000.3.26.1 * libcares2-1.19.1-150000.3.26.1 * libcares2-debuginfo-1.19.1-150000.3.26.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * c-ares-utils-debuginfo-1.19.1-150000.3.26.1 * c-ares-utils-1.19.1-150000.3.26.1 * c-ares-devel-1.19.1-150000.3.26.1 * libcares2-1.19.1-150000.3.26.1 * libcares2-debuginfo-1.19.1-150000.3.26.1 * c-ares-debugsource-1.19.1-150000.3.26.1 * openSUSE Leap 15.5 (x86_64) * libcares2-32bit-1.19.1-150000.3.26.1 * libcares2-32bit-debuginfo-1.19.1-150000.3.26.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * c-ares-debugsource-1.19.1-150000.3.26.1 * libcares2-1.19.1-150000.3.26.1 * libcares2-debuginfo-1.19.1-150000.3.26.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * c-ares-debugsource-1.19.1-150000.3.26.1 * libcares2-1.19.1-150000.3.26.1 * libcares2-debuginfo-1.19.1-150000.3.26.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * c-ares-debugsource-1.19.1-150000.3.26.1 * libcares2-1.19.1-150000.3.26.1 * libcares2-debuginfo-1.19.1-150000.3.26.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * c-ares-debugsource-1.19.1-150000.3.26.1 * libcares2-1.19.1-150000.3.26.1 * libcares2-debuginfo-1.19.1-150000.3.26.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 s390x x86_64) * c-ares-debugsource-1.19.1-150000.3.26.1 * libcares2-1.19.1-150000.3.26.1 * libcares2-debuginfo-1.19.1-150000.3.26.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * c-ares-devel-1.19.1-150000.3.26.1 * c-ares-debugsource-1.19.1-150000.3.26.1 * libcares2-1.19.1-150000.3.26.1 * libcares2-debuginfo-1.19.1-150000.3.26.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * c-ares-debugsource-1.19.1-150000.3.26.1 * libcares2-1.19.1-150000.3.26.1 * libcares2-debuginfo-1.19.1-150000.3.26.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * c-ares-debugsource-1.19.1-150000.3.26.1 * libcares2-1.19.1-150000.3.26.1 * libcares2-debuginfo-1.19.1-150000.3.26.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * c-ares-debugsource-1.19.1-150000.3.26.1 * libcares2-1.19.1-150000.3.26.1 * libcares2-debuginfo-1.19.1-150000.3.26.1 ## References: * https://www.suse.com/security/cve/CVE-2024-25629.html * https://bugzilla.suse.com/show_bug.cgi?id=1220279 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Apr 8 12:31:09 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 08 Apr 2024 12:31:09 -0000 Subject: SUSE-SU-2024:1135-1: moderate: Security update for libcares2 Message-ID: <171257946960.20598.363535697854025585@smelt2.prg2.suse.org> # Security update for libcares2 Announcement ID: SUSE-SU-2024:1135-1 Rating: moderate References: * bsc#1220279 Cross-References: * CVE-2024-25629 CVSS scores: * CVE-2024-25629 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 * SUSE Linux Enterprise Workstation Extension 12 12-SP5 An update that solves one vulnerability can now be installed. ## Description: This update for libcares2 fixes the following issues: * CVE-2024-25629: Fixed out of bounds read in ares__read_line() (bsc#1220279). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-1135=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1135=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1135=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1135=1 * SUSE Linux Enterprise Workstation Extension 12 12-SP5 zypper in -t patch SUSE-SLE-WE-12-SP5-2024-1135=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * libcares-devel-1.9.1-9.21.1 * libcares2-debuginfo-1.9.1-9.21.1 * libcares2-debugsource-1.9.1-9.21.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * libcares2-debuginfo-1.9.1-9.21.1 * libcares2-debugsource-1.9.1-9.21.1 * libcares2-1.9.1-9.21.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * libcares2-debuginfo-1.9.1-9.21.1 * libcares2-debugsource-1.9.1-9.21.1 * libcares2-1.9.1-9.21.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * libcares2-debuginfo-1.9.1-9.21.1 * libcares2-debugsource-1.9.1-9.21.1 * libcares2-1.9.1-9.21.1 * SUSE Linux Enterprise Workstation Extension 12 12-SP5 (x86_64) * libcares2-32bit-1.9.1-9.21.1 * libcares2-debugsource-1.9.1-9.21.1 * libcares2-debuginfo-32bit-1.9.1-9.21.1 ## References: * https://www.suse.com/security/cve/CVE-2024-25629.html * https://bugzilla.suse.com/show_bug.cgi?id=1220279 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Apr 8 12:31:12 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 08 Apr 2024 12:31:12 -0000 Subject: SUSE-SU-2024:1134-1: moderate: Security update for indent Message-ID: <171257947295.20598.10167548473100825945@smelt2.prg2.suse.org> # Security update for indent Announcement ID: SUSE-SU-2024:1134-1 Rating: moderate References: * bsc#1219210 Cross-References: * CVE-2024-0911 CVSS scores: * CVE-2024-0911 ( SUSE ): 5.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H * CVE-2024-0911 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for indent fixes the following issues: * CVE-2024-0911: Fixed heap-based buffer overflow in set_buf_break() (bsc#1219210). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-1134=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * indent-debugsource-2.2.10-38.9.1 * indent-2.2.10-38.9.1 * indent-debuginfo-2.2.10-38.9.1 ## References: * https://www.suse.com/security/cve/CVE-2024-0911.html * https://bugzilla.suse.com/show_bug.cgi?id=1219210 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Apr 8 12:31:16 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 08 Apr 2024 12:31:16 -0000 Subject: SUSE-SU-2024:1133-1: moderate: Security update for ncurses Message-ID: <171257947624.20598.5627989880045359650@smelt2.prg2.suse.org> # Security update for ncurses Announcement ID: SUSE-SU-2024:1133-1 Rating: moderate References: * bsc#1220061 Cross-References: * CVE-2023-45918 CVSS scores: * CVE-2023-45918 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L Affected Products: * Basesystem Module 15-SP5 * Development Tools Module 15-SP5 * Legacy Module 15-SP5 * openSUSE Leap 15.5 * openSUSE Leap Micro 5.3 * openSUSE Leap Micro 5.4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for ncurses fixes the following issues: * CVE-2023-45918: Fixed NULL pointer dereference via corrupted xterm-256color file (bsc#1220061). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap Micro 5.3 zypper in -t patch openSUSE-Leap-Micro-5.3-2024-1133=1 * openSUSE Leap Micro 5.4 zypper in -t patch openSUSE-Leap-Micro-5.4-2024-1133=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1133=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-1133=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-1133=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-1133=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-1133=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-1133=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-1133=1 * Development Tools Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2024-1133=1 * Legacy Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Legacy-15-SP5-2024-1133=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-1133=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-1133=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-1133=1 ## Package List: * openSUSE Leap Micro 5.3 (aarch64 x86_64) * terminfo-base-6.1-150000.5.24.1 * ncurses-debugsource-6.1-150000.5.24.1 * libncurses6-6.1-150000.5.24.1 * ncurses-utils-6.1-150000.5.24.1 * terminfo-6.1-150000.5.24.1 * libncurses6-debuginfo-6.1-150000.5.24.1 * ncurses-utils-debuginfo-6.1-150000.5.24.1 * openSUSE Leap Micro 5.4 (aarch64 s390x x86_64) * terminfo-base-6.1-150000.5.24.1 * ncurses-debugsource-6.1-150000.5.24.1 * libncurses6-6.1-150000.5.24.1 * ncurses-utils-6.1-150000.5.24.1 * terminfo-6.1-150000.5.24.1 * libncurses6-debuginfo-6.1-150000.5.24.1 * ncurses-utils-debuginfo-6.1-150000.5.24.1 * openSUSE Leap 15.5 (x86_64) * ncurses-devel-32bit-debuginfo-6.1-150000.5.24.1 * libncurses5-32bit-debuginfo-6.1-150000.5.24.1 * ncurses5-devel-32bit-6.1-150000.5.24.1 * libncurses5-32bit-6.1-150000.5.24.1 * ncurses-devel-32bit-6.1-150000.5.24.1 * libncurses6-32bit-debuginfo-6.1-150000.5.24.1 * libncurses6-32bit-6.1-150000.5.24.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * ncurses-devel-6.1-150000.5.24.1 * ncurses5-devel-6.1-150000.5.24.1 * tack-debuginfo-6.1-150000.5.24.1 * terminfo-base-6.1-150000.5.24.1 * ncurses-debugsource-6.1-150000.5.24.1 * tack-6.1-150000.5.24.1 * libncurses6-6.1-150000.5.24.1 * libncurses5-6.1-150000.5.24.1 * ncurses-utils-6.1-150000.5.24.1 * libncurses5-debuginfo-6.1-150000.5.24.1 * ncurses-utils-debuginfo-6.1-150000.5.24.1 * ncurses-devel-debuginfo-6.1-150000.5.24.1 * terminfo-iterm-6.1-150000.5.24.1 * terminfo-screen-6.1-150000.5.24.1 * terminfo-6.1-150000.5.24.1 * libncurses6-debuginfo-6.1-150000.5.24.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * terminfo-base-6.1-150000.5.24.1 * ncurses-debugsource-6.1-150000.5.24.1 * libncurses6-6.1-150000.5.24.1 * ncurses-utils-6.1-150000.5.24.1 * terminfo-6.1-150000.5.24.1 * libncurses6-debuginfo-6.1-150000.5.24.1 * ncurses-utils-debuginfo-6.1-150000.5.24.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * terminfo-base-6.1-150000.5.24.1 * ncurses-debugsource-6.1-150000.5.24.1 * libncurses6-6.1-150000.5.24.1 * ncurses-utils-6.1-150000.5.24.1 * terminfo-6.1-150000.5.24.1 * libncurses6-debuginfo-6.1-150000.5.24.1 * ncurses-utils-debuginfo-6.1-150000.5.24.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * terminfo-base-6.1-150000.5.24.1 * ncurses-debugsource-6.1-150000.5.24.1 * libncurses6-6.1-150000.5.24.1 * ncurses-utils-6.1-150000.5.24.1 * terminfo-6.1-150000.5.24.1 * libncurses6-debuginfo-6.1-150000.5.24.1 * ncurses-utils-debuginfo-6.1-150000.5.24.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * terminfo-base-6.1-150000.5.24.1 * ncurses-debugsource-6.1-150000.5.24.1 * libncurses6-6.1-150000.5.24.1 * ncurses-utils-6.1-150000.5.24.1 * terminfo-6.1-150000.5.24.1 * libncurses6-debuginfo-6.1-150000.5.24.1 * ncurses-utils-debuginfo-6.1-150000.5.24.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 s390x x86_64) * terminfo-base-6.1-150000.5.24.1 * ncurses-debugsource-6.1-150000.5.24.1 * libncurses6-6.1-150000.5.24.1 * ncurses-utils-6.1-150000.5.24.1 * terminfo-6.1-150000.5.24.1 * libncurses6-debuginfo-6.1-150000.5.24.1 * ncurses-utils-debuginfo-6.1-150000.5.24.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * ncurses-devel-6.1-150000.5.24.1 * terminfo-base-6.1-150000.5.24.1 * tack-debuginfo-6.1-150000.5.24.1 * ncurses-debugsource-6.1-150000.5.24.1 * tack-6.1-150000.5.24.1 * libncurses6-6.1-150000.5.24.1 * ncurses-utils-6.1-150000.5.24.1 * ncurses-utils-debuginfo-6.1-150000.5.24.1 * ncurses-devel-debuginfo-6.1-150000.5.24.1 * terminfo-iterm-6.1-150000.5.24.1 * terminfo-screen-6.1-150000.5.24.1 * terminfo-6.1-150000.5.24.1 * libncurses6-debuginfo-6.1-150000.5.24.1 * Basesystem Module 15-SP5 (x86_64) * libncurses6-32bit-debuginfo-6.1-150000.5.24.1 * libncurses6-32bit-6.1-150000.5.24.1 * Development Tools Module 15-SP5 (x86_64) * ncurses-devel-32bit-debuginfo-6.1-150000.5.24.1 * ncurses-devel-32bit-6.1-150000.5.24.1 * Legacy Module 15-SP5 (aarch64 ppc64le s390x x86_64) * ncurses-debugsource-6.1-150000.5.24.1 * libncurses5-debuginfo-6.1-150000.5.24.1 * ncurses5-devel-6.1-150000.5.24.1 * libncurses5-6.1-150000.5.24.1 * Legacy Module 15-SP5 (x86_64) * libncurses5-32bit-debuginfo-6.1-150000.5.24.1 * libncurses5-32bit-6.1-150000.5.24.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * terminfo-base-6.1-150000.5.24.1 * ncurses-debugsource-6.1-150000.5.24.1 * libncurses6-6.1-150000.5.24.1 * ncurses-utils-6.1-150000.5.24.1 * terminfo-6.1-150000.5.24.1 * libncurses6-debuginfo-6.1-150000.5.24.1 * ncurses-utils-debuginfo-6.1-150000.5.24.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * terminfo-base-6.1-150000.5.24.1 * ncurses-debugsource-6.1-150000.5.24.1 * libncurses6-6.1-150000.5.24.1 * ncurses-utils-6.1-150000.5.24.1 * terminfo-6.1-150000.5.24.1 * libncurses6-debuginfo-6.1-150000.5.24.1 * ncurses-utils-debuginfo-6.1-150000.5.24.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * terminfo-base-6.1-150000.5.24.1 * ncurses-debugsource-6.1-150000.5.24.1 * libncurses6-6.1-150000.5.24.1 * ncurses-utils-6.1-150000.5.24.1 * terminfo-6.1-150000.5.24.1 * libncurses6-debuginfo-6.1-150000.5.24.1 * ncurses-utils-debuginfo-6.1-150000.5.24.1 ## References: * https://www.suse.com/security/cve/CVE-2023-45918.html * https://bugzilla.suse.com/show_bug.cgi?id=1220061 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Apr 8 12:31:19 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 08 Apr 2024 12:31:19 -0000 Subject: SUSE-SU-2024:1132-1: moderate: Security update for ncurses Message-ID: <171257947993.20598.1780914593931854834@smelt2.prg2.suse.org> # Security update for ncurses Announcement ID: SUSE-SU-2024:1132-1 Rating: moderate References: * bsc#1220061 Cross-References: * CVE-2023-45918 CVSS scores: * CVE-2023-45918 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for ncurses fixes the following issues: * CVE-2023-45918: Fixed NULL pointer dereference via corrupted xterm-256color file (bsc#1220061). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1132=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1132=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1132=1 * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-1132=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * ncurses-devel-debuginfo-5.9-88.1 * tack-5.9-88.1 * libncurses6-debuginfo-5.9-88.1 * ncurses-utils-5.9-88.1 * libncurses5-5.9-88.1 * terminfo-base-5.9-88.1 * libncurses5-debuginfo-5.9-88.1 * libncurses6-5.9-88.1 * ncurses-utils-debuginfo-5.9-88.1 * ncurses-debugsource-5.9-88.1 * tack-debuginfo-5.9-88.1 * ncurses-devel-5.9-88.1 * terminfo-5.9-88.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (x86_64) * libncurses5-32bit-5.9-88.1 * ncurses-devel-32bit-5.9-88.1 * ncurses-devel-debuginfo-32bit-5.9-88.1 * libncurses6-32bit-5.9-88.1 * libncurses6-debuginfo-32bit-5.9-88.1 * libncurses5-debuginfo-32bit-5.9-88.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * ncurses-devel-debuginfo-5.9-88.1 * tack-5.9-88.1 * libncurses6-debuginfo-5.9-88.1 * ncurses-utils-5.9-88.1 * libncurses5-5.9-88.1 * terminfo-base-5.9-88.1 * libncurses5-debuginfo-5.9-88.1 * libncurses6-5.9-88.1 * ncurses-utils-debuginfo-5.9-88.1 * ncurses-debugsource-5.9-88.1 * tack-debuginfo-5.9-88.1 * ncurses-devel-5.9-88.1 * terminfo-5.9-88.1 * SUSE Linux Enterprise Server 12 SP5 (s390x x86_64) * libncurses5-32bit-5.9-88.1 * ncurses-devel-32bit-5.9-88.1 * ncurses-devel-debuginfo-32bit-5.9-88.1 * libncurses6-32bit-5.9-88.1 * libncurses6-debuginfo-32bit-5.9-88.1 * libncurses5-debuginfo-32bit-5.9-88.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * ncurses-devel-debuginfo-5.9-88.1 * tack-5.9-88.1 * libncurses6-debuginfo-5.9-88.1 * ncurses-utils-5.9-88.1 * libncurses5-5.9-88.1 * terminfo-base-5.9-88.1 * libncurses5-debuginfo-5.9-88.1 * libncurses6-5.9-88.1 * ncurses-utils-debuginfo-5.9-88.1 * ncurses-debugsource-5.9-88.1 * tack-debuginfo-5.9-88.1 * ncurses-devel-5.9-88.1 * terminfo-5.9-88.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (x86_64) * libncurses5-32bit-5.9-88.1 * ncurses-devel-32bit-5.9-88.1 * ncurses-devel-debuginfo-32bit-5.9-88.1 * libncurses6-32bit-5.9-88.1 * libncurses6-debuginfo-32bit-5.9-88.1 * libncurses5-debuginfo-32bit-5.9-88.1 * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * ncurses-devel-debuginfo-5.9-88.1 * ncurses-debugsource-5.9-88.1 * ncurses-devel-5.9-88.1 ## References: * https://www.suse.com/security/cve/CVE-2023-45918.html * https://bugzilla.suse.com/show_bug.cgi?id=1220061 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Apr 8 12:31:21 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 08 Apr 2024 12:31:21 -0000 Subject: SUSE-SU-2024:1131-1: important: Security update for rubygem-rack Message-ID: <171257948141.20598.14046684294933946564@smelt2.prg2.suse.org> # Security update for rubygem-rack Announcement ID: SUSE-SU-2024:1131-1 Rating: important References: * bsc#1220239 * bsc#1220242 * bsc#1220248 Cross-References: * CVE-2024-25126 * CVE-2024-26141 * CVE-2024-26146 CVSS scores: * CVE-2024-25126 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26141 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26146 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP3 * SUSE Linux Enterprise Server 12 SP3 * SUSE Linux Enterprise Server 12 SP4 * SUSE OpenStack Cloud Crowbar 8 * SUSE OpenStack Cloud Crowbar 9 An update that solves three vulnerabilities can now be installed. ## Description: This update for rubygem-rack fixes the following issues: * CVE-2024-25126: Fixed a denial-of-service vulnerability in Rack Content-Type parsing (bsc#1220239). * CVE-2024-26141: Fixed a denial-of-service vulnerability in Range request header parsing (bsc#1220242). * CVE-2024-26146: Fixed a denial-of-service vulnerability in Rack headers parsing routine (bsc#1220248). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE OpenStack Cloud Crowbar 8 zypper in -t patch SUSE-OpenStack-Cloud-Crowbar-8-2024-1131=1 * SUSE OpenStack Cloud Crowbar 9 zypper in -t patch SUSE-OpenStack-Cloud-Crowbar-9-2024-1131=1 ## Package List: * SUSE OpenStack Cloud Crowbar 8 (x86_64) * ruby2.1-rubygem-rack-1.6.13-3.22.1 * SUSE OpenStack Cloud Crowbar 9 (x86_64) * ruby2.1-rubygem-rack-1.6.13-3.22.1 ## References: * https://www.suse.com/security/cve/CVE-2024-25126.html * https://www.suse.com/security/cve/CVE-2024-26141.html * https://www.suse.com/security/cve/CVE-2024-26146.html * https://bugzilla.suse.com/show_bug.cgi?id=1220239 * https://bugzilla.suse.com/show_bug.cgi?id=1220242 * https://bugzilla.suse.com/show_bug.cgi?id=1220248 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Apr 8 12:31:22 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 08 Apr 2024 12:31:22 -0000 Subject: SUSE-SU-2024:1103-1: important: Security update for qemu Message-ID: <171257948284.20598.798933081680189168@smelt2.prg2.suse.org> # Security update for qemu Announcement ID: SUSE-SU-2024:1103-1 Rating: important References: * bsc#1205316 * bsc#1209554 * bsc#1218484 * bsc#1220062 * bsc#1220065 * bsc#1220134 * jsc#PED-7366 * jsc#PED-8113 Cross-References: * CVE-2023-1544 * CVE-2023-6693 * CVE-2024-24474 * CVE-2024-26327 * CVE-2024-26328 CVSS scores: * CVE-2023-1544 ( SUSE ): 7.9 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:H * CVE-2023-1544 ( NVD ): 6.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:H * CVE-2023-6693 ( SUSE ): 4.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2023-6693 ( NVD ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2024-24474 ( SUSE ): 8.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H * CVE-2024-26327 ( SUSE ): 8.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H * CVE-2024-26328 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.5 * Server Applications Module 15-SP5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Package Hub 15 15-SP5 An update that solves five vulnerabilities, contains two features and has one security fix can now be installed. ## Description: This update for qemu fixes the following issues: * CVE-2024-26327: Fixed buffer overflow via invalid SR/IOV NumVFs value (bsc#1220062). * CVE-2024-24474: Fixed integer overflow results in buffer overflow via SCSI command (bsc#1220134). * CVE-2023-6693: Fixed stack buffer overflow in virtio_net_flush_tx() (bsc#1218484). * CVE-2023-1544: Fixed out-of-bounds read in pvrdma_ring_next_elem_read() (bsc#1209554). * CVE-2024-26328: Fixed invalid NumVFs value handled in NVME SR/IOV implementation (bsc#1220065). The following non-security bug was fixed: * Removing in-use mediated device should fail with error message instead of hang (bsc#1205316). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-1103=1 * Server Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP5-2024-1103=1 * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-1103=1 openSUSE-SLE-15.5-2024-1103=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-1103=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-1103=1 ## Package List: * SUSE Package Hub 15 15-SP5 (noarch) * qemu-microvm-7.1.0-150500.49.12.1 * qemu-sgabios-8-150500.49.12.1 * qemu-SLOF-7.1.0-150500.49.12.1 * qemu-seabios-1.16.0_0_gd239552-150500.49.12.1 * qemu-vgabios-1.16.0_0_gd239552-150500.49.12.1 * qemu-skiboot-7.1.0-150500.49.12.1 * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x x86_64) * qemu-block-nfs-7.1.0-150500.49.12.1 * qemu-hw-usb-smartcard-debuginfo-7.1.0-150500.49.12.1 * qemu-accel-qtest-debuginfo-7.1.0-150500.49.12.1 * qemu-accel-qtest-7.1.0-150500.49.12.1 * qemu-ivshmem-tools-debuginfo-7.1.0-150500.49.12.1 * qemu-block-dmg-debuginfo-7.1.0-150500.49.12.1 * qemu-audio-oss-debuginfo-7.1.0-150500.49.12.1 * qemu-hw-usb-smartcard-7.1.0-150500.49.12.1 * qemu-extra-debuginfo-7.1.0-150500.49.12.1 * qemu-block-dmg-7.1.0-150500.49.12.1 * qemu-vhost-user-gpu-7.1.0-150500.49.12.1 * qemu-audio-oss-7.1.0-150500.49.12.1 * qemu-audio-jack-debuginfo-7.1.0-150500.49.12.1 * qemu-vhost-user-gpu-debuginfo-7.1.0-150500.49.12.1 * qemu-extra-7.1.0-150500.49.12.1 * qemu-audio-jack-7.1.0-150500.49.12.1 * qemu-block-nfs-debuginfo-7.1.0-150500.49.12.1 * qemu-block-gluster-debuginfo-7.1.0-150500.49.12.1 * qemu-debuginfo-7.1.0-150500.49.12.1 * qemu-ivshmem-tools-7.1.0-150500.49.12.1 * qemu-block-gluster-7.1.0-150500.49.12.1 * qemu-debugsource-7.1.0-150500.49.12.1 * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x) * qemu-x86-7.1.0-150500.49.12.1 * qemu-x86-debuginfo-7.1.0-150500.49.12.1 * qemu-accel-tcg-x86-7.1.0-150500.49.12.1 * qemu-audio-alsa-debuginfo-7.1.0-150500.49.12.1 * qemu-audio-pa-7.1.0-150500.49.12.1 * qemu-audio-pa-debuginfo-7.1.0-150500.49.12.1 * qemu-accel-tcg-x86-debuginfo-7.1.0-150500.49.12.1 * qemu-audio-alsa-7.1.0-150500.49.12.1 * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le) * qemu-hw-display-virtio-gpu-debuginfo-7.1.0-150500.49.12.1 * qemu-hw-display-virtio-gpu-pci-debuginfo-7.1.0-150500.49.12.1 * qemu-hw-display-virtio-gpu-pci-7.1.0-150500.49.12.1 * qemu-hw-display-virtio-gpu-7.1.0-150500.49.12.1 * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le x86_64) * qemu-s390x-debuginfo-7.1.0-150500.49.12.1 * qemu-hw-s390x-virtio-gpu-ccw-debuginfo-7.1.0-150500.49.12.1 * qemu-s390x-7.1.0-150500.49.12.1 * qemu-hw-s390x-virtio-gpu-ccw-7.1.0-150500.49.12.1 * SUSE Package Hub 15 15-SP5 (aarch64 s390x x86_64) * qemu-ppc-debuginfo-7.1.0-150500.49.12.1 * qemu-ppc-7.1.0-150500.49.12.1 * SUSE Package Hub 15 15-SP5 (ppc64le s390x x86_64) * qemu-arm-7.1.0-150500.49.12.1 * qemu-arm-debuginfo-7.1.0-150500.49.12.1 * SUSE Package Hub 15 15-SP5 (s390x) * qemu-hw-usb-redirect-7.1.0-150500.49.12.1 * qemu-hw-display-qxl-debuginfo-7.1.0-150500.49.12.1 * qemu-ui-opengl-debuginfo-7.1.0-150500.49.12.1 * qemu-hw-display-virtio-vga-7.1.0-150500.49.12.1 * qemu-ui-spice-core-7.1.0-150500.49.12.1 * qemu-ui-spice-core-debuginfo-7.1.0-150500.49.12.1 * qemu-hw-display-virtio-vga-debuginfo-7.1.0-150500.49.12.1 * qemu-ui-opengl-7.1.0-150500.49.12.1 * qemu-ui-gtk-7.1.0-150500.49.12.1 * qemu-ui-spice-app-debuginfo-7.1.0-150500.49.12.1 * qemu-audio-spice-debuginfo-7.1.0-150500.49.12.1 * qemu-hw-usb-redirect-debuginfo-7.1.0-150500.49.12.1 * qemu-audio-spice-7.1.0-150500.49.12.1 * qemu-chardev-spice-debuginfo-7.1.0-150500.49.12.1 * qemu-hw-display-qxl-7.1.0-150500.49.12.1 * qemu-ui-gtk-debuginfo-7.1.0-150500.49.12.1 * qemu-ui-spice-app-7.1.0-150500.49.12.1 * qemu-chardev-spice-7.1.0-150500.49.12.1 * Server Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * qemu-chardev-baum-debuginfo-7.1.0-150500.49.12.1 * qemu-block-iscsi-debuginfo-7.1.0-150500.49.12.1 * qemu-block-rbd-7.1.0-150500.49.12.1 * qemu-ui-curses-debuginfo-7.1.0-150500.49.12.1 * qemu-audio-dbus-7.1.0-150500.49.12.1 * qemu-lang-7.1.0-150500.49.12.1 * qemu-block-curl-debuginfo-7.1.0-150500.49.12.1 * qemu-guest-agent-7.1.0-150500.49.12.1 * qemu-block-iscsi-7.1.0-150500.49.12.1 * qemu-ksm-7.1.0-150500.49.12.1 * qemu-audio-dbus-debuginfo-7.1.0-150500.49.12.1 * qemu-hw-usb-host-7.1.0-150500.49.12.1 * qemu-hw-usb-host-debuginfo-7.1.0-150500.49.12.1 * qemu-ui-dbus-debuginfo-7.1.0-150500.49.12.1 * qemu-block-curl-7.1.0-150500.49.12.1 * qemu-ui-curses-7.1.0-150500.49.12.1 * qemu-block-rbd-debuginfo-7.1.0-150500.49.12.1 * qemu-guest-agent-debuginfo-7.1.0-150500.49.12.1 * qemu-block-ssh-debuginfo-7.1.0-150500.49.12.1 * qemu-7.1.0-150500.49.12.1 * qemu-debuginfo-7.1.0-150500.49.12.1 * qemu-ui-dbus-7.1.0-150500.49.12.1 * qemu-chardev-baum-7.1.0-150500.49.12.1 * qemu-block-ssh-7.1.0-150500.49.12.1 * qemu-debugsource-7.1.0-150500.49.12.1 * Server Applications Module 15-SP5 (aarch64) * qemu-arm-7.1.0-150500.49.12.1 * qemu-arm-debuginfo-7.1.0-150500.49.12.1 * Server Applications Module 15-SP5 (aarch64 ppc64le x86_64) * qemu-hw-usb-redirect-7.1.0-150500.49.12.1 * qemu-hw-display-qxl-debuginfo-7.1.0-150500.49.12.1 * qemu-ui-opengl-debuginfo-7.1.0-150500.49.12.1 * qemu-hw-display-virtio-vga-7.1.0-150500.49.12.1 * qemu-ui-spice-core-7.1.0-150500.49.12.1 * qemu-ui-spice-core-debuginfo-7.1.0-150500.49.12.1 * qemu-hw-display-virtio-vga-debuginfo-7.1.0-150500.49.12.1 * qemu-ui-opengl-7.1.0-150500.49.12.1 * qemu-ui-gtk-7.1.0-150500.49.12.1 * qemu-ui-spice-app-debuginfo-7.1.0-150500.49.12.1 * qemu-audio-spice-debuginfo-7.1.0-150500.49.12.1 * qemu-hw-usb-redirect-debuginfo-7.1.0-150500.49.12.1 * qemu-audio-spice-7.1.0-150500.49.12.1 * qemu-chardev-spice-debuginfo-7.1.0-150500.49.12.1 * qemu-hw-display-qxl-7.1.0-150500.49.12.1 * qemu-ui-gtk-debuginfo-7.1.0-150500.49.12.1 * qemu-ui-spice-app-7.1.0-150500.49.12.1 * qemu-chardev-spice-7.1.0-150500.49.12.1 * Server Applications Module 15-SP5 (noarch) * qemu-sgabios-8-150500.49.12.1 * qemu-ipxe-1.0.0+-150500.49.12.1 * qemu-SLOF-7.1.0-150500.49.12.1 * qemu-seabios-1.16.0_0_gd239552-150500.49.12.1 * qemu-vgabios-1.16.0_0_gd239552-150500.49.12.1 * qemu-skiboot-7.1.0-150500.49.12.1 * Server Applications Module 15-SP5 (ppc64le) * qemu-ppc-debuginfo-7.1.0-150500.49.12.1 * qemu-ppc-7.1.0-150500.49.12.1 * Server Applications Module 15-SP5 (s390x x86_64) * qemu-hw-display-virtio-gpu-pci-debuginfo-7.1.0-150500.49.12.1 * qemu-hw-display-virtio-gpu-pci-7.1.0-150500.49.12.1 * qemu-hw-display-virtio-gpu-debuginfo-7.1.0-150500.49.12.1 * qemu-kvm-7.1.0-150500.49.12.1 * qemu-hw-display-virtio-gpu-7.1.0-150500.49.12.1 * Server Applications Module 15-SP5 (s390x) * qemu-s390x-debuginfo-7.1.0-150500.49.12.1 * qemu-hw-s390x-virtio-gpu-ccw-debuginfo-7.1.0-150500.49.12.1 * qemu-s390x-7.1.0-150500.49.12.1 * qemu-hw-s390x-virtio-gpu-ccw-7.1.0-150500.49.12.1 * Server Applications Module 15-SP5 (x86_64) * qemu-x86-7.1.0-150500.49.12.1 * qemu-x86-debuginfo-7.1.0-150500.49.12.1 * qemu-accel-tcg-x86-7.1.0-150500.49.12.1 * qemu-audio-alsa-debuginfo-7.1.0-150500.49.12.1 * qemu-audio-pa-7.1.0-150500.49.12.1 * qemu-audio-pa-debuginfo-7.1.0-150500.49.12.1 * qemu-accel-tcg-x86-debuginfo-7.1.0-150500.49.12.1 * qemu-audio-alsa-7.1.0-150500.49.12.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * qemu-block-iscsi-debuginfo-7.1.0-150500.49.12.1 * qemu-ui-curses-debuginfo-7.1.0-150500.49.12.1 * qemu-audio-dbus-7.1.0-150500.49.12.1 * qemu-s390x-7.1.0-150500.49.12.1 * qemu-ui-opengl-7.1.0-150500.49.12.1 * qemu-accel-qtest-debuginfo-7.1.0-150500.49.12.1 * qemu-guest-agent-7.1.0-150500.49.12.1 * qemu-block-iscsi-7.1.0-150500.49.12.1 * qemu-hw-display-virtio-gpu-pci-7.1.0-150500.49.12.1 * qemu-ksm-7.1.0-150500.49.12.1 * qemu-audio-dbus-debuginfo-7.1.0-150500.49.12.1 * qemu-hw-usb-host-7.1.0-150500.49.12.1 * qemu-audio-alsa-debuginfo-7.1.0-150500.49.12.1 * qemu-hw-usb-redirect-debuginfo-7.1.0-150500.49.12.1 * qemu-block-dmg-7.1.0-150500.49.12.1 * qemu-ui-curses-7.1.0-150500.49.12.1 * qemu-arm-7.1.0-150500.49.12.1 * qemu-audio-oss-7.1.0-150500.49.12.1 * qemu-audio-jack-debuginfo-7.1.0-150500.49.12.1 * qemu-accel-tcg-x86-debuginfo-7.1.0-150500.49.12.1 * qemu-audio-spice-7.1.0-150500.49.12.1 * qemu-block-nfs-debuginfo-7.1.0-150500.49.12.1 * qemu-block-ssh-7.1.0-150500.49.12.1 * qemu-debugsource-7.1.0-150500.49.12.1 * qemu-hw-display-qxl-debuginfo-7.1.0-150500.49.12.1 * qemu-linux-user-7.1.0-150500.49.12.1 * qemu-hw-usb-smartcard-debuginfo-7.1.0-150500.49.12.1 * qemu-ui-gtk-7.1.0-150500.49.12.1 * qemu-hw-s390x-virtio-gpu-ccw-debuginfo-7.1.0-150500.49.12.1 * qemu-tools-7.1.0-150500.49.12.1 * qemu-audio-oss-debuginfo-7.1.0-150500.49.12.1 * qemu-hw-usb-host-debuginfo-7.1.0-150500.49.12.1 * qemu-ui-dbus-debuginfo-7.1.0-150500.49.12.1 * qemu-ui-opengl-debuginfo-7.1.0-150500.49.12.1 * qemu-ui-spice-core-7.1.0-150500.49.12.1 * qemu-chardev-spice-7.1.0-150500.49.12.1 * qemu-ui-dbus-7.1.0-150500.49.12.1 * qemu-chardev-baum-debuginfo-7.1.0-150500.49.12.1 * qemu-hw-display-virtio-gpu-pci-debuginfo-7.1.0-150500.49.12.1 * qemu-block-nfs-7.1.0-150500.49.12.1 * qemu-arm-debuginfo-7.1.0-150500.49.12.1 * qemu-linux-user-debuginfo-7.1.0-150500.49.12.1 * qemu-audio-spice-debuginfo-7.1.0-150500.49.12.1 * qemu-accel-qtest-7.1.0-150500.49.12.1 * qemu-ivshmem-tools-debuginfo-7.1.0-150500.49.12.1 * qemu-audio-alsa-7.1.0-150500.49.12.1 * qemu-ui-spice-app-7.1.0-150500.49.12.1 * qemu-x86-7.1.0-150500.49.12.1 * qemu-hw-usb-redirect-7.1.0-150500.49.12.1 * qemu-block-dmg-debuginfo-7.1.0-150500.49.12.1 * qemu-extra-debuginfo-7.1.0-150500.49.12.1 * qemu-audio-pa-7.1.0-150500.49.12.1 * qemu-hw-display-virtio-gpu-debuginfo-7.1.0-150500.49.12.1 * qemu-linux-user-debugsource-7.1.0-150500.49.12.1 * qemu-ui-spice-core-debuginfo-7.1.0-150500.49.12.1 * qemu-x86-debuginfo-7.1.0-150500.49.12.1 * qemu-accel-tcg-x86-7.1.0-150500.49.12.1 * qemu-chardev-spice-debuginfo-7.1.0-150500.49.12.1 * qemu-extra-7.1.0-150500.49.12.1 * qemu-guest-agent-debuginfo-7.1.0-150500.49.12.1 * qemu-block-gluster-debuginfo-7.1.0-150500.49.12.1 * qemu-chardev-baum-7.1.0-150500.49.12.1 * qemu-block-gluster-7.1.0-150500.49.12.1 * qemu-hw-display-virtio-vga-7.1.0-150500.49.12.1 * qemu-lang-7.1.0-150500.49.12.1 * qemu-block-curl-debuginfo-7.1.0-150500.49.12.1 * qemu-hw-usb-smartcard-7.1.0-150500.49.12.1 * qemu-headless-7.1.0-150500.49.12.1 * qemu-ppc-debuginfo-7.1.0-150500.49.12.1 * qemu-audio-pa-debuginfo-7.1.0-150500.49.12.1 * qemu-tools-debuginfo-7.1.0-150500.49.12.1 * qemu-ppc-7.1.0-150500.49.12.1 * qemu-block-curl-7.1.0-150500.49.12.1 * qemu-vhost-user-gpu-7.1.0-150500.49.12.1 * qemu-s390x-debuginfo-7.1.0-150500.49.12.1 * qemu-ui-spice-app-debuginfo-7.1.0-150500.49.12.1 * qemu-vhost-user-gpu-debuginfo-7.1.0-150500.49.12.1 * qemu-hw-display-qxl-7.1.0-150500.49.12.1 * qemu-hw-display-virtio-gpu-7.1.0-150500.49.12.1 * qemu-hw-display-virtio-vga-debuginfo-7.1.0-150500.49.12.1 * qemu-hw-s390x-virtio-gpu-ccw-7.1.0-150500.49.12.1 * qemu-audio-jack-7.1.0-150500.49.12.1 * qemu-ui-gtk-debuginfo-7.1.0-150500.49.12.1 * qemu-block-ssh-debuginfo-7.1.0-150500.49.12.1 * qemu-7.1.0-150500.49.12.1 * qemu-debuginfo-7.1.0-150500.49.12.1 * qemu-ivshmem-tools-7.1.0-150500.49.12.1 * openSUSE Leap 15.5 (s390x x86_64 i586) * qemu-kvm-7.1.0-150500.49.12.1 * openSUSE Leap 15.5 (noarch) * qemu-microvm-7.1.0-150500.49.12.1 * qemu-ipxe-1.0.0+-150500.49.12.1 * qemu-sgabios-8-150500.49.12.1 * qemu-SLOF-7.1.0-150500.49.12.1 * qemu-seabios-1.16.0_0_gd239552-150500.49.12.1 * qemu-vgabios-1.16.0_0_gd239552-150500.49.12.1 * qemu-skiboot-7.1.0-150500.49.12.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * qemu-block-rbd-7.1.0-150500.49.12.1 * qemu-block-rbd-debuginfo-7.1.0-150500.49.12.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 s390x x86_64) * qemu-hw-display-qxl-debuginfo-7.1.0-150500.49.12.1 * qemu-hw-display-virtio-vga-7.1.0-150500.49.12.1 * qemu-ui-opengl-7.1.0-150500.49.12.1 * qemu-audio-spice-debuginfo-7.1.0-150500.49.12.1 * qemu-block-curl-debuginfo-7.1.0-150500.49.12.1 * qemu-guest-agent-7.1.0-150500.49.12.1 * qemu-tools-7.1.0-150500.49.12.1 * qemu-hw-usb-redirect-7.1.0-150500.49.12.1 * qemu-hw-usb-redirect-debuginfo-7.1.0-150500.49.12.1 * qemu-hw-display-virtio-gpu-debuginfo-7.1.0-150500.49.12.1 * qemu-tools-debuginfo-7.1.0-150500.49.12.1 * qemu-ui-opengl-debuginfo-7.1.0-150500.49.12.1 * qemu-ui-spice-core-7.1.0-150500.49.12.1 * qemu-block-curl-7.1.0-150500.49.12.1 * qemu-ui-spice-core-debuginfo-7.1.0-150500.49.12.1 * qemu-audio-spice-7.1.0-150500.49.12.1 * qemu-chardev-spice-debuginfo-7.1.0-150500.49.12.1 * qemu-hw-display-qxl-7.1.0-150500.49.12.1 * qemu-hw-display-virtio-gpu-7.1.0-150500.49.12.1 * qemu-hw-display-virtio-vga-debuginfo-7.1.0-150500.49.12.1 * qemu-guest-agent-debuginfo-7.1.0-150500.49.12.1 * qemu-chardev-spice-7.1.0-150500.49.12.1 * qemu-7.1.0-150500.49.12.1 * qemu-debuginfo-7.1.0-150500.49.12.1 * qemu-debugsource-7.1.0-150500.49.12.1 * SUSE Linux Enterprise Micro 5.5 (aarch64) * qemu-arm-7.1.0-150500.49.12.1 * qemu-arm-debuginfo-7.1.0-150500.49.12.1 * SUSE Linux Enterprise Micro 5.5 (noarch) * qemu-sgabios-8-150500.49.12.1 * qemu-ipxe-1.0.0+-150500.49.12.1 * qemu-vgabios-1.16.0_0_gd239552-150500.49.12.1 * qemu-seabios-1.16.0_0_gd239552-150500.49.12.1 * SUSE Linux Enterprise Micro 5.5 (s390x) * qemu-s390x-debuginfo-7.1.0-150500.49.12.1 * qemu-s390x-7.1.0-150500.49.12.1 * SUSE Linux Enterprise Micro 5.5 (x86_64) * qemu-x86-7.1.0-150500.49.12.1 * qemu-accel-tcg-x86-7.1.0-150500.49.12.1 * qemu-x86-debuginfo-7.1.0-150500.49.12.1 * qemu-accel-tcg-x86-debuginfo-7.1.0-150500.49.12.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * qemu-debuginfo-7.1.0-150500.49.12.1 * qemu-tools-debuginfo-7.1.0-150500.49.12.1 * qemu-debugsource-7.1.0-150500.49.12.1 * qemu-tools-7.1.0-150500.49.12.1 ## References: * https://www.suse.com/security/cve/CVE-2023-1544.html * https://www.suse.com/security/cve/CVE-2023-6693.html * https://www.suse.com/security/cve/CVE-2024-24474.html * https://www.suse.com/security/cve/CVE-2024-26327.html * https://www.suse.com/security/cve/CVE-2024-26328.html * https://bugzilla.suse.com/show_bug.cgi?id=1205316 * https://bugzilla.suse.com/show_bug.cgi?id=1209554 * https://bugzilla.suse.com/show_bug.cgi?id=1218484 * https://bugzilla.suse.com/show_bug.cgi?id=1220062 * https://bugzilla.suse.com/show_bug.cgi?id=1220065 * https://bugzilla.suse.com/show_bug.cgi?id=1220134 * https://jira.suse.com/browse/PED-7366 * https://jira.suse.com/browse/PED-8113 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Apr 8 12:31:25 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 08 Apr 2024 12:31:25 -0000 Subject: SUSE-SU-2024:1102-1: moderate: Security update for xen Message-ID: <171257948590.20598.11930258582942285281@smelt2.prg2.suse.org> # Security update for xen Announcement ID: SUSE-SU-2024:1102-1 Rating: moderate References: * bsc#1027519 * bsc#1219885 * bsc#1221332 * bsc#1221334 Cross-References: * CVE-2023-28746 * CVE-2023-46841 * CVE-2024-2193 CVSS scores: * CVE-2023-28746 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2023-46841 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H * CVE-2024-2193 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.5 * Server Applications Module 15-SP5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves three vulnerabilities and has one security fix can now be installed. ## Description: This update for xen fixes the following issues: * CVE-2023-28746: Register File Data Sampling (bsc#1221332) * CVE-2024-2193: Fixed GhostRace, a speculative race conditions. (bsc#1221334) * CVE-2023-46841: Hhadow stack vs exceptions from emulation stubs (bsc#1219885) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1102=1 SUSE-2024-1102=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-1102=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-1102=1 * Server Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP5-2024-1102=1 ## Package List: * openSUSE Leap 15.5 (aarch64 x86_64 i586) * xen-libs-4.17.3_08-150500.3.27.1 * xen-devel-4.17.3_08-150500.3.27.1 * xen-debugsource-4.17.3_08-150500.3.27.1 * xen-tools-domU-debuginfo-4.17.3_08-150500.3.27.1 * xen-tools-domU-4.17.3_08-150500.3.27.1 * xen-libs-debuginfo-4.17.3_08-150500.3.27.1 * openSUSE Leap 15.5 (x86_64) * xen-libs-32bit-debuginfo-4.17.3_08-150500.3.27.1 * xen-libs-32bit-4.17.3_08-150500.3.27.1 * openSUSE Leap 15.5 (aarch64 x86_64) * xen-tools-4.17.3_08-150500.3.27.1 * xen-4.17.3_08-150500.3.27.1 * xen-doc-html-4.17.3_08-150500.3.27.1 * xen-tools-debuginfo-4.17.3_08-150500.3.27.1 * openSUSE Leap 15.5 (noarch) * xen-tools-xendomains-wait-disk-4.17.3_08-150500.3.27.1 * openSUSE Leap 15.5 (aarch64_ilp32) * xen-libs-64bit-4.17.3_08-150500.3.27.1 * xen-libs-64bit-debuginfo-4.17.3_08-150500.3.27.1 * SUSE Linux Enterprise Micro 5.5 (x86_64) * xen-debugsource-4.17.3_08-150500.3.27.1 * xen-libs-debuginfo-4.17.3_08-150500.3.27.1 * xen-libs-4.17.3_08-150500.3.27.1 * Basesystem Module 15-SP5 (x86_64) * xen-libs-4.17.3_08-150500.3.27.1 * xen-debugsource-4.17.3_08-150500.3.27.1 * xen-tools-domU-debuginfo-4.17.3_08-150500.3.27.1 * xen-tools-domU-4.17.3_08-150500.3.27.1 * xen-libs-debuginfo-4.17.3_08-150500.3.27.1 * Server Applications Module 15-SP5 (x86_64) * xen-devel-4.17.3_08-150500.3.27.1 * xen-4.17.3_08-150500.3.27.1 * xen-debugsource-4.17.3_08-150500.3.27.1 * xen-tools-4.17.3_08-150500.3.27.1 * xen-tools-debuginfo-4.17.3_08-150500.3.27.1 * Server Applications Module 15-SP5 (noarch) * xen-tools-xendomains-wait-disk-4.17.3_08-150500.3.27.1 ## References: * https://www.suse.com/security/cve/CVE-2023-28746.html * https://www.suse.com/security/cve/CVE-2023-46841.html * https://www.suse.com/security/cve/CVE-2024-2193.html * https://bugzilla.suse.com/show_bug.cgi?id=1027519 * https://bugzilla.suse.com/show_bug.cgi?id=1219885 * https://bugzilla.suse.com/show_bug.cgi?id=1221332 * https://bugzilla.suse.com/show_bug.cgi?id=1221334 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Apr 8 12:31:28 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 08 Apr 2024 12:31:28 -0000 Subject: SUSE-SU-2024:1101-1: moderate: Security update for xen Message-ID: <171257948856.20598.9792618795369004523@smelt2.prg2.suse.org> # Security update for xen Announcement ID: SUSE-SU-2024:1101-1 Rating: moderate References: * bsc#1221332 * bsc#1221334 Cross-References: * CVE-2023-28746 * CVE-2024-2193 CVSS scores: * CVE-2023-28746 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2024-2193 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * openSUSE Leap 15.4 * openSUSE Leap Micro 5.3 * openSUSE Leap Micro 5.4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 An update that solves two vulnerabilities can now be installed. ## Description: This update for xen fixes the following issues: * CVE-2023-28746: Register File Data Sampling (bsc#1221332) * CVE-2024-2193: Fixed GhostRace, a speculative race conditions. (bsc#1221334) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-1101=1 * openSUSE Leap Micro 5.3 zypper in -t patch openSUSE-Leap-Micro-5.3-2024-1101=1 * openSUSE Leap Micro 5.4 zypper in -t patch openSUSE-Leap-Micro-5.4-2024-1101=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-1101=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-1101=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-1101=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-1101=1 ## Package List: * openSUSE Leap 15.4 (aarch64 x86_64 i586) * xen-libs-4.16.5_14-150400.4.52.1 * xen-tools-domU-4.16.5_14-150400.4.52.1 * xen-tools-domU-debuginfo-4.16.5_14-150400.4.52.1 * xen-libs-debuginfo-4.16.5_14-150400.4.52.1 * xen-debugsource-4.16.5_14-150400.4.52.1 * xen-devel-4.16.5_14-150400.4.52.1 * openSUSE Leap 15.4 (x86_64) * xen-libs-32bit-4.16.5_14-150400.4.52.1 * xen-libs-32bit-debuginfo-4.16.5_14-150400.4.52.1 * openSUSE Leap 15.4 (aarch64 x86_64) * xen-doc-html-4.16.5_14-150400.4.52.1 * xen-4.16.5_14-150400.4.52.1 * xen-tools-4.16.5_14-150400.4.52.1 * xen-tools-debuginfo-4.16.5_14-150400.4.52.1 * openSUSE Leap 15.4 (noarch) * xen-tools-xendomains-wait-disk-4.16.5_14-150400.4.52.1 * openSUSE Leap 15.4 (aarch64_ilp32) * xen-libs-64bit-4.16.5_14-150400.4.52.1 * xen-libs-64bit-debuginfo-4.16.5_14-150400.4.52.1 * openSUSE Leap Micro 5.3 (x86_64) * xen-libs-4.16.5_14-150400.4.52.1 * xen-debugsource-4.16.5_14-150400.4.52.1 * xen-libs-debuginfo-4.16.5_14-150400.4.52.1 * openSUSE Leap Micro 5.4 (x86_64) * xen-libs-4.16.5_14-150400.4.52.1 * xen-debugsource-4.16.5_14-150400.4.52.1 * xen-libs-debuginfo-4.16.5_14-150400.4.52.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (x86_64) * xen-libs-4.16.5_14-150400.4.52.1 * xen-debugsource-4.16.5_14-150400.4.52.1 * xen-libs-debuginfo-4.16.5_14-150400.4.52.1 * SUSE Linux Enterprise Micro 5.3 (x86_64) * xen-libs-4.16.5_14-150400.4.52.1 * xen-debugsource-4.16.5_14-150400.4.52.1 * xen-libs-debuginfo-4.16.5_14-150400.4.52.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (x86_64) * xen-libs-4.16.5_14-150400.4.52.1 * xen-debugsource-4.16.5_14-150400.4.52.1 * xen-libs-debuginfo-4.16.5_14-150400.4.52.1 * SUSE Linux Enterprise Micro 5.4 (x86_64) * xen-libs-4.16.5_14-150400.4.52.1 * xen-debugsource-4.16.5_14-150400.4.52.1 * xen-libs-debuginfo-4.16.5_14-150400.4.52.1 ## References: * https://www.suse.com/security/cve/CVE-2023-28746.html * https://www.suse.com/security/cve/CVE-2024-2193.html * https://bugzilla.suse.com/show_bug.cgi?id=1221332 * https://bugzilla.suse.com/show_bug.cgi?id=1221334 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Apr 8 12:31:31 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 08 Apr 2024 12:31:31 -0000 Subject: SUSE-SU-2024:1100-1: moderate: Security update for libvirt Message-ID: <171257949189.20598.2167078256417381084@smelt2.prg2.suse.org> # Security update for libvirt Announcement ID: SUSE-SU-2024:1100-1 Rating: moderate References: * bsc#1221749 * bsc#1221815 Cross-References: * CVE-2024-2494 CVSS scores: * CVE-2024-2494 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.4 * openSUSE Leap Micro 5.3 * openSUSE Leap Micro 5.4 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for libvirt fixes the following issues: * CVE-2024-2494: Add a check for negative array lengths before allocation to prevent potential DoS. (bsc#1221815) The following non-security bug was fixed: * Avoid memleak in virNodeDeviceGetPCIVPDDynamicCap() (bsc#1221749). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-1100=1 * openSUSE Leap Micro 5.3 zypper in -t patch openSUSE-Leap-Micro-5.3-2024-1100=1 * openSUSE Leap Micro 5.4 zypper in -t patch openSUSE-Leap-Micro-5.4-2024-1100=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-1100=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-1100=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-1100=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-1100=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-1100=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-1100=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-1100=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-1100=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-1100=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-1100=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-1100=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-1100=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * libvirt-daemon-driver-lxc-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-qemu-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-secret-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-iscsi-8.0.0-150400.7.11.2 * libvirt-daemon-lxc-8.0.0-150400.7.11.2 * libvirt-daemon-driver-nwfilter-debuginfo-8.0.0-150400.7.11.2 * wireshark-plugin-libvirt-debuginfo-8.0.0-150400.7.11.2 * libvirt-nss-debuginfo-8.0.0-150400.7.11.2 * libvirt-client-8.0.0-150400.7.11.2 * libvirt-libs-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-core-debuginfo-8.0.0-150400.7.11.2 * libvirt-lock-sanlock-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-mpath-debuginfo-8.0.0-150400.7.11.2 * libvirt-lock-sanlock-8.0.0-150400.7.11.2 * libvirt-daemon-driver-qemu-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-core-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-iscsi-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-nodedev-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-iscsi-direct-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-iscsi-direct-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-scsi-8.0.0-150400.7.11.2 * libvirt-libs-debuginfo-8.0.0-150400.7.11.2 * libvirt-nss-8.0.0-150400.7.11.2 * libvirt-daemon-config-nwfilter-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-gluster-8.0.0-150400.7.11.2 * wireshark-plugin-libvirt-8.0.0-150400.7.11.2 * libvirt-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-logical-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-scsi-debuginfo-8.0.0-150400.7.11.2 * libvirt-debugsource-8.0.0-150400.7.11.2 * libvirt-daemon-driver-nodedev-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-disk-8.0.0-150400.7.11.2 * libvirt-daemon-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-config-network-8.0.0-150400.7.11.2 * libvirt-daemon-driver-interface-8.0.0-150400.7.11.2 * libvirt-client-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-8.0.0-150400.7.11.2 * libvirt-daemon-driver-network-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-qemu-8.0.0-150400.7.11.2 * libvirt-daemon-driver-network-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-logical-8.0.0-150400.7.11.2 * libvirt-daemon-driver-secret-8.0.0-150400.7.11.2 * libvirt-daemon-driver-nwfilter-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-gluster-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-mpath-8.0.0-150400.7.11.2 * libvirt-daemon-driver-lxc-8.0.0-150400.7.11.2 * libvirt-daemon-driver-interface-debuginfo-8.0.0-150400.7.11.2 * libvirt-devel-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-disk-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-hooks-8.0.0-150400.7.11.2 * openSUSE Leap 15.4 (x86_64) * libvirt-client-32bit-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-libxl-8.0.0-150400.7.11.2 * libvirt-daemon-driver-libxl-debuginfo-8.0.0-150400.7.11.2 * libvirt-devel-32bit-8.0.0-150400.7.11.2 * libvirt-daemon-xen-8.0.0-150400.7.11.2 * openSUSE Leap 15.4 (noarch) * libvirt-doc-8.0.0-150400.7.11.2 * openSUSE Leap 15.4 (aarch64 x86_64) * libvirt-daemon-driver-storage-rbd-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-rbd-8.0.0-150400.7.11.2 * openSUSE Leap 15.4 (aarch64_ilp32) * libvirt-client-64bit-debuginfo-8.0.0-150400.7.11.2 * libvirt-devel-64bit-8.0.0-150400.7.11.2 * openSUSE Leap Micro 5.3 (aarch64 x86_64) * libvirt-daemon-driver-qemu-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-secret-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-iscsi-8.0.0-150400.7.11.2 * libvirt-daemon-driver-nwfilter-debuginfo-8.0.0-150400.7.11.2 * libvirt-client-8.0.0-150400.7.11.2 * libvirt-libs-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-core-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-mpath-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-qemu-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-core-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-iscsi-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-nodedev-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-iscsi-direct-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-iscsi-direct-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-scsi-8.0.0-150400.7.11.2 * libvirt-libs-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-logical-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-rbd-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-scsi-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-nodedev-debuginfo-8.0.0-150400.7.11.2 * libvirt-debugsource-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-disk-8.0.0-150400.7.11.2 * libvirt-daemon-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-rbd-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-interface-8.0.0-150400.7.11.2 * libvirt-client-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-8.0.0-150400.7.11.2 * libvirt-daemon-driver-network-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-qemu-8.0.0-150400.7.11.2 * libvirt-daemon-driver-network-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-logical-8.0.0-150400.7.11.2 * libvirt-daemon-driver-secret-8.0.0-150400.7.11.2 * libvirt-daemon-driver-nwfilter-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-mpath-8.0.0-150400.7.11.2 * libvirt-daemon-driver-interface-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-disk-debuginfo-8.0.0-150400.7.11.2 * openSUSE Leap Micro 5.4 (aarch64 s390x x86_64) * libvirt-daemon-driver-qemu-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-secret-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-iscsi-8.0.0-150400.7.11.2 * libvirt-daemon-driver-nwfilter-debuginfo-8.0.0-150400.7.11.2 * libvirt-client-8.0.0-150400.7.11.2 * libvirt-libs-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-core-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-mpath-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-qemu-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-core-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-iscsi-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-nodedev-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-iscsi-direct-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-iscsi-direct-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-scsi-8.0.0-150400.7.11.2 * libvirt-libs-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-logical-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-scsi-debuginfo-8.0.0-150400.7.11.2 * libvirt-debugsource-8.0.0-150400.7.11.2 * libvirt-daemon-driver-nodedev-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-disk-8.0.0-150400.7.11.2 * libvirt-daemon-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-interface-8.0.0-150400.7.11.2 * libvirt-client-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-8.0.0-150400.7.11.2 * libvirt-daemon-driver-network-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-qemu-8.0.0-150400.7.11.2 * libvirt-daemon-driver-network-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-logical-8.0.0-150400.7.11.2 * libvirt-daemon-driver-secret-8.0.0-150400.7.11.2 * libvirt-daemon-driver-nwfilter-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-mpath-8.0.0-150400.7.11.2 * libvirt-daemon-driver-interface-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-disk-debuginfo-8.0.0-150400.7.11.2 * openSUSE Leap Micro 5.4 (aarch64 x86_64) * libvirt-daemon-driver-storage-rbd-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-rbd-8.0.0-150400.7.11.2 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * libvirt-daemon-driver-qemu-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-secret-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-iscsi-8.0.0-150400.7.11.2 * libvirt-daemon-driver-nwfilter-debuginfo-8.0.0-150400.7.11.2 * libvirt-client-8.0.0-150400.7.11.2 * libvirt-libs-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-core-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-mpath-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-qemu-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-core-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-iscsi-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-nodedev-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-iscsi-direct-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-iscsi-direct-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-scsi-8.0.0-150400.7.11.2 * libvirt-libs-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-logical-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-scsi-debuginfo-8.0.0-150400.7.11.2 * libvirt-debugsource-8.0.0-150400.7.11.2 * libvirt-daemon-driver-nodedev-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-disk-8.0.0-150400.7.11.2 * libvirt-daemon-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-interface-8.0.0-150400.7.11.2 * libvirt-client-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-8.0.0-150400.7.11.2 * libvirt-daemon-driver-network-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-qemu-8.0.0-150400.7.11.2 * libvirt-daemon-driver-network-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-logical-8.0.0-150400.7.11.2 * libvirt-daemon-driver-secret-8.0.0-150400.7.11.2 * libvirt-daemon-driver-nwfilter-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-mpath-8.0.0-150400.7.11.2 * libvirt-daemon-driver-interface-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-disk-debuginfo-8.0.0-150400.7.11.2 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 x86_64) * libvirt-daemon-driver-storage-rbd-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-rbd-8.0.0-150400.7.11.2 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * libvirt-daemon-driver-qemu-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-secret-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-iscsi-8.0.0-150400.7.11.2 * libvirt-daemon-driver-nwfilter-debuginfo-8.0.0-150400.7.11.2 * libvirt-client-8.0.0-150400.7.11.2 * libvirt-libs-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-core-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-mpath-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-qemu-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-core-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-iscsi-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-nodedev-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-iscsi-direct-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-iscsi-direct-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-scsi-8.0.0-150400.7.11.2 * libvirt-libs-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-logical-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-scsi-debuginfo-8.0.0-150400.7.11.2 * libvirt-debugsource-8.0.0-150400.7.11.2 * libvirt-daemon-driver-nodedev-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-disk-8.0.0-150400.7.11.2 * libvirt-daemon-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-interface-8.0.0-150400.7.11.2 * libvirt-client-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-8.0.0-150400.7.11.2 * libvirt-daemon-driver-network-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-qemu-8.0.0-150400.7.11.2 * libvirt-daemon-driver-network-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-logical-8.0.0-150400.7.11.2 * libvirt-daemon-driver-secret-8.0.0-150400.7.11.2 * libvirt-daemon-driver-nwfilter-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-mpath-8.0.0-150400.7.11.2 * libvirt-daemon-driver-interface-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-disk-debuginfo-8.0.0-150400.7.11.2 * SUSE Linux Enterprise Micro 5.3 (aarch64 x86_64) * libvirt-daemon-driver-storage-rbd-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-rbd-8.0.0-150400.7.11.2 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * libvirt-daemon-driver-qemu-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-secret-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-iscsi-8.0.0-150400.7.11.2 * libvirt-daemon-driver-nwfilter-debuginfo-8.0.0-150400.7.11.2 * libvirt-client-8.0.0-150400.7.11.2 * libvirt-libs-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-core-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-mpath-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-qemu-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-core-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-iscsi-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-nodedev-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-iscsi-direct-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-iscsi-direct-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-scsi-8.0.0-150400.7.11.2 * libvirt-libs-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-logical-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-scsi-debuginfo-8.0.0-150400.7.11.2 * libvirt-debugsource-8.0.0-150400.7.11.2 * libvirt-daemon-driver-nodedev-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-disk-8.0.0-150400.7.11.2 * libvirt-daemon-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-interface-8.0.0-150400.7.11.2 * libvirt-client-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-8.0.0-150400.7.11.2 * libvirt-daemon-driver-network-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-qemu-8.0.0-150400.7.11.2 * libvirt-daemon-driver-network-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-logical-8.0.0-150400.7.11.2 * libvirt-daemon-driver-secret-8.0.0-150400.7.11.2 * libvirt-daemon-driver-nwfilter-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-mpath-8.0.0-150400.7.11.2 * libvirt-daemon-driver-interface-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-disk-debuginfo-8.0.0-150400.7.11.2 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 x86_64) * libvirt-daemon-driver-storage-rbd-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-rbd-8.0.0-150400.7.11.2 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * libvirt-daemon-driver-qemu-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-secret-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-iscsi-8.0.0-150400.7.11.2 * libvirt-daemon-driver-nwfilter-debuginfo-8.0.0-150400.7.11.2 * libvirt-client-8.0.0-150400.7.11.2 * libvirt-libs-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-core-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-mpath-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-qemu-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-core-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-iscsi-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-nodedev-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-iscsi-direct-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-iscsi-direct-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-scsi-8.0.0-150400.7.11.2 * libvirt-libs-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-logical-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-scsi-debuginfo-8.0.0-150400.7.11.2 * libvirt-debugsource-8.0.0-150400.7.11.2 * libvirt-daemon-driver-nodedev-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-disk-8.0.0-150400.7.11.2 * libvirt-daemon-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-interface-8.0.0-150400.7.11.2 * libvirt-client-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-8.0.0-150400.7.11.2 * libvirt-daemon-driver-network-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-qemu-8.0.0-150400.7.11.2 * libvirt-daemon-driver-network-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-logical-8.0.0-150400.7.11.2 * libvirt-daemon-driver-secret-8.0.0-150400.7.11.2 * libvirt-daemon-driver-nwfilter-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-mpath-8.0.0-150400.7.11.2 * libvirt-daemon-driver-interface-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-disk-debuginfo-8.0.0-150400.7.11.2 * SUSE Linux Enterprise Micro 5.4 (aarch64 x86_64) * libvirt-daemon-driver-storage-rbd-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-rbd-8.0.0-150400.7.11.2 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * libvirt-daemon-driver-qemu-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-secret-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-iscsi-8.0.0-150400.7.11.2 * libvirt-daemon-driver-nwfilter-debuginfo-8.0.0-150400.7.11.2 * libvirt-nss-debuginfo-8.0.0-150400.7.11.2 * libvirt-client-8.0.0-150400.7.11.2 * libvirt-libs-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-core-debuginfo-8.0.0-150400.7.11.2 * libvirt-lock-sanlock-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-mpath-debuginfo-8.0.0-150400.7.11.2 * libvirt-lock-sanlock-8.0.0-150400.7.11.2 * libvirt-daemon-driver-qemu-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-core-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-iscsi-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-nodedev-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-iscsi-direct-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-iscsi-direct-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-scsi-8.0.0-150400.7.11.2 * libvirt-libs-debuginfo-8.0.0-150400.7.11.2 * libvirt-nss-8.0.0-150400.7.11.2 * libvirt-daemon-config-nwfilter-8.0.0-150400.7.11.2 * libvirt-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-logical-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-rbd-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-scsi-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-nodedev-debuginfo-8.0.0-150400.7.11.2 * libvirt-debugsource-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-disk-8.0.0-150400.7.11.2 * libvirt-daemon-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-config-network-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-rbd-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-interface-8.0.0-150400.7.11.2 * libvirt-client-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-8.0.0-150400.7.11.2 * libvirt-daemon-driver-network-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-qemu-8.0.0-150400.7.11.2 * libvirt-daemon-driver-network-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-logical-8.0.0-150400.7.11.2 * libvirt-daemon-driver-secret-8.0.0-150400.7.11.2 * libvirt-daemon-driver-nwfilter-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-mpath-8.0.0-150400.7.11.2 * libvirt-daemon-driver-interface-debuginfo-8.0.0-150400.7.11.2 * libvirt-devel-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-disk-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-hooks-8.0.0-150400.7.11.2 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * libvirt-doc-8.0.0-150400.7.11.2 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64) * libvirt-daemon-xen-8.0.0-150400.7.11.2 * libvirt-daemon-driver-libxl-8.0.0-150400.7.11.2 * libvirt-daemon-driver-libxl-debuginfo-8.0.0-150400.7.11.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * libvirt-daemon-driver-qemu-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-secret-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-iscsi-8.0.0-150400.7.11.2 * libvirt-daemon-driver-nwfilter-debuginfo-8.0.0-150400.7.11.2 * libvirt-nss-debuginfo-8.0.0-150400.7.11.2 * libvirt-client-8.0.0-150400.7.11.2 * libvirt-libs-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-core-debuginfo-8.0.0-150400.7.11.2 * libvirt-lock-sanlock-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-mpath-debuginfo-8.0.0-150400.7.11.2 * libvirt-lock-sanlock-8.0.0-150400.7.11.2 * libvirt-daemon-driver-qemu-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-core-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-iscsi-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-nodedev-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-iscsi-direct-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-iscsi-direct-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-scsi-8.0.0-150400.7.11.2 * libvirt-libs-debuginfo-8.0.0-150400.7.11.2 * libvirt-nss-8.0.0-150400.7.11.2 * libvirt-daemon-config-nwfilter-8.0.0-150400.7.11.2 * libvirt-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-logical-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-rbd-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-scsi-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-nodedev-debuginfo-8.0.0-150400.7.11.2 * libvirt-debugsource-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-disk-8.0.0-150400.7.11.2 * libvirt-daemon-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-config-network-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-rbd-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-interface-8.0.0-150400.7.11.2 * libvirt-client-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-8.0.0-150400.7.11.2 * libvirt-daemon-driver-network-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-qemu-8.0.0-150400.7.11.2 * libvirt-daemon-driver-network-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-logical-8.0.0-150400.7.11.2 * libvirt-daemon-driver-secret-8.0.0-150400.7.11.2 * libvirt-daemon-driver-nwfilter-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-mpath-8.0.0-150400.7.11.2 * libvirt-daemon-driver-interface-debuginfo-8.0.0-150400.7.11.2 * libvirt-devel-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-disk-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-hooks-8.0.0-150400.7.11.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * libvirt-doc-8.0.0-150400.7.11.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64) * libvirt-daemon-xen-8.0.0-150400.7.11.2 * libvirt-daemon-driver-libxl-8.0.0-150400.7.11.2 * libvirt-daemon-driver-libxl-debuginfo-8.0.0-150400.7.11.2 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * libvirt-libs-debuginfo-8.0.0-150400.7.11.2 * libvirt-debugsource-8.0.0-150400.7.11.2 * libvirt-libs-8.0.0-150400.7.11.2 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * libvirt-daemon-driver-qemu-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-secret-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-iscsi-8.0.0-150400.7.11.2 * libvirt-daemon-driver-nwfilter-debuginfo-8.0.0-150400.7.11.2 * libvirt-nss-debuginfo-8.0.0-150400.7.11.2 * libvirt-client-8.0.0-150400.7.11.2 * libvirt-libs-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-core-debuginfo-8.0.0-150400.7.11.2 * libvirt-lock-sanlock-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-mpath-debuginfo-8.0.0-150400.7.11.2 * libvirt-lock-sanlock-8.0.0-150400.7.11.2 * libvirt-daemon-driver-qemu-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-core-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-iscsi-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-nodedev-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-iscsi-direct-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-iscsi-direct-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-scsi-8.0.0-150400.7.11.2 * libvirt-libs-debuginfo-8.0.0-150400.7.11.2 * libvirt-nss-8.0.0-150400.7.11.2 * libvirt-daemon-config-nwfilter-8.0.0-150400.7.11.2 * libvirt-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-logical-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-scsi-debuginfo-8.0.0-150400.7.11.2 * libvirt-debugsource-8.0.0-150400.7.11.2 * libvirt-daemon-driver-nodedev-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-disk-8.0.0-150400.7.11.2 * libvirt-daemon-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-config-network-8.0.0-150400.7.11.2 * libvirt-daemon-driver-interface-8.0.0-150400.7.11.2 * libvirt-client-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-8.0.0-150400.7.11.2 * libvirt-daemon-driver-network-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-qemu-8.0.0-150400.7.11.2 * libvirt-daemon-driver-network-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-logical-8.0.0-150400.7.11.2 * libvirt-daemon-driver-secret-8.0.0-150400.7.11.2 * libvirt-daemon-driver-nwfilter-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-mpath-8.0.0-150400.7.11.2 * libvirt-daemon-driver-interface-debuginfo-8.0.0-150400.7.11.2 * libvirt-devel-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-disk-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-hooks-8.0.0-150400.7.11.2 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 x86_64) * libvirt-daemon-driver-storage-rbd-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-rbd-8.0.0-150400.7.11.2 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch) * libvirt-doc-8.0.0-150400.7.11.2 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (x86_64) * libvirt-daemon-xen-8.0.0-150400.7.11.2 * libvirt-daemon-driver-libxl-8.0.0-150400.7.11.2 * libvirt-daemon-driver-libxl-debuginfo-8.0.0-150400.7.11.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * libvirt-daemon-driver-qemu-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-secret-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-iscsi-8.0.0-150400.7.11.2 * libvirt-daemon-driver-nwfilter-debuginfo-8.0.0-150400.7.11.2 * libvirt-nss-debuginfo-8.0.0-150400.7.11.2 * libvirt-client-8.0.0-150400.7.11.2 * libvirt-libs-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-core-debuginfo-8.0.0-150400.7.11.2 * libvirt-lock-sanlock-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-mpath-debuginfo-8.0.0-150400.7.11.2 * libvirt-lock-sanlock-8.0.0-150400.7.11.2 * libvirt-daemon-driver-qemu-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-core-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-iscsi-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-nodedev-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-iscsi-direct-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-iscsi-direct-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-scsi-8.0.0-150400.7.11.2 * libvirt-libs-debuginfo-8.0.0-150400.7.11.2 * libvirt-nss-8.0.0-150400.7.11.2 * libvirt-daemon-config-nwfilter-8.0.0-150400.7.11.2 * libvirt-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-logical-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-scsi-debuginfo-8.0.0-150400.7.11.2 * libvirt-debugsource-8.0.0-150400.7.11.2 * libvirt-daemon-driver-nodedev-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-disk-8.0.0-150400.7.11.2 * libvirt-daemon-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-config-network-8.0.0-150400.7.11.2 * libvirt-daemon-driver-interface-8.0.0-150400.7.11.2 * libvirt-client-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-8.0.0-150400.7.11.2 * libvirt-daemon-driver-network-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-qemu-8.0.0-150400.7.11.2 * libvirt-daemon-driver-network-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-logical-8.0.0-150400.7.11.2 * libvirt-daemon-driver-secret-8.0.0-150400.7.11.2 * libvirt-daemon-driver-nwfilter-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-mpath-8.0.0-150400.7.11.2 * libvirt-daemon-driver-interface-debuginfo-8.0.0-150400.7.11.2 * libvirt-devel-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-disk-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-hooks-8.0.0-150400.7.11.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * libvirt-doc-8.0.0-150400.7.11.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64) * libvirt-daemon-driver-libxl-8.0.0-150400.7.11.2 * libvirt-daemon-driver-libxl-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-rbd-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-rbd-8.0.0-150400.7.11.2 * libvirt-daemon-xen-8.0.0-150400.7.11.2 * SUSE Manager Proxy 4.3 (x86_64) * libvirt-daemon-driver-qemu-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-secret-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-iscsi-8.0.0-150400.7.11.2 * libvirt-daemon-driver-nwfilter-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-libxl-debuginfo-8.0.0-150400.7.11.2 * libvirt-nss-debuginfo-8.0.0-150400.7.11.2 * libvirt-client-8.0.0-150400.7.11.2 * libvirt-libs-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-core-debuginfo-8.0.0-150400.7.11.2 * libvirt-lock-sanlock-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-mpath-debuginfo-8.0.0-150400.7.11.2 * libvirt-lock-sanlock-8.0.0-150400.7.11.2 * libvirt-daemon-driver-qemu-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-core-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-iscsi-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-nodedev-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-iscsi-direct-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-iscsi-direct-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-scsi-8.0.0-150400.7.11.2 * libvirt-libs-debuginfo-8.0.0-150400.7.11.2 * libvirt-nss-8.0.0-150400.7.11.2 * libvirt-daemon-config-nwfilter-8.0.0-150400.7.11.2 * libvirt-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-logical-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-rbd-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-scsi-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-nodedev-debuginfo-8.0.0-150400.7.11.2 * libvirt-debugsource-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-disk-8.0.0-150400.7.11.2 * libvirt-daemon-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-config-network-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-rbd-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-interface-8.0.0-150400.7.11.2 * libvirt-client-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-8.0.0-150400.7.11.2 * libvirt-daemon-driver-network-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-qemu-8.0.0-150400.7.11.2 * libvirt-daemon-driver-network-8.0.0-150400.7.11.2 * libvirt-daemon-xen-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-logical-8.0.0-150400.7.11.2 * libvirt-daemon-driver-secret-8.0.0-150400.7.11.2 * libvirt-daemon-driver-nwfilter-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-mpath-8.0.0-150400.7.11.2 * libvirt-daemon-driver-libxl-8.0.0-150400.7.11.2 * libvirt-daemon-driver-interface-debuginfo-8.0.0-150400.7.11.2 * libvirt-devel-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-disk-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-hooks-8.0.0-150400.7.11.2 * SUSE Manager Proxy 4.3 (noarch) * libvirt-doc-8.0.0-150400.7.11.2 * SUSE Manager Retail Branch Server 4.3 (x86_64) * libvirt-daemon-driver-qemu-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-secret-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-iscsi-8.0.0-150400.7.11.2 * libvirt-daemon-driver-nwfilter-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-libxl-debuginfo-8.0.0-150400.7.11.2 * libvirt-nss-debuginfo-8.0.0-150400.7.11.2 * libvirt-client-8.0.0-150400.7.11.2 * libvirt-libs-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-core-debuginfo-8.0.0-150400.7.11.2 * libvirt-lock-sanlock-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-mpath-debuginfo-8.0.0-150400.7.11.2 * libvirt-lock-sanlock-8.0.0-150400.7.11.2 * libvirt-daemon-driver-qemu-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-core-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-iscsi-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-nodedev-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-iscsi-direct-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-iscsi-direct-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-scsi-8.0.0-150400.7.11.2 * libvirt-libs-debuginfo-8.0.0-150400.7.11.2 * libvirt-nss-8.0.0-150400.7.11.2 * libvirt-daemon-config-nwfilter-8.0.0-150400.7.11.2 * libvirt-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-logical-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-rbd-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-scsi-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-nodedev-debuginfo-8.0.0-150400.7.11.2 * libvirt-debugsource-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-disk-8.0.0-150400.7.11.2 * libvirt-daemon-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-config-network-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-rbd-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-interface-8.0.0-150400.7.11.2 * libvirt-client-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-8.0.0-150400.7.11.2 * libvirt-daemon-driver-network-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-qemu-8.0.0-150400.7.11.2 * libvirt-daemon-driver-network-8.0.0-150400.7.11.2 * libvirt-daemon-xen-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-logical-8.0.0-150400.7.11.2 * libvirt-daemon-driver-secret-8.0.0-150400.7.11.2 * libvirt-daemon-driver-nwfilter-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-mpath-8.0.0-150400.7.11.2 * libvirt-daemon-driver-libxl-8.0.0-150400.7.11.2 * libvirt-daemon-driver-interface-debuginfo-8.0.0-150400.7.11.2 * libvirt-devel-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-disk-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-hooks-8.0.0-150400.7.11.2 * SUSE Manager Retail Branch Server 4.3 (noarch) * libvirt-doc-8.0.0-150400.7.11.2 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * libvirt-daemon-driver-qemu-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-secret-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-iscsi-8.0.0-150400.7.11.2 * libvirt-daemon-driver-nwfilter-debuginfo-8.0.0-150400.7.11.2 * libvirt-nss-debuginfo-8.0.0-150400.7.11.2 * libvirt-client-8.0.0-150400.7.11.2 * libvirt-libs-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-core-debuginfo-8.0.0-150400.7.11.2 * libvirt-lock-sanlock-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-mpath-debuginfo-8.0.0-150400.7.11.2 * libvirt-lock-sanlock-8.0.0-150400.7.11.2 * libvirt-daemon-driver-qemu-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-core-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-iscsi-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-nodedev-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-iscsi-direct-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-iscsi-direct-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-scsi-8.0.0-150400.7.11.2 * libvirt-libs-debuginfo-8.0.0-150400.7.11.2 * libvirt-nss-8.0.0-150400.7.11.2 * libvirt-daemon-config-nwfilter-8.0.0-150400.7.11.2 * libvirt-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-logical-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-scsi-debuginfo-8.0.0-150400.7.11.2 * libvirt-debugsource-8.0.0-150400.7.11.2 * libvirt-daemon-driver-nodedev-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-disk-8.0.0-150400.7.11.2 * libvirt-daemon-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-config-network-8.0.0-150400.7.11.2 * libvirt-daemon-driver-interface-8.0.0-150400.7.11.2 * libvirt-client-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-8.0.0-150400.7.11.2 * libvirt-daemon-driver-network-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-qemu-8.0.0-150400.7.11.2 * libvirt-daemon-driver-network-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-logical-8.0.0-150400.7.11.2 * libvirt-daemon-driver-secret-8.0.0-150400.7.11.2 * libvirt-daemon-driver-nwfilter-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-mpath-8.0.0-150400.7.11.2 * libvirt-daemon-driver-interface-debuginfo-8.0.0-150400.7.11.2 * libvirt-devel-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-disk-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-hooks-8.0.0-150400.7.11.2 * SUSE Manager Server 4.3 (noarch) * libvirt-doc-8.0.0-150400.7.11.2 * SUSE Manager Server 4.3 (x86_64) * libvirt-daemon-driver-libxl-8.0.0-150400.7.11.2 * libvirt-daemon-driver-libxl-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-rbd-debuginfo-8.0.0-150400.7.11.2 * libvirt-daemon-driver-storage-rbd-8.0.0-150400.7.11.2 * libvirt-daemon-xen-8.0.0-150400.7.11.2 ## References: * https://www.suse.com/security/cve/CVE-2024-2494.html * https://bugzilla.suse.com/show_bug.cgi?id=1221749 * https://bugzilla.suse.com/show_bug.cgi?id=1221815 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Apr 8 12:31:35 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 08 Apr 2024 12:31:35 -0000 Subject: SUSE-SU-2024:1099-1: moderate: Security update for libvirt Message-ID: <171257949532.20598.11677335485646768973@smelt2.prg2.suse.org> # Security update for libvirt Announcement ID: SUSE-SU-2024:1099-1 Rating: moderate References: * bsc#1214223 * bsc#1216980 * bsc#1220512 * bsc#1221237 * bsc#1221468 * bsc#1221815 Cross-References: * CVE-2024-1441 * CVE-2024-2494 * CVE-2024-2496 CVSS scores: * CVE-2024-1441 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-2494 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-2496 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.5 * Server Applications Module 15-SP5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves three vulnerabilities and has three security fixes can now be installed. ## Description: This update for libvirt fixes the following issues: * CVE-2024-2494: Add a check for negative array lengths before allocation to prevent potential DoS. (bsc#1221815) * CVE-2024-2496: Fixed NULL pointer dereference in udevConnectListAllInterfaces() (bsc#1221468). * CVE-2024-1441: Fix off-by-one error in udevListInterfacesByStatus (bsc#1221237) * qemu: domain: Fix logic when tainting domain (bsc#1220512) * conf: Remove some firmware validation checks (bsc#1216980) * libxl: Fix connection to modular network daemon (bsc#1214223) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-1099=1 openSUSE-SLE-15.5-2024-1099=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-1099=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-1099=1 * Server Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP5-2024-1099=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * libvirt-libs-debuginfo-9.0.0-150500.6.20.1 * libvirt-daemon-driver-storage-iscsi-direct-debuginfo-9.0.0-150500.6.20.1 * libvirt-daemon-driver-lxc-9.0.0-150500.6.20.1 * libvirt-daemon-lxc-9.0.0-150500.6.20.1 * libvirt-daemon-driver-nwfilter-debuginfo-9.0.0-150500.6.20.1 * libvirt-lock-sanlock-debuginfo-9.0.0-150500.6.20.1 * libvirt-daemon-driver-storage-scsi-debuginfo-9.0.0-150500.6.20.1 * libvirt-client-9.0.0-150500.6.20.1 * libvirt-daemon-debuginfo-9.0.0-150500.6.20.1 * libvirt-libs-9.0.0-150500.6.20.1 * libvirt-daemon-driver-storage-9.0.0-150500.6.20.1 * libvirt-daemon-driver-storage-scsi-9.0.0-150500.6.20.1 * libvirt-daemon-driver-storage-disk-debuginfo-9.0.0-150500.6.20.1 * libvirt-daemon-driver-storage-gluster-debuginfo-9.0.0-150500.6.20.1 * libvirt-daemon-driver-storage-iscsi-debuginfo-9.0.0-150500.6.20.1 * libvirt-lock-sanlock-9.0.0-150500.6.20.1 * libvirt-daemon-driver-storage-mpath-9.0.0-150500.6.20.1 * libvirt-daemon-driver-qemu-debuginfo-9.0.0-150500.6.20.1 * libvirt-daemon-driver-storage-iscsi-9.0.0-150500.6.20.1 * libvirt-daemon-driver-qemu-9.0.0-150500.6.20.1 * libvirt-daemon-driver-storage-logical-debuginfo-9.0.0-150500.6.20.1 * libvirt-daemon-driver-lxc-debuginfo-9.0.0-150500.6.20.1 * libvirt-daemon-hooks-9.0.0-150500.6.20.1 * libvirt-daemon-config-network-9.0.0-150500.6.20.1 * libvirt-daemon-driver-secret-9.0.0-150500.6.20.1 * libvirt-daemon-driver-storage-gluster-9.0.0-150500.6.20.1 * libvirt-daemon-driver-storage-iscsi-direct-9.0.0-150500.6.20.1 * libvirt-daemon-config-nwfilter-9.0.0-150500.6.20.1 * libvirt-daemon-driver-storage-core-debuginfo-9.0.0-150500.6.20.1 * libvirt-daemon-qemu-9.0.0-150500.6.20.1 * libvirt-debugsource-9.0.0-150500.6.20.1 * libvirt-daemon-driver-interface-9.0.0-150500.6.20.1 * libvirt-daemon-9.0.0-150500.6.20.1 * libvirt-nss-debuginfo-9.0.0-150500.6.20.1 * libvirt-client-debuginfo-9.0.0-150500.6.20.1 * libvirt-nss-9.0.0-150500.6.20.1 * libvirt-daemon-driver-network-debuginfo-9.0.0-150500.6.20.1 * libvirt-daemon-driver-network-9.0.0-150500.6.20.1 * libvirt-client-qemu-9.0.0-150500.6.20.1 * libvirt-9.0.0-150500.6.20.1 * libvirt-daemon-driver-nwfilter-9.0.0-150500.6.20.1 * libvirt-daemon-driver-secret-debuginfo-9.0.0-150500.6.20.1 * wireshark-plugin-libvirt-debuginfo-9.0.0-150500.6.20.1 * libvirt-daemon-driver-nodedev-9.0.0-150500.6.20.1 * libvirt-daemon-driver-nodedev-debuginfo-9.0.0-150500.6.20.1 * libvirt-daemon-driver-interface-debuginfo-9.0.0-150500.6.20.1 * wireshark-plugin-libvirt-9.0.0-150500.6.20.1 * libvirt-daemon-driver-storage-core-9.0.0-150500.6.20.1 * libvirt-daemon-driver-storage-logical-9.0.0-150500.6.20.1 * libvirt-daemon-driver-storage-mpath-debuginfo-9.0.0-150500.6.20.1 * libvirt-daemon-driver-storage-disk-9.0.0-150500.6.20.1 * libvirt-devel-9.0.0-150500.6.20.1 * openSUSE Leap 15.5 (x86_64) * libvirt-client-32bit-debuginfo-9.0.0-150500.6.20.1 * libvirt-daemon-driver-libxl-9.0.0-150500.6.20.1 * libvirt-devel-32bit-9.0.0-150500.6.20.1 * libvirt-daemon-xen-9.0.0-150500.6.20.1 * libvirt-daemon-driver-libxl-debuginfo-9.0.0-150500.6.20.1 * openSUSE Leap 15.5 (noarch) * libvirt-doc-9.0.0-150500.6.20.1 * openSUSE Leap 15.5 (aarch64 x86_64) * libvirt-daemon-driver-storage-rbd-debuginfo-9.0.0-150500.6.20.1 * libvirt-daemon-driver-storage-rbd-9.0.0-150500.6.20.1 * openSUSE Leap 15.5 (aarch64_ilp32) * libvirt-devel-64bit-9.0.0-150500.6.20.1 * libvirt-client-64bit-debuginfo-9.0.0-150500.6.20.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 s390x x86_64) * libvirt-libs-debuginfo-9.0.0-150500.6.20.1 * libvirt-daemon-driver-storage-iscsi-direct-debuginfo-9.0.0-150500.6.20.1 * libvirt-daemon-driver-nwfilter-debuginfo-9.0.0-150500.6.20.1 * libvirt-daemon-driver-storage-scsi-debuginfo-9.0.0-150500.6.20.1 * libvirt-daemon-debuginfo-9.0.0-150500.6.20.1 * libvirt-client-9.0.0-150500.6.20.1 * libvirt-libs-9.0.0-150500.6.20.1 * libvirt-daemon-driver-storage-9.0.0-150500.6.20.1 * libvirt-daemon-driver-storage-scsi-9.0.0-150500.6.20.1 * libvirt-daemon-driver-storage-disk-debuginfo-9.0.0-150500.6.20.1 * libvirt-daemon-driver-storage-iscsi-debuginfo-9.0.0-150500.6.20.1 * libvirt-daemon-driver-storage-mpath-9.0.0-150500.6.20.1 * libvirt-daemon-driver-qemu-debuginfo-9.0.0-150500.6.20.1 * libvirt-daemon-driver-storage-iscsi-9.0.0-150500.6.20.1 * libvirt-daemon-driver-qemu-9.0.0-150500.6.20.1 * libvirt-daemon-driver-storage-logical-debuginfo-9.0.0-150500.6.20.1 * libvirt-daemon-driver-secret-9.0.0-150500.6.20.1 * libvirt-daemon-driver-storage-iscsi-direct-9.0.0-150500.6.20.1 * libvirt-daemon-driver-storage-core-debuginfo-9.0.0-150500.6.20.1 * libvirt-daemon-qemu-9.0.0-150500.6.20.1 * libvirt-debugsource-9.0.0-150500.6.20.1 * libvirt-daemon-driver-interface-9.0.0-150500.6.20.1 * libvirt-daemon-9.0.0-150500.6.20.1 * libvirt-client-debuginfo-9.0.0-150500.6.20.1 * libvirt-daemon-driver-network-debuginfo-9.0.0-150500.6.20.1 * libvirt-daemon-driver-network-9.0.0-150500.6.20.1 * libvirt-daemon-driver-nwfilter-9.0.0-150500.6.20.1 * libvirt-daemon-driver-secret-debuginfo-9.0.0-150500.6.20.1 * libvirt-daemon-driver-nodedev-9.0.0-150500.6.20.1 * libvirt-daemon-driver-nodedev-debuginfo-9.0.0-150500.6.20.1 * libvirt-daemon-driver-interface-debuginfo-9.0.0-150500.6.20.1 * libvirt-daemon-driver-storage-core-9.0.0-150500.6.20.1 * libvirt-daemon-driver-storage-logical-9.0.0-150500.6.20.1 * libvirt-daemon-driver-storage-mpath-debuginfo-9.0.0-150500.6.20.1 * libvirt-daemon-driver-storage-disk-9.0.0-150500.6.20.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 x86_64) * libvirt-daemon-driver-storage-rbd-debuginfo-9.0.0-150500.6.20.1 * libvirt-daemon-driver-storage-rbd-9.0.0-150500.6.20.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * libvirt-libs-debuginfo-9.0.0-150500.6.20.1 * libvirt-debugsource-9.0.0-150500.6.20.1 * libvirt-libs-9.0.0-150500.6.20.1 * Server Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * libvirt-daemon-driver-storage-iscsi-direct-debuginfo-9.0.0-150500.6.20.1 * libvirt-daemon-driver-nwfilter-debuginfo-9.0.0-150500.6.20.1 * libvirt-lock-sanlock-debuginfo-9.0.0-150500.6.20.1 * libvirt-daemon-driver-storage-scsi-debuginfo-9.0.0-150500.6.20.1 * libvirt-client-9.0.0-150500.6.20.1 * libvirt-daemon-debuginfo-9.0.0-150500.6.20.1 * libvirt-daemon-driver-storage-9.0.0-150500.6.20.1 * libvirt-daemon-driver-storage-scsi-9.0.0-150500.6.20.1 * libvirt-daemon-driver-storage-disk-debuginfo-9.0.0-150500.6.20.1 * libvirt-lock-sanlock-9.0.0-150500.6.20.1 * libvirt-daemon-driver-storage-iscsi-debuginfo-9.0.0-150500.6.20.1 * libvirt-daemon-driver-storage-mpath-9.0.0-150500.6.20.1 * libvirt-daemon-driver-qemu-debuginfo-9.0.0-150500.6.20.1 * libvirt-daemon-driver-storage-iscsi-9.0.0-150500.6.20.1 * libvirt-daemon-driver-qemu-9.0.0-150500.6.20.1 * libvirt-daemon-driver-storage-logical-debuginfo-9.0.0-150500.6.20.1 * libvirt-daemon-hooks-9.0.0-150500.6.20.1 * libvirt-daemon-config-network-9.0.0-150500.6.20.1 * libvirt-daemon-driver-secret-9.0.0-150500.6.20.1 * libvirt-daemon-driver-storage-iscsi-direct-9.0.0-150500.6.20.1 * libvirt-daemon-config-nwfilter-9.0.0-150500.6.20.1 * libvirt-daemon-driver-storage-core-debuginfo-9.0.0-150500.6.20.1 * libvirt-daemon-qemu-9.0.0-150500.6.20.1 * libvirt-debugsource-9.0.0-150500.6.20.1 * libvirt-daemon-driver-interface-9.0.0-150500.6.20.1 * libvirt-daemon-9.0.0-150500.6.20.1 * libvirt-nss-debuginfo-9.0.0-150500.6.20.1 * libvirt-client-debuginfo-9.0.0-150500.6.20.1 * libvirt-nss-9.0.0-150500.6.20.1 * libvirt-daemon-driver-network-debuginfo-9.0.0-150500.6.20.1 * libvirt-daemon-driver-network-9.0.0-150500.6.20.1 * libvirt-client-qemu-9.0.0-150500.6.20.1 * libvirt-9.0.0-150500.6.20.1 * libvirt-daemon-driver-nwfilter-9.0.0-150500.6.20.1 * libvirt-daemon-driver-secret-debuginfo-9.0.0-150500.6.20.1 * libvirt-daemon-driver-nodedev-9.0.0-150500.6.20.1 * libvirt-daemon-driver-nodedev-debuginfo-9.0.0-150500.6.20.1 * libvirt-daemon-driver-interface-debuginfo-9.0.0-150500.6.20.1 * libvirt-daemon-driver-storage-core-9.0.0-150500.6.20.1 * libvirt-daemon-driver-storage-logical-9.0.0-150500.6.20.1 * libvirt-daemon-driver-storage-mpath-debuginfo-9.0.0-150500.6.20.1 * libvirt-daemon-driver-storage-disk-9.0.0-150500.6.20.1 * libvirt-devel-9.0.0-150500.6.20.1 * Server Applications Module 15-SP5 (aarch64 x86_64) * libvirt-daemon-driver-storage-rbd-debuginfo-9.0.0-150500.6.20.1 * libvirt-daemon-driver-storage-rbd-9.0.0-150500.6.20.1 * Server Applications Module 15-SP5 (noarch) * libvirt-doc-9.0.0-150500.6.20.1 * Server Applications Module 15-SP5 (x86_64) * libvirt-daemon-driver-libxl-debuginfo-9.0.0-150500.6.20.1 * libvirt-daemon-driver-libxl-9.0.0-150500.6.20.1 * libvirt-daemon-xen-9.0.0-150500.6.20.1 ## References: * https://www.suse.com/security/cve/CVE-2024-1441.html * https://www.suse.com/security/cve/CVE-2024-2494.html * https://www.suse.com/security/cve/CVE-2024-2496.html * https://bugzilla.suse.com/show_bug.cgi?id=1214223 * https://bugzilla.suse.com/show_bug.cgi?id=1216980 * https://bugzilla.suse.com/show_bug.cgi?id=1220512 * https://bugzilla.suse.com/show_bug.cgi?id=1221237 * https://bugzilla.suse.com/show_bug.cgi?id=1221468 * https://bugzilla.suse.com/show_bug.cgi?id=1221815 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Apr 8 16:30:05 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 08 Apr 2024 16:30:05 -0000 Subject: SUSE-SU-2024:1167-1: important: Security update for nghttp2 Message-ID: <171259380583.6967.11788317637830710971@smelt2.prg2.suse.org> # Security update for nghttp2 Announcement ID: SUSE-SU-2024:1167-1 Rating: important References: * bsc#1221399 Cross-References: * CVE-2024-28182 CVSS scores: * CVE-2024-28182 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.5 * openSUSE Leap Micro 5.3 * openSUSE Leap Micro 5.4 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for nghttp2 fixes the following issues: * CVE-2024-28182: Fixed denial of service via http/2 continuation frames (bsc#1221399) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap Micro 5.3 zypper in -t patch openSUSE-Leap-Micro-5.3-2024-1167=1 * openSUSE Leap Micro 5.4 zypper in -t patch openSUSE-Leap-Micro-5.4-2024-1167=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1167=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-1167=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-1167=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-1167=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-1167=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-1167=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-1167=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-1167=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-1167=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-1167=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-1167=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-1167=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-1167=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-1167=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-1167=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-1167=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-1167=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-1167=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-1167=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-1167=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-1167=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-1167=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-1167=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-1167=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-1167=1 ## Package List: * openSUSE Leap Micro 5.3 (aarch64 x86_64) * libnghttp2-14-debuginfo-1.40.0-150200.17.1 * libnghttp2-14-1.40.0-150200.17.1 * nghttp2-debugsource-1.40.0-150200.17.1 * nghttp2-debuginfo-1.40.0-150200.17.1 * openSUSE Leap Micro 5.4 (aarch64 s390x x86_64) * libnghttp2-14-debuginfo-1.40.0-150200.17.1 * libnghttp2-14-1.40.0-150200.17.1 * nghttp2-debugsource-1.40.0-150200.17.1 * nghttp2-debuginfo-1.40.0-150200.17.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * nghttp2-python-debugsource-1.40.0-150200.17.1 * libnghttp2-14-1.40.0-150200.17.1 * libnghttp2-14-debuginfo-1.40.0-150200.17.1 * libnghttp2_asio1-debuginfo-1.40.0-150200.17.1 * libnghttp2_asio1-1.40.0-150200.17.1 * nghttp2-1.40.0-150200.17.1 * nghttp2-debugsource-1.40.0-150200.17.1 * nghttp2-debuginfo-1.40.0-150200.17.1 * libnghttp2_asio-devel-1.40.0-150200.17.1 * python3-nghttp2-1.40.0-150200.17.1 * python3-nghttp2-debuginfo-1.40.0-150200.17.1 * libnghttp2-devel-1.40.0-150200.17.1 * openSUSE Leap 15.5 (x86_64) * libnghttp2-14-32bit-1.40.0-150200.17.1 * libnghttp2_asio1-32bit-1.40.0-150200.17.1 * libnghttp2_asio1-32bit-debuginfo-1.40.0-150200.17.1 * libnghttp2-14-32bit-debuginfo-1.40.0-150200.17.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * libnghttp2-14-debuginfo-1.40.0-150200.17.1 * libnghttp2-14-1.40.0-150200.17.1 * nghttp2-debugsource-1.40.0-150200.17.1 * nghttp2-debuginfo-1.40.0-150200.17.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * libnghttp2-14-debuginfo-1.40.0-150200.17.1 * libnghttp2-14-1.40.0-150200.17.1 * nghttp2-debugsource-1.40.0-150200.17.1 * nghttp2-debuginfo-1.40.0-150200.17.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * libnghttp2-14-debuginfo-1.40.0-150200.17.1 * libnghttp2-14-1.40.0-150200.17.1 * nghttp2-debugsource-1.40.0-150200.17.1 * nghttp2-debuginfo-1.40.0-150200.17.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * libnghttp2-14-debuginfo-1.40.0-150200.17.1 * libnghttp2-14-1.40.0-150200.17.1 * nghttp2-debugsource-1.40.0-150200.17.1 * nghttp2-debuginfo-1.40.0-150200.17.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 s390x x86_64) * libnghttp2-14-debuginfo-1.40.0-150200.17.1 * libnghttp2-14-1.40.0-150200.17.1 * nghttp2-debugsource-1.40.0-150200.17.1 * nghttp2-debuginfo-1.40.0-150200.17.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * libnghttp2-14-1.40.0-150200.17.1 * libnghttp2-14-debuginfo-1.40.0-150200.17.1 * libnghttp2_asio1-debuginfo-1.40.0-150200.17.1 * libnghttp2_asio1-1.40.0-150200.17.1 * nghttp2-debugsource-1.40.0-150200.17.1 * nghttp2-debuginfo-1.40.0-150200.17.1 * libnghttp2_asio-devel-1.40.0-150200.17.1 * libnghttp2-devel-1.40.0-150200.17.1 * Basesystem Module 15-SP5 (x86_64) * libnghttp2-14-32bit-1.40.0-150200.17.1 * libnghttp2-14-32bit-debuginfo-1.40.0-150200.17.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * libnghttp2-14-1.40.0-150200.17.1 * libnghttp2-14-debuginfo-1.40.0-150200.17.1 * libnghttp2_asio1-debuginfo-1.40.0-150200.17.1 * libnghttp2_asio1-1.40.0-150200.17.1 * nghttp2-debugsource-1.40.0-150200.17.1 * nghttp2-debuginfo-1.40.0-150200.17.1 * libnghttp2_asio-devel-1.40.0-150200.17.1 * libnghttp2-devel-1.40.0-150200.17.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (x86_64) * libnghttp2-14-32bit-1.40.0-150200.17.1 * libnghttp2-14-32bit-debuginfo-1.40.0-150200.17.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * libnghttp2-14-1.40.0-150200.17.1 * libnghttp2-14-debuginfo-1.40.0-150200.17.1 * libnghttp2_asio1-debuginfo-1.40.0-150200.17.1 * libnghttp2_asio1-1.40.0-150200.17.1 * nghttp2-debugsource-1.40.0-150200.17.1 * nghttp2-debuginfo-1.40.0-150200.17.1 * libnghttp2_asio-devel-1.40.0-150200.17.1 * libnghttp2-devel-1.40.0-150200.17.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (x86_64) * libnghttp2-14-32bit-1.40.0-150200.17.1 * libnghttp2-14-32bit-debuginfo-1.40.0-150200.17.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * libnghttp2-14-1.40.0-150200.17.1 * libnghttp2-14-debuginfo-1.40.0-150200.17.1 * libnghttp2_asio1-debuginfo-1.40.0-150200.17.1 * libnghttp2_asio1-1.40.0-150200.17.1 * nghttp2-debugsource-1.40.0-150200.17.1 * nghttp2-debuginfo-1.40.0-150200.17.1 * libnghttp2_asio-devel-1.40.0-150200.17.1 * libnghttp2-devel-1.40.0-150200.17.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64) * libnghttp2-14-32bit-1.40.0-150200.17.1 * libnghttp2-14-32bit-debuginfo-1.40.0-150200.17.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * libnghttp2-14-1.40.0-150200.17.1 * libnghttp2-14-debuginfo-1.40.0-150200.17.1 * libnghttp2_asio1-debuginfo-1.40.0-150200.17.1 * libnghttp2_asio1-1.40.0-150200.17.1 * nghttp2-debugsource-1.40.0-150200.17.1 * nghttp2-debuginfo-1.40.0-150200.17.1 * libnghttp2_asio-devel-1.40.0-150200.17.1 * libnghttp2-devel-1.40.0-150200.17.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64) * libnghttp2-14-32bit-1.40.0-150200.17.1 * libnghttp2-14-32bit-debuginfo-1.40.0-150200.17.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * libnghttp2-14-32bit-1.40.0-150200.17.1 * libnghttp2-14-1.40.0-150200.17.1 * libnghttp2-14-debuginfo-1.40.0-150200.17.1 * libnghttp2_asio1-debuginfo-1.40.0-150200.17.1 * libnghttp2_asio1-1.40.0-150200.17.1 * nghttp2-debugsource-1.40.0-150200.17.1 * nghttp2-debuginfo-1.40.0-150200.17.1 * libnghttp2_asio-devel-1.40.0-150200.17.1 * libnghttp2-14-32bit-debuginfo-1.40.0-150200.17.1 * libnghttp2-devel-1.40.0-150200.17.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * libnghttp2-14-1.40.0-150200.17.1 * libnghttp2-14-debuginfo-1.40.0-150200.17.1 * libnghttp2_asio1-debuginfo-1.40.0-150200.17.1 * libnghttp2_asio1-1.40.0-150200.17.1 * nghttp2-debugsource-1.40.0-150200.17.1 * nghttp2-debuginfo-1.40.0-150200.17.1 * libnghttp2_asio-devel-1.40.0-150200.17.1 * libnghttp2-devel-1.40.0-150200.17.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (x86_64) * libnghttp2-14-32bit-1.40.0-150200.17.1 * libnghttp2-14-32bit-debuginfo-1.40.0-150200.17.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * libnghttp2-14-1.40.0-150200.17.1 * libnghttp2-14-debuginfo-1.40.0-150200.17.1 * libnghttp2_asio1-debuginfo-1.40.0-150200.17.1 * libnghttp2_asio1-1.40.0-150200.17.1 * nghttp2-debugsource-1.40.0-150200.17.1 * nghttp2-debuginfo-1.40.0-150200.17.1 * libnghttp2_asio-devel-1.40.0-150200.17.1 * libnghttp2-devel-1.40.0-150200.17.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (x86_64) * libnghttp2-14-32bit-1.40.0-150200.17.1 * libnghttp2-14-32bit-debuginfo-1.40.0-150200.17.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * libnghttp2-14-1.40.0-150200.17.1 * libnghttp2-14-debuginfo-1.40.0-150200.17.1 * libnghttp2_asio1-debuginfo-1.40.0-150200.17.1 * libnghttp2_asio1-1.40.0-150200.17.1 * nghttp2-debugsource-1.40.0-150200.17.1 * nghttp2-debuginfo-1.40.0-150200.17.1 * libnghttp2_asio-devel-1.40.0-150200.17.1 * libnghttp2-devel-1.40.0-150200.17.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (x86_64) * libnghttp2-14-32bit-1.40.0-150200.17.1 * libnghttp2-14-32bit-debuginfo-1.40.0-150200.17.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * libnghttp2-14-1.40.0-150200.17.1 * libnghttp2-14-debuginfo-1.40.0-150200.17.1 * libnghttp2_asio1-debuginfo-1.40.0-150200.17.1 * libnghttp2_asio1-1.40.0-150200.17.1 * nghttp2-debugsource-1.40.0-150200.17.1 * nghttp2-debuginfo-1.40.0-150200.17.1 * libnghttp2_asio-devel-1.40.0-150200.17.1 * libnghttp2-devel-1.40.0-150200.17.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (x86_64) * libnghttp2-14-32bit-1.40.0-150200.17.1 * libnghttp2-14-32bit-debuginfo-1.40.0-150200.17.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * libnghttp2-14-1.40.0-150200.17.1 * libnghttp2-14-debuginfo-1.40.0-150200.17.1 * libnghttp2_asio1-debuginfo-1.40.0-150200.17.1 * libnghttp2_asio1-1.40.0-150200.17.1 * nghttp2-debugsource-1.40.0-150200.17.1 * nghttp2-debuginfo-1.40.0-150200.17.1 * libnghttp2_asio-devel-1.40.0-150200.17.1 * libnghttp2-devel-1.40.0-150200.17.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (x86_64) * libnghttp2-14-32bit-1.40.0-150200.17.1 * libnghttp2-14-32bit-debuginfo-1.40.0-150200.17.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * libnghttp2-14-1.40.0-150200.17.1 * libnghttp2-14-debuginfo-1.40.0-150200.17.1 * libnghttp2_asio1-debuginfo-1.40.0-150200.17.1 * libnghttp2_asio1-1.40.0-150200.17.1 * nghttp2-debugsource-1.40.0-150200.17.1 * nghttp2-debuginfo-1.40.0-150200.17.1 * libnghttp2_asio-devel-1.40.0-150200.17.1 * libnghttp2-devel-1.40.0-150200.17.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64) * libnghttp2-14-32bit-1.40.0-150200.17.1 * libnghttp2-14-32bit-debuginfo-1.40.0-150200.17.1 * SUSE Manager Proxy 4.3 (x86_64) * libnghttp2-14-32bit-1.40.0-150200.17.1 * libnghttp2-14-1.40.0-150200.17.1 * libnghttp2-14-debuginfo-1.40.0-150200.17.1 * libnghttp2_asio1-debuginfo-1.40.0-150200.17.1 * libnghttp2_asio1-1.40.0-150200.17.1 * nghttp2-debugsource-1.40.0-150200.17.1 * nghttp2-debuginfo-1.40.0-150200.17.1 * libnghttp2_asio-devel-1.40.0-150200.17.1 * libnghttp2-14-32bit-debuginfo-1.40.0-150200.17.1 * libnghttp2-devel-1.40.0-150200.17.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * libnghttp2-14-32bit-1.40.0-150200.17.1 * libnghttp2-14-1.40.0-150200.17.1 * libnghttp2-14-debuginfo-1.40.0-150200.17.1 * libnghttp2_asio1-debuginfo-1.40.0-150200.17.1 * libnghttp2_asio1-1.40.0-150200.17.1 * nghttp2-debugsource-1.40.0-150200.17.1 * nghttp2-debuginfo-1.40.0-150200.17.1 * libnghttp2_asio-devel-1.40.0-150200.17.1 * libnghttp2-14-32bit-debuginfo-1.40.0-150200.17.1 * libnghttp2-devel-1.40.0-150200.17.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * libnghttp2-14-1.40.0-150200.17.1 * libnghttp2-14-debuginfo-1.40.0-150200.17.1 * libnghttp2_asio1-debuginfo-1.40.0-150200.17.1 * libnghttp2_asio1-1.40.0-150200.17.1 * nghttp2-debugsource-1.40.0-150200.17.1 * nghttp2-debuginfo-1.40.0-150200.17.1 * libnghttp2_asio-devel-1.40.0-150200.17.1 * libnghttp2-devel-1.40.0-150200.17.1 * SUSE Manager Server 4.3 (x86_64) * libnghttp2-14-32bit-1.40.0-150200.17.1 * libnghttp2-14-32bit-debuginfo-1.40.0-150200.17.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * libnghttp2-14-1.40.0-150200.17.1 * libnghttp2-14-debuginfo-1.40.0-150200.17.1 * libnghttp2_asio1-debuginfo-1.40.0-150200.17.1 * libnghttp2_asio1-1.40.0-150200.17.1 * nghttp2-debugsource-1.40.0-150200.17.1 * nghttp2-debuginfo-1.40.0-150200.17.1 * libnghttp2_asio-devel-1.40.0-150200.17.1 * libnghttp2-devel-1.40.0-150200.17.1 * SUSE Enterprise Storage 7.1 (x86_64) * libnghttp2-14-32bit-1.40.0-150200.17.1 * libnghttp2-14-32bit-debuginfo-1.40.0-150200.17.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * libnghttp2-14-debuginfo-1.40.0-150200.17.1 * libnghttp2-14-1.40.0-150200.17.1 * nghttp2-debugsource-1.40.0-150200.17.1 * nghttp2-debuginfo-1.40.0-150200.17.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * libnghttp2-14-debuginfo-1.40.0-150200.17.1 * libnghttp2-14-1.40.0-150200.17.1 * nghttp2-debugsource-1.40.0-150200.17.1 * nghttp2-debuginfo-1.40.0-150200.17.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * libnghttp2-14-debuginfo-1.40.0-150200.17.1 * libnghttp2-14-1.40.0-150200.17.1 * nghttp2-debugsource-1.40.0-150200.17.1 * nghttp2-debuginfo-1.40.0-150200.17.1 ## References: * https://www.suse.com/security/cve/CVE-2024-28182.html * https://bugzilla.suse.com/show_bug.cgi?id=1221399 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Apr 8 16:30:09 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 08 Apr 2024 16:30:09 -0000 Subject: SUSE-SU-2024:1166-1: moderate: Security update for kubernetes1.23 Message-ID: <171259380936.6967.11755199077214769481@smelt2.prg2.suse.org> # Security update for kubernetes1.23 Announcement ID: SUSE-SU-2024:1166-1 Rating: moderate References: * bsc#1219964 Cross-References: * CVE-2024-0793 CVSS scores: * CVE-2024-0793 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H Affected Products: * Containers Module 15-SP5 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for kubernetes1.23 fixes the following issues: * Upgrade from v1.26.9 to v1.26.14 * CVE-2024-0793: Fixed a DoS caused via a malformed HPA v1 manifest. (bsc#1219964) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-1166=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1166=1 * Containers Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Containers-15-SP5-2024-1166=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64) * kubernetes1.26-client-common-1.26.14-150400.9.6.1 * kubernetes1.26-proxy-1.26.14-150400.9.6.1 * kubernetes1.26-controller-manager-1.26.14-150400.9.6.1 * kubernetes1.26-kubelet-1.26.14-150400.9.6.1 * kubernetes1.26-client-1.26.14-150400.9.6.1 * kubernetes1.26-kubeadm-1.26.14-150400.9.6.1 * kubernetes1.26-scheduler-1.26.14-150400.9.6.1 * kubernetes1.26-apiserver-1.26.14-150400.9.6.1 * kubernetes1.26-kubelet-common-1.26.14-150400.9.6.1 * openSUSE Leap 15.4 (noarch) * kubernetes1.26-client-bash-completion-1.26.14-150400.9.6.1 * kubernetes1.26-client-fish-completion-1.26.14-150400.9.6.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * kubernetes1.26-client-1.26.14-150400.9.6.1 * kubernetes1.26-client-common-1.26.14-150400.9.6.1 * Containers Module 15-SP5 (aarch64 ppc64le s390x x86_64) * kubernetes1.26-client-1.26.14-150400.9.6.1 * kubernetes1.26-client-common-1.26.14-150400.9.6.1 ## References: * https://www.suse.com/security/cve/CVE-2024-0793.html * https://bugzilla.suse.com/show_bug.cgi?id=1219964 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Apr 8 16:30:11 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 08 Apr 2024 16:30:11 -0000 Subject: SUSE-SU-2024:1165-1: moderate: Security update for kubernetes1.23 Message-ID: <171259381132.6967.5698238330731296828@smelt2.prg2.suse.org> # Security update for kubernetes1.23 Announcement ID: SUSE-SU-2024:1165-1 Rating: moderate References: * bsc#1062303 * bsc#1219964 Cross-References: * CVE-2024-0793 CVSS scores: * CVE-2024-0793 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H Affected Products: * Containers Module 15-SP5 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for kubernetes1.23 fixes the following issues: * Upgrade from v1.25.14 to v1.25.16 * CVE-2024-0793: Fixed a DoS caused via a malformed HPA v1 manifest. (bsc#1219964) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Containers Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Containers-15-SP5-2024-1165=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-1165=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1165=1 ## Package List: * Containers Module 15-SP5 (aarch64 ppc64le s390x x86_64) * kubernetes1.25-client-1.25.16-150400.9.6.1 * kubernetes1.25-client-common-1.25.16-150400.9.6.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64) * kubernetes1.25-apiserver-1.25.16-150400.9.6.1 * kubernetes1.25-proxy-1.25.16-150400.9.6.1 * kubernetes1.25-client-1.25.16-150400.9.6.1 * kubernetes1.25-kubeadm-1.25.16-150400.9.6.1 * kubernetes1.25-scheduler-1.25.16-150400.9.6.1 * kubernetes1.25-kubelet-common-1.25.16-150400.9.6.1 * kubernetes1.25-client-common-1.25.16-150400.9.6.1 * kubernetes1.25-controller-manager-1.25.16-150400.9.6.1 * kubernetes1.25-kubelet-1.25.16-150400.9.6.1 * openSUSE Leap 15.4 (noarch) * kubernetes1.25-client-bash-completion-1.25.16-150400.9.6.1 * kubernetes1.25-client-fish-completion-1.25.16-150400.9.6.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * kubernetes1.25-client-1.25.16-150400.9.6.1 * kubernetes1.25-client-common-1.25.16-150400.9.6.1 ## References: * https://www.suse.com/security/cve/CVE-2024-0793.html * https://bugzilla.suse.com/show_bug.cgi?id=1062303 * https://bugzilla.suse.com/show_bug.cgi?id=1219964 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Apr 8 16:30:13 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 08 Apr 2024 16:30:13 -0000 Subject: SUSE-SU-2024:1164-1: moderate: Security update for kubernetes1.23 Message-ID: <171259381312.6967.12579004229938427541@smelt2.prg2.suse.org> # Security update for kubernetes1.23 Announcement ID: SUSE-SU-2024:1164-1 Rating: moderate References: * bsc#1219964 Cross-References: * CVE-2024-0793 CVSS scores: * CVE-2024-0793 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H Affected Products: * Containers Module 15-SP5 * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for kubernetes1.23 fixes the following issues: * CVE-2024-0793: Fixed a DoS caused via a malformed HPA v1 manifest. (bsc#1219964) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-1164=1 openSUSE-SLE-15.5-2024-1164=1 * Containers Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Containers-15-SP5-2024-1164=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * kubernetes1.24-client-1.24.17-150500.3.13.1 * kubernetes1.24-kubeadm-1.24.17-150500.3.13.1 * kubernetes1.24-kubelet-common-1.24.17-150500.3.13.1 * kubernetes1.24-kubelet-1.24.17-150500.3.13.1 * kubernetes1.24-controller-manager-1.24.17-150500.3.13.1 * kubernetes1.24-client-common-1.24.17-150500.3.13.1 * kubernetes1.24-apiserver-1.24.17-150500.3.13.1 * kubernetes1.24-proxy-1.24.17-150500.3.13.1 * kubernetes1.24-scheduler-1.24.17-150500.3.13.1 * openSUSE Leap 15.5 (noarch) * kubernetes1.24-client-bash-completion-1.24.17-150500.3.13.1 * kubernetes1.24-client-fish-completion-1.24.17-150500.3.13.1 * Containers Module 15-SP5 (aarch64 ppc64le s390x x86_64) * kubernetes1.24-client-1.24.17-150500.3.13.1 * kubernetes1.24-client-common-1.24.17-150500.3.13.1 ## References: * https://www.suse.com/security/cve/CVE-2024-0793.html * https://bugzilla.suse.com/show_bug.cgi?id=1219964 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Apr 8 16:30:15 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 08 Apr 2024 16:30:15 -0000 Subject: SUSE-SU-2024:1163-1: moderate: Security update for kubernetes1.23 Message-ID: <171259381505.6967.8211038158058511880@smelt2.prg2.suse.org> # Security update for kubernetes1.23 Announcement ID: SUSE-SU-2024:1163-1 Rating: moderate References: * bsc#1219964 Cross-References: * CVE-2024-0793 CVSS scores: * CVE-2024-0793 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H Affected Products: * Containers Module 15-SP5 * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for kubernetes1.23 fixes the following issues: * CVE-2024-0793: Fixed a DoS caused via a malformed HPA v1 manifest. (bsc#1219964) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-1163=1 openSUSE-SLE-15.5-2024-1163=1 * Containers Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Containers-15-SP5-2024-1163=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * kubernetes1.23-apiserver-1.23.17-150500.3.9.1 * kubernetes1.23-client-1.23.17-150500.3.9.1 * kubernetes1.23-proxy-1.23.17-150500.3.9.1 * kubernetes1.23-scheduler-1.23.17-150500.3.9.1 * kubernetes1.23-kubeadm-1.23.17-150500.3.9.1 * kubernetes1.23-kubelet-1.23.17-150500.3.9.1 * kubernetes1.23-controller-manager-1.23.17-150500.3.9.1 * kubernetes1.23-client-common-1.23.17-150500.3.9.1 * kubernetes1.23-kubelet-common-1.23.17-150500.3.9.1 * openSUSE Leap 15.5 (noarch) * kubernetes1.23-client-fish-completion-1.23.17-150500.3.9.1 * kubernetes1.23-client-bash-completion-1.23.17-150500.3.9.1 * openSUSE Leap 15.5 (ppc64le) * kubernetes1.23-apiserver-debuginfo-1.23.17-150500.3.9.1 * kubernetes1.23-proxy-debuginfo-1.23.17-150500.3.9.1 * kubernetes1.23-kubeadm-debuginfo-1.23.17-150500.3.9.1 * kubernetes1.23-scheduler-debuginfo-1.23.17-150500.3.9.1 * kubernetes1.23-controller-manager-debuginfo-1.23.17-150500.3.9.1 * kubernetes1.23-client-debuginfo-1.23.17-150500.3.9.1 * kubernetes1.23-kubelet-debuginfo-1.23.17-150500.3.9.1 * Containers Module 15-SP5 (aarch64 ppc64le s390x x86_64) * kubernetes1.23-client-1.23.17-150500.3.9.1 * kubernetes1.23-client-common-1.23.17-150500.3.9.1 * Containers Module 15-SP5 (ppc64le) * kubernetes1.23-client-debuginfo-1.23.17-150500.3.9.1 ## References: * https://www.suse.com/security/cve/CVE-2024-0793.html * https://bugzilla.suse.com/show_bug.cgi?id=1219964 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Apr 9 08:30:05 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 09 Apr 2024 08:30:05 -0000 Subject: SUSE-SU-2024:1172-1: important: Security update for util-linux Message-ID: <171265140501.16551.14071511966458084407@smelt2.prg2.suse.org> # Security update for util-linux Announcement ID: SUSE-SU-2024:1172-1 Rating: important References: * bsc#1207987 * bsc#1221831 Cross-References: * CVE-2024-28085 CVSS scores: * CVE-2024-28085 ( SUSE ): 8.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.5 * Server Applications Module 15-SP5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for util-linux fixes the following issues: * CVE-2024-28085: Properly neutralize escape sequences in wall. (bsc#1221831) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-1172=1 openSUSE-SLE-15.5-2024-1172=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-1172=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-1172=1 * Server Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP5-2024-1172=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * libmount-devel-static-2.37.4-150500.9.6.1 * libblkid1-debuginfo-2.37.4-150500.9.6.1 * libfdisk1-2.37.4-150500.9.6.1 * libfdisk-devel-static-2.37.4-150500.9.6.1 * libuuid-devel-static-2.37.4-150500.9.6.1 * libsmartcols1-debuginfo-2.37.4-150500.9.6.1 * util-linux-systemd-debuginfo-2.37.4-150500.9.6.1 * uuidd-2.37.4-150500.9.6.1 * libuuid1-2.37.4-150500.9.6.1 * python3-libmount-2.37.4-150500.9.6.1 * python3-libmount-debugsource-2.37.4-150500.9.6.1 * libuuid-devel-2.37.4-150500.9.6.1 * util-linux-2.37.4-150500.9.6.1 * util-linux-debuginfo-2.37.4-150500.9.6.1 * libfdisk1-debuginfo-2.37.4-150500.9.6.1 * libuuid1-debuginfo-2.37.4-150500.9.6.1 * uuidd-debuginfo-2.37.4-150500.9.6.1 * libmount1-debuginfo-2.37.4-150500.9.6.1 * util-linux-debugsource-2.37.4-150500.9.6.1 * util-linux-systemd-2.37.4-150500.9.6.1 * util-linux-systemd-debugsource-2.37.4-150500.9.6.1 * libsmartcols1-2.37.4-150500.9.6.1 * libsmartcols-devel-2.37.4-150500.9.6.1 * libblkid-devel-2.37.4-150500.9.6.1 * python3-libmount-debuginfo-2.37.4-150500.9.6.1 * libsmartcols-devel-static-2.37.4-150500.9.6.1 * libblkid-devel-static-2.37.4-150500.9.6.1 * libblkid1-2.37.4-150500.9.6.1 * libfdisk-devel-2.37.4-150500.9.6.1 * libmount1-2.37.4-150500.9.6.1 * libmount-devel-2.37.4-150500.9.6.1 * openSUSE Leap 15.5 (x86_64) * libmount1-32bit-debuginfo-2.37.4-150500.9.6.1 * libuuid-devel-32bit-2.37.4-150500.9.6.1 * libfdisk1-32bit-2.37.4-150500.9.6.1 * libmount-devel-32bit-2.37.4-150500.9.6.1 * libsmartcols1-32bit-debuginfo-2.37.4-150500.9.6.1 * libfdisk-devel-32bit-2.37.4-150500.9.6.1 * libmount1-32bit-2.37.4-150500.9.6.1 * libsmartcols1-32bit-2.37.4-150500.9.6.1 * libblkid1-32bit-debuginfo-2.37.4-150500.9.6.1 * libblkid-devel-32bit-2.37.4-150500.9.6.1 * libuuid1-32bit-2.37.4-150500.9.6.1 * libsmartcols-devel-32bit-2.37.4-150500.9.6.1 * libblkid1-32bit-2.37.4-150500.9.6.1 * libuuid1-32bit-debuginfo-2.37.4-150500.9.6.1 * libfdisk1-32bit-debuginfo-2.37.4-150500.9.6.1 * openSUSE Leap 15.5 (noarch) * util-linux-lang-2.37.4-150500.9.6.1 * openSUSE Leap 15.5 (aarch64_ilp32) * libsmartcols-devel-64bit-2.37.4-150500.9.6.1 * libmount-devel-64bit-2.37.4-150500.9.6.1 * libsmartcols1-64bit-2.37.4-150500.9.6.1 * libblkid1-64bit-debuginfo-2.37.4-150500.9.6.1 * libmount1-64bit-2.37.4-150500.9.6.1 * libfdisk1-64bit-2.37.4-150500.9.6.1 * libblkid1-64bit-2.37.4-150500.9.6.1 * libuuid1-64bit-debuginfo-2.37.4-150500.9.6.1 * libuuid1-64bit-2.37.4-150500.9.6.1 * libblkid-devel-64bit-2.37.4-150500.9.6.1 * libfdisk1-64bit-debuginfo-2.37.4-150500.9.6.1 * libuuid-devel-64bit-2.37.4-150500.9.6.1 * libfdisk-devel-64bit-2.37.4-150500.9.6.1 * libmount1-64bit-debuginfo-2.37.4-150500.9.6.1 * libsmartcols1-64bit-debuginfo-2.37.4-150500.9.6.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 s390x x86_64) * util-linux-systemd-debugsource-2.37.4-150500.9.6.1 * libsmartcols1-2.37.4-150500.9.6.1 * libmount1-debuginfo-2.37.4-150500.9.6.1 * libfdisk1-debuginfo-2.37.4-150500.9.6.1 * libsmartcols1-debuginfo-2.37.4-150500.9.6.1 * util-linux-systemd-debuginfo-2.37.4-150500.9.6.1 * libuuid1-debuginfo-2.37.4-150500.9.6.1 * libuuid1-2.37.4-150500.9.6.1 * libblkid1-debuginfo-2.37.4-150500.9.6.1 * libblkid1-2.37.4-150500.9.6.1 * util-linux-debuginfo-2.37.4-150500.9.6.1 * util-linux-debugsource-2.37.4-150500.9.6.1 * libfdisk1-2.37.4-150500.9.6.1 * libmount1-2.37.4-150500.9.6.1 * util-linux-systemd-2.37.4-150500.9.6.1 * util-linux-2.37.4-150500.9.6.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * libblkid1-2.37.4-150500.9.6.1 * libblkid1-debuginfo-2.37.4-150500.9.6.1 * libfdisk1-2.37.4-150500.9.6.1 * libuuid-devel-static-2.37.4-150500.9.6.1 * libsmartcols1-debuginfo-2.37.4-150500.9.6.1 * util-linux-systemd-debuginfo-2.37.4-150500.9.6.1 * libuuid1-2.37.4-150500.9.6.1 * libuuid-devel-2.37.4-150500.9.6.1 * util-linux-debuginfo-2.37.4-150500.9.6.1 * util-linux-2.37.4-150500.9.6.1 * libfdisk1-debuginfo-2.37.4-150500.9.6.1 * libuuid1-debuginfo-2.37.4-150500.9.6.1 * libmount1-debuginfo-2.37.4-150500.9.6.1 * util-linux-debugsource-2.37.4-150500.9.6.1 * util-linux-systemd-2.37.4-150500.9.6.1 * util-linux-systemd-debugsource-2.37.4-150500.9.6.1 * libsmartcols1-2.37.4-150500.9.6.1 * libsmartcols-devel-2.37.4-150500.9.6.1 * libblkid-devel-static-2.37.4-150500.9.6.1 * libblkid-devel-2.37.4-150500.9.6.1 * libfdisk-devel-2.37.4-150500.9.6.1 * libmount1-2.37.4-150500.9.6.1 * libmount-devel-2.37.4-150500.9.6.1 * Basesystem Module 15-SP5 (noarch) * util-linux-lang-2.37.4-150500.9.6.1 * Basesystem Module 15-SP5 (x86_64) * libmount1-32bit-debuginfo-2.37.4-150500.9.6.1 * libmount1-32bit-2.37.4-150500.9.6.1 * libblkid1-32bit-debuginfo-2.37.4-150500.9.6.1 * libuuid1-32bit-2.37.4-150500.9.6.1 * libblkid1-32bit-2.37.4-150500.9.6.1 * libuuid1-32bit-debuginfo-2.37.4-150500.9.6.1 * Server Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * util-linux-systemd-debugsource-2.37.4-150500.9.6.1 * uuidd-debuginfo-2.37.4-150500.9.6.1 * util-linux-systemd-debuginfo-2.37.4-150500.9.6.1 * uuidd-2.37.4-150500.9.6.1 ## References: * https://www.suse.com/security/cve/CVE-2024-28085.html * https://bugzilla.suse.com/show_bug.cgi?id=1207987 * https://bugzilla.suse.com/show_bug.cgi?id=1221831 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Apr 9 08:30:06 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 09 Apr 2024 08:30:06 -0000 Subject: SUSE-SU-2024:1171-1: important: Security update for util-linux Message-ID: <171265140690.16551.7155835919526584044@smelt2.prg2.suse.org> # Security update for util-linux Announcement ID: SUSE-SU-2024:1171-1 Rating: important References: * bsc#1221831 Cross-References: * CVE-2024-28085 CVSS scores: * CVE-2024-28085 ( SUSE ): 8.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 * SUSE Linux Enterprise Workstation Extension 12 12-SP5 An update that solves one vulnerability can now be installed. ## Description: This update for util-linux fixes the following issues: * CVE-2024-28085: Properly neutralize escape sequences in wall. (bsc#1221831) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-1171=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1171=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1171=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1171=1 * SUSE Linux Enterprise Workstation Extension 12 12-SP5 zypper in -t patch SUSE-SLE-WE-12-SP5-2024-1171=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * util-linux-debugsource-2.33.2-4.36.1 * libblkid-devel-2.33.2-4.36.1 * util-linux-debuginfo-2.33.2-4.36.1 * libmount-devel-2.33.2-4.36.1 * libuuid-devel-2.33.2-4.36.1 * libsmartcols-devel-2.33.2-4.36.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * libblkid1-2.33.2-4.36.1 * libuuid1-2.33.2-4.36.1 * util-linux-systemd-2.33.2-4.36.1 * libmount1-debuginfo-2.33.2-4.36.1 * libmount1-2.33.2-4.36.1 * libblkid1-debuginfo-2.33.2-4.36.1 * python-libmount-debuginfo-2.33.2-4.36.1 * util-linux-systemd-debuginfo-2.33.2-4.36.1 * libfdisk1-2.33.2-4.36.1 * libuuid1-debuginfo-2.33.2-4.36.1 * uuidd-2.33.2-4.36.1 * python-libmount-debugsource-2.33.2-4.36.1 * uuidd-debuginfo-2.33.2-4.36.1 * libsmartcols1-debuginfo-2.33.2-4.36.1 * util-linux-systemd-debugsource-2.33.2-4.36.1 * util-linux-2.33.2-4.36.1 * python-libmount-2.33.2-4.36.1 * libsmartcols1-2.33.2-4.36.1 * util-linux-debugsource-2.33.2-4.36.1 * util-linux-debuginfo-2.33.2-4.36.1 * libfdisk1-debuginfo-2.33.2-4.36.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (noarch) * util-linux-lang-2.33.2-4.36.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (x86_64) * libmount1-debuginfo-32bit-2.33.2-4.36.1 * libmount1-32bit-2.33.2-4.36.1 * libblkid1-debuginfo-32bit-2.33.2-4.36.1 * libblkid1-32bit-2.33.2-4.36.1 * libuuid1-32bit-2.33.2-4.36.1 * libuuid1-debuginfo-32bit-2.33.2-4.36.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * libblkid1-2.33.2-4.36.1 * libuuid1-2.33.2-4.36.1 * util-linux-systemd-2.33.2-4.36.1 * libmount1-debuginfo-2.33.2-4.36.1 * libmount1-2.33.2-4.36.1 * libblkid1-debuginfo-2.33.2-4.36.1 * python-libmount-debuginfo-2.33.2-4.36.1 * util-linux-systemd-debuginfo-2.33.2-4.36.1 * libfdisk1-2.33.2-4.36.1 * libuuid1-debuginfo-2.33.2-4.36.1 * uuidd-2.33.2-4.36.1 * python-libmount-debugsource-2.33.2-4.36.1 * uuidd-debuginfo-2.33.2-4.36.1 * libsmartcols1-debuginfo-2.33.2-4.36.1 * util-linux-systemd-debugsource-2.33.2-4.36.1 * util-linux-2.33.2-4.36.1 * python-libmount-2.33.2-4.36.1 * libsmartcols1-2.33.2-4.36.1 * util-linux-debugsource-2.33.2-4.36.1 * util-linux-debuginfo-2.33.2-4.36.1 * libfdisk1-debuginfo-2.33.2-4.36.1 * SUSE Linux Enterprise Server 12 SP5 (noarch) * util-linux-lang-2.33.2-4.36.1 * SUSE Linux Enterprise Server 12 SP5 (s390x x86_64) * libmount1-debuginfo-32bit-2.33.2-4.36.1 * libmount1-32bit-2.33.2-4.36.1 * libblkid1-debuginfo-32bit-2.33.2-4.36.1 * libblkid1-32bit-2.33.2-4.36.1 * libuuid1-32bit-2.33.2-4.36.1 * libuuid1-debuginfo-32bit-2.33.2-4.36.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * libblkid1-2.33.2-4.36.1 * libuuid1-2.33.2-4.36.1 * util-linux-systemd-2.33.2-4.36.1 * libmount1-debuginfo-2.33.2-4.36.1 * libmount1-2.33.2-4.36.1 * libblkid1-debuginfo-2.33.2-4.36.1 * python-libmount-debuginfo-2.33.2-4.36.1 * util-linux-systemd-debuginfo-2.33.2-4.36.1 * libfdisk1-2.33.2-4.36.1 * libuuid1-debuginfo-2.33.2-4.36.1 * uuidd-2.33.2-4.36.1 * python-libmount-debugsource-2.33.2-4.36.1 * uuidd-debuginfo-2.33.2-4.36.1 * libsmartcols1-debuginfo-2.33.2-4.36.1 * util-linux-systemd-debugsource-2.33.2-4.36.1 * util-linux-2.33.2-4.36.1 * python-libmount-2.33.2-4.36.1 * libsmartcols1-2.33.2-4.36.1 * util-linux-debugsource-2.33.2-4.36.1 * util-linux-debuginfo-2.33.2-4.36.1 * libfdisk1-debuginfo-2.33.2-4.36.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (noarch) * util-linux-lang-2.33.2-4.36.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (x86_64) * libmount1-debuginfo-32bit-2.33.2-4.36.1 * libmount1-32bit-2.33.2-4.36.1 * libblkid1-debuginfo-32bit-2.33.2-4.36.1 * libblkid1-32bit-2.33.2-4.36.1 * libuuid1-32bit-2.33.2-4.36.1 * libuuid1-debuginfo-32bit-2.33.2-4.36.1 * SUSE Linux Enterprise Workstation Extension 12 12-SP5 (x86_64) * util-linux-debuginfo-2.33.2-4.36.1 * util-linux-debugsource-2.33.2-4.36.1 * libuuid-devel-2.33.2-4.36.1 ## References: * https://www.suse.com/security/cve/CVE-2024-28085.html * https://bugzilla.suse.com/show_bug.cgi?id=1221831 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Apr 9 08:30:09 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 09 Apr 2024 08:30:09 -0000 Subject: SUSE-SU-2024:1170-1: important: Security update for util-linux Message-ID: <171265140912.16551.12655520283175939791@smelt2.prg2.suse.org> # Security update for util-linux Announcement ID: SUSE-SU-2024:1170-1 Rating: important References: * bsc#1194038 * bsc#1207987 * bsc#1221831 Cross-References: * CVE-2024-28085 CVSS scores: * CVE-2024-28085 ( SUSE ): 8.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N Affected Products: * openSUSE Leap 15.3 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves one vulnerability and has two security fixes can now be installed. ## Description: This update for util-linux fixes the following issues: * CVE-2024-28085: Properly neutralize escape sequences in wall. (bsc#1221831) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-1170=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-1170=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-1170=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-1170=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-1170=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-1170=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-1170=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-1170=1 ## Package List: * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * libblkid-devel-static-2.36.2-150300.4.41.1 * libfdisk1-debuginfo-2.36.2-150300.4.41.1 * libsmartcols1-2.36.2-150300.4.41.1 * libfdisk1-2.36.2-150300.4.41.1 * libmount1-debuginfo-2.36.2-150300.4.41.1 * libuuid-devel-static-2.36.2-150300.4.41.1 * libblkid-devel-2.36.2-150300.4.41.1 * libmount-devel-2.36.2-150300.4.41.1 * util-linux-systemd-debugsource-2.36.2-150300.4.41.1 * libblkid1-debuginfo-2.36.2-150300.4.41.1 * libfdisk-devel-2.36.2-150300.4.41.1 * util-linux-systemd-2.36.2-150300.4.41.1 * libuuid1-debuginfo-2.36.2-150300.4.41.1 * util-linux-debuginfo-2.36.2-150300.4.41.1 * util-linux-systemd-debuginfo-2.36.2-150300.4.41.1 * util-linux-debugsource-2.36.2-150300.4.41.1 * libsmartcols1-debuginfo-2.36.2-150300.4.41.1 * libuuid1-2.36.2-150300.4.41.1 * python3-libmount-debugsource-2.36.2-150300.4.41.1 * libblkid1-2.36.2-150300.4.41.1 * libsmartcols-devel-2.36.2-150300.4.41.1 * python3-libmount-2.36.2-150300.4.41.1 * uuidd-debuginfo-2.36.2-150300.4.41.1 * libfdisk-devel-static-2.36.2-150300.4.41.1 * libsmartcols-devel-static-2.36.2-150300.4.41.1 * uuidd-2.36.2-150300.4.41.1 * python3-libmount-debuginfo-2.36.2-150300.4.41.1 * libuuid-devel-2.36.2-150300.4.41.1 * libmount1-2.36.2-150300.4.41.1 * util-linux-2.36.2-150300.4.41.1 * libmount-devel-static-2.36.2-150300.4.41.1 * openSUSE Leap 15.3 (x86_64) * libuuid1-32bit-debuginfo-2.36.2-150300.4.41.1 * libsmartcols1-32bit-debuginfo-2.36.2-150300.4.41.1 * libsmartcols1-32bit-2.36.2-150300.4.41.1 * libuuid-devel-32bit-2.36.2-150300.4.41.1 * libblkid-devel-32bit-2.36.2-150300.4.41.1 * libsmartcols-devel-32bit-2.36.2-150300.4.41.1 * libblkid1-32bit-debuginfo-2.36.2-150300.4.41.1 * libmount1-32bit-debuginfo-2.36.2-150300.4.41.1 * libuuid1-32bit-2.36.2-150300.4.41.1 * libmount1-32bit-2.36.2-150300.4.41.1 * libmount-devel-32bit-2.36.2-150300.4.41.1 * libfdisk1-32bit-2.36.2-150300.4.41.1 * libfdisk1-32bit-debuginfo-2.36.2-150300.4.41.1 * libfdisk-devel-32bit-2.36.2-150300.4.41.1 * libblkid1-32bit-2.36.2-150300.4.41.1 * openSUSE Leap 15.3 (noarch) * util-linux-lang-2.36.2-150300.4.41.1 * openSUSE Leap 15.3 (aarch64_ilp32) * libmount-devel-64bit-2.36.2-150300.4.41.1 * libsmartcols1-64bit-debuginfo-2.36.2-150300.4.41.1 * libmount1-64bit-debuginfo-2.36.2-150300.4.41.1 * libfdisk-devel-64bit-2.36.2-150300.4.41.1 * libuuid1-64bit-debuginfo-2.36.2-150300.4.41.1 * libsmartcols1-64bit-2.36.2-150300.4.41.1 * libuuid1-64bit-2.36.2-150300.4.41.1 * libfdisk1-64bit-2.36.2-150300.4.41.1 * libblkid-devel-64bit-2.36.2-150300.4.41.1 * libuuid-devel-64bit-2.36.2-150300.4.41.1 * libblkid1-64bit-2.36.2-150300.4.41.1 * libmount1-64bit-2.36.2-150300.4.41.1 * libsmartcols-devel-64bit-2.36.2-150300.4.41.1 * libblkid1-64bit-debuginfo-2.36.2-150300.4.41.1 * libfdisk1-64bit-debuginfo-2.36.2-150300.4.41.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * libblkid-devel-static-2.36.2-150300.4.41.1 * libfdisk1-debuginfo-2.36.2-150300.4.41.1 * libsmartcols1-2.36.2-150300.4.41.1 * libfdisk1-2.36.2-150300.4.41.1 * libmount1-debuginfo-2.36.2-150300.4.41.1 * libuuid-devel-static-2.36.2-150300.4.41.1 * libblkid-devel-2.36.2-150300.4.41.1 * libmount-devel-2.36.2-150300.4.41.1 * util-linux-systemd-debugsource-2.36.2-150300.4.41.1 * libblkid1-debuginfo-2.36.2-150300.4.41.1 * libfdisk-devel-2.36.2-150300.4.41.1 * util-linux-systemd-2.36.2-150300.4.41.1 * libuuid1-debuginfo-2.36.2-150300.4.41.1 * util-linux-debuginfo-2.36.2-150300.4.41.1 * util-linux-systemd-debuginfo-2.36.2-150300.4.41.1 * util-linux-debugsource-2.36.2-150300.4.41.1 * libsmartcols1-debuginfo-2.36.2-150300.4.41.1 * libuuid1-2.36.2-150300.4.41.1 * libblkid1-2.36.2-150300.4.41.1 * libsmartcols-devel-2.36.2-150300.4.41.1 * uuidd-debuginfo-2.36.2-150300.4.41.1 * uuidd-2.36.2-150300.4.41.1 * libuuid-devel-2.36.2-150300.4.41.1 * libmount1-2.36.2-150300.4.41.1 * util-linux-2.36.2-150300.4.41.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * util-linux-lang-2.36.2-150300.4.41.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (x86_64) * libuuid1-32bit-debuginfo-2.36.2-150300.4.41.1 * libblkid1-32bit-debuginfo-2.36.2-150300.4.41.1 * libuuid1-32bit-2.36.2-150300.4.41.1 * libmount1-32bit-debuginfo-2.36.2-150300.4.41.1 * libmount1-32bit-2.36.2-150300.4.41.1 * libblkid1-32bit-2.36.2-150300.4.41.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * libblkid-devel-static-2.36.2-150300.4.41.1 * libfdisk1-debuginfo-2.36.2-150300.4.41.1 * libsmartcols1-2.36.2-150300.4.41.1 * libfdisk1-2.36.2-150300.4.41.1 * libmount1-debuginfo-2.36.2-150300.4.41.1 * libuuid-devel-static-2.36.2-150300.4.41.1 * libblkid-devel-2.36.2-150300.4.41.1 * libmount-devel-2.36.2-150300.4.41.1 * util-linux-systemd-debugsource-2.36.2-150300.4.41.1 * libblkid1-debuginfo-2.36.2-150300.4.41.1 * libfdisk-devel-2.36.2-150300.4.41.1 * util-linux-systemd-2.36.2-150300.4.41.1 * libuuid1-debuginfo-2.36.2-150300.4.41.1 * util-linux-debuginfo-2.36.2-150300.4.41.1 * util-linux-systemd-debuginfo-2.36.2-150300.4.41.1 * util-linux-debugsource-2.36.2-150300.4.41.1 * libsmartcols1-debuginfo-2.36.2-150300.4.41.1 * libuuid1-2.36.2-150300.4.41.1 * libblkid1-2.36.2-150300.4.41.1 * libsmartcols-devel-2.36.2-150300.4.41.1 * uuidd-debuginfo-2.36.2-150300.4.41.1 * uuidd-2.36.2-150300.4.41.1 * libuuid-devel-2.36.2-150300.4.41.1 * libmount1-2.36.2-150300.4.41.1 * util-linux-2.36.2-150300.4.41.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch) * util-linux-lang-2.36.2-150300.4.41.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (x86_64) * libuuid1-32bit-debuginfo-2.36.2-150300.4.41.1 * libblkid1-32bit-debuginfo-2.36.2-150300.4.41.1 * libuuid1-32bit-2.36.2-150300.4.41.1 * libmount1-32bit-debuginfo-2.36.2-150300.4.41.1 * libmount1-32bit-2.36.2-150300.4.41.1 * libblkid1-32bit-2.36.2-150300.4.41.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * libblkid-devel-static-2.36.2-150300.4.41.1 * libfdisk1-debuginfo-2.36.2-150300.4.41.1 * libsmartcols1-2.36.2-150300.4.41.1 * libfdisk1-2.36.2-150300.4.41.1 * libmount1-debuginfo-2.36.2-150300.4.41.1 * libuuid-devel-static-2.36.2-150300.4.41.1 * libblkid-devel-2.36.2-150300.4.41.1 * libmount-devel-2.36.2-150300.4.41.1 * util-linux-systemd-debugsource-2.36.2-150300.4.41.1 * libblkid1-debuginfo-2.36.2-150300.4.41.1 * libfdisk-devel-2.36.2-150300.4.41.1 * util-linux-systemd-2.36.2-150300.4.41.1 * libuuid1-debuginfo-2.36.2-150300.4.41.1 * util-linux-debuginfo-2.36.2-150300.4.41.1 * util-linux-systemd-debuginfo-2.36.2-150300.4.41.1 * util-linux-debugsource-2.36.2-150300.4.41.1 * libsmartcols1-debuginfo-2.36.2-150300.4.41.1 * libuuid1-2.36.2-150300.4.41.1 * libblkid1-2.36.2-150300.4.41.1 * libsmartcols-devel-2.36.2-150300.4.41.1 * uuidd-debuginfo-2.36.2-150300.4.41.1 * uuidd-2.36.2-150300.4.41.1 * libuuid-devel-2.36.2-150300.4.41.1 * libmount1-2.36.2-150300.4.41.1 * util-linux-2.36.2-150300.4.41.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * util-linux-lang-2.36.2-150300.4.41.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (x86_64) * libuuid1-32bit-debuginfo-2.36.2-150300.4.41.1 * libblkid1-32bit-debuginfo-2.36.2-150300.4.41.1 * libuuid1-32bit-2.36.2-150300.4.41.1 * libmount1-32bit-debuginfo-2.36.2-150300.4.41.1 * libmount1-32bit-2.36.2-150300.4.41.1 * libblkid1-32bit-2.36.2-150300.4.41.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * libblkid-devel-static-2.36.2-150300.4.41.1 * libfdisk1-debuginfo-2.36.2-150300.4.41.1 * libsmartcols1-2.36.2-150300.4.41.1 * libfdisk1-2.36.2-150300.4.41.1 * libmount1-debuginfo-2.36.2-150300.4.41.1 * libuuid-devel-static-2.36.2-150300.4.41.1 * libblkid-devel-2.36.2-150300.4.41.1 * libmount-devel-2.36.2-150300.4.41.1 * util-linux-systemd-debugsource-2.36.2-150300.4.41.1 * libblkid1-debuginfo-2.36.2-150300.4.41.1 * libfdisk-devel-2.36.2-150300.4.41.1 * util-linux-systemd-2.36.2-150300.4.41.1 * libuuid1-debuginfo-2.36.2-150300.4.41.1 * util-linux-debuginfo-2.36.2-150300.4.41.1 * util-linux-systemd-debuginfo-2.36.2-150300.4.41.1 * util-linux-debugsource-2.36.2-150300.4.41.1 * libsmartcols1-debuginfo-2.36.2-150300.4.41.1 * libuuid1-2.36.2-150300.4.41.1 * libblkid1-2.36.2-150300.4.41.1 * libsmartcols-devel-2.36.2-150300.4.41.1 * uuidd-debuginfo-2.36.2-150300.4.41.1 * uuidd-2.36.2-150300.4.41.1 * libuuid-devel-2.36.2-150300.4.41.1 * libmount1-2.36.2-150300.4.41.1 * util-linux-2.36.2-150300.4.41.1 * SUSE Enterprise Storage 7.1 (noarch) * util-linux-lang-2.36.2-150300.4.41.1 * SUSE Enterprise Storage 7.1 (x86_64) * libuuid1-32bit-debuginfo-2.36.2-150300.4.41.1 * libblkid1-32bit-debuginfo-2.36.2-150300.4.41.1 * libuuid1-32bit-2.36.2-150300.4.41.1 * libmount1-32bit-debuginfo-2.36.2-150300.4.41.1 * libmount1-32bit-2.36.2-150300.4.41.1 * libblkid1-32bit-2.36.2-150300.4.41.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * libuuid1-debuginfo-2.36.2-150300.4.41.1 * util-linux-systemd-debugsource-2.36.2-150300.4.41.1 * util-linux-debuginfo-2.36.2-150300.4.41.1 * libfdisk1-debuginfo-2.36.2-150300.4.41.1 * util-linux-systemd-debuginfo-2.36.2-150300.4.41.1 * libblkid1-debuginfo-2.36.2-150300.4.41.1 * util-linux-debugsource-2.36.2-150300.4.41.1 * libsmartcols1-2.36.2-150300.4.41.1 * libsmartcols1-debuginfo-2.36.2-150300.4.41.1 * libuuid1-2.36.2-150300.4.41.1 * libfdisk1-2.36.2-150300.4.41.1 * libmount1-debuginfo-2.36.2-150300.4.41.1 * libmount1-2.36.2-150300.4.41.1 * util-linux-systemd-2.36.2-150300.4.41.1 * util-linux-2.36.2-150300.4.41.1 * libblkid1-2.36.2-150300.4.41.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * libuuid1-debuginfo-2.36.2-150300.4.41.1 * util-linux-systemd-debugsource-2.36.2-150300.4.41.1 * util-linux-debuginfo-2.36.2-150300.4.41.1 * libfdisk1-debuginfo-2.36.2-150300.4.41.1 * util-linux-systemd-debuginfo-2.36.2-150300.4.41.1 * libblkid1-debuginfo-2.36.2-150300.4.41.1 * util-linux-debugsource-2.36.2-150300.4.41.1 * libsmartcols1-2.36.2-150300.4.41.1 * libsmartcols1-debuginfo-2.36.2-150300.4.41.1 * libuuid1-2.36.2-150300.4.41.1 * libfdisk1-2.36.2-150300.4.41.1 * libmount1-debuginfo-2.36.2-150300.4.41.1 * libmount1-2.36.2-150300.4.41.1 * util-linux-systemd-2.36.2-150300.4.41.1 * util-linux-2.36.2-150300.4.41.1 * libblkid1-2.36.2-150300.4.41.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * libuuid1-debuginfo-2.36.2-150300.4.41.1 * util-linux-systemd-debugsource-2.36.2-150300.4.41.1 * util-linux-debuginfo-2.36.2-150300.4.41.1 * libfdisk1-debuginfo-2.36.2-150300.4.41.1 * util-linux-systemd-debuginfo-2.36.2-150300.4.41.1 * libblkid1-debuginfo-2.36.2-150300.4.41.1 * util-linux-debugsource-2.36.2-150300.4.41.1 * libsmartcols1-2.36.2-150300.4.41.1 * libsmartcols1-debuginfo-2.36.2-150300.4.41.1 * libuuid1-2.36.2-150300.4.41.1 * libfdisk1-2.36.2-150300.4.41.1 * libmount1-debuginfo-2.36.2-150300.4.41.1 * libmount1-2.36.2-150300.4.41.1 * util-linux-systemd-2.36.2-150300.4.41.1 * util-linux-2.36.2-150300.4.41.1 * libblkid1-2.36.2-150300.4.41.1 ## References: * https://www.suse.com/security/cve/CVE-2024-28085.html * https://bugzilla.suse.com/show_bug.cgi?id=1194038 * https://bugzilla.suse.com/show_bug.cgi?id=1207987 * https://bugzilla.suse.com/show_bug.cgi?id=1221831 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Apr 9 08:30:11 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 09 Apr 2024 08:30:11 -0000 Subject: SUSE-SU-2024:1169-1: important: Security update for util-linux Message-ID: <171265141187.16551.7555966346783818806@smelt2.prg2.suse.org> # Security update for util-linux Announcement ID: SUSE-SU-2024:1169-1 Rating: important References: * bsc#1207987 * bsc#1220117 * bsc#1221831 Cross-References: * CVE-2024-28085 CVSS scores: * CVE-2024-28085 ( SUSE ): 8.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N Affected Products: * openSUSE Leap 15.4 * openSUSE Leap Micro 5.3 * openSUSE Leap Micro 5.4 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability and has two security fixes can now be installed. ## Description: This update for util-linux fixes the following issues: * CVE-2024-28085: Properly neutralize escape sequences in wall. (bsc#1221831) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-1169=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-1169=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-1169=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-1169=1 * openSUSE Leap Micro 5.3 zypper in -t patch openSUSE-Leap-Micro-5.3-2024-1169=1 * openSUSE Leap Micro 5.4 zypper in -t patch openSUSE-Leap-Micro-5.4-2024-1169=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-1169=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-1169=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-1169=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-1169=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-1169=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-1169=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-1169=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-1169=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-1169=1 ## Package List: * SUSE Manager Proxy 4.3 (x86_64) * util-linux-systemd-debuginfo-2.37.2-150400.8.29.1 * libfdisk1-debuginfo-2.37.2-150400.8.29.1 * util-linux-debuginfo-2.37.2-150400.8.29.1 * libmount1-32bit-2.37.2-150400.8.29.1 * libmount1-2.37.2-150400.8.29.1 * libmount1-debuginfo-2.37.2-150400.8.29.1 * util-linux-debugsource-2.37.2-150400.8.29.1 * libblkid1-32bit-debuginfo-2.37.2-150400.8.29.1 * libsmartcols-devel-2.37.2-150400.8.29.1 * util-linux-systemd-2.37.2-150400.8.29.1 * libblkid-devel-2.37.2-150400.8.29.1 * libfdisk1-2.37.2-150400.8.29.1 * util-linux-2.37.2-150400.8.29.1 * libblkid1-2.37.2-150400.8.29.1 * libblkid-devel-static-2.37.2-150400.8.29.1 * libmount1-32bit-debuginfo-2.37.2-150400.8.29.1 * libuuid1-debuginfo-2.37.2-150400.8.29.1 * libuuid-devel-static-2.37.2-150400.8.29.1 * libsmartcols1-debuginfo-2.37.2-150400.8.29.1 * libblkid1-32bit-2.37.2-150400.8.29.1 * libuuid1-2.37.2-150400.8.29.1 * libuuid1-32bit-2.37.2-150400.8.29.1 * util-linux-systemd-debugsource-2.37.2-150400.8.29.1 * libmount-devel-2.37.2-150400.8.29.1 * uuidd-debuginfo-2.37.2-150400.8.29.1 * libsmartcols1-2.37.2-150400.8.29.1 * libfdisk-devel-2.37.2-150400.8.29.1 * libuuid1-32bit-debuginfo-2.37.2-150400.8.29.1 * uuidd-2.37.2-150400.8.29.1 * libblkid1-debuginfo-2.37.2-150400.8.29.1 * libuuid-devel-2.37.2-150400.8.29.1 * SUSE Manager Proxy 4.3 (noarch) * util-linux-lang-2.37.2-150400.8.29.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * util-linux-systemd-debuginfo-2.37.2-150400.8.29.1 * libfdisk1-debuginfo-2.37.2-150400.8.29.1 * util-linux-debuginfo-2.37.2-150400.8.29.1 * libmount1-32bit-2.37.2-150400.8.29.1 * libmount1-2.37.2-150400.8.29.1 * libmount1-debuginfo-2.37.2-150400.8.29.1 * util-linux-debugsource-2.37.2-150400.8.29.1 * libblkid1-32bit-debuginfo-2.37.2-150400.8.29.1 * libsmartcols-devel-2.37.2-150400.8.29.1 * util-linux-systemd-2.37.2-150400.8.29.1 * libblkid-devel-2.37.2-150400.8.29.1 * libfdisk1-2.37.2-150400.8.29.1 * util-linux-2.37.2-150400.8.29.1 * libblkid1-2.37.2-150400.8.29.1 * libblkid-devel-static-2.37.2-150400.8.29.1 * libmount1-32bit-debuginfo-2.37.2-150400.8.29.1 * libuuid1-debuginfo-2.37.2-150400.8.29.1 * libuuid-devel-static-2.37.2-150400.8.29.1 * libsmartcols1-debuginfo-2.37.2-150400.8.29.1 * libblkid1-32bit-2.37.2-150400.8.29.1 * libuuid1-2.37.2-150400.8.29.1 * libuuid1-32bit-2.37.2-150400.8.29.1 * util-linux-systemd-debugsource-2.37.2-150400.8.29.1 * libmount-devel-2.37.2-150400.8.29.1 * uuidd-debuginfo-2.37.2-150400.8.29.1 * libsmartcols1-2.37.2-150400.8.29.1 * libfdisk-devel-2.37.2-150400.8.29.1 * libuuid1-32bit-debuginfo-2.37.2-150400.8.29.1 * uuidd-2.37.2-150400.8.29.1 * libblkid1-debuginfo-2.37.2-150400.8.29.1 * libuuid-devel-2.37.2-150400.8.29.1 * SUSE Manager Retail Branch Server 4.3 (noarch) * util-linux-lang-2.37.2-150400.8.29.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * util-linux-systemd-debuginfo-2.37.2-150400.8.29.1 * libfdisk1-debuginfo-2.37.2-150400.8.29.1 * util-linux-debuginfo-2.37.2-150400.8.29.1 * libmount1-2.37.2-150400.8.29.1 * libmount1-debuginfo-2.37.2-150400.8.29.1 * util-linux-debugsource-2.37.2-150400.8.29.1 * libsmartcols-devel-2.37.2-150400.8.29.1 * util-linux-systemd-2.37.2-150400.8.29.1 * libblkid-devel-2.37.2-150400.8.29.1 * libfdisk1-2.37.2-150400.8.29.1 * util-linux-2.37.2-150400.8.29.1 * libblkid1-2.37.2-150400.8.29.1 * libblkid-devel-static-2.37.2-150400.8.29.1 * libuuid1-debuginfo-2.37.2-150400.8.29.1 * libuuid-devel-static-2.37.2-150400.8.29.1 * libsmartcols1-debuginfo-2.37.2-150400.8.29.1 * libuuid1-2.37.2-150400.8.29.1 * util-linux-systemd-debugsource-2.37.2-150400.8.29.1 * libmount-devel-2.37.2-150400.8.29.1 * uuidd-debuginfo-2.37.2-150400.8.29.1 * libsmartcols1-2.37.2-150400.8.29.1 * libfdisk-devel-2.37.2-150400.8.29.1 * uuidd-2.37.2-150400.8.29.1 * libblkid1-debuginfo-2.37.2-150400.8.29.1 * libuuid-devel-2.37.2-150400.8.29.1 * SUSE Manager Server 4.3 (noarch) * util-linux-lang-2.37.2-150400.8.29.1 * SUSE Manager Server 4.3 (x86_64) * libblkid1-32bit-2.37.2-150400.8.29.1 * libblkid1-32bit-debuginfo-2.37.2-150400.8.29.1 * libuuid1-32bit-2.37.2-150400.8.29.1 * libmount1-32bit-2.37.2-150400.8.29.1 * libuuid1-32bit-debuginfo-2.37.2-150400.8.29.1 * libmount1-32bit-debuginfo-2.37.2-150400.8.29.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * util-linux-systemd-debuginfo-2.37.2-150400.8.29.1 * libfdisk1-debuginfo-2.37.2-150400.8.29.1 * python3-libmount-debuginfo-2.37.2-150400.8.29.1 * util-linux-debuginfo-2.37.2-150400.8.29.1 * python3-libmount-2.37.2-150400.8.29.1 * libmount1-2.37.2-150400.8.29.1 * libmount1-debuginfo-2.37.2-150400.8.29.1 * libmount-devel-static-2.37.2-150400.8.29.1 * libsmartcols-devel-static-2.37.2-150400.8.29.1 * util-linux-debugsource-2.37.2-150400.8.29.1 * libsmartcols-devel-2.37.2-150400.8.29.1 * util-linux-systemd-2.37.2-150400.8.29.1 * libblkid-devel-2.37.2-150400.8.29.1 * libfdisk1-2.37.2-150400.8.29.1 * util-linux-2.37.2-150400.8.29.1 * libblkid-devel-static-2.37.2-150400.8.29.1 * libblkid1-2.37.2-150400.8.29.1 * libuuid1-debuginfo-2.37.2-150400.8.29.1 * libuuid-devel-static-2.37.2-150400.8.29.1 * libsmartcols1-debuginfo-2.37.2-150400.8.29.1 * libuuid1-2.37.2-150400.8.29.1 * libfdisk-devel-static-2.37.2-150400.8.29.1 * util-linux-systemd-debugsource-2.37.2-150400.8.29.1 * libmount-devel-2.37.2-150400.8.29.1 * uuidd-debuginfo-2.37.2-150400.8.29.1 * python3-libmount-debugsource-2.37.2-150400.8.29.1 * libsmartcols1-2.37.2-150400.8.29.1 * libfdisk-devel-2.37.2-150400.8.29.1 * uuidd-2.37.2-150400.8.29.1 * libblkid1-debuginfo-2.37.2-150400.8.29.1 * libuuid-devel-2.37.2-150400.8.29.1 * openSUSE Leap 15.4 (x86_64) * libblkid1-32bit-2.37.2-150400.8.29.1 * libmount-devel-32bit-2.37.2-150400.8.29.1 * libblkid1-32bit-debuginfo-2.37.2-150400.8.29.1 * libblkid-devel-32bit-2.37.2-150400.8.29.1 * libuuid1-32bit-2.37.2-150400.8.29.1 * libfdisk-devel-32bit-2.37.2-150400.8.29.1 * libmount1-32bit-2.37.2-150400.8.29.1 * libsmartcols1-32bit-debuginfo-2.37.2-150400.8.29.1 * libuuid1-32bit-debuginfo-2.37.2-150400.8.29.1 * libsmartcols-devel-32bit-2.37.2-150400.8.29.1 * libuuid-devel-32bit-2.37.2-150400.8.29.1 * libfdisk1-32bit-2.37.2-150400.8.29.1 * libfdisk1-32bit-debuginfo-2.37.2-150400.8.29.1 * libmount1-32bit-debuginfo-2.37.2-150400.8.29.1 * libsmartcols1-32bit-2.37.2-150400.8.29.1 * openSUSE Leap 15.4 (noarch) * util-linux-lang-2.37.2-150400.8.29.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libuuid1-64bit-debuginfo-2.37.2-150400.8.29.1 * libfdisk-devel-64bit-2.37.2-150400.8.29.1 * libsmartcols1-64bit-2.37.2-150400.8.29.1 * libmount1-64bit-debuginfo-2.37.2-150400.8.29.1 * libfdisk1-64bit-2.37.2-150400.8.29.1 * libblkid1-64bit-2.37.2-150400.8.29.1 * libmount-devel-64bit-2.37.2-150400.8.29.1 * libuuid-devel-64bit-2.37.2-150400.8.29.1 * libsmartcols1-64bit-debuginfo-2.37.2-150400.8.29.1 * libblkid1-64bit-debuginfo-2.37.2-150400.8.29.1 * libblkid-devel-64bit-2.37.2-150400.8.29.1 * libmount1-64bit-2.37.2-150400.8.29.1 * libfdisk1-64bit-debuginfo-2.37.2-150400.8.29.1 * libuuid1-64bit-2.37.2-150400.8.29.1 * libsmartcols-devel-64bit-2.37.2-150400.8.29.1 * openSUSE Leap Micro 5.3 (aarch64 x86_64) * libsmartcols1-debuginfo-2.37.2-150400.8.29.1 * util-linux-systemd-debuginfo-2.37.2-150400.8.29.1 * libfdisk1-debuginfo-2.37.2-150400.8.29.1 * util-linux-systemd-2.37.2-150400.8.29.1 * libuuid1-2.37.2-150400.8.29.1 * libfdisk1-2.37.2-150400.8.29.1 * util-linux-2.37.2-150400.8.29.1 * libsmartcols1-2.37.2-150400.8.29.1 * util-linux-debuginfo-2.37.2-150400.8.29.1 * libblkid1-2.37.2-150400.8.29.1 * libmount1-2.37.2-150400.8.29.1 * util-linux-systemd-debugsource-2.37.2-150400.8.29.1 * libuuid1-debuginfo-2.37.2-150400.8.29.1 * libmount1-debuginfo-2.37.2-150400.8.29.1 * libblkid1-debuginfo-2.37.2-150400.8.29.1 * util-linux-debugsource-2.37.2-150400.8.29.1 * openSUSE Leap Micro 5.4 (aarch64 s390x x86_64) * libsmartcols1-debuginfo-2.37.2-150400.8.29.1 * util-linux-systemd-debuginfo-2.37.2-150400.8.29.1 * libfdisk1-debuginfo-2.37.2-150400.8.29.1 * util-linux-systemd-2.37.2-150400.8.29.1 * libuuid1-2.37.2-150400.8.29.1 * libfdisk1-2.37.2-150400.8.29.1 * util-linux-2.37.2-150400.8.29.1 * libsmartcols1-2.37.2-150400.8.29.1 * util-linux-debuginfo-2.37.2-150400.8.29.1 * libblkid1-2.37.2-150400.8.29.1 * libmount1-2.37.2-150400.8.29.1 * util-linux-systemd-debugsource-2.37.2-150400.8.29.1 * libuuid1-debuginfo-2.37.2-150400.8.29.1 * libmount1-debuginfo-2.37.2-150400.8.29.1 * libblkid1-debuginfo-2.37.2-150400.8.29.1 * util-linux-debugsource-2.37.2-150400.8.29.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * libsmartcols1-debuginfo-2.37.2-150400.8.29.1 * util-linux-systemd-debuginfo-2.37.2-150400.8.29.1 * libfdisk1-debuginfo-2.37.2-150400.8.29.1 * util-linux-systemd-2.37.2-150400.8.29.1 * libuuid1-2.37.2-150400.8.29.1 * libfdisk1-2.37.2-150400.8.29.1 * util-linux-2.37.2-150400.8.29.1 * libsmartcols1-2.37.2-150400.8.29.1 * util-linux-debuginfo-2.37.2-150400.8.29.1 * libblkid1-2.37.2-150400.8.29.1 * libmount1-2.37.2-150400.8.29.1 * util-linux-systemd-debugsource-2.37.2-150400.8.29.1 * libuuid1-debuginfo-2.37.2-150400.8.29.1 * libmount1-debuginfo-2.37.2-150400.8.29.1 * libblkid1-debuginfo-2.37.2-150400.8.29.1 * util-linux-debugsource-2.37.2-150400.8.29.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * libsmartcols1-debuginfo-2.37.2-150400.8.29.1 * util-linux-systemd-debuginfo-2.37.2-150400.8.29.1 * libfdisk1-debuginfo-2.37.2-150400.8.29.1 * util-linux-systemd-2.37.2-150400.8.29.1 * libuuid1-2.37.2-150400.8.29.1 * libfdisk1-2.37.2-150400.8.29.1 * util-linux-2.37.2-150400.8.29.1 * libsmartcols1-2.37.2-150400.8.29.1 * util-linux-debuginfo-2.37.2-150400.8.29.1 * libblkid1-2.37.2-150400.8.29.1 * libmount1-2.37.2-150400.8.29.1 * util-linux-systemd-debugsource-2.37.2-150400.8.29.1 * libuuid1-debuginfo-2.37.2-150400.8.29.1 * libmount1-debuginfo-2.37.2-150400.8.29.1 * libblkid1-debuginfo-2.37.2-150400.8.29.1 * util-linux-debugsource-2.37.2-150400.8.29.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * libsmartcols1-debuginfo-2.37.2-150400.8.29.1 * util-linux-systemd-debuginfo-2.37.2-150400.8.29.1 * libfdisk1-debuginfo-2.37.2-150400.8.29.1 * util-linux-systemd-2.37.2-150400.8.29.1 * libuuid1-2.37.2-150400.8.29.1 * libfdisk1-2.37.2-150400.8.29.1 * util-linux-2.37.2-150400.8.29.1 * libsmartcols1-2.37.2-150400.8.29.1 * util-linux-debuginfo-2.37.2-150400.8.29.1 * libblkid1-2.37.2-150400.8.29.1 * libmount1-2.37.2-150400.8.29.1 * util-linux-systemd-debugsource-2.37.2-150400.8.29.1 * libuuid1-debuginfo-2.37.2-150400.8.29.1 * libmount1-debuginfo-2.37.2-150400.8.29.1 * libblkid1-debuginfo-2.37.2-150400.8.29.1 * util-linux-debugsource-2.37.2-150400.8.29.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * libsmartcols1-debuginfo-2.37.2-150400.8.29.1 * util-linux-systemd-debuginfo-2.37.2-150400.8.29.1 * libfdisk1-debuginfo-2.37.2-150400.8.29.1 * util-linux-systemd-2.37.2-150400.8.29.1 * libuuid1-2.37.2-150400.8.29.1 * libfdisk1-2.37.2-150400.8.29.1 * util-linux-2.37.2-150400.8.29.1 * libsmartcols1-2.37.2-150400.8.29.1 * util-linux-debuginfo-2.37.2-150400.8.29.1 * libblkid1-2.37.2-150400.8.29.1 * libmount1-2.37.2-150400.8.29.1 * util-linux-systemd-debugsource-2.37.2-150400.8.29.1 * libuuid1-debuginfo-2.37.2-150400.8.29.1 * libmount1-debuginfo-2.37.2-150400.8.29.1 * libblkid1-debuginfo-2.37.2-150400.8.29.1 * util-linux-debugsource-2.37.2-150400.8.29.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * util-linux-systemd-debuginfo-2.37.2-150400.8.29.1 * libfdisk1-debuginfo-2.37.2-150400.8.29.1 * util-linux-debuginfo-2.37.2-150400.8.29.1 * libmount1-2.37.2-150400.8.29.1 * libmount1-debuginfo-2.37.2-150400.8.29.1 * util-linux-debugsource-2.37.2-150400.8.29.1 * libsmartcols-devel-2.37.2-150400.8.29.1 * util-linux-systemd-2.37.2-150400.8.29.1 * libblkid-devel-2.37.2-150400.8.29.1 * libfdisk1-2.37.2-150400.8.29.1 * util-linux-2.37.2-150400.8.29.1 * libblkid1-2.37.2-150400.8.29.1 * libblkid-devel-static-2.37.2-150400.8.29.1 * libuuid1-debuginfo-2.37.2-150400.8.29.1 * libuuid-devel-static-2.37.2-150400.8.29.1 * libsmartcols1-debuginfo-2.37.2-150400.8.29.1 * libuuid1-2.37.2-150400.8.29.1 * util-linux-systemd-debugsource-2.37.2-150400.8.29.1 * libmount-devel-2.37.2-150400.8.29.1 * uuidd-debuginfo-2.37.2-150400.8.29.1 * libsmartcols1-2.37.2-150400.8.29.1 * libfdisk-devel-2.37.2-150400.8.29.1 * uuidd-2.37.2-150400.8.29.1 * libblkid1-debuginfo-2.37.2-150400.8.29.1 * libuuid-devel-2.37.2-150400.8.29.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * util-linux-lang-2.37.2-150400.8.29.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64) * libblkid1-32bit-2.37.2-150400.8.29.1 * libblkid1-32bit-debuginfo-2.37.2-150400.8.29.1 * libuuid1-32bit-2.37.2-150400.8.29.1 * libmount1-32bit-2.37.2-150400.8.29.1 * libuuid1-32bit-debuginfo-2.37.2-150400.8.29.1 * libmount1-32bit-debuginfo-2.37.2-150400.8.29.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * util-linux-systemd-debuginfo-2.37.2-150400.8.29.1 * libfdisk1-debuginfo-2.37.2-150400.8.29.1 * util-linux-debuginfo-2.37.2-150400.8.29.1 * libmount1-2.37.2-150400.8.29.1 * libmount1-debuginfo-2.37.2-150400.8.29.1 * util-linux-debugsource-2.37.2-150400.8.29.1 * libsmartcols-devel-2.37.2-150400.8.29.1 * util-linux-systemd-2.37.2-150400.8.29.1 * libblkid-devel-2.37.2-150400.8.29.1 * libfdisk1-2.37.2-150400.8.29.1 * util-linux-2.37.2-150400.8.29.1 * libblkid1-2.37.2-150400.8.29.1 * libblkid-devel-static-2.37.2-150400.8.29.1 * libuuid1-debuginfo-2.37.2-150400.8.29.1 * libuuid-devel-static-2.37.2-150400.8.29.1 * libsmartcols1-debuginfo-2.37.2-150400.8.29.1 * libuuid1-2.37.2-150400.8.29.1 * util-linux-systemd-debugsource-2.37.2-150400.8.29.1 * libmount-devel-2.37.2-150400.8.29.1 * uuidd-debuginfo-2.37.2-150400.8.29.1 * libsmartcols1-2.37.2-150400.8.29.1 * libfdisk-devel-2.37.2-150400.8.29.1 * uuidd-2.37.2-150400.8.29.1 * libblkid1-debuginfo-2.37.2-150400.8.29.1 * libuuid-devel-2.37.2-150400.8.29.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * util-linux-lang-2.37.2-150400.8.29.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64) * libblkid1-32bit-2.37.2-150400.8.29.1 * libblkid1-32bit-debuginfo-2.37.2-150400.8.29.1 * libuuid1-32bit-2.37.2-150400.8.29.1 * libmount1-32bit-2.37.2-150400.8.29.1 * libuuid1-32bit-debuginfo-2.37.2-150400.8.29.1 * libmount1-32bit-debuginfo-2.37.2-150400.8.29.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * util-linux-systemd-debuginfo-2.37.2-150400.8.29.1 * libfdisk1-debuginfo-2.37.2-150400.8.29.1 * util-linux-debuginfo-2.37.2-150400.8.29.1 * libmount1-32bit-2.37.2-150400.8.29.1 * libmount1-2.37.2-150400.8.29.1 * libmount1-debuginfo-2.37.2-150400.8.29.1 * util-linux-debugsource-2.37.2-150400.8.29.1 * libblkid1-32bit-debuginfo-2.37.2-150400.8.29.1 * libsmartcols-devel-2.37.2-150400.8.29.1 * util-linux-systemd-2.37.2-150400.8.29.1 * libblkid-devel-2.37.2-150400.8.29.1 * libfdisk1-2.37.2-150400.8.29.1 * util-linux-2.37.2-150400.8.29.1 * libblkid1-2.37.2-150400.8.29.1 * libblkid-devel-static-2.37.2-150400.8.29.1 * libmount1-32bit-debuginfo-2.37.2-150400.8.29.1 * libuuid1-debuginfo-2.37.2-150400.8.29.1 * libuuid-devel-static-2.37.2-150400.8.29.1 * libsmartcols1-debuginfo-2.37.2-150400.8.29.1 * libblkid1-32bit-2.37.2-150400.8.29.1 * libuuid1-2.37.2-150400.8.29.1 * libuuid1-32bit-2.37.2-150400.8.29.1 * util-linux-systemd-debugsource-2.37.2-150400.8.29.1 * libmount-devel-2.37.2-150400.8.29.1 * libsmartcols1-2.37.2-150400.8.29.1 * libfdisk-devel-2.37.2-150400.8.29.1 * libuuid1-32bit-debuginfo-2.37.2-150400.8.29.1 * libblkid1-debuginfo-2.37.2-150400.8.29.1 * libuuid-devel-2.37.2-150400.8.29.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (noarch) * util-linux-lang-2.37.2-150400.8.29.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * util-linux-systemd-debuginfo-2.37.2-150400.8.29.1 * libfdisk1-debuginfo-2.37.2-150400.8.29.1 * util-linux-debuginfo-2.37.2-150400.8.29.1 * libmount1-2.37.2-150400.8.29.1 * libmount1-debuginfo-2.37.2-150400.8.29.1 * util-linux-debugsource-2.37.2-150400.8.29.1 * libsmartcols-devel-2.37.2-150400.8.29.1 * util-linux-systemd-2.37.2-150400.8.29.1 * libblkid-devel-2.37.2-150400.8.29.1 * libfdisk1-2.37.2-150400.8.29.1 * util-linux-2.37.2-150400.8.29.1 * libblkid1-2.37.2-150400.8.29.1 * libblkid-devel-static-2.37.2-150400.8.29.1 * libuuid1-debuginfo-2.37.2-150400.8.29.1 * libuuid-devel-static-2.37.2-150400.8.29.1 * libsmartcols1-debuginfo-2.37.2-150400.8.29.1 * libuuid1-2.37.2-150400.8.29.1 * util-linux-systemd-debugsource-2.37.2-150400.8.29.1 * libmount-devel-2.37.2-150400.8.29.1 * uuidd-debuginfo-2.37.2-150400.8.29.1 * libsmartcols1-2.37.2-150400.8.29.1 * libfdisk-devel-2.37.2-150400.8.29.1 * uuidd-2.37.2-150400.8.29.1 * libblkid1-debuginfo-2.37.2-150400.8.29.1 * libuuid-devel-2.37.2-150400.8.29.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch) * util-linux-lang-2.37.2-150400.8.29.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (x86_64) * libblkid1-32bit-2.37.2-150400.8.29.1 * libblkid1-32bit-debuginfo-2.37.2-150400.8.29.1 * libuuid1-32bit-2.37.2-150400.8.29.1 * libmount1-32bit-2.37.2-150400.8.29.1 * libuuid1-32bit-debuginfo-2.37.2-150400.8.29.1 * libmount1-32bit-debuginfo-2.37.2-150400.8.29.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * util-linux-systemd-debuginfo-2.37.2-150400.8.29.1 * libfdisk1-debuginfo-2.37.2-150400.8.29.1 * util-linux-debuginfo-2.37.2-150400.8.29.1 * libmount1-2.37.2-150400.8.29.1 * libmount1-debuginfo-2.37.2-150400.8.29.1 * util-linux-debugsource-2.37.2-150400.8.29.1 * libsmartcols-devel-2.37.2-150400.8.29.1 * util-linux-systemd-2.37.2-150400.8.29.1 * libblkid-devel-2.37.2-150400.8.29.1 * libfdisk1-2.37.2-150400.8.29.1 * util-linux-2.37.2-150400.8.29.1 * libblkid1-2.37.2-150400.8.29.1 * libblkid-devel-static-2.37.2-150400.8.29.1 * libuuid1-debuginfo-2.37.2-150400.8.29.1 * libuuid-devel-static-2.37.2-150400.8.29.1 * libsmartcols1-debuginfo-2.37.2-150400.8.29.1 * libuuid1-2.37.2-150400.8.29.1 * util-linux-systemd-debugsource-2.37.2-150400.8.29.1 * libmount-devel-2.37.2-150400.8.29.1 * uuidd-debuginfo-2.37.2-150400.8.29.1 * libsmartcols1-2.37.2-150400.8.29.1 * libfdisk-devel-2.37.2-150400.8.29.1 * uuidd-2.37.2-150400.8.29.1 * libblkid1-debuginfo-2.37.2-150400.8.29.1 * libuuid-devel-2.37.2-150400.8.29.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * util-linux-lang-2.37.2-150400.8.29.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64) * libblkid1-32bit-2.37.2-150400.8.29.1 * libblkid1-32bit-debuginfo-2.37.2-150400.8.29.1 * libuuid1-32bit-2.37.2-150400.8.29.1 * libmount1-32bit-2.37.2-150400.8.29.1 * libuuid1-32bit-debuginfo-2.37.2-150400.8.29.1 * libmount1-32bit-debuginfo-2.37.2-150400.8.29.1 ## References: * https://www.suse.com/security/cve/CVE-2024-28085.html * https://bugzilla.suse.com/show_bug.cgi?id=1207987 * https://bugzilla.suse.com/show_bug.cgi?id=1220117 * https://bugzilla.suse.com/show_bug.cgi?id=1221831 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Apr 9 12:30:08 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 09 Apr 2024 12:30:08 -0000 Subject: SUSE-SU-2024:1174-1: moderate: Security update for qt6-base Message-ID: <171266580861.24784.18059404471112659187@smelt2.prg2.suse.org> # Security update for qt6-base Announcement ID: SUSE-SU-2024:1174-1 Rating: moderate References: * bsc#1221926 Cross-References: * CVE-2024-30161 CVSS scores: * CVE-2024-30161 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N Affected Products: * Desktop Applications Module 15-SP5 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Package Hub 15 15-SP5 An update that solves one vulnerability can now be installed. ## Description: This update for qt6-base fixes the following issues: * CVE-2024-30161: Fixed QNetworkReply header data access via a dangling pointer (bsc#1221926). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-1174=1 * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-1174=1 openSUSE-SLE-15.5-2024-1174=1 * Desktop Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP5-2024-1174=1 ## Package List: * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x x86_64) * qt6-gui-private-devel-6.4.2-150500.3.17.1 * qt6-base-common-devel-debuginfo-6.4.2-150500.3.17.1 * qt6-concurrent-devel-6.4.2-150500.3.17.1 * qt6-kmssupport-devel-static-6.4.2-150500.3.17.1 * qt6-test-devel-6.4.2-150500.3.17.1 * libQt6Sql6-6.4.2-150500.3.17.1 * qt6-network-tls-6.4.2-150500.3.17.1 * qt6-sql-devel-6.4.2-150500.3.17.1 * libQt6Concurrent6-debuginfo-6.4.2-150500.3.17.1 * qt6-dbus-devel-6.4.2-150500.3.17.1 * libQt6Concurrent6-6.4.2-150500.3.17.1 * qt6-widgets-private-devel-6.4.2-150500.3.17.1 * libQt6Core6-6.4.2-150500.3.17.1 * qt6-core-private-devel-6.4.2-150500.3.17.1 * libQt6Network6-debuginfo-6.4.2-150500.3.17.1 * libQt6Sql6-debuginfo-6.4.2-150500.3.17.1 * qt6-platformsupport-devel-static-6.4.2-150500.3.17.1 * qt6-xml-devel-6.4.2-150500.3.17.1 * qt6-opengl-devel-6.4.2-150500.3.17.1 * qt6-core-devel-6.4.2-150500.3.17.1 * libQt6DBus6-6.4.2-150500.3.17.1 * libQt6Gui6-debuginfo-6.4.2-150500.3.17.1 * libQt6OpenGL6-debuginfo-6.4.2-150500.3.17.1 * libQt6PrintSupport6-6.4.2-150500.3.17.1 * qt6-sql-sqlite-debuginfo-6.4.2-150500.3.17.1 * libQt6OpenGL6-6.4.2-150500.3.17.1 * qt6-widgets-devel-6.4.2-150500.3.17.1 * libQt6DBus6-debuginfo-6.4.2-150500.3.17.1 * qt6-openglwidgets-devel-6.4.2-150500.3.17.1 * libQt6Xml6-debuginfo-6.4.2-150500.3.17.1 * qt6-gui-devel-6.4.2-150500.3.17.1 * libQt6Widgets6-6.4.2-150500.3.17.1 * qt6-network-tls-debuginfo-6.4.2-150500.3.17.1 * libQt6Core6-debuginfo-6.4.2-150500.3.17.1 * qt6-base-debuginfo-6.4.2-150500.3.17.1 * libQt6Xml6-6.4.2-150500.3.17.1 * libQt6Network6-6.4.2-150500.3.17.1 * libQt6OpenGLWidgets6-6.4.2-150500.3.17.1 * qt6-kmssupport-private-devel-6.4.2-150500.3.17.1 * qt6-base-debugsource-6.4.2-150500.3.17.1 * qt6-sql-sqlite-6.4.2-150500.3.17.1 * qt6-network-devel-6.4.2-150500.3.17.1 * libQt6Test6-debuginfo-6.4.2-150500.3.17.1 * qt6-opengl-private-devel-6.4.2-150500.3.17.1 * qt6-printsupport-devel-6.4.2-150500.3.17.1 * libQt6Test6-6.4.2-150500.3.17.1 * qt6-base-common-devel-6.4.2-150500.3.17.1 * libQt6PrintSupport6-debuginfo-6.4.2-150500.3.17.1 * libQt6Gui6-6.4.2-150500.3.17.1 * libQt6Widgets6-debuginfo-6.4.2-150500.3.17.1 * libQt6OpenGLWidgets6-debuginfo-6.4.2-150500.3.17.1 * SUSE Package Hub 15 15-SP5 (noarch) * qt6-base-devel-6.4.2-150500.3.17.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * qt6-gui-private-devel-6.4.2-150500.3.17.1 * qt6-base-common-devel-debuginfo-6.4.2-150500.3.17.1 * qt6-concurrent-devel-6.4.2-150500.3.17.1 * qt6-kmssupport-devel-static-6.4.2-150500.3.17.1 * qt6-test-devel-6.4.2-150500.3.17.1 * libQt6Sql6-6.4.2-150500.3.17.1 * qt6-printsupport-cups-debuginfo-6.4.2-150500.3.17.1 * qt6-test-private-devel-6.4.2-150500.3.17.1 * qt6-network-tls-6.4.2-150500.3.17.1 * qt6-sql-devel-6.4.2-150500.3.17.1 * libQt6Concurrent6-debuginfo-6.4.2-150500.3.17.1 * qt6-printsupport-cups-6.4.2-150500.3.17.1 * qt6-dbus-devel-6.4.2-150500.3.17.1 * qt6-sql-postgresql-6.4.2-150500.3.17.1 * qt6-base-docs-html-6.4.2-150500.3.17.1 * qt6-networkinformation-nm-6.4.2-150500.3.17.1 * libQt6Concurrent6-6.4.2-150500.3.17.1 * qt6-networkinformation-nm-debuginfo-6.4.2-150500.3.17.1 * qt6-platformtheme-gtk3-debuginfo-6.4.2-150500.3.17.1 * qt6-widgets-private-devel-6.4.2-150500.3.17.1 * qt6-platformsupport-private-devel-6.4.2-150500.3.17.1 * libQt6Core6-6.4.2-150500.3.17.1 * qt6-core-private-devel-6.4.2-150500.3.17.1 * libQt6Network6-debuginfo-6.4.2-150500.3.17.1 * libQt6Sql6-debuginfo-6.4.2-150500.3.17.1 * qt6-networkinformation-glib-6.4.2-150500.3.17.1 * qt6-platformsupport-devel-static-6.4.2-150500.3.17.1 * qt6-platformtheme-xdgdesktopportal-6.4.2-150500.3.17.1 * qt6-xml-devel-6.4.2-150500.3.17.1 * qt6-opengl-devel-6.4.2-150500.3.17.1 * qt6-core-devel-6.4.2-150500.3.17.1 * libQt6DBus6-6.4.2-150500.3.17.1 * qt6-sql-private-devel-6.4.2-150500.3.17.1 * qt6-sql-unixODBC-debuginfo-6.4.2-150500.3.17.1 * libQt6Gui6-debuginfo-6.4.2-150500.3.17.1 * libQt6OpenGL6-debuginfo-6.4.2-150500.3.17.1 * qt6-base-examples-6.4.2-150500.3.17.1 * libQt6PrintSupport6-6.4.2-150500.3.17.1 * qt6-sql-sqlite-debuginfo-6.4.2-150500.3.17.1 * libQt6OpenGL6-6.4.2-150500.3.17.1 * qt6-widgets-devel-6.4.2-150500.3.17.1 * qt6-printsupport-private-devel-6.4.2-150500.3.17.1 * qt6-base-docs-qch-6.4.2-150500.3.17.1 * qt6-sql-mysql-6.4.2-150500.3.17.1 * libQt6DBus6-debuginfo-6.4.2-150500.3.17.1 * qt6-platformtheme-gtk3-6.4.2-150500.3.17.1 * qt6-openglwidgets-devel-6.4.2-150500.3.17.1 * libQt6Xml6-debuginfo-6.4.2-150500.3.17.1 * qt6-network-private-devel-6.4.2-150500.3.17.1 * qt6-sql-postgresql-debuginfo-6.4.2-150500.3.17.1 * qt6-gui-devel-6.4.2-150500.3.17.1 * libQt6Widgets6-6.4.2-150500.3.17.1 * qt6-network-tls-debuginfo-6.4.2-150500.3.17.1 * libQt6Core6-debuginfo-6.4.2-150500.3.17.1 * qt6-networkinformation-glib-debuginfo-6.4.2-150500.3.17.1 * qt6-base-debuginfo-6.4.2-150500.3.17.1 * libQt6Xml6-6.4.2-150500.3.17.1 * qt6-platformtheme-xdgdesktopportal-debuginfo-6.4.2-150500.3.17.1 * libQt6Network6-6.4.2-150500.3.17.1 * qt6-sql-mysql-debuginfo-6.4.2-150500.3.17.1 * qt6-xml-private-devel-6.4.2-150500.3.17.1 * libQt6OpenGLWidgets6-6.4.2-150500.3.17.1 * qt6-kmssupport-private-devel-6.4.2-150500.3.17.1 * qt6-base-debugsource-6.4.2-150500.3.17.1 * qt6-sql-sqlite-6.4.2-150500.3.17.1 * qt6-sql-unixODBC-6.4.2-150500.3.17.1 * qt6-network-devel-6.4.2-150500.3.17.1 * libQt6Test6-debuginfo-6.4.2-150500.3.17.1 * qt6-base-examples-debuginfo-6.4.2-150500.3.17.1 * qt6-opengl-private-devel-6.4.2-150500.3.17.1 * qt6-printsupport-devel-6.4.2-150500.3.17.1 * libQt6Test6-6.4.2-150500.3.17.1 * qt6-base-common-devel-6.4.2-150500.3.17.1 * libQt6PrintSupport6-debuginfo-6.4.2-150500.3.17.1 * libQt6Gui6-6.4.2-150500.3.17.1 * libQt6Widgets6-debuginfo-6.4.2-150500.3.17.1 * libQt6OpenGLWidgets6-debuginfo-6.4.2-150500.3.17.1 * qt6-dbus-private-devel-6.4.2-150500.3.17.1 * openSUSE Leap 15.5 (noarch) * qt6-base-private-devel-6.4.2-150500.3.17.1 * qt6-base-devel-6.4.2-150500.3.17.1 * qt6-docs-common-6.4.2-150500.3.17.1 * Desktop Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * libQt6Network6-6.4.2-150500.3.17.1 * qt6-network-tls-debuginfo-6.4.2-150500.3.17.1 * libQt6Core6-6.4.2-150500.3.17.1 * libQt6OpenGL6-6.4.2-150500.3.17.1 * qt6-base-debuginfo-6.4.2-150500.3.17.1 * qt6-base-debugsource-6.4.2-150500.3.17.1 * libQt6Network6-debuginfo-6.4.2-150500.3.17.1 * libQt6DBus6-debuginfo-6.4.2-150500.3.17.1 * qt6-network-tls-6.4.2-150500.3.17.1 * libQt6Gui6-6.4.2-150500.3.17.1 * libQt6Widgets6-6.4.2-150500.3.17.1 * libQt6DBus6-6.4.2-150500.3.17.1 * libQt6Core6-debuginfo-6.4.2-150500.3.17.1 * libQt6Widgets6-debuginfo-6.4.2-150500.3.17.1 * libQt6Gui6-debuginfo-6.4.2-150500.3.17.1 * libQt6OpenGL6-debuginfo-6.4.2-150500.3.17.1 ## References: * https://www.suse.com/security/cve/CVE-2024-30161.html * https://bugzilla.suse.com/show_bug.cgi?id=1221926 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Apr 9 20:30:08 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 09 Apr 2024 20:30:08 -0000 Subject: SUSE-SU-2024:1181-1: important: Security update for the Linux Kernel RT (Live Patch 1 for SLE 15 SP5) Message-ID: <171269460840.6932.6668481636670524901@smelt2.prg2.suse.org> # Security update for the Linux Kernel RT (Live Patch 1 for SLE 15 SP5) Announcement ID: SUSE-SU-2024:1181-1 Rating: important References: * bsc#1218613 * bsc#1219078 * bsc#1219296 * bsc#1219432 Cross-References: * CVE-2023-42753 * CVE-2023-52340 * CVE-2024-0565 * CVE-2024-1085 CVSS scores: * CVE-2023-42753 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-42753 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52340 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0565 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0565 ( NVD ): 7.4 CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H * CVE-2024-1085 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-1085 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves four vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_13_5 fixes several issues. The following security issues were fixed: * CVE-2024-0565: Fixed an out-of-bounds memory read flaw in receive_encrypted_standard in fs/smb/client/smb2ops.c (bsc#1219078). * CVE-2023-42753: Fixed an array indexing vulnerability in the netfilter subsystem. This issue may have allowed a local user to crash the system or potentially escalate their privileges (bsc#1218613). * CVE-2024-1085: Fixed nf_tables use-after-free vulnerability in the nft_setelem_catchall_deactivate() function (bsc#1219432). * CVE-2023-52340: Fixed ICMPv6 ?Packet Too Big? packets force a DoS of the Linux kernel by forcing 100% CPU (bsc#1219296). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-1181=1 SUSE-SLE- Module-Live-Patching-15-SP5-2024-1182=1 * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-1182=1 SUSE-2024-1181=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP5 (x86_64) * kernel-livepatch-SLE15-SP5-RT_Update_1-debugsource-9-150500.2.1 * kernel-livepatch-5_14_21-150500_11-rt-debuginfo-10-150500.9.1 * kernel-livepatch-SLE15-SP5-RT_Update_0-debugsource-10-150500.9.1 * kernel-livepatch-5_14_21-150500_11-rt-10-150500.9.1 * kernel-livepatch-5_14_21-150500_13_5-rt-debuginfo-9-150500.2.1 * kernel-livepatch-5_14_21-150500_13_5-rt-9-150500.2.1 * openSUSE Leap 15.5 (x86_64) * kernel-livepatch-5_14_21-150500_11-rt-debuginfo-10-150500.9.1 * kernel-livepatch-SLE15-SP5-RT_Update_0-debugsource-10-150500.9.1 * kernel-livepatch-5_14_21-150500_11-rt-10-150500.9.1 * kernel-livepatch-5_14_21-150500_13_5-rt-debuginfo-9-150500.2.1 * kernel-livepatch-SLE15-SP5-RT_Update_1-debugsource-9-150500.2.1 * kernel-livepatch-5_14_21-150500_13_5-rt-9-150500.2.1 ## References: * https://www.suse.com/security/cve/CVE-2023-42753.html * https://www.suse.com/security/cve/CVE-2023-52340.html * https://www.suse.com/security/cve/CVE-2024-0565.html * https://www.suse.com/security/cve/CVE-2024-1085.html * https://bugzilla.suse.com/show_bug.cgi?id=1218613 * https://bugzilla.suse.com/show_bug.cgi?id=1219078 * https://bugzilla.suse.com/show_bug.cgi?id=1219296 * https://bugzilla.suse.com/show_bug.cgi?id=1219432 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Apr 9 20:30:14 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 09 Apr 2024 20:30:14 -0000 Subject: SUSE-SU-2024:1179-1: important: Security update for gnutls Message-ID: <171269461447.6932.2020566259125348645@smelt2.prg2.suse.org> # Security update for gnutls Announcement ID: SUSE-SU-2024:1179-1 Rating: important References: * bsc#1202146 * bsc#1203299 * bsc#1203779 * bsc#1207183 * bsc#1207346 * bsc#1208143 * bsc#1208146 * bsc#1208237 * bsc#1209001 * bsc#1217277 * bsc#1218862 * bsc#1218865 * jsc#PED-1562 Cross-References: * CVE-2023-0361 * CVE-2023-5981 * CVE-2024-0553 * CVE-2024-0567 CVSS scores: * CVE-2023-0361 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2023-0361 ( NVD ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2023-5981 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2023-5981 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-0553 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-0553 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-0567 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0567 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro for Rancher 5.3 An update that solves four vulnerabilities, contains one feature and has eight security fixes can now be installed. ## Description: This update for gnutls fixes the following issues: Security issues fixed: * CVE-2023-0361: Fixed a Bleichenbacher oracle in the TLS RSA key exchange (bsc#1208143). * CVE-2023-5981: Fixed timing side-channel inside RSA-PSK key exchange (bsc#1217277). * CVE-2024-0567: Fixed an incorrect rejection of certificate chains with distributed trust (bsc#1218862). * CVE-2024-0553: Fixed a timing attack against the RSA-PSK key exchange, which could lead to the leakage of sensitive data (bsc#1218865). FIPS 140-3 certification related bugs fixed: * FIPS: Set error state when jent init failed in FIPS mode (bsc#1202146) * FIPS: Make XTS key check failure not fatal (bsc#1203779) * FIPS: Added GnuTLS DH/ECDH pairwise consistency check for public key regeneration [bsc#1207183] * FIPS: Change all the 140-2 references to FIPS 140-3 in order to account for the new FIPS certification [bsc#1207346] * FIPS: Make the jitterentropy calls thread-safe (bsc#1208146). * FIPS: GnuTLS DH/ECDH PCT public key regeneration (bsc#1207183). * FIPS: Fix pct_test() return code in case of error (bsc#1207183) * FIPS: Establish PBKDF2 additional requirements [bsc#1209001] * Set the minimum output key length to 112 bits (FIPS 140-3 IG D.N) * Set the minimum salt length to 128 bits (SP 800-132 sec. 5.1) * Set the minimum iterations count to 1000 (SP 800-132 sec 5.2) * Set the minimum passlen of 20 characters (SP SP800-132 sec 5) * Add regression tests for the new PBKDF2 requirements. Other issues fixed: * Fix AVX CPU feature detection for OSXSAVE (bsc#1203299) This fixes a SIGILL termination at the verzoupper instruction when trying to run GnuTLS on a Linux kernel with the noxsave command line parameter set. Relevant mostly for virtual systems. * Increase the limit of TLS PSK usernames from 128 to 65535 characters. [bsc#1208237, jsc#PED-1562] ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-1179=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-1179=1 ## Package List: * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * gnutls-debuginfo-3.7.3-150400.1.3.1 * libgnutls30-hmac-3.7.3-150400.1.3.1 * gnutls-debugsource-3.7.3-150400.1.3.1 * gnutls-3.7.3-150400.1.3.1 * libgnutls30-3.7.3-150400.1.3.1 * libgnutls30-debuginfo-3.7.3-150400.1.3.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * gnutls-debuginfo-3.7.3-150400.1.3.1 * libgnutls30-hmac-3.7.3-150400.1.3.1 * gnutls-debugsource-3.7.3-150400.1.3.1 * gnutls-3.7.3-150400.1.3.1 * libgnutls30-3.7.3-150400.1.3.1 * libgnutls30-debuginfo-3.7.3-150400.1.3.1 ## References: * https://www.suse.com/security/cve/CVE-2023-0361.html * https://www.suse.com/security/cve/CVE-2023-5981.html * https://www.suse.com/security/cve/CVE-2024-0553.html * https://www.suse.com/security/cve/CVE-2024-0567.html * https://bugzilla.suse.com/show_bug.cgi?id=1202146 * https://bugzilla.suse.com/show_bug.cgi?id=1203299 * https://bugzilla.suse.com/show_bug.cgi?id=1203779 * https://bugzilla.suse.com/show_bug.cgi?id=1207183 * https://bugzilla.suse.com/show_bug.cgi?id=1207346 * https://bugzilla.suse.com/show_bug.cgi?id=1208143 * https://bugzilla.suse.com/show_bug.cgi?id=1208146 * https://bugzilla.suse.com/show_bug.cgi?id=1208237 * https://bugzilla.suse.com/show_bug.cgi?id=1209001 * https://bugzilla.suse.com/show_bug.cgi?id=1217277 * https://bugzilla.suse.com/show_bug.cgi?id=1218862 * https://bugzilla.suse.com/show_bug.cgi?id=1218865 * https://jira.suse.com/browse/PED-1562 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Apr 10 08:30:06 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 10 Apr 2024 08:30:06 -0000 Subject: SUSE-SU-2024:1184-1: important: Security update for the Linux Kernel RT (Live Patch 9 for SLE 15 SP5) Message-ID: <171273780663.18320.2410337251474827028@smelt2.prg2.suse.org> # Security update for the Linux Kernel RT (Live Patch 9 for SLE 15 SP5) Announcement ID: SUSE-SU-2024:1184-1 Rating: important References: * bsc#1219078 * bsc#1219296 * bsc#1219432 Cross-References: * CVE-2023-52340 * CVE-2024-0565 * CVE-2024-1085 CVSS scores: * CVE-2023-52340 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0565 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0565 ( NVD ): 7.4 CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H * CVE-2024-1085 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-1085 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves three vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_13_30 fixes several issues. The following security issues were fixed: * CVE-2024-0565: Fixed an out-of-bounds memory read flaw in receive_encrypted_standard in fs/smb/client/smb2ops.c (bsc#1219078). * CVE-2024-1085: Fixed nf_tables use-after-free vulnerability in the nft_setelem_catchall_deactivate() function (bsc#1219432). * CVE-2023-52340: Fixed ICMPv6 ?Packet Too Big? packets force a DoS of the Linux kernel by forcing 100% CPU (bsc#1219296). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-1186=1 SUSE-2024-1187=1 SUSE-2024-1184=1 SUSE-2024-1185=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-1186=1 SUSE-SLE- Module-Live-Patching-15-SP5-2024-1187=1 SUSE-SLE-Module-Live- Patching-15-SP5-2024-1184=1 SUSE-SLE-Module-Live-Patching-15-SP5-2024-1185=1 ## Package List: * openSUSE Leap 15.5 (x86_64) * kernel-livepatch-5_14_21-150500_13_30-rt-debuginfo-4-150500.2.1 * kernel-livepatch-5_14_21-150500_13_24-rt-debuginfo-6-150500.2.1 * kernel-livepatch-SLE15-SP5-RT_Update_9-debugsource-4-150500.2.1 * kernel-livepatch-SLE15-SP5-RT_Update_6-debugsource-6-150500.2.1 * kernel-livepatch-5_14_21-150500_13_27-rt-debuginfo-5-150500.2.1 * kernel-livepatch-SLE15-SP5-RT_Update_8-debugsource-5-150500.2.1 * kernel-livepatch-SLE15-SP5-RT_Update_7-debugsource-6-150500.2.1 * kernel-livepatch-5_14_21-150500_13_27-rt-5-150500.2.1 * kernel-livepatch-5_14_21-150500_13_30-rt-4-150500.2.1 * kernel-livepatch-5_14_21-150500_13_24-rt-6-150500.2.1 * kernel-livepatch-5_14_21-150500_13_21-rt-debuginfo-6-150500.2.1 * kernel-livepatch-5_14_21-150500_13_21-rt-6-150500.2.1 * SUSE Linux Enterprise Live Patching 15-SP5 (x86_64) * kernel-livepatch-5_14_21-150500_13_30-rt-debuginfo-4-150500.2.1 * kernel-livepatch-5_14_21-150500_13_24-rt-debuginfo-6-150500.2.1 * kernel-livepatch-SLE15-SP5-RT_Update_9-debugsource-4-150500.2.1 * kernel-livepatch-SLE15-SP5-RT_Update_6-debugsource-6-150500.2.1 * kernel-livepatch-5_14_21-150500_13_27-rt-debuginfo-5-150500.2.1 * kernel-livepatch-SLE15-SP5-RT_Update_8-debugsource-5-150500.2.1 * kernel-livepatch-SLE15-SP5-RT_Update_7-debugsource-6-150500.2.1 * kernel-livepatch-5_14_21-150500_13_27-rt-5-150500.2.1 * kernel-livepatch-5_14_21-150500_13_30-rt-4-150500.2.1 * kernel-livepatch-5_14_21-150500_13_24-rt-6-150500.2.1 * kernel-livepatch-5_14_21-150500_13_21-rt-debuginfo-6-150500.2.1 * kernel-livepatch-5_14_21-150500_13_21-rt-6-150500.2.1 ## References: * https://www.suse.com/security/cve/CVE-2023-52340.html * https://www.suse.com/security/cve/CVE-2024-0565.html * https://www.suse.com/security/cve/CVE-2024-1085.html * https://bugzilla.suse.com/show_bug.cgi?id=1219078 * https://bugzilla.suse.com/show_bug.cgi?id=1219296 * https://bugzilla.suse.com/show_bug.cgi?id=1219432 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Apr 10 08:30:09 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 10 Apr 2024 08:30:09 -0000 Subject: SUSE-SU-2024:1183-1: important: Security update for the Linux Kernel RT (Live Patch 5 for SLE 15 SP5) Message-ID: <171273780999.18320.1832237455529620012@smelt2.prg2.suse.org> # Security update for the Linux Kernel RT (Live Patch 5 for SLE 15 SP5) Announcement ID: SUSE-SU-2024:1183-1 Rating: important References: * bsc#1218613 * bsc#1219078 * bsc#1219296 * bsc#1219432 Cross-References: * CVE-2023-42753 * CVE-2023-52340 * CVE-2024-0565 * CVE-2024-1085 CVSS scores: * CVE-2023-42753 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-42753 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52340 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0565 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0565 ( NVD ): 7.4 CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H * CVE-2024-1085 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-1085 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves four vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_13_18 fixes several issues. The following security issues were fixed: * CVE-2024-0565: Fixed an out-of-bounds memory read flaw in receive_encrypted_standard in fs/smb/client/smb2ops.c (bsc#1219078). * CVE-2023-42753: Fixed an array indexing vulnerability in the netfilter subsystem. This issue may have allowed a local user to crash the system or potentially escalate their privileges (bsc#1218613). * CVE-2024-1085: Fixed nf_tables use-after-free vulnerability in the nft_setelem_catchall_deactivate() function (bsc#1219432). * CVE-2023-52340: Fixed ICMPv6 ?Packet Too Big? packets force a DoS of the Linux kernel by forcing 100% CPU (bsc#1219296). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-1183=1 SUSE-2024-1188=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-1183=1 SUSE-SLE- Module-Live-Patching-15-SP5-2024-1188=1 ## Package List: * openSUSE Leap 15.5 (x86_64) * kernel-livepatch-SLE15-SP5-RT_Update_5-debugsource-7-150500.2.1 * kernel-livepatch-SLE15-SP5-RT_Update_3-debugsource-8-150500.2.1 * kernel-livepatch-5_14_21-150500_13_18-rt-7-150500.2.1 * kernel-livepatch-5_14_21-150500_13_18-rt-debuginfo-7-150500.2.1 * kernel-livepatch-5_14_21-150500_13_11-rt-debuginfo-8-150500.2.1 * kernel-livepatch-5_14_21-150500_13_11-rt-8-150500.2.1 * SUSE Linux Enterprise Live Patching 15-SP5 (x86_64) * kernel-livepatch-SLE15-SP5-RT_Update_5-debugsource-7-150500.2.1 * kernel-livepatch-SLE15-SP5-RT_Update_3-debugsource-8-150500.2.1 * kernel-livepatch-5_14_21-150500_13_18-rt-7-150500.2.1 * kernel-livepatch-5_14_21-150500_13_18-rt-debuginfo-7-150500.2.1 * kernel-livepatch-5_14_21-150500_13_11-rt-debuginfo-8-150500.2.1 * kernel-livepatch-5_14_21-150500_13_11-rt-8-150500.2.1 ## References: * https://www.suse.com/security/cve/CVE-2023-42753.html * https://www.suse.com/security/cve/CVE-2023-52340.html * https://www.suse.com/security/cve/CVE-2024-0565.html * https://www.suse.com/security/cve/CVE-2024-1085.html * https://bugzilla.suse.com/show_bug.cgi?id=1218613 * https://bugzilla.suse.com/show_bug.cgi?id=1219078 * https://bugzilla.suse.com/show_bug.cgi?id=1219296 * https://bugzilla.suse.com/show_bug.cgi?id=1219432 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Apr 10 08:33:19 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 10 Apr 2024 08:33:19 -0000 Subject: SUSE-SU-2024:1196-1: moderate: Security update for xfig Message-ID: <171273799995.18320.9582860919897975735@smelt2.prg2.suse.org> # Security update for xfig Announcement ID: SUSE-SU-2024:1196-1 Rating: moderate References: * bsc#1222057 Cross-References: * CVE-2023-45920 CVSS scores: * CVE-2023-45920 ( SUSE ): 4.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for xfig fixes the following issues: * CVE-2023-45920: Fixed NULL pointer dereference when calling XGetWMHints() (bsc#1222057). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-1196=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * xfig-debuginfo-3.2.8a-4.6.1 * xfig-debugsource-3.2.8a-4.6.1 * xfig-3.2.8a-4.6.1 ## References: * https://www.suse.com/security/cve/CVE-2023-45920.html * https://bugzilla.suse.com/show_bug.cgi?id=1222057 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Apr 10 08:33:25 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 10 Apr 2024 08:33:25 -0000 Subject: SUSE-SU-2024:1192-1: important: Security update for less Message-ID: <171273800526.18320.701946988962706018@smelt2.prg2.suse.org> # Security update for less Announcement ID: SUSE-SU-2024:1192-1 Rating: important References: * bsc#1219901 Cross-References: * CVE-2022-48624 CVSS scores: * CVE-2022-48624 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap Micro 5.3 * openSUSE Leap Micro 5.4 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for less fixes the following issues: * CVE-2022-48624: Fixed LESSCLOSE handling in less that does not quote shell metacharacters (bsc#1219901). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-1192=1 * openSUSE Leap Micro 5.3 zypper in -t patch openSUSE-Leap-Micro-5.3-2024-1192=1 * openSUSE Leap Micro 5.4 zypper in -t patch openSUSE-Leap-Micro-5.4-2024-1192=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1192=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-1192=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-1192=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-1192=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-1192=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-1192=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-1192=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-1192=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-1192=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-1192=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-1192=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-1192=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-1192=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-1192=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-1192=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * less-debugsource-590-150400.3.6.2 * less-debuginfo-590-150400.3.6.2 * less-590-150400.3.6.2 * openSUSE Leap Micro 5.3 (aarch64 x86_64) * less-debugsource-590-150400.3.6.2 * less-debuginfo-590-150400.3.6.2 * less-590-150400.3.6.2 * openSUSE Leap Micro 5.4 (aarch64 s390x x86_64) * less-debugsource-590-150400.3.6.2 * less-debuginfo-590-150400.3.6.2 * less-590-150400.3.6.2 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * less-debugsource-590-150400.3.6.2 * less-debuginfo-590-150400.3.6.2 * less-590-150400.3.6.2 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * less-debugsource-590-150400.3.6.2 * less-debuginfo-590-150400.3.6.2 * less-590-150400.3.6.2 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * less-debugsource-590-150400.3.6.2 * less-debuginfo-590-150400.3.6.2 * less-590-150400.3.6.2 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * less-debugsource-590-150400.3.6.2 * less-debuginfo-590-150400.3.6.2 * less-590-150400.3.6.2 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * less-debugsource-590-150400.3.6.2 * less-debuginfo-590-150400.3.6.2 * less-590-150400.3.6.2 * SUSE Linux Enterprise Micro 5.5 (aarch64 s390x x86_64) * less-debugsource-590-150400.3.6.2 * less-debuginfo-590-150400.3.6.2 * less-590-150400.3.6.2 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * less-debugsource-590-150400.3.6.2 * less-debuginfo-590-150400.3.6.2 * less-590-150400.3.6.2 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * less-debugsource-590-150400.3.6.2 * less-debuginfo-590-150400.3.6.2 * less-590-150400.3.6.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * less-debugsource-590-150400.3.6.2 * less-debuginfo-590-150400.3.6.2 * less-590-150400.3.6.2 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * less-debugsource-590-150400.3.6.2 * less-debuginfo-590-150400.3.6.2 * less-590-150400.3.6.2 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * less-debugsource-590-150400.3.6.2 * less-debuginfo-590-150400.3.6.2 * less-590-150400.3.6.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * less-debugsource-590-150400.3.6.2 * less-debuginfo-590-150400.3.6.2 * less-590-150400.3.6.2 * SUSE Manager Proxy 4.3 (x86_64) * less-debugsource-590-150400.3.6.2 * less-debuginfo-590-150400.3.6.2 * less-590-150400.3.6.2 * SUSE Manager Retail Branch Server 4.3 (x86_64) * less-debugsource-590-150400.3.6.2 * less-debuginfo-590-150400.3.6.2 * less-590-150400.3.6.2 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * less-debugsource-590-150400.3.6.2 * less-debuginfo-590-150400.3.6.2 * less-590-150400.3.6.2 ## References: * https://www.suse.com/security/cve/CVE-2022-48624.html * https://bugzilla.suse.com/show_bug.cgi?id=1219901 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Apr 10 08:33:30 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 10 Apr 2024 08:33:30 -0000 Subject: SUSE-SU-2024:1190-1: important: Security update for less Message-ID: <171273801062.18320.2493778602069979775@smelt2.prg2.suse.org> # Security update for less Announcement ID: SUSE-SU-2024:1190-1 Rating: important References: * bsc#1219901 Cross-References: * CVE-2022-48624 CVSS scores: * CVE-2022-48624 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves one vulnerability can now be installed. ## Description: This update for less fixes the following issues: * CVE-2022-48624: Fixed LESSCLOSE handling in less that does not quote shell metacharacters (bsc#1219901). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-1190=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-1190=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-1190=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-1190=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-1190=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-1190=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-1190=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-1190=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-1190=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-1190=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * less-debugsource-530-150000.3.6.2 * less-530-150000.3.6.2 * less-debuginfo-530-150000.3.6.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * less-debugsource-530-150000.3.6.2 * less-530-150000.3.6.2 * less-debuginfo-530-150000.3.6.2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * less-debugsource-530-150000.3.6.2 * less-530-150000.3.6.2 * less-debuginfo-530-150000.3.6.2 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * less-debugsource-530-150000.3.6.2 * less-530-150000.3.6.2 * less-debuginfo-530-150000.3.6.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * less-debugsource-530-150000.3.6.2 * less-530-150000.3.6.2 * less-debuginfo-530-150000.3.6.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * less-debugsource-530-150000.3.6.2 * less-530-150000.3.6.2 * less-debuginfo-530-150000.3.6.2 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * less-debugsource-530-150000.3.6.2 * less-530-150000.3.6.2 * less-debuginfo-530-150000.3.6.2 * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * less-debugsource-530-150000.3.6.2 * less-530-150000.3.6.2 * less-debuginfo-530-150000.3.6.2 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * less-debugsource-530-150000.3.6.2 * less-530-150000.3.6.2 * less-debuginfo-530-150000.3.6.2 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * less-debugsource-530-150000.3.6.2 * less-530-150000.3.6.2 * less-debuginfo-530-150000.3.6.2 ## References: * https://www.suse.com/security/cve/CVE-2022-48624.html * https://bugzilla.suse.com/show_bug.cgi?id=1219901 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Apr 10 08:33:32 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 10 Apr 2024 08:33:32 -0000 Subject: SUSE-SU-2024:1189-1: important: Security update for less Message-ID: <171273801226.18320.8721917167409640994@smelt2.prg2.suse.org> # Security update for less Announcement ID: SUSE-SU-2024:1189-1 Rating: important References: * bsc#1219901 Cross-References: * CVE-2022-48624 CVSS scores: * CVE-2022-48624 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for less fixes the following issues: * CVE-2022-48624: Fixed LESSCLOSE handling in less that does not quote shell metacharacters (bsc#1219901). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1189=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1189=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1189=1 ## Package List: * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * less-debugsource-458-7.12.1 * less-458-7.12.1 * less-debuginfo-458-7.12.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * less-debugsource-458-7.12.1 * less-458-7.12.1 * less-debuginfo-458-7.12.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * less-458-7.12.1 * less-debugsource-458-7.12.1 * less-debuginfo-458-7.12.1 ## References: * https://www.suse.com/security/cve/CVE-2022-48624.html * https://bugzilla.suse.com/show_bug.cgi?id=1219901 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Apr 10 12:30:03 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 10 Apr 2024 12:30:03 -0000 Subject: SUSE-SU-2024:1198-1: moderate: Security update for apache2-mod_jk Message-ID: <171275220316.24127.13624331811748351242@smelt2.prg2.suse.org> # Security update for apache2-mod_jk Announcement ID: SUSE-SU-2024:1198-1 Rating: moderate References: * bsc#1167896 * bsc#1206261 * bsc#1215301 Cross-References: * CVE-2023-41081 CVSS scores: * CVE-2023-41081 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2023-41081 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability and has two security fixes can now be installed. ## Description: This update for apache2-mod_jk fixes the following issues: * Upgrade from version 1.2.40 to 1.2.49 * CVE-2023-41081: Fix an information disclosure issue in mod_jk. (bsc#1215301) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1198=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1198=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1198=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * apache2-mod_jk-debuginfo-1.2.49-7.9.1 * apache2-mod_jk-1.2.49-7.9.1 * apache2-mod_jk-debugsource-1.2.49-7.9.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * apache2-mod_jk-debuginfo-1.2.49-7.9.1 * apache2-mod_jk-1.2.49-7.9.1 * apache2-mod_jk-debugsource-1.2.49-7.9.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * apache2-mod_jk-debuginfo-1.2.49-7.9.1 * apache2-mod_jk-1.2.49-7.9.1 * apache2-mod_jk-debugsource-1.2.49-7.9.1 ## References: * https://www.suse.com/security/cve/CVE-2023-41081.html * https://bugzilla.suse.com/show_bug.cgi?id=1167896 * https://bugzilla.suse.com/show_bug.cgi?id=1206261 * https://bugzilla.suse.com/show_bug.cgi?id=1215301 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Apr 10 16:30:04 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 10 Apr 2024 16:30:04 -0000 Subject: SUSE-SU-2024:1199-1: important: Security update for xorg-x11-server Message-ID: <171276660494.19366.18151243555935371261@smelt2.prg2.suse.org> # Security update for xorg-x11-server Announcement ID: SUSE-SU-2024:1199-1 Rating: important References: * bsc#1222309 * bsc#1222310 * bsc#1222311 * bsc#1222312 Cross-References: * CVE-2024-31080 * CVE-2024-31081 * CVE-2024-31082 * CVE-2024-31083 CVSS scores: * CVE-2024-31080 ( SUSE ): 7.6 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-31081 ( SUSE ): 7.6 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-31082 ( SUSE ): 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H * CVE-2024-31083 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 An update that solves four vulnerabilities can now be installed. ## Description: This update for xorg-x11-server fixes the following issues: * CVE-2024-31080: Fixed ProcXIGetSelectedEvents to use unswapped length (bsc#1222309). * CVE-2024-31081: Fixed ProcXIPassiveGrabDevice to use unswapped length to send reply (bsc#1222310). * CVE-2024-31082: Fixed ProcAppleDRICreatePixmap to use unswapped length to send reply (bsc#1222311). * CVE-2024-31083: Fixed refcounting of glyphs during ProcRenderAddGlyphs (bsc#1222312). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-1199=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1199=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1199=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1199=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * xorg-x11-server-sdk-1.19.6-10.71.1 * xorg-x11-server-debuginfo-1.19.6-10.71.1 * xorg-x11-server-debugsource-1.19.6-10.71.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * xorg-x11-server-debugsource-1.19.6-10.71.1 * xorg-x11-server-extra-debuginfo-1.19.6-10.71.1 * xorg-x11-server-1.19.6-10.71.1 * xorg-x11-server-extra-1.19.6-10.71.1 * xorg-x11-server-debuginfo-1.19.6-10.71.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * xorg-x11-server-debugsource-1.19.6-10.71.1 * xorg-x11-server-extra-debuginfo-1.19.6-10.71.1 * xorg-x11-server-1.19.6-10.71.1 * xorg-x11-server-extra-1.19.6-10.71.1 * xorg-x11-server-debuginfo-1.19.6-10.71.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * xorg-x11-server-debugsource-1.19.6-10.71.1 * xorg-x11-server-extra-debuginfo-1.19.6-10.71.1 * xorg-x11-server-1.19.6-10.71.1 * xorg-x11-server-extra-1.19.6-10.71.1 * xorg-x11-server-debuginfo-1.19.6-10.71.1 ## References: * https://www.suse.com/security/cve/CVE-2024-31080.html * https://www.suse.com/security/cve/CVE-2024-31081.html * https://www.suse.com/security/cve/CVE-2024-31082.html * https://www.suse.com/security/cve/CVE-2024-31083.html * https://bugzilla.suse.com/show_bug.cgi?id=1222309 * https://bugzilla.suse.com/show_bug.cgi?id=1222310 * https://bugzilla.suse.com/show_bug.cgi?id=1222311 * https://bugzilla.suse.com/show_bug.cgi?id=1222312 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Apr 11 12:30:08 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 11 Apr 2024 12:30:08 -0000 Subject: SUSE-SU-2024:1205-1: important: Security update for tomcat Message-ID: <171283860842.21618.16367608002208661195@smelt2.prg2.suse.org> # Security update for tomcat Announcement ID: SUSE-SU-2024:1205-1 Rating: important References: * bsc#1221385 * bsc#1221386 Cross-References: * CVE-2024-23672 * CVE-2024-24549 CVSS scores: * CVE-2024-23672 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-24549 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves two vulnerabilities can now be installed. ## Description: This update for tomcat fixes the following issues: * CVE-2024-24549: Fixed denial of service during header validation for HTTP/2 stream (bsc#1221386) * CVE-2024-23672: Fixed denial of service due to malicious WebSocket client keeping connection open (bsc#1221385) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1205=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1205=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1205=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 12 SP5 (noarch) * tomcat-admin-webapps-9.0.36-3.124.1 * tomcat-jsp-2_3-api-9.0.36-3.124.1 * tomcat-docs-webapp-9.0.36-3.124.1 * tomcat-lib-9.0.36-3.124.1 * tomcat-el-3_0-api-9.0.36-3.124.1 * tomcat-servlet-4_0-api-9.0.36-3.124.1 * tomcat-9.0.36-3.124.1 * tomcat-javadoc-9.0.36-3.124.1 * tomcat-webapps-9.0.36-3.124.1 * SUSE Linux Enterprise Server 12 SP5 (noarch) * tomcat-admin-webapps-9.0.36-3.124.1 * tomcat-jsp-2_3-api-9.0.36-3.124.1 * tomcat-docs-webapp-9.0.36-3.124.1 * tomcat-lib-9.0.36-3.124.1 * tomcat-el-3_0-api-9.0.36-3.124.1 * tomcat-servlet-4_0-api-9.0.36-3.124.1 * tomcat-9.0.36-3.124.1 * tomcat-javadoc-9.0.36-3.124.1 * tomcat-webapps-9.0.36-3.124.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (noarch) * tomcat-admin-webapps-9.0.36-3.124.1 * tomcat-jsp-2_3-api-9.0.36-3.124.1 * tomcat-docs-webapp-9.0.36-3.124.1 * tomcat-lib-9.0.36-3.124.1 * tomcat-el-3_0-api-9.0.36-3.124.1 * tomcat-servlet-4_0-api-9.0.36-3.124.1 * tomcat-9.0.36-3.124.1 * tomcat-javadoc-9.0.36-3.124.1 * tomcat-webapps-9.0.36-3.124.1 ## References: * https://www.suse.com/security/cve/CVE-2024-23672.html * https://www.suse.com/security/cve/CVE-2024-24549.html * https://bugzilla.suse.com/show_bug.cgi?id=1221385 * https://bugzilla.suse.com/show_bug.cgi?id=1221386 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Apr 11 12:30:10 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 11 Apr 2024 12:30:10 -0000 Subject: SUSE-SU-2024:1204-1: important: Security update for tomcat10 Message-ID: <171283861003.21618.2013162332152983764@smelt2.prg2.suse.org> # Security update for tomcat10 Announcement ID: SUSE-SU-2024:1204-1 Rating: important References: * bsc#1221385 * bsc#1221386 Cross-References: * CVE-2024-23672 * CVE-2024-24549 CVSS scores: * CVE-2024-23672 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-24549 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * Web and Scripting Module 15-SP5 An update that solves two vulnerabilities can now be installed. ## Description: This update for tomcat10 fixes the following issues: * CVE-2024-24549: Fixed denial of service during header validation for HTTP/2 stream (bsc#1221386) * CVE-2024-23672: Fixed denial of service due to malicious WebSocket client keeping connection open (bsc#1221385) Other fixes: \- Update to Tomcat 10.1.20 * Catalina \+ Fix: Minor performance improvement for building filter chains. Based on ideas from #702 by Luke Miao. (remm) \+ Fix: Align error handling for Writer and OutputStream. Ensure use of either once the response has been recycled triggers a NullPointerException provided that discardFacades is configured with the default value of true. (markt) \+ Fix: 68692: The standard thread pool implementations that are configured using the Executor element now implement ExecutorService for better support NIO2. (remm) \+ Fix: 68495: When restoring a saved POST request after a successful FORM authentication, ensure that neither the URI, the query string nor the protocol are corrupted when restoring the request body. (markt) \+ Fix: After forwarding a request, attempt to unwrap the response in order to suspend it, instead of simply closing it if it was wrapped. Add a new suspendWrappedResponseAfterForward boolean attribute on Context to control the bahavior, defaulting to false. (remm) \+ Fix: 68721: Workaround a possible cause of duplicate class definitions when using ClassFileTransformers and the transformation of a class also triggers the loading of the same class. (markt) \+ Fix: The rewrite valve should not do a rewrite if the output is identical to the input. (remm) \+ Update: Add a new valveSkip (or VS) rule flag to the rewrite valve to allow skipping over the next valve in the Catalina pipeline. (remm) \+ Update: Add highConcurrencyStatus attribute to the SemaphoreValve to optionally allow the valve to return an error status code to the client when a permit cannot be acquired from the semaphore. (remm) \+ Add: Add checking of the "age" of the running Tomcat instance since its build-date to the SecurityListener, and log a warning if the server is old. (schultz) \+ Fix: When using the AsyncContext, throw an IllegalStateException, rather than allowing an NullPointerException, if an attempt is made to use the AsyncContext after it has been recycled. (markt) \+ Fix: Correct JPMS and OSGi meta-data for tomcat-embed- core.jar by removing reference to org.apache.catalina.ssi package that is no longer included in the JAR. Based on pull request #684 by Jendrik Johannes. (markt) \+ Fix: Fix ServiceBindingPropertySource so that trailing \r\n sequences are correctly removed from files containing property values when configured to do so. Bug identified by Coverity Scan. (markt) \+ Add: Add improvements to the CSRF prevention filter including the ability to skip adding nonces for resource name and subtree URL patterns. (schultz) \+ Fix: Review usage of debug logging and downgrade trace or data dumping operations from debug level to trace. (remm) \+ Fix: 68089: Further improve the performance of request attribute access for ApplicationHttpRequest and ApplicationRequest. (markt) \+ Fix: 68559: Allow asynchronous error handling to write to the response after an error during asynchronous processing. (markt) * Coyote \+ Fix: Improve the HTTP/2 stream prioritisation process. If a stream uses all of the connection windows and still has content to write, it will now be added to the backlog immediately rather than waiting until the write attempt for the remaining content. (markt) \+ Fix: Add threadsMaxIdleTime attribute to the endpoint, to allow configuring the amount of time before an internal executor will scale back to the configured minSpareThreads size. (remm) \+ Fix: Correct a regression in the support for user provided SSLContext instances that broke the org.apache.catalina.security.TLSCertificateReloadListener. (markt) \+ Fix: Setting a null value for a cookie attribute should remove the attribute. (markt) \+ Fix: Make asynchronous error handling more robust. Ensure that once a connection is marked to be closed, further asynchronous processing cannot change that. (markt) \+ Fix: Make asynchronous error handling more robust. Ensure that once the call to AsyncListener.onError() has returned to the container, only container threads can access the AsyncContext. This protects against various race conditions that woudl otherwise occur if application threads continued to access the AsyncContext. \+ Fix: Review usage of debug logging and downgrade trace or data dumping operations from debug level to trace. In particular, most of the HTTP/2 debug logging has been changed to trace level. (remm) \+ Fix: Add support for user provided SSLContext instances configured on SSLHostConfigCertificate instances. Based on pull request #673 provided by Hakan Alt?nda?. (markt) \+ Fix: Partial fix for 68558: Cache the result of converting to String for request URI, HTTP header names and the request Content-Type value to improve performance by reducing repeated byte[] to String conversions. (markt) \+ Fix: Improve error reporting to HTTP/2 clients for header processing errors by reporting problems at the end of the frame where the error was detected rather than at the end of the headers. (markt) \+ Fix: Remove the remaining reference to a stream once the stream has been recycled. This makes the stream eligible for garbage collection earlier and thereby improves scalability. (markt) * Jasper \+ Add: Add support for specifying Java 22 (with the value 22) as the compiler source and/or compiler target for JSP compilation. If used with an Eclipse JDT compiler version that does not support these values, a warning will be logged and the default will used. (markt) \+ Fix: Handle the case where the JSP engine forwards a request/response to a Servlet that uses an OutputStream rather than a Writer. This was triggering an IllegalStateException on code paths where there was a subsequent attempt to obtain a Writer. (markt) \+ Fix: Correctly handle the case where a tag library is packaged in a JAR file and the web application is deployed as a WAR file rather than an unpacked directory. (markt) \+ Fix: 68546: Generate optimal size and types for JSP imports maps, as suggested by John Engebretson. (remm) \+ Fix: Review usage of debug logging and downgrade trace or data dumping operations from debug level to trace. (remm) * Cluster \+ Fix: Avoid updating request count stats on async. (remm) * WebSocket \+ Fix: Correct a regression in the fix for 66508 that could cause an UpgradeProcessor leak in some circumstances. (markt) \+ Fix: Review usage of debug logging and downgrade trace or data dumping operations from debug level to trace. (remm) \+ Fix: Ensure that WebSocket connection closure completes if the connection is closed when the server side has used the proprietary suspend/resume feature to suspend the connection. (markt) * Web applications Add: Add support for responses in JSON format from the examples application RequestHeaderExample. (schultz) * Other \+ Add: Improvements to French translations. (remm) \+ Add: Improvements to Japanese translations by tak7iji. (markt) \+ Fix: 57130: Allow digest.(sh|bat) to accept password from a file or stdin. (csutherl/schultz) \+ Update: Update Checkstyle to 10.14.1. (markt) \+ Fix: Correct the remaining OSGi contract references in the manifest files to refer to the Jakarta EE contract names rather than the Java EE contract names. Based on pull request #685 provided by Paul A. Nicolucci. (markt) \+ Update: Update Checkstyle to 10.13.0. (markt) \+ Update: Update JSign to 6.0. (markt) \+ Update: Update the packaged version of the Tomcat Migration Tool for Jakarta EE to 1.0.7. (markt) \+ Update: Update Tomcat Native to 2.0.7. (markt) \+ Update: Add strings for debug level messages. (remm) \+ Add: Improvements to French translations. (remm) \+ Add: Improvements to Japanese translations by tak7iji. (markt) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1204=1 * Web and Scripting Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Web-Scripting-15-SP5-2024-1204=1 ## Package List: * openSUSE Leap 15.5 (noarch) * tomcat10-admin-webapps-10.1.20-150200.5.22.2 * tomcat10-lib-10.1.20-150200.5.22.2 * tomcat10-webapps-10.1.20-150200.5.22.2 * tomcat10-el-5_0-api-10.1.20-150200.5.22.2 * tomcat10-10.1.20-150200.5.22.2 * tomcat10-servlet-6_0-api-10.1.20-150200.5.22.2 * tomcat10-embed-10.1.20-150200.5.22.2 * tomcat10-jsvc-10.1.20-150200.5.22.2 * tomcat10-jsp-3_1-api-10.1.20-150200.5.22.2 * tomcat10-docs-webapp-10.1.20-150200.5.22.2 * Web and Scripting Module 15-SP5 (noarch) * tomcat10-admin-webapps-10.1.20-150200.5.22.2 * tomcat10-lib-10.1.20-150200.5.22.2 * tomcat10-webapps-10.1.20-150200.5.22.2 * tomcat10-el-5_0-api-10.1.20-150200.5.22.2 * tomcat10-10.1.20-150200.5.22.2 * tomcat10-servlet-6_0-api-10.1.20-150200.5.22.2 * tomcat10-jsp-3_1-api-10.1.20-150200.5.22.2 ## References: * https://www.suse.com/security/cve/CVE-2024-23672.html * https://www.suse.com/security/cve/CVE-2024-24549.html * https://bugzilla.suse.com/show_bug.cgi?id=1221385 * https://bugzilla.suse.com/show_bug.cgi?id=1221386 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Apr 11 12:30:11 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 11 Apr 2024 12:30:11 -0000 Subject: SUSE-SU-2024:1203-1: moderate: Security update for texlive-specs-k Message-ID: <171283861192.21618.5470960415333670482@smelt2.prg2.suse.org> # Security update for texlive-specs-k Announcement ID: SUSE-SU-2024:1203-1 Rating: moderate References: * bsc#1028271 Cross-References: * CVE-2016-10243 CVSS scores: * CVE-2016-10243 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2016-10243 ( NVD ): 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for texlive-specs-k fixes the following issues: CVE-2016-10243: Fixed arbitrary code execution via mpost during TeX document compilation (bsc#1028271) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-1203=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (noarch) * texlive-koma-script-2013.84.3.11bsvn29774-21.3.1 * texlive-kastrup-2013.84.svn15878-21.3.1 * texlive-kpathsea-2013.84.svn30218-21.3.1 ## References: * https://www.suse.com/security/cve/CVE-2016-10243.html * https://bugzilla.suse.com/show_bug.cgi?id=1028271 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Apr 11 16:30:02 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 11 Apr 2024 16:30:02 -0000 Subject: SUSE-SU-2024:1239-1: important: Security update for the Linux Kernel (Live Patch 9 for SLE 15 SP5) Message-ID: <171285300287.4699.1894403380896995210@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 9 for SLE 15 SP5) Announcement ID: SUSE-SU-2024:1239-1 Rating: important References: * bsc#1219078 * bsc#1219296 * bsc#1219432 Cross-References: * CVE-2023-52340 * CVE-2024-0565 * CVE-2024-1085 CVSS scores: * CVE-2023-52340 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0565 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0565 ( NVD ): 7.4 CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H * CVE-2024-1085 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-1085 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves three vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_55_44 fixes several issues. The following security issues were fixed: * CVE-2024-0565: Fixed an out-of-bounds memory read flaw in receive_encrypted_standard in fs/smb/client/smb2ops.c (bsc#1219078). * CVE-2024-1085: Fixed nf_tables use-after-free vulnerability in the nft_setelem_catchall_deactivate() function (bsc#1219432). * CVE-2023-52340: Fixed ICMPv6 ?Packet Too Big? packets force a DoS of the Linux kernel by forcing 100% CPU (bsc#1219296). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-1241=1 SUSE-2024-1239=1 SUSE-2024-1240=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-1240=1 SUSE-SLE- Module-Live-Patching-15-SP5-2024-1241=1 SUSE-SLE-Module-Live- Patching-15-SP5-2024-1239=1 ## Package List: * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP5_Update_9-debugsource-4-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_7-debugsource-5-150500.2.1 * kernel-livepatch-5_14_21-150500_55_39-default-debuginfo-5-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_8-debugsource-5-150500.2.1 * kernel-livepatch-5_14_21-150500_55_39-default-5-150500.2.1 * kernel-livepatch-5_14_21-150500_55_44-default-debuginfo-4-150500.2.1 * kernel-livepatch-5_14_21-150500_55_44-default-4-150500.2.1 * kernel-livepatch-5_14_21-150500_55_36-default-5-150500.2.1 * kernel-livepatch-5_14_21-150500_55_36-default-debuginfo-5-150500.2.1 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP5_Update_9-debugsource-4-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_7-debugsource-5-150500.2.1 * kernel-livepatch-5_14_21-150500_55_39-default-debuginfo-5-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_8-debugsource-5-150500.2.1 * kernel-livepatch-5_14_21-150500_55_39-default-5-150500.2.1 * kernel-livepatch-5_14_21-150500_55_44-default-debuginfo-4-150500.2.1 * kernel-livepatch-5_14_21-150500_55_44-default-4-150500.2.1 * kernel-livepatch-5_14_21-150500_55_36-default-5-150500.2.1 * kernel-livepatch-5_14_21-150500_55_36-default-debuginfo-5-150500.2.1 ## References: * https://www.suse.com/security/cve/CVE-2023-52340.html * https://www.suse.com/security/cve/CVE-2024-0565.html * https://www.suse.com/security/cve/CVE-2024-1085.html * https://bugzilla.suse.com/show_bug.cgi?id=1219078 * https://bugzilla.suse.com/show_bug.cgi?id=1219296 * https://bugzilla.suse.com/show_bug.cgi?id=1219432 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Apr 11 16:30:06 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 11 Apr 2024 16:30:06 -0000 Subject: SUSE-SU-2024:1236-1: important: Security update for the Linux Kernel (Live Patch 3 for SLE 15 SP5) Message-ID: <171285300615.4699.300868194255461648@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 3 for SLE 15 SP5) Announcement ID: SUSE-SU-2024:1236-1 Rating: important References: * bsc#1218613 * bsc#1219078 * bsc#1219296 * bsc#1219432 Cross-References: * CVE-2023-42753 * CVE-2023-52340 * CVE-2024-0565 * CVE-2024-1085 CVSS scores: * CVE-2023-42753 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-42753 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52340 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0565 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0565 ( NVD ): 7.4 CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H * CVE-2024-1085 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-1085 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves four vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_55_19 fixes several issues. The following security issues were fixed: * CVE-2024-0565: Fixed an out-of-bounds memory read flaw in receive_encrypted_standard in fs/smb/client/smb2ops.c (bsc#1219078). * CVE-2023-42753: Fixed an array indexing vulnerability in the netfilter subsystem. This issue may have allowed a local user to crash the system or potentially escalate their privileges (bsc#1218613). * CVE-2024-1085: Fixed nf_tables use-after-free vulnerability in the nft_setelem_catchall_deactivate() function (bsc#1219432). * CVE-2023-52340: Fixed ICMPv6 ?Packet Too Big? packets force a DoS of the Linux kernel by forcing 100% CPU (bsc#1219296). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-1236=1 SUSE-SLE- Module-Live-Patching-15-SP5-2024-1245=1 SUSE-SLE-Module-Live- Patching-15-SP5-2024-1238=1 * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-1245=1 SUSE-2024-1238=1 SUSE-2024-1236=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_12-default-9-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_3-debugsource-8-150500.2.1 * kernel-livepatch-5_14_21-150500_53-default-10-150500.9.2 * kernel-livepatch-5_14_21-150500_55_12-default-debuginfo-9-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_2-debugsource-9-150500.2.1 * kernel-livepatch-5_14_21-150500_53-default-debuginfo-10-150500.9.2 * kernel-livepatch-5_14_21-150500_55_19-default-debuginfo-8-150500.2.1 * kernel-livepatch-5_14_21-150500_55_19-default-8-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_0-debugsource-10-150500.9.2 * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_12-default-9-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_3-debugsource-8-150500.2.1 * kernel-livepatch-5_14_21-150500_53-default-10-150500.9.2 * kernel-livepatch-5_14_21-150500_55_12-default-debuginfo-9-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_2-debugsource-9-150500.2.1 * kernel-livepatch-5_14_21-150500_53-default-debuginfo-10-150500.9.2 * kernel-livepatch-5_14_21-150500_55_19-default-debuginfo-8-150500.2.1 * kernel-livepatch-5_14_21-150500_55_19-default-8-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_0-debugsource-10-150500.9.2 ## References: * https://www.suse.com/security/cve/CVE-2023-42753.html * https://www.suse.com/security/cve/CVE-2023-52340.html * https://www.suse.com/security/cve/CVE-2024-0565.html * https://www.suse.com/security/cve/CVE-2024-1085.html * https://bugzilla.suse.com/show_bug.cgi?id=1218613 * https://bugzilla.suse.com/show_bug.cgi?id=1219078 * https://bugzilla.suse.com/show_bug.cgi?id=1219296 * https://bugzilla.suse.com/show_bug.cgi?id=1219432 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Apr 11 16:30:08 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 11 Apr 2024 16:30:08 -0000 Subject: SUSE-SU-2024:1229-1: important: Security update for the Linux Kernel (Live Patch 40 for SLE 15 SP3) Message-ID: <171285300842.4699.55526103441068975@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 40 for SLE 15 SP3) Announcement ID: SUSE-SU-2024:1229-1 Rating: important References: * bsc#1219078 * bsc#1219296 Cross-References: * CVE-2023-52340 * CVE-2024-0565 CVSS scores: * CVE-2023-52340 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0565 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0565 ( NVD ): 7.4 CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise Live Patching 15-SP2 * SUSE Linux Enterprise Live Patching 15-SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves two vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.3.18-150300_59_147 fixes several issues. The following security issues were fixed: * CVE-2024-0565: Fixed an out-of-bounds memory read flaw in receive_encrypted_standard in fs/smb/client/smb2ops.c (bsc#1219078). * CVE-2023-52340: Fixed ICMPv6 ?Packet Too Big? packets force a DoS of the Linux kernel by forcing 100% CPU (bsc#1219296). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP2 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP2-2024-1226=1 SUSE-SLE- Module-Live-Patching-15-SP2-2024-1229=1 SUSE-SLE-Module-Live- Patching-15-SP2-2024-1224=1 SUSE-SLE-Module-Live-Patching-15-SP2-2024-1225=1 * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-1243=1 SUSE-2024-1244=1 SUSE-2024-1235=1 * SUSE Linux Enterprise Live Patching 15-SP3 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2024-1243=1 SUSE-SLE- Module-Live-Patching-15-SP3-2024-1244=1 SUSE-SLE-Module-Live- Patching-15-SP3-2024-1235=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP2 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150200_24_175-default-5-150200.2.1 * kernel-livepatch-SLE15-SP2_Update_43-debugsource-5-150200.2.1 * kernel-livepatch-5_3_18-150200_24_169-default-6-150200.2.1 * kernel-livepatch-5_3_18-150200_24_169-default-debuginfo-6-150200.2.1 * kernel-livepatch-SLE15-SP2_Update_44-debugsource-5-150200.2.1 * kernel-livepatch-5_3_18-150200_24_175-default-debuginfo-5-150200.2.1 * kernel-livepatch-SLE15-SP2_Update_42-debugsource-6-150200.2.1 * kernel-livepatch-SLE15-SP2_Update_41-debugsource-7-150200.2.1 * kernel-livepatch-5_3_18-150200_24_172-default-debuginfo-5-150200.2.1 * kernel-livepatch-5_3_18-150200_24_166-default-7-150200.2.1 * kernel-livepatch-5_3_18-150200_24_166-default-debuginfo-7-150200.2.1 * kernel-livepatch-5_3_18-150200_24_172-default-5-150200.2.1 * openSUSE Leap 15.3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_144-default-debuginfo-5-150300.2.1 * kernel-livepatch-SLE15-SP3_Update_40-debugsource-5-150300.2.1 * kernel-livepatch-5_3_18-150300_59_141-default-debuginfo-6-150300.2.1 * kernel-livepatch-SLE15-SP3_Update_38-debugsource-6-150300.2.1 * kernel-livepatch-5_3_18-150300_59_144-default-5-150300.2.1 * kernel-livepatch-5_3_18-150300_59_141-default-6-150300.2.1 * kernel-livepatch-5_3_18-150300_59_147-default-5-150300.2.1 * kernel-livepatch-SLE15-SP3_Update_39-debugsource-5-150300.2.1 * kernel-livepatch-5_3_18-150300_59_147-default-debuginfo-5-150300.2.1 * openSUSE Leap 15.3 (x86_64) * kernel-livepatch-5_3_18-150300_59_141-preempt-6-150300.2.1 * kernel-livepatch-5_3_18-150300_59_141-preempt-debuginfo-6-150300.2.1 * kernel-livepatch-5_3_18-150300_59_144-preempt-5-150300.2.1 * kernel-livepatch-5_3_18-150300_59_147-preempt-5-150300.2.1 * kernel-livepatch-5_3_18-150300_59_147-preempt-debuginfo-5-150300.2.1 * kernel-livepatch-5_3_18-150300_59_144-preempt-debuginfo-5-150300.2.1 * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_144-default-5-150300.2.1 * kernel-livepatch-5_3_18-150300_59_141-default-6-150300.2.1 * kernel-livepatch-5_3_18-150300_59_147-default-5-150300.2.1 ## References: * https://www.suse.com/security/cve/CVE-2023-52340.html * https://www.suse.com/security/cve/CVE-2024-0565.html * https://bugzilla.suse.com/show_bug.cgi?id=1219078 * https://bugzilla.suse.com/show_bug.cgi?id=1219296 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Apr 11 16:30:10 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 11 Apr 2024 16:30:10 -0000 Subject: SUSE-SU-2024:1246-1: important: Security update for the Linux Kernel (Live Patch 36 for SLE 15 SP3) Message-ID: <171285301062.4699.7981498387140036781@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 36 for SLE 15 SP3) Announcement ID: SUSE-SU-2024:1246-1 Rating: important References: * bsc#1218613 * bsc#1219078 * bsc#1219296 Cross-References: * CVE-2023-42753 * CVE-2023-52340 * CVE-2024-0565 CVSS scores: * CVE-2023-42753 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-42753 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52340 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0565 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0565 ( NVD ): 7.4 CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise Live Patching 15-SP2 * SUSE Linux Enterprise Live Patching 15-SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves three vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.3.18-150300_59_133 fixes several issues. The following security issues were fixed: * CVE-2024-0565: Fixed an out-of-bounds memory read flaw in receive_encrypted_standard in fs/smb/client/smb2ops.c (bsc#1219078). * CVE-2023-42753: Fixed an array indexing vulnerability in the netfilter subsystem. This issue may have allowed a local user to crash the system or potentially escalate their privileges (bsc#1218613). * CVE-2023-52340: Fixed ICMPv6 ?Packet Too Big? packets force a DoS of the Linux kernel by forcing 100% CPU (bsc#1219296). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP2 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP2-2024-1246=1 SUSE-SLE- Module-Live-Patching-15-SP2-2024-1220=1 SUSE-SLE-Module-Live- Patching-15-SP2-2024-1221=1 SUSE-SLE-Module-Live-Patching-15-SP2-2024-1222=1 SUSE-SLE-Module-Live-Patching-15-SP2-2024-1223=1 * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-1230=1 SUSE-2024-1237=1 SUSE-2024-1242=1 SUSE-2024-1232=1 SUSE-2024-1233=1 SUSE-2024-1234=1 * SUSE Linux Enterprise Live Patching 15-SP3 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2024-1230=1 SUSE-SLE- Module-Live-Patching-15-SP3-2024-1237=1 SUSE-SLE-Module-Live- Patching-15-SP3-2024-1242=1 SUSE-SLE-Module-Live-Patching-15-SP3-2024-1232=1 SUSE-SLE-Module-Live-Patching-15-SP3-2024-1233=1 SUSE-SLE-Module-Live- Patching-15-SP3-2024-1234=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP2 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150200_24_154-default-10-150200.2.1 * kernel-livepatch-SLE15-SP2_Update_34-debugsource-13-150200.2.1 * kernel-livepatch-5_3_18-150200_24_160-default-8-150200.2.1 * kernel-livepatch-5_3_18-150200_24_151-default-debuginfo-12-150200.2.1 * kernel-livepatch-SLE15-SP2_Update_38-debugsource-9-150200.2.1 * kernel-livepatch-5_3_18-150200_24_157-default-debuginfo-9-150200.2.1 * kernel-livepatch-SLE15-SP2_Update_39-debugsource-8-150200.2.1 * kernel-livepatch-SLE15-SP2_Update_36-debugsource-12-150200.2.1 * kernel-livepatch-SLE15-SP2_Update_37-debugsource-10-150200.2.1 * kernel-livepatch-5_3_18-150200_24_157-default-9-150200.2.1 * kernel-livepatch-5_3_18-150200_24_151-default-12-150200.2.1 * kernel-livepatch-5_3_18-150200_24_145-default-13-150200.2.1 * kernel-livepatch-5_3_18-150200_24_160-default-debuginfo-8-150200.2.1 * kernel-livepatch-5_3_18-150200_24_154-default-debuginfo-10-150200.2.1 * kernel-livepatch-5_3_18-150200_24_145-default-debuginfo-13-150200.2.1 * openSUSE Leap 15.3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_118-default-12-150300.2.1 * kernel-livepatch-5_3_18-150300_59_115-default-debuginfo-13-150300.2.1 * kernel-livepatch-5_3_18-150300_59_133-default-7-150300.2.1 * kernel-livepatch-5_3_18-150300_59_127-default-9-150300.2.1 * kernel-livepatch-5_3_18-150300_59_118-default-debuginfo-12-150300.2.1 * kernel-livepatch-5_3_18-150300_59_121-default-debuginfo-12-150300.2.1 * kernel-livepatch-5_3_18-150300_59_127-default-debuginfo-9-150300.2.1 * kernel-livepatch-SLE15-SP3_Update_36-debugsource-7-150300.2.1 * kernel-livepatch-5_3_18-150300_59_124-default-debuginfo-10-150300.2.1 * kernel-livepatch-5_3_18-150300_59_124-default-10-150300.2.1 * kernel-livepatch-SLE15-SP3_Update_33-debugsource-10-150300.2.1 * kernel-livepatch-SLE15-SP3_Update_34-debugsource-9-150300.2.1 * kernel-livepatch-SLE15-SP3_Update_32-debugsource-12-150300.2.1 * kernel-livepatch-5_3_18-150300_59_121-default-12-150300.2.1 * kernel-livepatch-SLE15-SP3_Update_31-debugsource-12-150300.2.1 * kernel-livepatch-5_3_18-150300_59_133-default-debuginfo-7-150300.2.1 * kernel-livepatch-5_3_18-150300_59_115-default-13-150300.2.1 * kernel-livepatch-SLE15-SP3_Update_30-debugsource-13-150300.2.1 * openSUSE Leap 15.3 (x86_64) * kernel-livepatch-5_3_18-150300_59_127-preempt-9-150300.2.1 * kernel-livepatch-5_3_18-150300_59_118-preempt-12-150300.2.1 * kernel-livepatch-5_3_18-150300_59_124-preempt-10-150300.2.1 * kernel-livepatch-5_3_18-150300_59_133-preempt-7-150300.2.1 * kernel-livepatch-5_3_18-150300_59_121-preempt-debuginfo-12-150300.2.1 * kernel-livepatch-5_3_18-150300_59_121-preempt-12-150300.2.1 * kernel-livepatch-5_3_18-150300_59_115-preempt-debuginfo-13-150300.2.1 * kernel-livepatch-5_3_18-150300_59_118-preempt-debuginfo-12-150300.2.1 * kernel-livepatch-5_3_18-150300_59_127-preempt-debuginfo-9-150300.2.1 * kernel-livepatch-5_3_18-150300_59_133-preempt-debuginfo-7-150300.2.1 * kernel-livepatch-5_3_18-150300_59_124-preempt-debuginfo-10-150300.2.1 * kernel-livepatch-5_3_18-150300_59_115-preempt-13-150300.2.1 * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_118-default-12-150300.2.1 * kernel-livepatch-5_3_18-150300_59_133-default-7-150300.2.1 * kernel-livepatch-5_3_18-150300_59_127-default-9-150300.2.1 * kernel-livepatch-5_3_18-150300_59_124-default-10-150300.2.1 * kernel-livepatch-5_3_18-150300_59_121-default-12-150300.2.1 * kernel-livepatch-5_3_18-150300_59_115-default-13-150300.2.1 ## References: * https://www.suse.com/security/cve/CVE-2023-42753.html * https://www.suse.com/security/cve/CVE-2023-52340.html * https://www.suse.com/security/cve/CVE-2024-0565.html * https://bugzilla.suse.com/show_bug.cgi?id=1218613 * https://bugzilla.suse.com/show_bug.cgi?id=1219078 * https://bugzilla.suse.com/show_bug.cgi?id=1219296 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Apr 11 16:30:13 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 11 Apr 2024 16:30:13 -0000 Subject: SUSE-SU-2024:1207-1: important: Security update for the Linux Kernel (Live Patch 41 for SLE 15 SP3) Message-ID: <171285301356.4699.8198365662345177390@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 41 for SLE 15 SP3) Announcement ID: SUSE-SU-2024:1207-1 Rating: important References: * bsc#1219296 Cross-References: * CVE-2023-52340 CVSS scores: * CVE-2023-52340 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise Live Patching 15-SP2 * SUSE Linux Enterprise Live Patching 12-SP5 * SUSE Linux Enterprise Live Patching 15-SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves one vulnerability can now be installed. ## Description: This update for the Linux Kernel 5.3.18-150300_59_150 fixes one issue. The following security issue was fixed: * CVE-2023-52340: Fixed ICMPv6 ?Packet Too Big? packets force a DoS of the Linux kernel by forcing 100% CPU (bsc#1219296). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 12-SP5 zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2024-1219=1 SUSE-SLE-Live- Patching-12-SP5-2024-1207=1 SUSE-SLE-Live-Patching-12-SP5-2024-1208=1 SUSE-SLE- Live-Patching-12-SP5-2024-1209=1 SUSE-SLE-Live-Patching-12-SP5-2024-1210=1 SUSE- SLE-Live-Patching-12-SP5-2024-1211=1 SUSE-SLE-Live-Patching-12-SP5-2024-1212=1 SUSE-SLE-Live-Patching-12-SP5-2024-1213=1 SUSE-SLE-Live- Patching-12-SP5-2024-1214=1 SUSE-SLE-Live-Patching-12-SP5-2024-1215=1 SUSE-SLE- Live-Patching-12-SP5-2024-1216=1 SUSE-SLE-Live-Patching-12-SP5-2024-1217=1 SUSE- SLE-Live-Patching-12-SP5-2024-1218=1 * SUSE Linux Enterprise Live Patching 15-SP2 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP2-2024-1227=1 * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-1247=1 * SUSE Linux Enterprise Live Patching 15-SP3 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2024-1247=1 ## Package List: * SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64) * kgraft-patch-4_12_14-122_165-default-9-2.1 * kgraft-patch-4_12_14-122_179-default-6-2.1 * kgraft-patch-4_12_14-122_150-default-14-2.2 * kgraft-patch-4_12_14-122_153-default-12-2.1 * kgraft-patch-4_12_14-122_176-default-7-2.1 * kgraft-patch-4_12_14-122_173-default-8-2.1 * kgraft-patch-4_12_14-122_194-default-3-2.1 * kgraft-patch-4_12_14-122_189-default-4-2.1 * kgraft-patch-4_12_14-122_183-default-6-2.1 * kgraft-patch-4_12_14-122_186-default-5-2.1 * kgraft-patch-4_12_14-122_162-default-10-2.1 * kgraft-patch-4_12_14-122_156-default-12-2.1 * kgraft-patch-4_12_14-122_159-default-11-2.1 * SUSE Linux Enterprise Live Patching 15-SP2 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP2_Update_45-debugsource-4-150200.2.1 * kernel-livepatch-5_3_18-150200_24_178-default-4-150200.2.1 * kernel-livepatch-5_3_18-150200_24_178-default-debuginfo-4-150200.2.1 * openSUSE Leap 15.3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_150-default-4-150300.2.1 * kernel-livepatch-5_3_18-150300_59_150-default-debuginfo-4-150300.2.1 * kernel-livepatch-SLE15-SP3_Update_41-debugsource-4-150300.2.1 * openSUSE Leap 15.3 (x86_64) * kernel-livepatch-5_3_18-150300_59_150-preempt-4-150300.2.1 * kernel-livepatch-5_3_18-150300_59_150-preempt-debuginfo-4-150300.2.1 * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_150-default-4-150300.2.1 ## References: * https://www.suse.com/security/cve/CVE-2023-52340.html * https://bugzilla.suse.com/show_bug.cgi?id=1219296 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Apr 11 20:30:04 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 11 Apr 2024 20:30:04 -0000 Subject: SUSE-SU-2024:1251-1: important: Security update for the Linux Kernel (Live Patch 5 for SLE 15 SP5) Message-ID: <171286740450.25501.9956020657723653481@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 5 for SLE 15 SP5) Announcement ID: SUSE-SU-2024:1251-1 Rating: important References: * bsc#1218613 * bsc#1219078 * bsc#1219296 * bsc#1219432 Cross-References: * CVE-2023-42753 * CVE-2023-52340 * CVE-2024-0565 * CVE-2024-1085 CVSS scores: * CVE-2023-42753 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-42753 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52340 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0565 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0565 ( NVD ): 7.4 CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H * CVE-2024-1085 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-1085 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves four vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_55_28 fixes several issues. The following security issues were fixed: * CVE-2024-0565: Fixed an out-of-bounds memory read flaw in receive_encrypted_standard in fs/smb/client/smb2ops.c (bsc#1219078). * CVE-2023-42753: Fixed an array indexing vulnerability in the netfilter subsystem. This issue may have allowed a local user to crash the system or potentially escalate their privileges (bsc#1218613). * CVE-2024-1085: Fixed nf_tables use-after-free vulnerability in the nft_setelem_catchall_deactivate() function (bsc#1219432). * CVE-2023-52340: Fixed ICMPv6 ?Packet Too Big? packets force a DoS of the Linux kernel by forcing 100% CPU (bsc#1219296). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-1251=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-1251=1 ## Package List: * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_28-default-7-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_5-debugsource-7-150500.2.1 * kernel-livepatch-5_14_21-150500_55_28-default-debuginfo-7-150500.2.1 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_28-default-7-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_5-debugsource-7-150500.2.1 * kernel-livepatch-5_14_21-150500_55_28-default-debuginfo-7-150500.2.1 ## References: * https://www.suse.com/security/cve/CVE-2023-42753.html * https://www.suse.com/security/cve/CVE-2023-52340.html * https://www.suse.com/security/cve/CVE-2024-0565.html * https://www.suse.com/security/cve/CVE-2024-1085.html * https://bugzilla.suse.com/show_bug.cgi?id=1218613 * https://bugzilla.suse.com/show_bug.cgi?id=1219078 * https://bugzilla.suse.com/show_bug.cgi?id=1219296 * https://bugzilla.suse.com/show_bug.cgi?id=1219432 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Apr 11 20:30:07 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 11 Apr 2024 20:30:07 -0000 Subject: SUSE-SU-2024:1249-1: important: Security update for the Linux Kernel (Live Patch 35 for SLE 15 SP3) Message-ID: <171286740762.25501.16457777937490999938@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 35 for SLE 15 SP3) Announcement ID: SUSE-SU-2024:1249-1 Rating: important References: * bsc#1218613 * bsc#1219078 * bsc#1219296 Cross-References: * CVE-2023-42753 * CVE-2023-52340 * CVE-2024-0565 CVSS scores: * CVE-2023-42753 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-42753 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52340 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0565 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0565 ( NVD ): 7.4 CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise Live Patching 15-SP2 * SUSE Linux Enterprise Live Patching 15-SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves three vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.3.18-150300_59_130 fixes several issues. The following security issues were fixed: * CVE-2024-0565: Fixed an out-of-bounds memory read flaw in receive_encrypted_standard in fs/smb/client/smb2ops.c (bsc#1219078). * CVE-2023-42753: Fixed an array indexing vulnerability in the netfilter subsystem. This issue may have allowed a local user to crash the system or potentially escalate their privileges (bsc#1218613). * CVE-2023-52340: Fixed ICMPv6 ?Packet Too Big? packets force a DoS of the Linux kernel by forcing 100% CPU (bsc#1219296). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP2 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP2-2024-1249=1 * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-1250=1 * SUSE Linux Enterprise Live Patching 15-SP3 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2024-1250=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP2 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP2_Update_35-debugsource-12-150200.2.1 * kernel-livepatch-5_3_18-150200_24_148-default-12-150200.2.1 * kernel-livepatch-5_3_18-150200_24_148-default-debuginfo-12-150200.2.1 * openSUSE Leap 15.3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_130-default-8-150300.2.1 * kernel-livepatch-5_3_18-150300_59_130-default-debuginfo-8-150300.2.1 * kernel-livepatch-SLE15-SP3_Update_35-debugsource-8-150300.2.1 * openSUSE Leap 15.3 (x86_64) * kernel-livepatch-5_3_18-150300_59_130-preempt-debuginfo-8-150300.2.1 * kernel-livepatch-5_3_18-150300_59_130-preempt-8-150300.2.1 * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_130-default-8-150300.2.1 ## References: * https://www.suse.com/security/cve/CVE-2023-42753.html * https://www.suse.com/security/cve/CVE-2023-52340.html * https://www.suse.com/security/cve/CVE-2024-0565.html * https://bugzilla.suse.com/show_bug.cgi?id=1218613 * https://bugzilla.suse.com/show_bug.cgi?id=1219078 * https://bugzilla.suse.com/show_bug.cgi?id=1219296 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Apr 11 20:30:09 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 11 Apr 2024 20:30:09 -0000 Subject: SUSE-SU-2024:1248-1: important: Security update for the Linux Kernel (Live Patch 37 for SLE 15 SP3) Message-ID: <171286740945.25501.7429143898595415364@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 37 for SLE 15 SP3) Announcement ID: SUSE-SU-2024:1248-1 Rating: important References: * bsc#1219078 * bsc#1219296 Cross-References: * CVE-2023-52340 * CVE-2024-0565 CVSS scores: * CVE-2023-52340 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0565 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0565 ( NVD ): 7.4 CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise Live Patching 15-SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves two vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.3.18-150300_59_138 fixes several issues. The following security issues were fixed: * CVE-2024-0565: Fixed an out-of-bounds memory read flaw in receive_encrypted_standard in fs/smb/client/smb2ops.c (bsc#1219078). * CVE-2023-52340: Fixed ICMPv6 ?Packet Too Big? packets force a DoS of the Linux kernel by forcing 100% CPU (bsc#1219296). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-1248=1 * SUSE Linux Enterprise Live Patching 15-SP3 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2024-1248=1 ## Package List: * openSUSE Leap 15.3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_138-default-7-150300.2.1 * kernel-livepatch-SLE15-SP3_Update_37-debugsource-7-150300.2.1 * kernel-livepatch-5_3_18-150300_59_138-default-debuginfo-7-150300.2.1 * openSUSE Leap 15.3 (x86_64) * kernel-livepatch-5_3_18-150300_59_138-preempt-7-150300.2.1 * kernel-livepatch-5_3_18-150300_59_138-preempt-debuginfo-7-150300.2.1 * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_138-default-7-150300.2.1 ## References: * https://www.suse.com/security/cve/CVE-2023-52340.html * https://www.suse.com/security/cve/CVE-2024-0565.html * https://bugzilla.suse.com/show_bug.cgi?id=1219078 * https://bugzilla.suse.com/show_bug.cgi?id=1219296 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Apr 12 08:30:03 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 12 Apr 2024 08:30:03 -0000 Subject: SUSE-SU-2024:1252-1: important: Security update for the Linux Kernel (Live Patch 1 for SLE 15 SP5) Message-ID: <171291060389.22748.8821600194974184731@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 1 for SLE 15 SP5) Announcement ID: SUSE-SU-2024:1252-1 Rating: important References: * bsc#1218613 * bsc#1219078 * bsc#1219296 * bsc#1219432 Cross-References: * CVE-2023-42753 * CVE-2023-52340 * CVE-2024-0565 * CVE-2024-1085 CVSS scores: * CVE-2023-42753 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-42753 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52340 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0565 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0565 ( NVD ): 7.4 CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H * CVE-2024-1085 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-1085 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves four vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_55_7 fixes several issues. The following security issues were fixed: * CVE-2024-0565: Fixed an out-of-bounds memory read flaw in receive_encrypted_standard in fs/smb/client/smb2ops.c (bsc#1219078). * CVE-2023-42753: Fixed an array indexing vulnerability in the netfilter subsystem. This issue may have allowed a local user to crash the system or potentially escalate their privileges (bsc#1218613). * CVE-2024-1085: Fixed nf_tables use-after-free vulnerability in the nft_setelem_catchall_deactivate() function (bsc#1219432). * CVE-2023-52340: Fixed ICMPv6 ?Packet Too Big? packets force a DoS of the Linux kernel by forcing 100% CPU (bsc#1219296). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-1252=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-1252=1 ## Package List: * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_7-default-9-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_1-debugsource-9-150500.2.1 * kernel-livepatch-5_14_21-150500_55_7-default-debuginfo-9-150500.2.1 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_7-default-9-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_1-debugsource-9-150500.2.1 * kernel-livepatch-5_14_21-150500_55_7-default-debuginfo-9-150500.2.1 ## References: * https://www.suse.com/security/cve/CVE-2023-42753.html * https://www.suse.com/security/cve/CVE-2023-52340.html * https://www.suse.com/security/cve/CVE-2024-0565.html * https://www.suse.com/security/cve/CVE-2024-1085.html * https://bugzilla.suse.com/show_bug.cgi?id=1218613 * https://bugzilla.suse.com/show_bug.cgi?id=1219078 * https://bugzilla.suse.com/show_bug.cgi?id=1219296 * https://bugzilla.suse.com/show_bug.cgi?id=1219432 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Apr 12 12:30:03 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 12 Apr 2024 12:30:03 -0000 Subject: SUSE-SU-2024:1256-1: moderate: Security update for perl-Net-CIDR-Lite Message-ID: <171292500368.25797.15750832891706524403@smelt2.prg2.suse.org> # Security update for perl-Net-CIDR-Lite Announcement ID: SUSE-SU-2024:1256-1 Rating: moderate References: * bsc#1221564 Cross-References: * CVE-2021-47154 CVSS scores: * CVE-2021-47154 ( SUSE ): 6.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L Affected Products: * Development Tools Module 15-SP5 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for perl-Net-CIDR-Lite fixes the following issues: * CVE-2021-47154: Fixed leading zeroes in IPv4 octets may allow attackers to bypass certain access controls (bsc#1221564). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1256=1 * Development Tools Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2024-1256=1 ## Package List: * openSUSE Leap 15.5 (noarch) * perl-Net-CIDR-Lite-0.21-150100.6.3.1 * Development Tools Module 15-SP5 (noarch) * perl-Net-CIDR-Lite-0.21-150100.6.3.1 ## References: * https://www.suse.com/security/cve/CVE-2021-47154.html * https://bugzilla.suse.com/show_bug.cgi?id=1221564 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Apr 12 16:30:07 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 12 Apr 2024 16:30:07 -0000 Subject: SUSE-SU-2024:1274-1: important: Security update for the Linux Kernel (Live Patch 6 for SLE 15 SP5) Message-ID: <171293940781.28509.5737827432208056615@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 6 for SLE 15 SP5) Announcement ID: SUSE-SU-2024:1274-1 Rating: important References: * bsc#1219078 * bsc#1219296 * bsc#1219432 Cross-References: * CVE-2023-52340 * CVE-2024-0565 * CVE-2024-1085 CVSS scores: * CVE-2023-52340 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0565 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0565 ( NVD ): 7.4 CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H * CVE-2024-1085 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-1085 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves three vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_55_31 fixes several issues. The following security issues were fixed: * CVE-2024-0565: Fixed an out-of-bounds memory read flaw in receive_encrypted_standard in fs/smb/client/smb2ops.c (bsc#1219078). * CVE-2024-1085: Fixed nf_tables use-after-free vulnerability in the nft_setelem_catchall_deactivate() function (bsc#1219432). * CVE-2023-52340: Fixed ICMPv6 ?Packet Too Big? packets force a DoS of the Linux kernel by forcing 100% CPU (bsc#1219296). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-1274=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-1274=1 ## Package List: * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP5_Update_6-debugsource-6-150500.2.1 * kernel-livepatch-5_14_21-150500_55_31-default-debuginfo-6-150500.2.1 * kernel-livepatch-5_14_21-150500_55_31-default-6-150500.2.1 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP5_Update_6-debugsource-6-150500.2.1 * kernel-livepatch-5_14_21-150500_55_31-default-debuginfo-6-150500.2.1 * kernel-livepatch-5_14_21-150500_55_31-default-6-150500.2.1 ## References: * https://www.suse.com/security/cve/CVE-2023-52340.html * https://www.suse.com/security/cve/CVE-2024-0565.html * https://www.suse.com/security/cve/CVE-2024-1085.html * https://bugzilla.suse.com/show_bug.cgi?id=1219078 * https://bugzilla.suse.com/show_bug.cgi?id=1219296 * https://bugzilla.suse.com/show_bug.cgi?id=1219432 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Apr 12 16:30:09 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 12 Apr 2024 16:30:09 -0000 Subject: SUSE-SU-2024:1273-1: important: Security update for the Linux Kernel RT (Live Patch 10 for SLE 15 SP5) Message-ID: <171293940956.28509.9705595457566654674@smelt2.prg2.suse.org> # Security update for the Linux Kernel RT (Live Patch 10 for SLE 15 SP5) Announcement ID: SUSE-SU-2024:1273-1 Rating: important References: * bsc#1219296 Cross-References: * CVE-2023-52340 CVSS scores: * CVE-2023-52340 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_13_35 fixes one issue. The following security issue was fixed: * CVE-2023-52340: Fixed ICMPv6 ?Packet Too Big? packets force a DoS of the Linux kernel by forcing 100% CPU (bsc#1219296). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-1273=1 * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-1273=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP5 (x86_64) * kernel-livepatch-5_14_21-150500_13_35-rt-2-150500.11.8.1 * kernel-livepatch-SLE15-SP5-RT_Update_10-debugsource-2-150500.11.8.1 * kernel-livepatch-5_14_21-150500_13_35-rt-debuginfo-2-150500.11.8.1 * openSUSE Leap 15.5 (x86_64) * kernel-livepatch-5_14_21-150500_13_35-rt-2-150500.11.8.1 * kernel-livepatch-SLE15-SP5-RT_Update_10-debugsource-2-150500.11.8.1 * kernel-livepatch-5_14_21-150500_13_35-rt-debuginfo-2-150500.11.8.1 ## References: * https://www.suse.com/security/cve/CVE-2023-52340.html * https://bugzilla.suse.com/show_bug.cgi?id=1219296 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Apr 12 16:30:11 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 12 Apr 2024 16:30:11 -0000 Subject: SUSE-SU-2024:1257-1: important: Security update for the Linux Kernel (Live Patch 40 for SLE 15 SP2) Message-ID: <171293941178.28509.10365810504090233736@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 40 for SLE 15 SP2) Announcement ID: SUSE-SU-2024:1257-1 Rating: important References: * bsc#1218613 * bsc#1219078 * bsc#1219296 Cross-References: * CVE-2023-42753 * CVE-2023-52340 * CVE-2024-0565 CVSS scores: * CVE-2023-42753 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-42753 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52340 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0565 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0565 ( NVD ): 7.4 CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise Live Patching 15-SP2 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 An update that solves three vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.3.18-150200_24_163 fixes several issues. The following security issues were fixed: * CVE-2024-0565: Fixed an out-of-bounds memory read flaw in receive_encrypted_standard in fs/smb/client/smb2ops.c (bsc#1219078). * CVE-2023-42753: Fixed an array indexing vulnerability in the netfilter subsystem. This issue may have allowed a local user to crash the system or potentially escalate their privileges (bsc#1218613). * CVE-2023-52340: Fixed ICMPv6 ?Packet Too Big? packets force a DoS of the Linux kernel by forcing 100% CPU (bsc#1219296). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP2 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP2-2024-1257=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP2 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP2_Update_40-debugsource-7-150200.2.1 * kernel-livepatch-5_3_18-150200_24_163-default-debuginfo-7-150200.2.1 * kernel-livepatch-5_3_18-150200_24_163-default-7-150200.2.1 ## References: * https://www.suse.com/security/cve/CVE-2023-42753.html * https://www.suse.com/security/cve/CVE-2023-52340.html * https://www.suse.com/security/cve/CVE-2024-0565.html * https://bugzilla.suse.com/show_bug.cgi?id=1218613 * https://bugzilla.suse.com/show_bug.cgi?id=1219078 * https://bugzilla.suse.com/show_bug.cgi?id=1219296 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Apr 12 16:30:14 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 12 Apr 2024 16:30:14 -0000 Subject: SUSE-SU-2024:1271-1: moderate: Security update for gnutls Message-ID: <171293941446.28509.17174999196510265125@smelt2.prg2.suse.org> # Security update for gnutls Announcement ID: SUSE-SU-2024:1271-1 Rating: moderate References: * bsc#1221242 * bsc#1221746 * bsc#1221747 Cross-References: * CVE-2024-28834 * CVE-2024-28835 CVSS scores: * CVE-2024-28834 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-28835 ( SUSE ): 5.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap Micro 5.4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves two vulnerabilities and has one security fix can now be installed. ## Description: This update for gnutls fixes the following issues: * CVE-2024-28834: Fixed side-channel in the deterministic ECDSA (bsc#1221746) * CVE-2024-28835: Fixed denial of service during certificate chain verification (bsc#1221747) Other fixes: \- jitterentropy: Release the memory of the entropy collector when using jitterentropy with phtreads as there is also a pre-intitization done in the main thread (bsc#1221242) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap Micro 5.4 zypper in -t patch openSUSE-Leap-Micro-5.4-2024-1271=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1271=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-1271=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-1271=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-1271=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-1271=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-1271=1 ## Package List: * openSUSE Leap Micro 5.4 (aarch64 s390x x86_64) * gnutls-3.7.3-150400.4.44.1 * libgnutls30-hmac-3.7.3-150400.4.44.1 * libgnutls30-debuginfo-3.7.3-150400.4.44.1 * gnutls-debugsource-3.7.3-150400.4.44.1 * libgnutls30-3.7.3-150400.4.44.1 * gnutls-debuginfo-3.7.3-150400.4.44.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * gnutls-3.7.3-150400.4.44.1 * libgnutls30-hmac-3.7.3-150400.4.44.1 * libgnutlsxx28-3.7.3-150400.4.44.1 * gnutls-guile-3.7.3-150400.4.44.1 * libgnutls-devel-3.7.3-150400.4.44.1 * libgnutls30-debuginfo-3.7.3-150400.4.44.1 * libgnutlsxx28-debuginfo-3.7.3-150400.4.44.1 * gnutls-guile-debuginfo-3.7.3-150400.4.44.1 * libgnutlsxx-devel-3.7.3-150400.4.44.1 * gnutls-debugsource-3.7.3-150400.4.44.1 * libgnutls30-3.7.3-150400.4.44.1 * gnutls-debuginfo-3.7.3-150400.4.44.1 * openSUSE Leap 15.5 (x86_64) * libgnutls30-32bit-3.7.3-150400.4.44.1 * libgnutls-devel-32bit-3.7.3-150400.4.44.1 * libgnutls30-32bit-debuginfo-3.7.3-150400.4.44.1 * libgnutls30-hmac-32bit-3.7.3-150400.4.44.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * gnutls-3.7.3-150400.4.44.1 * libgnutls30-hmac-3.7.3-150400.4.44.1 * libgnutls30-debuginfo-3.7.3-150400.4.44.1 * gnutls-debugsource-3.7.3-150400.4.44.1 * libgnutls30-3.7.3-150400.4.44.1 * gnutls-debuginfo-3.7.3-150400.4.44.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * gnutls-3.7.3-150400.4.44.1 * libgnutls30-hmac-3.7.3-150400.4.44.1 * libgnutls30-debuginfo-3.7.3-150400.4.44.1 * gnutls-debugsource-3.7.3-150400.4.44.1 * libgnutls30-3.7.3-150400.4.44.1 * gnutls-debuginfo-3.7.3-150400.4.44.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 s390x x86_64) * gnutls-3.7.3-150400.4.44.1 * libgnutls30-hmac-3.7.3-150400.4.44.1 * libgnutls30-debuginfo-3.7.3-150400.4.44.1 * gnutls-debugsource-3.7.3-150400.4.44.1 * libgnutls30-3.7.3-150400.4.44.1 * gnutls-debuginfo-3.7.3-150400.4.44.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * gnutls-3.7.3-150400.4.44.1 * libgnutls30-hmac-3.7.3-150400.4.44.1 * libgnutlsxx28-3.7.3-150400.4.44.1 * libgnutlsxx28-debuginfo-3.7.3-150400.4.44.1 * libgnutls-devel-3.7.3-150400.4.44.1 * libgnutls30-debuginfo-3.7.3-150400.4.44.1 * libgnutlsxx-devel-3.7.3-150400.4.44.1 * gnutls-debugsource-3.7.3-150400.4.44.1 * libgnutls30-3.7.3-150400.4.44.1 * gnutls-debuginfo-3.7.3-150400.4.44.1 * Basesystem Module 15-SP5 (x86_64) * libgnutls30-32bit-3.7.3-150400.4.44.1 * libgnutls30-32bit-debuginfo-3.7.3-150400.4.44.1 * libgnutls30-hmac-32bit-3.7.3-150400.4.44.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * gnutls-3.7.3-150400.4.44.1 * libgnutls30-hmac-3.7.3-150400.4.44.1 * libgnutlsxx28-3.7.3-150400.4.44.1 * gnutls-guile-3.7.3-150400.4.44.1 * libgnutls-devel-3.7.3-150400.4.44.1 * libgnutls30-debuginfo-3.7.3-150400.4.44.1 * libgnutlsxx28-debuginfo-3.7.3-150400.4.44.1 * gnutls-guile-debuginfo-3.7.3-150400.4.44.1 * libgnutlsxx-devel-3.7.3-150400.4.44.1 * gnutls-debugsource-3.7.3-150400.4.44.1 * libgnutls30-3.7.3-150400.4.44.1 * gnutls-debuginfo-3.7.3-150400.4.44.1 * openSUSE Leap 15.4 (x86_64) * libgnutls30-32bit-3.7.3-150400.4.44.1 * libgnutls-devel-32bit-3.7.3-150400.4.44.1 * libgnutls30-32bit-debuginfo-3.7.3-150400.4.44.1 * libgnutls30-hmac-32bit-3.7.3-150400.4.44.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libgnutls-devel-64bit-3.7.3-150400.4.44.1 * libgnutls30-64bit-debuginfo-3.7.3-150400.4.44.1 * libgnutls30-64bit-3.7.3-150400.4.44.1 * libgnutls30-hmac-64bit-3.7.3-150400.4.44.1 ## References: * https://www.suse.com/security/cve/CVE-2024-28834.html * https://www.suse.com/security/cve/CVE-2024-28835.html * https://bugzilla.suse.com/show_bug.cgi?id=1221242 * https://bugzilla.suse.com/show_bug.cgi?id=1221746 * https://bugzilla.suse.com/show_bug.cgi?id=1221747 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Apr 12 16:30:18 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 12 Apr 2024 16:30:18 -0000 Subject: SUSE-SU-2024:1270-1: important: Security update for webkit2gtk3 Message-ID: <171293941809.28509.13046113185983702725@smelt2.prg2.suse.org> # Security update for webkit2gtk3 Announcement ID: SUSE-SU-2024:1270-1 Rating: important References: * bsc#1222010 Cross-References: * CVE-2023-42843 * CVE-2023-42950 * CVE-2023-42956 * CVE-2024-23252 * CVE-2024-23254 * CVE-2024-23263 * CVE-2024-23280 * CVE-2024-23284 CVSS scores: * CVE-2023-42843 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2023-42950 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2023-42950 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2023-42956 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2023-42956 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-23252 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-23254 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2024-23263 ( SUSE ): 6.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2024-23280 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N * CVE-2024-23284 ( SUSE ): 6.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L Affected Products: * Basesystem Module 15-SP5 * Desktop Applications Module 15-SP5 * Development Tools Module 15-SP5 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves eight vulnerabilities can now be installed. ## Description: This update for webkit2gtk3 fixes the following issues: * CVE-2024-23252: Fixed denial of service via crafted web content (bsc#1222010). * CVE-2024-23254: Fixed possible audio data exilftration cross-origin via malicious website (bsc#1222010). * CVE-2024-23263: Fixed lack of Content Security Policy enforcing via malicious crafted web content (bsc#1222010). * CVE-2024-23280: Fixed possible user fingeprint via malicious crafted web content (bsc#1222010). * CVE-2024-23284: Fixed lack of Content Security Policy enforcing via malicious crafted web content (bsc#1222010). * CVE-2023-42950: Fixed arbitrary code execution via crafted web content (bsc#1222010). * CVE-2023-42956: Fixed denial of service via crafted web content (bsc#1222010). * CVE-2023-42843: Fixed address bar spoofing via malicious website (bsc#1222010). Other fixes: * Update to version 2.44.0 (bsc#1222010): * Make the DOM accessibility tree reachable from UI process with GTK4. * Removed the X11 and WPE renderers in favor of DMA-BUF. * Improved vblank synchronization when rendering. * Removed key event reinjection in GTK4 to make keyboard shortcuts work in web sites. * Fix gamepads detection by correctly handling focused window in GTK4. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-1270=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1270=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-1270=1 * Desktop Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP5-2024-1270=1 * Development Tools Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2024-1270=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-1270=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-1270=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-1270=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-1270=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-1270=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-1270=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-1270=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-1270=1 ## Package List: * openSUSE Leap 15.4 (noarch) * WebKitGTK-6.0-lang-2.44.0-150400.4.78.1 * WebKitGTK-4.1-lang-2.44.0-150400.4.78.1 * WebKitGTK-4.0-lang-2.44.0-150400.4.78.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * webkit-jsc-4.1-2.44.0-150400.4.78.1 * typelib-1_0-JavaScriptCore-4_0-2.44.0-150400.4.78.1 * libjavascriptcoregtk-6_0-1-debuginfo-2.44.0-150400.4.78.1 * webkit2gtk4-debugsource-2.44.0-150400.4.78.1 * libwebkit2gtk-4_1-0-2.44.0-150400.4.78.1 * libwebkitgtk-6_0-4-2.44.0-150400.4.78.1 * webkit2gtk-4_0-injected-bundles-2.44.0-150400.4.78.1 * webkit2gtk4-minibrowser-2.44.0-150400.4.78.1 * typelib-1_0-WebKit2WebExtension-4_0-2.44.0-150400.4.78.1 * typelib-1_0-WebKitWebProcessExtension-6_0-2.44.0-150400.4.78.1 * libwebkit2gtk-4_1-0-debuginfo-2.44.0-150400.4.78.1 * webkit-jsc-6.0-2.44.0-150400.4.78.1 * webkit2gtk4-devel-2.44.0-150400.4.78.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.44.0-150400.4.78.1 * libjavascriptcoregtk-4_1-0-debuginfo-2.44.0-150400.4.78.1 * webkit2gtk3-soup2-devel-2.44.0-150400.4.78.1 * webkit2gtk4-minibrowser-debuginfo-2.44.0-150400.4.78.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.44.0-150400.4.78.1 * typelib-1_0-JavaScriptCore-4_1-2.44.0-150400.4.78.1 * libjavascriptcoregtk-6_0-1-2.44.0-150400.4.78.1 * webkit2gtk3-debugsource-2.44.0-150400.4.78.1 * webkit-jsc-4-2.44.0-150400.4.78.1 * libjavascriptcoregtk-4_0-18-2.44.0-150400.4.78.1 * libwebkit2gtk-4_0-37-2.44.0-150400.4.78.1 * webkitgtk-6_0-injected-bundles-debuginfo-2.44.0-150400.4.78.1 * libjavascriptcoregtk-4_1-0-2.44.0-150400.4.78.1 * typelib-1_0-JavaScriptCore-6_0-2.44.0-150400.4.78.1 * webkit-jsc-6.0-debuginfo-2.44.0-150400.4.78.1 * webkit2gtk-4_1-injected-bundles-2.44.0-150400.4.78.1 * webkit2gtk3-soup2-minibrowser-debuginfo-2.44.0-150400.4.78.1 * webkit2gtk3-soup2-debugsource-2.44.0-150400.4.78.1 * typelib-1_0-WebKit-6_0-2.44.0-150400.4.78.1 * libwebkit2gtk-4_0-37-debuginfo-2.44.0-150400.4.78.1 * webkit2gtk3-minibrowser-debuginfo-2.44.0-150400.4.78.1 * typelib-1_0-WebKit2-4_1-2.44.0-150400.4.78.1 * webkit-jsc-4.1-debuginfo-2.44.0-150400.4.78.1 * libwebkitgtk-6_0-4-debuginfo-2.44.0-150400.4.78.1 * webkit2gtk3-soup2-minibrowser-2.44.0-150400.4.78.1 * webkit-jsc-4-debuginfo-2.44.0-150400.4.78.1 * typelib-1_0-WebKit2-4_0-2.44.0-150400.4.78.1 * webkitgtk-6_0-injected-bundles-2.44.0-150400.4.78.1 * webkit2gtk3-minibrowser-2.44.0-150400.4.78.1 * typelib-1_0-WebKit2WebExtension-4_1-2.44.0-150400.4.78.1 * webkit2gtk3-devel-2.44.0-150400.4.78.1 * webkit2gtk-4_1-injected-bundles-debuginfo-2.44.0-150400.4.78.1 * openSUSE Leap 15.4 (x86_64) * libwebkit2gtk-4_0-37-32bit-debuginfo-2.44.0-150400.4.78.1 * libjavascriptcoregtk-4_0-18-32bit-2.44.0-150400.4.78.1 * libwebkit2gtk-4_1-0-32bit-debuginfo-2.44.0-150400.4.78.1 * libwebkit2gtk-4_1-0-32bit-2.44.0-150400.4.78.1 * libjavascriptcoregtk-4_1-0-32bit-2.44.0-150400.4.78.1 * libjavascriptcoregtk-4_0-18-32bit-debuginfo-2.44.0-150400.4.78.1 * libjavascriptcoregtk-4_1-0-32bit-debuginfo-2.44.0-150400.4.78.1 * libwebkit2gtk-4_0-37-32bit-2.44.0-150400.4.78.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libjavascriptcoregtk-4_0-18-64bit-debuginfo-2.44.0-150400.4.78.1 * libjavascriptcoregtk-4_1-0-64bit-debuginfo-2.44.0-150400.4.78.1 * libwebkit2gtk-4_0-37-64bit-debuginfo-2.44.0-150400.4.78.1 * libwebkit2gtk-4_1-0-64bit-debuginfo-2.44.0-150400.4.78.1 * libjavascriptcoregtk-4_1-0-64bit-2.44.0-150400.4.78.1 * libjavascriptcoregtk-4_0-18-64bit-2.44.0-150400.4.78.1 * libwebkit2gtk-4_0-37-64bit-2.44.0-150400.4.78.1 * libwebkit2gtk-4_1-0-64bit-2.44.0-150400.4.78.1 * openSUSE Leap 15.5 (noarch) * WebKitGTK-6.0-lang-2.44.0-150400.4.78.1 * WebKitGTK-4.1-lang-2.44.0-150400.4.78.1 * WebKitGTK-4.0-lang-2.44.0-150400.4.78.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * webkit-jsc-4.1-2.44.0-150400.4.78.1 * libjavascriptcoregtk-6_0-1-debuginfo-2.44.0-150400.4.78.1 * typelib-1_0-JavaScriptCore-4_0-2.44.0-150400.4.78.1 * webkit2gtk4-debugsource-2.44.0-150400.4.78.1 * libwebkit2gtk-4_1-0-2.44.0-150400.4.78.1 * libwebkitgtk-6_0-4-2.44.0-150400.4.78.1 * webkit2gtk-4_0-injected-bundles-2.44.0-150400.4.78.1 * webkit2gtk4-minibrowser-2.44.0-150400.4.78.1 * typelib-1_0-WebKit2WebExtension-4_0-2.44.0-150400.4.78.1 * typelib-1_0-WebKitWebProcessExtension-6_0-2.44.0-150400.4.78.1 * libwebkit2gtk-4_1-0-debuginfo-2.44.0-150400.4.78.1 * webkit-jsc-6.0-2.44.0-150400.4.78.1 * webkit2gtk4-devel-2.44.0-150400.4.78.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.44.0-150400.4.78.1 * libjavascriptcoregtk-4_1-0-debuginfo-2.44.0-150400.4.78.1 * webkit2gtk3-soup2-devel-2.44.0-150400.4.78.1 * webkit2gtk4-minibrowser-debuginfo-2.44.0-150400.4.78.1 * webkit2gtk-4_1-injected-bundles-debuginfo-2.44.0-150400.4.78.1 * typelib-1_0-JavaScriptCore-4_1-2.44.0-150400.4.78.1 * libjavascriptcoregtk-6_0-1-2.44.0-150400.4.78.1 * webkit2gtk3-debugsource-2.44.0-150400.4.78.1 * webkit-jsc-4-2.44.0-150400.4.78.1 * libjavascriptcoregtk-4_0-18-2.44.0-150400.4.78.1 * libwebkit2gtk-4_0-37-2.44.0-150400.4.78.1 * webkitgtk-6_0-injected-bundles-debuginfo-2.44.0-150400.4.78.1 * libjavascriptcoregtk-4_1-0-2.44.0-150400.4.78.1 * typelib-1_0-JavaScriptCore-6_0-2.44.0-150400.4.78.1 * webkit-jsc-6.0-debuginfo-2.44.0-150400.4.78.1 * webkit2gtk-4_1-injected-bundles-2.44.0-150400.4.78.1 * webkit2gtk3-soup2-minibrowser-debuginfo-2.44.0-150400.4.78.1 * typelib-1_0-WebKit-6_0-2.44.0-150400.4.78.1 * webkit2gtk3-soup2-debugsource-2.44.0-150400.4.78.1 * libwebkit2gtk-4_0-37-debuginfo-2.44.0-150400.4.78.1 * typelib-1_0-WebKit2-4_1-2.44.0-150400.4.78.1 * webkit2gtk3-minibrowser-debuginfo-2.44.0-150400.4.78.1 * webkit-jsc-4.1-debuginfo-2.44.0-150400.4.78.1 * libwebkitgtk-6_0-4-debuginfo-2.44.0-150400.4.78.1 * webkit2gtk3-soup2-minibrowser-2.44.0-150400.4.78.1 * webkit-jsc-4-debuginfo-2.44.0-150400.4.78.1 * typelib-1_0-WebKit2-4_0-2.44.0-150400.4.78.1 * webkitgtk-6_0-injected-bundles-2.44.0-150400.4.78.1 * webkit2gtk3-minibrowser-2.44.0-150400.4.78.1 * typelib-1_0-WebKit2WebExtension-4_1-2.44.0-150400.4.78.1 * webkit2gtk3-devel-2.44.0-150400.4.78.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.44.0-150400.4.78.1 * openSUSE Leap 15.5 (x86_64) * libwebkit2gtk-4_0-37-32bit-debuginfo-2.44.0-150400.4.78.1 * libjavascriptcoregtk-4_0-18-32bit-2.44.0-150400.4.78.1 * libwebkit2gtk-4_1-0-32bit-debuginfo-2.44.0-150400.4.78.1 * libwebkit2gtk-4_1-0-32bit-2.44.0-150400.4.78.1 * libjavascriptcoregtk-4_1-0-32bit-2.44.0-150400.4.78.1 * libjavascriptcoregtk-4_0-18-32bit-debuginfo-2.44.0-150400.4.78.1 * libjavascriptcoregtk-4_1-0-32bit-debuginfo-2.44.0-150400.4.78.1 * libwebkit2gtk-4_0-37-32bit-2.44.0-150400.4.78.1 * Basesystem Module 15-SP5 (noarch) * WebKitGTK-4.0-lang-2.44.0-150400.4.78.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * webkit2gtk-4_0-injected-bundles-2.44.0-150400.4.78.1 * libjavascriptcoregtk-4_0-18-2.44.0-150400.4.78.1 * typelib-1_0-JavaScriptCore-4_0-2.44.0-150400.4.78.1 * libwebkit2gtk-4_0-37-2.44.0-150400.4.78.1 * typelib-1_0-WebKit2WebExtension-4_0-2.44.0-150400.4.78.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.44.0-150400.4.78.1 * typelib-1_0-WebKit2-4_0-2.44.0-150400.4.78.1 * webkit2gtk3-soup2-devel-2.44.0-150400.4.78.1 * webkit2gtk3-soup2-debugsource-2.44.0-150400.4.78.1 * libwebkit2gtk-4_0-37-debuginfo-2.44.0-150400.4.78.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.44.0-150400.4.78.1 * Desktop Applications Module 15-SP5 (noarch) * WebKitGTK-4.1-lang-2.44.0-150400.4.78.1 * Desktop Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * webkit2gtk3-debugsource-2.44.0-150400.4.78.1 * typelib-1_0-WebKit2WebExtension-4_1-2.44.0-150400.4.78.1 * libwebkit2gtk-4_1-0-debuginfo-2.44.0-150400.4.78.1 * libjavascriptcoregtk-4_1-0-2.44.0-150400.4.78.1 * libjavascriptcoregtk-4_1-0-debuginfo-2.44.0-150400.4.78.1 * webkit2gtk-4_1-injected-bundles-2.44.0-150400.4.78.1 * libwebkit2gtk-4_1-0-2.44.0-150400.4.78.1 * typelib-1_0-JavaScriptCore-4_1-2.44.0-150400.4.78.1 * webkit2gtk3-devel-2.44.0-150400.4.78.1 * typelib-1_0-WebKit2-4_1-2.44.0-150400.4.78.1 * webkit2gtk-4_1-injected-bundles-debuginfo-2.44.0-150400.4.78.1 * Development Tools Module 15-SP5 (noarch) * WebKitGTK-6.0-lang-2.44.0-150400.4.78.1 * Development Tools Module 15-SP5 (aarch64 ppc64le s390x x86_64) * libwebkitgtk-6_0-4-2.44.0-150400.4.78.1 * libjavascriptcoregtk-6_0-1-debuginfo-2.44.0-150400.4.78.1 * webkit2gtk4-debugsource-2.44.0-150400.4.78.1 * libwebkitgtk-6_0-4-debuginfo-2.44.0-150400.4.78.1 * webkitgtk-6_0-injected-bundles-2.44.0-150400.4.78.1 * libjavascriptcoregtk-6_0-1-2.44.0-150400.4.78.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * WebKitGTK-6.0-lang-2.44.0-150400.4.78.1 * WebKitGTK-4.1-lang-2.44.0-150400.4.78.1 * WebKitGTK-4.0-lang-2.44.0-150400.4.78.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * libjavascriptcoregtk-6_0-1-debuginfo-2.44.0-150400.4.78.1 * typelib-1_0-JavaScriptCore-4_0-2.44.0-150400.4.78.1 * webkit2gtk4-debugsource-2.44.0-150400.4.78.1 * libwebkit2gtk-4_1-0-2.44.0-150400.4.78.1 * libwebkitgtk-6_0-4-2.44.0-150400.4.78.1 * webkit2gtk-4_0-injected-bundles-2.44.0-150400.4.78.1 * typelib-1_0-WebKit2WebExtension-4_0-2.44.0-150400.4.78.1 * libwebkit2gtk-4_1-0-debuginfo-2.44.0-150400.4.78.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.44.0-150400.4.78.1 * libjavascriptcoregtk-4_1-0-debuginfo-2.44.0-150400.4.78.1 * webkit2gtk3-soup2-devel-2.44.0-150400.4.78.1 * webkit2gtk-4_1-injected-bundles-debuginfo-2.44.0-150400.4.78.1 * typelib-1_0-JavaScriptCore-4_1-2.44.0-150400.4.78.1 * libjavascriptcoregtk-6_0-1-2.44.0-150400.4.78.1 * webkit2gtk3-debugsource-2.44.0-150400.4.78.1 * libjavascriptcoregtk-4_0-18-2.44.0-150400.4.78.1 * libwebkit2gtk-4_0-37-2.44.0-150400.4.78.1 * libjavascriptcoregtk-4_1-0-2.44.0-150400.4.78.1 * webkit2gtk-4_1-injected-bundles-2.44.0-150400.4.78.1 * webkit2gtk3-soup2-debugsource-2.44.0-150400.4.78.1 * libwebkit2gtk-4_0-37-debuginfo-2.44.0-150400.4.78.1 * typelib-1_0-WebKit2-4_1-2.44.0-150400.4.78.1 * libwebkitgtk-6_0-4-debuginfo-2.44.0-150400.4.78.1 * typelib-1_0-WebKit2-4_0-2.44.0-150400.4.78.1 * webkitgtk-6_0-injected-bundles-2.44.0-150400.4.78.1 * typelib-1_0-WebKit2WebExtension-4_1-2.44.0-150400.4.78.1 * webkit2gtk3-devel-2.44.0-150400.4.78.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.44.0-150400.4.78.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * WebKitGTK-6.0-lang-2.44.0-150400.4.78.1 * WebKitGTK-4.1-lang-2.44.0-150400.4.78.1 * WebKitGTK-4.0-lang-2.44.0-150400.4.78.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * libjavascriptcoregtk-6_0-1-debuginfo-2.44.0-150400.4.78.1 * typelib-1_0-JavaScriptCore-4_0-2.44.0-150400.4.78.1 * webkit2gtk4-debugsource-2.44.0-150400.4.78.1 * libwebkit2gtk-4_1-0-2.44.0-150400.4.78.1 * libwebkitgtk-6_0-4-2.44.0-150400.4.78.1 * webkit2gtk-4_0-injected-bundles-2.44.0-150400.4.78.1 * typelib-1_0-WebKit2WebExtension-4_0-2.44.0-150400.4.78.1 * libwebkit2gtk-4_1-0-debuginfo-2.44.0-150400.4.78.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.44.0-150400.4.78.1 * libjavascriptcoregtk-4_1-0-debuginfo-2.44.0-150400.4.78.1 * webkit2gtk3-soup2-devel-2.44.0-150400.4.78.1 * webkit2gtk-4_1-injected-bundles-debuginfo-2.44.0-150400.4.78.1 * typelib-1_0-JavaScriptCore-4_1-2.44.0-150400.4.78.1 * libjavascriptcoregtk-6_0-1-2.44.0-150400.4.78.1 * webkit2gtk3-debugsource-2.44.0-150400.4.78.1 * libjavascriptcoregtk-4_0-18-2.44.0-150400.4.78.1 * libwebkit2gtk-4_0-37-2.44.0-150400.4.78.1 * libjavascriptcoregtk-4_1-0-2.44.0-150400.4.78.1 * webkit2gtk-4_1-injected-bundles-2.44.0-150400.4.78.1 * webkit2gtk3-soup2-debugsource-2.44.0-150400.4.78.1 * libwebkit2gtk-4_0-37-debuginfo-2.44.0-150400.4.78.1 * typelib-1_0-WebKit2-4_1-2.44.0-150400.4.78.1 * libwebkitgtk-6_0-4-debuginfo-2.44.0-150400.4.78.1 * typelib-1_0-WebKit2-4_0-2.44.0-150400.4.78.1 * webkitgtk-6_0-injected-bundles-2.44.0-150400.4.78.1 * typelib-1_0-WebKit2WebExtension-4_1-2.44.0-150400.4.78.1 * webkit2gtk3-devel-2.44.0-150400.4.78.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.44.0-150400.4.78.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (noarch) * WebKitGTK-6.0-lang-2.44.0-150400.4.78.1 * WebKitGTK-4.1-lang-2.44.0-150400.4.78.1 * WebKitGTK-4.0-lang-2.44.0-150400.4.78.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * libjavascriptcoregtk-6_0-1-debuginfo-2.44.0-150400.4.78.1 * typelib-1_0-JavaScriptCore-4_0-2.44.0-150400.4.78.1 * webkit2gtk4-debugsource-2.44.0-150400.4.78.1 * libwebkit2gtk-4_1-0-2.44.0-150400.4.78.1 * libwebkitgtk-6_0-4-2.44.0-150400.4.78.1 * webkit2gtk-4_0-injected-bundles-2.44.0-150400.4.78.1 * typelib-1_0-WebKit2WebExtension-4_0-2.44.0-150400.4.78.1 * libwebkit2gtk-4_1-0-debuginfo-2.44.0-150400.4.78.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.44.0-150400.4.78.1 * libjavascriptcoregtk-4_1-0-debuginfo-2.44.0-150400.4.78.1 * webkit2gtk3-soup2-devel-2.44.0-150400.4.78.1 * webkit2gtk-4_1-injected-bundles-debuginfo-2.44.0-150400.4.78.1 * typelib-1_0-JavaScriptCore-4_1-2.44.0-150400.4.78.1 * libjavascriptcoregtk-6_0-1-2.44.0-150400.4.78.1 * webkit2gtk3-debugsource-2.44.0-150400.4.78.1 * libjavascriptcoregtk-4_0-18-2.44.0-150400.4.78.1 * libwebkit2gtk-4_0-37-2.44.0-150400.4.78.1 * libjavascriptcoregtk-4_1-0-2.44.0-150400.4.78.1 * webkit2gtk-4_1-injected-bundles-2.44.0-150400.4.78.1 * webkit2gtk3-soup2-debugsource-2.44.0-150400.4.78.1 * libwebkit2gtk-4_0-37-debuginfo-2.44.0-150400.4.78.1 * typelib-1_0-WebKit2-4_1-2.44.0-150400.4.78.1 * libwebkitgtk-6_0-4-debuginfo-2.44.0-150400.4.78.1 * typelib-1_0-WebKit2-4_0-2.44.0-150400.4.78.1 * webkitgtk-6_0-injected-bundles-2.44.0-150400.4.78.1 * typelib-1_0-WebKit2WebExtension-4_1-2.44.0-150400.4.78.1 * webkit2gtk3-devel-2.44.0-150400.4.78.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.44.0-150400.4.78.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch) * WebKitGTK-6.0-lang-2.44.0-150400.4.78.1 * WebKitGTK-4.1-lang-2.44.0-150400.4.78.1 * WebKitGTK-4.0-lang-2.44.0-150400.4.78.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * libjavascriptcoregtk-6_0-1-debuginfo-2.44.0-150400.4.78.1 * typelib-1_0-JavaScriptCore-4_0-2.44.0-150400.4.78.1 * webkit2gtk4-debugsource-2.44.0-150400.4.78.1 * libwebkit2gtk-4_1-0-2.44.0-150400.4.78.1 * libwebkitgtk-6_0-4-2.44.0-150400.4.78.1 * webkit2gtk-4_0-injected-bundles-2.44.0-150400.4.78.1 * typelib-1_0-WebKit2WebExtension-4_0-2.44.0-150400.4.78.1 * libwebkit2gtk-4_1-0-debuginfo-2.44.0-150400.4.78.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.44.0-150400.4.78.1 * libjavascriptcoregtk-4_1-0-debuginfo-2.44.0-150400.4.78.1 * webkit2gtk3-soup2-devel-2.44.0-150400.4.78.1 * webkit2gtk-4_1-injected-bundles-debuginfo-2.44.0-150400.4.78.1 * typelib-1_0-JavaScriptCore-4_1-2.44.0-150400.4.78.1 * libjavascriptcoregtk-6_0-1-2.44.0-150400.4.78.1 * webkit2gtk3-debugsource-2.44.0-150400.4.78.1 * libjavascriptcoregtk-4_0-18-2.44.0-150400.4.78.1 * libwebkit2gtk-4_0-37-2.44.0-150400.4.78.1 * libjavascriptcoregtk-4_1-0-2.44.0-150400.4.78.1 * webkit2gtk-4_1-injected-bundles-2.44.0-150400.4.78.1 * webkit2gtk3-soup2-debugsource-2.44.0-150400.4.78.1 * libwebkit2gtk-4_0-37-debuginfo-2.44.0-150400.4.78.1 * typelib-1_0-WebKit2-4_1-2.44.0-150400.4.78.1 * libwebkitgtk-6_0-4-debuginfo-2.44.0-150400.4.78.1 * typelib-1_0-WebKit2-4_0-2.44.0-150400.4.78.1 * webkitgtk-6_0-injected-bundles-2.44.0-150400.4.78.1 * typelib-1_0-WebKit2WebExtension-4_1-2.44.0-150400.4.78.1 * webkit2gtk3-devel-2.44.0-150400.4.78.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.44.0-150400.4.78.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * WebKitGTK-6.0-lang-2.44.0-150400.4.78.1 * WebKitGTK-4.1-lang-2.44.0-150400.4.78.1 * WebKitGTK-4.0-lang-2.44.0-150400.4.78.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * libjavascriptcoregtk-6_0-1-debuginfo-2.44.0-150400.4.78.1 * typelib-1_0-JavaScriptCore-4_0-2.44.0-150400.4.78.1 * webkit2gtk4-debugsource-2.44.0-150400.4.78.1 * libwebkit2gtk-4_1-0-2.44.0-150400.4.78.1 * libwebkitgtk-6_0-4-2.44.0-150400.4.78.1 * webkit2gtk-4_0-injected-bundles-2.44.0-150400.4.78.1 * typelib-1_0-WebKit2WebExtension-4_0-2.44.0-150400.4.78.1 * libwebkit2gtk-4_1-0-debuginfo-2.44.0-150400.4.78.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.44.0-150400.4.78.1 * libjavascriptcoregtk-4_1-0-debuginfo-2.44.0-150400.4.78.1 * webkit2gtk3-soup2-devel-2.44.0-150400.4.78.1 * webkit2gtk-4_1-injected-bundles-debuginfo-2.44.0-150400.4.78.1 * typelib-1_0-JavaScriptCore-4_1-2.44.0-150400.4.78.1 * libjavascriptcoregtk-6_0-1-2.44.0-150400.4.78.1 * webkit2gtk3-debugsource-2.44.0-150400.4.78.1 * libjavascriptcoregtk-4_0-18-2.44.0-150400.4.78.1 * libwebkit2gtk-4_0-37-2.44.0-150400.4.78.1 * libjavascriptcoregtk-4_1-0-2.44.0-150400.4.78.1 * webkit2gtk-4_1-injected-bundles-2.44.0-150400.4.78.1 * webkit2gtk3-soup2-debugsource-2.44.0-150400.4.78.1 * libwebkit2gtk-4_0-37-debuginfo-2.44.0-150400.4.78.1 * typelib-1_0-WebKit2-4_1-2.44.0-150400.4.78.1 * libwebkitgtk-6_0-4-debuginfo-2.44.0-150400.4.78.1 * typelib-1_0-WebKit2-4_0-2.44.0-150400.4.78.1 * webkitgtk-6_0-injected-bundles-2.44.0-150400.4.78.1 * typelib-1_0-WebKit2WebExtension-4_1-2.44.0-150400.4.78.1 * webkit2gtk3-devel-2.44.0-150400.4.78.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.44.0-150400.4.78.1 * SUSE Manager Proxy 4.3 (noarch) * WebKitGTK-4.0-lang-2.44.0-150400.4.78.1 * SUSE Manager Proxy 4.3 (x86_64) * webkit2gtk-4_0-injected-bundles-2.44.0-150400.4.78.1 * libjavascriptcoregtk-4_0-18-2.44.0-150400.4.78.1 * typelib-1_0-JavaScriptCore-4_0-2.44.0-150400.4.78.1 * libwebkit2gtk-4_0-37-2.44.0-150400.4.78.1 * typelib-1_0-WebKit2WebExtension-4_0-2.44.0-150400.4.78.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.44.0-150400.4.78.1 * typelib-1_0-WebKit2-4_0-2.44.0-150400.4.78.1 * webkit2gtk3-soup2-devel-2.44.0-150400.4.78.1 * webkit2gtk3-soup2-debugsource-2.44.0-150400.4.78.1 * libwebkit2gtk-4_0-37-debuginfo-2.44.0-150400.4.78.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.44.0-150400.4.78.1 * SUSE Manager Retail Branch Server 4.3 (noarch) * WebKitGTK-4.0-lang-2.44.0-150400.4.78.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * webkit2gtk-4_0-injected-bundles-2.44.0-150400.4.78.1 * libjavascriptcoregtk-4_0-18-2.44.0-150400.4.78.1 * typelib-1_0-JavaScriptCore-4_0-2.44.0-150400.4.78.1 * libwebkit2gtk-4_0-37-2.44.0-150400.4.78.1 * typelib-1_0-WebKit2WebExtension-4_0-2.44.0-150400.4.78.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.44.0-150400.4.78.1 * typelib-1_0-WebKit2-4_0-2.44.0-150400.4.78.1 * webkit2gtk3-soup2-devel-2.44.0-150400.4.78.1 * webkit2gtk3-soup2-debugsource-2.44.0-150400.4.78.1 * libwebkit2gtk-4_0-37-debuginfo-2.44.0-150400.4.78.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.44.0-150400.4.78.1 * SUSE Manager Server 4.3 (noarch) * WebKitGTK-4.0-lang-2.44.0-150400.4.78.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * webkit2gtk-4_0-injected-bundles-2.44.0-150400.4.78.1 * libjavascriptcoregtk-4_0-18-2.44.0-150400.4.78.1 * typelib-1_0-JavaScriptCore-4_0-2.44.0-150400.4.78.1 * libwebkit2gtk-4_0-37-2.44.0-150400.4.78.1 * typelib-1_0-WebKit2WebExtension-4_0-2.44.0-150400.4.78.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.44.0-150400.4.78.1 * typelib-1_0-WebKit2-4_0-2.44.0-150400.4.78.1 * webkit2gtk3-soup2-devel-2.44.0-150400.4.78.1 * webkit2gtk3-soup2-debugsource-2.44.0-150400.4.78.1 * libwebkit2gtk-4_0-37-debuginfo-2.44.0-150400.4.78.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.44.0-150400.4.78.1 ## References: * https://www.suse.com/security/cve/CVE-2023-42843.html * https://www.suse.com/security/cve/CVE-2023-42950.html * https://www.suse.com/security/cve/CVE-2023-42956.html * https://www.suse.com/security/cve/CVE-2024-23252.html * https://www.suse.com/security/cve/CVE-2024-23254.html * https://www.suse.com/security/cve/CVE-2024-23263.html * https://www.suse.com/security/cve/CVE-2024-23280.html * https://www.suse.com/security/cve/CVE-2024-23284.html * https://bugzilla.suse.com/show_bug.cgi?id=1222010 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Apr 12 16:30:21 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 12 Apr 2024 16:30:21 -0000 Subject: SUSE-SU-2024:1269-1: important: Security update for webkit2gtk3 Message-ID: <171293942141.28509.5696924161662329530@smelt2.prg2.suse.org> # Security update for webkit2gtk3 Announcement ID: SUSE-SU-2024:1269-1 Rating: important References: * bsc#1222010 Cross-References: * CVE-2023-42843 * CVE-2023-42950 * CVE-2023-42956 * CVE-2024-23252 * CVE-2024-23254 * CVE-2024-23263 * CVE-2024-23280 * CVE-2024-23284 CVSS scores: * CVE-2023-42843 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2023-42950 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2023-42950 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2023-42956 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2023-42956 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-23252 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-23254 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2024-23263 ( SUSE ): 6.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2024-23280 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N * CVE-2024-23284 ( SUSE ): 6.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L Affected Products: * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves eight vulnerabilities can now be installed. ## Description: This update for webkit2gtk3 fixes the following issues: * CVE-2024-23252: Fixed denial of service via crafted web content (bsc#1222010). * CVE-2024-23254: Fixed possible audio data exilftration cross-origin via malicious website (bsc#1222010). * CVE-2024-23263: Fixed lack of Content Security Policy enforcing via malicious crafted web content (bsc#1222010). * CVE-2024-23280: Fixed possible user fingeprint via malicious crafted web content (bsc#1222010). * CVE-2024-23284: Fixed lack of Content Security Policy enforcing via malicious crafted web content (bsc#1222010). * CVE-2023-42950: Fixed arbitrary code execution via crafted web content (bsc#1222010). * CVE-2023-42956: Fixed denial of service via crafted web content (bsc#1222010). * CVE-2023-42843: Fixed address bar spoofing via malicious website (bsc#1222010). Other fixes: * Update to version 2.44.0 (bsc#1222010): * Make the DOM accessibility tree reachable from UI process with GTK4. * Removed the X11 and WPE renderers in favor of DMA-BUF. * Improved vblank synchronization when rendering. * Removed key event reinjection in GTK4 to make keyboard shortcuts work in web sites. * Fix gamepads detection by correctly handling focused window in GTK4. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-1269=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-1269=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-1269=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-1269=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-1269=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-1269=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-1269=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * webkit2gtk-4_0-injected-bundles-2.44.0-150200.107.1 * webkit2gtk3-devel-2.44.0-150200.107.1 * libwebkit2gtk-4_0-37-debuginfo-2.44.0-150200.107.1 * typelib-1_0-JavaScriptCore-4_0-2.44.0-150200.107.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.44.0-150200.107.1 * webkit2gtk3-debugsource-2.44.0-150200.107.1 * typelib-1_0-WebKit2-4_0-2.44.0-150200.107.1 * libjavascriptcoregtk-4_0-18-2.44.0-150200.107.1 * typelib-1_0-WebKit2WebExtension-4_0-2.44.0-150200.107.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.44.0-150200.107.1 * libwebkit2gtk-4_0-37-2.44.0-150200.107.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (noarch) * libwebkit2gtk3-lang-2.44.0-150200.107.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * webkit2gtk-4_0-injected-bundles-2.44.0-150200.107.1 * webkit2gtk3-devel-2.44.0-150200.107.1 * libwebkit2gtk-4_0-37-debuginfo-2.44.0-150200.107.1 * typelib-1_0-JavaScriptCore-4_0-2.44.0-150200.107.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.44.0-150200.107.1 * webkit2gtk3-debugsource-2.44.0-150200.107.1 * typelib-1_0-WebKit2-4_0-2.44.0-150200.107.1 * libjavascriptcoregtk-4_0-18-2.44.0-150200.107.1 * typelib-1_0-WebKit2WebExtension-4_0-2.44.0-150200.107.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.44.0-150200.107.1 * libwebkit2gtk-4_0-37-2.44.0-150200.107.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * libwebkit2gtk3-lang-2.44.0-150200.107.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * webkit2gtk-4_0-injected-bundles-2.44.0-150200.107.1 * webkit2gtk3-devel-2.44.0-150200.107.1 * libwebkit2gtk-4_0-37-debuginfo-2.44.0-150200.107.1 * typelib-1_0-JavaScriptCore-4_0-2.44.0-150200.107.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.44.0-150200.107.1 * webkit2gtk3-debugsource-2.44.0-150200.107.1 * typelib-1_0-WebKit2-4_0-2.44.0-150200.107.1 * libjavascriptcoregtk-4_0-18-2.44.0-150200.107.1 * typelib-1_0-WebKit2WebExtension-4_0-2.44.0-150200.107.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.44.0-150200.107.1 * libwebkit2gtk-4_0-37-2.44.0-150200.107.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (noarch) * libwebkit2gtk3-lang-2.44.0-150200.107.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * webkit2gtk-4_0-injected-bundles-2.44.0-150200.107.1 * webkit2gtk3-devel-2.44.0-150200.107.1 * libwebkit2gtk-4_0-37-debuginfo-2.44.0-150200.107.1 * typelib-1_0-JavaScriptCore-4_0-2.44.0-150200.107.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.44.0-150200.107.1 * webkit2gtk3-debugsource-2.44.0-150200.107.1 * typelib-1_0-WebKit2-4_0-2.44.0-150200.107.1 * libjavascriptcoregtk-4_0-18-2.44.0-150200.107.1 * typelib-1_0-WebKit2WebExtension-4_0-2.44.0-150200.107.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.44.0-150200.107.1 * libwebkit2gtk-4_0-37-2.44.0-150200.107.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch) * libwebkit2gtk3-lang-2.44.0-150200.107.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * webkit2gtk-4_0-injected-bundles-2.44.0-150200.107.1 * webkit2gtk3-devel-2.44.0-150200.107.1 * libwebkit2gtk-4_0-37-debuginfo-2.44.0-150200.107.1 * typelib-1_0-JavaScriptCore-4_0-2.44.0-150200.107.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.44.0-150200.107.1 * webkit2gtk3-debugsource-2.44.0-150200.107.1 * typelib-1_0-WebKit2-4_0-2.44.0-150200.107.1 * libjavascriptcoregtk-4_0-18-2.44.0-150200.107.1 * typelib-1_0-WebKit2WebExtension-4_0-2.44.0-150200.107.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.44.0-150200.107.1 * libwebkit2gtk-4_0-37-2.44.0-150200.107.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (noarch) * libwebkit2gtk3-lang-2.44.0-150200.107.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * webkit2gtk-4_0-injected-bundles-2.44.0-150200.107.1 * webkit2gtk3-devel-2.44.0-150200.107.1 * libwebkit2gtk-4_0-37-debuginfo-2.44.0-150200.107.1 * typelib-1_0-JavaScriptCore-4_0-2.44.0-150200.107.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.44.0-150200.107.1 * webkit2gtk3-debugsource-2.44.0-150200.107.1 * typelib-1_0-WebKit2-4_0-2.44.0-150200.107.1 * libjavascriptcoregtk-4_0-18-2.44.0-150200.107.1 * typelib-1_0-WebKit2WebExtension-4_0-2.44.0-150200.107.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.44.0-150200.107.1 * libwebkit2gtk-4_0-37-2.44.0-150200.107.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * libwebkit2gtk3-lang-2.44.0-150200.107.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * webkit2gtk-4_0-injected-bundles-2.44.0-150200.107.1 * webkit2gtk3-devel-2.44.0-150200.107.1 * libwebkit2gtk-4_0-37-debuginfo-2.44.0-150200.107.1 * typelib-1_0-JavaScriptCore-4_0-2.44.0-150200.107.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.44.0-150200.107.1 * webkit2gtk3-debugsource-2.44.0-150200.107.1 * typelib-1_0-WebKit2-4_0-2.44.0-150200.107.1 * libjavascriptcoregtk-4_0-18-2.44.0-150200.107.1 * typelib-1_0-WebKit2WebExtension-4_0-2.44.0-150200.107.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.44.0-150200.107.1 * libwebkit2gtk-4_0-37-2.44.0-150200.107.1 * SUSE Enterprise Storage 7.1 (noarch) * libwebkit2gtk3-lang-2.44.0-150200.107.1 ## References: * https://www.suse.com/security/cve/CVE-2023-42843.html * https://www.suse.com/security/cve/CVE-2023-42950.html * https://www.suse.com/security/cve/CVE-2023-42956.html * https://www.suse.com/security/cve/CVE-2024-23252.html * https://www.suse.com/security/cve/CVE-2024-23254.html * https://www.suse.com/security/cve/CVE-2024-23263.html * https://www.suse.com/security/cve/CVE-2024-23280.html * https://www.suse.com/security/cve/CVE-2024-23284.html * https://bugzilla.suse.com/show_bug.cgi?id=1222010 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Apr 12 16:30:25 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 12 Apr 2024 16:30:25 -0000 Subject: SUSE-SU-2024:1268-1: important: Security update for python-Pillow Message-ID: <171293942565.28509.8408807958745720676@smelt2.prg2.suse.org> # Security update for python-Pillow Announcement ID: SUSE-SU-2024:1268-1 Rating: important References: * bsc#1222262 Cross-References: * CVE-2024-28219 CVSS scores: * CVE-2024-28219 ( SUSE ): 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H Affected Products: * HPE Helion OpenStack 8 * SUSE Linux Enterprise High Performance Computing 12 SP3 * SUSE Linux Enterprise Server 12 SP3 * SUSE OpenStack Cloud 8 * SUSE OpenStack Cloud Crowbar 8 An update that solves one vulnerability can now be installed. ## Description: This update for python-Pillow fixes the following issues: * CVE-2024-28219: Fixed buffer overflow in _imagingcms.c (bsc#1222262) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * HPE Helion OpenStack 8 zypper in -t patch HPE-Helion-OpenStack-8-2024-1268=1 * SUSE OpenStack Cloud 8 zypper in -t patch SUSE-OpenStack-Cloud-8-2024-1268=1 * SUSE OpenStack Cloud Crowbar 8 zypper in -t patch SUSE-OpenStack-Cloud-Crowbar-8-2024-1268=1 ## Package List: * HPE Helion OpenStack 8 (x86_64) * python-Pillow-debugsource-4.2.1-3.29.2 * python-Pillow-debuginfo-4.2.1-3.29.2 * python-Pillow-4.2.1-3.29.2 * HPE Helion OpenStack 8 (noarch) * venv-openstack-horizon-hpe-x86_64-12.0.5~dev6-14.58.2 * SUSE OpenStack Cloud 8 (x86_64) * python-Pillow-debugsource-4.2.1-3.29.2 * python-Pillow-debuginfo-4.2.1-3.29.2 * python-Pillow-4.2.1-3.29.2 * SUSE OpenStack Cloud 8 (noarch) * venv-openstack-horizon-x86_64-12.0.5~dev6-14.58.2 * SUSE OpenStack Cloud Crowbar 8 (x86_64) * python-Pillow-debugsource-4.2.1-3.29.2 * python-Pillow-debuginfo-4.2.1-3.29.2 * python-Pillow-4.2.1-3.29.2 ## References: * https://www.suse.com/security/cve/CVE-2024-28219.html * https://bugzilla.suse.com/show_bug.cgi?id=1222262 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Apr 12 16:30:27 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 12 Apr 2024 16:30:27 -0000 Subject: SUSE-SU-2024:1267-1: important: Security update for python-Pillow Message-ID: <171293942797.28509.12001800077114314743@smelt2.prg2.suse.org> # Security update for python-Pillow Announcement ID: SUSE-SU-2024:1267-1 Rating: important References: * bsc#1222262 Cross-References: * CVE-2024-28219 CVSS scores: * CVE-2024-28219 ( SUSE ): 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H Affected Products: * SUSE Linux Enterprise Server 12 SP4 * SUSE OpenStack Cloud 9 * SUSE OpenStack Cloud Crowbar 9 An update that solves one vulnerability can now be installed. ## Description: This update for python-Pillow fixes the following issues: * CVE-2024-28219: Fixed buffer overflow in _imagingcms.c (bsc#1222262) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE OpenStack Cloud 9 zypper in -t patch SUSE-OpenStack-Cloud-9-2024-1267=1 * SUSE OpenStack Cloud Crowbar 9 zypper in -t patch SUSE-OpenStack-Cloud-Crowbar-9-2024-1267=1 ## Package List: * SUSE OpenStack Cloud 9 (x86_64) * python-Pillow-debugsource-5.2.0-3.26.2 * python-Pillow-5.2.0-3.26.2 * python-Pillow-debuginfo-5.2.0-3.26.2 * SUSE OpenStack Cloud 9 (noarch) * venv-openstack-horizon-x86_64-14.1.1~dev11-4.55.2 * SUSE OpenStack Cloud Crowbar 9 (x86_64) * python-Pillow-debugsource-5.2.0-3.26.2 * python-Pillow-5.2.0-3.26.2 * python-Pillow-debuginfo-5.2.0-3.26.2 ## References: * https://www.suse.com/security/cve/CVE-2024-28219.html * https://bugzilla.suse.com/show_bug.cgi?id=1222262 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Apr 12 16:30:30 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 12 Apr 2024 16:30:30 -0000 Subject: SUSE-SU-2024:1265-1: important: Security update for xwayland Message-ID: <171293943027.28509.17346305873206830725@smelt2.prg2.suse.org> # Security update for xwayland Announcement ID: SUSE-SU-2024:1265-1 Rating: important References: * bsc#1222309 * bsc#1222310 * bsc#1222312 * bsc#1222442 Cross-References: * CVE-2024-31080 * CVE-2024-31081 * CVE-2024-31083 CVSS scores: * CVE-2024-31080 ( SUSE ): 7.6 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-31081 ( SUSE ): 7.6 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-31083 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 An update that solves three vulnerabilities and has one security fix can now be installed. ## Description: This update for xwayland fixes the following issues: * CVE-2024-31080: Fixed ProcXIGetSelectedEvents to use unswapped length (bsc#1222309). * CVE-2024-31081: Fixed ProcXIPassiveGrabDevice to use unswapped length to send reply (bsc#1222310). * CVE-2024-31083: Fixed refcounting of glyphs during ProcRenderAddGlyphs (bsc#1222312). Other fixes: \- Fixed regression for security fix for CVE-2024-31083 when using Android Studio (bnc#1222442) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-1265=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-1265=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * xwayland-debugsource-21.1.4-150400.3.36.1 * xwayland-debuginfo-21.1.4-150400.3.36.1 * xwayland-devel-21.1.4-150400.3.36.1 * xwayland-21.1.4-150400.3.36.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * xwayland-debugsource-21.1.4-150400.3.36.1 * xwayland-debuginfo-21.1.4-150400.3.36.1 * xwayland-21.1.4-150400.3.36.1 ## References: * https://www.suse.com/security/cve/CVE-2024-31080.html * https://www.suse.com/security/cve/CVE-2024-31081.html * https://www.suse.com/security/cve/CVE-2024-31083.html * https://bugzilla.suse.com/show_bug.cgi?id=1222309 * https://bugzilla.suse.com/show_bug.cgi?id=1222310 * https://bugzilla.suse.com/show_bug.cgi?id=1222312 * https://bugzilla.suse.com/show_bug.cgi?id=1222442 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Apr 12 16:30:33 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 12 Apr 2024 16:30:33 -0000 Subject: SUSE-SU-2024:1264-1: important: Security update for xwayland Message-ID: <171293943362.28509.17255948787711227358@smelt2.prg2.suse.org> # Security update for xwayland Announcement ID: SUSE-SU-2024:1264-1 Rating: important References: * bsc#1222309 * bsc#1222310 * bsc#1222312 * bsc#1222442 Cross-References: * CVE-2024-31080 * CVE-2024-31081 * CVE-2024-31083 CVSS scores: * CVE-2024-31080 ( SUSE ): 7.6 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-31081 ( SUSE ): 7.6 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-31083 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Workstation Extension 15 SP5 An update that solves three vulnerabilities and has one security fix can now be installed. ## Description: This update for xwayland fixes the following issues: * CVE-2024-31080: Fixed ProcXIGetSelectedEvents to use unswapped length (bsc#1222309). * CVE-2024-31081: Fixed ProcXIPassiveGrabDevice to use unswapped length to send reply (bsc#1222310). * CVE-2024-31083: Fixed refcounting of glyphs during ProcRenderAddGlyphs (bsc#1222312). Other fixes: \- Fixed regression for security fix for CVE-2024-31083 when using Android Studio (bnc#1222442) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-1264=1 openSUSE-SLE-15.5-2024-1264=1 * SUSE Linux Enterprise Workstation Extension 15 SP5 zypper in -t patch SUSE-SLE-Product-WE-15-SP5-2024-1264=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * xwayland-devel-22.1.5-150500.7.22.1 * xwayland-debugsource-22.1.5-150500.7.22.1 * xwayland-22.1.5-150500.7.22.1 * xwayland-debuginfo-22.1.5-150500.7.22.1 * SUSE Linux Enterprise Workstation Extension 15 SP5 (x86_64) * xwayland-debugsource-22.1.5-150500.7.22.1 * xwayland-22.1.5-150500.7.22.1 * xwayland-debuginfo-22.1.5-150500.7.22.1 ## References: * https://www.suse.com/security/cve/CVE-2024-31080.html * https://www.suse.com/security/cve/CVE-2024-31081.html * https://www.suse.com/security/cve/CVE-2024-31083.html * https://bugzilla.suse.com/show_bug.cgi?id=1222309 * https://bugzilla.suse.com/show_bug.cgi?id=1222310 * https://bugzilla.suse.com/show_bug.cgi?id=1222312 * https://bugzilla.suse.com/show_bug.cgi?id=1222442 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Apr 12 16:30:35 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 12 Apr 2024 16:30:35 -0000 Subject: SUSE-SU-2024:1263-1: important: Security update for xorg-x11-server Message-ID: <171293943563.28509.889618095340957267@smelt2.prg2.suse.org> # Security update for xorg-x11-server Announcement ID: SUSE-SU-2024:1263-1 Rating: important References: * bsc#1222312 * bsc#1222442 Cross-References: * CVE-2024-31083 CVSS scores: * CVE-2024-31083 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for xorg-x11-server fixes the following issues: * Fixed regression for security fix (bsc#1222312) for CVE-2024-31083 when using Android Studio (bsc#1222442) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1263=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1263=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1263=1 * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-1263=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * xorg-x11-server-extra-debuginfo-1.19.6-10.74.1 * xorg-x11-server-1.19.6-10.74.1 * xorg-x11-server-debuginfo-1.19.6-10.74.1 * xorg-x11-server-extra-1.19.6-10.74.1 * xorg-x11-server-debugsource-1.19.6-10.74.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * xorg-x11-server-extra-debuginfo-1.19.6-10.74.1 * xorg-x11-server-1.19.6-10.74.1 * xorg-x11-server-debuginfo-1.19.6-10.74.1 * xorg-x11-server-extra-1.19.6-10.74.1 * xorg-x11-server-debugsource-1.19.6-10.74.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * xorg-x11-server-extra-debuginfo-1.19.6-10.74.1 * xorg-x11-server-1.19.6-10.74.1 * xorg-x11-server-debuginfo-1.19.6-10.74.1 * xorg-x11-server-extra-1.19.6-10.74.1 * xorg-x11-server-debugsource-1.19.6-10.74.1 * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * xorg-x11-server-sdk-1.19.6-10.74.1 * xorg-x11-server-debuginfo-1.19.6-10.74.1 * xorg-x11-server-debugsource-1.19.6-10.74.1 ## References: * https://www.suse.com/security/cve/CVE-2024-31083.html * https://bugzilla.suse.com/show_bug.cgi?id=1222312 * https://bugzilla.suse.com/show_bug.cgi?id=1222442 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Apr 12 16:30:37 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 12 Apr 2024 16:30:37 -0000 Subject: SUSE-SU-2024:1262-1: important: Security update for xorg-x11-server Message-ID: <171293943761.28509.498950756280203886@smelt2.prg2.suse.org> # Security update for xorg-x11-server Announcement ID: SUSE-SU-2024:1262-1 Rating: important References: * bsc#1222309 * bsc#1222310 * bsc#1222311 * bsc#1222312 * bsc#1222442 Cross-References: * CVE-2024-31080 * CVE-2024-31081 * CVE-2024-31082 * CVE-2024-31083 CVSS scores: * CVE-2024-31080 ( SUSE ): 7.6 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-31081 ( SUSE ): 7.6 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-31082 ( SUSE ): 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H * CVE-2024-31083 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP5 * Development Tools Module 15-SP5 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves four vulnerabilities and has one security fix can now be installed. ## Description: This update for xorg-x11-server fixes the following issues: * CVE-2024-31080: Fixed ProcXIGetSelectedEvents to use unswapped length (bsc#1222309). * CVE-2024-31081: Fixed ProcXIPassiveGrabDevice to use unswapped length to send reply (bsc#1222310). * CVE-2024-31082: Fixed ProcAppleDRICreatePixmap to use unswapped length to send reply (bsc#1222311). * CVE-2024-31083: Fixed refcounting of glyphs during ProcRenderAddGlyphs (bsc#1222312). Other fixes: \- Fixed regression for security fix for CVE-2024-31083 when using Android Studio (bnc#1222442) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-1262=1 openSUSE-SLE-15.5-2024-1262=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-1262=1 * Development Tools Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2024-1262=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * xorg-x11-server-extra-21.1.4-150500.7.26.1 * xorg-x11-server-Xvfb-debuginfo-21.1.4-150500.7.26.1 * xorg-x11-server-Xvfb-21.1.4-150500.7.26.1 * xorg-x11-server-source-21.1.4-150500.7.26.1 * xorg-x11-server-extra-debuginfo-21.1.4-150500.7.26.1 * xorg-x11-server-debugsource-21.1.4-150500.7.26.1 * xorg-x11-server-sdk-21.1.4-150500.7.26.1 * xorg-x11-server-debuginfo-21.1.4-150500.7.26.1 * xorg-x11-server-21.1.4-150500.7.26.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * xorg-x11-server-extra-21.1.4-150500.7.26.1 * xorg-x11-server-Xvfb-debuginfo-21.1.4-150500.7.26.1 * xorg-x11-server-Xvfb-21.1.4-150500.7.26.1 * xorg-x11-server-extra-debuginfo-21.1.4-150500.7.26.1 * xorg-x11-server-debugsource-21.1.4-150500.7.26.1 * xorg-x11-server-debuginfo-21.1.4-150500.7.26.1 * xorg-x11-server-21.1.4-150500.7.26.1 * Development Tools Module 15-SP5 (aarch64 ppc64le s390x x86_64) * xorg-x11-server-debugsource-21.1.4-150500.7.26.1 * xorg-x11-server-sdk-21.1.4-150500.7.26.1 * xorg-x11-server-debuginfo-21.1.4-150500.7.26.1 ## References: * https://www.suse.com/security/cve/CVE-2024-31080.html * https://www.suse.com/security/cve/CVE-2024-31081.html * https://www.suse.com/security/cve/CVE-2024-31082.html * https://www.suse.com/security/cve/CVE-2024-31083.html * https://bugzilla.suse.com/show_bug.cgi?id=1222309 * https://bugzilla.suse.com/show_bug.cgi?id=1222310 * https://bugzilla.suse.com/show_bug.cgi?id=1222311 * https://bugzilla.suse.com/show_bug.cgi?id=1222312 * https://bugzilla.suse.com/show_bug.cgi?id=1222442 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Apr 12 16:30:39 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 12 Apr 2024 16:30:39 -0000 Subject: SUSE-SU-2024:1261-1: important: Security update for xorg-x11-server Message-ID: <171293943992.28509.15159149007518135397@smelt2.prg2.suse.org> # Security update for xorg-x11-server Announcement ID: SUSE-SU-2024:1261-1 Rating: important References: * bsc#1222309 * bsc#1222310 * bsc#1222311 * bsc#1222312 * bsc#1222442 Cross-References: * CVE-2024-31080 * CVE-2024-31081 * CVE-2024-31082 * CVE-2024-31083 CVSS scores: * CVE-2024-31080 ( SUSE ): 7.6 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-31081 ( SUSE ): 7.6 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-31082 ( SUSE ): 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H * CVE-2024-31083 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Workstation Extension 15 SP5 An update that solves four vulnerabilities and has one security fix can now be installed. ## Description: This update for xorg-x11-server fixes the following issues: * CVE-2024-31080: Fixed ProcXIGetSelectedEvents to use unswapped length (bsc#1222309). * CVE-2024-31081: Fixed ProcXIPassiveGrabDevice to use unswapped length to send reply (bsc#1222310). * CVE-2024-31082: Fixed ProcAppleDRICreatePixmap to use unswapped length to send reply (bsc#1222311). * CVE-2024-31083: Fixed refcounting of glyphs during ProcRenderAddGlyphs (bsc#1222312). Other fixes: \- Fixed regression for security fix for CVE-2024-31083 when using Android Studio (bnc#1222442) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-1261=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-1261=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-1261=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-1261=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-1261=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-1261=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-1261=1 * SUSE Linux Enterprise Workstation Extension 15 SP5 zypper in -t patch SUSE-SLE-Product-WE-15-SP5-2024-1261=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-1261=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * xorg-x11-server-sdk-1.20.3-150200.22.5.96.1 * xorg-x11-server-1.20.3-150200.22.5.96.1 * xorg-x11-server-extra-1.20.3-150200.22.5.96.1 * xorg-x11-server-debugsource-1.20.3-150200.22.5.96.1 * xorg-x11-server-debuginfo-1.20.3-150200.22.5.96.1 * xorg-x11-server-extra-debuginfo-1.20.3-150200.22.5.96.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * xorg-x11-server-sdk-1.20.3-150200.22.5.96.1 * xorg-x11-server-1.20.3-150200.22.5.96.1 * xorg-x11-server-extra-1.20.3-150200.22.5.96.1 * xorg-x11-server-debugsource-1.20.3-150200.22.5.96.1 * xorg-x11-server-debuginfo-1.20.3-150200.22.5.96.1 * xorg-x11-server-extra-debuginfo-1.20.3-150200.22.5.96.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * xorg-x11-server-debuginfo-1.20.3-150200.22.5.96.1 * xorg-x11-server-debugsource-1.20.3-150200.22.5.96.1 * xorg-x11-server-wayland-1.20.3-150200.22.5.96.1 * xorg-x11-server-wayland-debuginfo-1.20.3-150200.22.5.96.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * xorg-x11-server-sdk-1.20.3-150200.22.5.96.1 * xorg-x11-server-1.20.3-150200.22.5.96.1 * xorg-x11-server-extra-1.20.3-150200.22.5.96.1 * xorg-x11-server-debugsource-1.20.3-150200.22.5.96.1 * xorg-x11-server-debuginfo-1.20.3-150200.22.5.96.1 * xorg-x11-server-extra-debuginfo-1.20.3-150200.22.5.96.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * xorg-x11-server-sdk-1.20.3-150200.22.5.96.1 * xorg-x11-server-1.20.3-150200.22.5.96.1 * xorg-x11-server-extra-1.20.3-150200.22.5.96.1 * xorg-x11-server-debugsource-1.20.3-150200.22.5.96.1 * xorg-x11-server-debuginfo-1.20.3-150200.22.5.96.1 * xorg-x11-server-extra-debuginfo-1.20.3-150200.22.5.96.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * xorg-x11-server-sdk-1.20.3-150200.22.5.96.1 * xorg-x11-server-1.20.3-150200.22.5.96.1 * xorg-x11-server-extra-1.20.3-150200.22.5.96.1 * xorg-x11-server-debugsource-1.20.3-150200.22.5.96.1 * xorg-x11-server-debuginfo-1.20.3-150200.22.5.96.1 * xorg-x11-server-extra-debuginfo-1.20.3-150200.22.5.96.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * xorg-x11-server-sdk-1.20.3-150200.22.5.96.1 * xorg-x11-server-1.20.3-150200.22.5.96.1 * xorg-x11-server-extra-1.20.3-150200.22.5.96.1 * xorg-x11-server-debugsource-1.20.3-150200.22.5.96.1 * xorg-x11-server-debuginfo-1.20.3-150200.22.5.96.1 * xorg-x11-server-extra-debuginfo-1.20.3-150200.22.5.96.1 * SUSE Linux Enterprise Workstation Extension 15 SP5 (x86_64) * xorg-x11-server-debuginfo-1.20.3-150200.22.5.96.1 * xorg-x11-server-debugsource-1.20.3-150200.22.5.96.1 * xorg-x11-server-wayland-1.20.3-150200.22.5.96.1 * xorg-x11-server-wayland-debuginfo-1.20.3-150200.22.5.96.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * xorg-x11-server-sdk-1.20.3-150200.22.5.96.1 * xorg-x11-server-1.20.3-150200.22.5.96.1 * xorg-x11-server-extra-1.20.3-150200.22.5.96.1 * xorg-x11-server-debugsource-1.20.3-150200.22.5.96.1 * xorg-x11-server-debuginfo-1.20.3-150200.22.5.96.1 * xorg-x11-server-extra-debuginfo-1.20.3-150200.22.5.96.1 ## References: * https://www.suse.com/security/cve/CVE-2024-31080.html * https://www.suse.com/security/cve/CVE-2024-31081.html * https://www.suse.com/security/cve/CVE-2024-31082.html * https://www.suse.com/security/cve/CVE-2024-31083.html * https://bugzilla.suse.com/show_bug.cgi?id=1222309 * https://bugzilla.suse.com/show_bug.cgi?id=1222310 * https://bugzilla.suse.com/show_bug.cgi?id=1222311 * https://bugzilla.suse.com/show_bug.cgi?id=1222312 * https://bugzilla.suse.com/show_bug.cgi?id=1222442 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Apr 12 16:30:42 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 12 Apr 2024 16:30:42 -0000 Subject: SUSE-SU-2024:1260-1: important: Security update for xorg-x11-server Message-ID: <171293944223.28509.15061082155173563709@smelt2.prg2.suse.org> # Security update for xorg-x11-server Announcement ID: SUSE-SU-2024:1260-1 Rating: important References: * bsc#1222309 * bsc#1222310 * bsc#1222311 * bsc#1222312 * bsc#1222442 Cross-References: * CVE-2024-31080 * CVE-2024-31081 * CVE-2024-31082 * CVE-2024-31083 CVSS scores: * CVE-2024-31080 ( SUSE ): 7.6 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-31081 ( SUSE ): 7.6 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-31082 ( SUSE ): 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H * CVE-2024-31083 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves four vulnerabilities and has one security fix can now be installed. ## Description: This update for xorg-x11-server fixes the following issues: * CVE-2024-31080: Fixed ProcXIGetSelectedEvents to use unswapped length (bsc#1222309). * CVE-2024-31081: Fixed ProcXIPassiveGrabDevice to use unswapped length to send reply (bsc#1222310). * CVE-2024-31082: Fixed ProcAppleDRICreatePixmap to use unswapped length to send reply (bsc#1222311). * CVE-2024-31083: Fixed refcounting of glyphs during ProcRenderAddGlyphs (bsc#1222312). Other fixes: \- Fixed regression for security fix for CVE-2024-31083 when using Android Studio (bnc#1222442) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-1260=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-1260=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-1260=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-1260=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-1260=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-1260=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-1260=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-1260=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-1260=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * xorg-x11-server-extra-1.20.3-150400.38.48.1 * xorg-x11-server-sdk-1.20.3-150400.38.48.1 * xorg-x11-server-debuginfo-1.20.3-150400.38.48.1 * xorg-x11-server-extra-debuginfo-1.20.3-150400.38.48.1 * xorg-x11-server-debugsource-1.20.3-150400.38.48.1 * xorg-x11-server-source-1.20.3-150400.38.48.1 * xorg-x11-server-1.20.3-150400.38.48.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * xorg-x11-server-extra-1.20.3-150400.38.48.1 * xorg-x11-server-sdk-1.20.3-150400.38.48.1 * xorg-x11-server-debuginfo-1.20.3-150400.38.48.1 * xorg-x11-server-extra-debuginfo-1.20.3-150400.38.48.1 * xorg-x11-server-debugsource-1.20.3-150400.38.48.1 * xorg-x11-server-1.20.3-150400.38.48.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * xorg-x11-server-extra-1.20.3-150400.38.48.1 * xorg-x11-server-sdk-1.20.3-150400.38.48.1 * xorg-x11-server-debuginfo-1.20.3-150400.38.48.1 * xorg-x11-server-extra-debuginfo-1.20.3-150400.38.48.1 * xorg-x11-server-debugsource-1.20.3-150400.38.48.1 * xorg-x11-server-1.20.3-150400.38.48.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * xorg-x11-server-extra-1.20.3-150400.38.48.1 * xorg-x11-server-sdk-1.20.3-150400.38.48.1 * xorg-x11-server-debuginfo-1.20.3-150400.38.48.1 * xorg-x11-server-extra-debuginfo-1.20.3-150400.38.48.1 * xorg-x11-server-debugsource-1.20.3-150400.38.48.1 * xorg-x11-server-1.20.3-150400.38.48.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * xorg-x11-server-extra-1.20.3-150400.38.48.1 * xorg-x11-server-sdk-1.20.3-150400.38.48.1 * xorg-x11-server-debuginfo-1.20.3-150400.38.48.1 * xorg-x11-server-extra-debuginfo-1.20.3-150400.38.48.1 * xorg-x11-server-debugsource-1.20.3-150400.38.48.1 * xorg-x11-server-1.20.3-150400.38.48.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * xorg-x11-server-extra-1.20.3-150400.38.48.1 * xorg-x11-server-sdk-1.20.3-150400.38.48.1 * xorg-x11-server-debuginfo-1.20.3-150400.38.48.1 * xorg-x11-server-extra-debuginfo-1.20.3-150400.38.48.1 * xorg-x11-server-debugsource-1.20.3-150400.38.48.1 * xorg-x11-server-1.20.3-150400.38.48.1 * SUSE Manager Proxy 4.3 (x86_64) * xorg-x11-server-extra-1.20.3-150400.38.48.1 * xorg-x11-server-debuginfo-1.20.3-150400.38.48.1 * xorg-x11-server-extra-debuginfo-1.20.3-150400.38.48.1 * xorg-x11-server-debugsource-1.20.3-150400.38.48.1 * xorg-x11-server-1.20.3-150400.38.48.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * xorg-x11-server-extra-1.20.3-150400.38.48.1 * xorg-x11-server-debuginfo-1.20.3-150400.38.48.1 * xorg-x11-server-extra-debuginfo-1.20.3-150400.38.48.1 * xorg-x11-server-debugsource-1.20.3-150400.38.48.1 * xorg-x11-server-1.20.3-150400.38.48.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * xorg-x11-server-extra-1.20.3-150400.38.48.1 * xorg-x11-server-debuginfo-1.20.3-150400.38.48.1 * xorg-x11-server-extra-debuginfo-1.20.3-150400.38.48.1 * xorg-x11-server-debugsource-1.20.3-150400.38.48.1 * xorg-x11-server-1.20.3-150400.38.48.1 ## References: * https://www.suse.com/security/cve/CVE-2024-31080.html * https://www.suse.com/security/cve/CVE-2024-31081.html * https://www.suse.com/security/cve/CVE-2024-31082.html * https://www.suse.com/security/cve/CVE-2024-31083.html * https://bugzilla.suse.com/show_bug.cgi?id=1222309 * https://bugzilla.suse.com/show_bug.cgi?id=1222310 * https://bugzilla.suse.com/show_bug.cgi?id=1222311 * https://bugzilla.suse.com/show_bug.cgi?id=1222312 * https://bugzilla.suse.com/show_bug.cgi?id=1222442 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Apr 12 16:30:45 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 12 Apr 2024 16:30:45 -0000 Subject: SUSE-SU-2024:1259-1: moderate: Security update for xen Message-ID: <171293944550.28509.13489561109758614832@smelt2.prg2.suse.org> # Security update for xen Announcement ID: SUSE-SU-2024:1259-1 Rating: moderate References: * bsc#1027519 * bsc#1221984 * bsc#1222302 * bsc#1222453 Cross-References: * CVE-2023-46842 * CVE-2024-2201 * CVE-2024-31142 CVSS scores: * CVE-2023-46842 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H * CVE-2024-2201 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-31142 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Products: * openSUSE Leap 15.4 * openSUSE Leap Micro 5.3 * openSUSE Leap Micro 5.4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 An update that solves three vulnerabilities and has one security fix can now be installed. ## Description: This update for xen fixes the following issues: * CVE-2023-46842: Fixed denial of service due to Xen bug check triggered by HVM hypercalls (XSA-454) in xen x86 (bsc#1221984) * CVE-2024-31142: Fixed incorrect logic for BTC/SRSO mitigations (XSA-455) in xen x86 (bsc#1222302) * CVE-2024-2201: Fixed memory disclosure via Native Branch History Injection (XSA-456) in xen x86 (bsc#1222453) Other fixes: * Update to Xen 4.16.6 (bsc#1027519) ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-1259=1 * openSUSE Leap Micro 5.3 zypper in -t patch openSUSE-Leap-Micro-5.3-2024-1259=1 * openSUSE Leap Micro 5.4 zypper in -t patch openSUSE-Leap-Micro-5.4-2024-1259=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-1259=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-1259=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-1259=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-1259=1 ## Package List: * openSUSE Leap 15.4 (aarch64 x86_64 i586) * xen-tools-domU-4.16.6_02-150400.4.55.1 * xen-debugsource-4.16.6_02-150400.4.55.1 * xen-tools-domU-debuginfo-4.16.6_02-150400.4.55.1 * xen-devel-4.16.6_02-150400.4.55.1 * xen-libs-debuginfo-4.16.6_02-150400.4.55.1 * xen-libs-4.16.6_02-150400.4.55.1 * openSUSE Leap 15.4 (x86_64) * xen-libs-32bit-4.16.6_02-150400.4.55.1 * xen-libs-32bit-debuginfo-4.16.6_02-150400.4.55.1 * openSUSE Leap 15.4 (aarch64 x86_64) * xen-doc-html-4.16.6_02-150400.4.55.1 * xen-tools-debuginfo-4.16.6_02-150400.4.55.1 * xen-tools-4.16.6_02-150400.4.55.1 * xen-4.16.6_02-150400.4.55.1 * openSUSE Leap 15.4 (noarch) * xen-tools-xendomains-wait-disk-4.16.6_02-150400.4.55.1 * openSUSE Leap 15.4 (aarch64_ilp32) * xen-libs-64bit-4.16.6_02-150400.4.55.1 * xen-libs-64bit-debuginfo-4.16.6_02-150400.4.55.1 * openSUSE Leap Micro 5.3 (x86_64) * xen-debugsource-4.16.6_02-150400.4.55.1 * xen-libs-debuginfo-4.16.6_02-150400.4.55.1 * xen-libs-4.16.6_02-150400.4.55.1 * openSUSE Leap Micro 5.4 (x86_64) * xen-debugsource-4.16.6_02-150400.4.55.1 * xen-libs-debuginfo-4.16.6_02-150400.4.55.1 * xen-libs-4.16.6_02-150400.4.55.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (x86_64) * xen-debugsource-4.16.6_02-150400.4.55.1 * xen-libs-debuginfo-4.16.6_02-150400.4.55.1 * xen-libs-4.16.6_02-150400.4.55.1 * SUSE Linux Enterprise Micro 5.3 (x86_64) * xen-debugsource-4.16.6_02-150400.4.55.1 * xen-libs-debuginfo-4.16.6_02-150400.4.55.1 * xen-libs-4.16.6_02-150400.4.55.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (x86_64) * xen-debugsource-4.16.6_02-150400.4.55.1 * xen-libs-debuginfo-4.16.6_02-150400.4.55.1 * xen-libs-4.16.6_02-150400.4.55.1 * SUSE Linux Enterprise Micro 5.4 (x86_64) * xen-debugsource-4.16.6_02-150400.4.55.1 * xen-libs-debuginfo-4.16.6_02-150400.4.55.1 * xen-libs-4.16.6_02-150400.4.55.1 ## References: * https://www.suse.com/security/cve/CVE-2023-46842.html * https://www.suse.com/security/cve/CVE-2024-2201.html * https://www.suse.com/security/cve/CVE-2024-31142.html * https://bugzilla.suse.com/show_bug.cgi?id=1027519 * https://bugzilla.suse.com/show_bug.cgi?id=1221984 * https://bugzilla.suse.com/show_bug.cgi?id=1222302 * https://bugzilla.suse.com/show_bug.cgi?id=1222453 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Apr 12 16:30:47 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 12 Apr 2024 16:30:47 -0000 Subject: SUSE-SU-2024:1258-1: important: Security update for python-Pillow Message-ID: <171293944743.28509.6974086914812325129@smelt2.prg2.suse.org> # Security update for python-Pillow Announcement ID: SUSE-SU-2024:1258-1 Rating: important References: * bsc#1222262 * bsc#1222553 Cross-References: * CVE-2024-28219 CVSS scores: * CVE-2024-28219 ( SUSE ): 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.5 * Python 3 Module 15-SP5 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for python-Pillow fixes the following issues: * CVE-2024-28219: Fixed buffer overflow in _imagingcms.c (bsc#1222262) Other fixes: \- Re-enabled build tests for s390x and ppc (bsc#1222553) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-1258=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-1258=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-1258=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-1258=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-1258=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1258=1 * Python 3 Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Python3-15-SP5-2024-1258=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-1258=1 ## Package List: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * python-Pillow-debuginfo-9.5.0-150400.5.15.1 * python311-Pillow-debuginfo-9.5.0-150400.5.15.1 * python311-Pillow-tk-debuginfo-9.5.0-150400.5.15.1 * python311-Pillow-tk-9.5.0-150400.5.15.1 * python311-Pillow-9.5.0-150400.5.15.1 * python-Pillow-debugsource-9.5.0-150400.5.15.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * python-Pillow-debuginfo-9.5.0-150400.5.15.1 * python311-Pillow-debuginfo-9.5.0-150400.5.15.1 * python311-Pillow-tk-debuginfo-9.5.0-150400.5.15.1 * python311-Pillow-tk-9.5.0-150400.5.15.1 * python311-Pillow-9.5.0-150400.5.15.1 * python-Pillow-debugsource-9.5.0-150400.5.15.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * python-Pillow-debuginfo-9.5.0-150400.5.15.1 * python311-Pillow-debuginfo-9.5.0-150400.5.15.1 * python311-Pillow-tk-debuginfo-9.5.0-150400.5.15.1 * python311-Pillow-tk-9.5.0-150400.5.15.1 * python311-Pillow-9.5.0-150400.5.15.1 * python-Pillow-debugsource-9.5.0-150400.5.15.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * python-Pillow-debuginfo-9.5.0-150400.5.15.1 * python311-Pillow-debuginfo-9.5.0-150400.5.15.1 * python311-Pillow-tk-debuginfo-9.5.0-150400.5.15.1 * python311-Pillow-tk-9.5.0-150400.5.15.1 * python311-Pillow-9.5.0-150400.5.15.1 * python-Pillow-debugsource-9.5.0-150400.5.15.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * python-Pillow-debuginfo-9.5.0-150400.5.15.1 * python311-Pillow-debuginfo-9.5.0-150400.5.15.1 * python311-Pillow-tk-debuginfo-9.5.0-150400.5.15.1 * python311-Pillow-tk-9.5.0-150400.5.15.1 * python311-Pillow-9.5.0-150400.5.15.1 * python-Pillow-debugsource-9.5.0-150400.5.15.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * python-Pillow-debuginfo-9.5.0-150400.5.15.1 * python311-Pillow-debuginfo-9.5.0-150400.5.15.1 * python311-Pillow-tk-debuginfo-9.5.0-150400.5.15.1 * python311-Pillow-tk-9.5.0-150400.5.15.1 * python311-Pillow-9.5.0-150400.5.15.1 * python-Pillow-debugsource-9.5.0-150400.5.15.1 * Python 3 Module 15-SP5 (aarch64 ppc64le s390x x86_64) * python-Pillow-debuginfo-9.5.0-150400.5.15.1 * python311-Pillow-debuginfo-9.5.0-150400.5.15.1 * python311-Pillow-tk-debuginfo-9.5.0-150400.5.15.1 * python311-Pillow-tk-9.5.0-150400.5.15.1 * python311-Pillow-9.5.0-150400.5.15.1 * python-Pillow-debugsource-9.5.0-150400.5.15.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * python-Pillow-debuginfo-9.5.0-150400.5.15.1 * python311-Pillow-debuginfo-9.5.0-150400.5.15.1 * python311-Pillow-tk-debuginfo-9.5.0-150400.5.15.1 * python311-Pillow-tk-9.5.0-150400.5.15.1 * python311-Pillow-9.5.0-150400.5.15.1 * python-Pillow-debugsource-9.5.0-150400.5.15.1 ## References: * https://www.suse.com/security/cve/CVE-2024-28219.html * https://bugzilla.suse.com/show_bug.cgi?id=1222262 * https://bugzilla.suse.com/show_bug.cgi?id=1222553 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Apr 12 20:30:04 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 12 Apr 2024 20:30:04 -0000 Subject: SUSE-SU-2024:1278-1: important: Security update for the Linux Kernel (Live Patch 10 for SLE 15 SP5) Message-ID: <171295380447.11481.13771917548520277868@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 10 for SLE 15 SP5) Announcement ID: SUSE-SU-2024:1278-1 Rating: important References: * bsc#1219296 Cross-References: * CVE-2023-52340 CVSS scores: * CVE-2023-52340 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_55_49 fixes one issue. The following security issue was fixed: * CVE-2023-52340: Fixed ICMPv6 ?Packet Too Big? packets force a DoS of the Linux kernel by forcing 100% CPU (bsc#1219296). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-1278=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-1278=1 ## Package List: * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP5_Update_10-debugsource-2-150500.11.8.1 * kernel-livepatch-5_14_21-150500_55_49-default-debuginfo-2-150500.11.8.1 * kernel-livepatch-5_14_21-150500_55_49-default-2-150500.11.8.1 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP5_Update_10-debugsource-2-150500.11.8.1 * kernel-livepatch-5_14_21-150500_55_49-default-debuginfo-2-150500.11.8.1 * kernel-livepatch-5_14_21-150500_55_49-default-2-150500.11.8.1 ## References: * https://www.suse.com/security/cve/CVE-2023-52340.html * https://bugzilla.suse.com/show_bug.cgi?id=1219296 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Apr 12 20:30:08 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 12 Apr 2024 20:30:08 -0000 Subject: SUSE-SU-2024:1276-1: important: Security update for the Linux Kernel (Live Patch 42 for SLE 15 SP3) Message-ID: <171295380871.11481.13887327970900690821@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 42 for SLE 15 SP3) Announcement ID: SUSE-SU-2024:1276-1 Rating: important References: * bsc#1210619 * bsc#1218487 Cross-References: * CVE-2023-1829 * CVE-2023-6531 CVSS scores: * CVE-2023-1829 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-1829 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6531 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6531 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise Live Patching 15-SP2 * SUSE Linux Enterprise Live Patching 15-SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves two vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.3.18-150300_59_153 fixes several issues. The following security issues were fixed: * CVE-2023-6531: Fixed a use-after-free flaw due to a race problem in the unix garbage collector's deletion of SKB races with unix_stream_read_generic()on the socket that the SKB is queued on (bsc#1218487). * CVE-2023-1829: Fixed a use-after-free vulnerability in the control index filter (tcindex) (bsc#1210619). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP2 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP2-2024-1276=1 * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-1277=1 * SUSE Linux Enterprise Live Patching 15-SP3 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2024-1277=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP2 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150200_24_183-default-debuginfo-2-150200.5.6.1 * kernel-livepatch-SLE15-SP2_Update_46-debugsource-2-150200.5.6.1 * kernel-livepatch-5_3_18-150200_24_183-default-2-150200.5.6.1 * openSUSE Leap 15.3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_153-default-2-150300.7.6.1 * kernel-livepatch-SLE15-SP3_Update_42-debugsource-2-150300.7.6.1 * kernel-livepatch-5_3_18-150300_59_153-default-debuginfo-2-150300.7.6.1 * openSUSE Leap 15.3 (x86_64) * kernel-livepatch-5_3_18-150300_59_153-preempt-debuginfo-2-150300.7.6.1 * kernel-livepatch-5_3_18-150300_59_153-preempt-2-150300.7.6.1 * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_153-default-2-150300.7.6.1 ## References: * https://www.suse.com/security/cve/CVE-2023-1829.html * https://www.suse.com/security/cve/CVE-2023-6531.html * https://bugzilla.suse.com/show_bug.cgi?id=1210619 * https://bugzilla.suse.com/show_bug.cgi?id=1218487 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Apr 12 20:30:10 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 12 Apr 2024 20:30:10 -0000 Subject: SUSE-SU-2024:1275-1: important: Security update for the Linux Kernel (Live Patch 54 for SLE 12 SP5) Message-ID: <171295381050.11481.851175077386508092@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 54 for SLE 12 SP5) Announcement ID: SUSE-SU-2024:1275-1 Rating: important References: * bsc#1210619 Cross-References: * CVE-2023-1829 CVSS scores: * CVE-2023-1829 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-1829 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Live Patching 12-SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for the Linux Kernel 4.12.14-122_201 fixes one issue. The following security issue was fixed: * CVE-2023-1829: Fixed a use-after-free vulnerability in the control index filter (tcindex) (bsc#1210619). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 12-SP5 zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2024-1275=1 ## Package List: * SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64) * kgraft-patch-4_12_14-122_201-default-2-8.10.1 ## References: * https://www.suse.com/security/cve/CVE-2023-1829.html * https://bugzilla.suse.com/show_bug.cgi?id=1210619 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Apr 15 08:30:01 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 15 Apr 2024 08:30:01 -0000 Subject: SUSE-SU-2024:1280-1: important: Security update for the Linux Kernel (Live Patch 23 for SLE 15 SP4) Message-ID: <171316980195.6507.17474507061389084243@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 23 for SLE 15 SP4) Announcement ID: SUSE-SU-2024:1280-1 Rating: important References: * bsc#1219296 Cross-References: * CVE-2023-52340 CVSS scores: * CVE-2023-52340 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves one vulnerability can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150400_24_108 fixes one issue. The following security issue was fixed: * CVE-2023-52340: Fixed ICMPv6 ?Packet Too Big? packets force a DoS of the Linux kernel by forcing 100% CPU (bsc#1219296). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-1280=1 * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2024-1280=1 ## Package List: * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_108-default-2-150400.9.8.1 * kernel-livepatch-5_14_21-150400_24_108-default-debuginfo-2-150400.9.8.1 * kernel-livepatch-SLE15-SP4_Update_23-debugsource-2-150400.9.8.1 * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_108-default-2-150400.9.8.1 * kernel-livepatch-5_14_21-150400_24_108-default-debuginfo-2-150400.9.8.1 * kernel-livepatch-SLE15-SP4_Update_23-debugsource-2-150400.9.8.1 ## References: * https://www.suse.com/security/cve/CVE-2023-52340.html * https://bugzilla.suse.com/show_bug.cgi?id=1219296 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Apr 15 16:30:03 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 15 Apr 2024 16:30:03 -0000 Subject: SUSE-SU-2024:1292-1: important: Security update for the Linux Kernel (Live Patch 19 for SLE 15 SP4) Message-ID: <171319860305.9914.11501043145850335263@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 19 for SLE 15 SP4) Announcement ID: SUSE-SU-2024:1292-1 Rating: important References: * bsc#1219078 * bsc#1219296 * bsc#1219432 Cross-References: * CVE-2023-52340 * CVE-2024-0565 * CVE-2024-1085 CVSS scores: * CVE-2023-52340 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0565 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0565 ( NVD ): 7.4 CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H * CVE-2024-1085 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-1085 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves three vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150400_24_92 fixes several issues. The following security issues were fixed: * CVE-2024-0565: Fixed an out-of-bounds memory read flaw in receive_encrypted_standard in fs/smb/client/smb2ops.c (bsc#1219078). * CVE-2024-1085: Fixed nf_tables use-after-free vulnerability in the nft_setelem_catchall_deactivate() function (bsc#1219432). * CVE-2023-52340: Fixed ICMPv6 ?Packet Too Big? packets force a DoS of the Linux kernel by forcing 100% CPU (bsc#1219296). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-1292=1 * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2024-1292=1 ## Package List: * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_92-default-6-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_19-debugsource-6-150400.2.1 * kernel-livepatch-5_14_21-150400_24_92-default-debuginfo-6-150400.2.1 * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_92-default-6-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_19-debugsource-6-150400.2.1 * kernel-livepatch-5_14_21-150400_24_92-default-debuginfo-6-150400.2.1 ## References: * https://www.suse.com/security/cve/CVE-2023-52340.html * https://www.suse.com/security/cve/CVE-2024-0565.html * https://www.suse.com/security/cve/CVE-2024-1085.html * https://bugzilla.suse.com/show_bug.cgi?id=1219078 * https://bugzilla.suse.com/show_bug.cgi?id=1219296 * https://bugzilla.suse.com/show_bug.cgi?id=1219432 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Apr 15 16:30:05 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 15 Apr 2024 16:30:05 -0000 Subject: SUSE-SU-2024:1288-1: important: Security update for the Linux Kernel (Live Patch 16 for SLE 15 SP4) Message-ID: <171319860554.9914.16100608209812498297@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 16 for SLE 15 SP4) Announcement ID: SUSE-SU-2024:1288-1 Rating: important References: * bsc#1218613 * bsc#1219078 * bsc#1219296 * bsc#1219432 Cross-References: * CVE-2023-42753 * CVE-2023-52340 * CVE-2024-0565 * CVE-2024-1085 CVSS scores: * CVE-2023-42753 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-42753 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52340 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0565 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0565 ( NVD ): 7.4 CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H * CVE-2024-1085 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-1085 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves four vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150400_24_81 fixes several issues. The following security issues were fixed: * CVE-2024-0565: Fixed an out-of-bounds memory read flaw in receive_encrypted_standard in fs/smb/client/smb2ops.c (bsc#1219078). * CVE-2023-42753: Fixed an array indexing vulnerability in the netfilter subsystem. This issue may have allowed a local user to crash the system or potentially escalate their privileges (bsc#1218613). * CVE-2024-1085: Fixed nf_tables use-after-free vulnerability in the nft_setelem_catchall_deactivate() function (bsc#1219432). * CVE-2023-52340: Fixed ICMPv6 ?Packet Too Big? packets force a DoS of the Linux kernel by forcing 100% CPU (bsc#1219296). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-1288=1 SUSE-2024-1289=1 SUSE-2024-1290=1 SUSE-2024-1291=1 * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2024-1291=1 SUSE-SLE- Module-Live-Patching-15-SP4-2024-1288=1 SUSE-SLE-Module-Live- Patching-15-SP4-2024-1289=1 SUSE-SLE-Module-Live-Patching-15-SP4-2024-1290=1 ## Package List: * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_74-default-debuginfo-9-150400.2.1 * kernel-livepatch-5_14_21-150400_24_66-default-10-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_14-debugsource-9-150400.2.1 * kernel-livepatch-5_14_21-150400_24_69-default-debuginfo-9-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_13-debugsource-10-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_15-debugsource-9-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_16-debugsource-8-150400.2.1 * kernel-livepatch-5_14_21-150400_24_81-default-debuginfo-8-150400.2.1 * kernel-livepatch-5_14_21-150400_24_81-default-8-150400.2.1 * kernel-livepatch-5_14_21-150400_24_66-default-debuginfo-10-150400.2.1 * kernel-livepatch-5_14_21-150400_24_74-default-9-150400.2.1 * kernel-livepatch-5_14_21-150400_24_69-default-9-150400.2.1 * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_74-default-debuginfo-9-150400.2.1 * kernel-livepatch-5_14_21-150400_24_66-default-10-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_14-debugsource-9-150400.2.1 * kernel-livepatch-5_14_21-150400_24_69-default-debuginfo-9-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_13-debugsource-10-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_15-debugsource-9-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_16-debugsource-8-150400.2.1 * kernel-livepatch-5_14_21-150400_24_81-default-debuginfo-8-150400.2.1 * kernel-livepatch-5_14_21-150400_24_81-default-8-150400.2.1 * kernel-livepatch-5_14_21-150400_24_66-default-debuginfo-10-150400.2.1 * kernel-livepatch-5_14_21-150400_24_74-default-9-150400.2.1 * kernel-livepatch-5_14_21-150400_24_69-default-9-150400.2.1 ## References: * https://www.suse.com/security/cve/CVE-2023-42753.html * https://www.suse.com/security/cve/CVE-2023-52340.html * https://www.suse.com/security/cve/CVE-2024-0565.html * https://www.suse.com/security/cve/CVE-2024-1085.html * https://bugzilla.suse.com/show_bug.cgi?id=1218613 * https://bugzilla.suse.com/show_bug.cgi?id=1219078 * https://bugzilla.suse.com/show_bug.cgi?id=1219296 * https://bugzilla.suse.com/show_bug.cgi?id=1219432 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Apr 15 16:30:08 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 15 Apr 2024 16:30:08 -0000 Subject: SUSE-SU-2024:1293-1: important: Security update for webkit2gtk3 Message-ID: <171319860801.9914.6009059592734656369@smelt2.prg2.suse.org> # Security update for webkit2gtk3 Announcement ID: SUSE-SU-2024:1293-1 Rating: important References: * bsc#1222010 Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 * SUSE Linux Enterprise Workstation Extension 12 12-SP5 An update that has one security fix can now be installed. ## Description: webkit2gtk3 was updated to fix the following issues: Update to version 2.44.0 (boo#1222010): * CVE-2024-23252: Credit to anbu1024 of SecANT. Impact: Processing web content may lead to a denial-of-service. Description: The issue was addressed with improved memory handling. * CVE-2024-23254: Credit to James Lee (@Windowsrcer). Impact: A malicious website may exfiltrate audio data cross-origin. Description: The issue was addressed with improved UI handling. * CVE-2024-23263: Credit to Johan Carlsson (joaxcar). Impact: Processing maliciously crafted web content may prevent Content Security Policy from being enforced. Description: A logic issue was addressed with improved validation. * CVE-2024-23280: Credit to An anonymous researcher. Impact: A maliciously crafted webpage may be able to fingerprint the user. Description: An injection issue was addressed with improved validation. * CVE-2024-23284: Credit to Georg Felber and Marco Squarcina. Impact: Processing maliciously crafted web content may prevent Content Security Policy from being enforced. Description: A logic issue was addressed with improved state management. * CVE-2023-42950: Credit to Nan Wang (@eternalsakura13) of 360 Vulnerability Research Institute and rushikesh nandedkar. Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Description: A use after free issue was addressed with improved memory management. * CVE-2023-42956: Credit to SungKwon Lee (Demon.Team). Impact: Processing web content may lead to a denial-of-service. Description: The issue was addressed with improved memory handling. * CVE-2023-42843: Credit to Kacper Kwapisz (@KKKas_). Impact: Visiting a malicious website may lead to address bar spoofing. Description: An inconsistent user interface issue was addressed with improved state management. * Make the DOM accessibility tree reachable from UI process with GTK4. * Removed the X11 and WPE renderers in favor of DMA-BUF. * Improved vblank synchronization when rendering. * Removed key event reinjection in GTK4 to make keyboard shortcuts work in web sites. * Fix gamepads detection by correctly handling focused window in GTK4. * Use WebAssembly on aarch64. It is the upstream default and no longer makes the build fail. Stop passing -DENABLE_C_LOOP=ON, -DENABLE_WEBASSEMBLY=OFF and -DENABLE_SAMPLING_PROFILER=OFF for the same reason. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Workstation Extension 12 12-SP5 zypper in -t patch SUSE-SLE-WE-12-SP5-2024-1293=1 * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-1293=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1293=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1293=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1293=1 ## Package List: * SUSE Linux Enterprise Workstation Extension 12 12-SP5 (x86_64) * libjavascriptcoregtk-4_0-18-32bit-2.44.0-4.3.2 * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * webkit2gtk3-devel-2.44.0-4.3.2 * typelib-1_0-WebKit2WebExtension-4_0-2.44.0-4.3.2 * webkit2gtk3-debugsource-2.44.0-4.3.2 * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * libjavascriptcoregtk-4_0-18-debuginfo-2.44.0-4.3.2 * libjavascriptcoregtk-4_0-18-2.44.0-4.3.2 * webkit2gtk-4_0-injected-bundles-debuginfo-2.44.0-4.3.2 * libwebkit2gtk-4_0-37-2.44.0-4.3.2 * typelib-1_0-WebKit2-4_0-2.44.0-4.3.2 * libwebkit2gtk-4_0-37-debuginfo-2.44.0-4.3.2 * typelib-1_0-JavaScriptCore-4_0-2.44.0-4.3.2 * typelib-1_0-WebKit2WebExtension-4_0-2.44.0-4.3.2 * webkit2gtk-4_0-injected-bundles-2.44.0-4.3.2 * webkit2gtk3-debugsource-2.44.0-4.3.2 * SUSE Linux Enterprise High Performance Computing 12 SP5 (noarch) * libwebkit2gtk3-lang-2.44.0-4.3.2 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * libjavascriptcoregtk-4_0-18-debuginfo-2.44.0-4.3.2 * libjavascriptcoregtk-4_0-18-2.44.0-4.3.2 * webkit2gtk-4_0-injected-bundles-debuginfo-2.44.0-4.3.2 * libwebkit2gtk-4_0-37-2.44.0-4.3.2 * typelib-1_0-WebKit2-4_0-2.44.0-4.3.2 * libwebkit2gtk-4_0-37-debuginfo-2.44.0-4.3.2 * typelib-1_0-JavaScriptCore-4_0-2.44.0-4.3.2 * typelib-1_0-WebKit2WebExtension-4_0-2.44.0-4.3.2 * webkit2gtk-4_0-injected-bundles-2.44.0-4.3.2 * webkit2gtk3-debugsource-2.44.0-4.3.2 * SUSE Linux Enterprise Server 12 SP5 (noarch) * libwebkit2gtk3-lang-2.44.0-4.3.2 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * libjavascriptcoregtk-4_0-18-debuginfo-2.44.0-4.3.2 * libjavascriptcoregtk-4_0-18-2.44.0-4.3.2 * webkit2gtk-4_0-injected-bundles-debuginfo-2.44.0-4.3.2 * libwebkit2gtk-4_0-37-2.44.0-4.3.2 * typelib-1_0-WebKit2-4_0-2.44.0-4.3.2 * libwebkit2gtk-4_0-37-debuginfo-2.44.0-4.3.2 * typelib-1_0-JavaScriptCore-4_0-2.44.0-4.3.2 * typelib-1_0-WebKit2WebExtension-4_0-2.44.0-4.3.2 * webkit2gtk-4_0-injected-bundles-2.44.0-4.3.2 * webkit2gtk3-debugsource-2.44.0-4.3.2 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (noarch) * libwebkit2gtk3-lang-2.44.0-4.3.2 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1222010 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Apr 15 16:30:10 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 15 Apr 2024 16:30:10 -0000 Subject: SUSE-SU-2024:1287-1: important: Security update for vim Message-ID: <171319861046.9914.10771845341874518802@smelt2.prg2.suse.org> # Security update for vim Announcement ID: SUSE-SU-2024:1287-1 Rating: important References: * bsc#1215005 * bsc#1217316 * bsc#1217320 * bsc#1217321 * bsc#1217324 * bsc#1217326 * bsc#1217329 * bsc#1217330 * bsc#1217432 * bsc#1219581 Cross-References: * CVE-2023-4750 * CVE-2023-48231 * CVE-2023-48232 * CVE-2023-48233 * CVE-2023-48234 * CVE-2023-48235 * CVE-2023-48236 * CVE-2023-48237 * CVE-2023-48706 * CVE-2024-22667 CVSS scores: * CVE-2023-4750 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2023-4750 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2023-4750 ( NVD ): 7.8 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2023-48231 ( SUSE ): 3.9 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L * CVE-2023-48231 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2023-48232 ( SUSE ): 3.9 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L * CVE-2023-48232 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2023-48233 ( SUSE ): 2.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L * CVE-2023-48233 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2023-48234 ( SUSE ): 2.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L * CVE-2023-48234 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2023-48235 ( SUSE ): 2.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L * CVE-2023-48235 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2023-48236 ( SUSE ): 2.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N * CVE-2023-48236 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2023-48237 ( SUSE ): 2.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L * CVE-2023-48237 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2023-48706 ( SUSE ): 3.6 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:L * CVE-2023-48706 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-22667 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-22667 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP5 * Desktop Applications Module 15-SP5 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves 10 vulnerabilities can now be installed. ## Description: This update for vim fixes the following issues: Updated to version 9.1.0111, fixes the following security problems * CVE-2023-48231: Use-After-Free in win_close() (bsc#1217316). * CVE-2023-48232: Floating point Exception in adjust_plines_for_skipcol() (bsc#1217320). * CVE-2023-48233: overflow with count for :s command (bsc#1217321). * CVE-2023-48234: overflow in nv_z_get_count (bsc#1217324). * CVE-2023-48235: overflow in ex address parsing (CVE-2023-48235). * CVE-2023-48236: overflow in get_number (bsc#1217329). * CVE-2023-48237: overflow in shift_line (bsc#1217330). * CVE-2023-48706: heap-use-after-free in ex_substitute (bsc#1217432). * CVE-2024-22667: stack-based buffer overflow in did_set_langmap function in map.c (bsc#1219581). * CVE-2023-4750: Heap use-after-free in function bt_quickfix (bsc#1215005). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-1287=1 openSUSE-SLE-15.5-2024-1287=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-1287=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-1287=1 * Desktop Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP5-2024-1287=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * gvim-debuginfo-9.1.0111-150500.20.9.1 * vim-debuginfo-9.1.0111-150500.20.9.1 * vim-debugsource-9.1.0111-150500.20.9.1 * vim-9.1.0111-150500.20.9.1 * vim-small-9.1.0111-150500.20.9.1 * gvim-9.1.0111-150500.20.9.1 * vim-small-debuginfo-9.1.0111-150500.20.9.1 * openSUSE Leap 15.5 (noarch) * vim-data-common-9.1.0111-150500.20.9.1 * vim-data-9.1.0111-150500.20.9.1 * SUSE Linux Enterprise Micro 5.5 (noarch) * vim-data-common-9.1.0111-150500.20.9.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 s390x x86_64) * vim-small-9.1.0111-150500.20.9.1 * vim-debuginfo-9.1.0111-150500.20.9.1 * vim-small-debuginfo-9.1.0111-150500.20.9.1 * vim-debugsource-9.1.0111-150500.20.9.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * vim-debuginfo-9.1.0111-150500.20.9.1 * vim-debugsource-9.1.0111-150500.20.9.1 * vim-9.1.0111-150500.20.9.1 * vim-small-9.1.0111-150500.20.9.1 * vim-small-debuginfo-9.1.0111-150500.20.9.1 * Basesystem Module 15-SP5 (noarch) * vim-data-common-9.1.0111-150500.20.9.1 * vim-data-9.1.0111-150500.20.9.1 * Desktop Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * gvim-debuginfo-9.1.0111-150500.20.9.1 * gvim-9.1.0111-150500.20.9.1 * vim-debuginfo-9.1.0111-150500.20.9.1 * vim-debugsource-9.1.0111-150500.20.9.1 ## References: * https://www.suse.com/security/cve/CVE-2023-4750.html * https://www.suse.com/security/cve/CVE-2023-48231.html * https://www.suse.com/security/cve/CVE-2023-48232.html * https://www.suse.com/security/cve/CVE-2023-48233.html * https://www.suse.com/security/cve/CVE-2023-48234.html * https://www.suse.com/security/cve/CVE-2023-48235.html * https://www.suse.com/security/cve/CVE-2023-48236.html * https://www.suse.com/security/cve/CVE-2023-48237.html * https://www.suse.com/security/cve/CVE-2023-48706.html * https://www.suse.com/security/cve/CVE-2024-22667.html * https://bugzilla.suse.com/show_bug.cgi?id=1215005 * https://bugzilla.suse.com/show_bug.cgi?id=1217316 * https://bugzilla.suse.com/show_bug.cgi?id=1217320 * https://bugzilla.suse.com/show_bug.cgi?id=1217321 * https://bugzilla.suse.com/show_bug.cgi?id=1217324 * https://bugzilla.suse.com/show_bug.cgi?id=1217326 * https://bugzilla.suse.com/show_bug.cgi?id=1217329 * https://bugzilla.suse.com/show_bug.cgi?id=1217330 * https://bugzilla.suse.com/show_bug.cgi?id=1217432 * https://bugzilla.suse.com/show_bug.cgi?id=1219581 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Apr 15 20:30:03 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 15 Apr 2024 20:30:03 -0000 Subject: SUSE-SU-2024:1299-1: important: Security update for the Linux Kernel (Live Patch 11 for SLE 15 SP4) Message-ID: <171321300334.1950.2338764324764354631@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 11 for SLE 15 SP4) Announcement ID: SUSE-SU-2024:1299-1 Rating: important References: * bsc#1218613 * bsc#1219078 * bsc#1219296 * bsc#1219432 Cross-References: * CVE-2023-42753 * CVE-2023-52340 * CVE-2024-0565 * CVE-2024-1085 CVSS scores: * CVE-2023-42753 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-42753 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52340 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0565 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0565 ( NVD ): 7.4 CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H * CVE-2024-1085 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-1085 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves four vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150400_24_60 fixes several issues. The following security issues were fixed: * CVE-2024-0565: Fixed an out-of-bounds memory read flaw in receive_encrypted_standard in fs/smb/client/smb2ops.c (bsc#1219078). * CVE-2023-42753: Fixed an array indexing vulnerability in the netfilter subsystem. This issue may have allowed a local user to crash the system or potentially escalate their privileges (bsc#1218613). * CVE-2024-1085: Fixed nf_tables use-after-free vulnerability in the nft_setelem_catchall_deactivate() function (bsc#1219432). * CVE-2023-52340: Fixed ICMPv6 ?Packet Too Big? packets force a DoS of the Linux kernel by forcing 100% CPU (bsc#1219296). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-1299=1 SUSE-2024-1300=1 * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2024-1299=1 SUSE-SLE- Module-Live-Patching-15-SP4-2024-1300=1 ## Package List: * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP4_Update_10-debugsource-13-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_11-debugsource-12-150400.2.1 * kernel-livepatch-5_14_21-150400_24_55-default-13-150400.2.1 * kernel-livepatch-5_14_21-150400_24_60-default-12-150400.2.1 * kernel-livepatch-5_14_21-150400_24_55-default-debuginfo-13-150400.2.1 * kernel-livepatch-5_14_21-150400_24_60-default-debuginfo-12-150400.2.1 * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP4_Update_10-debugsource-13-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_11-debugsource-12-150400.2.1 * kernel-livepatch-5_14_21-150400_24_55-default-13-150400.2.1 * kernel-livepatch-5_14_21-150400_24_60-default-12-150400.2.1 * kernel-livepatch-5_14_21-150400_24_55-default-debuginfo-13-150400.2.1 * kernel-livepatch-5_14_21-150400_24_60-default-debuginfo-12-150400.2.1 ## References: * https://www.suse.com/security/cve/CVE-2023-42753.html * https://www.suse.com/security/cve/CVE-2023-52340.html * https://www.suse.com/security/cve/CVE-2024-0565.html * https://www.suse.com/security/cve/CVE-2024-1085.html * https://bugzilla.suse.com/show_bug.cgi?id=1218613 * https://bugzilla.suse.com/show_bug.cgi?id=1219078 * https://bugzilla.suse.com/show_bug.cgi?id=1219296 * https://bugzilla.suse.com/show_bug.cgi?id=1219432 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Apr 15 20:30:05 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 15 Apr 2024 20:30:05 -0000 Subject: SUSE-SU-2024:1298-1: important: Security update for the Linux Kernel (Live Patch 22 for SLE 15 SP4) Message-ID: <171321300545.1950.6289807535115423095@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 22 for SLE 15 SP4) Announcement ID: SUSE-SU-2024:1298-1 Rating: important References: * bsc#1219078 * bsc#1219296 * bsc#1219432 Cross-References: * CVE-2023-52340 * CVE-2024-0565 * CVE-2024-1085 CVSS scores: * CVE-2023-52340 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0565 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0565 ( NVD ): 7.4 CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H * CVE-2024-1085 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-1085 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves three vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150400_24_103 fixes several issues. The following security issues were fixed: * CVE-2024-0565: Fixed an out-of-bounds memory read flaw in receive_encrypted_standard in fs/smb/client/smb2ops.c (bsc#1219078). * CVE-2024-1085: Fixed nf_tables use-after-free vulnerability in the nft_setelem_catchall_deactivate() function (bsc#1219432). * CVE-2023-52340: Fixed ICMPv6 ?Packet Too Big? packets force a DoS of the Linux kernel by forcing 100% CPU (bsc#1219296). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-1297=1 SUSE-2024-1298=1 * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2024-1297=1 SUSE-SLE- Module-Live-Patching-15-SP4-2024-1298=1 ## Package List: * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_103-default-3-150400.2.1 * kernel-livepatch-5_14_21-150400_24_100-default-5-150400.2.1 * kernel-livepatch-5_14_21-150400_24_100-default-debuginfo-5-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_22-debugsource-3-150400.2.1 * kernel-livepatch-5_14_21-150400_24_103-default-debuginfo-3-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_21-debugsource-5-150400.2.1 * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_103-default-3-150400.2.1 * kernel-livepatch-5_14_21-150400_24_100-default-5-150400.2.1 * kernel-livepatch-5_14_21-150400_24_100-default-debuginfo-5-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_22-debugsource-3-150400.2.1 * kernel-livepatch-5_14_21-150400_24_103-default-debuginfo-3-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_21-debugsource-5-150400.2.1 ## References: * https://www.suse.com/security/cve/CVE-2023-52340.html * https://www.suse.com/security/cve/CVE-2024-0565.html * https://www.suse.com/security/cve/CVE-2024-1085.html * https://bugzilla.suse.com/show_bug.cgi?id=1219078 * https://bugzilla.suse.com/show_bug.cgi?id=1219296 * https://bugzilla.suse.com/show_bug.cgi?id=1219432 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Apr 15 20:30:07 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 15 Apr 2024 20:30:07 -0000 Subject: SUSE-SU-2024:1296-1: low: Security update for texlive Message-ID: <171321300721.1950.11995896772020028112@smelt2.prg2.suse.org> # Security update for texlive Announcement ID: SUSE-SU-2024:1296-1 Rating: low References: * bsc#1222126 Cross-References: * CVE-2023-46048 CVSS scores: * CVE-2023-46048 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for texlive fixes the following issues: * CVE-2023-46048: Fixed null pointer dereference in texk/web2c/pdftexdir/writet1.c (bsc#1222126) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-1296=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1296=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1296=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1296=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * texlive-tex4ht-bin-debuginfo-2013.20130620.svn30088-22.11.1 * texlive-dvisvgm-bin-2013.20130620.svn30613-22.11.1 * texlive-makeindex-bin-2013.20130620.svn30088-22.11.1 * texlive-xmltex-bin-2013.20130620.svn3006-22.11.1 * texlive-web-bin-2013.20130620.svn30088-22.11.1 * texlive-dvidvi-bin-debuginfo-2013.20130620.svn30088-22.11.1 * texlive-luatex-bin-2013.20130620.svn30845-22.11.1 * texlive-xdvi-bin-2013.20130620.svn30088-22.11.1 * texlive-luatex-bin-debuginfo-2013.20130620.svn30845-22.11.1 * texlive-xdvi-bin-debuginfo-2013.20130620.svn30088-22.11.1 * texlive-thumbpdf-bin-2013.20130620.svn6898-22.11.1 * texlive-seetexk-bin-2013.20130620.svn30088-22.11.1 * texlive-jadetex-bin-2013.20130620.svn3006-22.11.1 * texlive-texconfig-bin-2013.20130620.svn29741-22.11.1 * texlive-mfware-bin-debuginfo-2013.20130620.svn30088-22.11.1 * texlive-debugsource-2013.20130620-22.11.1 * texlive-dviasm-bin-2013.20130620.svn8329-22.11.1 * texlive-cweb-bin-debuginfo-2013.20130620.svn30088-22.11.1 * libptexenc1-debuginfo-1.3.2dev-22.11.1 * texlive-dvipdfmx-bin-2013.20130620.svn30845-22.11.1 * texlive-metapost-bin-2013.20130620.svn30845-22.11.1 * texlive-pstools-bin-debuginfo-2013.20130620.svn30088-22.11.1 * texlive-dvipng-bin-2013.20130620.svn30845-22.11.1 * texlive-metapost-bin-debuginfo-2013.20130620.svn30845-22.11.1 * texlive-tex-bin-2013.20130620.svn30088-22.11.1 * texlive-dviljk-bin-debuginfo-2013.20130620.svn30088-22.11.1 * texlive-xetex-bin-2013.20130620.svn30845-22.11.1 * texlive-dvipng-bin-debuginfo-2013.20130620.svn30845-22.11.1 * texlive-metafont-bin-2013.20130620.svn30088-22.11.1 * texlive-bin-devel-2013.20130620-22.11.1 * texlive-bibtex-bin-debuginfo-2013.20130620.svn30088-22.11.1 * texlive-mptopdf-bin-2013.20130620.svn18674-22.11.1 * texlive-dvisvgm-bin-debuginfo-2013.20130620.svn30613-22.11.1 * texlive-pdftex-bin-debuginfo-2013.20130620.svn30845-22.11.1 * texlive-tex-bin-debuginfo-2013.20130620.svn30088-22.11.1 * texlive-gsftopk-bin-debuginfo-2013.20130620.svn30088-22.11.1 * texlive-dvidvi-bin-2013.20130620.svn30088-22.11.1 * texlive-luaotfload-bin-2013.20130620.svn30313-22.11.1 * texlive-vlna-bin-2013.20130620.svn30088-22.11.1 * libptexenc1-1.3.2dev-22.11.1 * texlive-tetex-bin-2013.20130620.svn29741-22.11.1 * texlive-metafont-bin-debuginfo-2013.20130620.svn30088-22.11.1 * texlive-web-bin-debuginfo-2013.20130620.svn30088-22.11.1 * texlive-cweb-bin-2013.20130620.svn30088-22.11.1 * texlive-pstools-bin-2013.20130620.svn30088-22.11.1 * texlive-dvips-bin-debuginfo-2013.20130620.svn30088-22.11.1 * texlive-kpathsea-bin-2013.20130620.svn30088-22.11.1 * texlive-splitindex-bin-2013.20130620.svn29688-22.11.1 * texlive-makeindex-bin-debuginfo-2013.20130620.svn30088-22.11.1 * texlive-gsftopk-bin-2013.20130620.svn30088-22.11.1 * texlive-tex4ht-bin-2013.20130620.svn30088-22.11.1 * texlive-lua2dox-bin-2013.20130620.svn29053-22.11.1 * texlive-dvips-bin-2013.20130620.svn30088-22.11.1 * texlive-context-bin-2013.20130620.svn29741-22.11.1 * texlive-vlna-bin-debuginfo-2013.20130620.svn30088-22.11.1 * texlive-kpathsea-devel-6.2.0dev-22.11.1 * texlive-ptexenc-devel-1.3.2dev-22.11.1 * texlive-xetex-bin-debuginfo-2013.20130620.svn30845-22.11.1 * texlive-checkcites-bin-2013.20130620.svn25623-22.11.1 * texlive-latex-bin-bin-2013.20130620.svn14050-22.11.1 * texlive-mfware-bin-2013.20130620.svn30088-22.11.1 * texlive-dviljk-bin-2013.20130620.svn30088-22.11.1 * texlive-lacheck-bin-2013.20130620.svn30088-22.11.1 * texlive-seetexk-bin-debuginfo-2013.20130620.svn30088-22.11.1 * texlive-2013.20130620-22.11.1 * texlive-dvipdfmx-bin-debuginfo-2013.20130620.svn30845-22.11.1 * texlive-pdftex-bin-2013.20130620.svn30845-22.11.1 * texlive-lacheck-bin-debuginfo-2013.20130620.svn30088-22.11.1 * texlive-kpathsea-bin-debuginfo-2013.20130620.svn30088-22.11.1 * texlive-bibtex-bin-2013.20130620.svn30088-22.11.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * libkpathsea6-6.2.0dev-22.11.1 * libkpathsea6-debuginfo-6.2.0dev-22.11.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * libkpathsea6-6.2.0dev-22.11.1 * libkpathsea6-debuginfo-6.2.0dev-22.11.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * libkpathsea6-6.2.0dev-22.11.1 * libkpathsea6-debuginfo-6.2.0dev-22.11.1 ## References: * https://www.suse.com/security/cve/CVE-2023-46048.html * https://bugzilla.suse.com/show_bug.cgi?id=1222126 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Apr 15 20:30:09 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 15 Apr 2024 20:30:09 -0000 Subject: SUSE-SU-2024:1295-1: moderate: Security update for xen Message-ID: <171321300923.1950.16922190508459367869@smelt2.prg2.suse.org> # Security update for xen Announcement ID: SUSE-SU-2024:1295-1 Rating: moderate References: * bsc#1027519 * bsc#1221984 * bsc#1222302 * bsc#1222453 Cross-References: * CVE-2023-46842 * CVE-2024-2201 * CVE-2024-31142 CVSS scores: * CVE-2023-46842 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H * CVE-2024-2201 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-31142 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.5 * Server Applications Module 15-SP5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves three vulnerabilities and has one security fix can now be installed. ## Description: This update for xen fixes the following issues: * CVE-2023-46842: Fixed denial of service due to Xen bug check triggered by HVM hypercalls (XSA-454) in xen x86 (bsc#1221984) * CVE-2024-31142: Fixed incorrect logic for BTC/SRSO mitigations (XSA-455) in xen x86 (bsc#1222302) * CVE-2024-2201: Fixed memory disclosure via Native Branch History Injection (XSA-456) in xen x86 (bsc#1222453) Other fixes: * Update to Xen 4.17.4 (bsc#1027519) ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1295=1 SUSE-2024-1295=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-1295=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-1295=1 * Server Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP5-2024-1295=1 ## Package List: * openSUSE Leap 15.5 (aarch64 x86_64) * xen-tools-debuginfo-4.17.4_02-150500.3.30.1 * xen-tools-4.17.4_02-150500.3.30.1 * xen-doc-html-4.17.4_02-150500.3.30.1 * xen-4.17.4_02-150500.3.30.1 * openSUSE Leap 15.5 (aarch64 x86_64 i586) * xen-libs-debuginfo-4.17.4_02-150500.3.30.1 * xen-devel-4.17.4_02-150500.3.30.1 * xen-debugsource-4.17.4_02-150500.3.30.1 * xen-tools-domU-4.17.4_02-150500.3.30.1 * xen-libs-4.17.4_02-150500.3.30.1 * xen-tools-domU-debuginfo-4.17.4_02-150500.3.30.1 * openSUSE Leap 15.5 (x86_64) * xen-libs-32bit-debuginfo-4.17.4_02-150500.3.30.1 * xen-libs-32bit-4.17.4_02-150500.3.30.1 * openSUSE Leap 15.5 (noarch) * xen-tools-xendomains-wait-disk-4.17.4_02-150500.3.30.1 * openSUSE Leap 15.5 (aarch64_ilp32) * xen-libs-64bit-debuginfo-4.17.4_02-150500.3.30.1 * xen-libs-64bit-4.17.4_02-150500.3.30.1 * SUSE Linux Enterprise Micro 5.5 (x86_64) * xen-libs-4.17.4_02-150500.3.30.1 * xen-debugsource-4.17.4_02-150500.3.30.1 * xen-libs-debuginfo-4.17.4_02-150500.3.30.1 * Basesystem Module 15-SP5 (x86_64) * xen-libs-debuginfo-4.17.4_02-150500.3.30.1 * xen-debugsource-4.17.4_02-150500.3.30.1 * xen-tools-domU-4.17.4_02-150500.3.30.1 * xen-libs-4.17.4_02-150500.3.30.1 * xen-tools-domU-debuginfo-4.17.4_02-150500.3.30.1 * Server Applications Module 15-SP5 (x86_64) * xen-devel-4.17.4_02-150500.3.30.1 * xen-debugsource-4.17.4_02-150500.3.30.1 * xen-tools-debuginfo-4.17.4_02-150500.3.30.1 * xen-tools-4.17.4_02-150500.3.30.1 * xen-4.17.4_02-150500.3.30.1 * Server Applications Module 15-SP5 (noarch) * xen-tools-xendomains-wait-disk-4.17.4_02-150500.3.30.1 ## References: * https://www.suse.com/security/cve/CVE-2023-46842.html * https://www.suse.com/security/cve/CVE-2024-2201.html * https://www.suse.com/security/cve/CVE-2024-31142.html * https://bugzilla.suse.com/show_bug.cgi?id=1027519 * https://bugzilla.suse.com/show_bug.cgi?id=1221984 * https://bugzilla.suse.com/show_bug.cgi?id=1222302 * https://bugzilla.suse.com/show_bug.cgi?id=1222453 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Apr 15 20:30:11 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 15 Apr 2024 20:30:11 -0000 Subject: SUSE-SU-2024:1294-1: moderate: Security update for emacs Message-ID: <171321301194.1950.13457333835997997559@smelt2.prg2.suse.org> # Security update for emacs Announcement ID: SUSE-SU-2024:1294-1 Rating: moderate References: * bsc#1222050 * bsc#1222052 * bsc#1222053 Cross-References: * CVE-2024-30203 * CVE-2024-30204 * CVE-2024-30205 CVSS scores: * CVE-2024-30203 ( SUSE ): 2.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L * CVE-2024-30204 ( SUSE ): 2.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L * CVE-2024-30205 ( SUSE ): 2.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L Affected Products: * Basesystem Module 15-SP5 * Desktop Applications Module 15-SP5 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves three vulnerabilities can now be installed. ## Description: This update for emacs fixes the following issues: * CVE-2024-30203: Fixed treating inline MIME contents as trusted (bsc#1222053) * CVE-2024-30204: Fixed LaTeX preview enabled by default for e-mail attachments (bsc#1222052) * CVE-2024-30205: Fixed Org mode considering contents of remote files as trusted (bsc#1222050) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-1294=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1294=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-1294=1 * Desktop Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP5-2024-1294=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * emacs-x11-27.2-150400.3.11.1 * etags-27.2-150400.3.11.1 * emacs-x11-debuginfo-27.2-150400.3.11.1 * emacs-debugsource-27.2-150400.3.11.1 * etags-debuginfo-27.2-150400.3.11.1 * emacs-27.2-150400.3.11.1 * emacs-debuginfo-27.2-150400.3.11.1 * emacs-nox-27.2-150400.3.11.1 * emacs-nox-debuginfo-27.2-150400.3.11.1 * openSUSE Leap 15.4 (noarch) * emacs-el-27.2-150400.3.11.1 * emacs-info-27.2-150400.3.11.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * emacs-x11-27.2-150400.3.11.1 * etags-27.2-150400.3.11.1 * emacs-x11-debuginfo-27.2-150400.3.11.1 * emacs-debugsource-27.2-150400.3.11.1 * etags-debuginfo-27.2-150400.3.11.1 * emacs-27.2-150400.3.11.1 * emacs-debuginfo-27.2-150400.3.11.1 * emacs-nox-27.2-150400.3.11.1 * emacs-nox-debuginfo-27.2-150400.3.11.1 * openSUSE Leap 15.5 (noarch) * emacs-el-27.2-150400.3.11.1 * emacs-info-27.2-150400.3.11.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * etags-27.2-150400.3.11.1 * emacs-debugsource-27.2-150400.3.11.1 * etags-debuginfo-27.2-150400.3.11.1 * emacs-27.2-150400.3.11.1 * emacs-debuginfo-27.2-150400.3.11.1 * emacs-nox-27.2-150400.3.11.1 * emacs-nox-debuginfo-27.2-150400.3.11.1 * Basesystem Module 15-SP5 (noarch) * emacs-el-27.2-150400.3.11.1 * emacs-info-27.2-150400.3.11.1 * Desktop Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * emacs-x11-27.2-150400.3.11.1 * emacs-debugsource-27.2-150400.3.11.1 * emacs-debuginfo-27.2-150400.3.11.1 * emacs-x11-debuginfo-27.2-150400.3.11.1 ## References: * https://www.suse.com/security/cve/CVE-2024-30203.html * https://www.suse.com/security/cve/CVE-2024-30204.html * https://www.suse.com/security/cve/CVE-2024-30205.html * https://bugzilla.suse.com/show_bug.cgi?id=1222050 * https://bugzilla.suse.com/show_bug.cgi?id=1222052 * https://bugzilla.suse.com/show_bug.cgi?id=1222053 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Apr 16 08:30:05 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 16 Apr 2024 08:30:05 -0000 Subject: SUSE-SU-2024:1301-1: important: Security update for nodejs20 Message-ID: <171325620543.24616.7977191047624138709@smelt2.prg2.suse.org> # Security update for nodejs20 Announcement ID: SUSE-SU-2024:1301-1 Rating: important References: * bsc#1220053 * bsc#1222244 * bsc#1222384 * bsc#1222530 * bsc#1222603 Cross-References: * CVE-2024-24806 * CVE-2024-27982 * CVE-2024-27983 * CVE-2024-30260 * CVE-2024-30261 CVSS scores: * CVE-2024-24806 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-24806 ( NVD ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2024-27982 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2024-27983 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-30260 ( SUSE ): 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N * CVE-2024-30261 ( SUSE ): 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * Web and Scripting Module 15-SP5 An update that solves five vulnerabilities can now be installed. ## Description: This update for nodejs20 fixes the following issues: Update to 20.12.1 Security fixes: * CVE-2024-27983: Fixed failed assertion in node::http2::Http2Session::~Http2Session() that could lead to HTTP/2 server crash (bsc#1222244) * CVE-2024-27982: Fixed HTTP Request Smuggling via Content Length Obfuscation (bsc#1222384) * CVE-2024-30260: Fixed proxy-authorization header not cleared on cross-origin redirect in undici (bsc#1222530) * CVE-2024-30261: Fixed fetch with integrity option is too lax when algorithm is specified but hash value is in incorrect in undici (bsc#1222603) * CVE-2024-24806: Fixed improper domain lookup that potentially leads to SSRF attacks in libuv (bsc#1220053) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Web and Scripting Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Web-Scripting-15-SP5-2024-1301=1 * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-1301=1 openSUSE-SLE-15.5-2024-1301=1 ## Package List: * Web and Scripting Module 15-SP5 (aarch64 ppc64le s390x x86_64) * nodejs20-debugsource-20.12.1-150500.11.9.2 * nodejs20-debuginfo-20.12.1-150500.11.9.2 * nodejs20-devel-20.12.1-150500.11.9.2 * npm20-20.12.1-150500.11.9.2 * nodejs20-20.12.1-150500.11.9.2 * Web and Scripting Module 15-SP5 (noarch) * nodejs20-docs-20.12.1-150500.11.9.2 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * nodejs20-debugsource-20.12.1-150500.11.9.2 * corepack20-20.12.1-150500.11.9.2 * nodejs20-debuginfo-20.12.1-150500.11.9.2 * nodejs20-devel-20.12.1-150500.11.9.2 * npm20-20.12.1-150500.11.9.2 * nodejs20-20.12.1-150500.11.9.2 * openSUSE Leap 15.5 (noarch) * nodejs20-docs-20.12.1-150500.11.9.2 ## References: * https://www.suse.com/security/cve/CVE-2024-24806.html * https://www.suse.com/security/cve/CVE-2024-27982.html * https://www.suse.com/security/cve/CVE-2024-27983.html * https://www.suse.com/security/cve/CVE-2024-30260.html * https://www.suse.com/security/cve/CVE-2024-30261.html * https://bugzilla.suse.com/show_bug.cgi?id=1220053 * https://bugzilla.suse.com/show_bug.cgi?id=1222244 * https://bugzilla.suse.com/show_bug.cgi?id=1222384 * https://bugzilla.suse.com/show_bug.cgi?id=1222530 * https://bugzilla.suse.com/show_bug.cgi?id=1222603 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Apr 16 12:30:03 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 16 Apr 2024 12:30:03 -0000 Subject: SUSE-SU-2024:1311-1: important: Security update for kubevirt, virt-api-container, virt-controller-container, virt-exportproxy-container, virt-exportserver-container, virt-handler-container, virt-launcher-container, virt-libguestfs-t Message-ID: <171327060397.16511.7235378671021038562@smelt2.prg2.suse.org> # Security update for kubevirt, virt-api-container, virt-controller-container, virt-exportproxy-container, virt-exportserver-container, virt-handler-container, virt-launcher-container, virt-libguestfs-t Announcement ID: SUSE-SU-2024:1311-1 Rating: important References: * bsc#1222699 Affected Products: * Containers Module 15-SP5 * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that has one security fix can now be installed. ## Description: This update for kubevirt, virt-api-container, virt-controller-container, virt- exportproxy-container, virt-exportserver-container, virt-handler-container, virt-launcher-container, virt-libguestfs-tools-container, virt-operator- container, virt-pr-helper-container fixes the following issues: * Improve the OrdinalPodInterfaceName mechanism (bsc#1222699) Also containers were rebuilt against the current released updates. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1311=1 SUSE-2024-1311=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-1311=1 * Containers Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Containers-15-SP5-2024-1311=1 ## Package List: * openSUSE Leap 15.5 (x86_64) * kubevirt-virt-exportserver-debuginfo-1.1.1-150500.8.15.1 * kubevirt-virt-controller-debuginfo-1.1.1-150500.8.15.1 * kubevirt-virt-controller-1.1.1-150500.8.15.1 * kubevirt-virtctl-1.1.1-150500.8.15.1 * obs-service-kubevirt_containers_meta-1.1.1-150500.8.15.1 * kubevirt-pr-helper-conf-1.1.1-150500.8.15.1 * kubevirt-virt-api-1.1.1-150500.8.15.1 * kubevirt-virt-exportproxy-1.1.1-150500.8.15.1 * kubevirt-virt-api-debuginfo-1.1.1-150500.8.15.1 * kubevirt-virt-operator-1.1.1-150500.8.15.1 * kubevirt-container-disk-1.1.1-150500.8.15.1 * kubevirt-virt-launcher-debuginfo-1.1.1-150500.8.15.1 * kubevirt-tests-1.1.1-150500.8.15.1 * kubevirt-virt-exportproxy-debuginfo-1.1.1-150500.8.15.1 * kubevirt-virt-operator-debuginfo-1.1.1-150500.8.15.1 * kubevirt-virtctl-debuginfo-1.1.1-150500.8.15.1 * kubevirt-virt-launcher-1.1.1-150500.8.15.1 * kubevirt-manifests-1.1.1-150500.8.15.1 * kubevirt-virt-exportserver-1.1.1-150500.8.15.1 * kubevirt-virt-handler-1.1.1-150500.8.15.1 * kubevirt-tests-debuginfo-1.1.1-150500.8.15.1 * kubevirt-virt-handler-debuginfo-1.1.1-150500.8.15.1 * kubevirt-container-disk-debuginfo-1.1.1-150500.8.15.1 * SUSE Linux Enterprise Micro 5.5 (x86_64) * kubevirt-manifests-1.1.1-150500.8.15.1 * kubevirt-virtctl-1.1.1-150500.8.15.1 * kubevirt-virtctl-debuginfo-1.1.1-150500.8.15.1 * Containers Module 15-SP5 (x86_64) * kubevirt-manifests-1.1.1-150500.8.15.1 * kubevirt-virtctl-1.1.1-150500.8.15.1 * kubevirt-virtctl-debuginfo-1.1.1-150500.8.15.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1222699 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Apr 16 12:30:06 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 16 Apr 2024 12:30:06 -0000 Subject: SUSE-SU-2024:1310-1: low: Security update for texlive Message-ID: <171327060680.16511.5079607715321142835@smelt2.prg2.suse.org> # Security update for texlive Announcement ID: SUSE-SU-2024:1310-1 Rating: low References: * bsc#1222126 * bsc#1222127 Cross-References: * CVE-2023-46048 * CVE-2023-46051 CVSS scores: * CVE-2023-46048 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2023-46051 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L Affected Products: * Basesystem Module 15-SP5 * Desktop Applications Module 15-SP5 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves two vulnerabilities can now be installed. ## Description: This update for texlive fixes the following issues: * CVE-2023-46048: Fixed NULL pointer dereference in texk/web2c/pdftexdir/writet1.c (bsc#1222126) * CVE-2023-46051: Fixed NULL pointer dereference in texk/web2c/pdftexdir/tounicode.c (bsc#1222127) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-1310=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1310=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-1310=1 * Desktop Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP5-2024-1310=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * texlive-dviout-util-bin-2021.20210325.svn57878-150400.31.6.4 * texlive-dtxgen-bin-2021.20210325.svn29031-150400.31.6.4 * texlive-bibtex8-bin-debuginfo-2021.20210325.svn57878-150400.31.6.4 * texlive-tex-bin-debuginfo-2021.20210325.svn58378-150400.31.6.4 * texlive-pmxchords-bin-2021.20210325.svn32405-150400.31.6.4 * texlive-pfarrei-bin-2021.20210325.svn29348-150400.31.6.4 * texlive-chklref-bin-2021.20210325.svn52631-150400.31.6.4 * libptexenc1-1.3.9-150400.31.6.4 * texlive-dviljk-bin-debuginfo-2021.20210325.svn57878-150400.31.6.4 * texlive-xelatex-dev-bin-2021.20210325.svn53999-150400.31.6.4 * texlive-metafont-bin-2021.20210325.svn58378-150400.31.6.4 * texlive-xml2pmx-bin-debuginfo-2021.20210325.svn57878-150400.31.6.4 * texlive-mathspic-bin-2021.20210325.svn23661-150400.31.6.4 * texlive-tex-bin-2021.20210325.svn58378-150400.31.6.4 * texlive-musixtnt-bin-2021.20210325.svn50281-150400.31.6.4 * texlive-optex-bin-2021.20210325.svn53804-150400.31.6.4 * texlive-dvipdfmx-bin-2021.20210325.svn58535-150400.31.6.4 * texlive-uptex-bin-2021.20210325.svn58378-150400.31.6.4 * texlive-asymptote-bin-2021.20210325.svn57890-150400.31.6.4 * texlive-l3build-bin-2021.20210325.svn46894-150400.31.6.4 * texlive-ptex2pdf-bin-2021.20210325.svn29335-150400.31.6.4 * texlive-aleph-bin-2021.20210325.svn58378-150400.31.6.4 * texlive-context-bin-2021.20210325.svn34112-150400.31.6.4 * texlive-dvipos-bin-debuginfo-2021.20210325.svn57878-150400.31.6.4 * texlive-chktex-bin-2021.20210325.svn57878-150400.31.6.4 * texlive-autosp-bin-debuginfo-2021.20210325.svn57878-150400.31.6.4 * texlive-dvidvi-bin-2021.20210325.svn57878-150400.31.6.4 * texlive-mkjobtexmf-bin-2021.20210325.svn8457-150400.31.6.4 * texlive-mflua-bin-2021.20210325.svn58535-150400.31.6.4 * texlive-purifyeps-bin-2021.20210325.svn13663-150400.31.6.4 * texlive-synctex-devel-1.21-150400.31.6.4 * texlive-dvidvi-bin-debuginfo-2021.20210325.svn57878-150400.31.6.4 * texlive-mltex-bin-2021.20210325.svn3006-150400.31.6.4 * texlive-ptex-fontmaps-bin-2021.20210325.svn44206-150400.31.6.4 * texlive-bibtex-bin-2021.20210325.svn57878-150400.31.6.4 * texlive-tie-bin-2021.20210325.svn57878-150400.31.6.4 * texlive-pedigree-perl-bin-2021.20210325.svn25962-150400.31.6.4 * texlive-uptex-bin-debuginfo-2021.20210325.svn58378-150400.31.6.4 * texlive-gsftopk-bin-2021.20210325.svn57878-150400.31.6.4 * texlive-afm2pl-bin-debuginfo-2021.20210325.svn57878-150400.31.6.4 * texlive-luahbtex-bin-debuginfo-2021.20210325.svn58535-150400.31.6.4 * texlive-ps2eps-bin-2021.20210325.svn50281-150400.31.6.4 * texlive-dviljk-bin-2021.20210325.svn57878-150400.31.6.4 * texlive-musixtnt-bin-debuginfo-2021.20210325.svn50281-150400.31.6.4 * texlive-arara-bin-2021.20210325.svn29036-150400.31.6.4 * texlive-dvicopy-bin-debuginfo-2021.20210325.svn57878-150400.31.6.4 * texlive-axodraw2-bin-debuginfo-2021.20210325.svn58378-150400.31.6.4 * texlive-xdvi-bin-debuginfo-2021.20210325.svn58378-150400.31.6.4 * texlive-cyrillic-bin-bin-2021.20210325.svn53554-150400.31.6.4 * texlive-synctex-bin-debuginfo-2021.20210325.svn58136-150400.31.6.4 * texlive-fontware-bin-debuginfo-2021.20210325.svn57878-150400.31.6.4 * texlive-texlua-devel-5.3.6-150400.31.6.4 * texlive-latexpand-bin-2021.20210325.svn27025-150400.31.6.4 * texlive-pdfxup-bin-2021.20210325.svn40690-150400.31.6.4 * texlive-makeindex-bin-debuginfo-2021.20210325.svn57878-150400.31.6.4 * texlive-aleph-bin-debuginfo-2021.20210325.svn58378-150400.31.6.4 * texlive-fontools-bin-2021.20210325.svn25997-150400.31.6.4 * texlive-vlna-bin-2021.20210325.svn50281-150400.31.6.4 * texlive-makedtx-bin-2021.20210325.svn38769-150400.31.6.4 * texlive-lilyglyphs-bin-2021.20210325.svn31696-150400.31.6.4 * texlive-scripts-extra-bin-2021.20210325.svn53577-150400.31.6.4 * texlive-dvips-bin-2021.20210325.svn57878-150400.31.6.4 * texlive-web-bin-2021.20210325.svn57878-150400.31.6.4 * texlive-match_parens-bin-2021.20210325.svn23500-150400.31.6.4 * texlive-ctan-o-mat-bin-2021.20210325.svn46996-150400.31.6.4 * texlive-ketcindy-bin-2021.20210325.svn49033-150400.31.6.4 * texlive-svn-multi-bin-2021.20210325.svn13663-150400.31.6.4 * texlive-urlbst-bin-2021.20210325.svn23262-150400.31.6.4 * texlive-de-macro-bin-2021.20210325.svn17399-150400.31.6.4 * texlive-kpathsea-bin-debuginfo-2021.20210325.svn57878-150400.31.6.4 * texlive-lacheck-bin-2021.20210325.svn53999-150400.31.6.4 * texlive-light-latex-make-bin-2021.20210325.svn56352-150400.31.6.4 * texlive-cjkutils-bin-debuginfo-2021.20210325.svn57878-150400.31.6.4 * texlive-xml2pmx-bin-2021.20210325.svn57878-150400.31.6.4 * texlive-latex-bin-dev-bin-2021.20210325.svn53999-150400.31.6.4 * texlive-mkpic-bin-2021.20210325.svn33688-150400.31.6.4 * texlive-a2ping-bin-2021.20210325.svn27321-150400.31.6.4 * texlive-kpathsea-devel-6.3.3-150400.31.6.4 * texlive-epspdf-bin-2021.20210325.svn29050-150400.31.6.4 * texlive-pdftex-bin-debuginfo-2021.20210325.svn58535-150400.31.6.4 * texlive-fontinst-bin-2021.20210325.svn53554-150400.31.6.4 * texlive-cluttex-bin-2021.20210325.svn48871-150400.31.6.4 * texlive-xdvi-bin-2021.20210325.svn58378-150400.31.6.4 * texlive-dvisvgm-bin-2021.20210325.svn57878-150400.31.6.4 * texlive-lollipop-bin-2021.20210325.svn41465-150400.31.6.4 * texlive-bundledoc-bin-2021.20210325.svn17794-150400.31.6.4 * texlive-git-latexdiff-bin-2021.20210325.svn54732-150400.31.6.4 * texlive-spix-bin-2021.20210325.svn55933-150400.31.6.4 * texlive-pdftex-quiet-bin-2021.20210325.svn49140-150400.31.6.4 * texlive-velthuis-bin-debuginfo-2021.20210325.svn50281-150400.31.6.4 * texlive-ltxfileinfo-bin-2021.20210325.svn29005-150400.31.6.4 * texlive-csplain-bin-2021.20210325.svn50528-150400.31.6.4 * texlive-2021.20210325-150400.31.6.4 * texlive-dvisvgm-bin-debuginfo-2021.20210325.svn57878-150400.31.6.4 * texlive-pygmentex-bin-2021.20210325.svn34996-150400.31.6.4 * texlive-glossaries-bin-2021.20210325.svn37813-150400.31.6.4 * texlive-seetexk-bin-debuginfo-2021.20210325.svn57878-150400.31.6.4 * texlive-lacheck-bin-debuginfo-2021.20210325.svn53999-150400.31.6.4 * texlive-thumbpdf-bin-2021.20210325.svn6898-150400.31.6.4 * texlive-fragmaster-bin-2021.20210325.svn13663-150400.31.6.4 * texlive-eplain-bin-2021.20210325.svn3006-150400.31.6.4 * texlive-dvipng-bin-debuginfo-2021.20210325.svn57878-150400.31.6.4 * libtexlua53-5-debuginfo-5.3.6-150400.31.6.4 * texlive-tex4ebook-bin-2021.20210325.svn37771-150400.31.6.4 * texlive-autosp-bin-2021.20210325.svn57878-150400.31.6.4 * texlive-latex2man-bin-2021.20210325.svn13663-150400.31.6.4 * texlive-listbib-bin-2021.20210325.svn26126-150400.31.6.4 * texlive-pdftex-bin-2021.20210325.svn58535-150400.31.6.4 * texlive-pdflatexpicscale-bin-2021.20210325.svn41779-150400.31.6.4 * texlive-fontware-bin-2021.20210325.svn57878-150400.31.6.4 * texlive-bibtex-bin-debuginfo-2021.20210325.svn57878-150400.31.6.4 * texlive-texware-bin-2021.20210325.svn57878-150400.31.6.4 * texlive-m-tx-bin-2021.20210325.svn50281-150400.31.6.4 * texlive-ctanupload-bin-2021.20210325.svn23866-150400.31.6.4 * texlive-amstex-bin-2021.20210325.svn3006-150400.31.6.4 * texlive-uplatex-bin-2021.20210325.svn52800-150400.31.6.4 * texlive-multibibliography-bin-2021.20210325.svn30534-150400.31.6.4 * texlive-mptopdf-bin-2021.20210325.svn18674-150400.31.6.4 * libsynctex2-debuginfo-1.21-150400.31.6.4 * texlive-debuginfo-2021.20210325-150400.31.6.4 * texlive-bin-devel-2021.20210325-150400.31.6.4 * texlive-platex-bin-2021.20210325.svn52800-150400.31.6.4 * texlive-pdfbook2-bin-2021.20210325.svn37537-150400.31.6.4 * texlive-tpic2pdftex-bin-2021.20210325.svn50281-150400.31.6.4 * texlive-findhyph-bin-2021.20210325.svn14758-150400.31.6.4 * texlive-dvicopy-bin-2021.20210325.svn57878-150400.31.6.4 * texlive-dviinfox-bin-2021.20210325.svn44515-150400.31.6.4 * texlive-latex2nemeth-bin-2021.20210325.svn42300-150400.31.6.4 * texlive-texsis-bin-2021.20210325.svn3006-150400.31.6.4 * texlive-gregoriotex-bin-debuginfo-2021.20210325.svn58378-150400.31.6.4 * texlive-mf2pt1-bin-2021.20210325.svn23406-150400.31.6.4 * texlive-dviasm-bin-2021.20210325.svn8329-150400.31.6.4 * texlive-pax-bin-2021.20210325.svn10843-150400.31.6.4 * texlive-kotex-utils-bin-2021.20210325.svn32101-150400.31.6.4 * texlive-texdef-bin-2021.20210325.svn45011-150400.31.6.4 * texlive-convbkmk-bin-2021.20210325.svn30408-150400.31.6.4 * texlive-luahbtex-bin-2021.20210325.svn58535-150400.31.6.4 * texlive-yplan-bin-2021.20210325.svn34398-150400.31.6.4 * texlive-dviout-util-bin-debuginfo-2021.20210325.svn57878-150400.31.6.4 * texlive-xpdfopen-bin-2021.20210325.svn52917-150400.31.6.4 * texlive-authorindex-bin-2021.20210325.svn18790-150400.31.6.4 * texlive-cweb-bin-debuginfo-2021.20210325.svn58136-150400.31.6.4 * texlive-dosepsbin-bin-2021.20210325.svn24759-150400.31.6.4 * texlive-ctanify-bin-2021.20210325.svn24061-150400.31.6.4 * texlive-getmap-bin-2021.20210325.svn34971-150400.31.6.4 * texlive-kpathsea-bin-2021.20210325.svn57878-150400.31.6.4 * texlive-petri-nets-bin-2021.20210325.svn39165-150400.31.6.4 * texlive-bibtexu-bin-2021.20210325.svn57878-150400.31.6.4 * texlive-patgen-bin-debuginfo-2021.20210325.svn57878-150400.31.6.4 * texlive-tikztosvg-bin-2021.20210325.svn55132-150400.31.6.4 * texlive-latexmk-bin-2021.20210325.svn10937-150400.31.6.4 * texlive-exceltex-bin-2021.20210325.svn25860-150400.31.6.4 * texlive-hyperxmp-bin-2021.20210325.svn56984-150400.31.6.4 * texlive-gsftopk-bin-debuginfo-2021.20210325.svn57878-150400.31.6.4 * texlive-checkcites-bin-2021.20210325.svn25623-150400.31.6.4 * texlive-omegaware-bin-2021.20210325.svn57878-150400.31.6.4 * texlive-pst2pdf-bin-2021.20210325.svn29333-150400.31.6.4 * texlive-lcdftypetools-bin-2021.20210325.svn57878-150400.31.6.4 * texlive-cjk-gs-integrate-bin-2021.20210325.svn37223-150400.31.6.4 * texlive-dvipdfmx-bin-debuginfo-2021.20210325.svn58535-150400.31.6.4 * texlive-ulqda-bin-2021.20210325.svn13663-150400.31.6.4 * texlive-xindex-bin-2021.20210325.svn49312-150400.31.6.4 * texlive-splitindex-bin-2021.20210325.svn29688-150400.31.6.4 * texlive-latexdiff-bin-2021.20210325.svn16420-150400.31.6.4 * texlive-pmx-bin-debuginfo-2021.20210325.svn57878-150400.31.6.4 * texlive-synctex-bin-2021.20210325.svn58136-150400.31.6.4 * texlive-wordcount-bin-2021.20210325.svn46165-150400.31.6.4 * texlive-axodraw2-bin-2021.20210325.svn58378-150400.31.6.4 * texlive-afm2pl-bin-2021.20210325.svn57878-150400.31.6.4 * texlive-cjkutils-bin-2021.20210325.svn57878-150400.31.6.4 * texlive-bibtexu-bin-debuginfo-2021.20210325.svn57878-150400.31.6.4 * texlive-ctanbib-bin-2021.20210325.svn48478-150400.31.6.4 * texlive-ltximg-bin-2021.20210325.svn32346-150400.31.6.4 * texlive-ptex-bin-2021.20210325.svn58378-150400.31.6.4 * texlive-tie-bin-debuginfo-2021.20210325.svn57878-150400.31.6.4 * texlive-latex-papersize-bin-2021.20210325.svn42296-150400.31.6.4 * texlive-texosquery-bin-2021.20210325.svn43596-150400.31.6.4 * texlive-xetex-bin-debuginfo-2021.20210325.svn58378-150400.31.6.4 * texlive-mkgrkindex-bin-2021.20210325.svn14428-150400.31.6.4 * texlive-vpe-bin-2021.20210325.svn6897-150400.31.6.4 * texlive-srcredact-bin-2021.20210325.svn38710-150400.31.6.4 * texlive-epstopdf-bin-2021.20210325.svn18336-150400.31.6.4 * texlive-pdfjam-bin-2021.20210325.svn52858-150400.31.6.4 * texlive-pdftosrc-bin-2021.20210325.svn57878-150400.31.6.4 * libkpathsea6-debuginfo-6.3.3-150400.31.6.4 * texlive-omegaware-bin-debuginfo-2021.20210325.svn57878-150400.31.6.4 * texlive-lcdftypetools-bin-debuginfo-2021.20210325.svn57878-150400.31.6.4 * texlive-tex4ht-bin-2021.20210325.svn57878-150400.31.6.4 * texlive-dvipos-bin-2021.20210325.svn57878-150400.31.6.4 * texlive-latexfileversion-bin-2021.20210325.svn25012-150400.31.6.4 * texlive-velthuis-bin-2021.20210325.svn50281-150400.31.6.4 * texlive-dtl-bin-2021.20210325.svn57878-150400.31.6.4 * texlive-accfonts-bin-2021.20210325.svn12688-150400.31.6.4 * texlive-bibtex8-bin-2021.20210325.svn57878-150400.31.6.4 * texlive-pst-pdf-bin-2021.20210325.svn7838-150400.31.6.4 * texlive-ps2pk-bin-debuginfo-2021.20210325.svn57878-150400.31.6.4 * texlive-web-bin-debuginfo-2021.20210325.svn57878-150400.31.6.4 * texlive-cslatex-bin-2021.20210325.svn3006-150400.31.6.4 * texlive-typeoutfileinfo-bin-2021.20210325.svn25648-150400.31.6.4 * texlive-texliveonfly-bin-2021.20210325.svn24062-150400.31.6.4 * texlive-ttfutils-bin-debuginfo-2021.20210325.svn57878-150400.31.6.4 * texlive-xetex-bin-2021.20210325.svn58378-150400.31.6.4 * texlive-cachepic-bin-2021.20210325.svn15543-150400.31.6.4 * texlive-asymptote-bin-debuginfo-2021.20210325.svn57890-150400.31.6.4 * texlive-fig4latex-bin-2021.20210325.svn14752-150400.31.6.4 * texlive-checklistings-bin-2021.20210325.svn38300-150400.31.6.4 * texlive-chktex-bin-debuginfo-2021.20210325.svn57878-150400.31.6.4 * texlive-crossrefware-bin-2021.20210325.svn45927-150400.31.6.4 * texlive-make4ht-bin-2021.20210325.svn37750-150400.31.6.4 * texlive-luaotfload-bin-2021.20210325.svn34647-150400.31.6.4 * texlive-metapost-bin-2021.20210325.svn57878-150400.31.6.4 * texlive-mflua-bin-debuginfo-2021.20210325.svn58535-150400.31.6.4 * texlive-mfware-bin-2021.20210325.svn57878-150400.31.6.4 * texlive-xmltex-bin-2021.20210325.svn3006-150400.31.6.4 * texlive-debugsource-2021.20210325-150400.31.6.4 * libsynctex2-1.21-150400.31.6.4 * texlive-listings-ext-bin-2021.20210325.svn15093-150400.31.6.4 * texlive-luatex-bin-debuginfo-2021.20210325.svn58535-150400.31.6.4 * texlive-pkfix-bin-2021.20210325.svn13364-150400.31.6.4 * texlive-texdoc-bin-2021.20210325.svn47948-150400.31.6.4 * texlive-m-tx-bin-debuginfo-2021.20210325.svn50281-150400.31.6.4 * texlive-vlna-bin-debuginfo-2021.20210325.svn50281-150400.31.6.4 * texlive-texfot-bin-2021.20210325.svn33155-150400.31.6.4 * texlive-luajittex-bin-2021.20210325.svn58535-150400.31.6.4 * texlive-latex-bin-bin-2021.20210325.svn54358-150400.31.6.4 * texlive-pdfcrop-bin-2021.20210325.svn14387-150400.31.6.4 * texlive-dvipng-bin-2021.20210325.svn57878-150400.31.6.4 * texlive-ctie-bin-2021.20210325.svn57878-150400.31.6.4 * texlive-pdftosrc-bin-debuginfo-2021.20210325.svn57878-150400.31.6.4 * texlive-detex-bin-2021.20210325.svn57878-150400.31.6.4 * texlive-ttfutils-bin-2021.20210325.svn57878-150400.31.6.4 * texlive-texdiff-bin-2021.20210325.svn15506-150400.31.6.4 * texlive-jfmutil-bin-2021.20210325.svn44835-150400.31.6.4 * texlive-texdoctk-bin-2021.20210325.svn29741-150400.31.6.4 * texlive-pkfix-helper-bin-2021.20210325.svn13663-150400.31.6.4 * texlive-ps2eps-bin-debuginfo-2021.20210325.svn50281-150400.31.6.4 * texlive-latexindent-bin-2021.20210325.svn32150-150400.31.6.4 * texlive-adhocfilelist-bin-2021.20210325.svn28038-150400.31.6.4 * texlive-luatex-bin-2021.20210325.svn58535-150400.31.6.4 * texlive-ptex-bin-debuginfo-2021.20210325.svn58378-150400.31.6.4 * texlive-seetexk-bin-2021.20210325.svn57878-150400.31.6.4 * texlive-ctie-bin-debuginfo-2021.20210325.svn57878-150400.31.6.4 * texlive-clojure-pamphlet-bin-2021.20210325.svn51944-150400.31.6.4 * texlive-musixtex-bin-2021.20210325.svn37026-150400.31.6.4 * texlive-dtl-bin-debuginfo-2021.20210325.svn57878-150400.31.6.4 * texlive-detex-bin-debuginfo-2021.20210325.svn57878-150400.31.6.4 * texlive-dvips-bin-debuginfo-2021.20210325.svn57878-150400.31.6.4 * texlive-lwarp-bin-2021.20210325.svn43292-150400.31.6.4 * texlive-metapost-bin-debuginfo-2021.20210325.svn57878-150400.31.6.4 * texlive-mfware-bin-debuginfo-2021.20210325.svn57878-150400.31.6.4 * texlive-makeindex-bin-2021.20210325.svn57878-150400.31.6.4 * texlive-bib2gls-bin-2021.20210325.svn45266-150400.31.6.4 * texlive-rubik-bin-2021.20210325.svn32919-150400.31.6.4 * texlive-ps2pk-bin-2021.20210325.svn57878-150400.31.6.4 * texlive-sty2dtx-bin-2021.20210325.svn21215-150400.31.6.4 * texlive-texloganalyser-bin-2021.20210325.svn13663-150400.31.6.4 * libkpathsea6-6.3.3-150400.31.6.4 * texlive-texcount-bin-2021.20210325.svn13013-150400.31.6.4 * texlive-texware-bin-debuginfo-2021.20210325.svn57878-150400.31.6.4 * texlive-gregoriotex-bin-2021.20210325.svn58378-150400.31.6.4 * libtexlua53-5-5.3.6-150400.31.6.4 * texlive-ptexenc-devel-1.3.9-150400.31.6.4 * libptexenc1-debuginfo-1.3.9-150400.31.6.4 * texlive-webquiz-bin-2021.20210325.svn50419-150400.31.6.4 * texlive-attachfile2-bin-2021.20210325.svn52909-150400.31.6.4 * texlive-latex-git-log-bin-2021.20210325.svn30983-150400.31.6.4 * texlive-metafont-bin-debuginfo-2021.20210325.svn58378-150400.31.6.4 * texlive-pmx-bin-2021.20210325.svn57878-150400.31.6.4 * texlive-cweb-bin-2021.20210325.svn58136-150400.31.6.4 * texlive-albatross-bin-2021.20210325.svn57089-150400.31.6.4 * texlive-perltex-bin-2021.20210325.svn16181-150400.31.6.4 * texlive-patgen-bin-2021.20210325.svn57878-150400.31.6.4 * texlive-pythontex-bin-2021.20210325.svn31638-150400.31.6.4 * texlive-scripts-bin-2021.20210325.svn55172-150400.31.6.4 * texlive-texdirflatten-bin-2021.20210325.svn12782-150400.31.6.4 * texlive-texplate-bin-2021.20210325.svn53444-150400.31.6.4 * texlive-bibexport-bin-2021.20210325.svn16219-150400.31.6.4 * texlive-jadetex-bin-2021.20210325.svn3006-150400.31.6.4 * texlive-xpdfopen-bin-debuginfo-2021.20210325.svn52917-150400.31.6.4 * texlive-tex4ht-bin-debuginfo-2021.20210325.svn57878-150400.31.6.4 * texlive-mex-bin-2021.20210325.svn3006-150400.31.6.4 * openSUSE Leap 15.4 (aarch64 x86_64 i586) * libtexluajit2-debuginfo-2.1.0beta3-150400.31.6.4 * texlive-luajittex-bin-debuginfo-2021.20210325.svn58535-150400.31.6.4 * texlive-texluajit-devel-2.1.0beta3-150400.31.6.4 * libtexluajit2-2.1.0beta3-150400.31.6.4 * openSUSE Leap 15.4 (noarch) * texlive-biber-bin-2021.20210325.svn57273-150400.31.6.4 * texlive-diadia-bin-2021.20210325.svn37645-150400.31.6.4 * perl-biber-2021.20210325.svn30357-150400.31.6.4 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * texlive-dviout-util-bin-2021.20210325.svn57878-150400.31.6.4 * texlive-dtxgen-bin-2021.20210325.svn29031-150400.31.6.4 * texlive-bibtex8-bin-debuginfo-2021.20210325.svn57878-150400.31.6.4 * texlive-tex-bin-debuginfo-2021.20210325.svn58378-150400.31.6.4 * texlive-pmxchords-bin-2021.20210325.svn32405-150400.31.6.4 * texlive-pfarrei-bin-2021.20210325.svn29348-150400.31.6.4 * texlive-chklref-bin-2021.20210325.svn52631-150400.31.6.4 * libptexenc1-1.3.9-150400.31.6.4 * texlive-dviljk-bin-debuginfo-2021.20210325.svn57878-150400.31.6.4 * texlive-xelatex-dev-bin-2021.20210325.svn53999-150400.31.6.4 * texlive-metafont-bin-2021.20210325.svn58378-150400.31.6.4 * texlive-xml2pmx-bin-debuginfo-2021.20210325.svn57878-150400.31.6.4 * texlive-mathspic-bin-2021.20210325.svn23661-150400.31.6.4 * texlive-tex-bin-2021.20210325.svn58378-150400.31.6.4 * texlive-musixtnt-bin-2021.20210325.svn50281-150400.31.6.4 * texlive-optex-bin-2021.20210325.svn53804-150400.31.6.4 * texlive-dvipdfmx-bin-2021.20210325.svn58535-150400.31.6.4 * texlive-uptex-bin-2021.20210325.svn58378-150400.31.6.4 * texlive-asymptote-bin-2021.20210325.svn57890-150400.31.6.4 * texlive-l3build-bin-2021.20210325.svn46894-150400.31.6.4 * texlive-ptex2pdf-bin-2021.20210325.svn29335-150400.31.6.4 * texlive-aleph-bin-2021.20210325.svn58378-150400.31.6.4 * texlive-context-bin-2021.20210325.svn34112-150400.31.6.4 * texlive-dvipos-bin-debuginfo-2021.20210325.svn57878-150400.31.6.4 * texlive-chktex-bin-2021.20210325.svn57878-150400.31.6.4 * texlive-autosp-bin-debuginfo-2021.20210325.svn57878-150400.31.6.4 * texlive-dvidvi-bin-2021.20210325.svn57878-150400.31.6.4 * texlive-mkjobtexmf-bin-2021.20210325.svn8457-150400.31.6.4 * texlive-mflua-bin-2021.20210325.svn58535-150400.31.6.4 * texlive-purifyeps-bin-2021.20210325.svn13663-150400.31.6.4 * texlive-synctex-devel-1.21-150400.31.6.4 * texlive-dvidvi-bin-debuginfo-2021.20210325.svn57878-150400.31.6.4 * texlive-mltex-bin-2021.20210325.svn3006-150400.31.6.4 * texlive-ptex-fontmaps-bin-2021.20210325.svn44206-150400.31.6.4 * texlive-bibtex-bin-2021.20210325.svn57878-150400.31.6.4 * texlive-tie-bin-2021.20210325.svn57878-150400.31.6.4 * texlive-pedigree-perl-bin-2021.20210325.svn25962-150400.31.6.4 * texlive-uptex-bin-debuginfo-2021.20210325.svn58378-150400.31.6.4 * texlive-gsftopk-bin-2021.20210325.svn57878-150400.31.6.4 * texlive-afm2pl-bin-debuginfo-2021.20210325.svn57878-150400.31.6.4 * texlive-luahbtex-bin-debuginfo-2021.20210325.svn58535-150400.31.6.4 * texlive-ps2eps-bin-2021.20210325.svn50281-150400.31.6.4 * texlive-dviljk-bin-2021.20210325.svn57878-150400.31.6.4 * texlive-musixtnt-bin-debuginfo-2021.20210325.svn50281-150400.31.6.4 * texlive-arara-bin-2021.20210325.svn29036-150400.31.6.4 * texlive-dvicopy-bin-debuginfo-2021.20210325.svn57878-150400.31.6.4 * texlive-axodraw2-bin-debuginfo-2021.20210325.svn58378-150400.31.6.4 * texlive-xdvi-bin-debuginfo-2021.20210325.svn58378-150400.31.6.4 * texlive-cyrillic-bin-bin-2021.20210325.svn53554-150400.31.6.4 * texlive-synctex-bin-debuginfo-2021.20210325.svn58136-150400.31.6.4 * texlive-fontware-bin-debuginfo-2021.20210325.svn57878-150400.31.6.4 * texlive-texlua-devel-5.3.6-150400.31.6.4 * texlive-latexpand-bin-2021.20210325.svn27025-150400.31.6.4 * texlive-pdfxup-bin-2021.20210325.svn40690-150400.31.6.4 * texlive-makeindex-bin-debuginfo-2021.20210325.svn57878-150400.31.6.4 * texlive-aleph-bin-debuginfo-2021.20210325.svn58378-150400.31.6.4 * texlive-fontools-bin-2021.20210325.svn25997-150400.31.6.4 * texlive-vlna-bin-2021.20210325.svn50281-150400.31.6.4 * texlive-makedtx-bin-2021.20210325.svn38769-150400.31.6.4 * texlive-lilyglyphs-bin-2021.20210325.svn31696-150400.31.6.4 * texlive-scripts-extra-bin-2021.20210325.svn53577-150400.31.6.4 * texlive-dvips-bin-2021.20210325.svn57878-150400.31.6.4 * texlive-web-bin-2021.20210325.svn57878-150400.31.6.4 * texlive-match_parens-bin-2021.20210325.svn23500-150400.31.6.4 * texlive-ctan-o-mat-bin-2021.20210325.svn46996-150400.31.6.4 * texlive-ketcindy-bin-2021.20210325.svn49033-150400.31.6.4 * texlive-svn-multi-bin-2021.20210325.svn13663-150400.31.6.4 * texlive-urlbst-bin-2021.20210325.svn23262-150400.31.6.4 * texlive-de-macro-bin-2021.20210325.svn17399-150400.31.6.4 * texlive-kpathsea-bin-debuginfo-2021.20210325.svn57878-150400.31.6.4 * texlive-lacheck-bin-2021.20210325.svn53999-150400.31.6.4 * texlive-light-latex-make-bin-2021.20210325.svn56352-150400.31.6.4 * texlive-cjkutils-bin-debuginfo-2021.20210325.svn57878-150400.31.6.4 * texlive-xml2pmx-bin-2021.20210325.svn57878-150400.31.6.4 * texlive-latex-bin-dev-bin-2021.20210325.svn53999-150400.31.6.4 * texlive-mkpic-bin-2021.20210325.svn33688-150400.31.6.4 * texlive-a2ping-bin-2021.20210325.svn27321-150400.31.6.4 * texlive-kpathsea-devel-6.3.3-150400.31.6.4 * texlive-epspdf-bin-2021.20210325.svn29050-150400.31.6.4 * texlive-pdftex-bin-debuginfo-2021.20210325.svn58535-150400.31.6.4 * texlive-fontinst-bin-2021.20210325.svn53554-150400.31.6.4 * texlive-cluttex-bin-2021.20210325.svn48871-150400.31.6.4 * texlive-xdvi-bin-2021.20210325.svn58378-150400.31.6.4 * texlive-dvisvgm-bin-2021.20210325.svn57878-150400.31.6.4 * texlive-lollipop-bin-2021.20210325.svn41465-150400.31.6.4 * texlive-bundledoc-bin-2021.20210325.svn17794-150400.31.6.4 * texlive-git-latexdiff-bin-2021.20210325.svn54732-150400.31.6.4 * texlive-spix-bin-2021.20210325.svn55933-150400.31.6.4 * texlive-pdftex-quiet-bin-2021.20210325.svn49140-150400.31.6.4 * texlive-velthuis-bin-debuginfo-2021.20210325.svn50281-150400.31.6.4 * texlive-ltxfileinfo-bin-2021.20210325.svn29005-150400.31.6.4 * texlive-csplain-bin-2021.20210325.svn50528-150400.31.6.4 * texlive-2021.20210325-150400.31.6.4 * texlive-dvisvgm-bin-debuginfo-2021.20210325.svn57878-150400.31.6.4 * texlive-pygmentex-bin-2021.20210325.svn34996-150400.31.6.4 * texlive-glossaries-bin-2021.20210325.svn37813-150400.31.6.4 * texlive-seetexk-bin-debuginfo-2021.20210325.svn57878-150400.31.6.4 * texlive-lacheck-bin-debuginfo-2021.20210325.svn53999-150400.31.6.4 * texlive-thumbpdf-bin-2021.20210325.svn6898-150400.31.6.4 * texlive-fragmaster-bin-2021.20210325.svn13663-150400.31.6.4 * texlive-eplain-bin-2021.20210325.svn3006-150400.31.6.4 * texlive-dvipng-bin-debuginfo-2021.20210325.svn57878-150400.31.6.4 * libtexlua53-5-debuginfo-5.3.6-150400.31.6.4 * texlive-tex4ebook-bin-2021.20210325.svn37771-150400.31.6.4 * texlive-autosp-bin-2021.20210325.svn57878-150400.31.6.4 * texlive-latex2man-bin-2021.20210325.svn13663-150400.31.6.4 * texlive-listbib-bin-2021.20210325.svn26126-150400.31.6.4 * texlive-pdftex-bin-2021.20210325.svn58535-150400.31.6.4 * texlive-pdflatexpicscale-bin-2021.20210325.svn41779-150400.31.6.4 * texlive-fontware-bin-2021.20210325.svn57878-150400.31.6.4 * texlive-bibtex-bin-debuginfo-2021.20210325.svn57878-150400.31.6.4 * texlive-texware-bin-2021.20210325.svn57878-150400.31.6.4 * texlive-m-tx-bin-2021.20210325.svn50281-150400.31.6.4 * texlive-ctanupload-bin-2021.20210325.svn23866-150400.31.6.4 * texlive-amstex-bin-2021.20210325.svn3006-150400.31.6.4 * texlive-uplatex-bin-2021.20210325.svn52800-150400.31.6.4 * texlive-multibibliography-bin-2021.20210325.svn30534-150400.31.6.4 * texlive-mptopdf-bin-2021.20210325.svn18674-150400.31.6.4 * libsynctex2-debuginfo-1.21-150400.31.6.4 * texlive-debuginfo-2021.20210325-150400.31.6.4 * texlive-bin-devel-2021.20210325-150400.31.6.4 * texlive-platex-bin-2021.20210325.svn52800-150400.31.6.4 * texlive-pdfbook2-bin-2021.20210325.svn37537-150400.31.6.4 * texlive-tpic2pdftex-bin-2021.20210325.svn50281-150400.31.6.4 * texlive-findhyph-bin-2021.20210325.svn14758-150400.31.6.4 * texlive-dvicopy-bin-2021.20210325.svn57878-150400.31.6.4 * texlive-dviinfox-bin-2021.20210325.svn44515-150400.31.6.4 * texlive-latex2nemeth-bin-2021.20210325.svn42300-150400.31.6.4 * texlive-texsis-bin-2021.20210325.svn3006-150400.31.6.4 * texlive-gregoriotex-bin-debuginfo-2021.20210325.svn58378-150400.31.6.4 * texlive-mf2pt1-bin-2021.20210325.svn23406-150400.31.6.4 * texlive-dviasm-bin-2021.20210325.svn8329-150400.31.6.4 * texlive-pax-bin-2021.20210325.svn10843-150400.31.6.4 * texlive-kotex-utils-bin-2021.20210325.svn32101-150400.31.6.4 * texlive-texdef-bin-2021.20210325.svn45011-150400.31.6.4 * texlive-convbkmk-bin-2021.20210325.svn30408-150400.31.6.4 * texlive-luahbtex-bin-2021.20210325.svn58535-150400.31.6.4 * texlive-yplan-bin-2021.20210325.svn34398-150400.31.6.4 * texlive-dviout-util-bin-debuginfo-2021.20210325.svn57878-150400.31.6.4 * texlive-xpdfopen-bin-2021.20210325.svn52917-150400.31.6.4 * texlive-authorindex-bin-2021.20210325.svn18790-150400.31.6.4 * texlive-cweb-bin-debuginfo-2021.20210325.svn58136-150400.31.6.4 * texlive-dosepsbin-bin-2021.20210325.svn24759-150400.31.6.4 * texlive-ctanify-bin-2021.20210325.svn24061-150400.31.6.4 * texlive-getmap-bin-2021.20210325.svn34971-150400.31.6.4 * texlive-kpathsea-bin-2021.20210325.svn57878-150400.31.6.4 * texlive-petri-nets-bin-2021.20210325.svn39165-150400.31.6.4 * texlive-bibtexu-bin-2021.20210325.svn57878-150400.31.6.4 * texlive-patgen-bin-debuginfo-2021.20210325.svn57878-150400.31.6.4 * texlive-tikztosvg-bin-2021.20210325.svn55132-150400.31.6.4 * texlive-latexmk-bin-2021.20210325.svn10937-150400.31.6.4 * texlive-exceltex-bin-2021.20210325.svn25860-150400.31.6.4 * texlive-hyperxmp-bin-2021.20210325.svn56984-150400.31.6.4 * texlive-gsftopk-bin-debuginfo-2021.20210325.svn57878-150400.31.6.4 * texlive-checkcites-bin-2021.20210325.svn25623-150400.31.6.4 * texlive-omegaware-bin-2021.20210325.svn57878-150400.31.6.4 * texlive-pst2pdf-bin-2021.20210325.svn29333-150400.31.6.4 * texlive-lcdftypetools-bin-2021.20210325.svn57878-150400.31.6.4 * texlive-cjk-gs-integrate-bin-2021.20210325.svn37223-150400.31.6.4 * texlive-dvipdfmx-bin-debuginfo-2021.20210325.svn58535-150400.31.6.4 * texlive-ulqda-bin-2021.20210325.svn13663-150400.31.6.4 * texlive-xindex-bin-2021.20210325.svn49312-150400.31.6.4 * texlive-splitindex-bin-2021.20210325.svn29688-150400.31.6.4 * texlive-latexdiff-bin-2021.20210325.svn16420-150400.31.6.4 * texlive-pmx-bin-debuginfo-2021.20210325.svn57878-150400.31.6.4 * texlive-synctex-bin-2021.20210325.svn58136-150400.31.6.4 * texlive-wordcount-bin-2021.20210325.svn46165-150400.31.6.4 * texlive-axodraw2-bin-2021.20210325.svn58378-150400.31.6.4 * texlive-afm2pl-bin-2021.20210325.svn57878-150400.31.6.4 * texlive-cjkutils-bin-2021.20210325.svn57878-150400.31.6.4 * texlive-bibtexu-bin-debuginfo-2021.20210325.svn57878-150400.31.6.4 * texlive-ctanbib-bin-2021.20210325.svn48478-150400.31.6.4 * texlive-ltximg-bin-2021.20210325.svn32346-150400.31.6.4 * texlive-ptex-bin-2021.20210325.svn58378-150400.31.6.4 * texlive-tie-bin-debuginfo-2021.20210325.svn57878-150400.31.6.4 * texlive-latex-papersize-bin-2021.20210325.svn42296-150400.31.6.4 * texlive-texosquery-bin-2021.20210325.svn43596-150400.31.6.4 * texlive-xetex-bin-debuginfo-2021.20210325.svn58378-150400.31.6.4 * texlive-mkgrkindex-bin-2021.20210325.svn14428-150400.31.6.4 * texlive-vpe-bin-2021.20210325.svn6897-150400.31.6.4 * texlive-srcredact-bin-2021.20210325.svn38710-150400.31.6.4 * texlive-epstopdf-bin-2021.20210325.svn18336-150400.31.6.4 * texlive-pdfjam-bin-2021.20210325.svn52858-150400.31.6.4 * texlive-pdftosrc-bin-2021.20210325.svn57878-150400.31.6.4 * libkpathsea6-debuginfo-6.3.3-150400.31.6.4 * texlive-omegaware-bin-debuginfo-2021.20210325.svn57878-150400.31.6.4 * texlive-lcdftypetools-bin-debuginfo-2021.20210325.svn57878-150400.31.6.4 * texlive-tex4ht-bin-2021.20210325.svn57878-150400.31.6.4 * texlive-dvipos-bin-2021.20210325.svn57878-150400.31.6.4 * texlive-latexfileversion-bin-2021.20210325.svn25012-150400.31.6.4 * texlive-velthuis-bin-2021.20210325.svn50281-150400.31.6.4 * texlive-dtl-bin-2021.20210325.svn57878-150400.31.6.4 * texlive-accfonts-bin-2021.20210325.svn12688-150400.31.6.4 * texlive-bibtex8-bin-2021.20210325.svn57878-150400.31.6.4 * texlive-pst-pdf-bin-2021.20210325.svn7838-150400.31.6.4 * texlive-ps2pk-bin-debuginfo-2021.20210325.svn57878-150400.31.6.4 * texlive-web-bin-debuginfo-2021.20210325.svn57878-150400.31.6.4 * texlive-cslatex-bin-2021.20210325.svn3006-150400.31.6.4 * texlive-typeoutfileinfo-bin-2021.20210325.svn25648-150400.31.6.4 * texlive-texliveonfly-bin-2021.20210325.svn24062-150400.31.6.4 * texlive-ttfutils-bin-debuginfo-2021.20210325.svn57878-150400.31.6.4 * texlive-xetex-bin-2021.20210325.svn58378-150400.31.6.4 * texlive-cachepic-bin-2021.20210325.svn15543-150400.31.6.4 * texlive-asymptote-bin-debuginfo-2021.20210325.svn57890-150400.31.6.4 * texlive-fig4latex-bin-2021.20210325.svn14752-150400.31.6.4 * texlive-checklistings-bin-2021.20210325.svn38300-150400.31.6.4 * texlive-chktex-bin-debuginfo-2021.20210325.svn57878-150400.31.6.4 * texlive-crossrefware-bin-2021.20210325.svn45927-150400.31.6.4 * texlive-make4ht-bin-2021.20210325.svn37750-150400.31.6.4 * texlive-luaotfload-bin-2021.20210325.svn34647-150400.31.6.4 * texlive-metapost-bin-2021.20210325.svn57878-150400.31.6.4 * texlive-mflua-bin-debuginfo-2021.20210325.svn58535-150400.31.6.4 * texlive-mfware-bin-2021.20210325.svn57878-150400.31.6.4 * texlive-xmltex-bin-2021.20210325.svn3006-150400.31.6.4 * texlive-debugsource-2021.20210325-150400.31.6.4 * libsynctex2-1.21-150400.31.6.4 * texlive-listings-ext-bin-2021.20210325.svn15093-150400.31.6.4 * texlive-luatex-bin-debuginfo-2021.20210325.svn58535-150400.31.6.4 * texlive-pkfix-bin-2021.20210325.svn13364-150400.31.6.4 * texlive-texdoc-bin-2021.20210325.svn47948-150400.31.6.4 * texlive-m-tx-bin-debuginfo-2021.20210325.svn50281-150400.31.6.4 * texlive-vlna-bin-debuginfo-2021.20210325.svn50281-150400.31.6.4 * texlive-texfot-bin-2021.20210325.svn33155-150400.31.6.4 * texlive-luajittex-bin-2021.20210325.svn58535-150400.31.6.4 * texlive-latex-bin-bin-2021.20210325.svn54358-150400.31.6.4 * texlive-pdfcrop-bin-2021.20210325.svn14387-150400.31.6.4 * texlive-dvipng-bin-2021.20210325.svn57878-150400.31.6.4 * texlive-ctie-bin-2021.20210325.svn57878-150400.31.6.4 * texlive-pdftosrc-bin-debuginfo-2021.20210325.svn57878-150400.31.6.4 * texlive-detex-bin-2021.20210325.svn57878-150400.31.6.4 * texlive-ttfutils-bin-2021.20210325.svn57878-150400.31.6.4 * texlive-texdiff-bin-2021.20210325.svn15506-150400.31.6.4 * texlive-jfmutil-bin-2021.20210325.svn44835-150400.31.6.4 * texlive-texdoctk-bin-2021.20210325.svn29741-150400.31.6.4 * texlive-pkfix-helper-bin-2021.20210325.svn13663-150400.31.6.4 * texlive-ps2eps-bin-debuginfo-2021.20210325.svn50281-150400.31.6.4 * texlive-latexindent-bin-2021.20210325.svn32150-150400.31.6.4 * texlive-adhocfilelist-bin-2021.20210325.svn28038-150400.31.6.4 * texlive-luatex-bin-2021.20210325.svn58535-150400.31.6.4 * texlive-ptex-bin-debuginfo-2021.20210325.svn58378-150400.31.6.4 * texlive-seetexk-bin-2021.20210325.svn57878-150400.31.6.4 * texlive-ctie-bin-debuginfo-2021.20210325.svn57878-150400.31.6.4 * texlive-clojure-pamphlet-bin-2021.20210325.svn51944-150400.31.6.4 * texlive-musixtex-bin-2021.20210325.svn37026-150400.31.6.4 * texlive-dtl-bin-debuginfo-2021.20210325.svn57878-150400.31.6.4 * texlive-detex-bin-debuginfo-2021.20210325.svn57878-150400.31.6.4 * texlive-dvips-bin-debuginfo-2021.20210325.svn57878-150400.31.6.4 * texlive-lwarp-bin-2021.20210325.svn43292-150400.31.6.4 * texlive-metapost-bin-debuginfo-2021.20210325.svn57878-150400.31.6.4 * texlive-mfware-bin-debuginfo-2021.20210325.svn57878-150400.31.6.4 * texlive-makeindex-bin-2021.20210325.svn57878-150400.31.6.4 * texlive-bib2gls-bin-2021.20210325.svn45266-150400.31.6.4 * texlive-rubik-bin-2021.20210325.svn32919-150400.31.6.4 * texlive-ps2pk-bin-2021.20210325.svn57878-150400.31.6.4 * texlive-sty2dtx-bin-2021.20210325.svn21215-150400.31.6.4 * texlive-texloganalyser-bin-2021.20210325.svn13663-150400.31.6.4 * libkpathsea6-6.3.3-150400.31.6.4 * texlive-texcount-bin-2021.20210325.svn13013-150400.31.6.4 * texlive-texware-bin-debuginfo-2021.20210325.svn57878-150400.31.6.4 * texlive-gregoriotex-bin-2021.20210325.svn58378-150400.31.6.4 * libtexlua53-5-5.3.6-150400.31.6.4 * texlive-ptexenc-devel-1.3.9-150400.31.6.4 * libptexenc1-debuginfo-1.3.9-150400.31.6.4 * texlive-webquiz-bin-2021.20210325.svn50419-150400.31.6.4 * texlive-attachfile2-bin-2021.20210325.svn52909-150400.31.6.4 * texlive-latex-git-log-bin-2021.20210325.svn30983-150400.31.6.4 * texlive-metafont-bin-debuginfo-2021.20210325.svn58378-150400.31.6.4 * texlive-pmx-bin-2021.20210325.svn57878-150400.31.6.4 * texlive-cweb-bin-2021.20210325.svn58136-150400.31.6.4 * texlive-albatross-bin-2021.20210325.svn57089-150400.31.6.4 * texlive-perltex-bin-2021.20210325.svn16181-150400.31.6.4 * texlive-patgen-bin-2021.20210325.svn57878-150400.31.6.4 * texlive-pythontex-bin-2021.20210325.svn31638-150400.31.6.4 * texlive-scripts-bin-2021.20210325.svn55172-150400.31.6.4 * texlive-texdirflatten-bin-2021.20210325.svn12782-150400.31.6.4 * texlive-texplate-bin-2021.20210325.svn53444-150400.31.6.4 * texlive-bibexport-bin-2021.20210325.svn16219-150400.31.6.4 * texlive-jadetex-bin-2021.20210325.svn3006-150400.31.6.4 * texlive-xpdfopen-bin-debuginfo-2021.20210325.svn52917-150400.31.6.4 * texlive-tex4ht-bin-debuginfo-2021.20210325.svn57878-150400.31.6.4 * texlive-mex-bin-2021.20210325.svn3006-150400.31.6.4 * openSUSE Leap 15.5 (aarch64 x86_64) * libtexluajit2-debuginfo-2.1.0beta3-150400.31.6.4 * texlive-luajittex-bin-debuginfo-2021.20210325.svn58535-150400.31.6.4 * texlive-texluajit-devel-2.1.0beta3-150400.31.6.4 * libtexluajit2-2.1.0beta3-150400.31.6.4 * openSUSE Leap 15.5 (noarch) * texlive-biber-bin-2021.20210325.svn57273-150400.31.6.4 * texlive-diadia-bin-2021.20210325.svn37645-150400.31.6.4 * perl-biber-2021.20210325.svn30357-150400.31.6.4 * Basesystem Module 15-SP5 (noarch) * perl-biber-2021.20210325.svn30357-150400.31.6.4 * Desktop Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * texlive-dviout-util-bin-2021.20210325.svn57878-150400.31.6.4 * texlive-dtxgen-bin-2021.20210325.svn29031-150400.31.6.4 * texlive-bibtex8-bin-debuginfo-2021.20210325.svn57878-150400.31.6.4 * texlive-tex-bin-debuginfo-2021.20210325.svn58378-150400.31.6.4 * texlive-pmxchords-bin-2021.20210325.svn32405-150400.31.6.4 * texlive-pfarrei-bin-2021.20210325.svn29348-150400.31.6.4 * texlive-chklref-bin-2021.20210325.svn52631-150400.31.6.4 * libptexenc1-1.3.9-150400.31.6.4 * texlive-dviljk-bin-debuginfo-2021.20210325.svn57878-150400.31.6.4 * texlive-xelatex-dev-bin-2021.20210325.svn53999-150400.31.6.4 * texlive-metafont-bin-2021.20210325.svn58378-150400.31.6.4 * texlive-xml2pmx-bin-debuginfo-2021.20210325.svn57878-150400.31.6.4 * texlive-mathspic-bin-2021.20210325.svn23661-150400.31.6.4 * texlive-tex-bin-2021.20210325.svn58378-150400.31.6.4 * texlive-musixtnt-bin-2021.20210325.svn50281-150400.31.6.4 * texlive-optex-bin-2021.20210325.svn53804-150400.31.6.4 * texlive-dvipdfmx-bin-2021.20210325.svn58535-150400.31.6.4 * texlive-uptex-bin-2021.20210325.svn58378-150400.31.6.4 * texlive-asymptote-bin-2021.20210325.svn57890-150400.31.6.4 * texlive-l3build-bin-2021.20210325.svn46894-150400.31.6.4 * texlive-ptex2pdf-bin-2021.20210325.svn29335-150400.31.6.4 * texlive-aleph-bin-2021.20210325.svn58378-150400.31.6.4 * texlive-context-bin-2021.20210325.svn34112-150400.31.6.4 * texlive-dvipos-bin-debuginfo-2021.20210325.svn57878-150400.31.6.4 * texlive-chktex-bin-2021.20210325.svn57878-150400.31.6.4 * texlive-autosp-bin-debuginfo-2021.20210325.svn57878-150400.31.6.4 * texlive-dvidvi-bin-2021.20210325.svn57878-150400.31.6.4 * texlive-mkjobtexmf-bin-2021.20210325.svn8457-150400.31.6.4 * texlive-mflua-bin-2021.20210325.svn58535-150400.31.6.4 * texlive-purifyeps-bin-2021.20210325.svn13663-150400.31.6.4 * texlive-synctex-devel-1.21-150400.31.6.4 * texlive-dvidvi-bin-debuginfo-2021.20210325.svn57878-150400.31.6.4 * texlive-mltex-bin-2021.20210325.svn3006-150400.31.6.4 * texlive-ptex-fontmaps-bin-2021.20210325.svn44206-150400.31.6.4 * texlive-bibtex-bin-2021.20210325.svn57878-150400.31.6.4 * texlive-tie-bin-2021.20210325.svn57878-150400.31.6.4 * texlive-pedigree-perl-bin-2021.20210325.svn25962-150400.31.6.4 * texlive-uptex-bin-debuginfo-2021.20210325.svn58378-150400.31.6.4 * texlive-gsftopk-bin-2021.20210325.svn57878-150400.31.6.4 * texlive-afm2pl-bin-debuginfo-2021.20210325.svn57878-150400.31.6.4 * texlive-luahbtex-bin-debuginfo-2021.20210325.svn58535-150400.31.6.4 * texlive-ps2eps-bin-2021.20210325.svn50281-150400.31.6.4 * texlive-dviljk-bin-2021.20210325.svn57878-150400.31.6.4 * texlive-musixtnt-bin-debuginfo-2021.20210325.svn50281-150400.31.6.4 * texlive-arara-bin-2021.20210325.svn29036-150400.31.6.4 * texlive-dvicopy-bin-debuginfo-2021.20210325.svn57878-150400.31.6.4 * texlive-axodraw2-bin-debuginfo-2021.20210325.svn58378-150400.31.6.4 * texlive-xdvi-bin-debuginfo-2021.20210325.svn58378-150400.31.6.4 * texlive-cyrillic-bin-bin-2021.20210325.svn53554-150400.31.6.4 * texlive-synctex-bin-debuginfo-2021.20210325.svn58136-150400.31.6.4 * texlive-fontware-bin-debuginfo-2021.20210325.svn57878-150400.31.6.4 * texlive-texlua-devel-5.3.6-150400.31.6.4 * texlive-latexpand-bin-2021.20210325.svn27025-150400.31.6.4 * texlive-pdfxup-bin-2021.20210325.svn40690-150400.31.6.4 * texlive-makeindex-bin-debuginfo-2021.20210325.svn57878-150400.31.6.4 * texlive-aleph-bin-debuginfo-2021.20210325.svn58378-150400.31.6.4 * texlive-fontools-bin-2021.20210325.svn25997-150400.31.6.4 * texlive-vlna-bin-2021.20210325.svn50281-150400.31.6.4 * texlive-makedtx-bin-2021.20210325.svn38769-150400.31.6.4 * texlive-lilyglyphs-bin-2021.20210325.svn31696-150400.31.6.4 * texlive-scripts-extra-bin-2021.20210325.svn53577-150400.31.6.4 * texlive-dvips-bin-2021.20210325.svn57878-150400.31.6.4 * texlive-web-bin-2021.20210325.svn57878-150400.31.6.4 * texlive-match_parens-bin-2021.20210325.svn23500-150400.31.6.4 * texlive-ctan-o-mat-bin-2021.20210325.svn46996-150400.31.6.4 * texlive-ketcindy-bin-2021.20210325.svn49033-150400.31.6.4 * texlive-svn-multi-bin-2021.20210325.svn13663-150400.31.6.4 * texlive-urlbst-bin-2021.20210325.svn23262-150400.31.6.4 * texlive-de-macro-bin-2021.20210325.svn17399-150400.31.6.4 * texlive-kpathsea-bin-debuginfo-2021.20210325.svn57878-150400.31.6.4 * texlive-lacheck-bin-2021.20210325.svn53999-150400.31.6.4 * texlive-light-latex-make-bin-2021.20210325.svn56352-150400.31.6.4 * texlive-cjkutils-bin-debuginfo-2021.20210325.svn57878-150400.31.6.4 * texlive-xml2pmx-bin-2021.20210325.svn57878-150400.31.6.4 * texlive-latex-bin-dev-bin-2021.20210325.svn53999-150400.31.6.4 * texlive-mkpic-bin-2021.20210325.svn33688-150400.31.6.4 * texlive-a2ping-bin-2021.20210325.svn27321-150400.31.6.4 * texlive-kpathsea-devel-6.3.3-150400.31.6.4 * texlive-epspdf-bin-2021.20210325.svn29050-150400.31.6.4 * texlive-pdftex-bin-debuginfo-2021.20210325.svn58535-150400.31.6.4 * texlive-fontinst-bin-2021.20210325.svn53554-150400.31.6.4 * texlive-cluttex-bin-2021.20210325.svn48871-150400.31.6.4 * texlive-xdvi-bin-2021.20210325.svn58378-150400.31.6.4 * texlive-dvisvgm-bin-2021.20210325.svn57878-150400.31.6.4 * texlive-lollipop-bin-2021.20210325.svn41465-150400.31.6.4 * texlive-bundledoc-bin-2021.20210325.svn17794-150400.31.6.4 * texlive-git-latexdiff-bin-2021.20210325.svn54732-150400.31.6.4 * texlive-spix-bin-2021.20210325.svn55933-150400.31.6.4 * texlive-pdftex-quiet-bin-2021.20210325.svn49140-150400.31.6.4 * texlive-velthuis-bin-debuginfo-2021.20210325.svn50281-150400.31.6.4 * texlive-ltxfileinfo-bin-2021.20210325.svn29005-150400.31.6.4 * texlive-csplain-bin-2021.20210325.svn50528-150400.31.6.4 * texlive-2021.20210325-150400.31.6.4 * texlive-dvisvgm-bin-debuginfo-2021.20210325.svn57878-150400.31.6.4 * texlive-pygmentex-bin-2021.20210325.svn34996-150400.31.6.4 * texlive-glossaries-bin-2021.20210325.svn37813-150400.31.6.4 * texlive-seetexk-bin-debuginfo-2021.20210325.svn57878-150400.31.6.4 * texlive-lacheck-bin-debuginfo-2021.20210325.svn53999-150400.31.6.4 * texlive-thumbpdf-bin-2021.20210325.svn6898-150400.31.6.4 * texlive-fragmaster-bin-2021.20210325.svn13663-150400.31.6.4 * texlive-eplain-bin-2021.20210325.svn3006-150400.31.6.4 * texlive-dvipng-bin-debuginfo-2021.20210325.svn57878-150400.31.6.4 * libtexlua53-5-debuginfo-5.3.6-150400.31.6.4 * texlive-tex4ebook-bin-2021.20210325.svn37771-150400.31.6.4 * texlive-autosp-bin-2021.20210325.svn57878-150400.31.6.4 * texlive-latex2man-bin-2021.20210325.svn13663-150400.31.6.4 * texlive-listbib-bin-2021.20210325.svn26126-150400.31.6.4 * texlive-pdftex-bin-2021.20210325.svn58535-150400.31.6.4 * texlive-pdflatexpicscale-bin-2021.20210325.svn41779-150400.31.6.4 * texlive-fontware-bin-2021.20210325.svn57878-150400.31.6.4 * texlive-bibtex-bin-debuginfo-2021.20210325.svn57878-150400.31.6.4 * texlive-texware-bin-2021.20210325.svn57878-150400.31.6.4 * texlive-m-tx-bin-2021.20210325.svn50281-150400.31.6.4 * texlive-ctanupload-bin-2021.20210325.svn23866-150400.31.6.4 * texlive-amstex-bin-2021.20210325.svn3006-150400.31.6.4 * texlive-uplatex-bin-2021.20210325.svn52800-150400.31.6.4 * texlive-multibibliography-bin-2021.20210325.svn30534-150400.31.6.4 * texlive-mptopdf-bin-2021.20210325.svn18674-150400.31.6.4 * libsynctex2-debuginfo-1.21-150400.31.6.4 * texlive-debuginfo-2021.20210325-150400.31.6.4 * texlive-bin-devel-2021.20210325-150400.31.6.4 * texlive-platex-bin-2021.20210325.svn52800-150400.31.6.4 * texlive-pdfbook2-bin-2021.20210325.svn37537-150400.31.6.4 * texlive-tpic2pdftex-bin-2021.20210325.svn50281-150400.31.6.4 * texlive-findhyph-bin-2021.20210325.svn14758-150400.31.6.4 * texlive-dvicopy-bin-2021.20210325.svn57878-150400.31.6.4 * texlive-dviinfox-bin-2021.20210325.svn44515-150400.31.6.4 * texlive-latex2nemeth-bin-2021.20210325.svn42300-150400.31.6.4 * texlive-texsis-bin-2021.20210325.svn3006-150400.31.6.4 * texlive-gregoriotex-bin-debuginfo-2021.20210325.svn58378-150400.31.6.4 * texlive-mf2pt1-bin-2021.20210325.svn23406-150400.31.6.4 * texlive-dviasm-bin-2021.20210325.svn8329-150400.31.6.4 * texlive-pax-bin-2021.20210325.svn10843-150400.31.6.4 * texlive-kotex-utils-bin-2021.20210325.svn32101-150400.31.6.4 * texlive-texdef-bin-2021.20210325.svn45011-150400.31.6.4 * texlive-convbkmk-bin-2021.20210325.svn30408-150400.31.6.4 * texlive-luahbtex-bin-2021.20210325.svn58535-150400.31.6.4 * texlive-yplan-bin-2021.20210325.svn34398-150400.31.6.4 * texlive-dviout-util-bin-debuginfo-2021.20210325.svn57878-150400.31.6.4 * texlive-xpdfopen-bin-2021.20210325.svn52917-150400.31.6.4 * texlive-authorindex-bin-2021.20210325.svn18790-150400.31.6.4 * texlive-cweb-bin-debuginfo-2021.20210325.svn58136-150400.31.6.4 * texlive-dosepsbin-bin-2021.20210325.svn24759-150400.31.6.4 * texlive-ctanify-bin-2021.20210325.svn24061-150400.31.6.4 * texlive-getmap-bin-2021.20210325.svn34971-150400.31.6.4 * texlive-kpathsea-bin-2021.20210325.svn57878-150400.31.6.4 * texlive-petri-nets-bin-2021.20210325.svn39165-150400.31.6.4 * texlive-bibtexu-bin-2021.20210325.svn57878-150400.31.6.4 * texlive-patgen-bin-debuginfo-2021.20210325.svn57878-150400.31.6.4 * texlive-tikztosvg-bin-2021.20210325.svn55132-150400.31.6.4 * texlive-latexmk-bin-2021.20210325.svn10937-150400.31.6.4 * texlive-exceltex-bin-2021.20210325.svn25860-150400.31.6.4 * texlive-hyperxmp-bin-2021.20210325.svn56984-150400.31.6.4 * texlive-gsftopk-bin-debuginfo-2021.20210325.svn57878-150400.31.6.4 * texlive-checkcites-bin-2021.20210325.svn25623-150400.31.6.4 * texlive-omegaware-bin-2021.20210325.svn57878-150400.31.6.4 * texlive-pst2pdf-bin-2021.20210325.svn29333-150400.31.6.4 * texlive-lcdftypetools-bin-2021.20210325.svn57878-150400.31.6.4 * texlive-cjk-gs-integrate-bin-2021.20210325.svn37223-150400.31.6.4 * texlive-dvipdfmx-bin-debuginfo-2021.20210325.svn58535-150400.31.6.4 * texlive-ulqda-bin-2021.20210325.svn13663-150400.31.6.4 * texlive-xindex-bin-2021.20210325.svn49312-150400.31.6.4 * texlive-splitindex-bin-2021.20210325.svn29688-150400.31.6.4 * texlive-latexdiff-bin-2021.20210325.svn16420-150400.31.6.4 * texlive-pmx-bin-debuginfo-2021.20210325.svn57878-150400.31.6.4 * texlive-synctex-bin-2021.20210325.svn58136-150400.31.6.4 * texlive-wordcount-bin-2021.20210325.svn46165-150400.31.6.4 * texlive-axodraw2-bin-2021.20210325.svn58378-150400.31.6.4 * texlive-afm2pl-bin-2021.20210325.svn57878-150400.31.6.4 * texlive-cjkutils-bin-2021.20210325.svn57878-150400.31.6.4 * texlive-bibtexu-bin-debuginfo-2021.20210325.svn57878-150400.31.6.4 * texlive-ctanbib-bin-2021.20210325.svn48478-150400.31.6.4 * texlive-ltximg-bin-2021.20210325.svn32346-150400.31.6.4 * texlive-ptex-bin-2021.20210325.svn58378-150400.31.6.4 * texlive-tie-bin-debuginfo-2021.20210325.svn57878-150400.31.6.4 * texlive-latex-papersize-bin-2021.20210325.svn42296-150400.31.6.4 * texlive-texosquery-bin-2021.20210325.svn43596-150400.31.6.4 * texlive-xetex-bin-debuginfo-2021.20210325.svn58378-150400.31.6.4 * texlive-mkgrkindex-bin-2021.20210325.svn14428-150400.31.6.4 * texlive-vpe-bin-2021.20210325.svn6897-150400.31.6.4 * texlive-srcredact-bin-2021.20210325.svn38710-150400.31.6.4 * texlive-epstopdf-bin-2021.20210325.svn18336-150400.31.6.4 * texlive-pdfjam-bin-2021.20210325.svn52858-150400.31.6.4 * texlive-pdftosrc-bin-2021.20210325.svn57878-150400.31.6.4 * libkpathsea6-debuginfo-6.3.3-150400.31.6.4 * texlive-omegaware-bin-debuginfo-2021.20210325.svn57878-150400.31.6.4 * texlive-lcdftypetools-bin-debuginfo-2021.20210325.svn57878-150400.31.6.4 * texlive-tex4ht-bin-2021.20210325.svn57878-150400.31.6.4 * texlive-dvipos-bin-2021.20210325.svn57878-150400.31.6.4 * texlive-latexfileversion-bin-2021.20210325.svn25012-150400.31.6.4 * texlive-velthuis-bin-2021.20210325.svn50281-150400.31.6.4 * texlive-dtl-bin-2021.20210325.svn57878-150400.31.6.4 * texlive-accfonts-bin-2021.20210325.svn12688-150400.31.6.4 * texlive-bibtex8-bin-2021.20210325.svn57878-150400.31.6.4 * texlive-pst-pdf-bin-2021.20210325.svn7838-150400.31.6.4 * texlive-ps2pk-bin-debuginfo-2021.20210325.svn57878-150400.31.6.4 * texlive-web-bin-debuginfo-2021.20210325.svn57878-150400.31.6.4 * texlive-cslatex-bin-2021.20210325.svn3006-150400.31.6.4 * texlive-typeoutfileinfo-bin-2021.20210325.svn25648-150400.31.6.4 * texlive-texliveonfly-bin-2021.20210325.svn24062-150400.31.6.4 * texlive-ttfutils-bin-debuginfo-2021.20210325.svn57878-150400.31.6.4 * texlive-xetex-bin-2021.20210325.svn58378-150400.31.6.4 * texlive-cachepic-bin-2021.20210325.svn15543-150400.31.6.4 * texlive-asymptote-bin-debuginfo-2021.20210325.svn57890-150400.31.6.4 * texlive-fig4latex-bin-2021.20210325.svn14752-150400.31.6.4 * texlive-checklistings-bin-2021.20210325.svn38300-150400.31.6.4 * texlive-chktex-bin-debuginfo-2021.20210325.svn57878-150400.31.6.4 * texlive-crossrefware-bin-2021.20210325.svn45927-150400.31.6.4 * texlive-make4ht-bin-2021.20210325.svn37750-150400.31.6.4 * texlive-luaotfload-bin-2021.20210325.svn34647-150400.31.6.4 * texlive-metapost-bin-2021.20210325.svn57878-150400.31.6.4 * texlive-mflua-bin-debuginfo-2021.20210325.svn58535-150400.31.6.4 * texlive-mfware-bin-2021.20210325.svn57878-150400.31.6.4 * texlive-xmltex-bin-2021.20210325.svn3006-150400.31.6.4 * texlive-debugsource-2021.20210325-150400.31.6.4 * libsynctex2-1.21-150400.31.6.4 * texlive-listings-ext-bin-2021.20210325.svn15093-150400.31.6.4 * texlive-luatex-bin-debuginfo-2021.20210325.svn58535-150400.31.6.4 * texlive-pkfix-bin-2021.20210325.svn13364-150400.31.6.4 * texlive-texdoc-bin-2021.20210325.svn47948-150400.31.6.4 * texlive-m-tx-bin-debuginfo-2021.20210325.svn50281-150400.31.6.4 * texlive-vlna-bin-debuginfo-2021.20210325.svn50281-150400.31.6.4 * texlive-texfot-bin-2021.20210325.svn33155-150400.31.6.4 * texlive-luajittex-bin-2021.20210325.svn58535-150400.31.6.4 * texlive-latex-bin-bin-2021.20210325.svn54358-150400.31.6.4 * texlive-pdfcrop-bin-2021.20210325.svn14387-150400.31.6.4 * texlive-dvipng-bin-2021.20210325.svn57878-150400.31.6.4 * texlive-ctie-bin-2021.20210325.svn57878-150400.31.6.4 * texlive-pdftosrc-bin-debuginfo-2021.20210325.svn57878-150400.31.6.4 * texlive-detex-bin-2021.20210325.svn57878-150400.31.6.4 * texlive-ttfutils-bin-2021.20210325.svn57878-150400.31.6.4 * texlive-texdiff-bin-2021.20210325.svn15506-150400.31.6.4 * texlive-jfmutil-bin-2021.20210325.svn44835-150400.31.6.4 * texlive-texdoctk-bin-2021.20210325.svn29741-150400.31.6.4 * texlive-pkfix-helper-bin-2021.20210325.svn13663-150400.31.6.4 * texlive-ps2eps-bin-debuginfo-2021.20210325.svn50281-150400.31.6.4 * texlive-latexindent-bin-2021.20210325.svn32150-150400.31.6.4 * texlive-adhocfilelist-bin-2021.20210325.svn28038-150400.31.6.4 * texlive-luatex-bin-2021.20210325.svn58535-150400.31.6.4 * texlive-ptex-bin-debuginfo-2021.20210325.svn58378-150400.31.6.4 * texlive-seetexk-bin-2021.20210325.svn57878-150400.31.6.4 * texlive-ctie-bin-debuginfo-2021.20210325.svn57878-150400.31.6.4 * texlive-clojure-pamphlet-bin-2021.20210325.svn51944-150400.31.6.4 * texlive-musixtex-bin-2021.20210325.svn37026-150400.31.6.4 * texlive-dtl-bin-debuginfo-2021.20210325.svn57878-150400.31.6.4 * texlive-detex-bin-debuginfo-2021.20210325.svn57878-150400.31.6.4 * texlive-dvips-bin-debuginfo-2021.20210325.svn57878-150400.31.6.4 * texlive-lwarp-bin-2021.20210325.svn43292-150400.31.6.4 * texlive-metapost-bin-debuginfo-2021.20210325.svn57878-150400.31.6.4 * texlive-mfware-bin-debuginfo-2021.20210325.svn57878-150400.31.6.4 * texlive-makeindex-bin-2021.20210325.svn57878-150400.31.6.4 * texlive-bib2gls-bin-2021.20210325.svn45266-150400.31.6.4 * texlive-rubik-bin-2021.20210325.svn32919-150400.31.6.4 * texlive-ps2pk-bin-2021.20210325.svn57878-150400.31.6.4 * texlive-sty2dtx-bin-2021.20210325.svn21215-150400.31.6.4 * texlive-texloganalyser-bin-2021.20210325.svn13663-150400.31.6.4 * libkpathsea6-6.3.3-150400.31.6.4 * texlive-texcount-bin-2021.20210325.svn13013-150400.31.6.4 * texlive-texware-bin-debuginfo-2021.20210325.svn57878-150400.31.6.4 * texlive-gregoriotex-bin-2021.20210325.svn58378-150400.31.6.4 * libtexlua53-5-5.3.6-150400.31.6.4 * texlive-ptexenc-devel-1.3.9-150400.31.6.4 * libptexenc1-debuginfo-1.3.9-150400.31.6.4 * texlive-webquiz-bin-2021.20210325.svn50419-150400.31.6.4 * texlive-attachfile2-bin-2021.20210325.svn52909-150400.31.6.4 * texlive-latex-git-log-bin-2021.20210325.svn30983-150400.31.6.4 * texlive-metafont-bin-debuginfo-2021.20210325.svn58378-150400.31.6.4 * texlive-pmx-bin-2021.20210325.svn57878-150400.31.6.4 * texlive-cweb-bin-2021.20210325.svn58136-150400.31.6.4 * texlive-albatross-bin-2021.20210325.svn57089-150400.31.6.4 * texlive-perltex-bin-2021.20210325.svn16181-150400.31.6.4 * texlive-patgen-bin-2021.20210325.svn57878-150400.31.6.4 * texlive-pythontex-bin-2021.20210325.svn31638-150400.31.6.4 * texlive-scripts-bin-2021.20210325.svn55172-150400.31.6.4 * texlive-texdirflatten-bin-2021.20210325.svn12782-150400.31.6.4 * texlive-texplate-bin-2021.20210325.svn53444-150400.31.6.4 * texlive-bibexport-bin-2021.20210325.svn16219-150400.31.6.4 * texlive-jadetex-bin-2021.20210325.svn3006-150400.31.6.4 * texlive-xpdfopen-bin-debuginfo-2021.20210325.svn52917-150400.31.6.4 * texlive-tex4ht-bin-debuginfo-2021.20210325.svn57878-150400.31.6.4 * texlive-mex-bin-2021.20210325.svn3006-150400.31.6.4 * Desktop Applications Module 15-SP5 (aarch64 x86_64) * libtexluajit2-debuginfo-2.1.0beta3-150400.31.6.4 * texlive-luajittex-bin-debuginfo-2021.20210325.svn58535-150400.31.6.4 * texlive-texluajit-devel-2.1.0beta3-150400.31.6.4 * libtexluajit2-2.1.0beta3-150400.31.6.4 * Desktop Applications Module 15-SP5 (noarch) * texlive-biber-bin-2021.20210325.svn57273-150400.31.6.4 * texlive-diadia-bin-2021.20210325.svn37645-150400.31.6.4 ## References: * https://www.suse.com/security/cve/CVE-2023-46048.html * https://www.suse.com/security/cve/CVE-2023-46051.html * https://bugzilla.suse.com/show_bug.cgi?id=1222126 * https://bugzilla.suse.com/show_bug.cgi?id=1222127 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Apr 16 12:30:09 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 16 Apr 2024 12:30:09 -0000 Subject: SUSE-SU-2024:1309-1: important: Security update for nodejs18 Message-ID: <171327060947.16511.18250683678869863092@smelt2.prg2.suse.org> # Security update for nodejs18 Announcement ID: SUSE-SU-2024:1309-1 Rating: important References: * bsc#1220053 * bsc#1222244 * bsc#1222384 * bsc#1222530 * bsc#1222603 Cross-References: * CVE-2024-24806 * CVE-2024-27982 * CVE-2024-27983 * CVE-2024-30260 * CVE-2024-30261 CVSS scores: * CVE-2024-24806 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-24806 ( NVD ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2024-27982 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2024-27983 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-30260 ( SUSE ): 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N * CVE-2024-30261 ( SUSE ): 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Server 4.3 * Web and Scripting Module 15-SP5 An update that solves five vulnerabilities can now be installed. ## Description: This update for nodejs18 fixes the following issues: Update to 18.20.1 Security fixes: * CVE-2024-27983: Fixed failed assertion in node::http2::Http2Session::~Http2Session() that could lead to HTTP/2 server crash (bsc#1222244) * CVE-2024-27982: Fixed HTTP Request Smuggling via Content Length Obfuscation (bsc#1222384) * CVE-2024-30260: Fixed proxy-authorization header not cleared on cross-origin redirect in undici (bsc#1222530) * CVE-2024-30261: Fixed fetch with integrity option is too lax when algorithm is specified but hash value is in incorrect in undici (bsc#1222603) * CVE-2024-24806: Fixed improper domain lookup that potentially leads to SSRF attacks in libuv (bsc#1220053) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-1309=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1309=1 * Web and Scripting Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Web-Scripting-15-SP5-2024-1309=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-1309=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-1309=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-1309=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-1309=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-1309=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * npm18-18.20.1-150400.9.21.3 * nodejs18-devel-18.20.1-150400.9.21.3 * nodejs18-18.20.1-150400.9.21.3 * corepack18-18.20.1-150400.9.21.3 * nodejs18-debugsource-18.20.1-150400.9.21.3 * nodejs18-debuginfo-18.20.1-150400.9.21.3 * openSUSE Leap 15.4 (noarch) * nodejs18-docs-18.20.1-150400.9.21.3 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * npm18-18.20.1-150400.9.21.3 * nodejs18-devel-18.20.1-150400.9.21.3 * nodejs18-18.20.1-150400.9.21.3 * corepack18-18.20.1-150400.9.21.3 * nodejs18-debugsource-18.20.1-150400.9.21.3 * nodejs18-debuginfo-18.20.1-150400.9.21.3 * openSUSE Leap 15.5 (noarch) * nodejs18-docs-18.20.1-150400.9.21.3 * Web and Scripting Module 15-SP5 (aarch64 ppc64le s390x x86_64) * npm18-18.20.1-150400.9.21.3 * nodejs18-devel-18.20.1-150400.9.21.3 * nodejs18-18.20.1-150400.9.21.3 * nodejs18-debugsource-18.20.1-150400.9.21.3 * nodejs18-debuginfo-18.20.1-150400.9.21.3 * Web and Scripting Module 15-SP5 (noarch) * nodejs18-docs-18.20.1-150400.9.21.3 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * npm18-18.20.1-150400.9.21.3 * nodejs18-devel-18.20.1-150400.9.21.3 * nodejs18-18.20.1-150400.9.21.3 * nodejs18-debugsource-18.20.1-150400.9.21.3 * nodejs18-debuginfo-18.20.1-150400.9.21.3 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * nodejs18-docs-18.20.1-150400.9.21.3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * npm18-18.20.1-150400.9.21.3 * nodejs18-devel-18.20.1-150400.9.21.3 * nodejs18-18.20.1-150400.9.21.3 * nodejs18-debugsource-18.20.1-150400.9.21.3 * nodejs18-debuginfo-18.20.1-150400.9.21.3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * nodejs18-docs-18.20.1-150400.9.21.3 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * npm18-18.20.1-150400.9.21.3 * nodejs18-devel-18.20.1-150400.9.21.3 * nodejs18-18.20.1-150400.9.21.3 * nodejs18-debugsource-18.20.1-150400.9.21.3 * nodejs18-debuginfo-18.20.1-150400.9.21.3 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch) * nodejs18-docs-18.20.1-150400.9.21.3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * npm18-18.20.1-150400.9.21.3 * nodejs18-devel-18.20.1-150400.9.21.3 * nodejs18-18.20.1-150400.9.21.3 * nodejs18-debugsource-18.20.1-150400.9.21.3 * nodejs18-debuginfo-18.20.1-150400.9.21.3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * nodejs18-docs-18.20.1-150400.9.21.3 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * npm18-18.20.1-150400.9.21.3 * nodejs18-devel-18.20.1-150400.9.21.3 * nodejs18-18.20.1-150400.9.21.3 * nodejs18-debugsource-18.20.1-150400.9.21.3 * nodejs18-debuginfo-18.20.1-150400.9.21.3 * SUSE Manager Server 4.3 (noarch) * nodejs18-docs-18.20.1-150400.9.21.3 ## References: * https://www.suse.com/security/cve/CVE-2024-24806.html * https://www.suse.com/security/cve/CVE-2024-27982.html * https://www.suse.com/security/cve/CVE-2024-27983.html * https://www.suse.com/security/cve/CVE-2024-30260.html * https://www.suse.com/security/cve/CVE-2024-30261.html * https://bugzilla.suse.com/show_bug.cgi?id=1220053 * https://bugzilla.suse.com/show_bug.cgi?id=1222244 * https://bugzilla.suse.com/show_bug.cgi?id=1222384 * https://bugzilla.suse.com/show_bug.cgi?id=1222530 * https://bugzilla.suse.com/show_bug.cgi?id=1222603 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Apr 16 12:30:11 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 16 Apr 2024 12:30:11 -0000 Subject: SUSE-SU-2024:1308-1: important: Security update for nodejs16 Message-ID: <171327061176.16511.13831114251455196307@smelt2.prg2.suse.org> # Security update for nodejs16 Announcement ID: SUSE-SU-2024:1308-1 Rating: important References: * bsc#1222244 * bsc#1222384 Cross-References: * CVE-2024-27982 * CVE-2024-27983 CVSS scores: * CVE-2024-27982 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2024-27983 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Manager Server 4.3 An update that solves two vulnerabilities can now be installed. ## Description: This update for nodejs16 fixes the following issues: * CVE-2024-27983: Fixed failed assertion in node::http2::Http2Session::~Http2Session() that could lead to HTTP/2 server crash (bsc#1222244) * CVE-2024-27982: Fixed HTTP Request Smuggling via Content Length Obfuscation (bsc#1222384) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-1308=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-1308=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-1308=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-1308=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-1308=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-1308=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * corepack16-16.20.2-150400.3.33.1 * nodejs16-debuginfo-16.20.2-150400.3.33.1 * nodejs16-16.20.2-150400.3.33.1 * npm16-16.20.2-150400.3.33.1 * nodejs16-debugsource-16.20.2-150400.3.33.1 * nodejs16-devel-16.20.2-150400.3.33.1 * openSUSE Leap 15.4 (noarch) * nodejs16-docs-16.20.2-150400.3.33.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * nodejs16-debuginfo-16.20.2-150400.3.33.1 * npm16-16.20.2-150400.3.33.1 * nodejs16-16.20.2-150400.3.33.1 * nodejs16-debugsource-16.20.2-150400.3.33.1 * nodejs16-devel-16.20.2-150400.3.33.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * nodejs16-docs-16.20.2-150400.3.33.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * nodejs16-debuginfo-16.20.2-150400.3.33.1 * npm16-16.20.2-150400.3.33.1 * nodejs16-16.20.2-150400.3.33.1 * nodejs16-debugsource-16.20.2-150400.3.33.1 * nodejs16-devel-16.20.2-150400.3.33.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * nodejs16-docs-16.20.2-150400.3.33.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * nodejs16-debuginfo-16.20.2-150400.3.33.1 * npm16-16.20.2-150400.3.33.1 * nodejs16-16.20.2-150400.3.33.1 * nodejs16-debugsource-16.20.2-150400.3.33.1 * nodejs16-devel-16.20.2-150400.3.33.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch) * nodejs16-docs-16.20.2-150400.3.33.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * nodejs16-debuginfo-16.20.2-150400.3.33.1 * npm16-16.20.2-150400.3.33.1 * nodejs16-16.20.2-150400.3.33.1 * nodejs16-debugsource-16.20.2-150400.3.33.1 * nodejs16-devel-16.20.2-150400.3.33.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * nodejs16-docs-16.20.2-150400.3.33.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * nodejs16-debuginfo-16.20.2-150400.3.33.1 * npm16-16.20.2-150400.3.33.1 * nodejs16-16.20.2-150400.3.33.1 * nodejs16-debugsource-16.20.2-150400.3.33.1 * nodejs16-devel-16.20.2-150400.3.33.1 * SUSE Manager Server 4.3 (noarch) * nodejs16-docs-16.20.2-150400.3.33.1 ## References: * https://www.suse.com/security/cve/CVE-2024-27982.html * https://www.suse.com/security/cve/CVE-2024-27983.html * https://bugzilla.suse.com/show_bug.cgi?id=1222244 * https://bugzilla.suse.com/show_bug.cgi?id=1222384 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Apr 16 12:30:14 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 16 Apr 2024 12:30:14 -0000 Subject: SUSE-SU-2024:1307-1: important: Security update for nodejs18 Message-ID: <171327061423.16511.11445112642190219675@smelt2.prg2.suse.org> # Security update for nodejs18 Announcement ID: SUSE-SU-2024:1307-1 Rating: important References: * bsc#1220053 * bsc#1222244 * bsc#1222384 * bsc#1222530 * bsc#1222603 Cross-References: * CVE-2024-24806 * CVE-2024-27982 * CVE-2024-27983 * CVE-2024-30260 * CVE-2024-30261 CVSS scores: * CVE-2024-24806 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-24806 ( NVD ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2024-27982 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2024-27983 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-30260 ( SUSE ): 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N * CVE-2024-30261 ( SUSE ): 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP2 * SUSE Linux Enterprise High Performance Computing 12 SP3 * SUSE Linux Enterprise High Performance Computing 12 SP4 * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 * SUSE Linux Enterprise Server 12 SP1 * SUSE Linux Enterprise Server 12 SP2 * SUSE Linux Enterprise Server 12 SP3 * SUSE Linux Enterprise Server 12 SP4 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 * SUSE Linux Enterprise Server for SAP Applications 12 SP1 * SUSE Linux Enterprise Server for SAP Applications 12 SP2 * SUSE Linux Enterprise Server for SAP Applications 12 SP3 * SUSE Linux Enterprise Server for SAP Applications 12 SP4 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * Web and Scripting Module 12 An update that solves five vulnerabilities can now be installed. ## Description: This update for nodejs18 fixes the following issues: Update to 18.20.1 Security fixes: \- CVE-2024-27983: Fixed failed assertion in node::http2::Http2Session::~Http2Session() that could lead to HTTP/2 server crash (bsc#1222244) \- CVE-2024-27982: Fixed HTTP Request Smuggling via Content Length Obfuscation (bsc#1222384) \- CVE-2024-30260: Fixed proxy-authorization header not cleared on cross-origin redirect in undici (bsc#1222530) \- CVE-2024-30261: Fixed fetch with integrity option is too lax when algorithm is specified but hash value is in incorrect in undici (bsc#1222603) \- CVE-2024-24806: Fixed improper domain lookup that potentially leads to SSRF attacks in libuv (bsc#1220053) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Web and Scripting Module 12 zypper in -t patch SUSE-SLE-Module-Web-Scripting-12-2024-1307=1 ## Package List: * Web and Scripting Module 12 (aarch64 ppc64le s390x x86_64) * nodejs18-debuginfo-18.20.1-8.21.1 * nodejs18-devel-18.20.1-8.21.1 * nodejs18-debugsource-18.20.1-8.21.1 * npm18-18.20.1-8.21.1 * nodejs18-18.20.1-8.21.1 * Web and Scripting Module 12 (noarch) * nodejs18-docs-18.20.1-8.21.1 ## References: * https://www.suse.com/security/cve/CVE-2024-24806.html * https://www.suse.com/security/cve/CVE-2024-27982.html * https://www.suse.com/security/cve/CVE-2024-27983.html * https://www.suse.com/security/cve/CVE-2024-30260.html * https://www.suse.com/security/cve/CVE-2024-30261.html * https://bugzilla.suse.com/show_bug.cgi?id=1220053 * https://bugzilla.suse.com/show_bug.cgi?id=1222244 * https://bugzilla.suse.com/show_bug.cgi?id=1222384 * https://bugzilla.suse.com/show_bug.cgi?id=1222530 * https://bugzilla.suse.com/show_bug.cgi?id=1222603 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Apr 16 12:30:17 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 16 Apr 2024 12:30:17 -0000 Subject: SUSE-SU-2024:1306-1: important: Security update for nodejs16 Message-ID: <171327061703.16511.1909628471600010105@smelt2.prg2.suse.org> # Security update for nodejs16 Announcement ID: SUSE-SU-2024:1306-1 Rating: important References: * bsc#1222244 * bsc#1222384 Cross-References: * CVE-2024-27982 * CVE-2024-27983 CVSS scores: * CVE-2024-27982 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2024-27983 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves two vulnerabilities can now be installed. ## Description: This update for nodejs16 fixes the following issues: * CVE-2024-27983: Fixed failed assertion in node::http2::Http2Session::~Http2Session() that could lead to HTTP/2 server crash (bsc#1222244) * CVE-2024-27982: Fixed HTTP Request Smuggling via Content Length Obfuscation (bsc#1222384) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-1306=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-1306=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-1306=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-1306=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-1306=1 ## Package List: * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * nodejs16-debuginfo-16.20.2-150300.7.36.2 * nodejs16-devel-16.20.2-150300.7.36.2 * nodejs16-debugsource-16.20.2-150300.7.36.2 * corepack16-16.20.2-150300.7.36.2 * npm16-16.20.2-150300.7.36.2 * nodejs16-16.20.2-150300.7.36.2 * openSUSE Leap 15.3 (noarch) * nodejs16-docs-16.20.2-150300.7.36.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * nodejs16-debuginfo-16.20.2-150300.7.36.2 * nodejs16-devel-16.20.2-150300.7.36.2 * nodejs16-debugsource-16.20.2-150300.7.36.2 * npm16-16.20.2-150300.7.36.2 * nodejs16-16.20.2-150300.7.36.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * nodejs16-docs-16.20.2-150300.7.36.2 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * nodejs16-debuginfo-16.20.2-150300.7.36.2 * nodejs16-devel-16.20.2-150300.7.36.2 * nodejs16-debugsource-16.20.2-150300.7.36.2 * npm16-16.20.2-150300.7.36.2 * nodejs16-16.20.2-150300.7.36.2 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch) * nodejs16-docs-16.20.2-150300.7.36.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * nodejs16-debuginfo-16.20.2-150300.7.36.2 * nodejs16-devel-16.20.2-150300.7.36.2 * nodejs16-debugsource-16.20.2-150300.7.36.2 * npm16-16.20.2-150300.7.36.2 * nodejs16-16.20.2-150300.7.36.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * nodejs16-docs-16.20.2-150300.7.36.2 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * nodejs16-debuginfo-16.20.2-150300.7.36.2 * nodejs16-devel-16.20.2-150300.7.36.2 * nodejs16-debugsource-16.20.2-150300.7.36.2 * npm16-16.20.2-150300.7.36.2 * nodejs16-16.20.2-150300.7.36.2 * SUSE Enterprise Storage 7.1 (noarch) * nodejs16-docs-16.20.2-150300.7.36.2 ## References: * https://www.suse.com/security/cve/CVE-2024-27982.html * https://www.suse.com/security/cve/CVE-2024-27983.html * https://bugzilla.suse.com/show_bug.cgi?id=1222244 * https://bugzilla.suse.com/show_bug.cgi?id=1222384 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Apr 16 12:30:21 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 16 Apr 2024 12:30:21 -0000 Subject: SUSE-SU-2024:1304-1: moderate: Security update for eclipse, maven-surefire, tycho Message-ID: <171327062120.16511.15018136781435090439@smelt2.prg2.suse.org> # Security update for eclipse, maven-surefire, tycho Announcement ID: SUSE-SU-2024:1304-1 Rating: moderate References: * bsc#1216992 Cross-References: * CVE-2023-4218 CVSS scores: * CVE-2023-4218 ( SUSE ): 5.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N * CVE-2023-4218 ( NVD ): 5.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N Affected Products: * Development Tools Module 15-SP5 * openSUSE Leap 15.5 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Package Hub 15 15-SP5 An update that solves one vulnerability can now be installed. ## Description: This update for eclipse, maven-surefire, tycho fixes the following issues: eclipse received the following security fix: * CVE-2023-4218: Fixed a bug where parsing files with xml content laeds to XXE attacks. (bsc#1216992) maven-sunfire was updated from version 2.22.0 to 2.22.2: * Changes in version 2.22.2: * Bugs fixed: * Fixed JUnit Runner that writes to System.out corrupts Surefire?s STDOUT when using JUnit?s Vintage Engine * Changes in version 2.22.1: * Bugs fixed: * Fixed Surefire unable to run testng suites in parallel * Fixed Git wrongly considering PNG files as changed when there is no change * Fixed the surefire XSD published on maven site lacking of some rerun element * Fixed XML Report elements rerunError, rerunFailure, flakyFailure, flakyError * Fixed overriding platform version through project/plugin dependencies * Fixed mixed up characters in standard output * Logs in Parallel Tests are mixed up when `forkMode=never` or `forkCount=0` * MIME type for javascript is now officially application/javascript * Improvements: * Elapsed time in XML Report should satisfy pattern in XSD. * Fix old test resources TEST-*.xml in favor of continuing with SUREFIRE-1550 * Nil element ?failureMessage? in failsafe-summary.xml should have self closed tag * Removed obsolete module `surefire-setup-integration-tests` * Support Java 11 * Surefire should support parameterized reportsDirectory * Dependency upgrades: * Upgraded maven-plugins parent to version 32 * Upgraded maven-plugins parent to version 33 tycho received the following bug fixes: * Fixed build against maven-surefire 2.22.1 and newer * Fixed build against newer plexus-compiler * Fixed issues with plexus-archiver 4.4.0 and newer * Require explicitely artifacts that will not be required automatically any more ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-1304=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-1304=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-1304=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-1304=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-1304=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-1304=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1304=1 * Development Tools Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2024-1304=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-1304=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-1304=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-1304=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-1304=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-1304=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-1304=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-1304=1 ## Package List: * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch) * maven-surefire-2.22.2-150200.3.9.9.1 * maven-surefire-plugin-2.22.2-150200.3.9.9.1 * maven-surefire-provider-junit-2.22.2-150200.3.9.9.1 * maven-surefire-provider-testng-2.22.2-150200.3.9.9.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch) * maven-surefire-2.22.2-150200.3.9.9.1 * maven-surefire-plugin-2.22.2-150200.3.9.9.1 * maven-surefire-provider-junit-2.22.2-150200.3.9.9.1 * maven-surefire-provider-testng-2.22.2-150200.3.9.9.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (noarch) * maven-surefire-2.22.2-150200.3.9.9.1 * maven-surefire-plugin-2.22.2-150200.3.9.9.1 * maven-surefire-provider-junit-2.22.2-150200.3.9.9.1 * maven-surefire-provider-testng-2.22.2-150200.3.9.9.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * maven-surefire-2.22.2-150200.3.9.9.1 * maven-surefire-plugin-2.22.2-150200.3.9.9.1 * maven-surefire-provider-junit-2.22.2-150200.3.9.9.1 * maven-surefire-provider-testng-2.22.2-150200.3.9.9.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * maven-surefire-2.22.2-150200.3.9.9.1 * maven-surefire-plugin-2.22.2-150200.3.9.9.1 * maven-surefire-provider-junit-2.22.2-150200.3.9.9.1 * maven-surefire-provider-testng-2.22.2-150200.3.9.9.1 * SUSE Enterprise Storage 7.1 (noarch) * maven-surefire-2.22.2-150200.3.9.9.1 * maven-surefire-plugin-2.22.2-150200.3.9.9.1 * maven-surefire-provider-junit-2.22.2-150200.3.9.9.1 * maven-surefire-provider-testng-2.22.2-150200.3.9.9.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * eclipse-platform-debuginfo-4.15-150200.4.16.4 * eclipse-swt-debuginfo-4.15-150200.4.16.4 * eclipse-swt-4.15-150200.4.16.4 * eclipse-swt-bootstrap-4.15-150200.4.16.5 * eclipse-platform-4.15-150200.4.16.4 * eclipse-bootstrap-debuginfo-4.15-150200.4.16.5 * eclipse-emf-core-2.22.0-150200.4.9.3 * eclipse-emf-core-bootstrap-2.22.0-150200.4.9.3 * eclipse-equinox-osgi-4.15-150200.4.16.4 * eclipse-swt-bootstrap-debuginfo-4.15-150200.4.16.5 * eclipse-pde-bootstrap-4.15-150200.4.16.5 * eclipse-contributor-tools-4.15-150200.4.16.4 * eclipse-platform-bootstrap-4.15-150200.4.16.5 * eclipse-platform-bootstrap-debuginfo-4.15-150200.4.16.5 * eclipse-debuginfo-4.15-150200.4.16.4 * eclipse-bootstrap-debugsource-4.15-150200.4.16.5 * eclipse-pde-4.15-150200.4.16.4 * eclipse-equinox-osgi-bootstrap-4.15-150200.4.16.5 * eclipse-debugsource-4.15-150200.4.16.4 * openSUSE Leap 15.5 (noarch) * eclipse-emf-xsd-2.22.0-150200.4.9.3 * eclipse-p2-discovery-4.15-150200.4.16.4 * maven-failsafe-plugin-bootstrap-2.22.2-150200.3.9.9.1 * maven-surefire-report-parser-2.22.2-150200.3.9.9.1 * tycho-javadoc-1.6.0-150200.4.9.5 * tycho-1.6.0-150200.4.9.5 * maven-surefire-plugin-bootstrap-2.22.2-150200.3.9.9.1 * maven-surefire-provider-testng-2.22.2-150200.3.9.9.1 * eclipse-emf-sdk-2.22.0-150200.4.9.3 * maven-surefire-javadoc-2.22.2-150200.3.9.9.1 * eclipse-p2-discovery-bootstrap-4.15-150200.4.16.5 * eclipse-jdt-bootstrap-4.15-150200.4.16.5 * maven-surefire-report-plugin-bootstrap-2.22.2-150200.3.9.9.1 * maven-surefire-plugin-2.22.2-150200.3.9.9.1 * maven-surefire-plugins-javadoc-2.22.2-150200.3.9.9.1 * eclipse-emf-runtime-2.22.0-150200.4.9.3 * maven-surefire-provider-junit5-javadoc-2.22.2-150200.3.9.9.1 * eclipse-jdt-4.15-150200.4.16.4 * tycho-bootstrap-1.6.0-150200.4.9.2 * maven-surefire-report-plugin-2.22.2-150200.3.9.9.1 * maven-surefire-provider-junit-2.22.2-150200.3.9.9.1 * maven-surefire-provider-junit5-2.22.2-150200.3.9.9.1 * maven-surefire-2.22.2-150200.3.9.9.1 * maven-failsafe-plugin-2.22.2-150200.3.9.9.1 * Development Tools Module 15-SP5 (noarch) * maven-surefire-2.22.2-150200.3.9.9.1 * maven-surefire-plugin-2.22.2-150200.3.9.9.1 * maven-surefire-provider-junit-2.22.2-150200.3.9.9.1 * maven-surefire-provider-testng-2.22.2-150200.3.9.9.1 * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x x86_64) * eclipse-platform-debuginfo-4.15-150200.4.16.4 * eclipse-swt-debuginfo-4.15-150200.4.16.4 * eclipse-swt-4.15-150200.4.16.4 * eclipse-swt-bootstrap-4.15-150200.4.16.5 * eclipse-platform-4.15-150200.4.16.4 * eclipse-bootstrap-debuginfo-4.15-150200.4.16.5 * eclipse-emf-core-2.22.0-150200.4.9.3 * eclipse-emf-core-bootstrap-2.22.0-150200.4.9.3 * eclipse-equinox-osgi-4.15-150200.4.16.4 * eclipse-swt-bootstrap-debuginfo-4.15-150200.4.16.5 * eclipse-pde-bootstrap-4.15-150200.4.16.5 * eclipse-contributor-tools-4.15-150200.4.16.4 * eclipse-platform-bootstrap-4.15-150200.4.16.5 * eclipse-platform-bootstrap-debuginfo-4.15-150200.4.16.5 * eclipse-debuginfo-4.15-150200.4.16.4 * eclipse-bootstrap-debugsource-4.15-150200.4.16.5 * eclipse-pde-4.15-150200.4.16.4 * eclipse-equinox-osgi-bootstrap-4.15-150200.4.16.5 * eclipse-debugsource-4.15-150200.4.16.4 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (noarch) * maven-surefire-2.22.2-150200.3.9.9.1 * maven-surefire-plugin-2.22.2-150200.3.9.9.1 * maven-surefire-provider-junit-2.22.2-150200.3.9.9.1 * maven-surefire-provider-testng-2.22.2-150200.3.9.9.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * maven-surefire-2.22.2-150200.3.9.9.1 * maven-surefire-plugin-2.22.2-150200.3.9.9.1 * maven-surefire-provider-junit-2.22.2-150200.3.9.9.1 * maven-surefire-provider-testng-2.22.2-150200.3.9.9.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * maven-surefire-2.22.2-150200.3.9.9.1 * maven-surefire-plugin-2.22.2-150200.3.9.9.1 * maven-surefire-provider-junit-2.22.2-150200.3.9.9.1 * maven-surefire-provider-testng-2.22.2-150200.3.9.9.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * maven-surefire-2.22.2-150200.3.9.9.1 * maven-surefire-plugin-2.22.2-150200.3.9.9.1 * maven-surefire-provider-junit-2.22.2-150200.3.9.9.1 * maven-surefire-provider-testng-2.22.2-150200.3.9.9.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (noarch) * maven-surefire-2.22.2-150200.3.9.9.1 * maven-surefire-plugin-2.22.2-150200.3.9.9.1 * maven-surefire-provider-junit-2.22.2-150200.3.9.9.1 * maven-surefire-provider-testng-2.22.2-150200.3.9.9.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (noarch) * maven-surefire-2.22.2-150200.3.9.9.1 * maven-surefire-plugin-2.22.2-150200.3.9.9.1 * maven-surefire-provider-junit-2.22.2-150200.3.9.9.1 * maven-surefire-provider-testng-2.22.2-150200.3.9.9.1 ## References: * https://www.suse.com/security/cve/CVE-2023-4218.html * https://bugzilla.suse.com/show_bug.cgi?id=1216992 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Apr 16 12:30:19 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 16 Apr 2024 12:30:19 -0000 Subject: SUSE-SU-2024:1305-1: important: Security update for nodejs16 Message-ID: <171327061945.16511.6892786789200731050@smelt2.prg2.suse.org> # Security update for nodejs16 Announcement ID: SUSE-SU-2024:1305-1 Rating: important References: * bsc#1222244 * bsc#1222384 Cross-References: * CVE-2024-27982 * CVE-2024-27983 CVSS scores: * CVE-2024-27982 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2024-27983 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP2 * SUSE Linux Enterprise High Performance Computing 12 SP3 * SUSE Linux Enterprise High Performance Computing 12 SP4 * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 * SUSE Linux Enterprise Server 12 SP1 * SUSE Linux Enterprise Server 12 SP2 * SUSE Linux Enterprise Server 12 SP3 * SUSE Linux Enterprise Server 12 SP4 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 * SUSE Linux Enterprise Server for SAP Applications 12 SP1 * SUSE Linux Enterprise Server for SAP Applications 12 SP2 * SUSE Linux Enterprise Server for SAP Applications 12 SP3 * SUSE Linux Enterprise Server for SAP Applications 12 SP4 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * Web and Scripting Module 12 An update that solves two vulnerabilities can now be installed. ## Description: This update for nodejs16 fixes the following issues: * CVE-2024-27983: Fixed failed assertion in node::http2::Http2Session::~Http2Session() that could lead to HTTP/2 server crash (bsc#1222244) * CVE-2024-27982: Fixed HTTP Request Smuggling via Content Length Obfuscation (bsc#1222384) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Web and Scripting Module 12 zypper in -t patch SUSE-SLE-Module-Web-Scripting-12-2024-1305=1 ## Package List: * Web and Scripting Module 12 (aarch64 ppc64le s390x x86_64) * nodejs16-debugsource-16.20.2-8.42.1 * nodejs16-16.20.2-8.42.1 * npm16-16.20.2-8.42.1 * nodejs16-debuginfo-16.20.2-8.42.1 * nodejs16-devel-16.20.2-8.42.1 * Web and Scripting Module 12 (noarch) * nodejs16-docs-16.20.2-8.42.1 ## References: * https://www.suse.com/security/cve/CVE-2024-27982.html * https://www.suse.com/security/cve/CVE-2024-27983.html * https://bugzilla.suse.com/show_bug.cgi?id=1222244 * https://bugzilla.suse.com/show_bug.cgi?id=1222384 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Apr 16 16:30:03 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 16 Apr 2024 16:30:03 -0000 Subject: SUSE-SU-2024:1318-1: important: Security update for the Linux Kernel (Live Patch 20 for SLE 15 SP4) Message-ID: <171328500316.24994.15549428579342529312@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 20 for SLE 15 SP4) Announcement ID: SUSE-SU-2024:1318-1 Rating: important References: * bsc#1219078 * bsc#1219296 * bsc#1219432 Cross-References: * CVE-2023-52340 * CVE-2024-0565 * CVE-2024-1085 CVSS scores: * CVE-2023-52340 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0565 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0565 ( NVD ): 7.4 CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H * CVE-2024-1085 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-1085 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves three vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150400_24_97 fixes several issues. The following security issues were fixed: * CVE-2024-0565: Fixed an out-of-bounds memory read flaw in receive_encrypted_standard in fs/smb/client/smb2ops.c (bsc#1219078). * CVE-2024-1085: Fixed nf_tables use-after-free vulnerability in the nft_setelem_catchall_deactivate() function (bsc#1219432). * CVE-2023-52340: Fixed ICMPv6 ?Packet Too Big? packets force a DoS of the Linux kernel by forcing 100% CPU (bsc#1219296). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2024-1318=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-1318=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_97-default-debuginfo-5-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_20-debugsource-5-150400.2.1 * kernel-livepatch-5_14_21-150400_24_97-default-5-150400.2.1 * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_97-default-debuginfo-5-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_20-debugsource-5-150400.2.1 * kernel-livepatch-5_14_21-150400_24_97-default-5-150400.2.1 ## References: * https://www.suse.com/security/cve/CVE-2023-52340.html * https://www.suse.com/security/cve/CVE-2024-0565.html * https://www.suse.com/security/cve/CVE-2024-1085.html * https://bugzilla.suse.com/show_bug.cgi?id=1219078 * https://bugzilla.suse.com/show_bug.cgi?id=1219296 * https://bugzilla.suse.com/show_bug.cgi?id=1219432 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Apr 16 16:30:05 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 16 Apr 2024 16:30:05 -0000 Subject: SUSE-SU-2024:1312-1: important: Security update for the Linux Kernel (Live Patch 18 for SLE 15 SP4) Message-ID: <171328500580.24994.16494594597901757838@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 18 for SLE 15 SP4) Announcement ID: SUSE-SU-2024:1312-1 Rating: important References: * bsc#1218613 * bsc#1219078 * bsc#1219296 * bsc#1219432 Cross-References: * CVE-2023-42753 * CVE-2023-52340 * CVE-2024-0565 * CVE-2024-1085 CVSS scores: * CVE-2023-42753 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-42753 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52340 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0565 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0565 ( NVD ): 7.4 CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H * CVE-2024-1085 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-1085 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves four vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150400_24_88 fixes several issues. The following security issues were fixed: * CVE-2024-0565: Fixed an out-of-bounds memory read flaw in receive_encrypted_standard in fs/smb/client/smb2ops.c (bsc#1219078). * CVE-2023-42753: Fixed an array indexing vulnerability in the netfilter subsystem. This issue may have allowed a local user to crash the system or potentially escalate their privileges (bsc#1218613). * CVE-2024-1085: Fixed nf_tables use-after-free vulnerability in the nft_setelem_catchall_deactivate() function (bsc#1219432). * CVE-2023-52340: Fixed ICMPv6 ?Packet Too Big? packets force a DoS of the Linux kernel by forcing 100% CPU (bsc#1219296). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-1312=1 SUSE-2024-1313=1 * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2024-1312=1 SUSE-SLE- Module-Live-Patching-15-SP4-2024-1313=1 ## Package List: * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP4_Update_18-debugsource-7-150400.2.1 * kernel-livepatch-5_14_21-150400_24_63-default-debuginfo-12-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_12-debugsource-12-150400.2.1 * kernel-livepatch-5_14_21-150400_24_88-default-7-150400.2.1 * kernel-livepatch-5_14_21-150400_24_63-default-12-150400.2.1 * kernel-livepatch-5_14_21-150400_24_88-default-debuginfo-7-150400.2.1 * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP4_Update_18-debugsource-7-150400.2.1 * kernel-livepatch-5_14_21-150400_24_63-default-debuginfo-12-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_12-debugsource-12-150400.2.1 * kernel-livepatch-5_14_21-150400_24_88-default-7-150400.2.1 * kernel-livepatch-5_14_21-150400_24_63-default-12-150400.2.1 * kernel-livepatch-5_14_21-150400_24_88-default-debuginfo-7-150400.2.1 ## References: * https://www.suse.com/security/cve/CVE-2023-42753.html * https://www.suse.com/security/cve/CVE-2023-52340.html * https://www.suse.com/security/cve/CVE-2024-0565.html * https://www.suse.com/security/cve/CVE-2024-1085.html * https://bugzilla.suse.com/show_bug.cgi?id=1218613 * https://bugzilla.suse.com/show_bug.cgi?id=1219078 * https://bugzilla.suse.com/show_bug.cgi?id=1219296 * https://bugzilla.suse.com/show_bug.cgi?id=1219432 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Apr 16 16:30:07 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 16 Apr 2024 16:30:07 -0000 Subject: SUSE-SU-2024:1317-1: low: Security update for emacs Message-ID: <171328500784.24994.11575756724472822172@smelt2.prg2.suse.org> # Security update for emacs Announcement ID: SUSE-SU-2024:1317-1 Rating: low References: * bsc#1222050 * bsc#1222052 * bsc#1222053 Cross-References: * CVE-2024-30203 * CVE-2024-30204 * CVE-2024-30205 CVSS scores: * CVE-2024-30203 ( SUSE ): 2.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L * CVE-2024-30204 ( SUSE ): 2.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L * CVE-2024-30205 ( SUSE ): 2.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves three vulnerabilities can now be installed. ## Description: This update for emacs fixes the following issues: * CVE-2024-30203: Fixed denial of service via MIME contents (bsc#1222053) * CVE-2024-30204: Fixed denial of service via LaTeX preview in e-mail attachments (bsc#1222052) * CVE-2024-30205: Fixed Org mode considering contents of remote files as trusted (bsc#1222050) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1317=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1317=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1317=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * emacs-x11-24.3-25.17.1 * emacs-nox-24.3-25.17.1 * emacs-x11-debuginfo-24.3-25.17.1 * emacs-nox-debuginfo-24.3-25.17.1 * emacs-debuginfo-24.3-25.17.1 * emacs-debugsource-24.3-25.17.1 * etags-24.3-25.17.1 * etags-debuginfo-24.3-25.17.1 * emacs-24.3-25.17.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (noarch) * emacs-el-24.3-25.17.1 * emacs-info-24.3-25.17.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * emacs-x11-24.3-25.17.1 * emacs-nox-24.3-25.17.1 * emacs-x11-debuginfo-24.3-25.17.1 * emacs-nox-debuginfo-24.3-25.17.1 * emacs-debuginfo-24.3-25.17.1 * emacs-debugsource-24.3-25.17.1 * etags-24.3-25.17.1 * etags-debuginfo-24.3-25.17.1 * emacs-24.3-25.17.1 * SUSE Linux Enterprise Server 12 SP5 (noarch) * emacs-el-24.3-25.17.1 * emacs-info-24.3-25.17.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * emacs-x11-24.3-25.17.1 * emacs-nox-24.3-25.17.1 * emacs-x11-debuginfo-24.3-25.17.1 * emacs-nox-debuginfo-24.3-25.17.1 * emacs-debuginfo-24.3-25.17.1 * emacs-debugsource-24.3-25.17.1 * etags-24.3-25.17.1 * etags-debuginfo-24.3-25.17.1 * emacs-24.3-25.17.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (noarch) * emacs-el-24.3-25.17.1 * emacs-info-24.3-25.17.1 ## References: * https://www.suse.com/security/cve/CVE-2024-30203.html * https://www.suse.com/security/cve/CVE-2024-30204.html * https://www.suse.com/security/cve/CVE-2024-30205.html * https://bugzilla.suse.com/show_bug.cgi?id=1222050 * https://bugzilla.suse.com/show_bug.cgi?id=1222052 * https://bugzilla.suse.com/show_bug.cgi?id=1222053 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Apr 16 20:30:11 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 16 Apr 2024 20:30:11 -0000 Subject: SUSE-SU-2024:1320-1: important: Security update for the Linux Kernel Message-ID: <171329941134.10375.3486185042647297562@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2024:1320-1 Rating: important References: * bsc#1212514 * bsc#1220237 * bsc#1220320 * bsc#1220340 * bsc#1220366 * bsc#1220411 * bsc#1220413 * bsc#1220439 * bsc#1220443 * bsc#1220445 * bsc#1220466 * bsc#1220478 * bsc#1220482 * bsc#1220484 * bsc#1220486 * bsc#1220487 * bsc#1220790 * bsc#1220831 * bsc#1220833 * bsc#1220836 * bsc#1220839 * bsc#1220840 * bsc#1220843 * bsc#1220870 * bsc#1220871 * bsc#1220872 * bsc#1220878 * bsc#1220879 * bsc#1220885 * bsc#1220898 * bsc#1220918 * bsc#1220920 * bsc#1220921 * bsc#1220926 * bsc#1220927 * bsc#1220929 * bsc#1220932 * bsc#1220938 * bsc#1220940 * bsc#1220954 * bsc#1220955 * bsc#1220959 * bsc#1220960 * bsc#1220961 * bsc#1220965 * bsc#1220969 * bsc#1220978 * bsc#1220979 * bsc#1220981 * bsc#1220982 * bsc#1220983 * bsc#1220985 * bsc#1220986 * bsc#1220987 * bsc#1220989 * bsc#1220990 * bsc#1221009 * bsc#1221012 * bsc#1221015 * bsc#1221022 * bsc#1221039 * bsc#1221040 * bsc#1221048 * bsc#1221055 * bsc#1221058 * bsc#1221077 * bsc#1221276 * bsc#1221551 * bsc#1221553 * bsc#1221725 * bsc#1222073 * bsc#1222619 * jsc#PED-5759 Cross-References: * CVE-2021-46925 * CVE-2021-46926 * CVE-2021-46927 * CVE-2021-46929 * CVE-2021-46930 * CVE-2021-46931 * CVE-2021-46933 * CVE-2021-46936 * CVE-2021-47082 * CVE-2021-47087 * CVE-2021-47091 * CVE-2021-47093 * CVE-2021-47094 * CVE-2021-47095 * CVE-2021-47096 * CVE-2021-47097 * CVE-2021-47098 * CVE-2021-47099 * CVE-2021-47100 * CVE-2021-47101 * CVE-2021-47102 * CVE-2021-47104 * CVE-2021-47105 * CVE-2021-47107 * CVE-2021-47108 * CVE-2022-48626 * CVE-2022-48629 * CVE-2022-48630 * CVE-2023-35827 * CVE-2023-52450 * CVE-2023-52454 * CVE-2023-52469 * CVE-2023-52470 * CVE-2023-52474 * CVE-2023-52477 * CVE-2023-52492 * CVE-2023-52497 * CVE-2023-52501 * CVE-2023-52502 * CVE-2023-52504 * CVE-2023-52507 * CVE-2023-52508 * CVE-2023-52509 * CVE-2023-52510 * CVE-2023-52511 * CVE-2023-52513 * CVE-2023-52515 * CVE-2023-52517 * CVE-2023-52519 * CVE-2023-52520 * CVE-2023-52523 * CVE-2023-52524 * CVE-2023-52525 * CVE-2023-52528 * CVE-2023-52529 * CVE-2023-52532 * CVE-2023-52564 * CVE-2023-52566 * CVE-2023-52567 * CVE-2023-52569 * CVE-2023-52574 * CVE-2023-52575 * CVE-2023-52576 * CVE-2023-52582 * CVE-2023-52583 * CVE-2023-52597 * CVE-2023-52605 * CVE-2023-52621 * CVE-2024-25742 * CVE-2024-26600 CVSS scores: * CVE-2021-46925 ( SUSE ): 5.3 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46925 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46926 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46927 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46927 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46929 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2021-46929 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46930 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2021-46930 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46931 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46931 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46933 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2021-46933 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46936 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46936 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47082 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47087 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2021-47093 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H * CVE-2021-47094 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2021-47095 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47096 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2021-47097 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2021-47099 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47100 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47101 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2021-47102 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47104 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2021-47105 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2021-47107 ( SUSE ): 6.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2021-47108 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48626 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2022-48629 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2022-48630 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-35827 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52450 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52450 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52454 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52469 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2023-52470 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52474 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N * CVE-2023-52477 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52492 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52497 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2023-52501 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2023-52502 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52504 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52507 ( SUSE ): 5.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2023-52508 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52509 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52510 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52511 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52513 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52515 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52517 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52519 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52520 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52523 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52524 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52525 ( SUSE ): 3.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2023-52528 ( SUSE ): 3.5 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L * CVE-2023-52529 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52532 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52564 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52566 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52567 ( SUSE ): 2.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L * CVE-2023-52569 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52574 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52575 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52576 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52582 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52583 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52597 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:H * CVE-2023-52605 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52621 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-25742 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26600 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap Micro 5.3 * openSUSE Leap Micro 5.4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 An update that solves 70 vulnerabilities, contains one feature and has two security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP4 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2021-46925: Fixed kernel panic caused by race of smc_sock (bsc#1220466). * CVE-2021-46926: Fixed bug when detecting controllers in ALSA/hda/intel-sdw- acpi (bsc#1220478). * CVE-2021-46927: Fixed assertion bug in nitro_enclaves: Use get_user_pages_unlocked() (bsc#1220443). * CVE-2021-46929: Fixed use-after-free issue in sctp_sock_dump() (bsc#1220482). * CVE-2021-46930: Fixed usb/mtu3 list_head check warning (bsc#1220484). * CVE-2021-46931: Fixed wrong type casting in mlx5e_tx_reporter_dump_sq() (bsc#1220486). * CVE-2021-46933: Fixed possible underflow in ffs_data_clear() (bsc#1220487). * CVE-2021-46936: Fixed use-after-free in tw_timer_handler() (bsc#1220439). * CVE-2021-47082: Fixed ouble free in tun_free_netdev() (bsc#1220969). * CVE-2021-47087: Fixed incorrect page free bug in tee/optee (bsc#1220954). * CVE-2021-47091: Fixed locking in ieee80211_start_ap()) error path (bsc#1220959). * CVE-2021-47093: Fixed memleak on registration failure in intel_pmc_core (bsc#1220978). * CVE-2021-47094: Fixed possible memory leak in KVM x86/mmu (bsc#1221551). * CVE-2021-47095: Fixed missing initialization in ipmi/ssif (bsc#1220979). * CVE-2021-47096: Fixed uninitalized user_pversion in ALSA rawmidi (bsc#1220981). * CVE-2021-47097: Fixed stack out of bound access in elantech_change_report_id() (bsc#1220982). * CVE-2021-47098: Fixed integer overflow/underflow in hysteresis calculations hwmon: (lm90) (bsc#1220983). * CVE-2021-47099: Fixed BUG_ON assertion in veth when skb entering GRO are cloned (bsc#1220955). * CVE-2021-47100: Fixed UAF when uninstall in ipmi (bsc#1220985). * CVE-2021-47101: Fixed uninit-value in asix_mdio_read() (bsc#1220987). * CVE-2021-47102: Fixed incorrect structure access In line: upper = info->upper_dev in net/marvell/prestera (bsc#1221009). * CVE-2021-47104: Fixed memory leak in qib_user_sdma_queue_pkts() (bsc#1220960). * CVE-2021-47105: Fixed potential memory leak in ice/xsk (bsc#1220961). * CVE-2021-47107: Fixed READDIR buffer overflow in NFSD (bsc#1220965). * CVE-2021-47108: Fixed possible NULL pointer dereference for mtk_hdmi_conf in drm/mediatek (bsc#1220986). * CVE-2022-48626: Fixed a potential use-after-free on remove path moxart (bsc#1220366). * CVE-2022-48629: Fixed possible memory leak in qcom-rng (bsc#1220989). * CVE-2022-48630: Fixed infinite loop on requests not multiple of WORD_SZ in crypto: qcom-rng (bsc#1220990). * CVE-2023-35827: Fixed a use-after-free issue in ravb_tx_timeout_work() (bsc#1212514). * CVE-2023-52450: Fixed NULL pointer dereference issue in upi_fill_topology() (bsc#1220237). * CVE-2023-52454: Fixed a kernel panic when host sends an invalid H2C PDU length (bsc#1220320). * CVE-2023-52469: Fixed a use-after-free in kv_parse_power_table (bsc#1220411). * CVE-2023-52470: Fixed null-ptr-deref in radeon_crtc_init() (bsc#1220413). * CVE-2023-52474: Fixed a vulnerability with non-PAGE_SIZE-end multi-iovec user SDMA requests (bsc#1220445). * CVE-2023-52477: Fixed USB Hub accesses to uninitialized BOS descriptors (bsc#1220790). * CVE-2023-52492: Fixed a null-pointer-dereference in channel unregistration function __dma_async_device_channel_register() (bsc#1221276). * CVE-2023-52497: Fixed data corruption in erofs (bsc#1220879). * CVE-2023-52501: Fixed possible memory corruption in ring-buffer (bsc#1220885). * CVE-2023-52502: Fixed a race condition in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() (bsc#1220831). * CVE-2023-52504: Fixed possible out-of bounds in apply_alternatives() on a 5-level paging machine (bsc#1221553). * CVE-2023-52507: Fixed possible shift-out-of-bounds in nfc/nci (bsc#1220833). * CVE-2023-52508: Fixed null pointer dereference in nvme_fc_io_getuuid() (bsc#1221015). * CVE-2023-52509: Fixed a use-after-free issue in ravb_tx_timeout_work() (bsc#1220836). * CVE-2023-52510: Fixed a potential UAF in ca8210_probe() (bsc#1220898). * CVE-2023-52511: Fixed possible memory corruption in spi/sun6i (bsc#1221012). * CVE-2023-52513: Fixed connection failure handling in RDMA/siw (bsc#1221022). * CVE-2023-52515: Fixed possible use-after-free in RDMA/srp (bsc#1221048). * CVE-2023-52517: Fixed race between DMA RX transfer completion and RX FIFO drain in spi/sun6i (bsc#1221055). * CVE-2023-52519: Fixed possible overflow in HID/intel-ish-hid/ipc (bsc#1220920). * CVE-2023-52520: Fixed reference leak in platform/x86/think-lmi (bsc#1220921). * CVE-2023-52523: Fixed wrong redirects to non-TCP sockets in bpf (bsc#1220926). * CVE-2023-52524: Fixed possible corruption in nfc/llcp (bsc#1220927). * CVE-2023-52525: Fixed out of bounds check mwifiex_process_rx_packet() (bsc#1220840). * CVE-2023-52528: Fixed uninit-value access in __smsc75xx_read_reg() (bsc#1220843). * CVE-2023-52529: Fixed a potential memory leak in sony_probe() (bsc#1220929). * CVE-2023-52532: Fixed a bug in TX CQE error handling (bsc#1220932). * CVE-2023-52564: Reverted invalid fix for UAF in gsm_cleanup_mux() (bsc#1220938). * CVE-2023-52566: Fixed potential use after free in nilfs_gccache_submit_read_data() (bsc#1220940). * CVE-2023-52567: Fixed possible Oops in serial/8250_port: when using IRQ polling (irq = 0) (bsc#1220839). * CVE-2023-52569: Fixed a bug in btrfs by remoning BUG() after failure to insert delayed dir index item (bsc#1220918). * CVE-2023-52574: Fixed a bug by hiding new member header_ops (bsc#1220870). * CVE-2023-52575: Fixed SBPB enablement for spec_rstack_overflow=off (bsc#1220871). * CVE-2023-52576: Fixed potential use after free in memblock_isolate_range() (bsc#1220872). * CVE-2023-52582: Fixed possible oops in netfs (bsc#1220878). * CVE-2023-52583: Fixed deadlock or deadcode of misusing dget() inside ceph (bsc#1221058). * CVE-2023-52597: Fixed a setting of fpc register in KVM (bsc#1221040). * CVE-2023-52605: Fixed a NULL pointer dereference check (bsc#1221039) * CVE-2023-52621: Fixed missing asserion in bpf (bsc#1222073). * CVE-2024-25742: Fixed insufficient validation during #VC instruction emulation in x86/sev (bsc#1221725). * CVE-2024-26600: Fixed NULL pointer dereference for SRP in phy-omap-usb2 (bsc#1220340). The following non-security bugs were fixed: * doc/README.SUSE: Update information about module support status (jsc#PED-5759) * group-source-files.pl: Quote filenames (boo#1221077). * tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc (bsc#1222619). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap Micro 5.3 zypper in -t patch openSUSE-Leap-Micro-5.3-2024-1320=1 * openSUSE Leap Micro 5.4 zypper in -t patch openSUSE-Leap-Micro-5.4-2024-1320=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-1320=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-1320=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-1320=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-1320=1 ## Package List: * openSUSE Leap Micro 5.3 (nosrc x86_64) * kernel-rt-5.14.21-150400.15.76.1 * openSUSE Leap Micro 5.3 (x86_64) * kernel-rt-debuginfo-5.14.21-150400.15.76.1 * kernel-rt-debugsource-5.14.21-150400.15.76.1 * openSUSE Leap Micro 5.4 (nosrc x86_64) * kernel-rt-5.14.21-150400.15.76.1 * openSUSE Leap Micro 5.4 (x86_64) * kernel-rt-debuginfo-5.14.21-150400.15.76.1 * kernel-rt-debugsource-5.14.21-150400.15.76.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (nosrc x86_64) * kernel-rt-5.14.21-150400.15.76.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (x86_64) * kernel-rt-debuginfo-5.14.21-150400.15.76.1 * kernel-rt-debugsource-5.14.21-150400.15.76.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (noarch) * kernel-source-rt-5.14.21-150400.15.76.1 * SUSE Linux Enterprise Micro 5.3 (nosrc x86_64) * kernel-rt-5.14.21-150400.15.76.1 * SUSE Linux Enterprise Micro 5.3 (x86_64) * kernel-rt-debuginfo-5.14.21-150400.15.76.1 * kernel-rt-debugsource-5.14.21-150400.15.76.1 * SUSE Linux Enterprise Micro 5.3 (noarch) * kernel-source-rt-5.14.21-150400.15.76.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (nosrc x86_64) * kernel-rt-5.14.21-150400.15.76.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (x86_64) * kernel-rt-debuginfo-5.14.21-150400.15.76.1 * kernel-rt-debugsource-5.14.21-150400.15.76.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (noarch) * kernel-source-rt-5.14.21-150400.15.76.1 * SUSE Linux Enterprise Micro 5.4 (nosrc x86_64) * kernel-rt-5.14.21-150400.15.76.1 * SUSE Linux Enterprise Micro 5.4 (x86_64) * kernel-rt-debuginfo-5.14.21-150400.15.76.1 * kernel-rt-debugsource-5.14.21-150400.15.76.1 * SUSE Linux Enterprise Micro 5.4 (noarch) * kernel-source-rt-5.14.21-150400.15.76.1 ## References: * https://www.suse.com/security/cve/CVE-2021-46925.html * https://www.suse.com/security/cve/CVE-2021-46926.html * https://www.suse.com/security/cve/CVE-2021-46927.html * https://www.suse.com/security/cve/CVE-2021-46929.html * https://www.suse.com/security/cve/CVE-2021-46930.html * https://www.suse.com/security/cve/CVE-2021-46931.html * https://www.suse.com/security/cve/CVE-2021-46933.html * https://www.suse.com/security/cve/CVE-2021-46936.html * https://www.suse.com/security/cve/CVE-2021-47082.html * https://www.suse.com/security/cve/CVE-2021-47087.html * https://www.suse.com/security/cve/CVE-2021-47091.html * https://www.suse.com/security/cve/CVE-2021-47093.html * https://www.suse.com/security/cve/CVE-2021-47094.html * https://www.suse.com/security/cve/CVE-2021-47095.html * https://www.suse.com/security/cve/CVE-2021-47096.html * https://www.suse.com/security/cve/CVE-2021-47097.html * https://www.suse.com/security/cve/CVE-2021-47098.html * https://www.suse.com/security/cve/CVE-2021-47099.html * https://www.suse.com/security/cve/CVE-2021-47100.html * https://www.suse.com/security/cve/CVE-2021-47101.html * https://www.suse.com/security/cve/CVE-2021-47102.html * https://www.suse.com/security/cve/CVE-2021-47104.html * https://www.suse.com/security/cve/CVE-2021-47105.html * https://www.suse.com/security/cve/CVE-2021-47107.html * https://www.suse.com/security/cve/CVE-2021-47108.html * https://www.suse.com/security/cve/CVE-2022-48626.html * https://www.suse.com/security/cve/CVE-2022-48629.html * https://www.suse.com/security/cve/CVE-2022-48630.html * https://www.suse.com/security/cve/CVE-2023-35827.html * https://www.suse.com/security/cve/CVE-2023-52450.html * https://www.suse.com/security/cve/CVE-2023-52454.html * https://www.suse.com/security/cve/CVE-2023-52469.html * https://www.suse.com/security/cve/CVE-2023-52470.html * https://www.suse.com/security/cve/CVE-2023-52474.html * https://www.suse.com/security/cve/CVE-2023-52477.html * https://www.suse.com/security/cve/CVE-2023-52492.html * https://www.suse.com/security/cve/CVE-2023-52497.html * https://www.suse.com/security/cve/CVE-2023-52501.html * https://www.suse.com/security/cve/CVE-2023-52502.html * https://www.suse.com/security/cve/CVE-2023-52504.html * https://www.suse.com/security/cve/CVE-2023-52507.html * https://www.suse.com/security/cve/CVE-2023-52508.html * https://www.suse.com/security/cve/CVE-2023-52509.html * https://www.suse.com/security/cve/CVE-2023-52510.html * https://www.suse.com/security/cve/CVE-2023-52511.html * https://www.suse.com/security/cve/CVE-2023-52513.html * https://www.suse.com/security/cve/CVE-2023-52515.html * https://www.suse.com/security/cve/CVE-2023-52517.html * https://www.suse.com/security/cve/CVE-2023-52519.html * https://www.suse.com/security/cve/CVE-2023-52520.html * https://www.suse.com/security/cve/CVE-2023-52523.html * https://www.suse.com/security/cve/CVE-2023-52524.html * https://www.suse.com/security/cve/CVE-2023-52525.html * https://www.suse.com/security/cve/CVE-2023-52528.html * https://www.suse.com/security/cve/CVE-2023-52529.html * https://www.suse.com/security/cve/CVE-2023-52532.html * https://www.suse.com/security/cve/CVE-2023-52564.html * https://www.suse.com/security/cve/CVE-2023-52566.html * https://www.suse.com/security/cve/CVE-2023-52567.html * https://www.suse.com/security/cve/CVE-2023-52569.html * https://www.suse.com/security/cve/CVE-2023-52574.html * https://www.suse.com/security/cve/CVE-2023-52575.html * https://www.suse.com/security/cve/CVE-2023-52576.html * https://www.suse.com/security/cve/CVE-2023-52582.html * https://www.suse.com/security/cve/CVE-2023-52583.html * https://www.suse.com/security/cve/CVE-2023-52597.html * https://www.suse.com/security/cve/CVE-2023-52605.html * https://www.suse.com/security/cve/CVE-2023-52621.html * https://www.suse.com/security/cve/CVE-2024-25742.html * https://www.suse.com/security/cve/CVE-2024-26600.html * https://bugzilla.suse.com/show_bug.cgi?id=1212514 * https://bugzilla.suse.com/show_bug.cgi?id=1220237 * https://bugzilla.suse.com/show_bug.cgi?id=1220320 * https://bugzilla.suse.com/show_bug.cgi?id=1220340 * https://bugzilla.suse.com/show_bug.cgi?id=1220366 * https://bugzilla.suse.com/show_bug.cgi?id=1220411 * https://bugzilla.suse.com/show_bug.cgi?id=1220413 * https://bugzilla.suse.com/show_bug.cgi?id=1220439 * https://bugzilla.suse.com/show_bug.cgi?id=1220443 * https://bugzilla.suse.com/show_bug.cgi?id=1220445 * https://bugzilla.suse.com/show_bug.cgi?id=1220466 * https://bugzilla.suse.com/show_bug.cgi?id=1220478 * https://bugzilla.suse.com/show_bug.cgi?id=1220482 * https://bugzilla.suse.com/show_bug.cgi?id=1220484 * https://bugzilla.suse.com/show_bug.cgi?id=1220486 * https://bugzilla.suse.com/show_bug.cgi?id=1220487 * https://bugzilla.suse.com/show_bug.cgi?id=1220790 * https://bugzilla.suse.com/show_bug.cgi?id=1220831 * https://bugzilla.suse.com/show_bug.cgi?id=1220833 * https://bugzilla.suse.com/show_bug.cgi?id=1220836 * https://bugzilla.suse.com/show_bug.cgi?id=1220839 * https://bugzilla.suse.com/show_bug.cgi?id=1220840 * https://bugzilla.suse.com/show_bug.cgi?id=1220843 * https://bugzilla.suse.com/show_bug.cgi?id=1220870 * https://bugzilla.suse.com/show_bug.cgi?id=1220871 * https://bugzilla.suse.com/show_bug.cgi?id=1220872 * https://bugzilla.suse.com/show_bug.cgi?id=1220878 * https://bugzilla.suse.com/show_bug.cgi?id=1220879 * https://bugzilla.suse.com/show_bug.cgi?id=1220885 * https://bugzilla.suse.com/show_bug.cgi?id=1220898 * https://bugzilla.suse.com/show_bug.cgi?id=1220918 * https://bugzilla.suse.com/show_bug.cgi?id=1220920 * https://bugzilla.suse.com/show_bug.cgi?id=1220921 * https://bugzilla.suse.com/show_bug.cgi?id=1220926 * https://bugzilla.suse.com/show_bug.cgi?id=1220927 * https://bugzilla.suse.com/show_bug.cgi?id=1220929 * https://bugzilla.suse.com/show_bug.cgi?id=1220932 * https://bugzilla.suse.com/show_bug.cgi?id=1220938 * https://bugzilla.suse.com/show_bug.cgi?id=1220940 * https://bugzilla.suse.com/show_bug.cgi?id=1220954 * https://bugzilla.suse.com/show_bug.cgi?id=1220955 * https://bugzilla.suse.com/show_bug.cgi?id=1220959 * https://bugzilla.suse.com/show_bug.cgi?id=1220960 * https://bugzilla.suse.com/show_bug.cgi?id=1220961 * https://bugzilla.suse.com/show_bug.cgi?id=1220965 * https://bugzilla.suse.com/show_bug.cgi?id=1220969 * https://bugzilla.suse.com/show_bug.cgi?id=1220978 * https://bugzilla.suse.com/show_bug.cgi?id=1220979 * https://bugzilla.suse.com/show_bug.cgi?id=1220981 * https://bugzilla.suse.com/show_bug.cgi?id=1220982 * https://bugzilla.suse.com/show_bug.cgi?id=1220983 * https://bugzilla.suse.com/show_bug.cgi?id=1220985 * https://bugzilla.suse.com/show_bug.cgi?id=1220986 * https://bugzilla.suse.com/show_bug.cgi?id=1220987 * https://bugzilla.suse.com/show_bug.cgi?id=1220989 * https://bugzilla.suse.com/show_bug.cgi?id=1220990 * https://bugzilla.suse.com/show_bug.cgi?id=1221009 * https://bugzilla.suse.com/show_bug.cgi?id=1221012 * https://bugzilla.suse.com/show_bug.cgi?id=1221015 * https://bugzilla.suse.com/show_bug.cgi?id=1221022 * https://bugzilla.suse.com/show_bug.cgi?id=1221039 * https://bugzilla.suse.com/show_bug.cgi?id=1221040 * https://bugzilla.suse.com/show_bug.cgi?id=1221048 * https://bugzilla.suse.com/show_bug.cgi?id=1221055 * https://bugzilla.suse.com/show_bug.cgi?id=1221058 * https://bugzilla.suse.com/show_bug.cgi?id=1221077 * https://bugzilla.suse.com/show_bug.cgi?id=1221276 * https://bugzilla.suse.com/show_bug.cgi?id=1221551 * https://bugzilla.suse.com/show_bug.cgi?id=1221553 * https://bugzilla.suse.com/show_bug.cgi?id=1221725 * https://bugzilla.suse.com/show_bug.cgi?id=1222073 * https://bugzilla.suse.com/show_bug.cgi?id=1222619 * https://jira.suse.com/browse/PED-5759 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Apr 16 20:30:13 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 16 Apr 2024 20:30:13 -0000 Subject: SUSE-SU-2024:1319-1: important: Security update for MozillaFirefox Message-ID: <171329941383.10375.14288077972719454344@smelt2.prg2.suse.org> # Security update for MozillaFirefox Announcement ID: SUSE-SU-2024:1319-1 Rating: important References: * bsc#1222535 Cross-References: * CVE-2024-2609 * CVE-2024-3302 * CVE-2024-3852 * CVE-2024-3854 * CVE-2024-3857 * CVE-2024-3859 * CVE-2024-3861 * CVE-2024-3863 * CVE-2024-3864 CVSS scores: * CVE-2024-2609 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 An update that solves nine vulnerabilities can now be installed. ## Description: This update for MozillaFirefox fixes the following issues: Update to Firefox Extended Support Release 115.10.0 ESR (MSFA 2024-19) (bsc#1222535): * CVE-2024-3852: GetBoundName in the JIT returned the wrong object * CVE-2024-3854: Out-of-bounds-read after mis-optimized switch statement * CVE-2024-3857: Incorrect JITting of arguments led to use-after-free during garbage collection * CVE-2024-2609: Permission prompt input delay could expire when not in focus * CVE-2024-3859: Integer-overflow led to out-of-bounds-read in the OpenType sanitizer * CVE-2024-3861: Potential use-after-free due to AlignedBuffer self-move * CVE-2024-3863: Download Protections were bypassed by .xrm-ms files on Windows * CVE-2024-3302: Denial of Service using HTTP/2 CONTINUATION frames * CVE-2024-3864: Memory safety bug fixed in Firefox 125, Firefox ESR 115.10, and Thunderbird 115.10 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-1319=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1319=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1319=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1319=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * MozillaFirefox-debuginfo-115.10.0-112.209.1 * MozillaFirefox-debugsource-115.10.0-112.209.1 * SUSE Linux Enterprise Software Development Kit 12 SP5 (noarch) * MozillaFirefox-devel-115.10.0-112.209.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * MozillaFirefox-translations-common-115.10.0-112.209.1 * MozillaFirefox-debuginfo-115.10.0-112.209.1 * MozillaFirefox-115.10.0-112.209.1 * MozillaFirefox-debugsource-115.10.0-112.209.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (noarch) * MozillaFirefox-devel-115.10.0-112.209.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * MozillaFirefox-translations-common-115.10.0-112.209.1 * MozillaFirefox-debuginfo-115.10.0-112.209.1 * MozillaFirefox-115.10.0-112.209.1 * MozillaFirefox-debugsource-115.10.0-112.209.1 * SUSE Linux Enterprise Server 12 SP5 (noarch) * MozillaFirefox-devel-115.10.0-112.209.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * MozillaFirefox-translations-common-115.10.0-112.209.1 * MozillaFirefox-debuginfo-115.10.0-112.209.1 * MozillaFirefox-115.10.0-112.209.1 * MozillaFirefox-debugsource-115.10.0-112.209.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (noarch) * MozillaFirefox-devel-115.10.0-112.209.1 ## References: * https://www.suse.com/security/cve/CVE-2024-2609.html * https://www.suse.com/security/cve/CVE-2024-3302.html * https://www.suse.com/security/cve/CVE-2024-3852.html * https://www.suse.com/security/cve/CVE-2024-3854.html * https://www.suse.com/security/cve/CVE-2024-3857.html * https://www.suse.com/security/cve/CVE-2024-3859.html * https://www.suse.com/security/cve/CVE-2024-3861.html * https://www.suse.com/security/cve/CVE-2024-3863.html * https://www.suse.com/security/cve/CVE-2024-3864.html * https://bugzilla.suse.com/show_bug.cgi?id=1222535 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Apr 17 08:30:32 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 17 Apr 2024 08:30:32 -0000 Subject: SUSE-SU-2024:1322-1: important: Security update for the Linux Kernel Message-ID: <171334263277.12976.14251737466420032670@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2024:1322-1 Rating: important References: * bsc#1194869 * bsc#1200465 * bsc#1205316 * bsc#1207948 * bsc#1209635 * bsc#1209657 * bsc#1212514 * bsc#1213456 * bsc#1214852 * bsc#1215221 * bsc#1215322 * bsc#1217339 * bsc#1217959 * bsc#1217987 * bsc#1217988 * bsc#1217989 * bsc#1218321 * bsc#1218336 * bsc#1218479 * bsc#1218562 * bsc#1218643 * bsc#1218777 * bsc#1219169 * bsc#1219170 * bsc#1219264 * bsc#1219834 * bsc#1220114 * bsc#1220176 * bsc#1220237 * bsc#1220251 * bsc#1220320 * bsc#1220325 * bsc#1220328 * bsc#1220337 * bsc#1220340 * bsc#1220365 * bsc#1220366 * bsc#1220398 * bsc#1220411 * bsc#1220413 * bsc#1220433 * bsc#1220439 * bsc#1220443 * bsc#1220445 * bsc#1220466 * bsc#1220469 * bsc#1220478 * bsc#1220482 * bsc#1220484 * bsc#1220486 * bsc#1220487 * bsc#1220492 * bsc#1220703 * bsc#1220735 * bsc#1220736 * bsc#1220775 * bsc#1220790 * bsc#1220797 * bsc#1220831 * bsc#1220833 * bsc#1220836 * bsc#1220839 * bsc#1220840 * bsc#1220843 * bsc#1220845 * bsc#1220848 * bsc#1220870 * bsc#1220871 * bsc#1220872 * bsc#1220878 * bsc#1220879 * bsc#1220883 * bsc#1220885 * bsc#1220887 * bsc#1220898 * bsc#1220917 * bsc#1220918 * bsc#1220920 * bsc#1220921 * bsc#1220926 * bsc#1220927 * bsc#1220929 * bsc#1220930 * bsc#1220931 * bsc#1220932 * bsc#1220933 * bsc#1220937 * bsc#1220938 * bsc#1220940 * bsc#1220954 * bsc#1220955 * bsc#1220959 * bsc#1220960 * bsc#1220961 * bsc#1220965 * bsc#1220969 * bsc#1220978 * bsc#1220979 * bsc#1220981 * bsc#1220982 * bsc#1220983 * bsc#1220985 * bsc#1220986 * bsc#1220987 * bsc#1220989 * bsc#1220990 * bsc#1221009 * bsc#1221012 * bsc#1221015 * bsc#1221022 * bsc#1221039 * bsc#1221040 * bsc#1221044 * bsc#1221045 * bsc#1221046 * bsc#1221048 * bsc#1221055 * bsc#1221056 * bsc#1221058 * bsc#1221060 * bsc#1221061 * bsc#1221062 * bsc#1221066 * bsc#1221067 * bsc#1221068 * bsc#1221069 * bsc#1221070 * bsc#1221071 * bsc#1221077 * bsc#1221082 * bsc#1221090 * bsc#1221097 * bsc#1221156 * bsc#1221252 * bsc#1221273 * bsc#1221274 * bsc#1221276 * bsc#1221277 * bsc#1221291 * bsc#1221293 * bsc#1221298 * bsc#1221337 * bsc#1221338 * bsc#1221375 * bsc#1221379 * bsc#1221551 * bsc#1221553 * bsc#1221613 * bsc#1221614 * bsc#1221616 * bsc#1221618 * bsc#1221631 * bsc#1221633 * bsc#1221713 * bsc#1221725 * bsc#1221777 * bsc#1221814 * bsc#1221816 * bsc#1221830 * bsc#1221951 * bsc#1222033 * bsc#1222056 * bsc#1222060 * bsc#1222070 * bsc#1222073 * bsc#1222117 * bsc#1222274 * bsc#1222291 * bsc#1222300 * bsc#1222304 * bsc#1222317 * bsc#1222331 * bsc#1222355 * bsc#1222356 * bsc#1222360 * bsc#1222366 * bsc#1222373 * bsc#1222619 * jsc#PED-5759 * jsc#PED-7167 * jsc#PED-7618 * jsc#PED-7619 Cross-References: * CVE-2021-46925 * CVE-2021-46926 * CVE-2021-46927 * CVE-2021-46929 * CVE-2021-46930 * CVE-2021-46931 * CVE-2021-46933 * CVE-2021-46934 * CVE-2021-46936 * CVE-2021-47082 * CVE-2021-47083 * CVE-2021-47087 * CVE-2021-47091 * CVE-2021-47093 * CVE-2021-47094 * CVE-2021-47095 * CVE-2021-47096 * CVE-2021-47097 * CVE-2021-47098 * CVE-2021-47099 * CVE-2021-47100 * CVE-2021-47101 * CVE-2021-47102 * CVE-2021-47104 * CVE-2021-47105 * CVE-2021-47107 * CVE-2021-47108 * CVE-2022-4744 * CVE-2022-48626 * CVE-2022-48627 * CVE-2022-48628 * CVE-2022-48629 * CVE-2022-48630 * CVE-2023-0160 * CVE-2023-28746 * CVE-2023-35827 * CVE-2023-4881 * CVE-2023-52447 * CVE-2023-52450 * CVE-2023-52453 * CVE-2023-52454 * CVE-2023-52462 * CVE-2023-52463 * CVE-2023-52467 * CVE-2023-52469 * CVE-2023-52470 * CVE-2023-52474 * CVE-2023-52476 * CVE-2023-52477 * CVE-2023-52481 * CVE-2023-52482 * CVE-2023-52484 * CVE-2023-52486 * CVE-2023-52492 * CVE-2023-52493 * CVE-2023-52494 * CVE-2023-52497 * CVE-2023-52500 * CVE-2023-52501 * CVE-2023-52502 * CVE-2023-52504 * CVE-2023-52507 * CVE-2023-52508 * CVE-2023-52509 * CVE-2023-52510 * CVE-2023-52511 * CVE-2023-52513 * CVE-2023-52515 * CVE-2023-52517 * CVE-2023-52518 * CVE-2023-52519 * CVE-2023-52520 * CVE-2023-52523 * CVE-2023-52524 * CVE-2023-52525 * CVE-2023-52528 * CVE-2023-52529 * CVE-2023-52530 * CVE-2023-52531 * CVE-2023-52532 * CVE-2023-52559 * CVE-2023-52563 * CVE-2023-52564 * CVE-2023-52566 * CVE-2023-52567 * CVE-2023-52569 * CVE-2023-52574 * CVE-2023-52575 * CVE-2023-52576 * CVE-2023-52582 * CVE-2023-52583 * CVE-2023-52587 * CVE-2023-52591 * CVE-2023-52594 * CVE-2023-52595 * CVE-2023-52597 * CVE-2023-52598 * CVE-2023-52599 * CVE-2023-52600 * CVE-2023-52601 * CVE-2023-52602 * CVE-2023-52603 * CVE-2023-52604 * CVE-2023-52605 * CVE-2023-52606 * CVE-2023-52607 * CVE-2023-52608 * CVE-2023-52612 * CVE-2023-52615 * CVE-2023-52617 * CVE-2023-52619 * CVE-2023-52621 * CVE-2023-52623 * CVE-2023-52628 * CVE-2023-52632 * CVE-2023-52637 * CVE-2023-52639 * CVE-2023-6270 * CVE-2023-6356 * CVE-2023-6535 * CVE-2023-6536 * CVE-2023-7042 * CVE-2023-7192 * CVE-2024-0841 * CVE-2024-2201 * CVE-2024-22099 * CVE-2024-23307 * CVE-2024-25739 * CVE-2024-25742 * CVE-2024-26599 * CVE-2024-26600 * CVE-2024-26602 * CVE-2024-26607 * CVE-2024-26612 * CVE-2024-26614 * CVE-2024-26620 * CVE-2024-26627 * CVE-2024-26629 * CVE-2024-26642 * CVE-2024-26645 * CVE-2024-26646 * CVE-2024-26651 * CVE-2024-26654 * CVE-2024-26659 * CVE-2024-26664 * CVE-2024-26667 * CVE-2024-26670 * CVE-2024-26695 * CVE-2024-26717 CVSS scores: * CVE-2021-46925 ( SUSE ): 5.3 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46925 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46926 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46927 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46927 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46929 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2021-46929 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46930 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2021-46930 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46931 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46931 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46933 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2021-46933 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46934 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2021-46934 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N * CVE-2021-46936 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46936 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47082 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47083 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L * CVE-2021-47087 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2021-47093 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H * CVE-2021-47094 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2021-47095 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47096 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2021-47097 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2021-47099 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47100 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47101 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2021-47102 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47104 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2021-47105 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2021-47107 ( SUSE ): 6.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2021-47108 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-4744 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-4744 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48626 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2022-48627 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2022-48628 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L * CVE-2022-48629 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2022-48630 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-0160 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-0160 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-28746 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2023-35827 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-4881 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L * CVE-2023-4881 ( NVD ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2023-52447 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52447 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52450 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52450 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52454 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52462 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N * CVE-2023-52463 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52467 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52469 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2023-52470 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52474 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N * CVE-2023-52476 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52477 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52482 ( SUSE ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2023-52484 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52486 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52492 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52493 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52494 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52497 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2023-52500 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2023-52501 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2023-52502 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52504 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52507 ( SUSE ): 5.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2023-52508 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52509 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52510 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52511 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52513 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52515 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52517 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52518 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52519 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52520 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52523 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52524 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52525 ( SUSE ): 3.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2023-52528 ( SUSE ): 3.5 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L * CVE-2023-52529 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52530 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52531 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52532 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52559 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52563 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52564 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52566 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52567 ( SUSE ): 2.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L * CVE-2023-52569 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52574 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52575 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52576 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52582 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52583 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52587 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52591 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2023-52594 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52595 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52597 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:H * CVE-2023-52598 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52603 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52605 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52606 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52607 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52608 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52612 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H * CVE-2023-52615 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52617 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52619 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52621 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52623 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52628 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52632 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52637 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52639 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6270 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6270 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6356 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6356 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6535 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6535 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6536 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6536 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-7042 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-7042 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-7192 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-7192 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0841 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0841 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-2201 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-22099 ( SUSE ): 5.3 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-22099 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-23307 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-25739 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-25739 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-25742 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26599 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L * CVE-2024-26600 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26602 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-26607 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26612 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26614 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26627 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26629 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-26642 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26645 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26646 ( SUSE ): 4.9 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2024-26651 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26654 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26659 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26664 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26667 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26670 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26695 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26717 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Real Time Module 15-SP5 An update that solves 149 vulnerabilities, contains four features and has 29 security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2021-46925: Fixed kernel panic caused by race of smc_sock (bsc#1220466). * CVE-2021-46926: Fixed bug when detecting controllers in ALSA/hda/intel-sdw- acpi (bsc#1220478). * CVE-2021-46927: Fixed assertion bug in nitro_enclaves: Use get_user_pages_unlocked() (bsc#1220443). * CVE-2021-46929: Fixed use-after-free issue in sctp_sock_dump() (bsc#1220482). * CVE-2021-46930: Fixed usb/mtu3 list_head check warning (bsc#1220484). * CVE-2021-46931: Fixed wrong type casting in mlx5e_tx_reporter_dump_sq() (bsc#1220486). * CVE-2021-46933: Fixed possible underflow in ffs_data_clear() (bsc#1220487). * CVE-2021-46934: Fixed a bug by validating user data in compat ioctl (bsc#1220469). * CVE-2021-46936: Fixed use-after-free in tw_timer_handler() (bsc#1220439). * CVE-2021-47082: Fixed ouble free in tun_free_netdev() (bsc#1220969). * CVE-2021-47083: Fixed a global-out-of-bounds issue in mediatek: (bsc#1220917). * CVE-2021-47087: Fixed incorrect page free bug in tee/optee (bsc#1220954). * CVE-2021-47091: Fixed locking in ieee80211_start_ap()) error path (bsc#1220959). * CVE-2021-47093: Fixed memleak on registration failure in intel_pmc_core (bsc#1220978). * CVE-2021-47094: Fixed possible memory leak in KVM x86/mmu (bsc#1221551). * CVE-2021-47095: Fixed missing initialization in ipmi/ssif (bsc#1220979). * CVE-2021-47096: Fixed uninitalized user_pversion in ALSA rawmidi (bsc#1220981). * CVE-2021-47097: Fixed stack out of bound access in elantech_change_report_id() (bsc#1220982). * CVE-2021-47098: Fixed integer overflow/underflow in hysteresis calculations hwmon: (lm90) (bsc#1220983). * CVE-2021-47099: Fixed BUG_ON assertion in veth when skb entering GRO are cloned (bsc#1220955). * CVE-2021-47100: Fixed UAF when uninstall in ipmi (bsc#1220985). * CVE-2021-47101: Fixed uninit-value in asix_mdio_read() (bsc#1220987). * CVE-2021-47102: Fixed incorrect structure access In line: upper = info->upper_dev in net/marvell/prestera (bsc#1221009). * CVE-2021-47104: Fixed memory leak in qib_user_sdma_queue_pkts() (bsc#1220960). * CVE-2021-47105: Fixed potential memory leak in ice/xsk (bsc#1220961). * CVE-2021-47107: Fixed READDIR buffer overflow in NFSD (bsc#1220965). * CVE-2021-47108: Fixed possible NULL pointer dereference for mtk_hdmi_conf in drm/mediatek (bsc#1220986). * CVE-2022-4744: Fixed double-free that could lead to DoS or privilege escalation in TUN/TAP device driver functionality (bsc#1209635). * CVE-2022-48626: Fixed a potential use-after-free on remove path moxart (bsc#1220366). * CVE-2022-48627: Fixed a memory overlapping when deleting chars in the buffer (bsc#1220845). * CVE-2022-48628: Fixed possible lock in ceph (bsc#1220848). * CVE-2022-48629: Fixed possible memory leak in qcom-rng (bsc#1220989). * CVE-2022-48630: Fixed infinite loop on requests not multiple of WORD_SZ in crypto: qcom-rng (bsc#1220990). * CVE-2023-0160: Fixed deadlock flaw in BPF that could allow a local user to potentially crash the system (bsc#1209657). * CVE-2023-28746: Fixed Register File Data Sampling (bsc#1213456). * CVE-2023-35827: Fixed a use-after-free issue in ravb_tx_timeout_work() (bsc#1212514). * CVE-2023-4881: Fixed a out-of-bounds write flaw in the netfilter subsystem that could lead to potential information disclosure or a denial of service (bsc#1215221). * CVE-2023-52447: Fixed map_fd_put_ptr() signature kABI workaround (bsc#1220251). * CVE-2023-52450: Fixed NULL pointer dereference issue in upi_fill_topology() (bsc#1220237). * CVE-2023-52453: Fixed data corruption in hisi_acc_vfio_pci (bsc#1220337). * CVE-2023-52454: Fixed a kernel panic when host sends an invalid H2C PDU length (bsc#1220320). * CVE-2023-52462: Fixed check for attempt to corrupt spilled pointer (bsc#1220325). * CVE-2023-52463: Fixed null pointer dereference in efivarfs (bsc#1220328). * CVE-2023-52467: Fixed a null pointer dereference in of_syscon_register (bsc#1220433). * CVE-2023-52469: Fixed a use-after-free in kv_parse_power_table (bsc#1220411). * CVE-2023-52470: Fixed null-ptr-deref in radeon_crtc_init() (bsc#1220413). * CVE-2023-52474: Fixed a vulnerability with non-PAGE_SIZE-end multi-iovec user SDMA requests (bsc#1220445). * CVE-2023-52476: Fixed possible unhandled page fault via perf sampling NMI during vsyscall (bsc#1220703). * CVE-2023-52477: Fixed USB Hub accesses to uninitialized BOS descriptors (bsc#1220790). * CVE-2023-52481: Fixed speculative unprivileged load in Cortex-A520 (bsc#1220887). * CVE-2023-52482: Fixed a bug by adding SRSO mitigation for Hygon processors (bsc#1220735). * CVE-2023-52484: Fixed a soft lockup triggered by arm_smmu_mm_invalidate_range (bsc#1220797). * CVE-2023-52486: Fixed possible use-after-free in drm (bsc#1221277). * CVE-2023-52492: Fixed a null-pointer-dereference in channel unregistration function __dma_async_device_channel_register() (bsc#1221276). * CVE-2023-52493: Fixed possible soft lockup in bus/mhi/host (bsc#1221274). * CVE-2023-52494: Fixed missing alignment check for event ring read pointer in bus/mhi/host (bsc#1221273). * CVE-2023-52497: Fixed data corruption in erofs (bsc#1220879). * CVE-2023-52500: Fixed information leaking when processing OPC_INB_SET_CONTROLLER_CONFIG command (bsc#1220883). * CVE-2023-52501: Fixed possible memory corruption in ring-buffer (bsc#1220885). * CVE-2023-52502: Fixed a race condition in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() (bsc#1220831). * CVE-2023-52504: Fixed possible out-of bounds in apply_alternatives() on a 5-level paging machine (bsc#1221553). * CVE-2023-52507: Fixed possible shift-out-of-bounds in nfc/nci (bsc#1220833). * CVE-2023-52508: Fixed null pointer dereference in nvme_fc_io_getuuid() (bsc#1221015). * CVE-2023-52509: Fixed a use-after-free issue in ravb_tx_timeout_work() (bsc#1220836). * CVE-2023-52510: Fixed a potential UAF in ca8210_probe() (bsc#1220898). * CVE-2023-52511: Fixed possible memory corruption in spi/sun6i (bsc#1221012). * CVE-2023-52513: Fixed connection failure handling in RDMA/siw (bsc#1221022). * CVE-2023-52515: Fixed possible use-after-free in RDMA/srp (bsc#1221048). * CVE-2023-52517: Fixed race between DMA RX transfer completion and RX FIFO drain in spi/sun6i (bsc#1221055). * CVE-2023-52518: Fixed information leak in bluetooth/hci_codec (bsc#1221056). * CVE-2023-52519: Fixed possible overflow in HID/intel-ish-hid/ipc (bsc#1220920). * CVE-2023-52520: Fixed reference leak in platform/x86/think-lmi (bsc#1220921). * CVE-2023-52523: Fixed wrong redirects to non-TCP sockets in bpf (bsc#1220926). * CVE-2023-52524: Fixed possible corruption in nfc/llcp (bsc#1220927). * CVE-2023-52525: Fixed out of bounds check mwifiex_process_rx_packet() (bsc#1220840). * CVE-2023-52528: Fixed uninit-value access in __smsc75xx_read_reg() (bsc#1220843). * CVE-2023-52529: Fixed a potential memory leak in sony_probe() (bsc#1220929). * CVE-2023-52530: Fixed a potential key use-after-free in wifi mac80211 (bsc#1220930). * CVE-2023-52531: Fixed a memory corruption issue in iwlwifi (bsc#1220931). * CVE-2023-52532: Fixed a bug in TX CQE error handling (bsc#1220932). * CVE-2023-52559: Fixed a bug by avoiding memory allocation in iommu_suspend (bsc#1220933). * CVE-2023-52563: Fixed memory leak on ->hpd_notify callback() in drm/meson (bsc#1220937). * CVE-2023-52564: Reverted invalid fix for UAF in gsm_cleanup_mux() (bsc#1220938). * CVE-2023-52566: Fixed potential use after free in nilfs_gccache_submit_read_data() (bsc#1220940). * CVE-2023-52567: Fixed possible Oops in serial/8250_port: when using IRQ polling (irq = 0) (bsc#1220839). * CVE-2023-52569: Fixed a bug in btrfs by remoning BUG() after failure to insert delayed dir index item (bsc#1220918). * CVE-2023-52574: Fixed a bug by hiding new member header_ops (bsc#1220870). * CVE-2023-52575: Fixed SBPB enablement for spec_rstack_overflow=off (bsc#1220871). * CVE-2023-52576: Fixed potential use after free in memblock_isolate_range() (bsc#1220872). * CVE-2023-52582: Fixed possible oops in netfs (bsc#1220878). * CVE-2023-52583: Fixed deadlock or deadcode of misusing dget() inside ceph (bsc#1221058). * CVE-2023-52587: Fixed mcast list locking in IB/ipoib (bsc#1221082). * CVE-2023-52591: Fixed a possible reiserfs filesystem corruption via directory renaming (bsc#1221044). * CVE-2023-52594: Fixed potential array-index-out-of-bounds read in ath9k_htc_txstatus() (bsc#1221045). * CVE-2023-52595: Fixed possible deadlock in wifi/rt2x00 (bsc#1221046). * CVE-2023-52597: Fixed a setting of fpc register in KVM (bsc#1221040). * CVE-2023-52598: Fixed wrong setting of fpc register in s390/ptrace (bsc#1221060). * CVE-2023-52599: Fixed array-index-out-of-bounds in diNewExt() in jfs (bsc#1221062). * CVE-2023-52600: Fixed uaf in jfs_evict_inode() (bsc#1221071). * CVE-2023-52601: Fixed array-index-out-of-bounds in dbAdjTree() in jfs (bsc#1221068). * CVE-2023-52602: Fixed slab-out-of-bounds Read in dtSearch() in jfs (bsc#1221070). * CVE-2023-52603: Fixed array-index-out-of-bounds in dtSplitRoot() (bsc#1221066). * CVE-2023-52604: Fixed array-index-out-of-bounds in dbAdjTree() (bsc#1221067). * CVE-2023-52605: Fixed a NULL pointer dereference check (bsc#1221039) * CVE-2023-52606: Fixed possible kernel stack corruption in powerpc/lib (bsc#1221069). * CVE-2023-52607: Fixed a null-pointer-dereference in pgtable_cache_add kasprintf() (bsc#1221061). * CVE-2023-52608: Fixed possible race condition in firmware/arm_scmi (bsc#1221375). * CVE-2023-52612: Fixed req->dst buffer overflow in crypto/scomp (bsc#1221616). * CVE-2023-52615: Fixed page fault dead lock on mmap-ed hwrng (bsc#1221614). * CVE-2023-52617: Fixed stdev_release() crash after surprise hot remove (bsc#1221613). * CVE-2023-52619: Fixed possible crash when setting number of cpus to an odd number in pstore/ram (bsc#1221618). * CVE-2023-52621: Fixed missing asserion in bpf (bsc#1222073). * CVE-2023-52623: Fixed suspicious RCU usage in SUNRPC (bsc#1222060). * CVE-2023-52628: Fixed 4-byte stack OOB write in nftables (bsc#1222117). * CVE-2023-52632: Fixed lock dependency warning with srcu in drm/amdkfd (bsc#1222274). * CVE-2023-52637: Fixed UAF in j1939_sk_match_filter() in can/k1939 (bsc#1222291). * CVE-2023-52639: Fixed race during shadow creation in KVM/s390/vsie Fixed (bsc#1222300). * CVE-2023-6270: Fixed a use-after-free issue in aoecmd_cfg_pkts (bsc#1218562). * CVE-2023-6356: Fixed a NULL pointer dereference in nvmet_tcp_build_pdu_iovec (bsc#1217987). * CVE-2023-6535: Fixed a NULL pointer dereference in nvmet_tcp_execute_request (bsc#1217988). * CVE-2023-6536: Fixed a NULL pointer dereference in __nvmet_req_complete (bsc#1217989). * CVE-2023-7042: Fixed a null-pointer-dereference in ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() (bsc#1218336). * CVE-2023-7192: Fixed a memory leak problem in ctnetlink_create_conntrack in net/netfilter/nf_conntrack_netlink.c (bsc#1218479). * CVE-2024-0841: Fixed a null pointer dereference in the hugetlbfs_fill_super function in hugetlbfs (HugeTLB pages) functionality (bsc#1219264). * CVE-2024-2201: Fixed information leak in x86/BHI (bsc#1217339). * CVE-2024-22099: Fixed a null-pointer-dereference in rfcomm_check_security (bsc#1219170). * CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5 modules (bsc#1219169). * CVE-2024-25739: Fixed possible crash in create_empty_lvol() in drivers/mtd/ubi/vtbl.c (bsc#1219834). * CVE-2024-25742: Fixed insufficient validation during #VC instruction emulation in x86/sev (bsc#1221725). * CVE-2024-26599: Fixed out-of-bounds access in of_pwm_single_xlate() (bsc#1220365). * CVE-2024-26600: Fixed NULL pointer dereference for SRP in phy-omap-usb2 (bsc#1220340). * CVE-2024-26602: Fixed overall slowdowns with sys_membarrier (bsc1220398). * CVE-2024-26607: Fixed a probing race issue in sii902x: (bsc#1220736). * CVE-2024-26612: Fixed Oops in fscache_put_cache() This function dereferences (bsc#1221291). * CVE-2024-26614: Fixed the initialization of accept_queue's spinlocks (bsc#1221293). * CVE-2024-26620: Fixed possible device model violation in s390/vfio-ap (bsc#1221298). * CVE-2024-26627: Fixed possible hard lockup in scsi (bsc#1221090). * CVE-2024-26629: Fixed possible protocol violation via RELEASE_LOCKOWNER in nfsd (bsc#1221379). * CVE-2024-26642: Fixed the set of anonymous timeout flag in netfilter nf_tables (bsc#1221830). * CVE-2024-26645: Fixed missing visibility when inserting an element into tracing_map (bsc#1222056). * CVE-2024-26646: Fixed potential memory corruption when resuming from suspend or hibernation in thermal/intel/hfi (bsc#1222070). * CVE-2024-26651: Fixed possible oops via malicious devices in sr9800 (bsc#1221337). * CVE-2024-26654: Fixed use after free in ALSA/sh/aica (bsc#1222304). * CVE-2024-26659: Fixed wrong handling of isoc Babble and Buffer Overrun events in xhci (bsc#1222317). * CVE-2024-26664: Fixed out-of-bounds memory access in create_core_data() in hwmon coretemp (bsc#1222355). * CVE-2024-26667: Fixed null pointer reference in dpu_encoder_helper_phys_cleanup in drm/msm/dpu (bsc#1222331). * CVE-2024-26670: Fixed ARM64_WORKAROUND_SPECULATIVE_UNPRIV_LOAD workaround in kernel arm64 (bsc#1222356). * CVE-2024-26695: Fixed null pointer dereference in __sev_platform_shutdown_locked in crypto ccp (bsc#1222373). * CVE-2024-26717: Fixed null pointer dereference on failed power up in HID i2c-hid-of (bsc#1222360). The following non-security bugs were fixed: * acpi: CPPC: enable AMD CPPC V2 support for family 17h processors (git- fixes). * acpi: processor_idle: Fix memory leak in acpi_processor_power_exit() (git- fixes). * acpi: resource: Add Infinity laptops to irq1_edge_low_force_override (stable-fixes). * acpi: resource: Add MAIBENBEN X577 to irq1_edge_low_force_override (git- fixes). * acpi: resource: Do IRQ override on Lunnen Ground laptops (stable-fixes). * acpi: scan: Fix device check notification handling (git-fixes). * acpica: debugger: check status of acpi_evaluate_object() in acpi_db_walk_for_fields() (git-fixes). * alsa: aaci: Delete unused variable in aaci_do_suspend (git-fixes). * alsa: aoa: avoid false-positive format truncation warning (git-fixes). * alsa: aw2: avoid casting function pointers (git-fixes). * alsa: ctxfi: avoid casting function pointers (git-fixes). * alsa: hda/realtek - ALC285 reduce pop noise from Headphone port (stable- fixes). * alsa: hda/realtek - Add Headset Mic supported Acer NB platform (stable- fixes). * alsa: hda/realtek - Fix headset Mic no show at resume back for Lenovo ALC897 platform (git-fixes). * alsa: hda/realtek: Enable Mute LED on HP 840 G8 (MB 8AB8) (git-fixes). * alsa: hda/realtek: Update Panasonic CF-SZ6 quirk to support headset with microphone (git-fixes). * alsa: hda/realtek: fix ALC285 issues on HP Envy x360 laptops (stable-fixes). * alsa: hda/realtek: fix mute/micmute LED For HP mt440 (git-fixes). * alsa: hda/realtek: fix mute/micmute LEDs for HP EliteBook (stable-fixes). * alsa: seq: fix function cast warnings (git-fixes). * alsa: sh: aica: reorder cleanup operations to avoid UAF bugs (git-fixes). * alsa: usb-audio: Stop parsing channels bits when all channels are found (git-fixes). * arm64: dts: allwinner: h6: Add RX DMA channel for SPDIF (git-fixes) * arm64: dts: broadcom: bcmbca: bcm4908: drop invalid switch cells (git-fixes) * arm64: dts: imx8mm-kontron: Add support for ultra high speed modes on (git- fixes) * arm64: dts: imx8mm-venice-gw71xx: fix USB OTG VBUS (git-fixes) * arm64: dts: marvell: reorder crypto interrupts on Armada SoCs (git-fixes) * arm64: dts: rockchip: add ES8316 codec for ROCK Pi 4 (git-fixes) * arm64: dts: rockchip: add SPDIF node for ROCK Pi 4 (git-fixes) * arm64: dts: rockchip: fix regulator name on rk3399-rock-4 (git-fixes) * arm64: dts: rockchip: set num-cs property for spi on px30 (git-fixes) * arm64: mm: fix VA-range sanity check (git-fixes) * arm64: set __exception_irq_entry with __irq_entry as a default (git-fixes) * asoc: Intel: bytcr_rt5640: Add an extra entry for the Chuwi Vi8 tablet (stable-fixes). * asoc: amd: acp: Add missing error handling in sof-mach (git-fixes). * asoc: amd: acp: fix for acp_init function error handling (git-fixes). * asoc: madera: Fix typo in madera_set_fll_clks shift value (git-fixes). * asoc: meson: Use dev_err_probe() helper (stable-fixes). * asoc: meson: aiu: fix function pointer type mismatch (git-fixes). * asoc: meson: axg-tdm-interface: add frame rate constraint (git-fixes). * asoc: meson: axg-tdm-interface: fix mclk setup without mclk-fs (git-fixes). * asoc: meson: t9015: fix function pointer type mismatch (git-fixes). * asoc: ops: Fix wraparound for mask in snd_soc_get_volsw (git-fixes). * asoc: rcar: adg: correct TIMSEL setting for SSI9 (git-fixes). * asoc: rt5645: Make LattePanda board DMI match more precise (stable-fixes). * asoc: rt5682-sdw: fix locking sequence (git-fixes). * asoc: rt711-sdca: fix locking sequence (git-fixes). * asoc: rt711-sdw: fix locking sequence (git-fixes). * asoc: wm8962: Enable both SPKOUTR_ENA and SPKOUTL_ENA in mono mode (stable- fixes). * asoc: wm8962: Enable oscillator if selecting WM8962_FLL_OSC (stable-fixes). * asoc: wm8962: Fix up incorrect error message in wm8962_set_fll (stable- fixes). * ata: sata_mv: Fix PCI device ID table declaration compilation warning (git- fixes). * ata: sata_sx4: fix pdc20621_get_from_dimm() on 64-bit (git-fixes). * backlight: da9052: Fully initialize backlight_properties during probe (git- fixes). * backlight: lm3630a: Do not set bl->props.brightness in get_brightness (git- fixes). * backlight: lm3630a: Initialize backlight_properties on init (git-fixes). * backlight: lm3639: Fully initialize backlight_properties during probe (git- fixes). * backlight: lp8788: Fully initialize backlight_properties during probe (git- fixes). * blocklayoutdriver: Fix reference leak of pnfs_device_node (git-fixes). * bluetooth: Remove HCI_POWER_OFF_TIMEOUT (git-fixes). * bluetooth: Remove superfluous call to hci_conn_check_pending() (git-fixes). * bluetooth: hci_core: Fix possible buffer overflow (git-fixes). * bluetooth: mgmt: Remove leftover queuing of power_off work (git-fixes). * bluetooth: rfcomm: Fix null-ptr-deref in rfcomm_check_security (stable- fixes). * bpf, scripts: Correct GPL license name (git-fixes). * bpf, sockmap: Fix preempt_rt splat when using raw_spin_lock_t (git-fixes). * can: softing: remove redundant NULL check (git-fixes). * clk: zynq: Prevent null pointer dereference caused by kmalloc failure (git- fixes). * comedi: comedi_test: Prevent timers rescheduling during deletion (git- fixes). * coresight: etm4x: Do not access TRCIDR1 for identification (bsc#1220775) * coresight: etm4x: Fix accesses to TRCSEQRSTEVR and TRCSEQSTR (bsc#1220775) * coresight: etm: Override TRCIDR3.CCITMIN on errata affected cpus (bsc#1220775) * cpufreq: amd-pstate: Fix min_perf assignment in amd_pstate_adjust_perf() (git-fixes). * cpufreq: brcmstb-avs-cpufreq: add check for cpufreq_cpu_get's return value (git-fixes). * crypto: arm/sha - fix function cast warnings (git-fixes). * crypto: qat - avoid division by zero (git-fixes). * crypto: qat - fix deadlock in backlog processing (git-fixes). * crypto: qat - fix double free during reset (git-fixes). * crypto: qat - fix state machines cleanup paths (bsc#1218321). * crypto: qat - fix unregistration of compression algorithms (git-fixes). * crypto: qat - fix unregistration of crypto algorithms (git-fixes). * crypto: qat - ignore subsequent state up commands (git-fixes). * crypto: qat - increase size of buffers (git-fixes). * crypto: qat - resolve race condition during AER recovery (git-fixes). * crypto: xilinx - call finalize with bh disabled (git-fixes). * doc-guide: kernel-doc: tell about object-like macros (git-fixes). * doc/README.SUSE: Update information about module support status (jsc#PED-5759) * drivers: hv: vmbus: Calculate ring buffer size for more efficient use of memory (git-fixes). * drm/amd/display: Add FAMS validation before trying to use it (git-fixes). * drm/amd/display: Add function for validate and update new stream (git- fixes). * drm/amd/display: Avoid ABM when ODM combine is enabled for eDP (git-fixes). * drm/amd/display: Blocking invalid 420 modes on HDMI TMDS for DCN31 (git- fixes). * drm/amd/display: Check if link state is valid (git-fixes). * drm/amd/display: Copy DC context in the commit streams (git-fixes). * drm/amd/display: Disable PSR-SU on Parade 0803 TCON again (git-fixes). * drm/amd/display: Enable fast plane updates on DCN3.2 and above (git-fixes). * drm/amd/display: Enable new commit sequence only for DCN32x (git-fixes). * drm/amd/display: Exit idle optimizations before attempt to access PHY (git- fixes). * drm/amd/display: Expand kernel doc for DC (git-fixes). * drm/amd/display: Fix a bug when searching for insert_above_mpcc (git-fixes). * drm/amd/display: Fix a potential buffer overflow in 'dp_dsc_clock_en_read()' (git-fixes). * drm/amd/display: Fix possible underflow for displays with large vblank (git- fixes). * drm/amd/display: Fix the delta clamping for shaper LUT (git-fixes). * drm/amd/display: Fix underflow issue on 175hz timing (git-fixes). * drm/amd/display: For prefetch mode > 0, extend prefetch if possible (git- fixes). * drm/amd/display: Guard DCN31 PHYD32CLK logic against chip family (git- fixes). * drm/amd/display: Guard against invalid RPTR/WPTR being set (git-fixes). * drm/amd/display: Handle seamless boot stream (git-fixes). * drm/amd/display: Handle virtual hardware detect (git-fixes). * drm/amd/display: Include surface of unaffected streams (git-fixes). * drm/amd/display: Include udelay when waiting for INBOX0 ACK (git-fixes). * drm/amd/display: Increase frame warning limit with KASAN or KCSAN in dml (git-fixes). * drm/amd/display: Keep PHY active for dp config (git-fixes). * drm/amd/display: Prevent vtotal from being set to 0 (git-fixes). * drm/amd/display: Remove min_dst_y_next_start check for Z8 (git-fixes). * drm/amd/display: Restore rptr/wptr for DMCUB as workaround (git-fixes). * drm/amd/display: Return the correct HDCP error code (stable-fixes). * drm/amd/display: Revert vblank change that causes null pointer crash (git- fixes). * drm/amd/display: Rework comments on dc file (git-fixes). * drm/amd/display: Rework context change check (git-fixes). * drm/amd/display: Set minimum requirement for using PSR-SU on Phoenix (git- fixes). * drm/amd/display: Set minimum requirement for using PSR-SU on Rembrandt (git- fixes). * drm/amd/display: Update OTG instance in the commit stream (git-fixes). * drm/amd/display: Update correct DCN314 register header (git-fixes). * drm/amd/display: Update min Z8 residency time to 2100 for DCN314 (git- fixes). * drm/amd/display: Use DRAM speed from validation for dummy p-state (git- fixes). * drm/amd/display: Use DTBCLK as refclk instead of DPREFCLK (git-fixes). * drm/amd/display: Use min transition for all SubVP plane add/remove (git- fixes). * drm/amd/display: Write to correct dirty_rect (git-fixes). * drm/amd/display: Wrong colorimetry workaround (git-fixes). * drm/amd/display: add FB_DAMAGE_CLIPS support (git-fixes). * drm/amd/display: add ODM case when looking for first split pipe (git-fixes). * drm/amd/display: always switch off ODM before committing more streams (git- fixes). * drm/amd/display: clean code-style issues in dcn30_set_mpc_shaper_3dlut (git- fixes). * drm/amd/display: dc.h: eliminate kernel-doc warnings (git-fixes). * drm/amd/display: ensure async flips are only accepted for fast updates (git- fixes). * drm/amd/display: fix ABM disablement (git-fixes). * drm/amd/display: fix a NULL pointer dereference in amdgpu_dm_i2c_xfer() (git-fixes). * drm/amd/display: fix dc/core/dc.c kernel-doc (git-fixes). * drm/amd/display: fix hw rotated modes when PSR-SU is enabled (git-fixes). * drm/amd/display: fix kernel-doc issues in dc.h (git-fixes). * drm/amd/display: fix unbounded requesting for high pixel rate modes on dcn315 (git-fixes). * drm/amd/display: handle range offsets in VRR ranges (stable-fixes). * drm/amd/display: perform a bounds check before filling dirty rectangles (git-fixes). * drm/amd/display: set per pipe dppclk to 0 when dpp is off (git-fixes). * drm/amd/display: update extended blank for dcn314 onwards (git-fixes). * drm/amd/display: use low clocks for no plane configs (git-fixes). * drm/amd/pm: Fix error of MACO flag setting code (git-fixes). * drm/amd/pm: fix a memleak in aldebaran_tables_init (git-fixes). * drm/amd/smu: use AverageGfxclkFrequency* to replace previous GFX Curr Clock (git-fixes). * drm/amd: Enable PCIe PME from D3 (git-fixes). * drm/amdgpu/pm: Fix the error of pwm1_enable setting (stable-fixes). * drm/amdgpu/pm: make gfxclock consistent for sienna cichlid (git-fixes). * drm/amdgpu/pm: make mclk consistent for smu 13.0.7 (git-fixes). * drm/amdgpu/smu13: drop compute workload workaround (git-fixes). * drm/amdgpu: Enable gpu reset for S3 abort cases on Raven series (stable- fixes). * drm/amdgpu: Fix missing break in ATOM_ARG_IMM Case of atom_get_src_int() (git-fixes). * drm/amdgpu: Force order between a read and write to the same address (git- fixes). * drm/amdgpu: Match against exact bootloader status (git-fixes). * drm/amdgpu: Unset context priority is now invalid (git-fixes). * drm/amdgpu: Update min() to min_t() in 'amdgpu_info_ioctl' (git-fixes). * drm/amdgpu: amdgpu_ttm_gart_bind set gtt bound flag (stable-fixes). * drm/amdgpu: lower CS errors to debug severity (git-fixes). * drm/amdkfd: fix TLB flush after unmap for GFX9.4.2 (stable-fixes). * drm/bridge: tc358762: Instruct DSI host to generate HSE packets (git-fixes). * drm/display: fix typo (git-fixes). * drm/edid: Add quirk for OSVR HDK 2.0 (git-fixes). * drm/etnaviv: Restore some id values (git-fixes). * drm/exynos: do not return negative values from .get_modes() (stable-fixes). * drm/exynos: fix a possible null-pointer dereference due to data race in exynos_drm_crtc_atomic_disable() (git-fixes). * drm/i915/bios: Tolerate devdata==NULL in intel_bios_encoder_supports_dp_dual_mode() (stable-fixes). * drm/i915/gt: Do not generate the command streamer for all the CCS (git- fixes). * drm/i915/gt: Reset queue_priority_hint on parking (git-fixes). * drm/i915/gt: Use i915_vm_put on ppgtt_create error paths (git-fixes). * drm/i915/selftests: Fix dependency of some timeouts on HZ (git-fixes). * drm/i915: Add missing CCS documentation (git-fixes). * drm/i915: Call intel_pre_plane_updates() also for pipes getting enabled (git-fixes). * drm/i915: Check before removing mm notifier (git-fixes). * drm/lima: fix a memleak in lima_heap_alloc (git-fixes). * drm/mediatek: Fix a null pointer crash in mtk_drm_crtc_finish_page_flip (git-fixes). * drm/mediatek: dsi: Fix DSI RGB666 formats and definitions (git-fixes). * drm/msm/dpu: Only enable DSC_MODE_MULTIPLEX if dsc_merge is enabled (git- fixes). * drm/msm/dpu: add division of drm_display_mode's hskew parameter (git-fixes). * drm/msm/dpu: fix the programming of INTF_CFG2_DATA_HCTL_EN (git-fixes). * drm/msm/dpu: improve DSC allocation (git-fixes). * drm/panel-edp: use put_sync in unprepare (git-fixes). * drm/panel: Move AUX B116XW03 out of panel-edp back to panel-simple (git- fixes). * drm/panel: auo,b101uan08.3: Fine tune the panel power sequence (git-fixes). * drm/panel: boe-tv101wum-nl6: Fine tune the panel power sequence (git-fixes). * drm/panel: do not return negative error codes from drm_panel_get_modes() (stable-fixes). * drm/panfrost: fix power transition timeout warnings (git-fixes). * drm/probe-helper: warn about negative .get_modes() (stable-fixes). * drm/qxl: remove unused `count` variable from `qxl_surface_id_alloc()` (git- fixes). * drm/qxl: remove unused variable from `qxl_process_single_command()` (git- fixes). * drm/radeon/ni: Fix wrong firmware size logging in ni_init_microcode() (git- fixes). * drm/radeon/ni_dpm: remove redundant NULL check (git-fixes). * drm/radeon: remove dead code in ni_mc_load_microcode() (git-fixes). * drm/rockchip: dsi: Clean up 'usage_mode' when failing to attach (git-fixes). * drm/rockchip: inno_hdmi: Fix video timing (git-fixes). * drm/rockchip: lvds: do not overwrite error code (git-fixes). * drm/rockchip: lvds: do not print scary message when probing defer (git- fixes). * drm/tegra: dpaux: Fix PM disable depth imbalance in tegra_dpaux_probe (git- fixes). * drm/tegra: dsi: Add missing check for of_find_device_by_node (git-fixes). * drm/tegra: dsi: Fix missing pm_runtime_disable() in the error handling path of tegra_dsi_probe() (git-fixes). * drm/tegra: dsi: Fix some error handling paths in tegra_dsi_probe() (git- fixes). * drm/tegra: dsi: Make use of the helper function dev_err_probe() (stable- fixes). * drm/tegra: hdmi: Convert to devm_platform_ioremap_resource() (stable-fixes). * drm/tegra: hdmi: Fix some error handling paths in tegra_hdmi_probe() (git- fixes). * drm/tegra: output: Fix missing i2c_put_adapter() in the error handling paths of tegra_output_probe() (git-fixes). * drm/tegra: put drm_gem_object ref on error in tegra_fb_create (git-fixes). * drm/tegra: rgb: Fix missing clk_put() in the error handling paths of tegra_dc_rgb_probe() (git-fixes). * drm/tegra: rgb: Fix some error handling paths in tegra_dc_rgb_probe() (git- fixes). * drm/tidss: Fix initial plane zpos values (git-fixes). * drm/tidss: Fix sync-lost issue with two displays (git-fixes). * drm/ttm: Do not leak a resource on eviction error (git-fixes). * drm/ttm: Do not print error message if eviction was interrupted (git-fixes). * drm/vc4: Add module dependency on hdmi-codec (git-fixes). * drm/vmwgfx: Create debugfs ttm_resource_manager entry only if needed (git- fixes). * drm/vmwgfx: Fix possible null pointer derefence with invalid contexts (git- fixes). * drm/vmwgfx: fix a memleak in vmw_gmrid_man_get_node (git-fixes). * drm: Do not treat 0 as -1 in drm_fixp2int_ceil (git-fixes). * drm: Fix drm_fixp2int_round() making it add 0.5 (git-fixes). * drm: panel-orientation-quirks: Add quirk for Acer Switch V 10 (SW5-017) (git-fixes). * firewire: core: use long bus reset on gap count error (stable-fixes). * fix "coresight: etm4x: Change etm4_platform_driver driver for MMIO devices" (bsc#1220775) Hunk with clk_put(drvdata->pclk) was incorrectly moved to another function. * hid: amd_sfh: Update HPD sensor structure elements (git-fixes). * hid: lenovo: Add middleclick_workaround sysfs knob for cptkbd (git-fixes). * hid: multitouch: Add required quirk for Synaptics 0xcddc device (stable- fixes). * hv_netvsc: Calculate correct ring size when PAGE_SIZE is not 4 Kbytes (git- fixes). * hv_netvsc: Fix race condition between netvsc_probe and netvsc_remove (git- fixes). * hv_netvsc: Register VF in netvsc_probe if NET_DEVICE_REGISTER missed (git- fixes). * i2c: aspeed: Fix the dummy irq expected print (git-fixes). * i2c: i801: Avoid potential double call to gpiod_remove_lookup_table (git- fixes). * i2c: wmt: Fix an error handling path in wmt_i2c_probe() (git-fixes). * ib/ipoib: Fix mcast list locking (git-fixes) * iio: dummy_evgen: remove Excess kernel-doc comments (git-fixes). * iio: pressure: dlhl60d: Initialize empty DLH bytes (git-fixes). * input: gpio_keys_polled - suppress deferred probe error for gpio (stable- fixes). * input: i8042 - add Fujitsu Lifebook E5411 to i8042 quirk table (git-fixes). * input: i8042 - add Fujitsu Lifebook U728 to i8042 quirk table (git-fixes). * input: i8042 - add quirk for Fujitsu Lifebook A574/H (git-fixes). * input: i8042 - fix strange behavior of touchpad on Clevo NS70PU (git-fixes). * input: pm8941-powerkey - fix debounce on gen2+ PMICs (git-fixes). * input: pm8941-pwrkey - add software key press debouncing support (git- fixes). * input: pm8941-pwrkey - add support for PON GEN3 base addresses (git-fixes). * input: synaptics-rmi4 - fix UAF of IRQ domain on driver removal (git-fixes). * input: xpad - add Lenovo Legion Go controllers (git-fixes). * iommu/amd: Mark interrupt as managed (git-fixes). * iommu/dma: Trace bounce buffer usage when mapping buffers (git-fixes). * iommu/mediatek-v1: Fix an error handling path in mtk_iommu_v1_probe() (git- fixes). * iommu/mediatek: Fix forever loop in error handling (git-fixes). * iommu/vt-d: Allow to use flush-queue when first level is default (git- fixes). * iommu/vt-d: Do not issue ATS Invalidation request when device is disconnected (git-fixes). * iommu/vt-d: Fix PASID directory pointer coherency (git-fixes). * iommu/vt-d: Set No Execute Enable bit in PASID table entry (git-fixes). * kabi: PCI: Add locking to RMW PCI Express Capability Register accessors (kabi). * kconfig: fix infinite loop when expanding a macro at the end of file (git- fixes). * kvm: s390: only deliver the set service event bits (git-fixes bsc#1221631). * lan78xx: enable auto speed configuration for LAN7850 if no EEPROM is detected (git-commit). * leds: aw2013: Unlock mutex before destroying it (git-fixes). * lib/cmdline: Fix an invalid format specifier in an assertion msg (git- fixes). * make NVIDIA Grace-Hopper TPM related drivers build-ins (bsc#1221156) * md/raid10: check slab-out-of-bounds in md_bitmap_get_counter (git-fixes). * md/raid5: release batch_last before waiting for another stripe_head (git- fixes). * md/raid6: use valid sector values to determine if an I/O should wait on the reshape (git-fixes). * md: Do not ignore suspended array in md_check_recovery() (git-fixes). * md: Make sure md_do_sync() will set MD_RECOVERY_DONE (git-fixes). * md: Whenassemble the array, consult the superblock of the freshest device (git-fixes). * md: do not leave 'MD_RECOVERY_FROZEN' in error path of md_set_readonly() (git-fixes). * md: fix data corruption for raid456 when reshape restart while grow up (git- fixes). * md: introduce md_ro_state (git-fixes). * media: dvb-frontends: avoid stack overflow warnings with clang (git-fixes). * media: edia: dvbdev: fix a use-after-free (git-fixes). * media: em28xx: annotate unchecked call to media_device_register() (git- fixes). * media: go7007: add check of return value of go7007_read_addr() (git-fixes). * media: go7007: fix a memleak in go7007_load_encoder (git-fixes). * media: imx: csc/scaler: fix v4l2_ctrl_handler memory leak (git-fixes). * media: pvrusb2: fix pvr2_stream_callback casts (git-fixes). * media: pvrusb2: fix uaf in pvr2_context_set_notify (git-fixes). * media: pvrusb2: remove redundant NULL check (git-fixes). * media: staging: ipu3-imgu: Set fields before media_entity_pads_init() (git- fixes). * media: sun8i-di: Fix chroma difference threshold (git-fixes). * media: sun8i-di: Fix coefficient writes (git-fixes). * media: sun8i-di: Fix power on/off sequences (git-fixes). * media: tc358743: register v4l2 async device only after successful setup (git-fixes). * media: ttpci: fix two memleaks in budget_av_attach (git-fixes). * media: usbtv: Remove useless locks in usbtv_video_free() (git-fixes). * media: v4l2-mem2mem: fix a memleak in v4l2_m2m_register_entity (git-fixes). * media: v4l2-tpg: fix some memleaks in tpg_alloc (git-fixes). * media: xc4000: Fix atomicity violation in xc4000_get_frequency (git-fixes). * mfd: altera-sysmgr: Call of_node_put() only when of_parse_phandle() takes a ref (git-fixes). * mfd: syscon: Call of_node_put() only when of_parse_phandle() takes a ref (git-fixes). * mm,page_owner: Defer enablement of static branch (bsc#1222366). * mm,page_owner: Fix accounting of pages when migrating (bsc#1222366). * mm,page_owner: Fix printing of stack records (bsc#1222366). * mm,page_owner: Fix refcount imbalance (bsc#1222366). * mm,page_owner: Update metadata for tail pages (bsc#1222366). * mm,page_owner: check for null stack_record before bumping its refcount (bsc#1222366). * mm,page_owner: drop unnecessary check (bsc#1222366). * mm,page_owner: fix recursion (bsc#1222366). * mmc: core: Avoid negative index with array access (git-fixes). * mmc: core: Fix switch on gp3 partition (git-fixes). * mmc: core: Initialize mmc_blk_ioc_data (git-fixes). * mmc: mmci: stm32: fix DMA API overlapping mappings warning (git-fixes). * mmc: mmci: stm32: use a buffer for unaligned DMA requests (git-fixes). * mmc: tmio: avoid concurrent runs of mmc_request_done() (git-fixes). * mmc: wmt-sdmmc: remove an incorrect release_mem_region() call in the .remove function (git-fixes). * mtd: maps: physmap-core: fix flash size larger than 32-bit (git-fixes). * mtd: rawnand: lpc32xx_mlc: fix irq handler prototype (git-fixes). * mtd: rawnand: meson: fix scrambling mode value in command macro (git-fixes). * net/bnx2x: Prevent access to a freed page in page_pool (bsc#1215322). * net/x25: fix incorrect parameter validation in the x25_getsockopt() function (git-fixes). * net: Fix features skip in for_each_netdev_feature() (git-fixes). * net: lan78xx: fix runtime PM count underflow on link stop (git-fixes). * net: ll_temac: platform_get_resource replaced by wrong function (git-fixes). * net: mana: Fix Rx DMA datasize and skb_over_panic (git-fixes). * net: phy: fix phy_get_internal_delay accessing an empty array (git-fixes). * net: sunrpc: Fix an off by one in rpc_sockaddr2uaddr() (git-fixes). * net: usb: dm9601: fix wrong return value in dm9601_mdio_read (git-fixes). * nfc: nci: Fix uninit-value in nci_dev_up and nci_ntf_packet (git-fixes). * nfs: fix an off by one in root_nfs_cat() (git-fixes). * nfs: rename nfs_client_kset to nfs_kset (git-fixes). * nfsd: change LISTXATTRS cookie encoding to big-endian (git-fixes). * nfsd: convert the callback workqueue to use delayed_work (git-fixes). * nfsd: do not take fi_lock in nfsd_break_deleg_cb() (git-fixes). * nfsd: fix LISTXATTRS returning a short list with eof=TRUE (git-fixes). * nfsd: fix LISTXATTRS returning more bytes than maxcount (git-fixes). * nfsd: fix file memleak on client_opens_release (git-fixes). * nfsd: fix nfsd4_listxattr_validate_cookie (git-fixes). * nfsd: lock_rename() needs both directories to live on the same fs (git- fixes). * nfsd: reschedule CB operations when backchannel rpc_clnt is shut down (git- fixes). * nfsd: reset cb_seq_status after NFS4ERR_DELAY (git-fixes). * nfsd: retransmit callbacks after client reconnects (git-fixes). * nfsd: use vfs setgid helper (git-fixes). * nfsv4.1/pnfs: Ensure we handle the error NFS4ERR_RETURNCONFLICT (git-fixes). * nfsv4.1: fix SP4_MACH_CRED protection for pnfs IO (git-fixes). * nfsv4.1: fixup use EXCHGID4_FLAG_USE_PNFS_DS for DS server (git-fixes). * nfsv4.1: use EXCHGID4_FLAG_USE_PNFS_DS for DS server (git-fixes). * nfsv4.2: fix listxattr maximum XDR buffer size (git-fixes). * nfsv4.2: fix nfs4_listxattr kernel BUG at mm/usercopy.c:102 (git-fixes). * nfsv4.2: fix wrong shrinker_id (git-fixes). * nfsv4: fix a nfs4_state_manager() race (git-fixes). * nfsv4: fix a state manager thread deadlock regression (git-fixes). * nilfs2: fix failure to detect DAT corruption in btree and direct mappings (git-fixes). * nilfs2: prevent kernel bug at submit_bh_wbc() (git-fixes). * nouveau/dmem: handle kcalloc() allocation failure (git-fixes). * nouveau: reset the bo resource bus info after an eviction (git-fixes). * ntfs: fix use-after-free in ntfs_ucsncmp() (bsc#1221713). * nvme-fc: do not wait in vain when unloading module (git-fixes). * nvme: fix reconnection fail due to reserved tag allocation (git-fixes). * nvmet-fc: abort command when there is no binding (git-fixes). * nvmet-fc: avoid deadlock on delete association path (git-fixes). * nvmet-fc: defer cleanup using RCU properly (git-fixes). * nvmet-fc: hold reference on hostport match (git-fixes). * nvmet-fc: release reference on target port (git-fixes). * nvmet-fc: take ref count on tgtport before delete assoc (git-fixes). * nvmet-fcloop: swap the list_add_tail arguments (git-fixes). * nvmet-tcp: fix nvme tcp ida memory leak (git-fixes). * pci/aer: fix rootport attribute paths in ABI docs (git-fixes). * pci/aspm: Use RMW accessors for changing LNKCTL (git-fixes). * pci/dpc: print all TLP Prefixes, not just the first (git-fixes). * pci/msi: prevent MSI hardware interrupt number truncation (bsc#1218777) * pci/p2pdma: Fix a sleeping issue in a RCU read section (git-fixes). * pci: add locking to RMW PCI Express Capability Register accessors (git- fixes). * pci: dwc: Fix a 64bit bug in dw_pcie_ep_raise_msix_irq() (git-fixes). * pci: dwc: endpoint: Fix advertised resizable BAR size (git-fixes). * pci: dwc: endpoint: Fix dw_pcie_ep_raise_msix_irq() alignment support (git- fixes). * pci: fu740: Set the number of MSI vectors (git-fixes). * pci: lengthen reset delay for VideoPropulsion Torrent QN16e card (git- fixes). * pci: make link retraining use RMW accessors for changing LNKCTL (git-fixes). * pci: mark 3ware-9650SE Root Port Extended Tags as broken (git-fixes). * pci: mediatek-gen3: Fix translation window size calculation (git-fixes). * pci: mediatek: Clear interrupt status before dispatching handler (git- fixes). * pci: qcom: Enable BDF to SID translation properly (git-fixes). * pci: qcom: Use DWC helpers for modifying the read-only DBI registers (git- fixes). * pci: rockchip: Do not advertise MSI-X in PCIe capabilities (git-fixes). * pci: rockchip: Fix window mapping and address translation for endpoint (git- fixes). * pci: rockchip: Use 64-bit mask on MSI 64-bit PCI address (git-fixes). * pci: switchtec: Fix an error handling path in switchtec_pci_probe() (git- fixes). * pinctrl: mediatek: Drop bogus slew rate register range for MT8192 (git- fixes). * platform/mellanox: mlxreg-hotplug: Remove redundant NULL-check (git-fixes). * pm: suspend: Set mem_sleep_current during kernel command line setup (git- fixes). * pnfs/flexfiles: Check the layout validity in ff_layout_mirror_prepare_stats (git-fixes). * pnfs: Fix a hang in nfs4_evict_inode() (git-fixes). * pnfs: Fix the pnfs block driver's calculation of layoutget size (git-fixes). * powerpc/64s: POWER10 CPU Kconfig build option (bsc#1194869). * powerpc/boot: Disable power10 features after BOOTAFLAGS assignment (bsc#1194869). * powerpc/boot: Fix boot wrapper code generation with CONFIG_POWER10_CPU (bsc#1194869). * powerpc/lib/sstep: Do not use __{get/put}_user() on kernel addresses (bsc#1194869). * powerpc/lib/sstep: Remove unneeded #ifdef **powerpc64** (bsc#1194869). * powerpc/lib/sstep: Use l1_dcache_bytes() instead of opencoding (bsc#1194869). * powerpc/lib/sstep: use truncate_if_32bit() (bsc#1194869). * powerpc/pseries/iommu: IOMMU table is not initialized for kdump over SR-IOV (bsc#1220492 ltc#205270). * powerpc/pseries: Fix potential memleak in papr_get_attr() (bsc#1200465 ltc#197256 jsc#SLE-18130 git-fixes). * powerpc/sstep: Use bitwise instead of arithmetic operator for flags (bsc#1194869). * powerpc: add compile-time support for lbarx, lharx (bsc#1194869). * pwm: mediatek: Update kernel doc for struct pwm_mediatek_of_data (git- fixes). * qedf: Do not process stag work during unload (bsc#1214852). * qedf: Wait for stag work during unload (bsc#1214852). * raid1: fix use-after-free for original bio in raid1_write_request() (bsc#1221097). * ras/amd/fmpm: Add debugfs interface to print record entries (jsc#PED-7619). * ras/amd/fmpm: Avoid NULL ptr deref in get_saved_records() (jsc#PED-7619). * ras/amd/fmpm: Fix build when debugfs is not enabled (jsc#PED-7619). * ras/amd/fmpm: Fix off by one when unwinding on error (jsc#PED-7619). * ras/amd/fmpm: Safely handle saved records of various sizes (jsc#PED-7619). * ras/amd/fmpm: Save SPA values (jsc#PED-7619). * ras: Avoid build errors when CONFIG_DEBUG_FS=n (git-fixes). * ras: export helper to get ras_debugfs_dir (jsc#PED-7619). * rdma/device: Fix a race between mad_client and cm_client init (git-fixes) * rdma/hns: fix mis-modifying default congestion control algorithm (git-fixes) * rdma/ipoib: Fix error code return in ipoib_mcast_join (git-fixes) * rdma/irdma: Remove duplicate assignment (git-fixes) * rdma/mana_ib: Fix bug in creation of dma regions (git-fixes). * rdma/mlx5: fix fortify source warning while accessing Eth segment (git- fixes) * rdma/mlx5: relax DEVX access upon modify commands (git-fixes) * rdma/rtrs-clt: Check strnlen return len in sysfs mpath_policy_store() (git- fixes) * rdma/srpt: do not register event handler until srpt device is fully setup (git-fixes) * revert "PCI: tegra194: Enable support for 256 Byte payload" (git-fixes). * revert "Revert "drm/amdgpu/display: change pipe policy for DCN 2.0"" (git- fixes). * revert "SUNRPC dont update timeout value on connection reset" (git-fixes). * revert "drm/amd: Disable PSR-SU on Parade 0803 TCON" (git-fixes). * revert "drm/amd: Disable S/G for APUs when 64GB or more host memory" (git- fixes). * revert "drm/amdgpu/display: change pipe policy for DCN 2.0" (git-fixes). * revert "drm/amdgpu/display: change pipe policy for DCN 2.1" (git-fixes). * revert "drm/vc4: hdmi: Enforce the minimum rate at runtime_resume" (git- fixes). * revert "fbdev: flush deferred IO before closing (git-fixes)." (bsc#1221814) * ring-buffer: Clean ring_buffer_poll_wait() error return (git-fixes). * rtc: mt6397: select IRQ_DOMAIN instead of depending on it (git-fixes). * s390/pai: fix attr_event_free upper limit for pai device drivers (git-fixes bsc#1221633). * s390/vfio-ap: realize the VFIO_DEVICE_GET_IRQ_INFO ioctl (bsc#1205316). * s390/vfio-ap: realize the VFIO_DEVICE_SET_IRQS ioctl (bsc#1205316). * s390/vfio-ap: wire in the vfio_device_ops request callback (bsc#1205316). * s390/vtime: fix average steal time calculation (git-fixes bsc#1221951). * sched/rt: Disallow writing invalid values to sched_rt_period_us (bsc#1220176). * sched/rt: sysctl_sched_rr_timeslice show default timeslice after reset (bsc#1220176). * scsi: lpfc: Copyright updates for 14.4.0.1 patches (bsc#1221777). * scsi: lpfc: Correct size for cmdwqe/rspwqe for memset() (bsc#1221777). * scsi: lpfc: Correct size for wqe for memset() (bsc#1221777). * scsi: lpfc: Define lpfc_dmabuf type for ctx_buf ptr (bsc#1221777). * scsi: lpfc: Define lpfc_nodelist type for ctx_ndlp ptr (bsc#1221777). * scsi: lpfc: Define types in a union for generic void *context3 ptr (bsc#1221777). * scsi: lpfc: Move NPIV's transport unregistration to after resource clean up (bsc#1221777). * scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up() (bsc#1221777). * scsi: lpfc: Remove IRQF_ONESHOT flag from threaded IRQ handling (bsc#1221777 bsc#1217959). * scsi: lpfc: Remove unnecessary log message in queuecommand path (bsc#1221777). * scsi: lpfc: Replace hbalock with ndlp lock in lpfc_nvme_unregister_port() (bsc#1221777). * scsi: lpfc: Update lpfc version to 14.4.0.1 (bsc#1221777). * scsi: lpfc: Update lpfc_ramp_down_queue_handler() logic (bsc#1221777). * scsi: lpfc: Use a dedicated lock for ras_fwlog state (bsc#1221777). * scsi: qedf: Remove set but unused variable 'page' (bsc#1214852). * scsi: qedf: Remove unused 'num_handled' variable (bsc#1214852). * scsi: qedf: Remove unused declaration (bsc#1214852). * scsi: qla2xxx: Change debug message during driver unload (bsc1221816). * scsi: qla2xxx: Delay I/O Abort on PCI error (bsc1221816). * scsi: qla2xxx: Fix N2N stuck connection (bsc1221816). * scsi: qla2xxx: Fix command flush on cable pull (bsc1221816). * scsi: qla2xxx: Fix double free of fcport (bsc1221816). * scsi: qla2xxx: Fix double free of the ha->vp_map pointer (bsc1221816). * scsi: qla2xxx: NVME|FCP prefer flag not being honored (bsc1221816). * scsi: qla2xxx: Prevent command send on chip reset (bsc1221816). * scsi: qla2xxx: Split FCE|EFT trace control (bsc1221816). * scsi: qla2xxx: Update manufacturer detail (bsc1221816). * scsi: qla2xxx: Update version to 10.02.09.200-k (bsc1221816). * scsi: storvsc: Fix ring buffer size calculation (git-fixes). * scsi: target: core: Silence the message about unknown VPD pages (bsc#1221252). * selftests/bpf: add generic BPF program tester-loader (bsc#1222033). * serial: 8250_exar: Do not remove GPIO device on suspend (git-fixes). * serial: max310x: fix syntax error in IRQ error message (git-fixes). * slimbus: core: Remove usage of the deprecated ida_simple_xx() API (git- fixes). * soc: fsl: qbman: Always disable interrupts when taking cgr_lock (git-fixes). * spi: lm70llp: fix links in doc and comments (git-fixes). * spi: spi-mt65xx: Fix NULL pointer access in interrupt handler (git-fixes). * sr9800: Add check for usbnet_get_endpoints (git-fixes). * stackdepot: rename pool_index to pool_index_plus_1 (git-fixes). * staging: vc04_services: fix information leak in create_component() (git- fixes). * sunrpc: Add an IS_ERR() check back to where it was (git-fixes). * sunrpc: ECONNRESET might require a rebind (git-fixes). * sunrpc: Fix RPC client cleaned up the freed pipefs dentries (git-fixes). * sunrpc: Fix a suspicious RCU usage warning (git-fixes). * sunrpc: fix a memleak in gss_import_v2_context (git-fixes). * sunrpc: fix some memleaks in gssx_dec_option_array (git-fixes). * svcrdma: Drop connection after an RDMA Read error (git-fixes). * topology/sysfs: Hide PPIN on systems that do not support it (jsc#PED-7618). * topology: Fix up build warning in topology_is_visible() (jsc#PED-7618). * tracing/probes: Fix to show a parse error for bad type for $comm (git- fixes). * tracing: Fix wasted memory in saved_cmdlines logic (git-fixes). * tracing: Inform kmemleak of saved_cmdlines allocation (git-fixes). * tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc (bsc#1222619). * tty: serial: fsl_lpuart: avoid idle preamble pending if CTS is enabled (git- fixes). * tty: serial: samsung: fix tx_empty() to return TIOCSER_TEMT (git-fixes). * tty: vt: fix 20 vs 0x20 typo in EScsiignore (git-fixes). * ubifs: Queue up space reservation tasks if retrying many times (git-fixes). * ubifs: Remove unreachable code in dbg_check_ltab_lnum (git-fixes). * ubifs: Set page uptodate in the correct place (git-fixes). * ubifs: dbg_check_idx_size: Fix kmemleak if loading znode failed (git-fixes). * ubifs: fix sort function prototype (git-fixes). * usb: audio-v2: Correct comments for struct uac_clock_selector_descriptor (git-fixes). * usb: cdc-wdm: close race between read and workqueue (git-fixes). * usb: core: Fix deadlock in usb_deauthorize_interface() (git-fixes). * usb: dwc2: gadget: Fix exiting from clock gating (git-fixes). * usb: dwc2: gadget: LPM flow fix (git-fixes). * usb: dwc2: host: Fix ISOC flow in DDMA mode (git-fixes). * usb: dwc2: host: Fix hibernation flow (git-fixes). * usb: dwc2: host: Fix remote wakeup from hibernation (git-fixes). * usb: dwc3: Properly set system wakeup (git-fixes). * usb: f_mass_storage: forbid async queue when shutdown happen (git-fixes). * usb: gadget: ncm: Fix handling of zero block length packets (git-fixes). * usb: gadget: net2272: Use irqflags in the call to net2272_probe_fin (git- fixes). * usb: hub: Replace hardcoded quirk value with BIT() macro (git-fixes). * usb: port: Do not try to peer unused USB ports based on location (git- fixes). * usb: typec: Return size of buffer if pd_set operation succeeds (git-fixes). * usb: typec: ucsi: Check for notifications after init (git-fixes). * usb: typec: ucsi: Clean up UCSI_CABLE_PROP macros (git-fixes). * usb: typec: ucsi: Clear EVENT_PENDING under PPM lock (git-fixes). * usb: usb-storage: Prevent divide-by-0 error in isd200_ata_command (git- fixes). * usb: xhci: Add error handling in xhci_map_urb_for_dma (git-fixes). * vboxsf: Avoid an spurious warning if load_nls_xxx() fails (git-fixes). * vt: fix unicode buffer corruption when deleting characters (git-fixes). * watchdog: stm32_iwdg: initialize default timeout (git-fixes). * wifi: ath10k: fix NULL pointer dereference in ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() (git-fixes). * wifi: ath11k: decrease MHI channel buffer length to 8KB (bsc#1207948). * wifi: ath11k: initialize rx_mcs_80 and rx_mcs_160 before use (git-fixes). * wifi: ath9k: delay all of ath9k_wmi_event_tasklet() until init is complete (git-fixes). * wifi: b43: Disable QoS for bcm4331 (git-fixes). * wifi: b43: Stop correct queue in DMA worker when QoS is disabled (git- fixes). * wifi: b43: Stop/wake correct queue in DMA Tx path when QoS is disabled (git- fixes). * wifi: b43: Stop/wake correct queue in PIO Tx path when QoS is disabled (git- fixes). * wifi: brcmfmac: fix copyright year mentioned in platform_data header (git- fixes). * wifi: brcmsmac: avoid function pointer casts (git-fixes). * wifi: iwlwifi: dbg-tlv: ensure NUL termination (git-fixes). * wifi: iwlwifi: fix EWRD table validity check (git-fixes). * wifi: iwlwifi: fw: do not always use FW dump trig (git-fixes). * wifi: iwlwifi: mvm: do not set replay counters to 0xff (git-fixes). * wifi: iwlwifi: mvm: report beacon protection failures (git-fixes). * wifi: iwlwifi: mvm: rfi: fix potential response leaks (git-fixes). * wifi: iwlwifi: mvm: use FW rate for non-data only on new devices (git- fixes). * wifi: libertas: fix some memleaks in lbs_allocate_cmd_buffer() (git-fixes). * wifi: mwifiex: debugfs: Drop unnecessary error check for debugfs_create_dir() (git-fixes). * wifi: rtl8xxxu: add cancel_work_sync() for c2hcmd_work (git-fixes). * wifi: rtw88: 8821c: Fix false alarm count (git-fixes). * wifi: wilc1000: fix RCU usage in connect path (git-fixes). * wifi: wilc1000: fix declarations ordering (stable-fixes). * wifi: wilc1000: fix multi-vif management when deleting a vif (git-fixes). * wifi: wilc1000: prevent use-after-free on vif when cleaning up all interfaces (git-fixes). * x86/CPU/AMD: Update the Zenbleed microcode revisions (git-fixes). * x86/bugs: Fix the SRSO mitigation on Zen3/4 (git-fixes). * x86/fpu: Keep xfd_state in sync with MSR_IA32_XFD (git-fixes). * xhci: handle isoc Babble and Buffer Overrun events properly (git-fixes). * xhci: process isoc TD properly when there was a transaction error mid TD (git-fixes). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-1322=1 openSUSE-SLE-15.5-2024-1322=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-1322=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-1322=1 * SUSE Real Time Module 15-SP5 zypper in -t patch SUSE-SLE-Module-RT-15-SP5-2024-1322=1 ## Package List: * openSUSE Leap 15.5 (noarch) * kernel-devel-rt-5.14.21-150500.13.43.1 * kernel-source-rt-5.14.21-150500.13.43.1 * openSUSE Leap 15.5 (x86_64) * kernel-rt-vdso-5.14.21-150500.13.43.1 * gfs2-kmp-rt-5.14.21-150500.13.43.1 * kernel-rt_debug-devel-5.14.21-150500.13.43.1 * cluster-md-kmp-rt-5.14.21-150500.13.43.1 * kernel-livepatch-5_14_21-150500_13_43-rt-1-150500.11.5.1 * kernel-rt_debug-vdso-debuginfo-5.14.21-150500.13.43.1 * kernel-rt-debuginfo-5.14.21-150500.13.43.1 * kselftests-kmp-rt-5.14.21-150500.13.43.1 * ocfs2-kmp-rt-5.14.21-150500.13.43.1 * kernel-rt-devel-debuginfo-5.14.21-150500.13.43.1 * kernel-rt-livepatch-5.14.21-150500.13.43.1 * kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo-1-150500.11.5.1 * kernel-rt-extra-debuginfo-5.14.21-150500.13.43.1 * dlm-kmp-rt-debuginfo-5.14.21-150500.13.43.1 * reiserfs-kmp-rt-debuginfo-5.14.21-150500.13.43.1 * kernel-rt-extra-5.14.21-150500.13.43.1 * kernel-rt-optional-debuginfo-5.14.21-150500.13.43.1 * kernel-rt_debug-livepatch-devel-5.14.21-150500.13.43.1 * kernel-syms-rt-5.14.21-150500.13.43.1 * gfs2-kmp-rt-debuginfo-5.14.21-150500.13.43.1 * ocfs2-kmp-rt-debuginfo-5.14.21-150500.13.43.1 * kernel-rt_debug-debugsource-5.14.21-150500.13.43.1 * kernel-rt-debugsource-5.14.21-150500.13.43.1 * kernel-rt-vdso-debuginfo-5.14.21-150500.13.43.1 * dlm-kmp-rt-5.14.21-150500.13.43.1 * cluster-md-kmp-rt-debuginfo-5.14.21-150500.13.43.1 * kernel-rt_debug-debuginfo-5.14.21-150500.13.43.1 * kselftests-kmp-rt-debuginfo-5.14.21-150500.13.43.1 * kernel-rt-optional-5.14.21-150500.13.43.1 * kernel-rt-devel-5.14.21-150500.13.43.1 * kernel-rt_debug-devel-debuginfo-5.14.21-150500.13.43.1 * kernel-rt_debug-vdso-5.14.21-150500.13.43.1 * kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource-1-150500.11.5.1 * kernel-rt-livepatch-devel-5.14.21-150500.13.43.1 * reiserfs-kmp-rt-5.14.21-150500.13.43.1 * openSUSE Leap 15.5 (nosrc x86_64) * kernel-rt_debug-5.14.21-150500.13.43.1 * kernel-rt-5.14.21-150500.13.43.1 * SUSE Linux Enterprise Micro 5.5 (nosrc x86_64) * kernel-rt-5.14.21-150500.13.43.1 * SUSE Linux Enterprise Micro 5.5 (x86_64) * kernel-rt-debuginfo-5.14.21-150500.13.43.1 * kernel-rt-debugsource-5.14.21-150500.13.43.1 * SUSE Linux Enterprise Micro 5.5 (noarch) * kernel-source-rt-5.14.21-150500.13.43.1 * SUSE Linux Enterprise Live Patching 15-SP5 (x86_64) * kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource-1-150500.11.5.1 * kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo-1-150500.11.5.1 * kernel-livepatch-5_14_21-150500_13_43-rt-1-150500.11.5.1 * SUSE Real Time Module 15-SP5 (x86_64) * kernel-rt-vdso-5.14.21-150500.13.43.1 * gfs2-kmp-rt-5.14.21-150500.13.43.1 * kernel-rt_debug-devel-5.14.21-150500.13.43.1 * cluster-md-kmp-rt-5.14.21-150500.13.43.1 * kernel-rt_debug-vdso-debuginfo-5.14.21-150500.13.43.1 * kernel-rt-debuginfo-5.14.21-150500.13.43.1 * ocfs2-kmp-rt-5.14.21-150500.13.43.1 * kernel-rt-devel-debuginfo-5.14.21-150500.13.43.1 * dlm-kmp-rt-debuginfo-5.14.21-150500.13.43.1 * kernel-syms-rt-5.14.21-150500.13.43.1 * gfs2-kmp-rt-debuginfo-5.14.21-150500.13.43.1 * ocfs2-kmp-rt-debuginfo-5.14.21-150500.13.43.1 * kernel-rt_debug-debugsource-5.14.21-150500.13.43.1 * kernel-rt-debugsource-5.14.21-150500.13.43.1 * kernel-rt-vdso-debuginfo-5.14.21-150500.13.43.1 * dlm-kmp-rt-5.14.21-150500.13.43.1 * cluster-md-kmp-rt-debuginfo-5.14.21-150500.13.43.1 * kernel-rt_debug-debuginfo-5.14.21-150500.13.43.1 * kernel-rt-devel-5.14.21-150500.13.43.1 * kernel-rt_debug-devel-debuginfo-5.14.21-150500.13.43.1 * kernel-rt_debug-vdso-5.14.21-150500.13.43.1 * SUSE Real Time Module 15-SP5 (noarch) * kernel-devel-rt-5.14.21-150500.13.43.1 * kernel-source-rt-5.14.21-150500.13.43.1 * SUSE Real Time Module 15-SP5 (nosrc x86_64) * kernel-rt_debug-5.14.21-150500.13.43.1 * kernel-rt-5.14.21-150500.13.43.1 ## References: * https://www.suse.com/security/cve/CVE-2021-46925.html * https://www.suse.com/security/cve/CVE-2021-46926.html * https://www.suse.com/security/cve/CVE-2021-46927.html * https://www.suse.com/security/cve/CVE-2021-46929.html * https://www.suse.com/security/cve/CVE-2021-46930.html * https://www.suse.com/security/cve/CVE-2021-46931.html * https://www.suse.com/security/cve/CVE-2021-46933.html * https://www.suse.com/security/cve/CVE-2021-46934.html * https://www.suse.com/security/cve/CVE-2021-46936.html * https://www.suse.com/security/cve/CVE-2021-47082.html * https://www.suse.com/security/cve/CVE-2021-47083.html * https://www.suse.com/security/cve/CVE-2021-47087.html * https://www.suse.com/security/cve/CVE-2021-47091.html * https://www.suse.com/security/cve/CVE-2021-47093.html * https://www.suse.com/security/cve/CVE-2021-47094.html * https://www.suse.com/security/cve/CVE-2021-47095.html * https://www.suse.com/security/cve/CVE-2021-47096.html * https://www.suse.com/security/cve/CVE-2021-47097.html * https://www.suse.com/security/cve/CVE-2021-47098.html * https://www.suse.com/security/cve/CVE-2021-47099.html * https://www.suse.com/security/cve/CVE-2021-47100.html * https://www.suse.com/security/cve/CVE-2021-47101.html * https://www.suse.com/security/cve/CVE-2021-47102.html * https://www.suse.com/security/cve/CVE-2021-47104.html * https://www.suse.com/security/cve/CVE-2021-47105.html * https://www.suse.com/security/cve/CVE-2021-47107.html * https://www.suse.com/security/cve/CVE-2021-47108.html * https://www.suse.com/security/cve/CVE-2022-4744.html * https://www.suse.com/security/cve/CVE-2022-48626.html * https://www.suse.com/security/cve/CVE-2022-48627.html * https://www.suse.com/security/cve/CVE-2022-48628.html * https://www.suse.com/security/cve/CVE-2022-48629.html * https://www.suse.com/security/cve/CVE-2022-48630.html * https://www.suse.com/security/cve/CVE-2023-0160.html * https://www.suse.com/security/cve/CVE-2023-28746.html * https://www.suse.com/security/cve/CVE-2023-35827.html * https://www.suse.com/security/cve/CVE-2023-4881.html * https://www.suse.com/security/cve/CVE-2023-52447.html * https://www.suse.com/security/cve/CVE-2023-52450.html * https://www.suse.com/security/cve/CVE-2023-52453.html * https://www.suse.com/security/cve/CVE-2023-52454.html * https://www.suse.com/security/cve/CVE-2023-52462.html * https://www.suse.com/security/cve/CVE-2023-52463.html * https://www.suse.com/security/cve/CVE-2023-52467.html * https://www.suse.com/security/cve/CVE-2023-52469.html * https://www.suse.com/security/cve/CVE-2023-52470.html * https://www.suse.com/security/cve/CVE-2023-52474.html * https://www.suse.com/security/cve/CVE-2023-52476.html * https://www.suse.com/security/cve/CVE-2023-52477.html * https://www.suse.com/security/cve/CVE-2023-52481.html * https://www.suse.com/security/cve/CVE-2023-52482.html * https://www.suse.com/security/cve/CVE-2023-52484.html * https://www.suse.com/security/cve/CVE-2023-52486.html * https://www.suse.com/security/cve/CVE-2023-52492.html * https://www.suse.com/security/cve/CVE-2023-52493.html * https://www.suse.com/security/cve/CVE-2023-52494.html * https://www.suse.com/security/cve/CVE-2023-52497.html * https://www.suse.com/security/cve/CVE-2023-52500.html * https://www.suse.com/security/cve/CVE-2023-52501.html * https://www.suse.com/security/cve/CVE-2023-52502.html * https://www.suse.com/security/cve/CVE-2023-52504.html * https://www.suse.com/security/cve/CVE-2023-52507.html * https://www.suse.com/security/cve/CVE-2023-52508.html * https://www.suse.com/security/cve/CVE-2023-52509.html * https://www.suse.com/security/cve/CVE-2023-52510.html * https://www.suse.com/security/cve/CVE-2023-52511.html * https://www.suse.com/security/cve/CVE-2023-52513.html * https://www.suse.com/security/cve/CVE-2023-52515.html * https://www.suse.com/security/cve/CVE-2023-52517.html * https://www.suse.com/security/cve/CVE-2023-52518.html * https://www.suse.com/security/cve/CVE-2023-52519.html * https://www.suse.com/security/cve/CVE-2023-52520.html * https://www.suse.com/security/cve/CVE-2023-52523.html * https://www.suse.com/security/cve/CVE-2023-52524.html * https://www.suse.com/security/cve/CVE-2023-52525.html * https://www.suse.com/security/cve/CVE-2023-52528.html * https://www.suse.com/security/cve/CVE-2023-52529.html * https://www.suse.com/security/cve/CVE-2023-52530.html * https://www.suse.com/security/cve/CVE-2023-52531.html * https://www.suse.com/security/cve/CVE-2023-52532.html * https://www.suse.com/security/cve/CVE-2023-52559.html * https://www.suse.com/security/cve/CVE-2023-52563.html * https://www.suse.com/security/cve/CVE-2023-52564.html * https://www.suse.com/security/cve/CVE-2023-52566.html * https://www.suse.com/security/cve/CVE-2023-52567.html * https://www.suse.com/security/cve/CVE-2023-52569.html * https://www.suse.com/security/cve/CVE-2023-52574.html * https://www.suse.com/security/cve/CVE-2023-52575.html * https://www.suse.com/security/cve/CVE-2023-52576.html * https://www.suse.com/security/cve/CVE-2023-52582.html * https://www.suse.com/security/cve/CVE-2023-52583.html * https://www.suse.com/security/cve/CVE-2023-52587.html * https://www.suse.com/security/cve/CVE-2023-52591.html * https://www.suse.com/security/cve/CVE-2023-52594.html * https://www.suse.com/security/cve/CVE-2023-52595.html * https://www.suse.com/security/cve/CVE-2023-52597.html * https://www.suse.com/security/cve/CVE-2023-52598.html * https://www.suse.com/security/cve/CVE-2023-52599.html * https://www.suse.com/security/cve/CVE-2023-52600.html * https://www.suse.com/security/cve/CVE-2023-52601.html * https://www.suse.com/security/cve/CVE-2023-52602.html * https://www.suse.com/security/cve/CVE-2023-52603.html * https://www.suse.com/security/cve/CVE-2023-52604.html * https://www.suse.com/security/cve/CVE-2023-52605.html * https://www.suse.com/security/cve/CVE-2023-52606.html * https://www.suse.com/security/cve/CVE-2023-52607.html * https://www.suse.com/security/cve/CVE-2023-52608.html * https://www.suse.com/security/cve/CVE-2023-52612.html * https://www.suse.com/security/cve/CVE-2023-52615.html * https://www.suse.com/security/cve/CVE-2023-52617.html * https://www.suse.com/security/cve/CVE-2023-52619.html * https://www.suse.com/security/cve/CVE-2023-52621.html * https://www.suse.com/security/cve/CVE-2023-52623.html * https://www.suse.com/security/cve/CVE-2023-52628.html * https://www.suse.com/security/cve/CVE-2023-52632.html * https://www.suse.com/security/cve/CVE-2023-52637.html * https://www.suse.com/security/cve/CVE-2023-52639.html * https://www.suse.com/security/cve/CVE-2023-6270.html * https://www.suse.com/security/cve/CVE-2023-6356.html * https://www.suse.com/security/cve/CVE-2023-6535.html * https://www.suse.com/security/cve/CVE-2023-6536.html * https://www.suse.com/security/cve/CVE-2023-7042.html * https://www.suse.com/security/cve/CVE-2023-7192.html * https://www.suse.com/security/cve/CVE-2024-0841.html * https://www.suse.com/security/cve/CVE-2024-2201.html * https://www.suse.com/security/cve/CVE-2024-22099.html * https://www.suse.com/security/cve/CVE-2024-23307.html * https://www.suse.com/security/cve/CVE-2024-25739.html * https://www.suse.com/security/cve/CVE-2024-25742.html * https://www.suse.com/security/cve/CVE-2024-26599.html * https://www.suse.com/security/cve/CVE-2024-26600.html * https://www.suse.com/security/cve/CVE-2024-26602.html * https://www.suse.com/security/cve/CVE-2024-26607.html * https://www.suse.com/security/cve/CVE-2024-26612.html * https://www.suse.com/security/cve/CVE-2024-26614.html * https://www.suse.com/security/cve/CVE-2024-26620.html * https://www.suse.com/security/cve/CVE-2024-26627.html * https://www.suse.com/security/cve/CVE-2024-26629.html * https://www.suse.com/security/cve/CVE-2024-26642.html * https://www.suse.com/security/cve/CVE-2024-26645.html * https://www.suse.com/security/cve/CVE-2024-26646.html * https://www.suse.com/security/cve/CVE-2024-26651.html * https://www.suse.com/security/cve/CVE-2024-26654.html * https://www.suse.com/security/cve/CVE-2024-26659.html * https://www.suse.com/security/cve/CVE-2024-26664.html * https://www.suse.com/security/cve/CVE-2024-26667.html * https://www.suse.com/security/cve/CVE-2024-26670.html * https://www.suse.com/security/cve/CVE-2024-26695.html * https://www.suse.com/security/cve/CVE-2024-26717.html * https://bugzilla.suse.com/show_bug.cgi?id=1194869 * https://bugzilla.suse.com/show_bug.cgi?id=1200465 * https://bugzilla.suse.com/show_bug.cgi?id=1205316 * https://bugzilla.suse.com/show_bug.cgi?id=1207948 * https://bugzilla.suse.com/show_bug.cgi?id=1209635 * https://bugzilla.suse.com/show_bug.cgi?id=1209657 * https://bugzilla.suse.com/show_bug.cgi?id=1212514 * https://bugzilla.suse.com/show_bug.cgi?id=1213456 * https://bugzilla.suse.com/show_bug.cgi?id=1214852 * https://bugzilla.suse.com/show_bug.cgi?id=1215221 * https://bugzilla.suse.com/show_bug.cgi?id=1215322 * https://bugzilla.suse.com/show_bug.cgi?id=1217339 * https://bugzilla.suse.com/show_bug.cgi?id=1217959 * https://bugzilla.suse.com/show_bug.cgi?id=1217987 * https://bugzilla.suse.com/show_bug.cgi?id=1217988 * https://bugzilla.suse.com/show_bug.cgi?id=1217989 * https://bugzilla.suse.com/show_bug.cgi?id=1218321 * https://bugzilla.suse.com/show_bug.cgi?id=1218336 * https://bugzilla.suse.com/show_bug.cgi?id=1218479 * https://bugzilla.suse.com/show_bug.cgi?id=1218562 * https://bugzilla.suse.com/show_bug.cgi?id=1218643 * https://bugzilla.suse.com/show_bug.cgi?id=1218777 * https://bugzilla.suse.com/show_bug.cgi?id=1219169 * https://bugzilla.suse.com/show_bug.cgi?id=1219170 * https://bugzilla.suse.com/show_bug.cgi?id=1219264 * https://bugzilla.suse.com/show_bug.cgi?id=1219834 * https://bugzilla.suse.com/show_bug.cgi?id=1220114 * https://bugzilla.suse.com/show_bug.cgi?id=1220176 * https://bugzilla.suse.com/show_bug.cgi?id=1220237 * https://bugzilla.suse.com/show_bug.cgi?id=1220251 * https://bugzilla.suse.com/show_bug.cgi?id=1220320 * https://bugzilla.suse.com/show_bug.cgi?id=1220325 * https://bugzilla.suse.com/show_bug.cgi?id=1220328 * https://bugzilla.suse.com/show_bug.cgi?id=1220337 * https://bugzilla.suse.com/show_bug.cgi?id=1220340 * https://bugzilla.suse.com/show_bug.cgi?id=1220365 * https://bugzilla.suse.com/show_bug.cgi?id=1220366 * https://bugzilla.suse.com/show_bug.cgi?id=1220398 * https://bugzilla.suse.com/show_bug.cgi?id=1220411 * https://bugzilla.suse.com/show_bug.cgi?id=1220413 * https://bugzilla.suse.com/show_bug.cgi?id=1220433 * https://bugzilla.suse.com/show_bug.cgi?id=1220439 * https://bugzilla.suse.com/show_bug.cgi?id=1220443 * https://bugzilla.suse.com/show_bug.cgi?id=1220445 * https://bugzilla.suse.com/show_bug.cgi?id=1220466 * https://bugzilla.suse.com/show_bug.cgi?id=1220469 * https://bugzilla.suse.com/show_bug.cgi?id=1220478 * https://bugzilla.suse.com/show_bug.cgi?id=1220482 * https://bugzilla.suse.com/show_bug.cgi?id=1220484 * https://bugzilla.suse.com/show_bug.cgi?id=1220486 * https://bugzilla.suse.com/show_bug.cgi?id=1220487 * https://bugzilla.suse.com/show_bug.cgi?id=1220492 * https://bugzilla.suse.com/show_bug.cgi?id=1220703 * https://bugzilla.suse.com/show_bug.cgi?id=1220735 * https://bugzilla.suse.com/show_bug.cgi?id=1220736 * https://bugzilla.suse.com/show_bug.cgi?id=1220775 * https://bugzilla.suse.com/show_bug.cgi?id=1220790 * https://bugzilla.suse.com/show_bug.cgi?id=1220797 * https://bugzilla.suse.com/show_bug.cgi?id=1220831 * https://bugzilla.suse.com/show_bug.cgi?id=1220833 * https://bugzilla.suse.com/show_bug.cgi?id=1220836 * https://bugzilla.suse.com/show_bug.cgi?id=1220839 * https://bugzilla.suse.com/show_bug.cgi?id=1220840 * https://bugzilla.suse.com/show_bug.cgi?id=1220843 * https://bugzilla.suse.com/show_bug.cgi?id=1220845 * https://bugzilla.suse.com/show_bug.cgi?id=1220848 * https://bugzilla.suse.com/show_bug.cgi?id=1220870 * https://bugzilla.suse.com/show_bug.cgi?id=1220871 * https://bugzilla.suse.com/show_bug.cgi?id=1220872 * https://bugzilla.suse.com/show_bug.cgi?id=1220878 * https://bugzilla.suse.com/show_bug.cgi?id=1220879 * https://bugzilla.suse.com/show_bug.cgi?id=1220883 * https://bugzilla.suse.com/show_bug.cgi?id=1220885 * https://bugzilla.suse.com/show_bug.cgi?id=1220887 * https://bugzilla.suse.com/show_bug.cgi?id=1220898 * https://bugzilla.suse.com/show_bug.cgi?id=1220917 * https://bugzilla.suse.com/show_bug.cgi?id=1220918 * https://bugzilla.suse.com/show_bug.cgi?id=1220920 * https://bugzilla.suse.com/show_bug.cgi?id=1220921 * https://bugzilla.suse.com/show_bug.cgi?id=1220926 * https://bugzilla.suse.com/show_bug.cgi?id=1220927 * https://bugzilla.suse.com/show_bug.cgi?id=1220929 * https://bugzilla.suse.com/show_bug.cgi?id=1220930 * https://bugzilla.suse.com/show_bug.cgi?id=1220931 * https://bugzilla.suse.com/show_bug.cgi?id=1220932 * https://bugzilla.suse.com/show_bug.cgi?id=1220933 * https://bugzilla.suse.com/show_bug.cgi?id=1220937 * https://bugzilla.suse.com/show_bug.cgi?id=1220938 * https://bugzilla.suse.com/show_bug.cgi?id=1220940 * https://bugzilla.suse.com/show_bug.cgi?id=1220954 * https://bugzilla.suse.com/show_bug.cgi?id=1220955 * https://bugzilla.suse.com/show_bug.cgi?id=1220959 * https://bugzilla.suse.com/show_bug.cgi?id=1220960 * https://bugzilla.suse.com/show_bug.cgi?id=1220961 * https://bugzilla.suse.com/show_bug.cgi?id=1220965 * https://bugzilla.suse.com/show_bug.cgi?id=1220969 * https://bugzilla.suse.com/show_bug.cgi?id=1220978 * https://bugzilla.suse.com/show_bug.cgi?id=1220979 * https://bugzilla.suse.com/show_bug.cgi?id=1220981 * https://bugzilla.suse.com/show_bug.cgi?id=1220982 * https://bugzilla.suse.com/show_bug.cgi?id=1220983 * https://bugzilla.suse.com/show_bug.cgi?id=1220985 * https://bugzilla.suse.com/show_bug.cgi?id=1220986 * https://bugzilla.suse.com/show_bug.cgi?id=1220987 * https://bugzilla.suse.com/show_bug.cgi?id=1220989 * https://bugzilla.suse.com/show_bug.cgi?id=1220990 * https://bugzilla.suse.com/show_bug.cgi?id=1221009 * https://bugzilla.suse.com/show_bug.cgi?id=1221012 * https://bugzilla.suse.com/show_bug.cgi?id=1221015 * https://bugzilla.suse.com/show_bug.cgi?id=1221022 * https://bugzilla.suse.com/show_bug.cgi?id=1221039 * https://bugzilla.suse.com/show_bug.cgi?id=1221040 * https://bugzilla.suse.com/show_bug.cgi?id=1221044 * https://bugzilla.suse.com/show_bug.cgi?id=1221045 * https://bugzilla.suse.com/show_bug.cgi?id=1221046 * https://bugzilla.suse.com/show_bug.cgi?id=1221048 * https://bugzilla.suse.com/show_bug.cgi?id=1221055 * https://bugzilla.suse.com/show_bug.cgi?id=1221056 * https://bugzilla.suse.com/show_bug.cgi?id=1221058 * https://bugzilla.suse.com/show_bug.cgi?id=1221060 * https://bugzilla.suse.com/show_bug.cgi?id=1221061 * https://bugzilla.suse.com/show_bug.cgi?id=1221062 * https://bugzilla.suse.com/show_bug.cgi?id=1221066 * https://bugzilla.suse.com/show_bug.cgi?id=1221067 * https://bugzilla.suse.com/show_bug.cgi?id=1221068 * https://bugzilla.suse.com/show_bug.cgi?id=1221069 * https://bugzilla.suse.com/show_bug.cgi?id=1221070 * https://bugzilla.suse.com/show_bug.cgi?id=1221071 * https://bugzilla.suse.com/show_bug.cgi?id=1221077 * https://bugzilla.suse.com/show_bug.cgi?id=1221082 * https://bugzilla.suse.com/show_bug.cgi?id=1221090 * https://bugzilla.suse.com/show_bug.cgi?id=1221097 * https://bugzilla.suse.com/show_bug.cgi?id=1221156 * https://bugzilla.suse.com/show_bug.cgi?id=1221252 * https://bugzilla.suse.com/show_bug.cgi?id=1221273 * https://bugzilla.suse.com/show_bug.cgi?id=1221274 * https://bugzilla.suse.com/show_bug.cgi?id=1221276 * https://bugzilla.suse.com/show_bug.cgi?id=1221277 * https://bugzilla.suse.com/show_bug.cgi?id=1221291 * https://bugzilla.suse.com/show_bug.cgi?id=1221293 * https://bugzilla.suse.com/show_bug.cgi?id=1221298 * https://bugzilla.suse.com/show_bug.cgi?id=1221337 * https://bugzilla.suse.com/show_bug.cgi?id=1221338 * https://bugzilla.suse.com/show_bug.cgi?id=1221375 * https://bugzilla.suse.com/show_bug.cgi?id=1221379 * https://bugzilla.suse.com/show_bug.cgi?id=1221551 * https://bugzilla.suse.com/show_bug.cgi?id=1221553 * https://bugzilla.suse.com/show_bug.cgi?id=1221613 * https://bugzilla.suse.com/show_bug.cgi?id=1221614 * https://bugzilla.suse.com/show_bug.cgi?id=1221616 * https://bugzilla.suse.com/show_bug.cgi?id=1221618 * https://bugzilla.suse.com/show_bug.cgi?id=1221631 * https://bugzilla.suse.com/show_bug.cgi?id=1221633 * https://bugzilla.suse.com/show_bug.cgi?id=1221713 * https://bugzilla.suse.com/show_bug.cgi?id=1221725 * https://bugzilla.suse.com/show_bug.cgi?id=1221777 * https://bugzilla.suse.com/show_bug.cgi?id=1221814 * https://bugzilla.suse.com/show_bug.cgi?id=1221816 * https://bugzilla.suse.com/show_bug.cgi?id=1221830 * https://bugzilla.suse.com/show_bug.cgi?id=1221951 * https://bugzilla.suse.com/show_bug.cgi?id=1222033 * https://bugzilla.suse.com/show_bug.cgi?id=1222056 * https://bugzilla.suse.com/show_bug.cgi?id=1222060 * https://bugzilla.suse.com/show_bug.cgi?id=1222070 * https://bugzilla.suse.com/show_bug.cgi?id=1222073 * https://bugzilla.suse.com/show_bug.cgi?id=1222117 * https://bugzilla.suse.com/show_bug.cgi?id=1222274 * https://bugzilla.suse.com/show_bug.cgi?id=1222291 * https://bugzilla.suse.com/show_bug.cgi?id=1222300 * https://bugzilla.suse.com/show_bug.cgi?id=1222304 * https://bugzilla.suse.com/show_bug.cgi?id=1222317 * https://bugzilla.suse.com/show_bug.cgi?id=1222331 * https://bugzilla.suse.com/show_bug.cgi?id=1222355 * https://bugzilla.suse.com/show_bug.cgi?id=1222356 * https://bugzilla.suse.com/show_bug.cgi?id=1222360 * https://bugzilla.suse.com/show_bug.cgi?id=1222366 * https://bugzilla.suse.com/show_bug.cgi?id=1222373 * https://bugzilla.suse.com/show_bug.cgi?id=1222619 * https://jira.suse.com/browse/PED-5759 * https://jira.suse.com/browse/PED-7167 * https://jira.suse.com/browse/PED-7618 * https://jira.suse.com/browse/PED-7619 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Apr 17 08:30:58 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 17 Apr 2024 08:30:58 -0000 Subject: SUSE-SU-2024:1321-1: important: Security update for the Linux Kernel Message-ID: <171334265826.12976.6421055298439347835@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2024:1321-1 Rating: important References: * bsc#1200599 * bsc#1209635 * bsc#1212514 * bsc#1213456 * bsc#1217987 * bsc#1217988 * bsc#1217989 * bsc#1220237 * bsc#1220251 * bsc#1220320 * bsc#1220340 * bsc#1220366 * bsc#1220411 * bsc#1220413 * bsc#1220439 * bsc#1220443 * bsc#1220445 * bsc#1220466 * bsc#1220478 * bsc#1220482 * bsc#1220484 * bsc#1220486 * bsc#1220487 * bsc#1220790 * bsc#1220831 * bsc#1220833 * bsc#1220836 * bsc#1220839 * bsc#1220840 * bsc#1220843 * bsc#1220870 * bsc#1220871 * bsc#1220872 * bsc#1220878 * bsc#1220879 * bsc#1220885 * bsc#1220898 * bsc#1220918 * bsc#1220920 * bsc#1220921 * bsc#1220926 * bsc#1220927 * bsc#1220929 * bsc#1220932 * bsc#1220938 * bsc#1220940 * bsc#1220954 * bsc#1220955 * bsc#1220959 * bsc#1220960 * bsc#1220961 * bsc#1220965 * bsc#1220969 * bsc#1220978 * bsc#1220979 * bsc#1220981 * bsc#1220982 * bsc#1220983 * bsc#1220985 * bsc#1220986 * bsc#1220987 * bsc#1220989 * bsc#1220990 * bsc#1221009 * bsc#1221012 * bsc#1221015 * bsc#1221022 * bsc#1221039 * bsc#1221040 * bsc#1221048 * bsc#1221055 * bsc#1221058 * bsc#1221077 * bsc#1221276 * bsc#1221551 * bsc#1221553 * bsc#1221725 * bsc#1222073 * bsc#1222619 * jsc#PED-5759 Cross-References: * CVE-2021-46925 * CVE-2021-46926 * CVE-2021-46927 * CVE-2021-46929 * CVE-2021-46930 * CVE-2021-46931 * CVE-2021-46933 * CVE-2021-46936 * CVE-2021-47082 * CVE-2021-47087 * CVE-2021-47091 * CVE-2021-47093 * CVE-2021-47094 * CVE-2021-47095 * CVE-2021-47096 * CVE-2021-47097 * CVE-2021-47098 * CVE-2021-47099 * CVE-2021-47100 * CVE-2021-47101 * CVE-2021-47102 * CVE-2021-47104 * CVE-2021-47105 * CVE-2021-47107 * CVE-2021-47108 * CVE-2022-20154 * CVE-2022-4744 * CVE-2022-48626 * CVE-2022-48629 * CVE-2022-48630 * CVE-2023-28746 * CVE-2023-35827 * CVE-2023-52447 * CVE-2023-52450 * CVE-2023-52454 * CVE-2023-52469 * CVE-2023-52470 * CVE-2023-52474 * CVE-2023-52477 * CVE-2023-52492 * CVE-2023-52497 * CVE-2023-52501 * CVE-2023-52502 * CVE-2023-52504 * CVE-2023-52507 * CVE-2023-52508 * CVE-2023-52509 * CVE-2023-52510 * CVE-2023-52511 * CVE-2023-52513 * CVE-2023-52515 * CVE-2023-52517 * CVE-2023-52519 * CVE-2023-52520 * CVE-2023-52523 * CVE-2023-52524 * CVE-2023-52525 * CVE-2023-52528 * CVE-2023-52529 * CVE-2023-52532 * CVE-2023-52564 * CVE-2023-52566 * CVE-2023-52567 * CVE-2023-52569 * CVE-2023-52574 * CVE-2023-52575 * CVE-2023-52576 * CVE-2023-52582 * CVE-2023-52583 * CVE-2023-52597 * CVE-2023-52605 * CVE-2023-52621 * CVE-2023-6356 * CVE-2023-6535 * CVE-2023-6536 * CVE-2024-25742 * CVE-2024-26600 CVSS scores: * CVE-2021-46925 ( SUSE ): 5.3 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46925 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46926 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46927 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46927 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46929 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2021-46929 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46930 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2021-46930 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46931 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46931 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46933 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2021-46933 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46936 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46936 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47082 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47087 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2021-47093 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H * CVE-2021-47094 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2021-47095 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47096 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2021-47097 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2021-47099 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47100 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47101 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2021-47102 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47104 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2021-47105 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2021-47107 ( SUSE ): 6.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2021-47108 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-20154 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-20154 ( NVD ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2022-4744 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-4744 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48626 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2022-48629 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2022-48630 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-28746 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2023-35827 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52447 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52447 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52450 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52450 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52454 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52469 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2023-52470 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52474 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N * CVE-2023-52477 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52492 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52497 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2023-52501 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2023-52502 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52504 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52507 ( SUSE ): 5.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2023-52508 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52509 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52510 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52511 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52513 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52515 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52517 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52519 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52520 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52523 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52524 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52525 ( SUSE ): 3.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2023-52528 ( SUSE ): 3.5 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L * CVE-2023-52529 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52532 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52564 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52566 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52567 ( SUSE ): 2.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L * CVE-2023-52569 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52574 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52575 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52576 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52582 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52583 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52597 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:H * CVE-2023-52605 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52621 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6356 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6356 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6535 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6535 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6536 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6536 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-25742 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26600 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.4 * openSUSE Leap Micro 5.3 * openSUSE Leap Micro 5.4 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise High Availability Extension 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves 77 vulnerabilities, contains one feature and has two security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2024-25742: Fixed insufficient validation during #VC instruction emulation in x86/sev (bsc#1221725). * CVE-2023-52519: Fixed possible overflow in HID/intel-ish-hid/ipc (bsc#1220920). * CVE-2023-52529: Fixed a potential memory leak in sony_probe() (bsc#1220929). * CVE-2023-52474: Fixed a vulnerability with non-PAGE_SIZE-end multi-iovec user SDMA requests (bsc#1220445). * CVE-2023-52513: Fixed connection failure handling in RDMA/siw (bsc#1221022). * CVE-2023-52515: Fixed possible use-after-free in RDMA/srp (bsc#1221048). * CVE-2023-52564: Reverted invalid fix for UAF in gsm_cleanup_mux() (bsc#1220938). * CVE-2023-52447: Fixed map_fd_put_ptr() signature kABI workaround (bsc#1220251). * CVE-2023-52510: Fixed a potential UAF in ca8210_probe() (bsc#1220898). * CVE-2023-52524: Fixed possible corruption in nfc/llcp (bsc#1220927). * CVE-2023-52528: Fixed uninit-value access in __smsc75xx_read_reg() (bsc#1220843). * CVE-2023-52507: Fixed possible shift-out-of-bounds in nfc/nci (bsc#1220833). * CVE-2023-52566: Fixed potential use after free in nilfs_gccache_submit_read_data() (bsc#1220940). * CVE-2023-52508: Fixed null pointer dereference in nvme_fc_io_getuuid() (bsc#1221015). * CVE-2023-6535: Fixed a NULL pointer dereference in nvmet_tcp_execute_request (bsc#1217988). * CVE-2023-6536: Fixed a NULL pointer dereference in __nvmet_req_complete (bsc#1217989). * CVE-2023-6356: Fixed a NULL pointer dereference in nvmet_tcp_build_pdu_iovec (bsc#1217987). * CVE-2023-52454: Fixed a kernel panic when host sends an invalid H2C PDU length (bsc#1220320). * CVE-2023-52520: Fixed reference leak in platform/x86/think-lmi (bsc#1220921). * CVE-2023-35827: Fixed a use-after-free issue in ravb_tx_timeout_work() (bsc#1212514). * CVE-2023-52509: Fixed a use-after-free issue in ravb_tx_timeout_work() (bsc#1220836). * CVE-2023-52501: Fixed possible memory corruption in ring-buffer (bsc#1220885). * CVE-2023-52567: Fixed possible Oops in serial/8250_port: when using IRQ polling (irq = 0) (bsc#1220839). * CVE-2023-52517: Fixed race between DMA RX transfer completion and RX FIFO drain in spi/sun6i (bsc#1221055). * CVE-2023-52511: Fixed possible memory corruption in spi/sun6i (bsc#1221012). * CVE-2023-52525: Fixed out of bounds check mwifiex_process_rx_packet() (bsc#1220840). * CVE-2023-52504: Fixed possible out-of bounds in apply_alternatives() on a 5-level paging machine (bsc#1221553). * CVE-2023-52575: Fixed SBPB enablement for spec_rstack_overflow=off (bsc#1220871). * CVE-2022-48626: Fixed a potential use-after-free on remove path moxart (bsc#1220366). * CVE-2022-48629: Fixed possible memory leak in qcom-rng (bsc#1220989). * CVE-2022-48630: Fixed infinite loop on requests not multiple of WORD_SZ in crypto: qcom-rng (bsc#1220990). * CVE-2021-46926: Fixed bug when detecting controllers in ALSA/hda/intel-sdw- acpi (bsc#1220478). * CVE-2021-47096: Fixed uninitalized user_pversion in ALSA rawmidi (bsc#1220981). * CVE-2021-47104: Fixed memory leak in qib_user_sdma_queue_pkts() (bsc#1220960). * CVE-2021-47097: Fixed stack out of bound access in elantech_change_report_id() (bsc#1220982). * CVE-2021-47094: Fixed possible memory leak in KVM x86/mmu (bsc#1221551). * CVE-2021-47107: Fixed READDIR buffer overflow in NFSD (bsc#1220965). * CVE-2021-47101: Fixed uninit-value in asix_mdio_read() (bsc#1220987). * CVE-2021-47108: Fixed possible NULL pointer dereference for mtk_hdmi_conf in drm/mediatek (bsc#1220986). * CVE-2021-47098: Fixed integer overflow/underflow in hysteresis calculations hwmon: (lm90) (bsc#1220983). * CVE-2021-47100: Fixed UAF when uninstall in ipmi (bsc#1220985). * CVE-2021-47095: Fixed missing initialization in ipmi/ssif (bsc#1220979). * CVE-2021-47091: Fixed locking in ieee80211_start_ap()) error path (bsc#1220959). * CVE-2021-46936: Fixed use-after-free in tw_timer_handler() (bsc#1220439). * CVE-2021-47102: Fixed incorrect structure access In line: upper = info->upper_dev in net/marvell/prestera (bsc#1221009). * CVE-2021-46925: Fixed kernel panic caused by race of smc_sock (bsc#1220466). * CVE-2021-46927: Fixed assertion bug in nitro_enclaves: Use get_user_pages_unlocked() (bsc#1220443). * CVE-2021-47093: Fixed memleak on registration failure in intel_pmc_core (bsc#1220978). * CVE-2022-20154: Fixed a use after free due to a race condition in lock_sock_nested of sock.c. This could lead to local escalation of privilege with System execution privileges needed (bsc#1200599). * CVE-2021-46929: Fixed use-after-free issue in sctp_sock_dump() (bsc#1220482). * CVE-2021-47087: Fixed incorrect page free bug in tee/optee (bsc#1220954). * CVE-2022-4744: Fixed double-free that could lead to DoS or privilege escalation in TUN/TAP device driver functionality (bsc#1209635). * CVE-2021-47082: Fixed ouble free in tun_free_netdev() (bsc#1220969). * CVE-2021-46933: Fixed possible underflow in ffs_data_clear() (bsc#1220487). * CVE-2021-46930: Fixed usb/mtu3 list_head check warning (bsc#1220484). * CVE-2021-47099: Fixed BUG_ON assertion in veth when skb entering GRO are cloned (bsc#1220955). * CVE-2023-52492: Fixed a null-pointer-dereference in channel unregistration function __dma_async_device_channel_register() (bsc#1221276). * CVE-2023-52450: Fixed NULL pointer dereference issue in upi_fill_topology() (bsc#1220237). * CVE-2023-28746: Fixed Register File Data Sampling (bsc#1213456). * CVE-2023-52583: Fixed deadlock or deadcode of misusing dget() inside ceph (bsc#1221058). * CVE-2023-52582: Fixed possible oops in netfs (bsc#1220878). * CVE-2023-52477: Fixed USB Hub accesses to uninitialized BOS descriptors (bsc#1220790). * CVE-2023-52470: Fixed null-ptr-deref in radeon_crtc_init() (bsc#1220413). * CVE-2023-52469: Fixed a use-after-free in kv_parse_power_table (bsc#1220411). * CVE-2023-52576: Fixed potential use after free in memblock_isolate_range() (bsc#1220872). * CVE-2024-26600: Fixed NULL pointer dereference for SRP in phy-omap-usb2 (bsc#1220340). * CVE-2023-52497: Fixed data corruption in erofs (bsc#1220879). * CVE-2023-52605: Fixed a NULL pointer dereference check (bsc#1221039) * CVE-2023-52569: Fixed a bug in btrfs by remoning BUG() after failure to insert delayed dir index item (bsc#1220918). * CVE-2023-52502: Fixed a race condition in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() (bsc#1220831). * CVE-2023-52574: Fixed a bug by hiding new member header_ops (bsc#1220870). * CVE-2023-52597: Fixed a setting of fpc register in KVM (bsc#1221040). * CVE-2023-52523: Fixed wrong redirects to non-TCP sockets in bpf (bsc#1220926). * CVE-2021-47105: Fixed potential memory leak in ice/xsk (bsc#1220961). * CVE-2023-52532: Fixed a bug in TX CQE error handling (bsc#1220932). * CVE-2021-46931: Fixed wrong type casting in mlx5e_tx_reporter_dump_sq() (bsc#1220486). The following non-security bugs were fixed: * doc/README.SUSE: Update information about module support status (jsc#PED-5759) * tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc (bsc#1222619). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-1321=1 * openSUSE Leap Micro 5.3 zypper in -t patch openSUSE-Leap-Micro-5.3-2024-1321=1 * openSUSE Leap Micro 5.4 zypper in -t patch openSUSE-Leap-Micro-5.4-2024-1321=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-1321=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-1321=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-1321=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-1321=1 * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2024-1321=1 Please note that this is the initial kernel livepatch without fixes itself, this package is later updated by separate standalone kernel livepatch updates. * SUSE Linux Enterprise High Availability Extension 15 SP4 zypper in -t patch SUSE-SLE-Product-HA-15-SP4-2024-1321=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-1321=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-1321=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-1321=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-1321=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-1321=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-1321=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-1321=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-1321=1 ## Package List: * openSUSE Leap 15.4 (noarch nosrc) * kernel-docs-5.14.21-150400.24.116.1 * openSUSE Leap 15.4 (noarch) * kernel-devel-5.14.21-150400.24.116.1 * kernel-source-vanilla-5.14.21-150400.24.116.1 * kernel-source-5.14.21-150400.24.116.1 * kernel-docs-html-5.14.21-150400.24.116.1 * kernel-macros-5.14.21-150400.24.116.1 * openSUSE Leap 15.4 (nosrc ppc64le x86_64) * kernel-debug-5.14.21-150400.24.116.1 * openSUSE Leap 15.4 (ppc64le x86_64) * kernel-debug-debuginfo-5.14.21-150400.24.116.1 * kernel-debug-devel-5.14.21-150400.24.116.1 * kernel-debug-devel-debuginfo-5.14.21-150400.24.116.1 * kernel-debug-debugsource-5.14.21-150400.24.116.1 * kernel-debug-livepatch-devel-5.14.21-150400.24.116.1 * openSUSE Leap 15.4 (aarch64 ppc64le x86_64) * kernel-kvmsmall-devel-debuginfo-5.14.21-150400.24.116.1 * kernel-kvmsmall-debugsource-5.14.21-150400.24.116.1 * kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.116.1 * kernel-kvmsmall-devel-5.14.21-150400.24.116.1 * kernel-default-base-rebuild-5.14.21-150400.24.116.1.150400.24.54.5 * kernel-kvmsmall-debuginfo-5.14.21-150400.24.116.1 * kernel-default-base-5.14.21-150400.24.116.1.150400.24.54.5 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64) * gfs2-kmp-default-5.14.21-150400.24.116.1 * dlm-kmp-default-debuginfo-5.14.21-150400.24.116.1 * kernel-default-livepatch-devel-5.14.21-150400.24.116.1 * kernel-obs-build-5.14.21-150400.24.116.1 * kernel-obs-qa-5.14.21-150400.24.116.1 * kernel-default-devel-5.14.21-150400.24.116.1 * reiserfs-kmp-default-debuginfo-5.14.21-150400.24.116.1 * kernel-syms-5.14.21-150400.24.116.1 * kernel-default-extra-debuginfo-5.14.21-150400.24.116.1 * kernel-default-optional-debuginfo-5.14.21-150400.24.116.1 * kernel-default-debugsource-5.14.21-150400.24.116.1 * kernel-default-livepatch-5.14.21-150400.24.116.1 * ocfs2-kmp-default-debuginfo-5.14.21-150400.24.116.1 * cluster-md-kmp-default-debuginfo-5.14.21-150400.24.116.1 * kernel-default-optional-5.14.21-150400.24.116.1 * kernel-obs-build-debugsource-5.14.21-150400.24.116.1 * kernel-default-extra-5.14.21-150400.24.116.1 * kselftests-kmp-default-debuginfo-5.14.21-150400.24.116.1 * kernel-default-devel-debuginfo-5.14.21-150400.24.116.1 * reiserfs-kmp-default-5.14.21-150400.24.116.1 * kernel-default-debuginfo-5.14.21-150400.24.116.1 * ocfs2-kmp-default-5.14.21-150400.24.116.1 * dlm-kmp-default-5.14.21-150400.24.116.1 * cluster-md-kmp-default-5.14.21-150400.24.116.1 * gfs2-kmp-default-debuginfo-5.14.21-150400.24.116.1 * kselftests-kmp-default-5.14.21-150400.24.116.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-5.14.21-150400.24.116.1 * openSUSE Leap 15.4 (aarch64 nosrc ppc64le x86_64) * kernel-kvmsmall-5.14.21-150400.24.116.1 * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP4_Update_25-debugsource-1-150400.9.5.1 * kernel-livepatch-5_14_21-150400_24_116-default-debuginfo-1-150400.9.5.1 * kernel-livepatch-5_14_21-150400_24_116-default-1-150400.9.5.1 * openSUSE Leap 15.4 (nosrc s390x) * kernel-zfcpdump-5.14.21-150400.24.116.1 * openSUSE Leap 15.4 (s390x) * kernel-zfcpdump-debuginfo-5.14.21-150400.24.116.1 * kernel-zfcpdump-debugsource-5.14.21-150400.24.116.1 * openSUSE Leap 15.4 (nosrc) * dtb-aarch64-5.14.21-150400.24.116.1 * openSUSE Leap 15.4 (aarch64) * gfs2-kmp-64kb-debuginfo-5.14.21-150400.24.116.1 * dtb-broadcom-5.14.21-150400.24.116.1 * dlm-kmp-64kb-5.14.21-150400.24.116.1 * dtb-exynos-5.14.21-150400.24.116.1 * cluster-md-kmp-64kb-debuginfo-5.14.21-150400.24.116.1 * reiserfs-kmp-64kb-5.14.21-150400.24.116.1 * kselftests-kmp-64kb-debuginfo-5.14.21-150400.24.116.1 * dtb-amd-5.14.21-150400.24.116.1 * kernel-64kb-extra-debuginfo-5.14.21-150400.24.116.1 * kernel-64kb-livepatch-devel-5.14.21-150400.24.116.1 * dtb-marvell-5.14.21-150400.24.116.1 * dtb-nvidia-5.14.21-150400.24.116.1 * dtb-xilinx-5.14.21-150400.24.116.1 * cluster-md-kmp-64kb-5.14.21-150400.24.116.1 * kernel-64kb-devel-debuginfo-5.14.21-150400.24.116.1 * dtb-renesas-5.14.21-150400.24.116.1 * dtb-apm-5.14.21-150400.24.116.1 * dtb-hisilicon-5.14.21-150400.24.116.1 * kernel-64kb-devel-5.14.21-150400.24.116.1 * dtb-altera-5.14.21-150400.24.116.1 * kernel-64kb-debugsource-5.14.21-150400.24.116.1 * reiserfs-kmp-64kb-debuginfo-5.14.21-150400.24.116.1 * dtb-cavium-5.14.21-150400.24.116.1 * dtb-socionext-5.14.21-150400.24.116.1 * dtb-freescale-5.14.21-150400.24.116.1 * dtb-apple-5.14.21-150400.24.116.1 * dtb-rockchip-5.14.21-150400.24.116.1 * dlm-kmp-64kb-debuginfo-5.14.21-150400.24.116.1 * kselftests-kmp-64kb-5.14.21-150400.24.116.1 * gfs2-kmp-64kb-5.14.21-150400.24.116.1 * ocfs2-kmp-64kb-5.14.21-150400.24.116.1 * ocfs2-kmp-64kb-debuginfo-5.14.21-150400.24.116.1 * dtb-amlogic-5.14.21-150400.24.116.1 * dtb-sprd-5.14.21-150400.24.116.1 * dtb-amazon-5.14.21-150400.24.116.1 * kernel-64kb-extra-5.14.21-150400.24.116.1 * dtb-mediatek-5.14.21-150400.24.116.1 * kernel-64kb-optional-5.14.21-150400.24.116.1 * dtb-arm-5.14.21-150400.24.116.1 * kernel-64kb-optional-debuginfo-5.14.21-150400.24.116.1 * kernel-64kb-debuginfo-5.14.21-150400.24.116.1 * dtb-allwinner-5.14.21-150400.24.116.1 * dtb-lg-5.14.21-150400.24.116.1 * dtb-qcom-5.14.21-150400.24.116.1 * openSUSE Leap 15.4 (aarch64 nosrc) * kernel-64kb-5.14.21-150400.24.116.1 * openSUSE Leap Micro 5.3 (aarch64 nosrc x86_64) * kernel-default-5.14.21-150400.24.116.1 * openSUSE Leap Micro 5.3 (aarch64 x86_64) * kernel-default-base-5.14.21-150400.24.116.1.150400.24.54.5 * kernel-default-debuginfo-5.14.21-150400.24.116.1 * kernel-default-debugsource-5.14.21-150400.24.116.1 * openSUSE Leap Micro 5.4 (aarch64 nosrc s390x x86_64) * kernel-default-5.14.21-150400.24.116.1 * openSUSE Leap Micro 5.4 (aarch64 x86_64) * kernel-default-base-5.14.21-150400.24.116.1.150400.24.54.5 * openSUSE Leap Micro 5.4 (aarch64 s390x x86_64) * kernel-default-debuginfo-5.14.21-150400.24.116.1 * kernel-default-debugsource-5.14.21-150400.24.116.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 nosrc s390x x86_64) * kernel-default-5.14.21-150400.24.116.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 x86_64) * kernel-default-base-5.14.21-150400.24.116.1.150400.24.54.5 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * kernel-default-debuginfo-5.14.21-150400.24.116.1 * kernel-default-debugsource-5.14.21-150400.24.116.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 nosrc s390x x86_64) * kernel-default-5.14.21-150400.24.116.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 x86_64) * kernel-default-base-5.14.21-150400.24.116.1.150400.24.54.5 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * kernel-default-debuginfo-5.14.21-150400.24.116.1 * kernel-default-debugsource-5.14.21-150400.24.116.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 nosrc s390x x86_64) * kernel-default-5.14.21-150400.24.116.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 x86_64) * kernel-default-base-5.14.21-150400.24.116.1.150400.24.54.5 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * kernel-default-debuginfo-5.14.21-150400.24.116.1 * kernel-default-debugsource-5.14.21-150400.24.116.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 nosrc s390x x86_64) * kernel-default-5.14.21-150400.24.116.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 x86_64) * kernel-default-base-5.14.21-150400.24.116.1.150400.24.54.5 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * kernel-default-debuginfo-5.14.21-150400.24.116.1 * kernel-default-debugsource-5.14.21-150400.24.116.1 * SUSE Linux Enterprise Live Patching 15-SP4 (nosrc) * kernel-default-5.14.21-150400.24.116.1 * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-default-livepatch-devel-5.14.21-150400.24.116.1 * kernel-default-debugsource-5.14.21-150400.24.116.1 * kernel-livepatch-SLE15-SP4_Update_25-debugsource-1-150400.9.5.1 * kernel-default-livepatch-5.14.21-150400.24.116.1 * kernel-livepatch-5_14_21-150400_24_116-default-debuginfo-1-150400.9.5.1 * kernel-livepatch-5_14_21-150400_24_116-default-1-150400.9.5.1 * kernel-default-debuginfo-5.14.21-150400.24.116.1 * SUSE Linux Enterprise High Availability Extension 15 SP4 (aarch64 ppc64le s390x x86_64) * gfs2-kmp-default-5.14.21-150400.24.116.1 * dlm-kmp-default-debuginfo-5.14.21-150400.24.116.1 * kernel-default-debugsource-5.14.21-150400.24.116.1 * dlm-kmp-default-5.14.21-150400.24.116.1 * ocfs2-kmp-default-debuginfo-5.14.21-150400.24.116.1 * cluster-md-kmp-default-5.14.21-150400.24.116.1 * gfs2-kmp-default-debuginfo-5.14.21-150400.24.116.1 * cluster-md-kmp-default-debuginfo-5.14.21-150400.24.116.1 * kernel-default-debuginfo-5.14.21-150400.24.116.1 * ocfs2-kmp-default-5.14.21-150400.24.116.1 * SUSE Linux Enterprise High Availability Extension 15 SP4 (nosrc) * kernel-default-5.14.21-150400.24.116.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 nosrc) * kernel-64kb-5.14.21-150400.24.116.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64) * kernel-64kb-devel-5.14.21-150400.24.116.1 * kernel-64kb-devel-debuginfo-5.14.21-150400.24.116.1 * kernel-64kb-debugsource-5.14.21-150400.24.116.1 * kernel-64kb-debuginfo-5.14.21-150400.24.116.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 nosrc x86_64) * kernel-default-5.14.21-150400.24.116.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * kernel-default-debugsource-5.14.21-150400.24.116.1 * kernel-obs-build-5.14.21-150400.24.116.1 * kernel-default-devel-5.14.21-150400.24.116.1 * reiserfs-kmp-default-debuginfo-5.14.21-150400.24.116.1 * kernel-default-devel-debuginfo-5.14.21-150400.24.116.1 * kernel-syms-5.14.21-150400.24.116.1 * reiserfs-kmp-default-5.14.21-150400.24.116.1 * kernel-default-base-5.14.21-150400.24.116.1.150400.24.54.5 * kernel-default-debuginfo-5.14.21-150400.24.116.1 * kernel-obs-build-debugsource-5.14.21-150400.24.116.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * kernel-source-5.14.21-150400.24.116.1 * kernel-devel-5.14.21-150400.24.116.1 * kernel-macros-5.14.21-150400.24.116.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch nosrc) * kernel-docs-5.14.21-150400.24.116.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 nosrc) * kernel-64kb-5.14.21-150400.24.116.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64) * kernel-64kb-devel-5.14.21-150400.24.116.1 * kernel-64kb-devel-debuginfo-5.14.21-150400.24.116.1 * kernel-64kb-debugsource-5.14.21-150400.24.116.1 * kernel-64kb-debuginfo-5.14.21-150400.24.116.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 nosrc x86_64) * kernel-default-5.14.21-150400.24.116.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * kernel-default-debugsource-5.14.21-150400.24.116.1 * kernel-obs-build-5.14.21-150400.24.116.1 * kernel-default-devel-5.14.21-150400.24.116.1 * reiserfs-kmp-default-debuginfo-5.14.21-150400.24.116.1 * kernel-default-devel-debuginfo-5.14.21-150400.24.116.1 * kernel-syms-5.14.21-150400.24.116.1 * reiserfs-kmp-default-5.14.21-150400.24.116.1 * kernel-default-base-5.14.21-150400.24.116.1.150400.24.54.5 * kernel-default-debuginfo-5.14.21-150400.24.116.1 * kernel-obs-build-debugsource-5.14.21-150400.24.116.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * kernel-source-5.14.21-150400.24.116.1 * kernel-devel-5.14.21-150400.24.116.1 * kernel-macros-5.14.21-150400.24.116.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch nosrc) * kernel-docs-5.14.21-150400.24.116.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (nosrc x86_64) * kernel-default-5.14.21-150400.24.116.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * kernel-default-debugsource-5.14.21-150400.24.116.1 * kernel-obs-build-5.14.21-150400.24.116.1 * kernel-default-devel-5.14.21-150400.24.116.1 * kernel-default-extra-5.14.21-150400.24.116.1 * kernel-default-devel-debuginfo-5.14.21-150400.24.116.1 * kernel-syms-5.14.21-150400.24.116.1 * kernel-default-extra-debuginfo-5.14.21-150400.24.116.1 * kernel-default-base-5.14.21-150400.24.116.1.150400.24.54.5 * kernel-default-debuginfo-5.14.21-150400.24.116.1 * kernel-obs-build-debugsource-5.14.21-150400.24.116.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (noarch) * kernel-source-5.14.21-150400.24.116.1 * kernel-devel-5.14.21-150400.24.116.1 * kernel-macros-5.14.21-150400.24.116.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (noarch nosrc) * kernel-docs-5.14.21-150400.24.116.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 nosrc) * kernel-64kb-5.14.21-150400.24.116.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64) * kernel-64kb-devel-5.14.21-150400.24.116.1 * kernel-64kb-devel-debuginfo-5.14.21-150400.24.116.1 * kernel-64kb-debugsource-5.14.21-150400.24.116.1 * kernel-64kb-debuginfo-5.14.21-150400.24.116.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-5.14.21-150400.24.116.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le x86_64) * kernel-default-base-5.14.21-150400.24.116.1.150400.24.54.5 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * kernel-default-debugsource-5.14.21-150400.24.116.1 * kernel-obs-build-5.14.21-150400.24.116.1 * kernel-default-devel-5.14.21-150400.24.116.1 * reiserfs-kmp-default-debuginfo-5.14.21-150400.24.116.1 * kernel-default-devel-debuginfo-5.14.21-150400.24.116.1 * kernel-syms-5.14.21-150400.24.116.1 * reiserfs-kmp-default-5.14.21-150400.24.116.1 * kernel-default-debuginfo-5.14.21-150400.24.116.1 * kernel-obs-build-debugsource-5.14.21-150400.24.116.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch) * kernel-source-5.14.21-150400.24.116.1 * kernel-devel-5.14.21-150400.24.116.1 * kernel-macros-5.14.21-150400.24.116.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch nosrc) * kernel-docs-5.14.21-150400.24.116.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (nosrc s390x) * kernel-zfcpdump-5.14.21-150400.24.116.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (s390x) * kernel-zfcpdump-debuginfo-5.14.21-150400.24.116.1 * kernel-zfcpdump-debugsource-5.14.21-150400.24.116.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (nosrc ppc64le x86_64) * kernel-default-5.14.21-150400.24.116.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * kernel-default-debugsource-5.14.21-150400.24.116.1 * kernel-obs-build-5.14.21-150400.24.116.1 * kernel-default-devel-5.14.21-150400.24.116.1 * reiserfs-kmp-default-debuginfo-5.14.21-150400.24.116.1 * kernel-default-devel-debuginfo-5.14.21-150400.24.116.1 * kernel-syms-5.14.21-150400.24.116.1 * reiserfs-kmp-default-5.14.21-150400.24.116.1 * kernel-default-base-5.14.21-150400.24.116.1.150400.24.54.5 * kernel-default-debuginfo-5.14.21-150400.24.116.1 * kernel-obs-build-debugsource-5.14.21-150400.24.116.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * kernel-source-5.14.21-150400.24.116.1 * kernel-devel-5.14.21-150400.24.116.1 * kernel-macros-5.14.21-150400.24.116.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch nosrc) * kernel-docs-5.14.21-150400.24.116.1 * SUSE Manager Proxy 4.3 (nosrc x86_64) * kernel-default-5.14.21-150400.24.116.1 * SUSE Manager Proxy 4.3 (x86_64) * kernel-default-debugsource-5.14.21-150400.24.116.1 * kernel-default-devel-5.14.21-150400.24.116.1 * kernel-default-devel-debuginfo-5.14.21-150400.24.116.1 * kernel-syms-5.14.21-150400.24.116.1 * kernel-default-base-5.14.21-150400.24.116.1.150400.24.54.5 * kernel-default-debuginfo-5.14.21-150400.24.116.1 * SUSE Manager Proxy 4.3 (noarch) * kernel-source-5.14.21-150400.24.116.1 * kernel-devel-5.14.21-150400.24.116.1 * kernel-macros-5.14.21-150400.24.116.1 * SUSE Manager Retail Branch Server 4.3 (nosrc x86_64) * kernel-default-5.14.21-150400.24.116.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * kernel-default-debugsource-5.14.21-150400.24.116.1 * kernel-default-devel-5.14.21-150400.24.116.1 * kernel-default-devel-debuginfo-5.14.21-150400.24.116.1 * kernel-default-base-5.14.21-150400.24.116.1.150400.24.54.5 * kernel-default-debuginfo-5.14.21-150400.24.116.1 * SUSE Manager Retail Branch Server 4.3 (noarch) * kernel-devel-5.14.21-150400.24.116.1 * kernel-macros-5.14.21-150400.24.116.1 * SUSE Manager Server 4.3 (nosrc ppc64le s390x x86_64) * kernel-default-5.14.21-150400.24.116.1 * SUSE Manager Server 4.3 (ppc64le x86_64) * kernel-default-base-5.14.21-150400.24.116.1.150400.24.54.5 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * kernel-default-debugsource-5.14.21-150400.24.116.1 * kernel-default-devel-5.14.21-150400.24.116.1 * kernel-default-devel-debuginfo-5.14.21-150400.24.116.1 * kernel-syms-5.14.21-150400.24.116.1 * kernel-default-debuginfo-5.14.21-150400.24.116.1 * SUSE Manager Server 4.3 (noarch) * kernel-source-5.14.21-150400.24.116.1 * kernel-devel-5.14.21-150400.24.116.1 * kernel-macros-5.14.21-150400.24.116.1 * SUSE Manager Server 4.3 (nosrc s390x) * kernel-zfcpdump-5.14.21-150400.24.116.1 * SUSE Manager Server 4.3 (s390x) * kernel-zfcpdump-debuginfo-5.14.21-150400.24.116.1 * kernel-zfcpdump-debugsource-5.14.21-150400.24.116.1 ## References: * https://www.suse.com/security/cve/CVE-2021-46925.html * https://www.suse.com/security/cve/CVE-2021-46926.html * https://www.suse.com/security/cve/CVE-2021-46927.html * https://www.suse.com/security/cve/CVE-2021-46929.html * https://www.suse.com/security/cve/CVE-2021-46930.html * https://www.suse.com/security/cve/CVE-2021-46931.html * https://www.suse.com/security/cve/CVE-2021-46933.html * https://www.suse.com/security/cve/CVE-2021-46936.html * https://www.suse.com/security/cve/CVE-2021-47082.html * https://www.suse.com/security/cve/CVE-2021-47087.html * https://www.suse.com/security/cve/CVE-2021-47091.html * https://www.suse.com/security/cve/CVE-2021-47093.html * https://www.suse.com/security/cve/CVE-2021-47094.html * https://www.suse.com/security/cve/CVE-2021-47095.html * https://www.suse.com/security/cve/CVE-2021-47096.html * https://www.suse.com/security/cve/CVE-2021-47097.html * https://www.suse.com/security/cve/CVE-2021-47098.html * https://www.suse.com/security/cve/CVE-2021-47099.html * https://www.suse.com/security/cve/CVE-2021-47100.html * https://www.suse.com/security/cve/CVE-2021-47101.html * https://www.suse.com/security/cve/CVE-2021-47102.html * https://www.suse.com/security/cve/CVE-2021-47104.html * https://www.suse.com/security/cve/CVE-2021-47105.html * https://www.suse.com/security/cve/CVE-2021-47107.html * https://www.suse.com/security/cve/CVE-2021-47108.html * https://www.suse.com/security/cve/CVE-2022-20154.html * https://www.suse.com/security/cve/CVE-2022-4744.html * https://www.suse.com/security/cve/CVE-2022-48626.html * https://www.suse.com/security/cve/CVE-2022-48629.html * https://www.suse.com/security/cve/CVE-2022-48630.html * https://www.suse.com/security/cve/CVE-2023-28746.html * https://www.suse.com/security/cve/CVE-2023-35827.html * https://www.suse.com/security/cve/CVE-2023-52447.html * https://www.suse.com/security/cve/CVE-2023-52450.html * https://www.suse.com/security/cve/CVE-2023-52454.html * https://www.suse.com/security/cve/CVE-2023-52469.html * https://www.suse.com/security/cve/CVE-2023-52470.html * https://www.suse.com/security/cve/CVE-2023-52474.html * https://www.suse.com/security/cve/CVE-2023-52477.html * https://www.suse.com/security/cve/CVE-2023-52492.html * https://www.suse.com/security/cve/CVE-2023-52497.html * https://www.suse.com/security/cve/CVE-2023-52501.html * https://www.suse.com/security/cve/CVE-2023-52502.html * https://www.suse.com/security/cve/CVE-2023-52504.html * https://www.suse.com/security/cve/CVE-2023-52507.html * https://www.suse.com/security/cve/CVE-2023-52508.html * https://www.suse.com/security/cve/CVE-2023-52509.html * https://www.suse.com/security/cve/CVE-2023-52510.html * https://www.suse.com/security/cve/CVE-2023-52511.html * https://www.suse.com/security/cve/CVE-2023-52513.html * https://www.suse.com/security/cve/CVE-2023-52515.html * https://www.suse.com/security/cve/CVE-2023-52517.html * https://www.suse.com/security/cve/CVE-2023-52519.html * https://www.suse.com/security/cve/CVE-2023-52520.html * https://www.suse.com/security/cve/CVE-2023-52523.html * https://www.suse.com/security/cve/CVE-2023-52524.html * https://www.suse.com/security/cve/CVE-2023-52525.html * https://www.suse.com/security/cve/CVE-2023-52528.html * https://www.suse.com/security/cve/CVE-2023-52529.html * https://www.suse.com/security/cve/CVE-2023-52532.html * https://www.suse.com/security/cve/CVE-2023-52564.html * https://www.suse.com/security/cve/CVE-2023-52566.html * https://www.suse.com/security/cve/CVE-2023-52567.html * https://www.suse.com/security/cve/CVE-2023-52569.html * https://www.suse.com/security/cve/CVE-2023-52574.html * https://www.suse.com/security/cve/CVE-2023-52575.html * https://www.suse.com/security/cve/CVE-2023-52576.html * https://www.suse.com/security/cve/CVE-2023-52582.html * https://www.suse.com/security/cve/CVE-2023-52583.html * https://www.suse.com/security/cve/CVE-2023-52597.html * https://www.suse.com/security/cve/CVE-2023-52605.html * https://www.suse.com/security/cve/CVE-2023-52621.html * https://www.suse.com/security/cve/CVE-2023-6356.html * https://www.suse.com/security/cve/CVE-2023-6535.html * https://www.suse.com/security/cve/CVE-2023-6536.html * https://www.suse.com/security/cve/CVE-2024-25742.html * https://www.suse.com/security/cve/CVE-2024-26600.html * https://bugzilla.suse.com/show_bug.cgi?id=1200599 * https://bugzilla.suse.com/show_bug.cgi?id=1209635 * https://bugzilla.suse.com/show_bug.cgi?id=1212514 * https://bugzilla.suse.com/show_bug.cgi?id=1213456 * https://bugzilla.suse.com/show_bug.cgi?id=1217987 * https://bugzilla.suse.com/show_bug.cgi?id=1217988 * https://bugzilla.suse.com/show_bug.cgi?id=1217989 * https://bugzilla.suse.com/show_bug.cgi?id=1220237 * https://bugzilla.suse.com/show_bug.cgi?id=1220251 * https://bugzilla.suse.com/show_bug.cgi?id=1220320 * https://bugzilla.suse.com/show_bug.cgi?id=1220340 * https://bugzilla.suse.com/show_bug.cgi?id=1220366 * https://bugzilla.suse.com/show_bug.cgi?id=1220411 * https://bugzilla.suse.com/show_bug.cgi?id=1220413 * https://bugzilla.suse.com/show_bug.cgi?id=1220439 * https://bugzilla.suse.com/show_bug.cgi?id=1220443 * https://bugzilla.suse.com/show_bug.cgi?id=1220445 * https://bugzilla.suse.com/show_bug.cgi?id=1220466 * https://bugzilla.suse.com/show_bug.cgi?id=1220478 * https://bugzilla.suse.com/show_bug.cgi?id=1220482 * https://bugzilla.suse.com/show_bug.cgi?id=1220484 * https://bugzilla.suse.com/show_bug.cgi?id=1220486 * https://bugzilla.suse.com/show_bug.cgi?id=1220487 * https://bugzilla.suse.com/show_bug.cgi?id=1220790 * https://bugzilla.suse.com/show_bug.cgi?id=1220831 * https://bugzilla.suse.com/show_bug.cgi?id=1220833 * https://bugzilla.suse.com/show_bug.cgi?id=1220836 * https://bugzilla.suse.com/show_bug.cgi?id=1220839 * https://bugzilla.suse.com/show_bug.cgi?id=1220840 * https://bugzilla.suse.com/show_bug.cgi?id=1220843 * https://bugzilla.suse.com/show_bug.cgi?id=1220870 * https://bugzilla.suse.com/show_bug.cgi?id=1220871 * https://bugzilla.suse.com/show_bug.cgi?id=1220872 * https://bugzilla.suse.com/show_bug.cgi?id=1220878 * https://bugzilla.suse.com/show_bug.cgi?id=1220879 * https://bugzilla.suse.com/show_bug.cgi?id=1220885 * https://bugzilla.suse.com/show_bug.cgi?id=1220898 * https://bugzilla.suse.com/show_bug.cgi?id=1220918 * https://bugzilla.suse.com/show_bug.cgi?id=1220920 * https://bugzilla.suse.com/show_bug.cgi?id=1220921 * https://bugzilla.suse.com/show_bug.cgi?id=1220926 * https://bugzilla.suse.com/show_bug.cgi?id=1220927 * https://bugzilla.suse.com/show_bug.cgi?id=1220929 * https://bugzilla.suse.com/show_bug.cgi?id=1220932 * https://bugzilla.suse.com/show_bug.cgi?id=1220938 * https://bugzilla.suse.com/show_bug.cgi?id=1220940 * https://bugzilla.suse.com/show_bug.cgi?id=1220954 * https://bugzilla.suse.com/show_bug.cgi?id=1220955 * https://bugzilla.suse.com/show_bug.cgi?id=1220959 * https://bugzilla.suse.com/show_bug.cgi?id=1220960 * https://bugzilla.suse.com/show_bug.cgi?id=1220961 * https://bugzilla.suse.com/show_bug.cgi?id=1220965 * https://bugzilla.suse.com/show_bug.cgi?id=1220969 * https://bugzilla.suse.com/show_bug.cgi?id=1220978 * https://bugzilla.suse.com/show_bug.cgi?id=1220979 * https://bugzilla.suse.com/show_bug.cgi?id=1220981 * https://bugzilla.suse.com/show_bug.cgi?id=1220982 * https://bugzilla.suse.com/show_bug.cgi?id=1220983 * https://bugzilla.suse.com/show_bug.cgi?id=1220985 * https://bugzilla.suse.com/show_bug.cgi?id=1220986 * https://bugzilla.suse.com/show_bug.cgi?id=1220987 * https://bugzilla.suse.com/show_bug.cgi?id=1220989 * https://bugzilla.suse.com/show_bug.cgi?id=1220990 * https://bugzilla.suse.com/show_bug.cgi?id=1221009 * https://bugzilla.suse.com/show_bug.cgi?id=1221012 * https://bugzilla.suse.com/show_bug.cgi?id=1221015 * https://bugzilla.suse.com/show_bug.cgi?id=1221022 * https://bugzilla.suse.com/show_bug.cgi?id=1221039 * https://bugzilla.suse.com/show_bug.cgi?id=1221040 * https://bugzilla.suse.com/show_bug.cgi?id=1221048 * https://bugzilla.suse.com/show_bug.cgi?id=1221055 * https://bugzilla.suse.com/show_bug.cgi?id=1221058 * https://bugzilla.suse.com/show_bug.cgi?id=1221077 * https://bugzilla.suse.com/show_bug.cgi?id=1221276 * https://bugzilla.suse.com/show_bug.cgi?id=1221551 * https://bugzilla.suse.com/show_bug.cgi?id=1221553 * https://bugzilla.suse.com/show_bug.cgi?id=1221725 * https://bugzilla.suse.com/show_bug.cgi?id=1222073 * https://bugzilla.suse.com/show_bug.cgi?id=1222619 * https://jira.suse.com/browse/PED-5759 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Apr 18 12:30:33 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 18 Apr 2024 12:30:33 -0000 Subject: SUSE-SU-2024:1332-1: important: Security update for the Linux Kernel Message-ID: <171344343391.5187.811900687155331806@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2024:1332-1 Rating: important References: * bsc#1194869 * bsc#1200465 * bsc#1205316 * bsc#1207948 * bsc#1209635 * bsc#1209657 * bsc#1212514 * bsc#1213456 * bsc#1214852 * bsc#1215221 * bsc#1215322 * bsc#1217339 * bsc#1217959 * bsc#1217987 * bsc#1217988 * bsc#1217989 * bsc#1218321 * bsc#1218336 * bsc#1218479 * bsc#1218643 * bsc#1218777 * bsc#1219169 * bsc#1219170 * bsc#1219264 * bsc#1219834 * bsc#1220114 * bsc#1220176 * bsc#1220237 * bsc#1220251 * bsc#1220320 * bsc#1220337 * bsc#1220340 * bsc#1220365 * bsc#1220366 * bsc#1220398 * bsc#1220411 * bsc#1220413 * bsc#1220439 * bsc#1220443 * bsc#1220445 * bsc#1220466 * bsc#1220478 * bsc#1220482 * bsc#1220484 * bsc#1220486 * bsc#1220487 * bsc#1220492 * bsc#1220703 * bsc#1220775 * bsc#1220790 * bsc#1220797 * bsc#1220831 * bsc#1220833 * bsc#1220836 * bsc#1220839 * bsc#1220840 * bsc#1220843 * bsc#1220870 * bsc#1220871 * bsc#1220872 * bsc#1220878 * bsc#1220879 * bsc#1220883 * bsc#1220885 * bsc#1220887 * bsc#1220898 * bsc#1220918 * bsc#1220920 * bsc#1220921 * bsc#1220926 * bsc#1220927 * bsc#1220929 * bsc#1220932 * bsc#1220937 * bsc#1220938 * bsc#1220940 * bsc#1220954 * bsc#1220955 * bsc#1220959 * bsc#1220960 * bsc#1220961 * bsc#1220965 * bsc#1220969 * bsc#1220978 * bsc#1220979 * bsc#1220981 * bsc#1220982 * bsc#1220983 * bsc#1220985 * bsc#1220986 * bsc#1220987 * bsc#1220989 * bsc#1220990 * bsc#1221009 * bsc#1221012 * bsc#1221015 * bsc#1221022 * bsc#1221039 * bsc#1221040 * bsc#1221044 * bsc#1221045 * bsc#1221046 * bsc#1221048 * bsc#1221055 * bsc#1221056 * bsc#1221058 * bsc#1221060 * bsc#1221061 * bsc#1221062 * bsc#1221066 * bsc#1221067 * bsc#1221068 * bsc#1221069 * bsc#1221070 * bsc#1221071 * bsc#1221077 * bsc#1221082 * bsc#1221090 * bsc#1221097 * bsc#1221156 * bsc#1221252 * bsc#1221273 * bsc#1221274 * bsc#1221276 * bsc#1221277 * bsc#1221291 * bsc#1221293 * bsc#1221298 * bsc#1221337 * bsc#1221338 * bsc#1221375 * bsc#1221379 * bsc#1221551 * bsc#1221553 * bsc#1221613 * bsc#1221614 * bsc#1221616 * bsc#1221618 * bsc#1221631 * bsc#1221633 * bsc#1221713 * bsc#1221777 * bsc#1221814 * bsc#1221816 * bsc#1221830 * bsc#1221951 * bsc#1222033 * bsc#1222056 * bsc#1222060 * bsc#1222070 * bsc#1222073 * bsc#1222117 * bsc#1222274 * bsc#1222291 * bsc#1222300 * bsc#1222304 * bsc#1222317 * bsc#1222331 * bsc#1222355 * bsc#1222356 * bsc#1222360 * bsc#1222366 * bsc#1222373 * bsc#1222619 * jsc#PED-5759 * jsc#PED-7167 * jsc#PED-7619 Cross-References: * CVE-2021-46925 * CVE-2021-46926 * CVE-2021-46927 * CVE-2021-46929 * CVE-2021-46930 * CVE-2021-46931 * CVE-2021-46933 * CVE-2021-46936 * CVE-2021-47082 * CVE-2021-47087 * CVE-2021-47091 * CVE-2021-47093 * CVE-2021-47094 * CVE-2021-47095 * CVE-2021-47096 * CVE-2021-47097 * CVE-2021-47098 * CVE-2021-47099 * CVE-2021-47100 * CVE-2021-47101 * CVE-2021-47102 * CVE-2021-47104 * CVE-2021-47105 * CVE-2021-47107 * CVE-2021-47108 * CVE-2022-4744 * CVE-2022-48626 * CVE-2022-48629 * CVE-2022-48630 * CVE-2023-0160 * CVE-2023-28746 * CVE-2023-35827 * CVE-2023-4881 * CVE-2023-52447 * CVE-2023-52450 * CVE-2023-52453 * CVE-2023-52454 * CVE-2023-52469 * CVE-2023-52470 * CVE-2023-52474 * CVE-2023-52476 * CVE-2023-52477 * CVE-2023-52481 * CVE-2023-52484 * CVE-2023-52486 * CVE-2023-52492 * CVE-2023-52493 * CVE-2023-52494 * CVE-2023-52497 * CVE-2023-52500 * CVE-2023-52501 * CVE-2023-52502 * CVE-2023-52504 * CVE-2023-52507 * CVE-2023-52508 * CVE-2023-52509 * CVE-2023-52510 * CVE-2023-52511 * CVE-2023-52513 * CVE-2023-52515 * CVE-2023-52517 * CVE-2023-52518 * CVE-2023-52519 * CVE-2023-52520 * CVE-2023-52523 * CVE-2023-52524 * CVE-2023-52525 * CVE-2023-52528 * CVE-2023-52529 * CVE-2023-52532 * CVE-2023-52563 * CVE-2023-52564 * CVE-2023-52566 * CVE-2023-52567 * CVE-2023-52569 * CVE-2023-52574 * CVE-2023-52575 * CVE-2023-52576 * CVE-2023-52582 * CVE-2023-52583 * CVE-2023-52587 * CVE-2023-52591 * CVE-2023-52594 * CVE-2023-52595 * CVE-2023-52597 * CVE-2023-52598 * CVE-2023-52599 * CVE-2023-52600 * CVE-2023-52601 * CVE-2023-52602 * CVE-2023-52603 * CVE-2023-52604 * CVE-2023-52605 * CVE-2023-52606 * CVE-2023-52607 * CVE-2023-52608 * CVE-2023-52612 * CVE-2023-52615 * CVE-2023-52617 * CVE-2023-52619 * CVE-2023-52621 * CVE-2023-52623 * CVE-2023-52628 * CVE-2023-52632 * CVE-2023-52637 * CVE-2023-52639 * CVE-2023-6356 * CVE-2023-6535 * CVE-2023-6536 * CVE-2023-7042 * CVE-2023-7192 * CVE-2024-0841 * CVE-2024-2201 * CVE-2024-22099 * CVE-2024-23307 * CVE-2024-25739 * CVE-2024-26599 * CVE-2024-26600 * CVE-2024-26602 * CVE-2024-26612 * CVE-2024-26614 * CVE-2024-26620 * CVE-2024-26627 * CVE-2024-26629 * CVE-2024-26642 * CVE-2024-26645 * CVE-2024-26646 * CVE-2024-26651 * CVE-2024-26654 * CVE-2024-26659 * CVE-2024-26664 * CVE-2024-26667 * CVE-2024-26670 * CVE-2024-26695 * CVE-2024-26717 CVSS scores: * CVE-2021-46925 ( SUSE ): 5.3 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46925 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46926 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46927 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46927 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46929 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2021-46929 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46930 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2021-46930 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46931 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46931 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46933 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2021-46933 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46936 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46936 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47082 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47087 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2021-47093 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H * CVE-2021-47094 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2021-47095 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47096 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2021-47097 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2021-47099 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47100 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47101 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2021-47102 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47104 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2021-47105 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2021-47107 ( SUSE ): 6.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2021-47108 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-4744 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-4744 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48626 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2022-48626 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48629 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2022-48630 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-0160 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-0160 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-28746 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2023-35827 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-4881 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L * CVE-2023-4881 ( NVD ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2023-52447 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52447 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52450 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52450 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52454 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52469 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2023-52469 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52470 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52470 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52474 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N * CVE-2023-52474 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52476 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52477 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52484 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52486 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52492 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52493 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52494 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52497 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2023-52500 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2023-52501 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2023-52502 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52504 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52507 ( SUSE ): 5.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2023-52508 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52509 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52510 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52511 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52513 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52515 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52517 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52518 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52519 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52520 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52523 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52524 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52525 ( SUSE ): 3.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2023-52528 ( SUSE ): 3.5 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L * CVE-2023-52529 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52532 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52563 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52564 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52566 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52567 ( SUSE ): 2.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L * CVE-2023-52569 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52574 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52575 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52576 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52582 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52583 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52587 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52591 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2023-52594 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52595 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52597 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:H * CVE-2023-52598 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52603 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52605 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52606 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52607 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52608 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52612 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H * CVE-2023-52615 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52617 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52619 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52621 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52623 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52628 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52632 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52637 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52639 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6356 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6356 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6535 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6535 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6536 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6536 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-7042 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-7042 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-7192 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-7192 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0841 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0841 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-2201 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-22099 ( SUSE ): 5.3 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-22099 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-23307 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-25739 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-25739 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26599 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L * CVE-2024-26599 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26600 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26600 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26602 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-26602 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26612 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26614 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26627 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26629 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-26642 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26645 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26646 ( SUSE ): 4.9 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2024-26651 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26654 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26659 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26664 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26667 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26670 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26695 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26717 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.5 * Public Cloud Module 15-SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves 135 vulnerabilities, contains three features and has 29 security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP5 Azure kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2021-46925: Fixed kernel panic caused by race of smc_sock (bsc#1220466). * CVE-2021-46926: Fixed bug when detecting controllers in ALSA/hda/intel-sdw- acpi (bsc#1220478). * CVE-2021-46927: Fixed assertion bug in nitro_enclaves: Use get_user_pages_unlocked() (bsc#1220443). * CVE-2021-46929: Fixed use-after-free issue in sctp_sock_dump() (bsc#1220482). * CVE-2021-46930: Fixed usb/mtu3 list_head check warning (bsc#1220484). * CVE-2021-46931: Fixed wrong type casting in mlx5e_tx_reporter_dump_sq() (bsc#1220486). * CVE-2021-46933: Fixed possible underflow in ffs_data_clear() (bsc#1220487). * CVE-2021-46936: Fixed use-after-free in tw_timer_handler() (bsc#1220439). * CVE-2021-47082: Fixed ouble free in tun_free_netdev() (bsc#1220969). * CVE-2021-47087: Fixed incorrect page free bug in tee/optee (bsc#1220954). * CVE-2021-47091: Fixed locking in ieee80211_start_ap()) error path (bsc#1220959). * CVE-2021-47093: Fixed memleak on registration failure in intel_pmc_core (bsc#1220978). * CVE-2021-47094: Fixed possible memory leak in KVM x86/mmu (bsc#1221551). * CVE-2021-47095: Fixed missing initialization in ipmi/ssif (bsc#1220979). * CVE-2021-47096: Fixed uninitalized user_pversion in ALSA rawmidi (bsc#1220981). * CVE-2021-47097: Fixed stack out of bound access in elantech_change_report_id() (bsc#1220982). * CVE-2021-47098: Fixed integer overflow/underflow in hysteresis calculations hwmon: (lm90) (bsc#1220983). * CVE-2021-47099: Fixed BUG_ON assertion in veth when skb entering GRO are cloned (bsc#1220955). * CVE-2021-47100: Fixed UAF when uninstall in ipmi (bsc#1220985). * CVE-2021-47101: Fixed uninit-value in asix_mdio_read() (bsc#1220987). * CVE-2021-47102: Fixed incorrect structure access In line: upper = info->upper_dev in net/marvell/prestera (bsc#1221009). * CVE-2021-47104: Fixed memory leak in qib_user_sdma_queue_pkts() (bsc#1220960). * CVE-2021-47105: Fixed potential memory leak in ice/xsk (bsc#1220961). * CVE-2021-47107: Fixed READDIR buffer overflow in NFSD (bsc#1220965). * CVE-2021-47108: Fixed possible NULL pointer dereference for mtk_hdmi_conf in drm/mediatek (bsc#1220986). * CVE-2022-4744: Fixed double-free that could lead to DoS or privilege escalation in TUN/TAP device driver functionality (bsc#1209635). * CVE-2022-48626: Fixed a potential use-after-free on remove path moxart (bsc#1220366). * CVE-2022-48629: Fixed possible memory leak in qcom-rng (bsc#1220989). * CVE-2022-48630: Fixed infinite loop on requests not multiple of WORD_SZ in crypto: qcom-rng (bsc#1220990). * CVE-2023-0160: Fixed deadlock flaw in BPF that could allow a local user to potentially crash the system (bsc#1209657). * CVE-2023-28746: Fixed Register File Data Sampling (bsc#1213456). * CVE-2023-35827: Fixed a use-after-free issue in ravb_tx_timeout_work() (bsc#1212514). * CVE-2023-4881: Fixed a out-of-bounds write flaw in the netfilter subsystem that could lead to potential information disclosure or a denial of service (bsc#1215221). * CVE-2023-52447: Fixed map_fd_put_ptr() signature kABI workaround (bsc#1220251). * CVE-2023-52450: Fixed NULL pointer dereference issue in upi_fill_topology() (bsc#1220237). * CVE-2023-52453: Fixed data corruption in hisi_acc_vfio_pci (bsc#1220337). * CVE-2023-52454: Fixed a kernel panic when host sends an invalid H2C PDU length (bsc#1220320). * CVE-2023-52469: Fixed a use-after-free in kv_parse_power_table (bsc#1220411). * CVE-2023-52470: Fixed null-ptr-deref in radeon_crtc_init() (bsc#1220413). * CVE-2023-52474: Fixed a vulnerability with non-PAGE_SIZE-end multi-iovec user SDMA requests (bsc#1220445). * CVE-2023-52476: Fixed possible unhandled page fault via perf sampling NMI during vsyscall (bsc#1220703). * CVE-2023-52477: Fixed USB Hub accesses to uninitialized BOS descriptors (bsc#1220790). * CVE-2023-52481: Fixed speculative unprivileged load in Cortex-A520 (bsc#1220887). * CVE-2023-52484: Fixed a soft lockup triggered by arm_smmu_mm_invalidate_range (bsc#1220797). * CVE-2023-52486: Fixed possible use-after-free in drm (bsc#1221277). * CVE-2023-52492: Fixed a null-pointer-dereference in channel unregistration function __dma_async_device_channel_register() (bsc#1221276). * CVE-2023-52493: Fixed possible soft lockup in bus/mhi/host (bsc#1221274). * CVE-2023-52494: Fixed missing alignment check for event ring read pointer in bus/mhi/host (bsc#1221273). * CVE-2023-52497: Fixed data corruption in erofs (bsc#1220879). * CVE-2023-52500: Fixed information leaking when processing OPC_INB_SET_CONTROLLER_CONFIG command (bsc#1220883). * CVE-2023-52501: Fixed possible memory corruption in ring-buffer (bsc#1220885). * CVE-2023-52502: Fixed a race condition in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() (bsc#1220831). * CVE-2023-52504: Fixed possible out-of bounds in apply_alternatives() on a 5-level paging machine (bsc#1221553). * CVE-2023-52507: Fixed possible shift-out-of-bounds in nfc/nci (bsc#1220833). * CVE-2023-52508: Fixed null pointer dereference in nvme_fc_io_getuuid() (bsc#1221015). * CVE-2023-52509: Fixed a use-after-free issue in ravb_tx_timeout_work() (bsc#1220836). * CVE-2023-52510: Fixed a potential UAF in ca8210_probe() (bsc#1220898). * CVE-2023-52511: Fixed possible memory corruption in spi/sun6i (bsc#1221012). * CVE-2023-52513: Fixed connection failure handling in RDMA/siw (bsc#1221022). * CVE-2023-52515: Fixed possible use-after-free in RDMA/srp (bsc#1221048). * CVE-2023-52517: Fixed race between DMA RX transfer completion and RX FIFO drain in spi/sun6i (bsc#1221055). * CVE-2023-52518: Fixed information leak in bluetooth/hci_codec (bsc#1221056). * CVE-2023-52519: Fixed possible overflow in HID/intel-ish-hid/ipc (bsc#1220920). * CVE-2023-52520: Fixed reference leak in platform/x86/think-lmi (bsc#1220921). * CVE-2023-52523: Fixed wrong redirects to non-TCP sockets in bpf (bsc#1220926). * CVE-2023-52524: Fixed possible corruption in nfc/llcp (bsc#1220927). * CVE-2023-52525: Fixed out of bounds check mwifiex_process_rx_packet() (bsc#1220840). * CVE-2023-52528: Fixed uninit-value access in __smsc75xx_read_reg() (bsc#1220843). * CVE-2023-52529: Fixed a potential memory leak in sony_probe() (bsc#1220929). * CVE-2023-52532: Fixed a bug in TX CQE error handling (bsc#1220932). * CVE-2023-52563: Fixed memory leak on ->hpd_notify callback() in drm/meson (bsc#1220937). * CVE-2023-52564: Reverted invalid fix for UAF in gsm_cleanup_mux() (bsc#1220938). * CVE-2023-52566: Fixed potential use after free in nilfs_gccache_submit_read_data() (bsc#1220940). * CVE-2023-52567: Fixed possible Oops in serial/8250_port: when using IRQ polling (irq = 0) (bsc#1220839). * CVE-2023-52569: Fixed a bug in btrfs by remoning BUG() after failure to insert delayed dir index item (bsc#1220918). * CVE-2023-52574: Fixed a bug by hiding new member header_ops (bsc#1220870). * CVE-2023-52575: Fixed SBPB enablement for spec_rstack_overflow=off (bsc#1220871). * CVE-2023-52576: Fixed potential use after free in memblock_isolate_range() (bsc#1220872). * CVE-2023-52582: Fixed possible oops in netfs (bsc#1220878). * CVE-2023-52583: Fixed deadlock or deadcode of misusing dget() inside ceph (bsc#1221058). * CVE-2023-52587: Fixed mcast list locking in IB/ipoib (bsc#1221082). * CVE-2023-52591: Fixed a possible reiserfs filesystem corruption via directory renaming (bsc#1221044). * CVE-2023-52594: Fixed potential array-index-out-of-bounds read in ath9k_htc_txstatus() (bsc#1221045). * CVE-2023-52595: Fixed possible deadlock in wifi/rt2x00 (bsc#1221046). * CVE-2023-52597: Fixed a setting of fpc register in KVM (bsc#1221040). * CVE-2023-52598: Fixed wrong setting of fpc register in s390/ptrace (bsc#1221060). * CVE-2023-52599: Fixed array-index-out-of-bounds in diNewExt() in jfs (bsc#1221062). * CVE-2023-52600: Fixed uaf in jfs_evict_inode() (bsc#1221071). * CVE-2023-52601: Fixed array-index-out-of-bounds in dbAdjTree() in jfs (bsc#1221068). * CVE-2023-52602: Fixed slab-out-of-bounds Read in dtSearch() in jfs (bsc#1221070). * CVE-2023-52603: Fixed array-index-out-of-bounds in dtSplitRoot() (bsc#1221066). * CVE-2023-52604: Fixed array-index-out-of-bounds in dbAdjTree() (bsc#1221067). * CVE-2023-52605: Fixed a NULL pointer dereference check (bsc#1221039) * CVE-2023-52606: Fixed possible kernel stack corruption in powerpc/lib (bsc#1221069). * CVE-2023-52607: Fixed a null-pointer-dereference in pgtable_cache_add kasprintf() (bsc#1221061). * CVE-2023-52608: Fixed possible race condition in firmware/arm_scmi (bsc#1221375). * CVE-2023-52612: Fixed req->dst buffer overflow in crypto/scomp (bsc#1221616). * CVE-2023-52615: Fixed page fault dead lock on mmap-ed hwrng (bsc#1221614). * CVE-2023-52617: Fixed stdev_release() crash after surprise hot remove (bsc#1221613). * CVE-2023-52619: Fixed possible crash when setting number of cpus to an odd number in pstore/ram (bsc#1221618). * CVE-2023-52621: Fixed missing asserion in bpf (bsc#1222073). * CVE-2023-52623: Fixed suspicious RCU usage in SUNRPC (bsc#1222060). * CVE-2023-52628: Fixed 4-byte stack OOB write in nftables (bsc#1222117). * CVE-2023-52632: Fixed lock dependency warning with srcu in drm/amdkfd (bsc#1222274). * CVE-2023-52637: Fixed UAF in j1939_sk_match_filter() in can/k1939 (bsc#1222291). * CVE-2023-52639: Fixed race during shadow creation in KVM/s390/vsie Fixed (bsc#1222300). * CVE-2023-6356: Fixed a NULL pointer dereference in nvmet_tcp_build_pdu_iovec (bsc#1217987). * CVE-2023-6535: Fixed a NULL pointer dereference in nvmet_tcp_execute_request (bsc#1217988). * CVE-2023-6536: Fixed a NULL pointer dereference in __nvmet_req_complete (bsc#1217989). * CVE-2023-7042: Fixed a null-pointer-dereference in ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() (bsc#1218336). * CVE-2023-7192: Fixed a memory leak problem in ctnetlink_create_conntrack in net/netfilter/nf_conntrack_netlink.c (bsc#1218479). * CVE-2024-0841: Fixed null pointer dereference in hugetlbfs_fill_super() (bsc#1219264). * CVE-2024-2201: Fixed information leak in x86/BHI (bsc#1217339). * CVE-2024-22099: Fixed a null-pointer-dereference in rfcomm_check_security (bsc#1219170). * CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5 modules (bsc#1219169). * CVE-2024-25739: Fixed possible crash in create_empty_lvol() in drivers/mtd/ubi/vtbl.c (bsc#1219834). * CVE-2024-26599: Fixed out-of-bounds access in of_pwm_single_xlate() (bsc#1220365). * CVE-2024-26600: Fixed NULL pointer dereference for SRP in phy-omap-usb2 (bsc#1220340). * CVE-2024-26602: Fixed overall slowdowns with sys_membarrier (bsc1220398). * CVE-2024-26612: Fixed Oops in fscache_put_cache() This function dereferences (bsc#1221291). * CVE-2024-26614: Fixed the initialization of accept_queue's spinlocks (bsc#1221293). * CVE-2024-26620: Fixed possible device model violation in s390/vfio-ap (bsc#1221298). * CVE-2024-26627: Fixed possible hard lockup in scsi (bsc#1221090). * CVE-2024-26629: Fixed possible protocol violation via RELEASE_LOCKOWNER in nfsd (bsc#1221379). * CVE-2024-26642: Fixed the set of anonymous timeout flag in netfilter nf_tables (bsc#1221830). * CVE-2024-26645: Fixed missing visibility when inserting an element into tracing_map (bsc#1222056). * CVE-2024-26646: Fixed potential memory corruption when resuming from suspend or hibernation in thermal/intel/hfi (bsc#1222070). * CVE-2024-26651: Fixed possible oops via malicious devices in sr9800 (bsc#1221337). * CVE-2024-26654: Fixed use after free in ALSA/sh/aica (bsc#1222304). * CVE-2024-26659: Fixed wrong handling of isoc Babble and Buffer Overrun events in xhci (bsc#1222317). * CVE-2024-26664: Fixed out-of-bounds memory access in create_core_data() in hwmon coretemp (bsc#1222355). * CVE-2024-26667: Fixed null pointer reference in dpu_encoder_helper_phys_cleanup in drm/msm/dpu (bsc#1222331). * CVE-2024-26670: Fixed ARM64_WORKAROUND_SPECULATIVE_UNPRIV_LOAD workaround in kernel arm64 (bsc#1222356). * CVE-2024-26695: Fixed null pointer dereference in __sev_platform_shutdown_locked in crypto ccp (bsc#1222373). * CVE-2024-26717: Fixed null pointer dereference on failed power up in HID i2c-hid-of (bsc#1222360). The following non-security bugs were fixed: * Revert "PCI: tegra194: Enable support for 256 Byte payload" (git-fixes). * Revert "Revert "drm/amdgpu/display: change pipe policy for DCN 2.0"" (git- fixes). * Revert "SUNRPC dont update timeout value on connection reset" (git-fixes). * Revert "drm/amd: Disable PSR-SU on Parade 0803 TCON" (git-fixes). * Revert "drm/amd: Disable S/G for APUs when 64GB or more host memory" (git- fixes). * Revert "drm/amdgpu/display: change pipe policy for DCN 2.0" (git-fixes). * Revert "drm/amdgpu/display: change pipe policy for DCN 2.1" (git-fixes). * Revert "drm/vc4: hdmi: Enforce the minimum rate at runtime_resume" (git- fixes). * Revert "fbdev: flush deferred IO before closing (git-fixes)." (bsc#1221814) * acpi: CPPC: enable AMD CPPC V2 support for family 17h processors (git- fixes). * acpi: processor_idle: Fix memory leak in acpi_processor_power_exit() (git- fixes). * acpi: resource: Add Infinity laptops to irq1_edge_low_force_override (stable-fixes). * acpi: resource: Add MAIBENBEN X577 to irq1_edge_low_force_override (git- fixes). * acpi: resource: Do IRQ override on Lunnen Ground laptops (stable-fixes). * acpi: scan: Fix device check notification handling (git-fixes). * acpica: debugger: check status of acpi_evaluate_object() in acpi_db_walk_for_fields() (git-fixes). * alsa: aaci: Delete unused variable in aaci_do_suspend (git-fixes). * alsa: aoa: avoid false-positive format truncation warning (git-fixes). * alsa: aw2: avoid casting function pointers (git-fixes). * alsa: ctxfi: avoid casting function pointers (git-fixes). * alsa: hda/realtek - ALC285 reduce pop noise from Headphone port (stable- fixes). * alsa: hda/realtek - Add Headset Mic supported Acer NB platform (stable- fixes). * alsa: hda/realtek - Fix headset Mic no show at resume back for Lenovo ALC897 platform (git-fixes). * alsa: hda/realtek: Enable Mute LED on HP 840 G8 (MB 8AB8) (git-fixes). * alsa: hda/realtek: Update Panasonic CF-SZ6 quirk to support headset with microphone (git-fixes). * alsa: hda/realtek: fix ALC285 issues on HP Envy x360 laptops (stable-fixes). * alsa: hda/realtek: fix mute/micmute LED For HP mt440 (git-fixes). * alsa: hda/realtek: fix mute/micmute LEDs for HP EliteBook (stable-fixes). * alsa: seq: fix function cast warnings (git-fixes). * alsa: sh: aica: reorder cleanup operations to avoid UAF bugs (git-fixes). * alsa: usb-audio: Stop parsing channels bits when all channels are found (git-fixes). * arm64: dts: allwinner: h6: Add RX DMA channel for SPDIF (git-fixes) * arm64: dts: broadcom: bcmbca: bcm4908: drop invalid switch cells (git-fixes) * arm64: dts: imx8mm-kontron: Add support for ultra high speed modes on (git- fixes) * arm64: dts: imx8mm-venice-gw71xx: fix USB OTG VBUS (git-fixes) * arm64: dts: marvell: reorder crypto interrupts on Armada SoCs (git-fixes) * arm64: dts: rockchip: add ES8316 codec for ROCK Pi 4 (git-fixes) * arm64: dts: rockchip: add SPDIF node for ROCK Pi 4 (git-fixes) * arm64: dts: rockchip: fix regulator name on rk3399-rock-4 (git-fixes) * arm64: dts: rockchip: set num-cs property for spi on px30 (git-fixes) * arm64: mm: fix VA-range sanity check (git-fixes) * arm64: set __exception_irq_entry with __irq_entry as a default (git-fixes) * asoc: Intel: bytcr_rt5640: Add an extra entry for the Chuwi Vi8 tablet (stable-fixes). * asoc: amd: acp: Add missing error handling in sof-mach (git-fixes). * asoc: amd: acp: fix for acp_init function error handling (git-fixes). * asoc: madera: Fix typo in madera_set_fll_clks shift value (git-fixes). * asoc: meson: Use dev_err_probe() helper (stable-fixes). * asoc: meson: aiu: fix function pointer type mismatch (git-fixes). * asoc: meson: axg-tdm-interface: add frame rate constraint (git-fixes). * asoc: meson: axg-tdm-interface: fix mclk setup without mclk-fs (git-fixes). * asoc: meson: t9015: fix function pointer type mismatch (git-fixes). * asoc: ops: Fix wraparound for mask in snd_soc_get_volsw (git-fixes). * asoc: rcar: adg: correct TIMSEL setting for SSI9 (git-fixes). * asoc: rt5645: Make LattePanda board DMI match more precise (stable-fixes). * asoc: rt5682-sdw: fix locking sequence (git-fixes). * asoc: rt711-sdca: fix locking sequence (git-fixes). * asoc: rt711-sdw: fix locking sequence (git-fixes). * asoc: wm8962: Enable both SPKOUTR_ENA and SPKOUTL_ENA in mono mode (stable- fixes). * asoc: wm8962: Enable oscillator if selecting WM8962_FLL_OSC (stable-fixes). * asoc: wm8962: Fix up incorrect error message in wm8962_set_fll (stable- fixes). * ata: sata_mv: Fix PCI device ID table declaration compilation warning (git- fixes). * ata: sata_sx4: fix pdc20621_get_from_dimm() on 64-bit (git-fixes). * backlight: da9052: Fully initialize backlight_properties during probe (git- fixes). * backlight: lm3630a: Do not set bl->props.brightness in get_brightness (git- fixes). * backlight: lm3630a: Initialize backlight_properties on init (git-fixes). * backlight: lm3639: Fully initialize backlight_properties during probe (git- fixes). * backlight: lp8788: Fully initialize backlight_properties during probe (git- fixes). * blocklayoutdriver: Fix reference leak of pnfs_device_node (git-fixes). * bluetooth: hci_core: Fix possible buffer overflow (git-fixes). * bluetooth: mgmt: Remove leftover queuing of power_off work (git-fixes). * bluetooth: remove HCI_POWER_OFF_TIMEOUT (git-fixes). * bluetooth: remove superfluous call to hci_conn_check_pending() (git-fixes). * bluetooth: rfcomm: Fix null-ptr-deref in rfcomm_check_security (stable- fixes). * bpf, scripts: Correct GPL license name (git-fixes). * bpf, sockmap: Fix preempt_rt splat when using raw_spin_lock_t (git-fixes). * can: softing: remove redundant NULL check (git-fixes). * clk: zynq: Prevent null pointer dereference caused by kmalloc failure (git- fixes). * comedi: comedi_test: Prevent timers rescheduling during deletion (git- fixes). * coresight: etm4x: Do not access TRCIDR1 for identification (bsc#1220775) * coresight: etm4x: Fix accesses to TRCSEQRSTEVR and TRCSEQSTR (bsc#1220775) * coresight: etm: Override TRCIDR3.CCITMIN on errata affected cpus (bsc#1220775) * cpufreq: amd-pstate: Fix min_perf assignment in amd_pstate_adjust_perf() (git-fixes). * cpufreq: brcmstb-avs-cpufreq: add check for cpufreq_cpu_get's return value (git-fixes). * crypto: arm/sha - fix function cast warnings (git-fixes). * crypto: qat - avoid division by zero (git-fixes). * crypto: qat - fix deadlock in backlog processing (git-fixes). * crypto: qat - fix double free during reset (git-fixes). * crypto: qat - fix state machines cleanup paths (bsc#1218321). * crypto: qat - fix unregistration of compression algorithms (git-fixes). * crypto: qat - fix unregistration of crypto algorithms (git-fixes). * crypto: qat - ignore subsequent state up commands (git-fixes). * crypto: qat - increase size of buffers (git-fixes). * crypto: qat - resolve race condition during AER recovery (git-fixes). * crypto: xilinx - call finalize with bh disabled (git-fixes). * doc-guide: kernel-doc: tell about object-like macros (git-fixes). * doc/README.SUSE: Update information about module support status (jsc#PED-5759) * drivers: hv: vmbus: Calculate ring buffer size for more efficient use of memory (git-fixes). * drm/amd/display: Add FAMS validation before trying to use it (git-fixes). * drm/amd/display: Add function for validate and update new stream (git- fixes). * drm/amd/display: Avoid ABM when ODM combine is enabled for eDP (git-fixes). * drm/amd/display: Blocking invalid 420 modes on HDMI TMDS for DCN31 (git- fixes). * drm/amd/display: Check if link state is valid (git-fixes). * drm/amd/display: Copy DC context in the commit streams (git-fixes). * drm/amd/display: Disable PSR-SU on Parade 0803 TCON again (git-fixes). * drm/amd/display: Enable fast plane updates on DCN3.2 and above (git-fixes). * drm/amd/display: Enable new commit sequence only for DCN32x (git-fixes). * drm/amd/display: Exit idle optimizations before attempt to access PHY (git- fixes). * drm/amd/display: Expand kernel doc for DC (git-fixes). * drm/amd/display: Fix a bug when searching for insert_above_mpcc (git-fixes). * drm/amd/display: Fix a potential buffer overflow in 'dp_dsc_clock_en_read()' (git-fixes). * drm/amd/display: Fix possible underflow for displays with large vblank (git- fixes). * drm/amd/display: Fix the delta clamping for shaper LUT (git-fixes). * drm/amd/display: Fix underflow issue on 175hz timing (git-fixes). * drm/amd/display: For prefetch mode > 0, extend prefetch if possible (git- fixes). * drm/amd/display: Guard DCN31 PHYD32CLK logic against chip family (git- fixes). * drm/amd/display: Guard against invalid RPTR/WPTR being set (git-fixes). * drm/amd/display: Handle seamless boot stream (git-fixes). * drm/amd/display: Handle virtual hardware detect (git-fixes). * drm/amd/display: Include surface of unaffected streams (git-fixes). * drm/amd/display: Include udelay when waiting for INBOX0 ACK (git-fixes). * drm/amd/display: Increase frame warning limit with KASAN or KCSAN in dml (git-fixes). * drm/amd/display: Keep PHY active for dp config (git-fixes). * drm/amd/display: Prevent vtotal from being set to 0 (git-fixes). * drm/amd/display: Remove min_dst_y_next_start check for Z8 (git-fixes). * drm/amd/display: Restore rptr/wptr for DMCUB as workaround (git-fixes). * drm/amd/display: Return the correct HDCP error code (stable-fixes). * drm/amd/display: Revert vblank change that causes null pointer crash (git- fixes). * drm/amd/display: Rework comments on dc file (git-fixes). * drm/amd/display: Rework context change check (git-fixes). * drm/amd/display: Set minimum requirement for using PSR-SU on Phoenix (git- fixes). * drm/amd/display: Set minimum requirement for using PSR-SU on Rembrandt (git- fixes). * drm/amd/display: Update OTG instance in the commit stream (git-fixes). * drm/amd/display: Update correct DCN314 register header (git-fixes). * drm/amd/display: Update min Z8 residency time to 2100 for DCN314 (git- fixes). * drm/amd/display: Use DRAM speed from validation for dummy p-state (git- fixes). * drm/amd/display: Use DTBCLK as refclk instead of DPREFCLK (git-fixes). * drm/amd/display: Use min transition for all SubVP plane add/remove (git- fixes). * drm/amd/display: Write to correct dirty_rect (git-fixes). * drm/amd/display: Wrong colorimetry workaround (git-fixes). * drm/amd/display: add FB_DAMAGE_CLIPS support (git-fixes). * drm/amd/display: add ODM case when looking for first split pipe (git-fixes). * drm/amd/display: always switch off ODM before committing more streams (git- fixes). * drm/amd/display: clean code-style issues in dcn30_set_mpc_shaper_3dlut (git- fixes). * drm/amd/display: dc.h: eliminate kernel-doc warnings (git-fixes). * drm/amd/display: ensure async flips are only accepted for fast updates (git- fixes). * drm/amd/display: fix ABM disablement (git-fixes). * drm/amd/display: fix a NULL pointer dereference in amdgpu_dm_i2c_xfer() (git-fixes). * drm/amd/display: fix dc/core/dc.c kernel-doc (git-fixes). * drm/amd/display: fix hw rotated modes when PSR-SU is enabled (git-fixes). * drm/amd/display: fix kernel-doc issues in dc.h (git-fixes). * drm/amd/display: fix unbounded requesting for high pixel rate modes on dcn315 (git-fixes). * drm/amd/display: handle range offsets in VRR ranges (stable-fixes). * drm/amd/display: perform a bounds check before filling dirty rectangles (git-fixes). * drm/amd/display: set per pipe dppclk to 0 when dpp is off (git-fixes). * drm/amd/display: update extended blank for dcn314 onwards (git-fixes). * drm/amd/display: use low clocks for no plane configs (git-fixes). * drm/amd/pm: Fix error of MACO flag setting code (git-fixes). * drm/amd/pm: fix a memleak in aldebaran_tables_init (git-fixes). * drm/amd/smu: use AverageGfxclkFrequency* to replace previous GFX Curr Clock (git-fixes). * drm/amd: Enable PCIe PME from D3 (git-fixes). * drm/amdgpu/pm: Fix the error of pwm1_enable setting (stable-fixes). * drm/amdgpu/pm: make gfxclock consistent for sienna cichlid (git-fixes). * drm/amdgpu/pm: make mclk consistent for smu 13.0.7 (git-fixes). * drm/amdgpu/smu13: drop compute workload workaround (git-fixes). * drm/amdgpu: Enable gpu reset for S3 abort cases on Raven series (stable- fixes). * drm/amdgpu: Fix missing break in ATOM_ARG_IMM Case of atom_get_src_int() (git-fixes). * drm/amdgpu: Force order between a read and write to the same address (git- fixes). * drm/amdgpu: Match against exact bootloader status (git-fixes). * drm/amdgpu: Unset context priority is now invalid (git-fixes). * drm/amdgpu: Update min() to min_t() in 'amdgpu_info_ioctl' (git-fixes). * drm/amdgpu: amdgpu_ttm_gart_bind set gtt bound flag (stable-fixes). * drm/amdgpu: lower CS errors to debug severity (git-fixes). * drm/amdkfd: fix TLB flush after unmap for GFX9.4.2 (stable-fixes). * drm/bridge: tc358762: Instruct DSI host to generate HSE packets (git-fixes). * drm/display: fix typo (git-fixes). * drm/edid: Add quirk for OSVR HDK 2.0 (git-fixes). * drm/etnaviv: Restore some id values (git-fixes). * drm/exynos: do not return negative values from .get_modes() (stable-fixes). * drm/exynos: fix a possible null-pointer dereference due to data race in exynos_drm_crtc_atomic_disable() (git-fixes). * drm/i915/bios: Tolerate devdata==NULL in intel_bios_encoder_supports_dp_dual_mode() (stable-fixes). * drm/i915/gt: Do not generate the command streamer for all the CCS (git- fixes). * drm/i915/gt: Reset queue_priority_hint on parking (git-fixes). * drm/i915/gt: Use i915_vm_put on ppgtt_create error paths (git-fixes). * drm/i915/selftests: Fix dependency of some timeouts on HZ (git-fixes). * drm/i915: Add missing CCS documentation (git-fixes). * drm/i915: Call intel_pre_plane_updates() also for pipes getting enabled (git-fixes). * drm/i915: Check before removing mm notifier (git-fixes). * drm/lima: fix a memleak in lima_heap_alloc (git-fixes). * drm/mediatek: Fix a null pointer crash in mtk_drm_crtc_finish_page_flip (git-fixes). * drm/mediatek: dsi: Fix DSI RGB666 formats and definitions (git-fixes). * drm/msm/dpu: Only enable DSC_MODE_MULTIPLEX if dsc_merge is enabled (git- fixes). * drm/msm/dpu: add division of drm_display_mode's hskew parameter (git-fixes). * drm/msm/dpu: fix the programming of INTF_CFG2_DATA_HCTL_EN (git-fixes). * drm/msm/dpu: improve DSC allocation (git-fixes). * drm/panel-edp: use put_sync in unprepare (git-fixes). * drm/panel: Move AUX B116XW03 out of panel-edp back to panel-simple (git- fixes). * drm/panel: auo,b101uan08.3: Fine tune the panel power sequence (git-fixes). * drm/panel: boe-tv101wum-nl6: Fine tune the panel power sequence (git-fixes). * drm/panel: do not return negative error codes from drm_panel_get_modes() (stable-fixes). * drm/panfrost: fix power transition timeout warnings (git-fixes). * drm/probe-helper: warn about negative .get_modes() (stable-fixes). * drm/qxl: remove unused `count` variable from `qxl_surface_id_alloc()` (git- fixes). * drm/qxl: remove unused variable from `qxl_process_single_command()` (git- fixes). * drm/radeon/ni: Fix wrong firmware size logging in ni_init_microcode() (git- fixes). * drm/radeon/ni_dpm: remove redundant NULL check (git-fixes). * drm/radeon: remove dead code in ni_mc_load_microcode() (git-fixes). * drm/rockchip: dsi: Clean up 'usage_mode' when failing to attach (git-fixes). * drm/rockchip: inno_hdmi: Fix video timing (git-fixes). * drm/rockchip: lvds: do not overwrite error code (git-fixes). * drm/rockchip: lvds: do not print scary message when probing defer (git- fixes). * drm/tegra: dpaux: Fix PM disable depth imbalance in tegra_dpaux_probe (git- fixes). * drm/tegra: dsi: Add missing check for of_find_device_by_node (git-fixes). * drm/tegra: dsi: Fix missing pm_runtime_disable() in the error handling path of tegra_dsi_probe() (git-fixes). * drm/tegra: dsi: Fix some error handling paths in tegra_dsi_probe() (git- fixes). * drm/tegra: dsi: Make use of the helper function dev_err_probe() (stable- fixes). * drm/tegra: hdmi: Convert to devm_platform_ioremap_resource() (stable-fixes). * drm/tegra: hdmi: Fix some error handling paths in tegra_hdmi_probe() (git- fixes). * drm/tegra: output: Fix missing i2c_put_adapter() in the error handling paths of tegra_output_probe() (git-fixes). * drm/tegra: put drm_gem_object ref on error in tegra_fb_create (git-fixes). * drm/tegra: rgb: Fix missing clk_put() in the error handling paths of tegra_dc_rgb_probe() (git-fixes). * drm/tegra: rgb: Fix some error handling paths in tegra_dc_rgb_probe() (git- fixes). * drm/tidss: Fix initial plane zpos values (git-fixes). * drm/tidss: Fix sync-lost issue with two displays (git-fixes). * drm/ttm: Do not leak a resource on eviction error (git-fixes). * drm/ttm: Do not print error message if eviction was interrupted (git-fixes). * drm/vc4: Add module dependency on hdmi-codec (git-fixes). * drm/vmwgfx: Create debugfs ttm_resource_manager entry only if needed (git- fixes). * drm/vmwgfx: Fix possible null pointer derefence with invalid contexts (git- fixes). * drm/vmwgfx: fix a memleak in vmw_gmrid_man_get_node (git-fixes). * drm: Do not treat 0 as -1 in drm_fixp2int_ceil (git-fixes). * drm: Fix drm_fixp2int_round() making it add 0.5 (git-fixes). * drm: panel-orientation-quirks: Add quirk for Acer Switch V 10 (SW5-017) (git-fixes). * firewire: core: use long bus reset on gap count error (stable-fixes). * fix "coresight: etm4x: Change etm4_platform_driver driver for MMIO devices" (bsc#1220775) Hunk with clk_put(drvdata->pclk) was incorrectly moved to another function. * force config_TCG_TIS_CORE=m on aarch64 for workaround kconfig issues * group-source-files.pl: Quote filenames (boo#1221077). The kernel source now contains a file with a space in the name. Add quotes in group-source- files.pl to avoid splitting the filename. Also use -print0 / -0 when updating timestamps. * hid: amd_sfh: Update HPD sensor structure elements (git-fixes). * hid: lenovo: Add middleclick_workaround sysfs knob for cptkbd (git-fixes). * hid: multitouch: Add required quirk for Synaptics 0xcddc device (stable- fixes). * hv_netvsc: Calculate correct ring size when PAGE_SIZE is not 4 Kbytes (git- fixes). * hv_netvsc: Fix race condition between netvsc_probe and netvsc_remove (git- fixes). * hv_netvsc: Register VF in netvsc_probe if NET_DEVICE_REGISTER missed (git- fixes). * i2c: aspeed: Fix the dummy irq expected print (git-fixes). * i2c: i801: Avoid potential double call to gpiod_remove_lookup_table (git- fixes). * i2c: wmt: Fix an error handling path in wmt_i2c_probe() (git-fixes). * ib/ipoib: fix mcast list locking (git-fixes) * iio: dummy_evgen: remove Excess kernel-doc comments (git-fixes). * iio: pressure: dlhl60d: Initialize empty DLH bytes (git-fixes). * input: gpio_keys_polled - suppress deferred probe error for gpio (stable- fixes). * input: synaptics-rmi4 - fix UAF of IRQ domain on driver removal (git-fixes). * iommu/amd: Mark interrupt as managed (git-fixes). * iommu/dma: Trace bounce buffer usage when mapping buffers (git-fixes). * iommu/mediatek-v1: Fix an error handling path in mtk_iommu_v1_probe() (git- fixes). * iommu/mediatek: Fix forever loop in error handling (git-fixes). * iommu/vt-d: Allow to use flush-queue when first level is default (git- fixes). * iommu/vt-d: Do not issue ATS Invalidation request when device is disconnected (git-fixes). * iommu/vt-d: Fix PASID directory pointer coherency (git-fixes). * iommu/vt-d: Set No Execute Enable bit in PASID table entry (git-fixes). * kABI: PCI: Add locking to RMW PCI Express Capability Register accessors (kabi). * kconfig: fix infinite loop when expanding a macro at the end of file (git- fixes). * kernel-binary: Fix i386 build Fixes: 89eaf4cdce05 ("rpm templates: Move macro definitions below buildrequires") * kernel-binary: Move build script to the end All other spec templates have the build script at the end, only kernel-binary has it in the middle. Align with the other templates. * kernel-binary: certs: Avoid trailing space * kernel-binary: vdso: fix filelist for non-usrmerged kernel Fixes: a6ad8af207e6 ("rpm templates: Always define usrmerged") * kvm: s390: only deliver the set service event bits (git-fixes bsc#1221631). * leds: aw2013: Unlock mutex before destroying it (git-fixes). * lib/cmdline: Fix an invalid format specifier in an assertion msg (git- fixes). * make nvidia Grace-Hopper TPM related drivers build-ins (bsc#1221156) * md: fix data corruption for raid456 when reshape restart while grow up (git- fixes). * media: dvb-frontends: avoid stack overflow warnings with clang (git-fixes). * media: edia: dvbdev: fix a use-after-free (git-fixes). * media: em28xx: annotate unchecked call to media_device_register() (git- fixes). * media: go7007: add check of return value of go7007_read_addr() (git-fixes). * media: go7007: fix a memleak in go7007_load_encoder (git-fixes). * media: imx: csc/scaler: fix v4l2_ctrl_handler memory leak (git-fixes). * media: pvrusb2: fix pvr2_stream_callback casts (git-fixes). * media: pvrusb2: fix uaf in pvr2_context_set_notify (git-fixes). * media: pvrusb2: remove redundant NULL check (git-fixes). * media: staging: ipu3-imgu: Set fields before media_entity_pads_init() (git- fixes). * media: sun8i-di: Fix chroma difference threshold (git-fixes). * media: sun8i-di: Fix coefficient writes (git-fixes). * media: sun8i-di: Fix power on/off sequences (git-fixes). * media: tc358743: register v4l2 async device only after successful setup (git-fixes). * media: ttpci: fix two memleaks in budget_av_attach (git-fixes). * media: usbtv: Remove useless locks in usbtv_video_free() (git-fixes). * media: v4l2-mem2mem: fix a memleak in v4l2_m2m_register_entity (git-fixes). * media: v4l2-tpg: fix some memleaks in tpg_alloc (git-fixes). * media: xc4000: Fix atomicity violation in xc4000_get_frequency (git-fixes). * mfd: altera-sysmgr: Call of_node_put() only when of_parse_phandle() takes a ref (git-fixes). * mfd: syscon: Call of_node_put() only when of_parse_phandle() takes a ref (git-fixes). * mm,page_owner: Defer enablement of static branch (bsc#1222366). * mm,page_owner: Fix accounting of pages when migrating (bsc#1222366). * mm,page_owner: Fix printing of stack records (bsc#1222366). * mm,page_owner: Fix refcount imbalance (bsc#1222366). * mm,page_owner: Update metadata for tail pages (bsc#1222366). * mm,page_owner: check for null stack_record before bumping its refcount (bsc#1222366). * mm,page_owner: drop unnecessary check (bsc#1222366). * mm,page_owner: fix recursion (bsc#1222366). * mmc: core: Avoid negative index with array access (git-fixes). * mmc: core: Fix switch on gp3 partition (git-fixes). * mmc: core: Initialize mmc_blk_ioc_data (git-fixes). * mmc: mmci: stm32: fix DMA API overlapping mappings warning (git-fixes). * mmc: mmci: stm32: use a buffer for unaligned DMA requests (git-fixes). * mmc: tmio: avoid concurrent runs of mmc_request_done() (git-fixes). * mmc: wmt-sdmmc: remove an incorrect release_mem_region() call in the .remove function (git-fixes). * mtd: maps: physmap-core: fix flash size larger than 32-bit (git-fixes). * mtd: rawnand: lpc32xx_mlc: fix irq handler prototype (git-fixes). * mtd: rawnand: meson: fix scrambling mode value in command macro (git-fixes). * net/bnx2x: Prevent access to a freed page in page_pool (bsc#1215322). * net/x25: fix incorrect parameter validation in the x25_getsockopt() function (git-fixes). * net: Fix features skip in for_each_netdev_feature() (git-fixes). * net: lan78xx: fix runtime PM count underflow on link stop (git-fixes). * net: ll_temac: platform_get_resource replaced by wrong function (git-fixes). * net: mana: Fix Rx DMA datasize and skb_over_panic (git-fixes). * net: phy: fix phy_get_internal_delay accessing an empty array (git-fixes). * net: sunrpc: Fix an off by one in rpc_sockaddr2uaddr() (git-fixes). * nfc: nci: Fix uninit-value in nci_dev_up and nci_ntf_packet (git-fixes). * nfs: fix an off by one in root_nfs_cat() (git-fixes). * nfs: rename nfs_client_kset to nfs_kset (git-fixes). * nfsd: change LISTXATTRS cookie encoding to big-endian (git-fixes). * nfsd: convert the callback workqueue to use delayed_work (git-fixes). * nfsd: do not take fi_lock in nfsd_break_deleg_cb() (git-fixes). * nfsd: fix file memleak on client_opens_release (git-fixes). * nfsd: fix liSTXATTRS returning a short list with eof=TRUE (git-fixes). * nfsd: fix liSTXATTRS returning more bytes than maxcount (git-fixes). * nfsd: fix nfsd4_listxattr_validate_cookie (git-fixes). * nfsd: lock_rename() needs both directories to live on the same fs (git- fixes). * nfsd: reschedule CB operations when backchannel rpc_clnt is shut down (git- fixes). * nfsd: reset cb_seq_status after NFS4ERR_DELAY (git-fixes). * nfsd: retransmit callbacks after client reconnects (git-fixes). * nfsd: use vfs setgid helper (git-fixes). * nfsv4.1/pnfs: Ensure we handle the error NFS4ERR_RETURNCONFLICT (git-fixes). * nfsv4.1: fix SP4_MACH_CRED protection for pnfs IO (git-fixes). * nfsv4.1: fixup use EXCHGID4_FLAG_USE_PNFS_DS for DS server (git-fixes). * nfsv4.1: use EXCHGID4_FLAG_USE_PNFS_DS for DS server (git-fixes). * nfsv4.2: fix listxattr maximum XDR buffer size (git-fixes). * nfsv4.2: fix nfs4_listxattr kernel BUG at mm/usercopy.c:102 (git-fixes). * nfsv4.2: fix wrong shrinker_id (git-fixes). * nfsv4: fix a nfs4_state_manager() race (git-fixes). * nfsv4: fix a state manager thread deadlock regression (git-fixes). * nilfs2: fix failure to detect DAT corruption in btree and direct mappings (git-fixes). * nilfs2: prevent kernel bug at submit_bh_wbc() (git-fixes). * nouveau/dmem: handle kcalloc() allocation failure (git-fixes). * nouveau: reset the bo resource bus info after an eviction (git-fixes). * ntfs: fix use-after-free in ntfs_ucsncmp() (bsc#1221713). * nvme-fc: do not wait in vain when unloading module (git-fixes). * nvme: fix reconnection fail due to reserved tag allocation (git-fixes). * nvmet-fc: abort command when there is no binding (git-fixes). * nvmet-fc: avoid deadlock on delete association path (git-fixes). * nvmet-fc: defer cleanup using RCU properly (git-fixes). * nvmet-fc: hold reference on hostport match (git-fixes). * nvmet-fc: release reference on target port (git-fixes). * nvmet-fc: take ref count on tgtport before delete assoc (git-fixes). * nvmet-fcloop: swap the list_add_tail arguments (git-fixes). * nvmet-tcp: fix nvme tcp ida memory leak (git-fixes). * pNFS/flexfiles: Check the layout validity in ff_layout_mirror_prepare_stats (git-fixes). * pNFS: Fix a hang in nfs4_evict_inode() (git-fixes). * pNFS: Fix the pnfs block driver's calculation of layoutget size (git-fixes). * pci/aer: fix rootport attribute paths in ABI docs (git-fixes). * pci/aspm: use RMW accessors for changing LNKCTL (git-fixes). * pci/dpc: print all TLP Prefixes, not just the first (git-fixes). * pci/msi: prevent MSI hardware interrupt number truncation (bsc#1218777) * pci/p2pdma: Fix a sleeping issue in a RCU read section (git-fixes). * pci: add locking to RMW PCI Express Capability Register accessors (git- fixes). * pci: dwc: endpoint: Fix advertised resizable BAR size (git-fixes). * pci: dwc: endpoint: Fix dw_pcie_ep_raise_msix_irq() alignment support (git- fixes). * pci: dwc: fix a 64bit bug in dw_pcie_ep_raise_msix_irq() (git-fixes). * pci: fu740: Set the number of MSI vectors (git-fixes). * pci: lengthen reset delay for VideoPropulsion Torrent QN16e card (git- fixes). * pci: make link retraining use RMW accessors for changing LNKCTL (git-fixes). * pci: mark 3ware-9650SE Root Port Extended Tags as broken (git-fixes). * pci: mediatek-gen3: Fix translation window size calculation (git-fixes). * pci: mediatek: Clear interrupt status before dispatching handler (git- fixes). * pci: qcom: enable BDF to SID translation properly (git-fixes). * pci: qcom: use DWC helpers for modifying the read-only DBI registers (git- fixes). * pci: rockchip: Do not advertise MSI-X in PCIe capabilities (git-fixes). * pci: rockchip: Fix window mapping and address translation for endpoint (git- fixes). * pci: rockchip: Use 64-bit mask on MSI 64-bit PCI address (git-fixes). * pci: switchtec: Fix an error handling path in switchtec_pci_probe() (git- fixes). * pinctrl: mediatek: Drop bogus slew rate register range for MT8192 (git- fixes). * platform/mellanox: mlxreg-hotplug: Remove redundant NULL-check (git-fixes). * pm: suspend: Set mem_sleep_current during kernel command line setup (git- fixes). * powerpc/64s: POWER10 CPU Kconfig build option (bsc#1194869). * powerpc/boot: Disable power10 features after BOOTAFLAGS assignment (bsc#1194869). * powerpc/boot: Fix boot wrapper code generation with CONFIG_POWER10_CPU (bsc#1194869). * powerpc/lib/sstep: Do not use __{get/put}_user() on kernel addresses (bsc#1194869). * powerpc/lib/sstep: Remove unneeded #ifdef **powerpc64** (bsc#1194869). * powerpc/lib/sstep: Use l1_dcache_bytes() instead of opencoding (bsc#1194869). * powerpc/lib/sstep: use truncate_if_32bit() (bsc#1194869). * powerpc/pseries/iommu: IOMMU table is not initialized for kdump over SR-IOV (bsc#1220492 ltc#205270). * powerpc/pseries: Fix potential memleak in papr_get_attr() (bsc#1200465 ltc#197256 jsc#SLE-18130 git-fixes). * powerpc/sstep: Use bitwise instead of arithmetic operator for flags (bsc#1194869). * powerpc: add compile-time support for lbarx, lharx (bsc#1194869). * pwm: mediatek: Update kernel doc for struct pwm_mediatek_of_data (git- fixes). * qedf: Do not process stag work during unload (bsc#1214852). * qedf: Wait for stag work during unload (bsc#1214852). * raid1: fix use-after-free for original bio in raid1_write_request() (bsc#1221097). * ras/amd/fmpm: Add debugfs interface to print record entries (jsc#PED-7619). * ras/amd/fmpm: Avoid NULL ptr deref in get_saved_records() (jsc#PED-7619). * ras/amd/fmpm: Fix build when debugfs is not enabled (jsc#PED-7619). * ras/amd/fmpm: Fix off by one when unwinding on error (jsc#PED-7619). * ras/amd/fmpm: Safely handle saved records of various sizes (jsc#PED-7619). * ras/amd/fmpm: Save SPA values (jsc#PED-7619). * ras: Avoid build errors when CONFIG_DEBUG_FS=n (git-fixes). * ras: export helper to get ras_debugfs_dir (jsc#PED-7619). * rdma/device: Fix a race between mad_client and cm_client init (git-fixes) * rdma/hns: fix mis-modifying default congestion control algorithm (git-fixes) * rdma/ipoib: Fix error code return in ipoib_mcast_join (git-fixes) * rdma/irdma: Remove duplicate assignment (git-fixes) * rdma/mana_ib: Fix bug in creation of dma regions (git-fixes). * rdma/mlx5: fix fortify source warning while accessing Eth segment (git- fixes) * rdma/mlx5: relax DEVX access upon modify commands (git-fixes) * rdma/rtrs-clt: Check strnlen return len in sysfs mpath_policy_store() (git- fixes) * rdma/srpt: do not register event handler until srpt device is fully setup (git-fixes) * rtc: mt6397: select IRQ_DOMAIN instead of depending on it (git-fixes). * s390/pai: fix attr_event_free upper limit for pai device drivers (git-fixes bsc#1221633). * s390/vfio-ap: realize the VFIO_DEVICE_GET_IRQ_INFO ioctl (bsc#1205316). * s390/vfio-ap: realize the VFIO_DEVICE_SET_IRQS ioctl (bsc#1205316). * s390/vfio-ap: wire in the vfio_device_ops request callback (bsc#1205316). * s390/vtime: fix average steal time calculation (git-fixes bsc#1221951). * sched/rt: Disallow writing invalid values to sched_rt_period_us (bsc#1220176). * sched/rt: sysctl_sched_rr_timeslice show default timeslice after reset (bsc#1220176). * scsi: lpfc: Copyright updates for 14.4.0.1 patches (bsc#1221777). * scsi: lpfc: Correct size for cmdwqe/rspwqe for memset() (bsc#1221777). * scsi: lpfc: Correct size for wqe for memset() (bsc#1221777). * scsi: lpfc: Define lpfc_dmabuf type for ctx_buf ptr (bsc#1221777). * scsi: lpfc: Define lpfc_nodelist type for ctx_ndlp ptr (bsc#1221777). * scsi: lpfc: Define types in a union for generic void *context3 ptr (bsc#1221777). * scsi: lpfc: Move NPIV's transport unregistration to after resource clean up (bsc#1221777). * scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up() (bsc#1221777). * scsi: lpfc: Remove IRQF_ONESHOT flag from threaded IRQ handling (bsc#1221777 bsc#1217959). * scsi: lpfc: Remove unnecessary log message in queuecommand path (bsc#1221777). * scsi: lpfc: Replace hbalock with ndlp lock in lpfc_nvme_unregister_port() (bsc#1221777). * scsi: lpfc: Update lpfc version to 14.4.0.1 (bsc#1221777). * scsi: lpfc: Update lpfc_ramp_down_queue_handler() logic (bsc#1221777). * scsi: lpfc: Use a dedicated lock for ras_fwlog state (bsc#1221777). * scsi: qedf: Remove set but unused variable 'page' (bsc#1214852). * scsi: qedf: Remove unused 'num_handled' variable (bsc#1214852). * scsi: qedf: Remove unused declaration (bsc#1214852). * scsi: qla2xxx: Change debug message during driver unload (bsc1221816). * scsi: qla2xxx: Delay I/O Abort on PCI error (bsc1221816). * scsi: qla2xxx: Fix N2N stuck connection (bsc1221816). * scsi: qla2xxx: Fix command flush on cable pull (bsc1221816). * scsi: qla2xxx: Fix double free of fcport (bsc1221816). * scsi: qla2xxx: Fix double free of the ha->vp_map pointer (bsc1221816). * scsi: qla2xxx: NVME|FCP prefer flag not being honored (bsc1221816). * scsi: qla2xxx: Prevent command send on chip reset (bsc1221816). * scsi: qla2xxx: Split FCE|EFT trace control (bsc1221816). * scsi: qla2xxx: Update manufacturer detail (bsc1221816). * scsi: qla2xxx: Update version to 10.02.09.200-k (bsc1221816). * scsi: storvsc: Fix ring buffer size calculation (git-fixes). * scsi: target: core: Silence the message about unknown VPD pages (bsc#1221252). * selftests/bpf: add generic BPF program tester-loader (bsc#1222033). * serial: 8250_exar: Do not remove GPIO device on suspend (git-fixes). * serial: max310x: fix syntax error in IRQ error message (git-fixes). * slimbus: core: Remove usage of the deprecated ida_simple_xx() API (git- fixes). * soc: fsl: qbman: Always disable interrupts when taking cgr_lock (git-fixes). * spi: lm70llp: fix links in doc and comments (git-fixes). * spi: spi-mt65xx: Fix NULL pointer access in interrupt handler (git-fixes). * sr9800: Add check for usbnet_get_endpoints (git-fixes). * stackdepot: rename pool_index to pool_index_plus_1 (git-fixes). * staging: vc04_services: fix information leak in create_component() (git- fixes). * sunrpc: Add an IS_ERR() check back to where it was (git-fixes). * sunrpc: ECONNRESET might require a rebind (git-fixes). * sunrpc: Fix RPC client cleaned up the freed pipefs dentries (git-fixes). * sunrpc: Fix a suspicious RCU usage warning (git-fixes). * sunrpc: fix a memleak in gss_import_v2_context (git-fixes). * sunrpc: fix some memleaks in gssx_dec_option_array (git-fixes). * svcrdma: Drop connection after an RDMA Read error (git-fixes). * tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc (bsc#1222619). * tty: serial: fsl_lpuart: avoid idle preamble pending if CTS is enabled (git- fixes). * tty: serial: samsung: fix tx_empty() to return TIOCSER_TEMT (git-fixes). * tty: vt: fix 20 vs 0x20 typo in EScsiignore (git-fixes). * ubifs: Queue up space reservation tasks if retrying many times (git-fixes). * ubifs: Remove unreachable code in dbg_check_ltab_lnum (git-fixes). * ubifs: Set page uptodate in the correct place (git-fixes). * ubifs: dbg_check_idx_size: Fix kmemleak if loading znode failed (git-fixes). * ubifs: fix sort function prototype (git-fixes). * usb: audio-v2: Correct comments for struct uac_clock_selector_descriptor (git-fixes). * usb: cdc-wdm: close race between read and workqueue (git-fixes). * usb: core: Fix deadlock in usb_deauthorize_interface() (git-fixes). * usb: dwc2: gadget: Fix exiting from clock gating (git-fixes). * usb: dwc2: gadget: LPM flow fix (git-fixes). * usb: dwc2: host: Fix ISOC flow in DDMA mode (git-fixes). * usb: dwc2: host: Fix hibernation flow (git-fixes). * usb: dwc2: host: Fix remote wakeup from hibernation (git-fixes). * usb: dwc3: Properly set system wakeup (git-fixes). * usb: gadget: ncm: Fix handling of zero block length packets (git-fixes). * usb: gadget: net2272: Use irqflags in the call to net2272_probe_fin (git- fixes). * usb: port: Do not try to peer unused USB ports based on location (git- fixes). * usb: typec: Return size of buffer if pd_set operation succeeds (git-fixes). * usb: typec: ucsi: Check for notifications after init (git-fixes). * usb: typec: ucsi: Clean up UCSI_CABLE_PROP macros (git-fixes). * usb: typec: ucsi: Clear EVENT_PENDING under PPM lock (git-fixes). * usb: usb-storage: Prevent divide-by-0 error in isd200_ata_command (git- fixes). * usb: xhci: Add error handling in xhci_map_urb_for_dma (git-fixes). * vboxsf: Avoid an spurious warning if load_nls_xxx() fails (git-fixes). * vt: fix unicode buffer corruption when deleting characters (git-fixes). * watchdog: stm32_iwdg: initialize default timeout (git-fixes). * wifi: ath10k: fix NULL pointer dereference in ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() (git-fixes). * wifi: ath11k: decrease MHI channel buffer length to 8KB (bsc#1207948). * wifi: ath11k: initialize rx_mcs_80 and rx_mcs_160 before use (git-fixes). * wifi: ath9k: delay all of ath9k_wmi_event_tasklet() until init is complete (git-fixes). * wifi: b43: Disable QoS for bcm4331 (git-fixes). * wifi: b43: Stop correct queue in DMA worker when QoS is disabled (git- fixes). * wifi: b43: Stop/wake correct queue in DMA Tx path when QoS is disabled (git- fixes). * wifi: b43: Stop/wake correct queue in PIO Tx path when QoS is disabled (git- fixes). * wifi: brcmfmac: fix copyright year mentioned in platform_data header (git- fixes). * wifi: brcmsmac: avoid function pointer casts (git-fixes). * wifi: iwlwifi: dbg-tlv: ensure NUL termination (git-fixes). * wifi: iwlwifi: fix EWRD table validity check (git-fixes). * wifi: iwlwifi: fw: do not always use FW dump trig (git-fixes). * wifi: iwlwifi: mvm: do not set replay counters to 0xff (git-fixes). * wifi: iwlwifi: mvm: report beacon protection failures (git-fixes). * wifi: iwlwifi: mvm: rfi: fix potential response leaks (git-fixes). * wifi: iwlwifi: mvm: use FW rate for non-data only on new devices (git- fixes). * wifi: libertas: fix some memleaks in lbs_allocate_cmd_buffer() (git-fixes). * wifi: mwifiex: debugfs: Drop unnecessary error check for debugfs_create_dir() (git-fixes). * wifi: rtl8xxxu: add cancel_work_sync() for c2hcmd_work (git-fixes). * wifi: rtw88: 8821c: Fix false alarm count (git-fixes). * wifi: wilc1000: fix RCU usage in connect path (git-fixes). * wifi: wilc1000: fix declarations ordering (stable-fixes). * wifi: wilc1000: fix multi-vif management when deleting a vif (git-fixes). * wifi: wilc1000: prevent use-after-free on vif when cleaning up all interfaces (git-fixes). * x86/CPU/AMD: Update the Zenbleed microcode revisions (git-fixes). * x86/bugs: Fix the SRSO mitigation on Zen3/4 (git-fixes). * x86/fpu: Keep xfd_state in sync with MSR_IA32_XFD (git-fixes). * xhci: handle isoc Babble and Buffer Overrun events properly (git-fixes). * xhci: process isoc TD properly when there was a transaction error mid TD (git-fixes). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-1332=1 openSUSE-SLE-15.5-2024-1332=1 * Public Cloud Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP5-2024-1332=1 ## Package List: * openSUSE Leap 15.5 (aarch64 x86_64) * gfs2-kmp-azure-5.14.21-150500.33.42.1 * kernel-azure-extra-debuginfo-5.14.21-150500.33.42.1 * dlm-kmp-azure-debuginfo-5.14.21-150500.33.42.1 * kernel-azure-optional-5.14.21-150500.33.42.1 * kselftests-kmp-azure-debuginfo-5.14.21-150500.33.42.1 * gfs2-kmp-azure-debuginfo-5.14.21-150500.33.42.1 * ocfs2-kmp-azure-debuginfo-5.14.21-150500.33.42.1 * kernel-azure-debuginfo-5.14.21-150500.33.42.1 * reiserfs-kmp-azure-debuginfo-5.14.21-150500.33.42.1 * kselftests-kmp-azure-5.14.21-150500.33.42.1 * kernel-syms-azure-5.14.21-150500.33.42.1 * reiserfs-kmp-azure-5.14.21-150500.33.42.1 * dlm-kmp-azure-5.14.21-150500.33.42.1 * kernel-azure-devel-debuginfo-5.14.21-150500.33.42.1 * kernel-azure-livepatch-devel-5.14.21-150500.33.42.1 * cluster-md-kmp-azure-debuginfo-5.14.21-150500.33.42.1 * kernel-azure-debugsource-5.14.21-150500.33.42.1 * cluster-md-kmp-azure-5.14.21-150500.33.42.1 * kernel-azure-devel-5.14.21-150500.33.42.1 * kernel-azure-extra-5.14.21-150500.33.42.1 * ocfs2-kmp-azure-5.14.21-150500.33.42.1 * kernel-azure-optional-debuginfo-5.14.21-150500.33.42.1 * openSUSE Leap 15.5 (aarch64 nosrc x86_64) * kernel-azure-5.14.21-150500.33.42.1 * openSUSE Leap 15.5 (x86_64) * kernel-azure-vdso-debuginfo-5.14.21-150500.33.42.1 * kernel-azure-vdso-5.14.21-150500.33.42.1 * openSUSE Leap 15.5 (noarch) * kernel-source-azure-5.14.21-150500.33.42.1 * kernel-devel-azure-5.14.21-150500.33.42.1 * Public Cloud Module 15-SP5 (aarch64 nosrc x86_64) * kernel-azure-5.14.21-150500.33.42.1 * Public Cloud Module 15-SP5 (aarch64 x86_64) * kernel-syms-azure-5.14.21-150500.33.42.1 * kernel-azure-debugsource-5.14.21-150500.33.42.1 * kernel-azure-debuginfo-5.14.21-150500.33.42.1 * kernel-azure-devel-5.14.21-150500.33.42.1 * kernel-azure-devel-debuginfo-5.14.21-150500.33.42.1 * Public Cloud Module 15-SP5 (noarch) * kernel-source-azure-5.14.21-150500.33.42.1 * kernel-devel-azure-5.14.21-150500.33.42.1 ## References: * https://www.suse.com/security/cve/CVE-2021-46925.html * https://www.suse.com/security/cve/CVE-2021-46926.html * https://www.suse.com/security/cve/CVE-2021-46927.html * https://www.suse.com/security/cve/CVE-2021-46929.html * https://www.suse.com/security/cve/CVE-2021-46930.html * https://www.suse.com/security/cve/CVE-2021-46931.html * https://www.suse.com/security/cve/CVE-2021-46933.html * https://www.suse.com/security/cve/CVE-2021-46936.html * https://www.suse.com/security/cve/CVE-2021-47082.html * https://www.suse.com/security/cve/CVE-2021-47087.html * https://www.suse.com/security/cve/CVE-2021-47091.html * https://www.suse.com/security/cve/CVE-2021-47093.html * https://www.suse.com/security/cve/CVE-2021-47094.html * https://www.suse.com/security/cve/CVE-2021-47095.html * https://www.suse.com/security/cve/CVE-2021-47096.html * https://www.suse.com/security/cve/CVE-2021-47097.html * https://www.suse.com/security/cve/CVE-2021-47098.html * https://www.suse.com/security/cve/CVE-2021-47099.html * https://www.suse.com/security/cve/CVE-2021-47100.html * https://www.suse.com/security/cve/CVE-2021-47101.html * https://www.suse.com/security/cve/CVE-2021-47102.html * https://www.suse.com/security/cve/CVE-2021-47104.html * https://www.suse.com/security/cve/CVE-2021-47105.html * https://www.suse.com/security/cve/CVE-2021-47107.html * https://www.suse.com/security/cve/CVE-2021-47108.html * https://www.suse.com/security/cve/CVE-2022-4744.html * https://www.suse.com/security/cve/CVE-2022-48626.html * https://www.suse.com/security/cve/CVE-2022-48629.html * https://www.suse.com/security/cve/CVE-2022-48630.html * https://www.suse.com/security/cve/CVE-2023-0160.html * https://www.suse.com/security/cve/CVE-2023-28746.html * https://www.suse.com/security/cve/CVE-2023-35827.html * https://www.suse.com/security/cve/CVE-2023-4881.html * https://www.suse.com/security/cve/CVE-2023-52447.html * https://www.suse.com/security/cve/CVE-2023-52450.html * https://www.suse.com/security/cve/CVE-2023-52453.html * https://www.suse.com/security/cve/CVE-2023-52454.html * https://www.suse.com/security/cve/CVE-2023-52469.html * https://www.suse.com/security/cve/CVE-2023-52470.html * https://www.suse.com/security/cve/CVE-2023-52474.html * https://www.suse.com/security/cve/CVE-2023-52476.html * https://www.suse.com/security/cve/CVE-2023-52477.html * https://www.suse.com/security/cve/CVE-2023-52481.html * https://www.suse.com/security/cve/CVE-2023-52484.html * https://www.suse.com/security/cve/CVE-2023-52486.html * https://www.suse.com/security/cve/CVE-2023-52492.html * https://www.suse.com/security/cve/CVE-2023-52493.html * https://www.suse.com/security/cve/CVE-2023-52494.html * https://www.suse.com/security/cve/CVE-2023-52497.html * https://www.suse.com/security/cve/CVE-2023-52500.html * https://www.suse.com/security/cve/CVE-2023-52501.html * https://www.suse.com/security/cve/CVE-2023-52502.html * https://www.suse.com/security/cve/CVE-2023-52504.html * https://www.suse.com/security/cve/CVE-2023-52507.html * https://www.suse.com/security/cve/CVE-2023-52508.html * https://www.suse.com/security/cve/CVE-2023-52509.html * https://www.suse.com/security/cve/CVE-2023-52510.html * https://www.suse.com/security/cve/CVE-2023-52511.html * https://www.suse.com/security/cve/CVE-2023-52513.html * https://www.suse.com/security/cve/CVE-2023-52515.html * https://www.suse.com/security/cve/CVE-2023-52517.html * https://www.suse.com/security/cve/CVE-2023-52518.html * https://www.suse.com/security/cve/CVE-2023-52519.html * https://www.suse.com/security/cve/CVE-2023-52520.html * https://www.suse.com/security/cve/CVE-2023-52523.html * https://www.suse.com/security/cve/CVE-2023-52524.html * https://www.suse.com/security/cve/CVE-2023-52525.html * https://www.suse.com/security/cve/CVE-2023-52528.html * https://www.suse.com/security/cve/CVE-2023-52529.html * https://www.suse.com/security/cve/CVE-2023-52532.html * https://www.suse.com/security/cve/CVE-2023-52563.html * https://www.suse.com/security/cve/CVE-2023-52564.html * https://www.suse.com/security/cve/CVE-2023-52566.html * https://www.suse.com/security/cve/CVE-2023-52567.html * https://www.suse.com/security/cve/CVE-2023-52569.html * https://www.suse.com/security/cve/CVE-2023-52574.html * https://www.suse.com/security/cve/CVE-2023-52575.html * https://www.suse.com/security/cve/CVE-2023-52576.html * https://www.suse.com/security/cve/CVE-2023-52582.html * https://www.suse.com/security/cve/CVE-2023-52583.html * https://www.suse.com/security/cve/CVE-2023-52587.html * https://www.suse.com/security/cve/CVE-2023-52591.html * https://www.suse.com/security/cve/CVE-2023-52594.html * https://www.suse.com/security/cve/CVE-2023-52595.html * https://www.suse.com/security/cve/CVE-2023-52597.html * https://www.suse.com/security/cve/CVE-2023-52598.html * https://www.suse.com/security/cve/CVE-2023-52599.html * https://www.suse.com/security/cve/CVE-2023-52600.html * https://www.suse.com/security/cve/CVE-2023-52601.html * https://www.suse.com/security/cve/CVE-2023-52602.html * https://www.suse.com/security/cve/CVE-2023-52603.html * https://www.suse.com/security/cve/CVE-2023-52604.html * https://www.suse.com/security/cve/CVE-2023-52605.html * https://www.suse.com/security/cve/CVE-2023-52606.html * https://www.suse.com/security/cve/CVE-2023-52607.html * https://www.suse.com/security/cve/CVE-2023-52608.html * https://www.suse.com/security/cve/CVE-2023-52612.html * https://www.suse.com/security/cve/CVE-2023-52615.html * https://www.suse.com/security/cve/CVE-2023-52617.html * https://www.suse.com/security/cve/CVE-2023-52619.html * https://www.suse.com/security/cve/CVE-2023-52621.html * https://www.suse.com/security/cve/CVE-2023-52623.html * https://www.suse.com/security/cve/CVE-2023-52628.html * https://www.suse.com/security/cve/CVE-2023-52632.html * https://www.suse.com/security/cve/CVE-2023-52637.html * https://www.suse.com/security/cve/CVE-2023-52639.html * https://www.suse.com/security/cve/CVE-2023-6356.html * https://www.suse.com/security/cve/CVE-2023-6535.html * https://www.suse.com/security/cve/CVE-2023-6536.html * https://www.suse.com/security/cve/CVE-2023-7042.html * https://www.suse.com/security/cve/CVE-2023-7192.html * https://www.suse.com/security/cve/CVE-2024-0841.html * https://www.suse.com/security/cve/CVE-2024-2201.html * https://www.suse.com/security/cve/CVE-2024-22099.html * https://www.suse.com/security/cve/CVE-2024-23307.html * https://www.suse.com/security/cve/CVE-2024-25739.html * https://www.suse.com/security/cve/CVE-2024-26599.html * https://www.suse.com/security/cve/CVE-2024-26600.html * https://www.suse.com/security/cve/CVE-2024-26602.html * https://www.suse.com/security/cve/CVE-2024-26612.html * https://www.suse.com/security/cve/CVE-2024-26614.html * https://www.suse.com/security/cve/CVE-2024-26620.html * https://www.suse.com/security/cve/CVE-2024-26627.html * https://www.suse.com/security/cve/CVE-2024-26629.html * https://www.suse.com/security/cve/CVE-2024-26642.html * https://www.suse.com/security/cve/CVE-2024-26645.html * https://www.suse.com/security/cve/CVE-2024-26646.html * https://www.suse.com/security/cve/CVE-2024-26651.html * https://www.suse.com/security/cve/CVE-2024-26654.html * https://www.suse.com/security/cve/CVE-2024-26659.html * https://www.suse.com/security/cve/CVE-2024-26664.html * https://www.suse.com/security/cve/CVE-2024-26667.html * https://www.suse.com/security/cve/CVE-2024-26670.html * https://www.suse.com/security/cve/CVE-2024-26695.html * https://www.suse.com/security/cve/CVE-2024-26717.html * https://bugzilla.suse.com/show_bug.cgi?id=1194869 * https://bugzilla.suse.com/show_bug.cgi?id=1200465 * https://bugzilla.suse.com/show_bug.cgi?id=1205316 * https://bugzilla.suse.com/show_bug.cgi?id=1207948 * https://bugzilla.suse.com/show_bug.cgi?id=1209635 * https://bugzilla.suse.com/show_bug.cgi?id=1209657 * https://bugzilla.suse.com/show_bug.cgi?id=1212514 * https://bugzilla.suse.com/show_bug.cgi?id=1213456 * https://bugzilla.suse.com/show_bug.cgi?id=1214852 * https://bugzilla.suse.com/show_bug.cgi?id=1215221 * https://bugzilla.suse.com/show_bug.cgi?id=1215322 * https://bugzilla.suse.com/show_bug.cgi?id=1217339 * https://bugzilla.suse.com/show_bug.cgi?id=1217959 * https://bugzilla.suse.com/show_bug.cgi?id=1217987 * https://bugzilla.suse.com/show_bug.cgi?id=1217988 * https://bugzilla.suse.com/show_bug.cgi?id=1217989 * https://bugzilla.suse.com/show_bug.cgi?id=1218321 * https://bugzilla.suse.com/show_bug.cgi?id=1218336 * https://bugzilla.suse.com/show_bug.cgi?id=1218479 * https://bugzilla.suse.com/show_bug.cgi?id=1218643 * https://bugzilla.suse.com/show_bug.cgi?id=1218777 * https://bugzilla.suse.com/show_bug.cgi?id=1219169 * https://bugzilla.suse.com/show_bug.cgi?id=1219170 * https://bugzilla.suse.com/show_bug.cgi?id=1219264 * https://bugzilla.suse.com/show_bug.cgi?id=1219834 * https://bugzilla.suse.com/show_bug.cgi?id=1220114 * https://bugzilla.suse.com/show_bug.cgi?id=1220176 * https://bugzilla.suse.com/show_bug.cgi?id=1220237 * https://bugzilla.suse.com/show_bug.cgi?id=1220251 * https://bugzilla.suse.com/show_bug.cgi?id=1220320 * https://bugzilla.suse.com/show_bug.cgi?id=1220337 * https://bugzilla.suse.com/show_bug.cgi?id=1220340 * https://bugzilla.suse.com/show_bug.cgi?id=1220365 * https://bugzilla.suse.com/show_bug.cgi?id=1220366 * https://bugzilla.suse.com/show_bug.cgi?id=1220398 * https://bugzilla.suse.com/show_bug.cgi?id=1220411 * https://bugzilla.suse.com/show_bug.cgi?id=1220413 * https://bugzilla.suse.com/show_bug.cgi?id=1220439 * https://bugzilla.suse.com/show_bug.cgi?id=1220443 * https://bugzilla.suse.com/show_bug.cgi?id=1220445 * https://bugzilla.suse.com/show_bug.cgi?id=1220466 * https://bugzilla.suse.com/show_bug.cgi?id=1220478 * https://bugzilla.suse.com/show_bug.cgi?id=1220482 * https://bugzilla.suse.com/show_bug.cgi?id=1220484 * https://bugzilla.suse.com/show_bug.cgi?id=1220486 * https://bugzilla.suse.com/show_bug.cgi?id=1220487 * https://bugzilla.suse.com/show_bug.cgi?id=1220492 * https://bugzilla.suse.com/show_bug.cgi?id=1220703 * https://bugzilla.suse.com/show_bug.cgi?id=1220775 * https://bugzilla.suse.com/show_bug.cgi?id=1220790 * https://bugzilla.suse.com/show_bug.cgi?id=1220797 * https://bugzilla.suse.com/show_bug.cgi?id=1220831 * https://bugzilla.suse.com/show_bug.cgi?id=1220833 * https://bugzilla.suse.com/show_bug.cgi?id=1220836 * https://bugzilla.suse.com/show_bug.cgi?id=1220839 * https://bugzilla.suse.com/show_bug.cgi?id=1220840 * https://bugzilla.suse.com/show_bug.cgi?id=1220843 * https://bugzilla.suse.com/show_bug.cgi?id=1220870 * https://bugzilla.suse.com/show_bug.cgi?id=1220871 * https://bugzilla.suse.com/show_bug.cgi?id=1220872 * https://bugzilla.suse.com/show_bug.cgi?id=1220878 * https://bugzilla.suse.com/show_bug.cgi?id=1220879 * https://bugzilla.suse.com/show_bug.cgi?id=1220883 * https://bugzilla.suse.com/show_bug.cgi?id=1220885 * https://bugzilla.suse.com/show_bug.cgi?id=1220887 * https://bugzilla.suse.com/show_bug.cgi?id=1220898 * https://bugzilla.suse.com/show_bug.cgi?id=1220918 * https://bugzilla.suse.com/show_bug.cgi?id=1220920 * https://bugzilla.suse.com/show_bug.cgi?id=1220921 * https://bugzilla.suse.com/show_bug.cgi?id=1220926 * https://bugzilla.suse.com/show_bug.cgi?id=1220927 * https://bugzilla.suse.com/show_bug.cgi?id=1220929 * https://bugzilla.suse.com/show_bug.cgi?id=1220932 * https://bugzilla.suse.com/show_bug.cgi?id=1220937 * https://bugzilla.suse.com/show_bug.cgi?id=1220938 * https://bugzilla.suse.com/show_bug.cgi?id=1220940 * https://bugzilla.suse.com/show_bug.cgi?id=1220954 * https://bugzilla.suse.com/show_bug.cgi?id=1220955 * https://bugzilla.suse.com/show_bug.cgi?id=1220959 * https://bugzilla.suse.com/show_bug.cgi?id=1220960 * https://bugzilla.suse.com/show_bug.cgi?id=1220961 * https://bugzilla.suse.com/show_bug.cgi?id=1220965 * https://bugzilla.suse.com/show_bug.cgi?id=1220969 * https://bugzilla.suse.com/show_bug.cgi?id=1220978 * https://bugzilla.suse.com/show_bug.cgi?id=1220979 * https://bugzilla.suse.com/show_bug.cgi?id=1220981 * https://bugzilla.suse.com/show_bug.cgi?id=1220982 * https://bugzilla.suse.com/show_bug.cgi?id=1220983 * https://bugzilla.suse.com/show_bug.cgi?id=1220985 * https://bugzilla.suse.com/show_bug.cgi?id=1220986 * https://bugzilla.suse.com/show_bug.cgi?id=1220987 * https://bugzilla.suse.com/show_bug.cgi?id=1220989 * https://bugzilla.suse.com/show_bug.cgi?id=1220990 * https://bugzilla.suse.com/show_bug.cgi?id=1221009 * https://bugzilla.suse.com/show_bug.cgi?id=1221012 * https://bugzilla.suse.com/show_bug.cgi?id=1221015 * https://bugzilla.suse.com/show_bug.cgi?id=1221022 * https://bugzilla.suse.com/show_bug.cgi?id=1221039 * https://bugzilla.suse.com/show_bug.cgi?id=1221040 * https://bugzilla.suse.com/show_bug.cgi?id=1221044 * https://bugzilla.suse.com/show_bug.cgi?id=1221045 * https://bugzilla.suse.com/show_bug.cgi?id=1221046 * https://bugzilla.suse.com/show_bug.cgi?id=1221048 * https://bugzilla.suse.com/show_bug.cgi?id=1221055 * https://bugzilla.suse.com/show_bug.cgi?id=1221056 * https://bugzilla.suse.com/show_bug.cgi?id=1221058 * https://bugzilla.suse.com/show_bug.cgi?id=1221060 * https://bugzilla.suse.com/show_bug.cgi?id=1221061 * https://bugzilla.suse.com/show_bug.cgi?id=1221062 * https://bugzilla.suse.com/show_bug.cgi?id=1221066 * https://bugzilla.suse.com/show_bug.cgi?id=1221067 * https://bugzilla.suse.com/show_bug.cgi?id=1221068 * https://bugzilla.suse.com/show_bug.cgi?id=1221069 * https://bugzilla.suse.com/show_bug.cgi?id=1221070 * https://bugzilla.suse.com/show_bug.cgi?id=1221071 * https://bugzilla.suse.com/show_bug.cgi?id=1221077 * https://bugzilla.suse.com/show_bug.cgi?id=1221082 * https://bugzilla.suse.com/show_bug.cgi?id=1221090 * https://bugzilla.suse.com/show_bug.cgi?id=1221097 * https://bugzilla.suse.com/show_bug.cgi?id=1221156 * https://bugzilla.suse.com/show_bug.cgi?id=1221252 * https://bugzilla.suse.com/show_bug.cgi?id=1221273 * https://bugzilla.suse.com/show_bug.cgi?id=1221274 * https://bugzilla.suse.com/show_bug.cgi?id=1221276 * https://bugzilla.suse.com/show_bug.cgi?id=1221277 * https://bugzilla.suse.com/show_bug.cgi?id=1221291 * https://bugzilla.suse.com/show_bug.cgi?id=1221293 * https://bugzilla.suse.com/show_bug.cgi?id=1221298 * https://bugzilla.suse.com/show_bug.cgi?id=1221337 * https://bugzilla.suse.com/show_bug.cgi?id=1221338 * https://bugzilla.suse.com/show_bug.cgi?id=1221375 * https://bugzilla.suse.com/show_bug.cgi?id=1221379 * https://bugzilla.suse.com/show_bug.cgi?id=1221551 * https://bugzilla.suse.com/show_bug.cgi?id=1221553 * https://bugzilla.suse.com/show_bug.cgi?id=1221613 * https://bugzilla.suse.com/show_bug.cgi?id=1221614 * https://bugzilla.suse.com/show_bug.cgi?id=1221616 * https://bugzilla.suse.com/show_bug.cgi?id=1221618 * https://bugzilla.suse.com/show_bug.cgi?id=1221631 * https://bugzilla.suse.com/show_bug.cgi?id=1221633 * https://bugzilla.suse.com/show_bug.cgi?id=1221713 * https://bugzilla.suse.com/show_bug.cgi?id=1221777 * https://bugzilla.suse.com/show_bug.cgi?id=1221814 * https://bugzilla.suse.com/show_bug.cgi?id=1221816 * https://bugzilla.suse.com/show_bug.cgi?id=1221830 * https://bugzilla.suse.com/show_bug.cgi?id=1221951 * https://bugzilla.suse.com/show_bug.cgi?id=1222033 * https://bugzilla.suse.com/show_bug.cgi?id=1222056 * https://bugzilla.suse.com/show_bug.cgi?id=1222060 * https://bugzilla.suse.com/show_bug.cgi?id=1222070 * https://bugzilla.suse.com/show_bug.cgi?id=1222073 * https://bugzilla.suse.com/show_bug.cgi?id=1222117 * https://bugzilla.suse.com/show_bug.cgi?id=1222274 * https://bugzilla.suse.com/show_bug.cgi?id=1222291 * https://bugzilla.suse.com/show_bug.cgi?id=1222300 * https://bugzilla.suse.com/show_bug.cgi?id=1222304 * https://bugzilla.suse.com/show_bug.cgi?id=1222317 * https://bugzilla.suse.com/show_bug.cgi?id=1222331 * https://bugzilla.suse.com/show_bug.cgi?id=1222355 * https://bugzilla.suse.com/show_bug.cgi?id=1222356 * https://bugzilla.suse.com/show_bug.cgi?id=1222360 * https://bugzilla.suse.com/show_bug.cgi?id=1222366 * https://bugzilla.suse.com/show_bug.cgi?id=1222373 * https://bugzilla.suse.com/show_bug.cgi?id=1222619 * https://jira.suse.com/browse/PED-5759 * https://jira.suse.com/browse/PED-7167 * https://jira.suse.com/browse/PED-7619 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Apr 18 16:30:27 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 18 Apr 2024 16:30:27 -0000 Subject: SUSE-SU-2024:1322-2: important: Security update for the Linux Kernel Message-ID: <171345782786.17084.7978618170129072549@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2024:1322-2 Rating: important References: * bsc#1194869 * bsc#1200465 * bsc#1205316 * bsc#1207948 * bsc#1209635 * bsc#1209657 * bsc#1212514 * bsc#1213456 * bsc#1214852 * bsc#1215221 * bsc#1215322 * bsc#1217339 * bsc#1217959 * bsc#1217987 * bsc#1217988 * bsc#1217989 * bsc#1218321 * bsc#1218336 * bsc#1218479 * bsc#1218562 * bsc#1218643 * bsc#1218777 * bsc#1219169 * bsc#1219170 * bsc#1219264 * bsc#1219834 * bsc#1220114 * bsc#1220176 * bsc#1220237 * bsc#1220251 * bsc#1220320 * bsc#1220325 * bsc#1220328 * bsc#1220337 * bsc#1220340 * bsc#1220365 * bsc#1220366 * bsc#1220398 * bsc#1220411 * bsc#1220413 * bsc#1220433 * bsc#1220439 * bsc#1220443 * bsc#1220445 * bsc#1220466 * bsc#1220469 * bsc#1220478 * bsc#1220482 * bsc#1220484 * bsc#1220486 * bsc#1220487 * bsc#1220492 * bsc#1220703 * bsc#1220735 * bsc#1220736 * bsc#1220775 * bsc#1220790 * bsc#1220797 * bsc#1220831 * bsc#1220833 * bsc#1220836 * bsc#1220839 * bsc#1220840 * bsc#1220843 * bsc#1220845 * bsc#1220848 * bsc#1220870 * bsc#1220871 * bsc#1220872 * bsc#1220878 * bsc#1220879 * bsc#1220883 * bsc#1220885 * bsc#1220887 * bsc#1220898 * bsc#1220917 * bsc#1220918 * bsc#1220920 * bsc#1220921 * bsc#1220926 * bsc#1220927 * bsc#1220929 * bsc#1220930 * bsc#1220931 * bsc#1220932 * bsc#1220933 * bsc#1220937 * bsc#1220938 * bsc#1220940 * bsc#1220954 * bsc#1220955 * bsc#1220959 * bsc#1220960 * bsc#1220961 * bsc#1220965 * bsc#1220969 * bsc#1220978 * bsc#1220979 * bsc#1220981 * bsc#1220982 * bsc#1220983 * bsc#1220985 * bsc#1220986 * bsc#1220987 * bsc#1220989 * bsc#1220990 * bsc#1221009 * bsc#1221012 * bsc#1221015 * bsc#1221022 * bsc#1221039 * bsc#1221040 * bsc#1221044 * bsc#1221045 * bsc#1221046 * bsc#1221048 * bsc#1221055 * bsc#1221056 * bsc#1221058 * bsc#1221060 * bsc#1221061 * bsc#1221062 * bsc#1221066 * bsc#1221067 * bsc#1221068 * bsc#1221069 * bsc#1221070 * bsc#1221071 * bsc#1221077 * bsc#1221082 * bsc#1221090 * bsc#1221097 * bsc#1221156 * bsc#1221252 * bsc#1221273 * bsc#1221274 * bsc#1221276 * bsc#1221277 * bsc#1221291 * bsc#1221293 * bsc#1221298 * bsc#1221337 * bsc#1221338 * bsc#1221375 * bsc#1221379 * bsc#1221551 * bsc#1221553 * bsc#1221613 * bsc#1221614 * bsc#1221616 * bsc#1221618 * bsc#1221631 * bsc#1221633 * bsc#1221713 * bsc#1221725 * bsc#1221777 * bsc#1221814 * bsc#1221816 * bsc#1221830 * bsc#1221951 * bsc#1222033 * bsc#1222056 * bsc#1222060 * bsc#1222070 * bsc#1222073 * bsc#1222117 * bsc#1222274 * bsc#1222291 * bsc#1222300 * bsc#1222304 * bsc#1222317 * bsc#1222331 * bsc#1222355 * bsc#1222356 * bsc#1222360 * bsc#1222366 * bsc#1222373 * bsc#1222619 * jsc#PED-5759 * jsc#PED-7167 * jsc#PED-7618 * jsc#PED-7619 Cross-References: * CVE-2021-46925 * CVE-2021-46926 * CVE-2021-46927 * CVE-2021-46929 * CVE-2021-46930 * CVE-2021-46931 * CVE-2021-46933 * CVE-2021-46934 * CVE-2021-46936 * CVE-2021-47082 * CVE-2021-47083 * CVE-2021-47087 * CVE-2021-47091 * CVE-2021-47093 * CVE-2021-47094 * CVE-2021-47095 * CVE-2021-47096 * CVE-2021-47097 * CVE-2021-47098 * CVE-2021-47099 * CVE-2021-47100 * CVE-2021-47101 * CVE-2021-47102 * CVE-2021-47104 * CVE-2021-47105 * CVE-2021-47107 * CVE-2021-47108 * CVE-2022-4744 * CVE-2022-48626 * CVE-2022-48627 * CVE-2022-48628 * CVE-2022-48629 * CVE-2022-48630 * CVE-2023-0160 * CVE-2023-28746 * CVE-2023-35827 * CVE-2023-4881 * CVE-2023-52447 * CVE-2023-52450 * CVE-2023-52453 * CVE-2023-52454 * CVE-2023-52462 * CVE-2023-52463 * CVE-2023-52467 * CVE-2023-52469 * CVE-2023-52470 * CVE-2023-52474 * CVE-2023-52476 * CVE-2023-52477 * CVE-2023-52481 * CVE-2023-52482 * CVE-2023-52484 * CVE-2023-52486 * CVE-2023-52492 * CVE-2023-52493 * CVE-2023-52494 * CVE-2023-52497 * CVE-2023-52500 * CVE-2023-52501 * CVE-2023-52502 * CVE-2023-52504 * CVE-2023-52507 * CVE-2023-52508 * CVE-2023-52509 * CVE-2023-52510 * CVE-2023-52511 * CVE-2023-52513 * CVE-2023-52515 * CVE-2023-52517 * CVE-2023-52518 * CVE-2023-52519 * CVE-2023-52520 * CVE-2023-52523 * CVE-2023-52524 * CVE-2023-52525 * CVE-2023-52528 * CVE-2023-52529 * CVE-2023-52530 * CVE-2023-52531 * CVE-2023-52532 * CVE-2023-52559 * CVE-2023-52563 * CVE-2023-52564 * CVE-2023-52566 * CVE-2023-52567 * CVE-2023-52569 * CVE-2023-52574 * CVE-2023-52575 * CVE-2023-52576 * CVE-2023-52582 * CVE-2023-52583 * CVE-2023-52587 * CVE-2023-52591 * CVE-2023-52594 * CVE-2023-52595 * CVE-2023-52597 * CVE-2023-52598 * CVE-2023-52599 * CVE-2023-52600 * CVE-2023-52601 * CVE-2023-52602 * CVE-2023-52603 * CVE-2023-52604 * CVE-2023-52605 * CVE-2023-52606 * CVE-2023-52607 * CVE-2023-52608 * CVE-2023-52612 * CVE-2023-52615 * CVE-2023-52617 * CVE-2023-52619 * CVE-2023-52621 * CVE-2023-52623 * CVE-2023-52628 * CVE-2023-52632 * CVE-2023-52637 * CVE-2023-52639 * CVE-2023-6270 * CVE-2023-6356 * CVE-2023-6535 * CVE-2023-6536 * CVE-2023-7042 * CVE-2023-7192 * CVE-2024-0841 * CVE-2024-2201 * CVE-2024-22099 * CVE-2024-23307 * CVE-2024-25739 * CVE-2024-25742 * CVE-2024-26599 * CVE-2024-26600 * CVE-2024-26602 * CVE-2024-26607 * CVE-2024-26612 * CVE-2024-26614 * CVE-2024-26620 * CVE-2024-26627 * CVE-2024-26629 * CVE-2024-26642 * CVE-2024-26645 * CVE-2024-26646 * CVE-2024-26651 * CVE-2024-26654 * CVE-2024-26659 * CVE-2024-26664 * CVE-2024-26667 * CVE-2024-26670 * CVE-2024-26695 * CVE-2024-26717 CVSS scores: * CVE-2021-46925 ( SUSE ): 5.3 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46925 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46926 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46927 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46927 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46929 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2021-46929 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46930 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2021-46930 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46931 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46931 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46933 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2021-46933 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46934 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2021-46934 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N * CVE-2021-46936 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46936 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47082 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47083 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L * CVE-2021-47087 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2021-47093 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H * CVE-2021-47094 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2021-47095 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47096 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2021-47097 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2021-47099 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47100 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47101 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2021-47102 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47104 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2021-47105 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2021-47107 ( SUSE ): 6.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2021-47108 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-4744 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-4744 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48626 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2022-48626 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48627 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2022-48628 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L * CVE-2022-48629 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2022-48630 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-0160 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-0160 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-28746 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2023-35827 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-4881 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L * CVE-2023-4881 ( NVD ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2023-52447 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52447 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52450 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52450 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52454 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52462 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N * CVE-2023-52462 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2023-52463 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52463 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52467 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52467 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52469 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2023-52469 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52470 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52470 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52474 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N * CVE-2023-52474 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52476 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52477 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52482 ( SUSE ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2023-52484 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52486 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52492 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52493 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52494 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52497 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2023-52500 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2023-52501 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2023-52502 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52504 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52507 ( SUSE ): 5.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2023-52508 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52509 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52510 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52511 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52513 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52515 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52517 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52518 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52519 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52520 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52523 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52524 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52525 ( SUSE ): 3.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2023-52528 ( SUSE ): 3.5 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L * CVE-2023-52529 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52530 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52531 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52532 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52559 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52563 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52564 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52566 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52567 ( SUSE ): 2.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L * CVE-2023-52569 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52574 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52575 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52576 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52582 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52583 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52587 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52591 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2023-52594 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52595 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52597 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:H * CVE-2023-52598 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52603 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52605 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52606 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52607 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52608 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52612 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H * CVE-2023-52615 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52617 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52619 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52621 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52623 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52628 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52632 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52637 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52639 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6270 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6270 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6356 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6356 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6535 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6535 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6536 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6536 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-7042 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-7042 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-7192 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-7192 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0841 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0841 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-2201 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-22099 ( SUSE ): 5.3 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-22099 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-23307 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-25739 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-25739 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-25742 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26599 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L * CVE-2024-26599 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26600 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26600 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26602 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-26602 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26607 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26612 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26614 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26627 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26629 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-26642 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26645 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26646 ( SUSE ): 4.9 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2024-26651 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26654 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26659 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26664 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26667 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26670 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26695 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26717 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Real Time Module 15-SP5 An update that solves 149 vulnerabilities, contains four features and has 29 security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes. NOTE: This update has been retracted due to a bug in the BHI CPU sidechannel mitigation, which led to incorrect selection of other CPU mitigations. The following security bugs were fixed: * CVE-2021-46925: Fixed kernel panic caused by race of smc_sock (bsc#1220466). * CVE-2021-46926: Fixed bug when detecting controllers in ALSA/hda/intel-sdw- acpi (bsc#1220478). * CVE-2021-46927: Fixed assertion bug in nitro_enclaves: Use get_user_pages_unlocked() (bsc#1220443). * CVE-2021-46929: Fixed use-after-free issue in sctp_sock_dump() (bsc#1220482). * CVE-2021-46930: Fixed usb/mtu3 list_head check warning (bsc#1220484). * CVE-2021-46931: Fixed wrong type casting in mlx5e_tx_reporter_dump_sq() (bsc#1220486). * CVE-2021-46933: Fixed possible underflow in ffs_data_clear() (bsc#1220487). * CVE-2021-46934: Fixed a bug by validating user data in compat ioctl (bsc#1220469). * CVE-2021-46936: Fixed use-after-free in tw_timer_handler() (bsc#1220439). * CVE-2021-47082: Fixed ouble free in tun_free_netdev() (bsc#1220969). * CVE-2021-47083: Fixed a global-out-of-bounds issue in mediatek: (bsc#1220917). * CVE-2021-47087: Fixed incorrect page free bug in tee/optee (bsc#1220954). * CVE-2021-47091: Fixed locking in ieee80211_start_ap()) error path (bsc#1220959). * CVE-2021-47093: Fixed memleak on registration failure in intel_pmc_core (bsc#1220978). * CVE-2021-47094: Fixed possible memory leak in KVM x86/mmu (bsc#1221551). * CVE-2021-47095: Fixed missing initialization in ipmi/ssif (bsc#1220979). * CVE-2021-47096: Fixed uninitalized user_pversion in ALSA rawmidi (bsc#1220981). * CVE-2021-47097: Fixed stack out of bound access in elantech_change_report_id() (bsc#1220982). * CVE-2021-47098: Fixed integer overflow/underflow in hysteresis calculations hwmon: (lm90) (bsc#1220983). * CVE-2021-47099: Fixed BUG_ON assertion in veth when skb entering GRO are cloned (bsc#1220955). * CVE-2021-47100: Fixed UAF when uninstall in ipmi (bsc#1220985). * CVE-2021-47101: Fixed uninit-value in asix_mdio_read() (bsc#1220987). * CVE-2021-47102: Fixed incorrect structure access In line: upper = info->upper_dev in net/marvell/prestera (bsc#1221009). * CVE-2021-47104: Fixed memory leak in qib_user_sdma_queue_pkts() (bsc#1220960). * CVE-2021-47105: Fixed potential memory leak in ice/xsk (bsc#1220961). * CVE-2021-47107: Fixed READDIR buffer overflow in NFSD (bsc#1220965). * CVE-2021-47108: Fixed possible NULL pointer dereference for mtk_hdmi_conf in drm/mediatek (bsc#1220986). * CVE-2022-4744: Fixed double-free that could lead to DoS or privilege escalation in TUN/TAP device driver functionality (bsc#1209635). * CVE-2022-48626: Fixed a potential use-after-free on remove path moxart (bsc#1220366). * CVE-2022-48627: Fixed a memory overlapping when deleting chars in the buffer (bsc#1220845). * CVE-2022-48628: Fixed possible lock in ceph (bsc#1220848). * CVE-2022-48629: Fixed possible memory leak in qcom-rng (bsc#1220989). * CVE-2022-48630: Fixed infinite loop on requests not multiple of WORD_SZ in crypto: qcom-rng (bsc#1220990). * CVE-2023-0160: Fixed deadlock flaw in BPF that could allow a local user to potentially crash the system (bsc#1209657). * CVE-2023-28746: Fixed Register File Data Sampling (bsc#1213456). * CVE-2023-35827: Fixed a use-after-free issue in ravb_tx_timeout_work() (bsc#1212514). * CVE-2023-4881: Fixed a out-of-bounds write flaw in the netfilter subsystem that could lead to potential information disclosure or a denial of service (bsc#1215221). * CVE-2023-52447: Fixed map_fd_put_ptr() signature kABI workaround (bsc#1220251). * CVE-2023-52450: Fixed NULL pointer dereference issue in upi_fill_topology() (bsc#1220237). * CVE-2023-52453: Fixed data corruption in hisi_acc_vfio_pci (bsc#1220337). * CVE-2023-52454: Fixed a kernel panic when host sends an invalid H2C PDU length (bsc#1220320). * CVE-2023-52462: Fixed check for attempt to corrupt spilled pointer (bsc#1220325). * CVE-2023-52463: Fixed null pointer dereference in efivarfs (bsc#1220328). * CVE-2023-52467: Fixed a null pointer dereference in of_syscon_register (bsc#1220433). * CVE-2023-52469: Fixed a use-after-free in kv_parse_power_table (bsc#1220411). * CVE-2023-52470: Fixed null-ptr-deref in radeon_crtc_init() (bsc#1220413). * CVE-2023-52474: Fixed a vulnerability with non-PAGE_SIZE-end multi-iovec user SDMA requests (bsc#1220445). * CVE-2023-52476: Fixed possible unhandled page fault via perf sampling NMI during vsyscall (bsc#1220703). * CVE-2023-52477: Fixed USB Hub accesses to uninitialized BOS descriptors (bsc#1220790). * CVE-2023-52481: Fixed speculative unprivileged load in Cortex-A520 (bsc#1220887). * CVE-2023-52482: Fixed a bug by adding SRSO mitigation for Hygon processors (bsc#1220735). * CVE-2023-52484: Fixed a soft lockup triggered by arm_smmu_mm_invalidate_range (bsc#1220797). * CVE-2023-52486: Fixed possible use-after-free in drm (bsc#1221277). * CVE-2023-52492: Fixed a null-pointer-dereference in channel unregistration function __dma_async_device_channel_register() (bsc#1221276). * CVE-2023-52493: Fixed possible soft lockup in bus/mhi/host (bsc#1221274). * CVE-2023-52494: Fixed missing alignment check for event ring read pointer in bus/mhi/host (bsc#1221273). * CVE-2023-52497: Fixed data corruption in erofs (bsc#1220879). * CVE-2023-52500: Fixed information leaking when processing OPC_INB_SET_CONTROLLER_CONFIG command (bsc#1220883). * CVE-2023-52501: Fixed possible memory corruption in ring-buffer (bsc#1220885). * CVE-2023-52502: Fixed a race condition in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() (bsc#1220831). * CVE-2023-52504: Fixed possible out-of bounds in apply_alternatives() on a 5-level paging machine (bsc#1221553). * CVE-2023-52507: Fixed possible shift-out-of-bounds in nfc/nci (bsc#1220833). * CVE-2023-52508: Fixed null pointer dereference in nvme_fc_io_getuuid() (bsc#1221015). * CVE-2023-52509: Fixed a use-after-free issue in ravb_tx_timeout_work() (bsc#1220836). * CVE-2023-52510: Fixed a potential UAF in ca8210_probe() (bsc#1220898). * CVE-2023-52511: Fixed possible memory corruption in spi/sun6i (bsc#1221012). * CVE-2023-52513: Fixed connection failure handling in RDMA/siw (bsc#1221022). * CVE-2023-52515: Fixed possible use-after-free in RDMA/srp (bsc#1221048). * CVE-2023-52517: Fixed race between DMA RX transfer completion and RX FIFO drain in spi/sun6i (bsc#1221055). * CVE-2023-52518: Fixed information leak in bluetooth/hci_codec (bsc#1221056). * CVE-2023-52519: Fixed possible overflow in HID/intel-ish-hid/ipc (bsc#1220920). * CVE-2023-52520: Fixed reference leak in platform/x86/think-lmi (bsc#1220921). * CVE-2023-52523: Fixed wrong redirects to non-TCP sockets in bpf (bsc#1220926). * CVE-2023-52524: Fixed possible corruption in nfc/llcp (bsc#1220927). * CVE-2023-52525: Fixed out of bounds check mwifiex_process_rx_packet() (bsc#1220840). * CVE-2023-52528: Fixed uninit-value access in __smsc75xx_read_reg() (bsc#1220843). * CVE-2023-52529: Fixed a potential memory leak in sony_probe() (bsc#1220929). * CVE-2023-52530: Fixed a potential key use-after-free in wifi mac80211 (bsc#1220930). * CVE-2023-52531: Fixed a memory corruption issue in iwlwifi (bsc#1220931). * CVE-2023-52532: Fixed a bug in TX CQE error handling (bsc#1220932). * CVE-2023-52559: Fixed a bug by avoiding memory allocation in iommu_suspend (bsc#1220933). * CVE-2023-52563: Fixed memory leak on ->hpd_notify callback() in drm/meson (bsc#1220937). * CVE-2023-52564: Reverted invalid fix for UAF in gsm_cleanup_mux() (bsc#1220938). * CVE-2023-52566: Fixed potential use after free in nilfs_gccache_submit_read_data() (bsc#1220940). * CVE-2023-52567: Fixed possible Oops in serial/8250_port: when using IRQ polling (irq = 0) (bsc#1220839). * CVE-2023-52569: Fixed a bug in btrfs by remoning BUG() after failure to insert delayed dir index item (bsc#1220918). * CVE-2023-52574: Fixed a bug by hiding new member header_ops (bsc#1220870). * CVE-2023-52575: Fixed SBPB enablement for spec_rstack_overflow=off (bsc#1220871). * CVE-2023-52576: Fixed potential use after free in memblock_isolate_range() (bsc#1220872). * CVE-2023-52582: Fixed possible oops in netfs (bsc#1220878). * CVE-2023-52583: Fixed deadlock or deadcode of misusing dget() inside ceph (bsc#1221058). * CVE-2023-52587: Fixed mcast list locking in IB/ipoib (bsc#1221082). * CVE-2023-52591: Fixed a possible reiserfs filesystem corruption via directory renaming (bsc#1221044). * CVE-2023-52594: Fixed potential array-index-out-of-bounds read in ath9k_htc_txstatus() (bsc#1221045). * CVE-2023-52595: Fixed possible deadlock in wifi/rt2x00 (bsc#1221046). * CVE-2023-52597: Fixed a setting of fpc register in KVM (bsc#1221040). * CVE-2023-52598: Fixed wrong setting of fpc register in s390/ptrace (bsc#1221060). * CVE-2023-52599: Fixed array-index-out-of-bounds in diNewExt() in jfs (bsc#1221062). * CVE-2023-52600: Fixed uaf in jfs_evict_inode() (bsc#1221071). * CVE-2023-52601: Fixed array-index-out-of-bounds in dbAdjTree() in jfs (bsc#1221068). * CVE-2023-52602: Fixed slab-out-of-bounds Read in dtSearch() in jfs (bsc#1221070). * CVE-2023-52603: Fixed array-index-out-of-bounds in dtSplitRoot() (bsc#1221066). * CVE-2023-52604: Fixed array-index-out-of-bounds in dbAdjTree() (bsc#1221067). * CVE-2023-52605: Fixed a NULL pointer dereference check (bsc#1221039) * CVE-2023-52606: Fixed possible kernel stack corruption in powerpc/lib (bsc#1221069). * CVE-2023-52607: Fixed a null-pointer-dereference in pgtable_cache_add kasprintf() (bsc#1221061). * CVE-2023-52608: Fixed possible race condition in firmware/arm_scmi (bsc#1221375). * CVE-2023-52612: Fixed req->dst buffer overflow in crypto/scomp (bsc#1221616). * CVE-2023-52615: Fixed page fault dead lock on mmap-ed hwrng (bsc#1221614). * CVE-2023-52617: Fixed stdev_release() crash after surprise hot remove (bsc#1221613). * CVE-2023-52619: Fixed possible crash when setting number of cpus to an odd number in pstore/ram (bsc#1221618). * CVE-2023-52621: Fixed missing asserion in bpf (bsc#1222073). * CVE-2023-52623: Fixed suspicious RCU usage in SUNRPC (bsc#1222060). * CVE-2023-52628: Fixed 4-byte stack OOB write in nftables (bsc#1222117). * CVE-2023-52632: Fixed lock dependency warning with srcu in drm/amdkfd (bsc#1222274). * CVE-2023-52637: Fixed UAF in j1939_sk_match_filter() in can/k1939 (bsc#1222291). * CVE-2023-52639: Fixed race during shadow creation in KVM/s390/vsie Fixed (bsc#1222300). * CVE-2023-6270: Fixed a use-after-free issue in aoecmd_cfg_pkts (bsc#1218562). * CVE-2023-6356: Fixed a NULL pointer dereference in nvmet_tcp_build_pdu_iovec (bsc#1217987). * CVE-2023-6535: Fixed a NULL pointer dereference in nvmet_tcp_execute_request (bsc#1217988). * CVE-2023-6536: Fixed a NULL pointer dereference in __nvmet_req_complete (bsc#1217989). * CVE-2023-7042: Fixed a null-pointer-dereference in ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() (bsc#1218336). * CVE-2023-7192: Fixed a memory leak problem in ctnetlink_create_conntrack in net/netfilter/nf_conntrack_netlink.c (bsc#1218479). * CVE-2024-0841: Fixed a null pointer dereference in the hugetlbfs_fill_super function in hugetlbfs (HugeTLB pages) functionality (bsc#1219264). * CVE-2024-2201: Fixed information leak in x86/BHI (bsc#1217339). * CVE-2024-22099: Fixed a null-pointer-dereference in rfcomm_check_security (bsc#1219170). * CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5 modules (bsc#1219169). * CVE-2024-25739: Fixed possible crash in create_empty_lvol() in drivers/mtd/ubi/vtbl.c (bsc#1219834). * CVE-2024-25742: Fixed insufficient validation during #VC instruction emulation in x86/sev (bsc#1221725). * CVE-2024-26599: Fixed out-of-bounds access in of_pwm_single_xlate() (bsc#1220365). * CVE-2024-26600: Fixed NULL pointer dereference for SRP in phy-omap-usb2 (bsc#1220340). * CVE-2024-26602: Fixed overall slowdowns with sys_membarrier (bsc1220398). * CVE-2024-26607: Fixed a probing race issue in sii902x: (bsc#1220736). * CVE-2024-26612: Fixed Oops in fscache_put_cache() This function dereferences (bsc#1221291). * CVE-2024-26614: Fixed the initialization of accept_queue's spinlocks (bsc#1221293). * CVE-2024-26620: Fixed possible device model violation in s390/vfio-ap (bsc#1221298). * CVE-2024-26627: Fixed possible hard lockup in scsi (bsc#1221090). * CVE-2024-26629: Fixed possible protocol violation via RELEASE_LOCKOWNER in nfsd (bsc#1221379). * CVE-2024-26642: Fixed the set of anonymous timeout flag in netfilter nf_tables (bsc#1221830). * CVE-2024-26645: Fixed missing visibility when inserting an element into tracing_map (bsc#1222056). * CVE-2024-26646: Fixed potential memory corruption when resuming from suspend or hibernation in thermal/intel/hfi (bsc#1222070). * CVE-2024-26651: Fixed possible oops via malicious devices in sr9800 (bsc#1221337). * CVE-2024-26654: Fixed use after free in ALSA/sh/aica (bsc#1222304). * CVE-2024-26659: Fixed wrong handling of isoc Babble and Buffer Overrun events in xhci (bsc#1222317). * CVE-2024-26664: Fixed out-of-bounds memory access in create_core_data() in hwmon coretemp (bsc#1222355). * CVE-2024-26667: Fixed null pointer reference in dpu_encoder_helper_phys_cleanup in drm/msm/dpu (bsc#1222331). * CVE-2024-26670: Fixed ARM64_WORKAROUND_SPECULATIVE_UNPRIV_LOAD workaround in kernel arm64 (bsc#1222356). * CVE-2024-26695: Fixed null pointer dereference in __sev_platform_shutdown_locked in crypto ccp (bsc#1222373). * CVE-2024-26717: Fixed null pointer dereference on failed power up in HID i2c-hid-of (bsc#1222360). The following non-security bugs were fixed: * acpi: CPPC: enable AMD CPPC V2 support for family 17h processors (git- fixes). * acpi: processor_idle: Fix memory leak in acpi_processor_power_exit() (git- fixes). * acpi: resource: Add Infinity laptops to irq1_edge_low_force_override (stable-fixes). * acpi: resource: Add MAIBENBEN X577 to irq1_edge_low_force_override (git- fixes). * acpi: resource: Do IRQ override on Lunnen Ground laptops (stable-fixes). * acpi: scan: Fix device check notification handling (git-fixes). * acpica: debugger: check status of acpi_evaluate_object() in acpi_db_walk_for_fields() (git-fixes). * alsa: aaci: Delete unused variable in aaci_do_suspend (git-fixes). * alsa: aoa: avoid false-positive format truncation warning (git-fixes). * alsa: aw2: avoid casting function pointers (git-fixes). * alsa: ctxfi: avoid casting function pointers (git-fixes). * alsa: hda/realtek - ALC285 reduce pop noise from Headphone port (stable- fixes). * alsa: hda/realtek - Add Headset Mic supported Acer NB platform (stable- fixes). * alsa: hda/realtek - Fix headset Mic no show at resume back for Lenovo ALC897 platform (git-fixes). * alsa: hda/realtek: Enable Mute LED on HP 840 G8 (MB 8AB8) (git-fixes). * alsa: hda/realtek: Update Panasonic CF-SZ6 quirk to support headset with microphone (git-fixes). * alsa: hda/realtek: fix ALC285 issues on HP Envy x360 laptops (stable-fixes). * alsa: hda/realtek: fix mute/micmute LED For HP mt440 (git-fixes). * alsa: hda/realtek: fix mute/micmute LEDs for HP EliteBook (stable-fixes). * alsa: seq: fix function cast warnings (git-fixes). * alsa: sh: aica: reorder cleanup operations to avoid UAF bugs (git-fixes). * alsa: usb-audio: Stop parsing channels bits when all channels are found (git-fixes). * arm64: dts: allwinner: h6: Add RX DMA channel for SPDIF (git-fixes) * arm64: dts: broadcom: bcmbca: bcm4908: drop invalid switch cells (git-fixes) * arm64: dts: imx8mm-kontron: Add support for ultra high speed modes on (git- fixes) * arm64: dts: imx8mm-venice-gw71xx: fix USB OTG VBUS (git-fixes) * arm64: dts: marvell: reorder crypto interrupts on Armada SoCs (git-fixes) * arm64: dts: rockchip: add ES8316 codec for ROCK Pi 4 (git-fixes) * arm64: dts: rockchip: add SPDIF node for ROCK Pi 4 (git-fixes) * arm64: dts: rockchip: fix regulator name on rk3399-rock-4 (git-fixes) * arm64: dts: rockchip: set num-cs property for spi on px30 (git-fixes) * arm64: mm: fix VA-range sanity check (git-fixes) * arm64: set __exception_irq_entry with __irq_entry as a default (git-fixes) * asoc: Intel: bytcr_rt5640: Add an extra entry for the Chuwi Vi8 tablet (stable-fixes). * asoc: amd: acp: Add missing error handling in sof-mach (git-fixes). * asoc: amd: acp: fix for acp_init function error handling (git-fixes). * asoc: madera: Fix typo in madera_set_fll_clks shift value (git-fixes). * asoc: meson: Use dev_err_probe() helper (stable-fixes). * asoc: meson: aiu: fix function pointer type mismatch (git-fixes). * asoc: meson: axg-tdm-interface: add frame rate constraint (git-fixes). * asoc: meson: axg-tdm-interface: fix mclk setup without mclk-fs (git-fixes). * asoc: meson: t9015: fix function pointer type mismatch (git-fixes). * asoc: ops: Fix wraparound for mask in snd_soc_get_volsw (git-fixes). * asoc: rcar: adg: correct TIMSEL setting for SSI9 (git-fixes). * asoc: rt5645: Make LattePanda board DMI match more precise (stable-fixes). * asoc: rt5682-sdw: fix locking sequence (git-fixes). * asoc: rt711-sdca: fix locking sequence (git-fixes). * asoc: rt711-sdw: fix locking sequence (git-fixes). * asoc: wm8962: Enable both SPKOUTR_ENA and SPKOUTL_ENA in mono mode (stable- fixes). * asoc: wm8962: Enable oscillator if selecting WM8962_FLL_OSC (stable-fixes). * asoc: wm8962: Fix up incorrect error message in wm8962_set_fll (stable- fixes). * ata: sata_mv: Fix PCI device ID table declaration compilation warning (git- fixes). * ata: sata_sx4: fix pdc20621_get_from_dimm() on 64-bit (git-fixes). * backlight: da9052: Fully initialize backlight_properties during probe (git- fixes). * backlight: lm3630a: Do not set bl->props.brightness in get_brightness (git- fixes). * backlight: lm3630a: Initialize backlight_properties on init (git-fixes). * backlight: lm3639: Fully initialize backlight_properties during probe (git- fixes). * backlight: lp8788: Fully initialize backlight_properties during probe (git- fixes). * blocklayoutdriver: Fix reference leak of pnfs_device_node (git-fixes). * bluetooth: Remove HCI_POWER_OFF_TIMEOUT (git-fixes). * bluetooth: Remove superfluous call to hci_conn_check_pending() (git-fixes). * bluetooth: hci_core: Fix possible buffer overflow (git-fixes). * bluetooth: mgmt: Remove leftover queuing of power_off work (git-fixes). * bluetooth: rfcomm: Fix null-ptr-deref in rfcomm_check_security (stable- fixes). * bpf, scripts: Correct GPL license name (git-fixes). * bpf, sockmap: Fix preempt_rt splat when using raw_spin_lock_t (git-fixes). * can: softing: remove redundant NULL check (git-fixes). * clk: zynq: Prevent null pointer dereference caused by kmalloc failure (git- fixes). * comedi: comedi_test: Prevent timers rescheduling during deletion (git- fixes). * coresight: etm4x: Do not access TRCIDR1 for identification (bsc#1220775) * coresight: etm4x: Fix accesses to TRCSEQRSTEVR and TRCSEQSTR (bsc#1220775) * coresight: etm: Override TRCIDR3.CCITMIN on errata affected cpus (bsc#1220775) * cpufreq: amd-pstate: Fix min_perf assignment in amd_pstate_adjust_perf() (git-fixes). * cpufreq: brcmstb-avs-cpufreq: add check for cpufreq_cpu_get's return value (git-fixes). * crypto: arm/sha - fix function cast warnings (git-fixes). * crypto: qat - avoid division by zero (git-fixes). * crypto: qat - fix deadlock in backlog processing (git-fixes). * crypto: qat - fix double free during reset (git-fixes). * crypto: qat - fix state machines cleanup paths (bsc#1218321). * crypto: qat - fix unregistration of compression algorithms (git-fixes). * crypto: qat - fix unregistration of crypto algorithms (git-fixes). * crypto: qat - ignore subsequent state up commands (git-fixes). * crypto: qat - increase size of buffers (git-fixes). * crypto: qat - resolve race condition during AER recovery (git-fixes). * crypto: xilinx - call finalize with bh disabled (git-fixes). * doc-guide: kernel-doc: tell about object-like macros (git-fixes). * doc/README.SUSE: Update information about module support status (jsc#PED-5759) * drivers: hv: vmbus: Calculate ring buffer size for more efficient use of memory (git-fixes). * drm/amd/display: Add FAMS validation before trying to use it (git-fixes). * drm/amd/display: Add function for validate and update new stream (git- fixes). * drm/amd/display: Avoid ABM when ODM combine is enabled for eDP (git-fixes). * drm/amd/display: Blocking invalid 420 modes on HDMI TMDS for DCN31 (git- fixes). * drm/amd/display: Check if link state is valid (git-fixes). * drm/amd/display: Copy DC context in the commit streams (git-fixes). * drm/amd/display: Disable PSR-SU on Parade 0803 TCON again (git-fixes). * drm/amd/display: Enable fast plane updates on DCN3.2 and above (git-fixes). * drm/amd/display: Enable new commit sequence only for DCN32x (git-fixes). * drm/amd/display: Exit idle optimizations before attempt to access PHY (git- fixes). * drm/amd/display: Expand kernel doc for DC (git-fixes). * drm/amd/display: Fix a bug when searching for insert_above_mpcc (git-fixes). * drm/amd/display: Fix a potential buffer overflow in 'dp_dsc_clock_en_read()' (git-fixes). * drm/amd/display: Fix possible underflow for displays with large vblank (git- fixes). * drm/amd/display: Fix the delta clamping for shaper LUT (git-fixes). * drm/amd/display: Fix underflow issue on 175hz timing (git-fixes). * drm/amd/display: For prefetch mode > 0, extend prefetch if possible (git- fixes). * drm/amd/display: Guard DCN31 PHYD32CLK logic against chip family (git- fixes). * drm/amd/display: Guard against invalid RPTR/WPTR being set (git-fixes). * drm/amd/display: Handle seamless boot stream (git-fixes). * drm/amd/display: Handle virtual hardware detect (git-fixes). * drm/amd/display: Include surface of unaffected streams (git-fixes). * drm/amd/display: Include udelay when waiting for INBOX0 ACK (git-fixes). * drm/amd/display: Increase frame warning limit with KASAN or KCSAN in dml (git-fixes). * drm/amd/display: Keep PHY active for dp config (git-fixes). * drm/amd/display: Prevent vtotal from being set to 0 (git-fixes). * drm/amd/display: Remove min_dst_y_next_start check for Z8 (git-fixes). * drm/amd/display: Restore rptr/wptr for DMCUB as workaround (git-fixes). * drm/amd/display: Return the correct HDCP error code (stable-fixes). * drm/amd/display: Revert vblank change that causes null pointer crash (git- fixes). * drm/amd/display: Rework comments on dc file (git-fixes). * drm/amd/display: Rework context change check (git-fixes). * drm/amd/display: Set minimum requirement for using PSR-SU on Phoenix (git- fixes). * drm/amd/display: Set minimum requirement for using PSR-SU on Rembrandt (git- fixes). * drm/amd/display: Update OTG instance in the commit stream (git-fixes). * drm/amd/display: Update correct DCN314 register header (git-fixes). * drm/amd/display: Update min Z8 residency time to 2100 for DCN314 (git- fixes). * drm/amd/display: Use DRAM speed from validation for dummy p-state (git- fixes). * drm/amd/display: Use DTBCLK as refclk instead of DPREFCLK (git-fixes). * drm/amd/display: Use min transition for all SubVP plane add/remove (git- fixes). * drm/amd/display: Write to correct dirty_rect (git-fixes). * drm/amd/display: Wrong colorimetry workaround (git-fixes). * drm/amd/display: add FB_DAMAGE_CLIPS support (git-fixes). * drm/amd/display: add ODM case when looking for first split pipe (git-fixes). * drm/amd/display: always switch off ODM before committing more streams (git- fixes). * drm/amd/display: clean code-style issues in dcn30_set_mpc_shaper_3dlut (git- fixes). * drm/amd/display: dc.h: eliminate kernel-doc warnings (git-fixes). * drm/amd/display: ensure async flips are only accepted for fast updates (git- fixes). * drm/amd/display: fix ABM disablement (git-fixes). * drm/amd/display: fix a NULL pointer dereference in amdgpu_dm_i2c_xfer() (git-fixes). * drm/amd/display: fix dc/core/dc.c kernel-doc (git-fixes). * drm/amd/display: fix hw rotated modes when PSR-SU is enabled (git-fixes). * drm/amd/display: fix kernel-doc issues in dc.h (git-fixes). * drm/amd/display: fix unbounded requesting for high pixel rate modes on dcn315 (git-fixes). * drm/amd/display: handle range offsets in VRR ranges (stable-fixes). * drm/amd/display: perform a bounds check before filling dirty rectangles (git-fixes). * drm/amd/display: set per pipe dppclk to 0 when dpp is off (git-fixes). * drm/amd/display: update extended blank for dcn314 onwards (git-fixes). * drm/amd/display: use low clocks for no plane configs (git-fixes). * drm/amd/pm: Fix error of MACO flag setting code (git-fixes). * drm/amd/pm: fix a memleak in aldebaran_tables_init (git-fixes). * drm/amd/smu: use AverageGfxclkFrequency* to replace previous GFX Curr Clock (git-fixes). * drm/amd: Enable PCIe PME from D3 (git-fixes). * drm/amdgpu/pm: Fix the error of pwm1_enable setting (stable-fixes). * drm/amdgpu/pm: make gfxclock consistent for sienna cichlid (git-fixes). * drm/amdgpu/pm: make mclk consistent for smu 13.0.7 (git-fixes). * drm/amdgpu/smu13: drop compute workload workaround (git-fixes). * drm/amdgpu: Enable gpu reset for S3 abort cases on Raven series (stable- fixes). * drm/amdgpu: Fix missing break in ATOM_ARG_IMM Case of atom_get_src_int() (git-fixes). * drm/amdgpu: Force order between a read and write to the same address (git- fixes). * drm/amdgpu: Match against exact bootloader status (git-fixes). * drm/amdgpu: Unset context priority is now invalid (git-fixes). * drm/amdgpu: Update min() to min_t() in 'amdgpu_info_ioctl' (git-fixes). * drm/amdgpu: amdgpu_ttm_gart_bind set gtt bound flag (stable-fixes). * drm/amdgpu: lower CS errors to debug severity (git-fixes). * drm/amdkfd: fix TLB flush after unmap for GFX9.4.2 (stable-fixes). * drm/bridge: tc358762: Instruct DSI host to generate HSE packets (git-fixes). * drm/display: fix typo (git-fixes). * drm/edid: Add quirk for OSVR HDK 2.0 (git-fixes). * drm/etnaviv: Restore some id values (git-fixes). * drm/exynos: do not return negative values from .get_modes() (stable-fixes). * drm/exynos: fix a possible null-pointer dereference due to data race in exynos_drm_crtc_atomic_disable() (git-fixes). * drm/i915/bios: Tolerate devdata==NULL in intel_bios_encoder_supports_dp_dual_mode() (stable-fixes). * drm/i915/gt: Do not generate the command streamer for all the CCS (git- fixes). * drm/i915/gt: Reset queue_priority_hint on parking (git-fixes). * drm/i915/gt: Use i915_vm_put on ppgtt_create error paths (git-fixes). * drm/i915/selftests: Fix dependency of some timeouts on HZ (git-fixes). * drm/i915: Add missing CCS documentation (git-fixes). * drm/i915: Call intel_pre_plane_updates() also for pipes getting enabled (git-fixes). * drm/i915: Check before removing mm notifier (git-fixes). * drm/lima: fix a memleak in lima_heap_alloc (git-fixes). * drm/mediatek: Fix a null pointer crash in mtk_drm_crtc_finish_page_flip (git-fixes). * drm/mediatek: dsi: Fix DSI RGB666 formats and definitions (git-fixes). * drm/msm/dpu: Only enable DSC_MODE_MULTIPLEX if dsc_merge is enabled (git- fixes). * drm/msm/dpu: add division of drm_display_mode's hskew parameter (git-fixes). * drm/msm/dpu: fix the programming of INTF_CFG2_DATA_HCTL_EN (git-fixes). * drm/msm/dpu: improve DSC allocation (git-fixes). * drm/panel-edp: use put_sync in unprepare (git-fixes). * drm/panel: Move AUX B116XW03 out of panel-edp back to panel-simple (git- fixes). * drm/panel: auo,b101uan08.3: Fine tune the panel power sequence (git-fixes). * drm/panel: boe-tv101wum-nl6: Fine tune the panel power sequence (git-fixes). * drm/panel: do not return negative error codes from drm_panel_get_modes() (stable-fixes). * drm/panfrost: fix power transition timeout warnings (git-fixes). * drm/probe-helper: warn about negative .get_modes() (stable-fixes). * drm/qxl: remove unused `count` variable from `qxl_surface_id_alloc()` (git- fixes). * drm/qxl: remove unused variable from `qxl_process_single_command()` (git- fixes). * drm/radeon/ni: Fix wrong firmware size logging in ni_init_microcode() (git- fixes). * drm/radeon/ni_dpm: remove redundant NULL check (git-fixes). * drm/radeon: remove dead code in ni_mc_load_microcode() (git-fixes). * drm/rockchip: dsi: Clean up 'usage_mode' when failing to attach (git-fixes). * drm/rockchip: inno_hdmi: Fix video timing (git-fixes). * drm/rockchip: lvds: do not overwrite error code (git-fixes). * drm/rockchip: lvds: do not print scary message when probing defer (git- fixes). * drm/tegra: dpaux: Fix PM disable depth imbalance in tegra_dpaux_probe (git- fixes). * drm/tegra: dsi: Add missing check for of_find_device_by_node (git-fixes). * drm/tegra: dsi: Fix missing pm_runtime_disable() in the error handling path of tegra_dsi_probe() (git-fixes). * drm/tegra: dsi: Fix some error handling paths in tegra_dsi_probe() (git- fixes). * drm/tegra: dsi: Make use of the helper function dev_err_probe() (stable- fixes). * drm/tegra: hdmi: Convert to devm_platform_ioremap_resource() (stable-fixes). * drm/tegra: hdmi: Fix some error handling paths in tegra_hdmi_probe() (git- fixes). * drm/tegra: output: Fix missing i2c_put_adapter() in the error handling paths of tegra_output_probe() (git-fixes). * drm/tegra: put drm_gem_object ref on error in tegra_fb_create (git-fixes). * drm/tegra: rgb: Fix missing clk_put() in the error handling paths of tegra_dc_rgb_probe() (git-fixes). * drm/tegra: rgb: Fix some error handling paths in tegra_dc_rgb_probe() (git- fixes). * drm/tidss: Fix initial plane zpos values (git-fixes). * drm/tidss: Fix sync-lost issue with two displays (git-fixes). * drm/ttm: Do not leak a resource on eviction error (git-fixes). * drm/ttm: Do not print error message if eviction was interrupted (git-fixes). * drm/vc4: Add module dependency on hdmi-codec (git-fixes). * drm/vmwgfx: Create debugfs ttm_resource_manager entry only if needed (git- fixes). * drm/vmwgfx: Fix possible null pointer derefence with invalid contexts (git- fixes). * drm/vmwgfx: fix a memleak in vmw_gmrid_man_get_node (git-fixes). * drm: Do not treat 0 as -1 in drm_fixp2int_ceil (git-fixes). * drm: Fix drm_fixp2int_round() making it add 0.5 (git-fixes). * drm: panel-orientation-quirks: Add quirk for Acer Switch V 10 (SW5-017) (git-fixes). * firewire: core: use long bus reset on gap count error (stable-fixes). * fix "coresight: etm4x: Change etm4_platform_driver driver for MMIO devices" (bsc#1220775) Hunk with clk_put(drvdata->pclk) was incorrectly moved to another function. * hid: amd_sfh: Update HPD sensor structure elements (git-fixes). * hid: lenovo: Add middleclick_workaround sysfs knob for cptkbd (git-fixes). * hid: multitouch: Add required quirk for Synaptics 0xcddc device (stable- fixes). * hv_netvsc: Calculate correct ring size when PAGE_SIZE is not 4 Kbytes (git- fixes). * hv_netvsc: Fix race condition between netvsc_probe and netvsc_remove (git- fixes). * hv_netvsc: Register VF in netvsc_probe if NET_DEVICE_REGISTER missed (git- fixes). * i2c: aspeed: Fix the dummy irq expected print (git-fixes). * i2c: i801: Avoid potential double call to gpiod_remove_lookup_table (git- fixes). * i2c: wmt: Fix an error handling path in wmt_i2c_probe() (git-fixes). * ib/ipoib: Fix mcast list locking (git-fixes) * iio: dummy_evgen: remove Excess kernel-doc comments (git-fixes). * iio: pressure: dlhl60d: Initialize empty DLH bytes (git-fixes). * input: gpio_keys_polled - suppress deferred probe error for gpio (stable- fixes). * input: i8042 - add Fujitsu Lifebook E5411 to i8042 quirk table (git-fixes). * input: i8042 - add Fujitsu Lifebook U728 to i8042 quirk table (git-fixes). * input: i8042 - add quirk for Fujitsu Lifebook A574/H (git-fixes). * input: i8042 - fix strange behavior of touchpad on Clevo NS70PU (git-fixes). * input: pm8941-powerkey - fix debounce on gen2+ PMICs (git-fixes). * input: pm8941-pwrkey - add software key press debouncing support (git- fixes). * input: pm8941-pwrkey - add support for PON GEN3 base addresses (git-fixes). * input: synaptics-rmi4 - fix UAF of IRQ domain on driver removal (git-fixes). * input: xpad - add Lenovo Legion Go controllers (git-fixes). * iommu/amd: Mark interrupt as managed (git-fixes). * iommu/dma: Trace bounce buffer usage when mapping buffers (git-fixes). * iommu/mediatek-v1: Fix an error handling path in mtk_iommu_v1_probe() (git- fixes). * iommu/mediatek: Fix forever loop in error handling (git-fixes). * iommu/vt-d: Allow to use flush-queue when first level is default (git- fixes). * iommu/vt-d: Do not issue ATS Invalidation request when device is disconnected (git-fixes). * iommu/vt-d: Fix PASID directory pointer coherency (git-fixes). * iommu/vt-d: Set No Execute Enable bit in PASID table entry (git-fixes). * kabi: PCI: Add locking to RMW PCI Express Capability Register accessors (kabi). * kconfig: fix infinite loop when expanding a macro at the end of file (git- fixes). * kvm: s390: only deliver the set service event bits (git-fixes bsc#1221631). * lan78xx: enable auto speed configuration for LAN7850 if no EEPROM is detected (git-commit). * leds: aw2013: Unlock mutex before destroying it (git-fixes). * lib/cmdline: Fix an invalid format specifier in an assertion msg (git- fixes). * make NVIDIA Grace-Hopper TPM related drivers build-ins (bsc#1221156) * md/raid10: check slab-out-of-bounds in md_bitmap_get_counter (git-fixes). * md/raid5: release batch_last before waiting for another stripe_head (git- fixes). * md/raid6: use valid sector values to determine if an I/O should wait on the reshape (git-fixes). * md: Do not ignore suspended array in md_check_recovery() (git-fixes). * md: Make sure md_do_sync() will set MD_RECOVERY_DONE (git-fixes). * md: Whenassemble the array, consult the superblock of the freshest device (git-fixes). * md: do not leave 'MD_RECOVERY_FROZEN' in error path of md_set_readonly() (git-fixes). * md: fix data corruption for raid456 when reshape restart while grow up (git- fixes). * md: introduce md_ro_state (git-fixes). * media: dvb-frontends: avoid stack overflow warnings with clang (git-fixes). * media: edia: dvbdev: fix a use-after-free (git-fixes). * media: em28xx: annotate unchecked call to media_device_register() (git- fixes). * media: go7007: add check of return value of go7007_read_addr() (git-fixes). * media: go7007: fix a memleak in go7007_load_encoder (git-fixes). * media: imx: csc/scaler: fix v4l2_ctrl_handler memory leak (git-fixes). * media: pvrusb2: fix pvr2_stream_callback casts (git-fixes). * media: pvrusb2: fix uaf in pvr2_context_set_notify (git-fixes). * media: pvrusb2: remove redundant NULL check (git-fixes). * media: staging: ipu3-imgu: Set fields before media_entity_pads_init() (git- fixes). * media: sun8i-di: Fix chroma difference threshold (git-fixes). * media: sun8i-di: Fix coefficient writes (git-fixes). * media: sun8i-di: Fix power on/off sequences (git-fixes). * media: tc358743: register v4l2 async device only after successful setup (git-fixes). * media: ttpci: fix two memleaks in budget_av_attach (git-fixes). * media: usbtv: Remove useless locks in usbtv_video_free() (git-fixes). * media: v4l2-mem2mem: fix a memleak in v4l2_m2m_register_entity (git-fixes). * media: v4l2-tpg: fix some memleaks in tpg_alloc (git-fixes). * media: xc4000: Fix atomicity violation in xc4000_get_frequency (git-fixes). * mfd: altera-sysmgr: Call of_node_put() only when of_parse_phandle() takes a ref (git-fixes). * mfd: syscon: Call of_node_put() only when of_parse_phandle() takes a ref (git-fixes). * mm,page_owner: Defer enablement of static branch (bsc#1222366). * mm,page_owner: Fix accounting of pages when migrating (bsc#1222366). * mm,page_owner: Fix printing of stack records (bsc#1222366). * mm,page_owner: Fix refcount imbalance (bsc#1222366). * mm,page_owner: Update metadata for tail pages (bsc#1222366). * mm,page_owner: check for null stack_record before bumping its refcount (bsc#1222366). * mm,page_owner: drop unnecessary check (bsc#1222366). * mm,page_owner: fix recursion (bsc#1222366). * mmc: core: Avoid negative index with array access (git-fixes). * mmc: core: Fix switch on gp3 partition (git-fixes). * mmc: core: Initialize mmc_blk_ioc_data (git-fixes). * mmc: mmci: stm32: fix DMA API overlapping mappings warning (git-fixes). * mmc: mmci: stm32: use a buffer for unaligned DMA requests (git-fixes). * mmc: tmio: avoid concurrent runs of mmc_request_done() (git-fixes). * mmc: wmt-sdmmc: remove an incorrect release_mem_region() call in the .remove function (git-fixes). * mtd: maps: physmap-core: fix flash size larger than 32-bit (git-fixes). * mtd: rawnand: lpc32xx_mlc: fix irq handler prototype (git-fixes). * mtd: rawnand: meson: fix scrambling mode value in command macro (git-fixes). * net/bnx2x: Prevent access to a freed page in page_pool (bsc#1215322). * net/x25: fix incorrect parameter validation in the x25_getsockopt() function (git-fixes). * net: Fix features skip in for_each_netdev_feature() (git-fixes). * net: lan78xx: fix runtime PM count underflow on link stop (git-fixes). * net: ll_temac: platform_get_resource replaced by wrong function (git-fixes). * net: mana: Fix Rx DMA datasize and skb_over_panic (git-fixes). * net: phy: fix phy_get_internal_delay accessing an empty array (git-fixes). * net: sunrpc: Fix an off by one in rpc_sockaddr2uaddr() (git-fixes). * net: usb: dm9601: fix wrong return value in dm9601_mdio_read (git-fixes). * nfc: nci: Fix uninit-value in nci_dev_up and nci_ntf_packet (git-fixes). * nfs: fix an off by one in root_nfs_cat() (git-fixes). * nfs: rename nfs_client_kset to nfs_kset (git-fixes). * nfsd: change LISTXATTRS cookie encoding to big-endian (git-fixes). * nfsd: convert the callback workqueue to use delayed_work (git-fixes). * nfsd: do not take fi_lock in nfsd_break_deleg_cb() (git-fixes). * nfsd: fix LISTXATTRS returning a short list with eof=TRUE (git-fixes). * nfsd: fix LISTXATTRS returning more bytes than maxcount (git-fixes). * nfsd: fix file memleak on client_opens_release (git-fixes). * nfsd: fix nfsd4_listxattr_validate_cookie (git-fixes). * nfsd: lock_rename() needs both directories to live on the same fs (git- fixes). * nfsd: reschedule CB operations when backchannel rpc_clnt is shut down (git- fixes). * nfsd: reset cb_seq_status after NFS4ERR_DELAY (git-fixes). * nfsd: retransmit callbacks after client reconnects (git-fixes). * nfsd: use vfs setgid helper (git-fixes). * nfsv4.1/pnfs: Ensure we handle the error NFS4ERR_RETURNCONFLICT (git-fixes). * nfsv4.1: fix SP4_MACH_CRED protection for pnfs IO (git-fixes). * nfsv4.1: fixup use EXCHGID4_FLAG_USE_PNFS_DS for DS server (git-fixes). * nfsv4.1: use EXCHGID4_FLAG_USE_PNFS_DS for DS server (git-fixes). * nfsv4.2: fix listxattr maximum XDR buffer size (git-fixes). * nfsv4.2: fix nfs4_listxattr kernel BUG at mm/usercopy.c:102 (git-fixes). * nfsv4.2: fix wrong shrinker_id (git-fixes). * nfsv4: fix a nfs4_state_manager() race (git-fixes). * nfsv4: fix a state manager thread deadlock regression (git-fixes). * nilfs2: fix failure to detect DAT corruption in btree and direct mappings (git-fixes). * nilfs2: prevent kernel bug at submit_bh_wbc() (git-fixes). * nouveau/dmem: handle kcalloc() allocation failure (git-fixes). * nouveau: reset the bo resource bus info after an eviction (git-fixes). * ntfs: fix use-after-free in ntfs_ucsncmp() (bsc#1221713). * nvme-fc: do not wait in vain when unloading module (git-fixes). * nvme: fix reconnection fail due to reserved tag allocation (git-fixes). * nvmet-fc: abort command when there is no binding (git-fixes). * nvmet-fc: avoid deadlock on delete association path (git-fixes). * nvmet-fc: defer cleanup using RCU properly (git-fixes). * nvmet-fc: hold reference on hostport match (git-fixes). * nvmet-fc: release reference on target port (git-fixes). * nvmet-fc: take ref count on tgtport before delete assoc (git-fixes). * nvmet-fcloop: swap the list_add_tail arguments (git-fixes). * nvmet-tcp: fix nvme tcp ida memory leak (git-fixes). * pci/aer: fix rootport attribute paths in ABI docs (git-fixes). * pci/aspm: Use RMW accessors for changing LNKCTL (git-fixes). * pci/dpc: print all TLP Prefixes, not just the first (git-fixes). * pci/msi: prevent MSI hardware interrupt number truncation (bsc#1218777) * pci/p2pdma: Fix a sleeping issue in a RCU read section (git-fixes). * pci: add locking to RMW PCI Express Capability Register accessors (git- fixes). * pci: dwc: Fix a 64bit bug in dw_pcie_ep_raise_msix_irq() (git-fixes). * pci: dwc: endpoint: Fix advertised resizable BAR size (git-fixes). * pci: dwc: endpoint: Fix dw_pcie_ep_raise_msix_irq() alignment support (git- fixes). * pci: fu740: Set the number of MSI vectors (git-fixes). * pci: lengthen reset delay for VideoPropulsion Torrent QN16e card (git- fixes). * pci: make link retraining use RMW accessors for changing LNKCTL (git-fixes). * pci: mark 3ware-9650SE Root Port Extended Tags as broken (git-fixes). * pci: mediatek-gen3: Fix translation window size calculation (git-fixes). * pci: mediatek: Clear interrupt status before dispatching handler (git- fixes). * pci: qcom: Enable BDF to SID translation properly (git-fixes). * pci: qcom: Use DWC helpers for modifying the read-only DBI registers (git- fixes). * pci: rockchip: Do not advertise MSI-X in PCIe capabilities (git-fixes). * pci: rockchip: Fix window mapping and address translation for endpoint (git- fixes). * pci: rockchip: Use 64-bit mask on MSI 64-bit PCI address (git-fixes). * pci: switchtec: Fix an error handling path in switchtec_pci_probe() (git- fixes). * pinctrl: mediatek: Drop bogus slew rate register range for MT8192 (git- fixes). * platform/mellanox: mlxreg-hotplug: Remove redundant NULL-check (git-fixes). * pm: suspend: Set mem_sleep_current during kernel command line setup (git- fixes). * pnfs/flexfiles: Check the layout validity in ff_layout_mirror_prepare_stats (git-fixes). * pnfs: Fix a hang in nfs4_evict_inode() (git-fixes). * pnfs: Fix the pnfs block driver's calculation of layoutget size (git-fixes). * powerpc/64s: POWER10 CPU Kconfig build option (bsc#1194869). * powerpc/boot: Disable power10 features after BOOTAFLAGS assignment (bsc#1194869). * powerpc/boot: Fix boot wrapper code generation with CONFIG_POWER10_CPU (bsc#1194869). * powerpc/lib/sstep: Do not use __{get/put}_user() on kernel addresses (bsc#1194869). * powerpc/lib/sstep: Remove unneeded #ifdef **powerpc64** (bsc#1194869). * powerpc/lib/sstep: Use l1_dcache_bytes() instead of opencoding (bsc#1194869). * powerpc/lib/sstep: use truncate_if_32bit() (bsc#1194869). * powerpc/pseries/iommu: IOMMU table is not initialized for kdump over SR-IOV (bsc#1220492 ltc#205270). * powerpc/pseries: Fix potential memleak in papr_get_attr() (bsc#1200465 ltc#197256 jsc#SLE-18130 git-fixes). * powerpc/sstep: Use bitwise instead of arithmetic operator for flags (bsc#1194869). * powerpc: add compile-time support for lbarx, lharx (bsc#1194869). * pwm: mediatek: Update kernel doc for struct pwm_mediatek_of_data (git- fixes). * qedf: Do not process stag work during unload (bsc#1214852). * qedf: Wait for stag work during unload (bsc#1214852). * raid1: fix use-after-free for original bio in raid1_write_request() (bsc#1221097). * ras/amd/fmpm: Add debugfs interface to print record entries (jsc#PED-7619). * ras/amd/fmpm: Avoid NULL ptr deref in get_saved_records() (jsc#PED-7619). * ras/amd/fmpm: Fix build when debugfs is not enabled (jsc#PED-7619). * ras/amd/fmpm: Fix off by one when unwinding on error (jsc#PED-7619). * ras/amd/fmpm: Safely handle saved records of various sizes (jsc#PED-7619). * ras/amd/fmpm: Save SPA values (jsc#PED-7619). * ras: Avoid build errors when CONFIG_DEBUG_FS=n (git-fixes). * ras: export helper to get ras_debugfs_dir (jsc#PED-7619). * rdma/device: Fix a race between mad_client and cm_client init (git-fixes) * rdma/hns: fix mis-modifying default congestion control algorithm (git-fixes) * rdma/ipoib: Fix error code return in ipoib_mcast_join (git-fixes) * rdma/irdma: Remove duplicate assignment (git-fixes) * rdma/mana_ib: Fix bug in creation of dma regions (git-fixes). * rdma/mlx5: fix fortify source warning while accessing Eth segment (git- fixes) * rdma/mlx5: relax DEVX access upon modify commands (git-fixes) * rdma/rtrs-clt: Check strnlen return len in sysfs mpath_policy_store() (git- fixes) * rdma/srpt: do not register event handler until srpt device is fully setup (git-fixes) * revert "PCI: tegra194: Enable support for 256 Byte payload" (git-fixes). * revert "Revert "drm/amdgpu/display: change pipe policy for DCN 2.0"" (git- fixes). * revert "SUNRPC dont update timeout value on connection reset" (git-fixes). * revert "drm/amd: Disable PSR-SU on Parade 0803 TCON" (git-fixes). * revert "drm/amd: Disable S/G for APUs when 64GB or more host memory" (git- fixes). * revert "drm/amdgpu/display: change pipe policy for DCN 2.0" (git-fixes). * revert "drm/amdgpu/display: change pipe policy for DCN 2.1" (git-fixes). * revert "drm/vc4: hdmi: Enforce the minimum rate at runtime_resume" (git- fixes). * revert "fbdev: flush deferred IO before closing (git-fixes)." (bsc#1221814) * ring-buffer: Clean ring_buffer_poll_wait() error return (git-fixes). * rtc: mt6397: select IRQ_DOMAIN instead of depending on it (git-fixes). * s390/pai: fix attr_event_free upper limit for pai device drivers (git-fixes bsc#1221633). * s390/vfio-ap: realize the VFIO_DEVICE_GET_IRQ_INFO ioctl (bsc#1205316). * s390/vfio-ap: realize the VFIO_DEVICE_SET_IRQS ioctl (bsc#1205316). * s390/vfio-ap: wire in the vfio_device_ops request callback (bsc#1205316). * s390/vtime: fix average steal time calculation (git-fixes bsc#1221951). * sched/rt: Disallow writing invalid values to sched_rt_period_us (bsc#1220176). * sched/rt: sysctl_sched_rr_timeslice show default timeslice after reset (bsc#1220176). * scsi: lpfc: Copyright updates for 14.4.0.1 patches (bsc#1221777). * scsi: lpfc: Correct size for cmdwqe/rspwqe for memset() (bsc#1221777). * scsi: lpfc: Correct size for wqe for memset() (bsc#1221777). * scsi: lpfc: Define lpfc_dmabuf type for ctx_buf ptr (bsc#1221777). * scsi: lpfc: Define lpfc_nodelist type for ctx_ndlp ptr (bsc#1221777). * scsi: lpfc: Define types in a union for generic void *context3 ptr (bsc#1221777). * scsi: lpfc: Move NPIV's transport unregistration to after resource clean up (bsc#1221777). * scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up() (bsc#1221777). * scsi: lpfc: Remove IRQF_ONESHOT flag from threaded IRQ handling (bsc#1221777 bsc#1217959). * scsi: lpfc: Remove unnecessary log message in queuecommand path (bsc#1221777). * scsi: lpfc: Replace hbalock with ndlp lock in lpfc_nvme_unregister_port() (bsc#1221777). * scsi: lpfc: Update lpfc version to 14.4.0.1 (bsc#1221777). * scsi: lpfc: Update lpfc_ramp_down_queue_handler() logic (bsc#1221777). * scsi: lpfc: Use a dedicated lock for ras_fwlog state (bsc#1221777). * scsi: qedf: Remove set but unused variable 'page' (bsc#1214852). * scsi: qedf: Remove unused 'num_handled' variable (bsc#1214852). * scsi: qedf: Remove unused declaration (bsc#1214852). * scsi: qla2xxx: Change debug message during driver unload (bsc1221816). * scsi: qla2xxx: Delay I/O Abort on PCI error (bsc1221816). * scsi: qla2xxx: Fix N2N stuck connection (bsc1221816). * scsi: qla2xxx: Fix command flush on cable pull (bsc1221816). * scsi: qla2xxx: Fix double free of fcport (bsc1221816). * scsi: qla2xxx: Fix double free of the ha->vp_map pointer (bsc1221816). * scsi: qla2xxx: NVME|FCP prefer flag not being honored (bsc1221816). * scsi: qla2xxx: Prevent command send on chip reset (bsc1221816). * scsi: qla2xxx: Split FCE|EFT trace control (bsc1221816). * scsi: qla2xxx: Update manufacturer detail (bsc1221816). * scsi: qla2xxx: Update version to 10.02.09.200-k (bsc1221816). * scsi: storvsc: Fix ring buffer size calculation (git-fixes). * scsi: target: core: Silence the message about unknown VPD pages (bsc#1221252). * selftests/bpf: add generic BPF program tester-loader (bsc#1222033). * serial: 8250_exar: Do not remove GPIO device on suspend (git-fixes). * serial: max310x: fix syntax error in IRQ error message (git-fixes). * slimbus: core: Remove usage of the deprecated ida_simple_xx() API (git- fixes). * soc: fsl: qbman: Always disable interrupts when taking cgr_lock (git-fixes). * spi: lm70llp: fix links in doc and comments (git-fixes). * spi: spi-mt65xx: Fix NULL pointer access in interrupt handler (git-fixes). * sr9800: Add check for usbnet_get_endpoints (git-fixes). * stackdepot: rename pool_index to pool_index_plus_1 (git-fixes). * staging: vc04_services: fix information leak in create_component() (git- fixes). * sunrpc: Add an IS_ERR() check back to where it was (git-fixes). * sunrpc: ECONNRESET might require a rebind (git-fixes). * sunrpc: Fix RPC client cleaned up the freed pipefs dentries (git-fixes). * sunrpc: Fix a suspicious RCU usage warning (git-fixes). * sunrpc: fix a memleak in gss_import_v2_context (git-fixes). * sunrpc: fix some memleaks in gssx_dec_option_array (git-fixes). * svcrdma: Drop connection after an RDMA Read error (git-fixes). * topology/sysfs: Hide PPIN on systems that do not support it (jsc#PED-7618). * topology: Fix up build warning in topology_is_visible() (jsc#PED-7618). * tracing/probes: Fix to show a parse error for bad type for $comm (git- fixes). * tracing: Fix wasted memory in saved_cmdlines logic (git-fixes). * tracing: Inform kmemleak of saved_cmdlines allocation (git-fixes). * tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc (bsc#1222619). * tty: serial: fsl_lpuart: avoid idle preamble pending if CTS is enabled (git- fixes). * tty: serial: samsung: fix tx_empty() to return TIOCSER_TEMT (git-fixes). * tty: vt: fix 20 vs 0x20 typo in EScsiignore (git-fixes). * ubifs: Queue up space reservation tasks if retrying many times (git-fixes). * ubifs: Remove unreachable code in dbg_check_ltab_lnum (git-fixes). * ubifs: Set page uptodate in the correct place (git-fixes). * ubifs: dbg_check_idx_size: Fix kmemleak if loading znode failed (git-fixes). * ubifs: fix sort function prototype (git-fixes). * usb: audio-v2: Correct comments for struct uac_clock_selector_descriptor (git-fixes). * usb: cdc-wdm: close race between read and workqueue (git-fixes). * usb: core: Fix deadlock in usb_deauthorize_interface() (git-fixes). * usb: dwc2: gadget: Fix exiting from clock gating (git-fixes). * usb: dwc2: gadget: LPM flow fix (git-fixes). * usb: dwc2: host: Fix ISOC flow in DDMA mode (git-fixes). * usb: dwc2: host: Fix hibernation flow (git-fixes). * usb: dwc2: host: Fix remote wakeup from hibernation (git-fixes). * usb: dwc3: Properly set system wakeup (git-fixes). * usb: f_mass_storage: forbid async queue when shutdown happen (git-fixes). * usb: gadget: ncm: Fix handling of zero block length packets (git-fixes). * usb: gadget: net2272: Use irqflags in the call to net2272_probe_fin (git- fixes). * usb: hub: Replace hardcoded quirk value with BIT() macro (git-fixes). * usb: port: Do not try to peer unused USB ports based on location (git- fixes). * usb: typec: Return size of buffer if pd_set operation succeeds (git-fixes). * usb: typec: ucsi: Check for notifications after init (git-fixes). * usb: typec: ucsi: Clean up UCSI_CABLE_PROP macros (git-fixes). * usb: typec: ucsi: Clear EVENT_PENDING under PPM lock (git-fixes). * usb: usb-storage: Prevent divide-by-0 error in isd200_ata_command (git- fixes). * usb: xhci: Add error handling in xhci_map_urb_for_dma (git-fixes). * vboxsf: Avoid an spurious warning if load_nls_xxx() fails (git-fixes). * vt: fix unicode buffer corruption when deleting characters (git-fixes). * watchdog: stm32_iwdg: initialize default timeout (git-fixes). * wifi: ath10k: fix NULL pointer dereference in ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() (git-fixes). * wifi: ath11k: decrease MHI channel buffer length to 8KB (bsc#1207948). * wifi: ath11k: initialize rx_mcs_80 and rx_mcs_160 before use (git-fixes). * wifi: ath9k: delay all of ath9k_wmi_event_tasklet() until init is complete (git-fixes). * wifi: b43: Disable QoS for bcm4331 (git-fixes). * wifi: b43: Stop correct queue in DMA worker when QoS is disabled (git- fixes). * wifi: b43: Stop/wake correct queue in DMA Tx path when QoS is disabled (git- fixes). * wifi: b43: Stop/wake correct queue in PIO Tx path when QoS is disabled (git- fixes). * wifi: brcmfmac: fix copyright year mentioned in platform_data header (git- fixes). * wifi: brcmsmac: avoid function pointer casts (git-fixes). * wifi: iwlwifi: dbg-tlv: ensure NUL termination (git-fixes). * wifi: iwlwifi: fix EWRD table validity check (git-fixes). * wifi: iwlwifi: fw: do not always use FW dump trig (git-fixes). * wifi: iwlwifi: mvm: do not set replay counters to 0xff (git-fixes). * wifi: iwlwifi: mvm: report beacon protection failures (git-fixes). * wifi: iwlwifi: mvm: rfi: fix potential response leaks (git-fixes). * wifi: iwlwifi: mvm: use FW rate for non-data only on new devices (git- fixes). * wifi: libertas: fix some memleaks in lbs_allocate_cmd_buffer() (git-fixes). * wifi: mwifiex: debugfs: Drop unnecessary error check for debugfs_create_dir() (git-fixes). * wifi: rtl8xxxu: add cancel_work_sync() for c2hcmd_work (git-fixes). * wifi: rtw88: 8821c: Fix false alarm count (git-fixes). * wifi: wilc1000: fix RCU usage in connect path (git-fixes). * wifi: wilc1000: fix declarations ordering (stable-fixes). * wifi: wilc1000: fix multi-vif management when deleting a vif (git-fixes). * wifi: wilc1000: prevent use-after-free on vif when cleaning up all interfaces (git-fixes). * x86/CPU/AMD: Update the Zenbleed microcode revisions (git-fixes). * x86/bugs: Fix the SRSO mitigation on Zen3/4 (git-fixes). * x86/fpu: Keep xfd_state in sync with MSR_IA32_XFD (git-fixes). * xhci: handle isoc Babble and Buffer Overrun events properly (git-fixes). * xhci: process isoc TD properly when there was a transaction error mid TD (git-fixes). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-1322=1 openSUSE-SLE-15.5-2024-1322=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-1322=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-1322=1 * SUSE Real Time Module 15-SP5 zypper in -t patch SUSE-SLE-Module-RT-15-SP5-2024-1322=1 ## Package List: * openSUSE Leap 15.5 (noarch) * kernel-devel-rt-5.14.21-150500.13.43.1 * kernel-source-rt-5.14.21-150500.13.43.1 * openSUSE Leap 15.5 (x86_64) * kernel-rt-vdso-5.14.21-150500.13.43.1 * gfs2-kmp-rt-5.14.21-150500.13.43.1 * kernel-rt_debug-devel-5.14.21-150500.13.43.1 * cluster-md-kmp-rt-5.14.21-150500.13.43.1 * kernel-livepatch-5_14_21-150500_13_43-rt-1-150500.11.5.1 * kernel-rt_debug-vdso-debuginfo-5.14.21-150500.13.43.1 * kernel-rt-debuginfo-5.14.21-150500.13.43.1 * kselftests-kmp-rt-5.14.21-150500.13.43.1 * ocfs2-kmp-rt-5.14.21-150500.13.43.1 * kernel-rt-devel-debuginfo-5.14.21-150500.13.43.1 * kernel-rt-livepatch-5.14.21-150500.13.43.1 * kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo-1-150500.11.5.1 * kernel-rt-extra-debuginfo-5.14.21-150500.13.43.1 * dlm-kmp-rt-debuginfo-5.14.21-150500.13.43.1 * reiserfs-kmp-rt-debuginfo-5.14.21-150500.13.43.1 * kernel-rt-extra-5.14.21-150500.13.43.1 * kernel-rt-optional-debuginfo-5.14.21-150500.13.43.1 * kernel-rt_debug-livepatch-devel-5.14.21-150500.13.43.1 * kernel-syms-rt-5.14.21-150500.13.43.1 * gfs2-kmp-rt-debuginfo-5.14.21-150500.13.43.1 * ocfs2-kmp-rt-debuginfo-5.14.21-150500.13.43.1 * kernel-rt_debug-debugsource-5.14.21-150500.13.43.1 * kernel-rt-debugsource-5.14.21-150500.13.43.1 * kernel-rt-vdso-debuginfo-5.14.21-150500.13.43.1 * dlm-kmp-rt-5.14.21-150500.13.43.1 * cluster-md-kmp-rt-debuginfo-5.14.21-150500.13.43.1 * kernel-rt_debug-debuginfo-5.14.21-150500.13.43.1 * kselftests-kmp-rt-debuginfo-5.14.21-150500.13.43.1 * kernel-rt-optional-5.14.21-150500.13.43.1 * kernel-rt-devel-5.14.21-150500.13.43.1 * kernel-rt_debug-devel-debuginfo-5.14.21-150500.13.43.1 * kernel-rt_debug-vdso-5.14.21-150500.13.43.1 * kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource-1-150500.11.5.1 * kernel-rt-livepatch-devel-5.14.21-150500.13.43.1 * reiserfs-kmp-rt-5.14.21-150500.13.43.1 * openSUSE Leap 15.5 (nosrc x86_64) * kernel-rt_debug-5.14.21-150500.13.43.1 * kernel-rt-5.14.21-150500.13.43.1 * SUSE Linux Enterprise Micro 5.5 (nosrc x86_64) * kernel-rt-5.14.21-150500.13.43.1 * SUSE Linux Enterprise Micro 5.5 (x86_64) * kernel-rt-debuginfo-5.14.21-150500.13.43.1 * kernel-rt-debugsource-5.14.21-150500.13.43.1 * SUSE Linux Enterprise Micro 5.5 (noarch) * kernel-source-rt-5.14.21-150500.13.43.1 * SUSE Linux Enterprise Live Patching 15-SP5 (x86_64) * kernel-livepatch-SLE15-SP5-RT_Update_12-debugsource-1-150500.11.5.1 * kernel-livepatch-5_14_21-150500_13_43-rt-debuginfo-1-150500.11.5.1 * kernel-livepatch-5_14_21-150500_13_43-rt-1-150500.11.5.1 * SUSE Real Time Module 15-SP5 (x86_64) * kernel-rt-vdso-5.14.21-150500.13.43.1 * gfs2-kmp-rt-5.14.21-150500.13.43.1 * kernel-rt_debug-devel-5.14.21-150500.13.43.1 * cluster-md-kmp-rt-5.14.21-150500.13.43.1 * kernel-rt_debug-vdso-debuginfo-5.14.21-150500.13.43.1 * kernel-rt-debuginfo-5.14.21-150500.13.43.1 * ocfs2-kmp-rt-5.14.21-150500.13.43.1 * kernel-rt-devel-debuginfo-5.14.21-150500.13.43.1 * dlm-kmp-rt-debuginfo-5.14.21-150500.13.43.1 * kernel-syms-rt-5.14.21-150500.13.43.1 * gfs2-kmp-rt-debuginfo-5.14.21-150500.13.43.1 * ocfs2-kmp-rt-debuginfo-5.14.21-150500.13.43.1 * kernel-rt_debug-debugsource-5.14.21-150500.13.43.1 * kernel-rt-debugsource-5.14.21-150500.13.43.1 * kernel-rt-vdso-debuginfo-5.14.21-150500.13.43.1 * dlm-kmp-rt-5.14.21-150500.13.43.1 * cluster-md-kmp-rt-debuginfo-5.14.21-150500.13.43.1 * kernel-rt_debug-debuginfo-5.14.21-150500.13.43.1 * kernel-rt-devel-5.14.21-150500.13.43.1 * kernel-rt_debug-devel-debuginfo-5.14.21-150500.13.43.1 * kernel-rt_debug-vdso-5.14.21-150500.13.43.1 * SUSE Real Time Module 15-SP5 (noarch) * kernel-devel-rt-5.14.21-150500.13.43.1 * kernel-source-rt-5.14.21-150500.13.43.1 * SUSE Real Time Module 15-SP5 (nosrc x86_64) * kernel-rt_debug-5.14.21-150500.13.43.1 * kernel-rt-5.14.21-150500.13.43.1 ## References: * https://www.suse.com/security/cve/CVE-2021-46925.html * https://www.suse.com/security/cve/CVE-2021-46926.html * https://www.suse.com/security/cve/CVE-2021-46927.html * https://www.suse.com/security/cve/CVE-2021-46929.html * https://www.suse.com/security/cve/CVE-2021-46930.html * https://www.suse.com/security/cve/CVE-2021-46931.html * https://www.suse.com/security/cve/CVE-2021-46933.html * https://www.suse.com/security/cve/CVE-2021-46934.html * https://www.suse.com/security/cve/CVE-2021-46936.html * https://www.suse.com/security/cve/CVE-2021-47082.html * https://www.suse.com/security/cve/CVE-2021-47083.html * https://www.suse.com/security/cve/CVE-2021-47087.html * https://www.suse.com/security/cve/CVE-2021-47091.html * https://www.suse.com/security/cve/CVE-2021-47093.html * https://www.suse.com/security/cve/CVE-2021-47094.html * https://www.suse.com/security/cve/CVE-2021-47095.html * https://www.suse.com/security/cve/CVE-2021-47096.html * https://www.suse.com/security/cve/CVE-2021-47097.html * https://www.suse.com/security/cve/CVE-2021-47098.html * https://www.suse.com/security/cve/CVE-2021-47099.html * https://www.suse.com/security/cve/CVE-2021-47100.html * https://www.suse.com/security/cve/CVE-2021-47101.html * https://www.suse.com/security/cve/CVE-2021-47102.html * https://www.suse.com/security/cve/CVE-2021-47104.html * https://www.suse.com/security/cve/CVE-2021-47105.html * https://www.suse.com/security/cve/CVE-2021-47107.html * https://www.suse.com/security/cve/CVE-2021-47108.html * https://www.suse.com/security/cve/CVE-2022-4744.html * https://www.suse.com/security/cve/CVE-2022-48626.html * https://www.suse.com/security/cve/CVE-2022-48627.html * https://www.suse.com/security/cve/CVE-2022-48628.html * https://www.suse.com/security/cve/CVE-2022-48629.html * https://www.suse.com/security/cve/CVE-2022-48630.html * https://www.suse.com/security/cve/CVE-2023-0160.html * https://www.suse.com/security/cve/CVE-2023-28746.html * https://www.suse.com/security/cve/CVE-2023-35827.html * https://www.suse.com/security/cve/CVE-2023-4881.html * https://www.suse.com/security/cve/CVE-2023-52447.html * https://www.suse.com/security/cve/CVE-2023-52450.html * https://www.suse.com/security/cve/CVE-2023-52453.html * https://www.suse.com/security/cve/CVE-2023-52454.html * https://www.suse.com/security/cve/CVE-2023-52462.html * https://www.suse.com/security/cve/CVE-2023-52463.html * https://www.suse.com/security/cve/CVE-2023-52467.html * https://www.suse.com/security/cve/CVE-2023-52469.html * https://www.suse.com/security/cve/CVE-2023-52470.html * https://www.suse.com/security/cve/CVE-2023-52474.html * https://www.suse.com/security/cve/CVE-2023-52476.html * https://www.suse.com/security/cve/CVE-2023-52477.html * https://www.suse.com/security/cve/CVE-2023-52481.html * https://www.suse.com/security/cve/CVE-2023-52482.html * https://www.suse.com/security/cve/CVE-2023-52484.html * https://www.suse.com/security/cve/CVE-2023-52486.html * https://www.suse.com/security/cve/CVE-2023-52492.html * https://www.suse.com/security/cve/CVE-2023-52493.html * https://www.suse.com/security/cve/CVE-2023-52494.html * https://www.suse.com/security/cve/CVE-2023-52497.html * https://www.suse.com/security/cve/CVE-2023-52500.html * https://www.suse.com/security/cve/CVE-2023-52501.html * https://www.suse.com/security/cve/CVE-2023-52502.html * https://www.suse.com/security/cve/CVE-2023-52504.html * https://www.suse.com/security/cve/CVE-2023-52507.html * https://www.suse.com/security/cve/CVE-2023-52508.html * https://www.suse.com/security/cve/CVE-2023-52509.html * https://www.suse.com/security/cve/CVE-2023-52510.html * https://www.suse.com/security/cve/CVE-2023-52511.html * https://www.suse.com/security/cve/CVE-2023-52513.html * https://www.suse.com/security/cve/CVE-2023-52515.html * https://www.suse.com/security/cve/CVE-2023-52517.html * https://www.suse.com/security/cve/CVE-2023-52518.html * https://www.suse.com/security/cve/CVE-2023-52519.html * https://www.suse.com/security/cve/CVE-2023-52520.html * https://www.suse.com/security/cve/CVE-2023-52523.html * https://www.suse.com/security/cve/CVE-2023-52524.html * https://www.suse.com/security/cve/CVE-2023-52525.html * https://www.suse.com/security/cve/CVE-2023-52528.html * https://www.suse.com/security/cve/CVE-2023-52529.html * https://www.suse.com/security/cve/CVE-2023-52530.html * https://www.suse.com/security/cve/CVE-2023-52531.html * https://www.suse.com/security/cve/CVE-2023-52532.html * https://www.suse.com/security/cve/CVE-2023-52559.html * https://www.suse.com/security/cve/CVE-2023-52563.html * https://www.suse.com/security/cve/CVE-2023-52564.html * https://www.suse.com/security/cve/CVE-2023-52566.html * https://www.suse.com/security/cve/CVE-2023-52567.html * https://www.suse.com/security/cve/CVE-2023-52569.html * https://www.suse.com/security/cve/CVE-2023-52574.html * https://www.suse.com/security/cve/CVE-2023-52575.html * https://www.suse.com/security/cve/CVE-2023-52576.html * https://www.suse.com/security/cve/CVE-2023-52582.html * https://www.suse.com/security/cve/CVE-2023-52583.html * https://www.suse.com/security/cve/CVE-2023-52587.html * https://www.suse.com/security/cve/CVE-2023-52591.html * https://www.suse.com/security/cve/CVE-2023-52594.html * https://www.suse.com/security/cve/CVE-2023-52595.html * https://www.suse.com/security/cve/CVE-2023-52597.html * https://www.suse.com/security/cve/CVE-2023-52598.html * https://www.suse.com/security/cve/CVE-2023-52599.html * https://www.suse.com/security/cve/CVE-2023-52600.html * https://www.suse.com/security/cve/CVE-2023-52601.html * https://www.suse.com/security/cve/CVE-2023-52602.html * https://www.suse.com/security/cve/CVE-2023-52603.html * https://www.suse.com/security/cve/CVE-2023-52604.html * https://www.suse.com/security/cve/CVE-2023-52605.html * https://www.suse.com/security/cve/CVE-2023-52606.html * https://www.suse.com/security/cve/CVE-2023-52607.html * https://www.suse.com/security/cve/CVE-2023-52608.html * https://www.suse.com/security/cve/CVE-2023-52612.html * https://www.suse.com/security/cve/CVE-2023-52615.html * https://www.suse.com/security/cve/CVE-2023-52617.html * https://www.suse.com/security/cve/CVE-2023-52619.html * https://www.suse.com/security/cve/CVE-2023-52621.html * https://www.suse.com/security/cve/CVE-2023-52623.html * https://www.suse.com/security/cve/CVE-2023-52628.html * https://www.suse.com/security/cve/CVE-2023-52632.html * https://www.suse.com/security/cve/CVE-2023-52637.html * https://www.suse.com/security/cve/CVE-2023-52639.html * https://www.suse.com/security/cve/CVE-2023-6270.html * https://www.suse.com/security/cve/CVE-2023-6356.html * https://www.suse.com/security/cve/CVE-2023-6535.html * https://www.suse.com/security/cve/CVE-2023-6536.html * https://www.suse.com/security/cve/CVE-2023-7042.html * https://www.suse.com/security/cve/CVE-2023-7192.html * https://www.suse.com/security/cve/CVE-2024-0841.html * https://www.suse.com/security/cve/CVE-2024-2201.html * https://www.suse.com/security/cve/CVE-2024-22099.html * https://www.suse.com/security/cve/CVE-2024-23307.html * https://www.suse.com/security/cve/CVE-2024-25739.html * https://www.suse.com/security/cve/CVE-2024-25742.html * https://www.suse.com/security/cve/CVE-2024-26599.html * https://www.suse.com/security/cve/CVE-2024-26600.html * https://www.suse.com/security/cve/CVE-2024-26602.html * https://www.suse.com/security/cve/CVE-2024-26607.html * https://www.suse.com/security/cve/CVE-2024-26612.html * https://www.suse.com/security/cve/CVE-2024-26614.html * https://www.suse.com/security/cve/CVE-2024-26620.html * https://www.suse.com/security/cve/CVE-2024-26627.html * https://www.suse.com/security/cve/CVE-2024-26629.html * https://www.suse.com/security/cve/CVE-2024-26642.html * https://www.suse.com/security/cve/CVE-2024-26645.html * https://www.suse.com/security/cve/CVE-2024-26646.html * https://www.suse.com/security/cve/CVE-2024-26651.html * https://www.suse.com/security/cve/CVE-2024-26654.html * https://www.suse.com/security/cve/CVE-2024-26659.html * https://www.suse.com/security/cve/CVE-2024-26664.html * https://www.suse.com/security/cve/CVE-2024-26667.html * https://www.suse.com/security/cve/CVE-2024-26670.html * https://www.suse.com/security/cve/CVE-2024-26695.html * https://www.suse.com/security/cve/CVE-2024-26717.html * https://bugzilla.suse.com/show_bug.cgi?id=1194869 * https://bugzilla.suse.com/show_bug.cgi?id=1200465 * https://bugzilla.suse.com/show_bug.cgi?id=1205316 * https://bugzilla.suse.com/show_bug.cgi?id=1207948 * https://bugzilla.suse.com/show_bug.cgi?id=1209635 * https://bugzilla.suse.com/show_bug.cgi?id=1209657 * https://bugzilla.suse.com/show_bug.cgi?id=1212514 * https://bugzilla.suse.com/show_bug.cgi?id=1213456 * https://bugzilla.suse.com/show_bug.cgi?id=1214852 * https://bugzilla.suse.com/show_bug.cgi?id=1215221 * https://bugzilla.suse.com/show_bug.cgi?id=1215322 * https://bugzilla.suse.com/show_bug.cgi?id=1217339 * https://bugzilla.suse.com/show_bug.cgi?id=1217959 * https://bugzilla.suse.com/show_bug.cgi?id=1217987 * https://bugzilla.suse.com/show_bug.cgi?id=1217988 * https://bugzilla.suse.com/show_bug.cgi?id=1217989 * https://bugzilla.suse.com/show_bug.cgi?id=1218321 * https://bugzilla.suse.com/show_bug.cgi?id=1218336 * https://bugzilla.suse.com/show_bug.cgi?id=1218479 * https://bugzilla.suse.com/show_bug.cgi?id=1218562 * https://bugzilla.suse.com/show_bug.cgi?id=1218643 * https://bugzilla.suse.com/show_bug.cgi?id=1218777 * https://bugzilla.suse.com/show_bug.cgi?id=1219169 * https://bugzilla.suse.com/show_bug.cgi?id=1219170 * https://bugzilla.suse.com/show_bug.cgi?id=1219264 * https://bugzilla.suse.com/show_bug.cgi?id=1219834 * https://bugzilla.suse.com/show_bug.cgi?id=1220114 * https://bugzilla.suse.com/show_bug.cgi?id=1220176 * https://bugzilla.suse.com/show_bug.cgi?id=1220237 * https://bugzilla.suse.com/show_bug.cgi?id=1220251 * https://bugzilla.suse.com/show_bug.cgi?id=1220320 * https://bugzilla.suse.com/show_bug.cgi?id=1220325 * https://bugzilla.suse.com/show_bug.cgi?id=1220328 * https://bugzilla.suse.com/show_bug.cgi?id=1220337 * https://bugzilla.suse.com/show_bug.cgi?id=1220340 * https://bugzilla.suse.com/show_bug.cgi?id=1220365 * https://bugzilla.suse.com/show_bug.cgi?id=1220366 * https://bugzilla.suse.com/show_bug.cgi?id=1220398 * https://bugzilla.suse.com/show_bug.cgi?id=1220411 * https://bugzilla.suse.com/show_bug.cgi?id=1220413 * https://bugzilla.suse.com/show_bug.cgi?id=1220433 * https://bugzilla.suse.com/show_bug.cgi?id=1220439 * https://bugzilla.suse.com/show_bug.cgi?id=1220443 * https://bugzilla.suse.com/show_bug.cgi?id=1220445 * https://bugzilla.suse.com/show_bug.cgi?id=1220466 * https://bugzilla.suse.com/show_bug.cgi?id=1220469 * https://bugzilla.suse.com/show_bug.cgi?id=1220478 * https://bugzilla.suse.com/show_bug.cgi?id=1220482 * https://bugzilla.suse.com/show_bug.cgi?id=1220484 * https://bugzilla.suse.com/show_bug.cgi?id=1220486 * https://bugzilla.suse.com/show_bug.cgi?id=1220487 * https://bugzilla.suse.com/show_bug.cgi?id=1220492 * https://bugzilla.suse.com/show_bug.cgi?id=1220703 * https://bugzilla.suse.com/show_bug.cgi?id=1220735 * https://bugzilla.suse.com/show_bug.cgi?id=1220736 * https://bugzilla.suse.com/show_bug.cgi?id=1220775 * https://bugzilla.suse.com/show_bug.cgi?id=1220790 * https://bugzilla.suse.com/show_bug.cgi?id=1220797 * https://bugzilla.suse.com/show_bug.cgi?id=1220831 * https://bugzilla.suse.com/show_bug.cgi?id=1220833 * https://bugzilla.suse.com/show_bug.cgi?id=1220836 * https://bugzilla.suse.com/show_bug.cgi?id=1220839 * https://bugzilla.suse.com/show_bug.cgi?id=1220840 * https://bugzilla.suse.com/show_bug.cgi?id=1220843 * https://bugzilla.suse.com/show_bug.cgi?id=1220845 * https://bugzilla.suse.com/show_bug.cgi?id=1220848 * https://bugzilla.suse.com/show_bug.cgi?id=1220870 * https://bugzilla.suse.com/show_bug.cgi?id=1220871 * https://bugzilla.suse.com/show_bug.cgi?id=1220872 * https://bugzilla.suse.com/show_bug.cgi?id=1220878 * https://bugzilla.suse.com/show_bug.cgi?id=1220879 * https://bugzilla.suse.com/show_bug.cgi?id=1220883 * https://bugzilla.suse.com/show_bug.cgi?id=1220885 * https://bugzilla.suse.com/show_bug.cgi?id=1220887 * https://bugzilla.suse.com/show_bug.cgi?id=1220898 * https://bugzilla.suse.com/show_bug.cgi?id=1220917 * https://bugzilla.suse.com/show_bug.cgi?id=1220918 * https://bugzilla.suse.com/show_bug.cgi?id=1220920 * https://bugzilla.suse.com/show_bug.cgi?id=1220921 * https://bugzilla.suse.com/show_bug.cgi?id=1220926 * https://bugzilla.suse.com/show_bug.cgi?id=1220927 * https://bugzilla.suse.com/show_bug.cgi?id=1220929 * https://bugzilla.suse.com/show_bug.cgi?id=1220930 * https://bugzilla.suse.com/show_bug.cgi?id=1220931 * https://bugzilla.suse.com/show_bug.cgi?id=1220932 * https://bugzilla.suse.com/show_bug.cgi?id=1220933 * https://bugzilla.suse.com/show_bug.cgi?id=1220937 * https://bugzilla.suse.com/show_bug.cgi?id=1220938 * https://bugzilla.suse.com/show_bug.cgi?id=1220940 * https://bugzilla.suse.com/show_bug.cgi?id=1220954 * https://bugzilla.suse.com/show_bug.cgi?id=1220955 * https://bugzilla.suse.com/show_bug.cgi?id=1220959 * https://bugzilla.suse.com/show_bug.cgi?id=1220960 * https://bugzilla.suse.com/show_bug.cgi?id=1220961 * https://bugzilla.suse.com/show_bug.cgi?id=1220965 * https://bugzilla.suse.com/show_bug.cgi?id=1220969 * https://bugzilla.suse.com/show_bug.cgi?id=1220978 * https://bugzilla.suse.com/show_bug.cgi?id=1220979 * https://bugzilla.suse.com/show_bug.cgi?id=1220981 * https://bugzilla.suse.com/show_bug.cgi?id=1220982 * https://bugzilla.suse.com/show_bug.cgi?id=1220983 * https://bugzilla.suse.com/show_bug.cgi?id=1220985 * https://bugzilla.suse.com/show_bug.cgi?id=1220986 * https://bugzilla.suse.com/show_bug.cgi?id=1220987 * https://bugzilla.suse.com/show_bug.cgi?id=1220989 * https://bugzilla.suse.com/show_bug.cgi?id=1220990 * https://bugzilla.suse.com/show_bug.cgi?id=1221009 * https://bugzilla.suse.com/show_bug.cgi?id=1221012 * https://bugzilla.suse.com/show_bug.cgi?id=1221015 * https://bugzilla.suse.com/show_bug.cgi?id=1221022 * https://bugzilla.suse.com/show_bug.cgi?id=1221039 * https://bugzilla.suse.com/show_bug.cgi?id=1221040 * https://bugzilla.suse.com/show_bug.cgi?id=1221044 * https://bugzilla.suse.com/show_bug.cgi?id=1221045 * https://bugzilla.suse.com/show_bug.cgi?id=1221046 * https://bugzilla.suse.com/show_bug.cgi?id=1221048 * https://bugzilla.suse.com/show_bug.cgi?id=1221055 * https://bugzilla.suse.com/show_bug.cgi?id=1221056 * https://bugzilla.suse.com/show_bug.cgi?id=1221058 * https://bugzilla.suse.com/show_bug.cgi?id=1221060 * https://bugzilla.suse.com/show_bug.cgi?id=1221061 * https://bugzilla.suse.com/show_bug.cgi?id=1221062 * https://bugzilla.suse.com/show_bug.cgi?id=1221066 * https://bugzilla.suse.com/show_bug.cgi?id=1221067 * https://bugzilla.suse.com/show_bug.cgi?id=1221068 * https://bugzilla.suse.com/show_bug.cgi?id=1221069 * https://bugzilla.suse.com/show_bug.cgi?id=1221070 * https://bugzilla.suse.com/show_bug.cgi?id=1221071 * https://bugzilla.suse.com/show_bug.cgi?id=1221077 * https://bugzilla.suse.com/show_bug.cgi?id=1221082 * https://bugzilla.suse.com/show_bug.cgi?id=1221090 * https://bugzilla.suse.com/show_bug.cgi?id=1221097 * https://bugzilla.suse.com/show_bug.cgi?id=1221156 * https://bugzilla.suse.com/show_bug.cgi?id=1221252 * https://bugzilla.suse.com/show_bug.cgi?id=1221273 * https://bugzilla.suse.com/show_bug.cgi?id=1221274 * https://bugzilla.suse.com/show_bug.cgi?id=1221276 * https://bugzilla.suse.com/show_bug.cgi?id=1221277 * https://bugzilla.suse.com/show_bug.cgi?id=1221291 * https://bugzilla.suse.com/show_bug.cgi?id=1221293 * https://bugzilla.suse.com/show_bug.cgi?id=1221298 * https://bugzilla.suse.com/show_bug.cgi?id=1221337 * https://bugzilla.suse.com/show_bug.cgi?id=1221338 * https://bugzilla.suse.com/show_bug.cgi?id=1221375 * https://bugzilla.suse.com/show_bug.cgi?id=1221379 * https://bugzilla.suse.com/show_bug.cgi?id=1221551 * https://bugzilla.suse.com/show_bug.cgi?id=1221553 * https://bugzilla.suse.com/show_bug.cgi?id=1221613 * https://bugzilla.suse.com/show_bug.cgi?id=1221614 * https://bugzilla.suse.com/show_bug.cgi?id=1221616 * https://bugzilla.suse.com/show_bug.cgi?id=1221618 * https://bugzilla.suse.com/show_bug.cgi?id=1221631 * https://bugzilla.suse.com/show_bug.cgi?id=1221633 * https://bugzilla.suse.com/show_bug.cgi?id=1221713 * https://bugzilla.suse.com/show_bug.cgi?id=1221725 * https://bugzilla.suse.com/show_bug.cgi?id=1221777 * https://bugzilla.suse.com/show_bug.cgi?id=1221814 * https://bugzilla.suse.com/show_bug.cgi?id=1221816 * https://bugzilla.suse.com/show_bug.cgi?id=1221830 * https://bugzilla.suse.com/show_bug.cgi?id=1221951 * https://bugzilla.suse.com/show_bug.cgi?id=1222033 * https://bugzilla.suse.com/show_bug.cgi?id=1222056 * https://bugzilla.suse.com/show_bug.cgi?id=1222060 * https://bugzilla.suse.com/show_bug.cgi?id=1222070 * https://bugzilla.suse.com/show_bug.cgi?id=1222073 * https://bugzilla.suse.com/show_bug.cgi?id=1222117 * https://bugzilla.suse.com/show_bug.cgi?id=1222274 * https://bugzilla.suse.com/show_bug.cgi?id=1222291 * https://bugzilla.suse.com/show_bug.cgi?id=1222300 * https://bugzilla.suse.com/show_bug.cgi?id=1222304 * https://bugzilla.suse.com/show_bug.cgi?id=1222317 * https://bugzilla.suse.com/show_bug.cgi?id=1222331 * https://bugzilla.suse.com/show_bug.cgi?id=1222355 * https://bugzilla.suse.com/show_bug.cgi?id=1222356 * https://bugzilla.suse.com/show_bug.cgi?id=1222360 * https://bugzilla.suse.com/show_bug.cgi?id=1222366 * https://bugzilla.suse.com/show_bug.cgi?id=1222373 * https://bugzilla.suse.com/show_bug.cgi?id=1222619 * https://jira.suse.com/browse/PED-5759 * https://jira.suse.com/browse/PED-7167 * https://jira.suse.com/browse/PED-7618 * https://jira.suse.com/browse/PED-7619 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Apr 18 16:31:04 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 18 Apr 2024 16:31:04 -0000 Subject: SUSE-SU-2024:1332-2: important: Security update for the Linux Kernel Message-ID: <171345786497.17084.10292201095708965742@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2024:1332-2 Rating: important References: * bsc#1194869 * bsc#1200465 * bsc#1205316 * bsc#1207948 * bsc#1209635 * bsc#1209657 * bsc#1212514 * bsc#1213456 * bsc#1214852 * bsc#1215221 * bsc#1215322 * bsc#1217339 * bsc#1217959 * bsc#1217987 * bsc#1217988 * bsc#1217989 * bsc#1218321 * bsc#1218336 * bsc#1218479 * bsc#1218643 * bsc#1218777 * bsc#1219169 * bsc#1219170 * bsc#1219264 * bsc#1219834 * bsc#1220114 * bsc#1220176 * bsc#1220237 * bsc#1220251 * bsc#1220320 * bsc#1220337 * bsc#1220340 * bsc#1220365 * bsc#1220366 * bsc#1220398 * bsc#1220411 * bsc#1220413 * bsc#1220439 * bsc#1220443 * bsc#1220445 * bsc#1220466 * bsc#1220478 * bsc#1220482 * bsc#1220484 * bsc#1220486 * bsc#1220487 * bsc#1220492 * bsc#1220703 * bsc#1220775 * bsc#1220790 * bsc#1220797 * bsc#1220831 * bsc#1220833 * bsc#1220836 * bsc#1220839 * bsc#1220840 * bsc#1220843 * bsc#1220870 * bsc#1220871 * bsc#1220872 * bsc#1220878 * bsc#1220879 * bsc#1220883 * bsc#1220885 * bsc#1220887 * bsc#1220898 * bsc#1220918 * bsc#1220920 * bsc#1220921 * bsc#1220926 * bsc#1220927 * bsc#1220929 * bsc#1220932 * bsc#1220937 * bsc#1220938 * bsc#1220940 * bsc#1220954 * bsc#1220955 * bsc#1220959 * bsc#1220960 * bsc#1220961 * bsc#1220965 * bsc#1220969 * bsc#1220978 * bsc#1220979 * bsc#1220981 * bsc#1220982 * bsc#1220983 * bsc#1220985 * bsc#1220986 * bsc#1220987 * bsc#1220989 * bsc#1220990 * bsc#1221009 * bsc#1221012 * bsc#1221015 * bsc#1221022 * bsc#1221039 * bsc#1221040 * bsc#1221044 * bsc#1221045 * bsc#1221046 * bsc#1221048 * bsc#1221055 * bsc#1221056 * bsc#1221058 * bsc#1221060 * bsc#1221061 * bsc#1221062 * bsc#1221066 * bsc#1221067 * bsc#1221068 * bsc#1221069 * bsc#1221070 * bsc#1221071 * bsc#1221077 * bsc#1221082 * bsc#1221090 * bsc#1221097 * bsc#1221156 * bsc#1221252 * bsc#1221273 * bsc#1221274 * bsc#1221276 * bsc#1221277 * bsc#1221291 * bsc#1221293 * bsc#1221298 * bsc#1221337 * bsc#1221338 * bsc#1221375 * bsc#1221379 * bsc#1221551 * bsc#1221553 * bsc#1221613 * bsc#1221614 * bsc#1221616 * bsc#1221618 * bsc#1221631 * bsc#1221633 * bsc#1221713 * bsc#1221777 * bsc#1221814 * bsc#1221816 * bsc#1221830 * bsc#1221951 * bsc#1222033 * bsc#1222056 * bsc#1222060 * bsc#1222070 * bsc#1222073 * bsc#1222117 * bsc#1222274 * bsc#1222291 * bsc#1222300 * bsc#1222304 * bsc#1222317 * bsc#1222331 * bsc#1222355 * bsc#1222356 * bsc#1222360 * bsc#1222366 * bsc#1222373 * bsc#1222619 * jsc#PED-5759 * jsc#PED-7167 * jsc#PED-7619 Cross-References: * CVE-2021-46925 * CVE-2021-46926 * CVE-2021-46927 * CVE-2021-46929 * CVE-2021-46930 * CVE-2021-46931 * CVE-2021-46933 * CVE-2021-46936 * CVE-2021-47082 * CVE-2021-47087 * CVE-2021-47091 * CVE-2021-47093 * CVE-2021-47094 * CVE-2021-47095 * CVE-2021-47096 * CVE-2021-47097 * CVE-2021-47098 * CVE-2021-47099 * CVE-2021-47100 * CVE-2021-47101 * CVE-2021-47102 * CVE-2021-47104 * CVE-2021-47105 * CVE-2021-47107 * CVE-2021-47108 * CVE-2022-4744 * CVE-2022-48626 * CVE-2022-48629 * CVE-2022-48630 * CVE-2023-0160 * CVE-2023-28746 * CVE-2023-35827 * CVE-2023-4881 * CVE-2023-52447 * CVE-2023-52450 * CVE-2023-52453 * CVE-2023-52454 * CVE-2023-52469 * CVE-2023-52470 * CVE-2023-52474 * CVE-2023-52476 * CVE-2023-52477 * CVE-2023-52481 * CVE-2023-52484 * CVE-2023-52486 * CVE-2023-52492 * CVE-2023-52493 * CVE-2023-52494 * CVE-2023-52497 * CVE-2023-52500 * CVE-2023-52501 * CVE-2023-52502 * CVE-2023-52504 * CVE-2023-52507 * CVE-2023-52508 * CVE-2023-52509 * CVE-2023-52510 * CVE-2023-52511 * CVE-2023-52513 * CVE-2023-52515 * CVE-2023-52517 * CVE-2023-52518 * CVE-2023-52519 * CVE-2023-52520 * CVE-2023-52523 * CVE-2023-52524 * CVE-2023-52525 * CVE-2023-52528 * CVE-2023-52529 * CVE-2023-52532 * CVE-2023-52563 * CVE-2023-52564 * CVE-2023-52566 * CVE-2023-52567 * CVE-2023-52569 * CVE-2023-52574 * CVE-2023-52575 * CVE-2023-52576 * CVE-2023-52582 * CVE-2023-52583 * CVE-2023-52587 * CVE-2023-52591 * CVE-2023-52594 * CVE-2023-52595 * CVE-2023-52597 * CVE-2023-52598 * CVE-2023-52599 * CVE-2023-52600 * CVE-2023-52601 * CVE-2023-52602 * CVE-2023-52603 * CVE-2023-52604 * CVE-2023-52605 * CVE-2023-52606 * CVE-2023-52607 * CVE-2023-52608 * CVE-2023-52612 * CVE-2023-52615 * CVE-2023-52617 * CVE-2023-52619 * CVE-2023-52621 * CVE-2023-52623 * CVE-2023-52628 * CVE-2023-52632 * CVE-2023-52637 * CVE-2023-52639 * CVE-2023-6356 * CVE-2023-6535 * CVE-2023-6536 * CVE-2023-7042 * CVE-2023-7192 * CVE-2024-0841 * CVE-2024-2201 * CVE-2024-22099 * CVE-2024-23307 * CVE-2024-25739 * CVE-2024-26599 * CVE-2024-26600 * CVE-2024-26602 * CVE-2024-26612 * CVE-2024-26614 * CVE-2024-26620 * CVE-2024-26627 * CVE-2024-26629 * CVE-2024-26642 * CVE-2024-26645 * CVE-2024-26646 * CVE-2024-26651 * CVE-2024-26654 * CVE-2024-26659 * CVE-2024-26664 * CVE-2024-26667 * CVE-2024-26670 * CVE-2024-26695 * CVE-2024-26717 CVSS scores: * CVE-2021-46925 ( SUSE ): 5.3 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46925 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46926 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46927 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46927 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46929 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2021-46929 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46930 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2021-46930 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46931 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46931 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46933 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2021-46933 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46936 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46936 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47082 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47087 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2021-47093 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H * CVE-2021-47094 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2021-47095 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47096 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2021-47097 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2021-47099 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47100 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47101 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2021-47102 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47104 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2021-47105 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2021-47107 ( SUSE ): 6.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2021-47108 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-4744 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-4744 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48626 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2022-48626 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48629 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2022-48630 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-0160 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-0160 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-28746 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2023-35827 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-4881 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L * CVE-2023-4881 ( NVD ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2023-52447 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52447 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52450 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52450 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52454 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52469 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2023-52469 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52470 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52470 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52474 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N * CVE-2023-52474 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52476 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52477 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52484 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52486 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52492 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52493 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52494 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52497 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2023-52500 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2023-52501 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2023-52502 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52504 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52507 ( SUSE ): 5.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2023-52508 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52509 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52510 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52511 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52513 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52515 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52517 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52518 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52519 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52520 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52523 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52524 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52525 ( SUSE ): 3.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2023-52528 ( SUSE ): 3.5 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L * CVE-2023-52529 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52532 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52563 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52564 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52566 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52567 ( SUSE ): 2.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L * CVE-2023-52569 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52574 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52575 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52576 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52582 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52583 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52587 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52591 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2023-52594 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52595 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52597 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:H * CVE-2023-52598 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52603 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52605 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52606 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52607 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52608 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52612 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H * CVE-2023-52615 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52617 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52619 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52621 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52623 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52628 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52632 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52637 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52639 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6356 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6356 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6535 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6535 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6536 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6536 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-7042 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-7042 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-7192 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-7192 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0841 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0841 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-2201 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-22099 ( SUSE ): 5.3 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-22099 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-23307 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-25739 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-25739 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26599 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L * CVE-2024-26599 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26600 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26600 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26602 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-26602 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26612 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26614 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26627 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26629 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-26642 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26645 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26646 ( SUSE ): 4.9 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2024-26651 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26654 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26659 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26664 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26667 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26670 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26695 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26717 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.5 * Public Cloud Module 15-SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves 135 vulnerabilities, contains three features and has 29 security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP5 Azure kernel was updated to receive various security bugfixes. NOTE: This update has been retracted due to a bug in the BHI CPU sidechannel mitigation, which led to incorrect selection of other CPU mitigations. The following security bugs were fixed: * CVE-2021-46925: Fixed kernel panic caused by race of smc_sock (bsc#1220466). * CVE-2021-46926: Fixed bug when detecting controllers in ALSA/hda/intel-sdw- acpi (bsc#1220478). * CVE-2021-46927: Fixed assertion bug in nitro_enclaves: Use get_user_pages_unlocked() (bsc#1220443). * CVE-2021-46929: Fixed use-after-free issue in sctp_sock_dump() (bsc#1220482). * CVE-2021-46930: Fixed usb/mtu3 list_head check warning (bsc#1220484). * CVE-2021-46931: Fixed wrong type casting in mlx5e_tx_reporter_dump_sq() (bsc#1220486). * CVE-2021-46933: Fixed possible underflow in ffs_data_clear() (bsc#1220487). * CVE-2021-46936: Fixed use-after-free in tw_timer_handler() (bsc#1220439). * CVE-2021-47082: Fixed ouble free in tun_free_netdev() (bsc#1220969). * CVE-2021-47087: Fixed incorrect page free bug in tee/optee (bsc#1220954). * CVE-2021-47091: Fixed locking in ieee80211_start_ap()) error path (bsc#1220959). * CVE-2021-47093: Fixed memleak on registration failure in intel_pmc_core (bsc#1220978). * CVE-2021-47094: Fixed possible memory leak in KVM x86/mmu (bsc#1221551). * CVE-2021-47095: Fixed missing initialization in ipmi/ssif (bsc#1220979). * CVE-2021-47096: Fixed uninitalized user_pversion in ALSA rawmidi (bsc#1220981). * CVE-2021-47097: Fixed stack out of bound access in elantech_change_report_id() (bsc#1220982). * CVE-2021-47098: Fixed integer overflow/underflow in hysteresis calculations hwmon: (lm90) (bsc#1220983). * CVE-2021-47099: Fixed BUG_ON assertion in veth when skb entering GRO are cloned (bsc#1220955). * CVE-2021-47100: Fixed UAF when uninstall in ipmi (bsc#1220985). * CVE-2021-47101: Fixed uninit-value in asix_mdio_read() (bsc#1220987). * CVE-2021-47102: Fixed incorrect structure access In line: upper = info->upper_dev in net/marvell/prestera (bsc#1221009). * CVE-2021-47104: Fixed memory leak in qib_user_sdma_queue_pkts() (bsc#1220960). * CVE-2021-47105: Fixed potential memory leak in ice/xsk (bsc#1220961). * CVE-2021-47107: Fixed READDIR buffer overflow in NFSD (bsc#1220965). * CVE-2021-47108: Fixed possible NULL pointer dereference for mtk_hdmi_conf in drm/mediatek (bsc#1220986). * CVE-2022-4744: Fixed double-free that could lead to DoS or privilege escalation in TUN/TAP device driver functionality (bsc#1209635). * CVE-2022-48626: Fixed a potential use-after-free on remove path moxart (bsc#1220366). * CVE-2022-48629: Fixed possible memory leak in qcom-rng (bsc#1220989). * CVE-2022-48630: Fixed infinite loop on requests not multiple of WORD_SZ in crypto: qcom-rng (bsc#1220990). * CVE-2023-0160: Fixed deadlock flaw in BPF that could allow a local user to potentially crash the system (bsc#1209657). * CVE-2023-28746: Fixed Register File Data Sampling (bsc#1213456). * CVE-2023-35827: Fixed a use-after-free issue in ravb_tx_timeout_work() (bsc#1212514). * CVE-2023-4881: Fixed a out-of-bounds write flaw in the netfilter subsystem that could lead to potential information disclosure or a denial of service (bsc#1215221). * CVE-2023-52447: Fixed map_fd_put_ptr() signature kABI workaround (bsc#1220251). * CVE-2023-52450: Fixed NULL pointer dereference issue in upi_fill_topology() (bsc#1220237). * CVE-2023-52453: Fixed data corruption in hisi_acc_vfio_pci (bsc#1220337). * CVE-2023-52454: Fixed a kernel panic when host sends an invalid H2C PDU length (bsc#1220320). * CVE-2023-52469: Fixed a use-after-free in kv_parse_power_table (bsc#1220411). * CVE-2023-52470: Fixed null-ptr-deref in radeon_crtc_init() (bsc#1220413). * CVE-2023-52474: Fixed a vulnerability with non-PAGE_SIZE-end multi-iovec user SDMA requests (bsc#1220445). * CVE-2023-52476: Fixed possible unhandled page fault via perf sampling NMI during vsyscall (bsc#1220703). * CVE-2023-52477: Fixed USB Hub accesses to uninitialized BOS descriptors (bsc#1220790). * CVE-2023-52481: Fixed speculative unprivileged load in Cortex-A520 (bsc#1220887). * CVE-2023-52484: Fixed a soft lockup triggered by arm_smmu_mm_invalidate_range (bsc#1220797). * CVE-2023-52486: Fixed possible use-after-free in drm (bsc#1221277). * CVE-2023-52492: Fixed a null-pointer-dereference in channel unregistration function __dma_async_device_channel_register() (bsc#1221276). * CVE-2023-52493: Fixed possible soft lockup in bus/mhi/host (bsc#1221274). * CVE-2023-52494: Fixed missing alignment check for event ring read pointer in bus/mhi/host (bsc#1221273). * CVE-2023-52497: Fixed data corruption in erofs (bsc#1220879). * CVE-2023-52500: Fixed information leaking when processing OPC_INB_SET_CONTROLLER_CONFIG command (bsc#1220883). * CVE-2023-52501: Fixed possible memory corruption in ring-buffer (bsc#1220885). * CVE-2023-52502: Fixed a race condition in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() (bsc#1220831). * CVE-2023-52504: Fixed possible out-of bounds in apply_alternatives() on a 5-level paging machine (bsc#1221553). * CVE-2023-52507: Fixed possible shift-out-of-bounds in nfc/nci (bsc#1220833). * CVE-2023-52508: Fixed null pointer dereference in nvme_fc_io_getuuid() (bsc#1221015). * CVE-2023-52509: Fixed a use-after-free issue in ravb_tx_timeout_work() (bsc#1220836). * CVE-2023-52510: Fixed a potential UAF in ca8210_probe() (bsc#1220898). * CVE-2023-52511: Fixed possible memory corruption in spi/sun6i (bsc#1221012). * CVE-2023-52513: Fixed connection failure handling in RDMA/siw (bsc#1221022). * CVE-2023-52515: Fixed possible use-after-free in RDMA/srp (bsc#1221048). * CVE-2023-52517: Fixed race between DMA RX transfer completion and RX FIFO drain in spi/sun6i (bsc#1221055). * CVE-2023-52518: Fixed information leak in bluetooth/hci_codec (bsc#1221056). * CVE-2023-52519: Fixed possible overflow in HID/intel-ish-hid/ipc (bsc#1220920). * CVE-2023-52520: Fixed reference leak in platform/x86/think-lmi (bsc#1220921). * CVE-2023-52523: Fixed wrong redirects to non-TCP sockets in bpf (bsc#1220926). * CVE-2023-52524: Fixed possible corruption in nfc/llcp (bsc#1220927). * CVE-2023-52525: Fixed out of bounds check mwifiex_process_rx_packet() (bsc#1220840). * CVE-2023-52528: Fixed uninit-value access in __smsc75xx_read_reg() (bsc#1220843). * CVE-2023-52529: Fixed a potential memory leak in sony_probe() (bsc#1220929). * CVE-2023-52532: Fixed a bug in TX CQE error handling (bsc#1220932). * CVE-2023-52563: Fixed memory leak on ->hpd_notify callback() in drm/meson (bsc#1220937). * CVE-2023-52564: Reverted invalid fix for UAF in gsm_cleanup_mux() (bsc#1220938). * CVE-2023-52566: Fixed potential use after free in nilfs_gccache_submit_read_data() (bsc#1220940). * CVE-2023-52567: Fixed possible Oops in serial/8250_port: when using IRQ polling (irq = 0) (bsc#1220839). * CVE-2023-52569: Fixed a bug in btrfs by remoning BUG() after failure to insert delayed dir index item (bsc#1220918). * CVE-2023-52574: Fixed a bug by hiding new member header_ops (bsc#1220870). * CVE-2023-52575: Fixed SBPB enablement for spec_rstack_overflow=off (bsc#1220871). * CVE-2023-52576: Fixed potential use after free in memblock_isolate_range() (bsc#1220872). * CVE-2023-52582: Fixed possible oops in netfs (bsc#1220878). * CVE-2023-52583: Fixed deadlock or deadcode of misusing dget() inside ceph (bsc#1221058). * CVE-2023-52587: Fixed mcast list locking in IB/ipoib (bsc#1221082). * CVE-2023-52591: Fixed a possible reiserfs filesystem corruption via directory renaming (bsc#1221044). * CVE-2023-52594: Fixed potential array-index-out-of-bounds read in ath9k_htc_txstatus() (bsc#1221045). * CVE-2023-52595: Fixed possible deadlock in wifi/rt2x00 (bsc#1221046). * CVE-2023-52597: Fixed a setting of fpc register in KVM (bsc#1221040). * CVE-2023-52598: Fixed wrong setting of fpc register in s390/ptrace (bsc#1221060). * CVE-2023-52599: Fixed array-index-out-of-bounds in diNewExt() in jfs (bsc#1221062). * CVE-2023-52600: Fixed uaf in jfs_evict_inode() (bsc#1221071). * CVE-2023-52601: Fixed array-index-out-of-bounds in dbAdjTree() in jfs (bsc#1221068). * CVE-2023-52602: Fixed slab-out-of-bounds Read in dtSearch() in jfs (bsc#1221070). * CVE-2023-52603: Fixed array-index-out-of-bounds in dtSplitRoot() (bsc#1221066). * CVE-2023-52604: Fixed array-index-out-of-bounds in dbAdjTree() (bsc#1221067). * CVE-2023-52605: Fixed a NULL pointer dereference check (bsc#1221039) * CVE-2023-52606: Fixed possible kernel stack corruption in powerpc/lib (bsc#1221069). * CVE-2023-52607: Fixed a null-pointer-dereference in pgtable_cache_add kasprintf() (bsc#1221061). * CVE-2023-52608: Fixed possible race condition in firmware/arm_scmi (bsc#1221375). * CVE-2023-52612: Fixed req->dst buffer overflow in crypto/scomp (bsc#1221616). * CVE-2023-52615: Fixed page fault dead lock on mmap-ed hwrng (bsc#1221614). * CVE-2023-52617: Fixed stdev_release() crash after surprise hot remove (bsc#1221613). * CVE-2023-52619: Fixed possible crash when setting number of cpus to an odd number in pstore/ram (bsc#1221618). * CVE-2023-52621: Fixed missing asserion in bpf (bsc#1222073). * CVE-2023-52623: Fixed suspicious RCU usage in SUNRPC (bsc#1222060). * CVE-2023-52628: Fixed 4-byte stack OOB write in nftables (bsc#1222117). * CVE-2023-52632: Fixed lock dependency warning with srcu in drm/amdkfd (bsc#1222274). * CVE-2023-52637: Fixed UAF in j1939_sk_match_filter() in can/k1939 (bsc#1222291). * CVE-2023-52639: Fixed race during shadow creation in KVM/s390/vsie Fixed (bsc#1222300). * CVE-2023-6356: Fixed a NULL pointer dereference in nvmet_tcp_build_pdu_iovec (bsc#1217987). * CVE-2023-6535: Fixed a NULL pointer dereference in nvmet_tcp_execute_request (bsc#1217988). * CVE-2023-6536: Fixed a NULL pointer dereference in __nvmet_req_complete (bsc#1217989). * CVE-2023-7042: Fixed a null-pointer-dereference in ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() (bsc#1218336). * CVE-2023-7192: Fixed a memory leak problem in ctnetlink_create_conntrack in net/netfilter/nf_conntrack_netlink.c (bsc#1218479). * CVE-2024-0841: Fixed null pointer dereference in hugetlbfs_fill_super() (bsc#1219264). * CVE-2024-2201: Fixed information leak in x86/BHI (bsc#1217339). * CVE-2024-22099: Fixed a null-pointer-dereference in rfcomm_check_security (bsc#1219170). * CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5 modules (bsc#1219169). * CVE-2024-25739: Fixed possible crash in create_empty_lvol() in drivers/mtd/ubi/vtbl.c (bsc#1219834). * CVE-2024-26599: Fixed out-of-bounds access in of_pwm_single_xlate() (bsc#1220365). * CVE-2024-26600: Fixed NULL pointer dereference for SRP in phy-omap-usb2 (bsc#1220340). * CVE-2024-26602: Fixed overall slowdowns with sys_membarrier (bsc1220398). * CVE-2024-26612: Fixed Oops in fscache_put_cache() This function dereferences (bsc#1221291). * CVE-2024-26614: Fixed the initialization of accept_queue's spinlocks (bsc#1221293). * CVE-2024-26620: Fixed possible device model violation in s390/vfio-ap (bsc#1221298). * CVE-2024-26627: Fixed possible hard lockup in scsi (bsc#1221090). * CVE-2024-26629: Fixed possible protocol violation via RELEASE_LOCKOWNER in nfsd (bsc#1221379). * CVE-2024-26642: Fixed the set of anonymous timeout flag in netfilter nf_tables (bsc#1221830). * CVE-2024-26645: Fixed missing visibility when inserting an element into tracing_map (bsc#1222056). * CVE-2024-26646: Fixed potential memory corruption when resuming from suspend or hibernation in thermal/intel/hfi (bsc#1222070). * CVE-2024-26651: Fixed possible oops via malicious devices in sr9800 (bsc#1221337). * CVE-2024-26654: Fixed use after free in ALSA/sh/aica (bsc#1222304). * CVE-2024-26659: Fixed wrong handling of isoc Babble and Buffer Overrun events in xhci (bsc#1222317). * CVE-2024-26664: Fixed out-of-bounds memory access in create_core_data() in hwmon coretemp (bsc#1222355). * CVE-2024-26667: Fixed null pointer reference in dpu_encoder_helper_phys_cleanup in drm/msm/dpu (bsc#1222331). * CVE-2024-26670: Fixed ARM64_WORKAROUND_SPECULATIVE_UNPRIV_LOAD workaround in kernel arm64 (bsc#1222356). * CVE-2024-26695: Fixed null pointer dereference in __sev_platform_shutdown_locked in crypto ccp (bsc#1222373). * CVE-2024-26717: Fixed null pointer dereference on failed power up in HID i2c-hid-of (bsc#1222360). The following non-security bugs were fixed: * Revert "PCI: tegra194: Enable support for 256 Byte payload" (git-fixes). * Revert "Revert "drm/amdgpu/display: change pipe policy for DCN 2.0"" (git- fixes). * Revert "SUNRPC dont update timeout value on connection reset" (git-fixes). * Revert "drm/amd: Disable PSR-SU on Parade 0803 TCON" (git-fixes). * Revert "drm/amd: Disable S/G for APUs when 64GB or more host memory" (git- fixes). * Revert "drm/amdgpu/display: change pipe policy for DCN 2.0" (git-fixes). * Revert "drm/amdgpu/display: change pipe policy for DCN 2.1" (git-fixes). * Revert "drm/vc4: hdmi: Enforce the minimum rate at runtime_resume" (git- fixes). * Revert "fbdev: flush deferred IO before closing (git-fixes)." (bsc#1221814) * acpi: CPPC: enable AMD CPPC V2 support for family 17h processors (git- fixes). * acpi: processor_idle: Fix memory leak in acpi_processor_power_exit() (git- fixes). * acpi: resource: Add Infinity laptops to irq1_edge_low_force_override (stable-fixes). * acpi: resource: Add MAIBENBEN X577 to irq1_edge_low_force_override (git- fixes). * acpi: resource: Do IRQ override on Lunnen Ground laptops (stable-fixes). * acpi: scan: Fix device check notification handling (git-fixes). * acpica: debugger: check status of acpi_evaluate_object() in acpi_db_walk_for_fields() (git-fixes). * alsa: aaci: Delete unused variable in aaci_do_suspend (git-fixes). * alsa: aoa: avoid false-positive format truncation warning (git-fixes). * alsa: aw2: avoid casting function pointers (git-fixes). * alsa: ctxfi: avoid casting function pointers (git-fixes). * alsa: hda/realtek - ALC285 reduce pop noise from Headphone port (stable- fixes). * alsa: hda/realtek - Add Headset Mic supported Acer NB platform (stable- fixes). * alsa: hda/realtek - Fix headset Mic no show at resume back for Lenovo ALC897 platform (git-fixes). * alsa: hda/realtek: Enable Mute LED on HP 840 G8 (MB 8AB8) (git-fixes). * alsa: hda/realtek: Update Panasonic CF-SZ6 quirk to support headset with microphone (git-fixes). * alsa: hda/realtek: fix ALC285 issues on HP Envy x360 laptops (stable-fixes). * alsa: hda/realtek: fix mute/micmute LED For HP mt440 (git-fixes). * alsa: hda/realtek: fix mute/micmute LEDs for HP EliteBook (stable-fixes). * alsa: seq: fix function cast warnings (git-fixes). * alsa: sh: aica: reorder cleanup operations to avoid UAF bugs (git-fixes). * alsa: usb-audio: Stop parsing channels bits when all channels are found (git-fixes). * arm64: dts: allwinner: h6: Add RX DMA channel for SPDIF (git-fixes) * arm64: dts: broadcom: bcmbca: bcm4908: drop invalid switch cells (git-fixes) * arm64: dts: imx8mm-kontron: Add support for ultra high speed modes on (git- fixes) * arm64: dts: imx8mm-venice-gw71xx: fix USB OTG VBUS (git-fixes) * arm64: dts: marvell: reorder crypto interrupts on Armada SoCs (git-fixes) * arm64: dts: rockchip: add ES8316 codec for ROCK Pi 4 (git-fixes) * arm64: dts: rockchip: add SPDIF node for ROCK Pi 4 (git-fixes) * arm64: dts: rockchip: fix regulator name on rk3399-rock-4 (git-fixes) * arm64: dts: rockchip: set num-cs property for spi on px30 (git-fixes) * arm64: mm: fix VA-range sanity check (git-fixes) * arm64: set __exception_irq_entry with __irq_entry as a default (git-fixes) * asoc: Intel: bytcr_rt5640: Add an extra entry for the Chuwi Vi8 tablet (stable-fixes). * asoc: amd: acp: Add missing error handling in sof-mach (git-fixes). * asoc: amd: acp: fix for acp_init function error handling (git-fixes). * asoc: madera: Fix typo in madera_set_fll_clks shift value (git-fixes). * asoc: meson: Use dev_err_probe() helper (stable-fixes). * asoc: meson: aiu: fix function pointer type mismatch (git-fixes). * asoc: meson: axg-tdm-interface: add frame rate constraint (git-fixes). * asoc: meson: axg-tdm-interface: fix mclk setup without mclk-fs (git-fixes). * asoc: meson: t9015: fix function pointer type mismatch (git-fixes). * asoc: ops: Fix wraparound for mask in snd_soc_get_volsw (git-fixes). * asoc: rcar: adg: correct TIMSEL setting for SSI9 (git-fixes). * asoc: rt5645: Make LattePanda board DMI match more precise (stable-fixes). * asoc: rt5682-sdw: fix locking sequence (git-fixes). * asoc: rt711-sdca: fix locking sequence (git-fixes). * asoc: rt711-sdw: fix locking sequence (git-fixes). * asoc: wm8962: Enable both SPKOUTR_ENA and SPKOUTL_ENA in mono mode (stable- fixes). * asoc: wm8962: Enable oscillator if selecting WM8962_FLL_OSC (stable-fixes). * asoc: wm8962: Fix up incorrect error message in wm8962_set_fll (stable- fixes). * ata: sata_mv: Fix PCI device ID table declaration compilation warning (git- fixes). * ata: sata_sx4: fix pdc20621_get_from_dimm() on 64-bit (git-fixes). * backlight: da9052: Fully initialize backlight_properties during probe (git- fixes). * backlight: lm3630a: Do not set bl->props.brightness in get_brightness (git- fixes). * backlight: lm3630a: Initialize backlight_properties on init (git-fixes). * backlight: lm3639: Fully initialize backlight_properties during probe (git- fixes). * backlight: lp8788: Fully initialize backlight_properties during probe (git- fixes). * blocklayoutdriver: Fix reference leak of pnfs_device_node (git-fixes). * bluetooth: hci_core: Fix possible buffer overflow (git-fixes). * bluetooth: mgmt: Remove leftover queuing of power_off work (git-fixes). * bluetooth: remove HCI_POWER_OFF_TIMEOUT (git-fixes). * bluetooth: remove superfluous call to hci_conn_check_pending() (git-fixes). * bluetooth: rfcomm: Fix null-ptr-deref in rfcomm_check_security (stable- fixes). * bpf, scripts: Correct GPL license name (git-fixes). * bpf, sockmap: Fix preempt_rt splat when using raw_spin_lock_t (git-fixes). * can: softing: remove redundant NULL check (git-fixes). * clk: zynq: Prevent null pointer dereference caused by kmalloc failure (git- fixes). * comedi: comedi_test: Prevent timers rescheduling during deletion (git- fixes). * coresight: etm4x: Do not access TRCIDR1 for identification (bsc#1220775) * coresight: etm4x: Fix accesses to TRCSEQRSTEVR and TRCSEQSTR (bsc#1220775) * coresight: etm: Override TRCIDR3.CCITMIN on errata affected cpus (bsc#1220775) * cpufreq: amd-pstate: Fix min_perf assignment in amd_pstate_adjust_perf() (git-fixes). * cpufreq: brcmstb-avs-cpufreq: add check for cpufreq_cpu_get's return value (git-fixes). * crypto: arm/sha - fix function cast warnings (git-fixes). * crypto: qat - avoid division by zero (git-fixes). * crypto: qat - fix deadlock in backlog processing (git-fixes). * crypto: qat - fix double free during reset (git-fixes). * crypto: qat - fix state machines cleanup paths (bsc#1218321). * crypto: qat - fix unregistration of compression algorithms (git-fixes). * crypto: qat - fix unregistration of crypto algorithms (git-fixes). * crypto: qat - ignore subsequent state up commands (git-fixes). * crypto: qat - increase size of buffers (git-fixes). * crypto: qat - resolve race condition during AER recovery (git-fixes). * crypto: xilinx - call finalize with bh disabled (git-fixes). * doc-guide: kernel-doc: tell about object-like macros (git-fixes). * doc/README.SUSE: Update information about module support status (jsc#PED-5759) * drivers: hv: vmbus: Calculate ring buffer size for more efficient use of memory (git-fixes). * drm/amd/display: Add FAMS validation before trying to use it (git-fixes). * drm/amd/display: Add function for validate and update new stream (git- fixes). * drm/amd/display: Avoid ABM when ODM combine is enabled for eDP (git-fixes). * drm/amd/display: Blocking invalid 420 modes on HDMI TMDS for DCN31 (git- fixes). * drm/amd/display: Check if link state is valid (git-fixes). * drm/amd/display: Copy DC context in the commit streams (git-fixes). * drm/amd/display: Disable PSR-SU on Parade 0803 TCON again (git-fixes). * drm/amd/display: Enable fast plane updates on DCN3.2 and above (git-fixes). * drm/amd/display: Enable new commit sequence only for DCN32x (git-fixes). * drm/amd/display: Exit idle optimizations before attempt to access PHY (git- fixes). * drm/amd/display: Expand kernel doc for DC (git-fixes). * drm/amd/display: Fix a bug when searching for insert_above_mpcc (git-fixes). * drm/amd/display: Fix a potential buffer overflow in 'dp_dsc_clock_en_read()' (git-fixes). * drm/amd/display: Fix possible underflow for displays with large vblank (git- fixes). * drm/amd/display: Fix the delta clamping for shaper LUT (git-fixes). * drm/amd/display: Fix underflow issue on 175hz timing (git-fixes). * drm/amd/display: For prefetch mode > 0, extend prefetch if possible (git- fixes). * drm/amd/display: Guard DCN31 PHYD32CLK logic against chip family (git- fixes). * drm/amd/display: Guard against invalid RPTR/WPTR being set (git-fixes). * drm/amd/display: Handle seamless boot stream (git-fixes). * drm/amd/display: Handle virtual hardware detect (git-fixes). * drm/amd/display: Include surface of unaffected streams (git-fixes). * drm/amd/display: Include udelay when waiting for INBOX0 ACK (git-fixes). * drm/amd/display: Increase frame warning limit with KASAN or KCSAN in dml (git-fixes). * drm/amd/display: Keep PHY active for dp config (git-fixes). * drm/amd/display: Prevent vtotal from being set to 0 (git-fixes). * drm/amd/display: Remove min_dst_y_next_start check for Z8 (git-fixes). * drm/amd/display: Restore rptr/wptr for DMCUB as workaround (git-fixes). * drm/amd/display: Return the correct HDCP error code (stable-fixes). * drm/amd/display: Revert vblank change that causes null pointer crash (git- fixes). * drm/amd/display: Rework comments on dc file (git-fixes). * drm/amd/display: Rework context change check (git-fixes). * drm/amd/display: Set minimum requirement for using PSR-SU on Phoenix (git- fixes). * drm/amd/display: Set minimum requirement for using PSR-SU on Rembrandt (git- fixes). * drm/amd/display: Update OTG instance in the commit stream (git-fixes). * drm/amd/display: Update correct DCN314 register header (git-fixes). * drm/amd/display: Update min Z8 residency time to 2100 for DCN314 (git- fixes). * drm/amd/display: Use DRAM speed from validation for dummy p-state (git- fixes). * drm/amd/display: Use DTBCLK as refclk instead of DPREFCLK (git-fixes). * drm/amd/display: Use min transition for all SubVP plane add/remove (git- fixes). * drm/amd/display: Write to correct dirty_rect (git-fixes). * drm/amd/display: Wrong colorimetry workaround (git-fixes). * drm/amd/display: add FB_DAMAGE_CLIPS support (git-fixes). * drm/amd/display: add ODM case when looking for first split pipe (git-fixes). * drm/amd/display: always switch off ODM before committing more streams (git- fixes). * drm/amd/display: clean code-style issues in dcn30_set_mpc_shaper_3dlut (git- fixes). * drm/amd/display: dc.h: eliminate kernel-doc warnings (git-fixes). * drm/amd/display: ensure async flips are only accepted for fast updates (git- fixes). * drm/amd/display: fix ABM disablement (git-fixes). * drm/amd/display: fix a NULL pointer dereference in amdgpu_dm_i2c_xfer() (git-fixes). * drm/amd/display: fix dc/core/dc.c kernel-doc (git-fixes). * drm/amd/display: fix hw rotated modes when PSR-SU is enabled (git-fixes). * drm/amd/display: fix kernel-doc issues in dc.h (git-fixes). * drm/amd/display: fix unbounded requesting for high pixel rate modes on dcn315 (git-fixes). * drm/amd/display: handle range offsets in VRR ranges (stable-fixes). * drm/amd/display: perform a bounds check before filling dirty rectangles (git-fixes). * drm/amd/display: set per pipe dppclk to 0 when dpp is off (git-fixes). * drm/amd/display: update extended blank for dcn314 onwards (git-fixes). * drm/amd/display: use low clocks for no plane configs (git-fixes). * drm/amd/pm: Fix error of MACO flag setting code (git-fixes). * drm/amd/pm: fix a memleak in aldebaran_tables_init (git-fixes). * drm/amd/smu: use AverageGfxclkFrequency* to replace previous GFX Curr Clock (git-fixes). * drm/amd: Enable PCIe PME from D3 (git-fixes). * drm/amdgpu/pm: Fix the error of pwm1_enable setting (stable-fixes). * drm/amdgpu/pm: make gfxclock consistent for sienna cichlid (git-fixes). * drm/amdgpu/pm: make mclk consistent for smu 13.0.7 (git-fixes). * drm/amdgpu/smu13: drop compute workload workaround (git-fixes). * drm/amdgpu: Enable gpu reset for S3 abort cases on Raven series (stable- fixes). * drm/amdgpu: Fix missing break in ATOM_ARG_IMM Case of atom_get_src_int() (git-fixes). * drm/amdgpu: Force order between a read and write to the same address (git- fixes). * drm/amdgpu: Match against exact bootloader status (git-fixes). * drm/amdgpu: Unset context priority is now invalid (git-fixes). * drm/amdgpu: Update min() to min_t() in 'amdgpu_info_ioctl' (git-fixes). * drm/amdgpu: amdgpu_ttm_gart_bind set gtt bound flag (stable-fixes). * drm/amdgpu: lower CS errors to debug severity (git-fixes). * drm/amdkfd: fix TLB flush after unmap for GFX9.4.2 (stable-fixes). * drm/bridge: tc358762: Instruct DSI host to generate HSE packets (git-fixes). * drm/display: fix typo (git-fixes). * drm/edid: Add quirk for OSVR HDK 2.0 (git-fixes). * drm/etnaviv: Restore some id values (git-fixes). * drm/exynos: do not return negative values from .get_modes() (stable-fixes). * drm/exynos: fix a possible null-pointer dereference due to data race in exynos_drm_crtc_atomic_disable() (git-fixes). * drm/i915/bios: Tolerate devdata==NULL in intel_bios_encoder_supports_dp_dual_mode() (stable-fixes). * drm/i915/gt: Do not generate the command streamer for all the CCS (git- fixes). * drm/i915/gt: Reset queue_priority_hint on parking (git-fixes). * drm/i915/gt: Use i915_vm_put on ppgtt_create error paths (git-fixes). * drm/i915/selftests: Fix dependency of some timeouts on HZ (git-fixes). * drm/i915: Add missing CCS documentation (git-fixes). * drm/i915: Call intel_pre_plane_updates() also for pipes getting enabled (git-fixes). * drm/i915: Check before removing mm notifier (git-fixes). * drm/lima: fix a memleak in lima_heap_alloc (git-fixes). * drm/mediatek: Fix a null pointer crash in mtk_drm_crtc_finish_page_flip (git-fixes). * drm/mediatek: dsi: Fix DSI RGB666 formats and definitions (git-fixes). * drm/msm/dpu: Only enable DSC_MODE_MULTIPLEX if dsc_merge is enabled (git- fixes). * drm/msm/dpu: add division of drm_display_mode's hskew parameter (git-fixes). * drm/msm/dpu: fix the programming of INTF_CFG2_DATA_HCTL_EN (git-fixes). * drm/msm/dpu: improve DSC allocation (git-fixes). * drm/panel-edp: use put_sync in unprepare (git-fixes). * drm/panel: Move AUX B116XW03 out of panel-edp back to panel-simple (git- fixes). * drm/panel: auo,b101uan08.3: Fine tune the panel power sequence (git-fixes). * drm/panel: boe-tv101wum-nl6: Fine tune the panel power sequence (git-fixes). * drm/panel: do not return negative error codes from drm_panel_get_modes() (stable-fixes). * drm/panfrost: fix power transition timeout warnings (git-fixes). * drm/probe-helper: warn about negative .get_modes() (stable-fixes). * drm/qxl: remove unused `count` variable from `qxl_surface_id_alloc()` (git- fixes). * drm/qxl: remove unused variable from `qxl_process_single_command()` (git- fixes). * drm/radeon/ni: Fix wrong firmware size logging in ni_init_microcode() (git- fixes). * drm/radeon/ni_dpm: remove redundant NULL check (git-fixes). * drm/radeon: remove dead code in ni_mc_load_microcode() (git-fixes). * drm/rockchip: dsi: Clean up 'usage_mode' when failing to attach (git-fixes). * drm/rockchip: inno_hdmi: Fix video timing (git-fixes). * drm/rockchip: lvds: do not overwrite error code (git-fixes). * drm/rockchip: lvds: do not print scary message when probing defer (git- fixes). * drm/tegra: dpaux: Fix PM disable depth imbalance in tegra_dpaux_probe (git- fixes). * drm/tegra: dsi: Add missing check for of_find_device_by_node (git-fixes). * drm/tegra: dsi: Fix missing pm_runtime_disable() in the error handling path of tegra_dsi_probe() (git-fixes). * drm/tegra: dsi: Fix some error handling paths in tegra_dsi_probe() (git- fixes). * drm/tegra: dsi: Make use of the helper function dev_err_probe() (stable- fixes). * drm/tegra: hdmi: Convert to devm_platform_ioremap_resource() (stable-fixes). * drm/tegra: hdmi: Fix some error handling paths in tegra_hdmi_probe() (git- fixes). * drm/tegra: output: Fix missing i2c_put_adapter() in the error handling paths of tegra_output_probe() (git-fixes). * drm/tegra: put drm_gem_object ref on error in tegra_fb_create (git-fixes). * drm/tegra: rgb: Fix missing clk_put() in the error handling paths of tegra_dc_rgb_probe() (git-fixes). * drm/tegra: rgb: Fix some error handling paths in tegra_dc_rgb_probe() (git- fixes). * drm/tidss: Fix initial plane zpos values (git-fixes). * drm/tidss: Fix sync-lost issue with two displays (git-fixes). * drm/ttm: Do not leak a resource on eviction error (git-fixes). * drm/ttm: Do not print error message if eviction was interrupted (git-fixes). * drm/vc4: Add module dependency on hdmi-codec (git-fixes). * drm/vmwgfx: Create debugfs ttm_resource_manager entry only if needed (git- fixes). * drm/vmwgfx: Fix possible null pointer derefence with invalid contexts (git- fixes). * drm/vmwgfx: fix a memleak in vmw_gmrid_man_get_node (git-fixes). * drm: Do not treat 0 as -1 in drm_fixp2int_ceil (git-fixes). * drm: Fix drm_fixp2int_round() making it add 0.5 (git-fixes). * drm: panel-orientation-quirks: Add quirk for Acer Switch V 10 (SW5-017) (git-fixes). * firewire: core: use long bus reset on gap count error (stable-fixes). * fix "coresight: etm4x: Change etm4_platform_driver driver for MMIO devices" (bsc#1220775) Hunk with clk_put(drvdata->pclk) was incorrectly moved to another function. * force config_TCG_TIS_CORE=m on aarch64 for workaround kconfig issues * group-source-files.pl: Quote filenames (boo#1221077). The kernel source now contains a file with a space in the name. Add quotes in group-source- files.pl to avoid splitting the filename. Also use -print0 / -0 when updating timestamps. * hid: amd_sfh: Update HPD sensor structure elements (git-fixes). * hid: lenovo: Add middleclick_workaround sysfs knob for cptkbd (git-fixes). * hid: multitouch: Add required quirk for Synaptics 0xcddc device (stable- fixes). * hv_netvsc: Calculate correct ring size when PAGE_SIZE is not 4 Kbytes (git- fixes). * hv_netvsc: Fix race condition between netvsc_probe and netvsc_remove (git- fixes). * hv_netvsc: Register VF in netvsc_probe if NET_DEVICE_REGISTER missed (git- fixes). * i2c: aspeed: Fix the dummy irq expected print (git-fixes). * i2c: i801: Avoid potential double call to gpiod_remove_lookup_table (git- fixes). * i2c: wmt: Fix an error handling path in wmt_i2c_probe() (git-fixes). * ib/ipoib: fix mcast list locking (git-fixes) * iio: dummy_evgen: remove Excess kernel-doc comments (git-fixes). * iio: pressure: dlhl60d: Initialize empty DLH bytes (git-fixes). * input: gpio_keys_polled - suppress deferred probe error for gpio (stable- fixes). * input: synaptics-rmi4 - fix UAF of IRQ domain on driver removal (git-fixes). * iommu/amd: Mark interrupt as managed (git-fixes). * iommu/dma: Trace bounce buffer usage when mapping buffers (git-fixes). * iommu/mediatek-v1: Fix an error handling path in mtk_iommu_v1_probe() (git- fixes). * iommu/mediatek: Fix forever loop in error handling (git-fixes). * iommu/vt-d: Allow to use flush-queue when first level is default (git- fixes). * iommu/vt-d: Do not issue ATS Invalidation request when device is disconnected (git-fixes). * iommu/vt-d: Fix PASID directory pointer coherency (git-fixes). * iommu/vt-d: Set No Execute Enable bit in PASID table entry (git-fixes). * kABI: PCI: Add locking to RMW PCI Express Capability Register accessors (kabi). * kconfig: fix infinite loop when expanding a macro at the end of file (git- fixes). * kernel-binary: Fix i386 build Fixes: 89eaf4cdce05 ("rpm templates: Move macro definitions below buildrequires") * kernel-binary: Move build script to the end All other spec templates have the build script at the end, only kernel-binary has it in the middle. Align with the other templates. * kernel-binary: certs: Avoid trailing space * kernel-binary: vdso: fix filelist for non-usrmerged kernel Fixes: a6ad8af207e6 ("rpm templates: Always define usrmerged") * kvm: s390: only deliver the set service event bits (git-fixes bsc#1221631). * leds: aw2013: Unlock mutex before destroying it (git-fixes). * lib/cmdline: Fix an invalid format specifier in an assertion msg (git- fixes). * make nvidia Grace-Hopper TPM related drivers build-ins (bsc#1221156) * md: fix data corruption for raid456 when reshape restart while grow up (git- fixes). * media: dvb-frontends: avoid stack overflow warnings with clang (git-fixes). * media: edia: dvbdev: fix a use-after-free (git-fixes). * media: em28xx: annotate unchecked call to media_device_register() (git- fixes). * media: go7007: add check of return value of go7007_read_addr() (git-fixes). * media: go7007: fix a memleak in go7007_load_encoder (git-fixes). * media: imx: csc/scaler: fix v4l2_ctrl_handler memory leak (git-fixes). * media: pvrusb2: fix pvr2_stream_callback casts (git-fixes). * media: pvrusb2: fix uaf in pvr2_context_set_notify (git-fixes). * media: pvrusb2: remove redundant NULL check (git-fixes). * media: staging: ipu3-imgu: Set fields before media_entity_pads_init() (git- fixes). * media: sun8i-di: Fix chroma difference threshold (git-fixes). * media: sun8i-di: Fix coefficient writes (git-fixes). * media: sun8i-di: Fix power on/off sequences (git-fixes). * media: tc358743: register v4l2 async device only after successful setup (git-fixes). * media: ttpci: fix two memleaks in budget_av_attach (git-fixes). * media: usbtv: Remove useless locks in usbtv_video_free() (git-fixes). * media: v4l2-mem2mem: fix a memleak in v4l2_m2m_register_entity (git-fixes). * media: v4l2-tpg: fix some memleaks in tpg_alloc (git-fixes). * media: xc4000: Fix atomicity violation in xc4000_get_frequency (git-fixes). * mfd: altera-sysmgr: Call of_node_put() only when of_parse_phandle() takes a ref (git-fixes). * mfd: syscon: Call of_node_put() only when of_parse_phandle() takes a ref (git-fixes). * mm,page_owner: Defer enablement of static branch (bsc#1222366). * mm,page_owner: Fix accounting of pages when migrating (bsc#1222366). * mm,page_owner: Fix printing of stack records (bsc#1222366). * mm,page_owner: Fix refcount imbalance (bsc#1222366). * mm,page_owner: Update metadata for tail pages (bsc#1222366). * mm,page_owner: check for null stack_record before bumping its refcount (bsc#1222366). * mm,page_owner: drop unnecessary check (bsc#1222366). * mm,page_owner: fix recursion (bsc#1222366). * mmc: core: Avoid negative index with array access (git-fixes). * mmc: core: Fix switch on gp3 partition (git-fixes). * mmc: core: Initialize mmc_blk_ioc_data (git-fixes). * mmc: mmci: stm32: fix DMA API overlapping mappings warning (git-fixes). * mmc: mmci: stm32: use a buffer for unaligned DMA requests (git-fixes). * mmc: tmio: avoid concurrent runs of mmc_request_done() (git-fixes). * mmc: wmt-sdmmc: remove an incorrect release_mem_region() call in the .remove function (git-fixes). * mtd: maps: physmap-core: fix flash size larger than 32-bit (git-fixes). * mtd: rawnand: lpc32xx_mlc: fix irq handler prototype (git-fixes). * mtd: rawnand: meson: fix scrambling mode value in command macro (git-fixes). * net/bnx2x: Prevent access to a freed page in page_pool (bsc#1215322). * net/x25: fix incorrect parameter validation in the x25_getsockopt() function (git-fixes). * net: Fix features skip in for_each_netdev_feature() (git-fixes). * net: lan78xx: fix runtime PM count underflow on link stop (git-fixes). * net: ll_temac: platform_get_resource replaced by wrong function (git-fixes). * net: mana: Fix Rx DMA datasize and skb_over_panic (git-fixes). * net: phy: fix phy_get_internal_delay accessing an empty array (git-fixes). * net: sunrpc: Fix an off by one in rpc_sockaddr2uaddr() (git-fixes). * nfc: nci: Fix uninit-value in nci_dev_up and nci_ntf_packet (git-fixes). * nfs: fix an off by one in root_nfs_cat() (git-fixes). * nfs: rename nfs_client_kset to nfs_kset (git-fixes). * nfsd: change LISTXATTRS cookie encoding to big-endian (git-fixes). * nfsd: convert the callback workqueue to use delayed_work (git-fixes). * nfsd: do not take fi_lock in nfsd_break_deleg_cb() (git-fixes). * nfsd: fix file memleak on client_opens_release (git-fixes). * nfsd: fix liSTXATTRS returning a short list with eof=TRUE (git-fixes). * nfsd: fix liSTXATTRS returning more bytes than maxcount (git-fixes). * nfsd: fix nfsd4_listxattr_validate_cookie (git-fixes). * nfsd: lock_rename() needs both directories to live on the same fs (git- fixes). * nfsd: reschedule CB operations when backchannel rpc_clnt is shut down (git- fixes). * nfsd: reset cb_seq_status after NFS4ERR_DELAY (git-fixes). * nfsd: retransmit callbacks after client reconnects (git-fixes). * nfsd: use vfs setgid helper (git-fixes). * nfsv4.1/pnfs: Ensure we handle the error NFS4ERR_RETURNCONFLICT (git-fixes). * nfsv4.1: fix SP4_MACH_CRED protection for pnfs IO (git-fixes). * nfsv4.1: fixup use EXCHGID4_FLAG_USE_PNFS_DS for DS server (git-fixes). * nfsv4.1: use EXCHGID4_FLAG_USE_PNFS_DS for DS server (git-fixes). * nfsv4.2: fix listxattr maximum XDR buffer size (git-fixes). * nfsv4.2: fix nfs4_listxattr kernel BUG at mm/usercopy.c:102 (git-fixes). * nfsv4.2: fix wrong shrinker_id (git-fixes). * nfsv4: fix a nfs4_state_manager() race (git-fixes). * nfsv4: fix a state manager thread deadlock regression (git-fixes). * nilfs2: fix failure to detect DAT corruption in btree and direct mappings (git-fixes). * nilfs2: prevent kernel bug at submit_bh_wbc() (git-fixes). * nouveau/dmem: handle kcalloc() allocation failure (git-fixes). * nouveau: reset the bo resource bus info after an eviction (git-fixes). * ntfs: fix use-after-free in ntfs_ucsncmp() (bsc#1221713). * nvme-fc: do not wait in vain when unloading module (git-fixes). * nvme: fix reconnection fail due to reserved tag allocation (git-fixes). * nvmet-fc: abort command when there is no binding (git-fixes). * nvmet-fc: avoid deadlock on delete association path (git-fixes). * nvmet-fc: defer cleanup using RCU properly (git-fixes). * nvmet-fc: hold reference on hostport match (git-fixes). * nvmet-fc: release reference on target port (git-fixes). * nvmet-fc: take ref count on tgtport before delete assoc (git-fixes). * nvmet-fcloop: swap the list_add_tail arguments (git-fixes). * nvmet-tcp: fix nvme tcp ida memory leak (git-fixes). * pNFS/flexfiles: Check the layout validity in ff_layout_mirror_prepare_stats (git-fixes). * pNFS: Fix a hang in nfs4_evict_inode() (git-fixes). * pNFS: Fix the pnfs block driver's calculation of layoutget size (git-fixes). * pci/aer: fix rootport attribute paths in ABI docs (git-fixes). * pci/aspm: use RMW accessors for changing LNKCTL (git-fixes). * pci/dpc: print all TLP Prefixes, not just the first (git-fixes). * pci/msi: prevent MSI hardware interrupt number truncation (bsc#1218777) * pci/p2pdma: Fix a sleeping issue in a RCU read section (git-fixes). * pci: add locking to RMW PCI Express Capability Register accessors (git- fixes). * pci: dwc: endpoint: Fix advertised resizable BAR size (git-fixes). * pci: dwc: endpoint: Fix dw_pcie_ep_raise_msix_irq() alignment support (git- fixes). * pci: dwc: fix a 64bit bug in dw_pcie_ep_raise_msix_irq() (git-fixes). * pci: fu740: Set the number of MSI vectors (git-fixes). * pci: lengthen reset delay for VideoPropulsion Torrent QN16e card (git- fixes). * pci: make link retraining use RMW accessors for changing LNKCTL (git-fixes). * pci: mark 3ware-9650SE Root Port Extended Tags as broken (git-fixes). * pci: mediatek-gen3: Fix translation window size calculation (git-fixes). * pci: mediatek: Clear interrupt status before dispatching handler (git- fixes). * pci: qcom: enable BDF to SID translation properly (git-fixes). * pci: qcom: use DWC helpers for modifying the read-only DBI registers (git- fixes). * pci: rockchip: Do not advertise MSI-X in PCIe capabilities (git-fixes). * pci: rockchip: Fix window mapping and address translation for endpoint (git- fixes). * pci: rockchip: Use 64-bit mask on MSI 64-bit PCI address (git-fixes). * pci: switchtec: Fix an error handling path in switchtec_pci_probe() (git- fixes). * pinctrl: mediatek: Drop bogus slew rate register range for MT8192 (git- fixes). * platform/mellanox: mlxreg-hotplug: Remove redundant NULL-check (git-fixes). * pm: suspend: Set mem_sleep_current during kernel command line setup (git- fixes). * powerpc/64s: POWER10 CPU Kconfig build option (bsc#1194869). * powerpc/boot: Disable power10 features after BOOTAFLAGS assignment (bsc#1194869). * powerpc/boot: Fix boot wrapper code generation with CONFIG_POWER10_CPU (bsc#1194869). * powerpc/lib/sstep: Do not use __{get/put}_user() on kernel addresses (bsc#1194869). * powerpc/lib/sstep: Remove unneeded #ifdef **powerpc64** (bsc#1194869). * powerpc/lib/sstep: Use l1_dcache_bytes() instead of opencoding (bsc#1194869). * powerpc/lib/sstep: use truncate_if_32bit() (bsc#1194869). * powerpc/pseries/iommu: IOMMU table is not initialized for kdump over SR-IOV (bsc#1220492 ltc#205270). * powerpc/pseries: Fix potential memleak in papr_get_attr() (bsc#1200465 ltc#197256 jsc#SLE-18130 git-fixes). * powerpc/sstep: Use bitwise instead of arithmetic operator for flags (bsc#1194869). * powerpc: add compile-time support for lbarx, lharx (bsc#1194869). * pwm: mediatek: Update kernel doc for struct pwm_mediatek_of_data (git- fixes). * qedf: Do not process stag work during unload (bsc#1214852). * qedf: Wait for stag work during unload (bsc#1214852). * raid1: fix use-after-free for original bio in raid1_write_request() (bsc#1221097). * ras/amd/fmpm: Add debugfs interface to print record entries (jsc#PED-7619). * ras/amd/fmpm: Avoid NULL ptr deref in get_saved_records() (jsc#PED-7619). * ras/amd/fmpm: Fix build when debugfs is not enabled (jsc#PED-7619). * ras/amd/fmpm: Fix off by one when unwinding on error (jsc#PED-7619). * ras/amd/fmpm: Safely handle saved records of various sizes (jsc#PED-7619). * ras/amd/fmpm: Save SPA values (jsc#PED-7619). * ras: Avoid build errors when CONFIG_DEBUG_FS=n (git-fixes). * ras: export helper to get ras_debugfs_dir (jsc#PED-7619). * rdma/device: Fix a race between mad_client and cm_client init (git-fixes) * rdma/hns: fix mis-modifying default congestion control algorithm (git-fixes) * rdma/ipoib: Fix error code return in ipoib_mcast_join (git-fixes) * rdma/irdma: Remove duplicate assignment (git-fixes) * rdma/mana_ib: Fix bug in creation of dma regions (git-fixes). * rdma/mlx5: fix fortify source warning while accessing Eth segment (git- fixes) * rdma/mlx5: relax DEVX access upon modify commands (git-fixes) * rdma/rtrs-clt: Check strnlen return len in sysfs mpath_policy_store() (git- fixes) * rdma/srpt: do not register event handler until srpt device is fully setup (git-fixes) * rtc: mt6397: select IRQ_DOMAIN instead of depending on it (git-fixes). * s390/pai: fix attr_event_free upper limit for pai device drivers (git-fixes bsc#1221633). * s390/vfio-ap: realize the VFIO_DEVICE_GET_IRQ_INFO ioctl (bsc#1205316). * s390/vfio-ap: realize the VFIO_DEVICE_SET_IRQS ioctl (bsc#1205316). * s390/vfio-ap: wire in the vfio_device_ops request callback (bsc#1205316). * s390/vtime: fix average steal time calculation (git-fixes bsc#1221951). * sched/rt: Disallow writing invalid values to sched_rt_period_us (bsc#1220176). * sched/rt: sysctl_sched_rr_timeslice show default timeslice after reset (bsc#1220176). * scsi: lpfc: Copyright updates for 14.4.0.1 patches (bsc#1221777). * scsi: lpfc: Correct size for cmdwqe/rspwqe for memset() (bsc#1221777). * scsi: lpfc: Correct size for wqe for memset() (bsc#1221777). * scsi: lpfc: Define lpfc_dmabuf type for ctx_buf ptr (bsc#1221777). * scsi: lpfc: Define lpfc_nodelist type for ctx_ndlp ptr (bsc#1221777). * scsi: lpfc: Define types in a union for generic void *context3 ptr (bsc#1221777). * scsi: lpfc: Move NPIV's transport unregistration to after resource clean up (bsc#1221777). * scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up() (bsc#1221777). * scsi: lpfc: Remove IRQF_ONESHOT flag from threaded IRQ handling (bsc#1221777 bsc#1217959). * scsi: lpfc: Remove unnecessary log message in queuecommand path (bsc#1221777). * scsi: lpfc: Replace hbalock with ndlp lock in lpfc_nvme_unregister_port() (bsc#1221777). * scsi: lpfc: Update lpfc version to 14.4.0.1 (bsc#1221777). * scsi: lpfc: Update lpfc_ramp_down_queue_handler() logic (bsc#1221777). * scsi: lpfc: Use a dedicated lock for ras_fwlog state (bsc#1221777). * scsi: qedf: Remove set but unused variable 'page' (bsc#1214852). * scsi: qedf: Remove unused 'num_handled' variable (bsc#1214852). * scsi: qedf: Remove unused declaration (bsc#1214852). * scsi: qla2xxx: Change debug message during driver unload (bsc1221816). * scsi: qla2xxx: Delay I/O Abort on PCI error (bsc1221816). * scsi: qla2xxx: Fix N2N stuck connection (bsc1221816). * scsi: qla2xxx: Fix command flush on cable pull (bsc1221816). * scsi: qla2xxx: Fix double free of fcport (bsc1221816). * scsi: qla2xxx: Fix double free of the ha->vp_map pointer (bsc1221816). * scsi: qla2xxx: NVME|FCP prefer flag not being honored (bsc1221816). * scsi: qla2xxx: Prevent command send on chip reset (bsc1221816). * scsi: qla2xxx: Split FCE|EFT trace control (bsc1221816). * scsi: qla2xxx: Update manufacturer detail (bsc1221816). * scsi: qla2xxx: Update version to 10.02.09.200-k (bsc1221816). * scsi: storvsc: Fix ring buffer size calculation (git-fixes). * scsi: target: core: Silence the message about unknown VPD pages (bsc#1221252). * selftests/bpf: add generic BPF program tester-loader (bsc#1222033). * serial: 8250_exar: Do not remove GPIO device on suspend (git-fixes). * serial: max310x: fix syntax error in IRQ error message (git-fixes). * slimbus: core: Remove usage of the deprecated ida_simple_xx() API (git- fixes). * soc: fsl: qbman: Always disable interrupts when taking cgr_lock (git-fixes). * spi: lm70llp: fix links in doc and comments (git-fixes). * spi: spi-mt65xx: Fix NULL pointer access in interrupt handler (git-fixes). * sr9800: Add check for usbnet_get_endpoints (git-fixes). * stackdepot: rename pool_index to pool_index_plus_1 (git-fixes). * staging: vc04_services: fix information leak in create_component() (git- fixes). * sunrpc: Add an IS_ERR() check back to where it was (git-fixes). * sunrpc: ECONNRESET might require a rebind (git-fixes). * sunrpc: Fix RPC client cleaned up the freed pipefs dentries (git-fixes). * sunrpc: Fix a suspicious RCU usage warning (git-fixes). * sunrpc: fix a memleak in gss_import_v2_context (git-fixes). * sunrpc: fix some memleaks in gssx_dec_option_array (git-fixes). * svcrdma: Drop connection after an RDMA Read error (git-fixes). * tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc (bsc#1222619). * tty: serial: fsl_lpuart: avoid idle preamble pending if CTS is enabled (git- fixes). * tty: serial: samsung: fix tx_empty() to return TIOCSER_TEMT (git-fixes). * tty: vt: fix 20 vs 0x20 typo in EScsiignore (git-fixes). * ubifs: Queue up space reservation tasks if retrying many times (git-fixes). * ubifs: Remove unreachable code in dbg_check_ltab_lnum (git-fixes). * ubifs: Set page uptodate in the correct place (git-fixes). * ubifs: dbg_check_idx_size: Fix kmemleak if loading znode failed (git-fixes). * ubifs: fix sort function prototype (git-fixes). * usb: audio-v2: Correct comments for struct uac_clock_selector_descriptor (git-fixes). * usb: cdc-wdm: close race between read and workqueue (git-fixes). * usb: core: Fix deadlock in usb_deauthorize_interface() (git-fixes). * usb: dwc2: gadget: Fix exiting from clock gating (git-fixes). * usb: dwc2: gadget: LPM flow fix (git-fixes). * usb: dwc2: host: Fix ISOC flow in DDMA mode (git-fixes). * usb: dwc2: host: Fix hibernation flow (git-fixes). * usb: dwc2: host: Fix remote wakeup from hibernation (git-fixes). * usb: dwc3: Properly set system wakeup (git-fixes). * usb: gadget: ncm: Fix handling of zero block length packets (git-fixes). * usb: gadget: net2272: Use irqflags in the call to net2272_probe_fin (git- fixes). * usb: port: Do not try to peer unused USB ports based on location (git- fixes). * usb: typec: Return size of buffer if pd_set operation succeeds (git-fixes). * usb: typec: ucsi: Check for notifications after init (git-fixes). * usb: typec: ucsi: Clean up UCSI_CABLE_PROP macros (git-fixes). * usb: typec: ucsi: Clear EVENT_PENDING under PPM lock (git-fixes). * usb: usb-storage: Prevent divide-by-0 error in isd200_ata_command (git- fixes). * usb: xhci: Add error handling in xhci_map_urb_for_dma (git-fixes). * vboxsf: Avoid an spurious warning if load_nls_xxx() fails (git-fixes). * vt: fix unicode buffer corruption when deleting characters (git-fixes). * watchdog: stm32_iwdg: initialize default timeout (git-fixes). * wifi: ath10k: fix NULL pointer dereference in ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() (git-fixes). * wifi: ath11k: decrease MHI channel buffer length to 8KB (bsc#1207948). * wifi: ath11k: initialize rx_mcs_80 and rx_mcs_160 before use (git-fixes). * wifi: ath9k: delay all of ath9k_wmi_event_tasklet() until init is complete (git-fixes). * wifi: b43: Disable QoS for bcm4331 (git-fixes). * wifi: b43: Stop correct queue in DMA worker when QoS is disabled (git- fixes). * wifi: b43: Stop/wake correct queue in DMA Tx path when QoS is disabled (git- fixes). * wifi: b43: Stop/wake correct queue in PIO Tx path when QoS is disabled (git- fixes). * wifi: brcmfmac: fix copyright year mentioned in platform_data header (git- fixes). * wifi: brcmsmac: avoid function pointer casts (git-fixes). * wifi: iwlwifi: dbg-tlv: ensure NUL termination (git-fixes). * wifi: iwlwifi: fix EWRD table validity check (git-fixes). * wifi: iwlwifi: fw: do not always use FW dump trig (git-fixes). * wifi: iwlwifi: mvm: do not set replay counters to 0xff (git-fixes). * wifi: iwlwifi: mvm: report beacon protection failures (git-fixes). * wifi: iwlwifi: mvm: rfi: fix potential response leaks (git-fixes). * wifi: iwlwifi: mvm: use FW rate for non-data only on new devices (git- fixes). * wifi: libertas: fix some memleaks in lbs_allocate_cmd_buffer() (git-fixes). * wifi: mwifiex: debugfs: Drop unnecessary error check for debugfs_create_dir() (git-fixes). * wifi: rtl8xxxu: add cancel_work_sync() for c2hcmd_work (git-fixes). * wifi: rtw88: 8821c: Fix false alarm count (git-fixes). * wifi: wilc1000: fix RCU usage in connect path (git-fixes). * wifi: wilc1000: fix declarations ordering (stable-fixes). * wifi: wilc1000: fix multi-vif management when deleting a vif (git-fixes). * wifi: wilc1000: prevent use-after-free on vif when cleaning up all interfaces (git-fixes). * x86/CPU/AMD: Update the Zenbleed microcode revisions (git-fixes). * x86/bugs: Fix the SRSO mitigation on Zen3/4 (git-fixes). * x86/fpu: Keep xfd_state in sync with MSR_IA32_XFD (git-fixes). * xhci: handle isoc Babble and Buffer Overrun events properly (git-fixes). * xhci: process isoc TD properly when there was a transaction error mid TD (git-fixes). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-1332=1 openSUSE-SLE-15.5-2024-1332=1 * Public Cloud Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP5-2024-1332=1 ## Package List: * openSUSE Leap 15.5 (aarch64 x86_64) * kernel-azure-extra-5.14.21-150500.33.42.1 * cluster-md-kmp-azure-debuginfo-5.14.21-150500.33.42.1 * kernel-azure-optional-5.14.21-150500.33.42.1 * reiserfs-kmp-azure-5.14.21-150500.33.42.1 * gfs2-kmp-azure-5.14.21-150500.33.42.1 * kernel-syms-azure-5.14.21-150500.33.42.1 * kernel-azure-devel-5.14.21-150500.33.42.1 * kselftests-kmp-azure-5.14.21-150500.33.42.1 * kselftests-kmp-azure-debuginfo-5.14.21-150500.33.42.1 * kernel-azure-extra-debuginfo-5.14.21-150500.33.42.1 * reiserfs-kmp-azure-debuginfo-5.14.21-150500.33.42.1 * gfs2-kmp-azure-debuginfo-5.14.21-150500.33.42.1 * cluster-md-kmp-azure-5.14.21-150500.33.42.1 * kernel-azure-devel-debuginfo-5.14.21-150500.33.42.1 * kernel-azure-debuginfo-5.14.21-150500.33.42.1 * ocfs2-kmp-azure-debuginfo-5.14.21-150500.33.42.1 * kernel-azure-livepatch-devel-5.14.21-150500.33.42.1 * kernel-azure-debugsource-5.14.21-150500.33.42.1 * dlm-kmp-azure-5.14.21-150500.33.42.1 * kernel-azure-optional-debuginfo-5.14.21-150500.33.42.1 * dlm-kmp-azure-debuginfo-5.14.21-150500.33.42.1 * ocfs2-kmp-azure-5.14.21-150500.33.42.1 * openSUSE Leap 15.5 (aarch64 nosrc x86_64) * kernel-azure-5.14.21-150500.33.42.1 * openSUSE Leap 15.5 (x86_64) * kernel-azure-vdso-debuginfo-5.14.21-150500.33.42.1 * kernel-azure-vdso-5.14.21-150500.33.42.1 * openSUSE Leap 15.5 (noarch) * kernel-devel-azure-5.14.21-150500.33.42.1 * kernel-source-azure-5.14.21-150500.33.42.1 * Public Cloud Module 15-SP5 (aarch64 nosrc x86_64) * kernel-azure-5.14.21-150500.33.42.1 * Public Cloud Module 15-SP5 (aarch64 x86_64) * kernel-syms-azure-5.14.21-150500.33.42.1 * kernel-azure-devel-5.14.21-150500.33.42.1 * kernel-azure-debugsource-5.14.21-150500.33.42.1 * kernel-azure-devel-debuginfo-5.14.21-150500.33.42.1 * kernel-azure-debuginfo-5.14.21-150500.33.42.1 * Public Cloud Module 15-SP5 (noarch) * kernel-devel-azure-5.14.21-150500.33.42.1 * kernel-source-azure-5.14.21-150500.33.42.1 ## References: * https://www.suse.com/security/cve/CVE-2021-46925.html * https://www.suse.com/security/cve/CVE-2021-46926.html * https://www.suse.com/security/cve/CVE-2021-46927.html * https://www.suse.com/security/cve/CVE-2021-46929.html * https://www.suse.com/security/cve/CVE-2021-46930.html * https://www.suse.com/security/cve/CVE-2021-46931.html * https://www.suse.com/security/cve/CVE-2021-46933.html * https://www.suse.com/security/cve/CVE-2021-46936.html * https://www.suse.com/security/cve/CVE-2021-47082.html * https://www.suse.com/security/cve/CVE-2021-47087.html * https://www.suse.com/security/cve/CVE-2021-47091.html * https://www.suse.com/security/cve/CVE-2021-47093.html * https://www.suse.com/security/cve/CVE-2021-47094.html * https://www.suse.com/security/cve/CVE-2021-47095.html * https://www.suse.com/security/cve/CVE-2021-47096.html * https://www.suse.com/security/cve/CVE-2021-47097.html * https://www.suse.com/security/cve/CVE-2021-47098.html * https://www.suse.com/security/cve/CVE-2021-47099.html * https://www.suse.com/security/cve/CVE-2021-47100.html * https://www.suse.com/security/cve/CVE-2021-47101.html * https://www.suse.com/security/cve/CVE-2021-47102.html * https://www.suse.com/security/cve/CVE-2021-47104.html * https://www.suse.com/security/cve/CVE-2021-47105.html * https://www.suse.com/security/cve/CVE-2021-47107.html * https://www.suse.com/security/cve/CVE-2021-47108.html * https://www.suse.com/security/cve/CVE-2022-4744.html * https://www.suse.com/security/cve/CVE-2022-48626.html * https://www.suse.com/security/cve/CVE-2022-48629.html * https://www.suse.com/security/cve/CVE-2022-48630.html * https://www.suse.com/security/cve/CVE-2023-0160.html * https://www.suse.com/security/cve/CVE-2023-28746.html * https://www.suse.com/security/cve/CVE-2023-35827.html * https://www.suse.com/security/cve/CVE-2023-4881.html * https://www.suse.com/security/cve/CVE-2023-52447.html * https://www.suse.com/security/cve/CVE-2023-52450.html * https://www.suse.com/security/cve/CVE-2023-52453.html * https://www.suse.com/security/cve/CVE-2023-52454.html * https://www.suse.com/security/cve/CVE-2023-52469.html * https://www.suse.com/security/cve/CVE-2023-52470.html * https://www.suse.com/security/cve/CVE-2023-52474.html * https://www.suse.com/security/cve/CVE-2023-52476.html * https://www.suse.com/security/cve/CVE-2023-52477.html * https://www.suse.com/security/cve/CVE-2023-52481.html * https://www.suse.com/security/cve/CVE-2023-52484.html * https://www.suse.com/security/cve/CVE-2023-52486.html * https://www.suse.com/security/cve/CVE-2023-52492.html * https://www.suse.com/security/cve/CVE-2023-52493.html * https://www.suse.com/security/cve/CVE-2023-52494.html * https://www.suse.com/security/cve/CVE-2023-52497.html * https://www.suse.com/security/cve/CVE-2023-52500.html * https://www.suse.com/security/cve/CVE-2023-52501.html * https://www.suse.com/security/cve/CVE-2023-52502.html * https://www.suse.com/security/cve/CVE-2023-52504.html * https://www.suse.com/security/cve/CVE-2023-52507.html * https://www.suse.com/security/cve/CVE-2023-52508.html * https://www.suse.com/security/cve/CVE-2023-52509.html * https://www.suse.com/security/cve/CVE-2023-52510.html * https://www.suse.com/security/cve/CVE-2023-52511.html * https://www.suse.com/security/cve/CVE-2023-52513.html * https://www.suse.com/security/cve/CVE-2023-52515.html * https://www.suse.com/security/cve/CVE-2023-52517.html * https://www.suse.com/security/cve/CVE-2023-52518.html * https://www.suse.com/security/cve/CVE-2023-52519.html * https://www.suse.com/security/cve/CVE-2023-52520.html * https://www.suse.com/security/cve/CVE-2023-52523.html * https://www.suse.com/security/cve/CVE-2023-52524.html * https://www.suse.com/security/cve/CVE-2023-52525.html * https://www.suse.com/security/cve/CVE-2023-52528.html * https://www.suse.com/security/cve/CVE-2023-52529.html * https://www.suse.com/security/cve/CVE-2023-52532.html * https://www.suse.com/security/cve/CVE-2023-52563.html * https://www.suse.com/security/cve/CVE-2023-52564.html * https://www.suse.com/security/cve/CVE-2023-52566.html * https://www.suse.com/security/cve/CVE-2023-52567.html * https://www.suse.com/security/cve/CVE-2023-52569.html * https://www.suse.com/security/cve/CVE-2023-52574.html * https://www.suse.com/security/cve/CVE-2023-52575.html * https://www.suse.com/security/cve/CVE-2023-52576.html * https://www.suse.com/security/cve/CVE-2023-52582.html * https://www.suse.com/security/cve/CVE-2023-52583.html * https://www.suse.com/security/cve/CVE-2023-52587.html * https://www.suse.com/security/cve/CVE-2023-52591.html * https://www.suse.com/security/cve/CVE-2023-52594.html * https://www.suse.com/security/cve/CVE-2023-52595.html * https://www.suse.com/security/cve/CVE-2023-52597.html * https://www.suse.com/security/cve/CVE-2023-52598.html * https://www.suse.com/security/cve/CVE-2023-52599.html * https://www.suse.com/security/cve/CVE-2023-52600.html * https://www.suse.com/security/cve/CVE-2023-52601.html * https://www.suse.com/security/cve/CVE-2023-52602.html * https://www.suse.com/security/cve/CVE-2023-52603.html * https://www.suse.com/security/cve/CVE-2023-52604.html * https://www.suse.com/security/cve/CVE-2023-52605.html * https://www.suse.com/security/cve/CVE-2023-52606.html * https://www.suse.com/security/cve/CVE-2023-52607.html * https://www.suse.com/security/cve/CVE-2023-52608.html * https://www.suse.com/security/cve/CVE-2023-52612.html * https://www.suse.com/security/cve/CVE-2023-52615.html * https://www.suse.com/security/cve/CVE-2023-52617.html * https://www.suse.com/security/cve/CVE-2023-52619.html * https://www.suse.com/security/cve/CVE-2023-52621.html * https://www.suse.com/security/cve/CVE-2023-52623.html * https://www.suse.com/security/cve/CVE-2023-52628.html * https://www.suse.com/security/cve/CVE-2023-52632.html * https://www.suse.com/security/cve/CVE-2023-52637.html * https://www.suse.com/security/cve/CVE-2023-52639.html * https://www.suse.com/security/cve/CVE-2023-6356.html * https://www.suse.com/security/cve/CVE-2023-6535.html * https://www.suse.com/security/cve/CVE-2023-6536.html * https://www.suse.com/security/cve/CVE-2023-7042.html * https://www.suse.com/security/cve/CVE-2023-7192.html * https://www.suse.com/security/cve/CVE-2024-0841.html * https://www.suse.com/security/cve/CVE-2024-2201.html * https://www.suse.com/security/cve/CVE-2024-22099.html * https://www.suse.com/security/cve/CVE-2024-23307.html * https://www.suse.com/security/cve/CVE-2024-25739.html * https://www.suse.com/security/cve/CVE-2024-26599.html * https://www.suse.com/security/cve/CVE-2024-26600.html * https://www.suse.com/security/cve/CVE-2024-26602.html * https://www.suse.com/security/cve/CVE-2024-26612.html * https://www.suse.com/security/cve/CVE-2024-26614.html * https://www.suse.com/security/cve/CVE-2024-26620.html * https://www.suse.com/security/cve/CVE-2024-26627.html * https://www.suse.com/security/cve/CVE-2024-26629.html * https://www.suse.com/security/cve/CVE-2024-26642.html * https://www.suse.com/security/cve/CVE-2024-26645.html * https://www.suse.com/security/cve/CVE-2024-26646.html * https://www.suse.com/security/cve/CVE-2024-26651.html * https://www.suse.com/security/cve/CVE-2024-26654.html * https://www.suse.com/security/cve/CVE-2024-26659.html * https://www.suse.com/security/cve/CVE-2024-26664.html * https://www.suse.com/security/cve/CVE-2024-26667.html * https://www.suse.com/security/cve/CVE-2024-26670.html * https://www.suse.com/security/cve/CVE-2024-26695.html * https://www.suse.com/security/cve/CVE-2024-26717.html * https://bugzilla.suse.com/show_bug.cgi?id=1194869 * https://bugzilla.suse.com/show_bug.cgi?id=1200465 * https://bugzilla.suse.com/show_bug.cgi?id=1205316 * https://bugzilla.suse.com/show_bug.cgi?id=1207948 * https://bugzilla.suse.com/show_bug.cgi?id=1209635 * https://bugzilla.suse.com/show_bug.cgi?id=1209657 * https://bugzilla.suse.com/show_bug.cgi?id=1212514 * https://bugzilla.suse.com/show_bug.cgi?id=1213456 * https://bugzilla.suse.com/show_bug.cgi?id=1214852 * https://bugzilla.suse.com/show_bug.cgi?id=1215221 * https://bugzilla.suse.com/show_bug.cgi?id=1215322 * https://bugzilla.suse.com/show_bug.cgi?id=1217339 * https://bugzilla.suse.com/show_bug.cgi?id=1217959 * https://bugzilla.suse.com/show_bug.cgi?id=1217987 * https://bugzilla.suse.com/show_bug.cgi?id=1217988 * https://bugzilla.suse.com/show_bug.cgi?id=1217989 * https://bugzilla.suse.com/show_bug.cgi?id=1218321 * https://bugzilla.suse.com/show_bug.cgi?id=1218336 * https://bugzilla.suse.com/show_bug.cgi?id=1218479 * https://bugzilla.suse.com/show_bug.cgi?id=1218643 * https://bugzilla.suse.com/show_bug.cgi?id=1218777 * https://bugzilla.suse.com/show_bug.cgi?id=1219169 * https://bugzilla.suse.com/show_bug.cgi?id=1219170 * https://bugzilla.suse.com/show_bug.cgi?id=1219264 * https://bugzilla.suse.com/show_bug.cgi?id=1219834 * https://bugzilla.suse.com/show_bug.cgi?id=1220114 * https://bugzilla.suse.com/show_bug.cgi?id=1220176 * https://bugzilla.suse.com/show_bug.cgi?id=1220237 * https://bugzilla.suse.com/show_bug.cgi?id=1220251 * https://bugzilla.suse.com/show_bug.cgi?id=1220320 * https://bugzilla.suse.com/show_bug.cgi?id=1220337 * https://bugzilla.suse.com/show_bug.cgi?id=1220340 * https://bugzilla.suse.com/show_bug.cgi?id=1220365 * https://bugzilla.suse.com/show_bug.cgi?id=1220366 * https://bugzilla.suse.com/show_bug.cgi?id=1220398 * https://bugzilla.suse.com/show_bug.cgi?id=1220411 * https://bugzilla.suse.com/show_bug.cgi?id=1220413 * https://bugzilla.suse.com/show_bug.cgi?id=1220439 * https://bugzilla.suse.com/show_bug.cgi?id=1220443 * https://bugzilla.suse.com/show_bug.cgi?id=1220445 * https://bugzilla.suse.com/show_bug.cgi?id=1220466 * https://bugzilla.suse.com/show_bug.cgi?id=1220478 * https://bugzilla.suse.com/show_bug.cgi?id=1220482 * https://bugzilla.suse.com/show_bug.cgi?id=1220484 * https://bugzilla.suse.com/show_bug.cgi?id=1220486 * https://bugzilla.suse.com/show_bug.cgi?id=1220487 * https://bugzilla.suse.com/show_bug.cgi?id=1220492 * https://bugzilla.suse.com/show_bug.cgi?id=1220703 * https://bugzilla.suse.com/show_bug.cgi?id=1220775 * https://bugzilla.suse.com/show_bug.cgi?id=1220790 * https://bugzilla.suse.com/show_bug.cgi?id=1220797 * https://bugzilla.suse.com/show_bug.cgi?id=1220831 * https://bugzilla.suse.com/show_bug.cgi?id=1220833 * https://bugzilla.suse.com/show_bug.cgi?id=1220836 * https://bugzilla.suse.com/show_bug.cgi?id=1220839 * https://bugzilla.suse.com/show_bug.cgi?id=1220840 * https://bugzilla.suse.com/show_bug.cgi?id=1220843 * https://bugzilla.suse.com/show_bug.cgi?id=1220870 * https://bugzilla.suse.com/show_bug.cgi?id=1220871 * https://bugzilla.suse.com/show_bug.cgi?id=1220872 * https://bugzilla.suse.com/show_bug.cgi?id=1220878 * https://bugzilla.suse.com/show_bug.cgi?id=1220879 * https://bugzilla.suse.com/show_bug.cgi?id=1220883 * https://bugzilla.suse.com/show_bug.cgi?id=1220885 * https://bugzilla.suse.com/show_bug.cgi?id=1220887 * https://bugzilla.suse.com/show_bug.cgi?id=1220898 * https://bugzilla.suse.com/show_bug.cgi?id=1220918 * https://bugzilla.suse.com/show_bug.cgi?id=1220920 * https://bugzilla.suse.com/show_bug.cgi?id=1220921 * https://bugzilla.suse.com/show_bug.cgi?id=1220926 * https://bugzilla.suse.com/show_bug.cgi?id=1220927 * https://bugzilla.suse.com/show_bug.cgi?id=1220929 * https://bugzilla.suse.com/show_bug.cgi?id=1220932 * https://bugzilla.suse.com/show_bug.cgi?id=1220937 * https://bugzilla.suse.com/show_bug.cgi?id=1220938 * https://bugzilla.suse.com/show_bug.cgi?id=1220940 * https://bugzilla.suse.com/show_bug.cgi?id=1220954 * https://bugzilla.suse.com/show_bug.cgi?id=1220955 * https://bugzilla.suse.com/show_bug.cgi?id=1220959 * https://bugzilla.suse.com/show_bug.cgi?id=1220960 * https://bugzilla.suse.com/show_bug.cgi?id=1220961 * https://bugzilla.suse.com/show_bug.cgi?id=1220965 * https://bugzilla.suse.com/show_bug.cgi?id=1220969 * https://bugzilla.suse.com/show_bug.cgi?id=1220978 * https://bugzilla.suse.com/show_bug.cgi?id=1220979 * https://bugzilla.suse.com/show_bug.cgi?id=1220981 * https://bugzilla.suse.com/show_bug.cgi?id=1220982 * https://bugzilla.suse.com/show_bug.cgi?id=1220983 * https://bugzilla.suse.com/show_bug.cgi?id=1220985 * https://bugzilla.suse.com/show_bug.cgi?id=1220986 * https://bugzilla.suse.com/show_bug.cgi?id=1220987 * https://bugzilla.suse.com/show_bug.cgi?id=1220989 * https://bugzilla.suse.com/show_bug.cgi?id=1220990 * https://bugzilla.suse.com/show_bug.cgi?id=1221009 * https://bugzilla.suse.com/show_bug.cgi?id=1221012 * https://bugzilla.suse.com/show_bug.cgi?id=1221015 * https://bugzilla.suse.com/show_bug.cgi?id=1221022 * https://bugzilla.suse.com/show_bug.cgi?id=1221039 * https://bugzilla.suse.com/show_bug.cgi?id=1221040 * https://bugzilla.suse.com/show_bug.cgi?id=1221044 * https://bugzilla.suse.com/show_bug.cgi?id=1221045 * https://bugzilla.suse.com/show_bug.cgi?id=1221046 * https://bugzilla.suse.com/show_bug.cgi?id=1221048 * https://bugzilla.suse.com/show_bug.cgi?id=1221055 * https://bugzilla.suse.com/show_bug.cgi?id=1221056 * https://bugzilla.suse.com/show_bug.cgi?id=1221058 * https://bugzilla.suse.com/show_bug.cgi?id=1221060 * https://bugzilla.suse.com/show_bug.cgi?id=1221061 * https://bugzilla.suse.com/show_bug.cgi?id=1221062 * https://bugzilla.suse.com/show_bug.cgi?id=1221066 * https://bugzilla.suse.com/show_bug.cgi?id=1221067 * https://bugzilla.suse.com/show_bug.cgi?id=1221068 * https://bugzilla.suse.com/show_bug.cgi?id=1221069 * https://bugzilla.suse.com/show_bug.cgi?id=1221070 * https://bugzilla.suse.com/show_bug.cgi?id=1221071 * https://bugzilla.suse.com/show_bug.cgi?id=1221077 * https://bugzilla.suse.com/show_bug.cgi?id=1221082 * https://bugzilla.suse.com/show_bug.cgi?id=1221090 * https://bugzilla.suse.com/show_bug.cgi?id=1221097 * https://bugzilla.suse.com/show_bug.cgi?id=1221156 * https://bugzilla.suse.com/show_bug.cgi?id=1221252 * https://bugzilla.suse.com/show_bug.cgi?id=1221273 * https://bugzilla.suse.com/show_bug.cgi?id=1221274 * https://bugzilla.suse.com/show_bug.cgi?id=1221276 * https://bugzilla.suse.com/show_bug.cgi?id=1221277 * https://bugzilla.suse.com/show_bug.cgi?id=1221291 * https://bugzilla.suse.com/show_bug.cgi?id=1221293 * https://bugzilla.suse.com/show_bug.cgi?id=1221298 * https://bugzilla.suse.com/show_bug.cgi?id=1221337 * https://bugzilla.suse.com/show_bug.cgi?id=1221338 * https://bugzilla.suse.com/show_bug.cgi?id=1221375 * https://bugzilla.suse.com/show_bug.cgi?id=1221379 * https://bugzilla.suse.com/show_bug.cgi?id=1221551 * https://bugzilla.suse.com/show_bug.cgi?id=1221553 * https://bugzilla.suse.com/show_bug.cgi?id=1221613 * https://bugzilla.suse.com/show_bug.cgi?id=1221614 * https://bugzilla.suse.com/show_bug.cgi?id=1221616 * https://bugzilla.suse.com/show_bug.cgi?id=1221618 * https://bugzilla.suse.com/show_bug.cgi?id=1221631 * https://bugzilla.suse.com/show_bug.cgi?id=1221633 * https://bugzilla.suse.com/show_bug.cgi?id=1221713 * https://bugzilla.suse.com/show_bug.cgi?id=1221777 * https://bugzilla.suse.com/show_bug.cgi?id=1221814 * https://bugzilla.suse.com/show_bug.cgi?id=1221816 * https://bugzilla.suse.com/show_bug.cgi?id=1221830 * https://bugzilla.suse.com/show_bug.cgi?id=1221951 * https://bugzilla.suse.com/show_bug.cgi?id=1222033 * https://bugzilla.suse.com/show_bug.cgi?id=1222056 * https://bugzilla.suse.com/show_bug.cgi?id=1222060 * https://bugzilla.suse.com/show_bug.cgi?id=1222070 * https://bugzilla.suse.com/show_bug.cgi?id=1222073 * https://bugzilla.suse.com/show_bug.cgi?id=1222117 * https://bugzilla.suse.com/show_bug.cgi?id=1222274 * https://bugzilla.suse.com/show_bug.cgi?id=1222291 * https://bugzilla.suse.com/show_bug.cgi?id=1222300 * https://bugzilla.suse.com/show_bug.cgi?id=1222304 * https://bugzilla.suse.com/show_bug.cgi?id=1222317 * https://bugzilla.suse.com/show_bug.cgi?id=1222331 * https://bugzilla.suse.com/show_bug.cgi?id=1222355 * https://bugzilla.suse.com/show_bug.cgi?id=1222356 * https://bugzilla.suse.com/show_bug.cgi?id=1222360 * https://bugzilla.suse.com/show_bug.cgi?id=1222366 * https://bugzilla.suse.com/show_bug.cgi?id=1222373 * https://bugzilla.suse.com/show_bug.cgi?id=1222619 * https://jira.suse.com/browse/PED-5759 * https://jira.suse.com/browse/PED-7167 * https://jira.suse.com/browse/PED-7619 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Apr 18 16:31:17 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 18 Apr 2024 16:31:17 -0000 Subject: SUSE-SU-2024:1340-1: important: Security update for pgadmin4 Message-ID: <171345787755.17084.15454913871596336715@smelt2.prg2.suse.org> # Security update for pgadmin4 Announcement ID: SUSE-SU-2024:1340-1 Rating: important References: * bsc#1221172 Cross-References: * CVE-2024-2044 CVSS scores: * CVE-2024-2044 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * openSUSE Leap 15.5 * Server Applications Module 15-SP5 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for pgadmin4 fixes the following issues: * CVE-2024-2044: Fixed unsafe deserialization and Remote Code Execution by an authenticated user (bsc#1221172) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-1340=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1340=1 * Server Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP5-2024-1340=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-1340=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-1340=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-1340=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-1340=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-1340=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-1340=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-1340=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-1340=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-1340=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-1340=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-1340=1 ## Package List: * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * pgadmin4-debuginfo-4.30-150300.3.12.1 * pgadmin4-4.30-150300.3.12.1 * openSUSE Leap 15.3 (noarch) * pgadmin4-web-4.30-150300.3.12.1 * pgadmin4-doc-4.30-150300.3.12.1 * pgadmin4-web-uwsgi-4.30-150300.3.12.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * pgadmin4-debuginfo-4.30-150300.3.12.1 * pgadmin4-4.30-150300.3.12.1 * openSUSE Leap 15.5 (noarch) * pgadmin4-web-4.30-150300.3.12.1 * pgadmin4-doc-4.30-150300.3.12.1 * pgadmin4-web-uwsgi-4.30-150300.3.12.1 * Server Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * pgadmin4-debuginfo-4.30-150300.3.12.1 * pgadmin4-4.30-150300.3.12.1 * Server Applications Module 15-SP5 (noarch) * pgadmin4-web-4.30-150300.3.12.1 * pgadmin4-doc-4.30-150300.3.12.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * pgadmin4-debuginfo-4.30-150300.3.12.1 * pgadmin4-4.30-150300.3.12.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * pgadmin4-web-4.30-150300.3.12.1 * pgadmin4-doc-4.30-150300.3.12.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * pgadmin4-debuginfo-4.30-150300.3.12.1 * pgadmin4-4.30-150300.3.12.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * pgadmin4-web-4.30-150300.3.12.1 * pgadmin4-doc-4.30-150300.3.12.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * pgadmin4-debuginfo-4.30-150300.3.12.1 * pgadmin4-4.30-150300.3.12.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * pgadmin4-web-4.30-150300.3.12.1 * pgadmin4-doc-4.30-150300.3.12.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * pgadmin4-debuginfo-4.30-150300.3.12.1 * pgadmin4-4.30-150300.3.12.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch) * pgadmin4-web-4.30-150300.3.12.1 * pgadmin4-doc-4.30-150300.3.12.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * pgadmin4-debuginfo-4.30-150300.3.12.1 * pgadmin4-4.30-150300.3.12.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch) * pgadmin4-web-4.30-150300.3.12.1 * pgadmin4-doc-4.30-150300.3.12.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * pgadmin4-debuginfo-4.30-150300.3.12.1 * pgadmin4-4.30-150300.3.12.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * pgadmin4-web-4.30-150300.3.12.1 * pgadmin4-doc-4.30-150300.3.12.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * pgadmin4-debuginfo-4.30-150300.3.12.1 * pgadmin4-4.30-150300.3.12.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * pgadmin4-web-4.30-150300.3.12.1 * pgadmin4-doc-4.30-150300.3.12.1 * SUSE Manager Proxy 4.3 (x86_64) * pgadmin4-debuginfo-4.30-150300.3.12.1 * pgadmin4-4.30-150300.3.12.1 * SUSE Manager Proxy 4.3 (noarch) * pgadmin4-web-4.30-150300.3.12.1 * pgadmin4-doc-4.30-150300.3.12.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * pgadmin4-debuginfo-4.30-150300.3.12.1 * pgadmin4-4.30-150300.3.12.1 * SUSE Manager Retail Branch Server 4.3 (noarch) * pgadmin4-web-4.30-150300.3.12.1 * pgadmin4-doc-4.30-150300.3.12.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * pgadmin4-debuginfo-4.30-150300.3.12.1 * pgadmin4-4.30-150300.3.12.1 * SUSE Manager Server 4.3 (noarch) * pgadmin4-web-4.30-150300.3.12.1 * pgadmin4-doc-4.30-150300.3.12.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * pgadmin4-debuginfo-4.30-150300.3.12.1 * pgadmin4-4.30-150300.3.12.1 * SUSE Enterprise Storage 7.1 (noarch) * pgadmin4-web-4.30-150300.3.12.1 * pgadmin4-doc-4.30-150300.3.12.1 ## References: * https://www.suse.com/security/cve/CVE-2024-2044.html * https://bugzilla.suse.com/show_bug.cgi?id=1221172 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Apr 18 20:30:04 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 18 Apr 2024 20:30:04 -0000 Subject: SUSE-SU-2024:1345-1: important: Security update for tomcat Message-ID: <171347220424.9154.16837683099223497175@smelt2.prg2.suse.org> # Security update for tomcat Announcement ID: SUSE-SU-2024:1345-1 Rating: important References: * bsc#1221385 * bsc#1221386 Cross-References: * CVE-2024-23672 * CVE-2024-24549 CVSS scores: * CVE-2024-23672 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-24549 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Development Tools Module 15-SP5 * openSUSE Leap 15.5 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Server 4.3 * SUSE Manager Server 4.3 Module 4.3 * SUSE Package Hub 15 15-SP5 * Web and Scripting Module 15-SP5 An update that solves two vulnerabilities can now be installed. ## Description: This update for tomcat fixes the following issues: * CVE-2024-24549: Fixed denial of service during header validation for HTTP/2 stream (bsc#1221386) * CVE-2024-23672: Fixed denial of service due to malicious WebSocket client keeping connection open (bsc#1221385) Other fixes: \- Update to Tomcat 9.0.87 * Catalina \+ Fix: Minor performance improvement for building filter chains. Based on ideas from #702 by Luke Miao. (remm) \+ Fix: Align error handling for Writer and OutputStream. Ensure use of either once the response has been recycled triggers a NullPointerException provided that discardFacades is configured with the default value of true. (markt) \+ Fix: 68692: The standard thread pool implementations that are configured using the Executor element now implement ExecutorService for better support NIO2. (remm) \+ Fix: 68495: When restoring a saved POST request after a successful FORM authentication, ensure that neither the URI, the query string nor the protocol are corrupted when restoring the request body. (markt) \+ Fix: 68721: Workaround a possible cause of duplicate class definitions when using ClassFileTransformers and the transformation of a class also triggers the loading of the same class. (markt) \+ Fix: The rewrite valve should not do a rewrite if the output is identical to the input. (remm) \+ Update: Add a new valveSkip (or VS) rule flag to the rewrite valve to allow skipping over the next valve in the Catalina pipeline. (remm) \+ Fix: Correct JPMS and OSGi meta-data for tomcat-enbed-core.jar by removing reference to org.apache.catalina.ssi package that is no longer included in the JAR. Based on pull request #684 by Jendrik Johannes. (markt) \+ Fix: Fix ServiceBindingPropertySource so that trailing \r\n sequences are correctly removed from files containing property values when configured to do so. Bug identified by Coverity Scan. (markt) \+ Add: Add improvements to the CSRF prevention filter including the ability to skip adding nonces for resource name and subtree URL patterns. (schultz) \+ Fix: Review usage of debug logging and downgrade trace or data dumping operations from debug level to trace. (remm) \+ Fix: 68089: Further improve the performance of request attribute access for ApplicationHttpRequest and ApplicationRequest. (markt) \+ Fix: 68559: Allow asynchronous error handling to write to the response after an error during asynchronous processing. (markt) * Coyote \+ Fix: Improve the HTTP/2 stream prioritisation process. If a stream uses all of the connection windows and still has content to write, it will now be added to the backlog immediately rather than waiting until the write attempt for the remaining content. (markt) \+ Fix: Make asynchronous error handling more robust. Ensure that once a connection is marked to be closed, further asynchronous processing cannot change that. (markt) \+ Fix: Make asynchronous error handling more robust. Ensure that once the call to AsyncListener.onError() has returned to the container, only container threads can access the AsyncContext. This protects against various race conditions that woudl otherwise occur if application threads continued to access the AsyncContext. \+ Fix: Review usage of debug logging and downgrade trace or data dumping operations from debug level to trace. In particular, most of the HTTP/2 debug logging has been changed to trace level. (remm) \+ Fix: Add support for user provided SSLContext instances configured on SSLHostConfigCertificate instances. Based on pull request #673 provided by Hakan Alt?nda?. (markt) \+ Fix: Improve the Tomcat Native shutdown process to reduce the likelihood of a JVM crash during Tomcat shutdown. (markt) \+ Fix: Partial fix for 68558: Cache the result of converting to String for request URI, HTTP header names and the request Content-Type value to improve performance by reducing repeated byte[] to String conversions. (markt) \+ Fix: Improve error reporting to HTTP/2 clients for header processing errors by reporting problems at the end of the frame where the error was detected rather than at the end of the headers. (markt) \+ Fix: Remove the remaining reference to a stream once the stream has been recycled. This makes the stream eligible for garbage collection earlier and thereby improves scalability. (markt) * Jasper \+ Add: Add support for specifying Java 22 (with the value 22) as the compiler source and/or compiler target for JSP compilation. If used with an Eclipse JDT compiler version that does not support these values, a warning will be logged and the default will used. (markt) \+ Fix: 68546: Generate optimal size and types for JSP imports maps, as suggested by John Engebretson. (remm) \+ Fix: Review usage of debug logging and downgrade trace or data dumping operations from debug level to trace. (remm) * Cluster \+ Fix: Avoid updating request count stats on async. (remm) * WebSocket \+ Fix: Correct a regression in the fix for 66508 that could cause an UpgradeProcessor leak in some circumstances. (markt) \+ Fix: Review usage of debug logging and downgrade trace or data dumping operations from debug level to trace. (remm) \+ Fix: Ensure that WebSocket connection closure completes if the connection is closed when the server side has used the proprietary suspend/resume feature to suspend the connection. (markt) * Web applications \+ Add: Add support for responses in JSON format from the examples application RequestHeaderExample. (schultz) * Other \+ Add: Improvements to French translations. (remm) \+ Add: Improvements to Japanese translations by tak7iji. (markt) \+ Update: Update Checkstyle to 10.13.0. (markt) \+ Update: Update JSign to 6.0. (markt) \+ Update: Add strings for debug level messages. (remm) \+ Update: Update Tomcat Native to 1.3.0. (markt) \+ Add: Improvements to French translations. (remm) \+ Add: Improvements to Japanese translations by tak7iji. (markt) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1345=1 * Development Tools Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2024-1345=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-1345=1 * SUSE Manager Server 4.3 Module 4.3 zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Server-4.3-2024-1345=1 * Web and Scripting Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Web-Scripting-15-SP5-2024-1345=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-1345=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-1345=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-1345=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-1345=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-1345=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-1345=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-1345=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-1345=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-1345=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-1345=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-1345=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-1345=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-1345=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * apache-commons-daemon-1.3.4-150200.11.14.1 * apache-commons-daemon-jsvc-debuginfo-1.3.4-150200.11.14.1 * apache-commons-daemon-jsvc-1.3.4-150200.11.14.1 * apache-commons-daemon-debugsource-1.3.4-150200.11.14.1 * openSUSE Leap 15.5 (noarch) * tomcat-jsp-2_3-api-9.0.87-150200.65.1 * geronimo-servlet-2_5-api-1.2-150200.15.8.1 * geronimo-j2ee-1_4-apis-1.2-150200.15.8.1 * geronimo-ws-metadata-2_0-api-1.2-150200.15.8.1 * jakarta-taglibs-standard-1.1.1-150000.4.10.1 * geronimo-j2ee-management-1_1-api-1.2-150200.15.8.1 * geronimo-javamail-1_3_1-api-1.2-150200.15.8.1 * geronimo-jsp-2_1-api-1.2-150200.15.8.1 * tomcat-servlet-4_0-api-9.0.87-150200.65.1 * geronimo-jaxr-1_0-api-1.2-150200.15.8.1 * geronimo-jaxrpc-1_1-api-1.2-150200.15.8.1 * tomcat-admin-webapps-9.0.87-150200.65.1 * geronimo-corba-1_0-apis-1.2-150200.15.8.1 * geronimo-jta-1_1-api-1.2-150200.15.8.1 * tomcat-docs-webapp-9.0.87-150200.65.1 * tomcat-el-3_0-api-9.0.87-150200.65.1 * geronimo-jacc-1_0-api-1.2-150200.15.8.1 * apache-commons-dbcp-2.1.1-150200.10.8.1 * geronimo-j2ee-management-1_0-api-1.2-150200.15.8.1 * apache-commons-pool2-2.4.2-150200.11.8.1 * geronimo-annotation-1_0-api-1.2-150200.15.8.1 * geronimo-j2ee-deployment-1_1-api-1.2-150200.15.8.1 * geronimo-saaj-1_1-api-1.2-150200.15.8.1 * geronimo-javaee-deployment-1_1-api-1.2-150200.15.8.1 * tomcat-webapps-9.0.87-150200.65.1 * geronimo-interceptor-3_0-api-1.2-150200.15.8.1 * geronimo-jsp-2_0-api-1.2-150200.15.8.1 * apache-commons-dbcp-javadoc-2.1.1-150200.10.8.1 * geronimo-commonj-1_1-apis-1.2-150200.15.8.1 * geronimo-stax-1_0-api-1.2-150200.15.8.1 * tomcat-9.0.87-150200.65.1 * geronimo-jta-1_0_1B-api-1.2-150200.15.8.1 * geronimo-ejb-3_0-api-1.2-150200.15.8.1 * geronimo-el-1_0-api-1.2-150200.15.8.1 * geronimo-j2ee-connector-1_5-api-1.2-150200.15.8.1 * tomcat-lib-9.0.87-150200.65.1 * apache-commons-daemon-javadoc-1.3.4-150200.11.14.1 * geronimo-corba-2_3-apis-1.2-150200.15.8.1 * tomcat-javadoc-9.0.87-150200.65.1 * geronimo-servlet-2_4-api-1.2-150200.15.8.1 * geronimo-javamail-1_4-api-1.2-150200.15.8.1 * geronimo-jaf-1_0_2-api-1.2-150200.15.8.1 * geronimo-jms-1_1-api-1.2-150200.15.8.1 * apache-commons-pool2-javadoc-2.4.2-150200.11.8.1 * geronimo-jaf-1_1-api-1.2-150200.15.8.1 * geronimo-ejb-2_1-api-1.2-150200.15.8.1 * tomcat-embed-9.0.87-150200.65.1 * geronimo-jacc-1_1-api-1.2-150200.15.8.1 * jakarta-taglibs-standard-javadoc-1.1.1-150000.4.10.1 * tomcat-jsvc-9.0.87-150200.65.1 * geronimo-qname-1_1-api-1.2-150200.15.8.1 * geronimo-jpa-3_0-api-1.2-150200.15.8.1 * Development Tools Module 15-SP5 (noarch) * geronimo-annotation-1_0-api-1.2-150200.15.8.1 * geronimo-jms-1_1-api-1.2-150200.15.8.1 * geronimo-stax-1_0-api-1.2-150200.15.8.1 * SUSE Package Hub 15 15-SP5 (noarch) * geronimo-j2ee-connector-1_5-api-1.2-150200.15.8.1 * geronimo-j2ee-1_4-apis-1.2-150200.15.8.1 * geronimo-servlet-2_4-api-1.2-150200.15.8.1 * geronimo-javamail-1_4-api-1.2-150200.15.8.1 * geronimo-jsp-2_0-api-1.2-150200.15.8.1 * geronimo-jms-1_1-api-1.2-150200.15.8.1 * geronimo-stax-1_0-api-1.2-150200.15.8.1 * geronimo-jaf-1_1-api-1.2-150200.15.8.1 * SUSE Manager Server 4.3 Module 4.3 (noarch) * geronimo-annotation-1_0-api-1.2-150200.15.8.1 * geronimo-stax-1_0-api-1.2-150200.15.8.1 * Web and Scripting Module 15-SP5 (aarch64 ppc64le s390x x86_64) * apache-commons-daemon-1.3.4-150200.11.14.1 * apache-commons-daemon-debugsource-1.3.4-150200.11.14.1 * Web and Scripting Module 15-SP5 (noarch) * apache-commons-pool2-2.4.2-150200.11.8.1 * tomcat-jsp-2_3-api-9.0.87-150200.65.1 * tomcat-lib-9.0.87-150200.65.1 * jakarta-taglibs-standard-1.1.1-150000.4.10.1 * tomcat-servlet-4_0-api-9.0.87-150200.65.1 * tomcat-webapps-9.0.87-150200.65.1 * tomcat-admin-webapps-9.0.87-150200.65.1 * geronimo-jta-1_1-api-1.2-150200.15.8.1 * tomcat-el-3_0-api-9.0.87-150200.65.1 * apache-commons-dbcp-2.1.1-150200.10.8.1 * tomcat-9.0.87-150200.65.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * apache-commons-daemon-1.3.4-150200.11.14.1 * apache-commons-daemon-debugsource-1.3.4-150200.11.14.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (noarch) * apache-commons-pool2-2.4.2-150200.11.8.1 * geronimo-annotation-1_0-api-1.2-150200.15.8.1 * tomcat-jsp-2_3-api-9.0.87-150200.65.1 * tomcat-lib-9.0.87-150200.65.1 * jakarta-taglibs-standard-1.1.1-150000.4.10.1 * tomcat-servlet-4_0-api-9.0.87-150200.65.1 * tomcat-webapps-9.0.87-150200.65.1 * geronimo-stax-1_0-api-1.2-150200.15.8.1 * tomcat-admin-webapps-9.0.87-150200.65.1 * geronimo-jta-1_1-api-1.2-150200.15.8.1 * tomcat-el-3_0-api-9.0.87-150200.65.1 * geronimo-jms-1_1-api-1.2-150200.15.8.1 * apache-commons-dbcp-2.1.1-150200.10.8.1 * tomcat-9.0.87-150200.65.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * apache-commons-daemon-1.3.4-150200.11.14.1 * apache-commons-daemon-debugsource-1.3.4-150200.11.14.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * apache-commons-pool2-2.4.2-150200.11.8.1 * geronimo-annotation-1_0-api-1.2-150200.15.8.1 * tomcat-jsp-2_3-api-9.0.87-150200.65.1 * tomcat-lib-9.0.87-150200.65.1 * jakarta-taglibs-standard-1.1.1-150000.4.10.1 * tomcat-servlet-4_0-api-9.0.87-150200.65.1 * tomcat-webapps-9.0.87-150200.65.1 * geronimo-stax-1_0-api-1.2-150200.15.8.1 * tomcat-admin-webapps-9.0.87-150200.65.1 * geronimo-jta-1_1-api-1.2-150200.15.8.1 * tomcat-el-3_0-api-9.0.87-150200.65.1 * geronimo-jms-1_1-api-1.2-150200.15.8.1 * apache-commons-dbcp-2.1.1-150200.10.8.1 * tomcat-9.0.87-150200.65.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * apache-commons-daemon-1.3.4-150200.11.14.1 * apache-commons-daemon-debugsource-1.3.4-150200.11.14.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * apache-commons-pool2-2.4.2-150200.11.8.1 * geronimo-annotation-1_0-api-1.2-150200.15.8.1 * tomcat-jsp-2_3-api-9.0.87-150200.65.1 * tomcat-lib-9.0.87-150200.65.1 * jakarta-taglibs-standard-1.1.1-150000.4.10.1 * tomcat-servlet-4_0-api-9.0.87-150200.65.1 * tomcat-webapps-9.0.87-150200.65.1 * geronimo-stax-1_0-api-1.2-150200.15.8.1 * tomcat-admin-webapps-9.0.87-150200.65.1 * geronimo-jta-1_1-api-1.2-150200.15.8.1 * tomcat-el-3_0-api-9.0.87-150200.65.1 * geronimo-jms-1_1-api-1.2-150200.15.8.1 * apache-commons-dbcp-2.1.1-150200.10.8.1 * tomcat-9.0.87-150200.65.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * apache-commons-daemon-1.3.4-150200.11.14.1 * apache-commons-daemon-debugsource-1.3.4-150200.11.14.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * apache-commons-pool2-2.4.2-150200.11.8.1 * geronimo-annotation-1_0-api-1.2-150200.15.8.1 * tomcat-jsp-2_3-api-9.0.87-150200.65.1 * tomcat-lib-9.0.87-150200.65.1 * jakarta-taglibs-standard-1.1.1-150000.4.10.1 * tomcat-servlet-4_0-api-9.0.87-150200.65.1 * tomcat-webapps-9.0.87-150200.65.1 * geronimo-stax-1_0-api-1.2-150200.15.8.1 * tomcat-admin-webapps-9.0.87-150200.65.1 * geronimo-jta-1_1-api-1.2-150200.15.8.1 * tomcat-el-3_0-api-9.0.87-150200.65.1 * geronimo-jms-1_1-api-1.2-150200.15.8.1 * apache-commons-dbcp-2.1.1-150200.10.8.1 * tomcat-9.0.87-150200.65.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (noarch) * geronimo-annotation-1_0-api-1.2-150200.15.8.1 * geronimo-jms-1_1-api-1.2-150200.15.8.1 * geronimo-stax-1_0-api-1.2-150200.15.8.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * apache-commons-daemon-1.3.4-150200.11.14.1 * apache-commons-daemon-debugsource-1.3.4-150200.11.14.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (noarch) * apache-commons-pool2-2.4.2-150200.11.8.1 * geronimo-annotation-1_0-api-1.2-150200.15.8.1 * tomcat-jsp-2_3-api-9.0.87-150200.65.1 * tomcat-lib-9.0.87-150200.65.1 * jakarta-taglibs-standard-1.1.1-150000.4.10.1 * tomcat-servlet-4_0-api-9.0.87-150200.65.1 * tomcat-webapps-9.0.87-150200.65.1 * geronimo-stax-1_0-api-1.2-150200.15.8.1 * tomcat-admin-webapps-9.0.87-150200.65.1 * geronimo-jta-1_1-api-1.2-150200.15.8.1 * tomcat-el-3_0-api-9.0.87-150200.65.1 * geronimo-jms-1_1-api-1.2-150200.15.8.1 * apache-commons-dbcp-2.1.1-150200.10.8.1 * tomcat-9.0.87-150200.65.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * apache-commons-daemon-1.3.4-150200.11.14.1 * apache-commons-daemon-debugsource-1.3.4-150200.11.14.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch) * apache-commons-pool2-2.4.2-150200.11.8.1 * geronimo-annotation-1_0-api-1.2-150200.15.8.1 * tomcat-jsp-2_3-api-9.0.87-150200.65.1 * tomcat-lib-9.0.87-150200.65.1 * jakarta-taglibs-standard-1.1.1-150000.4.10.1 * tomcat-servlet-4_0-api-9.0.87-150200.65.1 * tomcat-webapps-9.0.87-150200.65.1 * geronimo-stax-1_0-api-1.2-150200.15.8.1 * tomcat-admin-webapps-9.0.87-150200.65.1 * geronimo-jta-1_1-api-1.2-150200.15.8.1 * tomcat-el-3_0-api-9.0.87-150200.65.1 * geronimo-jms-1_1-api-1.2-150200.15.8.1 * apache-commons-dbcp-2.1.1-150200.10.8.1 * tomcat-9.0.87-150200.65.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * apache-commons-daemon-1.3.4-150200.11.14.1 * apache-commons-daemon-debugsource-1.3.4-150200.11.14.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch) * apache-commons-pool2-2.4.2-150200.11.8.1 * geronimo-annotation-1_0-api-1.2-150200.15.8.1 * tomcat-jsp-2_3-api-9.0.87-150200.65.1 * tomcat-lib-9.0.87-150200.65.1 * jakarta-taglibs-standard-1.1.1-150000.4.10.1 * tomcat-servlet-4_0-api-9.0.87-150200.65.1 * tomcat-webapps-9.0.87-150200.65.1 * geronimo-stax-1_0-api-1.2-150200.15.8.1 * tomcat-admin-webapps-9.0.87-150200.65.1 * geronimo-jta-1_1-api-1.2-150200.15.8.1 * tomcat-el-3_0-api-9.0.87-150200.65.1 * geronimo-jms-1_1-api-1.2-150200.15.8.1 * apache-commons-dbcp-2.1.1-150200.10.8.1 * tomcat-9.0.87-150200.65.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * apache-commons-daemon-1.3.4-150200.11.14.1 * apache-commons-daemon-debugsource-1.3.4-150200.11.14.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (noarch) * apache-commons-pool2-2.4.2-150200.11.8.1 * geronimo-annotation-1_0-api-1.2-150200.15.8.1 * tomcat-jsp-2_3-api-9.0.87-150200.65.1 * tomcat-lib-9.0.87-150200.65.1 * jakarta-taglibs-standard-1.1.1-150000.4.10.1 * tomcat-servlet-4_0-api-9.0.87-150200.65.1 * tomcat-webapps-9.0.87-150200.65.1 * geronimo-stax-1_0-api-1.2-150200.15.8.1 * tomcat-admin-webapps-9.0.87-150200.65.1 * geronimo-jta-1_1-api-1.2-150200.15.8.1 * tomcat-el-3_0-api-9.0.87-150200.65.1 * geronimo-jms-1_1-api-1.2-150200.15.8.1 * apache-commons-dbcp-2.1.1-150200.10.8.1 * tomcat-9.0.87-150200.65.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * apache-commons-daemon-1.3.4-150200.11.14.1 * apache-commons-daemon-debugsource-1.3.4-150200.11.14.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * apache-commons-pool2-2.4.2-150200.11.8.1 * geronimo-annotation-1_0-api-1.2-150200.15.8.1 * tomcat-jsp-2_3-api-9.0.87-150200.65.1 * tomcat-lib-9.0.87-150200.65.1 * jakarta-taglibs-standard-1.1.1-150000.4.10.1 * tomcat-servlet-4_0-api-9.0.87-150200.65.1 * tomcat-webapps-9.0.87-150200.65.1 * geronimo-stax-1_0-api-1.2-150200.15.8.1 * tomcat-admin-webapps-9.0.87-150200.65.1 * geronimo-jta-1_1-api-1.2-150200.15.8.1 * tomcat-el-3_0-api-9.0.87-150200.65.1 * geronimo-jms-1_1-api-1.2-150200.15.8.1 * apache-commons-dbcp-2.1.1-150200.10.8.1 * tomcat-9.0.87-150200.65.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * apache-commons-daemon-1.3.4-150200.11.14.1 * apache-commons-daemon-debugsource-1.3.4-150200.11.14.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * apache-commons-pool2-2.4.2-150200.11.8.1 * geronimo-annotation-1_0-api-1.2-150200.15.8.1 * tomcat-jsp-2_3-api-9.0.87-150200.65.1 * tomcat-lib-9.0.87-150200.65.1 * jakarta-taglibs-standard-1.1.1-150000.4.10.1 * tomcat-servlet-4_0-api-9.0.87-150200.65.1 * tomcat-webapps-9.0.87-150200.65.1 * geronimo-stax-1_0-api-1.2-150200.15.8.1 * tomcat-admin-webapps-9.0.87-150200.65.1 * geronimo-jta-1_1-api-1.2-150200.15.8.1 * tomcat-el-3_0-api-9.0.87-150200.65.1 * geronimo-jms-1_1-api-1.2-150200.15.8.1 * apache-commons-dbcp-2.1.1-150200.10.8.1 * tomcat-9.0.87-150200.65.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * apache-commons-daemon-1.3.4-150200.11.14.1 * apache-commons-daemon-debugsource-1.3.4-150200.11.14.1 * SUSE Manager Server 4.3 (noarch) * apache-commons-pool2-2.4.2-150200.11.8.1 * tomcat-jsp-2_3-api-9.0.87-150200.65.1 * tomcat-lib-9.0.87-150200.65.1 * jakarta-taglibs-standard-1.1.1-150000.4.10.1 * tomcat-servlet-4_0-api-9.0.87-150200.65.1 * tomcat-webapps-9.0.87-150200.65.1 * tomcat-admin-webapps-9.0.87-150200.65.1 * geronimo-jta-1_1-api-1.2-150200.15.8.1 * tomcat-el-3_0-api-9.0.87-150200.65.1 * apache-commons-dbcp-2.1.1-150200.10.8.1 * tomcat-9.0.87-150200.65.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * apache-commons-daemon-1.3.4-150200.11.14.1 * apache-commons-daemon-debugsource-1.3.4-150200.11.14.1 * SUSE Enterprise Storage 7.1 (noarch) * apache-commons-pool2-2.4.2-150200.11.8.1 * geronimo-annotation-1_0-api-1.2-150200.15.8.1 * tomcat-jsp-2_3-api-9.0.87-150200.65.1 * tomcat-lib-9.0.87-150200.65.1 * jakarta-taglibs-standard-1.1.1-150000.4.10.1 * tomcat-servlet-4_0-api-9.0.87-150200.65.1 * tomcat-webapps-9.0.87-150200.65.1 * geronimo-stax-1_0-api-1.2-150200.15.8.1 * tomcat-admin-webapps-9.0.87-150200.65.1 * geronimo-jta-1_1-api-1.2-150200.15.8.1 * tomcat-el-3_0-api-9.0.87-150200.65.1 * geronimo-jms-1_1-api-1.2-150200.15.8.1 * apache-commons-dbcp-2.1.1-150200.10.8.1 * tomcat-9.0.87-150200.65.1 ## References: * https://www.suse.com/security/cve/CVE-2024-23672.html * https://www.suse.com/security/cve/CVE-2024-24549.html * https://bugzilla.suse.com/show_bug.cgi?id=1221385 * https://bugzilla.suse.com/show_bug.cgi?id=1221386 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Apr 19 12:30:04 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 19 Apr 2024 12:30:04 -0000 Subject: SUSE-SU-2024:1351-1: low: Security update for graphviz Message-ID: <171352980487.6167.2253088046909639932@smelt2.prg2.suse.org> # Security update for graphviz Announcement ID: SUSE-SU-2024:1351-1 Rating: low References: * bsc#1219491 Cross-References: * CVE-2023-46045 CVSS scores: * CVE-2023-46045 ( SUSE ): 3.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:L * CVE-2023-46045 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP5 * Development Tools Module 15-SP5 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * Server Applications Module 15-SP5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Availability Extension 15 SP4 * SUSE Linux Enterprise High Availability Extension 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 * SUSE Package Hub 15 15-SP5 An update that solves one vulnerability can now be installed. ## Description: This update for graphviz fixes the following issues: * CVE-2023-46045: Fixed out-of-bounds read via a crafted config6a file (bsc#1219491) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-1351=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1351=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-1351=1 * Development Tools Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2024-1351=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-1351=1 * Server Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP5-2024-1351=1 * SUSE Linux Enterprise High Availability Extension 15 SP4 zypper in -t patch SUSE-SLE-Product-HA-15-SP4-2024-1351=1 * SUSE Linux Enterprise High Availability Extension 15 SP5 zypper in -t patch SUSE-SLE-Product-HA-15-SP5-2024-1351=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * python3-gv-2.48.0-150400.3.3.1 * graphviz-lua-2.48.0-150400.3.3.1 * graphviz-addons-debuginfo-2.48.0-150400.3.3.1 * graphviz-gd-debuginfo-2.48.0-150400.3.3.1 * graphviz-tcl-2.48.0-150400.3.3.1 * graphviz-php-debuginfo-2.48.0-150400.3.3.1 * graphviz-lua-debuginfo-2.48.0-150400.3.3.1 * libgraphviz6-2.48.0-150400.3.3.1 * graphviz-guile-2.48.0-150400.3.3.1 * graphviz-webp-debuginfo-2.48.0-150400.3.3.1 * graphviz-gnome-2.48.0-150400.3.3.1 * graphviz-tcl-debuginfo-2.48.0-150400.3.3.1 * graphviz-guile-debuginfo-2.48.0-150400.3.3.1 * graphviz-webp-2.48.0-150400.3.3.1 * graphviz-java-debuginfo-2.48.0-150400.3.3.1 * graphviz-perl-debuginfo-2.48.0-150400.3.3.1 * graphviz-gvedit-2.48.0-150400.3.3.1 * graphviz-java-2.48.0-150400.3.3.1 * graphviz-devel-2.48.0-150400.3.3.1 * graphviz-doc-2.48.0-150400.3.3.1 * graphviz-plugins-core-2.48.0-150400.3.3.1 * graphviz-x11-2.48.0-150400.3.3.1 * graphviz-debugsource-2.48.0-150400.3.3.1 * graphviz-gd-2.48.0-150400.3.3.1 * graphviz-2.48.0-150400.3.3.1 * graphviz-ruby-2.48.0-150400.3.3.1 * graphviz-smyrna-2.48.0-150400.3.3.1 * libgraphviz6-debuginfo-2.48.0-150400.3.3.1 * graphviz-debuginfo-2.48.0-150400.3.3.1 * graphviz-plugins-core-debuginfo-2.48.0-150400.3.3.1 * graphviz-php-2.48.0-150400.3.3.1 * graphviz-addons-debugsource-2.48.0-150400.3.3.1 * graphviz-gvedit-debuginfo-2.48.0-150400.3.3.1 * graphviz-gnome-debuginfo-2.48.0-150400.3.3.1 * python3-gv-debuginfo-2.48.0-150400.3.3.1 * graphviz-x11-debuginfo-2.48.0-150400.3.3.1 * graphviz-smyrna-debuginfo-2.48.0-150400.3.3.1 * graphviz-perl-2.48.0-150400.3.3.1 * graphviz-ruby-debuginfo-2.48.0-150400.3.3.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * python3-gv-2.48.0-150400.3.3.1 * graphviz-lua-2.48.0-150400.3.3.1 * graphviz-addons-debuginfo-2.48.0-150400.3.3.1 * graphviz-gd-debuginfo-2.48.0-150400.3.3.1 * graphviz-tcl-2.48.0-150400.3.3.1 * graphviz-php-debuginfo-2.48.0-150400.3.3.1 * graphviz-lua-debuginfo-2.48.0-150400.3.3.1 * libgraphviz6-2.48.0-150400.3.3.1 * graphviz-guile-2.48.0-150400.3.3.1 * graphviz-webp-debuginfo-2.48.0-150400.3.3.1 * graphviz-gnome-2.48.0-150400.3.3.1 * graphviz-tcl-debuginfo-2.48.0-150400.3.3.1 * graphviz-guile-debuginfo-2.48.0-150400.3.3.1 * graphviz-webp-2.48.0-150400.3.3.1 * graphviz-java-debuginfo-2.48.0-150400.3.3.1 * graphviz-perl-debuginfo-2.48.0-150400.3.3.1 * graphviz-gvedit-2.48.0-150400.3.3.1 * graphviz-java-2.48.0-150400.3.3.1 * graphviz-devel-2.48.0-150400.3.3.1 * graphviz-doc-2.48.0-150400.3.3.1 * graphviz-plugins-core-2.48.0-150400.3.3.1 * graphviz-x11-2.48.0-150400.3.3.1 * graphviz-debugsource-2.48.0-150400.3.3.1 * graphviz-gd-2.48.0-150400.3.3.1 * graphviz-2.48.0-150400.3.3.1 * graphviz-ruby-2.48.0-150400.3.3.1 * graphviz-smyrna-2.48.0-150400.3.3.1 * libgraphviz6-debuginfo-2.48.0-150400.3.3.1 * graphviz-debuginfo-2.48.0-150400.3.3.1 * graphviz-plugins-core-debuginfo-2.48.0-150400.3.3.1 * graphviz-php-2.48.0-150400.3.3.1 * graphviz-addons-debugsource-2.48.0-150400.3.3.1 * graphviz-gvedit-debuginfo-2.48.0-150400.3.3.1 * graphviz-gnome-debuginfo-2.48.0-150400.3.3.1 * python3-gv-debuginfo-2.48.0-150400.3.3.1 * graphviz-x11-debuginfo-2.48.0-150400.3.3.1 * graphviz-smyrna-debuginfo-2.48.0-150400.3.3.1 * graphviz-perl-2.48.0-150400.3.3.1 * graphviz-ruby-debuginfo-2.48.0-150400.3.3.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * libgraphviz6-debuginfo-2.48.0-150400.3.3.1 * graphviz-devel-2.48.0-150400.3.3.1 * graphviz-plugins-core-2.48.0-150400.3.3.1 * graphviz-debugsource-2.48.0-150400.3.3.1 * graphviz-debuginfo-2.48.0-150400.3.3.1 * graphviz-plugins-core-debuginfo-2.48.0-150400.3.3.1 * graphviz-2.48.0-150400.3.3.1 * libgraphviz6-2.48.0-150400.3.3.1 * Development Tools Module 15-SP5 (aarch64 ppc64le s390x x86_64) * graphviz-perl-2.48.0-150400.3.3.1 * graphviz-addons-debuginfo-2.48.0-150400.3.3.1 * graphviz-perl-debuginfo-2.48.0-150400.3.3.1 * graphviz-addons-debugsource-2.48.0-150400.3.3.1 * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x x86_64) * graphviz-gnome-debuginfo-2.48.0-150400.3.3.1 * graphviz-addons-debuginfo-2.48.0-150400.3.3.1 * graphviz-gnome-2.48.0-150400.3.3.1 * graphviz-addons-debugsource-2.48.0-150400.3.3.1 * Server Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * graphviz-addons-debuginfo-2.48.0-150400.3.3.1 * graphviz-tcl-debuginfo-2.48.0-150400.3.3.1 * graphviz-addons-debugsource-2.48.0-150400.3.3.1 * graphviz-tcl-2.48.0-150400.3.3.1 * SUSE Linux Enterprise High Availability Extension 15 SP4 (aarch64 ppc64le s390x x86_64) * python3-gv-2.48.0-150400.3.3.1 * graphviz-addons-debuginfo-2.48.0-150400.3.3.1 * graphviz-gd-debuginfo-2.48.0-150400.3.3.1 * python3-gv-debuginfo-2.48.0-150400.3.3.1 * graphviz-gd-2.48.0-150400.3.3.1 * graphviz-addons-debugsource-2.48.0-150400.3.3.1 * SUSE Linux Enterprise High Availability Extension 15 SP5 (aarch64 ppc64le s390x x86_64) * python3-gv-2.48.0-150400.3.3.1 * graphviz-addons-debuginfo-2.48.0-150400.3.3.1 * graphviz-gd-debuginfo-2.48.0-150400.3.3.1 * python3-gv-debuginfo-2.48.0-150400.3.3.1 * graphviz-gd-2.48.0-150400.3.3.1 * graphviz-addons-debugsource-2.48.0-150400.3.3.1 ## References: * https://www.suse.com/security/cve/CVE-2023-46045.html * https://bugzilla.suse.com/show_bug.cgi?id=1219491 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Apr 19 12:30:08 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 19 Apr 2024 12:30:08 -0000 Subject: SUSE-SU-2024:1350-1: important: Security update for MozillaFirefox Message-ID: <171352980806.6167.13132521073414520383@smelt2.prg2.suse.org> # Security update for MozillaFirefox Announcement ID: SUSE-SU-2024:1350-1 Rating: important References: * bsc#1222535 Cross-References: * CVE-2024-2609 * CVE-2024-3302 * CVE-2024-3852 * CVE-2024-3854 * CVE-2024-3857 * CVE-2024-3859 * CVE-2024-3861 * CVE-2024-3863 * CVE-2024-3864 CVSS scores: * CVE-2024-2609 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N Affected Products: * Desktop Applications Module 15-SP5 * openSUSE Leap 15.5 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves nine vulnerabilities can now be installed. ## Description: This update for MozillaFirefox fixes the following issues: Update to Firefox Extended Support Release 115.10.0 ESR (MSFA 2024-19) (bsc#1222535): * CVE-2024-3852: GetBoundName in the JIT returned the wrong object * CVE-2024-3854: Out-of-bounds-read after mis-optimized switch statement * CVE-2024-3857: Incorrect JITting of arguments led to use-after-free during garbage collection * CVE-2024-2609: Permission prompt input delay could expire when not in focus * CVE-2024-3859: Integer-overflow led to out-of-bounds-read in the OpenType sanitizer * CVE-2024-3861: Potential use-after-free due to AlignedBuffer self-move * CVE-2024-3863: Download Protections were bypassed by .xrm-ms files on Windows * CVE-2024-3302: Denial of Service using HTTP/2 CONTINUATION frames * CVE-2024-3864: Memory safety bug fixed in Firefox 125, Firefox ESR 115.10, and Thunderbird 115.10 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-1350=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-1350=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-1350=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-1350=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-1350=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-1350=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1350=1 * Desktop Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP5-2024-1350=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-1350=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-1350=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-1350=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-1350=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-1350=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-1350=1 ## Package List: * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * MozillaFirefox-115.10.0-150200.152.134.1 * MozillaFirefox-translations-other-115.10.0-150200.152.134.1 * MozillaFirefox-translations-common-115.10.0-150200.152.134.1 * MozillaFirefox-debuginfo-115.10.0-150200.152.134.1 * MozillaFirefox-debugsource-115.10.0-150200.152.134.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch) * MozillaFirefox-devel-115.10.0-150200.152.134.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * MozillaFirefox-115.10.0-150200.152.134.1 * MozillaFirefox-translations-other-115.10.0-150200.152.134.1 * MozillaFirefox-translations-common-115.10.0-150200.152.134.1 * MozillaFirefox-debuginfo-115.10.0-150200.152.134.1 * MozillaFirefox-debugsource-115.10.0-150200.152.134.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch) * MozillaFirefox-devel-115.10.0-150200.152.134.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * MozillaFirefox-115.10.0-150200.152.134.1 * MozillaFirefox-translations-other-115.10.0-150200.152.134.1 * MozillaFirefox-translations-common-115.10.0-150200.152.134.1 * MozillaFirefox-debuginfo-115.10.0-150200.152.134.1 * MozillaFirefox-debugsource-115.10.0-150200.152.134.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (noarch) * MozillaFirefox-devel-115.10.0-150200.152.134.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * MozillaFirefox-115.10.0-150200.152.134.1 * MozillaFirefox-translations-other-115.10.0-150200.152.134.1 * MozillaFirefox-translations-common-115.10.0-150200.152.134.1 * MozillaFirefox-debuginfo-115.10.0-150200.152.134.1 * MozillaFirefox-debugsource-115.10.0-150200.152.134.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * MozillaFirefox-devel-115.10.0-150200.152.134.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * MozillaFirefox-115.10.0-150200.152.134.1 * MozillaFirefox-translations-other-115.10.0-150200.152.134.1 * MozillaFirefox-translations-common-115.10.0-150200.152.134.1 * MozillaFirefox-debuginfo-115.10.0-150200.152.134.1 * MozillaFirefox-debugsource-115.10.0-150200.152.134.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * MozillaFirefox-devel-115.10.0-150200.152.134.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * MozillaFirefox-115.10.0-150200.152.134.1 * MozillaFirefox-translations-other-115.10.0-150200.152.134.1 * MozillaFirefox-translations-common-115.10.0-150200.152.134.1 * MozillaFirefox-debuginfo-115.10.0-150200.152.134.1 * MozillaFirefox-debugsource-115.10.0-150200.152.134.1 * SUSE Enterprise Storage 7.1 (noarch) * MozillaFirefox-devel-115.10.0-150200.152.134.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * MozillaFirefox-115.10.0-150200.152.134.1 * MozillaFirefox-translations-other-115.10.0-150200.152.134.1 * MozillaFirefox-translations-common-115.10.0-150200.152.134.1 * MozillaFirefox-debuginfo-115.10.0-150200.152.134.1 * MozillaFirefox-branding-upstream-115.10.0-150200.152.134.1 * MozillaFirefox-debugsource-115.10.0-150200.152.134.1 * openSUSE Leap 15.5 (noarch) * MozillaFirefox-devel-115.10.0-150200.152.134.1 * Desktop Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * MozillaFirefox-115.10.0-150200.152.134.1 * MozillaFirefox-translations-other-115.10.0-150200.152.134.1 * MozillaFirefox-translations-common-115.10.0-150200.152.134.1 * MozillaFirefox-debuginfo-115.10.0-150200.152.134.1 * MozillaFirefox-debugsource-115.10.0-150200.152.134.1 * Desktop Applications Module 15-SP5 (noarch) * MozillaFirefox-devel-115.10.0-150200.152.134.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * MozillaFirefox-115.10.0-150200.152.134.1 * MozillaFirefox-translations-other-115.10.0-150200.152.134.1 * MozillaFirefox-translations-common-115.10.0-150200.152.134.1 * MozillaFirefox-debuginfo-115.10.0-150200.152.134.1 * MozillaFirefox-debugsource-115.10.0-150200.152.134.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (noarch) * MozillaFirefox-devel-115.10.0-150200.152.134.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * MozillaFirefox-115.10.0-150200.152.134.1 * MozillaFirefox-translations-other-115.10.0-150200.152.134.1 * MozillaFirefox-translations-common-115.10.0-150200.152.134.1 * MozillaFirefox-debuginfo-115.10.0-150200.152.134.1 * MozillaFirefox-debugsource-115.10.0-150200.152.134.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * MozillaFirefox-devel-115.10.0-150200.152.134.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * MozillaFirefox-115.10.0-150200.152.134.1 * MozillaFirefox-translations-other-115.10.0-150200.152.134.1 * MozillaFirefox-translations-common-115.10.0-150200.152.134.1 * MozillaFirefox-debuginfo-115.10.0-150200.152.134.1 * MozillaFirefox-debugsource-115.10.0-150200.152.134.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * MozillaFirefox-devel-115.10.0-150200.152.134.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * MozillaFirefox-115.10.0-150200.152.134.1 * MozillaFirefox-translations-other-115.10.0-150200.152.134.1 * MozillaFirefox-translations-common-115.10.0-150200.152.134.1 * MozillaFirefox-debuginfo-115.10.0-150200.152.134.1 * MozillaFirefox-debugsource-115.10.0-150200.152.134.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * MozillaFirefox-devel-115.10.0-150200.152.134.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * MozillaFirefox-115.10.0-150200.152.134.1 * MozillaFirefox-translations-other-115.10.0-150200.152.134.1 * MozillaFirefox-translations-common-115.10.0-150200.152.134.1 * MozillaFirefox-debuginfo-115.10.0-150200.152.134.1 * MozillaFirefox-debugsource-115.10.0-150200.152.134.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (noarch) * MozillaFirefox-devel-115.10.0-150200.152.134.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * MozillaFirefox-115.10.0-150200.152.134.1 * MozillaFirefox-translations-other-115.10.0-150200.152.134.1 * MozillaFirefox-translations-common-115.10.0-150200.152.134.1 * MozillaFirefox-debuginfo-115.10.0-150200.152.134.1 * MozillaFirefox-debugsource-115.10.0-150200.152.134.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (noarch) * MozillaFirefox-devel-115.10.0-150200.152.134.1 ## References: * https://www.suse.com/security/cve/CVE-2024-2609.html * https://www.suse.com/security/cve/CVE-2024-3302.html * https://www.suse.com/security/cve/CVE-2024-3852.html * https://www.suse.com/security/cve/CVE-2024-3854.html * https://www.suse.com/security/cve/CVE-2024-3857.html * https://www.suse.com/security/cve/CVE-2024-3859.html * https://www.suse.com/security/cve/CVE-2024-3861.html * https://www.suse.com/security/cve/CVE-2024-3863.html * https://www.suse.com/security/cve/CVE-2024-3864.html * https://bugzilla.suse.com/show_bug.cgi?id=1222535 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Apr 19 12:30:22 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 19 Apr 2024 12:30:22 -0000 Subject: SUSE-SU-2024:1347-1: important: Security update for wireshark Message-ID: <171352982263.6167.15136538054474202438@smelt2.prg2.suse.org> # Security update for wireshark Announcement ID: SUSE-SU-2024:1347-1 Rating: important References: * bsc#1220181 Cross-References: * CVE-2024-24476 CVSS scores: * CVE-2024-24476 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP5 * Desktop Applications Module 15-SP5 * openSUSE Leap 15.5 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for wireshark fixes the following issues: Security fixes: * CVE-2024-24476: Fixed a denial of service in ws_manuf_lookup_str() (bsc#1220181) Other fixes: * Wireshark 3.6.22: * Further features, bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-3.6.22.html ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1347=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-1347=1 * Desktop Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP5-2024-1347=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-1347=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-1347=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-1347=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-1347=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-1347=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-1347=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-1347=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-1347=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-1347=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-1347=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-1347=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-1347=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-1347=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-1347=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-1347=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * wireshark-debugsource-3.6.22-150000.3.112.1 * libwiretap12-debuginfo-3.6.22-150000.3.112.1 * wireshark-ui-qt-3.6.22-150000.3.112.1 * wireshark-debuginfo-3.6.22-150000.3.112.1 * libwsutil13-3.6.22-150000.3.112.1 * wireshark-devel-3.6.22-150000.3.112.1 * libwireshark15-3.6.22-150000.3.112.1 * libwireshark15-debuginfo-3.6.22-150000.3.112.1 * wireshark-ui-qt-debuginfo-3.6.22-150000.3.112.1 * wireshark-3.6.22-150000.3.112.1 * libwsutil13-debuginfo-3.6.22-150000.3.112.1 * libwiretap12-3.6.22-150000.3.112.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * wireshark-debugsource-3.6.22-150000.3.112.1 * libwiretap12-debuginfo-3.6.22-150000.3.112.1 * wireshark-debuginfo-3.6.22-150000.3.112.1 * libwsutil13-3.6.22-150000.3.112.1 * libwireshark15-3.6.22-150000.3.112.1 * libwireshark15-debuginfo-3.6.22-150000.3.112.1 * wireshark-3.6.22-150000.3.112.1 * libwsutil13-debuginfo-3.6.22-150000.3.112.1 * libwiretap12-3.6.22-150000.3.112.1 * Desktop Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * wireshark-debugsource-3.6.22-150000.3.112.1 * wireshark-ui-qt-3.6.22-150000.3.112.1 * wireshark-debuginfo-3.6.22-150000.3.112.1 * wireshark-devel-3.6.22-150000.3.112.1 * wireshark-ui-qt-debuginfo-3.6.22-150000.3.112.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * wireshark-debugsource-3.6.22-150000.3.112.1 * libwiretap12-debuginfo-3.6.22-150000.3.112.1 * wireshark-ui-qt-3.6.22-150000.3.112.1 * wireshark-debuginfo-3.6.22-150000.3.112.1 * libwsutil13-3.6.22-150000.3.112.1 * wireshark-devel-3.6.22-150000.3.112.1 * libwireshark15-3.6.22-150000.3.112.1 * libwireshark15-debuginfo-3.6.22-150000.3.112.1 * wireshark-ui-qt-debuginfo-3.6.22-150000.3.112.1 * wireshark-3.6.22-150000.3.112.1 * libwsutil13-debuginfo-3.6.22-150000.3.112.1 * libwiretap12-3.6.22-150000.3.112.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * wireshark-debugsource-3.6.22-150000.3.112.1 * libwiretap12-debuginfo-3.6.22-150000.3.112.1 * wireshark-ui-qt-3.6.22-150000.3.112.1 * wireshark-debuginfo-3.6.22-150000.3.112.1 * libwsutil13-3.6.22-150000.3.112.1 * wireshark-devel-3.6.22-150000.3.112.1 * libwireshark15-3.6.22-150000.3.112.1 * libwireshark15-debuginfo-3.6.22-150000.3.112.1 * wireshark-ui-qt-debuginfo-3.6.22-150000.3.112.1 * wireshark-3.6.22-150000.3.112.1 * libwsutil13-debuginfo-3.6.22-150000.3.112.1 * libwiretap12-3.6.22-150000.3.112.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * wireshark-debugsource-3.6.22-150000.3.112.1 * libwiretap12-debuginfo-3.6.22-150000.3.112.1 * wireshark-ui-qt-3.6.22-150000.3.112.1 * wireshark-debuginfo-3.6.22-150000.3.112.1 * libwsutil13-3.6.22-150000.3.112.1 * wireshark-devel-3.6.22-150000.3.112.1 * libwireshark15-3.6.22-150000.3.112.1 * libwireshark15-debuginfo-3.6.22-150000.3.112.1 * wireshark-ui-qt-debuginfo-3.6.22-150000.3.112.1 * wireshark-3.6.22-150000.3.112.1 * libwsutil13-debuginfo-3.6.22-150000.3.112.1 * libwiretap12-3.6.22-150000.3.112.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * wireshark-debugsource-3.6.22-150000.3.112.1 * libwiretap12-debuginfo-3.6.22-150000.3.112.1 * wireshark-ui-qt-3.6.22-150000.3.112.1 * wireshark-debuginfo-3.6.22-150000.3.112.1 * libwsutil13-3.6.22-150000.3.112.1 * wireshark-devel-3.6.22-150000.3.112.1 * libwireshark15-3.6.22-150000.3.112.1 * libwireshark15-debuginfo-3.6.22-150000.3.112.1 * wireshark-ui-qt-debuginfo-3.6.22-150000.3.112.1 * wireshark-3.6.22-150000.3.112.1 * libwsutil13-debuginfo-3.6.22-150000.3.112.1 * libwiretap12-3.6.22-150000.3.112.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * wireshark-debugsource-3.6.22-150000.3.112.1 * libwiretap12-debuginfo-3.6.22-150000.3.112.1 * wireshark-ui-qt-3.6.22-150000.3.112.1 * wireshark-debuginfo-3.6.22-150000.3.112.1 * libwsutil13-3.6.22-150000.3.112.1 * wireshark-devel-3.6.22-150000.3.112.1 * libwireshark15-3.6.22-150000.3.112.1 * libwireshark15-debuginfo-3.6.22-150000.3.112.1 * wireshark-ui-qt-debuginfo-3.6.22-150000.3.112.1 * wireshark-3.6.22-150000.3.112.1 * libwsutil13-debuginfo-3.6.22-150000.3.112.1 * libwiretap12-3.6.22-150000.3.112.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * wireshark-debugsource-3.6.22-150000.3.112.1 * libwiretap12-debuginfo-3.6.22-150000.3.112.1 * wireshark-ui-qt-3.6.22-150000.3.112.1 * wireshark-debuginfo-3.6.22-150000.3.112.1 * libwsutil13-3.6.22-150000.3.112.1 * wireshark-devel-3.6.22-150000.3.112.1 * libwireshark15-3.6.22-150000.3.112.1 * libwireshark15-debuginfo-3.6.22-150000.3.112.1 * wireshark-ui-qt-debuginfo-3.6.22-150000.3.112.1 * wireshark-3.6.22-150000.3.112.1 * libwsutil13-debuginfo-3.6.22-150000.3.112.1 * libwiretap12-3.6.22-150000.3.112.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * wireshark-debugsource-3.6.22-150000.3.112.1 * libwiretap12-debuginfo-3.6.22-150000.3.112.1 * wireshark-ui-qt-3.6.22-150000.3.112.1 * wireshark-debuginfo-3.6.22-150000.3.112.1 * libwsutil13-3.6.22-150000.3.112.1 * wireshark-devel-3.6.22-150000.3.112.1 * libwireshark15-3.6.22-150000.3.112.1 * libwireshark15-debuginfo-3.6.22-150000.3.112.1 * wireshark-ui-qt-debuginfo-3.6.22-150000.3.112.1 * wireshark-3.6.22-150000.3.112.1 * libwsutil13-debuginfo-3.6.22-150000.3.112.1 * libwiretap12-3.6.22-150000.3.112.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * wireshark-debugsource-3.6.22-150000.3.112.1 * libwiretap12-debuginfo-3.6.22-150000.3.112.1 * wireshark-ui-qt-3.6.22-150000.3.112.1 * wireshark-debuginfo-3.6.22-150000.3.112.1 * libwsutil13-3.6.22-150000.3.112.1 * wireshark-devel-3.6.22-150000.3.112.1 * libwireshark15-3.6.22-150000.3.112.1 * libwireshark15-debuginfo-3.6.22-150000.3.112.1 * wireshark-ui-qt-debuginfo-3.6.22-150000.3.112.1 * wireshark-3.6.22-150000.3.112.1 * libwsutil13-debuginfo-3.6.22-150000.3.112.1 * libwiretap12-3.6.22-150000.3.112.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * wireshark-debugsource-3.6.22-150000.3.112.1 * libwiretap12-debuginfo-3.6.22-150000.3.112.1 * wireshark-ui-qt-3.6.22-150000.3.112.1 * wireshark-debuginfo-3.6.22-150000.3.112.1 * libwsutil13-3.6.22-150000.3.112.1 * wireshark-devel-3.6.22-150000.3.112.1 * libwireshark15-3.6.22-150000.3.112.1 * libwireshark15-debuginfo-3.6.22-150000.3.112.1 * wireshark-ui-qt-debuginfo-3.6.22-150000.3.112.1 * wireshark-3.6.22-150000.3.112.1 * libwsutil13-debuginfo-3.6.22-150000.3.112.1 * libwiretap12-3.6.22-150000.3.112.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * wireshark-debugsource-3.6.22-150000.3.112.1 * libwiretap12-debuginfo-3.6.22-150000.3.112.1 * wireshark-ui-qt-3.6.22-150000.3.112.1 * wireshark-debuginfo-3.6.22-150000.3.112.1 * libwsutil13-3.6.22-150000.3.112.1 * wireshark-devel-3.6.22-150000.3.112.1 * libwireshark15-3.6.22-150000.3.112.1 * libwireshark15-debuginfo-3.6.22-150000.3.112.1 * wireshark-ui-qt-debuginfo-3.6.22-150000.3.112.1 * wireshark-3.6.22-150000.3.112.1 * libwsutil13-debuginfo-3.6.22-150000.3.112.1 * libwiretap12-3.6.22-150000.3.112.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * wireshark-debugsource-3.6.22-150000.3.112.1 * libwiretap12-debuginfo-3.6.22-150000.3.112.1 * wireshark-ui-qt-3.6.22-150000.3.112.1 * wireshark-debuginfo-3.6.22-150000.3.112.1 * libwsutil13-3.6.22-150000.3.112.1 * wireshark-devel-3.6.22-150000.3.112.1 * libwireshark15-3.6.22-150000.3.112.1 * libwireshark15-debuginfo-3.6.22-150000.3.112.1 * wireshark-ui-qt-debuginfo-3.6.22-150000.3.112.1 * wireshark-3.6.22-150000.3.112.1 * libwsutil13-debuginfo-3.6.22-150000.3.112.1 * libwiretap12-3.6.22-150000.3.112.1 * SUSE Manager Proxy 4.3 (x86_64) * wireshark-debugsource-3.6.22-150000.3.112.1 * libwiretap12-debuginfo-3.6.22-150000.3.112.1 * wireshark-debuginfo-3.6.22-150000.3.112.1 * libwsutil13-3.6.22-150000.3.112.1 * libwireshark15-3.6.22-150000.3.112.1 * libwireshark15-debuginfo-3.6.22-150000.3.112.1 * wireshark-3.6.22-150000.3.112.1 * libwsutil13-debuginfo-3.6.22-150000.3.112.1 * libwiretap12-3.6.22-150000.3.112.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * wireshark-debugsource-3.6.22-150000.3.112.1 * libwiretap12-debuginfo-3.6.22-150000.3.112.1 * wireshark-debuginfo-3.6.22-150000.3.112.1 * libwsutil13-3.6.22-150000.3.112.1 * libwireshark15-3.6.22-150000.3.112.1 * libwireshark15-debuginfo-3.6.22-150000.3.112.1 * wireshark-3.6.22-150000.3.112.1 * libwsutil13-debuginfo-3.6.22-150000.3.112.1 * libwiretap12-3.6.22-150000.3.112.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * wireshark-debugsource-3.6.22-150000.3.112.1 * libwiretap12-debuginfo-3.6.22-150000.3.112.1 * wireshark-debuginfo-3.6.22-150000.3.112.1 * libwsutil13-3.6.22-150000.3.112.1 * libwireshark15-3.6.22-150000.3.112.1 * libwireshark15-debuginfo-3.6.22-150000.3.112.1 * wireshark-3.6.22-150000.3.112.1 * libwsutil13-debuginfo-3.6.22-150000.3.112.1 * libwiretap12-3.6.22-150000.3.112.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * wireshark-debugsource-3.6.22-150000.3.112.1 * libwiretap12-debuginfo-3.6.22-150000.3.112.1 * wireshark-ui-qt-3.6.22-150000.3.112.1 * wireshark-debuginfo-3.6.22-150000.3.112.1 * libwsutil13-3.6.22-150000.3.112.1 * wireshark-devel-3.6.22-150000.3.112.1 * libwireshark15-3.6.22-150000.3.112.1 * libwireshark15-debuginfo-3.6.22-150000.3.112.1 * wireshark-ui-qt-debuginfo-3.6.22-150000.3.112.1 * wireshark-3.6.22-150000.3.112.1 * libwsutil13-debuginfo-3.6.22-150000.3.112.1 * libwiretap12-3.6.22-150000.3.112.1 ## References: * https://www.suse.com/security/cve/CVE-2024-24476.html * https://bugzilla.suse.com/show_bug.cgi?id=1220181 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Apr 19 12:30:25 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 19 Apr 2024 12:30:25 -0000 Subject: SUSE-SU-2024:1346-1: important: Security update for nodejs12 Message-ID: <171352982580.6167.17640175515232938316@smelt2.prg2.suse.org> # Security update for nodejs12 Announcement ID: SUSE-SU-2024:1346-1 Rating: important References: * bsc#1222244 * bsc#1222384 Cross-References: * CVE-2024-27982 * CVE-2024-27983 CVSS scores: * CVE-2024-27982 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2024-27983 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves two vulnerabilities can now be installed. ## Description: This update for nodejs12 fixes the following issues: * CVE-2024-27983: Fixed failed assertion in node::http2::Http2Session::~Http2Session() that could lead to HTTP/2 server crash (bsc#1222244) * CVE-2024-27982: Fixed HTTP Request Smuggling via Content Length Obfuscation (bsc#1222384) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-1346=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-1346=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-1346=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-1346=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-1346=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-1346=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-1346=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * nodejs12-12.22.12-150200.4.59.1 * npm12-12.22.12-150200.4.59.1 * nodejs12-devel-12.22.12-150200.4.59.1 * nodejs12-debuginfo-12.22.12-150200.4.59.1 * nodejs12-debugsource-12.22.12-150200.4.59.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (noarch) * nodejs12-docs-12.22.12-150200.4.59.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * nodejs12-12.22.12-150200.4.59.1 * npm12-12.22.12-150200.4.59.1 * nodejs12-devel-12.22.12-150200.4.59.1 * nodejs12-debuginfo-12.22.12-150200.4.59.1 * nodejs12-debugsource-12.22.12-150200.4.59.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * nodejs12-docs-12.22.12-150200.4.59.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * nodejs12-12.22.12-150200.4.59.1 * npm12-12.22.12-150200.4.59.1 * nodejs12-devel-12.22.12-150200.4.59.1 * nodejs12-debuginfo-12.22.12-150200.4.59.1 * nodejs12-debugsource-12.22.12-150200.4.59.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (noarch) * nodejs12-docs-12.22.12-150200.4.59.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * nodejs12-12.22.12-150200.4.59.1 * npm12-12.22.12-150200.4.59.1 * nodejs12-devel-12.22.12-150200.4.59.1 * nodejs12-debuginfo-12.22.12-150200.4.59.1 * nodejs12-debugsource-12.22.12-150200.4.59.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch) * nodejs12-docs-12.22.12-150200.4.59.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * nodejs12-12.22.12-150200.4.59.1 * npm12-12.22.12-150200.4.59.1 * nodejs12-devel-12.22.12-150200.4.59.1 * nodejs12-debuginfo-12.22.12-150200.4.59.1 * nodejs12-debugsource-12.22.12-150200.4.59.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (noarch) * nodejs12-docs-12.22.12-150200.4.59.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * nodejs12-12.22.12-150200.4.59.1 * npm12-12.22.12-150200.4.59.1 * nodejs12-devel-12.22.12-150200.4.59.1 * nodejs12-debuginfo-12.22.12-150200.4.59.1 * nodejs12-debugsource-12.22.12-150200.4.59.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * nodejs12-docs-12.22.12-150200.4.59.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * nodejs12-12.22.12-150200.4.59.1 * npm12-12.22.12-150200.4.59.1 * nodejs12-devel-12.22.12-150200.4.59.1 * nodejs12-debuginfo-12.22.12-150200.4.59.1 * nodejs12-debugsource-12.22.12-150200.4.59.1 * SUSE Enterprise Storage 7.1 (noarch) * nodejs12-docs-12.22.12-150200.4.59.1 ## References: * https://www.suse.com/security/cve/CVE-2024-27982.html * https://www.suse.com/security/cve/CVE-2024-27983.html * https://bugzilla.suse.com/show_bug.cgi?id=1222244 * https://bugzilla.suse.com/show_bug.cgi?id=1222384 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Apr 19 16:30:03 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 19 Apr 2024 16:30:03 -0000 Subject: SUSE-SU-2024:1355-1: important: Security update for nodejs14 Message-ID: <171354420311.10204.8087343718308466581@smelt2.prg2.suse.org> # Security update for nodejs14 Announcement ID: SUSE-SU-2024:1355-1 Rating: important References: * bsc#1222244 * bsc#1222384 Cross-References: * CVE-2024-27982 * CVE-2024-27983 CVSS scores: * CVE-2024-27982 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2024-27983 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves two vulnerabilities can now be installed. ## Description: This update for nodejs14 fixes the following issues: * CVE-2024-27983: Fixed failed assertion in node::http2::Http2Session::~Http2Session() that could lead to HTTP/2 server crash (bsc#1222244) * CVE-2024-27982: Fixed HTTP Request Smuggling via Content Length Obfuscation (bsc#1222384) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-1355=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-1355=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-1355=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-1355=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-1355=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-1355=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-1355=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * nodejs14-devel-14.21.3-150200.15.58.1 * npm14-14.21.3-150200.15.58.1 * nodejs14-debuginfo-14.21.3-150200.15.58.1 * nodejs14-14.21.3-150200.15.58.1 * nodejs14-debugsource-14.21.3-150200.15.58.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (noarch) * nodejs14-docs-14.21.3-150200.15.58.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * nodejs14-devel-14.21.3-150200.15.58.1 * npm14-14.21.3-150200.15.58.1 * nodejs14-debuginfo-14.21.3-150200.15.58.1 * nodejs14-14.21.3-150200.15.58.1 * nodejs14-debugsource-14.21.3-150200.15.58.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * nodejs14-docs-14.21.3-150200.15.58.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * nodejs14-devel-14.21.3-150200.15.58.1 * npm14-14.21.3-150200.15.58.1 * nodejs14-debuginfo-14.21.3-150200.15.58.1 * nodejs14-14.21.3-150200.15.58.1 * nodejs14-debugsource-14.21.3-150200.15.58.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (noarch) * nodejs14-docs-14.21.3-150200.15.58.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * nodejs14-devel-14.21.3-150200.15.58.1 * npm14-14.21.3-150200.15.58.1 * nodejs14-debuginfo-14.21.3-150200.15.58.1 * nodejs14-14.21.3-150200.15.58.1 * nodejs14-debugsource-14.21.3-150200.15.58.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch) * nodejs14-docs-14.21.3-150200.15.58.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * nodejs14-devel-14.21.3-150200.15.58.1 * npm14-14.21.3-150200.15.58.1 * nodejs14-debuginfo-14.21.3-150200.15.58.1 * nodejs14-14.21.3-150200.15.58.1 * nodejs14-debugsource-14.21.3-150200.15.58.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (noarch) * nodejs14-docs-14.21.3-150200.15.58.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * nodejs14-devel-14.21.3-150200.15.58.1 * npm14-14.21.3-150200.15.58.1 * nodejs14-debuginfo-14.21.3-150200.15.58.1 * nodejs14-14.21.3-150200.15.58.1 * nodejs14-debugsource-14.21.3-150200.15.58.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * nodejs14-docs-14.21.3-150200.15.58.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * nodejs14-devel-14.21.3-150200.15.58.1 * npm14-14.21.3-150200.15.58.1 * nodejs14-debuginfo-14.21.3-150200.15.58.1 * nodejs14-14.21.3-150200.15.58.1 * nodejs14-debugsource-14.21.3-150200.15.58.1 * SUSE Enterprise Storage 7.1 (noarch) * nodejs14-docs-14.21.3-150200.15.58.1 ## References: * https://www.suse.com/security/cve/CVE-2024-27982.html * https://www.suse.com/security/cve/CVE-2024-27983.html * https://bugzilla.suse.com/show_bug.cgi?id=1222244 * https://bugzilla.suse.com/show_bug.cgi?id=1222384 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Apr 19 16:30:05 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 19 Apr 2024 16:30:05 -0000 Subject: SUSE-SU-2024:1354-1: important: Security update for wireshark Message-ID: <171354420554.10204.14983477887422478591@smelt2.prg2.suse.org> # Security update for wireshark Announcement ID: SUSE-SU-2024:1354-1 Rating: important References: * bsc#1220181 Cross-References: * CVE-2024-24476 CVSS scores: * CVE-2024-24476 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for wireshark fixes the following issues: * CVE-2024-24476: Fixed a denial of service in ws_manuf_lookup_str() (bsc#1220181) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-1354=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1354=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1354=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1354=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * wireshark-debuginfo-2.4.16-48.54.1 * wireshark-devel-2.4.16-48.54.1 * wireshark-debugsource-2.4.16-48.54.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * libwireshark9-debuginfo-2.4.16-48.54.1 * libwsutil8-debuginfo-2.4.16-48.54.1 * wireshark-gtk-debuginfo-2.4.16-48.54.1 * libwireshark9-2.4.16-48.54.1 * wireshark-gtk-2.4.16-48.54.1 * wireshark-2.4.16-48.54.1 * libwsutil8-2.4.16-48.54.1 * libwscodecs1-2.4.16-48.54.1 * wireshark-debugsource-2.4.16-48.54.1 * libwiretap7-2.4.16-48.54.1 * libwiretap7-debuginfo-2.4.16-48.54.1 * wireshark-debuginfo-2.4.16-48.54.1 * libwscodecs1-debuginfo-2.4.16-48.54.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * libwireshark9-debuginfo-2.4.16-48.54.1 * libwsutil8-debuginfo-2.4.16-48.54.1 * wireshark-gtk-debuginfo-2.4.16-48.54.1 * libwireshark9-2.4.16-48.54.1 * wireshark-gtk-2.4.16-48.54.1 * wireshark-2.4.16-48.54.1 * libwsutil8-2.4.16-48.54.1 * libwscodecs1-2.4.16-48.54.1 * wireshark-debugsource-2.4.16-48.54.1 * libwiretap7-2.4.16-48.54.1 * libwiretap7-debuginfo-2.4.16-48.54.1 * wireshark-debuginfo-2.4.16-48.54.1 * libwscodecs1-debuginfo-2.4.16-48.54.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * libwireshark9-debuginfo-2.4.16-48.54.1 * libwsutil8-debuginfo-2.4.16-48.54.1 * wireshark-gtk-debuginfo-2.4.16-48.54.1 * libwireshark9-2.4.16-48.54.1 * wireshark-gtk-2.4.16-48.54.1 * wireshark-2.4.16-48.54.1 * libwsutil8-2.4.16-48.54.1 * libwscodecs1-2.4.16-48.54.1 * wireshark-debugsource-2.4.16-48.54.1 * libwiretap7-2.4.16-48.54.1 * libwiretap7-debuginfo-2.4.16-48.54.1 * wireshark-debuginfo-2.4.16-48.54.1 * libwscodecs1-debuginfo-2.4.16-48.54.1 ## References: * https://www.suse.com/security/cve/CVE-2024-24476.html * https://bugzilla.suse.com/show_bug.cgi?id=1220181 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Apr 22 08:30:04 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 22 Apr 2024 08:30:04 -0000 Subject: SUSE-SU-2024:1364-1: important: Security update for the Linux Kernel RT (Live Patch 9 for SLE 15 SP5) Message-ID: <171377460459.11024.3485704811703923222@smelt2.prg2.suse.org> # Security update for the Linux Kernel RT (Live Patch 9 for SLE 15 SP5) Announcement ID: SUSE-SU-2024:1364-1 Rating: important References: * bsc#1219435 * bsc#1220828 Cross-References: * CVE-2024-1086 * CVE-2024-26622 CVSS scores: * CVE-2024-1086 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-1086 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26622 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves two vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_13_30 fixes several issues. The following security issues were fixed: * CVE-2024-26622: Fixed UAF write bug in tomoyo_write_control() (bsc#1220828). * CVE-2024-1086: Fixed a use-after-free vulnerability inside the nf_tables component that could have been exploited to achieve local privilege escalation (bsc#1219435). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-1364=1 SUSE-2024-1363=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-1364=1 SUSE-SLE- Module-Live-Patching-15-SP5-2024-1363=1 ## Package List: * openSUSE Leap 15.5 (x86_64) * kernel-livepatch-SLE15-SP5-RT_Update_9-debugsource-5-150500.2.1 * kernel-livepatch-5_14_21-150500_13_27-rt-debuginfo-6-150500.2.1 * kernel-livepatch-5_14_21-150500_13_30-rt-debuginfo-5-150500.2.1 * kernel-livepatch-SLE15-SP5-RT_Update_8-debugsource-6-150500.2.1 * kernel-livepatch-5_14_21-150500_13_27-rt-6-150500.2.1 * kernel-livepatch-5_14_21-150500_13_30-rt-5-150500.2.1 * SUSE Linux Enterprise Live Patching 15-SP5 (x86_64) * kernel-livepatch-SLE15-SP5-RT_Update_9-debugsource-5-150500.2.1 * kernel-livepatch-5_14_21-150500_13_27-rt-debuginfo-6-150500.2.1 * kernel-livepatch-5_14_21-150500_13_30-rt-debuginfo-5-150500.2.1 * kernel-livepatch-SLE15-SP5-RT_Update_8-debugsource-6-150500.2.1 * kernel-livepatch-5_14_21-150500_13_27-rt-6-150500.2.1 * kernel-livepatch-5_14_21-150500_13_30-rt-5-150500.2.1 ## References: * https://www.suse.com/security/cve/CVE-2024-1086.html * https://www.suse.com/security/cve/CVE-2024-26622.html * https://bugzilla.suse.com/show_bug.cgi?id=1219435 * https://bugzilla.suse.com/show_bug.cgi?id=1220828 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Apr 22 08:30:07 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 22 Apr 2024 08:30:07 -0000 Subject: SUSE-SU-2024:1362-1: important: Security update for the Linux Kernel RT (Live Patch 10 for SLE 15 SP5) Message-ID: <171377460745.11024.10570197029481494966@smelt2.prg2.suse.org> # Security update for the Linux Kernel RT (Live Patch 10 for SLE 15 SP5) Announcement ID: SUSE-SU-2024:1362-1 Rating: important References: * bsc#1219296 * bsc#1220828 Cross-References: * CVE-2023-52340 * CVE-2024-26622 CVSS scores: * CVE-2023-52340 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26622 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves two vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_13_35 fixes several issues. The following security issues were fixed: * CVE-2024-26622: Fixed UAF write bug in tomoyo_write_control() (bsc#1220828). * CVE-2023-52340: Fixed ICMPv6 ?Packet Too Big? packets force a DoS of the Linux kernel by forcing 100% CPU (bsc#1219296). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-1362=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-1362=1 ## Package List: * openSUSE Leap 15.5 (x86_64) * kernel-livepatch-5_14_21-150500_13_35-rt-debuginfo-3-150500.11.8.1 * kernel-livepatch-5_14_21-150500_13_35-rt-3-150500.11.8.1 * kernel-livepatch-SLE15-SP5-RT_Update_10-debugsource-3-150500.11.8.1 * SUSE Linux Enterprise Live Patching 15-SP5 (x86_64) * kernel-livepatch-5_14_21-150500_13_35-rt-debuginfo-3-150500.11.8.1 * kernel-livepatch-5_14_21-150500_13_35-rt-3-150500.11.8.1 * kernel-livepatch-SLE15-SP5-RT_Update_10-debugsource-3-150500.11.8.1 ## References: * https://www.suse.com/security/cve/CVE-2023-52340.html * https://www.suse.com/security/cve/CVE-2024-26622.html * https://bugzilla.suse.com/show_bug.cgi?id=1219296 * https://bugzilla.suse.com/show_bug.cgi?id=1220828 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Apr 22 08:30:10 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 22 Apr 2024 08:30:10 -0000 Subject: SUSE-SU-2024:1359-1: important: Security update for the Linux Kernel RT (Live Patch 7 for SLE 15 SP5) Message-ID: <171377461063.11024.6660046890678027846@smelt2.prg2.suse.org> # Security update for the Linux Kernel RT (Live Patch 7 for SLE 15 SP5) Announcement ID: SUSE-SU-2024:1359-1 Rating: important References: * bsc#1216644 * bsc#1219435 * bsc#1220828 Cross-References: * CVE-2023-5717 * CVE-2024-1086 * CVE-2024-26622 CVSS scores: * CVE-2023-5717 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-5717 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-1086 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-1086 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26622 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves three vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_13_24 fixes several issues. The following security issues were fixed: * CVE-2023-5717: Fixed a heap out-of-bounds write vulnerability in the Performance Events component (bsc#1216644). * CVE-2024-26622: Fixed UAF write bug in tomoyo_write_control() (bsc#1220828). * CVE-2024-1086: Fixed a use-after-free vulnerability inside the nf_tables component that could have been exploited to achieve local privilege escalation (bsc#1219435). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-1361=1 SUSE-2024-1359=1 SUSE-2024-1357=1 SUSE-2024-1360=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-1361=1 SUSE-SLE- Module-Live-Patching-15-SP5-2024-1359=1 SUSE-SLE-Module-Live- Patching-15-SP5-2024-1357=1 SUSE-SLE-Module-Live-Patching-15-SP5-2024-1360=1 ## Package List: * openSUSE Leap 15.5 (x86_64) * kernel-livepatch-5_14_21-150500_13_18-rt-8-150500.2.1 * kernel-livepatch-SLE15-SP5-RT_Update_3-debugsource-9-150500.2.1 * kernel-livepatch-5_14_21-150500_13_18-rt-debuginfo-8-150500.2.1 * kernel-livepatch-5_14_21-150500_13_11-rt-debuginfo-9-150500.2.1 * kernel-livepatch-5_14_21-150500_13_11-rt-9-150500.2.1 * kernel-livepatch-SLE15-SP5-RT_Update_5-debugsource-8-150500.2.1 * kernel-livepatch-5_14_21-150500_13_21-rt-debuginfo-7-150500.2.1 * kernel-livepatch-5_14_21-150500_13_24-rt-debuginfo-7-150500.2.1 * kernel-livepatch-SLE15-SP5-RT_Update_6-debugsource-7-150500.2.1 * kernel-livepatch-SLE15-SP5-RT_Update_7-debugsource-7-150500.2.1 * kernel-livepatch-5_14_21-150500_13_21-rt-7-150500.2.1 * kernel-livepatch-5_14_21-150500_13_24-rt-7-150500.2.1 * SUSE Linux Enterprise Live Patching 15-SP5 (x86_64) * kernel-livepatch-5_14_21-150500_13_18-rt-8-150500.2.1 * kernel-livepatch-SLE15-SP5-RT_Update_3-debugsource-9-150500.2.1 * kernel-livepatch-5_14_21-150500_13_18-rt-debuginfo-8-150500.2.1 * kernel-livepatch-5_14_21-150500_13_11-rt-debuginfo-9-150500.2.1 * kernel-livepatch-5_14_21-150500_13_11-rt-9-150500.2.1 * kernel-livepatch-SLE15-SP5-RT_Update_5-debugsource-8-150500.2.1 * kernel-livepatch-5_14_21-150500_13_21-rt-debuginfo-7-150500.2.1 * kernel-livepatch-5_14_21-150500_13_24-rt-debuginfo-7-150500.2.1 * kernel-livepatch-SLE15-SP5-RT_Update_6-debugsource-7-150500.2.1 * kernel-livepatch-SLE15-SP5-RT_Update_7-debugsource-7-150500.2.1 * kernel-livepatch-5_14_21-150500_13_21-rt-7-150500.2.1 * kernel-livepatch-5_14_21-150500_13_24-rt-7-150500.2.1 ## References: * https://www.suse.com/security/cve/CVE-2023-5717.html * https://www.suse.com/security/cve/CVE-2024-1086.html * https://www.suse.com/security/cve/CVE-2024-26622.html * https://bugzilla.suse.com/show_bug.cgi?id=1216644 * https://bugzilla.suse.com/show_bug.cgi?id=1219435 * https://bugzilla.suse.com/show_bug.cgi?id=1220828 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Apr 22 08:30:12 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 22 Apr 2024 08:30:12 -0000 Subject: SUSE-SU-2024:1358-1: important: Security update for the Linux Kernel RT (Live Patch 1 for SLE 15 SP5) Message-ID: <171377461292.11024.17951775358642165442@smelt2.prg2.suse.org> # Security update for the Linux Kernel RT (Live Patch 1 for SLE 15 SP5) Announcement ID: SUSE-SU-2024:1358-1 Rating: important References: * bsc#1216644 * bsc#1219079 * bsc#1219435 * bsc#1220828 Cross-References: * CVE-2023-5717 * CVE-2024-0775 * CVE-2024-1086 * CVE-2024-26622 CVSS scores: * CVE-2023-5717 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-5717 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-0775 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-0775 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-1086 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-1086 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26622 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves four vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_13_5 fixes several issues. The following security issues were fixed: * CVE-2023-5717: Fixed a heap out-of-bounds write vulnerability in the Performance Events component (bsc#1216644). * CVE-2024-0775: Fixed use-after-free in __ext4_remount in fs/ext4/super.c that could allow a local user to cause an information leak problem while freeing the old quota file names before a potential failure (bsc#1219079). * CVE-2024-26622: Fixed UAF write bug in tomoyo_write_control() (bsc#1220828). * CVE-2024-1086: Fixed a use-after-free vulnerability inside the nf_tables component that could have been exploited to achieve local privilege escalation (bsc#1219435). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-1356=1 SUSE-2024-1358=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-1356=1 SUSE-SLE- Module-Live-Patching-15-SP5-2024-1358=1 ## Package List: * openSUSE Leap 15.5 (x86_64) * kernel-livepatch-5_14_21-150500_11-rt-debuginfo-11-150500.12.1 * kernel-livepatch-SLE15-SP5-RT_Update_1-debugsource-10-150500.2.1 * kernel-livepatch-SLE15-SP5-RT_Update_0-debugsource-11-150500.12.1 * kernel-livepatch-5_14_21-150500_11-rt-11-150500.12.1 * kernel-livepatch-5_14_21-150500_13_5-rt-debuginfo-10-150500.2.1 * kernel-livepatch-5_14_21-150500_13_5-rt-10-150500.2.1 * SUSE Linux Enterprise Live Patching 15-SP5 (x86_64) * kernel-livepatch-5_14_21-150500_11-rt-debuginfo-11-150500.12.1 * kernel-livepatch-SLE15-SP5-RT_Update_1-debugsource-10-150500.2.1 * kernel-livepatch-SLE15-SP5-RT_Update_0-debugsource-11-150500.12.1 * kernel-livepatch-5_14_21-150500_11-rt-11-150500.12.1 * kernel-livepatch-5_14_21-150500_13_5-rt-debuginfo-10-150500.2.1 * kernel-livepatch-5_14_21-150500_13_5-rt-10-150500.2.1 ## References: * https://www.suse.com/security/cve/CVE-2023-5717.html * https://www.suse.com/security/cve/CVE-2024-0775.html * https://www.suse.com/security/cve/CVE-2024-1086.html * https://www.suse.com/security/cve/CVE-2024-26622.html * https://bugzilla.suse.com/show_bug.cgi?id=1216644 * https://bugzilla.suse.com/show_bug.cgi?id=1219079 * https://bugzilla.suse.com/show_bug.cgi?id=1219435 * https://bugzilla.suse.com/show_bug.cgi?id=1220828 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Apr 22 12:30:03 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 22 Apr 2024 12:30:03 -0000 Subject: SUSE-SU-2024:1373-1: important: Security update for the Linux Kernel (Live Patch 51 for SLE 12 SP5) Message-ID: <171378900368.31866.14868480949947003644@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 51 for SLE 12 SP5) Announcement ID: SUSE-SU-2024:1373-1 Rating: important References: * bsc#1219435 Cross-References: * CVE-2024-1086 CVSS scores: * CVE-2024-1086 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-1086 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Live Patching 12-SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for the Linux Kernel 4.12.14-122_186 fixes one issue. The following security issue was fixed: * CVE-2024-1086: Fixed a use-after-free vulnerability inside the nf_tables component that could have been exploited to achieve local privilege escalation (bsc#1219435). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 12-SP5 zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2024-1373=1 ## Package List: * SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64) * kgraft-patch-4_12_14-122_186-default-6-2.1 ## References: * https://www.suse.com/security/cve/CVE-2024-1086.html * https://bugzilla.suse.com/show_bug.cgi?id=1219435 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Apr 22 12:30:20 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 22 Apr 2024 12:30:20 -0000 Subject: SUSE-SU-2024:1368-1: important: Security update for shim Message-ID: <171378902099.31866.14703921668769730521@smelt2.prg2.suse.org> # Security update for shim Announcement ID: SUSE-SU-2024:1368-1 Rating: important References: * bsc#1198101 * bsc#1205588 * bsc#1205855 * bsc#1210382 * bsc#1213945 * bsc#1215098 * bsc#1215099 * bsc#1215100 * bsc#1215101 * bsc#1215102 * bsc#1215103 * bsc#1219460 * jsc#PED-922 Cross-References: * CVE-2022-28737 * CVE-2023-40546 * CVE-2023-40547 * CVE-2023-40548 * CVE-2023-40549 * CVE-2023-40550 * CVE-2023-40551 CVSS scores: * CVE-2022-28737 ( SUSE ): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2022-28737 ( NVD ): 6.5 CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H * CVE-2023-40546 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-40546 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-40547 ( SUSE ): 7.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H * CVE-2023-40547 ( NVD ): 8.3 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H * CVE-2023-40548 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2023-40548 ( NVD ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2023-40549 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-40549 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-40550 ( SUSE ): 4.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H * CVE-2023-40550 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2023-40551 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-40551 ( NVD ): 5.1 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:H Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.3 * openSUSE Leap 15.5 * openSUSE Leap Micro 5.3 * openSUSE Leap Micro 5.4 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves seven vulnerabilities, contains one feature and has five security fixes can now be installed. ## Description: This update for shim fixes the following issues: * Update shim-install to set the TPM2 SRK algorithm (bsc#1213945) * Limit the requirement of fde-tpm-helper-macros to the distro with suse_version 1600 and above (bsc#1219460) Update to version 15.8: Security issues fixed: * mok: fix LogError() invocation (bsc#1215099,CVE-2023-40546) * avoid incorrectly trusting HTTP headers (bsc#1215098,CVE-2023-40547) * Fix integer overflow on SBAT section size on 32-bit system (bsc#1215100,CVE-2023-40548) * Authenticode: verify that the signature header is in bounds (bsc#1215101,CVE-2023-40549) * pe: Fix an out-of-bound read in verify_buffer_sbat() (bsc#1215102,CVE-2023-40550) * pe-relocate: Fix bounds check for MZ binaries (bsc#1215103,CVE-2023-40551) The NX flag is disable which is same as the default value of shim-15.8, hence, not need to enable it by this patch now. * Generate dbx during build so we don't include binary files in sources * Don't require grub so shim can still be used with systemd-boot * Update shim-install to fix boot failure of ext4 root file system on RAID10 (bsc#1205855) * Adopt the macros from fde-tpm-helper-macros to update the signature in the sealed key after a bootloader upgrade * Update shim-install to amend full disk encryption support * Adopt TPM 2.0 Key File for grub2 TPM 2.0 protector * Use the long name to specify the grub2 key protector * cryptodisk: support TPM authorized policies * Do not use tpm_record_pcrs unless the command is in command.lst * Removed POST_PROCESS_PE_FLAGS=-N from the build command in shim.spec to enable the NX compatibility flag when using post-process-pe after discussed with grub2 experts in mail. It's useful for further development and testing. (bsc#1205588) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-1368=1 * openSUSE Leap Micro 5.3 zypper in -t patch openSUSE-Leap-Micro-5.3-2024-1368=1 * openSUSE Leap Micro 5.4 zypper in -t patch openSUSE-Leap-Micro-5.4-2024-1368=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1368=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-1368=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-1368=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-1368=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-1368=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-1368=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-1368=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-1368=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-1368=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-1368=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-1368=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-1368=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-1368=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-1368=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-1368=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-1368=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-1368=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-1368=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-1368=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-1368=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-1368=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-1368=1 ## Package List: * openSUSE Leap 15.3 (aarch64 x86_64 i586) * efitools-debugsource-1.9.2-150300.7.3.1 * efitools-debuginfo-1.9.2-150300.7.3.1 * efitools-1.9.2-150300.7.3.1 * openSUSE Leap 15.3 (aarch64 x86_64) * shim-debugsource-15.8-150300.4.20.2 * shim-debuginfo-15.8-150300.4.20.2 * shim-15.8-150300.4.20.2 * openSUSE Leap Micro 5.3 (aarch64 x86_64) * shim-debugsource-15.8-150300.4.20.2 * shim-debuginfo-15.8-150300.4.20.2 * shim-15.8-150300.4.20.2 * openSUSE Leap Micro 5.4 (aarch64 x86_64) * shim-debugsource-15.8-150300.4.20.2 * shim-debuginfo-15.8-150300.4.20.2 * shim-15.8-150300.4.20.2 * openSUSE Leap 15.5 (aarch64 x86_64) * shim-debugsource-15.8-150300.4.20.2 * shim-debuginfo-15.8-150300.4.20.2 * shim-15.8-150300.4.20.2 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 x86_64) * shim-debugsource-15.8-150300.4.20.2 * shim-debuginfo-15.8-150300.4.20.2 * shim-15.8-150300.4.20.2 * SUSE Linux Enterprise Micro 5.3 (aarch64 x86_64) * shim-debugsource-15.8-150300.4.20.2 * shim-debuginfo-15.8-150300.4.20.2 * shim-15.8-150300.4.20.2 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 x86_64) * shim-debugsource-15.8-150300.4.20.2 * shim-debuginfo-15.8-150300.4.20.2 * shim-15.8-150300.4.20.2 * SUSE Linux Enterprise Micro 5.4 (aarch64 x86_64) * shim-debugsource-15.8-150300.4.20.2 * shim-debuginfo-15.8-150300.4.20.2 * shim-15.8-150300.4.20.2 * SUSE Linux Enterprise Micro 5.5 (aarch64 x86_64) * shim-debugsource-15.8-150300.4.20.2 * shim-debuginfo-15.8-150300.4.20.2 * shim-15.8-150300.4.20.2 * Basesystem Module 15-SP5 (aarch64 x86_64) * shim-debugsource-15.8-150300.4.20.2 * shim-debuginfo-15.8-150300.4.20.2 * shim-15.8-150300.4.20.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * shim-debugsource-15.8-150300.4.20.2 * shim-debuginfo-15.8-150300.4.20.2 * shim-15.8-150300.4.20.2 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * shim-debugsource-15.8-150300.4.20.2 * shim-debuginfo-15.8-150300.4.20.2 * shim-15.8-150300.4.20.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * shim-debugsource-15.8-150300.4.20.2 * shim-debuginfo-15.8-150300.4.20.2 * shim-15.8-150300.4.20.2 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * shim-debugsource-15.8-150300.4.20.2 * shim-debuginfo-15.8-150300.4.20.2 * shim-15.8-150300.4.20.2 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 x86_64) * shim-debugsource-15.8-150300.4.20.2 * shim-debuginfo-15.8-150300.4.20.2 * shim-15.8-150300.4.20.2 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 x86_64) * shim-debugsource-15.8-150300.4.20.2 * shim-debuginfo-15.8-150300.4.20.2 * shim-15.8-150300.4.20.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (x86_64) * shim-debugsource-15.8-150300.4.20.2 * shim-debuginfo-15.8-150300.4.20.2 * shim-15.8-150300.4.20.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64) * shim-debugsource-15.8-150300.4.20.2 * shim-debuginfo-15.8-150300.4.20.2 * shim-15.8-150300.4.20.2 * SUSE Manager Proxy 4.3 (x86_64) * shim-debugsource-15.8-150300.4.20.2 * shim-debuginfo-15.8-150300.4.20.2 * shim-15.8-150300.4.20.2 * SUSE Manager Retail Branch Server 4.3 (x86_64) * shim-debugsource-15.8-150300.4.20.2 * shim-debuginfo-15.8-150300.4.20.2 * shim-15.8-150300.4.20.2 * SUSE Manager Server 4.3 (x86_64) * shim-debugsource-15.8-150300.4.20.2 * shim-debuginfo-15.8-150300.4.20.2 * shim-15.8-150300.4.20.2 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * shim-debugsource-15.8-150300.4.20.2 * shim-debuginfo-15.8-150300.4.20.2 * shim-15.8-150300.4.20.2 * SUSE Linux Enterprise Micro 5.1 (aarch64 x86_64) * shim-debugsource-15.8-150300.4.20.2 * shim-debuginfo-15.8-150300.4.20.2 * shim-15.8-150300.4.20.2 * SUSE Linux Enterprise Micro 5.2 (aarch64 x86_64) * shim-debugsource-15.8-150300.4.20.2 * shim-debuginfo-15.8-150300.4.20.2 * shim-15.8-150300.4.20.2 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 x86_64) * shim-debugsource-15.8-150300.4.20.2 * shim-debuginfo-15.8-150300.4.20.2 * shim-15.8-150300.4.20.2 ## References: * https://www.suse.com/security/cve/CVE-2022-28737.html * https://www.suse.com/security/cve/CVE-2023-40546.html * https://www.suse.com/security/cve/CVE-2023-40547.html * https://www.suse.com/security/cve/CVE-2023-40548.html * https://www.suse.com/security/cve/CVE-2023-40549.html * https://www.suse.com/security/cve/CVE-2023-40550.html * https://www.suse.com/security/cve/CVE-2023-40551.html * https://bugzilla.suse.com/show_bug.cgi?id=1198101 * https://bugzilla.suse.com/show_bug.cgi?id=1205588 * https://bugzilla.suse.com/show_bug.cgi?id=1205855 * https://bugzilla.suse.com/show_bug.cgi?id=1210382 * https://bugzilla.suse.com/show_bug.cgi?id=1213945 * https://bugzilla.suse.com/show_bug.cgi?id=1215098 * https://bugzilla.suse.com/show_bug.cgi?id=1215099 * https://bugzilla.suse.com/show_bug.cgi?id=1215100 * https://bugzilla.suse.com/show_bug.cgi?id=1215101 * https://bugzilla.suse.com/show_bug.cgi?id=1215102 * https://bugzilla.suse.com/show_bug.cgi?id=1215103 * https://bugzilla.suse.com/show_bug.cgi?id=1219460 * https://jira.suse.com/browse/PED-922 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Apr 22 12:30:27 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 22 Apr 2024 12:30:27 -0000 Subject: SUSE-SU-2024:1365-1: moderate: Security update for apache-commons-configuration2 Message-ID: <171378902790.31866.9522667339532423295@smelt2.prg2.suse.org> # Security update for apache-commons-configuration2 Announcement ID: SUSE-SU-2024:1365-1 Rating: moderate References: * bsc#1221793 * bsc#1221797 Cross-References: * CVE-2024-29131 * CVE-2024-29133 CVSS scores: * CVE-2024-29131 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2024-29133 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L Affected Products: * Development Tools Module 15-SP5 * openSUSE Leap 15.5 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves two vulnerabilities can now be installed. ## Description: This update for apache-commons-configuration2 fixes the following issues: * CVE-2024-29131: Fixed StackOverflowError adding property in AbstractListDelimiterHandler.flattenIterator() (bsc#1221797). * CVE-2024-29133: Fixed StackOverflowError calling ListDelimiterHandler.flatten(Object, int) with a cyclical object tree (bsc#1221793). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1365=1 * Development Tools Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2024-1365=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-1365=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-1365=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-1365=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-1365=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-1365=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-1365=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-1365=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-1365=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-1365=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-1365=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-1365=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-1365=1 ## Package List: * openSUSE Leap 15.5 (noarch) * apache-commons-configuration2-2.10.1-150200.5.8.1 * apache-commons-configuration2-javadoc-2.10.1-150200.5.8.1 * Development Tools Module 15-SP5 (noarch) * apache-commons-configuration2-2.10.1-150200.5.8.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (noarch) * apache-commons-configuration2-2.10.1-150200.5.8.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * apache-commons-configuration2-2.10.1-150200.5.8.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * apache-commons-configuration2-2.10.1-150200.5.8.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * apache-commons-configuration2-2.10.1-150200.5.8.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (noarch) * apache-commons-configuration2-2.10.1-150200.5.8.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (noarch) * apache-commons-configuration2-2.10.1-150200.5.8.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch) * apache-commons-configuration2-2.10.1-150200.5.8.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch) * apache-commons-configuration2-2.10.1-150200.5.8.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (noarch) * apache-commons-configuration2-2.10.1-150200.5.8.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * apache-commons-configuration2-2.10.1-150200.5.8.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * apache-commons-configuration2-2.10.1-150200.5.8.1 * SUSE Enterprise Storage 7.1 (noarch) * apache-commons-configuration2-2.10.1-150200.5.8.1 ## References: * https://www.suse.com/security/cve/CVE-2024-29131.html * https://www.suse.com/security/cve/CVE-2024-29133.html * https://bugzilla.suse.com/show_bug.cgi?id=1221793 * https://bugzilla.suse.com/show_bug.cgi?id=1221797 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Apr 22 16:30:03 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 22 Apr 2024 16:30:03 -0000 Subject: SUSE-SU-2024:1377-1: moderate: Security update for apache-commons-configuration Message-ID: <171380340363.10599.17232353950276817565@smelt2.prg2.suse.org> # Security update for apache-commons-configuration Announcement ID: SUSE-SU-2024:1377-1 Rating: moderate References: * bsc#1221793 * bsc#1221797 Cross-References: * CVE-2024-29131 * CVE-2024-29133 CVSS scores: * CVE-2024-29131 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2024-29133 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L Affected Products: * Development Tools Module 15-SP5 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves two vulnerabilities can now be installed. ## Description: This update for apache-commons-configuration fixes the following issues: * CVE-2024-29131: Fixed StackOverflowError adding property in AbstractListDelimiterHandler.flattenIterator() (bsc#1221797). * CVE-2024-29133: Fixed StackOverflowError calling ListDelimiterHandler.flatten(Object, int) with a cyclical object tree (bsc#1221793). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1377=1 * Development Tools Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2024-1377=1 ## Package List: * openSUSE Leap 15.5 (noarch) * apache-commons-configuration-javadoc-1.10-150200.3.11.1 * apache-commons-configuration-1.10-150200.3.11.1 * Development Tools Module 15-SP5 (noarch) * apache-commons-configuration-1.10-150200.3.11.1 ## References: * https://www.suse.com/security/cve/CVE-2024-29131.html * https://www.suse.com/security/cve/CVE-2024-29133.html * https://bugzilla.suse.com/show_bug.cgi?id=1221793 * https://bugzilla.suse.com/show_bug.cgi?id=1221797 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Apr 22 16:30:05 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 22 Apr 2024 16:30:05 -0000 Subject: SUSE-SU-2024:1376-1: low: Security update for polkit Message-ID: <171380340537.10599.7993173696555969629@smelt2.prg2.suse.org> # Security update for polkit Announcement ID: SUSE-SU-2024:1376-1 Rating: low References: * bsc#1209282 Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that has one security fix can now be installed. ## Description: This update for polkit fixes the following issues: * Change permissions for rules folders (bsc#1209282) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-1376=1 openSUSE-SLE-15.5-2024-1376=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-1376=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-1376=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * polkit-devel-121-150500.3.3.1 * pkexec-debuginfo-121-150500.3.3.1 * typelib-1_0-Polkit-1_0-121-150500.3.3.1 * polkit-devel-debuginfo-121-150500.3.3.1 * polkit-121-150500.3.3.1 * polkit-debugsource-121-150500.3.3.1 * polkit-debuginfo-121-150500.3.3.1 * libpolkit-agent-1-0-debuginfo-121-150500.3.3.1 * libpolkit-gobject-1-0-debuginfo-121-150500.3.3.1 * libpolkit-gobject-1-0-121-150500.3.3.1 * libpolkit-agent-1-0-121-150500.3.3.1 * pkexec-121-150500.3.3.1 * openSUSE Leap 15.5 (x86_64) * libpolkit-agent-1-0-32bit-debuginfo-121-150500.3.3.1 * libpolkit-agent-1-0-32bit-121-150500.3.3.1 * libpolkit-gobject-1-0-32bit-121-150500.3.3.1 * libpolkit-gobject-1-0-32bit-debuginfo-121-150500.3.3.1 * openSUSE Leap 15.5 (noarch) * polkit-doc-121-150500.3.3.1 * openSUSE Leap 15.5 (aarch64_ilp32) * libpolkit-gobject-1-0-64bit-121-150500.3.3.1 * libpolkit-gobject-1-0-64bit-debuginfo-121-150500.3.3.1 * libpolkit-agent-1-0-64bit-debuginfo-121-150500.3.3.1 * libpolkit-agent-1-0-64bit-121-150500.3.3.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 s390x x86_64) * polkit-121-150500.3.3.1 * polkit-debugsource-121-150500.3.3.1 * polkit-debuginfo-121-150500.3.3.1 * libpolkit-agent-1-0-debuginfo-121-150500.3.3.1 * libpolkit-gobject-1-0-debuginfo-121-150500.3.3.1 * libpolkit-gobject-1-0-121-150500.3.3.1 * libpolkit-agent-1-0-121-150500.3.3.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * polkit-devel-121-150500.3.3.1 * pkexec-debuginfo-121-150500.3.3.1 * typelib-1_0-Polkit-1_0-121-150500.3.3.1 * polkit-devel-debuginfo-121-150500.3.3.1 * polkit-121-150500.3.3.1 * polkit-debugsource-121-150500.3.3.1 * polkit-debuginfo-121-150500.3.3.1 * libpolkit-agent-1-0-debuginfo-121-150500.3.3.1 * libpolkit-gobject-1-0-debuginfo-121-150500.3.3.1 * libpolkit-gobject-1-0-121-150500.3.3.1 * libpolkit-agent-1-0-121-150500.3.3.1 * pkexec-121-150500.3.3.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1209282 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Apr 22 16:30:07 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 22 Apr 2024 16:30:07 -0000 Subject: SUSE-SU-2024:1375-1: important: Security update for glibc Message-ID: <171380340785.10599.9364550592694937569@smelt2.prg2.suse.org> # Security update for glibc Announcement ID: SUSE-SU-2024:1375-1 Rating: important References: * bsc#1222992 Cross-References: * CVE-2024-2961 CVSS scores: * CVE-2024-2961 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H Affected Products: * Basesystem Module 15-SP5 * Development Tools Module 15-SP5 * openSUSE Leap 15.3 * openSUSE Leap 15.5 * openSUSE Leap Micro 5.3 * openSUSE Leap Micro 5.4 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for glibc fixes the following issues: * iconv: ISO-2022-CN-EXT: fix out-of-bound writes when writing escape sequence (CVE-2024-2961, bsc#1222992) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-1375=1 * openSUSE Leap Micro 5.3 zypper in -t patch openSUSE-Leap-Micro-5.3-2024-1375=1 * openSUSE Leap Micro 5.4 zypper in -t patch openSUSE-Leap-Micro-5.4-2024-1375=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1375=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-1375=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-1375=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-1375=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-1375=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-1375=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-1375=1 * Development Tools Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2024-1375=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-1375=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-1375=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-1375=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-1375=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-1375=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-1375=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-1375=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-1375=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-1375=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-1375=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-1375=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-1375=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-1375=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-1375=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-1375=1 ## Package List: * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586 i686) * glibc-devel-2.31-150300.74.1 * glibc-profile-2.31-150300.74.1 * glibc-debuginfo-2.31-150300.74.1 * glibc-2.31-150300.74.1 * glibc-locale-2.31-150300.74.1 * glibc-debugsource-2.31-150300.74.1 * glibc-devel-debuginfo-2.31-150300.74.1 * glibc-locale-base-debuginfo-2.31-150300.74.1 * glibc-devel-static-2.31-150300.74.1 * glibc-locale-base-2.31-150300.74.1 * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * glibc-extra-2.31-150300.74.1 * glibc-extra-debuginfo-2.31-150300.74.1 * nscd-debuginfo-2.31-150300.74.1 * glibc-utils-debuginfo-2.31-150300.74.1 * glibc-utils-2.31-150300.74.1 * nscd-2.31-150300.74.1 * glibc-utils-src-debugsource-2.31-150300.74.1 * openSUSE Leap 15.3 (noarch) * glibc-lang-2.31-150300.74.1 * glibc-html-2.31-150300.74.1 * glibc-info-2.31-150300.74.1 * glibc-i18ndata-2.31-150300.74.1 * openSUSE Leap 15.3 (x86_64) * glibc-utils-32bit-2.31-150300.74.1 * glibc-32bit-debuginfo-2.31-150300.74.1 * glibc-profile-32bit-2.31-150300.74.1 * glibc-devel-32bit-debuginfo-2.31-150300.74.1 * glibc-32bit-2.31-150300.74.1 * glibc-locale-base-32bit-debuginfo-2.31-150300.74.1 * glibc-locale-base-32bit-2.31-150300.74.1 * glibc-devel-static-32bit-2.31-150300.74.1 * glibc-devel-32bit-2.31-150300.74.1 * glibc-utils-32bit-debuginfo-2.31-150300.74.1 * openSUSE Leap 15.3 (aarch64_ilp32) * glibc-utils-64bit-debuginfo-2.31-150300.74.1 * glibc-devel-64bit-2.31-150300.74.1 * glibc-utils-64bit-2.31-150300.74.1 * glibc-locale-base-64bit-2.31-150300.74.1 * glibc-devel-static-64bit-2.31-150300.74.1 * glibc-64bit-debuginfo-2.31-150300.74.1 * glibc-profile-64bit-2.31-150300.74.1 * glibc-devel-64bit-debuginfo-2.31-150300.74.1 * glibc-locale-base-64bit-debuginfo-2.31-150300.74.1 * glibc-64bit-2.31-150300.74.1 * openSUSE Leap Micro 5.3 (aarch64 x86_64) * glibc-devel-2.31-150300.74.1 * glibc-debuginfo-2.31-150300.74.1 * glibc-2.31-150300.74.1 * glibc-locale-2.31-150300.74.1 * glibc-debugsource-2.31-150300.74.1 * glibc-devel-debuginfo-2.31-150300.74.1 * glibc-locale-base-debuginfo-2.31-150300.74.1 * glibc-locale-base-2.31-150300.74.1 * openSUSE Leap Micro 5.4 (aarch64 s390x x86_64) * glibc-devel-2.31-150300.74.1 * glibc-debuginfo-2.31-150300.74.1 * glibc-2.31-150300.74.1 * glibc-locale-2.31-150300.74.1 * glibc-debugsource-2.31-150300.74.1 * glibc-devel-debuginfo-2.31-150300.74.1 * glibc-locale-base-debuginfo-2.31-150300.74.1 * glibc-locale-base-2.31-150300.74.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * glibc-devel-2.31-150300.74.1 * glibc-extra-2.31-150300.74.1 * glibc-profile-2.31-150300.74.1 * glibc-debuginfo-2.31-150300.74.1 * glibc-2.31-150300.74.1 * glibc-extra-debuginfo-2.31-150300.74.1 * glibc-locale-2.31-150300.74.1 * glibc-utils-debuginfo-2.31-150300.74.1 * nscd-debuginfo-2.31-150300.74.1 * glibc-debugsource-2.31-150300.74.1 * glibc-devel-debuginfo-2.31-150300.74.1 * glibc-locale-base-debuginfo-2.31-150300.74.1 * glibc-devel-static-2.31-150300.74.1 * glibc-utils-2.31-150300.74.1 * glibc-locale-base-2.31-150300.74.1 * nscd-2.31-150300.74.1 * glibc-utils-src-debugsource-2.31-150300.74.1 * openSUSE Leap 15.5 (x86_64) * glibc-utils-32bit-2.31-150300.74.1 * glibc-32bit-debuginfo-2.31-150300.74.1 * glibc-profile-32bit-2.31-150300.74.1 * glibc-devel-32bit-debuginfo-2.31-150300.74.1 * glibc-32bit-2.31-150300.74.1 * glibc-locale-base-32bit-debuginfo-2.31-150300.74.1 * glibc-locale-base-32bit-2.31-150300.74.1 * glibc-devel-static-32bit-2.31-150300.74.1 * glibc-devel-32bit-2.31-150300.74.1 * glibc-utils-32bit-debuginfo-2.31-150300.74.1 * openSUSE Leap 15.5 (noarch) * glibc-lang-2.31-150300.74.1 * glibc-html-2.31-150300.74.1 * glibc-info-2.31-150300.74.1 * glibc-i18ndata-2.31-150300.74.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * glibc-devel-2.31-150300.74.1 * glibc-debuginfo-2.31-150300.74.1 * glibc-2.31-150300.74.1 * glibc-locale-2.31-150300.74.1 * glibc-debugsource-2.31-150300.74.1 * glibc-devel-debuginfo-2.31-150300.74.1 * glibc-locale-base-debuginfo-2.31-150300.74.1 * glibc-locale-base-2.31-150300.74.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * glibc-devel-2.31-150300.74.1 * glibc-debuginfo-2.31-150300.74.1 * glibc-2.31-150300.74.1 * glibc-locale-2.31-150300.74.1 * glibc-debugsource-2.31-150300.74.1 * glibc-devel-debuginfo-2.31-150300.74.1 * glibc-locale-base-debuginfo-2.31-150300.74.1 * glibc-locale-base-2.31-150300.74.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * glibc-devel-2.31-150300.74.1 * glibc-debuginfo-2.31-150300.74.1 * glibc-2.31-150300.74.1 * glibc-locale-2.31-150300.74.1 * glibc-debugsource-2.31-150300.74.1 * glibc-devel-debuginfo-2.31-150300.74.1 * glibc-locale-base-debuginfo-2.31-150300.74.1 * glibc-locale-base-2.31-150300.74.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * glibc-devel-2.31-150300.74.1 * glibc-debuginfo-2.31-150300.74.1 * glibc-2.31-150300.74.1 * glibc-locale-2.31-150300.74.1 * glibc-debugsource-2.31-150300.74.1 * glibc-devel-debuginfo-2.31-150300.74.1 * glibc-locale-base-debuginfo-2.31-150300.74.1 * glibc-locale-base-2.31-150300.74.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 s390x x86_64) * glibc-devel-2.31-150300.74.1 * glibc-debuginfo-2.31-150300.74.1 * glibc-2.31-150300.74.1 * glibc-locale-2.31-150300.74.1 * glibc-debugsource-2.31-150300.74.1 * glibc-devel-debuginfo-2.31-150300.74.1 * glibc-locale-base-debuginfo-2.31-150300.74.1 * glibc-locale-base-2.31-150300.74.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * glibc-devel-2.31-150300.74.1 * glibc-extra-2.31-150300.74.1 * glibc-profile-2.31-150300.74.1 * glibc-debuginfo-2.31-150300.74.1 * glibc-2.31-150300.74.1 * glibc-extra-debuginfo-2.31-150300.74.1 * glibc-locale-2.31-150300.74.1 * nscd-debuginfo-2.31-150300.74.1 * glibc-debugsource-2.31-150300.74.1 * glibc-devel-debuginfo-2.31-150300.74.1 * glibc-locale-base-debuginfo-2.31-150300.74.1 * glibc-locale-base-2.31-150300.74.1 * nscd-2.31-150300.74.1 * Basesystem Module 15-SP5 (noarch) * glibc-info-2.31-150300.74.1 * glibc-lang-2.31-150300.74.1 * glibc-i18ndata-2.31-150300.74.1 * Basesystem Module 15-SP5 (x86_64) * glibc-locale-base-32bit-2.31-150300.74.1 * glibc-32bit-2.31-150300.74.1 * glibc-locale-base-32bit-debuginfo-2.31-150300.74.1 * glibc-32bit-debuginfo-2.31-150300.74.1 * Development Tools Module 15-SP5 (aarch64 ppc64le s390x x86_64) * glibc-debuginfo-2.31-150300.74.1 * glibc-utils-debuginfo-2.31-150300.74.1 * glibc-debugsource-2.31-150300.74.1 * glibc-utils-2.31-150300.74.1 * glibc-devel-static-2.31-150300.74.1 * glibc-utils-src-debugsource-2.31-150300.74.1 * Development Tools Module 15-SP5 (x86_64) * glibc-devel-32bit-debuginfo-2.31-150300.74.1 * glibc-devel-32bit-2.31-150300.74.1 * glibc-32bit-debuginfo-2.31-150300.74.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * glibc-devel-2.31-150300.74.1 * glibc-extra-2.31-150300.74.1 * glibc-profile-2.31-150300.74.1 * glibc-debuginfo-2.31-150300.74.1 * glibc-2.31-150300.74.1 * glibc-extra-debuginfo-2.31-150300.74.1 * glibc-locale-2.31-150300.74.1 * glibc-utils-debuginfo-2.31-150300.74.1 * nscd-debuginfo-2.31-150300.74.1 * glibc-debugsource-2.31-150300.74.1 * glibc-devel-debuginfo-2.31-150300.74.1 * glibc-locale-base-debuginfo-2.31-150300.74.1 * glibc-devel-static-2.31-150300.74.1 * glibc-utils-2.31-150300.74.1 * glibc-locale-base-2.31-150300.74.1 * nscd-2.31-150300.74.1 * glibc-utils-src-debugsource-2.31-150300.74.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * glibc-info-2.31-150300.74.1 * glibc-lang-2.31-150300.74.1 * glibc-i18ndata-2.31-150300.74.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (x86_64) * glibc-32bit-debuginfo-2.31-150300.74.1 * glibc-devel-32bit-debuginfo-2.31-150300.74.1 * glibc-32bit-2.31-150300.74.1 * glibc-locale-base-32bit-debuginfo-2.31-150300.74.1 * glibc-locale-base-32bit-2.31-150300.74.1 * glibc-devel-32bit-2.31-150300.74.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * glibc-devel-2.31-150300.74.1 * glibc-extra-2.31-150300.74.1 * glibc-profile-2.31-150300.74.1 * glibc-debuginfo-2.31-150300.74.1 * glibc-2.31-150300.74.1 * glibc-extra-debuginfo-2.31-150300.74.1 * glibc-locale-2.31-150300.74.1 * glibc-utils-debuginfo-2.31-150300.74.1 * nscd-debuginfo-2.31-150300.74.1 * glibc-debugsource-2.31-150300.74.1 * glibc-devel-debuginfo-2.31-150300.74.1 * glibc-locale-base-debuginfo-2.31-150300.74.1 * glibc-devel-static-2.31-150300.74.1 * glibc-utils-2.31-150300.74.1 * glibc-locale-base-2.31-150300.74.1 * nscd-2.31-150300.74.1 * glibc-utils-src-debugsource-2.31-150300.74.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * glibc-info-2.31-150300.74.1 * glibc-lang-2.31-150300.74.1 * glibc-i18ndata-2.31-150300.74.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64) * glibc-32bit-debuginfo-2.31-150300.74.1 * glibc-devel-32bit-debuginfo-2.31-150300.74.1 * glibc-32bit-2.31-150300.74.1 * glibc-locale-base-32bit-debuginfo-2.31-150300.74.1 * glibc-locale-base-32bit-2.31-150300.74.1 * glibc-devel-32bit-2.31-150300.74.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * glibc-devel-2.31-150300.74.1 * glibc-extra-2.31-150300.74.1 * glibc-profile-2.31-150300.74.1 * glibc-debuginfo-2.31-150300.74.1 * glibc-2.31-150300.74.1 * glibc-extra-debuginfo-2.31-150300.74.1 * glibc-locale-2.31-150300.74.1 * glibc-utils-debuginfo-2.31-150300.74.1 * nscd-debuginfo-2.31-150300.74.1 * glibc-debugsource-2.31-150300.74.1 * glibc-devel-debuginfo-2.31-150300.74.1 * glibc-locale-base-debuginfo-2.31-150300.74.1 * glibc-devel-static-2.31-150300.74.1 * glibc-utils-2.31-150300.74.1 * glibc-locale-base-2.31-150300.74.1 * nscd-2.31-150300.74.1 * glibc-utils-src-debugsource-2.31-150300.74.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * glibc-info-2.31-150300.74.1 * glibc-lang-2.31-150300.74.1 * glibc-i18ndata-2.31-150300.74.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64) * glibc-32bit-debuginfo-2.31-150300.74.1 * glibc-devel-32bit-debuginfo-2.31-150300.74.1 * glibc-32bit-2.31-150300.74.1 * glibc-locale-base-32bit-debuginfo-2.31-150300.74.1 * glibc-locale-base-32bit-2.31-150300.74.1 * glibc-devel-32bit-2.31-150300.74.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * glibc-devel-2.31-150300.74.1 * glibc-extra-debuginfo-2.31-150300.74.1 * glibc-devel-32bit-debuginfo-2.31-150300.74.1 * glibc-debugsource-2.31-150300.74.1 * glibc-locale-base-32bit-debuginfo-2.31-150300.74.1 * glibc-devel-static-2.31-150300.74.1 * glibc-32bit-debuginfo-2.31-150300.74.1 * glibc-2.31-150300.74.1 * nscd-debuginfo-2.31-150300.74.1 * glibc-utils-debuginfo-2.31-150300.74.1 * glibc-32bit-2.31-150300.74.1 * glibc-locale-base-32bit-2.31-150300.74.1 * glibc-locale-base-2.31-150300.74.1 * glibc-devel-32bit-2.31-150300.74.1 * glibc-extra-2.31-150300.74.1 * glibc-locale-2.31-150300.74.1 * glibc-utils-2.31-150300.74.1 * glibc-devel-debuginfo-2.31-150300.74.1 * nscd-2.31-150300.74.1 * glibc-utils-src-debugsource-2.31-150300.74.1 * glibc-profile-2.31-150300.74.1 * glibc-debuginfo-2.31-150300.74.1 * glibc-locale-base-debuginfo-2.31-150300.74.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (noarch) * glibc-info-2.31-150300.74.1 * glibc-lang-2.31-150300.74.1 * glibc-i18ndata-2.31-150300.74.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * glibc-devel-2.31-150300.74.1 * glibc-extra-2.31-150300.74.1 * glibc-profile-2.31-150300.74.1 * glibc-debuginfo-2.31-150300.74.1 * glibc-2.31-150300.74.1 * glibc-extra-debuginfo-2.31-150300.74.1 * glibc-locale-2.31-150300.74.1 * glibc-utils-debuginfo-2.31-150300.74.1 * nscd-debuginfo-2.31-150300.74.1 * glibc-debugsource-2.31-150300.74.1 * glibc-devel-debuginfo-2.31-150300.74.1 * glibc-locale-base-debuginfo-2.31-150300.74.1 * glibc-devel-static-2.31-150300.74.1 * glibc-utils-2.31-150300.74.1 * glibc-locale-base-2.31-150300.74.1 * nscd-2.31-150300.74.1 * glibc-utils-src-debugsource-2.31-150300.74.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch) * glibc-info-2.31-150300.74.1 * glibc-lang-2.31-150300.74.1 * glibc-i18ndata-2.31-150300.74.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (x86_64) * glibc-32bit-debuginfo-2.31-150300.74.1 * glibc-devel-32bit-debuginfo-2.31-150300.74.1 * glibc-32bit-2.31-150300.74.1 * glibc-locale-base-32bit-debuginfo-2.31-150300.74.1 * glibc-locale-base-32bit-2.31-150300.74.1 * glibc-devel-32bit-2.31-150300.74.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * glibc-devel-2.31-150300.74.1 * glibc-extra-2.31-150300.74.1 * glibc-profile-2.31-150300.74.1 * glibc-debuginfo-2.31-150300.74.1 * glibc-2.31-150300.74.1 * glibc-extra-debuginfo-2.31-150300.74.1 * glibc-locale-2.31-150300.74.1 * glibc-utils-debuginfo-2.31-150300.74.1 * nscd-debuginfo-2.31-150300.74.1 * glibc-debugsource-2.31-150300.74.1 * glibc-devel-debuginfo-2.31-150300.74.1 * glibc-locale-base-debuginfo-2.31-150300.74.1 * glibc-devel-static-2.31-150300.74.1 * glibc-utils-2.31-150300.74.1 * glibc-locale-base-2.31-150300.74.1 * nscd-2.31-150300.74.1 * glibc-utils-src-debugsource-2.31-150300.74.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch) * glibc-info-2.31-150300.74.1 * glibc-lang-2.31-150300.74.1 * glibc-i18ndata-2.31-150300.74.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (x86_64) * glibc-32bit-debuginfo-2.31-150300.74.1 * glibc-devel-32bit-debuginfo-2.31-150300.74.1 * glibc-32bit-2.31-150300.74.1 * glibc-locale-base-32bit-debuginfo-2.31-150300.74.1 * glibc-locale-base-32bit-2.31-150300.74.1 * glibc-devel-32bit-2.31-150300.74.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * glibc-devel-2.31-150300.74.1 * glibc-extra-2.31-150300.74.1 * glibc-profile-2.31-150300.74.1 * glibc-debuginfo-2.31-150300.74.1 * glibc-2.31-150300.74.1 * glibc-extra-debuginfo-2.31-150300.74.1 * glibc-locale-2.31-150300.74.1 * glibc-utils-debuginfo-2.31-150300.74.1 * nscd-debuginfo-2.31-150300.74.1 * glibc-debugsource-2.31-150300.74.1 * glibc-devel-debuginfo-2.31-150300.74.1 * glibc-locale-base-debuginfo-2.31-150300.74.1 * glibc-devel-static-2.31-150300.74.1 * glibc-utils-2.31-150300.74.1 * glibc-locale-base-2.31-150300.74.1 * nscd-2.31-150300.74.1 * glibc-utils-src-debugsource-2.31-150300.74.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * glibc-info-2.31-150300.74.1 * glibc-lang-2.31-150300.74.1 * glibc-i18ndata-2.31-150300.74.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (x86_64) * glibc-32bit-debuginfo-2.31-150300.74.1 * glibc-devel-32bit-debuginfo-2.31-150300.74.1 * glibc-32bit-2.31-150300.74.1 * glibc-locale-base-32bit-debuginfo-2.31-150300.74.1 * glibc-locale-base-32bit-2.31-150300.74.1 * glibc-devel-32bit-2.31-150300.74.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * glibc-devel-2.31-150300.74.1 * glibc-extra-2.31-150300.74.1 * glibc-profile-2.31-150300.74.1 * glibc-debuginfo-2.31-150300.74.1 * glibc-2.31-150300.74.1 * glibc-extra-debuginfo-2.31-150300.74.1 * glibc-locale-2.31-150300.74.1 * glibc-utils-debuginfo-2.31-150300.74.1 * nscd-debuginfo-2.31-150300.74.1 * glibc-debugsource-2.31-150300.74.1 * glibc-devel-debuginfo-2.31-150300.74.1 * glibc-locale-base-debuginfo-2.31-150300.74.1 * glibc-devel-static-2.31-150300.74.1 * glibc-utils-2.31-150300.74.1 * glibc-locale-base-2.31-150300.74.1 * nscd-2.31-150300.74.1 * glibc-utils-src-debugsource-2.31-150300.74.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * glibc-info-2.31-150300.74.1 * glibc-lang-2.31-150300.74.1 * glibc-i18ndata-2.31-150300.74.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64) * glibc-32bit-debuginfo-2.31-150300.74.1 * glibc-devel-32bit-debuginfo-2.31-150300.74.1 * glibc-32bit-2.31-150300.74.1 * glibc-locale-base-32bit-debuginfo-2.31-150300.74.1 * glibc-locale-base-32bit-2.31-150300.74.1 * glibc-devel-32bit-2.31-150300.74.1 * SUSE Manager Proxy 4.3 (x86_64) * glibc-devel-2.31-150300.74.1 * glibc-extra-2.31-150300.74.1 * glibc-profile-2.31-150300.74.1 * glibc-32bit-debuginfo-2.31-150300.74.1 * glibc-debuginfo-2.31-150300.74.1 * glibc-2.31-150300.74.1 * glibc-extra-debuginfo-2.31-150300.74.1 * glibc-locale-2.31-150300.74.1 * nscd-debuginfo-2.31-150300.74.1 * glibc-debugsource-2.31-150300.74.1 * glibc-32bit-2.31-150300.74.1 * glibc-locale-base-32bit-debuginfo-2.31-150300.74.1 * glibc-devel-debuginfo-2.31-150300.74.1 * glibc-locale-base-debuginfo-2.31-150300.74.1 * glibc-locale-base-32bit-2.31-150300.74.1 * glibc-locale-base-2.31-150300.74.1 * nscd-2.31-150300.74.1 * SUSE Manager Proxy 4.3 (noarch) * glibc-info-2.31-150300.74.1 * glibc-lang-2.31-150300.74.1 * glibc-i18ndata-2.31-150300.74.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * glibc-devel-2.31-150300.74.1 * glibc-extra-2.31-150300.74.1 * glibc-profile-2.31-150300.74.1 * glibc-32bit-debuginfo-2.31-150300.74.1 * glibc-debuginfo-2.31-150300.74.1 * glibc-2.31-150300.74.1 * glibc-extra-debuginfo-2.31-150300.74.1 * glibc-locale-2.31-150300.74.1 * nscd-debuginfo-2.31-150300.74.1 * glibc-debugsource-2.31-150300.74.1 * glibc-32bit-2.31-150300.74.1 * glibc-locale-base-32bit-debuginfo-2.31-150300.74.1 * glibc-devel-debuginfo-2.31-150300.74.1 * glibc-locale-base-debuginfo-2.31-150300.74.1 * glibc-locale-base-32bit-2.31-150300.74.1 * glibc-locale-base-2.31-150300.74.1 * nscd-2.31-150300.74.1 * SUSE Manager Retail Branch Server 4.3 (noarch) * glibc-info-2.31-150300.74.1 * glibc-lang-2.31-150300.74.1 * glibc-i18ndata-2.31-150300.74.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * glibc-devel-2.31-150300.74.1 * glibc-extra-2.31-150300.74.1 * glibc-profile-2.31-150300.74.1 * glibc-debuginfo-2.31-150300.74.1 * glibc-2.31-150300.74.1 * glibc-extra-debuginfo-2.31-150300.74.1 * glibc-locale-2.31-150300.74.1 * nscd-debuginfo-2.31-150300.74.1 * glibc-debugsource-2.31-150300.74.1 * glibc-devel-debuginfo-2.31-150300.74.1 * glibc-locale-base-debuginfo-2.31-150300.74.1 * glibc-locale-base-2.31-150300.74.1 * nscd-2.31-150300.74.1 * SUSE Manager Server 4.3 (noarch) * glibc-info-2.31-150300.74.1 * glibc-lang-2.31-150300.74.1 * glibc-i18ndata-2.31-150300.74.1 * SUSE Manager Server 4.3 (x86_64) * glibc-locale-base-32bit-2.31-150300.74.1 * glibc-32bit-2.31-150300.74.1 * glibc-locale-base-32bit-debuginfo-2.31-150300.74.1 * glibc-32bit-debuginfo-2.31-150300.74.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * glibc-devel-2.31-150300.74.1 * glibc-extra-2.31-150300.74.1 * glibc-profile-2.31-150300.74.1 * glibc-debuginfo-2.31-150300.74.1 * glibc-2.31-150300.74.1 * glibc-extra-debuginfo-2.31-150300.74.1 * glibc-locale-2.31-150300.74.1 * glibc-utils-debuginfo-2.31-150300.74.1 * nscd-debuginfo-2.31-150300.74.1 * glibc-debugsource-2.31-150300.74.1 * glibc-devel-debuginfo-2.31-150300.74.1 * glibc-locale-base-debuginfo-2.31-150300.74.1 * glibc-devel-static-2.31-150300.74.1 * glibc-utils-2.31-150300.74.1 * glibc-locale-base-2.31-150300.74.1 * nscd-2.31-150300.74.1 * glibc-utils-src-debugsource-2.31-150300.74.1 * SUSE Enterprise Storage 7.1 (noarch) * glibc-info-2.31-150300.74.1 * glibc-lang-2.31-150300.74.1 * glibc-i18ndata-2.31-150300.74.1 * SUSE Enterprise Storage 7.1 (x86_64) * glibc-32bit-debuginfo-2.31-150300.74.1 * glibc-devel-32bit-debuginfo-2.31-150300.74.1 * glibc-32bit-2.31-150300.74.1 * glibc-locale-base-32bit-debuginfo-2.31-150300.74.1 * glibc-locale-base-32bit-2.31-150300.74.1 * glibc-devel-32bit-2.31-150300.74.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * glibc-devel-2.31-150300.74.1 * glibc-debuginfo-2.31-150300.74.1 * glibc-2.31-150300.74.1 * glibc-locale-2.31-150300.74.1 * glibc-debugsource-2.31-150300.74.1 * glibc-locale-base-debuginfo-2.31-150300.74.1 * glibc-locale-base-2.31-150300.74.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * glibc-devel-2.31-150300.74.1 * glibc-debuginfo-2.31-150300.74.1 * glibc-2.31-150300.74.1 * glibc-locale-2.31-150300.74.1 * glibc-debugsource-2.31-150300.74.1 * glibc-locale-base-debuginfo-2.31-150300.74.1 * glibc-locale-base-2.31-150300.74.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * glibc-devel-2.31-150300.74.1 * glibc-debuginfo-2.31-150300.74.1 * glibc-2.31-150300.74.1 * glibc-locale-2.31-150300.74.1 * glibc-debugsource-2.31-150300.74.1 * glibc-locale-base-debuginfo-2.31-150300.74.1 * glibc-locale-base-2.31-150300.74.1 ## References: * https://www.suse.com/security/cve/CVE-2024-2961.html * https://bugzilla.suse.com/show_bug.cgi?id=1222992 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Apr 22 20:30:02 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 22 Apr 2024 20:30:02 -0000 Subject: SUSE-SU-2024:1386-1: important: Security update for the Linux Kernel (Live Patch 22 for SLE 15 SP4) Message-ID: <171381780277.24325.3898272040968315446@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 22 for SLE 15 SP4) Announcement ID: SUSE-SU-2024:1386-1 Rating: important References: * bsc#1219435 * bsc#1220828 Cross-References: * CVE-2024-1086 * CVE-2024-26622 CVSS scores: * CVE-2024-1086 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-1086 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26622 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves two vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150400_24_103 fixes several issues. The following security issues were fixed: * CVE-2024-26622: Fixed UAF write bug in tomoyo_write_control() (bsc#1220828). * CVE-2024-1086: Fixed a use-after-free vulnerability inside the nf_tables component that could have been exploited to achieve local privilege escalation (bsc#1219435). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-1386=1 SUSE-2024-1384=1 * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2024-1386=1 SUSE-SLE- Module-Live-Patching-15-SP4-2024-1384=1 ## Package List: * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP4_Update_22-debugsource-4-150400.2.1 * kernel-livepatch-5_14_21-150400_24_103-default-debuginfo-4-150400.2.1 * kernel-livepatch-5_14_21-150400_24_100-default-6-150400.2.1 * kernel-livepatch-5_14_21-150400_24_100-default-debuginfo-6-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_21-debugsource-6-150400.2.1 * kernel-livepatch-5_14_21-150400_24_103-default-4-150400.2.1 * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP4_Update_22-debugsource-4-150400.2.1 * kernel-livepatch-5_14_21-150400_24_103-default-debuginfo-4-150400.2.1 * kernel-livepatch-5_14_21-150400_24_100-default-6-150400.2.1 * kernel-livepatch-5_14_21-150400_24_100-default-debuginfo-6-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_21-debugsource-6-150400.2.1 * kernel-livepatch-5_14_21-150400_24_103-default-4-150400.2.1 ## References: * https://www.suse.com/security/cve/CVE-2024-1086.html * https://www.suse.com/security/cve/CVE-2024-26622.html * https://bugzilla.suse.com/show_bug.cgi?id=1219435 * https://bugzilla.suse.com/show_bug.cgi?id=1220828 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Apr 22 20:30:05 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 22 Apr 2024 20:30:05 -0000 Subject: SUSE-SU-2024:1380-1: important: Security update for the Linux Kernel (Live Patch 1 for SLE 15 SP5) Message-ID: <171381780549.24325.11149437411203441207@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 1 for SLE 15 SP5) Announcement ID: SUSE-SU-2024:1380-1 Rating: important References: * bsc#1216644 * bsc#1219435 * bsc#1220828 Cross-References: * CVE-2023-5717 * CVE-2024-1086 * CVE-2024-26622 CVSS scores: * CVE-2023-5717 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-5717 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-1086 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-1086 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26622 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves three vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_55_7 fixes several issues. The following security issues were fixed: * CVE-2023-5717: Fixed a heap out-of-bounds write vulnerability in the Performance Events component (bsc#1216644). * CVE-2024-26622: Fixed UAF write bug in tomoyo_write_control() (bsc#1220828). * CVE-2024-1086: Fixed a use-after-free vulnerability inside the nf_tables component that could have been exploited to achieve local privilege escalation (bsc#1219435). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-1381=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-1380=1 SUSE-2024-1385=1 * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2024-1380=1 SUSE-SLE- Module-Live-Patching-15-SP4-2024-1385=1 * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-1381=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP5_Update_1-debugsource-10-150500.2.1 * kernel-livepatch-5_14_21-150500_55_7-default-10-150500.2.1 * kernel-livepatch-5_14_21-150500_55_7-default-debuginfo-10-150500.2.1 * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP4_Update_20-debugsource-6-150400.2.1 * kernel-livepatch-5_14_21-150400_24_81-default-debuginfo-9-150400.2.1 * kernel-livepatch-5_14_21-150400_24_81-default-9-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_16-debugsource-9-150400.2.1 * kernel-livepatch-5_14_21-150400_24_97-default-debuginfo-6-150400.2.1 * kernel-livepatch-5_14_21-150400_24_97-default-6-150400.2.1 * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP4_Update_20-debugsource-6-150400.2.1 * kernel-livepatch-5_14_21-150400_24_81-default-debuginfo-9-150400.2.1 * kernel-livepatch-5_14_21-150400_24_81-default-9-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_16-debugsource-9-150400.2.1 * kernel-livepatch-5_14_21-150400_24_97-default-debuginfo-6-150400.2.1 * kernel-livepatch-5_14_21-150400_24_97-default-6-150400.2.1 * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP5_Update_1-debugsource-10-150500.2.1 * kernel-livepatch-5_14_21-150500_55_7-default-10-150500.2.1 * kernel-livepatch-5_14_21-150500_55_7-default-debuginfo-10-150500.2.1 ## References: * https://www.suse.com/security/cve/CVE-2023-5717.html * https://www.suse.com/security/cve/CVE-2024-1086.html * https://www.suse.com/security/cve/CVE-2024-26622.html * https://bugzilla.suse.com/show_bug.cgi?id=1216644 * https://bugzilla.suse.com/show_bug.cgi?id=1219435 * https://bugzilla.suse.com/show_bug.cgi?id=1220828 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Apr 22 20:30:07 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 22 Apr 2024 20:30:07 -0000 Subject: SUSE-SU-2024:1382-1: important: Security update for the Linux Kernel (Live Patch 50 for SLE 12 SP5) Message-ID: <171381780726.24325.16307765818900718847@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 50 for SLE 12 SP5) Announcement ID: SUSE-SU-2024:1382-1 Rating: important References: * bsc#1216644 * bsc#1219435 Cross-References: * CVE-2023-5717 * CVE-2024-1086 CVSS scores: * CVE-2023-5717 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-5717 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-1086 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-1086 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Live Patching 12-SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves two vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 4.12.14-122_183 fixes several issues. The following security issues were fixed: * CVE-2023-5717: Fixed a heap out-of-bounds write vulnerability in the Performance Events component (bsc#1216644). * CVE-2024-1086: Fixed a use-after-free vulnerability inside the nf_tables component that could have been exploited to achieve local privilege escalation (bsc#1219435). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 12-SP5 zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2024-1382=1 SUSE-SLE-Live- Patching-12-SP5-2024-1379=1 SUSE-SLE-Live-Patching-12-SP5-2024-1383=1 ## Package List: * SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64) * kgraft-patch-4_12_14-122_176-default-8-2.1 * kgraft-patch-4_12_14-122_179-default-7-2.1 * kgraft-patch-4_12_14-122_183-default-7-2.1 ## References: * https://www.suse.com/security/cve/CVE-2023-5717.html * https://www.suse.com/security/cve/CVE-2024-1086.html * https://bugzilla.suse.com/show_bug.cgi?id=1216644 * https://bugzilla.suse.com/show_bug.cgi?id=1219435 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Apr 23 08:30:04 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 23 Apr 2024 08:30:04 -0000 Subject: SUSE-SU-2024:1391-1: important: Security update for the Linux Kernel (Live Patch 41 for SLE 15 SP3) Message-ID: <171386100409.4521.16532584168022147957@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 41 for SLE 15 SP3) Announcement ID: SUSE-SU-2024:1391-1 Rating: important References: * bsc#1220828 Cross-References: * CVE-2024-26622 CVSS scores: * CVE-2024-26622 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise Live Patching 15-SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves one vulnerability can now be installed. ## Description: This update for the Linux Kernel 5.3.18-150300_59_150 fixes one issue. The following security issue was fixed: * CVE-2024-26622: Fixed UAF write bug in tomoyo_write_control() (bsc#1220828). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-1391=1 * SUSE Linux Enterprise Live Patching 15-SP3 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2024-1391=1 ## Package List: * openSUSE Leap 15.3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_150-default-debuginfo-5-150300.2.1 * kernel-livepatch-5_3_18-150300_59_150-default-5-150300.2.1 * kernel-livepatch-SLE15-SP3_Update_41-debugsource-5-150300.2.1 * openSUSE Leap 15.3 (x86_64) * kernel-livepatch-5_3_18-150300_59_150-preempt-debuginfo-5-150300.2.1 * kernel-livepatch-5_3_18-150300_59_150-preempt-5-150300.2.1 * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_150-default-5-150300.2.1 ## References: * https://www.suse.com/security/cve/CVE-2024-26622.html * https://bugzilla.suse.com/show_bug.cgi?id=1220828 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Apr 23 08:30:07 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 23 Apr 2024 08:30:07 -0000 Subject: SUSE-SU-2024:1388-1: important: Security update for the Linux Kernel (Live Patch 9 for SLE 15 SP5) Message-ID: <171386100756.4521.15049072301959561740@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 9 for SLE 15 SP5) Announcement ID: SUSE-SU-2024:1388-1 Rating: important References: * bsc#1219435 * bsc#1220828 Cross-References: * CVE-2024-1086 * CVE-2024-26622 CVSS scores: * CVE-2024-1086 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-1086 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26622 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves two vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_55_44 fixes several issues. The following security issues were fixed: * CVE-2024-26622: Fixed UAF write bug in tomoyo_write_control() (bsc#1220828). * CVE-2024-1086: Fixed a use-after-free vulnerability inside the nf_tables component that could have been exploited to achieve local privilege escalation (bsc#1219435). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-1388=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-1388=1 ## Package List: * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_44-default-debuginfo-5-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_9-debugsource-5-150500.2.1 * kernel-livepatch-5_14_21-150500_55_44-default-5-150500.2.1 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_44-default-debuginfo-5-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_9-debugsource-5-150500.2.1 * kernel-livepatch-5_14_21-150500_55_44-default-5-150500.2.1 ## References: * https://www.suse.com/security/cve/CVE-2024-1086.html * https://www.suse.com/security/cve/CVE-2024-26622.html * https://bugzilla.suse.com/show_bug.cgi?id=1219435 * https://bugzilla.suse.com/show_bug.cgi?id=1220828 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Apr 23 08:30:12 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 23 Apr 2024 08:30:12 -0000 Subject: SUSE-SU-2024:1390-1: important: Security update for the Linux Kernel (Live Patch 7 for SLE 15 SP5) Message-ID: <171386101237.4521.12325109914819254014@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 7 for SLE 15 SP5) Announcement ID: SUSE-SU-2024:1390-1 Rating: important References: * bsc#1216644 * bsc#1219435 * bsc#1220828 Cross-References: * CVE-2023-5717 * CVE-2024-1086 * CVE-2024-26622 CVSS scores: * CVE-2023-5717 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-5717 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-1086 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-1086 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26622 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves three vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_55_36 fixes several issues. The following security issues were fixed: * CVE-2023-5717: Fixed a heap out-of-bounds write vulnerability in the Performance Events component (bsc#1216644). * CVE-2024-26622: Fixed UAF write bug in tomoyo_write_control() (bsc#1220828). * CVE-2024-1086: Fixed a use-after-free vulnerability inside the nf_tables component that could have been exploited to achieve local privilege escalation (bsc#1219435). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-1387=1 SUSE-2024-1390=1 SUSE-2024-1389=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-1389=1 SUSE-SLE- Module-Live-Patching-15-SP5-2024-1387=1 SUSE-SLE-Module-Live- Patching-15-SP5-2024-1390=1 ## Package List: * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP5_Update_2-debugsource-10-150500.2.1 * kernel-livepatch-5_14_21-150500_55_36-default-6-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_7-debugsource-6-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_5-debugsource-8-150500.2.1 * kernel-livepatch-5_14_21-150500_55_28-default-8-150500.2.1 * kernel-livepatch-5_14_21-150500_55_36-default-debuginfo-6-150500.2.1 * kernel-livepatch-5_14_21-150500_55_12-default-10-150500.2.1 * kernel-livepatch-5_14_21-150500_55_28-default-debuginfo-8-150500.2.1 * kernel-livepatch-5_14_21-150500_55_12-default-debuginfo-10-150500.2.1 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP5_Update_2-debugsource-10-150500.2.1 * kernel-livepatch-5_14_21-150500_55_36-default-6-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_7-debugsource-6-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_5-debugsource-8-150500.2.1 * kernel-livepatch-5_14_21-150500_55_28-default-8-150500.2.1 * kernel-livepatch-5_14_21-150500_55_36-default-debuginfo-6-150500.2.1 * kernel-livepatch-5_14_21-150500_55_12-default-10-150500.2.1 * kernel-livepatch-5_14_21-150500_55_28-default-debuginfo-8-150500.2.1 * kernel-livepatch-5_14_21-150500_55_12-default-debuginfo-10-150500.2.1 ## References: * https://www.suse.com/security/cve/CVE-2023-5717.html * https://www.suse.com/security/cve/CVE-2024-1086.html * https://www.suse.com/security/cve/CVE-2024-26622.html * https://bugzilla.suse.com/show_bug.cgi?id=1216644 * https://bugzilla.suse.com/show_bug.cgi?id=1219435 * https://bugzilla.suse.com/show_bug.cgi?id=1220828 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Apr 23 12:30:09 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 23 Apr 2024 12:30:09 -0000 Subject: SUSE-SU-2024:1396-1: important: Security update for jasper Message-ID: <171387540992.13757.1600510971467949102@smelt2.prg2.suse.org> # Security update for jasper Announcement ID: SUSE-SU-2024:1396-1 Rating: important References: * bsc#1223155 Cross-References: * CVE-2024-31744 CVSS scores: * CVE-2024-31744 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for jasper fixes the following issues: * CVE-2024-31744: Fixed denial of service through assertion failure in jpc_streamlist_remove() (bsc#1223155). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-1396=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1396=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1396=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1396=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * libjasper-devel-1.900.14-195.40.1 * jasper-debuginfo-1.900.14-195.40.1 * jasper-debugsource-1.900.14-195.40.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * libjasper1-1.900.14-195.40.1 * libjasper1-debuginfo-1.900.14-195.40.1 * jasper-debuginfo-1.900.14-195.40.1 * jasper-debugsource-1.900.14-195.40.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (x86_64) * libjasper1-32bit-1.900.14-195.40.1 * libjasper1-debuginfo-32bit-1.900.14-195.40.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * libjasper1-1.900.14-195.40.1 * libjasper1-debuginfo-1.900.14-195.40.1 * jasper-debuginfo-1.900.14-195.40.1 * jasper-debugsource-1.900.14-195.40.1 * SUSE Linux Enterprise Server 12 SP5 (s390x x86_64) * libjasper1-32bit-1.900.14-195.40.1 * libjasper1-debuginfo-32bit-1.900.14-195.40.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * libjasper1-1.900.14-195.40.1 * libjasper1-debuginfo-1.900.14-195.40.1 * jasper-debuginfo-1.900.14-195.40.1 * jasper-debugsource-1.900.14-195.40.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (x86_64) * libjasper1-32bit-1.900.14-195.40.1 * libjasper1-debuginfo-32bit-1.900.14-195.40.1 ## References: * https://www.suse.com/security/cve/CVE-2024-31744.html * https://bugzilla.suse.com/show_bug.cgi?id=1223155 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Apr 23 12:30:14 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 23 Apr 2024 12:30:14 -0000 Subject: SUSE-SU-2024:1395-1: important: Security update for qemu Message-ID: <171387541462.13757.12470664393840872441@smelt2.prg2.suse.org> # Security update for qemu Announcement ID: SUSE-SU-2024:1395-1 Rating: important References: * bsc#1190011 * bsc#1198038 * bsc#1207205 * bsc#1212850 * bsc#1213925 Cross-References: * CVE-2021-3750 * CVE-2022-0216 * CVE-2023-0330 * CVE-2023-3180 * CVE-2023-3354 CVSS scores: * CVE-2021-3750 ( SUSE ): 7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H * CVE-2021-3750 ( NVD ): 8.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H * CVE-2022-0216 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H * CVE-2022-0216 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-0330 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H * CVE-2023-0330 ( NVD ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H * CVE-2023-3180 ( SUSE ): 8.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H * CVE-2023-3180 ( NVD ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H * CVE-2023-3354 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-3354 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves five vulnerabilities can now be installed. ## Description: This update for qemu fixes the following issues: * CVE-2021-3750: Fixed DMA reentrancy issue that could lead to use-after-free (bsc#1190011) * CVE-2022-0216: Fixed use-after-free in lsi_do_msgout function in hw/scsi/lsi53c895a.c (bsc#1198038) * CVE-2023-0330: Fixed DMA reentrancy issue that could lead to stack overflow (bsc#1207205) * CVE-2023-3180: Fixed heap buffer overflow in virtio_crypto_sym_op_helper() (bsc#1213925) * CVE-2023-3354: Fixed improper I/O watch removal in VNC TLS handshake that could lead to remote unauthenticated denial of service (bsc#1212850) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1395=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1395=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1395=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * qemu-block-ssh-debuginfo-3.1.1.1-72.1 * qemu-ui-gtk-3.1.1.1-72.1 * qemu-ui-sdl-3.1.1.1-72.1 * qemu-lang-3.1.1.1-72.1 * qemu-3.1.1.1-72.1 * qemu-tools-debuginfo-3.1.1.1-72.1 * qemu-guest-agent-3.1.1.1-72.1 * qemu-ui-curses-3.1.1.1-72.1 * qemu-audio-sdl-debuginfo-3.1.1.1-72.1 * qemu-audio-alsa-debuginfo-3.1.1.1-72.1 * qemu-block-rbd-debuginfo-3.1.1.1-72.1 * qemu-block-iscsi-3.1.1.1-72.1 * qemu-block-curl-debuginfo-3.1.1.1-72.1 * qemu-ui-curses-debuginfo-3.1.1.1-72.1 * qemu-ui-sdl-debuginfo-3.1.1.1-72.1 * qemu-audio-pa-debuginfo-3.1.1.1-72.1 * qemu-block-ssh-3.1.1.1-72.1 * qemu-block-curl-3.1.1.1-72.1 * qemu-debugsource-3.1.1.1-72.1 * qemu-ui-gtk-debuginfo-3.1.1.1-72.1 * qemu-audio-alsa-3.1.1.1-72.1 * qemu-tools-3.1.1.1-72.1 * qemu-block-rbd-3.1.1.1-72.1 * qemu-audio-oss-3.1.1.1-72.1 * qemu-block-iscsi-debuginfo-3.1.1.1-72.1 * qemu-audio-pa-3.1.1.1-72.1 * qemu-audio-oss-debuginfo-3.1.1.1-72.1 * qemu-audio-sdl-3.1.1.1-72.1 * qemu-guest-agent-debuginfo-3.1.1.1-72.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64) * qemu-arm-3.1.1.1-72.1 * qemu-arm-debuginfo-3.1.1.1-72.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (noarch) * qemu-ipxe-1.0.0+-72.1 * qemu-vgabios-1.12.0_0_ga698c89-72.1 * qemu-seabios-1.12.0_0_ga698c89-72.1 * qemu-sgabios-8-72.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (x86_64) * qemu-x86-3.1.1.1-72.1 * qemu-kvm-3.1.1.1-72.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * qemu-block-ssh-debuginfo-3.1.1.1-72.1 * qemu-ui-gtk-3.1.1.1-72.1 * qemu-ui-sdl-3.1.1.1-72.1 * qemu-lang-3.1.1.1-72.1 * qemu-3.1.1.1-72.1 * qemu-tools-debuginfo-3.1.1.1-72.1 * qemu-guest-agent-3.1.1.1-72.1 * qemu-ui-curses-3.1.1.1-72.1 * qemu-audio-sdl-debuginfo-3.1.1.1-72.1 * qemu-audio-alsa-debuginfo-3.1.1.1-72.1 * qemu-block-iscsi-3.1.1.1-72.1 * qemu-block-curl-debuginfo-3.1.1.1-72.1 * qemu-ui-curses-debuginfo-3.1.1.1-72.1 * qemu-ui-sdl-debuginfo-3.1.1.1-72.1 * qemu-audio-pa-debuginfo-3.1.1.1-72.1 * qemu-block-ssh-3.1.1.1-72.1 * qemu-block-curl-3.1.1.1-72.1 * qemu-debugsource-3.1.1.1-72.1 * qemu-ui-gtk-debuginfo-3.1.1.1-72.1 * qemu-audio-alsa-3.1.1.1-72.1 * qemu-tools-3.1.1.1-72.1 * qemu-audio-oss-3.1.1.1-72.1 * qemu-block-iscsi-debuginfo-3.1.1.1-72.1 * qemu-audio-pa-3.1.1.1-72.1 * qemu-audio-oss-debuginfo-3.1.1.1-72.1 * qemu-audio-sdl-3.1.1.1-72.1 * qemu-guest-agent-debuginfo-3.1.1.1-72.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64) * qemu-arm-3.1.1.1-72.1 * qemu-arm-debuginfo-3.1.1.1-72.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 x86_64) * qemu-block-rbd-3.1.1.1-72.1 * qemu-block-rbd-debuginfo-3.1.1.1-72.1 * SUSE Linux Enterprise Server 12 SP5 (noarch) * qemu-ipxe-1.0.0+-72.1 * qemu-vgabios-1.12.0_0_ga698c89-72.1 * qemu-seabios-1.12.0_0_ga698c89-72.1 * qemu-sgabios-8-72.1 * SUSE Linux Enterprise Server 12 SP5 (ppc64le) * qemu-ppc-3.1.1.1-72.1 * qemu-ppc-debuginfo-3.1.1.1-72.1 * SUSE Linux Enterprise Server 12 SP5 (s390x x86_64) * qemu-kvm-3.1.1.1-72.1 * SUSE Linux Enterprise Server 12 SP5 (s390x) * qemu-s390-3.1.1.1-72.1 * qemu-s390-debuginfo-3.1.1.1-72.1 * SUSE Linux Enterprise Server 12 SP5 (x86_64) * qemu-x86-3.1.1.1-72.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * qemu-block-ssh-debuginfo-3.1.1.1-72.1 * qemu-ui-gtk-3.1.1.1-72.1 * qemu-ui-sdl-3.1.1.1-72.1 * qemu-lang-3.1.1.1-72.1 * qemu-3.1.1.1-72.1 * qemu-tools-debuginfo-3.1.1.1-72.1 * qemu-guest-agent-3.1.1.1-72.1 * qemu-ui-curses-3.1.1.1-72.1 * qemu-audio-sdl-debuginfo-3.1.1.1-72.1 * qemu-audio-alsa-debuginfo-3.1.1.1-72.1 * qemu-block-iscsi-3.1.1.1-72.1 * qemu-block-curl-debuginfo-3.1.1.1-72.1 * qemu-ui-curses-debuginfo-3.1.1.1-72.1 * qemu-ui-sdl-debuginfo-3.1.1.1-72.1 * qemu-audio-pa-debuginfo-3.1.1.1-72.1 * qemu-block-ssh-3.1.1.1-72.1 * qemu-block-curl-3.1.1.1-72.1 * qemu-debugsource-3.1.1.1-72.1 * qemu-ui-gtk-debuginfo-3.1.1.1-72.1 * qemu-audio-alsa-3.1.1.1-72.1 * qemu-tools-3.1.1.1-72.1 * qemu-audio-oss-3.1.1.1-72.1 * qemu-block-iscsi-debuginfo-3.1.1.1-72.1 * qemu-audio-pa-3.1.1.1-72.1 * qemu-audio-oss-debuginfo-3.1.1.1-72.1 * qemu-audio-sdl-3.1.1.1-72.1 * qemu-guest-agent-debuginfo-3.1.1.1-72.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (noarch) * qemu-ipxe-1.0.0+-72.1 * qemu-vgabios-1.12.0_0_ga698c89-72.1 * qemu-seabios-1.12.0_0_ga698c89-72.1 * qemu-sgabios-8-72.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le) * qemu-ppc-3.1.1.1-72.1 * qemu-ppc-debuginfo-3.1.1.1-72.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (x86_64) * qemu-block-rbd-3.1.1.1-72.1 * qemu-x86-3.1.1.1-72.1 * qemu-kvm-3.1.1.1-72.1 * qemu-block-rbd-debuginfo-3.1.1.1-72.1 ## References: * https://www.suse.com/security/cve/CVE-2021-3750.html * https://www.suse.com/security/cve/CVE-2022-0216.html * https://www.suse.com/security/cve/CVE-2023-0330.html * https://www.suse.com/security/cve/CVE-2023-3180.html * https://www.suse.com/security/cve/CVE-2023-3354.html * https://bugzilla.suse.com/show_bug.cgi?id=1190011 * https://bugzilla.suse.com/show_bug.cgi?id=1198038 * https://bugzilla.suse.com/show_bug.cgi?id=1207205 * https://bugzilla.suse.com/show_bug.cgi?id=1212850 * https://bugzilla.suse.com/show_bug.cgi?id=1213925 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Apr 23 12:30:20 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 23 Apr 2024 12:30:20 -0000 Subject: SUSE-SU-2024:1394-1: important: Security update for qemu Message-ID: <171387542074.13757.4261365959838016186@smelt2.prg2.suse.org> # Security update for qemu Announcement ID: SUSE-SU-2024:1394-1 Rating: important References: * bsc#1213269 * bsc#1218889 * bsc#1220134 * bsc#1222843 * bsc#1222845 Cross-References: * CVE-2023-3019 * CVE-2023-6683 * CVE-2024-24474 * CVE-2024-3446 * CVE-2024-3447 CVSS scores: * CVE-2023-3019 ( SUSE ): 7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H * CVE-2023-3019 ( NVD ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H * CVE-2023-6683 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6683 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-24474 ( SUSE ): 8.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H * CVE-2024-3446 ( SUSE ): 8.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H * CVE-2024-3447 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.4 * openSUSE Leap Micro 5.3 * openSUSE Leap Micro 5.4 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves five vulnerabilities can now be installed. ## Description: This update for qemu fixes the following issues: * CVE-2023-3019: Fixed heap use-after-free in e1000e_write_packet_to_guest() (bsc#1213269) * CVE-2023-6683: Fixed NULL pointer dereference in qemu_clipboard_request() (bsc#1218889) * CVE-2024-24474: Fixed integer overflow results in buffer overflow via SCSI command (bsc#1220134) * CVE-2024-3446: Fixed DM reentrancy issue that could lead to double free vulnerability (bsc#1222843) * CVE-2024-3447: Fixed heap buffer overflow in sdhci_write_dataport() (bsc#1222845) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-1394=1 * openSUSE Leap Micro 5.3 zypper in -t patch openSUSE-Leap-Micro-5.3-2024-1394=1 * openSUSE Leap Micro 5.4 zypper in -t patch openSUSE-Leap-Micro-5.4-2024-1394=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-1394=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-1394=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-1394=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-1394=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-1394=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-1394=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-1394=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-1394=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-1394=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-1394=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-1394=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-1394=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * qemu-ui-opengl-debuginfo-6.2.0-150400.37.29.1 * qemu-ui-gtk-debuginfo-6.2.0-150400.37.29.1 * qemu-audio-alsa-debuginfo-6.2.0-150400.37.29.1 * qemu-audio-oss-6.2.0-150400.37.29.1 * qemu-ivshmem-tools-debuginfo-6.2.0-150400.37.29.1 * qemu-ivshmem-tools-6.2.0-150400.37.29.1 * qemu-debuginfo-6.2.0-150400.37.29.1 * qemu-extra-6.2.0-150400.37.29.1 * qemu-audio-pa-debuginfo-6.2.0-150400.37.29.1 * qemu-arm-6.2.0-150400.37.29.1 * qemu-block-nfs-6.2.0-150400.37.29.1 * qemu-tools-debuginfo-6.2.0-150400.37.29.1 * qemu-audio-pa-6.2.0-150400.37.29.1 * qemu-audio-spice-debuginfo-6.2.0-150400.37.29.1 * qemu-lang-6.2.0-150400.37.29.1 * qemu-block-nfs-debuginfo-6.2.0-150400.37.29.1 * qemu-accel-qtest-6.2.0-150400.37.29.1 * qemu-arm-debuginfo-6.2.0-150400.37.29.1 * qemu-block-ssh-debuginfo-6.2.0-150400.37.29.1 * qemu-block-gluster-6.2.0-150400.37.29.1 * qemu-hw-display-virtio-gpu-pci-debuginfo-6.2.0-150400.37.29.1 * qemu-ui-opengl-6.2.0-150400.37.29.1 * qemu-hw-display-virtio-gpu-6.2.0-150400.37.29.1 * qemu-ui-spice-app-6.2.0-150400.37.29.1 * qemu-ui-spice-core-6.2.0-150400.37.29.1 * qemu-vhost-user-gpu-debuginfo-6.2.0-150400.37.29.1 * qemu-block-dmg-6.2.0-150400.37.29.1 * qemu-block-ssh-6.2.0-150400.37.29.1 * qemu-extra-debuginfo-6.2.0-150400.37.29.1 * qemu-hw-usb-redirect-debuginfo-6.2.0-150400.37.29.1 * qemu-s390x-debuginfo-6.2.0-150400.37.29.1 * qemu-ui-spice-core-debuginfo-6.2.0-150400.37.29.1 * qemu-chardev-baum-6.2.0-150400.37.29.1 * qemu-accel-tcg-x86-debuginfo-6.2.0-150400.37.29.1 * qemu-6.2.0-150400.37.29.1 * qemu-accel-tcg-x86-6.2.0-150400.37.29.1 * qemu-audio-alsa-6.2.0-150400.37.29.1 * qemu-block-curl-6.2.0-150400.37.29.1 * qemu-audio-jack-6.2.0-150400.37.29.1 * qemu-audio-spice-6.2.0-150400.37.29.1 * qemu-ppc-6.2.0-150400.37.29.1 * qemu-ui-gtk-6.2.0-150400.37.29.1 * qemu-ppc-debuginfo-6.2.0-150400.37.29.1 * qemu-hw-s390x-virtio-gpu-ccw-6.2.0-150400.37.29.1 * qemu-hw-usb-redirect-6.2.0-150400.37.29.1 * qemu-ui-spice-app-debuginfo-6.2.0-150400.37.29.1 * qemu-hw-usb-smartcard-6.2.0-150400.37.29.1 * qemu-ui-curses-debuginfo-6.2.0-150400.37.29.1 * qemu-block-iscsi-debuginfo-6.2.0-150400.37.29.1 * qemu-hw-display-virtio-vga-debuginfo-6.2.0-150400.37.29.1 * qemu-hw-display-qxl-debuginfo-6.2.0-150400.37.29.1 * qemu-accel-qtest-debuginfo-6.2.0-150400.37.29.1 * qemu-s390x-6.2.0-150400.37.29.1 * qemu-hw-usb-host-debuginfo-6.2.0-150400.37.29.1 * qemu-tools-6.2.0-150400.37.29.1 * qemu-block-dmg-debuginfo-6.2.0-150400.37.29.1 * qemu-block-gluster-debuginfo-6.2.0-150400.37.29.1 * qemu-ui-curses-6.2.0-150400.37.29.1 * qemu-hw-display-virtio-gpu-pci-6.2.0-150400.37.29.1 * qemu-hw-usb-smartcard-debuginfo-6.2.0-150400.37.29.1 * qemu-linux-user-6.2.0-150400.37.29.1 * qemu-audio-jack-debuginfo-6.2.0-150400.37.29.1 * qemu-hw-usb-host-6.2.0-150400.37.29.1 * qemu-x86-6.2.0-150400.37.29.1 * qemu-vhost-user-gpu-6.2.0-150400.37.29.1 * qemu-linux-user-debuginfo-6.2.0-150400.37.29.1 * qemu-hw-s390x-virtio-gpu-ccw-debuginfo-6.2.0-150400.37.29.1 * qemu-hw-display-qxl-6.2.0-150400.37.29.1 * qemu-guest-agent-6.2.0-150400.37.29.1 * qemu-audio-oss-debuginfo-6.2.0-150400.37.29.1 * qemu-chardev-spice-debuginfo-6.2.0-150400.37.29.1 * qemu-x86-debuginfo-6.2.0-150400.37.29.1 * qemu-chardev-baum-debuginfo-6.2.0-150400.37.29.1 * qemu-block-curl-debuginfo-6.2.0-150400.37.29.1 * qemu-hw-display-virtio-vga-6.2.0-150400.37.29.1 * qemu-ksm-6.2.0-150400.37.29.1 * qemu-guest-agent-debuginfo-6.2.0-150400.37.29.1 * qemu-block-iscsi-6.2.0-150400.37.29.1 * qemu-linux-user-debugsource-6.2.0-150400.37.29.1 * qemu-hw-display-virtio-gpu-debuginfo-6.2.0-150400.37.29.1 * qemu-debugsource-6.2.0-150400.37.29.1 * qemu-chardev-spice-6.2.0-150400.37.29.1 * openSUSE Leap 15.4 (s390x x86_64 i586) * qemu-kvm-6.2.0-150400.37.29.1 * openSUSE Leap 15.4 (noarch) * qemu-seabios-1.15.0_0_g2dd4b9b-150400.37.29.1 * qemu-vgabios-1.15.0_0_g2dd4b9b-150400.37.29.1 * qemu-SLOF-6.2.0-150400.37.29.1 * qemu-skiboot-6.2.0-150400.37.29.1 * qemu-sgabios-8-150400.37.29.1 * qemu-ipxe-1.0.0+-150400.37.29.1 * qemu-microvm-6.2.0-150400.37.29.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64) * qemu-block-rbd-debuginfo-6.2.0-150400.37.29.1 * qemu-block-rbd-6.2.0-150400.37.29.1 * openSUSE Leap Micro 5.3 (aarch64 x86_64) * qemu-ui-opengl-debuginfo-6.2.0-150400.37.29.1 * qemu-debuginfo-6.2.0-150400.37.29.1 * qemu-tools-debuginfo-6.2.0-150400.37.29.1 * qemu-audio-spice-debuginfo-6.2.0-150400.37.29.1 * qemu-ui-opengl-6.2.0-150400.37.29.1 * qemu-ui-spice-core-6.2.0-150400.37.29.1 * qemu-chardev-spice-6.2.0-150400.37.29.1 * qemu-hw-display-virtio-gpu-6.2.0-150400.37.29.1 * qemu-hw-usb-redirect-debuginfo-6.2.0-150400.37.29.1 * qemu-ui-spice-core-debuginfo-6.2.0-150400.37.29.1 * qemu-6.2.0-150400.37.29.1 * qemu-audio-spice-6.2.0-150400.37.29.1 * qemu-hw-usb-redirect-6.2.0-150400.37.29.1 * qemu-hw-display-qxl-debuginfo-6.2.0-150400.37.29.1 * qemu-tools-6.2.0-150400.37.29.1 * qemu-hw-display-qxl-6.2.0-150400.37.29.1 * qemu-guest-agent-6.2.0-150400.37.29.1 * qemu-chardev-spice-debuginfo-6.2.0-150400.37.29.1 * qemu-hw-display-virtio-vga-6.2.0-150400.37.29.1 * qemu-guest-agent-debuginfo-6.2.0-150400.37.29.1 * qemu-hw-display-virtio-gpu-debuginfo-6.2.0-150400.37.29.1 * qemu-debugsource-6.2.0-150400.37.29.1 * qemu-hw-display-virtio-vga-debuginfo-6.2.0-150400.37.29.1 * openSUSE Leap Micro 5.3 (x86_64) * qemu-accel-tcg-x86-6.2.0-150400.37.29.1 * qemu-x86-6.2.0-150400.37.29.1 * qemu-accel-tcg-x86-debuginfo-6.2.0-150400.37.29.1 * qemu-x86-debuginfo-6.2.0-150400.37.29.1 * openSUSE Leap Micro 5.3 (noarch) * qemu-seabios-1.15.0_0_g2dd4b9b-150400.37.29.1 * qemu-ipxe-1.0.0+-150400.37.29.1 * qemu-vgabios-1.15.0_0_g2dd4b9b-150400.37.29.1 * qemu-sgabios-8-150400.37.29.1 * openSUSE Leap Micro 5.3 (aarch64) * qemu-arm-debuginfo-6.2.0-150400.37.29.1 * qemu-arm-6.2.0-150400.37.29.1 * openSUSE Leap Micro 5.4 (aarch64 s390x x86_64) * qemu-ui-opengl-debuginfo-6.2.0-150400.37.29.1 * qemu-debuginfo-6.2.0-150400.37.29.1 * qemu-tools-debuginfo-6.2.0-150400.37.29.1 * qemu-audio-spice-debuginfo-6.2.0-150400.37.29.1 * qemu-ui-opengl-6.2.0-150400.37.29.1 * qemu-ui-spice-core-6.2.0-150400.37.29.1 * qemu-chardev-spice-6.2.0-150400.37.29.1 * qemu-hw-display-virtio-gpu-6.2.0-150400.37.29.1 * qemu-hw-usb-redirect-debuginfo-6.2.0-150400.37.29.1 * qemu-ui-spice-core-debuginfo-6.2.0-150400.37.29.1 * qemu-6.2.0-150400.37.29.1 * qemu-audio-spice-6.2.0-150400.37.29.1 * qemu-hw-usb-redirect-6.2.0-150400.37.29.1 * qemu-hw-display-qxl-debuginfo-6.2.0-150400.37.29.1 * qemu-tools-6.2.0-150400.37.29.1 * qemu-hw-display-qxl-6.2.0-150400.37.29.1 * qemu-guest-agent-6.2.0-150400.37.29.1 * qemu-chardev-spice-debuginfo-6.2.0-150400.37.29.1 * qemu-hw-display-virtio-vga-6.2.0-150400.37.29.1 * qemu-guest-agent-debuginfo-6.2.0-150400.37.29.1 * qemu-hw-display-virtio-gpu-debuginfo-6.2.0-150400.37.29.1 * qemu-debugsource-6.2.0-150400.37.29.1 * qemu-hw-display-virtio-vga-debuginfo-6.2.0-150400.37.29.1 * openSUSE Leap Micro 5.4 (x86_64) * qemu-accel-tcg-x86-6.2.0-150400.37.29.1 * qemu-x86-6.2.0-150400.37.29.1 * qemu-accel-tcg-x86-debuginfo-6.2.0-150400.37.29.1 * qemu-x86-debuginfo-6.2.0-150400.37.29.1 * openSUSE Leap Micro 5.4 (noarch) * qemu-seabios-1.15.0_0_g2dd4b9b-150400.37.29.1 * qemu-ipxe-1.0.0+-150400.37.29.1 * qemu-vgabios-1.15.0_0_g2dd4b9b-150400.37.29.1 * qemu-sgabios-8-150400.37.29.1 * openSUSE Leap Micro 5.4 (s390x) * qemu-s390x-debuginfo-6.2.0-150400.37.29.1 * qemu-s390x-6.2.0-150400.37.29.1 * openSUSE Leap Micro 5.4 (aarch64) * qemu-arm-debuginfo-6.2.0-150400.37.29.1 * qemu-arm-6.2.0-150400.37.29.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * qemu-ui-opengl-debuginfo-6.2.0-150400.37.29.1 * qemu-debuginfo-6.2.0-150400.37.29.1 * qemu-tools-debuginfo-6.2.0-150400.37.29.1 * qemu-audio-spice-debuginfo-6.2.0-150400.37.29.1 * qemu-ui-opengl-6.2.0-150400.37.29.1 * qemu-ui-spice-core-6.2.0-150400.37.29.1 * qemu-chardev-spice-6.2.0-150400.37.29.1 * qemu-hw-display-virtio-gpu-6.2.0-150400.37.29.1 * qemu-hw-usb-redirect-debuginfo-6.2.0-150400.37.29.1 * qemu-ui-spice-core-debuginfo-6.2.0-150400.37.29.1 * qemu-6.2.0-150400.37.29.1 * qemu-audio-spice-6.2.0-150400.37.29.1 * qemu-hw-usb-redirect-6.2.0-150400.37.29.1 * qemu-hw-display-qxl-debuginfo-6.2.0-150400.37.29.1 * qemu-tools-6.2.0-150400.37.29.1 * qemu-hw-display-qxl-6.2.0-150400.37.29.1 * qemu-guest-agent-6.2.0-150400.37.29.1 * qemu-chardev-spice-debuginfo-6.2.0-150400.37.29.1 * qemu-hw-display-virtio-vga-6.2.0-150400.37.29.1 * qemu-guest-agent-debuginfo-6.2.0-150400.37.29.1 * qemu-hw-display-virtio-gpu-debuginfo-6.2.0-150400.37.29.1 * qemu-debugsource-6.2.0-150400.37.29.1 * qemu-hw-display-virtio-vga-debuginfo-6.2.0-150400.37.29.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64) * qemu-arm-debuginfo-6.2.0-150400.37.29.1 * qemu-arm-6.2.0-150400.37.29.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (noarch) * qemu-seabios-1.15.0_0_g2dd4b9b-150400.37.29.1 * qemu-ipxe-1.0.0+-150400.37.29.1 * qemu-vgabios-1.15.0_0_g2dd4b9b-150400.37.29.1 * qemu-sgabios-8-150400.37.29.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (s390x) * qemu-s390x-debuginfo-6.2.0-150400.37.29.1 * qemu-s390x-6.2.0-150400.37.29.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (x86_64) * qemu-accel-tcg-x86-6.2.0-150400.37.29.1 * qemu-x86-6.2.0-150400.37.29.1 * qemu-accel-tcg-x86-debuginfo-6.2.0-150400.37.29.1 * qemu-x86-debuginfo-6.2.0-150400.37.29.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * qemu-ui-opengl-debuginfo-6.2.0-150400.37.29.1 * qemu-debuginfo-6.2.0-150400.37.29.1 * qemu-tools-debuginfo-6.2.0-150400.37.29.1 * qemu-audio-spice-debuginfo-6.2.0-150400.37.29.1 * qemu-ui-opengl-6.2.0-150400.37.29.1 * qemu-ui-spice-core-6.2.0-150400.37.29.1 * qemu-chardev-spice-6.2.0-150400.37.29.1 * qemu-hw-display-virtio-gpu-6.2.0-150400.37.29.1 * qemu-hw-usb-redirect-debuginfo-6.2.0-150400.37.29.1 * qemu-ui-spice-core-debuginfo-6.2.0-150400.37.29.1 * qemu-6.2.0-150400.37.29.1 * qemu-audio-spice-6.2.0-150400.37.29.1 * qemu-hw-usb-redirect-6.2.0-150400.37.29.1 * qemu-hw-display-qxl-debuginfo-6.2.0-150400.37.29.1 * qemu-tools-6.2.0-150400.37.29.1 * qemu-hw-display-qxl-6.2.0-150400.37.29.1 * qemu-guest-agent-6.2.0-150400.37.29.1 * qemu-chardev-spice-debuginfo-6.2.0-150400.37.29.1 * qemu-hw-display-virtio-vga-6.2.0-150400.37.29.1 * qemu-guest-agent-debuginfo-6.2.0-150400.37.29.1 * qemu-hw-display-virtio-gpu-debuginfo-6.2.0-150400.37.29.1 * qemu-debugsource-6.2.0-150400.37.29.1 * qemu-hw-display-virtio-vga-debuginfo-6.2.0-150400.37.29.1 * SUSE Linux Enterprise Micro 5.3 (aarch64) * qemu-arm-debuginfo-6.2.0-150400.37.29.1 * qemu-arm-6.2.0-150400.37.29.1 * SUSE Linux Enterprise Micro 5.3 (noarch) * qemu-seabios-1.15.0_0_g2dd4b9b-150400.37.29.1 * qemu-ipxe-1.0.0+-150400.37.29.1 * qemu-vgabios-1.15.0_0_g2dd4b9b-150400.37.29.1 * qemu-sgabios-8-150400.37.29.1 * SUSE Linux Enterprise Micro 5.3 (s390x) * qemu-s390x-debuginfo-6.2.0-150400.37.29.1 * qemu-s390x-6.2.0-150400.37.29.1 * SUSE Linux Enterprise Micro 5.3 (x86_64) * qemu-accel-tcg-x86-6.2.0-150400.37.29.1 * qemu-x86-6.2.0-150400.37.29.1 * qemu-accel-tcg-x86-debuginfo-6.2.0-150400.37.29.1 * qemu-x86-debuginfo-6.2.0-150400.37.29.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * qemu-ui-opengl-debuginfo-6.2.0-150400.37.29.1 * qemu-debuginfo-6.2.0-150400.37.29.1 * qemu-tools-debuginfo-6.2.0-150400.37.29.1 * qemu-audio-spice-debuginfo-6.2.0-150400.37.29.1 * qemu-ui-opengl-6.2.0-150400.37.29.1 * qemu-ui-spice-core-6.2.0-150400.37.29.1 * qemu-chardev-spice-6.2.0-150400.37.29.1 * qemu-hw-display-virtio-gpu-6.2.0-150400.37.29.1 * qemu-hw-usb-redirect-debuginfo-6.2.0-150400.37.29.1 * qemu-ui-spice-core-debuginfo-6.2.0-150400.37.29.1 * qemu-6.2.0-150400.37.29.1 * qemu-audio-spice-6.2.0-150400.37.29.1 * qemu-hw-usb-redirect-6.2.0-150400.37.29.1 * qemu-hw-display-qxl-debuginfo-6.2.0-150400.37.29.1 * qemu-tools-6.2.0-150400.37.29.1 * qemu-hw-display-qxl-6.2.0-150400.37.29.1 * qemu-guest-agent-6.2.0-150400.37.29.1 * qemu-chardev-spice-debuginfo-6.2.0-150400.37.29.1 * qemu-hw-display-virtio-vga-6.2.0-150400.37.29.1 * qemu-guest-agent-debuginfo-6.2.0-150400.37.29.1 * qemu-hw-display-virtio-gpu-debuginfo-6.2.0-150400.37.29.1 * qemu-debugsource-6.2.0-150400.37.29.1 * qemu-hw-display-virtio-vga-debuginfo-6.2.0-150400.37.29.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64) * qemu-arm-debuginfo-6.2.0-150400.37.29.1 * qemu-arm-6.2.0-150400.37.29.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (noarch) * qemu-seabios-1.15.0_0_g2dd4b9b-150400.37.29.1 * qemu-ipxe-1.0.0+-150400.37.29.1 * qemu-vgabios-1.15.0_0_g2dd4b9b-150400.37.29.1 * qemu-sgabios-8-150400.37.29.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (s390x) * qemu-s390x-debuginfo-6.2.0-150400.37.29.1 * qemu-s390x-6.2.0-150400.37.29.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (x86_64) * qemu-accel-tcg-x86-6.2.0-150400.37.29.1 * qemu-x86-6.2.0-150400.37.29.1 * qemu-accel-tcg-x86-debuginfo-6.2.0-150400.37.29.1 * qemu-x86-debuginfo-6.2.0-150400.37.29.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * qemu-ui-opengl-debuginfo-6.2.0-150400.37.29.1 * qemu-debuginfo-6.2.0-150400.37.29.1 * qemu-tools-debuginfo-6.2.0-150400.37.29.1 * qemu-audio-spice-debuginfo-6.2.0-150400.37.29.1 * qemu-ui-opengl-6.2.0-150400.37.29.1 * qemu-ui-spice-core-6.2.0-150400.37.29.1 * qemu-chardev-spice-6.2.0-150400.37.29.1 * qemu-hw-display-virtio-gpu-6.2.0-150400.37.29.1 * qemu-hw-usb-redirect-debuginfo-6.2.0-150400.37.29.1 * qemu-ui-spice-core-debuginfo-6.2.0-150400.37.29.1 * qemu-6.2.0-150400.37.29.1 * qemu-audio-spice-6.2.0-150400.37.29.1 * qemu-hw-usb-redirect-6.2.0-150400.37.29.1 * qemu-hw-display-qxl-debuginfo-6.2.0-150400.37.29.1 * qemu-tools-6.2.0-150400.37.29.1 * qemu-hw-display-qxl-6.2.0-150400.37.29.1 * qemu-guest-agent-6.2.0-150400.37.29.1 * qemu-chardev-spice-debuginfo-6.2.0-150400.37.29.1 * qemu-hw-display-virtio-vga-6.2.0-150400.37.29.1 * qemu-guest-agent-debuginfo-6.2.0-150400.37.29.1 * qemu-hw-display-virtio-gpu-debuginfo-6.2.0-150400.37.29.1 * qemu-debugsource-6.2.0-150400.37.29.1 * qemu-hw-display-virtio-vga-debuginfo-6.2.0-150400.37.29.1 * SUSE Linux Enterprise Micro 5.4 (aarch64) * qemu-arm-debuginfo-6.2.0-150400.37.29.1 * qemu-arm-6.2.0-150400.37.29.1 * SUSE Linux Enterprise Micro 5.4 (noarch) * qemu-seabios-1.15.0_0_g2dd4b9b-150400.37.29.1 * qemu-ipxe-1.0.0+-150400.37.29.1 * qemu-vgabios-1.15.0_0_g2dd4b9b-150400.37.29.1 * qemu-sgabios-8-150400.37.29.1 * SUSE Linux Enterprise Micro 5.4 (s390x) * qemu-s390x-debuginfo-6.2.0-150400.37.29.1 * qemu-s390x-6.2.0-150400.37.29.1 * SUSE Linux Enterprise Micro 5.4 (x86_64) * qemu-accel-tcg-x86-6.2.0-150400.37.29.1 * qemu-x86-6.2.0-150400.37.29.1 * qemu-accel-tcg-x86-debuginfo-6.2.0-150400.37.29.1 * qemu-x86-debuginfo-6.2.0-150400.37.29.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * qemu-ui-opengl-debuginfo-6.2.0-150400.37.29.1 * qemu-ui-gtk-debuginfo-6.2.0-150400.37.29.1 * qemu-debuginfo-6.2.0-150400.37.29.1 * qemu-block-rbd-6.2.0-150400.37.29.1 * qemu-tools-debuginfo-6.2.0-150400.37.29.1 * qemu-audio-spice-debuginfo-6.2.0-150400.37.29.1 * qemu-lang-6.2.0-150400.37.29.1 * qemu-ui-opengl-6.2.0-150400.37.29.1 * qemu-block-ssh-debuginfo-6.2.0-150400.37.29.1 * qemu-ui-spice-app-6.2.0-150400.37.29.1 * qemu-ui-spice-core-6.2.0-150400.37.29.1 * qemu-block-ssh-6.2.0-150400.37.29.1 * qemu-hw-usb-redirect-debuginfo-6.2.0-150400.37.29.1 * qemu-ui-spice-core-debuginfo-6.2.0-150400.37.29.1 * qemu-chardev-baum-6.2.0-150400.37.29.1 * qemu-6.2.0-150400.37.29.1 * qemu-block-curl-6.2.0-150400.37.29.1 * qemu-audio-spice-6.2.0-150400.37.29.1 * qemu-ui-gtk-6.2.0-150400.37.29.1 * qemu-ui-spice-app-debuginfo-6.2.0-150400.37.29.1 * qemu-hw-usb-redirect-6.2.0-150400.37.29.1 * qemu-ui-curses-debuginfo-6.2.0-150400.37.29.1 * qemu-block-iscsi-debuginfo-6.2.0-150400.37.29.1 * qemu-hw-display-virtio-vga-debuginfo-6.2.0-150400.37.29.1 * qemu-hw-display-qxl-debuginfo-6.2.0-150400.37.29.1 * qemu-hw-usb-host-debuginfo-6.2.0-150400.37.29.1 * qemu-tools-6.2.0-150400.37.29.1 * qemu-ui-curses-6.2.0-150400.37.29.1 * qemu-hw-usb-host-6.2.0-150400.37.29.1 * qemu-hw-display-qxl-6.2.0-150400.37.29.1 * qemu-guest-agent-6.2.0-150400.37.29.1 * qemu-chardev-spice-debuginfo-6.2.0-150400.37.29.1 * qemu-chardev-baum-debuginfo-6.2.0-150400.37.29.1 * qemu-block-curl-debuginfo-6.2.0-150400.37.29.1 * qemu-block-rbd-debuginfo-6.2.0-150400.37.29.1 * qemu-hw-display-virtio-vga-6.2.0-150400.37.29.1 * qemu-ksm-6.2.0-150400.37.29.1 * qemu-guest-agent-debuginfo-6.2.0-150400.37.29.1 * qemu-block-iscsi-6.2.0-150400.37.29.1 * qemu-debugsource-6.2.0-150400.37.29.1 * qemu-chardev-spice-6.2.0-150400.37.29.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64) * qemu-arm-debuginfo-6.2.0-150400.37.29.1 * qemu-arm-6.2.0-150400.37.29.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * qemu-vgabios-1.15.0_0_g2dd4b9b-150400.37.29.1 * qemu-ipxe-1.0.0+-150400.37.29.1 * qemu-seabios-1.15.0_0_g2dd4b9b-150400.37.29.1 * qemu-sgabios-8-150400.37.29.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64) * qemu-hw-display-virtio-gpu-6.2.0-150400.37.29.1 * qemu-kvm-6.2.0-150400.37.29.1 * qemu-x86-debuginfo-6.2.0-150400.37.29.1 * qemu-audio-alsa-debuginfo-6.2.0-150400.37.29.1 * qemu-accel-tcg-x86-debuginfo-6.2.0-150400.37.29.1 * qemu-audio-pa-debuginfo-6.2.0-150400.37.29.1 * qemu-accel-tcg-x86-6.2.0-150400.37.29.1 * qemu-audio-alsa-6.2.0-150400.37.29.1 * qemu-hw-display-virtio-gpu-pci-6.2.0-150400.37.29.1 * qemu-audio-pa-6.2.0-150400.37.29.1 * qemu-hw-display-virtio-gpu-debuginfo-6.2.0-150400.37.29.1 * qemu-x86-6.2.0-150400.37.29.1 * qemu-hw-display-virtio-gpu-pci-debuginfo-6.2.0-150400.37.29.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * qemu-ui-opengl-debuginfo-6.2.0-150400.37.29.1 * qemu-ui-gtk-debuginfo-6.2.0-150400.37.29.1 * qemu-debuginfo-6.2.0-150400.37.29.1 * qemu-block-rbd-6.2.0-150400.37.29.1 * qemu-tools-debuginfo-6.2.0-150400.37.29.1 * qemu-audio-spice-debuginfo-6.2.0-150400.37.29.1 * qemu-lang-6.2.0-150400.37.29.1 * qemu-ui-opengl-6.2.0-150400.37.29.1 * qemu-block-ssh-debuginfo-6.2.0-150400.37.29.1 * qemu-ui-spice-app-6.2.0-150400.37.29.1 * qemu-ui-spice-core-6.2.0-150400.37.29.1 * qemu-block-ssh-6.2.0-150400.37.29.1 * qemu-hw-usb-redirect-debuginfo-6.2.0-150400.37.29.1 * qemu-ui-spice-core-debuginfo-6.2.0-150400.37.29.1 * qemu-chardev-baum-6.2.0-150400.37.29.1 * qemu-6.2.0-150400.37.29.1 * qemu-block-curl-6.2.0-150400.37.29.1 * qemu-audio-spice-6.2.0-150400.37.29.1 * qemu-ui-gtk-6.2.0-150400.37.29.1 * qemu-ui-spice-app-debuginfo-6.2.0-150400.37.29.1 * qemu-hw-usb-redirect-6.2.0-150400.37.29.1 * qemu-ui-curses-debuginfo-6.2.0-150400.37.29.1 * qemu-block-iscsi-debuginfo-6.2.0-150400.37.29.1 * qemu-hw-display-virtio-vga-debuginfo-6.2.0-150400.37.29.1 * qemu-hw-display-qxl-debuginfo-6.2.0-150400.37.29.1 * qemu-hw-usb-host-debuginfo-6.2.0-150400.37.29.1 * qemu-tools-6.2.0-150400.37.29.1 * qemu-ui-curses-6.2.0-150400.37.29.1 * qemu-hw-usb-host-6.2.0-150400.37.29.1 * qemu-hw-display-qxl-6.2.0-150400.37.29.1 * qemu-guest-agent-6.2.0-150400.37.29.1 * qemu-chardev-spice-debuginfo-6.2.0-150400.37.29.1 * qemu-chardev-baum-debuginfo-6.2.0-150400.37.29.1 * qemu-block-curl-debuginfo-6.2.0-150400.37.29.1 * qemu-block-rbd-debuginfo-6.2.0-150400.37.29.1 * qemu-hw-display-virtio-vga-6.2.0-150400.37.29.1 * qemu-ksm-6.2.0-150400.37.29.1 * qemu-guest-agent-debuginfo-6.2.0-150400.37.29.1 * qemu-block-iscsi-6.2.0-150400.37.29.1 * qemu-debugsource-6.2.0-150400.37.29.1 * qemu-chardev-spice-6.2.0-150400.37.29.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64) * qemu-arm-debuginfo-6.2.0-150400.37.29.1 * qemu-arm-6.2.0-150400.37.29.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * qemu-vgabios-1.15.0_0_g2dd4b9b-150400.37.29.1 * qemu-ipxe-1.0.0+-150400.37.29.1 * qemu-seabios-1.15.0_0_g2dd4b9b-150400.37.29.1 * qemu-sgabios-8-150400.37.29.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64) * qemu-hw-display-virtio-gpu-6.2.0-150400.37.29.1 * qemu-kvm-6.2.0-150400.37.29.1 * qemu-x86-debuginfo-6.2.0-150400.37.29.1 * qemu-audio-alsa-debuginfo-6.2.0-150400.37.29.1 * qemu-accel-tcg-x86-debuginfo-6.2.0-150400.37.29.1 * qemu-audio-pa-debuginfo-6.2.0-150400.37.29.1 * qemu-accel-tcg-x86-6.2.0-150400.37.29.1 * qemu-audio-alsa-6.2.0-150400.37.29.1 * qemu-hw-display-virtio-gpu-pci-6.2.0-150400.37.29.1 * qemu-audio-pa-6.2.0-150400.37.29.1 * qemu-hw-display-virtio-gpu-debuginfo-6.2.0-150400.37.29.1 * qemu-x86-6.2.0-150400.37.29.1 * qemu-hw-display-virtio-gpu-pci-debuginfo-6.2.0-150400.37.29.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * qemu-tools-debuginfo-6.2.0-150400.37.29.1 * qemu-debuginfo-6.2.0-150400.37.29.1 * qemu-debugsource-6.2.0-150400.37.29.1 * qemu-tools-6.2.0-150400.37.29.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * qemu-debuginfo-6.2.0-150400.37.29.1 * qemu-block-rbd-6.2.0-150400.37.29.1 * qemu-tools-debuginfo-6.2.0-150400.37.29.1 * qemu-lang-6.2.0-150400.37.29.1 * qemu-block-ssh-debuginfo-6.2.0-150400.37.29.1 * qemu-block-ssh-6.2.0-150400.37.29.1 * qemu-chardev-baum-6.2.0-150400.37.29.1 * qemu-6.2.0-150400.37.29.1 * qemu-block-curl-6.2.0-150400.37.29.1 * qemu-ui-curses-debuginfo-6.2.0-150400.37.29.1 * qemu-block-iscsi-debuginfo-6.2.0-150400.37.29.1 * qemu-hw-usb-host-debuginfo-6.2.0-150400.37.29.1 * qemu-tools-6.2.0-150400.37.29.1 * qemu-ui-curses-6.2.0-150400.37.29.1 * qemu-hw-usb-host-6.2.0-150400.37.29.1 * qemu-guest-agent-6.2.0-150400.37.29.1 * qemu-chardev-baum-debuginfo-6.2.0-150400.37.29.1 * qemu-block-curl-debuginfo-6.2.0-150400.37.29.1 * qemu-block-rbd-debuginfo-6.2.0-150400.37.29.1 * qemu-ksm-6.2.0-150400.37.29.1 * qemu-guest-agent-debuginfo-6.2.0-150400.37.29.1 * qemu-block-iscsi-6.2.0-150400.37.29.1 * qemu-debugsource-6.2.0-150400.37.29.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64) * qemu-arm-debuginfo-6.2.0-150400.37.29.1 * qemu-arm-6.2.0-150400.37.29.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le x86_64) * qemu-ui-opengl-debuginfo-6.2.0-150400.37.29.1 * qemu-hw-display-virtio-vga-debuginfo-6.2.0-150400.37.29.1 * qemu-hw-display-qxl-6.2.0-150400.37.29.1 * qemu-hw-display-qxl-debuginfo-6.2.0-150400.37.29.1 * qemu-chardev-spice-debuginfo-6.2.0-150400.37.29.1 * qemu-hw-usb-redirect-debuginfo-6.2.0-150400.37.29.1 * qemu-ui-gtk-debuginfo-6.2.0-150400.37.29.1 * qemu-ui-spice-core-debuginfo-6.2.0-150400.37.29.1 * qemu-hw-display-virtio-vga-6.2.0-150400.37.29.1 * qemu-audio-spice-6.2.0-150400.37.29.1 * qemu-ui-gtk-6.2.0-150400.37.29.1 * qemu-ui-opengl-6.2.0-150400.37.29.1 * qemu-audio-spice-debuginfo-6.2.0-150400.37.29.1 * qemu-hw-usb-redirect-6.2.0-150400.37.29.1 * qemu-ui-spice-app-debuginfo-6.2.0-150400.37.29.1 * qemu-ui-spice-app-6.2.0-150400.37.29.1 * qemu-ui-spice-core-6.2.0-150400.37.29.1 * qemu-chardev-spice-6.2.0-150400.37.29.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch) * qemu-seabios-1.15.0_0_g2dd4b9b-150400.37.29.1 * qemu-vgabios-1.15.0_0_g2dd4b9b-150400.37.29.1 * qemu-SLOF-6.2.0-150400.37.29.1 * qemu-skiboot-6.2.0-150400.37.29.1 * qemu-sgabios-8-150400.37.29.1 * qemu-ipxe-1.0.0+-150400.37.29.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (ppc64le) * qemu-ppc-6.2.0-150400.37.29.1 * qemu-ppc-debuginfo-6.2.0-150400.37.29.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (s390x x86_64) * qemu-hw-display-virtio-gpu-6.2.0-150400.37.29.1 * qemu-kvm-6.2.0-150400.37.29.1 * qemu-hw-display-virtio-gpu-pci-6.2.0-150400.37.29.1 * qemu-hw-display-virtio-gpu-debuginfo-6.2.0-150400.37.29.1 * qemu-hw-display-virtio-gpu-pci-debuginfo-6.2.0-150400.37.29.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (s390x) * qemu-hw-s390x-virtio-gpu-ccw-6.2.0-150400.37.29.1 * qemu-s390x-debuginfo-6.2.0-150400.37.29.1 * qemu-hw-s390x-virtio-gpu-ccw-debuginfo-6.2.0-150400.37.29.1 * qemu-s390x-6.2.0-150400.37.29.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (x86_64) * qemu-x86-debuginfo-6.2.0-150400.37.29.1 * qemu-audio-alsa-debuginfo-6.2.0-150400.37.29.1 * qemu-accel-tcg-x86-debuginfo-6.2.0-150400.37.29.1 * qemu-audio-pa-debuginfo-6.2.0-150400.37.29.1 * qemu-accel-tcg-x86-6.2.0-150400.37.29.1 * qemu-audio-alsa-6.2.0-150400.37.29.1 * qemu-audio-pa-6.2.0-150400.37.29.1 * qemu-x86-6.2.0-150400.37.29.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * qemu-ui-opengl-debuginfo-6.2.0-150400.37.29.1 * qemu-ui-gtk-debuginfo-6.2.0-150400.37.29.1 * qemu-debuginfo-6.2.0-150400.37.29.1 * qemu-block-rbd-6.2.0-150400.37.29.1 * qemu-tools-debuginfo-6.2.0-150400.37.29.1 * qemu-audio-spice-debuginfo-6.2.0-150400.37.29.1 * qemu-lang-6.2.0-150400.37.29.1 * qemu-ui-opengl-6.2.0-150400.37.29.1 * qemu-block-ssh-debuginfo-6.2.0-150400.37.29.1 * qemu-ui-spice-app-6.2.0-150400.37.29.1 * qemu-ui-spice-core-6.2.0-150400.37.29.1 * qemu-block-ssh-6.2.0-150400.37.29.1 * qemu-hw-usb-redirect-debuginfo-6.2.0-150400.37.29.1 * qemu-ui-spice-core-debuginfo-6.2.0-150400.37.29.1 * qemu-chardev-baum-6.2.0-150400.37.29.1 * qemu-6.2.0-150400.37.29.1 * qemu-block-curl-6.2.0-150400.37.29.1 * qemu-audio-spice-6.2.0-150400.37.29.1 * qemu-ui-gtk-6.2.0-150400.37.29.1 * qemu-ui-spice-app-debuginfo-6.2.0-150400.37.29.1 * qemu-hw-usb-redirect-6.2.0-150400.37.29.1 * qemu-ui-curses-debuginfo-6.2.0-150400.37.29.1 * qemu-block-iscsi-debuginfo-6.2.0-150400.37.29.1 * qemu-hw-display-virtio-vga-debuginfo-6.2.0-150400.37.29.1 * qemu-hw-display-qxl-debuginfo-6.2.0-150400.37.29.1 * qemu-hw-usb-host-debuginfo-6.2.0-150400.37.29.1 * qemu-tools-6.2.0-150400.37.29.1 * qemu-ui-curses-6.2.0-150400.37.29.1 * qemu-hw-usb-host-6.2.0-150400.37.29.1 * qemu-hw-display-qxl-6.2.0-150400.37.29.1 * qemu-guest-agent-6.2.0-150400.37.29.1 * qemu-chardev-spice-debuginfo-6.2.0-150400.37.29.1 * qemu-chardev-baum-debuginfo-6.2.0-150400.37.29.1 * qemu-block-curl-debuginfo-6.2.0-150400.37.29.1 * qemu-block-rbd-debuginfo-6.2.0-150400.37.29.1 * qemu-hw-display-virtio-vga-6.2.0-150400.37.29.1 * qemu-ksm-6.2.0-150400.37.29.1 * qemu-guest-agent-debuginfo-6.2.0-150400.37.29.1 * qemu-block-iscsi-6.2.0-150400.37.29.1 * qemu-debugsource-6.2.0-150400.37.29.1 * qemu-chardev-spice-6.2.0-150400.37.29.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * qemu-seabios-1.15.0_0_g2dd4b9b-150400.37.29.1 * qemu-vgabios-1.15.0_0_g2dd4b9b-150400.37.29.1 * qemu-SLOF-6.2.0-150400.37.29.1 * qemu-skiboot-6.2.0-150400.37.29.1 * qemu-sgabios-8-150400.37.29.1 * qemu-ipxe-1.0.0+-150400.37.29.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le) * qemu-ppc-6.2.0-150400.37.29.1 * qemu-ppc-debuginfo-6.2.0-150400.37.29.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64) * qemu-hw-display-virtio-gpu-6.2.0-150400.37.29.1 * qemu-kvm-6.2.0-150400.37.29.1 * qemu-x86-debuginfo-6.2.0-150400.37.29.1 * qemu-audio-alsa-debuginfo-6.2.0-150400.37.29.1 * qemu-accel-tcg-x86-debuginfo-6.2.0-150400.37.29.1 * qemu-audio-pa-debuginfo-6.2.0-150400.37.29.1 * qemu-accel-tcg-x86-6.2.0-150400.37.29.1 * qemu-audio-alsa-6.2.0-150400.37.29.1 * qemu-hw-display-virtio-gpu-pci-6.2.0-150400.37.29.1 * qemu-audio-pa-6.2.0-150400.37.29.1 * qemu-hw-display-virtio-gpu-debuginfo-6.2.0-150400.37.29.1 * qemu-x86-6.2.0-150400.37.29.1 * qemu-hw-display-virtio-gpu-pci-debuginfo-6.2.0-150400.37.29.1 * SUSE Manager Proxy 4.3 (x86_64) * qemu-ui-opengl-debuginfo-6.2.0-150400.37.29.1 * qemu-ui-gtk-debuginfo-6.2.0-150400.37.29.1 * qemu-audio-alsa-debuginfo-6.2.0-150400.37.29.1 * qemu-debuginfo-6.2.0-150400.37.29.1 * qemu-audio-pa-debuginfo-6.2.0-150400.37.29.1 * qemu-block-rbd-6.2.0-150400.37.29.1 * qemu-tools-debuginfo-6.2.0-150400.37.29.1 * qemu-audio-pa-6.2.0-150400.37.29.1 * qemu-audio-spice-debuginfo-6.2.0-150400.37.29.1 * qemu-lang-6.2.0-150400.37.29.1 * qemu-ui-opengl-6.2.0-150400.37.29.1 * qemu-block-ssh-debuginfo-6.2.0-150400.37.29.1 * qemu-hw-display-virtio-gpu-pci-debuginfo-6.2.0-150400.37.29.1 * qemu-ui-spice-app-6.2.0-150400.37.29.1 * qemu-ui-spice-core-6.2.0-150400.37.29.1 * qemu-hw-display-virtio-gpu-6.2.0-150400.37.29.1 * qemu-block-ssh-6.2.0-150400.37.29.1 * qemu-hw-usb-redirect-debuginfo-6.2.0-150400.37.29.1 * qemu-ui-spice-core-debuginfo-6.2.0-150400.37.29.1 * qemu-chardev-baum-6.2.0-150400.37.29.1 * qemu-accel-tcg-x86-debuginfo-6.2.0-150400.37.29.1 * qemu-6.2.0-150400.37.29.1 * qemu-accel-tcg-x86-6.2.0-150400.37.29.1 * qemu-audio-alsa-6.2.0-150400.37.29.1 * qemu-block-curl-6.2.0-150400.37.29.1 * qemu-audio-spice-6.2.0-150400.37.29.1 * qemu-ui-gtk-6.2.0-150400.37.29.1 * qemu-ui-spice-app-debuginfo-6.2.0-150400.37.29.1 * qemu-hw-usb-redirect-6.2.0-150400.37.29.1 * qemu-ui-curses-debuginfo-6.2.0-150400.37.29.1 * qemu-block-iscsi-debuginfo-6.2.0-150400.37.29.1 * qemu-hw-display-virtio-vga-debuginfo-6.2.0-150400.37.29.1 * qemu-hw-display-qxl-debuginfo-6.2.0-150400.37.29.1 * qemu-hw-usb-host-debuginfo-6.2.0-150400.37.29.1 * qemu-tools-6.2.0-150400.37.29.1 * qemu-ui-curses-6.2.0-150400.37.29.1 * qemu-hw-display-virtio-gpu-pci-6.2.0-150400.37.29.1 * qemu-hw-usb-host-6.2.0-150400.37.29.1 * qemu-x86-6.2.0-150400.37.29.1 * qemu-kvm-6.2.0-150400.37.29.1 * qemu-hw-display-qxl-6.2.0-150400.37.29.1 * qemu-guest-agent-6.2.0-150400.37.29.1 * qemu-chardev-spice-debuginfo-6.2.0-150400.37.29.1 * qemu-x86-debuginfo-6.2.0-150400.37.29.1 * qemu-chardev-baum-debuginfo-6.2.0-150400.37.29.1 * qemu-block-curl-debuginfo-6.2.0-150400.37.29.1 * qemu-block-rbd-debuginfo-6.2.0-150400.37.29.1 * qemu-hw-display-virtio-vga-6.2.0-150400.37.29.1 * qemu-ksm-6.2.0-150400.37.29.1 * qemu-guest-agent-debuginfo-6.2.0-150400.37.29.1 * qemu-block-iscsi-6.2.0-150400.37.29.1 * qemu-hw-display-virtio-gpu-debuginfo-6.2.0-150400.37.29.1 * qemu-debugsource-6.2.0-150400.37.29.1 * qemu-chardev-spice-6.2.0-150400.37.29.1 * SUSE Manager Proxy 4.3 (noarch) * qemu-seabios-1.15.0_0_g2dd4b9b-150400.37.29.1 * qemu-ipxe-1.0.0+-150400.37.29.1 * qemu-vgabios-1.15.0_0_g2dd4b9b-150400.37.29.1 * qemu-sgabios-8-150400.37.29.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * qemu-ui-opengl-debuginfo-6.2.0-150400.37.29.1 * qemu-ui-gtk-debuginfo-6.2.0-150400.37.29.1 * qemu-audio-alsa-debuginfo-6.2.0-150400.37.29.1 * qemu-debuginfo-6.2.0-150400.37.29.1 * qemu-audio-pa-debuginfo-6.2.0-150400.37.29.1 * qemu-block-rbd-6.2.0-150400.37.29.1 * qemu-tools-debuginfo-6.2.0-150400.37.29.1 * qemu-audio-pa-6.2.0-150400.37.29.1 * qemu-audio-spice-debuginfo-6.2.0-150400.37.29.1 * qemu-lang-6.2.0-150400.37.29.1 * qemu-ui-opengl-6.2.0-150400.37.29.1 * qemu-block-ssh-debuginfo-6.2.0-150400.37.29.1 * qemu-hw-display-virtio-gpu-pci-debuginfo-6.2.0-150400.37.29.1 * qemu-ui-spice-app-6.2.0-150400.37.29.1 * qemu-ui-spice-core-6.2.0-150400.37.29.1 * qemu-hw-display-virtio-gpu-6.2.0-150400.37.29.1 * qemu-block-ssh-6.2.0-150400.37.29.1 * qemu-hw-usb-redirect-debuginfo-6.2.0-150400.37.29.1 * qemu-ui-spice-core-debuginfo-6.2.0-150400.37.29.1 * qemu-chardev-baum-6.2.0-150400.37.29.1 * qemu-accel-tcg-x86-debuginfo-6.2.0-150400.37.29.1 * qemu-6.2.0-150400.37.29.1 * qemu-accel-tcg-x86-6.2.0-150400.37.29.1 * qemu-audio-alsa-6.2.0-150400.37.29.1 * qemu-block-curl-6.2.0-150400.37.29.1 * qemu-audio-spice-6.2.0-150400.37.29.1 * qemu-ui-gtk-6.2.0-150400.37.29.1 * qemu-ui-spice-app-debuginfo-6.2.0-150400.37.29.1 * qemu-hw-usb-redirect-6.2.0-150400.37.29.1 * qemu-ui-curses-debuginfo-6.2.0-150400.37.29.1 * qemu-block-iscsi-debuginfo-6.2.0-150400.37.29.1 * qemu-hw-display-virtio-vga-debuginfo-6.2.0-150400.37.29.1 * qemu-hw-display-qxl-debuginfo-6.2.0-150400.37.29.1 * qemu-hw-usb-host-debuginfo-6.2.0-150400.37.29.1 * qemu-tools-6.2.0-150400.37.29.1 * qemu-ui-curses-6.2.0-150400.37.29.1 * qemu-hw-display-virtio-gpu-pci-6.2.0-150400.37.29.1 * qemu-hw-usb-host-6.2.0-150400.37.29.1 * qemu-x86-6.2.0-150400.37.29.1 * qemu-kvm-6.2.0-150400.37.29.1 * qemu-hw-display-qxl-6.2.0-150400.37.29.1 * qemu-guest-agent-6.2.0-150400.37.29.1 * qemu-chardev-spice-debuginfo-6.2.0-150400.37.29.1 * qemu-x86-debuginfo-6.2.0-150400.37.29.1 * qemu-chardev-baum-debuginfo-6.2.0-150400.37.29.1 * qemu-block-curl-debuginfo-6.2.0-150400.37.29.1 * qemu-block-rbd-debuginfo-6.2.0-150400.37.29.1 * qemu-hw-display-virtio-vga-6.2.0-150400.37.29.1 * qemu-ksm-6.2.0-150400.37.29.1 * qemu-guest-agent-debuginfo-6.2.0-150400.37.29.1 * qemu-block-iscsi-6.2.0-150400.37.29.1 * qemu-hw-display-virtio-gpu-debuginfo-6.2.0-150400.37.29.1 * qemu-debugsource-6.2.0-150400.37.29.1 * qemu-chardev-spice-6.2.0-150400.37.29.1 * SUSE Manager Retail Branch Server 4.3 (noarch) * qemu-seabios-1.15.0_0_g2dd4b9b-150400.37.29.1 * qemu-ipxe-1.0.0+-150400.37.29.1 * qemu-vgabios-1.15.0_0_g2dd4b9b-150400.37.29.1 * qemu-sgabios-8-150400.37.29.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * qemu-debuginfo-6.2.0-150400.37.29.1 * qemu-block-rbd-6.2.0-150400.37.29.1 * qemu-tools-debuginfo-6.2.0-150400.37.29.1 * qemu-lang-6.2.0-150400.37.29.1 * qemu-block-ssh-debuginfo-6.2.0-150400.37.29.1 * qemu-block-ssh-6.2.0-150400.37.29.1 * qemu-chardev-baum-6.2.0-150400.37.29.1 * qemu-6.2.0-150400.37.29.1 * qemu-block-curl-6.2.0-150400.37.29.1 * qemu-ui-curses-debuginfo-6.2.0-150400.37.29.1 * qemu-block-iscsi-debuginfo-6.2.0-150400.37.29.1 * qemu-hw-usb-host-debuginfo-6.2.0-150400.37.29.1 * qemu-tools-6.2.0-150400.37.29.1 * qemu-ui-curses-6.2.0-150400.37.29.1 * qemu-hw-usb-host-6.2.0-150400.37.29.1 * qemu-guest-agent-6.2.0-150400.37.29.1 * qemu-chardev-baum-debuginfo-6.2.0-150400.37.29.1 * qemu-block-curl-debuginfo-6.2.0-150400.37.29.1 * qemu-block-rbd-debuginfo-6.2.0-150400.37.29.1 * qemu-ksm-6.2.0-150400.37.29.1 * qemu-guest-agent-debuginfo-6.2.0-150400.37.29.1 * qemu-block-iscsi-6.2.0-150400.37.29.1 * qemu-debugsource-6.2.0-150400.37.29.1 * SUSE Manager Server 4.3 (noarch) * qemu-seabios-1.15.0_0_g2dd4b9b-150400.37.29.1 * qemu-vgabios-1.15.0_0_g2dd4b9b-150400.37.29.1 * qemu-SLOF-6.2.0-150400.37.29.1 * qemu-skiboot-6.2.0-150400.37.29.1 * qemu-sgabios-8-150400.37.29.1 * qemu-ipxe-1.0.0+-150400.37.29.1 * SUSE Manager Server 4.3 (ppc64le x86_64) * qemu-ui-opengl-debuginfo-6.2.0-150400.37.29.1 * qemu-hw-display-virtio-vga-debuginfo-6.2.0-150400.37.29.1 * qemu-hw-display-qxl-6.2.0-150400.37.29.1 * qemu-hw-display-qxl-debuginfo-6.2.0-150400.37.29.1 * qemu-chardev-spice-debuginfo-6.2.0-150400.37.29.1 * qemu-hw-usb-redirect-debuginfo-6.2.0-150400.37.29.1 * qemu-ui-gtk-debuginfo-6.2.0-150400.37.29.1 * qemu-ui-spice-core-debuginfo-6.2.0-150400.37.29.1 * qemu-hw-display-virtio-vga-6.2.0-150400.37.29.1 * qemu-audio-spice-6.2.0-150400.37.29.1 * qemu-ui-gtk-6.2.0-150400.37.29.1 * qemu-ui-opengl-6.2.0-150400.37.29.1 * qemu-audio-spice-debuginfo-6.2.0-150400.37.29.1 * qemu-hw-usb-redirect-6.2.0-150400.37.29.1 * qemu-ui-spice-app-debuginfo-6.2.0-150400.37.29.1 * qemu-ui-spice-app-6.2.0-150400.37.29.1 * qemu-ui-spice-core-6.2.0-150400.37.29.1 * qemu-chardev-spice-6.2.0-150400.37.29.1 * SUSE Manager Server 4.3 (ppc64le) * qemu-ppc-6.2.0-150400.37.29.1 * qemu-ppc-debuginfo-6.2.0-150400.37.29.1 * SUSE Manager Server 4.3 (s390x x86_64) * qemu-hw-display-virtio-gpu-6.2.0-150400.37.29.1 * qemu-kvm-6.2.0-150400.37.29.1 * qemu-hw-display-virtio-gpu-pci-6.2.0-150400.37.29.1 * qemu-hw-display-virtio-gpu-debuginfo-6.2.0-150400.37.29.1 * qemu-hw-display-virtio-gpu-pci-debuginfo-6.2.0-150400.37.29.1 * SUSE Manager Server 4.3 (s390x) * qemu-hw-s390x-virtio-gpu-ccw-6.2.0-150400.37.29.1 * qemu-s390x-debuginfo-6.2.0-150400.37.29.1 * qemu-hw-s390x-virtio-gpu-ccw-debuginfo-6.2.0-150400.37.29.1 * qemu-s390x-6.2.0-150400.37.29.1 * SUSE Manager Server 4.3 (x86_64) * qemu-x86-debuginfo-6.2.0-150400.37.29.1 * qemu-audio-alsa-debuginfo-6.2.0-150400.37.29.1 * qemu-accel-tcg-x86-debuginfo-6.2.0-150400.37.29.1 * qemu-audio-pa-debuginfo-6.2.0-150400.37.29.1 * qemu-accel-tcg-x86-6.2.0-150400.37.29.1 * qemu-audio-alsa-6.2.0-150400.37.29.1 * qemu-audio-pa-6.2.0-150400.37.29.1 * qemu-x86-6.2.0-150400.37.29.1 ## References: * https://www.suse.com/security/cve/CVE-2023-3019.html * https://www.suse.com/security/cve/CVE-2023-6683.html * https://www.suse.com/security/cve/CVE-2024-24474.html * https://www.suse.com/security/cve/CVE-2024-3446.html * https://www.suse.com/security/cve/CVE-2024-3447.html * https://bugzilla.suse.com/show_bug.cgi?id=1213269 * https://bugzilla.suse.com/show_bug.cgi?id=1218889 * https://bugzilla.suse.com/show_bug.cgi?id=1220134 * https://bugzilla.suse.com/show_bug.cgi?id=1222843 * https://bugzilla.suse.com/show_bug.cgi?id=1222845 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Apr 23 16:30:05 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 23 Apr 2024 16:30:05 -0000 Subject: SUSE-SU-2024:1405-1: important: Security update for the Linux Kernel (Live Patch 3 for SLE 15 SP5) Message-ID: <171388980579.19432.4018088582446670498@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 3 for SLE 15 SP5) Announcement ID: SUSE-SU-2024:1405-1 Rating: important References: * bsc#1216644 * bsc#1219435 * bsc#1220828 Cross-References: * CVE-2023-5717 * CVE-2024-1086 * CVE-2024-26622 CVSS scores: * CVE-2023-5717 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-5717 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-1086 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-1086 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26622 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves three vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_55_19 fixes several issues. The following security issues were fixed: * CVE-2023-5717: Fixed a heap out-of-bounds write vulnerability in the Performance Events component (bsc#1216644). * CVE-2024-26622: Fixed UAF write bug in tomoyo_write_control() (bsc#1220828). * CVE-2024-1086: Fixed a use-after-free vulnerability inside the nf_tables component that could have been exploited to achieve local privilege escalation (bsc#1219435). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-1405=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-1405=1 ## Package List: * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP5_Update_3-debugsource-9-150500.2.1 * kernel-livepatch-5_14_21-150500_55_19-default-9-150500.2.1 * kernel-livepatch-5_14_21-150500_55_19-default-debuginfo-9-150500.2.1 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP5_Update_3-debugsource-9-150500.2.1 * kernel-livepatch-5_14_21-150500_55_19-default-9-150500.2.1 * kernel-livepatch-5_14_21-150500_55_19-default-debuginfo-9-150500.2.1 ## References: * https://www.suse.com/security/cve/CVE-2023-5717.html * https://www.suse.com/security/cve/CVE-2024-1086.html * https://www.suse.com/security/cve/CVE-2024-26622.html * https://bugzilla.suse.com/show_bug.cgi?id=1216644 * https://bugzilla.suse.com/show_bug.cgi?id=1219435 * https://bugzilla.suse.com/show_bug.cgi?id=1220828 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Apr 23 16:30:07 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 23 Apr 2024 16:30:07 -0000 Subject: SUSE-SU-2024:1401-1: important: Security update for the Linux Kernel (Live Patch 52 for SLE 12 SP5) Message-ID: <171388980787.19432.7425995126333087669@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 52 for SLE 12 SP5) Announcement ID: SUSE-SU-2024:1401-1 Rating: important References: * bsc#1219435 Cross-References: * CVE-2024-1086 CVSS scores: * CVE-2024-1086 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-1086 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Live Patching 12-SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for the Linux Kernel 4.12.14-122_189 fixes one issue. The following security issue was fixed: * CVE-2024-1086: Fixed a use-after-free vulnerability inside the nf_tables component that could have been exploited to achieve local privilege escalation (bsc#1219435). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 12-SP5 zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2024-1401=1 ## Package List: * SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64) * kgraft-patch-4_12_14-122_189-default-5-2.1 ## References: * https://www.suse.com/security/cve/CVE-2024-1086.html * https://bugzilla.suse.com/show_bug.cgi?id=1219435 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Apr 23 16:30:09 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 23 Apr 2024 16:30:09 -0000 Subject: SUSE-SU-2024:1400-1: important: Security update for the Linux Kernel (Live Patch 47 for SLE 12 SP5) Message-ID: <171388980960.19432.10759466302034392947@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 47 for SLE 12 SP5) Announcement ID: SUSE-SU-2024:1400-1 Rating: important References: * bsc#1216644 * bsc#1219435 Cross-References: * CVE-2023-5717 * CVE-2024-1086 CVSS scores: * CVE-2023-5717 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-5717 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-1086 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-1086 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Live Patching 12-SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves two vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 4.12.14-122_173 fixes several issues. The following security issues were fixed: * CVE-2023-5717: Fixed a heap out-of-bounds write vulnerability in the Performance Events component (bsc#1216644). * CVE-2024-1086: Fixed a use-after-free vulnerability inside the nf_tables component that could have been exploited to achieve local privilege escalation (bsc#1219435). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 12-SP5 zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2024-1400=1 ## Package List: * SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64) * kgraft-patch-4_12_14-122_173-default-9-2.1 ## References: * https://www.suse.com/security/cve/CVE-2023-5717.html * https://www.suse.com/security/cve/CVE-2024-1086.html * https://bugzilla.suse.com/show_bug.cgi?id=1216644 * https://bugzilla.suse.com/show_bug.cgi?id=1219435 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Apr 23 16:30:12 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 23 Apr 2024 16:30:12 -0000 Subject: SUSE-SU-2024:1404-1: low: Security update for kubernetes1.23 Message-ID: <171388981244.19432.16818514282226290106@smelt2.prg2.suse.org> # Security update for kubernetes1.23 Announcement ID: SUSE-SU-2024:1404-1 Rating: low References: * bsc#1222539 Cross-References: * CVE-2024-3177 CVSS scores: * CVE-2024-3177 ( SUSE ): 2.7 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N Affected Products: * Containers Module 15-SP5 * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for kubernetes1.23 fixes the following issues: * CVE-2024-3177: Fixed bypass of mountable secrets policy imposed by the ServiceAccount admission plugin (bsc#1222539) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1404=1 SUSE-2024-1404=1 * Containers Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Containers-15-SP5-2024-1404=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * kubernetes1.23-kubeadm-1.23.17-150500.3.12.1 * kubernetes1.23-proxy-1.23.17-150500.3.12.1 * kubernetes1.23-kubelet-common-1.23.17-150500.3.12.1 * kubernetes1.23-controller-manager-1.23.17-150500.3.12.1 * kubernetes1.23-scheduler-1.23.17-150500.3.12.1 * kubernetes1.23-client-1.23.17-150500.3.12.1 * kubernetes1.23-client-common-1.23.17-150500.3.12.1 * kubernetes1.23-apiserver-1.23.17-150500.3.12.1 * kubernetes1.23-kubelet-1.23.17-150500.3.12.1 * openSUSE Leap 15.5 (noarch) * kubernetes1.23-client-bash-completion-1.23.17-150500.3.12.1 * kubernetes1.23-client-fish-completion-1.23.17-150500.3.12.1 * openSUSE Leap 15.5 (ppc64le) * kubernetes1.23-kubelet-debuginfo-1.23.17-150500.3.12.1 * kubernetes1.23-kubeadm-debuginfo-1.23.17-150500.3.12.1 * kubernetes1.23-controller-manager-debuginfo-1.23.17-150500.3.12.1 * kubernetes1.23-apiserver-debuginfo-1.23.17-150500.3.12.1 * kubernetes1.23-client-debuginfo-1.23.17-150500.3.12.1 * kubernetes1.23-scheduler-debuginfo-1.23.17-150500.3.12.1 * kubernetes1.23-proxy-debuginfo-1.23.17-150500.3.12.1 * Containers Module 15-SP5 (aarch64 ppc64le s390x x86_64) * kubernetes1.23-client-1.23.17-150500.3.12.1 * kubernetes1.23-client-common-1.23.17-150500.3.12.1 * Containers Module 15-SP5 (ppc64le) * kubernetes1.23-client-debuginfo-1.23.17-150500.3.12.1 ## References: * https://www.suse.com/security/cve/CVE-2024-3177.html * https://bugzilla.suse.com/show_bug.cgi?id=1222539 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Apr 23 16:30:14 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 23 Apr 2024 16:30:14 -0000 Subject: SUSE-SU-2024:1403-1: low: Security update for kubernetes1.24 Message-ID: <171388981409.19432.8556706969869668186@smelt2.prg2.suse.org> # Security update for kubernetes1.24 Announcement ID: SUSE-SU-2024:1403-1 Rating: low References: * bsc#1222539 Cross-References: * CVE-2024-3177 CVSS scores: * CVE-2024-3177 ( SUSE ): 2.7 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N Affected Products: * Containers Module 15-SP5 * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for kubernetes1.24 fixes the following issues: * CVE-2024-3177: Fixed bypass of mountable secrets policy imposed by the ServiceAccount admission plugin (bsc#1222539) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-1403=1 openSUSE-SLE-15.5-2024-1403=1 * Containers Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Containers-15-SP5-2024-1403=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * kubernetes1.24-apiserver-1.24.17-150500.3.16.1 * kubernetes1.24-kubelet-1.24.17-150500.3.16.1 * kubernetes1.24-client-common-1.24.17-150500.3.16.1 * kubernetes1.24-kubeadm-1.24.17-150500.3.16.1 * kubernetes1.24-proxy-1.24.17-150500.3.16.1 * kubernetes1.24-controller-manager-1.24.17-150500.3.16.1 * kubernetes1.24-kubelet-common-1.24.17-150500.3.16.1 * kubernetes1.24-scheduler-1.24.17-150500.3.16.1 * kubernetes1.24-client-1.24.17-150500.3.16.1 * openSUSE Leap 15.5 (noarch) * kubernetes1.24-client-fish-completion-1.24.17-150500.3.16.1 * kubernetes1.24-client-bash-completion-1.24.17-150500.3.16.1 * Containers Module 15-SP5 (aarch64 ppc64le s390x x86_64) * kubernetes1.24-client-1.24.17-150500.3.16.1 * kubernetes1.24-client-common-1.24.17-150500.3.16.1 ## References: * https://www.suse.com/security/cve/CVE-2024-3177.html * https://bugzilla.suse.com/show_bug.cgi?id=1222539 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Apr 23 16:30:17 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 23 Apr 2024 16:30:17 -0000 Subject: SUSE-SU-2024:1402-1: moderate: Security update for opensc Message-ID: <171388981701.19432.6607783349988889241@smelt2.prg2.suse.org> # Security update for opensc Announcement ID: SUSE-SU-2024:1402-1 Rating: moderate References: * bsc#1219386 Cross-References: * CVE-2023-5992 CVSS scores: * CVE-2023-5992 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N * CVE-2023-5992 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap Micro 5.3 * openSUSE Leap Micro 5.4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for opensc fixes the following issues: * CVE-2023-5992: Fixed side-channel leaks while stripping encryption PKCS#1 padding (bsc#1219386) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-1402=1 * openSUSE Leap Micro 5.3 zypper in -t patch openSUSE-Leap-Micro-5.3-2024-1402=1 * openSUSE Leap Micro 5.4 zypper in -t patch openSUSE-Leap-Micro-5.4-2024-1402=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1402=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-1402=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-1402=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-1402=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-1402=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-1402=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-1402=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * opensc-debuginfo-0.22.0-150400.3.9.1 * opensc-debugsource-0.22.0-150400.3.9.1 * opensc-0.22.0-150400.3.9.1 * openSUSE Leap 15.4 (x86_64) * opensc-32bit-debuginfo-0.22.0-150400.3.9.1 * opensc-32bit-0.22.0-150400.3.9.1 * openSUSE Leap 15.4 (aarch64_ilp32) * opensc-64bit-debuginfo-0.22.0-150400.3.9.1 * opensc-64bit-0.22.0-150400.3.9.1 * openSUSE Leap Micro 5.3 (aarch64 x86_64) * opensc-debuginfo-0.22.0-150400.3.9.1 * opensc-debugsource-0.22.0-150400.3.9.1 * opensc-0.22.0-150400.3.9.1 * openSUSE Leap Micro 5.4 (aarch64 s390x x86_64) * opensc-debuginfo-0.22.0-150400.3.9.1 * opensc-debugsource-0.22.0-150400.3.9.1 * opensc-0.22.0-150400.3.9.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * opensc-debuginfo-0.22.0-150400.3.9.1 * opensc-debugsource-0.22.0-150400.3.9.1 * opensc-0.22.0-150400.3.9.1 * openSUSE Leap 15.5 (x86_64) * opensc-32bit-debuginfo-0.22.0-150400.3.9.1 * opensc-32bit-0.22.0-150400.3.9.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * opensc-debuginfo-0.22.0-150400.3.9.1 * opensc-debugsource-0.22.0-150400.3.9.1 * opensc-0.22.0-150400.3.9.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * opensc-debuginfo-0.22.0-150400.3.9.1 * opensc-debugsource-0.22.0-150400.3.9.1 * opensc-0.22.0-150400.3.9.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * opensc-debuginfo-0.22.0-150400.3.9.1 * opensc-debugsource-0.22.0-150400.3.9.1 * opensc-0.22.0-150400.3.9.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * opensc-debuginfo-0.22.0-150400.3.9.1 * opensc-debugsource-0.22.0-150400.3.9.1 * opensc-0.22.0-150400.3.9.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 s390x x86_64) * opensc-debuginfo-0.22.0-150400.3.9.1 * opensc-debugsource-0.22.0-150400.3.9.1 * opensc-0.22.0-150400.3.9.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * opensc-debuginfo-0.22.0-150400.3.9.1 * opensc-debugsource-0.22.0-150400.3.9.1 * opensc-0.22.0-150400.3.9.1 ## References: * https://www.suse.com/security/cve/CVE-2023-5992.html * https://bugzilla.suse.com/show_bug.cgi?id=1219386 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Apr 23 20:30:04 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 23 Apr 2024 20:30:04 -0000 Subject: SUSE-SU-2024:1410-1: important: Security update for the Linux Kernel (Live Patch 8 for SLE 15 SP5) Message-ID: <171390420414.19537.7189128781104515373@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 8 for SLE 15 SP5) Announcement ID: SUSE-SU-2024:1410-1 Rating: important References: * bsc#1219435 * bsc#1220828 Cross-References: * CVE-2024-1086 * CVE-2024-26622 CVSS scores: * CVE-2024-1086 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-1086 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26622 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves two vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_55_39 fixes several issues. The following security issues were fixed: * CVE-2024-26622: Fixed UAF write bug in tomoyo_write_control() (bsc#1220828). * CVE-2024-1086: Fixed a use-after-free vulnerability inside the nf_tables component that could have been exploited to achieve local privilege escalation (bsc#1219435). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-1410=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-1410=1 ## Package List: * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_39-default-6-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_8-debugsource-6-150500.2.1 * kernel-livepatch-5_14_21-150500_55_39-default-debuginfo-6-150500.2.1 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_39-default-6-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_8-debugsource-6-150500.2.1 * kernel-livepatch-5_14_21-150500_55_39-default-debuginfo-6-150500.2.1 ## References: * https://www.suse.com/security/cve/CVE-2024-1086.html * https://www.suse.com/security/cve/CVE-2024-26622.html * https://bugzilla.suse.com/show_bug.cgi?id=1219435 * https://bugzilla.suse.com/show_bug.cgi?id=1220828 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Apr 23 20:30:06 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 23 Apr 2024 20:30:06 -0000 Subject: SUSE-SU-2024:1409-1: important: Security update for the Linux Kernel (Live Patch 10 for SLE 15 SP5) Message-ID: <171390420619.19537.6569751419582550822@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 10 for SLE 15 SP5) Announcement ID: SUSE-SU-2024:1409-1 Rating: important References: * bsc#1219296 * bsc#1220828 Cross-References: * CVE-2023-52340 * CVE-2024-26622 CVSS scores: * CVE-2023-52340 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26622 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves two vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_55_49 fixes several issues. The following security issues were fixed: * CVE-2024-26622: Fixed UAF write bug in tomoyo_write_control() (bsc#1220828). * CVE-2023-52340: Fixed ICMPv6 ?Packet Too Big? packets force a DoS of the Linux kernel by forcing 100% CPU (bsc#1219296). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-1409=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-1409=1 ## Package List: * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_49-default-3-150500.11.8.1 * kernel-livepatch-5_14_21-150500_55_49-default-debuginfo-3-150500.11.8.1 * kernel-livepatch-SLE15-SP5_Update_10-debugsource-3-150500.11.8.1 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_49-default-3-150500.11.8.1 * kernel-livepatch-5_14_21-150500_55_49-default-debuginfo-3-150500.11.8.1 * kernel-livepatch-SLE15-SP5_Update_10-debugsource-3-150500.11.8.1 ## References: * https://www.suse.com/security/cve/CVE-2023-52340.html * https://www.suse.com/security/cve/CVE-2024-26622.html * https://bugzilla.suse.com/show_bug.cgi?id=1219296 * https://bugzilla.suse.com/show_bug.cgi?id=1220828 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Apr 23 20:30:08 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 23 Apr 2024 20:30:08 -0000 Subject: SUSE-SU-2024:1406-1: important: Security update for the Linux Kernel (Live Patch 6 for SLE 15 SP5) Message-ID: <171390420836.19537.14759125126302914710@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 6 for SLE 15 SP5) Announcement ID: SUSE-SU-2024:1406-1 Rating: important References: * bsc#1216644 * bsc#1219435 * bsc#1220828 Cross-References: * CVE-2023-5717 * CVE-2024-1086 * CVE-2024-26622 CVSS scores: * CVE-2023-5717 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-5717 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-1086 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-1086 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26622 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves three vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_55_31 fixes several issues. The following security issues were fixed: * CVE-2023-5717: Fixed a heap out-of-bounds write vulnerability in the Performance Events component (bsc#1216644). * CVE-2024-26622: Fixed UAF write bug in tomoyo_write_control() (bsc#1220828). * CVE-2024-1086: Fixed a use-after-free vulnerability inside the nf_tables component that could have been exploited to achieve local privilege escalation (bsc#1219435). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-1407=1 SUSE-2024-1406=1 * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2024-1407=1 SUSE-SLE- Module-Live-Patching-15-SP4-2024-1406=1 * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-1408=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-1408=1 ## Package List: * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP4_Update_18-debugsource-8-150400.2.1 * kernel-livepatch-5_14_21-150400_24_74-default-debuginfo-10-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_15-debugsource-10-150400.2.1 * kernel-livepatch-5_14_21-150400_24_88-default-8-150400.2.1 * kernel-livepatch-5_14_21-150400_24_88-default-debuginfo-8-150400.2.1 * kernel-livepatch-5_14_21-150400_24_74-default-10-150400.2.1 * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP4_Update_18-debugsource-8-150400.2.1 * kernel-livepatch-5_14_21-150400_24_74-default-debuginfo-10-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_15-debugsource-10-150400.2.1 * kernel-livepatch-5_14_21-150400_24_88-default-8-150400.2.1 * kernel-livepatch-5_14_21-150400_24_88-default-debuginfo-8-150400.2.1 * kernel-livepatch-5_14_21-150400_24_74-default-10-150400.2.1 * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP5_Update_6-debugsource-7-150500.2.1 * kernel-livepatch-5_14_21-150500_55_31-default-debuginfo-7-150500.2.1 * kernel-livepatch-5_14_21-150500_55_31-default-7-150500.2.1 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP5_Update_6-debugsource-7-150500.2.1 * kernel-livepatch-5_14_21-150500_55_31-default-debuginfo-7-150500.2.1 * kernel-livepatch-5_14_21-150500_55_31-default-7-150500.2.1 ## References: * https://www.suse.com/security/cve/CVE-2023-5717.html * https://www.suse.com/security/cve/CVE-2024-1086.html * https://www.suse.com/security/cve/CVE-2024-26622.html * https://bugzilla.suse.com/show_bug.cgi?id=1216644 * https://bugzilla.suse.com/show_bug.cgi?id=1219435 * https://bugzilla.suse.com/show_bug.cgi?id=1220828 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Apr 24 08:30:06 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 24 Apr 2024 08:30:06 -0000 Subject: SUSE-SU-2024:1411-1: important: Security update for the Linux Kernel (Live Patch 23 for SLE 15 SP4) Message-ID: <171394740601.28360.940439962012625422@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 23 for SLE 15 SP4) Announcement ID: SUSE-SU-2024:1411-1 Rating: important References: * bsc#1219296 * bsc#1220828 Cross-References: * CVE-2023-52340 * CVE-2024-26622 CVSS scores: * CVE-2023-52340 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26622 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves two vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150400_24_108 fixes several issues. The following security issues were fixed: * CVE-2024-26622: Fixed UAF write bug in tomoyo_write_control() (bsc#1220828). * CVE-2023-52340: Fixed ICMPv6 ?Packet Too Big? packets force a DoS of the Linux kernel by forcing 100% CPU (bsc#1219296). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-1411=1 * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2024-1411=1 ## Package List: * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_108-default-debuginfo-3-150400.9.8.1 * kernel-livepatch-SLE15-SP4_Update_23-debugsource-3-150400.9.8.1 * kernel-livepatch-5_14_21-150400_24_108-default-3-150400.9.8.1 * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_108-default-debuginfo-3-150400.9.8.1 * kernel-livepatch-SLE15-SP4_Update_23-debugsource-3-150400.9.8.1 * kernel-livepatch-5_14_21-150400_24_108-default-3-150400.9.8.1 ## References: * https://www.suse.com/security/cve/CVE-2023-52340.html * https://www.suse.com/security/cve/CVE-2024-26622.html * https://bugzilla.suse.com/show_bug.cgi?id=1219296 * https://bugzilla.suse.com/show_bug.cgi?id=1220828 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Apr 24 12:30:02 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 24 Apr 2024 12:30:02 -0000 Subject: SUSE-SU-2024:1418-1: important: Security update for the Linux Kernel (Live Patch 19 for SLE 15 SP4) Message-ID: <171396180260.27205.16885531791062103888@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 19 for SLE 15 SP4) Announcement ID: SUSE-SU-2024:1418-1 Rating: important References: * bsc#1216644 * bsc#1219435 * bsc#1220828 Cross-References: * CVE-2023-5717 * CVE-2024-1086 * CVE-2024-26622 CVSS scores: * CVE-2023-5717 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-5717 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-1086 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-1086 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26622 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves three vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150400_24_92 fixes several issues. The following security issues were fixed: * CVE-2023-5717: Fixed a heap out-of-bounds write vulnerability in the Performance Events component (bsc#1216644). * CVE-2024-26622: Fixed UAF write bug in tomoyo_write_control() (bsc#1220828). * CVE-2024-1086: Fixed a use-after-free vulnerability inside the nf_tables component that could have been exploited to achieve local privilege escalation (bsc#1219435). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-1418=1 * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2024-1418=1 ## Package List: * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_92-default-debuginfo-7-150400.2.1 * kernel-livepatch-5_14_21-150400_24_92-default-7-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_19-debugsource-7-150400.2.1 * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_92-default-debuginfo-7-150400.2.1 * kernel-livepatch-5_14_21-150400_24_92-default-7-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_19-debugsource-7-150400.2.1 ## References: * https://www.suse.com/security/cve/CVE-2023-5717.html * https://www.suse.com/security/cve/CVE-2024-1086.html * https://www.suse.com/security/cve/CVE-2024-26622.html * https://bugzilla.suse.com/show_bug.cgi?id=1216644 * https://bugzilla.suse.com/show_bug.cgi?id=1219435 * https://bugzilla.suse.com/show_bug.cgi?id=1220828 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Apr 24 12:30:04 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 24 Apr 2024 12:30:04 -0000 Subject: SUSE-SU-2024:1428-1: moderate: Security update for python-idna Message-ID: <171396180447.27205.16608035352989755180@smelt2.prg2.suse.org> # Security update for python-idna Announcement ID: SUSE-SU-2024:1428-1 Rating: moderate References: * bsc#1222842 Cross-References: * CVE-2024-3651 CVSS scores: * CVE-2024-3651 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * Public Cloud Module 12 * SUSE Linux Enterprise High Performance Computing 12 SP2 * SUSE Linux Enterprise High Performance Computing 12 SP3 * SUSE Linux Enterprise High Performance Computing 12 SP4 * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 * SUSE Linux Enterprise Server 12 SP1 * SUSE Linux Enterprise Server 12 SP2 * SUSE Linux Enterprise Server 12 SP3 * SUSE Linux Enterprise Server 12 SP4 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 * SUSE Linux Enterprise Server for SAP Applications 12 SP1 * SUSE Linux Enterprise Server for SAP Applications 12 SP2 * SUSE Linux Enterprise Server for SAP Applications 12 SP3 * SUSE Linux Enterprise Server for SAP Applications 12 SP4 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for python-idna fixes the following issues: * CVE-2024-3651: Fixed potential DoS via resource consumption via specially crafted inputs to idna.encode() (bsc#1222842). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Public Cloud Module 12 zypper in -t patch SUSE-SLE-Module-Public-Cloud-12-2024-1428=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1428=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1428=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1428=1 ## Package List: * Public Cloud Module 12 (noarch) * python3-idna-2.5-3.13.1 * python-idna-2.5-3.13.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (noarch) * python3-idna-2.5-3.13.1 * python-idna-2.5-3.13.1 * SUSE Linux Enterprise Server 12 SP5 (noarch) * python3-idna-2.5-3.13.1 * python-idna-2.5-3.13.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (noarch) * python3-idna-2.5-3.13.1 * python-idna-2.5-3.13.1 ## References: * https://www.suse.com/security/cve/CVE-2024-3651.html * https://bugzilla.suse.com/show_bug.cgi?id=1222842 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Apr 24 12:30:10 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 24 Apr 2024 12:30:10 -0000 Subject: SUSE-SU-2024:1427-1: moderate: Security Beta update for SUSE Manager Client Tools and Salt Message-ID: <171396181018.27205.14983237497175645603@smelt2.prg2.suse.org> # Security Beta update for SUSE Manager Client Tools and Salt Announcement ID: SUSE-SU-2024:1427-1 Rating: moderate References: * bsc#1008037 * bsc#1008038 * bsc#1010940 * bsc#1019021 * bsc#1038785 * bsc#1059235 * bsc#1099805 * bsc#1166389 * bsc#1171823 * bsc#1174145 * bsc#1174302 * bsc#1175993 * bsc#1177948 * bsc#1216854 * bsc#1219002 * bsc#1219887 * bsc#1219912 * bsc#1220371 * bsc#1221092 * jsc#MSQA-759 Cross-References: * CVE-2016-8647 * CVE-2016-9587 * CVE-2017-7550 * CVE-2018-10874 * CVE-2020-14365 * CVE-2023-5764 * CVE-2023-6152 * CVE-2024-0690 CVSS scores: * CVE-2016-8647 ( NVD ): 4.9 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N * CVE-2016-8647 ( NVD ): 2.2 CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:N * CVE-2016-9587 ( NVD ): 8.1 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2017-7550 ( SUSE ): 8.5 CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2017-7550 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2017-7550 ( NVD ): 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2018-10874 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2018-10874 ( NVD ): 7.8 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2020-14365 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2020-14365 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2023-5764 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N * CVE-2023-5764 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6152 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2024-0690 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0690 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * openSUSE Leap 15.3 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 * SUSE Linux Enterprise Desktop 15 SP1 * SUSE Linux Enterprise Desktop 15 SP2 * SUSE Linux Enterprise Desktop 15 SP3 * SUSE Linux Enterprise Desktop 15 SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 * SUSE Linux Enterprise High Performance Computing 15 SP1 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.0 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP1 * SUSE Linux Enterprise Real Time 15 SP2 * SUSE Linux Enterprise Real Time 15 SP3 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 * SUSE Linux Enterprise Server 15 SP1 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 * SUSE Linux Enterprise Server for SAP Applications 15 SP1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Client Tools Beta for SLE 15 * SUSE Manager Client Tools Beta for SLE Micro 5 An update that solves eight vulnerabilities, contains one feature and has 11 security fixes can now be installed. ## Description: This update fixes the following issues: POS_Image-Graphical7: * Update to version 0.1.1710765237.46af599 * Move image services to dracut-saltboot package * Use salt bundle * Update to version 0.1.1645440615.7f1328c * Remove deprecated kiwi functions POS_Image-JeOS7: * Update to version 0.1.1710765237.46af599 * Move image services to dracut-saltboot package * Use salt bundle * Update to version 0.1.1645440615.7f1328c * Remove deprecated kiwi functions ansible: * CVE-2023-5764: Address issues where internal templating can cause unsafe variables to lose their unsafe designation (bsc#1216854) * breaking_changes: assert - Nested templating may result in an inability for the conditional to be evaluated. See the porting guide for more information. * CVE-2024-0690: Address issue where ANSIBLE_NO_LOG was ignored (bsc#1219002) * CVE-2020-14365: Do a GPG validation if the disable_gpg_check option is not set. (bsc#1175993) * Don't Require python-coverage, it is needed only for testing (bsc#1177948) * CVE-2018-10874: Inventory variables are loaded from current working directory when running ad-hoc command that can lead to code execution (included upstream in 2.6.1) (bsc#1099805) dracut-saltboot: * Update to version 0.1.1710765237.46af599 * Load only first available leaseinfo (bsc#1221092) * Update to version 0.1.1681904360.84ef141 grafana: * Require Go 1.20 * Update to version 9.5.16: * [SECURITY] CVE-2023-6152: Add email verification when updating user email (bsc#1219912) * [BUGFIX] Annotations: Split cleanup into separate queries and deletes to avoid deadlocks on MySQL * Update to version 9.5.15: * [FEATURE] Alerting: Attempt to retry retryable errors * Update to version 9.5.14: * [BUGFIX] Alerting: Fix state manager to not keep datasource_uid and ref_id labels in state after Error * [BUGFIX] Transformations: Config overrides being lost when config from query transform is applied * [BUGFIX] LDAP: Fix enable users on successfull login * Update to version 9.5.13: * [BUGFIX] BrowseDashboards: Only remember the most recent expanded folder * [BUGFIX] Licensing: Pass func to update env variables when starting plugin * Update to version 9.5.12: * [FEATURE] Azure: Add support for Workload Identity authentication * Update to version 9.5.9: * [FEATURE] SSE: Fix DSNode to not panic when response has empty response * [FEATURE] Prometheus: Handle the response with different field key order * [BUGFIX] LDAP: Fix user disabling golang-github-prometheus-node_exporter: * Add `device_error` label for filesystem metrics. * Update rtnetlink library to fix errors during ARP metrics collection. * Update to 1.7.0 (jsc#PED-7893, jsc#PED-7928): * [FEATURE] Add ZFS freebsd per dataset stats #2753 * [FEATURE] Add cpu vulnerabilities reporting from sysfs #2721 * [ENHANCEMENT] Parallelize stat calls in Linux filesystem collector #1772 * [ENHANCEMENT] Add missing linkspeeds to ethtool collector #2711 * [ENHANCEMENT] Add CPU MHz as the value for node_cpu_info metric #2778 * [ENHANCEMENT] Improve qdisc collector performance #2779 * [ENHANCEMENT] Add include and exclude filter for hwmon collector #2699 * [ENHANCEMENT] Optionally fetch ARP stats via rtnetlink instead of procfs #2777 * [BUFFIX] Fix ZFS arcstats on FreeBSD 14.0+ 2754 * [BUGFIX] Fallback to 32-bit stats in netdev #2757 * [BUGFIX] Close btrfs.FS handle after use #2780 * [BUGFIX] Move RO status before error return #2807 * [BUFFIX] Fix promhttp_metric_handler_errors_total being always active #2808 * [BUGFIX] Fix nfsd v4 index miss #2824 * Update to 1.6.1: (no source code changes in this release) * BuildRequire go1.20 * Update to 1.6.0: * [CHANGE] Fix cpustat when some cpus are offline #2318 * [CHANGE] Remove metrics of offline CPUs in CPU collector #2605 * [CHANGE] Deprecate ntp collector #2603 * [CHANGE] Remove bcache `cache_readaheads_totals` metrics #2583 * [CHANGE] Deprecate supervisord collector #2685 * [FEATURE] Enable uname collector on NetBSD #2559 * [FEATURE] NetBSD support for the meminfo collector #2570 * [FEATURE] NetBSD support for CPU collector #2626 * [FEATURE] Add FreeBSD collector for netisr subsystem #2668 * [FEATURE] Add softirqs collector #2669 * [ENHANCEMENT] Add suspended as a `node_zfs_zpool_state` #2449 * [ENHANCEMENT] Add administrative state of Linux network interfaces #2515 * [ENHANCEMENT] Log current value of GOMAXPROCS #2537 * [ENHANCEMENT] Add profiler options for perf collector #2542 * [ENHANCEMENT] Allow root path as metrics path #2590 * [ENHANCEMENT] Add cpu frequency governor metrics #2569 * [ENHANCEMENT] Add new landing page #2622 * [ENHANCEMENT] Reduce privileges needed for btrfs device stats #2634 * [ENHANCEMENT] Add ZFS `memory_available_bytes` #2687 * [ENHANCEMENT] Use `SCSI_IDENT_SERIAL` as serial in diskstats #2612 * [ENHANCEMENT] Read missing from netlink netclass attributes from sysfs #2669 * [BUGFIX] perf: fixes for automatically detecting the correct tracefs mountpoints #2553 * [BUGFIX] Fix `thermal_zone` collector noise @2554 * [BUGFIX] Fix a problem fetching the user wire count on FreeBSD 2584 * [BUGFIX] interrupts: Fix fields on linux aarch64 #2631 * [BUGFIX] Remove metrics of offline CPUs in CPU collector #2605 * [BUGFIX] Fix OpenBSD filesystem collector string parsing #2637 * [BUGFIX] Fix bad reporting of `node_cpu_seconds_total` in OpenBSD #2663 * Change go_modules archive in _service to use obscpio file spacecmd: * Version 5.0.5-0 * Update translation strings spacewalk-client-tools: * Version 5.0.4-0 * Remove rhn-profile-sync rhn_register spacewalk-channel and spacewalk-update- status supportutils-plugin-susemanager-client: * Version 5.0.3-0 * Remove rhnsd from client actions and server backend uyuni-tools: * Version 0.1.7-0 * Fix wrong Cobbler spacewalk_authentication_endpoint property after upgrade or migration * Fix migration script using missing awk in migration image * Version 0.1.6-0 * Pull image from authenticated registry * Port 80 should be published to the port 80 of the containers. 8080 is squid * Autogenerate the database password * Add mgrctl term command * Fix --version flag * Deny uyuni to suma upgrade and viceversa * Refactor upgrade to clarify script end adding post upgrade script (bsc#1219887) * Add mgradm install podman arguments to define big volumes storage * k8s migration use same functions as upgrade * Allow to use images from RPM if present * Schedule a system list refresh after migrate if not runned before * Ignore error on optional flag * Fix migration of multiple autoinstallable distributions * Obsolete uyuni-proxy-systemd-service package by mgrpxy * Add GitHub workflow for checking changelog * Allow installation using --image image:tag * Add command to register Peripheral server to Hub * Add Node exporter (9100) and Taskomatic (9800) ports to the list of open TCP ports * Fix minimal administrator password length * Do not assume the current host is a cluster node when getting kubelet version * Add mgrpxy start, stop and restart commands * Remove shm size constraints on the server * Add mgrpxy and mgradm status commands * Use uninstall commands dry run by default to avoid unintended removals * Make first user mandatory at install time * Add inspect and upgrade command * Improve error handling when exec.Command is used * Start/Stop/Restart command with kubernetes * Version 0.1.5-0 * Install aardvark-dns if netavark is installed (bsc#1220371) ## Special Instructions and Notes: ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Client Tools Beta for SLE 15 zypper in -t patch SUSE-SLE-Manager-Tools-15-BETA-2024-1427=1 * SUSE Manager Client Tools Beta for SLE Micro 5 zypper in -t patch SUSE-SLE-Manager-Tools-Beta-For-Micro-5-2024-1427=1 ## Package List: * SUSE Manager Client Tools Beta for SLE 15 (noarch) * ansible-2.9.27-159000.3.12.2 * ansible-doc-2.9.27-159000.3.12.2 * python3-spacewalk-check-5.0.4-159000.6.54.2 * spacecmd-5.0.5-159000.6.48.2 * supportutils-plugin-susemanager-client-5.0.3-159000.6.21.2 * mgrctl-zsh-completion-0.1.7-159000.3.8.1 * python3-spacewalk-client-tools-5.0.4-159000.6.54.2 * POS_Image-Graphical7-0.1.1710765237.46af599-159000.3.24.2 * spacewalk-client-setup-5.0.4-159000.6.54.2 * dracut-saltboot-0.1.1710765237.46af599-159000.3.33.2 * spacewalk-client-tools-5.0.4-159000.6.54.2 * POS_Image-JeOS7-0.1.1710765237.46af599-159000.3.24.2 * mgrctl-bash-completion-0.1.7-159000.3.8.1 * spacewalk-check-5.0.4-159000.6.54.2 * python3-spacewalk-client-setup-5.0.4-159000.6.54.2 * SUSE Manager Client Tools Beta for SLE 15 (aarch64 ppc64le s390x x86_64) * mgrctl-0.1.7-159000.3.8.1 * grafana-debuginfo-9.5.16-159000.4.30.2 * grafana-9.5.16-159000.4.30.2 * SUSE Manager Client Tools Beta for SLE Micro 5 (aarch64 s390x x86_64) * mgrctl-0.1.7-159000.3.8.1 * golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1 * SUSE Manager Client Tools Beta for SLE Micro 5 (noarch) * mgrctl-bash-completion-0.1.7-159000.3.8.1 * mgrctl-zsh-completion-0.1.7-159000.3.8.1 ## References: * https://www.suse.com/security/cve/CVE-2016-8647.html * https://www.suse.com/security/cve/CVE-2016-9587.html * https://www.suse.com/security/cve/CVE-2017-7550.html * https://www.suse.com/security/cve/CVE-2018-10874.html * https://www.suse.com/security/cve/CVE-2020-14365.html * https://www.suse.com/security/cve/CVE-2023-5764.html * https://www.suse.com/security/cve/CVE-2023-6152.html * https://www.suse.com/security/cve/CVE-2024-0690.html * https://bugzilla.suse.com/show_bug.cgi?id=1008037 * https://bugzilla.suse.com/show_bug.cgi?id=1008038 * https://bugzilla.suse.com/show_bug.cgi?id=1010940 * https://bugzilla.suse.com/show_bug.cgi?id=1019021 * https://bugzilla.suse.com/show_bug.cgi?id=1038785 * https://bugzilla.suse.com/show_bug.cgi?id=1059235 * https://bugzilla.suse.com/show_bug.cgi?id=1099805 * https://bugzilla.suse.com/show_bug.cgi?id=1166389 * https://bugzilla.suse.com/show_bug.cgi?id=1171823 * https://bugzilla.suse.com/show_bug.cgi?id=1174145 * https://bugzilla.suse.com/show_bug.cgi?id=1174302 * https://bugzilla.suse.com/show_bug.cgi?id=1175993 * https://bugzilla.suse.com/show_bug.cgi?id=1177948 * https://bugzilla.suse.com/show_bug.cgi?id=1216854 * https://bugzilla.suse.com/show_bug.cgi?id=1219002 * https://bugzilla.suse.com/show_bug.cgi?id=1219887 * https://bugzilla.suse.com/show_bug.cgi?id=1219912 * https://bugzilla.suse.com/show_bug.cgi?id=1220371 * https://bugzilla.suse.com/show_bug.cgi?id=1221092 * https://jira.suse.com/browse/MSQA-759 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Apr 24 12:30:21 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 24 Apr 2024 12:30:21 -0000 Subject: SUSE-SU-2024:1419-1: moderate: Security Beta update for SUSE Manager Client Tools Message-ID: <171396182137.27205.2761963547305183091@smelt2.prg2.suse.org> # Security Beta update for SUSE Manager Client Tools Announcement ID: SUSE-SU-2024:1419-1 Rating: moderate References: * bsc#1219887 * bsc#1219912 * bsc#1220371 * jsc#MSQA-759 * jsc#PED-7893 * jsc#PED-7928 Cross-References: * CVE-2023-6152 CVSS scores: * CVE-2023-6152 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L Affected Products: * SUSE Linux Enterprise Desktop 12 * SUSE Linux Enterprise Desktop 12 SP1 * SUSE Linux Enterprise Desktop 12 SP2 * SUSE Linux Enterprise Desktop 12 SP3 * SUSE Linux Enterprise Desktop 12 SP4 * SUSE Linux Enterprise High Performance Computing 12 SP2 * SUSE Linux Enterprise High Performance Computing 12 SP3 * SUSE Linux Enterprise High Performance Computing 12 SP4 * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 * SUSE Linux Enterprise Server 12 SP1 * SUSE Linux Enterprise Server 12 SP2 * SUSE Linux Enterprise Server 12 SP3 * SUSE Linux Enterprise Server 12 SP4 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 * SUSE Linux Enterprise Server for SAP Applications 12 SP1 * SUSE Linux Enterprise Server for SAP Applications 12 SP2 * SUSE Linux Enterprise Server for SAP Applications 12 SP3 * SUSE Linux Enterprise Server for SAP Applications 12 SP4 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Server for the Raspberry Pi 12-SP2 * SUSE Manager Client Tools Beta for SLE 12 An update that solves one vulnerability, contains three features and has two security fixes can now be installed. ## Description: This update fixes the following issues: golang-github-prometheus-alertmanager: * Use %patch -P N instead of deprecated %patchN golang-github-prometheus-node_exporter: * Add `device_error` label for filesystem metrics. * Update rtnetlink library to fix errors during ARP metrics collection. * Update to 1.7.0 (jsc#PED-7893, jsc#PED-7928): * [FEATURE] Add ZFS freebsd per dataset stats #2753 * [FEATURE] Add cpu vulnerabilities reporting from sysfs #2721 * [ENHANCEMENT] Parallelize stat calls in Linux filesystem collector #1772 * [ENHANCEMENT] Add missing linkspeeds to ethtool collector #2711 * [ENHANCEMENT] Add CPU MHz as the value for node_cpu_info metric #2778 * [ENHANCEMENT] Improve qdisc collector performance #2779 * [ENHANCEMENT] Add include and exclude filter for hwmon collector #2699 * [ENHANCEMENT] Optionally fetch ARP stats via rtnetlink instead of procfs #2777 * [BUFFIX] Fix ZFS arcstats on FreeBSD 14.0+ 2754 * [BUGFIX] Fallback to 32-bit stats in netdev #2757 * [BUGFIX] Close btrfs.FS handle after use #2780 * [BUGFIX] Move RO status before error return #2807 * [BUFFIX] Fix promhttp_metric_handler_errors_total being always active #2808 * [BUGFIX] Fix nfsd v4 index miss #2824 * Update to 1.6.1: (no source code changes in this release) * BuildRequire go1.20 * Update to 1.6.0: * [CHANGE] Fix cpustat when some cpus are offline #2318 * [CHANGE] Remove metrics of offline CPUs in CPU collector #2605 * [CHANGE] Deprecate ntp collector #2603 * [CHANGE] Remove bcache `cache_readaheads_totals` metrics #2583 * [CHANGE] Deprecate supervisord collector #2685 * [FEATURE] Enable uname collector on NetBSD #2559 * [FEATURE] NetBSD support for the meminfo collector #2570 * [FEATURE] NetBSD support for CPU collector #2626 * [FEATURE] Add FreeBSD collector for netisr subsystem #2668 * [FEATURE] Add softirqs collector #2669 * [ENHANCEMENT] Add suspended as a `node_zfs_zpool_state` #2449 * [ENHANCEMENT] Add administrative state of Linux network interfaces #2515 * [ENHANCEMENT] Log current value of GOMAXPROCS #2537 * [ENHANCEMENT] Add profiler options for perf collector #2542 * [ENHANCEMENT] Allow root path as metrics path #2590 * [ENHANCEMENT] Add cpu frequency governor metrics #2569 * [ENHANCEMENT] Add new landing page #2622 * [ENHANCEMENT] Reduce privileges needed for btrfs device stats #2634 * [ENHANCEMENT] Add ZFS `memory_available_bytes` #2687 * [ENHANCEMENT] Use `SCSI_IDENT_SERIAL` as serial in diskstats #2612 * [ENHANCEMENT] Read missing from netlink netclass attributes from sysfs #2669 * [BUGFIX] perf: fixes for automatically detecting the correct tracefs mountpoints #2553 * [BUGFIX] Fix `thermal_zone` collector noise @2554 * [BUGFIX] Fix a problem fetching the user wire count on FreeBSD 2584 * [BUGFIX] interrupts: Fix fields on linux aarch64 #2631 * [BUGFIX] Remove metrics of offline CPUs in CPU collector #2605 * [BUGFIX] Fix OpenBSD filesystem collector string parsing #2637 * [BUGFIX] Fix bad reporting of `node_cpu_seconds_total` in OpenBSD #2663 * Change go_modules archive in _service to use obscpio file golang-github-prometheus-promu: * Don't pass -extldflags -static by default grafana: * Require Go 1.20 * Update to version 9.5.16: * [SECURITY] CVE-2023-6152: Add email verification when updating user email (bsc#1219912) * [BUGFIX] Annotations: Split cleanup into separate queries and deletes to avoid deadlocks on MySQL * Update to version 9.5.15: * [FEATURE] Alerting: Attempt to retry retryable errors * Update to version 9.5.14: * [BUGFIX] Alerting: Fix state manager to not keep datasource_uid and ref_id labels in state after Error * [BUGFIX] Transformations: Config overrides being lost when config from query transform is applied * [BUGFIX] LDAP: Fix enable users on successfull login * Update to version 9.5.13: * [BUGFIX] BrowseDashboards: Only remember the most recent expanded folder * [BUGFIX] Licensing: Pass func to update env variables when starting plugin * Update to version 9.5.12: * [FEATURE] Azure: Add support for Workload Identity authentication * Update to version 9.5.9: * [FEATURE] SSE: Fix DSNode to not panic when response has empty response * [FEATURE] Prometheus: Handle the response with different field key order * [BUGFIX] LDAP: Fix user disabling spacecmd: * Version 5.0.5-0 * Update translation strings spacewalk-client-tools: * Version 5.0.4-0 * Remove rhn-profile-sync rhn_register spacewalk-channel and spacewalk-update- status supportutils-plugin-susemanager-client: * Version 5.0.3-0 * Remove rhnsd from client actions and server backend uyuni-tools: * Version 0.1.7-0 * Fix wrong Cobbler spacewalk_authentication_endpoint property after upgrade or migration * Fix migration script using missing awk in migration image * Version 0.1.6-0 * Pull image from authenticated registry * Port 80 should be published to the port 80 of the containers. 8080 is squid * Autogenerate the database password * Add mgrctl term command * Fix --version flag * Deny uyuni to suma upgrade and viceversa * Refactor upgrade to clarify script end adding post upgrade script (bsc#1219887) * Add mgradm install podman arguments to define big volumes storage * k8s migration use same functions as upgrade * Allow to use images from RPM if present * Schedule a system list refresh after migrate if not runned before * Ignore error on optional flag * Fix migration of multiple autoinstallable distributions * Obsolete uyuni-proxy-systemd-service package by mgrpxy * Add GitHub workflow for checking changelog * Allow installation using --image image:tag * Add command to register Peripheral server to Hub * Add Node exporter (9100) and Taskomatic (9800) ports to the list of open TCP ports * Fix minimal administrator password length * Do not assume the current host is a cluster node when getting kubelet version * Add mgrpxy start, stop and restart commands * Remove shm size constraints on the server * Add mgrpxy and mgradm status commands * Use uninstall commands dry run by default to avoid unintended removals * Make first user mandatory at install time * Add inspect and upgrade command * Improve error handling when exec.Command is used * Start/Stop/Restart command with kubernetes * Version 0.1.5-0 * Install aardvark-dns if netavark is installed (bsc#1220371) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Client Tools Beta for SLE 12 zypper in -t patch SUSE-SLE-Manager-Tools-12-BETA-2024-1419=1 ## Package List: * SUSE Manager Client Tools Beta for SLE 12 (aarch64 ppc64le s390x x86_64) * golang-github-prometheus-alertmanager-0.26.0-4.18.2 * golang-github-prometheus-node_exporter-1.7.0-4.18.2 * grafana-9.5.16-4.27.1 * mgrctl-0.1.7-3.8.1 * golang-github-prometheus-promu-0.14.0-4.15.1 * SUSE Manager Client Tools Beta for SLE 12 (noarch) * mgrctl-bash-completion-0.1.7-3.8.1 * spacecmd-5.0.5-41.48.1 * mgrctl-zsh-completion-0.1.7-3.8.1 * spacewalk-client-setup-5.0.4-55.51.1 * spacewalk-check-5.0.4-55.51.1 * python2-spacewalk-check-5.0.4-55.51.1 * python2-spacewalk-client-setup-5.0.4-55.51.1 * spacewalk-client-tools-5.0.4-55.51.1 * supportutils-plugin-susemanager-client-5.0.3-9.21.1 * python2-spacewalk-client-tools-5.0.4-55.51.1 ## References: * https://www.suse.com/security/cve/CVE-2023-6152.html * https://bugzilla.suse.com/show_bug.cgi?id=1219887 * https://bugzilla.suse.com/show_bug.cgi?id=1219912 * https://bugzilla.suse.com/show_bug.cgi?id=1220371 * https://jira.suse.com/browse/MSQA-759 * https://jira.suse.com/browse/PED-7893 * https://jira.suse.com/browse/PED-7928 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Apr 24 12:30:23 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 24 Apr 2024 12:30:23 -0000 Subject: SUSE-SU-2024:1417-1: important: Security update for nrpe Message-ID: <171396182332.27205.1440640920683203686@smelt2.prg2.suse.org> # Security update for nrpe Announcement ID: SUSE-SU-2024:1417-1 Rating: important References: * bsc#1118590 * bsc#874743 Cross-References: * CVE-2014-2913 CVSS scores: Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for nrpe fixes the following issues: CVE-2014-2913: Fixed remote command execution when command arguments are enabled (bsc#1118590,bsc#874743) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1417=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1417=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1417=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * nrpe-debuginfo-2.15-6.6.1 * nrpe-2.15-6.6.1 * nrpe-debugsource-2.15-6.6.1 * monitoring-plugins-nrpe-2.15-6.6.1 * monitoring-plugins-nrpe-debuginfo-2.15-6.6.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * nrpe-debuginfo-2.15-6.6.1 * nrpe-2.15-6.6.1 * nrpe-debugsource-2.15-6.6.1 * monitoring-plugins-nrpe-2.15-6.6.1 * monitoring-plugins-nrpe-debuginfo-2.15-6.6.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * nrpe-debuginfo-2.15-6.6.1 * nrpe-2.15-6.6.1 * nrpe-debugsource-2.15-6.6.1 * monitoring-plugins-nrpe-2.15-6.6.1 * monitoring-plugins-nrpe-debuginfo-2.15-6.6.1 ## References: * https://www.suse.com/security/cve/CVE-2014-2913.html * https://bugzilla.suse.com/show_bug.cgi?id=1118590 * https://bugzilla.suse.com/show_bug.cgi?id=874743 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Apr 24 12:30:25 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 24 Apr 2024 12:30:25 -0000 Subject: SUSE-SU-2024:1416-1: moderate: Security update for cockpit-wicked Message-ID: <171396182519.27205.5346068854248151583@smelt2.prg2.suse.org> # Security update for cockpit-wicked Announcement ID: SUSE-SU-2024:1416-1 Rating: moderate References: * bsc#1217325 Cross-References: * CVE-2023-26364 CVSS scores: * CVE-2023-26364 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.4 An update that solves one vulnerability can now be installed. ## Description: This update for cockpit-wicked fixes the following issues: * CVE-2023-26364: Fixed denial of service due to improper input validation during CSS parsing (bsc#1217325) Other fixes: \- Upgrade to version 4.5 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-1416=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-1416=1 ## Package List: * SUSE Linux Enterprise Micro for Rancher 5.4 (noarch) * cockpit-wicked-4.5-150400.3.3.1 * SUSE Linux Enterprise Micro 5.4 (noarch) * cockpit-wicked-4.5-150400.3.3.1 ## References: * https://www.suse.com/security/cve/CVE-2023-26364.html * https://bugzilla.suse.com/show_bug.cgi?id=1217325 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Apr 24 12:30:26 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 24 Apr 2024 12:30:26 -0000 Subject: SUSE-SU-2024:1415-1: moderate: Security update for cockpit-wicked Message-ID: <171396182652.27205.6556288932253525877@smelt2.prg2.suse.org> # Security update for cockpit-wicked Announcement ID: SUSE-SU-2024:1415-1 Rating: moderate References: * bsc#1217325 Cross-References: * CVE-2023-26364 CVSS scores: * CVE-2023-26364 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * SUSE Linux Enterprise Micro 5.5 An update that solves one vulnerability can now be installed. ## Description: This update for cockpit-wicked fixes the following issues: * CVE-2023-26364: Fixed denial of service due to improper input validation during CSS parsing (bsc#1217325) Other fixes: \- Update to version 5~git8.c06c55b. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-1415=1 ## Package List: * SUSE Linux Enterprise Micro 5.5 (noarch) * cockpit-wicked-5~git8.c06c55b-150500.3.3.1 ## References: * https://www.suse.com/security/cve/CVE-2023-26364.html * https://bugzilla.suse.com/show_bug.cgi?id=1217325 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Apr 25 20:30:03 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 25 Apr 2024 20:30:03 -0000 Subject: SUSE-SU-2024:1437-1: important: Security update for MozillaThunderbird Message-ID: <171407700399.23738.10016242651287840125@smelt2.prg2.suse.org> # Security update for MozillaThunderbird Announcement ID: SUSE-SU-2024:1437-1 Rating: important References: * bsc#1222535 Cross-References: * CVE-2024-2609 * CVE-2024-3302 * CVE-2024-3852 * CVE-2024-3854 * CVE-2024-3857 * CVE-2024-3859 * CVE-2024-3861 * CVE-2024-3863 * CVE-2024-3864 CVSS scores: * CVE-2024-2609 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Workstation Extension 15 SP5 * SUSE Package Hub 15 15-SP5 An update that solves nine vulnerabilities can now be installed. ## Description: This update for MozillaThunderbird fixes the following issues: Update to Mozilla Thunderbird 115.10.1 Security fixes (MFSA 2024-20) (bsc#1222535): * CVE-2024-3852: GetBoundName in the JIT returned the wrong object (bmo#1883542) * CVE-2024-3854: Out-of-bounds-read after mis-optimized switch statement (bmo#1884552) * CVE-2024-3857: Incorrect JITting of arguments led to use-after-free during garbage collection (bmo#1886683) * CVE-2024-2609: Permission prompt input delay could expire when not in focus (bmo#1866100) * CVE-2024-3859: Integer-overflow led to out-of-bounds-read in the OpenType sanitizer (bmo#1874489) * CVE-2024-3861: Potential use-after-free due to AlignedBuffer self-move (bmo#1883158) * CVE-2024-3863: Download Protections were bypassed by .xrm-ms files on Windows (bmo#1885855) * CVE-2024-3302: Denial of Service using HTTP/2 CONTINUATION frames (bmo#1881183, https://kb.cert.org/vuls/id/421644) * CVE-2024-3864: Memory safety bug fixed in Firefox 125, Firefox ESR 115.10, and Thunderbird 115.10 (bmo#1888333) Other Fixes: * fixed: Thunderbird processes did not exit cleanly; user intervention was required via task manager (bmo#1891889) * unresolved: After changing password on an IMAP account, the account could become locked due to too many failed login attempts (bmo#1862111) * fixed: Creating a tag in General Settings with a number as the tag name did not work (bmo#1881124) * fixed: Quick Filter button selections did not persist after restart (bmo#1847265) * fixed: Collapsing and expanding message list headers sometimes caused header to scroll out of view (bmo#1862197) * fixed: Single message with no children inside a parent thread sometimes displayed incorrectly as a thread with a duplicate of itself as its child (bmo#1427546) * fixed: "Get selected messages" menu items did not work (bmo#1867091) * fixed: "Download and Sync Messages" dialog was too short when using Russian locale, obscuring OK button (bmo#1881795) * fixed: After changing password on an IMAP account, the account could become locked due to too many failed login attempts (bmo#1862111) * fixed: Retrieving multiline POP3 message from server failed if message chunk ended in newline instead of carriage return and newline (bmo#1883760) * fixed: IMAP, POP3, and SMTP Exchange autoconfiguration did not support encryption configuration (bmo#1876992) * fixed: Non-empty address book search bar interfered with displaying/editing contacts (bmo#1833031) * fixed: Deleting attendees from "Invite Attendees" view removed attendees from view, but not from invite (bmo#1874450) * fixed: Splitter arrow between task list and task description did not behave as expected (bmo#1889562) * fixed: Performance improvements and code cleanup (bmo#1878257,bmo#1883550) * fixed: Security fixes * unresolved: Thunderbird processes did not exit cleanly; user intervention was required via task manager (bmo#1891889) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1437=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-1437=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-1437=1 * SUSE Linux Enterprise Workstation Extension 15 SP5 zypper in -t patch SUSE-SLE-Product-WE-15-SP5-2024-1437=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * MozillaThunderbird-debugsource-115.10.1-150200.8.157.1 * MozillaThunderbird-debuginfo-115.10.1-150200.8.157.1 * MozillaThunderbird-115.10.1-150200.8.157.1 * MozillaThunderbird-translations-common-115.10.1-150200.8.157.1 * MozillaThunderbird-translations-other-115.10.1-150200.8.157.1 * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x) * MozillaThunderbird-debugsource-115.10.1-150200.8.157.1 * MozillaThunderbird-debuginfo-115.10.1-150200.8.157.1 * MozillaThunderbird-115.10.1-150200.8.157.1 * MozillaThunderbird-translations-common-115.10.1-150200.8.157.1 * MozillaThunderbird-translations-other-115.10.1-150200.8.157.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * MozillaThunderbird-debugsource-115.10.1-150200.8.157.1 * MozillaThunderbird-debuginfo-115.10.1-150200.8.157.1 * MozillaThunderbird-115.10.1-150200.8.157.1 * MozillaThunderbird-translations-common-115.10.1-150200.8.157.1 * MozillaThunderbird-translations-other-115.10.1-150200.8.157.1 * SUSE Linux Enterprise Workstation Extension 15 SP5 (x86_64) * MozillaThunderbird-debugsource-115.10.1-150200.8.157.1 * MozillaThunderbird-debuginfo-115.10.1-150200.8.157.1 * MozillaThunderbird-115.10.1-150200.8.157.1 * MozillaThunderbird-translations-common-115.10.1-150200.8.157.1 * MozillaThunderbird-translations-other-115.10.1-150200.8.157.1 ## References: * https://www.suse.com/security/cve/CVE-2024-2609.html * https://www.suse.com/security/cve/CVE-2024-3302.html * https://www.suse.com/security/cve/CVE-2024-3852.html * https://www.suse.com/security/cve/CVE-2024-3854.html * https://www.suse.com/security/cve/CVE-2024-3857.html * https://www.suse.com/security/cve/CVE-2024-3859.html * https://www.suse.com/security/cve/CVE-2024-3861.html * https://www.suse.com/security/cve/CVE-2024-3863.html * https://www.suse.com/security/cve/CVE-2024-3864.html * https://bugzilla.suse.com/show_bug.cgi?id=1222535 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Apr 26 08:30:07 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 26 Apr 2024 08:30:07 -0000 Subject: SUSE-SU-2024:1446-1: moderate: Security update for php8 Message-ID: <171412020760.2708.5266358782155805763@smelt2.prg2.suse.org> # Security update for php8 Announcement ID: SUSE-SU-2024:1446-1 Rating: moderate References: * bsc#1222857 * bsc#1222858 Cross-References: * CVE-2024-2756 * CVE-2024-3096 CVSS scores: * CVE-2024-2756 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2024-3096 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * Web and Scripting Module 15-SP5 An update that solves two vulnerabilities can now be installed. ## Description: This update for php8 fixes the following issues: * CVE-2024-2756: Fixed bypass of security fix applied for CVE-2022-31629 that lead PHP to consider not secure cookies as secure (bsc#1222857) * CVE-2024-3096: Fixed bypass on null byte leading passwords checked via password_verify (bsc#1222858) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-1446=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1446=1 * Web and Scripting Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Web-Scripting-15-SP5-2024-1446=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * php8-zlib-8.0.30-150400.4.40.1 * php8-tidy-8.0.30-150400.4.40.1 * php8-sodium-debuginfo-8.0.30-150400.4.40.1 * php8-dom-debuginfo-8.0.30-150400.4.40.1 * php8-soap-debuginfo-8.0.30-150400.4.40.1 * php8-odbc-8.0.30-150400.4.40.1 * php8-bz2-debuginfo-8.0.30-150400.4.40.1 * php8-bcmath-debuginfo-8.0.30-150400.4.40.1 * php8-sysvshm-debuginfo-8.0.30-150400.4.40.1 * php8-sysvmsg-debuginfo-8.0.30-150400.4.40.1 * php8-exif-8.0.30-150400.4.40.1 * php8-pdo-8.0.30-150400.4.40.1 * php8-sysvmsg-8.0.30-150400.4.40.1 * php8-mbstring-8.0.30-150400.4.40.1 * php8-dba-debuginfo-8.0.30-150400.4.40.1 * php8-zlib-debuginfo-8.0.30-150400.4.40.1 * php8-calendar-debuginfo-8.0.30-150400.4.40.1 * php8-posix-8.0.30-150400.4.40.1 * php8-dom-8.0.30-150400.4.40.1 * php8-sysvsem-debuginfo-8.0.30-150400.4.40.1 * php8-zip-debuginfo-8.0.30-150400.4.40.1 * php8-pdo-debuginfo-8.0.30-150400.4.40.1 * php8-snmp-debuginfo-8.0.30-150400.4.40.1 * php8-bcmath-8.0.30-150400.4.40.1 * php8-ftp-debuginfo-8.0.30-150400.4.40.1 * php8-sysvsem-8.0.30-150400.4.40.1 * php8-ftp-8.0.30-150400.4.40.1 * php8-mbstring-debuginfo-8.0.30-150400.4.40.1 * apache2-mod_php8-debuginfo-8.0.30-150400.4.40.1 * php8-fpm-debugsource-8.0.30-150400.4.40.1 * php8-xmlwriter-8.0.30-150400.4.40.1 * php8-gd-8.0.30-150400.4.40.1 * php8-pgsql-debuginfo-8.0.30-150400.4.40.1 * php8-odbc-debuginfo-8.0.30-150400.4.40.1 * php8-embed-debuginfo-8.0.30-150400.4.40.1 * php8-shmop-8.0.30-150400.4.40.1 * php8-sockets-8.0.30-150400.4.40.1 * php8-debuginfo-8.0.30-150400.4.40.1 * php8-fileinfo-8.0.30-150400.4.40.1 * php8-exif-debuginfo-8.0.30-150400.4.40.1 * php8-ldap-8.0.30-150400.4.40.1 * php8-posix-debuginfo-8.0.30-150400.4.40.1 * php8-cli-8.0.30-150400.4.40.1 * php8-devel-8.0.30-150400.4.40.1 * php8-fastcgi-8.0.30-150400.4.40.1 * php8-fastcgi-debugsource-8.0.30-150400.4.40.1 * php8-shmop-debuginfo-8.0.30-150400.4.40.1 * php8-ldap-debuginfo-8.0.30-150400.4.40.1 * php8-xsl-debuginfo-8.0.30-150400.4.40.1 * php8-zip-8.0.30-150400.4.40.1 * php8-tokenizer-debuginfo-8.0.30-150400.4.40.1 * php8-phar-debuginfo-8.0.30-150400.4.40.1 * php8-cli-debuginfo-8.0.30-150400.4.40.1 * php8-gmp-8.0.30-150400.4.40.1 * php8-gmp-debuginfo-8.0.30-150400.4.40.1 * php8-tokenizer-8.0.30-150400.4.40.1 * php8-fileinfo-debuginfo-8.0.30-150400.4.40.1 * php8-xmlreader-debuginfo-8.0.30-150400.4.40.1 * php8-gettext-debuginfo-8.0.30-150400.4.40.1 * php8-iconv-debuginfo-8.0.30-150400.4.40.1 * apache2-mod_php8-8.0.30-150400.4.40.1 * php8-iconv-8.0.30-150400.4.40.1 * php8-sqlite-8.0.30-150400.4.40.1 * php8-test-8.0.30-150400.4.40.1 * php8-openssl-debuginfo-8.0.30-150400.4.40.1 * php8-dba-8.0.30-150400.4.40.1 * php8-enchant-debuginfo-8.0.30-150400.4.40.1 * php8-calendar-8.0.30-150400.4.40.1 * php8-opcache-8.0.30-150400.4.40.1 * php8-phar-8.0.30-150400.4.40.1 * php8-soap-8.0.30-150400.4.40.1 * php8-bz2-8.0.30-150400.4.40.1 * php8-embed-debugsource-8.0.30-150400.4.40.1 * php8-embed-8.0.30-150400.4.40.1 * php8-fpm-8.0.30-150400.4.40.1 * php8-xmlreader-8.0.30-150400.4.40.1 * php8-sodium-8.0.30-150400.4.40.1 * php8-ctype-8.0.30-150400.4.40.1 * php8-snmp-8.0.30-150400.4.40.1 * php8-mysql-debuginfo-8.0.30-150400.4.40.1 * php8-gettext-8.0.30-150400.4.40.1 * php8-ctype-debuginfo-8.0.30-150400.4.40.1 * php8-8.0.30-150400.4.40.1 * php8-pcntl-debuginfo-8.0.30-150400.4.40.1 * php8-readline-8.0.30-150400.4.40.1 * php8-mysql-8.0.30-150400.4.40.1 * php8-openssl-8.0.30-150400.4.40.1 * php8-sockets-debuginfo-8.0.30-150400.4.40.1 * php8-xsl-8.0.30-150400.4.40.1 * php8-readline-debuginfo-8.0.30-150400.4.40.1 * php8-debugsource-8.0.30-150400.4.40.1 * php8-opcache-debuginfo-8.0.30-150400.4.40.1 * php8-pgsql-8.0.30-150400.4.40.1 * php8-intl-8.0.30-150400.4.40.1 * php8-pcntl-8.0.30-150400.4.40.1 * php8-sysvshm-8.0.30-150400.4.40.1 * php8-sqlite-debuginfo-8.0.30-150400.4.40.1 * php8-tidy-debuginfo-8.0.30-150400.4.40.1 * php8-curl-debuginfo-8.0.30-150400.4.40.1 * php8-gd-debuginfo-8.0.30-150400.4.40.1 * php8-enchant-8.0.30-150400.4.40.1 * php8-fastcgi-debuginfo-8.0.30-150400.4.40.1 * php8-intl-debuginfo-8.0.30-150400.4.40.1 * php8-fpm-debuginfo-8.0.30-150400.4.40.1 * php8-xmlwriter-debuginfo-8.0.30-150400.4.40.1 * php8-curl-8.0.30-150400.4.40.1 * apache2-mod_php8-debugsource-8.0.30-150400.4.40.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * php8-zlib-8.0.30-150400.4.40.1 * php8-tidy-8.0.30-150400.4.40.1 * php8-sodium-debuginfo-8.0.30-150400.4.40.1 * php8-dom-debuginfo-8.0.30-150400.4.40.1 * php8-soap-debuginfo-8.0.30-150400.4.40.1 * php8-odbc-8.0.30-150400.4.40.1 * php8-bz2-debuginfo-8.0.30-150400.4.40.1 * php8-bcmath-debuginfo-8.0.30-150400.4.40.1 * php8-sysvshm-debuginfo-8.0.30-150400.4.40.1 * php8-sysvmsg-debuginfo-8.0.30-150400.4.40.1 * php8-exif-8.0.30-150400.4.40.1 * php8-pdo-8.0.30-150400.4.40.1 * php8-sysvmsg-8.0.30-150400.4.40.1 * php8-mbstring-8.0.30-150400.4.40.1 * php8-dba-debuginfo-8.0.30-150400.4.40.1 * php8-zlib-debuginfo-8.0.30-150400.4.40.1 * php8-calendar-debuginfo-8.0.30-150400.4.40.1 * php8-posix-8.0.30-150400.4.40.1 * php8-dom-8.0.30-150400.4.40.1 * php8-sysvsem-debuginfo-8.0.30-150400.4.40.1 * php8-zip-debuginfo-8.0.30-150400.4.40.1 * php8-pdo-debuginfo-8.0.30-150400.4.40.1 * php8-snmp-debuginfo-8.0.30-150400.4.40.1 * php8-bcmath-8.0.30-150400.4.40.1 * php8-ftp-debuginfo-8.0.30-150400.4.40.1 * php8-sysvsem-8.0.30-150400.4.40.1 * php8-ftp-8.0.30-150400.4.40.1 * php8-mbstring-debuginfo-8.0.30-150400.4.40.1 * apache2-mod_php8-debuginfo-8.0.30-150400.4.40.1 * php8-fpm-debugsource-8.0.30-150400.4.40.1 * php8-xmlwriter-8.0.30-150400.4.40.1 * php8-gd-8.0.30-150400.4.40.1 * php8-pgsql-debuginfo-8.0.30-150400.4.40.1 * php8-odbc-debuginfo-8.0.30-150400.4.40.1 * php8-embed-debuginfo-8.0.30-150400.4.40.1 * php8-shmop-8.0.30-150400.4.40.1 * php8-sockets-8.0.30-150400.4.40.1 * php8-debuginfo-8.0.30-150400.4.40.1 * php8-fileinfo-8.0.30-150400.4.40.1 * php8-exif-debuginfo-8.0.30-150400.4.40.1 * php8-ldap-8.0.30-150400.4.40.1 * php8-posix-debuginfo-8.0.30-150400.4.40.1 * php8-cli-8.0.30-150400.4.40.1 * php8-devel-8.0.30-150400.4.40.1 * php8-fastcgi-8.0.30-150400.4.40.1 * php8-shmop-debuginfo-8.0.30-150400.4.40.1 * php8-ldap-debuginfo-8.0.30-150400.4.40.1 * php8-xsl-debuginfo-8.0.30-150400.4.40.1 * php8-zip-8.0.30-150400.4.40.1 * php8-tokenizer-debuginfo-8.0.30-150400.4.40.1 * php8-phar-debuginfo-8.0.30-150400.4.40.1 * php8-cli-debuginfo-8.0.30-150400.4.40.1 * php8-gmp-8.0.30-150400.4.40.1 * php8-gmp-debuginfo-8.0.30-150400.4.40.1 * php8-tokenizer-8.0.30-150400.4.40.1 * php8-fileinfo-debuginfo-8.0.30-150400.4.40.1 * php8-xmlreader-debuginfo-8.0.30-150400.4.40.1 * php8-gettext-debuginfo-8.0.30-150400.4.40.1 * php8-iconv-debuginfo-8.0.30-150400.4.40.1 * apache2-mod_php8-8.0.30-150400.4.40.1 * php8-iconv-8.0.30-150400.4.40.1 * php8-sqlite-8.0.30-150400.4.40.1 * php8-test-8.0.30-150400.4.40.1 * php8-openssl-debuginfo-8.0.30-150400.4.40.1 * php8-dba-8.0.30-150400.4.40.1 * php8-enchant-debuginfo-8.0.30-150400.4.40.1 * php8-calendar-8.0.30-150400.4.40.1 * php8-opcache-8.0.30-150400.4.40.1 * php8-phar-8.0.30-150400.4.40.1 * php8-soap-8.0.30-150400.4.40.1 * php8-bz2-8.0.30-150400.4.40.1 * apache2-mod_php8-debugsource-8.0.30-150400.4.40.1 * php8-embed-debugsource-8.0.30-150400.4.40.1 * php8-embed-8.0.30-150400.4.40.1 * php8-fpm-8.0.30-150400.4.40.1 * php8-xmlreader-8.0.30-150400.4.40.1 * php8-sodium-8.0.30-150400.4.40.1 * php8-ctype-8.0.30-150400.4.40.1 * php8-snmp-8.0.30-150400.4.40.1 * php8-mysql-debuginfo-8.0.30-150400.4.40.1 * php8-gettext-8.0.30-150400.4.40.1 * php8-ctype-debuginfo-8.0.30-150400.4.40.1 * php8-8.0.30-150400.4.40.1 * php8-pcntl-debuginfo-8.0.30-150400.4.40.1 * php8-readline-8.0.30-150400.4.40.1 * php8-mysql-8.0.30-150400.4.40.1 * php8-openssl-8.0.30-150400.4.40.1 * php8-sockets-debuginfo-8.0.30-150400.4.40.1 * php8-xsl-8.0.30-150400.4.40.1 * php8-readline-debuginfo-8.0.30-150400.4.40.1 * php8-debugsource-8.0.30-150400.4.40.1 * php8-opcache-debuginfo-8.0.30-150400.4.40.1 * php8-pgsql-8.0.30-150400.4.40.1 * php8-intl-8.0.30-150400.4.40.1 * php8-pcntl-8.0.30-150400.4.40.1 * php8-sqlite-debuginfo-8.0.30-150400.4.40.1 * php8-sysvshm-8.0.30-150400.4.40.1 * php8-tidy-debuginfo-8.0.30-150400.4.40.1 * php8-curl-debuginfo-8.0.30-150400.4.40.1 * php8-gd-debuginfo-8.0.30-150400.4.40.1 * php8-enchant-8.0.30-150400.4.40.1 * php8-fastcgi-debuginfo-8.0.30-150400.4.40.1 * php8-intl-debuginfo-8.0.30-150400.4.40.1 * php8-fpm-debuginfo-8.0.30-150400.4.40.1 * php8-xmlwriter-debuginfo-8.0.30-150400.4.40.1 * php8-curl-8.0.30-150400.4.40.1 * php8-fastcgi-debugsource-8.0.30-150400.4.40.1 * Web and Scripting Module 15-SP5 (aarch64 ppc64le s390x x86_64) * php8-zlib-8.0.30-150400.4.40.1 * php8-tidy-8.0.30-150400.4.40.1 * php8-sodium-debuginfo-8.0.30-150400.4.40.1 * php8-dom-debuginfo-8.0.30-150400.4.40.1 * php8-soap-debuginfo-8.0.30-150400.4.40.1 * php8-odbc-8.0.30-150400.4.40.1 * php8-bz2-debuginfo-8.0.30-150400.4.40.1 * php8-bcmath-debuginfo-8.0.30-150400.4.40.1 * php8-sysvshm-debuginfo-8.0.30-150400.4.40.1 * php8-sysvmsg-debuginfo-8.0.30-150400.4.40.1 * php8-exif-8.0.30-150400.4.40.1 * php8-pdo-8.0.30-150400.4.40.1 * php8-sysvmsg-8.0.30-150400.4.40.1 * php8-mbstring-8.0.30-150400.4.40.1 * php8-dba-debuginfo-8.0.30-150400.4.40.1 * php8-zlib-debuginfo-8.0.30-150400.4.40.1 * php8-calendar-debuginfo-8.0.30-150400.4.40.1 * php8-posix-8.0.30-150400.4.40.1 * php8-dom-8.0.30-150400.4.40.1 * php8-sysvsem-debuginfo-8.0.30-150400.4.40.1 * php8-zip-debuginfo-8.0.30-150400.4.40.1 * php8-pdo-debuginfo-8.0.30-150400.4.40.1 * php8-snmp-debuginfo-8.0.30-150400.4.40.1 * php8-bcmath-8.0.30-150400.4.40.1 * php8-ftp-debuginfo-8.0.30-150400.4.40.1 * php8-sysvsem-8.0.30-150400.4.40.1 * php8-ftp-8.0.30-150400.4.40.1 * php8-mbstring-debuginfo-8.0.30-150400.4.40.1 * apache2-mod_php8-debuginfo-8.0.30-150400.4.40.1 * php8-fpm-debugsource-8.0.30-150400.4.40.1 * php8-xmlwriter-8.0.30-150400.4.40.1 * php8-gd-8.0.30-150400.4.40.1 * php8-pgsql-debuginfo-8.0.30-150400.4.40.1 * php8-odbc-debuginfo-8.0.30-150400.4.40.1 * php8-embed-debuginfo-8.0.30-150400.4.40.1 * php8-shmop-8.0.30-150400.4.40.1 * php8-sockets-8.0.30-150400.4.40.1 * php8-debuginfo-8.0.30-150400.4.40.1 * php8-fileinfo-8.0.30-150400.4.40.1 * php8-exif-debuginfo-8.0.30-150400.4.40.1 * php8-ldap-8.0.30-150400.4.40.1 * php8-posix-debuginfo-8.0.30-150400.4.40.1 * php8-cli-8.0.30-150400.4.40.1 * php8-devel-8.0.30-150400.4.40.1 * php8-fastcgi-8.0.30-150400.4.40.1 * php8-shmop-debuginfo-8.0.30-150400.4.40.1 * php8-ldap-debuginfo-8.0.30-150400.4.40.1 * php8-xsl-debuginfo-8.0.30-150400.4.40.1 * php8-zip-8.0.30-150400.4.40.1 * php8-tokenizer-debuginfo-8.0.30-150400.4.40.1 * php8-phar-debuginfo-8.0.30-150400.4.40.1 * php8-cli-debuginfo-8.0.30-150400.4.40.1 * php8-gmp-8.0.30-150400.4.40.1 * php8-gmp-debuginfo-8.0.30-150400.4.40.1 * php8-tokenizer-8.0.30-150400.4.40.1 * php8-fileinfo-debuginfo-8.0.30-150400.4.40.1 * php8-xmlreader-debuginfo-8.0.30-150400.4.40.1 * php8-gettext-debuginfo-8.0.30-150400.4.40.1 * php8-iconv-debuginfo-8.0.30-150400.4.40.1 * apache2-mod_php8-8.0.30-150400.4.40.1 * php8-iconv-8.0.30-150400.4.40.1 * php8-sqlite-8.0.30-150400.4.40.1 * php8-test-8.0.30-150400.4.40.1 * php8-openssl-debuginfo-8.0.30-150400.4.40.1 * php8-dba-8.0.30-150400.4.40.1 * php8-enchant-debuginfo-8.0.30-150400.4.40.1 * php8-calendar-8.0.30-150400.4.40.1 * php8-opcache-8.0.30-150400.4.40.1 * php8-phar-8.0.30-150400.4.40.1 * php8-soap-8.0.30-150400.4.40.1 * php8-bz2-8.0.30-150400.4.40.1 * apache2-mod_php8-debugsource-8.0.30-150400.4.40.1 * php8-embed-debugsource-8.0.30-150400.4.40.1 * php8-embed-8.0.30-150400.4.40.1 * php8-fpm-8.0.30-150400.4.40.1 * php8-xmlreader-8.0.30-150400.4.40.1 * php8-sodium-8.0.30-150400.4.40.1 * php8-ctype-8.0.30-150400.4.40.1 * php8-snmp-8.0.30-150400.4.40.1 * php8-mysql-debuginfo-8.0.30-150400.4.40.1 * php8-gettext-8.0.30-150400.4.40.1 * php8-ctype-debuginfo-8.0.30-150400.4.40.1 * php8-8.0.30-150400.4.40.1 * php8-pcntl-debuginfo-8.0.30-150400.4.40.1 * php8-readline-8.0.30-150400.4.40.1 * php8-mysql-8.0.30-150400.4.40.1 * php8-openssl-8.0.30-150400.4.40.1 * php8-sockets-debuginfo-8.0.30-150400.4.40.1 * php8-xsl-8.0.30-150400.4.40.1 * php8-readline-debuginfo-8.0.30-150400.4.40.1 * php8-debugsource-8.0.30-150400.4.40.1 * php8-opcache-debuginfo-8.0.30-150400.4.40.1 * php8-pgsql-8.0.30-150400.4.40.1 * php8-intl-8.0.30-150400.4.40.1 * php8-pcntl-8.0.30-150400.4.40.1 * php8-sqlite-debuginfo-8.0.30-150400.4.40.1 * php8-sysvshm-8.0.30-150400.4.40.1 * php8-tidy-debuginfo-8.0.30-150400.4.40.1 * php8-curl-debuginfo-8.0.30-150400.4.40.1 * php8-gd-debuginfo-8.0.30-150400.4.40.1 * php8-enchant-8.0.30-150400.4.40.1 * php8-fastcgi-debuginfo-8.0.30-150400.4.40.1 * php8-intl-debuginfo-8.0.30-150400.4.40.1 * php8-fpm-debuginfo-8.0.30-150400.4.40.1 * php8-xmlwriter-debuginfo-8.0.30-150400.4.40.1 * php8-curl-8.0.30-150400.4.40.1 * php8-fastcgi-debugsource-8.0.30-150400.4.40.1 ## References: * https://www.suse.com/security/cve/CVE-2024-2756.html * https://www.suse.com/security/cve/CVE-2024-3096.html * https://bugzilla.suse.com/show_bug.cgi?id=1222857 * https://bugzilla.suse.com/show_bug.cgi?id=1222858 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Apr 26 08:30:12 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 26 Apr 2024 08:30:12 -0000 Subject: SUSE-SU-2024:1445-1: moderate: Security update for php74 Message-ID: <171412021273.2708.5089219815326029491@smelt2.prg2.suse.org> # Security update for php74 Announcement ID: SUSE-SU-2024:1445-1 Rating: moderate References: * bsc#1222857 * bsc#1222858 Cross-References: * CVE-2024-2756 * CVE-2024-3096 CVSS scores: * CVE-2024-2756 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2024-3096 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP2 * SUSE Linux Enterprise High Performance Computing 12 SP3 * SUSE Linux Enterprise High Performance Computing 12 SP4 * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 * SUSE Linux Enterprise Server 12 SP1 * SUSE Linux Enterprise Server 12 SP2 * SUSE Linux Enterprise Server 12 SP3 * SUSE Linux Enterprise Server 12 SP4 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 * SUSE Linux Enterprise Server for SAP Applications 12 SP1 * SUSE Linux Enterprise Server for SAP Applications 12 SP2 * SUSE Linux Enterprise Server for SAP Applications 12 SP3 * SUSE Linux Enterprise Server for SAP Applications 12 SP4 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 * Web and Scripting Module 12 An update that solves two vulnerabilities can now be installed. ## Description: This update for php74 fixes the following issues: * CVE-2024-2756: Fixed bypass of security fix applied for CVE-2022-31629 that lead PHP to consider not secure cookies as secure (bsc#1222857) * CVE-2024-3096: Fixed bypass on null byte leading passwords checked via password_verify (bsc#1222858) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Web and Scripting Module 12 zypper in -t patch SUSE-SLE-Module-Web-Scripting-12-2024-1445=1 * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-1445=1 ## Package List: * Web and Scripting Module 12 (aarch64 ppc64le s390x x86_64) * php74-7.4.33-1.65.1 * php74-tokenizer-debuginfo-7.4.33-1.65.1 * php74-shmop-debuginfo-7.4.33-1.65.1 * php74-ctype-7.4.33-1.65.1 * php74-calendar-debuginfo-7.4.33-1.65.1 * php74-debugsource-7.4.33-1.65.1 * php74-snmp-7.4.33-1.65.1 * php74-ftp-7.4.33-1.65.1 * php74-xmlreader-debuginfo-7.4.33-1.65.1 * php74-zlib-7.4.33-1.65.1 * php74-opcache-7.4.33-1.65.1 * php74-fpm-7.4.33-1.65.1 * php74-pcntl-debuginfo-7.4.33-1.65.1 * php74-bcmath-7.4.33-1.65.1 * php74-dba-7.4.33-1.65.1 * php74-fastcgi-debuginfo-7.4.33-1.65.1 * php74-xmlwriter-debuginfo-7.4.33-1.65.1 * php74-iconv-7.4.33-1.65.1 * php74-sockets-7.4.33-1.65.1 * php74-gettext-7.4.33-1.65.1 * php74-odbc-7.4.33-1.65.1 * php74-dba-debuginfo-7.4.33-1.65.1 * php74-sysvshm-debuginfo-7.4.33-1.65.1 * php74-snmp-debuginfo-7.4.33-1.65.1 * php74-zip-7.4.33-1.65.1 * php74-soap-debuginfo-7.4.33-1.65.1 * php74-xmlrpc-debuginfo-7.4.33-1.65.1 * php74-posix-7.4.33-1.65.1 * php74-mysql-7.4.33-1.65.1 * php74-curl-7.4.33-1.65.1 * php74-shmop-7.4.33-1.65.1 * php74-fileinfo-7.4.33-1.65.1 * php74-pcntl-7.4.33-1.65.1 * php74-pgsql-debuginfo-7.4.33-1.65.1 * php74-tokenizer-7.4.33-1.65.1 * php74-enchant-debuginfo-7.4.33-1.65.1 * php74-bz2-7.4.33-1.65.1 * php74-ftp-debuginfo-7.4.33-1.65.1 * php74-pdo-debuginfo-7.4.33-1.65.1 * php74-mbstring-7.4.33-1.65.1 * php74-soap-7.4.33-1.65.1 * php74-iconv-debuginfo-7.4.33-1.65.1 * php74-exif-7.4.33-1.65.1 * php74-sysvmsg-7.4.33-1.65.1 * php74-readline-7.4.33-1.65.1 * php74-xmlrpc-7.4.33-1.65.1 * php74-xsl-7.4.33-1.65.1 * php74-bcmath-debuginfo-7.4.33-1.65.1 * php74-sysvshm-7.4.33-1.65.1 * php74-calendar-7.4.33-1.65.1 * php74-fpm-debuginfo-7.4.33-1.65.1 * php74-ldap-7.4.33-1.65.1 * php74-xmlreader-7.4.33-1.65.1 * php74-sysvmsg-debuginfo-7.4.33-1.65.1 * php74-phar-7.4.33-1.65.1 * php74-dom-debuginfo-7.4.33-1.65.1 * php74-sysvsem-7.4.33-1.65.1 * php74-ctype-debuginfo-7.4.33-1.65.1 * php74-sockets-debuginfo-7.4.33-1.65.1 * php74-sqlite-7.4.33-1.65.1 * php74-openssl-7.4.33-1.65.1 * php74-pdo-7.4.33-1.65.1 * php74-enchant-7.4.33-1.65.1 * php74-posix-debuginfo-7.4.33-1.65.1 * php74-zip-debuginfo-7.4.33-1.65.1 * php74-zlib-debuginfo-7.4.33-1.65.1 * php74-xsl-debuginfo-7.4.33-1.65.1 * php74-json-7.4.33-1.65.1 * php74-odbc-debuginfo-7.4.33-1.65.1 * php74-exif-debuginfo-7.4.33-1.65.1 * php74-fastcgi-7.4.33-1.65.1 * php74-gettext-debuginfo-7.4.33-1.65.1 * php74-sqlite-debuginfo-7.4.33-1.65.1 * php74-sysvsem-debuginfo-7.4.33-1.65.1 * php74-pgsql-7.4.33-1.65.1 * php74-debuginfo-7.4.33-1.65.1 * php74-phar-debuginfo-7.4.33-1.65.1 * php74-readline-debuginfo-7.4.33-1.65.1 * php74-sodium-7.4.33-1.65.1 * php74-gmp-debuginfo-7.4.33-1.65.1 * php74-intl-debuginfo-7.4.33-1.65.1 * php74-bz2-debuginfo-7.4.33-1.65.1 * php74-tidy-7.4.33-1.65.1 * php74-gd-7.4.33-1.65.1 * php74-sodium-debuginfo-7.4.33-1.65.1 * php74-tidy-debuginfo-7.4.33-1.65.1 * php74-mysql-debuginfo-7.4.33-1.65.1 * php74-curl-debuginfo-7.4.33-1.65.1 * php74-gmp-7.4.33-1.65.1 * php74-openssl-debuginfo-7.4.33-1.65.1 * php74-xmlwriter-7.4.33-1.65.1 * apache2-mod_php74-7.4.33-1.65.1 * php74-gd-debuginfo-7.4.33-1.65.1 * php74-json-debuginfo-7.4.33-1.65.1 * php74-intl-7.4.33-1.65.1 * php74-dom-7.4.33-1.65.1 * php74-opcache-debuginfo-7.4.33-1.65.1 * apache2-mod_php74-debuginfo-7.4.33-1.65.1 * php74-ldap-debuginfo-7.4.33-1.65.1 * php74-mbstring-debuginfo-7.4.33-1.65.1 * php74-fileinfo-debuginfo-7.4.33-1.65.1 * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * php74-devel-7.4.33-1.65.1 * php74-debugsource-7.4.33-1.65.1 * php74-debuginfo-7.4.33-1.65.1 ## References: * https://www.suse.com/security/cve/CVE-2024-2756.html * https://www.suse.com/security/cve/CVE-2024-3096.html * https://bugzilla.suse.com/show_bug.cgi?id=1222857 * https://bugzilla.suse.com/show_bug.cgi?id=1222858 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Apr 26 08:30:14 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 26 Apr 2024 08:30:14 -0000 Subject: SUSE-SU-2024:1444-1: moderate: Security update for php7 Message-ID: <171412021499.2708.4718945034893499194@smelt2.prg2.suse.org> # Security update for php7 Announcement ID: SUSE-SU-2024:1444-1 Rating: moderate References: * bsc#1222857 * bsc#1222858 Cross-References: * CVE-2024-2756 * CVE-2024-3096 CVSS scores: * CVE-2024-2756 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2024-3096 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N Affected Products: * Legacy Module 15-SP5 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Package Hub 15 15-SP5 An update that solves two vulnerabilities can now be installed. ## Description: This update for php7 fixes the following issues: * CVE-2024-2756: Fixed bypass of security fix applied for CVE-2022-31629 that lead PHP to consider not secure cookies as secure (bsc#1222857) * CVE-2024-3096: Fixed bypass on null byte leading passwords checked via password_verify (bsc#1222858) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-1444=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1444=1 * Legacy Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Legacy-15-SP5-2024-1444=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-1444=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * apache2-mod_php7-debugsource-7.4.33-150400.4.34.1 * php7-gmp-7.4.33-150400.4.34.1 * php7-gettext-7.4.33-150400.4.34.1 * php7-sodium-7.4.33-150400.4.34.1 * php7-embed-debugsource-7.4.33-150400.4.34.1 * php7-posix-debuginfo-7.4.33-150400.4.34.1 * php7-soap-7.4.33-150400.4.34.1 * php7-zip-debuginfo-7.4.33-150400.4.34.1 * php7-xmlreader-7.4.33-150400.4.34.1 * php7-tidy-debuginfo-7.4.33-150400.4.34.1 * php7-dba-debuginfo-7.4.33-150400.4.34.1 * php7-fileinfo-debuginfo-7.4.33-150400.4.34.1 * php7-intl-debuginfo-7.4.33-150400.4.34.1 * php7-cli-debuginfo-7.4.33-150400.4.34.1 * php7-shmop-7.4.33-150400.4.34.1 * php7-xmlreader-debuginfo-7.4.33-150400.4.34.1 * php7-zlib-7.4.33-150400.4.34.1 * php7-7.4.33-150400.4.34.1 * php7-xsl-debuginfo-7.4.33-150400.4.34.1 * php7-bz2-debuginfo-7.4.33-150400.4.34.1 * php7-fastcgi-7.4.33-150400.4.34.1 * php7-curl-debuginfo-7.4.33-150400.4.34.1 * php7-opcache-debuginfo-7.4.33-150400.4.34.1 * php7-iconv-7.4.33-150400.4.34.1 * php7-calendar-7.4.33-150400.4.34.1 * php7-calendar-debuginfo-7.4.33-150400.4.34.1 * php7-exif-7.4.33-150400.4.34.1 * php7-fileinfo-7.4.33-150400.4.34.1 * php7-mbstring-7.4.33-150400.4.34.1 * php7-debuginfo-7.4.33-150400.4.34.1 * php7-bz2-7.4.33-150400.4.34.1 * php7-sysvshm-debuginfo-7.4.33-150400.4.34.1 * php7-fastcgi-debuginfo-7.4.33-150400.4.34.1 * php7-gettext-debuginfo-7.4.33-150400.4.34.1 * php7-iconv-debuginfo-7.4.33-150400.4.34.1 * php7-ftp-debuginfo-7.4.33-150400.4.34.1 * php7-soap-debuginfo-7.4.33-150400.4.34.1 * php7-xmlrpc-debuginfo-7.4.33-150400.4.34.1 * php7-readline-debuginfo-7.4.33-150400.4.34.1 * php7-dom-7.4.33-150400.4.34.1 * php7-gd-7.4.33-150400.4.34.1 * php7-ctype-7.4.33-150400.4.34.1 * php7-sqlite-debuginfo-7.4.33-150400.4.34.1 * php7-ftp-7.4.33-150400.4.34.1 * php7-fastcgi-debugsource-7.4.33-150400.4.34.1 * php7-shmop-debuginfo-7.4.33-150400.4.34.1 * php7-phar-debuginfo-7.4.33-150400.4.34.1 * php7-pgsql-7.4.33-150400.4.34.1 * php7-odbc-7.4.33-150400.4.34.1 * php7-zip-7.4.33-150400.4.34.1 * php7-gmp-debuginfo-7.4.33-150400.4.34.1 * php7-zlib-debuginfo-7.4.33-150400.4.34.1 * php7-dba-7.4.33-150400.4.34.1 * php7-exif-debuginfo-7.4.33-150400.4.34.1 * php7-sysvsem-7.4.33-150400.4.34.1 * php7-snmp-debuginfo-7.4.33-150400.4.34.1 * php7-cli-7.4.33-150400.4.34.1 * php7-odbc-debuginfo-7.4.33-150400.4.34.1 * php7-pdo-debuginfo-7.4.33-150400.4.34.1 * php7-devel-7.4.33-150400.4.34.1 * php7-xmlwriter-debuginfo-7.4.33-150400.4.34.1 * php7-bcmath-7.4.33-150400.4.34.1 * php7-pcntl-7.4.33-150400.4.34.1 * php7-sysvsem-debuginfo-7.4.33-150400.4.34.1 * php7-snmp-7.4.33-150400.4.34.1 * php7-bcmath-debuginfo-7.4.33-150400.4.34.1 * php7-intl-7.4.33-150400.4.34.1 * php7-embed-debuginfo-7.4.33-150400.4.34.1 * php7-sysvshm-7.4.33-150400.4.34.1 * php7-dom-debuginfo-7.4.33-150400.4.34.1 * php7-mysql-7.4.33-150400.4.34.1 * php7-sockets-7.4.33-150400.4.34.1 * php7-ctype-debuginfo-7.4.33-150400.4.34.1 * php7-pcntl-debuginfo-7.4.33-150400.4.34.1 * php7-fpm-debugsource-7.4.33-150400.4.34.1 * php7-pgsql-debuginfo-7.4.33-150400.4.34.1 * php7-sodium-debuginfo-7.4.33-150400.4.34.1 * php7-embed-7.4.33-150400.4.34.1 * php7-curl-7.4.33-150400.4.34.1 * php7-sockets-debuginfo-7.4.33-150400.4.34.1 * php7-posix-7.4.33-150400.4.34.1 * php7-ldap-7.4.33-150400.4.34.1 * php7-enchant-7.4.33-150400.4.34.1 * php7-mysql-debuginfo-7.4.33-150400.4.34.1 * php7-tokenizer-7.4.33-150400.4.34.1 * php7-enchant-debuginfo-7.4.33-150400.4.34.1 * php7-json-debuginfo-7.4.33-150400.4.34.1 * php7-phar-7.4.33-150400.4.34.1 * php7-xmlrpc-7.4.33-150400.4.34.1 * php7-openssl-debuginfo-7.4.33-150400.4.34.1 * php7-fpm-debuginfo-7.4.33-150400.4.34.1 * apache2-mod_php7-7.4.33-150400.4.34.1 * php7-ldap-debuginfo-7.4.33-150400.4.34.1 * php7-sqlite-7.4.33-150400.4.34.1 * php7-debugsource-7.4.33-150400.4.34.1 * php7-sysvmsg-7.4.33-150400.4.34.1 * php7-tidy-7.4.33-150400.4.34.1 * php7-tokenizer-debuginfo-7.4.33-150400.4.34.1 * php7-xmlwriter-7.4.33-150400.4.34.1 * php7-gd-debuginfo-7.4.33-150400.4.34.1 * php7-fpm-7.4.33-150400.4.34.1 * php7-openssl-7.4.33-150400.4.34.1 * apache2-mod_php7-debuginfo-7.4.33-150400.4.34.1 * php7-sysvmsg-debuginfo-7.4.33-150400.4.34.1 * php7-test-7.4.33-150400.4.34.1 * php7-pdo-7.4.33-150400.4.34.1 * php7-readline-7.4.33-150400.4.34.1 * php7-json-7.4.33-150400.4.34.1 * php7-mbstring-debuginfo-7.4.33-150400.4.34.1 * php7-opcache-7.4.33-150400.4.34.1 * php7-xsl-7.4.33-150400.4.34.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * apache2-mod_php7-debugsource-7.4.33-150400.4.34.1 * php7-gmp-7.4.33-150400.4.34.1 * php7-gettext-7.4.33-150400.4.34.1 * php7-sodium-7.4.33-150400.4.34.1 * php7-embed-debugsource-7.4.33-150400.4.34.1 * php7-posix-debuginfo-7.4.33-150400.4.34.1 * php7-soap-7.4.33-150400.4.34.1 * php7-zip-debuginfo-7.4.33-150400.4.34.1 * php7-xmlreader-7.4.33-150400.4.34.1 * php7-tidy-debuginfo-7.4.33-150400.4.34.1 * php7-dba-debuginfo-7.4.33-150400.4.34.1 * php7-fileinfo-debuginfo-7.4.33-150400.4.34.1 * php7-intl-debuginfo-7.4.33-150400.4.34.1 * php7-cli-debuginfo-7.4.33-150400.4.34.1 * php7-shmop-7.4.33-150400.4.34.1 * php7-xmlreader-debuginfo-7.4.33-150400.4.34.1 * php7-zlib-7.4.33-150400.4.34.1 * php7-7.4.33-150400.4.34.1 * php7-xsl-debuginfo-7.4.33-150400.4.34.1 * php7-bz2-debuginfo-7.4.33-150400.4.34.1 * php7-fastcgi-7.4.33-150400.4.34.1 * php7-curl-debuginfo-7.4.33-150400.4.34.1 * php7-opcache-debuginfo-7.4.33-150400.4.34.1 * php7-iconv-7.4.33-150400.4.34.1 * php7-calendar-7.4.33-150400.4.34.1 * php7-calendar-debuginfo-7.4.33-150400.4.34.1 * php7-exif-7.4.33-150400.4.34.1 * php7-fileinfo-7.4.33-150400.4.34.1 * php7-mbstring-7.4.33-150400.4.34.1 * php7-debuginfo-7.4.33-150400.4.34.1 * php7-bz2-7.4.33-150400.4.34.1 * php7-fastcgi-debuginfo-7.4.33-150400.4.34.1 * php7-sysvshm-debuginfo-7.4.33-150400.4.34.1 * php7-gettext-debuginfo-7.4.33-150400.4.34.1 * php7-iconv-debuginfo-7.4.33-150400.4.34.1 * php7-ftp-debuginfo-7.4.33-150400.4.34.1 * php7-soap-debuginfo-7.4.33-150400.4.34.1 * php7-xmlrpc-debuginfo-7.4.33-150400.4.34.1 * php7-readline-debuginfo-7.4.33-150400.4.34.1 * php7-dom-7.4.33-150400.4.34.1 * php7-gd-7.4.33-150400.4.34.1 * php7-ctype-7.4.33-150400.4.34.1 * php7-sqlite-debuginfo-7.4.33-150400.4.34.1 * php7-ftp-7.4.33-150400.4.34.1 * php7-fastcgi-debugsource-7.4.33-150400.4.34.1 * php7-shmop-debuginfo-7.4.33-150400.4.34.1 * php7-phar-debuginfo-7.4.33-150400.4.34.1 * php7-pgsql-7.4.33-150400.4.34.1 * php7-odbc-7.4.33-150400.4.34.1 * php7-zip-7.4.33-150400.4.34.1 * php7-gmp-debuginfo-7.4.33-150400.4.34.1 * php7-zlib-debuginfo-7.4.33-150400.4.34.1 * php7-dba-7.4.33-150400.4.34.1 * php7-exif-debuginfo-7.4.33-150400.4.34.1 * php7-sysvsem-7.4.33-150400.4.34.1 * php7-snmp-debuginfo-7.4.33-150400.4.34.1 * php7-cli-7.4.33-150400.4.34.1 * php7-odbc-debuginfo-7.4.33-150400.4.34.1 * php7-pdo-debuginfo-7.4.33-150400.4.34.1 * php7-devel-7.4.33-150400.4.34.1 * php7-xmlwriter-debuginfo-7.4.33-150400.4.34.1 * php7-bcmath-7.4.33-150400.4.34.1 * php7-pcntl-7.4.33-150400.4.34.1 * php7-sysvsem-debuginfo-7.4.33-150400.4.34.1 * php7-snmp-7.4.33-150400.4.34.1 * php7-bcmath-debuginfo-7.4.33-150400.4.34.1 * php7-intl-7.4.33-150400.4.34.1 * php7-embed-debuginfo-7.4.33-150400.4.34.1 * php7-sysvshm-7.4.33-150400.4.34.1 * php7-dom-debuginfo-7.4.33-150400.4.34.1 * php7-mysql-7.4.33-150400.4.34.1 * php7-sockets-7.4.33-150400.4.34.1 * php7-ctype-debuginfo-7.4.33-150400.4.34.1 * php7-pcntl-debuginfo-7.4.33-150400.4.34.1 * php7-fpm-debugsource-7.4.33-150400.4.34.1 * php7-pgsql-debuginfo-7.4.33-150400.4.34.1 * php7-sodium-debuginfo-7.4.33-150400.4.34.1 * php7-embed-7.4.33-150400.4.34.1 * php7-curl-7.4.33-150400.4.34.1 * php7-sockets-debuginfo-7.4.33-150400.4.34.1 * php7-posix-7.4.33-150400.4.34.1 * php7-ldap-7.4.33-150400.4.34.1 * php7-enchant-7.4.33-150400.4.34.1 * php7-mysql-debuginfo-7.4.33-150400.4.34.1 * php7-tokenizer-7.4.33-150400.4.34.1 * php7-enchant-debuginfo-7.4.33-150400.4.34.1 * php7-json-debuginfo-7.4.33-150400.4.34.1 * php7-phar-7.4.33-150400.4.34.1 * php7-xmlrpc-7.4.33-150400.4.34.1 * php7-openssl-debuginfo-7.4.33-150400.4.34.1 * php7-fpm-debuginfo-7.4.33-150400.4.34.1 * apache2-mod_php7-7.4.33-150400.4.34.1 * php7-ldap-debuginfo-7.4.33-150400.4.34.1 * php7-sqlite-7.4.33-150400.4.34.1 * php7-debugsource-7.4.33-150400.4.34.1 * php7-sysvmsg-7.4.33-150400.4.34.1 * php7-tidy-7.4.33-150400.4.34.1 * php7-tokenizer-debuginfo-7.4.33-150400.4.34.1 * php7-xmlwriter-7.4.33-150400.4.34.1 * php7-fpm-7.4.33-150400.4.34.1 * php7-gd-debuginfo-7.4.33-150400.4.34.1 * php7-openssl-7.4.33-150400.4.34.1 * apache2-mod_php7-debuginfo-7.4.33-150400.4.34.1 * php7-sysvmsg-debuginfo-7.4.33-150400.4.34.1 * php7-test-7.4.33-150400.4.34.1 * php7-pdo-7.4.33-150400.4.34.1 * php7-readline-7.4.33-150400.4.34.1 * php7-json-7.4.33-150400.4.34.1 * php7-mbstring-debuginfo-7.4.33-150400.4.34.1 * php7-opcache-7.4.33-150400.4.34.1 * php7-xsl-7.4.33-150400.4.34.1 * Legacy Module 15-SP5 (aarch64 ppc64le s390x x86_64) * apache2-mod_php7-debugsource-7.4.33-150400.4.34.1 * php7-gmp-7.4.33-150400.4.34.1 * php7-gettext-7.4.33-150400.4.34.1 * php7-sodium-7.4.33-150400.4.34.1 * php7-posix-debuginfo-7.4.33-150400.4.34.1 * php7-soap-7.4.33-150400.4.34.1 * php7-zip-debuginfo-7.4.33-150400.4.34.1 * php7-xmlreader-7.4.33-150400.4.34.1 * php7-tidy-debuginfo-7.4.33-150400.4.34.1 * php7-dba-debuginfo-7.4.33-150400.4.34.1 * php7-fileinfo-debuginfo-7.4.33-150400.4.34.1 * php7-intl-debuginfo-7.4.33-150400.4.34.1 * php7-cli-debuginfo-7.4.33-150400.4.34.1 * php7-shmop-7.4.33-150400.4.34.1 * php7-xmlreader-debuginfo-7.4.33-150400.4.34.1 * php7-zlib-7.4.33-150400.4.34.1 * php7-7.4.33-150400.4.34.1 * php7-xsl-debuginfo-7.4.33-150400.4.34.1 * php7-bz2-debuginfo-7.4.33-150400.4.34.1 * php7-fastcgi-7.4.33-150400.4.34.1 * php7-curl-debuginfo-7.4.33-150400.4.34.1 * php7-opcache-debuginfo-7.4.33-150400.4.34.1 * php7-iconv-7.4.33-150400.4.34.1 * php7-calendar-7.4.33-150400.4.34.1 * php7-calendar-debuginfo-7.4.33-150400.4.34.1 * php7-exif-7.4.33-150400.4.34.1 * php7-fileinfo-7.4.33-150400.4.34.1 * php7-mbstring-7.4.33-150400.4.34.1 * php7-debuginfo-7.4.33-150400.4.34.1 * php7-bz2-7.4.33-150400.4.34.1 * php7-fastcgi-debuginfo-7.4.33-150400.4.34.1 * php7-sysvshm-debuginfo-7.4.33-150400.4.34.1 * php7-gettext-debuginfo-7.4.33-150400.4.34.1 * php7-iconv-debuginfo-7.4.33-150400.4.34.1 * php7-ftp-debuginfo-7.4.33-150400.4.34.1 * php7-soap-debuginfo-7.4.33-150400.4.34.1 * php7-xmlrpc-debuginfo-7.4.33-150400.4.34.1 * php7-readline-debuginfo-7.4.33-150400.4.34.1 * php7-dom-7.4.33-150400.4.34.1 * php7-gd-7.4.33-150400.4.34.1 * php7-ctype-7.4.33-150400.4.34.1 * php7-sqlite-debuginfo-7.4.33-150400.4.34.1 * php7-ftp-7.4.33-150400.4.34.1 * php7-fastcgi-debugsource-7.4.33-150400.4.34.1 * php7-shmop-debuginfo-7.4.33-150400.4.34.1 * php7-phar-debuginfo-7.4.33-150400.4.34.1 * php7-pgsql-7.4.33-150400.4.34.1 * php7-odbc-7.4.33-150400.4.34.1 * php7-zip-7.4.33-150400.4.34.1 * php7-gmp-debuginfo-7.4.33-150400.4.34.1 * php7-zlib-debuginfo-7.4.33-150400.4.34.1 * php7-dba-7.4.33-150400.4.34.1 * php7-exif-debuginfo-7.4.33-150400.4.34.1 * php7-sysvsem-7.4.33-150400.4.34.1 * php7-snmp-debuginfo-7.4.33-150400.4.34.1 * php7-cli-7.4.33-150400.4.34.1 * php7-odbc-debuginfo-7.4.33-150400.4.34.1 * php7-pdo-debuginfo-7.4.33-150400.4.34.1 * php7-devel-7.4.33-150400.4.34.1 * php7-xmlwriter-debuginfo-7.4.33-150400.4.34.1 * php7-bcmath-7.4.33-150400.4.34.1 * php7-pcntl-7.4.33-150400.4.34.1 * php7-sysvsem-debuginfo-7.4.33-150400.4.34.1 * php7-snmp-7.4.33-150400.4.34.1 * php7-bcmath-debuginfo-7.4.33-150400.4.34.1 * php7-intl-7.4.33-150400.4.34.1 * php7-sysvshm-7.4.33-150400.4.34.1 * php7-dom-debuginfo-7.4.33-150400.4.34.1 * php7-mysql-7.4.33-150400.4.34.1 * php7-sockets-7.4.33-150400.4.34.1 * php7-ctype-debuginfo-7.4.33-150400.4.34.1 * php7-pcntl-debuginfo-7.4.33-150400.4.34.1 * php7-fpm-debugsource-7.4.33-150400.4.34.1 * php7-pgsql-debuginfo-7.4.33-150400.4.34.1 * php7-sodium-debuginfo-7.4.33-150400.4.34.1 * php7-curl-7.4.33-150400.4.34.1 * php7-sockets-debuginfo-7.4.33-150400.4.34.1 * php7-posix-7.4.33-150400.4.34.1 * php7-ldap-7.4.33-150400.4.34.1 * php7-enchant-7.4.33-150400.4.34.1 * php7-mysql-debuginfo-7.4.33-150400.4.34.1 * php7-tokenizer-7.4.33-150400.4.34.1 * php7-enchant-debuginfo-7.4.33-150400.4.34.1 * php7-json-debuginfo-7.4.33-150400.4.34.1 * php7-phar-7.4.33-150400.4.34.1 * php7-xmlrpc-7.4.33-150400.4.34.1 * php7-openssl-debuginfo-7.4.33-150400.4.34.1 * php7-fpm-debuginfo-7.4.33-150400.4.34.1 * apache2-mod_php7-7.4.33-150400.4.34.1 * php7-ldap-debuginfo-7.4.33-150400.4.34.1 * php7-sqlite-7.4.33-150400.4.34.1 * php7-debugsource-7.4.33-150400.4.34.1 * php7-sysvmsg-7.4.33-150400.4.34.1 * php7-tidy-7.4.33-150400.4.34.1 * php7-tokenizer-debuginfo-7.4.33-150400.4.34.1 * php7-xmlwriter-7.4.33-150400.4.34.1 * php7-fpm-7.4.33-150400.4.34.1 * php7-gd-debuginfo-7.4.33-150400.4.34.1 * php7-openssl-7.4.33-150400.4.34.1 * apache2-mod_php7-debuginfo-7.4.33-150400.4.34.1 * php7-sysvmsg-debuginfo-7.4.33-150400.4.34.1 * php7-pdo-7.4.33-150400.4.34.1 * php7-readline-7.4.33-150400.4.34.1 * php7-json-7.4.33-150400.4.34.1 * php7-mbstring-debuginfo-7.4.33-150400.4.34.1 * php7-opcache-7.4.33-150400.4.34.1 * php7-xsl-7.4.33-150400.4.34.1 * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x x86_64) * php7-embed-debugsource-7.4.33-150400.4.34.1 * php7-embed-7.4.33-150400.4.34.1 * php7-embed-debuginfo-7.4.33-150400.4.34.1 ## References: * https://www.suse.com/security/cve/CVE-2024-2756.html * https://www.suse.com/security/cve/CVE-2024-3096.html * https://bugzilla.suse.com/show_bug.cgi?id=1222857 * https://bugzilla.suse.com/show_bug.cgi?id=1222858 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Apr 26 08:30:25 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 26 Apr 2024 08:30:25 -0000 Subject: SUSE-SU-2024:1440-1: important: Security update for python-gunicorn Message-ID: <171412022573.2708.15822710594145407969@smelt2.prg2.suse.org> # Security update for python-gunicorn Announcement ID: SUSE-SU-2024:1440-1 Rating: important References: * bsc#1222950 Cross-References: * CVE-2024-1135 CVSS scores: * CVE-2024-1135 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.5 * Python 3 Module 15-SP5 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for python-gunicorn fixes the following issues: * CVE-2024-1135: Fixed HTTP Request Smuggling (bsc#1222950) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-1440=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-1440=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-1440=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-1440=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-1440=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-1440=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1440=1 * Python 3 Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Python3-15-SP5-2024-1440=1 ## Package List: * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * python311-gunicorn-20.1.0-150400.12.6.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * python311-gunicorn-20.1.0-150400.12.6.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (noarch) * python311-gunicorn-20.1.0-150400.12.6.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch) * python311-gunicorn-20.1.0-150400.12.6.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * python311-gunicorn-20.1.0-150400.12.6.1 * openSUSE Leap 15.4 (noarch) * python311-gunicorn-20.1.0-150400.12.6.1 * openSUSE Leap 15.5 (noarch) * python311-gunicorn-20.1.0-150400.12.6.1 * Python 3 Module 15-SP5 (noarch) * python311-gunicorn-20.1.0-150400.12.6.1 ## References: * https://www.suse.com/security/cve/CVE-2024-1135.html * https://bugzilla.suse.com/show_bug.cgi?id=1222950 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Apr 26 08:30:28 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 26 Apr 2024 08:30:28 -0000 Subject: SUSE-SU-2024:1439-1: moderate: Security update for python-idna Message-ID: <171412022866.2708.3053071840752370486@smelt2.prg2.suse.org> # Security update for python-idna Announcement ID: SUSE-SU-2024:1439-1 Rating: moderate References: * bsc#1222842 Cross-References: * CVE-2024-3651 CVSS scores: * CVE-2024-3651 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.5 * openSUSE Leap Micro 5.3 * openSUSE Leap Micro 5.4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for python-idna fixes the following issues: * CVE-2024-3651: Fixed potential DoS via resource consumption via specially crafted inputs to idna.encode() (bsc#1222842). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap Micro 5.3 zypper in -t patch openSUSE-Leap-Micro-5.3-2024-1439=1 * openSUSE Leap Micro 5.4 zypper in -t patch openSUSE-Leap-Micro-5.4-2024-1439=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1439=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-1439=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-1439=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-1439=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-1439=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-1439=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-1439=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-1439=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-1439=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-1439=1 ## Package List: * openSUSE Leap Micro 5.3 (noarch) * python3-idna-2.6-150000.3.3.1 * openSUSE Leap Micro 5.4 (noarch) * python3-idna-2.6-150000.3.3.1 * openSUSE Leap 15.5 (noarch) * python3-idna-2.6-150000.3.3.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (noarch) * python3-idna-2.6-150000.3.3.1 * SUSE Linux Enterprise Micro 5.3 (noarch) * python3-idna-2.6-150000.3.3.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (noarch) * python3-idna-2.6-150000.3.3.1 * SUSE Linux Enterprise Micro 5.4 (noarch) * python3-idna-2.6-150000.3.3.1 * SUSE Linux Enterprise Micro 5.5 (noarch) * python3-idna-2.6-150000.3.3.1 * Basesystem Module 15-SP5 (noarch) * python3-idna-2.6-150000.3.3.1 * SUSE Linux Enterprise Micro 5.1 (noarch) * python3-idna-2.6-150000.3.3.1 * SUSE Linux Enterprise Micro 5.2 (noarch) * python3-idna-2.6-150000.3.3.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (noarch) * python3-idna-2.6-150000.3.3.1 ## References: * https://www.suse.com/security/cve/CVE-2024-3651.html * https://bugzilla.suse.com/show_bug.cgi?id=1222842 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Apr 26 08:30:32 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 26 Apr 2024 08:30:32 -0000 Subject: SUSE-SU-2024:1438-1: important: Security update for qemu Message-ID: <171412023215.2708.2957808214484761999@smelt2.prg2.suse.org> # Security update for qemu Announcement ID: SUSE-SU-2024:1438-1 Rating: important References: * bsc#1213269 * bsc#1218889 * bsc#1222843 * bsc#1222845 Cross-References: * CVE-2023-3019 * CVE-2023-6683 * CVE-2024-3446 * CVE-2024-3447 CVSS scores: * CVE-2023-3019 ( SUSE ): 7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H * CVE-2023-3019 ( NVD ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H * CVE-2023-6683 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6683 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-3446 ( SUSE ): 8.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H * CVE-2024-3447 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.5 * Server Applications Module 15-SP5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Package Hub 15 15-SP5 An update that solves four vulnerabilities can now be installed. ## Description: This update for qemu fixes the following issues: * CVE-2024-3447: Fixed heap buffer overflow in sdhci_write_dataport() (bsc#1222845) * CVE-2023-6683: Fixed NULL pointer dereference in qemu_clipboard_request() (bsc#1218889) * CVE-2024-3446: Fixed DMA reentrancy issue leads to double free vulnerability (bsc#1222843) * CVE-2023-3019: Fixed heap use-after-free in e1000e_write_packet_to_guest() (bsc#1213269) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-1438=1 openSUSE-SLE-15.5-2024-1438=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-1438=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-1438=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-1438=1 * Server Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP5-2024-1438=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * qemu-hw-display-qxl-7.1.0-150500.49.15.1 * qemu-hw-display-qxl-debuginfo-7.1.0-150500.49.15.1 * qemu-guest-agent-debuginfo-7.1.0-150500.49.15.1 * qemu-audio-jack-7.1.0-150500.49.15.1 * qemu-audio-alsa-debuginfo-7.1.0-150500.49.15.1 * qemu-audio-jack-debuginfo-7.1.0-150500.49.15.1 * qemu-chardev-spice-7.1.0-150500.49.15.1 * qemu-chardev-spice-debuginfo-7.1.0-150500.49.15.1 * qemu-accel-qtest-debuginfo-7.1.0-150500.49.15.1 * qemu-block-iscsi-7.1.0-150500.49.15.1 * qemu-ui-gtk-debuginfo-7.1.0-150500.49.15.1 * qemu-7.1.0-150500.49.15.1 * qemu-ui-spice-core-debuginfo-7.1.0-150500.49.15.1 * qemu-block-gluster-debuginfo-7.1.0-150500.49.15.1 * qemu-accel-tcg-x86-debuginfo-7.1.0-150500.49.15.1 * qemu-ppc-debuginfo-7.1.0-150500.49.15.1 * qemu-tools-7.1.0-150500.49.15.1 * qemu-chardev-baum-debuginfo-7.1.0-150500.49.15.1 * qemu-audio-dbus-debuginfo-7.1.0-150500.49.15.1 * qemu-ivshmem-tools-debuginfo-7.1.0-150500.49.15.1 * qemu-s390x-debuginfo-7.1.0-150500.49.15.1 * qemu-hw-display-virtio-gpu-7.1.0-150500.49.15.1 * qemu-block-curl-debuginfo-7.1.0-150500.49.15.1 * qemu-arm-7.1.0-150500.49.15.1 * qemu-audio-pa-debuginfo-7.1.0-150500.49.15.1 * qemu-hw-display-virtio-gpu-pci-7.1.0-150500.49.15.1 * qemu-lang-7.1.0-150500.49.15.1 * qemu-ppc-7.1.0-150500.49.15.1 * qemu-accel-qtest-7.1.0-150500.49.15.1 * qemu-hw-usb-host-debuginfo-7.1.0-150500.49.15.1 * qemu-vhost-user-gpu-debuginfo-7.1.0-150500.49.15.1 * qemu-hw-s390x-virtio-gpu-ccw-7.1.0-150500.49.15.1 * qemu-block-nfs-7.1.0-150500.49.15.1 * qemu-extra-debuginfo-7.1.0-150500.49.15.1 * qemu-x86-7.1.0-150500.49.15.1 * qemu-accel-tcg-x86-7.1.0-150500.49.15.1 * qemu-audio-alsa-7.1.0-150500.49.15.1 * qemu-audio-oss-7.1.0-150500.49.15.1 * qemu-headless-7.1.0-150500.49.15.1 * qemu-guest-agent-7.1.0-150500.49.15.1 * qemu-debugsource-7.1.0-150500.49.15.1 * qemu-block-iscsi-debuginfo-7.1.0-150500.49.15.1 * qemu-ui-opengl-7.1.0-150500.49.15.1 * qemu-block-nfs-debuginfo-7.1.0-150500.49.15.1 * qemu-audio-pa-7.1.0-150500.49.15.1 * qemu-block-ssh-7.1.0-150500.49.15.1 * qemu-linux-user-debuginfo-7.1.0-150500.49.15.1 * qemu-block-gluster-7.1.0-150500.49.15.1 * qemu-ksm-7.1.0-150500.49.15.1 * qemu-block-ssh-debuginfo-7.1.0-150500.49.15.1 * qemu-ui-curses-7.1.0-150500.49.15.1 * qemu-extra-7.1.0-150500.49.15.1 * qemu-ui-curses-debuginfo-7.1.0-150500.49.15.1 * qemu-linux-user-7.1.0-150500.49.15.1 * qemu-tools-debuginfo-7.1.0-150500.49.15.1 * qemu-ui-dbus-7.1.0-150500.49.15.1 * qemu-x86-debuginfo-7.1.0-150500.49.15.1 * qemu-hw-usb-redirect-debuginfo-7.1.0-150500.49.15.1 * qemu-chardev-baum-7.1.0-150500.49.15.1 * qemu-ui-gtk-7.1.0-150500.49.15.1 * qemu-arm-debuginfo-7.1.0-150500.49.15.1 * qemu-block-curl-7.1.0-150500.49.15.1 * qemu-hw-display-virtio-gpu-pci-debuginfo-7.1.0-150500.49.15.1 * qemu-hw-display-virtio-vga-debuginfo-7.1.0-150500.49.15.1 * qemu-audio-spice-debuginfo-7.1.0-150500.49.15.1 * qemu-ui-opengl-debuginfo-7.1.0-150500.49.15.1 * qemu-debuginfo-7.1.0-150500.49.15.1 * qemu-hw-display-virtio-gpu-debuginfo-7.1.0-150500.49.15.1 * qemu-ui-spice-core-7.1.0-150500.49.15.1 * qemu-hw-usb-smartcard-7.1.0-150500.49.15.1 * qemu-block-dmg-7.1.0-150500.49.15.1 * qemu-linux-user-debugsource-7.1.0-150500.49.15.1 * qemu-audio-oss-debuginfo-7.1.0-150500.49.15.1 * qemu-audio-spice-7.1.0-150500.49.15.1 * qemu-hw-usb-smartcard-debuginfo-7.1.0-150500.49.15.1 * qemu-hw-usb-host-7.1.0-150500.49.15.1 * qemu-ivshmem-tools-7.1.0-150500.49.15.1 * qemu-hw-usb-redirect-7.1.0-150500.49.15.1 * qemu-vhost-user-gpu-7.1.0-150500.49.15.1 * qemu-block-dmg-debuginfo-7.1.0-150500.49.15.1 * qemu-audio-dbus-7.1.0-150500.49.15.1 * qemu-ui-spice-app-debuginfo-7.1.0-150500.49.15.1 * qemu-s390x-7.1.0-150500.49.15.1 * qemu-hw-s390x-virtio-gpu-ccw-debuginfo-7.1.0-150500.49.15.1 * qemu-hw-display-virtio-vga-7.1.0-150500.49.15.1 * qemu-ui-dbus-debuginfo-7.1.0-150500.49.15.1 * qemu-ui-spice-app-7.1.0-150500.49.15.1 * openSUSE Leap 15.5 (s390x x86_64 i586) * qemu-kvm-7.1.0-150500.49.15.1 * openSUSE Leap 15.5 (noarch) * qemu-seabios-1.16.0_0_gd239552-150500.49.15.1 * qemu-skiboot-7.1.0-150500.49.15.1 * qemu-SLOF-7.1.0-150500.49.15.1 * qemu-microvm-7.1.0-150500.49.15.1 * qemu-sgabios-8-150500.49.15.1 * qemu-vgabios-1.16.0_0_gd239552-150500.49.15.1 * qemu-ipxe-1.0.0+-150500.49.15.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * qemu-block-rbd-debuginfo-7.1.0-150500.49.15.1 * qemu-block-rbd-7.1.0-150500.49.15.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 s390x x86_64) * qemu-debugsource-7.1.0-150500.49.15.1 * qemu-ui-opengl-7.1.0-150500.49.15.1 * qemu-tools-7.1.0-150500.49.15.1 * qemu-hw-display-qxl-7.1.0-150500.49.15.1 * qemu-hw-display-qxl-debuginfo-7.1.0-150500.49.15.1 * qemu-guest-agent-debuginfo-7.1.0-150500.49.15.1 * qemu-tools-debuginfo-7.1.0-150500.49.15.1 * qemu-hw-display-virtio-gpu-7.1.0-150500.49.15.1 * qemu-block-curl-debuginfo-7.1.0-150500.49.15.1 * qemu-hw-usb-redirect-debuginfo-7.1.0-150500.49.15.1 * qemu-chardev-spice-7.1.0-150500.49.15.1 * qemu-block-curl-7.1.0-150500.49.15.1 * qemu-hw-usb-redirect-7.1.0-150500.49.15.1 * qemu-chardev-spice-debuginfo-7.1.0-150500.49.15.1 * qemu-hw-display-virtio-vga-debuginfo-7.1.0-150500.49.15.1 * qemu-audio-spice-debuginfo-7.1.0-150500.49.15.1 * qemu-ui-opengl-debuginfo-7.1.0-150500.49.15.1 * qemu-debuginfo-7.1.0-150500.49.15.1 * qemu-7.1.0-150500.49.15.1 * qemu-ui-spice-core-debuginfo-7.1.0-150500.49.15.1 * qemu-hw-display-virtio-gpu-debuginfo-7.1.0-150500.49.15.1 * qemu-ui-spice-core-7.1.0-150500.49.15.1 * qemu-hw-display-virtio-vga-7.1.0-150500.49.15.1 * qemu-audio-spice-7.1.0-150500.49.15.1 * qemu-guest-agent-7.1.0-150500.49.15.1 * SUSE Linux Enterprise Micro 5.5 (aarch64) * qemu-arm-7.1.0-150500.49.15.1 * qemu-arm-debuginfo-7.1.0-150500.49.15.1 * SUSE Linux Enterprise Micro 5.5 (noarch) * qemu-vgabios-1.16.0_0_gd239552-150500.49.15.1 * qemu-seabios-1.16.0_0_gd239552-150500.49.15.1 * qemu-ipxe-1.0.0+-150500.49.15.1 * qemu-sgabios-8-150500.49.15.1 * SUSE Linux Enterprise Micro 5.5 (s390x) * qemu-s390x-7.1.0-150500.49.15.1 * qemu-s390x-debuginfo-7.1.0-150500.49.15.1 * SUSE Linux Enterprise Micro 5.5 (x86_64) * qemu-x86-7.1.0-150500.49.15.1 * qemu-x86-debuginfo-7.1.0-150500.49.15.1 * qemu-accel-tcg-x86-debuginfo-7.1.0-150500.49.15.1 * qemu-accel-tcg-x86-7.1.0-150500.49.15.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * qemu-debugsource-7.1.0-150500.49.15.1 * qemu-tools-debuginfo-7.1.0-150500.49.15.1 * qemu-tools-7.1.0-150500.49.15.1 * qemu-debuginfo-7.1.0-150500.49.15.1 * SUSE Package Hub 15 15-SP5 (noarch) * qemu-seabios-1.16.0_0_gd239552-150500.49.15.1 * qemu-skiboot-7.1.0-150500.49.15.1 * qemu-SLOF-7.1.0-150500.49.15.1 * qemu-microvm-7.1.0-150500.49.15.1 * qemu-sgabios-8-150500.49.15.1 * qemu-vgabios-1.16.0_0_gd239552-150500.49.15.1 * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x x86_64) * qemu-debugsource-7.1.0-150500.49.15.1 * qemu-block-nfs-debuginfo-7.1.0-150500.49.15.1 * qemu-block-dmg-7.1.0-150500.49.15.1 * qemu-block-gluster-7.1.0-150500.49.15.1 * qemu-ivshmem-tools-debuginfo-7.1.0-150500.49.15.1 * qemu-extra-7.1.0-150500.49.15.1 * qemu-audio-oss-debuginfo-7.1.0-150500.49.15.1 * qemu-audio-jack-7.1.0-150500.49.15.1 * qemu-hw-usb-smartcard-debuginfo-7.1.0-150500.49.15.1 * qemu-audio-jack-debuginfo-7.1.0-150500.49.15.1 * qemu-ivshmem-tools-7.1.0-150500.49.15.1 * qemu-vhost-user-gpu-7.1.0-150500.49.15.1 * qemu-accel-qtest-7.1.0-150500.49.15.1 * qemu-block-dmg-debuginfo-7.1.0-150500.49.15.1 * qemu-vhost-user-gpu-debuginfo-7.1.0-150500.49.15.1 * qemu-block-nfs-7.1.0-150500.49.15.1 * qemu-extra-debuginfo-7.1.0-150500.49.15.1 * qemu-accel-qtest-debuginfo-7.1.0-150500.49.15.1 * qemu-debuginfo-7.1.0-150500.49.15.1 * qemu-block-gluster-debuginfo-7.1.0-150500.49.15.1 * qemu-audio-oss-7.1.0-150500.49.15.1 * qemu-hw-usb-smartcard-7.1.0-150500.49.15.1 * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x) * qemu-audio-alsa-debuginfo-7.1.0-150500.49.15.1 * qemu-audio-alsa-7.1.0-150500.49.15.1 * qemu-x86-debuginfo-7.1.0-150500.49.15.1 * qemu-audio-pa-7.1.0-150500.49.15.1 * qemu-accel-tcg-x86-7.1.0-150500.49.15.1 * qemu-x86-7.1.0-150500.49.15.1 * qemu-audio-pa-debuginfo-7.1.0-150500.49.15.1 * qemu-accel-tcg-x86-debuginfo-7.1.0-150500.49.15.1 * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le) * qemu-hw-display-virtio-gpu-pci-debuginfo-7.1.0-150500.49.15.1 * qemu-hw-display-virtio-gpu-7.1.0-150500.49.15.1 * qemu-hw-display-virtio-gpu-debuginfo-7.1.0-150500.49.15.1 * qemu-hw-display-virtio-gpu-pci-7.1.0-150500.49.15.1 * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le x86_64) * qemu-s390x-7.1.0-150500.49.15.1 * qemu-hw-s390x-virtio-gpu-ccw-7.1.0-150500.49.15.1 * qemu-s390x-debuginfo-7.1.0-150500.49.15.1 * qemu-hw-s390x-virtio-gpu-ccw-debuginfo-7.1.0-150500.49.15.1 * SUSE Package Hub 15 15-SP5 (aarch64 s390x x86_64) * qemu-ppc-7.1.0-150500.49.15.1 * qemu-ppc-debuginfo-7.1.0-150500.49.15.1 * SUSE Package Hub 15 15-SP5 (ppc64le s390x x86_64) * qemu-arm-7.1.0-150500.49.15.1 * qemu-arm-debuginfo-7.1.0-150500.49.15.1 * SUSE Package Hub 15 15-SP5 (s390x) * qemu-audio-spice-debuginfo-7.1.0-150500.49.15.1 * qemu-ui-opengl-7.1.0-150500.49.15.1 * qemu-ui-opengl-debuginfo-7.1.0-150500.49.15.1 * qemu-ui-spice-core-debuginfo-7.1.0-150500.49.15.1 * qemu-hw-display-qxl-7.1.0-150500.49.15.1 * qemu-hw-usb-redirect-debuginfo-7.1.0-150500.49.15.1 * qemu-ui-gtk-debuginfo-7.1.0-150500.49.15.1 * qemu-hw-display-qxl-debuginfo-7.1.0-150500.49.15.1 * qemu-ui-spice-app-7.1.0-150500.49.15.1 * qemu-chardev-spice-7.1.0-150500.49.15.1 * qemu-ui-spice-core-7.1.0-150500.49.15.1 * qemu-ui-gtk-7.1.0-150500.49.15.1 * qemu-hw-usb-redirect-7.1.0-150500.49.15.1 * qemu-chardev-spice-debuginfo-7.1.0-150500.49.15.1 * qemu-hw-display-virtio-vga-7.1.0-150500.49.15.1 * qemu-ui-spice-app-debuginfo-7.1.0-150500.49.15.1 * qemu-hw-display-virtio-vga-debuginfo-7.1.0-150500.49.15.1 * qemu-audio-spice-7.1.0-150500.49.15.1 * Server Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * qemu-debugsource-7.1.0-150500.49.15.1 * qemu-block-iscsi-debuginfo-7.1.0-150500.49.15.1 * qemu-block-ssh-7.1.0-150500.49.15.1 * qemu-chardev-baum-debuginfo-7.1.0-150500.49.15.1 * qemu-guest-agent-debuginfo-7.1.0-150500.49.15.1 * qemu-ksm-7.1.0-150500.49.15.1 * qemu-block-ssh-debuginfo-7.1.0-150500.49.15.1 * qemu-audio-dbus-debuginfo-7.1.0-150500.49.15.1 * qemu-ui-curses-7.1.0-150500.49.15.1 * qemu-ui-curses-debuginfo-7.1.0-150500.49.15.1 * qemu-ui-dbus-7.1.0-150500.49.15.1 * qemu-block-curl-debuginfo-7.1.0-150500.49.15.1 * qemu-block-rbd-7.1.0-150500.49.15.1 * qemu-hw-usb-host-7.1.0-150500.49.15.1 * qemu-chardev-baum-7.1.0-150500.49.15.1 * qemu-block-curl-7.1.0-150500.49.15.1 * qemu-lang-7.1.0-150500.49.15.1 * qemu-hw-usb-host-debuginfo-7.1.0-150500.49.15.1 * qemu-audio-dbus-7.1.0-150500.49.15.1 * qemu-block-rbd-debuginfo-7.1.0-150500.49.15.1 * qemu-block-iscsi-7.1.0-150500.49.15.1 * qemu-debuginfo-7.1.0-150500.49.15.1 * qemu-7.1.0-150500.49.15.1 * qemu-ui-dbus-debuginfo-7.1.0-150500.49.15.1 * qemu-guest-agent-7.1.0-150500.49.15.1 * Server Applications Module 15-SP5 (aarch64) * qemu-arm-7.1.0-150500.49.15.1 * qemu-arm-debuginfo-7.1.0-150500.49.15.1 * Server Applications Module 15-SP5 (aarch64 ppc64le x86_64) * qemu-audio-spice-debuginfo-7.1.0-150500.49.15.1 * qemu-ui-opengl-7.1.0-150500.49.15.1 * qemu-ui-opengl-debuginfo-7.1.0-150500.49.15.1 * qemu-ui-spice-core-debuginfo-7.1.0-150500.49.15.1 * qemu-hw-display-qxl-7.1.0-150500.49.15.1 * qemu-hw-usb-redirect-debuginfo-7.1.0-150500.49.15.1 * qemu-ui-gtk-debuginfo-7.1.0-150500.49.15.1 * qemu-hw-display-qxl-debuginfo-7.1.0-150500.49.15.1 * qemu-ui-spice-app-7.1.0-150500.49.15.1 * qemu-chardev-spice-7.1.0-150500.49.15.1 * qemu-ui-spice-core-7.1.0-150500.49.15.1 * qemu-ui-gtk-7.1.0-150500.49.15.1 * qemu-hw-usb-redirect-7.1.0-150500.49.15.1 * qemu-chardev-spice-debuginfo-7.1.0-150500.49.15.1 * qemu-hw-display-virtio-vga-7.1.0-150500.49.15.1 * qemu-ui-spice-app-debuginfo-7.1.0-150500.49.15.1 * qemu-hw-display-virtio-vga-debuginfo-7.1.0-150500.49.15.1 * qemu-audio-spice-7.1.0-150500.49.15.1 * Server Applications Module 15-SP5 (noarch) * qemu-seabios-1.16.0_0_gd239552-150500.49.15.1 * qemu-skiboot-7.1.0-150500.49.15.1 * qemu-SLOF-7.1.0-150500.49.15.1 * qemu-sgabios-8-150500.49.15.1 * qemu-vgabios-1.16.0_0_gd239552-150500.49.15.1 * qemu-ipxe-1.0.0+-150500.49.15.1 * Server Applications Module 15-SP5 (ppc64le) * qemu-ppc-7.1.0-150500.49.15.1 * qemu-ppc-debuginfo-7.1.0-150500.49.15.1 * Server Applications Module 15-SP5 (s390x x86_64) * qemu-hw-display-virtio-gpu-7.1.0-150500.49.15.1 * qemu-hw-display-virtio-gpu-debuginfo-7.1.0-150500.49.15.1 * qemu-kvm-7.1.0-150500.49.15.1 * qemu-hw-display-virtio-gpu-pci-debuginfo-7.1.0-150500.49.15.1 * qemu-hw-display-virtio-gpu-pci-7.1.0-150500.49.15.1 * Server Applications Module 15-SP5 (s390x) * qemu-s390x-7.1.0-150500.49.15.1 * qemu-hw-s390x-virtio-gpu-ccw-7.1.0-150500.49.15.1 * qemu-s390x-debuginfo-7.1.0-150500.49.15.1 * qemu-hw-s390x-virtio-gpu-ccw-debuginfo-7.1.0-150500.49.15.1 * Server Applications Module 15-SP5 (x86_64) * qemu-audio-alsa-debuginfo-7.1.0-150500.49.15.1 * qemu-audio-alsa-7.1.0-150500.49.15.1 * qemu-x86-debuginfo-7.1.0-150500.49.15.1 * qemu-audio-pa-7.1.0-150500.49.15.1 * qemu-accel-tcg-x86-7.1.0-150500.49.15.1 * qemu-x86-7.1.0-150500.49.15.1 * qemu-audio-pa-debuginfo-7.1.0-150500.49.15.1 * qemu-accel-tcg-x86-debuginfo-7.1.0-150500.49.15.1 ## References: * https://www.suse.com/security/cve/CVE-2023-3019.html * https://www.suse.com/security/cve/CVE-2023-6683.html * https://www.suse.com/security/cve/CVE-2024-3446.html * https://www.suse.com/security/cve/CVE-2024-3447.html * https://bugzilla.suse.com/show_bug.cgi?id=1213269 * https://bugzilla.suse.com/show_bug.cgi?id=1218889 * https://bugzilla.suse.com/show_bug.cgi?id=1222843 * https://bugzilla.suse.com/show_bug.cgi?id=1222845 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Apr 26 12:30:08 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 26 Apr 2024 12:30:08 -0000 Subject: SUSE-SU-2024:1447-1: moderate: Security update for openCryptoki Message-ID: <171413460841.10349.14747863748058257037@smelt2.prg2.suse.org> # Security update for openCryptoki Announcement ID: SUSE-SU-2024:1447-1 Rating: moderate References: * bsc#1219217 * jsc#PED-3360 * jsc#PED-3361 Cross-References: * CVE-2024-0914 CVSS scores: * CVE-2024-0914 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-0914 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Products: * openSUSE Leap 15.5 * Server Applications Module 15-SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves one vulnerability and contains two features can now be installed. ## Description: This update for openCryptoki fixes the following issues: Upgrade openCryptoki to version 3.23 (jsc#PED-3360, jsc#PED-3361) * EP11: Add support for FIPS-session mode * CVE-2024-0914: Updates to harden against RSA timing attacks (bsc#1219217) * Bug fixes * provide user(pkcs11) and group(pkcs11) Upgrade to version 3.22 (jsc#PED-3361) * CCA: Add support for the AES-XTS key type using CPACF protected keys * p11sak: Add support for managing certificate objects * p11sak: Add support for public sessions (no-login option) * p11sak: Add support for logging in as SO (security Officer) * p11sak: Add support for importing/exporting Edwards and Montgomery keys * p11sak: Add support for importing of RSA-PSS keys and certificates * CCA/EP11/Soft/ICA: Ensure that the 2 key parts of an AES-XTS key are different Update to version 3.21 (jsc#PED-3360, jsc#PED-3361) * EP11 and CCA: Support concurrent HSM master key changes * CCA: protected-key option * pkcsslotd: no longer run as root user and further hardening * p11sak: Add support for additional key types (DH, DSA, generic secret) * p11sak: Allow wildcards in label filter * p11sak: Allow to specify hex value for CKA_ID attribute * p11sak: Support sorting when listing keys * p11sak: New commands: set-key-attr, copy-key to modify and copy keys * p11sak: New commands: import-key, export-key to import and export keys * Remove support for --disable-locks (transactional memory) * Updates to harden against RSA timing attacks * Bug fixes ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Server Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP5-2024-1447=1 * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-1447=1 openSUSE-SLE-15.5-2024-1447=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-1447=1 ## Package List: * Server Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * openCryptoki-debuginfo-3.23.0-150500.3.3.13 * openCryptoki-debugsource-3.23.0-150500.3.3.13 * openCryptoki-3.23.0-150500.3.3.13 * Server Applications Module 15-SP5 (ppc64le s390x) * openCryptoki-64bit-debuginfo-3.23.0-150500.3.3.13 * openCryptoki-64bit-3.23.0-150500.3.3.13 * Server Applications Module 15-SP5 (ppc64le s390x x86_64) * openCryptoki-devel-3.23.0-150500.3.3.13 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * openCryptoki-devel-debuginfo-3.23.0-150500.3.3.13 * openCryptoki-devel-3.23.0-150500.3.3.13 * openCryptoki-debugsource-3.23.0-150500.3.3.13 * openCryptoki-3.23.0-150500.3.3.13 * openCryptoki-debuginfo-3.23.0-150500.3.3.13 * openSUSE Leap 15.5 (i586) * openCryptoki-32bit-debuginfo-3.23.0-150500.3.3.13 * openCryptoki-32bit-3.23.0-150500.3.3.13 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * openCryptoki-64bit-debuginfo-3.23.0-150500.3.3.13 * openCryptoki-64bit-3.23.0-150500.3.3.13 * SUSE Linux Enterprise Micro 5.5 (s390x) * openCryptoki-debuginfo-3.23.0-150500.3.3.13 * openCryptoki-debugsource-3.23.0-150500.3.3.13 * openCryptoki-3.23.0-150500.3.3.13 ## References: * https://www.suse.com/security/cve/CVE-2024-0914.html * https://bugzilla.suse.com/show_bug.cgi?id=1219217 * https://jira.suse.com/browse/PED-3360 * https://jira.suse.com/browse/PED-3361 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Apr 26 16:30:23 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 26 Apr 2024 16:30:23 -0000 Subject: SUSE-SU-2024:1454-1: important: Security update for the Linux Kernel Message-ID: <171414902370.13301.14068664327264205861@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2024:1454-1 Rating: important References: * bsc#1186060 * bsc#1192145 * bsc#1194516 * bsc#1208995 * bsc#1209635 * bsc#1209657 * bsc#1212514 * bsc#1213456 * bsc#1217987 * bsc#1217988 * bsc#1217989 * bsc#1218336 * bsc#1218447 * bsc#1218479 * bsc#1218562 * bsc#1219170 * bsc#1219264 * bsc#1220320 * bsc#1220340 * bsc#1220366 * bsc#1220411 * bsc#1220413 * bsc#1220442 * bsc#1220445 * bsc#1220468 * bsc#1220484 * bsc#1220521 * bsc#1220528 * bsc#1220529 * bsc#1220532 * bsc#1220536 * bsc#1220554 * bsc#1220556 * bsc#1220560 * bsc#1220561 * bsc#1220566 * bsc#1220575 * bsc#1220580 * bsc#1220583 * bsc#1220611 * bsc#1220615 * bsc#1220625 * bsc#1220631 * bsc#1220638 * bsc#1220640 * bsc#1220641 * bsc#1220662 * bsc#1220669 * bsc#1220687 * bsc#1220692 * bsc#1220697 * bsc#1220703 * bsc#1220706 * bsc#1220739 * bsc#1220743 * bsc#1220745 * bsc#1220749 * bsc#1220751 * bsc#1220764 * bsc#1220768 * bsc#1220769 * bsc#1220777 * bsc#1220779 * bsc#1220785 * bsc#1220790 * bsc#1220794 * bsc#1220826 * bsc#1220829 * bsc#1220836 * bsc#1220846 * bsc#1220850 * bsc#1220861 * bsc#1220871 * bsc#1220883 * bsc#1220946 * bsc#1220969 * bsc#1221044 * bsc#1221058 * bsc#1221061 * bsc#1221077 * bsc#1221088 * bsc#1221293 * bsc#1221532 * bsc#1221534 * bsc#1221541 * bsc#1221548 * bsc#1221575 * bsc#1221605 * bsc#1221606 * bsc#1221608 * bsc#1221830 * bsc#1221934 * bsc#1221935 * bsc#1221949 * bsc#1221952 * bsc#1221965 * bsc#1221966 * bsc#1221969 * bsc#1221989 * bsc#1221991 * bsc#1221992 * bsc#1221993 * bsc#1221994 * bsc#1221997 * bsc#1221998 * bsc#1221999 * bsc#1222000 * bsc#1222001 * bsc#1222002 * bsc#1222004 * bsc#1222117 * bsc#1222422 * bsc#1222585 * bsc#1222619 * bsc#1222660 * bsc#1222664 * bsc#1222669 * bsc#1222706 * jsc#PED-5759 Cross-References: * CVE-2020-36780 * CVE-2020-36782 * CVE-2020-36783 * CVE-2021-23134 * CVE-2021-46909 * CVE-2021-46921 * CVE-2021-46930 * CVE-2021-46938 * CVE-2021-46939 * CVE-2021-46943 * CVE-2021-46944 * CVE-2021-46950 * CVE-2021-46951 * CVE-2021-46958 * CVE-2021-46960 * CVE-2021-46961 * CVE-2021-46962 * CVE-2021-46963 * CVE-2021-46971 * CVE-2021-46981 * CVE-2021-46984 * CVE-2021-46988 * CVE-2021-46990 * CVE-2021-46991 * CVE-2021-46992 * CVE-2021-46998 * CVE-2021-47000 * CVE-2021-47006 * CVE-2021-47013 * CVE-2021-47015 * CVE-2021-47020 * CVE-2021-47034 * CVE-2021-47045 * CVE-2021-47049 * CVE-2021-47051 * CVE-2021-47055 * CVE-2021-47056 * CVE-2021-47058 * CVE-2021-47061 * CVE-2021-47063 * CVE-2021-47065 * CVE-2021-47068 * CVE-2021-47069 * CVE-2021-47070 * CVE-2021-47071 * CVE-2021-47073 * CVE-2021-47077 * CVE-2021-47082 * CVE-2021-47109 * CVE-2021-47110 * CVE-2021-47112 * CVE-2021-47114 * CVE-2021-47117 * CVE-2021-47118 * CVE-2021-47119 * CVE-2021-47120 * CVE-2021-47138 * CVE-2021-47139 * CVE-2021-47141 * CVE-2021-47142 * CVE-2021-47144 * CVE-2021-47153 * CVE-2021-47161 * CVE-2021-47165 * CVE-2021-47166 * CVE-2021-47167 * CVE-2021-47168 * CVE-2021-47169 * CVE-2021-47170 * CVE-2021-47171 * CVE-2021-47172 * CVE-2021-47173 * CVE-2021-47177 * CVE-2021-47179 * CVE-2021-47180 * CVE-2021-47181 * CVE-2021-47183 * CVE-2021-47185 * CVE-2021-47189 * CVE-2022-0487 * CVE-2022-4744 * CVE-2022-48626 * CVE-2023-0160 * CVE-2023-1192 * CVE-2023-28746 * CVE-2023-35827 * CVE-2023-52454 * CVE-2023-52469 * CVE-2023-52470 * CVE-2023-52474 * CVE-2023-52476 * CVE-2023-52477 * CVE-2023-52500 * CVE-2023-52509 * CVE-2023-52572 * CVE-2023-52575 * CVE-2023-52583 * CVE-2023-52590 * CVE-2023-52591 * CVE-2023-52607 * CVE-2023-52628 * CVE-2023-6270 * CVE-2023-6356 * CVE-2023-6531 * CVE-2023-6535 * CVE-2023-6536 * CVE-2023-7042 * CVE-2023-7192 * CVE-2024-22099 * CVE-2024-26600 * CVE-2024-26614 * CVE-2024-26642 * CVE-2024-26704 * CVE-2024-26733 CVSS scores: * CVE-2020-36780 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2020-36782 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2020-36783 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-23134 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-23134 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-46909 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46909 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46921 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2021-46930 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2021-46930 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46938 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-46939 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46939 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46943 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46943 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-46944 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46944 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46950 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N * CVE-2021-46950 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-46951 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46951 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46958 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46960 ( SUSE ): 2.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L * CVE-2021-46961 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46963 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46971 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2021-46981 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46988 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46990 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46991 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2021-46992 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2021-46998 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47000 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2021-47006 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47013 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47020 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2021-47045 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47049 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47056 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47058 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:H * CVE-2021-47061 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47063 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47065 ( SUSE ): 6.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H * CVE-2021-47068 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47069 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47070 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2021-47071 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2021-47073 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47077 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47082 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47109 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47110 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47112 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2021-47114 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47117 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47118 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47119 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47120 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47138 ( SUSE ): 4.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2021-47139 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47141 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47142 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47144 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47153 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47161 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47165 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47166 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47167 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47168 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47169 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47170 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47171 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47172 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47173 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47177 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47179 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47180 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47181 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47183 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47185 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47189 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-0487 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-0487 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2022-4744 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-4744 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48626 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2022-48626 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-0160 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-0160 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-1192 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-1192 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-28746 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2023-35827 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52454 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52454 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52469 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2023-52469 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52470 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52470 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52474 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N * CVE-2023-52474 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52476 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52477 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52500 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2023-52509 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52572 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N * CVE-2023-52575 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52583 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52590 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2023-52591 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2023-52607 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52628 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6270 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6270 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6356 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6356 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6531 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6531 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6535 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6535 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6536 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6536 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-7042 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-7042 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-7192 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-7192 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-22099 ( SUSE ): 5.3 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-22099 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26600 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26600 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26614 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26642 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26704 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26733 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Availability Extension 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Live Patching 15-SP2 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 Business Critical Linux 15-SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Manager Proxy 4.1 * SUSE Manager Retail Branch Server 4.1 * SUSE Manager Server 4.1 An update that solves 114 vulnerabilities, contains one feature and has four security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2020-36780: Fixed a reference leak when pm_runtime_get_sync fails in i2c (bsc#1220556). * CVE-2020-36782: Fixed a reference leak when pm_runtime_get_sync fails in i2c imx-lpi2c (bsc#1220560). * CVE-2020-36783: Fixed a reference leak when pm_runtime_get_sync fails in i2c img-scb (bsc#1220561). * CVE-2021-23134: Fixed a use-after-free issue in nfc sockets (bsc#1186060). * CVE-2021-46909: Fixed a PCI interrupt mapping in ARM footbridge (bsc#1220442). * CVE-2021-46921: Fixed ordering in queued_write_lock_slowpath (bsc#1220468). * CVE-2021-46930: Fixed a list_head check warning caused by uninitialization of list_head in usb mtu3 (bsc#1220484). * CVE-2021-46938: Fixed a double free of blk_mq_tag_set in dev remove after table load fails in dm rq (bsc#1220554). * CVE-2021-46939: Fixed a denial of service in trace_clock_global() in tracing (bsc#1220580). * CVE-2021-46943: Fixed an oops in set_fmt error handling in media: staging/intel-ipu3 (bsc#1220583). * CVE-2021-46944: Fixed a memory leak in imu_fmt in media staging/intel-ipu3 (bsc#1220566). * CVE-2021-46950: Fixed a data corruption bug in raid1 arrays using bitmaps in md/raid1 (bsc#1220662). * CVE-2021-46951: Fixed an integer underflow of efi_tpm_final_log_size in tpm_read_log_efi in tpm efi (bsc#1220615). * CVE-2021-46958: Fixed a race between transaction aborts and fsyncs leading to use-after-free in btrfs (bsc#1220521). * CVE-2021-46960: Fixed a warning on smb2_get_enc_key in cifs (bsc#1220528). * CVE-2021-46961: Fixed an error on not enabling irqs when handling spurious interrups in irqchip/gic-v3 (bsc#1220529). * CVE-2021-46962: Fixed a resource leak in the remove function in mmc uniphier-sd (bsc#1220532). * CVE-2021-46963: Fixed a denial of service in qla2xxx_mqueuecommand() in scsi qla2xxx (bsc#1220536) * CVE-2021-46971: Fixed unconditional security_locked_down() call in perf/core (bsc#1220697). * CVE-2021-46981: Fixed a NULL pointer in flush_workqueue in nbd (bsc#1220611). * CVE-2021-46984: Fixed an out of bounds access in kyber_bio_merge() in kyber (bsc#1220631). * CVE-2021-46988: Fixed release page in error path to avoid BUG_ON in userfaultfd (bsc#1220706). * CVE-2021-46990: Fixed a denial of service when toggling entry flush barrier in powerpc/64s (bsc#1220743). * CVE-2021-46991: Fixed a use-after-free in i40e_client_subtask (bsc#1220575). * CVE-2021-46992: Fixed a bug to avoid overflows in nft_hash_buckets (bsc#1220638). * CVE-2021-46998: Fixed an use after free bug in enic_hard_start_xmit in ethernet/enic (bsc#1220625). * CVE-2021-47000: Fixed an inode leak on getattr error in __fh_to_dentry in ceph (bsc#1220669). * CVE-2021-47006: Fixed wrong check in overflow_handler hook in ARM 9064/1 hw_breakpoint (bsc#1220751). * CVE-2021-47013: Fixed a use after free in emac_mac_tx_buf_send (bsc#1220641). * CVE-2021-47015: Fixed a RX consumer index logic in the error path in bnxt_rx_pkt() in bnxt_en (bsc#1220794). * CVE-2021-47020: Fixed a memory leak in stream config error path in soundwire stream (bsc#1220785). * CVE-2021-47034: Fixed a kernel memory fault for pte update on radix in powerpc/64s (bsc#1220687). * CVE-2021-47045: Fixed a null pointer dereference in lpfc_prep_els_iocb() in scsi lpfc (bsc#1220640). * CVE-2021-47049: Fixed an after free in __vmbus_open() in hv vmbus (bsc#1220692). * CVE-2021-47051: Fixed a PM reference leak in lpspi_prepare_xfer_hardware() in spi fsl-lpspi (bsc#1220764). * CVE-2021-47055: Fixed missing permissions for locking and badblock ioctls in mtd (bsc#1220768). * CVE-2021-47056: Fixed a user-memory-access error on vf2pf_lock in crypto (bsc#1220769). * CVE-2021-47058: Fixed a possible user-after-free in set debugfs_name in regmap (bsc#1220779). * CVE-2021-47061: Fixed a bug in KVM by destroy I/O bus devices on unregister failure _after_ sync'ing SRCU (bsc#1220745). * CVE-2021-47063: Fixed a potential use-after-free during bridge detach in drm bridge/panel (bsc#1220777). * CVE-2021-47065: Fixed an array overrun in rtw_get_tx_power_params() in rtw88 (bsc#1220749). * CVE-2021-47068: Fixed a use-after-free issue in llcp_sock_bind/connect (bsc#1220739). * CVE-2021-47069: Fixed a crash due to relying on a stack reference past its expiry in ipc/mqueue, ipc/msg, ipc/sem (bsc#1220826). * CVE-2021-47070: Fixed a memory leak in error handling paths on memory allocated by vmbus_alloc_ring in uio_hv_generic (bsc#1220829). * CVE-2021-47071: Fixed a memory leak in error handling paths in hv_uio_cleanup() in uio_hv_generic (bsc#1220846). * CVE-2021-47073: Fixed a oops on rmmod dell_smbios exit_dell_smbios_wmi() in platform/x86 dell-smbios-wmi (bsc#1220850). * CVE-2021-47077: Fixed a NULL pointer dereference when in shost_data (bsc#1220861). * CVE-2021-47082: Fixed a double free in tun_free_netdev in tun (bsc#1220969). * CVE-2021-47109: Fixed an overflow in neighbour table in neighbour (bsc#1221534). * CVE-2021-47110: Fixed possible memory corruption when restoring from hibernation in x86/kvm (bsc#1221532). * CVE-2021-47112: Fixed possible memory corruption when restoring from hibernation in x86/kvm (bsc#1221541). * CVE-2021-47114: Fixed a data corruption by fallocate in ocfs2 (bsc#1221548). * CVE-2021-47117: Fixed a crash in ext4_es_cache_extent as ext4_split_extent_at failed in ext4 (bsc#1221575). * CVE-2021-47118: Fixed an use-after-free in init task's struct pid in pid (bsc#1221605). * CVE-2021-47119: Fixed a memory leak in ext4_fill_super in ext4 (bsc#1221608). * CVE-2021-47120: Fixed a NULL pointer dereference on disconnect in HID magicmouse (bsc#1221606). * CVE-2021-47138: Fixed an out-of-bound memory access during clearing filters in cxgb4 (bsc#1221934). * CVE-2021-47139: Fixed a race condition that lead to oops in netdevice registration in net hns3 (bsc#1221935). * CVE-2021-47141: Fixed a null pointer dereference on priv->msix_vectors when driver is unloaded in gve (bsc#1221949). * CVE-2021-47142: Fixed an use-after-free on ttm->sg in drm/amdgpu (bsc#1221952). * CVE-2021-47144: Fixed a refcount leak in amdgpufb_create in drm/amd/amdgpu (bsc#1221989). * CVE-2021-47153: Fixed an out-of-range memory access during bus reset in the case of a block transaction in i2c/i801 (bsc#1221969). * CVE-2021-47161: Fixed a resource leak in an error handling path in the error handling path of the probe function in spi spi-fsl-dspi (bsc#1221966). * CVE-2021-47165: Fixed a NULL pointer dereference when component was not probed during shutdown in drm/mesonhe (bsc#1221965). * CVE-2021-47166: Fixed a data corruption of pg_bytes_written in nfs_do_recoalesce() in nfs (bsc#1221998). * CVE-2021-47167: Fixed an oopsable condition in __nfs_pageio_add_request() in nfs (bsc#1221991). * CVE-2021-47168: Fixed an incorrect limit in filelayout_decode_layout() in nfs (bsc#1222002). * CVE-2021-47169: Fixed a NULL pointer dereference in rp2_probe in serial rp2 (bsc#1222000). * CVE-2021-47170: Fixed a WARN about excessively large memory allocations in usb usbfs (bsc#1222004). * CVE-2021-47171: Fixed a memory leak in smsc75xx_bind in net usb (bsc#1221994). * CVE-2021-47172: Fixed a potential overflow due to non sequential channel numbers in adc/ad7124 (bsc#1221992). * CVE-2021-47173: Fixed a memory leak in uss720_probe in misc/uss720 (bsc#1221993). * CVE-2021-47177: Fixed a sysfs leak in alloc_iommu() in iommu/vt-d (bsc#1221997). * CVE-2021-47179: Fixed a NULL pointer dereference in pnfs_mark_matching_lsegs_return() in nfsv4 (bsc#1222001). * CVE-2021-47180: Fixed a memory leak in nci_allocate_device nfcmrvl_disconnect in nfc nci (bsc#1221999). * CVE-2021-47181: Fixed a null pointer dereference caused by calling platform_get_resource() (bsc#1222660). * CVE-2021-47183: Fixed a null pointer dereference during link down processing in scsi lpfc (bsc#1192145, bsc#1222664). * CVE-2021-47185: Fixed a softlockup issue in flush_to_ldisc in tty tty_buffer (bsc#1222669). * CVE-2021-47189: Fixed denial of service due to memory ordering issues between normal and ordered work functions in btrfs (bsc#1222706). * CVE-2022-0487: Fixed an use-after-free vulnerability in rtsx_usb_ms_drv_remove() in drivers/memstick/host/rtsx_usb_ms.c (bsc#1194516). * CVE-2022-4744: Fixed a double-free that could lead to DoS or privilege escalation in TUN/TAP device driver functionality (bsc#1209635). * CVE-2022-48626: Fixed a potential use-after-free on remove path in moxart (bsc#1220366). * CVE-2023-0160: Fixed deadlock flaw in BPF that could allow a local user to potentially crash the system (bsc#1209657). * CVE-2023-1192: Fixed use-after-free in cifs_demultiplex_thread() (bsc#1208995). * CVE-2023-28746: Fixed Register File Data Sampling (bsc#1213456). * CVE-2023-35827: Fixed a use-after-free issue in ravb_tx_timeout_work() (bsc#1212514). * CVE-2023-52454: Fixed a kernel panic when host sends an invalid H2C PDU length in nvmet-tcp (bsc#1220320). * CVE-2023-52469: Fixed an use-after-free in kv_parse_power_table in drivers/amd/pm (bsc#1220411). * CVE-2023-52470: Fixed null-ptr-deref in radeon_crtc_init() (bsc#1220413). * CVE-2023-52474: Fixed a data corruption in user SDMA requests in IB/hfi1 (bsc#1220445). * CVE-2023-52476: Fixed possible unhandled page fault via perf sampling NMI during vsyscall (bsc#1220703). * CVE-2023-52477: Fixed USB Hub accesses to uninitialized BOS descriptors (bsc#1220790). * CVE-2023-52500: Fixed information leaking when processing OPC_INB_SET_CONTROLLER_CONFIG command (bsc#1220883). * CVE-2023-52500: Fixed leaking tags when processing OPC_INB_SET_CONTROLLER_CONFIG command in scsi in pm80xx (bsc#1220883). * CVE-2023-52509: Fixed a use-after-free issue in ravb_tx_timeout_work() (bsc#1220836). * CVE-2023-52572: Fixed UAF in cifs_demultiplex_thread() in cifs (bsc#1220946). * CVE-2023-52575: Fixed SBPB enablement for spec_rstack_overflow=off (bsc#1220871). * CVE-2023-52583: Fixed deadlock or deadcode of misusing dget() inside ceph (bsc#1221058). * CVE-2023-52590: Fixed a possible ocfs2 filesystem corruption via directory renaming (bsc#1221088). * CVE-2023-52591: Fixed a possible reiserfs filesystem corruption via directory renaming (bsc#1221044). * CVE-2023-52607: Fixed null-pointer dereference in pgtable_cache_add kasprintf() in powerpc/mm (bsc#1221061). * CVE-2023-52628: Fixed 4-byte stack OOB write in nftables (bsc#1222117). * CVE-2023-6270: Fixed a use-after-free issue in aoecmd_cfg_pkts (bsc#1218562). * CVE-2023-6356: Fixed a NULL pointer dereference in nvmet_tcp_build_pdu_iovec (bsc#1217987). * CVE-2023-6531: Fixed a use-after-free flaw due to a race problem in the unix garbage collector's deletion of SKB races (bsc#1218447). * CVE-2023-6535: Fixed a NULL pointer dereference in nvmet_tcp_execute_request (bsc#1217988). * CVE-2023-6536: Fixed a NULL pointer dereference in __nvmet_req_complete (bsc#1217989). * CVE-2023-7042: Fixed a null pointer dereference in ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() in drivers/net/wireless/ath/ath10k/wmi-tlv.c in net (bsc#1218336). * CVE-2023-7192: Fixed a memory leak problem in ctnetlink_create_conntrack in net/netfilter/nf_conntrack_netlink.c (bsc#1218479). * CVE-2024-22099: Fixed a null pointer dereference in /net/bluetooth/rfcomm/core.C in bluetooth (bsc#1219170). * CVE-2024-26600: Fixed null pointer dereference for SRP in phy-omap-usb2 (bsc#1220340). * CVE-2024-26614: Fixed the initialization of accept_queue's spinlocks (bsc#1221293). * CVE-2024-26642: Fixed the set of anonymous timeout flag in netfilter nf_tables (bsc#1221830). * CVE-2024-26704: Fixed a double-free of blocks due to wrong extents moved_len in ext4 (bsc#1222422). * CVE-2024-26733: Fixed an overflow in arp_req_get() in arp (bsc#1222585). The following non-security bugs were fixed: * doc/README.SUSE: Update information about module support status (jsc#PED-5759) * usb: hub: Guard against accesses to uninitialized BOS descriptors (git- fixes). * fs,hugetlb: fix NULL pointer dereference in hugetlbs_fill_super (bsc#1219264). * tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc (bsc#1222619). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP2 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP2-2024-1454=1 * SUSE Linux Enterprise High Availability Extension 15 SP2 zypper in -t patch SUSE-SLE-Product-HA-15-SP2-2024-1454=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-1454=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-1454=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-1454=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP2 (nosrc) * kernel-default-5.3.18-150200.24.188.1 * SUSE Linux Enterprise Live Patching 15-SP2 (ppc64le s390x x86_64) * kernel-default-livepatch-devel-5.3.18-150200.24.188.1 * kernel-default-debuginfo-5.3.18-150200.24.188.1 * kernel-default-livepatch-5.3.18-150200.24.188.1 * kernel-livepatch-5_3_18-150200_24_188-default-1-150200.5.3.3 * kernel-livepatch-SLE15-SP2_Update_47-debugsource-1-150200.5.3.3 * kernel-livepatch-5_3_18-150200_24_188-default-debuginfo-1-150200.5.3.3 * kernel-default-debugsource-5.3.18-150200.24.188.1 * SUSE Linux Enterprise High Availability Extension 15 SP2 (aarch64 ppc64le s390x x86_64) * gfs2-kmp-default-5.3.18-150200.24.188.1 * ocfs2-kmp-default-5.3.18-150200.24.188.1 * cluster-md-kmp-default-5.3.18-150200.24.188.1 * gfs2-kmp-default-debuginfo-5.3.18-150200.24.188.1 * kernel-default-debuginfo-5.3.18-150200.24.188.1 * dlm-kmp-default-debuginfo-5.3.18-150200.24.188.1 * ocfs2-kmp-default-debuginfo-5.3.18-150200.24.188.1 * dlm-kmp-default-5.3.18-150200.24.188.1 * cluster-md-kmp-default-debuginfo-5.3.18-150200.24.188.1 * kernel-default-debugsource-5.3.18-150200.24.188.1 * SUSE Linux Enterprise High Availability Extension 15 SP2 (nosrc) * kernel-default-5.3.18-150200.24.188.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 nosrc x86_64) * kernel-default-5.3.18-150200.24.188.1 * kernel-preempt-5.3.18-150200.24.188.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * kernel-preempt-devel-debuginfo-5.3.18-150200.24.188.1 * kernel-preempt-debugsource-5.3.18-150200.24.188.1 * kernel-syms-5.3.18-150200.24.188.1 * kernel-preempt-devel-5.3.18-150200.24.188.1 * kernel-default-debuginfo-5.3.18-150200.24.188.1 * kernel-obs-build-debugsource-5.3.18-150200.24.188.1 * kernel-default-devel-debuginfo-5.3.18-150200.24.188.1 * kernel-obs-build-5.3.18-150200.24.188.1 * kernel-default-devel-5.3.18-150200.24.188.1 * kernel-preempt-debuginfo-5.3.18-150200.24.188.1 * kernel-default-base-5.3.18-150200.24.188.1.150200.9.95.3 * kernel-default-debugsource-5.3.18-150200.24.188.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (noarch) * kernel-macros-5.3.18-150200.24.188.1 * kernel-devel-5.3.18-150200.24.188.1 * kernel-source-5.3.18-150200.24.188.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (noarch nosrc) * kernel-docs-5.3.18-150200.24.188.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-5.3.18-150200.24.188.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * kernel-syms-5.3.18-150200.24.188.1 * kernel-default-debuginfo-5.3.18-150200.24.188.1 * reiserfs-kmp-default-5.3.18-150200.24.188.1 * kernel-obs-build-debugsource-5.3.18-150200.24.188.1 * reiserfs-kmp-default-debuginfo-5.3.18-150200.24.188.1 * kernel-default-devel-debuginfo-5.3.18-150200.24.188.1 * kernel-obs-build-5.3.18-150200.24.188.1 * kernel-default-devel-5.3.18-150200.24.188.1 * kernel-default-base-5.3.18-150200.24.188.1.150200.9.95.3 * kernel-default-debugsource-5.3.18-150200.24.188.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (noarch) * kernel-macros-5.3.18-150200.24.188.1 * kernel-devel-5.3.18-150200.24.188.1 * kernel-source-5.3.18-150200.24.188.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (noarch nosrc) * kernel-docs-5.3.18-150200.24.188.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 nosrc x86_64) * kernel-preempt-5.3.18-150200.24.188.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * kernel-preempt-devel-debuginfo-5.3.18-150200.24.188.1 * kernel-preempt-debugsource-5.3.18-150200.24.188.1 * kernel-preempt-devel-5.3.18-150200.24.188.1 * kernel-preempt-debuginfo-5.3.18-150200.24.188.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (nosrc ppc64le x86_64) * kernel-default-5.3.18-150200.24.188.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * kernel-syms-5.3.18-150200.24.188.1 * kernel-default-debuginfo-5.3.18-150200.24.188.1 * reiserfs-kmp-default-5.3.18-150200.24.188.1 * kernel-obs-build-debugsource-5.3.18-150200.24.188.1 * reiserfs-kmp-default-debuginfo-5.3.18-150200.24.188.1 * kernel-default-devel-debuginfo-5.3.18-150200.24.188.1 * kernel-obs-build-5.3.18-150200.24.188.1 * kernel-default-devel-5.3.18-150200.24.188.1 * kernel-default-base-5.3.18-150200.24.188.1.150200.9.95.3 * kernel-default-debugsource-5.3.18-150200.24.188.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (noarch) * kernel-macros-5.3.18-150200.24.188.1 * kernel-devel-5.3.18-150200.24.188.1 * kernel-source-5.3.18-150200.24.188.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (noarch nosrc) * kernel-docs-5.3.18-150200.24.188.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (nosrc x86_64) * kernel-preempt-5.3.18-150200.24.188.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (x86_64) * kernel-preempt-devel-debuginfo-5.3.18-150200.24.188.1 * kernel-preempt-debugsource-5.3.18-150200.24.188.1 * kernel-preempt-devel-5.3.18-150200.24.188.1 * kernel-preempt-debuginfo-5.3.18-150200.24.188.1 ## References: * https://www.suse.com/security/cve/CVE-2020-36780.html * https://www.suse.com/security/cve/CVE-2020-36782.html * https://www.suse.com/security/cve/CVE-2020-36783.html * https://www.suse.com/security/cve/CVE-2021-23134.html * https://www.suse.com/security/cve/CVE-2021-46909.html * https://www.suse.com/security/cve/CVE-2021-46921.html * https://www.suse.com/security/cve/CVE-2021-46930.html * https://www.suse.com/security/cve/CVE-2021-46938.html * https://www.suse.com/security/cve/CVE-2021-46939.html * https://www.suse.com/security/cve/CVE-2021-46943.html * https://www.suse.com/security/cve/CVE-2021-46944.html * https://www.suse.com/security/cve/CVE-2021-46950.html * https://www.suse.com/security/cve/CVE-2021-46951.html * https://www.suse.com/security/cve/CVE-2021-46958.html * https://www.suse.com/security/cve/CVE-2021-46960.html * https://www.suse.com/security/cve/CVE-2021-46961.html * https://www.suse.com/security/cve/CVE-2021-46962.html * https://www.suse.com/security/cve/CVE-2021-46963.html * https://www.suse.com/security/cve/CVE-2021-46971.html * https://www.suse.com/security/cve/CVE-2021-46981.html * https://www.suse.com/security/cve/CVE-2021-46984.html * https://www.suse.com/security/cve/CVE-2021-46988.html * https://www.suse.com/security/cve/CVE-2021-46990.html * https://www.suse.com/security/cve/CVE-2021-46991.html * https://www.suse.com/security/cve/CVE-2021-46992.html * https://www.suse.com/security/cve/CVE-2021-46998.html * https://www.suse.com/security/cve/CVE-2021-47000.html * https://www.suse.com/security/cve/CVE-2021-47006.html * https://www.suse.com/security/cve/CVE-2021-47013.html * https://www.suse.com/security/cve/CVE-2021-47015.html * https://www.suse.com/security/cve/CVE-2021-47020.html * https://www.suse.com/security/cve/CVE-2021-47034.html * https://www.suse.com/security/cve/CVE-2021-47045.html * https://www.suse.com/security/cve/CVE-2021-47049.html * https://www.suse.com/security/cve/CVE-2021-47051.html * https://www.suse.com/security/cve/CVE-2021-47055.html * https://www.suse.com/security/cve/CVE-2021-47056.html * https://www.suse.com/security/cve/CVE-2021-47058.html * https://www.suse.com/security/cve/CVE-2021-47061.html * https://www.suse.com/security/cve/CVE-2021-47063.html * https://www.suse.com/security/cve/CVE-2021-47065.html * https://www.suse.com/security/cve/CVE-2021-47068.html * https://www.suse.com/security/cve/CVE-2021-47069.html * https://www.suse.com/security/cve/CVE-2021-47070.html * https://www.suse.com/security/cve/CVE-2021-47071.html * https://www.suse.com/security/cve/CVE-2021-47073.html * https://www.suse.com/security/cve/CVE-2021-47077.html * https://www.suse.com/security/cve/CVE-2021-47082.html * https://www.suse.com/security/cve/CVE-2021-47109.html * https://www.suse.com/security/cve/CVE-2021-47110.html * https://www.suse.com/security/cve/CVE-2021-47112.html * https://www.suse.com/security/cve/CVE-2021-47114.html * https://www.suse.com/security/cve/CVE-2021-47117.html * https://www.suse.com/security/cve/CVE-2021-47118.html * https://www.suse.com/security/cve/CVE-2021-47119.html * https://www.suse.com/security/cve/CVE-2021-47120.html * https://www.suse.com/security/cve/CVE-2021-47138.html * https://www.suse.com/security/cve/CVE-2021-47139.html * https://www.suse.com/security/cve/CVE-2021-47141.html * https://www.suse.com/security/cve/CVE-2021-47142.html * https://www.suse.com/security/cve/CVE-2021-47144.html * https://www.suse.com/security/cve/CVE-2021-47153.html * https://www.suse.com/security/cve/CVE-2021-47161.html * https://www.suse.com/security/cve/CVE-2021-47165.html * https://www.suse.com/security/cve/CVE-2021-47166.html * https://www.suse.com/security/cve/CVE-2021-47167.html * https://www.suse.com/security/cve/CVE-2021-47168.html * https://www.suse.com/security/cve/CVE-2021-47169.html * https://www.suse.com/security/cve/CVE-2021-47170.html * https://www.suse.com/security/cve/CVE-2021-47171.html * https://www.suse.com/security/cve/CVE-2021-47172.html * https://www.suse.com/security/cve/CVE-2021-47173.html * https://www.suse.com/security/cve/CVE-2021-47177.html * https://www.suse.com/security/cve/CVE-2021-47179.html * https://www.suse.com/security/cve/CVE-2021-47180.html * https://www.suse.com/security/cve/CVE-2021-47181.html * https://www.suse.com/security/cve/CVE-2021-47183.html * https://www.suse.com/security/cve/CVE-2021-47185.html * https://www.suse.com/security/cve/CVE-2021-47189.html * https://www.suse.com/security/cve/CVE-2022-0487.html * https://www.suse.com/security/cve/CVE-2022-4744.html * https://www.suse.com/security/cve/CVE-2022-48626.html * https://www.suse.com/security/cve/CVE-2023-0160.html * https://www.suse.com/security/cve/CVE-2023-1192.html * https://www.suse.com/security/cve/CVE-2023-28746.html * https://www.suse.com/security/cve/CVE-2023-35827.html * https://www.suse.com/security/cve/CVE-2023-52454.html * https://www.suse.com/security/cve/CVE-2023-52469.html * https://www.suse.com/security/cve/CVE-2023-52470.html * https://www.suse.com/security/cve/CVE-2023-52474.html * https://www.suse.com/security/cve/CVE-2023-52476.html * https://www.suse.com/security/cve/CVE-2023-52477.html * https://www.suse.com/security/cve/CVE-2023-52500.html * https://www.suse.com/security/cve/CVE-2023-52509.html * https://www.suse.com/security/cve/CVE-2023-52572.html * https://www.suse.com/security/cve/CVE-2023-52575.html * https://www.suse.com/security/cve/CVE-2023-52583.html * https://www.suse.com/security/cve/CVE-2023-52590.html * https://www.suse.com/security/cve/CVE-2023-52591.html * https://www.suse.com/security/cve/CVE-2023-52607.html * https://www.suse.com/security/cve/CVE-2023-52628.html * https://www.suse.com/security/cve/CVE-2023-6270.html * https://www.suse.com/security/cve/CVE-2023-6356.html * https://www.suse.com/security/cve/CVE-2023-6531.html * https://www.suse.com/security/cve/CVE-2023-6535.html * https://www.suse.com/security/cve/CVE-2023-6536.html * https://www.suse.com/security/cve/CVE-2023-7042.html * https://www.suse.com/security/cve/CVE-2023-7192.html * https://www.suse.com/security/cve/CVE-2024-22099.html * https://www.suse.com/security/cve/CVE-2024-26600.html * https://www.suse.com/security/cve/CVE-2024-26614.html * https://www.suse.com/security/cve/CVE-2024-26642.html * https://www.suse.com/security/cve/CVE-2024-26704.html * https://www.suse.com/security/cve/CVE-2024-26733.html * https://bugzilla.suse.com/show_bug.cgi?id=1186060 * https://bugzilla.suse.com/show_bug.cgi?id=1192145 * https://bugzilla.suse.com/show_bug.cgi?id=1194516 * https://bugzilla.suse.com/show_bug.cgi?id=1208995 * https://bugzilla.suse.com/show_bug.cgi?id=1209635 * https://bugzilla.suse.com/show_bug.cgi?id=1209657 * https://bugzilla.suse.com/show_bug.cgi?id=1212514 * https://bugzilla.suse.com/show_bug.cgi?id=1213456 * https://bugzilla.suse.com/show_bug.cgi?id=1217987 * https://bugzilla.suse.com/show_bug.cgi?id=1217988 * https://bugzilla.suse.com/show_bug.cgi?id=1217989 * https://bugzilla.suse.com/show_bug.cgi?id=1218336 * https://bugzilla.suse.com/show_bug.cgi?id=1218447 * https://bugzilla.suse.com/show_bug.cgi?id=1218479 * https://bugzilla.suse.com/show_bug.cgi?id=1218562 * https://bugzilla.suse.com/show_bug.cgi?id=1219170 * https://bugzilla.suse.com/show_bug.cgi?id=1219264 * https://bugzilla.suse.com/show_bug.cgi?id=1220320 * https://bugzilla.suse.com/show_bug.cgi?id=1220340 * https://bugzilla.suse.com/show_bug.cgi?id=1220366 * https://bugzilla.suse.com/show_bug.cgi?id=1220411 * https://bugzilla.suse.com/show_bug.cgi?id=1220413 * https://bugzilla.suse.com/show_bug.cgi?id=1220442 * https://bugzilla.suse.com/show_bug.cgi?id=1220445 * https://bugzilla.suse.com/show_bug.cgi?id=1220468 * https://bugzilla.suse.com/show_bug.cgi?id=1220484 * https://bugzilla.suse.com/show_bug.cgi?id=1220521 * https://bugzilla.suse.com/show_bug.cgi?id=1220528 * https://bugzilla.suse.com/show_bug.cgi?id=1220529 * https://bugzilla.suse.com/show_bug.cgi?id=1220532 * https://bugzilla.suse.com/show_bug.cgi?id=1220536 * https://bugzilla.suse.com/show_bug.cgi?id=1220554 * https://bugzilla.suse.com/show_bug.cgi?id=1220556 * https://bugzilla.suse.com/show_bug.cgi?id=1220560 * https://bugzilla.suse.com/show_bug.cgi?id=1220561 * https://bugzilla.suse.com/show_bug.cgi?id=1220566 * https://bugzilla.suse.com/show_bug.cgi?id=1220575 * https://bugzilla.suse.com/show_bug.cgi?id=1220580 * https://bugzilla.suse.com/show_bug.cgi?id=1220583 * https://bugzilla.suse.com/show_bug.cgi?id=1220611 * https://bugzilla.suse.com/show_bug.cgi?id=1220615 * https://bugzilla.suse.com/show_bug.cgi?id=1220625 * https://bugzilla.suse.com/show_bug.cgi?id=1220631 * https://bugzilla.suse.com/show_bug.cgi?id=1220638 * https://bugzilla.suse.com/show_bug.cgi?id=1220640 * https://bugzilla.suse.com/show_bug.cgi?id=1220641 * https://bugzilla.suse.com/show_bug.cgi?id=1220662 * https://bugzilla.suse.com/show_bug.cgi?id=1220669 * https://bugzilla.suse.com/show_bug.cgi?id=1220687 * https://bugzilla.suse.com/show_bug.cgi?id=1220692 * https://bugzilla.suse.com/show_bug.cgi?id=1220697 * https://bugzilla.suse.com/show_bug.cgi?id=1220703 * https://bugzilla.suse.com/show_bug.cgi?id=1220706 * https://bugzilla.suse.com/show_bug.cgi?id=1220739 * https://bugzilla.suse.com/show_bug.cgi?id=1220743 * https://bugzilla.suse.com/show_bug.cgi?id=1220745 * https://bugzilla.suse.com/show_bug.cgi?id=1220749 * https://bugzilla.suse.com/show_bug.cgi?id=1220751 * https://bugzilla.suse.com/show_bug.cgi?id=1220764 * https://bugzilla.suse.com/show_bug.cgi?id=1220768 * https://bugzilla.suse.com/show_bug.cgi?id=1220769 * https://bugzilla.suse.com/show_bug.cgi?id=1220777 * https://bugzilla.suse.com/show_bug.cgi?id=1220779 * https://bugzilla.suse.com/show_bug.cgi?id=1220785 * https://bugzilla.suse.com/show_bug.cgi?id=1220790 * https://bugzilla.suse.com/show_bug.cgi?id=1220794 * https://bugzilla.suse.com/show_bug.cgi?id=1220826 * https://bugzilla.suse.com/show_bug.cgi?id=1220829 * https://bugzilla.suse.com/show_bug.cgi?id=1220836 * https://bugzilla.suse.com/show_bug.cgi?id=1220846 * https://bugzilla.suse.com/show_bug.cgi?id=1220850 * https://bugzilla.suse.com/show_bug.cgi?id=1220861 * https://bugzilla.suse.com/show_bug.cgi?id=1220871 * https://bugzilla.suse.com/show_bug.cgi?id=1220883 * https://bugzilla.suse.com/show_bug.cgi?id=1220946 * https://bugzilla.suse.com/show_bug.cgi?id=1220969 * https://bugzilla.suse.com/show_bug.cgi?id=1221044 * https://bugzilla.suse.com/show_bug.cgi?id=1221058 * https://bugzilla.suse.com/show_bug.cgi?id=1221061 * https://bugzilla.suse.com/show_bug.cgi?id=1221077 * https://bugzilla.suse.com/show_bug.cgi?id=1221088 * https://bugzilla.suse.com/show_bug.cgi?id=1221293 * https://bugzilla.suse.com/show_bug.cgi?id=1221532 * https://bugzilla.suse.com/show_bug.cgi?id=1221534 * https://bugzilla.suse.com/show_bug.cgi?id=1221541 * https://bugzilla.suse.com/show_bug.cgi?id=1221548 * https://bugzilla.suse.com/show_bug.cgi?id=1221575 * https://bugzilla.suse.com/show_bug.cgi?id=1221605 * https://bugzilla.suse.com/show_bug.cgi?id=1221606 * https://bugzilla.suse.com/show_bug.cgi?id=1221608 * https://bugzilla.suse.com/show_bug.cgi?id=1221830 * https://bugzilla.suse.com/show_bug.cgi?id=1221934 * https://bugzilla.suse.com/show_bug.cgi?id=1221935 * https://bugzilla.suse.com/show_bug.cgi?id=1221949 * https://bugzilla.suse.com/show_bug.cgi?id=1221952 * https://bugzilla.suse.com/show_bug.cgi?id=1221965 * https://bugzilla.suse.com/show_bug.cgi?id=1221966 * https://bugzilla.suse.com/show_bug.cgi?id=1221969 * https://bugzilla.suse.com/show_bug.cgi?id=1221989 * https://bugzilla.suse.com/show_bug.cgi?id=1221991 * https://bugzilla.suse.com/show_bug.cgi?id=1221992 * https://bugzilla.suse.com/show_bug.cgi?id=1221993 * https://bugzilla.suse.com/show_bug.cgi?id=1221994 * https://bugzilla.suse.com/show_bug.cgi?id=1221997 * https://bugzilla.suse.com/show_bug.cgi?id=1221998 * https://bugzilla.suse.com/show_bug.cgi?id=1221999 * https://bugzilla.suse.com/show_bug.cgi?id=1222000 * https://bugzilla.suse.com/show_bug.cgi?id=1222001 * https://bugzilla.suse.com/show_bug.cgi?id=1222002 * https://bugzilla.suse.com/show_bug.cgi?id=1222004 * https://bugzilla.suse.com/show_bug.cgi?id=1222117 * https://bugzilla.suse.com/show_bug.cgi?id=1222422 * https://bugzilla.suse.com/show_bug.cgi?id=1222585 * https://bugzilla.suse.com/show_bug.cgi?id=1222619 * https://bugzilla.suse.com/show_bug.cgi?id=1222660 * https://bugzilla.suse.com/show_bug.cgi?id=1222664 * https://bugzilla.suse.com/show_bug.cgi?id=1222669 * https://bugzilla.suse.com/show_bug.cgi?id=1222706 * https://jira.suse.com/browse/PED-5759 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Apr 26 16:30:25 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 26 Apr 2024 16:30:25 -0000 Subject: SUSE-SU-2024:1453-1: important: Security update for frr Message-ID: <171414902547.13301.17030794825365610660@smelt2.prg2.suse.org> # Security update for frr Announcement ID: SUSE-SU-2024:1453-1 Rating: important References: * bsc#1220548 * bsc#1222518 Cross-References: * CVE-2024-27913 * CVE-2024-31948 CVSS scores: * CVE-2024-27913 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-31948 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.5 * Server Applications Module 15-SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves two vulnerabilities can now be installed. ## Description: This update for frr fixes the following issues: * CVE-2024-27913: Fixed a denial of service issue via a malformed OSPF LSA packet (bsc#1220548). * CVE-2024-31948: Fixed denial of service due to malformed Prefix SID attribute in BGP Update packet (bsc#1222518). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-1453=1 openSUSE-SLE-15.5-2024-1453=1 * Server Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP5-2024-1453=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * libfrrfpm_pb0-debuginfo-8.4-150500.4.20.1 * libfrr0-8.4-150500.4.20.1 * frr-8.4-150500.4.20.1 * libfrrzmq0-debuginfo-8.4-150500.4.20.1 * libfrrsnmp0-debuginfo-8.4-150500.4.20.1 * libmlag_pb0-8.4-150500.4.20.1 * libmlag_pb0-debuginfo-8.4-150500.4.20.1 * libfrr_pb0-debuginfo-8.4-150500.4.20.1 * libfrrfpm_pb0-8.4-150500.4.20.1 * libfrrzmq0-8.4-150500.4.20.1 * libfrr0-debuginfo-8.4-150500.4.20.1 * frr-debugsource-8.4-150500.4.20.1 * libfrrcares0-debuginfo-8.4-150500.4.20.1 * frr-devel-8.4-150500.4.20.1 * libfrrospfapiclient0-8.4-150500.4.20.1 * libfrrcares0-8.4-150500.4.20.1 * libfrrospfapiclient0-debuginfo-8.4-150500.4.20.1 * libfrr_pb0-8.4-150500.4.20.1 * libfrrsnmp0-8.4-150500.4.20.1 * frr-debuginfo-8.4-150500.4.20.1 * Server Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * libfrrfpm_pb0-debuginfo-8.4-150500.4.20.1 * libfrr0-8.4-150500.4.20.1 * frr-8.4-150500.4.20.1 * libfrrzmq0-debuginfo-8.4-150500.4.20.1 * libfrrsnmp0-debuginfo-8.4-150500.4.20.1 * libmlag_pb0-8.4-150500.4.20.1 * libmlag_pb0-debuginfo-8.4-150500.4.20.1 * libfrr_pb0-debuginfo-8.4-150500.4.20.1 * libfrrfpm_pb0-8.4-150500.4.20.1 * libfrrzmq0-8.4-150500.4.20.1 * libfrr0-debuginfo-8.4-150500.4.20.1 * frr-debugsource-8.4-150500.4.20.1 * libfrrcares0-debuginfo-8.4-150500.4.20.1 * frr-devel-8.4-150500.4.20.1 * libfrrospfapiclient0-8.4-150500.4.20.1 * libfrrcares0-8.4-150500.4.20.1 * libfrrospfapiclient0-debuginfo-8.4-150500.4.20.1 * libfrr_pb0-8.4-150500.4.20.1 * libfrrsnmp0-8.4-150500.4.20.1 * frr-debuginfo-8.4-150500.4.20.1 ## References: * https://www.suse.com/security/cve/CVE-2024-27913.html * https://www.suse.com/security/cve/CVE-2024-31948.html * https://bugzilla.suse.com/show_bug.cgi?id=1220548 * https://bugzilla.suse.com/show_bug.cgi?id=1222518 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Apr 26 16:30:28 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 26 Apr 2024 16:30:28 -0000 Subject: SUSE-SU-2024:1452-1: low: Security update for java-11-openjdk Message-ID: <171414902836.13301.12494814042982440108@smelt2.prg2.suse.org> # Security update for java-11-openjdk Announcement ID: SUSE-SU-2024:1452-1 Rating: low References: * bsc#1213470 * bsc#1222979 * bsc#1222983 * bsc#1222984 * bsc#1222986 * bsc#1222987 Cross-References: * CVE-2024-21011 * CVE-2024-21012 * CVE-2024-21068 * CVE-2024-21085 * CVE-2024-21094 CVSS scores: * CVE-2024-21011 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-21012 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2024-21068 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2024-21085 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-21094 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves five vulnerabilities and has one security fix can now be installed. ## Description: This update for java-11-openjdk fixes the following issues: * CVE-2024-21011: Fixed denial of service due to long Exception message logging (JDK-8319851,bsc#1222979) * CVE-2024-21012: Fixed unauthorized data modification due HTTP/2 client improper reverse DNS lookup (JDK-8315708,bsc#1222987) * CVE-2024-21068: Fixed integer overflow in C1 compiler address generation (JDK-8322122,bsc#1222983) * CVE-2024-21085: Fixed denial of service due to Pack200 excessive memory allocation (JDK-8322114,bsc#1222984) * CVE-2024-21094: Fixed unauthorized data modification due to C2 compilation failure with "Exceeded _node_regs array" (JDK-8317507,JDK-8325348,bsc#1222986) Other fixes: \- Upgrade to upstream tag jdk-11.0.23+9 (April 2024 CPU) * Security fixes \+ JDK-8318340: Improve RSA key implementations * Other changes \+ JDK-6928542: Chinese characters in RTF are not decoded \+ JDK-7132796: [macosx] closed/javax/swing/JComboBox/4517214/ /bug4517214.java fails on MacOS \+ JDK-7148092: [macosx] When Alt+down arrow key is pressed, the combobox popup does not appear. \+ JDK-8054022: HttpURLConnection timeouts with Expect: 100-Continue and no chunking \+ JDK-8054572: [macosx] JComboBox paints the border incorrectly \+ JDK-8058176: [mlvm] tests should not allow code cache exhaustion \+ JDK-8067651: LevelTransitionTest.java, fix trivial methods levels logic \+ JDK-8068225: nsk/jdi/EventQueue/remove_l/remove_l005 intermittently times out \+ JDK-8156889: ListKeychainStore.sh fails in some virtualized environments \+ JDK-8166275: vm/mlvm/meth/stress/compiler/deoptimize keeps timeouting \+ JDK-8166554: Avoid compilation blocking in OverloadCompileQueueTest.java \+ JDK-8169475: WheelModifier.java fails by timeout \+ JDK-8180266: Convert sun/security/provider/KeyStore/DKSTest.sh to Java Jtreg Test \+ JDK-8186610: move ModuleUtils to top-level testlibrary \+ JDK-8192864: defmeth tests can hide failures \+ JDK-8193543: Regression automated test '/open/test/jdk/java/ /awt/TrayIcon/SystemTrayInstance/SystemTrayInstanceTest.java' fails \+ JDK-8198668: MemoryPoolMBean/isUsageThresholdExceeded/ /isexceeded001/TestDescription.java still failing \+ JDK-8202282: [TESTBUG] appcds TestCommon .makeCommandLineForAppCDS() can be removed \+ JDK-8202790: DnD test DisposeFrameOnDragTest.java does not clean up \+ JDK-8202931: [macos] java/awt/Choice/ChoicePopupLocation/ /ChoicePopupLocation.java fails \+ JDK-8207211: [TESTBUG] Remove excessive output from CDS/AppCDS tests \+ JDK-8207214: Broken links in JDK API serialized-form page \+ JDK-8207855: Make applications/jcstress invoke tests in batches \+ JDK-8208243: vmTestbase/gc/lock/jni/jnilock002/ /TestDescription.java fails in jdk/hs nightly \+ JDK-8208278: [mlvm] [TESTBUG] vm.mlvm.mixed.stress.java .findDeadlock.INDIFY_Test Deadlocked threads are not always detected \+ JDK-8208623: [TESTBUG] runtime/LoadClass/LongBCP.java fails in AUFS file system \+ JDK-8208699: remove unneeded imports from runtime tests \+ JDK-8208704: runtime/appcds/MultiReleaseJars.java timed out often in hs-tier7 testing \+ JDK-8208705: [TESTBUG] The -Xlog:cds,cds+hashtables vm option is not always required for appcds tests \+ JDK-8209549: remove VMPropsExt from TEST.ROOT \+ JDK-8209595: MonitorVmStartTerminate.java timed out \+ JDK-8209946: [TESTBUG] CDS tests should use "@run driver" \+ JDK-8211438: [Testbug] runtime/XCheckJniJsig/XCheckJSig.java looks for libjsig in wrong location \+ JDK-8211978: Move testlibrary/jdk/testlibrary/ /SimpleSSLContext.java and testkeys to network testlibrary \+ JDK-8213622: Windows VS2013 build failure - "'snprintf': identifier not found" \+ JDK-8213926: WB_EnqueueInitializerForCompilation requests compilation for NULL \+ JDK-8213927: G1 ignores AlwaysPreTouch when UseTransparentHugePages is enabled \+ JDK-8214908: add ctw tests for jdk.jfr and jdk.management.jfr modules \+ JDK-8214915: CtwRunner misses export for jdk.internal.access \+ JDK-8216408: XMLStreamWriter setDefaultNamespace(null) throws NullPointerException \+ JDK-8217475: Unexpected StackOverflowError in "process reaper" thread \+ JDK-8218754: JDK-8068225 regression in JDIBreakpointTest \+ JDK-8219475: javap man page needs to be updated \+ JDK-8219585: [TESTBUG] sun/management/jmxremote/bootstrap/ /JMXInterfaceBindingTest.java passes trivially when it shouldn't \+ JDK-8219612: [TESTBUG] compiler.codecache.stress.Helper .TestCaseImpl can't be defined in different runtime package as its nest host \+ JDK-8225471: Test utility jdk.test.lib.util.FileUtils .areAllMountPointsAccessible needs to tolerate duplicates \+ JDK-8226706: (se) Reduce the number of outer loop iterations on Windows in java/nio/channels/Selector/RacyDeregister.java \+ JDK-8226905: unproblem list applications/ctw/modules/ _tests on windows \+ JDK-8226910: make it possible to use jtreg 's -match via run-test framework \+ JDK-8227438: [TESTLIB] Determine if file exists by Files.exists in function FileUtils.deleteFileIfExistsWithRetry \+ JDK-8231585: java/lang/management/ThreadMXBean/ /MaxDepthForThreadInfoTest.java fails with java.lang.NullPointerException \+ JDK-8232839: JDI AfterThreadDeathTest.java failed due to "FAILED: Did not get expected IllegalThreadStateException on a StepRequest.enable()" \+ JDK-8233453: MLVM deoptimize stress test timed out \+ JDK-8234309: LFGarbageCollectedTest.java fails with parse Exception \+ JDK-8237222: [macos] java/awt/Focus/UnaccessibleChoice/ /AccessibleChoiceTest.java fails \+ JDK-8237777: "Dumping core ..." is shown despite claiming that "# No core dump will be written." \+ JDK-8237834: com/sun/jndi/ldap/LdapDnsProviderTest.java failing with LDAP response read timeout \+ JDK-8238274: (sctp) JDK-7118373 is not fixed for SctpChannel \+ JDK-8239801: [macos] java/awt/Focus/UnaccessibleChoice/ /AccessibleChoiceTest.java fails \+ JDK-8244679: JVM/TI GetCurrentContendedMonitor/contmon001 failed due to "(IsSameObject#3) unexpected monitor object: 0x000000562336DBA8" \+ JDK-8246222: Rename javac test T6395981.java to be more informative \+ JDK-8247818: GCC 10 warning stringop- overflow with symbol code \+ JDK-8249087: Always initialize _body[0..1] in Symbol constructor \+ JDK-8251349: Add TestCaseImpl to OverloadCompileQueueTest.java's build dependencies \+ JDK-8251904: vmTestbase/nsk/sysdict/vm/stress/btree/btree010/ /btree010.java fails with ClassNotFoundException: nsk.sysdict.share.BTree0LLRLRLRRLR \+ JDK-8253543: sanity/client/SwingSet/src/ /ButtonDemoScreenshotTest.java failed with "AssertionError: All pixels are not black" \+ JDK-8253739: java/awt/image/MultiResolutionImage/ /MultiResolutionImageObserverTest.java fails \+ JDK-8253820: Save test images and dumps with timestamps from client sanity suite \+ JDK-8255277: randomDelay in DrainDeadlockT and LoggingDeadlock do not randomly delay \+ JDK-8255546: Missing coverage for javax.smartcardio.CardPermission and ResponseAPDU \+ JDK-8255743: Relax SIGFPE match in in runtime/ErrorHandling/SecondaryErrorTest.java \+ JDK-8257505: nsk/share/test/StressOptions stressTime is scaled in getter but not when printed \+ JDK-8259801: Enable XML Signature secure validation mode by default \+ JDK-8264135: UnsafeGetStableArrayElement should account for different JIT implementation details \+ JDK-8265349: vmTestbase/../stress/compiler/deoptimize/ /Test.java fails with OOME due to CodeCache exhaustion. \+ JDK-8269025: jsig/Testjsig.java doesn't check exit code \+ JDK-8269077: TestSystemGC uses "require vm.gc.G1" for large pages subtest \+ JDK-8271094: runtime/duplAttributes/DuplAttributesTest.java doesn't check exit code \+ JDK-8271224: runtime/EnclosingMethodAttr/EnclMethodAttr.java doesn't check exit code \+ JDK-8271828: mark hotspot runtime/classFileParserBug tests which ignore external VM flags \+ JDK-8271829: mark hotspot runtime/Throwable tests which ignore external VM flags \+ JDK-8271890: mark hotspot runtime/Dictionary tests which ignore external VM flags \+ JDK-8272291: mark hotspot runtime/logging tests which ignore external VM flags \+ JDK-8272335: runtime/cds/appcds/MoveJDKTest.java doesn't check exit codes \+ JDK-8272551: mark hotspot runtime/modules tests which ignore external VM flags \+ JDK-8272552: mark hotspot runtime/cds tests which ignore external VM flags \+ JDK-8273803: Zero: Handle "zero" variant in CommandLineOptionTest.java \+ JDK-8274122: java/io/File/createTempFile/SpecialTempFile.java fails in Windows 11 \+ JDK-8274621: NullPointerException because listenAddress[0] is null \+ JDK-8276796: gc/TestSystemGC.java large pages subtest fails with ZGC \+ JDK-8280007: Enable Neoverse N1 optimizations for Arm Neoverse V1 & N2 \+ JDK-8281149: (fs) java/nio/file/FileStore/Basic.java fails with java.lang.RuntimeException: values differ by more than 1GB \+ JDK-8281377: Remove vmTestbase/nsk/monitoring/ThreadMXBean/ /ThreadInfo/Deadlock/JavaDeadlock001/TestDescription.java from problemlist. \+ JDK-8281717: Cover logout method for several LoginModule \+ JDK-8282665: [REDO] ByteBufferTest.java: replace endless recursion with RuntimeException in void ck(double x, double y) \+ JDK-8284090: com/sun/security/auth/module/AllPlatforms.java fails to compile \+ JDK-8285756: clean up use of bad arguments for `@clean` in langtools tests \+ JDK-8285785: CheckCleanerBound test fails with PasswordCallback object is not released \+ JDK-8285867: Convert applet manual tests SelectionVisible.java to Frame and automate \+ JDK-8286846: test/jdk/javax/swing/plaf/aqua/ /CustomComboBoxFocusTest.java fails on mac aarch64 \+ JDK-8286969: Add a new test library API to execute kinit in SecurityTools.java \+ JDK-8287113: JFR: Periodic task thread uses period for method sampling events \+ JDK-8289511: Improve test coverage for XPath Axes: child \+ JDK-8289764: gc/lock tests failed with "OutOfMemoryError: Java heap space: failed reallocation of scalar replaced objects" \+ JDK-8289948: Improve test coverage for XPath functions: Node Set Functions \+ JDK-8290399: [macos] Aqua LAF does not fire an action event if combo box menu is displayed \+ JDK-8290909: MemoryPoolMBean/isUsageThresholdExceeded tests failed with "isUsageThresholdExceeded() returned false, and is still false, while threshold = MMMMMMM and used peak = NNNNNNN" \+ JDK-8292182: [TESTLIB] Enhance JAXPPolicyManager to setup required permissions for jtreg version 7 jar \+ JDK-8292946: GC lock/jni/jnilock001 test failed "assert(gch->gc_cause() == GCCause::_scavenge_alot || !gch->incremental_collection_failed()) failed: Twice in a row" \+ JDK-8293819: sun/util/logging/PlatformLoggerTest.java failed with "RuntimeException: Retrieved backing PlatformLogger level null is not the expected CONFIG" \+ JDK-8294158: HTML formatting for PassFailJFrame instructions \+ JDK-8294254: [macOS] javax/swing/plaf/aqua/ /CustomComboBoxFocusTest.java failure \+ JDK-8294402: Add diagnostic logging to VMProps.checkDockerSupport \+ JDK-8294535: Add screen capture functionality to PassFailJFrame \+ JDK-8296083: javax/swing/JTree/6263446/bug6263446.java fails intermittently on a VM \+ JDK-8296384: [TESTBUG] sun/security/provider/SecureRandom/ /AbstractDrbg/SpecTest.java intermittently timeout \+ JDK-8299494: Test vmTestbase/nsk/stress/except/except011.java failed: ExceptionInInitializerError: target class not found \+ JDK-8300269: The selected item in an editable JComboBox with titled border is not visible in Aqua LAF \+ JDK-8300727: java/awt/List/ListGarbageCollectionTest/ /AwtListGarbageCollectionTest.java failed with "List wasn't garbage collected" \+ JDK-8301310: The SendRawSysexMessage test may cause a JVM crash \+ JDK-8301377: adjust timeout for JLI GetObjectSizeIntrinsicsTest.java subtest again \+ JDK-8301846: Invalid TargetDataLine after screen lock when using JFileChooser or COM library \+ JDK-8302017: Allocate BadPaddingException only if it will be thrown \+ JDK-8302109: Trivial fixes to btree tests \+ JDK-8302149: Speed up compiler/jsr292/methodHandleExceptions/TestAMEnotNPE.java \+ JDK-8302607: increase timeout for ContinuousCallSiteTargetChange.java \+ JDK-8304074: [JMX] Add an approximation of total bytes allocated on the Java heap by the JVM \+ JDK-8304314: StackWalkTest.java fails after CODETOOLS-7903373 \+ JDK-8304725: AsyncGetCallTrace can cause SIGBUS on M1 \+ JDK-8305502: adjust timeouts in three more M&M tests \+ JDK-8305505: NPE in javazic compiler \+ JDK-8305972: Update XML Security for Java to 3.0.2 \+ JDK-8306072: Open source several AWT MouseInfo related tests \+ JDK-8306076: Open source AWT misc tests \+ JDK-8306409: Open source AWT KeyBoardFocusManger, LightWeightComponent related tests \+ JDK-8306640: Open source several AWT TextArea related tests \+ JDK-8306652: Open source AWT MenuItem related tests \+ JDK-8306681: Open source more AWT DnD related tests \+ JDK-8306683: Open source several clipboard and color AWT tests \+ JDK-8306752: Open source several container and component AWT tests \+ JDK-8306753: Open source several container AWT tests \+ JDK-8306755: Open source few Swing JComponent and AbstractButton tests \+ JDK-8306812: Open source several AWT Miscellaneous tests \+ JDK-8306871: Open source more AWT Drag & Drop tests \+ JDK-8306996: Open source Swing MenuItem related tests \+ JDK-8307123: Fix deprecation warnings in DPrinter \+ JDK-8307130: Open source few Swing JMenu tests \+ JDK-8307299: Move more DnD tests to open \+ JDK-8307311: Timeouts on one macOS 12.6.1 host of two Swing JTableHeader tests \+ JDK-8307381: Open Source JFrame, JIF related Swing Tests \+ JDK-8307683: Loop Predication should not hoist range checks with trap on success projection by negating their condition \+ JDK-8308043: Deadlock in TestCSLocker.java due to blocking GC while allocating \+ JDK-8308116: jdk.test.lib.compiler.InMemoryJavaCompiler .compile does not close files \+ JDK-8308223: failure handler missed jcmd.vm.info command \+ JDK-8308232: nsk/jdb tests don't pass -verbose flag to the debuggee \+ JDK-8308245: Add -proc:full to describe current default annotation processing policy \+ JDK-8308336: Test java/net/HttpURLConnection/ /HttpURLConnectionExpectContinueTest.java failed: java.net.BindException: Address already in use \+ JDK-8309104: [JVMCI] compiler/unsafe/ /UnsafeGetStableArrayElement test asserts wrong values with Graal \+ JDK-8309119: [17u/11u] Redo JDK-8297951: C2: Create skeleton predicates for all If nodes in loop predication \+ JDK-8309462: [AIX] vmTestbase/nsk/jvmti/RunAgentThread/ /agentthr001/TestDescription.java crashing due to empty while loop \+ JDK-8309778: java/nio/file/Files/CopyAndMove.java fails when using second test directory \+ JDK-8309870: Using -proc:full should be considered requesting explicit annotation processing \+ JDK-8310106: sun.security.ssl.SSLHandshake .getHandshakeProducer() incorrectly checks handshakeConsumers \+ JDK-8310238: [test bug] javax/swing/JTableHeader/6889007/ /bug6889007.java fails \+ JDK-8310551: vmTestbase/nsk/jdb/interrupt/interrupt001/ /interrupt001.java timed out due to missing prompt \+ JDK-8310807: java/nio/channels/DatagramChannel/Connect.java timed out \+ JDK-8311081: KeytoolReaderP12Test.java fail on localized Windows platform \+ JDK-8311511: Improve description of NativeLibrary JFR event \+ JDK-8311585: Add JRadioButtonMenuItem to bug8031573.java \+ JDK-8313081: MonitoringSupport_lock should be unconditionally initialized after 8304074 \+ JDK-8313082: Enable CreateCoredumpOnCrash for testing in makefiles \+ JDK-8313164: src/java.desktop/windows/native/libawt/windows/ /awt_Robot.cpp GetRGBPixels adjust releasing of resources \+ JDK-8313252: Java_sun_awt_windows_ThemeReader_paintBackground release resources in early returns \+ JDK-8313643: Update HarfBuzz to 8.2.2 \+ JDK-8313816: Accessing jmethodID might lead to spurious crashes \+ JDK-8314144: gc/g1/ihop/TestIHOPStatic.java fails due to extra concurrent mark with -Xcomp \+ JDK-8314164: java/net/HttpURLConnection/ /HttpURLConnectionExpectContinueTest.java fails intermittently in timeout \+ JDK-8314883: Java_java_util_prefs_FileSystemPreferences_lockFile0 write result errno in missing case \+ JDK-8315034: File.mkdirs() occasionally fails to create folders on Windows shared folder \+ JDK-8315042: NPE in PKCS7.parseOldSignedData \+ JDK-8315415: OutputAnalyzer.shouldMatchByLine() fails in some cases \+ JDK-8315499: build using devkit on Linux ppc64le RHEL puts path to devkit into libsplashscreen \+ JDK-8315594: Open source few headless Swing misc tests \+ JDK-8315600: Open source few more headless Swing misc tests \+ JDK-8315602: Open source swing security manager test \+ JDK-8315606: Open source few swing text/html tests \+ JDK-8315611: Open source swing text/html and tree test \+ JDK-8315680: java/lang/ref/ReachabilityFenceTest.java should run with -Xbatch \+ JDK-8315731: Open source several Swing Text related tests \+ JDK-8315761: Open source few swing JList and JMenuBar tests \+ JDK-8315986: [macos14] javax/swing/JMenuItem/4654927/ /bug4654927.java: component must be showing on the screen to determine its location \+ JDK-8316001: GC: Make TestArrayAllocatorMallocLimit use createTestJvm \+ JDK-8316028: Update FreeType to 2.13.2 \+ JDK-8316030: Update Libpng to 1.6.40 \+ JDK-8316106: Open source few swing JInternalFrame and JMenuBar tests \+ JDK-8316461: Fix: make test outputs TEST SUCCESS after unsuccessful exit \+ JDK-8316947: Write a test to check textArea triggers MouseEntered/MouseExited events properly \+ JDK-8317307: test/jdk/com/sun/jndi/ldap/ /LdapPoolTimeoutTest.java fails with ConnectException: Connection timed out: no further information \+ JDK-8317327: Remove JT_JAVA dead code in jib-profiles.js \+ JDK-8318154: Improve stability of WheelModifier.java test \+ JDK-8318410: jdk/java/lang/instrument/BootClassPath/ /BootClassPathTest.sh fails on Japanese Windows \+ JDK-8318468: compiler/tiered/LevelTransitionTest.java fails with -XX:CompileThreshold=100 -XX:TieredStopAtLevel=1 \+ JDK-8318603: Parallelize sun/java2d/marlin/ClipShapeTest.java \+ JDK-8318607: Enable parallelism in vmTestbase/nsk/stress/jni tests \+ JDK-8318608: Enable parallelism in vmTestbase/nsk/stress/threads tests \+ JDK-8318736: com/sun/jdi/JdwpOnThrowTest.java failed with "transport error 202: bind failed: Address already in use" \+ JDK-8318889: C2: add bailout after assert Bad graph detected in build_loop_late \+ JDK-8318951: Additional negative value check in JPEG decoding \+ JDK-8318955: Add ReleaseIntArrayElements in Java_sun_awt_X11_XlibWrapper_SetBitmapShape XlbWrapper.c to early return \+ JDK-8318971: Better Error Handling for Jar Tool When Processing Non-existent Files \+ JDK-8318983: Fix comment typo in PKCS12Passwd.java \+ JDK-8319124: Update XML Security for Java to 3.0.3 \+ JDK-8319456: jdk/jfr/event/gc/collection/ /TestGCCauseWith[Serial|Parallel].java : GC cause 'GCLocker Initiated GC' not in the valid causes \+ JDK-8319668: Fixup of jar filename typo in BadFactoryTest.sh \+ JDK-8320001: javac crashes while adding type annotations to the return type of a constructor \+ JDK-8320208: Update Public Suffix List to b5bf572 \+ JDK-8320363: ppc64 TypeEntries::type_unknown logic looks wrong, missed optimization opportunity \+ JDK-8320597: RSA signature verification fails on signed data that does not encode params correctly \+ JDK-8320798: Console read line with zero out should zero out underlying buffer \+ JDK-8320884: Bump update version for OpenJDK: jdk-11.0.23 \+ JDK-8320937: support latest VS2022 MSC_VER in abstract_vm_version.cpp \+ JDK-8321151: JDK-8294427 breaks Windows L&F on all older Windows versions \+ JDK-8321215: Incorrect x86 instruction encoding for VSIB addressing mode \+ JDK-8321408: Add Certainly roots R1 and E1 \+ JDK-8321480: ISO 4217 Amendment 176 Update \+ JDK-8322178: Error. can't find jdk.testlibrary .SimpleSSLContext in test directory or libraries \+ JDK-8322417: Console read line with zero out should zero out when throwing exception \+ JDK-8322725: (tz) Update Timezone Data to 2023d \+ JDK-8322750: Test "api/java_awt/interactive/ /SystemTrayTests.html" failed because A blue ball icon is added outside of the system tray \+ JDK-8322752: [11u] GetStackTraceAndRetransformTest.java is failing assert \+ JDK-8322772: Clean up code after JDK-8322417 \+ JDK-8323008: filter out harmful -std_ flags added by autoconf from CXX \+ JDK-8323243: JNI invocation of an abstract instance method corrupts the stack \+ JDK-8323515: Create test alias "all" for all test roots \+ JDK-8323640: [TESTBUG]testMemoryFailCount in jdk/internal/ /platform/docker/TestDockerMemoryMetrics.java always fail because OOM killed \+ JDK-8324184: Windows VS2010 build failed with "error C2275: 'int64_t'" \+ JDK-8324307: [11u] hotspot fails to build with GCC 12 and newer (non-static data member initializers) \+ JDK-8324347: Enable "maybe- uninitialized" warning for FreeType 2.13.1 \+ JDK-8324659: GHA: Generic jtreg errors are not reported \+ JDK-8325096: Test java/security/cert/CertPathBuilder/akiExt/ /AKISerialNumber.java is failing \+ JDK-8325150: (tz) Update Timezone Data to 2024a \+ JDK-8326109: GCC 13 reports maybe-uninitialized warnings for jni.cpp with dtrace enabled \+ JDK-8326503: [11u] java/net/HttpURLConnection/ /HttpURLConnectionExpectContinueTest.java fail because of package org.junit.jupiter.api does not exist \+ JDK-8327391: Add SipHash attribution file \+ JDK-8329837: [11u] Remove designator DEFAULT_PROMOTED_VERSION_PRE=ea for release 11.0.23 * Removed the possibility to use the system timezone-java (bsc#1213470). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1452=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1452=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1452=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * java-11-openjdk-debuginfo-11.0.23.0-3.75.1 * java-11-openjdk-devel-11.0.23.0-3.75.1 * java-11-openjdk-debugsource-11.0.23.0-3.75.1 * java-11-openjdk-demo-11.0.23.0-3.75.1 * java-11-openjdk-11.0.23.0-3.75.1 * java-11-openjdk-headless-11.0.23.0-3.75.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * java-11-openjdk-debuginfo-11.0.23.0-3.75.1 * java-11-openjdk-devel-11.0.23.0-3.75.1 * java-11-openjdk-debugsource-11.0.23.0-3.75.1 * java-11-openjdk-demo-11.0.23.0-3.75.1 * java-11-openjdk-11.0.23.0-3.75.1 * java-11-openjdk-headless-11.0.23.0-3.75.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * java-11-openjdk-debuginfo-11.0.23.0-3.75.1 * java-11-openjdk-devel-11.0.23.0-3.75.1 * java-11-openjdk-debugsource-11.0.23.0-3.75.1 * java-11-openjdk-demo-11.0.23.0-3.75.1 * java-11-openjdk-11.0.23.0-3.75.1 * java-11-openjdk-headless-11.0.23.0-3.75.1 ## References: * https://www.suse.com/security/cve/CVE-2024-21011.html * https://www.suse.com/security/cve/CVE-2024-21012.html * https://www.suse.com/security/cve/CVE-2024-21068.html * https://www.suse.com/security/cve/CVE-2024-21085.html * https://www.suse.com/security/cve/CVE-2024-21094.html * https://bugzilla.suse.com/show_bug.cgi?id=1213470 * https://bugzilla.suse.com/show_bug.cgi?id=1222979 * https://bugzilla.suse.com/show_bug.cgi?id=1222983 * https://bugzilla.suse.com/show_bug.cgi?id=1222984 * https://bugzilla.suse.com/show_bug.cgi?id=1222986 * https://bugzilla.suse.com/show_bug.cgi?id=1222987 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Apr 26 16:30:33 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 26 Apr 2024 16:30:33 -0000 Subject: SUSE-SU-2024:1451-1: low: Security update for java-1_8_0-openjdk Message-ID: <171414903336.13301.13217560484484610808@smelt2.prg2.suse.org> # Security update for java-1_8_0-openjdk Announcement ID: SUSE-SU-2024:1451-1 Rating: low References: * bsc#1213470 * bsc#1222979 * bsc#1222983 * bsc#1222984 * bsc#1222986 Cross-References: * CVE-2024-21011 * CVE-2024-21068 * CVE-2024-21085 * CVE-2024-21094 CVSS scores: * CVE-2024-21011 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-21068 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2024-21085 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-21094 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N Affected Products: * Legacy Module 15-SP5 * openSUSE Leap 15.5 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves four vulnerabilities and has one security fix can now be installed. ## Description: This update for java-1_8_0-openjdk fixes the following issues: * CVE-2024-21011: Fixed denial of service due to long Exception message logging (JDK-8319851,bsc#1222979) * CVE-2024-21068: Fixed integer overflow in C1 compiler address generation (JDK-8322122,bsc#1222983) * CVE-2024-21085: Fixed Pack200 excessive memory allocation (JDK-8322114,bsc#1222984) * CVE-2024-21094: Fixed unauthorized data modification due to C2 compilation failure with "Exceeded _node_regs array" (JDK-8317507,JDK-8325348,bsc#1222986) Other fixes: \- Update to version jdk8u412 (icedtea-3.31.0) (April 2024 CPU) * Security fixes \+ JDK-8318340: Improve RSA key implementations * Import of OpenJDK 8 u412 build 08 \+ JDK-8011180: Delete obsolete scripts \+ JDK-8016451: Scary messages emitted by build.tools.generatenimbus.PainterGenerator during build \+ JDK-8021961: setAlwaysOnTop doesn't behave correctly in Linux/Solaris under certain scenarios \+ JDK-8023735: [TESTBUG][macosx] runtime/XCheckJniJsig/XCheckJSig.java fails on MacOS X \+ JDK-8074860: Structured Exception Catcher missing around CreateJavaVM on Windows \+ JDK-8079441: Intermittent failures on Windows with "Unexpected exit from test [exit code: 1080890248]" (0x406d1388) \+ JDK-8155590: Dubious collection management in sun.net.www.http.KeepAliveCache \+ JDK-8168518: rcache interop with krb5-1.15 \+ JDK-8183503: Update hotspot tests to allow for unique test classes directory \+ JDK-8186095: upgrade to jtreg 4.2 b08 \+ JDK-8186199: [windows] JNI_DestroyJavaVM not covered by SEH \+ JDK-8192931: Regression test java/awt/font/TextLayout/CombiningPerf.java fails \+ JDK-8208655: use JTreg skipped status in hotspot tests \+ JDK-8208701: Fix for JDK-8208655 causes test failures in CI tier1 \+ JDK-8208706: compiler/tiered/ /ConstantGettersTransitionsTest.java fails to compile \+ JDK-8213410: UseCompressedOops requirement check fails fails on 32-bit system \+ JDK-8222323: ChildAlwaysOnTopTest.java fails with "RuntimeException: Failed to unset alwaysOnTop" \+ JDK-8224768: Test ActalisCA.java fails \+ JDK-8251155: HostIdentifier fails to canonicalize hostnames starting with digits \+ JDK-8251551: Use .md filename extension for README \+ JDK-8268678: LetsEncryptCA.java test fails as Let?s Encrypt Authority X3 is retired \+ JDK-8270280: security/infra/java/security/cert/ /CertPathValidator/certification/LetsEncryptCA.java OCSP response error \+ JDK-8270517: Add Zero support for LoongArch \+ JDK-8272708: [Test]: Cleanup: test/jdk/security/infra/java/ /security/cert/CertPathValidator/certification/BuypassCA.java no longer needs ocspEnabled \+ JDK-8276139: TestJpsHostName.java not reliable, better to expand HostIdentifierCreate.java test \+ JDK-8288132: Update test artifacts in QuoVadis CA interop tests \+ JDK-8297955: LDAP CertStore should use LdapName and not String for DNs \+ JDK-8301310: The SendRawSysexMessage test may cause a JVM crash \+ JDK-8308592: Framework for CA interoperability testing \+ JDK-8312126: NullPointerException in CertStore.getCRLs after 8297955 \+ JDK-8315042: NPE in PKCS7.parseOldSignedData \+ JDK-8315757: [8u] Add cacerts JTREG tests to GHA tier1 test set \+ JDK-8320713: Bump update version of OpenJDK: 8u412 \+ JDK-8321060: [8u] hotspot needs to recognise VS2022 \+ JDK-8321408: Add Certainly roots R1 and E1 \+ JDK-8322725: (tz) Update Timezone Data to 2023d \+ JDK-8322750: Test "api/java_awt/interactive/ /SystemTrayTests.html" failed because A blue ball icon is added outside of the system tray \+ JDK-8323202: [8u] Remove get_source.sh and hgforest.sh \+ JDK-8323640: [TESTBUG]testMemoryFailCount in jdk/internal/ /platform/docker/TestDockerMemoryMetrics.java always fail because OOM killed \+ JDK-8324530: Build error with gcc 10 \+ JDK-8325150: (tz) Update Timezone Data to 2024a * Bug fixes \+ Support make 4.4 * Do not recommend timezone-java8 (bsc#1213470) * Use %patch -P N instead of deprecated %patchN. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1451=1 * Legacy Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Legacy-15-SP5-2024-1451=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-1451=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-1451=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-1451=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-1451=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-1451=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-1451=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-1451=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-1451=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-1451=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-1451=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * java-1_8_0-openjdk-devel-debuginfo-1.8.0.412-150000.3.91.1 * java-1_8_0-openjdk-debuginfo-1.8.0.412-150000.3.91.1 * java-1_8_0-openjdk-src-1.8.0.412-150000.3.91.1 * java-1_8_0-openjdk-demo-1.8.0.412-150000.3.91.1 * java-1_8_0-openjdk-accessibility-1.8.0.412-150000.3.91.1 * java-1_8_0-openjdk-headless-1.8.0.412-150000.3.91.1 * java-1_8_0-openjdk-1.8.0.412-150000.3.91.1 * java-1_8_0-openjdk-devel-1.8.0.412-150000.3.91.1 * java-1_8_0-openjdk-debugsource-1.8.0.412-150000.3.91.1 * java-1_8_0-openjdk-headless-debuginfo-1.8.0.412-150000.3.91.1 * java-1_8_0-openjdk-demo-debuginfo-1.8.0.412-150000.3.91.1 * openSUSE Leap 15.5 (noarch) * java-1_8_0-openjdk-javadoc-1.8.0.412-150000.3.91.1 * Legacy Module 15-SP5 (aarch64 ppc64le s390x x86_64) * java-1_8_0-openjdk-devel-debuginfo-1.8.0.412-150000.3.91.1 * java-1_8_0-openjdk-debuginfo-1.8.0.412-150000.3.91.1 * java-1_8_0-openjdk-demo-1.8.0.412-150000.3.91.1 * java-1_8_0-openjdk-headless-1.8.0.412-150000.3.91.1 * java-1_8_0-openjdk-1.8.0.412-150000.3.91.1 * java-1_8_0-openjdk-devel-1.8.0.412-150000.3.91.1 * java-1_8_0-openjdk-debugsource-1.8.0.412-150000.3.91.1 * java-1_8_0-openjdk-headless-debuginfo-1.8.0.412-150000.3.91.1 * java-1_8_0-openjdk-demo-debuginfo-1.8.0.412-150000.3.91.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * java-1_8_0-openjdk-devel-debuginfo-1.8.0.412-150000.3.91.1 * java-1_8_0-openjdk-debuginfo-1.8.0.412-150000.3.91.1 * java-1_8_0-openjdk-demo-1.8.0.412-150000.3.91.1 * java-1_8_0-openjdk-headless-1.8.0.412-150000.3.91.1 * java-1_8_0-openjdk-1.8.0.412-150000.3.91.1 * java-1_8_0-openjdk-devel-1.8.0.412-150000.3.91.1 * java-1_8_0-openjdk-debugsource-1.8.0.412-150000.3.91.1 * java-1_8_0-openjdk-headless-debuginfo-1.8.0.412-150000.3.91.1 * java-1_8_0-openjdk-demo-debuginfo-1.8.0.412-150000.3.91.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * java-1_8_0-openjdk-devel-debuginfo-1.8.0.412-150000.3.91.1 * java-1_8_0-openjdk-debuginfo-1.8.0.412-150000.3.91.1 * java-1_8_0-openjdk-demo-1.8.0.412-150000.3.91.1 * java-1_8_0-openjdk-headless-1.8.0.412-150000.3.91.1 * java-1_8_0-openjdk-1.8.0.412-150000.3.91.1 * java-1_8_0-openjdk-devel-1.8.0.412-150000.3.91.1 * java-1_8_0-openjdk-debugsource-1.8.0.412-150000.3.91.1 * java-1_8_0-openjdk-headless-debuginfo-1.8.0.412-150000.3.91.1 * java-1_8_0-openjdk-demo-debuginfo-1.8.0.412-150000.3.91.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * java-1_8_0-openjdk-devel-debuginfo-1.8.0.412-150000.3.91.1 * java-1_8_0-openjdk-debuginfo-1.8.0.412-150000.3.91.1 * java-1_8_0-openjdk-demo-1.8.0.412-150000.3.91.1 * java-1_8_0-openjdk-headless-1.8.0.412-150000.3.91.1 * java-1_8_0-openjdk-1.8.0.412-150000.3.91.1 * java-1_8_0-openjdk-devel-1.8.0.412-150000.3.91.1 * java-1_8_0-openjdk-debugsource-1.8.0.412-150000.3.91.1 * java-1_8_0-openjdk-headless-debuginfo-1.8.0.412-150000.3.91.1 * java-1_8_0-openjdk-demo-debuginfo-1.8.0.412-150000.3.91.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * java-1_8_0-openjdk-devel-debuginfo-1.8.0.412-150000.3.91.1 * java-1_8_0-openjdk-debuginfo-1.8.0.412-150000.3.91.1 * java-1_8_0-openjdk-demo-1.8.0.412-150000.3.91.1 * java-1_8_0-openjdk-headless-1.8.0.412-150000.3.91.1 * java-1_8_0-openjdk-1.8.0.412-150000.3.91.1 * java-1_8_0-openjdk-devel-1.8.0.412-150000.3.91.1 * java-1_8_0-openjdk-debugsource-1.8.0.412-150000.3.91.1 * java-1_8_0-openjdk-headless-debuginfo-1.8.0.412-150000.3.91.1 * java-1_8_0-openjdk-demo-debuginfo-1.8.0.412-150000.3.91.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * java-1_8_0-openjdk-devel-debuginfo-1.8.0.412-150000.3.91.1 * java-1_8_0-openjdk-debuginfo-1.8.0.412-150000.3.91.1 * java-1_8_0-openjdk-demo-1.8.0.412-150000.3.91.1 * java-1_8_0-openjdk-headless-1.8.0.412-150000.3.91.1 * java-1_8_0-openjdk-1.8.0.412-150000.3.91.1 * java-1_8_0-openjdk-devel-1.8.0.412-150000.3.91.1 * java-1_8_0-openjdk-debugsource-1.8.0.412-150000.3.91.1 * java-1_8_0-openjdk-headless-debuginfo-1.8.0.412-150000.3.91.1 * java-1_8_0-openjdk-demo-debuginfo-1.8.0.412-150000.3.91.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * java-1_8_0-openjdk-devel-debuginfo-1.8.0.412-150000.3.91.1 * java-1_8_0-openjdk-debuginfo-1.8.0.412-150000.3.91.1 * java-1_8_0-openjdk-demo-1.8.0.412-150000.3.91.1 * java-1_8_0-openjdk-headless-1.8.0.412-150000.3.91.1 * java-1_8_0-openjdk-1.8.0.412-150000.3.91.1 * java-1_8_0-openjdk-devel-1.8.0.412-150000.3.91.1 * java-1_8_0-openjdk-debugsource-1.8.0.412-150000.3.91.1 * java-1_8_0-openjdk-headless-debuginfo-1.8.0.412-150000.3.91.1 * java-1_8_0-openjdk-demo-debuginfo-1.8.0.412-150000.3.91.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * java-1_8_0-openjdk-devel-debuginfo-1.8.0.412-150000.3.91.1 * java-1_8_0-openjdk-debuginfo-1.8.0.412-150000.3.91.1 * java-1_8_0-openjdk-demo-1.8.0.412-150000.3.91.1 * java-1_8_0-openjdk-headless-1.8.0.412-150000.3.91.1 * java-1_8_0-openjdk-1.8.0.412-150000.3.91.1 * java-1_8_0-openjdk-devel-1.8.0.412-150000.3.91.1 * java-1_8_0-openjdk-debugsource-1.8.0.412-150000.3.91.1 * java-1_8_0-openjdk-headless-debuginfo-1.8.0.412-150000.3.91.1 * java-1_8_0-openjdk-demo-debuginfo-1.8.0.412-150000.3.91.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * java-1_8_0-openjdk-devel-debuginfo-1.8.0.412-150000.3.91.1 * java-1_8_0-openjdk-debuginfo-1.8.0.412-150000.3.91.1 * java-1_8_0-openjdk-demo-1.8.0.412-150000.3.91.1 * java-1_8_0-openjdk-headless-1.8.0.412-150000.3.91.1 * java-1_8_0-openjdk-1.8.0.412-150000.3.91.1 * java-1_8_0-openjdk-devel-1.8.0.412-150000.3.91.1 * java-1_8_0-openjdk-debugsource-1.8.0.412-150000.3.91.1 * java-1_8_0-openjdk-headless-debuginfo-1.8.0.412-150000.3.91.1 * java-1_8_0-openjdk-demo-debuginfo-1.8.0.412-150000.3.91.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * java-1_8_0-openjdk-devel-debuginfo-1.8.0.412-150000.3.91.1 * java-1_8_0-openjdk-debuginfo-1.8.0.412-150000.3.91.1 * java-1_8_0-openjdk-demo-1.8.0.412-150000.3.91.1 * java-1_8_0-openjdk-headless-1.8.0.412-150000.3.91.1 * java-1_8_0-openjdk-1.8.0.412-150000.3.91.1 * java-1_8_0-openjdk-devel-1.8.0.412-150000.3.91.1 * java-1_8_0-openjdk-debugsource-1.8.0.412-150000.3.91.1 * java-1_8_0-openjdk-headless-debuginfo-1.8.0.412-150000.3.91.1 * java-1_8_0-openjdk-demo-debuginfo-1.8.0.412-150000.3.91.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * java-1_8_0-openjdk-devel-debuginfo-1.8.0.412-150000.3.91.1 * java-1_8_0-openjdk-debuginfo-1.8.0.412-150000.3.91.1 * java-1_8_0-openjdk-demo-1.8.0.412-150000.3.91.1 * java-1_8_0-openjdk-headless-1.8.0.412-150000.3.91.1 * java-1_8_0-openjdk-1.8.0.412-150000.3.91.1 * java-1_8_0-openjdk-devel-1.8.0.412-150000.3.91.1 * java-1_8_0-openjdk-debugsource-1.8.0.412-150000.3.91.1 * java-1_8_0-openjdk-headless-debuginfo-1.8.0.412-150000.3.91.1 * java-1_8_0-openjdk-demo-debuginfo-1.8.0.412-150000.3.91.1 ## References: * https://www.suse.com/security/cve/CVE-2024-21011.html * https://www.suse.com/security/cve/CVE-2024-21068.html * https://www.suse.com/security/cve/CVE-2024-21085.html * https://www.suse.com/security/cve/CVE-2024-21094.html * https://bugzilla.suse.com/show_bug.cgi?id=1213470 * https://bugzilla.suse.com/show_bug.cgi?id=1222979 * https://bugzilla.suse.com/show_bug.cgi?id=1222983 * https://bugzilla.suse.com/show_bug.cgi?id=1222984 * https://bugzilla.suse.com/show_bug.cgi?id=1222986 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Apr 26 16:30:38 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 26 Apr 2024 16:30:38 -0000 Subject: SUSE-SU-2024:1450-1: low: Security update for java-1_8_0-openjdk Message-ID: <171414903805.13301.3229527802462534969@smelt2.prg2.suse.org> # Security update for java-1_8_0-openjdk Announcement ID: SUSE-SU-2024:1450-1 Rating: low References: * bsc#1213470 * bsc#1222979 * bsc#1222983 * bsc#1222984 * bsc#1222986 Cross-References: * CVE-2024-21011 * CVE-2024-21068 * CVE-2024-21085 * CVE-2024-21094 CVSS scores: * CVE-2024-21011 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-21068 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2024-21085 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-21094 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves four vulnerabilities and has one security fix can now be installed. ## Description: This update for java-1_8_0-openjdk fixes the following issues: * CVE-2024-21011: Fixed denial of service due to long Exception message logging (JDK-8319851,bsc#1222979) * CVE-2024-21068: Fixed integer overflow in C1 compiler address generation (JDK-8322122,bsc#1222983) * CVE-2024-21085: Fixed Pack200 excessive memory allocation (JDK-8322114,bsc#1222984) * CVE-2024-21094: Fixed unauthorized data modification due to C2 compilation failure with "Exceeded _node_regs array" (JDK-8317507,JDK-8325348,bsc#1222986) Other fixes: \- Update to version jdk8u412 (icedtea-3.31.0) (April 2024 CPU) * Security fixes \+ JDK-8318340: Improve RSA key implementations * Import of OpenJDK 8 u412 build 08 \+ JDK-8011180: Delete obsolete scripts \+ JDK-8016451: Scary messages emitted by build.tools.generatenimbus.PainterGenerator during build \+ JDK-8021961: setAlwaysOnTop doesn't behave correctly in Linux/Solaris under certain scenarios \+ JDK-8023735: [TESTBUG][macosx] runtime/XCheckJniJsig/XCheckJSig.java fails on MacOS X \+ JDK-8074860: Structured Exception Catcher missing around CreateJavaVM on Windows \+ JDK-8079441: Intermittent failures on Windows with "Unexpected exit from test [exit code: 1080890248]" (0x406d1388) \+ JDK-8155590: Dubious collection management in sun.net.www.http.KeepAliveCache \+ JDK-8168518: rcache interop with krb5-1.15 \+ JDK-8183503: Update hotspot tests to allow for unique test classes directory \+ JDK-8186095: upgrade to jtreg 4.2 b08 \+ JDK-8186199: [windows] JNI_DestroyJavaVM not covered by SEH \+ JDK-8192931: Regression test java/awt/font/TextLayout/CombiningPerf.java fails \+ JDK-8208655: use JTreg skipped status in hotspot tests \+ JDK-8208701: Fix for JDK-8208655 causes test failures in CI tier1 \+ JDK-8208706: compiler/tiered/ /ConstantGettersTransitionsTest.java fails to compile \+ JDK-8213410: UseCompressedOops requirement check fails fails on 32-bit system \+ JDK-8222323: ChildAlwaysOnTopTest.java fails with "RuntimeException: Failed to unset alwaysOnTop" \+ JDK-8224768: Test ActalisCA.java fails \+ JDK-8251155: HostIdentifier fails to canonicalize hostnames starting with digits \+ JDK-8251551: Use .md filename extension for README \+ JDK-8268678: LetsEncryptCA.java test fails as Let?s Encrypt Authority X3 is retired \+ JDK-8270280: security/infra/java/security/cert/ /CertPathValidator/certification/LetsEncryptCA.java OCSP response error \+ JDK-8270517: Add Zero support for LoongArch \+ JDK-8272708: [Test]: Cleanup: test/jdk/security/infra/java/ /security/cert/CertPathValidator/certification/BuypassCA.java no longer needs ocspEnabled \+ JDK-8276139: TestJpsHostName.java not reliable, better to expand HostIdentifierCreate.java test \+ JDK-8288132: Update test artifacts in QuoVadis CA interop tests \+ JDK-8297955: LDAP CertStore should use LdapName and not String for DNs \+ JDK-8301310: The SendRawSysexMessage test may cause a JVM crash \+ JDK-8308592: Framework for CA interoperability testing \+ JDK-8312126: NullPointerException in CertStore.getCRLs after 8297955 \+ JDK-8315042: NPE in PKCS7.parseOldSignedData \+ JDK-8315757: [8u] Add cacerts JTREG tests to GHA tier1 test set \+ JDK-8320713: Bump update version of OpenJDK: 8u412 \+ JDK-8321060: [8u] hotspot needs to recognise VS2022 \+ JDK-8321408: Add Certainly roots R1 and E1 \+ JDK-8322725: (tz) Update Timezone Data to 2023d \+ JDK-8322750: Test "api/java_awt/interactive/ /SystemTrayTests.html" failed because A blue ball icon is added outside of the system tray \+ JDK-8323202: [8u] Remove get_source.sh and hgforest.sh \+ JDK-8323640: [TESTBUG]testMemoryFailCount in jdk/internal/ /platform/docker/TestDockerMemoryMetrics.java always fail because OOM killed \+ JDK-8324530: Build error with gcc 10 \+ JDK-8325150: (tz) Update Timezone Data to 2024a * Bug fixes \+ Support make 4.4 * Do not recommend timezone-java8 (bsc#1213470) * Use %patch -P N instead of deprecated %patchN. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1450=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1450=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1450=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * java-1_8_0-openjdk-demo-debuginfo-1.8.0.412-27.99.1 * java-1_8_0-openjdk-devel-1.8.0.412-27.99.1 * java-1_8_0-openjdk-devel-debuginfo-1.8.0.412-27.99.1 * java-1_8_0-openjdk-debuginfo-1.8.0.412-27.99.1 * java-1_8_0-openjdk-debugsource-1.8.0.412-27.99.1 * java-1_8_0-openjdk-headless-debuginfo-1.8.0.412-27.99.1 * java-1_8_0-openjdk-1.8.0.412-27.99.1 * java-1_8_0-openjdk-demo-1.8.0.412-27.99.1 * java-1_8_0-openjdk-headless-1.8.0.412-27.99.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * java-1_8_0-openjdk-demo-debuginfo-1.8.0.412-27.99.1 * java-1_8_0-openjdk-devel-1.8.0.412-27.99.1 * java-1_8_0-openjdk-devel-debuginfo-1.8.0.412-27.99.1 * java-1_8_0-openjdk-debuginfo-1.8.0.412-27.99.1 * java-1_8_0-openjdk-debugsource-1.8.0.412-27.99.1 * java-1_8_0-openjdk-headless-debuginfo-1.8.0.412-27.99.1 * java-1_8_0-openjdk-1.8.0.412-27.99.1 * java-1_8_0-openjdk-demo-1.8.0.412-27.99.1 * java-1_8_0-openjdk-headless-1.8.0.412-27.99.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * java-1_8_0-openjdk-demo-debuginfo-1.8.0.412-27.99.1 * java-1_8_0-openjdk-devel-1.8.0.412-27.99.1 * java-1_8_0-openjdk-devel-debuginfo-1.8.0.412-27.99.1 * java-1_8_0-openjdk-debuginfo-1.8.0.412-27.99.1 * java-1_8_0-openjdk-debugsource-1.8.0.412-27.99.1 * java-1_8_0-openjdk-headless-debuginfo-1.8.0.412-27.99.1 * java-1_8_0-openjdk-1.8.0.412-27.99.1 * java-1_8_0-openjdk-demo-1.8.0.412-27.99.1 * java-1_8_0-openjdk-headless-1.8.0.412-27.99.1 ## References: * https://www.suse.com/security/cve/CVE-2024-21011.html * https://www.suse.com/security/cve/CVE-2024-21068.html * https://www.suse.com/security/cve/CVE-2024-21085.html * https://www.suse.com/security/cve/CVE-2024-21094.html * https://bugzilla.suse.com/show_bug.cgi?id=1213470 * https://bugzilla.suse.com/show_bug.cgi?id=1222979 * https://bugzilla.suse.com/show_bug.cgi?id=1222983 * https://bugzilla.suse.com/show_bug.cgi?id=1222984 * https://bugzilla.suse.com/show_bug.cgi?id=1222986 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Apr 29 12:30:05 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 29 Apr 2024 12:30:05 -0000 Subject: SUSE-SU-2024:1462-1: important: Security update for shim Message-ID: <171439380526.2366.2367261378530491554@smelt2.prg2.suse.org> # Security update for shim Announcement ID: SUSE-SU-2024:1462-1 Rating: important References: * bsc#1198101 * bsc#1205588 * bsc#1205855 * bsc#1210382 * bsc#1213945 * bsc#1215098 * bsc#1215099 * bsc#1215100 * bsc#1215101 * bsc#1215102 * bsc#1215103 * bsc#1219460 * jsc#PED-922 Cross-References: * CVE-2022-28737 * CVE-2023-40546 * CVE-2023-40547 * CVE-2023-40548 * CVE-2023-40549 * CVE-2023-40550 * CVE-2023-40551 CVSS scores: * CVE-2022-28737 ( SUSE ): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2022-28737 ( NVD ): 6.5 CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H * CVE-2023-40546 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-40546 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-40547 ( SUSE ): 7.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H * CVE-2023-40547 ( NVD ): 8.3 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H * CVE-2023-40548 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2023-40548 ( NVD ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2023-40549 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-40549 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-40550 ( SUSE ): 4.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H * CVE-2023-40550 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2023-40551 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-40551 ( NVD ): 5.1 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves seven vulnerabilities, contains one feature and has five security fixes can now be installed. ## Description: This update for shim fixes the following issues: * Update shim-install to set the TPM2 SRK algorithm (bsc#1213945) * Limit the requirement of fde-tpm-helper-macros to the distro with suse_version 1600 and above (bsc#1219460) Update to version 15.8: Security issues fixed: * mok: fix LogError() invocation (bsc#1215099,CVE-2023-40546) * avoid incorrectly trusting HTTP headers (bsc#1215098,CVE-2023-40547) * Fix integer overflow on SBAT section size on 32-bit system (bsc#1215100,CVE-2023-40548) * Authenticode: verify that the signature header is in bounds (bsc#1215101,CVE-2023-40549) * pe: Fix an out-of-bound read in verify_buffer_sbat() (bsc#1215102,CVE-2023-40550) * pe-relocate: Fix bounds check for MZ binaries (bsc#1215103,CVE-2023-40551) The NX flag is disable which is same as the default value of shim-15.8, hence, not need to enable it by this patch now. * Generate dbx during build so we don't include binary files in sources * Don't require grub so shim can still be used with systemd-boot * Update shim-install to fix boot failure of ext4 root file system on RAID10 (bsc#1205855) * Adopt the macros from fde-tpm-helper-macros to update the signature in the sealed key after a bootloader upgrade * Update shim-install to amend full disk encryption support * Adopt TPM 2.0 Key File for grub2 TPM 2.0 protector * Use the long name to specify the grub2 key protector * cryptodisk: support TPM authorized policies * Do not use tpm_record_pcrs unless the command is in command.lst * Removed POST_PROCESS_PE_FLAGS=-N from the build command in shim.spec to enable the NX compatibility flag when using post-process-pe after discussed with grub2 experts in mail. It's useful for further development and testing. (bsc#1205588) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1462=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1462=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1462=1 ## Package List: * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (x86_64) * shim-15.8-25.30.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (x86_64) * shim-15.8-25.30.1 * SUSE Linux Enterprise Server 12 SP5 (x86_64) * shim-15.8-25.30.1 ## References: * https://www.suse.com/security/cve/CVE-2022-28737.html * https://www.suse.com/security/cve/CVE-2023-40546.html * https://www.suse.com/security/cve/CVE-2023-40547.html * https://www.suse.com/security/cve/CVE-2023-40548.html * https://www.suse.com/security/cve/CVE-2023-40549.html * https://www.suse.com/security/cve/CVE-2023-40550.html * https://www.suse.com/security/cve/CVE-2023-40551.html * https://bugzilla.suse.com/show_bug.cgi?id=1198101 * https://bugzilla.suse.com/show_bug.cgi?id=1205588 * https://bugzilla.suse.com/show_bug.cgi?id=1205855 * https://bugzilla.suse.com/show_bug.cgi?id=1210382 * https://bugzilla.suse.com/show_bug.cgi?id=1213945 * https://bugzilla.suse.com/show_bug.cgi?id=1215098 * https://bugzilla.suse.com/show_bug.cgi?id=1215099 * https://bugzilla.suse.com/show_bug.cgi?id=1215100 * https://bugzilla.suse.com/show_bug.cgi?id=1215101 * https://bugzilla.suse.com/show_bug.cgi?id=1215102 * https://bugzilla.suse.com/show_bug.cgi?id=1215103 * https://bugzilla.suse.com/show_bug.cgi?id=1219460 * https://jira.suse.com/browse/PED-922 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Apr 29 12:30:10 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 29 Apr 2024 12:30:10 -0000 Subject: SUSE-SU-2024:1461-1: important: Security update for shim Message-ID: <171439381072.2366.8435905895111077946@smelt2.prg2.suse.org> # Security update for shim Announcement ID: SUSE-SU-2024:1461-1 Rating: important References: * bsc#1198101 * bsc#1205588 * bsc#1205855 * bsc#1210382 * bsc#1213945 * bsc#1215098 * bsc#1215099 * bsc#1215100 * bsc#1215101 * bsc#1215102 * bsc#1215103 * bsc#1219460 * jsc#PED-922 Cross-References: * CVE-2022-28737 * CVE-2023-40546 * CVE-2023-40547 * CVE-2023-40548 * CVE-2023-40549 * CVE-2023-40550 * CVE-2023-40551 CVSS scores: * CVE-2022-28737 ( SUSE ): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2022-28737 ( NVD ): 6.5 CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H * CVE-2023-40546 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-40546 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-40547 ( SUSE ): 7.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H * CVE-2023-40547 ( NVD ): 8.3 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H * CVE-2023-40548 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2023-40548 ( NVD ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2023-40549 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-40549 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-40550 ( SUSE ): 4.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H * CVE-2023-40550 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2023-40551 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-40551 ( NVD ): 5.1 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 An update that solves seven vulnerabilities, contains one feature and has five security fixes can now be installed. ## Description: This update for shim fixes the following issues: * Update shim-install to set the TPM2 SRK algorithm (bsc#1213945) * Limit the requirement of fde-tpm-helper-macros to the distro with suse_version 1600 and above (bsc#1219460) Update to version 15.8: Security issues fixed: * mok: fix LogError() invocation (bsc#1215099,CVE-2023-40546) * avoid incorrectly trusting HTTP headers (bsc#1215098,CVE-2023-40547) * Fix integer overflow on SBAT section size on 32-bit system (bsc#1215100,CVE-2023-40548) * Authenticode: verify that the signature header is in bounds (bsc#1215101,CVE-2023-40549) * pe: Fix an out-of-bound read in verify_buffer_sbat() (bsc#1215102,CVE-2023-40550) * pe-relocate: Fix bounds check for MZ binaries (bsc#1215103,CVE-2023-40551) The NX flag is disable which is same as the default value of shim-15.8, hence, not need to enable it by this patch now. * Generate dbx during build so we don't include binary files in sources * Don't require grub so shim can still be used with systemd-boot * Update shim-install to fix boot failure of ext4 root file system on RAID10 (bsc#1205855) * Adopt the macros from fde-tpm-helper-macros to update the signature in the sealed key after a bootloader upgrade * Update shim-install to amend full disk encryption support * Adopt TPM 2.0 Key File for grub2 TPM 2.0 protector * Use the long name to specify the grub2 key protector * cryptodisk: support TPM authorized policies * Do not use tpm_record_pcrs unless the command is in command.lst * Removed POST_PROCESS_PE_FLAGS=-N from the build command in shim.spec to enable the NX compatibility flag when using post-process-pe after discussed with grub2 experts in mail. It's useful for further development and testing. (bsc#1205588) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-1461=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-1461=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-1461=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (x86_64) * shim-15.8-150100.3.38.1 * shim-debuginfo-15.8-150100.3.38.1 * shim-debugsource-15.8-150100.3.38.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (x86_64) * shim-15.8-150100.3.38.1 * shim-debuginfo-15.8-150100.3.38.1 * shim-debugsource-15.8-150100.3.38.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (x86_64) * shim-15.8-150100.3.38.1 * shim-debuginfo-15.8-150100.3.38.1 * shim-debugsource-15.8-150100.3.38.1 ## References: * https://www.suse.com/security/cve/CVE-2022-28737.html * https://www.suse.com/security/cve/CVE-2023-40546.html * https://www.suse.com/security/cve/CVE-2023-40547.html * https://www.suse.com/security/cve/CVE-2023-40548.html * https://www.suse.com/security/cve/CVE-2023-40549.html * https://www.suse.com/security/cve/CVE-2023-40550.html * https://www.suse.com/security/cve/CVE-2023-40551.html * https://bugzilla.suse.com/show_bug.cgi?id=1198101 * https://bugzilla.suse.com/show_bug.cgi?id=1205588 * https://bugzilla.suse.com/show_bug.cgi?id=1205855 * https://bugzilla.suse.com/show_bug.cgi?id=1210382 * https://bugzilla.suse.com/show_bug.cgi?id=1213945 * https://bugzilla.suse.com/show_bug.cgi?id=1215098 * https://bugzilla.suse.com/show_bug.cgi?id=1215099 * https://bugzilla.suse.com/show_bug.cgi?id=1215100 * https://bugzilla.suse.com/show_bug.cgi?id=1215101 * https://bugzilla.suse.com/show_bug.cgi?id=1215102 * https://bugzilla.suse.com/show_bug.cgi?id=1215103 * https://bugzilla.suse.com/show_bug.cgi?id=1219460 * https://jira.suse.com/browse/PED-922 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Apr 29 16:30:33 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 29 Apr 2024 16:30:33 -0000 Subject: SUSE-SU-2024:1466-1: important: Security update for the Linux Kernel Message-ID: <171440823365.13848.12489794883994853571@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2024:1466-1 Rating: important References: * bsc#1194869 * bsc#1200465 * bsc#1205316 * bsc#1207948 * bsc#1209635 * bsc#1209657 * bsc#1212514 * bsc#1213456 * bsc#1214852 * bsc#1215221 * bsc#1215322 * bsc#1217339 * bsc#1217829 * bsc#1217959 * bsc#1217987 * bsc#1217988 * bsc#1217989 * bsc#1218321 * bsc#1218336 * bsc#1218479 * bsc#1218562 * bsc#1218643 * bsc#1218777 * bsc#1219169 * bsc#1219170 * bsc#1219264 * bsc#1219834 * bsc#1220114 * bsc#1220176 * bsc#1220237 * bsc#1220251 * bsc#1220320 * bsc#1220325 * bsc#1220328 * bsc#1220337 * bsc#1220340 * bsc#1220365 * bsc#1220366 * bsc#1220398 * bsc#1220411 * bsc#1220413 * bsc#1220433 * bsc#1220439 * bsc#1220443 * bsc#1220445 * bsc#1220466 * bsc#1220469 * bsc#1220478 * bsc#1220482 * bsc#1220484 * bsc#1220486 * bsc#1220487 * bsc#1220492 * bsc#1220703 * bsc#1220735 * bsc#1220736 * bsc#1220775 * bsc#1220790 * bsc#1220797 * bsc#1220831 * bsc#1220833 * bsc#1220836 * bsc#1220839 * bsc#1220840 * bsc#1220843 * bsc#1220845 * bsc#1220848 * bsc#1220870 * bsc#1220871 * bsc#1220872 * bsc#1220878 * bsc#1220879 * bsc#1220883 * bsc#1220885 * bsc#1220887 * bsc#1220898 * bsc#1220917 * bsc#1220918 * bsc#1220920 * bsc#1220921 * bsc#1220926 * bsc#1220927 * bsc#1220929 * bsc#1220930 * bsc#1220931 * bsc#1220932 * bsc#1220933 * bsc#1220937 * bsc#1220938 * bsc#1220940 * bsc#1220954 * bsc#1220955 * bsc#1220959 * bsc#1220960 * bsc#1220961 * bsc#1220965 * bsc#1220969 * bsc#1220978 * bsc#1220979 * bsc#1220981 * bsc#1220982 * bsc#1220983 * bsc#1220985 * bsc#1220986 * bsc#1220987 * bsc#1220989 * bsc#1220990 * bsc#1221009 * bsc#1221012 * bsc#1221015 * bsc#1221022 * bsc#1221039 * bsc#1221040 * bsc#1221044 * bsc#1221045 * bsc#1221046 * bsc#1221048 * bsc#1221055 * bsc#1221056 * bsc#1221058 * bsc#1221060 * bsc#1221061 * bsc#1221062 * bsc#1221066 * bsc#1221067 * bsc#1221068 * bsc#1221069 * bsc#1221070 * bsc#1221071 * bsc#1221077 * bsc#1221082 * bsc#1221090 * bsc#1221097 * bsc#1221156 * bsc#1221252 * bsc#1221273 * bsc#1221274 * bsc#1221276 * bsc#1221277 * bsc#1221291 * bsc#1221293 * bsc#1221298 * bsc#1221337 * bsc#1221338 * bsc#1221375 * bsc#1221379 * bsc#1221551 * bsc#1221553 * bsc#1221613 * bsc#1221614 * bsc#1221616 * bsc#1221618 * bsc#1221631 * bsc#1221633 * bsc#1221713 * bsc#1221725 * bsc#1221777 * bsc#1221814 * bsc#1221816 * bsc#1221830 * bsc#1221951 * bsc#1222033 * bsc#1222056 * bsc#1222060 * bsc#1222070 * bsc#1222073 * bsc#1222117 * bsc#1222274 * bsc#1222291 * bsc#1222300 * bsc#1222304 * bsc#1222317 * bsc#1222331 * bsc#1222355 * bsc#1222356 * bsc#1222360 * bsc#1222366 * bsc#1222373 * bsc#1222619 * bsc#1222952 * jsc#PED-5759 * jsc#PED-7167 * jsc#PED-7618 * jsc#PED-7619 Cross-References: * CVE-2021-46925 * CVE-2021-46926 * CVE-2021-46927 * CVE-2021-46929 * CVE-2021-46930 * CVE-2021-46931 * CVE-2021-46933 * CVE-2021-46934 * CVE-2021-46936 * CVE-2021-47082 * CVE-2021-47083 * CVE-2021-47087 * CVE-2021-47091 * CVE-2021-47093 * CVE-2021-47094 * CVE-2021-47095 * CVE-2021-47096 * CVE-2021-47097 * CVE-2021-47098 * CVE-2021-47099 * CVE-2021-47100 * CVE-2021-47101 * CVE-2021-47102 * CVE-2021-47104 * CVE-2021-47105 * CVE-2021-47107 * CVE-2021-47108 * CVE-2022-4744 * CVE-2022-48626 * CVE-2022-48627 * CVE-2022-48628 * CVE-2022-48629 * CVE-2022-48630 * CVE-2023-0160 * CVE-2023-28746 * CVE-2023-35827 * CVE-2023-4881 * CVE-2023-52447 * CVE-2023-52450 * CVE-2023-52453 * CVE-2023-52454 * CVE-2023-52462 * CVE-2023-52463 * CVE-2023-52467 * CVE-2023-52469 * CVE-2023-52470 * CVE-2023-52474 * CVE-2023-52476 * CVE-2023-52477 * CVE-2023-52481 * CVE-2023-52482 * CVE-2023-52484 * CVE-2023-52486 * CVE-2023-52492 * CVE-2023-52493 * CVE-2023-52494 * CVE-2023-52497 * CVE-2023-52500 * CVE-2023-52501 * CVE-2023-52502 * CVE-2023-52504 * CVE-2023-52507 * CVE-2023-52508 * CVE-2023-52509 * CVE-2023-52510 * CVE-2023-52511 * CVE-2023-52513 * CVE-2023-52515 * CVE-2023-52517 * CVE-2023-52518 * CVE-2023-52519 * CVE-2023-52520 * CVE-2023-52523 * CVE-2023-52524 * CVE-2023-52525 * CVE-2023-52528 * CVE-2023-52529 * CVE-2023-52530 * CVE-2023-52531 * CVE-2023-52532 * CVE-2023-52559 * CVE-2023-52563 * CVE-2023-52564 * CVE-2023-52566 * CVE-2023-52567 * CVE-2023-52569 * CVE-2023-52574 * CVE-2023-52575 * CVE-2023-52576 * CVE-2023-52582 * CVE-2023-52583 * CVE-2023-52587 * CVE-2023-52591 * CVE-2023-52594 * CVE-2023-52595 * CVE-2023-52597 * CVE-2023-52598 * CVE-2023-52599 * CVE-2023-52600 * CVE-2023-52601 * CVE-2023-52602 * CVE-2023-52603 * CVE-2023-52604 * CVE-2023-52605 * CVE-2023-52606 * CVE-2023-52607 * CVE-2023-52608 * CVE-2023-52612 * CVE-2023-52615 * CVE-2023-52617 * CVE-2023-52619 * CVE-2023-52621 * CVE-2023-52623 * CVE-2023-52628 * CVE-2023-52632 * CVE-2023-52637 * CVE-2023-52639 * CVE-2023-6270 * CVE-2023-6356 * CVE-2023-6535 * CVE-2023-6536 * CVE-2023-7042 * CVE-2023-7192 * CVE-2024-0841 * CVE-2024-2201 * CVE-2024-22099 * CVE-2024-23307 * CVE-2024-25739 * CVE-2024-25742 * CVE-2024-26599 * CVE-2024-26600 * CVE-2024-26602 * CVE-2024-26607 * CVE-2024-26612 * CVE-2024-26614 * CVE-2024-26620 * CVE-2024-26627 * CVE-2024-26629 * CVE-2024-26642 * CVE-2024-26645 * CVE-2024-26646 * CVE-2024-26651 * CVE-2024-26654 * CVE-2024-26659 * CVE-2024-26664 * CVE-2024-26667 * CVE-2024-26670 * CVE-2024-26695 * CVE-2024-26717 CVSS scores: * CVE-2021-46925 ( SUSE ): 5.3 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46925 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46926 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46927 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46927 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46929 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2021-46929 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46930 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2021-46930 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46931 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46931 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46933 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2021-46933 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46934 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2021-46934 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N * CVE-2021-46936 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46936 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47082 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47083 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L * CVE-2021-47087 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2021-47091 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47093 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H * CVE-2021-47094 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2021-47095 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47096 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2021-47097 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2021-47099 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47100 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47101 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2021-47102 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47104 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2021-47105 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2021-47107 ( SUSE ): 6.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2021-47108 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-4744 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-4744 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48626 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2022-48626 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48627 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2022-48628 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L * CVE-2022-48629 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2022-48630 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-0160 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-0160 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-28746 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2023-35827 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-4881 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L * CVE-2023-4881 ( NVD ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2023-52447 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52447 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52450 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52450 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52454 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52454 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52462 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N * CVE-2023-52462 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2023-52463 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52463 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52467 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52467 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52469 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2023-52469 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52470 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52470 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52474 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N * CVE-2023-52474 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52476 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52477 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52482 ( SUSE ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2023-52484 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52486 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52492 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52493 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52494 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52497 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2023-52500 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2023-52501 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2023-52502 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52504 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52507 ( SUSE ): 5.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2023-52508 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52509 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52510 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52511 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52513 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52515 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52517 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52518 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52519 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52520 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52523 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52524 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52525 ( SUSE ): 3.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2023-52528 ( SUSE ): 3.5 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L * CVE-2023-52529 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52530 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52531 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52532 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52559 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52563 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52564 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52566 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52567 ( SUSE ): 2.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L * CVE-2023-52569 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52574 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52575 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52576 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52582 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52583 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52587 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52591 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2023-52594 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52595 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52597 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:H * CVE-2023-52598 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52603 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52605 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52606 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52607 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52608 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52612 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H * CVE-2023-52615 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52617 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52619 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52621 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52623 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52628 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52632 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52637 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52639 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6270 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6270 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6356 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6356 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6535 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6535 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6536 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6536 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-7042 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-7042 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-7192 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-7192 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0841 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0841 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-2201 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-22099 ( SUSE ): 5.3 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-22099 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-23307 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-25739 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-25739 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-25742 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26599 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L * CVE-2024-26599 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26600 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26600 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26602 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-26602 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26607 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26612 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26614 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26627 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26629 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-26642 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26645 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26646 ( SUSE ): 4.9 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2024-26651 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26654 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26659 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26664 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26667 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26670 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26695 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26717 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Real Time Module 15-SP5 An update that solves 149 vulnerabilities, contains four features and has 31 security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes. NOTE: This update has been retracted due to a bug in the BHI CPU sidechannel mitigation, which led to incorrect selection of other CPU mitigations. The following security bugs were fixed: * CVE-2021-46925: Fixed kernel panic caused by race of smc_sock (bsc#1220466). * CVE-2021-46926: Fixed bug when detecting controllers in ALSA/hda/intel-sdw- acpi (bsc#1220478). * CVE-2021-46927: Fixed assertion bug in nitro_enclaves: Use get_user_pages_unlocked() (bsc#1220443). * CVE-2021-46929: Fixed use-after-free issue in sctp_sock_dump() (bsc#1220482). * CVE-2021-46930: Fixed usb/mtu3 list_head check warning (bsc#1220484). * CVE-2021-46931: Fixed wrong type casting in mlx5e_tx_reporter_dump_sq() (bsc#1220486). * CVE-2021-46933: Fixed possible underflow in ffs_data_clear() (bsc#1220487). * CVE-2021-46934: Fixed a bug by validating user data in compat ioctl (bsc#1220469). * CVE-2021-46936: Fixed use-after-free in tw_timer_handler() (bsc#1220439). * CVE-2021-47082: Fixed ouble free in tun_free_netdev() (bsc#1220969). * CVE-2021-47083: Fixed a global-out-of-bounds issue in mediatek: (bsc#1220917). * CVE-2021-47087: Fixed incorrect page free bug in tee/optee (bsc#1220954). * CVE-2021-47091: Fixed locking in ieee80211_start_ap()) error path (bsc#1220959). * CVE-2021-47093: Fixed memleak on registration failure in intel_pmc_core (bsc#1220978). * CVE-2021-47094: Fixed possible memory leak in KVM x86/mmu (bsc#1221551). * CVE-2021-47095: Fixed missing initialization in ipmi/ssif (bsc#1220979). * CVE-2021-47096: Fixed uninitalized user_pversion in ALSA rawmidi (bsc#1220981). * CVE-2021-47097: Fixed stack out of bound access in elantech_change_report_id() (bsc#1220982). * CVE-2021-47098: Fixed integer overflow/underflow in hysteresis calculations hwmon: (lm90) (bsc#1220983). * CVE-2021-47099: Fixed BUG_ON assertion in veth when skb entering GRO are cloned (bsc#1220955). * CVE-2021-47100: Fixed UAF when uninstall in ipmi (bsc#1220985). * CVE-2021-47101: Fixed uninit-value in asix_mdio_read() (bsc#1220987). * CVE-2021-47102: Fixed incorrect structure access In line: upper = info->upper_dev in net/marvell/prestera (bsc#1221009). * CVE-2021-47104: Fixed memory leak in qib_user_sdma_queue_pkts() (bsc#1220960). * CVE-2021-47105: Fixed potential memory leak in ice/xsk (bsc#1220961). * CVE-2021-47107: Fixed READDIR buffer overflow in NFSD (bsc#1220965). * CVE-2021-47108: Fixed possible NULL pointer dereference for mtk_hdmi_conf in drm/mediatek (bsc#1220986). * CVE-2022-4744: Fixed double-free that could lead to DoS or privilege escalation in TUN/TAP device driver functionality (bsc#1209635). * CVE-2022-48626: Fixed a potential use-after-free on remove path moxart (bsc#1220366). * CVE-2022-48627: Fixed a memory overlapping when deleting chars in the buffer (bsc#1220845). * CVE-2022-48628: Fixed possible lock in ceph (bsc#1220848). * CVE-2022-48629: Fixed possible memory leak in qcom-rng (bsc#1220989). * CVE-2022-48630: Fixed infinite loop on requests not multiple of WORD_SZ in crypto: qcom-rng (bsc#1220990). * CVE-2023-0160: Fixed deadlock flaw in BPF that could allow a local user to potentially crash the system (bsc#1209657). * CVE-2023-28746: Fixed Register File Data Sampling (bsc#1213456). * CVE-2023-35827: Fixed a use-after-free issue in ravb_tx_timeout_work() (bsc#1212514). * CVE-2023-4881: Fixed a out-of-bounds write flaw in the netfilter subsystem that could lead to potential information disclosure or a denial of service (bsc#1215221). * CVE-2023-52447: Fixed map_fd_put_ptr() signature kABI workaround (bsc#1220251). * CVE-2023-52450: Fixed NULL pointer dereference issue in upi_fill_topology() (bsc#1220237). * CVE-2023-52453: Fixed data corruption in hisi_acc_vfio_pci (bsc#1220337). * CVE-2023-52454: Fixed a kernel panic when host sends an invalid H2C PDU length (bsc#1220320). * CVE-2023-52462: Fixed check for attempt to corrupt spilled pointer (bsc#1220325). * CVE-2023-52463: Fixed null pointer dereference in efivarfs (bsc#1220328). * CVE-2023-52467: Fixed a null pointer dereference in of_syscon_register (bsc#1220433). * CVE-2023-52469: Fixed a use-after-free in kv_parse_power_table (bsc#1220411). * CVE-2023-52470: Fixed null-ptr-deref in radeon_crtc_init() (bsc#1220413). * CVE-2023-52474: Fixed a vulnerability with non-PAGE_SIZE-end multi-iovec user SDMA requests (bsc#1220445). * CVE-2023-52476: Fixed possible unhandled page fault via perf sampling NMI during vsyscall (bsc#1220703). * CVE-2023-52477: Fixed USB Hub accesses to uninitialized BOS descriptors (bsc#1220790). * CVE-2023-52481: Fixed speculative unprivileged load in Cortex-A520 (bsc#1220887). * CVE-2023-52482: Fixed a bug by adding SRSO mitigation for Hygon processors (bsc#1220735). * CVE-2023-52484: Fixed a soft lockup triggered by arm_smmu_mm_invalidate_range (bsc#1220797). * CVE-2023-52486: Fixed possible use-after-free in drm (bsc#1221277). * CVE-2023-52492: Fixed a null-pointer-dereference in channel unregistration function __dma_async_device_channel_register() (bsc#1221276). * CVE-2023-52493: Fixed possible soft lockup in bus/mhi/host (bsc#1221274). * CVE-2023-52494: Fixed missing alignment check for event ring read pointer in bus/mhi/host (bsc#1221273). * CVE-2023-52497: Fixed data corruption in erofs (bsc#1220879). * CVE-2023-52500: Fixed information leaking when processing OPC_INB_SET_CONTROLLER_CONFIG command (bsc#1220883). * CVE-2023-52501: Fixed possible memory corruption in ring-buffer (bsc#1220885). * CVE-2023-52502: Fixed a race condition in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() (bsc#1220831). * CVE-2023-52504: Fixed possible out-of bounds in apply_alternatives() on a 5-level paging machine (bsc#1221553). * CVE-2023-52507: Fixed possible shift-out-of-bounds in nfc/nci (bsc#1220833). * CVE-2023-52508: Fixed null pointer dereference in nvme_fc_io_getuuid() (bsc#1221015). * CVE-2023-52509: Fixed a use-after-free issue in ravb_tx_timeout_work() (bsc#1220836). * CVE-2023-52510: Fixed a potential UAF in ca8210_probe() (bsc#1220898). * CVE-2023-52511: Fixed possible memory corruption in spi/sun6i (bsc#1221012). * CVE-2023-52513: Fixed connection failure handling in RDMA/siw (bsc#1221022). * CVE-2023-52515: Fixed possible use-after-free in RDMA/srp (bsc#1221048). * CVE-2023-52517: Fixed race between DMA RX transfer completion and RX FIFO drain in spi/sun6i (bsc#1221055). * CVE-2023-52518: Fixed information leak in bluetooth/hci_codec (bsc#1221056). * CVE-2023-52519: Fixed possible overflow in HID/intel-ish-hid/ipc (bsc#1220920). * CVE-2023-52520: Fixed reference leak in platform/x86/think-lmi (bsc#1220921). * CVE-2023-52523: Fixed wrong redirects to non-TCP sockets in bpf (bsc#1220926). * CVE-2023-52524: Fixed possible corruption in nfc/llcp (bsc#1220927). * CVE-2023-52525: Fixed out of bounds check mwifiex_process_rx_packet() (bsc#1220840). * CVE-2023-52528: Fixed uninit-value access in __smsc75xx_read_reg() (bsc#1220843). * CVE-2023-52529: Fixed a potential memory leak in sony_probe() (bsc#1220929). * CVE-2023-52530: Fixed a potential key use-after-free in wifi mac80211 (bsc#1220930). * CVE-2023-52531: Fixed a memory corruption issue in iwlwifi (bsc#1220931). * CVE-2023-52532: Fixed a bug in TX CQE error handling (bsc#1220932). * CVE-2023-52559: Fixed a bug by avoiding memory allocation in iommu_suspend (bsc#1220933). * CVE-2023-52563: Fixed memory leak on ->hpd_notify callback() in drm/meson (bsc#1220937). * CVE-2023-52564: Reverted invalid fix for UAF in gsm_cleanup_mux() (bsc#1220938). * CVE-2023-52566: Fixed potential use after free in nilfs_gccache_submit_read_data() (bsc#1220940). * CVE-2023-52567: Fixed possible Oops in serial/8250_port: when using IRQ polling (irq = 0) (bsc#1220839). * CVE-2023-52569: Fixed a bug in btrfs by remoning BUG() after failure to insert delayed dir index item (bsc#1220918). * CVE-2023-52574: Fixed a bug by hiding new member header_ops (bsc#1220870). * CVE-2023-52575: Fixed SBPB enablement for spec_rstack_overflow=off (bsc#1220871). * CVE-2023-52576: Fixed potential use after free in memblock_isolate_range() (bsc#1220872). * CVE-2023-52582: Fixed possible oops in netfs (bsc#1220878). * CVE-2023-52583: Fixed deadlock or deadcode of misusing dget() inside ceph (bsc#1221058). * CVE-2023-52587: Fixed mcast list locking in IB/ipoib (bsc#1221082). * CVE-2023-52591: Fixed a possible reiserfs filesystem corruption via directory renaming (bsc#1221044). * CVE-2023-52594: Fixed potential array-index-out-of-bounds read in ath9k_htc_txstatus() (bsc#1221045). * CVE-2023-52595: Fixed possible deadlock in wifi/rt2x00 (bsc#1221046). * CVE-2023-52597: Fixed a setting of fpc register in KVM (bsc#1221040). * CVE-2023-52598: Fixed wrong setting of fpc register in s390/ptrace (bsc#1221060). * CVE-2023-52599: Fixed array-index-out-of-bounds in diNewExt() in jfs (bsc#1221062). * CVE-2023-52600: Fixed uaf in jfs_evict_inode() (bsc#1221071). * CVE-2023-52601: Fixed array-index-out-of-bounds in dbAdjTree() in jfs (bsc#1221068). * CVE-2023-52602: Fixed slab-out-of-bounds Read in dtSearch() in jfs (bsc#1221070). * CVE-2023-52603: Fixed array-index-out-of-bounds in dtSplitRoot() (bsc#1221066). * CVE-2023-52604: Fixed array-index-out-of-bounds in dbAdjTree() (bsc#1221067). * CVE-2023-52605: Fixed a NULL pointer dereference check (bsc#1221039) * CVE-2023-52606: Fixed possible kernel stack corruption in powerpc/lib (bsc#1221069). * CVE-2023-52607: Fixed a null-pointer-dereference in pgtable_cache_add kasprintf() (bsc#1221061). * CVE-2023-52608: Fixed possible race condition in firmware/arm_scmi (bsc#1221375). * CVE-2023-52612: Fixed req->dst buffer overflow in crypto/scomp (bsc#1221616). * CVE-2023-52615: Fixed page fault dead lock on mmap-ed hwrng (bsc#1221614). * CVE-2023-52617: Fixed stdev_release() crash after surprise hot remove (bsc#1221613). * CVE-2023-52619: Fixed possible crash when setting number of cpus to an odd number in pstore/ram (bsc#1221618). * CVE-2023-52621: Fixed missing asserion in bpf (bsc#1222073). * CVE-2023-52623: Fixed suspicious RCU usage in SUNRPC (bsc#1222060). * CVE-2023-52628: Fixed 4-byte stack OOB write in nftables (bsc#1222117). * CVE-2023-52632: Fixed lock dependency warning with srcu in drm/amdkfd (bsc#1222274). * CVE-2023-52637: Fixed UAF in j1939_sk_match_filter() in can/k1939 (bsc#1222291). * CVE-2023-52639: Fixed race during shadow creation in KVM/s390/vsie Fixed (bsc#1222300). * CVE-2023-6270: Fixed a use-after-free issue in aoecmd_cfg_pkts (bsc#1218562). * CVE-2023-6356: Fixed a NULL pointer dereference in nvmet_tcp_build_pdu_iovec (bsc#1217987). * CVE-2023-6535: Fixed a NULL pointer dereference in nvmet_tcp_execute_request (bsc#1217988). * CVE-2023-6536: Fixed a NULL pointer dereference in __nvmet_req_complete (bsc#1217989). * CVE-2023-7042: Fixed a null-pointer-dereference in ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() (bsc#1218336). * CVE-2023-7192: Fixed a memory leak problem in ctnetlink_create_conntrack in net/netfilter/nf_conntrack_netlink.c (bsc#1218479). * CVE-2024-0841: Fixed a null pointer dereference in the hugetlbfs_fill_super function in hugetlbfs (HugeTLB pages) functionality (bsc#1219264). * CVE-2024-2201: Fixed information leak in x86/BHI (bsc#1217339). * CVE-2024-22099: Fixed a null-pointer-dereference in rfcomm_check_security (bsc#1219170). * CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5 modules (bsc#1219169). * CVE-2024-25739: Fixed possible crash in create_empty_lvol() in drivers/mtd/ubi/vtbl.c (bsc#1219834). * CVE-2024-25742: Fixed insufficient validation during #VC instruction emulation in x86/sev (bsc#1221725). * CVE-2024-26599: Fixed out-of-bounds access in of_pwm_single_xlate() (bsc#1220365). * CVE-2024-26600: Fixed NULL pointer dereference for SRP in phy-omap-usb2 (bsc#1220340). * CVE-2024-26602: Fixed overall slowdowns with sys_membarrier (bsc1220398). * CVE-2024-26607: Fixed a probing race issue in sii902x: (bsc#1220736). * CVE-2024-26612: Fixed Oops in fscache_put_cache() This function dereferences (bsc#1221291). * CVE-2024-26614: Fixed the initialization of accept_queue's spinlocks (bsc#1221293). * CVE-2024-26620: Fixed possible device model violation in s390/vfio-ap (bsc#1221298). * CVE-2024-26627: Fixed possible hard lockup in scsi (bsc#1221090). * CVE-2024-26629: Fixed possible protocol violation via RELEASE_LOCKOWNER in nfsd (bsc#1221379). * CVE-2024-26642: Fixed the set of anonymous timeout flag in netfilter nf_tables (bsc#1221830). * CVE-2024-26645: Fixed missing visibility when inserting an element into tracing_map (bsc#1222056). * CVE-2024-26646: Fixed potential memory corruption when resuming from suspend or hibernation in thermal/intel/hfi (bsc#1222070). * CVE-2024-26651: Fixed possible oops via malicious devices in sr9800 (bsc#1221337). * CVE-2024-26654: Fixed use after free in ALSA/sh/aica (bsc#1222304). * CVE-2024-26659: Fixed wrong handling of isoc Babble and Buffer Overrun events in xhci (bsc#1222317). * CVE-2024-26664: Fixed out-of-bounds memory access in create_core_data() in hwmon coretemp (bsc#1222355). * CVE-2024-26667: Fixed null pointer reference in dpu_encoder_helper_phys_cleanup in drm/msm/dpu (bsc#1222331). * CVE-2024-26670: Fixed ARM64_WORKAROUND_SPECULATIVE_UNPRIV_LOAD workaround in kernel arm64 (bsc#1222356). * CVE-2024-26695: Fixed null pointer dereference in __sev_platform_shutdown_locked in crypto ccp (bsc#1222373). * CVE-2024-26717: Fixed null pointer dereference on failed power up in HID i2c-hid-of (bsc#1222360). The following non-security bugs were fixed: * acpi: CPPC: enable AMD CPPC V2 support for family 17h processors (git- fixes). * acpi: processor_idle: Fix memory leak in acpi_processor_power_exit() (git- fixes). * acpi: resource: Add Infinity laptops to irq1_edge_low_force_override (stable-fixes). * acpi: resource: Add MAIBENBEN X577 to irq1_edge_low_force_override (git- fixes). * acpi: resource: Do IRQ override on Lunnen Ground laptops (stable-fixes). * acpi: scan: Fix device check notification handling (git-fixes). * acpica: debugger: check status of acpi_evaluate_object() in acpi_db_walk_for_fields() (git-fixes). * alsa: aaci: Delete unused variable in aaci_do_suspend (git-fixes). * alsa: aoa: avoid false-positive format truncation warning (git-fixes). * alsa: aw2: avoid casting function pointers (git-fixes). * alsa: ctxfi: avoid casting function pointers (git-fixes). * alsa: hda/realtek - ALC285 reduce pop noise from Headphone port (stable- fixes). * alsa: hda/realtek - Add Headset Mic supported Acer NB platform (stable- fixes). * alsa: hda/realtek - Fix headset Mic no show at resume back for Lenovo ALC897 platform (git-fixes). * alsa: hda/realtek: Enable Mute LED on HP 840 G8 (MB 8AB8) (git-fixes). * alsa: hda/realtek: Update Panasonic CF-SZ6 quirk to support headset with microphone (git-fixes). * alsa: hda/realtek: fix ALC285 issues on HP Envy x360 laptops (stable-fixes). * alsa: hda/realtek: fix mute/micmute LED For HP mt440 (git-fixes). * alsa: hda/realtek: fix mute/micmute LEDs for HP EliteBook (stable-fixes). * alsa: seq: fix function cast warnings (git-fixes). * alsa: sh: aica: reorder cleanup operations to avoid UAF bugs (git-fixes). * alsa: usb-audio: Stop parsing channels bits when all channels are found (git-fixes). * arm64: dts: allwinner: h6: Add RX DMA channel for SPDIF (git-fixes) * arm64: dts: broadcom: bcmbca: bcm4908: drop invalid switch cells (git-fixes) * arm64: dts: imx8mm-kontron: Add support for ultra high speed modes on (git- fixes) * arm64: dts: imx8mm-venice-gw71xx: fix USB OTG VBUS (git-fixes) * arm64: dts: marvell: reorder crypto interrupts on Armada SoCs (git-fixes) * arm64: dts: rockchip: add ES8316 codec for ROCK Pi 4 (git-fixes) * arm64: dts: rockchip: add SPDIF node for ROCK Pi 4 (git-fixes) * arm64: dts: rockchip: fix regulator name on rk3399-rock-4 (git-fixes) * arm64: dts: rockchip: set num-cs property for spi on px30 (git-fixes) * arm64: mm: fix VA-range sanity check (git-fixes) * arm64: set __exception_irq_entry with __irq_entry as a default (git-fixes) * asoc: Intel: bytcr_rt5640: Add an extra entry for the Chuwi Vi8 tablet (stable-fixes). * asoc: amd: acp: Add missing error handling in sof-mach (git-fixes). * asoc: amd: acp: fix for acp_init function error handling (git-fixes). * asoc: madera: Fix typo in madera_set_fll_clks shift value (git-fixes). * asoc: meson: Use dev_err_probe() helper (stable-fixes). * asoc: meson: aiu: fix function pointer type mismatch (git-fixes). * asoc: meson: axg-tdm-interface: add frame rate constraint (git-fixes). * asoc: meson: axg-tdm-interface: fix mclk setup without mclk-fs (git-fixes). * asoc: meson: t9015: fix function pointer type mismatch (git-fixes). * asoc: ops: Fix wraparound for mask in snd_soc_get_volsw (git-fixes). * asoc: rcar: adg: correct TIMSEL setting for SSI9 (git-fixes). * asoc: rt5645: Make LattePanda board DMI match more precise (stable-fixes). * asoc: rt5682-sdw: fix locking sequence (git-fixes). * asoc: rt711-sdca: fix locking sequence (git-fixes). * asoc: rt711-sdw: fix locking sequence (git-fixes). * asoc: wm8962: Enable both SPKOUTR_ENA and SPKOUTL_ENA in mono mode (stable- fixes). * asoc: wm8962: Enable oscillator if selecting WM8962_FLL_OSC (stable-fixes). * asoc: wm8962: Fix up incorrect error message in wm8962_set_fll (stable- fixes). * ata: sata_mv: Fix PCI device ID table declaration compilation warning (git- fixes). * ata: sata_sx4: fix pdc20621_get_from_dimm() on 64-bit (git-fixes). * backlight: da9052: Fully initialize backlight_properties during probe (git- fixes). * backlight: lm3630a: Do not set bl->props.brightness in get_brightness (git- fixes). * backlight: lm3630a: Initialize backlight_properties on init (git-fixes). * backlight: lm3639: Fully initialize backlight_properties during probe (git- fixes). * backlight: lp8788: Fully initialize backlight_properties during probe (git- fixes). * blocklayoutdriver: Fix reference leak of pnfs_device_node (git-fixes). * bluetooth: Remove HCI_POWER_OFF_TIMEOUT (git-fixes). * bluetooth: Remove superfluous call to hci_conn_check_pending() (git-fixes). * bluetooth: hci_core: Fix possible buffer overflow (git-fixes). * bluetooth: mgmt: Remove leftover queuing of power_off work (git-fixes). * bluetooth: rfcomm: Fix null-ptr-deref in rfcomm_check_security (stable- fixes). * bpf, scripts: Correct GPL license name (git-fixes). * bpf, sockmap: Fix preempt_rt splat when using raw_spin_lock_t (git-fixes). * can: softing: remove redundant NULL check (git-fixes). * clk: zynq: Prevent null pointer dereference caused by kmalloc failure (git- fixes). * comedi: comedi_test: Prevent timers rescheduling during deletion (git- fixes). * coresight: etm4x: Do not access TRCIDR1 for identification (bsc#1220775) * coresight: etm4x: Fix accesses to TRCSEQRSTEVR and TRCSEQSTR (bsc#1220775) * coresight: etm: Override TRCIDR3.CCITMIN on errata affected cpus (bsc#1220775) * cpufreq: amd-pstate: Fix min_perf assignment in amd_pstate_adjust_perf() (git-fixes). * cpufreq: brcmstb-avs-cpufreq: add check for cpufreq_cpu_get's return value (git-fixes). * crypto: arm/sha - fix function cast warnings (git-fixes). * crypto: qat - avoid division by zero (git-fixes). * crypto: qat - fix deadlock in backlog processing (git-fixes). * crypto: qat - fix double free during reset (git-fixes). * crypto: qat - fix state machines cleanup paths (bsc#1218321). * crypto: qat - fix unregistration of compression algorithms (git-fixes). * crypto: qat - fix unregistration of crypto algorithms (git-fixes). * crypto: qat - ignore subsequent state up commands (git-fixes). * crypto: qat - increase size of buffers (git-fixes). * crypto: qat - resolve race condition during AER recovery (git-fixes). * crypto: xilinx - call finalize with bh disabled (git-fixes). * doc-guide: kernel-doc: tell about object-like macros (git-fixes). * doc/README.SUSE: Update information about module support status (jsc#PED-5759) * drivers: hv: vmbus: Calculate ring buffer size for more efficient use of memory (git-fixes). * drm/amd/display: Add FAMS validation before trying to use it (git-fixes). * drm/amd/display: Add function for validate and update new stream (git- fixes). * drm/amd/display: Avoid ABM when ODM combine is enabled for eDP (git-fixes). * drm/amd/display: Blocking invalid 420 modes on HDMI TMDS for DCN31 (git- fixes). * drm/amd/display: Check if link state is valid (git-fixes). * drm/amd/display: Copy DC context in the commit streams (git-fixes). * drm/amd/display: Disable PSR-SU on Parade 0803 TCON again (git-fixes). * drm/amd/display: Enable fast plane updates on DCN3.2 and above (git-fixes). * drm/amd/display: Enable new commit sequence only for DCN32x (git-fixes). * drm/amd/display: Exit idle optimizations before attempt to access PHY (git- fixes). * drm/amd/display: Expand kernel doc for DC (git-fixes). * drm/amd/display: Fix a bug when searching for insert_above_mpcc (git-fixes). * drm/amd/display: Fix a potential buffer overflow in 'dp_dsc_clock_en_read()' (git-fixes). * drm/amd/display: Fix possible underflow for displays with large vblank (git- fixes). * drm/amd/display: Fix the delta clamping for shaper LUT (git-fixes). * drm/amd/display: Fix underflow issue on 175hz timing (git-fixes). * drm/amd/display: For prefetch mode > 0, extend prefetch if possible (git- fixes). * drm/amd/display: Guard DCN31 PHYD32CLK logic against chip family (git- fixes). * drm/amd/display: Guard against invalid RPTR/WPTR being set (git-fixes). * drm/amd/display: Handle seamless boot stream (git-fixes). * drm/amd/display: Handle virtual hardware detect (git-fixes). * drm/amd/display: Include surface of unaffected streams (git-fixes). * drm/amd/display: Include udelay when waiting for INBOX0 ACK (git-fixes). * drm/amd/display: Increase frame warning limit with KASAN or KCSAN in dml (git-fixes). * drm/amd/display: Keep PHY active for dp config (git-fixes). * drm/amd/display: Prevent vtotal from being set to 0 (git-fixes). * drm/amd/display: Remove min_dst_y_next_start check for Z8 (git-fixes). * drm/amd/display: Restore rptr/wptr for DMCUB as workaround (git-fixes). * drm/amd/display: Return the correct HDCP error code (stable-fixes). * drm/amd/display: Revert vblank change that causes null pointer crash (git- fixes). * drm/amd/display: Rework comments on dc file (git-fixes). * drm/amd/display: Rework context change check (git-fixes). * drm/amd/display: Set minimum requirement for using PSR-SU on Phoenix (git- fixes). * drm/amd/display: Set minimum requirement for using PSR-SU on Rembrandt (git- fixes). * drm/amd/display: Update OTG instance in the commit stream (git-fixes). * drm/amd/display: Update correct DCN314 register header (git-fixes). * drm/amd/display: Update min Z8 residency time to 2100 for DCN314 (git- fixes). * drm/amd/display: Use DRAM speed from validation for dummy p-state (git- fixes). * drm/amd/display: Use DTBCLK as refclk instead of DPREFCLK (git-fixes). * drm/amd/display: Use min transition for all SubVP plane add/remove (git- fixes). * drm/amd/display: Write to correct dirty_rect (git-fixes). * drm/amd/display: Wrong colorimetry workaround (git-fixes). * drm/amd/display: add FB_DAMAGE_CLIPS support (git-fixes). * drm/amd/display: add ODM case when looking for first split pipe (git-fixes). * drm/amd/display: always switch off ODM before committing more streams (git- fixes). * drm/amd/display: clean code-style issues in dcn30_set_mpc_shaper_3dlut (git- fixes). * drm/amd/display: dc.h: eliminate kernel-doc warnings (git-fixes). * drm/amd/display: ensure async flips are only accepted for fast updates (git- fixes). * drm/amd/display: fix ABM disablement (git-fixes). * drm/amd/display: fix a NULL pointer dereference in amdgpu_dm_i2c_xfer() (git-fixes). * drm/amd/display: fix dc/core/dc.c kernel-doc (git-fixes). * drm/amd/display: fix hw rotated modes when PSR-SU is enabled (git-fixes). * drm/amd/display: fix kernel-doc issues in dc.h (git-fixes). * drm/amd/display: fix unbounded requesting for high pixel rate modes on dcn315 (git-fixes). * drm/amd/display: handle range offsets in VRR ranges (stable-fixes). * drm/amd/display: perform a bounds check before filling dirty rectangles (git-fixes). * drm/amd/display: set per pipe dppclk to 0 when dpp is off (git-fixes). * drm/amd/display: update extended blank for dcn314 onwards (git-fixes). * drm/amd/display: use low clocks for no plane configs (git-fixes). * drm/amd/pm: Fix error of MACO flag setting code (git-fixes). * drm/amd/pm: fix a memleak in aldebaran_tables_init (git-fixes). * drm/amd/smu: use AverageGfxclkFrequency* to replace previous GFX Curr Clock (git-fixes). * drm/amd: Enable PCIe PME from D3 (git-fixes). * drm/amdgpu/pm: Fix the error of pwm1_enable setting (stable-fixes). * drm/amdgpu/pm: make gfxclock consistent for sienna cichlid (git-fixes). * drm/amdgpu/pm: make mclk consistent for smu 13.0.7 (git-fixes). * drm/amdgpu/smu13: drop compute workload workaround (git-fixes). * drm/amdgpu: Enable gpu reset for S3 abort cases on Raven series (stable- fixes). * drm/amdgpu: Fix missing break in ATOM_ARG_IMM Case of atom_get_src_int() (git-fixes). * drm/amdgpu: Force order between a read and write to the same address (git- fixes). * drm/amdgpu: Match against exact bootloader status (git-fixes). * drm/amdgpu: Unset context priority is now invalid (git-fixes). * drm/amdgpu: Update min() to min_t() in 'amdgpu_info_ioctl' (git-fixes). * drm/amdgpu: amdgpu_ttm_gart_bind set gtt bound flag (stable-fixes). * drm/amdgpu: lower CS errors to debug severity (git-fixes). * drm/amdkfd: fix TLB flush after unmap for GFX9.4.2 (stable-fixes). * drm/bridge: tc358762: Instruct DSI host to generate HSE packets (git-fixes). * drm/display: fix typo (git-fixes). * drm/edid: Add quirk for OSVR HDK 2.0 (git-fixes). * drm/etnaviv: Restore some id values (git-fixes). * drm/exynos: do not return negative values from .get_modes() (stable-fixes). * drm/exynos: fix a possible null-pointer dereference due to data race in exynos_drm_crtc_atomic_disable() (git-fixes). * drm/i915/bios: Tolerate devdata==NULL in intel_bios_encoder_supports_dp_dual_mode() (stable-fixes). * drm/i915/gt: Do not generate the command streamer for all the CCS (git- fixes). * drm/i915/gt: Reset queue_priority_hint on parking (git-fixes). * drm/i915/gt: Use i915_vm_put on ppgtt_create error paths (git-fixes). * drm/i915/selftests: Fix dependency of some timeouts on HZ (git-fixes). * drm/i915: Add missing CCS documentation (git-fixes). * drm/i915: Call intel_pre_plane_updates() also for pipes getting enabled (git-fixes). * drm/i915: Check before removing mm notifier (git-fixes). * drm/lima: fix a memleak in lima_heap_alloc (git-fixes). * drm/mediatek: Fix a null pointer crash in mtk_drm_crtc_finish_page_flip (git-fixes). * drm/mediatek: dsi: Fix DSI RGB666 formats and definitions (git-fixes). * drm/msm/dpu: Only enable DSC_MODE_MULTIPLEX if dsc_merge is enabled (git- fixes). * drm/msm/dpu: add division of drm_display_mode's hskew parameter (git-fixes). * drm/msm/dpu: fix the programming of INTF_CFG2_DATA_HCTL_EN (git-fixes). * drm/msm/dpu: improve DSC allocation (git-fixes). * drm/panel-edp: use put_sync in unprepare (git-fixes). * drm/panel: Move AUX B116XW03 out of panel-edp back to panel-simple (git- fixes). * drm/panel: auo,b101uan08.3: Fine tune the panel power sequence (git-fixes). * drm/panel: boe-tv101wum-nl6: Fine tune the panel power sequence (git-fixes). * drm/panel: do not return negative error codes from drm_panel_get_modes() (stable-fixes). * drm/panfrost: fix power transition timeout warnings (git-fixes). * drm/probe-helper: warn about negative .get_modes() (stable-fixes). * drm/qxl: remove unused `count` variable from `qxl_surface_id_alloc()` (git- fixes). * drm/qxl: remove unused variable from `qxl_process_single_command()` (git- fixes). * drm/radeon/ni: Fix wrong firmware size logging in ni_init_microcode() (git- fixes). * drm/radeon/ni_dpm: remove redundant NULL check (git-fixes). * drm/radeon: remove dead code in ni_mc_load_microcode() (git-fixes). * drm/rockchip: dsi: Clean up 'usage_mode' when failing to attach (git-fixes). * drm/rockchip: inno_hdmi: Fix video timing (git-fixes). * drm/rockchip: lvds: do not overwrite error code (git-fixes). * drm/rockchip: lvds: do not print scary message when probing defer (git- fixes). * drm/tegra: dpaux: Fix PM disable depth imbalance in tegra_dpaux_probe (git- fixes). * drm/tegra: dsi: Add missing check for of_find_device_by_node (git-fixes). * drm/tegra: dsi: Fix missing pm_runtime_disable() in the error handling path of tegra_dsi_probe() (git-fixes). * drm/tegra: dsi: Fix some error handling paths in tegra_dsi_probe() (git- fixes). * drm/tegra: dsi: Make use of the helper function dev_err_probe() (stable- fixes). * drm/tegra: hdmi: Convert to devm_platform_ioremap_resource() (stable-fixes). * drm/tegra: hdmi: Fix some error handling paths in tegra_hdmi_probe() (git- fixes). * drm/tegra: output: Fix missing i2c_put_adapter() in the error handling paths of tegra_output_probe() (git-fixes). * drm/tegra: put drm_gem_object ref on error in tegra_fb_create (git-fixes). * drm/tegra: rgb: Fix missing clk_put() in the error handling paths of tegra_dc_rgb_probe() (git-fixes). * drm/tegra: rgb: Fix some error handling paths in tegra_dc_rgb_probe() (git- fixes). * drm/tidss: Fix initial plane zpos values (git-fixes). * drm/tidss: Fix sync-lost issue with two displays (git-fixes). * drm/ttm: Do not leak a resource on eviction error (git-fixes). * drm/ttm: Do not print error message if eviction was interrupted (git-fixes). * drm/vc4: Add module dependency on hdmi-codec (git-fixes). * drm/vmwgfx: Create debugfs ttm_resource_manager entry only if needed (git- fixes). * drm/vmwgfx: Fix possible null pointer derefence with invalid contexts (git- fixes). * drm/vmwgfx: fix a memleak in vmw_gmrid_man_get_node (git-fixes). * drm: Do not treat 0 as -1 in drm_fixp2int_ceil (git-fixes). * drm: Fix drm_fixp2int_round() making it add 0.5 (git-fixes). * drm: panel-orientation-quirks: Add quirk for Acer Switch V 10 (SW5-017) (git-fixes). * firewire: core: use long bus reset on gap count error (stable-fixes). * fix "coresight: etm4x: Change etm4_platform_driver driver for MMIO devices" (bsc#1220775) Hunk with clk_put(drvdata->pclk) was incorrectly moved to another function. * hid: amd_sfh: Update HPD sensor structure elements (git-fixes). * hid: lenovo: Add middleclick_workaround sysfs knob for cptkbd (git-fixes). * hid: multitouch: Add required quirk for Synaptics 0xcddc device (stable- fixes). * hv_netvsc: Calculate correct ring size when PAGE_SIZE is not 4 Kbytes (git- fixes). * hv_netvsc: Fix race condition between netvsc_probe and netvsc_remove (git- fixes). * hv_netvsc: Register VF in netvsc_probe if NET_DEVICE_REGISTER missed (git- fixes). * i2c: aspeed: Fix the dummy irq expected print (git-fixes). * i2c: i801: Avoid potential double call to gpiod_remove_lookup_table (git- fixes). * i2c: wmt: Fix an error handling path in wmt_i2c_probe() (git-fixes). * ib/ipoib: Fix mcast list locking (git-fixes) * iio: dummy_evgen: remove Excess kernel-doc comments (git-fixes). * iio: pressure: dlhl60d: Initialize empty DLH bytes (git-fixes). * input: gpio_keys_polled - suppress deferred probe error for gpio (stable- fixes). * input: i8042 - add Fujitsu Lifebook E5411 to i8042 quirk table (git-fixes). * input: i8042 - add Fujitsu Lifebook U728 to i8042 quirk table (git-fixes). * input: i8042 - add quirk for Fujitsu Lifebook A574/H (git-fixes). * input: i8042 - fix strange behavior of touchpad on Clevo NS70PU (git-fixes). * input: pm8941-powerkey - fix debounce on gen2+ PMICs (git-fixes). * input: pm8941-pwrkey - add software key press debouncing support (git- fixes). * input: pm8941-pwrkey - add support for PON GEN3 base addresses (git-fixes). * input: synaptics-rmi4 - fix UAF of IRQ domain on driver removal (git-fixes). * input: xpad - add Lenovo Legion Go controllers (git-fixes). * iommu/amd: Mark interrupt as managed (git-fixes). * iommu/dma: Trace bounce buffer usage when mapping buffers (git-fixes). * iommu/mediatek-v1: Fix an error handling path in mtk_iommu_v1_probe() (git- fixes). * iommu/mediatek: Fix forever loop in error handling (git-fixes). * iommu/vt-d: Allow to use flush-queue when first level is default (git- fixes). * iommu/vt-d: Do not issue ATS Invalidation request when device is disconnected (git-fixes). * iommu/vt-d: Fix PASID directory pointer coherency (git-fixes). * iommu/vt-d: Set No Execute Enable bit in PASID table entry (git-fixes). * kabi: PCI: Add locking to RMW PCI Express Capability Register accessors (kabi). * kconfig: fix infinite loop when expanding a macro at the end of file (git- fixes). * kvm: s390: only deliver the set service event bits (git-fixes bsc#1221631). * lan78xx: enable auto speed configuration for LAN7850 if no EEPROM is detected (git-commit). * leds: aw2013: Unlock mutex before destroying it (git-fixes). * lib/cmdline: Fix an invalid format specifier in an assertion msg (git- fixes). * make NVIDIA Grace-Hopper TPM related drivers build-ins (bsc#1221156) * md/raid10: check slab-out-of-bounds in md_bitmap_get_counter (git-fixes). * md/raid5: release batch_last before waiting for another stripe_head (git- fixes). * md/raid6: use valid sector values to determine if an I/O should wait on the reshape (git-fixes). * md: Do not ignore suspended array in md_check_recovery() (git-fixes). * md: Make sure md_do_sync() will set MD_RECOVERY_DONE (git-fixes). * md: Whenassemble the array, consult the superblock of the freshest device (git-fixes). * md: do not leave 'MD_RECOVERY_FROZEN' in error path of md_set_readonly() (git-fixes). * md: fix data corruption for raid456 when reshape restart while grow up (git- fixes). * md: introduce md_ro_state (git-fixes). * media: dvb-frontends: avoid stack overflow warnings with clang (git-fixes). * media: edia: dvbdev: fix a use-after-free (git-fixes). * media: em28xx: annotate unchecked call to media_device_register() (git- fixes). * media: go7007: add check of return value of go7007_read_addr() (git-fixes). * media: go7007: fix a memleak in go7007_load_encoder (git-fixes). * media: imx: csc/scaler: fix v4l2_ctrl_handler memory leak (git-fixes). * media: pvrusb2: fix pvr2_stream_callback casts (git-fixes). * media: pvrusb2: fix uaf in pvr2_context_set_notify (git-fixes). * media: pvrusb2: remove redundant NULL check (git-fixes). * media: staging: ipu3-imgu: Set fields before media_entity_pads_init() (git- fixes). * media: sun8i-di: Fix chroma difference threshold (git-fixes). * media: sun8i-di: Fix coefficient writes (git-fixes). * media: sun8i-di: Fix power on/off sequences (git-fixes). * media: tc358743: register v4l2 async device only after successful setup (git-fixes). * media: ttpci: fix two memleaks in budget_av_attach (git-fixes). * media: usbtv: Remove useless locks in usbtv_video_free() (git-fixes). * media: v4l2-mem2mem: fix a memleak in v4l2_m2m_register_entity (git-fixes). * media: v4l2-tpg: fix some memleaks in tpg_alloc (git-fixes). * media: xc4000: Fix atomicity violation in xc4000_get_frequency (git-fixes). * mfd: altera-sysmgr: Call of_node_put() only when of_parse_phandle() takes a ref (git-fixes). * mfd: syscon: Call of_node_put() only when of_parse_phandle() takes a ref (git-fixes). * mm,page_owner: Defer enablement of static branch (bsc#1222366). * mm,page_owner: Fix accounting of pages when migrating (bsc#1222366). * mm,page_owner: Fix printing of stack records (bsc#1222366). * mm,page_owner: Fix refcount imbalance (bsc#1222366). * mm,page_owner: Update metadata for tail pages (bsc#1222366). * mm,page_owner: check for null stack_record before bumping its refcount (bsc#1222366). * mm,page_owner: drop unnecessary check (bsc#1222366). * mm,page_owner: fix recursion (bsc#1222366). * mm/vmalloc: huge vmalloc backing pages should be split rather than compound (bsc#1217829). * mmc: core: Avoid negative index with array access (git-fixes). * mmc: core: Fix switch on gp3 partition (git-fixes). * mmc: core: Initialize mmc_blk_ioc_data (git-fixes). * mmc: mmci: stm32: fix DMA API overlapping mappings warning (git-fixes). * mmc: mmci: stm32: use a buffer for unaligned DMA requests (git-fixes). * mmc: tmio: avoid concurrent runs of mmc_request_done() (git-fixes). * mmc: wmt-sdmmc: remove an incorrect release_mem_region() call in the .remove function (git-fixes). * mtd: maps: physmap-core: fix flash size larger than 32-bit (git-fixes). * mtd: rawnand: lpc32xx_mlc: fix irq handler prototype (git-fixes). * mtd: rawnand: meson: fix scrambling mode value in command macro (git-fixes). * net/bnx2x: Prevent access to a freed page in page_pool (bsc#1215322). * net/x25: fix incorrect parameter validation in the x25_getsockopt() function (git-fixes). * net: Fix features skip in for_each_netdev_feature() (git-fixes). * net: lan78xx: fix runtime PM count underflow on link stop (git-fixes). * net: ll_temac: platform_get_resource replaced by wrong function (git-fixes). * net: mana: Fix Rx DMA datasize and skb_over_panic (git-fixes). * net: phy: fix phy_get_internal_delay accessing an empty array (git-fixes). * net: sunrpc: Fix an off by one in rpc_sockaddr2uaddr() (git-fixes). * net: usb: dm9601: fix wrong return value in dm9601_mdio_read (git-fixes). * nfc: nci: Fix uninit-value in nci_dev_up and nci_ntf_packet (git-fixes). * nfs: fix an off by one in root_nfs_cat() (git-fixes). * nfs: rename nfs_client_kset to nfs_kset (git-fixes). * nfsd: change LISTXATTRS cookie encoding to big-endian (git-fixes). * nfsd: convert the callback workqueue to use delayed_work (git-fixes). * nfsd: do not take fi_lock in nfsd_break_deleg_cb() (git-fixes). * nfsd: fix LISTXATTRS returning a short list with eof=TRUE (git-fixes). * nfsd: fix LISTXATTRS returning more bytes than maxcount (git-fixes). * nfsd: fix file memleak on client_opens_release (git-fixes). * nfsd: fix nfsd4_listxattr_validate_cookie (git-fixes). * nfsd: lock_rename() needs both directories to live on the same fs (git- fixes). * nfsd: reschedule CB operations when backchannel rpc_clnt is shut down (git- fixes). * nfsd: reset cb_seq_status after NFS4ERR_DELAY (git-fixes). * nfsd: retransmit callbacks after client reconnects (git-fixes). * nfsd: use vfs setgid helper (git-fixes). * nfsv4.1/pnfs: Ensure we handle the error NFS4ERR_RETURNCONFLICT (git-fixes). * nfsv4.1: fix SP4_MACH_CRED protection for pnfs IO (git-fixes). * nfsv4.1: fixup use EXCHGID4_FLAG_USE_PNFS_DS for DS server (git-fixes). * nfsv4.1: use EXCHGID4_FLAG_USE_PNFS_DS for DS server (git-fixes). * nfsv4.2: fix listxattr maximum XDR buffer size (git-fixes). * nfsv4.2: fix nfs4_listxattr kernel BUG at mm/usercopy.c:102 (git-fixes). * nfsv4.2: fix wrong shrinker_id (git-fixes). * nfsv4: fix a nfs4_state_manager() race (git-fixes). * nfsv4: fix a state manager thread deadlock regression (git-fixes). * nilfs2: fix failure to detect DAT corruption in btree and direct mappings (git-fixes). * nilfs2: prevent kernel bug at submit_bh_wbc() (git-fixes). * nouveau/dmem: handle kcalloc() allocation failure (git-fixes). * nouveau: reset the bo resource bus info after an eviction (git-fixes). * ntfs: fix use-after-free in ntfs_ucsncmp() (bsc#1221713). * nvme-fc: do not wait in vain when unloading module (git-fixes). * nvme: fix reconnection fail due to reserved tag allocation (git-fixes). * nvmet-fc: abort command when there is no binding (git-fixes). * nvmet-fc: avoid deadlock on delete association path (git-fixes). * nvmet-fc: defer cleanup using RCU properly (git-fixes). * nvmet-fc: hold reference on hostport match (git-fixes). * nvmet-fc: release reference on target port (git-fixes). * nvmet-fc: take ref count on tgtport before delete assoc (git-fixes). * nvmet-fcloop: swap the list_add_tail arguments (git-fixes). * nvmet-tcp: fix nvme tcp ida memory leak (git-fixes). * pci/aer: fix rootport attribute paths in ABI docs (git-fixes). * pci/aspm: Use RMW accessors for changing LNKCTL (git-fixes). * pci/dpc: print all TLP Prefixes, not just the first (git-fixes). * pci/msi: prevent MSI hardware interrupt number truncation (bsc#1218777) * pci/p2pdma: Fix a sleeping issue in a RCU read section (git-fixes). * pci: add locking to RMW PCI Express Capability Register accessors (git- fixes). * pci: dwc: Fix a 64bit bug in dw_pcie_ep_raise_msix_irq() (git-fixes). * pci: dwc: endpoint: Fix advertised resizable BAR size (git-fixes). * pci: dwc: endpoint: Fix dw_pcie_ep_raise_msix_irq() alignment support (git- fixes). * pci: fu740: Set the number of MSI vectors (git-fixes). * pci: lengthen reset delay for VideoPropulsion Torrent QN16e card (git- fixes). * pci: make link retraining use RMW accessors for changing LNKCTL (git-fixes). * pci: mark 3ware-9650SE Root Port Extended Tags as broken (git-fixes). * pci: mediatek-gen3: Fix translation window size calculation (git-fixes). * pci: mediatek: Clear interrupt status before dispatching handler (git- fixes). * pci: qcom: Enable BDF to SID translation properly (git-fixes). * pci: qcom: Use DWC helpers for modifying the read-only DBI registers (git- fixes). * pci: rockchip: Do not advertise MSI-X in PCIe capabilities (git-fixes). * pci: rockchip: Fix window mapping and address translation for endpoint (git- fixes). * pci: rockchip: Use 64-bit mask on MSI 64-bit PCI address (git-fixes). * pci: switchtec: Fix an error handling path in switchtec_pci_probe() (git- fixes). * pinctrl: mediatek: Drop bogus slew rate register range for MT8192 (git- fixes). * platform/mellanox: mlxreg-hotplug: Remove redundant NULL-check (git-fixes). * pm: suspend: Set mem_sleep_current during kernel command line setup (git- fixes). * pnfs/flexfiles: Check the layout validity in ff_layout_mirror_prepare_stats (git-fixes). * pnfs: Fix a hang in nfs4_evict_inode() (git-fixes). * pnfs: Fix the pnfs block driver's calculation of layoutget size (git-fixes). * powerpc/64s: POWER10 CPU Kconfig build option (bsc#1194869). * powerpc/boot: Disable power10 features after BOOTAFLAGS assignment (bsc#1194869). * powerpc/boot: Fix boot wrapper code generation with CONFIG_POWER10_CPU (bsc#1194869). * powerpc/lib/sstep: Do not use __{get/put}_user() on kernel addresses (bsc#1194869). * powerpc/lib/sstep: Remove unneeded #ifdef **powerpc64** (bsc#1194869). * powerpc/lib/sstep: Use l1_dcache_bytes() instead of opencoding (bsc#1194869). * powerpc/lib/sstep: use truncate_if_32bit() (bsc#1194869). * powerpc/pseries/iommu: IOMMU table is not initialized for kdump over SR-IOV (bsc#1220492 ltc#205270). * powerpc/pseries: Fix potential memleak in papr_get_attr() (bsc#1200465 ltc#197256 jsc#SLE-18130 git-fixes). * powerpc/sstep: Use bitwise instead of arithmetic operator for flags (bsc#1194869). * powerpc: add compile-time support for lbarx, lharx (bsc#1194869). * pwm: mediatek: Update kernel doc for struct pwm_mediatek_of_data (git- fixes). * qedf: Do not process stag work during unload (bsc#1214852). * qedf: Wait for stag work during unload (bsc#1214852). * raid1: fix use-after-free for original bio in raid1_write_request() (bsc#1221097). * ras/amd/fmpm: Add debugfs interface to print record entries (jsc#PED-7619). * ras/amd/fmpm: Avoid NULL ptr deref in get_saved_records() (jsc#PED-7619). * ras/amd/fmpm: Fix build when debugfs is not enabled (jsc#PED-7619). * ras/amd/fmpm: Fix off by one when unwinding on error (jsc#PED-7619). * ras/amd/fmpm: Safely handle saved records of various sizes (jsc#PED-7619). * ras/amd/fmpm: Save SPA values (jsc#PED-7619). * ras: Avoid build errors when CONFIG_DEBUG_FS=n (git-fixes). * ras: export helper to get ras_debugfs_dir (jsc#PED-7619). * rdma/device: Fix a race between mad_client and cm_client init (git-fixes) * rdma/hns: fix mis-modifying default congestion control algorithm (git-fixes) * rdma/ipoib: Fix error code return in ipoib_mcast_join (git-fixes) * rdma/irdma: Remove duplicate assignment (git-fixes) * rdma/mana_ib: Fix bug in creation of dma regions (git-fixes). * rdma/mlx5: fix fortify source warning while accessing Eth segment (git- fixes) * rdma/mlx5: relax DEVX access upon modify commands (git-fixes) * rdma/rtrs-clt: Check strnlen return len in sysfs mpath_policy_store() (git- fixes) * rdma/srpt: do not register event handler until srpt device is fully setup (git-fixes) * revert "PCI: tegra194: Enable support for 256 Byte payload" (git-fixes). * revert "Revert "drm/amdgpu/display: change pipe policy for DCN 2.0"" (git- fixes). * revert "SUNRPC dont update timeout value on connection reset" (git-fixes). * revert "drm/amd: Disable PSR-SU on Parade 0803 TCON" (git-fixes). * revert "drm/amd: Disable S/G for APUs when 64GB or more host memory" (git- fixes). * revert "drm/amdgpu/display: change pipe policy for DCN 2.0" (git-fixes). * revert "drm/amdgpu/display: change pipe policy for DCN 2.1" (git-fixes). * revert "drm/vc4: hdmi: Enforce the minimum rate at runtime_resume" (git- fixes). * revert "fbdev: flush deferred IO before closing (git-fixes)." (bsc#1221814) * ring-buffer: Clean ring_buffer_poll_wait() error return (git-fixes). * rtc: mt6397: select IRQ_DOMAIN instead of depending on it (git-fixes). * s390/pai: fix attr_event_free upper limit for pai device drivers (git-fixes bsc#1221633). * s390/vfio-ap: realize the VFIO_DEVICE_GET_IRQ_INFO ioctl (bsc#1205316). * s390/vfio-ap: realize the VFIO_DEVICE_SET_IRQS ioctl (bsc#1205316). * s390/vfio-ap: wire in the vfio_device_ops request callback (bsc#1205316). * s390/vtime: fix average steal time calculation (git-fixes bsc#1221951). * sched/rt: Disallow writing invalid values to sched_rt_period_us (bsc#1220176). * sched/rt: sysctl_sched_rr_timeslice show default timeslice after reset (bsc#1220176). * scsi: lpfc: Copyright updates for 14.4.0.1 patches (bsc#1221777). * scsi: lpfc: Correct size for cmdwqe/rspwqe for memset() (bsc#1221777). * scsi: lpfc: Correct size for wqe for memset() (bsc#1221777). * scsi: lpfc: Define lpfc_dmabuf type for ctx_buf ptr (bsc#1221777). * scsi: lpfc: Define lpfc_nodelist type for ctx_ndlp ptr (bsc#1221777). * scsi: lpfc: Define types in a union for generic void *context3 ptr (bsc#1221777). * scsi: lpfc: Move NPIV's transport unregistration to after resource clean up (bsc#1221777). * scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up() (bsc#1221777). * scsi: lpfc: Remove IRQF_ONESHOT flag from threaded IRQ handling (bsc#1221777 bsc#1217959). * scsi: lpfc: Remove unnecessary log message in queuecommand path (bsc#1221777). * scsi: lpfc: Replace hbalock with ndlp lock in lpfc_nvme_unregister_port() (bsc#1221777). * scsi: lpfc: Update lpfc version to 14.4.0.1 (bsc#1221777). * scsi: lpfc: Update lpfc_ramp_down_queue_handler() logic (bsc#1221777). * scsi: lpfc: Use a dedicated lock for ras_fwlog state (bsc#1221777). * scsi: qedf: Remove set but unused variable 'page' (bsc#1214852). * scsi: qedf: Remove unused 'num_handled' variable (bsc#1214852). * scsi: qedf: Remove unused declaration (bsc#1214852). * scsi: qla2xxx: Change debug message during driver unload (bsc1221816). * scsi: qla2xxx: Delay I/O Abort on PCI error (bsc1221816). * scsi: qla2xxx: Fix N2N stuck connection (bsc1221816). * scsi: qla2xxx: Fix command flush on cable pull (bsc1221816). * scsi: qla2xxx: Fix double free of fcport (bsc1221816). * scsi: qla2xxx: Fix double free of the ha->vp_map pointer (bsc1221816). * scsi: qla2xxx: NVME|FCP prefer flag not being honored (bsc1221816). * scsi: qla2xxx: Prevent command send on chip reset (bsc1221816). * scsi: qla2xxx: Split FCE|EFT trace control (bsc1221816). * scsi: qla2xxx: Update manufacturer detail (bsc1221816). * scsi: qla2xxx: Update version to 10.02.09.200-k (bsc1221816). * scsi: storvsc: Fix ring buffer size calculation (git-fixes). * scsi: target: core: Silence the message about unknown VPD pages (bsc#1221252). * selftests/bpf: add generic BPF program tester-loader (bsc#1222033). * serial: 8250_exar: Do not remove GPIO device on suspend (git-fixes). * serial: max310x: fix syntax error in IRQ error message (git-fixes). * slimbus: core: Remove usage of the deprecated ida_simple_xx() API (git- fixes). * soc: fsl: qbman: Always disable interrupts when taking cgr_lock (git-fixes). * spi: lm70llp: fix links in doc and comments (git-fixes). * spi: spi-mt65xx: Fix NULL pointer access in interrupt handler (git-fixes). * sr9800: Add check for usbnet_get_endpoints (git-fixes). * stackdepot: rename pool_index to pool_index_plus_1 (git-fixes). * staging: vc04_services: fix information leak in create_component() (git- fixes). * sunrpc: Add an IS_ERR() check back to where it was (git-fixes). * sunrpc: ECONNRESET might require a rebind (git-fixes). * sunrpc: Fix RPC client cleaned up the freed pipefs dentries (git-fixes). * sunrpc: Fix a suspicious RCU usage warning (git-fixes). * sunrpc: fix a memleak in gss_import_v2_context (git-fixes). * sunrpc: fix some memleaks in gssx_dec_option_array (git-fixes). * svcrdma: Drop connection after an RDMA Read error (git-fixes). * topology/sysfs: Hide PPIN on systems that do not support it (jsc#PED-7618). * topology: Fix up build warning in topology_is_visible() (jsc#PED-7618). * tracing/probes: Fix to show a parse error for bad type for $comm (git- fixes). * tracing: Fix wasted memory in saved_cmdlines logic (git-fixes). * tracing: Inform kmemleak of saved_cmdlines allocation (git-fixes). * tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc (bsc#1222619). * tty: serial: fsl_lpuart: avoid idle preamble pending if CTS is enabled (git- fixes). * tty: serial: samsung: fix tx_empty() to return TIOCSER_TEMT (git-fixes). * tty: vt: fix 20 vs 0x20 typo in EScsiignore (git-fixes). * ubifs: Queue up space reservation tasks if retrying many times (git-fixes). * ubifs: Remove unreachable code in dbg_check_ltab_lnum (git-fixes). * ubifs: Set page uptodate in the correct place (git-fixes). * ubifs: dbg_check_idx_size: Fix kmemleak if loading znode failed (git-fixes). * ubifs: fix sort function prototype (git-fixes). * usb: audio-v2: Correct comments for struct uac_clock_selector_descriptor (git-fixes). * usb: cdc-wdm: close race between read and workqueue (git-fixes). * usb: core: Fix deadlock in usb_deauthorize_interface() (git-fixes). * usb: dwc2: gadget: Fix exiting from clock gating (git-fixes). * usb: dwc2: gadget: LPM flow fix (git-fixes). * usb: dwc2: host: Fix ISOC flow in DDMA mode (git-fixes). * usb: dwc2: host: Fix hibernation flow (git-fixes). * usb: dwc2: host: Fix remote wakeup from hibernation (git-fixes). * usb: dwc3: Properly set system wakeup (git-fixes). * usb: f_mass_storage: forbid async queue when shutdown happen (git-fixes). * usb: gadget: ncm: Fix handling of zero block length packets (git-fixes). * usb: gadget: net2272: Use irqflags in the call to net2272_probe_fin (git- fixes). * usb: hub: Replace hardcoded quirk value with BIT() macro (git-fixes). * usb: port: Do not try to peer unused USB ports based on location (git- fixes). * usb: typec: Return size of buffer if pd_set operation succeeds (git-fixes). * usb: typec: ucsi: Check for notifications after init (git-fixes). * usb: typec: ucsi: Clean up UCSI_CABLE_PROP macros (git-fixes). * usb: typec: ucsi: Clear EVENT_PENDING under PPM lock (git-fixes). * usb: usb-storage: Prevent divide-by-0 error in isd200_ata_command (git- fixes). * usb: xhci: Add error handling in xhci_map_urb_for_dma (git-fixes). * vboxsf: Avoid an spurious warning if load_nls_xxx() fails (git-fixes). * vt: fix unicode buffer corruption when deleting characters (git-fixes). * watchdog: stm32_iwdg: initialize default timeout (git-fixes). * wifi: ath10k: fix NULL pointer dereference in ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() (git-fixes). * wifi: ath11k: decrease MHI channel buffer length to 8KB (bsc#1207948). * wifi: ath11k: initialize rx_mcs_80 and rx_mcs_160 before use (git-fixes). * wifi: ath9k: delay all of ath9k_wmi_event_tasklet() until init is complete (git-fixes). * wifi: b43: Disable QoS for bcm4331 (git-fixes). * wifi: b43: Stop correct queue in DMA worker when QoS is disabled (git- fixes). * wifi: b43: Stop/wake correct queue in DMA Tx path when QoS is disabled (git- fixes). * wifi: b43: Stop/wake correct queue in PIO Tx path when QoS is disabled (git- fixes). * wifi: brcmfmac: fix copyright year mentioned in platform_data header (git- fixes). * wifi: brcmsmac: avoid function pointer casts (git-fixes). * wifi: iwlwifi: dbg-tlv: ensure NUL termination (git-fixes). * wifi: iwlwifi: fix EWRD table validity check (git-fixes). * wifi: iwlwifi: fw: do not always use FW dump trig (git-fixes). * wifi: iwlwifi: mvm: do not set replay counters to 0xff (git-fixes). * wifi: iwlwifi: mvm: report beacon protection failures (git-fixes). * wifi: iwlwifi: mvm: rfi: fix potential response leaks (git-fixes). * wifi: iwlwifi: mvm: use FW rate for non-data only on new devices (git- fixes). * wifi: libertas: fix some memleaks in lbs_allocate_cmd_buffer() (git-fixes). * wifi: mwifiex: debugfs: Drop unnecessary error check for debugfs_create_dir() (git-fixes). * wifi: rtl8xxxu: add cancel_work_sync() for c2hcmd_work (git-fixes). * wifi: rtw88: 8821c: Fix false alarm count (git-fixes). * wifi: wilc1000: fix RCU usage in connect path (git-fixes). * wifi: wilc1000: fix declarations ordering (stable-fixes). * wifi: wilc1000: fix multi-vif management when deleting a vif (git-fixes). * wifi: wilc1000: prevent use-after-free on vif when cleaning up all interfaces (git-fixes). * x86/CPU/AMD: Update the Zenbleed microcode revisions (git-fixes). * x86/bugs: Fix the SRSO mitigation on Zen3/4 (git-fixes). * x86/fpu: Keep xfd_state in sync with MSR_IA32_XFD (git-fixes). * xhci: handle isoc Babble and Buffer Overrun events properly (git-fixes). * xhci: process isoc TD properly when there was a transaction error mid TD (git-fixes). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-1466=1 openSUSE-SLE-15.5-2024-1466=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-1466=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-1466=1 * SUSE Real Time Module 15-SP5 zypper in -t patch SUSE-SLE-Module-RT-15-SP5-2024-1466=1 ## Package List: * openSUSE Leap 15.5 (noarch) * kernel-source-rt-5.14.21-150500.13.47.1 * kernel-devel-rt-5.14.21-150500.13.47.1 * openSUSE Leap 15.5 (x86_64) * kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo-1-150500.11.3.1 * dlm-kmp-rt-debuginfo-5.14.21-150500.13.47.1 * kernel-rt_debug-vdso-debuginfo-5.14.21-150500.13.47.1 * kernel-rt-debugsource-5.14.21-150500.13.47.1 * cluster-md-kmp-rt-5.14.21-150500.13.47.1 * kernel-rt-livepatch-5.14.21-150500.13.47.1 * kernel-rt_debug-devel-5.14.21-150500.13.47.1 * kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource-1-150500.11.3.1 * kernel-rt-debuginfo-5.14.21-150500.13.47.1 * kernel-rt-devel-debuginfo-5.14.21-150500.13.47.1 * kselftests-kmp-rt-debuginfo-5.14.21-150500.13.47.1 * kernel-rt_debug-devel-debuginfo-5.14.21-150500.13.47.1 * gfs2-kmp-rt-debuginfo-5.14.21-150500.13.47.1 * kernel-rt_debug-debugsource-5.14.21-150500.13.47.1 * cluster-md-kmp-rt-debuginfo-5.14.21-150500.13.47.1 * kernel-rt-optional-5.14.21-150500.13.47.1 * dlm-kmp-rt-5.14.21-150500.13.47.1 * kernel-rt-devel-5.14.21-150500.13.47.1 * kernel-rt-extra-debuginfo-5.14.21-150500.13.47.1 * kernel-rt_debug-debuginfo-5.14.21-150500.13.47.1 * ocfs2-kmp-rt-5.14.21-150500.13.47.1 * reiserfs-kmp-rt-debuginfo-5.14.21-150500.13.47.1 * kernel-rt-vdso-debuginfo-5.14.21-150500.13.47.1 * gfs2-kmp-rt-5.14.21-150500.13.47.1 * kernel-rt_debug-livepatch-devel-5.14.21-150500.13.47.1 * reiserfs-kmp-rt-5.14.21-150500.13.47.1 * kernel-livepatch-5_14_21-150500_13_47-rt-1-150500.11.3.1 * kernel-syms-rt-5.14.21-150500.13.47.1 * kernel-rt-livepatch-devel-5.14.21-150500.13.47.1 * kernel-rt-vdso-5.14.21-150500.13.47.1 * kselftests-kmp-rt-5.14.21-150500.13.47.1 * kernel-rt-optional-debuginfo-5.14.21-150500.13.47.1 * kernel-rt_debug-vdso-5.14.21-150500.13.47.1 * ocfs2-kmp-rt-debuginfo-5.14.21-150500.13.47.1 * kernel-rt-extra-5.14.21-150500.13.47.1 * openSUSE Leap 15.5 (nosrc x86_64) * kernel-rt-5.14.21-150500.13.47.1 * kernel-rt_debug-5.14.21-150500.13.47.1 * SUSE Linux Enterprise Micro 5.5 (nosrc x86_64) * kernel-rt-5.14.21-150500.13.47.1 * SUSE Linux Enterprise Micro 5.5 (x86_64) * kernel-rt-debugsource-5.14.21-150500.13.47.1 * kernel-rt-debuginfo-5.14.21-150500.13.47.1 * SUSE Linux Enterprise Micro 5.5 (noarch) * kernel-source-rt-5.14.21-150500.13.47.1 * SUSE Linux Enterprise Live Patching 15-SP5 (x86_64) * kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource-1-150500.11.3.1 * kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo-1-150500.11.3.1 * kernel-livepatch-5_14_21-150500_13_47-rt-1-150500.11.3.1 * SUSE Real Time Module 15-SP5 (x86_64) * dlm-kmp-rt-debuginfo-5.14.21-150500.13.47.1 * kernel-rt_debug-vdso-debuginfo-5.14.21-150500.13.47.1 * kernel-rt-debugsource-5.14.21-150500.13.47.1 * cluster-md-kmp-rt-5.14.21-150500.13.47.1 * kernel-rt_debug-devel-5.14.21-150500.13.47.1 * kernel-rt-debuginfo-5.14.21-150500.13.47.1 * kernel-rt-devel-debuginfo-5.14.21-150500.13.47.1 * kernel-rt_debug-devel-debuginfo-5.14.21-150500.13.47.1 * gfs2-kmp-rt-debuginfo-5.14.21-150500.13.47.1 * kernel-rt_debug-debugsource-5.14.21-150500.13.47.1 * cluster-md-kmp-rt-debuginfo-5.14.21-150500.13.47.1 * dlm-kmp-rt-5.14.21-150500.13.47.1 * kernel-rt-devel-5.14.21-150500.13.47.1 * kernel-rt_debug-debuginfo-5.14.21-150500.13.47.1 * ocfs2-kmp-rt-5.14.21-150500.13.47.1 * kernel-rt-vdso-debuginfo-5.14.21-150500.13.47.1 * gfs2-kmp-rt-5.14.21-150500.13.47.1 * kernel-syms-rt-5.14.21-150500.13.47.1 * kernel-rt-vdso-5.14.21-150500.13.47.1 * kernel-rt_debug-vdso-5.14.21-150500.13.47.1 * ocfs2-kmp-rt-debuginfo-5.14.21-150500.13.47.1 * SUSE Real Time Module 15-SP5 (noarch) * kernel-source-rt-5.14.21-150500.13.47.1 * kernel-devel-rt-5.14.21-150500.13.47.1 * SUSE Real Time Module 15-SP5 (nosrc x86_64) * kernel-rt-5.14.21-150500.13.47.1 * kernel-rt_debug-5.14.21-150500.13.47.1 ## References: * https://www.suse.com/security/cve/CVE-2021-46925.html * https://www.suse.com/security/cve/CVE-2021-46926.html * https://www.suse.com/security/cve/CVE-2021-46927.html * https://www.suse.com/security/cve/CVE-2021-46929.html * https://www.suse.com/security/cve/CVE-2021-46930.html * https://www.suse.com/security/cve/CVE-2021-46931.html * https://www.suse.com/security/cve/CVE-2021-46933.html * https://www.suse.com/security/cve/CVE-2021-46934.html * https://www.suse.com/security/cve/CVE-2021-46936.html * https://www.suse.com/security/cve/CVE-2021-47082.html * https://www.suse.com/security/cve/CVE-2021-47083.html * https://www.suse.com/security/cve/CVE-2021-47087.html * https://www.suse.com/security/cve/CVE-2021-47091.html * https://www.suse.com/security/cve/CVE-2021-47093.html * https://www.suse.com/security/cve/CVE-2021-47094.html * https://www.suse.com/security/cve/CVE-2021-47095.html * https://www.suse.com/security/cve/CVE-2021-47096.html * https://www.suse.com/security/cve/CVE-2021-47097.html * https://www.suse.com/security/cve/CVE-2021-47098.html * https://www.suse.com/security/cve/CVE-2021-47099.html * https://www.suse.com/security/cve/CVE-2021-47100.html * https://www.suse.com/security/cve/CVE-2021-47101.html * https://www.suse.com/security/cve/CVE-2021-47102.html * https://www.suse.com/security/cve/CVE-2021-47104.html * https://www.suse.com/security/cve/CVE-2021-47105.html * https://www.suse.com/security/cve/CVE-2021-47107.html * https://www.suse.com/security/cve/CVE-2021-47108.html * https://www.suse.com/security/cve/CVE-2022-4744.html * https://www.suse.com/security/cve/CVE-2022-48626.html * https://www.suse.com/security/cve/CVE-2022-48627.html * https://www.suse.com/security/cve/CVE-2022-48628.html * https://www.suse.com/security/cve/CVE-2022-48629.html * https://www.suse.com/security/cve/CVE-2022-48630.html * https://www.suse.com/security/cve/CVE-2023-0160.html * https://www.suse.com/security/cve/CVE-2023-28746.html * https://www.suse.com/security/cve/CVE-2023-35827.html * https://www.suse.com/security/cve/CVE-2023-4881.html * https://www.suse.com/security/cve/CVE-2023-52447.html * https://www.suse.com/security/cve/CVE-2023-52450.html * https://www.suse.com/security/cve/CVE-2023-52453.html * https://www.suse.com/security/cve/CVE-2023-52454.html * https://www.suse.com/security/cve/CVE-2023-52462.html * https://www.suse.com/security/cve/CVE-2023-52463.html * https://www.suse.com/security/cve/CVE-2023-52467.html * https://www.suse.com/security/cve/CVE-2023-52469.html * https://www.suse.com/security/cve/CVE-2023-52470.html * https://www.suse.com/security/cve/CVE-2023-52474.html * https://www.suse.com/security/cve/CVE-2023-52476.html * https://www.suse.com/security/cve/CVE-2023-52477.html * https://www.suse.com/security/cve/CVE-2023-52481.html * https://www.suse.com/security/cve/CVE-2023-52482.html * https://www.suse.com/security/cve/CVE-2023-52484.html * https://www.suse.com/security/cve/CVE-2023-52486.html * https://www.suse.com/security/cve/CVE-2023-52492.html * https://www.suse.com/security/cve/CVE-2023-52493.html * https://www.suse.com/security/cve/CVE-2023-52494.html * https://www.suse.com/security/cve/CVE-2023-52497.html * https://www.suse.com/security/cve/CVE-2023-52500.html * https://www.suse.com/security/cve/CVE-2023-52501.html * https://www.suse.com/security/cve/CVE-2023-52502.html * https://www.suse.com/security/cve/CVE-2023-52504.html * https://www.suse.com/security/cve/CVE-2023-52507.html * https://www.suse.com/security/cve/CVE-2023-52508.html * https://www.suse.com/security/cve/CVE-2023-52509.html * https://www.suse.com/security/cve/CVE-2023-52510.html * https://www.suse.com/security/cve/CVE-2023-52511.html * https://www.suse.com/security/cve/CVE-2023-52513.html * https://www.suse.com/security/cve/CVE-2023-52515.html * https://www.suse.com/security/cve/CVE-2023-52517.html * https://www.suse.com/security/cve/CVE-2023-52518.html * https://www.suse.com/security/cve/CVE-2023-52519.html * https://www.suse.com/security/cve/CVE-2023-52520.html * https://www.suse.com/security/cve/CVE-2023-52523.html * https://www.suse.com/security/cve/CVE-2023-52524.html * https://www.suse.com/security/cve/CVE-2023-52525.html * https://www.suse.com/security/cve/CVE-2023-52528.html * https://www.suse.com/security/cve/CVE-2023-52529.html * https://www.suse.com/security/cve/CVE-2023-52530.html * https://www.suse.com/security/cve/CVE-2023-52531.html * https://www.suse.com/security/cve/CVE-2023-52532.html * https://www.suse.com/security/cve/CVE-2023-52559.html * https://www.suse.com/security/cve/CVE-2023-52563.html * https://www.suse.com/security/cve/CVE-2023-52564.html * https://www.suse.com/security/cve/CVE-2023-52566.html * https://www.suse.com/security/cve/CVE-2023-52567.html * https://www.suse.com/security/cve/CVE-2023-52569.html * https://www.suse.com/security/cve/CVE-2023-52574.html * https://www.suse.com/security/cve/CVE-2023-52575.html * https://www.suse.com/security/cve/CVE-2023-52576.html * https://www.suse.com/security/cve/CVE-2023-52582.html * https://www.suse.com/security/cve/CVE-2023-52583.html * https://www.suse.com/security/cve/CVE-2023-52587.html * https://www.suse.com/security/cve/CVE-2023-52591.html * https://www.suse.com/security/cve/CVE-2023-52594.html * https://www.suse.com/security/cve/CVE-2023-52595.html * https://www.suse.com/security/cve/CVE-2023-52597.html * https://www.suse.com/security/cve/CVE-2023-52598.html * https://www.suse.com/security/cve/CVE-2023-52599.html * https://www.suse.com/security/cve/CVE-2023-52600.html * https://www.suse.com/security/cve/CVE-2023-52601.html * https://www.suse.com/security/cve/CVE-2023-52602.html * https://www.suse.com/security/cve/CVE-2023-52603.html * https://www.suse.com/security/cve/CVE-2023-52604.html * https://www.suse.com/security/cve/CVE-2023-52605.html * https://www.suse.com/security/cve/CVE-2023-52606.html * https://www.suse.com/security/cve/CVE-2023-52607.html * https://www.suse.com/security/cve/CVE-2023-52608.html * https://www.suse.com/security/cve/CVE-2023-52612.html * https://www.suse.com/security/cve/CVE-2023-52615.html * https://www.suse.com/security/cve/CVE-2023-52617.html * https://www.suse.com/security/cve/CVE-2023-52619.html * https://www.suse.com/security/cve/CVE-2023-52621.html * https://www.suse.com/security/cve/CVE-2023-52623.html * https://www.suse.com/security/cve/CVE-2023-52628.html * https://www.suse.com/security/cve/CVE-2023-52632.html * https://www.suse.com/security/cve/CVE-2023-52637.html * https://www.suse.com/security/cve/CVE-2023-52639.html * https://www.suse.com/security/cve/CVE-2023-6270.html * https://www.suse.com/security/cve/CVE-2023-6356.html * https://www.suse.com/security/cve/CVE-2023-6535.html * https://www.suse.com/security/cve/CVE-2023-6536.html * https://www.suse.com/security/cve/CVE-2023-7042.html * https://www.suse.com/security/cve/CVE-2023-7192.html * https://www.suse.com/security/cve/CVE-2024-0841.html * https://www.suse.com/security/cve/CVE-2024-2201.html * https://www.suse.com/security/cve/CVE-2024-22099.html * https://www.suse.com/security/cve/CVE-2024-23307.html * https://www.suse.com/security/cve/CVE-2024-25739.html * https://www.suse.com/security/cve/CVE-2024-25742.html * https://www.suse.com/security/cve/CVE-2024-26599.html * https://www.suse.com/security/cve/CVE-2024-26600.html * https://www.suse.com/security/cve/CVE-2024-26602.html * https://www.suse.com/security/cve/CVE-2024-26607.html * https://www.suse.com/security/cve/CVE-2024-26612.html * https://www.suse.com/security/cve/CVE-2024-26614.html * https://www.suse.com/security/cve/CVE-2024-26620.html * https://www.suse.com/security/cve/CVE-2024-26627.html * https://www.suse.com/security/cve/CVE-2024-26629.html * https://www.suse.com/security/cve/CVE-2024-26642.html * https://www.suse.com/security/cve/CVE-2024-26645.html * https://www.suse.com/security/cve/CVE-2024-26646.html * https://www.suse.com/security/cve/CVE-2024-26651.html * https://www.suse.com/security/cve/CVE-2024-26654.html * https://www.suse.com/security/cve/CVE-2024-26659.html * https://www.suse.com/security/cve/CVE-2024-26664.html * https://www.suse.com/security/cve/CVE-2024-26667.html * https://www.suse.com/security/cve/CVE-2024-26670.html * https://www.suse.com/security/cve/CVE-2024-26695.html * https://www.suse.com/security/cve/CVE-2024-26717.html * https://bugzilla.suse.com/show_bug.cgi?id=1194869 * https://bugzilla.suse.com/show_bug.cgi?id=1200465 * https://bugzilla.suse.com/show_bug.cgi?id=1205316 * https://bugzilla.suse.com/show_bug.cgi?id=1207948 * https://bugzilla.suse.com/show_bug.cgi?id=1209635 * https://bugzilla.suse.com/show_bug.cgi?id=1209657 * https://bugzilla.suse.com/show_bug.cgi?id=1212514 * https://bugzilla.suse.com/show_bug.cgi?id=1213456 * https://bugzilla.suse.com/show_bug.cgi?id=1214852 * https://bugzilla.suse.com/show_bug.cgi?id=1215221 * https://bugzilla.suse.com/show_bug.cgi?id=1215322 * https://bugzilla.suse.com/show_bug.cgi?id=1217339 * https://bugzilla.suse.com/show_bug.cgi?id=1217829 * https://bugzilla.suse.com/show_bug.cgi?id=1217959 * https://bugzilla.suse.com/show_bug.cgi?id=1217987 * https://bugzilla.suse.com/show_bug.cgi?id=1217988 * https://bugzilla.suse.com/show_bug.cgi?id=1217989 * https://bugzilla.suse.com/show_bug.cgi?id=1218321 * https://bugzilla.suse.com/show_bug.cgi?id=1218336 * https://bugzilla.suse.com/show_bug.cgi?id=1218479 * https://bugzilla.suse.com/show_bug.cgi?id=1218562 * https://bugzilla.suse.com/show_bug.cgi?id=1218643 * https://bugzilla.suse.com/show_bug.cgi?id=1218777 * https://bugzilla.suse.com/show_bug.cgi?id=1219169 * https://bugzilla.suse.com/show_bug.cgi?id=1219170 * https://bugzilla.suse.com/show_bug.cgi?id=1219264 * https://bugzilla.suse.com/show_bug.cgi?id=1219834 * https://bugzilla.suse.com/show_bug.cgi?id=1220114 * https://bugzilla.suse.com/show_bug.cgi?id=1220176 * https://bugzilla.suse.com/show_bug.cgi?id=1220237 * https://bugzilla.suse.com/show_bug.cgi?id=1220251 * https://bugzilla.suse.com/show_bug.cgi?id=1220320 * https://bugzilla.suse.com/show_bug.cgi?id=1220325 * https://bugzilla.suse.com/show_bug.cgi?id=1220328 * https://bugzilla.suse.com/show_bug.cgi?id=1220337 * https://bugzilla.suse.com/show_bug.cgi?id=1220340 * https://bugzilla.suse.com/show_bug.cgi?id=1220365 * https://bugzilla.suse.com/show_bug.cgi?id=1220366 * https://bugzilla.suse.com/show_bug.cgi?id=1220398 * https://bugzilla.suse.com/show_bug.cgi?id=1220411 * https://bugzilla.suse.com/show_bug.cgi?id=1220413 * https://bugzilla.suse.com/show_bug.cgi?id=1220433 * https://bugzilla.suse.com/show_bug.cgi?id=1220439 * https://bugzilla.suse.com/show_bug.cgi?id=1220443 * https://bugzilla.suse.com/show_bug.cgi?id=1220445 * https://bugzilla.suse.com/show_bug.cgi?id=1220466 * https://bugzilla.suse.com/show_bug.cgi?id=1220469 * https://bugzilla.suse.com/show_bug.cgi?id=1220478 * https://bugzilla.suse.com/show_bug.cgi?id=1220482 * https://bugzilla.suse.com/show_bug.cgi?id=1220484 * https://bugzilla.suse.com/show_bug.cgi?id=1220486 * https://bugzilla.suse.com/show_bug.cgi?id=1220487 * https://bugzilla.suse.com/show_bug.cgi?id=1220492 * https://bugzilla.suse.com/show_bug.cgi?id=1220703 * https://bugzilla.suse.com/show_bug.cgi?id=1220735 * https://bugzilla.suse.com/show_bug.cgi?id=1220736 * https://bugzilla.suse.com/show_bug.cgi?id=1220775 * https://bugzilla.suse.com/show_bug.cgi?id=1220790 * https://bugzilla.suse.com/show_bug.cgi?id=1220797 * https://bugzilla.suse.com/show_bug.cgi?id=1220831 * https://bugzilla.suse.com/show_bug.cgi?id=1220833 * https://bugzilla.suse.com/show_bug.cgi?id=1220836 * https://bugzilla.suse.com/show_bug.cgi?id=1220839 * https://bugzilla.suse.com/show_bug.cgi?id=1220840 * https://bugzilla.suse.com/show_bug.cgi?id=1220843 * https://bugzilla.suse.com/show_bug.cgi?id=1220845 * https://bugzilla.suse.com/show_bug.cgi?id=1220848 * https://bugzilla.suse.com/show_bug.cgi?id=1220870 * https://bugzilla.suse.com/show_bug.cgi?id=1220871 * https://bugzilla.suse.com/show_bug.cgi?id=1220872 * https://bugzilla.suse.com/show_bug.cgi?id=1220878 * https://bugzilla.suse.com/show_bug.cgi?id=1220879 * https://bugzilla.suse.com/show_bug.cgi?id=1220883 * https://bugzilla.suse.com/show_bug.cgi?id=1220885 * https://bugzilla.suse.com/show_bug.cgi?id=1220887 * https://bugzilla.suse.com/show_bug.cgi?id=1220898 * https://bugzilla.suse.com/show_bug.cgi?id=1220917 * https://bugzilla.suse.com/show_bug.cgi?id=1220918 * https://bugzilla.suse.com/show_bug.cgi?id=1220920 * https://bugzilla.suse.com/show_bug.cgi?id=1220921 * https://bugzilla.suse.com/show_bug.cgi?id=1220926 * https://bugzilla.suse.com/show_bug.cgi?id=1220927 * https://bugzilla.suse.com/show_bug.cgi?id=1220929 * https://bugzilla.suse.com/show_bug.cgi?id=1220930 * https://bugzilla.suse.com/show_bug.cgi?id=1220931 * https://bugzilla.suse.com/show_bug.cgi?id=1220932 * https://bugzilla.suse.com/show_bug.cgi?id=1220933 * https://bugzilla.suse.com/show_bug.cgi?id=1220937 * https://bugzilla.suse.com/show_bug.cgi?id=1220938 * https://bugzilla.suse.com/show_bug.cgi?id=1220940 * https://bugzilla.suse.com/show_bug.cgi?id=1220954 * https://bugzilla.suse.com/show_bug.cgi?id=1220955 * https://bugzilla.suse.com/show_bug.cgi?id=1220959 * https://bugzilla.suse.com/show_bug.cgi?id=1220960 * https://bugzilla.suse.com/show_bug.cgi?id=1220961 * https://bugzilla.suse.com/show_bug.cgi?id=1220965 * https://bugzilla.suse.com/show_bug.cgi?id=1220969 * https://bugzilla.suse.com/show_bug.cgi?id=1220978 * https://bugzilla.suse.com/show_bug.cgi?id=1220979 * https://bugzilla.suse.com/show_bug.cgi?id=1220981 * https://bugzilla.suse.com/show_bug.cgi?id=1220982 * https://bugzilla.suse.com/show_bug.cgi?id=1220983 * https://bugzilla.suse.com/show_bug.cgi?id=1220985 * https://bugzilla.suse.com/show_bug.cgi?id=1220986 * https://bugzilla.suse.com/show_bug.cgi?id=1220987 * https://bugzilla.suse.com/show_bug.cgi?id=1220989 * https://bugzilla.suse.com/show_bug.cgi?id=1220990 * https://bugzilla.suse.com/show_bug.cgi?id=1221009 * https://bugzilla.suse.com/show_bug.cgi?id=1221012 * https://bugzilla.suse.com/show_bug.cgi?id=1221015 * https://bugzilla.suse.com/show_bug.cgi?id=1221022 * https://bugzilla.suse.com/show_bug.cgi?id=1221039 * https://bugzilla.suse.com/show_bug.cgi?id=1221040 * https://bugzilla.suse.com/show_bug.cgi?id=1221044 * https://bugzilla.suse.com/show_bug.cgi?id=1221045 * https://bugzilla.suse.com/show_bug.cgi?id=1221046 * https://bugzilla.suse.com/show_bug.cgi?id=1221048 * https://bugzilla.suse.com/show_bug.cgi?id=1221055 * https://bugzilla.suse.com/show_bug.cgi?id=1221056 * https://bugzilla.suse.com/show_bug.cgi?id=1221058 * https://bugzilla.suse.com/show_bug.cgi?id=1221060 * https://bugzilla.suse.com/show_bug.cgi?id=1221061 * https://bugzilla.suse.com/show_bug.cgi?id=1221062 * https://bugzilla.suse.com/show_bug.cgi?id=1221066 * https://bugzilla.suse.com/show_bug.cgi?id=1221067 * https://bugzilla.suse.com/show_bug.cgi?id=1221068 * https://bugzilla.suse.com/show_bug.cgi?id=1221069 * https://bugzilla.suse.com/show_bug.cgi?id=1221070 * https://bugzilla.suse.com/show_bug.cgi?id=1221071 * https://bugzilla.suse.com/show_bug.cgi?id=1221077 * https://bugzilla.suse.com/show_bug.cgi?id=1221082 * https://bugzilla.suse.com/show_bug.cgi?id=1221090 * https://bugzilla.suse.com/show_bug.cgi?id=1221097 * https://bugzilla.suse.com/show_bug.cgi?id=1221156 * https://bugzilla.suse.com/show_bug.cgi?id=1221252 * https://bugzilla.suse.com/show_bug.cgi?id=1221273 * https://bugzilla.suse.com/show_bug.cgi?id=1221274 * https://bugzilla.suse.com/show_bug.cgi?id=1221276 * https://bugzilla.suse.com/show_bug.cgi?id=1221277 * https://bugzilla.suse.com/show_bug.cgi?id=1221291 * https://bugzilla.suse.com/show_bug.cgi?id=1221293 * https://bugzilla.suse.com/show_bug.cgi?id=1221298 * https://bugzilla.suse.com/show_bug.cgi?id=1221337 * https://bugzilla.suse.com/show_bug.cgi?id=1221338 * https://bugzilla.suse.com/show_bug.cgi?id=1221375 * https://bugzilla.suse.com/show_bug.cgi?id=1221379 * https://bugzilla.suse.com/show_bug.cgi?id=1221551 * https://bugzilla.suse.com/show_bug.cgi?id=1221553 * https://bugzilla.suse.com/show_bug.cgi?id=1221613 * https://bugzilla.suse.com/show_bug.cgi?id=1221614 * https://bugzilla.suse.com/show_bug.cgi?id=1221616 * https://bugzilla.suse.com/show_bug.cgi?id=1221618 * https://bugzilla.suse.com/show_bug.cgi?id=1221631 * https://bugzilla.suse.com/show_bug.cgi?id=1221633 * https://bugzilla.suse.com/show_bug.cgi?id=1221713 * https://bugzilla.suse.com/show_bug.cgi?id=1221725 * https://bugzilla.suse.com/show_bug.cgi?id=1221777 * https://bugzilla.suse.com/show_bug.cgi?id=1221814 * https://bugzilla.suse.com/show_bug.cgi?id=1221816 * https://bugzilla.suse.com/show_bug.cgi?id=1221830 * https://bugzilla.suse.com/show_bug.cgi?id=1221951 * https://bugzilla.suse.com/show_bug.cgi?id=1222033 * https://bugzilla.suse.com/show_bug.cgi?id=1222056 * https://bugzilla.suse.com/show_bug.cgi?id=1222060 * https://bugzilla.suse.com/show_bug.cgi?id=1222070 * https://bugzilla.suse.com/show_bug.cgi?id=1222073 * https://bugzilla.suse.com/show_bug.cgi?id=1222117 * https://bugzilla.suse.com/show_bug.cgi?id=1222274 * https://bugzilla.suse.com/show_bug.cgi?id=1222291 * https://bugzilla.suse.com/show_bug.cgi?id=1222300 * https://bugzilla.suse.com/show_bug.cgi?id=1222304 * https://bugzilla.suse.com/show_bug.cgi?id=1222317 * https://bugzilla.suse.com/show_bug.cgi?id=1222331 * https://bugzilla.suse.com/show_bug.cgi?id=1222355 * https://bugzilla.suse.com/show_bug.cgi?id=1222356 * https://bugzilla.suse.com/show_bug.cgi?id=1222360 * https://bugzilla.suse.com/show_bug.cgi?id=1222366 * https://bugzilla.suse.com/show_bug.cgi?id=1222373 * https://bugzilla.suse.com/show_bug.cgi?id=1222619 * https://bugzilla.suse.com/show_bug.cgi?id=1222952 * https://jira.suse.com/browse/PED-5759 * https://jira.suse.com/browse/PED-7167 * https://jira.suse.com/browse/PED-7618 * https://jira.suse.com/browse/PED-7619 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Apr 29 16:30:36 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 29 Apr 2024 16:30:36 -0000 Subject: SUSE-SU-2024:1469-1: important: Security update for docker Message-ID: <171440823680.13848.2951298424455452984@smelt2.prg2.suse.org> # Security update for docker Announcement ID: SUSE-SU-2024:1469-1 Rating: important References: * bsc#1219267 * bsc#1219268 * bsc#1219438 * bsc#1223409 Cross-References: * CVE-2024-23651 * CVE-2024-23652 * CVE-2024-23653 CVSS scores: * CVE-2024-23651 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23651 ( NVD ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2024-23652 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H * CVE-2024-23652 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H * CVE-2024-23653 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-23653 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * Containers Module 12 * SUSE Linux Enterprise High Performance Computing 12 SP2 * SUSE Linux Enterprise High Performance Computing 12 SP3 * SUSE Linux Enterprise High Performance Computing 12 SP4 * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 * SUSE Linux Enterprise Server 12 SP1 * SUSE Linux Enterprise Server 12 SP2 * SUSE Linux Enterprise Server 12 SP3 * SUSE Linux Enterprise Server 12 SP4 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 * SUSE Linux Enterprise Server for SAP Applications 12 SP1 * SUSE Linux Enterprise Server for SAP Applications 12 SP2 * SUSE Linux Enterprise Server for SAP Applications 12 SP3 * SUSE Linux Enterprise Server for SAP Applications 12 SP4 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves three vulnerabilities and has one security fix can now be installed. ## Description: This update for docker fixes the following issues: * CVE-2024-23651: Fixed arbitrary files write due to race condition on mounts (bsc#1219267) * CVE-2024-23652: Fixed insufficient validation of parent directory on mount (bsc#1219268) * CVE-2024-23653: Fixed insufficient validation on entitlement on container creation via buildkit (bsc#1219438) Other fixes: \- Update to Docker 25.0.5-ce (bsc#1223409) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Containers Module 12 zypper in -t patch SUSE-SLE-Module-Containers-12-2024-1469=1 ## Package List: * Containers Module 12 (ppc64le s390x x86_64) * docker-25.0.5_ce-98.112.1 * docker-debuginfo-25.0.5_ce-98.112.1 ## References: * https://www.suse.com/security/cve/CVE-2024-23651.html * https://www.suse.com/security/cve/CVE-2024-23652.html * https://www.suse.com/security/cve/CVE-2024-23653.html * https://bugzilla.suse.com/show_bug.cgi?id=1219267 * https://bugzilla.suse.com/show_bug.cgi?id=1219268 * https://bugzilla.suse.com/show_bug.cgi?id=1219438 * https://bugzilla.suse.com/show_bug.cgi?id=1223409 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Apr 29 20:30:04 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 29 Apr 2024 20:30:04 -0000 Subject: SUSE-SU-2024:1470-1: important: Security update for ffmpeg-4 Message-ID: <171442260449.20336.14093781519239746603@smelt2.prg2.suse.org> # Security update for ffmpeg-4 Announcement ID: SUSE-SU-2024:1470-1 Rating: important References: * bsc#1223070 * bsc#1223235 * bsc#1223272 Cross-References: * CVE-2023-49502 * CVE-2023-51793 * CVE-2024-31578 CVSS scores: * CVE-2023-49502 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2023-51793 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-31578 ( SUSE ): 7.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Workstation Extension 15 SP5 * SUSE Package Hub 15 15-SP5 An update that solves three vulnerabilities can now be installed. ## Description: This update for ffmpeg-4 fixes the following issues: * CVE-2024-31578: Fixed heap use-after-free via av_hwframe_ctx_init() when vulkan_frames init failed (bsc#1223070) * CVE-2023-49502: Fixed heap buffer overflow via the ff_bwdif_filter_intra_c function in libavfilter/bwdifdsp.c (bsc#1223235) * CVE-2023-51793: Fixed heap buffer overflow in the image_copy_plane function in libavutil/imgutils.c (bsc#1223272) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Workstation Extension 15 SP5 zypper in -t patch SUSE-SLE-Product-WE-15-SP5-2024-1470=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-1470=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1470=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-1470=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-1470=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-1470=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-1470=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-1470=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-1470=1 ## Package List: * SUSE Linux Enterprise Workstation Extension 15 SP5 (x86_64) * ffmpeg-4-debugsource-4.4-150400.3.24.1 * ffmpeg-4-debuginfo-4.4-150400.3.24.1 * libswresample3_9-4.4-150400.3.24.1 * libavutil56_70-4.4-150400.3.24.1 * libswscale5_9-4.4-150400.3.24.1 * libavformat58_76-debuginfo-4.4-150400.3.24.1 * libavcodec58_134-4.4-150400.3.24.1 * libswscale5_9-debuginfo-4.4-150400.3.24.1 * libswresample3_9-debuginfo-4.4-150400.3.24.1 * libavformat58_76-4.4-150400.3.24.1 * libavutil56_70-debuginfo-4.4-150400.3.24.1 * libavcodec58_134-debuginfo-4.4-150400.3.24.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * ffmpeg-4-libavutil-devel-4.4-150400.3.24.1 * libswresample3_9-4.4-150400.3.24.1 * libpostproc55_9-debuginfo-4.4-150400.3.24.1 * libavformat58_76-debuginfo-4.4-150400.3.24.1 * ffmpeg-4-libavfilter-devel-4.4-150400.3.24.1 * libavutil56_70-debuginfo-4.4-150400.3.24.1 * libswscale5_9-4.4-150400.3.24.1 * ffmpeg-4-libswresample-devel-4.4-150400.3.24.1 * ffmpeg-4-private-devel-4.4-150400.3.24.1 * ffmpeg-4-libavdevice-devel-4.4-150400.3.24.1 * ffmpeg-4-libavresample-devel-4.4-150400.3.24.1 * ffmpeg-4-libavcodec-devel-4.4-150400.3.24.1 * libavdevice58_13-4.4-150400.3.24.1 * libswscale5_9-debuginfo-4.4-150400.3.24.1 * ffmpeg-4-libavformat-devel-4.4-150400.3.24.1 * ffmpeg-4-libswscale-devel-4.4-150400.3.24.1 * ffmpeg-4-debuginfo-4.4-150400.3.24.1 * libavcodec58_134-4.4-150400.3.24.1 * libavfilter7_110-debuginfo-4.4-150400.3.24.1 * ffmpeg-4-4.4-150400.3.24.1 * libavdevice58_13-debuginfo-4.4-150400.3.24.1 * libavformat58_76-4.4-150400.3.24.1 * libavresample4_0-debuginfo-4.4-150400.3.24.1 * libavcodec58_134-debuginfo-4.4-150400.3.24.1 * libswresample3_9-debuginfo-4.4-150400.3.24.1 * ffmpeg-4-debugsource-4.4-150400.3.24.1 * libavresample4_0-4.4-150400.3.24.1 * libavutil56_70-4.4-150400.3.24.1 * libavfilter7_110-4.4-150400.3.24.1 * libpostproc55_9-4.4-150400.3.24.1 * ffmpeg-4-libpostproc-devel-4.4-150400.3.24.1 * openSUSE Leap 15.4 (x86_64) * libavcodec58_134-32bit-4.4-150400.3.24.1 * libavdevice58_13-32bit-4.4-150400.3.24.1 * libavutil56_70-32bit-4.4-150400.3.24.1 * libswscale5_9-32bit-4.4-150400.3.24.1 * libswscale5_9-32bit-debuginfo-4.4-150400.3.24.1 * libavfilter7_110-32bit-debuginfo-4.4-150400.3.24.1 * libavformat58_76-32bit-debuginfo-4.4-150400.3.24.1 * libpostproc55_9-32bit-4.4-150400.3.24.1 * libavfilter7_110-32bit-4.4-150400.3.24.1 * libavutil56_70-32bit-debuginfo-4.4-150400.3.24.1 * libpostproc55_9-32bit-debuginfo-4.4-150400.3.24.1 * libavdevice58_13-32bit-debuginfo-4.4-150400.3.24.1 * libavcodec58_134-32bit-debuginfo-4.4-150400.3.24.1 * libavformat58_76-32bit-4.4-150400.3.24.1 * libavresample4_0-32bit-debuginfo-4.4-150400.3.24.1 * libswresample3_9-32bit-debuginfo-4.4-150400.3.24.1 * libswresample3_9-32bit-4.4-150400.3.24.1 * libavresample4_0-32bit-4.4-150400.3.24.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libavformat58_76-64bit-4.4-150400.3.24.1 * libavcodec58_134-64bit-4.4-150400.3.24.1 * libavdevice58_13-64bit-4.4-150400.3.24.1 * libavdevice58_13-64bit-debuginfo-4.4-150400.3.24.1 * libswscale5_9-64bit-debuginfo-4.4-150400.3.24.1 * libavformat58_76-64bit-debuginfo-4.4-150400.3.24.1 * libavfilter7_110-64bit-4.4-150400.3.24.1 * libavutil56_70-64bit-debuginfo-4.4-150400.3.24.1 * libswscale5_9-64bit-4.4-150400.3.24.1 * libswresample3_9-64bit-4.4-150400.3.24.1 * libavfilter7_110-64bit-debuginfo-4.4-150400.3.24.1 * libavresample4_0-64bit-4.4-150400.3.24.1 * libavutil56_70-64bit-4.4-150400.3.24.1 * libavcodec58_134-64bit-debuginfo-4.4-150400.3.24.1 * libpostproc55_9-64bit-4.4-150400.3.24.1 * libpostproc55_9-64bit-debuginfo-4.4-150400.3.24.1 * libswresample3_9-64bit-debuginfo-4.4-150400.3.24.1 * libavresample4_0-64bit-debuginfo-4.4-150400.3.24.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * ffmpeg-4-libavutil-devel-4.4-150400.3.24.1 * libswresample3_9-4.4-150400.3.24.1 * libpostproc55_9-debuginfo-4.4-150400.3.24.1 * libavformat58_76-debuginfo-4.4-150400.3.24.1 * ffmpeg-4-libavfilter-devel-4.4-150400.3.24.1 * libavutil56_70-debuginfo-4.4-150400.3.24.1 * libswscale5_9-4.4-150400.3.24.1 * ffmpeg-4-libswresample-devel-4.4-150400.3.24.1 * ffmpeg-4-private-devel-4.4-150400.3.24.1 * ffmpeg-4-libavdevice-devel-4.4-150400.3.24.1 * ffmpeg-4-libavresample-devel-4.4-150400.3.24.1 * ffmpeg-4-libavcodec-devel-4.4-150400.3.24.1 * libavdevice58_13-4.4-150400.3.24.1 * libswscale5_9-debuginfo-4.4-150400.3.24.1 * ffmpeg-4-libavformat-devel-4.4-150400.3.24.1 * ffmpeg-4-libswscale-devel-4.4-150400.3.24.1 * ffmpeg-4-debuginfo-4.4-150400.3.24.1 * libavcodec58_134-4.4-150400.3.24.1 * libavfilter7_110-debuginfo-4.4-150400.3.24.1 * libavformat58_76-4.4-150400.3.24.1 * ffmpeg-4-4.4-150400.3.24.1 * libavdevice58_13-debuginfo-4.4-150400.3.24.1 * libavresample4_0-debuginfo-4.4-150400.3.24.1 * libavcodec58_134-debuginfo-4.4-150400.3.24.1 * libswresample3_9-debuginfo-4.4-150400.3.24.1 * ffmpeg-4-debugsource-4.4-150400.3.24.1 * libavresample4_0-4.4-150400.3.24.1 * libavutil56_70-4.4-150400.3.24.1 * libavfilter7_110-4.4-150400.3.24.1 * libpostproc55_9-4.4-150400.3.24.1 * ffmpeg-4-libpostproc-devel-4.4-150400.3.24.1 * openSUSE Leap 15.5 (x86_64) * libavcodec58_134-32bit-4.4-150400.3.24.1 * libavdevice58_13-32bit-4.4-150400.3.24.1 * libavutil56_70-32bit-4.4-150400.3.24.1 * libswscale5_9-32bit-4.4-150400.3.24.1 * libswscale5_9-32bit-debuginfo-4.4-150400.3.24.1 * libavfilter7_110-32bit-debuginfo-4.4-150400.3.24.1 * libavformat58_76-32bit-debuginfo-4.4-150400.3.24.1 * libpostproc55_9-32bit-4.4-150400.3.24.1 * libavfilter7_110-32bit-4.4-150400.3.24.1 * libavutil56_70-32bit-debuginfo-4.4-150400.3.24.1 * libpostproc55_9-32bit-debuginfo-4.4-150400.3.24.1 * libavdevice58_13-32bit-debuginfo-4.4-150400.3.24.1 * libavcodec58_134-32bit-debuginfo-4.4-150400.3.24.1 * libavformat58_76-32bit-4.4-150400.3.24.1 * libavresample4_0-32bit-debuginfo-4.4-150400.3.24.1 * libswresample3_9-32bit-debuginfo-4.4-150400.3.24.1 * libswresample3_9-32bit-4.4-150400.3.24.1 * libavresample4_0-32bit-4.4-150400.3.24.1 * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x x86_64) * ffmpeg-4-libavutil-devel-4.4-150400.3.24.1 * libswresample3_9-4.4-150400.3.24.1 * libpostproc55_9-debuginfo-4.4-150400.3.24.1 * libavformat58_76-debuginfo-4.4-150400.3.24.1 * ffmpeg-4-libavfilter-devel-4.4-150400.3.24.1 * libavutil56_70-debuginfo-4.4-150400.3.24.1 * libswscale5_9-4.4-150400.3.24.1 * ffmpeg-4-libswresample-devel-4.4-150400.3.24.1 * ffmpeg-4-private-devel-4.4-150400.3.24.1 * ffmpeg-4-libavdevice-devel-4.4-150400.3.24.1 * ffmpeg-4-libavresample-devel-4.4-150400.3.24.1 * ffmpeg-4-libavcodec-devel-4.4-150400.3.24.1 * libavdevice58_13-4.4-150400.3.24.1 * libswscale5_9-debuginfo-4.4-150400.3.24.1 * ffmpeg-4-libavformat-devel-4.4-150400.3.24.1 * ffmpeg-4-libswscale-devel-4.4-150400.3.24.1 * ffmpeg-4-debuginfo-4.4-150400.3.24.1 * libavcodec58_134-4.4-150400.3.24.1 * libavfilter7_110-debuginfo-4.4-150400.3.24.1 * libavformat58_76-4.4-150400.3.24.1 * ffmpeg-4-4.4-150400.3.24.1 * libavdevice58_13-debuginfo-4.4-150400.3.24.1 * libavresample4_0-debuginfo-4.4-150400.3.24.1 * libavcodec58_134-debuginfo-4.4-150400.3.24.1 * libswresample3_9-debuginfo-4.4-150400.3.24.1 * ffmpeg-4-debugsource-4.4-150400.3.24.1 * libavresample4_0-4.4-150400.3.24.1 * libavutil56_70-4.4-150400.3.24.1 * libavfilter7_110-4.4-150400.3.24.1 * libpostproc55_9-4.4-150400.3.24.1 * ffmpeg-4-libpostproc-devel-4.4-150400.3.24.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * ffmpeg-4-debugsource-4.4-150400.3.24.1 * ffmpeg-4-debuginfo-4.4-150400.3.24.1 * libswresample3_9-4.4-150400.3.24.1 * libavutil56_70-4.4-150400.3.24.1 * libpostproc55_9-debuginfo-4.4-150400.3.24.1 * libavformat58_76-debuginfo-4.4-150400.3.24.1 * libpostproc55_9-4.4-150400.3.24.1 * libavcodec58_134-4.4-150400.3.24.1 * libswresample3_9-debuginfo-4.4-150400.3.24.1 * libavformat58_76-4.4-150400.3.24.1 * libavutil56_70-debuginfo-4.4-150400.3.24.1 * libavcodec58_134-debuginfo-4.4-150400.3.24.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * ffmpeg-4-debugsource-4.4-150400.3.24.1 * ffmpeg-4-debuginfo-4.4-150400.3.24.1 * libswresample3_9-4.4-150400.3.24.1 * libavutil56_70-4.4-150400.3.24.1 * libpostproc55_9-debuginfo-4.4-150400.3.24.1 * libavformat58_76-debuginfo-4.4-150400.3.24.1 * libpostproc55_9-4.4-150400.3.24.1 * libavcodec58_134-4.4-150400.3.24.1 * libswresample3_9-debuginfo-4.4-150400.3.24.1 * libavformat58_76-4.4-150400.3.24.1 * libavutil56_70-debuginfo-4.4-150400.3.24.1 * libavcodec58_134-debuginfo-4.4-150400.3.24.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * ffmpeg-4-debugsource-4.4-150400.3.24.1 * ffmpeg-4-debuginfo-4.4-150400.3.24.1 * libswresample3_9-4.4-150400.3.24.1 * libavutil56_70-4.4-150400.3.24.1 * libswscale5_9-4.4-150400.3.24.1 * libpostproc55_9-debuginfo-4.4-150400.3.24.1 * libavformat58_76-debuginfo-4.4-150400.3.24.1 * libpostproc55_9-4.4-150400.3.24.1 * libavcodec58_134-4.4-150400.3.24.1 * libswscale5_9-debuginfo-4.4-150400.3.24.1 * libswresample3_9-debuginfo-4.4-150400.3.24.1 * libavformat58_76-4.4-150400.3.24.1 * libavutil56_70-debuginfo-4.4-150400.3.24.1 * libavcodec58_134-debuginfo-4.4-150400.3.24.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * ffmpeg-4-debugsource-4.4-150400.3.24.1 * ffmpeg-4-debuginfo-4.4-150400.3.24.1 * libswresample3_9-4.4-150400.3.24.1 * libavutil56_70-4.4-150400.3.24.1 * libpostproc55_9-debuginfo-4.4-150400.3.24.1 * libavformat58_76-debuginfo-4.4-150400.3.24.1 * libpostproc55_9-4.4-150400.3.24.1 * libavcodec58_134-4.4-150400.3.24.1 * libswresample3_9-debuginfo-4.4-150400.3.24.1 * libavformat58_76-4.4-150400.3.24.1 * libavutil56_70-debuginfo-4.4-150400.3.24.1 * libavcodec58_134-debuginfo-4.4-150400.3.24.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * ffmpeg-4-debugsource-4.4-150400.3.24.1 * ffmpeg-4-debuginfo-4.4-150400.3.24.1 * libswresample3_9-4.4-150400.3.24.1 * libavutil56_70-4.4-150400.3.24.1 * libpostproc55_9-debuginfo-4.4-150400.3.24.1 * libavformat58_76-debuginfo-4.4-150400.3.24.1 * libpostproc55_9-4.4-150400.3.24.1 * libavcodec58_134-4.4-150400.3.24.1 * libswresample3_9-debuginfo-4.4-150400.3.24.1 * libavformat58_76-4.4-150400.3.24.1 * libavutil56_70-debuginfo-4.4-150400.3.24.1 * libavcodec58_134-debuginfo-4.4-150400.3.24.1 ## References: * https://www.suse.com/security/cve/CVE-2023-49502.html * https://www.suse.com/security/cve/CVE-2023-51793.html * https://www.suse.com/security/cve/CVE-2024-31578.html * https://bugzilla.suse.com/show_bug.cgi?id=1223070 * https://bugzilla.suse.com/show_bug.cgi?id=1223235 * https://bugzilla.suse.com/show_bug.cgi?id=1223272 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Apr 29 20:30:08 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 29 Apr 2024 20:30:08 -0000 Subject: SUSE-SU-2024:1468-1: important: Security update for ffmpeg Message-ID: <171442260841.20336.1832277668454119939@smelt2.prg2.suse.org> # Security update for ffmpeg Announcement ID: SUSE-SU-2024:1468-1 Rating: important References: * bsc#1190721 * bsc#1190724 * bsc#1190727 * bsc#1190728 * bsc#1190731 * bsc#1190732 * bsc#1223070 * bsc#1223235 Cross-References: * CVE-2020-20894 * CVE-2020-20898 * CVE-2020-20900 * CVE-2020-20901 * CVE-2021-38090 * CVE-2021-38091 * CVE-2021-38094 * CVE-2023-49502 * CVE-2024-31578 CVSS scores: * CVE-2020-20894 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2020-20898 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2020-20898 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2020-20900 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2020-20901 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2021-38090 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2021-38090 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2021-38091 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2021-38091 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2021-38094 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2021-38094 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2023-49502 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-31578 ( SUSE ): 7.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H Affected Products: * Desktop Applications Module 15-SP5 * openSUSE Leap 15.5 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Workstation Extension 15 SP5 * SUSE Package Hub 15 15-SP5 An update that solves nine vulnerabilities can now be installed. ## Description: This update for ffmpeg fixes the following issues: * CVE-2024-31578: Fixed heap use-after-free via av_hwframe_ctx_init() when vulkan_frames init failed (bsc#1223070) * CVE-2023-49502: Fixed heap buffer overflow via the ff_bwdif_filter_intra_c function in libavfilter/bwdifdsp.c (bsc#1223235) Adding references for already fixed issues: * CVE-2021-38091: Fixed integer overflow in function filter16_sobel in libavfilter/vf_convolution.c (bsc#1190732) * CVE-2021-38090: Fixed integer overflow in function filter16_roberts in libavfilter/vf_convolution.c (bsc#1190731) * CVE-2020-20898: Fixed integer overflow vulnerability in function filter16_prewitt in libavfilter/vf_convolution.c (bsc#1190724) * CVE-2020-20901: Fixed buffer overflow vulnerability in function filter_frame in libavfilter/vf_fieldorder.c (bsc#1190728) * CVE-2020-20900: Fixed buffer overflow vulnerability in function gaussian_blur in libavfilter/vf_edgedetect.c (bsc#1190727) * CVE-2020-20894: Fixed buffer Overflow vulnerability in function gaussian_blur in libavfilter/vf_edgedetect.c (bsc#1190721) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1468=1 * Desktop Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP5-2024-1468=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-1468=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-1468=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-1468=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-1468=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-1468=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-1468=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-1468=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-1468=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-1468=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-1468=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-1468=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-1468=1 * SUSE Linux Enterprise Workstation Extension 15 SP5 zypper in -t patch SUSE-SLE-Product-WE-15-SP5-2024-1468=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-1468=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * libavresample3-3.4.2-150200.11.41.1 * libavcodec-devel-3.4.2-150200.11.41.1 * libswscale4-debuginfo-3.4.2-150200.11.41.1 * libavutil-devel-3.4.2-150200.11.41.1 * ffmpeg-3.4.2-150200.11.41.1 * libavresample3-debuginfo-3.4.2-150200.11.41.1 * libswscale-devel-3.4.2-150200.11.41.1 * libavfilter6-debuginfo-3.4.2-150200.11.41.1 * ffmpeg-debuginfo-3.4.2-150200.11.41.1 * libavdevice-devel-3.4.2-150200.11.41.1 * libavfilter6-3.4.2-150200.11.41.1 * libavfilter-devel-3.4.2-150200.11.41.1 * libavdevice57-debuginfo-3.4.2-150200.11.41.1 * libswresample2-debuginfo-3.4.2-150200.11.41.1 * libavformat-devel-3.4.2-150200.11.41.1 * libswscale4-3.4.2-150200.11.41.1 * libavutil55-debuginfo-3.4.2-150200.11.41.1 * libavutil55-3.4.2-150200.11.41.1 * libpostproc54-3.4.2-150200.11.41.1 * libavcodec57-debuginfo-3.4.2-150200.11.41.1 * ffmpeg-debugsource-3.4.2-150200.11.41.1 * libavformat57-3.4.2-150200.11.41.1 * libpostproc-devel-3.4.2-150200.11.41.1 * libavresample-devel-3.4.2-150200.11.41.1 * libavcodec57-3.4.2-150200.11.41.1 * libswresample-devel-3.4.2-150200.11.41.1 * libavdevice57-3.4.2-150200.11.41.1 * libpostproc54-debuginfo-3.4.2-150200.11.41.1 * libswresample2-3.4.2-150200.11.41.1 * libavformat57-debuginfo-3.4.2-150200.11.41.1 * ffmpeg-private-devel-3.4.2-150200.11.41.1 * openSUSE Leap 15.5 (x86_64) * libavutil55-32bit-3.4.2-150200.11.41.1 * libpostproc54-32bit-3.4.2-150200.11.41.1 * libavdevice57-32bit-debuginfo-3.4.2-150200.11.41.1 * libavutil55-32bit-debuginfo-3.4.2-150200.11.41.1 * libpostproc54-32bit-debuginfo-3.4.2-150200.11.41.1 * libswresample2-32bit-3.4.2-150200.11.41.1 * libavfilter6-32bit-debuginfo-3.4.2-150200.11.41.1 * libavcodec57-32bit-3.4.2-150200.11.41.1 * libavfilter6-32bit-3.4.2-150200.11.41.1 * libavformat57-32bit-3.4.2-150200.11.41.1 * libavformat57-32bit-debuginfo-3.4.2-150200.11.41.1 * libavcodec57-32bit-debuginfo-3.4.2-150200.11.41.1 * libswresample2-32bit-debuginfo-3.4.2-150200.11.41.1 * libavresample3-32bit-3.4.2-150200.11.41.1 * libswscale4-32bit-3.4.2-150200.11.41.1 * libavdevice57-32bit-3.4.2-150200.11.41.1 * libswscale4-32bit-debuginfo-3.4.2-150200.11.41.1 * libavresample3-32bit-debuginfo-3.4.2-150200.11.41.1 * Desktop Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * libavutil55-3.4.2-150200.11.41.1 * libpostproc54-debuginfo-3.4.2-150200.11.41.1 * libpostproc54-3.4.2-150200.11.41.1 * libavcodec57-debuginfo-3.4.2-150200.11.41.1 * ffmpeg-debugsource-3.4.2-150200.11.41.1 * libavutil-devel-3.4.2-150200.11.41.1 * libpostproc-devel-3.4.2-150200.11.41.1 * libswscale4-debuginfo-3.4.2-150200.11.41.1 * libavutil55-debuginfo-3.4.2-150200.11.41.1 * libswresample2-debuginfo-3.4.2-150200.11.41.1 * libswresample2-3.4.2-150200.11.41.1 * libswscale4-3.4.2-150200.11.41.1 * libavcodec57-3.4.2-150200.11.41.1 * libswresample-devel-3.4.2-150200.11.41.1 * libswscale-devel-3.4.2-150200.11.41.1 * ffmpeg-debuginfo-3.4.2-150200.11.41.1 * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x x86_64) * libavdevice57-3.4.2-150200.11.41.1 * libavfilter6-3.4.2-150200.11.41.1 * libavresample3-3.4.2-150200.11.41.1 * ffmpeg-debugsource-3.4.2-150200.11.41.1 * ffmpeg-3.4.2-150200.11.41.1 * libavformat57-3.4.2-150200.11.41.1 * libavdevice57-debuginfo-3.4.2-150200.11.41.1 * libavresample3-debuginfo-3.4.2-150200.11.41.1 * libavformat57-debuginfo-3.4.2-150200.11.41.1 * libavfilter6-debuginfo-3.4.2-150200.11.41.1 * ffmpeg-debuginfo-3.4.2-150200.11.41.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * libavresample3-3.4.2-150200.11.41.1 * libswscale4-debuginfo-3.4.2-150200.11.41.1 * libavutil-devel-3.4.2-150200.11.41.1 * libavresample3-debuginfo-3.4.2-150200.11.41.1 * libswscale-devel-3.4.2-150200.11.41.1 * ffmpeg-debuginfo-3.4.2-150200.11.41.1 * libswresample2-debuginfo-3.4.2-150200.11.41.1 * libswscale4-3.4.2-150200.11.41.1 * libavutil55-debuginfo-3.4.2-150200.11.41.1 * libavutil55-3.4.2-150200.11.41.1 * libpostproc54-3.4.2-150200.11.41.1 * libavcodec57-debuginfo-3.4.2-150200.11.41.1 * ffmpeg-debugsource-3.4.2-150200.11.41.1 * libavformat57-3.4.2-150200.11.41.1 * libpostproc-devel-3.4.2-150200.11.41.1 * libavresample-devel-3.4.2-150200.11.41.1 * libavcodec57-3.4.2-150200.11.41.1 * libswresample-devel-3.4.2-150200.11.41.1 * libpostproc54-debuginfo-3.4.2-150200.11.41.1 * libswresample2-3.4.2-150200.11.41.1 * libavformat57-debuginfo-3.4.2-150200.11.41.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * libavresample3-3.4.2-150200.11.41.1 * libswscale4-debuginfo-3.4.2-150200.11.41.1 * libavutil-devel-3.4.2-150200.11.41.1 * libavresample3-debuginfo-3.4.2-150200.11.41.1 * libswscale-devel-3.4.2-150200.11.41.1 * ffmpeg-debuginfo-3.4.2-150200.11.41.1 * libswresample2-debuginfo-3.4.2-150200.11.41.1 * libswscale4-3.4.2-150200.11.41.1 * libavutil55-debuginfo-3.4.2-150200.11.41.1 * libavutil55-3.4.2-150200.11.41.1 * libpostproc54-3.4.2-150200.11.41.1 * libavcodec57-debuginfo-3.4.2-150200.11.41.1 * ffmpeg-debugsource-3.4.2-150200.11.41.1 * libavformat57-3.4.2-150200.11.41.1 * libpostproc-devel-3.4.2-150200.11.41.1 * libavresample-devel-3.4.2-150200.11.41.1 * libavcodec57-3.4.2-150200.11.41.1 * libswresample-devel-3.4.2-150200.11.41.1 * libpostproc54-debuginfo-3.4.2-150200.11.41.1 * libswresample2-3.4.2-150200.11.41.1 * libavformat57-debuginfo-3.4.2-150200.11.41.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * libavutil55-3.4.2-150200.11.41.1 * libpostproc54-debuginfo-3.4.2-150200.11.41.1 * libavresample3-3.4.2-150200.11.41.1 * libpostproc54-3.4.2-150200.11.41.1 * libavcodec57-debuginfo-3.4.2-150200.11.41.1 * ffmpeg-debugsource-3.4.2-150200.11.41.1 * libavutil-devel-3.4.2-150200.11.41.1 * libavformat57-3.4.2-150200.11.41.1 * libpostproc-devel-3.4.2-150200.11.41.1 * libavutil55-debuginfo-3.4.2-150200.11.41.1 * libswresample2-debuginfo-3.4.2-150200.11.41.1 * libswresample2-3.4.2-150200.11.41.1 * libswscale4-3.4.2-150200.11.41.1 * libswscale4-debuginfo-3.4.2-150200.11.41.1 * libavcodec57-3.4.2-150200.11.41.1 * libavresample3-debuginfo-3.4.2-150200.11.41.1 * libavformat57-debuginfo-3.4.2-150200.11.41.1 * libswresample-devel-3.4.2-150200.11.41.1 * libswscale-devel-3.4.2-150200.11.41.1 * ffmpeg-debuginfo-3.4.2-150200.11.41.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * libavutil55-3.4.2-150200.11.41.1 * libpostproc54-debuginfo-3.4.2-150200.11.41.1 * libavresample3-3.4.2-150200.11.41.1 * libpostproc54-3.4.2-150200.11.41.1 * libavcodec57-debuginfo-3.4.2-150200.11.41.1 * ffmpeg-debugsource-3.4.2-150200.11.41.1 * libavutil-devel-3.4.2-150200.11.41.1 * libavformat57-3.4.2-150200.11.41.1 * libpostproc-devel-3.4.2-150200.11.41.1 * libavutil55-debuginfo-3.4.2-150200.11.41.1 * libswresample2-debuginfo-3.4.2-150200.11.41.1 * libswresample2-3.4.2-150200.11.41.1 * libswscale4-3.4.2-150200.11.41.1 * libswscale4-debuginfo-3.4.2-150200.11.41.1 * libavcodec57-3.4.2-150200.11.41.1 * libavresample3-debuginfo-3.4.2-150200.11.41.1 * libavformat57-debuginfo-3.4.2-150200.11.41.1 * libswresample-devel-3.4.2-150200.11.41.1 * libswscale-devel-3.4.2-150200.11.41.1 * ffmpeg-debuginfo-3.4.2-150200.11.41.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * libavresample3-3.4.2-150200.11.41.1 * libavcodec-devel-3.4.2-150200.11.41.1 * libswscale4-debuginfo-3.4.2-150200.11.41.1 * libavutil-devel-3.4.2-150200.11.41.1 * libavresample3-debuginfo-3.4.2-150200.11.41.1 * libswscale-devel-3.4.2-150200.11.41.1 * ffmpeg-debuginfo-3.4.2-150200.11.41.1 * libswresample2-debuginfo-3.4.2-150200.11.41.1 * libavformat-devel-3.4.2-150200.11.41.1 * libswscale4-3.4.2-150200.11.41.1 * libavutil55-debuginfo-3.4.2-150200.11.41.1 * libavutil55-3.4.2-150200.11.41.1 * libpostproc54-3.4.2-150200.11.41.1 * libavcodec57-debuginfo-3.4.2-150200.11.41.1 * ffmpeg-debugsource-3.4.2-150200.11.41.1 * libavformat57-3.4.2-150200.11.41.1 * libpostproc-devel-3.4.2-150200.11.41.1 * libavresample-devel-3.4.2-150200.11.41.1 * libavcodec57-3.4.2-150200.11.41.1 * libswresample-devel-3.4.2-150200.11.41.1 * libpostproc54-debuginfo-3.4.2-150200.11.41.1 * libswresample2-3.4.2-150200.11.41.1 * libavformat57-debuginfo-3.4.2-150200.11.41.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * libavresample3-3.4.2-150200.11.41.1 * libswscale4-debuginfo-3.4.2-150200.11.41.1 * libavutil-devel-3.4.2-150200.11.41.1 * libavresample3-debuginfo-3.4.2-150200.11.41.1 * libswscale-devel-3.4.2-150200.11.41.1 * ffmpeg-debuginfo-3.4.2-150200.11.41.1 * libswresample2-debuginfo-3.4.2-150200.11.41.1 * libswscale4-3.4.2-150200.11.41.1 * libavutil55-debuginfo-3.4.2-150200.11.41.1 * libavutil55-3.4.2-150200.11.41.1 * libpostproc54-3.4.2-150200.11.41.1 * libavcodec57-debuginfo-3.4.2-150200.11.41.1 * ffmpeg-debugsource-3.4.2-150200.11.41.1 * libavformat57-3.4.2-150200.11.41.1 * libpostproc-devel-3.4.2-150200.11.41.1 * libavresample-devel-3.4.2-150200.11.41.1 * libavcodec57-3.4.2-150200.11.41.1 * libswresample-devel-3.4.2-150200.11.41.1 * libpostproc54-debuginfo-3.4.2-150200.11.41.1 * libswresample2-3.4.2-150200.11.41.1 * libavformat57-debuginfo-3.4.2-150200.11.41.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * libavresample3-3.4.2-150200.11.41.1 * libswscale4-debuginfo-3.4.2-150200.11.41.1 * libavutil-devel-3.4.2-150200.11.41.1 * libavresample3-debuginfo-3.4.2-150200.11.41.1 * libswscale-devel-3.4.2-150200.11.41.1 * ffmpeg-debuginfo-3.4.2-150200.11.41.1 * libswresample2-debuginfo-3.4.2-150200.11.41.1 * libswscale4-3.4.2-150200.11.41.1 * libavutil55-debuginfo-3.4.2-150200.11.41.1 * libavutil55-3.4.2-150200.11.41.1 * libpostproc54-3.4.2-150200.11.41.1 * libavcodec57-debuginfo-3.4.2-150200.11.41.1 * ffmpeg-debugsource-3.4.2-150200.11.41.1 * libavformat57-3.4.2-150200.11.41.1 * libpostproc-devel-3.4.2-150200.11.41.1 * libavresample-devel-3.4.2-150200.11.41.1 * libavcodec57-3.4.2-150200.11.41.1 * libswresample-devel-3.4.2-150200.11.41.1 * libpostproc54-debuginfo-3.4.2-150200.11.41.1 * libswresample2-3.4.2-150200.11.41.1 * libavformat57-debuginfo-3.4.2-150200.11.41.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * libavutil55-3.4.2-150200.11.41.1 * libpostproc54-debuginfo-3.4.2-150200.11.41.1 * libavresample3-3.4.2-150200.11.41.1 * libpostproc54-3.4.2-150200.11.41.1 * libavcodec57-debuginfo-3.4.2-150200.11.41.1 * ffmpeg-debugsource-3.4.2-150200.11.41.1 * libavutil-devel-3.4.2-150200.11.41.1 * libavformat57-3.4.2-150200.11.41.1 * libpostproc-devel-3.4.2-150200.11.41.1 * libavutil55-debuginfo-3.4.2-150200.11.41.1 * libswresample2-debuginfo-3.4.2-150200.11.41.1 * libswresample2-3.4.2-150200.11.41.1 * libswscale4-3.4.2-150200.11.41.1 * libswscale4-debuginfo-3.4.2-150200.11.41.1 * libavcodec57-3.4.2-150200.11.41.1 * libavresample3-debuginfo-3.4.2-150200.11.41.1 * libavformat57-debuginfo-3.4.2-150200.11.41.1 * libswresample-devel-3.4.2-150200.11.41.1 * libswscale-devel-3.4.2-150200.11.41.1 * ffmpeg-debuginfo-3.4.2-150200.11.41.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * libavresample3-3.4.2-150200.11.41.1 * libswscale4-debuginfo-3.4.2-150200.11.41.1 * libavutil-devel-3.4.2-150200.11.41.1 * libavresample3-debuginfo-3.4.2-150200.11.41.1 * libswscale-devel-3.4.2-150200.11.41.1 * ffmpeg-debuginfo-3.4.2-150200.11.41.1 * libswresample2-debuginfo-3.4.2-150200.11.41.1 * libswscale4-3.4.2-150200.11.41.1 * libavutil55-debuginfo-3.4.2-150200.11.41.1 * libavutil55-3.4.2-150200.11.41.1 * libpostproc54-3.4.2-150200.11.41.1 * libavcodec57-debuginfo-3.4.2-150200.11.41.1 * ffmpeg-debugsource-3.4.2-150200.11.41.1 * libavformat57-3.4.2-150200.11.41.1 * libpostproc-devel-3.4.2-150200.11.41.1 * libavresample-devel-3.4.2-150200.11.41.1 * libavcodec57-3.4.2-150200.11.41.1 * libswresample-devel-3.4.2-150200.11.41.1 * libpostproc54-debuginfo-3.4.2-150200.11.41.1 * libswresample2-3.4.2-150200.11.41.1 * libavformat57-debuginfo-3.4.2-150200.11.41.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * libavresample3-3.4.2-150200.11.41.1 * libswscale4-debuginfo-3.4.2-150200.11.41.1 * libavutil-devel-3.4.2-150200.11.41.1 * libavresample3-debuginfo-3.4.2-150200.11.41.1 * libswscale-devel-3.4.2-150200.11.41.1 * ffmpeg-debuginfo-3.4.2-150200.11.41.1 * libswresample2-debuginfo-3.4.2-150200.11.41.1 * libswscale4-3.4.2-150200.11.41.1 * libavutil55-debuginfo-3.4.2-150200.11.41.1 * libavutil55-3.4.2-150200.11.41.1 * libpostproc54-3.4.2-150200.11.41.1 * libavcodec57-debuginfo-3.4.2-150200.11.41.1 * ffmpeg-debugsource-3.4.2-150200.11.41.1 * libavformat57-3.4.2-150200.11.41.1 * libpostproc-devel-3.4.2-150200.11.41.1 * libavresample-devel-3.4.2-150200.11.41.1 * libavcodec57-3.4.2-150200.11.41.1 * libswresample-devel-3.4.2-150200.11.41.1 * libpostproc54-debuginfo-3.4.2-150200.11.41.1 * libswresample2-3.4.2-150200.11.41.1 * libavformat57-debuginfo-3.4.2-150200.11.41.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * libavutil55-3.4.2-150200.11.41.1 * libpostproc54-debuginfo-3.4.2-150200.11.41.1 * libavresample3-3.4.2-150200.11.41.1 * libpostproc54-3.4.2-150200.11.41.1 * libavcodec57-debuginfo-3.4.2-150200.11.41.1 * ffmpeg-debugsource-3.4.2-150200.11.41.1 * libavutil-devel-3.4.2-150200.11.41.1 * libavformat57-3.4.2-150200.11.41.1 * libpostproc-devel-3.4.2-150200.11.41.1 * libavutil55-debuginfo-3.4.2-150200.11.41.1 * libswresample2-debuginfo-3.4.2-150200.11.41.1 * libswresample2-3.4.2-150200.11.41.1 * libswscale4-3.4.2-150200.11.41.1 * libswscale4-debuginfo-3.4.2-150200.11.41.1 * libavcodec57-3.4.2-150200.11.41.1 * libavresample3-debuginfo-3.4.2-150200.11.41.1 * libavformat57-debuginfo-3.4.2-150200.11.41.1 * libswresample-devel-3.4.2-150200.11.41.1 * libswscale-devel-3.4.2-150200.11.41.1 * ffmpeg-debuginfo-3.4.2-150200.11.41.1 * SUSE Linux Enterprise Workstation Extension 15 SP5 (x86_64) * libavresample3-3.4.2-150200.11.41.1 * libavcodec-devel-3.4.2-150200.11.41.1 * ffmpeg-debugsource-3.4.2-150200.11.41.1 * libavformat57-3.4.2-150200.11.41.1 * libavformat-devel-3.4.2-150200.11.41.1 * libavresample-devel-3.4.2-150200.11.41.1 * libavresample3-debuginfo-3.4.2-150200.11.41.1 * libavformat57-debuginfo-3.4.2-150200.11.41.1 * ffmpeg-debuginfo-3.4.2-150200.11.41.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * libavresample3-3.4.2-150200.11.41.1 * libswscale4-debuginfo-3.4.2-150200.11.41.1 * libavutil-devel-3.4.2-150200.11.41.1 * libavresample3-debuginfo-3.4.2-150200.11.41.1 * libswscale-devel-3.4.2-150200.11.41.1 * ffmpeg-debuginfo-3.4.2-150200.11.41.1 * libswresample2-debuginfo-3.4.2-150200.11.41.1 * libswscale4-3.4.2-150200.11.41.1 * libavutil55-debuginfo-3.4.2-150200.11.41.1 * libavutil55-3.4.2-150200.11.41.1 * libpostproc54-3.4.2-150200.11.41.1 * libavcodec57-debuginfo-3.4.2-150200.11.41.1 * ffmpeg-debugsource-3.4.2-150200.11.41.1 * libavformat57-3.4.2-150200.11.41.1 * libpostproc-devel-3.4.2-150200.11.41.1 * libavresample-devel-3.4.2-150200.11.41.1 * libavcodec57-3.4.2-150200.11.41.1 * libswresample-devel-3.4.2-150200.11.41.1 * libpostproc54-debuginfo-3.4.2-150200.11.41.1 * libswresample2-3.4.2-150200.11.41.1 * libavformat57-debuginfo-3.4.2-150200.11.41.1 ## References: * https://www.suse.com/security/cve/CVE-2020-20894.html * https://www.suse.com/security/cve/CVE-2020-20898.html * https://www.suse.com/security/cve/CVE-2020-20900.html * https://www.suse.com/security/cve/CVE-2020-20901.html * https://www.suse.com/security/cve/CVE-2021-38090.html * https://www.suse.com/security/cve/CVE-2021-38091.html * https://www.suse.com/security/cve/CVE-2021-38094.html * https://www.suse.com/security/cve/CVE-2023-49502.html * https://www.suse.com/security/cve/CVE-2024-31578.html * https://bugzilla.suse.com/show_bug.cgi?id=1190721 * https://bugzilla.suse.com/show_bug.cgi?id=1190724 * https://bugzilla.suse.com/show_bug.cgi?id=1190727 * https://bugzilla.suse.com/show_bug.cgi?id=1190728 * https://bugzilla.suse.com/show_bug.cgi?id=1190731 * https://bugzilla.suse.com/show_bug.cgi?id=1190732 * https://bugzilla.suse.com/show_bug.cgi?id=1223070 * https://bugzilla.suse.com/show_bug.cgi?id=1223235 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Apr 30 12:30:04 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 30 Apr 2024 12:30:04 -0000 Subject: SUSE-SU-2024:1475-1: important: Security update for frr Message-ID: <171448020462.8800.6036150430503356418@smelt2.prg2.suse.org> # Security update for frr Announcement ID: SUSE-SU-2024:1475-1 Rating: important References: * bsc#1222518 Cross-References: * CVE-2024-31948 CVSS scores: * CVE-2024-31948 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for frr fixes the following issues: * CVE-2024-31948: Fixed denial of service due to malformed Prefix SID attribute in BGP Update packet (bsc#1222518) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-1475=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-1475=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-1475=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-1475=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-1475=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-1475=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-1475=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-1475=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-1475=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-1475=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-1475=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-1475=1 ## Package List: * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * libfrr_pb0-debuginfo-7.4-150300.4.23.1 * frr-debugsource-7.4-150300.4.23.1 * libfrrzmq0-debuginfo-7.4-150300.4.23.1 * libfrrgrpc_pb0-debuginfo-7.4-150300.4.23.1 * libfrrcares0-debuginfo-7.4-150300.4.23.1 * frr-devel-7.4-150300.4.23.1 * libfrrospfapiclient0-7.4-150300.4.23.1 * libmlag_pb0-7.4-150300.4.23.1 * libfrr0-debuginfo-7.4-150300.4.23.1 * libfrr0-7.4-150300.4.23.1 * libfrrfpm_pb0-debuginfo-7.4-150300.4.23.1 * libfrrospfapiclient0-debuginfo-7.4-150300.4.23.1 * frr-debuginfo-7.4-150300.4.23.1 * libfrrsnmp0-7.4-150300.4.23.1 * libmlag_pb0-debuginfo-7.4-150300.4.23.1 * libfrrfpm_pb0-7.4-150300.4.23.1 * libfrrgrpc_pb0-7.4-150300.4.23.1 * libfrr_pb0-7.4-150300.4.23.1 * libfrrcares0-7.4-150300.4.23.1 * libfrrzmq0-7.4-150300.4.23.1 * frr-7.4-150300.4.23.1 * libfrrsnmp0-debuginfo-7.4-150300.4.23.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * libfrr_pb0-debuginfo-7.4-150300.4.23.1 * frr-debugsource-7.4-150300.4.23.1 * libfrrzmq0-debuginfo-7.4-150300.4.23.1 * libfrrgrpc_pb0-debuginfo-7.4-150300.4.23.1 * libfrrcares0-debuginfo-7.4-150300.4.23.1 * frr-devel-7.4-150300.4.23.1 * libfrrospfapiclient0-7.4-150300.4.23.1 * libmlag_pb0-7.4-150300.4.23.1 * libfrr0-debuginfo-7.4-150300.4.23.1 * libfrr0-7.4-150300.4.23.1 * libfrrfpm_pb0-debuginfo-7.4-150300.4.23.1 * libfrrospfapiclient0-debuginfo-7.4-150300.4.23.1 * frr-debuginfo-7.4-150300.4.23.1 * libfrrsnmp0-7.4-150300.4.23.1 * libmlag_pb0-debuginfo-7.4-150300.4.23.1 * libfrrfpm_pb0-7.4-150300.4.23.1 * libfrrgrpc_pb0-7.4-150300.4.23.1 * libfrr_pb0-7.4-150300.4.23.1 * libfrrcares0-7.4-150300.4.23.1 * libfrrzmq0-7.4-150300.4.23.1 * frr-7.4-150300.4.23.1 * libfrrsnmp0-debuginfo-7.4-150300.4.23.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * libfrr_pb0-debuginfo-7.4-150300.4.23.1 * frr-debugsource-7.4-150300.4.23.1 * libfrrzmq0-debuginfo-7.4-150300.4.23.1 * libfrrgrpc_pb0-debuginfo-7.4-150300.4.23.1 * libfrrcares0-debuginfo-7.4-150300.4.23.1 * frr-devel-7.4-150300.4.23.1 * libfrrospfapiclient0-7.4-150300.4.23.1 * libmlag_pb0-7.4-150300.4.23.1 * libfrr0-debuginfo-7.4-150300.4.23.1 * libfrr0-7.4-150300.4.23.1 * libfrrfpm_pb0-debuginfo-7.4-150300.4.23.1 * libfrrospfapiclient0-debuginfo-7.4-150300.4.23.1 * frr-debuginfo-7.4-150300.4.23.1 * libfrrsnmp0-7.4-150300.4.23.1 * libmlag_pb0-debuginfo-7.4-150300.4.23.1 * libfrrfpm_pb0-7.4-150300.4.23.1 * libfrrgrpc_pb0-7.4-150300.4.23.1 * libfrr_pb0-7.4-150300.4.23.1 * libfrrcares0-7.4-150300.4.23.1 * libfrrzmq0-7.4-150300.4.23.1 * frr-7.4-150300.4.23.1 * libfrrsnmp0-debuginfo-7.4-150300.4.23.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * libfrr_pb0-debuginfo-7.4-150300.4.23.1 * frr-debugsource-7.4-150300.4.23.1 * libfrrzmq0-debuginfo-7.4-150300.4.23.1 * libfrrgrpc_pb0-debuginfo-7.4-150300.4.23.1 * libfrrcares0-debuginfo-7.4-150300.4.23.1 * frr-devel-7.4-150300.4.23.1 * libfrrospfapiclient0-7.4-150300.4.23.1 * libmlag_pb0-7.4-150300.4.23.1 * libfrr0-debuginfo-7.4-150300.4.23.1 * libfrr0-7.4-150300.4.23.1 * libfrrfpm_pb0-debuginfo-7.4-150300.4.23.1 * libfrrospfapiclient0-debuginfo-7.4-150300.4.23.1 * frr-debuginfo-7.4-150300.4.23.1 * libfrrsnmp0-7.4-150300.4.23.1 * libmlag_pb0-debuginfo-7.4-150300.4.23.1 * libfrrfpm_pb0-7.4-150300.4.23.1 * libfrrgrpc_pb0-7.4-150300.4.23.1 * libfrr_pb0-7.4-150300.4.23.1 * libfrrcares0-7.4-150300.4.23.1 * libfrrzmq0-7.4-150300.4.23.1 * frr-7.4-150300.4.23.1 * libfrrsnmp0-debuginfo-7.4-150300.4.23.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * libfrr_pb0-debuginfo-7.4-150300.4.23.1 * frr-debugsource-7.4-150300.4.23.1 * libfrrzmq0-debuginfo-7.4-150300.4.23.1 * libfrrgrpc_pb0-debuginfo-7.4-150300.4.23.1 * libfrrcares0-debuginfo-7.4-150300.4.23.1 * frr-devel-7.4-150300.4.23.1 * libfrrospfapiclient0-7.4-150300.4.23.1 * libmlag_pb0-7.4-150300.4.23.1 * libfrr0-debuginfo-7.4-150300.4.23.1 * libfrr0-7.4-150300.4.23.1 * libfrrfpm_pb0-debuginfo-7.4-150300.4.23.1 * libfrrospfapiclient0-debuginfo-7.4-150300.4.23.1 * frr-debuginfo-7.4-150300.4.23.1 * libfrrsnmp0-7.4-150300.4.23.1 * libmlag_pb0-debuginfo-7.4-150300.4.23.1 * libfrrfpm_pb0-7.4-150300.4.23.1 * libfrrgrpc_pb0-7.4-150300.4.23.1 * libfrr_pb0-7.4-150300.4.23.1 * libfrrcares0-7.4-150300.4.23.1 * libfrrzmq0-7.4-150300.4.23.1 * frr-7.4-150300.4.23.1 * libfrrsnmp0-debuginfo-7.4-150300.4.23.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * libfrr_pb0-debuginfo-7.4-150300.4.23.1 * frr-debugsource-7.4-150300.4.23.1 * libfrrzmq0-debuginfo-7.4-150300.4.23.1 * libfrrgrpc_pb0-debuginfo-7.4-150300.4.23.1 * libfrrcares0-debuginfo-7.4-150300.4.23.1 * frr-devel-7.4-150300.4.23.1 * libfrrospfapiclient0-7.4-150300.4.23.1 * libmlag_pb0-7.4-150300.4.23.1 * libfrr0-debuginfo-7.4-150300.4.23.1 * libfrr0-7.4-150300.4.23.1 * libfrrfpm_pb0-debuginfo-7.4-150300.4.23.1 * libfrrospfapiclient0-debuginfo-7.4-150300.4.23.1 * frr-debuginfo-7.4-150300.4.23.1 * libfrrsnmp0-7.4-150300.4.23.1 * libmlag_pb0-debuginfo-7.4-150300.4.23.1 * libfrrfpm_pb0-7.4-150300.4.23.1 * libfrrgrpc_pb0-7.4-150300.4.23.1 * libfrr_pb0-7.4-150300.4.23.1 * libfrrcares0-7.4-150300.4.23.1 * libfrrzmq0-7.4-150300.4.23.1 * frr-7.4-150300.4.23.1 * libfrrsnmp0-debuginfo-7.4-150300.4.23.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * libfrr_pb0-debuginfo-7.4-150300.4.23.1 * frr-debugsource-7.4-150300.4.23.1 * libfrrzmq0-debuginfo-7.4-150300.4.23.1 * libfrrgrpc_pb0-debuginfo-7.4-150300.4.23.1 * libfrrcares0-debuginfo-7.4-150300.4.23.1 * frr-devel-7.4-150300.4.23.1 * libfrrospfapiclient0-7.4-150300.4.23.1 * libmlag_pb0-7.4-150300.4.23.1 * libfrr0-debuginfo-7.4-150300.4.23.1 * libfrr0-7.4-150300.4.23.1 * libfrrfpm_pb0-debuginfo-7.4-150300.4.23.1 * libfrrospfapiclient0-debuginfo-7.4-150300.4.23.1 * frr-debuginfo-7.4-150300.4.23.1 * libfrrsnmp0-7.4-150300.4.23.1 * libmlag_pb0-debuginfo-7.4-150300.4.23.1 * libfrrfpm_pb0-7.4-150300.4.23.1 * libfrrgrpc_pb0-7.4-150300.4.23.1 * libfrr_pb0-7.4-150300.4.23.1 * libfrrcares0-7.4-150300.4.23.1 * libfrrzmq0-7.4-150300.4.23.1 * frr-7.4-150300.4.23.1 * libfrrsnmp0-debuginfo-7.4-150300.4.23.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * libfrr_pb0-debuginfo-7.4-150300.4.23.1 * frr-debugsource-7.4-150300.4.23.1 * libfrrzmq0-debuginfo-7.4-150300.4.23.1 * libfrrgrpc_pb0-debuginfo-7.4-150300.4.23.1 * libfrrcares0-debuginfo-7.4-150300.4.23.1 * frr-devel-7.4-150300.4.23.1 * libfrrospfapiclient0-7.4-150300.4.23.1 * libmlag_pb0-7.4-150300.4.23.1 * libfrr0-debuginfo-7.4-150300.4.23.1 * libfrr0-7.4-150300.4.23.1 * libfrrfpm_pb0-debuginfo-7.4-150300.4.23.1 * libfrrospfapiclient0-debuginfo-7.4-150300.4.23.1 * frr-debuginfo-7.4-150300.4.23.1 * libfrrsnmp0-7.4-150300.4.23.1 * libmlag_pb0-debuginfo-7.4-150300.4.23.1 * libfrrfpm_pb0-7.4-150300.4.23.1 * libfrrgrpc_pb0-7.4-150300.4.23.1 * libfrr_pb0-7.4-150300.4.23.1 * libfrrcares0-7.4-150300.4.23.1 * libfrrzmq0-7.4-150300.4.23.1 * frr-7.4-150300.4.23.1 * libfrrsnmp0-debuginfo-7.4-150300.4.23.1 * SUSE Manager Proxy 4.3 (x86_64) * libfrr_pb0-debuginfo-7.4-150300.4.23.1 * frr-debugsource-7.4-150300.4.23.1 * libfrrzmq0-debuginfo-7.4-150300.4.23.1 * libfrrgrpc_pb0-debuginfo-7.4-150300.4.23.1 * libfrrcares0-debuginfo-7.4-150300.4.23.1 * frr-devel-7.4-150300.4.23.1 * libfrrospfapiclient0-7.4-150300.4.23.1 * libmlag_pb0-7.4-150300.4.23.1 * libfrr0-debuginfo-7.4-150300.4.23.1 * libfrr0-7.4-150300.4.23.1 * libfrrfpm_pb0-debuginfo-7.4-150300.4.23.1 * libfrrospfapiclient0-debuginfo-7.4-150300.4.23.1 * frr-debuginfo-7.4-150300.4.23.1 * libfrrsnmp0-7.4-150300.4.23.1 * libmlag_pb0-debuginfo-7.4-150300.4.23.1 * libfrrfpm_pb0-7.4-150300.4.23.1 * libfrrgrpc_pb0-7.4-150300.4.23.1 * libfrr_pb0-7.4-150300.4.23.1 * libfrrcares0-7.4-150300.4.23.1 * libfrrzmq0-7.4-150300.4.23.1 * frr-7.4-150300.4.23.1 * libfrrsnmp0-debuginfo-7.4-150300.4.23.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * libfrr_pb0-debuginfo-7.4-150300.4.23.1 * frr-debugsource-7.4-150300.4.23.1 * libfrrzmq0-debuginfo-7.4-150300.4.23.1 * libfrrgrpc_pb0-debuginfo-7.4-150300.4.23.1 * libfrrcares0-debuginfo-7.4-150300.4.23.1 * frr-devel-7.4-150300.4.23.1 * libfrrospfapiclient0-7.4-150300.4.23.1 * libmlag_pb0-7.4-150300.4.23.1 * libfrr0-debuginfo-7.4-150300.4.23.1 * libfrr0-7.4-150300.4.23.1 * libfrrfpm_pb0-debuginfo-7.4-150300.4.23.1 * libfrrospfapiclient0-debuginfo-7.4-150300.4.23.1 * frr-debuginfo-7.4-150300.4.23.1 * libfrrsnmp0-7.4-150300.4.23.1 * libmlag_pb0-debuginfo-7.4-150300.4.23.1 * libfrrfpm_pb0-7.4-150300.4.23.1 * libfrrgrpc_pb0-7.4-150300.4.23.1 * libfrr_pb0-7.4-150300.4.23.1 * libfrrcares0-7.4-150300.4.23.1 * libfrrzmq0-7.4-150300.4.23.1 * frr-7.4-150300.4.23.1 * libfrrsnmp0-debuginfo-7.4-150300.4.23.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * libfrr_pb0-debuginfo-7.4-150300.4.23.1 * frr-debugsource-7.4-150300.4.23.1 * libfrrzmq0-debuginfo-7.4-150300.4.23.1 * libfrrgrpc_pb0-debuginfo-7.4-150300.4.23.1 * libfrrcares0-debuginfo-7.4-150300.4.23.1 * frr-devel-7.4-150300.4.23.1 * libfrrospfapiclient0-7.4-150300.4.23.1 * libmlag_pb0-7.4-150300.4.23.1 * libfrr0-debuginfo-7.4-150300.4.23.1 * libfrr0-7.4-150300.4.23.1 * libfrrfpm_pb0-debuginfo-7.4-150300.4.23.1 * libfrrospfapiclient0-debuginfo-7.4-150300.4.23.1 * frr-debuginfo-7.4-150300.4.23.1 * libfrrsnmp0-7.4-150300.4.23.1 * libmlag_pb0-debuginfo-7.4-150300.4.23.1 * libfrrfpm_pb0-7.4-150300.4.23.1 * libfrrgrpc_pb0-7.4-150300.4.23.1 * libfrr_pb0-7.4-150300.4.23.1 * libfrrcares0-7.4-150300.4.23.1 * libfrrzmq0-7.4-150300.4.23.1 * frr-7.4-150300.4.23.1 * libfrrsnmp0-debuginfo-7.4-150300.4.23.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * libfrr_pb0-debuginfo-7.4-150300.4.23.1 * frr-debugsource-7.4-150300.4.23.1 * libfrrzmq0-debuginfo-7.4-150300.4.23.1 * libfrrgrpc_pb0-debuginfo-7.4-150300.4.23.1 * libfrrcares0-debuginfo-7.4-150300.4.23.1 * frr-devel-7.4-150300.4.23.1 * libfrrospfapiclient0-7.4-150300.4.23.1 * libmlag_pb0-7.4-150300.4.23.1 * libfrr0-debuginfo-7.4-150300.4.23.1 * libfrr0-7.4-150300.4.23.1 * libfrrfpm_pb0-debuginfo-7.4-150300.4.23.1 * libfrrospfapiclient0-debuginfo-7.4-150300.4.23.1 * frr-debuginfo-7.4-150300.4.23.1 * libfrrsnmp0-7.4-150300.4.23.1 * libmlag_pb0-debuginfo-7.4-150300.4.23.1 * libfrrfpm_pb0-7.4-150300.4.23.1 * libfrrgrpc_pb0-7.4-150300.4.23.1 * libfrr_pb0-7.4-150300.4.23.1 * libfrrcares0-7.4-150300.4.23.1 * libfrrzmq0-7.4-150300.4.23.1 * frr-7.4-150300.4.23.1 * libfrrsnmp0-debuginfo-7.4-150300.4.23.1 ## References: * https://www.suse.com/security/cve/CVE-2024-31948.html * https://bugzilla.suse.com/show_bug.cgi?id=1222518 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Apr 30 16:30:04 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 30 Apr 2024 16:30:04 -0000 Subject: SUSE-SU-2024:0782-2: important: Security update for python311 Message-ID: <171449460401.1346.4922950181652648428@smelt2.prg2.suse.org> # Security update for python311 Announcement ID: SUSE-SU-2024:0782-2 Rating: important References: * bsc#1196025 * bsc#1210638 * bsc#1219666 Cross-References: * CVE-2022-25236 * CVE-2023-27043 * CVE-2023-6597 CVSS scores: * CVE-2022-25236 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2022-25236 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2023-27043 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2023-27043 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2023-6597 ( SUSE ): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * Public Cloud Module 15-SP4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves three vulnerabilities can now be installed. ## Description: This update for python311 fixes the following issues: * CVE-2023-6597: Fixed symlink bug in cleanup of tempfile.TemporaryDirectory (bsc#1219666). * CVE-2023-27043: Fixed incorrect e-mqil parsing (bsc#1210638). * CVE-2022-25236: Fixed an expat vulnerability by supporting expat >= 2.4.4 (bsc#1212015). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Public Cloud Module 15-SP4 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2024-782=1 ## Package List: * Public Cloud Module 15-SP4 (aarch64 ppc64le s390x x86_64) * python311-3.11.8-150400.9.23.1 * python311-base-3.11.8-150400.9.23.1 * libpython3_11-1_0-3.11.8-150400.9.23.1 ## References: * https://www.suse.com/security/cve/CVE-2022-25236.html * https://www.suse.com/security/cve/CVE-2023-27043.html * https://www.suse.com/security/cve/CVE-2023-6597.html * https://bugzilla.suse.com/show_bug.cgi?id=1196025 * https://bugzilla.suse.com/show_bug.cgi?id=1210638 * https://bugzilla.suse.com/show_bug.cgi?id=1219666 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Apr 30 16:30:50 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 30 Apr 2024 16:30:50 -0000 Subject: SUSE-SU-2024:1480-1: important: Security update for the Linux Kernel Message-ID: <171449465009.1346.2698573204513283272@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2024:1480-1 Rating: important References: * bsc#1194869 * bsc#1200465 * bsc#1205316 * bsc#1207948 * bsc#1209635 * bsc#1209657 * bsc#1212514 * bsc#1213456 * bsc#1214852 * bsc#1215221 * bsc#1215322 * bsc#1217339 * bsc#1217829 * bsc#1217959 * bsc#1217987 * bsc#1217988 * bsc#1217989 * bsc#1218321 * bsc#1218336 * bsc#1218479 * bsc#1218562 * bsc#1218643 * bsc#1218777 * bsc#1219169 * bsc#1219170 * bsc#1219264 * bsc#1219443 * bsc#1219834 * bsc#1220114 * bsc#1220176 * bsc#1220237 * bsc#1220251 * bsc#1220320 * bsc#1220325 * bsc#1220328 * bsc#1220337 * bsc#1220340 * bsc#1220365 * bsc#1220366 * bsc#1220393 * bsc#1220398 * bsc#1220411 * bsc#1220413 * bsc#1220433 * bsc#1220439 * bsc#1220443 * bsc#1220445 * bsc#1220466 * bsc#1220469 * bsc#1220478 * bsc#1220482 * bsc#1220484 * bsc#1220486 * bsc#1220487 * bsc#1220492 * bsc#1220703 * bsc#1220735 * bsc#1220736 * bsc#1220775 * bsc#1220790 * bsc#1220797 * bsc#1220831 * bsc#1220833 * bsc#1220836 * bsc#1220839 * bsc#1220840 * bsc#1220843 * bsc#1220845 * bsc#1220848 * bsc#1220870 * bsc#1220871 * bsc#1220872 * bsc#1220878 * bsc#1220879 * bsc#1220883 * bsc#1220885 * bsc#1220887 * bsc#1220898 * bsc#1220917 * bsc#1220918 * bsc#1220920 * bsc#1220921 * bsc#1220926 * bsc#1220927 * bsc#1220929 * bsc#1220930 * bsc#1220931 * bsc#1220932 * bsc#1220933 * bsc#1220937 * bsc#1220938 * bsc#1220940 * bsc#1220954 * bsc#1220955 * bsc#1220959 * bsc#1220960 * bsc#1220961 * bsc#1220965 * bsc#1220969 * bsc#1220978 * bsc#1220979 * bsc#1220981 * bsc#1220982 * bsc#1220983 * bsc#1220985 * bsc#1220986 * bsc#1220987 * bsc#1220989 * bsc#1220990 * bsc#1221009 * bsc#1221012 * bsc#1221015 * bsc#1221022 * bsc#1221039 * bsc#1221040 * bsc#1221044 * bsc#1221045 * bsc#1221046 * bsc#1221048 * bsc#1221055 * bsc#1221056 * bsc#1221058 * bsc#1221060 * bsc#1221061 * bsc#1221062 * bsc#1221066 * bsc#1221067 * bsc#1221068 * bsc#1221069 * bsc#1221070 * bsc#1221071 * bsc#1221077 * bsc#1221082 * bsc#1221090 * bsc#1221097 * bsc#1221156 * bsc#1221252 * bsc#1221273 * bsc#1221274 * bsc#1221276 * bsc#1221277 * bsc#1221291 * bsc#1221293 * bsc#1221298 * bsc#1221337 * bsc#1221338 * bsc#1221375 * bsc#1221379 * bsc#1221551 * bsc#1221553 * bsc#1221613 * bsc#1221614 * bsc#1221616 * bsc#1221618 * bsc#1221631 * bsc#1221633 * bsc#1221713 * bsc#1221725 * bsc#1221777 * bsc#1221814 * bsc#1221816 * bsc#1221830 * bsc#1221951 * bsc#1222033 * bsc#1222056 * bsc#1222060 * bsc#1222070 * bsc#1222073 * bsc#1222117 * bsc#1222274 * bsc#1222291 * bsc#1222300 * bsc#1222304 * bsc#1222317 * bsc#1222331 * bsc#1222355 * bsc#1222356 * bsc#1222360 * bsc#1222366 * bsc#1222373 * bsc#1222619 * bsc#1222952 * jsc#PED-5759 * jsc#PED-7167 * jsc#PED-7618 * jsc#PED-7619 Cross-References: * CVE-2021-46925 * CVE-2021-46926 * CVE-2021-46927 * CVE-2021-46929 * CVE-2021-46930 * CVE-2021-46931 * CVE-2021-46933 * CVE-2021-46934 * CVE-2021-46936 * CVE-2021-47082 * CVE-2021-47083 * CVE-2021-47087 * CVE-2021-47091 * CVE-2021-47093 * CVE-2021-47094 * CVE-2021-47095 * CVE-2021-47096 * CVE-2021-47097 * CVE-2021-47098 * CVE-2021-47099 * CVE-2021-47100 * CVE-2021-47101 * CVE-2021-47102 * CVE-2021-47104 * CVE-2021-47105 * CVE-2021-47107 * CVE-2021-47108 * CVE-2022-4744 * CVE-2022-48626 * CVE-2022-48627 * CVE-2022-48628 * CVE-2022-48629 * CVE-2022-48630 * CVE-2023-0160 * CVE-2023-28746 * CVE-2023-35827 * CVE-2023-4881 * CVE-2023-52447 * CVE-2023-52450 * CVE-2023-52453 * CVE-2023-52454 * CVE-2023-52462 * CVE-2023-52463 * CVE-2023-52467 * CVE-2023-52469 * CVE-2023-52470 * CVE-2023-52474 * CVE-2023-52476 * CVE-2023-52477 * CVE-2023-52481 * CVE-2023-52482 * CVE-2023-52484 * CVE-2023-52486 * CVE-2023-52492 * CVE-2023-52493 * CVE-2023-52494 * CVE-2023-52497 * CVE-2023-52500 * CVE-2023-52501 * CVE-2023-52502 * CVE-2023-52504 * CVE-2023-52507 * CVE-2023-52508 * CVE-2023-52509 * CVE-2023-52510 * CVE-2023-52511 * CVE-2023-52513 * CVE-2023-52515 * CVE-2023-52517 * CVE-2023-52518 * CVE-2023-52519 * CVE-2023-52520 * CVE-2023-52523 * CVE-2023-52524 * CVE-2023-52525 * CVE-2023-52528 * CVE-2023-52529 * CVE-2023-52530 * CVE-2023-52531 * CVE-2023-52532 * CVE-2023-52559 * CVE-2023-52563 * CVE-2023-52564 * CVE-2023-52566 * CVE-2023-52567 * CVE-2023-52569 * CVE-2023-52574 * CVE-2023-52575 * CVE-2023-52576 * CVE-2023-52582 * CVE-2023-52583 * CVE-2023-52587 * CVE-2023-52591 * CVE-2023-52594 * CVE-2023-52595 * CVE-2023-52597 * CVE-2023-52598 * CVE-2023-52599 * CVE-2023-52600 * CVE-2023-52601 * CVE-2023-52602 * CVE-2023-52603 * CVE-2023-52604 * CVE-2023-52605 * CVE-2023-52606 * CVE-2023-52607 * CVE-2023-52608 * CVE-2023-52612 * CVE-2023-52615 * CVE-2023-52617 * CVE-2023-52619 * CVE-2023-52621 * CVE-2023-52623 * CVE-2023-52628 * CVE-2023-52632 * CVE-2023-52637 * CVE-2023-52639 * CVE-2023-6270 * CVE-2023-6356 * CVE-2023-6535 * CVE-2023-6536 * CVE-2023-7042 * CVE-2023-7192 * CVE-2024-0841 * CVE-2024-2201 * CVE-2024-22099 * CVE-2024-23307 * CVE-2024-25739 * CVE-2024-25742 * CVE-2024-25743 * CVE-2024-26599 * CVE-2024-26600 * CVE-2024-26602 * CVE-2024-26607 * CVE-2024-26612 * CVE-2024-26614 * CVE-2024-26620 * CVE-2024-26627 * CVE-2024-26629 * CVE-2024-26642 * CVE-2024-26645 * CVE-2024-26646 * CVE-2024-26651 * CVE-2024-26654 * CVE-2024-26659 * CVE-2024-26664 * CVE-2024-26667 * CVE-2024-26670 * CVE-2024-26695 * CVE-2024-26717 CVSS scores: * CVE-2021-46925 ( SUSE ): 5.3 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46925 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46926 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46927 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46927 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46929 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2021-46929 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46930 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2021-46930 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46931 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46931 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46933 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2021-46933 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46934 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2021-46934 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N * CVE-2021-46936 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46936 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47082 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47083 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L * CVE-2021-47087 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2021-47091 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47093 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H * CVE-2021-47094 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2021-47095 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47096 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2021-47097 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2021-47099 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47100 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47101 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2021-47102 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47104 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2021-47105 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2021-47107 ( SUSE ): 6.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2021-47108 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-4744 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-4744 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48626 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2022-48626 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48627 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2022-48628 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L * CVE-2022-48629 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2022-48630 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-0160 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-0160 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-28746 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2023-35827 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-4881 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L * CVE-2023-4881 ( NVD ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2023-52447 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52447 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52450 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52450 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52454 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52454 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52462 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N * CVE-2023-52462 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2023-52463 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52463 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52467 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52467 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52469 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2023-52469 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52470 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52470 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52474 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N * CVE-2023-52474 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52476 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52477 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52482 ( SUSE ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2023-52484 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52486 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52492 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52493 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52494 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52497 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2023-52500 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2023-52501 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2023-52502 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52504 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52507 ( SUSE ): 5.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2023-52508 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52509 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52510 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52511 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52513 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52515 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52517 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52518 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52519 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52520 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52523 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52524 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52525 ( SUSE ): 3.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2023-52528 ( SUSE ): 3.5 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L * CVE-2023-52529 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52530 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52531 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52532 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52559 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52563 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52564 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52566 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52567 ( SUSE ): 2.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L * CVE-2023-52569 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52574 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52575 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52576 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52582 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52583 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52587 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52591 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2023-52594 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52595 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52597 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:H * CVE-2023-52598 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52603 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52605 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52606 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52607 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52608 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52612 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H * CVE-2023-52615 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52617 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52619 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52621 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52623 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52628 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52632 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52637 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52639 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6270 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6270 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6356 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6356 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6535 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6535 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6536 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6536 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-7042 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-7042 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-7192 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-7192 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0841 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0841 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-2201 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-22099 ( SUSE ): 5.3 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-22099 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-23307 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-25739 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-25739 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-25742 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-25743 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2024-26599 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L * CVE-2024-26599 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26600 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26600 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26602 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-26602 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26607 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26612 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26614 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26627 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26629 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-26642 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26645 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26646 ( SUSE ): 4.9 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2024-26651 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26654 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26659 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26664 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26667 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26670 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26695 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26717 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP5 * Development Tools Module 15-SP5 * Legacy Module 15-SP5 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Availability Extension 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Workstation Extension 15 SP5 An update that solves 150 vulnerabilities, contains four features and has 32 security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2021-46925: Fixed kernel panic caused by race of smc_sock (bsc#1220466). * CVE-2021-46926: Fixed bug when detecting controllers in ALSA/hda/intel-sdw- acpi (bsc#1220478). * CVE-2021-46927: Fixed assertion bug in nitro_enclaves: Use get_user_pages_unlocked() (bsc#1220443). * CVE-2021-46929: Fixed use-after-free issue in sctp_sock_dump() (bsc#1220482). * CVE-2021-46930: Fixed usb/mtu3 list_head check warning (bsc#1220484). * CVE-2021-46931: Fixed wrong type casting in mlx5e_tx_reporter_dump_sq() (bsc#1220486). * CVE-2021-46933: Fixed possible underflow in ffs_data_clear() (bsc#1220487). * CVE-2021-46934: Fixed a bug by validating user data in compat ioctl (bsc#1220469). * CVE-2021-46936: Fixed use-after-free in tw_timer_handler() (bsc#1220439). * CVE-2021-47082: Fixed ouble free in tun_free_netdev() (bsc#1220969). * CVE-2021-47083: Fixed a global-out-of-bounds issue in mediatek: (bsc#1220917). * CVE-2021-47087: Fixed incorrect page free bug in tee/optee (bsc#1220954). * CVE-2021-47091: Fixed locking in ieee80211_start_ap()) error path (bsc#1220959). * CVE-2021-47093: Fixed memleak on registration failure in intel_pmc_core (bsc#1220978). * CVE-2021-47094: Fixed possible memory leak in KVM x86/mmu (bsc#1221551). * CVE-2021-47095: Fixed missing initialization in ipmi/ssif (bsc#1220979). * CVE-2021-47096: Fixed uninitalized user_pversion in ALSA rawmidi (bsc#1220981). * CVE-2021-47097: Fixed stack out of bound access in elantech_change_report_id() (bsc#1220982). * CVE-2021-47098: Fixed integer overflow/underflow in hysteresis calculations hwmon: (lm90) (bsc#1220983). * CVE-2021-47099: Fixed BUG_ON assertion in veth when skb entering GRO are cloned (bsc#1220955). * CVE-2021-47100: Fixed UAF when uninstall in ipmi (bsc#1220985). * CVE-2021-47101: Fixed uninit-value in asix_mdio_read() (bsc#1220987). * CVE-2021-47102: Fixed incorrect structure access In line: upper = info->upper_dev in net/marvell/prestera (bsc#1221009). * CVE-2021-47104: Fixed memory leak in qib_user_sdma_queue_pkts() (bsc#1220960). * CVE-2021-47105: Fixed potential memory leak in ice/xsk (bsc#1220961). * CVE-2021-47107: Fixed READDIR buffer overflow in NFSD (bsc#1220965). * CVE-2021-47108: Fixed possible NULL pointer dereference for mtk_hdmi_conf in drm/mediatek (bsc#1220986). * CVE-2022-4744: Fixed double-free that could lead to DoS or privilege escalation in TUN/TAP device driver functionality (bsc#1209635). * CVE-2022-48626: Fixed a potential use-after-free on remove path moxart (bsc#1220366). * CVE-2022-48627: Fixed a memory overlapping when deleting chars in the buffer (bsc#1220845). * CVE-2022-48628: Fixed possible lock in ceph (bsc#1220848). * CVE-2022-48629: Fixed possible memory leak in qcom-rng (bsc#1220989). * CVE-2022-48630: Fixed infinite loop on requests not multiple of WORD_SZ in crypto: qcom-rng (bsc#1220990). * CVE-2023-0160: Fixed deadlock flaw in BPF that could allow a local user to potentially crash the system (bsc#1209657). * CVE-2023-28746: Fixed Register File Data Sampling (bsc#1213456). * CVE-2023-35827: Fixed a use-after-free issue in ravb_tx_timeout_work() (bsc#1212514). * CVE-2023-4881: Fixed a out-of-bounds write flaw in the netfilter subsystem that could lead to potential information disclosure or a denial of service (bsc#1215221). * CVE-2023-52447: Fixed map_fd_put_ptr() signature kABI workaround (bsc#1220251). * CVE-2023-52450: Fixed NULL pointer dereference issue in upi_fill_topology() (bsc#1220237). * CVE-2023-52453: Fixed data corruption in hisi_acc_vfio_pci (bsc#1220337). * CVE-2023-52454: Fixed a kernel panic when host sends an invalid H2C PDU length (bsc#1220320). * CVE-2023-52462: Fixed check for attempt to corrupt spilled pointer (bsc#1220325). * CVE-2023-52463: Fixed null pointer dereference in efivarfs (bsc#1220328). * CVE-2023-52467: Fixed a null pointer dereference in of_syscon_register (bsc#1220433). * CVE-2023-52469: Fixed a use-after-free in kv_parse_power_table (bsc#1220411). * CVE-2023-52470: Fixed null-ptr-deref in radeon_crtc_init() (bsc#1220413). * CVE-2023-52474: Fixed a vulnerability with non-PAGE_SIZE-end multi-iovec user SDMA requests (bsc#1220445). * CVE-2023-52476: Fixed possible unhandled page fault via perf sampling NMI during vsyscall (bsc#1220703). * CVE-2023-52477: Fixed USB Hub accesses to uninitialized BOS descriptors (bsc#1220790). * CVE-2023-52481: Fixed speculative unprivileged load in Cortex-A520 (bsc#1220887). * CVE-2023-52482: Fixed a bug by adding SRSO mitigation for Hygon processors (bsc#1220735). * CVE-2023-52484: Fixed a soft lockup triggered by arm_smmu_mm_invalidate_range (bsc#1220797). * CVE-2023-52486: Fixed possible use-after-free in drm (bsc#1221277). * CVE-2023-52492: Fixed a null-pointer-dereference in channel unregistration function __dma_async_device_channel_register() (bsc#1221276). * CVE-2023-52493: Fixed possible soft lockup in bus/mhi/host (bsc#1221274). * CVE-2023-52494: Fixed missing alignment check for event ring read pointer in bus/mhi/host (bsc#1221273). * CVE-2023-52497: Fixed data corruption in erofs (bsc#1220879). * CVE-2023-52500: Fixed information leaking when processing OPC_INB_SET_CONTROLLER_CONFIG command (bsc#1220883). * CVE-2023-52501: Fixed possible memory corruption in ring-buffer (bsc#1220885). * CVE-2023-52502: Fixed a race condition in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() (bsc#1220831). * CVE-2023-52504: Fixed possible out-of bounds in apply_alternatives() on a 5-level paging machine (bsc#1221553). * CVE-2023-52507: Fixed possible shift-out-of-bounds in nfc/nci (bsc#1220833). * CVE-2023-52508: Fixed null pointer dereference in nvme_fc_io_getuuid() (bsc#1221015). * CVE-2023-52509: Fixed a use-after-free issue in ravb_tx_timeout_work() (bsc#1220836). * CVE-2023-52510: Fixed a potential UAF in ca8210_probe() (bsc#1220898). * CVE-2023-52511: Fixed possible memory corruption in spi/sun6i (bsc#1221012). * CVE-2023-52513: Fixed connection failure handling in RDMA/siw (bsc#1221022). * CVE-2023-52515: Fixed possible use-after-free in RDMA/srp (bsc#1221048). * CVE-2023-52517: Fixed race between DMA RX transfer completion and RX FIFO drain in spi/sun6i (bsc#1221055). * CVE-2023-52518: Fixed information leak in bluetooth/hci_codec (bsc#1221056). * CVE-2023-52519: Fixed possible overflow in HID/intel-ish-hid/ipc (bsc#1220920). * CVE-2023-52520: Fixed reference leak in platform/x86/think-lmi (bsc#1220921). * CVE-2023-52523: Fixed wrong redirects to non-TCP sockets in bpf (bsc#1220926). * CVE-2023-52524: Fixed possible corruption in nfc/llcp (bsc#1220927). * CVE-2023-52525: Fixed out of bounds check mwifiex_process_rx_packet() (bsc#1220840). * CVE-2023-52528: Fixed uninit-value access in __smsc75xx_read_reg() (bsc#1220843). * CVE-2023-52529: Fixed a potential memory leak in sony_probe() (bsc#1220929). * CVE-2023-52530: Fixed a potential key use-after-free in wifi mac80211 (bsc#1220930). * CVE-2023-52531: Fixed a memory corruption issue in iwlwifi (bsc#1220931). * CVE-2023-52532: Fixed a bug in TX CQE error handling (bsc#1220932). * CVE-2023-52559: Fixed a bug by avoiding memory allocation in iommu_suspend (bsc#1220933). * CVE-2023-52563: Fixed memory leak on ->hpd_notify callback() in drm/meson (bsc#1220937). * CVE-2023-52564: Reverted invalid fix for UAF in gsm_cleanup_mux() (bsc#1220938). * CVE-2023-52566: Fixed potential use after free in nilfs_gccache_submit_read_data() (bsc#1220940). * CVE-2023-52567: Fixed possible Oops in serial/8250_port: when using IRQ polling (irq = 0) (bsc#1220839). * CVE-2023-52569: Fixed a bug in btrfs by remoning BUG() after failure to insert delayed dir index item (bsc#1220918). * CVE-2023-52574: Fixed a bug by hiding new member header_ops (bsc#1220870). * CVE-2023-52575: Fixed SBPB enablement for spec_rstack_overflow=off (bsc#1220871). * CVE-2023-52576: Fixed potential use after free in memblock_isolate_range() (bsc#1220872). * CVE-2023-52582: Fixed possible oops in netfs (bsc#1220878). * CVE-2023-52583: Fixed deadlock or deadcode of misusing dget() inside ceph (bsc#1221058). * CVE-2023-52587: Fixed mcast list locking in IB/ipoib (bsc#1221082). * CVE-2023-52591: Fixed a possible reiserfs filesystem corruption via directory renaming (bsc#1221044). * CVE-2023-52594: Fixed potential array-index-out-of-bounds read in ath9k_htc_txstatus() (bsc#1221045). * CVE-2023-52595: Fixed possible deadlock in wifi/rt2x00 (bsc#1221046). * CVE-2023-52597: Fixed a setting of fpc register in KVM (bsc#1221040). * CVE-2023-52598: Fixed wrong setting of fpc register in s390/ptrace (bsc#1221060). * CVE-2023-52599: Fixed array-index-out-of-bounds in diNewExt() in jfs (bsc#1221062). * CVE-2023-52600: Fixed uaf in jfs_evict_inode() (bsc#1221071). * CVE-2023-52601: Fixed array-index-out-of-bounds in dbAdjTree() in jfs (bsc#1221068). * CVE-2023-52602: Fixed slab-out-of-bounds Read in dtSearch() in jfs (bsc#1221070). * CVE-2023-52603: Fixed array-index-out-of-bounds in dtSplitRoot() (bsc#1221066). * CVE-2023-52604: Fixed array-index-out-of-bounds in dbAdjTree() (bsc#1221067). * CVE-2023-52605: Fixed a NULL pointer dereference check (bsc#1221039) * CVE-2023-52606: Fixed possible kernel stack corruption in powerpc/lib (bsc#1221069). * CVE-2023-52607: Fixed a null-pointer-dereference in pgtable_cache_add kasprintf() (bsc#1221061). * CVE-2023-52608: Fixed possible race condition in firmware/arm_scmi (bsc#1221375). * CVE-2023-52612: Fixed req->dst buffer overflow in crypto/scomp (bsc#1221616). * CVE-2023-52615: Fixed page fault dead lock on mmap-ed hwrng (bsc#1221614). * CVE-2023-52617: Fixed stdev_release() crash after surprise hot remove (bsc#1221613). * CVE-2023-52619: Fixed possible crash when setting number of cpus to an odd number in pstore/ram (bsc#1221618). * CVE-2023-52621: Fixed missing asserion in bpf (bsc#1222073). * CVE-2023-52623: Fixed suspicious RCU usage in SUNRPC (bsc#1222060). * CVE-2023-52628: Fixed 4-byte stack OOB write in nftables (bsc#1222117). * CVE-2023-52632: Fixed lock dependency warning with srcu in drm/amdkfd (bsc#1222274). * CVE-2023-52637: Fixed UAF in j1939_sk_match_filter() in can/k1939 (bsc#1222291). * CVE-2023-52639: Fixed race during shadow creation in KVM/s390/vsie Fixed (bsc#1222300). * CVE-2023-6270: Fixed a use-after-free issue in aoecmd_cfg_pkts (bsc#1218562). * CVE-2023-6356: Fixed a NULL pointer dereference in nvmet_tcp_build_pdu_iovec (bsc#1217987). * CVE-2023-6535: Fixed a NULL pointer dereference in nvmet_tcp_execute_request (bsc#1217988). * CVE-2023-6536: Fixed a NULL pointer dereference in __nvmet_req_complete (bsc#1217989). * CVE-2023-7042: Fixed a null-pointer-dereference in ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() (bsc#1218336). * CVE-2023-7192: Fixed a memory leak problem in ctnetlink_create_conntrack in net/netfilter/nf_conntrack_netlink.c (bsc#1218479). * CVE-2024-0841: Fixed a null pointer dereference in the hugetlbfs_fill_super function in hugetlbfs (HugeTLB pages) functionality (bsc#1219264). * CVE-2024-2201: Fixed information leak in x86/BHI (bsc#1217339). * CVE-2024-22099: Fixed a null-pointer-dereference in rfcomm_check_security (bsc#1219170). * CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5 modules (bsc#1219169). * CVE-2024-25739: Fixed possible crash in create_empty_lvol() in drivers/mtd/ubi/vtbl.c (bsc#1219834). * CVE-2024-25742: Fixed insufficient validation during #VC instruction emulation in x86/sev (bsc#1221725). * CVE-2024-25743: Fixed insufficient validation during #VC instruction emulation in x86/sev (bsc#1221725). * CVE-2024-26599: Fixed out-of-bounds access in of_pwm_single_xlate() (bsc#1220365). * CVE-2024-26600: Fixed NULL pointer dereference for SRP in phy-omap-usb2 (bsc#1220340). * CVE-2024-26602: Fixed overall slowdowns with sys_membarrier (bsc1220398). * CVE-2024-26607: Fixed a probing race issue in sii902x: (bsc#1220736). * CVE-2024-26612: Fixed Oops in fscache_put_cache() This function dereferences (bsc#1221291). * CVE-2024-26614: Fixed the initialization of accept_queue's spinlocks (bsc#1221293). * CVE-2024-26620: Fixed possible device model violation in s390/vfio-ap (bsc#1221298). * CVE-2024-26627: Fixed possible hard lockup in scsi (bsc#1221090). * CVE-2024-26629: Fixed possible protocol violation via RELEASE_LOCKOWNER in nfsd (bsc#1221379). * CVE-2024-26642: Fixed the set of anonymous timeout flag in netfilter nf_tables (bsc#1221830). * CVE-2024-26645: Fixed missing visibility when inserting an element into tracing_map (bsc#1222056). * CVE-2024-26646: Fixed potential memory corruption when resuming from suspend or hibernation in thermal/intel/hfi (bsc#1222070). * CVE-2024-26651: Fixed possible oops via malicious devices in sr9800 (bsc#1221337). * CVE-2024-26654: Fixed use after free in ALSA/sh/aica (bsc#1222304). * CVE-2024-26659: Fixed wrong handling of isoc Babble and Buffer Overrun events in xhci (bsc#1222317). * CVE-2024-26664: Fixed out-of-bounds memory access in create_core_data() in hwmon coretemp (bsc#1222355). * CVE-2024-26667: Fixed null pointer reference in dpu_encoder_helper_phys_cleanup in drm/msm/dpu (bsc#1222331). * CVE-2024-26670: Fixed ARM64_WORKAROUND_SPECULATIVE_UNPRIV_LOAD workaround in kernel arm64 (bsc#1222356). * CVE-2024-26695: Fixed null pointer dereference in __sev_platform_shutdown_locked in crypto ccp (bsc#1222373). * CVE-2024-26717: Fixed null pointer dereference on failed power up in HID i2c-hid-of (bsc#1222360). The following non-security bugs were fixed: * acpi: CPPC: enable AMD CPPC V2 support for family 17h processors (git- fixes). * acpi: processor_idle: Fix memory leak in acpi_processor_power_exit() (git- fixes). * acpi: resource: Add Infinity laptops to irq1_edge_low_force_override (stable-fixes). * acpi: resource: Add MAIBENBEN X577 to irq1_edge_low_force_override (git- fixes). * acpi: resource: Do IRQ override on Lunnen Ground laptops (stable-fixes). * acpi: scan: Fix device check notification handling (git-fixes). * acpica: debugger: check status of acpi_evaluate_object() in acpi_db_walk_for_fields() (git-fixes). * alsa: aaci: Delete unused variable in aaci_do_suspend (git-fixes). * alsa: aoa: avoid false-positive format truncation warning (git-fixes). * alsa: aw2: avoid casting function pointers (git-fixes). * alsa: ctxfi: avoid casting function pointers (git-fixes). * alsa: hda/realtek - ALC285 reduce pop noise from Headphone port (stable- fixes). * alsa: hda/realtek - Add Headset Mic supported Acer NB platform (stable- fixes). * alsa: hda/realtek - Fix headset Mic no show at resume back for Lenovo ALC897 platform (git-fixes). * alsa: hda/realtek: Enable Mute LED on HP 840 G8 (MB 8AB8) (git-fixes). * alsa: hda/realtek: Update Panasonic CF-SZ6 quirk to support headset with microphone (git-fixes). * alsa: hda/realtek: fix ALC285 issues on HP Envy x360 laptops (stable-fixes). * alsa: hda/realtek: fix mute/micmute LED For HP mt440 (git-fixes). * alsa: hda/realtek: fix mute/micmute LEDs for HP EliteBook (stable-fixes). * alsa: seq: fix function cast warnings (git-fixes). * alsa: sh: aica: reorder cleanup operations to avoid UAF bugs (git-fixes). * alsa: usb-audio: Stop parsing channels bits when all channels are found (git-fixes). * arm64: dts: allwinner: h6: add rx dma channel for spdif (git-fixes) * arm64: dts: broadcom: bcmbca: bcm4908: drop invalid switch cells (git-fixes) * arm64: dts: imx8mm-kontron: add support for ultra high speed modes on (git- fixes) * arm64: dts: imx8mm-venice-gw71xx: fix usb otg vbus (git-fixes) * arm64: dts: marvell: reorder crypto interrupts on armada socs (git-fixes) * arm64: dts: rockchip: add es8316 codec for rock pi 4 (git-fixes) * arm64: dts: rockchip: add spdif node for rock pi 4 (git-fixes) * arm64: dts: rockchip: fix regulator name on rk3399-rock-4 (git-fixes) * arm64: dts: rockchip: set num-cs property for spi on px30 (git-fixes) * arm64: mm: fix va-range sanity check (git-fixes) * arm64: set __exception_irq_entry with __irq_entry as a default (git-fixes) * asoc: Intel: bytcr_rt5640: Add an extra entry for the Chuwi Vi8 tablet (stable-fixes). * asoc: amd: acp: Add missing error handling in sof-mach (git-fixes). * asoc: amd: acp: fix for acp_init function error handling (git-fixes). * asoc: madera: Fix typo in madera_set_fll_clks shift value (git-fixes). * asoc: meson: Use dev_err_probe() helper (stable-fixes). * asoc: meson: aiu: fix function pointer type mismatch (git-fixes). * asoc: meson: axg-tdm-interface: add frame rate constraint (git-fixes). * asoc: meson: axg-tdm-interface: fix mclk setup without mclk-fs (git-fixes). * asoc: meson: t9015: fix function pointer type mismatch (git-fixes). * asoc: ops: Fix wraparound for mask in snd_soc_get_volsw (git-fixes). * asoc: rcar: adg: correct TIMSEL setting for SSI9 (git-fixes). * asoc: rt5645: Make LattePanda board DMI match more precise (stable-fixes). * asoc: rt5682-sdw: fix locking sequence (git-fixes). * asoc: rt711-sdca: fix locking sequence (git-fixes). * asoc: rt711-sdw: fix locking sequence (git-fixes). * asoc: wm8962: Enable both SPKOUTR_ENA and SPKOUTL_ENA in mono mode (stable- fixes). * asoc: wm8962: Enable oscillator if selecting WM8962_FLL_OSC (stable-fixes). * asoc: wm8962: Fix up incorrect error message in wm8962_set_fll (stable- fixes). * ata: sata_mv: fix pci device id table declaration compilation warning (git- fixes). * ata: sata_sx4: fix pdc20621_get_from_dimm() on 64-bit (git-fixes). * backlight: da9052: fully initialize backlight_properties during probe (git- fixes). * backlight: lm3630a: do not set bl->props.brightness in get_brightness (git- fixes). * backlight: lm3630a: initialize backlight_properties on init (git-fixes). * backlight: lm3639: fully initialize backlight_properties during probe (git- fixes). * backlight: lp8788: fully initialize backlight_properties during probe (git- fixes). * blocklayoutdriver: fix reference leak of pnfs_device_node (git-fixes). * bluetooth: Remove HCI_POWER_OFF_TIMEOUT (git-fixes). * bluetooth: Remove superfluous call to hci_conn_check_pending() (git-fixes). * bluetooth: hci_core: Fix possible buffer overflow (git-fixes). * bluetooth: mgmt: Remove leftover queuing of power_off work (git-fixes). * bluetooth: rfcomm: Fix null-ptr-deref in rfcomm_check_security (stable- fixes). * bpf, scripts: correct gpl license name (git-fixes). * bpf, sockmap: fix preempt_rt splat when using raw_spin_lock_t (git-fixes). * can: softing: remove redundant null check (git-fixes). * clk: zynq: prevent null pointer dereference caused by kmalloc failure (git- fixes). * comedi: comedi_test: prevent timers rescheduling during deletion (git- fixes). * coresight: etm4x: do not access trcidr1 for identification (bsc#1220775) * coresight: etm4x: fix accesses to trcseqrstevr and trcseqstr (bsc#1220775) * coresight: etm: override trcidr3.ccitmin on errata affected cpus (bsc#1220775) * cpufreq: amd-pstate: fix min_perf assignment in amd_pstate_adjust_perf() (git-fixes). * cpufreq: brcmstb-avs-cpufreq: add check for cpufreq_cpu_get's return value (git-fixes). * crypto: arm/sha - fix function cast warnings (git-fixes). * crypto: qat - avoid division by zero (git-fixes). * crypto: qat - fix deadlock in backlog processing (git-fixes). * crypto: qat - fix double free during reset (git-fixes). * crypto: qat - fix state machines cleanup paths (bsc#1218321). * crypto: qat - fix unregistration of compression algorithms (git-fixes). * crypto: qat - fix unregistration of crypto algorithms (git-fixes). * crypto: qat - ignore subsequent state up commands (git-fixes). * crypto: qat - increase size of buffers (git-fixes). * crypto: qat - resolve race condition during aer recovery (git-fixes). * crypto: xilinx - call finalize with bh disabled (git-fixes). * doc-guide: kernel-doc: tell about object-like macros (git-fixes). * doc/readme.suse: update information about module support status (jsc#ped-5759) * drivers: hv: vmbus: Calculate ring buffer size for more efficient use of memory (git-fixes). * drm/amd/display: add fams validation before trying to use it (git-fixes). * drm/amd/display: add fb_damage_clips support (git-fixes). * drm/amd/display: add function for validate and update new stream (git- fixes). * drm/amd/display: add odm case when looking for first split pipe (git-fixes). * drm/amd/display: always switch off odm before committing more streams (git- fixes). * drm/amd/display: avoid abm when odm combine is enabled for edp (git-fixes). * drm/amd/display: blocking invalid 420 modes on hdmi tmds for dcn31 (git- fixes). * drm/amd/display: check if link state is valid (git-fixes). * drm/amd/display: clean code-style issues in dcn30_set_mpc_shaper_3dlut (git- fixes). * drm/amd/display: copy dc context in the commit streams (git-fixes). * drm/amd/display: dc.h: eliminate kernel-doc warnings (git-fixes). * drm/amd/display: disable psr-su on parade 0803 tcon again (git-fixes). * drm/amd/display: enable fast plane updates on dcn3.2 and above (git-fixes). * drm/amd/display: enable new commit sequence only for dcn32x (git-fixes). * drm/amd/display: ensure async flips are only accepted for fast updates (git- fixes). * drm/amd/display: exit idle optimizations before attempt to access phy (git- fixes). * drm/amd/display: expand kernel doc for dc (git-fixes). * drm/amd/display: fix a bug when searching for insert_above_mpcc (git-fixes). * drm/amd/display: fix a null pointer dereference in amdgpu_dm_i2c_xfer() (git-fixes). * drm/amd/display: fix a potential buffer overflow in 'dp_dsc_clock_en_read()' (git-fixes). * drm/amd/display: fix abm disablement (git-fixes). * drm/amd/display: fix dc/core/dc.c kernel-doc (git-fixes). * drm/amd/display: fix hw rotated modes when psr-su is enabled (git-fixes). * drm/amd/display: fix kernel-doc issues in dc.h (git-fixes). * drm/amd/display: fix possible underflow for displays with large vblank (git- fixes). * drm/amd/display: fix the delta clamping for shaper lut (git-fixes). * drm/amd/display: fix unbounded requesting for high pixel rate modes on dcn315 (git-fixes). * drm/amd/display: fix underflow issue on 175hz timing (git-fixes). * drm/amd/display: for prefetch mode > 0, extend prefetch if possible (git- fixes). * drm/amd/display: guard against invalid rptr/wptr being set (git-fixes). * drm/amd/display: guard dcn31 phyd32clk logic against chip family (git- fixes). * drm/amd/display: handle range offsets in vrr ranges (stable-fixes). * drm/amd/display: handle seamless boot stream (git-fixes). * drm/amd/display: handle virtual hardware detect (git-fixes). * drm/amd/display: include surface of unaffected streams (git-fixes). * drm/amd/display: include udelay when waiting for inbox0 ack (git-fixes). * drm/amd/display: increase frame warning limit with kasan or kcsan in dml (git-fixes). * drm/amd/display: keep phy active for dp config (git-fixes). * drm/amd/display: perform a bounds check before filling dirty rectangles (git-fixes). * drm/amd/display: prevent vtotal from being set to 0 (git-fixes). * drm/amd/display: remove min_dst_y_next_start check for z8 (git-fixes). * drm/amd/display: restore rptr/wptr for dmcub as workaround (git-fixes). * drm/amd/display: return the correct hdcp error code (stable-fixes). * drm/amd/display: revert vblank change that causes null pointer crash (git- fixes). * drm/amd/display: rework comments on dc file (git-fixes). * drm/amd/display: rework context change check (git-fixes). * drm/amd/display: set minimum requirement for using psr-su on phoenix (git- fixes). * drm/amd/display: set minimum requirement for using psr-su on rembrandt (git- fixes). * drm/amd/display: set per pipe dppclk to 0 when dpp is off (git-fixes). * drm/amd/display: update correct dcn314 register header (git-fixes). * drm/amd/display: update extended blank for dcn314 onwards (git-fixes). * drm/amd/display: update min z8 residency time to 2100 for dcn314 (git- fixes). * drm/amd/display: update otg instance in the commit stream (git-fixes). * drm/amd/display: use dram speed from validation for dummy p-state (git- fixes). * drm/amd/display: use dtbclk as refclk instead of dprefclk (git-fixes). * drm/amd/display: use low clocks for no plane configs (git-fixes). * drm/amd/display: use min transition for all subvp plane add/remove (git- fixes). * drm/amd/display: write to correct dirty_rect (git-fixes). * drm/amd/display: wrong colorimetry workaround (git-fixes). * drm/amd/pm: fix a memleak in aldebaran_tables_init (git-fixes). * drm/amd/pm: fix error of maco flag setting code (git-fixes). * drm/amd/smu: use averagegfxclkfrequency* to replace previous gfx curr clock (git-fixes). * drm/amd: enable pcie pme from d3 (git-fixes). * drm/amdgpu/pm: fix the error of pwm1_enable setting (stable-fixes). * drm/amdgpu/pm: make gfxclock consistent for sienna cichlid (git-fixes). * drm/amdgpu/pm: make mclk consistent for smu 13.0.7 (git-fixes). * drm/amdgpu/smu13: drop compute workload workaround (git-fixes). * drm/amdgpu: amdgpu_ttm_gart_bind set gtt bound flag (stable-fixes). * drm/amdgpu: enable gpu reset for s3 abort cases on raven series (stable- fixes). * drm/amdgpu: fix missing break in atom_arg_imm case of atom_get_src_int() (git-fixes). * drm/amdgpu: force order between a read and write to the same address (git- fixes). * drm/amdgpu: lower cs errors to debug severity (git-fixes). * drm/amdgpu: match against exact bootloader status (git-fixes). * drm/amdgpu: unset context priority is now invalid (git-fixes). * drm/amdgpu: update min() to min_t() in 'amdgpu_info_ioctl' (git-fixes). * drm/amdkfd: fix tlb flush after unmap for gfx9.4.2 (stable-fixes). * drm/bridge: tc358762: instruct dsi host to generate hse packets (git-fixes). * drm/display: fix typo (git-fixes). * drm/edid: add quirk for osvr hdk 2.0 (git-fixes). * drm/etnaviv: restore some id values (git-fixes). * drm/exynos: do not return negative values from .get_modes() (stable-fixes). * drm/exynos: fix a possible null-pointer dereference due to data race in exynos_drm_crtc_atomic_disable() (git-fixes). * drm/i915/bios: tolerate devdata==null in intel_bios_encoder_supports_dp_dual_mode() (stable-fixes). * drm/i915/gt: do not generate the command streamer for all the ccs (git- fixes). * drm/i915/gt: reset queue_priority_hint on parking (git-fixes). * drm/i915/gt: use i915_vm_put on ppgtt_create error paths (git-fixes). * drm/i915/selftests: fix dependency of some timeouts on hz (git-fixes). * drm/i915: add missing ccs documentation (git-fixes). * drm/i915: call intel_pre_plane_updates() also for pipes getting enabled (git-fixes). * drm/i915: check before removing mm notifier (git-fixes). * drm/lima: fix a memleak in lima_heap_alloc (git-fixes). * drm/mediatek: dsi: fix dsi rgb666 formats and definitions (git-fixes). * drm/mediatek: fix a null pointer crash in mtk_drm_crtc_finish_page_flip (git-fixes). * drm/msm/dpu: add division of drm_display_mode's hskew parameter (git-fixes). * drm/msm/dpu: fix the programming of intf_cfg2_data_hctl_en (git-fixes). * drm/msm/dpu: improve dsc allocation (git-fixes). * drm/msm/dpu: only enable dsc_mode_multiplex if dsc_merge is enabled (git- fixes). * drm/panel-edp: use put_sync in unprepare (git-fixes). * drm/panel: auo,b101uan08.3: fine tune the panel power sequence (git-fixes). * drm/panel: boe-tv101wum-nl6: fine tune the panel power sequence (git-fixes). * drm/panel: do not return negative error codes from drm_panel_get_modes() (stable-fixes). * drm/panel: move aux b116xw03 out of panel-edp back to panel-simple (git- fixes). * drm/panfrost: fix power transition timeout warnings (git-fixes). * drm/probe-helper: warn about negative .get_modes() (stable-fixes). * drm/qxl: remove unused `count` variable from `qxl_surface_id_alloc()` (git- fixes). * drm/qxl: remove unused variable from `qxl_process_single_command()` (git- fixes). * drm/radeon/ni: fix wrong firmware size logging in ni_init_microcode() (git- fixes). * drm/radeon/ni_dpm: remove redundant null check (git-fixes). * drm/radeon: remove dead code in ni_mc_load_microcode() (git-fixes). * drm/rockchip: dsi: clean up 'usage_mode' when failing to attach (git-fixes). * drm/rockchip: inno_hdmi: fix video timing (git-fixes). * drm/rockchip: lvds: do not overwrite error code (git-fixes). * drm/rockchip: lvds: do not print scary message when probing defer (git- fixes). * drm/tegra: dpaux: fix pm disable depth imbalance in tegra_dpaux_probe (git- fixes). * drm/tegra: dsi: add missing check for of_find_device_by_node (git-fixes). * drm/tegra: dsi: fix missing pm_runtime_disable() in the error handling path of tegra_dsi_probe() (git-fixes). * drm/tegra: dsi: fix some error handling paths in tegra_dsi_probe() (git- fixes). * drm/tegra: dsi: make use of the helper function dev_err_probe() (stable- fixes). * drm/tegra: hdmi: convert to devm_platform_ioremap_resource() (stable-fixes). * drm/tegra: hdmi: fix some error handling paths in tegra_hdmi_probe() (git- fixes). * drm/tegra: output: fix missing i2c_put_adapter() in the error handling paths of tegra_output_probe() (git-fixes). * drm/tegra: put drm_gem_object ref on error in tegra_fb_create (git-fixes). * drm/tegra: rgb: fix missing clk_put() in the error handling paths of tegra_dc_rgb_probe() (git-fixes). * drm/tegra: rgb: fix some error handling paths in tegra_dc_rgb_probe() (git- fixes). * drm/tidss: fix initial plane zpos values (git-fixes). * drm/tidss: fix sync-lost issue with two displays (git-fixes). * drm/ttm: do not leak a resource on eviction error (git-fixes). * drm/ttm: do not print error message if eviction was interrupted (git-fixes). * drm/vc4: add module dependency on hdmi-codec (git-fixes). * drm/vmwgfx: create debugfs ttm_resource_manager entry only if needed (git- fixes). * drm/vmwgfx: fix a memleak in vmw_gmrid_man_get_node (git-fixes). * drm/vmwgfx: fix possible null pointer derefence with invalid contexts (git- fixes). * drm: do not treat 0 as -1 in drm_fixp2int_ceil (git-fixes). * drm: fix drm_fixp2int_round() making it add 0.5 (git-fixes). * drm: panel-orientation-quirks: add quirk for acer switch v 10 (sw5-017) (git-fixes). * firewire: core: use long bus reset on gap count error (stable-fixes). * fix "coresight: etm4x: Change etm4_platform_driver driver for MMIO devices" (bsc#1220775) * hid: amd_sfh: Update HPD sensor structure elements (git-fixes). * hid: lenovo: Add middleclick_workaround sysfs knob for cptkbd (git-fixes). * hid: multitouch: Add required quirk for Synaptics 0xcddc device (stable- fixes). * hv_netvsc: calculate correct ring size when page_size is not 4 kbytes (git- fixes). * hv_netvsc: fix race condition between netvsc_probe and netvsc_remove (git- fixes). * hv_netvsc: register vf in netvsc_probe if net_device_register missed (git- fixes). * i2c: aspeed: fix the dummy irq expected print (git-fixes). * i2c: i801: avoid potential double call to gpiod_remove_lookup_table (git- fixes). * i2c: wmt: fix an error handling path in wmt_i2c_probe() (git-fixes). * ib/ipoib: Fix mcast list locking (git-fixes) * iio: dummy_evgen: remove excess kernel-doc comments (git-fixes). * iio: pressure: dlhl60d: initialize empty dlh bytes (git-fixes). * input: gpio_keys_polled - suppress deferred probe error for gpio (stable- fixes). * input: i8042 - add Fujitsu Lifebook E5411 to i8042 quirk table (git-fixes). * input: i8042 - add Fujitsu Lifebook U728 to i8042 quirk table (git-fixes). * input: i8042 - add quirk for Fujitsu Lifebook A574/H (git-fixes). * input: i8042 - fix strange behavior of touchpad on Clevo NS70PU (git-fixes). * input: pm8941-powerkey - fix debounce on gen2+ PMICs (git-fixes). * input: pm8941-pwrkey - add software key press debouncing support (git- fixes). * input: pm8941-pwrkey - add support for PON GEN3 base addresses (git-fixes). * input: synaptics-rmi4 - fix UAF of IRQ domain on driver removal (git-fixes). * input: xpad - add Lenovo Legion Go controllers (git-fixes). * iommu/amd: mark interrupt as managed (git-fixes). * iommu/dma: trace bounce buffer usage when mapping buffers (git-fixes). * iommu/mediatek-v1: fix an error handling path in mtk_iommu_v1_probe() (git- fixes). * iommu/mediatek: fix forever loop in error handling (git-fixes). * iommu/vt-d: allow to use flush-queue when first level is default (git- fixes). * iommu/vt-d: do not issue ats invalidation request when device is disconnected (git-fixes). * iommu/vt-d: fix pasid directory pointer coherency (git-fixes). * iommu/vt-d: set no execute enable bit in pasid table entry (git-fixes). * kabi: pci: add locking to rmw pci express capability register accessors (kabi). * kconfig: fix infinite loop when expanding a macro at the end of file (git- fixes). * kvm: s390: only deliver the set service event bits (git-fixes bsc#1221631). * lan78xx: enable auto speed configuration for lan7850 if no eeprom is detected (git-commit). * leds: aw2013: unlock mutex before destroying it (git-fixes). * lib/cmdline: fix an invalid format specifier in an assertion msg (git- fixes). * make nvidiA Grace-Hopper TPM related drivers build-ins (bsc#1221156) * md/raid10: check slab-out-of-bounds in md_bitmap_get_counter (git-fixes). * md/raid5: release batch_last before waiting for another stripe_head (git- fixes). * md/raid6: use valid sector values to determine if an i/o should wait on the reshape (git-fixes). * md: do not ignore suspended array in md_check_recovery() (git-fixes). * md: do not leave 'md_recovery_frozen' in error path of md_set_readonly() (git-fixes). * md: fix data corruption for raid456 when reshape restart while grow up (git- fixes). * md: introduce md_ro_state (git-fixes). * md: make sure md_do_sync() will set md_recovery_done (git-fixes). * md: whenassemble the array, consult the superblock of the freshest device (git-fixes). * media: dvb-frontends: avoid stack overflow warnings with clang (git-fixes). * media: edia: dvbdev: fix a use-after-free (git-fixes). * media: em28xx: annotate unchecked call to media_device_register() (git- fixes). * media: go7007: add check of return value of go7007_read_addr() (git-fixes). * media: go7007: fix a memleak in go7007_load_encoder (git-fixes). * media: imx: csc/scaler: fix v4l2_ctrl_handler memory leak (git-fixes). * media: pvrusb2: fix pvr2_stream_callback casts (git-fixes). * media: pvrusb2: fix uaf in pvr2_context_set_notify (git-fixes). * media: pvrusb2: remove redundant null check (git-fixes). * media: staging: ipu3-imgu: set fields before media_entity_pads_init() (git- fixes). * media: sun8i-di: fix chroma difference threshold (git-fixes). * media: sun8i-di: fix coefficient writes (git-fixes). * media: sun8i-di: fix power on/off sequences (git-fixes). * media: tc358743: register v4l2 async device only after successful setup (git-fixes). * media: ttpci: fix two memleaks in budget_av_attach (git-fixes). * media: usbtv: remove useless locks in usbtv_video_free() (git-fixes). * media: v4l2-mem2mem: fix a memleak in v4l2_m2m_register_entity (git-fixes). * media: v4l2-tpg: fix some memleaks in tpg_alloc (git-fixes). * media: xc4000: fix atomicity violation in xc4000_get_frequency (git-fixes). * mfd: altera-sysmgr: call of_node_put() only when of_parse_phandle() takes a ref (git-fixes). * mfd: syscon: call of_node_put() only when of_parse_phandle() takes a ref (git-fixes). * mm,page_owner: Defer enablement of static branch (bsc#1222366). * mm,page_owner: check for null stack_record before bumping its refcount (bsc#1222366). * mm,page_owner: drop unnecessary check (bsc#1222366). * mm,page_owner: fix accounting of pages when migrating (bsc#1222366). * mm,page_owner: fix printing of stack records (bsc#1222366). * mm,page_owner: fix recursion (bsc#1222366). * mm,page_owner: fix refcount imbalance (bsc#1222366). * mm,page_owner: update metadata for tail pages (bsc#1222366). * mm/vmalloc: huge vmalloc backing pages should be split rather than compound (bsc#1217829). * mmc: core: avoid negative index with array access (git-fixes). * mmc: core: fix switch on gp3 partition (git-fixes). * mmc: core: initialize mmc_blk_ioc_data (git-fixes). * mmc: mmci: stm32: fix dma api overlapping mappings warning (git-fixes). * mmc: mmci: stm32: use a buffer for unaligned dma requests (git-fixes). * mmc: tmio: avoid concurrent runs of mmc_request_done() (git-fixes). * mmc: wmt-sdmmc: remove an incorrect release_mem_region() call in the .remove function (git-fixes). * mtd: maps: physmap-core: fix flash size larger than 32-bit (git-fixes). * mtd: rawnand: lpc32xx_mlc: fix irq handler prototype (git-fixes). * mtd: rawnand: meson: fix scrambling mode value in command macro (git-fixes). * net/bnx2x: prevent access to a freed page in page_pool (bsc#1215322). * net/x25: fix incorrect parameter validation in the x25_getsockopt() function (git-fixes). * net: fix features skip in for_each_netdev_feature() (git-fixes). * net: lan78xx: fix runtime pm count underflow on link stop (git-fixes). * net: ll_temac: platform_get_resource replaced by wrong function (git-fixes). * net: mana: fix rx dma datasize and skb_over_panic (git-fixes). * net: phy: fix phy_get_internal_delay accessing an empty array (git-fixes). * net: sunrpc: fix an off by one in rpc_sockaddr2uaddr() (git-fixes). * net: usb: dm9601: fix wrong return value in dm9601_mdio_read (git-fixes). * nfc: nci: fix uninit-value in nci_dev_up and nci_ntf_packet (git-fixes). * nfs: fix an off by one in root_nfs_cat() (git-fixes). * nfs: rename nfs_client_kset to nfs_kset (git-fixes). * nfsd: change LISTXATTRS cookie encoding to big-endian (git-fixes). * nfsd: convert the callback workqueue to use delayed_work (git-fixes). * nfsd: do not take fi_lock in nfsd_break_deleg_cb() (git-fixes). * nfsd: fix LISTXATTRS returning a short list with eof=TRUE (git-fixes). * nfsd: fix LISTXATTRS returning more bytes than maxcount (git-fixes). * nfsd: fix file memleak on client_opens_release (git-fixes). * nfsd: fix nfsd4_listxattr_validate_cookie (git-fixes). * nfsd: lock_rename() needs both directories to live on the same fs (git- fixes). * nfsd: reschedule CB operations when backchannel rpc_clnt is shut down (git- fixes). * nfsd: reset cb_seq_status after NFS4ERR_DELAY (git-fixes). * nfsd: retransmit callbacks after client reconnects (git-fixes). * nfsd: use vfs setgid helper (git-fixes). * nfsv4.1/pnfs: Ensure we handle the error NFS4ERR_RETURNCONFLICT (git-fixes). * nfsv4.1: fix SP4_MACH_CRED protection for pnfs IO (git-fixes). * nfsv4.1: fixup use EXCHGID4_FLAG_USE_PNFS_DS for DS server (git-fixes). * nfsv4.1: use EXCHGID4_FLAG_USE_PNFS_DS for DS server (git-fixes). * nfsv4.2: fix listxattr maximum XDR buffer size (git-fixes). * nfsv4.2: fix nfs4_listxattr kernel BUG at mm/usercopy.c:102 (git-fixes). * nfsv4.2: fix wrong shrinker_id (git-fixes). * nfsv4: fix a nfs4_state_manager() race (git-fixes). * nfsv4: fix a state manager thread deadlock regression (git-fixes). * nilfs2: fix failure to detect dat corruption in btree and direct mappings (git-fixes). * nilfs2: prevent kernel bug at submit_bh_wbc() (git-fixes). * nouveau/dmem: handle kcalloc() allocation failure (git-fixes). * nouveau: reset the bo resource bus info after an eviction (git-fixes). * ntfs: fix use-after-free in ntfs_ucsncmp() (bsc#1221713). * nvme-fc: do not wait in vain when unloading module (git-fixes). * nvme: fix reconnection fail due to reserved tag allocation (git-fixes). * nvmet-fc: abort command when there is no binding (git-fixes). * nvmet-fc: avoid deadlock on delete association path (git-fixes). * nvmet-fc: defer cleanup using rcu properly (git-fixes). * nvmet-fc: hold reference on hostport match (git-fixes). * nvmet-fc: release reference on target port (git-fixes). * nvmet-fc: take ref count on tgtport before delete assoc (git-fixes). * nvmet-fcloop: swap the list_add_tail arguments (git-fixes). * nvmet-tcp: fix nvme tcp ida memory leak (git-fixes). * pci/aer: fix rootport attribute paths in ABI docs (git-fixes). * pci/aspm: Use RMW accessors for changing LNKCTL (git-fixes). * pci/dpc: print all TLP Prefixes, not just the first (git-fixes). * pci/msi: prevent MSI hardware interrupt number truncation (bsc#1218777) * pci/p2pdma: Fix a sleeping issue in a RCU read section (git-fixes). * pci: add locking to RMW PCI Express Capability Register accessors (git- fixes). * pci: dwc: Fix a 64bit bug in dw_pcie_ep_raise_msix_irq() (git-fixes). * pci: dwc: endpoint: Fix advertised resizable BAR size (git-fixes). * pci: dwc: endpoint: Fix dw_pcie_ep_raise_msix_irq() alignment support (git- fixes). * pci: fu740: Set the number of MSI vectors (git-fixes). * pci: lengthen reset delay for VideoPropulsion Torrent QN16e card (git- fixes). * pci: make link retraining use RMW accessors for changing LNKCTL (git-fixes). * pci: mark 3ware-9650SE Root Port Extended Tags as broken (git-fixes). * pci: mediatek-gen3: Fix translation window size calculation (git-fixes). * pci: mediatek: Clear interrupt status before dispatching handler (git- fixes). * pci: qcom: Enable BDF to SID translation properly (git-fixes). * pci: qcom: Use DWC helpers for modifying the read-only DBI registers (git- fixes). * pci: rockchip: Do not advertise MSI-X in PCIe capabilities (git-fixes). * pci: rockchip: Fix window mapping and address translation for endpoint (git- fixes). * pci: rockchip: Use 64-bit mask on MSI 64-bit PCI address (git-fixes). * pci: switchtec: Fix an error handling path in switchtec_pci_probe() (git- fixes). * pinctrl: mediatek: drop bogus slew rate register range for mt8192 (git- fixes). * platform/mellanox: mlxreg-hotplug: Remove redundant NULL-check (git-fixes). * pm: suspend: Set mem_sleep_current during kernel command line setup (git- fixes). * pnfs/flexfiles: check the layout validity in ff_layout_mirror_prepare_stats (git-fixes). * pnfs: fix a hang in nfs4_evict_inode() (git-fixes). * pnfs: fix the pnfs block driver's calculation of layoutget size (git-fixes). * powerpc/64s: POWER10 CPU Kconfig build option (bsc#1194869). * powerpc/boot: Disable power10 features after BOOTAFLAGS assignment (bsc#1194869). * powerpc/boot: Fix boot wrapper code generation with CONFIG_POWER10_CPU (bsc#1194869). * powerpc/lib/sstep: Do not use __{get/put}_user() on kernel addresses (bsc#1194869). * powerpc/lib/sstep: Remove unneeded #ifdef **powerpc64** (bsc#1194869). * powerpc/lib/sstep: Use l1_dcache_bytes() instead of opencoding (bsc#1194869). * powerpc/lib/sstep: use truncate_if_32bit() (bsc#1194869). * powerpc/pseries/iommu: IOMMU table is not initialized for kdump over SR-IOV (bsc#1220492 ltc#205270). * powerpc/pseries: Fix potential memleak in papr_get_attr() (bsc#1200465 ltc#197256 jsc#SLE-18130 git-fixes). * powerpc/sstep: Use bitwise instead of arithmetic operator for flags (bsc#1194869). * powerpc: add compile-time support for lbarx, lharx (bsc#1194869). * pwm: mediatek: Update kernel doc for struct pwm_mediatek_of_data (git- fixes). * qedf: Do not process stag work during unload (bsc#1214852). * qedf: Wait for stag work during unload (bsc#1214852). * raid1: fix use-after-free for original bio in raid1_write_request() (bsc#1221097). * ras/amd/fmpm: Add debugfs interface to print record entries (jsc#PED-7619). * ras/amd/fmpm: Avoid NULL ptr deref in get_saved_records() (jsc#PED-7619). * ras/amd/fmpm: Fix build when debugfs is not enabled (jsc#PED-7619). * ras/amd/fmpm: Fix off by one when unwinding on error (jsc#PED-7619). * ras/amd/fmpm: Safely handle saved records of various sizes (jsc#PED-7619). * ras/amd/fmpm: Save SPA values (jsc#PED-7619). * ras: Avoid build errors when CONFIG_DEBUG_FS=n (git-fixes). * ras: export helper to get ras_debugfs_dir (jsc#PED-7619). * rdma/device: fix a race between mad_client and cm_client init (git-fixes) * rdma/hns: fix mis-modifying default congestion control algorithm (git-fixes) * rdma/ipoib: fix error code return in ipoib_mcast_join (git-fixes) * rdma/irdma: remove duplicate assignment (git-fixes) * rdma/mana_ib: fix bug in creation of dma regions (git-fixes). * rdma/mlx5: fix fortify source warning while accessing eth segment (git- fixes) * rdma/mlx5: relax devx access upon modify commands (git-fixes) * rdma/rtrs-clt: check strnlen return len in sysfs mpath_policy_store() (git- fixes) * rdma/srpt: do not register event handler until srpt device is fully setup (git-fixes) * revert "drm/amd: disable psr-su on parade 0803 tcon" (git-fixes). * revert "drm/amd: disable s/g for apus when 64gb or more host memory" (git- fixes). * revert "drm/amdgpu/display: change pipe policy for dcn 2.0" (git-fixes). * revert "drm/amdgpu/display: change pipe policy for dcn 2.1" (git-fixes). * revert "drm/vc4: hdmi: enforce the minimum rate at runtime_resume" (git- fixes). * revert "fbdev: flush deferred io before closing (git-fixes)." (bsc#1221814) * revert "pci: tegra194: enable support for 256 byte payload" (git-fixes). * revert "revert "drm/amdgpu/display: change pipe policy for dcn 2.0"" (git- fixes). * revert "sunrpc dont update timeout value on connection reset" (git-fixes). * ring-buffer: Clean ring_buffer_poll_wait() error return (git-fixes). * rtc: mt6397: select IRQ_DOMAIN instead of depending on it (git-fixes). * s390/pai: fix attr_event_free upper limit for pai device drivers (git-fixes bsc#1221633). * s390/vfio-ap: realize the VFIO_DEVICE_GET_IRQ_INFO ioctl (bsc#1205316). * s390/vfio-ap: realize the VFIO_DEVICE_SET_IRQS ioctl (bsc#1205316). * s390/vfio-ap: wire in the vfio_device_ops request callback (bsc#1205316). * s390/vtime: fix average steal time calculation (git-fixes bsc#1221951). * sched/rt: Disallow writing invalid values to sched_rt_period_us (bsc#1220176). * sched/rt: sysctl_sched_rr_timeslice show default timeslice after reset (bsc#1220176). * scsi: lpfc: Correct size for cmdwqe/rspwqe for memset() (bsc#1221777). * scsi: lpfc: Correct size for wqe for memset() (bsc#1221777). * scsi: lpfc: Define lpfc_dmabuf type for ctx_buf ptr (bsc#1221777). * scsi: lpfc: Define lpfc_nodelist type for ctx_ndlp ptr (bsc#1221777). * scsi: lpfc: Define types in a union for generic void *context3 ptr (bsc#1221777). * scsi: lpfc: Move NPIV's transport unregistration to after resource clean up (bsc#1221777). * scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up() (bsc#1221777). * scsi: lpfc: Remove IRQF_ONESHOT flag from threaded IRQ handling (bsc#1221777 bsc#1217959). * scsi: lpfc: Remove unnecessary log message in queuecommand path (bsc#1221777). * scsi: lpfc: Replace hbalock with ndlp lock in lpfc_nvme_unregister_port() (bsc#1221777). * scsi: lpfc: Update lpfc version to 14.4.0.1 (bsc#1221777). * scsi: lpfc: Update lpfc_ramp_down_queue_handler() logic (bsc#1221777). * scsi: lpfc: Use a dedicated lock for ras_fwlog state (bsc#1221777). * scsi: qedf: Remove set but unused variable 'page' (bsc#1214852). * scsi: qedf: Remove unused 'num_handled' variable (bsc#1214852). * scsi: qedf: Remove unused declaration (bsc#1214852). * scsi: qla2xxx: Change debug message during driver unload (bsc1221816). * scsi: qla2xxx: Delay I/O Abort on PCI error (bsc1221816). * scsi: qla2xxx: Fix N2N stuck connection (bsc1221816). * scsi: qla2xxx: Fix command flush on cable pull (bsc1221816). * scsi: qla2xxx: Fix double free of fcport (bsc1221816). * scsi: qla2xxx: Fix double free of the ha->vp_map pointer (bsc1221816). * scsi: qla2xxx: NVME|FCP prefer flag not being honored (bsc1221816). * scsi: qla2xxx: Prevent command send on chip reset (bsc1221816). * scsi: qla2xxx: Split FCE|EFT trace control (bsc1221816). * scsi: qla2xxx: Update manufacturer detail (bsc1221816). * scsi: qla2xxx: Update version to 10.02.09.200-k (bsc1221816). * scsi: storvsc: Fix ring buffer size calculation (git-fixes). * scsi: target: core: Silence the message about unknown VPD pages (bsc#1221252). * selftests/bpf: add generic BPF program tester-loader (bsc#1222033). * serial: 8250_exar: Do not remove GPIO device on suspend (git-fixes). * serial: max310x: fix syntax error in IRQ error message (git-fixes). * slimbus: core: Remove usage of the deprecated ida_simple_xx() API (git- fixes). * soc: fsl: qbman: Always disable interrupts when taking cgr_lock (git-fixes). * spi: lm70llp: fix links in doc and comments (git-fixes). * spi: spi-mt65xx: Fix NULL pointer access in interrupt handler (git-fixes). * sr9800: Add check for usbnet_get_endpoints (git-fixes). * stackdepot: rename pool_index to pool_index_plus_1 (git-fixes). * staging: vc04_services: fix information leak in create_component() (git- fixes). * sunrpc: add an is_err() check back to where it was (git-fixes). * sunrpc: econnreset might require a rebind (git-fixes). * sunrpc: fix a memleak in gss_import_v2_context (git-fixes). * sunrpc: fix a suspicious rcu usage warning (git-fixes). * sunrpc: fix rpc client cleaned up the freed pipefs dentries (git-fixes). * sunrpc: fix some memleaks in gssx_dec_option_array (git-fixes). * svcrdma: Drop connection after an RDMA Read error (git-fixes). * topology/sysfs: Hide PPIN on systems that do not support it (jsc#PED-7618). * topology: Fix up build warning in topology_is_visible() (jsc#PED-7618). * tracing/probes: Fix to show a parse error for bad type for $comm (git- fixes). * tracing: Fix wasted memory in saved_cmdlines logic (git-fixes). * tracing: Inform kmemleak of saved_cmdlines allocation (git-fixes). * tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc (bsc#1222619). * tty: serial: fsl_lpuart: avoid idle preamble pending if CTS is enabled (git- fixes). * tty: serial: samsung: fix tx_empty() to return TIOCSER_TEMT (git-fixes). * tty: vt: fix 20 vs 0x20 typo in EScsiignore (git-fixes). * ubifs: Queue up space reservation tasks if retrying many times (git-fixes). * ubifs: Remove unreachable code in dbg_check_ltab_lnum (git-fixes). * ubifs: Set page uptodate in the correct place (git-fixes). * ubifs: dbg_check_idx_size: Fix kmemleak if loading znode failed (git-fixes). * ubifs: fix sort function prototype (git-fixes). * usb: audio-v2: Correct comments for struct uac_clock_selector_descriptor (git-fixes). * usb: cdc-wdm: close race between read and workqueue (git-fixes). * usb: core: fix deadlock in usb_deauthorize_interface() (git-fixes). * usb: dwc2: gadget: Fix exiting from clock gating (git-fixes). * usb: dwc2: gadget: LPM flow fix (git-fixes). * usb: dwc2: host: Fix ISOC flow in DDMA mode (git-fixes). * usb: dwc2: host: Fix hibernation flow (git-fixes). * usb: dwc2: host: Fix remote wakeup from hibernation (git-fixes). * usb: dwc3: Properly set system wakeup (git-fixes). * usb: f_mass_storage: forbid async queue when shutdown happen (git-fixes). * usb: gadget: ncm: Fix handling of zero block length packets (git-fixes). * usb: gadget: net2272: Use irqflags in the call to net2272_probe_fin (git- fixes). * usb: hub: Replace hardcoded quirk value with BIT() macro (git-fixes). * usb: port: Do not try to peer unused USB ports based on location (git- fixes). * usb: typec: Return size of buffer if pd_set operation succeeds (git-fixes). * usb: typec: ucsi: Check for notifications after init (git-fixes). * usb: typec: ucsi: Clean up UCSI_CABLE_PROP macros (git-fixes). * usb: typec: ucsi: Clear EVENT_PENDING under PPM lock (git-fixes). * usb: usb-storage: prevent divide-by-0 error in isd200_ata_command (git- fixes). * usb: xhci: Add error handling in xhci_map_urb_for_dma (git-fixes). * vboxsf: Avoid an spurious warning if load_nls_xxx() fails (git-fixes). * vt: fix unicode buffer corruption when deleting characters (git-fixes). * watchdog: stm32_iwdg: initialize default timeout (git-fixes). * wifi: ath10k: fix NULL pointer dereference in ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() (git-fixes). * wifi: ath11k: decrease MHI channel buffer length to 8KB (bsc#1207948). * wifi: ath11k: initialize rx_mcs_80 and rx_mcs_160 before use (git-fixes). * wifi: ath9k: delay all of ath9k_wmi_event_tasklet() until init is complete (git-fixes). * wifi: b43: Disable QoS for bcm4331 (git-fixes). * wifi: b43: Stop correct queue in DMA worker when QoS is disabled (git- fixes). * wifi: b43: Stop/wake correct queue in DMA Tx path when QoS is disabled (git- fixes). * wifi: b43: Stop/wake correct queue in PIO Tx path when QoS is disabled (git- fixes). * wifi: brcmfmac: fix copyright year mentioned in platform_data header (git- fixes). * wifi: brcmsmac: avoid function pointer casts (git-fixes). * wifi: iwlwifi: dbg-tlv: ensure NUL termination (git-fixes). * wifi: iwlwifi: fix EWRD table validity check (git-fixes). * wifi: iwlwifi: fw: do not always use FW dump trig (git-fixes). * wifi: iwlwifi: mvm: do not set replay counters to 0xff (git-fixes). * wifi: iwlwifi: mvm: report beacon protection failures (git-fixes). * wifi: iwlwifi: mvm: rfi: fix potential response leaks (git-fixes). * wifi: iwlwifi: mvm: use FW rate for non-data only on new devices (git- fixes). * wifi: libertas: fix some memleaks in lbs_allocate_cmd_buffer() (git-fixes). * wifi: mwifiex: debugfs: Drop unnecessary error check for debugfs_create_dir() (git-fixes). * wifi: rtl8xxxu: add cancel_work_sync() for c2hcmd_work (git-fixes). * wifi: rtw88: 8821c: Fix false alarm count (git-fixes). * wifi: wilc1000: fix RCU usage in connect path (git-fixes). * wifi: wilc1000: fix declarations ordering (stable-fixes). * wifi: wilc1000: fix multi-vif management when deleting a vif (git-fixes). * wifi: wilc1000: prevent use-after-free on vif when cleaning up all interfaces (git-fixes). * x86/CPU/AMD: Update the Zenbleed microcode revisions (git-fixes). * x86/bugs: Fix the SRSO mitigation on Zen3/4 (git-fixes). * x86/fpu: Keep xfd_state in sync with MSR_IA32_XFD (git-fixes). * xhci: handle isoc Babble and Buffer Overrun events properly (git-fixes). * xhci: process isoc TD properly when there was a transaction error mid TD (git-fixes). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-1480=1 openSUSE-SLE-15.5-2024-1480=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-1480=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-1480=1 * Development Tools Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2024-1480=1 * Legacy Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Legacy-15-SP5-2024-1480=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-1480=1 Please note that this is the initial kernel livepatch without fixes itself, this package is later updated by separate standalone kernel livepatch updates. * SUSE Linux Enterprise High Availability Extension 15 SP5 zypper in -t patch SUSE-SLE-Product-HA-15-SP5-2024-1480=1 * SUSE Linux Enterprise Workstation Extension 15 SP5 zypper in -t patch SUSE-SLE-Product-WE-15-SP5-2024-1480=1 ## Package List: * openSUSE Leap 15.5 (noarch nosrc) * kernel-docs-5.14.21-150500.55.59.1 * openSUSE Leap 15.5 (noarch) * kernel-docs-html-5.14.21-150500.55.59.1 * kernel-source-5.14.21-150500.55.59.1 * kernel-devel-5.14.21-150500.55.59.1 * kernel-source-vanilla-5.14.21-150500.55.59.1 * kernel-macros-5.14.21-150500.55.59.1 * openSUSE Leap 15.5 (nosrc ppc64le x86_64) * kernel-debug-5.14.21-150500.55.59.1 * openSUSE Leap 15.5 (ppc64le x86_64) * kernel-debug-devel-debuginfo-5.14.21-150500.55.59.1 * kernel-debug-livepatch-devel-5.14.21-150500.55.59.1 * kernel-debug-debugsource-5.14.21-150500.55.59.1 * kernel-debug-devel-5.14.21-150500.55.59.1 * kernel-debug-debuginfo-5.14.21-150500.55.59.1 * openSUSE Leap 15.5 (x86_64) * kernel-default-vdso-debuginfo-5.14.21-150500.55.59.1 * kernel-kvmsmall-vdso-5.14.21-150500.55.59.1 * kernel-debug-vdso-5.14.21-150500.55.59.1 * kernel-default-vdso-5.14.21-150500.55.59.1 * kernel-kvmsmall-vdso-debuginfo-5.14.21-150500.55.59.1 * kernel-debug-vdso-debuginfo-5.14.21-150500.55.59.1 * openSUSE Leap 15.5 (aarch64 ppc64le x86_64) * kernel-default-base-5.14.21-150500.55.59.1.150500.6.25.7 * kernel-kvmsmall-livepatch-devel-5.14.21-150500.55.59.1 * kernel-kvmsmall-devel-5.14.21-150500.55.59.1 * kernel-kvmsmall-debugsource-5.14.21-150500.55.59.1 * kernel-kvmsmall-devel-debuginfo-5.14.21-150500.55.59.1 * kernel-default-base-rebuild-5.14.21-150500.55.59.1.150500.6.25.7 * kernel-kvmsmall-debuginfo-5.14.21-150500.55.59.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * kernel-syms-5.14.21-150500.55.59.1 * gfs2-kmp-default-debuginfo-5.14.21-150500.55.59.1 * kernel-default-optional-debuginfo-5.14.21-150500.55.59.1 * dlm-kmp-default-5.14.21-150500.55.59.1 * kselftests-kmp-default-5.14.21-150500.55.59.1 * kernel-default-extra-5.14.21-150500.55.59.1 * kernel-default-optional-5.14.21-150500.55.59.1 * kernel-obs-build-debugsource-5.14.21-150500.55.59.1 * dlm-kmp-default-debuginfo-5.14.21-150500.55.59.1 * kernel-default-debugsource-5.14.21-150500.55.59.1 * cluster-md-kmp-default-5.14.21-150500.55.59.1 * ocfs2-kmp-default-debuginfo-5.14.21-150500.55.59.1 * kernel-default-devel-debuginfo-5.14.21-150500.55.59.1 * reiserfs-kmp-default-5.14.21-150500.55.59.1 * kselftests-kmp-default-debuginfo-5.14.21-150500.55.59.1 * cluster-md-kmp-default-debuginfo-5.14.21-150500.55.59.1 * kernel-default-debuginfo-5.14.21-150500.55.59.1 * kernel-default-extra-debuginfo-5.14.21-150500.55.59.1 * gfs2-kmp-default-5.14.21-150500.55.59.1 * reiserfs-kmp-default-debuginfo-5.14.21-150500.55.59.1 * kernel-default-devel-5.14.21-150500.55.59.1 * kernel-obs-build-5.14.21-150500.55.59.1 * kernel-default-livepatch-devel-5.14.21-150500.55.59.1 * ocfs2-kmp-default-5.14.21-150500.55.59.1 * kernel-obs-qa-5.14.21-150500.55.59.1 * kernel-default-livepatch-5.14.21-150500.55.59.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-5.14.21-150500.55.59.1 * openSUSE Leap 15.5 (aarch64 nosrc ppc64le x86_64) * kernel-kvmsmall-5.14.21-150500.55.59.1 * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_59-default-debuginfo-1-150500.11.7.1 * kernel-livepatch-5_14_21-150500_55_59-default-1-150500.11.7.1 * kernel-livepatch-SLE15-SP5_Update_12-debugsource-1-150500.11.7.1 * openSUSE Leap 15.5 (nosrc s390x) * kernel-zfcpdump-5.14.21-150500.55.59.1 * openSUSE Leap 15.5 (s390x) * kernel-zfcpdump-debugsource-5.14.21-150500.55.59.1 * kernel-zfcpdump-debuginfo-5.14.21-150500.55.59.1 * openSUSE Leap 15.5 (nosrc) * dtb-aarch64-5.14.21-150500.55.59.1 * openSUSE Leap 15.5 (aarch64) * dlm-kmp-64kb-5.14.21-150500.55.59.1 * dtb-sprd-5.14.21-150500.55.59.1 * dtb-qcom-5.14.21-150500.55.59.1 * dtb-socionext-5.14.21-150500.55.59.1 * reiserfs-kmp-64kb-debuginfo-5.14.21-150500.55.59.1 * dtb-allwinner-5.14.21-150500.55.59.1 * dtb-nvidia-5.14.21-150500.55.59.1 * dtb-lg-5.14.21-150500.55.59.1 * reiserfs-kmp-64kb-5.14.21-150500.55.59.1 * dtb-exynos-5.14.21-150500.55.59.1 * kselftests-kmp-64kb-5.14.21-150500.55.59.1 * kernel-64kb-devel-debuginfo-5.14.21-150500.55.59.1 * kernel-64kb-debugsource-5.14.21-150500.55.59.1 * dtb-apm-5.14.21-150500.55.59.1 * dtb-amlogic-5.14.21-150500.55.59.1 * kernel-64kb-extra-debuginfo-5.14.21-150500.55.59.1 * cluster-md-kmp-64kb-debuginfo-5.14.21-150500.55.59.1 * kernel-64kb-devel-5.14.21-150500.55.59.1 * ocfs2-kmp-64kb-debuginfo-5.14.21-150500.55.59.1 * dlm-kmp-64kb-debuginfo-5.14.21-150500.55.59.1 * dtb-freescale-5.14.21-150500.55.59.1 * dtb-arm-5.14.21-150500.55.59.1 * dtb-marvell-5.14.21-150500.55.59.1 * dtb-hisilicon-5.14.21-150500.55.59.1 * dtb-cavium-5.14.21-150500.55.59.1 * kernel-64kb-optional-5.14.21-150500.55.59.1 * kernel-64kb-optional-debuginfo-5.14.21-150500.55.59.1 * kselftests-kmp-64kb-debuginfo-5.14.21-150500.55.59.1 * kernel-64kb-debuginfo-5.14.21-150500.55.59.1 * gfs2-kmp-64kb-debuginfo-5.14.21-150500.55.59.1 * kernel-64kb-livepatch-devel-5.14.21-150500.55.59.1 * dtb-rockchip-5.14.21-150500.55.59.1 * dtb-altera-5.14.21-150500.55.59.1 * dtb-broadcom-5.14.21-150500.55.59.1 * dtb-amd-5.14.21-150500.55.59.1 * dtb-xilinx-5.14.21-150500.55.59.1 * dtb-amazon-5.14.21-150500.55.59.1 * kernel-64kb-extra-5.14.21-150500.55.59.1 * ocfs2-kmp-64kb-5.14.21-150500.55.59.1 * gfs2-kmp-64kb-5.14.21-150500.55.59.1 * dtb-mediatek-5.14.21-150500.55.59.1 * dtb-renesas-5.14.21-150500.55.59.1 * cluster-md-kmp-64kb-5.14.21-150500.55.59.1 * dtb-apple-5.14.21-150500.55.59.1 * openSUSE Leap 15.5 (aarch64 nosrc) * kernel-64kb-5.14.21-150500.55.59.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 nosrc s390x x86_64) * kernel-default-5.14.21-150500.55.59.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 x86_64) * kernel-default-base-5.14.21-150500.55.59.1.150500.6.25.7 * SUSE Linux Enterprise Micro 5.5 (aarch64 s390x x86_64) * kernel-default-debuginfo-5.14.21-150500.55.59.1 * kernel-default-debugsource-5.14.21-150500.55.59.1 * Basesystem Module 15-SP5 (aarch64 nosrc) * kernel-64kb-5.14.21-150500.55.59.1 * Basesystem Module 15-SP5 (aarch64) * kernel-64kb-debuginfo-5.14.21-150500.55.59.1 * kernel-64kb-devel-5.14.21-150500.55.59.1 * kernel-64kb-devel-debuginfo-5.14.21-150500.55.59.1 * kernel-64kb-debugsource-5.14.21-150500.55.59.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-5.14.21-150500.55.59.1 * Basesystem Module 15-SP5 (aarch64 ppc64le x86_64) * kernel-default-base-5.14.21-150500.55.59.1.150500.6.25.7 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * kernel-default-devel-debuginfo-5.14.21-150500.55.59.1 * kernel-default-debuginfo-5.14.21-150500.55.59.1 * kernel-default-devel-5.14.21-150500.55.59.1 * kernel-default-debugsource-5.14.21-150500.55.59.1 * Basesystem Module 15-SP5 (noarch) * kernel-devel-5.14.21-150500.55.59.1 * kernel-macros-5.14.21-150500.55.59.1 * Basesystem Module 15-SP5 (nosrc s390x) * kernel-zfcpdump-5.14.21-150500.55.59.1 * Basesystem Module 15-SP5 (s390x) * kernel-zfcpdump-debugsource-5.14.21-150500.55.59.1 * kernel-zfcpdump-debuginfo-5.14.21-150500.55.59.1 * Development Tools Module 15-SP5 (noarch nosrc) * kernel-docs-5.14.21-150500.55.59.1 * Development Tools Module 15-SP5 (aarch64 ppc64le s390x x86_64) * kernel-obs-build-debugsource-5.14.21-150500.55.59.1 * kernel-syms-5.14.21-150500.55.59.1 * kernel-obs-build-5.14.21-150500.55.59.1 * Development Tools Module 15-SP5 (noarch) * kernel-source-5.14.21-150500.55.59.1 * Legacy Module 15-SP5 (nosrc) * kernel-default-5.14.21-150500.55.59.1 * Legacy Module 15-SP5 (aarch64 ppc64le s390x x86_64) * reiserfs-kmp-default-debuginfo-5.14.21-150500.55.59.1 * kernel-default-debuginfo-5.14.21-150500.55.59.1 * reiserfs-kmp-default-5.14.21-150500.55.59.1 * kernel-default-debugsource-5.14.21-150500.55.59.1 * SUSE Linux Enterprise Live Patching 15-SP5 (nosrc) * kernel-default-5.14.21-150500.55.59.1 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-default-debugsource-5.14.21-150500.55.59.1 * kernel-livepatch-SLE15-SP5_Update_12-debugsource-1-150500.11.7.1 * kernel-default-livepatch-devel-5.14.21-150500.55.59.1 * kernel-livepatch-5_14_21-150500_55_59-default-debuginfo-1-150500.11.7.1 * kernel-livepatch-5_14_21-150500_55_59-default-1-150500.11.7.1 * kernel-default-debuginfo-5.14.21-150500.55.59.1 * kernel-default-livepatch-5.14.21-150500.55.59.1 * SUSE Linux Enterprise High Availability Extension 15 SP5 (aarch64 ppc64le s390x x86_64) * gfs2-kmp-default-debuginfo-5.14.21-150500.55.59.1 * dlm-kmp-default-debuginfo-5.14.21-150500.55.59.1 * kernel-default-debugsource-5.14.21-150500.55.59.1 * cluster-md-kmp-default-5.14.21-150500.55.59.1 * gfs2-kmp-default-5.14.21-150500.55.59.1 * ocfs2-kmp-default-debuginfo-5.14.21-150500.55.59.1 * dlm-kmp-default-5.14.21-150500.55.59.1 * ocfs2-kmp-default-5.14.21-150500.55.59.1 * cluster-md-kmp-default-debuginfo-5.14.21-150500.55.59.1 * kernel-default-debuginfo-5.14.21-150500.55.59.1 * SUSE Linux Enterprise High Availability Extension 15 SP5 (nosrc) * kernel-default-5.14.21-150500.55.59.1 * SUSE Linux Enterprise Workstation Extension 15 SP5 (nosrc) * kernel-default-5.14.21-150500.55.59.1 * SUSE Linux Enterprise Workstation Extension 15 SP5 (x86_64) * kernel-default-debuginfo-5.14.21-150500.55.59.1 * kernel-default-extra-5.14.21-150500.55.59.1 * kernel-default-debugsource-5.14.21-150500.55.59.1 * kernel-default-extra-debuginfo-5.14.21-150500.55.59.1 ## References: * https://www.suse.com/security/cve/CVE-2021-46925.html * https://www.suse.com/security/cve/CVE-2021-46926.html * https://www.suse.com/security/cve/CVE-2021-46927.html * https://www.suse.com/security/cve/CVE-2021-46929.html * https://www.suse.com/security/cve/CVE-2021-46930.html * https://www.suse.com/security/cve/CVE-2021-46931.html * https://www.suse.com/security/cve/CVE-2021-46933.html * https://www.suse.com/security/cve/CVE-2021-46934.html * https://www.suse.com/security/cve/CVE-2021-46936.html * https://www.suse.com/security/cve/CVE-2021-47082.html * https://www.suse.com/security/cve/CVE-2021-47083.html * https://www.suse.com/security/cve/CVE-2021-47087.html * https://www.suse.com/security/cve/CVE-2021-47091.html * https://www.suse.com/security/cve/CVE-2021-47093.html * https://www.suse.com/security/cve/CVE-2021-47094.html * https://www.suse.com/security/cve/CVE-2021-47095.html * https://www.suse.com/security/cve/CVE-2021-47096.html * https://www.suse.com/security/cve/CVE-2021-47097.html * https://www.suse.com/security/cve/CVE-2021-47098.html * https://www.suse.com/security/cve/CVE-2021-47099.html * https://www.suse.com/security/cve/CVE-2021-47100.html * https://www.suse.com/security/cve/CVE-2021-47101.html * https://www.suse.com/security/cve/CVE-2021-47102.html * https://www.suse.com/security/cve/CVE-2021-47104.html * https://www.suse.com/security/cve/CVE-2021-47105.html * https://www.suse.com/security/cve/CVE-2021-47107.html * https://www.suse.com/security/cve/CVE-2021-47108.html * https://www.suse.com/security/cve/CVE-2022-4744.html * https://www.suse.com/security/cve/CVE-2022-48626.html * https://www.suse.com/security/cve/CVE-2022-48627.html * https://www.suse.com/security/cve/CVE-2022-48628.html * https://www.suse.com/security/cve/CVE-2022-48629.html * https://www.suse.com/security/cve/CVE-2022-48630.html * https://www.suse.com/security/cve/CVE-2023-0160.html * https://www.suse.com/security/cve/CVE-2023-28746.html * https://www.suse.com/security/cve/CVE-2023-35827.html * https://www.suse.com/security/cve/CVE-2023-4881.html * https://www.suse.com/security/cve/CVE-2023-52447.html * https://www.suse.com/security/cve/CVE-2023-52450.html * https://www.suse.com/security/cve/CVE-2023-52453.html * https://www.suse.com/security/cve/CVE-2023-52454.html * https://www.suse.com/security/cve/CVE-2023-52462.html * https://www.suse.com/security/cve/CVE-2023-52463.html * https://www.suse.com/security/cve/CVE-2023-52467.html * https://www.suse.com/security/cve/CVE-2023-52469.html * https://www.suse.com/security/cve/CVE-2023-52470.html * https://www.suse.com/security/cve/CVE-2023-52474.html * https://www.suse.com/security/cve/CVE-2023-52476.html * https://www.suse.com/security/cve/CVE-2023-52477.html * https://www.suse.com/security/cve/CVE-2023-52481.html * https://www.suse.com/security/cve/CVE-2023-52482.html * https://www.suse.com/security/cve/CVE-2023-52484.html * https://www.suse.com/security/cve/CVE-2023-52486.html * https://www.suse.com/security/cve/CVE-2023-52492.html * https://www.suse.com/security/cve/CVE-2023-52493.html * https://www.suse.com/security/cve/CVE-2023-52494.html * https://www.suse.com/security/cve/CVE-2023-52497.html * https://www.suse.com/security/cve/CVE-2023-52500.html * https://www.suse.com/security/cve/CVE-2023-52501.html * https://www.suse.com/security/cve/CVE-2023-52502.html * https://www.suse.com/security/cve/CVE-2023-52504.html * https://www.suse.com/security/cve/CVE-2023-52507.html * https://www.suse.com/security/cve/CVE-2023-52508.html * https://www.suse.com/security/cve/CVE-2023-52509.html * https://www.suse.com/security/cve/CVE-2023-52510.html * https://www.suse.com/security/cve/CVE-2023-52511.html * https://www.suse.com/security/cve/CVE-2023-52513.html * https://www.suse.com/security/cve/CVE-2023-52515.html * https://www.suse.com/security/cve/CVE-2023-52517.html * https://www.suse.com/security/cve/CVE-2023-52518.html * https://www.suse.com/security/cve/CVE-2023-52519.html * https://www.suse.com/security/cve/CVE-2023-52520.html * https://www.suse.com/security/cve/CVE-2023-52523.html * https://www.suse.com/security/cve/CVE-2023-52524.html * https://www.suse.com/security/cve/CVE-2023-52525.html * https://www.suse.com/security/cve/CVE-2023-52528.html * https://www.suse.com/security/cve/CVE-2023-52529.html * https://www.suse.com/security/cve/CVE-2023-52530.html * https://www.suse.com/security/cve/CVE-2023-52531.html * https://www.suse.com/security/cve/CVE-2023-52532.html * https://www.suse.com/security/cve/CVE-2023-52559.html * https://www.suse.com/security/cve/CVE-2023-52563.html * https://www.suse.com/security/cve/CVE-2023-52564.html * https://www.suse.com/security/cve/CVE-2023-52566.html * https://www.suse.com/security/cve/CVE-2023-52567.html * https://www.suse.com/security/cve/CVE-2023-52569.html * https://www.suse.com/security/cve/CVE-2023-52574.html * https://www.suse.com/security/cve/CVE-2023-52575.html * https://www.suse.com/security/cve/CVE-2023-52576.html * https://www.suse.com/security/cve/CVE-2023-52582.html * https://www.suse.com/security/cve/CVE-2023-52583.html * https://www.suse.com/security/cve/CVE-2023-52587.html * https://www.suse.com/security/cve/CVE-2023-52591.html * https://www.suse.com/security/cve/CVE-2023-52594.html * https://www.suse.com/security/cve/CVE-2023-52595.html * https://www.suse.com/security/cve/CVE-2023-52597.html * https://www.suse.com/security/cve/CVE-2023-52598.html * https://www.suse.com/security/cve/CVE-2023-52599.html * https://www.suse.com/security/cve/CVE-2023-52600.html * https://www.suse.com/security/cve/CVE-2023-52601.html * https://www.suse.com/security/cve/CVE-2023-52602.html * https://www.suse.com/security/cve/CVE-2023-52603.html * https://www.suse.com/security/cve/CVE-2023-52604.html * https://www.suse.com/security/cve/CVE-2023-52605.html * https://www.suse.com/security/cve/CVE-2023-52606.html * https://www.suse.com/security/cve/CVE-2023-52607.html * https://www.suse.com/security/cve/CVE-2023-52608.html * https://www.suse.com/security/cve/CVE-2023-52612.html * https://www.suse.com/security/cve/CVE-2023-52615.html * https://www.suse.com/security/cve/CVE-2023-52617.html * https://www.suse.com/security/cve/CVE-2023-52619.html * https://www.suse.com/security/cve/CVE-2023-52621.html * https://www.suse.com/security/cve/CVE-2023-52623.html * https://www.suse.com/security/cve/CVE-2023-52628.html * https://www.suse.com/security/cve/CVE-2023-52632.html * https://www.suse.com/security/cve/CVE-2023-52637.html * https://www.suse.com/security/cve/CVE-2023-52639.html * https://www.suse.com/security/cve/CVE-2023-6270.html * https://www.suse.com/security/cve/CVE-2023-6356.html * https://www.suse.com/security/cve/CVE-2023-6535.html * https://www.suse.com/security/cve/CVE-2023-6536.html * https://www.suse.com/security/cve/CVE-2023-7042.html * https://www.suse.com/security/cve/CVE-2023-7192.html * https://www.suse.com/security/cve/CVE-2024-0841.html * https://www.suse.com/security/cve/CVE-2024-2201.html * https://www.suse.com/security/cve/CVE-2024-22099.html * https://www.suse.com/security/cve/CVE-2024-23307.html * https://www.suse.com/security/cve/CVE-2024-25739.html * https://www.suse.com/security/cve/CVE-2024-25742.html * https://www.suse.com/security/cve/CVE-2024-25743.html * https://www.suse.com/security/cve/CVE-2024-26599.html * https://www.suse.com/security/cve/CVE-2024-26600.html * https://www.suse.com/security/cve/CVE-2024-26602.html * https://www.suse.com/security/cve/CVE-2024-26607.html * https://www.suse.com/security/cve/CVE-2024-26612.html * https://www.suse.com/security/cve/CVE-2024-26614.html * https://www.suse.com/security/cve/CVE-2024-26620.html * https://www.suse.com/security/cve/CVE-2024-26627.html * https://www.suse.com/security/cve/CVE-2024-26629.html * https://www.suse.com/security/cve/CVE-2024-26642.html * https://www.suse.com/security/cve/CVE-2024-26645.html * https://www.suse.com/security/cve/CVE-2024-26646.html * https://www.suse.com/security/cve/CVE-2024-26651.html * https://www.suse.com/security/cve/CVE-2024-26654.html * https://www.suse.com/security/cve/CVE-2024-26659.html * https://www.suse.com/security/cve/CVE-2024-26664.html * https://www.suse.com/security/cve/CVE-2024-26667.html * https://www.suse.com/security/cve/CVE-2024-26670.html * https://www.suse.com/security/cve/CVE-2024-26695.html * https://www.suse.com/security/cve/CVE-2024-26717.html * https://bugzilla.suse.com/show_bug.cgi?id=1194869 * https://bugzilla.suse.com/show_bug.cgi?id=1200465 * https://bugzilla.suse.com/show_bug.cgi?id=1205316 * https://bugzilla.suse.com/show_bug.cgi?id=1207948 * https://bugzilla.suse.com/show_bug.cgi?id=1209635 * https://bugzilla.suse.com/show_bug.cgi?id=1209657 * https://bugzilla.suse.com/show_bug.cgi?id=1212514 * https://bugzilla.suse.com/show_bug.cgi?id=1213456 * https://bugzilla.suse.com/show_bug.cgi?id=1214852 * https://bugzilla.suse.com/show_bug.cgi?id=1215221 * https://bugzilla.suse.com/show_bug.cgi?id=1215322 * https://bugzilla.suse.com/show_bug.cgi?id=1217339 * https://bugzilla.suse.com/show_bug.cgi?id=1217829 * https://bugzilla.suse.com/show_bug.cgi?id=1217959 * https://bugzilla.suse.com/show_bug.cgi?id=1217987 * https://bugzilla.suse.com/show_bug.cgi?id=1217988 * https://bugzilla.suse.com/show_bug.cgi?id=1217989 * https://bugzilla.suse.com/show_bug.cgi?id=1218321 * https://bugzilla.suse.com/show_bug.cgi?id=1218336 * https://bugzilla.suse.com/show_bug.cgi?id=1218479 * https://bugzilla.suse.com/show_bug.cgi?id=1218562 * https://bugzilla.suse.com/show_bug.cgi?id=1218643 * https://bugzilla.suse.com/show_bug.cgi?id=1218777 * https://bugzilla.suse.com/show_bug.cgi?id=1219169 * https://bugzilla.suse.com/show_bug.cgi?id=1219170 * https://bugzilla.suse.com/show_bug.cgi?id=1219264 * https://bugzilla.suse.com/show_bug.cgi?id=1219443 * https://bugzilla.suse.com/show_bug.cgi?id=1219834 * https://bugzilla.suse.com/show_bug.cgi?id=1220114 * https://bugzilla.suse.com/show_bug.cgi?id=1220176 * https://bugzilla.suse.com/show_bug.cgi?id=1220237 * https://bugzilla.suse.com/show_bug.cgi?id=1220251 * https://bugzilla.suse.com/show_bug.cgi?id=1220320 * https://bugzilla.suse.com/show_bug.cgi?id=1220325 * https://bugzilla.suse.com/show_bug.cgi?id=1220328 * https://bugzilla.suse.com/show_bug.cgi?id=1220337 * https://bugzilla.suse.com/show_bug.cgi?id=1220340 * https://bugzilla.suse.com/show_bug.cgi?id=1220365 * https://bugzilla.suse.com/show_bug.cgi?id=1220366 * https://bugzilla.suse.com/show_bug.cgi?id=1220393 * https://bugzilla.suse.com/show_bug.cgi?id=1220398 * https://bugzilla.suse.com/show_bug.cgi?id=1220411 * https://bugzilla.suse.com/show_bug.cgi?id=1220413 * https://bugzilla.suse.com/show_bug.cgi?id=1220433 * https://bugzilla.suse.com/show_bug.cgi?id=1220439 * https://bugzilla.suse.com/show_bug.cgi?id=1220443 * https://bugzilla.suse.com/show_bug.cgi?id=1220445 * https://bugzilla.suse.com/show_bug.cgi?id=1220466 * https://bugzilla.suse.com/show_bug.cgi?id=1220469 * https://bugzilla.suse.com/show_bug.cgi?id=1220478 * https://bugzilla.suse.com/show_bug.cgi?id=1220482 * https://bugzilla.suse.com/show_bug.cgi?id=1220484 * https://bugzilla.suse.com/show_bug.cgi?id=1220486 * https://bugzilla.suse.com/show_bug.cgi?id=1220487 * https://bugzilla.suse.com/show_bug.cgi?id=1220492 * https://bugzilla.suse.com/show_bug.cgi?id=1220703 * https://bugzilla.suse.com/show_bug.cgi?id=1220735 * https://bugzilla.suse.com/show_bug.cgi?id=1220736 * https://bugzilla.suse.com/show_bug.cgi?id=1220775 * https://bugzilla.suse.com/show_bug.cgi?id=1220790 * https://bugzilla.suse.com/show_bug.cgi?id=1220797 * https://bugzilla.suse.com/show_bug.cgi?id=1220831 * https://bugzilla.suse.com/show_bug.cgi?id=1220833 * https://bugzilla.suse.com/show_bug.cgi?id=1220836 * https://bugzilla.suse.com/show_bug.cgi?id=1220839 * https://bugzilla.suse.com/show_bug.cgi?id=1220840 * https://bugzilla.suse.com/show_bug.cgi?id=1220843 * https://bugzilla.suse.com/show_bug.cgi?id=1220845 * https://bugzilla.suse.com/show_bug.cgi?id=1220848 * https://bugzilla.suse.com/show_bug.cgi?id=1220870 * https://bugzilla.suse.com/show_bug.cgi?id=1220871 * https://bugzilla.suse.com/show_bug.cgi?id=1220872 * https://bugzilla.suse.com/show_bug.cgi?id=1220878 * https://bugzilla.suse.com/show_bug.cgi?id=1220879 * https://bugzilla.suse.com/show_bug.cgi?id=1220883 * https://bugzilla.suse.com/show_bug.cgi?id=1220885 * https://bugzilla.suse.com/show_bug.cgi?id=1220887 * https://bugzilla.suse.com/show_bug.cgi?id=1220898 * https://bugzilla.suse.com/show_bug.cgi?id=1220917 * https://bugzilla.suse.com/show_bug.cgi?id=1220918 * https://bugzilla.suse.com/show_bug.cgi?id=1220920 * https://bugzilla.suse.com/show_bug.cgi?id=1220921 * https://bugzilla.suse.com/show_bug.cgi?id=1220926 * https://bugzilla.suse.com/show_bug.cgi?id=1220927 * https://bugzilla.suse.com/show_bug.cgi?id=1220929 * https://bugzilla.suse.com/show_bug.cgi?id=1220930 * https://bugzilla.suse.com/show_bug.cgi?id=1220931 * https://bugzilla.suse.com/show_bug.cgi?id=1220932 * https://bugzilla.suse.com/show_bug.cgi?id=1220933 * https://bugzilla.suse.com/show_bug.cgi?id=1220937 * https://bugzilla.suse.com/show_bug.cgi?id=1220938 * https://bugzilla.suse.com/show_bug.cgi?id=1220940 * https://bugzilla.suse.com/show_bug.cgi?id=1220954 * https://bugzilla.suse.com/show_bug.cgi?id=1220955 * https://bugzilla.suse.com/show_bug.cgi?id=1220959 * https://bugzilla.suse.com/show_bug.cgi?id=1220960 * https://bugzilla.suse.com/show_bug.cgi?id=1220961 * https://bugzilla.suse.com/show_bug.cgi?id=1220965 * https://bugzilla.suse.com/show_bug.cgi?id=1220969 * https://bugzilla.suse.com/show_bug.cgi?id=1220978 * https://bugzilla.suse.com/show_bug.cgi?id=1220979 * https://bugzilla.suse.com/show_bug.cgi?id=1220981 * https://bugzilla.suse.com/show_bug.cgi?id=1220982 * https://bugzilla.suse.com/show_bug.cgi?id=1220983 * https://bugzilla.suse.com/show_bug.cgi?id=1220985 * https://bugzilla.suse.com/show_bug.cgi?id=1220986 * https://bugzilla.suse.com/show_bug.cgi?id=1220987 * https://bugzilla.suse.com/show_bug.cgi?id=1220989 * https://bugzilla.suse.com/show_bug.cgi?id=1220990 * https://bugzilla.suse.com/show_bug.cgi?id=1221009 * https://bugzilla.suse.com/show_bug.cgi?id=1221012 * https://bugzilla.suse.com/show_bug.cgi?id=1221015 * https://bugzilla.suse.com/show_bug.cgi?id=1221022 * https://bugzilla.suse.com/show_bug.cgi?id=1221039 * https://bugzilla.suse.com/show_bug.cgi?id=1221040 * https://bugzilla.suse.com/show_bug.cgi?id=1221044 * https://bugzilla.suse.com/show_bug.cgi?id=1221045 * https://bugzilla.suse.com/show_bug.cgi?id=1221046 * https://bugzilla.suse.com/show_bug.cgi?id=1221048 * https://bugzilla.suse.com/show_bug.cgi?id=1221055 * https://bugzilla.suse.com/show_bug.cgi?id=1221056 * https://bugzilla.suse.com/show_bug.cgi?id=1221058 * https://bugzilla.suse.com/show_bug.cgi?id=1221060 * https://bugzilla.suse.com/show_bug.cgi?id=1221061 * https://bugzilla.suse.com/show_bug.cgi?id=1221062 * https://bugzilla.suse.com/show_bug.cgi?id=1221066 * https://bugzilla.suse.com/show_bug.cgi?id=1221067 * https://bugzilla.suse.com/show_bug.cgi?id=1221068 * https://bugzilla.suse.com/show_bug.cgi?id=1221069 * https://bugzilla.suse.com/show_bug.cgi?id=1221070 * https://bugzilla.suse.com/show_bug.cgi?id=1221071 * https://bugzilla.suse.com/show_bug.cgi?id=1221077 * https://bugzilla.suse.com/show_bug.cgi?id=1221082 * https://bugzilla.suse.com/show_bug.cgi?id=1221090 * https://bugzilla.suse.com/show_bug.cgi?id=1221097 * https://bugzilla.suse.com/show_bug.cgi?id=1221156 * https://bugzilla.suse.com/show_bug.cgi?id=1221252 * https://bugzilla.suse.com/show_bug.cgi?id=1221273 * https://bugzilla.suse.com/show_bug.cgi?id=1221274 * https://bugzilla.suse.com/show_bug.cgi?id=1221276 * https://bugzilla.suse.com/show_bug.cgi?id=1221277 * https://bugzilla.suse.com/show_bug.cgi?id=1221291 * https://bugzilla.suse.com/show_bug.cgi?id=1221293 * https://bugzilla.suse.com/show_bug.cgi?id=1221298 * https://bugzilla.suse.com/show_bug.cgi?id=1221337 * https://bugzilla.suse.com/show_bug.cgi?id=1221338 * https://bugzilla.suse.com/show_bug.cgi?id=1221375 * https://bugzilla.suse.com/show_bug.cgi?id=1221379 * https://bugzilla.suse.com/show_bug.cgi?id=1221551 * https://bugzilla.suse.com/show_bug.cgi?id=1221553 * https://bugzilla.suse.com/show_bug.cgi?id=1221613 * https://bugzilla.suse.com/show_bug.cgi?id=1221614 * https://bugzilla.suse.com/show_bug.cgi?id=1221616 * https://bugzilla.suse.com/show_bug.cgi?id=1221618 * https://bugzilla.suse.com/show_bug.cgi?id=1221631 * https://bugzilla.suse.com/show_bug.cgi?id=1221633 * https://bugzilla.suse.com/show_bug.cgi?id=1221713 * https://bugzilla.suse.com/show_bug.cgi?id=1221725 * https://bugzilla.suse.com/show_bug.cgi?id=1221777 * https://bugzilla.suse.com/show_bug.cgi?id=1221814 * https://bugzilla.suse.com/show_bug.cgi?id=1221816 * https://bugzilla.suse.com/show_bug.cgi?id=1221830 * https://bugzilla.suse.com/show_bug.cgi?id=1221951 * https://bugzilla.suse.com/show_bug.cgi?id=1222033 * https://bugzilla.suse.com/show_bug.cgi?id=1222056 * https://bugzilla.suse.com/show_bug.cgi?id=1222060 * https://bugzilla.suse.com/show_bug.cgi?id=1222070 * https://bugzilla.suse.com/show_bug.cgi?id=1222073 * https://bugzilla.suse.com/show_bug.cgi?id=1222117 * https://bugzilla.suse.com/show_bug.cgi?id=1222274 * https://bugzilla.suse.com/show_bug.cgi?id=1222291 * https://bugzilla.suse.com/show_bug.cgi?id=1222300 * https://bugzilla.suse.com/show_bug.cgi?id=1222304 * https://bugzilla.suse.com/show_bug.cgi?id=1222317 * https://bugzilla.suse.com/show_bug.cgi?id=1222331 * https://bugzilla.suse.com/show_bug.cgi?id=1222355 * https://bugzilla.suse.com/show_bug.cgi?id=1222356 * https://bugzilla.suse.com/show_bug.cgi?id=1222360 * https://bugzilla.suse.com/show_bug.cgi?id=1222366 * https://bugzilla.suse.com/show_bug.cgi?id=1222373 * https://bugzilla.suse.com/show_bug.cgi?id=1222619 * https://bugzilla.suse.com/show_bug.cgi?id=1222952 * https://jira.suse.com/browse/PED-5759 * https://jira.suse.com/browse/PED-7167 * https://jira.suse.com/browse/PED-7618 * https://jira.suse.com/browse/PED-7619 -------------- next part -------------- An HTML attachment was scrubbed... URL: