From null at suse.de Mon Jul 1 08:30:01 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 01 Jul 2024 08:30:01 -0000 Subject: SUSE-SU-2024:2247-1: low: Security update for glib2 Message-ID: <171982260190.19530.2202394264455020108@smelt2.prg2.suse.org> # Security update for glib2 Announcement ID: SUSE-SU-2024:2247-1 Rating: low References: * bsc#1224044 Cross-References: * CVE-2024-34397 CVSS scores: * CVE-2024-34397 ( SUSE ): 3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N Affected Products: * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 An update that solves one vulnerability can now be installed. ## Description: This update for glib2 fixes the following issues: * CVE-2024-34397: Fixed signal subscription unicast spoofing vulnerability (bsc#1224044). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-2247=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-2247=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-2247=1 ## Package List: * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * libglib-2_0-0-debuginfo-2.62.6-150200.3.18.1 * glib2-tools-debuginfo-2.62.6-150200.3.18.1 * libgmodule-2_0-0-2.62.6-150200.3.18.1 * glib2-tools-2.62.6-150200.3.18.1 * libgio-2_0-0-2.62.6-150200.3.18.1 * libgio-2_0-0-debuginfo-2.62.6-150200.3.18.1 * libgmodule-2_0-0-debuginfo-2.62.6-150200.3.18.1 * glib2-debugsource-2.62.6-150200.3.18.1 * libgobject-2_0-0-debuginfo-2.62.6-150200.3.18.1 * libglib-2_0-0-2.62.6-150200.3.18.1 * libgobject-2_0-0-2.62.6-150200.3.18.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * libglib-2_0-0-debuginfo-2.62.6-150200.3.18.1 * glib2-tools-debuginfo-2.62.6-150200.3.18.1 * libgmodule-2_0-0-2.62.6-150200.3.18.1 * glib2-tools-2.62.6-150200.3.18.1 * libgio-2_0-0-2.62.6-150200.3.18.1 * libgio-2_0-0-debuginfo-2.62.6-150200.3.18.1 * libgmodule-2_0-0-debuginfo-2.62.6-150200.3.18.1 * glib2-debugsource-2.62.6-150200.3.18.1 * libgobject-2_0-0-debuginfo-2.62.6-150200.3.18.1 * libglib-2_0-0-2.62.6-150200.3.18.1 * libgobject-2_0-0-2.62.6-150200.3.18.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * libglib-2_0-0-debuginfo-2.62.6-150200.3.18.1 * glib2-tools-debuginfo-2.62.6-150200.3.18.1 * libgmodule-2_0-0-2.62.6-150200.3.18.1 * glib2-tools-2.62.6-150200.3.18.1 * libgio-2_0-0-2.62.6-150200.3.18.1 * libgio-2_0-0-debuginfo-2.62.6-150200.3.18.1 * libgmodule-2_0-0-debuginfo-2.62.6-150200.3.18.1 * glib2-debugsource-2.62.6-150200.3.18.1 * libgobject-2_0-0-debuginfo-2.62.6-150200.3.18.1 * libglib-2_0-0-2.62.6-150200.3.18.1 * libgobject-2_0-0-2.62.6-150200.3.18.1 ## References: * https://www.suse.com/security/cve/CVE-2024-34397.html * https://bugzilla.suse.com/show_bug.cgi?id=1224044 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jul 1 08:30:03 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 01 Jul 2024 08:30:03 -0000 Subject: SUSE-SU-2024:2246-1: important: Security update for kubevirt, virt-api-container, virt-controller-container, virt-exportproxy-container, virt-exportserver-container, virt-handler-container, virt-launcher-container, virt-libguestfs-t Message-ID: <171982260345.19530.9541251146681699447@smelt2.prg2.suse.org> # Security update for kubevirt, virt-api-container, virt-controller-container, virt-exportproxy-container, virt-exportserver-container, virt-handler-container, virt-launcher-container, virt-libguestfs-t Announcement ID: SUSE-SU-2024:2246-1 Rating: important References: * bsc#1223965 Cross-References: * CVE-2024-33394 CVSS scores: * CVE-2024-33394 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N Affected Products: * Containers Module 15-SP5 * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for kubevirt, virt-api-container, virt-controller-container, virt- exportproxy-container, virt-exportserver-container, virt-handler-container, virt-launcher-container, virt-libguestfs-tools-container, virt-operator- container, virt-pr-helper-container fixes the following issues: * Collect component Role rules under operator Role instead of ClusterRole (bsc#1223965, CVE-2024-33394) * Ensure procps is installed (provides ps for tests) This update also rebuilds it against current go releases. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-2246=1 openSUSE-SLE-15.5-2024-2246=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-2246=1 * Containers Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Containers-15-SP5-2024-2246=1 ## Package List: * openSUSE Leap 15.5 (x86_64) * kubevirt-virt-exportserver-1.1.1-150500.8.18.1 * kubevirt-pr-helper-conf-1.1.1-150500.8.18.1 * kubevirt-virt-exportserver-debuginfo-1.1.1-150500.8.18.1 * kubevirt-virt-handler-1.1.1-150500.8.18.1 * kubevirt-virt-handler-debuginfo-1.1.1-150500.8.18.1 * kubevirt-virt-launcher-debuginfo-1.1.1-150500.8.18.1 * kubevirt-manifests-1.1.1-150500.8.18.1 * kubevirt-virtctl-1.1.1-150500.8.18.1 * obs-service-kubevirt_containers_meta-1.1.1-150500.8.18.1 * kubevirt-tests-1.1.1-150500.8.18.1 * kubevirt-container-disk-1.1.1-150500.8.18.1 * kubevirt-virt-launcher-1.1.1-150500.8.18.1 * kubevirt-virt-exportproxy-1.1.1-150500.8.18.1 * kubevirt-tests-debuginfo-1.1.1-150500.8.18.1 * kubevirt-virt-exportproxy-debuginfo-1.1.1-150500.8.18.1 * kubevirt-virt-controller-debuginfo-1.1.1-150500.8.18.1 * kubevirt-container-disk-debuginfo-1.1.1-150500.8.18.1 * kubevirt-virt-api-1.1.1-150500.8.18.1 * kubevirt-virt-operator-1.1.1-150500.8.18.1 * kubevirt-virt-operator-debuginfo-1.1.1-150500.8.18.1 * kubevirt-virtctl-debuginfo-1.1.1-150500.8.18.1 * kubevirt-virt-controller-1.1.1-150500.8.18.1 * kubevirt-virt-api-debuginfo-1.1.1-150500.8.18.1 * SUSE Linux Enterprise Micro 5.5 (x86_64) * kubevirt-virtctl-1.1.1-150500.8.18.1 * kubevirt-manifests-1.1.1-150500.8.18.1 * kubevirt-virtctl-debuginfo-1.1.1-150500.8.18.1 * Containers Module 15-SP5 (x86_64) * kubevirt-virtctl-1.1.1-150500.8.18.1 * kubevirt-manifests-1.1.1-150500.8.18.1 * kubevirt-virtctl-debuginfo-1.1.1-150500.8.18.1 ## References: * https://www.suse.com/security/cve/CVE-2024-33394.html * https://bugzilla.suse.com/show_bug.cgi?id=1223965 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jul 1 16:30:03 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 01 Jul 2024 16:30:03 -0000 Subject: SUSE-SU-2024:2251-1: important: Security update for booth Message-ID: <171985140317.15705.12154512900720411125@smelt2.prg2.suse.org> # Security update for booth Announcement ID: SUSE-SU-2024:2251-1 Rating: important References: * bsc#1226032 Cross-References: * CVE-2024-3049 CVSS scores: * CVE-2024-3049 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2024-3049 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N Affected Products: * SUSE Linux Enterprise High Availability GEO Extension 12 SP5 * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for booth fixes the following issues: * CVE-2024-3049: Fixed a vulnerability where a specially crafted hash can lead to invalid HMAC being accepted by Booth server. (bsc#1226032) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Availability GEO Extension 12 SP5 zypper in -t patch SUSE-SLE-HA-GEO-12-SP5-2024-2251=1 ## Package List: * SUSE Linux Enterprise High Availability GEO Extension 12 SP5 (s390x x86_64) * booth-debugsource-1.0-42.6.1 * booth-debuginfo-1.0-42.6.1 * booth-1.0-42.6.1 ## References: * https://www.suse.com/security/cve/CVE-2024-3049.html * https://bugzilla.suse.com/show_bug.cgi?id=1226032 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jul 1 16:30:04 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 01 Jul 2024 16:30:04 -0000 Subject: SUSE-SU-2024:2249-1: moderate: Security update for python39 Message-ID: <171985140469.15705.12005409328690632040@smelt2.prg2.suse.org> # Security update for python39 Announcement ID: SUSE-SU-2024:2249-1 Rating: moderate References: * bsc#1226447 * bsc#1226448 Cross-References: * CVE-2024-0397 * CVE-2024-4032 CVSS scores: * CVE-2024-0397 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L * CVE-2024-4032 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * SUSE Linux Enterprise Micro 5.1 An update that solves two vulnerabilities can now be installed. ## Description: This update for python39 fixes the following issues: * CVE-2024-4032: Rearranging definition of private v global IP. (bsc#1226448) * CVE-2024-0397: Remove a memory race condition in ssl.SSLContext certificate store methods. (bsc#1226447) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-2249=1 ## Package List: * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * python3-debugsource-3.6.15-150000.3.150.1 * python3-base-debuginfo-3.6.15-150000.3.150.1 * python3-debuginfo-3.6.15-150000.3.150.1 * python3-core-debugsource-3.6.15-150000.3.150.1 * python3-3.6.15-150000.3.150.1 * libpython3_6m1_0-debuginfo-3.6.15-150000.3.150.1 * python3-base-3.6.15-150000.3.150.1 * libpython3_6m1_0-3.6.15-150000.3.150.1 ## References: * https://www.suse.com/security/cve/CVE-2024-0397.html * https://www.suse.com/security/cve/CVE-2024-4032.html * https://bugzilla.suse.com/show_bug.cgi?id=1226447 * https://bugzilla.suse.com/show_bug.cgi?id=1226448 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jul 1 20:30:08 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 01 Jul 2024 20:30:08 -0000 Subject: SUSE-SU-2024:1639-2: important: Security update for python-arcomplete, python-Fabric, python-PyGithub, python-antlr4-python3-runtime, python-avro, python-chardet, python-distro, python-docker, python-fakeredis, python-fixedint, pyth Message-ID: <171986580831.12218.14933006897039830221@smelt2.prg2.suse.org> # Security update for python-arcomplete, python-Fabric, python-PyGithub, python- antlr4-python3-runtime, python-avro, python-chardet, python-distro, python- docker, python-fakeredis, python-fixedint, pyth Announcement ID: SUSE-SU-2024:1639-2 Rating: important References: * bsc#1209571 * bsc#1209811 * bsc#1209812 * bsc#1216606 * bsc#1222880 * bsc#761162 Cross-References: * CVE-2023-28858 * CVE-2023-28859 CVSS scores: * CVE-2023-28858 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2023-28858 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2023-28859 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2023-28859 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * openSUSE Leap 15.5 * openSUSE Leap 15.6 * Public Cloud Module 15-SP6 * Python 3 Module 15-SP6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Package Hub 15 15-SP6 An update that solves two vulnerabilities and has four security fixes can now be installed. ## Description: This update for python-argcomplete, python-Fabric, python-PyGithub, python- antlr4-python3-runtime, python-avro, python-chardet, python-distro, python- docker, python-fakeredis, python-fixedint, python-httplib2, python-httpretty, python-javaproperties, python-jsondiff, python-knack, python-marshmallow, python-opencensus, python-opencensus-context, python-opencensus-ext-threading, python-opentelemetry-api, python-opentelemetry-sdk, python-opentelemetry- semantic-conventions, python-opentelemetry-test-utils, python-pycomposefile, python-pydash, python-redis, python-retrying, python-semver, python-sshtunnel, python-strictyaml, python-sure, python-vcrpy, python-xmltodict contains the following fixes: Changes in python-argcomplete \- Update to 3.3.0 (bsc#1222880): * Preserve compatibility with argparse option tuples of length 4. This update is required to use argcomplete on Python 3.11.9+ or 3.12.3+. \- update to 3.2.3: * Allow register-python-argcomplete output to be used as lazy-loaded zsh completion module (#475) \- Move debug_stream initialization to helper method to allow fd 9 behavior to be overridden in subclasses (#471) * update to 3.2.2: * Expand tilde in zsh * Remove coverage check * Fix zsh test failures: avoid coloring terminal * update to 3.2.1: * Allow explicit zsh global completion activation (#467) * Fix and test global completion in zsh (#463, #466) * Add ?yes option to activate-global-python-argcomplete (#461) * Test suite improvements * drop without_zsh.patch: obsolete * update to 3.1.6: * Respect user choice in activate-global-python-argcomplete * Escape colon in zsh completions. Fixes #456 * Call _default as a fallback in zsh global completion * update to 3.1.4: * Call _default as a fallback in zsh global completion * zsh: Allow to use external script (#453) * Add support for Python 3.12 and drop EOL 3.6 and 3.7 (#449) * Use homebrew prefix by default * zsh: Allow to use external script (#453) Changes in python-Fabric: \- Update to 3.2.2 \- add fix-test-deps.patch to remove vendored dependencies *[Bug]: fabric.runners.Remote failed to properly deregister its SIGWINCH signal handler on shutdown; in rare situations this could cause tracebacks when the Python process receives SIGWINCH while no remote session is active. This has been fixed. * [Bug] #2204: The signal handling functionality added in Fabric 2.6 caused unrecoverable tracebacks when invoked from inside a thread (such as the use of fabric.group.ThreadingGroup) under certain interpreter versions. This has been fixed by simply refusing to register signal handlers when not in the main thread. Thanks to Francesco Giordano and others for the reports. * [Bug]: Neglected to actually add deprecated to our runtime dependency specification (it was still in our development dependencies). This has been fixed. * [Feature]: Enhanced fabric.testing in ways large and small: Backwards-compatibly merged the functionality of MockSFTP into MockRemote (may be opted-into by instantiating the latter with enable_sftp=True) so you can mock out both SSH and SFTP functionality in the same test, which was previously impossible. It also means you can use this in a Pytest autouse fixture to prevent any tests from accidentally hitting the network! A new pytest fixture, remote_with_sftp, has been added which leverages the previous bullet point (an all-in-one fixture suitable for, eg, preventing any incidental ssh/sftp attempts during test execution). A pile of documentation and test enhancements (yes, testing our testing helpers is a thing). * [Support]: Added a new runtime dependency on the Deprecated library. * [Support]: Language update: applied s/sanity/safety/g to the codebase (with the few actual API members using the term now marked deprecated & new ones added in the meantime, mostly in fabric.testing). * [Feature]: Add a new CLI flag to fab, fab --list-agent-keys, which will attempt to connect to your local SSH agent and print a key list, similarly to ssh-add -l. This is mostly useful for expectations-checking Fabric and Paramiko?s agent functionality, or for situations where you might not have ssh-add handy. * [Feature]: Implement opt-in support for Paramiko 3.2?s AuthStrategy machinery, as follows: Added a new module and class, fabric.auth.OpenSSHAuthStrategy, which leverages aforementioned new Paramiko functionality to marry loaded SSH config files with Fabric-level and runtime- level parameters, arriving at what should be OpenSSH-client-compatible authentication behavior. See its API docs for details. Added new configuration settings: authentication.strategy_class, which defaults to None, but can be set to OpenSSHAuthStrategy to opt-in to the new behavior. authentication.identities, which defaults to the empty list, and can be a list of private key paths for use by the new strategy class. * [Bug] #2263: Explicitly add our dependency on decorator to setup.py instead of using Invoke?s old, now removed, vendored copy of same. This allows Fabric to happily use Invoke 2.1 and above * Update to 3.0.1 * [Bug] #2241: A typo prevented Fabric?s command runner from properly calling its superclass stop() method, which in tandem with a related Invoke bug meant messy or long shutdowns in many scenarios. * Changes from 3.0.0 * [Feature]: Change the default configuration value for inline_ssh_env from False to True, to better align with the practicalities of common SSH server configurations. * Warning This change is backwards incompatible if you were using environment-variable-setting kwargs or config settings, such as Connection.run(command, env={'SOME': 'ENV VARS'}), and were not already explicitly specifying the value of inline_ssh_env. * [Bug] #1981: (fixed in #2195) Automatically close any open SFTP session during fabric.connection.Connection.close; this avoids issues encountered upon re-opening a previously-closed connection object. * [Support]: Drop support for Python <3.6, including Python 2. * Warning This is a backwards incompatible change if you are not yet on Python 3.6 or above; however, pip shouldn?t offer you this version of Fabric as long as your pip version understands python_requires metadata. * Drop remove-mock.patch because now in upstream. * Drop remove-pathlib2.patch because now in upstream. * Add %{?sle15_python_module_pythons} * Remove conditional definition of python_module. * Add patch remove-pathlib2.patch: * Drop install_requires on pathlib2. * Update to 2.7.1: * [Bug] #1924: (also #2007) Overhaul behavior and testing re: merging together different sources for the key_filename parameter in Connection.connect_kwargs. This fixes a number of type-related errors (string objects have no extend attribute, cannot add lists to strings, etc). * Update to 2.7.0: * Add ~fabric.connection.Connection.shell, a belated port of the v1 open_shell() feature. * Forward local terminal resizes to the remote end, when applicable. (For the technical: this means we now turn SIGWINCH into SSH window-change messages.) * Update ~fabric.connection.Connection temporarily so that it doesn't incidentally apply replace_env=True to local shell commands, only remote ones. * Add patch remove-mock.patch: * Use unittest.mock, instead of mock * pytest-relaxed now supports pytest 6, so test on all python versions. * Don't test on python310 -- gh#bitprophet/pytest-relaxed#12 (This is mainly required by azure-cli in the primary python3 flavor) * Update to 2.6.0: * [Feature] #1999: Add sudo support to Group. Thanks to Bonnie Hardin for the report and to Winston Nolan for an early patchset. * [Feature] #1810: Add put/get support to Group. * [Feature] #1868: Ported a feature from v1: interpolating the local path argument in Transfer.get with connection and remote filepath attributes. For example, cxn.get(remote="/var/log/foo.log", local="{host}/") is now feasible for storing a file in per-host-named directories or files, and in fact Group.get does this by default. * [Feature]: When the local path argument to Transfer.get contains nonexistent directories, they are now created instead of raising an error. Warning: This change introduces a new runtime dependency: pathlib2. * [Bug]: Fix a handful of issues in the handling and mocking of SFTP local paths and os.path members within fabric.testing; this should remove some occasional ?useless Mocks? as well as hewing closer to the real behavior of things like os.path.abspath re: path normalization. * Update Requires from setup.py Changes in python-PyGithub: \- Switch package to modern Python Stack on SLE-15 \+ Add %{?sle15_python_module_pythons} \+ Drop %{?!python_module:%define python_module() python-%{ **} python3-%{** }} \+ Drop %define skip_python2 1 * Update to 1.57 Breaking Changes * Add support for Python 3.11, drop support for Python 3.6 (#2332) (1e2f10d) Bug Fixes & Improvements * Speed up get requested reviewers and teams for pr (#2349) (6725ece) * [WorkflowRun] - Add missing attributes (run_started_at & run_attempt), remove deprecated unicode type (#2273) (3a6235b) * Add support for repository autolink references (#2016) (0fadd6b) * Add retry and pool_size to typing (#2151) (784a3ef) * Fix/types for repo topic team (#2341) (db9337a) * Add class Artifact (#2313) (#2319) (437ff84) * Update to 1.56 This is the last release that will support Python 3.6. *Bug Fixes & Improvements Create repo from template (#2090) (b50283a) Improve signature of Repository.create_repo (#2118) (001970d) Add support for 'visibility' attribute preview for Repositories (#1872) (8d1397a) Add Repository.rename_branch method (#2089) (6452ddf) Add function to delete pending reviews on a pull request (#1897) (c8a945b) Cover all code paths in search_commits (#2087) (f1faf94) Correctly deal when PaginatedList's data is a dict (#2084) (93b92cd) Add two_factor_authentication in AuthenticatedUser. (#1972) (4f00cbf) Add ProjectCard.edit() to the type stub (#2080) (d417e4c) Add method to delete Workflow runs (#2078) (b1c8eec) Implement organization.cancel_invitation() (#2072) (53fb498) Feat: Add html_url property in Team Class. (#1983) (6570892) Add support for Python 3.10 (#2073) (aa694f8) Add github actions secrets to org (#2006) (bc5e595) Correct replay for Organization.create_project() test (#2075) (fcc1236) Fix install command example (#2043) (99e00a2) Fix: #1671 Convert Python Bool to API Parameter for Authenticated User Notifications (#2001) (1da600a) Do not transform requestHeaders when logging (#1965) (1265747) Add type to OrderedDict (#1954) (ed7d0fe) Add Commit.get_pulls() to pyi (#1958) (b466470) Adding headers in GithubException is a breaking change (#1931) (d1644e3) * Update to 1.55: * Remove client_id/client_secret authentication (#1888) (901af8c8) * Adjust to Github API changes regarding emails (#1890) (2c77cfad) * This impacts what AuthenticatedUser.get_emails() returns * Export headers in GithubException (#1887) (ddd437a7) * Do not import from unpackaged paths in typing (#1926) (27ba7838) * Implement hash for CompletableGithubObject (#1922) (4faff23c) * Use right variable in both get_check_runs() (#1889) (3003e065) * fix bad assertions in github.Project.edit (#1817) (6bae9e5c) * Add support for deleting repository secrets (#1868) (696793de) * Adding github actions secrets (#1681) (c90c050e) * Drop support for Python 3.5 (#1770) (63e4fae9) * Fix stubs file for Repository (fab682a5) * The Github.get_installation(integer) method has been removed. * Repository.create_deployment()'s payload parameter is now a dictionary. * Add support for Check Suites (#1764) (6d501b28) * Add missing preview features of Deployment and Deployment Statuses API * Add Support for Check Runs (#1727) (c77c0676) * Add WorkflowRun.workflow_id (#1737) (78a29a7c) * Added support for the Self-Hosted actions runners API (#1684) (24251f4b) * Fix Branch protection status in the examples (#1729) (88800844) * Filter the DeprecationWarning in Team tests (#1728) (23f47539) * Added get_installations() to Organizations (#1695) (b42fb244) * Fix #1507: Add new Teams: Add or update team repository endpoint * Added support for `Repository.get_workflow_runs` parameters * feat(pullrequest): add the rebaseable attribute (#1690) (ee4c7a7e) * Add support for deleting reactions (#1708) (f7d203c0) * Add get_timeline() to Issue's type stubs (#1663) (6bc9ecc8) * Update to 1.53: * Add method get_team_membership for user to Team (#1658) (749e8d35) * PaginatedList's totalCount is 0 if no last page (#1641) (69b37b4a) * Add initial support for Github Apps. (#1631) (260558c1) * Add delete_branch_on_merge arg to Repository.edit type stub (#1639) (15b5ae0c) * upload_asset with data in memory (#1601) (a7786393) * Make Issue.closed_by nullable (#1629) (06dae387) * Add support for workflow dispatch event (#1625) (16850ef1) * Do not check reaction_type before sending (#1592) (136a3e80) * more flexible header splitting (#1616) (85e71361) * Add support for deployment statuses (#1588) (048c8a1d) * Adds the 'twitter_username' attribute to NamedUser. (#1585) (079f75a7) * Add support for Workflow Runs (#1583) (4fb1d23f) * Small documentation correction in Repository.py (#1565) (f0f6ec83) * Remove "api_preview" parameter from type stubs and docstrings (#1559) (cc1b884c) * Repository.update_file() content also accepts bytes (#1543) (9fb8588b) * Fix Repository.get_issues stub (#1540) (b40b75f8) * Check all arguments of NamedUser.get_repos() (#1532) (69bfc325) * Remove RateLimit.rate (#1529) (7abf6004) * PullRequestReview is not a completable object (#1528) (19fc43ab) * Remove pointless setters in GitReleaseAsset (#1527) (1dd1cf9c) * Drop some unimplemented methods in GitRef (#1525) (d4b61311) * Fixed formatting of docstrings for `Repository.create_git_tag_and_release()` and `StatsPunchCard`. (#1520) (ce400bc7) * Remove Repository.topics (#1505) (53d58d2b) * Correct Repository.get_workflows() (#1518) (8727003f) * correct Repository.stargazers_count return type to int (#1513) (b5737d41) * Raise a FutureWarning on use of client_{id,secret} (#1506) (2475fa66) * Improve type signature for create_from_raw_data (#1503) (c7b5eff0) * feat(column): move, edit and delete project columns (#1497) (a32a8965) * Add support for Workflows (#1496) (a1ed7c0e) * Add OAuth support for GitHub applications (4b437110) * Create AccessToken entity (4a6468aa) * Extend installation attributes (61808da1) * Update to 1.51 * New features * PyGithub now supports type checking * Ability to retrieve public events * Add and handle the maintainer_can_modify attribute in PullRequest * List matching references * Add create_repository_dispatch * Add some Organization and Repository attributes. * Add create project method * Bug Fixes & Improvements * Drop use of shadow-cat for draft PRs * AuthenticatedUser.get_organization_membership() should be str * Drop documentation for len() of PaginatedList * Fix param name of projectcard's move function * Correct typos found with codespell * Export IncompletableObject in the github namespace * Add GitHub Action workflow for checks * Drop unneeded ignore rule for flake8 * Use pytest to parametrize tests * Type stubs are now packaged with the build * Get the project column by id * Drop parametrized and pytest-cov from BuildRequires. * Update to 1.47 * Bug Fixes & Improvements * Add support to edit and delete a project (#1434) (f11f739) * Add method for fetching pull requests associated with a commit (#1433) (0c55381) * Add "get_repo_permission" to Team class (#1416) (219bde5) * Add list projects support, update tests (#1431) (e44d11d) * Don't transform completely in PullRequest.*assignees (#1428) (b1c3549) * Add create_project support, add tests (#1429) (bf62f75) * Add draft attribute, update test (bd28524) * Docstring for Repository.create_git_tag_and_release (#1425) (bfeacde) * Create a tox docs environment (#1426) (b30c09a) * Add Deployments API (#1424) (3d93ee1) * Add support for editing project cards (#1418) (425280c) * Add draft flag parameter, update tests (bd0211e) * Switch to using pytest (#1423) (c822dd1) * Fix GitMembership with a hammer (#1420) (f2939eb) * Add support to reply to a Pull request comment (#1374) (1c82573) * PullRequest.update_branch(): allow expected_head_sha to be empty (#1412) (806130e) * Implement ProjectCard.delete() (#1417) (aeb27b7) * Add pre-commit plugin for black/isort/flake8 (#1398) (08b1c47) * Add tox (#1388) (125536f) * Open file in text mode in scripts/add_attribute.py (#1396) (0396a49) * Silence most ResourceWarnings (#1393) (dd31a70) * Assert more attributes in Membership (#1391) (d6dee01) * Assert on changed Repository attributes (#1390) (6e3ceb1) * Add reset to the repr for Rate (#1389) (0829af8) * Update to 1.46 * Bug Fixes & Improvements * Add repo edit support for delete_branch_on_merge * Fix mistake in Repository.create_fork() * Correct two attributes in Invitation * Search repo issues by string label * Correct Repository.create_git_tag_and_release() * exposed seats and filled_seats for Github Organization Plan * Repository.create_project() body is optional * Implement move action for ProjectCard * Tidy up ProjectCard.get_content() * Added nested teams and parent * Correct parameter for Label.edit * doc: example of Pull Request creation * Fix PyPI wheel deployment * No longer build Python 2 package * Drop BuildRequires on mock, no longer required * Drop no-hardcoded-dep.patch, no longer required * Update to 1.45: * Breaking Changes * Branch.edit_{user,team} _push_restrictions() have been removed The new API is: Branch.add_ {user,team} _push_restrictions() to add new members Branch.replace_ {user,team} _push_restrictions() to replace all members Branch.remove_ {user,team}_push_restrictions() to remove members * The api_preview parameter to Github() has been removed. * Bug Fixes & Improvements * Allow sha=None for InputGitTreeElement * Support github timeline events. * Add support for update branch * Refactor Logging tests * Fix rtd build * Apply black to whole codebase * Fix class used returning pull request comments * Support for create_fork * Use Repository.get_contents() in tests * Allow GithubObject.update() to be passed headers * Correct URL for assignees on PRs * Use inclusive ordered comparison for 'parameterized' requirement * Deprecate Repository.get_dir_contents() * Apply some polish to manage.sh * Refresh no-hardcoded-dep.patch * Add patch to not pull in hardcoded dependencies: * no-hardcoded-dep.patch * Update to 1.44.1: * Too many changes to enumerate. * Drop PyGithub-drop-network-tests.patch, the test in question no longer requires network access. * Drop fix-httpretty-dep.patch, the httpretty requirement has been relaxed upstream. * Use %python_expand to run the test suite, it works fine on Python 3 now. * Add mock and parameterized to BuildRequires, the test suite requires them. * Update to 1.43.8: * Add two factor attributes on organizations (#1132) (a073168) * Add Repository methods for pending invitations (#1159) (57af1e0) * Adds get_issue_events to PullRequest object (#1154) (acd515a) * Add invitee and inviter to Invitation (#1156) (0f2beac) * Adding support for pending team invitations (#993) (edab176) * Add support for custom base_url in GithubIntegration class (#1093) (6cd0d64) * GithubIntegration: enable getting installation (#1135) (1818704) * Add sorting capability to Organization.get_repos() (#1139) (ef6f009) * Add new Organization.get_team_by_slug method (#1144) (4349bca) * Add description field when creating a new team (#1125) (4a37860) * Handle a path of / in Repository.get_contents() (#1070) (102c820) * Add issue lock/unlock (#1107) (ec7bbcf) * Fix bug in recursive repository contents example (#1166) (8b6b450) * Allow name to be specified for upload_asset (#1151) (8d2a6b5) * Fixes #1106 for GitHub Enterprise API (#1110) (5406579) * Update to 1.43.7: * Exclude tests from PyPI distribution (#1031) (78d283b9) * Add codecov badge (#1090) (4c0b54c0) * Update to 1.43.6: * New features o Add support for Python 3.7 (#1028) (6faa00ac) o Adding HTTP retry functionality via urllib3 (#1002) (5ae7af55) o Add new dismiss() method on PullRequestReview (#1053) (8ef71b1b) o Add since and before to get_notifications (#1074) (7ee6c417) o Add url parameter to include anonymous contributors in get_contributors (#1075) (293846be) o Provide option to extend expiration of jwt token (#1068) (86a9d8e9) * Bug Fixes & Improvements o Fix the default parameter for PullRequest.create_review (#1058) (118def30) o Fix get_access_token (#1042) (6a89eb64) o Fix Organization.add_to_members role passing (#1039) (480f91cf) * Deprecation o Remove Status API (6efd6318) * Add patch fix-httpretty-dep.patch Changes in python-antlr4-python3-runtime: * Switch package to modern Python Stack on SLE-15 * Add %{?sle15_python_module_pythons} * Drop %{?!python_module:%define python_module() python-%{ **} python3-%{** }} * Drop %define skip_python2 1 * Drop support for older Python 3.x versions * fix build for python 3.12 * require setuptools * Update to version 4.13.1 csharp target * [CSharp] Fix for #4386 -- change signatures for ReportAttemptingFullContext() and ReportContextSensitivity() to be identical to all other targets (target:csharp, type:cleanup) go target * Move GetText(), SetText(), and String() from CommonToken to BaseToken (target:go, type:cleanup) * Restore "Obtained from string" source name. (target:go, type:cleanup) * fix: Fix very minor code issues spotted by goreportcard.com (target:go, type:cleanup) java target * Java: suppress this-escape warning introduced in JDK 21. (actions, target:java) javascript target * Adds default targets for babel configuration (target:javascript) * fix dependabot warnings (target:javascript, type:cleanup) swift target * [SWIFT] Add Antlr4Dynamic product (target:swift) * Cleanup duplicate SwiftTarget code (target:swift, type:cleanup) dart target * [Dart] Fix for #4320--export additional types (type:bug, target:dart) * from version 4.13.0 Issues fixed * antlr4 jar doubled in size in 4.9.3 (unicode, comp:performance) * Go: exponentially bad/absymal performance as of ... (type:bug, target:go) * Go runtime panic (type:bug, target:go) Improvements, features * Update LexerATNSimulator.cs with virtual Consume (type:improvement, target:csharp) * Feature/fixembedding (type:improvement, target:go, comp:performance) * Provide Javascript port of TokenStreamRewriter (type:feature, target:javascript, target:typescript) * from version 4.12.0 Issues fixed * github actions now fail for python2 and ubuntu clang and ubuntu swift (comp:runtime, comp:build, comp:testing) * js mergeArrays output differs from java (atn-analysis, target:javascript) * C++ target fails Performance/DropLoopEntryBranchInLRRule_4.txt (atn- analysis, type:bug, target:cpp) * Wrong grammarFileName in generated code (code-gen, type:bug) * C++ crashes on new test ParserExec/ListLabelsOnRuleRefStartOfAlt.txt (atn- analysis, type:bug, target:cpp) * [JavaScript runtime] Bad field name, bad comments (type:bug) Improvements, features * Fully qualify std::move invocations to fix -Wunqualified-std-cast-call (type:improvement, target:cpp) * Extract FileUtils updates by @ericvergnaud (type:improvement, cross- platform-issue, comp:testing) * Extract unit test updates by @ericvergnaud needed for TypeScript (type:improvement, comp:testing) * [Go target] Fix for #3926: Add accessors for tree navigation to interfaces in generated parser (trees-contexts, code-gen, type:improvement, target:go) * GitHub Workflows security hardening (actions, type:improvement, comp:testing) * from version 4.11.1 * Just fixes 4.11.0 release issue. I forgot to change runtime tool version so it didn't say SNAPSHOT. * from version 4.11.0 Issues fixed * Disable failing CI tests in master (comp:build, comp:testing) * Create accessor for Go-based IntervalSet.intervals (target:go) * Grammar Name Conflict Golang with SPARQL issue (target:go, type:cleanup) * Dependency declaration error in ANTLR 4.10.1 (comp:build) * Drop old version of Visual Studio C++ (2013, 2015, 2017) (comp:build, target:cpp) * Circular grammar inclusion causes stack overflow in the tool. (comp:tool, type:bug) * Cpp, Go, JavaScript, Python2/3: Template rendering error. (code-gen, comp:runtime, target:java, target:javascript, target:python2, target:python3, target:go) Improvements, features * Augment error message during testing to include full cause of problem. (type:improvement, comp:testing) * Include swift & tool verification in CI workflow (type:improvement, comp:build, cross-platform-issue, target:swift) * Issue #3783: CI Check Builds (type:improvement, comp:build, cross-platform- issue, comp:testing) * Parallel lock free testing, remove potential deadlocks, cache static data, go to descriptor via test (comp:runtime, type:improvement, comp:testing) * update getting-started doc (type:improvement, comp:doc) * Getting Started has error (type:improvement, comp:doc) * new nuget directory for building ANTLR4 C++ runtime as 3 Nuget packages (type:improvement, comp:build, target:cpp) * Add interp tool like TestRig (comp:tool, type:feature) * Issue 3720: Java 2 Security issue (type:improvement, target:java) * Cpp: Disable warnings for external project (type:bug, type:improvement, target:cpp) * Fix Docker README for arm OS user (type:improvement, comp:doc) * from version 4.10.1 * [C++] Remove reference to antlrcpp:s2ws * Update publishing instruction for Dart * from version 4.10.0 Issues fixed * C++ runtime: Version identifier macro ? (target:cpp, type:cleanup) * Generating XPath lexer/parser (actions, type:bug) * do we need this C++ ATN serialization? (target:cpp, type:cleanup) * Incorrect type of token with number 0xFFFF because of incorrect ATN serialization (atn-analysis, type:bug) * Clean up ATN serialization: rm UUID and shifting by value of 2 (atn- analysis, type:cleanup) * The parseFile method of the InterpreterDataReader class is missing code: "line = br.readLine();" (type:bug, target:java) * antlr.runtime.standard 4.9.3 invalid strong name. (type:bug, comp:build, target:csharp) * Serialized ATN data element 810567 element 11 out of range 0..65535 (atn- analysis, type:cleanup) * Go target, unable to check when custom error strategy is in recovery mode (target:go) * Escape issue for characeters (grammars, type:bug) * antlr4 java.lang.NullPointerException Antlr 4 4.8 (grammars, comp:tool, type:bug) * UnsupportedOperationException while generating code for large grammars. (atn-analysis, type:cleanup) * Add a more understandable message than "Serialized ATN data element .... element ... out of range 0..65535" (atn-analysis, type:cleanup) * avoid java.lang.StackOverflowError (lexers, error-handling) * Getting this error: Exception in thread "main" java.lang.UnsupportedOperationException: Serialized ATN data element out of range (atn-analysis, type:cleanup) Improvements, features * Updated getting started with Cpp documentation. (type:improvement, comp:doc) * Escape bad words during grammar generation (code-gen, type:improvement) * Implement caseInsensitive option (lexers, options, type:improvement) * Some tool bugfixes (error-handling, comp:tool, type:improvement, type:cleanup) * Run testsuite using the tests/run.py script instead of %pyunittest * Switch build systemd from setuptools to pyproject.toml * Update BuildRequires from pyproject.toml * Update filename pattern in %files section * Update to version 4.9.3 Issues fixed * Swift Target Crashes with Multi-Threading * JavaScript Runtime bug * Go target, cannot use superClass for the lexer grammar! * Python runtime is inconsistent with Java * FunctionDef source extract using getText() * Provide .NET Framework target in the csharp nuget package * Go target for Antlr tool, type ",int8" => "int8" * Flutter/Dart web support * Allow Antlr Javascript runtime to be loaded into Kindle Touch * Fix Go test suite * Weird error Improvements, features * [C++] Use faster alternative to dynamic_cast when not testing inherit * Stackoverflow after upgrading from 4.6 to 4.7 * from version 4.9.2 Issues fixed * CSharp and Java produce different results for identical input, identical tokens Improvements, features * Moved away from travis-ci.com * Source upstream tarball from Github since PyPi tarball no longer ships testsuite * Update to version 4.9.1. * Improve python3 performance by adding slots * Fix incorrect python token string templates * Add testing. * Skip python2 because this is for python3. * Use python_alternative Changes in python-avro: * Switch package to modern Python Stack on SLE-15 * Add %{?sle15_python_module_pythons} * Drop %define skip_python2 1 * Update to version 1.11.3: * See jira board for all the fixes addressed in this release: https://issues.apache.org/jira/browse/AVRO-3855?jql=project%3DAVRO%20AND%20fixVersion%3D1.11.3 * Drop py311.patch: fixed upstream. * Add py311.patch to make tests compatible with python 3.11 gh#apache/avro#1961 * Update to 1.11.1 (from GitHub release notes): * Avro specification * Clarify which names are allowed to be qualified with namespaces * Inconsistent behaviour on types as invalid names * Clarify how fullnames are created, with example * IDL: add syntax to create optional fields * Improve docs for logical type annotation * Python * Scale assignment optimization * "Scale" property from decimal object * Byte reading in avro.io does not assert bytes read * validate the default value of an enum field * Pass LogicalType to BytesDecimalSchema * Website * Website refactor * Document IDL support in IDEs Changes in python-chardet: * update to 5.2.0: * Adds support for running chardet CLI via `python -m chardet` Changes in python-distro: \- Switch to autosetup macro. * update to 1.9.0: * Refactor distro.info() method to return an InfoDict [#360] * Ignore the file '/etc/board-release' [#353] * Ignore the file '/etc/ec2_version' [#359] * Test on modern versions of CPython and PyPy and macOS [#362] * Add support for ALT Linux Server 10.1 distribution [#354] * Add Debian Testing to the tests [#356] * Update archlinux resource for tests [#352] * Remove duplicate files calling %fdupes * add sle15_python_module_pythons * update to 1.8.0: * Lowered `LinuxDistribution._distro_release_info` method complexity [#327] * Added official support for Buildroot distribution [#329] * Added official support for Guix distribution [#330] * Added support for `/etc/debian_version` [#333] & [#349] * Fixed a typography in CONTRIBUTING.md [#340] * Improved README.md "Usage" code block [#343] * Bumped black to v22.3.0 in pre-commit.ci configuration [#331] * Enabled GitHub Dependabot to keep GitHub Actions up to date [#335] * remove shebang from distro.py * update to version 1.7.0: * BACKWARD COMPATIBILITY: * Dropped support for EOL Pythons 2.7, 3.4 and 3.5 [#281] * Dropped support for LSB and `uname` back-ends when `--root-dir` is specified [#311] * Moved `distro.py` to `src/distro/distro.py` [#315] * ENHANCEMENTS: * Documented that `distro.version()` can return an empty string on rolling releases [#312] * Documented support for Python 3.10 [#316] * Added official support for Rocky Linux distribution [#318] * Added a shebang to `distro.py` to allow standalone execution [#313] * Added support for AIX platforms [#311] * Added compliance for PEP-561 [#315] * BUG FIXES: * Fixed `include_uname` parameter oversight [#305] * Fixed crash when `uname -rs` output is empty [#304] * Fixed Amazon Linux identifier in `distro.id()` documentation [#318] * Fixed OpenSuse >= 15 support [#319] * Fixed encoding issues when opening distro release files [#324] * Fixed `linux_distribution` regression introduced in [#230] [#325] * Tests: Set locale to UTF-8 to fix tests on Leap 15.3. * Expliciting setting of locale is not necessary anymore (gh#python- distro/distro#223). * Update to version 1.6.0 * Deprecated the distro.linux_distribution() function. Use distro.id(), distro.version() and distro.name() instead [#296] * Deprecated Python 2.7, 3.4 and 3.5 support. Further releases will only support Python 3.6+ * Added type hints to distro module [#269] * Added **version** for checking distro version [#292] * Added support for arbitrary rootfs via the root_dir parameter [#247] * Added the --root-dir option to CLI [#161] * Added fallback to /usr/lib/os-release when /etc/os-release isn't available [#262] * Fixed subprocess.CalledProcessError when running lsb_release [#261] * Ignore /etc/iredmail-release file while parsing distribution [#268] * Use a binary file for /dev/null to avoid TextIOWrapper overhead [#271] * use %pytest macro * Enable tests properly (this is pytest, not unittest), Changes in python- docker: * update to 7.0.0: * Removed SSL version (`ssl_version`) and explicit hostname check (`assert_hostname`) options (#3185) * Python 3.7+ supports TLSv1.3 by default * Websocket support is no longer included by default (#3123) * Use `pip install docker[websockets]` to include `websocket- client` dependency * By default, `docker-py` hijacks the TCP connection and does not use Websockets * Websocket client is only required to use `attach_socket(container, ws=True)` * Python 3.7 no longer supported (reached end-of-life June 2023) (#3187) * Python 3.12 support (#3185) * Full `networking_config` support for `containers.create()` * Replaces `network_driver_opt` (added in 6.1.0) * Add `health()` property to container that returns status (e.g. `unhealthy`) * Add `pause` option to `container.commit()` (#3159) * Add support for bind mount propagation (e.g. `rshared`, `private`) * Add support for `filters`, `keep_storage`, and `all` in `prune_builds()` on API v1.39+ (#3192) * Consistently return `docker.errors.NotFound` on 404 responses * Validate tag format before push (#3191) * update to 6.1.3: * Bugfixes * Fix eventlet compatibility (#3132) * update to 6.1.2: * Bugfixes * Fix for socket timeouts on long docker exec calls (#3125) * Respect timeout param on Windows (#3112) * update to 6.1.1: * Upgrade Notes (6.1.x) * Errors are no longer returned during client initialization if the credential helper cannot be found. A warning will be emitted instead, and an error is returned if the credential helper is used. * Bugfixes * Fix containers.stats() hanging with stream=True * Correct return type in docs for containers.diff() method * update to 6.1.0: * Upgrade Notes * Errors are no longer returned during client initialization if the credential helper cannot be found. A warning will be emitted instead, and an error is returned if the credential helper is used. * Features * Python 3.11 support * Use poll() instead of select() on non-Windows platforms * New API fields * network_driver_opt on container run / create * one-shot on container stats * status on services list * Bugfixes * Support for requests 2.29.0+ and urllib3 2.x * Do not strip characters from volume names * Fix connection leak on container.exec_* operations * Fix errors closing named pipes on Windows * update to 6.0.1: * Notice This version is not compatible with requests 2.29+ or urllib3 2.x. Either add requests < 2.29 and urllib3 < 2 to your requirements or upgrade to to the latest docker-py release. * Bugfixes * Fix for The pipe has been ended errors on Windows (#3056) * Support floats for timestamps in Docker logs (since / until) (#3031) * update to 6.0.0: * Upgrade Notes * Minimum supported Python version is 3.7+ * When installing with pip, the docker[tls] extra is deprecated and a no-op, use docker for same functionality (TLS support is always available now) * Native Python SSH client (used by default / use_ssh_client=False) will now * reject unknown host keys with paramiko.ssh_exception.SSHException * Short IDs are now 12 characters instead of 10 characters (same as Docker CLI) * Version metadata is now exposed as **version** * Features * Python 3.10 support * Automatically negotiate most secure TLS version * Add platform (e.g. linux/amd64, darwin/arm64) to container create & run * Add support for GlobalJob and ReplicatedJobs for Swarm * Add remove() method on Image * Add force param to disable() on Plugin * Bugfixes * Fix install issues on Windows related to pywin32 * Do not accept unknown SSH host keys in native Python SSH mode * Use 12 character short IDs for consistency with Docker CLI * Ignore trailing whitespace in .dockerignore files * Fix IPv6 host parsing when explicit port specified * Fix ProxyCommand option for SSH connections * Do not spawn extra subshell when launching external SSH client * Improve exception semantics to preserve context * Documentation improvements (formatting, examples, typos, missing params) * Miscellaneous * Upgrade dependencies in requirements.txt to latest versions * Remove extraneous transitive dependencies * Eliminate usages of deprecated functions/methods * Test suite reliability improvements * GitHub Actions workflows for linting, unit tests, integration tests, and publishing releases * add sle15_python_module_pythons * python-six is not required as well * python-mock actually not required for build * update to 5.0.3: * Add cap_add and cap_drop parameters to service create and ContainerSpec * Add templating parameter to config create * Bump urllib3 to 1.26.5 * Bump requests to 2.26.0 * Remove support for Python 2.7 * Make Python 3.6 the minimum version supported * Update to 4.4.4 From project changelog: 4.4.4 Bugfixes Remove LD_LIBRARY_PATH and SSL_CERT_FILE environment variables when shelling out to the ssh client 4.4.3 Features Add support for docker.types.Placement.MaxReplicas Bugfixes Fix SSH port parsing when shelling out to the ssh client 4.4.2 Bugfixes Fix SSH connection bug where the hostname was incorrectly trimmed and the error was hidden Fix docs example Miscellaneous Add Python3.8 and 3.9 in setup.py classifier list 4.4.1 Bugfixes Avoid setting unsuported parameter for subprocess.Popen on Windows Replace use of deprecated "filter" argument on ""docker/api/image" * update to 4.4.0: * Add an alternative SSH connection to the paramiko one, based on shelling out to the SSh client. Similar to the behaviour of Docker cli * Default image tag to `latest` on `pull` * Fix plugin model upgrade * Fix examples URL in ulimits * Improve exception messages for server and client errors * Bump cryptography from 2.3 to 3.2 * Set default API version to `auto` * Fix conversion to bytes for `float` * Support OpenSSH `identityfile` option * Add `DeviceRequest` type to expose host resources such as GPUs * Add support for `DriverOpts` in EndpointConfig * Disable compression by default when using container.get_archive method * Update default API version to v1.39 * Update test engine version to 19.03.12 * update to 4.2.2: * Fix context load for non-docker endpoints * update to 4.2.1: * Add option on when to use `tls` on Context constructor * Make context orchestrator field optional * Bump required version of pycreds to 0.4.0 (sync with requirements.txt) * update to 3.7.0 (mandatory for latest docker-compose) * add python-dockerpycreds dependency in the spec file rebase hide_py_pckgmgmt.patch Changes in python-fakeredis: * update to 2.21.0: * Implement all TOP-K commands (`TOPK.INFO`, `TOPK.LIST`, `TOPK.RESERVE`, * `TOPK.ADD`, `TOPK.COUNT`, `TOPK.QUERY`, `TOPK.INCRBY`) #278 * Implement all cuckoo filter commands #276 * Implement all Count-Min Sketch commands #277 * Fix XREAD blocking bug #274 #275 * EXAT option does not work #279 * update to 2.20.1: * Fix `XREAD` bug #256 * Testing for python 3.12 * update to 2.20.0: * Implement `BITFIELD` command #247 * Implement `COMMAND`, `COMMAND INFO`, `COMMAND COUNT` #248 * Remove unnecessary BR on python-lupa * update to 2.19.0: * Implement Bloom filters commands #239 * Fix error on blocking XREADGROUP #237 * update to 2.18.1: * Fix stream type issue #233 * update to 2.18.0: * Implement `PUBSUB NUMPAT` #195, `SSUBSCRIBE` #199, `SPUBLISH` #198, `SUNSUBSCRIBE` #200, `PUBSUB SHARDCHANNELS` #196, `PUBSUB SHARDNUMSUB` #197 * Fix All aio.FakeRedis instances share the same server #218 * update to 2.17.0: * Implement `LPOS` #207, `LMPOP` #184, and `BLMPOP` #183 * Implement `ZMPOP` #191, `BZMPOP` #186 * Fix incorrect error msg for group not found #210 * fix: use same server_key within pipeline when issued watch issue with ZRANGE and ZRANGESTORE with BYLEX #214 * Implemented support for `JSON.MSET` #174, `JSON.MERGE` #181 * Add support for version for async FakeRedis #205 * Updated how to test django_rq #204 * update to 2.15.0: * Implemented support for various stream groups commands: * `XGROUP CREATE` #161, `XGROUP DESTROY` #164, `XGROUP SETID` #165, `XGROUP DELCONSUMER` #162, * `XGROUP CREATECONSUMER` #163, `XINFO GROUPS` #168, `XINFO CONSUMERS` #168, `XINFO STREAM` #169, `XREADGROUP` #171, * `XACK` #157, `XPENDING` #170, `XCLAIM` #159, `XAUTOCLAIM` * Implemented sorted set commands: * `ZRANDMEMBER` #192, `ZDIFF` #187, `ZINTER` #189, `ZUNION` #194, `ZDIFFSTORE` #188, * `ZINTERCARD` #190, `ZRANGESTORE` #193 * Implemented list commands: * `BLMOVE` #182, * Improved documentation. * Fix documentation link * Fix requirement for packaging.Version #177 * Implement `HRANDFIELD` #156 * Implement `JSON.MSET` * Improve streams code * update to 2.13.0: * Fixed xadd timestamp (fixes #151) (#152) * Implement XDEL #153 * Improve test code * Fix reported security issue * Add support for `Connection.read_response` arguments used in redis-py 4.5.5 and 5.0.0 * Adding state for scan commands (#99) * Improved documentation (added async sample, etc.) * update to 2.12.0: * Implement `XREAD` #147 * Unique FakeServer when no connection params are provided * Minor fixes supporting multiple connections * Update documentation * connection parameters awareness: * Creating multiple clients with the same connection parameters will result in the same server data structure. * Fix creating fakeredis.aioredis using url with user/password * add sle15_python_module_pythons * Update to 2.10.3: * Support for redis-py 5.0.0b1 * Include tests in sdist (#133) * Fix import used in GenericCommandsMixin.randomkey (#135) * Fix async_timeout usage on py3.11 (#132) * Enable testing django-cache using FakeConnection. * All geo commands implemented * Fix bug for xrange * Fix bug for xrevrange * Implement XTRIM * Add support for MAXLEN, MAXID, LIMIT arguments for XADD command * Add support for ZRANGE arguments for ZRANGE command #127 * Relax python version requirement #128 * Support for redis-py 4.5.0 #125 * update to 2.7.1: * Fix import error for NoneType (#120) * Implement * JSON.ARRINDEX * JSON.OBJLEN * JSON.OBJKEYS * JSON.ARRPOP * JSON.ARRTRIM * JSON.NUMINCRBY * JSON.NUMMULTBY * XADD * XLEN * XRANGE * XREVRANGE * Implement `JSON.TYPE`, `JSON.ARRLEN` and `JSON.ARRAPPEND` * Fix encoding of None (#118) * update to v2.5.0: * Implement support for BITPOS (bitmap command) (#112) * Fix json mget when dict is returned (#114) * fix: properly export (#116) * Extract param handling (#113) * update to v2.4.0: * Implement LCS (#111), BITOP (#110) * Fix bug checking type in scan_iter (#109) * Implement GETEX (#102) * Implement support for JSON.STRAPPEND (json command) (#98) * Implement JSON.STRLEN, JSON.TOGGLE and fix bugs with JSON.DEL (#96) * Implement PUBSUB CHANNELS, PUBSUB NUMSUB * Implement JSON.CLEAR (#87) * Support for redis-py v4.4.0 * Implement json.mget (#85) * Initial json module support - JSON.GET, JSON.SET and JSON.DEL (#80) * fix: add nowait for asyncio disconnect (#76) * Refactor how commands are registered (#79) * Refactor tests from redispy4_plus (#77) * Remove support for aioredis separate from redis-py (redis-py versions 4.1.2 and below). (#65) * Add support for redis-py v4.4rc4 (#73) * Add mypy support (#74) * Implement support for zmscore by @the-wondersmith in #67 * What's Changed * implement GETDEL and SINTERCARD support by @cunla in #57 * Test get float-type behavior by @cunla in #59 * Implement BZPOPMIN/BZPOPMAX support by @cunla in #60 * drop fakeredis-pr54-fix-ensure_str.patch (upstream) * Update to 1.9.3 * Removed python-six dependency * zadd support for GT/LT by @cunla in #49 * Remove six dependency by @cunla in #51 * Add host to conn_pool_args by @cunla in #51 * Drop python-fakeredis-no-six.patch which was incomplete * all commits, including the missing ones in release now * Add fakeredis-pr54-fix-ensure_str.patch * use upstream https://github.com/cunla/fakeredis-py/pull/51/ * modified patches % python-fakeredis-no-six.patch (refreshed) * version update to 1.9.1 * Zrange byscore by @cunla in #44 * Expire options by @cunla in #46 * Enable redis7 support by @cunla in #42 * added patches fix https://github.com/cunla/fakeredis-py/issues/50 * python-fakeredis-no-six.patch * Update to 1.8.1 * fix: allow redis 4.3.* by @terencehonles in #30 * Release 1.8 * Fix handling url with username and password by @cunla in #27 * Refactor tests by @cunla in #28 * Release 1.7.6 * add IMOVE operation by @BGroever in #11 * Add SMISMEMBER command by @OlegZv in #20 * fix: work with redis.asyncio by @zhongkechen in #10 * Migrate to poetry by @cunla in #12 * Create annotation for redis4+ tests by @cunla in #14 * Make aioredis and lupa optional dependencies by @cunla in #16 * Remove aioredis requirement if redis-py 4.2+ by @ikornaselur in #19 * update to 1.7.0 * Change a number of corner-case behaviours to match Redis 6.2.6. * Fix DeprecationWarning for sampling from a set * Improved support for constructor arguments * Support redis-py 4 * Add support for GET option to SET * PERSIST and EXPIRE should invalidate watches * Update to 1.6.1 * # 305 Some packaging modernisation * # 306 Fix FakeRedisMixin.from_url for unix sockets * # 308 Remove use of async_generator from tests * Release 1.6.0 * # 304 Support aioredis 2 * # 302 Switch CI from Travis CI to Github Actions * update to 1.5.2 * support python 3.9 * support aioredis * Disable py2 as upstream actually disabled python2 support competely * The syntax simply is not compatible * Update to 1.3.0: * No upstream changelog * python2 tests are dysfunctional, test with python3 only * Update to 1.0.5: * No upstream changelog * Update to 1.0.4: * various bugfixes all around * Update to v1.0.3 * Support for redis 3.2 (no effective changes in v1.0.2) * Initial spec for v1.0.1 Changes in python-fixedint: * Switch build system from setuptools to pyproject.toml * Add python-pip and python-wheel to BuildRequires * Replace %python_build with %pyproject_wheel * Replace %python_install with %pyproject_install * Fix capitalization in Summary * Limit Python files matched in %files section * Switch package to modern Python Stack on SLE-15 * Add %{?sle15_python_module_pythons} * Drop %{?!python_module:%define python_module() python-%{ **} python3-%{** }} * Initial build * Version 0.2.0 Changes in python-httplib2: * require setuptools * Clean up SPEC file. * Add %{?sle15_python_module_pythons} * update to 0.22.0: * https: disable_ssl_certificate_validation caused ValueError: Cannot set verify_mode to CERT_NONE when check_hostname is enabled * Update to 0.21.0: * http: `Content-Encoding: deflate` must accept zlib encapsulation * https://github.com/httplib2/httplib2/pull/230 * Begin support and CI against CPython 3.10 and 3.11. * update to 0.20.4: proxy: support proxy urls with ipv6 address Tests compatible with Python3.10 and recent pytest. * add pyparsing dependency * update to 0.20.2: auth: support pyparsing v3 proxy: correct extraction of errno from pysocks ProxyConnectionError IMPORTANT cacerts: remove expired DST Root CA X3, add ISRG Root X1, X2 * update to 0.19.1: * auth header parsing performance optimizations; Thanks to Paul McGuire * Use mock from the standard library on Python>=3.3 set first, othewise a "ValueError: Cannot set verify_mode to CERT_NONE when check_hostname instead (bnc#761162) item not in cache \- initial version of python-httplib2 (0.2.0) Changes in python-httpretty: \- Add patch 0001-Fix- test_417_openssl.py-if-pyOpenSSL-not-available.patch: * Fix tests without pyOpenSSL support in urllib3 * Allow building with python-urllib3 >= 2.x * Do not use python-boto3 when building in SLE where it's currently not available for python311 * Add %{?sle15_python_module_pythons} * skip failing testsuite tests after requests update * Add patch relax-test-callback-response.patch: * Relax timeout for test_callback_response (bsc#1209571) * Add patch 460-miliseconds_tests.patch (gh#gabrielfalcao/HTTPretty#460): * Correct tests for s390x and aarch64 because of timeout failures after 2 miliseconds * Fix test suite: * Remove nose idioms * Remove outdated test skips * Add patch double-slash-paths.patch: * http.request may replace // with /, handle that in the testcase. * Add 453-fix-tests-pytest.patch (gh#gabrielfalcao/HTTPretty#449) to make tests compatible with pytest. * Add patch remove-mock.patch: * Use unittest.mock in the functional tests. * specfile: * update copyright year * update to version 1.1.4: * Bugfix: #435 Fallback to WARNING when logging.getLogger().level is None. * changes from version 1.1.3: * Bugfix: #430 Respect socket timeout. * changes from version 1.1.2: * Bugfix: #426 Segmentation fault when running against a large amount of tests with pytest --mypy. * changes from version 1.1.1: * Bugfix: httpretty.disable() injects pyopenssl into :py:mod:`urllib3` even if it originally wasn't #417 * Bugfix: "Incompatibility with boto3 S3 put_object" #416 * Bugfix: "Regular expression for URL -> TypeError: wrap_socket() missing 1 required" #413 * Bugfix: "Making requests to non-stadard port throws TimeoutError "#387 * changes from version 1.1.0: * Feature: Display mismatched URL within UnmockedError whenever possible. #388 * Feature: Display mismatched URL via logging. #419 * Add new properties to :py:class:`httpretty.core.HTTPrettyRequest` (protocol, host, url, path, method). * Updater to 1.0.5 * Bugfix: Support socket.socketpair() . #402 * Bugfix: Prevent exceptions from re-applying monkey patches. #406 * Release 1.0.4 * Python 3.8 and 3.9 support. #407 * Update to 1.0.3 * Fix compatibility with urllib3>=1.26. #410 * Replace nose with nose2 * avoid reading DNS resolver settings gh#gabrielfalcao/HTTPretty#405 * remove unnecessary test packages * Update to 1.0.2 * Drop Python 2 support. * Fix usage with redis and improve overall real-socket passthrough. * Fix TypeError: wrap_socket() missing 1 required positional argument: 'sock'. * Fix simple typo: neighter -> neither. * Updated documentation for register_uri concerning using ports. * Clarify relation between `enabled` and `httprettized` in API docs. * Align signature with builtin socket. * Version update to 0.9.6: * Many fixes all around * Support for python 3.7 * Make sure we really run the tests * Remove superfluous devel dependency for noarch package Changes in python-javaproperties: \- Switch package to modern Python Stack on SLE-15 \+ Add %{?sle15_python_module_pythons} * version update to 0.8.1 v0.8.1 (2021-10-05) * * * * Fix a typing issue in Python 3.9 * Support Python 3.10 v0.8.0 (2020-11-28) * * * * Drop support for Python 2.7, 3.4, and 3.5 * Support Python 3.9 * `ensure_ascii` parameter added to `PropertiesFile.dump()` and `PropertiesFile.dumps()` * **Bugfix** : When parsing XML input, empty `<entry>` tags now produce an empty string as a value, not `None` * Added type annotations * `Properties` and `PropertiesFile` no longer raise `TypeError` when given a non-string key or value, as type correctness is now expected to be enforced through static type checking * The `PropertiesElement` classes returned by `parse()` are no longer subclasses of `namedtuple`, but they can still be iterated over to retrieve their fields like a tuple * python-six is not required Changes in python-jsondiff: * Switch build system from setuptools to pyproject.toml * Add python-pip and python-wheel to BuildRequires * Replace %python_build with %pyproject_wheel * Replace %python_install with %pyproject_install * Limit Python files matched in %files section * Add %{?sle15_python_module_pythons} * Update to version 2.0.0 * Removed deprecated function * Remove deprecated jsondiff entry point * from version 1.3.1 * Optionally allow different escape_str than '$' * Clarified the readme, closes #23 * Fixed readme * Remove jsondiff command from %install, %post, %postun and %files sections Changes in python-knack: * Switch package to modern Python Stack on SLE-15 * Add %{?sle15_python_module_pythons} * Drop %{?!python_module:%define python_module() python-%{ **} python3-%{** }} * Drop %define skip_python2 1 * Update to version 0.11.0 * Declare support for Python 3.11 and drop support for Python 3.7 (#275) * Stop converting argument's `bool` default value to `DefaultInt` (#273) * Update to version 0.10.1 * Support bytearray serialization (#268) * Update to version 0.10.0 * Enable Virtual Terminal mode on legacy Windows terminal to support ANSI escape sequences (#265) * Drop Python 3.6 support (#259) * python-mock is not required for build Changes in python-marshmallow: * Switch build system from setuptools to pyproject.toml * Add python-pip and python-wheel to BuildRequires * Replace %python_build with %pyproject_wheel * Replace %python_install with %pyproject_install * Limit Python files matched in %files section * update to 3.20.2: * Bug fixes: - Fix Nested field type hint for lambda Schema types (:pr:`2164`). * Other changes: - Officially support Python 3.12 (:pr:`2188`). * update to 3.20.1: * Fix call to `get_declared_fields`: pass `dict_cls` again * Add `absolute` parameter to `URL` validator and `Url` * Use Abstract Base Classes to define `FieldABC` and `SchemaABC` * Use `OrderedSet` as default `set_class`. Schemas are now ordered by default. * Handle `OSError` and `OverflowError` in `utils.from_timestamp` (:pr:`2102`). * Fix the default inheritance of nested partial schemas * Officially support Python 3.11 (:pr:`2067`). * Drop support for Python 3.7 (:pr:`2135`). * Switch documentation to be within the main package on SLE15 * rename docs subpackage to the more common doc name * Update to 3.19.0 * Add timestamp and timestamp_ms formats to fields.DateTime (#612). Thanks @vgavro for the suggestion and thanks @vanHoi for the PR. Changes in python-opencensus: \- Add Obsoletes for old python3 package on SLE-15 \- Switch build system from setuptools to pyproject.toml \+ Add python-pip and python-wheel to BuildRequires \+ Replace %python_build with %pyproject_wheel \+ Replace %python_install with %pyproject_install \- Update to 0.11.4 * Changed bit-mapping for `httpx` and `fastapi` integrations \- Refresh patches for new version * opencensus-pr1002-remove-mock.patch \- Switch package to modern Python Stack on SLE-15 * Add %{?sle15_python_module_pythons} * Drop %{?!python_module:%define python_module() python-%{ **} python3-%{** }} * update to 0.11.3 * Updated azure modules * sorry, six is still needed :( * update to 0.11.2: * Updated `azure`, `fastapi`,`flask` modules * Updated `azure`, `httpx` modules * Update to 0.11.0 * Updated `azure`, `context`, `flask`, `requests` modules * from version 0.10.0 * Add kwargs to derived gauge (#1135) * from version 0.9.0 * Make sure handler.flush() doesn't deadlock (#1112) * Refresh patches for new version * opencensus-pr1002-remove-mock.patch * Update Requires from setup.py Changes in python-opencensus-context: \- Clean up the SPEC file \- Switch package to modern Python Stack on SLE-15 \+ Add %{?sle15_python_module_pythons} \+ Drop %{?!python_module:%define python_module() python-%{ **} python3-%{** }} \- Update to 0.1.3 * Move `version.py` file into `runtime_context` folder (#1143) Changes in python-opencensus-ext-threading: \- Switch package to modern Python Stack on SLE-15 \+ Add %{?sle15_python_module_pythons} \+ Drop %{?!python_module:%define python_module() python-%{ **} python3-%{** }} \+ Drop build support for Python 2.x Changes in python-opentelemetry-api: \- update to 1.23.0: * Use Attribute rather than boundattribute in logrecord (#3567) * Fix flush error when no LoggerProvider configured for LoggingHandler (#3608) * Fix OTLPMetricExporter ignores preferred_aggregation property (#3603) * Logs: set observed_timestamp field (#3565) * Add missing Resource SchemaURL in OTLP exporters (#3652) * Fix loglevel warning text (#3566) * Prometheus Exporter string representation for target_info labels (#3659) * Logs: ObservedTimestamp field is missing in console exporter output (#3564) * Fix explicit bucket histogram aggregation (#3429) * Add code.lineno, code.function and code.filepath to all logs (#3645) * Add Synchronous Gauge instrument (#3462) * Drop support for 3.7 (#3668) * Include key in attribute sequence warning (#3639) * Upgrade markupsafe, Flask and related dependencies to dev and test environments (#3609) * Handle HTTP 2XX responses as successful in OTLP exporters (#3623) * Improve Resource Detector timeout messaging (#3645) * Add Proxy classes for logging (#3575) * Remove dependency on 'backoff' library (#3679) * update to 1.22.0: * Prometheus exporter sanitize info metric (#3572) * Remove Jaeger exporters (#3554) * Log stacktrace on `UNKNOWN` status OTLP export error (#3536) * Fix OTLPExporterMixin shutdown timeout period (#3524) * Handle `taskName` `logrecord` attribute (#3557) * update to 1.21.0: * Fix `SumAggregation`(#3390) * Fix handling of empty metric collection cycles (#3335) * Fix error when no LoggerProvider configured for LoggingHandler (#3423) * Make `opentelemetry_metrics_exporter` entrypoint support pull exporters (#3428) * Allow instrument names to have '/' and up to 255 characters (#3442) * Do not load Resource on sdk import (#3447) * Update semantic conventions to version 1.21.0 (#3251) * Add missing schema_url in global api for logging and metrics (#3251) * Prometheus exporter support for auto instrumentation (#3413) * Modify Prometheus exporter to translate non-monotonic Sums into Gauges (#3306) * Update the body type in the log ($3343) * Add max_scale option to Exponential Bucket Histogram Aggregation (#3323) * Use BoundedAttributes instead of raw dict to extract attributes from LogRecord (#3310) * Support dropped_attributes_count in LogRecord and exporters (#3351) * Add unit to view instrument selection criteria (#3341) * Upgrade opentelemetry-proto to 0.20 and regen #3355) * Include endpoint in Grpc transient error warning #3362) * Fixed bug where logging export is tracked as trace #3375) * Select histogram aggregation with an environment variable * Move Protobuf encoding to its own package (#3169) * Add experimental feature to detect resource detectors in auto instrumentation (#3181) * Fix exporting of ExponentialBucketHistogramAggregation from opentelemetry.sdk.metrics.view (#3240) * Fix headers types mismatch for OTLP Exporters (#3226) * Fix suppress instrumentation for log batch processor (#3223) * Add speced out environment variables and arguments for BatchLogRecordProcessor (#3237) * Fix `ParentBased` sampler for implicit parent spans. Fix also `trace_state` erasure for dropped spans or spans sampled by the `TraceIdRatioBased` sampler. Changes in python-opentelemetry-sdk: * Add missing python-wheel build dependency to BuildRequires * update to 1.23.0: * Use Attribute rather than boundattribute in logrecord (#3567) * Fix flush error when no LoggerProvider configured for LoggingHandler (#3608) * Fix OTLPMetricExporter ignores preferred_aggregation property (#3603) * Logs: set observed_timestamp field (#3565) * Add missing Resource SchemaURL in OTLP exporters (#3652) * Fix loglevel warning text (#3566) * Prometheus Exporter string representation for target_info labels (#3659) * Logs: ObservedTimestamp field is missing in console exporter output (#3564) * Fix explicit bucket histogram aggregation (#3429) * Add code.lineno, code.function and code.filepath to all logs (#3645) * Add Synchronous Gauge instrument (#3462) * Drop support for 3.7 (#3668) * Include key in attribute sequence warning (#3639) * Upgrade markupsafe, Flask and related dependencies to dev and test environments (#3609) * Handle HTTP 2XX responses as successful in OTLP exporters (#3623) * Improve Resource Detector timeout messaging (#3645) * Add Proxy classes for logging (#3575) * Remove dependency on 'backoff' library (#3679) * update to 1.23.0: * Use Attribute rather than boundattribute in logrecord (#3567) * Fix flush error when no LoggerProvider configured for LoggingHandler (#3608) * Fix OTLPMetricExporter ignores preferred_aggregation property (#3603) * Logs: set observed_timestamp field (#3565) * Add missing Resource SchemaURL in OTLP exporters (#3652) * Fix loglevel warning text (#3566) * Prometheus Exporter string representation for target_info labels (#3659) * Logs: ObservedTimestamp field is missing in console exporter output (#3564) * Fix explicit bucket histogram aggregation (#3429) * Add code.lineno, code.function and code.filepath to all logs (#3645) * Add Synchronous Gauge instrument (#3462) * Drop support for 3.7 (#3668) * Include key in attribute sequence warning (#3639) * Upgrade markupsafe, Flask and related dependencies to dev and test environments (#3609) * Handle HTTP 2XX responses as successful in OTLP exporters (#3623) * Improve Resource Detector timeout messaging (#3645) * Add Proxy classes for logging (#3575) * Remove dependency on 'backoff' library (#3679) * Switch package to modern Python Stack on SLE-15 * Add %{?sle15_python_module_pythons} * Initial package (1.22.0) Changes in python-opentelemetry-semantic- conventions: * update to 0.44b0: * Use Attribute rather than boundattribute in logrecord (#3567) * Fix flush error when no LoggerProvider configured for LoggingHandler (#3608) * Fix OTLPMetricExporter ignores preferred_aggregation property (#3603) * Logs: set observed_timestamp field (#3565) * Add missing Resource SchemaURL in OTLP exporters (#3652) * Fix loglevel warning text (#3566) * Prometheus Exporter string representation for target_info labels (#3659) * Logs: ObservedTimestamp field is missing in console exporter output (#3564) * Fix explicit bucket histogram aggregation (#3429) * Add code.lineno, code.function and code.filepath to all logs (#3645) * Add Synchronous Gauge instrument (#3462) * Drop support for 3.7 (#3668) * Include key in attribute sequence warning (#3639) * Upgrade markupsafe, Flask and related dependencies to dev and test environments (#3609) * Handle HTTP 2XX responses as successful in OTLP exporters (#3623) * Improve Resource Detector timeout messaging (#3645) * Add Proxy classes for logging (#3575) * Remove dependency on 'backoff' library (#3679) * update to 0.43b0: * Prometheus exporter sanitize info metric * Remove Jaeger exporters * Log stacktrace on `UNKNOWN` status OTLP export error * Fix OTLPExporterMixin shutdown timeout period * Handle `taskName` `logrecord` attribute * Fix `SumAggregation` * Fix handling of empty metric collection cycles * Fix error when no LoggerProvider configured for LoggingHandler * Make `opentelemetry_metrics_exporter` entrypoint support pull exporters * Allow instrument names to have '/' and up to 255 characters * Do not load Resource on sdk import * Update semantic conventions to version 1.21.0 * Add missing schema_url in global api for logging and metrics * Prometheus exporter support for auto instrumentation * Drop `setuptools` runtime requirement. * Update the body type in the log ($3343) * Add max_scale option to Exponential Bucket Histogram Aggregation * Use BoundedAttributes instead of raw dict to extract attributes from LogRecord * Support dropped_attributes_count in LogRecord and exporters * Add unit to view instrument selection criteria * Upgrade opentelemetry-proto to 0.20 and regen #3355) * Include endpoint in Grpc transient error warning #3362) * Fixed bug where logging export is tracked as trace #3375) * Select histogram aggregation with an environment variable * Move Protobuf encoding to its own package * Add experimental feature to detect resource detectors in auto instrumentation * Fix exporting of ExponentialBucketHistogramAggregation from opentelemetry.sdk.metrics.view * Fix headers types mismatch for OTLP Exporters * Fix suppress instrumentation for log batch processor * Add speced out environment variables and arguments for BatchLogRecordProcessor * Initial build * Version 0.25b2 Changes in python-opentelemetry-test-utils: * update to 0.44b0: * Use Attribute rather than boundattribute in logrecord (#3567) * Fix flush error when no LoggerProvider configured for LoggingHandler (#3608) * Fix OTLPMetricExporter ignores preferred_aggregation property (#3603) * Logs: set observed_timestamp field (#3565) * Add missing Resource SchemaURL in OTLP exporters (#3652) * Fix loglevel warning text (#3566) * Prometheus Exporter string representation for target_info labels (#3659) * Logs: ObservedTimestamp field is missing in console exporter output (#3564) * Fix explicit bucket histogram aggregation (#3429) * Add code.lineno, code.function and code.filepath to all logs (#3645) * Add Synchronous Gauge instrument (#3462) * Drop support for 3.7 (#3668) * Include key in attribute sequence warning (#3639) * Upgrade markupsafe, Flask and related dependencies to dev and test environments (#3609) * Handle HTTP 2XX responses as successful in OTLP exporters (#3623) * Improve Resource Detector timeout messaging (#3645) * Add Proxy classes for logging (#3575) * Remove dependency on 'backoff' library (#3679) * Initial package (0.43b0) Changes in python-pycomposefile: * Switch package to modern Python Stack on SLE-15 * Add %{?sle15_python_module_pythons} * Initial build * Version 0.0.30 Changes in python-pydash: * Switch package to modern Python Stack on SLE-15 * Add %{?sle15_python_module_pythons} * Drop %{?!python_module:%define python_module() python-%{ **} python3-%{** }} * Update to version 6.0.2 * Only prevent access to object paths containing `__globals__` or `__builtins__` instead of all dunder-methods for non-dict/list objects. * from version 6.0.1 * Fix exception raised due to mishandling of non-string keys in functions like `get()` for non-dict/list objects that used integer index references like `"[0]"`. * from version 6.0.0 * Prevent access to object paths containing dunder-methods in functions like `get()` for non-dict/list objects. Attempting to access dunder-methods using get-path keys will raise a `KeyError` (e.g. `get(SomeClass(), '__init__'` will raise). Access to dict keys are unaffected (e.g. `get({"__init__": True}, "__init__")` will return `True`). ( **breaking change** ) * Add support for Python 3.11. * Drop support for Python 3.6 ( **breaking change** ) * from version 5.1.2 * Remove unnecessary type check and conversion for `exceptions` argument in `pydash.retry`. * from version 5.1.1 * Add support for Python 3.10. * Fix timing assertion issue in test for `pydash.delay` where it could fail on certain environments. * Switch build system from setuptools to pyproject.toml * Update BuildRequires from pyproject.toml * version update to 5.1.0 v5.1.0 (2021-10-02) * * * * Support matches-style callbacks on non-dictionary objects that are compatible with `pydash.get` in functions like `pydash.find`. v5.0.2 (2021-07-15) * * * * Fix compatibility issue between `pydash.py_` / `pydash._` and `typing.Protocol` \+ `typing.runtime_checkable` that caused an exception to be raised for `isinstance(py_, SomeRuntimeCheckableProtocol)`. v5.0.1 (2021-06-27) * * * * Fix bug in `merge_with` that prevented custom iteratee from being used when recursively merging. Thanks weineel_! v5.0.0 (2021-03-29) * * * * Drop support for Python 2.7. ( **breaking change** ) * Improve Unicode word splitting in string functions to be inline with Lodash. Thanks mervynlee94_! ( **breaking change** ) * `camel_case` * `human_case` * `kebab_case` * `lower_case` * `pascal_case` * `separator_case` * `slugify` * `snake_case` * `start_case` * `upper_case` * Optimize regular expression constants used in `pydash.strings` by pre- compiling them to regular expression pattern objects. v4.9.3 (2021-03-03) * * * * Fix regression introduced in `v4.8.0` that caused `merge` and `merge_with` to raise an exception when passing `None` as the first argument. v4.9.2 (2020-12-24) * * * * Fix regression introduced in `v4.9.1` that broke `pydash.get` for dictionaries and dot-delimited keys that reference integer dict-keys. v4.9.1 (2020-12-14) * * * * Fix bug in `get/has` that caused `defaultdict` objects to get populated on key access. v4.9.0 (2020-10-27) * * * * Add `default_to_any`. Thanks gonzalonaveira_! * Fix mishandling of key names containing `\.` in `set_`, `set_with`, and `update_with` where the `.` was not treated as a literal value within the key name. Thanks zhaowb_! * python-mock is not required for build * Activate test suite * Update to v4.8.0 * Initial spec for v4.7.6 Changes in python-redis: * Switch build system from setuptools to pyproject.toml * Add python-pip and python-wheel to BuildRequires * Replace %python_build with %pyproject_wheel * Replace %python_install with %pyproject_install * add https://github.com/redis/redis-py/pull/3005 as Close-various-objects- created-during-asyncio-tests.patch to fix tests for python 3.12 * Add patch to increase timeouts in s390x where tests take longer to run: * increase-test-timeout.patch * Disable broken tests for ppc64le, bsc#1216606 * Add pytest.ini source needed to run tests * Remove/disable broken tests because of suse environment * drop tox.ini. seems it does no longer exist in 5.0.1 * add support to easily disable the testsuite at build time * update to 5.0.1 * New Features * Provide aclose() / close() for classes requiring lifetime management (#2898) * Add support for ModuleCommands in cluster (#2951) * Add support for multiple values in RPUSHX (#2949) * Add Redis.from_pool() class method, for explicitly owning and closing a ConnectionPool (#2913) * Bug Fixes * Fixing monitor parsing for messages containing specific substrings (#2950) * Cluster determine slot command name need to be upper (#2919) * Support timeout = 0 in search query (#2934) * Fix async sentinel: add push_request keyword argument to read_response (#2922) * Fix protocol checking for search commands (#2923) * Fix: SentinelManagedConnection.read_response() got an unexpected keyword argument 'push_request' (#2894) * Fix: automatically close connection pool for async Sentinel (#2900) * Save a reference to created async tasks, to avoid tasks potentially disappearing (#2816) * Avoid reference cycling by the garbage collector during response reading (#2932) * Maintenance * Type hint improvements (#2952) * Replace clear_connect_callbacks with _deregister_connect_callback (#2955) * Async fixes, remove del and other things (#2870) * Add pagination, sorting and grouping examples to search json example (#2890) * Remove process-id checks from asyncio. Asyncio and fork() does not mix. (#2911) * Fix resource usage and cleanup Mocks in the unit tests (#2936) * Remove mentions of tox (#2929) * Add 7.2 to supported Redis versions (#2896) * Fix resource warnings in unit tests (#2899) * Fix typo in redis-stream-example.ipynb (#2918) * Deprecate RedisGraph (#2927) * Fix redis 7.2.0 tests (#2902) * Fix test_scorer (search) (#2920) * changes from 5.0.0 * What's new? * Triggers and Functions support Triggers and Functions allow you to execute server-side functions triggered when key values are modified or created in Redis, a stream entry arrival, or explicitly calling them. Simply put, you can replace Lua scripts with easy-to-develop JavaScript or TypeScript code. Move your business logic closer to the data to ensure a lower latency, and forget about updating dependent key values manually in your code. Try it for yourself with Quick start * Full Redis 7.2 and RESP3 support * Python 3.7 End-of-Life * Python 3.7 has reached its end-of-life (EOL) as of June 1. This means that starting from this date, Python 3.7 will no longer receive any updates, including security patches, bug fixes, or improvements. If you continue to use Python 3.7 post-EOL, you may expose your projects and systems to potential security vulnerabilities. We ended its support in this version and strongly recommend migrating to Python 3.10. * Bug Fixes * Fix timeout retrying on pipeline execution (#2812) * Fix socket garbage collection (#2859) * Maintenance * Updating client license to clear, MIT (#2884) * Add py.typed in accordance with PEP-561 (#2738) * Dependabot label change (#2880) * Fix type hints in SearchCommands (#2817) * Add sync modules (except search) tests to cluster CI (#2850) * Fix a duplicate word in CONTRIBUTING.md (#2848) * Fixing doc builds (#2869) * Change cluster docker to edge and enable debug command (#2853) * changes from 4.6.0 * Experimental Features * Support JSON.MERGE command (#2761) * Support JSON.MSET command (#2766) * New Features * Extract abstract async connection class (#2734) * Add support for WAITAOF (#2760) * Introduce OutOfMemoryError exception for Redis write command rejections due to OOM errors (#2778) * Add WITHSCORE argument to ZRANK (#2758) * Bug Fixes * Fix dead weakref in sentinel connection causing ReferenceError (#2767) (#2771) * Fix Key Error in parse_xinfo_stream (#2788) * Remove unnecessary **del** handlers (#2755) * Added support for missing argument to SentinelManagedConnection.read_response() (#2756) * Maintenance * Fix type hint for retry_on_error in async cluster (#2804) * Clean up documents and fix some redirects (#2801) * Add unit tests for the connect method of all Redis connection classes (#2631) * Docstring formatting fix (#2796) * update to 4.5.5: * Add support for CLIENT NO-TOUCH * Add support for CLUSTER MYSHARDID * Add "address_remap" feature to RedisCluster * Add WITHSCORES argument to ZREVRANK command * Improve error output for master discovery * Fix XADD: allow non negative maxlen * Fix create single connection client from url * Optionally disable disconnects in read_response * Fix SLOWLOG GET return value * Fix potential race condition during disconnection * Return response in case of KeyError * Fix incorrect usage of once flag in async Sentinel * Fix memory leak caused by hiredis in asyncio case * Really do not use asyncio's timeout lib before 3.11.2 * add sle15_python_module_pythons * Update to 4.5.4: * Security * Cancelling an async future does not, properly trigger, leading to a potential data leak in specific cases. (CVE-2023-28858, bsc#1209811) * Cancelling an async future does not, properly trigger, leading to a potential data leak in specific cases. (CVE-2023-28859, bsc#1209812) * New Features * Introduce AbstractConnection so that UnixDomainSocketConnection can call super().init (#2588) * Added queue_class to REDIS_ALLOWED_KEYS (#2577) * Made search document subscriptable (#2615) * Sped up the protocol parsing (#2596) * Use hiredis::pack_command to serialized the commands. (#2570) * Add support for unlink in cluster pipeline (#2562) * Bug Fixes * Fixing cancelled async futures (#2666) * Fix: do not use asyncio's timeout lib before 3.11.2 (#2659) * Fix UDS in v4.5.2: UnixDomainSocketConnection missing constructor argument (#2630) * CWE-404 AsyncIO Race Condition Fix (#2624, #2579) * Fix behaviour of async PythonParser to match RedisParser as for issue #2349 (#2582) * Replace async_timeout by asyncio.timeout (#2602) * Update json().arrindex() default values (#2611) * Fix #2581 UnixDomainSocketConnection object has no attribute _command_packer (#2583) * Fix issue with pack_commands returning an empty byte sequence (#2416) * Async HiredisParser should finish parsing after a Connection.disconnect() (#2557) * Check for none, prior to raising exception (#2569) * Tuple function cannot be passed more than one argument (#2573) * Synchronise concurrent command calls to single-client to single-client mode (#2568) * Async: added 'blocking' argument to call lock method (#2454) * Added a replacement for the default cluster node in the event of failure. (#2463) * Fixed geosearch: Wrong number of arguments for geosearch command (#2464) * Clean up BuildRequires and Requires. * Disable broken test test_xautoclaim gh#redis/redis-py#2554 * udpate to 4.3.5: * Add support for TIMESERIES 1.8 (#2296) * Graph - add counters for removed labels and properties (#2292) * Add support for TDIGEST.QUANTILE extensions (#2317) * Add TDIGEST.TRIMMED_MEAN (#2300) * Add support for async GRAPH module (#2273) * Support TDIGEST.MERGESTORE and make compression optional on TDIGEST.CREATE (#2319) * Adding reserve as an alias for create, so that we have BF.RESERVE and CF.RESERVE accuratenly supported (#2331) * Fix async connection.is_connected to return a boolean value (#2278) * Fix: workaround asyncio bug on connection reset by peer (#2259) * Fix crash: key expire while search (#2270) * Async cluster: fix concurrent pipeline (#2280) * Fix async SEARCH pipeline (#2316) * Fix KeyError in async cluster - initialize before execute multi key commands (#2439) * Supply chain risk reduction: remove dependency on library named deprecated (#2386) * Search test - Ignore order of the items in the response (#2322) * Fix GRAPH.LIST & TDIGEST.QUANTILE tests (#2335) * Fix TimeSeries range aggregation (twa) tests (#2358) * Mark TOPK.COUNT as deprecated (#2363) * update to 4.3.4: * Fix backward compatibility from 4.3.2 in Lock.acquire() * Fix XAUTOCLAIM to return the full response, instead of only keys 2+ * Added dynamic_startup_nodes configuration to RedisCluster. * Fix retries in async mode * Async cluster: fix simultaneous initialize * Uppercased commands in CommandsParser.get_keys * Late eval of the skip condition in async tests * Reuse the old nodes' connections when a cluster topology refresh is being done * Docs: add pipeline examples * Correct retention_msecs value * Cluster: use pipeline to execute split commands * Docs: Add a note about client_setname and client_name difference * Delete unused redismod.conf, remove duplicate Source entry for tox.ini * Add redismod.conf and tox.ini as Sources to SPEC file. * Update to version 4.3.3 * Fix Lock crash, and versioning 4.3.3 (#2210) * Async cluster: improve docs (#2208) * Release 4.3.2 * SHUTDOWN - add support for the new NOW, FORCE and ABORT modifiers (#2150) * Adding pipeline support for async cluster (#2199) * Support CF.MEXISTS + Clean bf/commands.py (#2184) * Extending query_params for FT.PROFILE (#2198) * Implementing ClusterPipeline Lock (#2190) * Set default response_callbacks to redis.asyncio.cluster.ClusterNode (#2201) * Add default None for maxlen at xtrim command (#2188) * Async cluster: add/update typing (#2195) * Changed list type to single element type (#2203) * Made sync lock consistent and added types to it (#2137) * Async cluster: optimisations (#2205) * Fix typos in README (#2206) * Fix modules links to https://redis.io/commands/ (#2185) * Update to version 4.3.1 * Allow negative `retries` for `Retry` class to retry forever * Add `items` parameter to `hset` signature * Create codeql-analysis.yml (#1988). Thanks @chayim * Add limited support for Lua scripting with RedisCluster * Implement `.lock()` method on RedisCluster * Fix cursor returned by SCAN for RedisCluster & change default target to PRIMARIES * Fix scan_iter for RedisCluster * Remove verbose logging when initializing ClusterPubSub, ClusterPipeline or RedisCluster * Fix broken connection writer lock-up for asyncio (#2065) * Fix auth bug when provided with no username (#2086) * Release 4.1.3 * Fix flushdb and flushall (#1926) * Add redis5 and redis4 dockers (#1871) * Change json.clear test multi to be up to date with redisjson (#1922) * Fixing volume for unstable_cluster docker (#1914) * Update changes file with changes since 4.0.0-beta2 (#1915) * Release 4.1.2 * Invalid OCSP certificates should raise ConnectionError on failed validation (#1907) * Added retry mechanism on socket timeouts when connecting to the server (#1895) * LMOVE, BLMOVE return incorrect responses (#1906) * Fixing AttributeError in UnixDomainSocketConnection (#1903) * Fixing TypeError in GraphCommands.explain (#1901) * For tests, increasing wait time for the cluster (#1908) * Increased pubsub's wait_for_messages timeout to prevent flaky tests (#1893) * README code snippets formatted to highlight properly (#1888) * Fix link in the main page (#1897) * Documentation fixes: JSON Example, SSL Connection Examples, RTD version (#1887) * Direct link to readthedocs (#1885) * Release 4.1.1 * Add retries to connections in Sentinel Pools (#1879) * OCSP Stapling Support (#1873) * Define incr/decr as aliases of incrby/decrby (#1874) * FT.CREATE - support MAXTEXTFIELDS, TEMPORARY, NOHL, NOFREQS, SKIPINITIALSCAN (#1847) * Timeseries docs fix (#1877) * get_connection: catch OSError too (#1832) * Set keys var otherwise variable not created (#1853) * Clusters should optionally require full slot coverage (#1845) * Triple quote docstrings in client.py PEP 257 (#1876) * syncing requirements (#1870) * Typo and typing in GraphCommands documentation (#1855) * Allowing poetry and redis-py to install together (#1854) * setup.py: Add project_urls for PyPI (#1867) * Support test with redis unstable docker (#1850) * Connection examples (#1835) * Documentation cleanup (#1841) * Release 4.1.0 * OCSP stapling support (#1820) * Support for SELECT (#1825) * Support for specifying error types with retry (#1817) * Support for RESET command since Redis 6.2.0 (#1824) * Support CLIENT TRACKING (#1612) * Support WRITE in CLIENT PAUSE (#1549) * JSON set_file and set_path support (#1818) * Allow ssl_ca_path with rediss:// urls (#1814) * Support for password-encrypted SSL private keys (#1782) * Support SYNC and PSYNC (#1741) * Retry on error exception and timeout fixes (#1821) * Fixing read race condition during pubsub (#1737) * Fixing exception in listen (#1823) * Fixed MovedError, and stopped iterating through startup nodes when slots are fully covered (#1819) * Socket not closing after server disconnect (#1797) * Single sourcing the package version (#1791) * Ensure redis_connect_func is set on uds connection (#1794) * SRTALGO - Skip for redis versions greater than 7.0.0 (#1831) * Documentation updates (#1822) * Add CI action to install package from repository commit hash (#1781) (#1790) * Fix link in lmove docstring (#1793) * Disabling JSON.DEBUG tests (#1787) * Migrated targeted nodes to kwargs in Cluster Mode (#1762) * Added support for MONITOR in clusters (#1756) * Adding ROLE Command (#1610) * Integrate RedisBloom support (#1683) * Adding RedisGraph support (#1556) * Allow overriding connection class via keyword arguments (#1752) * Aggregation LOAD * support for RediSearch (#1735) * Adding cluster, bloom, and graph docs (#1779) * Add packaging to setup_requires, and use >= to play nice to setup.py (fixes #1625) (#1780) * Fixing the license link in the readme (#1778) * Removing distutils from tests (#1773) * Fix cluster ACL tests (#1774) * Improved RedisCluster's reinitialize_steps and documentation (#1765) * Added black and isort (#1734) * Link Documents for all module commands (#1711) * Pyupgrade + flynt + f-strings (#1759) * Remove unused aggregation subclasses in RediSearch (#1754) * Adding RedisCluster client to support Redis Cluster Mode (#1660) * Support RediSearch FT.PROFILE command (#1727) * Adding support for non-decodable commands (#1731) * COMMAND GETKEYS support (#1738) * RedisJSON 2.0.4 behaviour support (#1747) * Removing deprecating distutils (PEP 632) (#1730) * Updating PR template (#1745) * Removing duplication of Script class (#1751) * Splitting documentation for read the docs (#1743) * Improve code coverage for aggregation tests (#1713) * Fixing COMMAND GETKEYS tests (#1750) * GitHub release improvements (#1684) * Release 4.0.2 * Restoring Sentinel commands to redis client (#1723) * Better removal of hiredis warning (#1726) * Adding links to redis documents in function calls (#1719) * Release 4.0.1 * Removing command on initial connections (#1722) * Removing hiredis warning when not installed (#1721) * Release 4.0.0 * FT.EXPLAINCLI intentionally raising NotImplementedError * Restoring ZRANGE desc for Redis < 6.2.0 (#1697) * Response parsing occasionally fails to parse floats (#1692) * Re-enabling read-the-docs (#1707) * Call HSET after FT.CREATE to avoid keyspace scan (#1706) * Unit tests fixes for compatibility (#1703) * Improve documentation about Locks (#1701) * Fixes to allow --redis-url to pass through all tests (#1700) * Fix unit tests running against Redis 4.0.0 (#1699) * Search alias test fix (#1695) * Adding RediSearch/RedisJSON tests (#1691) * Updating codecov rules (#1689) * Tests to validate custom JSON decoders (#1681) * Added breaking icon to release drafter (#1702) * Removing dependency on six (#1676) * Re-enable pipeline support for JSON and TimeSeries (#1674) * Export Sentinel, and SSL like other classes (#1671) * Restore zrange functionality for older versions of Redis (#1670) * Fixed garbage collection deadlock (#1578) * Tests to validate built python packages (#1678) * Sleep for flaky search test (#1680) * Test function renames, to match standards (#1679) * Docstring improvements for Redis class (#1675) * Fix georadius tests (#1672) * Improvements to JSON coverage (#1666) * Add python_requires setuptools check for python > 3.6 (#1656) * SMISMEMBER support (#1667) * Exposing the module version in loaded_modules (#1648) * RedisTimeSeries support (#1652) * Support for json multipath ($) (#1663) * Added boolean parsing to PEXPIRE and PEXPIREAT (#1665) * Add python_requires setuptools check for python > 3.6 (#1656) * Adding vulture for static analysis (#1655) * Starting to clean the docs (#1657) * Update README.md (#1654) * Adding description format for package (#1651) * Publish to pypi as releases are generated with the release drafter (#1647) * Restore actions to prs (#1653) * Fixing the package to include commands (#1649) * Re-enabling codecov as part of CI process (#1646) * Adding support for redisearch (#1640) Thanks @chayim * redisjson support (#1636) Thanks @chayim * Sentinel: Add SentinelManagedSSLConnection (#1419) Thanks @AbdealiJK * Enable floating parameters in SET (ex and px) (#1635) Thanks @AvitalFineRedis * Add warning when hiredis not installed. Recommend installation. (#1621) Thanks @adiamzn * Raising NotImplementedError for SCRIPT DEBUG and DEBUG SEGFAULT (#1624) Thanks @chayim * CLIENT REDIR command support (#1623) Thanks @chayim * REPLICAOF command implementation (#1622) Thanks @chayim * Add support to NX XX and CH to GEOADD (#1605) Thanks @AvitalFineRedis * Add support to ZRANGE and ZRANGESTORE parameters (#1603) Thanks @AvitalFineRedis * Pre 6.2 redis should default to None for script flush (#1641) Thanks @chayim * Add FULL option to XINFO SUMMARY (#1638) Thanks @agusdmb * Geosearch test should use any=True (#1594) Thanks @Andrew-Chen-Wang * Removing packaging dependency (#1626) Thanks @chayim * Fix client_kill_filter docs for skimpy (#1596) Thanks @Andrew-Chen-Wang * Normalize minid and maxlen docs (#1593) Thanks @Andrew-Chen-Wang * Update docs for multiple usernames for ACL DELUSER (#1595) Thanks @Andrew-Chen-Wang * Fix grammar of get param in set command (#1588) Thanks @Andrew-Chen-Wang * Fix docs for client_kill_filter (#1584) Thanks @Andrew-Chen-Wang * Convert README & CONTRIBUTING from rst to md (#1633) Thanks @davidylee * Test BYLEX param in zrangestore (#1634) Thanks @AvitalFineRedis * Tox integrations with invoke and docker (#1632) Thanks @chayim * Adding the release drafter to help simplify release notes (#1618). Thanks @chayim * BACKWARDS INCOMPATIBLE: Removed support for end of life Python 2.7. #1318 * BACKWARDS INCOMPATIBLE: All values within Redis URLs are unquoted via urllib.parse.unquote. Prior versions of redis-py supported this by specifying the `decode_components` flag to the `from_url` functions. This is now done by default and cannot be disabled. #589 * POTENTIALLY INCOMPATIBLE: Redis commands were moved into a mixin (see commands.py). Anyone importing `redis.client` to access commands directly should import `redis.commands`. #1534, #1550 * Removed technical debt on REDIS_6_VERSION placeholder. Thanks @chayim #1582. * Various docus fixes. Thanks @Andrew-Chen-Wang #1585, #1586. * Support for LOLWUT command, available since Redis 5.0.0. Thanks @brainix #1568. * Added support for CLIENT REPLY, available in Redis 3.2.0. Thanks @chayim #1581. * Support for Auto-reconnect PubSub on get_message. Thanks @luhn #1574. * Fix RST syntax error in README/ Thanks @JanCBrammer #1451. * IDLETIME and FREQ support for RESTORE. Thanks @chayim #1580. * Supporting args with MODULE LOAD. Thanks @chayim #1579. * Updating RedisLabs with Redis. Thanks @gkorland #1575. * Added support for ASYNC to SCRIPT FLUSH available in Redis 6.2.0. Thanks @chayim. #1567 * Added CLIENT LIST fix to support multiple client ids available in Redis 2.8.12. Thanks @chayim #1563. * Added DISCARD support for pipelines available in Redis 2.0.0. Thanks @chayim #1565. * Added ACL DELUSER support for deleting lists of users available in Redis 6.2.0. Thanks @chayim. #1562 * Added CLIENT TRACKINFO support available in Redis 6.2.0. Thanks @chayim. #1560 * Added GEOSEARCH and GEOSEARCHSTORE support available in Redis 6.2.0. Thanks @AvitalFine Redis. #1526 * Added LPUSHX support for lists available in Redis 4.0.0. Thanks @chayim. #1559 * Added support for QUIT available in Redis 1.0.0. Thanks @chayim. #1558 * Added support for COMMAND COUNT available in Redis 2.8.13. Thanks @chayim. #1554. * Added CREATECONSUMER support for XGROUP available in Redis 6.2.0. Thanks @AvitalFineRedis. #1553 * Including slowly complexity in INFO if available. Thanks @ian28223 #1489. * Added support for STRALGO available in Redis 6.0.0. Thanks @AvitalFineRedis. #1528 * Addes support for ZMSCORE available in Redis 6.2.0. Thanks @2014BDuck and @jiekun.zhu. #1437 * Support MINID and LIMIT on XADD available in Redis 6.2.0. Thanks @AvitalFineRedis. #1548 * Added sentinel commands FLUSHCONFIG, CKQUORUM, FAILOVER, and RESET available in Redis 2.8.12. Thanks @otherpirate. #834 * Migrated Version instead of StrictVersion for Python 3.10. Thanks @tirkarthi. #1552 * Added retry mechanism with backoff. Thanks @nbraun-amazon. #1494 * Migrated commands to a mixin. Thanks @chayim. #1534 * Added support for ZUNION, available in Redis 6.2.0. Thanks @AvitalFineRedis. #1522 * Added support for CLIENT LIST with ID, available in Redis 6.2.0. Thanks @chayim. #1505 * Added support for MINID and LIMIT with xtrim, available in Reds 6.2.0. Thanks @chayim. #1508 * Implemented LMOVE and BLMOVE commands, available in Redis 6.2.0. Thanks @chayim. #1504 * Added GET argument to SET command, available in Redis 6.2.0. Thanks @2014BDuck. #1412 * Documentation fixes. Thanks @enjoy-binbin @jonher937. #1496 #1532 * Added support for XAUTOCLAIM, available in Redis 6.2.0. Thanks @AvitalFineRedis. #1529 * Added IDLE support for XPENDING, available in Redis 6.2.0. Thanks @AvitalFineRedis. #1523 * Add a count parameter to lpop/rpop, available in Redis 6.2.0. Thanks @wavenator. #1487 * Added a (pypy) trove classifier for Python 3.9. Thanks @D3X. #1535 * Added ZINTER support, available in Redis 6.2.0. Thanks @AvitalFineRedis. #1520 * Added ZINTER support, available in Redis 6.2.0. Thanks @AvitalFineRedis. #1520 * Added ZDIFF and ZDIFFSTORE support, available in Redis 6.2.0. Thanks @AvitalFineRedis. #1518 * Added ZRANGESTORE support, available in Redis 6.2.0. Thanks @AvitalFineRedis. #1521 * Added LT and GT support for ZADD, available in Redis 6.2.0. Thanks @chayim. #1509 * Added ZRANDMEMBER support, available in Redis 6.2.0. Thanks @AvitalFineRedis. #1519 * Added GETDEL support, available in Redis 6.2.0. Thanks @AvitalFineRedis. #1514 * Added CLIENT KILL laddr filter, available in Redis 6.2.0. Thanks @chayim. #1506 * Added CLIENT UNPAUSE, available in Redis 6.2.0. Thanks @chayim. #1512 * Added NOMKSTREAM support for XADD, available in Redis 6.2.0. Thanks @chayim. #1507 * Added HRANDFIELD support, available in Redis 6.2.0. Thanks @AvitalFineRedis. #1513 * Added CLIENT INFO support, available in Redis 6.2.0. Thanks @AvitalFineRedis. #1517 * Added GETEX support, available in Redis 6.2.0. Thanks @AvitalFineRedis. #1515 * Added support for COPY command, available in Redis 6.2.0. Thanks @malinaa96. #1492 * Provide a development and testing environment via docker. Thanks @abrookins. #1365 * Added support for the LPOS command available in Redis 6.0.6. Thanks @aparcar #1353/#1354 * Added support for the ACL LOG command available in Redis 6. Thanks @2014BDuck. #1307 * Added support for ABSTTL option of the RESTORE command available in Redis 5.0. Thanks @charettes. #1423 * Drop account-defaults-redis.patch merged upstream * Add account-defaults-redis.patch which fixes failing tests by taking into consideration redis defaults, not overwriting them (gh#andymccurdy/redis- py#1499). * Skipp two tests because of gh#andymccurdy/redis-py#1459. * update to 3.5.3 * Restore try/except clauses to **del** methods. These will be removed in 4.0 when more explicit resource management if enforced. #1339 * Update the master_address when Sentinels promote a new master. #847 * Update SentinelConnectionPool to not forcefully disconnect other in-use connections which can negatively affect threaded applications. #1345 3.5.2 * Tune the locking in ConnectionPool.get_connection so that the lock is not held while waiting for the socket to establish and validate the TCP connection. 3.5.1 * Fix for HSET argument validation to allow any non-None key. Thanks @AleksMat, #1337, #1341 3.5.0 * Removed exception trapping from **del** methods. redis-py objects that hold various resources implement **del** cleanup methods to release those resources when the object goes out of scope. This provides a fallback for when these objects aren't explicitly closed by user code. Prior to this change any errors encountered in closing these resources would be hidden from the user. Thanks @jdufresne. #1281 * Expanded support for connection strings specifying a username connecting to pre-v6 servers. #1274 * Optimized Lock's blocking_timeout and sleep. If the lock cannot be acquired and the sleep value would cause the loop to sleep beyond blocking_timeout, fail immediately. Thanks @clslgrnc. #1263 * Added support for passing Python memoryviews to Redis command args that expect strings or bytes. The memoryview instance is sent directly to the socket such that there are zero copies made of the underlying data during command packing. Thanks @Cody-G. #1265, #1285 * HSET command now can accept multiple pairs. HMSET has been marked as deprecated now. Thanks to @laixintao #1271 * Don't manually DISCARD when encountering an ExecAbortError. Thanks @nickgaya, #1300/#1301 * Reset the watched state of pipelines after calling exec. This saves a roundtrip to the server by not having to call UNWATCH within Pipeline.reset(). Thanks @nickgaya, #1299/#1302 * Added the KEEPTTL option for the SET command. Thanks @laixintao #1304/#1280 * Added the MEMORY STATS command. #1268 * Lock.extend() now has a new option, `replace_ttl`. When False (the default), Lock.extend() adds the `additional_time` to the lock's existing TTL. When replace_ttl=True, the lock's existing TTL is replaced with the value of `additional_time`. * Add testing and support for PyPy. * downgrade requires for redis to recommends * Better error handling Changes in python-retrying: * Switch package to modern Python Stack on SLE-15 * Add %{?sle15_python_module_pythons} * require setuptools * Switch to pyproject macros. * Stop using greedy globs in %files. * Update to version 1.3.4 * Added Greg Roodt as maintainer * Formatted code with black * Updated repository references * Improve summary. * Remove superfluous devel dependency for noarch package * Initial package Changes in python-semver: * update to 3.0.2: * :pr:`418`: Replace :class:`~collection.OrderedDict` with :class:`dict`. * The dict datatype is ordered since Python 3.7. As we do not support Python 3.6 anymore, it can be considered safe to avoid :class:`~collection.OrderedDict`. * :pr:`431`: Clarify version policy for the different semver versions (v2, v3, >v3) and the supported Python versions. * :gh:`432`: Improve external doc links to Python and Pydantic. * :pr:`417`: Amend GitHub Actions to check against MacOS. * remove obsolete setup-remove-asterisk.patch * update to version 3.0.1: * Remove incorrect dependencies from build-system section of pyproject.toml by @mgorny in #405 * correct typo in function description of next_version by @treee111 in #406 * Improve GitHub Action by @tomschr in #408 * Add CITATION.cff for citation by @tomschr in #409 * Add Version class to **all** export. Fix #410 by @Soneji in #411 * Configure docformatter by @tomschr in #412 * Prepare version 3.0.1 by @tomschr in #413 * update to version 3.0.0: * Bugfixes * :gh:`291`: Disallow negative numbers in VersionInfo arguments for `major`, `minor`, and `patch`. * :gh:`310`: Rework API documentation. Follow a more "semi-manual" attempt and add auto directives into :file:`docs/api.rst`. * :gh:`344`: Allow empty string, a string with a prefix, or `None` as token in :meth:`~semver.version.Version.bump_build` and :meth:`~semver.version.Version.bump_prerelease`. * :pr:`384`: General cleanup, reformat files: * Reformat source code with black again as some config options did accidentely exclude the semver source code. Mostly remove some includes/excludes in the black config. * Integrate concurrency in GH Action * Ignore Python files on project dirs in .gitignore * Remove unused patterns in MANIFEST.in * Use `extend-exclude` for flake in :file:`setup.cfg`` and adapt list. * Use `skip_install=True` in :file:`tox.ini` for black * :pr:`393`: Fix command :command:`python -m semver` to avoid the error "invalid choice" * :pr:`396`: Calling :meth:`~semver.version.Version.parse` on a derived class will show correct type of derived class. * Deprecations * :gh:`169`: Deprecate CLI functions not imported from `semver.cli`. * :gh:`234`: In :file:`setup.py` simplified file and remove `Tox` and `Clean` classes * :gh:`284`: Deprecate the use of :meth:`~Version.isvalid`. Rename :meth:`~semver.version.Version.isvalid` to :meth:`~semver.version.Version.is_valid` for consistency reasons with :meth:`~semver.version.Version.is_compatible`. * :pr:`402`: Keep :func:`semver.compare <semver._deprecated.compare>`. Although it breaks consistency with module level functions, it seems it's a much needed/used function. It's still unclear if we should deprecate this function or not (that's why we use :py:exc:`PendingDeprecationWarning`). As we don't have a uniform initializer yet, this function stays in the :file:`_deprecated.py` file for the time being until we find a better solution. See :gh:`258` for details. * Features * Remove :file:`semver.py` * Create :file:`src/semver/__init__.py` * Create :file:`src/semver/cli.py` for all CLI methods * Create :file:`src/semver/_deprecated.py` for the `deprecated` decorator and other deprecated functions * Create :file:`src/semver/__main__.py` to allow calling the CLI using :command:`python -m semver` * Create :file:`src/semver/_types.py` to hold type aliases * Create :file:`src/semver/version.py` to hold the :class:`Version` class (old name :class:`VersionInfo`) and its utility functions * Create :file:`src/semver/__about__.py` for all the metadata variables * :gh:`213`: Add typing information * :gh:`284`: Implement :meth:`~semver.version.Version.is_compatible` to make "is self compatible with X". * :gh:`305`: Rename :class:`~semver.version.VersionInfo` to :class:`~semver.version.Version` but keep an alias for compatibility * add setup-remove-asterisk.patch to fix build error * update to version 3.0.0-dev.4: * Bug Fixes: * :gh:`374`: Correct Towncrier's config entries in the :file:`pyproject.toml` file. The old entries `[[tool.towncrier.type]]` are deprecated and need to be replaced by `[tool.towncrier.fragment.<TYPE>]`. * Deprecations: * :gh:`372`: Deprecate support for Python 3.6. Python 3.6 reached its end of life and isn't supported anymore. At the time of writing (Dec 2022), the lowest version is 3.7. Although the `poll <https://github.com/python- semver/python-semver/discussions/371>`_ didn't cast many votes, the majority agree to remove support for Python 3.6. * Improved Documentation: * :gh:`335`: Add new section "Converting versions between PyPI and semver" the limitations and possible use cases to convert from one into the other versioning scheme. * :gh:`340`: Describe how to get version from a file * :gh:`343`: Describe combining Pydantic with semver in the "Advanced topic" section. * :gh:`350`: Restructure usage section. Create subdirectory "usage/" and splitted all section into different files. * :gh:`351`: Introduce new topics for: * "Migration to semver3" * "Advanced topics" * Features: * :pr:`359`: Add optional parameter `optional_minor_and_patch` in :meth:`.Version.parse` to allow optional minor and patch parts. * :pr:`362`: Make :meth:`.Version.match` accept a bare version string as match expression, defaulting to equality testing. * :gh:`364`: Enhance :file:`pyproject.toml` to make it possible to use the :command:`pyproject-build` command from the build module. For more information, see :ref:`build-semver`. * :gh:`365`: Improve :file:`pyproject.toml`. * Use setuptools, add metadata. Taken approach from `A Practical Guide to Setuptools and Pyproject.toml <https://godatadriven.com/blog/a-practical- guide-to-setuptools-and-pyproject-toml/>`_. * Doc: Describe building of semver * Remove :file:`.travis.yml` in :file:`MANIFEST.in` (not needed anymore) * Distinguish between Python 3.6 and others in :file:`tox.ini` * Add skip_missing_interpreters option for :file:`tox.ini` * GH Action: Upgrade setuptools and setuptools-scm and test against 3.11.0-rc.2 * Trivial/Internal Changes: * :gh:`378`: Fix some typos in Towncrier configuration * switch to the tagged version rather than a gh branch tarball * fix support for Python 3.10 with update to development version: * update to revision g4d2df08: * Changes for the upcoming release can be found in: * the `"changelog.d" directory <https://github.com/python- semver/python-semver/tree/master/changelog.d>`_: * in our repository.: * update to version 3.0.0-dev.2: * Deprecations: * :gh:`169`: Deprecate CLI functions not imported from `semver.cli`. * Features: * :gh:`169`: Create semver package and split code among different modules in the packages. * Remove :file:`semver.py` * Create :file:`src/semver/__init__.py` * Create :file:`src/semver/cli.py` for all CLI methods * Create :file:`src/semver/_deprecated.py` for the `deprecated` decorator and other deprecated functions * Create :file:`src/semver/__main__.py` to allow calling the CLI using :command:`python -m semver` * Create :file:`src/semver/_types.py` to hold type aliases * Create :file:`src/semver/version.py` to hold the :class:`Version` class (old name :class:`VersionInfo`) and its utility functions * Create :file:`src/semver/__about__.py` for all the metadata variables * :gh:`305`: Rename :class:`VersionInfo` to :class:`Version` but keep an alias for compatibility * Improved Documentation: * :gh:`304`: Several improvements in documentation: * Reorganize API documentation. * Add migration chapter from semver2 to semver3. * Distinguish between changlog for version 2 and 3 * :gh:`305`: Add note about :class:`Version` rename. * Trivial/Internal Changes: * :gh:`169`: Adapted infrastructure code to the new project layout. * Replace :file:`setup.py` with :file:`setup.cfg` because the :file:`setup.cfg` is easier to use * Adapt documentation code snippets where needed * Adapt tests * Changed the `deprecated` to hardcode the `semver` package name in the warning. Increase coverage to 100% for all non-deprecated APIs * :gh:`304`: Support PEP-561 :file:`py.typed`. According to the mentioned PEP: "Package maintainers who wish to support type checking of their code MUST add a marker file named :file:`py.typed` to their package supporting typing." Add package_data to :file:`setup.cfg` to include this marker in dist and whl file. * update to version 3.0.0-dev.1: * Deprecations: * :pr:`290`: For semver 3.0.0-alpha0: * Remove anything related to Python2 * In :file:`tox.ini` and :file:`.travis.yml` Remove targets py27, py34, py35, and pypy. Add py38, py39, and nightly (allow to fail) * In :file:`setup.py` simplified file and remove `Tox` and `Clean` classes * Remove old Python versions (2.7, 3.4, 3.5, and pypy) from Travis * :gh:`234`: In :file:`setup.py` simplified file and remove `Tox` and `Clean` classes * Features: * :pr:`290`: Create semver 3.0.0-alpha0 * Update :file:`README.rst`, mention maintenance branch `maint/v2`. * Remove old code mainly used for Python2 compatibility, adjusted code to support Python3 features. * Split test suite into separate files under :file:`tests/` directory * Adjust and update :file:`setup.py`. Requires Python >=3.6.* Extract metadata directly from source (affects all the `__version__`, `__author__` etc. variables) * :gh:`270`: Configure Towncrier (:pr:`273`:) * Add :file:`changelog.d/.gitignore` to keep this directory * Create :file:`changelog.d/README.rst` with some descriptions * Add :file:`changelog.d/_template.rst` as Towncrier template * Add `[tool.towncrier]` section in :file:`pyproject.toml` * Add "changelog" target into :file:`tox.ini`. Use it like :command:`tox -e changelog -- CMD` whereas `CMD` is a Towncrier command. The default :command:`tox -e changelog` calls Towncrier to create a draft of the changelog file and output it to stdout. * Update documentation and add include a new section "Changelog" included from :file:`changelog.d/README.rst`. * :gh:`276`: Document how to create a sublass from :class:`VersionInfo` class * :gh:`213`: Add typing information * Bug Fixes: * :gh:`291`: Disallow negative numbers in VersionInfo arguments for `major`, `minor`, and `patch`. * Improved Documentation: * :pr:`290`: Several improvements in the documentation: * New layout to distinguish from the semver2 development line. * Create new logo. * Remove any occurances of Python2. * Describe changelog process with Towncrier. * Update the release process. * Trivial/Internal Changes: * :pr:`290`: Add supported Python versions to :command:`black`. * PR #62. Support custom default names for pre and build Changes in python- sshtunnel: * Require update-alternatives for the scriptlets. * Switch build system from setuptools to pyproject.toml * Add python-pip and python-wheel to BuildRequires * Replace %python_build with %pyproject_wheel * Replace %python_install with %pyproject_install * Limit Python files matched in %files section * Use %sle15_python_module_pythons * do not require python-mock for build * update to 0.4.0: * Change the daemon mod flag for all tunnel threads (is not fully backward compatible) to prevent unexpected hangs (`#219`_) + Add docker based end to end functinal tests for Mongo/Postgres/MySQL * Add docker based end to end hangs tests * Fix host key directory detection * Unify default ssh config folder to `~/.ssh` * Increase open connection timeout to 10 secods * Change default with context behavior to use `.stop(force=True)` on exit * Remove useless `daemon_forward_servers = True` hack for hangs prevention * Set transport keepalive to 5 second by default * Set default transport timeout to 0.1 * Deprecate and remove `block_on_close` option * Fix "deadlocks" / "tunneling hangs" * Add `.stop(force=True)` for force close active connections * Fixes bug with orphan thread for a tunnel that is DOWN * Support IPv6 without proxy command. Use built-in paramiko create socket logic. The logic tries to use ipv6 socket family first, then ipv4 socket family. Changes in python-strictyaml: * require setuptools * update to 1.7.3: * REFACTOR : Fix pipeline. * TOOLING : Improvements to pyenv multi-environment tester. * FEATURE : Upgraded package to use pyproject.toml files * REFACTOR : Fixed linter errors. * TOOLING : Build wheel and sdist that both work. * Add %{?sle15_python_module_pythons} * Update to 1.6.2 No relevant code changes. see details changelog: https://hitchdev.com/strictyaml/changelog/#latest * update to 1.6.1 too many changes to be listed here see detailed changelog: https://hitchdev.com/strictyaml/changelog/ * update to 1.4.4 * Add support for NaN and infinity representations * Optional keys in mappings and set value to None * Support underscores in int and decimal * NullNone - parse 'null' as None like YAML 1.2 does. * Bundle last propertly working ruamel.yaml version in with strictyaml. * version update to 1.0.6 * BUGFIX : Fix accidental python 2 breakage. * BUGFIX : Accidental misrecognition of boolean values as numbers - cause of #85. * BUGFIX : Fix for #86 - handle changing multiline strings. * BUGFIX: handle deprecated collections import in the parser (#82) * Update to 1.0.5: * BUGFIX : Fixed python 2 bug introduced when fixing #72. * FEATURE : Include tests / stories in package. * BUG: issue #72. Now setitem uses schema. * Expand %description. * Initial spec for v1.0.3 Changes in python-sure: * Switch build system from setuptools to pyproject.toml * Add python-pip and python-wheel to BuildRequires * Replace %python_build with %pyproject_wheel * Replace %python_install with %pyproject_install * update to 2.0.1: * Fixes CI build (Github Actions) * Fixes broken tests * Housekeeping: Licensing * Disable nosetests for testing leaving only pytest as supported test-runner for now * Add %{?sle15_python_module_pythons} * Remove mock from BuildRequires. * Rebase python-sure-no-mock.patch to remove one missed import. * do not require mock for build nor runtime * added patches fix https://github.com/gabrielfalcao/sure/pull/161 * python-sure-no-mock.patch * Update to 2.0.0 * No longer patch the builtin dir() function, which fixes pytest in some cases such as projects using gevent. * switch to pytest * Version update to 1.4.11: * Reading the version dynamically was causing import errors that caused error when installing package. Refs #144 Changes in python-vcrpy: \- Update to 6.0.1 * BREAKING: Fix issue with httpx support (thanks @parkerhancock) in #784. * BREAKING: Drop support for `boto` (vcrpy still supports boto3, but is dropping the deprecated `boto` support in this release. (thanks @jairhenrique) * Fix compatibility issue with Python 3.12 (thanks @hartwork) * Drop simplejson (fixes some compatibility issues) (thanks @jairhenrique) * Run CI on Python 3.12 and PyPy 3.9-3.10 (thanks @mgorny) * Various linting and docs improvements (thanks @jairhenrique) * Tornado fixes (thanks @graingert) * version update to 5.1.0 * Use ruff for linting (instead of current flake8/isort/pyflakes) - thanks @jairhenrique * Enable rule B (flake8-bugbear) on ruff - thanks @jairhenrique * Configure read the docs V2 - thanks @jairhenrique * Fix typo in docs - thanks @quasimik * Make json.loads of Python >=3.6 decode bytes by itself - thanks @hartwork * Fix body matcher for chunked requests (fixes #734) - thanks @hartwork * Fix query param filter for aiohttp (fixes #517) - thanks @hartwork and @salomvary * Remove unnecessary dependency on six. - thanks @charettes * build(deps): update sphinx requirement from <7 to <8 - thanks @jairhenrique * Add action to validate docs - thanks @jairhenrique * Add editorconfig file - thanks @jairhenrique * Drop iscoroutinefunction fallback function for unsupported python thanks @jairhenrique * for changelog for older releases refer to https://github.com/kevin1024/vcrpy/releases * six is not required * Use sle15_python_module_pythons * Restrict urllib3 < 2 -- gh#kevin1024/vcrpy#688 * Update to version 4.2.1 * Fix a bug where the first request in a redirect chain was not being recorded with aiohttp * Various typos and small fixes, thanks @jairhenrique, @timgates42 * Update to 4.1.1: * Fix HTTPX support for versions greater than 0.15 (thanks @jairhenrique) * Include a trailing newline on json cassettes (thanks @AaronRobson) * Update to 4.1.0: * Add support for httpx!! (thanks @herdigiorgi) * Add the new allow_playback_repeats option (thanks @tysonholub) * Several aiohttp improvements (cookie support, multiple headers with same key) (Thanks @pauloromeira) * Use enums for record modes (thanks @aaronbannin) * Bugfix: Do not redirect on 304 in aiohttp (Thanks @royjs) * Bugfix: Fix test suite by switching to mockbin (thanks @jairhenrique) * Remove patch 0001-Revert-v4.0.x-Remove-legacy-python-and-add-python3.8.patch as we dropped py2 integration support on Tumbleweed * Added patch 0001-Revert-v4.0.x-Remove-legacy-python-and-add-python3.8.patch * Enable python2 again since it breaks many packages * Fix locale on Leap * update to version 4.0.2 * Remove Python2 support * Add Python 3.8 TravisCI support * Correct mock imports Changes in python-xmltodict: \- Clean up the SPEC file. * add sle15_python_module_pythons * update to 0.13.0: * Add install info to readme for openSUSE. (#205) * Support defaultdict for namespace mapping (#211) * parse(generator) is now possible (#212) * Processing comments on parsing from xml to dict (connected to #109) (#221) * Add expand_iter kw to unparse to expand iterables (#213) * Fixed some typos * Add support for python3.8 * Drop Jython/Python 2 and add Python 3.9/3.10. * Drop OrderedDict in Python >= 3.7 * Do not use len() to determine if a sequence is empty * Add more namespace attribute tests * Fix encoding issue in setup.py * Add patch skip-tests-expat-245.patch: * Do not run tests that make no sense with a current Expat. Changes in python-asgiref: First package shipment. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-1639=1 * Public Cloud Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP6-2024-1639=1 * Python 3 Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Python3-15-SP6-2024-1639=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1639=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-1639=1 ## Package List: * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64) * python-wrapt-debugsource-1.15.0-150400.12.7.1 * SUSE Package Hub 15 15-SP6 (noarch) * python311-asgiref-3.6.0-150400.9.7.3 * Public Cloud Module 15-SP6 (noarch) * python311-PyGithub-1.57-150400.10.4.4 * python311-opencensus-ext-threading-0.1.2-150400.10.6.1 * python311-marshmallow-3.20.2-150400.9.7.1 * python311-avro-1.11.3-150400.10.4.1 * python311-chardet-5.2.0-150400.13.7.2 * python311-strictyaml-1.7.3-150400.9.3.4 * python311-retrying-1.3.4-150400.12.4.1 * python311-semver-3.0.2-150400.10.4.1 * python311-opencensus-0.11.4-150400.10.6.3 * python311-vcrpy-6.0.1-150400.7.4.4 * python311-docker-7.0.0-150400.8.4.4 * python311-Fabric-3.2.2-150400.10.4.1 * python311-asgiref-3.6.0-150400.9.7.3 * python311-pydash-6.0.2-150400.9.4.1 * python311-opentelemetry-semantic-conventions-0.44b0-150400.9.3.1 * python311-pycomposefile-0.0.30-150400.9.3.1 * python311-jsondiff-2.0.0-150400.10.4.1 * python311-knack-0.11.0-150400.10.4.4 * python311-opencensus-context-0.1.3-150400.10.6.1 * python311-javaproperties-0.8.1-150400.10.4.4 * python311-fixedint-0.2.0-150400.9.3.1 * python311-antlr4-python3-runtime-4.13.1-150400.10.4.1 * python311-opentelemetry-test-utils-0.44b0-150400.9.3.1 * python311-opentelemetry-sdk-1.23.0-150400.9.3.1 * python311-opentelemetry-api-1.23.0-150400.10.7.1 * Python 3 Module 15-SP6 (aarch64 ppc64le s390x x86_64) * python311-zope.interface-debuginfo-6.0-150400.12.7.4 * python-yarl-debugsource-1.9.2-150400.8.7.4 * python311-multidict-debuginfo-6.0.4-150400.7.7.4 * python-multidict-debugsource-6.0.4-150400.7.7.4 * python311-psutil-5.9.5-150400.6.9.4 * python311-aiohttp-debuginfo-3.9.3-150400.10.18.4 * python311-zope.interface-6.0-150400.12.7.4 * python311-wrapt-debuginfo-1.15.0-150400.12.7.1 * python-zope.interface-debugsource-6.0-150400.12.7.4 * python311-frozenlist-debuginfo-1.3.3-150400.9.7.2 * python311-multidict-6.0.4-150400.7.7.4 * python-frozenlist-debugsource-1.3.3-150400.9.7.2 * python311-wrapt-1.15.0-150400.12.7.1 * python311-frozenlist-1.3.3-150400.9.7.2 * python311-psutil-debuginfo-5.9.5-150400.6.9.4 * python-wrapt-debugsource-1.15.0-150400.12.7.1 * python311-yarl-1.9.2-150400.8.7.4 * python311-aiohttp-3.9.3-150400.10.18.4 * python311-yarl-debuginfo-1.9.2-150400.8.7.4 * python-psutil-debugsource-5.9.5-150400.6.9.4 * python-aiohttp-debugsource-3.9.3-150400.10.18.4 * Python 3 Module 15-SP6 (noarch) * python311-aiosignal-1.3.1-150400.9.7.2 * python311-websocket-client-1.5.1-150400.13.7.1 * python311-portalocker-2.7.0-150400.10.7.4 * python311-Automat-22.10.0-150400.3.7.2 * python311-fluidity-sm-0.2.0-150400.10.7.2 * python311-Twisted-conch_nacl-22.10.0-150400.5.17.4 * python311-Pygments-2.15.1-150400.7.7.4 * python311-blinker-1.6.2-150400.12.7.4 * python311-constantly-15.1.0-150400.12.7.2 * python311-chardet-5.2.0-150400.13.7.2 * python311-Twisted-http2-22.10.0-150400.5.17.4 * python311-tabulate-0.9.0-150400.11.7.4 * python311-Twisted-contextvars-22.10.0-150400.5.17.4 * python311-sortedcontainers-2.4.0-150400.8.7.4 * python311-async_timeout-4.0.2-150400.10.7.2 * python311-lexicon-2.0.1-150400.10.7.1 * python311-PyJWT-2.8.0-150400.8.7.2 * python-paramiko-doc-3.4.0-150400.13.10.4 * python311-service_identity-23.1.0-150400.8.7.1 * python311-isodate-0.6.1-150400.12.7.2 * python311-humanfriendly-10.0-150400.13.7.4 * python311-Twisted-all_non_platform-22.10.0-150400.5.17.4 * python311-requests-oauthlib-1.3.1-150400.12.7.1 * python311-Twisted-conch-22.10.0-150400.5.17.4 * python311-Twisted-tls-22.10.0-150400.5.17.4 * python311-oauthlib-3.2.2-150400.12.7.4 * python311-paramiko-3.4.0-150400.13.10.4 * python311-Twisted-serial-22.10.0-150400.5.17.4 * python311-tqdm-4.66.1-150400.9.7.4 * python311-Deprecated-1.2.14-150400.10.7.2 * python311-scp-0.14.5-150400.12.7.4 * python311-invoke-2.1.2-150400.10.7.4 * python311-pkginfo-1.9.6-150400.7.7.1 * python311-decorator-5.1.1-150400.12.7.4 * python311-incremental-22.10.0-150400.3.7.2 * python311-argcomplete-3.3.0-150400.12.12.2 * python311-pathspec-0.11.1-150400.9.7.2 * python311-pyparsing-3.0.9-150400.5.7.4 * python311-pip-22.3.1-150400.17.16.4 * python311-importlib-metadata-6.8.0-150400.10.9.2 * python311-hyperlink-21.0.0-150400.12.7.4 * python311-Twisted-22.10.0-150400.5.17.4 * python-tqdm-bash-completion-4.66.1-150400.9.7.4 * python311-opentelemetry-api-1.23.0-150400.10.7.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * python311-zope.interface-debuginfo-6.0-150400.12.7.4 * python-yarl-debugsource-1.9.2-150400.8.7.4 * python311-multidict-debuginfo-6.0.4-150400.7.7.4 * python-multidict-debugsource-6.0.4-150400.7.7.4 * python311-psutil-5.9.5-150400.6.9.4 * python311-aiohttp-debuginfo-3.9.3-150400.10.18.4 * python311-zope.interface-6.0-150400.12.7.4 * python311-wrapt-debuginfo-1.15.0-150400.12.7.1 * python-zope.interface-debugsource-6.0-150400.12.7.4 * python311-frozenlist-debuginfo-1.3.3-150400.9.7.2 * python311-multidict-6.0.4-150400.7.7.4 * python-frozenlist-debugsource-1.3.3-150400.9.7.2 * python311-wrapt-1.15.0-150400.12.7.1 * python311-frozenlist-1.3.3-150400.9.7.2 * python311-psutil-debuginfo-5.9.5-150400.6.9.4 * python-wrapt-debugsource-1.15.0-150400.12.7.1 * python311-yarl-1.9.2-150400.8.7.4 * python311-aiohttp-3.9.3-150400.10.18.4 * python311-yarl-debuginfo-1.9.2-150400.8.7.4 * python-psutil-debugsource-5.9.5-150400.6.9.4 * python-aiohttp-debugsource-3.9.3-150400.10.18.4 * openSUSE Leap 15.5 (noarch) * python311-aiosignal-1.3.1-150400.9.7.2 * python311-PyGithub-1.57-150400.10.4.4 * python311-opencensus-ext-threading-0.1.2-150400.10.6.1 * python311-websocket-client-1.5.1-150400.13.7.1 * python311-marshmallow-3.20.2-150400.9.7.1 * python311-avro-1.11.3-150400.10.4.1 * python311-portalocker-2.7.0-150400.10.7.4 * python311-Automat-22.10.0-150400.3.7.2 * python311-fluidity-sm-0.2.0-150400.10.7.2 * python311-distro-1.9.0-150400.12.4.1 * python311-Twisted-conch_nacl-22.10.0-150400.5.17.4 * python311-Pygments-2.15.1-150400.7.7.4 * python311-blinker-1.6.2-150400.12.7.4 * python311-constantly-15.1.0-150400.12.7.2 * python311-zipp-3.15.0-150400.10.7.1 * python311-chardet-5.2.0-150400.13.7.2 * python311-httplib2-0.22.0-150400.10.4.1 * python311-strictyaml-1.7.3-150400.9.3.4 * python311-retrying-1.3.4-150400.12.4.1 * python311-semver-3.0.2-150400.10.4.1 * python311-opencensus-0.11.4-150400.10.6.3 * python311-vcrpy-6.0.1-150400.7.4.4 * python311-Twisted-http2-22.10.0-150400.5.17.4 * python311-Fabric-3.2.2-150400.10.4.1 * python311-docker-7.0.0-150400.8.4.4 * python311-tabulate-0.9.0-150400.11.7.4 * python311-asgiref-3.6.0-150400.9.7.3 * python311-Twisted-contextvars-22.10.0-150400.5.17.4 * python311-sortedcontainers-2.4.0-150400.8.7.4 * python311-pydash-6.0.2-150400.9.4.1 * python311-async_timeout-4.0.2-150400.10.7.2 * python311-lexicon-2.0.1-150400.10.7.1 * python311-PyJWT-2.8.0-150400.8.7.2 * python311-httpretty-1.1.4-150400.11.4.1 * python-paramiko-doc-3.4.0-150400.13.10.4 * python311-opentelemetry-semantic-conventions-0.44b0-150400.9.3.1 * python311-pycomposefile-0.0.30-150400.9.3.1 * python311-service_identity-23.1.0-150400.8.7.1 * python311-isodate-0.6.1-150400.12.7.2 * python311-humanfriendly-10.0-150400.13.7.4 * python311-Twisted-all_non_platform-22.10.0-150400.5.17.4 * python311-requests-oauthlib-1.3.1-150400.12.7.1 * python311-redis-5.0.1-150400.12.4.4 * python311-sshtunnel-0.4.0-150400.5.4.4 * python311-wheel-0.40.0-150400.13.7.4 * python311-Twisted-conch-22.10.0-150400.5.17.4 * python311-jsondiff-2.0.0-150400.10.4.1 * python311-typing_extensions-4.5.0-150400.3.9.1 * python311-knack-0.11.0-150400.10.4.4 * python311-Twisted-tls-22.10.0-150400.5.17.4 * python311-oauthlib-3.2.2-150400.12.7.4 * python311-opencensus-context-0.1.3-150400.10.6.1 * python311-paramiko-3.4.0-150400.13.10.4 * python311-Twisted-serial-22.10.0-150400.5.17.4 * python311-tqdm-4.66.1-150400.9.7.4 * python311-Deprecated-1.2.14-150400.10.7.2 * python311-javaproperties-0.8.1-150400.10.4.4 * python311-fixedint-0.2.0-150400.9.3.1 * python311-scp-0.14.5-150400.12.7.4 * python311-xmltodict-0.13.0-150400.12.4.1 * python311-invoke-2.1.2-150400.10.7.4 * python311-fakeredis-2.21.0-150400.9.3.4 * python311-antlr4-python3-runtime-4.13.1-150400.10.4.1 * python311-decorator-5.1.1-150400.12.7.4 * python311-argcomplete-3.3.0-150400.12.12.2 * python311-incremental-22.10.0-150400.3.7.2 * python311-opentelemetry-test-utils-0.44b0-150400.9.3.1 * python311-pathspec-0.11.1-150400.9.7.2 * python311-pkginfo-1.9.6-150400.7.7.1 * python311-opentelemetry-sdk-1.23.0-150400.9.3.1 * python311-pip-22.3.1-150400.17.16.4 * python311-importlib-metadata-6.8.0-150400.10.9.2 * python311-pyparsing-3.0.9-150400.5.7.4 * python311-sure-2.0.1-150400.12.4.4 * python311-hyperlink-21.0.0-150400.12.7.4 * python311-Twisted-22.10.0-150400.5.17.4 * python-tqdm-bash-completion-4.66.1-150400.9.7.4 * python311-opentelemetry-api-1.23.0-150400.10.7.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * python311-zope.interface-debuginfo-6.0-150400.12.7.4 * python-yarl-debugsource-1.9.2-150400.8.7.4 * python311-multidict-debuginfo-6.0.4-150400.7.7.4 * python-multidict-debugsource-6.0.4-150400.7.7.4 * python311-psutil-5.9.5-150400.6.9.4 * python311-aiohttp-debuginfo-3.9.3-150400.10.18.4 * python311-zope.interface-6.0-150400.12.7.4 * python311-wrapt-debuginfo-1.15.0-150400.12.7.1 * python-zope.interface-debugsource-6.0-150400.12.7.4 * python311-frozenlist-debuginfo-1.3.3-150400.9.7.2 * python311-multidict-6.0.4-150400.7.7.4 * python-frozenlist-debugsource-1.3.3-150400.9.7.2 * python311-wrapt-1.15.0-150400.12.7.1 * python311-frozenlist-1.3.3-150400.9.7.2 * python311-psutil-debuginfo-5.9.5-150400.6.9.4 * python-wrapt-debugsource-1.15.0-150400.12.7.1 * python311-yarl-1.9.2-150400.8.7.4 * python311-aiohttp-3.9.3-150400.10.18.4 * python311-yarl-debuginfo-1.9.2-150400.8.7.4 * python-psutil-debugsource-5.9.5-150400.6.9.4 * python-aiohttp-debugsource-3.9.3-150400.10.18.4 * openSUSE Leap 15.6 (noarch) * python311-aiosignal-1.3.1-150400.9.7.2 * python311-PyGithub-1.57-150400.10.4.4 * python311-opencensus-ext-threading-0.1.2-150400.10.6.1 * python311-websocket-client-1.5.1-150400.13.7.1 * python311-marshmallow-3.20.2-150400.9.7.1 * python311-avro-1.11.3-150400.10.4.1 * python311-portalocker-2.7.0-150400.10.7.4 * python311-Automat-22.10.0-150400.3.7.2 * python311-fluidity-sm-0.2.0-150400.10.7.2 * python311-distro-1.9.0-150400.12.4.1 * python311-Twisted-conch_nacl-22.10.0-150400.5.17.4 * python311-Pygments-2.15.1-150400.7.7.4 * python311-blinker-1.6.2-150400.12.7.4 * python311-constantly-15.1.0-150400.12.7.2 * python311-zipp-3.15.0-150400.10.7.1 * python311-chardet-5.2.0-150400.13.7.2 * python311-httplib2-0.22.0-150400.10.4.1 * python311-strictyaml-1.7.3-150400.9.3.4 * python311-retrying-1.3.4-150400.12.4.1 * python311-semver-3.0.2-150400.10.4.1 * python311-opencensus-0.11.4-150400.10.6.3 * python311-vcrpy-6.0.1-150400.7.4.4 * python311-Twisted-http2-22.10.0-150400.5.17.4 * python311-Fabric-3.2.2-150400.10.4.1 * python311-docker-7.0.0-150400.8.4.4 * python311-tabulate-0.9.0-150400.11.7.4 * python311-asgiref-3.6.0-150400.9.7.3 * python311-Twisted-contextvars-22.10.0-150400.5.17.4 * python311-sortedcontainers-2.4.0-150400.8.7.4 * python311-pydash-6.0.2-150400.9.4.1 * python311-async_timeout-4.0.2-150400.10.7.2 * python311-lexicon-2.0.1-150400.10.7.1 * python311-PyJWT-2.8.0-150400.8.7.2 * python311-httpretty-1.1.4-150400.11.4.1 * python-paramiko-doc-3.4.0-150400.13.10.4 * python311-opentelemetry-semantic-conventions-0.44b0-150400.9.3.1 * python311-pycomposefile-0.0.30-150400.9.3.1 * python311-service_identity-23.1.0-150400.8.7.1 * python311-isodate-0.6.1-150400.12.7.2 * python311-humanfriendly-10.0-150400.13.7.4 * python311-Twisted-all_non_platform-22.10.0-150400.5.17.4 * python311-requests-oauthlib-1.3.1-150400.12.7.1 * python311-redis-5.0.1-150400.12.4.4 * python311-sshtunnel-0.4.0-150400.5.4.4 * python311-wheel-0.40.0-150400.13.7.4 * python311-Twisted-conch-22.10.0-150400.5.17.4 * python311-jsondiff-2.0.0-150400.10.4.1 * python311-typing_extensions-4.5.0-150400.3.9.1 * python311-knack-0.11.0-150400.10.4.4 * python311-Twisted-tls-22.10.0-150400.5.17.4 * python311-oauthlib-3.2.2-150400.12.7.4 * python311-opencensus-context-0.1.3-150400.10.6.1 * python311-paramiko-3.4.0-150400.13.10.4 * python311-Twisted-serial-22.10.0-150400.5.17.4 * python311-tqdm-4.66.1-150400.9.7.4 * python311-Deprecated-1.2.14-150400.10.7.2 * python311-javaproperties-0.8.1-150400.10.4.4 * python311-fixedint-0.2.0-150400.9.3.1 * python311-scp-0.14.5-150400.12.7.4 * python311-invoke-2.1.2-150400.10.7.4 * python311-fakeredis-2.21.0-150400.9.3.4 * python311-antlr4-python3-runtime-4.13.1-150400.10.4.1 * python311-decorator-5.1.1-150400.12.7.4 * python311-argcomplete-3.3.0-150400.12.12.2 * python311-incremental-22.10.0-150400.3.7.2 * python311-opentelemetry-test-utils-0.44b0-150400.9.3.1 * python311-pathspec-0.11.1-150400.9.7.2 * python311-pkginfo-1.9.6-150400.7.7.1 * python311-opentelemetry-sdk-1.23.0-150400.9.3.1 * python311-pip-22.3.1-150400.17.16.4 * python311-importlib-metadata-6.8.0-150400.10.9.2 * python311-pyparsing-3.0.9-150400.5.7.4 * python311-hyperlink-21.0.0-150400.12.7.4 * python311-Twisted-22.10.0-150400.5.17.4 * python-tqdm-bash-completion-4.66.1-150400.9.7.4 * python311-opentelemetry-api-1.23.0-150400.10.7.1 ## References: * https://www.suse.com/security/cve/CVE-2023-28858.html * https://www.suse.com/security/cve/CVE-2023-28859.html * https://bugzilla.suse.com/show_bug.cgi?id=1209571 * https://bugzilla.suse.com/show_bug.cgi?id=1209811 * https://bugzilla.suse.com/show_bug.cgi?id=1209812 * https://bugzilla.suse.com/show_bug.cgi?id=1216606 * https://bugzilla.suse.com/show_bug.cgi?id=1222880 * https://bugzilla.suse.com/show_bug.cgi?id=761162 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jul 2 08:30:06 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jul 2024 08:30:06 -0000 Subject: SUSE-SU-2024:2258-1: important: Security update for libreoffice Message-ID: <171990900632.13794.10574057710125961116@smelt2.prg2.suse.org> # Security update for libreoffice Announcement ID: SUSE-SU-2024:2258-1 Rating: important References: * bsc#1224279 * bsc#1224309 Cross-References: * CVE-2024-3044 CVSS scores: * CVE-2024-3044 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 * SUSE Linux Enterprise Workstation Extension 12 12-SP5 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for libreoffice fixes the following issues: Libreoffice was updated to version 24.2.4.2: * Release notes: * https://wiki.documentfoundation.org/Releases/24.2.1/RC1 * https://wiki.documentfoundation.org/Releases/24.2.1/RC2 * Security issues fixed: * CVE-2024-3044: Fixed unchecked script execution in graphic on-click binding (bsc#1224279) * Other issues fixed: * Fixed LibreOffice build failures with ICU 75 (bsc#1224309) * Updated bundled dependencies: * curl version update from 8.6.0 to 8.7.1 * gpgme version update from 1.20.0 to 1.23.2 * libassuan version update from 2.5.6 to 2.5.7 * libgpg-error version update from 1.47 to 1.48 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-2258=1 * SUSE Linux Enterprise Workstation Extension 12 12-SP5 zypper in -t patch SUSE-SLE-WE-12-SP5-2024-2258=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (x86_64) * libreoffice-debuginfo-24.2.4.2-48.59.3 * libreoffice-debugsource-24.2.4.2-48.59.3 * libreoffice-sdk-debuginfo-24.2.4.2-48.59.3 * libreoffice-sdk-24.2.4.2-48.59.3 * SUSE Linux Enterprise Workstation Extension 12 12-SP5 (x86_64) * libreoffice-mailmerge-24.2.4.2-48.59.3 * libreoffice-pyuno-24.2.4.2-48.59.3 * libreoffice-calc-debuginfo-24.2.4.2-48.59.3 * libreoffice-base-debuginfo-24.2.4.2-48.59.3 * libreoffice-math-24.2.4.2-48.59.3 * libreoffice-writer-extensions-24.2.4.2-48.59.3 * libreoffice-gtk3-24.2.4.2-48.59.3 * libreoffice-gnome-debuginfo-24.2.4.2-48.59.3 * libreoffice-calc-extensions-24.2.4.2-48.59.3 * libreoffice-draw-24.2.4.2-48.59.3 * libreoffice-gnome-24.2.4.2-48.59.3 * libreoffice-draw-debuginfo-24.2.4.2-48.59.3 * libreoffice-officebean-24.2.4.2-48.59.3 * libreoffice-base-drivers-postgresql-debuginfo-24.2.4.2-48.59.3 * libreoffice-debugsource-24.2.4.2-48.59.3 * libreoffice-writer-debuginfo-24.2.4.2-48.59.3 * libreoffice-base-drivers-postgresql-24.2.4.2-48.59.3 * libreoffice-math-debuginfo-24.2.4.2-48.59.3 * libreoffice-writer-24.2.4.2-48.59.3 * libreoffice-24.2.4.2-48.59.3 * libreoffice-calc-24.2.4.2-48.59.3 * libreoffice-librelogo-24.2.4.2-48.59.3 * libreoffice-gtk3-debuginfo-24.2.4.2-48.59.3 * libreoffice-pyuno-debuginfo-24.2.4.2-48.59.3 * libreoffice-impress-debuginfo-24.2.4.2-48.59.3 * libreoffice-filters-optional-24.2.4.2-48.59.3 * libreoffice-debuginfo-24.2.4.2-48.59.3 * libreoffice-officebean-debuginfo-24.2.4.2-48.59.3 * libreoffice-impress-24.2.4.2-48.59.3 * libreoffice-base-24.2.4.2-48.59.3 * SUSE Linux Enterprise Workstation Extension 12 12-SP5 (noarch) * libreoffice-l10n-zh_CN-24.2.4.2-48.59.3 * libreoffice-l10n-ru-24.2.4.2-48.59.3 * libreoffice-l10n-cs-24.2.4.2-48.59.3 * libreoffice-l10n-uk-24.2.4.2-48.59.3 * libreoffice-l10n-hi-24.2.4.2-48.59.3 * libreoffice-l10n-fr-24.2.4.2-48.59.3 * libreoffice-l10n-sk-24.2.4.2-48.59.3 * libreoffice-l10n-af-24.2.4.2-48.59.3 * libreoffice-l10n-gu-24.2.4.2-48.59.3 * libreoffice-l10n-en-24.2.4.2-48.59.3 * libreoffice-l10n-it-24.2.4.2-48.59.3 * libreoffice-l10n-ko-24.2.4.2-48.59.3 * libreoffice-l10n-es-24.2.4.2-48.59.3 * libreoffice-l10n-hu-24.2.4.2-48.59.3 * libreoffice-l10n-nn-24.2.4.2-48.59.3 * libreoffice-l10n-bg-24.2.4.2-48.59.3 * libreoffice-l10n-pl-24.2.4.2-48.59.3 * libreoffice-l10n-pt_BR-24.2.4.2-48.59.3 * libreoffice-l10n-da-24.2.4.2-48.59.3 * libreoffice-l10n-ro-24.2.4.2-48.59.3 * libreoffice-l10n-sv-24.2.4.2-48.59.3 * libreoffice-l10n-pt_PT-24.2.4.2-48.59.3 * libreoffice-l10n-zu-24.2.4.2-48.59.3 * libreoffice-l10n-ar-24.2.4.2-48.59.3 * libreoffice-l10n-nb-24.2.4.2-48.59.3 * libreoffice-l10n-fi-24.2.4.2-48.59.3 * libreoffice-l10n-ca-24.2.4.2-48.59.3 * libreoffice-l10n-zh_TW-24.2.4.2-48.59.3 * libreoffice-icon-themes-24.2.4.2-48.59.3 * libreoffice-l10n-hr-24.2.4.2-48.59.3 * libreoffice-l10n-de-24.2.4.2-48.59.3 * libreoffice-l10n-ja-24.2.4.2-48.59.3 * libreoffice-l10n-nl-24.2.4.2-48.59.3 * libreoffice-l10n-xh-24.2.4.2-48.59.3 * libreoffice-l10n-lt-24.2.4.2-48.59.3 * libreoffice-branding-upstream-24.2.4.2-48.59.3 ## References: * https://www.suse.com/security/cve/CVE-2024-3044.html * https://bugzilla.suse.com/show_bug.cgi?id=1224279 * https://bugzilla.suse.com/show_bug.cgi?id=1224309 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jul 2 08:30:09 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jul 2024 08:30:09 -0000 Subject: SUSE-SU-2024:2257-1: important: Security update for libreoffice Message-ID: <171990900972.13794.11825940591285693760@smelt2.prg2.suse.org> # Security update for libreoffice Announcement ID: SUSE-SU-2024:2257-1 Rating: important References: * bsc#1224279 * bsc#1224309 Cross-References: * CVE-2024-3044 CVSS scores: * CVE-2024-3044 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N Affected Products: * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Workstation Extension 15 SP5 * SUSE Linux Enterprise Workstation Extension 15 SP6 * SUSE Package Hub 15 15-SP5 * SUSE Package Hub 15 15-SP6 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for libreoffice fixes the following issues: Libreoffice was updated to version 24.2.4.2: * Release notes: * https://wiki.documentfoundation.org/Releases/24.2.1/RC1 * https://wiki.documentfoundation.org/Releases/24.2.1/RC2 * Security issues fixed: * CVE-2024-3044: Fixed unchecked script execution in graphic on-click binding (bsc#1224279) * Other issues fixed: * Fixed LibreOffice build failures with ICU 75 (bsc#1224309) * Updated bundled dependencies: * curl version update from 8.6.0 to 8.7.1 * gpgme version update from 1.20.0 to 1.23.2 * libassuan version update from 2.5.6 to 2.5.7 * libgpg-error version update from 1.47 to 1.48 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-2257=1 openSUSE-SLE-15.5-2024-2257=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-2257=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-2257=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-2257=1 * SUSE Linux Enterprise Workstation Extension 15 SP5 zypper in -t patch SUSE-SLE-Product-WE-15-SP5-2024-2257=1 * SUSE Linux Enterprise Workstation Extension 15 SP6 zypper in -t patch SUSE-SLE-Product-WE-15-SP6-2024-2257=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * libreoffice-writer-extensions-24.2.4.2-150500.20.6.5 * libreoffice-filters-optional-24.2.4.2-150500.20.6.5 * libreoffice-gnome-debuginfo-24.2.4.2-150500.20.6.5 * libreoffice-base-24.2.4.2-150500.20.6.5 * libreoffice-math-debuginfo-24.2.4.2-150500.20.6.5 * libreoffice-qt5-24.2.4.2-150500.20.6.5 * libreoffice-calc-extensions-24.2.4.2-150500.20.6.5 * libreoffice-gtk3-24.2.4.2-150500.20.6.5 * libreoffice-qt5-debuginfo-24.2.4.2-150500.20.6.5 * libreoffice-sdk-24.2.4.2-150500.20.6.5 * libreofficekit-devel-24.2.4.2-150500.20.6.5 * libreoffice-base-drivers-postgresql-debuginfo-24.2.4.2-150500.20.6.5 * libreoffice-debuginfo-24.2.4.2-150500.20.6.5 * libreoffice-math-24.2.4.2-150500.20.6.5 * libreoffice-mailmerge-24.2.4.2-150500.20.6.5 * libreoffice-pyuno-debuginfo-24.2.4.2-150500.20.6.5 * libreoffice-24.2.4.2-150500.20.6.5 * libreoffice-librelogo-24.2.4.2-150500.20.6.5 * libreoffice-officebean-debuginfo-24.2.4.2-150500.20.6.5 * libreoffice-pyuno-24.2.4.2-150500.20.6.5 * libreoffice-calc-debuginfo-24.2.4.2-150500.20.6.5 * libreoffice-draw-debuginfo-24.2.4.2-150500.20.6.5 * libreoffice-base-drivers-postgresql-24.2.4.2-150500.20.6.5 * libreoffice-draw-24.2.4.2-150500.20.6.5 * libreoffice-debugsource-24.2.4.2-150500.20.6.5 * libreoffice-gtk3-debuginfo-24.2.4.2-150500.20.6.5 * libreoffice-base-debuginfo-24.2.4.2-150500.20.6.5 * libreoffice-sdk-doc-24.2.4.2-150500.20.6.5 * libreoffice-calc-24.2.4.2-150500.20.6.5 * libreoffice-impress-24.2.4.2-150500.20.6.5 * libreofficekit-24.2.4.2-150500.20.6.5 * libreoffice-gnome-24.2.4.2-150500.20.6.5 * libreoffice-writer-debuginfo-24.2.4.2-150500.20.6.5 * libreoffice-writer-24.2.4.2-150500.20.6.5 * libreoffice-officebean-24.2.4.2-150500.20.6.5 * libreoffice-sdk-debuginfo-24.2.4.2-150500.20.6.5 * libreoffice-impress-debuginfo-24.2.4.2-150500.20.6.5 * openSUSE Leap 15.5 (noarch) * libreoffice-l10n-fr-24.2.4.2-150500.20.6.5 * libreoffice-l10n-kk-24.2.4.2-150500.20.6.5 * libreoffice-l10n-ga-24.2.4.2-150500.20.6.5 * libreoffice-l10n-eo-24.2.4.2-150500.20.6.5 * libreoffice-l10n-gug-24.2.4.2-150500.20.6.5 * libreoffice-l10n-zh_CN-24.2.4.2-150500.20.6.5 * libreoffice-l10n-en_GB-24.2.4.2-150500.20.6.5 * libreoffice-l10n-sd-24.2.4.2-150500.20.6.5 * libreoffice-l10n-sq-24.2.4.2-150500.20.6.5 * libreoffice-l10n-pt_BR-24.2.4.2-150500.20.6.5 * libreoffice-l10n-ru-24.2.4.2-150500.20.6.5 * libreoffice-l10n-bs-24.2.4.2-150500.20.6.5 * libreoffice-l10n-bn_IN-24.2.4.2-150500.20.6.5 * libreoffice-l10n-te-24.2.4.2-150500.20.6.5 * libreoffice-l10n-it-24.2.4.2-150500.20.6.5 * libreoffice-l10n-ml-24.2.4.2-150500.20.6.5 * libreoffice-branding-upstream-24.2.4.2-150500.20.6.5 * libreoffice-l10n-lo-24.2.4.2-150500.20.6.5 * libreoffice-l10n-si-24.2.4.2-150500.20.6.5 * libreoffice-l10n-pl-24.2.4.2-150500.20.6.5 * libreoffice-l10n-kn-24.2.4.2-150500.20.6.5 * libreoffice-l10n-szl-24.2.4.2-150500.20.6.5 * libreoffice-l10n-kok-24.2.4.2-150500.20.6.5 * libreoffice-l10n-brx-24.2.4.2-150500.20.6.5 * libreoffice-l10n-ko-24.2.4.2-150500.20.6.5 * libreoffice-l10n-nl-24.2.4.2-150500.20.6.5 * libreoffice-l10n-xh-24.2.4.2-150500.20.6.5 * libreoffice-l10n-eu-24.2.4.2-150500.20.6.5 * libreoffice-l10n-uk-24.2.4.2-150500.20.6.5 * libreoffice-l10n-ast-24.2.4.2-150500.20.6.5 * libreoffice-l10n-zu-24.2.4.2-150500.20.6.5 * libreoffice-l10n-gd-24.2.4.2-150500.20.6.5 * libreoffice-l10n-as-24.2.4.2-150500.20.6.5 * libreoffice-l10n-ta-24.2.4.2-150500.20.6.5 * libreoffice-l10n-oc-24.2.4.2-150500.20.6.5 * libreoffice-l10n-ne-24.2.4.2-150500.20.6.5 * libreoffice-l10n-sv-24.2.4.2-150500.20.6.5 * libreoffice-l10n-af-24.2.4.2-150500.20.6.5 * libreoffice-gdb-pretty-printers-24.2.4.2-150500.20.6.5 * libreoffice-l10n-dgo-24.2.4.2-150500.20.6.5 * libreoffice-l10n-vi-24.2.4.2-150500.20.6.5 * libreoffice-l10n-tr-24.2.4.2-150500.20.6.5 * libreoffice-l10n-gl-24.2.4.2-150500.20.6.5 * libreoffice-l10n-vec-24.2.4.2-150500.20.6.5 * libreoffice-l10n-dsb-24.2.4.2-150500.20.6.5 * libreoffice-l10n-nso-24.2.4.2-150500.20.6.5 * libreoffice-l10n-tg-24.2.4.2-150500.20.6.5 * libreoffice-l10n-ts-24.2.4.2-150500.20.6.5 * libreoffice-l10n-es-24.2.4.2-150500.20.6.5 * libreoffice-l10n-bg-24.2.4.2-150500.20.6.5 * libreoffice-l10n-my-24.2.4.2-150500.20.6.5 * libreoffice-l10n-mn-24.2.4.2-150500.20.6.5 * libreoffice-l10n-is-24.2.4.2-150500.20.6.5 * libreoffice-l10n-fur-24.2.4.2-150500.20.6.5 * libreoffice-l10n-ckb-24.2.4.2-150500.20.6.5 * libreoffice-l10n-sw_TZ-24.2.4.2-150500.20.6.5 * libreoffice-l10n-om-24.2.4.2-150500.20.6.5 * libreoffice-l10n-nn-24.2.4.2-150500.20.6.5 * libreoffice-l10n-id-24.2.4.2-150500.20.6.5 * libreoffice-l10n-mai-24.2.4.2-150500.20.6.5 * libreoffice-l10n-tn-24.2.4.2-150500.20.6.5 * libreoffice-l10n-ve-24.2.4.2-150500.20.6.5 * libreoffice-l10n-gu-24.2.4.2-150500.20.6.5 * libreoffice-l10n-ka-24.2.4.2-150500.20.6.5 * libreoffice-l10n-de-24.2.4.2-150500.20.6.5 * libreoffice-l10n-sa_IN-24.2.4.2-150500.20.6.5 * libreoffice-l10n-st-24.2.4.2-150500.20.6.5 * libreoffice-l10n-he-24.2.4.2-150500.20.6.5 * libreoffice-l10n-pa-24.2.4.2-150500.20.6.5 * libreoffice-l10n-ca-24.2.4.2-150500.20.6.5 * libreoffice-l10n-or-24.2.4.2-150500.20.6.5 * libreoffice-l10n-ss-24.2.4.2-150500.20.6.5 * libreoffice-l10n-lb-24.2.4.2-150500.20.6.5 * libreoffice-l10n-da-24.2.4.2-150500.20.6.5 * libreoffice-l10n-hr-24.2.4.2-150500.20.6.5 * libreoffice-l10n-lv-24.2.4.2-150500.20.6.5 * libreoffice-l10n-km-24.2.4.2-150500.20.6.5 * libreoffice-l10n-tt-24.2.4.2-150500.20.6.5 * libreoffice-l10n-mni-24.2.4.2-150500.20.6.5 * libreoffice-l10n-en-24.2.4.2-150500.20.6.5 * libreoffice-glade-24.2.4.2-150500.20.6.5 * libreoffice-l10n-rw-24.2.4.2-150500.20.6.5 * libreoffice-l10n-zh_TW-24.2.4.2-150500.20.6.5 * libreoffice-l10n-hy-24.2.4.2-150500.20.6.5 * libreoffice-l10n-mk-24.2.4.2-150500.20.6.5 * libreoffice-l10n-hu-24.2.4.2-150500.20.6.5 * libreoffice-l10n-sat-24.2.4.2-150500.20.6.5 * libreoffice-icon-themes-24.2.4.2-150500.20.6.5 * libreoffice-l10n-br-24.2.4.2-150500.20.6.5 * libreoffice-l10n-ja-24.2.4.2-150500.20.6.5 * libreoffice-l10n-el-24.2.4.2-150500.20.6.5 * libreoffice-l10n-et-24.2.4.2-150500.20.6.5 * libreoffice-l10n-kmr_Latn-24.2.4.2-150500.20.6.5 * libreoffice-l10n-hi-24.2.4.2-150500.20.6.5 * libreoffice-l10n-ro-24.2.4.2-150500.20.6.5 * libreoffice-l10n-nr-24.2.4.2-150500.20.6.5 * libreoffice-l10n-hsb-24.2.4.2-150500.20.6.5 * libreoffice-l10n-kab-24.2.4.2-150500.20.6.5 * libreoffice-l10n-sl-24.2.4.2-150500.20.6.5 * libreoffice-l10n-fy-24.2.4.2-150500.20.6.5 * libreoffice-l10n-fi-24.2.4.2-150500.20.6.5 * libreoffice-l10n-sk-24.2.4.2-150500.20.6.5 * libreoffice-l10n-uz-24.2.4.2-150500.20.6.5 * libreoffice-l10n-nb-24.2.4.2-150500.20.6.5 * libreoffice-l10n-pt_PT-24.2.4.2-150500.20.6.5 * libreoffice-l10n-bn-24.2.4.2-150500.20.6.5 * libreoffice-l10n-am-24.2.4.2-150500.20.6.5 * libreoffice-l10n-sid-24.2.4.2-150500.20.6.5 * libreoffice-l10n-cy-24.2.4.2-150500.20.6.5 * libreoffice-l10n-cs-24.2.4.2-150500.20.6.5 * libreoffice-l10n-ar-24.2.4.2-150500.20.6.5 * libreoffice-l10n-dz-24.2.4.2-150500.20.6.5 * libreoffice-l10n-th-24.2.4.2-150500.20.6.5 * libreoffice-l10n-en_ZA-24.2.4.2-150500.20.6.5 * libreoffice-l10n-ug-24.2.4.2-150500.20.6.5 * libreoffice-l10n-ks-24.2.4.2-150500.20.6.5 * libreoffice-l10n-lt-24.2.4.2-150500.20.6.5 * libreoffice-l10n-bo-24.2.4.2-150500.20.6.5 * libreoffice-l10n-be-24.2.4.2-150500.20.6.5 * libreoffice-l10n-mr-24.2.4.2-150500.20.6.5 * libreoffice-l10n-fa-24.2.4.2-150500.20.6.5 * libreoffice-l10n-ca_valencia-24.2.4.2-150500.20.6.5 * libreoffice-l10n-sr-24.2.4.2-150500.20.6.5 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * libreoffice-writer-extensions-24.2.4.2-150500.20.6.5 * libreoffice-filters-optional-24.2.4.2-150500.20.6.5 * libreoffice-gnome-debuginfo-24.2.4.2-150500.20.6.5 * libreoffice-base-24.2.4.2-150500.20.6.5 * libreoffice-math-debuginfo-24.2.4.2-150500.20.6.5 * libreoffice-qt5-24.2.4.2-150500.20.6.5 * libreoffice-calc-extensions-24.2.4.2-150500.20.6.5 * libreoffice-gtk3-24.2.4.2-150500.20.6.5 * libreoffice-qt5-debuginfo-24.2.4.2-150500.20.6.5 * libreoffice-sdk-24.2.4.2-150500.20.6.5 * libreofficekit-devel-24.2.4.2-150500.20.6.5 * libreoffice-base-drivers-postgresql-debuginfo-24.2.4.2-150500.20.6.5 * libreoffice-debuginfo-24.2.4.2-150500.20.6.5 * libreoffice-math-24.2.4.2-150500.20.6.5 * libreoffice-mailmerge-24.2.4.2-150500.20.6.5 * libreoffice-pyuno-debuginfo-24.2.4.2-150500.20.6.5 * libreoffice-24.2.4.2-150500.20.6.5 * libreoffice-librelogo-24.2.4.2-150500.20.6.5 * libreoffice-officebean-debuginfo-24.2.4.2-150500.20.6.5 * libreoffice-pyuno-24.2.4.2-150500.20.6.5 * libreoffice-calc-debuginfo-24.2.4.2-150500.20.6.5 * libreoffice-draw-debuginfo-24.2.4.2-150500.20.6.5 * libreoffice-base-drivers-postgresql-24.2.4.2-150500.20.6.5 * libreoffice-draw-24.2.4.2-150500.20.6.5 * libreoffice-debugsource-24.2.4.2-150500.20.6.5 * libreoffice-gtk3-debuginfo-24.2.4.2-150500.20.6.5 * libreoffice-base-debuginfo-24.2.4.2-150500.20.6.5 * libreoffice-sdk-doc-24.2.4.2-150500.20.6.5 * libreoffice-calc-24.2.4.2-150500.20.6.5 * libreoffice-impress-24.2.4.2-150500.20.6.5 * libreofficekit-24.2.4.2-150500.20.6.5 * libreoffice-gnome-24.2.4.2-150500.20.6.5 * libreoffice-writer-debuginfo-24.2.4.2-150500.20.6.5 * libreoffice-writer-24.2.4.2-150500.20.6.5 * libreoffice-officebean-24.2.4.2-150500.20.6.5 * libreoffice-sdk-debuginfo-24.2.4.2-150500.20.6.5 * libreoffice-impress-debuginfo-24.2.4.2-150500.20.6.5 * openSUSE Leap 15.6 (noarch) * libreoffice-l10n-fr-24.2.4.2-150500.20.6.5 * libreoffice-l10n-kk-24.2.4.2-150500.20.6.5 * libreoffice-l10n-ga-24.2.4.2-150500.20.6.5 * libreoffice-l10n-eo-24.2.4.2-150500.20.6.5 * libreoffice-l10n-gug-24.2.4.2-150500.20.6.5 * libreoffice-l10n-zh_CN-24.2.4.2-150500.20.6.5 * libreoffice-l10n-en_GB-24.2.4.2-150500.20.6.5 * libreoffice-l10n-sd-24.2.4.2-150500.20.6.5 * libreoffice-l10n-sq-24.2.4.2-150500.20.6.5 * libreoffice-l10n-pt_BR-24.2.4.2-150500.20.6.5 * libreoffice-l10n-ru-24.2.4.2-150500.20.6.5 * libreoffice-l10n-bs-24.2.4.2-150500.20.6.5 * libreoffice-l10n-bn_IN-24.2.4.2-150500.20.6.5 * libreoffice-l10n-te-24.2.4.2-150500.20.6.5 * libreoffice-l10n-it-24.2.4.2-150500.20.6.5 * libreoffice-l10n-ml-24.2.4.2-150500.20.6.5 * libreoffice-branding-upstream-24.2.4.2-150500.20.6.5 * libreoffice-l10n-lo-24.2.4.2-150500.20.6.5 * libreoffice-l10n-si-24.2.4.2-150500.20.6.5 * libreoffice-l10n-pl-24.2.4.2-150500.20.6.5 * libreoffice-l10n-kn-24.2.4.2-150500.20.6.5 * libreoffice-l10n-szl-24.2.4.2-150500.20.6.5 * libreoffice-l10n-kok-24.2.4.2-150500.20.6.5 * libreoffice-l10n-brx-24.2.4.2-150500.20.6.5 * libreoffice-l10n-ko-24.2.4.2-150500.20.6.5 * libreoffice-l10n-nl-24.2.4.2-150500.20.6.5 * libreoffice-l10n-xh-24.2.4.2-150500.20.6.5 * libreoffice-l10n-eu-24.2.4.2-150500.20.6.5 * libreoffice-l10n-uk-24.2.4.2-150500.20.6.5 * libreoffice-l10n-ast-24.2.4.2-150500.20.6.5 * libreoffice-l10n-zu-24.2.4.2-150500.20.6.5 * libreoffice-l10n-gd-24.2.4.2-150500.20.6.5 * libreoffice-l10n-as-24.2.4.2-150500.20.6.5 * libreoffice-l10n-ta-24.2.4.2-150500.20.6.5 * libreoffice-l10n-oc-24.2.4.2-150500.20.6.5 * libreoffice-l10n-ne-24.2.4.2-150500.20.6.5 * libreoffice-l10n-sv-24.2.4.2-150500.20.6.5 * libreoffice-l10n-af-24.2.4.2-150500.20.6.5 * libreoffice-gdb-pretty-printers-24.2.4.2-150500.20.6.5 * libreoffice-l10n-dgo-24.2.4.2-150500.20.6.5 * libreoffice-l10n-vi-24.2.4.2-150500.20.6.5 * libreoffice-l10n-tr-24.2.4.2-150500.20.6.5 * libreoffice-l10n-gl-24.2.4.2-150500.20.6.5 * libreoffice-l10n-vec-24.2.4.2-150500.20.6.5 * libreoffice-l10n-dsb-24.2.4.2-150500.20.6.5 * libreoffice-l10n-nso-24.2.4.2-150500.20.6.5 * libreoffice-l10n-tg-24.2.4.2-150500.20.6.5 * libreoffice-l10n-ts-24.2.4.2-150500.20.6.5 * libreoffice-l10n-es-24.2.4.2-150500.20.6.5 * libreoffice-l10n-bg-24.2.4.2-150500.20.6.5 * libreoffice-l10n-my-24.2.4.2-150500.20.6.5 * libreoffice-l10n-mn-24.2.4.2-150500.20.6.5 * libreoffice-l10n-is-24.2.4.2-150500.20.6.5 * libreoffice-l10n-fur-24.2.4.2-150500.20.6.5 * libreoffice-l10n-ckb-24.2.4.2-150500.20.6.5 * libreoffice-l10n-sw_TZ-24.2.4.2-150500.20.6.5 * libreoffice-l10n-om-24.2.4.2-150500.20.6.5 * libreoffice-l10n-nn-24.2.4.2-150500.20.6.5 * libreoffice-l10n-id-24.2.4.2-150500.20.6.5 * libreoffice-l10n-mai-24.2.4.2-150500.20.6.5 * libreoffice-l10n-tn-24.2.4.2-150500.20.6.5 * libreoffice-l10n-ve-24.2.4.2-150500.20.6.5 * libreoffice-l10n-gu-24.2.4.2-150500.20.6.5 * libreoffice-l10n-ka-24.2.4.2-150500.20.6.5 * libreoffice-l10n-de-24.2.4.2-150500.20.6.5 * libreoffice-l10n-sa_IN-24.2.4.2-150500.20.6.5 * libreoffice-l10n-st-24.2.4.2-150500.20.6.5 * libreoffice-l10n-he-24.2.4.2-150500.20.6.5 * libreoffice-l10n-pa-24.2.4.2-150500.20.6.5 * libreoffice-l10n-ca-24.2.4.2-150500.20.6.5 * libreoffice-l10n-or-24.2.4.2-150500.20.6.5 * libreoffice-l10n-ss-24.2.4.2-150500.20.6.5 * libreoffice-l10n-lb-24.2.4.2-150500.20.6.5 * libreoffice-l10n-da-24.2.4.2-150500.20.6.5 * libreoffice-l10n-hr-24.2.4.2-150500.20.6.5 * libreoffice-l10n-lv-24.2.4.2-150500.20.6.5 * libreoffice-l10n-km-24.2.4.2-150500.20.6.5 * libreoffice-l10n-tt-24.2.4.2-150500.20.6.5 * libreoffice-l10n-mni-24.2.4.2-150500.20.6.5 * libreoffice-l10n-en-24.2.4.2-150500.20.6.5 * libreoffice-glade-24.2.4.2-150500.20.6.5 * libreoffice-l10n-rw-24.2.4.2-150500.20.6.5 * libreoffice-l10n-zh_TW-24.2.4.2-150500.20.6.5 * libreoffice-l10n-hy-24.2.4.2-150500.20.6.5 * libreoffice-l10n-mk-24.2.4.2-150500.20.6.5 * libreoffice-l10n-hu-24.2.4.2-150500.20.6.5 * libreoffice-l10n-sat-24.2.4.2-150500.20.6.5 * libreoffice-icon-themes-24.2.4.2-150500.20.6.5 * libreoffice-l10n-br-24.2.4.2-150500.20.6.5 * libreoffice-l10n-ja-24.2.4.2-150500.20.6.5 * libreoffice-l10n-el-24.2.4.2-150500.20.6.5 * libreoffice-l10n-et-24.2.4.2-150500.20.6.5 * libreoffice-l10n-kmr_Latn-24.2.4.2-150500.20.6.5 * libreoffice-l10n-hi-24.2.4.2-150500.20.6.5 * libreoffice-l10n-ro-24.2.4.2-150500.20.6.5 * libreoffice-l10n-nr-24.2.4.2-150500.20.6.5 * libreoffice-l10n-hsb-24.2.4.2-150500.20.6.5 * libreoffice-l10n-kab-24.2.4.2-150500.20.6.5 * libreoffice-l10n-sl-24.2.4.2-150500.20.6.5 * libreoffice-l10n-fy-24.2.4.2-150500.20.6.5 * libreoffice-l10n-fi-24.2.4.2-150500.20.6.5 * libreoffice-l10n-sk-24.2.4.2-150500.20.6.5 * libreoffice-l10n-uz-24.2.4.2-150500.20.6.5 * libreoffice-l10n-nb-24.2.4.2-150500.20.6.5 * libreoffice-l10n-pt_PT-24.2.4.2-150500.20.6.5 * libreoffice-l10n-bn-24.2.4.2-150500.20.6.5 * libreoffice-l10n-am-24.2.4.2-150500.20.6.5 * libreoffice-l10n-sid-24.2.4.2-150500.20.6.5 * libreoffice-l10n-cy-24.2.4.2-150500.20.6.5 * libreoffice-l10n-cs-24.2.4.2-150500.20.6.5 * libreoffice-l10n-ar-24.2.4.2-150500.20.6.5 * libreoffice-l10n-dz-24.2.4.2-150500.20.6.5 * libreoffice-l10n-th-24.2.4.2-150500.20.6.5 * libreoffice-l10n-en_ZA-24.2.4.2-150500.20.6.5 * libreoffice-l10n-ug-24.2.4.2-150500.20.6.5 * libreoffice-l10n-ks-24.2.4.2-150500.20.6.5 * libreoffice-l10n-lt-24.2.4.2-150500.20.6.5 * libreoffice-l10n-bo-24.2.4.2-150500.20.6.5 * libreoffice-l10n-be-24.2.4.2-150500.20.6.5 * libreoffice-l10n-mr-24.2.4.2-150500.20.6.5 * libreoffice-l10n-fa-24.2.4.2-150500.20.6.5 * libreoffice-l10n-ca_valencia-24.2.4.2-150500.20.6.5 * libreoffice-l10n-sr-24.2.4.2-150500.20.6.5 * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le) * libreoffice-writer-extensions-24.2.4.2-150500.20.6.5 * libreoffice-filters-optional-24.2.4.2-150500.20.6.5 * libreoffice-gnome-debuginfo-24.2.4.2-150500.20.6.5 * libreoffice-base-24.2.4.2-150500.20.6.5 * libreoffice-math-debuginfo-24.2.4.2-150500.20.6.5 * libreoffice-qt5-24.2.4.2-150500.20.6.5 * libreoffice-calc-extensions-24.2.4.2-150500.20.6.5 * libreoffice-gtk3-24.2.4.2-150500.20.6.5 * libreoffice-qt5-debuginfo-24.2.4.2-150500.20.6.5 * libreoffice-sdk-24.2.4.2-150500.20.6.5 * libreofficekit-devel-24.2.4.2-150500.20.6.5 * libreoffice-base-drivers-postgresql-debuginfo-24.2.4.2-150500.20.6.5 * libreoffice-debuginfo-24.2.4.2-150500.20.6.5 * libreoffice-math-24.2.4.2-150500.20.6.5 * libreoffice-mailmerge-24.2.4.2-150500.20.6.5 * libreoffice-pyuno-debuginfo-24.2.4.2-150500.20.6.5 * libreoffice-24.2.4.2-150500.20.6.5 * libreoffice-librelogo-24.2.4.2-150500.20.6.5 * libreoffice-officebean-debuginfo-24.2.4.2-150500.20.6.5 * libreoffice-pyuno-24.2.4.2-150500.20.6.5 * libreoffice-calc-debuginfo-24.2.4.2-150500.20.6.5 * libreoffice-draw-debuginfo-24.2.4.2-150500.20.6.5 * libreoffice-base-drivers-postgresql-24.2.4.2-150500.20.6.5 * libreoffice-draw-24.2.4.2-150500.20.6.5 * libreoffice-debugsource-24.2.4.2-150500.20.6.5 * libreoffice-gtk3-debuginfo-24.2.4.2-150500.20.6.5 * libreoffice-base-debuginfo-24.2.4.2-150500.20.6.5 * libreoffice-sdk-doc-24.2.4.2-150500.20.6.5 * libreoffice-calc-24.2.4.2-150500.20.6.5 * libreoffice-impress-24.2.4.2-150500.20.6.5 * libreofficekit-24.2.4.2-150500.20.6.5 * libreoffice-gnome-24.2.4.2-150500.20.6.5 * libreoffice-writer-debuginfo-24.2.4.2-150500.20.6.5 * libreoffice-writer-24.2.4.2-150500.20.6.5 * libreoffice-officebean-24.2.4.2-150500.20.6.5 * libreoffice-sdk-debuginfo-24.2.4.2-150500.20.6.5 * libreoffice-impress-debuginfo-24.2.4.2-150500.20.6.5 * SUSE Package Hub 15 15-SP5 (noarch) * libreoffice-l10n-fr-24.2.4.2-150500.20.6.5 * libreoffice-l10n-kk-24.2.4.2-150500.20.6.5 * libreoffice-l10n-ga-24.2.4.2-150500.20.6.5 * libreoffice-l10n-eo-24.2.4.2-150500.20.6.5 * libreoffice-l10n-gug-24.2.4.2-150500.20.6.5 * libreoffice-l10n-zh_CN-24.2.4.2-150500.20.6.5 * libreoffice-l10n-en_GB-24.2.4.2-150500.20.6.5 * libreoffice-l10n-sd-24.2.4.2-150500.20.6.5 * libreoffice-l10n-sq-24.2.4.2-150500.20.6.5 * libreoffice-l10n-pt_BR-24.2.4.2-150500.20.6.5 * libreoffice-l10n-ru-24.2.4.2-150500.20.6.5 * libreoffice-l10n-bs-24.2.4.2-150500.20.6.5 * libreoffice-l10n-bn_IN-24.2.4.2-150500.20.6.5 * libreoffice-l10n-te-24.2.4.2-150500.20.6.5 * libreoffice-l10n-it-24.2.4.2-150500.20.6.5 * libreoffice-l10n-ml-24.2.4.2-150500.20.6.5 * libreoffice-branding-upstream-24.2.4.2-150500.20.6.5 * libreoffice-l10n-lo-24.2.4.2-150500.20.6.5 * libreoffice-l10n-si-24.2.4.2-150500.20.6.5 * libreoffice-l10n-pl-24.2.4.2-150500.20.6.5 * libreoffice-l10n-kn-24.2.4.2-150500.20.6.5 * libreoffice-l10n-szl-24.2.4.2-150500.20.6.5 * libreoffice-l10n-kok-24.2.4.2-150500.20.6.5 * libreoffice-l10n-brx-24.2.4.2-150500.20.6.5 * libreoffice-l10n-ko-24.2.4.2-150500.20.6.5 * libreoffice-l10n-nl-24.2.4.2-150500.20.6.5 * libreoffice-l10n-xh-24.2.4.2-150500.20.6.5 * libreoffice-l10n-eu-24.2.4.2-150500.20.6.5 * libreoffice-l10n-uk-24.2.4.2-150500.20.6.5 * libreoffice-l10n-ast-24.2.4.2-150500.20.6.5 * libreoffice-l10n-zu-24.2.4.2-150500.20.6.5 * libreoffice-l10n-gd-24.2.4.2-150500.20.6.5 * libreoffice-l10n-as-24.2.4.2-150500.20.6.5 * libreoffice-l10n-ta-24.2.4.2-150500.20.6.5 * libreoffice-l10n-oc-24.2.4.2-150500.20.6.5 * libreoffice-l10n-ne-24.2.4.2-150500.20.6.5 * libreoffice-l10n-sv-24.2.4.2-150500.20.6.5 * libreoffice-l10n-af-24.2.4.2-150500.20.6.5 * libreoffice-gdb-pretty-printers-24.2.4.2-150500.20.6.5 * libreoffice-l10n-dgo-24.2.4.2-150500.20.6.5 * libreoffice-l10n-vi-24.2.4.2-150500.20.6.5 * libreoffice-l10n-tr-24.2.4.2-150500.20.6.5 * libreoffice-l10n-gl-24.2.4.2-150500.20.6.5 * libreoffice-l10n-vec-24.2.4.2-150500.20.6.5 * libreoffice-l10n-dsb-24.2.4.2-150500.20.6.5 * libreoffice-l10n-nso-24.2.4.2-150500.20.6.5 * libreoffice-l10n-tg-24.2.4.2-150500.20.6.5 * libreoffice-l10n-ts-24.2.4.2-150500.20.6.5 * libreoffice-l10n-es-24.2.4.2-150500.20.6.5 * libreoffice-l10n-bg-24.2.4.2-150500.20.6.5 * libreoffice-l10n-my-24.2.4.2-150500.20.6.5 * libreoffice-l10n-mn-24.2.4.2-150500.20.6.5 * libreoffice-l10n-is-24.2.4.2-150500.20.6.5 * libreoffice-l10n-fur-24.2.4.2-150500.20.6.5 * libreoffice-l10n-ckb-24.2.4.2-150500.20.6.5 * libreoffice-l10n-sw_TZ-24.2.4.2-150500.20.6.5 * libreoffice-l10n-om-24.2.4.2-150500.20.6.5 * libreoffice-l10n-nn-24.2.4.2-150500.20.6.5 * libreoffice-l10n-id-24.2.4.2-150500.20.6.5 * libreoffice-l10n-mai-24.2.4.2-150500.20.6.5 * libreoffice-l10n-tn-24.2.4.2-150500.20.6.5 * libreoffice-l10n-ve-24.2.4.2-150500.20.6.5 * libreoffice-l10n-gu-24.2.4.2-150500.20.6.5 * libreoffice-l10n-ka-24.2.4.2-150500.20.6.5 * libreoffice-l10n-de-24.2.4.2-150500.20.6.5 * libreoffice-l10n-sa_IN-24.2.4.2-150500.20.6.5 * libreoffice-l10n-st-24.2.4.2-150500.20.6.5 * libreoffice-l10n-he-24.2.4.2-150500.20.6.5 * libreoffice-l10n-pa-24.2.4.2-150500.20.6.5 * libreoffice-l10n-ca-24.2.4.2-150500.20.6.5 * libreoffice-l10n-or-24.2.4.2-150500.20.6.5 * libreoffice-l10n-ss-24.2.4.2-150500.20.6.5 * libreoffice-l10n-lb-24.2.4.2-150500.20.6.5 * libreoffice-l10n-da-24.2.4.2-150500.20.6.5 * libreoffice-l10n-hr-24.2.4.2-150500.20.6.5 * libreoffice-l10n-lv-24.2.4.2-150500.20.6.5 * libreoffice-l10n-km-24.2.4.2-150500.20.6.5 * libreoffice-l10n-tt-24.2.4.2-150500.20.6.5 * libreoffice-l10n-mni-24.2.4.2-150500.20.6.5 * libreoffice-l10n-en-24.2.4.2-150500.20.6.5 * libreoffice-glade-24.2.4.2-150500.20.6.5 * libreoffice-l10n-rw-24.2.4.2-150500.20.6.5 * libreoffice-l10n-zh_TW-24.2.4.2-150500.20.6.5 * libreoffice-l10n-mk-24.2.4.2-150500.20.6.5 * libreoffice-l10n-hu-24.2.4.2-150500.20.6.5 * libreoffice-l10n-sat-24.2.4.2-150500.20.6.5 * libreoffice-icon-themes-24.2.4.2-150500.20.6.5 * libreoffice-l10n-br-24.2.4.2-150500.20.6.5 * libreoffice-l10n-ja-24.2.4.2-150500.20.6.5 * libreoffice-l10n-el-24.2.4.2-150500.20.6.5 * libreoffice-l10n-et-24.2.4.2-150500.20.6.5 * libreoffice-l10n-kmr_Latn-24.2.4.2-150500.20.6.5 * libreoffice-l10n-hi-24.2.4.2-150500.20.6.5 * libreoffice-l10n-ro-24.2.4.2-150500.20.6.5 * libreoffice-l10n-nr-24.2.4.2-150500.20.6.5 * libreoffice-l10n-hsb-24.2.4.2-150500.20.6.5 * libreoffice-l10n-kab-24.2.4.2-150500.20.6.5 * libreoffice-l10n-sl-24.2.4.2-150500.20.6.5 * libreoffice-l10n-fy-24.2.4.2-150500.20.6.5 * libreoffice-l10n-fi-24.2.4.2-150500.20.6.5 * libreoffice-l10n-sk-24.2.4.2-150500.20.6.5 * libreoffice-l10n-uz-24.2.4.2-150500.20.6.5 * libreoffice-l10n-nb-24.2.4.2-150500.20.6.5 * libreoffice-l10n-pt_PT-24.2.4.2-150500.20.6.5 * libreoffice-l10n-bn-24.2.4.2-150500.20.6.5 * libreoffice-l10n-am-24.2.4.2-150500.20.6.5 * libreoffice-l10n-sid-24.2.4.2-150500.20.6.5 * libreoffice-l10n-cy-24.2.4.2-150500.20.6.5 * libreoffice-l10n-cs-24.2.4.2-150500.20.6.5 * libreoffice-l10n-ar-24.2.4.2-150500.20.6.5 * libreoffice-l10n-dz-24.2.4.2-150500.20.6.5 * libreoffice-l10n-th-24.2.4.2-150500.20.6.5 * libreoffice-l10n-en_ZA-24.2.4.2-150500.20.6.5 * libreoffice-l10n-ug-24.2.4.2-150500.20.6.5 * libreoffice-l10n-ks-24.2.4.2-150500.20.6.5 * libreoffice-l10n-lt-24.2.4.2-150500.20.6.5 * libreoffice-l10n-bo-24.2.4.2-150500.20.6.5 * libreoffice-l10n-be-24.2.4.2-150500.20.6.5 * libreoffice-l10n-mr-24.2.4.2-150500.20.6.5 * libreoffice-l10n-fa-24.2.4.2-150500.20.6.5 * libreoffice-l10n-ca_valencia-24.2.4.2-150500.20.6.5 * libreoffice-l10n-sr-24.2.4.2-150500.20.6.5 * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le) * libreoffice-writer-extensions-24.2.4.2-150500.20.6.5 * libreoffice-filters-optional-24.2.4.2-150500.20.6.5 * libreoffice-gnome-debuginfo-24.2.4.2-150500.20.6.5 * libreoffice-base-24.2.4.2-150500.20.6.5 * libreoffice-math-debuginfo-24.2.4.2-150500.20.6.5 * libreoffice-qt5-24.2.4.2-150500.20.6.5 * libreoffice-calc-extensions-24.2.4.2-150500.20.6.5 * libreoffice-gtk3-24.2.4.2-150500.20.6.5 * libreoffice-qt5-debuginfo-24.2.4.2-150500.20.6.5 * libreoffice-sdk-24.2.4.2-150500.20.6.5 * libreofficekit-devel-24.2.4.2-150500.20.6.5 * libreoffice-base-drivers-postgresql-debuginfo-24.2.4.2-150500.20.6.5 * libreoffice-debuginfo-24.2.4.2-150500.20.6.5 * libreoffice-math-24.2.4.2-150500.20.6.5 * libreoffice-mailmerge-24.2.4.2-150500.20.6.5 * libreoffice-pyuno-debuginfo-24.2.4.2-150500.20.6.5 * libreoffice-24.2.4.2-150500.20.6.5 * libreoffice-librelogo-24.2.4.2-150500.20.6.5 * libreoffice-officebean-debuginfo-24.2.4.2-150500.20.6.5 * libreoffice-pyuno-24.2.4.2-150500.20.6.5 * libreoffice-calc-debuginfo-24.2.4.2-150500.20.6.5 * libreoffice-draw-debuginfo-24.2.4.2-150500.20.6.5 * libreoffice-base-drivers-postgresql-24.2.4.2-150500.20.6.5 * libreoffice-draw-24.2.4.2-150500.20.6.5 * libreoffice-debugsource-24.2.4.2-150500.20.6.5 * libreoffice-gtk3-debuginfo-24.2.4.2-150500.20.6.5 * libreoffice-base-debuginfo-24.2.4.2-150500.20.6.5 * libreoffice-sdk-doc-24.2.4.2-150500.20.6.5 * libreoffice-calc-24.2.4.2-150500.20.6.5 * libreoffice-impress-24.2.4.2-150500.20.6.5 * libreofficekit-24.2.4.2-150500.20.6.5 * libreoffice-gnome-24.2.4.2-150500.20.6.5 * libreoffice-writer-debuginfo-24.2.4.2-150500.20.6.5 * libreoffice-writer-24.2.4.2-150500.20.6.5 * libreoffice-officebean-24.2.4.2-150500.20.6.5 * libreoffice-sdk-debuginfo-24.2.4.2-150500.20.6.5 * libreoffice-impress-debuginfo-24.2.4.2-150500.20.6.5 * SUSE Package Hub 15 15-SP6 (noarch) * libreoffice-l10n-fr-24.2.4.2-150500.20.6.5 * libreoffice-l10n-kk-24.2.4.2-150500.20.6.5 * libreoffice-l10n-ga-24.2.4.2-150500.20.6.5 * libreoffice-l10n-eo-24.2.4.2-150500.20.6.5 * libreoffice-l10n-gug-24.2.4.2-150500.20.6.5 * libreoffice-l10n-zh_CN-24.2.4.2-150500.20.6.5 * libreoffice-l10n-en_GB-24.2.4.2-150500.20.6.5 * libreoffice-l10n-sd-24.2.4.2-150500.20.6.5 * libreoffice-l10n-sq-24.2.4.2-150500.20.6.5 * libreoffice-l10n-pt_BR-24.2.4.2-150500.20.6.5 * libreoffice-l10n-ru-24.2.4.2-150500.20.6.5 * libreoffice-l10n-bs-24.2.4.2-150500.20.6.5 * libreoffice-l10n-bn_IN-24.2.4.2-150500.20.6.5 * libreoffice-l10n-te-24.2.4.2-150500.20.6.5 * libreoffice-l10n-it-24.2.4.2-150500.20.6.5 * libreoffice-l10n-ml-24.2.4.2-150500.20.6.5 * libreoffice-branding-upstream-24.2.4.2-150500.20.6.5 * libreoffice-l10n-lo-24.2.4.2-150500.20.6.5 * libreoffice-l10n-si-24.2.4.2-150500.20.6.5 * libreoffice-l10n-pl-24.2.4.2-150500.20.6.5 * libreoffice-l10n-kn-24.2.4.2-150500.20.6.5 * libreoffice-l10n-szl-24.2.4.2-150500.20.6.5 * libreoffice-l10n-kok-24.2.4.2-150500.20.6.5 * libreoffice-l10n-brx-24.2.4.2-150500.20.6.5 * libreoffice-l10n-ko-24.2.4.2-150500.20.6.5 * libreoffice-l10n-nl-24.2.4.2-150500.20.6.5 * libreoffice-l10n-xh-24.2.4.2-150500.20.6.5 * libreoffice-l10n-eu-24.2.4.2-150500.20.6.5 * libreoffice-l10n-uk-24.2.4.2-150500.20.6.5 * libreoffice-l10n-ast-24.2.4.2-150500.20.6.5 * libreoffice-l10n-zu-24.2.4.2-150500.20.6.5 * libreoffice-l10n-gd-24.2.4.2-150500.20.6.5 * libreoffice-l10n-as-24.2.4.2-150500.20.6.5 * libreoffice-l10n-ta-24.2.4.2-150500.20.6.5 * libreoffice-l10n-oc-24.2.4.2-150500.20.6.5 * libreoffice-l10n-ne-24.2.4.2-150500.20.6.5 * libreoffice-l10n-sv-24.2.4.2-150500.20.6.5 * libreoffice-l10n-af-24.2.4.2-150500.20.6.5 * libreoffice-gdb-pretty-printers-24.2.4.2-150500.20.6.5 * libreoffice-l10n-dgo-24.2.4.2-150500.20.6.5 * libreoffice-l10n-vi-24.2.4.2-150500.20.6.5 * libreoffice-l10n-tr-24.2.4.2-150500.20.6.5 * libreoffice-l10n-gl-24.2.4.2-150500.20.6.5 * libreoffice-l10n-vec-24.2.4.2-150500.20.6.5 * libreoffice-l10n-dsb-24.2.4.2-150500.20.6.5 * libreoffice-l10n-nso-24.2.4.2-150500.20.6.5 * libreoffice-l10n-tg-24.2.4.2-150500.20.6.5 * libreoffice-l10n-ts-24.2.4.2-150500.20.6.5 * libreoffice-l10n-es-24.2.4.2-150500.20.6.5 * libreoffice-l10n-bg-24.2.4.2-150500.20.6.5 * libreoffice-l10n-my-24.2.4.2-150500.20.6.5 * libreoffice-l10n-mn-24.2.4.2-150500.20.6.5 * libreoffice-l10n-is-24.2.4.2-150500.20.6.5 * libreoffice-l10n-fur-24.2.4.2-150500.20.6.5 * libreoffice-l10n-ckb-24.2.4.2-150500.20.6.5 * libreoffice-l10n-sw_TZ-24.2.4.2-150500.20.6.5 * libreoffice-l10n-om-24.2.4.2-150500.20.6.5 * libreoffice-l10n-nn-24.2.4.2-150500.20.6.5 * libreoffice-l10n-id-24.2.4.2-150500.20.6.5 * libreoffice-l10n-mai-24.2.4.2-150500.20.6.5 * libreoffice-l10n-tn-24.2.4.2-150500.20.6.5 * libreoffice-l10n-ve-24.2.4.2-150500.20.6.5 * libreoffice-l10n-gu-24.2.4.2-150500.20.6.5 * libreoffice-l10n-ka-24.2.4.2-150500.20.6.5 * libreoffice-l10n-de-24.2.4.2-150500.20.6.5 * libreoffice-l10n-sa_IN-24.2.4.2-150500.20.6.5 * libreoffice-l10n-st-24.2.4.2-150500.20.6.5 * libreoffice-l10n-he-24.2.4.2-150500.20.6.5 * libreoffice-l10n-pa-24.2.4.2-150500.20.6.5 * libreoffice-l10n-ca-24.2.4.2-150500.20.6.5 * libreoffice-l10n-or-24.2.4.2-150500.20.6.5 * libreoffice-l10n-ss-24.2.4.2-150500.20.6.5 * libreoffice-l10n-lb-24.2.4.2-150500.20.6.5 * libreoffice-l10n-da-24.2.4.2-150500.20.6.5 * libreoffice-l10n-hr-24.2.4.2-150500.20.6.5 * libreoffice-l10n-lv-24.2.4.2-150500.20.6.5 * libreoffice-l10n-km-24.2.4.2-150500.20.6.5 * libreoffice-l10n-tt-24.2.4.2-150500.20.6.5 * libreoffice-l10n-mni-24.2.4.2-150500.20.6.5 * libreoffice-l10n-en-24.2.4.2-150500.20.6.5 * libreoffice-glade-24.2.4.2-150500.20.6.5 * libreoffice-l10n-rw-24.2.4.2-150500.20.6.5 * libreoffice-l10n-zh_TW-24.2.4.2-150500.20.6.5 * libreoffice-l10n-mk-24.2.4.2-150500.20.6.5 * libreoffice-l10n-hu-24.2.4.2-150500.20.6.5 * libreoffice-l10n-sat-24.2.4.2-150500.20.6.5 * libreoffice-icon-themes-24.2.4.2-150500.20.6.5 * libreoffice-l10n-br-24.2.4.2-150500.20.6.5 * libreoffice-l10n-ja-24.2.4.2-150500.20.6.5 * libreoffice-l10n-el-24.2.4.2-150500.20.6.5 * libreoffice-l10n-et-24.2.4.2-150500.20.6.5 * libreoffice-l10n-kmr_Latn-24.2.4.2-150500.20.6.5 * libreoffice-l10n-hi-24.2.4.2-150500.20.6.5 * libreoffice-l10n-ro-24.2.4.2-150500.20.6.5 * libreoffice-l10n-nr-24.2.4.2-150500.20.6.5 * libreoffice-l10n-hsb-24.2.4.2-150500.20.6.5 * libreoffice-l10n-kab-24.2.4.2-150500.20.6.5 * libreoffice-l10n-sl-24.2.4.2-150500.20.6.5 * libreoffice-l10n-fy-24.2.4.2-150500.20.6.5 * libreoffice-l10n-fi-24.2.4.2-150500.20.6.5 * libreoffice-l10n-sk-24.2.4.2-150500.20.6.5 * libreoffice-l10n-uz-24.2.4.2-150500.20.6.5 * libreoffice-l10n-nb-24.2.4.2-150500.20.6.5 * libreoffice-l10n-pt_PT-24.2.4.2-150500.20.6.5 * libreoffice-l10n-bn-24.2.4.2-150500.20.6.5 * libreoffice-l10n-am-24.2.4.2-150500.20.6.5 * libreoffice-l10n-sid-24.2.4.2-150500.20.6.5 * libreoffice-l10n-cy-24.2.4.2-150500.20.6.5 * libreoffice-l10n-cs-24.2.4.2-150500.20.6.5 * libreoffice-l10n-ar-24.2.4.2-150500.20.6.5 * libreoffice-l10n-dz-24.2.4.2-150500.20.6.5 * libreoffice-l10n-th-24.2.4.2-150500.20.6.5 * libreoffice-l10n-en_ZA-24.2.4.2-150500.20.6.5 * libreoffice-l10n-ug-24.2.4.2-150500.20.6.5 * libreoffice-l10n-ks-24.2.4.2-150500.20.6.5 * libreoffice-l10n-lt-24.2.4.2-150500.20.6.5 * libreoffice-l10n-bo-24.2.4.2-150500.20.6.5 * libreoffice-l10n-be-24.2.4.2-150500.20.6.5 * libreoffice-l10n-mr-24.2.4.2-150500.20.6.5 * libreoffice-l10n-fa-24.2.4.2-150500.20.6.5 * libreoffice-l10n-ca_valencia-24.2.4.2-150500.20.6.5 * libreoffice-l10n-sr-24.2.4.2-150500.20.6.5 * SUSE Linux Enterprise Workstation Extension 15 SP5 (x86_64) * libreoffice-writer-extensions-24.2.4.2-150500.20.6.5 * libreoffice-filters-optional-24.2.4.2-150500.20.6.5 * libreoffice-gnome-debuginfo-24.2.4.2-150500.20.6.5 * libreoffice-base-24.2.4.2-150500.20.6.5 * libreoffice-math-debuginfo-24.2.4.2-150500.20.6.5 * libreoffice-calc-extensions-24.2.4.2-150500.20.6.5 * libreoffice-gtk3-24.2.4.2-150500.20.6.5 * libreoffice-base-drivers-postgresql-debuginfo-24.2.4.2-150500.20.6.5 * libreoffice-debuginfo-24.2.4.2-150500.20.6.5 * libreoffice-math-24.2.4.2-150500.20.6.5 * libreoffice-mailmerge-24.2.4.2-150500.20.6.5 * libreoffice-pyuno-debuginfo-24.2.4.2-150500.20.6.5 * libreoffice-24.2.4.2-150500.20.6.5 * libreoffice-officebean-debuginfo-24.2.4.2-150500.20.6.5 * libreoffice-pyuno-24.2.4.2-150500.20.6.5 * libreoffice-calc-debuginfo-24.2.4.2-150500.20.6.5 * libreoffice-draw-debuginfo-24.2.4.2-150500.20.6.5 * libreoffice-base-drivers-postgresql-24.2.4.2-150500.20.6.5 * libreoffice-draw-24.2.4.2-150500.20.6.5 * libreoffice-debugsource-24.2.4.2-150500.20.6.5 * libreoffice-gtk3-debuginfo-24.2.4.2-150500.20.6.5 * libreoffice-base-debuginfo-24.2.4.2-150500.20.6.5 * libreoffice-calc-24.2.4.2-150500.20.6.5 * libreoffice-impress-24.2.4.2-150500.20.6.5 * libreofficekit-24.2.4.2-150500.20.6.5 * libreoffice-gnome-24.2.4.2-150500.20.6.5 * libreoffice-writer-debuginfo-24.2.4.2-150500.20.6.5 * libreoffice-writer-24.2.4.2-150500.20.6.5 * libreoffice-officebean-24.2.4.2-150500.20.6.5 * libreoffice-impress-debuginfo-24.2.4.2-150500.20.6.5 * SUSE Linux Enterprise Workstation Extension 15 SP5 (noarch) * libreoffice-l10n-fr-24.2.4.2-150500.20.6.5 * libreoffice-l10n-he-24.2.4.2-150500.20.6.5 * libreoffice-l10n-kk-24.2.4.2-150500.20.6.5 * libreoffice-l10n-pa-24.2.4.2-150500.20.6.5 * libreoffice-l10n-sl-24.2.4.2-150500.20.6.5 * libreoffice-l10n-sv-24.2.4.2-150500.20.6.5 * libreoffice-l10n-af-24.2.4.2-150500.20.6.5 * libreoffice-l10n-ca-24.2.4.2-150500.20.6.5 * libreoffice-l10n-ga-24.2.4.2-150500.20.6.5 * libreoffice-l10n-or-24.2.4.2-150500.20.6.5 * libreoffice-l10n-ss-24.2.4.2-150500.20.6.5 * libreoffice-l10n-da-24.2.4.2-150500.20.6.5 * libreoffice-l10n-tr-24.2.4.2-150500.20.6.5 * libreoffice-l10n-eo-24.2.4.2-150500.20.6.5 * libreoffice-l10n-fi-24.2.4.2-150500.20.6.5 * libreoffice-l10n-hr-24.2.4.2-150500.20.6.5 * libreoffice-l10n-lv-24.2.4.2-150500.20.6.5 * libreoffice-l10n-sk-24.2.4.2-150500.20.6.5 * libreoffice-l10n-gl-24.2.4.2-150500.20.6.5 * libreoffice-l10n-zh_CN-24.2.4.2-150500.20.6.5 * libreoffice-l10n-nso-24.2.4.2-150500.20.6.5 * libreoffice-l10n-nb-24.2.4.2-150500.20.6.5 * libreoffice-l10n-pt_BR-24.2.4.2-150500.20.6.5 * libreoffice-l10n-ru-24.2.4.2-150500.20.6.5 * libreoffice-l10n-ts-24.2.4.2-150500.20.6.5 * libreoffice-l10n-pt_PT-24.2.4.2-150500.20.6.5 * libreoffice-l10n-es-24.2.4.2-150500.20.6.5 * libreoffice-l10n-bn-24.2.4.2-150500.20.6.5 * libreoffice-l10n-bg-24.2.4.2-150500.20.6.5 * libreoffice-l10n-cy-24.2.4.2-150500.20.6.5 * libreoffice-l10n-te-24.2.4.2-150500.20.6.5 * libreoffice-l10n-en-24.2.4.2-150500.20.6.5 * libreoffice-l10n-cs-24.2.4.2-150500.20.6.5 * libreoffice-l10n-it-24.2.4.2-150500.20.6.5 * libreoffice-l10n-zh_TW-24.2.4.2-150500.20.6.5 * libreoffice-l10n-ml-24.2.4.2-150500.20.6.5 * libreoffice-l10n-ar-24.2.4.2-150500.20.6.5 * libreoffice-l10n-dz-24.2.4.2-150500.20.6.5 * libreoffice-branding-upstream-24.2.4.2-150500.20.6.5 * libreoffice-l10n-fur-24.2.4.2-150500.20.6.5 * libreoffice-l10n-th-24.2.4.2-150500.20.6.5 * libreoffice-l10n-ckb-24.2.4.2-150500.20.6.5 * libreoffice-l10n-lt-24.2.4.2-150500.20.6.5 * libreoffice-l10n-si-24.2.4.2-150500.20.6.5 * libreoffice-l10n-ta-24.2.4.2-150500.20.6.5 * libreoffice-l10n-pl-24.2.4.2-150500.20.6.5 * libreoffice-l10n-mr-24.2.4.2-150500.20.6.5 * libreoffice-l10n-hu-24.2.4.2-150500.20.6.5 * libreoffice-l10n-kn-24.2.4.2-150500.20.6.5 * libreoffice-l10n-fa-24.2.4.2-150500.20.6.5 * libreoffice-l10n-nn-24.2.4.2-150500.20.6.5 * libreoffice-icon-themes-24.2.4.2-150500.20.6.5 * libreoffice-l10n-br-24.2.4.2-150500.20.6.5 * libreoffice-l10n-ja-24.2.4.2-150500.20.6.5 * libreoffice-l10n-mai-24.2.4.2-150500.20.6.5 * libreoffice-l10n-el-24.2.4.2-150500.20.6.5 * libreoffice-l10n-tn-24.2.4.2-150500.20.6.5 * libreoffice-l10n-et-24.2.4.2-150500.20.6.5 * libreoffice-l10n-ve-24.2.4.2-150500.20.6.5 * libreoffice-l10n-ko-24.2.4.2-150500.20.6.5 * libreoffice-l10n-nl-24.2.4.2-150500.20.6.5 * libreoffice-l10n-xh-24.2.4.2-150500.20.6.5 * libreoffice-l10n-eu-24.2.4.2-150500.20.6.5 * libreoffice-l10n-gu-24.2.4.2-150500.20.6.5 * libreoffice-l10n-uk-24.2.4.2-150500.20.6.5 * libreoffice-l10n-hi-24.2.4.2-150500.20.6.5 * libreoffice-l10n-sr-24.2.4.2-150500.20.6.5 * libreoffice-l10n-zu-24.2.4.2-150500.20.6.5 * libreoffice-l10n-ro-24.2.4.2-150500.20.6.5 * libreoffice-l10n-as-24.2.4.2-150500.20.6.5 * libreoffice-l10n-nr-24.2.4.2-150500.20.6.5 * libreoffice-l10n-de-24.2.4.2-150500.20.6.5 * libreoffice-l10n-st-24.2.4.2-150500.20.6.5 * SUSE Linux Enterprise Workstation Extension 15 SP6 (x86_64) * libreoffice-writer-extensions-24.2.4.2-150500.20.6.5 * libreoffice-filters-optional-24.2.4.2-150500.20.6.5 * libreoffice-gnome-debuginfo-24.2.4.2-150500.20.6.5 * libreoffice-base-24.2.4.2-150500.20.6.5 * libreoffice-math-debuginfo-24.2.4.2-150500.20.6.5 * libreoffice-calc-extensions-24.2.4.2-150500.20.6.5 * libreoffice-gtk3-24.2.4.2-150500.20.6.5 * libreoffice-base-drivers-postgresql-debuginfo-24.2.4.2-150500.20.6.5 * libreoffice-debuginfo-24.2.4.2-150500.20.6.5 * libreoffice-math-24.2.4.2-150500.20.6.5 * libreoffice-mailmerge-24.2.4.2-150500.20.6.5 * libreoffice-pyuno-debuginfo-24.2.4.2-150500.20.6.5 * libreoffice-24.2.4.2-150500.20.6.5 * libreoffice-officebean-debuginfo-24.2.4.2-150500.20.6.5 * libreoffice-pyuno-24.2.4.2-150500.20.6.5 * libreoffice-calc-debuginfo-24.2.4.2-150500.20.6.5 * libreoffice-draw-debuginfo-24.2.4.2-150500.20.6.5 * libreoffice-base-drivers-postgresql-24.2.4.2-150500.20.6.5 * libreoffice-draw-24.2.4.2-150500.20.6.5 * libreoffice-debugsource-24.2.4.2-150500.20.6.5 * libreoffice-gtk3-debuginfo-24.2.4.2-150500.20.6.5 * libreoffice-base-debuginfo-24.2.4.2-150500.20.6.5 * libreoffice-calc-24.2.4.2-150500.20.6.5 * libreoffice-impress-24.2.4.2-150500.20.6.5 * libreofficekit-24.2.4.2-150500.20.6.5 * libreoffice-gnome-24.2.4.2-150500.20.6.5 * libreoffice-writer-debuginfo-24.2.4.2-150500.20.6.5 * libreoffice-writer-24.2.4.2-150500.20.6.5 * libreoffice-officebean-24.2.4.2-150500.20.6.5 * libreoffice-impress-debuginfo-24.2.4.2-150500.20.6.5 * SUSE Linux Enterprise Workstation Extension 15 SP6 (noarch) * libreoffice-l10n-fr-24.2.4.2-150500.20.6.5 * libreoffice-l10n-he-24.2.4.2-150500.20.6.5 * libreoffice-l10n-kk-24.2.4.2-150500.20.6.5 * libreoffice-l10n-pa-24.2.4.2-150500.20.6.5 * libreoffice-l10n-sl-24.2.4.2-150500.20.6.5 * libreoffice-l10n-sv-24.2.4.2-150500.20.6.5 * libreoffice-l10n-af-24.2.4.2-150500.20.6.5 * libreoffice-l10n-ca-24.2.4.2-150500.20.6.5 * libreoffice-l10n-ga-24.2.4.2-150500.20.6.5 * libreoffice-l10n-or-24.2.4.2-150500.20.6.5 * libreoffice-l10n-ss-24.2.4.2-150500.20.6.5 * libreoffice-l10n-da-24.2.4.2-150500.20.6.5 * libreoffice-l10n-tr-24.2.4.2-150500.20.6.5 * libreoffice-l10n-eo-24.2.4.2-150500.20.6.5 * libreoffice-l10n-fi-24.2.4.2-150500.20.6.5 * libreoffice-l10n-hr-24.2.4.2-150500.20.6.5 * libreoffice-l10n-lv-24.2.4.2-150500.20.6.5 * libreoffice-l10n-sk-24.2.4.2-150500.20.6.5 * libreoffice-l10n-gl-24.2.4.2-150500.20.6.5 * libreoffice-l10n-zh_CN-24.2.4.2-150500.20.6.5 * libreoffice-l10n-nso-24.2.4.2-150500.20.6.5 * libreoffice-l10n-nb-24.2.4.2-150500.20.6.5 * libreoffice-l10n-pt_BR-24.2.4.2-150500.20.6.5 * libreoffice-l10n-ru-24.2.4.2-150500.20.6.5 * libreoffice-l10n-ts-24.2.4.2-150500.20.6.5 * libreoffice-l10n-pt_PT-24.2.4.2-150500.20.6.5 * libreoffice-l10n-es-24.2.4.2-150500.20.6.5 * libreoffice-l10n-bn-24.2.4.2-150500.20.6.5 * libreoffice-l10n-bg-24.2.4.2-150500.20.6.5 * libreoffice-l10n-cy-24.2.4.2-150500.20.6.5 * libreoffice-l10n-te-24.2.4.2-150500.20.6.5 * libreoffice-l10n-en-24.2.4.2-150500.20.6.5 * libreoffice-l10n-cs-24.2.4.2-150500.20.6.5 * libreoffice-l10n-it-24.2.4.2-150500.20.6.5 * libreoffice-l10n-zh_TW-24.2.4.2-150500.20.6.5 * libreoffice-l10n-ml-24.2.4.2-150500.20.6.5 * libreoffice-l10n-ar-24.2.4.2-150500.20.6.5 * libreoffice-l10n-dz-24.2.4.2-150500.20.6.5 * libreoffice-branding-upstream-24.2.4.2-150500.20.6.5 * libreoffice-l10n-fur-24.2.4.2-150500.20.6.5 * libreoffice-l10n-hy-24.2.4.2-150500.20.6.5 * libreoffice-l10n-th-24.2.4.2-150500.20.6.5 * libreoffice-l10n-ckb-24.2.4.2-150500.20.6.5 * libreoffice-l10n-lt-24.2.4.2-150500.20.6.5 * libreoffice-l10n-si-24.2.4.2-150500.20.6.5 * libreoffice-l10n-ta-24.2.4.2-150500.20.6.5 * libreoffice-l10n-pl-24.2.4.2-150500.20.6.5 * libreoffice-l10n-mr-24.2.4.2-150500.20.6.5 * libreoffice-l10n-hu-24.2.4.2-150500.20.6.5 * libreoffice-l10n-kn-24.2.4.2-150500.20.6.5 * libreoffice-l10n-fa-24.2.4.2-150500.20.6.5 * libreoffice-l10n-nn-24.2.4.2-150500.20.6.5 * libreoffice-icon-themes-24.2.4.2-150500.20.6.5 * libreoffice-l10n-br-24.2.4.2-150500.20.6.5 * libreoffice-l10n-ja-24.2.4.2-150500.20.6.5 * libreoffice-l10n-mai-24.2.4.2-150500.20.6.5 * libreoffice-l10n-el-24.2.4.2-150500.20.6.5 * libreoffice-l10n-tn-24.2.4.2-150500.20.6.5 * libreoffice-l10n-et-24.2.4.2-150500.20.6.5 * libreoffice-l10n-ve-24.2.4.2-150500.20.6.5 * libreoffice-l10n-ko-24.2.4.2-150500.20.6.5 * libreoffice-l10n-nl-24.2.4.2-150500.20.6.5 * libreoffice-l10n-xh-24.2.4.2-150500.20.6.5 * libreoffice-l10n-eu-24.2.4.2-150500.20.6.5 * libreoffice-l10n-gu-24.2.4.2-150500.20.6.5 * libreoffice-l10n-uk-24.2.4.2-150500.20.6.5 * libreoffice-l10n-hi-24.2.4.2-150500.20.6.5 * libreoffice-l10n-sr-24.2.4.2-150500.20.6.5 * libreoffice-l10n-zu-24.2.4.2-150500.20.6.5 * libreoffice-l10n-ro-24.2.4.2-150500.20.6.5 * libreoffice-l10n-as-24.2.4.2-150500.20.6.5 * libreoffice-l10n-nr-24.2.4.2-150500.20.6.5 * libreoffice-l10n-de-24.2.4.2-150500.20.6.5 * libreoffice-l10n-st-24.2.4.2-150500.20.6.5 ## References: * https://www.suse.com/security/cve/CVE-2024-3044.html * https://bugzilla.suse.com/show_bug.cgi?id=1224279 * https://bugzilla.suse.com/show_bug.cgi?id=1224309 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jul 2 08:30:15 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jul 2024 08:30:15 -0000 Subject: SUSE-SU-2024:2254-1: low: Security update for python310 Message-ID: <171990901547.13794.5243674347509434874@smelt2.prg2.suse.org> # Security update for python310 Announcement ID: SUSE-SU-2024:2254-1 Rating: low References: * bsc#1226448 Cross-References: * CVE-2024-4032 CVSS scores: * CVE-2024-4032 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap 15.6 An update that solves one vulnerability can now be installed. ## Description: This update for python310 fixes the following issues: * CVE-2024-4032: Rearranging definition of private v global IP. (bsc#1226448) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-2254=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-2254=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-2254=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * libpython3_10-1_0-debuginfo-3.10.14-150400.4.51.1 * python310-3.10.14-150400.4.51.1 * python310-curses-3.10.14-150400.4.51.1 * python310-tk-debuginfo-3.10.14-150400.4.51.1 * python310-idle-3.10.14-150400.4.51.1 * python310-curses-debuginfo-3.10.14-150400.4.51.1 * python310-devel-3.10.14-150400.4.51.1 * python310-doc-devhelp-3.10.14-150400.4.51.1 * python310-doc-3.10.14-150400.4.51.1 * python310-dbm-3.10.14-150400.4.51.1 * python310-debugsource-3.10.14-150400.4.51.1 * python310-core-debugsource-3.10.14-150400.4.51.1 * python310-testsuite-3.10.14-150400.4.51.1 * python310-tools-3.10.14-150400.4.51.1 * python310-tk-3.10.14-150400.4.51.1 * python310-testsuite-debuginfo-3.10.14-150400.4.51.1 * python310-debuginfo-3.10.14-150400.4.51.1 * libpython3_10-1_0-3.10.14-150400.4.51.1 * python310-base-3.10.14-150400.4.51.1 * python310-dbm-debuginfo-3.10.14-150400.4.51.1 * python310-base-debuginfo-3.10.14-150400.4.51.1 * openSUSE Leap 15.5 (x86_64) * libpython3_10-1_0-32bit-3.10.14-150400.4.51.1 * python310-base-32bit-3.10.14-150400.4.51.1 * python310-base-32bit-debuginfo-3.10.14-150400.4.51.1 * libpython3_10-1_0-32bit-debuginfo-3.10.14-150400.4.51.1 * python310-32bit-3.10.14-150400.4.51.1 * python310-32bit-debuginfo-3.10.14-150400.4.51.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * libpython3_10-1_0-debuginfo-3.10.14-150400.4.51.1 * python310-3.10.14-150400.4.51.1 * python310-curses-3.10.14-150400.4.51.1 * python310-tk-debuginfo-3.10.14-150400.4.51.1 * python310-idle-3.10.14-150400.4.51.1 * python310-curses-debuginfo-3.10.14-150400.4.51.1 * python310-devel-3.10.14-150400.4.51.1 * python310-doc-devhelp-3.10.14-150400.4.51.1 * python310-doc-3.10.14-150400.4.51.1 * python310-dbm-3.10.14-150400.4.51.1 * python310-debugsource-3.10.14-150400.4.51.1 * python310-core-debugsource-3.10.14-150400.4.51.1 * python310-testsuite-3.10.14-150400.4.51.1 * python310-tools-3.10.14-150400.4.51.1 * python310-tk-3.10.14-150400.4.51.1 * python310-testsuite-debuginfo-3.10.14-150400.4.51.1 * python310-debuginfo-3.10.14-150400.4.51.1 * libpython3_10-1_0-3.10.14-150400.4.51.1 * python310-base-3.10.14-150400.4.51.1 * python310-dbm-debuginfo-3.10.14-150400.4.51.1 * python310-base-debuginfo-3.10.14-150400.4.51.1 * openSUSE Leap 15.6 (x86_64) * libpython3_10-1_0-32bit-3.10.14-150400.4.51.1 * python310-base-32bit-3.10.14-150400.4.51.1 * python310-base-32bit-debuginfo-3.10.14-150400.4.51.1 * libpython3_10-1_0-32bit-debuginfo-3.10.14-150400.4.51.1 * python310-32bit-3.10.14-150400.4.51.1 * python310-32bit-debuginfo-3.10.14-150400.4.51.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * libpython3_10-1_0-debuginfo-3.10.14-150400.4.51.1 * python310-3.10.14-150400.4.51.1 * python310-curses-3.10.14-150400.4.51.1 * python310-tk-debuginfo-3.10.14-150400.4.51.1 * python310-idle-3.10.14-150400.4.51.1 * python310-curses-debuginfo-3.10.14-150400.4.51.1 * python310-devel-3.10.14-150400.4.51.1 * python310-doc-devhelp-3.10.14-150400.4.51.1 * python310-doc-3.10.14-150400.4.51.1 * python310-dbm-3.10.14-150400.4.51.1 * python310-debugsource-3.10.14-150400.4.51.1 * python310-core-debugsource-3.10.14-150400.4.51.1 * python310-testsuite-3.10.14-150400.4.51.1 * python310-tools-3.10.14-150400.4.51.1 * python310-testsuite-debuginfo-3.10.14-150400.4.51.1 * python310-tk-3.10.14-150400.4.51.1 * python310-debuginfo-3.10.14-150400.4.51.1 * python310-dbm-debuginfo-3.10.14-150400.4.51.1 * libpython3_10-1_0-3.10.14-150400.4.51.1 * python310-base-3.10.14-150400.4.51.1 * python310-base-debuginfo-3.10.14-150400.4.51.1 * openSUSE Leap 15.4 (x86_64) * libpython3_10-1_0-32bit-3.10.14-150400.4.51.1 * python310-base-32bit-3.10.14-150400.4.51.1 * python310-base-32bit-debuginfo-3.10.14-150400.4.51.1 * libpython3_10-1_0-32bit-debuginfo-3.10.14-150400.4.51.1 * python310-32bit-3.10.14-150400.4.51.1 * python310-32bit-debuginfo-3.10.14-150400.4.51.1 * openSUSE Leap 15.4 (aarch64_ilp32) * python310-64bit-3.10.14-150400.4.51.1 * libpython3_10-1_0-64bit-3.10.14-150400.4.51.1 * python310-base-64bit-3.10.14-150400.4.51.1 * python310-64bit-debuginfo-3.10.14-150400.4.51.1 * libpython3_10-1_0-64bit-debuginfo-3.10.14-150400.4.51.1 * python310-base-64bit-debuginfo-3.10.14-150400.4.51.1 ## References: * https://www.suse.com/security/cve/CVE-2024-4032.html * https://bugzilla.suse.com/show_bug.cgi?id=1226448 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jul 2 12:30:03 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jul 2024 12:30:03 -0000 Subject: SUSE-SU-2024:2273-1: moderate: Security update for podman Message-ID: <171992340374.10952.17101705149268857602@smelt2.prg2.suse.org> # Security update for podman Announcement ID: SUSE-SU-2024:2273-1 Rating: moderate References: * bsc#1227052 Cross-References: * CVE-2024-6104 CVSS scores: * CVE-2024-6104 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N * CVE-2024-6104 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 An update that solves one vulnerability can now be installed. ## Description: This update for podman fixes the following issues: * CVE-2024-6104: Fixed a potential leak of sensitive information on HTTP log file (bsc#1227052). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-2273=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-2273=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-2273=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-2273=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-2273=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * podman-remote-debuginfo-4.9.5-150400.4.30.1 * podman-debuginfo-4.9.5-150400.4.30.1 * podman-remote-4.9.5-150400.4.30.1 * podman-4.9.5-150400.4.30.1 * podmansh-4.9.5-150400.4.30.1 * openSUSE Leap 15.4 (noarch) * podman-docker-4.9.5-150400.4.30.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * podman-4.9.5-150400.4.30.1 * podman-debuginfo-4.9.5-150400.4.30.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * podman-4.9.5-150400.4.30.1 * podman-debuginfo-4.9.5-150400.4.30.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * podman-4.9.5-150400.4.30.1 * podman-debuginfo-4.9.5-150400.4.30.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * podman-4.9.5-150400.4.30.1 * podman-debuginfo-4.9.5-150400.4.30.1 ## References: * https://www.suse.com/security/cve/CVE-2024-6104.html * https://bugzilla.suse.com/show_bug.cgi?id=1227052 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jul 2 12:30:05 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jul 2024 12:30:05 -0000 Subject: SUSE-SU-2024:2272-1: critical: Security update for python-Js2Py Message-ID: <171992340560.10952.7177954803851814812@smelt2.prg2.suse.org> # Security update for python-Js2Py Announcement ID: SUSE-SU-2024:2272-1 Rating: critical References: * bsc#1226660 Cross-References: * CVE-2024-28397 CVSS scores: * CVE-2024-28397 ( SUSE ): 9.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.6 An update that solves one vulnerability can now be installed. ## Description: This update for python-Js2Py fixes the following issues: * CVE-2024-28397: Fixed a potential sandbox escape via untrusted JavaScript code (bsc#1226660). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-2272=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-2272=1 ## Package List: * openSUSE Leap 15.4 (noarch) * python311-Js2Py-0.74-150400.9.6.1 * openSUSE Leap 15.6 (noarch) * python311-Js2Py-0.74-150400.9.6.1 ## References: * https://www.suse.com/security/cve/CVE-2024-28397.html * https://bugzilla.suse.com/show_bug.cgi?id=1226660 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jul 2 12:30:07 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jul 2024 12:30:07 -0000 Subject: SUSE-SU-2024:2271-1: important: Security update for openssl-1_1-livepatches Message-ID: <171992340735.10952.895725437467778238@smelt2.prg2.suse.org> # Security update for openssl-1_1-livepatches Announcement ID: SUSE-SU-2024:2271-1 Rating: important References: * bsc#1224458 * bsc#1225552 Cross-References: * CVE-2024-4741 CVSS scores: * CVE-2024-4741 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for openssl-1_1-livepatches fixes the following issues: * CVE-2024-4741: Fixed a use-after-free with SSL_free_buffers. (bsc#1225551) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-2271=1 * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-2271=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP5 (x86_64) * openssl-1_1-livepatches-debugsource-0.4-150500.6.8.1 * openssl-1_1-livepatches-debuginfo-0.4-150500.6.8.1 * openssl-1_1-livepatches-0.4-150500.6.8.1 * openSUSE Leap 15.5 (x86_64) * openssl-1_1-livepatches-debugsource-0.4-150500.6.8.1 * openssl-1_1-livepatches-debuginfo-0.4-150500.6.8.1 * openssl-1_1-livepatches-0.4-150500.6.8.1 ## References: * https://www.suse.com/security/cve/CVE-2024-4741.html * https://bugzilla.suse.com/show_bug.cgi?id=1224458 * https://bugzilla.suse.com/show_bug.cgi?id=1225552 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jul 2 12:30:09 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jul 2024 12:30:09 -0000 Subject: SUSE-SU-2024:2270-1: moderate: Security update for squid Message-ID: <171992340905.10952.15673493421066114198@smelt2.prg2.suse.org> # Security update for squid Announcement ID: SUSE-SU-2024:2270-1 Rating: moderate References: * bsc#1227086 Cross-References: * CVE-2024-37894 CVSS scores: * CVE-2024-37894 ( SUSE ): 6.3 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for squid fixes the following issues: * CVE-2024-37894: Fixed a denial of Service issue in ESI processing (bsc#1227086) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-2270=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-2270=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-2270=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * squid-debuginfo-4.17-4.50.1 * squid-debugsource-4.17-4.50.1 * squid-4.17-4.50.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * squid-debuginfo-4.17-4.50.1 * squid-debugsource-4.17-4.50.1 * squid-4.17-4.50.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * squid-debuginfo-4.17-4.50.1 * squid-debugsource-4.17-4.50.1 * squid-4.17-4.50.1 ## References: * https://www.suse.com/security/cve/CVE-2024-37894.html * https://bugzilla.suse.com/show_bug.cgi?id=1227086 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jul 2 12:30:11 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jul 2024 12:30:11 -0000 Subject: SUSE-SU-2024:2269-1: moderate: Security update for squid Message-ID: <171992341143.10952.14416838382157367775@smelt2.prg2.suse.org> # Security update for squid Announcement ID: SUSE-SU-2024:2269-1 Rating: moderate References: * bsc#1227086 Cross-References: * CVE-2024-37894 CVSS scores: * CVE-2024-37894 ( SUSE ): 6.3 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.5 * Server Applications Module 15-SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for squid fixes the following issues: * CVE-2024-37894: Fixed a denial of Service issue in ESI processing (bsc#1227086) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-2269=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-2269=1 * Server Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP5-2024-2269=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * squid-debuginfo-5.7-150400.3.32.1 * squid-debugsource-5.7-150400.3.32.1 * squid-5.7-150400.3.32.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * squid-debuginfo-5.7-150400.3.32.1 * squid-debugsource-5.7-150400.3.32.1 * squid-5.7-150400.3.32.1 * Server Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * squid-debuginfo-5.7-150400.3.32.1 * squid-debugsource-5.7-150400.3.32.1 * squid-5.7-150400.3.32.1 ## References: * https://www.suse.com/security/cve/CVE-2024-37894.html * https://bugzilla.suse.com/show_bug.cgi?id=1227086 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jul 2 12:30:12 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jul 2024 12:30:12 -0000 Subject: SUSE-SU-2024:2268-1: moderate: Security update for squid Message-ID: <171992341296.10952.2820132482426039487@smelt2.prg2.suse.org> # Security update for squid Announcement ID: SUSE-SU-2024:2268-1 Rating: moderate References: * bsc#1227086 Cross-References: * CVE-2024-37894 CVSS scores: * CVE-2024-37894 ( SUSE ): 6.3 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.6 * Server Applications Module 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for squid fixes the following issues: * Update to version 6.10 * CVE-2024-37894: Fixed a denial of Service issue in ESI processing (bsc#1227086) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-2268=1 openSUSE-SLE-15.6-2024-2268=1 * Server Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2024-2268=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * squid-6.10-150600.3.6.1 * squid-debuginfo-6.10-150600.3.6.1 * squid-debugsource-6.10-150600.3.6.1 * Server Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * squid-6.10-150600.3.6.1 * squid-debuginfo-6.10-150600.3.6.1 * squid-debugsource-6.10-150600.3.6.1 ## References: * https://www.suse.com/security/cve/CVE-2024-37894.html * https://bugzilla.suse.com/show_bug.cgi?id=1227086 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jul 2 12:30:15 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jul 2024 12:30:15 -0000 Subject: SUSE-SU-2024:2267-1: low: Security update for libxml2 Message-ID: <171992341570.10952.14030928901464724679@smelt2.prg2.suse.org> # Security update for libxml2 Announcement ID: SUSE-SU-2024:2267-1 Rating: low References: * bsc#1224282 Cross-References: * CVE-2024-34459 CVSS scores: * CVE-2024-34459 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N Affected Products: * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 An update that solves one vulnerability can now be installed. ## Description: This update for libxml2 fixes the following issues: * CVE-2024-34459: Fixed buffer over-read in xmlHTMLPrintFileContext in xmllint.c (bsc#1224282). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-2267=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-2267=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-2267=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-2267=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-2267=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * python3-libxml2-python-debuginfo-2.9.7-150000.3.70.1 * python-libxml2-python-debugsource-2.9.7-150000.3.70.1 * python3-libxml2-python-2.9.7-150000.3.70.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * python3-libxml2-python-debuginfo-2.9.7-150000.3.70.1 * python-libxml2-python-debugsource-2.9.7-150000.3.70.1 * python3-libxml2-python-2.9.7-150000.3.70.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * libxml2-2-debuginfo-2.9.7-150000.3.70.1 * libxml2-tools-debuginfo-2.9.7-150000.3.70.1 * libxml2-tools-2.9.7-150000.3.70.1 * libxml2-2-2.9.7-150000.3.70.1 * libxml2-debugsource-2.9.7-150000.3.70.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * libxml2-2-debuginfo-2.9.7-150000.3.70.1 * libxml2-tools-debuginfo-2.9.7-150000.3.70.1 * python3-libxml2-python-debuginfo-2.9.7-150000.3.70.1 * python3-libxml2-python-2.9.7-150000.3.70.1 * libxml2-tools-2.9.7-150000.3.70.1 * libxml2-2-2.9.7-150000.3.70.1 * python-libxml2-python-debugsource-2.9.7-150000.3.70.1 * libxml2-debugsource-2.9.7-150000.3.70.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * libxml2-2-debuginfo-2.9.7-150000.3.70.1 * libxml2-tools-debuginfo-2.9.7-150000.3.70.1 * python3-libxml2-python-debuginfo-2.9.7-150000.3.70.1 * python3-libxml2-python-2.9.7-150000.3.70.1 * libxml2-tools-2.9.7-150000.3.70.1 * libxml2-2-2.9.7-150000.3.70.1 * python-libxml2-python-debugsource-2.9.7-150000.3.70.1 * libxml2-debugsource-2.9.7-150000.3.70.1 ## References: * https://www.suse.com/security/cve/CVE-2024-34459.html * https://bugzilla.suse.com/show_bug.cgi?id=1224282 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jul 2 12:30:17 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jul 2024 12:30:17 -0000 Subject: SUSE-SU-2024:2266-1: moderate: Security update for postgresql16 Message-ID: <171992341794.10952.7407360352450897788@smelt2.prg2.suse.org> # Security update for postgresql16 Announcement ID: SUSE-SU-2024:2266-1 Rating: moderate References: * bsc#1224038 * bsc#1224051 Cross-References: * CVE-2024-4317 CVSS scores: * CVE-2024-4317 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * Server Applications Module 15-SP6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for postgresql16 fixes the following issues: PostgreSQL upgrade to version 16.3 (bsc#1224051): * CVE-2024-4317: Fixed visibility restriction of pg_stats_ext and pg_stats_ext_exprs entries to the table owner (bsc#1224038). Bug fixes: * Fix incompatibility with LLVM 18. * Prepare for PostgreSQL 17. * Make sure all compilation and doc generation happens in %build. * Require LLVM <= 17 for now, because LLVM 18 doesn't seem to work. * Remove constraints file because improved memory usage for s390x * Use %patch -P N instead of deprecated %patchN. Release notes: * https://www.postgresql.org/docs/release/16.3/ ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-2266=1 openSUSE-SLE-15.6-2024-2266=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-2266=1 * Server Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2024-2266=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * postgresql16-plperl-16.2-150600.16.2.1 * postgresql16-plpython-16.2-150600.16.2.1 * postgresql16-devel-mini-16.2-150600.16.2.1 * postgresql16-server-devel-16.2-150600.16.2.1 * postgresql16-debuginfo-16.2-150600.16.2.1 * libecpg6-16.2-150600.16.2.1 * libpq5-debuginfo-16.2-150600.16.2.1 * postgresql16-devel-debuginfo-16.2-150600.16.2.1 * postgresql16-devel-mini-debuginfo-16.2-150600.16.2.1 * postgresql16-contrib-16.2-150600.16.2.1 * postgresql16-test-16.2-150600.16.2.1 * postgresql16-debugsource-16.2-150600.16.2.1 * postgresql16-pltcl-debuginfo-16.2-150600.16.2.1 * postgresql16-mini-debugsource-16.2-150600.16.2.1 * postgresql16-server-16.2-150600.16.2.1 * postgresql16-plperl-debuginfo-16.2-150600.16.2.1 * postgresql16-server-devel-debuginfo-16.2-150600.16.2.1 * libpq5-16.2-150600.16.2.1 * postgresql16-devel-16.2-150600.16.2.1 * libecpg6-debuginfo-16.2-150600.16.2.1 * postgresql16-llvmjit-devel-16.2-150600.16.2.1 * postgresql16-16.2-150600.16.2.1 * postgresql16-plpython-debuginfo-16.2-150600.16.2.1 * postgresql16-server-debuginfo-16.2-150600.16.2.1 * postgresql16-pltcl-16.2-150600.16.2.1 * postgresql16-contrib-debuginfo-16.2-150600.16.2.1 * postgresql16-llvmjit-16.2-150600.16.2.1 * postgresql16-llvmjit-debuginfo-16.2-150600.16.2.1 * openSUSE Leap 15.6 (x86_64) * libecpg6-32bit-debuginfo-16.2-150600.16.2.1 * libecpg6-32bit-16.2-150600.16.2.1 * libpq5-32bit-debuginfo-16.2-150600.16.2.1 * libpq5-32bit-16.2-150600.16.2.1 * openSUSE Leap 15.6 (noarch) * postgresql16-docs-16.2-150600.16.2.1 * openSUSE Leap 15.6 (aarch64_ilp32) * libpq5-64bit-debuginfo-16.2-150600.16.2.1 * libecpg6-64bit-debuginfo-16.2-150600.16.2.1 * libpq5-64bit-16.2-150600.16.2.1 * libecpg6-64bit-16.2-150600.16.2.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * postgresql16-16.2-150600.16.2.1 * postgresql16-debuginfo-16.2-150600.16.2.1 * postgresql16-debugsource-16.2-150600.16.2.1 * libpq5-16.2-150600.16.2.1 * libpq5-debuginfo-16.2-150600.16.2.1 * Basesystem Module 15-SP6 (x86_64) * libpq5-32bit-16.2-150600.16.2.1 * libpq5-32bit-debuginfo-16.2-150600.16.2.1 * Server Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * postgresql16-server-16.2-150600.16.2.1 * postgresql16-plpython-debuginfo-16.2-150600.16.2.1 * postgresql16-plperl-16.2-150600.16.2.1 * postgresql16-plperl-debuginfo-16.2-150600.16.2.1 * postgresql16-plpython-16.2-150600.16.2.1 * postgresql16-server-debuginfo-16.2-150600.16.2.1 * postgresql16-pltcl-16.2-150600.16.2.1 * postgresql16-server-devel-debuginfo-16.2-150600.16.2.1 * postgresql16-contrib-16.2-150600.16.2.1 * postgresql16-contrib-debuginfo-16.2-150600.16.2.1 * postgresql16-server-devel-16.2-150600.16.2.1 * postgresql16-debuginfo-16.2-150600.16.2.1 * libecpg6-16.2-150600.16.2.1 * postgresql16-debugsource-16.2-150600.16.2.1 * postgresql16-pltcl-debuginfo-16.2-150600.16.2.1 * postgresql16-devel-16.2-150600.16.2.1 * libecpg6-debuginfo-16.2-150600.16.2.1 * postgresql16-devel-debuginfo-16.2-150600.16.2.1 * Server Applications Module 15-SP6 (noarch) * postgresql16-docs-16.2-150600.16.2.1 ## References: * https://www.suse.com/security/cve/CVE-2024-4317.html * https://bugzilla.suse.com/show_bug.cgi?id=1224038 * https://bugzilla.suse.com/show_bug.cgi?id=1224051 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jul 2 12:30:21 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jul 2024 12:30:21 -0000 Subject: SUSE-SU-2024:2265-1: moderate: Security update for wireshark Message-ID: <171992342103.10952.15817320510782141418@smelt2.prg2.suse.org> # Security update for wireshark Announcement ID: SUSE-SU-2024:2265-1 Rating: moderate References: * bsc#1224259 * bsc#1224274 * bsc#1224276 Cross-References: * CVE-2024-4853 * CVE-2024-4854 * CVE-2024-4855 CVSS scores: * CVE-2024-4853 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-4854 ( SUSE ): 5.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-4855 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L Affected Products: * Basesystem Module 15-SP6 * Desktop Applications Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves three vulnerabilities can now be installed. ## Description: This update for wireshark fixes the following issues: Update to version 3.6.22: * CVE-2024-4854: MONGO and ZigBee TLV dissector infinite loops (bsc#1224274) * CVE-2024-4853: The editcap command line utility could crash when chopping bytes from the beginning of a packet (bsc#1224259) * CVE-2024-4855: The editcap command line utility could crash when injecting secrets while writing multiple files (bsc#1224276) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-2265=1 openSUSE-SLE-15.6-2024-2265=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-2265=1 * Desktop Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2024-2265=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * libwireshark15-3.6.23-150600.18.3.1 * wireshark-devel-3.6.23-150600.18.3.1 * libwsutil13-debuginfo-3.6.23-150600.18.3.1 * wireshark-debuginfo-3.6.23-150600.18.3.1 * libwsutil13-3.6.23-150600.18.3.1 * libwiretap12-3.6.23-150600.18.3.1 * libwireshark15-debuginfo-3.6.23-150600.18.3.1 * wireshark-3.6.23-150600.18.3.1 * wireshark-ui-qt-3.6.23-150600.18.3.1 * wireshark-ui-qt-debuginfo-3.6.23-150600.18.3.1 * libwiretap12-debuginfo-3.6.23-150600.18.3.1 * wireshark-debugsource-3.6.23-150600.18.3.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libwireshark15-3.6.23-150600.18.3.1 * libwsutil13-debuginfo-3.6.23-150600.18.3.1 * wireshark-debuginfo-3.6.23-150600.18.3.1 * libwsutil13-3.6.23-150600.18.3.1 * libwiretap12-3.6.23-150600.18.3.1 * libwireshark15-debuginfo-3.6.23-150600.18.3.1 * wireshark-3.6.23-150600.18.3.1 * libwiretap12-debuginfo-3.6.23-150600.18.3.1 * wireshark-debugsource-3.6.23-150600.18.3.1 * Desktop Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * wireshark-devel-3.6.23-150600.18.3.1 * wireshark-debuginfo-3.6.23-150600.18.3.1 * wireshark-ui-qt-3.6.23-150600.18.3.1 * wireshark-ui-qt-debuginfo-3.6.23-150600.18.3.1 * wireshark-debugsource-3.6.23-150600.18.3.1 ## References: * https://www.suse.com/security/cve/CVE-2024-4853.html * https://www.suse.com/security/cve/CVE-2024-4854.html * https://www.suse.com/security/cve/CVE-2024-4855.html * https://bugzilla.suse.com/show_bug.cgi?id=1224259 * https://bugzilla.suse.com/show_bug.cgi?id=1224274 * https://bugzilla.suse.com/show_bug.cgi?id=1224276 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jul 2 12:30:25 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jul 2024 12:30:25 -0000 Subject: SUSE-SU-2024:2262-1: moderate: Security update for postgresql14 Message-ID: <171992342548.10952.10193717394204077079@smelt2.prg2.suse.org> # Security update for postgresql14 Announcement ID: SUSE-SU-2024:2262-1 Rating: moderate References: * bsc#1224038 * bsc#1224051 Cross-References: * CVE-2024-4317 CVSS scores: * CVE-2024-4317 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Package Hub 15 15-SP6 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for postgresql14 fixes the following issues: * Upgrade to 14.12 (bsc#1224051): * CVE-2024-4317: Restrict visibility of pg_stats_ext and pg_stats_ext_exprs entries to the table owner. See release notes for the steps that have to be taken to fix existing PostgreSQL instances. (bsc#1224038) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-2262=1 openSUSE-SLE-15.6-2024-2262=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-2262=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * postgresql14-debuginfo-14.12-150600.16.3.1 * postgresql14-pltcl-14.12-150600.16.3.1 * postgresql14-plperl-14.12-150600.16.3.1 * postgresql14-14.12-150600.16.3.1 * postgresql14-server-devel-debuginfo-14.12-150600.16.3.1 * postgresql14-llvmjit-debuginfo-14.12-150600.16.3.1 * postgresql14-debugsource-14.12-150600.16.3.1 * postgresql14-llvmjit-14.12-150600.16.3.1 * postgresql14-contrib-14.12-150600.16.3.1 * postgresql14-plpython-14.12-150600.16.3.1 * postgresql14-pltcl-debuginfo-14.12-150600.16.3.1 * postgresql14-plpython-debuginfo-14.12-150600.16.3.1 * postgresql14-test-14.12-150600.16.3.1 * postgresql14-server-14.12-150600.16.3.1 * postgresql14-devel-14.12-150600.16.3.1 * postgresql14-server-debuginfo-14.12-150600.16.3.1 * postgresql14-llvmjit-devel-14.12-150600.16.3.1 * postgresql14-plperl-debuginfo-14.12-150600.16.3.1 * postgresql14-server-devel-14.12-150600.16.3.1 * postgresql14-contrib-debuginfo-14.12-150600.16.3.1 * postgresql14-devel-debuginfo-14.12-150600.16.3.1 * openSUSE Leap 15.6 (noarch) * postgresql14-docs-14.12-150600.16.3.1 * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64) * postgresql14-debuginfo-14.12-150600.16.3.1 * postgresql14-test-14.12-150600.16.3.1 * postgresql14-llvmjit-debuginfo-14.12-150600.16.3.1 * postgresql14-debugsource-14.12-150600.16.3.1 * postgresql14-llvmjit-14.12-150600.16.3.1 ## References: * https://www.suse.com/security/cve/CVE-2024-4317.html * https://bugzilla.suse.com/show_bug.cgi?id=1224038 * https://bugzilla.suse.com/show_bug.cgi?id=1224051 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jul 2 12:30:27 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jul 2024 12:30:27 -0000 Subject: SUSE-SU-2024:2261-1: moderate: Security update for postgresql15 Message-ID: <171992342759.10952.9693162629213488528@smelt2.prg2.suse.org> # Security update for postgresql15 Announcement ID: SUSE-SU-2024:2261-1 Rating: moderate References: * bsc#1224038 * bsc#1224051 Cross-References: * CVE-2024-4317 CVSS scores: * CVE-2024-4317 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Products: * Legacy Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for postgresql15 fixes the following issues: * Upgrade to 15.7. (bsc#1224051) * CVE-2024-4317: Restrict visibility of pg_stats_ext and pg_stats_ext_exprs entries to the table owner. See release notes for the steps that have to be taken to fix existing PostgreSQL instances. (bsc#1224038) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-2261=1 openSUSE-SLE-15.6-2024-2261=1 * Legacy Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Legacy-15-SP6-2024-2261=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * postgresql15-debuginfo-15.7-150600.16.3.1 * postgresql15-plperl-debuginfo-15.7-150600.16.3.1 * postgresql15-debugsource-15.7-150600.16.3.1 * postgresql15-llvmjit-devel-15.7-150600.16.3.1 * postgresql15-plpython-debuginfo-15.7-150600.16.3.1 * postgresql15-plpython-15.7-150600.16.3.1 * postgresql15-contrib-debuginfo-15.7-150600.16.3.1 * postgresql15-15.7-150600.16.3.1 * postgresql15-server-devel-15.7-150600.16.3.1 * postgresql15-server-15.7-150600.16.3.1 * postgresql15-devel-15.7-150600.16.3.1 * postgresql15-llvmjit-15.7-150600.16.3.1 * postgresql15-plperl-15.7-150600.16.3.1 * postgresql15-server-debuginfo-15.7-150600.16.3.1 * postgresql15-pltcl-15.7-150600.16.3.1 * postgresql15-pltcl-debuginfo-15.7-150600.16.3.1 * postgresql15-server-devel-debuginfo-15.7-150600.16.3.1 * postgresql15-devel-debuginfo-15.7-150600.16.3.1 * postgresql15-test-15.7-150600.16.3.1 * postgresql15-contrib-15.7-150600.16.3.1 * postgresql15-llvmjit-debuginfo-15.7-150600.16.3.1 * openSUSE Leap 15.6 (noarch) * postgresql15-docs-15.7-150600.16.3.1 * Legacy Module 15-SP6 (aarch64 ppc64le s390x x86_64) * postgresql15-15.7-150600.16.3.1 * postgresql15-debuginfo-15.7-150600.16.3.1 * postgresql15-server-15.7-150600.16.3.1 * postgresql15-debugsource-15.7-150600.16.3.1 * postgresql15-server-debuginfo-15.7-150600.16.3.1 * postgresql15-contrib-15.7-150600.16.3.1 * postgresql15-contrib-debuginfo-15.7-150600.16.3.1 ## References: * https://www.suse.com/security/cve/CVE-2024-4317.html * https://bugzilla.suse.com/show_bug.cgi?id=1224038 * https://bugzilla.suse.com/show_bug.cgi?id=1224051 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jul 2 12:30:29 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jul 2024 12:30:29 -0000 Subject: SUSE-SU-2024:2260-1: important: Security update for pgadmin4 Message-ID: <171992342938.10952.11638499612525145953@smelt2.prg2.suse.org> # Security update for pgadmin4 Announcement ID: SUSE-SU-2024:2260-1 Rating: important References: * bsc#1223867 * bsc#1223868 Cross-References: * CVE-2024-4215 * CVE-2024-4216 CVSS scores: * CVE-2024-4215 ( SUSE ): 8.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2024-4216 ( SUSE ): 5.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:L Affected Products: * openSUSE Leap 15.6 * Python 3 Module 15-SP6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves two vulnerabilities can now be installed. ## Description: This update for pgadmin4 fixes the following issues: * CVE-2024-4216: Fixed XSS in /settings/store endpoint (bsc#1223868). * CVE-2024-4215: Fixed multi-factor authentication bypass (bsc#1223867). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Python 3 Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Python3-15-SP6-2024-2260=1 * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-2260=1 openSUSE-SLE-15.6-2024-2260=1 ## Package List: * Python 3 Module 15-SP6 (noarch) * pgadmin4-8.5-150600.3.3.1 * system-user-pgadmin-8.5-150600.3.3.1 * pgadmin4-doc-8.5-150600.3.3.1 * openSUSE Leap 15.6 (noarch) * pgadmin4-desktop-8.5-150600.3.3.1 * pgadmin4-cloud-8.5-150600.3.3.1 * system-user-pgadmin-8.5-150600.3.3.1 * pgadmin4-doc-8.5-150600.3.3.1 * pgadmin4-web-uwsgi-8.5-150600.3.3.1 * pgadmin4-8.5-150600.3.3.1 ## References: * https://www.suse.com/security/cve/CVE-2024-4215.html * https://www.suse.com/security/cve/CVE-2024-4216.html * https://bugzilla.suse.com/show_bug.cgi?id=1223867 * https://bugzilla.suse.com/show_bug.cgi?id=1223868 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jul 2 16:30:08 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jul 2024 16:30:08 -0000 Subject: SUSE-SU-2024:2277-1: important: Security update for git Message-ID: <171993780866.10715.13950971373408411357@smelt2.prg2.suse.org> # Security update for git Announcement ID: SUSE-SU-2024:2277-1 Rating: important References: * bsc#1224168 * bsc#1224170 * bsc#1224171 * bsc#1224172 * bsc#1224173 Cross-References: * CVE-2024-32002 * CVE-2024-32004 * CVE-2024-32020 * CVE-2024-32021 * CVE-2024-32465 CVSS scores: * CVE-2024-32002 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-32002 ( NVD ): 9.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H * CVE-2024-32004 ( SUSE ): 8.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H * CVE-2024-32020 ( SUSE ): 3.9 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:L * CVE-2024-32021 ( SUSE ): 3.9 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:L * CVE-2024-32465 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP6 * Development Tools Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves five vulnerabilities can now be installed. ## Description: This update for git fixes the following issues: * CVE-2024-32002: Fix recursive clones on case-insensitive filesystems that support symbolic links are susceptible to case confusion. (bsc#1224168) * CVE-2024-32004: Fixed arbitrary code execution during local clones. (bsc#1224170) * CVE-2024-32020: Fix file overwriting vulnerability during local clones. (bsc#1224171) * CVE-2024-32021: Git may create hardlinks to arbitrary user-readable files. (bsc#1224172) * CVE-2024-32465: Fixed arbitrary code execution during clone operations. (bsc#1224173) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-2277=1 * Development Tools Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2024-2277=1 * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-2277=1 openSUSE-SLE-15.6-2024-2277=1 ## Package List: * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * git-core-debuginfo-2.43.0-150600.3.3.1 * git-debugsource-2.43.0-150600.3.3.1 * git-debuginfo-2.43.0-150600.3.3.1 * git-core-2.43.0-150600.3.3.1 * Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64) * gitk-2.43.0-150600.3.3.1 * git-email-2.43.0-150600.3.3.1 * git-web-2.43.0-150600.3.3.1 * git-svn-2.43.0-150600.3.3.1 * git-arch-2.43.0-150600.3.3.1 * git-cvs-2.43.0-150600.3.3.1 * git-daemon-debuginfo-2.43.0-150600.3.3.1 * git-daemon-2.43.0-150600.3.3.1 * git-debuginfo-2.43.0-150600.3.3.1 * git-debugsource-2.43.0-150600.3.3.1 * perl-Git-2.43.0-150600.3.3.1 * git-gui-2.43.0-150600.3.3.1 * git-2.43.0-150600.3.3.1 * Development Tools Module 15-SP6 (noarch) * git-doc-2.43.0-150600.3.3.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * gitk-2.43.0-150600.3.3.1 * git-email-2.43.0-150600.3.3.1 * git-web-2.43.0-150600.3.3.1 * git-core-2.43.0-150600.3.3.1 * git-svn-2.43.0-150600.3.3.1 * git-arch-2.43.0-150600.3.3.1 * git-cvs-2.43.0-150600.3.3.1 * git-gui-2.43.0-150600.3.3.1 * git-daemon-debuginfo-2.43.0-150600.3.3.1 * git-debugsource-2.43.0-150600.3.3.1 * git-p4-2.43.0-150600.3.3.1 * git-daemon-2.43.0-150600.3.3.1 * git-debuginfo-2.43.0-150600.3.3.1 * git-core-debuginfo-2.43.0-150600.3.3.1 * perl-Git-2.43.0-150600.3.3.1 * git-credential-libsecret-debuginfo-2.43.0-150600.3.3.1 * git-credential-libsecret-2.43.0-150600.3.3.1 * git-2.43.0-150600.3.3.1 * openSUSE Leap 15.6 (noarch) * git-doc-2.43.0-150600.3.3.1 ## References: * https://www.suse.com/security/cve/CVE-2024-32002.html * https://www.suse.com/security/cve/CVE-2024-32004.html * https://www.suse.com/security/cve/CVE-2024-32020.html * https://www.suse.com/security/cve/CVE-2024-32021.html * https://www.suse.com/security/cve/CVE-2024-32465.html * https://bugzilla.suse.com/show_bug.cgi?id=1224168 * https://bugzilla.suse.com/show_bug.cgi?id=1224170 * https://bugzilla.suse.com/show_bug.cgi?id=1224171 * https://bugzilla.suse.com/show_bug.cgi?id=1224172 * https://bugzilla.suse.com/show_bug.cgi?id=1224173 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jul 2 16:30:11 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jul 2024 16:30:11 -0000 Subject: SUSE-SU-2024:2276-1: important: Security update for ghostscript Message-ID: <171993781139.10715.11588474589590161473@smelt2.prg2.suse.org> # Security update for ghostscript Announcement ID: SUSE-SU-2024:2276-1 Rating: important References: * bsc#1226944 * bsc#1226945 * bsc#1226946 Cross-References: * CVE-2024-29510 * CVE-2024-33869 * CVE-2024-33870 CVSS scores: * CVE-2024-29510 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2024-33869 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2024-33870 ( SUSE ): 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 An update that solves three vulnerabilities can now be installed. ## Description: This update for ghostscript fixes the following issues: * CVE-2024-29510: Fixed an arbitrary path traversal when running in a permitted path (bsc#1226945). * CVE-2024-33870: Fixed a format string injection that could lead to command execution (bsc#1226944). * CVE-2024-33869: Fixed a path validation bypass that could lead to path traversal (bsc#1226946). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-2276=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-2276=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-2276=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-2276=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * ghostscript-debuginfo-9.52-23.80.1 * ghostscript-debugsource-9.52-23.80.1 * ghostscript-devel-9.52-23.80.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * ghostscript-x11-9.52-23.80.1 * ghostscript-debuginfo-9.52-23.80.1 * ghostscript-devel-9.52-23.80.1 * ghostscript-x11-debuginfo-9.52-23.80.1 * ghostscript-9.52-23.80.1 * ghostscript-debugsource-9.52-23.80.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * ghostscript-x11-9.52-23.80.1 * ghostscript-debuginfo-9.52-23.80.1 * ghostscript-devel-9.52-23.80.1 * ghostscript-x11-debuginfo-9.52-23.80.1 * ghostscript-9.52-23.80.1 * ghostscript-debugsource-9.52-23.80.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * ghostscript-x11-9.52-23.80.1 * ghostscript-debuginfo-9.52-23.80.1 * ghostscript-devel-9.52-23.80.1 * ghostscript-x11-debuginfo-9.52-23.80.1 * ghostscript-9.52-23.80.1 * ghostscript-debugsource-9.52-23.80.1 ## References: * https://www.suse.com/security/cve/CVE-2024-29510.html * https://www.suse.com/security/cve/CVE-2024-33869.html * https://www.suse.com/security/cve/CVE-2024-33870.html * https://bugzilla.suse.com/show_bug.cgi?id=1226944 * https://bugzilla.suse.com/show_bug.cgi?id=1226945 * https://bugzilla.suse.com/show_bug.cgi?id=1226946 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jul 2 16:30:13 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jul 2024 16:30:13 -0000 Subject: SUSE-SU-2024:2275-1: important: Security update for openssh Message-ID: <171993781346.10715.9395669956717882474@smelt2.prg2.suse.org> # Security update for openssh Announcement ID: SUSE-SU-2024:2275-1 Rating: important References: * bsc#1226642 Cross-References: * CVE-2024-6387 CVSS scores: * CVE-2024-6387 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP6 * Desktop Applications Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for openssh fixes the following issues: * CVE-2024-6387: Fixed race condition in a signal handler (bsc#1226642) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-2275=1 openSUSE-SLE-15.6-2024-2275=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-2275=1 * Desktop Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2024-2275=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * openssh-clients-debuginfo-9.6p1-150600.6.3.1 * openssh-askpass-gnome-debugsource-9.6p1-150600.6.3.1 * openssh-askpass-gnome-9.6p1-150600.6.3.1 * openssh-helpers-debuginfo-9.6p1-150600.6.3.1 * openssh-server-config-disallow-rootlogin-9.6p1-150600.6.3.1 * openssh-clients-9.6p1-150600.6.3.1 * openssh-helpers-9.6p1-150600.6.3.1 * openssh-9.6p1-150600.6.3.1 * openssh-debuginfo-9.6p1-150600.6.3.1 * openssh-fips-9.6p1-150600.6.3.1 * openssh-debugsource-9.6p1-150600.6.3.1 * openssh-server-9.6p1-150600.6.3.1 * openssh-common-debuginfo-9.6p1-150600.6.3.1 * openssh-cavs-debuginfo-9.6p1-150600.6.3.1 * openssh-askpass-gnome-debuginfo-9.6p1-150600.6.3.1 * openssh-server-debuginfo-9.6p1-150600.6.3.1 * openssh-common-9.6p1-150600.6.3.1 * openssh-cavs-9.6p1-150600.6.3.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * openssh-clients-debuginfo-9.6p1-150600.6.3.1 * openssh-server-config-disallow-rootlogin-9.6p1-150600.6.3.1 * openssh-clients-9.6p1-150600.6.3.1 * openssh-helpers-9.6p1-150600.6.3.1 * openssh-9.6p1-150600.6.3.1 * openssh-debuginfo-9.6p1-150600.6.3.1 * openssh-fips-9.6p1-150600.6.3.1 * openssh-debugsource-9.6p1-150600.6.3.1 * openssh-server-9.6p1-150600.6.3.1 * openssh-common-debuginfo-9.6p1-150600.6.3.1 * openssh-helpers-debuginfo-9.6p1-150600.6.3.1 * openssh-server-debuginfo-9.6p1-150600.6.3.1 * openssh-common-9.6p1-150600.6.3.1 * Desktop Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * openssh-askpass-gnome-9.6p1-150600.6.3.1 * openssh-askpass-gnome-debugsource-9.6p1-150600.6.3.1 * openssh-askpass-gnome-debuginfo-9.6p1-150600.6.3.1 ## References: * https://www.suse.com/security/cve/CVE-2024-6387.html * https://bugzilla.suse.com/show_bug.cgi?id=1226642 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jul 2 16:30:16 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jul 2024 16:30:16 -0000 Subject: SUSE-SU-2024:2274-1: moderate: Security update for python39 Message-ID: <171993781608.10715.15989630734701933185@smelt2.prg2.suse.org> # Security update for python39 Announcement ID: SUSE-SU-2024:2274-1 Rating: moderate References: * bsc#1226447 * bsc#1226448 Cross-References: * CVE-2024-0397 * CVE-2024-4032 CVSS scores: * CVE-2024-0397 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L * CVE-2024-4032 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 An update that solves two vulnerabilities can now be installed. ## Description: This update for python39 fixes the following issues: * CVE-2024-4032: Rearranging definition of private v global IP. (bsc#1226448) * CVE-2024-0397: Remove a memory race condition in ssl.SSLContext certificate store methods. (bsc#1226447) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-2274=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-2274=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-2274=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-2274=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * python36-devel-3.6.15-58.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * libpython3_6m1_0-debuginfo-3.6.15-58.1 * python36-debuginfo-3.6.15-58.1 * libpython3_6m1_0-3.6.15-58.1 * python36-debugsource-3.6.15-58.1 * python36-3.6.15-58.1 * python36-base-3.6.15-58.1 * python36-base-debuginfo-3.6.15-58.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (x86_64) * libpython3_6m1_0-debuginfo-32bit-3.6.15-58.1 * libpython3_6m1_0-32bit-3.6.15-58.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * libpython3_6m1_0-debuginfo-3.6.15-58.1 * python36-debuginfo-3.6.15-58.1 * libpython3_6m1_0-3.6.15-58.1 * python36-debugsource-3.6.15-58.1 * python36-3.6.15-58.1 * python36-base-3.6.15-58.1 * python36-base-debuginfo-3.6.15-58.1 * SUSE Linux Enterprise Server 12 SP5 (s390x x86_64) * libpython3_6m1_0-debuginfo-32bit-3.6.15-58.1 * libpython3_6m1_0-32bit-3.6.15-58.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * libpython3_6m1_0-debuginfo-3.6.15-58.1 * python36-debuginfo-3.6.15-58.1 * libpython3_6m1_0-3.6.15-58.1 * python36-debugsource-3.6.15-58.1 * python36-3.6.15-58.1 * python36-base-3.6.15-58.1 * python36-base-debuginfo-3.6.15-58.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (x86_64) * libpython3_6m1_0-debuginfo-32bit-3.6.15-58.1 * libpython3_6m1_0-32bit-3.6.15-58.1 ## References: * https://www.suse.com/security/cve/CVE-2024-0397.html * https://www.suse.com/security/cve/CVE-2024-4032.html * https://bugzilla.suse.com/show_bug.cgi?id=1226447 * https://bugzilla.suse.com/show_bug.cgi?id=1226448 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jul 2 20:30:04 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jul 2024 20:30:04 -0000 Subject: SUSE-SU-2024:2281-1: low: Security update for podofo Message-ID: <171995220471.21781.10670533952981512123@smelt2.prg2.suse.org> # Security update for podofo Announcement ID: SUSE-SU-2024:2281-1 Rating: low References: * bsc#1213720 Affected Products: * openSUSE Leap 15.3 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Package Hub 15 15-SP5 * SUSE Package Hub 15 15-SP6 An update that has one security fix can now be installed. ## Description: This update for podofo fixes the following issues: * PdfEncrypt: Validate more encrypt dictionary parameters (bsc#1213720) * PdfXRefStreamParserObject: Fixed handling of invalid XRef stream entries (bsc#1213720) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-2281=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-2281=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-2281=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-2281=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-2281=1 ## Package List: * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * podofo-debugsource-0.9.6-150300.3.12.1 * libpodofo0_9_6-0.9.6-150300.3.12.1 * podofo-debuginfo-0.9.6-150300.3.12.1 * libpodofo0_9_6-debuginfo-0.9.6-150300.3.12.1 * libpodofo-devel-0.9.6-150300.3.12.1 * podofo-0.9.6-150300.3.12.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * podofo-debugsource-0.9.6-150300.3.12.1 * libpodofo0_9_6-0.9.6-150300.3.12.1 * podofo-debuginfo-0.9.6-150300.3.12.1 * libpodofo0_9_6-debuginfo-0.9.6-150300.3.12.1 * libpodofo-devel-0.9.6-150300.3.12.1 * podofo-0.9.6-150300.3.12.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * podofo-debugsource-0.9.6-150300.3.12.1 * libpodofo0_9_6-0.9.6-150300.3.12.1 * podofo-debuginfo-0.9.6-150300.3.12.1 * libpodofo0_9_6-debuginfo-0.9.6-150300.3.12.1 * libpodofo-devel-0.9.6-150300.3.12.1 * podofo-0.9.6-150300.3.12.1 * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x x86_64) * podofo-debugsource-0.9.6-150300.3.12.1 * libpodofo0_9_6-0.9.6-150300.3.12.1 * podofo-debuginfo-0.9.6-150300.3.12.1 * libpodofo0_9_6-debuginfo-0.9.6-150300.3.12.1 * libpodofo-devel-0.9.6-150300.3.12.1 * podofo-0.9.6-150300.3.12.1 * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64) * podofo-debugsource-0.9.6-150300.3.12.1 * libpodofo0_9_6-0.9.6-150300.3.12.1 * podofo-debuginfo-0.9.6-150300.3.12.1 * libpodofo0_9_6-debuginfo-0.9.6-150300.3.12.1 * libpodofo-devel-0.9.6-150300.3.12.1 * podofo-0.9.6-150300.3.12.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1213720 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jul 2 20:30:07 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jul 2024 20:30:07 -0000 Subject: SUSE-SU-2024:2280-1: moderate: Security update for python39 Message-ID: <171995220787.21781.3881160217397702763@smelt2.prg2.suse.org> # Security update for python39 Announcement ID: SUSE-SU-2024:2280-1 Rating: moderate References: * bsc#1226447 * bsc#1226448 Cross-References: * CVE-2024-0397 * CVE-2024-4032 CVSS scores: * CVE-2024-0397 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L * CVE-2024-4032 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * Legacy Module 15-SP5 * openSUSE Leap 15.3 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves two vulnerabilities can now be installed. ## Description: This update for python39 fixes the following issues: * CVE-2024-4032: Rearranging definition of private v global IP. (bsc#1226448) * CVE-2024-0397: Remove a memory race condition in ssl.SSLContext certificate store methods. (bsc#1226447) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-2280=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-2280=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-2280=1 * Legacy Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Legacy-15-SP5-2024-2280=1 ## Package List: * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * python39-3.9.19-150300.4.46.1 * python39-core-debugsource-3.9.19-150300.4.46.1 * python39-idle-3.9.19-150300.4.46.1 * python39-base-3.9.19-150300.4.46.1 * libpython3_9-1_0-debuginfo-3.9.19-150300.4.46.1 * python39-devel-3.9.19-150300.4.46.1 * python39-doc-devhelp-3.9.19-150300.4.46.1 * libpython3_9-1_0-3.9.19-150300.4.46.1 * python39-testsuite-3.9.19-150300.4.46.1 * python39-tools-3.9.19-150300.4.46.1 * python39-dbm-3.9.19-150300.4.46.1 * python39-testsuite-debuginfo-3.9.19-150300.4.46.1 * python39-curses-debuginfo-3.9.19-150300.4.46.1 * python39-base-debuginfo-3.9.19-150300.4.46.1 * python39-debuginfo-3.9.19-150300.4.46.1 * python39-tk-3.9.19-150300.4.46.1 * python39-tk-debuginfo-3.9.19-150300.4.46.1 * python39-debugsource-3.9.19-150300.4.46.1 * python39-dbm-debuginfo-3.9.19-150300.4.46.1 * python39-curses-3.9.19-150300.4.46.1 * python39-doc-3.9.19-150300.4.46.1 * openSUSE Leap 15.3 (x86_64) * python39-32bit-3.9.19-150300.4.46.1 * python39-base-32bit-3.9.19-150300.4.46.1 * python39-32bit-debuginfo-3.9.19-150300.4.46.1 * python39-base-32bit-debuginfo-3.9.19-150300.4.46.1 * libpython3_9-1_0-32bit-3.9.19-150300.4.46.1 * libpython3_9-1_0-32bit-debuginfo-3.9.19-150300.4.46.1 * openSUSE Leap 15.3 (aarch64_ilp32) * python39-base-64bit-3.9.19-150300.4.46.1 * python39-base-64bit-debuginfo-3.9.19-150300.4.46.1 * python39-64bit-3.9.19-150300.4.46.1 * libpython3_9-1_0-64bit-3.9.19-150300.4.46.1 * libpython3_9-1_0-64bit-debuginfo-3.9.19-150300.4.46.1 * python39-64bit-debuginfo-3.9.19-150300.4.46.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * python39-3.9.19-150300.4.46.1 * python39-core-debugsource-3.9.19-150300.4.46.1 * python39-idle-3.9.19-150300.4.46.1 * python39-base-3.9.19-150300.4.46.1 * libpython3_9-1_0-debuginfo-3.9.19-150300.4.46.1 * python39-doc-devhelp-3.9.19-150300.4.46.1 * python39-devel-3.9.19-150300.4.46.1 * libpython3_9-1_0-3.9.19-150300.4.46.1 * python39-testsuite-3.9.19-150300.4.46.1 * python39-tools-3.9.19-150300.4.46.1 * python39-dbm-3.9.19-150300.4.46.1 * python39-testsuite-debuginfo-3.9.19-150300.4.46.1 * python39-base-debuginfo-3.9.19-150300.4.46.1 * python39-curses-debuginfo-3.9.19-150300.4.46.1 * python39-debuginfo-3.9.19-150300.4.46.1 * python39-tk-3.9.19-150300.4.46.1 * python39-tk-debuginfo-3.9.19-150300.4.46.1 * python39-debugsource-3.9.19-150300.4.46.1 * python39-dbm-debuginfo-3.9.19-150300.4.46.1 * python39-curses-3.9.19-150300.4.46.1 * python39-doc-3.9.19-150300.4.46.1 * openSUSE Leap 15.5 (x86_64) * libpython3_9-1_0-32bit-3.9.19-150300.4.46.1 * python39-base-32bit-3.9.19-150300.4.46.1 * python39-32bit-debuginfo-3.9.19-150300.4.46.1 * python39-base-32bit-debuginfo-3.9.19-150300.4.46.1 * python39-32bit-3.9.19-150300.4.46.1 * libpython3_9-1_0-32bit-debuginfo-3.9.19-150300.4.46.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * python39-3.9.19-150300.4.46.1 * python39-core-debugsource-3.9.19-150300.4.46.1 * python39-idle-3.9.19-150300.4.46.1 * python39-base-3.9.19-150300.4.46.1 * libpython3_9-1_0-debuginfo-3.9.19-150300.4.46.1 * python39-doc-devhelp-3.9.19-150300.4.46.1 * python39-devel-3.9.19-150300.4.46.1 * libpython3_9-1_0-3.9.19-150300.4.46.1 * python39-testsuite-3.9.19-150300.4.46.1 * python39-tools-3.9.19-150300.4.46.1 * python39-dbm-3.9.19-150300.4.46.1 * python39-testsuite-debuginfo-3.9.19-150300.4.46.1 * python39-base-debuginfo-3.9.19-150300.4.46.1 * python39-curses-debuginfo-3.9.19-150300.4.46.1 * python39-debuginfo-3.9.19-150300.4.46.1 * python39-tk-3.9.19-150300.4.46.1 * python39-tk-debuginfo-3.9.19-150300.4.46.1 * python39-debugsource-3.9.19-150300.4.46.1 * python39-dbm-debuginfo-3.9.19-150300.4.46.1 * python39-curses-3.9.19-150300.4.46.1 * python39-doc-3.9.19-150300.4.46.1 * openSUSE Leap 15.6 (x86_64) * libpython3_9-1_0-32bit-3.9.19-150300.4.46.1 * python39-base-32bit-3.9.19-150300.4.46.1 * python39-32bit-debuginfo-3.9.19-150300.4.46.1 * python39-base-32bit-debuginfo-3.9.19-150300.4.46.1 * python39-32bit-3.9.19-150300.4.46.1 * libpython3_9-1_0-32bit-debuginfo-3.9.19-150300.4.46.1 * Legacy Module 15-SP5 (aarch64 ppc64le s390x x86_64) * python39-3.9.19-150300.4.46.1 * libpython3_9-1_0-3.9.19-150300.4.46.1 * python39-base-3.9.19-150300.4.46.1 * python39-curses-3.9.19-150300.4.46.1 * python39-dbm-3.9.19-150300.4.46.1 ## References: * https://www.suse.com/security/cve/CVE-2024-0397.html * https://www.suse.com/security/cve/CVE-2024-4032.html * https://bugzilla.suse.com/show_bug.cgi?id=1226447 * https://bugzilla.suse.com/show_bug.cgi?id=1226448 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jul 2 20:30:09 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 02 Jul 2024 20:30:09 -0000 Subject: SUSE-SU-2024:2279-1: low: Security update for libxml2 Message-ID: <171995220968.21781.8442416331547611345@smelt2.prg2.suse.org> # Security update for libxml2 Announcement ID: SUSE-SU-2024:2279-1 Rating: low References: * bsc#1224282 Cross-References: * CVE-2024-34459 CVSS scores: * CVE-2024-34459 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 An update that solves one vulnerability can now be installed. ## Description: This update for libxml2 fixes the following issues: * CVE-2024-34459: Fixed buffer over-read in xmlHTMLPrintFileContext in xmllint.c (bsc#1224282). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-2279=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-2279=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-2279=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-2279=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-2279=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * libxml2-2-2.9.14-150400.5.32.1 * python311-libxml2-2.9.14-150400.5.32.1 * libxml2-devel-2.9.14-150400.5.32.1 * libxml2-tools-2.9.14-150400.5.32.1 * libxml2-tools-debuginfo-2.9.14-150400.5.32.1 * libxml2-2-debuginfo-2.9.14-150400.5.32.1 * libxml2-python-debugsource-2.9.14-150400.5.32.1 * libxml2-debugsource-2.9.14-150400.5.32.1 * python3-libxml2-debuginfo-2.9.14-150400.5.32.1 * python3-libxml2-2.9.14-150400.5.32.1 * python311-libxml2-debuginfo-2.9.14-150400.5.32.1 * openSUSE Leap 15.4 (x86_64) * libxml2-2-32bit-debuginfo-2.9.14-150400.5.32.1 * libxml2-2-32bit-2.9.14-150400.5.32.1 * libxml2-devel-32bit-2.9.14-150400.5.32.1 * openSUSE Leap 15.4 (noarch) * libxml2-doc-2.9.14-150400.5.32.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libxml2-2-64bit-2.9.14-150400.5.32.1 * libxml2-2-64bit-debuginfo-2.9.14-150400.5.32.1 * libxml2-devel-64bit-2.9.14-150400.5.32.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * libxml2-2-2.9.14-150400.5.32.1 * libxml2-tools-2.9.14-150400.5.32.1 * libxml2-tools-debuginfo-2.9.14-150400.5.32.1 * libxml2-2-debuginfo-2.9.14-150400.5.32.1 * libxml2-python-debugsource-2.9.14-150400.5.32.1 * libxml2-debugsource-2.9.14-150400.5.32.1 * python3-libxml2-debuginfo-2.9.14-150400.5.32.1 * python3-libxml2-2.9.14-150400.5.32.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * libxml2-2-2.9.14-150400.5.32.1 * libxml2-tools-2.9.14-150400.5.32.1 * libxml2-tools-debuginfo-2.9.14-150400.5.32.1 * libxml2-2-debuginfo-2.9.14-150400.5.32.1 * libxml2-python-debugsource-2.9.14-150400.5.32.1 * libxml2-debugsource-2.9.14-150400.5.32.1 * python3-libxml2-debuginfo-2.9.14-150400.5.32.1 * python3-libxml2-2.9.14-150400.5.32.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * libxml2-2-2.9.14-150400.5.32.1 * libxml2-tools-2.9.14-150400.5.32.1 * libxml2-tools-debuginfo-2.9.14-150400.5.32.1 * libxml2-2-debuginfo-2.9.14-150400.5.32.1 * libxml2-python-debugsource-2.9.14-150400.5.32.1 * libxml2-debugsource-2.9.14-150400.5.32.1 * python3-libxml2-debuginfo-2.9.14-150400.5.32.1 * python3-libxml2-2.9.14-150400.5.32.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * libxml2-2-2.9.14-150400.5.32.1 * libxml2-tools-2.9.14-150400.5.32.1 * libxml2-tools-debuginfo-2.9.14-150400.5.32.1 * libxml2-2-debuginfo-2.9.14-150400.5.32.1 * libxml2-python-debugsource-2.9.14-150400.5.32.1 * libxml2-debugsource-2.9.14-150400.5.32.1 * python3-libxml2-debuginfo-2.9.14-150400.5.32.1 * python3-libxml2-2.9.14-150400.5.32.1 ## References: * https://www.suse.com/security/cve/CVE-2024-34459.html * https://bugzilla.suse.com/show_bug.cgi?id=1224282 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jul 3 08:30:07 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 03 Jul 2024 08:30:07 -0000 Subject: SUSE-SU-2024:2288-1: low: Security update for libxml2 Message-ID: <171999540791.22249.17060216388393087301@smelt2.prg2.suse.org> # Security update for libxml2 Announcement ID: SUSE-SU-2024:2288-1 Rating: low References: * bsc#1224282 Cross-References: * CVE-2024-34459 CVSS scores: * CVE-2024-34459 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for libxml2 fixes the following issues: * CVE-2024-34459: Fixed buffer over-read in xmlHTMLPrintFileContext in xmllint.c (bsc#1224282). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-2288=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-2288=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-2288=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-2288=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * libxml2-devel-2.9.4-46.75.1 * libxml2-debugsource-2.9.4-46.75.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * libxml2-2-debuginfo-2.9.4-46.75.1 * libxml2-debugsource-2.9.4-46.75.1 * libxml2-2-2.9.4-46.75.1 * python-libxml2-debugsource-2.9.4-46.75.1 * libxml2-tools-2.9.4-46.75.1 * python-libxml2-debuginfo-2.9.4-46.75.1 * python-libxml2-2.9.4-46.75.1 * libxml2-tools-debuginfo-2.9.4-46.75.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (noarch) * libxml2-doc-2.9.4-46.75.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (x86_64) * libxml2-2-debuginfo-32bit-2.9.4-46.75.1 * libxml2-2-32bit-2.9.4-46.75.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * libxml2-2-debuginfo-2.9.4-46.75.1 * libxml2-debugsource-2.9.4-46.75.1 * libxml2-2-2.9.4-46.75.1 * python-libxml2-debugsource-2.9.4-46.75.1 * libxml2-tools-2.9.4-46.75.1 * python-libxml2-debuginfo-2.9.4-46.75.1 * python-libxml2-2.9.4-46.75.1 * libxml2-tools-debuginfo-2.9.4-46.75.1 * SUSE Linux Enterprise Server 12 SP5 (noarch) * libxml2-doc-2.9.4-46.75.1 * SUSE Linux Enterprise Server 12 SP5 (s390x x86_64) * libxml2-2-debuginfo-32bit-2.9.4-46.75.1 * libxml2-2-32bit-2.9.4-46.75.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * libxml2-2-debuginfo-2.9.4-46.75.1 * libxml2-debugsource-2.9.4-46.75.1 * libxml2-2-2.9.4-46.75.1 * python-libxml2-debugsource-2.9.4-46.75.1 * libxml2-tools-2.9.4-46.75.1 * python-libxml2-debuginfo-2.9.4-46.75.1 * python-libxml2-2.9.4-46.75.1 * libxml2-tools-debuginfo-2.9.4-46.75.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (noarch) * libxml2-doc-2.9.4-46.75.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (x86_64) * libxml2-2-debuginfo-32bit-2.9.4-46.75.1 * libxml2-2-32bit-2.9.4-46.75.1 ## References: * https://www.suse.com/security/cve/CVE-2024-34459.html * https://bugzilla.suse.com/show_bug.cgi?id=1224282 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jul 3 08:30:09 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 03 Jul 2024 08:30:09 -0000 Subject: SUSE-SU-2024:2287-1: low: Security update for podofo Message-ID: <171999540948.22249.13405568515515767513@smelt2.prg2.suse.org> # Security update for podofo Announcement ID: SUSE-SU-2024:2287-1 Rating: low References: * bsc#1213720 Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 * SUSE Linux Enterprise Workstation Extension 12 12-SP5 An update that has one security fix can now be installed. ## Description: This update for podofo fixes the following issues: * PdfEncrypt: Validate more encrypt dictionary parameters (bsc#1213720) * PdfXRefStreamParserObject: Fixed handling of invalid XRef stream entries (bsc#1213720) * Drop unused backup sources to clean up the compile env (bsc#1213720) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-2287=1 * SUSE Linux Enterprise Workstation Extension 12 12-SP5 zypper in -t patch SUSE-SLE-WE-12-SP5-2024-2287=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * podofo-debuginfo-0.9.2-3.18.1 * podofo-debugsource-0.9.2-3.18.1 * libpodofo-devel-0.9.2-3.18.1 * SUSE Linux Enterprise Workstation Extension 12 12-SP5 (x86_64) * libpodofo0_9_2-debuginfo-0.9.2-3.18.1 * podofo-debuginfo-0.9.2-3.18.1 * libpodofo0_9_2-0.9.2-3.18.1 * podofo-debugsource-0.9.2-3.18.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1213720 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jul 3 08:30:11 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 03 Jul 2024 08:30:11 -0000 Subject: SUSE-SU-2024:2286-1: moderate: Security update for podman Message-ID: <171999541108.22249.15925272011395110505@smelt2.prg2.suse.org> # Security update for podman Announcement ID: SUSE-SU-2024:2286-1 Rating: moderate References: * bsc#1227052 Cross-References: * CVE-2024-6104 CVSS scores: * CVE-2024-6104 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N * CVE-2024-6104 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * Containers Module 15-SP5 * Containers Module 15-SP6 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for podman fixes the following issues: * CVE-2024-6104: Fixed a potential leak of sensitive information on HTTP log file (bsc#1227052). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-2286=1 openSUSE-SLE-15.5-2024-2286=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-2286=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-2286=1 * Containers Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Containers-15-SP5-2024-2286=1 * Containers Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Containers-15-SP6-2024-2286=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * podmansh-4.9.5-150500.3.15.1 * podman-4.9.5-150500.3.15.1 * podman-debuginfo-4.9.5-150500.3.15.1 * podman-remote-4.9.5-150500.3.15.1 * podman-remote-debuginfo-4.9.5-150500.3.15.1 * openSUSE Leap 15.5 (noarch) * podman-docker-4.9.5-150500.3.15.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * podmansh-4.9.5-150500.3.15.1 * podman-4.9.5-150500.3.15.1 * podman-debuginfo-4.9.5-150500.3.15.1 * podman-remote-4.9.5-150500.3.15.1 * podman-remote-debuginfo-4.9.5-150500.3.15.1 * openSUSE Leap 15.6 (noarch) * podman-docker-4.9.5-150500.3.15.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * podmansh-4.9.5-150500.3.15.1 * podman-4.9.5-150500.3.15.1 * podman-debuginfo-4.9.5-150500.3.15.1 * podman-remote-4.9.5-150500.3.15.1 * podman-remote-debuginfo-4.9.5-150500.3.15.1 * SUSE Linux Enterprise Micro 5.5 (noarch) * podman-docker-4.9.5-150500.3.15.1 * Containers Module 15-SP5 (aarch64 ppc64le s390x x86_64) * podmansh-4.9.5-150500.3.15.1 * podman-4.9.5-150500.3.15.1 * podman-debuginfo-4.9.5-150500.3.15.1 * podman-remote-4.9.5-150500.3.15.1 * podman-remote-debuginfo-4.9.5-150500.3.15.1 * Containers Module 15-SP5 (noarch) * podman-docker-4.9.5-150500.3.15.1 * Containers Module 15-SP6 (aarch64 ppc64le s390x x86_64) * podmansh-4.9.5-150500.3.15.1 * podman-4.9.5-150500.3.15.1 * podman-debuginfo-4.9.5-150500.3.15.1 * podman-remote-4.9.5-150500.3.15.1 * podman-remote-debuginfo-4.9.5-150500.3.15.1 * Containers Module 15-SP6 (noarch) * podman-docker-4.9.5-150500.3.15.1 ## References: * https://www.suse.com/security/cve/CVE-2024-6104.html * https://bugzilla.suse.com/show_bug.cgi?id=1227052 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jul 3 08:30:17 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 03 Jul 2024 08:30:17 -0000 Subject: SUSE-SU-2024:2283-1: important: Security update for libndp Message-ID: <171999541785.22249.14708551007120438754@smelt2.prg2.suse.org> # Security update for libndp Announcement ID: SUSE-SU-2024:2283-1 Rating: important References: * bsc#1225771 Cross-References: * CVE-2024-5564 CVSS scores: * CVE-2024-5564 ( SUSE ): 7.5 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * Desktop Applications Module 15-SP5 * Desktop Applications Module 15-SP6 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for libndp fixes the following issues: * CVE-2024-5564: Add a check on the route information option length field. (bsc#1225771) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-2283=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-2283=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-2283=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-2283=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-2283=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-2283=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-2283=1 * Desktop Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP5-2024-2283=1 * Desktop Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2024-2283=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-2283=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-2283=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-2283=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-2283=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-2283=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-2283=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-2283=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-2283=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-2283=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-2283=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-2283=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-2283=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * libndp-devel-1.6-150000.3.3.1 * libndp-debugsource-1.6-150000.3.3.1 * libndp-1.6-150000.3.3.1 * libndp0-debuginfo-1.6-150000.3.3.1 * libndp-debuginfo-1.6-150000.3.3.1 * libndp0-1.6-150000.3.3.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * libndp-devel-1.6-150000.3.3.1 * libndp-debugsource-1.6-150000.3.3.1 * libndp-1.6-150000.3.3.1 * libndp0-debuginfo-1.6-150000.3.3.1 * libndp-debuginfo-1.6-150000.3.3.1 * libndp0-1.6-150000.3.3.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * libndp0-debuginfo-1.6-150000.3.3.1 * libndp-debuginfo-1.6-150000.3.3.1 * libndp-debugsource-1.6-150000.3.3.1 * libndp0-1.6-150000.3.3.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * libndp0-debuginfo-1.6-150000.3.3.1 * libndp-debuginfo-1.6-150000.3.3.1 * libndp-debugsource-1.6-150000.3.3.1 * libndp0-1.6-150000.3.3.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * libndp0-debuginfo-1.6-150000.3.3.1 * libndp-debuginfo-1.6-150000.3.3.1 * libndp-debugsource-1.6-150000.3.3.1 * libndp0-1.6-150000.3.3.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * libndp0-debuginfo-1.6-150000.3.3.1 * libndp-debuginfo-1.6-150000.3.3.1 * libndp-debugsource-1.6-150000.3.3.1 * libndp0-1.6-150000.3.3.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * libndp0-debuginfo-1.6-150000.3.3.1 * libndp-debuginfo-1.6-150000.3.3.1 * libndp-debugsource-1.6-150000.3.3.1 * libndp0-1.6-150000.3.3.1 * Desktop Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * libndp-devel-1.6-150000.3.3.1 * libndp-debugsource-1.6-150000.3.3.1 * libndp0-debuginfo-1.6-150000.3.3.1 * libndp-debuginfo-1.6-150000.3.3.1 * libndp0-1.6-150000.3.3.1 * Desktop Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libndp-devel-1.6-150000.3.3.1 * libndp-debugsource-1.6-150000.3.3.1 * libndp0-debuginfo-1.6-150000.3.3.1 * libndp-debuginfo-1.6-150000.3.3.1 * libndp0-1.6-150000.3.3.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * libndp-devel-1.6-150000.3.3.1 * libndp-debugsource-1.6-150000.3.3.1 * libndp0-debuginfo-1.6-150000.3.3.1 * libndp-debuginfo-1.6-150000.3.3.1 * libndp0-1.6-150000.3.3.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * libndp-devel-1.6-150000.3.3.1 * libndp-debugsource-1.6-150000.3.3.1 * libndp0-debuginfo-1.6-150000.3.3.1 * libndp-debuginfo-1.6-150000.3.3.1 * libndp0-1.6-150000.3.3.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * libndp-devel-1.6-150000.3.3.1 * libndp-debugsource-1.6-150000.3.3.1 * libndp0-debuginfo-1.6-150000.3.3.1 * libndp-debuginfo-1.6-150000.3.3.1 * libndp0-1.6-150000.3.3.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * libndp-devel-1.6-150000.3.3.1 * libndp-debugsource-1.6-150000.3.3.1 * libndp0-debuginfo-1.6-150000.3.3.1 * libndp-debuginfo-1.6-150000.3.3.1 * libndp0-1.6-150000.3.3.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * libndp-devel-1.6-150000.3.3.1 * libndp-debugsource-1.6-150000.3.3.1 * libndp0-debuginfo-1.6-150000.3.3.1 * libndp-debuginfo-1.6-150000.3.3.1 * libndp0-1.6-150000.3.3.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * libndp-devel-1.6-150000.3.3.1 * libndp-debugsource-1.6-150000.3.3.1 * libndp0-debuginfo-1.6-150000.3.3.1 * libndp-debuginfo-1.6-150000.3.3.1 * libndp0-1.6-150000.3.3.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * libndp-devel-1.6-150000.3.3.1 * libndp-debugsource-1.6-150000.3.3.1 * libndp0-debuginfo-1.6-150000.3.3.1 * libndp-debuginfo-1.6-150000.3.3.1 * libndp0-1.6-150000.3.3.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * libndp-devel-1.6-150000.3.3.1 * libndp-debugsource-1.6-150000.3.3.1 * libndp0-debuginfo-1.6-150000.3.3.1 * libndp-debuginfo-1.6-150000.3.3.1 * libndp0-1.6-150000.3.3.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * libndp-devel-1.6-150000.3.3.1 * libndp-debugsource-1.6-150000.3.3.1 * libndp0-debuginfo-1.6-150000.3.3.1 * libndp-debuginfo-1.6-150000.3.3.1 * libndp0-1.6-150000.3.3.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * libndp-devel-1.6-150000.3.3.1 * libndp-debugsource-1.6-150000.3.3.1 * libndp0-debuginfo-1.6-150000.3.3.1 * libndp-debuginfo-1.6-150000.3.3.1 * libndp0-1.6-150000.3.3.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * libndp-devel-1.6-150000.3.3.1 * libndp-debugsource-1.6-150000.3.3.1 * libndp0-debuginfo-1.6-150000.3.3.1 * libndp-debuginfo-1.6-150000.3.3.1 * libndp0-1.6-150000.3.3.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * libndp-devel-1.6-150000.3.3.1 * libndp-debugsource-1.6-150000.3.3.1 * libndp0-debuginfo-1.6-150000.3.3.1 * libndp-debuginfo-1.6-150000.3.3.1 * libndp0-1.6-150000.3.3.1 ## References: * https://www.suse.com/security/cve/CVE-2024-5564.html * https://bugzilla.suse.com/show_bug.cgi?id=1225771 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jul 3 12:30:44 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 03 Jul 2024 12:30:44 -0000 Subject: SUSE-SU-2024:2292-1: important: Security update for ghostscript Message-ID: <172000984459.15766.6743252530288622538@smelt2.prg2.suse.org> # Security update for ghostscript Announcement ID: SUSE-SU-2024:2292-1 Rating: important References: * bsc#1226944 * bsc#1226945 * bsc#1226946 Cross-References: * CVE-2024-29510 * CVE-2024-33869 * CVE-2024-33870 CVSS scores: * CVE-2024-29510 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2024-33869 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2024-33870 ( SUSE ): 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L Affected Products: * Basesystem Module 15-SP5 * Basesystem Module 15-SP6 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves three vulnerabilities can now be installed. ## Description: This update for ghostscript fixes the following issues: * CVE-2024-29510: Fixed an arbitrary path traversal when running in a permitted path (bsc#1226945). * CVE-2024-33870: Fixed a format string injection that could lead to command execution (bsc#1226944). * CVE-2024-33869: Fixed a path validation bypass that could lead to path traversal (bsc#1226946). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-2292=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-2292=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-2292=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-2292=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-2292=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-2292=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-2292=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-2292=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-2292=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-2292=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-2292=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-2292=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-2292=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-2292=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-2292=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-2292=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-2292=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-2292=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-2292=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * ghostscript-x11-debuginfo-9.52-150000.194.1 * ghostscript-x11-9.52-150000.194.1 * ghostscript-devel-9.52-150000.194.1 * ghostscript-debugsource-9.52-150000.194.1 * ghostscript-9.52-150000.194.1 * ghostscript-debuginfo-9.52-150000.194.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * ghostscript-x11-debuginfo-9.52-150000.194.1 * ghostscript-x11-9.52-150000.194.1 * ghostscript-devel-9.52-150000.194.1 * ghostscript-debugsource-9.52-150000.194.1 * ghostscript-9.52-150000.194.1 * ghostscript-debuginfo-9.52-150000.194.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * ghostscript-x11-debuginfo-9.52-150000.194.1 * ghostscript-x11-9.52-150000.194.1 * ghostscript-devel-9.52-150000.194.1 * ghostscript-debugsource-9.52-150000.194.1 * ghostscript-9.52-150000.194.1 * ghostscript-debuginfo-9.52-150000.194.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * ghostscript-x11-debuginfo-9.52-150000.194.1 * ghostscript-x11-9.52-150000.194.1 * ghostscript-devel-9.52-150000.194.1 * ghostscript-debugsource-9.52-150000.194.1 * ghostscript-9.52-150000.194.1 * ghostscript-debuginfo-9.52-150000.194.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * ghostscript-x11-debuginfo-9.52-150000.194.1 * ghostscript-x11-9.52-150000.194.1 * ghostscript-devel-9.52-150000.194.1 * ghostscript-debugsource-9.52-150000.194.1 * ghostscript-9.52-150000.194.1 * ghostscript-debuginfo-9.52-150000.194.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * ghostscript-x11-debuginfo-9.52-150000.194.1 * ghostscript-x11-9.52-150000.194.1 * ghostscript-devel-9.52-150000.194.1 * ghostscript-debugsource-9.52-150000.194.1 * ghostscript-9.52-150000.194.1 * ghostscript-debuginfo-9.52-150000.194.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * ghostscript-x11-debuginfo-9.52-150000.194.1 * ghostscript-x11-9.52-150000.194.1 * ghostscript-devel-9.52-150000.194.1 * ghostscript-debugsource-9.52-150000.194.1 * ghostscript-9.52-150000.194.1 * ghostscript-debuginfo-9.52-150000.194.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * ghostscript-x11-debuginfo-9.52-150000.194.1 * ghostscript-x11-9.52-150000.194.1 * ghostscript-devel-9.52-150000.194.1 * ghostscript-debugsource-9.52-150000.194.1 * ghostscript-9.52-150000.194.1 * ghostscript-debuginfo-9.52-150000.194.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * ghostscript-x11-debuginfo-9.52-150000.194.1 * ghostscript-x11-9.52-150000.194.1 * ghostscript-devel-9.52-150000.194.1 * ghostscript-debugsource-9.52-150000.194.1 * ghostscript-9.52-150000.194.1 * ghostscript-debuginfo-9.52-150000.194.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * ghostscript-x11-debuginfo-9.52-150000.194.1 * ghostscript-x11-9.52-150000.194.1 * ghostscript-devel-9.52-150000.194.1 * ghostscript-debugsource-9.52-150000.194.1 * ghostscript-9.52-150000.194.1 * ghostscript-debuginfo-9.52-150000.194.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * ghostscript-x11-debuginfo-9.52-150000.194.1 * ghostscript-x11-9.52-150000.194.1 * ghostscript-devel-9.52-150000.194.1 * ghostscript-debugsource-9.52-150000.194.1 * ghostscript-9.52-150000.194.1 * ghostscript-debuginfo-9.52-150000.194.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * ghostscript-x11-debuginfo-9.52-150000.194.1 * ghostscript-x11-9.52-150000.194.1 * ghostscript-devel-9.52-150000.194.1 * ghostscript-debugsource-9.52-150000.194.1 * ghostscript-9.52-150000.194.1 * ghostscript-debuginfo-9.52-150000.194.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * ghostscript-x11-debuginfo-9.52-150000.194.1 * ghostscript-x11-9.52-150000.194.1 * ghostscript-devel-9.52-150000.194.1 * ghostscript-debugsource-9.52-150000.194.1 * ghostscript-9.52-150000.194.1 * ghostscript-debuginfo-9.52-150000.194.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * ghostscript-x11-debuginfo-9.52-150000.194.1 * ghostscript-x11-9.52-150000.194.1 * ghostscript-devel-9.52-150000.194.1 * ghostscript-debugsource-9.52-150000.194.1 * ghostscript-9.52-150000.194.1 * ghostscript-debuginfo-9.52-150000.194.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * ghostscript-x11-debuginfo-9.52-150000.194.1 * ghostscript-x11-9.52-150000.194.1 * ghostscript-devel-9.52-150000.194.1 * ghostscript-debugsource-9.52-150000.194.1 * ghostscript-9.52-150000.194.1 * ghostscript-debuginfo-9.52-150000.194.1 * SUSE Manager Proxy 4.3 (x86_64) * ghostscript-x11-debuginfo-9.52-150000.194.1 * ghostscript-x11-9.52-150000.194.1 * ghostscript-devel-9.52-150000.194.1 * ghostscript-debugsource-9.52-150000.194.1 * ghostscript-9.52-150000.194.1 * ghostscript-debuginfo-9.52-150000.194.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * ghostscript-x11-debuginfo-9.52-150000.194.1 * ghostscript-x11-9.52-150000.194.1 * ghostscript-devel-9.52-150000.194.1 * ghostscript-debugsource-9.52-150000.194.1 * ghostscript-9.52-150000.194.1 * ghostscript-debuginfo-9.52-150000.194.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * ghostscript-x11-debuginfo-9.52-150000.194.1 * ghostscript-x11-9.52-150000.194.1 * ghostscript-devel-9.52-150000.194.1 * ghostscript-debugsource-9.52-150000.194.1 * ghostscript-9.52-150000.194.1 * ghostscript-debuginfo-9.52-150000.194.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * ghostscript-x11-debuginfo-9.52-150000.194.1 * ghostscript-x11-9.52-150000.194.1 * ghostscript-devel-9.52-150000.194.1 * ghostscript-debugsource-9.52-150000.194.1 * ghostscript-9.52-150000.194.1 * ghostscript-debuginfo-9.52-150000.194.1 ## References: * https://www.suse.com/security/cve/CVE-2024-29510.html * https://www.suse.com/security/cve/CVE-2024-33869.html * https://www.suse.com/security/cve/CVE-2024-33870.html * https://bugzilla.suse.com/show_bug.cgi?id=1226944 * https://bugzilla.suse.com/show_bug.cgi?id=1226945 * https://bugzilla.suse.com/show_bug.cgi?id=1226946 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jul 3 12:30:50 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 03 Jul 2024 12:30:50 -0000 Subject: SUSE-SU-2024:2290-1: low: Security update for libxml2 Message-ID: <172000985078.15766.14704050181761142612@smelt2.prg2.suse.org> # Security update for libxml2 Announcement ID: SUSE-SU-2024:2290-1 Rating: low References: * bsc#1224282 Cross-References: * CVE-2024-34459 CVSS scores: * CVE-2024-34459 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N Affected Products: * Basesystem Module 15-SP5 * Basesystem Module 15-SP6 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * Python 3 Module 15-SP5 * Python 3 Module 15-SP6 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for libxml2 fixes the following issues: * CVE-2024-34459: Fixed buffer over-read in xmlHTMLPrintFileContext in xmllint.c (bsc#1224282). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-2290=1 SUSE-2024-2290=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-2290=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-2290=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-2290=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-2290=1 * Python 3 Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Python3-15-SP5-2024-2290=1 * Python 3 Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Python3-15-SP6-2024-2290=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * libxml2-2-debuginfo-2.10.3-150500.5.17.1 * libxml2-tools-2.10.3-150500.5.17.1 * python3-libxml2-debuginfo-2.10.3-150500.5.17.1 * libxml2-2-2.10.3-150500.5.17.1 * python3-libxml2-2.10.3-150500.5.17.1 * libxml2-python-debugsource-2.10.3-150500.5.17.1 * python311-libxml2-2.10.3-150500.5.17.1 * libxml2-devel-2.10.3-150500.5.17.1 * libxml2-tools-debuginfo-2.10.3-150500.5.17.1 * libxml2-debugsource-2.10.3-150500.5.17.1 * python311-libxml2-debuginfo-2.10.3-150500.5.17.1 * openSUSE Leap 15.5 (x86_64) * libxml2-devel-32bit-2.10.3-150500.5.17.1 * libxml2-2-32bit-debuginfo-2.10.3-150500.5.17.1 * libxml2-2-32bit-2.10.3-150500.5.17.1 * openSUSE Leap 15.5 (noarch) * libxml2-doc-2.10.3-150500.5.17.1 * openSUSE Leap 15.5 (aarch64_ilp32) * libxml2-2-64bit-2.10.3-150500.5.17.1 * libxml2-devel-64bit-2.10.3-150500.5.17.1 * libxml2-2-64bit-debuginfo-2.10.3-150500.5.17.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * libxml2-2-debuginfo-2.10.3-150500.5.17.1 * libxml2-tools-2.10.3-150500.5.17.1 * python3-libxml2-debuginfo-2.10.3-150500.5.17.1 * libxml2-2-2.10.3-150500.5.17.1 * python3-libxml2-2.10.3-150500.5.17.1 * libxml2-python-debugsource-2.10.3-150500.5.17.1 * python311-libxml2-2.10.3-150500.5.17.1 * libxml2-devel-2.10.3-150500.5.17.1 * libxml2-tools-debuginfo-2.10.3-150500.5.17.1 * libxml2-debugsource-2.10.3-150500.5.17.1 * python311-libxml2-debuginfo-2.10.3-150500.5.17.1 * openSUSE Leap 15.6 (x86_64) * libxml2-devel-32bit-2.10.3-150500.5.17.1 * libxml2-2-32bit-debuginfo-2.10.3-150500.5.17.1 * libxml2-2-32bit-2.10.3-150500.5.17.1 * openSUSE Leap 15.6 (noarch) * libxml2-doc-2.10.3-150500.5.17.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * libxml2-2-debuginfo-2.10.3-150500.5.17.1 * libxml2-tools-2.10.3-150500.5.17.1 * python3-libxml2-debuginfo-2.10.3-150500.5.17.1 * libxml2-2-2.10.3-150500.5.17.1 * python3-libxml2-2.10.3-150500.5.17.1 * libxml2-python-debugsource-2.10.3-150500.5.17.1 * libxml2-tools-debuginfo-2.10.3-150500.5.17.1 * libxml2-debugsource-2.10.3-150500.5.17.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * libxml2-2-debuginfo-2.10.3-150500.5.17.1 * libxml2-tools-2.10.3-150500.5.17.1 * python3-libxml2-debuginfo-2.10.3-150500.5.17.1 * libxml2-2-2.10.3-150500.5.17.1 * python3-libxml2-2.10.3-150500.5.17.1 * libxml2-python-debugsource-2.10.3-150500.5.17.1 * libxml2-devel-2.10.3-150500.5.17.1 * libxml2-tools-debuginfo-2.10.3-150500.5.17.1 * libxml2-debugsource-2.10.3-150500.5.17.1 * Basesystem Module 15-SP5 (x86_64) * libxml2-2-32bit-debuginfo-2.10.3-150500.5.17.1 * libxml2-2-32bit-2.10.3-150500.5.17.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libxml2-2-debuginfo-2.10.3-150500.5.17.1 * libxml2-tools-2.10.3-150500.5.17.1 * python3-libxml2-debuginfo-2.10.3-150500.5.17.1 * libxml2-2-2.10.3-150500.5.17.1 * python3-libxml2-2.10.3-150500.5.17.1 * libxml2-python-debugsource-2.10.3-150500.5.17.1 * libxml2-devel-2.10.3-150500.5.17.1 * libxml2-tools-debuginfo-2.10.3-150500.5.17.1 * libxml2-debugsource-2.10.3-150500.5.17.1 * Basesystem Module 15-SP6 (x86_64) * libxml2-2-32bit-debuginfo-2.10.3-150500.5.17.1 * libxml2-2-32bit-2.10.3-150500.5.17.1 * Python 3 Module 15-SP5 (aarch64 ppc64le s390x x86_64) * python311-libxml2-debuginfo-2.10.3-150500.5.17.1 * python311-libxml2-2.10.3-150500.5.17.1 * Python 3 Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libxml2-python-debugsource-2.10.3-150500.5.17.1 * python311-libxml2-debuginfo-2.10.3-150500.5.17.1 * python311-libxml2-2.10.3-150500.5.17.1 ## References: * https://www.suse.com/security/cve/CVE-2024-34459.html * https://bugzilla.suse.com/show_bug.cgi?id=1224282 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jul 3 16:30:03 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 03 Jul 2024 16:30:03 -0000 Subject: SUSE-SU-2024:2293-1: important: Security update for emacs Message-ID: <172002420317.23411.11724671250456574410@smelt2.prg2.suse.org> # Security update for emacs Announcement ID: SUSE-SU-2024:2293-1 Rating: important References: * bsc#1226957 Cross-References: * CVE-2024-39331 CVSS scores: * CVE-2024-39331 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for emacs fixes the following issues: * CVE-2024-39331: Fixed evaluation of arbitrary unsafe Elisp code in Org mode (bsc#1226957). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-2293=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-2293=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-2293=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * emacs-nox-debuginfo-24.3-25.20.1 * etags-24.3-25.20.1 * emacs-x11-24.3-25.20.1 * etags-debuginfo-24.3-25.20.1 * emacs-debuginfo-24.3-25.20.1 * emacs-x11-debuginfo-24.3-25.20.1 * emacs-24.3-25.20.1 * emacs-debugsource-24.3-25.20.1 * emacs-nox-24.3-25.20.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (noarch) * emacs-el-24.3-25.20.1 * emacs-info-24.3-25.20.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * emacs-nox-debuginfo-24.3-25.20.1 * etags-24.3-25.20.1 * emacs-x11-24.3-25.20.1 * etags-debuginfo-24.3-25.20.1 * emacs-debuginfo-24.3-25.20.1 * emacs-x11-debuginfo-24.3-25.20.1 * emacs-24.3-25.20.1 * emacs-debugsource-24.3-25.20.1 * emacs-nox-24.3-25.20.1 * SUSE Linux Enterprise Server 12 SP5 (noarch) * emacs-el-24.3-25.20.1 * emacs-info-24.3-25.20.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * emacs-nox-debuginfo-24.3-25.20.1 * etags-24.3-25.20.1 * emacs-x11-24.3-25.20.1 * etags-debuginfo-24.3-25.20.1 * emacs-debuginfo-24.3-25.20.1 * emacs-x11-debuginfo-24.3-25.20.1 * emacs-24.3-25.20.1 * emacs-debugsource-24.3-25.20.1 * emacs-nox-24.3-25.20.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (noarch) * emacs-el-24.3-25.20.1 * emacs-info-24.3-25.20.1 ## References: * https://www.suse.com/security/cve/CVE-2024-39331.html * https://bugzilla.suse.com/show_bug.cgi?id=1226957 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jul 3 20:30:02 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 03 Jul 2024 20:30:02 -0000 Subject: SUSE-SU-2024:2295-1: important: Security update for go1.22 Message-ID: <172003860205.332.9414990444557069624@smelt2.prg2.suse.org> # Security update for go1.22 Announcement ID: SUSE-SU-2024:2295-1 Rating: important References: * bsc#1218424 * bsc#1227314 Cross-References: * CVE-2024-24791 CVSS scores: * CVE-2024-24791 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for go1.22 fixes the following issues: Updated to version 1.22.5 (bsc#1218424): * CVE-2024-24791: Fixed a potential denial of service due to improper handling of HTTP 100-continue headers (bsc#1227314). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-2295=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * go1.22-1.22.5-1.15.1 * go1.22-doc-1.22.5-1.15.1 ## References: * https://www.suse.com/security/cve/CVE-2024-24791.html * https://bugzilla.suse.com/show_bug.cgi?id=1218424 * https://bugzilla.suse.com/show_bug.cgi?id=1227314 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jul 3 20:30:03 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 03 Jul 2024 20:30:03 -0000 Subject: SUSE-SU-2024:2294-1: important: Security update for go1.21 Message-ID: <172003860343.332.9902630914007077940@smelt2.prg2.suse.org> # Security update for go1.21 Announcement ID: SUSE-SU-2024:2294-1 Rating: important References: * bsc#1212475 * bsc#1227314 Cross-References: * CVE-2024-24791 CVSS scores: * CVE-2024-24791 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for go1.21 fixes the following issues: Updated to version 1.21.12 (bsc#1212475): * CVE-2024-24791: Fixed a potential denial of service due to improper handling of HTTP 100-continue headers (bsc#1227314). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-2294=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * go1.21-1.21.12-1.39.1 * go1.21-doc-1.21.12-1.39.1 ## References: * https://www.suse.com/security/cve/CVE-2024-24791.html * https://bugzilla.suse.com/show_bug.cgi?id=1212475 * https://bugzilla.suse.com/show_bug.cgi?id=1227314 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Jul 4 08:30:04 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 04 Jul 2024 08:30:04 -0000 Subject: SUSE-SU-2024:2298-1: moderate: Security update for openCryptoki Message-ID: <172008180488.18020.541154475646247270@smelt2.prg2.suse.org> # Security update for openCryptoki Announcement ID: SUSE-SU-2024:2298-1 Rating: moderate References: * bsc#1219217 * bsc#1220266 Cross-References: * CVE-2024-0914 CVSS scores: * CVE-2024-0914 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-0914 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for openCryptoki fixes the following issues: openCryptoki was updated to version to 3.17.0 (bsc#1220266, bsc#1219217) * openCryptoki 3.17 * tools: added function to list keys to p11sak * common: added support for OpenSSL 3.0 * common: added support for event notifications * ICA: added SW fallbacks * openCryptoki 3.16 * EP11: protected-key option * EP11: support attribute-bound keys * CCA: import and export of secure key objects * Bug fixes * openCryptoki 3.15.1 * Bug fixes * openCryptoki 3.15 * common: conform to PKCS 11 3.0 Baseline Provider profile * Introduce new vendor defined interface named "Vendor IBM" * Support C_IBM_ReencryptSingle via "Vendor IBM" interface * CCA: support key wrapping * SOFT: support ECC * p11sak tool: add remove-key command * Bug fixes * openCryptoki 3.14 * EP11: Dilitium support stage 2 * Common: Rework on process and thread locking * Common: Rework on btree and object locking * ICSF: minor fixes * TPM, ICA, ICSF: support multiple token instances * new tool p11sak * openCryptoki 3.13.0 * EP11: Dilithium support * EP11: EdDSA support * EP11: support RSA-OAEP with non-SHA1 hash and MGF * openCryptoki 3.12.1 * Fix pkcsep11_migrate tool * openCryptoki 3.12.0 * Update token pin and data store encryption for soft,ica,cca and ep11 * EP11: Allow importing of compressed EC public keys * EP11: Add support for the CMAC mechanisms * EP11: Add support for the IBM-SHA3 mechanisms * SOFT: Add AES-CMAC and 3DES-CMAC support to the soft token * ICA: Add AES-CMAC and 3DES-CMAC support to the ICA token * EP11: Add config option USE_PRANDOM * CCA: Use Random Number Generate Long for token_specific_rng() * Common rng function: Prefer /dev/prandom over /dev/urandom * ICA: add SHA*_RSA_PKCS_PSS mechanisms * Bug fixes ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-2298=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-2298=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-2298=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-2298=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * openCryptoki-debugsource-3.17.0-5.9.2 * openCryptoki-devel-3.17.0-5.9.2 * openCryptoki-debuginfo-3.17.0-5.9.2 * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * openCryptoki-debugsource-3.17.0-5.9.2 * openCryptoki-debuginfo-3.17.0-5.9.2 * openCryptoki-3.17.0-5.9.2 * SUSE Linux Enterprise High Performance Computing 12 SP5 (x86_64) * openCryptoki-64bit-3.17.0-5.9.2 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * openCryptoki-debugsource-3.17.0-5.9.2 * openCryptoki-debuginfo-3.17.0-5.9.2 * openCryptoki-3.17.0-5.9.2 * SUSE Linux Enterprise Server 12 SP5 (ppc64le s390x x86_64) * openCryptoki-64bit-3.17.0-5.9.2 * SUSE Linux Enterprise Server 12 SP5 (s390) * openCryptoki-32bit-3.17.0-5.9.2 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * openCryptoki-debugsource-3.17.0-5.9.2 * openCryptoki-64bit-3.17.0-5.9.2 * openCryptoki-debuginfo-3.17.0-5.9.2 * openCryptoki-3.17.0-5.9.2 ## References: * https://www.suse.com/security/cve/CVE-2024-0914.html * https://bugzilla.suse.com/show_bug.cgi?id=1219217 * https://bugzilla.suse.com/show_bug.cgi?id=1220266 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Jul 4 08:30:06 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 04 Jul 2024 08:30:06 -0000 Subject: SUSE-SU-2024:2297-1: important: Security update for emacs Message-ID: <172008180690.18020.9437457571730501293@smelt2.prg2.suse.org> # Security update for emacs Announcement ID: SUSE-SU-2024:2297-1 Rating: important References: * bsc#1222050 * bsc#1222052 * bsc#1222053 * bsc#1226957 Cross-References: * CVE-2024-30203 * CVE-2024-30204 * CVE-2024-30205 * CVE-2024-39331 CVSS scores: * CVE-2024-30203 ( SUSE ): 2.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L * CVE-2024-30204 ( SUSE ): 2.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L * CVE-2024-30205 ( SUSE ): 2.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L * CVE-2024-39331 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves four vulnerabilities can now be installed. ## Description: This update for emacs fixes the following issues: * CVE-2024-30203: Fixed denial of service via MIME contents (bsc#1222053). * CVE-2024-30204: Fixed denial of service via LaTeX preview in e-mail attachments (bsc#1222052). * CVE-2024-30204: Fixed Org mode considers contents of remote files to be trusted (bsc#1222050). * CVE-2024-39331: Fixed evaluation of arbitrary unsafe Elisp code in Org mode (bsc#1226957). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-2297=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-2297=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-2297=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-2297=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-2297=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-2297=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-2297=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * emacs-debugsource-25.3-150000.3.22.1 * emacs-x11-25.3-150000.3.22.1 * emacs-25.3-150000.3.22.1 * etags-25.3-150000.3.22.1 * etags-debuginfo-25.3-150000.3.22.1 * emacs-nox-debuginfo-25.3-150000.3.22.1 * emacs-nox-25.3-150000.3.22.1 * emacs-x11-debuginfo-25.3-150000.3.22.1 * emacs-debuginfo-25.3-150000.3.22.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (noarch) * emacs-el-25.3-150000.3.22.1 * emacs-info-25.3-150000.3.22.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * emacs-debugsource-25.3-150000.3.22.1 * emacs-x11-25.3-150000.3.22.1 * emacs-25.3-150000.3.22.1 * etags-25.3-150000.3.22.1 * etags-debuginfo-25.3-150000.3.22.1 * emacs-nox-debuginfo-25.3-150000.3.22.1 * emacs-nox-25.3-150000.3.22.1 * emacs-x11-debuginfo-25.3-150000.3.22.1 * emacs-debuginfo-25.3-150000.3.22.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * emacs-el-25.3-150000.3.22.1 * emacs-info-25.3-150000.3.22.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * emacs-debugsource-25.3-150000.3.22.1 * emacs-x11-25.3-150000.3.22.1 * emacs-25.3-150000.3.22.1 * etags-25.3-150000.3.22.1 * etags-debuginfo-25.3-150000.3.22.1 * emacs-nox-debuginfo-25.3-150000.3.22.1 * emacs-nox-25.3-150000.3.22.1 * emacs-x11-debuginfo-25.3-150000.3.22.1 * emacs-debuginfo-25.3-150000.3.22.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (noarch) * emacs-el-25.3-150000.3.22.1 * emacs-info-25.3-150000.3.22.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * emacs-debugsource-25.3-150000.3.22.1 * emacs-x11-25.3-150000.3.22.1 * emacs-25.3-150000.3.22.1 * etags-25.3-150000.3.22.1 * etags-debuginfo-25.3-150000.3.22.1 * emacs-nox-debuginfo-25.3-150000.3.22.1 * emacs-nox-25.3-150000.3.22.1 * emacs-x11-debuginfo-25.3-150000.3.22.1 * emacs-debuginfo-25.3-150000.3.22.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch) * emacs-el-25.3-150000.3.22.1 * emacs-info-25.3-150000.3.22.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * emacs-debugsource-25.3-150000.3.22.1 * emacs-x11-25.3-150000.3.22.1 * emacs-25.3-150000.3.22.1 * etags-25.3-150000.3.22.1 * etags-debuginfo-25.3-150000.3.22.1 * emacs-nox-debuginfo-25.3-150000.3.22.1 * emacs-nox-25.3-150000.3.22.1 * emacs-x11-debuginfo-25.3-150000.3.22.1 * emacs-debuginfo-25.3-150000.3.22.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (noarch) * emacs-el-25.3-150000.3.22.1 * emacs-info-25.3-150000.3.22.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * emacs-debugsource-25.3-150000.3.22.1 * emacs-x11-25.3-150000.3.22.1 * emacs-25.3-150000.3.22.1 * etags-25.3-150000.3.22.1 * etags-debuginfo-25.3-150000.3.22.1 * emacs-nox-debuginfo-25.3-150000.3.22.1 * emacs-nox-25.3-150000.3.22.1 * emacs-x11-debuginfo-25.3-150000.3.22.1 * emacs-debuginfo-25.3-150000.3.22.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * emacs-el-25.3-150000.3.22.1 * emacs-info-25.3-150000.3.22.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * emacs-debugsource-25.3-150000.3.22.1 * emacs-x11-25.3-150000.3.22.1 * emacs-25.3-150000.3.22.1 * etags-25.3-150000.3.22.1 * etags-debuginfo-25.3-150000.3.22.1 * emacs-nox-debuginfo-25.3-150000.3.22.1 * emacs-nox-25.3-150000.3.22.1 * emacs-x11-debuginfo-25.3-150000.3.22.1 * emacs-debuginfo-25.3-150000.3.22.1 * SUSE Enterprise Storage 7.1 (noarch) * emacs-el-25.3-150000.3.22.1 * emacs-info-25.3-150000.3.22.1 ## References: * https://www.suse.com/security/cve/CVE-2024-30203.html * https://www.suse.com/security/cve/CVE-2024-30204.html * https://www.suse.com/security/cve/CVE-2024-30205.html * https://www.suse.com/security/cve/CVE-2024-39331.html * https://bugzilla.suse.com/show_bug.cgi?id=1222050 * https://bugzilla.suse.com/show_bug.cgi?id=1222052 * https://bugzilla.suse.com/show_bug.cgi?id=1222053 * https://bugzilla.suse.com/show_bug.cgi?id=1226957 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Jul 4 08:30:09 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 04 Jul 2024 08:30:09 -0000 Subject: SUSE-SU-2024:2275-2: important: Security update for openssh Message-ID: <172008180950.18020.8595664040819115436@smelt2.prg2.suse.org> # Security update for openssh Announcement ID: SUSE-SU-2024:2275-2 Rating: important References: * bsc#1226642 Cross-References: * CVE-2024-6387 CVSS scores: * CVE-2024-6387 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.6 An update that solves one vulnerability can now be installed. ## Description: This update for openssh fixes the following issues: * CVE-2024-6387: Fixed race condition in a signal handler (bsc#1226642) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-2275=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * openssh-clients-debuginfo-9.6p1-150600.6.3.1 * openssh-askpass-gnome-debugsource-9.6p1-150600.6.3.1 * openssh-askpass-gnome-9.6p1-150600.6.3.1 * openssh-helpers-debuginfo-9.6p1-150600.6.3.1 * openssh-server-config-disallow-rootlogin-9.6p1-150600.6.3.1 * openssh-clients-9.6p1-150600.6.3.1 * openssh-helpers-9.6p1-150600.6.3.1 * openssh-9.6p1-150600.6.3.1 * openssh-debuginfo-9.6p1-150600.6.3.1 * openssh-fips-9.6p1-150600.6.3.1 * openssh-debugsource-9.6p1-150600.6.3.1 * openssh-server-9.6p1-150600.6.3.1 * openssh-common-debuginfo-9.6p1-150600.6.3.1 * openssh-cavs-debuginfo-9.6p1-150600.6.3.1 * openssh-askpass-gnome-debuginfo-9.6p1-150600.6.3.1 * openssh-server-debuginfo-9.6p1-150600.6.3.1 * openssh-common-9.6p1-150600.6.3.1 * openssh-cavs-9.6p1-150600.6.3.1 ## References: * https://www.suse.com/security/cve/CVE-2024-6387.html * https://bugzilla.suse.com/show_bug.cgi?id=1226642 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Jul 4 12:30:02 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 04 Jul 2024 12:30:02 -0000 Subject: SUSE-SU-2024:2300-1: important: Security update for krb5 Message-ID: <172009620256.1133.12529432593479155018@smelt2.prg2.suse.org> # Security update for krb5 Announcement ID: SUSE-SU-2024:2300-1 Rating: important References: * bsc#1227186 * bsc#1227187 Cross-References: * CVE-2024-37370 * CVE-2024-37371 CVSS scores: * CVE-2024-37370 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H * CVE-2024-37371 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 An update that solves two vulnerabilities can now be installed. ## Description: This update for krb5 fixes the following issues: * CVE-2024-37370: Fixed confidential GSS krb5 wrap tokens with invalid fields were errouneously accepted (bsc#1227186). * CVE-2024-37371: Fixed invalid memory read when processing message tokens with invalid length fields (bsc#1227187). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-2300=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-2300=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-2300=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-2300=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * krb5-debugsource-1.16.3-46.15.1 * krb5-devel-1.16.3-46.15.1 * krb5-debuginfo-1.16.3-46.15.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * krb5-plugin-preauth-otp-debuginfo-1.16.3-46.15.1 * krb5-server-1.16.3-46.15.1 * krb5-plugin-kdb-ldap-1.16.3-46.15.1 * krb5-server-debuginfo-1.16.3-46.15.1 * krb5-plugin-preauth-pkinit-1.16.3-46.15.1 * krb5-doc-1.16.3-46.15.1 * krb5-plugin-preauth-pkinit-debuginfo-1.16.3-46.15.1 * krb5-plugin-preauth-otp-1.16.3-46.15.1 * krb5-plugin-kdb-ldap-debuginfo-1.16.3-46.15.1 * krb5-debuginfo-1.16.3-46.15.1 * krb5-client-1.16.3-46.15.1 * krb5-debugsource-1.16.3-46.15.1 * krb5-client-debuginfo-1.16.3-46.15.1 * krb5-1.16.3-46.15.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (x86_64) * krb5-32bit-1.16.3-46.15.1 * krb5-debuginfo-32bit-1.16.3-46.15.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * krb5-plugin-preauth-otp-debuginfo-1.16.3-46.15.1 * krb5-server-1.16.3-46.15.1 * krb5-plugin-kdb-ldap-1.16.3-46.15.1 * krb5-server-debuginfo-1.16.3-46.15.1 * krb5-plugin-preauth-pkinit-1.16.3-46.15.1 * krb5-doc-1.16.3-46.15.1 * krb5-plugin-preauth-pkinit-debuginfo-1.16.3-46.15.1 * krb5-plugin-preauth-otp-1.16.3-46.15.1 * krb5-plugin-kdb-ldap-debuginfo-1.16.3-46.15.1 * krb5-debuginfo-1.16.3-46.15.1 * krb5-client-1.16.3-46.15.1 * krb5-debugsource-1.16.3-46.15.1 * krb5-client-debuginfo-1.16.3-46.15.1 * krb5-1.16.3-46.15.1 * SUSE Linux Enterprise Server 12 SP5 (s390x x86_64) * krb5-32bit-1.16.3-46.15.1 * krb5-debuginfo-32bit-1.16.3-46.15.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * krb5-plugin-preauth-otp-debuginfo-1.16.3-46.15.1 * krb5-server-1.16.3-46.15.1 * krb5-plugin-kdb-ldap-1.16.3-46.15.1 * krb5-server-debuginfo-1.16.3-46.15.1 * krb5-plugin-preauth-pkinit-1.16.3-46.15.1 * krb5-doc-1.16.3-46.15.1 * krb5-plugin-preauth-pkinit-debuginfo-1.16.3-46.15.1 * krb5-plugin-preauth-otp-1.16.3-46.15.1 * krb5-plugin-kdb-ldap-debuginfo-1.16.3-46.15.1 * krb5-debuginfo-1.16.3-46.15.1 * krb5-client-1.16.3-46.15.1 * krb5-debugsource-1.16.3-46.15.1 * krb5-client-debuginfo-1.16.3-46.15.1 * krb5-1.16.3-46.15.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (x86_64) * krb5-32bit-1.16.3-46.15.1 * krb5-debuginfo-32bit-1.16.3-46.15.1 ## References: * https://www.suse.com/security/cve/CVE-2024-37370.html * https://www.suse.com/security/cve/CVE-2024-37371.html * https://bugzilla.suse.com/show_bug.cgi?id=1227186 * https://bugzilla.suse.com/show_bug.cgi?id=1227187 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Jul 4 12:30:05 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 04 Jul 2024 12:30:05 -0000 Subject: SUSE-SU-2024:2299-1: important: Security update for apache2-mod_auth_openidc Message-ID: <172009620553.1133.10978549662708441382@smelt2.prg2.suse.org> # Security update for apache2-mod_auth_openidc Announcement ID: SUSE-SU-2024:2299-1 Rating: important References: * bsc#1219911 * bsc#1227261 Cross-References: * CVE-2024-24814 CVSS scores: * CVE-2024-24814 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.6 * Server Applications Module 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for apache2-mod_auth_openidc fixes the following issues: * CVE-2024-24814: Fixed a bug that can led to DoS when `OIDCSessionType client-cookie` is set and a crafted Cookie header is supplied. (bsc#1219911) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-2299=1 SUSE-2024-2299=1 * Server Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2024-2299=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * apache2-mod_auth_openidc-2.3.8-150600.16.5.1 * apache2-mod_auth_openidc-debugsource-2.3.8-150600.16.5.1 * apache2-mod_auth_openidc-debuginfo-2.3.8-150600.16.5.1 * Server Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * apache2-mod_auth_openidc-2.3.8-150600.16.5.1 * apache2-mod_auth_openidc-debugsource-2.3.8-150600.16.5.1 * apache2-mod_auth_openidc-debuginfo-2.3.8-150600.16.5.1 ## References: * https://www.suse.com/security/cve/CVE-2024-24814.html * https://bugzilla.suse.com/show_bug.cgi?id=1219911 * https://bugzilla.suse.com/show_bug.cgi?id=1227261 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Jul 4 16:30:05 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 04 Jul 2024 16:30:05 -0000 Subject: SUSE-SU-2024:2304-1: moderate: Security update for cockpit Message-ID: <172011060519.15102.1349757702302826@smelt2.prg2.suse.org> # Security update for cockpit Announcement ID: SUSE-SU-2024:2304-1 Rating: moderate References: * bsc#1226040 Cross-References: * CVE-2024-6126 CVSS scores: * CVE-2024-6126 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Micro 5.5 An update that solves one vulnerability can now be installed. ## Description: This update for cockpit fixes the following issues: * CVE-2024-6126: Fixed Integer overflow in pam_sm_close_session() (bsc#1226040). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-2304=1 ## Package List: * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * cockpit-298-150500.3.6.1 * cockpit-bridge-debuginfo-298-150500.3.6.1 * cockpit-bridge-298-150500.3.6.1 * cockpit-debuginfo-298-150500.3.6.1 * cockpit-ws-298-150500.3.6.1 * cockpit-debugsource-298-150500.3.6.1 * cockpit-ws-debuginfo-298-150500.3.6.1 * SUSE Linux Enterprise Micro 5.5 (noarch) * cockpit-system-298-150500.3.6.1 * cockpit-selinux-298-150500.3.6.1 * cockpit-storaged-298-150500.3.6.1 * cockpit-networkmanager-298-150500.3.6.1 ## References: * https://www.suse.com/security/cve/CVE-2024-6126.html * https://bugzilla.suse.com/show_bug.cgi?id=1226040 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Jul 4 16:30:06 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 04 Jul 2024 16:30:06 -0000 Subject: SUSE-SU-2024:2303-1: important: Security update for krb5 Message-ID: <172011060683.15102.1627466317686362022@smelt2.prg2.suse.org> # Security update for krb5 Announcement ID: SUSE-SU-2024:2303-1 Rating: important References: * bsc#1227186 * bsc#1227187 Cross-References: * CVE-2024-37370 * CVE-2024-37371 CVSS scores: * CVE-2024-37370 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H * CVE-2024-37371 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves two vulnerabilities can now be installed. ## Description: This update for krb5 fixes the following issues: * CVE-2024-37370: Fixed confidential GSS krb5 wrap tokens with invalid fields were errouneously accepted (bsc#1227186). * CVE-2024-37371: Fixed invalid memory read when processing message tokens with invalid length fields (bsc#1227187). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-2303=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-2303=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-2303=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-2303=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-2303=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-2303=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-2303=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-2303=1 ## Package List: * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * krb5-plugin-kdb-ldap-debuginfo-1.19.2-150300.19.1 * krb5-plugin-preauth-otp-1.19.2-150300.19.1 * krb5-1.19.2-150300.19.1 * krb5-debugsource-1.19.2-150300.19.1 * krb5-plugin-preauth-otp-debuginfo-1.19.2-150300.19.1 * krb5-plugin-preauth-pkinit-debuginfo-1.19.2-150300.19.1 * krb5-plugin-kdb-ldap-1.19.2-150300.19.1 * krb5-server-1.19.2-150300.19.1 * krb5-client-1.19.2-150300.19.1 * krb5-server-debuginfo-1.19.2-150300.19.1 * krb5-mini-debuginfo-1.19.2-150300.19.1 * krb5-plugin-preauth-spake-1.19.2-150300.19.1 * krb5-debuginfo-1.19.2-150300.19.1 * krb5-plugin-preauth-spake-debuginfo-1.19.2-150300.19.1 * krb5-mini-debugsource-1.19.2-150300.19.1 * krb5-mini-devel-1.19.2-150300.19.1 * krb5-devel-1.19.2-150300.19.1 * krb5-mini-1.19.2-150300.19.1 * krb5-plugin-preauth-pkinit-1.19.2-150300.19.1 * krb5-client-debuginfo-1.19.2-150300.19.1 * openSUSE Leap 15.3 (x86_64) * krb5-devel-32bit-1.19.2-150300.19.1 * krb5-32bit-1.19.2-150300.19.1 * krb5-32bit-debuginfo-1.19.2-150300.19.1 * openSUSE Leap 15.3 (aarch64_ilp32) * krb5-64bit-debuginfo-1.19.2-150300.19.1 * krb5-devel-64bit-1.19.2-150300.19.1 * krb5-64bit-1.19.2-150300.19.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * krb5-plugin-kdb-ldap-debuginfo-1.19.2-150300.19.1 * krb5-plugin-preauth-otp-1.19.2-150300.19.1 * krb5-debugsource-1.19.2-150300.19.1 * krb5-1.19.2-150300.19.1 * krb5-plugin-preauth-otp-debuginfo-1.19.2-150300.19.1 * krb5-plugin-preauth-pkinit-debuginfo-1.19.2-150300.19.1 * krb5-plugin-kdb-ldap-1.19.2-150300.19.1 * krb5-server-1.19.2-150300.19.1 * krb5-client-1.19.2-150300.19.1 * krb5-server-debuginfo-1.19.2-150300.19.1 * krb5-plugin-preauth-spake-1.19.2-150300.19.1 * krb5-plugin-preauth-spake-debuginfo-1.19.2-150300.19.1 * krb5-debuginfo-1.19.2-150300.19.1 * krb5-devel-1.19.2-150300.19.1 * krb5-plugin-preauth-pkinit-1.19.2-150300.19.1 * krb5-client-debuginfo-1.19.2-150300.19.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (x86_64) * krb5-32bit-1.19.2-150300.19.1 * krb5-32bit-debuginfo-1.19.2-150300.19.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * krb5-plugin-kdb-ldap-debuginfo-1.19.2-150300.19.1 * krb5-plugin-preauth-otp-1.19.2-150300.19.1 * krb5-debugsource-1.19.2-150300.19.1 * krb5-1.19.2-150300.19.1 * krb5-plugin-preauth-otp-debuginfo-1.19.2-150300.19.1 * krb5-plugin-preauth-pkinit-debuginfo-1.19.2-150300.19.1 * krb5-plugin-kdb-ldap-1.19.2-150300.19.1 * krb5-server-1.19.2-150300.19.1 * krb5-client-1.19.2-150300.19.1 * krb5-server-debuginfo-1.19.2-150300.19.1 * krb5-plugin-preauth-spake-1.19.2-150300.19.1 * krb5-plugin-preauth-spake-debuginfo-1.19.2-150300.19.1 * krb5-debuginfo-1.19.2-150300.19.1 * krb5-devel-1.19.2-150300.19.1 * krb5-plugin-preauth-pkinit-1.19.2-150300.19.1 * krb5-client-debuginfo-1.19.2-150300.19.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (x86_64) * krb5-32bit-1.19.2-150300.19.1 * krb5-32bit-debuginfo-1.19.2-150300.19.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * krb5-plugin-kdb-ldap-debuginfo-1.19.2-150300.19.1 * krb5-plugin-preauth-otp-1.19.2-150300.19.1 * krb5-debugsource-1.19.2-150300.19.1 * krb5-1.19.2-150300.19.1 * krb5-plugin-preauth-otp-debuginfo-1.19.2-150300.19.1 * krb5-plugin-preauth-pkinit-debuginfo-1.19.2-150300.19.1 * krb5-plugin-kdb-ldap-1.19.2-150300.19.1 * krb5-server-1.19.2-150300.19.1 * krb5-client-1.19.2-150300.19.1 * krb5-server-debuginfo-1.19.2-150300.19.1 * krb5-plugin-preauth-spake-1.19.2-150300.19.1 * krb5-plugin-preauth-spake-debuginfo-1.19.2-150300.19.1 * krb5-debuginfo-1.19.2-150300.19.1 * krb5-devel-1.19.2-150300.19.1 * krb5-plugin-preauth-pkinit-1.19.2-150300.19.1 * krb5-client-debuginfo-1.19.2-150300.19.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (x86_64) * krb5-32bit-1.19.2-150300.19.1 * krb5-32bit-debuginfo-1.19.2-150300.19.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * krb5-plugin-kdb-ldap-debuginfo-1.19.2-150300.19.1 * krb5-plugin-preauth-otp-1.19.2-150300.19.1 * krb5-debugsource-1.19.2-150300.19.1 * krb5-1.19.2-150300.19.1 * krb5-plugin-preauth-otp-debuginfo-1.19.2-150300.19.1 * krb5-plugin-preauth-pkinit-debuginfo-1.19.2-150300.19.1 * krb5-plugin-kdb-ldap-1.19.2-150300.19.1 * krb5-server-1.19.2-150300.19.1 * krb5-client-1.19.2-150300.19.1 * krb5-server-debuginfo-1.19.2-150300.19.1 * krb5-plugin-preauth-spake-1.19.2-150300.19.1 * krb5-plugin-preauth-spake-debuginfo-1.19.2-150300.19.1 * krb5-debuginfo-1.19.2-150300.19.1 * krb5-devel-1.19.2-150300.19.1 * krb5-plugin-preauth-pkinit-1.19.2-150300.19.1 * krb5-client-debuginfo-1.19.2-150300.19.1 * SUSE Enterprise Storage 7.1 (x86_64) * krb5-32bit-1.19.2-150300.19.1 * krb5-32bit-debuginfo-1.19.2-150300.19.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * krb5-debugsource-1.19.2-150300.19.1 * krb5-1.19.2-150300.19.1 * krb5-debuginfo-1.19.2-150300.19.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * krb5-debugsource-1.19.2-150300.19.1 * krb5-1.19.2-150300.19.1 * krb5-debuginfo-1.19.2-150300.19.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * krb5-debugsource-1.19.2-150300.19.1 * krb5-1.19.2-150300.19.1 * krb5-debuginfo-1.19.2-150300.19.1 ## References: * https://www.suse.com/security/cve/CVE-2024-37370.html * https://www.suse.com/security/cve/CVE-2024-37371.html * https://bugzilla.suse.com/show_bug.cgi?id=1227186 * https://bugzilla.suse.com/show_bug.cgi?id=1227187 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Jul 4 16:30:08 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 04 Jul 2024 16:30:08 -0000 Subject: SUSE-SU-2024:2302-1: important: Security update for krb5 Message-ID: <172011060890.15102.8724650488425538958@smelt2.prg2.suse.org> # Security update for krb5 Announcement ID: SUSE-SU-2024:2302-1 Rating: important References: * bsc#1227186 * bsc#1227187 Cross-References: * CVE-2024-37370 * CVE-2024-37371 CVSS scores: * CVE-2024-37370 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H * CVE-2024-37371 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.5 * Server Applications Module 15-SP5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves two vulnerabilities can now be installed. ## Description: This update for krb5 fixes the following issues: * CVE-2024-37370: Fixed confidential GSS krb5 wrap tokens with invalid fields were errouneously accepted (bsc#1227186). * CVE-2024-37371: Fixed invalid memory read when processing message tokens with invalid length fields (bsc#1227187). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-2302=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-2302=1 * Server Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP5-2024-2302=1 * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-2302=1 openSUSE-SLE-15.5-2024-2302=1 ## Package List: * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * krb5-debugsource-1.20.1-150500.3.9.1 * krb5-debuginfo-1.20.1-150500.3.9.1 * krb5-1.20.1-150500.3.9.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * krb5-plugin-preauth-otp-1.20.1-150500.3.9.1 * krb5-plugin-preauth-otp-debuginfo-1.20.1-150500.3.9.1 * krb5-1.20.1-150500.3.9.1 * krb5-debuginfo-1.20.1-150500.3.9.1 * krb5-plugin-preauth-pkinit-1.20.1-150500.3.9.1 * krb5-plugin-preauth-pkinit-debuginfo-1.20.1-150500.3.9.1 * krb5-client-1.20.1-150500.3.9.1 * krb5-devel-1.20.1-150500.3.9.1 * krb5-client-debuginfo-1.20.1-150500.3.9.1 * krb5-debugsource-1.20.1-150500.3.9.1 * Basesystem Module 15-SP5 (x86_64) * krb5-32bit-debuginfo-1.20.1-150500.3.9.1 * krb5-32bit-1.20.1-150500.3.9.1 * Server Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * krb5-server-debuginfo-1.20.1-150500.3.9.1 * krb5-plugin-kdb-ldap-debuginfo-1.20.1-150500.3.9.1 * krb5-debuginfo-1.20.1-150500.3.9.1 * krb5-plugin-kdb-ldap-1.20.1-150500.3.9.1 * krb5-server-1.20.1-150500.3.9.1 * krb5-debugsource-1.20.1-150500.3.9.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * krb5-plugin-preauth-otp-1.20.1-150500.3.9.1 * krb5-plugin-preauth-otp-debuginfo-1.20.1-150500.3.9.1 * krb5-mini-debuginfo-1.20.1-150500.3.9.1 * krb5-plugin-preauth-spake-debuginfo-1.20.1-150500.3.9.1 * krb5-plugin-kdb-ldap-debuginfo-1.20.1-150500.3.9.1 * krb5-server-debuginfo-1.20.1-150500.3.9.1 * krb5-mini-devel-1.20.1-150500.3.9.1 * krb5-1.20.1-150500.3.9.1 * krb5-debuginfo-1.20.1-150500.3.9.1 * krb5-plugin-preauth-pkinit-1.20.1-150500.3.9.1 * krb5-mini-debugsource-1.20.1-150500.3.9.1 * krb5-plugin-kdb-ldap-1.20.1-150500.3.9.1 * krb5-plugin-preauth-pkinit-debuginfo-1.20.1-150500.3.9.1 * krb5-client-1.20.1-150500.3.9.1 * krb5-mini-1.20.1-150500.3.9.1 * krb5-devel-1.20.1-150500.3.9.1 * krb5-client-debuginfo-1.20.1-150500.3.9.1 * krb5-debugsource-1.20.1-150500.3.9.1 * krb5-plugin-preauth-spake-1.20.1-150500.3.9.1 * krb5-server-1.20.1-150500.3.9.1 * openSUSE Leap 15.5 (x86_64) * krb5-32bit-debuginfo-1.20.1-150500.3.9.1 * krb5-devel-32bit-1.20.1-150500.3.9.1 * krb5-32bit-1.20.1-150500.3.9.1 * openSUSE Leap 15.5 (aarch64_ilp32) * krb5-devel-64bit-1.20.1-150500.3.9.1 * krb5-64bit-debuginfo-1.20.1-150500.3.9.1 * krb5-64bit-1.20.1-150500.3.9.1 ## References: * https://www.suse.com/security/cve/CVE-2024-37370.html * https://www.suse.com/security/cve/CVE-2024-37371.html * https://bugzilla.suse.com/show_bug.cgi?id=1227186 * https://bugzilla.suse.com/show_bug.cgi?id=1227187 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Jul 4 16:30:10 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 04 Jul 2024 16:30:10 -0000 Subject: SUSE-SU-2024:2301-1: important: Security update for netatalk Message-ID: <172011061079.15102.1272336159628164910@smelt2.prg2.suse.org> # Security update for netatalk Announcement ID: SUSE-SU-2024:2301-1 Rating: important References: * bsc#1226429 * bsc#1226430 * bsc#1226431 Cross-References: * CVE-2024-38439 * CVE-2024-38440 * CVE-2024-38441 CVSS scores: * CVE-2024-38439 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2024-38440 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2024-38441 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 * SUSE Linux Enterprise Workstation Extension 12 12-SP5 An update that solves three vulnerabilities can now be installed. ## Description: This update for netatalk fixes the following issues: * CVE-2024-38439: Fixed a heap buffer overflow because of setting ibuf[PASSWDLEN] to \0 in FPLoginExt in login in etc/uams/uams_pam.c (bsc#1226430). * CVE-2024-38440: Fixed a heap buffer overflow because of incorrectly using FPLoginExt in BN_bin2bn in etc/uams/uams_dhx_pam.c (bsc#1226429). * CVE-2024-38441: Fixed a heap buffer overflow because of setting ibuf[len] to \0 in FPMapName in afp_mapname in etc/afp/directory.c (bsc#1226431). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-2301=1 * SUSE Linux Enterprise Workstation Extension 12 12-SP5 zypper in -t patch SUSE-SLE-WE-12-SP5-2024-2301=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * libatalk0-debuginfo-3.1.18-3.25.1 * libatalk0-3.1.18-3.25.1 * netatalk-debugsource-3.1.18-3.25.1 * netatalk-3.1.18-3.25.1 * netatalk-devel-3.1.18-3.25.1 * netatalk-debuginfo-3.1.18-3.25.1 * SUSE Linux Enterprise Workstation Extension 12 12-SP5 (x86_64) * libatalk0-debuginfo-3.1.18-3.25.1 * libatalk0-3.1.18-3.25.1 * netatalk-debugsource-3.1.18-3.25.1 * netatalk-3.1.18-3.25.1 * netatalk-devel-3.1.18-3.25.1 * netatalk-debuginfo-3.1.18-3.25.1 ## References: * https://www.suse.com/security/cve/CVE-2024-38439.html * https://www.suse.com/security/cve/CVE-2024-38440.html * https://www.suse.com/security/cve/CVE-2024-38441.html * https://bugzilla.suse.com/show_bug.cgi?id=1226429 * https://bugzilla.suse.com/show_bug.cgi?id=1226430 * https://bugzilla.suse.com/show_bug.cgi?id=1226431 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Jul 5 08:30:03 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 05 Jul 2024 08:30:03 -0000 Subject: SUSE-SU-2024:2305-1: important: Security update for krb5 Message-ID: <172016820305.5962.2195476022789073514@smelt2.prg2.suse.org> # Security update for krb5 Announcement ID: SUSE-SU-2024:2305-1 Rating: important References: * bsc#1227186 * bsc#1227187 Cross-References: * CVE-2024-37370 * CVE-2024-37371 CVSS scores: * CVE-2024-37370 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H * CVE-2024-37371 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 An update that solves two vulnerabilities can now be installed. ## Description: This update for krb5 fixes the following issues: * CVE-2024-37370: Fixed confidential GSS krb5 wrap tokens with invalid fields were errouneously accepted (bsc#1227186). * CVE-2024-37371: Fixed invalid memory read when processing message tokens with invalid length fields (bsc#1227187). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-2305=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-2305=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-2305=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * krb5-plugin-preauth-otp-1.16.3-150100.3.36.1 * krb5-debugsource-1.16.3-150100.3.36.1 * krb5-plugin-preauth-otp-debuginfo-1.16.3-150100.3.36.1 * krb5-plugin-kdb-ldap-1.16.3-150100.3.36.1 * krb5-plugin-preauth-pkinit-debuginfo-1.16.3-150100.3.36.1 * krb5-plugin-kdb-ldap-debuginfo-1.16.3-150100.3.36.1 * krb5-server-debuginfo-1.16.3-150100.3.36.1 * krb5-client-1.16.3-150100.3.36.1 * krb5-1.16.3-150100.3.36.1 * krb5-plugin-preauth-pkinit-1.16.3-150100.3.36.1 * krb5-client-debuginfo-1.16.3-150100.3.36.1 * krb5-devel-1.16.3-150100.3.36.1 * krb5-server-1.16.3-150100.3.36.1 * krb5-debuginfo-1.16.3-150100.3.36.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (x86_64) * krb5-32bit-debuginfo-1.16.3-150100.3.36.1 * krb5-32bit-1.16.3-150100.3.36.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * krb5-plugin-preauth-otp-1.16.3-150100.3.36.1 * krb5-debugsource-1.16.3-150100.3.36.1 * krb5-plugin-preauth-otp-debuginfo-1.16.3-150100.3.36.1 * krb5-plugin-kdb-ldap-1.16.3-150100.3.36.1 * krb5-plugin-preauth-pkinit-debuginfo-1.16.3-150100.3.36.1 * krb5-plugin-kdb-ldap-debuginfo-1.16.3-150100.3.36.1 * krb5-server-debuginfo-1.16.3-150100.3.36.1 * krb5-client-1.16.3-150100.3.36.1 * krb5-1.16.3-150100.3.36.1 * krb5-plugin-preauth-pkinit-1.16.3-150100.3.36.1 * krb5-client-debuginfo-1.16.3-150100.3.36.1 * krb5-devel-1.16.3-150100.3.36.1 * krb5-server-1.16.3-150100.3.36.1 * krb5-debuginfo-1.16.3-150100.3.36.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (x86_64) * krb5-32bit-debuginfo-1.16.3-150100.3.36.1 * krb5-32bit-1.16.3-150100.3.36.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * krb5-plugin-preauth-otp-1.16.3-150100.3.36.1 * krb5-debugsource-1.16.3-150100.3.36.1 * krb5-plugin-preauth-otp-debuginfo-1.16.3-150100.3.36.1 * krb5-plugin-kdb-ldap-1.16.3-150100.3.36.1 * krb5-plugin-preauth-pkinit-debuginfo-1.16.3-150100.3.36.1 * krb5-plugin-kdb-ldap-debuginfo-1.16.3-150100.3.36.1 * krb5-server-debuginfo-1.16.3-150100.3.36.1 * krb5-client-1.16.3-150100.3.36.1 * krb5-1.16.3-150100.3.36.1 * krb5-plugin-preauth-pkinit-1.16.3-150100.3.36.1 * krb5-client-debuginfo-1.16.3-150100.3.36.1 * krb5-devel-1.16.3-150100.3.36.1 * krb5-server-1.16.3-150100.3.36.1 * krb5-debuginfo-1.16.3-150100.3.36.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (x86_64) * krb5-32bit-debuginfo-1.16.3-150100.3.36.1 * krb5-32bit-1.16.3-150100.3.36.1 ## References: * https://www.suse.com/security/cve/CVE-2024-37370.html * https://www.suse.com/security/cve/CVE-2024-37371.html * https://bugzilla.suse.com/show_bug.cgi?id=1227186 * https://bugzilla.suse.com/show_bug.cgi?id=1227187 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Jul 5 12:30:05 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 05 Jul 2024 12:30:05 -0000 Subject: SUSE-SU-2024:2309-1: important: Security update for go1.22 Message-ID: <172018260519.31071.18080908245399540184@smelt2.prg2.suse.org> # Security update for go1.22 Announcement ID: SUSE-SU-2024:2309-1 Rating: important References: * bsc#1218424 * bsc#1227314 Cross-References: * CVE-2024-24791 CVSS scores: * CVE-2024-24791 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * Development Tools Module 15-SP5 * Development Tools Module 15-SP6 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for go1.22 fixes the following issues: Updated to version 1.22.5 (bsc#1218424): * CVE-2024-24791: Fixed a potential denial of service due to improper handling of HTTP 100-continue headers (bsc#1227314). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-2309=1 * Development Tools Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2024-2309=1 * Development Tools Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2024-2309=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-2309=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * go1.22-1.22.5-150000.1.21.1 * go1.22-doc-1.22.5-150000.1.21.1 * go1.22-race-1.22.5-150000.1.21.1 * Development Tools Module 15-SP5 (aarch64 ppc64le s390x x86_64) * go1.22-1.22.5-150000.1.21.1 * go1.22-doc-1.22.5-150000.1.21.1 * go1.22-race-1.22.5-150000.1.21.1 * Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64) * go1.22-1.22.5-150000.1.21.1 * go1.22-doc-1.22.5-150000.1.21.1 * go1.22-race-1.22.5-150000.1.21.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * go1.22-1.22.5-150000.1.21.1 * go1.22-doc-1.22.5-150000.1.21.1 * go1.22-race-1.22.5-150000.1.21.1 ## References: * https://www.suse.com/security/cve/CVE-2024-24791.html * https://bugzilla.suse.com/show_bug.cgi?id=1218424 * https://bugzilla.suse.com/show_bug.cgi?id=1227314 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Jul 5 12:30:07 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 05 Jul 2024 12:30:07 -0000 Subject: SUSE-SU-2024:2308-1: important: Security update for go1.21 Message-ID: <172018260722.31071.2241194110371953974@smelt2.prg2.suse.org> # Security update for go1.21 Announcement ID: SUSE-SU-2024:2308-1 Rating: important References: * bsc#1212475 * bsc#1227314 Cross-References: * CVE-2024-24791 CVSS scores: * CVE-2024-24791 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * Development Tools Module 15-SP5 * Development Tools Module 15-SP6 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for go1.21 fixes the following issues: Updated to version 1.21.12 (bsc#1212475): * CVE-2024-24791: Fixed a potential denial of service due to improper handling of HTTP 100-continue headers (bsc#1227314). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-2308=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-2308=1 * Development Tools Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2024-2308=1 * Development Tools Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2024-2308=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-2308=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-2308=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-2308=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-2308=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-2308=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * go1.21-1.21.12-150000.1.39.1 * go1.21-race-1.21.12-150000.1.39.1 * go1.21-doc-1.21.12-150000.1.39.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * go1.21-1.21.12-150000.1.39.1 * go1.21-race-1.21.12-150000.1.39.1 * go1.21-doc-1.21.12-150000.1.39.1 * Development Tools Module 15-SP5 (aarch64 ppc64le s390x x86_64) * go1.21-1.21.12-150000.1.39.1 * go1.21-race-1.21.12-150000.1.39.1 * go1.21-doc-1.21.12-150000.1.39.1 * Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64) * go1.21-1.21.12-150000.1.39.1 * go1.21-race-1.21.12-150000.1.39.1 * go1.21-doc-1.21.12-150000.1.39.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * go1.21-1.21.12-150000.1.39.1 * go1.21-race-1.21.12-150000.1.39.1 * go1.21-doc-1.21.12-150000.1.39.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * go1.21-1.21.12-150000.1.39.1 * go1.21-race-1.21.12-150000.1.39.1 * go1.21-doc-1.21.12-150000.1.39.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * go1.21-1.21.12-150000.1.39.1 * go1.21-race-1.21.12-150000.1.39.1 * go1.21-doc-1.21.12-150000.1.39.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * go1.21-1.21.12-150000.1.39.1 * go1.21-doc-1.21.12-150000.1.39.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 x86_64) * go1.21-race-1.21.12-150000.1.39.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * go1.21-1.21.12-150000.1.39.1 * go1.21-doc-1.21.12-150000.1.39.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64) * go1.21-race-1.21.12-150000.1.39.1 ## References: * https://www.suse.com/security/cve/CVE-2024-24791.html * https://bugzilla.suse.com/show_bug.cgi?id=1212475 * https://bugzilla.suse.com/show_bug.cgi?id=1227314 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Jul 5 12:30:09 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 05 Jul 2024 12:30:09 -0000 Subject: SUSE-SU-2024:2307-1: important: Security update for krb5 Message-ID: <172018260923.31071.5476742760760075680@smelt2.prg2.suse.org> # Security update for krb5 Announcement ID: SUSE-SU-2024:2307-1 Rating: important References: * bsc#1227186 * bsc#1227187 Cross-References: * CVE-2024-37370 * CVE-2024-37371 CVSS scores: * CVE-2024-37370 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H * CVE-2024-37371 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * Server Applications Module 15-SP6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves two vulnerabilities can now be installed. ## Description: This update for krb5 fixes the following issues: * CVE-2024-37370: Fixed confidential GSS krb5 wrap tokens with invalid fields were errouneously accepted (bsc#1227186). * CVE-2024-37371: Fixed invalid memory read when processing message tokens with invalid length fields (bsc#1227187). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-2307=1 openSUSE-SLE-15.6-2024-2307=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-2307=1 * Server Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2024-2307=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * krb5-plugin-preauth-pkinit-debuginfo-1.20.1-150600.11.3.1 * krb5-mini-1.20.1-150600.11.3.1 * krb5-mini-debugsource-1.20.1-150600.11.3.1 * krb5-plugin-preauth-pkinit-1.20.1-150600.11.3.1 * krb5-client-debuginfo-1.20.1-150600.11.3.1 * krb5-debugsource-1.20.1-150600.11.3.1 * krb5-plugin-kdb-ldap-debuginfo-1.20.1-150600.11.3.1 * krb5-1.20.1-150600.11.3.1 * krb5-server-1.20.1-150600.11.3.1 * krb5-server-debuginfo-1.20.1-150600.11.3.1 * krb5-devel-1.20.1-150600.11.3.1 * krb5-plugin-preauth-otp-debuginfo-1.20.1-150600.11.3.1 * krb5-mini-debuginfo-1.20.1-150600.11.3.1 * krb5-debuginfo-1.20.1-150600.11.3.1 * krb5-plugin-preauth-spake-1.20.1-150600.11.3.1 * krb5-plugin-kdb-ldap-1.20.1-150600.11.3.1 * krb5-client-1.20.1-150600.11.3.1 * krb5-plugin-preauth-otp-1.20.1-150600.11.3.1 * krb5-mini-devel-1.20.1-150600.11.3.1 * krb5-plugin-preauth-spake-debuginfo-1.20.1-150600.11.3.1 * openSUSE Leap 15.6 (x86_64) * krb5-32bit-debuginfo-1.20.1-150600.11.3.1 * krb5-devel-32bit-1.20.1-150600.11.3.1 * krb5-32bit-1.20.1-150600.11.3.1 * openSUSE Leap 15.6 (aarch64_ilp32) * krb5-64bit-debuginfo-1.20.1-150600.11.3.1 * krb5-64bit-1.20.1-150600.11.3.1 * krb5-devel-64bit-1.20.1-150600.11.3.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * krb5-plugin-preauth-pkinit-debuginfo-1.20.1-150600.11.3.1 * krb5-plugin-preauth-pkinit-1.20.1-150600.11.3.1 * krb5-client-debuginfo-1.20.1-150600.11.3.1 * krb5-debugsource-1.20.1-150600.11.3.1 * krb5-1.20.1-150600.11.3.1 * krb5-devel-1.20.1-150600.11.3.1 * krb5-plugin-preauth-otp-debuginfo-1.20.1-150600.11.3.1 * krb5-client-1.20.1-150600.11.3.1 * krb5-plugin-preauth-otp-1.20.1-150600.11.3.1 * krb5-debuginfo-1.20.1-150600.11.3.1 * Basesystem Module 15-SP6 (x86_64) * krb5-32bit-debuginfo-1.20.1-150600.11.3.1 * krb5-32bit-1.20.1-150600.11.3.1 * Server Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * krb5-debugsource-1.20.1-150600.11.3.1 * krb5-server-debuginfo-1.20.1-150600.11.3.1 * krb5-server-1.20.1-150600.11.3.1 * krb5-plugin-kdb-ldap-debuginfo-1.20.1-150600.11.3.1 * krb5-plugin-kdb-ldap-1.20.1-150600.11.3.1 * krb5-debuginfo-1.20.1-150600.11.3.1 ## References: * https://www.suse.com/security/cve/CVE-2024-37370.html * https://www.suse.com/security/cve/CVE-2024-37371.html * https://bugzilla.suse.com/show_bug.cgi?id=1227186 * https://bugzilla.suse.com/show_bug.cgi?id=1227187 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jul 8 12:30:04 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 08 Jul 2024 12:30:04 -0000 Subject: SUSE-SU-2024:2320-1: moderate: Security update for python-urllib3 Message-ID: <172044180429.2767.3687878895558704856@smelt2.prg2.suse.org> # Security update for python-urllib3 Announcement ID: SUSE-SU-2024:2320-1 Rating: moderate References: * bsc#1226469 Cross-References: * CVE-2024-37891 CVSS scores: * CVE-2024-37891 ( SUSE ): 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * Public Cloud Module 15-SP4 * Python 3 Module 15-SP5 * Python 3 Module 15-SP6 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for python-urllib3 fixes the following issues: * CVE-2024-37891: Fixed proxy-authorization request header not stripped during cross-origin redirects (bsc#1226469). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-2320=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-2320=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-2320=1 * Public Cloud Module 15-SP4 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2024-2320=1 * Python 3 Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Python3-15-SP5-2024-2320=1 * Python 3 Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Python3-15-SP6-2024-2320=1 ## Package List: * openSUSE Leap 15.4 (noarch) * python311-urllib3-2.0.7-150400.7.18.1 * openSUSE Leap 15.5 (noarch) * python311-urllib3-2.0.7-150400.7.18.1 * openSUSE Leap 15.6 (noarch) * python311-urllib3-2.0.7-150400.7.18.1 * Public Cloud Module 15-SP4 (noarch) * python311-urllib3-2.0.7-150400.7.18.1 * Python 3 Module 15-SP5 (noarch) * python311-urllib3-2.0.7-150400.7.18.1 * Python 3 Module 15-SP6 (noarch) * python311-urllib3-2.0.7-150400.7.18.1 ## References: * https://www.suse.com/security/cve/CVE-2024-37891.html * https://bugzilla.suse.com/show_bug.cgi?id=1226469 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jul 8 12:30:07 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 08 Jul 2024 12:30:07 -0000 Subject: SUSE-SU-2024:2318-1: important: Security update for kubevirt, virt-api-container, virt-controller-container, virt-exportproxy-container, virt-exportserver-container, virt-handler-container, virt-launcher-container, virt-libguestfs-t Message-ID: <172044180722.2767.18162512200521595742@smelt2.prg2.suse.org> # Security update for kubevirt, virt-api-container, virt-controller-container, virt-exportproxy-container, virt-exportserver-container, virt-handler-container, virt-launcher-container, virt-libguestfs-t Announcement ID: SUSE-SU-2024:2318-1 Rating: important References: * bsc#1223965 Cross-References: * CVE-2024-33394 CVSS scores: * CVE-2024-33394 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N Affected Products: * Containers Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for kubevirt, virt-api-container, virt-controller-container, virt- exportproxy-container, virt-exportserver-container, virt-handler-container, virt-launcher-container, virt-libguestfs-tools-container, virt-operator- container, virt-pr-helper-container fixes the following issues: * Collect component Role rules under operator Role instead of ClusterRole (bsc#1223965, CVE-2024-33394) * Ensure procps is installed (provides ps for tests) Containers were rebuilt against current go and maintenance updates. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-2318=1 openSUSE-SLE-15.6-2024-2318=1 * Containers Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Containers-15-SP6-2024-2318=1 ## Package List: * openSUSE Leap 15.6 (x86_64) * kubevirt-container-disk-debuginfo-1.1.1-150600.5.3.2 * kubevirt-manifests-1.1.1-150600.5.3.2 * kubevirt-virt-handler-debuginfo-1.1.1-150600.5.3.2 * kubevirt-virtctl-1.1.1-150600.5.3.2 * kubevirt-virt-launcher-1.1.1-150600.5.3.2 * kubevirt-virt-exportserver-1.1.1-150600.5.3.2 * kubevirt-virt-operator-debuginfo-1.1.1-150600.5.3.2 * kubevirt-tests-1.1.1-150600.5.3.2 * kubevirt-virtctl-debuginfo-1.1.1-150600.5.3.2 * kubevirt-virt-exportproxy-debuginfo-1.1.1-150600.5.3.2 * kubevirt-container-disk-1.1.1-150600.5.3.2 * kubevirt-virt-launcher-debuginfo-1.1.1-150600.5.3.2 * kubevirt-virt-api-debuginfo-1.1.1-150600.5.3.2 * kubevirt-pr-helper-conf-1.1.1-150600.5.3.2 * kubevirt-virt-exportserver-debuginfo-1.1.1-150600.5.3.2 * kubevirt-virt-exportproxy-1.1.1-150600.5.3.2 * obs-service-kubevirt_containers_meta-1.1.1-150600.5.3.2 * kubevirt-virt-api-1.1.1-150600.5.3.2 * kubevirt-tests-debuginfo-1.1.1-150600.5.3.2 * kubevirt-virt-handler-1.1.1-150600.5.3.2 * kubevirt-virt-operator-1.1.1-150600.5.3.2 * kubevirt-virt-controller-1.1.1-150600.5.3.2 * kubevirt-virt-controller-debuginfo-1.1.1-150600.5.3.2 * Containers Module 15-SP6 (x86_64) * kubevirt-virtctl-debuginfo-1.1.1-150600.5.3.2 * kubevirt-manifests-1.1.1-150600.5.3.2 * kubevirt-virtctl-1.1.1-150600.5.3.2 ## References: * https://www.suse.com/security/cve/CVE-2024-33394.html * https://bugzilla.suse.com/show_bug.cgi?id=1223965 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jul 8 12:30:22 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 08 Jul 2024 12:30:22 -0000 Subject: SUSE-SU-2024:2313-1: important: Security update for netty3 Message-ID: <172044182224.2767.12428477147608333481@smelt2.prg2.suse.org> # Security update for netty3 Announcement ID: SUSE-SU-2024:2313-1 Rating: important References: * bsc#1222045 Cross-References: * CVE-2024-29025 CVSS scores: * CVE-2024-29025 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Development Tools Module 15-SP5 * Development Tools Module 15-SP6 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for netty3 fixes the following issues: * CVE-2024-29025: Fixed HttpPostRequestDecoder can out of memory due to large number of form fields (bsc#1222045). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-2313=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-2313=1 * Development Tools Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2024-2313=1 * Development Tools Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2024-2313=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-2313=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-2313=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-2313=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-2313=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-2313=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-2313=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-2313=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-2313=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-2313=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-2313=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-2313=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-2313=1 ## Package List: * openSUSE Leap 15.5 (noarch) * netty3-3.10.6-150200.3.10.1 * netty3-javadoc-3.10.6-150200.3.10.1 * openSUSE Leap 15.6 (noarch) * netty3-3.10.6-150200.3.10.1 * netty3-javadoc-3.10.6-150200.3.10.1 * Development Tools Module 15-SP5 (noarch) * netty3-3.10.6-150200.3.10.1 * Development Tools Module 15-SP6 (noarch) * netty3-3.10.6-150200.3.10.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (noarch) * netty3-3.10.6-150200.3.10.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * netty3-3.10.6-150200.3.10.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * netty3-3.10.6-150200.3.10.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * netty3-3.10.6-150200.3.10.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (noarch) * netty3-3.10.6-150200.3.10.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (noarch) * netty3-3.10.6-150200.3.10.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch) * netty3-3.10.6-150200.3.10.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch) * netty3-3.10.6-150200.3.10.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (noarch) * netty3-3.10.6-150200.3.10.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * netty3-3.10.6-150200.3.10.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * netty3-3.10.6-150200.3.10.1 * SUSE Enterprise Storage 7.1 (noarch) * netty3-3.10.6-150200.3.10.1 ## References: * https://www.suse.com/security/cve/CVE-2024-29025.html * https://bugzilla.suse.com/show_bug.cgi?id=1222045 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jul 8 16:30:04 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 08 Jul 2024 16:30:04 -0000 Subject: SUSE-SU-2024:2337-1: important: Security update for the Linux Kernel RT (Live Patch 10 for SLE 15 SP5) Message-ID: <172045620477.12879.4642128020259281100@smelt2.prg2.suse.org> # Security update for the Linux Kernel RT (Live Patch 10 for SLE 15 SP5) Announcement ID: SUSE-SU-2024:2337-1 Rating: important References: * bsc#1219296 * bsc#1220145 * bsc#1220211 * bsc#1220828 * bsc#1220832 * bsc#1221302 * bsc#1222685 * bsc#1222882 * bsc#1223059 * bsc#1223363 * bsc#1223514 * bsc#1223681 * bsc#1223683 Cross-References: * CVE-2022-48651 * CVE-2023-52340 * CVE-2023-52502 * CVE-2023-6546 * CVE-2024-23307 * CVE-2024-26585 * CVE-2024-26610 * CVE-2024-26622 * CVE-2024-26766 * CVE-2024-26828 * CVE-2024-26852 * CVE-2024-26923 * CVE-2024-26930 CVSS scores: * CVE-2022-48651 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52340 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52502 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26585 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26585 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26610 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-26622 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26766 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26828 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H * CVE-2024-26852 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26930 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26930 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves 13 vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_13_35 fixes several issues. The following security issues were fixed: * CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683). * CVE-2024-26930: Fixed double free of the ha->vp_map pointer (bsc#1223681). * CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223363). * CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5 modules (bsc#1220145). * CVE-2024-26852: Fixed use-after-free in ip6_route_mpath_notify() (bsc#1223059). * CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221302). * CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223514). * CVE-2024-26766: Fixed SDMA off-by-one error in _pad_sdma_tx_descs() (bsc#1222882). * CVE-2023-52502: Fixed a race condition in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() (bsc#1220832). * CVE-2024-26585: Fixed race between tx work scheduling and socket close (bsc#1220211). * CVE-2023-6546: Fixed a race condition in the GSM 0710 tty multiplexor via the GSMIOC_SETCONF ioctl that could lead to local privilege escalation (bsc#1222685). * CVE-2024-26622: Fixed UAF write bug in tomoyo_write_control() (bsc#1220828). * CVE-2023-52340: Fixed a denial of service related to ICMPv6 'Packet Too Big' packets (bsc#1219296). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-2337=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-2337=1 ## Package List: * openSUSE Leap 15.5 (x86_64) * kernel-livepatch-5_14_21-150500_13_35-rt-6-150500.11.8.1 * kernel-livepatch-SLE15-SP5-RT_Update_10-debugsource-6-150500.11.8.1 * kernel-livepatch-5_14_21-150500_13_35-rt-debuginfo-6-150500.11.8.1 * SUSE Linux Enterprise Live Patching 15-SP5 (x86_64) * kernel-livepatch-5_14_21-150500_13_35-rt-6-150500.11.8.1 * kernel-livepatch-SLE15-SP5-RT_Update_10-debugsource-6-150500.11.8.1 * kernel-livepatch-5_14_21-150500_13_35-rt-debuginfo-6-150500.11.8.1 ## References: * https://www.suse.com/security/cve/CVE-2022-48651.html * https://www.suse.com/security/cve/CVE-2023-52340.html * https://www.suse.com/security/cve/CVE-2023-52502.html * https://www.suse.com/security/cve/CVE-2023-6546.html * https://www.suse.com/security/cve/CVE-2024-23307.html * https://www.suse.com/security/cve/CVE-2024-26585.html * https://www.suse.com/security/cve/CVE-2024-26610.html * https://www.suse.com/security/cve/CVE-2024-26622.html * https://www.suse.com/security/cve/CVE-2024-26766.html * https://www.suse.com/security/cve/CVE-2024-26828.html * https://www.suse.com/security/cve/CVE-2024-26852.html * https://www.suse.com/security/cve/CVE-2024-26923.html * https://www.suse.com/security/cve/CVE-2024-26930.html * https://bugzilla.suse.com/show_bug.cgi?id=1219296 * https://bugzilla.suse.com/show_bug.cgi?id=1220145 * https://bugzilla.suse.com/show_bug.cgi?id=1220211 * https://bugzilla.suse.com/show_bug.cgi?id=1220828 * https://bugzilla.suse.com/show_bug.cgi?id=1220832 * https://bugzilla.suse.com/show_bug.cgi?id=1221302 * https://bugzilla.suse.com/show_bug.cgi?id=1222685 * https://bugzilla.suse.com/show_bug.cgi?id=1222882 * https://bugzilla.suse.com/show_bug.cgi?id=1223059 * https://bugzilla.suse.com/show_bug.cgi?id=1223363 * https://bugzilla.suse.com/show_bug.cgi?id=1223514 * https://bugzilla.suse.com/show_bug.cgi?id=1223681 * https://bugzilla.suse.com/show_bug.cgi?id=1223683 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jul 8 16:30:08 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 08 Jul 2024 16:30:08 -0000 Subject: SUSE-SU-2024:2335-1: important: Security update for the Linux Kernel RT (Live Patch 13 for SLE 15 SP5) Message-ID: <172045620839.12879.16658602879768102117@smelt2.prg2.suse.org> # Security update for the Linux Kernel RT (Live Patch 13 for SLE 15 SP5) Announcement ID: SUSE-SU-2024:2335-1 Rating: important References: * bsc#1221302 * bsc#1223059 * bsc#1223363 * bsc#1223514 * bsc#1223683 Cross-References: * CVE-2022-48651 * CVE-2024-26610 * CVE-2024-26828 * CVE-2024-26852 * CVE-2024-26923 CVSS scores: * CVE-2022-48651 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26610 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-26828 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H * CVE-2024-26852 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves five vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_13_47 fixes several issues. The following security issues were fixed: * CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683). * CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223363). * CVE-2024-26852: Fixed use-after-free in ip6_route_mpath_notify() (bsc#1223059). * CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221302). * CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223514). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-2335=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-2335=1 ## Package List: * openSUSE Leap 15.5 (x86_64) * kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource-4-150500.11.6.1 * kernel-livepatch-5_14_21-150500_13_47-rt-4-150500.11.6.1 * kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo-4-150500.11.6.1 * SUSE Linux Enterprise Live Patching 15-SP5 (x86_64) * kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource-4-150500.11.6.1 * kernel-livepatch-5_14_21-150500_13_47-rt-4-150500.11.6.1 * kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo-4-150500.11.6.1 ## References: * https://www.suse.com/security/cve/CVE-2022-48651.html * https://www.suse.com/security/cve/CVE-2024-26610.html * https://www.suse.com/security/cve/CVE-2024-26828.html * https://www.suse.com/security/cve/CVE-2024-26852.html * https://www.suse.com/security/cve/CVE-2024-26923.html * https://bugzilla.suse.com/show_bug.cgi?id=1221302 * https://bugzilla.suse.com/show_bug.cgi?id=1223059 * https://bugzilla.suse.com/show_bug.cgi?id=1223363 * https://bugzilla.suse.com/show_bug.cgi?id=1223514 * https://bugzilla.suse.com/show_bug.cgi?id=1223683 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jul 8 16:30:10 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 08 Jul 2024 16:30:10 -0000 Subject: SUSE-SU-2024:2326-1: important: Security update for the Linux Kernel RT (Live Patch 9 for SLE 15 SP5) Message-ID: <172045621066.12879.7874733508082755144@smelt2.prg2.suse.org> # Security update for the Linux Kernel RT (Live Patch 9 for SLE 15 SP5) Announcement ID: SUSE-SU-2024:2326-1 Rating: important References: * bsc#1220145 * bsc#1223363 * bsc#1223681 * bsc#1223683 Cross-References: * CVE-2024-23307 * CVE-2024-26828 * CVE-2024-26923 * CVE-2024-26930 CVSS scores: * CVE-2024-23307 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26828 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H * CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26930 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26930 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves four vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_13_30 fixes several issues. The following security issues were fixed: * CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683). * CVE-2024-26930: Fixed double free of the ha->vp_map pointer (bsc#1223681). * CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223363). * CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5 modules (bsc#1220145). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-2329=1 SUSE-2024-2336=1 SUSE-2024-2327=1 SUSE-2024-2330=1 SUSE-2024-2328=1 SUSE-2024-2326=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-2329=1 SUSE-SLE- Module-Live-Patching-15-SP5-2024-2336=1 SUSE-SLE-Module-Live- Patching-15-SP5-2024-2327=1 SUSE-SLE-Module-Live-Patching-15-SP5-2024-2330=1 SUSE-SLE-Module-Live-Patching-15-SP5-2024-2328=1 SUSE-SLE-Module-Live- Patching-15-SP5-2024-2326=1 ## Package List: * openSUSE Leap 15.5 (x86_64) * kernel-livepatch-5_14_21-150500_13_11-rt-12-150500.2.1 * kernel-livepatch-5_14_21-150500_13_11-rt-debuginfo-12-150500.2.1 * kernel-livepatch-SLE15-SP5-RT_Update_7-debugsource-10-150500.2.1 * kernel-livepatch-5_14_21-150500_13_27-rt-debuginfo-9-150500.2.1 * kernel-livepatch-5_14_21-150500_13_24-rt-10-150500.2.1 * kernel-livepatch-5_14_21-150500_13_18-rt-11-150500.2.1 * kernel-livepatch-SLE15-SP5-RT_Update_9-debugsource-8-150500.2.1 * kernel-livepatch-5_14_21-150500_13_27-rt-9-150500.2.1 * kernel-livepatch-5_14_21-150500_13_18-rt-debuginfo-11-150500.2.1 * kernel-livepatch-5_14_21-150500_13_30-rt-debuginfo-8-150500.2.1 * kernel-livepatch-5_14_21-150500_13_5-rt-14-150500.2.1 * kernel-livepatch-SLE15-SP5-RT_Update_8-debugsource-9-150500.2.1 * kernel-livepatch-SLE15-SP5-RT_Update_1-debugsource-14-150500.2.1 * kernel-livepatch-5_14_21-150500_13_24-rt-debuginfo-10-150500.2.1 * kernel-livepatch-SLE15-SP5-RT_Update_3-debugsource-12-150500.2.1 * kernel-livepatch-SLE15-SP5-RT_Update_5-debugsource-11-150500.2.1 * kernel-livepatch-5_14_21-150500_13_30-rt-8-150500.2.1 * kernel-livepatch-5_14_21-150500_13_5-rt-debuginfo-14-150500.2.1 * SUSE Linux Enterprise Live Patching 15-SP5 (x86_64) * kernel-livepatch-5_14_21-150500_13_11-rt-12-150500.2.1 * kernel-livepatch-5_14_21-150500_13_11-rt-debuginfo-12-150500.2.1 * kernel-livepatch-SLE15-SP5-RT_Update_7-debugsource-10-150500.2.1 * kernel-livepatch-5_14_21-150500_13_27-rt-debuginfo-9-150500.2.1 * kernel-livepatch-5_14_21-150500_13_24-rt-10-150500.2.1 * kernel-livepatch-5_14_21-150500_13_18-rt-11-150500.2.1 * kernel-livepatch-SLE15-SP5-RT_Update_9-debugsource-8-150500.2.1 * kernel-livepatch-5_14_21-150500_13_27-rt-9-150500.2.1 * kernel-livepatch-5_14_21-150500_13_18-rt-debuginfo-11-150500.2.1 * kernel-livepatch-5_14_21-150500_13_30-rt-debuginfo-8-150500.2.1 * kernel-livepatch-5_14_21-150500_13_5-rt-14-150500.2.1 * kernel-livepatch-SLE15-SP5-RT_Update_8-debugsource-9-150500.2.1 * kernel-livepatch-SLE15-SP5-RT_Update_1-debugsource-14-150500.2.1 * kernel-livepatch-5_14_21-150500_13_24-rt-debuginfo-10-150500.2.1 * kernel-livepatch-SLE15-SP5-RT_Update_3-debugsource-12-150500.2.1 * kernel-livepatch-SLE15-SP5-RT_Update_5-debugsource-11-150500.2.1 * kernel-livepatch-5_14_21-150500_13_30-rt-8-150500.2.1 * kernel-livepatch-5_14_21-150500_13_5-rt-debuginfo-14-150500.2.1 ## References: * https://www.suse.com/security/cve/CVE-2024-23307.html * https://www.suse.com/security/cve/CVE-2024-26828.html * https://www.suse.com/security/cve/CVE-2024-26923.html * https://www.suse.com/security/cve/CVE-2024-26930.html * https://bugzilla.suse.com/show_bug.cgi?id=1220145 * https://bugzilla.suse.com/show_bug.cgi?id=1223363 * https://bugzilla.suse.com/show_bug.cgi?id=1223681 * https://bugzilla.suse.com/show_bug.cgi?id=1223683 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jul 8 16:30:13 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 08 Jul 2024 16:30:13 -0000 Subject: SUSE-SU-2024:2334-1: low: Security update for poppler Message-ID: <172045621349.12879.12866805731506244039@smelt2.prg2.suse.org> # Security update for poppler Announcement ID: SUSE-SU-2024:2334-1 Rating: low References: * bsc#1226916 Cross-References: * CVE-2024-6239 CVSS scores: * CVE-2024-6239 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2024-6239 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP5 * Basesystem Module 15-SP6 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for poppler fixes the following issues: * CVE-2024-6239: Fixed crash when using pdfinfo with -dests parameter on malformed input files (bsc#1226916). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-2334=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-2334=1 ## Package List: * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * libpoppler89-0.79.0-150200.3.32.1 * libpoppler89-debuginfo-0.79.0-150200.3.32.1 * poppler-debugsource-0.79.0-150200.3.32.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libpoppler89-0.79.0-150200.3.32.1 * libpoppler89-debuginfo-0.79.0-150200.3.32.1 * poppler-debugsource-0.79.0-150200.3.32.1 ## References: * https://www.suse.com/security/cve/CVE-2024-6239.html * https://bugzilla.suse.com/show_bug.cgi?id=1226916 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jul 8 16:30:14 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 08 Jul 2024 16:30:14 -0000 Subject: SUSE-SU-2024:2333-1: low: Security update for poppler Message-ID: <172045621494.12879.12615387814868189819@smelt2.prg2.suse.org> # Security update for poppler Announcement ID: SUSE-SU-2024:2333-1 Rating: low References: * bsc#1226916 Cross-References: * CVE-2024-6239 CVSS scores: * CVE-2024-6239 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2024-6239 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Workstation Extension 15 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for poppler fixes the following issues: * CVE-2024-6239: Fixed crash when using pdfinfo with -dests parameter on malformed input files (bsc#12269160). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-2333=1 * SUSE Linux Enterprise Workstation Extension 15 SP5 zypper in -t patch SUSE-SLE-Product-WE-15-SP5-2024-2333=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * poppler-tools-debuginfo-22.01.0-150400.3.22.1 * typelib-1_0-Poppler-0_18-22.01.0-150400.3.22.1 * libpoppler-devel-22.01.0-150400.3.22.1 * poppler-qt5-debugsource-22.01.0-150400.3.22.1 * libpoppler-cpp0-22.01.0-150400.3.22.1 * libpoppler-glib-devel-22.01.0-150400.3.22.1 * poppler-qt6-debugsource-22.01.0-150400.3.22.1 * libpoppler-qt5-1-debuginfo-22.01.0-150400.3.22.1 * libpoppler117-debuginfo-22.01.0-150400.3.22.1 * libpoppler-qt5-devel-22.01.0-150400.3.22.1 * poppler-debugsource-22.01.0-150400.3.22.1 * poppler-tools-22.01.0-150400.3.22.1 * libpoppler-qt5-1-22.01.0-150400.3.22.1 * libpoppler-qt6-3-22.01.0-150400.3.22.1 * libpoppler-qt6-3-debuginfo-22.01.0-150400.3.22.1 * libpoppler-qt6-devel-22.01.0-150400.3.22.1 * libpoppler-glib8-22.01.0-150400.3.22.1 * libpoppler117-22.01.0-150400.3.22.1 * libpoppler-cpp0-debuginfo-22.01.0-150400.3.22.1 * libpoppler-glib8-debuginfo-22.01.0-150400.3.22.1 * openSUSE Leap 15.4 (x86_64) * libpoppler117-32bit-22.01.0-150400.3.22.1 * libpoppler-glib8-32bit-22.01.0-150400.3.22.1 * libpoppler117-32bit-debuginfo-22.01.0-150400.3.22.1 * libpoppler-qt5-1-32bit-debuginfo-22.01.0-150400.3.22.1 * libpoppler-qt5-1-32bit-22.01.0-150400.3.22.1 * libpoppler-cpp0-32bit-22.01.0-150400.3.22.1 * libpoppler-glib8-32bit-debuginfo-22.01.0-150400.3.22.1 * libpoppler-cpp0-32bit-debuginfo-22.01.0-150400.3.22.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libpoppler-cpp0-64bit-debuginfo-22.01.0-150400.3.22.1 * libpoppler-glib8-64bit-22.01.0-150400.3.22.1 * libpoppler-glib8-64bit-debuginfo-22.01.0-150400.3.22.1 * libpoppler117-64bit-22.01.0-150400.3.22.1 * libpoppler117-64bit-debuginfo-22.01.0-150400.3.22.1 * libpoppler-qt5-1-64bit-debuginfo-22.01.0-150400.3.22.1 * libpoppler-qt5-1-64bit-22.01.0-150400.3.22.1 * libpoppler-cpp0-64bit-22.01.0-150400.3.22.1 * SUSE Linux Enterprise Workstation Extension 15 SP5 (x86_64) * libpoppler117-22.01.0-150400.3.22.1 * libpoppler117-debuginfo-22.01.0-150400.3.22.1 * poppler-debugsource-22.01.0-150400.3.22.1 ## References: * https://www.suse.com/security/cve/CVE-2024-6239.html * https://bugzilla.suse.com/show_bug.cgi?id=1226916 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jul 8 16:30:16 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 08 Jul 2024 16:30:16 -0000 Subject: SUSE-SU-2024:2332-1: low: Security update for poppler Message-ID: <172045621691.12879.6339207403761900590@smelt2.prg2.suse.org> # Security update for poppler Announcement ID: SUSE-SU-2024:2332-1 Rating: low References: * bsc#1226916 Cross-References: * CVE-2024-6239 CVSS scores: * CVE-2024-6239 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2024-6239 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Package Hub 15 15-SP5 An update that solves one vulnerability can now be installed. ## Description: This update for poppler fixes the following issues: * CVE-2024-6239: Fixed crash when using pdfinfo with -dests parameter on malformed input files (bsc#1226916). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-2332=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-2332=1 * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-2332=1 openSUSE-SLE-15.5-2024-2332=1 ## Package List: * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * poppler-tools-debuginfo-23.01.0-150500.3.11.1 * libpoppler-cpp0-23.01.0-150500.3.11.1 * libpoppler-cpp0-debuginfo-23.01.0-150500.3.11.1 * libpoppler-devel-23.01.0-150500.3.11.1 * libpoppler-glib8-debuginfo-23.01.0-150500.3.11.1 * typelib-1_0-Poppler-0_18-23.01.0-150500.3.11.1 * poppler-debugsource-23.01.0-150500.3.11.1 * poppler-tools-23.01.0-150500.3.11.1 * libpoppler126-debuginfo-23.01.0-150500.3.11.1 * libpoppler126-23.01.0-150500.3.11.1 * libpoppler-glib8-23.01.0-150500.3.11.1 * libpoppler-glib-devel-23.01.0-150500.3.11.1 * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x x86_64) * libpoppler-qt5-1-23.01.0-150500.3.11.1 * libpoppler-qt5-1-debuginfo-23.01.0-150500.3.11.1 * libpoppler-cpp0-23.01.0-150500.3.11.1 * libpoppler-qt5-devel-23.01.0-150500.3.11.1 * libpoppler-cpp0-debuginfo-23.01.0-150500.3.11.1 * libpoppler-devel-23.01.0-150500.3.11.1 * poppler-qt5-debugsource-23.01.0-150500.3.11.1 * poppler-debugsource-23.01.0-150500.3.11.1 * SUSE Package Hub 15 15-SP5 (x86_64) * libpoppler-glib8-32bit-23.01.0-150500.3.11.1 * libpoppler126-32bit-debuginfo-23.01.0-150500.3.11.1 * libpoppler-glib8-32bit-debuginfo-23.01.0-150500.3.11.1 * libpoppler126-32bit-23.01.0-150500.3.11.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * poppler-tools-debuginfo-23.01.0-150500.3.11.1 * poppler-qt6-debugsource-23.01.0-150500.3.11.1 * libpoppler-qt5-1-23.01.0-150500.3.11.1 * libpoppler-qt5-1-debuginfo-23.01.0-150500.3.11.1 * libpoppler-cpp0-23.01.0-150500.3.11.1 * libpoppler-qt5-devel-23.01.0-150500.3.11.1 * libpoppler-cpp0-debuginfo-23.01.0-150500.3.11.1 * libpoppler-devel-23.01.0-150500.3.11.1 * libpoppler-qt6-3-23.01.0-150500.3.11.1 * libpoppler-glib8-debuginfo-23.01.0-150500.3.11.1 * poppler-qt5-debugsource-23.01.0-150500.3.11.1 * typelib-1_0-Poppler-0_18-23.01.0-150500.3.11.1 * libpoppler-qt6-3-debuginfo-23.01.0-150500.3.11.1 * libpoppler-qt6-devel-23.01.0-150500.3.11.1 * poppler-debugsource-23.01.0-150500.3.11.1 * poppler-tools-23.01.0-150500.3.11.1 * libpoppler126-debuginfo-23.01.0-150500.3.11.1 * libpoppler126-23.01.0-150500.3.11.1 * libpoppler-glib8-23.01.0-150500.3.11.1 * libpoppler-glib-devel-23.01.0-150500.3.11.1 * openSUSE Leap 15.5 (x86_64) * libpoppler-glib8-32bit-23.01.0-150500.3.11.1 * libpoppler-cpp0-32bit-debuginfo-23.01.0-150500.3.11.1 * libpoppler126-32bit-debuginfo-23.01.0-150500.3.11.1 * libpoppler-cpp0-32bit-23.01.0-150500.3.11.1 * libpoppler-glib8-32bit-debuginfo-23.01.0-150500.3.11.1 * libpoppler-qt5-1-32bit-23.01.0-150500.3.11.1 * libpoppler-qt5-1-32bit-debuginfo-23.01.0-150500.3.11.1 * libpoppler126-32bit-23.01.0-150500.3.11.1 * openSUSE Leap 15.5 (aarch64_ilp32) * libpoppler-qt5-1-64bit-23.01.0-150500.3.11.1 * libpoppler126-64bit-debuginfo-23.01.0-150500.3.11.1 * libpoppler-qt5-1-64bit-debuginfo-23.01.0-150500.3.11.1 * libpoppler126-64bit-23.01.0-150500.3.11.1 * libpoppler-cpp0-64bit-debuginfo-23.01.0-150500.3.11.1 * libpoppler-cpp0-64bit-23.01.0-150500.3.11.1 * libpoppler-glib8-64bit-debuginfo-23.01.0-150500.3.11.1 * libpoppler-glib8-64bit-23.01.0-150500.3.11.1 ## References: * https://www.suse.com/security/cve/CVE-2024-6239.html * https://bugzilla.suse.com/show_bug.cgi?id=1226916 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jul 8 16:30:20 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 08 Jul 2024 16:30:20 -0000 Subject: SUSE-SU-2024:1937-2: moderate: Security update for python-docker Message-ID: <172045622071.12879.12924587165234097731@smelt2.prg2.suse.org> # Security update for python-docker Announcement ID: SUSE-SU-2024:1937-2 Rating: moderate References: * bsc#1224788 Cross-References: * CVE-2024-35195 CVSS scores: * CVE-2024-35195 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N Affected Products: * openSUSE Leap 15.5 * openSUSE Leap 15.6 * Public Cloud Module 15-SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for python-docker fixes the following issues: * CVE-2024-35195: Fixed missing certificate verification (bsc#1224788). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1937=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-1937=1 * Public Cloud Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP6-2024-1937=1 ## Package List: * openSUSE Leap 15.5 (noarch) * python311-docker-7.0.0-150400.8.7.1 * openSUSE Leap 15.6 (noarch) * python311-docker-7.0.0-150400.8.7.1 * Public Cloud Module 15-SP6 (noarch) * python311-docker-7.0.0-150400.8.7.1 ## References: * https://www.suse.com/security/cve/CVE-2024-35195.html * https://bugzilla.suse.com/show_bug.cgi?id=1224788 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jul 8 16:30:28 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 08 Jul 2024 16:30:28 -0000 Subject: SUSE-SU-2024:2322-1: important: Security update for krb5 Message-ID: <172045622800.12879.9471747953248308044@smelt2.prg2.suse.org> # Security update for krb5 Announcement ID: SUSE-SU-2024:2322-1 Rating: important References: * bsc#1227186 * bsc#1227187 Cross-References: * CVE-2024-37370 * CVE-2024-37371 CVSS scores: * CVE-2024-37370 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H * CVE-2024-37371 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves two vulnerabilities can now be installed. ## Description: This update for krb5 fixes the following issues: * CVE-2024-37370: Fixed confidential GSS krb5 wrap tokens with invalid fields were errouneously accepted (bsc#1227186). * CVE-2024-37371: Fixed invalid memory read when processing message tokens with invalid length fields (bsc#1227187). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-2322=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-2322=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-2322=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-2322=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-2322=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-2322=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-2322=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-2322=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-2322=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-2322=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-2322=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-2322=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-2322=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * krb5-plugin-preauth-pkinit-debuginfo-1.19.2-150400.3.12.1 * krb5-plugin-preauth-spake-debuginfo-1.19.2-150400.3.12.1 * krb5-client-1.19.2-150400.3.12.1 * krb5-mini-1.19.2-150400.3.12.1 * krb5-mini-debugsource-1.19.2-150400.3.12.1 * krb5-plugin-preauth-otp-debuginfo-1.19.2-150400.3.12.1 * krb5-mini-debuginfo-1.19.2-150400.3.12.1 * krb5-plugin-kdb-ldap-1.19.2-150400.3.12.1 * krb5-1.19.2-150400.3.12.1 * krb5-client-debuginfo-1.19.2-150400.3.12.1 * krb5-debugsource-1.19.2-150400.3.12.1 * krb5-devel-1.19.2-150400.3.12.1 * krb5-debuginfo-1.19.2-150400.3.12.1 * krb5-plugin-preauth-spake-1.19.2-150400.3.12.1 * krb5-mini-devel-1.19.2-150400.3.12.1 * krb5-server-1.19.2-150400.3.12.1 * krb5-server-debuginfo-1.19.2-150400.3.12.1 * krb5-plugin-preauth-pkinit-1.19.2-150400.3.12.1 * krb5-plugin-preauth-otp-1.19.2-150400.3.12.1 * krb5-plugin-kdb-ldap-debuginfo-1.19.2-150400.3.12.1 * openSUSE Leap 15.4 (x86_64) * krb5-32bit-1.19.2-150400.3.12.1 * krb5-32bit-debuginfo-1.19.2-150400.3.12.1 * krb5-devel-32bit-1.19.2-150400.3.12.1 * openSUSE Leap 15.4 (aarch64_ilp32) * krb5-devel-64bit-1.19.2-150400.3.12.1 * krb5-64bit-debuginfo-1.19.2-150400.3.12.1 * krb5-64bit-1.19.2-150400.3.12.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * krb5-debugsource-1.19.2-150400.3.12.1 * krb5-debuginfo-1.19.2-150400.3.12.1 * krb5-1.19.2-150400.3.12.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * krb5-debugsource-1.19.2-150400.3.12.1 * krb5-debuginfo-1.19.2-150400.3.12.1 * krb5-1.19.2-150400.3.12.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * krb5-debugsource-1.19.2-150400.3.12.1 * krb5-debuginfo-1.19.2-150400.3.12.1 * krb5-1.19.2-150400.3.12.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * krb5-debugsource-1.19.2-150400.3.12.1 * krb5-debuginfo-1.19.2-150400.3.12.1 * krb5-1.19.2-150400.3.12.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * krb5-plugin-preauth-pkinit-debuginfo-1.19.2-150400.3.12.1 * krb5-plugin-preauth-otp-debuginfo-1.19.2-150400.3.12.1 * krb5-plugin-kdb-ldap-1.19.2-150400.3.12.1 * krb5-1.19.2-150400.3.12.1 * krb5-client-debuginfo-1.19.2-150400.3.12.1 * krb5-debugsource-1.19.2-150400.3.12.1 * krb5-devel-1.19.2-150400.3.12.1 * krb5-debuginfo-1.19.2-150400.3.12.1 * krb5-client-1.19.2-150400.3.12.1 * krb5-server-1.19.2-150400.3.12.1 * krb5-server-debuginfo-1.19.2-150400.3.12.1 * krb5-plugin-preauth-pkinit-1.19.2-150400.3.12.1 * krb5-plugin-preauth-otp-1.19.2-150400.3.12.1 * krb5-plugin-kdb-ldap-debuginfo-1.19.2-150400.3.12.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64) * krb5-32bit-1.19.2-150400.3.12.1 * krb5-32bit-debuginfo-1.19.2-150400.3.12.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * krb5-plugin-preauth-pkinit-debuginfo-1.19.2-150400.3.12.1 * krb5-plugin-preauth-otp-debuginfo-1.19.2-150400.3.12.1 * krb5-plugin-kdb-ldap-1.19.2-150400.3.12.1 * krb5-1.19.2-150400.3.12.1 * krb5-client-debuginfo-1.19.2-150400.3.12.1 * krb5-debugsource-1.19.2-150400.3.12.1 * krb5-devel-1.19.2-150400.3.12.1 * krb5-debuginfo-1.19.2-150400.3.12.1 * krb5-client-1.19.2-150400.3.12.1 * krb5-server-1.19.2-150400.3.12.1 * krb5-server-debuginfo-1.19.2-150400.3.12.1 * krb5-plugin-preauth-pkinit-1.19.2-150400.3.12.1 * krb5-plugin-preauth-otp-1.19.2-150400.3.12.1 * krb5-plugin-kdb-ldap-debuginfo-1.19.2-150400.3.12.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64) * krb5-32bit-1.19.2-150400.3.12.1 * krb5-32bit-debuginfo-1.19.2-150400.3.12.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * krb5-plugin-preauth-pkinit-debuginfo-1.19.2-150400.3.12.1 * krb5-plugin-preauth-otp-debuginfo-1.19.2-150400.3.12.1 * krb5-1.19.2-150400.3.12.1 * krb5-plugin-preauth-pkinit-1.19.2-150400.3.12.1 * krb5-client-debuginfo-1.19.2-150400.3.12.1 * krb5-debugsource-1.19.2-150400.3.12.1 * krb5-devel-1.19.2-150400.3.12.1 * krb5-32bit-1.19.2-150400.3.12.1 * krb5-debuginfo-1.19.2-150400.3.12.1 * krb5-client-1.19.2-150400.3.12.1 * krb5-32bit-debuginfo-1.19.2-150400.3.12.1 * krb5-plugin-preauth-otp-1.19.2-150400.3.12.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * krb5-plugin-preauth-pkinit-debuginfo-1.19.2-150400.3.12.1 * krb5-plugin-preauth-otp-debuginfo-1.19.2-150400.3.12.1 * krb5-plugin-kdb-ldap-1.19.2-150400.3.12.1 * krb5-1.19.2-150400.3.12.1 * krb5-client-debuginfo-1.19.2-150400.3.12.1 * krb5-debugsource-1.19.2-150400.3.12.1 * krb5-devel-1.19.2-150400.3.12.1 * krb5-debuginfo-1.19.2-150400.3.12.1 * krb5-client-1.19.2-150400.3.12.1 * krb5-server-1.19.2-150400.3.12.1 * krb5-server-debuginfo-1.19.2-150400.3.12.1 * krb5-plugin-preauth-pkinit-1.19.2-150400.3.12.1 * krb5-plugin-preauth-otp-1.19.2-150400.3.12.1 * krb5-plugin-kdb-ldap-debuginfo-1.19.2-150400.3.12.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (x86_64) * krb5-32bit-1.19.2-150400.3.12.1 * krb5-32bit-debuginfo-1.19.2-150400.3.12.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * krb5-plugin-preauth-pkinit-debuginfo-1.19.2-150400.3.12.1 * krb5-plugin-preauth-otp-debuginfo-1.19.2-150400.3.12.1 * krb5-plugin-kdb-ldap-1.19.2-150400.3.12.1 * krb5-1.19.2-150400.3.12.1 * krb5-client-debuginfo-1.19.2-150400.3.12.1 * krb5-debugsource-1.19.2-150400.3.12.1 * krb5-devel-1.19.2-150400.3.12.1 * krb5-debuginfo-1.19.2-150400.3.12.1 * krb5-client-1.19.2-150400.3.12.1 * krb5-server-1.19.2-150400.3.12.1 * krb5-server-debuginfo-1.19.2-150400.3.12.1 * krb5-plugin-preauth-pkinit-1.19.2-150400.3.12.1 * krb5-plugin-preauth-otp-1.19.2-150400.3.12.1 * krb5-plugin-kdb-ldap-debuginfo-1.19.2-150400.3.12.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64) * krb5-32bit-1.19.2-150400.3.12.1 * krb5-32bit-debuginfo-1.19.2-150400.3.12.1 * SUSE Manager Proxy 4.3 (x86_64) * krb5-plugin-preauth-pkinit-debuginfo-1.19.2-150400.3.12.1 * krb5-plugin-preauth-otp-debuginfo-1.19.2-150400.3.12.1 * krb5-plugin-kdb-ldap-1.19.2-150400.3.12.1 * krb5-1.19.2-150400.3.12.1 * krb5-plugin-preauth-pkinit-1.19.2-150400.3.12.1 * krb5-client-debuginfo-1.19.2-150400.3.12.1 * krb5-debugsource-1.19.2-150400.3.12.1 * krb5-devel-1.19.2-150400.3.12.1 * krb5-32bit-1.19.2-150400.3.12.1 * krb5-debuginfo-1.19.2-150400.3.12.1 * krb5-client-1.19.2-150400.3.12.1 * krb5-server-1.19.2-150400.3.12.1 * krb5-server-debuginfo-1.19.2-150400.3.12.1 * krb5-32bit-debuginfo-1.19.2-150400.3.12.1 * krb5-plugin-preauth-otp-1.19.2-150400.3.12.1 * krb5-plugin-kdb-ldap-debuginfo-1.19.2-150400.3.12.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * krb5-plugin-preauth-pkinit-debuginfo-1.19.2-150400.3.12.1 * krb5-plugin-preauth-otp-debuginfo-1.19.2-150400.3.12.1 * krb5-plugin-kdb-ldap-1.19.2-150400.3.12.1 * krb5-1.19.2-150400.3.12.1 * krb5-plugin-preauth-pkinit-1.19.2-150400.3.12.1 * krb5-client-debuginfo-1.19.2-150400.3.12.1 * krb5-debugsource-1.19.2-150400.3.12.1 * krb5-devel-1.19.2-150400.3.12.1 * krb5-32bit-1.19.2-150400.3.12.1 * krb5-debuginfo-1.19.2-150400.3.12.1 * krb5-client-1.19.2-150400.3.12.1 * krb5-server-1.19.2-150400.3.12.1 * krb5-server-debuginfo-1.19.2-150400.3.12.1 * krb5-32bit-debuginfo-1.19.2-150400.3.12.1 * krb5-plugin-preauth-otp-1.19.2-150400.3.12.1 * krb5-plugin-kdb-ldap-debuginfo-1.19.2-150400.3.12.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * krb5-plugin-preauth-pkinit-debuginfo-1.19.2-150400.3.12.1 * krb5-plugin-preauth-otp-debuginfo-1.19.2-150400.3.12.1 * krb5-plugin-kdb-ldap-1.19.2-150400.3.12.1 * krb5-1.19.2-150400.3.12.1 * krb5-client-debuginfo-1.19.2-150400.3.12.1 * krb5-debugsource-1.19.2-150400.3.12.1 * krb5-devel-1.19.2-150400.3.12.1 * krb5-debuginfo-1.19.2-150400.3.12.1 * krb5-client-1.19.2-150400.3.12.1 * krb5-server-1.19.2-150400.3.12.1 * krb5-server-debuginfo-1.19.2-150400.3.12.1 * krb5-plugin-preauth-pkinit-1.19.2-150400.3.12.1 * krb5-plugin-preauth-otp-1.19.2-150400.3.12.1 * krb5-plugin-kdb-ldap-debuginfo-1.19.2-150400.3.12.1 * SUSE Manager Server 4.3 (x86_64) * krb5-32bit-1.19.2-150400.3.12.1 * krb5-32bit-debuginfo-1.19.2-150400.3.12.1 ## References: * https://www.suse.com/security/cve/CVE-2024-37370.html * https://www.suse.com/security/cve/CVE-2024-37371.html * https://bugzilla.suse.com/show_bug.cgi?id=1227186 * https://bugzilla.suse.com/show_bug.cgi?id=1227187 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jul 8 20:30:04 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 08 Jul 2024 20:30:04 -0000 Subject: SUSE-SU-2024:2338-1: important: Security update for the Linux Kernel RT (Live Patch 0 for SLE 15 SP5) Message-ID: <172047060400.23182.2970007013572872715@smelt2.prg2.suse.org> # Security update for the Linux Kernel RT (Live Patch 0 for SLE 15 SP5) Announcement ID: SUSE-SU-2024:2338-1 Rating: important References: * bsc#1220145 * bsc#1223363 * bsc#1223683 Cross-References: * CVE-2024-23307 * CVE-2024-26828 * CVE-2024-26923 CVSS scores: * CVE-2024-23307 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26828 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H * CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves three vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_11 fixes several issues. The following security issues were fixed: * CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683). * CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223363). * CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5 modules (bsc#1220145). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-2338=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-2338=1 ## Package List: * openSUSE Leap 15.5 (x86_64) * kernel-livepatch-5_14_21-150500_11-rt-debuginfo-15-150500.9.2 * kernel-livepatch-5_14_21-150500_11-rt-15-150500.9.2 * kernel-livepatch-SLE15-SP5-RT_Update_0-debugsource-15-150500.9.2 * SUSE Linux Enterprise Live Patching 15-SP5 (x86_64) * kernel-livepatch-5_14_21-150500_11-rt-debuginfo-15-150500.9.2 * kernel-livepatch-5_14_21-150500_11-rt-15-150500.9.2 * kernel-livepatch-SLE15-SP5-RT_Update_0-debugsource-15-150500.9.2 ## References: * https://www.suse.com/security/cve/CVE-2024-23307.html * https://www.suse.com/security/cve/CVE-2024-26828.html * https://www.suse.com/security/cve/CVE-2024-26923.html * https://bugzilla.suse.com/show_bug.cgi?id=1220145 * https://bugzilla.suse.com/show_bug.cgi?id=1223363 * https://bugzilla.suse.com/show_bug.cgi?id=1223683 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jul 9 08:30:05 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 09 Jul 2024 08:30:05 -0000 Subject: SUSE-SU-2024:2341-1: important: Security update for the Linux Kernel (Live Patch 43 for SLE 15 SP2) Message-ID: <172051380524.23242.5008027485157763227@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 43 for SLE 15 SP2) Announcement ID: SUSE-SU-2024:2341-1 Rating: important References: * bsc#1220145 * bsc#1223363 * bsc#1223683 * bsc#1225211 Cross-References: * CVE-2021-47383 * CVE-2024-23307 * CVE-2024-26828 * CVE-2024-26923 CVSS scores: * CVE-2021-47383 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26828 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H * CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise Live Patching 15-SP2 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 An update that solves four vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.3.18-150200_24_172 fixes several issues. The following security issues were fixed: * CVE-2021-47383: Fixed out-of-bound vmalloc access in imageblit (bsc#1225211). * CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683). * CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223363). * CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5 modules (bsc#1220145). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP2 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP2-2024-2341=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP2 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP2_Update_43-debugsource-9-150200.2.1 * kernel-livepatch-5_3_18-150200_24_172-default-9-150200.2.1 * kernel-livepatch-5_3_18-150200_24_172-default-debuginfo-9-150200.2.1 ## References: * https://www.suse.com/security/cve/CVE-2021-47383.html * https://www.suse.com/security/cve/CVE-2024-23307.html * https://www.suse.com/security/cve/CVE-2024-26828.html * https://www.suse.com/security/cve/CVE-2024-26923.html * https://bugzilla.suse.com/show_bug.cgi?id=1220145 * https://bugzilla.suse.com/show_bug.cgi?id=1223363 * https://bugzilla.suse.com/show_bug.cgi?id=1223683 * https://bugzilla.suse.com/show_bug.cgi?id=1225211 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jul 9 12:30:02 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 09 Jul 2024 12:30:02 -0000 Subject: SUSE-SU-2024:2351-1: important: Security update for the Linux Kernel (Live Patch 48 for SLE 15 SP2) Message-ID: <172052820262.18490.1028865034244563540@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 48 for SLE 15 SP2) Announcement ID: SUSE-SU-2024:2351-1 Rating: important References: * bsc#1210619 * bsc#1223363 * bsc#1223683 * bsc#1225211 Cross-References: * CVE-2021-47383 * CVE-2023-1829 * CVE-2024-26828 * CVE-2024-26923 CVSS scores: * CVE-2021-47383 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-1829 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-1829 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26828 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H * CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise Live Patching 15-SP2 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 An update that solves four vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.3.18-150200_24_191 fixes several issues. The following security issues were fixed: * CVE-2021-47383: Fixed out-of-bound vmalloc access in imageblit (bsc#1225211). * CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683). * CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223363). * CVE-2023-1829: Fixed a use-after-free vulnerability in the control index filter (tcindex) (bsc#1210619). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP2 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP2-2024-2351=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP2 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150200_24_191-default-3-150200.5.6.1 * kernel-livepatch-5_3_18-150200_24_191-default-debuginfo-3-150200.5.6.1 * kernel-livepatch-SLE15-SP2_Update_48-debugsource-3-150200.5.6.1 ## References: * https://www.suse.com/security/cve/CVE-2021-47383.html * https://www.suse.com/security/cve/CVE-2023-1829.html * https://www.suse.com/security/cve/CVE-2024-26828.html * https://www.suse.com/security/cve/CVE-2024-26923.html * https://bugzilla.suse.com/show_bug.cgi?id=1210619 * https://bugzilla.suse.com/show_bug.cgi?id=1223363 * https://bugzilla.suse.com/show_bug.cgi?id=1223683 * https://bugzilla.suse.com/show_bug.cgi?id=1225211 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jul 9 12:30:07 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 09 Jul 2024 12:30:07 -0000 Subject: SUSE-SU-2024:2344-1: important: Security update for the Linux Kernel (Live Patch 47 for SLE 15 SP2) Message-ID: <172052820752.18490.14336282757581044608@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 47 for SLE 15 SP2) Announcement ID: SUSE-SU-2024:2344-1 Rating: important References: * bsc#1210619 * bsc#1220145 * bsc#1220537 * bsc#1223059 * bsc#1223363 * bsc#1223514 * bsc#1223683 * bsc#1225211 Cross-References: * CVE-2021-46955 * CVE-2021-47383 * CVE-2022-48651 * CVE-2023-1829 * CVE-2024-23307 * CVE-2024-26828 * CVE-2024-26852 * CVE-2024-26923 CVSS scores: * CVE-2021-46955 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2021-47383 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48651 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-1829 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-1829 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26828 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H * CVE-2024-26852 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise Live Patching 15-SP2 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 An update that solves eight vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.3.18-150200_24_188 fixes several issues. The following security issues were fixed: * CVE-2021-47383: Fixed out-of-bound vmalloc access in imageblit (bsc#1225211). * CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683). * CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223363). * CVE-2021-46955: Fixed an out-of-bounds read with openvswitch, when fragmenting IPv4 packets (bsc#1220537). * CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5 modules (bsc#1220145). * CVE-2024-26852: Fixed use-after-free in ip6_route_mpath_notify() (bsc#1223059). * CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223514). * CVE-2023-1829: Fixed a use-after-free vulnerability in the control index filter (tcindex) (bsc#1210619). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP2 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP2-2024-2344=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP2 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP2_Update_47-debugsource-4-150200.5.6.1 * kernel-livepatch-5_3_18-150200_24_188-default-4-150200.5.6.1 * kernel-livepatch-5_3_18-150200_24_188-default-debuginfo-4-150200.5.6.1 ## References: * https://www.suse.com/security/cve/CVE-2021-46955.html * https://www.suse.com/security/cve/CVE-2021-47383.html * https://www.suse.com/security/cve/CVE-2022-48651.html * https://www.suse.com/security/cve/CVE-2023-1829.html * https://www.suse.com/security/cve/CVE-2024-23307.html * https://www.suse.com/security/cve/CVE-2024-26828.html * https://www.suse.com/security/cve/CVE-2024-26852.html * https://www.suse.com/security/cve/CVE-2024-26923.html * https://bugzilla.suse.com/show_bug.cgi?id=1210619 * https://bugzilla.suse.com/show_bug.cgi?id=1220145 * https://bugzilla.suse.com/show_bug.cgi?id=1220537 * https://bugzilla.suse.com/show_bug.cgi?id=1223059 * https://bugzilla.suse.com/show_bug.cgi?id=1223363 * https://bugzilla.suse.com/show_bug.cgi?id=1223514 * https://bugzilla.suse.com/show_bug.cgi?id=1223683 * https://bugzilla.suse.com/show_bug.cgi?id=1225211 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jul 9 12:30:20 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 09 Jul 2024 12:30:20 -0000 Subject: SUSE-SU-2024:2343-1: important: Security update for the Linux Kernel (Live Patch 46 for SLE 15 SP2) Message-ID: <172052822022.18490.7888035677977348039@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 46 for SLE 15 SP2) Announcement ID: SUSE-SU-2024:2343-1 Rating: important References: * bsc#1210619 * bsc#1218487 * bsc#1220145 * bsc#1220537 * bsc#1222685 * bsc#1223059 * bsc#1223363 * bsc#1223514 * bsc#1223683 * bsc#1225211 Cross-References: * CVE-2021-46955 * CVE-2021-47383 * CVE-2022-48651 * CVE-2023-1829 * CVE-2023-6531 * CVE-2023-6546 * CVE-2024-23307 * CVE-2024-26828 * CVE-2024-26852 * CVE-2024-26923 CVSS scores: * CVE-2021-46955 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2021-47383 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48651 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-1829 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-1829 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6531 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6531 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26828 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H * CVE-2024-26852 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise Live Patching 15-SP2 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 An update that solves 10 vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.3.18-150200_24_183 fixes several issues. The following security issues were fixed: * CVE-2021-47383: Fixed out-of-bound vmalloc access in imageblit (bsc#1225211). * CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683). * CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223363). * CVE-2021-46955: Fixed an out-of-bounds read with openvswitch, when fragmenting IPv4 packets (bsc#1220537). * CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5 modules (bsc#1220145). * CVE-2024-26852: Fixed use-after-free in ip6_route_mpath_notify() (bsc#1223059). * CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223514). * CVE-2023-6546: Fixed a race condition in the GSM 0710 tty multiplexor via the GSMIOC_SETCONF ioctl that could lead to local privilege escalation (bsc#1222685). * CVE-2023-6531: Fixed a use-after-free flaw due to a race problem in the unix garbage collector's deletion of SKB races with unix_stream_read_generic()on the socket that the SKB is queued on (bsc#1218487). * CVE-2023-1829: Fixed a use-after-free vulnerability in the control index filter (tcindex) (bsc#1210619). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP2 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP2-2024-2343=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP2 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150200_24_183-default-5-150200.5.6.1 * kernel-livepatch-SLE15-SP2_Update_46-debugsource-5-150200.5.6.1 * kernel-livepatch-5_3_18-150200_24_183-default-debuginfo-5-150200.5.6.1 ## References: * https://www.suse.com/security/cve/CVE-2021-46955.html * https://www.suse.com/security/cve/CVE-2021-47383.html * https://www.suse.com/security/cve/CVE-2022-48651.html * https://www.suse.com/security/cve/CVE-2023-1829.html * https://www.suse.com/security/cve/CVE-2023-6531.html * https://www.suse.com/security/cve/CVE-2023-6546.html * https://www.suse.com/security/cve/CVE-2024-23307.html * https://www.suse.com/security/cve/CVE-2024-26828.html * https://www.suse.com/security/cve/CVE-2024-26852.html * https://www.suse.com/security/cve/CVE-2024-26923.html * https://bugzilla.suse.com/show_bug.cgi?id=1210619 * https://bugzilla.suse.com/show_bug.cgi?id=1218487 * https://bugzilla.suse.com/show_bug.cgi?id=1220145 * https://bugzilla.suse.com/show_bug.cgi?id=1220537 * https://bugzilla.suse.com/show_bug.cgi?id=1222685 * https://bugzilla.suse.com/show_bug.cgi?id=1223059 * https://bugzilla.suse.com/show_bug.cgi?id=1223363 * https://bugzilla.suse.com/show_bug.cgi?id=1223514 * https://bugzilla.suse.com/show_bug.cgi?id=1223683 * https://bugzilla.suse.com/show_bug.cgi?id=1225211 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jul 9 12:30:31 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 09 Jul 2024 12:30:31 -0000 Subject: SUSE-SU-2024:2342-1: important: Security update for the Linux Kernel (Live Patch 38 for SLE 15 SP3) Message-ID: <172052823141.18490.2273943667653430751@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 38 for SLE 15 SP3) Announcement ID: SUSE-SU-2024:2342-1 Rating: important References: * bsc#1220145 * bsc#1223363 * bsc#1223683 * bsc#1225211 Cross-References: * CVE-2021-47383 * CVE-2024-23307 * CVE-2024-26828 * CVE-2024-26923 CVSS scores: * CVE-2021-47383 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26828 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H * CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise Live Patching 15-SP2 * SUSE Linux Enterprise Live Patching 15-SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves four vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.3.18-150300_59_141 fixes several issues. The following security issues were fixed: * CVE-2021-47383: Fixed out-of-bound vmalloc access in imageblit (bsc#1225211). * CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683). * CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223363). * CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5 modules (bsc#1220145). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP3 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2024-2353=1 SUSE-SLE- Module-Live-Patching-15-SP3-2024-2345=1 SUSE-SLE-Module-Live- Patching-15-SP3-2024-2352=1 * SUSE Linux Enterprise Live Patching 15-SP2 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP2-2024-2342=1 SUSE-SLE- Module-Live-Patching-15-SP2-2024-2346=1 SUSE-SLE-Module-Live- Patching-15-SP2-2024-2347=1 SUSE-SLE-Module-Live-Patching-15-SP2-2024-2348=1 SUSE-SLE-Module-Live-Patching-15-SP2-2024-2349=1 SUSE-SLE-Module-Live- Patching-15-SP2-2024-2350=1 * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-2345=1 SUSE-2024-2352=1 SUSE-2024-2353=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_124-default-14-150300.2.1 * kernel-livepatch-5_3_18-150300_59_141-default-10-150300.2.1 * kernel-livepatch-5_3_18-150300_59_127-default-13-150300.2.1 * SUSE Linux Enterprise Live Patching 15-SP2 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP2_Update_44-debugsource-10-150200.2.1 * kernel-livepatch-5_3_18-150200_24_154-default-14-150200.2.1 * kernel-livepatch-5_3_18-150200_24_157-default-13-150200.2.1 * kernel-livepatch-5_3_18-150200_24_166-default-11-150200.2.1 * kernel-livepatch-5_3_18-150200_24_175-default-debuginfo-10-150200.2.1 * kernel-livepatch-SLE15-SP2_Update_38-debugsource-13-150200.2.1 * kernel-livepatch-SLE15-SP2_Update_45-debugsource-7-150200.2.1 * kernel-livepatch-5_3_18-150200_24_178-default-7-150200.2.1 * kernel-livepatch-SLE15-SP2_Update_39-debugsource-12-150200.2.1 * kernel-livepatch-5_3_18-150200_24_157-default-debuginfo-13-150200.2.1 * kernel-livepatch-5_3_18-150200_24_160-default-debuginfo-12-150200.2.1 * kernel-livepatch-5_3_18-150200_24_154-default-debuginfo-14-150200.2.1 * kernel-livepatch-5_3_18-150200_24_166-default-debuginfo-11-150200.2.1 * kernel-livepatch-5_3_18-150200_24_160-default-12-150200.2.1 * kernel-livepatch-5_3_18-150200_24_175-default-10-150200.2.1 * kernel-livepatch-5_3_18-150200_24_178-default-debuginfo-7-150200.2.1 * kernel-livepatch-SLE15-SP2_Update_37-debugsource-14-150200.2.1 * kernel-livepatch-SLE15-SP2_Update_41-debugsource-11-150200.2.1 * openSUSE Leap 15.3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_124-default-debuginfo-14-150300.2.1 * kernel-livepatch-5_3_18-150300_59_141-default-debuginfo-10-150300.2.1 * kernel-livepatch-SLE15-SP3_Update_38-debugsource-10-150300.2.1 * kernel-livepatch-SLE15-SP3_Update_34-debugsource-13-150300.2.1 * kernel-livepatch-5_3_18-150300_59_141-default-10-150300.2.1 * kernel-livepatch-5_3_18-150300_59_127-default-13-150300.2.1 * kernel-livepatch-5_3_18-150300_59_124-default-14-150300.2.1 * kernel-livepatch-SLE15-SP3_Update_33-debugsource-14-150300.2.1 * kernel-livepatch-5_3_18-150300_59_127-default-debuginfo-13-150300.2.1 * openSUSE Leap 15.3 (x86_64) * kernel-livepatch-5_3_18-150300_59_141-preempt-10-150300.2.1 * kernel-livepatch-5_3_18-150300_59_124-preempt-debuginfo-14-150300.2.1 * kernel-livepatch-5_3_18-150300_59_124-preempt-14-150300.2.1 * kernel-livepatch-5_3_18-150300_59_127-preempt-13-150300.2.1 * kernel-livepatch-5_3_18-150300_59_141-preempt-debuginfo-10-150300.2.1 * kernel-livepatch-5_3_18-150300_59_127-preempt-debuginfo-13-150300.2.1 ## References: * https://www.suse.com/security/cve/CVE-2021-47383.html * https://www.suse.com/security/cve/CVE-2024-23307.html * https://www.suse.com/security/cve/CVE-2024-26828.html * https://www.suse.com/security/cve/CVE-2024-26923.html * https://bugzilla.suse.com/show_bug.cgi?id=1220145 * https://bugzilla.suse.com/show_bug.cgi?id=1223363 * https://bugzilla.suse.com/show_bug.cgi?id=1223683 * https://bugzilla.suse.com/show_bug.cgi?id=1225211 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jul 9 16:30:05 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 09 Jul 2024 16:30:05 -0000 Subject: SUSE-SU-2024:2373-1: important: Security update for the Linux Kernel (Live Patch 42 for SLE 15 SP3) Message-ID: <172054260558.6364.11656895674211800155@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 42 for SLE 15 SP3) Announcement ID: SUSE-SU-2024:2373-1 Rating: important References: * bsc#1210619 * bsc#1218487 * bsc#1220145 * bsc#1220537 * bsc#1221302 * bsc#1222685 * bsc#1223059 * bsc#1223363 * bsc#1223514 * bsc#1223683 * bsc#1225211 Cross-References: * CVE-2021-46955 * CVE-2021-47383 * CVE-2022-48651 * CVE-2023-1829 * CVE-2023-6531 * CVE-2023-6546 * CVE-2024-23307 * CVE-2024-26610 * CVE-2024-26828 * CVE-2024-26852 * CVE-2024-26923 CVSS scores: * CVE-2021-46955 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2021-47383 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48651 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-1829 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-1829 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6531 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6531 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26610 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-26828 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H * CVE-2024-26852 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise Live Patching 15-SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves 11 vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.3.18-150300_59_153 fixes several issues. The following security issues were fixed: * CVE-2021-47383: Fixed out-of-bound vmalloc access in imageblit (bsc#1225211). * CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683). * CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223363). * CVE-2021-46955: Fixed an out-of-bounds read with openvswitch, when fragmenting IPv4 packets (bsc#1220537). * CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5 modules (bsc#1220145). * CVE-2024-26852: Fixed use-after-free in ip6_route_mpath_notify() (bsc#1223059). * CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221302). * CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223514). * CVE-2023-6546: Fixed a race condition in the GSM 0710 tty multiplexor via the GSMIOC_SETCONF ioctl that could lead to local privilege escalation (bsc#1222685). * CVE-2023-6531: Fixed a use-after-free flaw due to a race problem in the unix garbage collector's deletion of SKB races with unix_stream_read_generic()on the socket that the SKB is queued on (bsc#1218487). * CVE-2023-1829: Fixed a use-after-free vulnerability in the control index filter (tcindex) (bsc#1210619). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-2373=1 * SUSE Linux Enterprise Live Patching 15-SP3 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2024-2373=1 ## Package List: * openSUSE Leap 15.3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_153-default-5-150300.7.6.1 * kernel-livepatch-SLE15-SP3_Update_42-debugsource-5-150300.7.6.1 * kernel-livepatch-5_3_18-150300_59_153-default-debuginfo-5-150300.7.6.1 * openSUSE Leap 15.3 (x86_64) * kernel-livepatch-5_3_18-150300_59_153-preempt-5-150300.7.6.1 * kernel-livepatch-5_3_18-150300_59_153-preempt-debuginfo-5-150300.7.6.1 * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_153-default-5-150300.7.6.1 ## References: * https://www.suse.com/security/cve/CVE-2021-46955.html * https://www.suse.com/security/cve/CVE-2021-47383.html * https://www.suse.com/security/cve/CVE-2022-48651.html * https://www.suse.com/security/cve/CVE-2023-1829.html * https://www.suse.com/security/cve/CVE-2023-6531.html * https://www.suse.com/security/cve/CVE-2023-6546.html * https://www.suse.com/security/cve/CVE-2024-23307.html * https://www.suse.com/security/cve/CVE-2024-26610.html * https://www.suse.com/security/cve/CVE-2024-26828.html * https://www.suse.com/security/cve/CVE-2024-26852.html * https://www.suse.com/security/cve/CVE-2024-26923.html * https://bugzilla.suse.com/show_bug.cgi?id=1210619 * https://bugzilla.suse.com/show_bug.cgi?id=1218487 * https://bugzilla.suse.com/show_bug.cgi?id=1220145 * https://bugzilla.suse.com/show_bug.cgi?id=1220537 * https://bugzilla.suse.com/show_bug.cgi?id=1221302 * https://bugzilla.suse.com/show_bug.cgi?id=1222685 * https://bugzilla.suse.com/show_bug.cgi?id=1223059 * https://bugzilla.suse.com/show_bug.cgi?id=1223363 * https://bugzilla.suse.com/show_bug.cgi?id=1223514 * https://bugzilla.suse.com/show_bug.cgi?id=1223683 * https://bugzilla.suse.com/show_bug.cgi?id=1225211 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jul 9 16:30:07 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 09 Jul 2024 16:30:07 -0000 Subject: SUSE-SU-2024:2369-1: important: Security update for the Linux Kernel (Live Patch 44 for SLE 15 SP3) Message-ID: <172054260792.6364.12882999076541593226@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 44 for SLE 15 SP3) Announcement ID: SUSE-SU-2024:2369-1 Rating: important References: * bsc#1210619 * bsc#1223363 * bsc#1223683 * bsc#1225211 Cross-References: * CVE-2021-47383 * CVE-2023-1829 * CVE-2024-26828 * CVE-2024-26923 CVSS scores: * CVE-2021-47383 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-1829 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-1829 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26828 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H * CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise Live Patching 15-SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves four vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.3.18-150300_59_161 fixes several issues. The following security issues were fixed: * CVE-2021-47383: Fixed out-of-bound vmalloc access in imageblit (bsc#1225211). * CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683). * CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223363). * CVE-2023-1829: Fixed a use-after-free vulnerability in the control index filter (tcindex) (bsc#1210619). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-2369=1 * SUSE Linux Enterprise Live Patching 15-SP3 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2024-2369=1 ## Package List: * openSUSE Leap 15.3 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP3_Update_44-debugsource-3-150300.7.6.1 * kernel-livepatch-5_3_18-150300_59_161-default-3-150300.7.6.1 * kernel-livepatch-5_3_18-150300_59_161-default-debuginfo-3-150300.7.6.1 * openSUSE Leap 15.3 (x86_64) * kernel-livepatch-5_3_18-150300_59_161-preempt-3-150300.7.6.1 * kernel-livepatch-5_3_18-150300_59_161-preempt-debuginfo-3-150300.7.6.1 * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_161-default-3-150300.7.6.1 ## References: * https://www.suse.com/security/cve/CVE-2021-47383.html * https://www.suse.com/security/cve/CVE-2023-1829.html * https://www.suse.com/security/cve/CVE-2024-26828.html * https://www.suse.com/security/cve/CVE-2024-26923.html * https://bugzilla.suse.com/show_bug.cgi?id=1210619 * https://bugzilla.suse.com/show_bug.cgi?id=1223363 * https://bugzilla.suse.com/show_bug.cgi?id=1223683 * https://bugzilla.suse.com/show_bug.cgi?id=1225211 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jul 9 16:30:21 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 09 Jul 2024 16:30:21 -0000 Subject: SUSE-SU-2024:2365-1: important: Security update for the Linux Kernel Message-ID: <172054262101.6364.694286057680664321@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2024:2365-1 Rating: important References: * bsc#1171988 * bsc#1191958 * bsc#1195065 * bsc#1195254 * bsc#1202623 * bsc#1218148 * bsc#1219224 * bsc#1222015 * bsc#1223138 * bsc#1223384 * bsc#1224671 * bsc#1224703 * bsc#1224749 * bsc#1224764 * bsc#1224765 * bsc#1224766 * bsc#1224865 * bsc#1225010 * bsc#1225047 * bsc#1225109 * bsc#1225161 * bsc#1225184 * bsc#1225203 * bsc#1225487 * bsc#1225518 * bsc#1225611 * bsc#1225732 * bsc#1225749 * bsc#1225840 * bsc#1225866 * bsc#1226563 * bsc#1226587 * bsc#1226595 * bsc#1226670 * bsc#1226672 * bsc#1226712 * bsc#1226732 * bsc#1226758 * bsc#1226786 * bsc#1226962 Cross-References: * CVE-2020-10135 * CVE-2021-3896 * CVE-2021-43389 * CVE-2021-4439 * CVE-2021-47247 * CVE-2021-47311 * CVE-2021-47328 * CVE-2021-47368 * CVE-2021-47372 * CVE-2021-47379 * CVE-2021-47571 * CVE-2021-47583 * CVE-2022-0435 * CVE-2022-22942 * CVE-2022-2938 * CVE-2022-48711 * CVE-2022-48760 * CVE-2022-48771 * CVE-2023-24023 * CVE-2023-52707 * CVE-2023-52752 * CVE-2023-52881 * CVE-2024-26921 * CVE-2024-26923 * CVE-2024-35789 * CVE-2024-35861 * CVE-2024-35862 * CVE-2024-35864 * CVE-2024-35878 * CVE-2024-35950 * CVE-2024-36894 * CVE-2024-36904 * CVE-2024-36940 * CVE-2024-36964 * CVE-2024-38541 * CVE-2024-38545 * CVE-2024-38559 * CVE-2024-38560 CVSS scores: * CVE-2020-10135 ( SUSE ): 5.0 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2020-10135 ( NVD ): 5.4 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2021-3896 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-43389 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-43389 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-4439 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2021-47247 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47311 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47328 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47368 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2021-47372 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47379 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47571 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47571 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47583 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-0435 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2022-0435 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-22942 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-22942 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-2938 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H * CVE-2022-2938 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48711 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48760 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48771 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2023-24023 ( SUSE ): 6.8 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2023-24023 ( NVD ): 6.8 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2023-52707 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52752 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52752 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52881 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:L * CVE-2024-26921 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35789 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35861 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35862 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35864 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35878 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35950 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36894 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36904 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36940 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-36964 ( SUSE ): 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-38541 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-38545 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38559 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-38560 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Availability Extension 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Live Patching 15-SP2 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 Business Critical Linux 15-SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Manager Proxy 4.1 * SUSE Manager Retail Branch Server 4.1 * SUSE Manager Server 4.1 An update that solves 38 vulnerabilities and has two security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2021-47247: net/mlx5e: Fix use-after-free of encap entry in neigh update handler (bsc#1224865). * CVE-2021-47311: net: qcom/emac: fix UAF in emac_remove (bsc#1225010). * CVE-2021-47368: enetc: Fix illegal access when reading affinity_hint (bsc#1225161). * CVE-2021-47372: net: macb: fix use after free on rmmod (bsc#1225184). * CVE-2021-47379: blk-cgroup: fix UAF by grabbing blkcg lock before destroying blkg pd (bsc#1225203). * CVE-2021-47571: staging: rtl8192e: Fix use after free in _rtl92e_pci_disconnect() (bsc#1225518). * CVE-2022-2938: psi: Fix uaf issue when psi trigger is destroyed while being polled (bsc#1202623). * CVE-2022-48760: USB: core: Fix hang in usb_kill_urb by adding memory barriers (bsc#1226712). * CVE-2023-52707: sched/psi: Fix use-after-free in ep_remove_wait_queue() (bsc#1225109). * CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225487). * CVE-2023-52881: tcp: do not accept ACK of bytes we never sent (bsc#1225611). * CVE-2024-26921: Preserve kabi for sk_buff (bsc#1223138). * CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223384). * CVE-2024-35789: Check fast rx for non-4addr sta VLAN changes (bsc#1224749). * CVE-2024-35861: Fixed potential UAF in cifs_signal_cifsd_for_reconnect() (bsc#1224766). * CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted() (bsc#1224764). * CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break() (bsc#1224765). * CVE-2024-35950: drm/client: Fully protect modes with dev->mode_config.mutex (bsc#1224703). * CVE-2024-36894: usb: gadget: f_fs: Fix race between aio_cancel() and AIO request complete (bsc#1225749). * CVE-2024-36904: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique() (bsc#1225732). * CVE-2024-36940: pinctrl: core: delete incorrect free in pinctrl_enable() (bsc#1225840). * CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000 (bsc#1225866). * CVE-2024-38545: RDMA/hns: Fix UAF for cq async event (bsc#1226595) * CVE-2024-38559: scsi: qedf: Ensure the copied buf is NUL terminated (bsc#1226758). * CVE-2024-38560: scsi: bfa: Ensure the copied buf is NUL terminated (bsc#1226786). The following non-security bugs were fixed: * ocfs2: adjust enabling place for la window (bsc#1219224). * ocfs2: fix sparse warnings (bsc#1219224). * ocfs2: improve write IO performance when fragmentation is high (bsc#1219224). * ocfs2: speed up chain-list searching (bsc#1219224). * x86/tsc: Trust initial offset in architectural TSC-adjust MSRs (bsc#1222015 bsc#1226962). * x86/xen: Drop USERGS_SYSRET64 paravirt call (git-fixes). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP2 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP2-2024-2365=1 * SUSE Linux Enterprise High Availability Extension 15 SP2 zypper in -t patch SUSE-SLE-Product-HA-15-SP2-2024-2365=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-2365=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-2365=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-2365=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP2 (nosrc) * kernel-default-5.3.18-150200.24.197.1 * SUSE Linux Enterprise Live Patching 15-SP2 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150200_24_197-default-1-150200.5.3.1 * kernel-livepatch-SLE15-SP2_Update_50-debugsource-1-150200.5.3.1 * kernel-default-debugsource-5.3.18-150200.24.197.1 * kernel-default-debuginfo-5.3.18-150200.24.197.1 * kernel-default-livepatch-5.3.18-150200.24.197.1 * kernel-livepatch-5_3_18-150200_24_197-default-debuginfo-1-150200.5.3.1 * kernel-default-livepatch-devel-5.3.18-150200.24.197.1 * SUSE Linux Enterprise High Availability Extension 15 SP2 (aarch64 ppc64le s390x x86_64) * cluster-md-kmp-default-5.3.18-150200.24.197.1 * ocfs2-kmp-default-5.3.18-150200.24.197.1 * ocfs2-kmp-default-debuginfo-5.3.18-150200.24.197.1 * dlm-kmp-default-5.3.18-150200.24.197.1 * kernel-default-debugsource-5.3.18-150200.24.197.1 * kernel-default-debuginfo-5.3.18-150200.24.197.1 * cluster-md-kmp-default-debuginfo-5.3.18-150200.24.197.1 * gfs2-kmp-default-debuginfo-5.3.18-150200.24.197.1 * gfs2-kmp-default-5.3.18-150200.24.197.1 * dlm-kmp-default-debuginfo-5.3.18-150200.24.197.1 * SUSE Linux Enterprise High Availability Extension 15 SP2 (nosrc) * kernel-default-5.3.18-150200.24.197.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 nosrc x86_64) * kernel-preempt-5.3.18-150200.24.197.1 * kernel-default-5.3.18-150200.24.197.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * kernel-default-devel-5.3.18-150200.24.197.1 * kernel-preempt-devel-5.3.18-150200.24.197.1 * kernel-syms-5.3.18-150200.24.197.1 * kernel-preempt-debuginfo-5.3.18-150200.24.197.1 * kernel-default-debugsource-5.3.18-150200.24.197.1 * kernel-obs-build-5.3.18-150200.24.197.1 * kernel-default-debuginfo-5.3.18-150200.24.197.1 * kernel-preempt-devel-debuginfo-5.3.18-150200.24.197.1 * kernel-obs-build-debugsource-5.3.18-150200.24.197.1 * kernel-default-devel-debuginfo-5.3.18-150200.24.197.1 * kernel-default-base-5.3.18-150200.24.197.1.150200.9.101.1 * kernel-preempt-debugsource-5.3.18-150200.24.197.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (noarch) * kernel-macros-5.3.18-150200.24.197.1 * kernel-source-5.3.18-150200.24.197.1 * kernel-devel-5.3.18-150200.24.197.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (noarch nosrc) * kernel-docs-5.3.18-150200.24.197.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-5.3.18-150200.24.197.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * kernel-default-devel-5.3.18-150200.24.197.1 * reiserfs-kmp-default-5.3.18-150200.24.197.1 * kernel-syms-5.3.18-150200.24.197.1 * kernel-default-debugsource-5.3.18-150200.24.197.1 * kernel-obs-build-5.3.18-150200.24.197.1 * kernel-default-debuginfo-5.3.18-150200.24.197.1 * reiserfs-kmp-default-debuginfo-5.3.18-150200.24.197.1 * kernel-obs-build-debugsource-5.3.18-150200.24.197.1 * kernel-default-devel-debuginfo-5.3.18-150200.24.197.1 * kernel-default-base-5.3.18-150200.24.197.1.150200.9.101.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (noarch) * kernel-macros-5.3.18-150200.24.197.1 * kernel-source-5.3.18-150200.24.197.1 * kernel-devel-5.3.18-150200.24.197.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (noarch nosrc) * kernel-docs-5.3.18-150200.24.197.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 nosrc x86_64) * kernel-preempt-5.3.18-150200.24.197.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * kernel-preempt-devel-5.3.18-150200.24.197.1 * kernel-preempt-devel-debuginfo-5.3.18-150200.24.197.1 * kernel-preempt-debugsource-5.3.18-150200.24.197.1 * kernel-preempt-debuginfo-5.3.18-150200.24.197.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (nosrc ppc64le x86_64) * kernel-default-5.3.18-150200.24.197.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * kernel-default-devel-5.3.18-150200.24.197.1 * reiserfs-kmp-default-5.3.18-150200.24.197.1 * kernel-syms-5.3.18-150200.24.197.1 * kernel-default-debugsource-5.3.18-150200.24.197.1 * kernel-obs-build-5.3.18-150200.24.197.1 * kernel-default-debuginfo-5.3.18-150200.24.197.1 * reiserfs-kmp-default-debuginfo-5.3.18-150200.24.197.1 * kernel-obs-build-debugsource-5.3.18-150200.24.197.1 * kernel-default-devel-debuginfo-5.3.18-150200.24.197.1 * kernel-default-base-5.3.18-150200.24.197.1.150200.9.101.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (noarch) * kernel-macros-5.3.18-150200.24.197.1 * kernel-source-5.3.18-150200.24.197.1 * kernel-devel-5.3.18-150200.24.197.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (noarch nosrc) * kernel-docs-5.3.18-150200.24.197.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (nosrc x86_64) * kernel-preempt-5.3.18-150200.24.197.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (x86_64) * kernel-preempt-devel-5.3.18-150200.24.197.1 * kernel-preempt-devel-debuginfo-5.3.18-150200.24.197.1 * kernel-preempt-debugsource-5.3.18-150200.24.197.1 * kernel-preempt-debuginfo-5.3.18-150200.24.197.1 ## References: * https://www.suse.com/security/cve/CVE-2020-10135.html * https://www.suse.com/security/cve/CVE-2021-3896.html * https://www.suse.com/security/cve/CVE-2021-43389.html * https://www.suse.com/security/cve/CVE-2021-4439.html * https://www.suse.com/security/cve/CVE-2021-47247.html * https://www.suse.com/security/cve/CVE-2021-47311.html * https://www.suse.com/security/cve/CVE-2021-47328.html * https://www.suse.com/security/cve/CVE-2021-47368.html * https://www.suse.com/security/cve/CVE-2021-47372.html * https://www.suse.com/security/cve/CVE-2021-47379.html * https://www.suse.com/security/cve/CVE-2021-47571.html * https://www.suse.com/security/cve/CVE-2021-47583.html * https://www.suse.com/security/cve/CVE-2022-0435.html * https://www.suse.com/security/cve/CVE-2022-22942.html * https://www.suse.com/security/cve/CVE-2022-2938.html * https://www.suse.com/security/cve/CVE-2022-48711.html * https://www.suse.com/security/cve/CVE-2022-48760.html * https://www.suse.com/security/cve/CVE-2022-48771.html * https://www.suse.com/security/cve/CVE-2023-24023.html * https://www.suse.com/security/cve/CVE-2023-52707.html * https://www.suse.com/security/cve/CVE-2023-52752.html * https://www.suse.com/security/cve/CVE-2023-52881.html * https://www.suse.com/security/cve/CVE-2024-26921.html * https://www.suse.com/security/cve/CVE-2024-26923.html * https://www.suse.com/security/cve/CVE-2024-35789.html * https://www.suse.com/security/cve/CVE-2024-35861.html * https://www.suse.com/security/cve/CVE-2024-35862.html * https://www.suse.com/security/cve/CVE-2024-35864.html * https://www.suse.com/security/cve/CVE-2024-35878.html * https://www.suse.com/security/cve/CVE-2024-35950.html * https://www.suse.com/security/cve/CVE-2024-36894.html * https://www.suse.com/security/cve/CVE-2024-36904.html * https://www.suse.com/security/cve/CVE-2024-36940.html * https://www.suse.com/security/cve/CVE-2024-36964.html * https://www.suse.com/security/cve/CVE-2024-38541.html * https://www.suse.com/security/cve/CVE-2024-38545.html * https://www.suse.com/security/cve/CVE-2024-38559.html * https://www.suse.com/security/cve/CVE-2024-38560.html * https://bugzilla.suse.com/show_bug.cgi?id=1171988 * https://bugzilla.suse.com/show_bug.cgi?id=1191958 * https://bugzilla.suse.com/show_bug.cgi?id=1195065 * https://bugzilla.suse.com/show_bug.cgi?id=1195254 * https://bugzilla.suse.com/show_bug.cgi?id=1202623 * https://bugzilla.suse.com/show_bug.cgi?id=1218148 * https://bugzilla.suse.com/show_bug.cgi?id=1219224 * https://bugzilla.suse.com/show_bug.cgi?id=1222015 * https://bugzilla.suse.com/show_bug.cgi?id=1223138 * https://bugzilla.suse.com/show_bug.cgi?id=1223384 * https://bugzilla.suse.com/show_bug.cgi?id=1224671 * https://bugzilla.suse.com/show_bug.cgi?id=1224703 * https://bugzilla.suse.com/show_bug.cgi?id=1224749 * https://bugzilla.suse.com/show_bug.cgi?id=1224764 * https://bugzilla.suse.com/show_bug.cgi?id=1224765 * https://bugzilla.suse.com/show_bug.cgi?id=1224766 * https://bugzilla.suse.com/show_bug.cgi?id=1224865 * https://bugzilla.suse.com/show_bug.cgi?id=1225010 * https://bugzilla.suse.com/show_bug.cgi?id=1225047 * https://bugzilla.suse.com/show_bug.cgi?id=1225109 * https://bugzilla.suse.com/show_bug.cgi?id=1225161 * https://bugzilla.suse.com/show_bug.cgi?id=1225184 * https://bugzilla.suse.com/show_bug.cgi?id=1225203 * https://bugzilla.suse.com/show_bug.cgi?id=1225487 * https://bugzilla.suse.com/show_bug.cgi?id=1225518 * https://bugzilla.suse.com/show_bug.cgi?id=1225611 * https://bugzilla.suse.com/show_bug.cgi?id=1225732 * https://bugzilla.suse.com/show_bug.cgi?id=1225749 * https://bugzilla.suse.com/show_bug.cgi?id=1225840 * https://bugzilla.suse.com/show_bug.cgi?id=1225866 * https://bugzilla.suse.com/show_bug.cgi?id=1226563 * https://bugzilla.suse.com/show_bug.cgi?id=1226587 * https://bugzilla.suse.com/show_bug.cgi?id=1226595 * https://bugzilla.suse.com/show_bug.cgi?id=1226670 * https://bugzilla.suse.com/show_bug.cgi?id=1226672 * https://bugzilla.suse.com/show_bug.cgi?id=1226712 * https://bugzilla.suse.com/show_bug.cgi?id=1226732 * https://bugzilla.suse.com/show_bug.cgi?id=1226758 * https://bugzilla.suse.com/show_bug.cgi?id=1226786 * https://bugzilla.suse.com/show_bug.cgi?id=1226962 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jul 9 16:30:23 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 09 Jul 2024 16:30:23 -0000 Subject: SUSE-SU-2024:2358-1: important: Security update for the Linux Kernel RT (Live Patch 6 for SLE 15 SP5) Message-ID: <172054262390.6364.16329418185735537726@smelt2.prg2.suse.org> # Security update for the Linux Kernel RT (Live Patch 6 for SLE 15 SP5) Announcement ID: SUSE-SU-2024:2358-1 Rating: important References: * bsc#1220145 * bsc#1223363 * bsc#1223681 * bsc#1223683 Cross-References: * CVE-2024-23307 * CVE-2024-26828 * CVE-2024-26923 * CVE-2024-26930 CVSS scores: * CVE-2024-23307 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26828 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H * CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26930 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26930 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves four vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_13_21 fixes several issues. The following security issues were fixed: * CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683). * CVE-2024-26930: Fixed double free of the ha->vp_map pointer (bsc#1223681). * CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223363). * CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5 modules (bsc#1220145). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-2358=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-2358=1 ## Package List: * openSUSE Leap 15.5 (x86_64) * kernel-livepatch-5_14_21-150500_13_21-rt-10-150500.2.1 * kernel-livepatch-SLE15-SP5-RT_Update_6-debugsource-10-150500.2.1 * kernel-livepatch-5_14_21-150500_13_21-rt-debuginfo-10-150500.2.1 * SUSE Linux Enterprise Live Patching 15-SP5 (x86_64) * kernel-livepatch-5_14_21-150500_13_21-rt-10-150500.2.1 * kernel-livepatch-SLE15-SP5-RT_Update_6-debugsource-10-150500.2.1 * kernel-livepatch-5_14_21-150500_13_21-rt-debuginfo-10-150500.2.1 ## References: * https://www.suse.com/security/cve/CVE-2024-23307.html * https://www.suse.com/security/cve/CVE-2024-26828.html * https://www.suse.com/security/cve/CVE-2024-26923.html * https://www.suse.com/security/cve/CVE-2024-26930.html * https://bugzilla.suse.com/show_bug.cgi?id=1220145 * https://bugzilla.suse.com/show_bug.cgi?id=1223363 * https://bugzilla.suse.com/show_bug.cgi?id=1223681 * https://bugzilla.suse.com/show_bug.cgi?id=1223683 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jul 9 16:30:27 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 09 Jul 2024 16:30:27 -0000 Subject: SUSE-SU-2024:2357-1: important: Security update for the Linux Kernel (Live Patch 43 for SLE 15 SP3) Message-ID: <172054262709.6364.8797968194284902763@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 43 for SLE 15 SP3) Announcement ID: SUSE-SU-2024:2357-1 Rating: important References: * bsc#1210619 * bsc#1220145 * bsc#1220537 * bsc#1221302 * bsc#1223059 * bsc#1223363 * bsc#1223514 * bsc#1223683 * bsc#1225211 Cross-References: * CVE-2021-46955 * CVE-2021-47383 * CVE-2022-48651 * CVE-2023-1829 * CVE-2024-23307 * CVE-2024-26610 * CVE-2024-26828 * CVE-2024-26852 * CVE-2024-26923 CVSS scores: * CVE-2021-46955 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2021-47383 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48651 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-1829 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-1829 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26610 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-26828 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H * CVE-2024-26852 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise Live Patching 15-SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves nine vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.3.18-150300_59_158 fixes several issues. The following security issues were fixed: * CVE-2021-47383: Fixed out-of-bound vmalloc access in imageblit (bsc#1225211). * CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683). * CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223363). * CVE-2021-46955: Fixed an out-of-bounds read with openvswitch, when fragmenting IPv4 packets (bsc#1220537). * CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5 modules (bsc#1220145). * CVE-2024-26852: Fixed use-after-free in ip6_route_mpath_notify() (bsc#1223059). * CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221302). * CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223514). * CVE-2023-1829: Fixed a use-after-free vulnerability in the control index filter (tcindex) (bsc#1210619). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-2357=1 * SUSE Linux Enterprise Live Patching 15-SP3 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2024-2357=1 ## Package List: * openSUSE Leap 15.3 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP3_Update_43-debugsource-4-150300.7.6.1 * kernel-livepatch-5_3_18-150300_59_158-default-debuginfo-4-150300.7.6.1 * kernel-livepatch-5_3_18-150300_59_158-default-4-150300.7.6.1 * openSUSE Leap 15.3 (x86_64) * kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo-4-150300.7.6.1 * kernel-livepatch-5_3_18-150300_59_158-preempt-4-150300.7.6.1 * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_158-default-4-150300.7.6.1 ## References: * https://www.suse.com/security/cve/CVE-2021-46955.html * https://www.suse.com/security/cve/CVE-2021-47383.html * https://www.suse.com/security/cve/CVE-2022-48651.html * https://www.suse.com/security/cve/CVE-2023-1829.html * https://www.suse.com/security/cve/CVE-2024-23307.html * https://www.suse.com/security/cve/CVE-2024-26610.html * https://www.suse.com/security/cve/CVE-2024-26828.html * https://www.suse.com/security/cve/CVE-2024-26852.html * https://www.suse.com/security/cve/CVE-2024-26923.html * https://bugzilla.suse.com/show_bug.cgi?id=1210619 * https://bugzilla.suse.com/show_bug.cgi?id=1220145 * https://bugzilla.suse.com/show_bug.cgi?id=1220537 * https://bugzilla.suse.com/show_bug.cgi?id=1221302 * https://bugzilla.suse.com/show_bug.cgi?id=1223059 * https://bugzilla.suse.com/show_bug.cgi?id=1223363 * https://bugzilla.suse.com/show_bug.cgi?id=1223514 * https://bugzilla.suse.com/show_bug.cgi?id=1223683 * https://bugzilla.suse.com/show_bug.cgi?id=1225211 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jul 9 16:30:29 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 09 Jul 2024 16:30:29 -0000 Subject: SUSE-SU-2024:2368-1: important: Security update for the Linux Kernel (Live Patch 40 for SLE 15 SP3) Message-ID: <172054262934.6364.10120132053991217877@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 40 for SLE 15 SP3) Announcement ID: SUSE-SU-2024:2368-1 Rating: important References: * bsc#1220145 * bsc#1223363 * bsc#1223683 * bsc#1225211 Cross-References: * CVE-2021-47383 * CVE-2024-23307 * CVE-2024-26828 * CVE-2024-26923 CVSS scores: * CVE-2021-47383 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26828 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H * CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise Live Patching 15-SP2 * SUSE Linux Enterprise Live Patching 15-SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves four vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.3.18-150300_59_147 fixes several issues. The following security issues were fixed: * CVE-2021-47383: Fixed out-of-bound vmalloc access in imageblit (bsc#1225211). * CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683). * CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223363). * CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5 modules (bsc#1220145). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP2 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP2-2024-2368=1 SUSE-SLE- Module-Live-Patching-15-SP2-2024-2354=1 * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-2356=1 SUSE-2024-2370=1 SUSE-2024-2355=1 * SUSE Linux Enterprise Live Patching 15-SP3 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2024-2355=1 SUSE-SLE- Module-Live-Patching-15-SP3-2024-2356=1 SUSE-SLE-Module-Live- Patching-15-SP3-2024-2370=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP2 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP2_Update_42-debugsource-11-150200.2.1 * kernel-livepatch-5_3_18-150200_24_163-default-debuginfo-11-150200.2.1 * kernel-livepatch-5_3_18-150200_24_169-default-debuginfo-11-150200.2.1 * kernel-livepatch-5_3_18-150200_24_163-default-11-150200.2.1 * kernel-livepatch-5_3_18-150200_24_169-default-11-150200.2.1 * kernel-livepatch-SLE15-SP2_Update_40-debugsource-11-150200.2.1 * openSUSE Leap 15.3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_130-default-12-150300.2.1 * kernel-livepatch-5_3_18-150300_59_138-default-11-150300.2.1 * kernel-livepatch-SLE15-SP3_Update_35-debugsource-12-150300.2.1 * kernel-livepatch-5_3_18-150300_59_147-default-9-150300.2.1 * kernel-livepatch-5_3_18-150300_59_147-default-debuginfo-9-150300.2.1 * kernel-livepatch-SLE15-SP3_Update_40-debugsource-9-150300.2.1 * kernel-livepatch-5_3_18-150300_59_130-default-debuginfo-12-150300.2.1 * kernel-livepatch-5_3_18-150300_59_138-default-debuginfo-11-150300.2.1 * kernel-livepatch-SLE15-SP3_Update_37-debugsource-11-150300.2.1 * openSUSE Leap 15.3 (x86_64) * kernel-livepatch-5_3_18-150300_59_130-preempt-debuginfo-12-150300.2.1 * kernel-livepatch-5_3_18-150300_59_147-preempt-debuginfo-9-150300.2.1 * kernel-livepatch-5_3_18-150300_59_138-preempt-debuginfo-11-150300.2.1 * kernel-livepatch-5_3_18-150300_59_138-preempt-11-150300.2.1 * kernel-livepatch-5_3_18-150300_59_130-preempt-12-150300.2.1 * kernel-livepatch-5_3_18-150300_59_147-preempt-9-150300.2.1 * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_147-default-9-150300.2.1 * kernel-livepatch-5_3_18-150300_59_130-default-12-150300.2.1 * kernel-livepatch-5_3_18-150300_59_138-default-11-150300.2.1 ## References: * https://www.suse.com/security/cve/CVE-2021-47383.html * https://www.suse.com/security/cve/CVE-2024-23307.html * https://www.suse.com/security/cve/CVE-2024-26828.html * https://www.suse.com/security/cve/CVE-2024-26923.html * https://bugzilla.suse.com/show_bug.cgi?id=1220145 * https://bugzilla.suse.com/show_bug.cgi?id=1223363 * https://bugzilla.suse.com/show_bug.cgi?id=1223683 * https://bugzilla.suse.com/show_bug.cgi?id=1225211 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jul 9 16:31:49 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 09 Jul 2024 16:31:49 -0000 Subject: SUSE-SU-2024:2372-1: important: Security update for the Linux Kernel Message-ID: <172054270925.6364.14177561193741349052@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2024:2372-1 Rating: important References: * bsc#1156395 * bsc#1190336 * bsc#1191958 * bsc#1193883 * bsc#1194826 * bsc#1195065 * bsc#1195254 * bsc#1195341 * bsc#1195349 * bsc#1195775 * bsc#1196746 * bsc#1197915 * bsc#1198014 * bsc#1199295 * bsc#1202767 * bsc#1202780 * bsc#1205205 * bsc#1207361 * bsc#1217912 * bsc#1218148 * bsc#1218570 * bsc#1218820 * bsc#1219224 * bsc#1219633 * bsc#1219847 * bsc#1220368 * bsc#1220812 * bsc#1220958 * bsc#1221086 * bsc#1221282 * bsc#1221958 * bsc#1222015 * bsc#1222072 * bsc#1222080 * bsc#1222241 * bsc#1222254 * bsc#1222364 * bsc#1222893 * bsc#1223013 * bsc#1223018 * bsc#1223265 * bsc#1223384 * bsc#1223641 * bsc#1224020 * bsc#1224331 * bsc#1224488 * bsc#1224497 * bsc#1224498 * bsc#1224504 * bsc#1224520 * bsc#1224539 * bsc#1224540 * bsc#1224552 * bsc#1224583 * bsc#1224588 * bsc#1224602 * bsc#1224603 * bsc#1224605 * bsc#1224612 * bsc#1224614 * bsc#1224619 * bsc#1224661 * bsc#1224662 * bsc#1224670 * bsc#1224671 * bsc#1224674 * bsc#1224677 * bsc#1224679 * bsc#1224696 * bsc#1224703 * bsc#1224712 * bsc#1224716 * bsc#1224719 * bsc#1224735 * bsc#1224749 * bsc#1224764 * bsc#1224765 * bsc#1224766 * bsc#1224935 * bsc#1224946 * bsc#1224951 * bsc#1225050 * bsc#1225098 * bsc#1225105 * bsc#1225300 * bsc#1225389 * bsc#1225391 * bsc#1225419 * bsc#1225426 * bsc#1225448 * bsc#1225452 * bsc#1225467 * bsc#1225475 * bsc#1225484 * bsc#1225487 * bsc#1225514 * bsc#1225518 * bsc#1225535 * bsc#1225585 * bsc#1225602 * bsc#1225611 * bsc#1225681 * bsc#1225692 * bsc#1225698 * bsc#1225699 * bsc#1225704 * bsc#1225714 * bsc#1225726 * bsc#1225732 * bsc#1225737 * bsc#1225749 * bsc#1225758 * bsc#1225759 * bsc#1225760 * bsc#1225767 * bsc#1225770 * bsc#1225823 * bsc#1225834 * bsc#1225840 * bsc#1225866 * bsc#1225872 * bsc#1225894 * bsc#1225945 * bsc#1226022 * bsc#1226131 * bsc#1226145 * bsc#1226149 * bsc#1226155 * bsc#1226211 * bsc#1226212 * bsc#1226226 * bsc#1226514 * bsc#1226520 * bsc#1226537 * bsc#1226538 * bsc#1226539 * bsc#1226550 * bsc#1226552 * bsc#1226553 * bsc#1226554 * bsc#1226556 * bsc#1226557 * bsc#1226558 * bsc#1226559 * bsc#1226561 * bsc#1226562 * bsc#1226563 * bsc#1226564 * bsc#1226566 * bsc#1226567 * bsc#1226569 * bsc#1226572 * bsc#1226575 * bsc#1226576 * bsc#1226577 * bsc#1226579 * bsc#1226580 * bsc#1226581 * bsc#1226582 * bsc#1226583 * bsc#1226585 * bsc#1226587 * bsc#1226588 * bsc#1226593 * bsc#1226595 * bsc#1226597 * bsc#1226601 * bsc#1226602 * bsc#1226603 * bsc#1226607 * bsc#1226610 * bsc#1226614 * bsc#1226616 * bsc#1226617 * bsc#1226618 * bsc#1226619 * bsc#1226621 * bsc#1226622 * bsc#1226624 * bsc#1226626 * bsc#1226628 * bsc#1226629 * bsc#1226632 * bsc#1226633 * bsc#1226634 * bsc#1226637 * bsc#1226643 * bsc#1226644 * bsc#1226645 * bsc#1226647 * bsc#1226650 * bsc#1226653 * bsc#1226657 * bsc#1226658 * bsc#1226669 * bsc#1226670 * bsc#1226672 * bsc#1226673 * bsc#1226674 * bsc#1226675 * bsc#1226678 * bsc#1226679 * bsc#1226683 * bsc#1226685 * bsc#1226686 * bsc#1226690 * bsc#1226691 * bsc#1226692 * bsc#1226693 * bsc#1226696 * bsc#1226697 * bsc#1226698 * bsc#1226699 * bsc#1226701 * bsc#1226702 * bsc#1226703 * bsc#1226704 * bsc#1226705 * bsc#1226706 * bsc#1226708 * bsc#1226709 * bsc#1226710 * bsc#1226711 * bsc#1226712 * bsc#1226713 * bsc#1226715 * bsc#1226716 * bsc#1226718 * bsc#1226719 * bsc#1226720 * bsc#1226721 * bsc#1226730 * bsc#1226732 * bsc#1226734 * bsc#1226735 * bsc#1226737 * bsc#1226738 * bsc#1226739 * bsc#1226740 * bsc#1226744 * bsc#1226746 * bsc#1226747 * bsc#1226749 * bsc#1226754 * bsc#1226762 * bsc#1226764 * bsc#1226767 * bsc#1226768 * bsc#1226769 * bsc#1226771 * bsc#1226774 * bsc#1226777 * bsc#1226780 * bsc#1226781 * bsc#1226785 * bsc#1226786 * bsc#1226789 * bsc#1226791 * bsc#1226839 * bsc#1226840 * bsc#1226841 * bsc#1226842 * bsc#1226848 * bsc#1226852 * bsc#1226857 * bsc#1226861 * bsc#1226863 * bsc#1226864 * bsc#1226867 * bsc#1226868 * bsc#1226876 * bsc#1226878 * bsc#1226883 * bsc#1226886 * bsc#1226890 * bsc#1226891 * bsc#1226895 * bsc#1226908 * bsc#1226915 * bsc#1226928 * bsc#1226948 * bsc#1226949 * bsc#1226950 * bsc#1226953 * bsc#1226962 * bsc#1226976 * bsc#1226992 * bsc#1226994 * bsc#1226996 * bsc#1227066 * bsc#1227096 * bsc#1227101 * bsc#1227103 * bsc#1227274 * jsc#PED-8491 * jsc#PED-8570 * jsc#PED-8690 Cross-References: * CVE-2021-4439 * CVE-2021-47089 * CVE-2021-47432 * CVE-2021-47515 * CVE-2021-47534 * CVE-2021-47538 * CVE-2021-47539 * CVE-2021-47555 * CVE-2021-47566 * CVE-2021-47571 * CVE-2021-47572 * CVE-2021-47576 * CVE-2021-47577 * CVE-2021-47578 * CVE-2021-47580 * CVE-2021-47582 * CVE-2021-47583 * CVE-2021-47584 * CVE-2021-47585 * CVE-2021-47586 * CVE-2021-47587 * CVE-2021-47589 * CVE-2021-47592 * CVE-2021-47595 * CVE-2021-47596 * CVE-2021-47597 * CVE-2021-47600 * CVE-2021-47601 * CVE-2021-47602 * CVE-2021-47603 * CVE-2021-47604 * CVE-2021-47605 * CVE-2021-47607 * CVE-2021-47608 * CVE-2021-47609 * CVE-2021-47610 * CVE-2021-47611 * CVE-2021-47612 * CVE-2021-47614 * CVE-2021-47615 * CVE-2021-47616 * CVE-2021-47617 * CVE-2021-47618 * CVE-2021-47619 * CVE-2021-47620 * CVE-2022-48711 * CVE-2022-48712 * CVE-2022-48713 * CVE-2022-48714 * CVE-2022-48715 * CVE-2022-48716 * CVE-2022-48717 * CVE-2022-48718 * CVE-2022-48720 * CVE-2022-48721 * CVE-2022-48722 * CVE-2022-48723 * CVE-2022-48724 * CVE-2022-48725 * CVE-2022-48726 * CVE-2022-48727 * CVE-2022-48728 * CVE-2022-48729 * CVE-2022-48730 * CVE-2022-48732 * CVE-2022-48733 * CVE-2022-48734 * CVE-2022-48735 * CVE-2022-48736 * CVE-2022-48737 * CVE-2022-48738 * CVE-2022-48739 * CVE-2022-48740 * CVE-2022-48743 * CVE-2022-48744 * CVE-2022-48745 * CVE-2022-48746 * CVE-2022-48747 * CVE-2022-48748 * CVE-2022-48749 * CVE-2022-48751 * CVE-2022-48752 * CVE-2022-48753 * CVE-2022-48754 * CVE-2022-48755 * CVE-2022-48756 * CVE-2022-48758 * CVE-2022-48759 * CVE-2022-48760 * CVE-2022-48761 * CVE-2022-48763 * CVE-2022-48765 * CVE-2022-48766 * CVE-2022-48767 * CVE-2022-48768 * CVE-2022-48769 * CVE-2022-48770 * CVE-2022-48771 * CVE-2022-48772 * CVE-2023-24023 * CVE-2023-52622 * CVE-2023-52658 * CVE-2023-52667 * CVE-2023-52670 * CVE-2023-52672 * CVE-2023-52675 * CVE-2023-52735 * CVE-2023-52737 * CVE-2023-52752 * CVE-2023-52766 * CVE-2023-52784 * CVE-2023-52787 * CVE-2023-52800 * CVE-2023-52835 * CVE-2023-52837 * CVE-2023-52843 * CVE-2023-52845 * CVE-2023-52846 * CVE-2023-52869 * CVE-2023-52881 * CVE-2023-52882 * CVE-2023-52884 * CVE-2024-26625 * CVE-2024-26644 * CVE-2024-26720 * CVE-2024-26842 * CVE-2024-26845 * CVE-2024-26923 * CVE-2024-26973 * CVE-2024-27432 * CVE-2024-33619 * CVE-2024-35247 * CVE-2024-35789 * CVE-2024-35790 * CVE-2024-35807 * CVE-2024-35814 * CVE-2024-35835 * CVE-2024-35848 * CVE-2024-35857 * CVE-2024-35861 * CVE-2024-35862 * CVE-2024-35864 * CVE-2024-35869 * CVE-2024-35878 * CVE-2024-35884 * CVE-2024-35886 * CVE-2024-35896 * CVE-2024-35898 * CVE-2024-35900 * CVE-2024-35905 * CVE-2024-35925 * CVE-2024-35950 * CVE-2024-35956 * CVE-2024-35958 * CVE-2024-35960 * CVE-2024-35962 * CVE-2024-35997 * CVE-2024-36005 * CVE-2024-36008 * CVE-2024-36017 * CVE-2024-36020 * CVE-2024-36021 * CVE-2024-36025 * CVE-2024-36477 * CVE-2024-36478 * CVE-2024-36479 * CVE-2024-36890 * CVE-2024-36894 * CVE-2024-36899 * CVE-2024-36900 * CVE-2024-36904 * CVE-2024-36915 * CVE-2024-36916 * CVE-2024-36917 * CVE-2024-36919 * CVE-2024-36934 * CVE-2024-36937 * CVE-2024-36940 * CVE-2024-36945 * CVE-2024-36949 * CVE-2024-36960 * CVE-2024-36964 * CVE-2024-36965 * CVE-2024-36967 * CVE-2024-36969 * CVE-2024-36971 * CVE-2024-36975 * CVE-2024-36978 * CVE-2024-37021 * CVE-2024-37078 * CVE-2024-37354 * CVE-2024-38381 * CVE-2024-38388 * CVE-2024-38390 * CVE-2024-38540 * CVE-2024-38541 * CVE-2024-38544 * CVE-2024-38545 * CVE-2024-38546 * CVE-2024-38547 * CVE-2024-38548 * CVE-2024-38549 * CVE-2024-38550 * CVE-2024-38552 * CVE-2024-38553 * CVE-2024-38555 * CVE-2024-38556 * CVE-2024-38557 * CVE-2024-38559 * CVE-2024-38560 * CVE-2024-38564 * CVE-2024-38565 * CVE-2024-38567 * CVE-2024-38568 * CVE-2024-38571 * CVE-2024-38573 * CVE-2024-38578 * CVE-2024-38579 * CVE-2024-38580 * CVE-2024-38581 * CVE-2024-38582 * CVE-2024-38583 * CVE-2024-38587 * CVE-2024-38590 * CVE-2024-38591 * CVE-2024-38594 * CVE-2024-38597 * CVE-2024-38599 * CVE-2024-38600 * CVE-2024-38601 * CVE-2024-38603 * CVE-2024-38605 * CVE-2024-38608 * CVE-2024-38616 * CVE-2024-38618 * CVE-2024-38619 * CVE-2024-38621 * CVE-2024-38627 * CVE-2024-38630 * CVE-2024-38633 * CVE-2024-38634 * CVE-2024-38635 * CVE-2024-38659 * CVE-2024-38661 * CVE-2024-38780 * CVE-2024-39301 * CVE-2024-39468 * CVE-2024-39469 * CVE-2024-39471 CVSS scores: * CVE-2021-4439 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2021-47089 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2021-47432 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47515 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47534 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47538 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2021-47539 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2021-47555 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L * CVE-2021-47566 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2021-47571 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47571 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47572 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47572 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47576 ( SUSE ): 3.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:L * CVE-2021-47577 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47578 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47580 ( SUSE ): 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L * CVE-2021-47582 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47583 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47584 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47585 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47586 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47587 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47589 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47592 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47595 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47596 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47597 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2021-47600 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47601 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47602 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47603 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47604 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47605 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47607 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2021-47608 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47609 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47610 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47611 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47612 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47614 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47615 ( SUSE ): 3.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:L * CVE-2021-47616 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47617 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47618 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47619 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47620 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2022-48711 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48712 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2022-48713 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48714 ( SUSE ): 2.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L * CVE-2022-48715 ( SUSE ): 3.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2022-48716 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2022-48717 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2022-48718 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48720 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-48721 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48722 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48723 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48724 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48725 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48726 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48727 ( SUSE ): 4.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2022-48728 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48729 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48730 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2022-48732 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48733 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48734 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48735 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48736 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N * CVE-2022-48737 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N * CVE-2022-48738 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48739 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2022-48740 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48743 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48744 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48745 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48746 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48747 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2022-48748 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L * CVE-2022-48749 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48751 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48752 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48753 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48754 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48755 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48756 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48758 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48759 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48760 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48761 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48763 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48765 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48766 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48767 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48768 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48769 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48770 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48771 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48772 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-24023 ( SUSE ): 6.8 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2023-24023 ( NVD ): 6.8 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2023-52622 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52658 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52667 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52670 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52672 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52675 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52735 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52737 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52752 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52752 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52766 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2023-52784 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52787 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52800 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52835 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2023-52837 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52843 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52845 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52846 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52869 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52881 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:L * CVE-2023-52882 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52884 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26625 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26644 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26720 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26842 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26845 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26973 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27432 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-33619 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35247 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35789 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35790 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35807 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35814 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35835 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35848 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35857 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35861 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35862 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35864 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35869 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35878 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35884 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35886 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35896 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35898 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35900 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35905 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35925 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35950 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35956 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35958 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35960 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35997 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35997 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36005 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36008 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36008 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36017 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-36020 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36021 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36025 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L * CVE-2024-36477 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2024-36477 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36478 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36479 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36890 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36894 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36899 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36900 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36904 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36915 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-36916 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-36917 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36919 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36934 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:L * CVE-2024-36937 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36940 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-36945 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36949 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36960 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-36964 ( SUSE ): 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36965 ( SUSE ): 5.6 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:H * CVE-2024-36967 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36969 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36971 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36971 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36975 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36978 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L * CVE-2024-37021 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-37078 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-37354 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2024-38381 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2024-38388 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-38390 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38540 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38541 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-38544 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38545 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38546 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38547 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38549 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38550 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38552 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-38553 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38555 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38556 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38557 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38559 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-38560 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-38564 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-38565 ( SUSE ): 5.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-38567 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38568 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L * CVE-2024-38571 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38573 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38578 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2024-38579 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-38580 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38581 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-38582 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38583 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-38587 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L * CVE-2024-38590 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38591 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38594 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2024-38597 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38599 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-38600 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38601 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38603 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38605 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38608 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L * CVE-2024-38616 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38618 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38619 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38621 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38627 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38630 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-38633 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38634 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38635 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38659 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:H * CVE-2024-38661 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38780 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38780 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-39301 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-39468 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-39469 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-39471 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.5 * Public Cloud Module 15-SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves 249 vulnerabilities, contains three features and has 45 security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP5 Azure kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2021-47089: kfence: fix memory leak when cat kfence objects (bsc#1220958. * CVE-2021-47432: lib/generic-radix-tree.c: Do not overflow in peek() (bsc#1225391). * CVE-2021-47515: seg6: fix the iif in the IPv6 socket control block (bsc#1225426). * CVE-2021-47538: rxrpc: Fix rxrpc_local leak in rxrpc_lookup_peer() (bsc#1225448). * CVE-2021-47539: rxrpc: Fix rxrpc_peer leak in rxrpc_look_up_bundle() (bsc#1225452). * CVE-2021-47555: net: vlan: fix underflow for the real_dev refcnt (bsc#1225467). * CVE-2021-47566: Fix clearing user buffer by properly using clear_user() (bsc#1225514). * CVE-2021-47571: staging: rtl8192e: Fix use after free in _rtl92e_pci_disconnect() (bsc#1225518). * CVE-2021-47572: net: nexthop: fix null pointer dereference when IPv6 is not enabled (bsc#1225389). * CVE-2022-48716: ASoC: codecs: wcd938x: fix incorrect used of portid (bsc#1226678). * CVE-2023-24023: Bluetooth: Add more enc key size check (bsc#1218148). * CVE-2023-52622: ext4: avoid online resizing failures due to oversized flex bg (bsc#1222080). * CVE-2023-52658: Revert "net/mlx5: Block entering switchdev mode with ns inconsistency" (bsc#1224719). * CVE-2023-52667: net/mlx5e: fix a potential double-free in fs_any_create_groups (bsc#1224603). * CVE-2023-52670: rpmsg: virtio: Free driver_override when rpmsg_remove() (bsc#1224696). * CVE-2023-52672: pipe: wakeup wr_wait after setting max_usage (bsc#1224614). * CVE-2023-52675: powerpc/imc-pmu: Add a null pointer check in update_events_in_group() (bsc#1224504). * CVE-2023-52735: bpf, sockmap: Don't let sock_map_{close,destroy,unhash} call itself (bsc#1225475). * CVE-2023-52737: btrfs: lock the inode in shared mode before starting fiemap (bsc#1225484). * CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225487). * CVE-2023-52784: bonding: stop the device in bond_setup_by_slave() (bsc#1224946). * CVE-2023-52787: blk-mq: make sure active queue usage is held for bio_integrity_prep() (bsc#1225105). * CVE-2023-52835: perf/core: Bail out early if the request AUX area is out of bound (bsc#1225602). * CVE-2023-52837: nbd: fix uaf in nbd_open (bsc#1224935). * CVE-2023-52843: llc: verify mac len before reading mac header (bsc#1224951). * CVE-2023-52845: tipc: Change nla_policy for bearer-related names to NLA_NUL_STRING (bsc#1225585). * CVE-2023-52846: hsr: Prevent use after free in prp_create_tagged_frame() (bsc#1225098). * CVE-2023-52869: pstore/platform: Add check for kstrdup (bsc#1225050). * CVE-2023-52881: tcp: do not accept ACK of bytes we never sent (bsc#1225611). * CVE-2023-52882: clk: sunxi-ng: h6: Reparent CPUX during PLL CPUX rate change (bsc#1225692). * CVE-2024-26625: Call sock_orphan() at release time (bsc#1221086) * CVE-2024-26644: btrfs: do not abort filesystem when attempting to snapshot deleted subvolume (bsc#1221282bsc#1222072). * CVE-2024-26720: mm: Avoid overflows in dirty throttling logic (bsc#1222364). * CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223384). * CVE-2024-26973: fat: fix uninitialized field in nostale filehandles (git- fixesbsc#1223641). * CVE-2024-27432: net: ethernet: mtk_eth_soc: fix PPE hanging issue (bsc#1224716). * CVE-2024-35247: fpga: region: add owner module and take its refcount (bsc#1226948). * CVE-2024-35789: Check fast rx for non-4addr sta VLAN changes (bsc#1224749). * CVE-2024-35790: usb: typec: altmodes/displayport: create sysfs nodes as driver's default device attribute group (bsc#1224712). * CVE-2024-35807: ext4: fix corruption during on-line resize (bsc#1224735). * CVE-2024-35835: net/mlx5e: fix a double-free in arfs_create_groups (bsc#1224605). * CVE-2024-35848: eeprom: at24: fix memory corruption race condition (bsc#1224612). * CVE-2024-35857: icmp: prevent possible NULL dereferences from icmp_build_probe() (bsc#1224619). * CVE-2024-35861: Fixed potential UAF in cifs_signal_cifsd_for_reconnect() (bsc#1224766). * CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted() (bsc#1224764). * CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break() (bsc#1224765). * CVE-2024-35869: smb: client: guarantee refcounted children from parent session (bsc#1224679). * CVE-2024-35884: udp: do not accept non-tunnel GSO skbs landing in a tunnel (bsc#1224520). * CVE-2024-35886: ipv6: Fix infinite recursion in fib6_dump_done() (bsc#1224670). * CVE-2024-35898: netfilter: nf_tables: Fix potential data-race in __nft_flowtable_type_get() (bsc#1224498). * CVE-2024-35900: netfilter: nf_tables: reject new basechain after table flag update (bsc#1224497). * CVE-2024-35925: block: prevent division by zero in blk_rq_stat_sum() (bsc#1224661). * CVE-2024-35950: drm/client: Fully protect modes with dev->mode_config.mutex (bsc#1224703). * CVE-2024-35958: net: ena: Fix incorrect descriptor free behavior (bsc#1224677). * CVE-2024-35960: net/mlx5: Properly link new fs rules into the tree (bsc#1224588). * CVE-2024-35997: Remove I2C_HID_READ_PENDING flag to prevent lock-up (bsc#1224552). * CVE-2024-36005: netfilter: nf_tables: honor table dormant flag from netdev release event path (bsc#1224539). * CVE-2024-36008: ipv4: check for NULL idev in ip_route_use_hint() (bsc#1224540). * CVE-2024-36017: rtnetlink: Correct nested IFLA_VF_VLAN_LIST attribute validation (bsc#1225681). * CVE-2024-36020: i40e: fix vf may be used uninitialized in this function warning (bsc#1225698). * CVE-2024-36021: net: hns3: fix kernel crash when devlink reload during pf initialization (bsc#1225699). * CVE-2024-36478: null_blk: fix null-ptr-dereference while configuring 'power' and 'submit_queues' (bsc#1226841). * CVE-2024-36479: fpga: bridge: add owner module and take its refcount (bsc#1226949). * CVE-2024-36890: mm/slab: make __free(kfree) accept error pointers (bsc#1225714). * CVE-2024-36894: usb: gadget: f_fs: Fix race between aio_cancel() and AIO request complete (bsc#1225749). * CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1225737). * CVE-2024-36900: net: hns3: fix kernel crash when devlink reload during initialization (bsc#1225726). * CVE-2024-36904: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique() (bsc#1225732). * CVE-2024-36915: nfc: llcp: fix nfc_llcp_setsockopt() unsafe copies (bsc#1225758). * CVE-2024-36916: blk-iocost: avoid out of bounds shift (bsc#1225759). * CVE-2024-36917: block: fix overflow in blk_ioctl_discard() (bsc#1225770). * CVE-2024-36919: scsi: bnx2fc: Remove spin_lock_bh while releasing resources after upload (bsc#1225767). * CVE-2024-36934: bna: ensure the copied buf is NUL terminated (bsc#1225760). * CVE-2024-36937: xdp: use flags field to disambiguate broadcast redirect (bsc#1225834). * CVE-2024-36940: pinctrl: core: delete incorrect free in pinctrl_enable() (bsc#1225840). * CVE-2024-36945: net/smc: fix neighbour and rtable leak in smc_ib_find_route() (bsc#1225823). * CVE-2024-36949: amd/amdkfd: sync all devices to wait all processes being evicted (bsc#1225872) * CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000 (bsc#1225866). * CVE-2024-36971: net: fix __dst_negative_advice() race (bsc#1226145). * CVE-2024-36978: net: sched: sch_multiq: fix possible OOB write in multiq_tune() (bsc#1226514). * CVE-2024-37021: fpga: manager: add owner module and take its refcount (bsc#1226950). * CVE-2024-37078: nilfs2: fix potential kernel bug due to lack of writeback flag waiting (bsc#1227066). * CVE-2024-37354: btrfs: fix crash on racing fsync and size-extending write into prealloc (bsc#1227101). * CVE-2024-38545: RDMA/hns: Fix UAF for cq async event (bsc#1226595). * CVE-2024-38553: net: fec: remove .ndo_poll_controller to avoid deadlock (bsc#1226744). * CVE-2024-38555: net/mlx5: Discard command completions in internal error (bsc#1226607). * CVE-2024-38556: net/mlx5: Add a timeout to acquire the command queue semaphore (bsc#1226774). * CVE-2024-38557: net/mlx5: Reload only IB representors upon lag disable/enable (bsc#1226781). * CVE-2024-38559: scsi: qedf: Ensure the copied buf is NUL terminated (bsc#1226785). * CVE-2024-38560: scsi: bfa: Ensure the copied buf is NUL terminated (bsc#1226786). * CVE-2024-38564: bpf: Add BPF_PROG_TYPE_CGROUP_SKB attach type enforcement in BPF_LINK_CREATE (bsc#1226789). * CVE-2024-38568: drivers/perf: hisi: hns3: Fix out-of-bound access when valid event group (bsc#1226771). * CVE-2024-38578: ecryptfs: Fix buffer size for tag 66 packet (bsc#1226634,). * CVE-2024-38580: epoll: be better about file lifetimes (bsc#1226610). * CVE-2024-38594: net: stmmac: move the EST lock to struct stmmac_priv (bsc#1226734). * CVE-2024-38597: eth: sungem: remove .ndo_poll_controller to avoid deadlocks (bsc#1226749). * CVE-2024-38603: drivers/perf: hisi: hns3: Actually use devm_add_action_or_reset() (bsc#1226842). * CVE-2024-38608: net/mlx5e: Fix netif state handling (bsc#1226746). * CVE-2024-38627: stm class: Fix a double free in stm_register_device() (bsc#1226857). * CVE-2024-38659: enic: Validate length of nl attributes in enic_set_vf_port (bsc#1226883). * CVE-2024-38661: s390/ap: Fix crash in AP internal function modify_bitmap() (bsc#1226996). * CVE-2024-38780: dma-buf/sw-sync: do not enable IRQ from sync_print_obj() (bsc#1226886). * CVE-2024-39301: net/9p: fix uninit-value in p9_client_rpc() (bsc#1226994). * CVE-2024-39468: smb: client: fix deadlock in smb2_find_smb_tcon() (bsc#1227103. * CVE-2024-39469: nilfs2: fix nilfs_empty_dir() misjudgment and long loop on I/O errors (bsc#1226992). The following non-security bugs were fixed: * ACPI: resource: Do IRQ override on TongFang GXxHRXx and GMxHGxx (stable- fixes). * ACPICA: Revert "ACPICA: avoid Info: mapping multiple BARs. Your kernel is fine." (git-fixes). * ALSA/hda: intel-dsp-config: Document AVS as dsp_driver option (git-fixes). * ALSA: Fix deadlocks with kctl removals at disconnection (stable-fixes). * ALSA: hda/realtek: Add quirks for Lenovo 13X (stable-fixes). * ALSA: hda/realtek: Adjust G814JZR to use SPI init for amp (git-fixes). * ALSA: hda/realtek: Enable headset mic on IdeaPad 330-17IKB 81DM (git-fixes). * ALSA: hda/realtek: Fix conflicting quirk for PCI SSID 17aa:3820 (git-fixes). * ALSA: hda/realtek: Limit mic boost on N14AP7 (stable-fixes). * ALSA: hda/realtek: Remove Framework Laptop 16 from quirks (git-fixes). * ALSA: hda/realtek: fix mute/micmute LEDs do not work for ProBook 440/460 G11 (stable-fixes). * ALSA: hda/realtek: fix mute/micmute LEDs do not work for ProBook 445/465 G11 (stable-fixes). * ALSA: hda: intel-dsp-config: harden I2C/I2S codec detection (stable-fixes). * ALSA: timer: Set lower bound of start tick time (stable-fixes). * ASoC: amd: acp: add a null check for chip_pdev structure (git-fixes). * ASoC: amd: acp: remove i2s configuration check in acp_i2s_probe() (git- fixes). * ASoC: da7219-aad: fix usage of device_get_named_child_node() (stable-fixes). * ASoC: fsl-asoc-card: set priv->pdev before using it (git-fixes). * ASoC: rt5645: Fix the electric noise due to the CBJ contacts floating (stable-fixes). * ASoC: rt715-sdca: volume step modification (stable-fixes). * ASoC: rt715: add vendor clear control register (stable-fixes). * Add remote for nfs maintainer * Bluetooth: L2CAP: Fix rejecting L2CAP_CONN_PARAM_UPDATE_REQ (git-fixes). * Fix new build warnings regarding unused variables: Changed build warnings: **_*_ 2 warnings ***** * unused-variable (cl) in ../fs/ceph/mds_client.c in ceph_queue_cap_unlink_work ../fs/ceph/mds_client.c: In function 'ceph_queue_cap_unlink_work': ../fs/ceph/mds_client.c:2421:22: warning: unused variable 'cl' [-Wunused-variable] * unused-variable (cl) in ../fs/ceph/mds_client.c in ceph_cap_unlink_work ../fs/ceph/mds_client.c: In function 'ceph_cap_unlink_work': ../fs/ceph/mds_client.c:2436:22: warning: unused variable 'cl' [-Wunused-variable] * HID: core: remove unnecessary WARN_ON() in implement() (git-fixes). * HID: logitech-dj: Fix memory leak in logi_dj_recv_switch_to_dj_mode() (git- fixes). * Input: ili210x - fix ili251x_read_touch_data() return value (git-fixes). * NFS: abort nfs_atomic_open_v23 if name is too long (bsc#1219847). * NFS: add atomic_open for NFSv3 to handle O_TRUNC correctly (bsc#1219847). * NFS: avoid infinite loop in pnfs_update_layout (bsc#1219633 bsc#1226226). * PCI/ASPM: Update save_state when configuration changes (bsc#1226915) * PCI: Clear Secondary Status errors after enumeration (bsc#1226928) * RAS/AMD/ATL: Fix MI300 bank hash (bsc#1225300). * RAS/AMD/ATL: Use system settings for MI300 DRAM to normalized address translation (bsc#1225300). * RDMA/hns: Fix incorrect sge nums calculation (git-fixes) * RDMA/irdma: Drop unused kernel push code (git-fixes) * RDMA/mlx5: Add check for srq max_sge attribute (git-fixes) * USB: class: cdc-wdm: Fix CPU lockup caused by excessive log messages (git- fixes). * USB: xen-hcd: Traverse host/ when CONFIG_USB_XEN_HCD is selected (git- fixes). * X.509: Fix the parser of extended key usage for length (bsc#1218820). * arm64: asm-bug: Add .align 2 to the end of __BUG_ENTRY (git-fixes). * arm64: mm: Batch dsb and isb when populating pgtables (jsc#PED-8690). * arm64: mm: Do not remap pgtables for allocate vs populate (jsc#PED-8690). * arm64: mm: Do not remap pgtables per-cont(pte|pmd) block (jsc#PED-8690). * arm64: mm: do not acquire mutex when rewriting swapper (jsc#PED-8690). * ata: ahci: Clean up sysfs file on error (git-fixes). * ata: libata-core: Fix double free on error (git-fixes). * ata: libata-core: Fix null pointer dereference on error (git-fixes). * batman-adv: Do not accept TT entries for out-of-spec VIDs (git-fixes). * bpf, sockmap: Check for any of tcp_bpf_prots when cloning a listener (git- fixes). * btrfs: avoid copying BTRFS_ROOT_SUBVOL_DEAD flag to snapshot of subvolume being deleted (bsc#1221282). * cachefiles: remove requests from xarray during flushing requests (bsc#1226588). * ceph: add ceph_cap_unlink_work to fire check_caps() immediately (bsc#1226022). * ceph: always check dir caps asynchronously (bsc#1226022). * ceph: always queue a writeback when revoking the Fb caps (bsc#1226022). * ceph: break the check delayed cap loop every 5s (bsc#1226022). * ceph: switch to use cap_delay_lock for the unlink delay list (bsc#1226022). * cgroup: Add annotation for holding namespace_sem in current_cgns_cgroup_from_root() (bsc#1222254). * cgroup: Eliminate the need for cgroup_mutex in proc_cgroup_show() (bsc#1222254). * cgroup: Make operations on the cgroup root_list RCU safe (bsc#1222254). * cgroup: Remove unnecessary list_empty() (bsc#1222254). * cgroup: preserve KABI of cgroup_root (bsc#1222254). * cifs: fix hang in wait_for_response() (bsc#1220812, bsc#1220368). * cpufreq: amd-pstate: Fix the inconsistency in max frequency units (git- fixes). * crypto: ecrdsa - Fix module auto-load on add_key (stable-fixes). * dmaengine: idxd: Fix possible Use-After-Free in irq_process_work_list (git- fixes). * dmaengine: ioatdma: Fix missing kmem_cache_destroy() (git-fixes). * drivers: core: synchronize really_probe() and dev_uevent() (git-fixes). * drm/amd/display: Add VCO speed parameter for DCN31 FPU (stable-fixes). * drm/amd/display: Add dtbclk access to dcn315 (stable-fixes). * drm/amd/display: Exit idle optimizations before HDCP execution (stable- fixes). * drm/amd/display: Set color_mgmt_changed to true on unsuspend (stable-fixes). * drm/amd/display: drop unnecessary NULL checks in debugfs (stable-fixes). * drm/amd/display: revert Exit idle optimizations before HDCP execution (stable-fixes). * drm/amd: Fix shutdown (again) on some SMU v13.0.4/11 platforms (git-fixes). * drm/amdgpu/atomfirmware: add intergrated info v2.3 table (stable-fixes). * drm/amdgpu/mes: fix use-after-free issue (stable-fixes). * drm/amdgpu: Fix the ring buffer size for queue VM flush (stable-fixes). * drm/amdgpu: Update BO eviction priorities (stable-fixes). * drm/amdgpu: add error handle to avoid out-of-bounds (stable-fixes). * drm/amdgpu: fix UBSAN warning in kv_dpm.c (stable-fixes). * drm/amdkfd: Flush the process wq before creating a kfd_process (stable- fixes). * drm/amdkfd: Rework kfd_locked handling (bsc#1225872) * drm/bridge/panel: Fix runtime warning on panel bridge release (git-fixes). * drm/exynos/vidi: fix memory leak in .get_modes() (stable-fixes). * drm/exynos: hdmi: report safe 640x480 mode as a fallback when no EDID found (git-fixes). * drm/i915/dpt: Make DPT object unshrinkable (git-fixes). * drm/i915/gt: Disarm breadcrumbs if engines are already idle (git-fixes). * drm/i915/gt: Fix potential UAF by revoke of fence registers (git-fixes). * drm/i915/guc: avoid FIELD_PREP warning (git-fixes). * drm/i915/mso: using joiner is not possible with eDP MSO (git-fixes). * drm/komeda: check for error-valued pointer (git-fixes). * drm/lima: add mask irq callback to gp and pp (stable-fixes). * drm/lima: mask irqs in timeout path before hard reset (stable-fixes). * drm/msm/a6xx: Avoid a nullptr dereference when speedbin setting fails (git- fixes). * drm/msm/dp: Avoid a long timeout for AUX transfer if nothing connected (git- fixes). * drm/msm/dp: Return IRQ_NONE for unhandled interrupts (stable-fixes). * drm/msm: Enable clamp_to_idle for 7c3 (stable-fixes). * drm/panel-samsung-atna33xc20: Use ktime_get_boottime for delays (stable- fixes). * drm/panel: simple: Add missing display timing flags for KOE TX26D202VM0BWA (git-fixes). * drm/radeon: fix UBSAN warning in kv_dpm.c (stable-fixes). * drm/vmwgfx: 3D disabled should not effect STDU memory limits (git-fixes). * drm/vmwgfx: Filter modes which exceed graphics memory (git-fixes). * gpio: davinci: Validate the obtained number of IRQs (git-fixes). * gpio: tqmx86: fix typo in Kconfig label (git-fixes). * gpio: tqmx86: introduce shadow register for GPIO output value (git-fixes). * gpiolib: cdev: Disallow reconfiguration without direction (uAPI v1) (git- fixes). * hwmon: (shtc1) Fix property misspelling (git-fixes). * i2c: at91: Fix the functionality flags of the slave-only interface (git- fixes). * i2c: designware: Fix the functionality flags of the slave-only interface (git-fixes). * i2c: ocores: set IACK bit after core is enabled (git-fixes). * i2c: testunit: discard write requests while old command is running (git- fixes). * i2c: testunit: do not erase registers after STOP (git-fixes). * iio: accel: fxls8962af: select IIO_BUFFER & IIO_KFIFO_BUF (git-fixes). * iio: adc: ad7266: Fix variable checking bug (git-fixes). * iio: adc: ad9467: fix scan type sign (git-fixes). * iio: chemical: bme680: Fix calibration data variable (git-fixes). * iio: chemical: bme680: Fix overflows in compensate() functions (git-fixes). * iio: chemical: bme680: Fix pressure value output (git-fixes). * iio: chemical: bme680: Fix sensor data read operation (git-fixes). * iio: dac: ad5592r: fix temperature channel scaling value (git-fixes). * iio: imu: inv_icm42600: delete unneeded update watermark call (git-fixes). * intel_th: pci: Add Meteor Lake-S CPU support (stable-fixes). * iommu/amd: Fix sysfs leak in iommu init (git-fixes). * iommu: Return right value in iommu_sva_bind_device() (git-fixes). * iommu: mtk: fix module autoloading (git-fixes). * ipvs: Fix checksumming on GSO of SCTP packets (bsc#1221958) * kbuild: Install dtb files as 0644 in Makefile.dtbinst (git-fixes). * kbuild: do not include include/config/auto.conf from shell scripts (bsc#1227274). * kconfig: doc: fix a typo in the note about 'imply' (git-fixes). * kconfig: fix comparison to constant symbols, 'm', 'n' (git-fixes). * kernel-doc: fix struct_group_tagged() parsing (git-fixes). * lib: memcpy_kunit: Fix an invalid format specifier in an assertion msg (git- fixes). * media: flexcop-usb: clean up endpoint sanity checks (stable-fixes). * media: flexcop-usb: fix sanity check of bNumEndpoints (git-fixes). * media: ipu3-cio2: Use temporary storage for struct device pointer (stable- fixes). * media: lgdt3306a: Add a check against null-pointer-def (stable-fixes). * media: mxl5xx: Move xpt structures off stack (stable-fixes). * media: radio-shark2: Avoid led_names truncations (git-fixes). * media: v4l2-core: hold videodev_lock until dev reg, finishes (stable-fixes). * mei: me: release irq in mei_me_pci_resume error path (git-fixes). * mkspec-dtb: add toplevel symlinks also on arm * mmc: core: Add mmc_gpiod_set_cd_config() function (stable-fixes). * mmc: core: Do not force a retune before RPMB switch (stable-fixes). * mmc: sdhci-acpi: Disable write protect detection on Toshiba WT10-A (stable- fixes). * mmc: sdhci-acpi: Fix Lenovo Yoga Tablet 2 Pro 1380 sdcard slot not working (stable-fixes). * mmc: sdhci-acpi: Sort DMI quirks alphabetically (stable-fixes). * mmc: sdhci-pci: Convert PCIBIOS_* return codes to errnos (git-fixes). * mmc: sdhci: Do not invert write-protect twice (git-fixes). * mmc: sdhci: Do not lock spinlock around mmc_gpio_get_ro() (git-fixes). * mmc: sdhci_am654: Add ITAPDLYSEL in sdhci_j721e_4bit_set_clock (git-fixes). * mmc: sdhci_am654: Add OTAP/ITAP delay enable (git-fixes). * mmc: sdhci_am654: Drop lookup for deprecated ti,otap-del-sel (stable-fixes). * mmc: sdhci_am654: Fix ITAPDLY for HS400 timing (git-fixes). * mtd: rawnand: Bypass a couple of sanity checks during NAND identification (git-fixes). * mtd: rawnand: Ensure ECC configuration is propagated to upper layers (git- fixes). * mtd: rawnand: rockchip: ensure NVDDR timings are rejected (git-fixes). * net/mlx5e: Fix a race in command alloc flow (git-fixes). * net: can: j1939: Initialize unused data in j1939_send_one() (git-fixes). * net: can: j1939: enhanced error handling for tightly received RTS messages in xtp_rx_rts_session_new (git-fixes). * net: can: j1939: recover socket queue on CAN bus error during BAM transmission (git-fixes). * net: ena: Fix redundant device NUMA node override (jsc#PED-8690). * net: mana: Enable MANA driver on ARM64 with 4K page size (jsc#PED-8491). * net: phy: Micrel KSZ8061: fix errata solution not taking effect problem (git-fixes). * net: phy: micrel: add Microchip KSZ 9477 to the device table (git-fixes). * net: usb: ax88179_178a: improve link status logs (git-fixes). * net: usb: ax88179_178a: improve reset check (git-fixes). * net: usb: qmi_wwan: add Telit FN920C04 compositions (stable-fixes). * net: usb: rtl8150 fix unintiatilzed variables in rtl8150_get_link_ksettings (git-fixes). * net: usb: smsc95xx: fix changing LED_SEL bit value updated from EEPROM (git- fixes). * nfsd: optimise recalculate_deny_mode() for a common case (bsc#1217912). * nilfs2: fix potential hang in nilfs_detach_log_writer() (stable-fixes). * nvme: find numa distance only if controller has valid numa id (git-fixes). * nvmet-passthru: propagate status from id override functions (git-fixes). * ocfs2: adjust enabling place for la window (bsc#1219224). * ocfs2: fix sparse warnings (bsc#1219224). * ocfs2: improve write IO performance when fragmentation is high (bsc#1219224). * ocfs2: speed up chain-list searching (bsc#1219224). * pinctrl: fix deadlock in create_pinctrl() when handling -EPROBE_DEFER (git- fixes). * pinctrl: qcom: spmi-gpio: drop broken pm8008 support (git-fixes). * pinctrl: rockchip: fix pinmux bits for RK3328 GPIO2-B pins (git-fixes). * pinctrl: rockchip: fix pinmux bits for RK3328 GPIO3-B pins (git-fixes). * pinctrl: rockchip: fix pinmux reset in rockchip_pmx_set (git-fixes). * pinctrl: rockchip: use dedicated pinctrl type for RK3328 (git-fixes). * random: treat bootloader trust toggle the same way as cpu trust toggle (bsc#1226953). * regulator: bd71815: fix ramp values (git-fixes). * regulator: core: Fix modpost error "regulator_get_regmap" undefined (git- fixes). * regulator: irq_helpers: duplicate IRQ name (stable-fixes). * regulator: vqmmc-ipq4019: fix module autoloading (stable-fixes). * rpm/kernel-obs-build.spec.in: Add iso9660 (bsc#1226212) Some builds do not just create an iso9660 image, but also mount it during build. * rpm/kernel-obs-build.spec.in: Add networking modules for docker (bsc#1226211) docker needs more networking modules, even legacy iptable_nat and _filter. * rpm/kernel-obs-build.spec.in: Include algif_hash, aegis128 and xts modules afgif_hash is needed by some packages (e.g. iwd) for tests, xts is used for LUKS2 volumes by default and aegis128 is useful as AEAD cipher for LUKS2. Wrap the long line to make it readable. * rpm/mkspec-dtb: dtbs have moved to vendor sub-directories in 6.5 By commit 724ba6751532 ("ARM: dts: Move .dts files to vendor sub-directories"). So switch to them. * sched/core: Fix incorrect initialization of the 'burst' parameter in cpu_max_write() (bsc#1226791). * scsi: sd: Update DIX config every time sd_revalidate_disk() is called (bsc#1218570). * smb: client: ensure to try all targets when finding nested links (bsc#1224020). * smb: client: guarantee refcounted children from parent session (bsc#1224679, CVE-35869). * soundwire: cadence: fix invalid PDI offset (stable-fixes). * spi: stm32: Do not warn about spurious interrupts (git-fixes). * supported.conf: Add APM X-Gene SoC hardware monitoring driver (bsc#1223265 jsc#PED-8570) * supported.conf: mark orangefs as optional We do not support orangefs at all (and it is already marked as such), but since there are no SLE consumers of it, mark it as optional. * supported.conf: mark ufs as unsupported UFS is an unsupported filesystem, mark it as such. We still keep it around (not marking as optional), to accommodate any potential migrations from BSD systems. * tty: mcf: MCF54418 has 10 UARTS (git-fixes). * usb-storage: alauda: Check whether the media is initialized (git-fixes). * usb: atm: cxacru: fix endpoint checking in cxacru_bind() (git-fixes). * usb: dwc3: core: remove lock of otg mode during gadget suspend/resume to avoid deadlock (git-fixes). * usb: fotg210-hcd: delete an incorrect bounds test (git-fixes). * usb: gadget: printer: fix races against disable (git-fixes). * usb: musb: da8xx: fix a resource leak in probe() (git-fixes). * usb: typec: tcpm: Ignore received Hard Reset in TOGGLING state (git-fixes). * usb: typec: tcpm: fix use-after-free case in tcpm_register_source_caps (git- fixes). * usb: typec: ucsi: Ack also failed Get Error commands (git-fixes). * usb: typec: ucsi: Never send a lone connector change ack (git-fixes). * usb: xhci: Implement xhci_handshake_check_state() helper (git-fixes). * usb: xhci: address off-by-one in xhci_num_trbs_free() (git-fixes). * usb: xhci: improve debug message in xhci_ring_expansion_needed() (git- fixes). * watchdog: bd9576: Drop "always-running" property (git-fixes). * watchdog: bd9576_wdt: switch to using devm_fwnode_gpiod_get() (stable- fixes). * wifi: cfg80211: Lock wiphy in cfg80211_get_station (git-fixes). * wifi: cfg80211: fix the order of arguments for trace events of the tx_rx_evt class (stable-fixes). * wifi: cfg80211: pmsr: use correct nla_get_uX functions (git-fixes). * wifi: iwlwifi: dbg_ini: move iwl_dbg_tlv_free outside of debugfs ifdef (git- fixes). * wifi: iwlwifi: mvm: check n_ssids before accessing the ssids (git-fixes). * wifi: iwlwifi: mvm: do not read past the mfuart notifcation (git-fixes). * wifi: iwlwifi: mvm: revert gen2 TX A-MPDU size to 64 (git-fixes). * wifi: mac80211: Fix deadlock in ieee80211_sta_ps_deliver_wakeup() (git- fixes). * wifi: mac80211: correctly parse Spatial Reuse Parameter Set element (git- fixes). * wifi: mac80211: mesh: Fix leak of mesh_preq_queue objects (git-fixes). * wifi: rtl8xxxu: Fix the TX power of RTL8192CU, RTL8723AU (stable-fixes). * wifi: rtlwifi: rtl8192de: Fix endianness issue in RX path (stable-fixes). * wifi: rtlwifi: rtl8192de: Fix low speed with WPA3-SAE (stable-fixes). * x86/mce: Dynamically size space for machine check records (bsc#1222241). * x86/tsc: Trust initial offset in architectural TSC-adjust MSRs (bsc#1222015 bsc#1226962). * xfs: make sure sb_fdblocks is non-negative (bsc#1225419). * xhci: Fix failure to detect ring expansion need (git-fixes). * xhci: Fix transfer ring expansion size calculation (git-fixes). * xhci: Handle TD clearing for multiple streams case (git-fixes). * xhci: Simplify event ring dequeue pointer update for port change events (git-fixes). * xhci: Stop unnecessary tracking of free trbs in a ring (git-fixes). * xhci: fix matching completion events with TDs (git-fixes). * xhci: remove unused stream_id parameter from xhci_handle_halted_endpoint() (git-fixes). * xhci: restre deleted trb fields for tracing (git-fixes). * xhci: retry Stop Endpoint on buggy NEC controllers (git-fixes). * xhci: simplify event ring dequeue tracking for transfer events (git-fixes). * xhci: update event ring dequeue pointer position to controller correctly (git-fixes). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Public Cloud Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP5-2024-2372=1 * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-2372=1 openSUSE-SLE-15.5-2024-2372=1 ## Package List: * Public Cloud Module 15-SP5 (aarch64 nosrc x86_64) * kernel-azure-5.14.21-150500.33.60.1 * Public Cloud Module 15-SP5 (aarch64 x86_64) * kernel-azure-devel-debuginfo-5.14.21-150500.33.60.1 * kernel-syms-azure-5.14.21-150500.33.60.1 * kernel-azure-devel-5.14.21-150500.33.60.1 * kernel-azure-debugsource-5.14.21-150500.33.60.1 * kernel-azure-debuginfo-5.14.21-150500.33.60.1 * Public Cloud Module 15-SP5 (noarch) * kernel-devel-azure-5.14.21-150500.33.60.1 * kernel-source-azure-5.14.21-150500.33.60.1 * openSUSE Leap 15.5 (aarch64 x86_64) * kernel-syms-azure-5.14.21-150500.33.60.1 * kernel-azure-optional-5.14.21-150500.33.60.1 * kernel-azure-extra-debuginfo-5.14.21-150500.33.60.1 * kernel-azure-debugsource-5.14.21-150500.33.60.1 * ocfs2-kmp-azure-5.14.21-150500.33.60.1 * kernel-azure-debuginfo-5.14.21-150500.33.60.1 * kselftests-kmp-azure-debuginfo-5.14.21-150500.33.60.1 * dlm-kmp-azure-debuginfo-5.14.21-150500.33.60.1 * reiserfs-kmp-azure-5.14.21-150500.33.60.1 * cluster-md-kmp-azure-debuginfo-5.14.21-150500.33.60.1 * kernel-azure-devel-5.14.21-150500.33.60.1 * reiserfs-kmp-azure-debuginfo-5.14.21-150500.33.60.1 * kernel-azure-livepatch-devel-5.14.21-150500.33.60.1 * kselftests-kmp-azure-5.14.21-150500.33.60.1 * gfs2-kmp-azure-debuginfo-5.14.21-150500.33.60.1 * kernel-azure-extra-5.14.21-150500.33.60.1 * ocfs2-kmp-azure-debuginfo-5.14.21-150500.33.60.1 * kernel-azure-devel-debuginfo-5.14.21-150500.33.60.1 * kernel-azure-optional-debuginfo-5.14.21-150500.33.60.1 * gfs2-kmp-azure-5.14.21-150500.33.60.1 * cluster-md-kmp-azure-5.14.21-150500.33.60.1 * dlm-kmp-azure-5.14.21-150500.33.60.1 * openSUSE Leap 15.5 (aarch64 nosrc x86_64) * kernel-azure-5.14.21-150500.33.60.1 * openSUSE Leap 15.5 (x86_64) * kernel-azure-vdso-5.14.21-150500.33.60.1 * kernel-azure-vdso-debuginfo-5.14.21-150500.33.60.1 * openSUSE Leap 15.5 (noarch) * kernel-devel-azure-5.14.21-150500.33.60.1 * kernel-source-azure-5.14.21-150500.33.60.1 ## References: * https://www.suse.com/security/cve/CVE-2021-4439.html * https://www.suse.com/security/cve/CVE-2021-47089.html * https://www.suse.com/security/cve/CVE-2021-47432.html * https://www.suse.com/security/cve/CVE-2021-47515.html * https://www.suse.com/security/cve/CVE-2021-47534.html * https://www.suse.com/security/cve/CVE-2021-47538.html * https://www.suse.com/security/cve/CVE-2021-47539.html * https://www.suse.com/security/cve/CVE-2021-47555.html * https://www.suse.com/security/cve/CVE-2021-47566.html * https://www.suse.com/security/cve/CVE-2021-47571.html * https://www.suse.com/security/cve/CVE-2021-47572.html * https://www.suse.com/security/cve/CVE-2021-47576.html * https://www.suse.com/security/cve/CVE-2021-47577.html * https://www.suse.com/security/cve/CVE-2021-47578.html * https://www.suse.com/security/cve/CVE-2021-47580.html * https://www.suse.com/security/cve/CVE-2021-47582.html * https://www.suse.com/security/cve/CVE-2021-47583.html * https://www.suse.com/security/cve/CVE-2021-47584.html * https://www.suse.com/security/cve/CVE-2021-47585.html * https://www.suse.com/security/cve/CVE-2021-47586.html * https://www.suse.com/security/cve/CVE-2021-47587.html * https://www.suse.com/security/cve/CVE-2021-47589.html * https://www.suse.com/security/cve/CVE-2021-47592.html * https://www.suse.com/security/cve/CVE-2021-47595.html * https://www.suse.com/security/cve/CVE-2021-47596.html * https://www.suse.com/security/cve/CVE-2021-47597.html * https://www.suse.com/security/cve/CVE-2021-47600.html * https://www.suse.com/security/cve/CVE-2021-47601.html * https://www.suse.com/security/cve/CVE-2021-47602.html * https://www.suse.com/security/cve/CVE-2021-47603.html * https://www.suse.com/security/cve/CVE-2021-47604.html * https://www.suse.com/security/cve/CVE-2021-47605.html * https://www.suse.com/security/cve/CVE-2021-47607.html * https://www.suse.com/security/cve/CVE-2021-47608.html * https://www.suse.com/security/cve/CVE-2021-47609.html * https://www.suse.com/security/cve/CVE-2021-47610.html * https://www.suse.com/security/cve/CVE-2021-47611.html * https://www.suse.com/security/cve/CVE-2021-47612.html * https://www.suse.com/security/cve/CVE-2021-47614.html * https://www.suse.com/security/cve/CVE-2021-47615.html * https://www.suse.com/security/cve/CVE-2021-47616.html * https://www.suse.com/security/cve/CVE-2021-47617.html * https://www.suse.com/security/cve/CVE-2021-47618.html * https://www.suse.com/security/cve/CVE-2021-47619.html * https://www.suse.com/security/cve/CVE-2021-47620.html * https://www.suse.com/security/cve/CVE-2022-48711.html * https://www.suse.com/security/cve/CVE-2022-48712.html * https://www.suse.com/security/cve/CVE-2022-48713.html * https://www.suse.com/security/cve/CVE-2022-48714.html * https://www.suse.com/security/cve/CVE-2022-48715.html * https://www.suse.com/security/cve/CVE-2022-48716.html * https://www.suse.com/security/cve/CVE-2022-48717.html * https://www.suse.com/security/cve/CVE-2022-48718.html * https://www.suse.com/security/cve/CVE-2022-48720.html * https://www.suse.com/security/cve/CVE-2022-48721.html * https://www.suse.com/security/cve/CVE-2022-48722.html * https://www.suse.com/security/cve/CVE-2022-48723.html * https://www.suse.com/security/cve/CVE-2022-48724.html * https://www.suse.com/security/cve/CVE-2022-48725.html * https://www.suse.com/security/cve/CVE-2022-48726.html * https://www.suse.com/security/cve/CVE-2022-48727.html * https://www.suse.com/security/cve/CVE-2022-48728.html * https://www.suse.com/security/cve/CVE-2022-48729.html * https://www.suse.com/security/cve/CVE-2022-48730.html * https://www.suse.com/security/cve/CVE-2022-48732.html * https://www.suse.com/security/cve/CVE-2022-48733.html * https://www.suse.com/security/cve/CVE-2022-48734.html * https://www.suse.com/security/cve/CVE-2022-48735.html * https://www.suse.com/security/cve/CVE-2022-48736.html * https://www.suse.com/security/cve/CVE-2022-48737.html * https://www.suse.com/security/cve/CVE-2022-48738.html * https://www.suse.com/security/cve/CVE-2022-48739.html * https://www.suse.com/security/cve/CVE-2022-48740.html * https://www.suse.com/security/cve/CVE-2022-48743.html * https://www.suse.com/security/cve/CVE-2022-48744.html * https://www.suse.com/security/cve/CVE-2022-48745.html * https://www.suse.com/security/cve/CVE-2022-48746.html * https://www.suse.com/security/cve/CVE-2022-48747.html * https://www.suse.com/security/cve/CVE-2022-48748.html * https://www.suse.com/security/cve/CVE-2022-48749.html * https://www.suse.com/security/cve/CVE-2022-48751.html * https://www.suse.com/security/cve/CVE-2022-48752.html * https://www.suse.com/security/cve/CVE-2022-48753.html * https://www.suse.com/security/cve/CVE-2022-48754.html * https://www.suse.com/security/cve/CVE-2022-48755.html * https://www.suse.com/security/cve/CVE-2022-48756.html * https://www.suse.com/security/cve/CVE-2022-48758.html * https://www.suse.com/security/cve/CVE-2022-48759.html * https://www.suse.com/security/cve/CVE-2022-48760.html * https://www.suse.com/security/cve/CVE-2022-48761.html * https://www.suse.com/security/cve/CVE-2022-48763.html * https://www.suse.com/security/cve/CVE-2022-48765.html * https://www.suse.com/security/cve/CVE-2022-48766.html * https://www.suse.com/security/cve/CVE-2022-48767.html * https://www.suse.com/security/cve/CVE-2022-48768.html * https://www.suse.com/security/cve/CVE-2022-48769.html * https://www.suse.com/security/cve/CVE-2022-48770.html * https://www.suse.com/security/cve/CVE-2022-48771.html * https://www.suse.com/security/cve/CVE-2022-48772.html * https://www.suse.com/security/cve/CVE-2023-24023.html * https://www.suse.com/security/cve/CVE-2023-52622.html * https://www.suse.com/security/cve/CVE-2023-52658.html * https://www.suse.com/security/cve/CVE-2023-52667.html * https://www.suse.com/security/cve/CVE-2023-52670.html * https://www.suse.com/security/cve/CVE-2023-52672.html * https://www.suse.com/security/cve/CVE-2023-52675.html * https://www.suse.com/security/cve/CVE-2023-52735.html * https://www.suse.com/security/cve/CVE-2023-52737.html * https://www.suse.com/security/cve/CVE-2023-52752.html * https://www.suse.com/security/cve/CVE-2023-52766.html * https://www.suse.com/security/cve/CVE-2023-52784.html * https://www.suse.com/security/cve/CVE-2023-52787.html * https://www.suse.com/security/cve/CVE-2023-52800.html * https://www.suse.com/security/cve/CVE-2023-52835.html * https://www.suse.com/security/cve/CVE-2023-52837.html * https://www.suse.com/security/cve/CVE-2023-52843.html * https://www.suse.com/security/cve/CVE-2023-52845.html * https://www.suse.com/security/cve/CVE-2023-52846.html * https://www.suse.com/security/cve/CVE-2023-52869.html * https://www.suse.com/security/cve/CVE-2023-52881.html * https://www.suse.com/security/cve/CVE-2023-52882.html * https://www.suse.com/security/cve/CVE-2023-52884.html * https://www.suse.com/security/cve/CVE-2024-26625.html * https://www.suse.com/security/cve/CVE-2024-26644.html * https://www.suse.com/security/cve/CVE-2024-26720.html * https://www.suse.com/security/cve/CVE-2024-26842.html * https://www.suse.com/security/cve/CVE-2024-26845.html * https://www.suse.com/security/cve/CVE-2024-26923.html * https://www.suse.com/security/cve/CVE-2024-26973.html * https://www.suse.com/security/cve/CVE-2024-27432.html * https://www.suse.com/security/cve/CVE-2024-33619.html * https://www.suse.com/security/cve/CVE-2024-35247.html * https://www.suse.com/security/cve/CVE-2024-35789.html * https://www.suse.com/security/cve/CVE-2024-35790.html * https://www.suse.com/security/cve/CVE-2024-35807.html * https://www.suse.com/security/cve/CVE-2024-35814.html * https://www.suse.com/security/cve/CVE-2024-35835.html * https://www.suse.com/security/cve/CVE-2024-35848.html * https://www.suse.com/security/cve/CVE-2024-35857.html * https://www.suse.com/security/cve/CVE-2024-35861.html * https://www.suse.com/security/cve/CVE-2024-35862.html * https://www.suse.com/security/cve/CVE-2024-35864.html * https://www.suse.com/security/cve/CVE-2024-35869.html * https://www.suse.com/security/cve/CVE-2024-35878.html * https://www.suse.com/security/cve/CVE-2024-35884.html * https://www.suse.com/security/cve/CVE-2024-35886.html * https://www.suse.com/security/cve/CVE-2024-35896.html * https://www.suse.com/security/cve/CVE-2024-35898.html * https://www.suse.com/security/cve/CVE-2024-35900.html * https://www.suse.com/security/cve/CVE-2024-35905.html * https://www.suse.com/security/cve/CVE-2024-35925.html * https://www.suse.com/security/cve/CVE-2024-35950.html * https://www.suse.com/security/cve/CVE-2024-35956.html * https://www.suse.com/security/cve/CVE-2024-35958.html * https://www.suse.com/security/cve/CVE-2024-35960.html * https://www.suse.com/security/cve/CVE-2024-35962.html * https://www.suse.com/security/cve/CVE-2024-35997.html * https://www.suse.com/security/cve/CVE-2024-36005.html * https://www.suse.com/security/cve/CVE-2024-36008.html * https://www.suse.com/security/cve/CVE-2024-36017.html * https://www.suse.com/security/cve/CVE-2024-36020.html * https://www.suse.com/security/cve/CVE-2024-36021.html * https://www.suse.com/security/cve/CVE-2024-36025.html * https://www.suse.com/security/cve/CVE-2024-36477.html * https://www.suse.com/security/cve/CVE-2024-36478.html * https://www.suse.com/security/cve/CVE-2024-36479.html * https://www.suse.com/security/cve/CVE-2024-36890.html * https://www.suse.com/security/cve/CVE-2024-36894.html * https://www.suse.com/security/cve/CVE-2024-36899.html * https://www.suse.com/security/cve/CVE-2024-36900.html * https://www.suse.com/security/cve/CVE-2024-36904.html * https://www.suse.com/security/cve/CVE-2024-36915.html * https://www.suse.com/security/cve/CVE-2024-36916.html * https://www.suse.com/security/cve/CVE-2024-36917.html * https://www.suse.com/security/cve/CVE-2024-36919.html * https://www.suse.com/security/cve/CVE-2024-36934.html * https://www.suse.com/security/cve/CVE-2024-36937.html * https://www.suse.com/security/cve/CVE-2024-36940.html * https://www.suse.com/security/cve/CVE-2024-36945.html * https://www.suse.com/security/cve/CVE-2024-36949.html * https://www.suse.com/security/cve/CVE-2024-36960.html * https://www.suse.com/security/cve/CVE-2024-36964.html * https://www.suse.com/security/cve/CVE-2024-36965.html * https://www.suse.com/security/cve/CVE-2024-36967.html * https://www.suse.com/security/cve/CVE-2024-36969.html * https://www.suse.com/security/cve/CVE-2024-36971.html * https://www.suse.com/security/cve/CVE-2024-36975.html * https://www.suse.com/security/cve/CVE-2024-36978.html * https://www.suse.com/security/cve/CVE-2024-37021.html * https://www.suse.com/security/cve/CVE-2024-37078.html * https://www.suse.com/security/cve/CVE-2024-37354.html * https://www.suse.com/security/cve/CVE-2024-38381.html * https://www.suse.com/security/cve/CVE-2024-38388.html * https://www.suse.com/security/cve/CVE-2024-38390.html * https://www.suse.com/security/cve/CVE-2024-38540.html * https://www.suse.com/security/cve/CVE-2024-38541.html * https://www.suse.com/security/cve/CVE-2024-38544.html * https://www.suse.com/security/cve/CVE-2024-38545.html * https://www.suse.com/security/cve/CVE-2024-38546.html * https://www.suse.com/security/cve/CVE-2024-38547.html * https://www.suse.com/security/cve/CVE-2024-38548.html * https://www.suse.com/security/cve/CVE-2024-38549.html * https://www.suse.com/security/cve/CVE-2024-38550.html * https://www.suse.com/security/cve/CVE-2024-38552.html * https://www.suse.com/security/cve/CVE-2024-38553.html * https://www.suse.com/security/cve/CVE-2024-38555.html * https://www.suse.com/security/cve/CVE-2024-38556.html * https://www.suse.com/security/cve/CVE-2024-38557.html * https://www.suse.com/security/cve/CVE-2024-38559.html * https://www.suse.com/security/cve/CVE-2024-38560.html * https://www.suse.com/security/cve/CVE-2024-38564.html * https://www.suse.com/security/cve/CVE-2024-38565.html * https://www.suse.com/security/cve/CVE-2024-38567.html * https://www.suse.com/security/cve/CVE-2024-38568.html * https://www.suse.com/security/cve/CVE-2024-38571.html * https://www.suse.com/security/cve/CVE-2024-38573.html * https://www.suse.com/security/cve/CVE-2024-38578.html * https://www.suse.com/security/cve/CVE-2024-38579.html * https://www.suse.com/security/cve/CVE-2024-38580.html * https://www.suse.com/security/cve/CVE-2024-38581.html * https://www.suse.com/security/cve/CVE-2024-38582.html * https://www.suse.com/security/cve/CVE-2024-38583.html * https://www.suse.com/security/cve/CVE-2024-38587.html * https://www.suse.com/security/cve/CVE-2024-38590.html * https://www.suse.com/security/cve/CVE-2024-38591.html * https://www.suse.com/security/cve/CVE-2024-38594.html * https://www.suse.com/security/cve/CVE-2024-38597.html * https://www.suse.com/security/cve/CVE-2024-38599.html * https://www.suse.com/security/cve/CVE-2024-38600.html * https://www.suse.com/security/cve/CVE-2024-38601.html * https://www.suse.com/security/cve/CVE-2024-38603.html * https://www.suse.com/security/cve/CVE-2024-38605.html * https://www.suse.com/security/cve/CVE-2024-38608.html * https://www.suse.com/security/cve/CVE-2024-38616.html * https://www.suse.com/security/cve/CVE-2024-38618.html * https://www.suse.com/security/cve/CVE-2024-38619.html * https://www.suse.com/security/cve/CVE-2024-38621.html * https://www.suse.com/security/cve/CVE-2024-38627.html * https://www.suse.com/security/cve/CVE-2024-38630.html * https://www.suse.com/security/cve/CVE-2024-38633.html * https://www.suse.com/security/cve/CVE-2024-38634.html * https://www.suse.com/security/cve/CVE-2024-38635.html * https://www.suse.com/security/cve/CVE-2024-38659.html * https://www.suse.com/security/cve/CVE-2024-38661.html * https://www.suse.com/security/cve/CVE-2024-38780.html * https://www.suse.com/security/cve/CVE-2024-39301.html * https://www.suse.com/security/cve/CVE-2024-39468.html * https://www.suse.com/security/cve/CVE-2024-39469.html * https://www.suse.com/security/cve/CVE-2024-39471.html * https://bugzilla.suse.com/show_bug.cgi?id=1156395 * https://bugzilla.suse.com/show_bug.cgi?id=1190336 * https://bugzilla.suse.com/show_bug.cgi?id=1191958 * https://bugzilla.suse.com/show_bug.cgi?id=1193883 * https://bugzilla.suse.com/show_bug.cgi?id=1194826 * https://bugzilla.suse.com/show_bug.cgi?id=1195065 * https://bugzilla.suse.com/show_bug.cgi?id=1195254 * https://bugzilla.suse.com/show_bug.cgi?id=1195341 * https://bugzilla.suse.com/show_bug.cgi?id=1195349 * https://bugzilla.suse.com/show_bug.cgi?id=1195775 * https://bugzilla.suse.com/show_bug.cgi?id=1196746 * https://bugzilla.suse.com/show_bug.cgi?id=1197915 * https://bugzilla.suse.com/show_bug.cgi?id=1198014 * https://bugzilla.suse.com/show_bug.cgi?id=1199295 * https://bugzilla.suse.com/show_bug.cgi?id=1202767 * https://bugzilla.suse.com/show_bug.cgi?id=1202780 * https://bugzilla.suse.com/show_bug.cgi?id=1205205 * https://bugzilla.suse.com/show_bug.cgi?id=1207361 * https://bugzilla.suse.com/show_bug.cgi?id=1217912 * https://bugzilla.suse.com/show_bug.cgi?id=1218148 * https://bugzilla.suse.com/show_bug.cgi?id=1218570 * https://bugzilla.suse.com/show_bug.cgi?id=1218820 * https://bugzilla.suse.com/show_bug.cgi?id=1219224 * https://bugzilla.suse.com/show_bug.cgi?id=1219633 * https://bugzilla.suse.com/show_bug.cgi?id=1219847 * https://bugzilla.suse.com/show_bug.cgi?id=1220368 * https://bugzilla.suse.com/show_bug.cgi?id=1220812 * https://bugzilla.suse.com/show_bug.cgi?id=1220958 * https://bugzilla.suse.com/show_bug.cgi?id=1221086 * https://bugzilla.suse.com/show_bug.cgi?id=1221282 * https://bugzilla.suse.com/show_bug.cgi?id=1221958 * https://bugzilla.suse.com/show_bug.cgi?id=1222015 * https://bugzilla.suse.com/show_bug.cgi?id=1222072 * https://bugzilla.suse.com/show_bug.cgi?id=1222080 * https://bugzilla.suse.com/show_bug.cgi?id=1222241 * https://bugzilla.suse.com/show_bug.cgi?id=1222254 * https://bugzilla.suse.com/show_bug.cgi?id=1222364 * https://bugzilla.suse.com/show_bug.cgi?id=1222893 * https://bugzilla.suse.com/show_bug.cgi?id=1223013 * https://bugzilla.suse.com/show_bug.cgi?id=1223018 * https://bugzilla.suse.com/show_bug.cgi?id=1223265 * https://bugzilla.suse.com/show_bug.cgi?id=1223384 * https://bugzilla.suse.com/show_bug.cgi?id=1223641 * https://bugzilla.suse.com/show_bug.cgi?id=1224020 * https://bugzilla.suse.com/show_bug.cgi?id=1224331 * https://bugzilla.suse.com/show_bug.cgi?id=1224488 * https://bugzilla.suse.com/show_bug.cgi?id=1224497 * https://bugzilla.suse.com/show_bug.cgi?id=1224498 * https://bugzilla.suse.com/show_bug.cgi?id=1224504 * https://bugzilla.suse.com/show_bug.cgi?id=1224520 * https://bugzilla.suse.com/show_bug.cgi?id=1224539 * https://bugzilla.suse.com/show_bug.cgi?id=1224540 * https://bugzilla.suse.com/show_bug.cgi?id=1224552 * https://bugzilla.suse.com/show_bug.cgi?id=1224583 * https://bugzilla.suse.com/show_bug.cgi?id=1224588 * https://bugzilla.suse.com/show_bug.cgi?id=1224602 * https://bugzilla.suse.com/show_bug.cgi?id=1224603 * https://bugzilla.suse.com/show_bug.cgi?id=1224605 * https://bugzilla.suse.com/show_bug.cgi?id=1224612 * https://bugzilla.suse.com/show_bug.cgi?id=1224614 * https://bugzilla.suse.com/show_bug.cgi?id=1224619 * https://bugzilla.suse.com/show_bug.cgi?id=1224661 * https://bugzilla.suse.com/show_bug.cgi?id=1224662 * https://bugzilla.suse.com/show_bug.cgi?id=1224670 * https://bugzilla.suse.com/show_bug.cgi?id=1224671 * https://bugzilla.suse.com/show_bug.cgi?id=1224674 * https://bugzilla.suse.com/show_bug.cgi?id=1224677 * https://bugzilla.suse.com/show_bug.cgi?id=1224679 * https://bugzilla.suse.com/show_bug.cgi?id=1224696 * https://bugzilla.suse.com/show_bug.cgi?id=1224703 * https://bugzilla.suse.com/show_bug.cgi?id=1224712 * https://bugzilla.suse.com/show_bug.cgi?id=1224716 * https://bugzilla.suse.com/show_bug.cgi?id=1224719 * https://bugzilla.suse.com/show_bug.cgi?id=1224735 * https://bugzilla.suse.com/show_bug.cgi?id=1224749 * https://bugzilla.suse.com/show_bug.cgi?id=1224764 * https://bugzilla.suse.com/show_bug.cgi?id=1224765 * https://bugzilla.suse.com/show_bug.cgi?id=1224766 * https://bugzilla.suse.com/show_bug.cgi?id=1224935 * https://bugzilla.suse.com/show_bug.cgi?id=1224946 * https://bugzilla.suse.com/show_bug.cgi?id=1224951 * https://bugzilla.suse.com/show_bug.cgi?id=1225050 * https://bugzilla.suse.com/show_bug.cgi?id=1225098 * https://bugzilla.suse.com/show_bug.cgi?id=1225105 * https://bugzilla.suse.com/show_bug.cgi?id=1225300 * https://bugzilla.suse.com/show_bug.cgi?id=1225389 * https://bugzilla.suse.com/show_bug.cgi?id=1225391 * https://bugzilla.suse.com/show_bug.cgi?id=1225419 * https://bugzilla.suse.com/show_bug.cgi?id=1225426 * https://bugzilla.suse.com/show_bug.cgi?id=1225448 * https://bugzilla.suse.com/show_bug.cgi?id=1225452 * https://bugzilla.suse.com/show_bug.cgi?id=1225467 * https://bugzilla.suse.com/show_bug.cgi?id=1225475 * https://bugzilla.suse.com/show_bug.cgi?id=1225484 * https://bugzilla.suse.com/show_bug.cgi?id=1225487 * https://bugzilla.suse.com/show_bug.cgi?id=1225514 * https://bugzilla.suse.com/show_bug.cgi?id=1225518 * https://bugzilla.suse.com/show_bug.cgi?id=1225535 * https://bugzilla.suse.com/show_bug.cgi?id=1225585 * https://bugzilla.suse.com/show_bug.cgi?id=1225602 * https://bugzilla.suse.com/show_bug.cgi?id=1225611 * https://bugzilla.suse.com/show_bug.cgi?id=1225681 * https://bugzilla.suse.com/show_bug.cgi?id=1225692 * https://bugzilla.suse.com/show_bug.cgi?id=1225698 * https://bugzilla.suse.com/show_bug.cgi?id=1225699 * https://bugzilla.suse.com/show_bug.cgi?id=1225704 * https://bugzilla.suse.com/show_bug.cgi?id=1225714 * https://bugzilla.suse.com/show_bug.cgi?id=1225726 * https://bugzilla.suse.com/show_bug.cgi?id=1225732 * https://bugzilla.suse.com/show_bug.cgi?id=1225737 * https://bugzilla.suse.com/show_bug.cgi?id=1225749 * https://bugzilla.suse.com/show_bug.cgi?id=1225758 * https://bugzilla.suse.com/show_bug.cgi?id=1225759 * https://bugzilla.suse.com/show_bug.cgi?id=1225760 * https://bugzilla.suse.com/show_bug.cgi?id=1225767 * https://bugzilla.suse.com/show_bug.cgi?id=1225770 * https://bugzilla.suse.com/show_bug.cgi?id=1225823 * https://bugzilla.suse.com/show_bug.cgi?id=1225834 * https://bugzilla.suse.com/show_bug.cgi?id=1225840 * https://bugzilla.suse.com/show_bug.cgi?id=1225866 * https://bugzilla.suse.com/show_bug.cgi?id=1225872 * https://bugzilla.suse.com/show_bug.cgi?id=1225894 * https://bugzilla.suse.com/show_bug.cgi?id=1225945 * https://bugzilla.suse.com/show_bug.cgi?id=1226022 * https://bugzilla.suse.com/show_bug.cgi?id=1226131 * https://bugzilla.suse.com/show_bug.cgi?id=1226145 * https://bugzilla.suse.com/show_bug.cgi?id=1226149 * https://bugzilla.suse.com/show_bug.cgi?id=1226155 * https://bugzilla.suse.com/show_bug.cgi?id=1226211 * https://bugzilla.suse.com/show_bug.cgi?id=1226212 * https://bugzilla.suse.com/show_bug.cgi?id=1226226 * https://bugzilla.suse.com/show_bug.cgi?id=1226514 * https://bugzilla.suse.com/show_bug.cgi?id=1226520 * https://bugzilla.suse.com/show_bug.cgi?id=1226537 * https://bugzilla.suse.com/show_bug.cgi?id=1226538 * https://bugzilla.suse.com/show_bug.cgi?id=1226539 * https://bugzilla.suse.com/show_bug.cgi?id=1226550 * https://bugzilla.suse.com/show_bug.cgi?id=1226552 * https://bugzilla.suse.com/show_bug.cgi?id=1226553 * https://bugzilla.suse.com/show_bug.cgi?id=1226554 * https://bugzilla.suse.com/show_bug.cgi?id=1226556 * https://bugzilla.suse.com/show_bug.cgi?id=1226557 * https://bugzilla.suse.com/show_bug.cgi?id=1226558 * https://bugzilla.suse.com/show_bug.cgi?id=1226559 * https://bugzilla.suse.com/show_bug.cgi?id=1226561 * https://bugzilla.suse.com/show_bug.cgi?id=1226562 * https://bugzilla.suse.com/show_bug.cgi?id=1226563 * https://bugzilla.suse.com/show_bug.cgi?id=1226564 * https://bugzilla.suse.com/show_bug.cgi?id=1226566 * https://bugzilla.suse.com/show_bug.cgi?id=1226567 * https://bugzilla.suse.com/show_bug.cgi?id=1226569 * https://bugzilla.suse.com/show_bug.cgi?id=1226572 * https://bugzilla.suse.com/show_bug.cgi?id=1226575 * https://bugzilla.suse.com/show_bug.cgi?id=1226576 * https://bugzilla.suse.com/show_bug.cgi?id=1226577 * https://bugzilla.suse.com/show_bug.cgi?id=1226579 * https://bugzilla.suse.com/show_bug.cgi?id=1226580 * https://bugzilla.suse.com/show_bug.cgi?id=1226581 * https://bugzilla.suse.com/show_bug.cgi?id=1226582 * https://bugzilla.suse.com/show_bug.cgi?id=1226583 * https://bugzilla.suse.com/show_bug.cgi?id=1226585 * https://bugzilla.suse.com/show_bug.cgi?id=1226587 * https://bugzilla.suse.com/show_bug.cgi?id=1226588 * https://bugzilla.suse.com/show_bug.cgi?id=1226593 * https://bugzilla.suse.com/show_bug.cgi?id=1226595 * https://bugzilla.suse.com/show_bug.cgi?id=1226597 * https://bugzilla.suse.com/show_bug.cgi?id=1226601 * https://bugzilla.suse.com/show_bug.cgi?id=1226602 * https://bugzilla.suse.com/show_bug.cgi?id=1226603 * https://bugzilla.suse.com/show_bug.cgi?id=1226607 * https://bugzilla.suse.com/show_bug.cgi?id=1226610 * https://bugzilla.suse.com/show_bug.cgi?id=1226614 * https://bugzilla.suse.com/show_bug.cgi?id=1226616 * https://bugzilla.suse.com/show_bug.cgi?id=1226617 * https://bugzilla.suse.com/show_bug.cgi?id=1226618 * https://bugzilla.suse.com/show_bug.cgi?id=1226619 * https://bugzilla.suse.com/show_bug.cgi?id=1226621 * https://bugzilla.suse.com/show_bug.cgi?id=1226622 * https://bugzilla.suse.com/show_bug.cgi?id=1226624 * https://bugzilla.suse.com/show_bug.cgi?id=1226626 * https://bugzilla.suse.com/show_bug.cgi?id=1226628 * https://bugzilla.suse.com/show_bug.cgi?id=1226629 * https://bugzilla.suse.com/show_bug.cgi?id=1226632 * https://bugzilla.suse.com/show_bug.cgi?id=1226633 * https://bugzilla.suse.com/show_bug.cgi?id=1226634 * https://bugzilla.suse.com/show_bug.cgi?id=1226637 * https://bugzilla.suse.com/show_bug.cgi?id=1226643 * https://bugzilla.suse.com/show_bug.cgi?id=1226644 * https://bugzilla.suse.com/show_bug.cgi?id=1226645 * https://bugzilla.suse.com/show_bug.cgi?id=1226647 * https://bugzilla.suse.com/show_bug.cgi?id=1226650 * https://bugzilla.suse.com/show_bug.cgi?id=1226653 * https://bugzilla.suse.com/show_bug.cgi?id=1226657 * https://bugzilla.suse.com/show_bug.cgi?id=1226658 * https://bugzilla.suse.com/show_bug.cgi?id=1226669 * https://bugzilla.suse.com/show_bug.cgi?id=1226670 * https://bugzilla.suse.com/show_bug.cgi?id=1226672 * https://bugzilla.suse.com/show_bug.cgi?id=1226673 * https://bugzilla.suse.com/show_bug.cgi?id=1226674 * https://bugzilla.suse.com/show_bug.cgi?id=1226675 * https://bugzilla.suse.com/show_bug.cgi?id=1226678 * https://bugzilla.suse.com/show_bug.cgi?id=1226679 * https://bugzilla.suse.com/show_bug.cgi?id=1226683 * https://bugzilla.suse.com/show_bug.cgi?id=1226685 * https://bugzilla.suse.com/show_bug.cgi?id=1226686 * https://bugzilla.suse.com/show_bug.cgi?id=1226690 * https://bugzilla.suse.com/show_bug.cgi?id=1226691 * https://bugzilla.suse.com/show_bug.cgi?id=1226692 * https://bugzilla.suse.com/show_bug.cgi?id=1226693 * https://bugzilla.suse.com/show_bug.cgi?id=1226696 * https://bugzilla.suse.com/show_bug.cgi?id=1226697 * https://bugzilla.suse.com/show_bug.cgi?id=1226698 * https://bugzilla.suse.com/show_bug.cgi?id=1226699 * https://bugzilla.suse.com/show_bug.cgi?id=1226701 * https://bugzilla.suse.com/show_bug.cgi?id=1226702 * https://bugzilla.suse.com/show_bug.cgi?id=1226703 * https://bugzilla.suse.com/show_bug.cgi?id=1226704 * https://bugzilla.suse.com/show_bug.cgi?id=1226705 * https://bugzilla.suse.com/show_bug.cgi?id=1226706 * https://bugzilla.suse.com/show_bug.cgi?id=1226708 * https://bugzilla.suse.com/show_bug.cgi?id=1226709 * https://bugzilla.suse.com/show_bug.cgi?id=1226710 * https://bugzilla.suse.com/show_bug.cgi?id=1226711 * https://bugzilla.suse.com/show_bug.cgi?id=1226712 * https://bugzilla.suse.com/show_bug.cgi?id=1226713 * https://bugzilla.suse.com/show_bug.cgi?id=1226715 * https://bugzilla.suse.com/show_bug.cgi?id=1226716 * https://bugzilla.suse.com/show_bug.cgi?id=1226718 * https://bugzilla.suse.com/show_bug.cgi?id=1226719 * https://bugzilla.suse.com/show_bug.cgi?id=1226720 * https://bugzilla.suse.com/show_bug.cgi?id=1226721 * https://bugzilla.suse.com/show_bug.cgi?id=1226730 * https://bugzilla.suse.com/show_bug.cgi?id=1226732 * https://bugzilla.suse.com/show_bug.cgi?id=1226734 * https://bugzilla.suse.com/show_bug.cgi?id=1226735 * https://bugzilla.suse.com/show_bug.cgi?id=1226737 * https://bugzilla.suse.com/show_bug.cgi?id=1226738 * https://bugzilla.suse.com/show_bug.cgi?id=1226739 * https://bugzilla.suse.com/show_bug.cgi?id=1226740 * https://bugzilla.suse.com/show_bug.cgi?id=1226744 * https://bugzilla.suse.com/show_bug.cgi?id=1226746 * https://bugzilla.suse.com/show_bug.cgi?id=1226747 * https://bugzilla.suse.com/show_bug.cgi?id=1226749 * https://bugzilla.suse.com/show_bug.cgi?id=1226754 * https://bugzilla.suse.com/show_bug.cgi?id=1226762 * https://bugzilla.suse.com/show_bug.cgi?id=1226764 * https://bugzilla.suse.com/show_bug.cgi?id=1226767 * https://bugzilla.suse.com/show_bug.cgi?id=1226768 * https://bugzilla.suse.com/show_bug.cgi?id=1226769 * https://bugzilla.suse.com/show_bug.cgi?id=1226771 * https://bugzilla.suse.com/show_bug.cgi?id=1226774 * https://bugzilla.suse.com/show_bug.cgi?id=1226777 * https://bugzilla.suse.com/show_bug.cgi?id=1226780 * https://bugzilla.suse.com/show_bug.cgi?id=1226781 * https://bugzilla.suse.com/show_bug.cgi?id=1226785 * https://bugzilla.suse.com/show_bug.cgi?id=1226786 * https://bugzilla.suse.com/show_bug.cgi?id=1226789 * https://bugzilla.suse.com/show_bug.cgi?id=1226791 * https://bugzilla.suse.com/show_bug.cgi?id=1226839 * https://bugzilla.suse.com/show_bug.cgi?id=1226840 * https://bugzilla.suse.com/show_bug.cgi?id=1226841 * https://bugzilla.suse.com/show_bug.cgi?id=1226842 * https://bugzilla.suse.com/show_bug.cgi?id=1226848 * https://bugzilla.suse.com/show_bug.cgi?id=1226852 * https://bugzilla.suse.com/show_bug.cgi?id=1226857 * https://bugzilla.suse.com/show_bug.cgi?id=1226861 * https://bugzilla.suse.com/show_bug.cgi?id=1226863 * https://bugzilla.suse.com/show_bug.cgi?id=1226864 * https://bugzilla.suse.com/show_bug.cgi?id=1226867 * https://bugzilla.suse.com/show_bug.cgi?id=1226868 * https://bugzilla.suse.com/show_bug.cgi?id=1226876 * https://bugzilla.suse.com/show_bug.cgi?id=1226878 * https://bugzilla.suse.com/show_bug.cgi?id=1226883 * https://bugzilla.suse.com/show_bug.cgi?id=1226886 * https://bugzilla.suse.com/show_bug.cgi?id=1226890 * https://bugzilla.suse.com/show_bug.cgi?id=1226891 * https://bugzilla.suse.com/show_bug.cgi?id=1226895 * https://bugzilla.suse.com/show_bug.cgi?id=1226908 * https://bugzilla.suse.com/show_bug.cgi?id=1226915 * https://bugzilla.suse.com/show_bug.cgi?id=1226928 * https://bugzilla.suse.com/show_bug.cgi?id=1226948 * https://bugzilla.suse.com/show_bug.cgi?id=1226949 * https://bugzilla.suse.com/show_bug.cgi?id=1226950 * https://bugzilla.suse.com/show_bug.cgi?id=1226953 * https://bugzilla.suse.com/show_bug.cgi?id=1226962 * https://bugzilla.suse.com/show_bug.cgi?id=1226976 * https://bugzilla.suse.com/show_bug.cgi?id=1226992 * https://bugzilla.suse.com/show_bug.cgi?id=1226994 * https://bugzilla.suse.com/show_bug.cgi?id=1226996 * https://bugzilla.suse.com/show_bug.cgi?id=1227066 * https://bugzilla.suse.com/show_bug.cgi?id=1227096 * https://bugzilla.suse.com/show_bug.cgi?id=1227101 * https://bugzilla.suse.com/show_bug.cgi?id=1227103 * https://bugzilla.suse.com/show_bug.cgi?id=1227274 * https://jira.suse.com/browse/PED-8491 * https://jira.suse.com/browse/PED-8570 * https://jira.suse.com/browse/PED-8690 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jul 9 16:31:59 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 09 Jul 2024 16:31:59 -0000 Subject: SUSE-SU-2024:2371-1: important: Security update for MozillaFirefox Message-ID: <172054271982.6364.16366991557071398849@smelt2.prg2.suse.org> # Security update for MozillaFirefox Announcement ID: SUSE-SU-2024:2371-1 Rating: important References: * bsc#1225278 * bsc#1226316 Cross-References: * CVE-2024-5688 * CVE-2024-5690 * CVE-2024-5691 * CVE-2024-5692 * CVE-2024-5693 * CVE-2024-5696 * CVE-2024-5700 * CVE-2024-5702 * CVE-2024-6600 * CVE-2024-6601 * CVE-2024-6602 * CVE-2024-6603 * CVE-2024-6604 CVSS scores: Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 An update that solves 13 vulnerabilities can now be installed. ## Description: This update for MozillaFirefox fixes the following issues: Update to Firefox Extended Support Release 115.13.0 ESR (MFSA 2024-30, bsc#1226316): * CVE-2024-6600: Memory corruption in WebGL API * CVE-2024-6601: Race condition in permission assignment * CVE-2024-6602: Memory corruption in NSS * CVE-2024-6603: Memory corruption in thread creation * CVE-2024-6604: Memory safety bugs fixed in Firefox 128, Firefox ESR 115.13, and Thunderbird 115.13 Other fixes: * Fix GNOME search provider (bsc#1225278) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-2371=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-2371=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-2371=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-2371=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * MozillaFirefox-debuginfo-115.13.0-112.218.1 * MozillaFirefox-debugsource-115.13.0-112.218.1 * SUSE Linux Enterprise Software Development Kit 12 SP5 (noarch) * MozillaFirefox-devel-115.13.0-112.218.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * MozillaFirefox-debuginfo-115.13.0-112.218.1 * MozillaFirefox-translations-common-115.13.0-112.218.1 * MozillaFirefox-115.13.0-112.218.1 * MozillaFirefox-debugsource-115.13.0-112.218.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (noarch) * MozillaFirefox-devel-115.13.0-112.218.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * MozillaFirefox-debuginfo-115.13.0-112.218.1 * MozillaFirefox-translations-common-115.13.0-112.218.1 * MozillaFirefox-115.13.0-112.218.1 * MozillaFirefox-debugsource-115.13.0-112.218.1 * SUSE Linux Enterprise Server 12 SP5 (noarch) * MozillaFirefox-devel-115.13.0-112.218.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * MozillaFirefox-debuginfo-115.13.0-112.218.1 * MozillaFirefox-translations-common-115.13.0-112.218.1 * MozillaFirefox-115.13.0-112.218.1 * MozillaFirefox-debugsource-115.13.0-112.218.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (noarch) * MozillaFirefox-devel-115.13.0-112.218.1 ## References: * https://www.suse.com/security/cve/CVE-2024-5688.html * https://www.suse.com/security/cve/CVE-2024-5690.html * https://www.suse.com/security/cve/CVE-2024-5691.html * https://www.suse.com/security/cve/CVE-2024-5692.html * https://www.suse.com/security/cve/CVE-2024-5693.html * https://www.suse.com/security/cve/CVE-2024-5696.html * https://www.suse.com/security/cve/CVE-2024-5700.html * https://www.suse.com/security/cve/CVE-2024-5702.html * https://www.suse.com/security/cve/CVE-2024-6600.html * https://www.suse.com/security/cve/CVE-2024-6601.html * https://www.suse.com/security/cve/CVE-2024-6602.html * https://www.suse.com/security/cve/CVE-2024-6603.html * https://www.suse.com/security/cve/CVE-2024-6604.html * https://bugzilla.suse.com/show_bug.cgi?id=1225278 * https://bugzilla.suse.com/show_bug.cgi?id=1226316 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jul 9 16:32:02 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 09 Jul 2024 16:32:02 -0000 Subject: SUSE-SU-2024:2367-1: important: Security update for freeradius-server Message-ID: <172054272291.6364.17530388580974388994@smelt2.prg2.suse.org> # Security update for freeradius-server Announcement ID: SUSE-SU-2024:2367-1 Rating: important References: * bsc#1223414 Cross-References: * CVE-2024-3596 CVSS scores: * CVE-2024-3596 ( SUSE ): 7.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N Affected Products: * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves one vulnerability can now be installed. ## Description: This update for freeradius-server fixes the following issues: * CVE-2024-3596: Fixed chosen-prefix collision attack against MD5 (bsc#1223414). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-2367=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-2367=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-2367=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-2367=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-2367=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-2367=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-2367=1 ## Package List: * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * freeradius-server-mysql-debuginfo-3.0.21-150200.3.15.1 * freeradius-server-ldap-3.0.21-150200.3.15.1 * freeradius-server-perl-debuginfo-3.0.21-150200.3.15.1 * freeradius-server-postgresql-debuginfo-3.0.21-150200.3.15.1 * freeradius-server-krb5-debuginfo-3.0.21-150200.3.15.1 * freeradius-server-python3-3.0.21-150200.3.15.1 * freeradius-server-debuginfo-3.0.21-150200.3.15.1 * freeradius-server-python3-debuginfo-3.0.21-150200.3.15.1 * freeradius-server-sqlite-3.0.21-150200.3.15.1 * freeradius-server-utils-debuginfo-3.0.21-150200.3.15.1 * freeradius-server-perl-3.0.21-150200.3.15.1 * freeradius-server-3.0.21-150200.3.15.1 * freeradius-server-libs-debuginfo-3.0.21-150200.3.15.1 * freeradius-server-debugsource-3.0.21-150200.3.15.1 * freeradius-server-sqlite-debuginfo-3.0.21-150200.3.15.1 * freeradius-server-utils-3.0.21-150200.3.15.1 * freeradius-server-ldap-debuginfo-3.0.21-150200.3.15.1 * freeradius-server-postgresql-3.0.21-150200.3.15.1 * freeradius-server-libs-3.0.21-150200.3.15.1 * freeradius-server-mysql-3.0.21-150200.3.15.1 * freeradius-server-krb5-3.0.21-150200.3.15.1 * freeradius-server-devel-3.0.21-150200.3.15.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * freeradius-server-mysql-debuginfo-3.0.21-150200.3.15.1 * freeradius-server-ldap-3.0.21-150200.3.15.1 * freeradius-server-perl-debuginfo-3.0.21-150200.3.15.1 * freeradius-server-postgresql-debuginfo-3.0.21-150200.3.15.1 * freeradius-server-krb5-debuginfo-3.0.21-150200.3.15.1 * freeradius-server-python3-3.0.21-150200.3.15.1 * freeradius-server-debuginfo-3.0.21-150200.3.15.1 * freeradius-server-python3-debuginfo-3.0.21-150200.3.15.1 * freeradius-server-sqlite-3.0.21-150200.3.15.1 * freeradius-server-utils-debuginfo-3.0.21-150200.3.15.1 * freeradius-server-perl-3.0.21-150200.3.15.1 * freeradius-server-3.0.21-150200.3.15.1 * freeradius-server-libs-debuginfo-3.0.21-150200.3.15.1 * freeradius-server-debugsource-3.0.21-150200.3.15.1 * freeradius-server-sqlite-debuginfo-3.0.21-150200.3.15.1 * freeradius-server-utils-3.0.21-150200.3.15.1 * freeradius-server-ldap-debuginfo-3.0.21-150200.3.15.1 * freeradius-server-postgresql-3.0.21-150200.3.15.1 * freeradius-server-libs-3.0.21-150200.3.15.1 * freeradius-server-mysql-3.0.21-150200.3.15.1 * freeradius-server-krb5-3.0.21-150200.3.15.1 * freeradius-server-devel-3.0.21-150200.3.15.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * freeradius-server-mysql-debuginfo-3.0.21-150200.3.15.1 * freeradius-server-ldap-3.0.21-150200.3.15.1 * freeradius-server-perl-debuginfo-3.0.21-150200.3.15.1 * freeradius-server-postgresql-debuginfo-3.0.21-150200.3.15.1 * freeradius-server-krb5-debuginfo-3.0.21-150200.3.15.1 * freeradius-server-python3-3.0.21-150200.3.15.1 * freeradius-server-debuginfo-3.0.21-150200.3.15.1 * freeradius-server-python3-debuginfo-3.0.21-150200.3.15.1 * freeradius-server-sqlite-3.0.21-150200.3.15.1 * freeradius-server-utils-debuginfo-3.0.21-150200.3.15.1 * freeradius-server-perl-3.0.21-150200.3.15.1 * freeradius-server-3.0.21-150200.3.15.1 * freeradius-server-libs-debuginfo-3.0.21-150200.3.15.1 * freeradius-server-debugsource-3.0.21-150200.3.15.1 * freeradius-server-sqlite-debuginfo-3.0.21-150200.3.15.1 * freeradius-server-utils-3.0.21-150200.3.15.1 * freeradius-server-ldap-debuginfo-3.0.21-150200.3.15.1 * freeradius-server-postgresql-3.0.21-150200.3.15.1 * freeradius-server-libs-3.0.21-150200.3.15.1 * freeradius-server-mysql-3.0.21-150200.3.15.1 * freeradius-server-krb5-3.0.21-150200.3.15.1 * freeradius-server-devel-3.0.21-150200.3.15.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * freeradius-server-mysql-debuginfo-3.0.21-150200.3.15.1 * freeradius-server-ldap-3.0.21-150200.3.15.1 * freeradius-server-perl-debuginfo-3.0.21-150200.3.15.1 * freeradius-server-postgresql-debuginfo-3.0.21-150200.3.15.1 * freeradius-server-krb5-debuginfo-3.0.21-150200.3.15.1 * freeradius-server-python3-3.0.21-150200.3.15.1 * freeradius-server-debuginfo-3.0.21-150200.3.15.1 * freeradius-server-python3-debuginfo-3.0.21-150200.3.15.1 * freeradius-server-sqlite-3.0.21-150200.3.15.1 * freeradius-server-utils-debuginfo-3.0.21-150200.3.15.1 * freeradius-server-perl-3.0.21-150200.3.15.1 * freeradius-server-3.0.21-150200.3.15.1 * freeradius-server-libs-debuginfo-3.0.21-150200.3.15.1 * freeradius-server-debugsource-3.0.21-150200.3.15.1 * freeradius-server-sqlite-debuginfo-3.0.21-150200.3.15.1 * freeradius-server-utils-3.0.21-150200.3.15.1 * freeradius-server-ldap-debuginfo-3.0.21-150200.3.15.1 * freeradius-server-postgresql-3.0.21-150200.3.15.1 * freeradius-server-libs-3.0.21-150200.3.15.1 * freeradius-server-mysql-3.0.21-150200.3.15.1 * freeradius-server-krb5-3.0.21-150200.3.15.1 * freeradius-server-devel-3.0.21-150200.3.15.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * freeradius-server-mysql-debuginfo-3.0.21-150200.3.15.1 * freeradius-server-ldap-3.0.21-150200.3.15.1 * freeradius-server-perl-debuginfo-3.0.21-150200.3.15.1 * freeradius-server-postgresql-debuginfo-3.0.21-150200.3.15.1 * freeradius-server-krb5-debuginfo-3.0.21-150200.3.15.1 * freeradius-server-python3-3.0.21-150200.3.15.1 * freeradius-server-debuginfo-3.0.21-150200.3.15.1 * freeradius-server-python3-debuginfo-3.0.21-150200.3.15.1 * freeradius-server-sqlite-3.0.21-150200.3.15.1 * freeradius-server-utils-debuginfo-3.0.21-150200.3.15.1 * freeradius-server-perl-3.0.21-150200.3.15.1 * freeradius-server-3.0.21-150200.3.15.1 * freeradius-server-libs-debuginfo-3.0.21-150200.3.15.1 * freeradius-server-debugsource-3.0.21-150200.3.15.1 * freeradius-server-sqlite-debuginfo-3.0.21-150200.3.15.1 * freeradius-server-utils-3.0.21-150200.3.15.1 * freeradius-server-ldap-debuginfo-3.0.21-150200.3.15.1 * freeradius-server-postgresql-3.0.21-150200.3.15.1 * freeradius-server-libs-3.0.21-150200.3.15.1 * freeradius-server-mysql-3.0.21-150200.3.15.1 * freeradius-server-krb5-3.0.21-150200.3.15.1 * freeradius-server-devel-3.0.21-150200.3.15.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * freeradius-server-mysql-debuginfo-3.0.21-150200.3.15.1 * freeradius-server-ldap-3.0.21-150200.3.15.1 * freeradius-server-perl-debuginfo-3.0.21-150200.3.15.1 * freeradius-server-postgresql-debuginfo-3.0.21-150200.3.15.1 * freeradius-server-krb5-debuginfo-3.0.21-150200.3.15.1 * freeradius-server-python3-3.0.21-150200.3.15.1 * freeradius-server-debuginfo-3.0.21-150200.3.15.1 * freeradius-server-python3-debuginfo-3.0.21-150200.3.15.1 * freeradius-server-sqlite-3.0.21-150200.3.15.1 * freeradius-server-utils-debuginfo-3.0.21-150200.3.15.1 * freeradius-server-perl-3.0.21-150200.3.15.1 * freeradius-server-3.0.21-150200.3.15.1 * freeradius-server-libs-debuginfo-3.0.21-150200.3.15.1 * freeradius-server-debugsource-3.0.21-150200.3.15.1 * freeradius-server-sqlite-debuginfo-3.0.21-150200.3.15.1 * freeradius-server-utils-3.0.21-150200.3.15.1 * freeradius-server-ldap-debuginfo-3.0.21-150200.3.15.1 * freeradius-server-postgresql-3.0.21-150200.3.15.1 * freeradius-server-libs-3.0.21-150200.3.15.1 * freeradius-server-mysql-3.0.21-150200.3.15.1 * freeradius-server-krb5-3.0.21-150200.3.15.1 * freeradius-server-devel-3.0.21-150200.3.15.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * freeradius-server-mysql-debuginfo-3.0.21-150200.3.15.1 * freeradius-server-ldap-3.0.21-150200.3.15.1 * freeradius-server-perl-debuginfo-3.0.21-150200.3.15.1 * freeradius-server-postgresql-debuginfo-3.0.21-150200.3.15.1 * freeradius-server-krb5-debuginfo-3.0.21-150200.3.15.1 * freeradius-server-python3-3.0.21-150200.3.15.1 * freeradius-server-debuginfo-3.0.21-150200.3.15.1 * freeradius-server-python3-debuginfo-3.0.21-150200.3.15.1 * freeradius-server-sqlite-3.0.21-150200.3.15.1 * freeradius-server-utils-debuginfo-3.0.21-150200.3.15.1 * freeradius-server-perl-3.0.21-150200.3.15.1 * freeradius-server-3.0.21-150200.3.15.1 * freeradius-server-libs-debuginfo-3.0.21-150200.3.15.1 * freeradius-server-debugsource-3.0.21-150200.3.15.1 * freeradius-server-sqlite-debuginfo-3.0.21-150200.3.15.1 * freeradius-server-utils-3.0.21-150200.3.15.1 * freeradius-server-ldap-debuginfo-3.0.21-150200.3.15.1 * freeradius-server-postgresql-3.0.21-150200.3.15.1 * freeradius-server-libs-3.0.21-150200.3.15.1 * freeradius-server-mysql-3.0.21-150200.3.15.1 * freeradius-server-krb5-3.0.21-150200.3.15.1 * freeradius-server-devel-3.0.21-150200.3.15.1 ## References: * https://www.suse.com/security/cve/CVE-2024-3596.html * https://bugzilla.suse.com/show_bug.cgi?id=1223414 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jul 9 16:32:06 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 09 Jul 2024 16:32:06 -0000 Subject: SUSE-SU-2024:2366-1: important: Security update for freeradius-server Message-ID: <172054272636.6364.13420317955128497568@smelt2.prg2.suse.org> # Security update for freeradius-server Announcement ID: SUSE-SU-2024:2366-1 Rating: important References: * bsc#1223414 Cross-References: * CVE-2024-3596 CVSS scores: * CVE-2024-3596 ( SUSE ): 7.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.5 * Server Applications Module 15-SP5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for freeradius-server fixes the following issues: * CVE-2024-3596: Fixed chosen-prefix collision attack against MD5 (bsc#1223414). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-2366=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-2366=1 * Server Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP5-2024-2366=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-2366=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-2366=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-2366=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-2366=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-2366=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-2366=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-2366=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * freeradius-server-libs-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-ldap-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-sqlite-3.0.25-150400.4.7.1 * freeradius-server-utils-3.0.25-150400.4.7.1 * freeradius-server-mysql-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-ldap-schemas-3.0.25-150400.4.7.1 * freeradius-server-perl-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-perl-3.0.25-150400.4.7.1 * freeradius-server-ldap-3.0.25-150400.4.7.1 * freeradius-server-krb5-3.0.25-150400.4.7.1 * freeradius-server-debugsource-3.0.25-150400.4.7.1 * freeradius-server-3.0.25-150400.4.7.1 * freeradius-server-postgresql-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-krb5-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-postgresql-3.0.25-150400.4.7.1 * freeradius-server-devel-3.0.25-150400.4.7.1 * freeradius-server-mysql-3.0.25-150400.4.7.1 * freeradius-server-python3-3.0.25-150400.4.7.1 * freeradius-server-doc-3.0.25-150400.4.7.1 * freeradius-server-sqlite-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-utils-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-python3-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-libs-3.0.25-150400.4.7.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * freeradius-server-libs-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-ldap-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-sqlite-3.0.25-150400.4.7.1 * freeradius-server-utils-3.0.25-150400.4.7.1 * freeradius-server-mysql-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-ldap-schemas-3.0.25-150400.4.7.1 * freeradius-server-perl-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-perl-3.0.25-150400.4.7.1 * freeradius-server-ldap-3.0.25-150400.4.7.1 * freeradius-server-krb5-3.0.25-150400.4.7.1 * freeradius-server-debugsource-3.0.25-150400.4.7.1 * freeradius-server-3.0.25-150400.4.7.1 * freeradius-server-postgresql-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-krb5-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-postgresql-3.0.25-150400.4.7.1 * freeradius-server-devel-3.0.25-150400.4.7.1 * freeradius-server-mysql-3.0.25-150400.4.7.1 * freeradius-server-python3-3.0.25-150400.4.7.1 * freeradius-server-doc-3.0.25-150400.4.7.1 * freeradius-server-sqlite-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-utils-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-python3-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-libs-3.0.25-150400.4.7.1 * Server Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * freeradius-server-libs-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-ldap-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-sqlite-3.0.25-150400.4.7.1 * freeradius-server-utils-3.0.25-150400.4.7.1 * freeradius-server-mysql-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-perl-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-perl-3.0.25-150400.4.7.1 * freeradius-server-ldap-3.0.25-150400.4.7.1 * freeradius-server-krb5-3.0.25-150400.4.7.1 * freeradius-server-debugsource-3.0.25-150400.4.7.1 * freeradius-server-3.0.25-150400.4.7.1 * freeradius-server-postgresql-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-krb5-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-postgresql-3.0.25-150400.4.7.1 * freeradius-server-devel-3.0.25-150400.4.7.1 * freeradius-server-mysql-3.0.25-150400.4.7.1 * freeradius-server-python3-3.0.25-150400.4.7.1 * freeradius-server-sqlite-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-utils-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-python3-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-libs-3.0.25-150400.4.7.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * freeradius-server-libs-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-ldap-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-sqlite-3.0.25-150400.4.7.1 * freeradius-server-utils-3.0.25-150400.4.7.1 * freeradius-server-mysql-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-perl-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-perl-3.0.25-150400.4.7.1 * freeradius-server-ldap-3.0.25-150400.4.7.1 * freeradius-server-krb5-3.0.25-150400.4.7.1 * freeradius-server-debugsource-3.0.25-150400.4.7.1 * freeradius-server-3.0.25-150400.4.7.1 * freeradius-server-postgresql-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-krb5-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-postgresql-3.0.25-150400.4.7.1 * freeradius-server-devel-3.0.25-150400.4.7.1 * freeradius-server-mysql-3.0.25-150400.4.7.1 * freeradius-server-python3-3.0.25-150400.4.7.1 * freeradius-server-sqlite-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-utils-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-python3-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-libs-3.0.25-150400.4.7.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * freeradius-server-libs-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-ldap-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-sqlite-3.0.25-150400.4.7.1 * freeradius-server-utils-3.0.25-150400.4.7.1 * freeradius-server-mysql-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-perl-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-perl-3.0.25-150400.4.7.1 * freeradius-server-ldap-3.0.25-150400.4.7.1 * freeradius-server-krb5-3.0.25-150400.4.7.1 * freeradius-server-debugsource-3.0.25-150400.4.7.1 * freeradius-server-3.0.25-150400.4.7.1 * freeradius-server-postgresql-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-krb5-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-postgresql-3.0.25-150400.4.7.1 * freeradius-server-devel-3.0.25-150400.4.7.1 * freeradius-server-mysql-3.0.25-150400.4.7.1 * freeradius-server-python3-3.0.25-150400.4.7.1 * freeradius-server-sqlite-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-utils-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-python3-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-libs-3.0.25-150400.4.7.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * freeradius-server-libs-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-ldap-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-sqlite-3.0.25-150400.4.7.1 * freeradius-server-utils-3.0.25-150400.4.7.1 * freeradius-server-mysql-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-perl-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-perl-3.0.25-150400.4.7.1 * freeradius-server-ldap-3.0.25-150400.4.7.1 * freeradius-server-krb5-3.0.25-150400.4.7.1 * freeradius-server-debugsource-3.0.25-150400.4.7.1 * freeradius-server-3.0.25-150400.4.7.1 * freeradius-server-postgresql-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-krb5-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-postgresql-3.0.25-150400.4.7.1 * freeradius-server-devel-3.0.25-150400.4.7.1 * freeradius-server-mysql-3.0.25-150400.4.7.1 * freeradius-server-python3-3.0.25-150400.4.7.1 * freeradius-server-sqlite-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-utils-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-python3-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-libs-3.0.25-150400.4.7.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * freeradius-server-libs-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-ldap-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-sqlite-3.0.25-150400.4.7.1 * freeradius-server-utils-3.0.25-150400.4.7.1 * freeradius-server-mysql-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-perl-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-perl-3.0.25-150400.4.7.1 * freeradius-server-ldap-3.0.25-150400.4.7.1 * freeradius-server-krb5-3.0.25-150400.4.7.1 * freeradius-server-debugsource-3.0.25-150400.4.7.1 * freeradius-server-3.0.25-150400.4.7.1 * freeradius-server-postgresql-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-krb5-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-postgresql-3.0.25-150400.4.7.1 * freeradius-server-devel-3.0.25-150400.4.7.1 * freeradius-server-mysql-3.0.25-150400.4.7.1 * freeradius-server-python3-3.0.25-150400.4.7.1 * freeradius-server-sqlite-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-utils-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-python3-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-libs-3.0.25-150400.4.7.1 * SUSE Manager Proxy 4.3 (x86_64) * freeradius-server-libs-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-ldap-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-sqlite-3.0.25-150400.4.7.1 * freeradius-server-utils-3.0.25-150400.4.7.1 * freeradius-server-mysql-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-perl-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-perl-3.0.25-150400.4.7.1 * freeradius-server-ldap-3.0.25-150400.4.7.1 * freeradius-server-krb5-3.0.25-150400.4.7.1 * freeradius-server-debugsource-3.0.25-150400.4.7.1 * freeradius-server-3.0.25-150400.4.7.1 * freeradius-server-postgresql-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-krb5-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-postgresql-3.0.25-150400.4.7.1 * freeradius-server-devel-3.0.25-150400.4.7.1 * freeradius-server-mysql-3.0.25-150400.4.7.1 * freeradius-server-python3-3.0.25-150400.4.7.1 * freeradius-server-sqlite-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-utils-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-python3-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-libs-3.0.25-150400.4.7.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * freeradius-server-libs-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-ldap-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-sqlite-3.0.25-150400.4.7.1 * freeradius-server-utils-3.0.25-150400.4.7.1 * freeradius-server-mysql-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-perl-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-perl-3.0.25-150400.4.7.1 * freeradius-server-ldap-3.0.25-150400.4.7.1 * freeradius-server-krb5-3.0.25-150400.4.7.1 * freeradius-server-debugsource-3.0.25-150400.4.7.1 * freeradius-server-3.0.25-150400.4.7.1 * freeradius-server-postgresql-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-krb5-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-postgresql-3.0.25-150400.4.7.1 * freeradius-server-devel-3.0.25-150400.4.7.1 * freeradius-server-mysql-3.0.25-150400.4.7.1 * freeradius-server-python3-3.0.25-150400.4.7.1 * freeradius-server-sqlite-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-utils-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-python3-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-libs-3.0.25-150400.4.7.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * freeradius-server-libs-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-ldap-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-sqlite-3.0.25-150400.4.7.1 * freeradius-server-utils-3.0.25-150400.4.7.1 * freeradius-server-mysql-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-perl-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-perl-3.0.25-150400.4.7.1 * freeradius-server-ldap-3.0.25-150400.4.7.1 * freeradius-server-krb5-3.0.25-150400.4.7.1 * freeradius-server-debugsource-3.0.25-150400.4.7.1 * freeradius-server-3.0.25-150400.4.7.1 * freeradius-server-postgresql-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-krb5-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-postgresql-3.0.25-150400.4.7.1 * freeradius-server-devel-3.0.25-150400.4.7.1 * freeradius-server-mysql-3.0.25-150400.4.7.1 * freeradius-server-python3-3.0.25-150400.4.7.1 * freeradius-server-sqlite-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-utils-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-python3-debuginfo-3.0.25-150400.4.7.1 * freeradius-server-libs-3.0.25-150400.4.7.1 ## References: * https://www.suse.com/security/cve/CVE-2024-3596.html * https://bugzilla.suse.com/show_bug.cgi?id=1223414 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jul 9 16:32:25 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 09 Jul 2024 16:32:25 -0000 Subject: SUSE-SU-2024:2362-1: important: Security update for the Linux Kernel Message-ID: <172054274597.6364.11784931196209748975@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2024:2362-1 Rating: important References: * bsc#1156395 * bsc#1171988 * bsc#1176447 * bsc#1176774 * bsc#1181147 * bsc#1191958 * bsc#1195065 * bsc#1195254 * bsc#1195798 * bsc#1202623 * bsc#1218148 * bsc#1219224 * bsc#1219633 * bsc#1222015 * bsc#1223011 * bsc#1223384 * bsc#1224671 * bsc#1224703 * bsc#1224749 * bsc#1224764 * bsc#1224765 * bsc#1224766 * bsc#1224865 * bsc#1225010 * bsc#1225047 * bsc#1225109 * bsc#1225161 * bsc#1225184 * bsc#1225203 * bsc#1225487 * bsc#1225518 * bsc#1225611 * bsc#1225732 * bsc#1225749 * bsc#1225840 * bsc#1225866 * bsc#1226226 * bsc#1226537 * bsc#1226552 * bsc#1226554 * bsc#1226557 * bsc#1226558 * bsc#1226562 * bsc#1226563 * bsc#1226575 * bsc#1226583 * bsc#1226585 * bsc#1226587 * bsc#1226595 * bsc#1226614 * bsc#1226619 * bsc#1226621 * bsc#1226624 * bsc#1226643 * bsc#1226644 * bsc#1226645 * bsc#1226647 * bsc#1226650 * bsc#1226669 * bsc#1226670 * bsc#1226672 * bsc#1226674 * bsc#1226679 * bsc#1226686 * bsc#1226691 * bsc#1226692 * bsc#1226698 * bsc#1226703 * bsc#1226708 * bsc#1226709 * bsc#1226711 * bsc#1226712 * bsc#1226713 * bsc#1226715 * bsc#1226716 * bsc#1226720 * bsc#1226721 * bsc#1226732 * bsc#1226758 * bsc#1226762 * bsc#1226786 * bsc#1226962 Cross-References: * CVE-2021-3896 * CVE-2021-43389 * CVE-2021-4439 * CVE-2021-47247 * CVE-2021-47311 * CVE-2021-47328 * CVE-2021-47368 * CVE-2021-47372 * CVE-2021-47379 * CVE-2021-47571 * CVE-2021-47576 * CVE-2021-47583 * CVE-2021-47589 * CVE-2021-47595 * CVE-2021-47596 * CVE-2021-47600 * CVE-2021-47602 * CVE-2021-47609 * CVE-2021-47611 * CVE-2021-47612 * CVE-2021-47617 * CVE-2021-47618 * CVE-2021-47619 * CVE-2021-47620 * CVE-2022-0435 * CVE-2022-22942 * CVE-2022-2938 * CVE-2022-48711 * CVE-2022-48715 * CVE-2022-48717 * CVE-2022-48722 * CVE-2022-48724 * CVE-2022-48726 * CVE-2022-48728 * CVE-2022-48730 * CVE-2022-48732 * CVE-2022-48736 * CVE-2022-48737 * CVE-2022-48738 * CVE-2022-48746 * CVE-2022-48747 * CVE-2022-48748 * CVE-2022-48749 * CVE-2022-48752 * CVE-2022-48754 * CVE-2022-48756 * CVE-2022-48758 * CVE-2022-48759 * CVE-2022-48760 * CVE-2022-48767 * CVE-2022-48768 * CVE-2022-48771 * CVE-2023-24023 * CVE-2023-52707 * CVE-2023-52752 * CVE-2023-52881 * CVE-2024-26822 * CVE-2024-26923 * CVE-2024-35789 * CVE-2024-35861 * CVE-2024-35862 * CVE-2024-35864 * CVE-2024-35878 * CVE-2024-35950 * CVE-2024-36894 * CVE-2024-36904 * CVE-2024-36940 * CVE-2024-36964 * CVE-2024-38541 * CVE-2024-38545 * CVE-2024-38559 * CVE-2024-38560 CVSS scores: * CVE-2021-3896 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-43389 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-43389 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-4439 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2021-47247 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47311 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47328 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47368 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2021-47372 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47379 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47571 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47571 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47576 ( SUSE ): 3.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:L * CVE-2021-47583 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47589 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47595 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47596 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47600 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47602 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47609 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47611 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47612 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47617 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47618 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47619 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47620 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2022-0435 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2022-0435 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-22942 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-22942 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-2938 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H * CVE-2022-2938 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48711 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48715 ( SUSE ): 3.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2022-48717 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2022-48722 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48724 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48726 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48728 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48730 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2022-48732 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48736 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N * CVE-2022-48737 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N * CVE-2022-48738 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48746 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48747 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2022-48748 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L * CVE-2022-48749 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48752 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48754 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48756 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48758 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48759 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48760 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48767 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48768 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48771 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2023-24023 ( SUSE ): 6.8 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2023-24023 ( NVD ): 6.8 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2023-52707 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52752 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52752 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52881 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:L * CVE-2024-26822 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35789 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35861 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35862 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35864 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35878 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35950 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36894 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36904 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36940 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-36964 ( SUSE ): 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-38541 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-38545 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38559 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-38560 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Availability Extension 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Live Patching 15-SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 Business Critical Linux 15-SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Manager Proxy 4.2 * SUSE Manager Retail Branch Server 4.2 * SUSE Manager Server 4.2 An update that solves 72 vulnerabilities and has 10 security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2021-47247: net/mlx5e: Fix use-after-free of encap entry in neigh update handler (bsc#1224865). * CVE-2021-47311: net: qcom/emac: fix UAF in emac_remove (bsc#1225010). * CVE-2021-47368: enetc: Fix illegal access when reading affinity_hint (bsc#1225161). * CVE-2021-47372: net: macb: fix use after free on rmmod (bsc#1225184). * CVE-2021-47379: blk-cgroup: fix UAF by grabbing blkcg lock before destroying blkg pd (bsc#1225203). * CVE-2021-47571: staging: rtl8192e: Fix use after free in _rtl92e_pci_disconnect() (bsc#1225518). * CVE-2022-48760: USB: core: Fix hang in usb_kill_urb by adding memory barriers (bsc#1226712). * CVE-2023-52707: sched/psi: Fix use-after-free in ep_remove_wait_queue() (bsc#1225109). polled (bsc#1202623). * CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225487). * CVE-2023-52881: tcp: do not accept ACK of bytes we never sent (bsc#1225611). * CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223384). * CVE-2024-35789: Check fast rx for non-4addr sta VLAN changes (bsc#1224749). * CVE-2024-35861: Fixed potential UAF in cifs_signal_cifsd_for_reconnect() (bsc#1224766). * CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted() (bsc#1224764). * CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break() (bsc#1224765). * CVE-2024-35950: drm/client: Fully protect modes with dev->mode_config.mutex (bsc#1224703). * CVE-2024-36894: usb: gadget: f_fs: Fix race between aio_cancel() and AIO request complete (bsc#1225749). * CVE-2024-36904: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique() (bsc#1225732). * CVE-2024-36940: pinctrl: core: delete incorrect free in pinctrl_enable() (bsc#1225840). * CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000 (bsc#1225866). * CVE-2024-38545: RDMA/hns: Fix UAF for cq async event (bsc#1226595) * CVE-2024-38559: scsi: qedf: Ensure the copied buf is NUL terminated (bsc#1226758). * CVE-2024-38560: scsi: bfa: Ensure the copied buf is NUL terminated (bsc#1226786). The following non-security bugs were fixed: * NFS: avoid infinite loop in pnfs_update_layout (bsc#1219633 bsc#1226226). * ocfs2: adjust enabling place for la window (bsc#1219224). * ocfs2: fix sparse warnings (bsc#1219224). * ocfs2: improve write IO performance when fragmentation is high (bsc#1219224). * ocfs2: speed up chain-list searching (bsc#1219224). * psi: Fix uaf issue when psi trigger is destroyed while being * x86/tsc: Trust initial offset in architectural TSC-adjust MSRs (bsc#1222015 bsc#1226962). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-2362=1 * SUSE Linux Enterprise Live Patching 15-SP3 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2024-2362=1 * SUSE Linux Enterprise High Availability Extension 15 SP3 zypper in -t patch SUSE-SLE-Product-HA-15-SP3-2024-2362=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-2362=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-2362=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-2362=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-2362=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-2362=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-2362=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-2362=1 ## Package List: * openSUSE Leap 15.3 (noarch nosrc) * kernel-docs-5.3.18-150300.59.167.1 * openSUSE Leap 15.3 (noarch) * kernel-docs-html-5.3.18-150300.59.167.1 * kernel-source-vanilla-5.3.18-150300.59.167.1 * kernel-source-5.3.18-150300.59.167.1 * kernel-devel-5.3.18-150300.59.167.1 * kernel-macros-5.3.18-150300.59.167.1 * openSUSE Leap 15.3 (nosrc ppc64le x86_64) * kernel-kvmsmall-5.3.18-150300.59.167.1 * kernel-debug-5.3.18-150300.59.167.1 * openSUSE Leap 15.3 (ppc64le x86_64) * kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.167.1 * kernel-debug-devel-debuginfo-5.3.18-150300.59.167.1 * kernel-debug-livepatch-devel-5.3.18-150300.59.167.1 * kernel-debug-debugsource-5.3.18-150300.59.167.1 * kernel-kvmsmall-devel-5.3.18-150300.59.167.1 * kernel-kvmsmall-devel-debuginfo-5.3.18-150300.59.167.1 * kernel-kvmsmall-debuginfo-5.3.18-150300.59.167.1 * kernel-debug-debuginfo-5.3.18-150300.59.167.1 * kernel-kvmsmall-debugsource-5.3.18-150300.59.167.1 * kernel-debug-devel-5.3.18-150300.59.167.1 * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64) * gfs2-kmp-default-5.3.18-150300.59.167.1 * kernel-default-livepatch-devel-5.3.18-150300.59.167.1 * kernel-syms-5.3.18-150300.59.167.1 * reiserfs-kmp-default-debuginfo-5.3.18-150300.59.167.1 * kernel-obs-qa-5.3.18-150300.59.167.1 * kselftests-kmp-default-5.3.18-150300.59.167.1 * kernel-default-devel-5.3.18-150300.59.167.1 * kernel-default-extra-debuginfo-5.3.18-150300.59.167.1 * kernel-obs-build-5.3.18-150300.59.167.1 * cluster-md-kmp-default-5.3.18-150300.59.167.1 * ocfs2-kmp-default-5.3.18-150300.59.167.1 * kselftests-kmp-default-debuginfo-5.3.18-150300.59.167.1 * kernel-default-debuginfo-5.3.18-150300.59.167.1 * gfs2-kmp-default-debuginfo-5.3.18-150300.59.167.1 * ocfs2-kmp-default-debuginfo-5.3.18-150300.59.167.1 * kernel-default-base-5.3.18-150300.59.167.1.150300.18.98.1 * kernel-default-extra-5.3.18-150300.59.167.1 * cluster-md-kmp-default-debuginfo-5.3.18-150300.59.167.1 * kernel-default-optional-debuginfo-5.3.18-150300.59.167.1 * kernel-default-devel-debuginfo-5.3.18-150300.59.167.1 * reiserfs-kmp-default-5.3.18-150300.59.167.1 * kernel-default-debugsource-5.3.18-150300.59.167.1 * dlm-kmp-default-5.3.18-150300.59.167.1 * kernel-default-optional-5.3.18-150300.59.167.1 * kernel-obs-build-debugsource-5.3.18-150300.59.167.1 * kernel-default-livepatch-5.3.18-150300.59.167.1 * dlm-kmp-default-debuginfo-5.3.18-150300.59.167.1 * kernel-default-base-rebuild-5.3.18-150300.59.167.1.150300.18.98.1 * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-5.3.18-150300.59.167.1 * openSUSE Leap 15.3 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP3_Update_46-debugsource-1-150300.7.3.1 * kernel-livepatch-5_3_18-150300_59_167-default-1-150300.7.3.1 * kernel-livepatch-5_3_18-150300_59_167-default-debuginfo-1-150300.7.3.1 * openSUSE Leap 15.3 (x86_64) * kernel-livepatch-5_3_18-150300_59_167-preempt-1-150300.7.3.1 * kernel-livepatch-5_3_18-150300_59_167-preempt-debuginfo-1-150300.7.3.1 * openSUSE Leap 15.3 (aarch64 x86_64) * cluster-md-kmp-preempt-5.3.18-150300.59.167.1 * kernel-preempt-extra-5.3.18-150300.59.167.1 * reiserfs-kmp-preempt-5.3.18-150300.59.167.1 * reiserfs-kmp-preempt-debuginfo-5.3.18-150300.59.167.1 * dlm-kmp-preempt-5.3.18-150300.59.167.1 * cluster-md-kmp-preempt-debuginfo-5.3.18-150300.59.167.1 * kernel-preempt-extra-debuginfo-5.3.18-150300.59.167.1 * kernel-preempt-optional-debuginfo-5.3.18-150300.59.167.1 * ocfs2-kmp-preempt-5.3.18-150300.59.167.1 * dlm-kmp-preempt-debuginfo-5.3.18-150300.59.167.1 * gfs2-kmp-preempt-5.3.18-150300.59.167.1 * kernel-preempt-debuginfo-5.3.18-150300.59.167.1 * kselftests-kmp-preempt-debuginfo-5.3.18-150300.59.167.1 * ocfs2-kmp-preempt-debuginfo-5.3.18-150300.59.167.1 * kernel-preempt-devel-5.3.18-150300.59.167.1 * kernel-preempt-devel-debuginfo-5.3.18-150300.59.167.1 * kernel-preempt-livepatch-devel-5.3.18-150300.59.167.1 * gfs2-kmp-preempt-debuginfo-5.3.18-150300.59.167.1 * kernel-preempt-optional-5.3.18-150300.59.167.1 * kselftests-kmp-preempt-5.3.18-150300.59.167.1 * kernel-preempt-debugsource-5.3.18-150300.59.167.1 * openSUSE Leap 15.3 (aarch64 nosrc x86_64) * kernel-preempt-5.3.18-150300.59.167.1 * openSUSE Leap 15.3 (nosrc s390x) * kernel-zfcpdump-5.3.18-150300.59.167.1 * openSUSE Leap 15.3 (s390x) * kernel-zfcpdump-debuginfo-5.3.18-150300.59.167.1 * kernel-zfcpdump-debugsource-5.3.18-150300.59.167.1 * openSUSE Leap 15.3 (nosrc) * dtb-aarch64-5.3.18-150300.59.167.1 * openSUSE Leap 15.3 (aarch64) * cluster-md-kmp-64kb-debuginfo-5.3.18-150300.59.167.1 * dtb-socionext-5.3.18-150300.59.167.1 * dtb-marvell-5.3.18-150300.59.167.1 * dtb-nvidia-5.3.18-150300.59.167.1 * reiserfs-kmp-64kb-5.3.18-150300.59.167.1 * dlm-kmp-64kb-debuginfo-5.3.18-150300.59.167.1 * dtb-hisilicon-5.3.18-150300.59.167.1 * dlm-kmp-64kb-5.3.18-150300.59.167.1 * kernel-64kb-livepatch-devel-5.3.18-150300.59.167.1 * dtb-altera-5.3.18-150300.59.167.1 * gfs2-kmp-64kb-debuginfo-5.3.18-150300.59.167.1 * dtb-cavium-5.3.18-150300.59.167.1 * kernel-64kb-debugsource-5.3.18-150300.59.167.1 * kselftests-kmp-64kb-debuginfo-5.3.18-150300.59.167.1 * dtb-xilinx-5.3.18-150300.59.167.1 * dtb-exynos-5.3.18-150300.59.167.1 * kernel-64kb-optional-5.3.18-150300.59.167.1 * dtb-apm-5.3.18-150300.59.167.1 * dtb-amlogic-5.3.18-150300.59.167.1 * gfs2-kmp-64kb-5.3.18-150300.59.167.1 * dtb-qcom-5.3.18-150300.59.167.1 * dtb-freescale-5.3.18-150300.59.167.1 * kselftests-kmp-64kb-5.3.18-150300.59.167.1 * dtb-sprd-5.3.18-150300.59.167.1 * dtb-renesas-5.3.18-150300.59.167.1 * kernel-64kb-optional-debuginfo-5.3.18-150300.59.167.1 * dtb-mediatek-5.3.18-150300.59.167.1 * dtb-broadcom-5.3.18-150300.59.167.1 * dtb-rockchip-5.3.18-150300.59.167.1 * ocfs2-kmp-64kb-debuginfo-5.3.18-150300.59.167.1 * cluster-md-kmp-64kb-5.3.18-150300.59.167.1 * dtb-zte-5.3.18-150300.59.167.1 * kernel-64kb-devel-5.3.18-150300.59.167.1 * kernel-64kb-devel-debuginfo-5.3.18-150300.59.167.1 * kernel-64kb-extra-5.3.18-150300.59.167.1 * reiserfs-kmp-64kb-debuginfo-5.3.18-150300.59.167.1 * dtb-arm-5.3.18-150300.59.167.1 * dtb-al-5.3.18-150300.59.167.1 * dtb-lg-5.3.18-150300.59.167.1 * ocfs2-kmp-64kb-5.3.18-150300.59.167.1 * dtb-amd-5.3.18-150300.59.167.1 * dtb-allwinner-5.3.18-150300.59.167.1 * kernel-64kb-extra-debuginfo-5.3.18-150300.59.167.1 * kernel-64kb-debuginfo-5.3.18-150300.59.167.1 * openSUSE Leap 15.3 (aarch64 nosrc) * kernel-64kb-5.3.18-150300.59.167.1 * SUSE Linux Enterprise Live Patching 15-SP3 (nosrc) * kernel-default-5.3.18-150300.59.167.1 * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64) * kernel-default-livepatch-devel-5.3.18-150300.59.167.1 * kernel-default-debugsource-5.3.18-150300.59.167.1 * kernel-livepatch-5_3_18-150300_59_167-default-1-150300.7.3.1 * kernel-default-livepatch-5.3.18-150300.59.167.1 * kernel-default-debuginfo-5.3.18-150300.59.167.1 * SUSE Linux Enterprise High Availability Extension 15 SP3 (aarch64 ppc64le s390x x86_64) * gfs2-kmp-default-debuginfo-5.3.18-150300.59.167.1 * gfs2-kmp-default-5.3.18-150300.59.167.1 * kernel-default-debugsource-5.3.18-150300.59.167.1 * ocfs2-kmp-default-debuginfo-5.3.18-150300.59.167.1 * dlm-kmp-default-5.3.18-150300.59.167.1 * cluster-md-kmp-default-debuginfo-5.3.18-150300.59.167.1 * cluster-md-kmp-default-5.3.18-150300.59.167.1 * dlm-kmp-default-debuginfo-5.3.18-150300.59.167.1 * kernel-default-debuginfo-5.3.18-150300.59.167.1 * ocfs2-kmp-default-5.3.18-150300.59.167.1 * SUSE Linux Enterprise High Availability Extension 15 SP3 (nosrc) * kernel-default-5.3.18-150300.59.167.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 nosrc) * kernel-64kb-5.3.18-150300.59.167.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64) * kernel-64kb-devel-5.3.18-150300.59.167.1 * kernel-64kb-devel-debuginfo-5.3.18-150300.59.167.1 * kernel-64kb-debugsource-5.3.18-150300.59.167.1 * kernel-64kb-debuginfo-5.3.18-150300.59.167.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 nosrc x86_64) * kernel-preempt-5.3.18-150300.59.167.1 * kernel-default-5.3.18-150300.59.167.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * reiserfs-kmp-default-5.3.18-150300.59.167.1 * kernel-preempt-devel-5.3.18-150300.59.167.1 * kernel-default-debugsource-5.3.18-150300.59.167.1 * kernel-preempt-devel-debuginfo-5.3.18-150300.59.167.1 * kernel-default-base-5.3.18-150300.59.167.1.150300.18.98.1 * kernel-default-devel-5.3.18-150300.59.167.1 * kernel-preempt-debuginfo-5.3.18-150300.59.167.1 * kernel-syms-5.3.18-150300.59.167.1 * kernel-obs-build-5.3.18-150300.59.167.1 * kernel-obs-build-debugsource-5.3.18-150300.59.167.1 * kernel-preempt-debugsource-5.3.18-150300.59.167.1 * reiserfs-kmp-default-debuginfo-5.3.18-150300.59.167.1 * kernel-default-devel-debuginfo-5.3.18-150300.59.167.1 * kernel-default-debuginfo-5.3.18-150300.59.167.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * kernel-source-5.3.18-150300.59.167.1 * kernel-macros-5.3.18-150300.59.167.1 * kernel-devel-5.3.18-150300.59.167.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch nosrc) * kernel-docs-5.3.18-150300.59.167.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 nosrc) * kernel-64kb-5.3.18-150300.59.167.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64) * kernel-64kb-devel-5.3.18-150300.59.167.1 * kernel-64kb-devel-debuginfo-5.3.18-150300.59.167.1 * kernel-64kb-debugsource-5.3.18-150300.59.167.1 * kernel-64kb-debuginfo-5.3.18-150300.59.167.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-5.3.18-150300.59.167.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * reiserfs-kmp-default-5.3.18-150300.59.167.1 * kernel-default-debugsource-5.3.18-150300.59.167.1 * kernel-default-base-5.3.18-150300.59.167.1.150300.18.98.1 * kernel-default-devel-5.3.18-150300.59.167.1 * kernel-syms-5.3.18-150300.59.167.1 * kernel-obs-build-5.3.18-150300.59.167.1 * kernel-obs-build-debugsource-5.3.18-150300.59.167.1 * reiserfs-kmp-default-debuginfo-5.3.18-150300.59.167.1 * kernel-default-devel-debuginfo-5.3.18-150300.59.167.1 * kernel-default-debuginfo-5.3.18-150300.59.167.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch) * kernel-source-5.3.18-150300.59.167.1 * kernel-macros-5.3.18-150300.59.167.1 * kernel-devel-5.3.18-150300.59.167.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch nosrc) * kernel-docs-5.3.18-150300.59.167.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 nosrc x86_64) * kernel-preempt-5.3.18-150300.59.167.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 x86_64) * kernel-preempt-debuginfo-5.3.18-150300.59.167.1 * kernel-preempt-devel-5.3.18-150300.59.167.1 * kernel-preempt-debugsource-5.3.18-150300.59.167.1 * kernel-preempt-devel-debuginfo-5.3.18-150300.59.167.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (nosrc s390x) * kernel-zfcpdump-5.3.18-150300.59.167.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (s390x) * kernel-zfcpdump-debuginfo-5.3.18-150300.59.167.1 * kernel-zfcpdump-debugsource-5.3.18-150300.59.167.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (nosrc ppc64le x86_64) * kernel-default-5.3.18-150300.59.167.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * reiserfs-kmp-default-5.3.18-150300.59.167.1 * kernel-default-debugsource-5.3.18-150300.59.167.1 * kernel-default-base-5.3.18-150300.59.167.1.150300.18.98.1 * kernel-default-devel-5.3.18-150300.59.167.1 * kernel-syms-5.3.18-150300.59.167.1 * kernel-obs-build-5.3.18-150300.59.167.1 * kernel-obs-build-debugsource-5.3.18-150300.59.167.1 * reiserfs-kmp-default-debuginfo-5.3.18-150300.59.167.1 * kernel-default-devel-debuginfo-5.3.18-150300.59.167.1 * kernel-default-debuginfo-5.3.18-150300.59.167.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * kernel-source-5.3.18-150300.59.167.1 * kernel-macros-5.3.18-150300.59.167.1 * kernel-devel-5.3.18-150300.59.167.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch nosrc) * kernel-docs-5.3.18-150300.59.167.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (nosrc x86_64) * kernel-preempt-5.3.18-150300.59.167.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (x86_64) * kernel-preempt-debuginfo-5.3.18-150300.59.167.1 * kernel-preempt-devel-5.3.18-150300.59.167.1 * kernel-preempt-debugsource-5.3.18-150300.59.167.1 * kernel-preempt-devel-debuginfo-5.3.18-150300.59.167.1 * SUSE Enterprise Storage 7.1 (aarch64 nosrc) * kernel-64kb-5.3.18-150300.59.167.1 * SUSE Enterprise Storage 7.1 (aarch64) * kernel-64kb-devel-5.3.18-150300.59.167.1 * kernel-64kb-devel-debuginfo-5.3.18-150300.59.167.1 * kernel-64kb-debugsource-5.3.18-150300.59.167.1 * kernel-64kb-debuginfo-5.3.18-150300.59.167.1 * SUSE Enterprise Storage 7.1 (aarch64 nosrc x86_64) * kernel-preempt-5.3.18-150300.59.167.1 * kernel-default-5.3.18-150300.59.167.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * reiserfs-kmp-default-5.3.18-150300.59.167.1 * kernel-preempt-devel-5.3.18-150300.59.167.1 * kernel-default-debugsource-5.3.18-150300.59.167.1 * kernel-preempt-devel-debuginfo-5.3.18-150300.59.167.1 * kernel-default-base-5.3.18-150300.59.167.1.150300.18.98.1 * kernel-default-devel-5.3.18-150300.59.167.1 * kernel-preempt-debuginfo-5.3.18-150300.59.167.1 * kernel-syms-5.3.18-150300.59.167.1 * kernel-obs-build-5.3.18-150300.59.167.1 * kernel-obs-build-debugsource-5.3.18-150300.59.167.1 * kernel-preempt-debugsource-5.3.18-150300.59.167.1 * reiserfs-kmp-default-debuginfo-5.3.18-150300.59.167.1 * kernel-default-devel-debuginfo-5.3.18-150300.59.167.1 * kernel-default-debuginfo-5.3.18-150300.59.167.1 * SUSE Enterprise Storage 7.1 (noarch) * kernel-source-5.3.18-150300.59.167.1 * kernel-macros-5.3.18-150300.59.167.1 * kernel-devel-5.3.18-150300.59.167.1 * SUSE Enterprise Storage 7.1 (noarch nosrc) * kernel-docs-5.3.18-150300.59.167.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 nosrc s390x x86_64) * kernel-default-5.3.18-150300.59.167.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * kernel-default-debuginfo-5.3.18-150300.59.167.1 * kernel-default-debugsource-5.3.18-150300.59.167.1 * kernel-default-base-5.3.18-150300.59.167.1.150300.18.98.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 nosrc s390x x86_64) * kernel-default-5.3.18-150300.59.167.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 x86_64) * kernel-default-base-5.3.18-150300.59.167.1.150300.18.98.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * kernel-default-debuginfo-5.3.18-150300.59.167.1 * kernel-default-debugsource-5.3.18-150300.59.167.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 nosrc s390x x86_64) * kernel-default-5.3.18-150300.59.167.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 x86_64) * kernel-default-base-5.3.18-150300.59.167.1.150300.18.98.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * kernel-default-debuginfo-5.3.18-150300.59.167.1 * kernel-default-debugsource-5.3.18-150300.59.167.1 ## References: * https://www.suse.com/security/cve/CVE-2021-3896.html * https://www.suse.com/security/cve/CVE-2021-43389.html * https://www.suse.com/security/cve/CVE-2021-4439.html * https://www.suse.com/security/cve/CVE-2021-47247.html * https://www.suse.com/security/cve/CVE-2021-47311.html * https://www.suse.com/security/cve/CVE-2021-47328.html * https://www.suse.com/security/cve/CVE-2021-47368.html * https://www.suse.com/security/cve/CVE-2021-47372.html * https://www.suse.com/security/cve/CVE-2021-47379.html * https://www.suse.com/security/cve/CVE-2021-47571.html * https://www.suse.com/security/cve/CVE-2021-47576.html * https://www.suse.com/security/cve/CVE-2021-47583.html * https://www.suse.com/security/cve/CVE-2021-47589.html * https://www.suse.com/security/cve/CVE-2021-47595.html * https://www.suse.com/security/cve/CVE-2021-47596.html * https://www.suse.com/security/cve/CVE-2021-47600.html * https://www.suse.com/security/cve/CVE-2021-47602.html * https://www.suse.com/security/cve/CVE-2021-47609.html * https://www.suse.com/security/cve/CVE-2021-47611.html * https://www.suse.com/security/cve/CVE-2021-47612.html * https://www.suse.com/security/cve/CVE-2021-47617.html * https://www.suse.com/security/cve/CVE-2021-47618.html * https://www.suse.com/security/cve/CVE-2021-47619.html * https://www.suse.com/security/cve/CVE-2021-47620.html * https://www.suse.com/security/cve/CVE-2022-0435.html * https://www.suse.com/security/cve/CVE-2022-22942.html * https://www.suse.com/security/cve/CVE-2022-2938.html * https://www.suse.com/security/cve/CVE-2022-48711.html * https://www.suse.com/security/cve/CVE-2022-48715.html * https://www.suse.com/security/cve/CVE-2022-48717.html * https://www.suse.com/security/cve/CVE-2022-48722.html * https://www.suse.com/security/cve/CVE-2022-48724.html * https://www.suse.com/security/cve/CVE-2022-48726.html * https://www.suse.com/security/cve/CVE-2022-48728.html * https://www.suse.com/security/cve/CVE-2022-48730.html * https://www.suse.com/security/cve/CVE-2022-48732.html * https://www.suse.com/security/cve/CVE-2022-48736.html * https://www.suse.com/security/cve/CVE-2022-48737.html * https://www.suse.com/security/cve/CVE-2022-48738.html * https://www.suse.com/security/cve/CVE-2022-48746.html * https://www.suse.com/security/cve/CVE-2022-48747.html * https://www.suse.com/security/cve/CVE-2022-48748.html * https://www.suse.com/security/cve/CVE-2022-48749.html * https://www.suse.com/security/cve/CVE-2022-48752.html * https://www.suse.com/security/cve/CVE-2022-48754.html * https://www.suse.com/security/cve/CVE-2022-48756.html * https://www.suse.com/security/cve/CVE-2022-48758.html * https://www.suse.com/security/cve/CVE-2022-48759.html * https://www.suse.com/security/cve/CVE-2022-48760.html * https://www.suse.com/security/cve/CVE-2022-48767.html * https://www.suse.com/security/cve/CVE-2022-48768.html * https://www.suse.com/security/cve/CVE-2022-48771.html * https://www.suse.com/security/cve/CVE-2023-24023.html * https://www.suse.com/security/cve/CVE-2023-52707.html * https://www.suse.com/security/cve/CVE-2023-52752.html * https://www.suse.com/security/cve/CVE-2023-52881.html * https://www.suse.com/security/cve/CVE-2024-26822.html * https://www.suse.com/security/cve/CVE-2024-26923.html * https://www.suse.com/security/cve/CVE-2024-35789.html * https://www.suse.com/security/cve/CVE-2024-35861.html * https://www.suse.com/security/cve/CVE-2024-35862.html * https://www.suse.com/security/cve/CVE-2024-35864.html * https://www.suse.com/security/cve/CVE-2024-35878.html * https://www.suse.com/security/cve/CVE-2024-35950.html * https://www.suse.com/security/cve/CVE-2024-36894.html * https://www.suse.com/security/cve/CVE-2024-36904.html * https://www.suse.com/security/cve/CVE-2024-36940.html * https://www.suse.com/security/cve/CVE-2024-36964.html * https://www.suse.com/security/cve/CVE-2024-38541.html * https://www.suse.com/security/cve/CVE-2024-38545.html * https://www.suse.com/security/cve/CVE-2024-38559.html * https://www.suse.com/security/cve/CVE-2024-38560.html * https://bugzilla.suse.com/show_bug.cgi?id=1156395 * https://bugzilla.suse.com/show_bug.cgi?id=1171988 * https://bugzilla.suse.com/show_bug.cgi?id=1176447 * https://bugzilla.suse.com/show_bug.cgi?id=1176774 * https://bugzilla.suse.com/show_bug.cgi?id=1181147 * https://bugzilla.suse.com/show_bug.cgi?id=1191958 * https://bugzilla.suse.com/show_bug.cgi?id=1195065 * https://bugzilla.suse.com/show_bug.cgi?id=1195254 * https://bugzilla.suse.com/show_bug.cgi?id=1195798 * https://bugzilla.suse.com/show_bug.cgi?id=1202623 * https://bugzilla.suse.com/show_bug.cgi?id=1218148 * https://bugzilla.suse.com/show_bug.cgi?id=1219224 * https://bugzilla.suse.com/show_bug.cgi?id=1219633 * https://bugzilla.suse.com/show_bug.cgi?id=1222015 * https://bugzilla.suse.com/show_bug.cgi?id=1223011 * https://bugzilla.suse.com/show_bug.cgi?id=1223384 * https://bugzilla.suse.com/show_bug.cgi?id=1224671 * https://bugzilla.suse.com/show_bug.cgi?id=1224703 * https://bugzilla.suse.com/show_bug.cgi?id=1224749 * https://bugzilla.suse.com/show_bug.cgi?id=1224764 * https://bugzilla.suse.com/show_bug.cgi?id=1224765 * https://bugzilla.suse.com/show_bug.cgi?id=1224766 * https://bugzilla.suse.com/show_bug.cgi?id=1224865 * https://bugzilla.suse.com/show_bug.cgi?id=1225010 * https://bugzilla.suse.com/show_bug.cgi?id=1225047 * https://bugzilla.suse.com/show_bug.cgi?id=1225109 * https://bugzilla.suse.com/show_bug.cgi?id=1225161 * https://bugzilla.suse.com/show_bug.cgi?id=1225184 * https://bugzilla.suse.com/show_bug.cgi?id=1225203 * https://bugzilla.suse.com/show_bug.cgi?id=1225487 * https://bugzilla.suse.com/show_bug.cgi?id=1225518 * https://bugzilla.suse.com/show_bug.cgi?id=1225611 * https://bugzilla.suse.com/show_bug.cgi?id=1225732 * https://bugzilla.suse.com/show_bug.cgi?id=1225749 * https://bugzilla.suse.com/show_bug.cgi?id=1225840 * https://bugzilla.suse.com/show_bug.cgi?id=1225866 * https://bugzilla.suse.com/show_bug.cgi?id=1226226 * https://bugzilla.suse.com/show_bug.cgi?id=1226537 * https://bugzilla.suse.com/show_bug.cgi?id=1226552 * https://bugzilla.suse.com/show_bug.cgi?id=1226554 * https://bugzilla.suse.com/show_bug.cgi?id=1226557 * https://bugzilla.suse.com/show_bug.cgi?id=1226558 * https://bugzilla.suse.com/show_bug.cgi?id=1226562 * https://bugzilla.suse.com/show_bug.cgi?id=1226563 * https://bugzilla.suse.com/show_bug.cgi?id=1226575 * https://bugzilla.suse.com/show_bug.cgi?id=1226583 * https://bugzilla.suse.com/show_bug.cgi?id=1226585 * https://bugzilla.suse.com/show_bug.cgi?id=1226587 * https://bugzilla.suse.com/show_bug.cgi?id=1226595 * https://bugzilla.suse.com/show_bug.cgi?id=1226614 * https://bugzilla.suse.com/show_bug.cgi?id=1226619 * https://bugzilla.suse.com/show_bug.cgi?id=1226621 * https://bugzilla.suse.com/show_bug.cgi?id=1226624 * https://bugzilla.suse.com/show_bug.cgi?id=1226643 * https://bugzilla.suse.com/show_bug.cgi?id=1226644 * https://bugzilla.suse.com/show_bug.cgi?id=1226645 * https://bugzilla.suse.com/show_bug.cgi?id=1226647 * https://bugzilla.suse.com/show_bug.cgi?id=1226650 * https://bugzilla.suse.com/show_bug.cgi?id=1226669 * https://bugzilla.suse.com/show_bug.cgi?id=1226670 * https://bugzilla.suse.com/show_bug.cgi?id=1226672 * https://bugzilla.suse.com/show_bug.cgi?id=1226674 * https://bugzilla.suse.com/show_bug.cgi?id=1226679 * https://bugzilla.suse.com/show_bug.cgi?id=1226686 * https://bugzilla.suse.com/show_bug.cgi?id=1226691 * https://bugzilla.suse.com/show_bug.cgi?id=1226692 * https://bugzilla.suse.com/show_bug.cgi?id=1226698 * https://bugzilla.suse.com/show_bug.cgi?id=1226703 * https://bugzilla.suse.com/show_bug.cgi?id=1226708 * https://bugzilla.suse.com/show_bug.cgi?id=1226709 * https://bugzilla.suse.com/show_bug.cgi?id=1226711 * https://bugzilla.suse.com/show_bug.cgi?id=1226712 * https://bugzilla.suse.com/show_bug.cgi?id=1226713 * https://bugzilla.suse.com/show_bug.cgi?id=1226715 * https://bugzilla.suse.com/show_bug.cgi?id=1226716 * https://bugzilla.suse.com/show_bug.cgi?id=1226720 * https://bugzilla.suse.com/show_bug.cgi?id=1226721 * https://bugzilla.suse.com/show_bug.cgi?id=1226732 * https://bugzilla.suse.com/show_bug.cgi?id=1226758 * https://bugzilla.suse.com/show_bug.cgi?id=1226762 * https://bugzilla.suse.com/show_bug.cgi?id=1226786 * https://bugzilla.suse.com/show_bug.cgi?id=1226962 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jul 9 16:32:29 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 09 Jul 2024 16:32:29 -0000 Subject: SUSE-SU-2024:2361-1: important: Security update for freeradius-server Message-ID: <172054274948.6364.3118792361688606535@smelt2.prg2.suse.org> # Security update for freeradius-server Announcement ID: SUSE-SU-2024:2361-1 Rating: important References: * bsc#1223414 Cross-References: * CVE-2024-3596 CVSS scores: * CVE-2024-3596 ( SUSE ): 7.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for freeradius-server fixes the following issues: * CVE-2024-3596: Fixed chosen-prefix collision attack against MD5 (bsc#1223414). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-2361=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-2361=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-2361=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-2361=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * freeradius-server-devel-3.0.19-3.15.1 * freeradius-server-debuginfo-3.0.19-3.15.1 * freeradius-server-debugsource-3.0.19-3.15.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * freeradius-server-utils-debuginfo-3.0.19-3.15.1 * freeradius-server-debuginfo-3.0.19-3.15.1 * freeradius-server-python-debuginfo-3.0.19-3.15.1 * freeradius-server-postgresql-debuginfo-3.0.19-3.15.1 * freeradius-server-ldap-debuginfo-3.0.19-3.15.1 * freeradius-server-libs-debuginfo-3.0.19-3.15.1 * freeradius-server-krb5-debuginfo-3.0.19-3.15.1 * freeradius-server-libs-3.0.19-3.15.1 * freeradius-server-utils-3.0.19-3.15.1 * freeradius-server-ldap-3.0.19-3.15.1 * freeradius-server-mysql-3.0.19-3.15.1 * freeradius-server-perl-debuginfo-3.0.19-3.15.1 * freeradius-server-krb5-3.0.19-3.15.1 * freeradius-server-3.0.19-3.15.1 * freeradius-server-sqlite-3.0.19-3.15.1 * freeradius-server-postgresql-3.0.19-3.15.1 * freeradius-server-perl-3.0.19-3.15.1 * freeradius-server-doc-3.0.19-3.15.1 * freeradius-server-debugsource-3.0.19-3.15.1 * freeradius-server-python-3.0.19-3.15.1 * freeradius-server-sqlite-debuginfo-3.0.19-3.15.1 * freeradius-server-mysql-debuginfo-3.0.19-3.15.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * freeradius-server-utils-debuginfo-3.0.19-3.15.1 * freeradius-server-debuginfo-3.0.19-3.15.1 * freeradius-server-python-debuginfo-3.0.19-3.15.1 * freeradius-server-postgresql-debuginfo-3.0.19-3.15.1 * freeradius-server-ldap-debuginfo-3.0.19-3.15.1 * freeradius-server-libs-debuginfo-3.0.19-3.15.1 * freeradius-server-krb5-debuginfo-3.0.19-3.15.1 * freeradius-server-libs-3.0.19-3.15.1 * freeradius-server-utils-3.0.19-3.15.1 * freeradius-server-ldap-3.0.19-3.15.1 * freeradius-server-mysql-3.0.19-3.15.1 * freeradius-server-perl-debuginfo-3.0.19-3.15.1 * freeradius-server-krb5-3.0.19-3.15.1 * freeradius-server-3.0.19-3.15.1 * freeradius-server-sqlite-3.0.19-3.15.1 * freeradius-server-postgresql-3.0.19-3.15.1 * freeradius-server-perl-3.0.19-3.15.1 * freeradius-server-doc-3.0.19-3.15.1 * freeradius-server-debugsource-3.0.19-3.15.1 * freeradius-server-python-3.0.19-3.15.1 * freeradius-server-sqlite-debuginfo-3.0.19-3.15.1 * freeradius-server-mysql-debuginfo-3.0.19-3.15.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * freeradius-server-utils-debuginfo-3.0.19-3.15.1 * freeradius-server-debuginfo-3.0.19-3.15.1 * freeradius-server-python-debuginfo-3.0.19-3.15.1 * freeradius-server-postgresql-debuginfo-3.0.19-3.15.1 * freeradius-server-ldap-debuginfo-3.0.19-3.15.1 * freeradius-server-libs-debuginfo-3.0.19-3.15.1 * freeradius-server-krb5-debuginfo-3.0.19-3.15.1 * freeradius-server-libs-3.0.19-3.15.1 * freeradius-server-utils-3.0.19-3.15.1 * freeradius-server-ldap-3.0.19-3.15.1 * freeradius-server-mysql-3.0.19-3.15.1 * freeradius-server-perl-debuginfo-3.0.19-3.15.1 * freeradius-server-krb5-3.0.19-3.15.1 * freeradius-server-3.0.19-3.15.1 * freeradius-server-sqlite-3.0.19-3.15.1 * freeradius-server-postgresql-3.0.19-3.15.1 * freeradius-server-perl-3.0.19-3.15.1 * freeradius-server-doc-3.0.19-3.15.1 * freeradius-server-debugsource-3.0.19-3.15.1 * freeradius-server-python-3.0.19-3.15.1 * freeradius-server-sqlite-debuginfo-3.0.19-3.15.1 * freeradius-server-mysql-debuginfo-3.0.19-3.15.1 ## References: * https://www.suse.com/security/cve/CVE-2024-3596.html * https://bugzilla.suse.com/show_bug.cgi?id=1223414 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jul 9 16:33:03 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 09 Jul 2024 16:33:03 -0000 Subject: SUSE-SU-2024:2360-1: important: Security update for the Linux Kernel Message-ID: <172054278372.6364.5631409568578872669@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2024:2360-1 Rating: important References: * bsc#1119113 * bsc#1171988 * bsc#1191958 * bsc#1195065 * bsc#1195254 * bsc#1195775 * bsc#1204514 * bsc#1216062 * bsc#1217912 * bsc#1218148 * bsc#1219224 * bsc#1221010 * bsc#1221647 * bsc#1221654 * bsc#1221791 * bsc#1221958 * bsc#1222015 * bsc#1222080 * bsc#1222364 * bsc#1222385 * bsc#1222435 * bsc#1222809 * bsc#1222866 * bsc#1222879 * bsc#1222893 * bsc#1223013 * bsc#1223018 * bsc#1223021 * bsc#1223043 * bsc#1223384 * bsc#1223532 * bsc#1223641 * bsc#1224177 * bsc#1224432 * bsc#1224504 * bsc#1224549 * bsc#1224552 * bsc#1224572 * bsc#1224575 * bsc#1224583 * bsc#1224588 * bsc#1224605 * bsc#1224651 * bsc#1224660 * bsc#1224661 * bsc#1224662 * bsc#1224664 * bsc#1224668 * bsc#1224670 * bsc#1224672 * bsc#1224674 * bsc#1224677 * bsc#1224678 * bsc#1224703 * bsc#1224735 * bsc#1224739 * bsc#1224763 * bsc#1224764 * bsc#1224765 * bsc#1224946 * bsc#1224951 * bsc#1224967 * bsc#1224976 * bsc#1224977 * bsc#1224978 * bsc#1224993 * bsc#1224997 * bsc#1225047 * bsc#1225140 * bsc#1225184 * bsc#1225203 * bsc#1225232 * bsc#1225261 * bsc#1225306 * bsc#1225337 * bsc#1225372 * bsc#1225463 * bsc#1225484 * bsc#1225487 * bsc#1225490 * bsc#1225514 * bsc#1225518 * bsc#1225548 * bsc#1225555 * bsc#1225556 * bsc#1225559 * bsc#1225571 * bsc#1225573 * bsc#1225577 * bsc#1225583 * bsc#1225585 * bsc#1225599 * bsc#1225602 * bsc#1225611 * bsc#1225642 * bsc#1225681 * bsc#1225704 * bsc#1225722 * bsc#1225749 * bsc#1225758 * bsc#1225760 * bsc#1225761 * bsc#1225767 * bsc#1225770 * bsc#1225815 * bsc#1225840 * bsc#1225848 * bsc#1225866 * bsc#1225872 * bsc#1225894 * bsc#1225895 * bsc#1225898 * bsc#1226211 * bsc#1226212 * bsc#1226537 * bsc#1226554 * bsc#1226557 * bsc#1226562 * bsc#1226567 * bsc#1226575 * bsc#1226577 * bsc#1226593 * bsc#1226595 * bsc#1226597 * bsc#1226610 * bsc#1226614 * bsc#1226619 * bsc#1226621 * bsc#1226634 * bsc#1226637 * bsc#1226670 * bsc#1226672 * bsc#1226692 * bsc#1226698 * bsc#1226699 * bsc#1226701 * bsc#1226705 * bsc#1226708 * bsc#1226711 * bsc#1226712 * bsc#1226716 * bsc#1226718 * bsc#1226732 * bsc#1226735 * bsc#1226744 * bsc#1226746 * bsc#1226747 * bsc#1226749 * bsc#1226754 * bsc#1226767 * bsc#1226769 * bsc#1226857 * bsc#1226876 * bsc#1226883 * bsc#1226886 * bsc#1226895 * bsc#1226948 * bsc#1226949 * bsc#1226950 * bsc#1226962 * bsc#1226976 * bsc#1226996 * bsc#1227101 Cross-References: * CVE-2020-10135 * CVE-2021-43389 * CVE-2021-4439 * CVE-2021-47103 * CVE-2021-47191 * CVE-2021-47193 * CVE-2021-47267 * CVE-2021-47270 * CVE-2021-47293 * CVE-2021-47294 * CVE-2021-47297 * CVE-2021-47309 * CVE-2021-47328 * CVE-2021-47354 * CVE-2021-47372 * CVE-2021-47379 * CVE-2021-47407 * CVE-2021-47418 * CVE-2021-47434 * CVE-2021-47445 * CVE-2021-47518 * CVE-2021-47544 * CVE-2021-47566 * CVE-2021-47571 * CVE-2021-47576 * CVE-2021-47587 * CVE-2021-47589 * CVE-2021-47600 * CVE-2021-47602 * CVE-2021-47603 * CVE-2021-47609 * CVE-2021-47617 * CVE-2022-0435 * CVE-2022-22942 * CVE-2022-48711 * CVE-2022-48715 * CVE-2022-48722 * CVE-2022-48732 * CVE-2022-48733 * CVE-2022-48740 * CVE-2022-48743 * CVE-2022-48754 * CVE-2022-48756 * CVE-2022-48758 * CVE-2022-48759 * CVE-2022-48760 * CVE-2022-48761 * CVE-2022-48771 * CVE-2022-48772 * CVE-2023-24023 * CVE-2023-52622 * CVE-2023-52675 * CVE-2023-52737 * CVE-2023-52752 * CVE-2023-52754 * CVE-2023-52757 * CVE-2023-52762 * CVE-2023-52764 * CVE-2023-52784 * CVE-2023-52808 * CVE-2023-52809 * CVE-2023-5281 * CVE-2023-52832 * CVE-2023-52834 * CVE-2023-52835 * CVE-2023-52843 * CVE-2023-52845 * CVE-2023-52855 * CVE-2023-52881 * CVE-2024-26633 * CVE-2024-26641 * CVE-2024-26679 * CVE-2024-26687 * CVE-2024-26720 * CVE-2024-26813 * CVE-2024-26845 * CVE-2024-26863 * CVE-2024-26894 * CVE-2024-26923 * CVE-2024-26928 * CVE-2024-26973 * CVE-2024-27399 * CVE-2024-27410 * CVE-2024-35247 * CVE-2024-35807 * CVE-2024-35822 * CVE-2024-35835 * CVE-2024-35862 * CVE-2024-35863 * CVE-2024-35864 * CVE-2024-35865 * CVE-2024-35867 * CVE-2024-35868 * CVE-2024-35870 * CVE-2024-35886 * CVE-2024-35896 * CVE-2024-35922 * CVE-2024-35925 * CVE-2024-35930 * CVE-2024-35950 * CVE-2024-35956 * CVE-2024-35958 * CVE-2024-35960 * CVE-2024-35962 * CVE-2024-35976 * CVE-2024-35979 * CVE-2024-35997 * CVE-2024-35998 * CVE-2024-36016 * CVE-2024-36017 * CVE-2024-36025 * CVE-2024-36479 * CVE-2024-36592 * CVE-2024-36880 * CVE-2024-36894 * CVE-2024-36915 * CVE-2024-36917 * CVE-2024-36919 * CVE-2024-36923 * CVE-2024-36934 * CVE-2024-36938 * CVE-2024-36940 * CVE-2024-36949 * CVE-2024-36950 * CVE-2024-36960 * CVE-2024-36964 * CVE-2024-37021 * CVE-2024-37354 * CVE-2024-38544 * CVE-2024-38545 * CVE-2024-38546 * CVE-2024-38549 * CVE-2024-38552 * CVE-2024-38553 * CVE-2024-38565 * CVE-2024-38567 * CVE-2024-38578 * CVE-2024-38579 * CVE-2024-38580 * CVE-2024-38597 * CVE-2024-38601 * CVE-2024-38608 * CVE-2024-38618 * CVE-2024-38621 * CVE-2024-38627 * CVE-2024-38659 * CVE-2024-38661 * CVE-2024-38780 CVSS scores: * CVE-2020-10135 ( SUSE ): 5.0 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2020-10135 ( NVD ): 5.4 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2021-43389 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-43389 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-4439 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2021-47103 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47191 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47193 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47193 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47267 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47270 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47293 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47294 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47297 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47309 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47328 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47354 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2021-47372 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47379 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47407 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47418 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47434 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47445 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47518 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47518 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47544 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L * CVE-2021-47566 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2021-47571 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47571 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47576 ( SUSE ): 3.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:L * CVE-2021-47587 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47589 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47600 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47602 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47603 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47609 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47617 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-0435 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2022-0435 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-22942 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-22942 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48711 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48715 ( SUSE ): 3.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2022-48722 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48732 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48733 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48740 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48743 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48754 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48756 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48758 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48759 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48760 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48761 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48771 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48772 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-24023 ( SUSE ): 6.8 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2023-24023 ( NVD ): 6.8 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2023-52622 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52675 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52737 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52752 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52752 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52754 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52757 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52762 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52764 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52784 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52808 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52809 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52809 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-5281 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2023-5281 ( NVD ): 6.3 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2023-52832 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52834 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2023-52835 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2023-52843 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52845 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52855 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52881 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:L * CVE-2024-26633 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26641 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-26679 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26687 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26720 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26813 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26845 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26863 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26894 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26928 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26973 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27399 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27410 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35247 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35807 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35822 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-35835 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35862 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35863 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35864 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35865 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35867 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35868 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35870 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35886 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35896 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35922 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35925 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35930 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35950 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35956 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35958 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35960 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35976 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35979 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35997 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35997 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35998 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36016 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36017 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-36025 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L * CVE-2024-36479 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36880 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L * CVE-2024-36894 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36915 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-36917 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36919 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36923 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2024-36934 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:L * CVE-2024-36938 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36938 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36940 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-36949 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36950 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36960 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-36964 ( SUSE ): 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-37021 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-37354 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2024-38544 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38545 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38546 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38549 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38552 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-38553 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38565 ( SUSE ): 5.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-38567 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38578 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2024-38579 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-38580 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38597 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38601 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38608 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L * CVE-2024-38618 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38621 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38627 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38659 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:H * CVE-2024-38661 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38780 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38780 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves 148 vulnerabilities and has 15 security fixes can now be installed. ## Description: The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2021-47103: net: sock: preserve kabi for sock (bsc#1221010). * CVE-2021-47191: Fix out-of-bound read in resp_readcap16() (bsc#1222866). * CVE-2021-47267: usb: fix various gadget panics on 10gbps cabling (bsc#1224993). * CVE-2021-47270: usb: fix various gadgets null ptr deref on 10gbps cabling (bsc#1224997). * CVE-2021-47293: net/sched: act_skbmod: Skip non-Ethernet packets (bsc#1224978). * CVE-2021-47294: netrom: Decrease sock refcount when sock timers expire (bsc#1224977). * CVE-2021-47297: net: fix uninit-value in caif_seqpkt_sendmsg (bsc#1224976). * CVE-2021-47309: net: validate lwtstate->data before returning from skb_tunnel_info() (bsc#1224967). * CVE-2021-47354: drm/sched: Avoid data corruptions (bsc#1225140) * CVE-2021-47372: net: macb: fix use after free on rmmod (bsc#1225184). * CVE-2021-47379: blk-cgroup: fix UAF by grabbing blkcg lock before destroying blkg pd (bsc#1225203). * CVE-2021-47407: KVM: x86: Handle SRCU initialization failure during page track init (bsc#1225306). * CVE-2021-47418: net_sched: fix NULL deref in fifo_set_limit() (bsc#1225337). * CVE-2021-47434: xhci: Fix commad ring abort, write all 64 bits to CRCR register (bsc#1225232). * CVE-2021-47445: drm/msm: Fix null pointer dereference on pointer edp (bsc#1225261) * CVE-2021-47518: nfc: fix potential NULL pointer deref in nfc_genl_dump_ses_done (bsc#1225372). * CVE-2021-47544: tcp: fix page frag corruption on page fault (bsc#1225463). * CVE-2021-47566: Fix clearing user buffer by properly using clear_user() (bsc#1225514). * CVE-2021-47571: staging: rtl8192e: Fix use after free in _rtl92e_pci_disconnect() (bsc#1225518). * CVE-2021-47587: net: systemport: Add global locking for descriptor lifecycle (bsc#1226567). * CVE-2021-47602: mac80211: track only QoS data frames for admission control (bsc#1226554). * CVE-2021-47609: firmware: arm_scpi: Fix string overflow in SCPI genpd driver (bsc#1226562) * CVE-2022-48732: drm/nouveau: fix off by one in BIOS boundary checking (bsc#1226716) * CVE-2022-48733: btrfs: fix use-after-free after failure to create a snapshot (bsc#1226718). * CVE-2022-48740: selinux: fix double free of cond_list on error paths (bsc#1226699). * CVE-2022-48743: net: amd-xgbe: Fix skb data length underflow (bsc#1226705). * CVE-2022-48756: drm/msm/dsi: invalid parameter check in msm_dsi_phy_enable (bsc#1226698) * CVE-2022-48759: rpmsg: char: Fix race between the release of rpmsg_ctrldev and cdev (bsc#1226711). * CVE-2022-48761: usb: xhci-plat: fix crash when suspend if remote wake enable (bsc#1226701). * CVE-2022-48772: media: lgdt3306a: Add a check against null-pointer-def (bsc#1226976). * CVE-2023-52622: ext4: avoid online resizing failures due to oversized flex bg (bsc#1222080). * CVE-2023-52675: powerpc/imc-pmu: Add a null pointer check in update_events_in_group() (bsc#1224504). * CVE-2023-52737: btrfs: lock the inode in shared mode before starting fiemap (bsc#1225484). * CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225487). * CVE-2023-52754: media: imon: fix access to invalid resource for the second interface (bsc#1225490). * CVE-2023-52757: Fixed potential deadlock when releasing mids (bsc#1225548). * CVE-2023-52762: virtio-blk: fix implicit overflow on virtio_max_dma_size (bsc#1225573). * CVE-2023-52764: media: gspca: cpia1: shift-out-of-bounds in set_flicker (bsc#1225571). * CVE-2023-52784: bonding: stop the device in bond_setup_by_slave() (bsc#1224946). * CVE-2023-52832: wifi: mac80211: do not return unset power in ieee80211_get_tx_power() (bsc#1225577). * CVE-2023-52834: atl1c: Work around the DMA RX overflow issue (bsc#1225599). * CVE-2023-52835: perf/core: Bail out early if the request AUX area is out of bound (bsc#1225602). * CVE-2023-52843: llc: verify mac len before reading mac header (bsc#1224951). * CVE-2023-52845: tipc: Change nla_policy for bearer-related names to NLA_NUL_STRING (bsc#1225585). * CVE-2023-52855: usb: dwc2: fix possible NULL pointer dereference caused by driver concurrency (bsc#1225583). * CVE-2023-52881: tcp: do not accept ACK of bytes we never sent (bsc#1225611). * CVE-2024-26633: ip6_tunnel: fix NEXTHDR_FRAGMENT handling in ip6_tnl_parse_tlv_enc_lim() (bsc#1221647). * CVE-2024-26641: ip6_tunnel: make sure to pull inner header in __ip6_tnl_rcv() (bsc#1221654). * CVE-2024-26679: Fixed read sk->sk_family once in inet_recv_error() (bsc#1222385). * CVE-2024-26687: Fixed xen/events close evtchn after mapping cleanup (bsc#1222435). * CVE-2024-26720: mm: Avoid overflows in dirty throttling logic (bsc#1222364). * CVE-2024-26813: vfio/platform: Create persistent IRQ handlers (bsc#1222809). * CVE-2024-26863: hsr: Fix uninit-value access in hsr_get_node() (bsc#1223021). * CVE-2024-26894: ACPI: processor_idle: Fix memory leak in acpi_processor_power_exit() (bsc#1223043). * CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223384). * CVE-2024-26928: Fixed potential UAF in cifs_debug_files_proc_show() (bsc#1223532). * CVE-2024-26973: fat: fix uninitialized field in nostale filehandles (git- fixesbsc#1223641). * CVE-2024-27399: Bluetooth: l2cap: fix null-ptr-deref in l2cap_chan_timeout (bsc#1224177). * CVE-2024-27410: Reject iftype change with mesh ID change (bsc#1224432). * CVE-2024-35247: fpga: region: add owner module and take its refcount (bsc#1226948). * CVE-2024-35807: ext4: fix corruption during on-line resize (bsc#1224735). * CVE-2024-35822: usb: udc: remove warning when queue disabled ep (bsc#1224739). * CVE-2024-35835: net/mlx5e: fix a double-free in arfs_create_groups (bsc#1224605). * CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted() (bsc#1224764). * CVE-2024-35863: Fixed potential UAF in is_valid_oplock_break() (bsc#1224763). * CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break() (bsc#1224765). * CVE-2024-35865: Fixed potential UAF in smb2_is_valid_oplock_break() (bsc#1224668). * CVE-2024-35867: Fixed potential UAF in cifs_stats_proc_show() (bsc#1224664). * CVE-2024-35868: Fixed potential UAF in cifs_stats_proc_write() (bsc#1224678). * CVE-2024-35870: Fixed UAF in smb2_reconnect_server() (bsc#1224672). * CVE-2024-35886: ipv6: Fix infinite recursion in fib6_dump_done() (bsc#1224670). * CVE-2024-35922: fbmon: prevent division by zero in fb_videomode_from_videomode() (bsc#1224660) * CVE-2024-35925: block: prevent division by zero in blk_rq_stat_sum() (bsc#1224661). * CVE-2024-35930: scsi: lpfc: Fix possible memory leak in lpfc_rcv_padisc() (bsc#1224651). * CVE-2024-35950: drm/client: Fully protect modes with dev->mode_config.mutex (bsc#1224703). * CVE-2024-35956: Fixed qgroup prealloc rsv leak in subvolume operations (bsc#1224674) * CVE-2024-35958: net: ena: Fix incorrect descriptor free behavior (bsc#1224677). * CVE-2024-35960: net/mlx5: Properly link new fs rules into the tree (bsc#1224588). * CVE-2024-35976: Validate user input for XDP_{UMEM|COMPLETION}_FILL_RING (bsc#1224575). * CVE-2024-35979: raid1: fix use-after-free for original bio in raid1_write_request() (bsc#1224572). * CVE-2024-35997: Remove I2C_HID_READ_PENDING flag to prevent lock-up (bsc#1224552). * CVE-2024-35998: Fixed lock ordering potential deadlock in cifs_sync_mid_result (bsc#1224549). * CVE-2024-36016: tty: n_gsm: fix possible out-of-bounds in gsm0_receive() (bsc#1225642). * CVE-2024-36017: rtnetlink: Correct nested IFLA_VF_VLAN_LIST attribute validation (bsc#1225681). * CVE-2024-36479: fpga: bridge: add owner module and take its refcount (bsc#1226949). * CVE-2024-36592: scsi: lpfc: Move NPIV's transport unregistration to after resource clean up (bsc#1225898). * CVE-2024-36880: Bluetooth: qca: add missing firmware sanity checks (bsc#1225722). * CVE-2024-36894: usb: gadget: f_fs: Fix race between aio_cancel() and AIO request complete (bsc#1225749). * CVE-2024-36915: nfc: llcp: fix nfc_llcp_setsockopt() unsafe copies (bsc#1225758). * CVE-2024-36917: block: fix overflow in blk_ioctl_discard() (bsc#1225770). * CVE-2024-36919: scsi: bnx2fc: Remove spin_lock_bh while releasing resources after upload (bsc#1225767). * CVE-2024-36923: fs/9p: fix uninitialized values during inode evict (bsc#1225815). * CVE-2024-36934: bna: ensure the copied buf is NUL terminated (bsc#1225760). * CVE-2024-36938: Fixed NULL pointer dereference in sk_psock_skb_ingress_enqueue (bsc#1225761). * CVE-2024-36940: pinctrl: core: delete incorrect free in pinctrl_enable() (bsc#1225840). * CVE-2024-36949: amd/amdkfd: sync all devices to wait all processes being evicted (bsc#1225872) * CVE-2024-36950: firewire: ohci: mask bus reset interrupts between ISR and bottom half (bsc#1225895). * CVE-2024-36960: drm/vmwgfx: Fix invalid reads in fence signaled events (bsc#1225872) * CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000 (bsc#1225866). * CVE-2024-37021: fpga: manager: add owner module and take its refcount (bsc#1226950). * CVE-2024-37354: btrfs: fix crash on racing fsync and size-extending write into prealloc (bsc#1227101). * CVE-2024-38544: RDMA/rxe: Fix seg fault in rxe_comp_queue_pkt (bsc#1226597) * CVE-2024-38545: RDMA/hns: Fix UAF for cq async event (bsc#1226595). * CVE-2024-38546: drm: vc4: Fix possible null pointer dereference (bsc#1226593). * CVE-2024-38549: drm/mediatek: Add 0 size check to mtk_drm_gem_obj (bsc#1226735) * CVE-2024-38552: drm/amd/display: Fix potential index out of bounds in color (bsc#1226767) * CVE-2024-38553: net: fec: remove .ndo_poll_controller to avoid deadlock (bsc#1226744). * CVE-2024-38565: wifi: ar5523: enable proper endpoint verification (bsc#1226747). * CVE-2024-38567: wifi: carl9170: add a proper sanity check for endpoints (bsc#1226769). * CVE-2024-38578: ecryptfs: Fix buffer size for tag 66 packet (bsc#1226634. * CVE-2024-38579: crypto: bcm - Fix pointer arithmetic (bsc#1226637). * CVE-2024-38580: epoll: be better about file lifetimes (bsc#1226610). * CVE-2024-38597: eth: sungem: remove .ndo_poll_controller to avoid deadlocks (bsc#1226749). * CVE-2024-38608: net/mlx5e: Fix netif state handling (bsc#1226746). * CVE-2024-38618: ALSA: timer: Set lower bound of start tick time (bsc#1226754). * CVE-2024-38621: media: stk1160: fix bounds checking in stk1160_copy_video() (bsc#1226895). * CVE-2024-38627: stm class: Fix a double free in stm_register_device() (bsc#1226857). * CVE-2024-38659: enic: Validate length of nl attributes in enic_set_vf_port (bsc#1226883). * CVE-2024-38661: s390/ap: Fix crash in AP internal function modify_bitmap() (bsc#1226996). * CVE-2024-38780: dma-buf/sw-sync: do not enable IRQ from sync_print_obj() (bsc#1226886). The following non-security bugs were fixed: * Btrfs: bail out on error during replay_dir_deletes (git-fixes) * Btrfs: clean up resources during umount after trans is aborted (git-fixes) * Btrfs: fix NULL pointer dereference in log_dir_items (git-fixes) * Btrfs: fix memory and mount leak in btrfs_ioctl_rm_dev_v2() (git-fixes) * Btrfs: fix unexpected EEXIST from btrfs_get_extent (git-fixes) * Btrfs: send, fix issuing write op when processing hole in no data mode (git- fixes) * Fix compilation * KVM: allow KVM_BUG/KVM_BUG_ON to handle 64-bit cond (git-fixes). * NFSv4: Always clear the pNFS layout when handling ESTALE (bsc#1221791). * NFSv4: nfs_set_open_stateid must not trigger state recovery for closed state (bsc#1221791). * PNFS for stateid errors retry against MDS first (bsc#1221791). * RDMA/mlx5: Add check for srq max_sge attribute (git-fixes) * USB: serial: option: add Foxconn T99W265 with new baseline (git-fixes). * USB: serial: option: add Quectel EG912Y module support (git-fixes). * USB: serial: option: add Quectel RM500Q R13 firmware support (git-fixes). * arm64: asm-bug: Add .align 2 to the end of __BUG_ENTRY (git-fixes). * blk-cgroup: Fix NULL deref caused by blkg_policy_data being installed before init (bsc#1216062 bsc#1225203). * blk-cgroup: fix missing pd_online_fn() while activating policy (git-fixes bsc#1225203). * blk-cgroup: support to track if policy is online (bsc#1216062 bsc#1225203). * bpf, scripts: Correct GPL license name (git-fixes). * bsc#1225894: Fix build warning * btrfs: add barriers to btrfs_sync_log before log_commit_wait wakeups (git- fixes) * btrfs: fix crash when trying to resume balance without the resume flag (git- fixes) * btrfs: fix describe_relocation when printing unknown flags (git-fixes) * btrfs: fix false EIO for missing device (git-fixes) * btrfs: tree-check: reduce stack consumption in check_dir_item (git-fixes) * btrfs: use correct compare function of dirty_metadata_bytes (git-fixes) * drm/amdkfd: Rework kfd_locked handling (bsc#1225872) * fix compat handling of FICLONERANGE, FIDEDUPERANGE and FS_IOC_FIEMAP (bsc#1225848). * fs: make fiemap work from compat_ioctl (bsc#1225848). * iommu/amd: Fix sysfs leak in iommu init (git-fixes). * iommu/vt-d: Allocate local memory for page request queue (git-fixes). * ipvs: Fix checksumming on GSO of SCTP packets (bsc#1221958) * kabi: blkcg_policy_data fix KABI (bsc#1216062 bsc#1225203). * mkspec-dtb: add toplevel symlinks also on arm * net: hsr: fix placement of logical operator in a multi-line statement (bsc#1223021). * net: usb: rtl8150 fix unintiatilzed variables in rtl8150_get_link_ksettings (git-fixes). * net: usb: smsc95xx: fix changing LED_SEL bit value updated from EEPROM (git- fixes). * nfsd: optimise recalculate_deny_mode() for a common case (bsc#1217912). * nvmet: fix ns enable/disable possible hang (git-fixes). * ocfs2: adjust enabling place for la window (bsc#1219224). * ocfs2: fix sparse warnings (bsc#1219224). * ocfs2: improve write IO performance when fragmentation is high (bsc#1219224). * ocfs2: speed up chain-list searching (bsc#1219224). * rpm/kernel-obs-build.spec.in: Add iso9660 (bsc#1226212) Some builds do not just create an iso9660 image, but also mount it during build. * rpm/kernel-obs-build.spec.in: Add networking modules for docker (bsc#1226211) docker needs more networking modules, even legacy iptable_nat and _filter. * rpm/kernel-obs-build.spec.in: Include algif_hash, aegis128 and xts modules afgif_hash is needed by some packages (e.g. iwd) for tests, xts is used for LUKS2 volumes by default and aegis128 is useful as AEAD cipher for LUKS2. Wrap the long line to make it readable. * rpm/mkspec-dtb: dtbs have moved to vendor sub-directories in 6.5 By commit 724ba6751532 ("ARM: dts: Move .dts files to vendor sub-directories"). So switch to them. * scsi: 3w-xxxx: Add error handling for initialization failure in tw_probe() (git-fixes). * scsi: 53c700: Check that command slot is not NULL (git-fixes). * scsi: be2iscsi: Add length check when parsing nlattrs (git-fixes). * scsi: be2iscsi: Fix a memleak in beiscsi_init_wrb_handle() (git-fixes). * scsi: bfa: Fix function pointer type mismatch for hcb_qe->cbfn (git-fixes). * scsi: bnx2fc: Fix skb double free in bnx2fc_rcv() (git-fixes). * scsi: core: Decrease scsi_device's iorequest_cnt if dispatch failed (git- fixes). * scsi: core: Fix legacy /proc parsing buffer overflow (git-fixes). * scsi: core: Fix possible memory leak if device_add() fails (git-fixes). * scsi: csiostor: Avoid function pointer casts (git-fixes). * scsi: isci: Fix an error code problem in isci_io_request_build() (git- fixes). * scsi: iscsi: Add length check for nlattr payload (git-fixes). * scsi: iscsi: Add strlen() check in iscsi_if_set{_host}_param() (git-fixes). * scsi: iscsi_tcp: restrict to TCP sockets (git-fixes). * scsi: libfc: Fix potential NULL pointer dereference in fc_lport_ptp_setup() (git-fixes). * scsi: libsas: Add a helper sas_get_sas_addr_and_dev_type() (git-fixes). * scsi: libsas: Fix disk not being scanned in after being removed (git-fixes). * scsi: libsas: Introduce struct smp_disc_resp (git-fixes). * scsi: lpfc: Correct size for wqe for memset() (git-fixes). * scsi: lpfc: Fix double free in lpfc_cmpl_els_logo_acc() caused by lpfc_nlp_not_used() (git-fixes). * scsi: lpfc: Fix the NULL vs IS_ERR() bug for debugfs_create_file() (git- fixes). * scsi: megaraid_sas: Increase register read retry rount from 3 to 30 for selected registers (git-fixes). * scsi: mpt3sas: Fix in error path (git-fixes). * scsi: mpt3sas: Fix loop logic (git-fixes). * scsi: mpt3sas: Perform additional retries if doorbell read returns 0 (git- fixes). * scsi: qedf: Do not touch __user pointer in qedf_dbg_debug_cmd_read() directly (git-fixes). * scsi: qedf: Do not touch __user pointer in qedf_dbg_fp_int_cmd_read() directly (git-fixes). * scsi: qedf: Do not touch __user pointer in qedf_dbg_stop_io_on_error_cmd_read() directly (git-fixes). * scsi: qedf: Fix NULL dereference in error handling (git-fixes). * scsi: qedf: Fix firmware halt over suspend and resume (git-fixes). * scsi: qedi: Fix firmware halt over suspend and resume (git-fixes). * scsi: qedi: Fix potential deadlock on &qedi_percpu->p_work_lock (git-fixes). * scsi: qla2xxx: Fix off by one in qla_edif_app_getstats() (git-fixes). * scsi: qla4xxx: Add length check when parsing nlattrs (git-fixes). * scsi: snic: Fix double free in snic_tgt_create() (git-fixes). * scsi: snic: Fix possible memory leak if device_add() fails (git-fixes). * scsi: stex: Fix gcc 13 warnings (git-fixes). * scsi: target: core: Add TMF to tmr_list handling (bsc#1223018). * usb: port: Do not try to peer unused USB ports based on location (git- fixes). * usb: typec: tcpm: Skip hard reset when in error recovery (git-fixes). * x86/tsc: Trust initial offset in architectural TSC-adjust MSRs (bsc#1222015 bsc#1226962). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-2360=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-2360=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-2360=1 ## Package List: * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (nosrc x86_64) * kernel-azure-4.12.14-16.191.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (x86_64) * kernel-azure-base-4.12.14-16.191.1 * kernel-azure-debuginfo-4.12.14-16.191.1 * kernel-azure-devel-4.12.14-16.191.1 * kernel-azure-base-debuginfo-4.12.14-16.191.1 * kernel-syms-azure-4.12.14-16.191.1 * kernel-azure-debugsource-4.12.14-16.191.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (noarch) * kernel-devel-azure-4.12.14-16.191.1 * kernel-source-azure-4.12.14-16.191.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (nosrc x86_64) * kernel-azure-4.12.14-16.191.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (x86_64) * kernel-azure-base-4.12.14-16.191.1 * kernel-azure-debuginfo-4.12.14-16.191.1 * kernel-azure-devel-4.12.14-16.191.1 * kernel-azure-base-debuginfo-4.12.14-16.191.1 * kernel-syms-azure-4.12.14-16.191.1 * kernel-azure-debugsource-4.12.14-16.191.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (noarch) * kernel-devel-azure-4.12.14-16.191.1 * kernel-source-azure-4.12.14-16.191.1 * SUSE Linux Enterprise Server 12 SP5 (nosrc x86_64) * kernel-azure-4.12.14-16.191.1 * SUSE Linux Enterprise Server 12 SP5 (x86_64) * kernel-azure-base-4.12.14-16.191.1 * kernel-azure-debuginfo-4.12.14-16.191.1 * kernel-azure-devel-4.12.14-16.191.1 * kernel-azure-base-debuginfo-4.12.14-16.191.1 * kernel-syms-azure-4.12.14-16.191.1 * kernel-azure-debugsource-4.12.14-16.191.1 * SUSE Linux Enterprise Server 12 SP5 (noarch) * kernel-devel-azure-4.12.14-16.191.1 * kernel-source-azure-4.12.14-16.191.1 ## References: * https://www.suse.com/security/cve/CVE-2020-10135.html * https://www.suse.com/security/cve/CVE-2021-43389.html * https://www.suse.com/security/cve/CVE-2021-4439.html * https://www.suse.com/security/cve/CVE-2021-47103.html * https://www.suse.com/security/cve/CVE-2021-47191.html * https://www.suse.com/security/cve/CVE-2021-47193.html * https://www.suse.com/security/cve/CVE-2021-47267.html * https://www.suse.com/security/cve/CVE-2021-47270.html * https://www.suse.com/security/cve/CVE-2021-47293.html * https://www.suse.com/security/cve/CVE-2021-47294.html * https://www.suse.com/security/cve/CVE-2021-47297.html * https://www.suse.com/security/cve/CVE-2021-47309.html * https://www.suse.com/security/cve/CVE-2021-47328.html * https://www.suse.com/security/cve/CVE-2021-47354.html * https://www.suse.com/security/cve/CVE-2021-47372.html * https://www.suse.com/security/cve/CVE-2021-47379.html * https://www.suse.com/security/cve/CVE-2021-47407.html * https://www.suse.com/security/cve/CVE-2021-47418.html * https://www.suse.com/security/cve/CVE-2021-47434.html * https://www.suse.com/security/cve/CVE-2021-47445.html * https://www.suse.com/security/cve/CVE-2021-47518.html * https://www.suse.com/security/cve/CVE-2021-47544.html * https://www.suse.com/security/cve/CVE-2021-47566.html * https://www.suse.com/security/cve/CVE-2021-47571.html * https://www.suse.com/security/cve/CVE-2021-47576.html * https://www.suse.com/security/cve/CVE-2021-47587.html * https://www.suse.com/security/cve/CVE-2021-47589.html * https://www.suse.com/security/cve/CVE-2021-47600.html * https://www.suse.com/security/cve/CVE-2021-47602.html * https://www.suse.com/security/cve/CVE-2021-47603.html * https://www.suse.com/security/cve/CVE-2021-47609.html * https://www.suse.com/security/cve/CVE-2021-47617.html * https://www.suse.com/security/cve/CVE-2022-0435.html * https://www.suse.com/security/cve/CVE-2022-22942.html * https://www.suse.com/security/cve/CVE-2022-48711.html * https://www.suse.com/security/cve/CVE-2022-48715.html * https://www.suse.com/security/cve/CVE-2022-48722.html * https://www.suse.com/security/cve/CVE-2022-48732.html * https://www.suse.com/security/cve/CVE-2022-48733.html * https://www.suse.com/security/cve/CVE-2022-48740.html * https://www.suse.com/security/cve/CVE-2022-48743.html * https://www.suse.com/security/cve/CVE-2022-48754.html * https://www.suse.com/security/cve/CVE-2022-48756.html * https://www.suse.com/security/cve/CVE-2022-48758.html * https://www.suse.com/security/cve/CVE-2022-48759.html * https://www.suse.com/security/cve/CVE-2022-48760.html * https://www.suse.com/security/cve/CVE-2022-48761.html * https://www.suse.com/security/cve/CVE-2022-48771.html * https://www.suse.com/security/cve/CVE-2022-48772.html * https://www.suse.com/security/cve/CVE-2023-24023.html * https://www.suse.com/security/cve/CVE-2023-52622.html * https://www.suse.com/security/cve/CVE-2023-52675.html * https://www.suse.com/security/cve/CVE-2023-52737.html * https://www.suse.com/security/cve/CVE-2023-52752.html * https://www.suse.com/security/cve/CVE-2023-52754.html * https://www.suse.com/security/cve/CVE-2023-52757.html * https://www.suse.com/security/cve/CVE-2023-52762.html * https://www.suse.com/security/cve/CVE-2023-52764.html * https://www.suse.com/security/cve/CVE-2023-52784.html * https://www.suse.com/security/cve/CVE-2023-52808.html * https://www.suse.com/security/cve/CVE-2023-52809.html * https://www.suse.com/security/cve/CVE-2023-5281.html * https://www.suse.com/security/cve/CVE-2023-52832.html * https://www.suse.com/security/cve/CVE-2023-52834.html * https://www.suse.com/security/cve/CVE-2023-52835.html * https://www.suse.com/security/cve/CVE-2023-52843.html * https://www.suse.com/security/cve/CVE-2023-52845.html * https://www.suse.com/security/cve/CVE-2023-52855.html * https://www.suse.com/security/cve/CVE-2023-52881.html * https://www.suse.com/security/cve/CVE-2024-26633.html * https://www.suse.com/security/cve/CVE-2024-26641.html * https://www.suse.com/security/cve/CVE-2024-26679.html * https://www.suse.com/security/cve/CVE-2024-26687.html * https://www.suse.com/security/cve/CVE-2024-26720.html * https://www.suse.com/security/cve/CVE-2024-26813.html * https://www.suse.com/security/cve/CVE-2024-26845.html * https://www.suse.com/security/cve/CVE-2024-26863.html * https://www.suse.com/security/cve/CVE-2024-26894.html * https://www.suse.com/security/cve/CVE-2024-26923.html * https://www.suse.com/security/cve/CVE-2024-26928.html * https://www.suse.com/security/cve/CVE-2024-26973.html * https://www.suse.com/security/cve/CVE-2024-27399.html * https://www.suse.com/security/cve/CVE-2024-27410.html * https://www.suse.com/security/cve/CVE-2024-35247.html * https://www.suse.com/security/cve/CVE-2024-35807.html * https://www.suse.com/security/cve/CVE-2024-35822.html * https://www.suse.com/security/cve/CVE-2024-35835.html * https://www.suse.com/security/cve/CVE-2024-35862.html * https://www.suse.com/security/cve/CVE-2024-35863.html * https://www.suse.com/security/cve/CVE-2024-35864.html * https://www.suse.com/security/cve/CVE-2024-35865.html * https://www.suse.com/security/cve/CVE-2024-35867.html * https://www.suse.com/security/cve/CVE-2024-35868.html * https://www.suse.com/security/cve/CVE-2024-35870.html * https://www.suse.com/security/cve/CVE-2024-35886.html * https://www.suse.com/security/cve/CVE-2024-35896.html * https://www.suse.com/security/cve/CVE-2024-35922.html * https://www.suse.com/security/cve/CVE-2024-35925.html * https://www.suse.com/security/cve/CVE-2024-35930.html * https://www.suse.com/security/cve/CVE-2024-35950.html * https://www.suse.com/security/cve/CVE-2024-35956.html * https://www.suse.com/security/cve/CVE-2024-35958.html * https://www.suse.com/security/cve/CVE-2024-35960.html * https://www.suse.com/security/cve/CVE-2024-35962.html * https://www.suse.com/security/cve/CVE-2024-35976.html * https://www.suse.com/security/cve/CVE-2024-35979.html * https://www.suse.com/security/cve/CVE-2024-35997.html * https://www.suse.com/security/cve/CVE-2024-35998.html * https://www.suse.com/security/cve/CVE-2024-36016.html * https://www.suse.com/security/cve/CVE-2024-36017.html * https://www.suse.com/security/cve/CVE-2024-36025.html * https://www.suse.com/security/cve/CVE-2024-36479.html * https://www.suse.com/security/cve/CVE-2024-36592.html * https://www.suse.com/security/cve/CVE-2024-36880.html * https://www.suse.com/security/cve/CVE-2024-36894.html * https://www.suse.com/security/cve/CVE-2024-36915.html * https://www.suse.com/security/cve/CVE-2024-36917.html * https://www.suse.com/security/cve/CVE-2024-36919.html * https://www.suse.com/security/cve/CVE-2024-36923.html * https://www.suse.com/security/cve/CVE-2024-36934.html * https://www.suse.com/security/cve/CVE-2024-36938.html * https://www.suse.com/security/cve/CVE-2024-36940.html * https://www.suse.com/security/cve/CVE-2024-36949.html * https://www.suse.com/security/cve/CVE-2024-36950.html * https://www.suse.com/security/cve/CVE-2024-36960.html * https://www.suse.com/security/cve/CVE-2024-36964.html * https://www.suse.com/security/cve/CVE-2024-37021.html * https://www.suse.com/security/cve/CVE-2024-37354.html * https://www.suse.com/security/cve/CVE-2024-38544.html * https://www.suse.com/security/cve/CVE-2024-38545.html * https://www.suse.com/security/cve/CVE-2024-38546.html * https://www.suse.com/security/cve/CVE-2024-38549.html * https://www.suse.com/security/cve/CVE-2024-38552.html * https://www.suse.com/security/cve/CVE-2024-38553.html * https://www.suse.com/security/cve/CVE-2024-38565.html * https://www.suse.com/security/cve/CVE-2024-38567.html * https://www.suse.com/security/cve/CVE-2024-38578.html * https://www.suse.com/security/cve/CVE-2024-38579.html * https://www.suse.com/security/cve/CVE-2024-38580.html * https://www.suse.com/security/cve/CVE-2024-38597.html * https://www.suse.com/security/cve/CVE-2024-38601.html * https://www.suse.com/security/cve/CVE-2024-38608.html * https://www.suse.com/security/cve/CVE-2024-38618.html * https://www.suse.com/security/cve/CVE-2024-38621.html * https://www.suse.com/security/cve/CVE-2024-38627.html * https://www.suse.com/security/cve/CVE-2024-38659.html * https://www.suse.com/security/cve/CVE-2024-38661.html * https://www.suse.com/security/cve/CVE-2024-38780.html * https://bugzilla.suse.com/show_bug.cgi?id=1119113 * https://bugzilla.suse.com/show_bug.cgi?id=1171988 * https://bugzilla.suse.com/show_bug.cgi?id=1191958 * https://bugzilla.suse.com/show_bug.cgi?id=1195065 * https://bugzilla.suse.com/show_bug.cgi?id=1195254 * https://bugzilla.suse.com/show_bug.cgi?id=1195775 * https://bugzilla.suse.com/show_bug.cgi?id=1204514 * https://bugzilla.suse.com/show_bug.cgi?id=1216062 * https://bugzilla.suse.com/show_bug.cgi?id=1217912 * https://bugzilla.suse.com/show_bug.cgi?id=1218148 * https://bugzilla.suse.com/show_bug.cgi?id=1219224 * https://bugzilla.suse.com/show_bug.cgi?id=1221010 * https://bugzilla.suse.com/show_bug.cgi?id=1221647 * https://bugzilla.suse.com/show_bug.cgi?id=1221654 * https://bugzilla.suse.com/show_bug.cgi?id=1221791 * https://bugzilla.suse.com/show_bug.cgi?id=1221958 * https://bugzilla.suse.com/show_bug.cgi?id=1222015 * https://bugzilla.suse.com/show_bug.cgi?id=1222080 * https://bugzilla.suse.com/show_bug.cgi?id=1222364 * https://bugzilla.suse.com/show_bug.cgi?id=1222385 * https://bugzilla.suse.com/show_bug.cgi?id=1222435 * https://bugzilla.suse.com/show_bug.cgi?id=1222809 * https://bugzilla.suse.com/show_bug.cgi?id=1222866 * https://bugzilla.suse.com/show_bug.cgi?id=1222879 * https://bugzilla.suse.com/show_bug.cgi?id=1222893 * https://bugzilla.suse.com/show_bug.cgi?id=1223013 * https://bugzilla.suse.com/show_bug.cgi?id=1223018 * https://bugzilla.suse.com/show_bug.cgi?id=1223021 * https://bugzilla.suse.com/show_bug.cgi?id=1223043 * https://bugzilla.suse.com/show_bug.cgi?id=1223384 * https://bugzilla.suse.com/show_bug.cgi?id=1223532 * https://bugzilla.suse.com/show_bug.cgi?id=1223641 * https://bugzilla.suse.com/show_bug.cgi?id=1224177 * https://bugzilla.suse.com/show_bug.cgi?id=1224432 * https://bugzilla.suse.com/show_bug.cgi?id=1224504 * https://bugzilla.suse.com/show_bug.cgi?id=1224549 * https://bugzilla.suse.com/show_bug.cgi?id=1224552 * https://bugzilla.suse.com/show_bug.cgi?id=1224572 * https://bugzilla.suse.com/show_bug.cgi?id=1224575 * https://bugzilla.suse.com/show_bug.cgi?id=1224583 * https://bugzilla.suse.com/show_bug.cgi?id=1224588 * https://bugzilla.suse.com/show_bug.cgi?id=1224605 * https://bugzilla.suse.com/show_bug.cgi?id=1224651 * https://bugzilla.suse.com/show_bug.cgi?id=1224660 * https://bugzilla.suse.com/show_bug.cgi?id=1224661 * https://bugzilla.suse.com/show_bug.cgi?id=1224662 * https://bugzilla.suse.com/show_bug.cgi?id=1224664 * https://bugzilla.suse.com/show_bug.cgi?id=1224668 * https://bugzilla.suse.com/show_bug.cgi?id=1224670 * https://bugzilla.suse.com/show_bug.cgi?id=1224672 * https://bugzilla.suse.com/show_bug.cgi?id=1224674 * https://bugzilla.suse.com/show_bug.cgi?id=1224677 * https://bugzilla.suse.com/show_bug.cgi?id=1224678 * https://bugzilla.suse.com/show_bug.cgi?id=1224703 * https://bugzilla.suse.com/show_bug.cgi?id=1224735 * https://bugzilla.suse.com/show_bug.cgi?id=1224739 * https://bugzilla.suse.com/show_bug.cgi?id=1224763 * https://bugzilla.suse.com/show_bug.cgi?id=1224764 * https://bugzilla.suse.com/show_bug.cgi?id=1224765 * https://bugzilla.suse.com/show_bug.cgi?id=1224946 * https://bugzilla.suse.com/show_bug.cgi?id=1224951 * https://bugzilla.suse.com/show_bug.cgi?id=1224967 * https://bugzilla.suse.com/show_bug.cgi?id=1224976 * https://bugzilla.suse.com/show_bug.cgi?id=1224977 * https://bugzilla.suse.com/show_bug.cgi?id=1224978 * https://bugzilla.suse.com/show_bug.cgi?id=1224993 * https://bugzilla.suse.com/show_bug.cgi?id=1224997 * https://bugzilla.suse.com/show_bug.cgi?id=1225047 * https://bugzilla.suse.com/show_bug.cgi?id=1225140 * https://bugzilla.suse.com/show_bug.cgi?id=1225184 * https://bugzilla.suse.com/show_bug.cgi?id=1225203 * https://bugzilla.suse.com/show_bug.cgi?id=1225232 * https://bugzilla.suse.com/show_bug.cgi?id=1225261 * https://bugzilla.suse.com/show_bug.cgi?id=1225306 * https://bugzilla.suse.com/show_bug.cgi?id=1225337 * https://bugzilla.suse.com/show_bug.cgi?id=1225372 * https://bugzilla.suse.com/show_bug.cgi?id=1225463 * https://bugzilla.suse.com/show_bug.cgi?id=1225484 * https://bugzilla.suse.com/show_bug.cgi?id=1225487 * https://bugzilla.suse.com/show_bug.cgi?id=1225490 * https://bugzilla.suse.com/show_bug.cgi?id=1225514 * https://bugzilla.suse.com/show_bug.cgi?id=1225518 * https://bugzilla.suse.com/show_bug.cgi?id=1225548 * https://bugzilla.suse.com/show_bug.cgi?id=1225555 * https://bugzilla.suse.com/show_bug.cgi?id=1225556 * https://bugzilla.suse.com/show_bug.cgi?id=1225559 * https://bugzilla.suse.com/show_bug.cgi?id=1225571 * https://bugzilla.suse.com/show_bug.cgi?id=1225573 * https://bugzilla.suse.com/show_bug.cgi?id=1225577 * https://bugzilla.suse.com/show_bug.cgi?id=1225583 * https://bugzilla.suse.com/show_bug.cgi?id=1225585 * https://bugzilla.suse.com/show_bug.cgi?id=1225599 * https://bugzilla.suse.com/show_bug.cgi?id=1225602 * https://bugzilla.suse.com/show_bug.cgi?id=1225611 * https://bugzilla.suse.com/show_bug.cgi?id=1225642 * https://bugzilla.suse.com/show_bug.cgi?id=1225681 * https://bugzilla.suse.com/show_bug.cgi?id=1225704 * https://bugzilla.suse.com/show_bug.cgi?id=1225722 * https://bugzilla.suse.com/show_bug.cgi?id=1225749 * https://bugzilla.suse.com/show_bug.cgi?id=1225758 * https://bugzilla.suse.com/show_bug.cgi?id=1225760 * https://bugzilla.suse.com/show_bug.cgi?id=1225761 * https://bugzilla.suse.com/show_bug.cgi?id=1225767 * https://bugzilla.suse.com/show_bug.cgi?id=1225770 * https://bugzilla.suse.com/show_bug.cgi?id=1225815 * https://bugzilla.suse.com/show_bug.cgi?id=1225840 * https://bugzilla.suse.com/show_bug.cgi?id=1225848 * https://bugzilla.suse.com/show_bug.cgi?id=1225866 * https://bugzilla.suse.com/show_bug.cgi?id=1225872 * https://bugzilla.suse.com/show_bug.cgi?id=1225894 * https://bugzilla.suse.com/show_bug.cgi?id=1225895 * https://bugzilla.suse.com/show_bug.cgi?id=1225898 * https://bugzilla.suse.com/show_bug.cgi?id=1226211 * https://bugzilla.suse.com/show_bug.cgi?id=1226212 * https://bugzilla.suse.com/show_bug.cgi?id=1226537 * https://bugzilla.suse.com/show_bug.cgi?id=1226554 * https://bugzilla.suse.com/show_bug.cgi?id=1226557 * https://bugzilla.suse.com/show_bug.cgi?id=1226562 * https://bugzilla.suse.com/show_bug.cgi?id=1226567 * https://bugzilla.suse.com/show_bug.cgi?id=1226575 * https://bugzilla.suse.com/show_bug.cgi?id=1226577 * https://bugzilla.suse.com/show_bug.cgi?id=1226593 * https://bugzilla.suse.com/show_bug.cgi?id=1226595 * https://bugzilla.suse.com/show_bug.cgi?id=1226597 * https://bugzilla.suse.com/show_bug.cgi?id=1226610 * https://bugzilla.suse.com/show_bug.cgi?id=1226614 * https://bugzilla.suse.com/show_bug.cgi?id=1226619 * https://bugzilla.suse.com/show_bug.cgi?id=1226621 * https://bugzilla.suse.com/show_bug.cgi?id=1226634 * https://bugzilla.suse.com/show_bug.cgi?id=1226637 * https://bugzilla.suse.com/show_bug.cgi?id=1226670 * https://bugzilla.suse.com/show_bug.cgi?id=1226672 * https://bugzilla.suse.com/show_bug.cgi?id=1226692 * https://bugzilla.suse.com/show_bug.cgi?id=1226698 * https://bugzilla.suse.com/show_bug.cgi?id=1226699 * https://bugzilla.suse.com/show_bug.cgi?id=1226701 * https://bugzilla.suse.com/show_bug.cgi?id=1226705 * https://bugzilla.suse.com/show_bug.cgi?id=1226708 * https://bugzilla.suse.com/show_bug.cgi?id=1226711 * https://bugzilla.suse.com/show_bug.cgi?id=1226712 * https://bugzilla.suse.com/show_bug.cgi?id=1226716 * https://bugzilla.suse.com/show_bug.cgi?id=1226718 * https://bugzilla.suse.com/show_bug.cgi?id=1226732 * https://bugzilla.suse.com/show_bug.cgi?id=1226735 * https://bugzilla.suse.com/show_bug.cgi?id=1226744 * https://bugzilla.suse.com/show_bug.cgi?id=1226746 * https://bugzilla.suse.com/show_bug.cgi?id=1226747 * https://bugzilla.suse.com/show_bug.cgi?id=1226749 * https://bugzilla.suse.com/show_bug.cgi?id=1226754 * https://bugzilla.suse.com/show_bug.cgi?id=1226767 * https://bugzilla.suse.com/show_bug.cgi?id=1226769 * https://bugzilla.suse.com/show_bug.cgi?id=1226857 * https://bugzilla.suse.com/show_bug.cgi?id=1226876 * https://bugzilla.suse.com/show_bug.cgi?id=1226883 * https://bugzilla.suse.com/show_bug.cgi?id=1226886 * https://bugzilla.suse.com/show_bug.cgi?id=1226895 * https://bugzilla.suse.com/show_bug.cgi?id=1226948 * https://bugzilla.suse.com/show_bug.cgi?id=1226949 * https://bugzilla.suse.com/show_bug.cgi?id=1226950 * https://bugzilla.suse.com/show_bug.cgi?id=1226962 * https://bugzilla.suse.com/show_bug.cgi?id=1226976 * https://bugzilla.suse.com/show_bug.cgi?id=1226996 * https://bugzilla.suse.com/show_bug.cgi?id=1227101 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jul 9 16:33:05 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 09 Jul 2024 16:33:05 -0000 Subject: SUSE-SU-2024:2359-1: important: Security update for freeradius-server Message-ID: <172054278538.6364.2134945615422864769@smelt2.prg2.suse.org> # Security update for freeradius-server Announcement ID: SUSE-SU-2024:2359-1 Rating: important References: * bsc#1223414 Cross-References: * CVE-2024-3596 CVSS scores: * CVE-2024-3596 ( SUSE ): 7.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N Affected Products: * openSUSE Leap 15.6 * Server Applications Module 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for freeradius-server fixes the following issues: * CVE-2024-3596: Fixed chosen-prefix collision attack against MD5 (bsc#1223414). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-2359=1 openSUSE-SLE-15.6-2024-2359=1 * Server Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2024-2359=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * freeradius-server-libs-3.2.4-150600.3.3.2 * freeradius-server-debuginfo-3.2.4-150600.3.3.2 * freeradius-server-sqlite-3.2.4-150600.3.3.2 * freeradius-server-devel-3.2.4-150600.3.3.2 * freeradius-server-debugsource-3.2.4-150600.3.3.2 * freeradius-server-postgresql-debuginfo-3.2.4-150600.3.3.2 * freeradius-server-postgresql-3.2.4-150600.3.3.2 * freeradius-server-utils-debuginfo-3.2.4-150600.3.3.2 * freeradius-server-utils-3.2.4-150600.3.3.2 * freeradius-server-mysql-debuginfo-3.2.4-150600.3.3.2 * freeradius-server-perl-debuginfo-3.2.4-150600.3.3.2 * freeradius-server-doc-3.2.4-150600.3.3.2 * freeradius-server-sqlite-debuginfo-3.2.4-150600.3.3.2 * freeradius-server-ldap-schemas-3.2.4-150600.3.3.2 * freeradius-server-perl-3.2.4-150600.3.3.2 * freeradius-server-krb5-3.2.4-150600.3.3.2 * freeradius-server-ldap-3.2.4-150600.3.3.2 * freeradius-server-libs-debuginfo-3.2.4-150600.3.3.2 * freeradius-server-ldap-debuginfo-3.2.4-150600.3.3.2 * freeradius-server-krb5-debuginfo-3.2.4-150600.3.3.2 * freeradius-server-mysql-3.2.4-150600.3.3.2 * freeradius-server-python3-debuginfo-3.2.4-150600.3.3.2 * freeradius-server-3.2.4-150600.3.3.2 * freeradius-server-python3-3.2.4-150600.3.3.2 * Server Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * freeradius-server-libs-3.2.4-150600.3.3.2 * freeradius-server-debuginfo-3.2.4-150600.3.3.2 * freeradius-server-sqlite-3.2.4-150600.3.3.2 * freeradius-server-devel-3.2.4-150600.3.3.2 * freeradius-server-debugsource-3.2.4-150600.3.3.2 * freeradius-server-postgresql-debuginfo-3.2.4-150600.3.3.2 * freeradius-server-postgresql-3.2.4-150600.3.3.2 * freeradius-server-utils-debuginfo-3.2.4-150600.3.3.2 * freeradius-server-utils-3.2.4-150600.3.3.2 * freeradius-server-mysql-debuginfo-3.2.4-150600.3.3.2 * freeradius-server-perl-debuginfo-3.2.4-150600.3.3.2 * freeradius-server-sqlite-debuginfo-3.2.4-150600.3.3.2 * freeradius-server-perl-3.2.4-150600.3.3.2 * freeradius-server-krb5-3.2.4-150600.3.3.2 * freeradius-server-ldap-3.2.4-150600.3.3.2 * freeradius-server-libs-debuginfo-3.2.4-150600.3.3.2 * freeradius-server-ldap-debuginfo-3.2.4-150600.3.3.2 * freeradius-server-krb5-debuginfo-3.2.4-150600.3.3.2 * freeradius-server-mysql-3.2.4-150600.3.3.2 * freeradius-server-python3-debuginfo-3.2.4-150600.3.3.2 * freeradius-server-3.2.4-150600.3.3.2 * freeradius-server-python3-3.2.4-150600.3.3.2 ## References: * https://www.suse.com/security/cve/CVE-2024-3596.html * https://bugzilla.suse.com/show_bug.cgi?id=1223414 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jul 9 20:30:22 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 09 Jul 2024 20:30:22 -0000 Subject: SUSE-SU-2024:0136-2: moderate: Security update for pam Message-ID: <172055702220.19405.12094068984134176997@smelt2.prg2.suse.org> # Security update for pam Announcement ID: SUSE-SU-2024:0136-2 Rating: moderate References: * bsc#1217000 * bsc#1218475 Cross-References: * CVE-2024-22365 CVSS scores: * CVE-2024-22365 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-22365 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Micro 5.5 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for pam fixes the following issues: * CVE-2024-22365: Fixed a local denial of service during PAM login due to a missing check during path manipulation (bsc#1218475). * Check localtime_r() return value to fix crashing (bsc#1217000) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-136=1 ## Package List: * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * pam-1.3.0-150000.6.66.1 * pam-debugsource-1.3.0-150000.6.66.1 * pam-debuginfo-1.3.0-150000.6.66.1 ## References: * https://www.suse.com/security/cve/CVE-2024-22365.html * https://bugzilla.suse.com/show_bug.cgi?id=1217000 * https://bugzilla.suse.com/show_bug.cgi?id=1218475 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jul 9 20:30:36 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 09 Jul 2024 20:30:36 -0000 Subject: SUSE-SU-2024:2380-1: moderate: Security update for ppp Message-ID: <172055703618.19405.2036741967784796153@smelt2.prg2.suse.org> # Security update for ppp Announcement ID: SUSE-SU-2024:2380-1 Rating: moderate References: * bsc#1218251 Cross-References: * CVE-2022-4603 CVSS scores: * CVE-2022-4603 ( SUSE ): 4.3 CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L * CVE-2022-4603 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Micro 5.5 An update that solves one vulnerability can now be installed. ## Description: This update for ppp fixes the following issues: * CVE-2022-4603: Fixed improper validation of array index of the component pppdump (bsc#1218251). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-2380=1 ## Package List: * SUSE Linux Enterprise Micro 5.5 (ppc64le) * ppp-debuginfo-2.4.7-150000.5.13.1 * ppp-debugsource-2.4.7-150000.5.13.1 * ppp-2.4.7-150000.5.13.1 ## References: * https://www.suse.com/security/cve/CVE-2022-4603.html * https://bugzilla.suse.com/show_bug.cgi?id=1218251 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jul 9 20:30:37 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 09 Jul 2024 20:30:37 -0000 Subject: SUSE-SU-2024:2379-1: low: Security update for jbigkit Message-ID: <172055703795.19405.8675553475632186516@smelt2.prg2.suse.org> # Security update for jbigkit Announcement ID: SUSE-SU-2024:2379-1 Rating: low References: * bsc#1198146 Cross-References: * CVE-2022-1210 CVSS scores: * CVE-2022-1210 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2022-1210 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L Affected Products: * SUSE Linux Enterprise Micro 5.5 An update that solves one vulnerability can now be installed. ## Description: This update for jbigkit fixes the following issues: * CVE-2022-1210: Fixed denial of service in TIFF File Handler (bsc#1198146). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-2379=1 ## Package List: * SUSE Linux Enterprise Micro 5.5 (ppc64le) * jbigkit-debugsource-2.1-150000.3.5.1 * jbigkit-debuginfo-2.1-150000.3.5.1 * libjbig2-debuginfo-2.1-150000.3.5.1 * libjbig2-2.1-150000.3.5.1 ## References: * https://www.suse.com/security/cve/CVE-2022-1210.html * https://bugzilla.suse.com/show_bug.cgi?id=1198146 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jul 9 20:30:40 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 09 Jul 2024 20:30:40 -0000 Subject: SUSE-SU-2024:0070-2: low: Security update for tar Message-ID: <172055704069.19405.4975888560989515048@smelt2.prg2.suse.org> # Security update for tar Announcement ID: SUSE-SU-2024:0070-2 Rating: low References: * bsc#1217969 Cross-References: * CVE-2023-39804 CVSS scores: * CVE-2023-39804 ( SUSE ): 2.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L Affected Products: * SUSE Linux Enterprise Micro 5.5 An update that solves one vulnerability can now be installed. ## Description: This update for tar fixes the following issues: * CVE-2023-39804: Fixed extension attributes in PAX archives incorrect hanling (bsc#1217969). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-70=1 ## Package List: * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * tar-debuginfo-1.34-150000.3.34.1 * tar-1.34-150000.3.34.1 * tar-debugsource-1.34-150000.3.34.1 ## References: * https://www.suse.com/security/cve/CVE-2023-39804.html * https://bugzilla.suse.com/show_bug.cgi?id=1217969 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jul 9 20:30:52 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 09 Jul 2024 20:30:52 -0000 Subject: SUSE-SU-2024:2377-1: moderate: Security update for haproxy Message-ID: <172055705244.19405.402683163797726427@smelt2.prg2.suse.org> # Security update for haproxy Announcement ID: SUSE-SU-2024:2377-1 Rating: moderate References: * bsc#1217653 Cross-References: * CVE-2023-45539 CVSS scores: * CVE-2023-45539 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2023-45539 ( NVD ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N Affected Products: * SUSE Linux Enterprise Micro 5.5 An update that solves one vulnerability can now be installed. ## Description: This update for haproxy fixes the following issues: * CVE-2023-45539: Fixed misinterpretation of a path_end rule with # as part of the URI component (bsc#1217653). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-2377=1 ## Package List: * SUSE Linux Enterprise Micro 5.5 (ppc64le) * haproxy-debugsource-2.4.22+git0.f8e3218e2-150400.3.19.1 * haproxy-2.4.22+git0.f8e3218e2-150400.3.19.1 * haproxy-debuginfo-2.4.22+git0.f8e3218e2-150400.3.19.1 ## References: * https://www.suse.com/security/cve/CVE-2023-45539.html * https://bugzilla.suse.com/show_bug.cgi?id=1217653 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jul 9 20:30:56 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 09 Jul 2024 20:30:56 -0000 Subject: SUSE-SU-2024:2376-1: important: Security update for kernel-firmware Message-ID: <172055705655.19405.9720909645422788146@smelt2.prg2.suse.org> # Security update for kernel-firmware Announcement ID: SUSE-SU-2024:2376-1 Rating: important References: * bsc#1215823 * bsc#1215831 Cross-References: * CVE-2021-26345 * CVE-2021-46766 * CVE-2021-46774 * CVE-2022-23820 * CVE-2022-23830 * CVE-2023-20519 * CVE-2023-20521 * CVE-2023-20526 * CVE-2023-20533 * CVE-2023-20566 * CVE-2023-20592 CVSS scores: * CVE-2021-26345 ( SUSE ): 1.6 CVSS:3.1/AV:P/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L * CVE-2021-26345 ( NVD ): 4.9 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46766 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:N/A:N * CVE-2021-46766 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2021-46774 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:H/A:L * CVE-2021-46774 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2022-23820 ( SUSE ): 7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H * CVE-2022-23820 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2022-23830 ( SUSE ): 1.9 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:N * CVE-2022-23830 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2023-20519 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N * CVE-2023-20519 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N * CVE-2023-20521 ( SUSE ): 3.3 CVSS:3.1/AV:P/AC:H/PR:H/UI:N/S:C/C:L/I:N/A:L * CVE-2023-20521 ( NVD ): 5.7 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2023-20526 ( SUSE ): 1.9 CVSS:3.1/AV:P/AC:H/PR:H/UI:N/S:C/C:L/I:N/A:N * CVE-2023-20526 ( NVD ): 4.6 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2023-20533 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:L/A:H * CVE-2023-20533 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-20566 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:H/A:N * CVE-2023-20566 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2023-20592 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:H/A:N * CVE-2023-20592 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N Affected Products: * SUSE Linux Enterprise Micro 5.5 An update that solves 11 vulnerabilities can now be installed. ## Description: This update for kernel-firmware fixes the following issues: Update AMD ucode to 20231030 (bsc#1215831): * CVE-2022-23820: Failure to validate the AMD SMM communication buffer may allow an attacker to corrupt the SMRAM potentially leading to arbitrary code execution. * CVE-2021-46774: Insufficient input validation in ABL may enable a privileged attacker to perform arbitrary DRAM writes, potentially resulting in code execution and privilege escalation. * CVE-2023-20533: Insufficient DRAM address validation in System Management Unit (SMU) may allow an attacker using DMA to read/write from/to invalid DRAM address potentially resulting in denial-of-service. 0 CVE-2023-20519: A Use-After-Free vulnerability in the management of an SNP guest context page may allow a malicious hypervisor to masquerade as the guest's migration agent resulting in a potential loss of guest integrity. * CVE-2023-20566: Improper address validation in ASP with SNP enabled may potentially allow an attacker to compromise guest memory integrity. * CVE-2023-20521: TOCTOU in the ASP Bootloader may allow an attacker with physical access to tamper with SPI ROM records after memory content verification, potentially leading to loss of confidentiality or a denial of service. * CVE-2021-46766: Improper clearing of sensitive data in the ASP Bootloader may expose secret keys to a privileged attacker accessing ASP SRAM, potentially leading to a loss of confidentiality. * CVE-2022-23830: SMM configuration may not be immutable, as intended, when SNP is enabled resulting in a potential limited loss of guest memory integrity. * CVE-2023-20526: Insufficient input validation in the ASP Bootloader may enable a privileged attacker with physical access to expose the contents of ASP memory potentially leading to a loss of confidentiality. * CVE-2021-26345: Failure to validate the value in APCB may allow an attacker with physical access to tamper with the APCB token to force an out-of-bounds memory read potentially resulting in a denial of service. * CVE-2023-20592: Issue with INVD instruction aka CacheWarpAttack (bsc#1215823). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-2376=1 ## Package List: * SUSE Linux Enterprise Micro 5.5 (noarch) * kernel-firmware-usb-network-20230724-150500.3.9.1 * kernel-firmware-iwlwifi-20230724-150500.3.9.1 * kernel-firmware-ueagle-20230724-150500.3.9.1 * kernel-firmware-network-20230724-150500.3.9.1 * kernel-firmware-all-20230724-150500.3.9.1 * kernel-firmware-serial-20230724-150500.3.9.1 * kernel-firmware-chelsio-20230724-150500.3.9.1 * kernel-firmware-marvell-20230724-150500.3.9.1 * kernel-firmware-intel-20230724-150500.3.9.1 * kernel-firmware-mediatek-20230724-150500.3.9.1 * kernel-firmware-platform-20230724-150500.3.9.1 * kernel-firmware-qlogic-20230724-150500.3.9.1 * kernel-firmware-i915-20230724-150500.3.9.1 * kernel-firmware-prestera-20230724-150500.3.9.1 * kernel-firmware-liquidio-20230724-150500.3.9.1 * kernel-firmware-media-20230724-150500.3.9.1 * kernel-firmware-mwifiex-20230724-150500.3.9.1 * kernel-firmware-ti-20230724-150500.3.9.1 * kernel-firmware-bluetooth-20230724-150500.3.9.1 * kernel-firmware-dpaa2-20230724-150500.3.9.1 * kernel-firmware-bnx2-20230724-150500.3.9.1 * kernel-firmware-sound-20230724-150500.3.9.1 * kernel-firmware-mellanox-20230724-150500.3.9.1 * kernel-firmware-qcom-20230724-150500.3.9.1 * kernel-firmware-realtek-20230724-150500.3.9.1 * kernel-firmware-amdgpu-20230724-150500.3.9.1 * kernel-firmware-ath11k-20230724-150500.3.9.1 * kernel-firmware-ath10k-20230724-150500.3.9.1 * kernel-firmware-atheros-20230724-150500.3.9.1 * kernel-firmware-nvidia-20230724-150500.3.9.1 * kernel-firmware-brcm-20230724-150500.3.9.1 * kernel-firmware-nfp-20230724-150500.3.9.1 * kernel-firmware-radeon-20230724-150500.3.9.1 ## References: * https://www.suse.com/security/cve/CVE-2021-26345.html * https://www.suse.com/security/cve/CVE-2021-46766.html * https://www.suse.com/security/cve/CVE-2021-46774.html * https://www.suse.com/security/cve/CVE-2022-23820.html * https://www.suse.com/security/cve/CVE-2022-23830.html * https://www.suse.com/security/cve/CVE-2023-20519.html * https://www.suse.com/security/cve/CVE-2023-20521.html * https://www.suse.com/security/cve/CVE-2023-20526.html * https://www.suse.com/security/cve/CVE-2023-20533.html * https://www.suse.com/security/cve/CVE-2023-20566.html * https://www.suse.com/security/cve/CVE-2023-20592.html * https://bugzilla.suse.com/show_bug.cgi?id=1215823 * https://bugzilla.suse.com/show_bug.cgi?id=1215831 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jul 9 20:30:58 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 09 Jul 2024 20:30:58 -0000 Subject: SUSE-SU-2024:2375-1: moderate: Security update for python3-cryptography Message-ID: <172055705816.19405.8722770814250897626@smelt2.prg2.suse.org> # Security update for python3-cryptography Announcement ID: SUSE-SU-2024:2375-1 Rating: moderate References: * bsc#1217592 Cross-References: * CVE-2023-49083 CVSS scores: * CVE-2023-49083 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2023-49083 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Micro 5.5 An update that solves one vulnerability can now be installed. ## Description: This update for python3-cryptography fixes the following issues: * CVE-2023-49083: Fixed a NULL pointer dereference when loading certificates from a PKCS#7 bundle (bsc#1217592). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-2375=1 ## Package List: * SUSE Linux Enterprise Micro 5.5 (ppc64le) * python3-cryptography-debugsource-3.3.2-150400.23.1 ## References: * https://www.suse.com/security/cve/CVE-2023-49083.html * https://bugzilla.suse.com/show_bug.cgi?id=1217592 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jul 10 08:31:14 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 10 Jul 2024 08:31:14 -0000 Subject: SUSE-SU-2024:2381-1: important: Security update for the Linux Kernel Message-ID: <172060027473.13962.13457508054001772360@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2024:2381-1 Rating: important References: * bsc#1119113 * bsc#1191958 * bsc#1195065 * bsc#1195254 * bsc#1195775 * bsc#1204514 * bsc#1216062 * bsc#1217912 * bsc#1218148 * bsc#1219224 * bsc#1221010 * bsc#1221647 * bsc#1221654 * bsc#1221791 * bsc#1221958 * bsc#1222015 * bsc#1222080 * bsc#1222364 * bsc#1222385 * bsc#1222435 * bsc#1222809 * bsc#1222866 * bsc#1222879 * bsc#1222893 * bsc#1223013 * bsc#1223018 * bsc#1223021 * bsc#1223043 * bsc#1223532 * bsc#1223641 * bsc#1224177 * bsc#1224432 * bsc#1224504 * bsc#1224549 * bsc#1224552 * bsc#1224572 * bsc#1224575 * bsc#1224583 * bsc#1224588 * bsc#1224605 * bsc#1224651 * bsc#1224660 * bsc#1224661 * bsc#1224662 * bsc#1224664 * bsc#1224668 * bsc#1224670 * bsc#1224672 * bsc#1224674 * bsc#1224677 * bsc#1224678 * bsc#1224703 * bsc#1224735 * bsc#1224739 * bsc#1224763 * bsc#1224764 * bsc#1224765 * bsc#1224946 * bsc#1224951 * bsc#1224967 * bsc#1224976 * bsc#1224977 * bsc#1224978 * bsc#1224993 * bsc#1224997 * bsc#1225047 * bsc#1225140 * bsc#1225184 * bsc#1225203 * bsc#1225232 * bsc#1225261 * bsc#1225306 * bsc#1225337 * bsc#1225372 * bsc#1225463 * bsc#1225484 * bsc#1225487 * bsc#1225490 * bsc#1225514 * bsc#1225518 * bsc#1225548 * bsc#1225555 * bsc#1225556 * bsc#1225559 * bsc#1225571 * bsc#1225573 * bsc#1225577 * bsc#1225583 * bsc#1225585 * bsc#1225599 * bsc#1225602 * bsc#1225611 * bsc#1225642 * bsc#1225681 * bsc#1225704 * bsc#1225722 * bsc#1225749 * bsc#1225758 * bsc#1225760 * bsc#1225761 * bsc#1225767 * bsc#1225770 * bsc#1225815 * bsc#1225840 * bsc#1225848 * bsc#1225866 * bsc#1225872 * bsc#1225894 * bsc#1225895 * bsc#1225898 * bsc#1226211 * bsc#1226212 * bsc#1226537 * bsc#1226554 * bsc#1226557 * bsc#1226562 * bsc#1226567 * bsc#1226575 * bsc#1226577 * bsc#1226593 * bsc#1226595 * bsc#1226597 * bsc#1226610 * bsc#1226614 * bsc#1226619 * bsc#1226621 * bsc#1226634 * bsc#1226637 * bsc#1226670 * bsc#1226672 * bsc#1226692 * bsc#1226698 * bsc#1226699 * bsc#1226701 * bsc#1226705 * bsc#1226708 * bsc#1226711 * bsc#1226712 * bsc#1226716 * bsc#1226718 * bsc#1226732 * bsc#1226735 * bsc#1226744 * bsc#1226746 * bsc#1226747 * bsc#1226749 * bsc#1226754 * bsc#1226767 * bsc#1226769 * bsc#1226857 * bsc#1226876 * bsc#1226883 * bsc#1226886 * bsc#1226895 * bsc#1226948 * bsc#1226949 * bsc#1226950 * bsc#1226962 * bsc#1226976 * bsc#1226996 * bsc#1227101 Cross-References: * CVE-2021-4439 * CVE-2021-47103 * CVE-2021-47191 * CVE-2021-47193 * CVE-2021-47267 * CVE-2021-47270 * CVE-2021-47293 * CVE-2021-47294 * CVE-2021-47297 * CVE-2021-47309 * CVE-2021-47328 * CVE-2021-47354 * CVE-2021-47372 * CVE-2021-47379 * CVE-2021-47407 * CVE-2021-47418 * CVE-2021-47434 * CVE-2021-47445 * CVE-2021-47518 * CVE-2021-47544 * CVE-2021-47566 * CVE-2021-47571 * CVE-2021-47576 * CVE-2021-47587 * CVE-2021-47589 * CVE-2021-47600 * CVE-2021-47602 * CVE-2021-47603 * CVE-2021-47609 * CVE-2021-47617 * CVE-2022-48711 * CVE-2022-48715 * CVE-2022-48722 * CVE-2022-48732 * CVE-2022-48733 * CVE-2022-48740 * CVE-2022-48743 * CVE-2022-48754 * CVE-2022-48756 * CVE-2022-48758 * CVE-2022-48759 * CVE-2022-48760 * CVE-2022-48761 * CVE-2022-48771 * CVE-2022-48772 * CVE-2023-24023 * CVE-2023-52622 * CVE-2023-52675 * CVE-2023-52737 * CVE-2023-52752 * CVE-2023-52754 * CVE-2023-52757 * CVE-2023-52762 * CVE-2023-52764 * CVE-2023-52784 * CVE-2023-52808 * CVE-2023-52809 * CVE-2023-5281 * CVE-2023-52832 * CVE-2023-52834 * CVE-2023-52835 * CVE-2023-52843 * CVE-2023-52845 * CVE-2023-52855 * CVE-2023-52881 * CVE-2024-26633 * CVE-2024-26641 * CVE-2024-26679 * CVE-2024-26687 * CVE-2024-26720 * CVE-2024-26813 * CVE-2024-26845 * CVE-2024-26863 * CVE-2024-26894 * CVE-2024-26928 * CVE-2024-26973 * CVE-2024-27399 * CVE-2024-27410 * CVE-2024-35247 * CVE-2024-35807 * CVE-2024-35822 * CVE-2024-35835 * CVE-2024-35862 * CVE-2024-35863 * CVE-2024-35864 * CVE-2024-35865 * CVE-2024-35867 * CVE-2024-35868 * CVE-2024-35870 * CVE-2024-35886 * CVE-2024-35896 * CVE-2024-35922 * CVE-2024-35925 * CVE-2024-35930 * CVE-2024-35950 * CVE-2024-35956 * CVE-2024-35958 * CVE-2024-35960 * CVE-2024-35962 * CVE-2024-35976 * CVE-2024-35979 * CVE-2024-35997 * CVE-2024-35998 * CVE-2024-36016 * CVE-2024-36017 * CVE-2024-36025 * CVE-2024-36479 * CVE-2024-36592 * CVE-2024-36880 * CVE-2024-36894 * CVE-2024-36915 * CVE-2024-36917 * CVE-2024-36919 * CVE-2024-36923 * CVE-2024-36934 * CVE-2024-36938 * CVE-2024-36940 * CVE-2024-36949 * CVE-2024-36950 * CVE-2024-36960 * CVE-2024-36964 * CVE-2024-37021 * CVE-2024-37354 * CVE-2024-38544 * CVE-2024-38545 * CVE-2024-38546 * CVE-2024-38549 * CVE-2024-38552 * CVE-2024-38553 * CVE-2024-38565 * CVE-2024-38567 * CVE-2024-38578 * CVE-2024-38579 * CVE-2024-38580 * CVE-2024-38597 * CVE-2024-38601 * CVE-2024-38608 * CVE-2024-38618 * CVE-2024-38621 * CVE-2024-38627 * CVE-2024-38659 * CVE-2024-38661 * CVE-2024-38780 CVSS scores: * CVE-2021-4439 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2021-47103 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47191 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47193 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47193 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47267 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47270 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47293 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47294 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47297 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47309 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47328 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47354 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2021-47372 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47379 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47407 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47418 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47434 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47445 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47518 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47518 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47544 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L * CVE-2021-47566 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2021-47571 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47571 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47576 ( SUSE ): 3.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:L * CVE-2021-47587 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47589 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47600 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47602 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47603 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47609 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47617 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48711 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48715 ( SUSE ): 3.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2022-48722 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48732 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48733 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48740 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48743 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48754 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48756 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48758 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48759 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48760 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48761 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48771 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48772 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-24023 ( SUSE ): 6.8 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2023-24023 ( NVD ): 6.8 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2023-52622 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52675 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52737 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52752 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52752 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52754 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52757 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52762 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52764 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52784 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52808 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52809 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52809 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-5281 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2023-5281 ( NVD ): 6.3 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2023-52832 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52834 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2023-52835 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2023-52843 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52845 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52855 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52881 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:L * CVE-2024-26633 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26641 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-26679 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26687 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26720 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26813 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26845 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26863 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26894 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26928 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26973 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27399 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27410 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35247 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35807 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35822 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-35835 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35862 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35863 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35864 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35865 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35867 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35868 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35870 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35886 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35896 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35922 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35925 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35930 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35950 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35956 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35958 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35960 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35976 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35979 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35997 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35997 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35998 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36016 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36017 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-36025 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L * CVE-2024-36479 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36880 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L * CVE-2024-36894 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36915 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-36917 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36919 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36923 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2024-36934 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:L * CVE-2024-36938 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36938 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36940 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-36949 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36950 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36960 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-36964 ( SUSE ): 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-37021 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-37354 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2024-38544 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38545 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38546 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38549 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38552 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-38553 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38565 ( SUSE ): 5.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-38567 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38578 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2024-38579 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-38580 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38597 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38601 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38608 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L * CVE-2024-38618 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38621 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38627 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38659 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:H * CVE-2024-38661 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38780 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38780 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Real Time 12 SP5 * SUSE Linux Enterprise Server 12 SP5 An update that solves 143 vulnerabilities and has 18 security fixes can now be installed. ## Description: The SUSE Linux Enterprise 12 SP5 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2021-47103: net: sock: preserve kabi for sock (bsc#1221010). * CVE-2021-47191: Fix out-of-bound read in resp_readcap16() (bsc#1222866). * CVE-2021-47267: usb: fix various gadget panics on 10gbps cabling (bsc#1224993). * CVE-2021-47270: usb: fix various gadgets null ptr deref on 10gbps cabling (bsc#1224997). * CVE-2021-47293: net/sched: act_skbmod: Skip non-Ethernet packets (bsc#1224978). * CVE-2021-47294: netrom: Decrease sock refcount when sock timers expire (bsc#1224977). * CVE-2021-47297: net: fix uninit-value in caif_seqpkt_sendmsg (bsc#1224976). * CVE-2021-47309: net: validate lwtstate->data before returning from skb_tunnel_info() (bsc#1224967). * CVE-2021-47354: drm/sched: Avoid data corruptions (bsc#1225140) * CVE-2021-47372: net: macb: fix use after free on rmmod (bsc#1225184). * CVE-2021-47379: blk-cgroup: fix UAF by grabbing blkcg lock before destroying blkg pd (bsc#1225203). * CVE-2021-47407: KVM: x86: Handle SRCU initialization failure during page track init (bsc#1225306). * CVE-2021-47418: net_sched: fix NULL deref in fifo_set_limit() (bsc#1225337). * CVE-2021-47434: xhci: Fix commad ring abort, write all 64 bits to CRCR register (bsc#1225232). * CVE-2021-47445: drm/msm: Fix null pointer dereference on pointer edp (bsc#1225261) * CVE-2021-47518: nfc: fix potential NULL pointer deref in nfc_genl_dump_ses_done (bsc#1225372). * CVE-2021-47544: tcp: fix page frag corruption on page fault (bsc#1225463). * CVE-2021-47566: Fix clearing user buffer by properly using clear_user() (bsc#1225514). * CVE-2021-47571: staging: rtl8192e: Fix use after free in _rtl92e_pci_disconnect() (bsc#1225518). * CVE-2021-47587: net: systemport: Add global locking for descriptor lifecycle (bsc#1226567). * CVE-2021-47602: mac80211: track only QoS data frames for admission control (bsc#1226554). * CVE-2021-47609: firmware: arm_scpi: Fix string overflow in SCPI genpd driver (bsc#1226562) * CVE-2022-48732: drm/nouveau: fix off by one in BIOS boundary checking (bsc#1226716) * CVE-2022-48733: btrfs: fix use-after-free after failure to create a snapshot (bsc#1226718). * CVE-2022-48740: selinux: fix double free of cond_list on error paths (bsc#1226699). * CVE-2022-48743: net: amd-xgbe: Fix skb data length underflow (bsc#1226705). * CVE-2022-48756: drm/msm/dsi: invalid parameter check in msm_dsi_phy_enable (bsc#1226698) * CVE-2022-48759: rpmsg: char: Fix race between the release of rpmsg_ctrldev and cdev (bsc#1226711). * CVE-2022-48761: usb: xhci-plat: fix crash when suspend if remote wake enable (bsc#1226701). * CVE-2022-48772: media: lgdt3306a: Add a check against null-pointer-def (bsc#1226976). * CVE-2023-24023: Bluetooth: Add more enc key size check (bsc#1218148). * CVE-2023-52622: ext4: avoid online resizing failures due to oversized flex bg (bsc#1222080). * CVE-2023-52675: powerpc/imc-pmu: Add a null pointer check in update_events_in_group() (bsc#1224504). * CVE-2023-52737: btrfs: lock the inode in shared mode before starting fiemap (bsc#1225484). * CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225487). * CVE-2023-52754: media: imon: fix access to invalid resource for the second interface (bsc#1225490). * CVE-2023-52757: Fixed potential deadlock when releasing mids (bsc#1225548). * CVE-2023-52762: virtio-blk: fix implicit overflow on virtio_max_dma_size (bsc#1225573). * CVE-2023-52764: media: gspca: cpia1: shift-out-of-bounds in set_flicker (bsc#1225571). * CVE-2023-52784: bonding: stop the device in bond_setup_by_slave() (bsc#1224946). * CVE-2023-52832: wifi: mac80211: do not return unset power in ieee80211_get_tx_power() (bsc#1225577). * CVE-2023-52834: atl1c: Work around the DMA RX overflow issue (bsc#1225599). * CVE-2023-52835: perf/core: Bail out early if the request AUX area is out of bound (bsc#1225602). * CVE-2023-52843: llc: verify mac len before reading mac header (bsc#1224951). * CVE-2023-52845: tipc: Change nla_policy for bearer-related names to NLA_NUL_STRING (bsc#1225585). * CVE-2023-52855: usb: dwc2: fix possible NULL pointer dereference caused by driver concurrency (bsc#1225583). * CVE-2023-52881: tcp: do not accept ACK of bytes we never sent (bsc#1225611). * CVE-2024-26633: ip6_tunnel: fix NEXTHDR_FRAGMENT handling in ip6_tnl_parse_tlv_enc_lim() (bsc#1221647). * CVE-2024-26641: ip6_tunnel: make sure to pull inner header in __ip6_tnl_rcv() (bsc#1221654). * CVE-2024-26679: Fixed read sk->sk_family once in inet_recv_error() (bsc#1222385). * CVE-2024-26687: Fixed xen/events close evtchn after mapping cleanup (bsc#1222435). * CVE-2024-26720: mm: Avoid overflows in dirty throttling logic (bsc#1222364). * CVE-2024-26813: vfio/platform: Create persistent IRQ handlers (bsc#1222809). * CVE-2024-26863: hsr: Fix uninit-value access in hsr_get_node() (bsc#1223021). * CVE-2024-26894: ACPI: processor_idle: Fix memory leak in acpi_processor_power_exit() (bsc#1223043). * CVE-2024-26928: Fixed potential UAF in cifs_debug_files_proc_show() (bsc#1223532). * CVE-2024-26973: fat: fix uninitialized field in nostale filehandles (bsc#1223641). * CVE-2024-27399: Bluetooth: l2cap: fix null-ptr-deref in l2cap_chan_timeout (bsc#1224177). * CVE-2024-27410: Reject iftype change with mesh ID change (bsc#1224432). * CVE-2024-35247: fpga: region: add owner module and take its refcount (bsc#1226948). * CVE-2024-35807: ext4: fix corruption during on-line resize (bsc#1224735). * CVE-2024-35822: usb: udc: remove warning when queue disabled ep (bsc#1224739). * CVE-2024-35835: net/mlx5e: fix a double-free in arfs_create_groups (bsc#1224605). * CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted() (bsc#1224764). * CVE-2024-35863: Fixed potential UAF in is_valid_oplock_break() (bsc#1224763). * CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break() (bsc#1224765). * CVE-2024-35865: Fixed potential UAF in smb2_is_valid_oplock_break() (bsc#1224668). * CVE-2024-35867: Fixed potential UAF in cifs_stats_proc_show() (bsc#1224664). * CVE-2024-35868: Fixed potential UAF in cifs_stats_proc_write() (bsc#1224678). * CVE-2024-35870: Fixed UAF in smb2_reconnect_server() (bsc#1224672). * CVE-2024-35886: ipv6: Fix infinite recursion in fib6_dump_done() (bsc#1224670). * CVE-2024-35922: fbmon: prevent division by zero in fb_videomode_from_videomode() (bsc#1224660) * CVE-2024-35925: block: prevent division by zero in blk_rq_stat_sum() (bsc#1224661). * CVE-2024-35930: scsi: lpfc: Fix possible memory leak in lpfc_rcv_padisc() (bsc#1224651). * CVE-2024-35950: drm/client: Fully protect modes with dev->mode_config.mutex (bsc#1224703). * CVE-2024-35956: Fixed qgroup prealloc rsv leak in subvolume operations (bsc#1224674) * CVE-2024-35958: net: ena: Fix incorrect descriptor free behavior (bsc#1224677). * CVE-2024-35960: net/mlx5: Properly link new fs rules into the tree (bsc#1224588). * CVE-2024-35976: Validate user input for XDP_{UMEM|COMPLETION}_FILL_RING (bsc#1224575). * CVE-2024-35979: raid1: fix use-after-free for original bio in raid1_write_request() (bsc#1224572). * CVE-2024-35997: Remove I2C_HID_READ_PENDING flag to prevent lock-up (bsc#1224552). * CVE-2024-35998: Fixed lock ordering potential deadlock in cifs_sync_mid_result (bsc#1224549). * CVE-2024-36016: tty: n_gsm: fix possible out-of-bounds in gsm0_receive() (bsc#1225642). * CVE-2024-36017: rtnetlink: Correct nested IFLA_VF_VLAN_LIST attribute validation (bsc#1225681). * CVE-2024-36479: fpga: bridge: add owner module and take its refcount (bsc#1226949). * CVE-2024-36592: scsi: lpfc: Move NPIV's transport unregistration to after resource clean up (bsc#1225898). * CVE-2024-36880: Bluetooth: qca: add missing firmware sanity checks (bsc#1225722). * CVE-2024-36894: usb: gadget: f_fs: Fix race between aio_cancel() and AIO request complete (bsc#1225749). * CVE-2024-36915: nfc: llcp: fix nfc_llcp_setsockopt() unsafe copies (bsc#1225758). * CVE-2024-36917: block: fix overflow in blk_ioctl_discard() (bsc#1225770). * CVE-2024-36919: scsi: bnx2fc: Remove spin_lock_bh while releasing resources after upload (bsc#1225767). * CVE-2024-36923: fs/9p: fix uninitialized values during inode evict (bsc#1225815). * CVE-2024-36934: bna: ensure the copied buf is NUL terminated (bsc#1225760). * CVE-2024-36938: Fixed NULL pointer dereference in sk_psock_skb_ingress_enqueue (bsc#1225761). * CVE-2024-36940: pinctrl: core: delete incorrect free in pinctrl_enable() (bsc#1225840). * CVE-2024-36949: amd/amdkfd: sync all devices to wait all processes being evicted (bsc#1225872) * CVE-2024-36950: firewire: ohci: mask bus reset interrupts between ISR and bottom half (bsc#1225895). * CVE-2024-36960: drm/vmwgfx: Fix invalid reads in fence signaled events (bsc#1225872) * CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000 (bsc#1225866). * CVE-2024-37021: fpga: manager: add owner module and take its refcount (bsc#1226950). * CVE-2024-37354: btrfs: fix crash on racing fsync and size-extending write into prealloc (bsc#1227101). * CVE-2024-38544: RDMA/rxe: Fix seg fault in rxe_comp_queue_pkt (bsc#1226597) * CVE-2024-38545: RDMA/hns: Fix UAF for cq async event (bsc#1226595). * CVE-2024-38546: drm: vc4: Fix possible null pointer dereference (bsc#1226593). * CVE-2024-38549: drm/mediatek: Add 0 size check to mtk_drm_gem_obj (bsc#1226735) * CVE-2024-38552: drm/amd/display: Fix potential index out of bounds in color (bsc#1226767) * CVE-2024-38553: net: fec: remove .ndo_poll_controller to avoid deadlock (bsc#1226744). * CVE-2024-38565: wifi: ar5523: enable proper endpoint verification (bsc#1226747). * CVE-2024-38567: wifi: carl9170: add a proper sanity check for endpoints (bsc#1226769). * CVE-2024-38578: ecryptfs: Fix buffer size for tag 66 packet (bsc#1226634). * CVE-2024-38579: crypto: bcm - Fix pointer arithmetic (bsc#1226637). * CVE-2024-38580: epoll: be better about file lifetimes (bsc#1226610). * CVE-2024-38597: eth: sungem: remove .ndo_poll_controller to avoid deadlocks (bsc#1226749). * CVE-2024-38608: net/mlx5e: Fix netif state handling (bsc#1226746). * CVE-2024-38618: ALSA: timer: Set lower bound of start tick time (bsc#1226754). * CVE-2024-38621: media: stk1160: fix bounds checking in stk1160_copy_video() (bsc#1226895). * CVE-2024-38627: stm class: Fix a double free in stm_register_device() (bsc#1226857). * CVE-2024-38659: enic: Validate length of nl attributes in enic_set_vf_port (bsc#1226883). * CVE-2024-38661: s390/ap: Fix crash in AP internal function modify_bitmap() (bsc#1226996). * CVE-2024-38780: dma-buf/sw-sync: do not enable IRQ from sync_print_obj() (bsc#1226886). The following non-security bugs were fixed: * Btrfs: bail out on error during replay_dir_deletes (git-fixes) * Btrfs: clean up resources during umount after trans is aborted (git-fixes) * Btrfs: fix NULL pointer dereference in log_dir_items (git-fixes) * Btrfs: fix memory and mount leak in btrfs_ioctl_rm_dev_v2() (git-fixes) * Btrfs: fix unexpected EEXIST from btrfs_get_extent (git-fixes) * Btrfs: send, fix issuing write op when processing hole in no data mode (git- fixes) * Fix compilation * KVM: allow KVM_BUG/KVM_BUG_ON to handle 64-bit cond (git-fixes). * NFSv4: Always clear the pNFS layout when handling ESTALE (bsc#1221791). * NFSv4: nfs_set_open_stateid must not trigger state recovery for closed state (bsc#1221791). * PNFS for stateid errors retry against MDS first (bsc#1221791). * RDMA/mlx5: Add check for srq max_sge attribute (git-fixes) * Revert "build initrd without systemd" (bsc#1195775) * USB: serial: option: add Foxconn T99W265 with new baseline (git-fixes). * USB: serial: option: add Quectel EG912Y module support (git-fixes). * USB: serial: option: add Quectel RM500Q R13 firmware support (git-fixes). * arm64: asm-bug: Add .align 2 to the end of __BUG_ENTRY (git-fixes). * blk-cgroup: Fix NULL deref caused by blkg_policy_data being installed before init (bsc#1216062 bsc#1225203). * blk-cgroup: fix missing pd_online_fn() while activating policy (git-fixes bsc#1225203). * blk-cgroup: support to track if policy is online (bsc#1216062 bsc#1225203). * bpf, scripts: Correct GPL license name (git-fixes). * bsc#1225894: Fix build warning Fix the following build warning. * unused- variable (i) in ../drivers/gpu/drm/amd/amdkfd/kfd_device.c in kgd2kfd_resume ../drivers/gpu/drm/amd/amdkfd/kfd_device.c: In function 'kgd2kfd_resume': ../drivers/gpu/drm/amd/amdkfd/kfd_device.c:621:11: warning: unused variable 'i' [-Wunused-variable] * btrfs: add barriers to btrfs_sync_log before log_commit_wait wakeups (git- fixes) * btrfs: fix crash when trying to resume balance without the resume flag (git- fixes) * btrfs: fix describe_relocation when printing unknown flags (git-fixes) * btrfs: fix false EIO for missing device (git-fixes) * btrfs: tree-check: reduce stack consumption in check_dir_item (git-fixes) * btrfs: use correct compare function of dirty_metadata_bytes (git-fixes) * drm/amdkfd: Rework kfd_locked handling (bsc#1225872) * fix compat handling of FICLONERANGE, FIDEDUPERANGE and FS_IOC_FIEMAP (bsc#1225848). * fs: make fiemap work from compat_ioctl (bsc#1225848). * iommu/amd: Fix sysfs leak in iommu init (git-fixes). * iommu/vt-d: Allocate local memory for page request queue (git-fixes). * ipvs: Fix checksumming on GSO of SCTP packets (bsc#1221958) * kabi: blkcg_policy_data fix KABI (bsc#1216062 bsc#1225203). * mkspec-dtb: add toplevel symlinks also on arm * net: hsr: fix placement of logical operator in a multi-line statement (bsc#1223021). * net: usb: rtl8150 fix unintiatilzed variables in rtl8150_get_link_ksettings (git-fixes). * net: usb: smsc95xx: fix changing LED_SEL bit value updated from EEPROM (git- fixes). * nfsd: optimise recalculate_deny_mode() for a common case (bsc#1217912). * nvmet: fix ns enable/disable possible hang (git-fixes). * ocfs2: adjust enabling place for la window (bsc#1219224). * ocfs2: fix sparse warnings (bsc#1219224). * ocfs2: improve write IO performance when fragmentation is high (bsc#1219224). * ocfs2: speed up chain-list searching (bsc#1219224). * rpm/kernel-obs-build.spec.in: Add iso9660 (bsc#1226212) Some builds do not just create an iso9660 image, but also mount it during build. * rpm/kernel-obs-build.spec.in: Add networking modules for docker (bsc#1226211) docker needs more networking modules, even legacy iptable_nat and _filter. * rpm/kernel-obs-build.spec.in: Include algif_hash, aegis128 and xts modules afgif_hash is needed by some packages (e.g. iwd) for tests, xts is used for LUKS2 volumes by default and aegis128 is useful as AEAD cipher for LUKS2. Wrap the long line to make it readable. * rpm/mkspec-dtb: dtbs have moved to vendor sub-directories in 6.5 By commit 724ba6751532 ("ARM: dts: Move .dts files to vendor sub-directories"). So switch to them. * scsi: 3w-xxxx: Add error handling for initialization failure in tw_probe() (git-fixes). * scsi: 53c700: Check that command slot is not NULL (git-fixes). * scsi: be2iscsi: Add length check when parsing nlattrs (git-fixes). * scsi: be2iscsi: Fix a memleak in beiscsi_init_wrb_handle() (git-fixes). * scsi: bfa: Fix function pointer type mismatch for hcb_qe->cbfn (git-fixes). * scsi: bnx2fc: Fix skb double free in bnx2fc_rcv() (git-fixes). * scsi: core: Decrease scsi_device's iorequest_cnt if dispatch failed (git- fixes). * scsi: core: Fix legacy /proc parsing buffer overflow (git-fixes). * scsi: core: Fix possible memory leak if device_add() fails (git-fixes). * scsi: csiostor: Avoid function pointer casts (git-fixes). * scsi: isci: Fix an error code problem in isci_io_request_build() (git- fixes). * scsi: iscsi: Add length check for nlattr payload (git-fixes). * scsi: iscsi: Add strlen() check in iscsi_if_set{_host}_param() (git-fixes). * scsi: iscsi_tcp: restrict to TCP sockets (git-fixes). * scsi: libfc: Fix potential NULL pointer dereference in fc_lport_ptp_setup() (git-fixes). * scsi: libsas: Add a helper sas_get_sas_addr_and_dev_type() (git-fixes). * scsi: libsas: Fix disk not being scanned in after being removed (git-fixes). * scsi: libsas: Introduce struct smp_disc_resp (git-fixes). * scsi: lpfc: Correct size for wqe for memset() (git-fixes). * scsi: lpfc: Fix double free in lpfc_cmpl_els_logo_acc() caused by lpfc_nlp_not_used() (git-fixes). * scsi: lpfc: Fix the NULL vs IS_ERR() bug for debugfs_create_file() (git- fixes). * scsi: megaraid_sas: Increase register read retry rount from 3 to 30 for selected registers (git-fixes). * scsi: mpt3sas: Fix in error path (git-fixes). * scsi: mpt3sas: Fix loop logic (git-fixes). * scsi: mpt3sas: Perform additional retries if doorbell read returns 0 (git- fixes). * scsi: qedf: Do not touch __user pointer in qedf_dbg_debug_cmd_read() directly (git-fixes). * scsi: qedf: Do not touch __user pointer in qedf_dbg_fp_int_cmd_read() directly (git-fixes). * scsi: qedf: Do not touch __user pointer in qedf_dbg_stop_io_on_error_cmd_read() directly (git-fixes). * scsi: qedf: Fix NULL dereference in error handling (git-fixes). * scsi: qedf: Fix firmware halt over suspend and resume (git-fixes). * scsi: qedi: Fix firmware halt over suspend and resume (git-fixes). * scsi: qedi: Fix potential deadlock on &qedi_percpu->p_work_lock (git-fixes). * scsi: qla2xxx: Fix off by one in qla_edif_app_getstats() (git-fixes). * scsi: qla4xxx: Add length check when parsing nlattrs (git-fixes). * scsi: snic: Fix double free in snic_tgt_create() (git-fixes). * scsi: snic: Fix possible memory leak if device_add() fails (git-fixes). * scsi: stex: Fix gcc 13 warnings (git-fixes). * scsi: target: core: Add TMF to tmr_list handling (bsc#1223018). * usb: port: Do not try to peer unused USB ports based on location (git- fixes). * usb: typec: tcpm: Skip hard reset when in error recovery (git-fixes). * x86/tsc: Trust initial offset in architectural TSC-adjust MSRs (bsc#1222015 bsc#1226962). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Real Time 12 SP5 zypper in -t patch SUSE-SLE-RT-12-SP5-2024-2381=1 ## Package List: * SUSE Linux Enterprise Real Time 12 SP5 (x86_64) * gfs2-kmp-rt-debuginfo-4.12.14-10.191.1 * kernel-rt-debuginfo-4.12.14-10.191.1 * kernel-syms-rt-4.12.14-10.191.1 * cluster-md-kmp-rt-debuginfo-4.12.14-10.191.1 * kernel-rt_debug-devel-debuginfo-4.12.14-10.191.1 * ocfs2-kmp-rt-4.12.14-10.191.1 * ocfs2-kmp-rt-debuginfo-4.12.14-10.191.1 * kernel-rt-devel-4.12.14-10.191.1 * dlm-kmp-rt-4.12.14-10.191.1 * kernel-rt-debugsource-4.12.14-10.191.1 * kernel-rt-base-4.12.14-10.191.1 * kernel-rt_debug-debuginfo-4.12.14-10.191.1 * kernel-rt_debug-debugsource-4.12.14-10.191.1 * gfs2-kmp-rt-4.12.14-10.191.1 * dlm-kmp-rt-debuginfo-4.12.14-10.191.1 * kernel-rt-devel-debuginfo-4.12.14-10.191.1 * kernel-rt-base-debuginfo-4.12.14-10.191.1 * kernel-rt_debug-devel-4.12.14-10.191.1 * cluster-md-kmp-rt-4.12.14-10.191.1 * SUSE Linux Enterprise Real Time 12 SP5 (noarch) * kernel-source-rt-4.12.14-10.191.1 * kernel-devel-rt-4.12.14-10.191.1 * SUSE Linux Enterprise Real Time 12 SP5 (nosrc x86_64) * kernel-rt_debug-4.12.14-10.191.1 * kernel-rt-4.12.14-10.191.1 ## References: * https://www.suse.com/security/cve/CVE-2021-4439.html * https://www.suse.com/security/cve/CVE-2021-47103.html * https://www.suse.com/security/cve/CVE-2021-47191.html * https://www.suse.com/security/cve/CVE-2021-47193.html * https://www.suse.com/security/cve/CVE-2021-47267.html * https://www.suse.com/security/cve/CVE-2021-47270.html * https://www.suse.com/security/cve/CVE-2021-47293.html * https://www.suse.com/security/cve/CVE-2021-47294.html * https://www.suse.com/security/cve/CVE-2021-47297.html * https://www.suse.com/security/cve/CVE-2021-47309.html * https://www.suse.com/security/cve/CVE-2021-47328.html * https://www.suse.com/security/cve/CVE-2021-47354.html * https://www.suse.com/security/cve/CVE-2021-47372.html * https://www.suse.com/security/cve/CVE-2021-47379.html * https://www.suse.com/security/cve/CVE-2021-47407.html * https://www.suse.com/security/cve/CVE-2021-47418.html * https://www.suse.com/security/cve/CVE-2021-47434.html * https://www.suse.com/security/cve/CVE-2021-47445.html * https://www.suse.com/security/cve/CVE-2021-47518.html * https://www.suse.com/security/cve/CVE-2021-47544.html * https://www.suse.com/security/cve/CVE-2021-47566.html * https://www.suse.com/security/cve/CVE-2021-47571.html * https://www.suse.com/security/cve/CVE-2021-47576.html * https://www.suse.com/security/cve/CVE-2021-47587.html * https://www.suse.com/security/cve/CVE-2021-47589.html * https://www.suse.com/security/cve/CVE-2021-47600.html * https://www.suse.com/security/cve/CVE-2021-47602.html * https://www.suse.com/security/cve/CVE-2021-47603.html * https://www.suse.com/security/cve/CVE-2021-47609.html * https://www.suse.com/security/cve/CVE-2021-47617.html * https://www.suse.com/security/cve/CVE-2022-48711.html * https://www.suse.com/security/cve/CVE-2022-48715.html * https://www.suse.com/security/cve/CVE-2022-48722.html * https://www.suse.com/security/cve/CVE-2022-48732.html * https://www.suse.com/security/cve/CVE-2022-48733.html * https://www.suse.com/security/cve/CVE-2022-48740.html * https://www.suse.com/security/cve/CVE-2022-48743.html * https://www.suse.com/security/cve/CVE-2022-48754.html * https://www.suse.com/security/cve/CVE-2022-48756.html * https://www.suse.com/security/cve/CVE-2022-48758.html * https://www.suse.com/security/cve/CVE-2022-48759.html * https://www.suse.com/security/cve/CVE-2022-48760.html * https://www.suse.com/security/cve/CVE-2022-48761.html * https://www.suse.com/security/cve/CVE-2022-48771.html * https://www.suse.com/security/cve/CVE-2022-48772.html * https://www.suse.com/security/cve/CVE-2023-24023.html * https://www.suse.com/security/cve/CVE-2023-52622.html * https://www.suse.com/security/cve/CVE-2023-52675.html * https://www.suse.com/security/cve/CVE-2023-52737.html * https://www.suse.com/security/cve/CVE-2023-52752.html * https://www.suse.com/security/cve/CVE-2023-52754.html * https://www.suse.com/security/cve/CVE-2023-52757.html * https://www.suse.com/security/cve/CVE-2023-52762.html * https://www.suse.com/security/cve/CVE-2023-52764.html * https://www.suse.com/security/cve/CVE-2023-52784.html * https://www.suse.com/security/cve/CVE-2023-52808.html * https://www.suse.com/security/cve/CVE-2023-52809.html * https://www.suse.com/security/cve/CVE-2023-5281.html * https://www.suse.com/security/cve/CVE-2023-52832.html * https://www.suse.com/security/cve/CVE-2023-52834.html * https://www.suse.com/security/cve/CVE-2023-52835.html * https://www.suse.com/security/cve/CVE-2023-52843.html * https://www.suse.com/security/cve/CVE-2023-52845.html * https://www.suse.com/security/cve/CVE-2023-52855.html * https://www.suse.com/security/cve/CVE-2023-52881.html * https://www.suse.com/security/cve/CVE-2024-26633.html * https://www.suse.com/security/cve/CVE-2024-26641.html * https://www.suse.com/security/cve/CVE-2024-26679.html * https://www.suse.com/security/cve/CVE-2024-26687.html * https://www.suse.com/security/cve/CVE-2024-26720.html * https://www.suse.com/security/cve/CVE-2024-26813.html * https://www.suse.com/security/cve/CVE-2024-26845.html * https://www.suse.com/security/cve/CVE-2024-26863.html * https://www.suse.com/security/cve/CVE-2024-26894.html * https://www.suse.com/security/cve/CVE-2024-26928.html * https://www.suse.com/security/cve/CVE-2024-26973.html * https://www.suse.com/security/cve/CVE-2024-27399.html * https://www.suse.com/security/cve/CVE-2024-27410.html * https://www.suse.com/security/cve/CVE-2024-35247.html * https://www.suse.com/security/cve/CVE-2024-35807.html * https://www.suse.com/security/cve/CVE-2024-35822.html * https://www.suse.com/security/cve/CVE-2024-35835.html * https://www.suse.com/security/cve/CVE-2024-35862.html * https://www.suse.com/security/cve/CVE-2024-35863.html * https://www.suse.com/security/cve/CVE-2024-35864.html * https://www.suse.com/security/cve/CVE-2024-35865.html * https://www.suse.com/security/cve/CVE-2024-35867.html * https://www.suse.com/security/cve/CVE-2024-35868.html * https://www.suse.com/security/cve/CVE-2024-35870.html * https://www.suse.com/security/cve/CVE-2024-35886.html * https://www.suse.com/security/cve/CVE-2024-35896.html * https://www.suse.com/security/cve/CVE-2024-35922.html * https://www.suse.com/security/cve/CVE-2024-35925.html * https://www.suse.com/security/cve/CVE-2024-35930.html * https://www.suse.com/security/cve/CVE-2024-35950.html * https://www.suse.com/security/cve/CVE-2024-35956.html * https://www.suse.com/security/cve/CVE-2024-35958.html * https://www.suse.com/security/cve/CVE-2024-35960.html * https://www.suse.com/security/cve/CVE-2024-35962.html * https://www.suse.com/security/cve/CVE-2024-35976.html * https://www.suse.com/security/cve/CVE-2024-35979.html * https://www.suse.com/security/cve/CVE-2024-35997.html * https://www.suse.com/security/cve/CVE-2024-35998.html * https://www.suse.com/security/cve/CVE-2024-36016.html * https://www.suse.com/security/cve/CVE-2024-36017.html * https://www.suse.com/security/cve/CVE-2024-36025.html * https://www.suse.com/security/cve/CVE-2024-36479.html * https://www.suse.com/security/cve/CVE-2024-36592.html * https://www.suse.com/security/cve/CVE-2024-36880.html * https://www.suse.com/security/cve/CVE-2024-36894.html * https://www.suse.com/security/cve/CVE-2024-36915.html * https://www.suse.com/security/cve/CVE-2024-36917.html * https://www.suse.com/security/cve/CVE-2024-36919.html * https://www.suse.com/security/cve/CVE-2024-36923.html * https://www.suse.com/security/cve/CVE-2024-36934.html * https://www.suse.com/security/cve/CVE-2024-36938.html * https://www.suse.com/security/cve/CVE-2024-36940.html * https://www.suse.com/security/cve/CVE-2024-36949.html * https://www.suse.com/security/cve/CVE-2024-36950.html * https://www.suse.com/security/cve/CVE-2024-36960.html * https://www.suse.com/security/cve/CVE-2024-36964.html * https://www.suse.com/security/cve/CVE-2024-37021.html * https://www.suse.com/security/cve/CVE-2024-37354.html * https://www.suse.com/security/cve/CVE-2024-38544.html * https://www.suse.com/security/cve/CVE-2024-38545.html * https://www.suse.com/security/cve/CVE-2024-38546.html * https://www.suse.com/security/cve/CVE-2024-38549.html * https://www.suse.com/security/cve/CVE-2024-38552.html * https://www.suse.com/security/cve/CVE-2024-38553.html * https://www.suse.com/security/cve/CVE-2024-38565.html * https://www.suse.com/security/cve/CVE-2024-38567.html * https://www.suse.com/security/cve/CVE-2024-38578.html * https://www.suse.com/security/cve/CVE-2024-38579.html * https://www.suse.com/security/cve/CVE-2024-38580.html * https://www.suse.com/security/cve/CVE-2024-38597.html * https://www.suse.com/security/cve/CVE-2024-38601.html * https://www.suse.com/security/cve/CVE-2024-38608.html * https://www.suse.com/security/cve/CVE-2024-38618.html * https://www.suse.com/security/cve/CVE-2024-38621.html * https://www.suse.com/security/cve/CVE-2024-38627.html * https://www.suse.com/security/cve/CVE-2024-38659.html * https://www.suse.com/security/cve/CVE-2024-38661.html * https://www.suse.com/security/cve/CVE-2024-38780.html * https://bugzilla.suse.com/show_bug.cgi?id=1119113 * https://bugzilla.suse.com/show_bug.cgi?id=1191958 * https://bugzilla.suse.com/show_bug.cgi?id=1195065 * https://bugzilla.suse.com/show_bug.cgi?id=1195254 * https://bugzilla.suse.com/show_bug.cgi?id=1195775 * https://bugzilla.suse.com/show_bug.cgi?id=1204514 * https://bugzilla.suse.com/show_bug.cgi?id=1216062 * https://bugzilla.suse.com/show_bug.cgi?id=1217912 * https://bugzilla.suse.com/show_bug.cgi?id=1218148 * https://bugzilla.suse.com/show_bug.cgi?id=1219224 * https://bugzilla.suse.com/show_bug.cgi?id=1221010 * https://bugzilla.suse.com/show_bug.cgi?id=1221647 * https://bugzilla.suse.com/show_bug.cgi?id=1221654 * https://bugzilla.suse.com/show_bug.cgi?id=1221791 * https://bugzilla.suse.com/show_bug.cgi?id=1221958 * https://bugzilla.suse.com/show_bug.cgi?id=1222015 * https://bugzilla.suse.com/show_bug.cgi?id=1222080 * https://bugzilla.suse.com/show_bug.cgi?id=1222364 * https://bugzilla.suse.com/show_bug.cgi?id=1222385 * https://bugzilla.suse.com/show_bug.cgi?id=1222435 * https://bugzilla.suse.com/show_bug.cgi?id=1222809 * https://bugzilla.suse.com/show_bug.cgi?id=1222866 * https://bugzilla.suse.com/show_bug.cgi?id=1222879 * https://bugzilla.suse.com/show_bug.cgi?id=1222893 * https://bugzilla.suse.com/show_bug.cgi?id=1223013 * https://bugzilla.suse.com/show_bug.cgi?id=1223018 * https://bugzilla.suse.com/show_bug.cgi?id=1223021 * https://bugzilla.suse.com/show_bug.cgi?id=1223043 * https://bugzilla.suse.com/show_bug.cgi?id=1223532 * https://bugzilla.suse.com/show_bug.cgi?id=1223641 * https://bugzilla.suse.com/show_bug.cgi?id=1224177 * https://bugzilla.suse.com/show_bug.cgi?id=1224432 * https://bugzilla.suse.com/show_bug.cgi?id=1224504 * https://bugzilla.suse.com/show_bug.cgi?id=1224549 * https://bugzilla.suse.com/show_bug.cgi?id=1224552 * https://bugzilla.suse.com/show_bug.cgi?id=1224572 * https://bugzilla.suse.com/show_bug.cgi?id=1224575 * https://bugzilla.suse.com/show_bug.cgi?id=1224583 * https://bugzilla.suse.com/show_bug.cgi?id=1224588 * https://bugzilla.suse.com/show_bug.cgi?id=1224605 * https://bugzilla.suse.com/show_bug.cgi?id=1224651 * https://bugzilla.suse.com/show_bug.cgi?id=1224660 * https://bugzilla.suse.com/show_bug.cgi?id=1224661 * https://bugzilla.suse.com/show_bug.cgi?id=1224662 * https://bugzilla.suse.com/show_bug.cgi?id=1224664 * https://bugzilla.suse.com/show_bug.cgi?id=1224668 * https://bugzilla.suse.com/show_bug.cgi?id=1224670 * https://bugzilla.suse.com/show_bug.cgi?id=1224672 * https://bugzilla.suse.com/show_bug.cgi?id=1224674 * https://bugzilla.suse.com/show_bug.cgi?id=1224677 * https://bugzilla.suse.com/show_bug.cgi?id=1224678 * https://bugzilla.suse.com/show_bug.cgi?id=1224703 * https://bugzilla.suse.com/show_bug.cgi?id=1224735 * https://bugzilla.suse.com/show_bug.cgi?id=1224739 * https://bugzilla.suse.com/show_bug.cgi?id=1224763 * https://bugzilla.suse.com/show_bug.cgi?id=1224764 * https://bugzilla.suse.com/show_bug.cgi?id=1224765 * https://bugzilla.suse.com/show_bug.cgi?id=1224946 * https://bugzilla.suse.com/show_bug.cgi?id=1224951 * https://bugzilla.suse.com/show_bug.cgi?id=1224967 * https://bugzilla.suse.com/show_bug.cgi?id=1224976 * https://bugzilla.suse.com/show_bug.cgi?id=1224977 * https://bugzilla.suse.com/show_bug.cgi?id=1224978 * https://bugzilla.suse.com/show_bug.cgi?id=1224993 * https://bugzilla.suse.com/show_bug.cgi?id=1224997 * https://bugzilla.suse.com/show_bug.cgi?id=1225047 * https://bugzilla.suse.com/show_bug.cgi?id=1225140 * https://bugzilla.suse.com/show_bug.cgi?id=1225184 * https://bugzilla.suse.com/show_bug.cgi?id=1225203 * https://bugzilla.suse.com/show_bug.cgi?id=1225232 * https://bugzilla.suse.com/show_bug.cgi?id=1225261 * https://bugzilla.suse.com/show_bug.cgi?id=1225306 * https://bugzilla.suse.com/show_bug.cgi?id=1225337 * https://bugzilla.suse.com/show_bug.cgi?id=1225372 * https://bugzilla.suse.com/show_bug.cgi?id=1225463 * https://bugzilla.suse.com/show_bug.cgi?id=1225484 * https://bugzilla.suse.com/show_bug.cgi?id=1225487 * https://bugzilla.suse.com/show_bug.cgi?id=1225490 * https://bugzilla.suse.com/show_bug.cgi?id=1225514 * https://bugzilla.suse.com/show_bug.cgi?id=1225518 * https://bugzilla.suse.com/show_bug.cgi?id=1225548 * https://bugzilla.suse.com/show_bug.cgi?id=1225555 * https://bugzilla.suse.com/show_bug.cgi?id=1225556 * https://bugzilla.suse.com/show_bug.cgi?id=1225559 * https://bugzilla.suse.com/show_bug.cgi?id=1225571 * https://bugzilla.suse.com/show_bug.cgi?id=1225573 * https://bugzilla.suse.com/show_bug.cgi?id=1225577 * https://bugzilla.suse.com/show_bug.cgi?id=1225583 * https://bugzilla.suse.com/show_bug.cgi?id=1225585 * https://bugzilla.suse.com/show_bug.cgi?id=1225599 * https://bugzilla.suse.com/show_bug.cgi?id=1225602 * https://bugzilla.suse.com/show_bug.cgi?id=1225611 * https://bugzilla.suse.com/show_bug.cgi?id=1225642 * https://bugzilla.suse.com/show_bug.cgi?id=1225681 * https://bugzilla.suse.com/show_bug.cgi?id=1225704 * https://bugzilla.suse.com/show_bug.cgi?id=1225722 * https://bugzilla.suse.com/show_bug.cgi?id=1225749 * https://bugzilla.suse.com/show_bug.cgi?id=1225758 * https://bugzilla.suse.com/show_bug.cgi?id=1225760 * https://bugzilla.suse.com/show_bug.cgi?id=1225761 * https://bugzilla.suse.com/show_bug.cgi?id=1225767 * https://bugzilla.suse.com/show_bug.cgi?id=1225770 * https://bugzilla.suse.com/show_bug.cgi?id=1225815 * https://bugzilla.suse.com/show_bug.cgi?id=1225840 * https://bugzilla.suse.com/show_bug.cgi?id=1225848 * https://bugzilla.suse.com/show_bug.cgi?id=1225866 * https://bugzilla.suse.com/show_bug.cgi?id=1225872 * https://bugzilla.suse.com/show_bug.cgi?id=1225894 * https://bugzilla.suse.com/show_bug.cgi?id=1225895 * https://bugzilla.suse.com/show_bug.cgi?id=1225898 * https://bugzilla.suse.com/show_bug.cgi?id=1226211 * https://bugzilla.suse.com/show_bug.cgi?id=1226212 * https://bugzilla.suse.com/show_bug.cgi?id=1226537 * https://bugzilla.suse.com/show_bug.cgi?id=1226554 * https://bugzilla.suse.com/show_bug.cgi?id=1226557 * https://bugzilla.suse.com/show_bug.cgi?id=1226562 * https://bugzilla.suse.com/show_bug.cgi?id=1226567 * https://bugzilla.suse.com/show_bug.cgi?id=1226575 * https://bugzilla.suse.com/show_bug.cgi?id=1226577 * https://bugzilla.suse.com/show_bug.cgi?id=1226593 * https://bugzilla.suse.com/show_bug.cgi?id=1226595 * https://bugzilla.suse.com/show_bug.cgi?id=1226597 * https://bugzilla.suse.com/show_bug.cgi?id=1226610 * https://bugzilla.suse.com/show_bug.cgi?id=1226614 * https://bugzilla.suse.com/show_bug.cgi?id=1226619 * https://bugzilla.suse.com/show_bug.cgi?id=1226621 * https://bugzilla.suse.com/show_bug.cgi?id=1226634 * https://bugzilla.suse.com/show_bug.cgi?id=1226637 * https://bugzilla.suse.com/show_bug.cgi?id=1226670 * https://bugzilla.suse.com/show_bug.cgi?id=1226672 * https://bugzilla.suse.com/show_bug.cgi?id=1226692 * https://bugzilla.suse.com/show_bug.cgi?id=1226698 * https://bugzilla.suse.com/show_bug.cgi?id=1226699 * https://bugzilla.suse.com/show_bug.cgi?id=1226701 * https://bugzilla.suse.com/show_bug.cgi?id=1226705 * https://bugzilla.suse.com/show_bug.cgi?id=1226708 * https://bugzilla.suse.com/show_bug.cgi?id=1226711 * https://bugzilla.suse.com/show_bug.cgi?id=1226712 * https://bugzilla.suse.com/show_bug.cgi?id=1226716 * https://bugzilla.suse.com/show_bug.cgi?id=1226718 * https://bugzilla.suse.com/show_bug.cgi?id=1226732 * https://bugzilla.suse.com/show_bug.cgi?id=1226735 * https://bugzilla.suse.com/show_bug.cgi?id=1226744 * https://bugzilla.suse.com/show_bug.cgi?id=1226746 * https://bugzilla.suse.com/show_bug.cgi?id=1226747 * https://bugzilla.suse.com/show_bug.cgi?id=1226749 * https://bugzilla.suse.com/show_bug.cgi?id=1226754 * https://bugzilla.suse.com/show_bug.cgi?id=1226767 * https://bugzilla.suse.com/show_bug.cgi?id=1226769 * https://bugzilla.suse.com/show_bug.cgi?id=1226857 * https://bugzilla.suse.com/show_bug.cgi?id=1226876 * https://bugzilla.suse.com/show_bug.cgi?id=1226883 * https://bugzilla.suse.com/show_bug.cgi?id=1226886 * https://bugzilla.suse.com/show_bug.cgi?id=1226895 * https://bugzilla.suse.com/show_bug.cgi?id=1226948 * https://bugzilla.suse.com/show_bug.cgi?id=1226949 * https://bugzilla.suse.com/show_bug.cgi?id=1226950 * https://bugzilla.suse.com/show_bug.cgi?id=1226962 * https://bugzilla.suse.com/show_bug.cgi?id=1226976 * https://bugzilla.suse.com/show_bug.cgi?id=1226996 * https://bugzilla.suse.com/show_bug.cgi?id=1227101 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jul 10 12:30:05 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 10 Jul 2024 12:30:05 -0000 Subject: SUSE-SU-2024:2382-1: important: Security update for the Linux Kernel RT (Live Patch 11 for SLE 15 SP5) Message-ID: <172061460559.10190.14185834837385129395@smelt2.prg2.suse.org> # Security update for the Linux Kernel RT (Live Patch 11 for SLE 15 SP5) Announcement ID: SUSE-SU-2024:2382-1 Rating: important References: * bsc#1220145 * bsc#1220832 * bsc#1221302 * bsc#1222685 * bsc#1223059 * bsc#1223363 * bsc#1223514 * bsc#1223681 * bsc#1223683 Cross-References: * CVE-2022-48651 * CVE-2023-52502 * CVE-2023-6546 * CVE-2024-23307 * CVE-2024-26610 * CVE-2024-26828 * CVE-2024-26852 * CVE-2024-26923 * CVE-2024-26930 CVSS scores: * CVE-2022-48651 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52502 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26610 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-26828 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H * CVE-2024-26852 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26930 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26930 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves nine vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_13_38 fixes several issues. The following security issues were fixed: * CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683). * CVE-2024-26930: Fixed double free of the ha->vp_map pointer (bsc#1223681). * CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223363). * CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5 modules (bsc#1220145). * CVE-2024-26852: Fixed use-after-free in ip6_route_mpath_notify() (bsc#1223059). * CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221302). * CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223514). * CVE-2023-52502: Fixed a race condition in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() (bsc#1220832). * CVE-2023-6546: Fixed a race condition in the GSM 0710 tty multiplexor via the GSMIOC_SETCONF ioctl that could lead to local privilege escalation (bsc#1222685). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-2382=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-2382=1 ## Package List: * openSUSE Leap 15.5 (x86_64) * kernel-livepatch-SLE15-SP5-RT_Update_11-debugsource-4-150500.11.6.1 * kernel-livepatch-5_14_21-150500_13_38-rt-4-150500.11.6.1 * kernel-livepatch-5_14_21-150500_13_38-rt-debuginfo-4-150500.11.6.1 * SUSE Linux Enterprise Live Patching 15-SP5 (x86_64) * kernel-livepatch-SLE15-SP5-RT_Update_11-debugsource-4-150500.11.6.1 * kernel-livepatch-5_14_21-150500_13_38-rt-4-150500.11.6.1 * kernel-livepatch-5_14_21-150500_13_38-rt-debuginfo-4-150500.11.6.1 ## References: * https://www.suse.com/security/cve/CVE-2022-48651.html * https://www.suse.com/security/cve/CVE-2023-52502.html * https://www.suse.com/security/cve/CVE-2023-6546.html * https://www.suse.com/security/cve/CVE-2024-23307.html * https://www.suse.com/security/cve/CVE-2024-26610.html * https://www.suse.com/security/cve/CVE-2024-26828.html * https://www.suse.com/security/cve/CVE-2024-26852.html * https://www.suse.com/security/cve/CVE-2024-26923.html * https://www.suse.com/security/cve/CVE-2024-26930.html * https://bugzilla.suse.com/show_bug.cgi?id=1220145 * https://bugzilla.suse.com/show_bug.cgi?id=1220832 * https://bugzilla.suse.com/show_bug.cgi?id=1221302 * https://bugzilla.suse.com/show_bug.cgi?id=1222685 * https://bugzilla.suse.com/show_bug.cgi?id=1223059 * https://bugzilla.suse.com/show_bug.cgi?id=1223363 * https://bugzilla.suse.com/show_bug.cgi?id=1223514 * https://bugzilla.suse.com/show_bug.cgi?id=1223681 * https://bugzilla.suse.com/show_bug.cgi?id=1223683 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jul 10 12:30:07 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 10 Jul 2024 12:30:07 -0000 Subject: SUSE-SU-2024:2383-1: important: Security update for skopeo Message-ID: <172061460733.10190.13578230694829038086@smelt2.prg2.suse.org> # Security update for skopeo Announcement ID: SUSE-SU-2024:2383-1 Rating: important References: * bsc#1224123 Cross-References: * CVE-2024-3727 CVSS scores: * CVE-2024-3727 ( SUSE ): 8.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 An update that solves one vulnerability can now be installed. ## Description: This update for skopeo fixes the following issues: * CVE-2024-3727: Added missing image digest verification (bsc#1224123). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-2383=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-2383=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-2383=1 ## Package List: * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * skopeo-debuginfo-0.1.41-150000.4.23.1 * skopeo-0.1.41-150000.4.23.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * skopeo-debuginfo-0.1.41-150000.4.23.1 * skopeo-0.1.41-150000.4.23.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * skopeo-debuginfo-0.1.41-150000.4.23.1 * skopeo-0.1.41-150000.4.23.1 ## References: * https://www.suse.com/security/cve/CVE-2024-3727.html * https://bugzilla.suse.com/show_bug.cgi?id=1224123 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jul 10 16:30:05 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 10 Jul 2024 16:30:05 -0000 Subject: SUSE-SU-2024:2393-1: moderate: Security update for openssh Message-ID: <172062900552.23853.11857726575006988629@smelt2.prg2.suse.org> # Security update for openssh Announcement ID: SUSE-SU-2024:2393-1 Rating: moderate References: * bsc#1218215 * bsc#1224392 * bsc#1225904 * bsc#1227318 * bsc#1227350 Cross-References: * CVE-2023-51385 * CVE-2024-39894 CVSS scores: * CVE-2023-51385 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2023-51385 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2024-39894 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Products: * Basesystem Module 15-SP6 * Desktop Applications Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves two vulnerabilities and has three security fixes can now be installed. ## Description: This update for openssh fixes the following issues: Security fixes: * CVE-2024-39894: Fixed timing attacks against echo-off password entry (bsc#1227318). Other fixes: \- Add obsoletes for openssh-server-config-rootlogin (bsc#1227350). \- Add #include in some files added by the ldap patch to fix build with gcc14 (bsc#1225904). \- Remove the recommendation for openssh-server- config-rootlogin from openssh-server (bsc#1224392). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-2393=1 openSUSE-SLE-15.6-2024-2393=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-2393=1 * Desktop Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2024-2393=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * openssh-fips-9.6p1-150600.6.6.1 * openssh-debuginfo-9.6p1-150600.6.6.1 * openssh-9.6p1-150600.6.6.1 * openssh-helpers-9.6p1-150600.6.6.1 * openssh-clients-debuginfo-9.6p1-150600.6.6.1 * openssh-debugsource-9.6p1-150600.6.6.1 * openssh-server-config-disallow-rootlogin-9.6p1-150600.6.6.1 * openssh-cavs-debuginfo-9.6p1-150600.6.6.1 * openssh-askpass-gnome-debuginfo-9.6p1-150600.6.6.1 * openssh-clients-9.6p1-150600.6.6.1 * openssh-helpers-debuginfo-9.6p1-150600.6.6.1 * openssh-server-9.6p1-150600.6.6.1 * openssh-cavs-9.6p1-150600.6.6.1 * openssh-common-debuginfo-9.6p1-150600.6.6.1 * openssh-common-9.6p1-150600.6.6.1 * openssh-askpass-gnome-debugsource-9.6p1-150600.6.6.1 * openssh-askpass-gnome-9.6p1-150600.6.6.1 * openssh-server-debuginfo-9.6p1-150600.6.6.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * openssh-fips-9.6p1-150600.6.6.1 * openssh-debuginfo-9.6p1-150600.6.6.1 * openssh-9.6p1-150600.6.6.1 * openssh-helpers-9.6p1-150600.6.6.1 * openssh-clients-debuginfo-9.6p1-150600.6.6.1 * openssh-debugsource-9.6p1-150600.6.6.1 * openssh-server-config-disallow-rootlogin-9.6p1-150600.6.6.1 * openssh-clients-9.6p1-150600.6.6.1 * openssh-helpers-debuginfo-9.6p1-150600.6.6.1 * openssh-server-9.6p1-150600.6.6.1 * openssh-common-debuginfo-9.6p1-150600.6.6.1 * openssh-common-9.6p1-150600.6.6.1 * openssh-server-debuginfo-9.6p1-150600.6.6.1 * Desktop Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * openssh-askpass-gnome-9.6p1-150600.6.6.1 * openssh-askpass-gnome-debuginfo-9.6p1-150600.6.6.1 * openssh-askpass-gnome-debugsource-9.6p1-150600.6.6.1 ## References: * https://www.suse.com/security/cve/CVE-2023-51385.html * https://www.suse.com/security/cve/CVE-2024-39894.html * https://bugzilla.suse.com/show_bug.cgi?id=1218215 * https://bugzilla.suse.com/show_bug.cgi?id=1224392 * https://bugzilla.suse.com/show_bug.cgi?id=1225904 * https://bugzilla.suse.com/show_bug.cgi?id=1227318 * https://bugzilla.suse.com/show_bug.cgi?id=1227350 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jul 10 16:30:27 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 10 Jul 2024 16:30:27 -0000 Subject: SUSE-SU-2024:2385-1: important: Security update for the Linux Kernel Message-ID: <172062902756.23853.3822597383775688934@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2024:2385-1 Rating: important References: * bsc#1195775 * bsc#1216124 * bsc#1218148 * bsc#1219224 * bsc#1220492 * bsc#1222015 * bsc#1222254 * bsc#1222678 * bsc#1224020 * bsc#1224679 * bsc#1224696 * bsc#1224703 * bsc#1224749 * bsc#1224764 * bsc#1224765 * bsc#1224766 * bsc#1224935 * bsc#1225098 * bsc#1225467 * bsc#1225487 * bsc#1225518 * bsc#1225611 * bsc#1225732 * bsc#1225737 * bsc#1225749 * bsc#1225840 * bsc#1225866 * bsc#1226145 * bsc#1226211 * bsc#1226212 * bsc#1226270 * bsc#1226587 * bsc#1226595 * bsc#1226634 * bsc#1226785 * bsc#1226786 * bsc#1226789 * bsc#1226953 * bsc#1226962 Cross-References: * CVE-2021-47555 * CVE-2021-47571 * CVE-2023-24023 * CVE-2023-52670 * CVE-2023-52752 * CVE-2023-52837 * CVE-2023-52846 * CVE-2023-52881 * CVE-2024-26745 * CVE-2024-35789 * CVE-2024-35861 * CVE-2024-35862 * CVE-2024-35864 * CVE-2024-35869 * CVE-2024-35950 * CVE-2024-36894 * CVE-2024-36899 * CVE-2024-36904 * CVE-2024-36940 * CVE-2024-36964 * CVE-2024-36971 * CVE-2024-38541 * CVE-2024-38545 * CVE-2024-38559 * CVE-2024-38560 * CVE-2024-38564 * CVE-2024-38578 CVSS scores: * CVE-2021-47555 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L * CVE-2021-47571 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47571 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-24023 ( SUSE ): 6.8 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2023-24023 ( NVD ): 6.8 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2023-52670 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52752 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52752 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52837 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52846 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52881 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:L * CVE-2024-26745 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35789 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35861 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35862 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35864 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35869 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35950 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36894 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36899 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36904 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36940 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-36964 ( SUSE ): 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36971 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36971 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-38541 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-38545 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38559 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-38560 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-38564 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-38578 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H Affected Products: * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 An update that solves 27 vulnerabilities and has 12 security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP4 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2021-47555: net: vlan: fix underflow for the real_dev refcnt (bsc#1225467). * CVE-2021-47571: staging: rtl8192e: Fix use after free in _rtl92e_pci_disconnect() (bsc#1225518). * CVE-2023-24023: Bluetooth: Add more enc key size check (bsc#1218148). * CVE-2023-52670: rpmsg: virtio: Free driver_override when rpmsg_remove() (bsc#1224696). * CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225487). * CVE-2023-52837: nbd: fix uaf in nbd_open (bsc#1224935). * CVE-2023-52846: hsr: Prevent use after free in prp_create_tagged_frame() (bsc#1225098). * CVE-2023-52881: tcp: do not accept ACK of bytes we never sent (bsc#1225611). * CVE-2024-35789: Check fast rx for non-4addr sta VLAN changes (bsc#1224749). * CVE-2024-35861: Fixed potential UAF in cifs_signal_cifsd_for_reconnect() (bsc#1224766). * CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted() (bsc#1224764). * CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break() (bsc#1224765). * CVE-2024-35950: drm/client: Fully protect modes with dev->mode_config.mutex (bsc#1224703). * CVE-2024-36894: usb: gadget: f_fs: Fix race between aio_cancel() and AIO request complete (bsc#1225749). * CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1225737). * CVE-2024-36904: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique() (bsc#1225732). * CVE-2024-36940: pinctrl: core: delete incorrect free in pinctrl_enable() (bsc#1225840). * CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000 (bsc#1225866). * CVE-2024-36971: net: fix __dst_negative_advice() race (bsc#1226145). * CVE-2024-38541: of: module: add buffer overflow check in of_modalias() (bsc#1226587). * CVE-2024-38545: RDMA/hns: Fix UAF for cq async event (bsc#1226595). * CVE-2024-38559: scsi: qedf: Ensure the copied buf is NUL terminated (bsc#1226785). * CVE-2024-38560: scsi: bfa: Ensure the copied buf is NUL terminated (bsc#1226786). * CVE-2024-38564: bpf: Add BPF_PROG_TYPE_CGROUP_SKB attach type enforcement in BPF_LINK_CREATE (bsc#1226789). * CVE-2024-38578: ecryptfs: Fix buffer size for tag 66 packet (bsc#1226634). The following non-security bugs were fixed: * Revert "build initrd without systemd" (bsc#1195775) * cgroup: Add annotation for holding namespace_sem in current_cgns_cgroup_from_root() (bsc#1222254). * cgroup: Eliminate the need for cgroup_mutex in proc_cgroup_show() (bsc#1222254). * cgroup: Make operations on the cgroup root_list RCU safe (bsc#1222254). * cgroup: Remove unnecessary list_empty() (bsc#1222254). * cgroup: preserve KABI of cgroup_root (bsc#1222254). * mkspec-dtb: add toplevel symlinks also on arm * ocfs2: adjust enabling place for la window (bsc#1219224). * ocfs2: fix sparse warnings (bsc#1219224). * ocfs2: improve write IO performance when fragmentation is high (bsc#1219224). * ocfs2: speed up chain-list searching (bsc#1219224). * random: treat bootloader trust toggle the same way as cpu trust toggle (bsc#1226953). * rpm/kernel-obs-build.spec.in: Add iso9660 (bsc#1226212) Some builds do not just create an iso9660 image, but also mount it during build. * rpm/kernel-obs-build.spec.in: Add networking modules for docker (bsc#1226211) docker needs more networking modules, even legacy iptable_nat and _filter. * rpm/kernel-obs-build.spec.in: Include algif_hash, aegis128 and xts modules afgif_hash is needed by some packages (e.g. iwd) for tests, xts is used for LUKS2 volumes by default and aegis128 is useful as AEAD cipher for LUKS2. Wrap the long line to make it readable. * rpm/mkspec-dtb: dtbs have moved to vendor sub-directories in 6.5 By commit 724ba6751532 ("ARM: dts: Move .dts files to vendor sub-directories"). So switch to them. * scsi: lpfc: Remove IRQF_ONESHOT flag from threaded IRQ handling (bsc#1216124). * smb: client: ensure to try all targets when finding nested links (bsc#1224020). * smb: client: guarantee refcounted children from parent session (bsc#1224679). * x86/tsc: Trust initial offset in architectural TSC-adjust MSRs (bsc#1222015 bsc#1226962). * xfs: do not include bnobt blocks when reserving free block pool (bsc#1226270). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-2385=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-2385=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-2385=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-2385=1 ## Package List: * SUSE Linux Enterprise Micro for Rancher 5.3 (nosrc x86_64) * kernel-rt-5.14.21-150400.15.85.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (x86_64) * kernel-rt-debugsource-5.14.21-150400.15.85.1 * kernel-rt-debuginfo-5.14.21-150400.15.85.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (noarch) * kernel-source-rt-5.14.21-150400.15.85.1 * SUSE Linux Enterprise Micro 5.3 (nosrc x86_64) * kernel-rt-5.14.21-150400.15.85.1 * SUSE Linux Enterprise Micro 5.3 (x86_64) * kernel-rt-debugsource-5.14.21-150400.15.85.1 * kernel-rt-debuginfo-5.14.21-150400.15.85.1 * SUSE Linux Enterprise Micro 5.3 (noarch) * kernel-source-rt-5.14.21-150400.15.85.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (nosrc x86_64) * kernel-rt-5.14.21-150400.15.85.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (x86_64) * kernel-rt-debugsource-5.14.21-150400.15.85.1 * kernel-rt-debuginfo-5.14.21-150400.15.85.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (noarch) * kernel-source-rt-5.14.21-150400.15.85.1 * SUSE Linux Enterprise Micro 5.4 (nosrc x86_64) * kernel-rt-5.14.21-150400.15.85.1 * SUSE Linux Enterprise Micro 5.4 (x86_64) * kernel-rt-debugsource-5.14.21-150400.15.85.1 * kernel-rt-debuginfo-5.14.21-150400.15.85.1 * SUSE Linux Enterprise Micro 5.4 (noarch) * kernel-source-rt-5.14.21-150400.15.85.1 ## References: * https://www.suse.com/security/cve/CVE-2021-47555.html * https://www.suse.com/security/cve/CVE-2021-47571.html * https://www.suse.com/security/cve/CVE-2023-24023.html * https://www.suse.com/security/cve/CVE-2023-52670.html * https://www.suse.com/security/cve/CVE-2023-52752.html * https://www.suse.com/security/cve/CVE-2023-52837.html * https://www.suse.com/security/cve/CVE-2023-52846.html * https://www.suse.com/security/cve/CVE-2023-52881.html * https://www.suse.com/security/cve/CVE-2024-26745.html * https://www.suse.com/security/cve/CVE-2024-35789.html * https://www.suse.com/security/cve/CVE-2024-35861.html * https://www.suse.com/security/cve/CVE-2024-35862.html * https://www.suse.com/security/cve/CVE-2024-35864.html * https://www.suse.com/security/cve/CVE-2024-35869.html * https://www.suse.com/security/cve/CVE-2024-35950.html * https://www.suse.com/security/cve/CVE-2024-36894.html * https://www.suse.com/security/cve/CVE-2024-36899.html * https://www.suse.com/security/cve/CVE-2024-36904.html * https://www.suse.com/security/cve/CVE-2024-36940.html * https://www.suse.com/security/cve/CVE-2024-36964.html * https://www.suse.com/security/cve/CVE-2024-36971.html * https://www.suse.com/security/cve/CVE-2024-38541.html * https://www.suse.com/security/cve/CVE-2024-38545.html * https://www.suse.com/security/cve/CVE-2024-38559.html * https://www.suse.com/security/cve/CVE-2024-38560.html * https://www.suse.com/security/cve/CVE-2024-38564.html * https://www.suse.com/security/cve/CVE-2024-38578.html * https://bugzilla.suse.com/show_bug.cgi?id=1195775 * https://bugzilla.suse.com/show_bug.cgi?id=1216124 * https://bugzilla.suse.com/show_bug.cgi?id=1218148 * https://bugzilla.suse.com/show_bug.cgi?id=1219224 * https://bugzilla.suse.com/show_bug.cgi?id=1220492 * https://bugzilla.suse.com/show_bug.cgi?id=1222015 * https://bugzilla.suse.com/show_bug.cgi?id=1222254 * https://bugzilla.suse.com/show_bug.cgi?id=1222678 * https://bugzilla.suse.com/show_bug.cgi?id=1224020 * https://bugzilla.suse.com/show_bug.cgi?id=1224679 * https://bugzilla.suse.com/show_bug.cgi?id=1224696 * https://bugzilla.suse.com/show_bug.cgi?id=1224703 * https://bugzilla.suse.com/show_bug.cgi?id=1224749 * https://bugzilla.suse.com/show_bug.cgi?id=1224764 * https://bugzilla.suse.com/show_bug.cgi?id=1224765 * https://bugzilla.suse.com/show_bug.cgi?id=1224766 * https://bugzilla.suse.com/show_bug.cgi?id=1224935 * https://bugzilla.suse.com/show_bug.cgi?id=1225098 * https://bugzilla.suse.com/show_bug.cgi?id=1225467 * https://bugzilla.suse.com/show_bug.cgi?id=1225487 * https://bugzilla.suse.com/show_bug.cgi?id=1225518 * https://bugzilla.suse.com/show_bug.cgi?id=1225611 * https://bugzilla.suse.com/show_bug.cgi?id=1225732 * https://bugzilla.suse.com/show_bug.cgi?id=1225737 * https://bugzilla.suse.com/show_bug.cgi?id=1225749 * https://bugzilla.suse.com/show_bug.cgi?id=1225840 * https://bugzilla.suse.com/show_bug.cgi?id=1225866 * https://bugzilla.suse.com/show_bug.cgi?id=1226145 * https://bugzilla.suse.com/show_bug.cgi?id=1226211 * https://bugzilla.suse.com/show_bug.cgi?id=1226212 * https://bugzilla.suse.com/show_bug.cgi?id=1226270 * https://bugzilla.suse.com/show_bug.cgi?id=1226587 * https://bugzilla.suse.com/show_bug.cgi?id=1226595 * https://bugzilla.suse.com/show_bug.cgi?id=1226634 * https://bugzilla.suse.com/show_bug.cgi?id=1226785 * https://bugzilla.suse.com/show_bug.cgi?id=1226786 * https://bugzilla.suse.com/show_bug.cgi?id=1226789 * https://bugzilla.suse.com/show_bug.cgi?id=1226953 * https://bugzilla.suse.com/show_bug.cgi?id=1226962 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jul 10 16:30:45 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 10 Jul 2024 16:30:45 -0000 Subject: SUSE-SU-2024:2384-1: important: Security update for the Linux Kernel Message-ID: <172062904599.23853.6307939799575727060@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2024:2384-1 Rating: important References: * bsc#1156395 * bsc#1171988 * bsc#1176447 * bsc#1176774 * bsc#1181147 * bsc#1191958 * bsc#1195065 * bsc#1195254 * bsc#1195798 * bsc#1202623 * bsc#1218148 * bsc#1219224 * bsc#1219633 * bsc#1222015 * bsc#1223011 * bsc#1224671 * bsc#1224703 * bsc#1224749 * bsc#1224764 * bsc#1224765 * bsc#1224766 * bsc#1224865 * bsc#1225010 * bsc#1225047 * bsc#1225109 * bsc#1225161 * bsc#1225184 * bsc#1225203 * bsc#1225487 * bsc#1225518 * bsc#1225611 * bsc#1225732 * bsc#1225749 * bsc#1225840 * bsc#1225866 * bsc#1226226 * bsc#1226537 * bsc#1226552 * bsc#1226554 * bsc#1226557 * bsc#1226558 * bsc#1226562 * bsc#1226563 * bsc#1226575 * bsc#1226583 * bsc#1226585 * bsc#1226587 * bsc#1226595 * bsc#1226614 * bsc#1226619 * bsc#1226621 * bsc#1226624 * bsc#1226643 * bsc#1226644 * bsc#1226645 * bsc#1226647 * bsc#1226650 * bsc#1226669 * bsc#1226670 * bsc#1226672 * bsc#1226674 * bsc#1226679 * bsc#1226686 * bsc#1226691 * bsc#1226692 * bsc#1226698 * bsc#1226703 * bsc#1226708 * bsc#1226709 * bsc#1226711 * bsc#1226712 * bsc#1226713 * bsc#1226715 * bsc#1226716 * bsc#1226720 * bsc#1226721 * bsc#1226732 * bsc#1226762 * bsc#1226785 * bsc#1226786 * bsc#1226962 Cross-References: * CVE-2021-43389 * CVE-2021-4439 * CVE-2021-47247 * CVE-2021-47311 * CVE-2021-47328 * CVE-2021-47368 * CVE-2021-47372 * CVE-2021-47379 * CVE-2021-47571 * CVE-2021-47576 * CVE-2021-47583 * CVE-2021-47589 * CVE-2021-47595 * CVE-2021-47596 * CVE-2021-47600 * CVE-2021-47602 * CVE-2021-47609 * CVE-2021-47611 * CVE-2021-47612 * CVE-2021-47617 * CVE-2021-47618 * CVE-2021-47619 * CVE-2021-47620 * CVE-2022-2938 * CVE-2022-48711 * CVE-2022-48715 * CVE-2022-48717 * CVE-2022-48722 * CVE-2022-48724 * CVE-2022-48726 * CVE-2022-48728 * CVE-2022-48730 * CVE-2022-48732 * CVE-2022-48736 * CVE-2022-48737 * CVE-2022-48738 * CVE-2022-48746 * CVE-2022-48747 * CVE-2022-48748 * CVE-2022-48749 * CVE-2022-48752 * CVE-2022-48754 * CVE-2022-48756 * CVE-2022-48758 * CVE-2022-48759 * CVE-2022-48760 * CVE-2022-48767 * CVE-2022-48768 * CVE-2022-48771 * CVE-2023-24023 * CVE-2023-52707 * CVE-2023-52752 * CVE-2023-52881 * CVE-2024-26822 * CVE-2024-35789 * CVE-2024-35861 * CVE-2024-35862 * CVE-2024-35864 * CVE-2024-35878 * CVE-2024-35950 * CVE-2024-36894 * CVE-2024-36904 * CVE-2024-36940 * CVE-2024-36964 * CVE-2024-38541 * CVE-2024-38545 * CVE-2024-38559 * CVE-2024-38560 CVSS scores: * CVE-2021-43389 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-43389 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-4439 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2021-47247 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47311 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47328 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47368 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2021-47372 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47379 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47571 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47571 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47576 ( SUSE ): 3.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:L * CVE-2021-47583 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47589 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47595 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47596 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47600 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47602 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47609 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47611 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47612 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47617 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47618 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47619 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47620 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2022-2938 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H * CVE-2022-2938 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48711 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48715 ( SUSE ): 3.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2022-48717 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2022-48722 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48724 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48726 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48728 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48730 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2022-48732 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48736 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N * CVE-2022-48737 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N * CVE-2022-48738 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48746 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48747 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2022-48748 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L * CVE-2022-48749 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48752 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48754 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48756 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48758 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48759 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48760 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48767 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48768 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48771 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2023-24023 ( SUSE ): 6.8 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2023-24023 ( NVD ): 6.8 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2023-52707 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52752 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52752 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52881 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:L * CVE-2024-26822 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35789 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35861 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35862 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35864 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35878 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35950 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36894 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36904 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36940 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-36964 ( SUSE ): 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-38541 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-38545 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38559 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-38560 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 An update that solves 68 vulnerabilities and has 13 security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2021-47247: net/mlx5e: Fix use-after-free of encap entry in neigh update handler (bsc#1224865). - CVE-2021-47311: net: qcom/emac: fix UAF in emac_remove (bsc#1225010). - CVE-2021-47368: enetc: Fix illegal access when reading affinity_hint (bsc#1225161). - CVE-2021-47372: net: macb: fix use after free on rmmod (bsc#1225184). - CVE-2021-47379: blk-cgroup: fix UAF by grabbing blkcg lock before destroying blkg pd (bsc#1225203). - CVE-2021-47571: staging: rtl8192e: Fix use after free in _rtl92e_pci_disconnect() (bsc#1225518). - CVE-2022-2938: psi: Fix uaf issue when psi trigger is destroyed while being polled (bsc#1202623). - CVE-2022-48760: USB: core: Fix hang in usb_kill_urb by adding memory barriers (bsc#1226712). - CVE-2023-52707: sched/psi: Fix use-after-free in ep_remove_wait_queue() (bsc#1225109). polled (bsc#1202623). - CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225487). - CVE-2023-52881: tcp: do not accept ACK of bytes we never sent (bsc#1225611). - CVE-2024-26822: Set correct id, uid and cruid for multiuser automounts (bsc#1223011). - CVE-2024-35789: Check fast rx for non-4addr sta VLAN changes (bsc#1224749). - CVE-2024-35861: Fixed potential UAF in cifs_signal_cifsd_for_reconnect() (bsc#1224766). - CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted() (bsc#1224764). - CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break() (bsc#1224765). - CVE-2024-35950: drm/client: Fully protect modes with dev->mode_config.mutex (bsc#1224703). - CVE-2024-36894: usb: gadget: f_fs: Fix race between aio_cancel() and AIO request complete (bsc#1225749). - CVE-2024-36904: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique() (bsc#1225732). - CVE-2024-36940: pinctrl: core: delete incorrect free in pinctrl_enable() (bsc#1225840). - CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000 (bsc#1225866). - CVE-2024-38545: RDMA/hns: Fix UAF for cq async event (bsc#1226595). - CVE-2024-38559: scsi: qedf: Ensure the copied buf is NUL terminated (bsc#1226785). - CVE-2024-38560: scsi: bfa: Ensure the copied buf is NUL terminated (bsc#1226786). The following non-security bugs were fixed: - NFS: avoid infinite loop in pnfs_update_layout (bsc#1219633 bsc#1226226). - ocfs2: adjust enabling place for la window (bsc#1219224). - ocfs2: fix sparse warnings (bsc#1219224). - ocfs2: improve write IO performance when fragmentation is high (bsc#1219224). - ocfs2: speed up chain-list searching (bsc#1219224). - psi: Fix uaf issue when psi trigger is destroyed while being - x86/tsc: Trust initial offset in architectural TSC-adjust MSRs (bsc#1222015 bsc#1226962). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-2384=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-2384=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-2384=1 ## Package List: * SUSE Linux Enterprise Micro 5.1 (nosrc x86_64) * kernel-rt-5.3.18-150300.175.1 * SUSE Linux Enterprise Micro 5.1 (x86_64) * kernel-rt-debugsource-5.3.18-150300.175.1 * kernel-rt-debuginfo-5.3.18-150300.175.1 * SUSE Linux Enterprise Micro 5.1 (noarch) * kernel-source-rt-5.3.18-150300.175.1 * SUSE Linux Enterprise Micro 5.2 (nosrc x86_64) * kernel-rt-5.3.18-150300.175.1 * SUSE Linux Enterprise Micro 5.2 (x86_64) * kernel-rt-debugsource-5.3.18-150300.175.1 * kernel-rt-debuginfo-5.3.18-150300.175.1 * SUSE Linux Enterprise Micro 5.2 (noarch) * kernel-source-rt-5.3.18-150300.175.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (nosrc x86_64) * kernel-rt-5.3.18-150300.175.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (x86_64) * kernel-rt-debugsource-5.3.18-150300.175.1 * kernel-rt-debuginfo-5.3.18-150300.175.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (noarch) * kernel-source-rt-5.3.18-150300.175.1 ## References: * https://www.suse.com/security/cve/CVE-2021-43389.html * https://www.suse.com/security/cve/CVE-2021-4439.html * https://www.suse.com/security/cve/CVE-2021-47247.html * https://www.suse.com/security/cve/CVE-2021-47311.html * https://www.suse.com/security/cve/CVE-2021-47328.html * https://www.suse.com/security/cve/CVE-2021-47368.html * https://www.suse.com/security/cve/CVE-2021-47372.html * https://www.suse.com/security/cve/CVE-2021-47379.html * https://www.suse.com/security/cve/CVE-2021-47571.html * https://www.suse.com/security/cve/CVE-2021-47576.html * https://www.suse.com/security/cve/CVE-2021-47583.html * https://www.suse.com/security/cve/CVE-2021-47589.html * https://www.suse.com/security/cve/CVE-2021-47595.html * https://www.suse.com/security/cve/CVE-2021-47596.html * https://www.suse.com/security/cve/CVE-2021-47600.html * https://www.suse.com/security/cve/CVE-2021-47602.html * https://www.suse.com/security/cve/CVE-2021-47609.html * https://www.suse.com/security/cve/CVE-2021-47611.html * https://www.suse.com/security/cve/CVE-2021-47612.html * https://www.suse.com/security/cve/CVE-2021-47617.html * https://www.suse.com/security/cve/CVE-2021-47618.html * https://www.suse.com/security/cve/CVE-2021-47619.html * https://www.suse.com/security/cve/CVE-2021-47620.html * https://www.suse.com/security/cve/CVE-2022-2938.html * https://www.suse.com/security/cve/CVE-2022-48711.html * https://www.suse.com/security/cve/CVE-2022-48715.html * https://www.suse.com/security/cve/CVE-2022-48717.html * https://www.suse.com/security/cve/CVE-2022-48722.html * https://www.suse.com/security/cve/CVE-2022-48724.html * https://www.suse.com/security/cve/CVE-2022-48726.html * https://www.suse.com/security/cve/CVE-2022-48728.html * https://www.suse.com/security/cve/CVE-2022-48730.html * https://www.suse.com/security/cve/CVE-2022-48732.html * https://www.suse.com/security/cve/CVE-2022-48736.html * https://www.suse.com/security/cve/CVE-2022-48737.html * https://www.suse.com/security/cve/CVE-2022-48738.html * https://www.suse.com/security/cve/CVE-2022-48746.html * https://www.suse.com/security/cve/CVE-2022-48747.html * https://www.suse.com/security/cve/CVE-2022-48748.html * https://www.suse.com/security/cve/CVE-2022-48749.html * https://www.suse.com/security/cve/CVE-2022-48752.html * https://www.suse.com/security/cve/CVE-2022-48754.html * https://www.suse.com/security/cve/CVE-2022-48756.html * https://www.suse.com/security/cve/CVE-2022-48758.html * https://www.suse.com/security/cve/CVE-2022-48759.html * https://www.suse.com/security/cve/CVE-2022-48760.html * https://www.suse.com/security/cve/CVE-2022-48767.html * https://www.suse.com/security/cve/CVE-2022-48768.html * https://www.suse.com/security/cve/CVE-2022-48771.html * https://www.suse.com/security/cve/CVE-2023-24023.html * https://www.suse.com/security/cve/CVE-2023-52707.html * https://www.suse.com/security/cve/CVE-2023-52752.html * https://www.suse.com/security/cve/CVE-2023-52881.html * https://www.suse.com/security/cve/CVE-2024-26822.html * https://www.suse.com/security/cve/CVE-2024-35789.html * https://www.suse.com/security/cve/CVE-2024-35861.html * https://www.suse.com/security/cve/CVE-2024-35862.html * https://www.suse.com/security/cve/CVE-2024-35864.html * https://www.suse.com/security/cve/CVE-2024-35878.html * https://www.suse.com/security/cve/CVE-2024-35950.html * https://www.suse.com/security/cve/CVE-2024-36894.html * https://www.suse.com/security/cve/CVE-2024-36904.html * https://www.suse.com/security/cve/CVE-2024-36940.html * https://www.suse.com/security/cve/CVE-2024-36964.html * https://www.suse.com/security/cve/CVE-2024-38541.html * https://www.suse.com/security/cve/CVE-2024-38545.html * https://www.suse.com/security/cve/CVE-2024-38559.html * https://www.suse.com/security/cve/CVE-2024-38560.html * https://bugzilla.suse.com/show_bug.cgi?id=1156395 * https://bugzilla.suse.com/show_bug.cgi?id=1171988 * https://bugzilla.suse.com/show_bug.cgi?id=1176447 * https://bugzilla.suse.com/show_bug.cgi?id=1176774 * https://bugzilla.suse.com/show_bug.cgi?id=1181147 * https://bugzilla.suse.com/show_bug.cgi?id=1191958 * https://bugzilla.suse.com/show_bug.cgi?id=1195065 * https://bugzilla.suse.com/show_bug.cgi?id=1195254 * https://bugzilla.suse.com/show_bug.cgi?id=1195798 * https://bugzilla.suse.com/show_bug.cgi?id=1202623 * https://bugzilla.suse.com/show_bug.cgi?id=1218148 * https://bugzilla.suse.com/show_bug.cgi?id=1219224 * https://bugzilla.suse.com/show_bug.cgi?id=1219633 * https://bugzilla.suse.com/show_bug.cgi?id=1222015 * https://bugzilla.suse.com/show_bug.cgi?id=1223011 * https://bugzilla.suse.com/show_bug.cgi?id=1224671 * https://bugzilla.suse.com/show_bug.cgi?id=1224703 * https://bugzilla.suse.com/show_bug.cgi?id=1224749 * https://bugzilla.suse.com/show_bug.cgi?id=1224764 * https://bugzilla.suse.com/show_bug.cgi?id=1224765 * https://bugzilla.suse.com/show_bug.cgi?id=1224766 * https://bugzilla.suse.com/show_bug.cgi?id=1224865 * https://bugzilla.suse.com/show_bug.cgi?id=1225010 * https://bugzilla.suse.com/show_bug.cgi?id=1225047 * https://bugzilla.suse.com/show_bug.cgi?id=1225109 * https://bugzilla.suse.com/show_bug.cgi?id=1225161 * https://bugzilla.suse.com/show_bug.cgi?id=1225184 * https://bugzilla.suse.com/show_bug.cgi?id=1225203 * https://bugzilla.suse.com/show_bug.cgi?id=1225487 * https://bugzilla.suse.com/show_bug.cgi?id=1225518 * https://bugzilla.suse.com/show_bug.cgi?id=1225611 * https://bugzilla.suse.com/show_bug.cgi?id=1225732 * https://bugzilla.suse.com/show_bug.cgi?id=1225749 * https://bugzilla.suse.com/show_bug.cgi?id=1225840 * https://bugzilla.suse.com/show_bug.cgi?id=1225866 * https://bugzilla.suse.com/show_bug.cgi?id=1226226 * https://bugzilla.suse.com/show_bug.cgi?id=1226537 * https://bugzilla.suse.com/show_bug.cgi?id=1226552 * https://bugzilla.suse.com/show_bug.cgi?id=1226554 * https://bugzilla.suse.com/show_bug.cgi?id=1226557 * https://bugzilla.suse.com/show_bug.cgi?id=1226558 * https://bugzilla.suse.com/show_bug.cgi?id=1226562 * https://bugzilla.suse.com/show_bug.cgi?id=1226563 * https://bugzilla.suse.com/show_bug.cgi?id=1226575 * https://bugzilla.suse.com/show_bug.cgi?id=1226583 * https://bugzilla.suse.com/show_bug.cgi?id=1226585 * https://bugzilla.suse.com/show_bug.cgi?id=1226587 * https://bugzilla.suse.com/show_bug.cgi?id=1226595 * https://bugzilla.suse.com/show_bug.cgi?id=1226614 * https://bugzilla.suse.com/show_bug.cgi?id=1226619 * https://bugzilla.suse.com/show_bug.cgi?id=1226621 * https://bugzilla.suse.com/show_bug.cgi?id=1226624 * https://bugzilla.suse.com/show_bug.cgi?id=1226643 * https://bugzilla.suse.com/show_bug.cgi?id=1226644 * https://bugzilla.suse.com/show_bug.cgi?id=1226645 * https://bugzilla.suse.com/show_bug.cgi?id=1226647 * https://bugzilla.suse.com/show_bug.cgi?id=1226650 * https://bugzilla.suse.com/show_bug.cgi?id=1226669 * https://bugzilla.suse.com/show_bug.cgi?id=1226670 * https://bugzilla.suse.com/show_bug.cgi?id=1226672 * https://bugzilla.suse.com/show_bug.cgi?id=1226674 * https://bugzilla.suse.com/show_bug.cgi?id=1226679 * https://bugzilla.suse.com/show_bug.cgi?id=1226686 * https://bugzilla.suse.com/show_bug.cgi?id=1226691 * https://bugzilla.suse.com/show_bug.cgi?id=1226692 * https://bugzilla.suse.com/show_bug.cgi?id=1226698 * https://bugzilla.suse.com/show_bug.cgi?id=1226703 * https://bugzilla.suse.com/show_bug.cgi?id=1226708 * https://bugzilla.suse.com/show_bug.cgi?id=1226709 * https://bugzilla.suse.com/show_bug.cgi?id=1226711 * https://bugzilla.suse.com/show_bug.cgi?id=1226712 * https://bugzilla.suse.com/show_bug.cgi?id=1226713 * https://bugzilla.suse.com/show_bug.cgi?id=1226715 * https://bugzilla.suse.com/show_bug.cgi?id=1226716 * https://bugzilla.suse.com/show_bug.cgi?id=1226720 * https://bugzilla.suse.com/show_bug.cgi?id=1226721 * https://bugzilla.suse.com/show_bug.cgi?id=1226732 * https://bugzilla.suse.com/show_bug.cgi?id=1226762 * https://bugzilla.suse.com/show_bug.cgi?id=1226785 * https://bugzilla.suse.com/show_bug.cgi?id=1226786 * https://bugzilla.suse.com/show_bug.cgi?id=1226962 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jul 10 20:30:54 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 10 Jul 2024 20:30:54 -0000 Subject: SUSE-SU-2024:2394-1: important: Security update for the Linux Kernel Message-ID: <172064345468.31832.10038455203060523369@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2024:2394-1 Rating: important References: * bsc#1156395 * bsc#1190336 * bsc#1191958 * bsc#1193883 * bsc#1194826 * bsc#1195065 * bsc#1195254 * bsc#1195341 * bsc#1195349 * bsc#1195775 * bsc#1196746 * bsc#1197915 * bsc#1198014 * bsc#1199295 * bsc#1202767 * bsc#1202780 * bsc#1205205 * bsc#1207361 * bsc#1217912 * bsc#1218148 * bsc#1218570 * bsc#1218820 * bsc#1219224 * bsc#1219633 * bsc#1219847 * bsc#1220368 * bsc#1220812 * bsc#1220958 * bsc#1221086 * bsc#1221282 * bsc#1221958 * bsc#1222015 * bsc#1222072 * bsc#1222080 * bsc#1222241 * bsc#1222254 * bsc#1222364 * bsc#1222893 * bsc#1223013 * bsc#1223018 * bsc#1223265 * bsc#1223384 * bsc#1223641 * bsc#1224020 * bsc#1224331 * bsc#1224488 * bsc#1224497 * bsc#1224498 * bsc#1224504 * bsc#1224520 * bsc#1224539 * bsc#1224540 * bsc#1224552 * bsc#1224583 * bsc#1224588 * bsc#1224602 * bsc#1224603 * bsc#1224605 * bsc#1224612 * bsc#1224614 * bsc#1224619 * bsc#1224661 * bsc#1224662 * bsc#1224670 * bsc#1224671 * bsc#1224674 * bsc#1224677 * bsc#1224679 * bsc#1224696 * bsc#1224703 * bsc#1224712 * bsc#1224716 * bsc#1224719 * bsc#1224735 * bsc#1224749 * bsc#1224764 * bsc#1224765 * bsc#1224766 * bsc#1224935 * bsc#1224946 * bsc#1224951 * bsc#1225050 * bsc#1225098 * bsc#1225105 * bsc#1225300 * bsc#1225389 * bsc#1225391 * bsc#1225419 * bsc#1225426 * bsc#1225448 * bsc#1225452 * bsc#1225467 * bsc#1225475 * bsc#1225484 * bsc#1225487 * bsc#1225514 * bsc#1225518 * bsc#1225535 * bsc#1225585 * bsc#1225602 * bsc#1225611 * bsc#1225681 * bsc#1225692 * bsc#1225698 * bsc#1225699 * bsc#1225704 * bsc#1225714 * bsc#1225726 * bsc#1225732 * bsc#1225737 * bsc#1225749 * bsc#1225758 * bsc#1225759 * bsc#1225760 * bsc#1225767 * bsc#1225770 * bsc#1225823 * bsc#1225834 * bsc#1225840 * bsc#1225866 * bsc#1225872 * bsc#1225894 * bsc#1226022 * bsc#1226131 * bsc#1226145 * bsc#1226149 * bsc#1226155 * bsc#1226211 * bsc#1226212 * bsc#1226226 * bsc#1226514 * bsc#1226520 * bsc#1226537 * bsc#1226538 * bsc#1226539 * bsc#1226550 * bsc#1226552 * bsc#1226553 * bsc#1226554 * bsc#1226556 * bsc#1226557 * bsc#1226558 * bsc#1226559 * bsc#1226561 * bsc#1226562 * bsc#1226563 * bsc#1226564 * bsc#1226566 * bsc#1226567 * bsc#1226569 * bsc#1226572 * bsc#1226575 * bsc#1226576 * bsc#1226577 * bsc#1226579 * bsc#1226580 * bsc#1226581 * bsc#1226582 * bsc#1226583 * bsc#1226585 * bsc#1226587 * bsc#1226588 * bsc#1226593 * bsc#1226595 * bsc#1226597 * bsc#1226601 * bsc#1226602 * bsc#1226603 * bsc#1226607 * bsc#1226610 * bsc#1226614 * bsc#1226616 * bsc#1226617 * bsc#1226618 * bsc#1226619 * bsc#1226621 * bsc#1226622 * bsc#1226624 * bsc#1226626 * bsc#1226628 * bsc#1226629 * bsc#1226632 * bsc#1226633 * bsc#1226634 * bsc#1226637 * bsc#1226643 * bsc#1226644 * bsc#1226645 * bsc#1226647 * bsc#1226650 * bsc#1226653 * bsc#1226657 * bsc#1226658 * bsc#1226669 * bsc#1226670 * bsc#1226672 * bsc#1226673 * bsc#1226674 * bsc#1226675 * bsc#1226678 * bsc#1226679 * bsc#1226683 * bsc#1226685 * bsc#1226686 * bsc#1226690 * bsc#1226691 * bsc#1226692 * bsc#1226693 * bsc#1226696 * bsc#1226697 * bsc#1226698 * bsc#1226699 * bsc#1226701 * bsc#1226702 * bsc#1226703 * bsc#1226704 * bsc#1226705 * bsc#1226706 * bsc#1226708 * bsc#1226709 * bsc#1226710 * bsc#1226711 * bsc#1226712 * bsc#1226713 * bsc#1226715 * bsc#1226716 * bsc#1226718 * bsc#1226719 * bsc#1226720 * bsc#1226721 * bsc#1226730 * bsc#1226732 * bsc#1226734 * bsc#1226735 * bsc#1226737 * bsc#1226738 * bsc#1226739 * bsc#1226740 * bsc#1226744 * bsc#1226746 * bsc#1226747 * bsc#1226749 * bsc#1226754 * bsc#1226762 * bsc#1226764 * bsc#1226767 * bsc#1226768 * bsc#1226769 * bsc#1226771 * bsc#1226774 * bsc#1226777 * bsc#1226780 * bsc#1226781 * bsc#1226785 * bsc#1226786 * bsc#1226789 * bsc#1226791 * bsc#1226839 * bsc#1226840 * bsc#1226841 * bsc#1226842 * bsc#1226848 * bsc#1226852 * bsc#1226857 * bsc#1226861 * bsc#1226863 * bsc#1226864 * bsc#1226867 * bsc#1226868 * bsc#1226876 * bsc#1226878 * bsc#1226883 * bsc#1226886 * bsc#1226890 * bsc#1226891 * bsc#1226895 * bsc#1226908 * bsc#1226915 * bsc#1226928 * bsc#1226948 * bsc#1226949 * bsc#1226950 * bsc#1226953 * bsc#1226962 * bsc#1226976 * bsc#1226992 * bsc#1226994 * bsc#1226996 * bsc#1227066 * bsc#1227096 * bsc#1227101 * bsc#1227103 * bsc#1227274 * jsc#PED-8491 * jsc#PED-8570 * jsc#PED-8690 Cross-References: * CVE-2021-4439 * CVE-2021-47089 * CVE-2021-47432 * CVE-2021-47515 * CVE-2021-47534 * CVE-2021-47538 * CVE-2021-47539 * CVE-2021-47555 * CVE-2021-47566 * CVE-2021-47571 * CVE-2021-47572 * CVE-2021-47576 * CVE-2021-47577 * CVE-2021-47578 * CVE-2021-47580 * CVE-2021-47582 * CVE-2021-47583 * CVE-2021-47584 * CVE-2021-47585 * CVE-2021-47586 * CVE-2021-47587 * CVE-2021-47589 * CVE-2021-47592 * CVE-2021-47595 * CVE-2021-47596 * CVE-2021-47597 * CVE-2021-47600 * CVE-2021-47601 * CVE-2021-47602 * CVE-2021-47603 * CVE-2021-47604 * CVE-2021-47605 * CVE-2021-47607 * CVE-2021-47608 * CVE-2021-47609 * CVE-2021-47610 * CVE-2021-47611 * CVE-2021-47612 * CVE-2021-47614 * CVE-2021-47615 * CVE-2021-47616 * CVE-2021-47617 * CVE-2021-47618 * CVE-2021-47619 * CVE-2021-47620 * CVE-2022-48711 * CVE-2022-48712 * CVE-2022-48713 * CVE-2022-48714 * CVE-2022-48715 * CVE-2022-48716 * CVE-2022-48717 * CVE-2022-48718 * CVE-2022-48720 * CVE-2022-48721 * CVE-2022-48722 * CVE-2022-48723 * CVE-2022-48724 * CVE-2022-48725 * CVE-2022-48726 * CVE-2022-48727 * CVE-2022-48728 * CVE-2022-48729 * CVE-2022-48730 * CVE-2022-48732 * CVE-2022-48733 * CVE-2022-48734 * CVE-2022-48735 * CVE-2022-48736 * CVE-2022-48737 * CVE-2022-48738 * CVE-2022-48739 * CVE-2022-48740 * CVE-2022-48743 * CVE-2022-48744 * CVE-2022-48745 * CVE-2022-48746 * CVE-2022-48747 * CVE-2022-48748 * CVE-2022-48749 * CVE-2022-48751 * CVE-2022-48752 * CVE-2022-48753 * CVE-2022-48754 * CVE-2022-48755 * CVE-2022-48756 * CVE-2022-48758 * CVE-2022-48759 * CVE-2022-48760 * CVE-2022-48761 * CVE-2022-48763 * CVE-2022-48765 * CVE-2022-48766 * CVE-2022-48767 * CVE-2022-48768 * CVE-2022-48769 * CVE-2022-48770 * CVE-2022-48771 * CVE-2022-48772 * CVE-2023-24023 * CVE-2023-52622 * CVE-2023-52658 * CVE-2023-52667 * CVE-2023-52670 * CVE-2023-52672 * CVE-2023-52675 * CVE-2023-52735 * CVE-2023-52737 * CVE-2023-52752 * CVE-2023-52766 * CVE-2023-52784 * CVE-2023-52787 * CVE-2023-52800 * CVE-2023-52835 * CVE-2023-52837 * CVE-2023-52843 * CVE-2023-52845 * CVE-2023-52846 * CVE-2023-52869 * CVE-2023-52881 * CVE-2023-52882 * CVE-2023-52884 * CVE-2024-26625 * CVE-2024-26644 * CVE-2024-26720 * CVE-2024-26842 * CVE-2024-26845 * CVE-2024-26923 * CVE-2024-26973 * CVE-2024-27432 * CVE-2024-33619 * CVE-2024-35247 * CVE-2024-35789 * CVE-2024-35790 * CVE-2024-35807 * CVE-2024-35814 * CVE-2024-35835 * CVE-2024-35848 * CVE-2024-35857 * CVE-2024-35861 * CVE-2024-35862 * CVE-2024-35864 * CVE-2024-35869 * CVE-2024-35878 * CVE-2024-35884 * CVE-2024-35886 * CVE-2024-35896 * CVE-2024-35898 * CVE-2024-35900 * CVE-2024-35905 * CVE-2024-35925 * CVE-2024-35950 * CVE-2024-35956 * CVE-2024-35958 * CVE-2024-35960 * CVE-2024-35962 * CVE-2024-35997 * CVE-2024-36005 * CVE-2024-36008 * CVE-2024-36017 * CVE-2024-36020 * CVE-2024-36021 * CVE-2024-36025 * CVE-2024-36477 * CVE-2024-36478 * CVE-2024-36479 * CVE-2024-36890 * CVE-2024-36894 * CVE-2024-36899 * CVE-2024-36900 * CVE-2024-36904 * CVE-2024-36915 * CVE-2024-36916 * CVE-2024-36917 * CVE-2024-36919 * CVE-2024-36934 * CVE-2024-36937 * CVE-2024-36940 * CVE-2024-36945 * CVE-2024-36949 * CVE-2024-36960 * CVE-2024-36964 * CVE-2024-36965 * CVE-2024-36967 * CVE-2024-36969 * CVE-2024-36971 * CVE-2024-36975 * CVE-2024-36978 * CVE-2024-37021 * CVE-2024-37078 * CVE-2024-37354 * CVE-2024-38381 * CVE-2024-38388 * CVE-2024-38390 * CVE-2024-38540 * CVE-2024-38541 * CVE-2024-38544 * CVE-2024-38545 * CVE-2024-38546 * CVE-2024-38547 * CVE-2024-38548 * CVE-2024-38549 * CVE-2024-38550 * CVE-2024-38552 * CVE-2024-38553 * CVE-2024-38555 * CVE-2024-38556 * CVE-2024-38557 * CVE-2024-38559 * CVE-2024-38560 * CVE-2024-38564 * CVE-2024-38565 * CVE-2024-38567 * CVE-2024-38568 * CVE-2024-38571 * CVE-2024-38573 * CVE-2024-38578 * CVE-2024-38579 * CVE-2024-38580 * CVE-2024-38581 * CVE-2024-38582 * CVE-2024-38583 * CVE-2024-38587 * CVE-2024-38590 * CVE-2024-38591 * CVE-2024-38594 * CVE-2024-38597 * CVE-2024-38599 * CVE-2024-38600 * CVE-2024-38601 * CVE-2024-38603 * CVE-2024-38605 * CVE-2024-38608 * CVE-2024-38616 * CVE-2024-38618 * CVE-2024-38619 * CVE-2024-38621 * CVE-2024-38627 * CVE-2024-38630 * CVE-2024-38633 * CVE-2024-38634 * CVE-2024-38635 * CVE-2024-38659 * CVE-2024-38661 * CVE-2024-38780 * CVE-2024-39301 * CVE-2024-39468 * CVE-2024-39469 * CVE-2024-39471 CVSS scores: * CVE-2021-4439 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2021-47089 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2021-47432 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47515 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47534 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47538 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2021-47539 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2021-47555 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L * CVE-2021-47566 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2021-47571 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47571 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47572 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47572 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47576 ( SUSE ): 3.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:L * CVE-2021-47577 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47578 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47580 ( SUSE ): 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L * CVE-2021-47582 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47583 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47584 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47585 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47586 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47587 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47589 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47592 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47595 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47596 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47597 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2021-47600 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47601 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47602 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47603 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47604 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47605 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47607 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2021-47608 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47609 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47610 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47611 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47612 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47614 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47615 ( SUSE ): 3.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:L * CVE-2021-47616 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47617 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47618 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47619 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47620 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2022-48711 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48712 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2022-48713 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48714 ( SUSE ): 2.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L * CVE-2022-48715 ( SUSE ): 3.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2022-48716 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2022-48717 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2022-48718 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48720 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-48721 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48722 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48723 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48724 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48725 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48726 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48727 ( SUSE ): 4.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2022-48728 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48729 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48730 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2022-48732 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48733 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48734 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48735 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48736 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N * CVE-2022-48737 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N * CVE-2022-48738 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48739 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2022-48740 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48743 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48744 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48745 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48746 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48747 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2022-48748 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L * CVE-2022-48749 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48751 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48752 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48753 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48754 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48755 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48756 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48758 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48759 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48760 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48761 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48763 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48765 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48766 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48767 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48768 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48769 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48770 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48771 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48772 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-24023 ( SUSE ): 6.8 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2023-24023 ( NVD ): 6.8 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2023-52622 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52658 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52667 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52670 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52672 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52675 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52735 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52737 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52752 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52752 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52766 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2023-52784 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52787 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52800 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52835 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2023-52837 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52843 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52845 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52846 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52869 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52881 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:L * CVE-2023-52882 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52884 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26625 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26644 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26720 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26842 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26845 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26973 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27432 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-33619 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35247 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35789 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35790 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35807 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35814 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35835 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35848 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35857 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35861 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35862 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35864 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35869 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35878 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35884 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35886 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35896 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35898 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35900 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35905 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35925 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35950 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35956 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35958 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35960 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35997 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35997 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36005 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36008 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36008 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36017 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-36020 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36021 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36025 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L * CVE-2024-36477 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2024-36477 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36478 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36479 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36890 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36894 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36899 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36900 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36904 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36915 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-36916 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-36917 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36919 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36934 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:L * CVE-2024-36937 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36940 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-36945 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36949 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36960 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-36964 ( SUSE ): 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36965 ( SUSE ): 5.6 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:H * CVE-2024-36967 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36969 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36971 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36971 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36975 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36978 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L * CVE-2024-37021 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-37078 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-37354 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2024-38381 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2024-38388 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-38390 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38540 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38541 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-38544 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38545 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38546 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38547 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38549 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38550 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38552 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-38553 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38555 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38556 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38557 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38559 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-38560 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-38564 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-38565 ( SUSE ): 5.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-38567 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38568 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L * CVE-2024-38571 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38573 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38578 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2024-38579 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-38580 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38581 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-38582 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38583 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-38587 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L * CVE-2024-38590 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38591 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38594 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2024-38597 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38599 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-38600 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38601 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38603 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38605 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38608 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L * CVE-2024-38616 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38618 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38619 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38621 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38627 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38630 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-38633 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38634 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38635 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38659 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:H * CVE-2024-38661 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38780 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38780 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-39301 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-39468 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-39469 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-39471 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Real Time Module 15-SP5 An update that solves 249 vulnerabilities, contains three features and has 44 security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2021-47089: kfence: fix memory leak when cat kfence objects (bsc#1220958. * CVE-2021-47432: lib/generic-radix-tree.c: Do not overflow in peek() (bsc#1225391). * CVE-2021-47515: seg6: fix the iif in the IPv6 socket control block (bsc#1225426). * CVE-2021-47538: rxrpc: Fix rxrpc_local leak in rxrpc_lookup_peer() (bsc#1225448). * CVE-2021-47539: rxrpc: Fix rxrpc_peer leak in rxrpc_look_up_bundle() (bsc#1225452). * CVE-2021-47555: net: vlan: fix underflow for the real_dev refcnt (bsc#1225467). * CVE-2021-47566: Fix clearing user buffer by properly using clear_user() (bsc#1225514). * CVE-2021-47571: staging: rtl8192e: Fix use after free in _rtl92e_pci_disconnect() (bsc#1225518). * CVE-2021-47572: net: nexthop: fix null pointer dereference when IPv6 is not enabled (bsc#1225389). * CVE-2022-48716: ASoC: codecs: wcd938x: fix incorrect used of portid (bsc#1226678). * CVE-2023-24023: Bluetooth: Add more enc key size check (bsc#1218148). * CVE-2023-52622: ext4: avoid online resizing failures due to oversized flex bg (bsc#1222080). * CVE-2023-52658: Revert "net/mlx5: Block entering switchdev mode with ns inconsistency" (bsc#1224719). * CVE-2023-52667: net/mlx5e: fix a potential double-free in fs_any_create_groups (bsc#1224603). * CVE-2023-52670: rpmsg: virtio: Free driver_override when rpmsg_remove() (bsc#1224696). * CVE-2023-52672: pipe: wakeup wr_wait after setting max_usage (bsc#1224614). * CVE-2023-52675: powerpc/imc-pmu: Add a null pointer check in update_events_in_group() (bsc#1224504). * CVE-2023-52735: bpf, sockmap: Don't let sock_map_{close,destroy,unhash} call itself (bsc#1225475). * CVE-2023-52737: btrfs: lock the inode in shared mode before starting fiemap (bsc#1225484). * CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225487). * CVE-2023-52784: bonding: stop the device in bond_setup_by_slave() (bsc#1224946). * CVE-2023-52787: blk-mq: make sure active queue usage is held for bio_integrity_prep() (bsc#1225105). * CVE-2023-52835: perf/core: Bail out early if the request AUX area is out of bound (bsc#1225602). * CVE-2023-52837: nbd: fix uaf in nbd_open (bsc#1224935). * CVE-2023-52843: llc: verify mac len before reading mac header (bsc#1224951). * CVE-2023-52845: tipc: Change nla_policy for bearer-related names to NLA_NUL_STRING (bsc#1225585). * CVE-2023-52846: hsr: Prevent use after free in prp_create_tagged_frame() (bsc#1225098). * CVE-2023-52869: pstore/platform: Add check for kstrdup (bsc#1225050). * CVE-2023-52881: tcp: do not accept ACK of bytes we never sent (bsc#1225611). * CVE-2023-52882: clk: sunxi-ng: h6: Reparent CPUX during PLL CPUX rate change (bsc#1225692). * CVE-2024-26625: Call sock_orphan() at release time (bsc#1221086) * CVE-2024-26644: btrfs: do not abort filesystem when attempting to snapshot deleted subvolume (bsc#1221282, bsc#1222072). * CVE-2024-26720: mm: Avoid overflows in dirty throttling logic (bsc#1222364). * CVE-2024-26845: scsi: target: core: Add TMF to tmr_list handling (bsc#1223018). * CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223384). * CVE-2024-26973: fat: fix uninitialized field in nostale filehandles (bsc#1223641). * CVE-2024-27432: net: ethernet: mtk_eth_soc: fix PPE hanging issue (bsc#1224716). * CVE-2024-35247: fpga: region: add owner module and take its refcount (bsc#1226948). * CVE-2024-35789: Check fast rx for non-4addr sta VLAN changes (bsc#1224749). * CVE-2024-35790: usb: typec: altmodes/displayport: create sysfs nodes as driver's default device attribute group (bsc#1224712). * CVE-2024-35807: ext4: fix corruption during on-line resize (bsc#1224735). * CVE-2024-35835: net/mlx5e: fix a double-free in arfs_create_groups (bsc#1224605). * CVE-2024-35848: eeprom: at24: fix memory corruption race condition (bsc#1224612). * CVE-2024-35857: icmp: prevent possible NULL dereferences from icmp_build_probe() (bsc#1224619). * CVE-2024-35861: Fixed potential UAF in cifs_signal_cifsd_for_reconnect() (bsc#1224766). * CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted() (bsc#1224764). * CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break() (bsc#1224765). * CVE-2024-35869: smb: client: guarantee refcounted children from parent session (bsc#1224679). * CVE-2024-35884: udp: do not accept non-tunnel GSO skbs landing in a tunnel (bsc#1224520). * CVE-2024-35886: ipv6: Fix infinite recursion in fib6_dump_done() (bsc#1224670). * CVE-2024-35898: netfilter: nf_tables: Fix potential data-race in __nft_flowtable_type_get() (bsc#1224498). * CVE-2024-35900: netfilter: nf_tables: reject new basechain after table flag update (bsc#1224497). * CVE-2024-35925: block: prevent division by zero in blk_rq_stat_sum() (bsc#1224661). * CVE-2024-35950: drm/client: Fully protect modes with dev->mode_config.mutex (bsc#1224703). * CVE-2024-35956: Fixed qgroup prealloc rsv leak in subvolume operations (bsc#1224674) * CVE-2024-35958: net: ena: Fix incorrect descriptor free behavior (bsc#1224677). * CVE-2024-35960: net/mlx5: Properly link new fs rules into the tree (bsc#1224588). * CVE-2024-35997: Remove I2C_HID_READ_PENDING flag to prevent lock-up (bsc#1224552). * CVE-2024-36005: netfilter: nf_tables: honor table dormant flag from netdev release event path (bsc#1224539). * CVE-2024-36008: ipv4: check for NULL idev in ip_route_use_hint() (bsc#1224540). * CVE-2024-36017: rtnetlink: Correct nested IFLA_VF_VLAN_LIST attribute validation (bsc#1225681). * CVE-2024-36020: i40e: fix vf may be used uninitialized in this function warning (bsc#1225698). * CVE-2024-36021: net: hns3: fix kernel crash when devlink reload during pf initialization (bsc#1225699). * CVE-2024-36478: null_blk: fix null-ptr-dereference while configuring 'power' and 'submit_queues' (bsc#1226841). * CVE-2024-36479: fpga: bridge: add owner module and take its refcount (bsc#1226949). * CVE-2024-36890: mm/slab: make __free(kfree) accept error pointers (bsc#1225714). * CVE-2024-36894: usb: gadget: f_fs: Fix race between aio_cancel() and AIO request complete (bsc#1225749). * CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1225737). * CVE-2024-36900: net: hns3: fix kernel crash when devlink reload during initialization (bsc#1225726). * CVE-2024-36904: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique() (bsc#1225732). * CVE-2024-36915: nfc: llcp: fix nfc_llcp_setsockopt() unsafe copies (bsc#1225758). * CVE-2024-36916: blk-iocost: avoid out of bounds shift (bsc#1225759). * CVE-2024-36917: block: fix overflow in blk_ioctl_discard() (bsc#1225770). * CVE-2024-36919: scsi: bnx2fc: Remove spin_lock_bh while releasing resources after upload (bsc#1225767). * CVE-2024-36934: bna: ensure the copied buf is NUL terminated (bsc#1225760). * CVE-2024-36937: xdp: use flags field to disambiguate broadcast redirect (bsc#1225834). * CVE-2024-36940: pinctrl: core: delete incorrect free in pinctrl_enable() (bsc#1225840). * CVE-2024-36945: net/smc: fix neighbour and rtable leak in smc_ib_find_route() (bsc#1225823). * CVE-2024-36949: amd/amdkfd: sync all devices to wait all processes being evicted (bsc#1225872) * CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000 (bsc#1225866). * CVE-2024-36971: net: fix __dst_negative_advice() race (bsc#1226145). * CVE-2024-36978: net: sched: sch_multiq: fix possible OOB write in multiq_tune() (bsc#1226514). * CVE-2024-37021: fpga: manager: add owner module and take its refcount (bsc#1226950). * CVE-2024-37078: nilfs2: fix potential kernel bug due to lack of writeback flag waiting (bsc#1227066). * CVE-2024-37354: btrfs: fix crash on racing fsync and size-extending write into prealloc (bsc#1227101). * CVE-2024-38541: of: module: add buffer overflow check in of_modalias() (bsc#1226587). * CVE-2024-38545: RDMA/hns: Fix UAF for cq async event (bsc#1226595). * CVE-2024-38553: net: fec: remove .ndo_poll_controller to avoid deadlock (bsc#1226744). * CVE-2024-38555: net/mlx5: Discard command completions in internal error (bsc#1226607). * CVE-2024-38556: net/mlx5: Add a timeout to acquire the command queue semaphore (bsc#1226774). * CVE-2024-38557: net/mlx5: Reload only IB representors upon lag disable/enable (bsc#1226781). * CVE-2024-38559: scsi: qedf: Ensure the copied buf is NUL terminated (bsc#1226785). * CVE-2024-38560: scsi: bfa: Ensure the copied buf is NUL terminated (bsc#1226786). * CVE-2024-38564: bpf: Add BPF_PROG_TYPE_CGROUP_SKB attach type enforcement in BPF_LINK_CREATE (bsc#1226789). * CVE-2024-38568: drivers/perf: hisi: hns3: Fix out-of-bound access when valid event group (bsc#1226771). * CVE-2024-38578: ecryptfs: Fix buffer size for tag 66 packet (bsc#1226634). * CVE-2024-38580: epoll: be better about file lifetimes (bsc#1226610). * CVE-2024-38594: net: stmmac: move the EST lock to struct stmmac_priv (bsc#1226734). * CVE-2024-38597: eth: sungem: remove .ndo_poll_controller to avoid deadlocks (bsc#1226749). * CVE-2024-38603: drivers/perf: hisi: hns3: Actually use devm_add_action_or_reset() (bsc#1226842). * CVE-2024-38608: net/mlx5e: Fix netif state handling (bsc#1226746). * CVE-2024-38627: stm class: Fix a double free in stm_register_device() (bsc#1226857). * CVE-2024-38659: enic: Validate length of nl attributes in enic_set_vf_port (bsc#1226883). * CVE-2024-38661: s390/ap: Fix crash in AP internal function modify_bitmap() (bsc#1226996). * CVE-2024-38780: dma-buf/sw-sync: do not enable IRQ from sync_print_obj() (bsc#1226886). * CVE-2024-39301: net/9p: fix uninit-value in p9_client_rpc() (bsc#1226994). * CVE-2024-39468: smb: client: fix deadlock in smb2_find_smb_tcon() (bsc#1227103. * CVE-2024-39469: nilfs2: fix nilfs_empty_dir() misjudgment and long loop on I/O errors (bsc#1226992). The following non-security bugs were fixed: * ACPI: resource: Do IRQ override on TongFang GXxHRXx and GMxHGxx (stable- fixes). * ACPICA: Revert "ACPICA: avoid Info: mapping multiple BARs. Your kernel is fine." (git-fixes). * ALSA/hda: intel-dsp-config: Document AVS as dsp_driver option (git-fixes). * ALSA: Fix deadlocks with kctl removals at disconnection (stable-fixes). * ALSA: hda/realtek: Add quirks for Lenovo 13X (stable-fixes). * ALSA: hda/realtek: Adjust G814JZR to use SPI init for amp (git-fixes). * ALSA: hda/realtek: Enable headset mic on IdeaPad 330-17IKB 81DM (git-fixes). * ALSA: hda/realtek: Fix conflicting quirk for PCI SSID 17aa:3820 (git-fixes). * ALSA: hda/realtek: Limit mic boost on N14AP7 (stable-fixes). * ALSA: hda/realtek: Remove Framework Laptop 16 from quirks (git-fixes). * ALSA: hda/realtek: fix mute/micmute LEDs do not work for ProBook 440/460 G11 (stable-fixes). * ALSA: hda/realtek: fix mute/micmute LEDs do not work for ProBook 445/465 G11 (stable-fixes). * ALSA: hda: intel-dsp-config: harden I2C/I2S codec detection (stable-fixes). * ALSA: timer: Set lower bound of start tick time (stable-fixes). * ASoC: amd: acp: add a null check for chip_pdev structure (git-fixes). * ASoC: amd: acp: remove i2s configuration check in acp_i2s_probe() (git- fixes). * ASoC: da7219-aad: fix usage of device_get_named_child_node() (stable-fixes). * ASoC: fsl-asoc-card: set priv->pdev before using it (git-fixes). * ASoC: rt5645: Fix the electric noise due to the CBJ contacts floating (stable-fixes). * ASoC: rt715-sdca: volume step modification (stable-fixes). * ASoC: rt715: add vendor clear control register (stable-fixes). * Add remote for nfs maintainer * Bluetooth: L2CAP: Fix rejecting L2CAP_CONN_PARAM_UPDATE_REQ (git-fixes). * Fix new build warnings regarding unused variables: Changed build warnings: **_*_ 2 warnings ***** * unused-variable (cl) in ../fs/ceph/mds_client.c in ceph_queue_cap_unlink_work ../fs/ceph/mds_client.c: In function 'ceph_queue_cap_unlink_work': ../fs/ceph/mds_client.c:2421:22: warning: unused variable 'cl' [-Wunused-variable] * unused-variable (cl) in ../fs/ceph/mds_client.c in ceph_cap_unlink_work ../fs/ceph/mds_client.c: In function 'ceph_cap_unlink_work': ../fs/ceph/mds_client.c:2436:22: warning: unused variable 'cl' [-Wunused-variable] * HID: core: remove unnecessary WARN_ON() in implement() (git-fixes). * HID: logitech-dj: Fix memory leak in logi_dj_recv_switch_to_dj_mode() (git- fixes). * Input: ili210x - fix ili251x_read_touch_data() return value (git-fixes). * NFS: abort nfs_atomic_open_v23 if name is too long (bsc#1219847). * NFS: add atomic_open for NFSv3 to handle O_TRUNC correctly (bsc#1219847). * NFS: avoid infinite loop in pnfs_update_layout (bsc#1219633 bsc#1226226). * PCI/ASPM: Update save_state when configuration changes (bsc#1226915) * PCI: Clear Secondary Status errors after enumeration (bsc#1226928) * RAS/AMD/ATL: Fix MI300 bank hash (bsc#1225300). * RAS/AMD/ATL: Use system settings for MI300 DRAM to normalized address translation (bsc#1225300). * RDMA/hns: Fix incorrect sge nums calculation (git-fixes) * RDMA/irdma: Drop unused kernel push code (git-fixes) * RDMA/mlx5: Add check for srq max_sge attribute (git-fixes) * Revert "Add remote for nfs maintainer" * Revert "build initrd without systemd" (bsc#1195775)" * USB: class: cdc-wdm: Fix CPU lockup caused by excessive log messages (git- fixes). * USB: xen-hcd: Traverse host/ when CONFIG_USB_XEN_HCD is selected (git- fixes). * X.509: Fix the parser of extended key usage for length (bsc#1218820). * arm64: asm-bug: Add .align 2 to the end of __BUG_ENTRY (git-fixes). * arm64: mm: Batch dsb and isb when populating pgtables (jsc#PED-8690). * arm64: mm: Do not remap pgtables for allocate vs populate (jsc#PED-8690). * arm64: mm: Do not remap pgtables per-cont(pte|pmd) block (jsc#PED-8690). * arm64: mm: do not acquire mutex when rewriting swapper (jsc#PED-8690). * ata: ahci: Clean up sysfs file on error (git-fixes). * ata: libata-core: Fix double free on error (git-fixes). * ata: libata-core: Fix null pointer dereference on error (git-fixes). * batman-adv: Do not accept TT entries for out-of-spec VIDs (git-fixes). * bpf, sockmap: Check for any of tcp_bpf_prots when cloning a listener (git- fixes). * btrfs: avoid copying BTRFS_ROOT_SUBVOL_DEAD flag to snapshot of subvolume being deleted (bsc#1221282). * cachefiles: remove requests from xarray during flushing requests (bsc#1226588). * ceph: add ceph_cap_unlink_work to fire check_caps() immediately (bsc#1226022). * ceph: always check dir caps asynchronously (bsc#1226022). * ceph: always queue a writeback when revoking the Fb caps (bsc#1226022). * ceph: break the check delayed cap loop every 5s (bsc#1226022). * ceph: switch to use cap_delay_lock for the unlink delay list (bsc#1226022). * cgroup: Add annotation for holding namespace_sem in current_cgns_cgroup_from_root() (bsc#1222254). * cgroup: Eliminate the need for cgroup_mutex in proc_cgroup_show() (bsc#1222254). * cgroup: Make operations on the cgroup root_list RCU safe (bsc#1222254). * cgroup: Remove unnecessary list_empty() (bsc#1222254). * cgroup: preserve KABI of cgroup_root (bsc#1222254). * cifs: fix hang in wait_for_response() (bsc#1220812, bsc#1220368). * cpufreq: amd-pstate: Fix the inconsistency in max frequency units (git- fixes). * crypto: ecrdsa - Fix module auto-load on add_key (stable-fixes). * dmaengine: idxd: Fix possible Use-After-Free in irq_process_work_list (git- fixes). * dmaengine: ioatdma: Fix missing kmem_cache_destroy() (git-fixes). * drivers: core: synchronize really_probe() and dev_uevent() (git-fixes). * drm/amd/display: Add VCO speed parameter for DCN31 FPU (stable-fixes). * drm/amd/display: Add dtbclk access to dcn315 (stable-fixes). * drm/amd/display: Exit idle optimizations before HDCP execution (stable- fixes). * drm/amd/display: Set color_mgmt_changed to true on unsuspend (stable-fixes). * drm/amd/display: drop unnecessary NULL checks in debugfs (stable-fixes). * drm/amd/display: revert Exit idle optimizations before HDCP execution (stable-fixes). * drm/amd: Fix shutdown (again) on some SMU v13.0.4/11 platforms (git-fixes). * drm/amdgpu/atomfirmware: add intergrated info v2.3 table (stable-fixes). * drm/amdgpu/mes: fix use-after-free issue (stable-fixes). * drm/amdgpu: Fix the ring buffer size for queue VM flush (stable-fixes). * drm/amdgpu: Update BO eviction priorities (stable-fixes). * drm/amdgpu: add error handle to avoid out-of-bounds (stable-fixes). * drm/amdgpu: fix UBSAN warning in kv_dpm.c (stable-fixes). * drm/amdkfd: Flush the process wq before creating a kfd_process (stable- fixes). * drm/amdkfd: Rework kfd_locked handling (bsc#1225872) * drm/bridge/panel: Fix runtime warning on panel bridge release (git-fixes). * drm/exynos/vidi: fix memory leak in .get_modes() (stable-fixes). * drm/exynos: hdmi: report safe 640x480 mode as a fallback when no EDID found (git-fixes). * drm/i915/dpt: Make DPT object unshrinkable (git-fixes). * drm/i915/gt: Disarm breadcrumbs if engines are already idle (git-fixes). * drm/i915/gt: Fix potential UAF by revoke of fence registers (git-fixes). * drm/i915/guc: avoid FIELD_PREP warning (git-fixes). * drm/i915/mso: using joiner is not possible with eDP MSO (git-fixes). * drm/komeda: check for error-valued pointer (git-fixes). * drm/lima: add mask irq callback to gp and pp (stable-fixes). * drm/lima: mask irqs in timeout path before hard reset (stable-fixes). * drm/msm/a6xx: Avoid a nullptr dereference when speedbin setting fails (git- fixes). * drm/msm/dp: Avoid a long timeout for AUX transfer if nothing connected (git- fixes). * drm/msm/dp: Return IRQ_NONE for unhandled interrupts (stable-fixes). * drm/msm: Enable clamp_to_idle for 7c3 (stable-fixes). * drm/panel-samsung-atna33xc20: Use ktime_get_boottime for delays (stable- fixes). * drm/panel: simple: Add missing display timing flags for KOE TX26D202VM0BWA (git-fixes). * drm/radeon: fix UBSAN warning in kv_dpm.c (stable-fixes). * drm/vmwgfx: 3D disabled should not effect STDU memory limits (git-fixes). * drm/vmwgfx: Filter modes which exceed graphics memory (git-fixes). * gpio: davinci: Validate the obtained number of IRQs (git-fixes). * gpio: tqmx86: fix typo in Kconfig label (git-fixes). * gpio: tqmx86: introduce shadow register for GPIO output value (git-fixes). * gpiolib: cdev: Disallow reconfiguration without direction (uAPI v1) (git- fixes). * hwmon: (shtc1) Fix property misspelling (git-fixes). * i2c: at91: Fix the functionality flags of the slave-only interface (git- fixes). * i2c: designware: Fix the functionality flags of the slave-only interface (git-fixes). * i2c: ocores: set IACK bit after core is enabled (git-fixes). * i2c: testunit: discard write requests while old command is running (git- fixes). * i2c: testunit: do not erase registers after STOP (git-fixes). * iio: accel: fxls8962af: select IIO_BUFFER & IIO_KFIFO_BUF (git-fixes). * iio: adc: ad7266: Fix variable checking bug (git-fixes). * iio: adc: ad9467: fix scan type sign (git-fixes). * iio: chemical: bme680: Fix calibration data variable (git-fixes). * iio: chemical: bme680: Fix overflows in compensate() functions (git-fixes). * iio: chemical: bme680: Fix pressure value output (git-fixes). * iio: chemical: bme680: Fix sensor data read operation (git-fixes). * iio: dac: ad5592r: fix temperature channel scaling value (git-fixes). * iio: imu: inv_icm42600: delete unneeded update watermark call (git-fixes). * intel_th: pci: Add Meteor Lake-S CPU support (stable-fixes). * iommu/amd: Fix sysfs leak in iommu init (git-fixes). * iommu: Return right value in iommu_sva_bind_device() (git-fixes). * iommu: mtk: fix module autoloading (git-fixes). * ipvs: Fix checksumming on GSO of SCTP packets (bsc#1221958) * kbuild: Install dtb files as 0644 in Makefile.dtbinst (git-fixes). * kbuild: do not include include/config/auto.conf from shell scripts (bsc#1227274). * kconfig: doc: fix a typo in the note about 'imply' (git-fixes). * kconfig: fix comparison to constant symbols, 'm', 'n' (git-fixes). * kernel-doc: fix struct_group_tagged() parsing (git-fixes). * lib: memcpy_kunit: Fix an invalid format specifier in an assertion msg (git- fixes). * media: flexcop-usb: clean up endpoint sanity checks (stable-fixes). * media: flexcop-usb: fix sanity check of bNumEndpoints (git-fixes). * media: ipu3-cio2: Use temporary storage for struct device pointer (stable- fixes). * media: lgdt3306a: Add a check against null-pointer-def (stable-fixes). * media: mxl5xx: Move xpt structures off stack (stable-fixes). * media: radio-shark2: Avoid led_names truncations (git-fixes). * media: v4l2-core: hold videodev_lock until dev reg, finishes (stable-fixes). * mei: me: release irq in mei_me_pci_resume error path (git-fixes). * mkspec-dtb: add toplevel symlinks also on arm * mmc: core: Add mmc_gpiod_set_cd_config() function (stable-fixes). * mmc: core: Do not force a retune before RPMB switch (stable-fixes). * mmc: sdhci-acpi: Disable write protect detection on Toshiba WT10-A (stable- fixes). * mmc: sdhci-acpi: Fix Lenovo Yoga Tablet 2 Pro 1380 sdcard slot not working (stable-fixes). * mmc: sdhci-acpi: Sort DMI quirks alphabetically (stable-fixes). * mmc: sdhci-pci: Convert PCIBIOS_* return codes to errnos (git-fixes). * mmc: sdhci: Do not invert write-protect twice (git-fixes). * mmc: sdhci: Do not lock spinlock around mmc_gpio_get_ro() (git-fixes). * mmc: sdhci_am654: Add ITAPDLYSEL in sdhci_j721e_4bit_set_clock (git-fixes). * mmc: sdhci_am654: Add OTAP/ITAP delay enable (git-fixes). * mmc: sdhci_am654: Drop lookup for deprecated ti,otap-del-sel (stable-fixes). * mmc: sdhci_am654: Fix ITAPDLY for HS400 timing (git-fixes). * mtd: rawnand: Bypass a couple of sanity checks during NAND identification (git-fixes). * mtd: rawnand: Ensure ECC configuration is propagated to upper layers (git- fixes). * mtd: rawnand: rockchip: ensure NVDDR timings are rejected (git-fixes). * net/mlx5e: Fix a race in command alloc flow (git-fixes). * net: can: j1939: Initialize unused data in j1939_send_one() (git-fixes). * net: can: j1939: enhanced error handling for tightly received RTS messages in xtp_rx_rts_session_new (git-fixes). * net: can: j1939: recover socket queue on CAN bus error during BAM transmission (git-fixes). * net: ena: Fix redundant device NUMA node override (jsc#PED-8690). * net: mana: Enable MANA driver on ARM64 with 4K page size (jsc#PED-8491). * net: phy: Micrel KSZ8061: fix errata solution not taking effect problem (git-fixes). * net: phy: micrel: add Microchip KSZ 9477 to the device table (git-fixes). * net: usb: ax88179_178a: improve link status logs (git-fixes). * net: usb: ax88179_178a: improve reset check (git-fixes). * net: usb: qmi_wwan: add Telit FN920C04 compositions (stable-fixes). * net: usb: rtl8150 fix unintiatilzed variables in rtl8150_get_link_ksettings (git-fixes). * net: usb: smsc95xx: fix changing LED_SEL bit value updated from EEPROM (git- fixes). * nfsd: optimise recalculate_deny_mode() for a common case (bsc#1217912). * nilfs2: fix potential hang in nilfs_detach_log_writer() (stable-fixes). * nvme: find numa distance only if controller has valid numa id (git-fixes). * nvmet-passthru: propagate status from id override functions (git-fixes). * ocfs2: adjust enabling place for la window (bsc#1219224). * ocfs2: fix sparse warnings (bsc#1219224). * ocfs2: improve write IO performance when fragmentation is high (bsc#1219224). * ocfs2: speed up chain-list searching (bsc#1219224). * pinctrl: fix deadlock in create_pinctrl() when handling -EPROBE_DEFER (git- fixes). * pinctrl: qcom: spmi-gpio: drop broken pm8008 support (git-fixes). * pinctrl: rockchip: fix pinmux bits for RK3328 GPIO2-B pins (git-fixes). * pinctrl: rockchip: fix pinmux bits for RK3328 GPIO3-B pins (git-fixes). * pinctrl: rockchip: fix pinmux reset in rockchip_pmx_set (git-fixes). * pinctrl: rockchip: use dedicated pinctrl type for RK3328 (git-fixes). * random: treat bootloader trust toggle the same way as cpu trust toggle (bsc#1226953). * regulator: bd71815: fix ramp values (git-fixes). * regulator: core: Fix modpost error "regulator_get_regmap" undefined (git- fixes). * regulator: irq_helpers: duplicate IRQ name (stable-fixes). * regulator: vqmmc-ipq4019: fix module autoloading (stable-fixes). * rpm/kernel-obs-build.spec.in: Add iso9660 (bsc#1226212) Some builds do not just create an iso9660 image, but also mount it during build. * rpm/kernel-obs-build.spec.in: Add networking modules for docker (bsc#1226211) docker needs more networking modules, even legacy iptable_nat and _filter. * rpm/kernel-obs-build.spec.in: Include algif_hash, aegis128 and xts modules afgif_hash is needed by some packages (e.g. iwd) for tests, xts is used for LUKS2 volumes by default and aegis128 is useful as AEAD cipher for LUKS2. Wrap the long line to make it readable. * rpm/mkspec-dtb: dtbs have moved to vendor sub-directories in 6.5 By commit 724ba6751532 ("ARM: dts: Move .dts files to vendor sub-directories"). So switch to them. * sched/core: Fix incorrect initialization of the 'burst' parameter in cpu_max_write() (bsc#1226791). * scsi: sd: Update DIX config every time sd_revalidate_disk() is called (bsc#1218570). * smb: client: ensure to try all targets when finding nested links (bsc#1224020). * smb: client: guarantee refcounted children from parent session (bsc#1224679). * soundwire: cadence: fix invalid PDI offset (stable-fixes). * spi: stm32: Do not warn about spurious interrupts (git-fixes). * supported.conf: Add APM X-Gene SoC hardware monitoring driver (bsc#1223265 jsc#PED-8570) * supported.conf: mark orangefs as optional We do not support orangefs at all (and it is already marked as such), but since there are no SLE consumers of it, mark it as optional. * supported.conf: mark ufs as unsupported UFS is an unsupported filesystem, mark it as such. We still keep it around (not marking as optional), to accommodate any potential migrations from BSD systems. * tty: mcf: MCF54418 has 10 UARTS (git-fixes). * usb-storage: alauda: Check whether the media is initialized (git-fixes). * usb: atm: cxacru: fix endpoint checking in cxacru_bind() (git-fixes). * usb: dwc3: core: remove lock of otg mode during gadget suspend/resume to avoid deadlock (git-fixes). * usb: fotg210-hcd: delete an incorrect bounds test (git-fixes). * usb: gadget: printer: fix races against disable (git-fixes). * usb: musb: da8xx: fix a resource leak in probe() (git-fixes). * usb: typec: tcpm: Ignore received Hard Reset in TOGGLING state (git-fixes). * usb: typec: tcpm: fix use-after-free case in tcpm_register_source_caps (git- fixes). * usb: typec: ucsi: Ack also failed Get Error commands (git-fixes). * usb: typec: ucsi: Never send a lone connector change ack (git-fixes). * usb: xhci: Implement xhci_handshake_check_state() helper (git-fixes). * usb: xhci: address off-by-one in xhci_num_trbs_free() (git-fixes). * usb: xhci: improve debug message in xhci_ring_expansion_needed() (git- fixes). * watchdog: bd9576: Drop "always-running" property (git-fixes). * watchdog: bd9576_wdt: switch to using devm_fwnode_gpiod_get() (stable- fixes). * wifi: cfg80211: Lock wiphy in cfg80211_get_station (git-fixes). * wifi: cfg80211: fix the order of arguments for trace events of the tx_rx_evt class (stable-fixes). * wifi: cfg80211: pmsr: use correct nla_get_uX functions (git-fixes). * wifi: iwlwifi: dbg_ini: move iwl_dbg_tlv_free outside of debugfs ifdef (git- fixes). * wifi: iwlwifi: mvm: check n_ssids before accessing the ssids (git-fixes). * wifi: iwlwifi: mvm: do not read past the mfuart notifcation (git-fixes). * wifi: iwlwifi: mvm: revert gen2 TX A-MPDU size to 64 (git-fixes). * wifi: mac80211: Fix deadlock in ieee80211_sta_ps_deliver_wakeup() (git- fixes). * wifi: mac80211: correctly parse Spatial Reuse Parameter Set element (git- fixes). * wifi: mac80211: mesh: Fix leak of mesh_preq_queue objects (git-fixes). * wifi: rtl8xxxu: Fix the TX power of RTL8192CU, RTL8723AU (stable-fixes). * wifi: rtlwifi: rtl8192de: Fix endianness issue in RX path (stable-fixes). * wifi: rtlwifi: rtl8192de: Fix low speed with WPA3-SAE (stable-fixes). * x86/mce: Dynamically size space for machine check records (bsc#1222241). * x86/tsc: Trust initial offset in architectural TSC-adjust MSRs (bsc#1222015 bsc#1226962). * xfs: make sure sb_fdblocks is non-negative (bsc#1225419). * xhci: Fix failure to detect ring expansion need (git-fixes). * xhci: Fix transfer ring expansion size calculation (git-fixes). * xhci: Handle TD clearing for multiple streams case (git-fixes). * xhci: Simplify event ring dequeue pointer update for port change events (git-fixes). * xhci: Stop unnecessary tracking of free trbs in a ring (git-fixes). * xhci: fix matching completion events with TDs (git-fixes). * xhci: remove unused stream_id parameter from xhci_handle_halted_endpoint() (git-fixes). * xhci: restre deleted trb fields for tracing (git-fixes). * xhci: retry Stop Endpoint on buggy NEC controllers (git-fixes). * xhci: simplify event ring dequeue tracking for transfer events (git-fixes). * xhci: update event ring dequeue pointer position to controller correctly (git-fixes). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-2394=1 openSUSE-SLE-15.5-2024-2394=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-2394=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-2394=1 * SUSE Real Time Module 15-SP5 zypper in -t patch SUSE-SLE-Module-RT-15-SP5-2024-2394=1 ## Package List: * openSUSE Leap 15.5 (noarch) * kernel-devel-rt-5.14.21-150500.13.61.1 * kernel-source-rt-5.14.21-150500.13.61.1 * openSUSE Leap 15.5 (x86_64) * kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1 * kselftests-kmp-rt-debuginfo-5.14.21-150500.13.61.1 * reiserfs-kmp-rt-debuginfo-5.14.21-150500.13.61.1 * kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo-1-150500.11.3.1 * cluster-md-kmp-rt-5.14.21-150500.13.61.1 * kernel-rt_debug-devel-debuginfo-5.14.21-150500.13.61.1 * kernel-rt-devel-debuginfo-5.14.21-150500.13.61.1 * kernel-rt_debug-vdso-5.14.21-150500.13.61.1 * kernel-syms-rt-5.14.21-150500.13.61.1 * dlm-kmp-rt-debuginfo-5.14.21-150500.13.61.1 * dlm-kmp-rt-5.14.21-150500.13.61.1 * kernel-rt-optional-debuginfo-5.14.21-150500.13.61.1 * kernel-rt-debuginfo-5.14.21-150500.13.61.1 * kernel-rt-optional-5.14.21-150500.13.61.1 * reiserfs-kmp-rt-5.14.21-150500.13.61.1 * kernel-rt_debug-vdso-debuginfo-5.14.21-150500.13.61.1 * kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource-1-150500.11.3.1 * kernel-rt_debug-devel-5.14.21-150500.13.61.1 * ocfs2-kmp-rt-debuginfo-5.14.21-150500.13.61.1 * kselftests-kmp-rt-5.14.21-150500.13.61.1 * kernel-rt-livepatch-5.14.21-150500.13.61.1 * gfs2-kmp-rt-debuginfo-5.14.21-150500.13.61.1 * kernel-rt-extra-debuginfo-5.14.21-150500.13.61.1 * kernel-rt-vdso-5.14.21-150500.13.61.1 * kernel-rt-vdso-debuginfo-5.14.21-150500.13.61.1 * kernel-rt-debugsource-5.14.21-150500.13.61.1 * kernel-rt_debug-debugsource-5.14.21-150500.13.61.1 * kernel-rt_debug-livepatch-devel-5.14.21-150500.13.61.1 * ocfs2-kmp-rt-5.14.21-150500.13.61.1 * kernel-rt_debug-debuginfo-5.14.21-150500.13.61.1 * kernel-rt-livepatch-devel-5.14.21-150500.13.61.1 * kernel-rt-extra-5.14.21-150500.13.61.1 * kernel-rt-devel-5.14.21-150500.13.61.1 * cluster-md-kmp-rt-debuginfo-5.14.21-150500.13.61.1 * gfs2-kmp-rt-5.14.21-150500.13.61.1 * openSUSE Leap 15.5 (nosrc x86_64) * kernel-rt-5.14.21-150500.13.61.1 * kernel-rt_debug-5.14.21-150500.13.61.1 * SUSE Linux Enterprise Micro 5.5 (nosrc x86_64) * kernel-rt-5.14.21-150500.13.61.1 * SUSE Linux Enterprise Micro 5.5 (x86_64) * kernel-rt-debugsource-5.14.21-150500.13.61.1 * kernel-rt-debuginfo-5.14.21-150500.13.61.1 * SUSE Linux Enterprise Micro 5.5 (noarch) * kernel-source-rt-5.14.21-150500.13.61.1 * SUSE Linux Enterprise Live Patching 15-SP5 (x86_64) * kernel-livepatch-5_14_21-150500_13_61-rt-debuginfo-1-150500.11.3.1 * kernel-livepatch-5_14_21-150500_13_61-rt-1-150500.11.3.1 * kernel-livepatch-SLE15-SP5-RT_Update_17-debugsource-1-150500.11.3.1 * SUSE Real Time Module 15-SP5 (x86_64) * cluster-md-kmp-rt-5.14.21-150500.13.61.1 * kernel-rt_debug-devel-debuginfo-5.14.21-150500.13.61.1 * kernel-rt-devel-debuginfo-5.14.21-150500.13.61.1 * kernel-rt_debug-vdso-5.14.21-150500.13.61.1 * kernel-syms-rt-5.14.21-150500.13.61.1 * dlm-kmp-rt-debuginfo-5.14.21-150500.13.61.1 * dlm-kmp-rt-5.14.21-150500.13.61.1 * kernel-rt-debuginfo-5.14.21-150500.13.61.1 * kernel-rt_debug-vdso-debuginfo-5.14.21-150500.13.61.1 * kernel-rt_debug-devel-5.14.21-150500.13.61.1 * ocfs2-kmp-rt-debuginfo-5.14.21-150500.13.61.1 * gfs2-kmp-rt-debuginfo-5.14.21-150500.13.61.1 * kernel-rt-vdso-5.14.21-150500.13.61.1 * kernel-rt-vdso-debuginfo-5.14.21-150500.13.61.1 * kernel-rt_debug-debugsource-5.14.21-150500.13.61.1 * kernel-rt-debugsource-5.14.21-150500.13.61.1 * ocfs2-kmp-rt-5.14.21-150500.13.61.1 * kernel-rt_debug-debuginfo-5.14.21-150500.13.61.1 * kernel-rt-devel-5.14.21-150500.13.61.1 * cluster-md-kmp-rt-debuginfo-5.14.21-150500.13.61.1 * gfs2-kmp-rt-5.14.21-150500.13.61.1 * SUSE Real Time Module 15-SP5 (noarch) * kernel-devel-rt-5.14.21-150500.13.61.1 * kernel-source-rt-5.14.21-150500.13.61.1 * SUSE Real Time Module 15-SP5 (nosrc x86_64) * kernel-rt-5.14.21-150500.13.61.1 * kernel-rt_debug-5.14.21-150500.13.61.1 ## References: * https://www.suse.com/security/cve/CVE-2021-4439.html * https://www.suse.com/security/cve/CVE-2021-47089.html * https://www.suse.com/security/cve/CVE-2021-47432.html * https://www.suse.com/security/cve/CVE-2021-47515.html * https://www.suse.com/security/cve/CVE-2021-47534.html * https://www.suse.com/security/cve/CVE-2021-47538.html * https://www.suse.com/security/cve/CVE-2021-47539.html * https://www.suse.com/security/cve/CVE-2021-47555.html * https://www.suse.com/security/cve/CVE-2021-47566.html * https://www.suse.com/security/cve/CVE-2021-47571.html * https://www.suse.com/security/cve/CVE-2021-47572.html * https://www.suse.com/security/cve/CVE-2021-47576.html * https://www.suse.com/security/cve/CVE-2021-47577.html * https://www.suse.com/security/cve/CVE-2021-47578.html * https://www.suse.com/security/cve/CVE-2021-47580.html * https://www.suse.com/security/cve/CVE-2021-47582.html * https://www.suse.com/security/cve/CVE-2021-47583.html * https://www.suse.com/security/cve/CVE-2021-47584.html * https://www.suse.com/security/cve/CVE-2021-47585.html * https://www.suse.com/security/cve/CVE-2021-47586.html * https://www.suse.com/security/cve/CVE-2021-47587.html * https://www.suse.com/security/cve/CVE-2021-47589.html * https://www.suse.com/security/cve/CVE-2021-47592.html * https://www.suse.com/security/cve/CVE-2021-47595.html * https://www.suse.com/security/cve/CVE-2021-47596.html * https://www.suse.com/security/cve/CVE-2021-47597.html * https://www.suse.com/security/cve/CVE-2021-47600.html * https://www.suse.com/security/cve/CVE-2021-47601.html * https://www.suse.com/security/cve/CVE-2021-47602.html * https://www.suse.com/security/cve/CVE-2021-47603.html * https://www.suse.com/security/cve/CVE-2021-47604.html * https://www.suse.com/security/cve/CVE-2021-47605.html * https://www.suse.com/security/cve/CVE-2021-47607.html * https://www.suse.com/security/cve/CVE-2021-47608.html * https://www.suse.com/security/cve/CVE-2021-47609.html * https://www.suse.com/security/cve/CVE-2021-47610.html * https://www.suse.com/security/cve/CVE-2021-47611.html * https://www.suse.com/security/cve/CVE-2021-47612.html * https://www.suse.com/security/cve/CVE-2021-47614.html * https://www.suse.com/security/cve/CVE-2021-47615.html * https://www.suse.com/security/cve/CVE-2021-47616.html * https://www.suse.com/security/cve/CVE-2021-47617.html * https://www.suse.com/security/cve/CVE-2021-47618.html * https://www.suse.com/security/cve/CVE-2021-47619.html * https://www.suse.com/security/cve/CVE-2021-47620.html * https://www.suse.com/security/cve/CVE-2022-48711.html * https://www.suse.com/security/cve/CVE-2022-48712.html * https://www.suse.com/security/cve/CVE-2022-48713.html * https://www.suse.com/security/cve/CVE-2022-48714.html * https://www.suse.com/security/cve/CVE-2022-48715.html * https://www.suse.com/security/cve/CVE-2022-48716.html * https://www.suse.com/security/cve/CVE-2022-48717.html * https://www.suse.com/security/cve/CVE-2022-48718.html * https://www.suse.com/security/cve/CVE-2022-48720.html * https://www.suse.com/security/cve/CVE-2022-48721.html * https://www.suse.com/security/cve/CVE-2022-48722.html * https://www.suse.com/security/cve/CVE-2022-48723.html * https://www.suse.com/security/cve/CVE-2022-48724.html * https://www.suse.com/security/cve/CVE-2022-48725.html * https://www.suse.com/security/cve/CVE-2022-48726.html * https://www.suse.com/security/cve/CVE-2022-48727.html * https://www.suse.com/security/cve/CVE-2022-48728.html * https://www.suse.com/security/cve/CVE-2022-48729.html * https://www.suse.com/security/cve/CVE-2022-48730.html * https://www.suse.com/security/cve/CVE-2022-48732.html * https://www.suse.com/security/cve/CVE-2022-48733.html * https://www.suse.com/security/cve/CVE-2022-48734.html * https://www.suse.com/security/cve/CVE-2022-48735.html * https://www.suse.com/security/cve/CVE-2022-48736.html * https://www.suse.com/security/cve/CVE-2022-48737.html * https://www.suse.com/security/cve/CVE-2022-48738.html * https://www.suse.com/security/cve/CVE-2022-48739.html * https://www.suse.com/security/cve/CVE-2022-48740.html * https://www.suse.com/security/cve/CVE-2022-48743.html * https://www.suse.com/security/cve/CVE-2022-48744.html * https://www.suse.com/security/cve/CVE-2022-48745.html * https://www.suse.com/security/cve/CVE-2022-48746.html * https://www.suse.com/security/cve/CVE-2022-48747.html * https://www.suse.com/security/cve/CVE-2022-48748.html * https://www.suse.com/security/cve/CVE-2022-48749.html * https://www.suse.com/security/cve/CVE-2022-48751.html * https://www.suse.com/security/cve/CVE-2022-48752.html * https://www.suse.com/security/cve/CVE-2022-48753.html * https://www.suse.com/security/cve/CVE-2022-48754.html * https://www.suse.com/security/cve/CVE-2022-48755.html * https://www.suse.com/security/cve/CVE-2022-48756.html * https://www.suse.com/security/cve/CVE-2022-48758.html * https://www.suse.com/security/cve/CVE-2022-48759.html * https://www.suse.com/security/cve/CVE-2022-48760.html * https://www.suse.com/security/cve/CVE-2022-48761.html * https://www.suse.com/security/cve/CVE-2022-48763.html * https://www.suse.com/security/cve/CVE-2022-48765.html * https://www.suse.com/security/cve/CVE-2022-48766.html * https://www.suse.com/security/cve/CVE-2022-48767.html * https://www.suse.com/security/cve/CVE-2022-48768.html * https://www.suse.com/security/cve/CVE-2022-48769.html * https://www.suse.com/security/cve/CVE-2022-48770.html * https://www.suse.com/security/cve/CVE-2022-48771.html * https://www.suse.com/security/cve/CVE-2022-48772.html * https://www.suse.com/security/cve/CVE-2023-24023.html * https://www.suse.com/security/cve/CVE-2023-52622.html * https://www.suse.com/security/cve/CVE-2023-52658.html * https://www.suse.com/security/cve/CVE-2023-52667.html * https://www.suse.com/security/cve/CVE-2023-52670.html * https://www.suse.com/security/cve/CVE-2023-52672.html * https://www.suse.com/security/cve/CVE-2023-52675.html * https://www.suse.com/security/cve/CVE-2023-52735.html * https://www.suse.com/security/cve/CVE-2023-52737.html * https://www.suse.com/security/cve/CVE-2023-52752.html * https://www.suse.com/security/cve/CVE-2023-52766.html * https://www.suse.com/security/cve/CVE-2023-52784.html * https://www.suse.com/security/cve/CVE-2023-52787.html * https://www.suse.com/security/cve/CVE-2023-52800.html * https://www.suse.com/security/cve/CVE-2023-52835.html * https://www.suse.com/security/cve/CVE-2023-52837.html * https://www.suse.com/security/cve/CVE-2023-52843.html * https://www.suse.com/security/cve/CVE-2023-52845.html * https://www.suse.com/security/cve/CVE-2023-52846.html * https://www.suse.com/security/cve/CVE-2023-52869.html * https://www.suse.com/security/cve/CVE-2023-52881.html * https://www.suse.com/security/cve/CVE-2023-52882.html * https://www.suse.com/security/cve/CVE-2023-52884.html * https://www.suse.com/security/cve/CVE-2024-26625.html * https://www.suse.com/security/cve/CVE-2024-26644.html * https://www.suse.com/security/cve/CVE-2024-26720.html * https://www.suse.com/security/cve/CVE-2024-26842.html * https://www.suse.com/security/cve/CVE-2024-26845.html * https://www.suse.com/security/cve/CVE-2024-26923.html * https://www.suse.com/security/cve/CVE-2024-26973.html * https://www.suse.com/security/cve/CVE-2024-27432.html * https://www.suse.com/security/cve/CVE-2024-33619.html * https://www.suse.com/security/cve/CVE-2024-35247.html * https://www.suse.com/security/cve/CVE-2024-35789.html * https://www.suse.com/security/cve/CVE-2024-35790.html * https://www.suse.com/security/cve/CVE-2024-35807.html * https://www.suse.com/security/cve/CVE-2024-35814.html * https://www.suse.com/security/cve/CVE-2024-35835.html * https://www.suse.com/security/cve/CVE-2024-35848.html * https://www.suse.com/security/cve/CVE-2024-35857.html * https://www.suse.com/security/cve/CVE-2024-35861.html * https://www.suse.com/security/cve/CVE-2024-35862.html * https://www.suse.com/security/cve/CVE-2024-35864.html * https://www.suse.com/security/cve/CVE-2024-35869.html * https://www.suse.com/security/cve/CVE-2024-35878.html * https://www.suse.com/security/cve/CVE-2024-35884.html * https://www.suse.com/security/cve/CVE-2024-35886.html * https://www.suse.com/security/cve/CVE-2024-35896.html * https://www.suse.com/security/cve/CVE-2024-35898.html * https://www.suse.com/security/cve/CVE-2024-35900.html * https://www.suse.com/security/cve/CVE-2024-35905.html * https://www.suse.com/security/cve/CVE-2024-35925.html * https://www.suse.com/security/cve/CVE-2024-35950.html * https://www.suse.com/security/cve/CVE-2024-35956.html * https://www.suse.com/security/cve/CVE-2024-35958.html * https://www.suse.com/security/cve/CVE-2024-35960.html * https://www.suse.com/security/cve/CVE-2024-35962.html * https://www.suse.com/security/cve/CVE-2024-35997.html * https://www.suse.com/security/cve/CVE-2024-36005.html * https://www.suse.com/security/cve/CVE-2024-36008.html * https://www.suse.com/security/cve/CVE-2024-36017.html * https://www.suse.com/security/cve/CVE-2024-36020.html * https://www.suse.com/security/cve/CVE-2024-36021.html * https://www.suse.com/security/cve/CVE-2024-36025.html * https://www.suse.com/security/cve/CVE-2024-36477.html * https://www.suse.com/security/cve/CVE-2024-36478.html * https://www.suse.com/security/cve/CVE-2024-36479.html * https://www.suse.com/security/cve/CVE-2024-36890.html * https://www.suse.com/security/cve/CVE-2024-36894.html * https://www.suse.com/security/cve/CVE-2024-36899.html * https://www.suse.com/security/cve/CVE-2024-36900.html * https://www.suse.com/security/cve/CVE-2024-36904.html * https://www.suse.com/security/cve/CVE-2024-36915.html * https://www.suse.com/security/cve/CVE-2024-36916.html * https://www.suse.com/security/cve/CVE-2024-36917.html * https://www.suse.com/security/cve/CVE-2024-36919.html * https://www.suse.com/security/cve/CVE-2024-36934.html * https://www.suse.com/security/cve/CVE-2024-36937.html * https://www.suse.com/security/cve/CVE-2024-36940.html * https://www.suse.com/security/cve/CVE-2024-36945.html * https://www.suse.com/security/cve/CVE-2024-36949.html * https://www.suse.com/security/cve/CVE-2024-36960.html * https://www.suse.com/security/cve/CVE-2024-36964.html * https://www.suse.com/security/cve/CVE-2024-36965.html * https://www.suse.com/security/cve/CVE-2024-36967.html * https://www.suse.com/security/cve/CVE-2024-36969.html * https://www.suse.com/security/cve/CVE-2024-36971.html * https://www.suse.com/security/cve/CVE-2024-36975.html * https://www.suse.com/security/cve/CVE-2024-36978.html * https://www.suse.com/security/cve/CVE-2024-37021.html * https://www.suse.com/security/cve/CVE-2024-37078.html * https://www.suse.com/security/cve/CVE-2024-37354.html * https://www.suse.com/security/cve/CVE-2024-38381.html * https://www.suse.com/security/cve/CVE-2024-38388.html * https://www.suse.com/security/cve/CVE-2024-38390.html * https://www.suse.com/security/cve/CVE-2024-38540.html * https://www.suse.com/security/cve/CVE-2024-38541.html * https://www.suse.com/security/cve/CVE-2024-38544.html * https://www.suse.com/security/cve/CVE-2024-38545.html * https://www.suse.com/security/cve/CVE-2024-38546.html * https://www.suse.com/security/cve/CVE-2024-38547.html * https://www.suse.com/security/cve/CVE-2024-38548.html * https://www.suse.com/security/cve/CVE-2024-38549.html * https://www.suse.com/security/cve/CVE-2024-38550.html * https://www.suse.com/security/cve/CVE-2024-38552.html * https://www.suse.com/security/cve/CVE-2024-38553.html * https://www.suse.com/security/cve/CVE-2024-38555.html * https://www.suse.com/security/cve/CVE-2024-38556.html * https://www.suse.com/security/cve/CVE-2024-38557.html * https://www.suse.com/security/cve/CVE-2024-38559.html * https://www.suse.com/security/cve/CVE-2024-38560.html * https://www.suse.com/security/cve/CVE-2024-38564.html * https://www.suse.com/security/cve/CVE-2024-38565.html * https://www.suse.com/security/cve/CVE-2024-38567.html * https://www.suse.com/security/cve/CVE-2024-38568.html * https://www.suse.com/security/cve/CVE-2024-38571.html * https://www.suse.com/security/cve/CVE-2024-38573.html * https://www.suse.com/security/cve/CVE-2024-38578.html * https://www.suse.com/security/cve/CVE-2024-38579.html * https://www.suse.com/security/cve/CVE-2024-38580.html * https://www.suse.com/security/cve/CVE-2024-38581.html * https://www.suse.com/security/cve/CVE-2024-38582.html * https://www.suse.com/security/cve/CVE-2024-38583.html * https://www.suse.com/security/cve/CVE-2024-38587.html * https://www.suse.com/security/cve/CVE-2024-38590.html * https://www.suse.com/security/cve/CVE-2024-38591.html * https://www.suse.com/security/cve/CVE-2024-38594.html * https://www.suse.com/security/cve/CVE-2024-38597.html * https://www.suse.com/security/cve/CVE-2024-38599.html * https://www.suse.com/security/cve/CVE-2024-38600.html * https://www.suse.com/security/cve/CVE-2024-38601.html * https://www.suse.com/security/cve/CVE-2024-38603.html * https://www.suse.com/security/cve/CVE-2024-38605.html * https://www.suse.com/security/cve/CVE-2024-38608.html * https://www.suse.com/security/cve/CVE-2024-38616.html * https://www.suse.com/security/cve/CVE-2024-38618.html * https://www.suse.com/security/cve/CVE-2024-38619.html * https://www.suse.com/security/cve/CVE-2024-38621.html * https://www.suse.com/security/cve/CVE-2024-38627.html * https://www.suse.com/security/cve/CVE-2024-38630.html * https://www.suse.com/security/cve/CVE-2024-38633.html * https://www.suse.com/security/cve/CVE-2024-38634.html * https://www.suse.com/security/cve/CVE-2024-38635.html * https://www.suse.com/security/cve/CVE-2024-38659.html * https://www.suse.com/security/cve/CVE-2024-38661.html * https://www.suse.com/security/cve/CVE-2024-38780.html * https://www.suse.com/security/cve/CVE-2024-39301.html * https://www.suse.com/security/cve/CVE-2024-39468.html * https://www.suse.com/security/cve/CVE-2024-39469.html * https://www.suse.com/security/cve/CVE-2024-39471.html * https://bugzilla.suse.com/show_bug.cgi?id=1156395 * https://bugzilla.suse.com/show_bug.cgi?id=1190336 * https://bugzilla.suse.com/show_bug.cgi?id=1191958 * https://bugzilla.suse.com/show_bug.cgi?id=1193883 * https://bugzilla.suse.com/show_bug.cgi?id=1194826 * https://bugzilla.suse.com/show_bug.cgi?id=1195065 * https://bugzilla.suse.com/show_bug.cgi?id=1195254 * https://bugzilla.suse.com/show_bug.cgi?id=1195341 * https://bugzilla.suse.com/show_bug.cgi?id=1195349 * https://bugzilla.suse.com/show_bug.cgi?id=1195775 * https://bugzilla.suse.com/show_bug.cgi?id=1196746 * https://bugzilla.suse.com/show_bug.cgi?id=1197915 * https://bugzilla.suse.com/show_bug.cgi?id=1198014 * https://bugzilla.suse.com/show_bug.cgi?id=1199295 * https://bugzilla.suse.com/show_bug.cgi?id=1202767 * https://bugzilla.suse.com/show_bug.cgi?id=1202780 * https://bugzilla.suse.com/show_bug.cgi?id=1205205 * https://bugzilla.suse.com/show_bug.cgi?id=1207361 * https://bugzilla.suse.com/show_bug.cgi?id=1217912 * https://bugzilla.suse.com/show_bug.cgi?id=1218148 * https://bugzilla.suse.com/show_bug.cgi?id=1218570 * https://bugzilla.suse.com/show_bug.cgi?id=1218820 * https://bugzilla.suse.com/show_bug.cgi?id=1219224 * https://bugzilla.suse.com/show_bug.cgi?id=1219633 * https://bugzilla.suse.com/show_bug.cgi?id=1219847 * https://bugzilla.suse.com/show_bug.cgi?id=1220368 * https://bugzilla.suse.com/show_bug.cgi?id=1220812 * https://bugzilla.suse.com/show_bug.cgi?id=1220958 * https://bugzilla.suse.com/show_bug.cgi?id=1221086 * https://bugzilla.suse.com/show_bug.cgi?id=1221282 * https://bugzilla.suse.com/show_bug.cgi?id=1221958 * https://bugzilla.suse.com/show_bug.cgi?id=1222015 * https://bugzilla.suse.com/show_bug.cgi?id=1222072 * https://bugzilla.suse.com/show_bug.cgi?id=1222080 * https://bugzilla.suse.com/show_bug.cgi?id=1222241 * https://bugzilla.suse.com/show_bug.cgi?id=1222254 * https://bugzilla.suse.com/show_bug.cgi?id=1222364 * https://bugzilla.suse.com/show_bug.cgi?id=1222893 * https://bugzilla.suse.com/show_bug.cgi?id=1223013 * https://bugzilla.suse.com/show_bug.cgi?id=1223018 * https://bugzilla.suse.com/show_bug.cgi?id=1223265 * https://bugzilla.suse.com/show_bug.cgi?id=1223384 * https://bugzilla.suse.com/show_bug.cgi?id=1223641 * https://bugzilla.suse.com/show_bug.cgi?id=1224020 * https://bugzilla.suse.com/show_bug.cgi?id=1224331 * https://bugzilla.suse.com/show_bug.cgi?id=1224488 * https://bugzilla.suse.com/show_bug.cgi?id=1224497 * https://bugzilla.suse.com/show_bug.cgi?id=1224498 * https://bugzilla.suse.com/show_bug.cgi?id=1224504 * https://bugzilla.suse.com/show_bug.cgi?id=1224520 * https://bugzilla.suse.com/show_bug.cgi?id=1224539 * https://bugzilla.suse.com/show_bug.cgi?id=1224540 * https://bugzilla.suse.com/show_bug.cgi?id=1224552 * https://bugzilla.suse.com/show_bug.cgi?id=1224583 * https://bugzilla.suse.com/show_bug.cgi?id=1224588 * https://bugzilla.suse.com/show_bug.cgi?id=1224602 * https://bugzilla.suse.com/show_bug.cgi?id=1224603 * https://bugzilla.suse.com/show_bug.cgi?id=1224605 * https://bugzilla.suse.com/show_bug.cgi?id=1224612 * https://bugzilla.suse.com/show_bug.cgi?id=1224614 * https://bugzilla.suse.com/show_bug.cgi?id=1224619 * https://bugzilla.suse.com/show_bug.cgi?id=1224661 * https://bugzilla.suse.com/show_bug.cgi?id=1224662 * https://bugzilla.suse.com/show_bug.cgi?id=1224670 * https://bugzilla.suse.com/show_bug.cgi?id=1224671 * https://bugzilla.suse.com/show_bug.cgi?id=1224674 * https://bugzilla.suse.com/show_bug.cgi?id=1224677 * https://bugzilla.suse.com/show_bug.cgi?id=1224679 * https://bugzilla.suse.com/show_bug.cgi?id=1224696 * https://bugzilla.suse.com/show_bug.cgi?id=1224703 * https://bugzilla.suse.com/show_bug.cgi?id=1224712 * https://bugzilla.suse.com/show_bug.cgi?id=1224716 * https://bugzilla.suse.com/show_bug.cgi?id=1224719 * https://bugzilla.suse.com/show_bug.cgi?id=1224735 * https://bugzilla.suse.com/show_bug.cgi?id=1224749 * https://bugzilla.suse.com/show_bug.cgi?id=1224764 * https://bugzilla.suse.com/show_bug.cgi?id=1224765 * https://bugzilla.suse.com/show_bug.cgi?id=1224766 * https://bugzilla.suse.com/show_bug.cgi?id=1224935 * https://bugzilla.suse.com/show_bug.cgi?id=1224946 * https://bugzilla.suse.com/show_bug.cgi?id=1224951 * https://bugzilla.suse.com/show_bug.cgi?id=1225050 * https://bugzilla.suse.com/show_bug.cgi?id=1225098 * https://bugzilla.suse.com/show_bug.cgi?id=1225105 * https://bugzilla.suse.com/show_bug.cgi?id=1225300 * https://bugzilla.suse.com/show_bug.cgi?id=1225389 * https://bugzilla.suse.com/show_bug.cgi?id=1225391 * https://bugzilla.suse.com/show_bug.cgi?id=1225419 * https://bugzilla.suse.com/show_bug.cgi?id=1225426 * https://bugzilla.suse.com/show_bug.cgi?id=1225448 * https://bugzilla.suse.com/show_bug.cgi?id=1225452 * https://bugzilla.suse.com/show_bug.cgi?id=1225467 * https://bugzilla.suse.com/show_bug.cgi?id=1225475 * https://bugzilla.suse.com/show_bug.cgi?id=1225484 * https://bugzilla.suse.com/show_bug.cgi?id=1225487 * https://bugzilla.suse.com/show_bug.cgi?id=1225514 * https://bugzilla.suse.com/show_bug.cgi?id=1225518 * https://bugzilla.suse.com/show_bug.cgi?id=1225535 * https://bugzilla.suse.com/show_bug.cgi?id=1225585 * https://bugzilla.suse.com/show_bug.cgi?id=1225602 * https://bugzilla.suse.com/show_bug.cgi?id=1225611 * https://bugzilla.suse.com/show_bug.cgi?id=1225681 * https://bugzilla.suse.com/show_bug.cgi?id=1225692 * https://bugzilla.suse.com/show_bug.cgi?id=1225698 * https://bugzilla.suse.com/show_bug.cgi?id=1225699 * https://bugzilla.suse.com/show_bug.cgi?id=1225704 * https://bugzilla.suse.com/show_bug.cgi?id=1225714 * https://bugzilla.suse.com/show_bug.cgi?id=1225726 * https://bugzilla.suse.com/show_bug.cgi?id=1225732 * https://bugzilla.suse.com/show_bug.cgi?id=1225737 * https://bugzilla.suse.com/show_bug.cgi?id=1225749 * https://bugzilla.suse.com/show_bug.cgi?id=1225758 * https://bugzilla.suse.com/show_bug.cgi?id=1225759 * https://bugzilla.suse.com/show_bug.cgi?id=1225760 * https://bugzilla.suse.com/show_bug.cgi?id=1225767 * https://bugzilla.suse.com/show_bug.cgi?id=1225770 * https://bugzilla.suse.com/show_bug.cgi?id=1225823 * https://bugzilla.suse.com/show_bug.cgi?id=1225834 * https://bugzilla.suse.com/show_bug.cgi?id=1225840 * https://bugzilla.suse.com/show_bug.cgi?id=1225866 * https://bugzilla.suse.com/show_bug.cgi?id=1225872 * https://bugzilla.suse.com/show_bug.cgi?id=1225894 * https://bugzilla.suse.com/show_bug.cgi?id=1226022 * https://bugzilla.suse.com/show_bug.cgi?id=1226131 * https://bugzilla.suse.com/show_bug.cgi?id=1226145 * https://bugzilla.suse.com/show_bug.cgi?id=1226149 * https://bugzilla.suse.com/show_bug.cgi?id=1226155 * https://bugzilla.suse.com/show_bug.cgi?id=1226211 * https://bugzilla.suse.com/show_bug.cgi?id=1226212 * https://bugzilla.suse.com/show_bug.cgi?id=1226226 * https://bugzilla.suse.com/show_bug.cgi?id=1226514 * https://bugzilla.suse.com/show_bug.cgi?id=1226520 * https://bugzilla.suse.com/show_bug.cgi?id=1226537 * https://bugzilla.suse.com/show_bug.cgi?id=1226538 * https://bugzilla.suse.com/show_bug.cgi?id=1226539 * https://bugzilla.suse.com/show_bug.cgi?id=1226550 * https://bugzilla.suse.com/show_bug.cgi?id=1226552 * https://bugzilla.suse.com/show_bug.cgi?id=1226553 * https://bugzilla.suse.com/show_bug.cgi?id=1226554 * https://bugzilla.suse.com/show_bug.cgi?id=1226556 * https://bugzilla.suse.com/show_bug.cgi?id=1226557 * https://bugzilla.suse.com/show_bug.cgi?id=1226558 * https://bugzilla.suse.com/show_bug.cgi?id=1226559 * https://bugzilla.suse.com/show_bug.cgi?id=1226561 * https://bugzilla.suse.com/show_bug.cgi?id=1226562 * https://bugzilla.suse.com/show_bug.cgi?id=1226563 * https://bugzilla.suse.com/show_bug.cgi?id=1226564 * https://bugzilla.suse.com/show_bug.cgi?id=1226566 * https://bugzilla.suse.com/show_bug.cgi?id=1226567 * https://bugzilla.suse.com/show_bug.cgi?id=1226569 * https://bugzilla.suse.com/show_bug.cgi?id=1226572 * https://bugzilla.suse.com/show_bug.cgi?id=1226575 * https://bugzilla.suse.com/show_bug.cgi?id=1226576 * https://bugzilla.suse.com/show_bug.cgi?id=1226577 * https://bugzilla.suse.com/show_bug.cgi?id=1226579 * https://bugzilla.suse.com/show_bug.cgi?id=1226580 * https://bugzilla.suse.com/show_bug.cgi?id=1226581 * https://bugzilla.suse.com/show_bug.cgi?id=1226582 * https://bugzilla.suse.com/show_bug.cgi?id=1226583 * https://bugzilla.suse.com/show_bug.cgi?id=1226585 * https://bugzilla.suse.com/show_bug.cgi?id=1226587 * https://bugzilla.suse.com/show_bug.cgi?id=1226588 * https://bugzilla.suse.com/show_bug.cgi?id=1226593 * https://bugzilla.suse.com/show_bug.cgi?id=1226595 * https://bugzilla.suse.com/show_bug.cgi?id=1226597 * https://bugzilla.suse.com/show_bug.cgi?id=1226601 * https://bugzilla.suse.com/show_bug.cgi?id=1226602 * https://bugzilla.suse.com/show_bug.cgi?id=1226603 * https://bugzilla.suse.com/show_bug.cgi?id=1226607 * https://bugzilla.suse.com/show_bug.cgi?id=1226610 * https://bugzilla.suse.com/show_bug.cgi?id=1226614 * https://bugzilla.suse.com/show_bug.cgi?id=1226616 * https://bugzilla.suse.com/show_bug.cgi?id=1226617 * https://bugzilla.suse.com/show_bug.cgi?id=1226618 * https://bugzilla.suse.com/show_bug.cgi?id=1226619 * https://bugzilla.suse.com/show_bug.cgi?id=1226621 * https://bugzilla.suse.com/show_bug.cgi?id=1226622 * https://bugzilla.suse.com/show_bug.cgi?id=1226624 * https://bugzilla.suse.com/show_bug.cgi?id=1226626 * https://bugzilla.suse.com/show_bug.cgi?id=1226628 * https://bugzilla.suse.com/show_bug.cgi?id=1226629 * https://bugzilla.suse.com/show_bug.cgi?id=1226632 * https://bugzilla.suse.com/show_bug.cgi?id=1226633 * https://bugzilla.suse.com/show_bug.cgi?id=1226634 * https://bugzilla.suse.com/show_bug.cgi?id=1226637 * https://bugzilla.suse.com/show_bug.cgi?id=1226643 * https://bugzilla.suse.com/show_bug.cgi?id=1226644 * https://bugzilla.suse.com/show_bug.cgi?id=1226645 * https://bugzilla.suse.com/show_bug.cgi?id=1226647 * https://bugzilla.suse.com/show_bug.cgi?id=1226650 * https://bugzilla.suse.com/show_bug.cgi?id=1226653 * https://bugzilla.suse.com/show_bug.cgi?id=1226657 * https://bugzilla.suse.com/show_bug.cgi?id=1226658 * https://bugzilla.suse.com/show_bug.cgi?id=1226669 * https://bugzilla.suse.com/show_bug.cgi?id=1226670 * https://bugzilla.suse.com/show_bug.cgi?id=1226672 * https://bugzilla.suse.com/show_bug.cgi?id=1226673 * https://bugzilla.suse.com/show_bug.cgi?id=1226674 * https://bugzilla.suse.com/show_bug.cgi?id=1226675 * https://bugzilla.suse.com/show_bug.cgi?id=1226678 * https://bugzilla.suse.com/show_bug.cgi?id=1226679 * https://bugzilla.suse.com/show_bug.cgi?id=1226683 * https://bugzilla.suse.com/show_bug.cgi?id=1226685 * https://bugzilla.suse.com/show_bug.cgi?id=1226686 * https://bugzilla.suse.com/show_bug.cgi?id=1226690 * https://bugzilla.suse.com/show_bug.cgi?id=1226691 * https://bugzilla.suse.com/show_bug.cgi?id=1226692 * https://bugzilla.suse.com/show_bug.cgi?id=1226693 * https://bugzilla.suse.com/show_bug.cgi?id=1226696 * https://bugzilla.suse.com/show_bug.cgi?id=1226697 * https://bugzilla.suse.com/show_bug.cgi?id=1226698 * https://bugzilla.suse.com/show_bug.cgi?id=1226699 * https://bugzilla.suse.com/show_bug.cgi?id=1226701 * https://bugzilla.suse.com/show_bug.cgi?id=1226702 * https://bugzilla.suse.com/show_bug.cgi?id=1226703 * https://bugzilla.suse.com/show_bug.cgi?id=1226704 * https://bugzilla.suse.com/show_bug.cgi?id=1226705 * https://bugzilla.suse.com/show_bug.cgi?id=1226706 * https://bugzilla.suse.com/show_bug.cgi?id=1226708 * https://bugzilla.suse.com/show_bug.cgi?id=1226709 * https://bugzilla.suse.com/show_bug.cgi?id=1226710 * https://bugzilla.suse.com/show_bug.cgi?id=1226711 * https://bugzilla.suse.com/show_bug.cgi?id=1226712 * https://bugzilla.suse.com/show_bug.cgi?id=1226713 * https://bugzilla.suse.com/show_bug.cgi?id=1226715 * https://bugzilla.suse.com/show_bug.cgi?id=1226716 * https://bugzilla.suse.com/show_bug.cgi?id=1226718 * https://bugzilla.suse.com/show_bug.cgi?id=1226719 * https://bugzilla.suse.com/show_bug.cgi?id=1226720 * https://bugzilla.suse.com/show_bug.cgi?id=1226721 * https://bugzilla.suse.com/show_bug.cgi?id=1226730 * https://bugzilla.suse.com/show_bug.cgi?id=1226732 * https://bugzilla.suse.com/show_bug.cgi?id=1226734 * https://bugzilla.suse.com/show_bug.cgi?id=1226735 * https://bugzilla.suse.com/show_bug.cgi?id=1226737 * https://bugzilla.suse.com/show_bug.cgi?id=1226738 * https://bugzilla.suse.com/show_bug.cgi?id=1226739 * https://bugzilla.suse.com/show_bug.cgi?id=1226740 * https://bugzilla.suse.com/show_bug.cgi?id=1226744 * https://bugzilla.suse.com/show_bug.cgi?id=1226746 * https://bugzilla.suse.com/show_bug.cgi?id=1226747 * https://bugzilla.suse.com/show_bug.cgi?id=1226749 * https://bugzilla.suse.com/show_bug.cgi?id=1226754 * https://bugzilla.suse.com/show_bug.cgi?id=1226762 * https://bugzilla.suse.com/show_bug.cgi?id=1226764 * https://bugzilla.suse.com/show_bug.cgi?id=1226767 * https://bugzilla.suse.com/show_bug.cgi?id=1226768 * https://bugzilla.suse.com/show_bug.cgi?id=1226769 * https://bugzilla.suse.com/show_bug.cgi?id=1226771 * https://bugzilla.suse.com/show_bug.cgi?id=1226774 * https://bugzilla.suse.com/show_bug.cgi?id=1226777 * https://bugzilla.suse.com/show_bug.cgi?id=1226780 * https://bugzilla.suse.com/show_bug.cgi?id=1226781 * https://bugzilla.suse.com/show_bug.cgi?id=1226785 * https://bugzilla.suse.com/show_bug.cgi?id=1226786 * https://bugzilla.suse.com/show_bug.cgi?id=1226789 * https://bugzilla.suse.com/show_bug.cgi?id=1226791 * https://bugzilla.suse.com/show_bug.cgi?id=1226839 * https://bugzilla.suse.com/show_bug.cgi?id=1226840 * https://bugzilla.suse.com/show_bug.cgi?id=1226841 * https://bugzilla.suse.com/show_bug.cgi?id=1226842 * https://bugzilla.suse.com/show_bug.cgi?id=1226848 * https://bugzilla.suse.com/show_bug.cgi?id=1226852 * https://bugzilla.suse.com/show_bug.cgi?id=1226857 * https://bugzilla.suse.com/show_bug.cgi?id=1226861 * https://bugzilla.suse.com/show_bug.cgi?id=1226863 * https://bugzilla.suse.com/show_bug.cgi?id=1226864 * https://bugzilla.suse.com/show_bug.cgi?id=1226867 * https://bugzilla.suse.com/show_bug.cgi?id=1226868 * https://bugzilla.suse.com/show_bug.cgi?id=1226876 * https://bugzilla.suse.com/show_bug.cgi?id=1226878 * https://bugzilla.suse.com/show_bug.cgi?id=1226883 * https://bugzilla.suse.com/show_bug.cgi?id=1226886 * https://bugzilla.suse.com/show_bug.cgi?id=1226890 * https://bugzilla.suse.com/show_bug.cgi?id=1226891 * https://bugzilla.suse.com/show_bug.cgi?id=1226895 * https://bugzilla.suse.com/show_bug.cgi?id=1226908 * https://bugzilla.suse.com/show_bug.cgi?id=1226915 * https://bugzilla.suse.com/show_bug.cgi?id=1226928 * https://bugzilla.suse.com/show_bug.cgi?id=1226948 * https://bugzilla.suse.com/show_bug.cgi?id=1226949 * https://bugzilla.suse.com/show_bug.cgi?id=1226950 * https://bugzilla.suse.com/show_bug.cgi?id=1226953 * https://bugzilla.suse.com/show_bug.cgi?id=1226962 * https://bugzilla.suse.com/show_bug.cgi?id=1226976 * https://bugzilla.suse.com/show_bug.cgi?id=1226992 * https://bugzilla.suse.com/show_bug.cgi?id=1226994 * https://bugzilla.suse.com/show_bug.cgi?id=1226996 * https://bugzilla.suse.com/show_bug.cgi?id=1227066 * https://bugzilla.suse.com/show_bug.cgi?id=1227096 * https://bugzilla.suse.com/show_bug.cgi?id=1227101 * https://bugzilla.suse.com/show_bug.cgi?id=1227103 * https://bugzilla.suse.com/show_bug.cgi?id=1227274 * https://jira.suse.com/browse/PED-8491 * https://jira.suse.com/browse/PED-8570 * https://jira.suse.com/browse/PED-8690 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Jul 11 08:30:04 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 11 Jul 2024 08:30:04 -0000 Subject: SUSE-SU-2024:2396-1: important: Security update for the Linux Kernel (Live Patch 41 for SLE 15 SP3) Message-ID: <172068660446.16901.8956346679421023807@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 41 for SLE 15 SP3) Announcement ID: SUSE-SU-2024:2396-1 Rating: important References: * bsc#1220145 * bsc#1223363 * bsc#1223683 * bsc#1225211 Cross-References: * CVE-2021-47383 * CVE-2024-23307 * CVE-2024-26828 * CVE-2024-26923 CVSS scores: * CVE-2021-47383 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26828 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H * CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise Live Patching 15-SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves four vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.3.18-150300_59_150 fixes several issues. The following security issues were fixed: * CVE-2021-47383: Fixed out-of-bound vmalloc access in imageblit (bsc#1225211). * CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683). * CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223363). * CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5 modules (bsc#1220145). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-2396=1 SUSE-2024-2398=1 SUSE-2024-2395=1 * SUSE Linux Enterprise Live Patching 15-SP3 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2024-2396=1 SUSE-SLE- Module-Live-Patching-15-SP3-2024-2398=1 SUSE-SLE-Module-Live- Patching-15-SP3-2024-2395=1 ## Package List: * openSUSE Leap 15.3 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP3_Update_36-debugsource-11-150300.2.1 * kernel-livepatch-5_3_18-150300_59_144-default-9-150300.2.1 * kernel-livepatch-5_3_18-150300_59_150-default-debuginfo-8-150300.2.1 * kernel-livepatch-SLE15-SP3_Update_41-debugsource-8-150300.2.1 * kernel-livepatch-SLE15-SP3_Update_39-debugsource-9-150300.2.1 * kernel-livepatch-5_3_18-150300_59_133-default-11-150300.2.1 * kernel-livepatch-5_3_18-150300_59_150-default-8-150300.2.1 * kernel-livepatch-5_3_18-150300_59_144-default-debuginfo-9-150300.2.1 * kernel-livepatch-5_3_18-150300_59_133-default-debuginfo-11-150300.2.1 * openSUSE Leap 15.3 (x86_64) * kernel-livepatch-5_3_18-150300_59_150-preempt-8-150300.2.1 * kernel-livepatch-5_3_18-150300_59_133-preempt-11-150300.2.1 * kernel-livepatch-5_3_18-150300_59_144-preempt-debuginfo-9-150300.2.1 * kernel-livepatch-5_3_18-150300_59_150-preempt-debuginfo-8-150300.2.1 * kernel-livepatch-5_3_18-150300_59_133-preempt-debuginfo-11-150300.2.1 * kernel-livepatch-5_3_18-150300_59_144-preempt-9-150300.2.1 * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_150-default-8-150300.2.1 * kernel-livepatch-5_3_18-150300_59_144-default-9-150300.2.1 * kernel-livepatch-5_3_18-150300_59_133-default-11-150300.2.1 ## References: * https://www.suse.com/security/cve/CVE-2021-47383.html * https://www.suse.com/security/cve/CVE-2024-23307.html * https://www.suse.com/security/cve/CVE-2024-26828.html * https://www.suse.com/security/cve/CVE-2024-26923.html * https://bugzilla.suse.com/show_bug.cgi?id=1220145 * https://bugzilla.suse.com/show_bug.cgi?id=1223363 * https://bugzilla.suse.com/show_bug.cgi?id=1223683 * https://bugzilla.suse.com/show_bug.cgi?id=1225211 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Jul 11 12:30:13 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 11 Jul 2024 12:30:13 -0000 Subject: SUSE-SU-2024:2407-1: important: Security update for the Linux Kernel RT (Live Patch 15 for SLE 15 SP5) Message-ID: <172070101342.1436.13767294184426252626@smelt2.prg2.suse.org> # Security update for the Linux Kernel RT (Live Patch 15 for SLE 15 SP5) Announcement ID: SUSE-SU-2024:2407-1 Rating: important References: * bsc#1223363 * bsc#1223683 Cross-References: * CVE-2024-26828 * CVE-2024-26923 CVSS scores: * CVE-2024-26828 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H * CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves two vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.15.21-150500_13_55 fixes several issues. The following security issues were fixed: * CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683). * CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223363). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-2407=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-2407=1 ## Package List: * openSUSE Leap 15.5 (x86_64) * kernel-livepatch-5_14_21-150500_13_55-rt-debuginfo-2-150500.11.6.1 * kernel-livepatch-5_14_21-150500_13_55-rt-2-150500.11.6.1 * kernel-livepatch-SLE15-SP5-RT_Update_15-debugsource-2-150500.11.6.1 * SUSE Linux Enterprise Live Patching 15-SP5 (x86_64) * kernel-livepatch-5_14_21-150500_13_55-rt-debuginfo-2-150500.11.6.1 * kernel-livepatch-5_14_21-150500_13_55-rt-2-150500.11.6.1 * kernel-livepatch-SLE15-SP5-RT_Update_15-debugsource-2-150500.11.6.1 ## References: * https://www.suse.com/security/cve/CVE-2024-26828.html * https://www.suse.com/security/cve/CVE-2024-26923.html * https://bugzilla.suse.com/show_bug.cgi?id=1223363 * https://bugzilla.suse.com/show_bug.cgi?id=1223683 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Jul 11 16:30:03 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 11 Jul 2024 16:30:03 -0000 Subject: SUSE-SU-2024:2411-1: important: Security update for the Linux Kernel RT (Live Patch 16 for SLE 15 SP5) Message-ID: <172071540319.32699.18011092929816097244@smelt2.prg2.suse.org> # Security update for the Linux Kernel RT (Live Patch 16 for SLE 15 SP5) Announcement ID: SUSE-SU-2024:2411-1 Rating: important References: * bsc#1223683 Cross-References: * CVE-2024-26923 CVSS scores: * CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for the Linux Kernel 5.15.21-150500_13_58 fixes one issue. The following security issue was fixed: * CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-2411=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-2411=1 ## Package List: * openSUSE Leap 15.5 (x86_64) * kernel-livepatch-5_14_21-150500_13_58-rt-2-150500.11.6.1 * kernel-livepatch-5_14_21-150500_13_58-rt-debuginfo-2-150500.11.6.1 * kernel-livepatch-SLE15-SP5-RT_Update_16-debugsource-2-150500.11.6.1 * SUSE Linux Enterprise Live Patching 15-SP5 (x86_64) * kernel-livepatch-5_14_21-150500_13_58-rt-2-150500.11.6.1 * kernel-livepatch-5_14_21-150500_13_58-rt-debuginfo-2-150500.11.6.1 * kernel-livepatch-SLE15-SP5-RT_Update_16-debugsource-2-150500.11.6.1 ## References: * https://www.suse.com/security/cve/CVE-2024-26923.html * https://bugzilla.suse.com/show_bug.cgi?id=1223683 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Jul 11 16:30:04 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 11 Jul 2024 16:30:04 -0000 Subject: SUSE-SU-2024:2410-1: important: Security update for the Linux Kernel RT (Live Patch 14 for SLE 15 SP5) Message-ID: <172071540494.32699.4643901271325757695@smelt2.prg2.suse.org> # Security update for the Linux Kernel RT (Live Patch 14 for SLE 15 SP5) Announcement ID: SUSE-SU-2024:2410-1 Rating: important References: * bsc#1223363 * bsc#1223683 Cross-References: * CVE-2024-26828 * CVE-2024-26923 CVSS scores: * CVE-2024-26828 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H * CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves two vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_13_52 fixes several issues. The following security issues were fixed: * CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683). * CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223363). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-2410=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-2410=1 ## Package List: * openSUSE Leap 15.5 (x86_64) * kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource-2-150500.11.8.1 * kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo-2-150500.11.8.1 * kernel-livepatch-5_14_21-150500_13_52-rt-2-150500.11.8.1 * SUSE Linux Enterprise Live Patching 15-SP5 (x86_64) * kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource-2-150500.11.8.1 * kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo-2-150500.11.8.1 * kernel-livepatch-5_14_21-150500_13_52-rt-2-150500.11.8.1 ## References: * https://www.suse.com/security/cve/CVE-2024-26828.html * https://www.suse.com/security/cve/CVE-2024-26923.html * https://bugzilla.suse.com/show_bug.cgi?id=1223363 * https://bugzilla.suse.com/show_bug.cgi?id=1223683 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Jul 11 16:30:07 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 11 Jul 2024 16:30:07 -0000 Subject: SUSE-SU-2024:2409-1: important: Security update for libvpx Message-ID: <172071540735.32699.14904873499738500200@smelt2.prg2.suse.org> # Security update for libvpx Announcement ID: SUSE-SU-2024:2409-1 Rating: important References: * bsc#1216879 * bsc#1225403 * bsc#1225879 Cross-References: * CVE-2023-44488 * CVE-2023-6349 * CVE-2024-5197 CVSS scores: * CVE-2023-44488 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-44488 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6349 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-5197 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP5 * Basesystem Module 15-SP6 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 * SUSE Package Hub 15 15-SP5 * SUSE Package Hub 15 15-SP6 An update that solves three vulnerabilities can now be installed. ## Description: This update for libvpx fixes the following issues: * CVE-2024-5197: Fixed interger overflow when calling vpx_img_alloc() or vpx_img_wrap() with large parameters (bsc#1225879). * CVE-2023-6349: Fixed heap overflow when encoding a frame that has larger dimensions than the originally configured size (bsc#1225403). * CVE-2023-44488: Fixed heap buffer overflow in vp8 encoding (bsc#1216879). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-2409=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-2409=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-2409=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-2409=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-2409=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-2409=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-2409=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-2409=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-2409=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-2409=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-2409=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-2409=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-2409=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-2409=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-2409=1 ## Package List: * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * libvpx7-debuginfo-1.11.0-150400.3.7.1 * libvpx7-1.11.0-150400.3.7.1 * libvpx-devel-1.11.0-150400.3.7.1 * libvpx-debugsource-1.11.0-150400.3.7.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * libvpx7-debuginfo-1.11.0-150400.3.7.1 * libvpx7-1.11.0-150400.3.7.1 * libvpx-devel-1.11.0-150400.3.7.1 * vpx-tools-1.11.0-150400.3.7.1 * vpx-tools-debuginfo-1.11.0-150400.3.7.1 * libvpx-debugsource-1.11.0-150400.3.7.1 * openSUSE Leap 15.4 (x86_64) * libvpx7-32bit-debuginfo-1.11.0-150400.3.7.1 * libvpx7-32bit-1.11.0-150400.3.7.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libvpx7-64bit-1.11.0-150400.3.7.1 * libvpx7-64bit-debuginfo-1.11.0-150400.3.7.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * libvpx7-debuginfo-1.11.0-150400.3.7.1 * libvpx7-1.11.0-150400.3.7.1 * libvpx-devel-1.11.0-150400.3.7.1 * vpx-tools-1.11.0-150400.3.7.1 * vpx-tools-debuginfo-1.11.0-150400.3.7.1 * libvpx-debugsource-1.11.0-150400.3.7.1 * openSUSE Leap 15.5 (x86_64) * libvpx7-32bit-debuginfo-1.11.0-150400.3.7.1 * libvpx7-32bit-1.11.0-150400.3.7.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * libvpx7-debuginfo-1.11.0-150400.3.7.1 * libvpx7-1.11.0-150400.3.7.1 * libvpx-devel-1.11.0-150400.3.7.1 * vpx-tools-1.11.0-150400.3.7.1 * vpx-tools-debuginfo-1.11.0-150400.3.7.1 * libvpx-debugsource-1.11.0-150400.3.7.1 * openSUSE Leap 15.6 (x86_64) * libvpx7-32bit-debuginfo-1.11.0-150400.3.7.1 * libvpx7-32bit-1.11.0-150400.3.7.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * libvpx7-debuginfo-1.11.0-150400.3.7.1 * libvpx7-1.11.0-150400.3.7.1 * libvpx-devel-1.11.0-150400.3.7.1 * libvpx-debugsource-1.11.0-150400.3.7.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libvpx7-debuginfo-1.11.0-150400.3.7.1 * libvpx7-1.11.0-150400.3.7.1 * libvpx-devel-1.11.0-150400.3.7.1 * libvpx-debugsource-1.11.0-150400.3.7.1 * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x x86_64) * vpx-tools-1.11.0-150400.3.7.1 * vpx-tools-debuginfo-1.11.0-150400.3.7.1 * libvpx-debugsource-1.11.0-150400.3.7.1 * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64) * vpx-tools-1.11.0-150400.3.7.1 * vpx-tools-debuginfo-1.11.0-150400.3.7.1 * libvpx-debugsource-1.11.0-150400.3.7.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * libvpx7-debuginfo-1.11.0-150400.3.7.1 * libvpx7-1.11.0-150400.3.7.1 * libvpx-devel-1.11.0-150400.3.7.1 * libvpx-debugsource-1.11.0-150400.3.7.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * libvpx7-debuginfo-1.11.0-150400.3.7.1 * libvpx7-1.11.0-150400.3.7.1 * libvpx-devel-1.11.0-150400.3.7.1 * libvpx-debugsource-1.11.0-150400.3.7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * libvpx7-debuginfo-1.11.0-150400.3.7.1 * libvpx7-1.11.0-150400.3.7.1 * libvpx-devel-1.11.0-150400.3.7.1 * libvpx-debugsource-1.11.0-150400.3.7.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * libvpx7-debuginfo-1.11.0-150400.3.7.1 * libvpx7-1.11.0-150400.3.7.1 * libvpx-devel-1.11.0-150400.3.7.1 * libvpx-debugsource-1.11.0-150400.3.7.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * libvpx7-debuginfo-1.11.0-150400.3.7.1 * libvpx7-1.11.0-150400.3.7.1 * libvpx-devel-1.11.0-150400.3.7.1 * libvpx-debugsource-1.11.0-150400.3.7.1 * SUSE Manager Proxy 4.3 (x86_64) * libvpx7-debuginfo-1.11.0-150400.3.7.1 * libvpx7-1.11.0-150400.3.7.1 * libvpx-devel-1.11.0-150400.3.7.1 * libvpx-debugsource-1.11.0-150400.3.7.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * libvpx7-debuginfo-1.11.0-150400.3.7.1 * libvpx7-1.11.0-150400.3.7.1 * libvpx-devel-1.11.0-150400.3.7.1 * libvpx-debugsource-1.11.0-150400.3.7.1 ## References: * https://www.suse.com/security/cve/CVE-2023-44488.html * https://www.suse.com/security/cve/CVE-2023-6349.html * https://www.suse.com/security/cve/CVE-2024-5197.html * https://bugzilla.suse.com/show_bug.cgi?id=1216879 * https://bugzilla.suse.com/show_bug.cgi?id=1225403 * https://bugzilla.suse.com/show_bug.cgi?id=1225879 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Jul 11 16:33:09 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 11 Jul 2024 16:33:09 -0000 Subject: SUSE-SU-2024:2409-1: important: Security update for libvpx Message-ID: <172071558950.361.11100385600204141613@smelt2.prg2.suse.org> # Security update for libvpx Announcement ID: SUSE-SU-2024:2409-1 Rating: important References: * bsc#1216879 * bsc#1225403 * bsc#1225879 Cross-References: * CVE-2023-44488 * CVE-2023-6349 * CVE-2024-5197 CVSS scores: * CVE-2023-44488 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-44488 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6349 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-5197 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP5 * Basesystem Module 15-SP6 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 * SUSE Package Hub 15 15-SP5 * SUSE Package Hub 15 15-SP6 An update that solves three vulnerabilities can now be installed. ## Description: This update for libvpx fixes the following issues: * CVE-2024-5197: Fixed interger overflow when calling vpx_img_alloc() or vpx_img_wrap() with large parameters (bsc#1225879). * CVE-2023-6349: Fixed heap overflow when encoding a frame that has larger dimensions than the originally configured size (bsc#1225403). * CVE-2023-44488: Fixed heap buffer overflow in vp8 encoding (bsc#1216879). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-2409=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-2409=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-2409=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-2409=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-2409=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-2409=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-2409=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-2409=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-2409=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-2409=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-2409=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-2409=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-2409=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-2409=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-2409=1 ## Package List: * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * libvpx-debugsource-1.11.0-150400.3.7.1 * libvpx7-debuginfo-1.11.0-150400.3.7.1 * libvpx7-1.11.0-150400.3.7.1 * libvpx-devel-1.11.0-150400.3.7.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * libvpx7-1.11.0-150400.3.7.1 * libvpx-debugsource-1.11.0-150400.3.7.1 * vpx-tools-1.11.0-150400.3.7.1 * libvpx7-debuginfo-1.11.0-150400.3.7.1 * vpx-tools-debuginfo-1.11.0-150400.3.7.1 * libvpx-devel-1.11.0-150400.3.7.1 * openSUSE Leap 15.4 (x86_64) * libvpx7-32bit-1.11.0-150400.3.7.1 * libvpx7-32bit-debuginfo-1.11.0-150400.3.7.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libvpx7-64bit-1.11.0-150400.3.7.1 * libvpx7-64bit-debuginfo-1.11.0-150400.3.7.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * libvpx7-1.11.0-150400.3.7.1 * libvpx-debugsource-1.11.0-150400.3.7.1 * vpx-tools-1.11.0-150400.3.7.1 * libvpx7-debuginfo-1.11.0-150400.3.7.1 * vpx-tools-debuginfo-1.11.0-150400.3.7.1 * libvpx-devel-1.11.0-150400.3.7.1 * openSUSE Leap 15.5 (x86_64) * libvpx7-32bit-1.11.0-150400.3.7.1 * libvpx7-32bit-debuginfo-1.11.0-150400.3.7.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * libvpx7-1.11.0-150400.3.7.1 * libvpx-debugsource-1.11.0-150400.3.7.1 * vpx-tools-1.11.0-150400.3.7.1 * libvpx7-debuginfo-1.11.0-150400.3.7.1 * vpx-tools-debuginfo-1.11.0-150400.3.7.1 * libvpx-devel-1.11.0-150400.3.7.1 * openSUSE Leap 15.6 (x86_64) * libvpx7-32bit-1.11.0-150400.3.7.1 * libvpx7-32bit-debuginfo-1.11.0-150400.3.7.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * libvpx-debugsource-1.11.0-150400.3.7.1 * libvpx7-debuginfo-1.11.0-150400.3.7.1 * libvpx7-1.11.0-150400.3.7.1 * libvpx-devel-1.11.0-150400.3.7.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libvpx-debugsource-1.11.0-150400.3.7.1 * libvpx7-debuginfo-1.11.0-150400.3.7.1 * libvpx7-1.11.0-150400.3.7.1 * libvpx-devel-1.11.0-150400.3.7.1 * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x x86_64) * libvpx-debugsource-1.11.0-150400.3.7.1 * vpx-tools-1.11.0-150400.3.7.1 * vpx-tools-debuginfo-1.11.0-150400.3.7.1 * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64) * libvpx-debugsource-1.11.0-150400.3.7.1 * vpx-tools-1.11.0-150400.3.7.1 * vpx-tools-debuginfo-1.11.0-150400.3.7.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * libvpx-debugsource-1.11.0-150400.3.7.1 * libvpx7-debuginfo-1.11.0-150400.3.7.1 * libvpx7-1.11.0-150400.3.7.1 * libvpx-devel-1.11.0-150400.3.7.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * libvpx-debugsource-1.11.0-150400.3.7.1 * libvpx7-debuginfo-1.11.0-150400.3.7.1 * libvpx7-1.11.0-150400.3.7.1 * libvpx-devel-1.11.0-150400.3.7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * libvpx-debugsource-1.11.0-150400.3.7.1 * libvpx7-debuginfo-1.11.0-150400.3.7.1 * libvpx7-1.11.0-150400.3.7.1 * libvpx-devel-1.11.0-150400.3.7.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * libvpx-debugsource-1.11.0-150400.3.7.1 * libvpx7-debuginfo-1.11.0-150400.3.7.1 * libvpx7-1.11.0-150400.3.7.1 * libvpx-devel-1.11.0-150400.3.7.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * libvpx-debugsource-1.11.0-150400.3.7.1 * libvpx7-debuginfo-1.11.0-150400.3.7.1 * libvpx7-1.11.0-150400.3.7.1 * libvpx-devel-1.11.0-150400.3.7.1 * SUSE Manager Proxy 4.3 (x86_64) * libvpx-debugsource-1.11.0-150400.3.7.1 * libvpx7-debuginfo-1.11.0-150400.3.7.1 * libvpx7-1.11.0-150400.3.7.1 * libvpx-devel-1.11.0-150400.3.7.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * libvpx-debugsource-1.11.0-150400.3.7.1 * libvpx7-debuginfo-1.11.0-150400.3.7.1 * libvpx7-1.11.0-150400.3.7.1 * libvpx-devel-1.11.0-150400.3.7.1 ## References: * https://www.suse.com/security/cve/CVE-2023-44488.html * https://www.suse.com/security/cve/CVE-2023-6349.html * https://www.suse.com/security/cve/CVE-2024-5197.html * https://bugzilla.suse.com/show_bug.cgi?id=1216879 * https://bugzilla.suse.com/show_bug.cgi?id=1225403 * https://bugzilla.suse.com/show_bug.cgi?id=1225879 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Jul 11 16:36:11 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 11 Jul 2024 16:36:11 -0000 Subject: SUSE-SU-2024:2409-1: important: Security update for libvpx Message-ID: <172071577128.1748.10268847827802851071@smelt2.prg2.suse.org> # Security update for libvpx Announcement ID: SUSE-SU-2024:2409-1 Rating: important References: * bsc#1216879 * bsc#1225403 * bsc#1225879 Cross-References: * CVE-2023-44488 * CVE-2023-6349 * CVE-2024-5197 CVSS scores: * CVE-2023-44488 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-44488 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6349 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-5197 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP5 * Basesystem Module 15-SP6 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 * SUSE Package Hub 15 15-SP5 * SUSE Package Hub 15 15-SP6 An update that solves three vulnerabilities can now be installed. ## Description: This update for libvpx fixes the following issues: * CVE-2024-5197: Fixed interger overflow when calling vpx_img_alloc() or vpx_img_wrap() with large parameters (bsc#1225879). * CVE-2023-6349: Fixed heap overflow when encoding a frame that has larger dimensions than the originally configured size (bsc#1225403). * CVE-2023-44488: Fixed heap buffer overflow in vp8 encoding (bsc#1216879). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-2409=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-2409=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-2409=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-2409=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-2409=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-2409=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-2409=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-2409=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-2409=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-2409=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-2409=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-2409=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-2409=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-2409=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-2409=1 ## Package List: * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * libvpx-debugsource-1.11.0-150400.3.7.1 * libvpx7-debuginfo-1.11.0-150400.3.7.1 * libvpx7-1.11.0-150400.3.7.1 * libvpx-devel-1.11.0-150400.3.7.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * libvpx7-1.11.0-150400.3.7.1 * libvpx-debugsource-1.11.0-150400.3.7.1 * vpx-tools-1.11.0-150400.3.7.1 * libvpx7-debuginfo-1.11.0-150400.3.7.1 * vpx-tools-debuginfo-1.11.0-150400.3.7.1 * libvpx-devel-1.11.0-150400.3.7.1 * openSUSE Leap 15.4 (x86_64) * libvpx7-32bit-1.11.0-150400.3.7.1 * libvpx7-32bit-debuginfo-1.11.0-150400.3.7.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libvpx7-64bit-1.11.0-150400.3.7.1 * libvpx7-64bit-debuginfo-1.11.0-150400.3.7.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * libvpx7-1.11.0-150400.3.7.1 * libvpx-debugsource-1.11.0-150400.3.7.1 * vpx-tools-1.11.0-150400.3.7.1 * libvpx7-debuginfo-1.11.0-150400.3.7.1 * vpx-tools-debuginfo-1.11.0-150400.3.7.1 * libvpx-devel-1.11.0-150400.3.7.1 * openSUSE Leap 15.5 (x86_64) * libvpx7-32bit-1.11.0-150400.3.7.1 * libvpx7-32bit-debuginfo-1.11.0-150400.3.7.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * libvpx7-1.11.0-150400.3.7.1 * libvpx-debugsource-1.11.0-150400.3.7.1 * vpx-tools-1.11.0-150400.3.7.1 * libvpx7-debuginfo-1.11.0-150400.3.7.1 * vpx-tools-debuginfo-1.11.0-150400.3.7.1 * libvpx-devel-1.11.0-150400.3.7.1 * openSUSE Leap 15.6 (x86_64) * libvpx7-32bit-1.11.0-150400.3.7.1 * libvpx7-32bit-debuginfo-1.11.0-150400.3.7.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * libvpx-debugsource-1.11.0-150400.3.7.1 * libvpx7-debuginfo-1.11.0-150400.3.7.1 * libvpx7-1.11.0-150400.3.7.1 * libvpx-devel-1.11.0-150400.3.7.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libvpx-debugsource-1.11.0-150400.3.7.1 * libvpx7-debuginfo-1.11.0-150400.3.7.1 * libvpx7-1.11.0-150400.3.7.1 * libvpx-devel-1.11.0-150400.3.7.1 * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x x86_64) * libvpx-debugsource-1.11.0-150400.3.7.1 * vpx-tools-1.11.0-150400.3.7.1 * vpx-tools-debuginfo-1.11.0-150400.3.7.1 * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64) * libvpx-debugsource-1.11.0-150400.3.7.1 * vpx-tools-1.11.0-150400.3.7.1 * vpx-tools-debuginfo-1.11.0-150400.3.7.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * libvpx-debugsource-1.11.0-150400.3.7.1 * libvpx7-debuginfo-1.11.0-150400.3.7.1 * libvpx7-1.11.0-150400.3.7.1 * libvpx-devel-1.11.0-150400.3.7.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * libvpx-debugsource-1.11.0-150400.3.7.1 * libvpx7-debuginfo-1.11.0-150400.3.7.1 * libvpx7-1.11.0-150400.3.7.1 * libvpx-devel-1.11.0-150400.3.7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * libvpx-debugsource-1.11.0-150400.3.7.1 * libvpx7-debuginfo-1.11.0-150400.3.7.1 * libvpx7-1.11.0-150400.3.7.1 * libvpx-devel-1.11.0-150400.3.7.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * libvpx-debugsource-1.11.0-150400.3.7.1 * libvpx7-debuginfo-1.11.0-150400.3.7.1 * libvpx7-1.11.0-150400.3.7.1 * libvpx-devel-1.11.0-150400.3.7.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * libvpx-debugsource-1.11.0-150400.3.7.1 * libvpx7-debuginfo-1.11.0-150400.3.7.1 * libvpx7-1.11.0-150400.3.7.1 * libvpx-devel-1.11.0-150400.3.7.1 * SUSE Manager Proxy 4.3 (x86_64) * libvpx-debugsource-1.11.0-150400.3.7.1 * libvpx7-debuginfo-1.11.0-150400.3.7.1 * libvpx7-1.11.0-150400.3.7.1 * libvpx-devel-1.11.0-150400.3.7.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * libvpx-debugsource-1.11.0-150400.3.7.1 * libvpx7-debuginfo-1.11.0-150400.3.7.1 * libvpx7-1.11.0-150400.3.7.1 * libvpx-devel-1.11.0-150400.3.7.1 ## References: * https://www.suse.com/security/cve/CVE-2023-44488.html * https://www.suse.com/security/cve/CVE-2023-6349.html * https://www.suse.com/security/cve/CVE-2024-5197.html * https://bugzilla.suse.com/show_bug.cgi?id=1216879 * https://bugzilla.suse.com/show_bug.cgi?id=1225403 * https://bugzilla.suse.com/show_bug.cgi?id=1225879 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Jul 11 16:39:13 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 11 Jul 2024 16:39:13 -0000 Subject: SUSE-SU-2024:2409-1: important: Security update for libvpx Message-ID: <172071595395.32747.17033827856382659952@smelt2.prg2.suse.org> # Security update for libvpx Announcement ID: SUSE-SU-2024:2409-1 Rating: important References: * bsc#1216879 * bsc#1225403 * bsc#1225879 Cross-References: * CVE-2023-44488 * CVE-2023-6349 * CVE-2024-5197 CVSS scores: * CVE-2023-44488 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-44488 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6349 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-5197 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP5 * Basesystem Module 15-SP6 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 * SUSE Package Hub 15 15-SP5 * SUSE Package Hub 15 15-SP6 An update that solves three vulnerabilities can now be installed. ## Description: This update for libvpx fixes the following issues: * CVE-2024-5197: Fixed interger overflow when calling vpx_img_alloc() or vpx_img_wrap() with large parameters (bsc#1225879). * CVE-2023-6349: Fixed heap overflow when encoding a frame that has larger dimensions than the originally configured size (bsc#1225403). * CVE-2023-44488: Fixed heap buffer overflow in vp8 encoding (bsc#1216879). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-2409=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-2409=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-2409=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-2409=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-2409=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-2409=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-2409=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-2409=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-2409=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-2409=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-2409=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-2409=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-2409=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-2409=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-2409=1 ## Package List: * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * libvpx7-debuginfo-1.11.0-150400.3.7.1 * libvpx7-1.11.0-150400.3.7.1 * libvpx-devel-1.11.0-150400.3.7.1 * libvpx-debugsource-1.11.0-150400.3.7.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * libvpx7-debuginfo-1.11.0-150400.3.7.1 * libvpx7-1.11.0-150400.3.7.1 * libvpx-devel-1.11.0-150400.3.7.1 * vpx-tools-1.11.0-150400.3.7.1 * vpx-tools-debuginfo-1.11.0-150400.3.7.1 * libvpx-debugsource-1.11.0-150400.3.7.1 * openSUSE Leap 15.4 (x86_64) * libvpx7-32bit-debuginfo-1.11.0-150400.3.7.1 * libvpx7-32bit-1.11.0-150400.3.7.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libvpx7-64bit-1.11.0-150400.3.7.1 * libvpx7-64bit-debuginfo-1.11.0-150400.3.7.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * libvpx7-debuginfo-1.11.0-150400.3.7.1 * libvpx7-1.11.0-150400.3.7.1 * libvpx-devel-1.11.0-150400.3.7.1 * vpx-tools-1.11.0-150400.3.7.1 * vpx-tools-debuginfo-1.11.0-150400.3.7.1 * libvpx-debugsource-1.11.0-150400.3.7.1 * openSUSE Leap 15.5 (x86_64) * libvpx7-32bit-debuginfo-1.11.0-150400.3.7.1 * libvpx7-32bit-1.11.0-150400.3.7.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * libvpx7-debuginfo-1.11.0-150400.3.7.1 * libvpx7-1.11.0-150400.3.7.1 * libvpx-devel-1.11.0-150400.3.7.1 * vpx-tools-1.11.0-150400.3.7.1 * vpx-tools-debuginfo-1.11.0-150400.3.7.1 * libvpx-debugsource-1.11.0-150400.3.7.1 * openSUSE Leap 15.6 (x86_64) * libvpx7-32bit-debuginfo-1.11.0-150400.3.7.1 * libvpx7-32bit-1.11.0-150400.3.7.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * libvpx7-debuginfo-1.11.0-150400.3.7.1 * libvpx7-1.11.0-150400.3.7.1 * libvpx-devel-1.11.0-150400.3.7.1 * libvpx-debugsource-1.11.0-150400.3.7.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libvpx7-debuginfo-1.11.0-150400.3.7.1 * libvpx7-1.11.0-150400.3.7.1 * libvpx-devel-1.11.0-150400.3.7.1 * libvpx-debugsource-1.11.0-150400.3.7.1 * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x x86_64) * vpx-tools-1.11.0-150400.3.7.1 * vpx-tools-debuginfo-1.11.0-150400.3.7.1 * libvpx-debugsource-1.11.0-150400.3.7.1 * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64) * vpx-tools-1.11.0-150400.3.7.1 * vpx-tools-debuginfo-1.11.0-150400.3.7.1 * libvpx-debugsource-1.11.0-150400.3.7.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * libvpx7-debuginfo-1.11.0-150400.3.7.1 * libvpx7-1.11.0-150400.3.7.1 * libvpx-devel-1.11.0-150400.3.7.1 * libvpx-debugsource-1.11.0-150400.3.7.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * libvpx7-debuginfo-1.11.0-150400.3.7.1 * libvpx7-1.11.0-150400.3.7.1 * libvpx-devel-1.11.0-150400.3.7.1 * libvpx-debugsource-1.11.0-150400.3.7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * libvpx7-debuginfo-1.11.0-150400.3.7.1 * libvpx7-1.11.0-150400.3.7.1 * libvpx-devel-1.11.0-150400.3.7.1 * libvpx-debugsource-1.11.0-150400.3.7.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * libvpx7-debuginfo-1.11.0-150400.3.7.1 * libvpx7-1.11.0-150400.3.7.1 * libvpx-devel-1.11.0-150400.3.7.1 * libvpx-debugsource-1.11.0-150400.3.7.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * libvpx7-debuginfo-1.11.0-150400.3.7.1 * libvpx7-1.11.0-150400.3.7.1 * libvpx-devel-1.11.0-150400.3.7.1 * libvpx-debugsource-1.11.0-150400.3.7.1 * SUSE Manager Proxy 4.3 (x86_64) * libvpx7-debuginfo-1.11.0-150400.3.7.1 * libvpx7-1.11.0-150400.3.7.1 * libvpx-devel-1.11.0-150400.3.7.1 * libvpx-debugsource-1.11.0-150400.3.7.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * libvpx7-debuginfo-1.11.0-150400.3.7.1 * libvpx7-1.11.0-150400.3.7.1 * libvpx-devel-1.11.0-150400.3.7.1 * libvpx-debugsource-1.11.0-150400.3.7.1 ## References: * https://www.suse.com/security/cve/CVE-2023-44488.html * https://www.suse.com/security/cve/CVE-2023-6349.html * https://www.suse.com/security/cve/CVE-2024-5197.html * https://bugzilla.suse.com/show_bug.cgi?id=1216879 * https://bugzilla.suse.com/show_bug.cgi?id=1225403 * https://bugzilla.suse.com/show_bug.cgi?id=1225879 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Jul 11 20:30:04 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 11 Jul 2024 20:30:04 -0000 Subject: SUSE-SU-2024:2413-1: important: Security update for tomcat10 Message-ID: <172072980402.3874.11654652554992821765@smelt2.prg2.suse.org> # Security update for tomcat10 Announcement ID: SUSE-SU-2024:2413-1 Rating: important References: * bsc#1227399 Cross-References: * CVE-2024-34750 CVSS scores: * CVE-2024-34750 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * Web and Scripting Module 15-SP5 * Web and Scripting Module 15-SP6 An update that solves one vulnerability can now be installed. ## Description: This update for tomcat10 fixes the following issues: * CVE-2024-34750: Fixed an improper handling of exceptional conditions (bsc#1227399). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-2413=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-2413=1 * Web and Scripting Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Web-Scripting-15-SP5-2024-2413=1 * Web and Scripting Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Web-Scripting-15-SP6-2024-2413=1 ## Package List: * openSUSE Leap 15.5 (noarch) * tomcat10-admin-webapps-10.1.25-150200.5.25.1 * tomcat10-servlet-6_0-api-10.1.25-150200.5.25.1 * tomcat10-10.1.25-150200.5.25.1 * tomcat10-lib-10.1.25-150200.5.25.1 * tomcat10-docs-webapp-10.1.25-150200.5.25.1 * tomcat10-jsp-3_1-api-10.1.25-150200.5.25.1 * tomcat10-jsvc-10.1.25-150200.5.25.1 * tomcat10-embed-10.1.25-150200.5.25.1 * tomcat10-webapps-10.1.25-150200.5.25.1 * tomcat10-el-5_0-api-10.1.25-150200.5.25.1 * openSUSE Leap 15.6 (noarch) * tomcat10-admin-webapps-10.1.25-150200.5.25.1 * tomcat10-servlet-6_0-api-10.1.25-150200.5.25.1 * tomcat10-10.1.25-150200.5.25.1 * tomcat10-lib-10.1.25-150200.5.25.1 * tomcat10-docs-webapp-10.1.25-150200.5.25.1 * tomcat10-doc-10.1.25-150200.5.25.1 * tomcat10-jsp-3_1-api-10.1.25-150200.5.25.1 * tomcat10-jsvc-10.1.25-150200.5.25.1 * tomcat10-embed-10.1.25-150200.5.25.1 * tomcat10-webapps-10.1.25-150200.5.25.1 * tomcat10-el-5_0-api-10.1.25-150200.5.25.1 * Web and Scripting Module 15-SP5 (noarch) * tomcat10-admin-webapps-10.1.25-150200.5.25.1 * tomcat10-servlet-6_0-api-10.1.25-150200.5.25.1 * tomcat10-10.1.25-150200.5.25.1 * tomcat10-lib-10.1.25-150200.5.25.1 * tomcat10-jsp-3_1-api-10.1.25-150200.5.25.1 * tomcat10-webapps-10.1.25-150200.5.25.1 * tomcat10-el-5_0-api-10.1.25-150200.5.25.1 * Web and Scripting Module 15-SP6 (noarch) * tomcat10-admin-webapps-10.1.25-150200.5.25.1 * tomcat10-servlet-6_0-api-10.1.25-150200.5.25.1 * tomcat10-10.1.25-150200.5.25.1 * tomcat10-lib-10.1.25-150200.5.25.1 * tomcat10-jsp-3_1-api-10.1.25-150200.5.25.1 * tomcat10-webapps-10.1.25-150200.5.25.1 * tomcat10-el-5_0-api-10.1.25-150200.5.25.1 ## References: * https://www.suse.com/security/cve/CVE-2024-34750.html * https://bugzilla.suse.com/show_bug.cgi?id=1227399 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Jul 11 20:30:06 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 11 Jul 2024 20:30:06 -0000 Subject: SUSE-SU-2024:2409-1: important: Security update for libvpx Message-ID: <172072980625.3874.10160688875707026061@smelt2.prg2.suse.org> # Security update for libvpx Announcement ID: SUSE-SU-2024:2409-1 Rating: important References: * bsc#1216879 * bsc#1225403 * bsc#1225879 Cross-References: * CVE-2023-44488 * CVE-2023-6349 * CVE-2024-5197 CVSS scores: * CVE-2023-44488 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-44488 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6349 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-5197 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP5 * Basesystem Module 15-SP6 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 * SUSE Package Hub 15 15-SP5 * SUSE Package Hub 15 15-SP6 An update that solves three vulnerabilities can now be installed. ## Description: This update for libvpx fixes the following issues: * CVE-2024-5197: Fixed interger overflow when calling vpx_img_alloc() or vpx_img_wrap() with large parameters (bsc#1225879). * CVE-2023-6349: Fixed heap overflow when encoding a frame that has larger dimensions than the originally configured size (bsc#1225403). * CVE-2023-44488: Fixed heap buffer overflow in vp8 encoding (bsc#1216879). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-2409=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-2409=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-2409=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-2409=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-2409=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-2409=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-2409=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-2409=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-2409=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-2409=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-2409=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-2409=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-2409=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-2409=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-2409=1 ## Package List: * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * libvpx7-debuginfo-1.11.0-150400.3.7.1 * libvpx7-1.11.0-150400.3.7.1 * libvpx-devel-1.11.0-150400.3.7.1 * libvpx-debugsource-1.11.0-150400.3.7.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * libvpx7-debuginfo-1.11.0-150400.3.7.1 * libvpx7-1.11.0-150400.3.7.1 * libvpx-devel-1.11.0-150400.3.7.1 * vpx-tools-1.11.0-150400.3.7.1 * vpx-tools-debuginfo-1.11.0-150400.3.7.1 * libvpx-debugsource-1.11.0-150400.3.7.1 * openSUSE Leap 15.4 (x86_64) * libvpx7-32bit-debuginfo-1.11.0-150400.3.7.1 * libvpx7-32bit-1.11.0-150400.3.7.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libvpx7-64bit-1.11.0-150400.3.7.1 * libvpx7-64bit-debuginfo-1.11.0-150400.3.7.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * libvpx7-debuginfo-1.11.0-150400.3.7.1 * libvpx7-1.11.0-150400.3.7.1 * libvpx-devel-1.11.0-150400.3.7.1 * vpx-tools-1.11.0-150400.3.7.1 * vpx-tools-debuginfo-1.11.0-150400.3.7.1 * libvpx-debugsource-1.11.0-150400.3.7.1 * openSUSE Leap 15.5 (x86_64) * libvpx7-32bit-debuginfo-1.11.0-150400.3.7.1 * libvpx7-32bit-1.11.0-150400.3.7.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * libvpx7-debuginfo-1.11.0-150400.3.7.1 * libvpx7-1.11.0-150400.3.7.1 * libvpx-devel-1.11.0-150400.3.7.1 * vpx-tools-1.11.0-150400.3.7.1 * vpx-tools-debuginfo-1.11.0-150400.3.7.1 * libvpx-debugsource-1.11.0-150400.3.7.1 * openSUSE Leap 15.6 (x86_64) * libvpx7-32bit-debuginfo-1.11.0-150400.3.7.1 * libvpx7-32bit-1.11.0-150400.3.7.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * libvpx7-debuginfo-1.11.0-150400.3.7.1 * libvpx7-1.11.0-150400.3.7.1 * libvpx-devel-1.11.0-150400.3.7.1 * libvpx-debugsource-1.11.0-150400.3.7.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libvpx7-debuginfo-1.11.0-150400.3.7.1 * libvpx7-1.11.0-150400.3.7.1 * libvpx-devel-1.11.0-150400.3.7.1 * libvpx-debugsource-1.11.0-150400.3.7.1 * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x x86_64) * vpx-tools-1.11.0-150400.3.7.1 * vpx-tools-debuginfo-1.11.0-150400.3.7.1 * libvpx-debugsource-1.11.0-150400.3.7.1 * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64) * vpx-tools-1.11.0-150400.3.7.1 * vpx-tools-debuginfo-1.11.0-150400.3.7.1 * libvpx-debugsource-1.11.0-150400.3.7.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * libvpx7-debuginfo-1.11.0-150400.3.7.1 * libvpx7-1.11.0-150400.3.7.1 * libvpx-devel-1.11.0-150400.3.7.1 * libvpx-debugsource-1.11.0-150400.3.7.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * libvpx7-debuginfo-1.11.0-150400.3.7.1 * libvpx7-1.11.0-150400.3.7.1 * libvpx-devel-1.11.0-150400.3.7.1 * libvpx-debugsource-1.11.0-150400.3.7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * libvpx7-debuginfo-1.11.0-150400.3.7.1 * libvpx7-1.11.0-150400.3.7.1 * libvpx-devel-1.11.0-150400.3.7.1 * libvpx-debugsource-1.11.0-150400.3.7.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * libvpx7-debuginfo-1.11.0-150400.3.7.1 * libvpx7-1.11.0-150400.3.7.1 * libvpx-devel-1.11.0-150400.3.7.1 * libvpx-debugsource-1.11.0-150400.3.7.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * libvpx7-debuginfo-1.11.0-150400.3.7.1 * libvpx7-1.11.0-150400.3.7.1 * libvpx-devel-1.11.0-150400.3.7.1 * libvpx-debugsource-1.11.0-150400.3.7.1 * SUSE Manager Proxy 4.3 (x86_64) * libvpx7-debuginfo-1.11.0-150400.3.7.1 * libvpx7-1.11.0-150400.3.7.1 * libvpx-devel-1.11.0-150400.3.7.1 * libvpx-debugsource-1.11.0-150400.3.7.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * libvpx7-debuginfo-1.11.0-150400.3.7.1 * libvpx7-1.11.0-150400.3.7.1 * libvpx-devel-1.11.0-150400.3.7.1 * libvpx-debugsource-1.11.0-150400.3.7.1 ## References: * https://www.suse.com/security/cve/CVE-2023-44488.html * https://www.suse.com/security/cve/CVE-2023-6349.html * https://www.suse.com/security/cve/CVE-2024-5197.html * https://bugzilla.suse.com/show_bug.cgi?id=1216879 * https://bugzilla.suse.com/show_bug.cgi?id=1225403 * https://bugzilla.suse.com/show_bug.cgi?id=1225879 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Jul 11 20:30:09 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 11 Jul 2024 20:30:09 -0000 Subject: SUSE-SU-2024:2408-1: important: Security update for libvpx Message-ID: <172072980983.3874.14849244646224320698@smelt2.prg2.suse.org> # Security update for libvpx Announcement ID: SUSE-SU-2024:2408-1 Rating: important References: * bsc#1225403 * bsc#1225879 Cross-References: * CVE-2023-6349 * CVE-2024-5197 CVSS scores: * CVE-2023-6349 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-5197 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * Desktop Applications Module 15-SP5 * Desktop Applications Module 15-SP6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves two vulnerabilities can now be installed. ## Description: This update for libvpx fixes the following issues: * CVE-2024-5197: Fixed interger overflow when calling vpx_img_alloc() or vpx_img_wrap() with large parameters (bsc#1225879). * CVE-2023-6349: Fixed heap overflow when encoding a frame that has larger dimensions than the originally configured size (bsc#1225403). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Desktop Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP5-2024-2408=1 * Desktop Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2024-2408=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-2408=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-2408=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-2408=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-2408=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-2408=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-2408=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-2408=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-2408=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-2408=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-2408=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-2408=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-2408=1 ## Package List: * Desktop Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * libvpx4-debuginfo-1.6.1-150000.6.16.1 * libvpx4-1.6.1-150000.6.16.1 * libvpx-debugsource-1.6.1-150000.6.16.1 * Desktop Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libvpx4-debuginfo-1.6.1-150000.6.16.1 * libvpx4-1.6.1-150000.6.16.1 * libvpx-debugsource-1.6.1-150000.6.16.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * libvpx-devel-1.6.1-150000.6.16.1 * libvpx4-debuginfo-1.6.1-150000.6.16.1 * libvpx4-1.6.1-150000.6.16.1 * libvpx-debugsource-1.6.1-150000.6.16.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * libvpx-devel-1.6.1-150000.6.16.1 * libvpx4-debuginfo-1.6.1-150000.6.16.1 * libvpx4-1.6.1-150000.6.16.1 * libvpx-debugsource-1.6.1-150000.6.16.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * libvpx4-debuginfo-1.6.1-150000.6.16.1 * libvpx4-1.6.1-150000.6.16.1 * libvpx-debugsource-1.6.1-150000.6.16.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * libvpx4-debuginfo-1.6.1-150000.6.16.1 * libvpx4-1.6.1-150000.6.16.1 * libvpx-debugsource-1.6.1-150000.6.16.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * libvpx4-debuginfo-1.6.1-150000.6.16.1 * libvpx4-1.6.1-150000.6.16.1 * libvpx-debugsource-1.6.1-150000.6.16.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * libvpx-devel-1.6.1-150000.6.16.1 * libvpx4-debuginfo-1.6.1-150000.6.16.1 * libvpx4-1.6.1-150000.6.16.1 * libvpx-debugsource-1.6.1-150000.6.16.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * libvpx-devel-1.6.1-150000.6.16.1 * libvpx4-debuginfo-1.6.1-150000.6.16.1 * libvpx4-1.6.1-150000.6.16.1 * libvpx-debugsource-1.6.1-150000.6.16.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * libvpx4-debuginfo-1.6.1-150000.6.16.1 * libvpx4-1.6.1-150000.6.16.1 * libvpx-debugsource-1.6.1-150000.6.16.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * libvpx-devel-1.6.1-150000.6.16.1 * libvpx4-debuginfo-1.6.1-150000.6.16.1 * libvpx4-1.6.1-150000.6.16.1 * libvpx-debugsource-1.6.1-150000.6.16.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * libvpx-devel-1.6.1-150000.6.16.1 * libvpx4-debuginfo-1.6.1-150000.6.16.1 * libvpx4-1.6.1-150000.6.16.1 * libvpx-debugsource-1.6.1-150000.6.16.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * libvpx4-debuginfo-1.6.1-150000.6.16.1 * libvpx4-1.6.1-150000.6.16.1 * libvpx-debugsource-1.6.1-150000.6.16.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * libvpx-devel-1.6.1-150000.6.16.1 * libvpx4-debuginfo-1.6.1-150000.6.16.1 * libvpx4-1.6.1-150000.6.16.1 * libvpx-debugsource-1.6.1-150000.6.16.1 ## References: * https://www.suse.com/security/cve/CVE-2023-6349.html * https://www.suse.com/security/cve/CVE-2024-5197.html * https://bugzilla.suse.com/show_bug.cgi?id=1225403 * https://bugzilla.suse.com/show_bug.cgi?id=1225879 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Jul 11 20:30:15 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 11 Jul 2024 20:30:15 -0000 Subject: SUSE-SU-2024:2405-1: important: Security update for apache2 Message-ID: <172072981589.3874.15682726413554755838@smelt2.prg2.suse.org> # Security update for apache2 Announcement ID: SUSE-SU-2024:2405-1 Rating: important References: * bsc#1227270 * bsc#1227271 Cross-References: * CVE-2024-38477 * CVE-2024-39573 CVSS scores: * CVE-2024-38477 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-39573 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * Server Applications Module 15-SP6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Package Hub 15 15-SP6 An update that solves two vulnerabilities can now be installed. ## Description: This update for apache2 fixes the following issues: * CVE-2024-38477: Fixed null pointer dereference in mod_proxy (bsc#1227270) * CVE-2024-39573: Fixed potential SSRF in mod_rewrite (bsc#1227271) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-2405=1 SUSE-2024-2405=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-2405=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-2405=1 * Server Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2024-2405=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * apache2-prefork-2.4.58-150600.5.11.1 * apache2-debuginfo-2.4.58-150600.5.11.1 * apache2-event-2.4.58-150600.5.11.1 * apache2-debugsource-2.4.58-150600.5.11.1 * apache2-utils-2.4.58-150600.5.11.1 * apache2-utils-debuginfo-2.4.58-150600.5.11.1 * apache2-event-debuginfo-2.4.58-150600.5.11.1 * apache2-utils-debugsource-2.4.58-150600.5.11.1 * apache2-event-debugsource-2.4.58-150600.5.11.1 * apache2-2.4.58-150600.5.11.1 * apache2-devel-2.4.58-150600.5.11.1 * apache2-prefork-debuginfo-2.4.58-150600.5.11.1 * apache2-worker-2.4.58-150600.5.11.1 * apache2-worker-debugsource-2.4.58-150600.5.11.1 * apache2-worker-debuginfo-2.4.58-150600.5.11.1 * apache2-prefork-debugsource-2.4.58-150600.5.11.1 * openSUSE Leap 15.6 (noarch) * apache2-manual-2.4.58-150600.5.11.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * apache2-prefork-2.4.58-150600.5.11.1 * apache2-debuginfo-2.4.58-150600.5.11.1 * apache2-debugsource-2.4.58-150600.5.11.1 * apache2-2.4.58-150600.5.11.1 * apache2-prefork-debuginfo-2.4.58-150600.5.11.1 * apache2-prefork-debugsource-2.4.58-150600.5.11.1 * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64) * apache2-event-2.4.58-150600.5.11.1 * apache2-debuginfo-2.4.58-150600.5.11.1 * apache2-debugsource-2.4.58-150600.5.11.1 * apache2-event-debuginfo-2.4.58-150600.5.11.1 * apache2-event-debugsource-2.4.58-150600.5.11.1 * Server Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * apache2-utils-2.4.58-150600.5.11.1 * apache2-utils-debuginfo-2.4.58-150600.5.11.1 * apache2-utils-debugsource-2.4.58-150600.5.11.1 * apache2-worker-2.4.58-150600.5.11.1 * apache2-devel-2.4.58-150600.5.11.1 * apache2-worker-debugsource-2.4.58-150600.5.11.1 * apache2-worker-debuginfo-2.4.58-150600.5.11.1 ## References: * https://www.suse.com/security/cve/CVE-2024-38477.html * https://www.suse.com/security/cve/CVE-2024-39573.html * https://bugzilla.suse.com/show_bug.cgi?id=1227270 * https://bugzilla.suse.com/show_bug.cgi?id=1227271 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Jul 11 20:30:18 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 11 Jul 2024 20:30:18 -0000 Subject: SUSE-SU-2024:2401-1: moderate: Security update for oniguruma Message-ID: <172072981805.3874.5278048561953124251@smelt2.prg2.suse.org> # Security update for oniguruma Announcement ID: SUSE-SU-2024:2401-1 Rating: moderate References: * bsc#1141157 Cross-References: * CVE-2019-13225 CVSS scores: * CVE-2019-13225 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2019-13225 ( SUSE ): 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2019-13225 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2019-13225 ( NVD ): 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP5 * Basesystem Module 15-SP6 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for oniguruma fixes the following issues: * CVE-2019-13225: Fixed null-pointer dereference in match_at() in regexec.c (bsc#1141157). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-2401=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-2401=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-2401=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-2401=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-2401=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-2401=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-2401=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-2401=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-2401=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-2401=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-2401=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-2401=1 ## Package List: * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * libonig4-debuginfo-6.7.0-150000.3.6.1 * libonig4-6.7.0-150000.3.6.1 * oniguruma-debugsource-6.7.0-150000.3.6.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * libonig4-debuginfo-6.7.0-150000.3.6.1 * libonig4-6.7.0-150000.3.6.1 * oniguruma-debugsource-6.7.0-150000.3.6.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * libonig4-debuginfo-6.7.0-150000.3.6.1 * libonig4-6.7.0-150000.3.6.1 * oniguruma-debugsource-6.7.0-150000.3.6.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * libonig4-debuginfo-6.7.0-150000.3.6.1 * libonig4-6.7.0-150000.3.6.1 * oniguruma-devel-6.7.0-150000.3.6.1 * oniguruma-debugsource-6.7.0-150000.3.6.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libonig4-debuginfo-6.7.0-150000.3.6.1 * libonig4-6.7.0-150000.3.6.1 * oniguruma-devel-6.7.0-150000.3.6.1 * oniguruma-debugsource-6.7.0-150000.3.6.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * libonig4-debuginfo-6.7.0-150000.3.6.1 * libonig4-6.7.0-150000.3.6.1 * oniguruma-debugsource-6.7.0-150000.3.6.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * libonig4-debuginfo-6.7.0-150000.3.6.1 * libonig4-6.7.0-150000.3.6.1 * oniguruma-debugsource-6.7.0-150000.3.6.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * libonig4-debuginfo-6.7.0-150000.3.6.1 * libonig4-6.7.0-150000.3.6.1 * oniguruma-debugsource-6.7.0-150000.3.6.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * libonig4-debuginfo-6.7.0-150000.3.6.1 * libonig4-6.7.0-150000.3.6.1 * oniguruma-devel-6.7.0-150000.3.6.1 * oniguruma-debugsource-6.7.0-150000.3.6.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * libonig4-debuginfo-6.7.0-150000.3.6.1 * libonig4-6.7.0-150000.3.6.1 * oniguruma-devel-6.7.0-150000.3.6.1 * oniguruma-debugsource-6.7.0-150000.3.6.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * libonig4-debuginfo-6.7.0-150000.3.6.1 * libonig4-6.7.0-150000.3.6.1 * oniguruma-debugsource-6.7.0-150000.3.6.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * libonig4-debuginfo-6.7.0-150000.3.6.1 * libonig4-6.7.0-150000.3.6.1 * oniguruma-debugsource-6.7.0-150000.3.6.1 ## References: * https://www.suse.com/security/cve/CVE-2019-13225.html * https://bugzilla.suse.com/show_bug.cgi?id=1141157 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Jul 11 20:30:19 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 11 Jul 2024 20:30:19 -0000 Subject: SUSE-SU-2024:2400-1: low: Security update for python-zipp Message-ID: <172072981978.3874.10984365649290055085@smelt2.prg2.suse.org> # Security update for python-zipp Announcement ID: SUSE-SU-2024:2400-1 Rating: low References: * bsc#1227547 Cross-References: * CVE-2024-5569 CVSS scores: * CVE-2024-5569 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * Public Cloud Module 15-SP4 * Python 3 Module 15-SP5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for python-zipp fixes the following issues: * CVE-2024-5569: Fixed DoS vulnerability when processing a specially crafted zip file (bsc#1227547). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-2400=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-2400=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-2400=1 * Public Cloud Module 15-SP4 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2024-2400=1 * Python 3 Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Python3-15-SP5-2024-2400=1 ## Package List: * openSUSE Leap 15.4 (noarch) * python311-zipp-3.15.0-150400.10.10.1 * openSUSE Leap 15.5 (noarch) * python311-zipp-3.15.0-150400.10.10.1 * openSUSE Leap 15.6 (noarch) * python311-zipp-3.15.0-150400.10.10.1 * Public Cloud Module 15-SP4 (noarch) * python311-zipp-3.15.0-150400.10.10.1 * Python 3 Module 15-SP5 (noarch) * python311-zipp-3.15.0-150400.10.10.1 ## References: * https://www.suse.com/security/cve/CVE-2024-5569.html * https://bugzilla.suse.com/show_bug.cgi?id=1227547 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Jul 11 20:30:21 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 11 Jul 2024 20:30:21 -0000 Subject: SUSE-SU-2024:2399-1: important: Security update for MozillaFirefox Message-ID: <172072982193.3874.17381682248429733021@smelt2.prg2.suse.org> # Security update for MozillaFirefox Announcement ID: SUSE-SU-2024:2399-1 Rating: important References: * bsc#1225278 * bsc#1226316 Cross-References: * CVE-2024-5688 * CVE-2024-5690 * CVE-2024-5691 * CVE-2024-5692 * CVE-2024-5693 * CVE-2024-5696 * CVE-2024-5700 * CVE-2024-5702 * CVE-2024-6600 * CVE-2024-6601 * CVE-2024-6602 * CVE-2024-6603 * CVE-2024-6604 CVSS scores: Affected Products: * Desktop Applications Module 15-SP5 * Desktop Applications Module 15-SP6 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves 13 vulnerabilities can now be installed. ## Description: This update for MozillaFirefox fixes the following issues: Update to Firefox Extended Support Release 115.13.0 ESR (MFSA 2024-30, bsc#1226316): * CVE-2024-6600: Memory corruption in WebGL API * CVE-2024-6601: Race condition in permission assignment * CVE-2024-6602: Memory corruption in NSS * CVE-2024-6603: Memory corruption in thread creation * CVE-2024-6604: Memory safety bugs fixed in Firefox 128, Firefox ESR 115.13, and Thunderbird 115.13 Other fixes: * Fix GNOME search provider (bsc#1225278) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-2399=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-2399=1 * Desktop Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP5-2024-2399=1 * Desktop Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2024-2399=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-2399=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-2399=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-2399=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-2399=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-2399=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-2399=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-2399=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-2399=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-2399=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-2399=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-2399=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-2399=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * MozillaFirefox-debuginfo-115.13.0-150200.152.143.1 * MozillaFirefox-branding-upstream-115.13.0-150200.152.143.1 * MozillaFirefox-debugsource-115.13.0-150200.152.143.1 * MozillaFirefox-translations-other-115.13.0-150200.152.143.1 * MozillaFirefox-115.13.0-150200.152.143.1 * MozillaFirefox-translations-common-115.13.0-150200.152.143.1 * openSUSE Leap 15.5 (noarch) * MozillaFirefox-devel-115.13.0-150200.152.143.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * MozillaFirefox-debuginfo-115.13.0-150200.152.143.1 * MozillaFirefox-branding-upstream-115.13.0-150200.152.143.1 * MozillaFirefox-debugsource-115.13.0-150200.152.143.1 * MozillaFirefox-translations-other-115.13.0-150200.152.143.1 * MozillaFirefox-115.13.0-150200.152.143.1 * MozillaFirefox-translations-common-115.13.0-150200.152.143.1 * openSUSE Leap 15.6 (noarch) * MozillaFirefox-devel-115.13.0-150200.152.143.1 * Desktop Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * MozillaFirefox-debuginfo-115.13.0-150200.152.143.1 * MozillaFirefox-debugsource-115.13.0-150200.152.143.1 * MozillaFirefox-translations-other-115.13.0-150200.152.143.1 * MozillaFirefox-115.13.0-150200.152.143.1 * MozillaFirefox-translations-common-115.13.0-150200.152.143.1 * Desktop Applications Module 15-SP5 (noarch) * MozillaFirefox-devel-115.13.0-150200.152.143.1 * Desktop Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * MozillaFirefox-debuginfo-115.13.0-150200.152.143.1 * MozillaFirefox-debugsource-115.13.0-150200.152.143.1 * MozillaFirefox-translations-other-115.13.0-150200.152.143.1 * MozillaFirefox-115.13.0-150200.152.143.1 * MozillaFirefox-translations-common-115.13.0-150200.152.143.1 * Desktop Applications Module 15-SP6 (noarch) * MozillaFirefox-devel-115.13.0-150200.152.143.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * MozillaFirefox-debuginfo-115.13.0-150200.152.143.1 * MozillaFirefox-debugsource-115.13.0-150200.152.143.1 * MozillaFirefox-translations-other-115.13.0-150200.152.143.1 * MozillaFirefox-115.13.0-150200.152.143.1 * MozillaFirefox-translations-common-115.13.0-150200.152.143.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (noarch) * MozillaFirefox-devel-115.13.0-150200.152.143.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * MozillaFirefox-debuginfo-115.13.0-150200.152.143.1 * MozillaFirefox-debugsource-115.13.0-150200.152.143.1 * MozillaFirefox-translations-other-115.13.0-150200.152.143.1 * MozillaFirefox-115.13.0-150200.152.143.1 * MozillaFirefox-translations-common-115.13.0-150200.152.143.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * MozillaFirefox-devel-115.13.0-150200.152.143.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * MozillaFirefox-debuginfo-115.13.0-150200.152.143.1 * MozillaFirefox-debugsource-115.13.0-150200.152.143.1 * MozillaFirefox-translations-other-115.13.0-150200.152.143.1 * MozillaFirefox-115.13.0-150200.152.143.1 * MozillaFirefox-translations-common-115.13.0-150200.152.143.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * MozillaFirefox-devel-115.13.0-150200.152.143.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * MozillaFirefox-debuginfo-115.13.0-150200.152.143.1 * MozillaFirefox-debugsource-115.13.0-150200.152.143.1 * MozillaFirefox-translations-other-115.13.0-150200.152.143.1 * MozillaFirefox-115.13.0-150200.152.143.1 * MozillaFirefox-translations-common-115.13.0-150200.152.143.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * MozillaFirefox-devel-115.13.0-150200.152.143.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * MozillaFirefox-debuginfo-115.13.0-150200.152.143.1 * MozillaFirefox-debugsource-115.13.0-150200.152.143.1 * MozillaFirefox-translations-other-115.13.0-150200.152.143.1 * MozillaFirefox-115.13.0-150200.152.143.1 * MozillaFirefox-translations-common-115.13.0-150200.152.143.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (noarch) * MozillaFirefox-devel-115.13.0-150200.152.143.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * MozillaFirefox-debuginfo-115.13.0-150200.152.143.1 * MozillaFirefox-debugsource-115.13.0-150200.152.143.1 * MozillaFirefox-translations-other-115.13.0-150200.152.143.1 * MozillaFirefox-115.13.0-150200.152.143.1 * MozillaFirefox-translations-common-115.13.0-150200.152.143.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (noarch) * MozillaFirefox-devel-115.13.0-150200.152.143.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * MozillaFirefox-debuginfo-115.13.0-150200.152.143.1 * MozillaFirefox-debugsource-115.13.0-150200.152.143.1 * MozillaFirefox-translations-other-115.13.0-150200.152.143.1 * MozillaFirefox-115.13.0-150200.152.143.1 * MozillaFirefox-translations-common-115.13.0-150200.152.143.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch) * MozillaFirefox-devel-115.13.0-150200.152.143.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * MozillaFirefox-debuginfo-115.13.0-150200.152.143.1 * MozillaFirefox-debugsource-115.13.0-150200.152.143.1 * MozillaFirefox-translations-other-115.13.0-150200.152.143.1 * MozillaFirefox-115.13.0-150200.152.143.1 * MozillaFirefox-translations-common-115.13.0-150200.152.143.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch) * MozillaFirefox-devel-115.13.0-150200.152.143.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * MozillaFirefox-debuginfo-115.13.0-150200.152.143.1 * MozillaFirefox-debugsource-115.13.0-150200.152.143.1 * MozillaFirefox-translations-other-115.13.0-150200.152.143.1 * MozillaFirefox-115.13.0-150200.152.143.1 * MozillaFirefox-translations-common-115.13.0-150200.152.143.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (noarch) * MozillaFirefox-devel-115.13.0-150200.152.143.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * MozillaFirefox-debuginfo-115.13.0-150200.152.143.1 * MozillaFirefox-debugsource-115.13.0-150200.152.143.1 * MozillaFirefox-translations-other-115.13.0-150200.152.143.1 * MozillaFirefox-115.13.0-150200.152.143.1 * MozillaFirefox-translations-common-115.13.0-150200.152.143.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * MozillaFirefox-devel-115.13.0-150200.152.143.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * MozillaFirefox-debuginfo-115.13.0-150200.152.143.1 * MozillaFirefox-debugsource-115.13.0-150200.152.143.1 * MozillaFirefox-translations-other-115.13.0-150200.152.143.1 * MozillaFirefox-115.13.0-150200.152.143.1 * MozillaFirefox-translations-common-115.13.0-150200.152.143.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * MozillaFirefox-devel-115.13.0-150200.152.143.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * MozillaFirefox-debuginfo-115.13.0-150200.152.143.1 * MozillaFirefox-debugsource-115.13.0-150200.152.143.1 * MozillaFirefox-translations-other-115.13.0-150200.152.143.1 * MozillaFirefox-115.13.0-150200.152.143.1 * MozillaFirefox-translations-common-115.13.0-150200.152.143.1 * SUSE Enterprise Storage 7.1 (noarch) * MozillaFirefox-devel-115.13.0-150200.152.143.1 ## References: * https://www.suse.com/security/cve/CVE-2024-5688.html * https://www.suse.com/security/cve/CVE-2024-5690.html * https://www.suse.com/security/cve/CVE-2024-5691.html * https://www.suse.com/security/cve/CVE-2024-5692.html * https://www.suse.com/security/cve/CVE-2024-5693.html * https://www.suse.com/security/cve/CVE-2024-5696.html * https://www.suse.com/security/cve/CVE-2024-5700.html * https://www.suse.com/security/cve/CVE-2024-5702.html * https://www.suse.com/security/cve/CVE-2024-6600.html * https://www.suse.com/security/cve/CVE-2024-6601.html * https://www.suse.com/security/cve/CVE-2024-6602.html * https://www.suse.com/security/cve/CVE-2024-6603.html * https://www.suse.com/security/cve/CVE-2024-6604.html * https://bugzilla.suse.com/show_bug.cgi?id=1225278 * https://bugzilla.suse.com/show_bug.cgi?id=1226316 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Jul 11 20:30:23 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 11 Jul 2024 20:30:23 -0000 Subject: SUSE-SU-2024:2397-1: low: Security update for python-zipp Message-ID: <172072982387.3874.10340333831398209637@smelt2.prg2.suse.org> # Security update for python-zipp Announcement ID: SUSE-SU-2024:2397-1 Rating: low References: * bsc#1227547 Cross-References: * CVE-2024-5569 CVSS scores: * CVE-2024-5569 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L Affected Products: * openSUSE Leap 15.6 * Python 3 Module 15-SP6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for python-zipp fixes the following issues: * CVE-2024-5569: Fixed DoS vulnerability when processing a specially crafted zip file (bsc#1227547). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-2397=1 openSUSE-SLE-15.6-2024-2397=1 * Python 3 Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Python3-15-SP6-2024-2397=1 ## Package List: * openSUSE Leap 15.6 (noarch) * python311-zipp-3.17.0-150600.3.3.1 * Python 3 Module 15-SP6 (noarch) * python311-zipp-3.17.0-150600.3.3.1 ## References: * https://www.suse.com/security/cve/CVE-2024-5569.html * https://bugzilla.suse.com/show_bug.cgi?id=1227547 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Jul 12 12:30:10 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 12 Jul 2024 12:30:10 -0000 Subject: SUSE-SU-2024:2415-1: moderate: Security update for MozillaThunderbird Message-ID: <172078741056.21399.11151842245086605733@smelt2.prg2.suse.org> # Security update for MozillaThunderbird Announcement ID: SUSE-SU-2024:2415-1 Rating: moderate References: * bsc#1226495 * bsc#1227239 Cross-References: * CVE-2024-34703 CVSS scores: * CVE-2024-34703 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Workstation Extension 15 SP5 * SUSE Linux Enterprise Workstation Extension 15 SP6 * SUSE Package Hub 15 15-SP5 * SUSE Package Hub 15 15-SP6 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for MozillaThunderbird fixes the following issues: Security fixes: * CVE-2024-34703: Fixed denial of service due to overly large elliptic curve parameters in Botan (bsc#1227239) Other fixes: * Mozilla Thunderbird 115.12.1 * 115.12.0 got pulled because of upstream automation process errors and Windows installer signing changes. No code changes, changelog is the same as 115.12.0 (bsc#1226495) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-2415=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-2415=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-2415=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-2415=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-2415=1 * SUSE Linux Enterprise Workstation Extension 15 SP5 zypper in -t patch SUSE-SLE-Product-WE-15-SP5-2024-2415=1 * SUSE Linux Enterprise Workstation Extension 15 SP6 zypper in -t patch SUSE-SLE-Product-WE-15-SP6-2024-2415=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * MozillaThunderbird-115.12.2-150200.8.168.1 * MozillaThunderbird-translations-common-115.12.2-150200.8.168.1 * MozillaThunderbird-debuginfo-115.12.2-150200.8.168.1 * MozillaThunderbird-translations-other-115.12.2-150200.8.168.1 * MozillaThunderbird-debugsource-115.12.2-150200.8.168.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * MozillaThunderbird-115.12.2-150200.8.168.1 * MozillaThunderbird-translations-common-115.12.2-150200.8.168.1 * MozillaThunderbird-debuginfo-115.12.2-150200.8.168.1 * MozillaThunderbird-translations-other-115.12.2-150200.8.168.1 * MozillaThunderbird-debugsource-115.12.2-150200.8.168.1 * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x) * MozillaThunderbird-115.12.2-150200.8.168.1 * MozillaThunderbird-translations-common-115.12.2-150200.8.168.1 * MozillaThunderbird-debuginfo-115.12.2-150200.8.168.1 * MozillaThunderbird-translations-other-115.12.2-150200.8.168.1 * MozillaThunderbird-debugsource-115.12.2-150200.8.168.1 * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x) * MozillaThunderbird-115.12.2-150200.8.168.1 * MozillaThunderbird-translations-common-115.12.2-150200.8.168.1 * MozillaThunderbird-debuginfo-115.12.2-150200.8.168.1 * MozillaThunderbird-translations-other-115.12.2-150200.8.168.1 * MozillaThunderbird-debugsource-115.12.2-150200.8.168.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * MozillaThunderbird-115.12.2-150200.8.168.1 * MozillaThunderbird-translations-common-115.12.2-150200.8.168.1 * MozillaThunderbird-debuginfo-115.12.2-150200.8.168.1 * MozillaThunderbird-translations-other-115.12.2-150200.8.168.1 * MozillaThunderbird-debugsource-115.12.2-150200.8.168.1 * SUSE Linux Enterprise Workstation Extension 15 SP5 (x86_64) * MozillaThunderbird-115.12.2-150200.8.168.1 * MozillaThunderbird-translations-common-115.12.2-150200.8.168.1 * MozillaThunderbird-debuginfo-115.12.2-150200.8.168.1 * MozillaThunderbird-translations-other-115.12.2-150200.8.168.1 * MozillaThunderbird-debugsource-115.12.2-150200.8.168.1 * SUSE Linux Enterprise Workstation Extension 15 SP6 (x86_64) * MozillaThunderbird-115.12.2-150200.8.168.1 * MozillaThunderbird-translations-common-115.12.2-150200.8.168.1 * MozillaThunderbird-debuginfo-115.12.2-150200.8.168.1 * MozillaThunderbird-translations-other-115.12.2-150200.8.168.1 * MozillaThunderbird-debugsource-115.12.2-150200.8.168.1 ## References: * https://www.suse.com/security/cve/CVE-2024-34703.html * https://bugzilla.suse.com/show_bug.cgi?id=1226495 * https://bugzilla.suse.com/show_bug.cgi?id=1227239 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Jul 12 12:30:12 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 12 Jul 2024 12:30:12 -0000 Subject: SUSE-SU-2024:2414-1: low: Security update for python310 Message-ID: <172078741235.21399.13604482606065845319@smelt2.prg2.suse.org> # Security update for python310 Announcement ID: SUSE-SU-2024:2414-1 Rating: low References: * bsc#1226448 Cross-References: * CVE-2024-4032 CVSS scores: * CVE-2024-4032 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.5 * Public Cloud Module 15-SP4 * Python 3 Module 15-SP5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for python310 fixes the following issues: * CVE-2024-4032: Rearranging definition of private v global IP. (bsc#1226448) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Public Cloud Module 15-SP4 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2024-2414=1 * Python 3 Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Python3-15-SP5-2024-2414=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-2414=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-2414=1 ## Package List: * Public Cloud Module 15-SP4 (aarch64 ppc64le s390x x86_64) * python311-3.11.9-150400.9.29.1 * libpython3_11-1_0-3.11.9-150400.9.29.1 * python311-base-3.11.9-150400.9.29.1 * Python 3 Module 15-SP5 (aarch64 ppc64le s390x x86_64) * python311-3.11.9-150400.9.29.1 * python311-base-3.11.9-150400.9.29.1 * python311-idle-3.11.9-150400.9.29.1 * python311-base-debuginfo-3.11.9-150400.9.29.1 * python311-devel-3.11.9-150400.9.29.1 * python311-core-debugsource-3.11.9-150400.9.29.1 * python311-curses-3.11.9-150400.9.29.1 * python311-doc-devhelp-3.11.9-150400.9.29.1 * libpython3_11-1_0-3.11.9-150400.9.29.1 * python311-debuginfo-3.11.9-150400.9.29.1 * python311-dbm-3.11.9-150400.9.29.1 * python311-doc-3.11.9-150400.9.29.1 * python311-tk-3.11.9-150400.9.29.1 * python311-debugsource-3.11.9-150400.9.29.1 * python311-tk-debuginfo-3.11.9-150400.9.29.1 * python311-tools-3.11.9-150400.9.29.1 * libpython3_11-1_0-debuginfo-3.11.9-150400.9.29.1 * python311-dbm-debuginfo-3.11.9-150400.9.29.1 * python311-curses-debuginfo-3.11.9-150400.9.29.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * python311-tk-3.11.9-150400.9.29.1 * python311-tk-debuginfo-3.11.9-150400.9.29.1 * python311-core-debugsource-3.11.9-150400.9.29.1 * python311-tools-3.11.9-150400.9.29.1 * python311-doc-3.11.9-150400.9.29.1 * python311-curses-3.11.9-150400.9.29.1 * python311-devel-3.11.9-150400.9.29.1 * python311-dbm-debuginfo-3.11.9-150400.9.29.1 * python311-3.11.9-150400.9.29.1 * python311-base-3.11.9-150400.9.29.1 * python311-curses-debuginfo-3.11.9-150400.9.29.1 * python311-debuginfo-3.11.9-150400.9.29.1 * python311-debugsource-3.11.9-150400.9.29.1 * python311-idle-3.11.9-150400.9.29.1 * python311-base-debuginfo-3.11.9-150400.9.29.1 * python311-testsuite-3.11.9-150400.9.29.1 * python311-testsuite-debuginfo-3.11.9-150400.9.29.1 * python311-doc-devhelp-3.11.9-150400.9.29.1 * libpython3_11-1_0-3.11.9-150400.9.29.1 * python311-dbm-3.11.9-150400.9.29.1 * libpython3_11-1_0-debuginfo-3.11.9-150400.9.29.1 * openSUSE Leap 15.4 (x86_64) * python311-base-32bit-debuginfo-3.11.9-150400.9.29.1 * python311-base-32bit-3.11.9-150400.9.29.1 * libpython3_11-1_0-32bit-3.11.9-150400.9.29.1 * libpython3_11-1_0-32bit-debuginfo-3.11.9-150400.9.29.1 * python311-32bit-3.11.9-150400.9.29.1 * python311-32bit-debuginfo-3.11.9-150400.9.29.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libpython3_11-1_0-64bit-debuginfo-3.11.9-150400.9.29.1 * python311-64bit-3.11.9-150400.9.29.1 * python311-base-64bit-3.11.9-150400.9.29.1 * python311-64bit-debuginfo-3.11.9-150400.9.29.1 * python311-base-64bit-debuginfo-3.11.9-150400.9.29.1 * libpython3_11-1_0-64bit-3.11.9-150400.9.29.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * python311-tk-3.11.9-150400.9.29.1 * python311-tk-debuginfo-3.11.9-150400.9.29.1 * python311-core-debugsource-3.11.9-150400.9.29.1 * python311-tools-3.11.9-150400.9.29.1 * python311-curses-3.11.9-150400.9.29.1 * python311-doc-3.11.9-150400.9.29.1 * python311-devel-3.11.9-150400.9.29.1 * python311-dbm-debuginfo-3.11.9-150400.9.29.1 * python311-3.11.9-150400.9.29.1 * python311-base-3.11.9-150400.9.29.1 * python311-curses-debuginfo-3.11.9-150400.9.29.1 * python311-debuginfo-3.11.9-150400.9.29.1 * python311-debugsource-3.11.9-150400.9.29.1 * python311-idle-3.11.9-150400.9.29.1 * python311-base-debuginfo-3.11.9-150400.9.29.1 * python311-testsuite-3.11.9-150400.9.29.1 * python311-testsuite-debuginfo-3.11.9-150400.9.29.1 * python311-doc-devhelp-3.11.9-150400.9.29.1 * libpython3_11-1_0-3.11.9-150400.9.29.1 * python311-dbm-3.11.9-150400.9.29.1 * libpython3_11-1_0-debuginfo-3.11.9-150400.9.29.1 * openSUSE Leap 15.5 (x86_64) * python311-base-32bit-debuginfo-3.11.9-150400.9.29.1 * python311-base-32bit-3.11.9-150400.9.29.1 * libpython3_11-1_0-32bit-3.11.9-150400.9.29.1 * libpython3_11-1_0-32bit-debuginfo-3.11.9-150400.9.29.1 * python311-32bit-3.11.9-150400.9.29.1 * python311-32bit-debuginfo-3.11.9-150400.9.29.1 ## References: * https://www.suse.com/security/cve/CVE-2024-4032.html * https://bugzilla.suse.com/show_bug.cgi?id=1226448 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Jul 12 16:30:03 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 12 Jul 2024 16:30:03 -0000 Subject: SUSE-SU-2024:2474-1: important: Security update for the Linux Kernel (Live Patch 13 for SLE 15 SP5) Message-ID: <172080180399.8462.10772770003205138138@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 13 for SLE 15 SP5) Announcement ID: SUSE-SU-2024:2474-1 Rating: important References: * bsc#1223363 * bsc#1223683 Cross-References: * CVE-2024-26828 * CVE-2024-26923 CVSS scores: * CVE-2024-26828 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H * CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves two vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_55_62 fixes several issues. The following security issues were fixed: * CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683). * CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223363). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-2474=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-2474=1 ## Package List: * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_62-default-2-150500.11.6.1 * kernel-livepatch-5_14_21-150500_55_62-default-debuginfo-2-150500.11.6.1 * kernel-livepatch-SLE15-SP5_Update_13-debugsource-2-150500.11.6.1 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_62-default-2-150500.11.6.1 * kernel-livepatch-5_14_21-150500_55_62-default-debuginfo-2-150500.11.6.1 * kernel-livepatch-SLE15-SP5_Update_13-debugsource-2-150500.11.6.1 ## References: * https://www.suse.com/security/cve/CVE-2024-26828.html * https://www.suse.com/security/cve/CVE-2024-26923.html * https://bugzilla.suse.com/show_bug.cgi?id=1223363 * https://bugzilla.suse.com/show_bug.cgi?id=1223683 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Jul 12 16:30:08 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 12 Jul 2024 16:30:08 -0000 Subject: SUSE-SU-2024:2473-1: important: Security update for the Linux Kernel (Live Patch 12 for SLE 15 SP5) Message-ID: <172080180832.8462.12382789599027338844@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 12 for SLE 15 SP5) Announcement ID: SUSE-SU-2024:2473-1 Rating: important References: * bsc#1221302 * bsc#1223059 * bsc#1223363 * bsc#1223514 * bsc#1223683 Cross-References: * CVE-2022-48651 * CVE-2024-26610 * CVE-2024-26828 * CVE-2024-26852 * CVE-2024-26923 CVSS scores: * CVE-2022-48651 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26610 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-26828 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H * CVE-2024-26852 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves five vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_55_59 fixes several issues. The following security issues were fixed: * CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683). * CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223363). * CVE-2024-26852: Fixed use-after-free in ip6_route_mpath_notify() (bsc#1223059). * CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221302). * CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223514). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-2473=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-2473=1 ## Package List: * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_59-default-debuginfo-4-150500.11.10.1 * kernel-livepatch-5_14_21-150500_55_59-default-4-150500.11.10.1 * kernel-livepatch-SLE15-SP5_Update_12-debugsource-4-150500.11.10.1 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_59-default-debuginfo-4-150500.11.10.1 * kernel-livepatch-5_14_21-150500_55_59-default-4-150500.11.10.1 * kernel-livepatch-SLE15-SP5_Update_12-debugsource-4-150500.11.10.1 ## References: * https://www.suse.com/security/cve/CVE-2022-48651.html * https://www.suse.com/security/cve/CVE-2024-26610.html * https://www.suse.com/security/cve/CVE-2024-26828.html * https://www.suse.com/security/cve/CVE-2024-26852.html * https://www.suse.com/security/cve/CVE-2024-26923.html * https://bugzilla.suse.com/show_bug.cgi?id=1221302 * https://bugzilla.suse.com/show_bug.cgi?id=1223059 * https://bugzilla.suse.com/show_bug.cgi?id=1223363 * https://bugzilla.suse.com/show_bug.cgi?id=1223514 * https://bugzilla.suse.com/show_bug.cgi?id=1223683 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Jul 12 16:30:12 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 12 Jul 2024 16:30:12 -0000 Subject: SUSE-SU-2024:2472-1: important: Security update for the Linux Kernel (Live Patch 11 for SLE 15 SP5) Message-ID: <172080181234.8462.1290551084937433045@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 11 for SLE 15 SP5) Announcement ID: SUSE-SU-2024:2472-1 Rating: important References: * bsc#1220145 * bsc#1220832 * bsc#1221302 * bsc#1222685 * bsc#1223059 * bsc#1223363 * bsc#1223514 * bsc#1223681 * bsc#1223683 Cross-References: * CVE-2022-48651 * CVE-2023-52502 * CVE-2023-6546 * CVE-2024-23307 * CVE-2024-26610 * CVE-2024-26828 * CVE-2024-26852 * CVE-2024-26923 * CVE-2024-26930 CVSS scores: * CVE-2022-48651 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52502 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26610 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-26828 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H * CVE-2024-26852 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26930 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26930 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves nine vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_55_52 fixes several issues. The following security issues were fixed: * CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683). * CVE-2024-26930: Fixed double free of the ha->vp_map pointer (bsc#1223681). * CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223363). * CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5 modules (bsc#1220145). * CVE-2024-26852: Fixed use-after-free in ip6_route_mpath_notify() (bsc#1223059). * CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221302). * CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223514). * CVE-2023-52502: Fixed a race condition in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() (bsc#1220832). * CVE-2023-6546: Fixed a race condition in the GSM 0710 tty multiplexor via the GSMIOC_SETCONF ioctl that could lead to local privilege escalation (bsc#1222685). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-2472=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-2472=1 ## Package List: * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_52-default-debuginfo-4-150500.11.6.1 * kernel-livepatch-SLE15-SP5_Update_11-debugsource-4-150500.11.6.1 * kernel-livepatch-5_14_21-150500_55_52-default-4-150500.11.6.1 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_52-default-debuginfo-4-150500.11.6.1 * kernel-livepatch-SLE15-SP5_Update_11-debugsource-4-150500.11.6.1 * kernel-livepatch-5_14_21-150500_55_52-default-4-150500.11.6.1 ## References: * https://www.suse.com/security/cve/CVE-2022-48651.html * https://www.suse.com/security/cve/CVE-2023-52502.html * https://www.suse.com/security/cve/CVE-2023-6546.html * https://www.suse.com/security/cve/CVE-2024-23307.html * https://www.suse.com/security/cve/CVE-2024-26610.html * https://www.suse.com/security/cve/CVE-2024-26828.html * https://www.suse.com/security/cve/CVE-2024-26852.html * https://www.suse.com/security/cve/CVE-2024-26923.html * https://www.suse.com/security/cve/CVE-2024-26930.html * https://bugzilla.suse.com/show_bug.cgi?id=1220145 * https://bugzilla.suse.com/show_bug.cgi?id=1220832 * https://bugzilla.suse.com/show_bug.cgi?id=1221302 * https://bugzilla.suse.com/show_bug.cgi?id=1222685 * https://bugzilla.suse.com/show_bug.cgi?id=1223059 * https://bugzilla.suse.com/show_bug.cgi?id=1223363 * https://bugzilla.suse.com/show_bug.cgi?id=1223514 * https://bugzilla.suse.com/show_bug.cgi?id=1223681 * https://bugzilla.suse.com/show_bug.cgi?id=1223683 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Jul 12 16:30:14 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 12 Jul 2024 16:30:14 -0000 Subject: SUSE-SU-2024:2449-1: important: Security update for the Linux Kernel (Live Patch 26 for SLE 15 SP4) Message-ID: <172080181463.8462.12859972276623069941@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 26 for SLE 15 SP4) Announcement ID: SUSE-SU-2024:2449-1 Rating: important References: * bsc#1223059 * bsc#1223363 * bsc#1223681 * bsc#1223683 Cross-References: * CVE-2024-26828 * CVE-2024-26852 * CVE-2024-26923 * CVE-2024-26930 CVSS scores: * CVE-2024-26828 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H * CVE-2024-26852 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26930 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26930 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves four vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150400_24_119 fixes several issues. The following security issues were fixed: * CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683). * CVE-2024-26930: Fixed double free of the ha->vp_map pointer (bsc#1223681). * CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223363). * CVE-2024-26852: Fixed use-after-free in ip6_route_mpath_notify() (bsc#1223059). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-2449=1 * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2024-2449=1 ## Package List: * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP4_Update_26-debugsource-3-150400.9.6.1 * kernel-livepatch-5_14_21-150400_24_119-default-debuginfo-3-150400.9.6.1 * kernel-livepatch-5_14_21-150400_24_119-default-3-150400.9.6.1 * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP4_Update_26-debugsource-3-150400.9.6.1 * kernel-livepatch-5_14_21-150400_24_119-default-debuginfo-3-150400.9.6.1 * kernel-livepatch-5_14_21-150400_24_119-default-3-150400.9.6.1 ## References: * https://www.suse.com/security/cve/CVE-2024-26828.html * https://www.suse.com/security/cve/CVE-2024-26852.html * https://www.suse.com/security/cve/CVE-2024-26923.html * https://www.suse.com/security/cve/CVE-2024-26930.html * https://bugzilla.suse.com/show_bug.cgi?id=1223059 * https://bugzilla.suse.com/show_bug.cgi?id=1223363 * https://bugzilla.suse.com/show_bug.cgi?id=1223681 * https://bugzilla.suse.com/show_bug.cgi?id=1223683 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Jul 12 16:30:17 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 12 Jul 2024 16:30:17 -0000 Subject: SUSE-SU-2024:2448-1: important: Security update for the Linux Kernel (Live Patch 25 for SLE 15 SP4) Message-ID: <172080181735.8462.2862860525502659747@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 25 for SLE 15 SP4) Announcement ID: SUSE-SU-2024:2448-1 Rating: important References: * bsc#1220145 * bsc#1221302 * bsc#1222882 * bsc#1223059 * bsc#1223363 * bsc#1223514 * bsc#1223681 * bsc#1223683 Cross-References: * CVE-2022-48651 * CVE-2024-23307 * CVE-2024-26610 * CVE-2024-26766 * CVE-2024-26828 * CVE-2024-26852 * CVE-2024-26923 * CVE-2024-26930 CVSS scores: * CVE-2022-48651 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26610 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-26766 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26828 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H * CVE-2024-26852 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26930 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26930 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves eight vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150400_24_116 fixes several issues. The following security issues were fixed: * CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683). * CVE-2024-26930: Fixed double free of the ha->vp_map pointer (bsc#1223681). * CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223363). * CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5 modules (bsc#1220145). * CVE-2024-26852: Fixed use-after-free in ip6_route_mpath_notify() (bsc#1223059). * CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221302). * CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223514). * CVE-2024-26766: Fixed SDMA off-by-one error in _pad_sdma_tx_descs() (bsc#1222882). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-2448=1 * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2024-2448=1 ## Package List: * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_116-default-debuginfo-4-150400.9.8.1 * kernel-livepatch-SLE15-SP4_Update_25-debugsource-4-150400.9.8.1 * kernel-livepatch-5_14_21-150400_24_116-default-4-150400.9.8.1 * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_116-default-debuginfo-4-150400.9.8.1 * kernel-livepatch-SLE15-SP4_Update_25-debugsource-4-150400.9.8.1 * kernel-livepatch-5_14_21-150400_24_116-default-4-150400.9.8.1 ## References: * https://www.suse.com/security/cve/CVE-2022-48651.html * https://www.suse.com/security/cve/CVE-2024-23307.html * https://www.suse.com/security/cve/CVE-2024-26610.html * https://www.suse.com/security/cve/CVE-2024-26766.html * https://www.suse.com/security/cve/CVE-2024-26828.html * https://www.suse.com/security/cve/CVE-2024-26852.html * https://www.suse.com/security/cve/CVE-2024-26923.html * https://www.suse.com/security/cve/CVE-2024-26930.html * https://bugzilla.suse.com/show_bug.cgi?id=1220145 * https://bugzilla.suse.com/show_bug.cgi?id=1221302 * https://bugzilla.suse.com/show_bug.cgi?id=1222882 * https://bugzilla.suse.com/show_bug.cgi?id=1223059 * https://bugzilla.suse.com/show_bug.cgi?id=1223363 * https://bugzilla.suse.com/show_bug.cgi?id=1223514 * https://bugzilla.suse.com/show_bug.cgi?id=1223681 * https://bugzilla.suse.com/show_bug.cgi?id=1223683 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Jul 12 16:30:20 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 12 Jul 2024 16:30:20 -0000 Subject: SUSE-SU-2024:2447-1: important: Security update for the Linux Kernel (Live Patch 24 for SLE 15 SP4) Message-ID: <172080182047.8462.1712318531488059349@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 24 for SLE 15 SP4) Announcement ID: SUSE-SU-2024:2447-1 Rating: important References: * bsc#1220145 * bsc#1220832 * bsc#1221302 * bsc#1222685 * bsc#1222882 * bsc#1223059 * bsc#1223363 * bsc#1223514 * bsc#1223681 * bsc#1223683 Cross-References: * CVE-2022-48651 * CVE-2023-52502 * CVE-2023-6546 * CVE-2024-23307 * CVE-2024-26610 * CVE-2024-26766 * CVE-2024-26828 * CVE-2024-26852 * CVE-2024-26923 * CVE-2024-26930 CVSS scores: * CVE-2022-48651 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52502 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26610 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-26766 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26828 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H * CVE-2024-26852 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26930 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26930 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves 10 vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150400_24_111 fixes several issues. The following security issues were fixed: * CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683). * CVE-2024-26930: Fixed double free of the ha->vp_map pointer (bsc#1223681). * CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223363). * CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5 modules (bsc#1220145). * CVE-2024-26852: Fixed use-after-free in ip6_route_mpath_notify() (bsc#1223059). * CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221302). * CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223514). * CVE-2024-26766: Fixed SDMA off-by-one error in _pad_sdma_tx_descs() (bsc#1222882). * CVE-2023-52502: Fixed a race condition in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() (bsc#1220832). * CVE-2023-6546: Fixed a race condition in the GSM 0710 tty multiplexor via the GSMIOC_SETCONF ioctl that could lead to local privilege escalation (bsc#1222685). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-2447=1 * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2024-2447=1 ## Package List: * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_111-default-4-150400.9.6.1 * kernel-livepatch-5_14_21-150400_24_111-default-debuginfo-4-150400.9.6.1 * kernel-livepatch-SLE15-SP4_Update_24-debugsource-4-150400.9.6.1 * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_111-default-4-150400.9.6.1 * kernel-livepatch-5_14_21-150400_24_111-default-debuginfo-4-150400.9.6.1 * kernel-livepatch-SLE15-SP4_Update_24-debugsource-4-150400.9.6.1 ## References: * https://www.suse.com/security/cve/CVE-2022-48651.html * https://www.suse.com/security/cve/CVE-2023-52502.html * https://www.suse.com/security/cve/CVE-2023-6546.html * https://www.suse.com/security/cve/CVE-2024-23307.html * https://www.suse.com/security/cve/CVE-2024-26610.html * https://www.suse.com/security/cve/CVE-2024-26766.html * https://www.suse.com/security/cve/CVE-2024-26828.html * https://www.suse.com/security/cve/CVE-2024-26852.html * https://www.suse.com/security/cve/CVE-2024-26923.html * https://www.suse.com/security/cve/CVE-2024-26930.html * https://bugzilla.suse.com/show_bug.cgi?id=1220145 * https://bugzilla.suse.com/show_bug.cgi?id=1220832 * https://bugzilla.suse.com/show_bug.cgi?id=1221302 * https://bugzilla.suse.com/show_bug.cgi?id=1222685 * https://bugzilla.suse.com/show_bug.cgi?id=1222882 * https://bugzilla.suse.com/show_bug.cgi?id=1223059 * https://bugzilla.suse.com/show_bug.cgi?id=1223363 * https://bugzilla.suse.com/show_bug.cgi?id=1223514 * https://bugzilla.suse.com/show_bug.cgi?id=1223681 * https://bugzilla.suse.com/show_bug.cgi?id=1223683 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Jul 12 16:30:24 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 12 Jul 2024 16:30:24 -0000 Subject: SUSE-SU-2024:2446-1: important: Security update for the Linux Kernel (Live Patch 10 for SLE 15 SP5) Message-ID: <172080182454.8462.15581836489513692844@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 10 for SLE 15 SP5) Announcement ID: SUSE-SU-2024:2446-1 Rating: important References: * bsc#1219296 * bsc#1220145 * bsc#1220211 * bsc#1220828 * bsc#1220832 * bsc#1221302 * bsc#1222685 * bsc#1222882 * bsc#1223059 * bsc#1223363 * bsc#1223514 * bsc#1223681 * bsc#1223683 Cross-References: * CVE-2022-48651 * CVE-2023-52340 * CVE-2023-52502 * CVE-2023-6546 * CVE-2024-23307 * CVE-2024-26585 * CVE-2024-26610 * CVE-2024-26622 * CVE-2024-26766 * CVE-2024-26828 * CVE-2024-26852 * CVE-2024-26923 * CVE-2024-26930 CVSS scores: * CVE-2022-48651 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52340 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52340 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52502 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26585 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26585 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26610 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-26622 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26766 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26828 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H * CVE-2024-26852 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26930 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26930 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves 13 vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_55_49 fixes several issues. The following security issues were fixed: * CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683). * CVE-2024-26930: Fixed double free of the ha->vp_map pointer (bsc#1223681). * CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223363). * CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5 modules (bsc#1220145). * CVE-2024-26852: Fixed use-after-free in ip6_route_mpath_notify() (bsc#1223059). * CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221302). * CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223514). * CVE-2024-26766: Fixed SDMA off-by-one error in _pad_sdma_tx_descs() (bsc#1222882). * CVE-2023-52502: Fixed a race condition in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() (bsc#1220832). * CVE-2024-26585: Fixed race between tx work scheduling and socket close (bsc#1220211). * CVE-2023-6546: Fixed a race condition in the GSM 0710 tty multiplexor via the GSMIOC_SETCONF ioctl that could lead to local privilege escalation (bsc#1222685). * CVE-2024-26622: Fixed UAF write bug in tomoyo_write_control() (bsc#1220828). * CVE-2023-52340: Fixed a denial of service related to ICMPv6 'Packet Too Big' packets (bsc#1219296). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-2446=1 * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2024-2446=1 * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-2471=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-2471=1 ## Package List: * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP4_Update_23-debugsource-6-150400.9.8.1 * kernel-livepatch-5_14_21-150400_24_108-default-debuginfo-6-150400.9.8.1 * kernel-livepatch-5_14_21-150400_24_108-default-6-150400.9.8.1 * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP4_Update_23-debugsource-6-150400.9.8.1 * kernel-livepatch-5_14_21-150400_24_108-default-debuginfo-6-150400.9.8.1 * kernel-livepatch-5_14_21-150400_24_108-default-6-150400.9.8.1 * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP5_Update_10-debugsource-6-150500.11.8.1 * kernel-livepatch-5_14_21-150500_55_49-default-6-150500.11.8.1 * kernel-livepatch-5_14_21-150500_55_49-default-debuginfo-6-150500.11.8.1 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP5_Update_10-debugsource-6-150500.11.8.1 * kernel-livepatch-5_14_21-150500_55_49-default-6-150500.11.8.1 * kernel-livepatch-5_14_21-150500_55_49-default-debuginfo-6-150500.11.8.1 ## References: * https://www.suse.com/security/cve/CVE-2022-48651.html * https://www.suse.com/security/cve/CVE-2023-52340.html * https://www.suse.com/security/cve/CVE-2023-52502.html * https://www.suse.com/security/cve/CVE-2023-6546.html * https://www.suse.com/security/cve/CVE-2024-23307.html * https://www.suse.com/security/cve/CVE-2024-26585.html * https://www.suse.com/security/cve/CVE-2024-26610.html * https://www.suse.com/security/cve/CVE-2024-26622.html * https://www.suse.com/security/cve/CVE-2024-26766.html * https://www.suse.com/security/cve/CVE-2024-26828.html * https://www.suse.com/security/cve/CVE-2024-26852.html * https://www.suse.com/security/cve/CVE-2024-26923.html * https://www.suse.com/security/cve/CVE-2024-26930.html * https://bugzilla.suse.com/show_bug.cgi?id=1219296 * https://bugzilla.suse.com/show_bug.cgi?id=1220145 * https://bugzilla.suse.com/show_bug.cgi?id=1220211 * https://bugzilla.suse.com/show_bug.cgi?id=1220828 * https://bugzilla.suse.com/show_bug.cgi?id=1220832 * https://bugzilla.suse.com/show_bug.cgi?id=1221302 * https://bugzilla.suse.com/show_bug.cgi?id=1222685 * https://bugzilla.suse.com/show_bug.cgi?id=1222882 * https://bugzilla.suse.com/show_bug.cgi?id=1223059 * https://bugzilla.suse.com/show_bug.cgi?id=1223363 * https://bugzilla.suse.com/show_bug.cgi?id=1223514 * https://bugzilla.suse.com/show_bug.cgi?id=1223681 * https://bugzilla.suse.com/show_bug.cgi?id=1223683 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Jul 12 16:30:28 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 12 Jul 2024 16:30:28 -0000 Subject: SUSE-SU-2024:2437-1: important: Security update for the Linux Kernel (Live Patch 8 for SLE 15 SP5) Message-ID: <172080182889.8462.6082569659531446990@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 8 for SLE 15 SP5) Announcement ID: SUSE-SU-2024:2437-1 Rating: important References: * bsc#1220145 * bsc#1223363 * bsc#1223681 * bsc#1223683 Cross-References: * CVE-2024-23307 * CVE-2024-26828 * CVE-2024-26923 * CVE-2024-26930 CVSS scores: * CVE-2024-23307 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26828 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H * CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26930 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26930 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves four vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_55_39 fixes several issues. The following security issues were fixed: * CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683). * CVE-2024-26930: Fixed double free of the ha->vp_map pointer (bsc#1223681). * CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223363). * CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5 modules (bsc#1220145). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-2469=1 SUSE-2024-2470=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-2469=1 SUSE-SLE- Module-Live-Patching-15-SP5-2024-2470=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-2437=1 SUSE-2024-2438=1 SUSE-2024-2439=1 SUSE-2024-2440=1 SUSE-2024-2441=1 SUSE-2024-2442=1 SUSE-2024-2443=1 SUSE-2024-2444=1 SUSE-2024-2445=1 * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2024-2437=1 SUSE-SLE- Module-Live-Patching-15-SP4-2024-2438=1 SUSE-SLE-Module-Live- Patching-15-SP4-2024-2439=1 SUSE-SLE-Module-Live-Patching-15-SP4-2024-2440=1 SUSE-SLE-Module-Live-Patching-15-SP4-2024-2441=1 SUSE-SLE-Module-Live- Patching-15-SP4-2024-2442=1 SUSE-SLE-Module-Live-Patching-15-SP4-2024-2443=1 SUSE-SLE-Module-Live-Patching-15-SP4-2024-2444=1 SUSE-SLE-Module-Live- Patching-15-SP4-2024-2445=1 ## Package List: * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP5_Update_7-debugsource-9-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_8-debugsource-9-150500.2.1 * kernel-livepatch-5_14_21-150500_55_36-default-debuginfo-9-150500.2.1 * kernel-livepatch-5_14_21-150500_55_36-default-9-150500.2.1 * kernel-livepatch-5_14_21-150500_55_39-default-debuginfo-9-150500.2.1 * kernel-livepatch-5_14_21-150500_55_39-default-9-150500.2.1 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP5_Update_7-debugsource-9-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_8-debugsource-9-150500.2.1 * kernel-livepatch-5_14_21-150500_55_36-default-debuginfo-9-150500.2.1 * kernel-livepatch-5_14_21-150500_55_36-default-9-150500.2.1 * kernel-livepatch-5_14_21-150500_55_39-default-debuginfo-9-150500.2.1 * kernel-livepatch-5_14_21-150500_55_39-default-9-150500.2.1 * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_69-default-debuginfo-13-150400.2.1 * kernel-livepatch-5_14_21-150400_24_69-default-13-150400.2.1 * kernel-livepatch-5_14_21-150400_24_66-default-14-150400.2.1 * kernel-livepatch-5_14_21-150400_24_100-default-9-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_16-debugsource-12-150400.2.1 * kernel-livepatch-5_14_21-150400_24_88-default-11-150400.2.1 * kernel-livepatch-5_14_21-150400_24_103-default-debuginfo-7-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_20-debugsource-9-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_19-debugsource-10-150400.2.1 * kernel-livepatch-5_14_21-150400_24_92-default-10-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_13-debugsource-14-150400.2.1 * kernel-livepatch-5_14_21-150400_24_66-default-debuginfo-14-150400.2.1 * kernel-livepatch-5_14_21-150400_24_100-default-debuginfo-9-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_14-debugsource-13-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_22-debugsource-7-150400.2.1 * kernel-livepatch-5_14_21-150400_24_81-default-debuginfo-12-150400.2.1 * kernel-livepatch-5_14_21-150400_24_97-default-9-150400.2.1 * kernel-livepatch-5_14_21-150400_24_97-default-debuginfo-9-150400.2.1 * kernel-livepatch-5_14_21-150400_24_103-default-7-150400.2.1 * kernel-livepatch-5_14_21-150400_24_88-default-debuginfo-11-150400.2.1 * kernel-livepatch-5_14_21-150400_24_74-default-debuginfo-13-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_21-debugsource-9-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_15-debugsource-13-150400.2.1 * kernel-livepatch-5_14_21-150400_24_81-default-12-150400.2.1 * kernel-livepatch-5_14_21-150400_24_92-default-debuginfo-10-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_18-debugsource-11-150400.2.1 * kernel-livepatch-5_14_21-150400_24_74-default-13-150400.2.1 * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_69-default-debuginfo-13-150400.2.1 * kernel-livepatch-5_14_21-150400_24_69-default-13-150400.2.1 * kernel-livepatch-5_14_21-150400_24_66-default-14-150400.2.1 * kernel-livepatch-5_14_21-150400_24_100-default-9-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_16-debugsource-12-150400.2.1 * kernel-livepatch-5_14_21-150400_24_88-default-11-150400.2.1 * kernel-livepatch-5_14_21-150400_24_103-default-debuginfo-7-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_20-debugsource-9-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_19-debugsource-10-150400.2.1 * kernel-livepatch-5_14_21-150400_24_92-default-10-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_13-debugsource-14-150400.2.1 * kernel-livepatch-5_14_21-150400_24_66-default-debuginfo-14-150400.2.1 * kernel-livepatch-5_14_21-150400_24_100-default-debuginfo-9-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_14-debugsource-13-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_22-debugsource-7-150400.2.1 * kernel-livepatch-5_14_21-150400_24_81-default-debuginfo-12-150400.2.1 * kernel-livepatch-5_14_21-150400_24_97-default-9-150400.2.1 * kernel-livepatch-5_14_21-150400_24_97-default-debuginfo-9-150400.2.1 * kernel-livepatch-5_14_21-150400_24_103-default-7-150400.2.1 * kernel-livepatch-5_14_21-150400_24_88-default-debuginfo-11-150400.2.1 * kernel-livepatch-5_14_21-150400_24_74-default-debuginfo-13-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_21-debugsource-9-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_15-debugsource-13-150400.2.1 * kernel-livepatch-5_14_21-150400_24_81-default-12-150400.2.1 * kernel-livepatch-5_14_21-150400_24_92-default-debuginfo-10-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_18-debugsource-11-150400.2.1 * kernel-livepatch-5_14_21-150400_24_74-default-13-150400.2.1 ## References: * https://www.suse.com/security/cve/CVE-2024-23307.html * https://www.suse.com/security/cve/CVE-2024-26828.html * https://www.suse.com/security/cve/CVE-2024-26923.html * https://www.suse.com/security/cve/CVE-2024-26930.html * https://bugzilla.suse.com/show_bug.cgi?id=1220145 * https://bugzilla.suse.com/show_bug.cgi?id=1223363 * https://bugzilla.suse.com/show_bug.cgi?id=1223681 * https://bugzilla.suse.com/show_bug.cgi?id=1223683 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Jul 12 16:30:36 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 12 Jul 2024 16:30:36 -0000 Subject: SUSE-SU-2024:2174-2: moderate: Security update for wget Message-ID: <172080183652.8462.2423282862009086884@smelt2.prg2.suse.org> # Security update for wget Announcement ID: SUSE-SU-2024:2174-2 Rating: moderate References: * bsc#1226419 Cross-References: * CVE-2024-38428 CVSS scores: * CVE-2024-38428 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Enterprise Micro 5.5 An update that solves one vulnerability can now be installed. ## Description: This update for wget fixes the following issues: * CVE-2024-38428: Fix mishandled semicolons in the userinfo subcomponent of a URI. (bsc#1226419) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-2174=1 ## Package List: * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * wget-debugsource-1.20.3-150000.3.20.1 * wget-1.20.3-150000.3.20.1 * wget-debuginfo-1.20.3-150000.3.20.1 ## References: * https://www.suse.com/security/cve/CVE-2024-38428.html * https://bugzilla.suse.com/show_bug.cgi?id=1226419 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Jul 12 16:30:37 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 12 Jul 2024 16:30:37 -0000 Subject: SUSE-SU-2024:2171-2: important: Security update for libarchive Message-ID: <172080183772.8462.11359051735391834011@smelt2.prg2.suse.org> # Security update for libarchive Announcement ID: SUSE-SU-2024:2171-2 Rating: important References: * bsc#1225971 Cross-References: * CVE-2024-20696 CVSS scores: * CVE-2024-20696 ( SUSE ): 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Micro 5.5 An update that solves one vulnerability can now be installed. ## Description: This update for libarchive fixes the following issues: * CVE-2024-20696: Fixed heap based out-of-bounds write (bsc#1225971). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-2171=1 ## Package List: * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * libarchive13-debuginfo-3.5.1-150400.3.15.1 * libarchive13-3.5.1-150400.3.15.1 * libarchive-debugsource-3.5.1-150400.3.15.1 ## References: * https://www.suse.com/security/cve/CVE-2024-20696.html * https://bugzilla.suse.com/show_bug.cgi?id=1225971 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Jul 12 16:30:41 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 12 Jul 2024 16:30:41 -0000 Subject: SUSE-SU-2024:2077-2: important: Security update for gdk-pixbuf Message-ID: <172080184145.8462.12020714161836944018@smelt2.prg2.suse.org> # Security update for gdk-pixbuf Announcement ID: SUSE-SU-2024:2077-2 Rating: important References: * bsc#1195391 * bsc#1219276 * bsc#1223903 Cross-References: * CVE-2022-48622 CVSS scores: * CVE-2022-48622 ( SUSE ): 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H * CVE-2022-48622 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Micro 5.5 An update that solves one vulnerability and has two security fixes can now be installed. ## Description: This update for gdk-pixbuf fixes the following issues: gdk-pixbuf was updated to version 2.42.12: * Security issues fixed: * CVE-2022-48622: Fixed heap memory corruption on gdk-pixbuf (bsc#1219276) * Changes in version 2.42.12: * ani: Reject files with multiple INA or IART chunks, * ani: validate chunk size, * Updated translations. * Enable other image loaders such as xpm and xbm (bsc#1223903) * Changes in version 2.42.11: * Disable fringe loaders by default. * Introspection fixes. * Updated translations. * Changes in version 2.42.10: * Search for rst2man.py. * Update the memory size limit for JPEG images. * Updated translations. * Fixed loading of larger images * Avoid Bash specific syntax in baselibs postscript (bsc#1195391) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-2077=1 ## Package List: * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * gdk-pixbuf-debugsource-2.42.12-150400.5.9.1 * typelib-1_0-GdkPixbuf-2_0-2.42.12-150400.5.9.1 * libgdk_pixbuf-2_0-0-2.42.12-150400.5.9.1 * gdk-pixbuf-query-loaders-debuginfo-2.42.12-150400.5.9.1 * gdk-pixbuf-query-loaders-2.42.12-150400.5.9.1 * libgdk_pixbuf-2_0-0-debuginfo-2.42.12-150400.5.9.1 ## References: * https://www.suse.com/security/cve/CVE-2022-48622.html * https://bugzilla.suse.com/show_bug.cgi?id=1195391 * https://bugzilla.suse.com/show_bug.cgi?id=1219276 * https://bugzilla.suse.com/show_bug.cgi?id=1223903 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Jul 12 16:30:47 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 12 Jul 2024 16:30:47 -0000 Subject: SUSE-SU-2024:1987-2: important: Security update for skopeo Message-ID: <172080184721.8462.15953570600796634834@smelt2.prg2.suse.org> # Security update for skopeo Announcement ID: SUSE-SU-2024:1987-2 Rating: important References: * bsc#1224123 Cross-References: * CVE-2024-28180 * CVE-2024-3727 CVSS scores: * CVE-2024-3727 ( SUSE ): 8.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Micro 5.5 An update that solves two vulnerabilities can now be installed. ## Description: This update for skopeo fixes the following issues: * Update to version 1.14.4: * CVE-2024-3727: Fixed a vulnerability that allows attackers to trigger unexpected authenticated registry accesses on behalf of a victim user, resource exhaustion, local path traversal and other attacks. (bsc#1224123) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-1987=1 ## Package List: * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * skopeo-debuginfo-1.14.4-150300.11.11.1 * skopeo-1.14.4-150300.11.11.1 ## References: * https://www.suse.com/security/cve/CVE-2024-28180.html * https://www.suse.com/security/cve/CVE-2024-3727.html * https://bugzilla.suse.com/show_bug.cgi?id=1224123 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Jul 12 16:30:48 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 12 Jul 2024 16:30:48 -0000 Subject: SUSE-SU-2024:2028-2: moderate: Security update for tiff Message-ID: <172080184861.8462.17064370383168478892@smelt2.prg2.suse.org> # Security update for tiff Announcement ID: SUSE-SU-2024:2028-2 Rating: moderate References: * bsc#1212233 Cross-References: * CVE-2023-3164 CVSS scores: * CVE-2023-3164 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2023-3164 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Micro 5.5 An update that solves one vulnerability can now be installed. ## Description: This update for tiff fixes the following issues: * CVE-2023-3164: Fixed a heap buffer overflow in tiffcrop. (bsc#1212233) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-2028=1 ## Package List: * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * libtiff5-debuginfo-4.0.9-150000.45.44.1 * tiff-debuginfo-4.0.9-150000.45.44.1 * tiff-debugsource-4.0.9-150000.45.44.1 * libtiff5-4.0.9-150000.45.44.1 ## References: * https://www.suse.com/security/cve/CVE-2023-3164.html * https://bugzilla.suse.com/show_bug.cgi?id=1212233 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Jul 12 16:30:52 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 12 Jul 2024 16:30:52 -0000 Subject: SUSE-SU-2024:2003-2: important: Security update for cups Message-ID: <172080185252.8462.6994538815785150312@smelt2.prg2.suse.org> # Security update for cups Announcement ID: SUSE-SU-2024:2003-2 Rating: important References: * bsc#1223179 * bsc#1225365 Cross-References: * CVE-2024-35235 CVSS scores: * CVE-2024-35235 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Micro 5.5 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for cups fixes the following issues: * CVE-2024-35235: Fixed a bug in cupsd that could allow an attacker to change the permissions of other files in the system. (bsc#1225365) * Handle local 'Negotiate' authentication response for cli clients (bsc#1223179) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-2003=1 ## Package List: * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * libcups2-2.2.7-150000.3.59.1 * cups-debuginfo-2.2.7-150000.3.59.1 * cups-debugsource-2.2.7-150000.3.59.1 * libcups2-debuginfo-2.2.7-150000.3.59.1 * cups-config-2.2.7-150000.3.59.1 ## References: * https://www.suse.com/security/cve/CVE-2024-35235.html * https://bugzilla.suse.com/show_bug.cgi?id=1223179 * https://bugzilla.suse.com/show_bug.cgi?id=1225365 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Jul 12 16:30:55 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 12 Jul 2024 16:30:55 -0000 Subject: SUSE-SU-2024:1863-2: moderate: Security update for python-Jinja2 Message-ID: <172080185530.8462.2641245015605541983@smelt2.prg2.suse.org> # Security update for python-Jinja2 Announcement ID: SUSE-SU-2024:1863-2 Rating: moderate References: * bsc#1218722 * bsc#1223980 Cross-References: * CVE-2024-22195 * CVE-2024-34064 CVSS scores: * CVE-2024-22195 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2024-22195 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2024-34064 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Affected Products: * SUSE Linux Enterprise Micro 5.5 An update that solves two vulnerabilities can now be installed. ## Description: This update for python-Jinja2 fixes the following issues: * Fixed HTML attribute injection when passing user input as keys to xmlattr filter (CVE-2024-34064, bsc#1223980, CVE-2024-22195, bsc#1218722) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-1863=1 ## Package List: * SUSE Linux Enterprise Micro 5.5 (noarch) * python3-Jinja2-2.10.1-150000.3.13.1 ## References: * https://www.suse.com/security/cve/CVE-2024-22195.html * https://www.suse.com/security/cve/CVE-2024-34064.html * https://bugzilla.suse.com/show_bug.cgi?id=1218722 * https://bugzilla.suse.com/show_bug.cgi?id=1223980 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Jul 12 16:30:57 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 12 Jul 2024 16:30:57 -0000 Subject: SUSE-SU-2024:1807-2: important: Security update for git Message-ID: <172080185717.8462.17866258897234126392@smelt2.prg2.suse.org> # Security update for git Announcement ID: SUSE-SU-2024:1807-2 Rating: important References: * bsc#1224168 * bsc#1224170 * bsc#1224171 * bsc#1224172 * bsc#1224173 Cross-References: * CVE-2024-32002 * CVE-2024-32004 * CVE-2024-32020 * CVE-2024-32021 * CVE-2024-32465 CVSS scores: * CVE-2024-32002 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-32002 ( NVD ): 9.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H * CVE-2024-32004 ( SUSE ): 8.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H * CVE-2024-32020 ( SUSE ): 3.9 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:L * CVE-2024-32021 ( SUSE ): 3.9 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:L * CVE-2024-32465 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Micro 5.5 An update that solves five vulnerabilities can now be installed. ## Description: This update for git fixes the following issues: * CVE-2024-32002: Fixed recursive clones on case-insensitive filesystems that support symbolic links are susceptible to case confusion (bsc#1224168). * CVE-2024-32004: Fixed arbitrary code execution during local clones (bsc#1224170). * CVE-2024-32020: Fixed file overwriting vulnerability during local clones (bsc#1224171). * CVE-2024-32021: Fixed git may create hardlinks to arbitrary user-readable files (bsc#1224172). * CVE-2024-32465: Fixed arbitrary code execution during clone operations (bsc#1224173). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-1807=1 ## Package List: * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * perl-Git-2.35.3-150300.10.39.1 * git-2.35.3-150300.10.39.1 * git-core-2.35.3-150300.10.39.1 * git-debuginfo-2.35.3-150300.10.39.1 * git-debugsource-2.35.3-150300.10.39.1 * git-core-debuginfo-2.35.3-150300.10.39.1 ## References: * https://www.suse.com/security/cve/CVE-2024-32002.html * https://www.suse.com/security/cve/CVE-2024-32004.html * https://www.suse.com/security/cve/CVE-2024-32020.html * https://www.suse.com/security/cve/CVE-2024-32021.html * https://www.suse.com/security/cve/CVE-2024-32465.html * https://bugzilla.suse.com/show_bug.cgi?id=1224168 * https://bugzilla.suse.com/show_bug.cgi?id=1224170 * https://bugzilla.suse.com/show_bug.cgi?id=1224171 * https://bugzilla.suse.com/show_bug.cgi?id=1224172 * https://bugzilla.suse.com/show_bug.cgi?id=1224173 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Jul 12 16:31:01 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 12 Jul 2024 16:31:01 -0000 Subject: SUSE-SU-2024:1704-2: low: Security update for cairo Message-ID: <172080186118.8462.15627016032690851431@smelt2.prg2.suse.org> # Security update for cairo Announcement ID: SUSE-SU-2024:1704-2 Rating: low References: * bsc#1122321 Cross-References: * CVE-2019-6462 CVSS scores: * CVE-2019-6462 ( SUSE ): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2019-6462 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2019-6462 ( NVD ): 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Micro 5.5 An update that solves one vulnerability can now be installed. ## Description: This update for cairo fixes the following issues: * CVE-2019-6462: Fixed a potentially infinite loop (bsc#1122321). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-1704=1 ## Package List: * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * libcairo2-1.16.0-150400.11.3.1 * libcairo-gobject2-1.16.0-150400.11.3.1 * libcairo-gobject2-debuginfo-1.16.0-150400.11.3.1 * cairo-debugsource-1.16.0-150400.11.3.1 * libcairo2-debuginfo-1.16.0-150400.11.3.1 ## References: * https://www.suse.com/security/cve/CVE-2019-6462.html * https://bugzilla.suse.com/show_bug.cgi?id=1122321 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Jul 12 16:31:05 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 12 Jul 2024 16:31:05 -0000 Subject: SUSE-SU-2024:1014-2: moderate: Security update for avahi Message-ID: <172080186550.8462.16198980112066151873@smelt2.prg2.suse.org> # Security update for avahi Announcement ID: SUSE-SU-2024:1014-2 Rating: moderate References: * bsc#1216594 * bsc#1216598 Cross-References: * CVE-2023-38469 * CVE-2023-38471 CVSS scores: * CVE-2023-38469 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-38469 ( NVD ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-38471 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-38471 ( NVD ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Micro 5.5 An update that solves two vulnerabilities can now be installed. ## Description: This update for avahi fixes the following issues: * CVE-2023-38471: Fixed reachable assertion in dbus_set_host_name (bsc#1216594). * CVE-2023-38469: Fixed reachable assertions in avahi (bsc#1216598). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-1014=1 ## Package List: * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * libavahi-client3-debuginfo-0.8-150400.7.16.1 * avahi-debuginfo-0.8-150400.7.16.1 * libavahi-core7-0.8-150400.7.16.1 * avahi-0.8-150400.7.16.1 * libavahi-common3-debuginfo-0.8-150400.7.16.1 * libavahi-core7-debuginfo-0.8-150400.7.16.1 * libavahi-common3-0.8-150400.7.16.1 * avahi-debugsource-0.8-150400.7.16.1 * libavahi-client3-0.8-150400.7.16.1 ## References: * https://www.suse.com/security/cve/CVE-2023-38469.html * https://www.suse.com/security/cve/CVE-2023-38471.html * https://bugzilla.suse.com/show_bug.cgi?id=1216594 * https://bugzilla.suse.com/show_bug.cgi?id=1216598 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Jul 12 16:31:09 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 12 Jul 2024 16:31:09 -0000 Subject: SUSE-SU-2024:1376-2: low: Security update for polkit Message-ID: <172080186915.8462.15363889648453556005@smelt2.prg2.suse.org> # Security update for polkit Announcement ID: SUSE-SU-2024:1376-2 Rating: low References: * bsc#1209282 Affected Products: * SUSE Linux Enterprise Micro 5.5 An update that has one security fix can now be installed. ## Description: This update for polkit fixes the following issues: * Change permissions for rules folders (bsc#1209282) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-1376=1 ## Package List: * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * polkit-debuginfo-121-150500.3.3.1 * libpolkit-agent-1-0-121-150500.3.3.1 * polkit-debugsource-121-150500.3.3.1 * libpolkit-gobject-1-0-121-150500.3.3.1 * polkit-121-150500.3.3.1 * libpolkit-agent-1-0-debuginfo-121-150500.3.3.1 * libpolkit-gobject-1-0-debuginfo-121-150500.3.3.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1209282 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Jul 12 16:31:13 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 12 Jul 2024 16:31:13 -0000 Subject: SUSE-SU-2024:1136-2: moderate: Security update for c-ares Message-ID: <172080187378.8462.14283220243528006869@smelt2.prg2.suse.org> # Security update for c-ares Announcement ID: SUSE-SU-2024:1136-2 Rating: moderate References: * bsc#1220279 Cross-References: * CVE-2024-25629 CVSS scores: * CVE-2024-25629 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Micro 5.5 An update that solves one vulnerability can now be installed. ## Description: This update for c-ares fixes the following issues: * CVE-2024-25629: Fixed out of bounds read in ares__read_line() (bsc#1220279). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-1136=1 ## Package List: * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * c-ares-debugsource-1.19.1-150000.3.26.1 * libcares2-1.19.1-150000.3.26.1 * libcares2-debuginfo-1.19.1-150000.3.26.1 ## References: * https://www.suse.com/security/cve/CVE-2024-25629.html * https://bugzilla.suse.com/show_bug.cgi?id=1220279 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Jul 12 16:31:18 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 12 Jul 2024 16:31:18 -0000 Subject: SUSE-SU-2024:0738-2: important: Security update for openvswitch3 Message-ID: <172080187800.8462.13594814284323269128@smelt2.prg2.suse.org> # Security update for openvswitch3 Announcement ID: SUSE-SU-2024:0738-2 Rating: important References: * bsc#1219465 Cross-References: * CVE-2023-3966 CVSS scores: * CVE-2023-3966 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Micro 5.5 An update that solves one vulnerability can now be installed. ## Description: This update for openvswitch3 fixes the following issues: * CVE-2023-3966: Fixed invalid memory access in Geneve with HW offload (bsc#1219465). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-738=1 ## Package List: * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * ovn3-23.03.0-150500.3.16.1 * libovn-23_03-0-23.03.0-150500.3.16.1 * openvswitch3-3.1.0-150500.3.16.1 * libopenvswitch-3_1-0-debuginfo-3.1.0-150500.3.16.1 * openvswitch3-debuginfo-3.1.0-150500.3.16.1 * libopenvswitch-3_1-0-3.1.0-150500.3.16.1 * openvswitch3-vtep-3.1.0-150500.3.16.1 * ovn3-docker-23.03.0-150500.3.16.1 * ovn3-host-23.03.0-150500.3.16.1 * ovn3-vtep-23.03.0-150500.3.16.1 * ovn3-debuginfo-23.03.0-150500.3.16.1 * ovn3-vtep-debuginfo-23.03.0-150500.3.16.1 * libovn-23_03-0-debuginfo-23.03.0-150500.3.16.1 * openvswitch3-debugsource-3.1.0-150500.3.16.1 * openvswitch3-vtep-debuginfo-3.1.0-150500.3.16.1 * python3-ovs3-3.1.0-150500.3.16.1 * ovn3-central-debuginfo-23.03.0-150500.3.16.1 * openvswitch3-pki-3.1.0-150500.3.16.1 * ovn3-central-23.03.0-150500.3.16.1 * ovn3-host-debuginfo-23.03.0-150500.3.16.1 ## References: * https://www.suse.com/security/cve/CVE-2023-3966.html * https://bugzilla.suse.com/show_bug.cgi?id=1219465 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Jul 12 16:31:30 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 12 Jul 2024 16:31:30 -0000 Subject: SUSE-SU-2024:2468-1: moderate: Security update for traceroute Message-ID: <172080189057.8462.10271079691533200090@smelt2.prg2.suse.org> # Security update for traceroute Announcement ID: SUSE-SU-2024:2468-1 Rating: moderate References: * bsc#1216591 Cross-References: * CVE-2023-46316 CVSS scores: * CVE-2023-46316 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2023-46316 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Micro 5.5 An update that solves one vulnerability can now be installed. ## Description: This update for traceroute fixes the following issues: * CVE-2023-46316: wrapper scripts do not properly parse command lines (bsc#1216591). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-2468=1 ## Package List: * SUSE Linux Enterprise Micro 5.5 (ppc64le) * traceroute-debuginfo-2.0.21-150000.3.3.1 * traceroute-2.0.21-150000.3.3.1 * traceroute-debugsource-2.0.21-150000.3.3.1 ## References: * https://www.suse.com/security/cve/CVE-2023-46316.html * https://bugzilla.suse.com/show_bug.cgi?id=1216591 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Jul 12 16:31:32 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 12 Jul 2024 16:31:32 -0000 Subject: SUSE-SU-2024:2467-1: moderate: Security update for fdo-client Message-ID: <172080189292.8462.9603865786151498417@smelt2.prg2.suse.org> # Security update for fdo-client Announcement ID: SUSE-SU-2024:2467-1 Rating: moderate References: * bsc#1216293 Affected Products: * SUSE Linux Enterprise Micro 5.5 An update that has one security fix can now be installed. ## Description: This update for fdo-client fixes the following issues: * Removed build key via utils/keys_gen.sh. (bsc#1216293) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-2467=1 ## Package List: * SUSE Linux Enterprise Micro 5.5 (ppc64le) * fdo-client-1.0.0+git20210816.baa09b5-150500.3.3.1 * fdo-client-debuginfo-1.0.0+git20210816.baa09b5-150500.3.3.1 * fdo-client-debugsource-1.0.0+git20210816.baa09b5-150500.3.3.1 * fdo-client-devel-1.0.0+git20210816.baa09b5-150500.3.3.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1216293 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Jul 12 16:31:40 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 12 Jul 2024 16:31:40 -0000 Subject: SUSE-SU-2024:2463-1: important: Security update for squashfs Message-ID: <172080190024.8462.6557417445024464226@smelt2.prg2.suse.org> # Security update for squashfs Announcement ID: SUSE-SU-2024:2463-1 Rating: important References: * bsc#1189936 * bsc#1190531 * bsc#935380 Cross-References: * CVE-2015-4645 * CVE-2015-4646 * CVE-2021-40153 * CVE-2021-41072 CVSS scores: * CVE-2015-4645 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2015-4645 ( NVD ): 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2015-4646 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2021-40153 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N * CVE-2021-40153 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H * CVE-2021-41072 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N * CVE-2021-41072 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H Affected Products: * SUSE Linux Enterprise Micro 5.5 An update that solves four vulnerabilities can now be installed. ## Description: This update for squashfs fixes the following issues: * CVE-2015-4645,CVE-2015-4646: Multiple buffer overflows fixed in squashfs- tools (bsc#935380) * CVE-2021-40153: Fixed an issue where an attacker might have been able to write a file outside of destination (bsc#1189936) * CVE-2021-41072: Fixed an issue where an attacker might have been able to write a file outside the destination directory via a symlink (bsc#1190531). update to 4.6.1: * Race condition which can cause corruption of the "fragment table" fixed. This is a regression introduced in August 2022, and it has been seen when tailend packing is used (-tailends option). * Fix build failure when the tools are being built without extended attribute (XATTRs) support. * Fix XATTR error message when an unrecognised prefix is found * Fix incorrect free of pointer when an unrecognised XATTR prefix is found. * Major improvements in extended attribute handling, pseudo file handling, and miscellaneous new options and improvements * Extended attribute handling improved in Mksquashfs and Sqfstar * New Pseudo file xattr definition to add extended attributes to files. * New xattrs-add Action to add extended attributes to files * Extended attribute handling improved in Unsquashfs * Other major improvements * Unsquashfs can now output Pseudo files to standard out. * Mksquashfs can now input Pseudo files from standard in. * Squashfs filesystems can now be converted (different block size compression etc) without unpacking to an intermediate filesystem or mounting, by piping the output of Unsquashfs to Mksquashfs. * Pseudo files are now supported by Sqfstar. * "Non-anchored" excludes are now supported by Unsquashfs. update to 4.5.1 (bsc#1190531, CVE-2021-41072): * This release adds Manpages for Mksquashfs(1), Unsquashfs(1), Sqfstar(1) and Sqfscat(1). * The -help text output from the utilities has been improved and extended as well (but the Manpages are now more comprehensive). * CVE-2021-41072 which is a writing outside of destination exploit, has been fixed. * The number of hard-links in the filesystem is now also displayed by Mksquashfs in the output summary. * The number of hard-links written by Unsquashfs is now also displayed in the output summary. * Unsquashfs will now write to a pre-existing destination directory, rather than aborting. * Unsquashfs now allows "." to used as the destination, to extract to the current directory. * The Unsquashfs progress bar now tracks empty files and hardlinks, in addition to data blocks. * -no-hardlinks option has been implemented for Sqfstar. * More sanity checking for "corrupted" filesystems, including checks for multiply linked directories and directory loops. * Options that may cause filesystems to be unmountable have been moved into a new "experts" category in the Mksquashfs help text (and Manpage). * Maximum cpiostyle filename limited to PATH_MAX. This prevents attempts to overflow the stack, or cause system calls to fail with a too long pathname. * Don't always use "max open file limit" when calculating length of queues, as a very large file limit can cause Unsquashfs to abort. Instead use the smaller of max open file limit and cache size. * Fix Mksquashfs silently ignoring Pseudo file definitions when appending. * Don't abort if no XATTR support has been built in, and there's XATTRs in the filesystem. This is a regression introduced in 2019 in Version 4.4. * Fix duplicate check when the last file block is sparse. update to 4.5: * Mksquashfs now supports "Actions". * New sqfstar command which will create a Squashfs image from a tar archive. * Tar style handling of source pathnames in Mksquashfs. * Cpio style handling of source pathnames in Mksquashfs. * New option to throttle the amount of CPU and I/O. * Mksquashfs now allows no source directory to be specified. * New Pseudo file "R" definition which allows a Regular file o be created with data stored within the Pseudo file. * Symbolic links are now followed in extract files * Unsquashfs now supports "exclude" files. * Max depth traversal option added. * Unsquashfs can now output a "Pseudo file" representing the input Squashfs filesystem. * New -one-file-system option in Mksquashfs. * New -no-hardlinks option in Mksquashfs. * Exit code in Unsquashfs changed to distinguish between non-fatal errors (exit 2), and fatal errors (exit 1). * Xattr id count added in Unsquashfs "-stat" output. * Unsquashfs "write outside directory" exploit fixed. * Error handling in Unsquashfs writer thread fixed. * Fix failure to truncate destination if appending aborted. * Prevent Mksquashfs reading the destination file. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-2463=1 ## Package List: * SUSE Linux Enterprise Micro 5.5 (ppc64le) * squashfs-debugsource-4.6.1-150300.3.3.1 * squashfs-debuginfo-4.6.1-150300.3.3.1 * squashfs-4.6.1-150300.3.3.1 ## References: * https://www.suse.com/security/cve/CVE-2015-4645.html * https://www.suse.com/security/cve/CVE-2015-4646.html * https://www.suse.com/security/cve/CVE-2021-40153.html * https://www.suse.com/security/cve/CVE-2021-41072.html * https://bugzilla.suse.com/show_bug.cgi?id=1189936 * https://bugzilla.suse.com/show_bug.cgi?id=1190531 * https://bugzilla.suse.com/show_bug.cgi?id=935380 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Jul 12 16:31:42 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 12 Jul 2024 16:31:42 -0000 Subject: SUSE-SU-2024:2462-1: moderate: Security update for python-urllib3 Message-ID: <172080190258.8462.10821405466898975609@smelt2.prg2.suse.org> # Security update for python-urllib3 Announcement ID: SUSE-SU-2024:2462-1 Rating: moderate References: * bsc#1216377 Cross-References: * CVE-2023-45803 CVSS scores: * CVE-2023-45803 ( SUSE ): 4.2 CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2023-45803 ( NVD ): 4.2 CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Enterprise Micro 5.5 An update that solves one vulnerability can now be installed. ## Description: This update for python-urllib3 fixes the following issues: * CVE-2023-45803: Fix a request body leak that could occur when receiving a 303 HTTP response (bsc#1216377). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-2462=1 ## Package List: * SUSE Linux Enterprise Micro 5.5 (noarch) * python3-urllib3-1.25.10-150300.4.9.1 ## References: * https://www.suse.com/security/cve/CVE-2023-45803.html * https://bugzilla.suse.com/show_bug.cgi?id=1216377 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jul 15 08:30:02 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 15 Jul 2024 08:30:02 -0000 Subject: SUSE-SU-2024:2050-2: important: Security update for podman Message-ID: <172103220203.17377.8513352141755338086@smelt2.prg2.suse.org> # Security update for podman Announcement ID: SUSE-SU-2024:2050-2 Rating: important References: * bsc#1224122 * bsc#1226136 Cross-References: * CVE-2024-24786 * CVE-2024-3727 CVSS scores: * CVE-2024-24786 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-3727 ( SUSE ): 8.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H Affected Products: * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves two vulnerabilities can now be installed. ## Description: This update for podman fixes the following issues: * Update to version 4.9.5 * CVE-2024-3727: Fixed a flaw that allowed attackers to trigger unexpected authenticated registry accesses on behalf of a victim user, causing resource exhaustion, local path traversal, and other attacks. (bsc#1224122) * CVE-2024-24786: Fixed an infinite loop in protojson. (bsc#1226136) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-2050=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-2050=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-2050=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-2050=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-2050=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-2050=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-2050=1 ## Package List: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * podman-remote-4.9.5-150300.9.31.1 * podman-4.9.5-150300.9.31.1 * podman-remote-debuginfo-4.9.5-150300.9.31.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * podman-remote-4.9.5-150300.9.31.1 * podman-4.9.5-150300.9.31.1 * podman-remote-debuginfo-4.9.5-150300.9.31.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * podman-remote-4.9.5-150300.9.31.1 * podman-4.9.5-150300.9.31.1 * podman-remote-debuginfo-4.9.5-150300.9.31.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * podman-remote-4.9.5-150300.9.31.1 * podman-debuginfo-4.9.5-150300.9.31.1 * podman-4.9.5-150300.9.31.1 * podman-remote-debuginfo-4.9.5-150300.9.31.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * podman-remote-4.9.5-150300.9.31.1 * podman-4.9.5-150300.9.31.1 * podman-remote-debuginfo-4.9.5-150300.9.31.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * podman-debuginfo-4.9.5-150300.9.31.1 * podman-4.9.5-150300.9.31.1 * podman-remote-4.9.5-150300.9.31.1 * podman-remote-debuginfo-4.9.5-150300.9.31.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * podman-debuginfo-4.9.5-150300.9.31.1 * podman-4.9.5-150300.9.31.1 * podman-remote-4.9.5-150300.9.31.1 * podman-remote-debuginfo-4.9.5-150300.9.31.1 ## References: * https://www.suse.com/security/cve/CVE-2024-24786.html * https://www.suse.com/security/cve/CVE-2024-3727.html * https://bugzilla.suse.com/show_bug.cgi?id=1224122 * https://bugzilla.suse.com/show_bug.cgi?id=1226136 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jul 15 12:30:02 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 15 Jul 2024 12:30:02 -0000 Subject: SUSE-SU-2024:2480-1: important: Security update for the Linux Kernel (Live Patch 14 for SLE 15 SP5) Message-ID: <172104660274.3371.1821674727234010975@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 14 for SLE 15 SP5) Announcement ID: SUSE-SU-2024:2480-1 Rating: important References: * bsc#1223363 * bsc#1223683 Cross-References: * CVE-2024-26828 * CVE-2024-26923 CVSS scores: * CVE-2024-26828 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H * CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves two vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_55_65 fixes several issues. The following security issues were fixed: * CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683). * CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223363). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-2480=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-2480=1 ## Package List: * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP5_Update_14-debugsource-2-150500.11.6.1 * kernel-livepatch-5_14_21-150500_55_65-default-debuginfo-2-150500.11.6.1 * kernel-livepatch-5_14_21-150500_55_65-default-2-150500.11.6.1 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP5_Update_14-debugsource-2-150500.11.6.1 * kernel-livepatch-5_14_21-150500_55_65-default-debuginfo-2-150500.11.6.1 * kernel-livepatch-5_14_21-150500_55_65-default-2-150500.11.6.1 ## References: * https://www.suse.com/security/cve/CVE-2024-26828.html * https://www.suse.com/security/cve/CVE-2024-26923.html * https://bugzilla.suse.com/show_bug.cgi?id=1223363 * https://bugzilla.suse.com/show_bug.cgi?id=1223683 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jul 15 12:36:09 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 15 Jul 2024 12:36:09 -0000 Subject: SUSE-SU-2024:2481-1: important: Security update for python-black Message-ID: <172104696980.3772.4866787772057897085@smelt2.prg2.suse.org> # Security update for python-black Announcement ID: SUSE-SU-2024:2481-1 Rating: important References: * bsc#1221530 Cross-References: * CVE-2024-21503 CVSS scores: * CVE-2024-21503 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.6 An update that solves one vulnerability can now be installed. ## Description: This update for python-black fixes the following issues: Updated to version 24.3.0: * CVE-2024-21503: Fixed a performance downgrade on docstrings that contain large numbers of leading tab characters (bsc#1221530). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-2481=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-2481=1 ## Package List: * openSUSE Leap 15.4 (noarch) * python311-black-24.3.0-150400.9.8.1 * openSUSE Leap 15.6 (noarch) * python311-black-24.3.0-150400.9.8.1 ## References: * https://www.suse.com/security/cve/CVE-2024-21503.html * https://bugzilla.suse.com/show_bug.cgi?id=1221530 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jul 15 12:39:10 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 15 Jul 2024 12:39:10 -0000 Subject: SUSE-SU-2024:2481-1: important: Security update for python-black Message-ID: <172104715098.4570.3152633052121699851@smelt2.prg2.suse.org> # Security update for python-black Announcement ID: SUSE-SU-2024:2481-1 Rating: important References: * bsc#1221530 Cross-References: * CVE-2024-21503 CVSS scores: * CVE-2024-21503 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.6 An update that solves one vulnerability can now be installed. ## Description: This update for python-black fixes the following issues: Updated to version 24.3.0: * CVE-2024-21503: Fixed a performance downgrade on docstrings that contain large numbers of leading tab characters (bsc#1221530). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-2481=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-2481=1 ## Package List: * openSUSE Leap 15.4 (noarch) * python311-black-24.3.0-150400.9.8.1 * openSUSE Leap 15.6 (noarch) * python311-black-24.3.0-150400.9.8.1 ## References: * https://www.suse.com/security/cve/CVE-2024-21503.html * https://bugzilla.suse.com/show_bug.cgi?id=1221530 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jul 15 16:30:04 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 15 Jul 2024 16:30:04 -0000 Subject: SUSE-SU-2024:2488-1: important: Security update for the Linux Kernel (Live Patch 9 for SLE 15 SP5) Message-ID: <172106100453.8606.17577854268316872297@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 9 for SLE 15 SP5) Announcement ID: SUSE-SU-2024:2488-1 Rating: important References: * bsc#1220145 * bsc#1223363 * bsc#1223681 * bsc#1223683 Cross-References: * CVE-2024-23307 * CVE-2024-26828 * CVE-2024-26923 * CVE-2024-26930 CVSS scores: * CVE-2024-23307 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26828 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H * CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26930 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26930 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves four vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_55_44 fixes several issues. The following security issues were fixed: * CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683). * CVE-2024-26930: Fixed double free of the ha->vp_map pointer (bsc#1223681). * CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223363). * CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5 modules (bsc#1220145). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-2488=1 SUSE-2024-2489=1 SUSE-2024-2490=1 SUSE-2024-2491=1 SUSE-2024-2492=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-2488=1 SUSE-SLE- Module-Live-Patching-15-SP5-2024-2489=1 SUSE-SLE-Module-Live- Patching-15-SP5-2024-2490=1 SUSE-SLE-Module-Live-Patching-15-SP5-2024-2491=1 SUSE-SLE-Module-Live-Patching-15-SP5-2024-2492=1 ## Package List: * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_44-default-8-150500.2.1 * kernel-livepatch-5_14_21-150500_55_44-default-debuginfo-8-150500.2.1 * kernel-livepatch-5_14_21-150500_55_7-default-13-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_3-debugsource-12-150500.2.1 * kernel-livepatch-5_14_21-150500_55_28-default-debuginfo-11-150500.2.1 * kernel-livepatch-5_14_21-150500_55_19-default-debuginfo-12-150500.2.1 * kernel-livepatch-5_14_21-150500_55_7-default-debuginfo-13-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_1-debugsource-13-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_9-debugsource-8-150500.2.1 * kernel-livepatch-5_14_21-150500_55_12-default-13-150500.2.1 * kernel-livepatch-5_14_21-150500_55_12-default-debuginfo-13-150500.2.1 * kernel-livepatch-5_14_21-150500_55_28-default-11-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_2-debugsource-13-150500.2.1 * kernel-livepatch-5_14_21-150500_55_19-default-12-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_5-debugsource-11-150500.2.1 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_44-default-8-150500.2.1 * kernel-livepatch-5_14_21-150500_55_44-default-debuginfo-8-150500.2.1 * kernel-livepatch-5_14_21-150500_55_7-default-13-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_3-debugsource-12-150500.2.1 * kernel-livepatch-5_14_21-150500_55_28-default-debuginfo-11-150500.2.1 * kernel-livepatch-5_14_21-150500_55_19-default-debuginfo-12-150500.2.1 * kernel-livepatch-5_14_21-150500_55_7-default-debuginfo-13-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_1-debugsource-13-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_9-debugsource-8-150500.2.1 * kernel-livepatch-5_14_21-150500_55_12-default-13-150500.2.1 * kernel-livepatch-5_14_21-150500_55_12-default-debuginfo-13-150500.2.1 * kernel-livepatch-5_14_21-150500_55_28-default-11-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_2-debugsource-13-150500.2.1 * kernel-livepatch-5_14_21-150500_55_19-default-12-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_5-debugsource-11-150500.2.1 ## References: * https://www.suse.com/security/cve/CVE-2024-23307.html * https://www.suse.com/security/cve/CVE-2024-26828.html * https://www.suse.com/security/cve/CVE-2024-26923.html * https://www.suse.com/security/cve/CVE-2024-26930.html * https://bugzilla.suse.com/show_bug.cgi?id=1220145 * https://bugzilla.suse.com/show_bug.cgi?id=1223363 * https://bugzilla.suse.com/show_bug.cgi?id=1223681 * https://bugzilla.suse.com/show_bug.cgi?id=1223683 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jul 15 16:30:06 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 15 Jul 2024 16:30:06 -0000 Subject: SUSE-SU-2024:2487-1: important: Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP5) Message-ID: <172106100678.8606.13335779773466572871@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP5) Announcement ID: SUSE-SU-2024:2487-1 Rating: important References: * bsc#1220145 * bsc#1223363 * bsc#1223683 Cross-References: * CVE-2024-23307 * CVE-2024-26828 * CVE-2024-26923 CVSS scores: * CVE-2024-23307 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26828 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H * CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves three vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_53 fixes several issues. The following security issues were fixed: * CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683). * CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223363). * CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5 modules (bsc#1220145). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-2487=1 * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-2487=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_53-default-debuginfo-14-150500.12.1 * kernel-livepatch-SLE15-SP5_Update_0-debugsource-14-150500.12.1 * kernel-livepatch-5_14_21-150500_53-default-14-150500.12.1 * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_53-default-debuginfo-14-150500.12.1 * kernel-livepatch-SLE15-SP5_Update_0-debugsource-14-150500.12.1 * kernel-livepatch-5_14_21-150500_53-default-14-150500.12.1 ## References: * https://www.suse.com/security/cve/CVE-2024-23307.html * https://www.suse.com/security/cve/CVE-2024-26828.html * https://www.suse.com/security/cve/CVE-2024-26923.html * https://bugzilla.suse.com/show_bug.cgi?id=1220145 * https://bugzilla.suse.com/show_bug.cgi?id=1223363 * https://bugzilla.suse.com/show_bug.cgi?id=1223683 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jul 15 16:36:25 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 15 Jul 2024 16:36:25 -0000 Subject: SUSE-SU-2024:2485-1: important: Security update for tomcat Message-ID: <172106138546.25792.13364138159323531219@smelt2.prg2.suse.org> # Security update for tomcat Announcement ID: SUSE-SU-2024:2485-1 Rating: important References: * bsc#1227399 Cross-References: * CVE-2024-34750 CVSS scores: * CVE-2024-34750 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Server 4.3 * Web and Scripting Module 15-SP5 * Web and Scripting Module 15-SP6 An update that solves one vulnerability can now be installed. ## Description: This update for tomcat fixes the following issues: Updated to version 9.0.91: * CVE-2024-34750: Fixed an improper handling of exceptional conditions (bsc#1227399). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-2485=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-2485=1 * Web and Scripting Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Web-Scripting-15-SP5-2024-2485=1 * Web and Scripting Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Web-Scripting-15-SP6-2024-2485=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-2485=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-2485=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-2485=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-2485=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-2485=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-2485=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-2485=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-2485=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-2485=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-2485=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-2485=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-2485=1 ## Package List: * openSUSE Leap 15.5 (noarch) * tomcat-jsvc-9.0.91-150200.68.1 * tomcat-docs-webapp-9.0.91-150200.68.1 * tomcat-admin-webapps-9.0.91-150200.68.1 * tomcat-javadoc-9.0.91-150200.68.1 * tomcat-webapps-9.0.91-150200.68.1 * tomcat-embed-9.0.91-150200.68.1 * tomcat-lib-9.0.91-150200.68.1 * tomcat-el-3_0-api-9.0.91-150200.68.1 * tomcat-jsp-2_3-api-9.0.91-150200.68.1 * tomcat-9.0.91-150200.68.1 * tomcat-servlet-4_0-api-9.0.91-150200.68.1 * openSUSE Leap 15.6 (noarch) * tomcat-jsvc-9.0.91-150200.68.1 * tomcat-docs-webapp-9.0.91-150200.68.1 * tomcat-admin-webapps-9.0.91-150200.68.1 * tomcat-javadoc-9.0.91-150200.68.1 * tomcat-webapps-9.0.91-150200.68.1 * tomcat-embed-9.0.91-150200.68.1 * tomcat-lib-9.0.91-150200.68.1 * tomcat-el-3_0-api-9.0.91-150200.68.1 * tomcat-jsp-2_3-api-9.0.91-150200.68.1 * tomcat-9.0.91-150200.68.1 * tomcat-servlet-4_0-api-9.0.91-150200.68.1 * Web and Scripting Module 15-SP5 (noarch) * tomcat-admin-webapps-9.0.91-150200.68.1 * tomcat-webapps-9.0.91-150200.68.1 * tomcat-lib-9.0.91-150200.68.1 * tomcat-el-3_0-api-9.0.91-150200.68.1 * tomcat-jsp-2_3-api-9.0.91-150200.68.1 * tomcat-9.0.91-150200.68.1 * tomcat-servlet-4_0-api-9.0.91-150200.68.1 * Web and Scripting Module 15-SP6 (noarch) * tomcat-admin-webapps-9.0.91-150200.68.1 * tomcat-webapps-9.0.91-150200.68.1 * tomcat-lib-9.0.91-150200.68.1 * tomcat-el-3_0-api-9.0.91-150200.68.1 * tomcat-jsp-2_3-api-9.0.91-150200.68.1 * tomcat-9.0.91-150200.68.1 * tomcat-servlet-4_0-api-9.0.91-150200.68.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (noarch) * tomcat-admin-webapps-9.0.91-150200.68.1 * tomcat-webapps-9.0.91-150200.68.1 * tomcat-lib-9.0.91-150200.68.1 * tomcat-el-3_0-api-9.0.91-150200.68.1 * tomcat-jsp-2_3-api-9.0.91-150200.68.1 * tomcat-9.0.91-150200.68.1 * tomcat-servlet-4_0-api-9.0.91-150200.68.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * tomcat-admin-webapps-9.0.91-150200.68.1 * tomcat-webapps-9.0.91-150200.68.1 * tomcat-lib-9.0.91-150200.68.1 * tomcat-el-3_0-api-9.0.91-150200.68.1 * tomcat-jsp-2_3-api-9.0.91-150200.68.1 * tomcat-9.0.91-150200.68.1 * tomcat-servlet-4_0-api-9.0.91-150200.68.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * tomcat-admin-webapps-9.0.91-150200.68.1 * tomcat-webapps-9.0.91-150200.68.1 * tomcat-lib-9.0.91-150200.68.1 * tomcat-el-3_0-api-9.0.91-150200.68.1 * tomcat-jsp-2_3-api-9.0.91-150200.68.1 * tomcat-9.0.91-150200.68.1 * tomcat-servlet-4_0-api-9.0.91-150200.68.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * tomcat-admin-webapps-9.0.91-150200.68.1 * tomcat-webapps-9.0.91-150200.68.1 * tomcat-lib-9.0.91-150200.68.1 * tomcat-el-3_0-api-9.0.91-150200.68.1 * tomcat-jsp-2_3-api-9.0.91-150200.68.1 * tomcat-9.0.91-150200.68.1 * tomcat-servlet-4_0-api-9.0.91-150200.68.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (noarch) * tomcat-admin-webapps-9.0.91-150200.68.1 * tomcat-webapps-9.0.91-150200.68.1 * tomcat-lib-9.0.91-150200.68.1 * tomcat-el-3_0-api-9.0.91-150200.68.1 * tomcat-jsp-2_3-api-9.0.91-150200.68.1 * tomcat-9.0.91-150200.68.1 * tomcat-servlet-4_0-api-9.0.91-150200.68.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch) * tomcat-admin-webapps-9.0.91-150200.68.1 * tomcat-webapps-9.0.91-150200.68.1 * tomcat-lib-9.0.91-150200.68.1 * tomcat-el-3_0-api-9.0.91-150200.68.1 * tomcat-jsp-2_3-api-9.0.91-150200.68.1 * tomcat-9.0.91-150200.68.1 * tomcat-servlet-4_0-api-9.0.91-150200.68.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch) * tomcat-admin-webapps-9.0.91-150200.68.1 * tomcat-webapps-9.0.91-150200.68.1 * tomcat-lib-9.0.91-150200.68.1 * tomcat-el-3_0-api-9.0.91-150200.68.1 * tomcat-jsp-2_3-api-9.0.91-150200.68.1 * tomcat-9.0.91-150200.68.1 * tomcat-servlet-4_0-api-9.0.91-150200.68.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (noarch) * tomcat-admin-webapps-9.0.91-150200.68.1 * tomcat-webapps-9.0.91-150200.68.1 * tomcat-lib-9.0.91-150200.68.1 * tomcat-el-3_0-api-9.0.91-150200.68.1 * tomcat-jsp-2_3-api-9.0.91-150200.68.1 * tomcat-9.0.91-150200.68.1 * tomcat-servlet-4_0-api-9.0.91-150200.68.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * tomcat-admin-webapps-9.0.91-150200.68.1 * tomcat-webapps-9.0.91-150200.68.1 * tomcat-lib-9.0.91-150200.68.1 * tomcat-el-3_0-api-9.0.91-150200.68.1 * tomcat-jsp-2_3-api-9.0.91-150200.68.1 * tomcat-9.0.91-150200.68.1 * tomcat-servlet-4_0-api-9.0.91-150200.68.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * tomcat-admin-webapps-9.0.91-150200.68.1 * tomcat-webapps-9.0.91-150200.68.1 * tomcat-lib-9.0.91-150200.68.1 * tomcat-el-3_0-api-9.0.91-150200.68.1 * tomcat-jsp-2_3-api-9.0.91-150200.68.1 * tomcat-9.0.91-150200.68.1 * tomcat-servlet-4_0-api-9.0.91-150200.68.1 * SUSE Manager Server 4.3 (noarch) * tomcat-admin-webapps-9.0.91-150200.68.1 * tomcat-webapps-9.0.91-150200.68.1 * tomcat-lib-9.0.91-150200.68.1 * tomcat-el-3_0-api-9.0.91-150200.68.1 * tomcat-jsp-2_3-api-9.0.91-150200.68.1 * tomcat-9.0.91-150200.68.1 * tomcat-servlet-4_0-api-9.0.91-150200.68.1 * SUSE Enterprise Storage 7.1 (noarch) * tomcat-admin-webapps-9.0.91-150200.68.1 * tomcat-webapps-9.0.91-150200.68.1 * tomcat-lib-9.0.91-150200.68.1 * tomcat-el-3_0-api-9.0.91-150200.68.1 * tomcat-jsp-2_3-api-9.0.91-150200.68.1 * tomcat-9.0.91-150200.68.1 * tomcat-servlet-4_0-api-9.0.91-150200.68.1 ## References: * https://www.suse.com/security/cve/CVE-2024-34750.html * https://bugzilla.suse.com/show_bug.cgi?id=1227399 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jul 15 16:36:29 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 15 Jul 2024 16:36:29 -0000 Subject: SUSE-SU-2024:2481-1: important: Security update for python-black Message-ID: <172106138975.25792.16793148041066593698@smelt2.prg2.suse.org> # Security update for python-black Announcement ID: SUSE-SU-2024:2481-1 Rating: important References: * bsc#1221530 Cross-References: * CVE-2024-21503 CVSS scores: * CVE-2024-21503 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.6 An update that solves one vulnerability can now be installed. ## Description: This update for python-black fixes the following issues: Updated to version 24.3.0: * CVE-2024-21503: Fixed a performance downgrade on docstrings that contain large numbers of leading tab characters (bsc#1221530). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-2481=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-2481=1 ## Package List: * openSUSE Leap 15.4 (noarch) * python311-black-24.3.0-150400.9.8.1 * openSUSE Leap 15.6 (noarch) * python311-black-24.3.0-150400.9.8.1 ## References: * https://www.suse.com/security/cve/CVE-2024-21503.html * https://bugzilla.suse.com/show_bug.cgi?id=1221530 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jul 15 20:30:01 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 15 Jul 2024 20:30:01 -0000 Subject: SUSE-SU-2024:2479-1: important: Security update for python3 Message-ID: <172107540185.29517.6711180697247077379@smelt2.prg2.suse.org> # Security update for python3 Announcement ID: SUSE-SU-2024:2479-1 Rating: important References: * bsc#1219559 * bsc#1220664 * bsc#1221563 * bsc#1221854 * bsc#1222075 * bsc#1226447 * bsc#1226448 Cross-References: * CVE-2023-52425 * CVE-2024-0397 * CVE-2024-0450 * CVE-2024-4032 CVSS scores: * CVE-2023-52425 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52425 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0397 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L * CVE-2024-0450 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-4032 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * Basesystem Module 15-SP5 * Basesystem Module 15-SP6 * Development Tools Module 15-SP5 * Development Tools Module 15-SP6 * openSUSE Leap 15.3 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * openSUSE Leap Micro 5.3 * openSUSE Leap Micro 5.4 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves four vulnerabilities and has three security fixes can now be installed. ## Description: This update for python3 fixes the following issues: * CVE-2023-52425: Fixed backport so it uses features sniffing, not just comparing version number (bsc#1219559). * CVE-2024-0450: Fixed detecting the vulnerability of "quoted-overlap" zipbomb (bsc#1221854). * CVE-2024-4032: Rearranging definition of private v global IP. (bsc#1226448) * CVE-2024-0397: Remove a memory race condition in ssl.SSLContext certificate store methods. (bsc#1226447) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-2479=1 * openSUSE Leap Micro 5.3 zypper in -t patch openSUSE-Leap-Micro-5.3-2024-2479=1 * openSUSE Leap Micro 5.4 zypper in -t patch openSUSE-Leap-Micro-5.4-2024-2479=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-2479=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-2479=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-2479=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-2479=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-2479=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-2479=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-2479=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-2479=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-2479=1 * Development Tools Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2024-2479=1 * Development Tools Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2024-2479=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-2479=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-2479=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-2479=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-2479=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-2479=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-2479=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-2479=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-2479=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-2479=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-2479=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-2479=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-2479=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-2479=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-2479=1 ## Package List: * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * python3-dbm-debuginfo-3.6.15-150300.10.65.2 * python3-debuginfo-3.6.15-150300.10.65.2 * python3-doc-devhelp-3.6.15-150300.10.65.1 * python3-devel-debuginfo-3.6.15-150300.10.65.1 * python3-testsuite-3.6.15-150300.10.65.1 * python3-base-debuginfo-3.6.15-150300.10.65.1 * python3-debugsource-3.6.15-150300.10.65.2 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.65.1 * python3-curses-3.6.15-150300.10.65.2 * python3-idle-3.6.15-150300.10.65.2 * python3-tools-3.6.15-150300.10.65.1 * python3-base-3.6.15-150300.10.65.1 * libpython3_6m1_0-3.6.15-150300.10.65.1 * python3-tk-3.6.15-150300.10.65.2 * python3-3.6.15-150300.10.65.2 * python3-devel-3.6.15-150300.10.65.1 * python3-tk-debuginfo-3.6.15-150300.10.65.2 * python3-dbm-3.6.15-150300.10.65.2 * python3-core-debugsource-3.6.15-150300.10.65.1 * python3-testsuite-debuginfo-3.6.15-150300.10.65.1 * python3-doc-3.6.15-150300.10.65.1 * python3-curses-debuginfo-3.6.15-150300.10.65.2 * openSUSE Leap 15.3 (x86_64) * libpython3_6m1_0-32bit-3.6.15-150300.10.65.1 * libpython3_6m1_0-32bit-debuginfo-3.6.15-150300.10.65.1 * openSUSE Leap 15.3 (aarch64_ilp32) * libpython3_6m1_0-64bit-3.6.15-150300.10.65.1 * libpython3_6m1_0-64bit-debuginfo-3.6.15-150300.10.65.1 * openSUSE Leap Micro 5.3 (aarch64 x86_64) * libpython3_6m1_0-3.6.15-150300.10.65.1 * python3-debuginfo-3.6.15-150300.10.65.2 * python3-debugsource-3.6.15-150300.10.65.2 * python3-3.6.15-150300.10.65.2 * python3-core-debugsource-3.6.15-150300.10.65.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.65.1 * python3-base-3.6.15-150300.10.65.1 * python3-base-debuginfo-3.6.15-150300.10.65.1 * openSUSE Leap Micro 5.4 (aarch64 s390x x86_64) * libpython3_6m1_0-3.6.15-150300.10.65.1 * python3-debuginfo-3.6.15-150300.10.65.2 * python3-debugsource-3.6.15-150300.10.65.2 * python3-3.6.15-150300.10.65.2 * python3-core-debugsource-3.6.15-150300.10.65.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.65.1 * python3-base-3.6.15-150300.10.65.1 * python3-base-debuginfo-3.6.15-150300.10.65.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * python3-dbm-debuginfo-3.6.15-150300.10.65.2 * python3-debuginfo-3.6.15-150300.10.65.2 * python3-doc-devhelp-3.6.15-150300.10.65.1 * python3-devel-debuginfo-3.6.15-150300.10.65.1 * python3-testsuite-3.6.15-150300.10.65.1 * python3-base-debuginfo-3.6.15-150300.10.65.1 * python3-debugsource-3.6.15-150300.10.65.2 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.65.1 * python3-curses-3.6.15-150300.10.65.2 * python3-idle-3.6.15-150300.10.65.2 * python3-tools-3.6.15-150300.10.65.1 * python3-base-3.6.15-150300.10.65.1 * libpython3_6m1_0-3.6.15-150300.10.65.1 * python3-tk-3.6.15-150300.10.65.2 * python3-3.6.15-150300.10.65.2 * python3-devel-3.6.15-150300.10.65.1 * python3-tk-debuginfo-3.6.15-150300.10.65.2 * python3-dbm-3.6.15-150300.10.65.2 * python3-core-debugsource-3.6.15-150300.10.65.1 * python3-testsuite-debuginfo-3.6.15-150300.10.65.1 * python3-doc-3.6.15-150300.10.65.1 * python3-curses-debuginfo-3.6.15-150300.10.65.2 * openSUSE Leap 15.5 (x86_64) * libpython3_6m1_0-32bit-3.6.15-150300.10.65.1 * libpython3_6m1_0-32bit-debuginfo-3.6.15-150300.10.65.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * python3-dbm-debuginfo-3.6.15-150300.10.65.2 * python3-debuginfo-3.6.15-150300.10.65.2 * python3-doc-devhelp-3.6.15-150300.10.65.1 * python3-devel-debuginfo-3.6.15-150300.10.65.1 * python3-testsuite-3.6.15-150300.10.65.1 * python3-base-debuginfo-3.6.15-150300.10.65.1 * python3-debugsource-3.6.15-150300.10.65.2 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.65.1 * python3-curses-3.6.15-150300.10.65.2 * python3-idle-3.6.15-150300.10.65.2 * python3-tools-3.6.15-150300.10.65.1 * python3-base-3.6.15-150300.10.65.1 * libpython3_6m1_0-3.6.15-150300.10.65.1 * python3-tk-3.6.15-150300.10.65.2 * python3-3.6.15-150300.10.65.2 * python3-devel-3.6.15-150300.10.65.1 * python3-tk-debuginfo-3.6.15-150300.10.65.2 * python3-dbm-3.6.15-150300.10.65.2 * python3-core-debugsource-3.6.15-150300.10.65.1 * python3-testsuite-debuginfo-3.6.15-150300.10.65.1 * python3-doc-3.6.15-150300.10.65.1 * python3-curses-debuginfo-3.6.15-150300.10.65.2 * openSUSE Leap 15.6 (x86_64) * libpython3_6m1_0-32bit-3.6.15-150300.10.65.1 * libpython3_6m1_0-32bit-debuginfo-3.6.15-150300.10.65.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * libpython3_6m1_0-3.6.15-150300.10.65.1 * python3-debuginfo-3.6.15-150300.10.65.2 * python3-debugsource-3.6.15-150300.10.65.2 * python3-3.6.15-150300.10.65.2 * python3-core-debugsource-3.6.15-150300.10.65.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.65.1 * python3-base-3.6.15-150300.10.65.1 * python3-base-debuginfo-3.6.15-150300.10.65.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * libpython3_6m1_0-3.6.15-150300.10.65.1 * python3-debuginfo-3.6.15-150300.10.65.2 * python3-debugsource-3.6.15-150300.10.65.2 * python3-3.6.15-150300.10.65.2 * python3-core-debugsource-3.6.15-150300.10.65.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.65.1 * python3-base-3.6.15-150300.10.65.1 * python3-base-debuginfo-3.6.15-150300.10.65.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * libpython3_6m1_0-3.6.15-150300.10.65.1 * python3-debuginfo-3.6.15-150300.10.65.2 * python3-debugsource-3.6.15-150300.10.65.2 * python3-3.6.15-150300.10.65.2 * python3-core-debugsource-3.6.15-150300.10.65.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.65.1 * python3-base-3.6.15-150300.10.65.1 * python3-base-debuginfo-3.6.15-150300.10.65.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * libpython3_6m1_0-3.6.15-150300.10.65.1 * python3-debuginfo-3.6.15-150300.10.65.2 * python3-debugsource-3.6.15-150300.10.65.2 * python3-3.6.15-150300.10.65.2 * python3-core-debugsource-3.6.15-150300.10.65.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.65.1 * python3-base-3.6.15-150300.10.65.1 * python3-base-debuginfo-3.6.15-150300.10.65.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * libpython3_6m1_0-3.6.15-150300.10.65.1 * python3-debuginfo-3.6.15-150300.10.65.2 * python3-debugsource-3.6.15-150300.10.65.2 * python3-3.6.15-150300.10.65.2 * python3-core-debugsource-3.6.15-150300.10.65.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.65.1 * python3-base-3.6.15-150300.10.65.1 * python3-base-debuginfo-3.6.15-150300.10.65.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * libpython3_6m1_0-3.6.15-150300.10.65.1 * python3-dbm-debuginfo-3.6.15-150300.10.65.2 * python3-debuginfo-3.6.15-150300.10.65.2 * python3-debugsource-3.6.15-150300.10.65.2 * python3-3.6.15-150300.10.65.2 * python3-core-debugsource-3.6.15-150300.10.65.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.65.1 * python3-curses-3.6.15-150300.10.65.2 * python3-tk-3.6.15-150300.10.65.2 * python3-devel-3.6.15-150300.10.65.1 * python3-devel-debuginfo-3.6.15-150300.10.65.1 * python3-idle-3.6.15-150300.10.65.2 * python3-dbm-3.6.15-150300.10.65.2 * python3-tk-debuginfo-3.6.15-150300.10.65.2 * python3-curses-debuginfo-3.6.15-150300.10.65.2 * python3-base-3.6.15-150300.10.65.1 * python3-base-debuginfo-3.6.15-150300.10.65.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libpython3_6m1_0-3.6.15-150300.10.65.1 * python3-dbm-debuginfo-3.6.15-150300.10.65.2 * python3-debuginfo-3.6.15-150300.10.65.2 * python3-debugsource-3.6.15-150300.10.65.2 * python3-3.6.15-150300.10.65.2 * python3-core-debugsource-3.6.15-150300.10.65.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.65.1 * python3-curses-3.6.15-150300.10.65.2 * python3-tk-3.6.15-150300.10.65.2 * python3-devel-3.6.15-150300.10.65.1 * python3-devel-debuginfo-3.6.15-150300.10.65.1 * python3-idle-3.6.15-150300.10.65.2 * python3-dbm-3.6.15-150300.10.65.2 * python3-tk-debuginfo-3.6.15-150300.10.65.2 * python3-curses-debuginfo-3.6.15-150300.10.65.2 * python3-base-3.6.15-150300.10.65.1 * python3-base-debuginfo-3.6.15-150300.10.65.1 * Development Tools Module 15-SP5 (aarch64 ppc64le s390x x86_64) * python3-core-debugsource-3.6.15-150300.10.65.1 * python3-tools-3.6.15-150300.10.65.1 * Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64) * python3-core-debugsource-3.6.15-150300.10.65.1 * python3-tools-3.6.15-150300.10.65.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * libpython3_6m1_0-3.6.15-150300.10.65.1 * python3-dbm-debuginfo-3.6.15-150300.10.65.2 * python3-debuginfo-3.6.15-150300.10.65.2 * python3-debugsource-3.6.15-150300.10.65.2 * python3-3.6.15-150300.10.65.2 * python3-core-debugsource-3.6.15-150300.10.65.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.65.1 * python3-curses-3.6.15-150300.10.65.2 * python3-tk-3.6.15-150300.10.65.2 * python3-devel-3.6.15-150300.10.65.1 * python3-devel-debuginfo-3.6.15-150300.10.65.1 * python3-idle-3.6.15-150300.10.65.2 * python3-dbm-3.6.15-150300.10.65.2 * python3-tk-debuginfo-3.6.15-150300.10.65.2 * python3-tools-3.6.15-150300.10.65.1 * python3-curses-debuginfo-3.6.15-150300.10.65.2 * python3-base-3.6.15-150300.10.65.1 * python3-base-debuginfo-3.6.15-150300.10.65.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * libpython3_6m1_0-3.6.15-150300.10.65.1 * python3-dbm-debuginfo-3.6.15-150300.10.65.2 * python3-debuginfo-3.6.15-150300.10.65.2 * python3-debugsource-3.6.15-150300.10.65.2 * python3-3.6.15-150300.10.65.2 * python3-core-debugsource-3.6.15-150300.10.65.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.65.1 * python3-curses-3.6.15-150300.10.65.2 * python3-tk-3.6.15-150300.10.65.2 * python3-devel-3.6.15-150300.10.65.1 * python3-devel-debuginfo-3.6.15-150300.10.65.1 * python3-idle-3.6.15-150300.10.65.2 * python3-dbm-3.6.15-150300.10.65.2 * python3-tk-debuginfo-3.6.15-150300.10.65.2 * python3-tools-3.6.15-150300.10.65.1 * python3-curses-debuginfo-3.6.15-150300.10.65.2 * python3-base-3.6.15-150300.10.65.1 * python3-base-debuginfo-3.6.15-150300.10.65.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * libpython3_6m1_0-3.6.15-150300.10.65.1 * python3-dbm-debuginfo-3.6.15-150300.10.65.2 * python3-debuginfo-3.6.15-150300.10.65.2 * python3-debugsource-3.6.15-150300.10.65.2 * python3-3.6.15-150300.10.65.2 * python3-core-debugsource-3.6.15-150300.10.65.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.65.1 * python3-curses-3.6.15-150300.10.65.2 * python3-tk-3.6.15-150300.10.65.2 * python3-devel-3.6.15-150300.10.65.1 * python3-devel-debuginfo-3.6.15-150300.10.65.1 * python3-idle-3.6.15-150300.10.65.2 * python3-dbm-3.6.15-150300.10.65.2 * python3-tk-debuginfo-3.6.15-150300.10.65.2 * python3-tools-3.6.15-150300.10.65.1 * python3-curses-debuginfo-3.6.15-150300.10.65.2 * python3-base-3.6.15-150300.10.65.1 * python3-base-debuginfo-3.6.15-150300.10.65.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * libpython3_6m1_0-3.6.15-150300.10.65.1 * python3-dbm-debuginfo-3.6.15-150300.10.65.2 * python3-debuginfo-3.6.15-150300.10.65.2 * python3-debugsource-3.6.15-150300.10.65.2 * python3-3.6.15-150300.10.65.2 * python3-core-debugsource-3.6.15-150300.10.65.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.65.1 * python3-curses-3.6.15-150300.10.65.2 * python3-tk-3.6.15-150300.10.65.2 * python3-devel-3.6.15-150300.10.65.1 * python3-devel-debuginfo-3.6.15-150300.10.65.1 * python3-idle-3.6.15-150300.10.65.2 * python3-dbm-3.6.15-150300.10.65.2 * python3-tk-debuginfo-3.6.15-150300.10.65.2 * python3-tools-3.6.15-150300.10.65.1 * python3-curses-debuginfo-3.6.15-150300.10.65.2 * python3-base-3.6.15-150300.10.65.1 * python3-base-debuginfo-3.6.15-150300.10.65.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * libpython3_6m1_0-3.6.15-150300.10.65.1 * python3-dbm-debuginfo-3.6.15-150300.10.65.2 * python3-debuginfo-3.6.15-150300.10.65.2 * python3-debugsource-3.6.15-150300.10.65.2 * python3-3.6.15-150300.10.65.2 * python3-core-debugsource-3.6.15-150300.10.65.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.65.1 * python3-curses-3.6.15-150300.10.65.2 * python3-tk-3.6.15-150300.10.65.2 * python3-devel-3.6.15-150300.10.65.1 * python3-devel-debuginfo-3.6.15-150300.10.65.1 * python3-idle-3.6.15-150300.10.65.2 * python3-dbm-3.6.15-150300.10.65.2 * python3-tk-debuginfo-3.6.15-150300.10.65.2 * python3-tools-3.6.15-150300.10.65.1 * python3-curses-debuginfo-3.6.15-150300.10.65.2 * python3-base-3.6.15-150300.10.65.1 * python3-base-debuginfo-3.6.15-150300.10.65.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * libpython3_6m1_0-3.6.15-150300.10.65.1 * python3-dbm-debuginfo-3.6.15-150300.10.65.2 * python3-debuginfo-3.6.15-150300.10.65.2 * python3-debugsource-3.6.15-150300.10.65.2 * python3-3.6.15-150300.10.65.2 * python3-core-debugsource-3.6.15-150300.10.65.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.65.1 * python3-curses-3.6.15-150300.10.65.2 * python3-tk-3.6.15-150300.10.65.2 * python3-devel-3.6.15-150300.10.65.1 * python3-devel-debuginfo-3.6.15-150300.10.65.1 * python3-idle-3.6.15-150300.10.65.2 * python3-dbm-3.6.15-150300.10.65.2 * python3-tk-debuginfo-3.6.15-150300.10.65.2 * python3-tools-3.6.15-150300.10.65.1 * python3-curses-debuginfo-3.6.15-150300.10.65.2 * python3-base-3.6.15-150300.10.65.1 * python3-base-debuginfo-3.6.15-150300.10.65.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * libpython3_6m1_0-3.6.15-150300.10.65.1 * python3-dbm-debuginfo-3.6.15-150300.10.65.2 * python3-debuginfo-3.6.15-150300.10.65.2 * python3-debugsource-3.6.15-150300.10.65.2 * python3-3.6.15-150300.10.65.2 * python3-core-debugsource-3.6.15-150300.10.65.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.65.1 * python3-curses-3.6.15-150300.10.65.2 * python3-tk-3.6.15-150300.10.65.2 * python3-devel-3.6.15-150300.10.65.1 * python3-devel-debuginfo-3.6.15-150300.10.65.1 * python3-idle-3.6.15-150300.10.65.2 * python3-dbm-3.6.15-150300.10.65.2 * python3-tk-debuginfo-3.6.15-150300.10.65.2 * python3-tools-3.6.15-150300.10.65.1 * python3-curses-debuginfo-3.6.15-150300.10.65.2 * python3-base-3.6.15-150300.10.65.1 * python3-base-debuginfo-3.6.15-150300.10.65.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * libpython3_6m1_0-3.6.15-150300.10.65.1 * python3-dbm-debuginfo-3.6.15-150300.10.65.2 * python3-debuginfo-3.6.15-150300.10.65.2 * python3-debugsource-3.6.15-150300.10.65.2 * python3-3.6.15-150300.10.65.2 * python3-core-debugsource-3.6.15-150300.10.65.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.65.1 * python3-curses-3.6.15-150300.10.65.2 * python3-tk-3.6.15-150300.10.65.2 * python3-devel-3.6.15-150300.10.65.1 * python3-devel-debuginfo-3.6.15-150300.10.65.1 * python3-idle-3.6.15-150300.10.65.2 * python3-dbm-3.6.15-150300.10.65.2 * python3-tk-debuginfo-3.6.15-150300.10.65.2 * python3-tools-3.6.15-150300.10.65.1 * python3-curses-debuginfo-3.6.15-150300.10.65.2 * python3-base-3.6.15-150300.10.65.1 * python3-base-debuginfo-3.6.15-150300.10.65.1 * SUSE Manager Proxy 4.3 (x86_64) * libpython3_6m1_0-3.6.15-150300.10.65.1 * python3-dbm-debuginfo-3.6.15-150300.10.65.2 * python3-debuginfo-3.6.15-150300.10.65.2 * python3-debugsource-3.6.15-150300.10.65.2 * python3-3.6.15-150300.10.65.2 * python3-core-debugsource-3.6.15-150300.10.65.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.65.1 * python3-curses-3.6.15-150300.10.65.2 * python3-tk-3.6.15-150300.10.65.2 * python3-devel-3.6.15-150300.10.65.1 * python3-devel-debuginfo-3.6.15-150300.10.65.1 * python3-idle-3.6.15-150300.10.65.2 * python3-dbm-3.6.15-150300.10.65.2 * python3-tk-debuginfo-3.6.15-150300.10.65.2 * python3-curses-debuginfo-3.6.15-150300.10.65.2 * python3-base-3.6.15-150300.10.65.1 * python3-base-debuginfo-3.6.15-150300.10.65.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * libpython3_6m1_0-3.6.15-150300.10.65.1 * python3-dbm-debuginfo-3.6.15-150300.10.65.2 * python3-debuginfo-3.6.15-150300.10.65.2 * python3-debugsource-3.6.15-150300.10.65.2 * python3-3.6.15-150300.10.65.2 * python3-core-debugsource-3.6.15-150300.10.65.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.65.1 * python3-curses-3.6.15-150300.10.65.2 * python3-tk-3.6.15-150300.10.65.2 * python3-devel-3.6.15-150300.10.65.1 * python3-devel-debuginfo-3.6.15-150300.10.65.1 * python3-idle-3.6.15-150300.10.65.2 * python3-dbm-3.6.15-150300.10.65.2 * python3-tk-debuginfo-3.6.15-150300.10.65.2 * python3-curses-debuginfo-3.6.15-150300.10.65.2 * python3-base-3.6.15-150300.10.65.1 * python3-base-debuginfo-3.6.15-150300.10.65.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * libpython3_6m1_0-3.6.15-150300.10.65.1 * python3-dbm-debuginfo-3.6.15-150300.10.65.2 * python3-debuginfo-3.6.15-150300.10.65.2 * python3-debugsource-3.6.15-150300.10.65.2 * python3-3.6.15-150300.10.65.2 * python3-core-debugsource-3.6.15-150300.10.65.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.65.1 * python3-curses-3.6.15-150300.10.65.2 * python3-tk-3.6.15-150300.10.65.2 * python3-devel-3.6.15-150300.10.65.1 * python3-devel-debuginfo-3.6.15-150300.10.65.1 * python3-idle-3.6.15-150300.10.65.2 * python3-dbm-3.6.15-150300.10.65.2 * python3-tk-debuginfo-3.6.15-150300.10.65.2 * python3-curses-debuginfo-3.6.15-150300.10.65.2 * python3-base-3.6.15-150300.10.65.1 * python3-base-debuginfo-3.6.15-150300.10.65.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * libpython3_6m1_0-3.6.15-150300.10.65.1 * python3-dbm-debuginfo-3.6.15-150300.10.65.2 * python3-debuginfo-3.6.15-150300.10.65.2 * python3-debugsource-3.6.15-150300.10.65.2 * python3-3.6.15-150300.10.65.2 * python3-core-debugsource-3.6.15-150300.10.65.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.65.1 * python3-curses-3.6.15-150300.10.65.2 * python3-tk-3.6.15-150300.10.65.2 * python3-devel-3.6.15-150300.10.65.1 * python3-devel-debuginfo-3.6.15-150300.10.65.1 * python3-idle-3.6.15-150300.10.65.2 * python3-dbm-3.6.15-150300.10.65.2 * python3-tk-debuginfo-3.6.15-150300.10.65.2 * python3-tools-3.6.15-150300.10.65.1 * python3-curses-debuginfo-3.6.15-150300.10.65.2 * python3-base-3.6.15-150300.10.65.1 * python3-base-debuginfo-3.6.15-150300.10.65.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * libpython3_6m1_0-3.6.15-150300.10.65.1 * python3-debuginfo-3.6.15-150300.10.65.2 * python3-debugsource-3.6.15-150300.10.65.2 * python3-3.6.15-150300.10.65.2 * python3-core-debugsource-3.6.15-150300.10.65.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.65.1 * python3-base-3.6.15-150300.10.65.1 * python3-base-debuginfo-3.6.15-150300.10.65.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * libpython3_6m1_0-3.6.15-150300.10.65.1 * python3-debuginfo-3.6.15-150300.10.65.2 * python3-debugsource-3.6.15-150300.10.65.2 * python3-3.6.15-150300.10.65.2 * python3-core-debugsource-3.6.15-150300.10.65.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.65.1 * python3-base-3.6.15-150300.10.65.1 * python3-base-debuginfo-3.6.15-150300.10.65.1 ## References: * https://www.suse.com/security/cve/CVE-2023-52425.html * https://www.suse.com/security/cve/CVE-2024-0397.html * https://www.suse.com/security/cve/CVE-2024-0450.html * https://www.suse.com/security/cve/CVE-2024-4032.html * https://bugzilla.suse.com/show_bug.cgi?id=1219559 * https://bugzilla.suse.com/show_bug.cgi?id=1220664 * https://bugzilla.suse.com/show_bug.cgi?id=1221563 * https://bugzilla.suse.com/show_bug.cgi?id=1221854 * https://bugzilla.suse.com/show_bug.cgi?id=1222075 * https://bugzilla.suse.com/show_bug.cgi?id=1226447 * https://bugzilla.suse.com/show_bug.cgi?id=1226448 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jul 15 20:33:04 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 15 Jul 2024 20:33:04 -0000 Subject: SUSE-SU-2024:2479-1: important: Security update for python3 Message-ID: <172107558405.7712.13974135160982718129@smelt2.prg2.suse.org> # Security update for python3 Announcement ID: SUSE-SU-2024:2479-1 Rating: important References: * bsc#1219559 * bsc#1220664 * bsc#1221563 * bsc#1221854 * bsc#1222075 * bsc#1226447 * bsc#1226448 Cross-References: * CVE-2023-52425 * CVE-2024-0397 * CVE-2024-0450 * CVE-2024-4032 CVSS scores: * CVE-2023-52425 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52425 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0397 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L * CVE-2024-0450 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-4032 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * Basesystem Module 15-SP5 * Basesystem Module 15-SP6 * Development Tools Module 15-SP5 * Development Tools Module 15-SP6 * openSUSE Leap 15.3 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * openSUSE Leap Micro 5.3 * openSUSE Leap Micro 5.4 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves four vulnerabilities and has three security fixes can now be installed. ## Description: This update for python3 fixes the following issues: * CVE-2023-52425: Fixed backport so it uses features sniffing, not just comparing version number (bsc#1219559). * CVE-2024-0450: Fixed detecting the vulnerability of "quoted-overlap" zipbomb (bsc#1221854). * CVE-2024-4032: Rearranging definition of private v global IP. (bsc#1226448) * CVE-2024-0397: Remove a memory race condition in ssl.SSLContext certificate store methods. (bsc#1226447) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-2479=1 * openSUSE Leap Micro 5.3 zypper in -t patch openSUSE-Leap-Micro-5.3-2024-2479=1 * openSUSE Leap Micro 5.4 zypper in -t patch openSUSE-Leap-Micro-5.4-2024-2479=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-2479=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-2479=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-2479=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-2479=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-2479=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-2479=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-2479=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-2479=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-2479=1 * Development Tools Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2024-2479=1 * Development Tools Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2024-2479=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-2479=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-2479=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-2479=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-2479=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-2479=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-2479=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-2479=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-2479=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-2479=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-2479=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-2479=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-2479=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-2479=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-2479=1 ## Package List: * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * python3-idle-3.6.15-150300.10.65.2 * python3-doc-3.6.15-150300.10.65.1 * python3-tools-3.6.15-150300.10.65.1 * libpython3_6m1_0-3.6.15-150300.10.65.1 * python3-curses-3.6.15-150300.10.65.2 * python3-debuginfo-3.6.15-150300.10.65.2 * python3-base-debuginfo-3.6.15-150300.10.65.1 * python3-testsuite-3.6.15-150300.10.65.1 * python3-tk-debuginfo-3.6.15-150300.10.65.2 * python3-debugsource-3.6.15-150300.10.65.2 * python3-dbm-debuginfo-3.6.15-150300.10.65.2 * python3-doc-devhelp-3.6.15-150300.10.65.1 * python3-3.6.15-150300.10.65.2 * python3-curses-debuginfo-3.6.15-150300.10.65.2 * python3-base-3.6.15-150300.10.65.1 * python3-devel-debuginfo-3.6.15-150300.10.65.1 * python3-devel-3.6.15-150300.10.65.1 * python3-tk-3.6.15-150300.10.65.2 * python3-testsuite-debuginfo-3.6.15-150300.10.65.1 * python3-core-debugsource-3.6.15-150300.10.65.1 * python3-dbm-3.6.15-150300.10.65.2 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.65.1 * openSUSE Leap 15.3 (x86_64) * libpython3_6m1_0-32bit-debuginfo-3.6.15-150300.10.65.1 * libpython3_6m1_0-32bit-3.6.15-150300.10.65.1 * openSUSE Leap 15.3 (aarch64_ilp32) * libpython3_6m1_0-64bit-debuginfo-3.6.15-150300.10.65.1 * libpython3_6m1_0-64bit-3.6.15-150300.10.65.1 * openSUSE Leap Micro 5.3 (aarch64 x86_64) * python3-3.6.15-150300.10.65.2 * python3-base-debuginfo-3.6.15-150300.10.65.1 * python3-debuginfo-3.6.15-150300.10.65.2 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.65.1 * python3-base-3.6.15-150300.10.65.1 * python3-debugsource-3.6.15-150300.10.65.2 * libpython3_6m1_0-3.6.15-150300.10.65.1 * python3-core-debugsource-3.6.15-150300.10.65.1 * openSUSE Leap Micro 5.4 (aarch64 s390x x86_64) * python3-3.6.15-150300.10.65.2 * python3-base-debuginfo-3.6.15-150300.10.65.1 * python3-debuginfo-3.6.15-150300.10.65.2 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.65.1 * python3-base-3.6.15-150300.10.65.1 * python3-debugsource-3.6.15-150300.10.65.2 * libpython3_6m1_0-3.6.15-150300.10.65.1 * python3-core-debugsource-3.6.15-150300.10.65.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * python3-idle-3.6.15-150300.10.65.2 * python3-doc-3.6.15-150300.10.65.1 * python3-tools-3.6.15-150300.10.65.1 * libpython3_6m1_0-3.6.15-150300.10.65.1 * python3-curses-3.6.15-150300.10.65.2 * python3-base-debuginfo-3.6.15-150300.10.65.1 * python3-debuginfo-3.6.15-150300.10.65.2 * python3-testsuite-3.6.15-150300.10.65.1 * python3-tk-debuginfo-3.6.15-150300.10.65.2 * python3-debugsource-3.6.15-150300.10.65.2 * python3-dbm-debuginfo-3.6.15-150300.10.65.2 * python3-doc-devhelp-3.6.15-150300.10.65.1 * python3-3.6.15-150300.10.65.2 * python3-curses-debuginfo-3.6.15-150300.10.65.2 * python3-base-3.6.15-150300.10.65.1 * python3-devel-debuginfo-3.6.15-150300.10.65.1 * python3-devel-3.6.15-150300.10.65.1 * python3-tk-3.6.15-150300.10.65.2 * python3-testsuite-debuginfo-3.6.15-150300.10.65.1 * python3-core-debugsource-3.6.15-150300.10.65.1 * python3-dbm-3.6.15-150300.10.65.2 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.65.1 * openSUSE Leap 15.5 (x86_64) * libpython3_6m1_0-32bit-debuginfo-3.6.15-150300.10.65.1 * libpython3_6m1_0-32bit-3.6.15-150300.10.65.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * python3-idle-3.6.15-150300.10.65.2 * python3-doc-3.6.15-150300.10.65.1 * python3-tools-3.6.15-150300.10.65.1 * libpython3_6m1_0-3.6.15-150300.10.65.1 * python3-curses-3.6.15-150300.10.65.2 * python3-base-debuginfo-3.6.15-150300.10.65.1 * python3-debuginfo-3.6.15-150300.10.65.2 * python3-testsuite-3.6.15-150300.10.65.1 * python3-tk-debuginfo-3.6.15-150300.10.65.2 * python3-debugsource-3.6.15-150300.10.65.2 * python3-dbm-debuginfo-3.6.15-150300.10.65.2 * python3-doc-devhelp-3.6.15-150300.10.65.1 * python3-3.6.15-150300.10.65.2 * python3-curses-debuginfo-3.6.15-150300.10.65.2 * python3-base-3.6.15-150300.10.65.1 * python3-devel-debuginfo-3.6.15-150300.10.65.1 * python3-devel-3.6.15-150300.10.65.1 * python3-tk-3.6.15-150300.10.65.2 * python3-testsuite-debuginfo-3.6.15-150300.10.65.1 * python3-core-debugsource-3.6.15-150300.10.65.1 * python3-dbm-3.6.15-150300.10.65.2 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.65.1 * openSUSE Leap 15.6 (x86_64) * libpython3_6m1_0-32bit-debuginfo-3.6.15-150300.10.65.1 * libpython3_6m1_0-32bit-3.6.15-150300.10.65.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * python3-3.6.15-150300.10.65.2 * python3-base-debuginfo-3.6.15-150300.10.65.1 * python3-debuginfo-3.6.15-150300.10.65.2 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.65.1 * python3-base-3.6.15-150300.10.65.1 * python3-debugsource-3.6.15-150300.10.65.2 * libpython3_6m1_0-3.6.15-150300.10.65.1 * python3-core-debugsource-3.6.15-150300.10.65.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * python3-3.6.15-150300.10.65.2 * python3-base-debuginfo-3.6.15-150300.10.65.1 * python3-debuginfo-3.6.15-150300.10.65.2 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.65.1 * python3-base-3.6.15-150300.10.65.1 * python3-debugsource-3.6.15-150300.10.65.2 * libpython3_6m1_0-3.6.15-150300.10.65.1 * python3-core-debugsource-3.6.15-150300.10.65.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * python3-3.6.15-150300.10.65.2 * python3-base-debuginfo-3.6.15-150300.10.65.1 * python3-debuginfo-3.6.15-150300.10.65.2 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.65.1 * python3-base-3.6.15-150300.10.65.1 * python3-debugsource-3.6.15-150300.10.65.2 * libpython3_6m1_0-3.6.15-150300.10.65.1 * python3-core-debugsource-3.6.15-150300.10.65.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * python3-3.6.15-150300.10.65.2 * python3-base-debuginfo-3.6.15-150300.10.65.1 * python3-debuginfo-3.6.15-150300.10.65.2 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.65.1 * python3-base-3.6.15-150300.10.65.1 * python3-debugsource-3.6.15-150300.10.65.2 * libpython3_6m1_0-3.6.15-150300.10.65.1 * python3-core-debugsource-3.6.15-150300.10.65.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * python3-3.6.15-150300.10.65.2 * python3-base-debuginfo-3.6.15-150300.10.65.1 * python3-debuginfo-3.6.15-150300.10.65.2 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.65.1 * python3-base-3.6.15-150300.10.65.1 * python3-debugsource-3.6.15-150300.10.65.2 * libpython3_6m1_0-3.6.15-150300.10.65.1 * python3-core-debugsource-3.6.15-150300.10.65.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * python3-dbm-3.6.15-150300.10.65.2 * python3-3.6.15-150300.10.65.2 * python3-base-debuginfo-3.6.15-150300.10.65.1 * python3-curses-3.6.15-150300.10.65.2 * python3-debuginfo-3.6.15-150300.10.65.2 * python3-idle-3.6.15-150300.10.65.2 * python3-tk-3.6.15-150300.10.65.2 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.65.1 * python3-curses-debuginfo-3.6.15-150300.10.65.2 * python3-base-3.6.15-150300.10.65.1 * python3-devel-debuginfo-3.6.15-150300.10.65.1 * python3-tk-debuginfo-3.6.15-150300.10.65.2 * python3-debugsource-3.6.15-150300.10.65.2 * python3-devel-3.6.15-150300.10.65.1 * python3-dbm-debuginfo-3.6.15-150300.10.65.2 * libpython3_6m1_0-3.6.15-150300.10.65.1 * python3-core-debugsource-3.6.15-150300.10.65.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * python3-dbm-3.6.15-150300.10.65.2 * python3-3.6.15-150300.10.65.2 * python3-base-debuginfo-3.6.15-150300.10.65.1 * python3-curses-3.6.15-150300.10.65.2 * python3-debuginfo-3.6.15-150300.10.65.2 * python3-idle-3.6.15-150300.10.65.2 * python3-tk-3.6.15-150300.10.65.2 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.65.1 * python3-curses-debuginfo-3.6.15-150300.10.65.2 * python3-base-3.6.15-150300.10.65.1 * python3-devel-debuginfo-3.6.15-150300.10.65.1 * python3-tk-debuginfo-3.6.15-150300.10.65.2 * python3-debugsource-3.6.15-150300.10.65.2 * python3-devel-3.6.15-150300.10.65.1 * python3-dbm-debuginfo-3.6.15-150300.10.65.2 * libpython3_6m1_0-3.6.15-150300.10.65.1 * python3-core-debugsource-3.6.15-150300.10.65.1 * Development Tools Module 15-SP5 (aarch64 ppc64le s390x x86_64) * python3-tools-3.6.15-150300.10.65.1 * python3-core-debugsource-3.6.15-150300.10.65.1 * Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64) * python3-tools-3.6.15-150300.10.65.1 * python3-core-debugsource-3.6.15-150300.10.65.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * python3-dbm-3.6.15-150300.10.65.2 * python3-3.6.15-150300.10.65.2 * python3-base-debuginfo-3.6.15-150300.10.65.1 * python3-curses-3.6.15-150300.10.65.2 * python3-debuginfo-3.6.15-150300.10.65.2 * python3-idle-3.6.15-150300.10.65.2 * python3-tk-3.6.15-150300.10.65.2 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.65.1 * python3-curses-debuginfo-3.6.15-150300.10.65.2 * python3-base-3.6.15-150300.10.65.1 * python3-devel-debuginfo-3.6.15-150300.10.65.1 * python3-tk-debuginfo-3.6.15-150300.10.65.2 * python3-tools-3.6.15-150300.10.65.1 * python3-debugsource-3.6.15-150300.10.65.2 * python3-devel-3.6.15-150300.10.65.1 * python3-dbm-debuginfo-3.6.15-150300.10.65.2 * libpython3_6m1_0-3.6.15-150300.10.65.1 * python3-core-debugsource-3.6.15-150300.10.65.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * python3-dbm-3.6.15-150300.10.65.2 * python3-3.6.15-150300.10.65.2 * python3-base-debuginfo-3.6.15-150300.10.65.1 * python3-curses-3.6.15-150300.10.65.2 * python3-debuginfo-3.6.15-150300.10.65.2 * python3-idle-3.6.15-150300.10.65.2 * python3-tk-3.6.15-150300.10.65.2 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.65.1 * python3-curses-debuginfo-3.6.15-150300.10.65.2 * python3-base-3.6.15-150300.10.65.1 * python3-devel-debuginfo-3.6.15-150300.10.65.1 * python3-tk-debuginfo-3.6.15-150300.10.65.2 * python3-tools-3.6.15-150300.10.65.1 * python3-debugsource-3.6.15-150300.10.65.2 * python3-devel-3.6.15-150300.10.65.1 * python3-dbm-debuginfo-3.6.15-150300.10.65.2 * libpython3_6m1_0-3.6.15-150300.10.65.1 * python3-core-debugsource-3.6.15-150300.10.65.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * python3-dbm-3.6.15-150300.10.65.2 * python3-3.6.15-150300.10.65.2 * python3-base-debuginfo-3.6.15-150300.10.65.1 * python3-curses-3.6.15-150300.10.65.2 * python3-debuginfo-3.6.15-150300.10.65.2 * python3-idle-3.6.15-150300.10.65.2 * python3-tk-3.6.15-150300.10.65.2 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.65.1 * python3-curses-debuginfo-3.6.15-150300.10.65.2 * python3-base-3.6.15-150300.10.65.1 * python3-devel-debuginfo-3.6.15-150300.10.65.1 * python3-tk-debuginfo-3.6.15-150300.10.65.2 * python3-tools-3.6.15-150300.10.65.1 * python3-debugsource-3.6.15-150300.10.65.2 * python3-devel-3.6.15-150300.10.65.1 * python3-dbm-debuginfo-3.6.15-150300.10.65.2 * libpython3_6m1_0-3.6.15-150300.10.65.1 * python3-core-debugsource-3.6.15-150300.10.65.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * python3-dbm-3.6.15-150300.10.65.2 * python3-3.6.15-150300.10.65.2 * python3-base-debuginfo-3.6.15-150300.10.65.1 * python3-curses-3.6.15-150300.10.65.2 * python3-debuginfo-3.6.15-150300.10.65.2 * python3-idle-3.6.15-150300.10.65.2 * python3-tk-3.6.15-150300.10.65.2 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.65.1 * python3-curses-debuginfo-3.6.15-150300.10.65.2 * python3-base-3.6.15-150300.10.65.1 * python3-devel-debuginfo-3.6.15-150300.10.65.1 * python3-tk-debuginfo-3.6.15-150300.10.65.2 * python3-tools-3.6.15-150300.10.65.1 * python3-debugsource-3.6.15-150300.10.65.2 * python3-devel-3.6.15-150300.10.65.1 * python3-dbm-debuginfo-3.6.15-150300.10.65.2 * libpython3_6m1_0-3.6.15-150300.10.65.1 * python3-core-debugsource-3.6.15-150300.10.65.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * python3-dbm-3.6.15-150300.10.65.2 * python3-3.6.15-150300.10.65.2 * python3-base-debuginfo-3.6.15-150300.10.65.1 * python3-curses-3.6.15-150300.10.65.2 * python3-debuginfo-3.6.15-150300.10.65.2 * python3-idle-3.6.15-150300.10.65.2 * python3-tk-3.6.15-150300.10.65.2 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.65.1 * python3-curses-debuginfo-3.6.15-150300.10.65.2 * python3-base-3.6.15-150300.10.65.1 * python3-devel-debuginfo-3.6.15-150300.10.65.1 * python3-tk-debuginfo-3.6.15-150300.10.65.2 * python3-tools-3.6.15-150300.10.65.1 * python3-debugsource-3.6.15-150300.10.65.2 * python3-devel-3.6.15-150300.10.65.1 * python3-dbm-debuginfo-3.6.15-150300.10.65.2 * libpython3_6m1_0-3.6.15-150300.10.65.1 * python3-core-debugsource-3.6.15-150300.10.65.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * python3-dbm-3.6.15-150300.10.65.2 * python3-3.6.15-150300.10.65.2 * python3-base-debuginfo-3.6.15-150300.10.65.1 * python3-curses-3.6.15-150300.10.65.2 * python3-debuginfo-3.6.15-150300.10.65.2 * python3-idle-3.6.15-150300.10.65.2 * python3-tk-3.6.15-150300.10.65.2 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.65.1 * python3-curses-debuginfo-3.6.15-150300.10.65.2 * python3-base-3.6.15-150300.10.65.1 * python3-devel-debuginfo-3.6.15-150300.10.65.1 * python3-tk-debuginfo-3.6.15-150300.10.65.2 * python3-tools-3.6.15-150300.10.65.1 * python3-debugsource-3.6.15-150300.10.65.2 * python3-devel-3.6.15-150300.10.65.1 * python3-dbm-debuginfo-3.6.15-150300.10.65.2 * libpython3_6m1_0-3.6.15-150300.10.65.1 * python3-core-debugsource-3.6.15-150300.10.65.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * python3-dbm-3.6.15-150300.10.65.2 * python3-3.6.15-150300.10.65.2 * python3-base-debuginfo-3.6.15-150300.10.65.1 * python3-curses-3.6.15-150300.10.65.2 * python3-debuginfo-3.6.15-150300.10.65.2 * python3-idle-3.6.15-150300.10.65.2 * python3-tk-3.6.15-150300.10.65.2 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.65.1 * python3-curses-debuginfo-3.6.15-150300.10.65.2 * python3-base-3.6.15-150300.10.65.1 * python3-devel-debuginfo-3.6.15-150300.10.65.1 * python3-tk-debuginfo-3.6.15-150300.10.65.2 * python3-tools-3.6.15-150300.10.65.1 * python3-debugsource-3.6.15-150300.10.65.2 * python3-devel-3.6.15-150300.10.65.1 * python3-dbm-debuginfo-3.6.15-150300.10.65.2 * libpython3_6m1_0-3.6.15-150300.10.65.1 * python3-core-debugsource-3.6.15-150300.10.65.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * python3-dbm-3.6.15-150300.10.65.2 * python3-3.6.15-150300.10.65.2 * python3-base-debuginfo-3.6.15-150300.10.65.1 * python3-curses-3.6.15-150300.10.65.2 * python3-debuginfo-3.6.15-150300.10.65.2 * python3-idle-3.6.15-150300.10.65.2 * python3-tk-3.6.15-150300.10.65.2 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.65.1 * python3-curses-debuginfo-3.6.15-150300.10.65.2 * python3-base-3.6.15-150300.10.65.1 * python3-devel-debuginfo-3.6.15-150300.10.65.1 * python3-tk-debuginfo-3.6.15-150300.10.65.2 * python3-tools-3.6.15-150300.10.65.1 * python3-debugsource-3.6.15-150300.10.65.2 * python3-devel-3.6.15-150300.10.65.1 * python3-dbm-debuginfo-3.6.15-150300.10.65.2 * libpython3_6m1_0-3.6.15-150300.10.65.1 * python3-core-debugsource-3.6.15-150300.10.65.1 * SUSE Manager Proxy 4.3 (x86_64) * python3-dbm-3.6.15-150300.10.65.2 * python3-3.6.15-150300.10.65.2 * python3-base-debuginfo-3.6.15-150300.10.65.1 * python3-curses-3.6.15-150300.10.65.2 * python3-debuginfo-3.6.15-150300.10.65.2 * python3-idle-3.6.15-150300.10.65.2 * python3-tk-3.6.15-150300.10.65.2 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.65.1 * python3-curses-debuginfo-3.6.15-150300.10.65.2 * python3-base-3.6.15-150300.10.65.1 * python3-devel-debuginfo-3.6.15-150300.10.65.1 * python3-tk-debuginfo-3.6.15-150300.10.65.2 * python3-debugsource-3.6.15-150300.10.65.2 * python3-devel-3.6.15-150300.10.65.1 * python3-dbm-debuginfo-3.6.15-150300.10.65.2 * libpython3_6m1_0-3.6.15-150300.10.65.1 * python3-core-debugsource-3.6.15-150300.10.65.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * python3-dbm-3.6.15-150300.10.65.2 * python3-3.6.15-150300.10.65.2 * python3-base-debuginfo-3.6.15-150300.10.65.1 * python3-curses-3.6.15-150300.10.65.2 * python3-debuginfo-3.6.15-150300.10.65.2 * python3-idle-3.6.15-150300.10.65.2 * python3-tk-3.6.15-150300.10.65.2 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.65.1 * python3-curses-debuginfo-3.6.15-150300.10.65.2 * python3-base-3.6.15-150300.10.65.1 * python3-devel-debuginfo-3.6.15-150300.10.65.1 * python3-tk-debuginfo-3.6.15-150300.10.65.2 * python3-debugsource-3.6.15-150300.10.65.2 * python3-devel-3.6.15-150300.10.65.1 * python3-dbm-debuginfo-3.6.15-150300.10.65.2 * libpython3_6m1_0-3.6.15-150300.10.65.1 * python3-core-debugsource-3.6.15-150300.10.65.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * python3-dbm-3.6.15-150300.10.65.2 * python3-3.6.15-150300.10.65.2 * python3-base-debuginfo-3.6.15-150300.10.65.1 * python3-curses-3.6.15-150300.10.65.2 * python3-debuginfo-3.6.15-150300.10.65.2 * python3-idle-3.6.15-150300.10.65.2 * python3-tk-3.6.15-150300.10.65.2 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.65.1 * python3-curses-debuginfo-3.6.15-150300.10.65.2 * python3-base-3.6.15-150300.10.65.1 * python3-devel-debuginfo-3.6.15-150300.10.65.1 * python3-tk-debuginfo-3.6.15-150300.10.65.2 * python3-debugsource-3.6.15-150300.10.65.2 * python3-devel-3.6.15-150300.10.65.1 * python3-dbm-debuginfo-3.6.15-150300.10.65.2 * libpython3_6m1_0-3.6.15-150300.10.65.1 * python3-core-debugsource-3.6.15-150300.10.65.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * python3-dbm-3.6.15-150300.10.65.2 * python3-3.6.15-150300.10.65.2 * python3-base-debuginfo-3.6.15-150300.10.65.1 * python3-curses-3.6.15-150300.10.65.2 * python3-debuginfo-3.6.15-150300.10.65.2 * python3-idle-3.6.15-150300.10.65.2 * python3-tk-3.6.15-150300.10.65.2 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.65.1 * python3-curses-debuginfo-3.6.15-150300.10.65.2 * python3-base-3.6.15-150300.10.65.1 * python3-devel-debuginfo-3.6.15-150300.10.65.1 * python3-tk-debuginfo-3.6.15-150300.10.65.2 * python3-tools-3.6.15-150300.10.65.1 * python3-debugsource-3.6.15-150300.10.65.2 * python3-devel-3.6.15-150300.10.65.1 * python3-dbm-debuginfo-3.6.15-150300.10.65.2 * libpython3_6m1_0-3.6.15-150300.10.65.1 * python3-core-debugsource-3.6.15-150300.10.65.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * python3-3.6.15-150300.10.65.2 * python3-base-debuginfo-3.6.15-150300.10.65.1 * python3-debuginfo-3.6.15-150300.10.65.2 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.65.1 * python3-base-3.6.15-150300.10.65.1 * python3-debugsource-3.6.15-150300.10.65.2 * libpython3_6m1_0-3.6.15-150300.10.65.1 * python3-core-debugsource-3.6.15-150300.10.65.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * python3-3.6.15-150300.10.65.2 * python3-base-debuginfo-3.6.15-150300.10.65.1 * python3-debuginfo-3.6.15-150300.10.65.2 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.65.1 * python3-base-3.6.15-150300.10.65.1 * python3-debugsource-3.6.15-150300.10.65.2 * libpython3_6m1_0-3.6.15-150300.10.65.1 * python3-core-debugsource-3.6.15-150300.10.65.1 ## References: * https://www.suse.com/security/cve/CVE-2023-52425.html * https://www.suse.com/security/cve/CVE-2024-0397.html * https://www.suse.com/security/cve/CVE-2024-0450.html * https://www.suse.com/security/cve/CVE-2024-4032.html * https://bugzilla.suse.com/show_bug.cgi?id=1219559 * https://bugzilla.suse.com/show_bug.cgi?id=1220664 * https://bugzilla.suse.com/show_bug.cgi?id=1221563 * https://bugzilla.suse.com/show_bug.cgi?id=1221854 * https://bugzilla.suse.com/show_bug.cgi?id=1222075 * https://bugzilla.suse.com/show_bug.cgi?id=1226447 * https://bugzilla.suse.com/show_bug.cgi?id=1226448 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jul 15 20:36:06 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 15 Jul 2024 20:36:06 -0000 Subject: SUSE-SU-2024:2479-1: important: Security update for python3 Message-ID: <172107576678.29517.8188219350956511781@smelt2.prg2.suse.org> # Security update for python3 Announcement ID: SUSE-SU-2024:2479-1 Rating: important References: * bsc#1219559 * bsc#1220664 * bsc#1221563 * bsc#1221854 * bsc#1222075 * bsc#1226447 * bsc#1226448 Cross-References: * CVE-2023-52425 * CVE-2024-0397 * CVE-2024-0450 * CVE-2024-4032 CVSS scores: * CVE-2023-52425 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52425 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0397 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L * CVE-2024-0450 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-4032 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * Basesystem Module 15-SP5 * Basesystem Module 15-SP6 * Development Tools Module 15-SP5 * Development Tools Module 15-SP6 * openSUSE Leap 15.3 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * openSUSE Leap Micro 5.3 * openSUSE Leap Micro 5.4 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves four vulnerabilities and has three security fixes can now be installed. ## Description: This update for python3 fixes the following issues: * CVE-2023-52425: Fixed backport so it uses features sniffing, not just comparing version number (bsc#1219559). * CVE-2024-0450: Fixed detecting the vulnerability of "quoted-overlap" zipbomb (bsc#1221854). * CVE-2024-4032: Rearranging definition of private v global IP. (bsc#1226448) * CVE-2024-0397: Remove a memory race condition in ssl.SSLContext certificate store methods. (bsc#1226447) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-2479=1 * openSUSE Leap Micro 5.3 zypper in -t patch openSUSE-Leap-Micro-5.3-2024-2479=1 * openSUSE Leap Micro 5.4 zypper in -t patch openSUSE-Leap-Micro-5.4-2024-2479=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-2479=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-2479=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-2479=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-2479=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-2479=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-2479=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-2479=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-2479=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-2479=1 * Development Tools Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2024-2479=1 * Development Tools Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2024-2479=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-2479=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-2479=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-2479=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-2479=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-2479=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-2479=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-2479=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-2479=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-2479=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-2479=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-2479=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-2479=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-2479=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-2479=1 ## Package List: * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * python3-dbm-debuginfo-3.6.15-150300.10.65.2 * python3-debuginfo-3.6.15-150300.10.65.2 * python3-doc-devhelp-3.6.15-150300.10.65.1 * python3-devel-debuginfo-3.6.15-150300.10.65.1 * python3-testsuite-3.6.15-150300.10.65.1 * python3-base-debuginfo-3.6.15-150300.10.65.1 * python3-debugsource-3.6.15-150300.10.65.2 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.65.1 * python3-curses-3.6.15-150300.10.65.2 * python3-idle-3.6.15-150300.10.65.2 * python3-tools-3.6.15-150300.10.65.1 * python3-base-3.6.15-150300.10.65.1 * libpython3_6m1_0-3.6.15-150300.10.65.1 * python3-tk-3.6.15-150300.10.65.2 * python3-3.6.15-150300.10.65.2 * python3-devel-3.6.15-150300.10.65.1 * python3-tk-debuginfo-3.6.15-150300.10.65.2 * python3-dbm-3.6.15-150300.10.65.2 * python3-core-debugsource-3.6.15-150300.10.65.1 * python3-testsuite-debuginfo-3.6.15-150300.10.65.1 * python3-doc-3.6.15-150300.10.65.1 * python3-curses-debuginfo-3.6.15-150300.10.65.2 * openSUSE Leap 15.3 (x86_64) * libpython3_6m1_0-32bit-3.6.15-150300.10.65.1 * libpython3_6m1_0-32bit-debuginfo-3.6.15-150300.10.65.1 * openSUSE Leap 15.3 (aarch64_ilp32) * libpython3_6m1_0-64bit-3.6.15-150300.10.65.1 * libpython3_6m1_0-64bit-debuginfo-3.6.15-150300.10.65.1 * openSUSE Leap Micro 5.3 (aarch64 x86_64) * libpython3_6m1_0-3.6.15-150300.10.65.1 * python3-debuginfo-3.6.15-150300.10.65.2 * python3-debugsource-3.6.15-150300.10.65.2 * python3-3.6.15-150300.10.65.2 * python3-core-debugsource-3.6.15-150300.10.65.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.65.1 * python3-base-3.6.15-150300.10.65.1 * python3-base-debuginfo-3.6.15-150300.10.65.1 * openSUSE Leap Micro 5.4 (aarch64 s390x x86_64) * libpython3_6m1_0-3.6.15-150300.10.65.1 * python3-debuginfo-3.6.15-150300.10.65.2 * python3-debugsource-3.6.15-150300.10.65.2 * python3-3.6.15-150300.10.65.2 * python3-core-debugsource-3.6.15-150300.10.65.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.65.1 * python3-base-3.6.15-150300.10.65.1 * python3-base-debuginfo-3.6.15-150300.10.65.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * python3-dbm-debuginfo-3.6.15-150300.10.65.2 * python3-debuginfo-3.6.15-150300.10.65.2 * python3-doc-devhelp-3.6.15-150300.10.65.1 * python3-devel-debuginfo-3.6.15-150300.10.65.1 * python3-testsuite-3.6.15-150300.10.65.1 * python3-base-debuginfo-3.6.15-150300.10.65.1 * python3-debugsource-3.6.15-150300.10.65.2 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.65.1 * python3-curses-3.6.15-150300.10.65.2 * python3-idle-3.6.15-150300.10.65.2 * python3-tools-3.6.15-150300.10.65.1 * python3-base-3.6.15-150300.10.65.1 * libpython3_6m1_0-3.6.15-150300.10.65.1 * python3-tk-3.6.15-150300.10.65.2 * python3-3.6.15-150300.10.65.2 * python3-devel-3.6.15-150300.10.65.1 * python3-tk-debuginfo-3.6.15-150300.10.65.2 * python3-dbm-3.6.15-150300.10.65.2 * python3-core-debugsource-3.6.15-150300.10.65.1 * python3-testsuite-debuginfo-3.6.15-150300.10.65.1 * python3-doc-3.6.15-150300.10.65.1 * python3-curses-debuginfo-3.6.15-150300.10.65.2 * openSUSE Leap 15.5 (x86_64) * libpython3_6m1_0-32bit-3.6.15-150300.10.65.1 * libpython3_6m1_0-32bit-debuginfo-3.6.15-150300.10.65.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * python3-dbm-debuginfo-3.6.15-150300.10.65.2 * python3-debuginfo-3.6.15-150300.10.65.2 * python3-doc-devhelp-3.6.15-150300.10.65.1 * python3-devel-debuginfo-3.6.15-150300.10.65.1 * python3-testsuite-3.6.15-150300.10.65.1 * python3-base-debuginfo-3.6.15-150300.10.65.1 * python3-debugsource-3.6.15-150300.10.65.2 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.65.1 * python3-curses-3.6.15-150300.10.65.2 * python3-idle-3.6.15-150300.10.65.2 * python3-tools-3.6.15-150300.10.65.1 * python3-base-3.6.15-150300.10.65.1 * libpython3_6m1_0-3.6.15-150300.10.65.1 * python3-tk-3.6.15-150300.10.65.2 * python3-3.6.15-150300.10.65.2 * python3-devel-3.6.15-150300.10.65.1 * python3-tk-debuginfo-3.6.15-150300.10.65.2 * python3-dbm-3.6.15-150300.10.65.2 * python3-core-debugsource-3.6.15-150300.10.65.1 * python3-testsuite-debuginfo-3.6.15-150300.10.65.1 * python3-doc-3.6.15-150300.10.65.1 * python3-curses-debuginfo-3.6.15-150300.10.65.2 * openSUSE Leap 15.6 (x86_64) * libpython3_6m1_0-32bit-3.6.15-150300.10.65.1 * libpython3_6m1_0-32bit-debuginfo-3.6.15-150300.10.65.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * libpython3_6m1_0-3.6.15-150300.10.65.1 * python3-debuginfo-3.6.15-150300.10.65.2 * python3-debugsource-3.6.15-150300.10.65.2 * python3-3.6.15-150300.10.65.2 * python3-core-debugsource-3.6.15-150300.10.65.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.65.1 * python3-base-3.6.15-150300.10.65.1 * python3-base-debuginfo-3.6.15-150300.10.65.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * libpython3_6m1_0-3.6.15-150300.10.65.1 * python3-debuginfo-3.6.15-150300.10.65.2 * python3-debugsource-3.6.15-150300.10.65.2 * python3-3.6.15-150300.10.65.2 * python3-core-debugsource-3.6.15-150300.10.65.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.65.1 * python3-base-3.6.15-150300.10.65.1 * python3-base-debuginfo-3.6.15-150300.10.65.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * libpython3_6m1_0-3.6.15-150300.10.65.1 * python3-debuginfo-3.6.15-150300.10.65.2 * python3-debugsource-3.6.15-150300.10.65.2 * python3-3.6.15-150300.10.65.2 * python3-core-debugsource-3.6.15-150300.10.65.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.65.1 * python3-base-3.6.15-150300.10.65.1 * python3-base-debuginfo-3.6.15-150300.10.65.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * libpython3_6m1_0-3.6.15-150300.10.65.1 * python3-debuginfo-3.6.15-150300.10.65.2 * python3-debugsource-3.6.15-150300.10.65.2 * python3-3.6.15-150300.10.65.2 * python3-core-debugsource-3.6.15-150300.10.65.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.65.1 * python3-base-3.6.15-150300.10.65.1 * python3-base-debuginfo-3.6.15-150300.10.65.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * libpython3_6m1_0-3.6.15-150300.10.65.1 * python3-debuginfo-3.6.15-150300.10.65.2 * python3-debugsource-3.6.15-150300.10.65.2 * python3-3.6.15-150300.10.65.2 * python3-core-debugsource-3.6.15-150300.10.65.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.65.1 * python3-base-3.6.15-150300.10.65.1 * python3-base-debuginfo-3.6.15-150300.10.65.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * libpython3_6m1_0-3.6.15-150300.10.65.1 * python3-dbm-debuginfo-3.6.15-150300.10.65.2 * python3-debuginfo-3.6.15-150300.10.65.2 * python3-debugsource-3.6.15-150300.10.65.2 * python3-3.6.15-150300.10.65.2 * python3-core-debugsource-3.6.15-150300.10.65.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.65.1 * python3-curses-3.6.15-150300.10.65.2 * python3-tk-3.6.15-150300.10.65.2 * python3-devel-3.6.15-150300.10.65.1 * python3-devel-debuginfo-3.6.15-150300.10.65.1 * python3-idle-3.6.15-150300.10.65.2 * python3-dbm-3.6.15-150300.10.65.2 * python3-tk-debuginfo-3.6.15-150300.10.65.2 * python3-curses-debuginfo-3.6.15-150300.10.65.2 * python3-base-3.6.15-150300.10.65.1 * python3-base-debuginfo-3.6.15-150300.10.65.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libpython3_6m1_0-3.6.15-150300.10.65.1 * python3-dbm-debuginfo-3.6.15-150300.10.65.2 * python3-debuginfo-3.6.15-150300.10.65.2 * python3-debugsource-3.6.15-150300.10.65.2 * python3-3.6.15-150300.10.65.2 * python3-core-debugsource-3.6.15-150300.10.65.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.65.1 * python3-curses-3.6.15-150300.10.65.2 * python3-tk-3.6.15-150300.10.65.2 * python3-devel-3.6.15-150300.10.65.1 * python3-devel-debuginfo-3.6.15-150300.10.65.1 * python3-idle-3.6.15-150300.10.65.2 * python3-dbm-3.6.15-150300.10.65.2 * python3-tk-debuginfo-3.6.15-150300.10.65.2 * python3-curses-debuginfo-3.6.15-150300.10.65.2 * python3-base-3.6.15-150300.10.65.1 * python3-base-debuginfo-3.6.15-150300.10.65.1 * Development Tools Module 15-SP5 (aarch64 ppc64le s390x x86_64) * python3-core-debugsource-3.6.15-150300.10.65.1 * python3-tools-3.6.15-150300.10.65.1 * Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64) * python3-core-debugsource-3.6.15-150300.10.65.1 * python3-tools-3.6.15-150300.10.65.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * libpython3_6m1_0-3.6.15-150300.10.65.1 * python3-dbm-debuginfo-3.6.15-150300.10.65.2 * python3-debuginfo-3.6.15-150300.10.65.2 * python3-debugsource-3.6.15-150300.10.65.2 * python3-3.6.15-150300.10.65.2 * python3-core-debugsource-3.6.15-150300.10.65.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.65.1 * python3-curses-3.6.15-150300.10.65.2 * python3-tk-3.6.15-150300.10.65.2 * python3-devel-3.6.15-150300.10.65.1 * python3-devel-debuginfo-3.6.15-150300.10.65.1 * python3-idle-3.6.15-150300.10.65.2 * python3-dbm-3.6.15-150300.10.65.2 * python3-tk-debuginfo-3.6.15-150300.10.65.2 * python3-tools-3.6.15-150300.10.65.1 * python3-curses-debuginfo-3.6.15-150300.10.65.2 * python3-base-3.6.15-150300.10.65.1 * python3-base-debuginfo-3.6.15-150300.10.65.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * libpython3_6m1_0-3.6.15-150300.10.65.1 * python3-dbm-debuginfo-3.6.15-150300.10.65.2 * python3-debuginfo-3.6.15-150300.10.65.2 * python3-debugsource-3.6.15-150300.10.65.2 * python3-3.6.15-150300.10.65.2 * python3-core-debugsource-3.6.15-150300.10.65.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.65.1 * python3-curses-3.6.15-150300.10.65.2 * python3-tk-3.6.15-150300.10.65.2 * python3-devel-3.6.15-150300.10.65.1 * python3-devel-debuginfo-3.6.15-150300.10.65.1 * python3-idle-3.6.15-150300.10.65.2 * python3-dbm-3.6.15-150300.10.65.2 * python3-tk-debuginfo-3.6.15-150300.10.65.2 * python3-tools-3.6.15-150300.10.65.1 * python3-curses-debuginfo-3.6.15-150300.10.65.2 * python3-base-3.6.15-150300.10.65.1 * python3-base-debuginfo-3.6.15-150300.10.65.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * libpython3_6m1_0-3.6.15-150300.10.65.1 * python3-dbm-debuginfo-3.6.15-150300.10.65.2 * python3-debuginfo-3.6.15-150300.10.65.2 * python3-debugsource-3.6.15-150300.10.65.2 * python3-3.6.15-150300.10.65.2 * python3-core-debugsource-3.6.15-150300.10.65.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.65.1 * python3-curses-3.6.15-150300.10.65.2 * python3-tk-3.6.15-150300.10.65.2 * python3-devel-3.6.15-150300.10.65.1 * python3-devel-debuginfo-3.6.15-150300.10.65.1 * python3-idle-3.6.15-150300.10.65.2 * python3-dbm-3.6.15-150300.10.65.2 * python3-tk-debuginfo-3.6.15-150300.10.65.2 * python3-tools-3.6.15-150300.10.65.1 * python3-curses-debuginfo-3.6.15-150300.10.65.2 * python3-base-3.6.15-150300.10.65.1 * python3-base-debuginfo-3.6.15-150300.10.65.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * libpython3_6m1_0-3.6.15-150300.10.65.1 * python3-dbm-debuginfo-3.6.15-150300.10.65.2 * python3-debuginfo-3.6.15-150300.10.65.2 * python3-debugsource-3.6.15-150300.10.65.2 * python3-3.6.15-150300.10.65.2 * python3-core-debugsource-3.6.15-150300.10.65.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.65.1 * python3-curses-3.6.15-150300.10.65.2 * python3-tk-3.6.15-150300.10.65.2 * python3-devel-3.6.15-150300.10.65.1 * python3-devel-debuginfo-3.6.15-150300.10.65.1 * python3-idle-3.6.15-150300.10.65.2 * python3-dbm-3.6.15-150300.10.65.2 * python3-tk-debuginfo-3.6.15-150300.10.65.2 * python3-tools-3.6.15-150300.10.65.1 * python3-curses-debuginfo-3.6.15-150300.10.65.2 * python3-base-3.6.15-150300.10.65.1 * python3-base-debuginfo-3.6.15-150300.10.65.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * libpython3_6m1_0-3.6.15-150300.10.65.1 * python3-dbm-debuginfo-3.6.15-150300.10.65.2 * python3-debuginfo-3.6.15-150300.10.65.2 * python3-debugsource-3.6.15-150300.10.65.2 * python3-3.6.15-150300.10.65.2 * python3-core-debugsource-3.6.15-150300.10.65.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.65.1 * python3-curses-3.6.15-150300.10.65.2 * python3-tk-3.6.15-150300.10.65.2 * python3-devel-3.6.15-150300.10.65.1 * python3-devel-debuginfo-3.6.15-150300.10.65.1 * python3-idle-3.6.15-150300.10.65.2 * python3-dbm-3.6.15-150300.10.65.2 * python3-tk-debuginfo-3.6.15-150300.10.65.2 * python3-tools-3.6.15-150300.10.65.1 * python3-curses-debuginfo-3.6.15-150300.10.65.2 * python3-base-3.6.15-150300.10.65.1 * python3-base-debuginfo-3.6.15-150300.10.65.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * libpython3_6m1_0-3.6.15-150300.10.65.1 * python3-dbm-debuginfo-3.6.15-150300.10.65.2 * python3-debuginfo-3.6.15-150300.10.65.2 * python3-debugsource-3.6.15-150300.10.65.2 * python3-3.6.15-150300.10.65.2 * python3-core-debugsource-3.6.15-150300.10.65.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.65.1 * python3-curses-3.6.15-150300.10.65.2 * python3-tk-3.6.15-150300.10.65.2 * python3-devel-3.6.15-150300.10.65.1 * python3-devel-debuginfo-3.6.15-150300.10.65.1 * python3-idle-3.6.15-150300.10.65.2 * python3-dbm-3.6.15-150300.10.65.2 * python3-tk-debuginfo-3.6.15-150300.10.65.2 * python3-tools-3.6.15-150300.10.65.1 * python3-curses-debuginfo-3.6.15-150300.10.65.2 * python3-base-3.6.15-150300.10.65.1 * python3-base-debuginfo-3.6.15-150300.10.65.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * libpython3_6m1_0-3.6.15-150300.10.65.1 * python3-dbm-debuginfo-3.6.15-150300.10.65.2 * python3-debuginfo-3.6.15-150300.10.65.2 * python3-debugsource-3.6.15-150300.10.65.2 * python3-3.6.15-150300.10.65.2 * python3-core-debugsource-3.6.15-150300.10.65.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.65.1 * python3-curses-3.6.15-150300.10.65.2 * python3-tk-3.6.15-150300.10.65.2 * python3-devel-3.6.15-150300.10.65.1 * python3-devel-debuginfo-3.6.15-150300.10.65.1 * python3-idle-3.6.15-150300.10.65.2 * python3-dbm-3.6.15-150300.10.65.2 * python3-tk-debuginfo-3.6.15-150300.10.65.2 * python3-tools-3.6.15-150300.10.65.1 * python3-curses-debuginfo-3.6.15-150300.10.65.2 * python3-base-3.6.15-150300.10.65.1 * python3-base-debuginfo-3.6.15-150300.10.65.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * libpython3_6m1_0-3.6.15-150300.10.65.1 * python3-dbm-debuginfo-3.6.15-150300.10.65.2 * python3-debuginfo-3.6.15-150300.10.65.2 * python3-debugsource-3.6.15-150300.10.65.2 * python3-3.6.15-150300.10.65.2 * python3-core-debugsource-3.6.15-150300.10.65.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.65.1 * python3-curses-3.6.15-150300.10.65.2 * python3-tk-3.6.15-150300.10.65.2 * python3-devel-3.6.15-150300.10.65.1 * python3-devel-debuginfo-3.6.15-150300.10.65.1 * python3-idle-3.6.15-150300.10.65.2 * python3-dbm-3.6.15-150300.10.65.2 * python3-tk-debuginfo-3.6.15-150300.10.65.2 * python3-tools-3.6.15-150300.10.65.1 * python3-curses-debuginfo-3.6.15-150300.10.65.2 * python3-base-3.6.15-150300.10.65.1 * python3-base-debuginfo-3.6.15-150300.10.65.1 * SUSE Manager Proxy 4.3 (x86_64) * libpython3_6m1_0-3.6.15-150300.10.65.1 * python3-dbm-debuginfo-3.6.15-150300.10.65.2 * python3-debuginfo-3.6.15-150300.10.65.2 * python3-debugsource-3.6.15-150300.10.65.2 * python3-3.6.15-150300.10.65.2 * python3-core-debugsource-3.6.15-150300.10.65.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.65.1 * python3-curses-3.6.15-150300.10.65.2 * python3-tk-3.6.15-150300.10.65.2 * python3-devel-3.6.15-150300.10.65.1 * python3-devel-debuginfo-3.6.15-150300.10.65.1 * python3-idle-3.6.15-150300.10.65.2 * python3-dbm-3.6.15-150300.10.65.2 * python3-tk-debuginfo-3.6.15-150300.10.65.2 * python3-curses-debuginfo-3.6.15-150300.10.65.2 * python3-base-3.6.15-150300.10.65.1 * python3-base-debuginfo-3.6.15-150300.10.65.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * libpython3_6m1_0-3.6.15-150300.10.65.1 * python3-dbm-debuginfo-3.6.15-150300.10.65.2 * python3-debuginfo-3.6.15-150300.10.65.2 * python3-debugsource-3.6.15-150300.10.65.2 * python3-3.6.15-150300.10.65.2 * python3-core-debugsource-3.6.15-150300.10.65.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.65.1 * python3-curses-3.6.15-150300.10.65.2 * python3-tk-3.6.15-150300.10.65.2 * python3-devel-3.6.15-150300.10.65.1 * python3-devel-debuginfo-3.6.15-150300.10.65.1 * python3-idle-3.6.15-150300.10.65.2 * python3-dbm-3.6.15-150300.10.65.2 * python3-tk-debuginfo-3.6.15-150300.10.65.2 * python3-curses-debuginfo-3.6.15-150300.10.65.2 * python3-base-3.6.15-150300.10.65.1 * python3-base-debuginfo-3.6.15-150300.10.65.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * libpython3_6m1_0-3.6.15-150300.10.65.1 * python3-dbm-debuginfo-3.6.15-150300.10.65.2 * python3-debuginfo-3.6.15-150300.10.65.2 * python3-debugsource-3.6.15-150300.10.65.2 * python3-3.6.15-150300.10.65.2 * python3-core-debugsource-3.6.15-150300.10.65.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.65.1 * python3-curses-3.6.15-150300.10.65.2 * python3-tk-3.6.15-150300.10.65.2 * python3-devel-3.6.15-150300.10.65.1 * python3-devel-debuginfo-3.6.15-150300.10.65.1 * python3-idle-3.6.15-150300.10.65.2 * python3-dbm-3.6.15-150300.10.65.2 * python3-tk-debuginfo-3.6.15-150300.10.65.2 * python3-curses-debuginfo-3.6.15-150300.10.65.2 * python3-base-3.6.15-150300.10.65.1 * python3-base-debuginfo-3.6.15-150300.10.65.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * libpython3_6m1_0-3.6.15-150300.10.65.1 * python3-dbm-debuginfo-3.6.15-150300.10.65.2 * python3-debuginfo-3.6.15-150300.10.65.2 * python3-debugsource-3.6.15-150300.10.65.2 * python3-3.6.15-150300.10.65.2 * python3-core-debugsource-3.6.15-150300.10.65.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.65.1 * python3-curses-3.6.15-150300.10.65.2 * python3-tk-3.6.15-150300.10.65.2 * python3-devel-3.6.15-150300.10.65.1 * python3-devel-debuginfo-3.6.15-150300.10.65.1 * python3-idle-3.6.15-150300.10.65.2 * python3-dbm-3.6.15-150300.10.65.2 * python3-tk-debuginfo-3.6.15-150300.10.65.2 * python3-tools-3.6.15-150300.10.65.1 * python3-curses-debuginfo-3.6.15-150300.10.65.2 * python3-base-3.6.15-150300.10.65.1 * python3-base-debuginfo-3.6.15-150300.10.65.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * libpython3_6m1_0-3.6.15-150300.10.65.1 * python3-debuginfo-3.6.15-150300.10.65.2 * python3-debugsource-3.6.15-150300.10.65.2 * python3-3.6.15-150300.10.65.2 * python3-core-debugsource-3.6.15-150300.10.65.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.65.1 * python3-base-3.6.15-150300.10.65.1 * python3-base-debuginfo-3.6.15-150300.10.65.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * libpython3_6m1_0-3.6.15-150300.10.65.1 * python3-debuginfo-3.6.15-150300.10.65.2 * python3-debugsource-3.6.15-150300.10.65.2 * python3-3.6.15-150300.10.65.2 * python3-core-debugsource-3.6.15-150300.10.65.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.65.1 * python3-base-3.6.15-150300.10.65.1 * python3-base-debuginfo-3.6.15-150300.10.65.1 ## References: * https://www.suse.com/security/cve/CVE-2023-52425.html * https://www.suse.com/security/cve/CVE-2024-0397.html * https://www.suse.com/security/cve/CVE-2024-0450.html * https://www.suse.com/security/cve/CVE-2024-4032.html * https://bugzilla.suse.com/show_bug.cgi?id=1219559 * https://bugzilla.suse.com/show_bug.cgi?id=1220664 * https://bugzilla.suse.com/show_bug.cgi?id=1221563 * https://bugzilla.suse.com/show_bug.cgi?id=1221854 * https://bugzilla.suse.com/show_bug.cgi?id=1222075 * https://bugzilla.suse.com/show_bug.cgi?id=1226447 * https://bugzilla.suse.com/show_bug.cgi?id=1226448 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jul 15 20:36:08 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 15 Jul 2024 20:36:08 -0000 Subject: SUSE-SU-2024:2478-1: moderate: Security update for cockpit Message-ID: <172107576857.29517.14447677318243494441@smelt2.prg2.suse.org> # Security update for cockpit Announcement ID: SUSE-SU-2024:2478-1 Rating: moderate References: * bsc#1226040 Cross-References: * CVE-2024-6126 CVSS scores: * CVE-2024-6126 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Micro 5.1 An update that solves one vulnerability can now be installed. ## Description: This update for cockpit fixes the following issues: * CVE-2024-6126: Fixed Integer overflow in pam_sm_close_session() (bsc#1226040). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-2478=1 ## Package List: * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * cockpit-debugsource-195.12-150300.10.6.1 * cockpit-debuginfo-195.12-150300.10.6.1 * cockpit-ws-195.12-150300.10.6.1 * cockpit-bridge-debuginfo-195.12-150300.10.6.1 * cockpit-ws-debuginfo-195.12-150300.10.6.1 * cockpit-195.12-150300.10.6.1 * cockpit-bridge-195.12-150300.10.6.1 * SUSE Linux Enterprise Micro 5.1 (noarch) * cockpit-system-195.12-150300.10.6.1 * cockpit-dashboard-195.12-150300.10.6.1 ## References: * https://www.suse.com/security/cve/CVE-2024-6126.html * https://bugzilla.suse.com/show_bug.cgi?id=1226040 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jul 15 20:36:10 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 15 Jul 2024 20:36:10 -0000 Subject: SUSE-SU-2024:2477-1: moderate: Security update for cockpit Message-ID: <172107577088.29517.4163202713886506587@smelt2.prg2.suse.org> # Security update for cockpit Announcement ID: SUSE-SU-2024:2477-1 Rating: moderate References: * bsc#1226040 Cross-References: * CVE-2024-6126 CVSS scores: * CVE-2024-6126 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro for Rancher 5.3 An update that solves one vulnerability can now be installed. ## Description: This update for cockpit fixes the following issues: * CVE-2024-6126: Fixed Integer overflow in pam_sm_close_session() (bsc#1226040). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-2477=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-2477=1 ## Package List: * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * cockpit-251.3-150400.8.3.1 * cockpit-ws-debuginfo-251.3-150400.8.3.1 * cockpit-debugsource-251.3-150400.8.3.1 * cockpit-debuginfo-251.3-150400.8.3.1 * cockpit-ws-251.3-150400.8.3.1 * cockpit-bridge-251.3-150400.8.3.1 * cockpit-bridge-debuginfo-251.3-150400.8.3.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (noarch) * cockpit-networkmanager-251.3-150400.8.3.1 * cockpit-system-251.3-150400.8.3.1 * cockpit-selinux-251.3-150400.8.3.1 * cockpit-storaged-251.3-150400.8.3.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * cockpit-251.3-150400.8.3.1 * cockpit-ws-debuginfo-251.3-150400.8.3.1 * cockpit-debugsource-251.3-150400.8.3.1 * cockpit-debuginfo-251.3-150400.8.3.1 * cockpit-ws-251.3-150400.8.3.1 * cockpit-bridge-251.3-150400.8.3.1 * cockpit-bridge-debuginfo-251.3-150400.8.3.1 * SUSE Linux Enterprise Micro 5.3 (noarch) * cockpit-networkmanager-251.3-150400.8.3.1 * cockpit-system-251.3-150400.8.3.1 * cockpit-selinux-251.3-150400.8.3.1 * cockpit-storaged-251.3-150400.8.3.1 ## References: * https://www.suse.com/security/cve/CVE-2024-6126.html * https://bugzilla.suse.com/show_bug.cgi?id=1226040 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jul 15 20:36:12 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 15 Jul 2024 20:36:12 -0000 Subject: SUSE-SU-2024:2476-1: moderate: Security update for cockpit Message-ID: <172107577249.29517.6705549698660276615@smelt2.prg2.suse.org> # Security update for cockpit Announcement ID: SUSE-SU-2024:2476-1 Rating: moderate References: * bsc#1226040 Cross-References: * CVE-2024-6126 CVSS scores: * CVE-2024-6126 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 An update that solves one vulnerability can now be installed. ## Description: This update for cockpit fixes the following issues: * CVE-2024-6126: Fixed Integer overflow in pam_sm_close_session() (bsc#1226040). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-2476=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-2476=1 ## Package List: * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * cockpit-ws-251.3-150300.6.3.1 * cockpit-debugsource-251.3-150300.6.3.1 * cockpit-bridge-251.3-150300.6.3.1 * cockpit-bridge-debuginfo-251.3-150300.6.3.1 * cockpit-debuginfo-251.3-150300.6.3.1 * cockpit-251.3-150300.6.3.1 * cockpit-ws-debuginfo-251.3-150300.6.3.1 * SUSE Linux Enterprise Micro 5.2 (noarch) * cockpit-system-251.3-150300.6.3.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * cockpit-ws-251.3-150300.6.3.1 * cockpit-debugsource-251.3-150300.6.3.1 * cockpit-bridge-251.3-150300.6.3.1 * cockpit-bridge-debuginfo-251.3-150300.6.3.1 * cockpit-debuginfo-251.3-150300.6.3.1 * cockpit-251.3-150300.6.3.1 * cockpit-ws-debuginfo-251.3-150300.6.3.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (noarch) * cockpit-system-251.3-150300.6.3.1 ## References: * https://www.suse.com/security/cve/CVE-2024-6126.html * https://bugzilla.suse.com/show_bug.cgi?id=1226040 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jul 15 20:36:13 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 15 Jul 2024 20:36:13 -0000 Subject: SUSE-SU-2024:2475-1: important: Security update for p7zip Message-ID: <172107577390.29517.7587975458147455172@smelt2.prg2.suse.org> # Security update for p7zip Announcement ID: SUSE-SU-2024:2475-1 Rating: important References: * bsc#1227358 * bsc#1227359 Cross-References: * CVE-2023-52168 * CVE-2023-52169 CVSS scores: * CVE-2023-52168 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H * CVE-2023-52169 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves two vulnerabilities can now be installed. ## Description: This update for p7zip fixes the following issues: * CVE-2023-52168: Fixed heap-based buffer overflow in the NTFS handler allows two bytes to be overwritten at multiple offsets (bsc#1227358) * CVE-2023-52169: Fixed out-of-bounds read in NTFS handler (bsc#1227359) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-2475=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-2475=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-2475=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * p7zip-debugsource-9.20.1-7.6.1 * p7zip-9.20.1-7.6.1 * p7zip-debuginfo-9.20.1-7.6.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * p7zip-debugsource-9.20.1-7.6.1 * p7zip-9.20.1-7.6.1 * p7zip-debuginfo-9.20.1-7.6.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * p7zip-debugsource-9.20.1-7.6.1 * p7zip-9.20.1-7.6.1 * p7zip-debuginfo-9.20.1-7.6.1 ## References: * https://www.suse.com/security/cve/CVE-2023-52168.html * https://www.suse.com/security/cve/CVE-2023-52169.html * https://bugzilla.suse.com/show_bug.cgi?id=1227358 * https://bugzilla.suse.com/show_bug.cgi?id=1227359 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jul 16 08:30:02 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 16 Jul 2024 08:30:02 -0000 Subject: SUSE-SU-2024:2496-1: moderate: Security update for nodejs18 Message-ID: <172111860246.13796.6720069668461180426@smelt2.prg2.suse.org> # Security update for nodejs18 Announcement ID: SUSE-SU-2024:2496-1 Rating: moderate References: * bsc#1222665 * bsc#1227554 * bsc#1227560 Cross-References: * CVE-2024-22020 * CVE-2024-27980 * CVE-2024-36138 CVSS scores: * CVE-2024-22020 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP2 * SUSE Linux Enterprise High Performance Computing 12 SP3 * SUSE Linux Enterprise High Performance Computing 12 SP4 * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 * SUSE Linux Enterprise Server 12 SP1 * SUSE Linux Enterprise Server 12 SP2 * SUSE Linux Enterprise Server 12 SP3 * SUSE Linux Enterprise Server 12 SP4 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 * SUSE Linux Enterprise Server for SAP Applications 12 SP1 * SUSE Linux Enterprise Server for SAP Applications 12 SP2 * SUSE Linux Enterprise Server for SAP Applications 12 SP3 * SUSE Linux Enterprise Server for SAP Applications 12 SP4 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * Web and Scripting Module 12 An update that solves three vulnerabilities can now be installed. ## Description: This update for nodejs18 fixes the following issues: Update to 18.20.4: * CVE-2024-36138: Fixed CVE-2024-27980 fix bypass (bsc#1227560) * CVE-2024-22020: Fixed a bypass of network import restriction via data URL (bsc#1227554) Changes in 18.20.3: * This release fixes a regression introduced in Node.js 18.19.0 where http.server.close() was incorrectly closing idle connections. deps: * acorn updated to 8.11.3. * acorn-walk updated to 8.3.2. * ada updated to 2.7.8. * c-ares updated to 1.28.1. * corepack updated to 0.28.0. * nghttp2 updated to 1.61.0. * ngtcp2 updated to 1.3.0. * npm updated to 10.7.0. Includes a fix from npm at 10.5.1 to limit the number of open connections npm/cli#7324. * simdutf updated to 5.2.4. Changes in 18.20.2: * CVE-2024-27980: Fixed command injection via args parameter of child_process.spawn without shell option enabled on Windows (bsc#1222665) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Web and Scripting Module 12 zypper in -t patch SUSE-SLE-Module-Web-Scripting-12-2024-2496=1 ## Package List: * Web and Scripting Module 12 (aarch64 ppc64le s390x x86_64) * nodejs18-devel-18.20.4-8.24.1 * nodejs18-debugsource-18.20.4-8.24.1 * npm18-18.20.4-8.24.1 * nodejs18-18.20.4-8.24.1 * nodejs18-debuginfo-18.20.4-8.24.1 * Web and Scripting Module 12 (noarch) * nodejs18-docs-18.20.4-8.24.1 ## References: * https://www.suse.com/security/cve/CVE-2024-22020.html * https://www.suse.com/security/cve/CVE-2024-27980.html * https://www.suse.com/security/cve/CVE-2024-36138.html * https://bugzilla.suse.com/show_bug.cgi?id=1222665 * https://bugzilla.suse.com/show_bug.cgi?id=1227554 * https://bugzilla.suse.com/show_bug.cgi?id=1227560 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jul 16 08:30:16 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 16 Jul 2024 08:30:16 -0000 Subject: SUSE-SU-2024:2495-1: important: Security update for the Linux Kernel Message-ID: <172111861625.13796.17463422213846803753@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2024:2495-1 Rating: important References: * bsc#1195775 * bsc#1216124 * bsc#1218148 * bsc#1219224 * bsc#1220492 * bsc#1222015 * bsc#1222254 * bsc#1222678 * bsc#1223384 * bsc#1224020 * bsc#1224679 * bsc#1224696 * bsc#1224703 * bsc#1224749 * bsc#1224764 * bsc#1224765 * bsc#1224766 * bsc#1224935 * bsc#1225098 * bsc#1225467 * bsc#1225487 * bsc#1225518 * bsc#1225611 * bsc#1225732 * bsc#1225737 * bsc#1225749 * bsc#1225840 * bsc#1225866 * bsc#1226145 * bsc#1226211 * bsc#1226212 * bsc#1226270 * bsc#1226587 * bsc#1226595 * bsc#1226634 * bsc#1226758 * bsc#1226785 * bsc#1226786 * bsc#1226789 * bsc#1226953 * bsc#1226962 Cross-References: * CVE-2021-47555 * CVE-2021-47571 * CVE-2023-24023 * CVE-2023-52670 * CVE-2023-52752 * CVE-2023-52837 * CVE-2023-52846 * CVE-2023-52881 * CVE-2024-26745 * CVE-2024-26923 * CVE-2024-35789 * CVE-2024-35861 * CVE-2024-35862 * CVE-2024-35864 * CVE-2024-35869 * CVE-2024-35950 * CVE-2024-36894 * CVE-2024-36899 * CVE-2024-36904 * CVE-2024-36940 * CVE-2024-36964 * CVE-2024-36971 * CVE-2024-38541 * CVE-2024-38545 * CVE-2024-38559 * CVE-2024-38560 * CVE-2024-38564 * CVE-2024-38578 CVSS scores: * CVE-2021-47555 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L * CVE-2021-47571 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47571 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-24023 ( SUSE ): 6.8 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2023-24023 ( NVD ): 6.8 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2023-52670 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52752 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52752 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52837 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52846 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52881 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:L * CVE-2024-26745 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35789 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35861 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35862 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35864 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35869 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35950 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36894 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36899 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36904 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36940 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-36964 ( SUSE ): 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36971 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36971 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-38541 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-38545 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38559 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-38560 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38564 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-38578 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise High Availability Extension 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves 28 vulnerabilities and has 13 security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2023-52846: hsr: Prevent use after free in prp_create_tagged_frame() (bsc#1225098). * CVE-2024-36904: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique() (bsc#1225732). * CVE-2023-52881: tcp: do not accept ACK of bytes we never sent (bsc#1225611). * CVE-2024-35869: smb: client: guarantee refcounted children from parent session (bsc#1224679). * CVE-2024-38564: bpf: Add BPF_PROG_TYPE_CGROUP_SKB attach type enforcement in BPF_LINK_CREATE (bsc#1226789). * CVE-2024-38559: scsi: qedf: Ensure the copied buf is NUL terminated (bsc#1226785). * CVE-2024-38560: scsi: bfa: Ensure the copied buf is NUL terminated (bsc#1226786). * CVE-2024-38578: ecryptfs: Fix buffer size for tag 66 packet (bsc#1226634,). * CVE-2024-38545: RDMA/hns: Fix UAF for cq async event (bsc#1226595) * CVE-2023-52837: nbd: fix uaf in nbd_open (bsc#1224935). * CVE-2024-38541: of: module: add buffer overflow check in of_modalias() (bsc#1226587). * CVE-2024-36971: net: fix __dst_negative_advice() race (bsc#1226145). * CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break() (bsc#1224765). * CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted() (bsc#1224764). * CVE-2024-38610: drivers/virt/acrn: fix PFNMAP PTE checks in acrn_vm_ram_map() (bsc#1226758). * CVE-2024-35861: Fixed potential UAF in cifs_signal_cifsd_for_reconnect()(bsc#1224766). * CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225487). * CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1225737). * CVE-2023-52670: rpmsg: virtio: Free driver_override when rpmsg_remove() (bsc#1224696). * CVE-2024-35789: Check fast rx for non-4addr sta VLAN changes (bsc#1224749). * CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000 (bsc#1225866). * CVE-2024-36940: pinctrl: core: delete incorrect free in pinctrl_enable() (bsc#1225840). * CVE-2021-47571: staging: rtl8192e: Fix use after free in _rtl92e_pci_disconnect() (bsc#1225518). * CVE-2021-47555: net: vlan: fix underflow for the real_dev refcnt (bsc#1225467). * CVE-2023-24023: Bluetooth: Add more enc key size check (bsc#1218148). * CVE-2024-36894: usb: gadget: f_fs: Fix race between aio_cancel() and AIO request complete (bsc#1225749). * CVE-2024-35950: drm/client: Fully protect modes with dev->mode_config.mutex (bsc#1224703). * CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223384). The following non-security bugs were fixed: * Revert "build initrd without systemd" (bsc#1195775)" * cgroup: Add annotation for holding namespace_sem in current_cgns_cgroup_from_root() (bsc#1222254). * cgroup: Eliminate the need for cgroup_mutex in proc_cgroup_show() (bsc#1222254). * cgroup: Make operations on the cgroup root_list RCU safe (bsc#1222254). * cgroup: Remove unnecessary list_empty() (bsc#1222254). * cgroup: preserve KABI of cgroup_root (bsc#1222254). * ocfs2: adjust enabling place for la window (bsc#1219224). * ocfs2: fix sparse warnings (bsc#1219224). * ocfs2: improve write IO performance when fragmentation is high (bsc#1219224). * ocfs2: speed up chain-list searching (bsc#1219224). * random: treat bootloader trust toggle the same way as cpu trust toggle (bsc#1226953). * rpm/kernel-obs-build.spec.in: Add iso9660 (bsc#1226212). * rpm/kernel-obs-build.spec.in: Add networking modules for docker (bsc#1226211). * scsi: lpfc: Remove IRQF_ONESHOT flag from threaded IRQ handling (bsc#1216124). * smb: client: ensure to try all targets when finding nested links (bsc#1224020). * x86/tsc: Trust initial offset in architectural TSC-adjust MSRs (bsc#1222015 bsc#1226962). * xfs: do not include bnobt blocks when reserving free block pool (bsc#1226270). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-2495=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-2495=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-2495=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-2495=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-2495=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-2495=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-2495=1 * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2024-2495=1 Please note that this is the initial kernel livepatch without fixes itself, this package is later updated by separate standalone kernel livepatch updates. * SUSE Linux Enterprise High Availability Extension 15 SP4 zypper in -t patch SUSE-SLE-Product-HA-15-SP4-2024-2495=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-2495=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-2495=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-2495=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-2495=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-2495=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-2495=1 ## Package List: * SUSE Manager Retail Branch Server 4.3 (nosrc x86_64) * kernel-default-5.14.21-150400.24.125.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * kernel-default-devel-debuginfo-5.14.21-150400.24.125.1 * kernel-default-debugsource-5.14.21-150400.24.125.1 * kernel-default-debuginfo-5.14.21-150400.24.125.1 * kernel-default-base-5.14.21-150400.24.125.1.150400.24.60.1 * kernel-default-devel-5.14.21-150400.24.125.1 * SUSE Manager Retail Branch Server 4.3 (noarch) * kernel-macros-5.14.21-150400.24.125.1 * kernel-devel-5.14.21-150400.24.125.1 * SUSE Manager Server 4.3 (nosrc ppc64le s390x x86_64) * kernel-default-5.14.21-150400.24.125.1 * SUSE Manager Server 4.3 (ppc64le x86_64) * kernel-default-base-5.14.21-150400.24.125.1.150400.24.60.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * kernel-default-devel-debuginfo-5.14.21-150400.24.125.1 * kernel-default-debugsource-5.14.21-150400.24.125.1 * kernel-default-debuginfo-5.14.21-150400.24.125.1 * kernel-default-devel-5.14.21-150400.24.125.1 * kernel-syms-5.14.21-150400.24.125.1 * SUSE Manager Server 4.3 (noarch) * kernel-source-5.14.21-150400.24.125.1 * kernel-macros-5.14.21-150400.24.125.1 * kernel-devel-5.14.21-150400.24.125.1 * SUSE Manager Server 4.3 (nosrc s390x) * kernel-zfcpdump-5.14.21-150400.24.125.1 * SUSE Manager Server 4.3 (s390x) * kernel-zfcpdump-debuginfo-5.14.21-150400.24.125.1 * kernel-zfcpdump-debugsource-5.14.21-150400.24.125.1 * openSUSE Leap 15.4 (noarch nosrc) * kernel-docs-5.14.21-150400.24.125.1 * openSUSE Leap 15.4 (noarch) * kernel-source-5.14.21-150400.24.125.1 * kernel-macros-5.14.21-150400.24.125.1 * kernel-source-vanilla-5.14.21-150400.24.125.1 * kernel-docs-html-5.14.21-150400.24.125.1 * kernel-devel-5.14.21-150400.24.125.1 * openSUSE Leap 15.4 (nosrc ppc64le x86_64) * kernel-debug-5.14.21-150400.24.125.1 * openSUSE Leap 15.4 (ppc64le x86_64) * kernel-debug-livepatch-devel-5.14.21-150400.24.125.1 * kernel-debug-devel-5.14.21-150400.24.125.1 * kernel-debug-devel-debuginfo-5.14.21-150400.24.125.1 * kernel-debug-debugsource-5.14.21-150400.24.125.1 * kernel-debug-debuginfo-5.14.21-150400.24.125.1 * openSUSE Leap 15.4 (aarch64 ppc64le x86_64) * kernel-kvmsmall-debuginfo-5.14.21-150400.24.125.1 * kernel-kvmsmall-devel-debuginfo-5.14.21-150400.24.125.1 * kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.125.1 * kernel-default-base-5.14.21-150400.24.125.1.150400.24.60.1 * kernel-default-base-rebuild-5.14.21-150400.24.125.1.150400.24.60.1 * kernel-kvmsmall-devel-5.14.21-150400.24.125.1 * kernel-kvmsmall-debugsource-5.14.21-150400.24.125.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64) * kernel-default-optional-debuginfo-5.14.21-150400.24.125.1 * dlm-kmp-default-debuginfo-5.14.21-150400.24.125.1 * cluster-md-kmp-default-debuginfo-5.14.21-150400.24.125.1 * kselftests-kmp-default-debuginfo-5.14.21-150400.24.125.1 * ocfs2-kmp-default-debuginfo-5.14.21-150400.24.125.1 * kernel-default-livepatch-5.14.21-150400.24.125.1 * kernel-obs-build-debugsource-5.14.21-150400.24.125.1 * kselftests-kmp-default-5.14.21-150400.24.125.1 * dlm-kmp-default-5.14.21-150400.24.125.1 * kernel-default-livepatch-devel-5.14.21-150400.24.125.1 * cluster-md-kmp-default-5.14.21-150400.24.125.1 * kernel-default-devel-5.14.21-150400.24.125.1 * kernel-default-extra-debuginfo-5.14.21-150400.24.125.1 * kernel-syms-5.14.21-150400.24.125.1 * kernel-default-debugsource-5.14.21-150400.24.125.1 * kernel-default-optional-5.14.21-150400.24.125.1 * kernel-obs-qa-5.14.21-150400.24.125.1 * gfs2-kmp-default-debuginfo-5.14.21-150400.24.125.1 * gfs2-kmp-default-5.14.21-150400.24.125.1 * reiserfs-kmp-default-debuginfo-5.14.21-150400.24.125.1 * kernel-obs-build-5.14.21-150400.24.125.1 * kernel-default-devel-debuginfo-5.14.21-150400.24.125.1 * reiserfs-kmp-default-5.14.21-150400.24.125.1 * kernel-default-extra-5.14.21-150400.24.125.1 * kernel-default-debuginfo-5.14.21-150400.24.125.1 * ocfs2-kmp-default-5.14.21-150400.24.125.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-5.14.21-150400.24.125.1 * openSUSE Leap 15.4 (aarch64 nosrc ppc64le x86_64) * kernel-kvmsmall-5.14.21-150400.24.125.1 * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_125-default-debuginfo-1-150400.9.3.1 * kernel-livepatch-5_14_21-150400_24_125-default-1-150400.9.3.1 * kernel-livepatch-SLE15-SP4_Update_28-debugsource-1-150400.9.3.1 * openSUSE Leap 15.4 (nosrc s390x) * kernel-zfcpdump-5.14.21-150400.24.125.1 * openSUSE Leap 15.4 (s390x) * kernel-zfcpdump-debuginfo-5.14.21-150400.24.125.1 * kernel-zfcpdump-debugsource-5.14.21-150400.24.125.1 * openSUSE Leap 15.4 (nosrc) * dtb-aarch64-5.14.21-150400.24.125.1 * openSUSE Leap 15.4 (aarch64) * kernel-64kb-optional-5.14.21-150400.24.125.1 * ocfs2-kmp-64kb-debuginfo-5.14.21-150400.24.125.1 * dtb-freescale-5.14.21-150400.24.125.1 * dtb-mediatek-5.14.21-150400.24.125.1 * dtb-socionext-5.14.21-150400.24.125.1 * dlm-kmp-64kb-debuginfo-5.14.21-150400.24.125.1 * kernel-64kb-devel-debuginfo-5.14.21-150400.24.125.1 * dtb-nvidia-5.14.21-150400.24.125.1 * kernel-64kb-optional-debuginfo-5.14.21-150400.24.125.1 * dtb-marvell-5.14.21-150400.24.125.1 * kselftests-kmp-64kb-5.14.21-150400.24.125.1 * ocfs2-kmp-64kb-5.14.21-150400.24.125.1 * dtb-xilinx-5.14.21-150400.24.125.1 * dtb-renesas-5.14.21-150400.24.125.1 * dtb-cavium-5.14.21-150400.24.125.1 * dtb-qcom-5.14.21-150400.24.125.1 * gfs2-kmp-64kb-5.14.21-150400.24.125.1 * kernel-64kb-livepatch-devel-5.14.21-150400.24.125.1 * cluster-md-kmp-64kb-5.14.21-150400.24.125.1 * dtb-lg-5.14.21-150400.24.125.1 * kernel-64kb-extra-debuginfo-5.14.21-150400.24.125.1 * reiserfs-kmp-64kb-5.14.21-150400.24.125.1 * dtb-rockchip-5.14.21-150400.24.125.1 * dtb-arm-5.14.21-150400.24.125.1 * dtb-sprd-5.14.21-150400.24.125.1 * dtb-amd-5.14.21-150400.24.125.1 * dtb-amazon-5.14.21-150400.24.125.1 * dtb-exynos-5.14.21-150400.24.125.1 * dtb-altera-5.14.21-150400.24.125.1 * kselftests-kmp-64kb-debuginfo-5.14.21-150400.24.125.1 * dlm-kmp-64kb-5.14.21-150400.24.125.1 * dtb-apple-5.14.21-150400.24.125.1 * dtb-allwinner-5.14.21-150400.24.125.1 * dtb-apm-5.14.21-150400.24.125.1 * kernel-64kb-debugsource-5.14.21-150400.24.125.1 * reiserfs-kmp-64kb-debuginfo-5.14.21-150400.24.125.1 * dtb-amlogic-5.14.21-150400.24.125.1 * kernel-64kb-devel-5.14.21-150400.24.125.1 * dtb-hisilicon-5.14.21-150400.24.125.1 * gfs2-kmp-64kb-debuginfo-5.14.21-150400.24.125.1 * cluster-md-kmp-64kb-debuginfo-5.14.21-150400.24.125.1 * kernel-64kb-debuginfo-5.14.21-150400.24.125.1 * kernel-64kb-extra-5.14.21-150400.24.125.1 * dtb-broadcom-5.14.21-150400.24.125.1 * openSUSE Leap 15.4 (aarch64 nosrc) * kernel-64kb-5.14.21-150400.24.125.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 nosrc s390x x86_64) * kernel-default-5.14.21-150400.24.125.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 x86_64) * kernel-default-base-5.14.21-150400.24.125.1.150400.24.60.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * kernel-default-debuginfo-5.14.21-150400.24.125.1 * kernel-default-debugsource-5.14.21-150400.24.125.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 nosrc s390x x86_64) * kernel-default-5.14.21-150400.24.125.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 x86_64) * kernel-default-base-5.14.21-150400.24.125.1.150400.24.60.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * kernel-default-debuginfo-5.14.21-150400.24.125.1 * kernel-default-debugsource-5.14.21-150400.24.125.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 nosrc s390x x86_64) * kernel-default-5.14.21-150400.24.125.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 x86_64) * kernel-default-base-5.14.21-150400.24.125.1.150400.24.60.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * kernel-default-debuginfo-5.14.21-150400.24.125.1 * kernel-default-debugsource-5.14.21-150400.24.125.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 nosrc s390x x86_64) * kernel-default-5.14.21-150400.24.125.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 x86_64) * kernel-default-base-5.14.21-150400.24.125.1.150400.24.60.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * kernel-default-debuginfo-5.14.21-150400.24.125.1 * kernel-default-debugsource-5.14.21-150400.24.125.1 * SUSE Linux Enterprise Live Patching 15-SP4 (nosrc) * kernel-default-5.14.21-150400.24.125.1 * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-default-debugsource-5.14.21-150400.24.125.1 * kernel-default-debuginfo-5.14.21-150400.24.125.1 * kernel-livepatch-5_14_21-150400_24_125-default-1-150400.9.3.1 * kernel-default-livepatch-devel-5.14.21-150400.24.125.1 * kernel-livepatch-SLE15-SP4_Update_28-debugsource-1-150400.9.3.1 * kernel-default-livepatch-5.14.21-150400.24.125.1 * kernel-livepatch-5_14_21-150400_24_125-default-debuginfo-1-150400.9.3.1 * SUSE Linux Enterprise High Availability Extension 15 SP4 (aarch64 ppc64le s390x x86_64) * kernel-default-debugsource-5.14.21-150400.24.125.1 * kernel-default-debuginfo-5.14.21-150400.24.125.1 * dlm-kmp-default-debuginfo-5.14.21-150400.24.125.1 * dlm-kmp-default-5.14.21-150400.24.125.1 * gfs2-kmp-default-debuginfo-5.14.21-150400.24.125.1 * cluster-md-kmp-default-debuginfo-5.14.21-150400.24.125.1 * ocfs2-kmp-default-debuginfo-5.14.21-150400.24.125.1 * gfs2-kmp-default-5.14.21-150400.24.125.1 * cluster-md-kmp-default-5.14.21-150400.24.125.1 * ocfs2-kmp-default-5.14.21-150400.24.125.1 * SUSE Linux Enterprise High Availability Extension 15 SP4 (nosrc) * kernel-default-5.14.21-150400.24.125.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 nosrc) * kernel-64kb-5.14.21-150400.24.125.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64) * kernel-64kb-debuginfo-5.14.21-150400.24.125.1 * kernel-64kb-devel-5.14.21-150400.24.125.1 * kernel-64kb-debugsource-5.14.21-150400.24.125.1 * kernel-64kb-devel-debuginfo-5.14.21-150400.24.125.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 nosrc x86_64) * kernel-default-5.14.21-150400.24.125.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * kernel-default-devel-debuginfo-5.14.21-150400.24.125.1 * kernel-default-debugsource-5.14.21-150400.24.125.1 * kernel-obs-build-debugsource-5.14.21-150400.24.125.1 * reiserfs-kmp-default-5.14.21-150400.24.125.1 * kernel-default-debuginfo-5.14.21-150400.24.125.1 * kernel-default-base-5.14.21-150400.24.125.1.150400.24.60.1 * reiserfs-kmp-default-debuginfo-5.14.21-150400.24.125.1 * kernel-default-devel-5.14.21-150400.24.125.1 * kernel-obs-build-5.14.21-150400.24.125.1 * kernel-syms-5.14.21-150400.24.125.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * kernel-source-5.14.21-150400.24.125.1 * kernel-macros-5.14.21-150400.24.125.1 * kernel-devel-5.14.21-150400.24.125.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch nosrc) * kernel-docs-5.14.21-150400.24.125.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 nosrc) * kernel-64kb-5.14.21-150400.24.125.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64) * kernel-64kb-debuginfo-5.14.21-150400.24.125.1 * kernel-64kb-devel-5.14.21-150400.24.125.1 * kernel-64kb-debugsource-5.14.21-150400.24.125.1 * kernel-64kb-devel-debuginfo-5.14.21-150400.24.125.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 nosrc x86_64) * kernel-default-5.14.21-150400.24.125.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * kernel-default-devel-debuginfo-5.14.21-150400.24.125.1 * kernel-default-debugsource-5.14.21-150400.24.125.1 * kernel-obs-build-debugsource-5.14.21-150400.24.125.1 * reiserfs-kmp-default-5.14.21-150400.24.125.1 * kernel-default-debuginfo-5.14.21-150400.24.125.1 * kernel-default-base-5.14.21-150400.24.125.1.150400.24.60.1 * reiserfs-kmp-default-debuginfo-5.14.21-150400.24.125.1 * kernel-default-devel-5.14.21-150400.24.125.1 * kernel-obs-build-5.14.21-150400.24.125.1 * kernel-syms-5.14.21-150400.24.125.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * kernel-source-5.14.21-150400.24.125.1 * kernel-macros-5.14.21-150400.24.125.1 * kernel-devel-5.14.21-150400.24.125.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch nosrc) * kernel-docs-5.14.21-150400.24.125.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (nosrc x86_64) * kernel-default-5.14.21-150400.24.125.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * kernel-default-devel-debuginfo-5.14.21-150400.24.125.1 * kernel-default-debugsource-5.14.21-150400.24.125.1 * kernel-obs-build-debugsource-5.14.21-150400.24.125.1 * kernel-default-extra-5.14.21-150400.24.125.1 * kernel-default-debuginfo-5.14.21-150400.24.125.1 * kernel-default-base-5.14.21-150400.24.125.1.150400.24.60.1 * kernel-default-devel-5.14.21-150400.24.125.1 * kernel-default-extra-debuginfo-5.14.21-150400.24.125.1 * kernel-obs-build-5.14.21-150400.24.125.1 * kernel-syms-5.14.21-150400.24.125.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (noarch) * kernel-source-5.14.21-150400.24.125.1 * kernel-macros-5.14.21-150400.24.125.1 * kernel-devel-5.14.21-150400.24.125.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (noarch nosrc) * kernel-docs-5.14.21-150400.24.125.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 nosrc) * kernel-64kb-5.14.21-150400.24.125.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64) * kernel-64kb-debuginfo-5.14.21-150400.24.125.1 * kernel-64kb-devel-5.14.21-150400.24.125.1 * kernel-64kb-debugsource-5.14.21-150400.24.125.1 * kernel-64kb-devel-debuginfo-5.14.21-150400.24.125.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-5.14.21-150400.24.125.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le x86_64) * kernel-default-base-5.14.21-150400.24.125.1.150400.24.60.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * kernel-default-devel-debuginfo-5.14.21-150400.24.125.1 * kernel-default-debugsource-5.14.21-150400.24.125.1 * kernel-obs-build-debugsource-5.14.21-150400.24.125.1 * reiserfs-kmp-default-5.14.21-150400.24.125.1 * kernel-default-debuginfo-5.14.21-150400.24.125.1 * reiserfs-kmp-default-debuginfo-5.14.21-150400.24.125.1 * kernel-default-devel-5.14.21-150400.24.125.1 * kernel-obs-build-5.14.21-150400.24.125.1 * kernel-syms-5.14.21-150400.24.125.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch) * kernel-source-5.14.21-150400.24.125.1 * kernel-macros-5.14.21-150400.24.125.1 * kernel-devel-5.14.21-150400.24.125.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch nosrc) * kernel-docs-5.14.21-150400.24.125.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (nosrc s390x) * kernel-zfcpdump-5.14.21-150400.24.125.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (s390x) * kernel-zfcpdump-debuginfo-5.14.21-150400.24.125.1 * kernel-zfcpdump-debugsource-5.14.21-150400.24.125.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (nosrc ppc64le x86_64) * kernel-default-5.14.21-150400.24.125.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * kernel-default-devel-debuginfo-5.14.21-150400.24.125.1 * kernel-default-debugsource-5.14.21-150400.24.125.1 * kernel-obs-build-debugsource-5.14.21-150400.24.125.1 * reiserfs-kmp-default-5.14.21-150400.24.125.1 * kernel-default-debuginfo-5.14.21-150400.24.125.1 * kernel-default-base-5.14.21-150400.24.125.1.150400.24.60.1 * reiserfs-kmp-default-debuginfo-5.14.21-150400.24.125.1 * kernel-default-devel-5.14.21-150400.24.125.1 * kernel-obs-build-5.14.21-150400.24.125.1 * kernel-syms-5.14.21-150400.24.125.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * kernel-source-5.14.21-150400.24.125.1 * kernel-macros-5.14.21-150400.24.125.1 * kernel-devel-5.14.21-150400.24.125.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch nosrc) * kernel-docs-5.14.21-150400.24.125.1 * SUSE Manager Proxy 4.3 (nosrc x86_64) * kernel-default-5.14.21-150400.24.125.1 * SUSE Manager Proxy 4.3 (x86_64) * kernel-default-devel-debuginfo-5.14.21-150400.24.125.1 * kernel-default-debugsource-5.14.21-150400.24.125.1 * kernel-default-debuginfo-5.14.21-150400.24.125.1 * kernel-default-base-5.14.21-150400.24.125.1.150400.24.60.1 * kernel-default-devel-5.14.21-150400.24.125.1 * kernel-syms-5.14.21-150400.24.125.1 * SUSE Manager Proxy 4.3 (noarch) * kernel-source-5.14.21-150400.24.125.1 * kernel-macros-5.14.21-150400.24.125.1 * kernel-devel-5.14.21-150400.24.125.1 ## References: * https://www.suse.com/security/cve/CVE-2021-47555.html * https://www.suse.com/security/cve/CVE-2021-47571.html * https://www.suse.com/security/cve/CVE-2023-24023.html * https://www.suse.com/security/cve/CVE-2023-52670.html * https://www.suse.com/security/cve/CVE-2023-52752.html * https://www.suse.com/security/cve/CVE-2023-52837.html * https://www.suse.com/security/cve/CVE-2023-52846.html * https://www.suse.com/security/cve/CVE-2023-52881.html * https://www.suse.com/security/cve/CVE-2024-26745.html * https://www.suse.com/security/cve/CVE-2024-26923.html * https://www.suse.com/security/cve/CVE-2024-35789.html * https://www.suse.com/security/cve/CVE-2024-35861.html * https://www.suse.com/security/cve/CVE-2024-35862.html * https://www.suse.com/security/cve/CVE-2024-35864.html * https://www.suse.com/security/cve/CVE-2024-35869.html * https://www.suse.com/security/cve/CVE-2024-35950.html * https://www.suse.com/security/cve/CVE-2024-36894.html * https://www.suse.com/security/cve/CVE-2024-36899.html * https://www.suse.com/security/cve/CVE-2024-36904.html * https://www.suse.com/security/cve/CVE-2024-36940.html * https://www.suse.com/security/cve/CVE-2024-36964.html * https://www.suse.com/security/cve/CVE-2024-36971.html * https://www.suse.com/security/cve/CVE-2024-38541.html * https://www.suse.com/security/cve/CVE-2024-38545.html * https://www.suse.com/security/cve/CVE-2024-38559.html * https://www.suse.com/security/cve/CVE-2024-38560.html * https://www.suse.com/security/cve/CVE-2024-38564.html * https://www.suse.com/security/cve/CVE-2024-38578.html * https://bugzilla.suse.com/show_bug.cgi?id=1195775 * https://bugzilla.suse.com/show_bug.cgi?id=1216124 * https://bugzilla.suse.com/show_bug.cgi?id=1218148 * https://bugzilla.suse.com/show_bug.cgi?id=1219224 * https://bugzilla.suse.com/show_bug.cgi?id=1220492 * https://bugzilla.suse.com/show_bug.cgi?id=1222015 * https://bugzilla.suse.com/show_bug.cgi?id=1222254 * https://bugzilla.suse.com/show_bug.cgi?id=1222678 * https://bugzilla.suse.com/show_bug.cgi?id=1223384 * https://bugzilla.suse.com/show_bug.cgi?id=1224020 * https://bugzilla.suse.com/show_bug.cgi?id=1224679 * https://bugzilla.suse.com/show_bug.cgi?id=1224696 * https://bugzilla.suse.com/show_bug.cgi?id=1224703 * https://bugzilla.suse.com/show_bug.cgi?id=1224749 * https://bugzilla.suse.com/show_bug.cgi?id=1224764 * https://bugzilla.suse.com/show_bug.cgi?id=1224765 * https://bugzilla.suse.com/show_bug.cgi?id=1224766 * https://bugzilla.suse.com/show_bug.cgi?id=1224935 * https://bugzilla.suse.com/show_bug.cgi?id=1225098 * https://bugzilla.suse.com/show_bug.cgi?id=1225467 * https://bugzilla.suse.com/show_bug.cgi?id=1225487 * https://bugzilla.suse.com/show_bug.cgi?id=1225518 * https://bugzilla.suse.com/show_bug.cgi?id=1225611 * https://bugzilla.suse.com/show_bug.cgi?id=1225732 * https://bugzilla.suse.com/show_bug.cgi?id=1225737 * https://bugzilla.suse.com/show_bug.cgi?id=1225749 * https://bugzilla.suse.com/show_bug.cgi?id=1225840 * https://bugzilla.suse.com/show_bug.cgi?id=1225866 * https://bugzilla.suse.com/show_bug.cgi?id=1226145 * https://bugzilla.suse.com/show_bug.cgi?id=1226211 * https://bugzilla.suse.com/show_bug.cgi?id=1226212 * https://bugzilla.suse.com/show_bug.cgi?id=1226270 * https://bugzilla.suse.com/show_bug.cgi?id=1226587 * https://bugzilla.suse.com/show_bug.cgi?id=1226595 * https://bugzilla.suse.com/show_bug.cgi?id=1226634 * https://bugzilla.suse.com/show_bug.cgi?id=1226758 * https://bugzilla.suse.com/show_bug.cgi?id=1226785 * https://bugzilla.suse.com/show_bug.cgi?id=1226786 * https://bugzilla.suse.com/show_bug.cgi?id=1226789 * https://bugzilla.suse.com/show_bug.cgi?id=1226953 * https://bugzilla.suse.com/show_bug.cgi?id=1226962 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jul 16 08:30:20 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 16 Jul 2024 08:30:20 -0000 Subject: SUSE-SU-2024:2494-1: moderate: Security update for cockpit Message-ID: <172111862075.13796.7076753603148175177@smelt2.prg2.suse.org> # Security update for cockpit Announcement ID: SUSE-SU-2024:2494-1 Rating: moderate References: * bsc#1226040 Cross-References: * CVE-2024-6126 CVSS scores: * CVE-2024-6126 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.4 An update that solves one vulnerability can now be installed. ## Description: This update for cockpit fixes the following issues: * CVE-2024-6126: Fixed Integer overflow in pam_sm_close_session() (bsc#1226040). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-2494=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-2494=1 ## Package List: * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * cockpit-bridge-debuginfo-251.3-150400.6.7.1 * cockpit-debuginfo-251.3-150400.6.7.1 * cockpit-ws-251.3-150400.6.7.1 * cockpit-bridge-251.3-150400.6.7.1 * cockpit-ws-debuginfo-251.3-150400.6.7.1 * cockpit-debugsource-251.3-150400.6.7.1 * cockpit-251.3-150400.6.7.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (noarch) * cockpit-system-251.3-150400.6.7.1 * cockpit-storaged-251.3-150400.6.7.1 * cockpit-networkmanager-251.3-150400.6.7.1 * cockpit-selinux-251.3-150400.6.7.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * cockpit-bridge-debuginfo-251.3-150400.6.7.1 * cockpit-debuginfo-251.3-150400.6.7.1 * cockpit-ws-251.3-150400.6.7.1 * cockpit-bridge-251.3-150400.6.7.1 * cockpit-ws-debuginfo-251.3-150400.6.7.1 * cockpit-debugsource-251.3-150400.6.7.1 * cockpit-251.3-150400.6.7.1 * SUSE Linux Enterprise Micro 5.4 (noarch) * cockpit-system-251.3-150400.6.7.1 * cockpit-storaged-251.3-150400.6.7.1 * cockpit-networkmanager-251.3-150400.6.7.1 * cockpit-selinux-251.3-150400.6.7.1 ## References: * https://www.suse.com/security/cve/CVE-2024-6126.html * https://bugzilla.suse.com/show_bug.cgi?id=1226040 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jul 16 08:30:28 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 16 Jul 2024 08:30:28 -0000 Subject: SUSE-SU-2024:2493-1: important: Security update for the Linux Kernel Message-ID: <172111862849.13796.4289726743022631058@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2024:2493-1 Rating: important References: * bsc#1215420 * bsc#1220833 * bsc#1221656 * bsc#1221659 * bsc#1222005 * bsc#1222792 * bsc#1223021 * bsc#1223188 * bsc#1224622 * bsc#1224627 * bsc#1224647 * bsc#1224683 * bsc#1224686 * bsc#1224743 * bsc#1224965 * bsc#1225229 * bsc#1225357 * bsc#1225431 * bsc#1225478 * bsc#1225505 * bsc#1225530 * bsc#1225532 * bsc#1225569 * bsc#1225593 * bsc#1225835 * bsc#1226757 * bsc#1226861 * bsc#1226994 * bsc#1227407 * bsc#1227435 * bsc#1227487 Cross-References: * CVE-2021-47145 * CVE-2021-47201 * CVE-2021-47275 * CVE-2021-47438 * CVE-2021-47498 * CVE-2021-47520 * CVE-2021-47547 * CVE-2023-4244 * CVE-2023-52507 * CVE-2023-52683 * CVE-2023-52693 * CVE-2023-52753 * CVE-2023-52817 * CVE-2023-52818 * CVE-2023-52819 * CVE-2024-26635 * CVE-2024-26636 * CVE-2024-26880 * CVE-2024-35805 * CVE-2024-35819 * CVE-2024-35828 * CVE-2024-35947 * CVE-2024-36014 * CVE-2024-36941 * CVE-2024-38598 * CVE-2024-38619 * CVE-2024-39301 * CVE-2024-39475 CVSS scores: * CVE-2021-47145 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47201 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47275 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47438 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47498 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47520 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47520 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47547 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2023-4244 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-4244 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52507 ( SUSE ): 5.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2023-52683 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52693 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52753 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52753 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52817 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52817 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52818 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2023-52819 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-26635 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-26636 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26880 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-35805 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35819 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35828 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35947 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36014 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36941 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38598 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38619 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-39301 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-39475 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-39475 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Real Time 12 SP5 * SUSE Linux Enterprise Server 12 SP5 An update that solves 28 vulnerabilities and has three security fixes can now be installed. ## Description: The SUSE Linux Enterprise 12 SP5 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2021-47145: btrfs: do not BUG_ON in link_to_fixup_dir (bsc#1222005). * CVE-2021-47201: iavf: free q_vectors before queues in iavf_disable_vf (bsc#1222792). * CVE-2021-47275: bcache: avoid oversized read request in cache missing code path (bsc#1224965). * CVE-2021-47438: net/mlx5e: nullify cq->dbg pointer in mlx5_debug_cq_remove() (bsc#1225229) * CVE-2021-47498: dm rq: do not queue request to blk-mq during DM suspend (bsc#1225357). * CVE-2021-47520: can: pch_can: pch_can_rx_normal: fix use after free (bsc#1225431). * CVE-2021-47547: net: tulip: de4x5: fix the problem that the array 'lp->phy' may be out of bound (bsc#1225505). * CVE-2023-4244: Fixed a use-after-free in the nf_tables component, which could be exploited to achieve local privilege escalation (bsc#1215420). * CVE-2023-52507: Fixed possible shift-out-of-bounds in nfc/nci (bsc#1220833). * CVE-2023-52683: ACPI: LPIT: Avoid u32 multiplication overflow (bsc#1224627). * CVE-2023-52693: ACPI: video: check for error while searching for backlight device parent (bsc#1224686). * CVE-2023-52753: drm/amd/display: Avoid NULL dereference of timing generator (bsc#1225478). * CVE-2023-52817: drm/amdgpu: Fix a null pointer access when the smc_rreg pointer is NULL (bsc#1225569). * CVE-2023-52818: drm/amd: Fix UBSAN array-index-out-of-bounds for SMU7 (bsc#1225530). * CVE-2023-52819: drm/amd: Fix UBSAN array-index-out-of-bounds for Polaris and Tonga (bsc#1225532). * CVE-2024-26635: llc: Drop support for ETH_P_TR_802_2 (bsc#1221656). * CVE-2024-26636: llc: make llc_ui_sendmsg() more robust against bonding changes (bsc#1221659). * CVE-2024-26880: dm: call the resume method on internal suspend (bsc#1223188). * CVE-2024-35805: dm snapshot: fix lockup in dm_exception_table_exit (bsc#1224743). * CVE-2024-35819: soc: fsl: qbman: Use raw spinlock for cgr_lock (bsc#1224683). * CVE-2024-35828: wifi: libertas: fix some memleaks in lbs_allocate_cmd_buffer() (bsc#1224622). * CVE-2024-35947: dyndbg: fix old BUG_ON in >control parser (bsc#1224647). * CVE-2024-36014: drm/arm/malidp: fix a possible null pointer dereference (bsc#1225593). * CVE-2024-36941: wifi: nl80211: do not free NULL coalescing rule (bsc#1225835). * CVE-2024-38598: md: fix resync softlockup when bitmap size is less than array size (bsc#1226757). * CVE-2024-38619: usb-storage: alauda: Check whether the media is initialized (bsc#1226861). * CVE-2024-39301: net/9p: fix uninit-value in p9_client_rpc() (bsc#1226994). * CVE-2024-39475: fbdev: savage: Handle err return when savagefb_check_var failed (bsc#1227435) The following non-security bugs were fixed: * PM: hibernate: x86: Use crc32 instead of md5 for hibernation e820 integrity check (git-fixes). * SUNRPC: Fix gss_free_in_token_pages() (git-fixes). * SUNRPC: Fix loop termination condition in gss_free_in_token_pages() (git- fixes). * drm/amdgpu/debugfs: fix error code when smc register accessors are NULL (git-fixes). * kgdb: Add kgdb_has_hit_break function (git-fixes). * kgdb: Move the extern declaration kgdb_has_hit_break() to generic kgdb.h (git-fixes). * net: hsr: fix placement of logical operator in a multi-line statement (bsc#1223021). * nfs: Handle error of rpc_proc_register() in nfs_net_init() (git-fixes). * powerpc/rtas: Prevent Spectre v1 gadget construction in sys_rtas() (bsc#1227487). * sched/deadline: Fix BUG_ON condition for deboosted tasks (bsc#1227407). * sunrpc: fix NFSACL RPC retry on soft mount (git-fixes). * x86/apic: Fix kernel panic when booting with intremap=off and x2apic_phys (git-fixes). * x86/boot/e820: Fix typo in e820.c comment (git-fixes). * x86/cpu: Fix AMD erratum #1485 on Zen4-based CPUs (git-fixes). * x86/fpu: Return proper error codes from user access functions (git-fixes). * x86/ioremap: Fix page aligned size calculation in __ioremap_caller() (git- fixes). * x86/kprobes: Fix kprobes instruction boudary check with CONFIG_RETHUNK (git- fixes). * x86/kprobes: Fix optprobe optimization check with CONFIG_RETHUNK (git- fixes). * x86/msr: Fix wr/rdmsr_safe_regs_on_cpu() prototypes (git-fixes). * x86/numa: Use cpumask_available instead of hardcoded NULL check (git-fixes). * x86: __memcpy_flushcache: fix wrong alignment if size > 2^32 (git-fixes). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Real Time 12 SP5 zypper in -t patch SUSE-SLE-RT-12-SP5-2024-2493=1 ## Package List: * SUSE Linux Enterprise Real Time 12 SP5 (x86_64) * gfs2-kmp-rt-4.12.14-10.194.1 * kernel-rt_debug-debugsource-4.12.14-10.194.1 * kernel-rt_debug-devel-debuginfo-4.12.14-10.194.1 * ocfs2-kmp-rt-4.12.14-10.194.1 * ocfs2-kmp-rt-debuginfo-4.12.14-10.194.1 * kernel-rt-base-4.12.14-10.194.1 * kernel-rt-base-debuginfo-4.12.14-10.194.1 * gfs2-kmp-rt-debuginfo-4.12.14-10.194.1 * kernel-rt-devel-debuginfo-4.12.14-10.194.1 * kernel-rt-debugsource-4.12.14-10.194.1 * cluster-md-kmp-rt-debuginfo-4.12.14-10.194.1 * kernel-syms-rt-4.12.14-10.194.1 * kernel-rt-devel-4.12.14-10.194.1 * dlm-kmp-rt-debuginfo-4.12.14-10.194.1 * dlm-kmp-rt-4.12.14-10.194.1 * kernel-rt_debug-debuginfo-4.12.14-10.194.1 * kernel-rt_debug-devel-4.12.14-10.194.1 * cluster-md-kmp-rt-4.12.14-10.194.1 * kernel-rt-debuginfo-4.12.14-10.194.1 * SUSE Linux Enterprise Real Time 12 SP5 (noarch) * kernel-devel-rt-4.12.14-10.194.1 * kernel-source-rt-4.12.14-10.194.1 * SUSE Linux Enterprise Real Time 12 SP5 (nosrc x86_64) * kernel-rt_debug-4.12.14-10.194.1 * kernel-rt-4.12.14-10.194.1 ## References: * https://www.suse.com/security/cve/CVE-2021-47145.html * https://www.suse.com/security/cve/CVE-2021-47201.html * https://www.suse.com/security/cve/CVE-2021-47275.html * https://www.suse.com/security/cve/CVE-2021-47438.html * https://www.suse.com/security/cve/CVE-2021-47498.html * https://www.suse.com/security/cve/CVE-2021-47520.html * https://www.suse.com/security/cve/CVE-2021-47547.html * https://www.suse.com/security/cve/CVE-2023-4244.html * https://www.suse.com/security/cve/CVE-2023-52507.html * https://www.suse.com/security/cve/CVE-2023-52683.html * https://www.suse.com/security/cve/CVE-2023-52693.html * https://www.suse.com/security/cve/CVE-2023-52753.html * https://www.suse.com/security/cve/CVE-2023-52817.html * https://www.suse.com/security/cve/CVE-2023-52818.html * https://www.suse.com/security/cve/CVE-2023-52819.html * https://www.suse.com/security/cve/CVE-2024-26635.html * https://www.suse.com/security/cve/CVE-2024-26636.html * https://www.suse.com/security/cve/CVE-2024-26880.html * https://www.suse.com/security/cve/CVE-2024-35805.html * https://www.suse.com/security/cve/CVE-2024-35819.html * https://www.suse.com/security/cve/CVE-2024-35828.html * https://www.suse.com/security/cve/CVE-2024-35947.html * https://www.suse.com/security/cve/CVE-2024-36014.html * https://www.suse.com/security/cve/CVE-2024-36941.html * https://www.suse.com/security/cve/CVE-2024-38598.html * https://www.suse.com/security/cve/CVE-2024-38619.html * https://www.suse.com/security/cve/CVE-2024-39301.html * https://www.suse.com/security/cve/CVE-2024-39475.html * https://bugzilla.suse.com/show_bug.cgi?id=1215420 * https://bugzilla.suse.com/show_bug.cgi?id=1220833 * https://bugzilla.suse.com/show_bug.cgi?id=1221656 * https://bugzilla.suse.com/show_bug.cgi?id=1221659 * https://bugzilla.suse.com/show_bug.cgi?id=1222005 * https://bugzilla.suse.com/show_bug.cgi?id=1222792 * https://bugzilla.suse.com/show_bug.cgi?id=1223021 * https://bugzilla.suse.com/show_bug.cgi?id=1223188 * https://bugzilla.suse.com/show_bug.cgi?id=1224622 * https://bugzilla.suse.com/show_bug.cgi?id=1224627 * https://bugzilla.suse.com/show_bug.cgi?id=1224647 * https://bugzilla.suse.com/show_bug.cgi?id=1224683 * https://bugzilla.suse.com/show_bug.cgi?id=1224686 * https://bugzilla.suse.com/show_bug.cgi?id=1224743 * https://bugzilla.suse.com/show_bug.cgi?id=1224965 * https://bugzilla.suse.com/show_bug.cgi?id=1225229 * https://bugzilla.suse.com/show_bug.cgi?id=1225357 * https://bugzilla.suse.com/show_bug.cgi?id=1225431 * https://bugzilla.suse.com/show_bug.cgi?id=1225478 * https://bugzilla.suse.com/show_bug.cgi?id=1225505 * https://bugzilla.suse.com/show_bug.cgi?id=1225530 * https://bugzilla.suse.com/show_bug.cgi?id=1225532 * https://bugzilla.suse.com/show_bug.cgi?id=1225569 * https://bugzilla.suse.com/show_bug.cgi?id=1225593 * https://bugzilla.suse.com/show_bug.cgi?id=1225835 * https://bugzilla.suse.com/show_bug.cgi?id=1226757 * https://bugzilla.suse.com/show_bug.cgi?id=1226861 * https://bugzilla.suse.com/show_bug.cgi?id=1226994 * https://bugzilla.suse.com/show_bug.cgi?id=1227407 * https://bugzilla.suse.com/show_bug.cgi?id=1227435 * https://bugzilla.suse.com/show_bug.cgi?id=1227487 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jul 16 12:30:02 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 16 Jul 2024 12:30:02 -0000 Subject: SUSE-SU-2024:2530-1: important: Security update for the Linux Kernel (Live Patch 6 for SLE 15 SP5) Message-ID: <172113300269.18052.12154712609871725220@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 6 for SLE 15 SP5) Announcement ID: SUSE-SU-2024:2530-1 Rating: important References: * bsc#1220145 * bsc#1223363 * bsc#1223681 * bsc#1223683 Cross-References: * CVE-2024-23307 * CVE-2024-26828 * CVE-2024-26923 * CVE-2024-26930 CVSS scores: * CVE-2024-23307 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26828 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H * CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26930 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26930 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves four vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_55_31 fixes several issues. The following security issues were fixed: * CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683). * CVE-2024-26930: Fixed double free of the ha->vp_map pointer (bsc#1223681). * CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223363). * CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5 modules (bsc#1220145). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-2530=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-2530=1 ## Package List: * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_31-default-10-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_6-debugsource-10-150500.2.1 * kernel-livepatch-5_14_21-150500_55_31-default-debuginfo-10-150500.2.1 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_31-default-10-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_6-debugsource-10-150500.2.1 * kernel-livepatch-5_14_21-150500_55_31-default-debuginfo-10-150500.2.1 ## References: * https://www.suse.com/security/cve/CVE-2024-23307.html * https://www.suse.com/security/cve/CVE-2024-26828.html * https://www.suse.com/security/cve/CVE-2024-26923.html * https://www.suse.com/security/cve/CVE-2024-26930.html * https://bugzilla.suse.com/show_bug.cgi?id=1220145 * https://bugzilla.suse.com/show_bug.cgi?id=1223363 * https://bugzilla.suse.com/show_bug.cgi?id=1223681 * https://bugzilla.suse.com/show_bug.cgi?id=1223683 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jul 16 16:30:11 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 16 Jul 2024 16:30:11 -0000 Subject: SUSE-SU-2024:2535-1: important: Security update for xen Message-ID: <172114741118.29038.12691068289380647505@smelt2.prg2.suse.org> # Security update for xen Announcement ID: SUSE-SU-2024:2535-1 Rating: important References: * bsc#1214083 * bsc#1221332 * bsc#1221334 * bsc#1221984 * bsc#1222302 * bsc#1222453 * bsc#1227355 Cross-References: * CVE-2023-28746 * CVE-2023-46842 * CVE-2024-2193 * CVE-2024-2201 * CVE-2024-31142 * CVE-2024-31143 CVSS scores: * CVE-2023-28746 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2023-46842 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H * CVE-2024-2193 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-2201 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-31142 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-31143 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 An update that solves six vulnerabilities and has one security fix can now be installed. ## Description: This update for xen fixes the following issues: * CVE-2023-28746: Register File Data Sampling (XSA-452, bsc#1221332) * CVE-2023-46842: HVM hypercalls may trigger Xen bug check (XSA-454, bsc#1221984) * CVE-2024-2193: Fixed GhostRace, a speculative race conditions. (XSA-453, bsc#1221334) * CVE-2024-2201: Mitigation for Native Branch History Injection (XSA-456, bsc#1222453) * CVE-2024-31142: Fixed incorrect logic for BTC/SRSO mitigations (XSA-455, bsc#1222302) * CVE-2024-31143: Fixed double unlock in x86 guest IRQ handling (XSA-458, bsc#1227355) ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-2535=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-2535=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-2535=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (x86_64) * xen-devel-4.13.5_12-150200.3.93.1 * xen-debugsource-4.13.5_12-150200.3.93.1 * xen-tools-4.13.5_12-150200.3.93.1 * xen-4.13.5_12-150200.3.93.1 * xen-libs-4.13.5_12-150200.3.93.1 * xen-libs-debuginfo-4.13.5_12-150200.3.93.1 * xen-tools-domU-4.13.5_12-150200.3.93.1 * xen-tools-domU-debuginfo-4.13.5_12-150200.3.93.1 * xen-tools-debuginfo-4.13.5_12-150200.3.93.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (noarch) * xen-tools-xendomains-wait-disk-4.13.5_12-150200.3.93.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (x86_64) * xen-devel-4.13.5_12-150200.3.93.1 * xen-debugsource-4.13.5_12-150200.3.93.1 * xen-tools-4.13.5_12-150200.3.93.1 * xen-4.13.5_12-150200.3.93.1 * xen-libs-4.13.5_12-150200.3.93.1 * xen-libs-debuginfo-4.13.5_12-150200.3.93.1 * xen-tools-domU-4.13.5_12-150200.3.93.1 * xen-tools-domU-debuginfo-4.13.5_12-150200.3.93.1 * xen-tools-debuginfo-4.13.5_12-150200.3.93.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (noarch) * xen-tools-xendomains-wait-disk-4.13.5_12-150200.3.93.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (x86_64) * xen-devel-4.13.5_12-150200.3.93.1 * xen-debugsource-4.13.5_12-150200.3.93.1 * xen-tools-4.13.5_12-150200.3.93.1 * xen-4.13.5_12-150200.3.93.1 * xen-libs-4.13.5_12-150200.3.93.1 * xen-libs-debuginfo-4.13.5_12-150200.3.93.1 * xen-tools-domU-4.13.5_12-150200.3.93.1 * xen-tools-domU-debuginfo-4.13.5_12-150200.3.93.1 * xen-tools-debuginfo-4.13.5_12-150200.3.93.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (noarch) * xen-tools-xendomains-wait-disk-4.13.5_12-150200.3.93.1 ## References: * https://www.suse.com/security/cve/CVE-2023-28746.html * https://www.suse.com/security/cve/CVE-2023-46842.html * https://www.suse.com/security/cve/CVE-2024-2193.html * https://www.suse.com/security/cve/CVE-2024-2201.html * https://www.suse.com/security/cve/CVE-2024-31142.html * https://www.suse.com/security/cve/CVE-2024-31143.html * https://bugzilla.suse.com/show_bug.cgi?id=1214083 * https://bugzilla.suse.com/show_bug.cgi?id=1221332 * https://bugzilla.suse.com/show_bug.cgi?id=1221334 * https://bugzilla.suse.com/show_bug.cgi?id=1221984 * https://bugzilla.suse.com/show_bug.cgi?id=1222302 * https://bugzilla.suse.com/show_bug.cgi?id=1222453 * https://bugzilla.suse.com/show_bug.cgi?id=1227355 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jul 16 16:30:14 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 16 Jul 2024 16:30:14 -0000 Subject: SUSE-SU-2024:2534-1: important: Security update for xen Message-ID: <172114741471.29038.4908641922549222749@smelt2.prg2.suse.org> # Security update for xen Announcement ID: SUSE-SU-2024:2534-1 Rating: important References: * bsc#1027519 * bsc#1222453 * bsc#1227355 Cross-References: * CVE-2024-2201 * CVE-2024-31143 CVSS scores: * CVE-2024-2201 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-31143 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 An update that solves two vulnerabilities and has one security fix can now be installed. ## Description: This update for xen fixes the following issues: * CVE-2024-2201: Mitigation for Native Branch History Injection (XSA-456, bsc#1222453) * CVE-2024-31143: Fixed double unlock in x86 guest IRQ handling (XSA-458, bsc#1227355). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-2534=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-2534=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-2534=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-2534=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 x86_64) * xen-devel-4.12.4_50-3.112.1 * xen-debugsource-4.12.4_50-3.112.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (x86_64) * xen-tools-4.12.4_50-3.112.1 * xen-doc-html-4.12.4_50-3.112.1 * xen-4.12.4_50-3.112.1 * xen-libs-32bit-4.12.4_50-3.112.1 * xen-tools-domU-debuginfo-4.12.4_50-3.112.1 * xen-tools-domU-4.12.4_50-3.112.1 * xen-tools-debuginfo-4.12.4_50-3.112.1 * xen-libs-debuginfo-32bit-4.12.4_50-3.112.1 * xen-libs-debuginfo-4.12.4_50-3.112.1 * xen-debugsource-4.12.4_50-3.112.1 * xen-libs-4.12.4_50-3.112.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (x86_64) * xen-tools-4.12.4_50-3.112.1 * xen-doc-html-4.12.4_50-3.112.1 * xen-4.12.4_50-3.112.1 * xen-libs-32bit-4.12.4_50-3.112.1 * xen-tools-domU-debuginfo-4.12.4_50-3.112.1 * xen-tools-domU-4.12.4_50-3.112.1 * xen-tools-debuginfo-4.12.4_50-3.112.1 * xen-libs-debuginfo-32bit-4.12.4_50-3.112.1 * xen-libs-debuginfo-4.12.4_50-3.112.1 * xen-debugsource-4.12.4_50-3.112.1 * xen-libs-4.12.4_50-3.112.1 * SUSE Linux Enterprise Server 12 SP5 (x86_64) * xen-tools-4.12.4_50-3.112.1 * xen-doc-html-4.12.4_50-3.112.1 * xen-4.12.4_50-3.112.1 * xen-libs-32bit-4.12.4_50-3.112.1 * xen-tools-domU-debuginfo-4.12.4_50-3.112.1 * xen-tools-domU-4.12.4_50-3.112.1 * xen-tools-debuginfo-4.12.4_50-3.112.1 * xen-libs-debuginfo-32bit-4.12.4_50-3.112.1 * xen-libs-debuginfo-4.12.4_50-3.112.1 * xen-debugsource-4.12.4_50-3.112.1 * xen-libs-4.12.4_50-3.112.1 ## References: * https://www.suse.com/security/cve/CVE-2024-2201.html * https://www.suse.com/security/cve/CVE-2024-31143.html * https://bugzilla.suse.com/show_bug.cgi?id=1027519 * https://bugzilla.suse.com/show_bug.cgi?id=1222453 * https://bugzilla.suse.com/show_bug.cgi?id=1227355 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jul 16 16:30:16 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 16 Jul 2024 16:30:16 -0000 Subject: SUSE-SU-2024:2533-1: important: Security update for xen Message-ID: <172114741633.29038.13108823464131037036@smelt2.prg2.suse.org> # Security update for xen Announcement ID: SUSE-SU-2024:2533-1 Rating: important References: * bsc#1222453 * bsc#1227355 Cross-References: * CVE-2024-2201 * CVE-2024-31143 CVSS scores: * CVE-2024-2201 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-31143 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves two vulnerabilities can now be installed. ## Description: This update for xen fixes the following issues: * CVE-2024-2201: Mitigation for Native Branch History Injection (XSA-456, bsc#1222453) * CVE-2024-31143: Fixed double unlock in x86 guest IRQ handling (XSA-458, bsc#1227355). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-2533=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-2533=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-2533=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-2533=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-2533=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-2533=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-2533=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-2533=1 ## Package List: * openSUSE Leap 15.3 (aarch64 x86_64 i586) * xen-tools-domU-4.14.6_16-150300.3.75.1 * xen-devel-4.14.6_16-150300.3.75.1 * xen-libs-4.14.6_16-150300.3.75.1 * xen-tools-domU-debuginfo-4.14.6_16-150300.3.75.1 * xen-libs-debuginfo-4.14.6_16-150300.3.75.1 * xen-debugsource-4.14.6_16-150300.3.75.1 * openSUSE Leap 15.3 (x86_64) * xen-libs-32bit-4.14.6_16-150300.3.75.1 * xen-libs-32bit-debuginfo-4.14.6_16-150300.3.75.1 * openSUSE Leap 15.3 (aarch64 x86_64) * xen-tools-debuginfo-4.14.6_16-150300.3.75.1 * xen-4.14.6_16-150300.3.75.1 * xen-doc-html-4.14.6_16-150300.3.75.1 * xen-tools-4.14.6_16-150300.3.75.1 * openSUSE Leap 15.3 (noarch) * xen-tools-xendomains-wait-disk-4.14.6_16-150300.3.75.1 * openSUSE Leap 15.3 (aarch64_ilp32) * xen-libs-64bit-4.14.6_16-150300.3.75.1 * xen-libs-64bit-debuginfo-4.14.6_16-150300.3.75.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (x86_64) * xen-4.14.6_16-150300.3.75.1 * xen-tools-domU-4.14.6_16-150300.3.75.1 * xen-devel-4.14.6_16-150300.3.75.1 * xen-libs-4.14.6_16-150300.3.75.1 * xen-tools-domU-debuginfo-4.14.6_16-150300.3.75.1 * xen-tools-4.14.6_16-150300.3.75.1 * xen-libs-debuginfo-4.14.6_16-150300.3.75.1 * xen-tools-debuginfo-4.14.6_16-150300.3.75.1 * xen-debugsource-4.14.6_16-150300.3.75.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * xen-tools-xendomains-wait-disk-4.14.6_16-150300.3.75.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (x86_64) * xen-4.14.6_16-150300.3.75.1 * xen-tools-domU-4.14.6_16-150300.3.75.1 * xen-devel-4.14.6_16-150300.3.75.1 * xen-libs-4.14.6_16-150300.3.75.1 * xen-tools-domU-debuginfo-4.14.6_16-150300.3.75.1 * xen-tools-4.14.6_16-150300.3.75.1 * xen-libs-debuginfo-4.14.6_16-150300.3.75.1 * xen-tools-debuginfo-4.14.6_16-150300.3.75.1 * xen-debugsource-4.14.6_16-150300.3.75.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch) * xen-tools-xendomains-wait-disk-4.14.6_16-150300.3.75.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (x86_64) * xen-4.14.6_16-150300.3.75.1 * xen-tools-domU-4.14.6_16-150300.3.75.1 * xen-devel-4.14.6_16-150300.3.75.1 * xen-libs-4.14.6_16-150300.3.75.1 * xen-tools-domU-debuginfo-4.14.6_16-150300.3.75.1 * xen-tools-4.14.6_16-150300.3.75.1 * xen-libs-debuginfo-4.14.6_16-150300.3.75.1 * xen-tools-debuginfo-4.14.6_16-150300.3.75.1 * xen-debugsource-4.14.6_16-150300.3.75.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * xen-tools-xendomains-wait-disk-4.14.6_16-150300.3.75.1 * SUSE Enterprise Storage 7.1 (x86_64) * xen-4.14.6_16-150300.3.75.1 * xen-tools-domU-4.14.6_16-150300.3.75.1 * xen-devel-4.14.6_16-150300.3.75.1 * xen-libs-4.14.6_16-150300.3.75.1 * xen-tools-domU-debuginfo-4.14.6_16-150300.3.75.1 * xen-tools-4.14.6_16-150300.3.75.1 * xen-libs-debuginfo-4.14.6_16-150300.3.75.1 * xen-tools-debuginfo-4.14.6_16-150300.3.75.1 * xen-debugsource-4.14.6_16-150300.3.75.1 * SUSE Enterprise Storage 7.1 (noarch) * xen-tools-xendomains-wait-disk-4.14.6_16-150300.3.75.1 * SUSE Linux Enterprise Micro 5.1 (x86_64) * xen-libs-4.14.6_16-150300.3.75.1 * xen-debugsource-4.14.6_16-150300.3.75.1 * xen-libs-debuginfo-4.14.6_16-150300.3.75.1 * SUSE Linux Enterprise Micro 5.2 (x86_64) * xen-libs-4.14.6_16-150300.3.75.1 * xen-debugsource-4.14.6_16-150300.3.75.1 * xen-libs-debuginfo-4.14.6_16-150300.3.75.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (x86_64) * xen-libs-4.14.6_16-150300.3.75.1 * xen-debugsource-4.14.6_16-150300.3.75.1 * xen-libs-debuginfo-4.14.6_16-150300.3.75.1 ## References: * https://www.suse.com/security/cve/CVE-2024-2201.html * https://www.suse.com/security/cve/CVE-2024-31143.html * https://bugzilla.suse.com/show_bug.cgi?id=1222453 * https://bugzilla.suse.com/show_bug.cgi?id=1227355 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jul 16 16:30:20 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 16 Jul 2024 16:30:20 -0000 Subject: SUSE-SU-2024:2531-1: important: Security update for xen Message-ID: <172114742015.29038.12335839416882045278@smelt2.prg2.suse.org> # Security update for xen Announcement ID: SUSE-SU-2024:2531-1 Rating: important References: * bsc#1027519 * bsc#1214718 * bsc#1221984 * bsc#1225953 * bsc#1227355 Cross-References: * CVE-2023-46842 * CVE-2024-31143 CVSS scores: * CVE-2023-46842 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H * CVE-2024-31143 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * Server Applications Module 15-SP6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves two vulnerabilities and has three security fixes can now be installed. ## Description: This update for xen fixes the following issues: * CVE-2023-46842: Fixed x86 HVM hypercalls may trigger Xen bug check (XSA-454, bsc#1221984). * CVE-2024-31143: Fixed double unlock in x86 guest IRQ handling (XSA-458, bsc#1227355). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Server Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2024-2531=1 * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-2531=1 openSUSE-SLE-15.6-2024-2531=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-2531=1 ## Package List: * Server Applications Module 15-SP6 (x86_64) * xen-debugsource-4.18.2_06-150600.3.3.1 * xen-4.18.2_06-150600.3.3.1 * xen-tools-4.18.2_06-150600.3.3.1 * xen-tools-debuginfo-4.18.2_06-150600.3.3.1 * xen-devel-4.18.2_06-150600.3.3.1 * Server Applications Module 15-SP6 (noarch) * xen-tools-xendomains-wait-disk-4.18.2_06-150600.3.3.1 * openSUSE Leap 15.6 (aarch64 x86_64 i586) * xen-debugsource-4.18.2_06-150600.3.3.1 * xen-tools-domU-4.18.2_06-150600.3.3.1 * xen-devel-4.18.2_06-150600.3.3.1 * xen-libs-4.18.2_06-150600.3.3.1 * xen-libs-debuginfo-4.18.2_06-150600.3.3.1 * xen-tools-domU-debuginfo-4.18.2_06-150600.3.3.1 * openSUSE Leap 15.6 (x86_64) * xen-libs-32bit-debuginfo-4.18.2_06-150600.3.3.1 * xen-libs-32bit-4.18.2_06-150600.3.3.1 * openSUSE Leap 15.6 (aarch64 x86_64) * xen-4.18.2_06-150600.3.3.1 * xen-doc-html-4.18.2_06-150600.3.3.1 * xen-tools-4.18.2_06-150600.3.3.1 * xen-tools-debuginfo-4.18.2_06-150600.3.3.1 * openSUSE Leap 15.6 (noarch) * xen-tools-xendomains-wait-disk-4.18.2_06-150600.3.3.1 * openSUSE Leap 15.6 (aarch64_ilp32) * xen-libs-64bit-4.18.2_06-150600.3.3.1 * xen-libs-64bit-debuginfo-4.18.2_06-150600.3.3.1 * Basesystem Module 15-SP6 (x86_64) * xen-debugsource-4.18.2_06-150600.3.3.1 * xen-tools-domU-4.18.2_06-150600.3.3.1 * xen-libs-4.18.2_06-150600.3.3.1 * xen-libs-debuginfo-4.18.2_06-150600.3.3.1 * xen-tools-domU-debuginfo-4.18.2_06-150600.3.3.1 ## References: * https://www.suse.com/security/cve/CVE-2023-46842.html * https://www.suse.com/security/cve/CVE-2024-31143.html * https://bugzilla.suse.com/show_bug.cgi?id=1027519 * https://bugzilla.suse.com/show_bug.cgi?id=1214718 * https://bugzilla.suse.com/show_bug.cgi?id=1221984 * https://bugzilla.suse.com/show_bug.cgi?id=1225953 * https://bugzilla.suse.com/show_bug.cgi?id=1227355 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jul 17 08:30:04 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 17 Jul 2024 08:30:04 -0000 Subject: SUSE-SU-2024:2543-1: moderate: Security update for nodejs20 Message-ID: <172120500456.24565.15352452861318605795@smelt2.prg2.suse.org> # Security update for nodejs20 Announcement ID: SUSE-SU-2024:2543-1 Rating: moderate References: * bsc#1227554 * bsc#1227560 * bsc#1227561 * bsc#1227562 * bsc#1227563 Cross-References: * CVE-2024-22018 * CVE-2024-22020 * CVE-2024-27980 * CVE-2024-36137 * CVE-2024-36138 * CVE-2024-37372 CVSS scores: * CVE-2024-22018 ( SUSE ): 2.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N * CVE-2024-22020 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:H * CVE-2024-36137 ( SUSE ): 3.9 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * Web and Scripting Module 15-SP5 An update that solves six vulnerabilities can now be installed. ## Description: This update for nodejs20 fixes the following issues: Update to 20.15.1: * CVE-2024-36138: Fixed CVE-2024-27980 fix bypass (bsc#1227560) * CVE-2024-22020: Fixed a bypass of network import restriction via data URL (bsc#1227554) * CVE-2024-22018: Fixed fs.lstat bypasses permission model (bsc#1227562) * CVE-2024-36137: Fixed fs.fchown/fchmod bypasses permission model (bsc#1227561) * CVE-2024-37372: Fixed Permission model improperly processes UNC paths (bsc#1227563) Changes in 20.15.0: * test_runner: support test plans * inspector: introduce the --inspect-wait flag * zlib: expose zlib.crc32() * cli: allow running wasm in limited vmem with --disable-wasm-trap-handler Changes in 20.14.0 * src,permission: throw async errors on async APIs * test_runner: support forced exit Changes in 20.13.1: * buffer: improve base64 and base64url performance * crypto: deprecate implicitly shortened GCM tags * events,doc: mark CustomEvent as stable * fs: add stacktrace to fs/promises * report: add --report-exclude-network option * src: add uv_get_available_memory to report and process * stream: support typed arrays * util: support array of formats in util.styleText * v8: implement v8.queryObjects() for memory leak regression testing * watch: mark as stable ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-2543=1 openSUSE-SLE-15.5-2024-2543=1 * Web and Scripting Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Web-Scripting-15-SP5-2024-2543=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * corepack20-20.15.1-150500.11.12.2 * nodejs20-20.15.1-150500.11.12.2 * nodejs20-debuginfo-20.15.1-150500.11.12.2 * npm20-20.15.1-150500.11.12.2 * nodejs20-devel-20.15.1-150500.11.12.2 * nodejs20-debugsource-20.15.1-150500.11.12.2 * openSUSE Leap 15.5 (noarch) * nodejs20-docs-20.15.1-150500.11.12.2 * Web and Scripting Module 15-SP5 (aarch64 ppc64le s390x x86_64) * nodejs20-20.15.1-150500.11.12.2 * npm20-20.15.1-150500.11.12.2 * nodejs20-debuginfo-20.15.1-150500.11.12.2 * nodejs20-devel-20.15.1-150500.11.12.2 * nodejs20-debugsource-20.15.1-150500.11.12.2 * Web and Scripting Module 15-SP5 (noarch) * nodejs20-docs-20.15.1-150500.11.12.2 ## References: * https://www.suse.com/security/cve/CVE-2024-22018.html * https://www.suse.com/security/cve/CVE-2024-22020.html * https://www.suse.com/security/cve/CVE-2024-27980.html * https://www.suse.com/security/cve/CVE-2024-36137.html * https://www.suse.com/security/cve/CVE-2024-36138.html * https://www.suse.com/security/cve/CVE-2024-37372.html * https://bugzilla.suse.com/show_bug.cgi?id=1227554 * https://bugzilla.suse.com/show_bug.cgi?id=1227560 * https://bugzilla.suse.com/show_bug.cgi?id=1227561 * https://bugzilla.suse.com/show_bug.cgi?id=1227562 * https://bugzilla.suse.com/show_bug.cgi?id=1227563 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jul 17 08:30:07 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 17 Jul 2024 08:30:07 -0000 Subject: SUSE-SU-2024:2542-1: moderate: Security update for nodejs18 Message-ID: <172120500752.24565.4260368682635814809@smelt2.prg2.suse.org> # Security update for nodejs18 Announcement ID: SUSE-SU-2024:2542-1 Rating: moderate References: * bsc#1222665 * bsc#1227554 * bsc#1227560 Cross-References: * CVE-2024-22020 * CVE-2024-27980 * CVE-2024-36138 CVSS scores: * CVE-2024-22020 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:H Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * Web and Scripting Module 15-SP5 An update that solves three vulnerabilities can now be installed. ## Description: This update for nodejs18 fixes the following issues: Update to 18.20.4: * CVE-2024-36138: Fixed CVE-2024-27980 fix bypass (bsc#1227560) * CVE-2024-22020: Fixed a bypass of network import restriction via data URL (bsc#1227554) Changes in 18.20.3: * This release fixes a regression introduced in Node.js 18.19.0 where http.server.close() was incorrectly closing idle connections. deps: * acorn updated to 8.11.3. * acorn-walk updated to 8.3.2. * ada updated to 2.7.8. * c-ares updated to 1.28.1. * corepack updated to 0.28.0. * nghttp2 updated to 1.61.0. * ngtcp2 updated to 1.3.0. * npm updated to 10.7.0. Includes a fix from npm at 10.5.1 to limit the number of open connections npm/cli#7324. * simdutf updated to 5.2.4. Changes in 18.20.2: * CVE-2024-27980: Fixed command injection via args parameter of child_process.spawn without shell option enabled on Windows (bsc#1222665) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-2542=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-2542=1 * Web and Scripting Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Web-Scripting-15-SP5-2024-2542=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * nodejs18-18.20.4-150400.9.24.2 * nodejs18-debugsource-18.20.4-150400.9.24.2 * npm18-18.20.4-150400.9.24.2 * nodejs18-devel-18.20.4-150400.9.24.2 * nodejs18-debuginfo-18.20.4-150400.9.24.2 * corepack18-18.20.4-150400.9.24.2 * openSUSE Leap 15.4 (noarch) * nodejs18-docs-18.20.4-150400.9.24.2 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * nodejs18-18.20.4-150400.9.24.2 * nodejs18-debugsource-18.20.4-150400.9.24.2 * npm18-18.20.4-150400.9.24.2 * nodejs18-devel-18.20.4-150400.9.24.2 * nodejs18-debuginfo-18.20.4-150400.9.24.2 * corepack18-18.20.4-150400.9.24.2 * openSUSE Leap 15.5 (noarch) * nodejs18-docs-18.20.4-150400.9.24.2 * Web and Scripting Module 15-SP5 (aarch64 ppc64le s390x x86_64) * nodejs18-18.20.4-150400.9.24.2 * nodejs18-debugsource-18.20.4-150400.9.24.2 * npm18-18.20.4-150400.9.24.2 * nodejs18-devel-18.20.4-150400.9.24.2 * nodejs18-debuginfo-18.20.4-150400.9.24.2 * Web and Scripting Module 15-SP5 (noarch) * nodejs18-docs-18.20.4-150400.9.24.2 ## References: * https://www.suse.com/security/cve/CVE-2024-22020.html * https://www.suse.com/security/cve/CVE-2024-27980.html * https://www.suse.com/security/cve/CVE-2024-36138.html * https://bugzilla.suse.com/show_bug.cgi?id=1222665 * https://bugzilla.suse.com/show_bug.cgi?id=1227554 * https://bugzilla.suse.com/show_bug.cgi?id=1227560 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jul 17 08:30:09 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 17 Jul 2024 08:30:09 -0000 Subject: SUSE-SU-2024:2541-1: important: Security update for libndp Message-ID: <172120500908.24565.15704651927873327296@smelt2.prg2.suse.org> # Security update for libndp Announcement ID: SUSE-SU-2024:2541-1 Rating: important References: * bsc#1225771 Cross-References: * CVE-2024-5564 CVSS scores: * CVE-2024-5564 ( SUSE ): 7.5 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for libndp fixes the following issues: * CVE-2024-5564: Fixed buffer overflow in route information length field (bsc#1225771) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-2541=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-2541=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-2541=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * libndp-debuginfo-1.6-4.5.1 * libndp-debugsource-1.6-4.5.1 * libndp0-debuginfo-1.6-4.5.1 * libndp0-1.6-4.5.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * libndp-debuginfo-1.6-4.5.1 * libndp-debugsource-1.6-4.5.1 * libndp0-debuginfo-1.6-4.5.1 * libndp0-1.6-4.5.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * libndp-debuginfo-1.6-4.5.1 * libndp-debugsource-1.6-4.5.1 * libndp0-debuginfo-1.6-4.5.1 * libndp0-1.6-4.5.1 ## References: * https://www.suse.com/security/cve/CVE-2024-5564.html * https://bugzilla.suse.com/show_bug.cgi?id=1225771 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jul 17 08:30:10 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 17 Jul 2024 08:30:10 -0000 Subject: SUSE-SU-2024:2539-1: important: Security update for tomcat Message-ID: <172120501061.24565.2015353660053496001@smelt2.prg2.suse.org> # Security update for tomcat Announcement ID: SUSE-SU-2024:2539-1 Rating: important References: * bsc#1227399 Cross-References: * CVE-2024-34750 CVSS scores: * CVE-2024-34750 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for tomcat fixes the following issues: * CVE-2024-34750: Fixed improper handling of exceptional conditions (bsc#1227399) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-2539=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-2539=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-2539=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 12 SP5 (noarch) * tomcat-webapps-9.0.36-3.127.1 * tomcat-jsp-2_3-api-9.0.36-3.127.1 * tomcat-el-3_0-api-9.0.36-3.127.1 * tomcat-javadoc-9.0.36-3.127.1 * tomcat-9.0.36-3.127.1 * tomcat-admin-webapps-9.0.36-3.127.1 * tomcat-servlet-4_0-api-9.0.36-3.127.1 * tomcat-docs-webapp-9.0.36-3.127.1 * tomcat-lib-9.0.36-3.127.1 * SUSE Linux Enterprise Server 12 SP5 (noarch) * tomcat-webapps-9.0.36-3.127.1 * tomcat-jsp-2_3-api-9.0.36-3.127.1 * tomcat-el-3_0-api-9.0.36-3.127.1 * tomcat-javadoc-9.0.36-3.127.1 * tomcat-9.0.36-3.127.1 * tomcat-admin-webapps-9.0.36-3.127.1 * tomcat-servlet-4_0-api-9.0.36-3.127.1 * tomcat-docs-webapp-9.0.36-3.127.1 * tomcat-lib-9.0.36-3.127.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (noarch) * tomcat-webapps-9.0.36-3.127.1 * tomcat-jsp-2_3-api-9.0.36-3.127.1 * tomcat-el-3_0-api-9.0.36-3.127.1 * tomcat-javadoc-9.0.36-3.127.1 * tomcat-9.0.36-3.127.1 * tomcat-admin-webapps-9.0.36-3.127.1 * tomcat-servlet-4_0-api-9.0.36-3.127.1 * tomcat-docs-webapp-9.0.36-3.127.1 * tomcat-lib-9.0.36-3.127.1 ## References: * https://www.suse.com/security/cve/CVE-2024-34750.html * https://bugzilla.suse.com/show_bug.cgi?id=1227399 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jul 17 16:30:08 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 17 Jul 2024 16:30:08 -0000 Subject: SUSE-SU-2024:2546-1: moderate: Security update for gnutls Message-ID: <172123380840.22596.8488659156133260937@smelt2.prg2.suse.org> # Security update for gnutls Announcement ID: SUSE-SU-2024:2546-1 Rating: moderate References: * bsc#1221242 * bsc#1221746 * bsc#1221747 Cross-References: * CVE-2024-28834 * CVE-2024-28835 CVSS scores: * CVE-2024-28834 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-28835 ( SUSE ): 5.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro for Rancher 5.3 An update that solves two vulnerabilities and has one security fix can now be installed. ## Description: This update for gnutls fixes the following issues: * CVE-2024-28835: Fixed a certtool crash when verifying a certificate chain (bsc#1221747). * CVE-2024-28834: Fixed a side-channel attack in the deterministic ECDSA (bsc#1221746). Other fixes: * Fixed a memory leak when using the entropy collector (bsc#1221242). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-2546=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-2546=1 ## Package List: * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * gnutls-debuginfo-3.7.3-150400.8.1 * gnutls-debugsource-3.7.3-150400.8.1 * libgnutls30-3.7.3-150400.8.1 * libgnutls30-hmac-3.7.3-150400.8.1 * gnutls-3.7.3-150400.8.1 * libgnutls30-debuginfo-3.7.3-150400.8.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * gnutls-debuginfo-3.7.3-150400.8.1 * gnutls-debugsource-3.7.3-150400.8.1 * libgnutls30-3.7.3-150400.8.1 * libgnutls30-hmac-3.7.3-150400.8.1 * gnutls-3.7.3-150400.8.1 * libgnutls30-debuginfo-3.7.3-150400.8.1 ## References: * https://www.suse.com/security/cve/CVE-2024-28834.html * https://www.suse.com/security/cve/CVE-2024-28835.html * https://bugzilla.suse.com/show_bug.cgi?id=1221242 * https://bugzilla.suse.com/show_bug.cgi?id=1221746 * https://bugzilla.suse.com/show_bug.cgi?id=1221747 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jul 17 16:30:12 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 17 Jul 2024 16:30:12 -0000 Subject: SUSE-SU-2024:2545-1: important: Security update for python-Django Message-ID: <172123381295.22596.16771879198504983745@smelt2.prg2.suse.org> # Security update for python-Django Announcement ID: SUSE-SU-2024:2545-1 Rating: important References: * bsc#1207565 * bsc#1227590 * bsc#1227593 * bsc#1227594 * bsc#1227595 Cross-References: * CVE-2023-23969 * CVE-2024-38875 * CVE-2024-39329 * CVE-2024-39330 * CVE-2024-39614 CVSS scores: * CVE-2023-23969 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-23969 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38875 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-39329 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2024-39330 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2024-39614 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.5 An update that solves five vulnerabilities can now be installed. ## Description: This update for python-Django fixes the following issues: * CVE-2024-38875: Fixed potential denial-of-service attack via certain inputs with a very large number of brackets (bsc#1227590) * CVE-2024-39329: Fixed username enumeration through timing difference for users with unusable passwords (bsc#1227593) * CVE-2024-39330: Fixed potential directory traversal in django.core.files.storage.Storage.save() (bsc#1227594) * CVE-2024-39614: Fixed potential denial-of-service through django.utils.translation.get_supported_language_variant() (bsc#1227595) * CVE-2023-23969: Fixed potential denial-of-service via Accept-Language headers (bsc#1207565) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-2545=1 ## Package List: * openSUSE Leap 15.5 (noarch) * python3-Django-2.0.7-150000.1.20.1 ## References: * https://www.suse.com/security/cve/CVE-2023-23969.html * https://www.suse.com/security/cve/CVE-2024-38875.html * https://www.suse.com/security/cve/CVE-2024-39329.html * https://www.suse.com/security/cve/CVE-2024-39330.html * https://www.suse.com/security/cve/CVE-2024-39614.html * https://bugzilla.suse.com/show_bug.cgi?id=1207565 * https://bugzilla.suse.com/show_bug.cgi?id=1227590 * https://bugzilla.suse.com/show_bug.cgi?id=1227593 * https://bugzilla.suse.com/show_bug.cgi?id=1227594 * https://bugzilla.suse.com/show_bug.cgi?id=1227595 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jul 17 20:30:03 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 17 Jul 2024 20:30:03 -0000 Subject: SUSE-SU-2024:2547-1: moderate: Security update for ghostscript Message-ID: <172124820327.1012.10340303054005620180@smelt2.prg2.suse.org> # Security update for ghostscript Announcement ID: SUSE-SU-2024:2547-1 Rating: moderate References: * bsc#1227380 Cross-References: * CVE-2024-29508 CVSS scores: * CVE-2024-29508 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for ghostscript fixes the following issues: * CVE-2024-29508: Fixed heap pointer leak in pdf_base_font_alloc (bsc#1227380) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-2547=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-2547=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-2547=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-2547=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * ghostscript-devel-9.52-23.83.1 * ghostscript-debuginfo-9.52-23.83.1 * ghostscript-debugsource-9.52-23.83.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * ghostscript-x11-debuginfo-9.52-23.83.1 * ghostscript-devel-9.52-23.83.1 * ghostscript-9.52-23.83.1 * ghostscript-debuginfo-9.52-23.83.1 * ghostscript-debugsource-9.52-23.83.1 * ghostscript-x11-9.52-23.83.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * ghostscript-x11-debuginfo-9.52-23.83.1 * ghostscript-devel-9.52-23.83.1 * ghostscript-9.52-23.83.1 * ghostscript-debuginfo-9.52-23.83.1 * ghostscript-debugsource-9.52-23.83.1 * ghostscript-x11-9.52-23.83.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * ghostscript-x11-debuginfo-9.52-23.83.1 * ghostscript-devel-9.52-23.83.1 * ghostscript-9.52-23.83.1 * ghostscript-debuginfo-9.52-23.83.1 * ghostscript-debugsource-9.52-23.83.1 * ghostscript-x11-9.52-23.83.1 ## References: * https://www.suse.com/security/cve/CVE-2024-29508.html * https://bugzilla.suse.com/show_bug.cgi?id=1227380 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Jul 18 08:30:08 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 18 Jul 2024 08:30:08 -0000 Subject: SUSE-SU-2024:2548-1: important: Security update for podman Message-ID: <172129140886.20054.16667532585796633783@smelt2.prg2.suse.org> # Security update for podman Announcement ID: SUSE-SU-2024:2548-1 Rating: important References: * bsc#1224122 Cross-References: * CVE-2024-3727 CVSS scores: * CVE-2024-3727 ( SUSE ): 8.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 An update that solves one vulnerability can now be installed. ## Description: This update for podman fixes the following issues: * CVE-2024-3727: Fixed digest type does not guarantee valid type in containers/image (bsc#1224122) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-2548=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-2548=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-2548=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * podman-2.1.1-150100.4.31.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (noarch) * podman-cni-config-2.1.1-150100.4.31.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * podman-2.1.1-150100.4.31.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (noarch) * podman-cni-config-2.1.1-150100.4.31.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * podman-2.1.1-150100.4.31.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (noarch) * podman-cni-config-2.1.1-150100.4.31.1 ## References: * https://www.suse.com/security/cve/CVE-2024-3727.html * https://bugzilla.suse.com/show_bug.cgi?id=1224122 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Jul 18 12:30:09 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 18 Jul 2024 12:30:09 -0000 Subject: SUSE-SU-2024:2559-1: important: Security update for the Linux Kernel (Live Patch 56 for SLE 12 SP5) Message-ID: <172130580931.8994.11336582853759956614@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 56 for SLE 12 SP5) Announcement ID: SUSE-SU-2024:2559-1 Rating: important References: * bsc#1210619 * bsc#1220537 * bsc#1223363 * bsc#1223683 * bsc#1225211 Cross-References: * CVE-2021-46955 * CVE-2021-47383 * CVE-2023-1829 * CVE-2024-26828 * CVE-2024-26923 CVSS scores: * CVE-2021-46955 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2021-47383 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-1829 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-1829 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26828 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H * CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Live Patching 12-SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves five vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 4.12.14-122_216 fixes several issues. The following security issues were fixed: * CVE-2021-47383: Fixed out-of-bound vmalloc access in imageblit (bsc#1225211). * CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683). * CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223363). * CVE-2021-46955: Fixed an out-of-bounds read with openvswitch, when fragmenting IPv4 packets (bsc#1220537). * CVE-2023-1829: Fixed a use-after-free vulnerability in the control index filter (tcindex) (bsc#1210619). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 12-SP5 zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2024-2559=1 ## Package List: * SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64) * kgraft-patch-4_12_14-122_216-default-3-8.6.1 ## References: * https://www.suse.com/security/cve/CVE-2021-46955.html * https://www.suse.com/security/cve/CVE-2021-47383.html * https://www.suse.com/security/cve/CVE-2023-1829.html * https://www.suse.com/security/cve/CVE-2024-26828.html * https://www.suse.com/security/cve/CVE-2024-26923.html * https://bugzilla.suse.com/show_bug.cgi?id=1210619 * https://bugzilla.suse.com/show_bug.cgi?id=1220537 * https://bugzilla.suse.com/show_bug.cgi?id=1223363 * https://bugzilla.suse.com/show_bug.cgi?id=1223683 * https://bugzilla.suse.com/show_bug.cgi?id=1225211 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Jul 18 12:30:17 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 18 Jul 2024 12:30:17 -0000 Subject: SUSE-SU-2024:2558-1: important: Security update for the Linux Kernel (Live Patch 54 for SLE 12 SP5) Message-ID: <172130581788.8994.14472878034037437094@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 54 for SLE 12 SP5) Announcement ID: SUSE-SU-2024:2558-1 Rating: important References: * bsc#1210619 * bsc#1220145 * bsc#1220537 * bsc#1222685 * bsc#1223059 * bsc#1223363 * bsc#1223514 * bsc#1223681 * bsc#1223683 * bsc#1225211 Cross-References: * CVE-2021-46955 * CVE-2021-47383 * CVE-2022-48651 * CVE-2023-1829 * CVE-2023-6546 * CVE-2024-23307 * CVE-2024-26828 * CVE-2024-26852 * CVE-2024-26923 * CVE-2024-26930 CVSS scores: * CVE-2021-46955 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2021-47383 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48651 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-1829 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-1829 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26828 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H * CVE-2024-26852 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26930 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26930 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Live Patching 12-SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves 10 vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 4.12.14-122_201 fixes several issues. The following security issues were fixed: * CVE-2021-47383: Fixed out-of-bound vmalloc access in imageblit (bsc#1225211). * CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683). * CVE-2024-26930: Fixed double free of the ha->vp_map pointer (bsc#1223681). * CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223363). * CVE-2021-46955: Fixed an out-of-bounds read with openvswitch, when fragmenting IPv4 packets (bsc#1220537). * CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5 modules (bsc#1220145). * CVE-2024-26852: Fixed use-after-free in ip6_route_mpath_notify() (bsc#1223059). * CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223514). * CVE-2023-6546: Fixed a race condition in the GSM 0710 tty multiplexor via the GSMIOC_SETCONF ioctl that could lead to local privilege escalation (bsc#1222685). * CVE-2023-1829: Fixed a use-after-free vulnerability in the control index filter (tcindex) (bsc#1210619). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 12-SP5 zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2024-2558=1 ## Package List: * SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64) * kgraft-patch-4_12_14-122_201-default-5-8.10.1 ## References: * https://www.suse.com/security/cve/CVE-2021-46955.html * https://www.suse.com/security/cve/CVE-2021-47383.html * https://www.suse.com/security/cve/CVE-2022-48651.html * https://www.suse.com/security/cve/CVE-2023-1829.html * https://www.suse.com/security/cve/CVE-2023-6546.html * https://www.suse.com/security/cve/CVE-2024-23307.html * https://www.suse.com/security/cve/CVE-2024-26828.html * https://www.suse.com/security/cve/CVE-2024-26852.html * https://www.suse.com/security/cve/CVE-2024-26923.html * https://www.suse.com/security/cve/CVE-2024-26930.html * https://bugzilla.suse.com/show_bug.cgi?id=1210619 * https://bugzilla.suse.com/show_bug.cgi?id=1220145 * https://bugzilla.suse.com/show_bug.cgi?id=1220537 * https://bugzilla.suse.com/show_bug.cgi?id=1222685 * https://bugzilla.suse.com/show_bug.cgi?id=1223059 * https://bugzilla.suse.com/show_bug.cgi?id=1223363 * https://bugzilla.suse.com/show_bug.cgi?id=1223514 * https://bugzilla.suse.com/show_bug.cgi?id=1223681 * https://bugzilla.suse.com/show_bug.cgi?id=1223683 * https://bugzilla.suse.com/show_bug.cgi?id=1225211 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Jul 18 12:30:24 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 18 Jul 2024 12:30:24 -0000 Subject: SUSE-SU-2024:2549-1: important: Security update for the Linux Kernel (Live Patch 47 for SLE 12 SP5) Message-ID: <172130582455.8994.2321252425353713112@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 47 for SLE 12 SP5) Announcement ID: SUSE-SU-2024:2549-1 Rating: important References: * bsc#1220145 * bsc#1223363 * bsc#1223681 * bsc#1223683 * bsc#1225211 Cross-References: * CVE-2021-47383 * CVE-2024-23307 * CVE-2024-26828 * CVE-2024-26923 * CVE-2024-26930 CVSS scores: * CVE-2021-47383 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26828 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H * CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26930 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26930 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Live Patching 12-SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves five vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 4.12.14-122_173 fixes several issues. The following security issues were fixed: * CVE-2021-47383: Fixed out-of-bound vmalloc access in imageblit (bsc#1225211). * CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683). * CVE-2024-26930: Fixed double free of the ha->vp_map pointer (bsc#1223681). * CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223363). * CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5 modules (bsc#1220145). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 12-SP5 zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2024-2553=1 SUSE-SLE-Live- Patching-12-SP5-2024-2554=1 SUSE-SLE-Live-Patching-12-SP5-2024-2555=1 SUSE-SLE- Live-Patching-12-SP5-2024-2556=1 SUSE-SLE-Live-Patching-12-SP5-2024-2557=1 SUSE- SLE-Live-Patching-12-SP5-2024-2551=1 SUSE-SLE-Live-Patching-12-SP5-2024-2549=1 SUSE-SLE-Live-Patching-12-SP5-2024-2550=1 SUSE-SLE-Live- Patching-12-SP5-2024-2552=1 ## Package List: * SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64) * kgraft-patch-4_12_14-122_165-default-14-2.1 * kgraft-patch-4_12_14-122_194-default-6-2.1 * kgraft-patch-4_12_14-122_183-default-10-2.1 * kgraft-patch-4_12_14-122_186-default-9-2.1 * kgraft-patch-4_12_14-122_189-default-8-2.1 * kgraft-patch-4_12_14-122_173-default-12-2.1 * kgraft-patch-4_12_14-122_162-default-15-2.1 * kgraft-patch-4_12_14-122_179-default-10-2.1 * kgraft-patch-4_12_14-122_176-default-11-2.1 ## References: * https://www.suse.com/security/cve/CVE-2021-47383.html * https://www.suse.com/security/cve/CVE-2024-23307.html * https://www.suse.com/security/cve/CVE-2024-26828.html * https://www.suse.com/security/cve/CVE-2024-26923.html * https://www.suse.com/security/cve/CVE-2024-26930.html * https://bugzilla.suse.com/show_bug.cgi?id=1220145 * https://bugzilla.suse.com/show_bug.cgi?id=1223363 * https://bugzilla.suse.com/show_bug.cgi?id=1223681 * https://bugzilla.suse.com/show_bug.cgi?id=1223683 * https://bugzilla.suse.com/show_bug.cgi?id=1225211 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Jul 18 16:43:02 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 18 Jul 2024 16:43:02 -0000 Subject: SUSE-SU-2024:2561-1: important: Security update for the Linux Kernel Message-ID: <172132098253.12012.15371257329085346951@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2024:2561-1 Rating: important References: * bsc#1119113 * bsc#1171988 * bsc#1191958 * bsc#1195065 * bsc#1195254 * bsc#1195775 * bsc#1204514 * bsc#1215420 * bsc#1216062 * bsc#1217912 * bsc#1218148 * bsc#1219224 * bsc#1220833 * bsc#1221010 * bsc#1221647 * bsc#1221654 * bsc#1221656 * bsc#1221659 * bsc#1221791 * bsc#1221958 * bsc#1222005 * bsc#1222015 * bsc#1222080 * bsc#1222364 * bsc#1222385 * bsc#1222435 * bsc#1222792 * bsc#1222809 * bsc#1222866 * bsc#1222879 * bsc#1222893 * bsc#1223013 * bsc#1223018 * bsc#1223021 * bsc#1223043 * bsc#1223188 * bsc#1223384 * bsc#1223532 * bsc#1223641 * bsc#1224177 * bsc#1224432 * bsc#1224504 * bsc#1224549 * bsc#1224552 * bsc#1224572 * bsc#1224575 * bsc#1224583 * bsc#1224588 * bsc#1224605 * bsc#1224622 * bsc#1224627 * bsc#1224647 * bsc#1224651 * bsc#1224660 * bsc#1224661 * bsc#1224662 * bsc#1224664 * bsc#1224668 * bsc#1224670 * bsc#1224672 * bsc#1224674 * bsc#1224677 * bsc#1224678 * bsc#1224683 * bsc#1224686 * bsc#1224703 * bsc#1224735 * bsc#1224739 * bsc#1224743 * bsc#1224763 * bsc#1224764 * bsc#1224765 * bsc#1224946 * bsc#1224951 * bsc#1224965 * bsc#1224967 * bsc#1224976 * bsc#1224977 * bsc#1224978 * bsc#1224993 * bsc#1224997 * bsc#1225047 * bsc#1225140 * bsc#1225184 * bsc#1225203 * bsc#1225229 * bsc#1225232 * bsc#1225261 * bsc#1225306 * bsc#1225337 * bsc#1225357 * bsc#1225372 * bsc#1225431 * bsc#1225463 * bsc#1225478 * bsc#1225484 * bsc#1225487 * bsc#1225490 * bsc#1225505 * bsc#1225514 * bsc#1225518 * bsc#1225530 * bsc#1225532 * bsc#1225548 * bsc#1225555 * bsc#1225556 * bsc#1225559 * bsc#1225569 * bsc#1225571 * bsc#1225573 * bsc#1225577 * bsc#1225583 * bsc#1225585 * bsc#1225593 * bsc#1225599 * bsc#1225602 * bsc#1225611 * bsc#1225642 * bsc#1225681 * bsc#1225704 * bsc#1225722 * bsc#1225749 * bsc#1225758 * bsc#1225760 * bsc#1225761 * bsc#1225767 * bsc#1225770 * bsc#1225815 * bsc#1225835 * bsc#1225840 * bsc#1225848 * bsc#1225866 * bsc#1225872 * bsc#1225894 * bsc#1225895 * bsc#1225898 * bsc#1226211 * bsc#1226212 * bsc#1226537 * bsc#1226554 * bsc#1226557 * bsc#1226562 * bsc#1226567 * bsc#1226575 * bsc#1226577 * bsc#1226593 * bsc#1226595 * bsc#1226597 * bsc#1226610 * bsc#1226614 * bsc#1226619 * bsc#1226621 * bsc#1226634 * bsc#1226637 * bsc#1226670 * bsc#1226672 * bsc#1226692 * bsc#1226698 * bsc#1226699 * bsc#1226701 * bsc#1226705 * bsc#1226708 * bsc#1226711 * bsc#1226712 * bsc#1226716 * bsc#1226718 * bsc#1226732 * bsc#1226735 * bsc#1226744 * bsc#1226746 * bsc#1226747 * bsc#1226749 * bsc#1226754 * bsc#1226757 * bsc#1226767 * bsc#1226769 * bsc#1226857 * bsc#1226861 * bsc#1226876 * bsc#1226883 * bsc#1226886 * bsc#1226895 * bsc#1226948 * bsc#1226949 * bsc#1226950 * bsc#1226962 * bsc#1226976 * bsc#1226994 * bsc#1226996 * bsc#1227101 * bsc#1227407 * bsc#1227435 * bsc#1227487 Cross-References: * CVE-2020-10135 * CVE-2021-43389 * CVE-2021-4439 * CVE-2021-47103 * CVE-2021-47145 * CVE-2021-47191 * CVE-2021-47193 * CVE-2021-47201 * CVE-2021-47267 * CVE-2021-47270 * CVE-2021-47275 * CVE-2021-47293 * CVE-2021-47294 * CVE-2021-47297 * CVE-2021-47309 * CVE-2021-47328 * CVE-2021-47354 * CVE-2021-47372 * CVE-2021-47379 * CVE-2021-47407 * CVE-2021-47418 * CVE-2021-47434 * CVE-2021-47438 * CVE-2021-47445 * CVE-2021-47498 * CVE-2021-47518 * CVE-2021-47520 * CVE-2021-47544 * CVE-2021-47547 * CVE-2021-47566 * CVE-2021-47571 * CVE-2021-47576 * CVE-2021-47587 * CVE-2021-47589 * CVE-2021-47600 * CVE-2021-47602 * CVE-2021-47603 * CVE-2021-47609 * CVE-2021-47617 * CVE-2022-0435 * CVE-2022-22942 * CVE-2022-48711 * CVE-2022-48715 * CVE-2022-48722 * CVE-2022-48732 * CVE-2022-48733 * CVE-2022-48740 * CVE-2022-48743 * CVE-2022-48754 * CVE-2022-48756 * CVE-2022-48758 * CVE-2022-48759 * CVE-2022-48760 * CVE-2022-48761 * CVE-2022-48771 * CVE-2022-48772 * CVE-2023-24023 * CVE-2023-4244 * CVE-2023-52507 * CVE-2023-52622 * CVE-2023-52675 * CVE-2023-52683 * CVE-2023-52693 * CVE-2023-52737 * CVE-2023-52752 * CVE-2023-52753 * CVE-2023-52754 * CVE-2023-52757 * CVE-2023-52762 * CVE-2023-52764 * CVE-2023-52784 * CVE-2023-52808 * CVE-2023-52809 * CVE-2023-5281 * CVE-2023-52817 * CVE-2023-52818 * CVE-2023-52819 * CVE-2023-52832 * CVE-2023-52834 * CVE-2023-52835 * CVE-2023-52843 * CVE-2023-52845 * CVE-2023-52855 * CVE-2023-52881 * CVE-2024-26633 * CVE-2024-26635 * CVE-2024-26636 * CVE-2024-26641 * CVE-2024-26679 * CVE-2024-26687 * CVE-2024-26720 * CVE-2024-26813 * CVE-2024-26845 * CVE-2024-26863 * CVE-2024-26880 * CVE-2024-26894 * CVE-2024-26923 * CVE-2024-26928 * CVE-2024-26973 * CVE-2024-27399 * CVE-2024-27410 * CVE-2024-35247 * CVE-2024-35805 * CVE-2024-35807 * CVE-2024-35819 * CVE-2024-35822 * CVE-2024-35828 * CVE-2024-35835 * CVE-2024-35862 * CVE-2024-35863 * CVE-2024-35864 * CVE-2024-35865 * CVE-2024-35867 * CVE-2024-35868 * CVE-2024-35870 * CVE-2024-35886 * CVE-2024-35896 * CVE-2024-35922 * CVE-2024-35925 * CVE-2024-35930 * CVE-2024-35947 * CVE-2024-35950 * CVE-2024-35956 * CVE-2024-35958 * CVE-2024-35960 * CVE-2024-35962 * CVE-2024-35976 * CVE-2024-35979 * CVE-2024-35997 * CVE-2024-35998 * CVE-2024-36014 * CVE-2024-36016 * CVE-2024-36017 * CVE-2024-36025 * CVE-2024-36479 * CVE-2024-36880 * CVE-2024-36894 * CVE-2024-36915 * CVE-2024-36917 * CVE-2024-36919 * CVE-2024-36923 * CVE-2024-36934 * CVE-2024-36938 * CVE-2024-36940 * CVE-2024-36941 * CVE-2024-36949 * CVE-2024-36950 * CVE-2024-36952 * CVE-2024-36960 * CVE-2024-36964 * CVE-2024-37021 * CVE-2024-37354 * CVE-2024-38544 * CVE-2024-38545 * CVE-2024-38546 * CVE-2024-38549 * CVE-2024-38552 * CVE-2024-38553 * CVE-2024-38565 * CVE-2024-38567 * CVE-2024-38578 * CVE-2024-38579 * CVE-2024-38580 * CVE-2024-38597 * CVE-2024-38598 * CVE-2024-38601 * CVE-2024-38608 * CVE-2024-38618 * CVE-2024-38619 * CVE-2024-38621 * CVE-2024-38627 * CVE-2024-38659 * CVE-2024-38661 * CVE-2024-38780 * CVE-2024-39301 * CVE-2024-39475 CVSS scores: * CVE-2020-10135 ( SUSE ): 5.0 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2020-10135 ( NVD ): 5.4 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2021-43389 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-43389 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-4439 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2021-47103 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47145 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47191 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47193 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47193 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47201 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47267 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47270 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47275 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47293 ( SUSE ): 5.6 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:H * CVE-2021-47294 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47297 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47309 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47328 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47354 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2021-47372 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47379 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47407 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47418 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47434 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47438 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47445 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47498 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47518 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47518 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47520 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47520 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47544 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L * CVE-2021-47547 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2021-47566 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2021-47571 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47571 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47576 ( SUSE ): 3.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:L * CVE-2021-47587 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47589 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47600 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47602 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47603 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47609 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47617 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-0435 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2022-0435 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-22942 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-22942 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48711 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48715 ( SUSE ): 3.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2022-48722 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48732 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48733 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48740 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48743 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48754 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48756 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48758 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48759 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48760 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48761 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48771 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48772 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-24023 ( SUSE ): 6.8 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2023-24023 ( NVD ): 6.8 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2023-4244 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-4244 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52507 ( SUSE ): 5.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2023-52622 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52675 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52683 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52693 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52737 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52752 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52752 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52753 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52753 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52754 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52757 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52762 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52764 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52784 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52808 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52809 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52809 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-5281 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2023-5281 ( NVD ): 6.3 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2023-52817 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52817 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52818 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2023-52819 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2023-52832 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52834 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2023-52835 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2023-52843 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52845 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52855 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52881 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:L * CVE-2024-26633 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26635 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-26636 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26641 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-26679 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26687 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26720 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26813 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26845 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26863 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26880 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-26894 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26928 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26973 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27399 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27410 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35247 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35805 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35807 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35819 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35822 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-35828 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35835 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35862 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35863 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35864 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35865 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35867 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35868 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35870 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35886 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35896 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35922 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35925 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35930 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35947 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35950 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35956 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35958 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35960 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35976 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35979 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35997 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35997 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35998 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36014 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36016 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36017 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-36025 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L * CVE-2024-36479 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36880 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L * CVE-2024-36894 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36915 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-36917 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36919 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36923 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2024-36934 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:L * CVE-2024-36938 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36938 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36940 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-36941 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36949 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36950 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36952 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36960 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-36964 ( SUSE ): 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-37021 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-37354 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2024-38544 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38545 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38546 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38549 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38552 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-38553 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38565 ( SUSE ): 5.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-38567 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38578 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2024-38579 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-38580 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38597 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38598 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38601 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38608 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L * CVE-2024-38618 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38619 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38621 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38627 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38659 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:H * CVE-2024-38661 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38780 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38780 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-39301 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-39475 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-39475 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Availability Extension 12 SP5 * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Live Patching 12-SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 * SUSE Linux Enterprise Workstation Extension 12 12-SP5 An update that solves 176 vulnerabilities and has 17 security fixes can now be installed. ## Description: The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2020-10135: Legacy pairing and secure-connections pairing authentication Bluetooth might have allowed an unauthenticated user to complete authentication without pairing credentials via adjacent access (bsc#1171988). * CVE-2021-47103: net: sock: preserve kabi for sock (bsc#1221010). * CVE-2021-47145: btrfs: do not BUG_ON in link_to_fixup_dir (bsc#1222005). * CVE-2021-47191: Fix out-of-bound read in resp_readcap16() (bsc#1222866). * CVE-2021-47201: iavf: free q_vectors before queues in iavf_disable_vf (bsc#1222792). * CVE-2021-47267: usb: fix various gadget panics on 10gbps cabling (bsc#1224993). * CVE-2021-47270: usb: fix various gadgets null ptr deref on 10gbps cabling (bsc#1224997). * CVE-2021-47275: bcache: avoid oversized read request in cache missing code path (bsc#1224965). * CVE-2021-47293: net/sched: act_skbmod: Skip non-Ethernet packets (bsc#1224978). * CVE-2021-47294: netrom: Decrease sock refcount when sock timers expire (bsc#1224977). * CVE-2021-47297: net: fix uninit-value in caif_seqpkt_sendmsg (bsc#1224976). * CVE-2021-47309: net: validate lwtstate->data before returning from skb_tunnel_info() (bsc#1224967). * CVE-2021-47328: blacklist.conf: bsc#1225047 CVE-2021-47328: breaks kABI Also, does not apply. * CVE-2021-47354: drm/sched: Avoid data corruptions (bsc#1225140) * CVE-2021-47372: net: macb: fix use after free on rmmod (bsc#1225184). * CVE-2021-47379: blk-cgroup: fix UAF by grabbing blkcg lock before destroying blkg pd (bsc#1225203). * CVE-2021-47407: KVM: x86: Handle SRCU initialization failure during page track init (bsc#1225306). * CVE-2021-47418: net_sched: fix NULL deref in fifo_set_limit() (bsc#1225337). * CVE-2021-47434: xhci: Fix commad ring abort, write all 64 bits to CRCR register (bsc#1225232). * CVE-2021-47438: net/mlx5e: nullify cq->dbg pointer in mlx5_debug_cq_remove() (bsc#1225229) * CVE-2021-47445: drm/msm: Fix null pointer dereference on pointer edp (bsc#1225261) * CVE-2021-47498: dm rq: do not queue request to blk-mq during DM suspend (bsc#1225357). * CVE-2021-47518: nfc: fix potential NULL pointer deref in nfc_genl_dump_ses_done (bsc#1225372). * CVE-2021-47520: can: pch_can: pch_can_rx_normal: fix use after free (bsc#1225431). * CVE-2021-47544: tcp: fix page frag corruption on page fault (bsc#1225463). * CVE-2021-47547: net: tulip: de4x5: fix the problem that the array 'lp->phy' may be out of bound (bsc#1225505). * CVE-2021-47566: Fix clearing user buffer by properly using clear_user() (bsc#1225514). * CVE-2021-47571: staging: rtl8192e: Fix use after free in _rtl92e_pci_disconnect() (bsc#1225518). * CVE-2021-47587: net: systemport: Add global locking for descriptor lifecycle (bsc#1226567). * CVE-2021-47602: mac80211: track only QoS data frames for admission control (bsc#1226554). * CVE-2021-47609: firmware: arm_scpi: Fix string overflow in SCPI genpd driver (bsc#1226562) * CVE-2022-48732: drm/nouveau: fix off by one in BIOS boundary checking (bsc#1226716) * CVE-2022-48733: btrfs: fix use-after-free after failure to create a snapshot (bsc#1226718). * CVE-2022-48740: selinux: fix double free of cond_list on error paths (bsc#1226699). * CVE-2022-48743: net: amd-xgbe: Fix skb data length underflow (bsc#1226705). * CVE-2022-48756: drm/msm/dsi: invalid parameter check in msm_dsi_phy_enable (bsc#1226698) * CVE-2022-48759: rpmsg: char: Fix race between the release of rpmsg_ctrldev and cdev (bsc#1226711). * CVE-2022-48761: usb: xhci-plat: fix crash when suspend if remote wake enable (bsc#1226701). * CVE-2022-48772: media: lgdt3306a: Add a check against null-pointer-def (bsc#1226976). * CVE-2023-24023: Bluetooth: Add more enc key size check (bsc#1218148). * CVE-2023-4244: Fixed a use-after-free in the nf_tables component, which could be exploited to achieve local privilege escalation (bsc#1215420). * CVE-2023-52507: Fixed possible shift-out-of-bounds in nfc/nci (bsc#1220833). * CVE-2023-52622: ext4: avoid online resizing failures due to oversized flex bg (bsc#1222080). * CVE-2023-52675: powerpc/imc-pmu: Add a null pointer check in update_events_in_group() (bsc#1224504). * CVE-2023-52683: ACPI: LPIT: Avoid u32 multiplication overflow (bsc#1224627). * CVE-2023-52693: ACPI: video: check for error while searching for backlight device parent (bsc#1224686). * CVE-2023-52737: btrfs: lock the inode in shared mode before starting fiemap (bsc#1225484). * CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225487). * CVE-2023-52753: drm/amd/display: Avoid NULL dereference of timing generator (bsc#1225478). * CVE-2023-52754: media: imon: fix access to invalid resource for the second interface (bsc#1225490). * CVE-2023-52757: Fixed potential deadlock when releasing mids (bsc#1225548). * CVE-2023-52762: virtio-blk: fix implicit overflow on virtio_max_dma_size (bsc#1225573). * CVE-2023-52764: media: gspca: cpia1: shift-out-of-bounds in set_flicker (bsc#1225571). * CVE-2023-52784: bonding: stop the device in bond_setup_by_slave() (bsc#1224946). * CVE-2023-52817: drm/amdgpu: Fix a null pointer access when the smc_rreg pointer is NULL (bsc#1225569). * CVE-2023-52818: drm/amd: Fix UBSAN array-index-out-of-bounds for SMU7 (bsc#1225530). * CVE-2023-52819: drm/amd: Fix UBSAN array-index-out-of-bounds for Polaris and Tonga (bsc#1225532). * CVE-2023-52832: wifi: mac80211: do not return unset power in ieee80211_get_tx_power() (bsc#1225577). * CVE-2023-52834: atl1c: Work around the DMA RX overflow issue (bsc#1225599). * CVE-2023-52835: perf/core: Bail out early if the request AUX area is out of bound (bsc#1225602). * CVE-2023-52843: llc: verify mac len before reading mac header (bsc#1224951). * CVE-2023-52845: tipc: Change nla_policy for bearer-related names to NLA_NUL_STRING (bsc#1225585). * CVE-2023-52855: usb: dwc2: fix possible NULL pointer dereference caused by driver concurrency (bsc#1225583). * CVE-2023-52881: tcp: do not accept ACK of bytes we never sent (bsc#1225611). * CVE-2024-26633: ip6_tunnel: fix NEXTHDR_FRAGMENT handling in ip6_tnl_parse_tlv_enc_lim() (bsc#1221647). * CVE-2024-26635: llc: Drop support for ETH_P_TR_802_2 (bsc#1221656). * CVE-2024-26636: llc: make llc_ui_sendmsg() more robust against bonding changes (bsc#1221659). * CVE-2024-26641: ip6_tunnel: make sure to pull inner header in __ip6_tnl_rcv() (bsc#1221654). * CVE-2024-26679: Fixed read sk->sk_family once in inet_recv_error() (bsc#1222385). * CVE-2024-26687: Fixed xen/events close evtchn after mapping cleanup (bsc#1222435). * CVE-2024-26720: mm: Avoid overflows in dirty throttling logic (bsc#1222364). * CVE-2024-26813: vfio/platform: Create persistent IRQ handlers (bsc#1222809). * CVE-2024-26863: hsr: Fix uninit-value access in hsr_get_node() (bsc#1223021). * CVE-2024-26880: dm: call the resume method on internal suspend (bsc#1223188). * CVE-2024-26894: ACPI: processor_idle: Fix memory leak in acpi_processor_power_exit() (bsc#1223043). * CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223384). * CVE-2024-26928: Fixed potential UAF in cifs_debug_files_proc_show() (bsc#1223532). * CVE-2024-26973: fat: fix uninitialized field in nostale filehandles (bsc#1223641). * CVE-2024-27399: Bluetooth: l2cap: fix null-ptr-deref in l2cap_chan_timeout (bsc#1224177). * CVE-2024-27410: Reject iftype change with mesh ID change (bsc#1224432). * CVE-2024-35247: fpga: region: add owner module and take its refcount (bsc#1226948). * CVE-2024-35805: dm snapshot: fix lockup in dm_exception_table_exit (bsc#1224743). * CVE-2024-35807: ext4: fix corruption during on-line resize (bsc#1224735). * CVE-2024-35819: soc: fsl: qbman: Use raw spinlock for cgr_lock (bsc#1224683). * CVE-2024-35822: usb: udc: remove warning when queue disabled ep (bsc#1224739). * CVE-2024-35828: wifi: libertas: fix some memleaks in lbs_allocate_cmd_buffer() (bsc#1224622). * CVE-2024-35835: net/mlx5e: fix a double-free in arfs_create_groups (bsc#1224605). * CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted() (bsc#1224764). * CVE-2024-35863: Fixed potential UAF in is_valid_oplock_break() (bsc#1224763). * CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break() (bsc#1224765). * CVE-2024-35865: Fixed potential UAF in smb2_is_valid_oplock_break() (bsc#1224668). * CVE-2024-35867: Fixed potential UAF in cifs_stats_proc_show() (bsc#1224664). * CVE-2024-35868: Fixed potential UAF in cifs_stats_proc_write() (bsc#1224678). * CVE-2024-35870: Fixed UAF in smb2_reconnect_server() (bsc#1224672). * CVE-2024-35886: ipv6: Fix infinite recursion in fib6_dump_done() (bsc#1224670). * CVE-2024-35922: fbmon: prevent division by zero in fb_videomode_from_videomode() (bsc#1224660) * CVE-2024-35925: block: prevent division by zero in blk_rq_stat_sum() (bsc#1224661). * CVE-2024-35930: scsi: lpfc: Fix possible memory leak in lpfc_rcv_padisc() (bsc#1224651). * CVE-2024-35947: dyndbg: fix old BUG_ON in >control parser (bsc#1224647). * CVE-2024-35950: drm/client: Fully protect modes with dev->mode_config.mutex (bsc#1224703). * CVE-2024-35956: Fixed qgroup prealloc rsv leak in subvolume operations (bsc#1224674) * CVE-2024-35958: net: ena: Fix incorrect descriptor free behavior (bsc#1224677). * CVE-2024-35960: net/mlx5: Properly link new fs rules into the tree (bsc#1224588). * CVE-2024-35976: Validate user input for XDP_{UMEM|COMPLETION}_FILL_RING (bsc#1224575). * CVE-2024-35979: raid1: fix use-after-free for original bio in raid1_write_request() (bsc#1224572). * CVE-2024-35997: Remove I2C_HID_READ_PENDING flag to prevent lock-up (bsc#1224552). * CVE-2024-35998: Fixed lock ordering potential deadlock in cifs_sync_mid_result (bsc#1224549). * CVE-2024-36014: drm/arm/malidp: fix a possible null pointer dereference (bsc#1225593). * CVE-2024-36016: tty: n_gsm: fix possible out-of-bounds in gsm0_receive() (bsc#1225642). * CVE-2024-36017: rtnetlink: Correct nested IFLA_VF_VLAN_LIST attribute validation (bsc#1225681). * CVE-2024-36479: fpga: bridge: add owner module and take its refcount (bsc#1226949). * CVE-2024-36952: scsi: lpfc: Move NPIV's transport unregistration to after resource clean up (bsc#1225898). * CVE-2024-36880: Bluetooth: qca: add missing firmware sanity checks (bsc#1225722). * CVE-2024-36894: usb: gadget: f_fs: Fix race between aio_cancel() and AIO request complete (bsc#1225749). * CVE-2024-36915: nfc: llcp: fix nfc_llcp_setsockopt() unsafe copies (bsc#1225758). * CVE-2024-36917: block: fix overflow in blk_ioctl_discard() (bsc#1225770). * CVE-2024-36919: scsi: bnx2fc: Remove spin_lock_bh while releasing resources after upload (bsc#1225767). * CVE-2024-36923: fs/9p: fix uninitialized values during inode evict (bsc#1225815). * CVE-2024-36934: bna: ensure the copied buf is NUL terminated (bsc#1225760). * CVE-2024-36938: Fixed NULL pointer dereference in sk_psock_skb_ingress_enqueue (bsc#1225761). * CVE-2024-36940: pinctrl: core: delete incorrect free in pinctrl_enable() (bsc#1225840). * CVE-2024-36941: wifi: nl80211: do not free NULL coalescing rule (bsc#1225835). * CVE-2024-36949: amd/amdkfd: sync all devices to wait all processes being evicted (bsc#1225872) * CVE-2024-36950: firewire: ohci: mask bus reset interrupts between ISR and bottom half (bsc#1225895). * CVE-2024-36960: drm/vmwgfx: Fix invalid reads in fence signaled events (bsc#1225872) * CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000 (bsc#1225866). * CVE-2024-37021: fpga: manager: add owner module and take its refcount (bsc#1226950). * CVE-2024-37354: btrfs: fix crash on racing fsync and size-extending write into prealloc (bsc#1227101). * CVE-2024-38544: RDMA/rxe: Fix seg fault in rxe_comp_queue_pkt (bsc#1226597) * CVE-2024-38545: RDMA/hns: Fix UAF for cq async event (bsc#1226595). * CVE-2024-38546: drm: vc4: Fix possible null pointer dereference (bsc#1226593). * CVE-2024-38549: drm/mediatek: Add 0 size check to mtk_drm_gem_obj (bsc#1226735) * CVE-2024-38552: drm/amd/display: Fix potential index out of bounds in color (bsc#1226767) * CVE-2024-38553: net: fec: remove .ndo_poll_controller to avoid deadlock (bsc#1226744). * CVE-2024-38565: wifi: ar5523: enable proper endpoint verification (bsc#1226747). * CVE-2024-38567: wifi: carl9170: add a proper sanity check for endpoints (bsc#1226769). * CVE-2024-38578: ecryptfs: Fix buffer size for tag 66 packet (bsc#1226634). * CVE-2024-38579: crypto: bcm - Fix pointer arithmetic (bsc#1226637). * CVE-2024-38580: epoll: be better about file lifetimes (bsc#1226610). * CVE-2024-38597: eth: sungem: remove .ndo_poll_controller to avoid deadlocks (bsc#1226749). * CVE-2024-38598: md: fix resync softlockup when bitmap size is less than array size (bsc#1226757). * CVE-2024-38608: net/mlx5e: Fix netif state handling (bsc#1226746). * CVE-2024-38618: ALSA: timer: Set lower bound of start tick time (bsc#1226754). * CVE-2024-38619: usb-storage: alauda: Check whether the media is initialized (bsc#1226861). * CVE-2024-38621: media: stk1160: fix bounds checking in stk1160_copy_video() (bsc#1226895). * CVE-2024-38627: stm class: Fix a double free in stm_register_device() (bsc#1226857). * CVE-2024-38659: enic: Validate length of nl attributes in enic_set_vf_port (bsc#1226883). * CVE-2024-38661: s390/ap: Fix crash in AP internal function modify_bitmap() (bsc#1226996). * CVE-2024-38780: dma-buf/sw-sync: do not enable IRQ from sync_print_obj() (bsc#1226886). * CVE-2024-39301: net/9p: fix uninit-value in p9_client_rpc() (bsc#1226994). * CVE-2024-39475: fbdev: savage: Handle err return when savagefb_check_var failed (bsc#1227435) The following non-security bugs were fixed: * Btrfs: bail out on error during replay_dir_deletes (git-fixes) * Btrfs: clean up resources during umount after trans is aborted (git-fixes) * Btrfs: fix NULL pointer dereference in log_dir_items (git-fixes) * Btrfs: fix memory and mount leak in btrfs_ioctl_rm_dev_v2() (git-fixes) * Btrfs: fix unexpected EEXIST from btrfs_get_extent (git-fixes) * Btrfs: send, fix issuing write op when processing hole in no data mode (git- fixes) * KVM: allow KVM_BUG/KVM_BUG_ON to handle 64-bit cond (git-fixes). * NFSv4: Always clear the pNFS layout when handling ESTALE (bsc#1221791). * NFSv4: nfs_set_open_stateid must not trigger state recovery for closed state (bsc#1221791). * PM: hibernate: x86: Use crc32 instead of md5 for hibernation e820 integrity check (git-fixes). * PNFS for stateid errors retry against MDS first (bsc#1221791). * RDMA/mlx5: Add check for srq max_sge attribute (git-fixes) * Revert "build initrd without systemd" (bsc#1195775)" * SUNRPC: Fix gss_free_in_token_pages() (git-fixes). * SUNRPC: Fix loop termination condition in gss_free_in_token_pages() (git- fixes). * USB: serial: option: add Foxconn T99W265 with new baseline (git-fixes). * USB: serial: option: add Quectel EG912Y module support (git-fixes). * USB: serial: option: add Quectel RM500Q R13 firmware support (git-fixes). * arm64: asm-bug: Add .align 2 to the end of __BUG_ENTRY (git-fixes). * blk-cgroup: Fix NULL deref caused by blkg_policy_data being installed before init (bsc#1216062 bsc#1225203). * blk-cgroup: fix missing pd_online_fn() while activating policy (git-fixes bsc#1225203). * blk-cgroup: support to track if policy is online (bsc#1216062 bsc#1225203). * bpf, scripts: Correct GPL license name (git-fixes). * bsc#1225894: Fix build warning Fix the following build warning. * unused- variable (i) in ../drivers/gpu/drm/amd/amdkfd/kfd_device.c in kgd2kfd_resume ../drivers/gpu/drm/amd/amdkfd/kfd_device.c: In function 'kgd2kfd_resume': ../drivers/gpu/drm/amd/amdkfd/kfd_device.c:621:11: warning: unused variable 'i' [-Wunused-variable] * btrfs: add barriers to btrfs_sync_log before log_commit_wait wakeups (git- fixes) * btrfs: fix crash when trying to resume balance without the resume flag (git- fixes) * btrfs: fix describe_relocation when printing unknown flags (git-fixes) * btrfs: fix false EIO for missing device (git-fixes) * btrfs: tree-check: reduce stack consumption in check_dir_item (git-fixes) * btrfs: use correct compare function of dirty_metadata_bytes (git-fixes) * drm/amdgpu/debugfs: fix error code when smc register accessors are NULL (git-fixes). * drm/amdkfd: Rework kfd_locked handling (bsc#1225872) * fix compat handling of FICLONERANGE, FIDEDUPERANGE and FS_IOC_FIEMAP (bsc#1225848). * fs: make fiemap work from compat_ioctl (bsc#1225848). * iommu/amd: Fix sysfs leak in iommu init (git-fixes). * iommu/vt-d: Allocate local memory for page request queue (git-fixes). * ipvs: Fix checksumming on GSO of SCTP packets (bsc#1221958) * kabi: blkcg_policy_data fix KABI (bsc#1216062 bsc#1225203). * kgdb: Add kgdb_has_hit_break function (git-fixes). * kgdb: Move the extern declaration kgdb_has_hit_break() to generic kgdb.h (git-fixes). * mkspec-dtb: add toplevel symlinks also on arm * net: hsr: fix placement of logical operator in a multi-line statement (bsc#1223021). * net: usb: rtl8150 fix unintiatilzed variables in rtl8150_get_link_ksettings (git-fixes). * net: usb: smsc95xx: fix changing LED_SEL bit value updated from EEPROM (git- fixes). * nfs: Handle error of rpc_proc_register() in nfs_net_init() (git-fixes). * nfsd: optimise recalculate_deny_mode() for a common case (bsc#1217912). * nvmet: fix ns enable/disable possible hang (git-fixes). * ocfs2: adjust enabling place for la window (bsc#1219224). * ocfs2: fix sparse warnings (bsc#1219224). * ocfs2: improve write IO performance when fragmentation is high (bsc#1219224). * ocfs2: speed up chain-list searching (bsc#1219224). * powerpc/rtas: Prevent Spectre v1 gadget construction in sys_rtas() (bsc#1227487). * rpm/kernel-obs-build.spec.in: Add iso9660 (bsc#1226212) Some builds do not just create an iso9660 image, but also mount it during build. * rpm/kernel-obs-build.spec.in: Add networking modules for docker (bsc#1226211) docker needs more networking modules, even legacy iptable_nat and _filter. * rpm/kernel-obs-build.spec.in: Include algif_hash, aegis128 and xts modules afgif_hash is needed by some packages (e.g. iwd) for tests, xts is used for LUKS2 volumes by default and aegis128 is useful as AEAD cipher for LUKS2. Wrap the long line to make it readable. * sched/deadline: Fix BUG_ON condition for deboosted tasks (bsc#1227407). * scsi: 3w-xxxx: Add error handling for initialization failure in tw_probe() (git-fixes). * scsi: 53c700: Check that command slot is not NULL (git-fixes). * scsi: be2iscsi: Add length check when parsing nlattrs (git-fixes). * scsi: be2iscsi: Fix a memleak in beiscsi_init_wrb_handle() (git-fixes). * scsi: bfa: Fix function pointer type mismatch for hcb_qe->cbfn (git-fixes). * scsi: bnx2fc: Fix skb double free in bnx2fc_rcv() (git-fixes). * scsi: core: Decrease scsi_device's iorequest_cnt if dispatch failed (git- fixes). * scsi: core: Fix legacy /proc parsing buffer overflow (git-fixes). * scsi: core: Fix possible memory leak if device_add() fails (git-fixes). * scsi: csiostor: Avoid function pointer casts (git-fixes). * scsi: isci: Fix an error code problem in isci_io_request_build() (git- fixes). * scsi: iscsi: Add length check for nlattr payload (git-fixes). * scsi: iscsi: Add strlen() check in iscsi_if_set{_host}_param() (git-fixes). * scsi: iscsi_tcp: restrict to TCP sockets (git-fixes). * scsi: libfc: Fix potential NULL pointer dereference in fc_lport_ptp_setup() (git-fixes). * scsi: libsas: Add a helper sas_get_sas_addr_and_dev_type() (git-fixes). * scsi: libsas: Fix disk not being scanned in after being removed (git-fixes). * scsi: libsas: Introduce struct smp_disc_resp (git-fixes). * scsi: lpfc: Correct size for wqe for memset() (git-fixes). * scsi: lpfc: Fix double free in lpfc_cmpl_els_logo_acc() caused by lpfc_nlp_not_used() (git-fixes). * scsi: lpfc: Fix the NULL vs IS_ERR() bug for debugfs_create_file() (git- fixes). * scsi: megaraid_sas: Increase register read retry rount from 3 to 30 for selected registers (git-fixes). * scsi: mpt3sas: Fix in error path (git-fixes). * scsi: mpt3sas: Fix loop logic (git-fixes). * scsi: mpt3sas: Perform additional retries if doorbell read returns 0 (git- fixes). * scsi: qedf: Do not touch __user pointer in qedf_dbg_debug_cmd_read() directly (git-fixes). * scsi: qedf: Do not touch __user pointer in qedf_dbg_fp_int_cmd_read() directly (git-fixes). * scsi: qedf: Do not touch __user pointer in qedf_dbg_stop_io_on_error_cmd_read() directly (git-fixes). * scsi: qedf: Fix NULL dereference in error handling (git-fixes). * scsi: qedf: Fix firmware halt over suspend and resume (git-fixes). * scsi: qedi: Fix firmware halt over suspend and resume (git-fixes). * scsi: qedi: Fix potential deadlock on &qedi_percpu->p_work_lock (git-fixes). * scsi: qla2xxx: Fix off by one in qla_edif_app_getstats() (git-fixes). * scsi: qla4xxx: Add length check when parsing nlattrs (git-fixes). * scsi: snic: Fix double free in snic_tgt_create() (git-fixes). * scsi: snic: Fix possible memory leak if device_add() fails (git-fixes). * scsi: stex: Fix gcc 13 warnings (git-fixes). * scsi: target: core: Add TMF to tmr_list handling (bsc#1223018 CVE-26845). * sunrpc: fix NFSACL RPC retry on soft mount (git-fixes). * usb: port: Do not try to peer unused USB ports based on location (git- fixes). * usb: typec: tcpm: Skip hard reset when in error recovery (git-fixes). * x86/apic: Fix kernel panic when booting with intremap=off and x2apic_phys (git-fixes). * x86/boot/e820: Fix typo in e820.c comment (git-fixes). * x86/cpu: Fix AMD erratum #1485 on Zen4-based CPUs (git-fixes). * x86/fpu: Return proper error codes from user access functions (git-fixes). * x86/ioremap: Fix page aligned size calculation in __ioremap_caller() (git- fixes). * x86/kprobes: Fix kprobes instruction boudary check with CONFIG_RETHUNK (git- fixes). * x86/kprobes: Fix optprobe optimization check with CONFIG_RETHUNK (git- fixes). * x86/msr: Fix wr/rdmsr_safe_regs_on_cpu() prototypes (git-fixes). * x86/numa: Use cpumask_available instead of hardcoded NULL check (git-fixes). * x86/tsc: Trust initial offset in architectural TSC-adjust MSRs (bsc#1222015 bsc#1226962). * x86: __memcpy_flushcache: fix wrong alignment if size > 2^32 (git-fixes). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-HA-12-SP5-2024-2561=1 SUSE-SLE- SERVER-12-SP5-2024-2561=1 * SUSE Linux Enterprise High Availability Extension 12 SP5 zypper in -t patch SUSE-SLE-HA-12-SP5-2024-2561=1 * SUSE Linux Enterprise Live Patching 12-SP5 zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2024-2561=1 * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-2561=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-2561=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-2561=1 * SUSE Linux Enterprise Workstation Extension 12 12-SP5 zypper in -t patch SUSE-SLE-WE-12-SP5-2024-2561=1 ## Package List: * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * kernel-default-devel-4.12.14-122.222.1 * kernel-default-base-debuginfo-4.12.14-122.222.1 * kernel-default-debuginfo-4.12.14-122.222.1 * cluster-md-kmp-default-4.12.14-122.222.1 * dlm-kmp-default-4.12.14-122.222.1 * kernel-default-debugsource-4.12.14-122.222.1 * dlm-kmp-default-debuginfo-4.12.14-122.222.1 * kernel-syms-4.12.14-122.222.1 * cluster-md-kmp-default-debuginfo-4.12.14-122.222.1 * gfs2-kmp-default-debuginfo-4.12.14-122.222.1 * ocfs2-kmp-default-4.12.14-122.222.1 * kernel-default-base-4.12.14-122.222.1 * ocfs2-kmp-default-debuginfo-4.12.14-122.222.1 * gfs2-kmp-default-4.12.14-122.222.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (nosrc ppc64le x86_64) * kernel-default-4.12.14-122.222.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (noarch) * kernel-macros-4.12.14-122.222.1 * kernel-devel-4.12.14-122.222.1 * kernel-source-4.12.14-122.222.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (x86_64) * kernel-default-devel-debuginfo-4.12.14-122.222.1 * SUSE Linux Enterprise High Availability Extension 12 SP5 (ppc64le s390x x86_64) * kernel-default-debuginfo-4.12.14-122.222.1 * cluster-md-kmp-default-4.12.14-122.222.1 * dlm-kmp-default-4.12.14-122.222.1 * kernel-default-debugsource-4.12.14-122.222.1 * dlm-kmp-default-debuginfo-4.12.14-122.222.1 * cluster-md-kmp-default-debuginfo-4.12.14-122.222.1 * gfs2-kmp-default-debuginfo-4.12.14-122.222.1 * ocfs2-kmp-default-4.12.14-122.222.1 * ocfs2-kmp-default-debuginfo-4.12.14-122.222.1 * gfs2-kmp-default-4.12.14-122.222.1 * SUSE Linux Enterprise High Availability Extension 12 SP5 (nosrc) * kernel-default-4.12.14-122.222.1 * SUSE Linux Enterprise Live Patching 12-SP5 (nosrc) * kernel-default-4.12.14-122.222.1 * SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64) * kernel-default-debuginfo-4.12.14-122.222.1 * kernel-default-kgraft-4.12.14-122.222.1 * kernel-default-debugsource-4.12.14-122.222.1 * kgraft-patch-4_12_14-122_222-default-1-8.3.1 * kernel-default-kgraft-devel-4.12.14-122.222.1 * SUSE Linux Enterprise Software Development Kit 12 SP5 (noarch nosrc) * kernel-docs-4.12.14-122.222.1 * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * kernel-obs-build-debugsource-4.12.14-122.222.1 * kernel-obs-build-4.12.14-122.222.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 nosrc x86_64) * kernel-default-4.12.14-122.222.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * kernel-default-devel-4.12.14-122.222.1 * kernel-default-base-debuginfo-4.12.14-122.222.1 * kernel-default-debuginfo-4.12.14-122.222.1 * kernel-default-debugsource-4.12.14-122.222.1 * kernel-syms-4.12.14-122.222.1 * kernel-default-base-4.12.14-122.222.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (noarch) * kernel-macros-4.12.14-122.222.1 * kernel-devel-4.12.14-122.222.1 * kernel-source-4.12.14-122.222.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (x86_64) * kernel-default-devel-debuginfo-4.12.14-122.222.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-4.12.14-122.222.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * kernel-default-devel-4.12.14-122.222.1 * kernel-default-base-debuginfo-4.12.14-122.222.1 * kernel-default-debuginfo-4.12.14-122.222.1 * kernel-default-debugsource-4.12.14-122.222.1 * kernel-syms-4.12.14-122.222.1 * kernel-default-base-4.12.14-122.222.1 * SUSE Linux Enterprise Server 12 SP5 (noarch) * kernel-macros-4.12.14-122.222.1 * kernel-devel-4.12.14-122.222.1 * kernel-source-4.12.14-122.222.1 * SUSE Linux Enterprise Server 12 SP5 (s390x) * kernel-default-man-4.12.14-122.222.1 * SUSE Linux Enterprise Server 12 SP5 (x86_64) * kernel-default-devel-debuginfo-4.12.14-122.222.1 * SUSE Linux Enterprise Workstation Extension 12 12-SP5 (nosrc) * kernel-default-4.12.14-122.222.1 * SUSE Linux Enterprise Workstation Extension 12 12-SP5 (x86_64) * kernel-default-extra-4.12.14-122.222.1 * kernel-default-debugsource-4.12.14-122.222.1 * kernel-default-debuginfo-4.12.14-122.222.1 * kernel-default-extra-debuginfo-4.12.14-122.222.1 ## References: * https://www.suse.com/security/cve/CVE-2020-10135.html * https://www.suse.com/security/cve/CVE-2021-43389.html * https://www.suse.com/security/cve/CVE-2021-4439.html * https://www.suse.com/security/cve/CVE-2021-47103.html * https://www.suse.com/security/cve/CVE-2021-47145.html * https://www.suse.com/security/cve/CVE-2021-47191.html * https://www.suse.com/security/cve/CVE-2021-47193.html * https://www.suse.com/security/cve/CVE-2021-47201.html * https://www.suse.com/security/cve/CVE-2021-47267.html * https://www.suse.com/security/cve/CVE-2021-47270.html * https://www.suse.com/security/cve/CVE-2021-47275.html * https://www.suse.com/security/cve/CVE-2021-47293.html * https://www.suse.com/security/cve/CVE-2021-47294.html * https://www.suse.com/security/cve/CVE-2021-47297.html * https://www.suse.com/security/cve/CVE-2021-47309.html * https://www.suse.com/security/cve/CVE-2021-47328.html * https://www.suse.com/security/cve/CVE-2021-47354.html * https://www.suse.com/security/cve/CVE-2021-47372.html * https://www.suse.com/security/cve/CVE-2021-47379.html * https://www.suse.com/security/cve/CVE-2021-47407.html * https://www.suse.com/security/cve/CVE-2021-47418.html * https://www.suse.com/security/cve/CVE-2021-47434.html * https://www.suse.com/security/cve/CVE-2021-47438.html * https://www.suse.com/security/cve/CVE-2021-47445.html * https://www.suse.com/security/cve/CVE-2021-47498.html * https://www.suse.com/security/cve/CVE-2021-47518.html * https://www.suse.com/security/cve/CVE-2021-47520.html * https://www.suse.com/security/cve/CVE-2021-47544.html * https://www.suse.com/security/cve/CVE-2021-47547.html * https://www.suse.com/security/cve/CVE-2021-47566.html * https://www.suse.com/security/cve/CVE-2021-47571.html * https://www.suse.com/security/cve/CVE-2021-47576.html * https://www.suse.com/security/cve/CVE-2021-47587.html * https://www.suse.com/security/cve/CVE-2021-47589.html * https://www.suse.com/security/cve/CVE-2021-47600.html * https://www.suse.com/security/cve/CVE-2021-47602.html * https://www.suse.com/security/cve/CVE-2021-47603.html * https://www.suse.com/security/cve/CVE-2021-47609.html * https://www.suse.com/security/cve/CVE-2021-47617.html * https://www.suse.com/security/cve/CVE-2022-0435.html * https://www.suse.com/security/cve/CVE-2022-22942.html * https://www.suse.com/security/cve/CVE-2022-48711.html * https://www.suse.com/security/cve/CVE-2022-48715.html * https://www.suse.com/security/cve/CVE-2022-48722.html * https://www.suse.com/security/cve/CVE-2022-48732.html * https://www.suse.com/security/cve/CVE-2022-48733.html * https://www.suse.com/security/cve/CVE-2022-48740.html * https://www.suse.com/security/cve/CVE-2022-48743.html * https://www.suse.com/security/cve/CVE-2022-48754.html * https://www.suse.com/security/cve/CVE-2022-48756.html * https://www.suse.com/security/cve/CVE-2022-48758.html * https://www.suse.com/security/cve/CVE-2022-48759.html * https://www.suse.com/security/cve/CVE-2022-48760.html * https://www.suse.com/security/cve/CVE-2022-48761.html * https://www.suse.com/security/cve/CVE-2022-48771.html * https://www.suse.com/security/cve/CVE-2022-48772.html * https://www.suse.com/security/cve/CVE-2023-24023.html * https://www.suse.com/security/cve/CVE-2023-4244.html * https://www.suse.com/security/cve/CVE-2023-52507.html * https://www.suse.com/security/cve/CVE-2023-52622.html * https://www.suse.com/security/cve/CVE-2023-52675.html * https://www.suse.com/security/cve/CVE-2023-52683.html * https://www.suse.com/security/cve/CVE-2023-52693.html * https://www.suse.com/security/cve/CVE-2023-52737.html * https://www.suse.com/security/cve/CVE-2023-52752.html * https://www.suse.com/security/cve/CVE-2023-52753.html * https://www.suse.com/security/cve/CVE-2023-52754.html * https://www.suse.com/security/cve/CVE-2023-52757.html * https://www.suse.com/security/cve/CVE-2023-52762.html * https://www.suse.com/security/cve/CVE-2023-52764.html * https://www.suse.com/security/cve/CVE-2023-52784.html * https://www.suse.com/security/cve/CVE-2023-52808.html * https://www.suse.com/security/cve/CVE-2023-52809.html * https://www.suse.com/security/cve/CVE-2023-5281.html * https://www.suse.com/security/cve/CVE-2023-52817.html * https://www.suse.com/security/cve/CVE-2023-52818.html * https://www.suse.com/security/cve/CVE-2023-52819.html * https://www.suse.com/security/cve/CVE-2023-52832.html * https://www.suse.com/security/cve/CVE-2023-52834.html * https://www.suse.com/security/cve/CVE-2023-52835.html * https://www.suse.com/security/cve/CVE-2023-52843.html * https://www.suse.com/security/cve/CVE-2023-52845.html * https://www.suse.com/security/cve/CVE-2023-52855.html * https://www.suse.com/security/cve/CVE-2023-52881.html * https://www.suse.com/security/cve/CVE-2024-26633.html * https://www.suse.com/security/cve/CVE-2024-26635.html * https://www.suse.com/security/cve/CVE-2024-26636.html * https://www.suse.com/security/cve/CVE-2024-26641.html * https://www.suse.com/security/cve/CVE-2024-26679.html * https://www.suse.com/security/cve/CVE-2024-26687.html * https://www.suse.com/security/cve/CVE-2024-26720.html * https://www.suse.com/security/cve/CVE-2024-26813.html * https://www.suse.com/security/cve/CVE-2024-26845.html * https://www.suse.com/security/cve/CVE-2024-26863.html * https://www.suse.com/security/cve/CVE-2024-26880.html * https://www.suse.com/security/cve/CVE-2024-26894.html * https://www.suse.com/security/cve/CVE-2024-26923.html * https://www.suse.com/security/cve/CVE-2024-26928.html * https://www.suse.com/security/cve/CVE-2024-26973.html * https://www.suse.com/security/cve/CVE-2024-27399.html * https://www.suse.com/security/cve/CVE-2024-27410.html * https://www.suse.com/security/cve/CVE-2024-35247.html * https://www.suse.com/security/cve/CVE-2024-35805.html * https://www.suse.com/security/cve/CVE-2024-35807.html * https://www.suse.com/security/cve/CVE-2024-35819.html * https://www.suse.com/security/cve/CVE-2024-35822.html * https://www.suse.com/security/cve/CVE-2024-35828.html * https://www.suse.com/security/cve/CVE-2024-35835.html * https://www.suse.com/security/cve/CVE-2024-35862.html * https://www.suse.com/security/cve/CVE-2024-35863.html * https://www.suse.com/security/cve/CVE-2024-35864.html * https://www.suse.com/security/cve/CVE-2024-35865.html * https://www.suse.com/security/cve/CVE-2024-35867.html * https://www.suse.com/security/cve/CVE-2024-35868.html * https://www.suse.com/security/cve/CVE-2024-35870.html * https://www.suse.com/security/cve/CVE-2024-35886.html * https://www.suse.com/security/cve/CVE-2024-35896.html * https://www.suse.com/security/cve/CVE-2024-35922.html * https://www.suse.com/security/cve/CVE-2024-35925.html * https://www.suse.com/security/cve/CVE-2024-35930.html * https://www.suse.com/security/cve/CVE-2024-35947.html * https://www.suse.com/security/cve/CVE-2024-35950.html * https://www.suse.com/security/cve/CVE-2024-35956.html * https://www.suse.com/security/cve/CVE-2024-35958.html * https://www.suse.com/security/cve/CVE-2024-35960.html * https://www.suse.com/security/cve/CVE-2024-35962.html * https://www.suse.com/security/cve/CVE-2024-35976.html * https://www.suse.com/security/cve/CVE-2024-35979.html * https://www.suse.com/security/cve/CVE-2024-35997.html * https://www.suse.com/security/cve/CVE-2024-35998.html * https://www.suse.com/security/cve/CVE-2024-36014.html * https://www.suse.com/security/cve/CVE-2024-36016.html * https://www.suse.com/security/cve/CVE-2024-36017.html * https://www.suse.com/security/cve/CVE-2024-36025.html * https://www.suse.com/security/cve/CVE-2024-36479.html * https://www.suse.com/security/cve/CVE-2024-36880.html * https://www.suse.com/security/cve/CVE-2024-36894.html * https://www.suse.com/security/cve/CVE-2024-36915.html * https://www.suse.com/security/cve/CVE-2024-36917.html * https://www.suse.com/security/cve/CVE-2024-36919.html * https://www.suse.com/security/cve/CVE-2024-36923.html * https://www.suse.com/security/cve/CVE-2024-36934.html * https://www.suse.com/security/cve/CVE-2024-36938.html * https://www.suse.com/security/cve/CVE-2024-36940.html * https://www.suse.com/security/cve/CVE-2024-36941.html * https://www.suse.com/security/cve/CVE-2024-36949.html * https://www.suse.com/security/cve/CVE-2024-36950.html * https://www.suse.com/security/cve/CVE-2024-36952.html * https://www.suse.com/security/cve/CVE-2024-36960.html * https://www.suse.com/security/cve/CVE-2024-36964.html * https://www.suse.com/security/cve/CVE-2024-37021.html * https://www.suse.com/security/cve/CVE-2024-37354.html * https://www.suse.com/security/cve/CVE-2024-38544.html * https://www.suse.com/security/cve/CVE-2024-38545.html * https://www.suse.com/security/cve/CVE-2024-38546.html * https://www.suse.com/security/cve/CVE-2024-38549.html * https://www.suse.com/security/cve/CVE-2024-38552.html * https://www.suse.com/security/cve/CVE-2024-38553.html * https://www.suse.com/security/cve/CVE-2024-38565.html * https://www.suse.com/security/cve/CVE-2024-38567.html * https://www.suse.com/security/cve/CVE-2024-38578.html * https://www.suse.com/security/cve/CVE-2024-38579.html * https://www.suse.com/security/cve/CVE-2024-38580.html * https://www.suse.com/security/cve/CVE-2024-38597.html * https://www.suse.com/security/cve/CVE-2024-38598.html * https://www.suse.com/security/cve/CVE-2024-38601.html * https://www.suse.com/security/cve/CVE-2024-38608.html * https://www.suse.com/security/cve/CVE-2024-38618.html * https://www.suse.com/security/cve/CVE-2024-38619.html * https://www.suse.com/security/cve/CVE-2024-38621.html * https://www.suse.com/security/cve/CVE-2024-38627.html * https://www.suse.com/security/cve/CVE-2024-38659.html * https://www.suse.com/security/cve/CVE-2024-38661.html * https://www.suse.com/security/cve/CVE-2024-38780.html * https://www.suse.com/security/cve/CVE-2024-39301.html * https://www.suse.com/security/cve/CVE-2024-39475.html * https://bugzilla.suse.com/show_bug.cgi?id=1119113 * https://bugzilla.suse.com/show_bug.cgi?id=1171988 * https://bugzilla.suse.com/show_bug.cgi?id=1191958 * https://bugzilla.suse.com/show_bug.cgi?id=1195065 * https://bugzilla.suse.com/show_bug.cgi?id=1195254 * https://bugzilla.suse.com/show_bug.cgi?id=1195775 * https://bugzilla.suse.com/show_bug.cgi?id=1204514 * https://bugzilla.suse.com/show_bug.cgi?id=1215420 * https://bugzilla.suse.com/show_bug.cgi?id=1216062 * https://bugzilla.suse.com/show_bug.cgi?id=1217912 * https://bugzilla.suse.com/show_bug.cgi?id=1218148 * https://bugzilla.suse.com/show_bug.cgi?id=1219224 * https://bugzilla.suse.com/show_bug.cgi?id=1220833 * https://bugzilla.suse.com/show_bug.cgi?id=1221010 * https://bugzilla.suse.com/show_bug.cgi?id=1221647 * https://bugzilla.suse.com/show_bug.cgi?id=1221654 * https://bugzilla.suse.com/show_bug.cgi?id=1221656 * https://bugzilla.suse.com/show_bug.cgi?id=1221659 * https://bugzilla.suse.com/show_bug.cgi?id=1221791 * https://bugzilla.suse.com/show_bug.cgi?id=1221958 * https://bugzilla.suse.com/show_bug.cgi?id=1222005 * https://bugzilla.suse.com/show_bug.cgi?id=1222015 * https://bugzilla.suse.com/show_bug.cgi?id=1222080 * https://bugzilla.suse.com/show_bug.cgi?id=1222364 * https://bugzilla.suse.com/show_bug.cgi?id=1222385 * https://bugzilla.suse.com/show_bug.cgi?id=1222435 * https://bugzilla.suse.com/show_bug.cgi?id=1222792 * https://bugzilla.suse.com/show_bug.cgi?id=1222809 * https://bugzilla.suse.com/show_bug.cgi?id=1222866 * https://bugzilla.suse.com/show_bug.cgi?id=1222879 * https://bugzilla.suse.com/show_bug.cgi?id=1222893 * https://bugzilla.suse.com/show_bug.cgi?id=1223013 * https://bugzilla.suse.com/show_bug.cgi?id=1223018 * https://bugzilla.suse.com/show_bug.cgi?id=1223021 * https://bugzilla.suse.com/show_bug.cgi?id=1223043 * https://bugzilla.suse.com/show_bug.cgi?id=1223188 * https://bugzilla.suse.com/show_bug.cgi?id=1223384 * https://bugzilla.suse.com/show_bug.cgi?id=1223532 * https://bugzilla.suse.com/show_bug.cgi?id=1223641 * https://bugzilla.suse.com/show_bug.cgi?id=1224177 * https://bugzilla.suse.com/show_bug.cgi?id=1224432 * https://bugzilla.suse.com/show_bug.cgi?id=1224504 * https://bugzilla.suse.com/show_bug.cgi?id=1224549 * https://bugzilla.suse.com/show_bug.cgi?id=1224552 * https://bugzilla.suse.com/show_bug.cgi?id=1224572 * https://bugzilla.suse.com/show_bug.cgi?id=1224575 * https://bugzilla.suse.com/show_bug.cgi?id=1224583 * https://bugzilla.suse.com/show_bug.cgi?id=1224588 * https://bugzilla.suse.com/show_bug.cgi?id=1224605 * https://bugzilla.suse.com/show_bug.cgi?id=1224622 * https://bugzilla.suse.com/show_bug.cgi?id=1224627 * https://bugzilla.suse.com/show_bug.cgi?id=1224647 * https://bugzilla.suse.com/show_bug.cgi?id=1224651 * https://bugzilla.suse.com/show_bug.cgi?id=1224660 * https://bugzilla.suse.com/show_bug.cgi?id=1224661 * https://bugzilla.suse.com/show_bug.cgi?id=1224662 * https://bugzilla.suse.com/show_bug.cgi?id=1224664 * https://bugzilla.suse.com/show_bug.cgi?id=1224668 * https://bugzilla.suse.com/show_bug.cgi?id=1224670 * https://bugzilla.suse.com/show_bug.cgi?id=1224672 * https://bugzilla.suse.com/show_bug.cgi?id=1224674 * https://bugzilla.suse.com/show_bug.cgi?id=1224677 * https://bugzilla.suse.com/show_bug.cgi?id=1224678 * https://bugzilla.suse.com/show_bug.cgi?id=1224683 * https://bugzilla.suse.com/show_bug.cgi?id=1224686 * https://bugzilla.suse.com/show_bug.cgi?id=1224703 * https://bugzilla.suse.com/show_bug.cgi?id=1224735 * https://bugzilla.suse.com/show_bug.cgi?id=1224739 * https://bugzilla.suse.com/show_bug.cgi?id=1224743 * https://bugzilla.suse.com/show_bug.cgi?id=1224763 * https://bugzilla.suse.com/show_bug.cgi?id=1224764 * https://bugzilla.suse.com/show_bug.cgi?id=1224765 * https://bugzilla.suse.com/show_bug.cgi?id=1224946 * https://bugzilla.suse.com/show_bug.cgi?id=1224951 * https://bugzilla.suse.com/show_bug.cgi?id=1224965 * https://bugzilla.suse.com/show_bug.cgi?id=1224967 * https://bugzilla.suse.com/show_bug.cgi?id=1224976 * https://bugzilla.suse.com/show_bug.cgi?id=1224977 * https://bugzilla.suse.com/show_bug.cgi?id=1224978 * https://bugzilla.suse.com/show_bug.cgi?id=1224993 * https://bugzilla.suse.com/show_bug.cgi?id=1224997 * https://bugzilla.suse.com/show_bug.cgi?id=1225047 * https://bugzilla.suse.com/show_bug.cgi?id=1225140 * https://bugzilla.suse.com/show_bug.cgi?id=1225184 * https://bugzilla.suse.com/show_bug.cgi?id=1225203 * https://bugzilla.suse.com/show_bug.cgi?id=1225229 * https://bugzilla.suse.com/show_bug.cgi?id=1225232 * https://bugzilla.suse.com/show_bug.cgi?id=1225261 * https://bugzilla.suse.com/show_bug.cgi?id=1225306 * https://bugzilla.suse.com/show_bug.cgi?id=1225337 * https://bugzilla.suse.com/show_bug.cgi?id=1225357 * https://bugzilla.suse.com/show_bug.cgi?id=1225372 * https://bugzilla.suse.com/show_bug.cgi?id=1225431 * https://bugzilla.suse.com/show_bug.cgi?id=1225463 * https://bugzilla.suse.com/show_bug.cgi?id=1225478 * https://bugzilla.suse.com/show_bug.cgi?id=1225484 * https://bugzilla.suse.com/show_bug.cgi?id=1225487 * https://bugzilla.suse.com/show_bug.cgi?id=1225490 * https://bugzilla.suse.com/show_bug.cgi?id=1225505 * https://bugzilla.suse.com/show_bug.cgi?id=1225514 * https://bugzilla.suse.com/show_bug.cgi?id=1225518 * https://bugzilla.suse.com/show_bug.cgi?id=1225530 * https://bugzilla.suse.com/show_bug.cgi?id=1225532 * https://bugzilla.suse.com/show_bug.cgi?id=1225548 * https://bugzilla.suse.com/show_bug.cgi?id=1225555 * https://bugzilla.suse.com/show_bug.cgi?id=1225556 * https://bugzilla.suse.com/show_bug.cgi?id=1225559 * https://bugzilla.suse.com/show_bug.cgi?id=1225569 * https://bugzilla.suse.com/show_bug.cgi?id=1225571 * https://bugzilla.suse.com/show_bug.cgi?id=1225573 * https://bugzilla.suse.com/show_bug.cgi?id=1225577 * https://bugzilla.suse.com/show_bug.cgi?id=1225583 * https://bugzilla.suse.com/show_bug.cgi?id=1225585 * https://bugzilla.suse.com/show_bug.cgi?id=1225593 * https://bugzilla.suse.com/show_bug.cgi?id=1225599 * https://bugzilla.suse.com/show_bug.cgi?id=1225602 * https://bugzilla.suse.com/show_bug.cgi?id=1225611 * https://bugzilla.suse.com/show_bug.cgi?id=1225642 * https://bugzilla.suse.com/show_bug.cgi?id=1225681 * https://bugzilla.suse.com/show_bug.cgi?id=1225704 * https://bugzilla.suse.com/show_bug.cgi?id=1225722 * https://bugzilla.suse.com/show_bug.cgi?id=1225749 * https://bugzilla.suse.com/show_bug.cgi?id=1225758 * https://bugzilla.suse.com/show_bug.cgi?id=1225760 * https://bugzilla.suse.com/show_bug.cgi?id=1225761 * https://bugzilla.suse.com/show_bug.cgi?id=1225767 * https://bugzilla.suse.com/show_bug.cgi?id=1225770 * https://bugzilla.suse.com/show_bug.cgi?id=1225815 * https://bugzilla.suse.com/show_bug.cgi?id=1225835 * https://bugzilla.suse.com/show_bug.cgi?id=1225840 * https://bugzilla.suse.com/show_bug.cgi?id=1225848 * https://bugzilla.suse.com/show_bug.cgi?id=1225866 * https://bugzilla.suse.com/show_bug.cgi?id=1225872 * https://bugzilla.suse.com/show_bug.cgi?id=1225894 * https://bugzilla.suse.com/show_bug.cgi?id=1225895 * https://bugzilla.suse.com/show_bug.cgi?id=1225898 * https://bugzilla.suse.com/show_bug.cgi?id=1226211 * https://bugzilla.suse.com/show_bug.cgi?id=1226212 * https://bugzilla.suse.com/show_bug.cgi?id=1226537 * https://bugzilla.suse.com/show_bug.cgi?id=1226554 * https://bugzilla.suse.com/show_bug.cgi?id=1226557 * https://bugzilla.suse.com/show_bug.cgi?id=1226562 * https://bugzilla.suse.com/show_bug.cgi?id=1226567 * https://bugzilla.suse.com/show_bug.cgi?id=1226575 * https://bugzilla.suse.com/show_bug.cgi?id=1226577 * https://bugzilla.suse.com/show_bug.cgi?id=1226593 * https://bugzilla.suse.com/show_bug.cgi?id=1226595 * https://bugzilla.suse.com/show_bug.cgi?id=1226597 * https://bugzilla.suse.com/show_bug.cgi?id=1226610 * https://bugzilla.suse.com/show_bug.cgi?id=1226614 * https://bugzilla.suse.com/show_bug.cgi?id=1226619 * https://bugzilla.suse.com/show_bug.cgi?id=1226621 * https://bugzilla.suse.com/show_bug.cgi?id=1226634 * https://bugzilla.suse.com/show_bug.cgi?id=1226637 * https://bugzilla.suse.com/show_bug.cgi?id=1226670 * https://bugzilla.suse.com/show_bug.cgi?id=1226672 * https://bugzilla.suse.com/show_bug.cgi?id=1226692 * https://bugzilla.suse.com/show_bug.cgi?id=1226698 * https://bugzilla.suse.com/show_bug.cgi?id=1226699 * https://bugzilla.suse.com/show_bug.cgi?id=1226701 * https://bugzilla.suse.com/show_bug.cgi?id=1226705 * https://bugzilla.suse.com/show_bug.cgi?id=1226708 * https://bugzilla.suse.com/show_bug.cgi?id=1226711 * https://bugzilla.suse.com/show_bug.cgi?id=1226712 * https://bugzilla.suse.com/show_bug.cgi?id=1226716 * https://bugzilla.suse.com/show_bug.cgi?id=1226718 * https://bugzilla.suse.com/show_bug.cgi?id=1226732 * https://bugzilla.suse.com/show_bug.cgi?id=1226735 * https://bugzilla.suse.com/show_bug.cgi?id=1226744 * https://bugzilla.suse.com/show_bug.cgi?id=1226746 * https://bugzilla.suse.com/show_bug.cgi?id=1226747 * https://bugzilla.suse.com/show_bug.cgi?id=1226749 * https://bugzilla.suse.com/show_bug.cgi?id=1226754 * https://bugzilla.suse.com/show_bug.cgi?id=1226757 * https://bugzilla.suse.com/show_bug.cgi?id=1226767 * https://bugzilla.suse.com/show_bug.cgi?id=1226769 * https://bugzilla.suse.com/show_bug.cgi?id=1226857 * https://bugzilla.suse.com/show_bug.cgi?id=1226861 * https://bugzilla.suse.com/show_bug.cgi?id=1226876 * https://bugzilla.suse.com/show_bug.cgi?id=1226883 * https://bugzilla.suse.com/show_bug.cgi?id=1226886 * https://bugzilla.suse.com/show_bug.cgi?id=1226895 * https://bugzilla.suse.com/show_bug.cgi?id=1226948 * https://bugzilla.suse.com/show_bug.cgi?id=1226949 * https://bugzilla.suse.com/show_bug.cgi?id=1226950 * https://bugzilla.suse.com/show_bug.cgi?id=1226962 * https://bugzilla.suse.com/show_bug.cgi?id=1226976 * https://bugzilla.suse.com/show_bug.cgi?id=1226994 * https://bugzilla.suse.com/show_bug.cgi?id=1226996 * https://bugzilla.suse.com/show_bug.cgi?id=1227101 * https://bugzilla.suse.com/show_bug.cgi?id=1227407 * https://bugzilla.suse.com/show_bug.cgi?id=1227435 * https://bugzilla.suse.com/show_bug.cgi?id=1227487 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Jul 18 16:43:05 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 18 Jul 2024 16:43:05 -0000 Subject: SUSE-SU-2024:2560-1: important: Security update for apache2 Message-ID: <172132098520.12012.15971025795799813926@smelt2.prg2.suse.org> # Security update for apache2 Announcement ID: SUSE-SU-2024:2560-1 Rating: important References: * bsc#1227269 Cross-References: * CVE-2024-38476 CVSS scores: * CVE-2024-38476 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for apache2 fixes the following issues: * CVE-2024-38476: Fixed server may use exploitable/malicious backend application output to run local handlers via internal redirect (bsc#1227269) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-2560=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-2560=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-2560=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-2560=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * apache2-devel-2.4.51-35.54.1 * apache2-tls13-debuginfo-2.4.51-35.54.1 * apache2-tls13-devel-2.4.51-35.54.1 * apache2-debugsource-2.4.51-35.54.1 * apache2-debuginfo-2.4.51-35.54.1 * apache2-tls13-debugsource-2.4.51-35.54.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * apache2-tls13-example-pages-2.4.51-35.54.1 * apache2-example-pages-2.4.51-35.54.1 * apache2-tls13-debuginfo-2.4.51-35.54.1 * apache2-tls13-utils-debuginfo-2.4.51-35.54.1 * apache2-worker-debuginfo-2.4.51-35.54.1 * apache2-tls13-prefork-debuginfo-2.4.51-35.54.1 * apache2-tls13-2.4.51-35.54.1 * apache2-tls13-utils-2.4.51-35.54.1 * apache2-2.4.51-35.54.1 * apache2-debugsource-2.4.51-35.54.1 * apache2-debuginfo-2.4.51-35.54.1 * apache2-tls13-debugsource-2.4.51-35.54.1 * apache2-prefork-debuginfo-2.4.51-35.54.1 * apache2-tls13-prefork-2.4.51-35.54.1 * apache2-tls13-worker-2.4.51-35.54.1 * apache2-utils-2.4.51-35.54.1 * apache2-tls13-worker-debuginfo-2.4.51-35.54.1 * apache2-utils-debuginfo-2.4.51-35.54.1 * apache2-worker-2.4.51-35.54.1 * apache2-prefork-2.4.51-35.54.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (noarch) * apache2-doc-2.4.51-35.54.1 * apache2-tls13-doc-2.4.51-35.54.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * apache2-tls13-example-pages-2.4.51-35.54.1 * apache2-example-pages-2.4.51-35.54.1 * apache2-tls13-debuginfo-2.4.51-35.54.1 * apache2-tls13-utils-debuginfo-2.4.51-35.54.1 * apache2-worker-debuginfo-2.4.51-35.54.1 * apache2-tls13-prefork-debuginfo-2.4.51-35.54.1 * apache2-tls13-2.4.51-35.54.1 * apache2-tls13-utils-2.4.51-35.54.1 * apache2-2.4.51-35.54.1 * apache2-debugsource-2.4.51-35.54.1 * apache2-debuginfo-2.4.51-35.54.1 * apache2-tls13-debugsource-2.4.51-35.54.1 * apache2-prefork-debuginfo-2.4.51-35.54.1 * apache2-tls13-prefork-2.4.51-35.54.1 * apache2-tls13-worker-2.4.51-35.54.1 * apache2-utils-2.4.51-35.54.1 * apache2-tls13-worker-debuginfo-2.4.51-35.54.1 * apache2-utils-debuginfo-2.4.51-35.54.1 * apache2-worker-2.4.51-35.54.1 * apache2-prefork-2.4.51-35.54.1 * SUSE Linux Enterprise Server 12 SP5 (noarch) * apache2-doc-2.4.51-35.54.1 * apache2-tls13-doc-2.4.51-35.54.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * apache2-tls13-example-pages-2.4.51-35.54.1 * apache2-example-pages-2.4.51-35.54.1 * apache2-tls13-debuginfo-2.4.51-35.54.1 * apache2-tls13-utils-debuginfo-2.4.51-35.54.1 * apache2-worker-debuginfo-2.4.51-35.54.1 * apache2-tls13-prefork-debuginfo-2.4.51-35.54.1 * apache2-tls13-2.4.51-35.54.1 * apache2-tls13-utils-2.4.51-35.54.1 * apache2-2.4.51-35.54.1 * apache2-debugsource-2.4.51-35.54.1 * apache2-debuginfo-2.4.51-35.54.1 * apache2-tls13-debugsource-2.4.51-35.54.1 * apache2-prefork-debuginfo-2.4.51-35.54.1 * apache2-tls13-prefork-2.4.51-35.54.1 * apache2-tls13-worker-2.4.51-35.54.1 * apache2-utils-2.4.51-35.54.1 * apache2-tls13-worker-debuginfo-2.4.51-35.54.1 * apache2-utils-debuginfo-2.4.51-35.54.1 * apache2-worker-2.4.51-35.54.1 * apache2-prefork-2.4.51-35.54.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (noarch) * apache2-doc-2.4.51-35.54.1 * apache2-tls13-doc-2.4.51-35.54.1 ## References: * https://www.suse.com/security/cve/CVE-2024-38476.html * https://bugzilla.suse.com/show_bug.cgi?id=1227269 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Jul 19 20:30:05 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 19 Jul 2024 20:30:05 -0000 Subject: SUSE-SU-2024:2567-1: important: Security update for emacs Message-ID: <172142100545.14458.16245740928370697969@smelt2.prg2.suse.org> # Security update for emacs Announcement ID: SUSE-SU-2024:2567-1 Rating: important References: * bsc#1226957 Cross-References: * CVE-2024-39331 CVSS scores: * CVE-2024-39331 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP5 * Basesystem Module 15-SP6 * Desktop Applications Module 15-SP5 * Desktop Applications Module 15-SP6 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for emacs fixes the following issues: * CVE-2024-39331: Fixed evaluation of arbitrary unsafe Elisp code in Org mode (bsc#1226957). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-2567=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-2567=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-2567=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-2567=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-2567=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-2567=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-2567=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-2567=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-2567=1 * Desktop Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP5-2024-2567=1 * Desktop Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2024-2567=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-2567=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-2567=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-2567=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-2567=1 ## Package List: * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * emacs-debuginfo-27.2-150400.3.17.1 * emacs-nox-debuginfo-27.2-150400.3.17.1 * emacs-x11-27.2-150400.3.17.1 * emacs-x11-debuginfo-27.2-150400.3.17.1 * etags-debuginfo-27.2-150400.3.17.1 * emacs-nox-27.2-150400.3.17.1 * emacs-debugsource-27.2-150400.3.17.1 * etags-27.2-150400.3.17.1 * emacs-27.2-150400.3.17.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * emacs-el-27.2-150400.3.17.1 * emacs-info-27.2-150400.3.17.1 * SUSE Manager Proxy 4.3 (x86_64) * emacs-debuginfo-27.2-150400.3.17.1 * emacs-nox-debuginfo-27.2-150400.3.17.1 * etags-debuginfo-27.2-150400.3.17.1 * emacs-nox-27.2-150400.3.17.1 * emacs-debugsource-27.2-150400.3.17.1 * etags-27.2-150400.3.17.1 * emacs-27.2-150400.3.17.1 * SUSE Manager Proxy 4.3 (noarch) * emacs-el-27.2-150400.3.17.1 * emacs-info-27.2-150400.3.17.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * emacs-debuginfo-27.2-150400.3.17.1 * emacs-nox-debuginfo-27.2-150400.3.17.1 * etags-debuginfo-27.2-150400.3.17.1 * emacs-nox-27.2-150400.3.17.1 * emacs-debugsource-27.2-150400.3.17.1 * etags-27.2-150400.3.17.1 * emacs-27.2-150400.3.17.1 * SUSE Manager Retail Branch Server 4.3 (noarch) * emacs-el-27.2-150400.3.17.1 * emacs-info-27.2-150400.3.17.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * emacs-debuginfo-27.2-150400.3.17.1 * emacs-nox-debuginfo-27.2-150400.3.17.1 * etags-debuginfo-27.2-150400.3.17.1 * emacs-nox-27.2-150400.3.17.1 * emacs-debugsource-27.2-150400.3.17.1 * etags-27.2-150400.3.17.1 * emacs-27.2-150400.3.17.1 * SUSE Manager Server 4.3 (noarch) * emacs-el-27.2-150400.3.17.1 * emacs-info-27.2-150400.3.17.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * emacs-debuginfo-27.2-150400.3.17.1 * emacs-nox-debuginfo-27.2-150400.3.17.1 * emacs-x11-27.2-150400.3.17.1 * emacs-x11-debuginfo-27.2-150400.3.17.1 * etags-debuginfo-27.2-150400.3.17.1 * emacs-nox-27.2-150400.3.17.1 * emacs-debugsource-27.2-150400.3.17.1 * etags-27.2-150400.3.17.1 * emacs-27.2-150400.3.17.1 * openSUSE Leap 15.4 (noarch) * emacs-el-27.2-150400.3.17.1 * emacs-info-27.2-150400.3.17.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * emacs-debuginfo-27.2-150400.3.17.1 * emacs-nox-debuginfo-27.2-150400.3.17.1 * emacs-x11-27.2-150400.3.17.1 * emacs-x11-debuginfo-27.2-150400.3.17.1 * etags-debuginfo-27.2-150400.3.17.1 * emacs-nox-27.2-150400.3.17.1 * emacs-debugsource-27.2-150400.3.17.1 * etags-27.2-150400.3.17.1 * emacs-27.2-150400.3.17.1 * openSUSE Leap 15.5 (noarch) * emacs-el-27.2-150400.3.17.1 * emacs-info-27.2-150400.3.17.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * emacs-debuginfo-27.2-150400.3.17.1 * emacs-nox-debuginfo-27.2-150400.3.17.1 * emacs-x11-27.2-150400.3.17.1 * emacs-x11-debuginfo-27.2-150400.3.17.1 * etags-debuginfo-27.2-150400.3.17.1 * emacs-nox-27.2-150400.3.17.1 * emacs-debugsource-27.2-150400.3.17.1 * etags-27.2-150400.3.17.1 * emacs-27.2-150400.3.17.1 * openSUSE Leap 15.6 (noarch) * emacs-el-27.2-150400.3.17.1 * emacs-info-27.2-150400.3.17.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * emacs-debuginfo-27.2-150400.3.17.1 * emacs-nox-debuginfo-27.2-150400.3.17.1 * etags-debuginfo-27.2-150400.3.17.1 * emacs-nox-27.2-150400.3.17.1 * emacs-debugsource-27.2-150400.3.17.1 * etags-27.2-150400.3.17.1 * emacs-27.2-150400.3.17.1 * Basesystem Module 15-SP5 (noarch) * emacs-el-27.2-150400.3.17.1 * emacs-info-27.2-150400.3.17.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * emacs-debuginfo-27.2-150400.3.17.1 * emacs-nox-debuginfo-27.2-150400.3.17.1 * etags-debuginfo-27.2-150400.3.17.1 * emacs-nox-27.2-150400.3.17.1 * emacs-debugsource-27.2-150400.3.17.1 * etags-27.2-150400.3.17.1 * emacs-27.2-150400.3.17.1 * Basesystem Module 15-SP6 (noarch) * emacs-el-27.2-150400.3.17.1 * emacs-info-27.2-150400.3.17.1 * Desktop Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * emacs-x11-27.2-150400.3.17.1 * emacs-x11-debuginfo-27.2-150400.3.17.1 * emacs-debugsource-27.2-150400.3.17.1 * emacs-debuginfo-27.2-150400.3.17.1 * Desktop Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * emacs-x11-27.2-150400.3.17.1 * emacs-x11-debuginfo-27.2-150400.3.17.1 * emacs-debugsource-27.2-150400.3.17.1 * emacs-debuginfo-27.2-150400.3.17.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * emacs-debuginfo-27.2-150400.3.17.1 * emacs-nox-debuginfo-27.2-150400.3.17.1 * emacs-x11-27.2-150400.3.17.1 * emacs-x11-debuginfo-27.2-150400.3.17.1 * etags-debuginfo-27.2-150400.3.17.1 * emacs-nox-27.2-150400.3.17.1 * emacs-debugsource-27.2-150400.3.17.1 * etags-27.2-150400.3.17.1 * emacs-27.2-150400.3.17.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * emacs-el-27.2-150400.3.17.1 * emacs-info-27.2-150400.3.17.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * emacs-debuginfo-27.2-150400.3.17.1 * emacs-nox-debuginfo-27.2-150400.3.17.1 * emacs-x11-27.2-150400.3.17.1 * emacs-x11-debuginfo-27.2-150400.3.17.1 * etags-debuginfo-27.2-150400.3.17.1 * emacs-nox-27.2-150400.3.17.1 * emacs-debugsource-27.2-150400.3.17.1 * etags-27.2-150400.3.17.1 * emacs-27.2-150400.3.17.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * emacs-el-27.2-150400.3.17.1 * emacs-info-27.2-150400.3.17.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * emacs-debuginfo-27.2-150400.3.17.1 * emacs-nox-debuginfo-27.2-150400.3.17.1 * emacs-x11-27.2-150400.3.17.1 * emacs-x11-debuginfo-27.2-150400.3.17.1 * etags-debuginfo-27.2-150400.3.17.1 * emacs-nox-27.2-150400.3.17.1 * emacs-debugsource-27.2-150400.3.17.1 * etags-27.2-150400.3.17.1 * emacs-27.2-150400.3.17.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (noarch) * emacs-el-27.2-150400.3.17.1 * emacs-info-27.2-150400.3.17.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * emacs-debuginfo-27.2-150400.3.17.1 * emacs-nox-debuginfo-27.2-150400.3.17.1 * emacs-x11-27.2-150400.3.17.1 * emacs-x11-debuginfo-27.2-150400.3.17.1 * etags-debuginfo-27.2-150400.3.17.1 * emacs-nox-27.2-150400.3.17.1 * emacs-debugsource-27.2-150400.3.17.1 * etags-27.2-150400.3.17.1 * emacs-27.2-150400.3.17.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch) * emacs-el-27.2-150400.3.17.1 * emacs-info-27.2-150400.3.17.1 ## References: * https://www.suse.com/security/cve/CVE-2024-39331.html * https://bugzilla.suse.com/show_bug.cgi?id=1226957 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jul 22 08:30:09 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 22 Jul 2024 08:30:09 -0000 Subject: SUSE-SU-2024:2568-1: important: Security update for mockito, snakeyaml, testng Message-ID: <172163700941.23108.16718876839858637187@smelt2.prg2.suse.org> # Security update for mockito, snakeyaml, testng Announcement ID: SUSE-SU-2024:2568-1 Rating: important References: * bsc#1205628 Cross-References: * CVE-2022-4065 CVSS scores: * CVE-2022-4065 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2022-4065 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2022-4065 ( NVD ): 5.5 CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L Affected Products: * Development Tools Module 15-SP5 * Development Tools Module 15-SP6 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Server 4.3 * SUSE Manager Server 4.3 Module 4.3 * SUSE Package Hub 15 15-SP6 An update that solves one vulnerability can now be installed. ## Description: This update for mockito, snakeyaml, testng fixes the following issues: mockito was updated to version 5.11.0: * Added bundle manifest to the mockito-core artifact * Mockito 5 is making core changes to ensure compatibility with future JDK versions. * Switch the Default MockMaker to mockito-inline (not applicable to mockito- android) * Mockito 2.7.6 introduced the mockito-inline mockmaker based on the "inline bytecode" principle, offering compatibility advantages over the subclass mockmaker * This change avoids JDK restrictions, such as violating module boundaries and leaking subclass creation * Legitimate use cases for the subclass mockmaker: * Scenarios where the inline mockmaker does not function, such as on Graal VM's native image * If avoiding mocking final classes, the subclass mockmaker remains a viable option, although issues may arise on JDK 17+ * Mockito aims to support both mockmakers, allowing users to choose based on their requirements. * Update the Minimum Supported Java Version to 11 * Mockito 5 raised the minimum supported Java version to 11 * Community member @reta contributed to this change. * Users still on JDK 8 can continue using Mockito 4, with minimal API differences between versions * New type() Method on ArgumentMatcher * The ArgumentMatcher interface now includes a new type() method to support varargs methods, addressing previous limitations * Users can now differentiate between matching calls with any exact number of arguments or match any number of arguments * Mockito 5 provides a default implementation of the new method, ensuring backward compatibility. * No obligation for users to implement the new method; Mockito 5 considers Void.type by default for varargs handling * ArgumentCaptor is now fully type-aware, enabling capturing specific subclasses on a generic method. * byte-buddy does not bundle asm, but uses objectweb-asm as external library snake-yaml was updated to version 2.2: * Changes of version 2.2: * Define default scalar style as PLAIN (for polyglot Maven) * Add missing 'exports org.yaml.snakeyaml.inspector' to module-info.java * Changes of version 2.1: * Heavy Allocation in Emitter.analyzeScalar(String) due to Regex Overhead * Use identity in toString() for sequences to avoid OutOfMemoryError * NumberFormatException from SnakeYAML due to int overflow for corrupt YAML version * Document size limit should be applied to single document notthe whole input stream * Detect invalid Unicode code point (thanks to Tatu Saloranta) * Remove Trusted*Inspector classes from main sources tree * Changes of version 2.0: * Rollback to Java 7 target * Add module-info.java * Migrate to Java 8 * Remove many deprecated constructors * Remove long deprecated methods in FlowStyle * Do not allow global tags by default * Yaml.LoadAs() signature to support Class type instead of Class * CustomClassLoaderConstructor takes LoaderOptions * Check input parameters for non-null values testng was updated to version 7.10.1: * Security issues fixed: * CVE-2022-4065: Fixed Zip Slip Vulnerability (bsc#1205628) * Changes of version 7.10.1: * Fixed maven build with junit5 * Changes of version 7.10.0: * Minor discrepancy fixes * Deleting TestNG eclipse plugin specific classes * Remove deprecated JUnit related support in TestNG * Handle exceptions in emailable Reporter * Added wrapperbot and update workflow order * Support ITestNGFactory customisation * Streamlined data provider listener invocation * Streamlined Guice Module creation in concurrency. * Copy test result attributes when unexpected failures * chore: use explicit dependency versions instead of refreshVersions * Removed Ant * Support ordering of listeners * Added errorprone * Allow custom thread pool executors to be wired in. * Allow data providers to be non cacheable * Use Locks instead of synchronised keyword * Document pgp artifact signing keys * Added Unique Id for all test class instances * Added issue management workflows * Map object to configurations * Allow listeners to be disabled at runtime * Streamlined Data Provider execution * Honour inheritance when parsing listener factories * Tweaks around accessing SuiteResult * Streamlined random generation * Streamlined dependencies for configurations * Changes of version 7.9.0: * Fixed maps containing nulls can be incorrectly considered equal * Test Results as artifacts for failed runs * Fixed data races * Dont honour params specified in suite-file tag * Decouple SuiteRunner and TestRunner * Disable Native DI for BeforeSuite methods * Streamlined running Parallel Dataproviders+retries * Removed extra whitespace in log for Configuration.createMethods() * Added the link for TestNG Documentation's GitHub Repo in README.md * FirstTimeOnlyConfig methods + Listener invocations * Added overrideGroupsFromCliInParentChildXml test * Ensure thread safety for attribute access * Added @inherited to the Listeners annotation * Restrict Group inheritance to Before|AfterGroups * Ensure ITestResult injected to @AfterMethod is apt * Support suite level thread pools for data provider * Favour CompletableFuture instead of PoolService * Favour FutureTask for concurrency support * Shared Threadpool for normal/datadriven tests. * Abort for invalid combinations * Changes of version 7.8.0: * [Feature] Not exception but warning if some (not all) of the given test names are not found in suite files. * [Feature] Generate testng-results.xml per test suite * [Feature] Allow test classes to define "configfailurepolicy" at a per class level * XmlTest index is not set for test suites invoked with YAML * Listener's onAfterClass is called before @afterclass configuration methods are executed. * After upgrading to TestNG 7.5.0, setting ITestResult.status to FAILURE doesn't fail the test anymore * JUnitReportReporter should capture the test case output at the test case level * TestNG.xml doesn't honour Parallel value of a clone * before configuration and before invocation should be 'SKIP' when beforeMethod is 'skip' * Test listeners specified in parent testng.xml file are not included in testng-failed.xml file * Discrepancies with DataProvider and Retry of failed tests * Skipped Tests with DataProvider appear as failed * testng-results xml reports config skips from base classes as ignored * Feature: Check that specific object present in List * Upgraded snakeyaml to 2.0 * Changes of version 7.7.1: * Streamline overloaded assertion methods for Groovy * Changes of version 7.7.0: * Replace FindBugs by SpotBugs * Gradle: Drop forUseAtConfigurationTime() * Added ability to provide custom message to assertThrows\expectThrows methods * Only resolve hostname once * Prevent overlogging of debug msgs in Graph impl * Streamlined dataprovider invoking in abstract classes * Streamlined TestResult due to expectedExceptions * Unexpected test runs count with retry analyzer * Make PackageUtils compliant with JPMS * Ability to retry a data provider during failures * Fixing bug with DataProvider retry * Added config key for callback discrepancy behavior * Fixed FileAlreadyExistsException error on copy * JarFileUtils.delete(File f) throw actual exception (instead of FileNotFound) when file cannot be deleted #2825 * Changing assertion message of the osgitest * Enhancing the Matrix * Avoid Compilation errors on Semeru JDK flavour. * Add addition yml extension * Support getting dependencies info for a test * Honour regex in dependsOnMethods * Ensure All tests run all the time * Deprecate support for running Spock Tests * Streamline dependsOnMethods for configurations * Ensure ITestContext available for JUnit4 tests * Deprecate support for running JUnit tests * Changes of 7.6.1 * Fix Files.copy() such that parent dirs are created * Remove deprecated utility methods * Changes of version 7.6.0: * Remove redundant Parameter implementation * Upgraded to JDK11 * Move SimpleBaseTest to be Kotlin based * Restore testnames when using suites in suite. * Moving ClassHelperTests into Kotlin * IHookable and IConfigurable callback discrepancy * Minor refactoring * Add additional condition for assertEqualsNoOrder * beforeConfiguration() listener method should be invoked for skipped configurations as well * Keep the initial order of listeners * SuiteRunner could not be initial by default Configuration * Enable Dataprovider failures to be considered. * BeforeGroups should run before any matched test * Fixed possible StringIndexOutOfBoundsException exception in XmlReporter * DataProvider: possibility to unload dataprovider class, when done with it * Fixed possibilty that AfterGroups method is invoked before all tests * Fixed equals implementation for WrappedTestNGMethod * Wire-In listeners consistently * Streamline AfterClass invocation * Show FQMN for tests in console * Honour custom attribute values in TestNG default reports ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-2568=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-2568=1 * Development Tools Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2024-2568=1 * Development Tools Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2024-2568=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-2568=1 * SUSE Manager Server 4.3 Module 4.3 zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Server-4.3-2024-2568=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-2568=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-2568=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-2568=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-2568=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-2568=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-2568=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-2568=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-2568=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-2568=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-2568=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-2568=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-2568=1 ## Package List: * openSUSE Leap 15.5 (noarch) * snakeyaml-2.2-150200.3.15.1 * mockito-5.11.0-150200.3.7.1 * mockito-javadoc-5.11.0-150200.3.7.1 * snakeyaml-javadoc-2.2-150200.3.15.1 * testng-javadoc-7.10.1-150200.3.10.1 * testng-7.10.1-150200.3.10.1 * openSUSE Leap 15.6 (noarch) * snakeyaml-2.2-150200.3.15.1 * mockito-5.11.0-150200.3.7.1 * mockito-javadoc-5.11.0-150200.3.7.1 * snakeyaml-javadoc-2.2-150200.3.15.1 * testng-javadoc-7.10.1-150200.3.10.1 * testng-7.10.1-150200.3.10.1 * Development Tools Module 15-SP5 (noarch) * testng-7.10.1-150200.3.10.1 * snakeyaml-2.2-150200.3.15.1 * Development Tools Module 15-SP6 (noarch) * testng-7.10.1-150200.3.10.1 * snakeyaml-2.2-150200.3.15.1 * SUSE Package Hub 15 15-SP6 (noarch) * mockito-5.11.0-150200.3.7.1 * SUSE Manager Server 4.3 Module 4.3 (noarch) * snakeyaml-2.2-150200.3.15.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (noarch) * testng-7.10.1-150200.3.10.1 * snakeyaml-2.2-150200.3.15.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * testng-7.10.1-150200.3.10.1 * snakeyaml-2.2-150200.3.15.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * testng-7.10.1-150200.3.10.1 * snakeyaml-2.2-150200.3.15.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * testng-7.10.1-150200.3.10.1 * snakeyaml-2.2-150200.3.15.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (noarch) * testng-7.10.1-150200.3.10.1 * snakeyaml-2.2-150200.3.15.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (noarch) * testng-7.10.1-150200.3.10.1 * snakeyaml-2.2-150200.3.15.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch) * testng-7.10.1-150200.3.10.1 * snakeyaml-2.2-150200.3.15.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch) * testng-7.10.1-150200.3.10.1 * snakeyaml-2.2-150200.3.15.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (noarch) * testng-7.10.1-150200.3.10.1 * snakeyaml-2.2-150200.3.15.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * testng-7.10.1-150200.3.10.1 * snakeyaml-2.2-150200.3.15.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * testng-7.10.1-150200.3.10.1 * snakeyaml-2.2-150200.3.15.1 * SUSE Enterprise Storage 7.1 (noarch) * testng-7.10.1-150200.3.10.1 * snakeyaml-2.2-150200.3.15.1 ## References: * https://www.suse.com/security/cve/CVE-2022-4065.html * https://bugzilla.suse.com/show_bug.cgi?id=1205628 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jul 22 16:36:06 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 22 Jul 2024 16:36:06 -0000 Subject: SUSE-SU-2024:2592-1: important: Security update for git Message-ID: <172166616610.19638.6582949486144124006@smelt2.prg2.suse.org> # Security update for git Announcement ID: SUSE-SU-2024:2592-1 Rating: important References: * bsc#1219660 Cross-References: * CVE-2024-24577 CVSS scores: * CVE-2024-24577 ( SUSE ): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L * CVE-2024-24577 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for git fixes the following issues: * CVE-2024-24577: Fixed arbitrary code execution due to heap corruption in git_index_add (bsc#1219660) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-2592=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-2592=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-2592=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-2592=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * git-core-debuginfo-2.26.2-27.75.1 * git-svn-debuginfo-2.26.2-27.75.1 * git-cvs-2.26.2-27.75.1 * git-2.26.2-27.75.1 * git-arch-2.26.2-27.75.1 * git-debugsource-2.26.2-27.75.1 * git-core-2.26.2-27.75.1 * git-daemon-2.26.2-27.75.1 * git-web-2.26.2-27.75.1 * gitk-2.26.2-27.75.1 * git-gui-2.26.2-27.75.1 * git-svn-2.26.2-27.75.1 * git-daemon-debuginfo-2.26.2-27.75.1 * git-email-2.26.2-27.75.1 * SUSE Linux Enterprise Software Development Kit 12 SP5 (noarch) * git-doc-2.26.2-27.75.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * git-core-debuginfo-2.26.2-27.75.1 * git-cvs-2.26.2-27.75.1 * git-2.26.2-27.75.1 * git-debugsource-2.26.2-27.75.1 * git-core-2.26.2-27.75.1 * git-daemon-2.26.2-27.75.1 * git-web-2.26.2-27.75.1 * gitk-2.26.2-27.75.1 * git-gui-2.26.2-27.75.1 * git-svn-2.26.2-27.75.1 * git-daemon-debuginfo-2.26.2-27.75.1 * git-email-2.26.2-27.75.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * git-core-debuginfo-2.26.2-27.75.1 * git-cvs-2.26.2-27.75.1 * git-2.26.2-27.75.1 * git-debugsource-2.26.2-27.75.1 * git-core-2.26.2-27.75.1 * git-daemon-2.26.2-27.75.1 * git-web-2.26.2-27.75.1 * gitk-2.26.2-27.75.1 * git-gui-2.26.2-27.75.1 * git-svn-2.26.2-27.75.1 * git-daemon-debuginfo-2.26.2-27.75.1 * git-email-2.26.2-27.75.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * git-core-debuginfo-2.26.2-27.75.1 * git-cvs-2.26.2-27.75.1 * git-2.26.2-27.75.1 * git-debugsource-2.26.2-27.75.1 * git-core-2.26.2-27.75.1 * git-daemon-2.26.2-27.75.1 * git-web-2.26.2-27.75.1 * gitk-2.26.2-27.75.1 * git-gui-2.26.2-27.75.1 * git-svn-2.26.2-27.75.1 * git-daemon-debuginfo-2.26.2-27.75.1 * git-email-2.26.2-27.75.1 ## References: * https://www.suse.com/security/cve/CVE-2024-24577.html * https://bugzilla.suse.com/show_bug.cgi?id=1219660 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jul 22 16:36:13 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 22 Jul 2024 16:36:13 -0000 Subject: SUSE-SU-2024:2591-1: important: Security update for apache2 Message-ID: <172166617341.19638.13906299628538948154@smelt2.prg2.suse.org> # Security update for apache2 Announcement ID: SUSE-SU-2024:2591-1 Rating: important References: * bsc#1227268 * bsc#1227269 Cross-References: * CVE-2024-38475 * CVE-2024-38476 CVSS scores: * CVE-2024-38475 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N * CVE-2024-38476 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N Affected Products: * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves two vulnerabilities can now be installed. ## Description: This update for apache2 fixes the following issues: * CVE-2024-38475: Fixed improper escaping of output in mod_rewrite (bsc#1227268) * CVE-2024-38476: Fixed server may use exploitable/malicious backend application output to run local handlers via internal redirect (bsc#1227269) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-2591=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-2591=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-2591=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-2591=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-2591=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-2591=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-2591=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * apache2-debugsource-2.4.51-150200.3.70.1 * apache2-worker-debuginfo-2.4.51-150200.3.70.1 * apache2-devel-2.4.51-150200.3.70.1 * apache2-utils-debuginfo-2.4.51-150200.3.70.1 * apache2-debuginfo-2.4.51-150200.3.70.1 * apache2-2.4.51-150200.3.70.1 * apache2-utils-2.4.51-150200.3.70.1 * apache2-prefork-2.4.51-150200.3.70.1 * apache2-prefork-debuginfo-2.4.51-150200.3.70.1 * apache2-worker-2.4.51-150200.3.70.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (noarch) * apache2-doc-2.4.51-150200.3.70.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * apache2-debugsource-2.4.51-150200.3.70.1 * apache2-worker-debuginfo-2.4.51-150200.3.70.1 * apache2-devel-2.4.51-150200.3.70.1 * apache2-utils-debuginfo-2.4.51-150200.3.70.1 * apache2-debuginfo-2.4.51-150200.3.70.1 * apache2-2.4.51-150200.3.70.1 * apache2-utils-2.4.51-150200.3.70.1 * apache2-prefork-2.4.51-150200.3.70.1 * apache2-prefork-debuginfo-2.4.51-150200.3.70.1 * apache2-worker-2.4.51-150200.3.70.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * apache2-doc-2.4.51-150200.3.70.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * apache2-debugsource-2.4.51-150200.3.70.1 * apache2-worker-debuginfo-2.4.51-150200.3.70.1 * apache2-devel-2.4.51-150200.3.70.1 * apache2-utils-debuginfo-2.4.51-150200.3.70.1 * apache2-debuginfo-2.4.51-150200.3.70.1 * apache2-2.4.51-150200.3.70.1 * apache2-utils-2.4.51-150200.3.70.1 * apache2-prefork-2.4.51-150200.3.70.1 * apache2-prefork-debuginfo-2.4.51-150200.3.70.1 * apache2-worker-2.4.51-150200.3.70.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (noarch) * apache2-doc-2.4.51-150200.3.70.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * apache2-debugsource-2.4.51-150200.3.70.1 * apache2-worker-debuginfo-2.4.51-150200.3.70.1 * apache2-devel-2.4.51-150200.3.70.1 * apache2-utils-debuginfo-2.4.51-150200.3.70.1 * apache2-debuginfo-2.4.51-150200.3.70.1 * apache2-2.4.51-150200.3.70.1 * apache2-utils-2.4.51-150200.3.70.1 * apache2-prefork-2.4.51-150200.3.70.1 * apache2-prefork-debuginfo-2.4.51-150200.3.70.1 * apache2-worker-2.4.51-150200.3.70.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch) * apache2-doc-2.4.51-150200.3.70.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * apache2-debugsource-2.4.51-150200.3.70.1 * apache2-worker-debuginfo-2.4.51-150200.3.70.1 * apache2-devel-2.4.51-150200.3.70.1 * apache2-utils-debuginfo-2.4.51-150200.3.70.1 * apache2-debuginfo-2.4.51-150200.3.70.1 * apache2-2.4.51-150200.3.70.1 * apache2-utils-2.4.51-150200.3.70.1 * apache2-prefork-2.4.51-150200.3.70.1 * apache2-prefork-debuginfo-2.4.51-150200.3.70.1 * apache2-worker-2.4.51-150200.3.70.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (noarch) * apache2-doc-2.4.51-150200.3.70.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * apache2-debugsource-2.4.51-150200.3.70.1 * apache2-worker-debuginfo-2.4.51-150200.3.70.1 * apache2-devel-2.4.51-150200.3.70.1 * apache2-utils-debuginfo-2.4.51-150200.3.70.1 * apache2-debuginfo-2.4.51-150200.3.70.1 * apache2-2.4.51-150200.3.70.1 * apache2-utils-2.4.51-150200.3.70.1 * apache2-prefork-2.4.51-150200.3.70.1 * apache2-prefork-debuginfo-2.4.51-150200.3.70.1 * apache2-worker-2.4.51-150200.3.70.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * apache2-doc-2.4.51-150200.3.70.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * apache2-debugsource-2.4.51-150200.3.70.1 * apache2-worker-debuginfo-2.4.51-150200.3.70.1 * apache2-devel-2.4.51-150200.3.70.1 * apache2-utils-debuginfo-2.4.51-150200.3.70.1 * apache2-debuginfo-2.4.51-150200.3.70.1 * apache2-2.4.51-150200.3.70.1 * apache2-utils-2.4.51-150200.3.70.1 * apache2-prefork-2.4.51-150200.3.70.1 * apache2-prefork-debuginfo-2.4.51-150200.3.70.1 * apache2-worker-2.4.51-150200.3.70.1 * SUSE Enterprise Storage 7.1 (noarch) * apache2-doc-2.4.51-150200.3.70.1 ## References: * https://www.suse.com/security/cve/CVE-2024-38475.html * https://www.suse.com/security/cve/CVE-2024-38476.html * https://bugzilla.suse.com/show_bug.cgi?id=1227268 * https://bugzilla.suse.com/show_bug.cgi?id=1227269 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jul 22 16:36:20 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 22 Jul 2024 16:36:20 -0000 Subject: SUSE-SU-2024:2590-1: important: Security update for java-11-openjdk Message-ID: <172166618015.19638.6262373133294719643@smelt2.prg2.suse.org> # Security update for java-11-openjdk Announcement ID: SUSE-SU-2024:2590-1 Rating: important References: * bsc#1227298 * bsc#1228046 * bsc#1228047 * bsc#1228048 * bsc#1228050 * bsc#1228051 * bsc#1228052 Cross-References: * CVE-2024-21131 * CVE-2024-21138 * CVE-2024-21140 * CVE-2024-21144 * CVE-2024-21145 * CVE-2024-21147 CVSS scores: * CVE-2024-21131 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2024-21138 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-21140 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2024-21144 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-21145 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2024-21147 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves six vulnerabilities and has one security fix can now be installed. ## Description: This update for java-11-openjdk fixes the following issues: Updated to version 11.0.24+8 (July 2024 CPU): * CVE-2024-21131: Fixed a potential UTF8 size overflow (bsc#1228046). * CVE-2024-21138: Fixed an infinite loop due to excessive symbol length (bsc#1228047). * CVE-2024-21140: Fixed a pre-loop limit overflow in Range Check Elimination (bsc#1228048). * CVE-2024-21147: Fixed an out-of-bounds access in 2D image handling (bsc#1228052). * CVE-2024-21145: Fixed an index overflow in RangeCheckElimination (bsc#1228051). * CVE-2024-21144: Fixed an excessive loading time in Pack200 due to improper header validation (bsc#1228050). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-2590=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-2590=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-2590=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * java-11-openjdk-11.0.24.0-3.78.1 * java-11-openjdk-debugsource-11.0.24.0-3.78.1 * java-11-openjdk-demo-11.0.24.0-3.78.1 * java-11-openjdk-devel-11.0.24.0-3.78.1 * java-11-openjdk-debuginfo-11.0.24.0-3.78.1 * java-11-openjdk-headless-11.0.24.0-3.78.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * java-11-openjdk-11.0.24.0-3.78.1 * java-11-openjdk-debugsource-11.0.24.0-3.78.1 * java-11-openjdk-demo-11.0.24.0-3.78.1 * java-11-openjdk-devel-11.0.24.0-3.78.1 * java-11-openjdk-debuginfo-11.0.24.0-3.78.1 * java-11-openjdk-headless-11.0.24.0-3.78.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * java-11-openjdk-11.0.24.0-3.78.1 * java-11-openjdk-debugsource-11.0.24.0-3.78.1 * java-11-openjdk-demo-11.0.24.0-3.78.1 * java-11-openjdk-devel-11.0.24.0-3.78.1 * java-11-openjdk-debuginfo-11.0.24.0-3.78.1 * java-11-openjdk-headless-11.0.24.0-3.78.1 ## References: * https://www.suse.com/security/cve/CVE-2024-21131.html * https://www.suse.com/security/cve/CVE-2024-21138.html * https://www.suse.com/security/cve/CVE-2024-21140.html * https://www.suse.com/security/cve/CVE-2024-21144.html * https://www.suse.com/security/cve/CVE-2024-21145.html * https://www.suse.com/security/cve/CVE-2024-21147.html * https://bugzilla.suse.com/show_bug.cgi?id=1227298 * https://bugzilla.suse.com/show_bug.cgi?id=1228046 * https://bugzilla.suse.com/show_bug.cgi?id=1228047 * https://bugzilla.suse.com/show_bug.cgi?id=1228048 * https://bugzilla.suse.com/show_bug.cgi?id=1228050 * https://bugzilla.suse.com/show_bug.cgi?id=1228051 * https://bugzilla.suse.com/show_bug.cgi?id=1228052 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jul 22 16:36:22 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 22 Jul 2024 16:36:22 -0000 Subject: SUSE-SU-2024:2589-1: moderate: Security update for gnome-shell Message-ID: <172166618221.19638.8477980265442581944@smelt2.prg2.suse.org> # Security update for gnome-shell Announcement ID: SUSE-SU-2024:2589-1 Rating: moderate References: * bsc#1225567 Cross-References: * CVE-2024-36472 CVSS scores: * CVE-2024-36472 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:L Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 * SUSE Linux Enterprise Workstation Extension 12 12-SP5 An update that solves one vulnerability can now be installed. ## Description: This update for gnome-shell fixes the following issues: * CVE-2024-36472: Fixed portal helper automatically launched without user confirmation (bsc#1225567) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-2589=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-2589=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-2589=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-2589=1 * SUSE Linux Enterprise Workstation Extension 12 12-SP5 zypper in -t patch SUSE-SLE-WE-12-SP5-2024-2589=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * gnome-shell-debugsource-3.20.4-77.28.1 * gnome-shell-devel-3.20.4-77.28.1 * gnome-shell-debuginfo-3.20.4-77.28.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * gnome-shell-browser-plugin-debuginfo-3.20.4-77.28.1 * gnome-shell-browser-plugin-3.20.4-77.28.1 * gnome-shell-3.20.4-77.28.1 * gnome-shell-debugsource-3.20.4-77.28.1 * gnome-shell-debuginfo-3.20.4-77.28.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (noarch) * gnome-shell-lang-3.20.4-77.28.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * gnome-shell-browser-plugin-debuginfo-3.20.4-77.28.1 * gnome-shell-browser-plugin-3.20.4-77.28.1 * gnome-shell-3.20.4-77.28.1 * gnome-shell-debugsource-3.20.4-77.28.1 * gnome-shell-debuginfo-3.20.4-77.28.1 * SUSE Linux Enterprise Server 12 SP5 (noarch) * gnome-shell-lang-3.20.4-77.28.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * gnome-shell-browser-plugin-debuginfo-3.20.4-77.28.1 * gnome-shell-browser-plugin-3.20.4-77.28.1 * gnome-shell-3.20.4-77.28.1 * gnome-shell-debugsource-3.20.4-77.28.1 * gnome-shell-debuginfo-3.20.4-77.28.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (noarch) * gnome-shell-lang-3.20.4-77.28.1 * SUSE Linux Enterprise Workstation Extension 12 12-SP5 (x86_64) * gnome-shell-debugsource-3.20.4-77.28.1 * gnome-shell-debuginfo-3.20.4-77.28.1 * gnome-shell-calendar-debuginfo-3.20.4-77.28.1 * gnome-shell-calendar-3.20.4-77.28.1 ## References: * https://www.suse.com/security/cve/CVE-2024-36472.html * https://bugzilla.suse.com/show_bug.cgi?id=1225567 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jul 22 16:36:22 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 22 Jul 2024 16:36:22 -0000 Subject: SUSE-SU-2024:2585-1: important: Security update for kernel-firmware-nvidia-gspx-G06 Message-ID: <172166618296.19638.8072972277328277055@smelt2.prg2.suse.org> # Security update for kernel-firmware-nvidia-gspx-G06 Announcement ID: SUSE-SU-2024:2585-1 Rating: important References: * bsc#1223356 * bsc#1223454 * bsc#1227417 * bsc#1227419 * bsc#1227575 Cross-References: * CVE-2024-0090 * CVE-2024-0091 * CVE-2024-0092 CVSS scores: * CVE-2024-0090 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-0091 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-0092 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * Public Cloud Module 15-SP6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves three vulnerabilities and has two security fixes can now be installed. ## Description: This update for kernel-firmware-nvidia-gspx-G06 fixes the following issues: Update to version 555.42.06 for CUDA. Security Update 550.90.07: * CVE-2024-0090: Fixed out of bounds write (bsc#1223356). * CVE-2024-0092: Fixed incorrect exception handling (bsc#1223356). * CVE-2024-0091: Fixed untrusted pointer dereference (bsc#1223356). Changes in kernel-firmware-nvidia-gspx-G06: * Update to 550.100 (bsc#1227575) * Add a second flavor to be used by the kernel module versions used by CUDA. The firmware targetting CUDA contains '-cuda' in its name to track its versions separately from the graphics firmware. (bsc#1227417) Changes in nvidia-open-driver-G06-signed: * Update to 550.100 (bsc#1227575) * Fixed a bug that caused OpenGL triple buffering to behave like double buffering. * To avoid issues with missing dependencies when no CUDA repo is present make the dependecy to nvidia-compute-G06 conditional. * CUDA is not available for Tumbleweed, exclude the build of the cuda flavor. * preamble: let the -cuda flavor KMP require the -cuda flavor firmware * Add a second flavor for building the kernel module versions used by CUDA. The kmp targetting CUDA contains '-cuda' in its name to track its versions separately from the graphics kmp. (bsc#1227417) * Provide the meta package nv-prefer-signed-open-driver to make sure the latest available SUSE-build open driver is installed - independent of the latest available open driver version in he CUDA repository. Rationale: The package cuda-runtime provides the link between CUDA and the kernel driver version through a Requires: cuda-drivers >= %version This implies that a CUDA version will run withany kernel driver version equal or higher than a base version. nvidia-compute-G06 provides the glue layer between CUDA and a specific version of he kernel driver both by providing a set of base libraries and by requiring a specific kernel version. 'cuda-drivers' (provided by nvidia-compute-utils-G06) requires an unversioned nvidia- compute-G06. With this, the resolver will install the latest available and applicable nvidia-compute-G06. nv-prefer-signed-open-driver then represents the latest available open driver version and restricts the nvidia- compute-G06 version to it. (bsc#1227419) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-2585=1 * Public Cloud Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP6-2024-2585=1 * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-2585=1 openSUSE-SLE-15.6-2024-2585=1 ## Package List: * Basesystem Module 15-SP6 (aarch64 nosrc x86_64) * kernel-firmware-nvidia-gspx-G06-cuda-555.42.06-150600.3.7.1 * kernel-firmware-nvidia-gspx-G06-550.100-150600.3.7.1 * Basesystem Module 15-SP6 (aarch64 x86_64) * nvidia-open-driver-G06-signed-cuda-kmp-default-555.42.06_k6.4.0_150600.23.7-150600.3.7.1 * nvidia-open-driver-G06-signed-cuda-default-devel-555.42.06-150600.3.7.1 * nvidia-open-driver-G06-signed-cuda-debugsource-555.42.06-150600.3.7.1 * nvidia-open-driver-G06-signed-default-devel-550.100-150600.3.7.1 * nvidia-open-driver-G06-signed-kmp-default-550.100_k6.4.0_150600.23.7-150600.3.7.1 * nvidia-open-driver-G06-signed-cuda-kmp-default-debuginfo-555.42.06_k6.4.0_150600.23.7-150600.3.7.1 * nvidia-open-driver-G06-signed-debugsource-550.100-150600.3.7.1 * nv-prefer-signed-open-driver-555.42.06-150600.3.7.1 * nvidia-open-driver-G06-signed-kmp-default-debuginfo-550.100_k6.4.0_150600.23.7-150600.3.7.1 * Basesystem Module 15-SP6 (aarch64) * nvidia-open-driver-G06-signed-cuda-kmp-64kb-555.42.06_k6.4.0_150600.23.7-150600.3.7.1 * nvidia-open-driver-G06-signed-kmp-64kb-debuginfo-550.100_k6.4.0_150600.23.7-150600.3.7.1 * nvidia-open-driver-G06-signed-64kb-devel-550.100-150600.3.7.1 * nvidia-open-driver-G06-signed-cuda-64kb-devel-555.42.06-150600.3.7.1 * nvidia-open-driver-G06-signed-kmp-64kb-550.100_k6.4.0_150600.23.7-150600.3.7.1 * nvidia-open-driver-G06-signed-cuda-kmp-64kb-debuginfo-555.42.06_k6.4.0_150600.23.7-150600.3.7.1 * Public Cloud Module 15-SP6 (x86_64) * nvidia-open-driver-G06-signed-kmp-azure-debuginfo-550.100_k6.4.0_150600.8.5-150600.3.7.1 * nvidia-open-driver-G06-signed-cuda-azure-devel-555.42.06-150600.3.7.1 * nvidia-open-driver-G06-signed-cuda-kmp-azure-debuginfo-555.42.06_k6.4.0_150600.8.5-150600.3.7.1 * nvidia-open-driver-G06-signed-cuda-kmp-azure-555.42.06_k6.4.0_150600.8.5-150600.3.7.1 * nvidia-open-driver-G06-signed-azure-devel-550.100-150600.3.7.1 * nvidia-open-driver-G06-signed-kmp-azure-550.100_k6.4.0_150600.8.5-150600.3.7.1 * openSUSE Leap 15.6 (aarch64 nosrc x86_64) * kernel-firmware-nvidia-gspx-G06-cuda-555.42.06-150600.3.7.1 * kernel-firmware-nvidia-gspx-G06-550.100-150600.3.7.1 * openSUSE Leap 15.6 (x86_64) * nvidia-open-driver-G06-signed-kmp-azure-debuginfo-550.100_k6.4.0_150600.8.5-150600.3.7.1 * nvidia-open-driver-G06-signed-cuda-azure-devel-555.42.06-150600.3.7.1 * nvidia-open-driver-G06-signed-cuda-kmp-azure-debuginfo-555.42.06_k6.4.0_150600.8.5-150600.3.7.1 * nvidia-open-driver-G06-signed-cuda-kmp-azure-555.42.06_k6.4.0_150600.8.5-150600.3.7.1 * nvidia-open-driver-G06-signed-azure-devel-550.100-150600.3.7.1 * nvidia-open-driver-G06-signed-kmp-azure-550.100_k6.4.0_150600.8.5-150600.3.7.1 * openSUSE Leap 15.6 (aarch64 x86_64) * nvidia-open-driver-G06-signed-cuda-kmp-default-555.42.06_k6.4.0_150600.23.7-150600.3.7.1 * nvidia-open-driver-G06-signed-cuda-default-devel-555.42.06-150600.3.7.1 * nvidia-open-driver-G06-signed-cuda-debugsource-555.42.06-150600.3.7.1 * nvidia-open-driver-G06-signed-default-devel-550.100-150600.3.7.1 * nvidia-open-driver-G06-signed-kmp-default-550.100_k6.4.0_150600.23.7-150600.3.7.1 * nvidia-open-driver-G06-signed-cuda-kmp-default-debuginfo-555.42.06_k6.4.0_150600.23.7-150600.3.7.1 * nvidia-open-driver-G06-signed-debugsource-550.100-150600.3.7.1 * nv-prefer-signed-open-driver-555.42.06-150600.3.7.1 * nvidia-open-driver-G06-signed-kmp-default-debuginfo-550.100_k6.4.0_150600.23.7-150600.3.7.1 * openSUSE Leap 15.6 (aarch64) * nvidia-open-driver-G06-signed-cuda-kmp-64kb-555.42.06_k6.4.0_150600.23.7-150600.3.7.1 * nvidia-open-driver-G06-signed-kmp-64kb-debuginfo-550.100_k6.4.0_150600.23.7-150600.3.7.1 * nvidia-open-driver-G06-signed-64kb-devel-550.100-150600.3.7.1 * nvidia-open-driver-G06-signed-cuda-64kb-devel-555.42.06-150600.3.7.1 * nvidia-open-driver-G06-signed-kmp-64kb-550.100_k6.4.0_150600.23.7-150600.3.7.1 * nvidia-open-driver-G06-signed-cuda-kmp-64kb-debuginfo-555.42.06_k6.4.0_150600.23.7-150600.3.7.1 ## References: * https://www.suse.com/security/cve/CVE-2024-0090.html * https://www.suse.com/security/cve/CVE-2024-0091.html * https://www.suse.com/security/cve/CVE-2024-0092.html * https://bugzilla.suse.com/show_bug.cgi?id=1223356 * https://bugzilla.suse.com/show_bug.cgi?id=1223454 * https://bugzilla.suse.com/show_bug.cgi?id=1227417 * https://bugzilla.suse.com/show_bug.cgi?id=1227419 * https://bugzilla.suse.com/show_bug.cgi?id=1227575 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jul 22 16:36:25 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 22 Jul 2024 16:36:25 -0000 Subject: SUSE-SU-2024:2584-1: important: Security update for libgit2 Message-ID: <172166618576.19638.5744703660431180083@smelt2.prg2.suse.org> # Security update for libgit2 Announcement ID: SUSE-SU-2024:2584-1 Rating: important References: * bsc#1219660 * bsc#1219664 Cross-References: * CVE-2024-24575 * CVE-2024-24577 CVSS scores: * CVE-2024-24575 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-24575 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-24577 ( SUSE ): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L * CVE-2024-24577 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * Development Tools Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves two vulnerabilities can now be installed. ## Description: This update for libgit2 fixes the following issues: Update to 1.7.2: Security fixes: * CVE-2024-24577: Fixed arbitrary code execution due to heap corruption in git_index_add (bsc#1219660) * CVE-2024-24575: Fixed potential infinite loop condition in git_revparse_single() (bsc#1219664) Other fixes: \- A bug in the smart transport negotiation could have caused an out-of-bounds read when a remote server did not advertise capabilities. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-2584=1 openSUSE-SLE-15.6-2024-2584=1 * Development Tools Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2024-2584=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * libgit2-tools-1.7.2-150600.3.3.1 * libgit2-devel-1.7.2-150600.3.3.1 * libgit2-1_7-debuginfo-1.7.2-150600.3.3.1 * libgit2-debuginfo-1.7.2-150600.3.3.1 * libgit2-debugsource-1.7.2-150600.3.3.1 * libgit2-tools-debuginfo-1.7.2-150600.3.3.1 * libgit2-1_7-1.7.2-150600.3.3.1 * Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libgit2-tools-1.7.2-150600.3.3.1 * libgit2-devel-1.7.2-150600.3.3.1 * libgit2-1_7-debuginfo-1.7.2-150600.3.3.1 * libgit2-debuginfo-1.7.2-150600.3.3.1 * libgit2-debugsource-1.7.2-150600.3.3.1 * libgit2-tools-debuginfo-1.7.2-150600.3.3.1 * libgit2-1_7-1.7.2-150600.3.3.1 ## References: * https://www.suse.com/security/cve/CVE-2024-24575.html * https://www.suse.com/security/cve/CVE-2024-24577.html * https://bugzilla.suse.com/show_bug.cgi?id=1219660 * https://bugzilla.suse.com/show_bug.cgi?id=1219664 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jul 22 20:30:00 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 22 Jul 2024 20:30:00 -0000 Subject: SUSE-SU-2024:2583-1: important: Security update for libgit2 Message-ID: <172168020090.27158.13599455959860791290@smelt2.prg2.suse.org> # Security update for libgit2 Announcement ID: SUSE-SU-2024:2583-1 Rating: important References: * bsc#1219660 Cross-References: * CVE-2024-24577 CVSS scores: * CVE-2024-24577 ( SUSE ): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L * CVE-2024-24577 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for libgit2 fixes the following issues: * CVE-2024-24577: Fixed arbitrary code execution due to heap corruption in git_index_add (bsc#1219660) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-2583=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (x86_64) * libgit2-debugsource-0.24.1-11.5.1 * libgit2-24-debuginfo-0.24.1-11.5.1 * libgit2-24-0.24.1-11.5.1 ## References: * https://www.suse.com/security/cve/CVE-2024-24577.html * https://bugzilla.suse.com/show_bug.cgi?id=1219660 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jul 22 20:30:12 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 22 Jul 2024 20:30:12 -0000 Subject: SUSE-SU-2024:2579-1: important: Security update for git Message-ID: <172168021281.27158.5035132939426486643@smelt2.prg2.suse.org> # Security update for git Announcement ID: SUSE-SU-2024:2579-1 Rating: important References: * bsc#1219660 Cross-References: * CVE-2024-24577 CVSS scores: * CVE-2024-24577 ( SUSE ): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L * CVE-2024-24577 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP6 * Development Tools Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for git fixes the following issues: * CVE-2024-24577: Fixed arbitrary code execution due to heap corruption in git_index_add (bsc#1219660) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Development Tools Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2024-2579=1 * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-2579=1 openSUSE-SLE-15.6-2024-2579=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-2579=1 ## Package List: * Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64) * git-cvs-2.43.0-150600.3.6.1 * git-email-2.43.0-150600.3.6.1 * perl-Git-2.43.0-150600.3.6.1 * git-2.43.0-150600.3.6.1 * git-web-2.43.0-150600.3.6.1 * git-debuginfo-2.43.0-150600.3.6.1 * git-debugsource-2.43.0-150600.3.6.1 * git-daemon-debuginfo-2.43.0-150600.3.6.1 * git-svn-2.43.0-150600.3.6.1 * git-arch-2.43.0-150600.3.6.1 * gitk-2.43.0-150600.3.6.1 * git-daemon-2.43.0-150600.3.6.1 * git-gui-2.43.0-150600.3.6.1 * Development Tools Module 15-SP6 (noarch) * git-doc-2.43.0-150600.3.6.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * git-credential-libsecret-2.43.0-150600.3.6.1 * git-cvs-2.43.0-150600.3.6.1 * git-email-2.43.0-150600.3.6.1 * git-core-debuginfo-2.43.0-150600.3.6.1 * perl-Git-2.43.0-150600.3.6.1 * git-2.43.0-150600.3.6.1 * git-web-2.43.0-150600.3.6.1 * git-credential-libsecret-debuginfo-2.43.0-150600.3.6.1 * git-debuginfo-2.43.0-150600.3.6.1 * git-p4-2.43.0-150600.3.6.1 * git-core-2.43.0-150600.3.6.1 * git-debugsource-2.43.0-150600.3.6.1 * git-daemon-debuginfo-2.43.0-150600.3.6.1 * git-svn-2.43.0-150600.3.6.1 * git-arch-2.43.0-150600.3.6.1 * gitk-2.43.0-150600.3.6.1 * git-daemon-2.43.0-150600.3.6.1 * git-gui-2.43.0-150600.3.6.1 * openSUSE Leap 15.6 (noarch) * git-doc-2.43.0-150600.3.6.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * git-core-2.43.0-150600.3.6.1 * git-debugsource-2.43.0-150600.3.6.1 * git-core-debuginfo-2.43.0-150600.3.6.1 * git-debuginfo-2.43.0-150600.3.6.1 ## References: * https://www.suse.com/security/cve/CVE-2024-24577.html * https://bugzilla.suse.com/show_bug.cgi?id=1219660 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jul 22 20:30:19 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 22 Jul 2024 20:30:19 -0000 Subject: SUSE-SU-2024:2578-1: important: Security update for java-21-openjdk Message-ID: <172168021953.27158.18066817806556550538@smelt2.prg2.suse.org> # Security update for java-21-openjdk Announcement ID: SUSE-SU-2024:2578-1 Rating: important References: * bsc#1227298 * bsc#1228046 * bsc#1228047 * bsc#1228048 * bsc#1228051 * bsc#1228052 Cross-References: * CVE-2024-21131 * CVE-2024-21138 * CVE-2024-21140 * CVE-2024-21145 * CVE-2024-21147 CVSS scores: * CVE-2024-21131 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2024-21138 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-21140 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2024-21145 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2024-21147 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves five vulnerabilities and has one security fix can now be installed. ## Description: This update for java-21-openjdk fixes the following issues: Updated to version 21.0.4+7 (July 2024 CPU): * CVE-2024-21131: Fixed a potential UTF8 size overflow (bsc#1228046). * CVE-2024-21138: Fixed an infinite loop due to excessive symbol length (bsc#1228047). * CVE-2024-21140: Fixed a pre-loop limit overflow in Range Check Elimination (bsc#1228048). * CVE-2024-21147: Fixed an out-of-bounds access in 2D image handling (bsc#1228052). * CVE-2024-21145: Fixed an index overflow in RangeCheckElimination (bsc#1228051). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-2578=1 openSUSE-SLE-15.6-2024-2578=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-2578=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * java-21-openjdk-21.0.4.0-150600.3.3.1 * java-21-openjdk-headless-debuginfo-21.0.4.0-150600.3.3.1 * java-21-openjdk-jmods-21.0.4.0-150600.3.3.1 * java-21-openjdk-debugsource-21.0.4.0-150600.3.3.1 * java-21-openjdk-headless-21.0.4.0-150600.3.3.1 * java-21-openjdk-src-21.0.4.0-150600.3.3.1 * java-21-openjdk-debuginfo-21.0.4.0-150600.3.3.1 * java-21-openjdk-devel-21.0.4.0-150600.3.3.1 * java-21-openjdk-devel-debuginfo-21.0.4.0-150600.3.3.1 * java-21-openjdk-demo-21.0.4.0-150600.3.3.1 * openSUSE Leap 15.6 (noarch) * java-21-openjdk-javadoc-21.0.4.0-150600.3.3.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * java-21-openjdk-21.0.4.0-150600.3.3.1 * java-21-openjdk-headless-debuginfo-21.0.4.0-150600.3.3.1 * java-21-openjdk-debugsource-21.0.4.0-150600.3.3.1 * java-21-openjdk-headless-21.0.4.0-150600.3.3.1 * java-21-openjdk-debuginfo-21.0.4.0-150600.3.3.1 * java-21-openjdk-devel-21.0.4.0-150600.3.3.1 * java-21-openjdk-devel-debuginfo-21.0.4.0-150600.3.3.1 * java-21-openjdk-demo-21.0.4.0-150600.3.3.1 ## References: * https://www.suse.com/security/cve/CVE-2024-21131.html * https://www.suse.com/security/cve/CVE-2024-21138.html * https://www.suse.com/security/cve/CVE-2024-21140.html * https://www.suse.com/security/cve/CVE-2024-21145.html * https://www.suse.com/security/cve/CVE-2024-21147.html * https://bugzilla.suse.com/show_bug.cgi?id=1227298 * https://bugzilla.suse.com/show_bug.cgi?id=1228046 * https://bugzilla.suse.com/show_bug.cgi?id=1228047 * https://bugzilla.suse.com/show_bug.cgi?id=1228048 * https://bugzilla.suse.com/show_bug.cgi?id=1228051 * https://bugzilla.suse.com/show_bug.cgi?id=1228052 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jul 22 20:30:25 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 22 Jul 2024 20:30:25 -0000 Subject: SUSE-SU-2024:2577-1: important: Security update for python-Django Message-ID: <172168022547.27158.18128420773374613023@smelt2.prg2.suse.org> # Security update for python-Django Announcement ID: SUSE-SU-2024:2577-1 Rating: important References: * bsc#1227590 * bsc#1227593 * bsc#1227594 * bsc#1227595 Cross-References: * CVE-2024-38875 * CVE-2024-39329 * CVE-2024-39330 * CVE-2024-39614 CVSS scores: * CVE-2024-38875 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-39329 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2024-39330 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2024-39614 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Package Hub 15 15-SP6 An update that solves four vulnerabilities can now be installed. ## Description: This update for python-Django fixes the following issues: * CVE-2024-38875: Fixed potential denial-of-service attack via certain inputs with a very large number of brackets (bsc#1227590) * CVE-2024-39329: Fixed username enumeration through timing difference for users with unusable passwords (bsc#1227593) * CVE-2024-39330: Fixed potential directory traversal in django.core.files.storage.Storage.save() (bsc#1227594) * CVE-2024-39614: Fixed potential denial-of-service through django.utils.translation.get_supported_language_variant() (bsc#1227595) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-2577=1 SUSE-2024-2577=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-2577=1 ## Package List: * openSUSE Leap 15.6 (noarch) * python311-Django-4.2.11-150600.3.3.1 * SUSE Package Hub 15 15-SP6 (noarch) * python311-Django-4.2.11-150600.3.3.1 ## References: * https://www.suse.com/security/cve/CVE-2024-38875.html * https://www.suse.com/security/cve/CVE-2024-39329.html * https://www.suse.com/security/cve/CVE-2024-39330.html * https://www.suse.com/security/cve/CVE-2024-39614.html * https://bugzilla.suse.com/show_bug.cgi?id=1227590 * https://bugzilla.suse.com/show_bug.cgi?id=1227593 * https://bugzilla.suse.com/show_bug.cgi?id=1227594 * https://bugzilla.suse.com/show_bug.cgi?id=1227595 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jul 22 20:30:28 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 22 Jul 2024 20:30:28 -0000 Subject: SUSE-SU-2024:2576-1: moderate: Security update for gnome-shell Message-ID: <172168022883.27158.17930118276834607391@smelt2.prg2.suse.org> # Security update for gnome-shell Announcement ID: SUSE-SU-2024:2576-1 Rating: moderate References: * bsc#1215485 * bsc#1225567 Cross-References: * CVE-2023-43090 * CVE-2024-36472 CVSS scores: * CVE-2023-43090 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2023-43090 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-36472 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:L Affected Products: * Desktop Applications Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Workstation Extension 15 SP6 An update that solves two vulnerabilities can now be installed. ## Description: This update for gnome-shell fixes the following issues: * CVE-2024-36472: Fixed portal helper automatically launched without user confirmation (bsc#1225567) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-2576=1 openSUSE-SLE-15.6-2024-2576=1 * Desktop Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2024-2576=1 * SUSE Linux Enterprise Workstation Extension 15 SP6 zypper in -t patch SUSE-SLE-Product-WE-15-SP6-2024-2576=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * gnome-extensions-45.3-150600.5.6.1 * gnome-shell-45.3-150600.5.6.1 * gnome-shell-debugsource-45.3-150600.5.6.1 * gnome-shell-calendar-debuginfo-45.3-150600.5.6.1 * gnome-shell-debuginfo-45.3-150600.5.6.1 * gnome-shell-devel-45.3-150600.5.6.1 * gnome-shell-calendar-45.3-150600.5.6.1 * openSUSE Leap 15.6 (noarch) * gnome-shell-lang-45.3-150600.5.6.1 * Desktop Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * gnome-extensions-45.3-150600.5.6.1 * gnome-shell-45.3-150600.5.6.1 * gnome-shell-debugsource-45.3-150600.5.6.1 * gnome-shell-debuginfo-45.3-150600.5.6.1 * gnome-shell-devel-45.3-150600.5.6.1 * Desktop Applications Module 15-SP6 (noarch) * gnome-shell-lang-45.3-150600.5.6.1 * SUSE Linux Enterprise Workstation Extension 15 SP6 (x86_64) * gnome-shell-calendar-debuginfo-45.3-150600.5.6.1 * gnome-shell-debuginfo-45.3-150600.5.6.1 * gnome-shell-debugsource-45.3-150600.5.6.1 * gnome-shell-calendar-45.3-150600.5.6.1 ## References: * https://www.suse.com/security/cve/CVE-2023-43090.html * https://www.suse.com/security/cve/CVE-2024-36472.html * https://bugzilla.suse.com/show_bug.cgi?id=1215485 * https://bugzilla.suse.com/show_bug.cgi?id=1225567 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jul 22 20:30:33 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 22 Jul 2024 20:30:33 -0000 Subject: SUSE-SU-2024:2575-1: moderate: Security update for kernel-firmware Message-ID: <172168023393.27158.4224865375947903552@smelt2.prg2.suse.org> # Security update for kernel-firmware Announcement ID: SUSE-SU-2024:2575-1 Rating: moderate References: * bsc#1219458 * bsc#1222319 * bsc#1225600 * bsc#1225601 Cross-References: * CVE-2023-38417 * CVE-2023-47210 CVSS scores: * CVE-2023-38417 ( SUSE ): 4.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2023-47210 ( SUSE ): 4.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves two vulnerabilities and has two security fixes can now be installed. ## Description: This update for kernel-firmware fixes the following issues: * CVE-2023-38417: Fixed improper input validation for some Intel(R) PROSet/Wireless WiFi software for linux before version 23.20 (bsc#1225600) * CVE-2023-47210: Fixed improper input validation for some Intel(R) PROSet/Wireless WiFi software before version 23.20 (bsc#1225601) * Update to version 20240712 (git commit ed874ed83cac): * amdgpu: update DMCUB to v0.0.225.0 for Various AMDGPU Asics * qcom: add gpu firmwares for x1e80100 chipset (bsc#1219458) * linux-firmware: add firmware for qat_402xx devices * amdgpu: update raven firmware * amdgpu: update SMU 13.0.10 firmware * amdgpu: update SDMA 6.0.3 firmware * amdgpu: update PSP 13.0.10 firmware * amdgpu: update GC 11.0.3 firmware * amdgpu: update vega20 firmware * amdgpu: update PSP 13.0.5 firmware * amdgpu: update PSP 13.0.8 firmware * amdgpu: update vega12 firmware * amdgpu: update vega10 firmware * amdgpu: update VCN 4.0.0 firmware * amdgpu: update SDMA 6.0.0 firmware * amdgpu: update PSP 13.0.0 firmware * amdgpu: update GC 11.0.0 firmware * amdgpu: update picasso firmware * amdgpu: update beige goby firmware * amdgpu: update vangogh firmware * amdgpu: update dimgrey cavefish firmware * amdgpu: update navy flounder firmware * amdgpu: update PSP 13.0.11 firmware * amdgpu: update GC 11.0.4 firmware * amdgpu: update green sardine firmware * amdgpu: update VCN 4.0.2 firmware * amdgpu: update SDMA 6.0.1 firmware * amdgpu: update PSP 13.0.4 firmware * amdgpu: update GC 11.0.1 firmware * amdgpu: update sienna cichlid firmware * amdgpu: update VPE 6.1.1 firmware * amdgpu: update VCN 4.0.6 firmware * amdgpu: update SDMA 6.1.1 firmware * amdgpu: update PSP 14.0.1 firmware * amdgpu: update GC 11.5.1 firmware * amdgpu: update VCN 4.0.5 firmware * amdgpu: update SDMA 6.1.0 firmware * amdgpu: update PSP 14.0.0 firmware * amdgpu: update GC 11.5.0 firmware * amdgpu: update navi14 firmware * amdgpu: update renoir firmware * amdgpu: update navi12 firmware * amdgpu: update PSP 13.0.6 firmware * amdgpu: update GC 9.4.3 firmware * amdgpu: update yellow carp firmware * amdgpu: update VCN 4.0.4 firmware * amdgpu: update SMU 13.0.7 firmware * amdgpu: update SDMA 6.0.2 firmware * amdgpu: update PSP 13.0.7 firmware * amdgpu: update GC 11.0.2 firmware * amdgpu: update navi10 firmware * amdgpu: update raven2 firmware * amdgpu: update aldebaran firmware * linux-firmware: Update AMD cpu microcode * linux-firmware: Add ISH firmware file for Intel Lunar Lake platform * amdgpu: update DMCUB to v0.0.224.0 for Various AMDGPU Asics * cirrus: cs35l41: Update various firmware for ASUS laptops using CS35L41 * amdgpu: Update ISP FW for isp v4.1.1 * Update to version 20240622 (git commit 7d931f8afa51): * linux-firmware: mediatek: Update MT8173 VPU firmware to v1.2.0 * qcom: Add AIC100 firmware files * Update to version 20240618 (git commit 7d931f8afa51): * amlogic: Update bluetooth firmware binary * linux-firmware: Update firmware file for Intel BlazarU core * linux-firmware: Update firmware file for Intel Bluetooth Magnetor core * linux-firmware: Update firmware file for Intel Bluetooth Solar core * linux-firmware: Update firmware file for Intel Bluetooth Pulsar core * rtl_bt: Update RTL8822C BT UART firmware to 0xB5D6_6DCB * rtl_bt: Update RTL8822C BT USB firmware to 0xAED6_6DCB * amdgpu: update DMCUB to v0.0.222.0 for DCN314 * iwlwifi: add ty/So/Ma firmwares for core88-87 release * iwlwifi: update cc/Qu/QuZ firmwares for core88-87 release * linux-firmware: add new cc33xx firmware for cc33xx chips * cirrus: cs35l56: Update firmware for Cirrus CS35L56 for ASUS UM5606 laptop * cirrus: cs35l56: Update firmware for Cirrus CS35L56 for various ASUS laptops * linux-firmware: Add firmware for Lenovo Thinkbooks * amdgpu: update yellow carp firmware * amdgpu: update VCN 4.0.4 firmware * amdgpu: update SDMA 6.0.2 firmware * amdgpu: update PSP 13.0.7 firmware * amdgpu: update GC 11.0.2 firmware * amdgpu: update navi10 firmware * amdgpu: update raven2 firmware * amdgpu: update raven firmware * amdgpu: update SMU 13.0.10 firmware * amdgpu: update SDMA 6.0.3 firmware * amdgpu: update PSP 13.0.10 firmware * amdgpu: update GC 11.0.3 firmware * amdgpu: update VCN 3.1.2 firmware * amdgpu: update PSP 13.0.5 firmware * amdgpu: update psp 13.0.8 firmware * amdgpu: update vega20 firmware * amdgpu: update vega12 firmware * amdgpu: update vega10 firmware * amdgpu: update VCN 4.0.0 firmware * amdgpu: update smu 13.0.0 firmware * amdgpu: update SDMA 6.0.0 firmware * amdgpu: update PSP 13.0.0 firmware * amdgpu: update GC 11.0.0 firmware * amdgpu: update picasso firmware * amdgpu: update beige goby firmware * amdgpu: update vangogh firmware * amdgpu: update dimgrey cavefish firmware * amdgpu: update green sardine firmware * amdgpu: update navy flounder firmware * amdgpu: update PSP 13.0.11 firmware * amdgpu: update GC 11.0.4 firmware * amdgpu: update VCN 4.0.2 firmware * amdgpu: update SDMA 6.0.1 firmware * amdgpu: update PSP 13.0.4 firmware * amdgpu: update GC 11.0.1 firmware * amdgpu: update sienna cichlid firmware * amdgpu: update VCN 4.0.5 firmware * amdgpu: update PSP 14.0.0 firmware * amdgpu: update GC 11.5.0 firmware * amdgpu: update navi14 firmware * amdgpu: update SMU 13.0.6 firmware * amdgpu: update PSP 13.0.6 firmware * amdgpu: update GC 9.4.3 firmware * amdgpu: update renoir firmware * amdgpu: update navi12 firmware * amdgpu: update aldebaran firmware * amdgpu: add support for PSP 14.0.1 * amdgpu: add support for VPE 6.1.1 * amdgpu: add support for VCN 4.0.6 * amdgpu: add support for SDMA 6.1.1 * amdgpu: add support for GC 11.5.1 * amdgpu: Add support for DCN 3.5.1 * QCA: Update Bluetooth QCA2066 firmware to 2.1.0-00639 * cnm: update chips&media wave521c firmware. * linux-firmware: Add ordinary firmware for RTL8821AU device * Update to version 20240519 (git commit aae8224390e2): * amdgpu: add new ISP 4.1.1 firmware * Update to version 20240510 (git commit 7c2303328d8e): * linux-firmware: Amphion: Update vpu firmware * linux-firmware: Update firmware file for Intel BlazarU core * linux-firmware: Update firmware file for Intel Bluetooth Magnetor core * linux-firmware: Update firmware file for Intel Bluetooth Solar core * linux-firmware: Update firmware file for Intel Bluetooth Solar core * i915: Add BMG DMC v2.06 * linux-firmware: Add CS35L41 HDA Firmware for Asus HN7306 * linux-firmware: Update firmware tuning for HP Consumer Laptop * amdgpu: DMCUB updates for various AMDGPU ASICs * rtl_bt: Update RTL8822C BT UART firmware to 0x0FD6_407B * rtl_bt: Update RTL8822C BT USB firmware to 0x0ED6_407B * cirrus: cs35l56: Add firmware for Cirrus CS35L56 for various ASUS laptops * linux-firmware: Add firmware and tuning for Lenovo Y770S * Update to version 20240426 (git commit 2398d264f953): * amdgpu: DMCUB updates for various AMDGPU ASICs * linux-firmware: Add firmware for Cirrus CS35L56 for various HP laptops * i915: Update Xe2LPD DMC to v2.20 * linux-firmware: Remove Calibration Firmware and Tuning for CS35L41 * linux-firmware: Add firmware for Lenovo Thinkbook 13X * ASoC: tas2781: Add dsp firmware for Thinkpad ICE-1 laptop * amdgpu: add DMCUB 3.5 firmware * amdgpu: add VPE 6.1.0 firmware * amdgpu: add VCN 4.0.5 firmware * amdgpu: add UMSCH 4.0.0 firmware * amdgpu: add SDMA 6.1.0 firmware * amdgpu: add PSP 14.0.0 firmware * amdgpu: add GC 11.5.0 firmware * amdgpu: update license date * Update to version 20240419 (git commit 7eab37522984): * Montage: update firmware for Mont-TSSE * linux-firmware: Add tuning parameter configs for CS35L41 Firmware * linux-firmware: Fix firmware names for Laptop SSID 104316a3 * linux-firmware: Add CS35L41 HDA Firmware for Lenovo Legion Slim 7 16ARHA7 * linux-firmware: update firmware for mediatek bluetooth chip (MT7922) * linux-firmware: update firmware for MT7922 WiFi device * iwlwifi: add gl FW for core87-44 release * iwlwifi: add ty/So/Ma firmwares for core87-44 release * iwlwifi: update cc/Qu/QuZ firmwares for core87-44 release * nvidia: Update Tegra210 XUSB firmware to v50.29 * amdgpu: update beige goby firmware * amdgpu: update dimgrey cavefish firmware * amdgpu: update psp 13.0.11 firmware * amdgpu: update gc 11.0.4 firmware * amdgpu: update navy flounder firmware * amdgpu: update renoir firmware * amdgpu: update vcn 4.0.2 firmware * amdgpu: update sdma 6.0.1 firmware * amdgpu: update psp 13.0.4 firmware * amdgpu: update gc 11.0.1 firmware * amdgpu: update sienna cichlid firmware * amdgpu: update vega20 firmware * amdgpu: update yellow carp firmware * amdgpu: update green sardine firmware * amdgpu: update vega12 firmware * amdgpu: update raven2 firmware * amdgpu: update vcn 4.0.4 firmware * amdgpu: update smu 13.0.7 firmware * amdgpu: update sdma 6.0.2 firmware * amdgpu: update ipsp 13.0.7 firmware * amdgpu: update gc 11.0.2 firmware * amdgpu: update vega10 firmware * amdgpu: update raven firmware * amdgpu: update navi14 firmware * amdgpu: update smu 13.0.10 firmware * amdgpu: update sdma 6.0.3 firmware * amdgpu: update psp 13.0.10 firmware * amdgpu: update gc 11.0.3 firmware * amdgpu: update vcn 3.1.2 firmware * amdgpu: update psp 13.0.5 firmware * amdgpu: update gc 10.3.6 firmware * amdgpu: update navi12 firmware * amdgpu: update arcturus firmware * amdgpu: update vangogh firmware * amdgpu: update navi10 firmware * amdgpu: update vcn 4.0.3 firmware * amdgpu: update smu 13.0.6 firmware * amdgpu: update psp 13.0.6 firmware * amdgpu: update gc 9.4.3 firmware * amdgpu: update vcn 4.0.0 firmware * amdgpu: update smu 13.0.0 firmware * amdgpu: update sdma 6.0.0 firmware * amdgpu: update psp 13.0.0 firmware * amdgpu: update gc 11.0.0 firmware * amdgpu: update firmware * amdgpu: update aldebaran firmware * amdgpu: update psp 13.0.8 firmware * amdgpu: update gc 10.3.7 firmware * linux-firmware: mediatek: Update MT8173 VPU firmware to v1.1.9 * ath10k: WCN3990: hw1.0: add qcm2290 firmware API file * ath10k: WCN3990: hw1.0: move firmware back from qcom/ location * i915: Add DG2 HuC 7.10.15 * amdgpu: DMCUB updates for various AMDGPU ASICs * linux-firmware: update firmware for en8811h 2.5G ethernet phy * rtw89: 8852c: update fw to v0.27.56.14 * rtw89: 8922a: add firmware v0.35.18.0 * rtw88: Add RTL8703B firmware v11.0.0 * Drop duplicated WHENCE from kernel-firmware-* subpackages (bsc#1222319) * Update to version 20240322 (git commit 9a6a0cc195c1): * mekdiatek: Update mt8186 SOF firmware to v2.0.1 * linux-firmware: Add firmware for Cirrus CS35L56 for Dell laptops * Montage: update firmware for Mont-TSSE * WHENCE: Link the Raspberry Pi CM4 and 5B to the 4B * Intel Bluetooth: Update firmware file for Intel Bluetooth BE200 * Intel Bluetooth: Update firmware file for Magnetor Intel Bluetooth AX101 * Intel Bluetooth: Update firmware file for Magnetor Intel Bluetooth AX203 * Intel Bluetooth: Update firmware file for Magnetor Intel Bluetooth AX211 * Intel Bluetooth: Update firmware file for SolarF Intel Bluetooth AX101 * Intel Bluetooth: Update firmware file for Solar Intel Bluetooth AX101 * Intel Bluetooth: Update firmware file for SolarF Intel Bluetooth AX203 * Intel Bluetooth: Update firmware file for Solar Intel Bluetooth AX203 * Intel Bluetooth: Update firmware file for SolarF Intel Bluetooth AX211 * Intel Bluetooth: Update firmware file for Solar Intel Bluetooth AX211 * Intel Bluetooth: Update firmware file for Solar Intel Bluetooth AX210 * Intel Bluetooth: Update firmware file for Intel Bluetooth AX200 * Intel Bluetooth: Update firmware file for Intel Bluetooth AX201 * Intel Bluetooth: Update firmware file for Intel Bluetooth 9560 * Intel Bluetooth: Update firmware file for Intel Bluetooth 9260 * amdgpu: DMCUB updates for various AMDGPU ASICs * linux-firmware: mediatek: Update MT8173 VPU firmware to v1.1.8 * imx: sdma: update firmware to v3.6/v4.6 * Update to version 20240312 (git commit 4a404b5bfdb9): * linux-firmware: update firmware for mediatek bluetooth chip (MT7921) * iwlwifi: update 9000-family firmwares to core85-89 * rtl_bt: Update RTL8852A BT USB firmware to 0xD9D6_17DA * linux-firmware: update firmware for MT7921 WiFi device * linux-firmware: update firmware for mediatek bluetooth chip (MT7922) * linux-firmware: update firmware for MT7922 WiFi device * linux-firmware: Add CS35L41 HDA Firmware for Lenovo Thinkbook 16P Laptops * Update to version 20240229 (git commit 977332782302): * amdgpu: Update VCN firmware binaries * Intel IPU2: Add firmware files * brcm: Add nvram for the Acer Iconia One 7 B1-750 tablet * i915: Add Xe2LPD DMC v2.18 * i915: Update MTL DMC v2.21 * Update to version 20240220 (git commit 73b4429fae36): * linux-firmware: update firmware for en8811h 2.5G ethernet phy * linux-firmware: add firmware for MT7996 * xe: First GuC release for LNL and Xe * i915: Add GuC v70.20.0 for ADL-P, DG1, DG2, MTL and TGL * linux-firmware: Add CS35L41 firmware for Lenovo Legion 7i gen7 laptop (16IAX7) * brcm: Add nvram for the Asus Memo Pad 7 ME176C tablet * ice: update ice DDP package to 1.3.36.0 * Intel IPU3 ImgU: Move firmware file under intel/ipu * Intel IPU6: Move firmware binaries under ipu/ * check_whence: Add a check for duplicate link entries * WHENCE: Clean up section separators * linux-firmware: Add CS35L41 firmware for additional ASUS Zenbook 2023 models * panthor: Add initial firmware for Gen10 Arm Mali GPUs * amdgpu: DMCUB Updates for DCN321: 7.0.38.0 * amdgpu: DMCUB updates for Yellow Carp: 4.0.68.0 * qcom: update venus firmware file for v5.4 * Montage: add firmware for Mont-TSSE * amdgpu: update DMCUB to v0.0.203.0 for DCN314 and DCN32 * linux-firmware: Remove 2 HP laptops using CS35L41 Audio Firmware * linux-firmware: Fix filenames for some CS35L41 firmwares for HP ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-2575=1 openSUSE-SLE-15.6-2024-2575=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-2575=1 ## Package List: * openSUSE Leap 15.6 (noarch) * kernel-firmware-ath12k-20240712-150600.3.3.1 * kernel-firmware-marvell-20240712-150600.3.3.1 * kernel-firmware-nfp-20240712-150600.3.3.1 * kernel-firmware-dpaa2-20240712-150600.3.3.1 * kernel-firmware-chelsio-20240712-150600.3.3.1 * kernel-firmware-prestera-20240712-150600.3.3.1 * kernel-firmware-realtek-20240712-150600.3.3.1 * kernel-firmware-bnx2-20240712-150600.3.3.1 * kernel-firmware-bluetooth-20240712-150600.3.3.1 * kernel-firmware-mellanox-20240712-150600.3.3.1 * kernel-firmware-liquidio-20240712-150600.3.3.1 * kernel-firmware-ath10k-20240712-150600.3.3.1 * ucode-amd-20240712-150600.3.3.1 * kernel-firmware-ueagle-20240712-150600.3.3.1 * kernel-firmware-mediatek-20240712-150600.3.3.1 * kernel-firmware-mwifiex-20240712-150600.3.3.1 * kernel-firmware-atheros-20240712-150600.3.3.1 * kernel-firmware-qcom-20240712-150600.3.3.1 * kernel-firmware-network-20240712-150600.3.3.1 * kernel-firmware-radeon-20240712-150600.3.3.1 * kernel-firmware-i915-20240712-150600.3.3.1 * kernel-firmware-iwlwifi-20240712-150600.3.3.1 * kernel-firmware-serial-20240712-150600.3.3.1 * kernel-firmware-usb-network-20240712-150600.3.3.1 * kernel-firmware-amdgpu-20240712-150600.3.3.1 * kernel-firmware-nvidia-20240712-150600.3.3.1 * kernel-firmware-intel-20240712-150600.3.3.1 * kernel-firmware-ti-20240712-150600.3.3.1 * kernel-firmware-ath11k-20240712-150600.3.3.1 * kernel-firmware-media-20240712-150600.3.3.1 * kernel-firmware-qlogic-20240712-150600.3.3.1 * kernel-firmware-all-20240712-150600.3.3.1 * kernel-firmware-20240712-150600.3.3.1 * kernel-firmware-sound-20240712-150600.3.3.1 * kernel-firmware-platform-20240712-150600.3.3.1 * kernel-firmware-brcm-20240712-150600.3.3.1 * Basesystem Module 15-SP6 (noarch) * kernel-firmware-ath12k-20240712-150600.3.3.1 * kernel-firmware-marvell-20240712-150600.3.3.1 * kernel-firmware-nfp-20240712-150600.3.3.1 * kernel-firmware-dpaa2-20240712-150600.3.3.1 * kernel-firmware-chelsio-20240712-150600.3.3.1 * kernel-firmware-prestera-20240712-150600.3.3.1 * kernel-firmware-realtek-20240712-150600.3.3.1 * kernel-firmware-bnx2-20240712-150600.3.3.1 * kernel-firmware-bluetooth-20240712-150600.3.3.1 * kernel-firmware-mellanox-20240712-150600.3.3.1 * kernel-firmware-liquidio-20240712-150600.3.3.1 * kernel-firmware-ath10k-20240712-150600.3.3.1 * ucode-amd-20240712-150600.3.3.1 * kernel-firmware-ueagle-20240712-150600.3.3.1 * kernel-firmware-mediatek-20240712-150600.3.3.1 * kernel-firmware-mwifiex-20240712-150600.3.3.1 * kernel-firmware-atheros-20240712-150600.3.3.1 * kernel-firmware-qcom-20240712-150600.3.3.1 * kernel-firmware-network-20240712-150600.3.3.1 * kernel-firmware-radeon-20240712-150600.3.3.1 * kernel-firmware-i915-20240712-150600.3.3.1 * kernel-firmware-iwlwifi-20240712-150600.3.3.1 * kernel-firmware-serial-20240712-150600.3.3.1 * kernel-firmware-usb-network-20240712-150600.3.3.1 * kernel-firmware-amdgpu-20240712-150600.3.3.1 * kernel-firmware-nvidia-20240712-150600.3.3.1 * kernel-firmware-intel-20240712-150600.3.3.1 * kernel-firmware-ti-20240712-150600.3.3.1 * kernel-firmware-ath11k-20240712-150600.3.3.1 * kernel-firmware-media-20240712-150600.3.3.1 * kernel-firmware-qlogic-20240712-150600.3.3.1 * kernel-firmware-all-20240712-150600.3.3.1 * kernel-firmware-sound-20240712-150600.3.3.1 * kernel-firmware-platform-20240712-150600.3.3.1 * kernel-firmware-brcm-20240712-150600.3.3.1 ## References: * https://www.suse.com/security/cve/CVE-2023-38417.html * https://www.suse.com/security/cve/CVE-2023-47210.html * https://bugzilla.suse.com/show_bug.cgi?id=1219458 * https://bugzilla.suse.com/show_bug.cgi?id=1222319 * https://bugzilla.suse.com/show_bug.cgi?id=1225600 * https://bugzilla.suse.com/show_bug.cgi?id=1225601 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jul 22 20:30:38 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 22 Jul 2024 20:30:38 -0000 Subject: SUSE-SU-2024:2574-1: moderate: Security update for nodejs20 Message-ID: <172168023868.27158.9396377880445581447@smelt2.prg2.suse.org> # Security update for nodejs20 Announcement ID: SUSE-SU-2024:2574-1 Rating: moderate References: * bsc#1227554 * bsc#1227560 * bsc#1227561 * bsc#1227562 * bsc#1227563 Cross-References: * CVE-2024-22018 * CVE-2024-22020 * CVE-2024-27980 * CVE-2024-36137 * CVE-2024-36138 * CVE-2024-37372 CVSS scores: * CVE-2024-22018 ( SUSE ): 2.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N * CVE-2024-22020 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:H * CVE-2024-36137 ( SUSE ): 3.9 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * Web and Scripting Module 15-SP6 An update that solves six vulnerabilities can now be installed. ## Description: This update for nodejs20 fixes the following issues: Update to 20.15.1: * CVE-2024-36138: Fixed CVE-2024-27980 fix bypass (bsc#1227560) * CVE-2024-22020: Fixed a bypass of network import restriction via data URL (bsc#1227554) * CVE-2024-22018: Fixed fs.lstat bypasses permission model (bsc#1227562) * CVE-2024-36137: Fixed fs.fchown/fchmod bypasses permission model (bsc#1227561) * CVE-2024-37372: Fixed Permission model improperly processes UNC paths (bsc#1227563) Changes in 20.15.0: * test_runner: support test plans * inspector: introduce the --inspect-wait flag * zlib: expose zlib.crc32() * cli: allow running wasm in limited vmem with --disable-wasm-trap-handler Changes in 20.14.0 * src,permission: throw async errors on async APIs * test_runner: support forced exit Changes in 20.13.1: * buffer: improve base64 and base64url performance * crypto: deprecate implicitly shortened GCM tags * events,doc: mark CustomEvent as stable * fs: add stacktrace to fs/promises * report: add --report-exclude-network option * src: add uv_get_available_memory to report and process * stream: support typed arrays * util: support array of formats in util.styleText * v8: implement v8.queryObjects() for memory leak regression testing * watch: mark as stable ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-2574=1 openSUSE-SLE-15.6-2024-2574=1 * Web and Scripting Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Web-Scripting-15-SP6-2024-2574=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * npm20-20.15.1-150600.3.3.2 * nodejs20-debugsource-20.15.1-150600.3.3.2 * nodejs20-devel-20.15.1-150600.3.3.2 * nodejs20-20.15.1-150600.3.3.2 * corepack20-20.15.1-150600.3.3.2 * nodejs20-debuginfo-20.15.1-150600.3.3.2 * openSUSE Leap 15.6 (noarch) * nodejs20-docs-20.15.1-150600.3.3.2 * Web and Scripting Module 15-SP6 (aarch64 ppc64le s390x x86_64) * npm20-20.15.1-150600.3.3.2 * nodejs20-debugsource-20.15.1-150600.3.3.2 * nodejs20-devel-20.15.1-150600.3.3.2 * nodejs20-20.15.1-150600.3.3.2 * nodejs20-debuginfo-20.15.1-150600.3.3.2 * Web and Scripting Module 15-SP6 (noarch) * nodejs20-docs-20.15.1-150600.3.3.2 ## References: * https://www.suse.com/security/cve/CVE-2024-22018.html * https://www.suse.com/security/cve/CVE-2024-22020.html * https://www.suse.com/security/cve/CVE-2024-27980.html * https://www.suse.com/security/cve/CVE-2024-36137.html * https://www.suse.com/security/cve/CVE-2024-36138.html * https://www.suse.com/security/cve/CVE-2024-37372.html * https://bugzilla.suse.com/show_bug.cgi?id=1227554 * https://bugzilla.suse.com/show_bug.cgi?id=1227560 * https://bugzilla.suse.com/show_bug.cgi?id=1227561 * https://bugzilla.suse.com/show_bug.cgi?id=1227562 * https://bugzilla.suse.com/show_bug.cgi?id=1227563 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jul 22 20:30:45 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 22 Jul 2024 20:30:45 -0000 Subject: SUSE-SU-2024:2572-1: moderate: Security update for python312 Message-ID: <172168024534.27158.7432891560753446167@smelt2.prg2.suse.org> # Security update for python312 Announcement ID: SUSE-SU-2024:2572-1 Rating: moderate References: * bsc#1225660 * bsc#1226447 * bsc#1226448 * bsc#1227152 * bsc#1227378 Cross-References: * CVE-2024-0397 * CVE-2024-4030 * CVE-2024-4032 CVSS scores: * CVE-2024-0397 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L * CVE-2024-4030 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2024-4032 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * openSUSE Leap 15.6 * Python 3 Module 15-SP6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves three vulnerabilities and has two security fixes can now be installed. ## Description: This update for python312 fixes the following issues: * CVE-2024-4032: Corrected information about public and private IPv4 and IPv6 address ranges (bsc#1226448). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-2572=1 SUSE-2024-2572=1 * Python 3 Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Python3-15-SP6-2024-2572=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * python312-dbm-debuginfo-3.12.4-150600.3.3.1 * libpython3_12-1_0-debuginfo-3.12.4-150600.3.3.1 * python312-base-3.12.4-150600.3.3.1 * python312-idle-3.12.4-150600.3.3.1 * python312-tools-3.12.4-150600.3.3.1 * python312-dbm-3.12.4-150600.3.3.1 * python312-debuginfo-3.12.4-150600.3.3.1 * python312-3.12.4-150600.3.3.1 * python312-devel-3.12.4-150600.3.3.1 * python312-testsuite-3.12.4-150600.3.3.1 * libpython3_12-1_0-3.12.4-150600.3.3.1 * python312-testsuite-debuginfo-3.12.4-150600.3.3.1 * python312-debugsource-3.12.4-150600.3.3.1 * python312-doc-3.12.4-150600.3.3.1 * python312-tk-3.12.4-150600.3.3.1 * python312-curses-3.12.4-150600.3.3.1 * python312-core-debugsource-3.12.4-150600.3.3.1 * python312-curses-debuginfo-3.12.4-150600.3.3.1 * python312-base-debuginfo-3.12.4-150600.3.3.1 * python312-doc-devhelp-3.12.4-150600.3.3.1 * python312-tk-debuginfo-3.12.4-150600.3.3.1 * openSUSE Leap 15.6 (x86_64) * libpython3_12-1_0-32bit-3.12.4-150600.3.3.1 * python312-32bit-3.12.4-150600.3.3.1 * python312-32bit-debuginfo-3.12.4-150600.3.3.1 * python312-base-32bit-debuginfo-3.12.4-150600.3.3.1 * python312-base-32bit-3.12.4-150600.3.3.1 * libpython3_12-1_0-32bit-debuginfo-3.12.4-150600.3.3.1 * openSUSE Leap 15.6 (aarch64_ilp32) * python312-base-64bit-debuginfo-3.12.4-150600.3.3.1 * libpython3_12-1_0-64bit-debuginfo-3.12.4-150600.3.3.1 * python312-base-64bit-3.12.4-150600.3.3.1 * python312-64bit-3.12.4-150600.3.3.1 * python312-64bit-debuginfo-3.12.4-150600.3.3.1 * libpython3_12-1_0-64bit-3.12.4-150600.3.3.1 * Python 3 Module 15-SP6 (aarch64 ppc64le s390x x86_64) * python312-debuginfo-3.12.4-150600.3.3.1 * python312-dbm-debuginfo-3.12.4-150600.3.3.1 * python312-3.12.4-150600.3.3.1 * python312-devel-3.12.4-150600.3.3.1 * python312-core-debugsource-3.12.4-150600.3.3.1 * libpython3_12-1_0-debuginfo-3.12.4-150600.3.3.1 * python312-dbm-3.12.4-150600.3.3.1 * python312-tk-debuginfo-3.12.4-150600.3.3.1 * python312-base-3.12.4-150600.3.3.1 * python312-curses-debuginfo-3.12.4-150600.3.3.1 * libpython3_12-1_0-3.12.4-150600.3.3.1 * python312-idle-3.12.4-150600.3.3.1 * python312-base-debuginfo-3.12.4-150600.3.3.1 * python312-tk-3.12.4-150600.3.3.1 * python312-tools-3.12.4-150600.3.3.1 * python312-debugsource-3.12.4-150600.3.3.1 * python312-curses-3.12.4-150600.3.3.1 ## References: * https://www.suse.com/security/cve/CVE-2024-0397.html * https://www.suse.com/security/cve/CVE-2024-4030.html * https://www.suse.com/security/cve/CVE-2024-4032.html * https://bugzilla.suse.com/show_bug.cgi?id=1225660 * https://bugzilla.suse.com/show_bug.cgi?id=1226447 * https://bugzilla.suse.com/show_bug.cgi?id=1226448 * https://bugzilla.suse.com/show_bug.cgi?id=1227152 * https://bugzilla.suse.com/show_bug.cgi?id=1227378 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jul 22 20:34:24 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 22 Jul 2024 20:34:24 -0000 Subject: SUSE-SU-2024:2571-1: important: Security update for the Linux Kernel Message-ID: <172168046445.27158.5029955348336884721@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2024:2571-1 Rating: important References: * bsc#1186716 * bsc#1195775 * bsc#1204562 * bsc#1209834 * bsc#1217481 * bsc#1217912 * bsc#1218442 * bsc#1219224 * bsc#1219478 * bsc#1219596 * bsc#1219633 * bsc#1219847 * bsc#1219953 * bsc#1221086 * bsc#1221777 * bsc#1221958 * bsc#1222011 * bsc#1222015 * bsc#1222080 * bsc#1222241 * bsc#1222380 * bsc#1222588 * bsc#1222617 * bsc#1222619 * bsc#1222809 * bsc#1222810 * bsc#1223018 * bsc#1223265 * bsc#1224049 * bsc#1224187 * bsc#1224439 * bsc#1224497 * bsc#1224498 * bsc#1224515 * bsc#1224520 * bsc#1224523 * bsc#1224539 * bsc#1224540 * bsc#1224549 * bsc#1224572 * bsc#1224575 * bsc#1224583 * bsc#1224584 * bsc#1224606 * bsc#1224612 * bsc#1224614 * bsc#1224619 * bsc#1224655 * bsc#1224659 * bsc#1224661 * bsc#1224662 * bsc#1224670 * bsc#1224673 * bsc#1224698 * bsc#1224735 * bsc#1224751 * bsc#1224759 * bsc#1224928 * bsc#1224930 * bsc#1224932 * bsc#1224933 * bsc#1224935 * bsc#1224937 * bsc#1224939 * bsc#1224941 * bsc#1224944 * bsc#1224946 * bsc#1224947 * bsc#1224949 * bsc#1224951 * bsc#1224988 * bsc#1224992 * bsc#1224998 * bsc#1225000 * bsc#1225001 * bsc#1225004 * bsc#1225006 * bsc#1225008 * bsc#1225009 * bsc#1225014 * bsc#1225015 * bsc#1225022 * bsc#1225025 * bsc#1225028 * bsc#1225029 * bsc#1225031 * bsc#1225036 * bsc#1225041 * bsc#1225044 * bsc#1225049 * bsc#1225050 * bsc#1225076 * bsc#1225077 * bsc#1225078 * bsc#1225081 * bsc#1225085 * bsc#1225086 * bsc#1225090 * bsc#1225092 * bsc#1225096 * bsc#1225097 * bsc#1225098 * bsc#1225101 * bsc#1225103 * bsc#1225104 * bsc#1225105 * bsc#1225106 * bsc#1225108 * bsc#1225120 * bsc#1225132 * bsc#1225180 * bsc#1225300 * bsc#1225391 * bsc#1225472 * bsc#1225475 * bsc#1225476 * bsc#1225477 * bsc#1225478 * bsc#1225485 * bsc#1225490 * bsc#1225527 * bsc#1225529 * bsc#1225530 * bsc#1225532 * bsc#1225534 * bsc#1225548 * bsc#1225550 * bsc#1225553 * bsc#1225554 * bsc#1225555 * bsc#1225556 * bsc#1225557 * bsc#1225559 * bsc#1225560 * bsc#1225564 * bsc#1225565 * bsc#1225566 * bsc#1225568 * bsc#1225569 * bsc#1225570 * bsc#1225571 * bsc#1225572 * bsc#1225573 * bsc#1225577 * bsc#1225581 * bsc#1225583 * bsc#1225584 * bsc#1225585 * bsc#1225586 * bsc#1225587 * bsc#1225588 * bsc#1225589 * bsc#1225590 * bsc#1225591 * bsc#1225592 * bsc#1225594 * bsc#1225595 * bsc#1225599 * bsc#1225602 * bsc#1225605 * bsc#1225609 * bsc#1225611 * bsc#1225681 * bsc#1225702 * bsc#1225723 * bsc#1225726 * bsc#1225731 * bsc#1225732 * bsc#1225737 * bsc#1225741 * bsc#1225758 * bsc#1225759 * bsc#1225760 * bsc#1225761 * bsc#1225762 * bsc#1225763 * bsc#1225767 * bsc#1225770 * bsc#1225815 * bsc#1225820 * bsc#1225823 * bsc#1225827 * bsc#1225834 * bsc#1225866 * bsc#1225872 * bsc#1225898 * bsc#1225903 * bsc#1226022 * bsc#1226131 * bsc#1226145 * bsc#1226149 * bsc#1226155 * bsc#1226158 * bsc#1226163 * bsc#1226211 * bsc#1226212 * bsc#1226226 * bsc#1226457 * bsc#1226503 * bsc#1226513 * bsc#1226514 * bsc#1226520 * bsc#1226582 * bsc#1226587 * bsc#1226588 * bsc#1226592 * bsc#1226593 * bsc#1226594 * bsc#1226595 * bsc#1226597 * bsc#1226607 * bsc#1226608 * bsc#1226610 * bsc#1226612 * bsc#1226613 * bsc#1226630 * bsc#1226632 * bsc#1226633 * bsc#1226634 * bsc#1226637 * bsc#1226657 * bsc#1226658 * bsc#1226734 * bsc#1226735 * bsc#1226737 * bsc#1226738 * bsc#1226739 * bsc#1226740 * bsc#1226741 * bsc#1226742 * bsc#1226744 * bsc#1226746 * bsc#1226747 * bsc#1226749 * bsc#1226754 * bsc#1226758 * bsc#1226760 * bsc#1226761 * bsc#1226764 * bsc#1226767 * bsc#1226768 * bsc#1226769 * bsc#1226771 * bsc#1226772 * bsc#1226774 * bsc#1226775 * bsc#1226776 * bsc#1226777 * bsc#1226780 * bsc#1226781 * bsc#1226786 * bsc#1226788 * bsc#1226789 * bsc#1226790 * bsc#1226791 * bsc#1226796 * bsc#1226799 * bsc#1226837 * bsc#1226839 * bsc#1226840 * bsc#1226841 * bsc#1226842 * bsc#1226844 * bsc#1226848 * bsc#1226852 * bsc#1226856 * bsc#1226857 * bsc#1226859 * bsc#1226861 * bsc#1226863 * bsc#1226864 * bsc#1226867 * bsc#1226868 * bsc#1226875 * bsc#1226876 * bsc#1226878 * bsc#1226879 * bsc#1226886 * bsc#1226890 * bsc#1226891 * bsc#1226894 * bsc#1226895 * bsc#1226905 * bsc#1226908 * bsc#1226909 * bsc#1226911 * bsc#1226928 * bsc#1226934 * bsc#1226938 * bsc#1226939 * bsc#1226941 * bsc#1226948 * bsc#1226949 * bsc#1226950 * bsc#1226962 * bsc#1226976 * bsc#1226989 * bsc#1226990 * bsc#1226992 * bsc#1226994 * bsc#1226995 * bsc#1226996 * bsc#1227066 * bsc#1227072 * bsc#1227085 * bsc#1227089 * bsc#1227090 * bsc#1227096 * bsc#1227101 * bsc#1227190 * jsc#PED-8491 * jsc#PED-8570 * jsc#PED-8688 Cross-References: * CVE-2021-47432 * CVE-2022-48772 * CVE-2023-52622 * CVE-2023-52656 * CVE-2023-52672 * CVE-2023-52699 * CVE-2023-52735 * CVE-2023-52749 * CVE-2023-52750 * CVE-2023-52753 * CVE-2023-52754 * CVE-2023-52757 * CVE-2023-52759 * CVE-2023-52762 * CVE-2023-52763 * CVE-2023-52764 * CVE-2023-52765 * CVE-2023-52766 * CVE-2023-52767 * CVE-2023-52768 * CVE-2023-52769 * CVE-2023-52773 * CVE-2023-52774 * CVE-2023-52776 * CVE-2023-52777 * CVE-2023-52780 * CVE-2023-52781 * CVE-2023-52782 * CVE-2023-52783 * CVE-2023-52784 * CVE-2023-52786 * CVE-2023-52787 * CVE-2023-52788 * CVE-2023-52789 * CVE-2023-52791 * CVE-2023-52792 * CVE-2023-52794 * CVE-2023-52795 * CVE-2023-52796 * CVE-2023-52798 * CVE-2023-52799 * CVE-2023-52800 * CVE-2023-52801 * CVE-2023-52803 * CVE-2023-52804 * CVE-2023-52805 * CVE-2023-52806 * CVE-2023-52807 * CVE-2023-52808 * CVE-2023-52809 * CVE-2023-52810 * CVE-2023-52811 * CVE-2023-52812 * CVE-2023-52813 * CVE-2023-52814 * CVE-2023-52815 * CVE-2023-52816 * CVE-2023-52817 * CVE-2023-52818 * CVE-2023-52819 * CVE-2023-52821 * CVE-2023-52825 * CVE-2023-52826 * CVE-2023-52827 * CVE-2023-52829 * CVE-2023-52832 * CVE-2023-52833 * CVE-2023-52834 * CVE-2023-52835 * CVE-2023-52836 * CVE-2023-52837 * CVE-2023-52838 * CVE-2023-52840 * CVE-2023-52841 * CVE-2023-52842 * CVE-2023-52843 * CVE-2023-52844 * CVE-2023-52845 * CVE-2023-52846 * CVE-2023-52847 * CVE-2023-52849 * CVE-2023-52850 * CVE-2023-52851 * CVE-2023-52853 * CVE-2023-52854 * CVE-2023-52855 * CVE-2023-52856 * CVE-2023-52857 * CVE-2023-52858 * CVE-2023-52861 * CVE-2023-52862 * CVE-2023-52863 * CVE-2023-52864 * CVE-2023-52865 * CVE-2023-52866 * CVE-2023-52867 * CVE-2023-52868 * CVE-2023-52869 * CVE-2023-52870 * CVE-2023-52871 * CVE-2023-52872 * CVE-2023-52873 * CVE-2023-52874 * CVE-2023-52875 * CVE-2023-52876 * CVE-2023-52877 * CVE-2023-52878 * CVE-2023-52879 * CVE-2023-52880 * CVE-2023-52881 * CVE-2023-52883 * CVE-2023-52884 * CVE-2024-26482 * CVE-2024-26625 * CVE-2024-26676 * CVE-2024-26750 * CVE-2024-26758 * CVE-2024-26767 * CVE-2024-26780 * CVE-2024-26813 * CVE-2024-26814 * CVE-2024-26845 * CVE-2024-26889 * CVE-2024-26920 * CVE-2024-27414 * CVE-2024-27419 * CVE-2024-33619 * CVE-2024-34777 * CVE-2024-35247 * CVE-2024-35807 * CVE-2024-35827 * CVE-2024-35831 * CVE-2024-35843 * CVE-2024-35848 * CVE-2024-35857 * CVE-2024-35880 * CVE-2024-35884 * CVE-2024-35886 * CVE-2024-35892 * CVE-2024-35896 * CVE-2024-35898 * CVE-2024-35900 * CVE-2024-35925 * CVE-2024-35926 * CVE-2024-35957 * CVE-2024-35962 * CVE-2024-35970 * CVE-2024-35976 * CVE-2024-35979 * CVE-2024-35998 * CVE-2024-36005 * CVE-2024-36008 * CVE-2024-36010 * CVE-2024-36017 * CVE-2024-36024 * CVE-2024-36281 * CVE-2024-36477 * CVE-2024-36478 * CVE-2024-36479 * CVE-2024-36882 * CVE-2024-36887 * CVE-2024-36899 * CVE-2024-36900 * CVE-2024-36903 * CVE-2024-36904 * CVE-2024-36915 * CVE-2024-36916 * CVE-2024-36917 * CVE-2024-36919 * CVE-2024-36923 * CVE-2024-36924 * CVE-2024-36926 * CVE-2024-36934 * CVE-2024-36935 * CVE-2024-36937 * CVE-2024-36938 * CVE-2024-36945 * CVE-2024-36952 * CVE-2024-36957 * CVE-2024-36960 * CVE-2024-36962 * CVE-2024-36964 * CVE-2024-36965 * CVE-2024-36967 * CVE-2024-36969 * CVE-2024-36971 * CVE-2024-36972 * CVE-2024-36973 * CVE-2024-36975 * CVE-2024-36977 * CVE-2024-36978 * CVE-2024-37021 * CVE-2024-37078 * CVE-2024-37353 * CVE-2024-37354 * CVE-2024-38381 * CVE-2024-38384 * CVE-2024-38385 * CVE-2024-38388 * CVE-2024-38390 * CVE-2024-38391 * CVE-2024-38539 * CVE-2024-38540 * CVE-2024-38541 * CVE-2024-38543 * CVE-2024-38544 * CVE-2024-38545 * CVE-2024-38546 * CVE-2024-38547 * CVE-2024-38548 * CVE-2024-38549 * CVE-2024-38550 * CVE-2024-38551 * CVE-2024-38552 * CVE-2024-38553 * CVE-2024-38554 * CVE-2024-38555 * CVE-2024-38556 * CVE-2024-38557 * CVE-2024-38559 * CVE-2024-38560 * CVE-2024-38562 * CVE-2024-38564 * CVE-2024-38565 * CVE-2024-38566 * CVE-2024-38567 * CVE-2024-38568 * CVE-2024-38569 * CVE-2024-38570 * CVE-2024-38571 * CVE-2024-38572 * CVE-2024-38573 * CVE-2024-38575 * CVE-2024-38578 * CVE-2024-38579 * CVE-2024-38580 * CVE-2024-38581 * CVE-2024-38582 * CVE-2024-38583 * CVE-2024-38587 * CVE-2024-38588 * CVE-2024-38590 * CVE-2024-38591 * CVE-2024-38592 * CVE-2024-38594 * CVE-2024-38595 * CVE-2024-38597 * CVE-2024-38599 * CVE-2024-38600 * CVE-2024-38601 * CVE-2024-38602 * CVE-2024-38603 * CVE-2024-38605 * CVE-2024-38608 * CVE-2024-38610 * CVE-2024-38611 * CVE-2024-38615 * CVE-2024-38616 * CVE-2024-38617 * CVE-2024-38618 * CVE-2024-38619 * CVE-2024-38621 * CVE-2024-38622 * CVE-2024-38627 * CVE-2024-38628 * CVE-2024-38629 * CVE-2024-38630 * CVE-2024-38633 * CVE-2024-38634 * CVE-2024-38635 * CVE-2024-38636 * CVE-2024-38661 * CVE-2024-38663 * CVE-2024-38664 * CVE-2024-38780 * CVE-2024-39277 * CVE-2024-39291 * CVE-2024-39296 * CVE-2024-39301 * CVE-2024-39362 * CVE-2024-39371 * CVE-2024-39463 * CVE-2024-39466 * CVE-2024-39469 * CVE-2024-39471 CVSS scores: * CVE-2021-47432 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48772 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52622 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52656 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2023-52672 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52699 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52735 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52749 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52750 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52753 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52753 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52754 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52757 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52759 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52762 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52763 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52764 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52765 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52766 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2023-52767 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52768 ( SUSE ): 5.6 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:H * CVE-2023-52769 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52769 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52773 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52773 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52774 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52776 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2023-52777 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52780 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52781 ( SUSE ): 4.3 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2023-52782 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52783 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52783 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52784 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52786 ( SUSE ): 3.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2023-52787 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52788 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52789 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52791 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52792 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52794 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2023-52795 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52796 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52798 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52799 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52800 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52801 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52803 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52804 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2023-52805 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2023-52806 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52806 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52807 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:H * CVE-2023-52808 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52809 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52809 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52810 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52811 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52812 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2023-52813 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52814 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52814 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52815 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52815 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52816 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52817 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52817 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52818 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2023-52819 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2023-52821 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52821 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52825 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52826 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52827 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2023-52827 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2023-52829 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2023-52832 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52833 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52834 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2023-52835 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2023-52836 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:N * CVE-2023-52837 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52838 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2023-52840 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52841 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52842 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52843 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52844 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52845 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52846 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52847 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2023-52849 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52850 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52851 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52853 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52854 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52855 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52856 ( SUSE ): 4.6 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52857 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52858 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52861 ( SUSE ): 4.3 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52862 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52863 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52864 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52865 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52866 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52867 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:H * CVE-2023-52868 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52869 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52870 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52871 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2023-52872 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52873 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52874 ( SUSE ): 3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N * CVE-2023-52875 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52876 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52877 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52878 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52879 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52880 ( SUSE ): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52881 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:L * CVE-2023-52883 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52884 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26625 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26676 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26750 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26780 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26813 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26814 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26845 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26889 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27414 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-27419 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N * CVE-2024-33619 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-34777 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-35247 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35807 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35827 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35831 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35843 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35848 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35857 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35880 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35884 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35886 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35892 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35896 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35898 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35900 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35925 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35926 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L * CVE-2024-35970 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35976 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35979 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35998 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36005 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36008 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36008 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36010 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36017 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-36024 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36281 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36477 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2024-36477 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36478 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36479 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36882 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36887 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36899 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36900 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36903 ( SUSE ): 5.6 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2024-36904 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36915 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-36916 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-36917 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36919 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36923 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2024-36924 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36926 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36926 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36934 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:L * CVE-2024-36935 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:L * CVE-2024-36937 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36938 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36938 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36945 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36952 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36957 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-36960 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-36962 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36964 ( SUSE ): 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36965 ( SUSE ): 5.6 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:H * CVE-2024-36965 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36967 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36967 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36969 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36969 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36971 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36971 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36972 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36973 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36975 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36977 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36978 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L * CVE-2024-37021 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-37078 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-37353 ( SUSE ): 3.9 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L * CVE-2024-37354 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2024-38381 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2024-38384 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38385 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38388 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-38390 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38391 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-38539 ( SUSE ): 2.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L * CVE-2024-38540 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38541 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-38543 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38544 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38545 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38546 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38547 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38548 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38549 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38550 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38551 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38552 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-38553 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38554 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38555 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38556 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38557 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38559 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-38560 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38562 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38564 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-38565 ( SUSE ): 5.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-38566 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38567 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38568 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L * CVE-2024-38569 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L * CVE-2024-38570 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-38571 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38572 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2024-38573 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38575 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38578 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2024-38579 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-38580 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38581 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-38582 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38583 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-38587 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L * CVE-2024-38588 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38590 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38591 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38592 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38594 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2024-38595 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-38597 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38599 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-38600 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38601 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38602 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38603 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38605 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38608 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L * CVE-2024-38610 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-38611 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L * CVE-2024-38615 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38616 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38617 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38618 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38619 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38621 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38622 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38627 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38628 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38629 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38630 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-38633 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38634 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38635 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38636 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-38661 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38663 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38664 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38664 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-38780 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38780 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-39277 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-39277 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-39291 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-39291 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-39296 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-39301 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-39362 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-39371 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-39463 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-39466 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-39469 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-39471 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP6 * Development Tools Module 15-SP6 * Legacy Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Availability Extension 15 SP6 * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Workstation Extension 15 SP6 An update that solves 285 vulnerabilities, contains three features and has 25 security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP6 kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2024-39371: io_uring: check for non-NULL file pointer in io_file_can_poll() (bsc#1226990). * CVE-2023-52846: hsr: Prevent use after free in prp_create_tagged_frame() (bsc#1225098). * CVE-2024-38610: drivers/virt/acrn: fix PFNMAP PTE checks in acrn_vm_ram_map() (bsc#1226758). * CVE-2024-37354: btrfs: fix crash on racing fsync and size-extending write into prealloc (bsc#1227101). * CVE-2024-36919: scsi: bnx2fc: Remove spin_lock_bh while releasing resources after upload (bsc#1225767). * CVE-2024-38559: scsi: qedf: Ensure the copied buf is NUL terminated (bsc#1226785). * CVE-2024-38570: gfs2: Fix potential glock use-after-free on unmount (bsc#1226775). * CVE-2024-36904: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique() (bsc#1225732). * CVE-2023-52840: Fix use after free in rmi_unregister_function() (bsc#1224928). * CVE-2024-38545: RDMA/hns: Fix UAF for cq async event (bsc#1226595). * CVE-2023-52834: atl1c: Work around the DMA RX overflow issue (bsc#1225599). * CVE-2023-52875: Add check for mtk_alloc_clk_data (bsc#1225096). * CVE-2023-52865: Add check for mtk_alloc_clk_data (bsc#1225086). * CVE-2023-52821: Fixed a possible null pointer dereference (bsc#1225022). * CVE-2023-52867: Fixed possible buffer overflow (bsc#1225009). * CVE-2024-38578: ecryptfs: Fix buffer size for tag 66 packet (bsc#1226634,). * CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000 (bsc#1225866). * CVE-2023-52759: Ignore negated quota changes (bsc#1225560). * CVE-2023-52796: Add ipvlan_route_v6_outbound() helper (bsc#1224930). * CVE-2023-52807: Fixed out-of-bounds access may occur when coalesce info is read via debugfs (bsc#1225097). * CVE-2023-52864: Fixed opening of char device (bsc#1225132). * CVE-2024-36926: Fixed LPAR panics during boot up with a frozen PE (bsc#1222011). * CVE-2023-52871: Handle a second device without data corruption (bsc#1225534) * CVE-2023-52795: Fixed use after free in vhost_vdpa_probe() (bsc#1225085). * CVE-2023-52881: tcp: do not accept ACK of bytes we never sent (bsc#1225611). * CVE-2024-37353: virtio: fixed a double free in vp_del_vqs() (bsc#1226875). * CVE-2024-39301: net/9p: fix uninit-value in p9_client_rpc() (bsc#1226994). * CVE-2024-35843: iommu/vt-d: Use device rbtree in iopf reporting path (bsc#1224751). * CVE-2024-37078: nilfs2: fix potential kernel bug due to lack of writeback flag waiting (bsc#1227066). * CVE-2024-35247: fpga: region: add owner module and take its refcount (bsc#1226948). * CVE-2024-36479: fpga: bridge: add owner module and take its refcount (bsc#1226949). * CVE-2024-37021: fpga: manager: add owner module and take its refcount (bsc#1226950). * CVE-2024-36281: net/mlx5: Use mlx5_ipsec_rx_status_destroy to correctly delete status rules (bsc#1226799). * CVE-2024-38580: epoll: be better about file lifetimes (bsc#1226610). * CVE-2024-36478: null_blk: fix null-ptr-dereference while configuring 'power' and 'submit_queues' (bsc#1226841). * CVE-2024-38636: f2fs: multidev: fix to recognize valid zero block address (bsc#1226879). * CVE-2024-38661: s390/ap: Fix crash in AP internal function modify_bitmap() (bsc#1226996). * CVE-2024-38564: bpf: Add BPF_PROG_TYPE_CGROUP_SKB attach type enforcement in BPF_LINK_CREATE (bsc#1226789). * CVE-2024-38560: scsi: bfa: Ensure the copied buf is NUL terminated (bsc#1226786). * CVE-2024-36978: net: sched: sch_multiq: fix possible OOB write in multiq_tune() (bsc#1226514). * CVE-2024-36917: block: fix overflow in blk_ioctl_discard() (bsc#1225770). * CVE-2024-38627: stm class: Fix a double free in stm_register_device() (bsc#1226857). * CVE-2024-38603: drivers/perf: hisi: hns3: Actually use devm_add_action_or_reset() (bsc#1226842). * CVE-2024-38553: net: fec: remove .ndo_poll_controller to avoid deadlock (bsc#1226744). * CVE-2024-38555: net/mlx5: Discard command completions in internal error (bsc#1226607). * CVE-2024-38556: net/mlx5: Add a timeout to acquire the command queue semaphore (bsc#1226774). * CVE-2024-38557: net/mlx5: Reload only IB representors upon lag disable/enable (bsc#1226781). * CVE-2024-38608: net/mlx5e: Fix netif state handling (bsc#1226746). * CVE-2024-38597: eth: sungem: remove .ndo_poll_controller to avoid deadlocks (bsc#1226749). * CVE-2024-38594: net: stmmac: move the EST lock to struct stmmac_priv (bsc#1226734). * CVE-2024-38569: drivers/perf: hisi_pcie: Fix out-of-bound access when valid event group (bsc#1226772). * CVE-2024-38568: drivers/perf: hisi: hns3: Fix out-of-bound access when valid event group (bsc#1226771). * CVE-2024-26814: vfio/fsl-mc: Block calling interrupt handler without trigger (bsc#1222810). * CVE-2024-26813: vfio/platform: Create persistent IRQ handlers (bsc#1222809). * CVE-2024-36945: net/smc: fix neighbour and rtable leak in smc_ib_find_route() (bsc#1225823). * CVE-2024-36923: fs/9p: fix uninitialized values during inode evict (bsc#1225815). * CVE-2024-36971: net: fix __dst_negative_advice() race (bsc#1226145). * CVE-2024-27414: rtnetlink: fix error logic of IFLA_BRIDGE_FLAGS writing back (bsc#1224439). * CVE-2024-35886: ipv6: Fix infinite recursion in fib6_dump_done() (bsc#1224670). * CVE-2024-36024: drm/amd/display: Disable idle reallow as part of command/gpint execution (bsc#1225702). * CVE-2024-36903: ipv6: Fix potential uninit-value access in __ip6_make_skb() (bsc#1225741). * CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1225737). * CVE-2024-35979: raid1: fix use-after-free for original bio in raid1_write_request() (bsc#1224572). * CVE-2024-35807: ext4: fix corruption during on-line resize (bsc#1224735). * CVE-2023-52622: ext4: avoid online resizing failures due to oversized flex bg (bsc#1222080). * CVE-2023-52843: llc: verify mac len before reading mac header (bsc#1224951). * CVE-2024-35898: netfilter: nf_tables: Fix potential data-race in __nft_flowtable_type_get() (bsc#1224498). * CVE-2024-36915: nfc: llcp: fix nfc_llcp_setsockopt() unsafe copies (bsc#1225758). * CVE-2024-36882: mm: use memalloc_nofs_save() in page_cache_ra_order() (bsc#1225723). * CVE-2024-36916: blk-iocost: avoid out of bounds shift (bsc#1225759). * CVE-2024-36900: net: hns3: fix kernel crash when devlink reload during initialization (bsc#1225726). * CVE-2023-52787: blk-mq: make sure active queue usage is held for bio_integrity_prep() (bsc#1225105). * CVE-2024-35925: block: prevent division by zero in blk_rq_stat_sum() (bsc#1224661). * CVE-2023-52837: nbd: fix uaf in nbd_open (bsc#1224935). * CVE-2023-52786: ext4: fix racy may inline data check in dio write (bsc#1224939). * CVE-2024-36934: bna: ensure the copied buf is NUL terminated (bsc#1225760). * CVE-2024-36935: ice: ensure the copied buf is NUL terminated (bsc#1225763). * CVE-2024-36937: xdp: use flags field to disambiguate broadcast redirect (bsc#1225834). * CVE-2023-52672: pipe: wakeup wr_wait after setting max_usage (bsc#1224614). * CVE-2023-52845: tipc: Change nla_policy for bearer-related names to NLA_NUL_STRING (bsc#1225585). * CVE-2024-36005: netfilter: nf_tables: honor table dormant flag from netdev release event path (bsc#1224539). * CVE-2024-26845: scsi: target: core: Add TMF to tmr_list handling (bsc#1223018). * CVE-2024-35892: net/sched: fix lockdep splat in qdisc_tree_reduce_backlog() (bsc#1224515). * CVE-2024-35848: eeprom: at24: fix memory corruption race condition (bsc#1224612). * CVE-2024-35884: udp: do not accept non-tunnel GSO skbs landing in a tunnel (bsc#1224520). * CVE-2024-35857: icmp: prevent possible NULL dereferences from icmp_build_probe() (bsc#1224619). * CVE-2023-52735: bpf, sockmap: Don't let sock_map_{close,destroy,unhash} call itself (bsc#1225475). * CVE-2024-35926: crypto: iaa - Fix async_disable descriptor leak (bsc#1224655). * CVE-2024-35976: Validate user input for XDP_{UMEM|COMPLETION}_FILL_RING (bsc#1224575). * CVE-2024-36938: Fixed NULL pointer dereference in sk_psock_skb_ingress_enqueue (bsc#1225761). * CVE-2024-36008: ipv4: check for NULL idev in ip_route_use_hint() (bsc#1224540). * CVE-2024-35998: Fixed lock ordering potential deadlock in cifs_sync_mid_result (bsc#1224549). * CVE-2023-52757: Fixed potential deadlock when releasing mids (bsc#1225548). * CVE-2024-27419: Fixed data-races around sysctl_net_busy_read (bsc#1224759) * CVE-2024-36957: octeontx2-af: avoid off-by-one read from userspace (bsc#1225762). * CVE-2024-26625: Call sock_orphan() at release time (bsc#1221086) * CVE-2024-35880: io_uring/kbuf: hold io_buffer_list reference over mmap (bsc#1224523). * CVE-2024-35831: io_uring: Fix release of pinned pages when __io_uaddr_map fails (bsc#1224698). * CVE-2024-35827: io_uring/net: fix overflow check in io_recvmsg_mshot_prep() (bsc#1224606). * CVE-2023-52656: Dropped any code related to SCM_RIGHTS (bsc#1224187). * CVE-2023-52699: sysv: don't call sb_bread() with pointers_lock held (bsc#1224659). The following non-security bugs were fixed: * KVM: arm64: Use local TLBI on permission relaxation (bsc#1219478). * KVM: x86/pmu: Prioritize VMX interception over #GP on RDPMC due to bad index (bsc#1226158). * NFS: abort nfs_atomic_open_v23 if name is too long (bsc#1219847). * NFS: add atomic_open for NFSv3 to handle O_TRUNC correctly (bsc#1219847). * NFS: avoid infinite loop in pnfs_update_layout (bsc#1219633 bsc#1226226). * PCI: Clear Secondary Status errors after enumeration (bsc#1226928) * RAS/AMD/ATL: Fix MI300 bank hash (bsc#1225300). * RAS/AMD/ATL: Use system settings for MI300 DRAM to normalized address translation (bsc#1225300). * Revert "build initrd without systemd" (bsc#1195775)" * arm64: mm: Batch dsb and isb when populating pgtables (jsc#PED-8688). * arm64: mm: Do not remap pgtables for allocate vs populate (jsc#PED-8688). * arm64: mm: Do not remap pgtables per-cont(pte|pmd) block (jsc#PED-8688). * bpf: check bpf_func_state->callback_depth when pruning states (bsc#1225903). * bpf: correct loop detection for iterators convergence (bsc#1225903). * bpf: exact states comparison for iterator convergence checks (bsc#1225903). * bpf: extract __check_reg_arg() utility function (bsc#1225903). * bpf: extract same_callsites() as utility function (bsc#1225903). * bpf: extract setup_func_entry() utility function (bsc#1225903). * bpf: keep track of max number of bpf_loop callback iterations (bsc#1225903). * bpf: move explored_state() closer to the beginning of verifier.c (bsc#1225903). * bpf: print full verifier states on infinite loop detection (bsc#1225903). * bpf: verify callbacks as if they are called unknown number of times (bsc#1225903). * bpf: widening for callback iterators (bsc#1225903). * cachefiles: remove requests from xarray during flushing requests (bsc#1226588). * ceph: add ceph_cap_unlink_work to fire check_caps() immediately (bsc#1226022). * ceph: always check dir caps asynchronously (bsc#1226022). * ceph: always queue a writeback when revoking the Fb caps (bsc#1226022). * ceph: break the check delayed cap loop every 5s (bsc#1226022). * ceph: switch to use cap_delay_lock for the unlink delay list (bsc#1226022). * crypto: deflate - Add aliases to deflate (bsc#1227190). * crypto: iaa - Account for cpu-less numa nodes (bsc#1227190). * ipvs: Fix checksumming on GSO of SCTP packets (bsc#1221958) * kABI: bpf: verifier kABI workaround (bsc#1225903). * net: ena: Fix redundant device NUMA node override (jsc#PED-8688). * net: mana: Enable MANA driver on ARM64 with 4K page size (jsc#PED-8491). * nfs: Avoid flushing many pages with NFS_FILE_SYNC (bsc#1218442). * nfs: Bump default write congestion size (bsc#1218442). * nfsd: optimise recalculate_deny_mode() for a common case (bsc#1217912). * nvme-fabrics: short-circuit reconnect retries (bsc#1186716). * nvme-tcp: Export the nvme_tcp_wq to sysfs (bsc#1224049). * nvme/tcp: Add wq_unbound modparam for nvme_tcp_wq (bsc#1224049). * nvme: do not retry authentication failures (bsc#1186716). * nvme: return kernel error codes for admin queue connect (bsc#1186716). * nvmet: lock config semaphore when accessing DH-HMAC-CHAP key (bsc#1186716). * nvmet: return DHCHAP status codes from nvmet_setup_auth() (bsc#1186716). * ocfs2: adjust enabling place for la window (bsc#1219224). * ocfs2: fix sparse warnings (bsc#1219224). * ocfs2: improve write IO performance when fragmentation is high (bsc#1219224). * ocfs2: speed up chain-list searching (bsc#1219224). * rpm/kernel-obs-build.spec.in: Add iso9660 (bsc#1226212). * rpm/kernel-obs-build.spec.in: Add networking modules for docker (bsc#1226211). * s390/cpacf: Make use of invalid opcode produce a link error (bsc#1227072). * sched/core: Fix incorrect initialization of the 'burst' parameter in cpu_max_write() (bsc#1226791). * selftests/bpf: test case for callback_depth states pruning logic (bsc#1225903). * selftests/bpf: test if state loops are detected in a tricky case (bsc#1225903). * selftests/bpf: test widening for iterating callbacks (bsc#1225903). * selftests/bpf: tests for iterating callbacks (bsc#1225903). * selftests/bpf: tests with delayed read/precision makrs in loop body (bsc#1225903). * selftests/bpf: track string payload offset as scalar in strobemeta (bsc#1225903). * selftests/bpf: track tcp payload offset as scalar in xdp_synproxy (bsc#1225903). * supported.conf: Add APM X-Gene SoC hardware monitoring driver (bsc#1223265 jsc#PED-8570) * tcp: Dump bound-only sockets in inet_diag (bsc#1204562). * x86/mce: Dynamically size space for machine check records (bsc#1222241). * x86/tsc: Trust initial offset in architectural TSC-adjust MSRs (bsc#1222015 bsc#1226962). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-2571=1 SUSE-2024-2571=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-2571=1 * Development Tools Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2024-2571=1 * Legacy Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Legacy-15-SP6-2024-2571=1 * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2024-2571=1 Please note that this is the initial kernel livepatch without fixes itself, this package is later updated by separate standalone kernel livepatch updates. * SUSE Linux Enterprise High Availability Extension 15 SP6 zypper in -t patch SUSE-SLE-Product-HA-15-SP6-2024-2571=1 * SUSE Linux Enterprise Workstation Extension 15 SP6 zypper in -t patch SUSE-SLE-Product-WE-15-SP6-2024-2571=1 ## Package List: * openSUSE Leap 15.6 (noarch nosrc) * kernel-docs-6.4.0-150600.23.14.2 * openSUSE Leap 15.6 (noarch) * kernel-source-vanilla-6.4.0-150600.23.14.2 * kernel-devel-6.4.0-150600.23.14.2 * kernel-source-6.4.0-150600.23.14.2 * kernel-docs-html-6.4.0-150600.23.14.2 * kernel-macros-6.4.0-150600.23.14.2 * openSUSE Leap 15.6 (nosrc ppc64le x86_64) * kernel-debug-6.4.0-150600.23.14.2 * openSUSE Leap 15.6 (ppc64le x86_64) * kernel-debug-debugsource-6.4.0-150600.23.14.2 * kernel-debug-devel-6.4.0-150600.23.14.2 * kernel-debug-livepatch-devel-6.4.0-150600.23.14.2 * kernel-debug-devel-debuginfo-6.4.0-150600.23.14.2 * kernel-debug-debuginfo-6.4.0-150600.23.14.2 * openSUSE Leap 15.6 (x86_64) * kernel-debug-vdso-debuginfo-6.4.0-150600.23.14.2 * kernel-debug-vdso-6.4.0-150600.23.14.2 * kernel-kvmsmall-vdso-6.4.0-150600.23.14.2 * kernel-default-vdso-debuginfo-6.4.0-150600.23.14.2 * kernel-default-vdso-6.4.0-150600.23.14.2 * kernel-kvmsmall-vdso-debuginfo-6.4.0-150600.23.14.2 * openSUSE Leap 15.6 (aarch64 ppc64le x86_64) * kernel-kvmsmall-debugsource-6.4.0-150600.23.14.2 * kernel-kvmsmall-devel-debuginfo-6.4.0-150600.23.14.2 * kernel-kvmsmall-debuginfo-6.4.0-150600.23.14.2 * kernel-default-base-rebuild-6.4.0-150600.23.14.2.150600.12.4.3 * kernel-default-base-6.4.0-150600.23.14.2.150600.12.4.3 * kernel-kvmsmall-livepatch-devel-6.4.0-150600.23.14.2 * kernel-kvmsmall-devel-6.4.0-150600.23.14.2 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * kernel-obs-build-debugsource-6.4.0-150600.23.14.2 * ocfs2-kmp-default-debuginfo-6.4.0-150600.23.14.2 * kernel-default-livepatch-6.4.0-150600.23.14.2 * kernel-obs-build-6.4.0-150600.23.14.2 * reiserfs-kmp-default-debuginfo-6.4.0-150600.23.14.2 * kernel-syms-6.4.0-150600.23.14.2 * kernel-default-extra-debuginfo-6.4.0-150600.23.14.2 * ocfs2-kmp-default-6.4.0-150600.23.14.2 * kernel-default-extra-6.4.0-150600.23.14.2 * kernel-default-optional-debuginfo-6.4.0-150600.23.14.2 * kernel-default-optional-6.4.0-150600.23.14.2 * gfs2-kmp-default-6.4.0-150600.23.14.2 * kselftests-kmp-default-debuginfo-6.4.0-150600.23.14.2 * dlm-kmp-default-debuginfo-6.4.0-150600.23.14.2 * kselftests-kmp-default-6.4.0-150600.23.14.2 * reiserfs-kmp-default-6.4.0-150600.23.14.2 * kernel-default-devel-6.4.0-150600.23.14.2 * kernel-default-debuginfo-6.4.0-150600.23.14.2 * kernel-default-devel-debuginfo-6.4.0-150600.23.14.2 * kernel-default-livepatch-devel-6.4.0-150600.23.14.2 * dlm-kmp-default-6.4.0-150600.23.14.2 * kernel-default-debugsource-6.4.0-150600.23.14.2 * gfs2-kmp-default-debuginfo-6.4.0-150600.23.14.2 * cluster-md-kmp-default-debuginfo-6.4.0-150600.23.14.2 * cluster-md-kmp-default-6.4.0-150600.23.14.2 * kernel-obs-qa-6.4.0-150600.23.14.2 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-6.4.0-150600.23.14.2 * openSUSE Leap 15.6 (aarch64 nosrc ppc64le x86_64) * kernel-kvmsmall-6.4.0-150600.23.14.2 * openSUSE Leap 15.6 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150600_23_14-default-1-150600.13.3.2 * kernel-livepatch-6_4_0-150600_23_14-default-debuginfo-1-150600.13.3.2 * kernel-livepatch-SLE15-SP6_Update_2-debugsource-1-150600.13.3.2 * openSUSE Leap 15.6 (nosrc s390x) * kernel-zfcpdump-6.4.0-150600.23.14.2 * openSUSE Leap 15.6 (s390x) * kernel-zfcpdump-debuginfo-6.4.0-150600.23.14.2 * kernel-zfcpdump-debugsource-6.4.0-150600.23.14.2 * openSUSE Leap 15.6 (nosrc) * dtb-aarch64-6.4.0-150600.23.14.1 * openSUSE Leap 15.6 (aarch64) * dlm-kmp-64kb-6.4.0-150600.23.14.1 * kernel-64kb-devel-debuginfo-6.4.0-150600.23.14.1 * dtb-cavium-6.4.0-150600.23.14.1 * dtb-socionext-6.4.0-150600.23.14.1 * dtb-hisilicon-6.4.0-150600.23.14.1 * kernel-64kb-livepatch-devel-6.4.0-150600.23.14.1 * kselftests-kmp-64kb-debuginfo-6.4.0-150600.23.14.1 * dtb-apple-6.4.0-150600.23.14.1 * dlm-kmp-64kb-debuginfo-6.4.0-150600.23.14.1 * kernel-64kb-debuginfo-6.4.0-150600.23.14.1 * dtb-sprd-6.4.0-150600.23.14.1 * dtb-broadcom-6.4.0-150600.23.14.1 * kernel-64kb-devel-6.4.0-150600.23.14.1 * kernel-64kb-extra-6.4.0-150600.23.14.1 * reiserfs-kmp-64kb-debuginfo-6.4.0-150600.23.14.1 * dtb-marvell-6.4.0-150600.23.14.1 * gfs2-kmp-64kb-6.4.0-150600.23.14.1 * ocfs2-kmp-64kb-6.4.0-150600.23.14.1 * dtb-amlogic-6.4.0-150600.23.14.1 * dtb-mediatek-6.4.0-150600.23.14.1 * dtb-apm-6.4.0-150600.23.14.1 * dtb-arm-6.4.0-150600.23.14.1 * gfs2-kmp-64kb-debuginfo-6.4.0-150600.23.14.1 * dtb-freescale-6.4.0-150600.23.14.1 * reiserfs-kmp-64kb-6.4.0-150600.23.14.1 * kselftests-kmp-64kb-6.4.0-150600.23.14.1 * kernel-64kb-debugsource-6.4.0-150600.23.14.1 * dtb-qcom-6.4.0-150600.23.14.1 * dtb-exynos-6.4.0-150600.23.14.1 * dtb-xilinx-6.4.0-150600.23.14.1 * kernel-64kb-optional-6.4.0-150600.23.14.1 * dtb-renesas-6.4.0-150600.23.14.1 * dtb-amazon-6.4.0-150600.23.14.1 * cluster-md-kmp-64kb-debuginfo-6.4.0-150600.23.14.1 * dtb-nvidia-6.4.0-150600.23.14.1 * dtb-lg-6.4.0-150600.23.14.1 * kernel-64kb-optional-debuginfo-6.4.0-150600.23.14.1 * dtb-allwinner-6.4.0-150600.23.14.1 * cluster-md-kmp-64kb-6.4.0-150600.23.14.1 * kernel-64kb-extra-debuginfo-6.4.0-150600.23.14.1 * dtb-altera-6.4.0-150600.23.14.1 * ocfs2-kmp-64kb-debuginfo-6.4.0-150600.23.14.1 * dtb-rockchip-6.4.0-150600.23.14.1 * dtb-amd-6.4.0-150600.23.14.1 * openSUSE Leap 15.6 (aarch64 nosrc) * kernel-64kb-6.4.0-150600.23.14.1 * Basesystem Module 15-SP6 (aarch64 nosrc) * kernel-64kb-6.4.0-150600.23.14.1 * Basesystem Module 15-SP6 (aarch64) * kernel-64kb-devel-debuginfo-6.4.0-150600.23.14.1 * kernel-64kb-debuginfo-6.4.0-150600.23.14.1 * kernel-64kb-devel-6.4.0-150600.23.14.1 * kernel-64kb-debugsource-6.4.0-150600.23.14.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-6.4.0-150600.23.14.2 * Basesystem Module 15-SP6 (aarch64 ppc64le x86_64) * kernel-default-base-6.4.0-150600.23.14.2.150600.12.4.3 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * kernel-default-debugsource-6.4.0-150600.23.14.2 * kernel-default-devel-6.4.0-150600.23.14.2 * kernel-default-devel-debuginfo-6.4.0-150600.23.14.2 * kernel-default-debuginfo-6.4.0-150600.23.14.2 * Basesystem Module 15-SP6 (noarch) * kernel-devel-6.4.0-150600.23.14.2 * kernel-macros-6.4.0-150600.23.14.2 * Basesystem Module 15-SP6 (nosrc s390x) * kernel-zfcpdump-6.4.0-150600.23.14.2 * Basesystem Module 15-SP6 (s390x) * kernel-zfcpdump-debuginfo-6.4.0-150600.23.14.2 * kernel-zfcpdump-debugsource-6.4.0-150600.23.14.2 * Development Tools Module 15-SP6 (noarch nosrc) * kernel-docs-6.4.0-150600.23.14.2 * Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64) * kernel-obs-build-debugsource-6.4.0-150600.23.14.2 * kernel-syms-6.4.0-150600.23.14.2 * kernel-obs-build-6.4.0-150600.23.14.2 * Development Tools Module 15-SP6 (noarch) * kernel-source-6.4.0-150600.23.14.2 * Legacy Module 15-SP6 (nosrc) * kernel-default-6.4.0-150600.23.14.2 * Legacy Module 15-SP6 (aarch64 ppc64le s390x x86_64) * kernel-default-debugsource-6.4.0-150600.23.14.2 * reiserfs-kmp-default-debuginfo-6.4.0-150600.23.14.2 * reiserfs-kmp-default-6.4.0-150600.23.14.2 * kernel-default-debuginfo-6.4.0-150600.23.14.2 * SUSE Linux Enterprise Live Patching 15-SP6 (nosrc) * kernel-default-6.4.0-150600.23.14.2 * SUSE Linux Enterprise Live Patching 15-SP6 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150600_23_14-default-debuginfo-1-150600.13.3.2 * kernel-livepatch-SLE15-SP6_Update_2-debugsource-1-150600.13.3.2 * kernel-livepatch-6_4_0-150600_23_14-default-1-150600.13.3.2 * kernel-default-debugsource-6.4.0-150600.23.14.2 * kernel-default-livepatch-6.4.0-150600.23.14.2 * kernel-default-debuginfo-6.4.0-150600.23.14.2 * kernel-default-livepatch-devel-6.4.0-150600.23.14.2 * SUSE Linux Enterprise High Availability Extension 15 SP6 (aarch64 ppc64le s390x x86_64) * gfs2-kmp-default-6.4.0-150600.23.14.2 * dlm-kmp-default-6.4.0-150600.23.14.2 * ocfs2-kmp-default-debuginfo-6.4.0-150600.23.14.2 * dlm-kmp-default-debuginfo-6.4.0-150600.23.14.2 * ocfs2-kmp-default-6.4.0-150600.23.14.2 * kernel-default-debugsource-6.4.0-150600.23.14.2 * gfs2-kmp-default-debuginfo-6.4.0-150600.23.14.2 * cluster-md-kmp-default-debuginfo-6.4.0-150600.23.14.2 * kernel-default-debuginfo-6.4.0-150600.23.14.2 * cluster-md-kmp-default-6.4.0-150600.23.14.2 * SUSE Linux Enterprise High Availability Extension 15 SP6 (nosrc) * kernel-default-6.4.0-150600.23.14.2 * SUSE Linux Enterprise Workstation Extension 15 SP6 (nosrc) * kernel-default-6.4.0-150600.23.14.2 * SUSE Linux Enterprise Workstation Extension 15 SP6 (x86_64) * kernel-default-extra-6.4.0-150600.23.14.2 * kernel-default-extra-debuginfo-6.4.0-150600.23.14.2 * kernel-default-debugsource-6.4.0-150600.23.14.2 * kernel-default-debuginfo-6.4.0-150600.23.14.2 ## References: * https://www.suse.com/security/cve/CVE-2021-47432.html * https://www.suse.com/security/cve/CVE-2022-48772.html * https://www.suse.com/security/cve/CVE-2023-52622.html * https://www.suse.com/security/cve/CVE-2023-52656.html * https://www.suse.com/security/cve/CVE-2023-52672.html * https://www.suse.com/security/cve/CVE-2023-52699.html * https://www.suse.com/security/cve/CVE-2023-52735.html * https://www.suse.com/security/cve/CVE-2023-52749.html * https://www.suse.com/security/cve/CVE-2023-52750.html * https://www.suse.com/security/cve/CVE-2023-52753.html * https://www.suse.com/security/cve/CVE-2023-52754.html * https://www.suse.com/security/cve/CVE-2023-52757.html * https://www.suse.com/security/cve/CVE-2023-52759.html * https://www.suse.com/security/cve/CVE-2023-52762.html * https://www.suse.com/security/cve/CVE-2023-52763.html * https://www.suse.com/security/cve/CVE-2023-52764.html * https://www.suse.com/security/cve/CVE-2023-52765.html * https://www.suse.com/security/cve/CVE-2023-52766.html * https://www.suse.com/security/cve/CVE-2023-52767.html * https://www.suse.com/security/cve/CVE-2023-52768.html * https://www.suse.com/security/cve/CVE-2023-52769.html * https://www.suse.com/security/cve/CVE-2023-52773.html * https://www.suse.com/security/cve/CVE-2023-52774.html * https://www.suse.com/security/cve/CVE-2023-52776.html * https://www.suse.com/security/cve/CVE-2023-52777.html * https://www.suse.com/security/cve/CVE-2023-52780.html * https://www.suse.com/security/cve/CVE-2023-52781.html * https://www.suse.com/security/cve/CVE-2023-52782.html * https://www.suse.com/security/cve/CVE-2023-52783.html * https://www.suse.com/security/cve/CVE-2023-52784.html * https://www.suse.com/security/cve/CVE-2023-52786.html * https://www.suse.com/security/cve/CVE-2023-52787.html * https://www.suse.com/security/cve/CVE-2023-52788.html * https://www.suse.com/security/cve/CVE-2023-52789.html * https://www.suse.com/security/cve/CVE-2023-52791.html * https://www.suse.com/security/cve/CVE-2023-52792.html * https://www.suse.com/security/cve/CVE-2023-52794.html * https://www.suse.com/security/cve/CVE-2023-52795.html * https://www.suse.com/security/cve/CVE-2023-52796.html * https://www.suse.com/security/cve/CVE-2023-52798.html * https://www.suse.com/security/cve/CVE-2023-52799.html * https://www.suse.com/security/cve/CVE-2023-52800.html * https://www.suse.com/security/cve/CVE-2023-52801.html * https://www.suse.com/security/cve/CVE-2023-52803.html * https://www.suse.com/security/cve/CVE-2023-52804.html * https://www.suse.com/security/cve/CVE-2023-52805.html * https://www.suse.com/security/cve/CVE-2023-52806.html * https://www.suse.com/security/cve/CVE-2023-52807.html * https://www.suse.com/security/cve/CVE-2023-52808.html * https://www.suse.com/security/cve/CVE-2023-52809.html * https://www.suse.com/security/cve/CVE-2023-52810.html * https://www.suse.com/security/cve/CVE-2023-52811.html * https://www.suse.com/security/cve/CVE-2023-52812.html * https://www.suse.com/security/cve/CVE-2023-52813.html * https://www.suse.com/security/cve/CVE-2023-52814.html * https://www.suse.com/security/cve/CVE-2023-52815.html * https://www.suse.com/security/cve/CVE-2023-52816.html * https://www.suse.com/security/cve/CVE-2023-52817.html * https://www.suse.com/security/cve/CVE-2023-52818.html * https://www.suse.com/security/cve/CVE-2023-52819.html * https://www.suse.com/security/cve/CVE-2023-52821.html * https://www.suse.com/security/cve/CVE-2023-52825.html * https://www.suse.com/security/cve/CVE-2023-52826.html * https://www.suse.com/security/cve/CVE-2023-52827.html * https://www.suse.com/security/cve/CVE-2023-52829.html * https://www.suse.com/security/cve/CVE-2023-52832.html * https://www.suse.com/security/cve/CVE-2023-52833.html * https://www.suse.com/security/cve/CVE-2023-52834.html * https://www.suse.com/security/cve/CVE-2023-52835.html * https://www.suse.com/security/cve/CVE-2023-52836.html * https://www.suse.com/security/cve/CVE-2023-52837.html * https://www.suse.com/security/cve/CVE-2023-52838.html * https://www.suse.com/security/cve/CVE-2023-52840.html * https://www.suse.com/security/cve/CVE-2023-52841.html * https://www.suse.com/security/cve/CVE-2023-52842.html * https://www.suse.com/security/cve/CVE-2023-52843.html * https://www.suse.com/security/cve/CVE-2023-52844.html * https://www.suse.com/security/cve/CVE-2023-52845.html * https://www.suse.com/security/cve/CVE-2023-52846.html * https://www.suse.com/security/cve/CVE-2023-52847.html * https://www.suse.com/security/cve/CVE-2023-52849.html * https://www.suse.com/security/cve/CVE-2023-52850.html * https://www.suse.com/security/cve/CVE-2023-52851.html * https://www.suse.com/security/cve/CVE-2023-52853.html * https://www.suse.com/security/cve/CVE-2023-52854.html * https://www.suse.com/security/cve/CVE-2023-52855.html * https://www.suse.com/security/cve/CVE-2023-52856.html * https://www.suse.com/security/cve/CVE-2023-52857.html * https://www.suse.com/security/cve/CVE-2023-52858.html * https://www.suse.com/security/cve/CVE-2023-52861.html * https://www.suse.com/security/cve/CVE-2023-52862.html * https://www.suse.com/security/cve/CVE-2023-52863.html * https://www.suse.com/security/cve/CVE-2023-52864.html * https://www.suse.com/security/cve/CVE-2023-52865.html * https://www.suse.com/security/cve/CVE-2023-52866.html * https://www.suse.com/security/cve/CVE-2023-52867.html * https://www.suse.com/security/cve/CVE-2023-52868.html * https://www.suse.com/security/cve/CVE-2023-52869.html * https://www.suse.com/security/cve/CVE-2023-52870.html * https://www.suse.com/security/cve/CVE-2023-52871.html * https://www.suse.com/security/cve/CVE-2023-52872.html * https://www.suse.com/security/cve/CVE-2023-52873.html * https://www.suse.com/security/cve/CVE-2023-52874.html * https://www.suse.com/security/cve/CVE-2023-52875.html * https://www.suse.com/security/cve/CVE-2023-52876.html * https://www.suse.com/security/cve/CVE-2023-52877.html * https://www.suse.com/security/cve/CVE-2023-52878.html * https://www.suse.com/security/cve/CVE-2023-52879.html * https://www.suse.com/security/cve/CVE-2023-52880.html * https://www.suse.com/security/cve/CVE-2023-52881.html * https://www.suse.com/security/cve/CVE-2023-52883.html * https://www.suse.com/security/cve/CVE-2023-52884.html * https://www.suse.com/security/cve/CVE-2024-26482.html * https://www.suse.com/security/cve/CVE-2024-26625.html * https://www.suse.com/security/cve/CVE-2024-26676.html * https://www.suse.com/security/cve/CVE-2024-26750.html * https://www.suse.com/security/cve/CVE-2024-26758.html * https://www.suse.com/security/cve/CVE-2024-26767.html * https://www.suse.com/security/cve/CVE-2024-26780.html * https://www.suse.com/security/cve/CVE-2024-26813.html * https://www.suse.com/security/cve/CVE-2024-26814.html * https://www.suse.com/security/cve/CVE-2024-26845.html * https://www.suse.com/security/cve/CVE-2024-26889.html * https://www.suse.com/security/cve/CVE-2024-26920.html * https://www.suse.com/security/cve/CVE-2024-27414.html * https://www.suse.com/security/cve/CVE-2024-27419.html * https://www.suse.com/security/cve/CVE-2024-33619.html * https://www.suse.com/security/cve/CVE-2024-34777.html * https://www.suse.com/security/cve/CVE-2024-35247.html * https://www.suse.com/security/cve/CVE-2024-35807.html * https://www.suse.com/security/cve/CVE-2024-35827.html * https://www.suse.com/security/cve/CVE-2024-35831.html * https://www.suse.com/security/cve/CVE-2024-35843.html * https://www.suse.com/security/cve/CVE-2024-35848.html * https://www.suse.com/security/cve/CVE-2024-35857.html * https://www.suse.com/security/cve/CVE-2024-35880.html * https://www.suse.com/security/cve/CVE-2024-35884.html * https://www.suse.com/security/cve/CVE-2024-35886.html * https://www.suse.com/security/cve/CVE-2024-35892.html * https://www.suse.com/security/cve/CVE-2024-35896.html * https://www.suse.com/security/cve/CVE-2024-35898.html * https://www.suse.com/security/cve/CVE-2024-35900.html * https://www.suse.com/security/cve/CVE-2024-35925.html * https://www.suse.com/security/cve/CVE-2024-35926.html * https://www.suse.com/security/cve/CVE-2024-35957.html * https://www.suse.com/security/cve/CVE-2024-35962.html * https://www.suse.com/security/cve/CVE-2024-35970.html * https://www.suse.com/security/cve/CVE-2024-35976.html * https://www.suse.com/security/cve/CVE-2024-35979.html * https://www.suse.com/security/cve/CVE-2024-35998.html * https://www.suse.com/security/cve/CVE-2024-36005.html * https://www.suse.com/security/cve/CVE-2024-36008.html * https://www.suse.com/security/cve/CVE-2024-36010.html * https://www.suse.com/security/cve/CVE-2024-36017.html * https://www.suse.com/security/cve/CVE-2024-36024.html * https://www.suse.com/security/cve/CVE-2024-36281.html * https://www.suse.com/security/cve/CVE-2024-36477.html * https://www.suse.com/security/cve/CVE-2024-36478.html * https://www.suse.com/security/cve/CVE-2024-36479.html * https://www.suse.com/security/cve/CVE-2024-36882.html * https://www.suse.com/security/cve/CVE-2024-36887.html * https://www.suse.com/security/cve/CVE-2024-36899.html * https://www.suse.com/security/cve/CVE-2024-36900.html * https://www.suse.com/security/cve/CVE-2024-36903.html * https://www.suse.com/security/cve/CVE-2024-36904.html * https://www.suse.com/security/cve/CVE-2024-36915.html * https://www.suse.com/security/cve/CVE-2024-36916.html * https://www.suse.com/security/cve/CVE-2024-36917.html * https://www.suse.com/security/cve/CVE-2024-36919.html * https://www.suse.com/security/cve/CVE-2024-36923.html * https://www.suse.com/security/cve/CVE-2024-36924.html * https://www.suse.com/security/cve/CVE-2024-36926.html * https://www.suse.com/security/cve/CVE-2024-36934.html * https://www.suse.com/security/cve/CVE-2024-36935.html * https://www.suse.com/security/cve/CVE-2024-36937.html * https://www.suse.com/security/cve/CVE-2024-36938.html * https://www.suse.com/security/cve/CVE-2024-36945.html * https://www.suse.com/security/cve/CVE-2024-36952.html * https://www.suse.com/security/cve/CVE-2024-36957.html * https://www.suse.com/security/cve/CVE-2024-36960.html * https://www.suse.com/security/cve/CVE-2024-36962.html * https://www.suse.com/security/cve/CVE-2024-36964.html * https://www.suse.com/security/cve/CVE-2024-36965.html * https://www.suse.com/security/cve/CVE-2024-36967.html * https://www.suse.com/security/cve/CVE-2024-36969.html * https://www.suse.com/security/cve/CVE-2024-36971.html * https://www.suse.com/security/cve/CVE-2024-36972.html * https://www.suse.com/security/cve/CVE-2024-36973.html * https://www.suse.com/security/cve/CVE-2024-36975.html * https://www.suse.com/security/cve/CVE-2024-36977.html * https://www.suse.com/security/cve/CVE-2024-36978.html * https://www.suse.com/security/cve/CVE-2024-37021.html * https://www.suse.com/security/cve/CVE-2024-37078.html * https://www.suse.com/security/cve/CVE-2024-37353.html * https://www.suse.com/security/cve/CVE-2024-37354.html * https://www.suse.com/security/cve/CVE-2024-38381.html * https://www.suse.com/security/cve/CVE-2024-38384.html * https://www.suse.com/security/cve/CVE-2024-38385.html * https://www.suse.com/security/cve/CVE-2024-38388.html * https://www.suse.com/security/cve/CVE-2024-38390.html * https://www.suse.com/security/cve/CVE-2024-38391.html * https://www.suse.com/security/cve/CVE-2024-38539.html * https://www.suse.com/security/cve/CVE-2024-38540.html * https://www.suse.com/security/cve/CVE-2024-38541.html * https://www.suse.com/security/cve/CVE-2024-38543.html * https://www.suse.com/security/cve/CVE-2024-38544.html * https://www.suse.com/security/cve/CVE-2024-38545.html * https://www.suse.com/security/cve/CVE-2024-38546.html * https://www.suse.com/security/cve/CVE-2024-38547.html * https://www.suse.com/security/cve/CVE-2024-38548.html * https://www.suse.com/security/cve/CVE-2024-38549.html * https://www.suse.com/security/cve/CVE-2024-38550.html * https://www.suse.com/security/cve/CVE-2024-38551.html * https://www.suse.com/security/cve/CVE-2024-38552.html * https://www.suse.com/security/cve/CVE-2024-38553.html * https://www.suse.com/security/cve/CVE-2024-38554.html * https://www.suse.com/security/cve/CVE-2024-38555.html * https://www.suse.com/security/cve/CVE-2024-38556.html * https://www.suse.com/security/cve/CVE-2024-38557.html * https://www.suse.com/security/cve/CVE-2024-38559.html * https://www.suse.com/security/cve/CVE-2024-38560.html * https://www.suse.com/security/cve/CVE-2024-38562.html * https://www.suse.com/security/cve/CVE-2024-38564.html * https://www.suse.com/security/cve/CVE-2024-38565.html * https://www.suse.com/security/cve/CVE-2024-38566.html * https://www.suse.com/security/cve/CVE-2024-38567.html * https://www.suse.com/security/cve/CVE-2024-38568.html * https://www.suse.com/security/cve/CVE-2024-38569.html * https://www.suse.com/security/cve/CVE-2024-38570.html * https://www.suse.com/security/cve/CVE-2024-38571.html * https://www.suse.com/security/cve/CVE-2024-38572.html * https://www.suse.com/security/cve/CVE-2024-38573.html * https://www.suse.com/security/cve/CVE-2024-38575.html * https://www.suse.com/security/cve/CVE-2024-38578.html * https://www.suse.com/security/cve/CVE-2024-38579.html * https://www.suse.com/security/cve/CVE-2024-38580.html * https://www.suse.com/security/cve/CVE-2024-38581.html * https://www.suse.com/security/cve/CVE-2024-38582.html * https://www.suse.com/security/cve/CVE-2024-38583.html * https://www.suse.com/security/cve/CVE-2024-38587.html * https://www.suse.com/security/cve/CVE-2024-38588.html * https://www.suse.com/security/cve/CVE-2024-38590.html * https://www.suse.com/security/cve/CVE-2024-38591.html * https://www.suse.com/security/cve/CVE-2024-38592.html * https://www.suse.com/security/cve/CVE-2024-38594.html * https://www.suse.com/security/cve/CVE-2024-38595.html * https://www.suse.com/security/cve/CVE-2024-38597.html * https://www.suse.com/security/cve/CVE-2024-38599.html * https://www.suse.com/security/cve/CVE-2024-38600.html * https://www.suse.com/security/cve/CVE-2024-38601.html * https://www.suse.com/security/cve/CVE-2024-38602.html * https://www.suse.com/security/cve/CVE-2024-38603.html * https://www.suse.com/security/cve/CVE-2024-38605.html * https://www.suse.com/security/cve/CVE-2024-38608.html * https://www.suse.com/security/cve/CVE-2024-38610.html * https://www.suse.com/security/cve/CVE-2024-38611.html * https://www.suse.com/security/cve/CVE-2024-38615.html * https://www.suse.com/security/cve/CVE-2024-38616.html * https://www.suse.com/security/cve/CVE-2024-38617.html * https://www.suse.com/security/cve/CVE-2024-38618.html * https://www.suse.com/security/cve/CVE-2024-38619.html * https://www.suse.com/security/cve/CVE-2024-38621.html * https://www.suse.com/security/cve/CVE-2024-38622.html * https://www.suse.com/security/cve/CVE-2024-38627.html * https://www.suse.com/security/cve/CVE-2024-38628.html * https://www.suse.com/security/cve/CVE-2024-38629.html * https://www.suse.com/security/cve/CVE-2024-38630.html * https://www.suse.com/security/cve/CVE-2024-38633.html * https://www.suse.com/security/cve/CVE-2024-38634.html * https://www.suse.com/security/cve/CVE-2024-38635.html * https://www.suse.com/security/cve/CVE-2024-38636.html * https://www.suse.com/security/cve/CVE-2024-38661.html * https://www.suse.com/security/cve/CVE-2024-38663.html * https://www.suse.com/security/cve/CVE-2024-38664.html * https://www.suse.com/security/cve/CVE-2024-38780.html * https://www.suse.com/security/cve/CVE-2024-39277.html * https://www.suse.com/security/cve/CVE-2024-39291.html * https://www.suse.com/security/cve/CVE-2024-39296.html * https://www.suse.com/security/cve/CVE-2024-39301.html * https://www.suse.com/security/cve/CVE-2024-39362.html * https://www.suse.com/security/cve/CVE-2024-39371.html * https://www.suse.com/security/cve/CVE-2024-39463.html * https://www.suse.com/security/cve/CVE-2024-39466.html * https://www.suse.com/security/cve/CVE-2024-39469.html * https://www.suse.com/security/cve/CVE-2024-39471.html * https://bugzilla.suse.com/show_bug.cgi?id=1186716 * https://bugzilla.suse.com/show_bug.cgi?id=1195775 * https://bugzilla.suse.com/show_bug.cgi?id=1204562 * https://bugzilla.suse.com/show_bug.cgi?id=1209834 * https://bugzilla.suse.com/show_bug.cgi?id=1217481 * https://bugzilla.suse.com/show_bug.cgi?id=1217912 * https://bugzilla.suse.com/show_bug.cgi?id=1218442 * https://bugzilla.suse.com/show_bug.cgi?id=1219224 * https://bugzilla.suse.com/show_bug.cgi?id=1219478 * https://bugzilla.suse.com/show_bug.cgi?id=1219596 * https://bugzilla.suse.com/show_bug.cgi?id=1219633 * https://bugzilla.suse.com/show_bug.cgi?id=1219847 * https://bugzilla.suse.com/show_bug.cgi?id=1219953 * https://bugzilla.suse.com/show_bug.cgi?id=1221086 * https://bugzilla.suse.com/show_bug.cgi?id=1221777 * https://bugzilla.suse.com/show_bug.cgi?id=1221958 * https://bugzilla.suse.com/show_bug.cgi?id=1222011 * https://bugzilla.suse.com/show_bug.cgi?id=1222015 * https://bugzilla.suse.com/show_bug.cgi?id=1222080 * https://bugzilla.suse.com/show_bug.cgi?id=1222241 * https://bugzilla.suse.com/show_bug.cgi?id=1222380 * https://bugzilla.suse.com/show_bug.cgi?id=1222588 * https://bugzilla.suse.com/show_bug.cgi?id=1222617 * https://bugzilla.suse.com/show_bug.cgi?id=1222619 * https://bugzilla.suse.com/show_bug.cgi?id=1222809 * https://bugzilla.suse.com/show_bug.cgi?id=1222810 * https://bugzilla.suse.com/show_bug.cgi?id=1223018 * https://bugzilla.suse.com/show_bug.cgi?id=1223265 * https://bugzilla.suse.com/show_bug.cgi?id=1224049 * https://bugzilla.suse.com/show_bug.cgi?id=1224187 * https://bugzilla.suse.com/show_bug.cgi?id=1224439 * https://bugzilla.suse.com/show_bug.cgi?id=1224497 * https://bugzilla.suse.com/show_bug.cgi?id=1224498 * https://bugzilla.suse.com/show_bug.cgi?id=1224515 * https://bugzilla.suse.com/show_bug.cgi?id=1224520 * https://bugzilla.suse.com/show_bug.cgi?id=1224523 * https://bugzilla.suse.com/show_bug.cgi?id=1224539 * https://bugzilla.suse.com/show_bug.cgi?id=1224540 * https://bugzilla.suse.com/show_bug.cgi?id=1224549 * https://bugzilla.suse.com/show_bug.cgi?id=1224572 * https://bugzilla.suse.com/show_bug.cgi?id=1224575 * https://bugzilla.suse.com/show_bug.cgi?id=1224583 * https://bugzilla.suse.com/show_bug.cgi?id=1224584 * https://bugzilla.suse.com/show_bug.cgi?id=1224606 * https://bugzilla.suse.com/show_bug.cgi?id=1224612 * https://bugzilla.suse.com/show_bug.cgi?id=1224614 * https://bugzilla.suse.com/show_bug.cgi?id=1224619 * https://bugzilla.suse.com/show_bug.cgi?id=1224655 * https://bugzilla.suse.com/show_bug.cgi?id=1224659 * https://bugzilla.suse.com/show_bug.cgi?id=1224661 * https://bugzilla.suse.com/show_bug.cgi?id=1224662 * https://bugzilla.suse.com/show_bug.cgi?id=1224670 * https://bugzilla.suse.com/show_bug.cgi?id=1224673 * https://bugzilla.suse.com/show_bug.cgi?id=1224698 * https://bugzilla.suse.com/show_bug.cgi?id=1224735 * https://bugzilla.suse.com/show_bug.cgi?id=1224751 * https://bugzilla.suse.com/show_bug.cgi?id=1224759 * https://bugzilla.suse.com/show_bug.cgi?id=1224928 * https://bugzilla.suse.com/show_bug.cgi?id=1224930 * https://bugzilla.suse.com/show_bug.cgi?id=1224932 * https://bugzilla.suse.com/show_bug.cgi?id=1224933 * https://bugzilla.suse.com/show_bug.cgi?id=1224935 * https://bugzilla.suse.com/show_bug.cgi?id=1224937 * https://bugzilla.suse.com/show_bug.cgi?id=1224939 * https://bugzilla.suse.com/show_bug.cgi?id=1224941 * https://bugzilla.suse.com/show_bug.cgi?id=1224944 * https://bugzilla.suse.com/show_bug.cgi?id=1224946 * https://bugzilla.suse.com/show_bug.cgi?id=1224947 * https://bugzilla.suse.com/show_bug.cgi?id=1224949 * https://bugzilla.suse.com/show_bug.cgi?id=1224951 * https://bugzilla.suse.com/show_bug.cgi?id=1224988 * https://bugzilla.suse.com/show_bug.cgi?id=1224992 * https://bugzilla.suse.com/show_bug.cgi?id=1224998 * https://bugzilla.suse.com/show_bug.cgi?id=1225000 * https://bugzilla.suse.com/show_bug.cgi?id=1225001 * https://bugzilla.suse.com/show_bug.cgi?id=1225004 * https://bugzilla.suse.com/show_bug.cgi?id=1225006 * https://bugzilla.suse.com/show_bug.cgi?id=1225008 * https://bugzilla.suse.com/show_bug.cgi?id=1225009 * https://bugzilla.suse.com/show_bug.cgi?id=1225014 * https://bugzilla.suse.com/show_bug.cgi?id=1225015 * https://bugzilla.suse.com/show_bug.cgi?id=1225022 * https://bugzilla.suse.com/show_bug.cgi?id=1225025 * https://bugzilla.suse.com/show_bug.cgi?id=1225028 * https://bugzilla.suse.com/show_bug.cgi?id=1225029 * https://bugzilla.suse.com/show_bug.cgi?id=1225031 * https://bugzilla.suse.com/show_bug.cgi?id=1225036 * https://bugzilla.suse.com/show_bug.cgi?id=1225041 * https://bugzilla.suse.com/show_bug.cgi?id=1225044 * https://bugzilla.suse.com/show_bug.cgi?id=1225049 * https://bugzilla.suse.com/show_bug.cgi?id=1225050 * https://bugzilla.suse.com/show_bug.cgi?id=1225076 * https://bugzilla.suse.com/show_bug.cgi?id=1225077 * https://bugzilla.suse.com/show_bug.cgi?id=1225078 * https://bugzilla.suse.com/show_bug.cgi?id=1225081 * https://bugzilla.suse.com/show_bug.cgi?id=1225085 * https://bugzilla.suse.com/show_bug.cgi?id=1225086 * https://bugzilla.suse.com/show_bug.cgi?id=1225090 * https://bugzilla.suse.com/show_bug.cgi?id=1225092 * https://bugzilla.suse.com/show_bug.cgi?id=1225096 * https://bugzilla.suse.com/show_bug.cgi?id=1225097 * https://bugzilla.suse.com/show_bug.cgi?id=1225098 * https://bugzilla.suse.com/show_bug.cgi?id=1225101 * https://bugzilla.suse.com/show_bug.cgi?id=1225103 * https://bugzilla.suse.com/show_bug.cgi?id=1225104 * https://bugzilla.suse.com/show_bug.cgi?id=1225105 * https://bugzilla.suse.com/show_bug.cgi?id=1225106 * https://bugzilla.suse.com/show_bug.cgi?id=1225108 * https://bugzilla.suse.com/show_bug.cgi?id=1225120 * https://bugzilla.suse.com/show_bug.cgi?id=1225132 * https://bugzilla.suse.com/show_bug.cgi?id=1225180 * https://bugzilla.suse.com/show_bug.cgi?id=1225300 * https://bugzilla.suse.com/show_bug.cgi?id=1225391 * https://bugzilla.suse.com/show_bug.cgi?id=1225472 * https://bugzilla.suse.com/show_bug.cgi?id=1225475 * https://bugzilla.suse.com/show_bug.cgi?id=1225476 * https://bugzilla.suse.com/show_bug.cgi?id=1225477 * https://bugzilla.suse.com/show_bug.cgi?id=1225478 * https://bugzilla.suse.com/show_bug.cgi?id=1225485 * https://bugzilla.suse.com/show_bug.cgi?id=1225490 * https://bugzilla.suse.com/show_bug.cgi?id=1225527 * https://bugzilla.suse.com/show_bug.cgi?id=1225529 * https://bugzilla.suse.com/show_bug.cgi?id=1225530 * https://bugzilla.suse.com/show_bug.cgi?id=1225532 * https://bugzilla.suse.com/show_bug.cgi?id=1225534 * https://bugzilla.suse.com/show_bug.cgi?id=1225548 * https://bugzilla.suse.com/show_bug.cgi?id=1225550 * https://bugzilla.suse.com/show_bug.cgi?id=1225553 * https://bugzilla.suse.com/show_bug.cgi?id=1225554 * https://bugzilla.suse.com/show_bug.cgi?id=1225555 * https://bugzilla.suse.com/show_bug.cgi?id=1225556 * https://bugzilla.suse.com/show_bug.cgi?id=1225557 * https://bugzilla.suse.com/show_bug.cgi?id=1225559 * https://bugzilla.suse.com/show_bug.cgi?id=1225560 * https://bugzilla.suse.com/show_bug.cgi?id=1225564 * https://bugzilla.suse.com/show_bug.cgi?id=1225565 * https://bugzilla.suse.com/show_bug.cgi?id=1225566 * https://bugzilla.suse.com/show_bug.cgi?id=1225568 * https://bugzilla.suse.com/show_bug.cgi?id=1225569 * https://bugzilla.suse.com/show_bug.cgi?id=1225570 * https://bugzilla.suse.com/show_bug.cgi?id=1225571 * https://bugzilla.suse.com/show_bug.cgi?id=1225572 * https://bugzilla.suse.com/show_bug.cgi?id=1225573 * https://bugzilla.suse.com/show_bug.cgi?id=1225577 * https://bugzilla.suse.com/show_bug.cgi?id=1225581 * https://bugzilla.suse.com/show_bug.cgi?id=1225583 * https://bugzilla.suse.com/show_bug.cgi?id=1225584 * https://bugzilla.suse.com/show_bug.cgi?id=1225585 * https://bugzilla.suse.com/show_bug.cgi?id=1225586 * https://bugzilla.suse.com/show_bug.cgi?id=1225587 * https://bugzilla.suse.com/show_bug.cgi?id=1225588 * https://bugzilla.suse.com/show_bug.cgi?id=1225589 * https://bugzilla.suse.com/show_bug.cgi?id=1225590 * https://bugzilla.suse.com/show_bug.cgi?id=1225591 * https://bugzilla.suse.com/show_bug.cgi?id=1225592 * https://bugzilla.suse.com/show_bug.cgi?id=1225594 * https://bugzilla.suse.com/show_bug.cgi?id=1225595 * https://bugzilla.suse.com/show_bug.cgi?id=1225599 * https://bugzilla.suse.com/show_bug.cgi?id=1225602 * https://bugzilla.suse.com/show_bug.cgi?id=1225605 * https://bugzilla.suse.com/show_bug.cgi?id=1225609 * https://bugzilla.suse.com/show_bug.cgi?id=1225611 * https://bugzilla.suse.com/show_bug.cgi?id=1225681 * https://bugzilla.suse.com/show_bug.cgi?id=1225702 * https://bugzilla.suse.com/show_bug.cgi?id=1225723 * https://bugzilla.suse.com/show_bug.cgi?id=1225726 * https://bugzilla.suse.com/show_bug.cgi?id=1225731 * https://bugzilla.suse.com/show_bug.cgi?id=1225732 * https://bugzilla.suse.com/show_bug.cgi?id=1225737 * https://bugzilla.suse.com/show_bug.cgi?id=1225741 * https://bugzilla.suse.com/show_bug.cgi?id=1225758 * https://bugzilla.suse.com/show_bug.cgi?id=1225759 * https://bugzilla.suse.com/show_bug.cgi?id=1225760 * https://bugzilla.suse.com/show_bug.cgi?id=1225761 * https://bugzilla.suse.com/show_bug.cgi?id=1225762 * https://bugzilla.suse.com/show_bug.cgi?id=1225763 * https://bugzilla.suse.com/show_bug.cgi?id=1225767 * https://bugzilla.suse.com/show_bug.cgi?id=1225770 * https://bugzilla.suse.com/show_bug.cgi?id=1225815 * https://bugzilla.suse.com/show_bug.cgi?id=1225820 * https://bugzilla.suse.com/show_bug.cgi?id=1225823 * https://bugzilla.suse.com/show_bug.cgi?id=1225827 * https://bugzilla.suse.com/show_bug.cgi?id=1225834 * https://bugzilla.suse.com/show_bug.cgi?id=1225866 * https://bugzilla.suse.com/show_bug.cgi?id=1225872 * https://bugzilla.suse.com/show_bug.cgi?id=1225898 * https://bugzilla.suse.com/show_bug.cgi?id=1225903 * https://bugzilla.suse.com/show_bug.cgi?id=1226022 * https://bugzilla.suse.com/show_bug.cgi?id=1226131 * https://bugzilla.suse.com/show_bug.cgi?id=1226145 * https://bugzilla.suse.com/show_bug.cgi?id=1226149 * https://bugzilla.suse.com/show_bug.cgi?id=1226155 * https://bugzilla.suse.com/show_bug.cgi?id=1226158 * https://bugzilla.suse.com/show_bug.cgi?id=1226163 * https://bugzilla.suse.com/show_bug.cgi?id=1226211 * https://bugzilla.suse.com/show_bug.cgi?id=1226212 * https://bugzilla.suse.com/show_bug.cgi?id=1226226 * https://bugzilla.suse.com/show_bug.cgi?id=1226457 * https://bugzilla.suse.com/show_bug.cgi?id=1226503 * https://bugzilla.suse.com/show_bug.cgi?id=1226513 * https://bugzilla.suse.com/show_bug.cgi?id=1226514 * https://bugzilla.suse.com/show_bug.cgi?id=1226520 * https://bugzilla.suse.com/show_bug.cgi?id=1226582 * https://bugzilla.suse.com/show_bug.cgi?id=1226587 * https://bugzilla.suse.com/show_bug.cgi?id=1226588 * https://bugzilla.suse.com/show_bug.cgi?id=1226592 * https://bugzilla.suse.com/show_bug.cgi?id=1226593 * https://bugzilla.suse.com/show_bug.cgi?id=1226594 * https://bugzilla.suse.com/show_bug.cgi?id=1226595 * https://bugzilla.suse.com/show_bug.cgi?id=1226597 * https://bugzilla.suse.com/show_bug.cgi?id=1226607 * https://bugzilla.suse.com/show_bug.cgi?id=1226608 * https://bugzilla.suse.com/show_bug.cgi?id=1226610 * https://bugzilla.suse.com/show_bug.cgi?id=1226612 * https://bugzilla.suse.com/show_bug.cgi?id=1226613 * https://bugzilla.suse.com/show_bug.cgi?id=1226630 * https://bugzilla.suse.com/show_bug.cgi?id=1226632 * https://bugzilla.suse.com/show_bug.cgi?id=1226633 * https://bugzilla.suse.com/show_bug.cgi?id=1226634 * https://bugzilla.suse.com/show_bug.cgi?id=1226637 * https://bugzilla.suse.com/show_bug.cgi?id=1226657 * https://bugzilla.suse.com/show_bug.cgi?id=1226658 * https://bugzilla.suse.com/show_bug.cgi?id=1226734 * https://bugzilla.suse.com/show_bug.cgi?id=1226735 * https://bugzilla.suse.com/show_bug.cgi?id=1226737 * https://bugzilla.suse.com/show_bug.cgi?id=1226738 * https://bugzilla.suse.com/show_bug.cgi?id=1226739 * https://bugzilla.suse.com/show_bug.cgi?id=1226740 * https://bugzilla.suse.com/show_bug.cgi?id=1226741 * https://bugzilla.suse.com/show_bug.cgi?id=1226742 * https://bugzilla.suse.com/show_bug.cgi?id=1226744 * https://bugzilla.suse.com/show_bug.cgi?id=1226746 * https://bugzilla.suse.com/show_bug.cgi?id=1226747 * https://bugzilla.suse.com/show_bug.cgi?id=1226749 * https://bugzilla.suse.com/show_bug.cgi?id=1226754 * https://bugzilla.suse.com/show_bug.cgi?id=1226758 * https://bugzilla.suse.com/show_bug.cgi?id=1226760 * https://bugzilla.suse.com/show_bug.cgi?id=1226761 * https://bugzilla.suse.com/show_bug.cgi?id=1226764 * https://bugzilla.suse.com/show_bug.cgi?id=1226767 * https://bugzilla.suse.com/show_bug.cgi?id=1226768 * https://bugzilla.suse.com/show_bug.cgi?id=1226769 * https://bugzilla.suse.com/show_bug.cgi?id=1226771 * https://bugzilla.suse.com/show_bug.cgi?id=1226772 * https://bugzilla.suse.com/show_bug.cgi?id=1226774 * https://bugzilla.suse.com/show_bug.cgi?id=1226775 * https://bugzilla.suse.com/show_bug.cgi?id=1226776 * https://bugzilla.suse.com/show_bug.cgi?id=1226777 * https://bugzilla.suse.com/show_bug.cgi?id=1226780 * https://bugzilla.suse.com/show_bug.cgi?id=1226781 * https://bugzilla.suse.com/show_bug.cgi?id=1226786 * https://bugzilla.suse.com/show_bug.cgi?id=1226788 * https://bugzilla.suse.com/show_bug.cgi?id=1226789 * https://bugzilla.suse.com/show_bug.cgi?id=1226790 * https://bugzilla.suse.com/show_bug.cgi?id=1226791 * https://bugzilla.suse.com/show_bug.cgi?id=1226796 * https://bugzilla.suse.com/show_bug.cgi?id=1226799 * https://bugzilla.suse.com/show_bug.cgi?id=1226837 * https://bugzilla.suse.com/show_bug.cgi?id=1226839 * https://bugzilla.suse.com/show_bug.cgi?id=1226840 * https://bugzilla.suse.com/show_bug.cgi?id=1226841 * https://bugzilla.suse.com/show_bug.cgi?id=1226842 * https://bugzilla.suse.com/show_bug.cgi?id=1226844 * https://bugzilla.suse.com/show_bug.cgi?id=1226848 * https://bugzilla.suse.com/show_bug.cgi?id=1226852 * https://bugzilla.suse.com/show_bug.cgi?id=1226856 * https://bugzilla.suse.com/show_bug.cgi?id=1226857 * https://bugzilla.suse.com/show_bug.cgi?id=1226859 * https://bugzilla.suse.com/show_bug.cgi?id=1226861 * https://bugzilla.suse.com/show_bug.cgi?id=1226863 * https://bugzilla.suse.com/show_bug.cgi?id=1226864 * https://bugzilla.suse.com/show_bug.cgi?id=1226867 * https://bugzilla.suse.com/show_bug.cgi?id=1226868 * https://bugzilla.suse.com/show_bug.cgi?id=1226875 * https://bugzilla.suse.com/show_bug.cgi?id=1226876 * https://bugzilla.suse.com/show_bug.cgi?id=1226878 * https://bugzilla.suse.com/show_bug.cgi?id=1226879 * https://bugzilla.suse.com/show_bug.cgi?id=1226886 * https://bugzilla.suse.com/show_bug.cgi?id=1226890 * https://bugzilla.suse.com/show_bug.cgi?id=1226891 * https://bugzilla.suse.com/show_bug.cgi?id=1226894 * https://bugzilla.suse.com/show_bug.cgi?id=1226895 * https://bugzilla.suse.com/show_bug.cgi?id=1226905 * https://bugzilla.suse.com/show_bug.cgi?id=1226908 * https://bugzilla.suse.com/show_bug.cgi?id=1226909 * https://bugzilla.suse.com/show_bug.cgi?id=1226911 * https://bugzilla.suse.com/show_bug.cgi?id=1226928 * https://bugzilla.suse.com/show_bug.cgi?id=1226934 * https://bugzilla.suse.com/show_bug.cgi?id=1226938 * https://bugzilla.suse.com/show_bug.cgi?id=1226939 * https://bugzilla.suse.com/show_bug.cgi?id=1226941 * https://bugzilla.suse.com/show_bug.cgi?id=1226948 * https://bugzilla.suse.com/show_bug.cgi?id=1226949 * https://bugzilla.suse.com/show_bug.cgi?id=1226950 * https://bugzilla.suse.com/show_bug.cgi?id=1226962 * https://bugzilla.suse.com/show_bug.cgi?id=1226976 * https://bugzilla.suse.com/show_bug.cgi?id=1226989 * https://bugzilla.suse.com/show_bug.cgi?id=1226990 * https://bugzilla.suse.com/show_bug.cgi?id=1226992 * https://bugzilla.suse.com/show_bug.cgi?id=1226994 * https://bugzilla.suse.com/show_bug.cgi?id=1226995 * https://bugzilla.suse.com/show_bug.cgi?id=1226996 * https://bugzilla.suse.com/show_bug.cgi?id=1227066 * https://bugzilla.suse.com/show_bug.cgi?id=1227072 * https://bugzilla.suse.com/show_bug.cgi?id=1227085 * https://bugzilla.suse.com/show_bug.cgi?id=1227089 * https://bugzilla.suse.com/show_bug.cgi?id=1227090 * https://bugzilla.suse.com/show_bug.cgi?id=1227096 * https://bugzilla.suse.com/show_bug.cgi?id=1227101 * https://bugzilla.suse.com/show_bug.cgi?id=1227190 * https://jira.suse.com/browse/PED-8491 * https://jira.suse.com/browse/PED-8570 * https://jira.suse.com/browse/PED-8688 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jul 23 08:30:21 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 23 Jul 2024 08:30:21 -0000 Subject: SUSE-SU-2024:2600-1: moderate: Security update for mozilla-nss Message-ID: <172172342134.7143.12918778892249859998@smelt2.prg2.suse.org> # Security update for mozilla-nss Announcement ID: SUSE-SU-2024:2600-1 Rating: moderate References: * bsc#1214980 * bsc#1222804 * bsc#1222807 * bsc#1222811 * bsc#1222813 * bsc#1222814 * bsc#1222821 * bsc#1222822 * bsc#1222826 * bsc#1222828 * bsc#1222830 * bsc#1222833 * bsc#1222834 * bsc#1224113 * bsc#1224115 * bsc#1224116 * bsc#1224118 Cross-References: * CVE-2023-5388 CVSS scores: * CVE-2023-5388 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves one vulnerability and has 16 security fixes can now be installed. ## Description: This update for mozilla-nss fixes the following issues: * FIPS: Added more safe memset (bsc#1222811). * FIPS: Adjusted AES GCM restrictions (bsc#1222830). * FIPS: Adjusted approved ciphers (bsc#1222813, bsc#1222814, bsc#1222821, bsc#1222822, bsc#1224118, bsc#1222807, bsc#1222828, bsc#1222834, bsc#1222804, bsc#1222826, bsc#1222833, bsc#1224113, bsc#1224115, bsc#1224116). Update to NSS 3.101.1: * GLOBALTRUST 2020: Set Distrust After for TLS and S/MIME. update to NSS 3.101: * add diagnostic assertions for SFTKObject refcount. * freeing the slot in DeleteCertAndKey if authentication failed * fix formatting issues. * Add Firmaprofesional CA Root-A Web to NSS. * remove invalid acvp fuzz test vectors. * pad short P-384 and P-521 signatures gtests. * remove unused FreeBL ECC code. * pad short P-384 and P-521 signatures. * be less strict about ECDSA private key length. * Integrate HACL* P-521. * Integrate HACL* P-384. * memory leak in create_objects_from_handles. * ensure all input is consumed in a few places in mozilla::pkix * SMIME/CMS and PKCS #12 do not integrate with modern NSS policy * clean up escape handling * Use lib::pkix as default validator instead of the old-one * Need to add high level support for PQ signing. * Certificate Compression: changing the allocation/freeing of buffer + Improving the documentation * SMIME/CMS and PKCS #12 do not integrate with modern NSS policy * Allow for non-full length ecdsa signature when using softoken * Modification of .taskcluster.yml due to mozlint indent defects * Implement support for PBMAC1 in PKCS#12 * disable VLA warnings for fuzz builds. * remove redundant AllocItem implementation. * add PK11_ReadDistrustAfterAttribute. * * Clang-formatting of SEC_GetMgfTypeByOidTag update * Set SEC_ERROR_LIBRARY_FAILURE on self-test failure * sftk_getParameters(): Fix fallback to default variable after error with configfile. * Switch to the mozillareleases/image_builder image * switch from ec_field_GFp to ec_field_plain Update to NSS 3.100: * merge pk11_kyberSlotList into pk11_ecSlotList for faster Xyber operations. * remove ckcapi. * avoid a potential PK11GenericObject memory leak. * Remove incomplete ESDH code. * Decrypt RSA OAEP encrypted messages. * Fix certutil CRLDP URI code. * Don't set CKA_DERIVE for CKK_EC_EDWARDS private keys. * Add ability to encrypt and decrypt CMS messages using ECDH. * Correct Templates for key agreement in smime/cmsasn.c. * Moving the decodedCert allocation to NSS. * Allow developers to speed up repeated local execution of NSS tests that depend on certificates. Update to NSS 3.99: * Removing check for message len in ed25519 (bmo#1325335) * add ed25519 to SECU_ecName2params. (bmo#1884276) * add EdDSA wycheproof tests. (bmo#1325335) * nss/lib layer code for EDDSA. (bmo#1325335) * Adding EdDSA implementation. (bmo#1325335) * Exporting Certificate Compression types (bmo#1881027) * Updating ACVP docker to rust 1.74 (bmo#1880857) * Updating HACL* to 0f136f28935822579c244f287e1d2a1908a7e552 (bmo#1325335) * Add NSS_CMSRecipient_IsSupported. (bmo#1877730) Update to NSS 3.98: * (CVE-2023-5388) Timing attack against RSA decryption in TLS * Certificate Compression: enabling the check that the compression was advertised * Move Windows workers to nss-1/b-win2022-alpha * Remove Email trust bit from OISTE WISeKey Global Root GC CA * Replace `distutils.spawn.find_executable` with `shutil.which` within `mach` in `nss` * Certificate Compression: Updating nss_bogo_shim to support Certificate compression * TLS Certificate Compression (RFC 8879) Implementation * Add valgrind annotations to freebl kyber operations for constant-time execution tests * Set nssckbi version number to 2.66 * Add Telekom Security roots * Add D-Trust 2022 S/MIME roots * Remove expired Security Communication RootCA1 root * move keys to a slot that supports concatenation in PK11_ConcatSymKeys * remove unmaintained tls-interop tests * bogo: add support for the -ipv6 and -shim-id shim flags * bogo: add support for the -curves shim flag and update Kyber expectations * bogo: adjust expectation for a key usage bit test * mozpkix: add option to ignore invalid subject alternative names * Fix selfserv not stripping `publicname:` from -X value * take ownership of ecckilla shims * add valgrind annotations to freebl/ec.c * PR_INADDR_ANY needs PR_htonl before assignment to inet.ip * Update zlib to 1.3.1 Update to NSS 3.97: * make Xyber768d00 opt-in by policy * add libssl support for xyber768d00 * add PK11_ConcatSymKeys * add Kyber and a PKCS#11 KEM interface to softoken * add a FreeBL API for Kyber * part 2: vendor github.com/pq-crystals/kyber/commit/e0d1c6ff * part 1: add a script for vendoring kyber from pq-crystals repo * Removing the calls to RSA Blind from loader.* * fix worker type for level3 mac tasks * RSA Blind implementation * Remove DSA selftests * read KWP testvectors from JSON * Backed out changeset dcb174139e4f * Fix CKM_PBE_SHA1_DES2_EDE_CBC derivation * Wrap CC shell commands in gyp expansions Update to NSS 3.96.1: * Use pypi dependencies for MacOS worker in ./build_gyp.sh * p7sign: add -a hash and -u certusage (also p7verify cleanups) * add a defensive check for large ssl_DefSend return values * Add dependency to the taskcluster script for Darwin * Upgrade version of the MacOS worker for the CI Update to NSS 3.95: * Bump builtins version number. * Remove Email trust bit from Autoridad de Certificacion Firmaprofesional CIF A62634068 root cert. * Remove 4 DigiCert (Symantec/Verisign) Root Certificates * Remove 3 TrustCor Root Certificates from NSS. * Remove Camerfirma root certificates from NSS. * Remove old Autoridad de Certificacion Firmaprofesional Certificate. * Add four Commscope root certificates to NSS. * Add TrustAsia Global Root CA G3 and G4 root certificates. * Include P-384 and P-521 Scalar Validation from HACL* * Include P-256 Scalar Validation from HACL*. * After the HACL 256 ECC patch, NSS incorrectly encodes 256 ECC without DER wrapping at the softoken level * Add means to provide library parameters to C_Initialize * add OSXSAVE and XCR0 tests to AVX2 detection. * Typo in ssl3_AppendHandshakeNumber * Introducing input check of ssl3_AppendHandshakeNumber * Fix Invalid casts in instance.c Update to NSS 3.94: * Updated code and commit ID for HACL* * update ACVP fuzzed test vector: refuzzed with current NSS * Softoken C_ calls should use system FIPS setting to select NSC_ or FC_ variants * NSS needs a database tool that can dump the low level representation of the database * declare string literals using char in pkixnames_tests.cpp * avoid implicit conversion for ByteString * update rust version for acvp docker * Moving the init function of the mpi_ints before clean-up in ec.c * P-256 ECDH and ECDSA from HACL* * Add ACVP test vectors to the repository * Stop relying on std::basic_string * Transpose the PPC_ABI check from Makefile to gyp Update to NSS 3.93: * Update zlib in NSS to 1.3. * softoken: iterate hashUpdate calls for long inputs. * regenerate NameConstraints test certificates (bsc#1214980). Update to NSS 3.92: * Set nssckbi version number to 2.62 * Add 4 Atos TrustedRoot Root CA certificates to NSS * Add 4 SSL.com Root CA certificates * Add Sectigo E46 and R46 Root CA certificates * Add LAWtrust Root CA2 (4096) * Remove E-Tugra Certification Authority root * Remove Camerfirma Chambers of Commerce Root. * Remove Hongkong Post Root CA 1 * Remove E-Tugra Global Root CA ECC v3 and RSA v3 * Avoid redefining BYTE_ORDER on hppa Linux Update to NSS 3.91: * Implementation of the HW support check for ADX instruction * Removing the support of Curve25519 * Fix comment about the addition of ticketSupportsEarlyData * Adding args to enable-legacy-db build * dbtests.sh failure in "certutil dump keys with explicit default trust flags" * Initialize flags in slot structures * Improve the length check of RSA input to avoid heap overflow * Followup Fixes * avoid processing unexpected inputs by checking for m_exptmod base sign * add a limit check on order_k to avoid infinite loop * Update HACL* to commit 5f6051d2 * add SHA3 to cryptohi and softoken * HACL SHA3 * Disabling ASM C25519 for A but X86_64 Update to NSS 3.90.3: * GLOBALTRUST 2020: Set Distrust After for TLS and S/MIME. * clean up escape handling. * remove redundant AllocItem implementation. * Disable ASM support for Curve25519. * Disable ASM support for Curve25519 for all but X86_64. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-2600=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-2600=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-2600=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-2600=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-2600=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-2600=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-2600=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-2600=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-2600=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-2600=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * libfreebl3-3.101.1-150000.3.117.1 * libsoftokn3-3.101.1-150000.3.117.1 * mozilla-nss-certs-3.101.1-150000.3.117.1 * mozilla-nss-debugsource-3.101.1-150000.3.117.1 * mozilla-nss-devel-3.101.1-150000.3.117.1 * mozilla-nss-tools-3.101.1-150000.3.117.1 * mozilla-nss-certs-debuginfo-3.101.1-150000.3.117.1 * libfreebl3-debuginfo-3.101.1-150000.3.117.1 * mozilla-nss-tools-debuginfo-3.101.1-150000.3.117.1 * mozilla-nss-sysinit-3.101.1-150000.3.117.1 * mozilla-nss-sysinit-debuginfo-3.101.1-150000.3.117.1 * mozilla-nss-3.101.1-150000.3.117.1 * libsoftokn3-debuginfo-3.101.1-150000.3.117.1 * mozilla-nss-debuginfo-3.101.1-150000.3.117.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (x86_64) * mozilla-nss-certs-32bit-3.101.1-150000.3.117.1 * libsoftokn3-32bit-3.101.1-150000.3.117.1 * mozilla-nss-32bit-3.101.1-150000.3.117.1 * libfreebl3-32bit-debuginfo-3.101.1-150000.3.117.1 * mozilla-nss-32bit-debuginfo-3.101.1-150000.3.117.1 * libfreebl3-32bit-3.101.1-150000.3.117.1 * libsoftokn3-32bit-debuginfo-3.101.1-150000.3.117.1 * mozilla-nss-certs-32bit-debuginfo-3.101.1-150000.3.117.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * libfreebl3-3.101.1-150000.3.117.1 * libsoftokn3-3.101.1-150000.3.117.1 * mozilla-nss-certs-3.101.1-150000.3.117.1 * mozilla-nss-debugsource-3.101.1-150000.3.117.1 * mozilla-nss-devel-3.101.1-150000.3.117.1 * mozilla-nss-tools-3.101.1-150000.3.117.1 * mozilla-nss-certs-debuginfo-3.101.1-150000.3.117.1 * libfreebl3-debuginfo-3.101.1-150000.3.117.1 * mozilla-nss-tools-debuginfo-3.101.1-150000.3.117.1 * mozilla-nss-sysinit-3.101.1-150000.3.117.1 * mozilla-nss-sysinit-debuginfo-3.101.1-150000.3.117.1 * mozilla-nss-3.101.1-150000.3.117.1 * libsoftokn3-debuginfo-3.101.1-150000.3.117.1 * mozilla-nss-debuginfo-3.101.1-150000.3.117.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (x86_64) * mozilla-nss-sysinit-32bit-3.101.1-150000.3.117.1 * mozilla-nss-certs-32bit-3.101.1-150000.3.117.1 * libsoftokn3-32bit-3.101.1-150000.3.117.1 * mozilla-nss-32bit-3.101.1-150000.3.117.1 * libfreebl3-32bit-debuginfo-3.101.1-150000.3.117.1 * mozilla-nss-32bit-debuginfo-3.101.1-150000.3.117.1 * libfreebl3-32bit-3.101.1-150000.3.117.1 * libsoftokn3-32bit-debuginfo-3.101.1-150000.3.117.1 * mozilla-nss-sysinit-32bit-debuginfo-3.101.1-150000.3.117.1 * mozilla-nss-certs-32bit-debuginfo-3.101.1-150000.3.117.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * libfreebl3-3.101.1-150000.3.117.1 * libsoftokn3-3.101.1-150000.3.117.1 * mozilla-nss-certs-3.101.1-150000.3.117.1 * mozilla-nss-debugsource-3.101.1-150000.3.117.1 * mozilla-nss-devel-3.101.1-150000.3.117.1 * mozilla-nss-tools-3.101.1-150000.3.117.1 * mozilla-nss-certs-debuginfo-3.101.1-150000.3.117.1 * libfreebl3-debuginfo-3.101.1-150000.3.117.1 * mozilla-nss-tools-debuginfo-3.101.1-150000.3.117.1 * mozilla-nss-sysinit-3.101.1-150000.3.117.1 * mozilla-nss-sysinit-debuginfo-3.101.1-150000.3.117.1 * mozilla-nss-3.101.1-150000.3.117.1 * libsoftokn3-debuginfo-3.101.1-150000.3.117.1 * mozilla-nss-debuginfo-3.101.1-150000.3.117.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (x86_64) * mozilla-nss-certs-32bit-3.101.1-150000.3.117.1 * libsoftokn3-32bit-3.101.1-150000.3.117.1 * mozilla-nss-32bit-3.101.1-150000.3.117.1 * libfreebl3-32bit-debuginfo-3.101.1-150000.3.117.1 * mozilla-nss-32bit-debuginfo-3.101.1-150000.3.117.1 * libfreebl3-32bit-3.101.1-150000.3.117.1 * libsoftokn3-32bit-debuginfo-3.101.1-150000.3.117.1 * mozilla-nss-certs-32bit-debuginfo-3.101.1-150000.3.117.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * libfreebl3-3.101.1-150000.3.117.1 * libsoftokn3-3.101.1-150000.3.117.1 * mozilla-nss-certs-3.101.1-150000.3.117.1 * mozilla-nss-debugsource-3.101.1-150000.3.117.1 * mozilla-nss-devel-3.101.1-150000.3.117.1 * mozilla-nss-tools-3.101.1-150000.3.117.1 * mozilla-nss-certs-debuginfo-3.101.1-150000.3.117.1 * libfreebl3-debuginfo-3.101.1-150000.3.117.1 * mozilla-nss-tools-debuginfo-3.101.1-150000.3.117.1 * mozilla-nss-sysinit-3.101.1-150000.3.117.1 * mozilla-nss-sysinit-debuginfo-3.101.1-150000.3.117.1 * mozilla-nss-3.101.1-150000.3.117.1 * libsoftokn3-debuginfo-3.101.1-150000.3.117.1 * mozilla-nss-debuginfo-3.101.1-150000.3.117.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (x86_64) * mozilla-nss-sysinit-32bit-3.101.1-150000.3.117.1 * mozilla-nss-certs-32bit-3.101.1-150000.3.117.1 * libsoftokn3-32bit-3.101.1-150000.3.117.1 * mozilla-nss-32bit-3.101.1-150000.3.117.1 * libfreebl3-32bit-debuginfo-3.101.1-150000.3.117.1 * mozilla-nss-32bit-debuginfo-3.101.1-150000.3.117.1 * libfreebl3-32bit-3.101.1-150000.3.117.1 * libsoftokn3-32bit-debuginfo-3.101.1-150000.3.117.1 * mozilla-nss-sysinit-32bit-debuginfo-3.101.1-150000.3.117.1 * mozilla-nss-certs-32bit-debuginfo-3.101.1-150000.3.117.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * libfreebl3-3.101.1-150000.3.117.1 * libsoftokn3-3.101.1-150000.3.117.1 * mozilla-nss-certs-3.101.1-150000.3.117.1 * mozilla-nss-debugsource-3.101.1-150000.3.117.1 * mozilla-nss-devel-3.101.1-150000.3.117.1 * mozilla-nss-tools-3.101.1-150000.3.117.1 * mozilla-nss-certs-debuginfo-3.101.1-150000.3.117.1 * libfreebl3-debuginfo-3.101.1-150000.3.117.1 * mozilla-nss-tools-debuginfo-3.101.1-150000.3.117.1 * mozilla-nss-sysinit-3.101.1-150000.3.117.1 * mozilla-nss-sysinit-debuginfo-3.101.1-150000.3.117.1 * mozilla-nss-3.101.1-150000.3.117.1 * libsoftokn3-debuginfo-3.101.1-150000.3.117.1 * mozilla-nss-debuginfo-3.101.1-150000.3.117.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (x86_64) * mozilla-nss-certs-32bit-3.101.1-150000.3.117.1 * libsoftokn3-32bit-3.101.1-150000.3.117.1 * mozilla-nss-32bit-3.101.1-150000.3.117.1 * libfreebl3-32bit-debuginfo-3.101.1-150000.3.117.1 * mozilla-nss-32bit-debuginfo-3.101.1-150000.3.117.1 * libfreebl3-32bit-3.101.1-150000.3.117.1 * libsoftokn3-32bit-debuginfo-3.101.1-150000.3.117.1 * mozilla-nss-certs-32bit-debuginfo-3.101.1-150000.3.117.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * libfreebl3-3.101.1-150000.3.117.1 * libsoftokn3-3.101.1-150000.3.117.1 * mozilla-nss-certs-3.101.1-150000.3.117.1 * mozilla-nss-debugsource-3.101.1-150000.3.117.1 * mozilla-nss-devel-3.101.1-150000.3.117.1 * mozilla-nss-tools-3.101.1-150000.3.117.1 * mozilla-nss-certs-debuginfo-3.101.1-150000.3.117.1 * libfreebl3-debuginfo-3.101.1-150000.3.117.1 * mozilla-nss-tools-debuginfo-3.101.1-150000.3.117.1 * mozilla-nss-sysinit-3.101.1-150000.3.117.1 * mozilla-nss-sysinit-debuginfo-3.101.1-150000.3.117.1 * mozilla-nss-3.101.1-150000.3.117.1 * libsoftokn3-debuginfo-3.101.1-150000.3.117.1 * mozilla-nss-debuginfo-3.101.1-150000.3.117.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (x86_64) * mozilla-nss-sysinit-32bit-3.101.1-150000.3.117.1 * mozilla-nss-certs-32bit-3.101.1-150000.3.117.1 * libsoftokn3-32bit-3.101.1-150000.3.117.1 * mozilla-nss-32bit-3.101.1-150000.3.117.1 * libfreebl3-32bit-debuginfo-3.101.1-150000.3.117.1 * mozilla-nss-32bit-debuginfo-3.101.1-150000.3.117.1 * libfreebl3-32bit-3.101.1-150000.3.117.1 * libsoftokn3-32bit-debuginfo-3.101.1-150000.3.117.1 * mozilla-nss-sysinit-32bit-debuginfo-3.101.1-150000.3.117.1 * mozilla-nss-certs-32bit-debuginfo-3.101.1-150000.3.117.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * libfreebl3-3.101.1-150000.3.117.1 * libsoftokn3-3.101.1-150000.3.117.1 * mozilla-nss-certs-3.101.1-150000.3.117.1 * mozilla-nss-debugsource-3.101.1-150000.3.117.1 * mozilla-nss-devel-3.101.1-150000.3.117.1 * mozilla-nss-tools-3.101.1-150000.3.117.1 * mozilla-nss-certs-debuginfo-3.101.1-150000.3.117.1 * libfreebl3-debuginfo-3.101.1-150000.3.117.1 * mozilla-nss-tools-debuginfo-3.101.1-150000.3.117.1 * mozilla-nss-sysinit-3.101.1-150000.3.117.1 * mozilla-nss-sysinit-debuginfo-3.101.1-150000.3.117.1 * mozilla-nss-3.101.1-150000.3.117.1 * libsoftokn3-debuginfo-3.101.1-150000.3.117.1 * mozilla-nss-debuginfo-3.101.1-150000.3.117.1 * SUSE Enterprise Storage 7.1 (x86_64) * mozilla-nss-sysinit-32bit-3.101.1-150000.3.117.1 * mozilla-nss-certs-32bit-3.101.1-150000.3.117.1 * libsoftokn3-32bit-3.101.1-150000.3.117.1 * mozilla-nss-32bit-3.101.1-150000.3.117.1 * libfreebl3-32bit-debuginfo-3.101.1-150000.3.117.1 * mozilla-nss-32bit-debuginfo-3.101.1-150000.3.117.1 * libfreebl3-32bit-3.101.1-150000.3.117.1 * libsoftokn3-32bit-debuginfo-3.101.1-150000.3.117.1 * mozilla-nss-sysinit-32bit-debuginfo-3.101.1-150000.3.117.1 * mozilla-nss-certs-32bit-debuginfo-3.101.1-150000.3.117.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * libfreebl3-3.101.1-150000.3.117.1 * libsoftokn3-3.101.1-150000.3.117.1 * mozilla-nss-certs-3.101.1-150000.3.117.1 * mozilla-nss-debugsource-3.101.1-150000.3.117.1 * mozilla-nss-tools-3.101.1-150000.3.117.1 * mozilla-nss-certs-debuginfo-3.101.1-150000.3.117.1 * libfreebl3-debuginfo-3.101.1-150000.3.117.1 * mozilla-nss-tools-debuginfo-3.101.1-150000.3.117.1 * mozilla-nss-3.101.1-150000.3.117.1 * libsoftokn3-debuginfo-3.101.1-150000.3.117.1 * mozilla-nss-debuginfo-3.101.1-150000.3.117.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * libfreebl3-3.101.1-150000.3.117.1 * libsoftokn3-3.101.1-150000.3.117.1 * mozilla-nss-certs-3.101.1-150000.3.117.1 * mozilla-nss-debugsource-3.101.1-150000.3.117.1 * mozilla-nss-tools-3.101.1-150000.3.117.1 * mozilla-nss-certs-debuginfo-3.101.1-150000.3.117.1 * libfreebl3-debuginfo-3.101.1-150000.3.117.1 * mozilla-nss-tools-debuginfo-3.101.1-150000.3.117.1 * mozilla-nss-3.101.1-150000.3.117.1 * libsoftokn3-debuginfo-3.101.1-150000.3.117.1 * mozilla-nss-debuginfo-3.101.1-150000.3.117.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * libfreebl3-3.101.1-150000.3.117.1 * libsoftokn3-3.101.1-150000.3.117.1 * mozilla-nss-certs-3.101.1-150000.3.117.1 * mozilla-nss-debugsource-3.101.1-150000.3.117.1 * mozilla-nss-tools-3.101.1-150000.3.117.1 * mozilla-nss-certs-debuginfo-3.101.1-150000.3.117.1 * libfreebl3-debuginfo-3.101.1-150000.3.117.1 * mozilla-nss-tools-debuginfo-3.101.1-150000.3.117.1 * mozilla-nss-3.101.1-150000.3.117.1 * libsoftokn3-debuginfo-3.101.1-150000.3.117.1 * mozilla-nss-debuginfo-3.101.1-150000.3.117.1 ## References: * https://www.suse.com/security/cve/CVE-2023-5388.html * https://bugzilla.suse.com/show_bug.cgi?id=1214980 * https://bugzilla.suse.com/show_bug.cgi?id=1222804 * https://bugzilla.suse.com/show_bug.cgi?id=1222807 * https://bugzilla.suse.com/show_bug.cgi?id=1222811 * https://bugzilla.suse.com/show_bug.cgi?id=1222813 * https://bugzilla.suse.com/show_bug.cgi?id=1222814 * https://bugzilla.suse.com/show_bug.cgi?id=1222821 * https://bugzilla.suse.com/show_bug.cgi?id=1222822 * https://bugzilla.suse.com/show_bug.cgi?id=1222826 * https://bugzilla.suse.com/show_bug.cgi?id=1222828 * https://bugzilla.suse.com/show_bug.cgi?id=1222830 * https://bugzilla.suse.com/show_bug.cgi?id=1222833 * https://bugzilla.suse.com/show_bug.cgi?id=1222834 * https://bugzilla.suse.com/show_bug.cgi?id=1224113 * https://bugzilla.suse.com/show_bug.cgi?id=1224115 * https://bugzilla.suse.com/show_bug.cgi?id=1224116 * https://bugzilla.suse.com/show_bug.cgi?id=1224118 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jul 23 08:30:23 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 23 Jul 2024 08:30:23 -0000 Subject: SUSE-SU-2024:2599-1: important: Security update for git Message-ID: <172172342348.7143.10110974973381219560@smelt2.prg2.suse.org> # Security update for git Announcement ID: SUSE-SU-2024:2599-1 Rating: important References: * bsc#1219660 Cross-References: * CVE-2024-24577 CVSS scores: * CVE-2024-24577 ( SUSE ): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L * CVE-2024-24577 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 An update that solves one vulnerability can now be installed. ## Description: This update for git fixes the following issues: * CVE-2024-24577: Fixed arbitrary code execution due to heap corruption in git_index_add (bsc#1219660) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-2599=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-2599=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-2599=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * git-svn-2.26.2-150000.59.1 * git-gui-2.26.2-150000.59.1 * git-debuginfo-2.26.2-150000.59.1 * git-arch-2.26.2-150000.59.1 * git-core-debuginfo-2.26.2-150000.59.1 * git-cvs-2.26.2-150000.59.1 * git-daemon-2.26.2-150000.59.1 * git-2.26.2-150000.59.1 * gitk-2.26.2-150000.59.1 * git-email-2.26.2-150000.59.1 * git-svn-debuginfo-2.26.2-150000.59.1 * git-debugsource-2.26.2-150000.59.1 * git-core-2.26.2-150000.59.1 * git-web-2.26.2-150000.59.1 * git-daemon-debuginfo-2.26.2-150000.59.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (noarch) * git-doc-2.26.2-150000.59.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * git-svn-2.26.2-150000.59.1 * git-gui-2.26.2-150000.59.1 * git-debuginfo-2.26.2-150000.59.1 * git-arch-2.26.2-150000.59.1 * git-core-debuginfo-2.26.2-150000.59.1 * git-cvs-2.26.2-150000.59.1 * git-daemon-2.26.2-150000.59.1 * git-2.26.2-150000.59.1 * gitk-2.26.2-150000.59.1 * git-email-2.26.2-150000.59.1 * git-svn-debuginfo-2.26.2-150000.59.1 * git-debugsource-2.26.2-150000.59.1 * git-core-2.26.2-150000.59.1 * git-web-2.26.2-150000.59.1 * git-daemon-debuginfo-2.26.2-150000.59.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (noarch) * git-doc-2.26.2-150000.59.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * git-svn-2.26.2-150000.59.1 * git-gui-2.26.2-150000.59.1 * git-debuginfo-2.26.2-150000.59.1 * git-arch-2.26.2-150000.59.1 * git-core-debuginfo-2.26.2-150000.59.1 * git-cvs-2.26.2-150000.59.1 * git-daemon-2.26.2-150000.59.1 * git-2.26.2-150000.59.1 * gitk-2.26.2-150000.59.1 * git-email-2.26.2-150000.59.1 * git-svn-debuginfo-2.26.2-150000.59.1 * git-debugsource-2.26.2-150000.59.1 * git-core-2.26.2-150000.59.1 * git-web-2.26.2-150000.59.1 * git-daemon-debuginfo-2.26.2-150000.59.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (noarch) * git-doc-2.26.2-150000.59.1 ## References: * https://www.suse.com/security/cve/CVE-2024-24577.html * https://bugzilla.suse.com/show_bug.cgi?id=1219660 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jul 23 08:30:25 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 23 Jul 2024 08:30:25 -0000 Subject: SUSE-SU-2024:2598-1: important: Security update for libgit2 Message-ID: <172172342545.7143.16774732440386009432@smelt2.prg2.suse.org> # Security update for libgit2 Announcement ID: SUSE-SU-2024:2598-1 Rating: important References: * bsc#1219660 Cross-References: * CVE-2024-24577 CVSS scores: * CVE-2024-24577 ( SUSE ): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L * CVE-2024-24577 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 An update that solves one vulnerability can now be installed. ## Description: This update for libgit2 fixes the following issues: * CVE-2024-24577: Fixed arbitrary code execution due to heap corruption in git_index_add (bsc#1219660) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-2598=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-2598=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-2598=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * libgit2-26-debuginfo-0.26.8-150000.3.21.1 * libgit2-26-0.26.8-150000.3.21.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * libgit2-26-debuginfo-0.26.8-150000.3.21.1 * libgit2-26-0.26.8-150000.3.21.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * libgit2-26-debuginfo-0.26.8-150000.3.21.1 * libgit2-26-0.26.8-150000.3.21.1 ## References: * https://www.suse.com/security/cve/CVE-2024-24577.html * https://bugzilla.suse.com/show_bug.cgi?id=1219660 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jul 23 08:30:28 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 23 Jul 2024 08:30:28 -0000 Subject: SUSE-SU-2024:2597-1: important: Security update for apache2 Message-ID: <172172342898.7143.321362166119009533@smelt2.prg2.suse.org> # Security update for apache2 Announcement ID: SUSE-SU-2024:2597-1 Rating: important References: * bsc#1227268 * bsc#1227269 * bsc#1227272 Cross-References: * CVE-2024-36387 * CVE-2024-38475 * CVE-2024-38476 CVSS scores: * CVE-2024-36387 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38475 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N * CVE-2024-38476 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * Server Applications Module 15-SP6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Package Hub 15 15-SP6 An update that solves three vulnerabilities can now be installed. ## Description: This update for apache2 fixes the following issues: * CVE-2024-36387: Fixed DoS by null pointer in websocket over HTTP/2 (bsc#1227272) * CVE-2024-38475: Fixed improper escaping of output in mod_rewrite (bsc#1227268) * CVE-2024-38476: Fixed server may use exploitable/malicious backend application output to run local handlers via internal redirect (bsc#1227269) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-2597=1 openSUSE-SLE-15.6-2024-2597=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-2597=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-2597=1 * Server Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2024-2597=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * apache2-event-2.4.58-150600.5.18.1 * apache2-worker-debuginfo-2.4.58-150600.5.18.1 * apache2-utils-2.4.58-150600.5.18.1 * apache2-worker-2.4.58-150600.5.18.1 * apache2-event-debuginfo-2.4.58-150600.5.18.1 * apache2-debuginfo-2.4.58-150600.5.18.1 * apache2-event-debugsource-2.4.58-150600.5.18.1 * apache2-prefork-2.4.58-150600.5.18.1 * apache2-worker-debugsource-2.4.58-150600.5.18.1 * apache2-prefork-debuginfo-2.4.58-150600.5.18.1 * apache2-2.4.58-150600.5.18.1 * apache2-prefork-debugsource-2.4.58-150600.5.18.1 * apache2-utils-debuginfo-2.4.58-150600.5.18.1 * apache2-utils-debugsource-2.4.58-150600.5.18.1 * apache2-debugsource-2.4.58-150600.5.18.1 * apache2-devel-2.4.58-150600.5.18.1 * openSUSE Leap 15.6 (noarch) * apache2-manual-2.4.58-150600.5.18.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * apache2-prefork-2.4.58-150600.5.18.1 * apache2-debuginfo-2.4.58-150600.5.18.1 * apache2-prefork-debuginfo-2.4.58-150600.5.18.1 * apache2-2.4.58-150600.5.18.1 * apache2-prefork-debugsource-2.4.58-150600.5.18.1 * apache2-debugsource-2.4.58-150600.5.18.1 * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64) * apache2-event-2.4.58-150600.5.18.1 * apache2-event-debugsource-2.4.58-150600.5.18.1 * apache2-debuginfo-2.4.58-150600.5.18.1 * apache2-debugsource-2.4.58-150600.5.18.1 * apache2-event-debuginfo-2.4.58-150600.5.18.1 * Server Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * apache2-worker-debuginfo-2.4.58-150600.5.18.1 * apache2-utils-2.4.58-150600.5.18.1 * apache2-worker-2.4.58-150600.5.18.1 * apache2-worker-debugsource-2.4.58-150600.5.18.1 * apache2-utils-debuginfo-2.4.58-150600.5.18.1 * apache2-utils-debugsource-2.4.58-150600.5.18.1 * apache2-devel-2.4.58-150600.5.18.1 ## References: * https://www.suse.com/security/cve/CVE-2024-36387.html * https://www.suse.com/security/cve/CVE-2024-38475.html * https://www.suse.com/security/cve/CVE-2024-38476.html * https://bugzilla.suse.com/show_bug.cgi?id=1227268 * https://bugzilla.suse.com/show_bug.cgi?id=1227269 * https://bugzilla.suse.com/show_bug.cgi?id=1227272 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jul 23 12:30:03 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 23 Jul 2024 12:30:03 -0000 Subject: SUSE-SU-2024:2603-1: important: Security update for shadow Message-ID: <172173780377.11248.10570940705451934240@smelt2.prg2.suse.org> # Security update for shadow Announcement ID: SUSE-SU-2024:2603-1 Rating: important References: * bsc#916845 Cross-References: * CVE-2013-4235 CVSS scores: * CVE-2013-4235 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H * CVE-2013-4235 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for shadow fixes the following issues: * CVE-2013-4235: Fixed a race condition when copying and removing directory trees (bsc#916845). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-2603=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-2603=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-2603=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * shadow-debuginfo-4.2.1-36.12.1 * shadow-debugsource-4.2.1-36.12.1 * shadow-4.2.1-36.12.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * shadow-debuginfo-4.2.1-36.12.1 * shadow-debugsource-4.2.1-36.12.1 * shadow-4.2.1-36.12.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * shadow-debuginfo-4.2.1-36.12.1 * shadow-debugsource-4.2.1-36.12.1 * shadow-4.2.1-36.12.1 ## References: * https://www.suse.com/security/cve/CVE-2013-4235.html * https://bugzilla.suse.com/show_bug.cgi?id=916845 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jul 23 20:30:10 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 23 Jul 2024 20:30:10 -0000 Subject: SUSE-SU-2024:2262-2: moderate: Security update for postgresql14 Message-ID: <172176661001.2731.2688341833224952733@smelt2.prg2.suse.org> # Security update for postgresql14 Announcement ID: SUSE-SU-2024:2262-2 Rating: moderate References: * bsc#1224038 * bsc#1224051 Cross-References: * CVE-2024-4317 CVSS scores: * CVE-2024-4317 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Products: * Legacy Module 15-SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for postgresql14 fixes the following issues: * Upgrade to 14.12 (bsc#1224051): * CVE-2024-4317: Restrict visibility of pg_stats_ext and pg_stats_ext_exprs entries to the table owner. See release notes for the steps that have to be taken to fix existing PostgreSQL instances. (bsc#1224038) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Legacy Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Legacy-15-SP6-2024-2262=1 ## Package List: * Legacy Module 15-SP6 (aarch64 ppc64le s390x x86_64) * postgresql14-debuginfo-14.12-150600.16.3.1 * postgresql14-contrib-debuginfo-14.12-150600.16.3.1 * postgresql14-debugsource-14.12-150600.16.3.1 * postgresql14-server-debuginfo-14.12-150600.16.3.1 * postgresql14-server-14.12-150600.16.3.1 * postgresql14-14.12-150600.16.3.1 * postgresql14-contrib-14.12-150600.16.3.1 ## References: * https://www.suse.com/security/cve/CVE-2024-4317.html * https://bugzilla.suse.com/show_bug.cgi?id=1224038 * https://bugzilla.suse.com/show_bug.cgi?id=1224051 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Jul 26 08:36:15 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 26 Jul 2024 08:36:15 -0000 Subject: SUSE-SU-2024:2607-1: important: Security update for giflib Message-ID: <172198297558.11103.4326629152861067106@smelt2.prg2.suse.org> # Security update for giflib Announcement ID: SUSE-SU-2024:2607-1 Rating: important References: * bsc#1198880 * bsc#1214678 Cross-References: * CVE-2022-28506 * CVE-2023-39742 CVSS scores: * CVE-2022-28506 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2022-28506 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2023-39742 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2023-39742 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 An update that solves two vulnerabilities can now be installed. ## Description: This update for giflib fixes the following issues: * CVE-2022-28506: Fixed heap buffer overflow in function DumpScreen2RGB() (bsc#1198880) * CVE-2023-39742: Fixed segmentation fault via the component getarg.c (bsc#1214678) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-2607=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-2607=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-2607=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-2607=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * giflib-devel-5.0.5-13.6.1 * giflib-debugsource-5.0.5-13.6.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * giflib-progs-debuginfo-5.0.5-13.6.1 * libgif6-debuginfo-5.0.5-13.6.1 * giflib-debugsource-5.0.5-13.6.1 * libgif6-5.0.5-13.6.1 * giflib-progs-5.0.5-13.6.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (x86_64) * libgif6-debuginfo-32bit-5.0.5-13.6.1 * libgif6-32bit-5.0.5-13.6.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * giflib-progs-debuginfo-5.0.5-13.6.1 * libgif6-debuginfo-5.0.5-13.6.1 * giflib-debugsource-5.0.5-13.6.1 * libgif6-5.0.5-13.6.1 * giflib-progs-5.0.5-13.6.1 * SUSE Linux Enterprise Server 12 SP5 (s390x x86_64) * libgif6-debuginfo-32bit-5.0.5-13.6.1 * libgif6-32bit-5.0.5-13.6.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * giflib-progs-debuginfo-5.0.5-13.6.1 * libgif6-debuginfo-5.0.5-13.6.1 * giflib-debugsource-5.0.5-13.6.1 * libgif6-5.0.5-13.6.1 * giflib-progs-5.0.5-13.6.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (x86_64) * libgif6-debuginfo-32bit-5.0.5-13.6.1 * libgif6-32bit-5.0.5-13.6.1 ## References: * https://www.suse.com/security/cve/CVE-2022-28506.html * https://www.suse.com/security/cve/CVE-2023-39742.html * https://bugzilla.suse.com/show_bug.cgi?id=1198880 * https://bugzilla.suse.com/show_bug.cgi?id=1214678 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Jul 26 08:36:16 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 26 Jul 2024 08:36:16 -0000 Subject: SUSE-SU-2024:2605-1: moderate: Security update for python-dnspython Message-ID: <172198297636.11103.8683428316660865094@smelt2.prg2.suse.org> # Security update for python-dnspython Announcement ID: SUSE-SU-2024:2605-1 Rating: moderate References: * bsc#1222693 Cross-References: * CVE-2023-29483 CVSS scores: * CVE-2023-29483 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Public Cloud Module 12 * SUSE Linux Enterprise High Performance Computing 12 SP2 * SUSE Linux Enterprise High Performance Computing 12 SP3 * SUSE Linux Enterprise High Performance Computing 12 SP4 * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 * SUSE Linux Enterprise Server 12 SP1 * SUSE Linux Enterprise Server 12 SP2 * SUSE Linux Enterprise Server 12 SP3 * SUSE Linux Enterprise Server 12 SP4 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 * SUSE Linux Enterprise Server for SAP Applications 12 SP1 * SUSE Linux Enterprise Server for SAP Applications 12 SP2 * SUSE Linux Enterprise Server for SAP Applications 12 SP3 * SUSE Linux Enterprise Server for SAP Applications 12 SP4 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for python-dnspython fixes the following issues: * CVE-2023-29483: Fixed an issue that allowed remote attackers to interfere with DNS name resolution (bsc#1222693). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Public Cloud Module 12 zypper in -t patch SUSE-SLE-Module-Public-Cloud-12-2024-2605=1 ## Package List: * Public Cloud Module 12 (noarch) * python3-dnspython-1.12.0-9.13.1 * python-dnspython-1.12.0-9.13.1 ## References: * https://www.suse.com/security/cve/CVE-2023-29483.html * https://bugzilla.suse.com/show_bug.cgi?id=1222693 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jul 29 12:36:06 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 29 Jul 2024 12:36:06 -0000 Subject: SUSE-SU-2024:2616-1: important: Security update for python-Django Message-ID: <172225656629.11768.2664143346495765249@smelt2.prg2.suse.org> # Security update for python-Django Announcement ID: SUSE-SU-2024:2616-1 Rating: important References: Affected Products: * openSUSE Leap 15.5 An update that can now be installed. ## Description: This update for python-Django fixes the following issues: * Fixed regression in previous CVE fixes that made the package not work with Python 3.6 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-2616=1 ## Package List: * openSUSE Leap 15.5 (noarch) * python3-Django-2.0.7-150000.1.23.1 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jul 29 12:39:07 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 29 Jul 2024 12:39:07 -0000 Subject: SUSE-SU-2024:2616-1: important: Security update for python-Django Message-ID: <172225674749.11326.9175998319035574153@smelt2.prg2.suse.org> # Security update for python-Django Announcement ID: SUSE-SU-2024:2616-1 Rating: important References: Affected Products: * openSUSE Leap 15.5 An update that can now be installed. ## Description: This update for python-Django fixes the following issues: * Fixed regression in previous CVE fixes that made the package not work with Python 3.6 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-2616=1 ## Package List: * openSUSE Leap 15.5 (noarch) * python3-Django-2.0.7-150000.1.23.1 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jul 29 16:30:00 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 29 Jul 2024 16:30:00 -0000 Subject: SUSE-SU-2024:2616-1: important: Security update for python-Django Message-ID: <172227060086.6452.13898295578323278556@smelt2.prg2.suse.org> # Security update for python-Django Announcement ID: SUSE-SU-2024:2616-1 Rating: important References: Affected Products: * openSUSE Leap 15.5 An update that can now be installed. ## Description: This update for python-Django fixes the following issues: * Fixed regression in previous CVE fixes that made the package not work with Python 3.6 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-2616=1 ## Package List: * openSUSE Leap 15.5 (noarch) * python3-Django-2.0.7-150000.1.23.1 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jul 29 16:33:04 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 29 Jul 2024 16:33:04 -0000 Subject: SUSE-SU-2024:2616-1: important: Security update for python-Django Message-ID: <172227078472.7546.13410492766846899079@smelt2.prg2.suse.org> # Security update for python-Django Announcement ID: SUSE-SU-2024:2616-1 Rating: important References: Affected Products: * openSUSE Leap 15.5 An update that can now be installed. ## Description: This update for python-Django fixes the following issues: * Fixed regression in previous CVE fixes that made the package not work with Python 3.6 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-2616=1 ## Package List: * openSUSE Leap 15.5 (noarch) * python3-Django-2.0.7-150000.1.23.1 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jul 29 16:36:05 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 29 Jul 2024 16:36:05 -0000 Subject: SUSE-SU-2024:2616-1: important: Security update for python-Django Message-ID: <172227096599.7546.14469522592518215690@smelt2.prg2.suse.org> # Security update for python-Django Announcement ID: SUSE-SU-2024:2616-1 Rating: important References: Affected Products: * openSUSE Leap 15.5 An update that can now be installed. ## Description: This update for python-Django fixes the following issues: * Fixed regression in previous CVE fixes that made the package not work with Python 3.6 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-2616=1 ## Package List: * openSUSE Leap 15.5 (noarch) * python3-Django-2.0.7-150000.1.23.1 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jul 29 16:36:24 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 29 Jul 2024 16:36:24 -0000 Subject: SUSE-SU-2024:2612-1: important: Security update for gtk3 Message-ID: <172227098494.7546.13341919552420717752@smelt2.prg2.suse.org> # Security update for gtk3 Announcement ID: SUSE-SU-2024:2612-1 Rating: important References: * bsc#1228120 Cross-References: * CVE-2024-6655 CVSS scores: * CVE-2024-6655 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for gtk3 fixes the following issues: * CVE-2024-6655: Fixed library injection from current working directory (bsc#1228120) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-2612=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-2612=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-2612=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-2612=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * gtk3-devel-3.20.10-17.16.1 * gtk3-debugsource-3.20.10-17.16.1 * gtk3-devel-debuginfo-3.20.10-17.16.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (noarch) * gtk3-data-3.20.10-17.16.1 * gtk3-lang-3.20.10-17.16.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * libgtk-3-0-3.20.10-17.16.1 * gtk3-debugsource-3.20.10-17.16.1 * gtk3-tools-debuginfo-3.20.10-17.16.1 * libgtk-3-0-debuginfo-3.20.10-17.16.1 * gtk3-tools-3.20.10-17.16.1 * typelib-1_0-Gtk-3_0-3.20.10-17.16.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (x86_64) * gtk3-tools-32bit-3.20.10-17.16.1 * libgtk-3-0-debuginfo-32bit-3.20.10-17.16.1 * gtk3-tools-debuginfo-32bit-3.20.10-17.16.1 * libgtk-3-0-32bit-3.20.10-17.16.1 * SUSE Linux Enterprise Server 12 SP5 (noarch) * gtk3-data-3.20.10-17.16.1 * gtk3-lang-3.20.10-17.16.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * libgtk-3-0-3.20.10-17.16.1 * gtk3-debugsource-3.20.10-17.16.1 * gtk3-tools-debuginfo-3.20.10-17.16.1 * libgtk-3-0-debuginfo-3.20.10-17.16.1 * gtk3-tools-3.20.10-17.16.1 * typelib-1_0-Gtk-3_0-3.20.10-17.16.1 * SUSE Linux Enterprise Server 12 SP5 (s390x x86_64) * gtk3-tools-32bit-3.20.10-17.16.1 * libgtk-3-0-debuginfo-32bit-3.20.10-17.16.1 * gtk3-tools-debuginfo-32bit-3.20.10-17.16.1 * libgtk-3-0-32bit-3.20.10-17.16.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (noarch) * gtk3-data-3.20.10-17.16.1 * gtk3-lang-3.20.10-17.16.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * libgtk-3-0-3.20.10-17.16.1 * gtk3-debugsource-3.20.10-17.16.1 * gtk3-tools-debuginfo-3.20.10-17.16.1 * libgtk-3-0-debuginfo-3.20.10-17.16.1 * gtk3-tools-3.20.10-17.16.1 * typelib-1_0-Gtk-3_0-3.20.10-17.16.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (x86_64) * gtk3-tools-32bit-3.20.10-17.16.1 * libgtk-3-0-debuginfo-32bit-3.20.10-17.16.1 * gtk3-tools-debuginfo-32bit-3.20.10-17.16.1 * libgtk-3-0-32bit-3.20.10-17.16.1 ## References: * https://www.suse.com/security/cve/CVE-2024-6655.html * https://bugzilla.suse.com/show_bug.cgi?id=1228120 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jul 29 16:36:27 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 29 Jul 2024 16:36:27 -0000 Subject: SUSE-SU-2024:2611-1: important: Security update for gtk2 Message-ID: <172227098722.7546.11828235992268334895@smelt2.prg2.suse.org> # Security update for gtk2 Announcement ID: SUSE-SU-2024:2611-1 Rating: important References: * bsc#1228120 Cross-References: * CVE-2024-6655 CVSS scores: * CVE-2024-6655 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 * SUSE Linux Enterprise Workstation Extension 12 12-SP5 An update that solves one vulnerability can now be installed. ## Description: This update for gtk2 fixes the following issues: * CVE-2024-6655: Fixed library injection from current working directory (bsc#1228120) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-2611=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-2611=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-2611=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-2611=1 * SUSE Linux Enterprise Workstation Extension 12 12-SP5 zypper in -t patch SUSE-SLE-WE-12-SP5-2024-2611=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * gtk2-devel-2.24.31-9.9.1 * typelib-1_0-Gtk-2_0-2.24.31-9.9.1 * gtk2-devel-debuginfo-2.24.31-9.9.1 * gtk2-debugsource-2.24.31-9.9.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (noarch) * gtk2-data-2.24.31-9.9.1 * gtk2-lang-2.24.31-9.9.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * libgtk-2_0-0-debuginfo-2.24.31-9.9.1 * libgtk-2_0-0-2.24.31-9.9.1 * gtk2-tools-debuginfo-2.24.31-9.9.1 * gtk2-tools-2.24.31-9.9.1 * gtk2-debugsource-2.24.31-9.9.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (x86_64) * libgtk-2_0-0-32bit-2.24.31-9.9.1 * libgtk-2_0-0-debuginfo-32bit-2.24.31-9.9.1 * gtk2-tools-debuginfo-32bit-2.24.31-9.9.1 * gtk2-tools-32bit-2.24.31-9.9.1 * SUSE Linux Enterprise Server 12 SP5 (noarch) * gtk2-data-2.24.31-9.9.1 * gtk2-lang-2.24.31-9.9.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * libgtk-2_0-0-debuginfo-2.24.31-9.9.1 * libgtk-2_0-0-2.24.31-9.9.1 * gtk2-tools-debuginfo-2.24.31-9.9.1 * gtk2-tools-2.24.31-9.9.1 * gtk2-debugsource-2.24.31-9.9.1 * SUSE Linux Enterprise Server 12 SP5 (s390x x86_64) * libgtk-2_0-0-32bit-2.24.31-9.9.1 * libgtk-2_0-0-debuginfo-32bit-2.24.31-9.9.1 * gtk2-tools-debuginfo-32bit-2.24.31-9.9.1 * gtk2-tools-32bit-2.24.31-9.9.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (noarch) * gtk2-data-2.24.31-9.9.1 * gtk2-lang-2.24.31-9.9.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * libgtk-2_0-0-debuginfo-2.24.31-9.9.1 * libgtk-2_0-0-2.24.31-9.9.1 * gtk2-tools-debuginfo-2.24.31-9.9.1 * gtk2-tools-2.24.31-9.9.1 * gtk2-debugsource-2.24.31-9.9.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (x86_64) * libgtk-2_0-0-32bit-2.24.31-9.9.1 * libgtk-2_0-0-debuginfo-32bit-2.24.31-9.9.1 * gtk2-tools-debuginfo-32bit-2.24.31-9.9.1 * gtk2-tools-32bit-2.24.31-9.9.1 * SUSE Linux Enterprise Workstation Extension 12 12-SP5 (x86_64) * typelib-1_0-Gtk-2_0-2.24.31-9.9.1 * gtk2-debugsource-2.24.31-9.9.1 ## References: * https://www.suse.com/security/cve/CVE-2024-6655.html * https://bugzilla.suse.com/show_bug.cgi?id=1228120 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jul 29 16:36:28 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 29 Jul 2024 16:36:28 -0000 Subject: SUSE-SU-2024:2610-1: important: Security update for libgit2 Message-ID: <172227098800.7546.6765608948171150256@smelt2.prg2.suse.org> # Security update for libgit2 Announcement ID: SUSE-SU-2024:2610-1 Rating: important References: * bsc#1219660 Cross-References: * CVE-2024-24577 CVSS scores: * CVE-2024-24577 ( SUSE ): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L * CVE-2024-24577 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Manager Server 4.3 * SUSE Manager Server 4.3 Module 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for libgit2 fixes the following issues: * CVE-2024-24577: Fixed arbitrary code execution due to heap corruption in git_index_add (bsc#1219660) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Server 4.3 Module 4.3 zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Server-4.3-2024-2610=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-2610=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-2610=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-2610=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-2610=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-2610=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-2610=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-2610=1 ## Package List: * SUSE Manager Server 4.3 Module 4.3 (aarch64 ppc64le s390x x86_64) * libgit2-28-0.28.4-150200.3.9.1 * libgit2-28-debuginfo-0.28.4-150200.3.9.1 * libgit2-debugsource-0.28.4-150200.3.9.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * libgit2-28-0.28.4-150200.3.9.1 * libgit2-devel-0.28.4-150200.3.9.1 * libgit2-28-debuginfo-0.28.4-150200.3.9.1 * libgit2-debugsource-0.28.4-150200.3.9.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * libgit2-28-0.28.4-150200.3.9.1 * libgit2-devel-0.28.4-150200.3.9.1 * libgit2-28-debuginfo-0.28.4-150200.3.9.1 * libgit2-debugsource-0.28.4-150200.3.9.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * libgit2-28-0.28.4-150200.3.9.1 * libgit2-devel-0.28.4-150200.3.9.1 * libgit2-28-debuginfo-0.28.4-150200.3.9.1 * libgit2-debugsource-0.28.4-150200.3.9.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * libgit2-28-0.28.4-150200.3.9.1 * libgit2-devel-0.28.4-150200.3.9.1 * libgit2-28-debuginfo-0.28.4-150200.3.9.1 * libgit2-debugsource-0.28.4-150200.3.9.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * libgit2-28-0.28.4-150200.3.9.1 * libgit2-devel-0.28.4-150200.3.9.1 * libgit2-28-debuginfo-0.28.4-150200.3.9.1 * libgit2-debugsource-0.28.4-150200.3.9.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * libgit2-28-0.28.4-150200.3.9.1 * libgit2-devel-0.28.4-150200.3.9.1 * libgit2-28-debuginfo-0.28.4-150200.3.9.1 * libgit2-debugsource-0.28.4-150200.3.9.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * libgit2-28-0.28.4-150200.3.9.1 * libgit2-devel-0.28.4-150200.3.9.1 * libgit2-28-debuginfo-0.28.4-150200.3.9.1 * libgit2-debugsource-0.28.4-150200.3.9.1 ## References: * https://www.suse.com/security/cve/CVE-2024-24577.html * https://bugzilla.suse.com/show_bug.cgi?id=1219660 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jul 30 08:36:13 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 30 Jul 2024 08:36:13 -0000 Subject: SUSE-SU-2024:2639-1: moderate: Security update for kubevirt, virt-api-container, virt-controller-container, virt-exportproxy-container, virt-exportserver-container, virt-handler-container, virt-launcher-container, virt-libguestfs-t Message-ID: <172232857303.29307.11918483608516906616@smelt2.prg2.suse.org> # Security update for kubevirt, virt-api-container, virt-controller-container, virt-exportproxy-container, virt-exportserver-container, virt-handler-container, virt-launcher-container, virt-libguestfs-t Announcement ID: SUSE-SU-2024:2639-1 Rating: moderate References: Affected Products: * Containers Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that can now be installed. ## Description: This update for kubevirt, virt-api-container, virt-controller-container, virt- exportproxy-container, virt-exportserver-container, virt-handler-container, virt-launcher-container, virt-libguestfs-tools-container, virt-operator- container, virt-pr-helper-container fixes the following issues: * Update to version 1.2.2 Release notes https://github.com/kubevirt/kubevirt/releases/tag/v1.2.2 Release notes https://github.com/kubevirt/kubevirt/releases/tag/v1.2.1 Release notes https://github.com/kubevirt/kubevirt/releases/tag/v1.2.0 * Use predefined configuration files for libvirt * Install psmisc (provides killall for tests) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-2639=1 openSUSE-SLE-15.6-2024-2639=1 * Containers Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Containers-15-SP6-2024-2639=1 ## Package List: * openSUSE Leap 15.6 (x86_64) * kubevirt-tests-1.2.2-150600.5.6.1 * kubevirt-virt-api-1.2.2-150600.5.6.1 * kubevirt-container-disk-1.2.2-150600.5.6.1 * kubevirt-virt-exportproxy-1.2.2-150600.5.6.1 * kubevirt-virt-exportserver-1.2.2-150600.5.6.1 * kubevirt-pr-helper-conf-1.2.2-150600.5.6.1 * kubevirt-virt-api-debuginfo-1.2.2-150600.5.6.1 * kubevirt-virt-launcher-debuginfo-1.2.2-150600.5.6.1 * kubevirt-virt-launcher-1.2.2-150600.5.6.1 * kubevirt-virt-handler-debuginfo-1.2.2-150600.5.6.1 * kubevirt-virt-controller-1.2.2-150600.5.6.1 * kubevirt-virt-handler-1.2.2-150600.5.6.1 * kubevirt-virt-exportproxy-debuginfo-1.2.2-150600.5.6.1 * kubevirt-virt-controller-debuginfo-1.2.2-150600.5.6.1 * kubevirt-virt-operator-1.2.2-150600.5.6.1 * kubevirt-virt-operator-debuginfo-1.2.2-150600.5.6.1 * kubevirt-virt-exportserver-debuginfo-1.2.2-150600.5.6.1 * kubevirt-virtctl-debuginfo-1.2.2-150600.5.6.1 * kubevirt-container-disk-debuginfo-1.2.2-150600.5.6.1 * kubevirt-tests-debuginfo-1.2.2-150600.5.6.1 * kubevirt-virtctl-1.2.2-150600.5.6.1 * obs-service-kubevirt_containers_meta-1.2.2-150600.5.6.1 * kubevirt-manifests-1.2.2-150600.5.6.1 * Containers Module 15-SP6 (x86_64) * kubevirt-virtctl-1.2.2-150600.5.6.1 * kubevirt-manifests-1.2.2-150600.5.6.1 * kubevirt-virtctl-debuginfo-1.2.2-150600.5.6.1 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jul 30 08:36:14 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 30 Jul 2024 08:36:14 -0000 Subject: SUSE-SU-2024:2638-1: moderate: Security update for cdi-apiserver-container, cdi-cloner-container, cdi-controller-container, cdi-importer-container, cdi-operator-container, cdi-uploadproxy-container, cdi-uploadserver-container, cont Message-ID: <172232857439.29307.12561951843666501611@smelt2.prg2.suse.org> # Security update for cdi-apiserver-container, cdi-cloner-container, cdi- controller-container, cdi-importer-container, cdi-operator-container, cdi- uploadproxy-container, cdi-uploadserver-container, cont Announcement ID: SUSE-SU-2024:2638-1 Rating: moderate References: Affected Products: * Containers Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that can now be installed. ## Description: This update for cdi-apiserver-container, cdi-cloner-container, cdi-controller- container, cdi-importer-container, cdi-operator-container, cdi-uploadproxy- container, cdi-uploadserver-container, containerized-data-importer fixes the following issues: Update to version 1.59.0 * Release notes https://github.com/kubevirt/containerized-data- importer/releases/tag/v1.59.0 * Release notes https://github.com/kubevirt/containerized-data- importer/releases/tag/v1.58.1 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Containers Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Containers-15-SP6-2024-2638=1 * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-2638=1 openSUSE-SLE-15.6-2024-2638=1 ## Package List: * Containers Module 15-SP6 (x86_64) * containerized-data-importer-manifests-1.59.0-150600.3.6.1 * openSUSE Leap 15.6 (x86_64) * containerized-data-importer-cloner-1.59.0-150600.3.6.1 * containerized-data-importer-uploadserver-debuginfo-1.59.0-150600.3.6.1 * containerized-data-importer-operator-debuginfo-1.59.0-150600.3.6.1 * containerized-data-importer-controller-1.59.0-150600.3.6.1 * containerized-data-importer-operator-1.59.0-150600.3.6.1 * containerized-data-importer-uploadproxy-1.59.0-150600.3.6.1 * containerized-data-importer-uploadserver-1.59.0-150600.3.6.1 * containerized-data-importer-importer-1.59.0-150600.3.6.1 * obs-service-cdi_containers_meta-1.59.0-150600.3.6.1 * containerized-data-importer-manifests-1.59.0-150600.3.6.1 * containerized-data-importer-importer-debuginfo-1.59.0-150600.3.6.1 * containerized-data-importer-uploadproxy-debuginfo-1.59.0-150600.3.6.1 * containerized-data-importer-controller-debuginfo-1.59.0-150600.3.6.1 * containerized-data-importer-api-1.59.0-150600.3.6.1 * containerized-data-importer-cloner-debuginfo-1.59.0-150600.3.6.1 * containerized-data-importer-api-debuginfo-1.59.0-150600.3.6.1 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jul 30 08:36:23 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 30 Jul 2024 08:36:23 -0000 Subject: SUSE-SU-2024:2636-1: important: Security update for bind Message-ID: <172232858325.29307.726153160921272723@smelt2.prg2.suse.org> # Security update for bind Announcement ID: SUSE-SU-2024:2636-1 Rating: important References: * bsc#1228255 * bsc#1228256 * bsc#1228257 * bsc#1228258 Cross-References: * CVE-2024-0760 * CVE-2024-1737 * CVE-2024-1975 * CVE-2024-4076 CVSS scores: * CVE-2024-0760 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-1737 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-1975 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-4076 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * Server Applications Module 15-SP6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves four vulnerabilities can now be installed. ## Description: This update for bind fixes the following issues: Update to release 9.18.28 Security fixes: * CVE-2024-0760: Fixed a flood of DNS messages over TCP may make the server unstable (bsc#1228255) * CVE-2024-1737: Fixed BIND's database will be slow if a very large number of RRs exist at the same name (bsc#1228256) * CVE-2024-1975: Fixed SIG(0) can be used to exhaust CPU resources (bsc#1228257) * CVE-2024-4076: Fixed assertion failure when serving both stale cache data and authoritative zone content (bsc#1228258) Changelog: * Command-line options for IPv4-only (named -4) and IPv6-only (named -6) modes are now respected for zone primaries, also-notify, and parental-agents. * An RPZ response?s SOA record TTL was set to 1 instead of the SOA TTL, if add-soa was used. This has been fixed. * When a query related to zone maintenance (NOTIFY, SOA) timed out close to a view shutdown (triggered e.g. by rndc reload), named could crash with an assertion failure. This has been fixed. * The statistics channel counters that indicated the number of currently connected TCP IPv4/IPv6 clients were not properly adjusted in certain failure scenarios. This has been fixed. * Some servers that could not be reached due to EHOSTDOWN or ENETDOWN conditions were incorrectly prioritized during server selection. These are now properly handled as unreachable. * On some systems the libuv call may return an error code when sending a TCP reset for a connection, which triggers an assertion failure in named. This error condition is now dealt with in a more graceful manner, by logging the incident and shutting down the connection. * Changes to listen-on statements were ignored on reconfiguration unless the port or interface address was changed, making it impossible to change a related listener transport type. That issue has been fixed. * A bug in the keymgr code unintentionally slowed down some DNSSEC key rollovers. This has been fixed. * Some ISO 8601 durations were accepted erroneously, leading to shorter durations than expected. This has been fixed * A regression in cache-cleaning code enabled memory use to grow significantly more quickly than before, until the configured max-cache-size limit was reached. This has been fixed. * Using rndc flush inadvertently caused cache cleaning to become less effective. This could ultimately lead to the configured max-cache-size limit being exceeded and has now been fixed. * The logic for cleaning up expired cached DNS records was tweaked to be more aggressive. This change helps with enforcing max-cache-ttl and max-ncache- ttl in a timely manner. * It was possible to trigger a use-after-free assertion when the overmem cache cleaning was initiated. This has been fixed. New Features: * A new option signatures-jitter has been added to dnssec-policy to allow signature expirations to be spread out over a period of time. * The statistics channel now includes counters that indicate the number of currently connected TCP IPv4/IPv6 clients. * Added RESOLVER.ARPA to the built in empty zones. Feature Changes: * DNSSEC signatures that are not valid because the current time falls outside the signature inception and expiration dates are skipped instead of causing an immediate validation failure. Security Fixes: * A malicious DNS client that sent many queries over TCP but never read the responses could cause a server to respond slowly or not at all for other clients. This has been fixed. (CVE-2024-0760) * It is possible to craft excessively large resource records sets, which have the effect of slowing down database processing. This has been addressed by adding a configurable limit to the number of records that can be stored per name and type in a cache or zone database. The default is 100, which can be tuned with the new max-records-per-type option. * It is possible to craft excessively large numbers of resource record types for a given owner name, which has the effect of slowing down database processing. This has been addressed by adding a configurable limit to the number of records that can be stored per name and type in a cache or zone database. The default is 100, which can be tuned with the new max-types-per- name option. (CVE-2024-1737) * Validating DNS messages signed using the SIG(0) protocol (RFC 2931) could cause excessive CPU load, leading to a denial-of-service condition. Support for SIG(0) message validation was removed from this version of named. (CVE-2024-1975) * Due to a logic error, lookups that triggered serving stale data and required lookups in local authoritative zone data could have resulted in an assertion failure. This has been fixed. * Potential data races were found in our DoH implementation, related to HTTP/2 session object management and endpoints set object management after reconfiguration. These issues have been fixed. * When looking up the NS records of parent zones as part of looking up DS records, it was possible for named to trigger an assertion failure if serve- stale was enabled. This has been fixed. (CVE-2024-4076) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Server Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2024-2636=1 * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-2636=1 openSUSE-SLE-15.6-2024-2636=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-2636=1 ## Package List: * Server Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * bind-debugsource-9.18.28-150600.3.3.1 * bind-debuginfo-9.18.28-150600.3.3.1 * bind-9.18.28-150600.3.3.1 * Server Applications Module 15-SP6 (noarch) * bind-doc-9.18.28-150600.3.3.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * bind-utils-debuginfo-9.18.28-150600.3.3.1 * bind-debuginfo-9.18.28-150600.3.3.1 * bind-utils-9.18.28-150600.3.3.1 * bind-9.18.28-150600.3.3.1 * bind-debugsource-9.18.28-150600.3.3.1 * openSUSE Leap 15.6 (noarch) * bind-doc-9.18.28-150600.3.3.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * bind-utils-debuginfo-9.18.28-150600.3.3.1 * bind-debugsource-9.18.28-150600.3.3.1 * bind-debuginfo-9.18.28-150600.3.3.1 * bind-utils-9.18.28-150600.3.3.1 ## References: * https://www.suse.com/security/cve/CVE-2024-0760.html * https://www.suse.com/security/cve/CVE-2024-1737.html * https://www.suse.com/security/cve/CVE-2024-1975.html * https://www.suse.com/security/cve/CVE-2024-4076.html * https://bugzilla.suse.com/show_bug.cgi?id=1228255 * https://bugzilla.suse.com/show_bug.cgi?id=1228256 * https://bugzilla.suse.com/show_bug.cgi?id=1228257 * https://bugzilla.suse.com/show_bug.cgi?id=1228258 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jul 30 08:36:28 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 30 Jul 2024 08:36:28 -0000 Subject: SUSE-SU-2024:2635-1: important: Security update for openssl-3 Message-ID: <172232858885.29307.95195251974664136@smelt2.prg2.suse.org> # Security update for openssl-3 Announcement ID: SUSE-SU-2024:2635-1 Rating: important References: * bsc#1222899 * bsc#1223336 * bsc#1226463 * bsc#1227138 Cross-References: * CVE-2024-5535 CVSS scores: * CVE-2024-5535 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability and has three security fixes can now be installed. ## Description: This update for openssl-3 fixes the following issues: Security fixes: * CVE-2024-5535: Fixed SSL_select_next_proto buffer overread (bsc#1227138) Other fixes: * Build with no-afalgeng (bsc#1226463) * Build with enabled sm2 and sm4 support (bsc#1222899) * Fix non-reproducibility issue (bsc#1223336) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-2635=1 openSUSE-SLE-15.6-2024-2635=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-2635=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * libopenssl3-debuginfo-3.1.4-150600.5.10.1 * openssl-3-debugsource-3.1.4-150600.5.10.1 * openssl-3-3.1.4-150600.5.10.1 * libopenssl-3-fips-provider-debuginfo-3.1.4-150600.5.10.1 * libopenssl-3-fips-provider-3.1.4-150600.5.10.1 * openssl-3-debuginfo-3.1.4-150600.5.10.1 * libopenssl-3-devel-3.1.4-150600.5.10.1 * libopenssl3-3.1.4-150600.5.10.1 * openSUSE Leap 15.6 (x86_64) * libopenssl3-32bit-3.1.4-150600.5.10.1 * libopenssl-3-fips-provider-32bit-3.1.4-150600.5.10.1 * libopenssl-3-fips-provider-32bit-debuginfo-3.1.4-150600.5.10.1 * libopenssl-3-devel-32bit-3.1.4-150600.5.10.1 * libopenssl3-32bit-debuginfo-3.1.4-150600.5.10.1 * openSUSE Leap 15.6 (noarch) * openssl-3-doc-3.1.4-150600.5.10.1 * openSUSE Leap 15.6 (aarch64_ilp32) * libopenssl-3-fips-provider-64bit-debuginfo-3.1.4-150600.5.10.1 * libopenssl3-64bit-3.1.4-150600.5.10.1 * libopenssl-3-fips-provider-64bit-3.1.4-150600.5.10.1 * libopenssl3-64bit-debuginfo-3.1.4-150600.5.10.1 * libopenssl-3-devel-64bit-3.1.4-150600.5.10.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libopenssl3-debuginfo-3.1.4-150600.5.10.1 * openssl-3-debugsource-3.1.4-150600.5.10.1 * openssl-3-3.1.4-150600.5.10.1 * libopenssl-3-fips-provider-debuginfo-3.1.4-150600.5.10.1 * libopenssl-3-fips-provider-3.1.4-150600.5.10.1 * openssl-3-debuginfo-3.1.4-150600.5.10.1 * libopenssl-3-devel-3.1.4-150600.5.10.1 * libopenssl3-3.1.4-150600.5.10.1 * Basesystem Module 15-SP6 (x86_64) * libopenssl-3-fips-provider-32bit-3.1.4-150600.5.10.1 * libopenssl-3-fips-provider-32bit-debuginfo-3.1.4-150600.5.10.1 * libopenssl3-32bit-debuginfo-3.1.4-150600.5.10.1 * libopenssl3-32bit-3.1.4-150600.5.10.1 ## References: * https://www.suse.com/security/cve/CVE-2024-5535.html * https://bugzilla.suse.com/show_bug.cgi?id=1222899 * https://bugzilla.suse.com/show_bug.cgi?id=1223336 * https://bugzilla.suse.com/show_bug.cgi?id=1226463 * https://bugzilla.suse.com/show_bug.cgi?id=1227138 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jul 30 08:36:31 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 30 Jul 2024 08:36:31 -0000 Subject: SUSE-SU-2024:2634-1: important: Security update for gtk2 Message-ID: <172232859195.29307.15677428990167274731@smelt2.prg2.suse.org> # Security update for gtk2 Announcement ID: SUSE-SU-2024:2634-1 Rating: important References: * bsc#1228120 Cross-References: * CVE-2024-6655 CVSS scores: * CVE-2024-6655 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP6 * Desktop Applications Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for gtk2 fixes the following issues: * CVE-2024-6655: Fixed library injection from current working directory (bsc#1228120) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-2634=1 * Desktop Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2024-2634=1 * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-2634=1 openSUSE-SLE-15.6-2024-2634=1 ## Package List: * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libgtk-2_0-0-2.24.33-150600.11.3.1 * gtk2-tools-debuginfo-2.24.33-150600.11.3.1 * typelib-1_0-Gtk-2_0-2.24.33-150600.11.3.1 * gtk2-debugsource-2.24.33-150600.11.3.1 * gtk2-devel-2.24.33-150600.11.3.1 * gtk2-tools-2.24.33-150600.11.3.1 * libgtk-2_0-0-debuginfo-2.24.33-150600.11.3.1 * gtk2-devel-debuginfo-2.24.33-150600.11.3.1 * Basesystem Module 15-SP6 (noarch) * gtk2-lang-2.24.33-150600.11.3.1 * Desktop Applications Module 15-SP6 (noarch) * gtk2-data-2.24.33-150600.11.3.1 * Desktop Applications Module 15-SP6 (x86_64) * gtk2-tools-32bit-debuginfo-2.24.33-150600.11.3.1 * gtk2-tools-32bit-2.24.33-150600.11.3.1 * libgtk-2_0-0-32bit-debuginfo-2.24.33-150600.11.3.1 * gtk2-debugsource-2.24.33-150600.11.3.1 * libgtk-2_0-0-32bit-2.24.33-150600.11.3.1 * openSUSE Leap 15.6 (noarch) * gtk2-data-2.24.33-150600.11.3.1 * gtk2-lang-2.24.33-150600.11.3.1 * gtk2-branding-upstream-2.24.33-150600.11.3.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * gtk2-immodule-inuktitut-debuginfo-2.24.33-150600.11.3.1 * typelib-1_0-Gtk-2_0-2.24.33-150600.11.3.1 * gtk2-immodule-xim-debuginfo-2.24.33-150600.11.3.1 * gtk2-immodule-amharic-debuginfo-2.24.33-150600.11.3.1 * libgtk-2_0-0-debuginfo-2.24.33-150600.11.3.1 * gtk2-immodule-tigrigna-debuginfo-2.24.33-150600.11.3.1 * gtk2-tools-debuginfo-2.24.33-150600.11.3.1 * gtk2-tools-2.24.33-150600.11.3.1 * gtk2-immodule-multipress-debuginfo-2.24.33-150600.11.3.1 * gtk2-immodule-thai-2.24.33-150600.11.3.1 * gtk2-devel-debuginfo-2.24.33-150600.11.3.1 * gtk2-immodule-vietnamese-2.24.33-150600.11.3.1 * libgtk-2_0-0-2.24.33-150600.11.3.1 * gtk2-debugsource-2.24.33-150600.11.3.1 * gtk2-immodule-thai-debuginfo-2.24.33-150600.11.3.1 * gtk2-immodule-tigrigna-2.24.33-150600.11.3.1 * gtk2-immodule-amharic-2.24.33-150600.11.3.1 * gtk2-immodule-multipress-2.24.33-150600.11.3.1 * gtk2-immodule-vietnamese-debuginfo-2.24.33-150600.11.3.1 * gtk2-devel-2.24.33-150600.11.3.1 * gtk2-immodule-xim-2.24.33-150600.11.3.1 * gtk2-immodule-inuktitut-2.24.33-150600.11.3.1 * openSUSE Leap 15.6 (x86_64) * gtk2-immodule-inuktitut-32bit-debuginfo-2.24.33-150600.11.3.1 * gtk2-immodule-xim-32bit-debuginfo-2.24.33-150600.11.3.1 * gtk2-immodule-inuktitut-32bit-2.24.33-150600.11.3.1 * gtk2-immodule-amharic-32bit-debuginfo-2.24.33-150600.11.3.1 * gtk2-immodule-multipress-32bit-debuginfo-2.24.33-150600.11.3.1 * gtk2-immodule-thai-32bit-2.24.33-150600.11.3.1 * gtk2-tools-32bit-2.24.33-150600.11.3.1 * gtk2-devel-32bit-2.24.33-150600.11.3.1 * gtk2-immodule-multipress-32bit-2.24.33-150600.11.3.1 * gtk2-immodule-xim-32bit-2.24.33-150600.11.3.1 * gtk2-tools-32bit-debuginfo-2.24.33-150600.11.3.1 * gtk2-devel-32bit-debuginfo-2.24.33-150600.11.3.1 * gtk2-immodule-vietnamese-32bit-2.24.33-150600.11.3.1 * libgtk-2_0-0-32bit-debuginfo-2.24.33-150600.11.3.1 * gtk2-immodule-vietnamese-32bit-debuginfo-2.24.33-150600.11.3.1 * gtk2-immodule-tigrigna-32bit-debuginfo-2.24.33-150600.11.3.1 * libgtk-2_0-0-32bit-2.24.33-150600.11.3.1 * gtk2-immodule-thai-32bit-debuginfo-2.24.33-150600.11.3.1 * gtk2-immodule-amharic-32bit-2.24.33-150600.11.3.1 * gtk2-immodule-tigrigna-32bit-2.24.33-150600.11.3.1 * openSUSE Leap 15.6 (aarch64_ilp32) * gtk2-immodule-tigrigna-64bit-debuginfo-2.24.33-150600.11.3.1 * gtk2-immodule-xim-64bit-debuginfo-2.24.33-150600.11.3.1 * libgtk-2_0-0-64bit-2.24.33-150600.11.3.1 * gtk2-immodule-thai-64bit-2.24.33-150600.11.3.1 * gtk2-tools-64bit-2.24.33-150600.11.3.1 * gtk2-immodule-inuktitut-64bit-debuginfo-2.24.33-150600.11.3.1 * gtk2-immodule-amharic-64bit-debuginfo-2.24.33-150600.11.3.1 * gtk2-immodule-amharic-64bit-2.24.33-150600.11.3.1 * gtk2-immodule-multipress-64bit-2.24.33-150600.11.3.1 * gtk2-immodule-xim-64bit-2.24.33-150600.11.3.1 * gtk2-tools-64bit-debuginfo-2.24.33-150600.11.3.1 * gtk2-devel-64bit-debuginfo-2.24.33-150600.11.3.1 * gtk2-devel-64bit-2.24.33-150600.11.3.1 * gtk2-immodule-multipress-64bit-debuginfo-2.24.33-150600.11.3.1 * gtk2-immodule-inuktitut-64bit-2.24.33-150600.11.3.1 * gtk2-immodule-vietnamese-64bit-2.24.33-150600.11.3.1 * libgtk-2_0-0-64bit-debuginfo-2.24.33-150600.11.3.1 * gtk2-immodule-thai-64bit-debuginfo-2.24.33-150600.11.3.1 * gtk2-immodule-tigrigna-64bit-2.24.33-150600.11.3.1 * gtk2-immodule-vietnamese-64bit-debuginfo-2.24.33-150600.11.3.1 ## References: * https://www.suse.com/security/cve/CVE-2024-6655.html * https://bugzilla.suse.com/show_bug.cgi?id=1228120 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jul 30 08:36:38 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 30 Jul 2024 08:36:38 -0000 Subject: SUSE-SU-2024:2633-1: important: Security update for gtk3 Message-ID: <172232859820.29307.12921571774891760681@smelt2.prg2.suse.org> # Security update for gtk3 Announcement ID: SUSE-SU-2024:2633-1 Rating: important References: * bsc#1228120 Cross-References: * CVE-2024-6655 CVSS scores: * CVE-2024-6655 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP6 * Desktop Applications Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for gtk3 fixes the following issues: * CVE-2024-6655: Fixed library injection from current working directory (bsc#1228120) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-2633=1 openSUSE-SLE-15.6-2024-2633=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-2633=1 * Desktop Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2024-2633=1 ## Package List: * openSUSE Leap 15.6 (noarch) * gtk3-lang-3.24.38+111-150600.3.3.1 * gtk3-devel-doc-3.24.38+111-150600.3.3.1 * gtk3-branding-upstream-3.24.38+111-150600.3.3.1 * gtk3-schema-3.24.38+111-150600.3.3.1 * gettext-its-gtk3-3.24.38+111-150600.3.3.1 * gtk3-data-3.24.38+111-150600.3.3.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * typelib-1_0-Gtk-3_0-3.24.38+111-150600.3.3.1 * gtk3-immodule-thai-3.24.38+111-150600.3.3.1 * gtk3-immodule-xim-debuginfo-3.24.38+111-150600.3.3.1 * gtk3-tools-debuginfo-3.24.38+111-150600.3.3.1 * gtk3-immodule-amharic-debuginfo-3.24.38+111-150600.3.3.1 * gtk3-immodule-amharic-3.24.38+111-150600.3.3.1 * gtk3-immodule-vietnamese-debuginfo-3.24.38+111-150600.3.3.1 * libgtk-3-0-3.24.38+111-150600.3.3.1 * gtk3-immodule-thai-debuginfo-3.24.38+111-150600.3.3.1 * gtk3-immodule-inuktitut-debuginfo-3.24.38+111-150600.3.3.1 * gtk3-immodule-vietnamese-3.24.38+111-150600.3.3.1 * gtk3-devel-debuginfo-3.24.38+111-150600.3.3.1 * gtk3-immodule-broadway-3.24.38+111-150600.3.3.1 * gtk3-immodule-xim-3.24.38+111-150600.3.3.1 * gtk3-debugsource-3.24.38+111-150600.3.3.1 * gtk3-tools-3.24.38+111-150600.3.3.1 * gtk3-immodule-multipress-debuginfo-3.24.38+111-150600.3.3.1 * gtk3-devel-3.24.38+111-150600.3.3.1 * gtk3-immodule-broadway-debuginfo-3.24.38+111-150600.3.3.1 * gtk3-immodule-multipress-3.24.38+111-150600.3.3.1 * gtk3-immodule-tigrigna-3.24.38+111-150600.3.3.1 * gtk3-immodule-inuktitut-3.24.38+111-150600.3.3.1 * gtk3-immodule-tigrigna-debuginfo-3.24.38+111-150600.3.3.1 * libgtk-3-0-debuginfo-3.24.38+111-150600.3.3.1 * openSUSE Leap 15.6 (x86_64) * gtk3-immodule-vietnamese-32bit-debuginfo-3.24.38+111-150600.3.3.1 * gtk3-immodule-thai-32bit-3.24.38+111-150600.3.3.1 * gtk3-immodule-multipress-32bit-3.24.38+111-150600.3.3.1 * gtk3-devel-32bit-3.24.38+111-150600.3.3.1 * gtk3-immodule-multipress-32bit-debuginfo-3.24.38+111-150600.3.3.1 * libgtk-3-0-32bit-debuginfo-3.24.38+111-150600.3.3.1 * gtk3-devel-32bit-debuginfo-3.24.38+111-150600.3.3.1 * gtk3-immodule-amharic-32bit-debuginfo-3.24.38+111-150600.3.3.1 * gtk3-immodule-xim-32bit-3.24.38+111-150600.3.3.1 * gtk3-immodule-xim-32bit-debuginfo-3.24.38+111-150600.3.3.1 * gtk3-tools-32bit-debuginfo-3.24.38+111-150600.3.3.1 * libgtk-3-0-32bit-3.24.38+111-150600.3.3.1 * gtk3-tools-32bit-3.24.38+111-150600.3.3.1 * gtk3-immodule-amharic-32bit-3.24.38+111-150600.3.3.1 * gtk3-immodule-tigrigna-32bit-3.24.38+111-150600.3.3.1 * gtk3-immodule-thai-32bit-debuginfo-3.24.38+111-150600.3.3.1 * gtk3-immodule-inuktitut-32bit-3.24.38+111-150600.3.3.1 * gtk3-immodule-tigrigna-32bit-debuginfo-3.24.38+111-150600.3.3.1 * gtk3-immodule-vietnamese-32bit-3.24.38+111-150600.3.3.1 * gtk3-immodule-inuktitut-32bit-debuginfo-3.24.38+111-150600.3.3.1 * openSUSE Leap 15.6 (aarch64_ilp32) * gtk3-immodule-thai-64bit-3.24.38+111-150600.3.3.1 * gtk3-immodule-vietnamese-64bit-3.24.38+111-150600.3.3.1 * gtk3-immodule-amharic-64bit-3.24.38+111-150600.3.3.1 * gtk3-devel-64bit-3.24.38+111-150600.3.3.1 * gtk3-tools-64bit-debuginfo-3.24.38+111-150600.3.3.1 * gtk3-immodule-thai-64bit-debuginfo-3.24.38+111-150600.3.3.1 * gtk3-immodule-inuktitut-64bit-3.24.38+111-150600.3.3.1 * gtk3-immodule-multipress-64bit-debuginfo-3.24.38+111-150600.3.3.1 * gtk3-immodule-tigrigna-64bit-debuginfo-3.24.38+111-150600.3.3.1 * gtk3-immodule-multipress-64bit-3.24.38+111-150600.3.3.1 * libgtk-3-0-64bit-3.24.38+111-150600.3.3.1 * gtk3-immodule-inuktitut-64bit-debuginfo-3.24.38+111-150600.3.3.1 * gtk3-tools-64bit-3.24.38+111-150600.3.3.1 * libgtk-3-0-64bit-debuginfo-3.24.38+111-150600.3.3.1 * gtk3-immodule-vietnamese-64bit-debuginfo-3.24.38+111-150600.3.3.1 * gtk3-immodule-xim-64bit-3.24.38+111-150600.3.3.1 * gtk3-immodule-xim-64bit-debuginfo-3.24.38+111-150600.3.3.1 * gtk3-immodule-amharic-64bit-debuginfo-3.24.38+111-150600.3.3.1 * gtk3-immodule-tigrigna-64bit-3.24.38+111-150600.3.3.1 * gtk3-devel-64bit-debuginfo-3.24.38+111-150600.3.3.1 * Basesystem Module 15-SP6 (noarch) * gtk3-lang-3.24.38+111-150600.3.3.1 * gtk3-schema-3.24.38+111-150600.3.3.1 * gtk3-data-3.24.38+111-150600.3.3.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libgtk-3-0-3.24.38+111-150600.3.3.1 * typelib-1_0-Gtk-3_0-3.24.38+111-150600.3.3.1 * gtk3-tools-debuginfo-3.24.38+111-150600.3.3.1 * gtk3-debugsource-3.24.38+111-150600.3.3.1 * gtk3-devel-debuginfo-3.24.38+111-150600.3.3.1 * gtk3-tools-3.24.38+111-150600.3.3.1 * libgtk-3-0-debuginfo-3.24.38+111-150600.3.3.1 * gtk3-devel-3.24.38+111-150600.3.3.1 * Desktop Applications Module 15-SP6 (noarch) * gtk3-devel-doc-3.24.38+111-150600.3.3.1 ## References: * https://www.suse.com/security/cve/CVE-2024-6655.html * https://bugzilla.suse.com/show_bug.cgi?id=1228120 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jul 30 08:36:43 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 30 Jul 2024 08:36:43 -0000 Subject: SUSE-SU-2024:2632-1: moderate: Security update for espeak-ng Message-ID: <172232860335.29307.2894025675773029088@smelt2.prg2.suse.org> # Security update for espeak-ng Announcement ID: SUSE-SU-2024:2632-1 Rating: moderate References: * bsc#1218006 * bsc#1218007 * bsc#1218008 * bsc#1218009 * bsc#1218010 Cross-References: * CVE-2023-49990 * CVE-2023-49991 * CVE-2023-49992 * CVE-2023-49993 * CVE-2023-49994 CVSS scores: * CVE-2023-49990 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2023-49990 ( NVD ): 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2023-49991 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2023-49991 ( NVD ): 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2023-49992 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2023-49992 ( NVD ): 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2023-49993 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2023-49993 ( NVD ): 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2023-49994 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2023-49994 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Affected Products: * Desktop Applications Module 15-SP5 * Desktop Applications Module 15-SP6 * openSUSE Leap 15.3 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves five vulnerabilities can now be installed. ## Description: This update for espeak-ng fixes the following issues: * CVE-2023-49990: Fixed buffer overflow in SetUpPhonemeTable function at synthdata.c (bsc#1218010) * CVE-2023-49991: Fixed stack-buffer-underflow exists in the function CountVowelPosition in synthdata.c (bsc#1218006) * CVE-2023-49992: Fixed stack-buffer-overflow exists in the function RemoveEnding in dictionary.c (bsc#1218007) * CVE-2023-49993: Fixed buffer overflow in ReadClause function at readclause.c (bsc#1218008) * CVE-2023-49994: Fixed floating point exception in PeaksToHarmspect at wavegen.c (bsc#1218009) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-2632=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-2632=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-2632=1 * Desktop Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP5-2024-2632=1 * Desktop Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2024-2632=1 ## Package List: * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * libespeak-ng1-1.50-150300.3.3.1 * espeak-ng-compat-devel-1.50-150300.3.3.1 * espeak-ng-devel-1.50-150300.3.3.1 * espeak-ng-debugsource-1.50-150300.3.3.1 * espeak-ng-compat-1.50-150300.3.3.1 * libespeak-ng1-debuginfo-1.50-150300.3.3.1 * espeak-ng-debuginfo-1.50-150300.3.3.1 * espeak-ng-1.50-150300.3.3.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * libespeak-ng1-1.50-150300.3.3.1 * espeak-ng-compat-devel-1.50-150300.3.3.1 * espeak-ng-devel-1.50-150300.3.3.1 * espeak-ng-debugsource-1.50-150300.3.3.1 * espeak-ng-compat-1.50-150300.3.3.1 * libespeak-ng1-debuginfo-1.50-150300.3.3.1 * espeak-ng-debuginfo-1.50-150300.3.3.1 * espeak-ng-1.50-150300.3.3.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * libespeak-ng1-1.50-150300.3.3.1 * espeak-ng-compat-devel-1.50-150300.3.3.1 * espeak-ng-devel-1.50-150300.3.3.1 * espeak-ng-debugsource-1.50-150300.3.3.1 * espeak-ng-compat-1.50-150300.3.3.1 * libespeak-ng1-debuginfo-1.50-150300.3.3.1 * espeak-ng-debuginfo-1.50-150300.3.3.1 * espeak-ng-1.50-150300.3.3.1 * Desktop Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * libespeak-ng1-1.50-150300.3.3.1 * espeak-ng-compat-devel-1.50-150300.3.3.1 * espeak-ng-devel-1.50-150300.3.3.1 * espeak-ng-debugsource-1.50-150300.3.3.1 * espeak-ng-compat-1.50-150300.3.3.1 * libespeak-ng1-debuginfo-1.50-150300.3.3.1 * espeak-ng-debuginfo-1.50-150300.3.3.1 * espeak-ng-1.50-150300.3.3.1 * Desktop Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libespeak-ng1-1.50-150300.3.3.1 * espeak-ng-compat-devel-1.50-150300.3.3.1 * espeak-ng-devel-1.50-150300.3.3.1 * espeak-ng-debugsource-1.50-150300.3.3.1 * espeak-ng-compat-1.50-150300.3.3.1 * libespeak-ng1-debuginfo-1.50-150300.3.3.1 * espeak-ng-debuginfo-1.50-150300.3.3.1 * espeak-ng-1.50-150300.3.3.1 ## References: * https://www.suse.com/security/cve/CVE-2023-49990.html * https://www.suse.com/security/cve/CVE-2023-49991.html * https://www.suse.com/security/cve/CVE-2023-49992.html * https://www.suse.com/security/cve/CVE-2023-49993.html * https://www.suse.com/security/cve/CVE-2023-49994.html * https://bugzilla.suse.com/show_bug.cgi?id=1218006 * https://bugzilla.suse.com/show_bug.cgi?id=1218007 * https://bugzilla.suse.com/show_bug.cgi?id=1218008 * https://bugzilla.suse.com/show_bug.cgi?id=1218009 * https://bugzilla.suse.com/show_bug.cgi?id=1218010 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jul 30 08:36:48 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 30 Jul 2024 08:36:48 -0000 Subject: SUSE-SU-2024:2631-1: important: Security update for freerdp Message-ID: <172232860891.29307.7498478036284281622@smelt2.prg2.suse.org> # Security update for freerdp Announcement ID: SUSE-SU-2024:2631-1 Rating: important References: * bsc#1219049 * bsc#1223346 * bsc#1223347 * bsc#1223348 * bsc#1223353 Cross-References: * CVE-2024-22211 * CVE-2024-32658 * CVE-2024-32659 * CVE-2024-32660 * CVE-2024-32661 CVSS scores: * CVE-2024-22211 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2024-22211 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-32658 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-32659 ( SUSE ): 7.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H * CVE-2024-32660 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-32661 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Workstation Extension 15 SP6 * SUSE Package Hub 15 15-SP6 An update that solves five vulnerabilities can now be installed. ## Description: This update for freerdp fixes the following issues: * CVE-2024-22211: Fixed integer overflow in `freerdp_bitmap_planar_context_reset` that could lead to heap-buffer overflow (bsc#1219049) * CVE-2024-32658: Fixed out-of-bounds read in Interleaved RLE Bitmap Codec in FreeRDP based clients (bsc#1223353) * CVE-2024-32659: Fixed out-of-bounds read if `((nWidth == 0) and (nHeight == 0))` (bsc#1223346) * CVE-2024-32660: Fixed client crash via invalid huge allocation size (bsc#1223347) * CVE-2024-32661: Fixed client NULL pointer dereference (bsc#1223348) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-2631=1 openSUSE-SLE-15.6-2024-2631=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-2631=1 * SUSE Linux Enterprise Workstation Extension 15 SP6 zypper in -t patch SUSE-SLE-Product-WE-15-SP6-2024-2631=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * libwinpr2-2-debuginfo-2.11.2-150600.4.3.1 * freerdp-2.11.2-150600.4.3.1 * freerdp-debuginfo-2.11.2-150600.4.3.1 * freerdp-devel-2.11.2-150600.4.3.1 * freerdp-wayland-debuginfo-2.11.2-150600.4.3.1 * libuwac0-0-2.11.2-150600.4.3.1 * libwinpr2-2-2.11.2-150600.4.3.1 * freerdp-proxy-2.11.2-150600.4.3.1 * uwac0-0-devel-2.11.2-150600.4.3.1 * freerdp-server-2.11.2-150600.4.3.1 * libfreerdp2-2-debuginfo-2.11.2-150600.4.3.1 * winpr-devel-2.11.2-150600.4.3.1 * freerdp-server-debuginfo-2.11.2-150600.4.3.1 * freerdp-proxy-debuginfo-2.11.2-150600.4.3.1 * libuwac0-0-debuginfo-2.11.2-150600.4.3.1 * freerdp-wayland-2.11.2-150600.4.3.1 * libfreerdp2-2-2.11.2-150600.4.3.1 * freerdp-debugsource-2.11.2-150600.4.3.1 * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x) * freerdp-2.11.2-150600.4.3.1 * freerdp-debuginfo-2.11.2-150600.4.3.1 * freerdp-devel-2.11.2-150600.4.3.1 * freerdp-wayland-debuginfo-2.11.2-150600.4.3.1 * libuwac0-0-2.11.2-150600.4.3.1 * uwac0-0-devel-2.11.2-150600.4.3.1 * freerdp-proxy-2.11.2-150600.4.3.1 * freerdp-server-2.11.2-150600.4.3.1 * freerdp-server-debuginfo-2.11.2-150600.4.3.1 * freerdp-proxy-debuginfo-2.11.2-150600.4.3.1 * libuwac0-0-debuginfo-2.11.2-150600.4.3.1 * freerdp-wayland-2.11.2-150600.4.3.1 * freerdp-debugsource-2.11.2-150600.4.3.1 * SUSE Linux Enterprise Workstation Extension 15 SP6 (x86_64) * libwinpr2-2-debuginfo-2.11.2-150600.4.3.1 * freerdp-2.11.2-150600.4.3.1 * freerdp-debuginfo-2.11.2-150600.4.3.1 * freerdp-devel-2.11.2-150600.4.3.1 * libwinpr2-2-2.11.2-150600.4.3.1 * freerdp-proxy-2.11.2-150600.4.3.1 * freerdp-server-2.11.2-150600.4.3.1 * libfreerdp2-2-debuginfo-2.11.2-150600.4.3.1 * winpr-devel-2.11.2-150600.4.3.1 * freerdp-server-debuginfo-2.11.2-150600.4.3.1 * freerdp-proxy-debuginfo-2.11.2-150600.4.3.1 * libfreerdp2-2-2.11.2-150600.4.3.1 * freerdp-debugsource-2.11.2-150600.4.3.1 ## References: * https://www.suse.com/security/cve/CVE-2024-22211.html * https://www.suse.com/security/cve/CVE-2024-32658.html * https://www.suse.com/security/cve/CVE-2024-32659.html * https://www.suse.com/security/cve/CVE-2024-32660.html * https://www.suse.com/security/cve/CVE-2024-32661.html * https://bugzilla.suse.com/show_bug.cgi?id=1219049 * https://bugzilla.suse.com/show_bug.cgi?id=1223346 * https://bugzilla.suse.com/show_bug.cgi?id=1223347 * https://bugzilla.suse.com/show_bug.cgi?id=1223348 * https://bugzilla.suse.com/show_bug.cgi?id=1223353 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jul 30 08:36:51 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 30 Jul 2024 08:36:51 -0000 Subject: SUSE-SU-2024:2630-1: important: Security update for shadow Message-ID: <172232861114.29307.225751410507155931@smelt2.prg2.suse.org> # Security update for shadow Announcement ID: SUSE-SU-2024:2630-1 Rating: important References: * bsc#916845 Cross-References: * CVE-2013-4235 CVSS scores: * CVE-2013-4235 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H * CVE-2013-4235 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for shadow fixes the following issues: * CVE-2013-4235: Fixed a race condition when copying and removing directory trees (bsc#916845). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-2630=1 * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-2630=1 openSUSE-SLE-15.6-2024-2630=1 ## Package List: * Basesystem Module 15-SP6 (noarch) * login_defs-4.8.1-150600.17.3.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * shadow-debuginfo-4.8.1-150600.17.3.1 * shadow-debugsource-4.8.1-150600.17.3.1 * shadow-4.8.1-150600.17.3.1 * openSUSE Leap 15.6 (noarch) * login_defs-4.8.1-150600.17.3.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * shadow-debuginfo-4.8.1-150600.17.3.1 * shadow-debugsource-4.8.1-150600.17.3.1 * shadow-4.8.1-150600.17.3.1 ## References: * https://www.suse.com/security/cve/CVE-2013-4235.html * https://bugzilla.suse.com/show_bug.cgi?id=916845 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jul 30 08:36:57 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 30 Jul 2024 08:36:57 -0000 Subject: SUSE-SU-2024:2629-1: important: Security update for java-11-openjdk Message-ID: <172232861722.29307.1424602670902792995@smelt2.prg2.suse.org> # Security update for java-11-openjdk Announcement ID: SUSE-SU-2024:2629-1 Rating: important References: * bsc#1227298 * bsc#1228046 * bsc#1228047 * bsc#1228048 * bsc#1228050 * bsc#1228051 * bsc#1228052 Cross-References: * CVE-2024-21131 * CVE-2024-21138 * CVE-2024-21140 * CVE-2024-21144 * CVE-2024-21145 * CVE-2024-21147 CVSS scores: * CVE-2024-21131 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2024-21138 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-21140 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2024-21144 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-21145 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2024-21147 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N Affected Products: * Basesystem Module 15-SP5 * Legacy Module 15-SP6 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 * SUSE Package Hub 15 15-SP5 * SUSE Package Hub 15 15-SP6 An update that solves six vulnerabilities and has one security fix can now be installed. ## Description: This update for java-11-openjdk fixes the following issues: Updated to version 11.0.24+8 (July 2024 CPU): * CVE-2024-21131: Fixed a potential UTF8 size overflow (bsc#1228046). * CVE-2024-21138: Fixed an infinite loop due to excessive symbol length (bsc#1228047). * CVE-2024-21140: Fixed a pre-loop limit overflow in Range Check Elimination (bsc#1228048). * CVE-2024-21147: Fixed an out-of-bounds access in 2D image handling (bsc#1228052). * CVE-2024-21145: Fixed an index overflow in RangeCheckElimination (bsc#1228051). * CVE-2024-21144: Fixed an excessive loading time in Pack200 due to improper header validation (bsc#1228050). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-2629=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-2629=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-2629=1 * Legacy Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Legacy-15-SP6-2024-2629=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-2629=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-2629=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-2629=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-2629=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-2629=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-2629=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-2629=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-2629=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-2629=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-2629=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-2629=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-2629=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-2629=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-2629=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-2629=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-2629=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-2629=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * java-11-openjdk-debuginfo-11.0.24.0-150000.3.116.1 * java-11-openjdk-demo-11.0.24.0-150000.3.116.1 * java-11-openjdk-devel-11.0.24.0-150000.3.116.1 * java-11-openjdk-11.0.24.0-150000.3.116.1 * java-11-openjdk-debugsource-11.0.24.0-150000.3.116.1 * java-11-openjdk-headless-11.0.24.0-150000.3.116.1 * java-11-openjdk-jmods-11.0.24.0-150000.3.116.1 * java-11-openjdk-src-11.0.24.0-150000.3.116.1 * openSUSE Leap 15.5 (noarch) * java-11-openjdk-javadoc-11.0.24.0-150000.3.116.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * java-11-openjdk-debuginfo-11.0.24.0-150000.3.116.1 * java-11-openjdk-demo-11.0.24.0-150000.3.116.1 * java-11-openjdk-devel-11.0.24.0-150000.3.116.1 * java-11-openjdk-11.0.24.0-150000.3.116.1 * java-11-openjdk-debugsource-11.0.24.0-150000.3.116.1 * java-11-openjdk-headless-11.0.24.0-150000.3.116.1 * java-11-openjdk-devel-debuginfo-11.0.24.0-150000.3.116.1 * java-11-openjdk-jmods-11.0.24.0-150000.3.116.1 * java-11-openjdk-src-11.0.24.0-150000.3.116.1 * java-11-openjdk-headless-debuginfo-11.0.24.0-150000.3.116.1 * openSUSE Leap 15.6 (noarch) * java-11-openjdk-javadoc-11.0.24.0-150000.3.116.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * java-11-openjdk-demo-11.0.24.0-150000.3.116.1 * java-11-openjdk-devel-11.0.24.0-150000.3.116.1 * java-11-openjdk-11.0.24.0-150000.3.116.1 * java-11-openjdk-headless-11.0.24.0-150000.3.116.1 * Legacy Module 15-SP6 (aarch64 ppc64le s390x x86_64) * java-11-openjdk-debuginfo-11.0.24.0-150000.3.116.1 * java-11-openjdk-demo-11.0.24.0-150000.3.116.1 * java-11-openjdk-devel-11.0.24.0-150000.3.116.1 * java-11-openjdk-11.0.24.0-150000.3.116.1 * java-11-openjdk-debugsource-11.0.24.0-150000.3.116.1 * java-11-openjdk-headless-11.0.24.0-150000.3.116.1 * java-11-openjdk-devel-debuginfo-11.0.24.0-150000.3.116.1 * java-11-openjdk-headless-debuginfo-11.0.24.0-150000.3.116.1 * SUSE Package Hub 15 15-SP5 (noarch) * java-11-openjdk-javadoc-11.0.24.0-150000.3.116.1 * SUSE Package Hub 15 15-SP6 (noarch) * java-11-openjdk-javadoc-11.0.24.0-150000.3.116.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * java-11-openjdk-debuginfo-11.0.24.0-150000.3.116.1 * java-11-openjdk-demo-11.0.24.0-150000.3.116.1 * java-11-openjdk-devel-11.0.24.0-150000.3.116.1 * java-11-openjdk-11.0.24.0-150000.3.116.1 * java-11-openjdk-debugsource-11.0.24.0-150000.3.116.1 * java-11-openjdk-headless-11.0.24.0-150000.3.116.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * java-11-openjdk-debuginfo-11.0.24.0-150000.3.116.1 * java-11-openjdk-demo-11.0.24.0-150000.3.116.1 * java-11-openjdk-devel-11.0.24.0-150000.3.116.1 * java-11-openjdk-11.0.24.0-150000.3.116.1 * java-11-openjdk-debugsource-11.0.24.0-150000.3.116.1 * java-11-openjdk-headless-11.0.24.0-150000.3.116.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * java-11-openjdk-demo-11.0.24.0-150000.3.116.1 * java-11-openjdk-devel-11.0.24.0-150000.3.116.1 * java-11-openjdk-11.0.24.0-150000.3.116.1 * java-11-openjdk-debugsource-11.0.24.0-150000.3.116.1 * java-11-openjdk-headless-11.0.24.0-150000.3.116.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * java-11-openjdk-demo-11.0.24.0-150000.3.116.1 * java-11-openjdk-devel-11.0.24.0-150000.3.116.1 * java-11-openjdk-11.0.24.0-150000.3.116.1 * java-11-openjdk-debugsource-11.0.24.0-150000.3.116.1 * java-11-openjdk-headless-11.0.24.0-150000.3.116.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * java-11-openjdk-demo-11.0.24.0-150000.3.116.1 * java-11-openjdk-devel-11.0.24.0-150000.3.116.1 * java-11-openjdk-11.0.24.0-150000.3.116.1 * java-11-openjdk-debugsource-11.0.24.0-150000.3.116.1 * java-11-openjdk-headless-11.0.24.0-150000.3.116.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * java-11-openjdk-debuginfo-11.0.24.0-150000.3.116.1 * java-11-openjdk-demo-11.0.24.0-150000.3.116.1 * java-11-openjdk-devel-11.0.24.0-150000.3.116.1 * java-11-openjdk-11.0.24.0-150000.3.116.1 * java-11-openjdk-debugsource-11.0.24.0-150000.3.116.1 * java-11-openjdk-headless-11.0.24.0-150000.3.116.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * java-11-openjdk-debuginfo-11.0.24.0-150000.3.116.1 * java-11-openjdk-demo-11.0.24.0-150000.3.116.1 * java-11-openjdk-devel-11.0.24.0-150000.3.116.1 * java-11-openjdk-11.0.24.0-150000.3.116.1 * java-11-openjdk-debugsource-11.0.24.0-150000.3.116.1 * java-11-openjdk-headless-11.0.24.0-150000.3.116.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * java-11-openjdk-demo-11.0.24.0-150000.3.116.1 * java-11-openjdk-devel-11.0.24.0-150000.3.116.1 * java-11-openjdk-11.0.24.0-150000.3.116.1 * java-11-openjdk-debugsource-11.0.24.0-150000.3.116.1 * java-11-openjdk-headless-11.0.24.0-150000.3.116.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * java-11-openjdk-debuginfo-11.0.24.0-150000.3.116.1 * java-11-openjdk-demo-11.0.24.0-150000.3.116.1 * java-11-openjdk-devel-11.0.24.0-150000.3.116.1 * java-11-openjdk-11.0.24.0-150000.3.116.1 * java-11-openjdk-debugsource-11.0.24.0-150000.3.116.1 * java-11-openjdk-headless-11.0.24.0-150000.3.116.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * java-11-openjdk-debuginfo-11.0.24.0-150000.3.116.1 * java-11-openjdk-demo-11.0.24.0-150000.3.116.1 * java-11-openjdk-devel-11.0.24.0-150000.3.116.1 * java-11-openjdk-11.0.24.0-150000.3.116.1 * java-11-openjdk-debugsource-11.0.24.0-150000.3.116.1 * java-11-openjdk-headless-11.0.24.0-150000.3.116.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * java-11-openjdk-demo-11.0.24.0-150000.3.116.1 * java-11-openjdk-devel-11.0.24.0-150000.3.116.1 * java-11-openjdk-11.0.24.0-150000.3.116.1 * java-11-openjdk-debugsource-11.0.24.0-150000.3.116.1 * java-11-openjdk-headless-11.0.24.0-150000.3.116.1 * SUSE Manager Proxy 4.3 (x86_64) * java-11-openjdk-demo-11.0.24.0-150000.3.116.1 * java-11-openjdk-devel-11.0.24.0-150000.3.116.1 * java-11-openjdk-11.0.24.0-150000.3.116.1 * java-11-openjdk-debugsource-11.0.24.0-150000.3.116.1 * java-11-openjdk-headless-11.0.24.0-150000.3.116.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * java-11-openjdk-demo-11.0.24.0-150000.3.116.1 * java-11-openjdk-devel-11.0.24.0-150000.3.116.1 * java-11-openjdk-11.0.24.0-150000.3.116.1 * java-11-openjdk-debugsource-11.0.24.0-150000.3.116.1 * java-11-openjdk-headless-11.0.24.0-150000.3.116.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * java-11-openjdk-demo-11.0.24.0-150000.3.116.1 * java-11-openjdk-devel-11.0.24.0-150000.3.116.1 * java-11-openjdk-11.0.24.0-150000.3.116.1 * java-11-openjdk-debugsource-11.0.24.0-150000.3.116.1 * java-11-openjdk-headless-11.0.24.0-150000.3.116.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * java-11-openjdk-debuginfo-11.0.24.0-150000.3.116.1 * java-11-openjdk-demo-11.0.24.0-150000.3.116.1 * java-11-openjdk-devel-11.0.24.0-150000.3.116.1 * java-11-openjdk-11.0.24.0-150000.3.116.1 * java-11-openjdk-debugsource-11.0.24.0-150000.3.116.1 * java-11-openjdk-headless-11.0.24.0-150000.3.116.1 ## References: * https://www.suse.com/security/cve/CVE-2024-21131.html * https://www.suse.com/security/cve/CVE-2024-21138.html * https://www.suse.com/security/cve/CVE-2024-21140.html * https://www.suse.com/security/cve/CVE-2024-21144.html * https://www.suse.com/security/cve/CVE-2024-21145.html * https://www.suse.com/security/cve/CVE-2024-21147.html * https://bugzilla.suse.com/show_bug.cgi?id=1227298 * https://bugzilla.suse.com/show_bug.cgi?id=1228046 * https://bugzilla.suse.com/show_bug.cgi?id=1228047 * https://bugzilla.suse.com/show_bug.cgi?id=1228048 * https://bugzilla.suse.com/show_bug.cgi?id=1228050 * https://bugzilla.suse.com/show_bug.cgi?id=1228051 * https://bugzilla.suse.com/show_bug.cgi?id=1228052 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jul 30 08:37:03 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 30 Jul 2024 08:37:03 -0000 Subject: SUSE-SU-2024:2628-1: important: Security update for java-17-openjdk Message-ID: <172232862332.29307.10333321176032604247@smelt2.prg2.suse.org> # Security update for java-17-openjdk Announcement ID: SUSE-SU-2024:2628-1 Rating: important References: * bsc#1227298 * bsc#1228046 * bsc#1228047 * bsc#1228048 * bsc#1228051 * bsc#1228052 Cross-References: * CVE-2024-21131 * CVE-2024-21138 * CVE-2024-21140 * CVE-2024-21145 * CVE-2024-21147 CVSS scores: * CVE-2024-21131 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2024-21138 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-21140 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2024-21145 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2024-21147 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N Affected Products: * Basesystem Module 15-SP5 * Basesystem Module 15-SP6 * Legacy Module 15-SP6 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves five vulnerabilities and has one security fix can now be installed. ## Description: This update for java-17-openjdk fixes the following issues: Updated to version 17.0.12+7 (July 2024 CPU): * CVE-2024-21131: Fixed a potential UTF8 size overflow (bsc#1228046). * CVE-2024-21138: Fixed an infinite loop due to excessive symbol length (bsc#1228047). * CVE-2024-21140: Fixed a pre-loop limit overflow in Range Check Elimination (bsc#1228048). * CVE-2024-21147: Fixed an out-of-bounds access in 2D image handling (bsc#1228052). * CVE-2024-21145: Fixed an index overflow in RangeCheckElimination (bsc#1228051). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-2628=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-2628=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-2628=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-2628=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-2628=1 * Legacy Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Legacy-15-SP6-2024-2628=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-2628=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-2628=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-2628=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-2628=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-2628=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-2628=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-2628=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-2628=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * java-17-openjdk-debuginfo-17.0.12.0-150400.3.45.1 * java-17-openjdk-devel-debuginfo-17.0.12.0-150400.3.45.1 * java-17-openjdk-headless-debuginfo-17.0.12.0-150400.3.45.1 * java-17-openjdk-devel-17.0.12.0-150400.3.45.1 * java-17-openjdk-17.0.12.0-150400.3.45.1 * java-17-openjdk-headless-17.0.12.0-150400.3.45.1 * java-17-openjdk-jmods-17.0.12.0-150400.3.45.1 * java-17-openjdk-demo-17.0.12.0-150400.3.45.1 * java-17-openjdk-src-17.0.12.0-150400.3.45.1 * java-17-openjdk-debugsource-17.0.12.0-150400.3.45.1 * openSUSE Leap 15.4 (noarch) * java-17-openjdk-javadoc-17.0.12.0-150400.3.45.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * java-17-openjdk-debuginfo-17.0.12.0-150400.3.45.1 * java-17-openjdk-devel-debuginfo-17.0.12.0-150400.3.45.1 * java-17-openjdk-headless-debuginfo-17.0.12.0-150400.3.45.1 * java-17-openjdk-devel-17.0.12.0-150400.3.45.1 * java-17-openjdk-17.0.12.0-150400.3.45.1 * java-17-openjdk-headless-17.0.12.0-150400.3.45.1 * java-17-openjdk-jmods-17.0.12.0-150400.3.45.1 * java-17-openjdk-demo-17.0.12.0-150400.3.45.1 * java-17-openjdk-src-17.0.12.0-150400.3.45.1 * java-17-openjdk-debugsource-17.0.12.0-150400.3.45.1 * openSUSE Leap 15.5 (noarch) * java-17-openjdk-javadoc-17.0.12.0-150400.3.45.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * java-17-openjdk-debuginfo-17.0.12.0-150400.3.45.1 * java-17-openjdk-devel-debuginfo-17.0.12.0-150400.3.45.1 * java-17-openjdk-headless-debuginfo-17.0.12.0-150400.3.45.1 * java-17-openjdk-devel-17.0.12.0-150400.3.45.1 * java-17-openjdk-17.0.12.0-150400.3.45.1 * java-17-openjdk-headless-17.0.12.0-150400.3.45.1 * java-17-openjdk-jmods-17.0.12.0-150400.3.45.1 * java-17-openjdk-demo-17.0.12.0-150400.3.45.1 * java-17-openjdk-src-17.0.12.0-150400.3.45.1 * java-17-openjdk-debugsource-17.0.12.0-150400.3.45.1 * openSUSE Leap 15.6 (noarch) * java-17-openjdk-javadoc-17.0.12.0-150400.3.45.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * java-17-openjdk-debuginfo-17.0.12.0-150400.3.45.1 * java-17-openjdk-devel-debuginfo-17.0.12.0-150400.3.45.1 * java-17-openjdk-headless-debuginfo-17.0.12.0-150400.3.45.1 * java-17-openjdk-devel-17.0.12.0-150400.3.45.1 * java-17-openjdk-17.0.12.0-150400.3.45.1 * java-17-openjdk-headless-17.0.12.0-150400.3.45.1 * java-17-openjdk-demo-17.0.12.0-150400.3.45.1 * java-17-openjdk-debugsource-17.0.12.0-150400.3.45.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * java-17-openjdk-debuginfo-17.0.12.0-150400.3.45.1 * java-17-openjdk-devel-debuginfo-17.0.12.0-150400.3.45.1 * java-17-openjdk-headless-debuginfo-17.0.12.0-150400.3.45.1 * java-17-openjdk-devel-17.0.12.0-150400.3.45.1 * java-17-openjdk-17.0.12.0-150400.3.45.1 * java-17-openjdk-headless-17.0.12.0-150400.3.45.1 * java-17-openjdk-debugsource-17.0.12.0-150400.3.45.1 * Legacy Module 15-SP6 (aarch64 ppc64le s390x x86_64) * java-17-openjdk-demo-17.0.12.0-150400.3.45.1 * java-17-openjdk-debugsource-17.0.12.0-150400.3.45.1 * java-17-openjdk-debuginfo-17.0.12.0-150400.3.45.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * java-17-openjdk-debuginfo-17.0.12.0-150400.3.45.1 * java-17-openjdk-devel-debuginfo-17.0.12.0-150400.3.45.1 * java-17-openjdk-headless-debuginfo-17.0.12.0-150400.3.45.1 * java-17-openjdk-devel-17.0.12.0-150400.3.45.1 * java-17-openjdk-17.0.12.0-150400.3.45.1 * java-17-openjdk-headless-17.0.12.0-150400.3.45.1 * java-17-openjdk-demo-17.0.12.0-150400.3.45.1 * java-17-openjdk-debugsource-17.0.12.0-150400.3.45.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * java-17-openjdk-debuginfo-17.0.12.0-150400.3.45.1 * java-17-openjdk-devel-debuginfo-17.0.12.0-150400.3.45.1 * java-17-openjdk-headless-debuginfo-17.0.12.0-150400.3.45.1 * java-17-openjdk-devel-17.0.12.0-150400.3.45.1 * java-17-openjdk-17.0.12.0-150400.3.45.1 * java-17-openjdk-headless-17.0.12.0-150400.3.45.1 * java-17-openjdk-demo-17.0.12.0-150400.3.45.1 * java-17-openjdk-debugsource-17.0.12.0-150400.3.45.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * java-17-openjdk-debuginfo-17.0.12.0-150400.3.45.1 * java-17-openjdk-devel-debuginfo-17.0.12.0-150400.3.45.1 * java-17-openjdk-headless-debuginfo-17.0.12.0-150400.3.45.1 * java-17-openjdk-devel-17.0.12.0-150400.3.45.1 * java-17-openjdk-17.0.12.0-150400.3.45.1 * java-17-openjdk-headless-17.0.12.0-150400.3.45.1 * java-17-openjdk-demo-17.0.12.0-150400.3.45.1 * java-17-openjdk-debugsource-17.0.12.0-150400.3.45.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * java-17-openjdk-debuginfo-17.0.12.0-150400.3.45.1 * java-17-openjdk-devel-debuginfo-17.0.12.0-150400.3.45.1 * java-17-openjdk-headless-debuginfo-17.0.12.0-150400.3.45.1 * java-17-openjdk-devel-17.0.12.0-150400.3.45.1 * java-17-openjdk-17.0.12.0-150400.3.45.1 * java-17-openjdk-headless-17.0.12.0-150400.3.45.1 * java-17-openjdk-demo-17.0.12.0-150400.3.45.1 * java-17-openjdk-debugsource-17.0.12.0-150400.3.45.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * java-17-openjdk-debuginfo-17.0.12.0-150400.3.45.1 * java-17-openjdk-devel-debuginfo-17.0.12.0-150400.3.45.1 * java-17-openjdk-headless-debuginfo-17.0.12.0-150400.3.45.1 * java-17-openjdk-devel-17.0.12.0-150400.3.45.1 * java-17-openjdk-17.0.12.0-150400.3.45.1 * java-17-openjdk-headless-17.0.12.0-150400.3.45.1 * java-17-openjdk-demo-17.0.12.0-150400.3.45.1 * java-17-openjdk-debugsource-17.0.12.0-150400.3.45.1 * SUSE Manager Proxy 4.3 (x86_64) * java-17-openjdk-debuginfo-17.0.12.0-150400.3.45.1 * java-17-openjdk-devel-debuginfo-17.0.12.0-150400.3.45.1 * java-17-openjdk-headless-debuginfo-17.0.12.0-150400.3.45.1 * java-17-openjdk-devel-17.0.12.0-150400.3.45.1 * java-17-openjdk-17.0.12.0-150400.3.45.1 * java-17-openjdk-headless-17.0.12.0-150400.3.45.1 * java-17-openjdk-demo-17.0.12.0-150400.3.45.1 * java-17-openjdk-debugsource-17.0.12.0-150400.3.45.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * java-17-openjdk-debuginfo-17.0.12.0-150400.3.45.1 * java-17-openjdk-devel-debuginfo-17.0.12.0-150400.3.45.1 * java-17-openjdk-headless-debuginfo-17.0.12.0-150400.3.45.1 * java-17-openjdk-devel-17.0.12.0-150400.3.45.1 * java-17-openjdk-17.0.12.0-150400.3.45.1 * java-17-openjdk-headless-17.0.12.0-150400.3.45.1 * java-17-openjdk-demo-17.0.12.0-150400.3.45.1 * java-17-openjdk-debugsource-17.0.12.0-150400.3.45.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * java-17-openjdk-debuginfo-17.0.12.0-150400.3.45.1 * java-17-openjdk-devel-debuginfo-17.0.12.0-150400.3.45.1 * java-17-openjdk-headless-debuginfo-17.0.12.0-150400.3.45.1 * java-17-openjdk-devel-17.0.12.0-150400.3.45.1 * java-17-openjdk-17.0.12.0-150400.3.45.1 * java-17-openjdk-headless-17.0.12.0-150400.3.45.1 * java-17-openjdk-demo-17.0.12.0-150400.3.45.1 * java-17-openjdk-debugsource-17.0.12.0-150400.3.45.1 ## References: * https://www.suse.com/security/cve/CVE-2024-21131.html * https://www.suse.com/security/cve/CVE-2024-21138.html * https://www.suse.com/security/cve/CVE-2024-21140.html * https://www.suse.com/security/cve/CVE-2024-21145.html * https://www.suse.com/security/cve/CVE-2024-21147.html * https://bugzilla.suse.com/show_bug.cgi?id=1227298 * https://bugzilla.suse.com/show_bug.cgi?id=1228046 * https://bugzilla.suse.com/show_bug.cgi?id=1228047 * https://bugzilla.suse.com/show_bug.cgi?id=1228048 * https://bugzilla.suse.com/show_bug.cgi?id=1228051 * https://bugzilla.suse.com/show_bug.cgi?id=1228052 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jul 30 08:37:10 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 30 Jul 2024 08:37:10 -0000 Subject: SUSE-SU-2024:2626-1: moderate: Security update for python-dnspython Message-ID: <172232863073.29307.2488765905978297612@smelt2.prg2.suse.org> # Security update for python-dnspython Announcement ID: SUSE-SU-2024:2626-1 Rating: moderate References: * bsc#1222693 Cross-References: * CVE-2023-29483 CVSS scores: * CVE-2023-29483 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * Python 3 Module 15-SP5 * Python 3 Module 15-SP6 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for python-dnspython fixes the following issues: * CVE-2023-29483: Fixed an issue that allowed remote attackers to interfere with DNS name resolution (bsc#1222693). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-2626=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-2626=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-2626=1 * Python 3 Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Python3-15-SP5-2024-2626=1 * Python 3 Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Python3-15-SP6-2024-2626=1 ## Package List: * openSUSE Leap 15.4 (noarch) * python311-dnspython-2.3.0-150400.12.6.1 * openSUSE Leap 15.5 (noarch) * python311-dnspython-2.3.0-150400.12.6.1 * openSUSE Leap 15.6 (noarch) * python311-dnspython-2.3.0-150400.12.6.1 * Python 3 Module 15-SP5 (noarch) * python311-dnspython-2.3.0-150400.12.6.1 * Python 3 Module 15-SP6 (noarch) * python311-dnspython-2.3.0-150400.12.6.1 ## References: * https://www.suse.com/security/cve/CVE-2023-29483.html * https://bugzilla.suse.com/show_bug.cgi?id=1222693 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jul 30 08:37:07 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 30 Jul 2024 08:37:07 -0000 Subject: SUSE-SU-2024:2627-1: moderate: Security update for ghostscript Message-ID: <172232862757.29307.2620457921264132583@smelt2.prg2.suse.org> # Security update for ghostscript Announcement ID: SUSE-SU-2024:2627-1 Rating: moderate References: * bsc#1227380 Cross-References: * CVE-2024-29508 CVSS scores: * CVE-2024-29508 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L Affected Products: * Basesystem Module 15-SP5 * Basesystem Module 15-SP6 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for ghostscript fixes the following issues: * CVE-2024-29508: Fixed heap pointer leak in pdf_base_font_alloc (bsc#1227380) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-2627=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-2627=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-2627=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-2627=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * ghostscript-9.52-150000.197.1 * ghostscript-debuginfo-9.52-150000.197.1 * ghostscript-debugsource-9.52-150000.197.1 * ghostscript-devel-9.52-150000.197.1 * ghostscript-x11-9.52-150000.197.1 * ghostscript-x11-debuginfo-9.52-150000.197.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * ghostscript-9.52-150000.197.1 * ghostscript-debuginfo-9.52-150000.197.1 * ghostscript-debugsource-9.52-150000.197.1 * ghostscript-devel-9.52-150000.197.1 * ghostscript-x11-9.52-150000.197.1 * ghostscript-x11-debuginfo-9.52-150000.197.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * ghostscript-9.52-150000.197.1 * ghostscript-debuginfo-9.52-150000.197.1 * ghostscript-debugsource-9.52-150000.197.1 * ghostscript-devel-9.52-150000.197.1 * ghostscript-x11-9.52-150000.197.1 * ghostscript-x11-debuginfo-9.52-150000.197.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * ghostscript-9.52-150000.197.1 * ghostscript-debuginfo-9.52-150000.197.1 * ghostscript-debugsource-9.52-150000.197.1 * ghostscript-devel-9.52-150000.197.1 * ghostscript-x11-9.52-150000.197.1 * ghostscript-x11-debuginfo-9.52-150000.197.1 ## References: * https://www.suse.com/security/cve/CVE-2024-29508.html * https://bugzilla.suse.com/show_bug.cgi?id=1227380 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jul 30 08:37:14 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 30 Jul 2024 08:37:14 -0000 Subject: SUSE-SU-2024:2625-1: important: Security update for p7zip Message-ID: <172232863417.29307.7481499773725018274@smelt2.prg2.suse.org> # Security update for p7zip Announcement ID: SUSE-SU-2024:2625-1 Rating: important References: * bsc#1227358 * bsc#1227359 Cross-References: * CVE-2023-52168 * CVE-2023-52169 CVSS scores: * CVE-2023-52168 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H * CVE-2023-52169 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H Affected Products: * Basesystem Module 15-SP5 * Basesystem Module 15-SP6 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves two vulnerabilities can now be installed. ## Description: This update for p7zip fixes the following issues: * CVE-2023-52168: Fixed heap-based buffer overflow in the NTFS handler allows two bytes to be overwritten at multiple offsets (bsc#1227358) * CVE-2023-52169: Fixed out-of-bounds read in NTFS handler (bsc#1227359) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-2625=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-2625=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-2625=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-2625=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-2625=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-2625=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-2625=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-2625=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-2625=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-2625=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-2625=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-2625=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-2625=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-2625=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-2625=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-2625=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-2625=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-2625=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-2625=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * p7zip-full-16.02-150200.14.12.1 * p7zip-debugsource-16.02-150200.14.12.1 * p7zip-16.02-150200.14.12.1 * p7zip-full-debuginfo-16.02-150200.14.12.1 * openSUSE Leap 15.5 (noarch) * p7zip-doc-16.02-150200.14.12.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * p7zip-full-16.02-150200.14.12.1 * p7zip-debugsource-16.02-150200.14.12.1 * p7zip-16.02-150200.14.12.1 * p7zip-full-debuginfo-16.02-150200.14.12.1 * openSUSE Leap 15.6 (noarch) * p7zip-doc-16.02-150200.14.12.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * p7zip-full-16.02-150200.14.12.1 * p7zip-debugsource-16.02-150200.14.12.1 * p7zip-16.02-150200.14.12.1 * p7zip-full-debuginfo-16.02-150200.14.12.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * p7zip-full-16.02-150200.14.12.1 * p7zip-debugsource-16.02-150200.14.12.1 * p7zip-16.02-150200.14.12.1 * p7zip-full-debuginfo-16.02-150200.14.12.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * p7zip-full-16.02-150200.14.12.1 * p7zip-debugsource-16.02-150200.14.12.1 * p7zip-16.02-150200.14.12.1 * p7zip-full-debuginfo-16.02-150200.14.12.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * p7zip-full-16.02-150200.14.12.1 * p7zip-debugsource-16.02-150200.14.12.1 * p7zip-16.02-150200.14.12.1 * p7zip-full-debuginfo-16.02-150200.14.12.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * p7zip-full-16.02-150200.14.12.1 * p7zip-debugsource-16.02-150200.14.12.1 * p7zip-16.02-150200.14.12.1 * p7zip-full-debuginfo-16.02-150200.14.12.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * p7zip-full-16.02-150200.14.12.1 * p7zip-debugsource-16.02-150200.14.12.1 * p7zip-16.02-150200.14.12.1 * p7zip-full-debuginfo-16.02-150200.14.12.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * p7zip-full-16.02-150200.14.12.1 * p7zip-debugsource-16.02-150200.14.12.1 * p7zip-16.02-150200.14.12.1 * p7zip-full-debuginfo-16.02-150200.14.12.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * p7zip-full-16.02-150200.14.12.1 * p7zip-debugsource-16.02-150200.14.12.1 * p7zip-16.02-150200.14.12.1 * p7zip-full-debuginfo-16.02-150200.14.12.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * p7zip-full-16.02-150200.14.12.1 * p7zip-debugsource-16.02-150200.14.12.1 * p7zip-16.02-150200.14.12.1 * p7zip-full-debuginfo-16.02-150200.14.12.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * p7zip-full-16.02-150200.14.12.1 * p7zip-debugsource-16.02-150200.14.12.1 * p7zip-16.02-150200.14.12.1 * p7zip-full-debuginfo-16.02-150200.14.12.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * p7zip-full-16.02-150200.14.12.1 * p7zip-debugsource-16.02-150200.14.12.1 * p7zip-16.02-150200.14.12.1 * p7zip-full-debuginfo-16.02-150200.14.12.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * p7zip-full-16.02-150200.14.12.1 * p7zip-debugsource-16.02-150200.14.12.1 * p7zip-16.02-150200.14.12.1 * p7zip-full-debuginfo-16.02-150200.14.12.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * p7zip-full-16.02-150200.14.12.1 * p7zip-debugsource-16.02-150200.14.12.1 * p7zip-16.02-150200.14.12.1 * p7zip-full-debuginfo-16.02-150200.14.12.1 * SUSE Manager Proxy 4.3 (x86_64) * p7zip-full-16.02-150200.14.12.1 * p7zip-debugsource-16.02-150200.14.12.1 * p7zip-16.02-150200.14.12.1 * p7zip-full-debuginfo-16.02-150200.14.12.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * p7zip-full-16.02-150200.14.12.1 * p7zip-debugsource-16.02-150200.14.12.1 * p7zip-16.02-150200.14.12.1 * p7zip-full-debuginfo-16.02-150200.14.12.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * p7zip-full-16.02-150200.14.12.1 * p7zip-debugsource-16.02-150200.14.12.1 * p7zip-16.02-150200.14.12.1 * p7zip-full-debuginfo-16.02-150200.14.12.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * p7zip-full-16.02-150200.14.12.1 * p7zip-debugsource-16.02-150200.14.12.1 * p7zip-16.02-150200.14.12.1 * p7zip-full-debuginfo-16.02-150200.14.12.1 ## References: * https://www.suse.com/security/cve/CVE-2023-52168.html * https://www.suse.com/security/cve/CVE-2023-52169.html * https://bugzilla.suse.com/show_bug.cgi?id=1227358 * https://bugzilla.suse.com/show_bug.cgi?id=1227359 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jul 30 08:37:18 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 30 Jul 2024 08:37:18 -0000 Subject: SUSE-SU-2024:2624-1: important: Security update for apache2 Message-ID: <172232863856.29307.9256314451140913097@smelt2.prg2.suse.org> # Security update for apache2 Announcement ID: SUSE-SU-2024:2624-1 Rating: important References: * bsc#1227268 * bsc#1227269 * bsc#1227270 * bsc#1227271 Cross-References: * CVE-2024-38475 * CVE-2024-38476 * CVE-2024-38477 * CVE-2024-39573 CVSS scores: * CVE-2024-38475 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N * CVE-2024-38476 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N * CVE-2024-38477 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-39573 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * Server Applications Module 15-SP5 * Server Applications Module 15-SP6 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 * SUSE Package Hub 15 15-SP5 An update that solves four vulnerabilities can now be installed. ## Description: This update for apache2 fixes the following issues: * CVE-2024-38475: Fixed improper escaping of output in mod_rewrite (bsc#1227268) * CVE-2024-38476: Fixed server may use exploitable/malicious backend application output to run local handlers via internal redirect (bsc#1227269) * CVE-2024-38477: Fixed null pointer dereference in mod_proxy (bsc#1227270) * CVE-2024-39573: Fixed potential SSRF in mod_rewrite (bsc#1227271) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-2624=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-2624=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-2624=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-2624=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-2624=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-2624=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-2624=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-2624=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-2624=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-2624=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-2624=1 * Server Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP5-2024-2624=1 * Server Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2024-2624=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-2624=1 ## Package List: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * apache2-prefork-2.4.51-150400.6.29.1 * apache2-prefork-debuginfo-2.4.51-150400.6.29.1 * apache2-worker-debuginfo-2.4.51-150400.6.29.1 * apache2-2.4.51-150400.6.29.1 * apache2-debugsource-2.4.51-150400.6.29.1 * apache2-debuginfo-2.4.51-150400.6.29.1 * apache2-devel-2.4.51-150400.6.29.1 * apache2-worker-2.4.51-150400.6.29.1 * apache2-utils-debuginfo-2.4.51-150400.6.29.1 * apache2-utils-2.4.51-150400.6.29.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * apache2-doc-2.4.51-150400.6.29.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * apache2-prefork-2.4.51-150400.6.29.1 * apache2-prefork-debuginfo-2.4.51-150400.6.29.1 * apache2-2.4.51-150400.6.29.1 * apache2-debugsource-2.4.51-150400.6.29.1 * apache2-debuginfo-2.4.51-150400.6.29.1 * apache2-utils-debuginfo-2.4.51-150400.6.29.1 * apache2-utils-2.4.51-150400.6.29.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * apache2-prefork-2.4.51-150400.6.29.1 * apache2-prefork-debuginfo-2.4.51-150400.6.29.1 * apache2-worker-debuginfo-2.4.51-150400.6.29.1 * apache2-2.4.51-150400.6.29.1 * apache2-debugsource-2.4.51-150400.6.29.1 * apache2-debuginfo-2.4.51-150400.6.29.1 * apache2-devel-2.4.51-150400.6.29.1 * apache2-worker-2.4.51-150400.6.29.1 * apache2-utils-debuginfo-2.4.51-150400.6.29.1 * apache2-utils-2.4.51-150400.6.29.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch) * apache2-doc-2.4.51-150400.6.29.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * apache2-prefork-2.4.51-150400.6.29.1 * apache2-prefork-debuginfo-2.4.51-150400.6.29.1 * apache2-worker-debuginfo-2.4.51-150400.6.29.1 * apache2-2.4.51-150400.6.29.1 * apache2-debugsource-2.4.51-150400.6.29.1 * apache2-debuginfo-2.4.51-150400.6.29.1 * apache2-devel-2.4.51-150400.6.29.1 * apache2-worker-2.4.51-150400.6.29.1 * apache2-utils-debuginfo-2.4.51-150400.6.29.1 * apache2-utils-2.4.51-150400.6.29.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * apache2-doc-2.4.51-150400.6.29.1 * SUSE Manager Proxy 4.3 (x86_64) * apache2-prefork-2.4.51-150400.6.29.1 * apache2-prefork-debuginfo-2.4.51-150400.6.29.1 * apache2-worker-debuginfo-2.4.51-150400.6.29.1 * apache2-2.4.51-150400.6.29.1 * apache2-debugsource-2.4.51-150400.6.29.1 * apache2-debuginfo-2.4.51-150400.6.29.1 * apache2-devel-2.4.51-150400.6.29.1 * apache2-worker-2.4.51-150400.6.29.1 * apache2-utils-debuginfo-2.4.51-150400.6.29.1 * apache2-utils-2.4.51-150400.6.29.1 * SUSE Manager Proxy 4.3 (noarch) * apache2-doc-2.4.51-150400.6.29.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * apache2-prefork-2.4.51-150400.6.29.1 * apache2-prefork-debuginfo-2.4.51-150400.6.29.1 * apache2-worker-debuginfo-2.4.51-150400.6.29.1 * apache2-2.4.51-150400.6.29.1 * apache2-debugsource-2.4.51-150400.6.29.1 * apache2-debuginfo-2.4.51-150400.6.29.1 * apache2-devel-2.4.51-150400.6.29.1 * apache2-worker-2.4.51-150400.6.29.1 * apache2-utils-debuginfo-2.4.51-150400.6.29.1 * apache2-utils-2.4.51-150400.6.29.1 * SUSE Manager Retail Branch Server 4.3 (noarch) * apache2-doc-2.4.51-150400.6.29.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * apache2-prefork-2.4.51-150400.6.29.1 * apache2-prefork-debuginfo-2.4.51-150400.6.29.1 * apache2-worker-debuginfo-2.4.51-150400.6.29.1 * apache2-2.4.51-150400.6.29.1 * apache2-debugsource-2.4.51-150400.6.29.1 * apache2-debuginfo-2.4.51-150400.6.29.1 * apache2-devel-2.4.51-150400.6.29.1 * apache2-worker-2.4.51-150400.6.29.1 * apache2-utils-debuginfo-2.4.51-150400.6.29.1 * apache2-utils-2.4.51-150400.6.29.1 * SUSE Manager Server 4.3 (noarch) * apache2-doc-2.4.51-150400.6.29.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * apache2-prefork-2.4.51-150400.6.29.1 * apache2-utils-2.4.51-150400.6.29.1 * apache2-prefork-debuginfo-2.4.51-150400.6.29.1 * apache2-event-debuginfo-2.4.51-150400.6.29.1 * apache2-worker-debuginfo-2.4.51-150400.6.29.1 * apache2-2.4.51-150400.6.29.1 * apache2-debugsource-2.4.51-150400.6.29.1 * apache2-debuginfo-2.4.51-150400.6.29.1 * apache2-devel-2.4.51-150400.6.29.1 * apache2-worker-2.4.51-150400.6.29.1 * apache2-example-pages-2.4.51-150400.6.29.1 * apache2-utils-debuginfo-2.4.51-150400.6.29.1 * apache2-event-2.4.51-150400.6.29.1 * openSUSE Leap 15.4 (noarch) * apache2-doc-2.4.51-150400.6.29.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * apache2-prefork-2.4.51-150400.6.29.1 * apache2-utils-2.4.51-150400.6.29.1 * apache2-prefork-debuginfo-2.4.51-150400.6.29.1 * apache2-event-debuginfo-2.4.51-150400.6.29.1 * apache2-worker-debuginfo-2.4.51-150400.6.29.1 * apache2-2.4.51-150400.6.29.1 * apache2-debugsource-2.4.51-150400.6.29.1 * apache2-debuginfo-2.4.51-150400.6.29.1 * apache2-devel-2.4.51-150400.6.29.1 * apache2-worker-2.4.51-150400.6.29.1 * apache2-example-pages-2.4.51-150400.6.29.1 * apache2-utils-debuginfo-2.4.51-150400.6.29.1 * apache2-event-2.4.51-150400.6.29.1 * openSUSE Leap 15.5 (noarch) * apache2-doc-2.4.51-150400.6.29.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * apache2-prefork-2.4.51-150400.6.29.1 * apache2-prefork-debuginfo-2.4.51-150400.6.29.1 * apache2-2.4.51-150400.6.29.1 * apache2-debugsource-2.4.51-150400.6.29.1 * apache2-debuginfo-2.4.51-150400.6.29.1 * apache2-utils-debuginfo-2.4.51-150400.6.29.1 * apache2-utils-2.4.51-150400.6.29.1 * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x x86_64) * apache2-debugsource-2.4.51-150400.6.29.1 * apache2-event-2.4.51-150400.6.29.1 * apache2-debuginfo-2.4.51-150400.6.29.1 * apache2-event-debuginfo-2.4.51-150400.6.29.1 * Server Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * apache2-worker-debuginfo-2.4.51-150400.6.29.1 * apache2-debugsource-2.4.51-150400.6.29.1 * apache2-debuginfo-2.4.51-150400.6.29.1 * apache2-devel-2.4.51-150400.6.29.1 * apache2-worker-2.4.51-150400.6.29.1 * Server Applications Module 15-SP5 (noarch) * apache2-doc-2.4.51-150400.6.29.1 * Server Applications Module 15-SP6 (noarch) * apache2-doc-2.4.51-150400.6.29.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * apache2-prefork-2.4.51-150400.6.29.1 * apache2-prefork-debuginfo-2.4.51-150400.6.29.1 * apache2-worker-debuginfo-2.4.51-150400.6.29.1 * apache2-2.4.51-150400.6.29.1 * apache2-debugsource-2.4.51-150400.6.29.1 * apache2-debuginfo-2.4.51-150400.6.29.1 * apache2-devel-2.4.51-150400.6.29.1 * apache2-worker-2.4.51-150400.6.29.1 * apache2-utils-debuginfo-2.4.51-150400.6.29.1 * apache2-utils-2.4.51-150400.6.29.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * apache2-doc-2.4.51-150400.6.29.1 ## References: * https://www.suse.com/security/cve/CVE-2024-38475.html * https://www.suse.com/security/cve/CVE-2024-38476.html * https://www.suse.com/security/cve/CVE-2024-38477.html * https://www.suse.com/security/cve/CVE-2024-39573.html * https://bugzilla.suse.com/show_bug.cgi?id=1227268 * https://bugzilla.suse.com/show_bug.cgi?id=1227269 * https://bugzilla.suse.com/show_bug.cgi?id=1227270 * https://bugzilla.suse.com/show_bug.cgi?id=1227271 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jul 30 08:37:30 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 30 Jul 2024 08:37:30 -0000 Subject: SUSE-SU-2024:2619-1: important: Security update for libgit2 Message-ID: <172232865021.29307.2790452356164778046@smelt2.prg2.suse.org> # Security update for libgit2 Announcement ID: SUSE-SU-2024:2619-1 Rating: important References: * bsc#1219660 Cross-References: * CVE-2024-24577 CVSS scores: * CVE-2024-24577 ( SUSE ): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L * CVE-2024-24577 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * Development Tools Module 15-SP5 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for libgit2 fixes the following issues: * CVE-2024-24577: Fixed arbitrary code execution due to heap corruption in git_index_add (bsc#1219660) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-2619=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-2619=1 * Development Tools Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2024-2619=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-2619=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-2619=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-2619=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-2619=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-2619=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * libgit2-devel-1.3.0-150400.3.9.1 * libgit2-1_3-1.3.0-150400.3.9.1 * libgit2-1_3-debuginfo-1.3.0-150400.3.9.1 * libgit2-debugsource-1.3.0-150400.3.9.1 * openSUSE Leap 15.4 (x86_64) * libgit2-1_3-32bit-debuginfo-1.3.0-150400.3.9.1 * libgit2-1_3-32bit-1.3.0-150400.3.9.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libgit2-1_3-64bit-debuginfo-1.3.0-150400.3.9.1 * libgit2-1_3-64bit-1.3.0-150400.3.9.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * libgit2-devel-1.3.0-150400.3.9.1 * libgit2-1_3-1.3.0-150400.3.9.1 * libgit2-1_3-debuginfo-1.3.0-150400.3.9.1 * libgit2-debugsource-1.3.0-150400.3.9.1 * openSUSE Leap 15.5 (x86_64) * libgit2-1_3-32bit-debuginfo-1.3.0-150400.3.9.1 * libgit2-1_3-32bit-1.3.0-150400.3.9.1 * Development Tools Module 15-SP5 (aarch64 ppc64le s390x x86_64) * libgit2-devel-1.3.0-150400.3.9.1 * libgit2-1_3-1.3.0-150400.3.9.1 * libgit2-1_3-debuginfo-1.3.0-150400.3.9.1 * libgit2-debugsource-1.3.0-150400.3.9.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * libgit2-devel-1.3.0-150400.3.9.1 * libgit2-1_3-1.3.0-150400.3.9.1 * libgit2-1_3-debuginfo-1.3.0-150400.3.9.1 * libgit2-debugsource-1.3.0-150400.3.9.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * libgit2-devel-1.3.0-150400.3.9.1 * libgit2-1_3-1.3.0-150400.3.9.1 * libgit2-1_3-debuginfo-1.3.0-150400.3.9.1 * libgit2-debugsource-1.3.0-150400.3.9.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * libgit2-devel-1.3.0-150400.3.9.1 * libgit2-1_3-1.3.0-150400.3.9.1 * libgit2-1_3-debuginfo-1.3.0-150400.3.9.1 * libgit2-debugsource-1.3.0-150400.3.9.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * libgit2-devel-1.3.0-150400.3.9.1 * libgit2-1_3-1.3.0-150400.3.9.1 * libgit2-1_3-debuginfo-1.3.0-150400.3.9.1 * libgit2-debugsource-1.3.0-150400.3.9.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * libgit2-devel-1.3.0-150400.3.9.1 * libgit2-1_3-1.3.0-150400.3.9.1 * libgit2-1_3-debuginfo-1.3.0-150400.3.9.1 * libgit2-debugsource-1.3.0-150400.3.9.1 ## References: * https://www.suse.com/security/cve/CVE-2024-24577.html * https://bugzilla.suse.com/show_bug.cgi?id=1219660 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jul 30 08:37:26 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 30 Jul 2024 08:37:26 -0000 Subject: SUSE-SU-2024:2621-1: moderate: Security update for devscripts Message-ID: <172232864651.29307.15658210390261967992@smelt2.prg2.suse.org> # Security update for devscripts Announcement ID: SUSE-SU-2024:2621-1 Rating: moderate References: * bsc#861514 Cross-References: * CVE-2014-1833 CVSS scores: * CVE-2014-1833 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for devscripts fixes the following issues: * CVE-2014-1833: Fixed symlink directory traversal in uupdate (bsc#861514) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-2621=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (noarch) * checkbashisms-2.12.6-5.3.1 ## References: * https://www.suse.com/security/cve/CVE-2014-1833.html * https://bugzilla.suse.com/show_bug.cgi?id=861514 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jul 30 08:37:32 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 30 Jul 2024 08:37:32 -0000 Subject: SUSE-SU-2024:2618-1: moderate: Security update for gnome-shell Message-ID: <172232865260.29307.10005156179635289470@smelt2.prg2.suse.org> # Security update for gnome-shell Announcement ID: SUSE-SU-2024:2618-1 Rating: moderate References: * bsc#1225567 Cross-References: * CVE-2024-36472 CVSS scores: * CVE-2024-36472 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:L Affected Products: * Desktop Applications Module 15-SP5 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Workstation Extension 15 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for gnome-shell fixes the following issues: * CVE-2024-36472: Fixed portal helper automatically launched without user confirmation (bsc#1225567) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-2618=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-2618=1 * Desktop Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP5-2024-2618=1 * SUSE Linux Enterprise Workstation Extension 15 SP5 zypper in -t patch SUSE-SLE-Product-WE-15-SP5-2024-2618=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * gnome-shell-calendar-debuginfo-41.9-150400.3.11.1 * gnome-shell-debuginfo-41.9-150400.3.11.1 * gnome-extensions-debuginfo-41.9-150400.3.11.1 * gnome-shell-41.9-150400.3.11.1 * gnome-shell-debugsource-41.9-150400.3.11.1 * gnome-extensions-41.9-150400.3.11.1 * gnome-shell-calendar-41.9-150400.3.11.1 * gnome-shell-devel-41.9-150400.3.11.1 * openSUSE Leap 15.4 (noarch) * gnome-shell-lang-41.9-150400.3.11.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * gnome-shell-calendar-debuginfo-41.9-150400.3.11.1 * gnome-shell-debuginfo-41.9-150400.3.11.1 * gnome-extensions-debuginfo-41.9-150400.3.11.1 * gnome-shell-41.9-150400.3.11.1 * gnome-shell-debugsource-41.9-150400.3.11.1 * gnome-extensions-41.9-150400.3.11.1 * gnome-shell-calendar-41.9-150400.3.11.1 * gnome-shell-devel-41.9-150400.3.11.1 * openSUSE Leap 15.5 (noarch) * gnome-shell-lang-41.9-150400.3.11.1 * Desktop Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * gnome-shell-debuginfo-41.9-150400.3.11.1 * gnome-extensions-debuginfo-41.9-150400.3.11.1 * gnome-shell-41.9-150400.3.11.1 * gnome-shell-debugsource-41.9-150400.3.11.1 * gnome-extensions-41.9-150400.3.11.1 * gnome-shell-devel-41.9-150400.3.11.1 * Desktop Applications Module 15-SP5 (noarch) * gnome-shell-lang-41.9-150400.3.11.1 * SUSE Linux Enterprise Workstation Extension 15 SP5 (x86_64) * gnome-shell-calendar-41.9-150400.3.11.1 * gnome-shell-debuginfo-41.9-150400.3.11.1 * gnome-shell-calendar-debuginfo-41.9-150400.3.11.1 * gnome-shell-debugsource-41.9-150400.3.11.1 ## References: * https://www.suse.com/security/cve/CVE-2024-36472.html * https://bugzilla.suse.com/show_bug.cgi?id=1225567 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jul 30 12:30:10 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 30 Jul 2024 12:30:10 -0000 Subject: SUSE-SU-2024:2648-1: important: Security update for shadow Message-ID: <172234261003.15933.6779427320595055897@smelt2.prg2.suse.org> # Security update for shadow Announcement ID: SUSE-SU-2024:2648-1 Rating: important References: * bsc#916845 Cross-References: * CVE-2013-4235 CVSS scores: * CVE-2013-4235 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H * CVE-2013-4235 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N Affected Products: * openSUSE Leap 15.3 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves one vulnerability can now be installed. ## Description: This update for shadow fixes the following issues: * CVE-2013-4235: Fixed a race condition when copying and removing directory trees (bsc#916845). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-2648=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-2648=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-2648=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-2648=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-2648=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-2648=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-2648=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-2648=1 ## Package List: * openSUSE Leap 15.3 (noarch) * login_defs-4.8.1-150300.4.15.1 * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * shadow-debuginfo-4.8.1-150300.4.15.1 * shadow-4.8.1-150300.4.15.1 * shadow-debugsource-4.8.1-150300.4.15.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * login_defs-4.8.1-150300.4.15.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * shadow-debuginfo-4.8.1-150300.4.15.1 * shadow-4.8.1-150300.4.15.1 * shadow-debugsource-4.8.1-150300.4.15.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch) * login_defs-4.8.1-150300.4.15.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * shadow-debuginfo-4.8.1-150300.4.15.1 * shadow-4.8.1-150300.4.15.1 * shadow-debugsource-4.8.1-150300.4.15.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * login_defs-4.8.1-150300.4.15.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * shadow-debuginfo-4.8.1-150300.4.15.1 * shadow-4.8.1-150300.4.15.1 * shadow-debugsource-4.8.1-150300.4.15.1 * SUSE Enterprise Storage 7.1 (noarch) * login_defs-4.8.1-150300.4.15.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * shadow-debuginfo-4.8.1-150300.4.15.1 * shadow-4.8.1-150300.4.15.1 * shadow-debugsource-4.8.1-150300.4.15.1 * SUSE Linux Enterprise Micro 5.1 (noarch) * login_defs-4.8.1-150300.4.15.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * shadow-debuginfo-4.8.1-150300.4.15.1 * shadow-4.8.1-150300.4.15.1 * shadow-debugsource-4.8.1-150300.4.15.1 * SUSE Linux Enterprise Micro 5.2 (noarch) * login_defs-4.8.1-150300.4.15.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * shadow-debuginfo-4.8.1-150300.4.15.1 * shadow-4.8.1-150300.4.15.1 * shadow-debugsource-4.8.1-150300.4.15.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (noarch) * login_defs-4.8.1-150300.4.15.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * shadow-debuginfo-4.8.1-150300.4.15.1 * shadow-4.8.1-150300.4.15.1 * shadow-debugsource-4.8.1-150300.4.15.1 ## References: * https://www.suse.com/security/cve/CVE-2013-4235.html * https://bugzilla.suse.com/show_bug.cgi?id=916845 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jul 30 12:30:35 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 30 Jul 2024 12:30:35 -0000 Subject: SUSE-SU-2024:2643-1: important: Security update for orc Message-ID: <172234263539.15933.9699069309980199921@smelt2.prg2.suse.org> # Security update for orc Announcement ID: SUSE-SU-2024:2643-1 Rating: important References: * bsc#1228184 Cross-References: * CVE-2024-40897 CVSS scores: * CVE-2024-40897 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for orc fixes the following issues: * CVE-2024-40897: Fixed stack-based buffer overflow in the orc compiler when formatting error messages for certain input files (bsc#1228184) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-2643=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-2643=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-2643=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-2643=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * orc-debuginfo-0.4.21-3.3.1 * orc-debugsource-0.4.21-3.3.1 * orc-0.4.21-3.3.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * liborc-0_4-0-0.4.21-3.3.1 * liborc-0_4-0-debuginfo-0.4.21-3.3.1 * orc-debugsource-0.4.21-3.3.1 * orc-debuginfo-0.4.21-3.3.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (x86_64) * liborc-0_4-0-32bit-0.4.21-3.3.1 * liborc-0_4-0-debuginfo-32bit-0.4.21-3.3.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * liborc-0_4-0-0.4.21-3.3.1 * liborc-0_4-0-debuginfo-0.4.21-3.3.1 * orc-debugsource-0.4.21-3.3.1 * orc-debuginfo-0.4.21-3.3.1 * SUSE Linux Enterprise Server 12 SP5 (s390x x86_64) * liborc-0_4-0-32bit-0.4.21-3.3.1 * liborc-0_4-0-debuginfo-32bit-0.4.21-3.3.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * liborc-0_4-0-0.4.21-3.3.1 * liborc-0_4-0-debuginfo-0.4.21-3.3.1 * orc-debugsource-0.4.21-3.3.1 * orc-debuginfo-0.4.21-3.3.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (x86_64) * liborc-0_4-0-32bit-0.4.21-3.3.1 * liborc-0_4-0-debuginfo-32bit-0.4.21-3.3.1 ## References: * https://www.suse.com/security/cve/CVE-2024-40897.html * https://bugzilla.suse.com/show_bug.cgi?id=1228184 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jul 30 16:30:09 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 30 Jul 2024 16:30:09 -0000 Subject: SUSE-SU-2024:2669-1: moderate: Security update for kubevirt, virt-api-container, virt-controller-container, virt-exportproxy-container, virt-exportserver-container, virt-handler-container, virt-launcher-container, virt-libguestfs-t Message-ID: <172235700930.13007.7187345539420863138@smelt2.prg2.suse.org> # Security update for kubevirt, virt-api-container, virt-controller-container, virt-exportproxy-container, virt-exportserver-container, virt-handler-container, virt-launcher-container, virt-libguestfs-t Announcement ID: SUSE-SU-2024:2669-1 Rating: moderate References: Affected Products: * Containers Module 15-SP5 * openSUSE Leap 15.5 * openSUSE Leap Micro 5.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that can now be installed. ## Description: This update for kubevirt, virt-api-container, virt-controller-container, virt- exportproxy-container, virt-exportserver-container, virt-handler-container, virt-launcher-container, virt-libguestfs-tools-container, virt-operator- container, virt-pr-helper-container fixes the following issues: * Update to version 1.2.2 Release notes https://github.com/kubevirt/kubevirt/releases/tag/v1.2.2 Release notes https://github.com/kubevirt/kubevirt/releases/tag/v1.2.1 Release notes https://github.com/kubevirt/kubevirt/releases/tag/v1.2.0 \- Use predefined configuration files for libvirt \- Install psmisc (provides killall for tests) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-2669=1 SUSE-2024-2669=1 * openSUSE Leap Micro 5.5 zypper in -t patch openSUSE-Leap-Micro-5.5-2024-2669=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-2669=1 * Containers Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Containers-15-SP5-2024-2669=1 ## Package List: * openSUSE Leap 15.5 (x86_64) * kubevirt-virt-exportserver-1.2.2-150500.8.21.1 * kubevirt-manifests-1.2.2-150500.8.21.1 * kubevirt-virt-operator-1.2.2-150500.8.21.1 * kubevirt-virt-exportserver-debuginfo-1.2.2-150500.8.21.1 * kubevirt-virt-handler-debuginfo-1.2.2-150500.8.21.1 * kubevirt-virtctl-debuginfo-1.2.2-150500.8.21.1 * kubevirt-virt-exportproxy-debuginfo-1.2.2-150500.8.21.1 * kubevirt-virt-handler-1.2.2-150500.8.21.1 * kubevirt-virt-launcher-1.2.2-150500.8.21.1 * kubevirt-virt-controller-1.2.2-150500.8.21.1 * kubevirt-pr-helper-conf-1.2.2-150500.8.21.1 * kubevirt-virt-launcher-debuginfo-1.2.2-150500.8.21.1 * kubevirt-virt-api-1.2.2-150500.8.21.1 * kubevirt-container-disk-debuginfo-1.2.2-150500.8.21.1 * kubevirt-virt-controller-debuginfo-1.2.2-150500.8.21.1 * kubevirt-virt-exportproxy-1.2.2-150500.8.21.1 * kubevirt-virt-operator-debuginfo-1.2.2-150500.8.21.1 * kubevirt-container-disk-1.2.2-150500.8.21.1 * kubevirt-tests-debuginfo-1.2.2-150500.8.21.1 * obs-service-kubevirt_containers_meta-1.2.2-150500.8.21.1 * kubevirt-tests-1.2.2-150500.8.21.1 * kubevirt-virt-api-debuginfo-1.2.2-150500.8.21.1 * kubevirt-virtctl-1.2.2-150500.8.21.1 * openSUSE Leap Micro 5.5 (x86_64) * kubevirt-virtctl-1.2.2-150500.8.21.1 * kubevirt-virtctl-debuginfo-1.2.2-150500.8.21.1 * kubevirt-manifests-1.2.2-150500.8.21.1 * SUSE Linux Enterprise Micro 5.5 (x86_64) * kubevirt-virtctl-1.2.2-150500.8.21.1 * kubevirt-virtctl-debuginfo-1.2.2-150500.8.21.1 * kubevirt-manifests-1.2.2-150500.8.21.1 * Containers Module 15-SP5 (x86_64) * kubevirt-virtctl-1.2.2-150500.8.21.1 * kubevirt-virtctl-debuginfo-1.2.2-150500.8.21.1 * kubevirt-manifests-1.2.2-150500.8.21.1 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jul 30 16:30:10 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 30 Jul 2024 16:30:10 -0000 Subject: SUSE-SU-2024:2668-1: moderate: Security update for cdi-apiserver-container, cdi-cloner-container, cdi-controller-container, cdi-importer-container, cdi-operator-container, cdi-uploadproxy-container, cdi-uploadserver-container, cont Message-ID: <172235701068.13007.10796059203791741778@smelt2.prg2.suse.org> # Security update for cdi-apiserver-container, cdi-cloner-container, cdi- controller-container, cdi-importer-container, cdi-operator-container, cdi- uploadproxy-container, cdi-uploadserver-container, cont Announcement ID: SUSE-SU-2024:2668-1 Rating: moderate References: Affected Products: * Containers Module 15-SP5 * openSUSE Leap 15.5 * openSUSE Leap Micro 5.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that can now be installed. ## Description: This update for cdi-apiserver-container, cdi-cloner-container, cdi-controller- container, cdi-importer-container, cdi-operator-container, cdi-uploadproxy- container, cdi-uploadserver-container, containerized-data-importer fixes the following issues: Update to version 1.59.0 * Release notes https://github.com/kubevirt/containerized-data- importer/releases/tag/v1.59.0 * Release notes https://github.com/kubevirt/containerized-data- importer/releases/tag/v1.58.1 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-2668=1 openSUSE-SLE-15.5-2024-2668=1 * openSUSE Leap Micro 5.5 zypper in -t patch openSUSE-Leap-Micro-5.5-2024-2668=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-2668=1 * Containers Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Containers-15-SP5-2024-2668=1 ## Package List: * openSUSE Leap 15.5 (x86_64) * containerized-data-importer-controller-debuginfo-1.59.0-150500.6.18.1 * containerized-data-importer-uploadproxy-debuginfo-1.59.0-150500.6.18.1 * containerized-data-importer-uploadserver-debuginfo-1.59.0-150500.6.18.1 * obs-service-cdi_containers_meta-1.59.0-150500.6.18.1 * containerized-data-importer-controller-1.59.0-150500.6.18.1 * containerized-data-importer-api-1.59.0-150500.6.18.1 * containerized-data-importer-importer-1.59.0-150500.6.18.1 * containerized-data-importer-operator-debuginfo-1.59.0-150500.6.18.1 * containerized-data-importer-uploadserver-1.59.0-150500.6.18.1 * containerized-data-importer-operator-1.59.0-150500.6.18.1 * containerized-data-importer-cloner-1.59.0-150500.6.18.1 * containerized-data-importer-uploadproxy-1.59.0-150500.6.18.1 * containerized-data-importer-manifests-1.59.0-150500.6.18.1 * containerized-data-importer-cloner-debuginfo-1.59.0-150500.6.18.1 * containerized-data-importer-api-debuginfo-1.59.0-150500.6.18.1 * containerized-data-importer-importer-debuginfo-1.59.0-150500.6.18.1 * openSUSE Leap Micro 5.5 (x86_64) * containerized-data-importer-manifests-1.59.0-150500.6.18.1 * SUSE Linux Enterprise Micro 5.5 (x86_64) * containerized-data-importer-manifests-1.59.0-150500.6.18.1 * Containers Module 15-SP5 (x86_64) * containerized-data-importer-manifests-1.59.0-150500.6.18.1 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jul 30 16:30:26 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 30 Jul 2024 16:30:26 -0000 Subject: SUSE-SU-2024:2663-1: important: Security update for orc Message-ID: <172235702693.13007.16443679219465208495@smelt2.prg2.suse.org> # Security update for orc Announcement ID: SUSE-SU-2024:2663-1 Rating: important References: * bsc#1228184 Cross-References: * CVE-2024-40897 CVSS scores: * CVE-2024-40897 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP5 * Basesystem Module 15-SP6 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * openSUSE Leap Micro 5.5 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 * SUSE Package Hub 15 15-SP5 * SUSE Package Hub 15 15-SP6 An update that solves one vulnerability can now be installed. ## Description: This update for orc fixes the following issues: * CVE-2024-40897: Fixed stack-based buffer overflow in the orc compiler when formatting error messages for certain input files (bsc#1228184) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap Micro 5.5 zypper in -t patch openSUSE-Leap-Micro-5.5-2024-2663=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-2663=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-2663=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-2663=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-2663=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-2663=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-2663=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-2663=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-2663=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-2663=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-2663=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-2663=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-2663=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-2663=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-2663=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-2663=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-2663=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-2663=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-2663=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-2663=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-2663=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-2663=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-2663=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-2663=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-2663=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-2663=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-2663=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-2663=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-2663=1 ## Package List: * openSUSE Leap Micro 5.5 (aarch64 s390x x86_64) * orc-debuginfo-0.4.28-150000.3.6.1 * liborc-0_4-0-0.4.28-150000.3.6.1 * liborc-0_4-0-debuginfo-0.4.28-150000.3.6.1 * orc-debugsource-0.4.28-150000.3.6.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * orc-debuginfo-0.4.28-150000.3.6.1 * liborc-0_4-0-0.4.28-150000.3.6.1 * orc-doc-0.4.28-150000.3.6.1 * orc-0.4.28-150000.3.6.1 * liborc-0_4-0-debuginfo-0.4.28-150000.3.6.1 * orc-debugsource-0.4.28-150000.3.6.1 * openSUSE Leap 15.5 (x86_64) * liborc-0_4-0-32bit-0.4.28-150000.3.6.1 * liborc-0_4-0-32bit-debuginfo-0.4.28-150000.3.6.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * orc-debuginfo-0.4.28-150000.3.6.1 * liborc-0_4-0-0.4.28-150000.3.6.1 * orc-doc-0.4.28-150000.3.6.1 * orc-0.4.28-150000.3.6.1 * liborc-0_4-0-debuginfo-0.4.28-150000.3.6.1 * orc-debugsource-0.4.28-150000.3.6.1 * openSUSE Leap 15.6 (x86_64) * liborc-0_4-0-32bit-0.4.28-150000.3.6.1 * liborc-0_4-0-32bit-debuginfo-0.4.28-150000.3.6.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * orc-debuginfo-0.4.28-150000.3.6.1 * liborc-0_4-0-0.4.28-150000.3.6.1 * liborc-0_4-0-debuginfo-0.4.28-150000.3.6.1 * orc-debugsource-0.4.28-150000.3.6.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * orc-debuginfo-0.4.28-150000.3.6.1 * liborc-0_4-0-0.4.28-150000.3.6.1 * liborc-0_4-0-debuginfo-0.4.28-150000.3.6.1 * orc-debugsource-0.4.28-150000.3.6.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * orc-debuginfo-0.4.28-150000.3.6.1 * liborc-0_4-0-0.4.28-150000.3.6.1 * liborc-0_4-0-debuginfo-0.4.28-150000.3.6.1 * orc-debugsource-0.4.28-150000.3.6.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * orc-debuginfo-0.4.28-150000.3.6.1 * liborc-0_4-0-0.4.28-150000.3.6.1 * liborc-0_4-0-debuginfo-0.4.28-150000.3.6.1 * orc-debugsource-0.4.28-150000.3.6.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * orc-debuginfo-0.4.28-150000.3.6.1 * liborc-0_4-0-0.4.28-150000.3.6.1 * liborc-0_4-0-debuginfo-0.4.28-150000.3.6.1 * orc-debugsource-0.4.28-150000.3.6.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * orc-debuginfo-0.4.28-150000.3.6.1 * liborc-0_4-0-0.4.28-150000.3.6.1 * orc-0.4.28-150000.3.6.1 * liborc-0_4-0-debuginfo-0.4.28-150000.3.6.1 * orc-debugsource-0.4.28-150000.3.6.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * orc-debuginfo-0.4.28-150000.3.6.1 * liborc-0_4-0-0.4.28-150000.3.6.1 * orc-0.4.28-150000.3.6.1 * liborc-0_4-0-debuginfo-0.4.28-150000.3.6.1 * orc-debugsource-0.4.28-150000.3.6.1 * SUSE Package Hub 15 15-SP5 (x86_64) * liborc-0_4-0-32bit-0.4.28-150000.3.6.1 * liborc-0_4-0-32bit-debuginfo-0.4.28-150000.3.6.1 * SUSE Package Hub 15 15-SP6 (x86_64) * liborc-0_4-0-32bit-0.4.28-150000.3.6.1 * liborc-0_4-0-32bit-debuginfo-0.4.28-150000.3.6.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * orc-debuginfo-0.4.28-150000.3.6.1 * liborc-0_4-0-0.4.28-150000.3.6.1 * orc-0.4.28-150000.3.6.1 * liborc-0_4-0-debuginfo-0.4.28-150000.3.6.1 * orc-debugsource-0.4.28-150000.3.6.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * orc-debuginfo-0.4.28-150000.3.6.1 * liborc-0_4-0-0.4.28-150000.3.6.1 * orc-0.4.28-150000.3.6.1 * liborc-0_4-0-debuginfo-0.4.28-150000.3.6.1 * orc-debugsource-0.4.28-150000.3.6.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * orc-debuginfo-0.4.28-150000.3.6.1 * liborc-0_4-0-0.4.28-150000.3.6.1 * orc-0.4.28-150000.3.6.1 * liborc-0_4-0-debuginfo-0.4.28-150000.3.6.1 * orc-debugsource-0.4.28-150000.3.6.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * orc-debuginfo-0.4.28-150000.3.6.1 * liborc-0_4-0-0.4.28-150000.3.6.1 * orc-0.4.28-150000.3.6.1 * liborc-0_4-0-debuginfo-0.4.28-150000.3.6.1 * orc-debugsource-0.4.28-150000.3.6.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * orc-debuginfo-0.4.28-150000.3.6.1 * liborc-0_4-0-0.4.28-150000.3.6.1 * orc-0.4.28-150000.3.6.1 * liborc-0_4-0-debuginfo-0.4.28-150000.3.6.1 * orc-debugsource-0.4.28-150000.3.6.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * orc-debuginfo-0.4.28-150000.3.6.1 * liborc-0_4-0-0.4.28-150000.3.6.1 * orc-0.4.28-150000.3.6.1 * liborc-0_4-0-debuginfo-0.4.28-150000.3.6.1 * orc-debugsource-0.4.28-150000.3.6.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * orc-debuginfo-0.4.28-150000.3.6.1 * liborc-0_4-0-0.4.28-150000.3.6.1 * orc-0.4.28-150000.3.6.1 * liborc-0_4-0-debuginfo-0.4.28-150000.3.6.1 * orc-debugsource-0.4.28-150000.3.6.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * orc-debuginfo-0.4.28-150000.3.6.1 * liborc-0_4-0-0.4.28-150000.3.6.1 * orc-0.4.28-150000.3.6.1 * liborc-0_4-0-debuginfo-0.4.28-150000.3.6.1 * orc-debugsource-0.4.28-150000.3.6.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * orc-debuginfo-0.4.28-150000.3.6.1 * liborc-0_4-0-0.4.28-150000.3.6.1 * orc-0.4.28-150000.3.6.1 * liborc-0_4-0-debuginfo-0.4.28-150000.3.6.1 * orc-debugsource-0.4.28-150000.3.6.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * orc-debuginfo-0.4.28-150000.3.6.1 * liborc-0_4-0-0.4.28-150000.3.6.1 * orc-0.4.28-150000.3.6.1 * liborc-0_4-0-debuginfo-0.4.28-150000.3.6.1 * orc-debugsource-0.4.28-150000.3.6.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * orc-debuginfo-0.4.28-150000.3.6.1 * liborc-0_4-0-0.4.28-150000.3.6.1 * orc-0.4.28-150000.3.6.1 * liborc-0_4-0-debuginfo-0.4.28-150000.3.6.1 * orc-debugsource-0.4.28-150000.3.6.1 * SUSE Manager Proxy 4.3 (x86_64) * orc-debuginfo-0.4.28-150000.3.6.1 * liborc-0_4-0-0.4.28-150000.3.6.1 * orc-0.4.28-150000.3.6.1 * liborc-0_4-0-debuginfo-0.4.28-150000.3.6.1 * orc-debugsource-0.4.28-150000.3.6.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * orc-debuginfo-0.4.28-150000.3.6.1 * liborc-0_4-0-0.4.28-150000.3.6.1 * orc-0.4.28-150000.3.6.1 * liborc-0_4-0-debuginfo-0.4.28-150000.3.6.1 * orc-debugsource-0.4.28-150000.3.6.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * orc-debuginfo-0.4.28-150000.3.6.1 * liborc-0_4-0-0.4.28-150000.3.6.1 * orc-0.4.28-150000.3.6.1 * liborc-0_4-0-debuginfo-0.4.28-150000.3.6.1 * orc-debugsource-0.4.28-150000.3.6.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * orc-debuginfo-0.4.28-150000.3.6.1 * liborc-0_4-0-0.4.28-150000.3.6.1 * orc-0.4.28-150000.3.6.1 * liborc-0_4-0-debuginfo-0.4.28-150000.3.6.1 * orc-debugsource-0.4.28-150000.3.6.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * orc-debuginfo-0.4.28-150000.3.6.1 * liborc-0_4-0-0.4.28-150000.3.6.1 * liborc-0_4-0-debuginfo-0.4.28-150000.3.6.1 * orc-debugsource-0.4.28-150000.3.6.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * orc-debuginfo-0.4.28-150000.3.6.1 * liborc-0_4-0-0.4.28-150000.3.6.1 * liborc-0_4-0-debuginfo-0.4.28-150000.3.6.1 * orc-debugsource-0.4.28-150000.3.6.1 ## References: * https://www.suse.com/security/cve/CVE-2024-40897.html * https://bugzilla.suse.com/show_bug.cgi?id=1228184 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jul 30 16:30:29 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 30 Jul 2024 16:30:29 -0000 Subject: SUSE-SU-2024:2662-1: moderate: Security update for python-urllib3 Message-ID: <172235702973.13007.16040934230168457579@smelt2.prg2.suse.org> # Security update for python-urllib3 Announcement ID: SUSE-SU-2024:2662-1 Rating: moderate References: * bsc#1226469 Cross-References: * CVE-2024-37891 CVSS scores: * CVE-2024-37891 ( SUSE ): 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N Affected Products: * Basesystem Module 15-SP5 * Basesystem Module 15-SP6 * openSUSE Leap 15.3 * openSUSE Leap 15.5 * openSUSE Leap Micro 5.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for python-urllib3 fixes the following issues: * CVE-2024-37891: Fixed proxy-authorization request header is not stripped during cross-origin redirects (bsc#1226469) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-2662=1 * openSUSE Leap Micro 5.5 zypper in -t patch openSUSE-Leap-Micro-5.5-2024-2662=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-2662=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-2662=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-2662=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-2662=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-2662=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-2662=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-2662=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-2662=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-2662=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-2662=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-2662=1 ## Package List: * openSUSE Leap 15.3 (noarch) * python3-urllib3-1.25.10-150300.4.12.1 * openSUSE Leap Micro 5.5 (noarch) * python3-urllib3-1.25.10-150300.4.12.1 * openSUSE Leap 15.5 (noarch) * python3-urllib3-1.25.10-150300.4.12.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (noarch) * python3-urllib3-1.25.10-150300.4.12.1 * SUSE Linux Enterprise Micro 5.3 (noarch) * python3-urllib3-1.25.10-150300.4.12.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (noarch) * python3-urllib3-1.25.10-150300.4.12.1 * SUSE Linux Enterprise Micro 5.4 (noarch) * python3-urllib3-1.25.10-150300.4.12.1 * SUSE Linux Enterprise Micro 5.5 (noarch) * python3-urllib3-1.25.10-150300.4.12.1 * Basesystem Module 15-SP5 (noarch) * python3-urllib3-1.25.10-150300.4.12.1 * Basesystem Module 15-SP6 (noarch) * python3-urllib3-1.25.10-150300.4.12.1 * SUSE Linux Enterprise Micro 5.1 (noarch) * python3-urllib3-1.25.10-150300.4.12.1 * SUSE Linux Enterprise Micro 5.2 (noarch) * python3-urllib3-1.25.10-150300.4.12.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (noarch) * python3-urllib3-1.25.10-150300.4.12.1 ## References: * https://www.suse.com/security/cve/CVE-2024-37891.html * https://bugzilla.suse.com/show_bug.cgi?id=1226469 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jul 30 16:30:34 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 30 Jul 2024 16:30:34 -0000 Subject: SUSE-SU-2024:2661-1: important: Security update for gtk3 Message-ID: <172235703480.13007.13357562320993210129@smelt2.prg2.suse.org> # Security update for gtk3 Announcement ID: SUSE-SU-2024:2661-1 Rating: important References: * bsc#1228120 Cross-References: * CVE-2024-6655 CVSS scores: * CVE-2024-6655 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP5 * Desktop Applications Module 15-SP5 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap Micro 5.5 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for gtk3 fixes the following issues: * CVE-2024-6655: Fixed library injection from current working directory (bsc#1228120) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-2661=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-2661=1 * Desktop Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP5-2024-2661=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-2661=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-2661=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-2661=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-2661=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-2661=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-2661=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-2661=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-2661=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-2661=1 * openSUSE Leap Micro 5.5 zypper in -t patch openSUSE-Leap-Micro-5.5-2024-2661=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-2661=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-2661=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-2661=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-2661=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-2661=1 ## Package List: * SUSE Linux Enterprise Micro 5.5 (noarch) * gtk3-schema-3.24.34-150400.3.9.1 * gtk3-data-3.24.34-150400.3.9.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * gtk3-tools-debuginfo-3.24.34-150400.3.9.1 * gtk3-debugsource-3.24.34-150400.3.9.1 * gtk3-tools-3.24.34-150400.3.9.1 * typelib-1_0-Gtk-3_0-3.24.34-150400.3.9.1 * libgtk-3-0-debuginfo-3.24.34-150400.3.9.1 * libgtk-3-0-3.24.34-150400.3.9.1 * Basesystem Module 15-SP5 (noarch) * gtk3-lang-3.24.34-150400.3.9.1 * gtk3-schema-3.24.34-150400.3.9.1 * gtk3-data-3.24.34-150400.3.9.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * gtk3-tools-debuginfo-3.24.34-150400.3.9.1 * gtk3-debugsource-3.24.34-150400.3.9.1 * gtk3-tools-3.24.34-150400.3.9.1 * gtk3-devel-debuginfo-3.24.34-150400.3.9.1 * typelib-1_0-Gtk-3_0-3.24.34-150400.3.9.1 * gtk3-devel-3.24.34-150400.3.9.1 * libgtk-3-0-debuginfo-3.24.34-150400.3.9.1 * libgtk-3-0-3.24.34-150400.3.9.1 * Desktop Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * gtk3-devel-doc-3.24.34-150400.3.9.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * gtk3-lang-3.24.34-150400.3.9.1 * gtk3-schema-3.24.34-150400.3.9.1 * gtk3-data-3.24.34-150400.3.9.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * libgtk-3-0-3.24.34-150400.3.9.1 * gtk3-tools-debuginfo-3.24.34-150400.3.9.1 * gtk3-debugsource-3.24.34-150400.3.9.1 * gtk3-tools-3.24.34-150400.3.9.1 * gtk3-devel-debuginfo-3.24.34-150400.3.9.1 * typelib-1_0-Gtk-3_0-3.24.34-150400.3.9.1 * gtk3-devel-3.24.34-150400.3.9.1 * libgtk-3-0-debuginfo-3.24.34-150400.3.9.1 * gtk3-devel-doc-3.24.34-150400.3.9.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * gtk3-lang-3.24.34-150400.3.9.1 * gtk3-schema-3.24.34-150400.3.9.1 * gtk3-data-3.24.34-150400.3.9.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * libgtk-3-0-3.24.34-150400.3.9.1 * gtk3-tools-debuginfo-3.24.34-150400.3.9.1 * gtk3-debugsource-3.24.34-150400.3.9.1 * gtk3-tools-3.24.34-150400.3.9.1 * gtk3-devel-debuginfo-3.24.34-150400.3.9.1 * typelib-1_0-Gtk-3_0-3.24.34-150400.3.9.1 * gtk3-devel-3.24.34-150400.3.9.1 * libgtk-3-0-debuginfo-3.24.34-150400.3.9.1 * gtk3-devel-doc-3.24.34-150400.3.9.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (noarch) * gtk3-lang-3.24.34-150400.3.9.1 * gtk3-schema-3.24.34-150400.3.9.1 * gtk3-data-3.24.34-150400.3.9.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * libgtk-3-0-3.24.34-150400.3.9.1 * gtk3-tools-debuginfo-3.24.34-150400.3.9.1 * gtk3-debugsource-3.24.34-150400.3.9.1 * gtk3-tools-3.24.34-150400.3.9.1 * gtk3-devel-debuginfo-3.24.34-150400.3.9.1 * typelib-1_0-Gtk-3_0-3.24.34-150400.3.9.1 * gtk3-devel-3.24.34-150400.3.9.1 * libgtk-3-0-debuginfo-3.24.34-150400.3.9.1 * gtk3-devel-doc-3.24.34-150400.3.9.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch) * gtk3-lang-3.24.34-150400.3.9.1 * gtk3-schema-3.24.34-150400.3.9.1 * gtk3-data-3.24.34-150400.3.9.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * libgtk-3-0-3.24.34-150400.3.9.1 * gtk3-tools-debuginfo-3.24.34-150400.3.9.1 * gtk3-debugsource-3.24.34-150400.3.9.1 * gtk3-tools-3.24.34-150400.3.9.1 * gtk3-devel-debuginfo-3.24.34-150400.3.9.1 * typelib-1_0-Gtk-3_0-3.24.34-150400.3.9.1 * gtk3-devel-3.24.34-150400.3.9.1 * libgtk-3-0-debuginfo-3.24.34-150400.3.9.1 * gtk3-devel-doc-3.24.34-150400.3.9.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * gtk3-lang-3.24.34-150400.3.9.1 * gtk3-schema-3.24.34-150400.3.9.1 * gtk3-data-3.24.34-150400.3.9.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * libgtk-3-0-3.24.34-150400.3.9.1 * gtk3-tools-debuginfo-3.24.34-150400.3.9.1 * gtk3-debugsource-3.24.34-150400.3.9.1 * gtk3-tools-3.24.34-150400.3.9.1 * gtk3-devel-debuginfo-3.24.34-150400.3.9.1 * typelib-1_0-Gtk-3_0-3.24.34-150400.3.9.1 * gtk3-devel-3.24.34-150400.3.9.1 * libgtk-3-0-debuginfo-3.24.34-150400.3.9.1 * gtk3-devel-doc-3.24.34-150400.3.9.1 * SUSE Manager Proxy 4.3 (noarch) * gtk3-lang-3.24.34-150400.3.9.1 * gtk3-schema-3.24.34-150400.3.9.1 * gtk3-data-3.24.34-150400.3.9.1 * SUSE Manager Proxy 4.3 (x86_64) * gtk3-tools-debuginfo-3.24.34-150400.3.9.1 * gtk3-debugsource-3.24.34-150400.3.9.1 * gtk3-tools-3.24.34-150400.3.9.1 * gtk3-devel-debuginfo-3.24.34-150400.3.9.1 * typelib-1_0-Gtk-3_0-3.24.34-150400.3.9.1 * gtk3-devel-3.24.34-150400.3.9.1 * libgtk-3-0-debuginfo-3.24.34-150400.3.9.1 * libgtk-3-0-3.24.34-150400.3.9.1 * SUSE Manager Retail Branch Server 4.3 (noarch) * gtk3-lang-3.24.34-150400.3.9.1 * gtk3-schema-3.24.34-150400.3.9.1 * gtk3-data-3.24.34-150400.3.9.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * gtk3-tools-debuginfo-3.24.34-150400.3.9.1 * gtk3-debugsource-3.24.34-150400.3.9.1 * gtk3-tools-3.24.34-150400.3.9.1 * gtk3-devel-debuginfo-3.24.34-150400.3.9.1 * typelib-1_0-Gtk-3_0-3.24.34-150400.3.9.1 * gtk3-devel-3.24.34-150400.3.9.1 * libgtk-3-0-debuginfo-3.24.34-150400.3.9.1 * libgtk-3-0-3.24.34-150400.3.9.1 * SUSE Manager Server 4.3 (noarch) * gtk3-lang-3.24.34-150400.3.9.1 * gtk3-schema-3.24.34-150400.3.9.1 * gtk3-data-3.24.34-150400.3.9.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * gtk3-tools-debuginfo-3.24.34-150400.3.9.1 * gtk3-debugsource-3.24.34-150400.3.9.1 * gtk3-tools-3.24.34-150400.3.9.1 * gtk3-devel-debuginfo-3.24.34-150400.3.9.1 * typelib-1_0-Gtk-3_0-3.24.34-150400.3.9.1 * gtk3-devel-3.24.34-150400.3.9.1 * libgtk-3-0-debuginfo-3.24.34-150400.3.9.1 * libgtk-3-0-3.24.34-150400.3.9.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * gtk3-immodule-broadway-debuginfo-3.24.34-150400.3.9.1 * gtk3-immodule-broadway-3.24.34-150400.3.9.1 * gtk3-tools-3.24.34-150400.3.9.1 * gtk3-devel-3.24.34-150400.3.9.1 * gtk3-immodule-amharic-3.24.34-150400.3.9.1 * gtk3-immodule-multipress-debuginfo-3.24.34-150400.3.9.1 * gtk3-immodule-xim-3.24.34-150400.3.9.1 * gtk3-immodule-vietnamese-3.24.34-150400.3.9.1 * gtk3-debugsource-3.24.34-150400.3.9.1 * gtk3-immodule-multipress-3.24.34-150400.3.9.1 * gtk3-devel-debuginfo-3.24.34-150400.3.9.1 * typelib-1_0-Gtk-3_0-3.24.34-150400.3.9.1 * libgtk-3-0-debuginfo-3.24.34-150400.3.9.1 * libgtk-3-0-3.24.34-150400.3.9.1 * gtk3-immodule-thai-debuginfo-3.24.34-150400.3.9.1 * gtk3-immodule-thai-3.24.34-150400.3.9.1 * gtk3-immodule-inuktitut-debuginfo-3.24.34-150400.3.9.1 * gtk3-immodule-amharic-debuginfo-3.24.34-150400.3.9.1 * gtk3-immodule-vietnamese-debuginfo-3.24.34-150400.3.9.1 * gtk3-immodule-xim-debuginfo-3.24.34-150400.3.9.1 * gettext-its-gtk3-3.24.34-150400.3.9.1 * gtk3-devel-doc-3.24.34-150400.3.9.1 * gtk3-immodule-wayland-3.24.34-150400.3.9.1 * gtk3-tools-debuginfo-3.24.34-150400.3.9.1 * gtk3-immodule-wayland-debuginfo-3.24.34-150400.3.9.1 * gtk3-immodule-inuktitut-3.24.34-150400.3.9.1 * gtk3-immodule-tigrigna-3.24.34-150400.3.9.1 * gtk3-immodule-tigrigna-debuginfo-3.24.34-150400.3.9.1 * openSUSE Leap 15.4 (noarch) * gtk3-branding-upstream-3.24.34-150400.3.9.1 * gtk3-schema-3.24.34-150400.3.9.1 * gtk3-lang-3.24.34-150400.3.9.1 * gtk3-data-3.24.34-150400.3.9.1 * openSUSE Leap 15.4 (x86_64) * gtk3-immodule-vietnamese-32bit-debuginfo-3.24.34-150400.3.9.1 * gtk3-immodule-tigrigna-32bit-debuginfo-3.24.34-150400.3.9.1 * gtk3-immodule-wayland-32bit-3.24.34-150400.3.9.1 * gtk3-immodule-thai-32bit-3.24.34-150400.3.9.1 * gtk3-immodule-vietnamese-32bit-3.24.34-150400.3.9.1 * gtk3-devel-32bit-debuginfo-3.24.34-150400.3.9.1 * gtk3-immodule-amharic-32bit-debuginfo-3.24.34-150400.3.9.1 * gtk3-immodule-tigrigna-32bit-3.24.34-150400.3.9.1 * gtk3-immodule-amharic-32bit-3.24.34-150400.3.9.1 * gtk3-immodule-xim-32bit-3.24.34-150400.3.9.1 * gtk3-tools-32bit-debuginfo-3.24.34-150400.3.9.1 * gtk3-immodule-inuktitut-32bit-3.24.34-150400.3.9.1 * gtk3-immodule-thai-32bit-debuginfo-3.24.34-150400.3.9.1 * gtk3-tools-32bit-3.24.34-150400.3.9.1 * gtk3-immodule-multipress-32bit-debuginfo-3.24.34-150400.3.9.1 * gtk3-immodule-multipress-32bit-3.24.34-150400.3.9.1 * gtk3-immodule-inuktitut-32bit-debuginfo-3.24.34-150400.3.9.1 * gtk3-devel-32bit-3.24.34-150400.3.9.1 * libgtk-3-0-32bit-debuginfo-3.24.34-150400.3.9.1 * gtk3-immodule-xim-32bit-debuginfo-3.24.34-150400.3.9.1 * gtk3-immodule-wayland-32bit-debuginfo-3.24.34-150400.3.9.1 * libgtk-3-0-32bit-3.24.34-150400.3.9.1 * openSUSE Leap 15.4 (aarch64_ilp32) * gtk3-immodule-tigrigna-64bit-debuginfo-3.24.34-150400.3.9.1 * gtk3-devel-64bit-3.24.34-150400.3.9.1 * gtk3-immodule-thai-64bit-3.24.34-150400.3.9.1 * gtk3-immodule-thai-64bit-debuginfo-3.24.34-150400.3.9.1 * gtk3-tools-64bit-debuginfo-3.24.34-150400.3.9.1 * gtk3-tools-64bit-3.24.34-150400.3.9.1 * gtk3-immodule-vietnamese-64bit-debuginfo-3.24.34-150400.3.9.1 * gtk3-immodule-amharic-64bit-debuginfo-3.24.34-150400.3.9.1 * gtk3-immodule-xim-64bit-debuginfo-3.24.34-150400.3.9.1 * gtk3-immodule-xim-64bit-3.24.34-150400.3.9.1 * libgtk-3-0-64bit-debuginfo-3.24.34-150400.3.9.1 * gtk3-immodule-vietnamese-64bit-3.24.34-150400.3.9.1 * gtk3-immodule-inuktitut-64bit-debuginfo-3.24.34-150400.3.9.1 * gtk3-immodule-wayland-64bit-debuginfo-3.24.34-150400.3.9.1 * gtk3-immodule-wayland-64bit-3.24.34-150400.3.9.1 * gtk3-devel-64bit-debuginfo-3.24.34-150400.3.9.1 * gtk3-immodule-tigrigna-64bit-3.24.34-150400.3.9.1 * gtk3-immodule-inuktitut-64bit-3.24.34-150400.3.9.1 * libgtk-3-0-64bit-3.24.34-150400.3.9.1 * gtk3-immodule-multipress-64bit-debuginfo-3.24.34-150400.3.9.1 * gtk3-immodule-multipress-64bit-3.24.34-150400.3.9.1 * gtk3-immodule-amharic-64bit-3.24.34-150400.3.9.1 * openSUSE Leap Micro 5.5 (noarch) * gtk3-schema-3.24.34-150400.3.9.1 * gtk3-data-3.24.34-150400.3.9.1 * openSUSE Leap Micro 5.5 (aarch64 s390x x86_64) * gtk3-tools-debuginfo-3.24.34-150400.3.9.1 * gtk3-debugsource-3.24.34-150400.3.9.1 * gtk3-tools-3.24.34-150400.3.9.1 * typelib-1_0-Gtk-3_0-3.24.34-150400.3.9.1 * libgtk-3-0-debuginfo-3.24.34-150400.3.9.1 * libgtk-3-0-3.24.34-150400.3.9.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * gtk3-immodule-broadway-debuginfo-3.24.34-150400.3.9.1 * gtk3-immodule-broadway-3.24.34-150400.3.9.1 * gtk3-tools-3.24.34-150400.3.9.1 * gtk3-devel-3.24.34-150400.3.9.1 * gtk3-immodule-amharic-3.24.34-150400.3.9.1 * gtk3-immodule-multipress-debuginfo-3.24.34-150400.3.9.1 * gtk3-immodule-xim-3.24.34-150400.3.9.1 * gtk3-immodule-vietnamese-3.24.34-150400.3.9.1 * gtk3-debugsource-3.24.34-150400.3.9.1 * gtk3-immodule-multipress-3.24.34-150400.3.9.1 * gtk3-devel-debuginfo-3.24.34-150400.3.9.1 * typelib-1_0-Gtk-3_0-3.24.34-150400.3.9.1 * libgtk-3-0-debuginfo-3.24.34-150400.3.9.1 * libgtk-3-0-3.24.34-150400.3.9.1 * gtk3-immodule-thai-debuginfo-3.24.34-150400.3.9.1 * gtk3-immodule-thai-3.24.34-150400.3.9.1 * gtk3-immodule-inuktitut-debuginfo-3.24.34-150400.3.9.1 * gtk3-immodule-amharic-debuginfo-3.24.34-150400.3.9.1 * gtk3-immodule-vietnamese-debuginfo-3.24.34-150400.3.9.1 * gtk3-immodule-xim-debuginfo-3.24.34-150400.3.9.1 * gettext-its-gtk3-3.24.34-150400.3.9.1 * gtk3-devel-doc-3.24.34-150400.3.9.1 * gtk3-immodule-wayland-3.24.34-150400.3.9.1 * gtk3-tools-debuginfo-3.24.34-150400.3.9.1 * gtk3-immodule-wayland-debuginfo-3.24.34-150400.3.9.1 * gtk3-immodule-inuktitut-3.24.34-150400.3.9.1 * gtk3-immodule-tigrigna-3.24.34-150400.3.9.1 * gtk3-immodule-tigrigna-debuginfo-3.24.34-150400.3.9.1 * openSUSE Leap 15.5 (noarch) * gtk3-branding-upstream-3.24.34-150400.3.9.1 * gtk3-schema-3.24.34-150400.3.9.1 * gtk3-lang-3.24.34-150400.3.9.1 * gtk3-data-3.24.34-150400.3.9.1 * openSUSE Leap 15.5 (x86_64) * gtk3-immodule-vietnamese-32bit-debuginfo-3.24.34-150400.3.9.1 * gtk3-immodule-tigrigna-32bit-debuginfo-3.24.34-150400.3.9.1 * gtk3-immodule-wayland-32bit-3.24.34-150400.3.9.1 * gtk3-immodule-thai-32bit-3.24.34-150400.3.9.1 * gtk3-immodule-vietnamese-32bit-3.24.34-150400.3.9.1 * gtk3-devel-32bit-debuginfo-3.24.34-150400.3.9.1 * gtk3-immodule-amharic-32bit-debuginfo-3.24.34-150400.3.9.1 * gtk3-immodule-tigrigna-32bit-3.24.34-150400.3.9.1 * gtk3-immodule-amharic-32bit-3.24.34-150400.3.9.1 * gtk3-immodule-xim-32bit-3.24.34-150400.3.9.1 * gtk3-tools-32bit-debuginfo-3.24.34-150400.3.9.1 * gtk3-immodule-inuktitut-32bit-3.24.34-150400.3.9.1 * gtk3-immodule-thai-32bit-debuginfo-3.24.34-150400.3.9.1 * gtk3-tools-32bit-3.24.34-150400.3.9.1 * gtk3-immodule-multipress-32bit-debuginfo-3.24.34-150400.3.9.1 * gtk3-immodule-multipress-32bit-3.24.34-150400.3.9.1 * gtk3-immodule-inuktitut-32bit-debuginfo-3.24.34-150400.3.9.1 * gtk3-devel-32bit-3.24.34-150400.3.9.1 * libgtk-3-0-32bit-debuginfo-3.24.34-150400.3.9.1 * gtk3-immodule-xim-32bit-debuginfo-3.24.34-150400.3.9.1 * gtk3-immodule-wayland-32bit-debuginfo-3.24.34-150400.3.9.1 * libgtk-3-0-32bit-3.24.34-150400.3.9.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (noarch) * gtk3-schema-3.24.34-150400.3.9.1 * gtk3-data-3.24.34-150400.3.9.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * gtk3-tools-debuginfo-3.24.34-150400.3.9.1 * gtk3-debugsource-3.24.34-150400.3.9.1 * gtk3-tools-3.24.34-150400.3.9.1 * typelib-1_0-Gtk-3_0-3.24.34-150400.3.9.1 * libgtk-3-0-debuginfo-3.24.34-150400.3.9.1 * libgtk-3-0-3.24.34-150400.3.9.1 * SUSE Linux Enterprise Micro 5.3 (noarch) * gtk3-schema-3.24.34-150400.3.9.1 * gtk3-data-3.24.34-150400.3.9.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * gtk3-tools-debuginfo-3.24.34-150400.3.9.1 * gtk3-debugsource-3.24.34-150400.3.9.1 * gtk3-tools-3.24.34-150400.3.9.1 * typelib-1_0-Gtk-3_0-3.24.34-150400.3.9.1 * libgtk-3-0-debuginfo-3.24.34-150400.3.9.1 * libgtk-3-0-3.24.34-150400.3.9.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (noarch) * gtk3-schema-3.24.34-150400.3.9.1 * gtk3-data-3.24.34-150400.3.9.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * gtk3-tools-debuginfo-3.24.34-150400.3.9.1 * gtk3-debugsource-3.24.34-150400.3.9.1 * gtk3-tools-3.24.34-150400.3.9.1 * typelib-1_0-Gtk-3_0-3.24.34-150400.3.9.1 * libgtk-3-0-debuginfo-3.24.34-150400.3.9.1 * libgtk-3-0-3.24.34-150400.3.9.1 * SUSE Linux Enterprise Micro 5.4 (noarch) * gtk3-schema-3.24.34-150400.3.9.1 * gtk3-data-3.24.34-150400.3.9.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * gtk3-tools-debuginfo-3.24.34-150400.3.9.1 * gtk3-debugsource-3.24.34-150400.3.9.1 * gtk3-tools-3.24.34-150400.3.9.1 * typelib-1_0-Gtk-3_0-3.24.34-150400.3.9.1 * libgtk-3-0-debuginfo-3.24.34-150400.3.9.1 * libgtk-3-0-3.24.34-150400.3.9.1 ## References: * https://www.suse.com/security/cve/CVE-2024-6655.html * https://bugzilla.suse.com/show_bug.cgi?id=1228120 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jul 30 16:30:38 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 30 Jul 2024 16:30:38 -0000 Subject: SUSE-SU-2024:2660-1: important: Security update for gtk2 Message-ID: <172235703807.13007.6853834658350741576@smelt2.prg2.suse.org> # Security update for gtk2 Announcement ID: SUSE-SU-2024:2660-1 Rating: important References: * bsc#1228120 Cross-References: * CVE-2024-6655 CVSS scores: * CVE-2024-6655 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP5 * Desktop Applications Module 15-SP5 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap Micro 5.5 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for gtk2 fixes the following issues: * CVE-2024-6655: Fixed library injection from current working directory (bsc#1228120) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-2660=1 * openSUSE Leap Micro 5.5 zypper in -t patch openSUSE-Leap-Micro-5.5-2024-2660=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-2660=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-2660=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-2660=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-2660=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-2660=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-2660=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-2660=1 * Desktop Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP5-2024-2660=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-2660=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-2660=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-2660=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-2660=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-2660=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-2660=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-2660=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-2660=1 ## Package List: * openSUSE Leap 15.4 (noarch) * gtk2-lang-2.24.33-150400.4.3.1 * gtk2-branding-upstream-2.24.33-150400.4.3.1 * gtk2-data-2.24.33-150400.4.3.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * gtk2-immodule-xim-debuginfo-2.24.33-150400.4.3.1 * gtk2-immodule-vietnamese-2.24.33-150400.4.3.1 * gtk2-tools-2.24.33-150400.4.3.1 * gtk2-immodule-tigrigna-debuginfo-2.24.33-150400.4.3.1 * gtk2-immodule-thai-debuginfo-2.24.33-150400.4.3.1 * gtk2-immodule-thai-2.24.33-150400.4.3.1 * gtk2-devel-2.24.33-150400.4.3.1 * typelib-1_0-Gtk-2_0-2.24.33-150400.4.3.1 * gtk2-immodule-multipress-debuginfo-2.24.33-150400.4.3.1 * gtk2-immodule-inuktitut-2.24.33-150400.4.3.1 * gtk2-immodule-tigrigna-2.24.33-150400.4.3.1 * gtk2-immodule-amharic-2.24.33-150400.4.3.1 * gtk2-immodule-inuktitut-debuginfo-2.24.33-150400.4.3.1 * libgtk-2_0-0-2.24.33-150400.4.3.1 * gtk2-immodule-amharic-debuginfo-2.24.33-150400.4.3.1 * gtk2-tools-debuginfo-2.24.33-150400.4.3.1 * gtk2-devel-debuginfo-2.24.33-150400.4.3.1 * gtk2-immodule-multipress-2.24.33-150400.4.3.1 * gtk2-debugsource-2.24.33-150400.4.3.1 * gtk2-immodule-xim-2.24.33-150400.4.3.1 * libgtk-2_0-0-debuginfo-2.24.33-150400.4.3.1 * gtk2-immodule-vietnamese-debuginfo-2.24.33-150400.4.3.1 * openSUSE Leap 15.4 (x86_64) * gtk2-immodule-inuktitut-32bit-2.24.33-150400.4.3.1 * gtk2-immodule-amharic-32bit-debuginfo-2.24.33-150400.4.3.1 * gtk2-immodule-vietnamese-32bit-debuginfo-2.24.33-150400.4.3.1 * gtk2-tools-32bit-debuginfo-2.24.33-150400.4.3.1 * gtk2-immodule-amharic-32bit-2.24.33-150400.4.3.1 * libgtk-2_0-0-32bit-debuginfo-2.24.33-150400.4.3.1 * gtk2-tools-32bit-2.24.33-150400.4.3.1 * gtk2-immodule-inuktitut-32bit-debuginfo-2.24.33-150400.4.3.1 * gtk2-devel-32bit-2.24.33-150400.4.3.1 * gtk2-immodule-thai-32bit-2.24.33-150400.4.3.1 * gtk2-immodule-xim-32bit-debuginfo-2.24.33-150400.4.3.1 * gtk2-immodule-tigrigna-32bit-debuginfo-2.24.33-150400.4.3.1 * gtk2-immodule-tigrigna-32bit-2.24.33-150400.4.3.1 * gtk2-immodule-vietnamese-32bit-2.24.33-150400.4.3.1 * libgtk-2_0-0-32bit-2.24.33-150400.4.3.1 * gtk2-devel-32bit-debuginfo-2.24.33-150400.4.3.1 * gtk2-immodule-xim-32bit-2.24.33-150400.4.3.1 * gtk2-immodule-multipress-32bit-debuginfo-2.24.33-150400.4.3.1 * gtk2-immodule-multipress-32bit-2.24.33-150400.4.3.1 * gtk2-immodule-thai-32bit-debuginfo-2.24.33-150400.4.3.1 * openSUSE Leap 15.4 (aarch64_ilp32) * gtk2-immodule-multipress-64bit-2.24.33-150400.4.3.1 * gtk2-immodule-tigrigna-64bit-2.24.33-150400.4.3.1 * gtk2-immodule-amharic-64bit-2.24.33-150400.4.3.1 * gtk2-immodule-inuktitut-64bit-debuginfo-2.24.33-150400.4.3.1 * gtk2-immodule-tigrigna-64bit-debuginfo-2.24.33-150400.4.3.1 * gtk2-immodule-vietnamese-64bit-2.24.33-150400.4.3.1 * gtk2-immodule-vietnamese-64bit-debuginfo-2.24.33-150400.4.3.1 * gtk2-immodule-xim-64bit-debuginfo-2.24.33-150400.4.3.1 * gtk2-immodule-thai-64bit-debuginfo-2.24.33-150400.4.3.1 * gtk2-immodule-thai-64bit-2.24.33-150400.4.3.1 * gtk2-tools-64bit-2.24.33-150400.4.3.1 * libgtk-2_0-0-64bit-2.24.33-150400.4.3.1 * gtk2-immodule-inuktitut-64bit-2.24.33-150400.4.3.1 * gtk2-immodule-amharic-64bit-debuginfo-2.24.33-150400.4.3.1 * gtk2-immodule-xim-64bit-2.24.33-150400.4.3.1 * libgtk-2_0-0-64bit-debuginfo-2.24.33-150400.4.3.1 * gtk2-devel-64bit-debuginfo-2.24.33-150400.4.3.1 * gtk2-tools-64bit-debuginfo-2.24.33-150400.4.3.1 * gtk2-immodule-multipress-64bit-debuginfo-2.24.33-150400.4.3.1 * gtk2-devel-64bit-2.24.33-150400.4.3.1 * openSUSE Leap Micro 5.5 (aarch64 s390x x86_64) * libgtk-2_0-0-2.24.33-150400.4.3.1 * gtk2-tools-2.24.33-150400.4.3.1 * gtk2-debugsource-2.24.33-150400.4.3.1 * libgtk-2_0-0-debuginfo-2.24.33-150400.4.3.1 * gtk2-tools-debuginfo-2.24.33-150400.4.3.1 * openSUSE Leap 15.5 (noarch) * gtk2-lang-2.24.33-150400.4.3.1 * gtk2-branding-upstream-2.24.33-150400.4.3.1 * gtk2-data-2.24.33-150400.4.3.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * gtk2-immodule-xim-debuginfo-2.24.33-150400.4.3.1 * gtk2-immodule-vietnamese-2.24.33-150400.4.3.1 * gtk2-tools-2.24.33-150400.4.3.1 * gtk2-immodule-tigrigna-debuginfo-2.24.33-150400.4.3.1 * gtk2-immodule-thai-debuginfo-2.24.33-150400.4.3.1 * gtk2-immodule-thai-2.24.33-150400.4.3.1 * gtk2-devel-2.24.33-150400.4.3.1 * typelib-1_0-Gtk-2_0-2.24.33-150400.4.3.1 * gtk2-immodule-multipress-debuginfo-2.24.33-150400.4.3.1 * gtk2-immodule-inuktitut-2.24.33-150400.4.3.1 * gtk2-immodule-tigrigna-2.24.33-150400.4.3.1 * gtk2-immodule-amharic-2.24.33-150400.4.3.1 * gtk2-immodule-inuktitut-debuginfo-2.24.33-150400.4.3.1 * libgtk-2_0-0-2.24.33-150400.4.3.1 * gtk2-immodule-amharic-debuginfo-2.24.33-150400.4.3.1 * gtk2-tools-debuginfo-2.24.33-150400.4.3.1 * gtk2-devel-debuginfo-2.24.33-150400.4.3.1 * gtk2-immodule-multipress-2.24.33-150400.4.3.1 * gtk2-debugsource-2.24.33-150400.4.3.1 * gtk2-immodule-xim-2.24.33-150400.4.3.1 * libgtk-2_0-0-debuginfo-2.24.33-150400.4.3.1 * gtk2-immodule-vietnamese-debuginfo-2.24.33-150400.4.3.1 * openSUSE Leap 15.5 (x86_64) * gtk2-immodule-inuktitut-32bit-2.24.33-150400.4.3.1 * gtk2-immodule-amharic-32bit-debuginfo-2.24.33-150400.4.3.1 * gtk2-immodule-vietnamese-32bit-debuginfo-2.24.33-150400.4.3.1 * gtk2-tools-32bit-debuginfo-2.24.33-150400.4.3.1 * gtk2-immodule-amharic-32bit-2.24.33-150400.4.3.1 * libgtk-2_0-0-32bit-debuginfo-2.24.33-150400.4.3.1 * gtk2-tools-32bit-2.24.33-150400.4.3.1 * gtk2-immodule-inuktitut-32bit-debuginfo-2.24.33-150400.4.3.1 * gtk2-devel-32bit-2.24.33-150400.4.3.1 * gtk2-immodule-thai-32bit-2.24.33-150400.4.3.1 * gtk2-immodule-xim-32bit-debuginfo-2.24.33-150400.4.3.1 * gtk2-immodule-tigrigna-32bit-debuginfo-2.24.33-150400.4.3.1 * gtk2-immodule-tigrigna-32bit-2.24.33-150400.4.3.1 * gtk2-immodule-vietnamese-32bit-2.24.33-150400.4.3.1 * libgtk-2_0-0-32bit-2.24.33-150400.4.3.1 * gtk2-devel-32bit-debuginfo-2.24.33-150400.4.3.1 * gtk2-immodule-xim-32bit-2.24.33-150400.4.3.1 * gtk2-immodule-multipress-32bit-debuginfo-2.24.33-150400.4.3.1 * gtk2-immodule-multipress-32bit-2.24.33-150400.4.3.1 * gtk2-immodule-thai-32bit-debuginfo-2.24.33-150400.4.3.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * libgtk-2_0-0-2.24.33-150400.4.3.1 * gtk2-tools-2.24.33-150400.4.3.1 * gtk2-debugsource-2.24.33-150400.4.3.1 * libgtk-2_0-0-debuginfo-2.24.33-150400.4.3.1 * gtk2-tools-debuginfo-2.24.33-150400.4.3.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * libgtk-2_0-0-2.24.33-150400.4.3.1 * gtk2-tools-2.24.33-150400.4.3.1 * gtk2-debugsource-2.24.33-150400.4.3.1 * libgtk-2_0-0-debuginfo-2.24.33-150400.4.3.1 * gtk2-tools-debuginfo-2.24.33-150400.4.3.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * libgtk-2_0-0-2.24.33-150400.4.3.1 * gtk2-tools-2.24.33-150400.4.3.1 * gtk2-debugsource-2.24.33-150400.4.3.1 * libgtk-2_0-0-debuginfo-2.24.33-150400.4.3.1 * gtk2-tools-debuginfo-2.24.33-150400.4.3.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * libgtk-2_0-0-2.24.33-150400.4.3.1 * gtk2-tools-2.24.33-150400.4.3.1 * gtk2-debugsource-2.24.33-150400.4.3.1 * libgtk-2_0-0-debuginfo-2.24.33-150400.4.3.1 * gtk2-tools-debuginfo-2.24.33-150400.4.3.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * libgtk-2_0-0-2.24.33-150400.4.3.1 * gtk2-tools-2.24.33-150400.4.3.1 * gtk2-debugsource-2.24.33-150400.4.3.1 * libgtk-2_0-0-debuginfo-2.24.33-150400.4.3.1 * gtk2-tools-debuginfo-2.24.33-150400.4.3.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * libgtk-2_0-0-2.24.33-150400.4.3.1 * gtk2-tools-2.24.33-150400.4.3.1 * gtk2-devel-debuginfo-2.24.33-150400.4.3.1 * gtk2-devel-2.24.33-150400.4.3.1 * typelib-1_0-Gtk-2_0-2.24.33-150400.4.3.1 * gtk2-debugsource-2.24.33-150400.4.3.1 * libgtk-2_0-0-debuginfo-2.24.33-150400.4.3.1 * gtk2-tools-debuginfo-2.24.33-150400.4.3.1 * Basesystem Module 15-SP5 (noarch) * gtk2-lang-2.24.33-150400.4.3.1 * Desktop Applications Module 15-SP5 (noarch) * gtk2-data-2.24.33-150400.4.3.1 * Desktop Applications Module 15-SP5 (x86_64) * gtk2-tools-32bit-debuginfo-2.24.33-150400.4.3.1 * libgtk-2_0-0-32bit-debuginfo-2.24.33-150400.4.3.1 * gtk2-tools-32bit-2.24.33-150400.4.3.1 * gtk2-debugsource-2.24.33-150400.4.3.1 * libgtk-2_0-0-32bit-2.24.33-150400.4.3.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * gtk2-lang-2.24.33-150400.4.3.1 * gtk2-data-2.24.33-150400.4.3.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * libgtk-2_0-0-2.24.33-150400.4.3.1 * gtk2-tools-2.24.33-150400.4.3.1 * gtk2-devel-debuginfo-2.24.33-150400.4.3.1 * gtk2-devel-2.24.33-150400.4.3.1 * typelib-1_0-Gtk-2_0-2.24.33-150400.4.3.1 * gtk2-debugsource-2.24.33-150400.4.3.1 * libgtk-2_0-0-debuginfo-2.24.33-150400.4.3.1 * gtk2-tools-debuginfo-2.24.33-150400.4.3.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64) * libgtk-2_0-0-32bit-debuginfo-2.24.33-150400.4.3.1 * gtk2-tools-32bit-2.24.33-150400.4.3.1 * libgtk-2_0-0-32bit-2.24.33-150400.4.3.1 * gtk2-tools-32bit-debuginfo-2.24.33-150400.4.3.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * gtk2-lang-2.24.33-150400.4.3.1 * gtk2-data-2.24.33-150400.4.3.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * libgtk-2_0-0-2.24.33-150400.4.3.1 * gtk2-tools-2.24.33-150400.4.3.1 * gtk2-devel-debuginfo-2.24.33-150400.4.3.1 * gtk2-devel-2.24.33-150400.4.3.1 * typelib-1_0-Gtk-2_0-2.24.33-150400.4.3.1 * gtk2-debugsource-2.24.33-150400.4.3.1 * libgtk-2_0-0-debuginfo-2.24.33-150400.4.3.1 * gtk2-tools-debuginfo-2.24.33-150400.4.3.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64) * libgtk-2_0-0-32bit-debuginfo-2.24.33-150400.4.3.1 * gtk2-tools-32bit-2.24.33-150400.4.3.1 * libgtk-2_0-0-32bit-2.24.33-150400.4.3.1 * gtk2-tools-32bit-debuginfo-2.24.33-150400.4.3.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (noarch) * gtk2-lang-2.24.33-150400.4.3.1 * gtk2-data-2.24.33-150400.4.3.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * gtk2-tools-32bit-debuginfo-2.24.33-150400.4.3.1 * libgtk-2_0-0-32bit-debuginfo-2.24.33-150400.4.3.1 * libgtk-2_0-0-2.24.33-150400.4.3.1 * gtk2-tools-2.24.33-150400.4.3.1 * gtk2-tools-32bit-2.24.33-150400.4.3.1 * gtk2-devel-debuginfo-2.24.33-150400.4.3.1 * gtk2-devel-2.24.33-150400.4.3.1 * typelib-1_0-Gtk-2_0-2.24.33-150400.4.3.1 * gtk2-debugsource-2.24.33-150400.4.3.1 * libgtk-2_0-0-32bit-2.24.33-150400.4.3.1 * libgtk-2_0-0-debuginfo-2.24.33-150400.4.3.1 * gtk2-tools-debuginfo-2.24.33-150400.4.3.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch) * gtk2-lang-2.24.33-150400.4.3.1 * gtk2-data-2.24.33-150400.4.3.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * libgtk-2_0-0-2.24.33-150400.4.3.1 * gtk2-tools-2.24.33-150400.4.3.1 * gtk2-devel-debuginfo-2.24.33-150400.4.3.1 * gtk2-devel-2.24.33-150400.4.3.1 * typelib-1_0-Gtk-2_0-2.24.33-150400.4.3.1 * gtk2-debugsource-2.24.33-150400.4.3.1 * libgtk-2_0-0-debuginfo-2.24.33-150400.4.3.1 * gtk2-tools-debuginfo-2.24.33-150400.4.3.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (x86_64) * libgtk-2_0-0-32bit-debuginfo-2.24.33-150400.4.3.1 * gtk2-tools-32bit-2.24.33-150400.4.3.1 * libgtk-2_0-0-32bit-2.24.33-150400.4.3.1 * gtk2-tools-32bit-debuginfo-2.24.33-150400.4.3.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * gtk2-lang-2.24.33-150400.4.3.1 * gtk2-data-2.24.33-150400.4.3.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * libgtk-2_0-0-2.24.33-150400.4.3.1 * gtk2-tools-2.24.33-150400.4.3.1 * gtk2-devel-debuginfo-2.24.33-150400.4.3.1 * gtk2-devel-2.24.33-150400.4.3.1 * typelib-1_0-Gtk-2_0-2.24.33-150400.4.3.1 * gtk2-debugsource-2.24.33-150400.4.3.1 * libgtk-2_0-0-debuginfo-2.24.33-150400.4.3.1 * gtk2-tools-debuginfo-2.24.33-150400.4.3.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64) * libgtk-2_0-0-32bit-debuginfo-2.24.33-150400.4.3.1 * gtk2-tools-32bit-2.24.33-150400.4.3.1 * libgtk-2_0-0-32bit-2.24.33-150400.4.3.1 * gtk2-tools-32bit-debuginfo-2.24.33-150400.4.3.1 * SUSE Manager Proxy 4.3 (x86_64) * libgtk-2_0-0-2.24.33-150400.4.3.1 * gtk2-tools-2.24.33-150400.4.3.1 * gtk2-devel-debuginfo-2.24.33-150400.4.3.1 * gtk2-devel-2.24.33-150400.4.3.1 * typelib-1_0-Gtk-2_0-2.24.33-150400.4.3.1 * gtk2-debugsource-2.24.33-150400.4.3.1 * libgtk-2_0-0-debuginfo-2.24.33-150400.4.3.1 * gtk2-tools-debuginfo-2.24.33-150400.4.3.1 * SUSE Manager Proxy 4.3 (noarch) * gtk2-lang-2.24.33-150400.4.3.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * libgtk-2_0-0-2.24.33-150400.4.3.1 * gtk2-tools-2.24.33-150400.4.3.1 * gtk2-devel-debuginfo-2.24.33-150400.4.3.1 * gtk2-devel-2.24.33-150400.4.3.1 * typelib-1_0-Gtk-2_0-2.24.33-150400.4.3.1 * gtk2-debugsource-2.24.33-150400.4.3.1 * libgtk-2_0-0-debuginfo-2.24.33-150400.4.3.1 * gtk2-tools-debuginfo-2.24.33-150400.4.3.1 * SUSE Manager Retail Branch Server 4.3 (noarch) * gtk2-lang-2.24.33-150400.4.3.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * libgtk-2_0-0-2.24.33-150400.4.3.1 * gtk2-tools-2.24.33-150400.4.3.1 * gtk2-devel-debuginfo-2.24.33-150400.4.3.1 * gtk2-devel-2.24.33-150400.4.3.1 * typelib-1_0-Gtk-2_0-2.24.33-150400.4.3.1 * gtk2-debugsource-2.24.33-150400.4.3.1 * libgtk-2_0-0-debuginfo-2.24.33-150400.4.3.1 * gtk2-tools-debuginfo-2.24.33-150400.4.3.1 * SUSE Manager Server 4.3 (noarch) * gtk2-lang-2.24.33-150400.4.3.1 ## References: * https://www.suse.com/security/cve/CVE-2024-6655.html * https://bugzilla.suse.com/show_bug.cgi?id=1228120 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jul 30 16:30:43 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 30 Jul 2024 16:30:43 -0000 Subject: SUSE-SU-2024:2658-1: important: Security update for shadow Message-ID: <172235704303.13007.17151545539154110441@smelt2.prg2.suse.org> # Security update for shadow Announcement ID: SUSE-SU-2024:2658-1 Rating: important References: * bsc#916845 Cross-References: * CVE-2013-4235 CVSS scores: * CVE-2013-4235 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H * CVE-2013-4235 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for shadow fixes the following issues: * CVE-2013-4235: Fixed a race condition when copying and removing directory trees (bsc#916845). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-2658=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-2658=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-2658=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-2658=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-2658=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-2658=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-2658=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-2658=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-2658=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-2658=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-2658=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-2658=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-2658=1 ## Package List: * Basesystem Module 15-SP5 (noarch) * login_defs-4.8.1-150400.10.18.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * shadow-debugsource-4.8.1-150400.10.18.1 * shadow-debuginfo-4.8.1-150400.10.18.1 * shadow-4.8.1-150400.10.18.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * login_defs-4.8.1-150400.10.18.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * shadow-debugsource-4.8.1-150400.10.18.1 * shadow-debuginfo-4.8.1-150400.10.18.1 * shadow-4.8.1-150400.10.18.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * login_defs-4.8.1-150400.10.18.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * shadow-debugsource-4.8.1-150400.10.18.1 * shadow-debuginfo-4.8.1-150400.10.18.1 * shadow-4.8.1-150400.10.18.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (noarch) * login_defs-4.8.1-150400.10.18.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * shadow-debugsource-4.8.1-150400.10.18.1 * shadow-debuginfo-4.8.1-150400.10.18.1 * shadow-4.8.1-150400.10.18.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch) * login_defs-4.8.1-150400.10.18.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * shadow-debugsource-4.8.1-150400.10.18.1 * shadow-debuginfo-4.8.1-150400.10.18.1 * shadow-4.8.1-150400.10.18.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * login_defs-4.8.1-150400.10.18.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * shadow-debugsource-4.8.1-150400.10.18.1 * shadow-debuginfo-4.8.1-150400.10.18.1 * shadow-4.8.1-150400.10.18.1 * SUSE Manager Proxy 4.3 (noarch) * login_defs-4.8.1-150400.10.18.1 * SUSE Manager Proxy 4.3 (x86_64) * shadow-debugsource-4.8.1-150400.10.18.1 * shadow-debuginfo-4.8.1-150400.10.18.1 * shadow-4.8.1-150400.10.18.1 * SUSE Manager Retail Branch Server 4.3 (noarch) * login_defs-4.8.1-150400.10.18.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * shadow-debugsource-4.8.1-150400.10.18.1 * shadow-debuginfo-4.8.1-150400.10.18.1 * shadow-4.8.1-150400.10.18.1 * SUSE Manager Server 4.3 (noarch) * login_defs-4.8.1-150400.10.18.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * shadow-debugsource-4.8.1-150400.10.18.1 * shadow-debuginfo-4.8.1-150400.10.18.1 * shadow-4.8.1-150400.10.18.1 * openSUSE Leap 15.4 (noarch) * login_defs-4.8.1-150400.10.18.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * shadow-debugsource-4.8.1-150400.10.18.1 * shadow-debuginfo-4.8.1-150400.10.18.1 * shadow-4.8.1-150400.10.18.1 * openSUSE Leap 15.5 (noarch) * login_defs-4.8.1-150400.10.18.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * shadow-debugsource-4.8.1-150400.10.18.1 * shadow-debuginfo-4.8.1-150400.10.18.1 * shadow-4.8.1-150400.10.18.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (noarch) * login_defs-4.8.1-150400.10.18.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * shadow-debugsource-4.8.1-150400.10.18.1 * shadow-debuginfo-4.8.1-150400.10.18.1 * shadow-4.8.1-150400.10.18.1 * SUSE Linux Enterprise Micro 5.3 (noarch) * login_defs-4.8.1-150400.10.18.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * shadow-debugsource-4.8.1-150400.10.18.1 * shadow-debuginfo-4.8.1-150400.10.18.1 * shadow-4.8.1-150400.10.18.1 ## References: * https://www.suse.com/security/cve/CVE-2013-4235.html * https://bugzilla.suse.com/show_bug.cgi?id=916845 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jul 30 16:30:40 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 30 Jul 2024 16:30:40 -0000 Subject: SUSE-SU-2024:2659-1: important: Security update for shadow Message-ID: <172235704064.13007.1905102957016712929@smelt2.prg2.suse.org> # Security update for shadow Announcement ID: SUSE-SU-2024:2659-1 Rating: important References: * bsc#916845 Cross-References: * CVE-2013-4235 CVSS scores: * CVE-2013-4235 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H * CVE-2013-4235 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N Affected Products: * openSUSE Leap Micro 5.5 * SUSE Linux Enterprise Micro 5.5 An update that solves one vulnerability can now be installed. ## Description: This update for shadow fixes the following issues: * CVE-2013-4235: Fixed a race condition when copying and removing directory trees (bsc#916845). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap Micro 5.5 zypper in -t patch openSUSE-Leap-Micro-5.5-2024-2659=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-2659=1 ## Package List: * openSUSE Leap Micro 5.5 (noarch) * login_defs-4.8.1-150500.3.6.1 * openSUSE Leap Micro 5.5 (aarch64 s390x x86_64) * shadow-4.8.1-150500.3.6.1 * shadow-debugsource-4.8.1-150500.3.6.1 * shadow-debuginfo-4.8.1-150500.3.6.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * shadow-4.8.1-150500.3.6.1 * shadow-debugsource-4.8.1-150500.3.6.1 * shadow-debuginfo-4.8.1-150500.3.6.1 * SUSE Linux Enterprise Micro 5.5 (noarch) * login_defs-4.8.1-150500.3.6.1 ## References: * https://www.suse.com/security/cve/CVE-2013-4235.html * https://bugzilla.suse.com/show_bug.cgi?id=916845 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jul 30 16:30:46 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 30 Jul 2024 16:30:46 -0000 Subject: SUSE-SU-2024:2657-1: important: Security update for shadow Message-ID: <172235704635.13007.9190113003006736146@smelt2.prg2.suse.org> # Security update for shadow Announcement ID: SUSE-SU-2024:2657-1 Rating: important References: * bsc#916845 Cross-References: * CVE-2013-4235 CVSS scores: * CVE-2013-4235 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H * CVE-2013-4235 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N Affected Products: * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.4 An update that solves one vulnerability can now be installed. ## Description: This update for shadow fixes the following issues: * CVE-2013-4235: Fixed a race condition when copying and removing directory trees (bsc#916845). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-2657=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-2657=1 ## Package List: * SUSE Linux Enterprise Micro for Rancher 5.4 (noarch) * login_defs-4.8.1-150400.3.9.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * shadow-debugsource-4.8.1-150400.3.9.1 * shadow-debuginfo-4.8.1-150400.3.9.1 * shadow-4.8.1-150400.3.9.1 * SUSE Linux Enterprise Micro 5.4 (noarch) * login_defs-4.8.1-150400.3.9.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * shadow-debugsource-4.8.1-150400.3.9.1 * shadow-debuginfo-4.8.1-150400.3.9.1 * shadow-4.8.1-150400.3.9.1 ## References: * https://www.suse.com/security/cve/CVE-2013-4235.html * https://bugzilla.suse.com/show_bug.cgi?id=916845 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jul 30 16:30:49 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 30 Jul 2024 16:30:49 -0000 Subject: SUSE-SU-2024:2656-1: important: Security update for git Message-ID: <172235704965.13007.18165194508139187340@smelt2.prg2.suse.org> # Security update for git Announcement ID: SUSE-SU-2024:2656-1 Rating: important References: * bsc#1219660 Cross-References: * CVE-2024-24577 CVSS scores: * CVE-2024-24577 ( SUSE ): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L * CVE-2024-24577 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP5 * Development Tools Module 15-SP5 * openSUSE Leap 15.3 * openSUSE Leap 15.5 * openSUSE Leap Micro 5.5 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for git fixes the following issues: * CVE-2024-24577: Fixed arbitrary code execution due to heap corruption in git_index_add (bsc#1219660) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-2656=1 * openSUSE Leap Micro 5.5 zypper in -t patch openSUSE-Leap-Micro-5.5-2024-2656=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-2656=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-2656=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-2656=1 * Development Tools Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2024-2656=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-2656=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-2656=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-2656=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-2656=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-2656=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-2656=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-2656=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-2656=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-2656=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-2656=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-2656=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-2656=1 ## Package List: * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * gitk-2.35.3-150300.10.42.1 * git-core-2.35.3-150300.10.42.1 * git-daemon-debuginfo-2.35.3-150300.10.42.1 * git-debuginfo-2.35.3-150300.10.42.1 * git-gui-2.35.3-150300.10.42.1 * git-p4-2.35.3-150300.10.42.1 * git-daemon-2.35.3-150300.10.42.1 * git-cvs-2.35.3-150300.10.42.1 * git-credential-libsecret-debuginfo-2.35.3-150300.10.42.1 * git-core-debuginfo-2.35.3-150300.10.42.1 * git-email-2.35.3-150300.10.42.1 * git-debugsource-2.35.3-150300.10.42.1 * git-web-2.35.3-150300.10.42.1 * git-credential-gnome-keyring-debuginfo-2.35.3-150300.10.42.1 * git-credential-libsecret-2.35.3-150300.10.42.1 * perl-Git-2.35.3-150300.10.42.1 * git-2.35.3-150300.10.42.1 * git-svn-2.35.3-150300.10.42.1 * git-arch-2.35.3-150300.10.42.1 * git-credential-gnome-keyring-2.35.3-150300.10.42.1 * openSUSE Leap 15.3 (noarch) * git-doc-2.35.3-150300.10.42.1 * openSUSE Leap Micro 5.5 (aarch64 s390x x86_64) * git-core-2.35.3-150300.10.42.1 * git-debuginfo-2.35.3-150300.10.42.1 * git-core-debuginfo-2.35.3-150300.10.42.1 * git-debugsource-2.35.3-150300.10.42.1 * perl-Git-2.35.3-150300.10.42.1 * git-2.35.3-150300.10.42.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * gitk-2.35.3-150300.10.42.1 * git-core-2.35.3-150300.10.42.1 * git-daemon-debuginfo-2.35.3-150300.10.42.1 * git-debuginfo-2.35.3-150300.10.42.1 * git-gui-2.35.3-150300.10.42.1 * git-p4-2.35.3-150300.10.42.1 * git-daemon-2.35.3-150300.10.42.1 * git-cvs-2.35.3-150300.10.42.1 * git-credential-libsecret-debuginfo-2.35.3-150300.10.42.1 * git-core-debuginfo-2.35.3-150300.10.42.1 * git-email-2.35.3-150300.10.42.1 * git-debugsource-2.35.3-150300.10.42.1 * git-web-2.35.3-150300.10.42.1 * git-credential-gnome-keyring-debuginfo-2.35.3-150300.10.42.1 * git-credential-libsecret-2.35.3-150300.10.42.1 * perl-Git-2.35.3-150300.10.42.1 * git-2.35.3-150300.10.42.1 * git-svn-2.35.3-150300.10.42.1 * git-arch-2.35.3-150300.10.42.1 * git-credential-gnome-keyring-2.35.3-150300.10.42.1 * openSUSE Leap 15.5 (noarch) * git-doc-2.35.3-150300.10.42.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * git-core-2.35.3-150300.10.42.1 * git-debuginfo-2.35.3-150300.10.42.1 * git-core-debuginfo-2.35.3-150300.10.42.1 * git-debugsource-2.35.3-150300.10.42.1 * perl-Git-2.35.3-150300.10.42.1 * git-2.35.3-150300.10.42.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * git-core-2.35.3-150300.10.42.1 * git-debuginfo-2.35.3-150300.10.42.1 * git-debugsource-2.35.3-150300.10.42.1 * git-core-debuginfo-2.35.3-150300.10.42.1 * Development Tools Module 15-SP5 (aarch64 ppc64le s390x x86_64) * gitk-2.35.3-150300.10.42.1 * git-daemon-debuginfo-2.35.3-150300.10.42.1 * git-debuginfo-2.35.3-150300.10.42.1 * git-gui-2.35.3-150300.10.42.1 * git-daemon-2.35.3-150300.10.42.1 * git-cvs-2.35.3-150300.10.42.1 * git-email-2.35.3-150300.10.42.1 * git-debugsource-2.35.3-150300.10.42.1 * git-web-2.35.3-150300.10.42.1 * git-svn-2.35.3-150300.10.42.1 * perl-Git-2.35.3-150300.10.42.1 * git-2.35.3-150300.10.42.1 * git-arch-2.35.3-150300.10.42.1 * Development Tools Module 15-SP5 (noarch) * git-doc-2.35.3-150300.10.42.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * gitk-2.35.3-150300.10.42.1 * git-core-2.35.3-150300.10.42.1 * git-daemon-debuginfo-2.35.3-150300.10.42.1 * git-debuginfo-2.35.3-150300.10.42.1 * git-gui-2.35.3-150300.10.42.1 * git-daemon-2.35.3-150300.10.42.1 * git-cvs-2.35.3-150300.10.42.1 * git-core-debuginfo-2.35.3-150300.10.42.1 * git-email-2.35.3-150300.10.42.1 * git-debugsource-2.35.3-150300.10.42.1 * git-web-2.35.3-150300.10.42.1 * git-svn-2.35.3-150300.10.42.1 * perl-Git-2.35.3-150300.10.42.1 * git-2.35.3-150300.10.42.1 * git-arch-2.35.3-150300.10.42.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * git-doc-2.35.3-150300.10.42.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * gitk-2.35.3-150300.10.42.1 * git-core-2.35.3-150300.10.42.1 * git-daemon-debuginfo-2.35.3-150300.10.42.1 * git-debuginfo-2.35.3-150300.10.42.1 * git-gui-2.35.3-150300.10.42.1 * git-daemon-2.35.3-150300.10.42.1 * git-cvs-2.35.3-150300.10.42.1 * git-core-debuginfo-2.35.3-150300.10.42.1 * git-email-2.35.3-150300.10.42.1 * git-debugsource-2.35.3-150300.10.42.1 * git-web-2.35.3-150300.10.42.1 * git-svn-2.35.3-150300.10.42.1 * perl-Git-2.35.3-150300.10.42.1 * git-2.35.3-150300.10.42.1 * git-arch-2.35.3-150300.10.42.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * git-doc-2.35.3-150300.10.42.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * gitk-2.35.3-150300.10.42.1 * git-core-2.35.3-150300.10.42.1 * git-daemon-debuginfo-2.35.3-150300.10.42.1 * git-debuginfo-2.35.3-150300.10.42.1 * git-gui-2.35.3-150300.10.42.1 * git-daemon-2.35.3-150300.10.42.1 * git-cvs-2.35.3-150300.10.42.1 * git-core-debuginfo-2.35.3-150300.10.42.1 * git-email-2.35.3-150300.10.42.1 * git-debugsource-2.35.3-150300.10.42.1 * git-web-2.35.3-150300.10.42.1 * git-svn-2.35.3-150300.10.42.1 * perl-Git-2.35.3-150300.10.42.1 * git-2.35.3-150300.10.42.1 * git-arch-2.35.3-150300.10.42.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * git-doc-2.35.3-150300.10.42.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * gitk-2.35.3-150300.10.42.1 * git-core-2.35.3-150300.10.42.1 * git-daemon-debuginfo-2.35.3-150300.10.42.1 * git-debuginfo-2.35.3-150300.10.42.1 * git-gui-2.35.3-150300.10.42.1 * git-daemon-2.35.3-150300.10.42.1 * git-cvs-2.35.3-150300.10.42.1 * git-core-debuginfo-2.35.3-150300.10.42.1 * git-email-2.35.3-150300.10.42.1 * git-debugsource-2.35.3-150300.10.42.1 * git-web-2.35.3-150300.10.42.1 * git-svn-2.35.3-150300.10.42.1 * perl-Git-2.35.3-150300.10.42.1 * git-2.35.3-150300.10.42.1 * git-arch-2.35.3-150300.10.42.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (noarch) * git-doc-2.35.3-150300.10.42.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * gitk-2.35.3-150300.10.42.1 * git-core-2.35.3-150300.10.42.1 * git-daemon-debuginfo-2.35.3-150300.10.42.1 * git-debuginfo-2.35.3-150300.10.42.1 * git-gui-2.35.3-150300.10.42.1 * git-daemon-2.35.3-150300.10.42.1 * git-cvs-2.35.3-150300.10.42.1 * git-core-debuginfo-2.35.3-150300.10.42.1 * git-email-2.35.3-150300.10.42.1 * git-debugsource-2.35.3-150300.10.42.1 * git-web-2.35.3-150300.10.42.1 * git-svn-2.35.3-150300.10.42.1 * perl-Git-2.35.3-150300.10.42.1 * git-2.35.3-150300.10.42.1 * git-arch-2.35.3-150300.10.42.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch) * git-doc-2.35.3-150300.10.42.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * gitk-2.35.3-150300.10.42.1 * git-core-2.35.3-150300.10.42.1 * git-daemon-debuginfo-2.35.3-150300.10.42.1 * git-debuginfo-2.35.3-150300.10.42.1 * git-gui-2.35.3-150300.10.42.1 * git-daemon-2.35.3-150300.10.42.1 * git-cvs-2.35.3-150300.10.42.1 * git-core-debuginfo-2.35.3-150300.10.42.1 * git-email-2.35.3-150300.10.42.1 * git-debugsource-2.35.3-150300.10.42.1 * git-web-2.35.3-150300.10.42.1 * git-svn-2.35.3-150300.10.42.1 * perl-Git-2.35.3-150300.10.42.1 * git-2.35.3-150300.10.42.1 * git-arch-2.35.3-150300.10.42.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch) * git-doc-2.35.3-150300.10.42.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * gitk-2.35.3-150300.10.42.1 * git-core-2.35.3-150300.10.42.1 * git-daemon-debuginfo-2.35.3-150300.10.42.1 * git-debuginfo-2.35.3-150300.10.42.1 * git-gui-2.35.3-150300.10.42.1 * git-daemon-2.35.3-150300.10.42.1 * git-cvs-2.35.3-150300.10.42.1 * git-core-debuginfo-2.35.3-150300.10.42.1 * git-email-2.35.3-150300.10.42.1 * git-debugsource-2.35.3-150300.10.42.1 * git-web-2.35.3-150300.10.42.1 * git-svn-2.35.3-150300.10.42.1 * perl-Git-2.35.3-150300.10.42.1 * git-2.35.3-150300.10.42.1 * git-arch-2.35.3-150300.10.42.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * git-doc-2.35.3-150300.10.42.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * gitk-2.35.3-150300.10.42.1 * git-core-2.35.3-150300.10.42.1 * git-daemon-debuginfo-2.35.3-150300.10.42.1 * git-debuginfo-2.35.3-150300.10.42.1 * git-gui-2.35.3-150300.10.42.1 * git-daemon-2.35.3-150300.10.42.1 * git-cvs-2.35.3-150300.10.42.1 * git-core-debuginfo-2.35.3-150300.10.42.1 * git-email-2.35.3-150300.10.42.1 * git-debugsource-2.35.3-150300.10.42.1 * git-web-2.35.3-150300.10.42.1 * git-svn-2.35.3-150300.10.42.1 * perl-Git-2.35.3-150300.10.42.1 * git-2.35.3-150300.10.42.1 * git-arch-2.35.3-150300.10.42.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * git-doc-2.35.3-150300.10.42.1 * SUSE Manager Proxy 4.3 (x86_64) * git-core-2.35.3-150300.10.42.1 * git-debuginfo-2.35.3-150300.10.42.1 * git-debugsource-2.35.3-150300.10.42.1 * git-core-debuginfo-2.35.3-150300.10.42.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * git-core-2.35.3-150300.10.42.1 * git-debuginfo-2.35.3-150300.10.42.1 * git-debugsource-2.35.3-150300.10.42.1 * git-core-debuginfo-2.35.3-150300.10.42.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * git-core-2.35.3-150300.10.42.1 * git-debuginfo-2.35.3-150300.10.42.1 * git-debugsource-2.35.3-150300.10.42.1 * git-core-debuginfo-2.35.3-150300.10.42.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * gitk-2.35.3-150300.10.42.1 * git-core-2.35.3-150300.10.42.1 * git-daemon-debuginfo-2.35.3-150300.10.42.1 * git-debuginfo-2.35.3-150300.10.42.1 * git-gui-2.35.3-150300.10.42.1 * git-daemon-2.35.3-150300.10.42.1 * git-cvs-2.35.3-150300.10.42.1 * git-core-debuginfo-2.35.3-150300.10.42.1 * git-email-2.35.3-150300.10.42.1 * git-debugsource-2.35.3-150300.10.42.1 * git-web-2.35.3-150300.10.42.1 * git-svn-2.35.3-150300.10.42.1 * perl-Git-2.35.3-150300.10.42.1 * git-2.35.3-150300.10.42.1 * git-arch-2.35.3-150300.10.42.1 * SUSE Enterprise Storage 7.1 (noarch) * git-doc-2.35.3-150300.10.42.1 ## References: * https://www.suse.com/security/cve/CVE-2024-24577.html * https://bugzilla.suse.com/show_bug.cgi?id=1219660 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jul 30 16:30:54 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 30 Jul 2024 16:30:54 -0000 Subject: SUSE-SU-2024:2655-1: moderate: Security update for python-dnspython Message-ID: <172235705452.13007.8046373921341771659@smelt2.prg2.suse.org> # Security update for python-dnspython Announcement ID: SUSE-SU-2024:2655-1 Rating: moderate References: * bsc#1222693 Cross-References: * CVE-2023-29483 CVSS scores: * CVE-2023-29483 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP5 * Basesystem Module 15-SP6 * openSUSE Leap 15.5 * openSUSE Leap Micro 5.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Package Hub 15 15-SP5 * SUSE Package Hub 15 15-SP6 An update that solves one vulnerability can now be installed. ## Description: This update for python-dnspython fixes the following issues: * CVE-2023-29483: Fixed an issue that allowed remote attackers to interfere with DNS name resolution (bsc#1222693). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap Micro 5.5 zypper in -t patch openSUSE-Leap-Micro-5.5-2024-2655=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-2655=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-2655=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-2655=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-2655=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-2655=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-2655=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-2655=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-2655=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-2655=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-2655=1 ## Package List: * openSUSE Leap Micro 5.5 (noarch) * python3-dnspython-1.15.0-150000.3.5.1 * openSUSE Leap 15.5 (noarch) * python3-dnspython-1.15.0-150000.3.5.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (noarch) * python3-dnspython-1.15.0-150000.3.5.1 * SUSE Linux Enterprise Micro 5.3 (noarch) * python3-dnspython-1.15.0-150000.3.5.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (noarch) * python3-dnspython-1.15.0-150000.3.5.1 * SUSE Linux Enterprise Micro 5.4 (noarch) * python3-dnspython-1.15.0-150000.3.5.1 * SUSE Linux Enterprise Micro 5.5 (noarch) * python3-dnspython-1.15.0-150000.3.5.1 * Basesystem Module 15-SP5 (noarch) * python3-dnspython-1.15.0-150000.3.5.1 * Basesystem Module 15-SP6 (noarch) * python3-dnspython-1.15.0-150000.3.5.1 * SUSE Package Hub 15 15-SP5 (noarch) * python2-dnspython-1.15.0-150000.3.5.1 * SUSE Package Hub 15 15-SP6 (noarch) * python2-dnspython-1.15.0-150000.3.5.1 ## References: * https://www.suse.com/security/cve/CVE-2023-29483.html * https://bugzilla.suse.com/show_bug.cgi?id=1222693 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jul 30 16:31:00 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 30 Jul 2024 16:31:00 -0000 Subject: SUSE-SU-2024:2654-1: important: Security update for xen Message-ID: <172235706020.13007.4515550044024863044@smelt2.prg2.suse.org> # Security update for xen Announcement ID: SUSE-SU-2024:2654-1 Rating: important References: * bsc#1027519 * bsc#1214718 * bsc#1221984 * bsc#1227355 Cross-References: * CVE-2023-46842 * CVE-2024-31143 CVSS scores: * CVE-2023-46842 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H * CVE-2024-31143 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.5 * openSUSE Leap Micro 5.5 * Server Applications Module 15-SP5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves two vulnerabilities and has two security fixes can now be installed. ## Description: This update for xen fixes the following issues: * CVE-2023-46842: Fixed x86 HVM hypercalls may trigger Xen bug check (XSA-454, bsc#1221984). * CVE-2024-31143: Fixed double unlock in x86 guest IRQ handling (XSA-458, bsc#1227355). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Server Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP5-2024-2654=1 * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-2654=1 openSUSE-SLE-15.5-2024-2654=1 * openSUSE Leap Micro 5.5 zypper in -t patch openSUSE-Leap-Micro-5.5-2024-2654=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-2654=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-2654=1 ## Package List: * Server Applications Module 15-SP5 (x86_64) * xen-debugsource-4.17.4_04-150500.3.33.1 * xen-tools-4.17.4_04-150500.3.33.1 * xen-tools-debuginfo-4.17.4_04-150500.3.33.1 * xen-4.17.4_04-150500.3.33.1 * xen-devel-4.17.4_04-150500.3.33.1 * Server Applications Module 15-SP5 (noarch) * xen-tools-xendomains-wait-disk-4.17.4_04-150500.3.33.1 * openSUSE Leap 15.5 (aarch64 x86_64 i586) * xen-debugsource-4.17.4_04-150500.3.33.1 * xen-libs-debuginfo-4.17.4_04-150500.3.33.1 * xen-devel-4.17.4_04-150500.3.33.1 * xen-tools-domU-debuginfo-4.17.4_04-150500.3.33.1 * xen-tools-domU-4.17.4_04-150500.3.33.1 * xen-libs-4.17.4_04-150500.3.33.1 * openSUSE Leap 15.5 (x86_64) * xen-libs-32bit-debuginfo-4.17.4_04-150500.3.33.1 * xen-libs-32bit-4.17.4_04-150500.3.33.1 * openSUSE Leap 15.5 (aarch64 x86_64) * xen-4.17.4_04-150500.3.33.1 * xen-doc-html-4.17.4_04-150500.3.33.1 * xen-tools-debuginfo-4.17.4_04-150500.3.33.1 * xen-tools-4.17.4_04-150500.3.33.1 * openSUSE Leap 15.5 (noarch) * xen-tools-xendomains-wait-disk-4.17.4_04-150500.3.33.1 * openSUSE Leap 15.5 (aarch64_ilp32) * xen-libs-64bit-4.17.4_04-150500.3.33.1 * xen-libs-64bit-debuginfo-4.17.4_04-150500.3.33.1 * openSUSE Leap Micro 5.5 (x86_64) * xen-debugsource-4.17.4_04-150500.3.33.1 * xen-libs-4.17.4_04-150500.3.33.1 * xen-libs-debuginfo-4.17.4_04-150500.3.33.1 * SUSE Linux Enterprise Micro 5.5 (x86_64) * xen-debugsource-4.17.4_04-150500.3.33.1 * xen-libs-4.17.4_04-150500.3.33.1 * xen-libs-debuginfo-4.17.4_04-150500.3.33.1 * Basesystem Module 15-SP5 (x86_64) * xen-debugsource-4.17.4_04-150500.3.33.1 * xen-libs-debuginfo-4.17.4_04-150500.3.33.1 * xen-tools-domU-debuginfo-4.17.4_04-150500.3.33.1 * xen-tools-domU-4.17.4_04-150500.3.33.1 * xen-libs-4.17.4_04-150500.3.33.1 ## References: * https://www.suse.com/security/cve/CVE-2023-46842.html * https://www.suse.com/security/cve/CVE-2024-31143.html * https://bugzilla.suse.com/show_bug.cgi?id=1027519 * https://bugzilla.suse.com/show_bug.cgi?id=1214718 * https://bugzilla.suse.com/show_bug.cgi?id=1221984 * https://bugzilla.suse.com/show_bug.cgi?id=1227355 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jul 31 12:30:05 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 31 Jul 2024 12:30:05 -0000 Subject: SUSE-SU-2024:2262-3: moderate: Security update for postgresql14 Message-ID: <172242900571.15697.5017382467229919686@smelt2.prg2.suse.org> # Security update for postgresql14 Announcement ID: SUSE-SU-2024:2262-3 Rating: moderate References: * bsc#1224038 * bsc#1224051 Cross-References: * CVE-2024-4317 CVSS scores: * CVE-2024-4317 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Products: * Legacy Module 15-SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for postgresql14 fixes the following issues: * Upgrade to 14.12 (bsc#1224051): * CVE-2024-4317: Restrict visibility of pg_stats_ext and pg_stats_ext_exprs entries to the table owner. See release notes for the steps that have to be taken to fix existing PostgreSQL instances. (bsc#1224038) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Legacy Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Legacy-15-SP6-2024-2262=1 ## Package List: * Legacy Module 15-SP6 (aarch64 ppc64le s390x x86_64) * postgresql14-contrib-debuginfo-14.12-150600.16.3.1 * postgresql14-debuginfo-14.12-150600.16.3.1 * postgresql14-server-14.12-150600.16.3.1 * postgresql14-pltcl-14.12-150600.16.3.1 * postgresql14-plpython-debuginfo-14.12-150600.16.3.1 * postgresql14-server-debuginfo-14.12-150600.16.3.1 * postgresql14-debugsource-14.12-150600.16.3.1 * postgresql14-plperl-14.12-150600.16.3.1 * postgresql14-server-devel-debuginfo-14.12-150600.16.3.1 * postgresql14-devel-14.12-150600.16.3.1 * postgresql14-plperl-debuginfo-14.12-150600.16.3.1 * postgresql14-pltcl-debuginfo-14.12-150600.16.3.1 * postgresql14-devel-debuginfo-14.12-150600.16.3.1 * postgresql14-14.12-150600.16.3.1 * postgresql14-contrib-14.12-150600.16.3.1 * postgresql14-server-devel-14.12-150600.16.3.1 * postgresql14-plpython-14.12-150600.16.3.1 * Legacy Module 15-SP6 (noarch) * postgresql14-docs-14.12-150600.16.3.1 ## References: * https://www.suse.com/security/cve/CVE-2024-4317.html * https://bugzilla.suse.com/show_bug.cgi?id=1224038 * https://bugzilla.suse.com/show_bug.cgi?id=1224051 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jul 31 16:30:05 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 31 Jul 2024 16:30:05 -0000 Subject: SUSE-SU-2024:2681-1: moderate: Security update for gvfs Message-ID: <172244340545.3166.10169000848719163151@smelt2.prg2.suse.org> # Security update for gvfs Announcement ID: SUSE-SU-2024:2681-1 Rating: moderate References: * bsc#1137930 Cross-References: * CVE-2019-12795 CVSS scores: * CVE-2019-12795 ( SUSE ): 5.9 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2019-12795 ( SUSE ): 5.9 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2019-12795 ( NVD ): 7.8 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for gvfs fixes the following issues: * CVE-2019-12795: Fixed attack via local D-Bus method calls (bsc#1137930) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-2681=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-2681=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-2681=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-2681=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * gvfs-devel-1.28.3-18.6.1 * gvfs-debugsource-1.28.3-18.6.1 * gvfs-debuginfo-1.28.3-18.6.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * gvfs-backend-samba-1.28.3-18.6.1 * gvfs-backends-1.28.3-18.6.1 * gvfs-debugsource-1.28.3-18.6.1 * gvfs-1.28.3-18.6.1 * gvfs-backend-samba-debuginfo-1.28.3-18.6.1 * gvfs-debuginfo-1.28.3-18.6.1 * gvfs-backends-debuginfo-1.28.3-18.6.1 * gvfs-fuse-1.28.3-18.6.1 * gvfs-fuse-debuginfo-1.28.3-18.6.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (noarch) * gvfs-lang-1.28.3-18.6.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * gvfs-backend-samba-1.28.3-18.6.1 * gvfs-backends-1.28.3-18.6.1 * gvfs-debugsource-1.28.3-18.6.1 * gvfs-1.28.3-18.6.1 * gvfs-backend-samba-debuginfo-1.28.3-18.6.1 * gvfs-debuginfo-1.28.3-18.6.1 * gvfs-backends-debuginfo-1.28.3-18.6.1 * gvfs-fuse-1.28.3-18.6.1 * gvfs-fuse-debuginfo-1.28.3-18.6.1 * SUSE Linux Enterprise Server 12 SP5 (noarch) * gvfs-lang-1.28.3-18.6.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * gvfs-backend-samba-1.28.3-18.6.1 * gvfs-backends-1.28.3-18.6.1 * gvfs-debugsource-1.28.3-18.6.1 * gvfs-1.28.3-18.6.1 * gvfs-backend-samba-debuginfo-1.28.3-18.6.1 * gvfs-debuginfo-1.28.3-18.6.1 * gvfs-backends-debuginfo-1.28.3-18.6.1 * gvfs-fuse-1.28.3-18.6.1 * gvfs-fuse-debuginfo-1.28.3-18.6.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (noarch) * gvfs-lang-1.28.3-18.6.1 ## References: * https://www.suse.com/security/cve/CVE-2019-12795.html * https://bugzilla.suse.com/show_bug.cgi?id=1137930 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jul 31 17:46:37 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 31 Jul 2024 17:46:37 -0000 Subject: SUSE-SU-2024:1868-1: important: Security update for apache2 Message-ID: <172244799743.19436.4189576040257332021@smelt2.prg2.suse.org> # Security update for apache2 Announcement ID: SUSE-SU-2024:1868-1 Rating: important References: * bsc#1221401 * bsc#1222330 * bsc#1222332 Cross-References: * CVE-2023-38709 * CVE-2024-24795 * CVE-2024-27316 CVSS scores: * CVE-2023-38709 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2024-24795 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2024-27316 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27316 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * Server Applications Module 15-SP5 * Server Applications Module 15-SP6 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 * SUSE Package Hub 15 15-SP5 An update that solves three vulnerabilities can now be installed. ## Description: This update for apache2 fixes the following issues: * CVE-2023-38709: Fixed faulty input validation inside the HTTP response splitting code (bsc#1222330). * CVE-2024-24795: Fixed handling of malicious HTTP splitting response headers in multiple modules (bsc#1222332). * CVE-2024-27316: Fixed HTTP/2 CONTINUATION frames that could have been utilized for DoS attacks (bsc#1221401). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-1868=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1868=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-1868=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-1868=1 * Server Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP5-2024-1868=1 * Server Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2024-1868=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-1868=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-1868=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-1868=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-1868=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-1868=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-1868=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-1868=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-1868=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * apache2-utils-2.4.51-150400.6.17.1 * apache2-devel-2.4.51-150400.6.17.1 * apache2-prefork-2.4.51-150400.6.17.1 * apache2-event-debuginfo-2.4.51-150400.6.17.1 * apache2-debugsource-2.4.51-150400.6.17.1 * apache2-2.4.51-150400.6.17.1 * apache2-worker-debuginfo-2.4.51-150400.6.17.1 * apache2-utils-debuginfo-2.4.51-150400.6.17.1 * apache2-prefork-debuginfo-2.4.51-150400.6.17.1 * apache2-debuginfo-2.4.51-150400.6.17.1 * apache2-worker-2.4.51-150400.6.17.1 * apache2-event-2.4.51-150400.6.17.1 * apache2-example-pages-2.4.51-150400.6.17.1 * openSUSE Leap 15.4 (noarch) * apache2-doc-2.4.51-150400.6.17.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * apache2-utils-2.4.51-150400.6.17.1 * apache2-devel-2.4.51-150400.6.17.1 * apache2-prefork-2.4.51-150400.6.17.1 * apache2-event-debuginfo-2.4.51-150400.6.17.1 * apache2-debugsource-2.4.51-150400.6.17.1 * apache2-2.4.51-150400.6.17.1 * apache2-worker-debuginfo-2.4.51-150400.6.17.1 * apache2-utils-debuginfo-2.4.51-150400.6.17.1 * apache2-prefork-debuginfo-2.4.51-150400.6.17.1 * apache2-debuginfo-2.4.51-150400.6.17.1 * apache2-worker-2.4.51-150400.6.17.1 * apache2-event-2.4.51-150400.6.17.1 * apache2-example-pages-2.4.51-150400.6.17.1 * openSUSE Leap 15.5 (noarch) * apache2-doc-2.4.51-150400.6.17.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * apache2-utils-2.4.51-150400.6.17.1 * apache2-prefork-2.4.51-150400.6.17.1 * apache2-debugsource-2.4.51-150400.6.17.1 * apache2-utils-debuginfo-2.4.51-150400.6.17.1 * apache2-prefork-debuginfo-2.4.51-150400.6.17.1 * apache2-debuginfo-2.4.51-150400.6.17.1 * apache2-2.4.51-150400.6.17.1 * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x x86_64) * apache2-debuginfo-2.4.51-150400.6.17.1 * apache2-event-debuginfo-2.4.51-150400.6.17.1 * apache2-debugsource-2.4.51-150400.6.17.1 * apache2-event-2.4.51-150400.6.17.1 * Server Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * apache2-devel-2.4.51-150400.6.17.1 * apache2-worker-debuginfo-2.4.51-150400.6.17.1 * apache2-debugsource-2.4.51-150400.6.17.1 * apache2-debuginfo-2.4.51-150400.6.17.1 * apache2-worker-2.4.51-150400.6.17.1 * Server Applications Module 15-SP5 (noarch) * apache2-doc-2.4.51-150400.6.17.1 * Server Applications Module 15-SP6 (noarch) * apache2-doc-2.4.51-150400.6.17.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * apache2-utils-2.4.51-150400.6.17.1 * apache2-prefork-2.4.51-150400.6.17.1 * apache2-devel-2.4.51-150400.6.17.1 * apache2-debugsource-2.4.51-150400.6.17.1 * apache2-worker-debuginfo-2.4.51-150400.6.17.1 * apache2-utils-debuginfo-2.4.51-150400.6.17.1 * apache2-prefork-debuginfo-2.4.51-150400.6.17.1 * apache2-debuginfo-2.4.51-150400.6.17.1 * apache2-worker-2.4.51-150400.6.17.1 * apache2-2.4.51-150400.6.17.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * apache2-doc-2.4.51-150400.6.17.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * apache2-utils-2.4.51-150400.6.17.1 * apache2-prefork-2.4.51-150400.6.17.1 * apache2-devel-2.4.51-150400.6.17.1 * apache2-debugsource-2.4.51-150400.6.17.1 * apache2-worker-debuginfo-2.4.51-150400.6.17.1 * apache2-utils-debuginfo-2.4.51-150400.6.17.1 * apache2-prefork-debuginfo-2.4.51-150400.6.17.1 * apache2-debuginfo-2.4.51-150400.6.17.1 * apache2-worker-2.4.51-150400.6.17.1 * apache2-2.4.51-150400.6.17.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * apache2-doc-2.4.51-150400.6.17.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * apache2-utils-2.4.51-150400.6.17.1 * apache2-prefork-2.4.51-150400.6.17.1 * apache2-debugsource-2.4.51-150400.6.17.1 * apache2-utils-debuginfo-2.4.51-150400.6.17.1 * apache2-prefork-debuginfo-2.4.51-150400.6.17.1 * apache2-debuginfo-2.4.51-150400.6.17.1 * apache2-2.4.51-150400.6.17.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * apache2-utils-2.4.51-150400.6.17.1 * apache2-prefork-2.4.51-150400.6.17.1 * apache2-devel-2.4.51-150400.6.17.1 * apache2-debugsource-2.4.51-150400.6.17.1 * apache2-worker-debuginfo-2.4.51-150400.6.17.1 * apache2-utils-debuginfo-2.4.51-150400.6.17.1 * apache2-prefork-debuginfo-2.4.51-150400.6.17.1 * apache2-debuginfo-2.4.51-150400.6.17.1 * apache2-worker-2.4.51-150400.6.17.1 * apache2-2.4.51-150400.6.17.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch) * apache2-doc-2.4.51-150400.6.17.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * apache2-utils-2.4.51-150400.6.17.1 * apache2-prefork-2.4.51-150400.6.17.1 * apache2-devel-2.4.51-150400.6.17.1 * apache2-debugsource-2.4.51-150400.6.17.1 * apache2-worker-debuginfo-2.4.51-150400.6.17.1 * apache2-utils-debuginfo-2.4.51-150400.6.17.1 * apache2-prefork-debuginfo-2.4.51-150400.6.17.1 * apache2-debuginfo-2.4.51-150400.6.17.1 * apache2-worker-2.4.51-150400.6.17.1 * apache2-2.4.51-150400.6.17.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * apache2-doc-2.4.51-150400.6.17.1 * SUSE Manager Proxy 4.3 (x86_64) * apache2-utils-2.4.51-150400.6.17.1 * apache2-prefork-2.4.51-150400.6.17.1 * apache2-devel-2.4.51-150400.6.17.1 * apache2-debugsource-2.4.51-150400.6.17.1 * apache2-worker-debuginfo-2.4.51-150400.6.17.1 * apache2-utils-debuginfo-2.4.51-150400.6.17.1 * apache2-prefork-debuginfo-2.4.51-150400.6.17.1 * apache2-debuginfo-2.4.51-150400.6.17.1 * apache2-worker-2.4.51-150400.6.17.1 * apache2-2.4.51-150400.6.17.1 * SUSE Manager Proxy 4.3 (noarch) * apache2-doc-2.4.51-150400.6.17.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * apache2-utils-2.4.51-150400.6.17.1 * apache2-prefork-2.4.51-150400.6.17.1 * apache2-devel-2.4.51-150400.6.17.1 * apache2-debugsource-2.4.51-150400.6.17.1 * apache2-worker-debuginfo-2.4.51-150400.6.17.1 * apache2-utils-debuginfo-2.4.51-150400.6.17.1 * apache2-prefork-debuginfo-2.4.51-150400.6.17.1 * apache2-debuginfo-2.4.51-150400.6.17.1 * apache2-worker-2.4.51-150400.6.17.1 * apache2-2.4.51-150400.6.17.1 * SUSE Manager Retail Branch Server 4.3 (noarch) * apache2-doc-2.4.51-150400.6.17.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * apache2-utils-2.4.51-150400.6.17.1 * apache2-prefork-2.4.51-150400.6.17.1 * apache2-devel-2.4.51-150400.6.17.1 * apache2-debugsource-2.4.51-150400.6.17.1 * apache2-worker-debuginfo-2.4.51-150400.6.17.1 * apache2-utils-debuginfo-2.4.51-150400.6.17.1 * apache2-prefork-debuginfo-2.4.51-150400.6.17.1 * apache2-debuginfo-2.4.51-150400.6.17.1 * apache2-worker-2.4.51-150400.6.17.1 * apache2-2.4.51-150400.6.17.1 * SUSE Manager Server 4.3 (noarch) * apache2-doc-2.4.51-150400.6.17.1 ## References: * https://www.suse.com/security/cve/CVE-2023-38709.html * https://www.suse.com/security/cve/CVE-2024-24795.html * https://www.suse.com/security/cve/CVE-2024-27316.html * https://bugzilla.suse.com/show_bug.cgi?id=1221401 * https://bugzilla.suse.com/show_bug.cgi?id=1222330 * https://bugzilla.suse.com/show_bug.cgi?id=1222332 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jul 31 17:52:47 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 31 Jul 2024 17:52:47 -0000 Subject: SUSE-SU-2024:1557-3: moderate: Security update for rpm Message-ID: <172244836761.20404.3541054157778388526@smelt2.prg2.suse.org> # Security update for rpm Announcement ID: SUSE-SU-2024:1557-3 Rating: moderate References: * bsc#1189495 * bsc#1191175 * bsc#1218686 Cross-References: * CVE-2021-3521 CVSS scores: * CVE-2021-3521 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:N * CVE-2021-3521 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N Affected Products: * SUSE Linux Enterprise Micro 5.5 An update that solves one vulnerability and has two security fixes can now be installed. ## Description: This update for rpm fixes the following issues: Security fixes: \- CVE-2021-3521: Fixed missing subkey binding signature checking (bsc#1191175) Other fixes: * accept more signature subpackets marked as critical (bsc#1218686) * backport limit support for the autopatch macro (bsc#1189495) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-1557=1 ## Package List: * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * rpm-4.14.3-150400.59.16.1 * rpm-ndb-debugsource-4.14.3-150400.59.16.1 * rpm-debuginfo-4.14.3-150400.59.16.1 * rpm-ndb-debuginfo-4.14.3-150400.59.16.1 * rpm-debugsource-4.14.3-150400.59.16.1 * python3-rpm-4.14.3-150400.59.16.1 * rpm-ndb-4.14.3-150400.59.16.1 * python3-rpm-debuginfo-4.14.3-150400.59.16.1 * python-rpm-debugsource-4.14.3-150400.59.16.1 ## References: * https://www.suse.com/security/cve/CVE-2021-3521.html * https://bugzilla.suse.com/show_bug.cgi?id=1189495 * https://bugzilla.suse.com/show_bug.cgi?id=1191175 * https://bugzilla.suse.com/show_bug.cgi?id=1218686 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jul 31 17:53:46 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 31 Jul 2024 17:53:46 -0000 Subject: SUSE-SU-2024:1635-2: moderate: Security update for tpm2-0-tss Message-ID: <172244842655.20632.10748474991322372723@smelt2.prg2.suse.org> # Security update for tpm2-0-tss Announcement ID: SUSE-SU-2024:1635-2 Rating: moderate References: * bsc#1223690 Cross-References: * CVE-2024-29040 CVSS scores: * CVE-2024-29040 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N Affected Products: * SUSE Linux Enterprise Micro 5.5 An update that solves one vulnerability can now be installed. ## Description: This update for tpm2-0-tss fixes the following issues: * CVE-2024-29040: Fixed quote data validation by Fapi_VerifyQuote (bsc#1223690). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-1635=1 ## Package List: * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * libtss2-esys0-3.1.0-150400.3.6.1 * libtss2-fapi1-3.1.0-150400.3.6.1 * libtss2-rc0-debuginfo-3.1.0-150400.3.6.1 * tpm2-0-tss-debugsource-3.1.0-150400.3.6.1 * libtss2-tcti-device0-3.1.0-150400.3.6.1 * libtss2-sys1-debuginfo-3.1.0-150400.3.6.1 * libtss2-esys0-debuginfo-3.1.0-150400.3.6.1 * libtss2-rc0-3.1.0-150400.3.6.1 * libtss2-sys1-3.1.0-150400.3.6.1 * tpm2-0-tss-3.1.0-150400.3.6.1 * libtss2-tctildr0-3.1.0-150400.3.6.1 * libtss2-mu0-3.1.0-150400.3.6.1 * libtss2-tctildr0-debuginfo-3.1.0-150400.3.6.1 * libtss2-tcti-device0-debuginfo-3.1.0-150400.3.6.1 * libtss2-mu0-debuginfo-3.1.0-150400.3.6.1 * libtss2-fapi1-debuginfo-3.1.0-150400.3.6.1 ## References: * https://www.suse.com/security/cve/CVE-2024-29040.html * https://bugzilla.suse.com/show_bug.cgi?id=1223690 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jul 31 17:54:38 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 31 Jul 2024 17:54:38 -0000 Subject: SUSE-SU-2024:1167-2: important: Security update for nghttp2 Message-ID: <172244847887.20810.4679655598522150217@smelt2.prg2.suse.org> # Security update for nghttp2 Announcement ID: SUSE-SU-2024:1167-2 Rating: important References: * bsc#1221399 Cross-References: * CVE-2024-28182 CVSS scores: * CVE-2024-28182 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Micro 5.5 An update that solves one vulnerability can now be installed. ## Description: This update for nghttp2 fixes the following issues: * CVE-2024-28182: Fixed denial of service via http/2 continuation frames (bsc#1221399) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-1167=1 ## Package List: * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * nghttp2-debuginfo-1.40.0-150200.17.1 * nghttp2-debugsource-1.40.0-150200.17.1 * libnghttp2-14-debuginfo-1.40.0-150200.17.1 * libnghttp2-14-1.40.0-150200.17.1 ## References: * https://www.suse.com/security/cve/CVE-2024-28182.html * https://bugzilla.suse.com/show_bug.cgi?id=1221399 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jul 31 17:55:39 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 31 Jul 2024 17:55:39 -0000 Subject: SUSE-SU-2024:1636-2: moderate: Security update for tpm2.0-tools Message-ID: <172244853949.21152.12474370915105717238@smelt2.prg2.suse.org> # Security update for tpm2.0-tools Announcement ID: SUSE-SU-2024:1636-2 Rating: moderate References: * bsc#1223687 * bsc#1223689 Cross-References: * CVE-2024-29038 * CVE-2024-29039 CVSS scores: * CVE-2024-29038 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2024-29039 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N Affected Products: * SUSE Linux Enterprise Micro 5.5 An update that solves two vulnerabilities can now be installed. ## Description: This update for tpm2.0-tools fixes the following issues: * CVE-2024-29038: Fixed arbitrary quote data validation by tpm2_checkquote (bsc#1223687). * CVE-2024-29039: Fixed pcr selection value to be compared with the attest (bsc#1223689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-1636=1 ## Package List: * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * tpm2.0-tools-5.2-150400.6.3.1 * tpm2.0-tools-debuginfo-5.2-150400.6.3.1 * tpm2.0-tools-debugsource-5.2-150400.6.3.1 ## References: * https://www.suse.com/security/cve/CVE-2024-29038.html * https://www.suse.com/security/cve/CVE-2024-29039.html * https://bugzilla.suse.com/show_bug.cgi?id=1223687 * https://bugzilla.suse.com/show_bug.cgi?id=1223689 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jul 31 17:55:51 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 31 Jul 2024 17:55:51 -0000 Subject: SUSE-SU-2024:1895-2: important: Security update for glibc Message-ID: <172244855135.21201.6458401117614394386@smelt2.prg2.suse.org> # Security update for glibc Announcement ID: SUSE-SU-2024:1895-2 Rating: important References: * bsc#1221940 * bsc#1223423 * bsc#1223424 * bsc#1223425 Cross-References: * CVE-2024-33599 * CVE-2024-33600 * CVE-2024-33601 * CVE-2024-33602 CVSS scores: * CVE-2024-33599 ( SUSE ): 7.6 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-33600 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-33601 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-33602 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * SUSE Linux Enterprise Micro 5.5 An update that solves four vulnerabilities can now be installed. ## Description: This update for glibc fixes the following issues: * CVE-2024-33599: Fixed a stack-based buffer overflow in netgroup cache in nscd (bsc#1223423) * CVE-2024-33600: Avoid null pointer crashes after notfound response in nscd (bsc#1223424) * CVE-2024-33600: Do not send missing not-found response in addgetnetgrentX in nscd (bsc#1223424) * CVE-2024-33601, CVE-2024-33602: Fixed use of two buffers in addgetnetgrentX ( bsc#1223425) * CVE-2024-33602: Use time_t for return type of addgetnetgrentX (bsc#1223425) * Avoid creating userspace live patching prologue for _start routine (bsc#1221940) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-1895=1 ## Package List: * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * glibc-devel-debuginfo-2.31-150300.83.1 * glibc-locale-base-2.31-150300.83.1 * glibc-locale-base-debuginfo-2.31-150300.83.1 * glibc-debuginfo-2.31-150300.83.1 * glibc-devel-2.31-150300.83.1 * glibc-locale-2.31-150300.83.1 * glibc-debugsource-2.31-150300.83.1 * glibc-2.31-150300.83.1 ## References: * https://www.suse.com/security/cve/CVE-2024-33599.html * https://www.suse.com/security/cve/CVE-2024-33600.html * https://www.suse.com/security/cve/CVE-2024-33601.html * https://www.suse.com/security/cve/CVE-2024-33602.html * https://bugzilla.suse.com/show_bug.cgi?id=1221940 * https://bugzilla.suse.com/show_bug.cgi?id=1223423 * https://bugzilla.suse.com/show_bug.cgi?id=1223424 * https://bugzilla.suse.com/show_bug.cgi?id=1223425 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jul 31 17:56:10 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 31 Jul 2024 17:56:10 -0000 Subject: SUSE-SU-2024:1439-2: moderate: Security update for python-idna Message-ID: <172244857057.21342.17940896010766898289@smelt2.prg2.suse.org> # Security update for python-idna Announcement ID: SUSE-SU-2024:1439-2 Rating: moderate References: * bsc#1222842 Cross-References: * CVE-2024-3651 CVSS scores: * CVE-2024-3651 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-3651 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Micro 5.5 An update that solves one vulnerability can now be installed. ## Description: This update for python-idna fixes the following issues: * CVE-2024-3651: Fixed potential DoS via resource consumption via specially crafted inputs to idna.encode() (bsc#1222842). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-1439=1 ## Package List: * SUSE Linux Enterprise Micro 5.5 (noarch) * python3-idna-2.6-150000.3.3.1 ## References: * https://www.suse.com/security/cve/CVE-2024-3651.html * https://bugzilla.suse.com/show_bug.cgi?id=1222842 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jul 31 17:56:19 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 31 Jul 2024 17:56:19 -0000 Subject: SUSE-SU-2024:1271-3: moderate: Security update for gnutls Message-ID: <172244857992.21390.12259181490766925949@smelt2.prg2.suse.org> # Security update for gnutls Announcement ID: SUSE-SU-2024:1271-3 Rating: moderate References: * bsc#1221242 * bsc#1221746 * bsc#1221747 Cross-References: * CVE-2024-28834 * CVE-2024-28835 CVSS scores: * CVE-2024-28834 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-28835 ( SUSE ): 5.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Micro 5.5 An update that solves two vulnerabilities and has one security fix can now be installed. ## Description: This update for gnutls fixes the following issues: * CVE-2024-28834: Fixed side-channel in the deterministic ECDSA (bsc#1221746) * CVE-2024-28835: Fixed denial of service during certificate chain verification (bsc#1221747) Other fixes: \- jitterentropy: Release the memory of the entropy collector when using jitterentropy with phtreads as there is also a pre-intitization done in the main thread (bsc#1221242) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-1271=1 ## Package List: * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * gnutls-3.7.3-150400.4.44.1 * gnutls-debugsource-3.7.3-150400.4.44.1 * gnutls-debuginfo-3.7.3-150400.4.44.1 * libgnutls30-hmac-3.7.3-150400.4.44.1 * libgnutls30-3.7.3-150400.4.44.1 * libgnutls30-debuginfo-3.7.3-150400.4.44.1 ## References: * https://www.suse.com/security/cve/CVE-2024-28834.html * https://www.suse.com/security/cve/CVE-2024-28835.html * https://bugzilla.suse.com/show_bug.cgi?id=1221242 * https://bugzilla.suse.com/show_bug.cgi?id=1221746 * https://bugzilla.suse.com/show_bug.cgi?id=1221747 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jul 31 17:56:26 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 31 Jul 2024 17:56:26 -0000 Subject: SUSE-SU-2024:1415-2: moderate: Security update for cockpit-wicked Message-ID: <172244858676.21438.8188885049359786815@smelt2.prg2.suse.org> # Security update for cockpit-wicked Announcement ID: SUSE-SU-2024:1415-2 Rating: moderate References: * bsc#1217325 Cross-References: * CVE-2023-26364 CVSS scores: * CVE-2023-26364 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * SUSE Linux Enterprise Micro 5.5 An update that solves one vulnerability can now be installed. ## Description: This update for cockpit-wicked fixes the following issues: * CVE-2023-26364: Fixed denial of service due to improper input validation during CSS parsing (bsc#1217325) Other fixes: \- Update to version 5~git8.c06c55b. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-1415=1 ## Package List: * SUSE Linux Enterprise Micro 5.5 (noarch) * cockpit-wicked-5~git8.c06c55b-150500.3.3.1 ## References: * https://www.suse.com/security/cve/CVE-2023-26364.html * https://bugzilla.suse.com/show_bug.cgi?id=1217325 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jul 31 17:56:34 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 31 Jul 2024 17:56:34 -0000 Subject: SUSE-SU-2024:1598-2: important: Security update for less Message-ID: <172244859457.21487.17837387411068564825@smelt2.prg2.suse.org> # Security update for less Announcement ID: SUSE-SU-2024:1598-2 Rating: important References: * bsc#1222849 Cross-References: * CVE-2024-32487 CVSS scores: * CVE-2024-32487 ( SUSE ): 8.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Micro 5.5 An update that solves one vulnerability can now be installed. ## Description: This update for less fixes the following issues: * CVE-2024-32487: Fixed mishandling of \n character in paths when LESSOPEN is set leads to OS command execution. (bsc#1222849) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-1598=1 ## Package List: * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * less-debuginfo-590-150400.3.9.1 * less-590-150400.3.9.1 * less-debugsource-590-150400.3.9.1 ## References: * https://www.suse.com/security/cve/CVE-2024-32487.html * https://bugzilla.suse.com/show_bug.cgi?id=1222849 -------------- next part -------------- An HTML attachment was scrubbed... URL: