From null at suse.de Fri May 3 08:30:51 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 03 May 2024 08:30:51 -0000 Subject: SUSE-SU-2024:1490-1: important: Security update for the Linux Kernel Message-ID: <171472505175.29210.3223905488659709689@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2024:1490-1 Rating: important References: * bsc#1177529 * bsc#1192145 * bsc#1194869 * bsc#1200465 * bsc#1205316 * bsc#1207948 * bsc#1209635 * bsc#1209657 * bsc#1212514 * bsc#1213456 * bsc#1214852 * bsc#1215221 * bsc#1215322 * bsc#1217339 * bsc#1217829 * bsc#1217959 * bsc#1217987 * bsc#1217988 * bsc#1217989 * bsc#1218321 * bsc#1218336 * bsc#1218479 * bsc#1218643 * bsc#1218777 * bsc#1219126 * bsc#1219169 * bsc#1219170 * bsc#1219264 * bsc#1219834 * bsc#1220114 * bsc#1220176 * bsc#1220237 * bsc#1220251 * bsc#1220320 * bsc#1220337 * bsc#1220340 * bsc#1220365 * bsc#1220366 * bsc#1220398 * bsc#1220411 * bsc#1220413 * bsc#1220439 * bsc#1220443 * bsc#1220445 * bsc#1220466 * bsc#1220478 * bsc#1220482 * bsc#1220484 * bsc#1220486 * bsc#1220487 * bsc#1220492 * bsc#1220703 * bsc#1220775 * bsc#1220790 * bsc#1220797 * bsc#1220831 * bsc#1220833 * bsc#1220836 * bsc#1220839 * bsc#1220840 * bsc#1220843 * bsc#1220870 * bsc#1220871 * bsc#1220872 * bsc#1220878 * bsc#1220879 * bsc#1220883 * bsc#1220885 * bsc#1220887 * bsc#1220898 * bsc#1220901 * bsc#1220915 * bsc#1220918 * bsc#1220920 * bsc#1220921 * bsc#1220926 * bsc#1220927 * bsc#1220929 * bsc#1220932 * bsc#1220935 * bsc#1220937 * bsc#1220938 * bsc#1220940 * bsc#1220954 * bsc#1220955 * bsc#1220959 * bsc#1220960 * bsc#1220961 * bsc#1220965 * bsc#1220969 * bsc#1220978 * bsc#1220979 * bsc#1220981 * bsc#1220982 * bsc#1220983 * bsc#1220985 * bsc#1220986 * bsc#1220987 * bsc#1220989 * bsc#1220990 * bsc#1221009 * bsc#1221012 * bsc#1221015 * bsc#1221022 * bsc#1221039 * bsc#1221040 * bsc#1221044 * bsc#1221045 * bsc#1221046 * bsc#1221048 * bsc#1221055 * bsc#1221056 * bsc#1221058 * bsc#1221060 * bsc#1221061 * bsc#1221062 * bsc#1221066 * bsc#1221067 * bsc#1221068 * bsc#1221069 * bsc#1221070 * bsc#1221071 * bsc#1221077 * bsc#1221082 * bsc#1221090 * bsc#1221097 * bsc#1221156 * bsc#1221162 * bsc#1221252 * bsc#1221273 * bsc#1221274 * bsc#1221276 * bsc#1221277 * bsc#1221291 * bsc#1221293 * bsc#1221298 * bsc#1221337 * bsc#1221338 * bsc#1221375 * bsc#1221379 * bsc#1221551 * bsc#1221553 * bsc#1221613 * bsc#1221614 * bsc#1221616 * bsc#1221618 * bsc#1221631 * bsc#1221633 * bsc#1221713 * bsc#1221725 * bsc#1221777 * bsc#1221791 * bsc#1221814 * bsc#1221816 * bsc#1221830 * bsc#1221951 * bsc#1222011 * bsc#1222033 * bsc#1222051 * bsc#1222056 * bsc#1222060 * bsc#1222070 * bsc#1222073 * bsc#1222117 * bsc#1222247 * bsc#1222266 * bsc#1222274 * bsc#1222291 * bsc#1222300 * bsc#1222304 * bsc#1222317 * bsc#1222331 * bsc#1222355 * bsc#1222356 * bsc#1222360 * bsc#1222366 * bsc#1222373 * bsc#1222416 * bsc#1222422 * bsc#1222427 * bsc#1222428 * bsc#1222431 * bsc#1222437 * bsc#1222445 * bsc#1222449 * bsc#1222503 * bsc#1222520 * bsc#1222536 * bsc#1222549 * bsc#1222550 * bsc#1222557 * bsc#1222585 * bsc#1222586 * bsc#1222596 * bsc#1222609 * bsc#1222610 * bsc#1222619 * bsc#1222630 * bsc#1222632 * bsc#1222660 * bsc#1222662 * bsc#1222664 * bsc#1222669 * bsc#1222677 * bsc#1222678 * bsc#1222680 * bsc#1222706 * bsc#1222720 * bsc#1222724 * bsc#1222726 * bsc#1222727 * bsc#1222764 * bsc#1222772 * bsc#1222781 * bsc#1222784 * bsc#1222798 * bsc#1222801 * bsc#1222952 * bsc#1223030 * bsc#1223067 * bsc#1223068 * jsc#PED-5759 * jsc#PED-7167 * jsc#PED-7619 Cross-References: * CVE-2021-46925 * CVE-2021-46926 * CVE-2021-46927 * CVE-2021-46929 * CVE-2021-46930 * CVE-2021-46931 * CVE-2021-46933 * CVE-2021-46936 * CVE-2021-47082 * CVE-2021-47087 * CVE-2021-47091 * CVE-2021-47093 * CVE-2021-47094 * CVE-2021-47095 * CVE-2021-47096 * CVE-2021-47097 * CVE-2021-47098 * CVE-2021-47099 * CVE-2021-47100 * CVE-2021-47101 * CVE-2021-47102 * CVE-2021-47104 * CVE-2021-47105 * CVE-2021-47107 * CVE-2021-47108 * CVE-2021-47181 * CVE-2021-47182 * CVE-2021-47183 * CVE-2021-47185 * CVE-2021-47189 * CVE-2022-4744 * CVE-2022-48626 * CVE-2022-48629 * CVE-2022-48630 * CVE-2023-0160 * CVE-2023-28746 * CVE-2023-35827 * CVE-2023-4881 * CVE-2023-52447 * CVE-2023-52450 * CVE-2023-52453 * CVE-2023-52454 * CVE-2023-52469 * CVE-2023-52470 * CVE-2023-52474 * CVE-2023-52476 * CVE-2023-52477 * CVE-2023-52481 * CVE-2023-52484 * CVE-2023-52486 * CVE-2023-52488 * CVE-2023-52492 * CVE-2023-52493 * CVE-2023-52494 * CVE-2023-52497 * CVE-2023-52500 * CVE-2023-52501 * CVE-2023-52502 * CVE-2023-52503 * CVE-2023-52504 * CVE-2023-52507 * CVE-2023-52508 * CVE-2023-52509 * CVE-2023-52510 * CVE-2023-52511 * CVE-2023-52513 * CVE-2023-52515 * CVE-2023-52517 * CVE-2023-52518 * CVE-2023-52519 * CVE-2023-52520 * CVE-2023-52523 * CVE-2023-52524 * CVE-2023-52525 * CVE-2023-52528 * CVE-2023-52529 * CVE-2023-52532 * CVE-2023-52561 * CVE-2023-52563 * CVE-2023-52564 * CVE-2023-52566 * CVE-2023-52567 * CVE-2023-52569 * CVE-2023-52574 * CVE-2023-52575 * CVE-2023-52576 * CVE-2023-52582 * CVE-2023-52583 * CVE-2023-52587 * CVE-2023-52591 * CVE-2023-52594 * CVE-2023-52595 * CVE-2023-52597 * CVE-2023-52598 * CVE-2023-52599 * CVE-2023-52600 * CVE-2023-52601 * CVE-2023-52602 * CVE-2023-52603 * CVE-2023-52604 * CVE-2023-52605 * CVE-2023-52606 * CVE-2023-52607 * CVE-2023-52608 * CVE-2023-52612 * CVE-2023-52615 * CVE-2023-52617 * CVE-2023-52619 * CVE-2023-52621 * CVE-2023-52623 * CVE-2023-52627 * CVE-2023-52628 * CVE-2023-52632 * CVE-2023-52636 * CVE-2023-52637 * CVE-2023-52639 * CVE-2023-6356 * CVE-2023-6535 * CVE-2023-6536 * CVE-2023-7042 * CVE-2023-7192 * CVE-2024-0841 * CVE-2024-2201 * CVE-2024-22099 * CVE-2024-23307 * CVE-2024-23850 * CVE-2024-25739 * CVE-2024-25742 * CVE-2024-26599 * CVE-2024-26600 * CVE-2024-26602 * CVE-2024-26612 * CVE-2024-26614 * CVE-2024-26620 * CVE-2024-26627 * CVE-2024-26629 * CVE-2024-26642 * CVE-2024-26645 * CVE-2024-26646 * CVE-2024-26651 * CVE-2024-26654 * CVE-2024-26659 * CVE-2024-26660 * CVE-2024-26664 * CVE-2024-26667 * CVE-2024-26670 * CVE-2024-26680 * CVE-2024-26681 * CVE-2024-26684 * CVE-2024-26685 * CVE-2024-26689 * CVE-2024-26695 * CVE-2024-26696 * CVE-2024-26697 * CVE-2024-26704 * CVE-2024-26717 * CVE-2024-26718 * CVE-2024-26722 * CVE-2024-26727 * CVE-2024-26733 * CVE-2024-26736 * CVE-2024-26737 * CVE-2024-26743 * CVE-2024-26744 * CVE-2024-26745 * CVE-2024-26747 * CVE-2024-26749 * CVE-2024-26751 * CVE-2024-26754 * CVE-2024-26760 * CVE-2024-26763 * CVE-2024-26766 * CVE-2024-26769 * CVE-2024-26771 * CVE-2024-26776 * CVE-2024-26779 * CVE-2024-26787 * CVE-2024-26790 * CVE-2024-26793 * CVE-2024-26798 * CVE-2024-26805 * CVE-2024-26807 * CVE-2024-26848 CVSS scores: * CVE-2021-46925 ( SUSE ): 5.3 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46925 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46926 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46927 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46927 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46929 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2021-46929 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46930 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2021-46930 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46931 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46931 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46933 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2021-46933 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46936 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46936 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47082 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47087 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2021-47091 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47093 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H * CVE-2021-47094 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2021-47095 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47096 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2021-47097 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2021-47099 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47100 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47101 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2021-47102 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47104 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2021-47105 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2021-47107 ( SUSE ): 6.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2021-47108 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47181 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47182 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47183 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47185 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47189 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-4744 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-4744 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48626 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2022-48626 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48629 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2022-48630 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-0160 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-0160 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-28746 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2023-35827 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-4881 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L * CVE-2023-4881 ( NVD ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2023-52447 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52447 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52450 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52450 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52454 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52454 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52469 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2023-52469 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52470 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52470 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52474 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N * CVE-2023-52474 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52476 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52477 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52484 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52486 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52488 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52492 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52493 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52494 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52497 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2023-52500 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2023-52501 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2023-52502 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52503 ( SUSE ): 4.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2023-52504 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52507 ( SUSE ): 5.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2023-52508 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52509 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52510 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52511 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52513 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52515 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52517 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52518 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52519 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52520 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52523 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52524 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52525 ( SUSE ): 3.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2023-52528 ( SUSE ): 3.5 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L * CVE-2023-52529 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52532 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52561 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52563 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52564 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52566 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52567 ( SUSE ): 2.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L * CVE-2023-52569 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52574 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52575 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52576 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52582 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52583 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52587 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52591 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2023-52594 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52595 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52597 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:H * CVE-2023-52598 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52603 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52605 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52606 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52607 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52608 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52612 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H * CVE-2023-52615 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52617 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52619 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52621 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52623 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52627 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52628 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52632 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52636 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52637 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52639 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6356 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6356 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6535 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6535 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6536 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6536 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-7042 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-7042 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-7192 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-7192 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0841 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0841 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-2201 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-22099 ( SUSE ): 5.3 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-22099 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-23307 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23850 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-23850 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-25739 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-25739 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-25742 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26599 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L * CVE-2024-26599 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26600 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26600 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26602 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-26602 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26612 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26614 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26627 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26629 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-26642 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26645 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26646 ( SUSE ): 4.9 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2024-26651 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26654 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26659 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26660 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26664 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26667 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26670 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26680 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26681 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26684 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26685 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26689 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26695 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26696 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26697 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26704 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26717 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26718 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26722 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26727 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26733 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26736 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26737 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26743 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-26744 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26745 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26747 ( SUSE ): 4.3 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26749 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-26751 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-26754 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26760 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26763 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2024-26766 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26769 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26771 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26776 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26779 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26787 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26790 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26793 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26798 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26805 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26807 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26848 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L Affected Products: * openSUSE Leap 15.5 * Public Cloud Module 15-SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves 183 vulnerabilities, contains three features and has 38 security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP5 Azure kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2021-46925: Fixed kernel panic caused by race of smc_sock (bsc#1220466). * CVE-2021-46926: Fixed bug when detecting controllers in ALSA/hda/intel-sdw- acpi (bsc#1220478). * CVE-2021-46927: Fixed assertion bug in nitro_enclaves: Use get_user_pages_unlocked() (bsc#1220443). * CVE-2021-46929: Fixed use-after-free issue in sctp_sock_dump() (bsc#1220482). * CVE-2021-46930: Fixed usb/mtu3 list_head check warning (bsc#1220484). * CVE-2021-46931: Fixed wrong type casting in mlx5e_tx_reporter_dump_sq() (bsc#1220486). * CVE-2021-46933: Fixed possible underflow in ffs_data_clear() (bsc#1220487). * CVE-2021-46936: Fixed use-after-free in tw_timer_handler() (bsc#1220439). * CVE-2021-47082: Fixed ouble free in tun_free_netdev() (bsc#1220969). * CVE-2021-47087: Fixed incorrect page free bug in tee/optee (bsc#1220954). * CVE-2021-47091: Fixed locking in ieee80211_start_ap()) error path (bsc#1220959). * CVE-2021-47093: Fixed memleak on registration failure in intel_pmc_core (bsc#1220978). * CVE-2021-47094: Fixed possible memory leak in KVM x86/mmu (bsc#1221551). * CVE-2021-47095: Fixed missing initialization in ipmi/ssif (bsc#1220979). * CVE-2021-47096: Fixed uninitalized user_pversion in ALSA rawmidi (bsc#1220981). * CVE-2021-47097: Fixed stack out of bound access in elantech_change_report_id() (bsc#1220982). * CVE-2021-47098: Fixed integer overflow/underflow in hysteresis calculations hwmon: (lm90) (bsc#1220983). * CVE-2021-47099: Fixed BUG_ON assertion in veth when skb entering GRO are cloned (bsc#1220955). * CVE-2021-47100: Fixed UAF when uninstall in ipmi (bsc#1220985). * CVE-2021-47101: Fixed uninit-value in asix_mdio_read() (bsc#1220987). * CVE-2021-47102: Fixed incorrect structure access In line: upper = info->upper_dev in net/marvell/prestera (bsc#1221009). * CVE-2021-47104: Fixed memory leak in qib_user_sdma_queue_pkts() (bsc#1220960). * CVE-2021-47105: Fixed potential memory leak in ice/xsk (bsc#1220961). * CVE-2021-47107: Fixed READDIR buffer overflow in NFSD (bsc#1220965). * CVE-2021-47108: Fixed possible NULL pointer dereference for mtk_hdmi_conf in drm/mediatek (bsc#1220986). * CVE-2021-47181: Fixed a null pointer dereference caused by calling platform_get_resource() (bsc#1222660). * CVE-2021-47182: Fixed buffer length handling in scsi_mode_sense() in scsi core (bsc#1222662). * CVE-2021-47183: Fixed a null pointer dereference during link down processing in scsi lpfc (bsc#1192145, bsc#1222664). * CVE-2021-47185: Fixed a softlockup issue in flush_to_ldisc in tty tty_buffer (bsc#1222669). * CVE-2021-47189: Fixed denial of service due to memory ordering issues between normal and ordered work functions in btrfs (bsc#1222706). * CVE-2022-4744: Fixed double-free that could lead to DoS or privilege escalation in TUN/TAP device driver functionality (bsc#1209635). * CVE-2022-48626: Fixed a potential use-after-free on remove path moxart (bsc#1220366). * CVE-2022-48629: Fixed possible memory leak in qcom-rng (bsc#1220989). * CVE-2022-48630: Fixed infinite loop on requests not multiple of WORD_SZ in crypto: qcom-rng (bsc#1220990). * CVE-2023-0160: Fixed deadlock flaw in BPF that could allow a local user to potentially crash the system (bsc#1209657). * CVE-2023-28746: Fixed Register File Data Sampling (bsc#1213456). * CVE-2023-35827: Fixed a use-after-free issue in ravb_tx_timeout_work() (bsc#1212514). * CVE-2023-4881: Fixed a out-of-bounds write flaw in the netfilter subsystem that could lead to potential information disclosure or a denial of service (bsc#1215221). * CVE-2023-52447: Fixed map_fd_put_ptr() signature kABI workaround (bsc#1220251). * CVE-2023-52450: Fixed NULL pointer dereference issue in upi_fill_topology() (bsc#1220237). * CVE-2023-52453: Fixed data corruption in hisi_acc_vfio_pci (bsc#1220337). * CVE-2023-52454: Fixed a kernel panic when host sends an invalid H2C PDU length (bsc#1220320). * CVE-2023-52469: Fixed a use-after-free in kv_parse_power_table (bsc#1220411). * CVE-2023-52470: Fixed null-ptr-deref in radeon_crtc_init() (bsc#1220413). * CVE-2023-52474: Fixed a vulnerability with non-PAGE_SIZE-end multi-iovec user SDMA requests (bsc#1220445). * CVE-2023-52476: Fixed possible unhandled page fault via perf sampling NMI during vsyscall (bsc#1220703). * CVE-2023-52477: Fixed USB Hub accesses to uninitialized BOS descriptors (bsc#1220790). * CVE-2023-52481: Fixed speculative unprivileged load in Cortex-A520 (bsc#1220887). * CVE-2023-52484: Fixed a soft lockup triggered by arm_smmu_mm_invalidate_range (bsc#1220797). * CVE-2023-52486: Fixed possible use-after-free in drm (bsc#1221277). * CVE-2023-52488: Fixed data corruption due to error on incrementing register address in regmap functions for FIFO in serial sc16is7xx (bsc#1221162). * CVE-2023-52492: Fixed a null-pointer-dereference in channel unregistration function __dma_async_device_channel_register() (bsc#1221276). * CVE-2023-52493: Fixed possible soft lockup in bus/mhi/host (bsc#1221274). * CVE-2023-52494: Fixed missing alignment check for event ring read pointer in bus/mhi/host (bsc#1221273). * CVE-2023-52497: Fixed data corruption in erofs (bsc#1220879). * CVE-2023-52500: Fixed information leaking when processing OPC_INB_SET_CONTROLLER_CONFIG command (bsc#1220883). * CVE-2023-52501: Fixed possible memory corruption in ring-buffer (bsc#1220885). * CVE-2023-52502: Fixed a race condition in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() (bsc#1220831). * CVE-2023-52503: Fixed use-after-free in amdtee_close_session due to race condition with amdtee_open_session in tee amdtee (bsc#1220915). * CVE-2023-52504: Fixed possible out-of bounds in apply_alternatives() on a 5-level paging machine (bsc#1221553). * CVE-2023-52507: Fixed possible shift-out-of-bounds in nfc/nci (bsc#1220833). * CVE-2023-52508: Fixed null pointer dereference in nvme_fc_io_getuuid() (bsc#1221015). * CVE-2023-52509: Fixed a use-after-free issue in ravb_tx_timeout_work() (bsc#1220836). * CVE-2023-52510: Fixed a potential UAF in ca8210_probe() (bsc#1220898). * CVE-2023-52511: Fixed possible memory corruption in spi/sun6i (bsc#1221012). * CVE-2023-52513: Fixed connection failure handling in RDMA/siw (bsc#1221022). * CVE-2023-52515: Fixed possible use-after-free in RDMA/srp (bsc#1221048). * CVE-2023-52517: Fixed race between DMA RX transfer completion and RX FIFO drain in spi/sun6i (bsc#1221055). * CVE-2023-52518: Fixed information leak in bluetooth/hci_codec (bsc#1221056). * CVE-2023-52519: Fixed possible overflow in HID/intel-ish-hid/ipc (bsc#1220920). * CVE-2023-52520: Fixed reference leak in platform/x86/think-lmi (bsc#1220921). * CVE-2023-52523: Fixed wrong redirects to non-TCP sockets in bpf (bsc#1220926). * CVE-2023-52524: Fixed possible corruption in nfc/llcp (bsc#1220927). * CVE-2023-52525: Fixed out of bounds check mwifiex_process_rx_packet() (bsc#1220840). * CVE-2023-52528: Fixed uninit-value access in __smsc75xx_read_reg() (bsc#1220843). * CVE-2023-52529: Fixed a potential memory leak in sony_probe() (bsc#1220929). * CVE-2023-52532: Fixed a bug in TX CQE error handling (bsc#1220932). * CVE-2023-52561: Fixed denial of service due to missing reserved attribute on cont splash memory region in arm64 dts qcom sdm845-db845c (bsc#1220935). * CVE-2023-52563: Fixed memory leak on ->hpd_notify callback() in drm/meson (bsc#1220937). * CVE-2023-52564: Reverted invalid fix for UAF in gsm_cleanup_mux() (bsc#1220938). * CVE-2023-52566: Fixed potential use after free in nilfs_gccache_submit_read_data() (bsc#1220940). * CVE-2023-52567: Fixed possible Oops in serial/8250_port: when using IRQ polling (irq = 0) (bsc#1220839). * CVE-2023-52569: Fixed a bug in btrfs by remoning BUG() after failure to insert delayed dir index item (bsc#1220918). * CVE-2023-52574: Fixed a bug by hiding new member header_ops (bsc#1220870). * CVE-2023-52575: Fixed SBPB enablement for spec_rstack_overflow=off (bsc#1220871). * CVE-2023-52576: Fixed potential use after free in memblock_isolate_range() (bsc#1220872). * CVE-2023-52582: Fixed possible oops in netfs (bsc#1220878). * CVE-2023-52583: Fixed deadlock or deadcode of misusing dget() inside ceph (bsc#1221058). * CVE-2023-52587: Fixed mcast list locking in IB/ipoib (bsc#1221082). * CVE-2023-52591: Fixed a possible reiserfs filesystem corruption via directory renaming (bsc#1221044). * CVE-2023-52594: Fixed potential array-index-out-of-bounds read in ath9k_htc_txstatus() (bsc#1221045). * CVE-2023-52595: Fixed possible deadlock in wifi/rt2x00 (bsc#1221046). * CVE-2023-52597: Fixed a setting of fpc register in KVM (bsc#1221040). * CVE-2023-52598: Fixed wrong setting of fpc register in s390/ptrace (bsc#1221060). * CVE-2023-52599: Fixed array-index-out-of-bounds in diNewExt() in jfs (bsc#1221062). * CVE-2023-52600: Fixed uaf in jfs_evict_inode() (bsc#1221071). * CVE-2023-52601: Fixed array-index-out-of-bounds in dbAdjTree() in jfs (bsc#1221068). * CVE-2023-52602: Fixed slab-out-of-bounds Read in dtSearch() in jfs (bsc#1221070). * CVE-2023-52603: Fixed array-index-out-of-bounds in dtSplitRoot() (bsc#1221066). * CVE-2023-52604: Fixed array-index-out-of-bounds in dbAdjTree() (bsc#1221067). * CVE-2023-52605: Fixed a NULL pointer dereference check (bsc#1221039) * CVE-2023-52606: Fixed possible kernel stack corruption in powerpc/lib (bsc#1221069). * CVE-2023-52607: Fixed a null-pointer-dereference in pgtable_cache_add kasprintf() (bsc#1221061). * CVE-2023-52608: Fixed possible race condition in firmware/arm_scmi (bsc#1221375). * CVE-2023-52612: Fixed req->dst buffer overflow in crypto/scomp (bsc#1221616). * CVE-2023-52615: Fixed page fault dead lock on mmap-ed hwrng (bsc#1221614). * CVE-2023-52617: Fixed stdev_release() crash after surprise hot remove (bsc#1221613). * CVE-2023-52619: Fixed possible crash when setting number of cpus to an odd number in pstore/ram (bsc#1221618). * CVE-2023-52621: Fixed missing asserion in bpf (bsc#1222073). * CVE-2023-52623: Fixed suspicious RCU usage in SUNRPC (bsc#1222060). * CVE-2023-52627: Fixed null pointer dereference due to lack of callback functions in iio adc ad7091r (bsc#1222051) * CVE-2023-52628: Fixed 4-byte stack OOB write in nftables (bsc#1222117). * CVE-2023-52632: Fixed lock dependency warning with srcu in drm/amdkfd (bsc#1222274). * CVE-2023-52636: Fixed denial of service due to wrongly init the cursor when preparing sparse read in msgr2 in libceph (bsc#1222247). * CVE-2023-52637: Fixed UAF in j1939_sk_match_filter() in can/k1939 (bsc#1222291). * CVE-2023-52639: Fixed race during shadow creation in KVM/s390/vsie Fixed (bsc#1222300). * CVE-2023-6356: Fixed a NULL pointer dereference in nvmet_tcp_build_pdu_iovec (bsc#1217987). * CVE-2023-6535: Fixed a NULL pointer dereference in nvmet_tcp_execute_request (bsc#1217988). * CVE-2023-6536: Fixed a NULL pointer dereference in __nvmet_req_complete (bsc#1217989). * CVE-2023-7042: Fixed a null-pointer-dereference in ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() (bsc#1218336). * CVE-2023-7192: Fixed a memory leak problem in ctnetlink_create_conntrack in net/netfilter/nf_conntrack_netlink.c (bsc#1218479). * CVE-2024-0841: Fixed null pointer dereference in hugetlbfs_fill_super() (bsc#1219264). * CVE-2024-2201: Fixed information leak in x86/BHI (bsc#1217339). * CVE-2024-22099: Fixed a null-pointer-dereference in rfcomm_check_security (bsc#1219170). * CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5 modules (bsc#1219169). * CVE-2024-23850: Fixed denial of service due to assertion failure due to subvolume readed before root item insertion in btrfs_get_root_ref in btrfs (bsc#1219126). * CVE-2024-23850: Fixed double free of anonymous device after snapshot creation failure (bsc#1219126). * CVE-2024-25739: Fixed possible crash in create_empty_lvol() in drivers/mtd/ubi/vtbl.c (bsc#1219834). * CVE-2024-25742: Fixed insufficient validation during #VC instruction emulation in x86/sev (bsc#1221725). * CVE-2024-26599: Fixed out-of-bounds access in of_pwm_single_xlate() (bsc#1220365). * CVE-2024-26600: Fixed NULL pointer dereference for SRP in phy-omap-usb2 (bsc#1220340). * CVE-2024-26602: Fixed overall slowdowns with sys_membarrier (bsc1220398). * CVE-2024-26612: Fixed Oops in fscache_put_cache() This function dereferences (bsc#1221291). * CVE-2024-26614: Fixed the initialization of accept_queue's spinlocks (bsc#1221293). * CVE-2024-26620: Fixed possible device model violation in s390/vfio-ap (bsc#1221298). * CVE-2024-26627: Fixed possible hard lockup in scsi (bsc#1221090). * CVE-2024-26629: Fixed possible protocol violation via RELEASE_LOCKOWNER in nfsd (bsc#1221379). * CVE-2024-26642: Fixed the set of anonymous timeout flag in netfilter nf_tables (bsc#1221830). * CVE-2024-26645: Fixed missing visibility when inserting an element into tracing_map (bsc#1222056). * CVE-2024-26646: Fixed potential memory corruption when resuming from suspend or hibernation in thermal/intel/hfi (bsc#1222070). * CVE-2024-26651: Fixed possible oops via malicious devices in sr9800 (bsc#1221337). * CVE-2024-26654: Fixed use after free in ALSA/sh/aica (bsc#1222304). * CVE-2024-26659: Fixed wrong handling of isoc Babble and Buffer Overrun events in xhci (bsc#1222317). * CVE-2024-26660: Fixed buffer overflow in dcn301_stream_encoder_create in drm amd display (bsc#1222266) * CVE-2024-26664: Fixed out-of-bounds memory access in create_core_data() in hwmon coretemp (bsc#1222355). * CVE-2024-26667: Fixed null pointer reference in dpu_encoder_helper_phys_cleanup in drm/msm/dpu (bsc#1222331). * CVE-2024-26670: Fixed ARM64_WORKAROUND_SPECULATIVE_UNPRIV_LOAD workaround in kernel arm64 (bsc#1222356). * CVE-2024-26680: Fixed denial of service due to DMA mapping for PTP hwts ring in net atlantic (bsc#1222427). * CVE-2024-26681: Fixed denial of service in nsim_dev_trap_report_work() in netdevsim (bsc#1222431). * CVE-2024-26684: Fixed handling of DPP safety error for DMA channels in net stmmac xgmac (bsc#1222445). * CVE-2024-26685: Fixed denial of service in end_buffer_async_write() in nilfs2 (bsc#1222437). * CVE-2024-26689: Fixed use-after-free in encode_cap_msg() in ceph (bsc#1222503). * CVE-2024-26695: Fixed null pointer dereference in __sev_platform_shutdown_locked in crypto ccp (bsc#1222373). * CVE-2024-26696: Fixed denial of service in nilfs_lookup_dirty_data_buffers() in nilfs2 (bsc#1222549). * CVE-2024-26697: Fixed data corruption in dsync block recovery for small block sizes in nilfs2 (bsc#1222550). * CVE-2024-26704: Fixed a double-free of blocks due to wrong extents moved_len in ext4 (bsc#1222422). * CVE-2024-26717: Fixed null pointer dereference on failed power up in HID i2c-hid-of (bsc#1222360). * CVE-2024-26718: Fixed memory corruption in tasklet_unlock via disabling tasklets in dm-crypt and dm-verify (bsc#1222416). * CVE-2024-26722: Fixed denial of service in rt5645_jack_detect_work() due to mutex left locked forever in ASoC rt5645 (bsc#1222520). * CVE-2024-26727: Fixed denial of service due to assertion failure during subvolume creation (bsc#1222536). * CVE-2024-26733: Fixed an overflow in arp_req_get() in arp (bsc#1222585). * CVE-2024-26736: Fixed buffer overflow in afs_update_volume_status() in afs (bsc#1222586). * CVE-2024-26737: Fixed use-after-free due to race between bpf_timer_cancel_and_free and bpf_timer_cancel in bpf (bsc#1222557). * CVE-2024-26743: Fixed memory leak in qedr_create_user_qp error flow in rdma/qedr (bsc#1222677) * CVE-2024-26744: Fixed null pointer dereference in srpt_service_guid parameter in rdma/srpt (bsc#1222449) * CVE-2024-26745: Fixed null pointer dereference due to IOMMU table not initialized for kdump over SR-IOV (bsc#1220492, bsc#1222678). * CVE-2024-26747: Fixed null pointer issue when put module's reference in usb roles (bsc#1222609). * CVE-2024-26749: Fixed use-after-free at cdns3_gadget_ep_disable() in usb cdns3 (bsc#1222680). * CVE-2024-26751: Fixed denial of service due to gpiod_lookup_table search loop not ending correctly (bsc#1222724) * CVE-2024-26754: Fixed an use-after-free and null-ptr-deref in gtp_genl_dump_pdp() in gtp (bsc#1222632). * CVE-2024-26760: Fixed null pointer dereference on error case in bio_put() in scsi target pscsi (bsc#1222596) * CVE-2024-26763: Fixed user corruption via by writing data with O_DIRECT on device in dm-crypt (bsc#1222720). * CVE-2024-26766: Fixed off-by-one error in sdma.h tx->num_descs in ib/hfi1 (bsc#1222726) * CVE-2024-26769: Fixed deadlock on delete association path in nvmet-fc (bsc#1222727). * CVE-2024-26771: Fixed a null pointer dereference on edma_probe in dmaengine ti edma (bsc#1222610) * CVE-2024-26776: Fixed null pointer dereference due to null value returned by interrupt handler in spi hisi-sfc-v3xx (bsc#1222764) * CVE-2024-26779: Fixed denial of service due to race condition on enabling fast-xmit in wifi mac80211 (bsc#1222772). * CVE-2024-26787: Fixed DMA API overlapping mappings in mmc mmci stm32 (bsc#1222781) * CVE-2024-26790: Fixed denial of service on 16 bytes unaligned read in dmaengine fsl-qdma (bsc#1222784) * CVE-2024-26793: Fixed an use-after-free and null-ptr-deref in gtp_newlink() in gtp (bsc#1222428). * CVE-2024-26798: Fixed denial of service due to wrongly restore fond data upon failure in fbcon (bsc#1222798). * CVE-2024-26805: Fixed a kernel-infoleak-after-free in __skb_datagram_iter in netlink (bsc#1222630). * CVE-2024-26807: Fixed memory corruption due to wrong pointer reference in spi cadence-qspi (bsc#1222801) * CVE-2024-26848: Fixed denial of service due to endless loop in directory parsing in afs (bsc#1223030). The following non-security bugs were fixed: * Revert "PCI: tegra194: Enable support for 256 Byte payload" (git-fixes). * Revert "Revert "drm/amdgpu/display: change pipe policy for DCN 2.0"" (git- fixes). * Revert "SUNRPC dont update timeout value on connection reset" (git-fixes). * Revert "drm/amd: Disable PSR-SU on Parade 0803 TCON" (git-fixes). * Revert "drm/amd: Disable S/G for APUs when 64GB or more host memory" (git- fixes). * Revert "drm/amdgpu/display: change pipe policy for DCN 2.0" (git-fixes). * Revert "drm/amdgpu/display: change pipe policy for DCN 2.1" (git-fixes). * Revert "drm/vc4: hdmi: Enforce the minimum rate at runtime_resume" (git- fixes). * Revert "fbdev: flush deferred IO before closing (git-fixes)." (bsc#1221814) * acpi: CPPC: enable AMD CPPC V2 support for family 17h processors (git- fixes). * acpi: processor_idle: Fix memory leak in acpi_processor_power_exit() (git- fixes). * acpi: resource: Add Infinity laptops to irq1_edge_low_force_override (stable-fixes). * acpi: resource: Add MAIBENBEN X577 to irq1_edge_low_force_override (git- fixes). * acpi: resource: Do IRQ override on Lunnen Ground laptops (stable-fixes). * acpi: scan: Fix device check notification handling (git-fixes). * acpica: debugger: check status of acpi_evaluate_object() in acpi_db_walk_for_fields() (git-fixes). * alsa: aaci: Delete unused variable in aaci_do_suspend (git-fixes). * alsa: aoa: avoid false-positive format truncation warning (git-fixes). * alsa: aw2: avoid casting function pointers (git-fixes). * alsa: ctxfi: avoid casting function pointers (git-fixes). * alsa: hda/realtek - ALC285 reduce pop noise from Headphone port (stable- fixes). * alsa: hda/realtek - Add Headset Mic supported Acer NB platform (stable- fixes). * alsa: hda/realtek - Fix headset Mic no show at resume back for Lenovo ALC897 platform (git-fixes). * alsa: hda/realtek: Enable Mute LED on HP 840 G8 (MB 8AB8) (git-fixes). * alsa: hda/realtek: Update Panasonic CF-SZ6 quirk to support headset with microphone (git-fixes). * alsa: hda/realtek: fix ALC285 issues on HP Envy x360 laptops (stable-fixes). * alsa: hda/realtek: fix mute/micmute LED For HP mt440 (git-fixes). * alsa: hda/realtek: fix mute/micmute LEDs for HP EliteBook (stable-fixes). * alsa: seq: fix function cast warnings (git-fixes). * alsa: sh: aica: reorder cleanup operations to avoid UAF bugs (git-fixes). * alsa: usb-audio: Stop parsing channels bits when all channels are found (git-fixes). * arm64: dts: allwinner: h6: Add RX DMA channel for SPDIF (git-fixes) * arm64: dts: broadcom: bcmbca: bcm4908: drop invalid switch cells (git-fixes) * arm64: dts: imx8mm-kontron: Add support for ultra high speed modes on (git- fixes) * arm64: dts: imx8mm-venice-gw71xx: fix USB OTG VBUS (git-fixes) * arm64: dts: marvell: reorder crypto interrupts on Armada SoCs (git-fixes) * arm64: dts: rockchip: add ES8316 codec for ROCK Pi 4 (git-fixes) * arm64: dts: rockchip: add SPDIF node for ROCK Pi 4 (git-fixes) * arm64: dts: rockchip: fix regulator name on rk3399-rock-4 (git-fixes) * arm64: dts: rockchip: set num-cs property for spi on px30 (git-fixes) * arm64: mm: fix VA-range sanity check (git-fixes) * arm64: set __exception_irq_entry with __irq_entry as a default (git-fixes) * asoc: Intel: bytcr_rt5640: Add an extra entry for the Chuwi Vi8 tablet (stable-fixes). * asoc: amd: acp: Add missing error handling in sof-mach (git-fixes). * asoc: amd: acp: fix for acp_init function error handling (git-fixes). * asoc: madera: Fix typo in madera_set_fll_clks shift value (git-fixes). * asoc: meson: Use dev_err_probe() helper (stable-fixes). * asoc: meson: aiu: fix function pointer type mismatch (git-fixes). * asoc: meson: axg-tdm-interface: add frame rate constraint (git-fixes). * asoc: meson: axg-tdm-interface: fix mclk setup without mclk-fs (git-fixes). * asoc: meson: t9015: fix function pointer type mismatch (git-fixes). * asoc: ops: Fix wraparound for mask in snd_soc_get_volsw (git-fixes). * asoc: rcar: adg: correct TIMSEL setting for SSI9 (git-fixes). * asoc: rt5645: Make LattePanda board DMI match more precise (stable-fixes). * asoc: rt5682-sdw: fix locking sequence (git-fixes). * asoc: rt711-sdca: fix locking sequence (git-fixes). * asoc: rt711-sdw: fix locking sequence (git-fixes). * asoc: wm8962: Enable both SPKOUTR_ENA and SPKOUTL_ENA in mono mode (stable- fixes). * asoc: wm8962: Enable oscillator if selecting WM8962_FLL_OSC (stable-fixes). * asoc: wm8962: Fix up incorrect error message in wm8962_set_fll (stable- fixes). * ata: sata_mv: Fix PCI device ID table declaration compilation warning (git- fixes). * ata: sata_sx4: fix pdc20621_get_from_dimm() on 64-bit (git-fixes). * backlight: da9052: Fully initialize backlight_properties during probe (git- fixes). * backlight: lm3630a: Do not set bl->props.brightness in get_brightness (git- fixes). * backlight: lm3630a: Initialize backlight_properties on init (git-fixes). * backlight: lm3639: Fully initialize backlight_properties during probe (git- fixes). * backlight: lp8788: Fully initialize backlight_properties during probe (git- fixes). * bcache: Fix __bch_btree_node_alloc to make the failure behavior consistent (git-fixes). * bcache: Remove dead references to cache_readaheads (git-fixes). * bcache: Remove unnecessary NULL point check in node allocations (git-fixes). * bcache: add code comments for bch_btree_node_get() and __bch_btree_node_alloc() (git-fixes). * bcache: avoid NULL checking to c->root in run_cache_set() (git-fixes). * bcache: avoid oversize memory allocation by small stripe_size (git-fixes). * bcache: bset: Fix comment typos (git-fixes). * bcache: check return value from btree_node_alloc_replacement() (git-fixes). * bcache: fix NULL pointer reference in cached_dev_detach_finish (git-fixes). * bcache: fix error info in register_bcache() (git-fixes). * bcache: fixup bcache_dev_sectors_dirty_add() multithreaded CPU false sharing (git-fixes). * bcache: fixup btree_cache_wait list damage (git-fixes). * bcache: fixup init dirty data errors (git-fixes). * bcache: fixup lock c->root error (git-fixes). * bcache: fixup multi-threaded bch_sectors_dirty_init() wake-up race (git- fixes). * bcache: move calc_cached_dev_sectors to proper place on backing device detach (git-fixes). * bcache: move uapi header bcache.h to bcache code directory (git-fixes). * bcache: prevent potential division by zero error (git-fixes). * bcache: remove EXPERIMENTAL for Kconfig option 'Asynchronous device registration' (git-fixes). * bcache: remove bch_crc64_update (git-fixes). * bcache: remove redundant assignment to variable cur_idx (git-fixes). * bcache: remove the backing_dev_name field from struct cached_dev (git- fixes). * bcache: remove the cache_dev_name field from struct cache (git-fixes). * bcache: remove unnecessary flush_workqueue (git-fixes). * bcache: remove unused bch_mark_cache_readahead function def in stats.h (git- fixes). * bcache: replace a mistaken IS_ERR() by IS_ERR_OR_NULL() in btree_gc_coalesce() (git-fixes). * bcache: replace snprintf in show functions with sysfs_emit (git-fixes). * bcache: revert replacing IS_ERR_OR_NULL with IS_ERR (git-fixes). * bcache: use bvec_kmap_local in bch_data_verify (git-fixes). * bcache: use bvec_kmap_local in bio_csum (git-fixes). * bcache: use default_groups in kobj_type (git-fixes). * bcache:: fix repeated words in comments (git-fixes). * blocklayoutdriver: Fix reference leak of pnfs_device_node (git-fixes). * bluetooth: hci_core: Fix possible buffer overflow (git-fixes). * bluetooth: mgmt: Remove leftover queuing of power_off work (git-fixes). * bluetooth: remove HCI_POWER_OFF_TIMEOUT (git-fixes). * bluetooth: remove superfluous call to hci_conn_check_pending() (git-fixes). * bluetooth: rfcomm: Fix null-ptr-deref in rfcomm_check_security (stable- fixes). * bpf, scripts: Correct GPL license name (git-fixes). * bpf, sockmap: Fix preempt_rt splat when using raw_spin_lock_t (git-fixes). * can: softing: remove redundant NULL check (git-fixes). * ceph: stop copying to iter at EOF on sync reads (bsc#1223068). * ceph: switch to corrected encoding of max_xattr_size in mdsmap (bsc#1223067). * clk: zynq: Prevent null pointer dereference caused by kmalloc failure (git- fixes). * comedi: comedi_test: Prevent timers rescheduling during deletion (git- fixes). * coresight: etm4x: Do not access TRCIDR1 for identification (bsc#1220775) * coresight: etm4x: Fix accesses to TRCSEQRSTEVR and TRCSEQSTR (bsc#1220775) * coresight: etm: Override TRCIDR3.CCITMIN on errata affected cpus (bsc#1220775) * cpufreq: amd-pstate: Fix min_perf assignment in amd_pstate_adjust_perf() (git-fixes). * cpufreq: brcmstb-avs-cpufreq: add check for cpufreq_cpu_get's return value (git-fixes). * crypto: arm/sha - fix function cast warnings (git-fixes). * crypto: qat - avoid division by zero (git-fixes). * crypto: qat - fix deadlock in backlog processing (git-fixes). * crypto: qat - fix double free during reset (git-fixes). * crypto: qat - fix state machines cleanup paths (bsc#1218321). * crypto: qat - fix unregistration of compression algorithms (git-fixes). * crypto: qat - fix unregistration of crypto algorithms (git-fixes). * crypto: qat - ignore subsequent state up commands (git-fixes). * crypto: qat - increase size of buffers (git-fixes). * crypto: qat - resolve race condition during AER recovery (git-fixes). * crypto: xilinx - call finalize with bh disabled (git-fixes). * dm cache policy smq: ensure IO does not prevent cleaner policy progress (git-fixes). * dm cache: add cond_resched() to various workqueue loops (git-fixes). * dm clone: call kmem_cache_destroy() in dm_clone_init() error path (git- fixes). * dm crypt: add cond_resched() to dmcrypt_write() (git-fixes). * dm crypt: avoid accessing uninitialized tasklet (git-fixes). * dm flakey: do not corrupt the zero page (git-fixes). * dm flakey: fix a bug with 32-bit highmem systems (git-fixes). * dm flakey: fix a crash with invalid table line (git-fixes). * dm flakey: fix logic when corrupting a bio (git-fixes). * dm init: add dm-mod.waitfor to wait for asynchronously probed block devices (git-fixes). * dm integrity: call kmem_cache_destroy() in dm_integrity_init() error path (git-fixes). * dm integrity: fix out-of-range warning (git-fixes). * dm integrity: reduce vmalloc space footprint on 32-bit architectures (git- fixes). * dm raid: clean up four equivalent goto tags in raid_ctr() (git-fixes). * dm raid: fix false positive for requeue needed during reshape (git-fixes). * dm raid: fix missing reconfig_mutex unlock in raid_ctr() error paths (git- fixes). * dm stats: check for and propagate alloc_percpu failure (git-fixes). * dm thin metadata: Fix ABBA deadlock by resetting dm_bufio_client (git- fixes). * dm thin metadata: check fail_io before using data_sm (git-fixes). * dm thin: add cond_resched() to various workqueue loops (git-fixes). * dm thin: fix deadlock when swapping to thin device (bsc#1177529). * dm verity: do not perform FEC for failed readahead IO (git-fixes). * dm verity: fix error handling for check_at_most_once on FEC (git-fixes). * dm zoned: free dmz->ddev array in dmz_put_zoned_devices (git-fixes). * dm-delay: fix a race between delay_presuspend and delay_bio (git-fixes). * dm-integrity: do not modify bio's immutable bio_vec in integrity_metadata() (git-fixes). * dm-raid: fix lockdep waring in "pers->hot_add_disk" (git-fixes). * dm-verity, dm-crypt: align "struct bvec_iter" correctly (git-fixes). * dm-verity: align struct dm_verity_fec_io properly (git-fixes). * dm: add cond_resched() to dm_wq_work() (git-fixes). * dm: call the resume method on internal suspend (git-fixes). * dm: do not lock fs when the map is NULL during suspend or resume (git- fixes). * dm: do not lock fs when the map is NULL in process of resume (git-fixes). * dm: remove flush_scheduled_work() during local_exit() (git-fixes). * dm: send just one event on resize, not two (git-fixes). * doc-guide: kernel-doc: tell about object-like macros (git-fixes). * doc/README.SUSE: Update information about module support status (jsc#PED-5759) * drivers: hv: vmbus: Calculate ring buffer size for more efficient use of memory (git-fixes). * drm/amd/display: Add FAMS validation before trying to use it (git-fixes). * drm/amd/display: Add function for validate and update new stream (git- fixes). * drm/amd/display: Avoid ABM when ODM combine is enabled for eDP (git-fixes). * drm/amd/display: Blocking invalid 420 modes on HDMI TMDS for DCN31 (git- fixes). * drm/amd/display: Check if link state is valid (git-fixes). * drm/amd/display: Copy DC context in the commit streams (git-fixes). * drm/amd/display: Disable PSR-SU on Parade 0803 TCON again (git-fixes). * drm/amd/display: Enable fast plane updates on DCN3.2 and above (git-fixes). * drm/amd/display: Enable new commit sequence only for DCN32x (git-fixes). * drm/amd/display: Exit idle optimizations before attempt to access PHY (git- fixes). * drm/amd/display: Expand kernel doc for DC (git-fixes). * drm/amd/display: Fix a bug when searching for insert_above_mpcc (git-fixes). * drm/amd/display: Fix a potential buffer overflow in 'dp_dsc_clock_en_read()' (git-fixes). * drm/amd/display: Fix possible underflow for displays with large vblank (git- fixes). * drm/amd/display: Fix the delta clamping for shaper LUT (git-fixes). * drm/amd/display: Fix underflow issue on 175hz timing (git-fixes). * drm/amd/display: For prefetch mode > 0, extend prefetch if possible (git- fixes). * drm/amd/display: Guard DCN31 PHYD32CLK logic against chip family (git- fixes). * drm/amd/display: Guard against invalid RPTR/WPTR being set (git-fixes). * drm/amd/display: Handle seamless boot stream (git-fixes). * drm/amd/display: Handle virtual hardware detect (git-fixes). * drm/amd/display: Include surface of unaffected streams (git-fixes). * drm/amd/display: Include udelay when waiting for INBOX0 ACK (git-fixes). * drm/amd/display: Increase frame warning limit with KASAN or KCSAN in dml (git-fixes). * drm/amd/display: Keep PHY active for dp config (git-fixes). * drm/amd/display: Prevent vtotal from being set to 0 (git-fixes). * drm/amd/display: Remove min_dst_y_next_start check for Z8 (git-fixes). * drm/amd/display: Restore rptr/wptr for DMCUB as workaround (git-fixes). * drm/amd/display: Return the correct HDCP error code (stable-fixes). * drm/amd/display: Revert vblank change that causes null pointer crash (git- fixes). * drm/amd/display: Rework comments on dc file (git-fixes). * drm/amd/display: Rework context change check (git-fixes). * drm/amd/display: Set minimum requirement for using PSR-SU on Phoenix (git- fixes). * drm/amd/display: Set minimum requirement for using PSR-SU on Rembrandt (git- fixes). * drm/amd/display: Update OTG instance in the commit stream (git-fixes). * drm/amd/display: Update correct DCN314 register header (git-fixes). * drm/amd/display: Update min Z8 residency time to 2100 for DCN314 (git- fixes). * drm/amd/display: Use DRAM speed from validation for dummy p-state (git- fixes). * drm/amd/display: Use DTBCLK as refclk instead of DPREFCLK (git-fixes). * drm/amd/display: Use min transition for all SubVP plane add/remove (git- fixes). * drm/amd/display: Write to correct dirty_rect (git-fixes). * drm/amd/display: Wrong colorimetry workaround (git-fixes). * drm/amd/display: add FB_DAMAGE_CLIPS support (git-fixes). * drm/amd/display: add ODM case when looking for first split pipe (git-fixes). * drm/amd/display: always switch off ODM before committing more streams (git- fixes). * drm/amd/display: clean code-style issues in dcn30_set_mpc_shaper_3dlut (git- fixes). * drm/amd/display: dc.h: eliminate kernel-doc warnings (git-fixes). * drm/amd/display: ensure async flips are only accepted for fast updates (git- fixes). * drm/amd/display: fix ABM disablement (git-fixes). * drm/amd/display: fix a NULL pointer dereference in amdgpu_dm_i2c_xfer() (git-fixes). * drm/amd/display: fix dc/core/dc.c kernel-doc (git-fixes). * drm/amd/display: fix hw rotated modes when PSR-SU is enabled (git-fixes). * drm/amd/display: fix kernel-doc issues in dc.h (git-fixes). * drm/amd/display: fix unbounded requesting for high pixel rate modes on dcn315 (git-fixes). * drm/amd/display: handle range offsets in VRR ranges (stable-fixes). * drm/amd/display: perform a bounds check before filling dirty rectangles (git-fixes). * drm/amd/display: set per pipe dppclk to 0 when dpp is off (git-fixes). * drm/amd/display: update extended blank for dcn314 onwards (git-fixes). * drm/amd/display: use low clocks for no plane configs (git-fixes). * drm/amd/pm: Fix error of MACO flag setting code (git-fixes). * drm/amd/pm: fix a memleak in aldebaran_tables_init (git-fixes). * drm/amd/smu: use AverageGfxclkFrequency* to replace previous GFX Curr Clock (git-fixes). * drm/amd: Enable PCIe PME from D3 (git-fixes). * drm/amdgpu/pm: Fix the error of pwm1_enable setting (stable-fixes). * drm/amdgpu/pm: make gfxclock consistent for sienna cichlid (git-fixes). * drm/amdgpu/pm: make mclk consistent for smu 13.0.7 (git-fixes). * drm/amdgpu/smu13: drop compute workload workaround (git-fixes). * drm/amdgpu: Enable gpu reset for S3 abort cases on Raven series (stable- fixes). * drm/amdgpu: Fix missing break in ATOM_ARG_IMM Case of atom_get_src_int() (git-fixes). * drm/amdgpu: Force order between a read and write to the same address (git- fixes). * drm/amdgpu: Match against exact bootloader status (git-fixes). * drm/amdgpu: Unset context priority is now invalid (git-fixes). * drm/amdgpu: Update min() to min_t() in 'amdgpu_info_ioctl' (git-fixes). * drm/amdgpu: amdgpu_ttm_gart_bind set gtt bound flag (stable-fixes). * drm/amdgpu: lower CS errors to debug severity (git-fixes). * drm/amdkfd: fix TLB flush after unmap for GFX9.4.2 (stable-fixes). * drm/bridge: tc358762: Instruct DSI host to generate HSE packets (git-fixes). * drm/display: fix typo (git-fixes). * drm/edid: Add quirk for OSVR HDK 2.0 (git-fixes). * drm/etnaviv: Restore some id values (git-fixes). * drm/exynos: do not return negative values from .get_modes() (stable-fixes). * drm/exynos: fix a possible null-pointer dereference due to data race in exynos_drm_crtc_atomic_disable() (git-fixes). * drm/i915/bios: Tolerate devdata==NULL in intel_bios_encoder_supports_dp_dual_mode() (stable-fixes). * drm/i915/gt: Do not generate the command streamer for all the CCS (git- fixes). * drm/i915/gt: Reset queue_priority_hint on parking (git-fixes). * drm/i915/gt: Use i915_vm_put on ppgtt_create error paths (git-fixes). * drm/i915/selftests: Fix dependency of some timeouts on HZ (git-fixes). * drm/i915: Add missing CCS documentation (git-fixes). * drm/i915: Call intel_pre_plane_updates() also for pipes getting enabled (git-fixes). * drm/i915: Check before removing mm notifier (git-fixes). * drm/lima: fix a memleak in lima_heap_alloc (git-fixes). * drm/mediatek: Fix a null pointer crash in mtk_drm_crtc_finish_page_flip (git-fixes). * drm/mediatek: dsi: Fix DSI RGB666 formats and definitions (git-fixes). * drm/msm/dpu: Only enable DSC_MODE_MULTIPLEX if dsc_merge is enabled (git- fixes). * drm/msm/dpu: add division of drm_display_mode's hskew parameter (git-fixes). * drm/msm/dpu: fix the programming of INTF_CFG2_DATA_HCTL_EN (git-fixes). * drm/msm/dpu: improve DSC allocation (git-fixes). * drm/panel-edp: use put_sync in unprepare (git-fixes). * drm/panel: Move AUX B116XW03 out of panel-edp back to panel-simple (git- fixes). * drm/panel: auo,b101uan08.3: Fine tune the panel power sequence (git-fixes). * drm/panel: boe-tv101wum-nl6: Fine tune the panel power sequence (git-fixes). * drm/panel: do not return negative error codes from drm_panel_get_modes() (stable-fixes). * drm/panfrost: fix power transition timeout warnings (git-fixes). * drm/probe-helper: warn about negative .get_modes() (stable-fixes). * drm/qxl: remove unused `count` variable from `qxl_surface_id_alloc()` (git- fixes). * drm/qxl: remove unused variable from `qxl_process_single_command()` (git- fixes). * drm/radeon/ni: Fix wrong firmware size logging in ni_init_microcode() (git- fixes). * drm/radeon/ni_dpm: remove redundant NULL check (git-fixes). * drm/radeon: remove dead code in ni_mc_load_microcode() (git-fixes). * drm/rockchip: dsi: Clean up 'usage_mode' when failing to attach (git-fixes). * drm/rockchip: inno_hdmi: Fix video timing (git-fixes). * drm/rockchip: lvds: do not overwrite error code (git-fixes). * drm/rockchip: lvds: do not print scary message when probing defer (git- fixes). * drm/tegra: dpaux: Fix PM disable depth imbalance in tegra_dpaux_probe (git- fixes). * drm/tegra: dsi: Add missing check for of_find_device_by_node (git-fixes). * drm/tegra: dsi: Fix missing pm_runtime_disable() in the error handling path of tegra_dsi_probe() (git-fixes). * drm/tegra: dsi: Fix some error handling paths in tegra_dsi_probe() (git- fixes). * drm/tegra: dsi: Make use of the helper function dev_err_probe() (stable- fixes). * drm/tegra: hdmi: Convert to devm_platform_ioremap_resource() (stable-fixes). * drm/tegra: hdmi: Fix some error handling paths in tegra_hdmi_probe() (git- fixes). * drm/tegra: output: Fix missing i2c_put_adapter() in the error handling paths of tegra_output_probe() (git-fixes). * drm/tegra: put drm_gem_object ref on error in tegra_fb_create (git-fixes). * drm/tegra: rgb: Fix missing clk_put() in the error handling paths of tegra_dc_rgb_probe() (git-fixes). * drm/tegra: rgb: Fix some error handling paths in tegra_dc_rgb_probe() (git- fixes). * drm/tidss: Fix initial plane zpos values (git-fixes). * drm/tidss: Fix sync-lost issue with two displays (git-fixes). * drm/ttm: Do not leak a resource on eviction error (git-fixes). * drm/ttm: Do not print error message if eviction was interrupted (git-fixes). * drm/vc4: Add module dependency on hdmi-codec (git-fixes). * drm/vmwgfx: Create debugfs ttm_resource_manager entry only if needed (git- fixes). * drm/vmwgfx: Fix possible null pointer derefence with invalid contexts (git- fixes). * drm/vmwgfx: fix a memleak in vmw_gmrid_man_get_node (git-fixes). * drm: Do not treat 0 as -1 in drm_fixp2int_ceil (git-fixes). * drm: Fix drm_fixp2int_round() making it add 0.5 (git-fixes). * drm: panel-orientation-quirks: Add quirk for Acer Switch V 10 (SW5-017) (git-fixes). * firewire: core: use long bus reset on gap count error (stable-fixes). * fix "coresight: etm4x: Change etm4_platform_driver driver for MMIO devices" (bsc#1220775) Hunk with clk_put(drvdata->pclk) was incorrectly moved to another function. * force config_TCG_TIS_CORE=m on aarch64 for workaround kconfig issues * group-source-files.pl: Quote filenames (boo#1221077). The kernel source now contains a file with a space in the name. Add quotes in group-source- files.pl to avoid splitting the filename. Also use -print0 / -0 when updating timestamps. * hid: amd_sfh: Update HPD sensor structure elements (git-fixes). * hid: lenovo: Add middleclick_workaround sysfs knob for cptkbd (git-fixes). * hid: multitouch: Add required quirk for Synaptics 0xcddc device (stable- fixes). * hv_netvsc: Calculate correct ring size when PAGE_SIZE is not 4 Kbytes (git- fixes). * hv_netvsc: Fix race condition between netvsc_probe and netvsc_remove (git- fixes). * hv_netvsc: Register VF in netvsc_probe if NET_DEVICE_REGISTER missed (git- fixes). * i2c: aspeed: Fix the dummy irq expected print (git-fixes). * i2c: i801: Avoid potential double call to gpiod_remove_lookup_table (git- fixes). * i2c: wmt: Fix an error handling path in wmt_i2c_probe() (git-fixes). * ib/ipoib: fix mcast list locking (git-fixes) * iio: dummy_evgen: remove Excess kernel-doc comments (git-fixes). * iio: pressure: dlhl60d: Initialize empty DLH bytes (git-fixes). * input: gpio_keys_polled - suppress deferred probe error for gpio (stable- fixes). * input: synaptics-rmi4 - fix UAF of IRQ domain on driver removal (git-fixes). * iommu/amd: Add a length limitation for the ivrs_acpihid command-line parameter (git-fixes). * iommu/amd: Do not block updates to GATag if guest mode is on (git-fixes). * iommu/amd: Fix "Guest Virtual APIC Table Root Pointer" configuration in IRTE (git-fixes). * iommu/amd: Fix domain flush size when syncing iotlb (git-fixes). * iommu/amd: Fix error handling for pdev_pri_ats_enable() (git-fixes). * iommu/amd: Mark interrupt as managed (git-fixes). * iommu/arm-smmu-qcom: Limit the SMR groups to 128 (git-fixes). * iommu/arm-smmu-v3: Acknowledge pri/event queue overflow if any (git-fixes). * iommu/arm-smmu-v3: Work around MMU-600 erratum 1076982 (git-fixes). * iommu/dma: Trace bounce buffer usage when mapping buffers (git-fixes). * iommu/fsl: fix all kernel-doc warnings in fsl_pamu.c (git-fixes). * iommu/iova: Fix alloc iova overflows issue (git-fixes). * iommu/mediatek-v1: Fix an error handling path in mtk_iommu_v1_probe() (git- fixes). * iommu/mediatek: Fix forever loop in error handling (git-fixes). * iommu/mediatek: Flush IOTLB completely only if domain has been attached (git-fixes). * iommu/rockchip: Fix unwind goto issue (git-fixes). * iommu/sprd: Release dma buffer to avoid memory leak (git-fixes). * iommu/vt-d: Allocate local memory for page request queue (git-fixes). * iommu/vt-d: Allow to use flush-queue when first level is default (git- fixes). * iommu/vt-d: Allow zero SAGAW if second-stage not supported (git-fixes). * iommu/vt-d: Do not issue ATS Invalidation request when device is disconnected (git-fixes). * iommu/vt-d: Fix PASID directory pointer coherency (git-fixes). * iommu/vt-d: Fix error handling in sva enable/disable paths (git-fixes). * iommu/vt-d: Set No Execute Enable bit in PASID table entry (git-fixes). * iommu: Fix error unwind in iommu_group_alloc() (git-fixes). * kABI: PCI: Add locking to RMW PCI Express Capability Register accessors (kabi). * kabi: Adjust trace_iterator.wait_index (git-fixes). * kconfig: fix infinite loop when expanding a macro at the end of file (git- fixes). * kernel-binary: Fix i386 build Fixes: 89eaf4cdce05 ("rpm templates: Move macro definitions below buildrequires") * kernel-binary: Move build script to the end All other spec templates have the build script at the end, only kernel-binary has it in the middle. Align with the other templates. * kernel-binary: certs: Avoid trailing space * kernel-binary: vdso: fix filelist for non-usrmerged kernel Fixes: a6ad8af207e6 ("rpm templates: Always define usrmerged") * kprobes: Fix double free of kretprobe_holder (bsc#1220901). * kvm: s390: only deliver the set service event bits (git-fixes bsc#1221631). * leds: aw2013: Unlock mutex before destroying it (git-fixes). * lib/cmdline: Fix an invalid format specifier in an assertion msg (git- fixes). * libnvdimm/of_pmem: Use devm_kstrdup instead of kstrdup and check its return value (git-fixes). * libnvdimm/region: Allow setting align attribute on regions without mappings (git-fixes). * make nvidia Grace-Hopper TPM related drivers build-ins (bsc#1221156) * md/raid1: fix choose next idle in read_balance() (git-fixes). * md: Do not clear MD_CLOSING when the raid is about to stop (git-fixes). * md: do not clear MD_RECOVERY_FROZEN for new dm-raid until resume (git- fixes). * md: fix data corruption for raid456 when reshape restart while grow up (git- fixes). * media: dvb-frontends: avoid stack overflow warnings with clang (git-fixes). * media: edia: dvbdev: fix a use-after-free (git-fixes). * media: em28xx: annotate unchecked call to media_device_register() (git- fixes). * media: go7007: add check of return value of go7007_read_addr() (git-fixes). * media: go7007: fix a memleak in go7007_load_encoder (git-fixes). * media: imx: csc/scaler: fix v4l2_ctrl_handler memory leak (git-fixes). * media: pvrusb2: fix pvr2_stream_callback casts (git-fixes). * media: pvrusb2: fix uaf in pvr2_context_set_notify (git-fixes). * media: pvrusb2: remove redundant NULL check (git-fixes). * media: staging: ipu3-imgu: Set fields before media_entity_pads_init() (git- fixes). * media: sun8i-di: Fix chroma difference threshold (git-fixes). * media: sun8i-di: Fix coefficient writes (git-fixes). * media: sun8i-di: Fix power on/off sequences (git-fixes). * media: tc358743: register v4l2 async device only after successful setup (git-fixes). * media: ttpci: fix two memleaks in budget_av_attach (git-fixes). * media: usbtv: Remove useless locks in usbtv_video_free() (git-fixes). * media: v4l2-mem2mem: fix a memleak in v4l2_m2m_register_entity (git-fixes). * media: v4l2-tpg: fix some memleaks in tpg_alloc (git-fixes). * media: xc4000: Fix atomicity violation in xc4000_get_frequency (git-fixes). * mfd: altera-sysmgr: Call of_node_put() only when of_parse_phandle() takes a ref (git-fixes). * mfd: syscon: Call of_node_put() only when of_parse_phandle() takes a ref (git-fixes). * mm,page_owner: Defer enablement of static branch (bsc#1222366). * mm,page_owner: Fix accounting of pages when migrating (bsc#1222366). * mm,page_owner: Fix printing of stack records (bsc#1222366). * mm,page_owner: Fix refcount imbalance (bsc#1222366). * mm,page_owner: Update metadata for tail pages (bsc#1222366). * mm,page_owner: check for null stack_record before bumping its refcount (bsc#1222366). * mm,page_owner: drop unnecessary check (bsc#1222366). * mm,page_owner: fix recursion (bsc#1222366). * mm/vmalloc: huge vmalloc backing pages should be split rather than compound (bsc#1217829). * mmc: core: Avoid negative index with array access (git-fixes). * mmc: core: Fix switch on gp3 partition (git-fixes). * mmc: core: Initialize mmc_blk_ioc_data (git-fixes). * mmc: mmci: stm32: fix DMA API overlapping mappings warning (git-fixes). * mmc: mmci: stm32: use a buffer for unaligned DMA requests (git-fixes). * mmc: tmio: avoid concurrent runs of mmc_request_done() (git-fixes). * mmc: wmt-sdmmc: remove an incorrect release_mem_region() call in the .remove function (git-fixes). * mtd: maps: physmap-core: fix flash size larger than 32-bit (git-fixes). * mtd: rawnand: lpc32xx_mlc: fix irq handler prototype (git-fixes). * mtd: rawnand: meson: fix scrambling mode value in command macro (git-fixes). * nd_btt: Make BTT lanes preemptible (git-fixes). * net/bnx2x: Prevent access to a freed page in page_pool (bsc#1215322). * net/x25: fix incorrect parameter validation in the x25_getsockopt() function (git-fixes). * net: Fix features skip in for_each_netdev_feature() (git-fixes). * net: lan78xx: fix runtime PM count underflow on link stop (git-fixes). * net: ll_temac: platform_get_resource replaced by wrong function (git-fixes). * net: mana: Fix Rx DMA datasize and skb_over_panic (git-fixes). * net: phy: fix phy_get_internal_delay accessing an empty array (git-fixes). * net: sunrpc: Fix an off by one in rpc_sockaddr2uaddr() (git-fixes). * net: usb: ax88179_178a: avoid the interface always configured as random address (git-fixes). * nfc: nci: Fix uninit-value in nci_dev_up and nci_ntf_packet (git-fixes). * nfs: avoid spurious warning of lost lock that is being unlocked (bsc#1221791). * nfs: fix an off by one in root_nfs_cat() (git-fixes). * nfs: rename nfs_client_kset to nfs_kset (git-fixes). * nfsd: change LISTXATTRS cookie encoding to big-endian (git-fixes). * nfsd: convert the callback workqueue to use delayed_work (git-fixes). * nfsd: do not take fi_lock in nfsd_break_deleg_cb() (git-fixes). * nfsd: fix file memleak on client_opens_release (git-fixes). * nfsd: fix liSTXATTRS returning a short list with eof=TRUE (git-fixes). * nfsd: fix liSTXATTRS returning more bytes than maxcount (git-fixes). * nfsd: fix nfsd4_listxattr_validate_cookie (git-fixes). * nfsd: lock_rename() needs both directories to live on the same fs (git- fixes). * nfsd: reschedule CB operations when backchannel rpc_clnt is shut down (git- fixes). * nfsd: reset cb_seq_status after NFS4ERR_DELAY (git-fixes). * nfsd: retransmit callbacks after client reconnects (git-fixes). * nfsd: use vfs setgid helper (git-fixes). * nfsv4.1/pnfs: Ensure we handle the error NFS4ERR_RETURNCONFLICT (git-fixes). * nfsv4.1: fix SP4_MACH_CRED protection for pnfs IO (git-fixes). * nfsv4.1: fixup use EXCHGID4_FLAG_USE_PNFS_DS for DS server (git-fixes). * nfsv4.1: use EXCHGID4_FLAG_USE_PNFS_DS for DS server (git-fixes). * nfsv4.2: fix listxattr maximum XDR buffer size (git-fixes). * nfsv4.2: fix nfs4_listxattr kernel BUG at mm/usercopy.c:102 (git-fixes). * nfsv4.2: fix wrong shrinker_id (git-fixes). * nfsv4: fix a nfs4_state_manager() race (git-fixes). * nfsv4: fix a state manager thread deadlock regression (git-fixes). * nilfs2: fix failure to detect DAT corruption in btree and direct mappings (git-fixes). * nilfs2: prevent kernel bug at submit_bh_wbc() (git-fixes). * nouveau/dmem: handle kcalloc() allocation failure (git-fixes). * nouveau: reset the bo resource bus info after an eviction (git-fixes). * ntfs: fix use-after-free in ntfs_ucsncmp() (bsc#1221713). * nvdimm/namespace: drop nested variable in create_namespace_pmem() (git- fixes). * nvdimm: Allow overwrite in the presence of disabled dimms (git-fixes). * nvdimm: Fix badblocks clear off-by-one error (git-fixes). * nvdimm: Fix dereference after free in register_nvdimm_pmu() (git-fixes). * nvdimm: Fix firmware activation deadlock scenarios (git-fixes). * nvdimm: Fix memleak of pmu attr_groups in unregister_nvdimm_pmu() (git- fixes). * nvme-fc: do not wait in vain when unloading module (git-fixes). * nvme: fix reconnection fail due to reserved tag allocation (git-fixes). * nvmet-fc: abort command when there is no binding (git-fixes). * nvmet-fc: avoid deadlock on delete association path (git-fixes). * nvmet-fc: defer cleanup using RCU properly (git-fixes). * nvmet-fc: hold reference on hostport match (git-fixes). * nvmet-fc: release reference on target port (git-fixes). * nvmet-fc: take ref count on tgtport before delete assoc (git-fixes). * nvmet-fcloop: swap the list_add_tail arguments (git-fixes). * nvmet-tcp: fix nvme tcp ida memory leak (git-fixes). * pNFS/flexfiles: Check the layout validity in ff_layout_mirror_prepare_stats (git-fixes). * pNFS: Fix a hang in nfs4_evict_inode() (git-fixes). * pNFS: Fix the pnfs block driver's calculation of layoutget size (git-fixes). * pci/aer: Block runtime suspend when handling errors (git-fixes). * pci/aer: fix rootport attribute paths in ABI docs (git-fixes). * pci/aspm: use RMW accessors for changing LNKCTL (git-fixes). * pci/dpc: Quirk PIO log size for Intel Ice Lake Root Ports (git-fixes). * pci/dpc: Quirk PIO log size for Intel Raptor Lake Root Ports (git-fixes). * pci/dpc: Quirk PIO log size for certain Intel Root Ports (git-fixes). * pci/dpc: print all TLP Prefixes, not just the first (git-fixes). * pci/msi: prevent MSI hardware interrupt number truncation (bsc#1218777) * pci/p2pdma: Fix a sleeping issue in a RCU read section (git-fixes). * pci/pm: Drain runtime-idle callbacks before driver removal (git-fixes). * pci: Drop pci_device_remove() test of pci_dev->driver (git-fixes). * pci: add locking to RMW PCI Express Capability Register accessors (git- fixes). * pci: dwc: endpoint: Fix advertised resizable BAR size (git-fixes). * pci: dwc: endpoint: Fix dw_pcie_ep_raise_msix_irq() alignment support (git- fixes). * pci: dwc: fix a 64bit bug in dw_pcie_ep_raise_msix_irq() (git-fixes). * pci: fu740: Set the number of MSI vectors (git-fixes). * pci: lengthen reset delay for VideoPropulsion Torrent QN16e card (git- fixes). * pci: make link retraining use RMW accessors for changing LNKCTL (git-fixes). * pci: mark 3ware-9650SE Root Port Extended Tags as broken (git-fixes). * pci: mediatek-gen3: Fix translation window size calculation (git-fixes). * pci: mediatek: Clear interrupt status before dispatching handler (git- fixes). * pci: qcom: enable BDF to SID translation properly (git-fixes). * pci: qcom: use DWC helpers for modifying the read-only DBI registers (git- fixes). * pci: rockchip: Do not advertise MSI-X in PCIe capabilities (git-fixes). * pci: rockchip: Fix window mapping and address translation for endpoint (git- fixes). * pci: rockchip: Use 64-bit mask on MSI 64-bit PCI address (git-fixes). * pci: switchtec: Fix an error handling path in switchtec_pci_probe() (git- fixes). * pci_iounmap(): Fix MMIO mapping leak (git-fixes). * pinctrl: mediatek: Drop bogus slew rate register range for MT8192 (git- fixes). * platform/mellanox: mlxreg-hotplug: Remove redundant NULL-check (git-fixes). * pm: suspend: Set mem_sleep_current during kernel command line setup (git- fixes). * powerpc/64s: POWER10 CPU Kconfig build option (bsc#1194869). * powerpc/boot: Disable power10 features after BOOTAFLAGS assignment (bsc#1194869). * powerpc/boot: Fix boot wrapper code generation with CONFIG_POWER10_CPU (bsc#1194869). * powerpc/lib/sstep: Do not use __{get/put}_user() on kernel addresses (bsc#1194869). * powerpc/lib/sstep: Remove unneeded #ifdef **powerpc64** (bsc#1194869). * powerpc/lib/sstep: Use l1_dcache_bytes() instead of opencoding (bsc#1194869). * powerpc/lib/sstep: use truncate_if_32bit() (bsc#1194869). * powerpc/pseries/iommu: IOMMU table is not initialized for kdump over SR-IOV (bsc#1220492 ltc#205270). * powerpc/pseries/iommu: LPAR panics when rebooted with a frozen PE (bsc#1222011 ltc#205900). * powerpc/pseries: Fix potential memleak in papr_get_attr() (bsc#1200465 ltc#197256 jsc#SLE-18130 git-fixes). * powerpc/sstep: Use bitwise instead of arithmetic operator for flags (bsc#1194869). * powerpc: add compile-time support for lbarx, lharx (bsc#1194869). * pwm: mediatek: Update kernel doc for struct pwm_mediatek_of_data (git- fixes). * qedf: Do not process stag work during unload (bsc#1214852). * qedf: Wait for stag work during unload (bsc#1214852). * raid1: fix use-after-free for original bio in raid1_write_request() (bsc#1221097). * ras/amd/fmpm: Add debugfs interface to print record entries (jsc#PED-7619). * ras/amd/fmpm: Avoid NULL ptr deref in get_saved_records() (jsc#PED-7619). * ras/amd/fmpm: Fix build when debugfs is not enabled (jsc#PED-7619). * ras/amd/fmpm: Fix off by one when unwinding on error (jsc#PED-7619). * ras/amd/fmpm: Safely handle saved records of various sizes (jsc#PED-7619). * ras/amd/fmpm: Save SPA values (jsc#PED-7619). * ras: Avoid build errors when CONFIG_DEBUG_FS=n (git-fixes). * ras: Avoid build errors when CONFIG_DEBUG_FS=n (jsc#PED-7619). * ras: export helper to get ras_debugfs_dir (jsc#PED-7619). * rdma/cm: add timeout to cm_destroy_id wait (git-fixes) * rdma/device: Fix a race between mad_client and cm_client init (git-fixes) * rdma/hns: fix mis-modifying default congestion control algorithm (git-fixes) * rdma/ipoib: Fix error code return in ipoib_mcast_join (git-fixes) * rdma/irdma: Remove duplicate assignment (git-fixes) * rdma/mana_ib: Fix bug in creation of dma regions (git-fixes). * rdma/mlx5: fix fortify source warning while accessing Eth segment (git- fixes) * rdma/mlx5: relax DEVX access upon modify commands (git-fixes) * rdma/rtrs-clt: Check strnlen return len in sysfs mpath_policy_store() (git- fixes) * rdma/srpt: do not register event handler until srpt device is fully setup (git-fixes) * ring-buffer: Do not set shortest_full when full target is hit (git-fixes). * ring-buffer: Fix full_waiters_pending in poll (git-fixes). * ring-buffer: Fix resetting of shortest_full (git-fixes). * ring-buffer: Fix waking up ring buffer readers (git-fixes). * ring-buffer: Make wake once of ring_buffer_wait() more robust (git-fixes). * ring-buffer: Use wait_event_interruptible() in ring_buffer_wait() (git- fixes). * rtc: mt6397: select IRQ_DOMAIN instead of depending on it (git-fixes). * s390/pai: fix attr_event_free upper limit for pai device drivers (git-fixes bsc#1221633). * s390/vfio-ap: realize the VFIO_DEVICE_GET_IRQ_INFO ioctl (bsc#1205316). * s390/vfio-ap: realize the VFIO_DEVICE_SET_IRQS ioctl (bsc#1205316). * s390/vfio-ap: wire in the vfio_device_ops request callback (bsc#1205316). * s390/vtime: fix average steal time calculation (git-fixes bsc#1221951). * sched/rt: Disallow writing invalid values to sched_rt_period_us (bsc#1220176). * sched/rt: sysctl_sched_rr_timeslice show default timeslice after reset (bsc#1220176). * scsi: lpfc: Copyright updates for 14.4.0.1 patches (bsc#1221777). * scsi: lpfc: Correct size for cmdwqe/rspwqe for memset() (bsc#1221777). * scsi: lpfc: Correct size for wqe for memset() (bsc#1221777). * scsi: lpfc: Define lpfc_dmabuf type for ctx_buf ptr (bsc#1221777). * scsi: lpfc: Define lpfc_nodelist type for ctx_ndlp ptr (bsc#1221777). * scsi: lpfc: Define types in a union for generic void *context3 ptr (bsc#1221777). * scsi: lpfc: Move NPIV's transport unregistration to after resource clean up (bsc#1221777). * scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up() (bsc#1221777). * scsi: lpfc: Remove IRQF_ONESHOT flag from threaded IRQ handling (bsc#1221777 bsc#1217959). * scsi: lpfc: Remove unnecessary log message in queuecommand path (bsc#1221777). * scsi: lpfc: Replace hbalock with ndlp lock in lpfc_nvme_unregister_port() (bsc#1221777). * scsi: lpfc: Update lpfc version to 14.4.0.1 (bsc#1221777). * scsi: lpfc: Update lpfc_ramp_down_queue_handler() logic (bsc#1221777). * scsi: lpfc: Use a dedicated lock for ras_fwlog state (bsc#1221777). * scsi: qedf: Remove set but unused variable 'page' (bsc#1214852). * scsi: qedf: Remove unused 'num_handled' variable (bsc#1214852). * scsi: qedf: Remove unused declaration (bsc#1214852). * scsi: qla2xxx: Change debug message during driver unload (bsc1221816). * scsi: qla2xxx: Delay I/O Abort on PCI error (bsc1221816). * scsi: qla2xxx: Fix N2N stuck connection (bsc1221816). * scsi: qla2xxx: Fix command flush on cable pull (bsc1221816). * scsi: qla2xxx: Fix double free of fcport (bsc1221816). * scsi: qla2xxx: Fix double free of the ha->vp_map pointer (bsc1221816). * scsi: qla2xxx: NVME|FCP prefer flag not being honored (bsc1221816). * scsi: qla2xxx: Prevent command send on chip reset (bsc1221816). * scsi: qla2xxx: Split FCE|EFT trace control (bsc1221816). * scsi: qla2xxx: Update manufacturer detail (bsc1221816). * scsi: qla2xxx: Update version to 10.02.09.200-k (bsc1221816). * scsi: storvsc: Fix ring buffer size calculation (git-fixes). * scsi: target: core: Silence the message about unknown VPD pages (bsc#1221252). * selftests/bpf: add generic BPF program tester-loader (bsc#1222033). * serial: 8250_exar: Do not remove GPIO device on suspend (git-fixes). * serial: max310x: fix syntax error in IRQ error message (git-fixes). * slimbus: core: Remove usage of the deprecated ida_simple_xx() API (git- fixes). * soc: fsl: qbman: Always disable interrupts when taking cgr_lock (git-fixes). * spi: lm70llp: fix links in doc and comments (git-fixes). * spi: spi-mt65xx: Fix NULL pointer access in interrupt handler (git-fixes). * sr9800: Add check for usbnet_get_endpoints (git-fixes). * stackdepot: rename pool_index to pool_index_plus_1 (git-fixes). * staging: vc04_services: fix information leak in create_component() (git- fixes). * sunrpc: Add an IS_ERR() check back to where it was (git-fixes). * sunrpc: ECONNRESET might require a rebind (git-fixes). * sunrpc: Fix RPC client cleaned up the freed pipefs dentries (git-fixes). * sunrpc: Fix a suspicious RCU usage warning (git-fixes). * sunrpc: fix a memleak in gss_import_v2_context (git-fixes). * sunrpc: fix some memleaks in gssx_dec_option_array (git-fixes). * svcrdma: Drop connection after an RDMA Read error (git-fixes). * tracing/ring-buffer: Fix wait_on_pipe() race (git-fixes). * tracing: Have saved_cmdlines arrays all in one allocation (git-fixes). * tracing: Remove precision vsnprintf() check from print event (git-fixes). * tracing: Use .flush() call to wake up readers (git-fixes). * tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc (bsc#1222619). * tty: serial: fsl_lpuart: avoid idle preamble pending if CTS is enabled (git- fixes). * tty: serial: samsung: fix tx_empty() to return TIOCSER_TEMT (git-fixes). * tty: vt: fix 20 vs 0x20 typo in EScsiignore (git-fixes). * ubifs: Queue up space reservation tasks if retrying many times (git-fixes). * ubifs: Remove unreachable code in dbg_check_ltab_lnum (git-fixes). * ubifs: Set page uptodate in the correct place (git-fixes). * ubifs: dbg_check_idx_size: Fix kmemleak if loading znode failed (git-fixes). * ubifs: fix sort function prototype (git-fixes). * usb: audio-v2: Correct comments for struct uac_clock_selector_descriptor (git-fixes). * usb: cdc-wdm: close race between read and workqueue (git-fixes). * usb: core: Fix deadlock in usb_deauthorize_interface() (git-fixes). * usb: dwc2: gadget: Fix exiting from clock gating (git-fixes). * usb: dwc2: gadget: LPM flow fix (git-fixes). * usb: dwc2: host: Fix ISOC flow in DDMA mode (git-fixes). * usb: dwc2: host: Fix hibernation flow (git-fixes). * usb: dwc2: host: Fix remote wakeup from hibernation (git-fixes). * usb: dwc3: Properly set system wakeup (git-fixes). * usb: gadget: ncm: Fix handling of zero block length packets (git-fixes). * usb: gadget: net2272: Use irqflags in the call to net2272_probe_fin (git- fixes). * usb: port: Do not try to peer unused USB ports based on location (git- fixes). * usb: typec: Return size of buffer if pd_set operation succeeds (git-fixes). * usb: typec: ucsi: Check for notifications after init (git-fixes). * usb: typec: ucsi: Clean up UCSI_CABLE_PROP macros (git-fixes). * usb: typec: ucsi: Clear EVENT_PENDING under PPM lock (git-fixes). * usb: usb-storage: Prevent divide-by-0 error in isd200_ata_command (git- fixes). * usb: xhci: Add error handling in xhci_map_urb_for_dma (git-fixes). * vboxsf: Avoid an spurious warning if load_nls_xxx() fails (git-fixes). * vdpa/mlx5: Allow CVQ size changes (git-fixes). * vt: fix unicode buffer corruption when deleting characters (git-fixes). * watchdog: stm32_iwdg: initialize default timeout (git-fixes). * wifi: ath10k: fix NULL pointer dereference in ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() (git-fixes). * wifi: ath11k: decrease MHI channel buffer length to 8KB (bsc#1207948). * wifi: ath11k: initialize rx_mcs_80 and rx_mcs_160 before use (git-fixes). * wifi: ath9k: delay all of ath9k_wmi_event_tasklet() until init is complete (git-fixes). * wifi: b43: Disable QoS for bcm4331 (git-fixes). * wifi: b43: Stop correct queue in DMA worker when QoS is disabled (git- fixes). * wifi: b43: Stop/wake correct queue in DMA Tx path when QoS is disabled (git- fixes). * wifi: b43: Stop/wake correct queue in PIO Tx path when QoS is disabled (git- fixes). * wifi: brcmfmac: fix copyright year mentioned in platform_data header (git- fixes). * wifi: brcmsmac: avoid function pointer casts (git-fixes). * wifi: iwlwifi: dbg-tlv: ensure NUL termination (git-fixes). * wifi: iwlwifi: fix EWRD table validity check (git-fixes). * wifi: iwlwifi: fw: do not always use FW dump trig (git-fixes). * wifi: iwlwifi: mvm: do not set replay counters to 0xff (git-fixes). * wifi: iwlwifi: mvm: report beacon protection failures (git-fixes). * wifi: iwlwifi: mvm: rfi: fix potential response leaks (git-fixes). * wifi: iwlwifi: mvm: use FW rate for non-data only on new devices (git- fixes). * wifi: libertas: fix some memleaks in lbs_allocate_cmd_buffer() (git-fixes). * wifi: mwifiex: debugfs: Drop unnecessary error check for debugfs_create_dir() (git-fixes). * wifi: rtl8xxxu: add cancel_work_sync() for c2hcmd_work (git-fixes). * wifi: rtw88: 8821c: Fix false alarm count (git-fixes). * wifi: wilc1000: fix RCU usage in connect path (git-fixes). * wifi: wilc1000: fix declarations ordering (stable-fixes). * wifi: wilc1000: fix multi-vif management when deleting a vif (git-fixes). * wifi: wilc1000: prevent use-after-free on vif when cleaning up all interfaces (git-fixes). * x86/CPU/AMD: Update the Zenbleed microcode revisions (git-fixes). * x86/bugs: Fix the SRSO mitigation on Zen3/4 (git-fixes). * x86/fpu: Keep xfd_state in sync with MSR_IA32_XFD (git-fixes). * x86/xen: Add some null pointer checking to smp.c (git-fixes). * x86/xen: add CPU dependencies for 32-bit build (git-fixes). * x86/xen: fix percpu vcpu_info allocation (git-fixes). * xen-netback: properly sync TX responses (git-fixes). * xen-netfront: Add missing skb_mark_for_recycle (git-fixes). * xen/gntdev: Fix the abuse of underlying struct page in DMA-buf import (git- fixes). * xen/xenbus: document will_handle argument for xenbus_watch_path() (git- fixes). * xhci: handle isoc Babble and Buffer Overrun events properly (git-fixes). * xhci: process isoc TD properly when there was a transaction error mid TD (git-fixes). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-1490=1 openSUSE-SLE-15.5-2024-1490=1 * Public Cloud Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP5-2024-1490=1 ## Package List: * openSUSE Leap 15.5 (aarch64 x86_64) * kselftests-kmp-azure-debuginfo-5.14.21-150500.33.48.1 * ocfs2-kmp-azure-5.14.21-150500.33.48.1 * kernel-azure-debuginfo-5.14.21-150500.33.48.1 * gfs2-kmp-azure-debuginfo-5.14.21-150500.33.48.1 * cluster-md-kmp-azure-debuginfo-5.14.21-150500.33.48.1 * kernel-azure-devel-5.14.21-150500.33.48.1 * cluster-md-kmp-azure-5.14.21-150500.33.48.1 * dlm-kmp-azure-5.14.21-150500.33.48.1 * kernel-azure-extra-5.14.21-150500.33.48.1 * reiserfs-kmp-azure-debuginfo-5.14.21-150500.33.48.1 * kernel-azure-debugsource-5.14.21-150500.33.48.1 * kernel-azure-extra-debuginfo-5.14.21-150500.33.48.1 * kernel-syms-azure-5.14.21-150500.33.48.1 * reiserfs-kmp-azure-5.14.21-150500.33.48.1 * kernel-azure-optional-5.14.21-150500.33.48.1 * ocfs2-kmp-azure-debuginfo-5.14.21-150500.33.48.1 * dlm-kmp-azure-debuginfo-5.14.21-150500.33.48.1 * kernel-azure-livepatch-devel-5.14.21-150500.33.48.1 * kernel-azure-devel-debuginfo-5.14.21-150500.33.48.1 * kernel-azure-optional-debuginfo-5.14.21-150500.33.48.1 * gfs2-kmp-azure-5.14.21-150500.33.48.1 * kselftests-kmp-azure-5.14.21-150500.33.48.1 * openSUSE Leap 15.5 (aarch64 nosrc x86_64) * kernel-azure-5.14.21-150500.33.48.1 * openSUSE Leap 15.5 (x86_64) * kernel-azure-vdso-5.14.21-150500.33.48.1 * kernel-azure-vdso-debuginfo-5.14.21-150500.33.48.1 * openSUSE Leap 15.5 (noarch) * kernel-devel-azure-5.14.21-150500.33.48.1 * kernel-source-azure-5.14.21-150500.33.48.1 * Public Cloud Module 15-SP5 (aarch64 nosrc x86_64) * kernel-azure-5.14.21-150500.33.48.1 * Public Cloud Module 15-SP5 (aarch64 x86_64) * kernel-azure-devel-debuginfo-5.14.21-150500.33.48.1 * kernel-azure-debuginfo-5.14.21-150500.33.48.1 * kernel-syms-azure-5.14.21-150500.33.48.1 * kernel-azure-devel-5.14.21-150500.33.48.1 * kernel-azure-debugsource-5.14.21-150500.33.48.1 * Public Cloud Module 15-SP5 (noarch) * kernel-devel-azure-5.14.21-150500.33.48.1 * kernel-source-azure-5.14.21-150500.33.48.1 ## References: * https://www.suse.com/security/cve/CVE-2021-46925.html * https://www.suse.com/security/cve/CVE-2021-46926.html * https://www.suse.com/security/cve/CVE-2021-46927.html * https://www.suse.com/security/cve/CVE-2021-46929.html * https://www.suse.com/security/cve/CVE-2021-46930.html * https://www.suse.com/security/cve/CVE-2021-46931.html * https://www.suse.com/security/cve/CVE-2021-46933.html * https://www.suse.com/security/cve/CVE-2021-46936.html * https://www.suse.com/security/cve/CVE-2021-47082.html * https://www.suse.com/security/cve/CVE-2021-47087.html * https://www.suse.com/security/cve/CVE-2021-47091.html * https://www.suse.com/security/cve/CVE-2021-47093.html * https://www.suse.com/security/cve/CVE-2021-47094.html * https://www.suse.com/security/cve/CVE-2021-47095.html * https://www.suse.com/security/cve/CVE-2021-47096.html * https://www.suse.com/security/cve/CVE-2021-47097.html * https://www.suse.com/security/cve/CVE-2021-47098.html * https://www.suse.com/security/cve/CVE-2021-47099.html * https://www.suse.com/security/cve/CVE-2021-47100.html * https://www.suse.com/security/cve/CVE-2021-47101.html * https://www.suse.com/security/cve/CVE-2021-47102.html * https://www.suse.com/security/cve/CVE-2021-47104.html * https://www.suse.com/security/cve/CVE-2021-47105.html * https://www.suse.com/security/cve/CVE-2021-47107.html * https://www.suse.com/security/cve/CVE-2021-47108.html * https://www.suse.com/security/cve/CVE-2021-47181.html * https://www.suse.com/security/cve/CVE-2021-47182.html * https://www.suse.com/security/cve/CVE-2021-47183.html * https://www.suse.com/security/cve/CVE-2021-47185.html * https://www.suse.com/security/cve/CVE-2021-47189.html * https://www.suse.com/security/cve/CVE-2022-4744.html * https://www.suse.com/security/cve/CVE-2022-48626.html * https://www.suse.com/security/cve/CVE-2022-48629.html * https://www.suse.com/security/cve/CVE-2022-48630.html * https://www.suse.com/security/cve/CVE-2023-0160.html * https://www.suse.com/security/cve/CVE-2023-28746.html * https://www.suse.com/security/cve/CVE-2023-35827.html * https://www.suse.com/security/cve/CVE-2023-4881.html * https://www.suse.com/security/cve/CVE-2023-52447.html * https://www.suse.com/security/cve/CVE-2023-52450.html * https://www.suse.com/security/cve/CVE-2023-52453.html * https://www.suse.com/security/cve/CVE-2023-52454.html * https://www.suse.com/security/cve/CVE-2023-52469.html * https://www.suse.com/security/cve/CVE-2023-52470.html * https://www.suse.com/security/cve/CVE-2023-52474.html * https://www.suse.com/security/cve/CVE-2023-52476.html * https://www.suse.com/security/cve/CVE-2023-52477.html * https://www.suse.com/security/cve/CVE-2023-52481.html * https://www.suse.com/security/cve/CVE-2023-52484.html * https://www.suse.com/security/cve/CVE-2023-52486.html * https://www.suse.com/security/cve/CVE-2023-52488.html * https://www.suse.com/security/cve/CVE-2023-52492.html * https://www.suse.com/security/cve/CVE-2023-52493.html * https://www.suse.com/security/cve/CVE-2023-52494.html * https://www.suse.com/security/cve/CVE-2023-52497.html * https://www.suse.com/security/cve/CVE-2023-52500.html * https://www.suse.com/security/cve/CVE-2023-52501.html * https://www.suse.com/security/cve/CVE-2023-52502.html * https://www.suse.com/security/cve/CVE-2023-52503.html * https://www.suse.com/security/cve/CVE-2023-52504.html * https://www.suse.com/security/cve/CVE-2023-52507.html * https://www.suse.com/security/cve/CVE-2023-52508.html * https://www.suse.com/security/cve/CVE-2023-52509.html * https://www.suse.com/security/cve/CVE-2023-52510.html * https://www.suse.com/security/cve/CVE-2023-52511.html * https://www.suse.com/security/cve/CVE-2023-52513.html * https://www.suse.com/security/cve/CVE-2023-52515.html * https://www.suse.com/security/cve/CVE-2023-52517.html * https://www.suse.com/security/cve/CVE-2023-52518.html * https://www.suse.com/security/cve/CVE-2023-52519.html * https://www.suse.com/security/cve/CVE-2023-52520.html * https://www.suse.com/security/cve/CVE-2023-52523.html * https://www.suse.com/security/cve/CVE-2023-52524.html * https://www.suse.com/security/cve/CVE-2023-52525.html * https://www.suse.com/security/cve/CVE-2023-52528.html * https://www.suse.com/security/cve/CVE-2023-52529.html * https://www.suse.com/security/cve/CVE-2023-52532.html * https://www.suse.com/security/cve/CVE-2023-52561.html * https://www.suse.com/security/cve/CVE-2023-52563.html * https://www.suse.com/security/cve/CVE-2023-52564.html * https://www.suse.com/security/cve/CVE-2023-52566.html * https://www.suse.com/security/cve/CVE-2023-52567.html * https://www.suse.com/security/cve/CVE-2023-52569.html * https://www.suse.com/security/cve/CVE-2023-52574.html * https://www.suse.com/security/cve/CVE-2023-52575.html * https://www.suse.com/security/cve/CVE-2023-52576.html * https://www.suse.com/security/cve/CVE-2023-52582.html * https://www.suse.com/security/cve/CVE-2023-52583.html * https://www.suse.com/security/cve/CVE-2023-52587.html * https://www.suse.com/security/cve/CVE-2023-52591.html * https://www.suse.com/security/cve/CVE-2023-52594.html * https://www.suse.com/security/cve/CVE-2023-52595.html * https://www.suse.com/security/cve/CVE-2023-52597.html * https://www.suse.com/security/cve/CVE-2023-52598.html * https://www.suse.com/security/cve/CVE-2023-52599.html * https://www.suse.com/security/cve/CVE-2023-52600.html * https://www.suse.com/security/cve/CVE-2023-52601.html * https://www.suse.com/security/cve/CVE-2023-52602.html * https://www.suse.com/security/cve/CVE-2023-52603.html * https://www.suse.com/security/cve/CVE-2023-52604.html * https://www.suse.com/security/cve/CVE-2023-52605.html * https://www.suse.com/security/cve/CVE-2023-52606.html * https://www.suse.com/security/cve/CVE-2023-52607.html * https://www.suse.com/security/cve/CVE-2023-52608.html * https://www.suse.com/security/cve/CVE-2023-52612.html * https://www.suse.com/security/cve/CVE-2023-52615.html * https://www.suse.com/security/cve/CVE-2023-52617.html * https://www.suse.com/security/cve/CVE-2023-52619.html * https://www.suse.com/security/cve/CVE-2023-52621.html * https://www.suse.com/security/cve/CVE-2023-52623.html * https://www.suse.com/security/cve/CVE-2023-52627.html * https://www.suse.com/security/cve/CVE-2023-52628.html * https://www.suse.com/security/cve/CVE-2023-52632.html * https://www.suse.com/security/cve/CVE-2023-52636.html * https://www.suse.com/security/cve/CVE-2023-52637.html * https://www.suse.com/security/cve/CVE-2023-52639.html * https://www.suse.com/security/cve/CVE-2023-6356.html * https://www.suse.com/security/cve/CVE-2023-6535.html * https://www.suse.com/security/cve/CVE-2023-6536.html * https://www.suse.com/security/cve/CVE-2023-7042.html * https://www.suse.com/security/cve/CVE-2023-7192.html * https://www.suse.com/security/cve/CVE-2024-0841.html * https://www.suse.com/security/cve/CVE-2024-2201.html * https://www.suse.com/security/cve/CVE-2024-22099.html * https://www.suse.com/security/cve/CVE-2024-23307.html * https://www.suse.com/security/cve/CVE-2024-23850.html * https://www.suse.com/security/cve/CVE-2024-25739.html * https://www.suse.com/security/cve/CVE-2024-25742.html * https://www.suse.com/security/cve/CVE-2024-26599.html * https://www.suse.com/security/cve/CVE-2024-26600.html * https://www.suse.com/security/cve/CVE-2024-26602.html * https://www.suse.com/security/cve/CVE-2024-26612.html * https://www.suse.com/security/cve/CVE-2024-26614.html * https://www.suse.com/security/cve/CVE-2024-26620.html * https://www.suse.com/security/cve/CVE-2024-26627.html * https://www.suse.com/security/cve/CVE-2024-26629.html * https://www.suse.com/security/cve/CVE-2024-26642.html * https://www.suse.com/security/cve/CVE-2024-26645.html * https://www.suse.com/security/cve/CVE-2024-26646.html * https://www.suse.com/security/cve/CVE-2024-26651.html * https://www.suse.com/security/cve/CVE-2024-26654.html * https://www.suse.com/security/cve/CVE-2024-26659.html * https://www.suse.com/security/cve/CVE-2024-26660.html * https://www.suse.com/security/cve/CVE-2024-26664.html * https://www.suse.com/security/cve/CVE-2024-26667.html * https://www.suse.com/security/cve/CVE-2024-26670.html * https://www.suse.com/security/cve/CVE-2024-26680.html * https://www.suse.com/security/cve/CVE-2024-26681.html * https://www.suse.com/security/cve/CVE-2024-26684.html * https://www.suse.com/security/cve/CVE-2024-26685.html * https://www.suse.com/security/cve/CVE-2024-26689.html * https://www.suse.com/security/cve/CVE-2024-26695.html * https://www.suse.com/security/cve/CVE-2024-26696.html * https://www.suse.com/security/cve/CVE-2024-26697.html * https://www.suse.com/security/cve/CVE-2024-26704.html * https://www.suse.com/security/cve/CVE-2024-26717.html * https://www.suse.com/security/cve/CVE-2024-26718.html * https://www.suse.com/security/cve/CVE-2024-26722.html * https://www.suse.com/security/cve/CVE-2024-26727.html * https://www.suse.com/security/cve/CVE-2024-26733.html * https://www.suse.com/security/cve/CVE-2024-26736.html * https://www.suse.com/security/cve/CVE-2024-26737.html * https://www.suse.com/security/cve/CVE-2024-26743.html * https://www.suse.com/security/cve/CVE-2024-26744.html * https://www.suse.com/security/cve/CVE-2024-26745.html * https://www.suse.com/security/cve/CVE-2024-26747.html * https://www.suse.com/security/cve/CVE-2024-26749.html * https://www.suse.com/security/cve/CVE-2024-26751.html * https://www.suse.com/security/cve/CVE-2024-26754.html * https://www.suse.com/security/cve/CVE-2024-26760.html * https://www.suse.com/security/cve/CVE-2024-26763.html * https://www.suse.com/security/cve/CVE-2024-26766.html * https://www.suse.com/security/cve/CVE-2024-26769.html * https://www.suse.com/security/cve/CVE-2024-26771.html * https://www.suse.com/security/cve/CVE-2024-26776.html * https://www.suse.com/security/cve/CVE-2024-26779.html * https://www.suse.com/security/cve/CVE-2024-26787.html * https://www.suse.com/security/cve/CVE-2024-26790.html * https://www.suse.com/security/cve/CVE-2024-26793.html * https://www.suse.com/security/cve/CVE-2024-26798.html * https://www.suse.com/security/cve/CVE-2024-26805.html * https://www.suse.com/security/cve/CVE-2024-26807.html * https://www.suse.com/security/cve/CVE-2024-26848.html * https://bugzilla.suse.com/show_bug.cgi?id=1177529 * https://bugzilla.suse.com/show_bug.cgi?id=1192145 * https://bugzilla.suse.com/show_bug.cgi?id=1194869 * https://bugzilla.suse.com/show_bug.cgi?id=1200465 * https://bugzilla.suse.com/show_bug.cgi?id=1205316 * https://bugzilla.suse.com/show_bug.cgi?id=1207948 * https://bugzilla.suse.com/show_bug.cgi?id=1209635 * https://bugzilla.suse.com/show_bug.cgi?id=1209657 * https://bugzilla.suse.com/show_bug.cgi?id=1212514 * https://bugzilla.suse.com/show_bug.cgi?id=1213456 * https://bugzilla.suse.com/show_bug.cgi?id=1214852 * https://bugzilla.suse.com/show_bug.cgi?id=1215221 * https://bugzilla.suse.com/show_bug.cgi?id=1215322 * https://bugzilla.suse.com/show_bug.cgi?id=1217339 * https://bugzilla.suse.com/show_bug.cgi?id=1217829 * https://bugzilla.suse.com/show_bug.cgi?id=1217959 * https://bugzilla.suse.com/show_bug.cgi?id=1217987 * https://bugzilla.suse.com/show_bug.cgi?id=1217988 * https://bugzilla.suse.com/show_bug.cgi?id=1217989 * https://bugzilla.suse.com/show_bug.cgi?id=1218321 * https://bugzilla.suse.com/show_bug.cgi?id=1218336 * https://bugzilla.suse.com/show_bug.cgi?id=1218479 * https://bugzilla.suse.com/show_bug.cgi?id=1218643 * https://bugzilla.suse.com/show_bug.cgi?id=1218777 * https://bugzilla.suse.com/show_bug.cgi?id=1219126 * https://bugzilla.suse.com/show_bug.cgi?id=1219169 * https://bugzilla.suse.com/show_bug.cgi?id=1219170 * https://bugzilla.suse.com/show_bug.cgi?id=1219264 * https://bugzilla.suse.com/show_bug.cgi?id=1219834 * https://bugzilla.suse.com/show_bug.cgi?id=1220114 * https://bugzilla.suse.com/show_bug.cgi?id=1220176 * https://bugzilla.suse.com/show_bug.cgi?id=1220237 * https://bugzilla.suse.com/show_bug.cgi?id=1220251 * https://bugzilla.suse.com/show_bug.cgi?id=1220320 * https://bugzilla.suse.com/show_bug.cgi?id=1220337 * https://bugzilla.suse.com/show_bug.cgi?id=1220340 * https://bugzilla.suse.com/show_bug.cgi?id=1220365 * https://bugzilla.suse.com/show_bug.cgi?id=1220366 * https://bugzilla.suse.com/show_bug.cgi?id=1220398 * https://bugzilla.suse.com/show_bug.cgi?id=1220411 * https://bugzilla.suse.com/show_bug.cgi?id=1220413 * https://bugzilla.suse.com/show_bug.cgi?id=1220439 * https://bugzilla.suse.com/show_bug.cgi?id=1220443 * https://bugzilla.suse.com/show_bug.cgi?id=1220445 * https://bugzilla.suse.com/show_bug.cgi?id=1220466 * https://bugzilla.suse.com/show_bug.cgi?id=1220478 * https://bugzilla.suse.com/show_bug.cgi?id=1220482 * https://bugzilla.suse.com/show_bug.cgi?id=1220484 * https://bugzilla.suse.com/show_bug.cgi?id=1220486 * https://bugzilla.suse.com/show_bug.cgi?id=1220487 * https://bugzilla.suse.com/show_bug.cgi?id=1220492 * https://bugzilla.suse.com/show_bug.cgi?id=1220703 * https://bugzilla.suse.com/show_bug.cgi?id=1220775 * https://bugzilla.suse.com/show_bug.cgi?id=1220790 * https://bugzilla.suse.com/show_bug.cgi?id=1220797 * https://bugzilla.suse.com/show_bug.cgi?id=1220831 * https://bugzilla.suse.com/show_bug.cgi?id=1220833 * https://bugzilla.suse.com/show_bug.cgi?id=1220836 * https://bugzilla.suse.com/show_bug.cgi?id=1220839 * https://bugzilla.suse.com/show_bug.cgi?id=1220840 * https://bugzilla.suse.com/show_bug.cgi?id=1220843 * https://bugzilla.suse.com/show_bug.cgi?id=1220870 * https://bugzilla.suse.com/show_bug.cgi?id=1220871 * https://bugzilla.suse.com/show_bug.cgi?id=1220872 * https://bugzilla.suse.com/show_bug.cgi?id=1220878 * https://bugzilla.suse.com/show_bug.cgi?id=1220879 * https://bugzilla.suse.com/show_bug.cgi?id=1220883 * https://bugzilla.suse.com/show_bug.cgi?id=1220885 * https://bugzilla.suse.com/show_bug.cgi?id=1220887 * https://bugzilla.suse.com/show_bug.cgi?id=1220898 * https://bugzilla.suse.com/show_bug.cgi?id=1220901 * https://bugzilla.suse.com/show_bug.cgi?id=1220915 * https://bugzilla.suse.com/show_bug.cgi?id=1220918 * https://bugzilla.suse.com/show_bug.cgi?id=1220920 * https://bugzilla.suse.com/show_bug.cgi?id=1220921 * https://bugzilla.suse.com/show_bug.cgi?id=1220926 * https://bugzilla.suse.com/show_bug.cgi?id=1220927 * https://bugzilla.suse.com/show_bug.cgi?id=1220929 * https://bugzilla.suse.com/show_bug.cgi?id=1220932 * https://bugzilla.suse.com/show_bug.cgi?id=1220935 * https://bugzilla.suse.com/show_bug.cgi?id=1220937 * https://bugzilla.suse.com/show_bug.cgi?id=1220938 * https://bugzilla.suse.com/show_bug.cgi?id=1220940 * https://bugzilla.suse.com/show_bug.cgi?id=1220954 * https://bugzilla.suse.com/show_bug.cgi?id=1220955 * https://bugzilla.suse.com/show_bug.cgi?id=1220959 * https://bugzilla.suse.com/show_bug.cgi?id=1220960 * https://bugzilla.suse.com/show_bug.cgi?id=1220961 * https://bugzilla.suse.com/show_bug.cgi?id=1220965 * https://bugzilla.suse.com/show_bug.cgi?id=1220969 * https://bugzilla.suse.com/show_bug.cgi?id=1220978 * https://bugzilla.suse.com/show_bug.cgi?id=1220979 * https://bugzilla.suse.com/show_bug.cgi?id=1220981 * https://bugzilla.suse.com/show_bug.cgi?id=1220982 * https://bugzilla.suse.com/show_bug.cgi?id=1220983 * https://bugzilla.suse.com/show_bug.cgi?id=1220985 * https://bugzilla.suse.com/show_bug.cgi?id=1220986 * https://bugzilla.suse.com/show_bug.cgi?id=1220987 * https://bugzilla.suse.com/show_bug.cgi?id=1220989 * https://bugzilla.suse.com/show_bug.cgi?id=1220990 * https://bugzilla.suse.com/show_bug.cgi?id=1221009 * https://bugzilla.suse.com/show_bug.cgi?id=1221012 * https://bugzilla.suse.com/show_bug.cgi?id=1221015 * https://bugzilla.suse.com/show_bug.cgi?id=1221022 * https://bugzilla.suse.com/show_bug.cgi?id=1221039 * https://bugzilla.suse.com/show_bug.cgi?id=1221040 * https://bugzilla.suse.com/show_bug.cgi?id=1221044 * https://bugzilla.suse.com/show_bug.cgi?id=1221045 * https://bugzilla.suse.com/show_bug.cgi?id=1221046 * https://bugzilla.suse.com/show_bug.cgi?id=1221048 * https://bugzilla.suse.com/show_bug.cgi?id=1221055 * https://bugzilla.suse.com/show_bug.cgi?id=1221056 * https://bugzilla.suse.com/show_bug.cgi?id=1221058 * https://bugzilla.suse.com/show_bug.cgi?id=1221060 * https://bugzilla.suse.com/show_bug.cgi?id=1221061 * https://bugzilla.suse.com/show_bug.cgi?id=1221062 * https://bugzilla.suse.com/show_bug.cgi?id=1221066 * https://bugzilla.suse.com/show_bug.cgi?id=1221067 * https://bugzilla.suse.com/show_bug.cgi?id=1221068 * https://bugzilla.suse.com/show_bug.cgi?id=1221069 * https://bugzilla.suse.com/show_bug.cgi?id=1221070 * https://bugzilla.suse.com/show_bug.cgi?id=1221071 * https://bugzilla.suse.com/show_bug.cgi?id=1221077 * https://bugzilla.suse.com/show_bug.cgi?id=1221082 * https://bugzilla.suse.com/show_bug.cgi?id=1221090 * https://bugzilla.suse.com/show_bug.cgi?id=1221097 * https://bugzilla.suse.com/show_bug.cgi?id=1221156 * https://bugzilla.suse.com/show_bug.cgi?id=1221162 * https://bugzilla.suse.com/show_bug.cgi?id=1221252 * https://bugzilla.suse.com/show_bug.cgi?id=1221273 * https://bugzilla.suse.com/show_bug.cgi?id=1221274 * https://bugzilla.suse.com/show_bug.cgi?id=1221276 * https://bugzilla.suse.com/show_bug.cgi?id=1221277 * https://bugzilla.suse.com/show_bug.cgi?id=1221291 * https://bugzilla.suse.com/show_bug.cgi?id=1221293 * https://bugzilla.suse.com/show_bug.cgi?id=1221298 * https://bugzilla.suse.com/show_bug.cgi?id=1221337 * https://bugzilla.suse.com/show_bug.cgi?id=1221338 * https://bugzilla.suse.com/show_bug.cgi?id=1221375 * https://bugzilla.suse.com/show_bug.cgi?id=1221379 * https://bugzilla.suse.com/show_bug.cgi?id=1221551 * https://bugzilla.suse.com/show_bug.cgi?id=1221553 * https://bugzilla.suse.com/show_bug.cgi?id=1221613 * https://bugzilla.suse.com/show_bug.cgi?id=1221614 * https://bugzilla.suse.com/show_bug.cgi?id=1221616 * https://bugzilla.suse.com/show_bug.cgi?id=1221618 * https://bugzilla.suse.com/show_bug.cgi?id=1221631 * https://bugzilla.suse.com/show_bug.cgi?id=1221633 * https://bugzilla.suse.com/show_bug.cgi?id=1221713 * https://bugzilla.suse.com/show_bug.cgi?id=1221725 * https://bugzilla.suse.com/show_bug.cgi?id=1221777 * https://bugzilla.suse.com/show_bug.cgi?id=1221791 * https://bugzilla.suse.com/show_bug.cgi?id=1221814 * https://bugzilla.suse.com/show_bug.cgi?id=1221816 * https://bugzilla.suse.com/show_bug.cgi?id=1221830 * https://bugzilla.suse.com/show_bug.cgi?id=1221951 * https://bugzilla.suse.com/show_bug.cgi?id=1222011 * https://bugzilla.suse.com/show_bug.cgi?id=1222033 * https://bugzilla.suse.com/show_bug.cgi?id=1222051 * https://bugzilla.suse.com/show_bug.cgi?id=1222056 * https://bugzilla.suse.com/show_bug.cgi?id=1222060 * https://bugzilla.suse.com/show_bug.cgi?id=1222070 * https://bugzilla.suse.com/show_bug.cgi?id=1222073 * https://bugzilla.suse.com/show_bug.cgi?id=1222117 * https://bugzilla.suse.com/show_bug.cgi?id=1222247 * https://bugzilla.suse.com/show_bug.cgi?id=1222266 * https://bugzilla.suse.com/show_bug.cgi?id=1222274 * https://bugzilla.suse.com/show_bug.cgi?id=1222291 * https://bugzilla.suse.com/show_bug.cgi?id=1222300 * https://bugzilla.suse.com/show_bug.cgi?id=1222304 * https://bugzilla.suse.com/show_bug.cgi?id=1222317 * https://bugzilla.suse.com/show_bug.cgi?id=1222331 * https://bugzilla.suse.com/show_bug.cgi?id=1222355 * https://bugzilla.suse.com/show_bug.cgi?id=1222356 * https://bugzilla.suse.com/show_bug.cgi?id=1222360 * https://bugzilla.suse.com/show_bug.cgi?id=1222366 * https://bugzilla.suse.com/show_bug.cgi?id=1222373 * https://bugzilla.suse.com/show_bug.cgi?id=1222416 * https://bugzilla.suse.com/show_bug.cgi?id=1222422 * https://bugzilla.suse.com/show_bug.cgi?id=1222427 * https://bugzilla.suse.com/show_bug.cgi?id=1222428 * https://bugzilla.suse.com/show_bug.cgi?id=1222431 * https://bugzilla.suse.com/show_bug.cgi?id=1222437 * https://bugzilla.suse.com/show_bug.cgi?id=1222445 * https://bugzilla.suse.com/show_bug.cgi?id=1222449 * https://bugzilla.suse.com/show_bug.cgi?id=1222503 * https://bugzilla.suse.com/show_bug.cgi?id=1222520 * https://bugzilla.suse.com/show_bug.cgi?id=1222536 * https://bugzilla.suse.com/show_bug.cgi?id=1222549 * https://bugzilla.suse.com/show_bug.cgi?id=1222550 * https://bugzilla.suse.com/show_bug.cgi?id=1222557 * https://bugzilla.suse.com/show_bug.cgi?id=1222585 * https://bugzilla.suse.com/show_bug.cgi?id=1222586 * https://bugzilla.suse.com/show_bug.cgi?id=1222596 * https://bugzilla.suse.com/show_bug.cgi?id=1222609 * https://bugzilla.suse.com/show_bug.cgi?id=1222610 * https://bugzilla.suse.com/show_bug.cgi?id=1222619 * https://bugzilla.suse.com/show_bug.cgi?id=1222630 * https://bugzilla.suse.com/show_bug.cgi?id=1222632 * https://bugzilla.suse.com/show_bug.cgi?id=1222660 * https://bugzilla.suse.com/show_bug.cgi?id=1222662 * https://bugzilla.suse.com/show_bug.cgi?id=1222664 * https://bugzilla.suse.com/show_bug.cgi?id=1222669 * https://bugzilla.suse.com/show_bug.cgi?id=1222677 * https://bugzilla.suse.com/show_bug.cgi?id=1222678 * https://bugzilla.suse.com/show_bug.cgi?id=1222680 * https://bugzilla.suse.com/show_bug.cgi?id=1222706 * https://bugzilla.suse.com/show_bug.cgi?id=1222720 * https://bugzilla.suse.com/show_bug.cgi?id=1222724 * https://bugzilla.suse.com/show_bug.cgi?id=1222726 * https://bugzilla.suse.com/show_bug.cgi?id=1222727 * https://bugzilla.suse.com/show_bug.cgi?id=1222764 * https://bugzilla.suse.com/show_bug.cgi?id=1222772 * https://bugzilla.suse.com/show_bug.cgi?id=1222781 * https://bugzilla.suse.com/show_bug.cgi?id=1222784 * https://bugzilla.suse.com/show_bug.cgi?id=1222798 * https://bugzilla.suse.com/show_bug.cgi?id=1222801 * https://bugzilla.suse.com/show_bug.cgi?id=1222952 * https://bugzilla.suse.com/show_bug.cgi?id=1223030 * https://bugzilla.suse.com/show_bug.cgi?id=1223067 * https://bugzilla.suse.com/show_bug.cgi?id=1223068 * https://jira.suse.com/browse/PED-5759 * https://jira.suse.com/browse/PED-7167 * https://jira.suse.com/browse/PED-7619 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 6 08:30:05 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 06 May 2024 08:30:05 -0000 Subject: SUSE-SU-2024:1493-1: important: Security update for the Linux Kernel (Live Patch 42 for SLE 15 SP2) Message-ID: <171498420571.10143.12524225768092259800@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 42 for SLE 15 SP2) Announcement ID: SUSE-SU-2024:1493-1 Rating: important References: * bsc#1216644 * bsc#1219079 * bsc#1219435 Cross-References: * CVE-2023-5717 * CVE-2024-0775 * CVE-2024-1086 CVSS scores: * CVE-2023-5717 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-5717 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-0775 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-0775 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-1086 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-1086 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise Live Patching 15-SP2 * SUSE Linux Enterprise Live Patching 12-SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 An update that solves three vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.3.18-150200_24_169 fixes several issues. The following security issues were fixed: * CVE-2024-0775: Fixed a use-after-free flaw was found in the __ext4_remount in fs/ext4/super.c in ext4 (bsc#1219079). * CVE-2023-5717: Fixed a heap out-of-bounds write vulnerability perf component (bsc#1216644). * CVE-2024-1086: Fixed a use-after-free vulnerability related to nft_verdict_init() (bsc#1219435). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 12-SP5 zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2024-1493=1 SUSE-SLE-Live- Patching-12-SP5-2024-1494=1 * SUSE Linux Enterprise Live Patching 15-SP2 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP2-2024-1495=1 ## Package List: * SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64) * kgraft-patch-4_12_14-122_162-default-12-2.1 * kgraft-patch-4_12_14-122_165-default-11-2.1 * SUSE Linux Enterprise Live Patching 15-SP2 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150200_24_169-default-8-150200.2.1 * kernel-livepatch-SLE15-SP2_Update_42-debugsource-8-150200.2.1 * kernel-livepatch-5_3_18-150200_24_169-default-debuginfo-8-150200.2.1 ## References: * https://www.suse.com/security/cve/CVE-2023-5717.html * https://www.suse.com/security/cve/CVE-2024-0775.html * https://www.suse.com/security/cve/CVE-2024-1086.html * https://bugzilla.suse.com/show_bug.cgi?id=1216644 * https://bugzilla.suse.com/show_bug.cgi?id=1219079 * https://bugzilla.suse.com/show_bug.cgi?id=1219435 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 6 08:30:07 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 06 May 2024 08:30:07 -0000 Subject: SUSE-SU-2024:1491-1: important: Security update for the Linux Kernel RT (Live Patch 1 for SLE 15 SP5) Message-ID: <171498420715.10143.17493591832020276398@smelt2.prg2.suse.org> # Security update for the Linux Kernel RT (Live Patch 1 for SLE 15 SP5) Announcement ID: SUSE-SU-2024:1491-1 Rating: important References: * bsc#1219079 Cross-References: * CVE-2024-0775 CVSS scores: * CVE-2024-0775 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-0775 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_13_5 fixes one issue. The following security issue was fixed: * CVE-2024-0775: Fixed a use-after-free flaw was found in the __ext4_remount in fs/ext4/super.c in ext4 (bsc#1219079). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-1491=1 SUSE-SLE- Module-Live-Patching-15-SP5-2024-1492=1 * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-1492=1 SUSE-2024-1491=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP5 (x86_64) * kernel-livepatch-5_14_21-150500_11-rt-12-150500.3.1 * kernel-livepatch-5_14_21-150500_13_5-rt-11-150500.2.1 * kernel-livepatch-SLE15-SP5-RT_Update_1-debugsource-11-150500.2.1 * kernel-livepatch-5_14_21-150500_13_5-rt-debuginfo-11-150500.2.1 * kernel-livepatch-SLE15-SP5-RT_Update_0-debugsource-12-150500.3.1 * kernel-livepatch-5_14_21-150500_11-rt-debuginfo-12-150500.3.1 * openSUSE Leap 15.5 (x86_64) * kernel-livepatch-5_14_21-150500_11-rt-12-150500.3.1 * kernel-livepatch-5_14_21-150500_13_5-rt-11-150500.2.1 * kernel-livepatch-5_14_21-150500_13_5-rt-debuginfo-11-150500.2.1 * kernel-livepatch-SLE15-SP5-RT_Update_1-debugsource-11-150500.2.1 * kernel-livepatch-SLE15-SP5-RT_Update_0-debugsource-12-150500.3.1 * kernel-livepatch-5_14_21-150500_11-rt-debuginfo-12-150500.3.1 ## References: * https://www.suse.com/security/cve/CVE-2024-0775.html * https://bugzilla.suse.com/show_bug.cgi?id=1219079 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 6 08:30:10 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 06 May 2024 08:30:10 -0000 Subject: SUSE-SU-2024:1499-1: low: Security update for java-17-openjdk Message-ID: <171498421061.10143.16792918300737777727@smelt2.prg2.suse.org> # Security update for java-17-openjdk Announcement ID: SUSE-SU-2024:1499-1 Rating: low References: * bsc#1213470 * bsc#1222979 * bsc#1222983 * bsc#1222986 * bsc#1222987 Cross-References: * CVE-2024-21011 * CVE-2024-21012 * CVE-2024-21068 * CVE-2024-21094 CVSS scores: * CVE-2024-21011 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-21012 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2024-21068 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2024-21094 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves four vulnerabilities and has one security fix can now be installed. ## Description: This update for java-17-openjdk fixes the following issues: * CVE-2024-21011: Fixed denial of service due to long Exception message logging (JDK-8319851,bsc#1222979) * CVE-2024-21012: Fixed unauthorized data modification due HTTP/2 client improper reverse DNS lookup (JDK-8315708,bsc#1222987) * CVE-2024-21068: Fixed integer overflow in C1 compiler address generation (JDK-8322122,bsc#1222983) * CVE-2024-21094: Fixed unauthorized data modification due to C2 compilation failure with "Exceeded _node_regs array" (JDK-8317507,JDK-8325348,bsc#1222986) Other fixes: \- Update to upstream tag jdk-17.0.11+9 (April 2024 CPU) * Security fixes \+ JDK-8318340: Improve RSA key implementations * Other changes \+ JDK-6928542: Chinese characters in RTF are not decoded \+ JDK-7132796: [macosx] closed/javax/swing/JComboBox/4517214/ /bug4517214.java fails on MacOS \+ JDK-7148092: [macosx] When Alt+down arrow key is pressed, the combobox popup does not appear. \+ JDK-7167356: (javac) investigate failing tests in JavacParserTest \+ JDK-8054022: HttpURLConnection timeouts with Expect: 100-Continue and no chunking \+ JDK-8054572: [macosx] JComboBox paints the border incorrectly \+ JDK-8169475: WheelModifier.java fails by timeout \+ JDK-8205076: [17u] Inet6AddressImpl.c: `lookupIfLocalHost` accesses `int InetAddress.preferIPv6Address` as a boolean \+ JDK-8209595: MonitorVmStartTerminate.java timed out \+ JDK-8210410: Refactor java.util.Currency:i18n shell tests to plain java tests \+ JDK-8261404: Class.getReflectionFactory() is not thread-safe \+ JDK-8261837: SIGSEGV in ciVirtualCallTypeData::translate_from \+ JDK-8263256: Test java/net/Inet6Address/serialize/ /Inet6AddressSerializationTest.java fails due to dynamic reconfigurations of network interface during test \+ JDK-8269258: java/net/httpclient/ManyRequestsLegacy.java failed with connection timeout \+ JDK-8271118: C2: StressGCM should have higher priority than frequency-based policy \+ JDK-8271616: oddPart in MutableBigInteger::mutableModInverse contains info on final result \+ JDK-8272811: Document the effects of building with _GNU_SOURCE in os_posix.hpp \+ JDK-8272853: improve `JavadocTester.runTests` \+ JDK-8273454: C2: Transform (-a) _(-b) into a_ b \+ JDK-8274060: C2: Incorrect computation after JDK-8273454 \+ JDK-8274122: java/io/File/createTempFile/SpecialTempFile.java fails in Windows 11 \+ JDK-8274621: NullPointerException because listenAddress[0] is null \+ JDK-8274632: Possible pointer overflow in PretouchTask chunk claiming \+ JDK-8274634: Use String.equals instead of String.compareTo in java.desktop \+ JDK-8276125: RunThese24H.java SIGSEGV in JfrThreadGroup::thread_group_id \+ JDK-8278028: [test-library] Warnings cleanup of the test library \+ JDK-8278312: Update SimpleSSLContext keystore to use SANs for localhost IP addresses \+ JDK-8278363: Create extented container test groups \+ JDK-8280241: (aio) AsynchronousSocketChannel init fails in IPv6 only Windows env \+ JDK-8281377: Remove vmTestbase/nsk/monitoring/ThreadMXBean/ /ThreadInfo/Deadlock/JavaDeadlock001/TestDescription.java from problemlist. \+ JDK-8281543: Remove unused code/headerfile dtraceAttacher.hpp \+ JDK-8281585: Remove unused imports under test/lib and jtreg/gc \+ JDK-8283400: [macos] a11y : Screen magnifier does not reflect JRadioButton value change \+ JDK-8283626: AArch64: Set relocInfo::offset_unit to 4 \+ JDK-8283994: Make Xerces DatatypeException stackless \+ JDK-8286312: Stop mixing signed and unsigned types in bit operations \+ JDK-8286846: test/jdk/javax/swing/plaf/aqua/ /CustomComboBoxFocusTest.java fails on mac aarch64 \+ JDK-8287832: jdk/jfr/event/runtime/TestActiveSettingEvent.java failed with "Expected two batches of Active Setting events" \+ JDK-8288663: JFR: Disabling the JfrThreadSampler commits only a partially disabled state \+ JDK-8288846: misc tests fail "assert(ms < 1000) failed: Un-interruptable sleep, short time use only" \+ JDK-8289764: gc/lock tests failed with "OutOfMemoryError: Java heap space: failed reallocation of scalar replaced objects" \+ JDK-8290041: ModuleDescriptor.hashCode is inconsistent \+ JDK-8290203: ProblemList vmTestbase/nsk/jvmti/scenarios/ /capability/CM03/cm03t001/TestDescription.java on linux-all \+ JDK-8290399: [macos] Aqua LAF does not fire an action event if combo box menu is displayed \+ JDK-8292458: Atomic operations on scoped enums don't build with clang \+ JDK-8292946: GC lock/jni/jnilock001 test failed "assert(gch->gc_cause() == GCCause::_scavenge_alot || !gch->incremental_collection_failed()) failed: Twice in a row" \+ JDK-8293117: Add atomic bitset functions \+ JDK-8293547: Add relaxed add_and_fetch for macos aarch64 atomics \+ JDK-8294158: HTML formatting for PassFailJFrame instructions \+ JDK-8294254: [macOS] javax/swing/plaf/aqua/ /CustomComboBoxFocusTest.java failure \+ JDK-8294535: Add screen capture functionality to PassFailJFrame \+ JDK-8295068: SSLEngine throws NPE parsing CertificateRequests \+ JDK-8295124: Atomic::add to pointer type may return wrong value \+ JDK-8295274: HelidonAppTest.java fails "assert(event->should_commit()) failed: invariant" from compiled frame" \+ JDK-8296631: NSS tests failing on OL9 linux-aarch64 hosts \+ JDK-8297968: Crash in PrintOptoAssembly \+ JDK-8298087: XML Schema Validation reports an required attribute twice via ErrorHandler \+ JDK-8299494: Test vmTestbase/nsk/stress/except/except011.java failed: ExceptionInInitializerError: target class not found \+ JDK-8300269: The selected item in an editable JComboBox with titled border is not visible in Aqua LAF \+ JDK-8301306: java/net/httpclient/ _fail with -Xcomp \+ JDK-8301310: The SendRawSysexMessage test may cause a JVM crash \+ JDK-8301787: java/net/httpclient/SpecialHeadersTest failing after JDK-8301306 \+ JDK-8301846: Invalid TargetDataLine after screen lock when using JFileChooser or COM library \+ JDK-8302017: Allocate BadPaddingException only if it will be thrown \+ JDK-8302149: Speed up compiler/jsr292/methodHandleExceptions/ /TestAMEnotNPE.java \+ JDK-8303605: Memory leaks in Metaspace gtests \+ JDK-8304074: [JMX] Add an approximation of total bytes allocated on the Java heap by the JVM \+ JDK-8304696: Duplicate class names in dynamicArchive tests can lead to test failure \+ JDK-8305356: Fix ignored bad CompileCommands in tests \+ JDK-8305900: Use loopback IP addresses in security policy files of httpclient tests \+ JDK-8305906: HttpClient may use incorrect key when finding pooled HTTP/2 connection for IPv6 address \+ JDK-8305962: update jcstress to 0.16 \+ JDK-8305972: Update XML Security for Java to 3.0.2 \+ JDK-8306014: Update javax.net.ssl TLS tests to use SSLContextTemplate or SSLEngineTemplate \+ JDK-8306408: Fix the format of several tables in building.md \+ JDK-8307185: pkcs11 native libraries make JNI calls into java code while holding GC lock \+ JDK-8307926: Support byte-sized atomic bitset operations \+ JDK-8307955: Prefer to PTRACE_GETREGSET instead of PTRACE_GETREGS in method 'ps_proc.c::process_get_lwp_regs' \+ JDK-8307990: jspawnhelper must close its writing side of a pipe before reading from it \+ JDK-8308043: Deadlock in TestCSLocker.java due to blocking GC while allocating \+ JDK-8308245: Add -proc:full to describe current default annotation processing policy \+ JDK-8308336: Test java/net/HttpURLConnection/ /HttpURLConnectionExpectContinueTest.java failed: java.net.BindException: Address already in use \+ JDK-8309302: java/net/Socket/Timeouts.java fails with AssertionError on test temporal post condition \+ JDK-8309305: sun/security/ssl/SSLSocketImpl/ /BlockedAsyncClose.java fails with jtreg test timeout \+ JDK-8309462: [AIX] vmTestbase/nsk/jvmti/RunAgentThread/ /agentthr001/TestDescription.java crashing due to empty while loop \+ JDK-8309733: [macOS, Accessibility] VoiceOver: Incorrect announcements of JRadioButton \+ JDK-8309870: Using -proc:full should be considered requesting explicit annotation processing \+ JDK-8310106: sun.security.ssl.SSLHandshake .getHandshakeProducer() incorrectly checks handshakeConsumers \+ JDK-8310238: [test bug] javax/swing/JTableHeader/6889007/ /bug6889007.java fails \+ JDK-8310380: Handle problems in core-related tests on macOS when codesign tool does not work \+ JDK-8310631: test/jdk/sun/nio/cs/TestCharsetMapping.java is spuriously passing \+ JDK-8310807: java/nio/channels/DatagramChannel/Connect.java timed out \+ JDK-8310838: Correct range notations in MethodTypeDesc specification \+ JDK-8310844: [AArch64] C1 compilation fails because monitor offset in OSR buffer is too large for immediate \+ JDK-8310923: Refactor Currency tests to use JUnit \+ JDK-8311081: KeytoolReaderP12Test.java fail on localized Windows platform \+ JDK-8311160: [macOS, Accessibility] VoiceOver: No announcements on JRadioButtonMenuItem and JCheckBoxMenuItem \+ JDK-8311581: Remove obsolete code and comments in TestLVT.java \+ JDK-8311645: Memory leak in jspawnhelper spawnChild after JDK-8307990 \+ JDK-8311986: Disable runtime/os/TestTracePageSizes.java for ShenandoahGC \+ JDK-8312428: PKCS11 tests fail with NSS 3.91 \+ JDK-8312434: SPECjvm2008/xml.transform with CDS fails with "can't seal package nu.xom" \+ JDK-8313081: MonitoringSupport_lock should be unconditionally initialized after 8304074 \+ JDK-8313082: Enable CreateCoredumpOnCrash for testing in makefiles \+ JDK-8313206: PKCS11 tests silently skip execution \+ JDK-8313575: Refactor PKCS11Test tests \+ JDK-8313621: test/jdk/jdk/internal/math/FloatingDecimal/ /TestFloatingDecimal should use RandomFactory \+ JDK-8313643: Update HarfBuzz to 8.2.2 \+ JDK-8313816: Accessing jmethodID might lead to spurious crashes \+ JDK-8314164: java/net/HttpURLConnection/ /HttpURLConnectionExpectContinueTest.java fails intermittently in timeout \+ JDK-8314220: Configurable InlineCacheBuffer size \+ JDK-8314830: runtime/ErrorHandling/ tests ignore external VM flags \+ JDK-8315034: File.mkdirs() occasionally fails to create folders on Windows shared folder \+ JDK-8315042: NPE in PKCS7.parseOldSignedData \+ JDK-8315594: Open source few headless Swing misc tests \+ JDK-8315600: Open source few more headless Swing misc tests \+ JDK-8315602: Open source swing security manager test \+ JDK-8315611: Open source swing text/html and tree test \+ JDK-8315680: java/lang/ref/ReachabilityFenceTest.java should run with -Xbatch \+ JDK-8315731: Open source several Swing Text related tests \+ JDK-8315761: Open source few swing JList and JMenuBar tests \+ JDK-8315920: C2: "control input must dominate current control" assert failure \+ JDK-8315986: [macos14] javax/swing/JMenuItem/4654927/ /bug4654927.java: component must be showing on the screen to determine its location \+ JDK-8316001: GC: Make TestArrayAllocatorMallocLimit use createTestJvm \+ JDK-8316028: Update FreeType to 2.13.2 \+ JDK-8316030: Update Libpng to 1.6.40 \+ JDK-8316106: Open source few swing JInternalFrame and JMenuBar tests \+ JDK-8316304: (fs) Add support for BasicFileAttributes .creationTime() for Linux \+ JDK-8316392: compiler/interpreter/ /TestVerifyStackAfterDeopt.java failed with SIGBUS in PcDescContainer::find_pc_desc_internal \+ JDK-8316414: C2: large byte array clone triggers "failed: malformed control flow" assertion failure on linux-x86 \+ JDK-8316415: Parallelize sun/security/rsa/SignedObjectChain.java subtests \+ JDK-8316418: containers/docker/TestMemoryWithCgroupV1.java get OOM killed with Parallel GC \+ JDK-8316445: Mark com/sun/management/HotSpotDiagnosticMXBean/ /CheckOrigin.java as vm.flagless \+ JDK-8316679: C2 SuperWord: wrong result, load should not be moved before store if not comparable \+ JDK-8316693: Simplify at-requires checkDockerSupport() \+ JDK-8316929: Shenandoah: Shenandoah degenerated GC and full GC need to cleanup old OopMapCache entries \+ JDK-8316947: Write a test to check textArea triggers MouseEntered/MouseExited events properly \+ JDK-8317039: Enable specifying the JDK used to run jtreg \+ JDK-8317144: Exclude sun/security/pkcs11/sslecc/ /ClientJSSEServerJSSE.java on Linux ppc64le \+ JDK-8317307: test/jdk/com/sun/jndi/ldap/ /LdapPoolTimeoutTest.java fails with ConnectException: Connection timed out: no further information \+ JDK-8317603: Improve exception messages thrown by sun.nio.ch.Net native methods (win) \+ JDK-8317771: [macos14] Expand/collapse a JTree using keyboard freezes the application in macOS 14 Sonoma \+ JDK-8317807: JAVA_FLAGS removed from jtreg running in JDK-8317039 \+ JDK-8317960: [17u] Excessive CPU usage on AbstractQueuedSynchronized.isEnqueued \+ JDK-8318154: Improve stability of WheelModifier.java test \+ JDK-8318183: C2: VM may crash after hitting node limit \+ JDK-8318410: jdk/java/lang/instrument/BootClassPath/ /BootClassPathTest.sh fails on Japanese Windows \+ JDK-8318468: compiler/tiered/LevelTransitionTest.java fails with -XX:CompileThreshold=100 -XX:TieredStopAtLevel=1 \+ JDK-8318490: Increase timeout for JDK tests that are close to the limit when run with libgraal \+ JDK-8318603: Parallelize sun/java2d/marlin/ClipShapeTest.java \+ JDK-8318607: Enable parallelism in vmTestbase/nsk/stress/jni tests \+ JDK-8318608: Enable parallelism in vmTestbase/nsk/stress/threads tests \+ JDK-8318689: jtreg is confused when folder name is the same as the test name \+ JDK-8318736: com/sun/jdi/JdwpOnThrowTest.java failed with "transport error 202: bind failed: Address already in use" \+ JDK-8318951: Additional negative value check in JPEG decoding \+ JDK-8318955: Add ReleaseIntArrayElements in Java_sun_awt_X11_XlibWrapper_SetBitmapShape XlbWrapper.c to early return \+ JDK-8318957: Enhance agentlib:jdwp help output by info about allow option \+ JDK-8318961: increase javacserver connection timeout values and max retry attempts \+ JDK-8318971: Better Error Handling for Jar Tool When Processing Non- existent Files \+ JDK-8318983: Fix comment typo in PKCS12Passwd.java \+ JDK-8319124: Update XML Security for Java to 3.0.3 \+ JDK-8319213: Compatibility.java reads both stdout and stderr of JdkUtils \+ JDK-8319436: Proxy.newProxyInstance throws NPE if loader is null and interface not visible from class loader \+ JDK-8319456: jdk/jfr/event/gc/collection/ /TestGCCauseWith[Serial|Parallel].java : GC cause 'GCLocker Initiated GC' not in the valid causes \+ JDK-8319668: Fixup of jar filename typo in BadFactoryTest.sh \+ JDK-8319922: libCreationTimeHelper.so fails to link in JDK 21 \+ JDK-8319961: JvmtiEnvBase doesn't zero _ext_event_callbacks \+ JDK-8320001: javac crashes while adding type annotations to the return type of a constructor \+ JDK-8320168: handle setsocktopt return values \+ JDK-8320208: Update Public Suffix List to b5bf572 \+ JDK-8320300: Adjust hs_err output in malloc/mmap error cases \+ JDK-8320363: ppc64 TypeEntries::type_unknown logic looks wrong, missed optimization opportunity \+ JDK-8320597: RSA signature verification fails on signed data that does not encode params correctly \+ JDK-8320798: Console read line with zero out should zero out underlying buffer \+ JDK-8320885: Bump update version for OpenJDK: jdk-17.0.11 \+ JDK-8320921: GHA: Parallelize hotspot_compiler test jobs \+ JDK-8320937: support latest VS2022 MSC_VER in abstract_vm_version.cpp \+ JDK-8321151: JDK-8294427 breaks Windows L&F on all older Windows versions \+ JDK-8321215: Incorrect x86 instruction encoding for VSIB addressing mode \+ JDK-8321408: Add Certainly roots R1 and E1 \+ JDK-8321480: ISO 4217 Amendment 176 Update \+ JDK-8321599: Data loss in AVX3 Base64 decoding \+ JDK-8321815: Shenandoah: gc state should be synchronized to java threads only once per safepoint \+ JDK-8321972: test runtime/Unsafe/InternalErrorTest.java timeout on linux-riscv64 platform \+ JDK-8322098: os::Linux::print_system_memory_info enhance the THP output with /sys/kernel/mm/transparent_hugepage/hpage_pmd_size \+ JDK-8322321: Add man page doc for -XX:+VerifySharedSpaces \+ JDK-8322417: Console read line with zero out should zero out when throwing exception \+ JDK-8322583: RISC-V: Enable fast class initialization checks \+ JDK-8322725: (tz) Update Timezone Data to 2023d \+ JDK-8322750: Test "api/java_awt/interactive/ /SystemTrayTests.html" failed because A blue ball icon is added outside of the system tray \+ JDK-8322772: Clean up code after JDK-8322417 \+ JDK-8322783: prioritize /etc/os-release over /etc/SuSE-release in hs_err/info output \+ JDK-8322968: [17u] Amend Atomics gtest with 1-byte tests \+ JDK-8323008: filter out harmful -std_ flags added by autoconf from CXX \+ JDK-8323021: Shenandoah: Encountered reference count always attributed to first worker thread \+ JDK-8323086: Shenandoah: Heap could be corrupted by oom during evacuation \+ JDK-8323243: JNI invocation of an abstract instance method corrupts the stack \+ JDK-8323331: fix typo hpage_pdm_size \+ JDK-8323428: Shenandoah: Unused memory in regions compacted during a full GC should be mangled \+ JDK-8323515: Create test alias "all" for all test roots \+ JDK-8323637: Capture hotspot replay files in GHA \+ JDK-8323640: [TESTBUG]testMemoryFailCount in jdk/internal/platform/docker/TestDockerMemoryMetrics.java always fail because OOM killed \+ JDK-8323806: [17u] VS2017 build fails with warning after 8293117\. \+ JDK-8324184: Windows VS2010 build failed with "error C2275: 'int64_t'" \+ JDK-8324280: RISC-V: Incorrect implementation in VM_Version::parse_satp_mode \+ JDK-8324347: Enable "maybe-uninitialized" warning for FreeType 2.13.1 \+ JDK-8324514: ClassLoaderData::print_on should print address of class loader \+ JDK-8324647: Invalid test group of lib-test after JDK-8323515 \+ JDK-8324659: GHA: Generic jtreg errors are not reported \+ JDK-8324937: GHA: Avoid multiple test suites per job \+ JDK-8325096: Test java/security/cert/CertPathBuilder/akiExt/ /AKISerialNumber.java is failing \+ JDK-8325150: (tz) Update Timezone Data to 2024a \+ JDK-8325585: Remove no longer necessary calls to set/unset-in-asgct flag in JDK 17 \+ JDK-8326000: Remove obsolete comments for class sun.security.ssl.SunJSSE \+ JDK-8327036: [macosx- aarch64] SIGBUS in MarkActivationClosure::do_code_blob reached from Unsafe_CopySwapMemory0 \+ JDK-8327391: Add SipHash attribution file \+ JDK-8329836: [17u] Remove designator DEFAULT_PROMOTED_VERSION_PRE=ea for release 17.0.11 * Removed the possibility to use the system timezone-java (bsc#1213470). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-1499=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1499=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-1499=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-1499=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-1499=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-1499=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-1499=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-1499=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-1499=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-1499=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-1499=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * java-17-openjdk-17.0.11.0-150400.3.42.1 * java-17-openjdk-debugsource-17.0.11.0-150400.3.42.1 * java-17-openjdk-headless-debuginfo-17.0.11.0-150400.3.42.1 * java-17-openjdk-jmods-17.0.11.0-150400.3.42.1 * java-17-openjdk-debuginfo-17.0.11.0-150400.3.42.1 * java-17-openjdk-headless-17.0.11.0-150400.3.42.1 * java-17-openjdk-demo-17.0.11.0-150400.3.42.1 * java-17-openjdk-devel-17.0.11.0-150400.3.42.1 * java-17-openjdk-devel-debuginfo-17.0.11.0-150400.3.42.1 * java-17-openjdk-src-17.0.11.0-150400.3.42.1 * openSUSE Leap 15.4 (noarch) * java-17-openjdk-javadoc-17.0.11.0-150400.3.42.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * java-17-openjdk-17.0.11.0-150400.3.42.1 * java-17-openjdk-debugsource-17.0.11.0-150400.3.42.1 * java-17-openjdk-headless-debuginfo-17.0.11.0-150400.3.42.1 * java-17-openjdk-jmods-17.0.11.0-150400.3.42.1 * java-17-openjdk-debuginfo-17.0.11.0-150400.3.42.1 * java-17-openjdk-headless-17.0.11.0-150400.3.42.1 * java-17-openjdk-demo-17.0.11.0-150400.3.42.1 * java-17-openjdk-devel-17.0.11.0-150400.3.42.1 * java-17-openjdk-devel-debuginfo-17.0.11.0-150400.3.42.1 * java-17-openjdk-src-17.0.11.0-150400.3.42.1 * openSUSE Leap 15.5 (noarch) * java-17-openjdk-javadoc-17.0.11.0-150400.3.42.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * java-17-openjdk-17.0.11.0-150400.3.42.1 * java-17-openjdk-debugsource-17.0.11.0-150400.3.42.1 * java-17-openjdk-headless-debuginfo-17.0.11.0-150400.3.42.1 * java-17-openjdk-debuginfo-17.0.11.0-150400.3.42.1 * java-17-openjdk-headless-17.0.11.0-150400.3.42.1 * java-17-openjdk-demo-17.0.11.0-150400.3.42.1 * java-17-openjdk-devel-17.0.11.0-150400.3.42.1 * java-17-openjdk-devel-debuginfo-17.0.11.0-150400.3.42.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * java-17-openjdk-17.0.11.0-150400.3.42.1 * java-17-openjdk-debugsource-17.0.11.0-150400.3.42.1 * java-17-openjdk-headless-debuginfo-17.0.11.0-150400.3.42.1 * java-17-openjdk-debuginfo-17.0.11.0-150400.3.42.1 * java-17-openjdk-headless-17.0.11.0-150400.3.42.1 * java-17-openjdk-demo-17.0.11.0-150400.3.42.1 * java-17-openjdk-devel-17.0.11.0-150400.3.42.1 * java-17-openjdk-devel-debuginfo-17.0.11.0-150400.3.42.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * java-17-openjdk-17.0.11.0-150400.3.42.1 * java-17-openjdk-debugsource-17.0.11.0-150400.3.42.1 * java-17-openjdk-headless-debuginfo-17.0.11.0-150400.3.42.1 * java-17-openjdk-debuginfo-17.0.11.0-150400.3.42.1 * java-17-openjdk-headless-17.0.11.0-150400.3.42.1 * java-17-openjdk-demo-17.0.11.0-150400.3.42.1 * java-17-openjdk-devel-17.0.11.0-150400.3.42.1 * java-17-openjdk-devel-debuginfo-17.0.11.0-150400.3.42.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * java-17-openjdk-17.0.11.0-150400.3.42.1 * java-17-openjdk-debugsource-17.0.11.0-150400.3.42.1 * java-17-openjdk-headless-debuginfo-17.0.11.0-150400.3.42.1 * java-17-openjdk-debuginfo-17.0.11.0-150400.3.42.1 * java-17-openjdk-headless-17.0.11.0-150400.3.42.1 * java-17-openjdk-demo-17.0.11.0-150400.3.42.1 * java-17-openjdk-devel-17.0.11.0-150400.3.42.1 * java-17-openjdk-devel-debuginfo-17.0.11.0-150400.3.42.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * java-17-openjdk-17.0.11.0-150400.3.42.1 * java-17-openjdk-debugsource-17.0.11.0-150400.3.42.1 * java-17-openjdk-headless-debuginfo-17.0.11.0-150400.3.42.1 * java-17-openjdk-debuginfo-17.0.11.0-150400.3.42.1 * java-17-openjdk-headless-17.0.11.0-150400.3.42.1 * java-17-openjdk-demo-17.0.11.0-150400.3.42.1 * java-17-openjdk-devel-17.0.11.0-150400.3.42.1 * java-17-openjdk-devel-debuginfo-17.0.11.0-150400.3.42.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * java-17-openjdk-17.0.11.0-150400.3.42.1 * java-17-openjdk-debugsource-17.0.11.0-150400.3.42.1 * java-17-openjdk-headless-debuginfo-17.0.11.0-150400.3.42.1 * java-17-openjdk-debuginfo-17.0.11.0-150400.3.42.1 * java-17-openjdk-headless-17.0.11.0-150400.3.42.1 * java-17-openjdk-demo-17.0.11.0-150400.3.42.1 * java-17-openjdk-devel-17.0.11.0-150400.3.42.1 * java-17-openjdk-devel-debuginfo-17.0.11.0-150400.3.42.1 * SUSE Manager Proxy 4.3 (x86_64) * java-17-openjdk-17.0.11.0-150400.3.42.1 * java-17-openjdk-debugsource-17.0.11.0-150400.3.42.1 * java-17-openjdk-headless-debuginfo-17.0.11.0-150400.3.42.1 * java-17-openjdk-debuginfo-17.0.11.0-150400.3.42.1 * java-17-openjdk-headless-17.0.11.0-150400.3.42.1 * java-17-openjdk-demo-17.0.11.0-150400.3.42.1 * java-17-openjdk-devel-17.0.11.0-150400.3.42.1 * java-17-openjdk-devel-debuginfo-17.0.11.0-150400.3.42.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * java-17-openjdk-17.0.11.0-150400.3.42.1 * java-17-openjdk-debugsource-17.0.11.0-150400.3.42.1 * java-17-openjdk-headless-debuginfo-17.0.11.0-150400.3.42.1 * java-17-openjdk-debuginfo-17.0.11.0-150400.3.42.1 * java-17-openjdk-headless-17.0.11.0-150400.3.42.1 * java-17-openjdk-demo-17.0.11.0-150400.3.42.1 * java-17-openjdk-devel-17.0.11.0-150400.3.42.1 * java-17-openjdk-devel-debuginfo-17.0.11.0-150400.3.42.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * java-17-openjdk-17.0.11.0-150400.3.42.1 * java-17-openjdk-debugsource-17.0.11.0-150400.3.42.1 * java-17-openjdk-headless-debuginfo-17.0.11.0-150400.3.42.1 * java-17-openjdk-debuginfo-17.0.11.0-150400.3.42.1 * java-17-openjdk-headless-17.0.11.0-150400.3.42.1 * java-17-openjdk-demo-17.0.11.0-150400.3.42.1 * java-17-openjdk-devel-17.0.11.0-150400.3.42.1 * java-17-openjdk-devel-debuginfo-17.0.11.0-150400.3.42.1 ## References: * https://www.suse.com/security/cve/CVE-2024-21011.html * https://www.suse.com/security/cve/CVE-2024-21012.html * https://www.suse.com/security/cve/CVE-2024-21068.html * https://www.suse.com/security/cve/CVE-2024-21094.html * https://bugzilla.suse.com/show_bug.cgi?id=1213470 * https://bugzilla.suse.com/show_bug.cgi?id=1222979 * https://bugzilla.suse.com/show_bug.cgi?id=1222983 * https://bugzilla.suse.com/show_bug.cgi?id=1222986 * https://bugzilla.suse.com/show_bug.cgi?id=1222987 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 6 08:30:14 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 06 May 2024 08:30:14 -0000 Subject: SUSE-SU-2024:1498-1: low: Security update for java-11-openjdk Message-ID: <171498421485.10143.9829282394116072430@smelt2.prg2.suse.org> # Security update for java-11-openjdk Announcement ID: SUSE-SU-2024:1498-1 Rating: low References: * bsc#1213470 * bsc#1222979 * bsc#1222983 * bsc#1222984 * bsc#1222986 * bsc#1222987 Cross-References: * CVE-2024-21011 * CVE-2024-21012 * CVE-2024-21068 * CVE-2024-21085 * CVE-2024-21094 CVSS scores: * CVE-2024-21011 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-21012 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2024-21068 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2024-21085 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-21094 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.5 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 * SUSE Package Hub 15 15-SP5 An update that solves five vulnerabilities and has one security fix can now be installed. ## Description: This update for java-11-openjdk fixes the following issues: * CVE-2024-21011: Fixed denial of service due to long Exception message logging (JDK-8319851,bsc#1222979) * CVE-2024-21012: Fixed unauthorized data modification due HTTP/2 client improper reverse DNS lookup (JDK-8315708,bsc#1222987) * CVE-2024-21068: Fixed integer overflow in C1 compiler address generation (JDK-8322122,bsc#1222983) * CVE-2024-21085: Fixed denial of service due to Pack200 excessive memory allocation (JDK-8322114,bsc#1222984) * CVE-2024-21094: Fixed unauthorized data modification due to C2 compilation failure with "Exceeded _node_regs array" (JDK-8317507,JDK-8325348,bsc#1222986) Other fixes: \- Upgrade to upstream tag jdk-11.0.23+9 (April 2024 CPU) * Security fixes \+ JDK-8318340: Improve RSA key implementations * Other changes \+ JDK-6928542: Chinese characters in RTF are not decoded \+ JDK-7132796: [macosx] closed/javax/swing/JComboBox/4517214/ /bug4517214.java fails on MacOS \+ JDK-7148092: [macosx] When Alt+down arrow key is pressed, the combobox popup does not appear. \+ JDK-8054022: HttpURLConnection timeouts with Expect: 100-Continue and no chunking \+ JDK-8054572: [macosx] JComboBox paints the border incorrectly \+ JDK-8058176: [mlvm] tests should not allow code cache exhaustion \+ JDK-8067651: LevelTransitionTest.java, fix trivial methods levels logic \+ JDK-8068225: nsk/jdi/EventQueue/remove_l/remove_l005 intermittently times out \+ JDK-8156889: ListKeychainStore.sh fails in some virtualized environments \+ JDK-8166275: vm/mlvm/meth/stress/compiler/deoptimize keeps timeouting \+ JDK-8166554: Avoid compilation blocking in OverloadCompileQueueTest.java \+ JDK-8169475: WheelModifier.java fails by timeout \+ JDK-8180266: Convert sun/security/provider/KeyStore/DKSTest.sh to Java Jtreg Test \+ JDK-8186610: move ModuleUtils to top-level testlibrary \+ JDK-8192864: defmeth tests can hide failures \+ JDK-8193543: Regression automated test '/open/test/jdk/java/ /awt/TrayIcon/SystemTrayInstance/SystemTrayInstanceTest.java' fails \+ JDK-8198668: MemoryPoolMBean/isUsageThresholdExceeded/ /isexceeded001/TestDescription.java still failing \+ JDK-8202282: [TESTBUG] appcds TestCommon .makeCommandLineForAppCDS() can be removed \+ JDK-8202790: DnD test DisposeFrameOnDragTest.java does not clean up \+ JDK-8202931: [macos] java/awt/Choice/ChoicePopupLocation/ /ChoicePopupLocation.java fails \+ JDK-8207211: [TESTBUG] Remove excessive output from CDS/AppCDS tests \+ JDK-8207214: Broken links in JDK API serialized-form page \+ JDK-8207855: Make applications/jcstress invoke tests in batches \+ JDK-8208243: vmTestbase/gc/lock/jni/jnilock002/ /TestDescription.java fails in jdk/hs nightly \+ JDK-8208278: [mlvm] [TESTBUG] vm.mlvm.mixed.stress.java .findDeadlock.INDIFY_Test Deadlocked threads are not always detected \+ JDK-8208623: [TESTBUG] runtime/LoadClass/LongBCP.java fails in AUFS file system \+ JDK-8208699: remove unneeded imports from runtime tests \+ JDK-8208704: runtime/appcds/MultiReleaseJars.java timed out often in hs-tier7 testing \+ JDK-8208705: [TESTBUG] The -Xlog:cds,cds+hashtables vm option is not always required for appcds tests \+ JDK-8209549: remove VMPropsExt from TEST.ROOT \+ JDK-8209595: MonitorVmStartTerminate.java timed out \+ JDK-8209946: [TESTBUG] CDS tests should use "@run driver" \+ JDK-8211438: [Testbug] runtime/XCheckJniJsig/XCheckJSig.java looks for libjsig in wrong location \+ JDK-8211978: Move testlibrary/jdk/testlibrary/ /SimpleSSLContext.java and testkeys to network testlibrary \+ JDK-8213622: Windows VS2013 build failure - "'snprintf': identifier not found" \+ JDK-8213926: WB_EnqueueInitializerForCompilation requests compilation for NULL \+ JDK-8213927: G1 ignores AlwaysPreTouch when UseTransparentHugePages is enabled \+ JDK-8214908: add ctw tests for jdk.jfr and jdk.management.jfr modules \+ JDK-8214915: CtwRunner misses export for jdk.internal.access \+ JDK-8216408: XMLStreamWriter setDefaultNamespace(null) throws NullPointerException \+ JDK-8217475: Unexpected StackOverflowError in "process reaper" thread \+ JDK-8218754: JDK-8068225 regression in JDIBreakpointTest \+ JDK-8219475: javap man page needs to be updated \+ JDK-8219585: [TESTBUG] sun/management/jmxremote/bootstrap/ /JMXInterfaceBindingTest.java passes trivially when it shouldn't \+ JDK-8219612: [TESTBUG] compiler.codecache.stress.Helper .TestCaseImpl can't be defined in different runtime package as its nest host \+ JDK-8225471: Test utility jdk.test.lib.util.FileUtils .areAllMountPointsAccessible needs to tolerate duplicates \+ JDK-8226706: (se) Reduce the number of outer loop iterations on Windows in java/nio/channels/Selector/RacyDeregister.java \+ JDK-8226905: unproblem list applications/ctw/modules/ _tests on windows \+ JDK-8226910: make it possible to use jtreg 's -match via run-test framework \+ JDK-8227438: [TESTLIB] Determine if file exists by Files.exists in function FileUtils.deleteFileIfExistsWithRetry \+ JDK-8231585: java/lang/management/ThreadMXBean/ /MaxDepthForThreadInfoTest.java fails with java.lang.NullPointerException \+ JDK-8232839: JDI AfterThreadDeathTest.java failed due to "FAILED: Did not get expected IllegalThreadStateException on a StepRequest.enable()" \+ JDK-8233453: MLVM deoptimize stress test timed out \+ JDK-8234309: LFGarbageCollectedTest.java fails with parse Exception \+ JDK-8237222: [macos] java/awt/Focus/UnaccessibleChoice/ /AccessibleChoiceTest.java fails \+ JDK-8237777: "Dumping core ..." is shown despite claiming that "# No core dump will be written." \+ JDK-8237834: com/sun/jndi/ldap/LdapDnsProviderTest.java failing with LDAP response read timeout \+ JDK-8238274: (sctp) JDK-7118373 is not fixed for SctpChannel \+ JDK-8239801: [macos] java/awt/Focus/UnaccessibleChoice/ /AccessibleChoiceTest.java fails \+ JDK-8244679: JVM/TI GetCurrentContendedMonitor/contmon001 failed due to "(IsSameObject#3) unexpected monitor object: 0x000000562336DBA8" \+ JDK-8246222: Rename javac test T6395981.java to be more informative \+ JDK-8247818: GCC 10 warning stringop- overflow with symbol code \+ JDK-8249087: Always initialize _body[0..1] in Symbol constructor \+ JDK-8251349: Add TestCaseImpl to OverloadCompileQueueTest.java's build dependencies \+ JDK-8251904: vmTestbase/nsk/sysdict/vm/stress/btree/btree010/ /btree010.java fails with ClassNotFoundException: nsk.sysdict.share.BTree0LLRLRLRRLR \+ JDK-8253543: sanity/client/SwingSet/src/ /ButtonDemoScreenshotTest.java failed with "AssertionError: All pixels are not black" \+ JDK-8253739: java/awt/image/MultiResolutionImage/ /MultiResolutionImageObserverTest.java fails \+ JDK-8253820: Save test images and dumps with timestamps from client sanity suite \+ JDK-8255277: randomDelay in DrainDeadlockT and LoggingDeadlock do not randomly delay \+ JDK-8255546: Missing coverage for javax.smartcardio.CardPermission and ResponseAPDU \+ JDK-8255743: Relax SIGFPE match in in runtime/ErrorHandling/SecondaryErrorTest.java \+ JDK-8257505: nsk/share/test/StressOptions stressTime is scaled in getter but not when printed \+ JDK-8259801: Enable XML Signature secure validation mode by default \+ JDK-8264135: UnsafeGetStableArrayElement should account for different JIT implementation details \+ JDK-8265349: vmTestbase/../stress/compiler/deoptimize/ /Test.java fails with OOME due to CodeCache exhaustion. \+ JDK-8269025: jsig/Testjsig.java doesn't check exit code \+ JDK-8269077: TestSystemGC uses "require vm.gc.G1" for large pages subtest \+ JDK-8271094: runtime/duplAttributes/DuplAttributesTest.java doesn't check exit code \+ JDK-8271224: runtime/EnclosingMethodAttr/EnclMethodAttr.java doesn't check exit code \+ JDK-8271828: mark hotspot runtime/classFileParserBug tests which ignore external VM flags \+ JDK-8271829: mark hotspot runtime/Throwable tests which ignore external VM flags \+ JDK-8271890: mark hotspot runtime/Dictionary tests which ignore external VM flags \+ JDK-8272291: mark hotspot runtime/logging tests which ignore external VM flags \+ JDK-8272335: runtime/cds/appcds/MoveJDKTest.java doesn't check exit codes \+ JDK-8272551: mark hotspot runtime/modules tests which ignore external VM flags \+ JDK-8272552: mark hotspot runtime/cds tests which ignore external VM flags \+ JDK-8273803: Zero: Handle "zero" variant in CommandLineOptionTest.java \+ JDK-8274122: java/io/File/createTempFile/SpecialTempFile.java fails in Windows 11 \+ JDK-8274621: NullPointerException because listenAddress[0] is null \+ JDK-8276796: gc/TestSystemGC.java large pages subtest fails with ZGC \+ JDK-8280007: Enable Neoverse N1 optimizations for Arm Neoverse V1 & N2 \+ JDK-8281149: (fs) java/nio/file/FileStore/Basic.java fails with java.lang.RuntimeException: values differ by more than 1GB \+ JDK-8281377: Remove vmTestbase/nsk/monitoring/ThreadMXBean/ /ThreadInfo/Deadlock/JavaDeadlock001/TestDescription.java from problemlist. \+ JDK-8281717: Cover logout method for several LoginModule \+ JDK-8282665: [REDO] ByteBufferTest.java: replace endless recursion with RuntimeException in void ck(double x, double y) \+ JDK-8284090: com/sun/security/auth/module/AllPlatforms.java fails to compile \+ JDK-8285756: clean up use of bad arguments for `@clean` in langtools tests \+ JDK-8285785: CheckCleanerBound test fails with PasswordCallback object is not released \+ JDK-8285867: Convert applet manual tests SelectionVisible.java to Frame and automate \+ JDK-8286846: test/jdk/javax/swing/plaf/aqua/ /CustomComboBoxFocusTest.java fails on mac aarch64 \+ JDK-8286969: Add a new test library API to execute kinit in SecurityTools.java \+ JDK-8287113: JFR: Periodic task thread uses period for method sampling events \+ JDK-8289511: Improve test coverage for XPath Axes: child \+ JDK-8289764: gc/lock tests failed with "OutOfMemoryError: Java heap space: failed reallocation of scalar replaced objects" \+ JDK-8289948: Improve test coverage for XPath functions: Node Set Functions \+ JDK-8290399: [macos] Aqua LAF does not fire an action event if combo box menu is displayed \+ JDK-8290909: MemoryPoolMBean/isUsageThresholdExceeded tests failed with "isUsageThresholdExceeded() returned false, and is still false, while threshold = MMMMMMM and used peak = NNNNNNN" \+ JDK-8292182: [TESTLIB] Enhance JAXPPolicyManager to setup required permissions for jtreg version 7 jar \+ JDK-8292946: GC lock/jni/jnilock001 test failed "assert(gch->gc_cause() == GCCause::_scavenge_alot || !gch->incremental_collection_failed()) failed: Twice in a row" \+ JDK-8293819: sun/util/logging/PlatformLoggerTest.java failed with "RuntimeException: Retrieved backing PlatformLogger level null is not the expected CONFIG" \+ JDK-8294158: HTML formatting for PassFailJFrame instructions \+ JDK-8294254: [macOS] javax/swing/plaf/aqua/ /CustomComboBoxFocusTest.java failure \+ JDK-8294402: Add diagnostic logging to VMProps.checkDockerSupport \+ JDK-8294535: Add screen capture functionality to PassFailJFrame \+ JDK-8296083: javax/swing/JTree/6263446/bug6263446.java fails intermittently on a VM \+ JDK-8296384: [TESTBUG] sun/security/provider/SecureRandom/ /AbstractDrbg/SpecTest.java intermittently timeout \+ JDK-8299494: Test vmTestbase/nsk/stress/except/except011.java failed: ExceptionInInitializerError: target class not found \+ JDK-8300269: The selected item in an editable JComboBox with titled border is not visible in Aqua LAF \+ JDK-8300727: java/awt/List/ListGarbageCollectionTest/ /AwtListGarbageCollectionTest.java failed with "List wasn't garbage collected" \+ JDK-8301310: The SendRawSysexMessage test may cause a JVM crash \+ JDK-8301377: adjust timeout for JLI GetObjectSizeIntrinsicsTest.java subtest again \+ JDK-8301846: Invalid TargetDataLine after screen lock when using JFileChooser or COM library \+ JDK-8302017: Allocate BadPaddingException only if it will be thrown \+ JDK-8302109: Trivial fixes to btree tests \+ JDK-8302149: Speed up compiler/jsr292/methodHandleExceptions/TestAMEnotNPE.java \+ JDK-8302607: increase timeout for ContinuousCallSiteTargetChange.java \+ JDK-8304074: [JMX] Add an approximation of total bytes allocated on the Java heap by the JVM \+ JDK-8304314: StackWalkTest.java fails after CODETOOLS-7903373 \+ JDK-8304725: AsyncGetCallTrace can cause SIGBUS on M1 \+ JDK-8305502: adjust timeouts in three more M&M tests \+ JDK-8305505: NPE in javazic compiler \+ JDK-8305972: Update XML Security for Java to 3.0.2 \+ JDK-8306072: Open source several AWT MouseInfo related tests \+ JDK-8306076: Open source AWT misc tests \+ JDK-8306409: Open source AWT KeyBoardFocusManger, LightWeightComponent related tests \+ JDK-8306640: Open source several AWT TextArea related tests \+ JDK-8306652: Open source AWT MenuItem related tests \+ JDK-8306681: Open source more AWT DnD related tests \+ JDK-8306683: Open source several clipboard and color AWT tests \+ JDK-8306752: Open source several container and component AWT tests \+ JDK-8306753: Open source several container AWT tests \+ JDK-8306755: Open source few Swing JComponent and AbstractButton tests \+ JDK-8306812: Open source several AWT Miscellaneous tests \+ JDK-8306871: Open source more AWT Drag & Drop tests \+ JDK-8306996: Open source Swing MenuItem related tests \+ JDK-8307123: Fix deprecation warnings in DPrinter \+ JDK-8307130: Open source few Swing JMenu tests \+ JDK-8307299: Move more DnD tests to open \+ JDK-8307311: Timeouts on one macOS 12.6.1 host of two Swing JTableHeader tests \+ JDK-8307381: Open Source JFrame, JIF related Swing Tests \+ JDK-8307683: Loop Predication should not hoist range checks with trap on success projection by negating their condition \+ JDK-8308043: Deadlock in TestCSLocker.java due to blocking GC while allocating \+ JDK-8308116: jdk.test.lib.compiler.InMemoryJavaCompiler .compile does not close files \+ JDK-8308223: failure handler missed jcmd.vm.info command \+ JDK-8308232: nsk/jdb tests don't pass -verbose flag to the debuggee \+ JDK-8308245: Add -proc:full to describe current default annotation processing policy \+ JDK-8308336: Test java/net/HttpURLConnection/ /HttpURLConnectionExpectContinueTest.java failed: java.net.BindException: Address already in use \+ JDK-8309104: [JVMCI] compiler/unsafe/ /UnsafeGetStableArrayElement test asserts wrong values with Graal \+ JDK-8309119: [17u/11u] Redo JDK-8297951: C2: Create skeleton predicates for all If nodes in loop predication \+ JDK-8309462: [AIX] vmTestbase/nsk/jvmti/RunAgentThread/ /agentthr001/TestDescription.java crashing due to empty while loop \+ JDK-8309778: java/nio/file/Files/CopyAndMove.java fails when using second test directory \+ JDK-8309870: Using -proc:full should be considered requesting explicit annotation processing \+ JDK-8310106: sun.security.ssl.SSLHandshake .getHandshakeProducer() incorrectly checks handshakeConsumers \+ JDK-8310238: [test bug] javax/swing/JTableHeader/6889007/ /bug6889007.java fails \+ JDK-8310551: vmTestbase/nsk/jdb/interrupt/interrupt001/ /interrupt001.java timed out due to missing prompt \+ JDK-8310807: java/nio/channels/DatagramChannel/Connect.java timed out \+ JDK-8311081: KeytoolReaderP12Test.java fail on localized Windows platform \+ JDK-8311511: Improve description of NativeLibrary JFR event \+ JDK-8311585: Add JRadioButtonMenuItem to bug8031573.java \+ JDK-8313081: MonitoringSupport_lock should be unconditionally initialized after 8304074 \+ JDK-8313082: Enable CreateCoredumpOnCrash for testing in makefiles \+ JDK-8313164: src/java.desktop/windows/native/libawt/windows/ /awt_Robot.cpp GetRGBPixels adjust releasing of resources \+ JDK-8313252: Java_sun_awt_windows_ThemeReader_paintBackground release resources in early returns \+ JDK-8313643: Update HarfBuzz to 8.2.2 \+ JDK-8313816: Accessing jmethodID might lead to spurious crashes \+ JDK-8314144: gc/g1/ihop/TestIHOPStatic.java fails due to extra concurrent mark with -Xcomp \+ JDK-8314164: java/net/HttpURLConnection/ /HttpURLConnectionExpectContinueTest.java fails intermittently in timeout \+ JDK-8314883: Java_java_util_prefs_FileSystemPreferences_lockFile0 write result errno in missing case \+ JDK-8315034: File.mkdirs() occasionally fails to create folders on Windows shared folder \+ JDK-8315042: NPE in PKCS7.parseOldSignedData \+ JDK-8315415: OutputAnalyzer.shouldMatchByLine() fails in some cases \+ JDK-8315499: build using devkit on Linux ppc64le RHEL puts path to devkit into libsplashscreen \+ JDK-8315594: Open source few headless Swing misc tests \+ JDK-8315600: Open source few more headless Swing misc tests \+ JDK-8315602: Open source swing security manager test \+ JDK-8315606: Open source few swing text/html tests \+ JDK-8315611: Open source swing text/html and tree test \+ JDK-8315680: java/lang/ref/ReachabilityFenceTest.java should run with -Xbatch \+ JDK-8315731: Open source several Swing Text related tests \+ JDK-8315761: Open source few swing JList and JMenuBar tests \+ JDK-8315986: [macos14] javax/swing/JMenuItem/4654927/ /bug4654927.java: component must be showing on the screen to determine its location \+ JDK-8316001: GC: Make TestArrayAllocatorMallocLimit use createTestJvm \+ JDK-8316028: Update FreeType to 2.13.2 \+ JDK-8316030: Update Libpng to 1.6.40 \+ JDK-8316106: Open source few swing JInternalFrame and JMenuBar tests \+ JDK-8316461: Fix: make test outputs TEST SUCCESS after unsuccessful exit \+ JDK-8316947: Write a test to check textArea triggers MouseEntered/MouseExited events properly \+ JDK-8317307: test/jdk/com/sun/jndi/ldap/ /LdapPoolTimeoutTest.java fails with ConnectException: Connection timed out: no further information \+ JDK-8317327: Remove JT_JAVA dead code in jib-profiles.js \+ JDK-8318154: Improve stability of WheelModifier.java test \+ JDK-8318410: jdk/java/lang/instrument/BootClassPath/ /BootClassPathTest.sh fails on Japanese Windows \+ JDK-8318468: compiler/tiered/LevelTransitionTest.java fails with -XX:CompileThreshold=100 -XX:TieredStopAtLevel=1 \+ JDK-8318603: Parallelize sun/java2d/marlin/ClipShapeTest.java \+ JDK-8318607: Enable parallelism in vmTestbase/nsk/stress/jni tests \+ JDK-8318608: Enable parallelism in vmTestbase/nsk/stress/threads tests \+ JDK-8318736: com/sun/jdi/JdwpOnThrowTest.java failed with "transport error 202: bind failed: Address already in use" \+ JDK-8318889: C2: add bailout after assert Bad graph detected in build_loop_late \+ JDK-8318951: Additional negative value check in JPEG decoding \+ JDK-8318955: Add ReleaseIntArrayElements in Java_sun_awt_X11_XlibWrapper_SetBitmapShape XlbWrapper.c to early return \+ JDK-8318971: Better Error Handling for Jar Tool When Processing Non-existent Files \+ JDK-8318983: Fix comment typo in PKCS12Passwd.java \+ JDK-8319124: Update XML Security for Java to 3.0.3 \+ JDK-8319456: jdk/jfr/event/gc/collection/ /TestGCCauseWith[Serial|Parallel].java : GC cause 'GCLocker Initiated GC' not in the valid causes \+ JDK-8319668: Fixup of jar filename typo in BadFactoryTest.sh \+ JDK-8320001: javac crashes while adding type annotations to the return type of a constructor \+ JDK-8320208: Update Public Suffix List to b5bf572 \+ JDK-8320363: ppc64 TypeEntries::type_unknown logic looks wrong, missed optimization opportunity \+ JDK-8320597: RSA signature verification fails on signed data that does not encode params correctly \+ JDK-8320798: Console read line with zero out should zero out underlying buffer \+ JDK-8320884: Bump update version for OpenJDK: jdk-11.0.23 \+ JDK-8320937: support latest VS2022 MSC_VER in abstract_vm_version.cpp \+ JDK-8321151: JDK-8294427 breaks Windows L&F on all older Windows versions \+ JDK-8321215: Incorrect x86 instruction encoding for VSIB addressing mode \+ JDK-8321408: Add Certainly roots R1 and E1 \+ JDK-8321480: ISO 4217 Amendment 176 Update \+ JDK-8322178: Error. can't find jdk.testlibrary .SimpleSSLContext in test directory or libraries \+ JDK-8322417: Console read line with zero out should zero out when throwing exception \+ JDK-8322725: (tz) Update Timezone Data to 2023d \+ JDK-8322750: Test "api/java_awt/interactive/ /SystemTrayTests.html" failed because A blue ball icon is added outside of the system tray \+ JDK-8322752: [11u] GetStackTraceAndRetransformTest.java is failing assert \+ JDK-8322772: Clean up code after JDK-8322417 \+ JDK-8323008: filter out harmful -std_ flags added by autoconf from CXX \+ JDK-8323243: JNI invocation of an abstract instance method corrupts the stack \+ JDK-8323515: Create test alias "all" for all test roots \+ JDK-8323640: [TESTBUG]testMemoryFailCount in jdk/internal/ /platform/docker/TestDockerMemoryMetrics.java always fail because OOM killed \+ JDK-8324184: Windows VS2010 build failed with "error C2275: 'int64_t'" \+ JDK-8324307: [11u] hotspot fails to build with GCC 12 and newer (non-static data member initializers) \+ JDK-8324347: Enable "maybe- uninitialized" warning for FreeType 2.13.1 \+ JDK-8324659: GHA: Generic jtreg errors are not reported \+ JDK-8325096: Test java/security/cert/CertPathBuilder/akiExt/ /AKISerialNumber.java is failing \+ JDK-8325150: (tz) Update Timezone Data to 2024a \+ JDK-8326109: GCC 13 reports maybe-uninitialized warnings for jni.cpp with dtrace enabled \+ JDK-8326503: [11u] java/net/HttpURLConnection/ /HttpURLConnectionExpectContinueTest.java fail because of package org.junit.jupiter.api does not exist \+ JDK-8327391: Add SipHash attribution file \+ JDK-8329837: [11u] Remove designator DEFAULT_PROMOTED_VERSION_PRE=ea for release 11.0.23 * Removed the possibility to use the system timezone-java (bsc#1213470) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-1498=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-1498=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-1498=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-1498=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-1498=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-1498=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-1498=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-1498=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-1498=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-1498=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-1498=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-1498=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1498=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-1498=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-1498=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-1498=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-1498=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-1498=1 ## Package List: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * java-11-openjdk-demo-11.0.23.0-150000.3.113.1 * java-11-openjdk-11.0.23.0-150000.3.113.1 * java-11-openjdk-devel-11.0.23.0-150000.3.113.1 * java-11-openjdk-headless-11.0.23.0-150000.3.113.1 * java-11-openjdk-debugsource-11.0.23.0-150000.3.113.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * java-11-openjdk-demo-11.0.23.0-150000.3.113.1 * java-11-openjdk-11.0.23.0-150000.3.113.1 * java-11-openjdk-devel-11.0.23.0-150000.3.113.1 * java-11-openjdk-headless-11.0.23.0-150000.3.113.1 * java-11-openjdk-debugsource-11.0.23.0-150000.3.113.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * java-11-openjdk-demo-11.0.23.0-150000.3.113.1 * java-11-openjdk-11.0.23.0-150000.3.113.1 * java-11-openjdk-devel-11.0.23.0-150000.3.113.1 * java-11-openjdk-headless-11.0.23.0-150000.3.113.1 * java-11-openjdk-debuginfo-11.0.23.0-150000.3.113.1 * java-11-openjdk-debugsource-11.0.23.0-150000.3.113.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * java-11-openjdk-demo-11.0.23.0-150000.3.113.1 * java-11-openjdk-11.0.23.0-150000.3.113.1 * java-11-openjdk-devel-11.0.23.0-150000.3.113.1 * java-11-openjdk-headless-11.0.23.0-150000.3.113.1 * java-11-openjdk-debuginfo-11.0.23.0-150000.3.113.1 * java-11-openjdk-debugsource-11.0.23.0-150000.3.113.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * java-11-openjdk-demo-11.0.23.0-150000.3.113.1 * java-11-openjdk-11.0.23.0-150000.3.113.1 * java-11-openjdk-devel-11.0.23.0-150000.3.113.1 * java-11-openjdk-headless-11.0.23.0-150000.3.113.1 * java-11-openjdk-debugsource-11.0.23.0-150000.3.113.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * java-11-openjdk-demo-11.0.23.0-150000.3.113.1 * java-11-openjdk-11.0.23.0-150000.3.113.1 * java-11-openjdk-devel-11.0.23.0-150000.3.113.1 * java-11-openjdk-headless-11.0.23.0-150000.3.113.1 * java-11-openjdk-debuginfo-11.0.23.0-150000.3.113.1 * java-11-openjdk-debugsource-11.0.23.0-150000.3.113.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * java-11-openjdk-demo-11.0.23.0-150000.3.113.1 * java-11-openjdk-11.0.23.0-150000.3.113.1 * java-11-openjdk-devel-11.0.23.0-150000.3.113.1 * java-11-openjdk-headless-11.0.23.0-150000.3.113.1 * java-11-openjdk-debuginfo-11.0.23.0-150000.3.113.1 * java-11-openjdk-debugsource-11.0.23.0-150000.3.113.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * java-11-openjdk-demo-11.0.23.0-150000.3.113.1 * java-11-openjdk-11.0.23.0-150000.3.113.1 * java-11-openjdk-devel-11.0.23.0-150000.3.113.1 * java-11-openjdk-headless-11.0.23.0-150000.3.113.1 * java-11-openjdk-debugsource-11.0.23.0-150000.3.113.1 * SUSE Manager Proxy 4.3 (x86_64) * java-11-openjdk-demo-11.0.23.0-150000.3.113.1 * java-11-openjdk-11.0.23.0-150000.3.113.1 * java-11-openjdk-devel-11.0.23.0-150000.3.113.1 * java-11-openjdk-headless-11.0.23.0-150000.3.113.1 * java-11-openjdk-debugsource-11.0.23.0-150000.3.113.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * java-11-openjdk-demo-11.0.23.0-150000.3.113.1 * java-11-openjdk-11.0.23.0-150000.3.113.1 * java-11-openjdk-devel-11.0.23.0-150000.3.113.1 * java-11-openjdk-headless-11.0.23.0-150000.3.113.1 * java-11-openjdk-debugsource-11.0.23.0-150000.3.113.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * java-11-openjdk-demo-11.0.23.0-150000.3.113.1 * java-11-openjdk-11.0.23.0-150000.3.113.1 * java-11-openjdk-devel-11.0.23.0-150000.3.113.1 * java-11-openjdk-headless-11.0.23.0-150000.3.113.1 * java-11-openjdk-debugsource-11.0.23.0-150000.3.113.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * java-11-openjdk-demo-11.0.23.0-150000.3.113.1 * java-11-openjdk-11.0.23.0-150000.3.113.1 * java-11-openjdk-devel-11.0.23.0-150000.3.113.1 * java-11-openjdk-headless-11.0.23.0-150000.3.113.1 * java-11-openjdk-debuginfo-11.0.23.0-150000.3.113.1 * java-11-openjdk-debugsource-11.0.23.0-150000.3.113.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * java-11-openjdk-demo-11.0.23.0-150000.3.113.1 * java-11-openjdk-11.0.23.0-150000.3.113.1 * java-11-openjdk-src-11.0.23.0-150000.3.113.1 * java-11-openjdk-devel-11.0.23.0-150000.3.113.1 * java-11-openjdk-jmods-11.0.23.0-150000.3.113.1 * java-11-openjdk-headless-11.0.23.0-150000.3.113.1 * java-11-openjdk-debuginfo-11.0.23.0-150000.3.113.1 * java-11-openjdk-debugsource-11.0.23.0-150000.3.113.1 * openSUSE Leap 15.5 (noarch) * java-11-openjdk-javadoc-11.0.23.0-150000.3.113.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * java-11-openjdk-demo-11.0.23.0-150000.3.113.1 * java-11-openjdk-11.0.23.0-150000.3.113.1 * java-11-openjdk-headless-11.0.23.0-150000.3.113.1 * java-11-openjdk-devel-11.0.23.0-150000.3.113.1 * SUSE Package Hub 15 15-SP5 (noarch) * java-11-openjdk-javadoc-11.0.23.0-150000.3.113.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * java-11-openjdk-demo-11.0.23.0-150000.3.113.1 * java-11-openjdk-11.0.23.0-150000.3.113.1 * java-11-openjdk-devel-11.0.23.0-150000.3.113.1 * java-11-openjdk-headless-11.0.23.0-150000.3.113.1 * java-11-openjdk-debuginfo-11.0.23.0-150000.3.113.1 * java-11-openjdk-debugsource-11.0.23.0-150000.3.113.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * java-11-openjdk-demo-11.0.23.0-150000.3.113.1 * java-11-openjdk-11.0.23.0-150000.3.113.1 * java-11-openjdk-devel-11.0.23.0-150000.3.113.1 * java-11-openjdk-headless-11.0.23.0-150000.3.113.1 * java-11-openjdk-debuginfo-11.0.23.0-150000.3.113.1 * java-11-openjdk-debugsource-11.0.23.0-150000.3.113.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * java-11-openjdk-demo-11.0.23.0-150000.3.113.1 * java-11-openjdk-11.0.23.0-150000.3.113.1 * java-11-openjdk-devel-11.0.23.0-150000.3.113.1 * java-11-openjdk-headless-11.0.23.0-150000.3.113.1 * java-11-openjdk-debugsource-11.0.23.0-150000.3.113.1 ## References: * https://www.suse.com/security/cve/CVE-2024-21011.html * https://www.suse.com/security/cve/CVE-2024-21012.html * https://www.suse.com/security/cve/CVE-2024-21068.html * https://www.suse.com/security/cve/CVE-2024-21085.html * https://www.suse.com/security/cve/CVE-2024-21094.html * https://bugzilla.suse.com/show_bug.cgi?id=1213470 * https://bugzilla.suse.com/show_bug.cgi?id=1222979 * https://bugzilla.suse.com/show_bug.cgi?id=1222983 * https://bugzilla.suse.com/show_bug.cgi?id=1222984 * https://bugzilla.suse.com/show_bug.cgi?id=1222986 * https://bugzilla.suse.com/show_bug.cgi?id=1222987 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 6 08:30:17 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 06 May 2024 08:30:17 -0000 Subject: SUSE-SU-2024:1497-1: important: Security update for skopeo Message-ID: <171498421759.10143.15976194659880788216@smelt2.prg2.suse.org> # Security update for skopeo Announcement ID: SUSE-SU-2024:1497-1 Rating: important References: * bsc#1215611 * bsc#1219563 Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.3 * openSUSE Leap 15.5 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that has two security fixes can now be installed. ## Description: This update for skopeo fixes the following issues: * Update to version 1.14.2: * [release-1.14] Bump Skopeo to v1.14.2 * [release-1.14] Bump c/image to v5.29.2, c/common to v0.57.3 (fixes bsc#1219563) * Update to version 1.14.1: * Bump to v1.14.1 * fix(deps): update module github.com/containers/common to v0.57.2 * fix(deps): update module github.com/containers/image/v5 to v5.29.1 * chore(deps): update dependency containers/automation_images to v20240102 * Fix libsubid detection * fix(deps): update module golang.org/x/term to v0.16.0 * fix(deps): update golang.org/x/exp digest to 02704c9 * chore(deps): update dependency containers/automation_images to v20231208 * [skip-ci] Update actions/stale action to v9 * fix(deps): update module github.com/containers/common to v0.57.1 * fix(deps): update golang.org/x/exp digest to 6522937 * DOCS: add Gentoo in install.md * DOCS: Update to add Arch Linux in install.md * fix(deps): update module golang.org/x/term to v0.15.0 * Bump to v1.14.1-dev * Update to version 1.14.0: * Bump to v1.14.0 * fix(deps): update module github.com/containers/common to v0.57.0 * chore(deps): update dependency containers/automation_images to v20231116 * fix(deps): update module github.com/containers/image/v5 to v5.29.0 * Add documentation and smoke tests for the new --compat-auth-file options * Update c/image and c/common to latest * fix(deps): update module github.com/containers/storage to v1.51.0 * fix(deps): update module golang.org/x/term to v0.14.0 * fix(deps): update module github.com/spf13/cobra to v1.8.0 * [CI:DOCS] Update dependency golangci/golangci-lint to v1.55.2 * [CI:DOCS] Update dependency golangci/golangci-lint to v1.55.1 * fix(deps): update github.com/containers/common digest to 3e5caa0 * chore(deps): update module google.golang.org/grpc to v1.57.1 [security] * fix(deps): update module github.com/containers/ocicrypt to v1.1.9 * Update github.com/klauspost/compress to v1.17.2 * chore(deps): update module github.com/docker/docker to v24.0.7+incompatible [security] * Fix ENTRYPOINT documentation, drop others. * Remove unused environment variables in Cirrus * [CI:DOCS] Update dependency golangci/golangci-lint to v1.55.0 * chore(deps): update dependency containers/automation_images to v20231004 * chore(deps): update module golang.org/x/net to v0.17.0 [security] * copy: Note support for `zstd:chunked` * fix(deps): update module golang.org/x/term to v0.13.0 * fix(deps): update module github.com/docker/distribution to v2.8.3+incompatible * fix(deps): update github.com/containers/common digest to 745eaa4 * Packit: switch to @containers/packit-build team for copr failure notification comments * Packit: tag @lsm5 on copr build failures * vendor of containers/common * fix(deps): update module github.com/opencontainers/image-spec to v1.1.0-rc5 * fix(deps): update module github.com/containers/common to v0.56.0 * Cirrus: Remove multi-arch skopeo image builds * fix(deps): update module github.com/containers/image/v5 to v5.28.0 * Increase the golangci-lint timeout * fix(deps): update module github.com/containers/storage to v1.50.2 * fix(deps): update module github.com/containers/storage to v1.50.1 * fix(deps): update golang.org/x/exp digest to 9212866 * Fix a man page link * fix(deps): update github.com/containers/image/v5 digest to 58d5eb6 * GHA: Closed issue/PR comment-lock test * fix(deps): update module github.com/containers/common to v0.55.4 * fix(deps): update module github.com/containers/storage to v1.49.0 * rpm: spdx compatible license field * chore(deps): update dependency golangci/golangci-lint to v1.54.2 * chore(deps): update dependency containers/automation_images to v20230816 * Packit: set eln target correctly * packit: Build PRs into default packit COPRs * DOCS: Update Go version requirement info * DOCS: Add information about the cross-build * fix(deps): update module github.com/containers/ocicrypt to v1.1.8 * fix(deps): update module github.com/containers/common to v0.55.3 * Update c/image after https://github.com/containers/image/pull/2070 * chore(deps): update dependency golangci/golangci-lint to v1.54.1 * chore(deps): update dependency containers/automation_images to v20230809 * fix(deps): update golang.org/x/exp digest to 352e893 * chore(deps): update dependency containers/automation_images to v20230807 * Update to Go 1.19 * fix(deps): update module golang.org/x/term to v0.11.0 * Update c/image for golang.org/x/exp * RPM: define gobuild macro for rhel/centos stream * Fix handling the unexpected return value combination from IsRunningImageAllowed * Close the PolicyContext, as required by the API * Use globalOptions.getPolicyContext instead of an image-targeted SystemContext * Packit: remove pre-sync action * fix(deps): update module github.com/containers/common to v0.55.2 * proxy: Change the imgid to uint64 * [CI:BUILD] Packit: install golist before updating downstream spec * Update module golang.org/x/term to v0.10.0 * Bump to v1.14.0-dev * Bump to v1.13.0 * Bump go version to 1.21 (bsc#1215611) * Update to version 1.13.2: * [release-1.13] Bump to v1.13.2 * [release-1.31] Bump c/common v0.55.3 * Packit: remove pre-sync action * [release-1.13] Bump to v1.13.2-dev * Update to version 1.13.1: * [release-1.13] Bump to v1.13.1 * [release-1.13] Bump c/common to v0.55.2 * [release-1.13 backport] [CI:BUILD] Packit: install golist before updating downstream spec * [release-1.13] Bump to v1.13.1-dev * Update to version 1.13.0: * Bump to v1.13.0 * proxy: Policy verification of OCI Image before pulling * Update module github.com/opencontainers/image-spec to v1.1.0-rc4 * Update module github.com/containers/common to v0.55.1 * Update module github.com/containers/common to v0.54.0 * Update module github.com/containers/image/v5 to v5.26.0 * [CI:BUILD] RPM: fix ELN builds * Update module github.com/containers/storage to v1.47.0 * Packit: easier to read distro conditionals * Update dependency golangci/golangci-lint to v1.53.3 * Help Renovate manage the golangci-lint version * Minor: Cleanup renovate configuration * Update dependency containers/automation_images to v20230614 * Update module golang.org/x/term to v0.9.0 * [CI:BUILD] Packit: add jobs for downstream Fedora package builds * Update module github.com/sirupsen/logrus to v1.9.3 * Update dependency containers/automation_images to v20230601 * Update golang.org/x/exp digest to 2e198f4 * Update github.com/containers/image/v5 digest to e14c1c5 * Update module github.com/stretchr/testify to v1.8.4 * Update module github.com/stretchr/testify to v1.8.3 * Update dependency containers/automation_images to v20230517 * Update module github.com/sirupsen/logrus to v1.9.2 * Update module github.com/docker/distribution to v2.8.2+incompatible * Trigger an update of the ostree_ext container image * Update c/image with https://github.com/containers/image/pull/1944 * Update module github.com/containers/common to v0.53.0 * Update module golang.org/x/term to v0.8.0 * Update dependency containers/automation_images to v20230426 * Update golang.org/x/exp digest to 47ecfdc * Emphasize the semantics of --preserve-digests a tiny bit * Improve the static build documentation a tiny bit * Bump to v1.12.1-dev ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-1497=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1497=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-1497=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-1497=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-1497=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-1497=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-1497=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-1497=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-1497=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-1497=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-1497=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-1497=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-1497=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-1497=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-1497=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-1497=1 ## Package List: * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * skopeo-debuginfo-1.14.2-150300.11.8.1 * skopeo-1.14.2-150300.11.8.1 * openSUSE Leap 15.3 (noarch) * skopeo-zsh-completion-1.14.2-150300.11.8.1 * skopeo-bash-completion-1.14.2-150300.11.8.1 * skopeo-fish-completion-1.14.2-150300.11.8.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * skopeo-debuginfo-1.14.2-150300.11.8.1 * skopeo-1.14.2-150300.11.8.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 s390x x86_64) * skopeo-debuginfo-1.14.2-150300.11.8.1 * skopeo-1.14.2-150300.11.8.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * skopeo-debuginfo-1.14.2-150300.11.8.1 * skopeo-1.14.2-150300.11.8.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * skopeo-debuginfo-1.14.2-150300.11.8.1 * skopeo-1.14.2-150300.11.8.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * skopeo-debuginfo-1.14.2-150300.11.8.1 * skopeo-1.14.2-150300.11.8.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * skopeo-debuginfo-1.14.2-150300.11.8.1 * skopeo-1.14.2-150300.11.8.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * skopeo-debuginfo-1.14.2-150300.11.8.1 * skopeo-1.14.2-150300.11.8.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * skopeo-debuginfo-1.14.2-150300.11.8.1 * skopeo-1.14.2-150300.11.8.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * skopeo-debuginfo-1.14.2-150300.11.8.1 * skopeo-1.14.2-150300.11.8.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * skopeo-debuginfo-1.14.2-150300.11.8.1 * skopeo-1.14.2-150300.11.8.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * skopeo-debuginfo-1.14.2-150300.11.8.1 * skopeo-1.14.2-150300.11.8.1 * SUSE Manager Proxy 4.3 (x86_64) * skopeo-debuginfo-1.14.2-150300.11.8.1 * skopeo-1.14.2-150300.11.8.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * skopeo-debuginfo-1.14.2-150300.11.8.1 * skopeo-1.14.2-150300.11.8.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * skopeo-debuginfo-1.14.2-150300.11.8.1 * skopeo-1.14.2-150300.11.8.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * skopeo-debuginfo-1.14.2-150300.11.8.1 * skopeo-1.14.2-150300.11.8.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1215611 * https://bugzilla.suse.com/show_bug.cgi?id=1219563 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 6 12:30:03 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 06 May 2024 12:30:03 -0000 Subject: SUSE-SU-2024:1506-1: important: Security update for the Linux Kernel (Live Patch 44 for SLE 15 SP2) Message-ID: <171499860337.9288.1263897230845452777@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 44 for SLE 15 SP2) Announcement ID: SUSE-SU-2024:1506-1 Rating: important References: * bsc#1219079 * bsc#1219435 Cross-References: * CVE-2024-0775 * CVE-2024-1086 CVSS scores: * CVE-2024-0775 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-0775 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-1086 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-1086 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise Live Patching 15-SP2 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 An update that solves two vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.3.18-150200_24_175 fixes several issues. The following security issues were fixed: * CVE-2024-0775: Fixed a use-after-free flaw was found in the __ext4_remount in fs/ext4/super.c in ext4 (bsc#1219079). * CVE-2024-1086: Fixed a use-after-free vulnerability related to nft_verdict_init() (bsc#1219435). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP2 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP2-2024-1506=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP2 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP2_Update_44-debugsource-7-150200.2.1 * kernel-livepatch-5_3_18-150200_24_175-default-debuginfo-7-150200.2.1 * kernel-livepatch-5_3_18-150200_24_175-default-7-150200.2.1 ## References: * https://www.suse.com/security/cve/CVE-2024-0775.html * https://www.suse.com/security/cve/CVE-2024-1086.html * https://bugzilla.suse.com/show_bug.cgi?id=1219079 * https://bugzilla.suse.com/show_bug.cgi?id=1219435 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 6 12:30:06 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 06 May 2024 12:30:06 -0000 Subject: SUSE-SU-2024:1505-1: important: Security update for the Linux Kernel (Live Patch 43 for SLE 12 SP5) Message-ID: <171499860699.9288.535190145384818959@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 43 for SLE 12 SP5) Announcement ID: SUSE-SU-2024:1505-1 Rating: important References: * bsc#1216644 * bsc#1219079 * bsc#1219435 Cross-References: * CVE-2023-5717 * CVE-2024-0775 * CVE-2024-1086 CVSS scores: * CVE-2023-5717 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-5717 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-0775 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-0775 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-1086 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-1086 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Live Patching 12-SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves three vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 4.12.14-122_159 fixes several issues. The following security issues were fixed: * CVE-2024-0775: Fixed a use-after-free flaw was found in the __ext4_remount in fs/ext4/super.c in ext4 (bsc#1219079). * CVE-2023-5717: Fixed a heap out-of-bounds write vulnerability perf component (bsc#1216644). * CVE-2024-1086: Fixed a use-after-free vulnerability related to nft_verdict_init() (bsc#1219435). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 12-SP5 zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2024-1505=1 SUSE-SLE-Live- Patching-12-SP5-2024-1502=1 ## Package List: * SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64) * kgraft-patch-4_12_14-122_156-default-14-2.1 * kgraft-patch-4_12_14-122_159-default-13-2.1 ## References: * https://www.suse.com/security/cve/CVE-2023-5717.html * https://www.suse.com/security/cve/CVE-2024-0775.html * https://www.suse.com/security/cve/CVE-2024-1086.html * https://bugzilla.suse.com/show_bug.cgi?id=1216644 * https://bugzilla.suse.com/show_bug.cgi?id=1219079 * https://bugzilla.suse.com/show_bug.cgi?id=1219435 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 6 12:30:17 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 06 May 2024 12:30:17 -0000 Subject: SUSE-SU-2024:1532-1: important: Maintenance update for SUSE Manager 4.3 Release Notes Message-ID: <171499861781.9288.3916158911592540729@smelt2.prg2.suse.org> # Maintenance update for SUSE Manager 4.3 Release Notes Announcement ID: SUSE-SU-2024:1532-1 Rating: important References: * bsc#1170848 * bsc#1208572 * bsc#1214340 * bsc#1214387 * bsc#1216085 * bsc#1217204 * bsc#1217874 * bsc#1218764 * bsc#1218805 * bsc#1218931 * bsc#1218957 * bsc#1219061 * bsc#1219233 * bsc#1219634 * bsc#1219875 * bsc#1220001 * bsc#1220101 * bsc#1220169 * bsc#1220194 * bsc#1220221 * bsc#1220376 * bsc#1220705 * bsc#1220726 * bsc#1220903 * bsc#1220980 * bsc#1221111 * bsc#1221182 * bsc#1221279 * bsc#1221465 * bsc#1221571 * bsc#1221784 * bsc#1221922 * bsc#1222110 * bsc#1222347 * jsc#MSQA-760 Cross-References: * CVE-2023-51775 CVSS scores: * CVE-2023-51775 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability, contains one feature and has 33 security fixes can now be installed. ## Recommended update for SUSE Manager Proxy and Retail Branch Server 4.3 ### Description: This update fixes the following issues: release-notes-susemanager-proxy: * Update to SUSE Manager 4.3.12 * Bugs mentioned: bsc#1208572, bsc#1214387, bsc#1217204, bsc#1220980, bsc#1221465 bsc#1222347, bsc#1220001 ## Security update for SUSE Manager Server 4.3 ### Description: This update fixes the following issues: release-notes-susemanager: * Update to SUSE Manager 4.3.12 * Monitoring: Node exporter upgraded to 1.7.0 * Automatic migration from Salt 3000 to the Salt Bundle * New update-salt recurring state * uyuni-proxy-systemd-services package has been added to proxy channel * New Errata getRelevantErrata API endpoint * CVEs fixed: 2023-51775 * Bugs mentioned: bsc#1170848, bsc#1208572, bsc#1214340, bsc#1214387, bsc#1216085 bsc#1217204, bsc#1217874, bsc#1218764, bsc#1218805, bsc#1218931 bsc#1218957, bsc#1219061, bsc#1219233, bsc#1219634, bsc#1219875 bsc#1220101, bsc#1220169, bsc#1220194, bsc#1220221, bsc#1220376 bsc#1220705, bsc#1220726, bsc#1220903, bsc#1220980, bsc#1221111 bsc#1221182, bsc#1221279, bsc#1221465, bsc#1221571, bsc#1221784 bsc#1221922, bsc#1222110, bsc#1222347 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-1532=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-1532=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-1532=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-1532=1 ## Package List: * SUSE Manager Proxy 4.3 (noarch) * release-notes-susemanager-proxy-4.3.12-150400.3.82.3 * SUSE Manager Retail Branch Server 4.3 (noarch) * release-notes-susemanager-proxy-4.3.12-150400.3.82.3 * SUSE Manager Server 4.3 (noarch) * release-notes-susemanager-4.3.12-150400.3.108.2 * openSUSE Leap 15.4 (noarch) * release-notes-susemanager-proxy-4.3.12-150400.3.82.3 * release-notes-susemanager-4.3.12-150400.3.108.2 ## References: * https://www.suse.com/security/cve/CVE-2023-51775.html * https://bugzilla.suse.com/show_bug.cgi?id=1170848 * https://bugzilla.suse.com/show_bug.cgi?id=1208572 * https://bugzilla.suse.com/show_bug.cgi?id=1214340 * https://bugzilla.suse.com/show_bug.cgi?id=1214387 * https://bugzilla.suse.com/show_bug.cgi?id=1216085 * https://bugzilla.suse.com/show_bug.cgi?id=1217204 * https://bugzilla.suse.com/show_bug.cgi?id=1217874 * https://bugzilla.suse.com/show_bug.cgi?id=1218764 * https://bugzilla.suse.com/show_bug.cgi?id=1218805 * https://bugzilla.suse.com/show_bug.cgi?id=1218931 * https://bugzilla.suse.com/show_bug.cgi?id=1218957 * https://bugzilla.suse.com/show_bug.cgi?id=1219061 * https://bugzilla.suse.com/show_bug.cgi?id=1219233 * https://bugzilla.suse.com/show_bug.cgi?id=1219634 * https://bugzilla.suse.com/show_bug.cgi?id=1219875 * https://bugzilla.suse.com/show_bug.cgi?id=1220001 * https://bugzilla.suse.com/show_bug.cgi?id=1220101 * https://bugzilla.suse.com/show_bug.cgi?id=1220169 * https://bugzilla.suse.com/show_bug.cgi?id=1220194 * https://bugzilla.suse.com/show_bug.cgi?id=1220221 * https://bugzilla.suse.com/show_bug.cgi?id=1220376 * https://bugzilla.suse.com/show_bug.cgi?id=1220705 * https://bugzilla.suse.com/show_bug.cgi?id=1220726 * https://bugzilla.suse.com/show_bug.cgi?id=1220903 * https://bugzilla.suse.com/show_bug.cgi?id=1220980 * https://bugzilla.suse.com/show_bug.cgi?id=1221111 * https://bugzilla.suse.com/show_bug.cgi?id=1221182 * https://bugzilla.suse.com/show_bug.cgi?id=1221279 * https://bugzilla.suse.com/show_bug.cgi?id=1221465 * https://bugzilla.suse.com/show_bug.cgi?id=1221571 * https://bugzilla.suse.com/show_bug.cgi?id=1221784 * https://bugzilla.suse.com/show_bug.cgi?id=1221922 * https://bugzilla.suse.com/show_bug.cgi?id=1222110 * https://bugzilla.suse.com/show_bug.cgi?id=1222347 * https://jira.suse.com/browse/MSQA-760 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 6 12:30:26 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 06 May 2024 12:30:26 -0000 Subject: SUSE-SU-2024:1530-1: moderate: Security update for grafana and mybatis Message-ID: <171499862661.9288.992495534380653110@smelt2.prg2.suse.org> # Security update for grafana and mybatis Announcement ID: SUSE-SU-2024:1530-1 Rating: moderate References: * bsc#1219912 * bsc#1222155 * jsc#MSQA-760 Cross-References: * CVE-2023-6152 * CVE-2024-1313 CVSS scores: * CVE-2023-6152 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2024-1313 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Package Hub 15 15-SP5 An update that solves two vulnerabilities and contains one feature can now be installed. ## Description: This update for grafana and mybatis fixes the following issues: grafana was updated to version 9.5.18: * Grafana now requires Go 1.20 * Security issues fixed: * CVE-2024-1313: Require same organisation when deleting snapshots (bsc#1222155) * CVE-2023-6152: Add email verification when updating user email (bsc#1219912) * Other non-security related changes: * Version 9.5.17: * [FEATURE] Alerting: Backport use Alertmanager API v2 * Version 9.5.16: * [BUGFIX] Annotations: Split cleanup into separate queries and deletes to avoid deadlocks on MySQL * Version 9.5.15: * [FEATURE] Alerting: Attempt to retry retryable errors * Version 9.5.14: * [BUGFIX] Alerting: Fix state manager to not keep datasource_uid and ref_id labels in state after Error * [BUGFIX] Transformations: Config overrides being lost when config from query transform is applied * [BUGFIX] LDAP: Fix enable users on successfull login * Version 9.5.13: * [BUGFIX] BrowseDashboards: Only remember the most recent expanded folder * [BUGFIX] Licensing: Pass func to update env variables when starting plugin * Version 9.5.12: * [FEATURE] Azure: Add support for Workload Identity authentication * Version 9.5.9: * [FEATURE] SSE: Fix DSNode to not panic when response has empty response * [FEATURE] Prometheus: Handle the response with different field key order * [BUGFIX] LDAP: Fix user disabling mybatis: * `apache-commons-ognl` is now a non-optional dependency * Fixed building with log4j v1 and v2 dependencies ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-1530=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1530=1 ## Package List: * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x x86_64) * grafana-9.5.18-150200.3.56.1 * grafana-debuginfo-9.5.18-150200.3.56.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * grafana-9.5.18-150200.3.56.1 * grafana-debuginfo-9.5.18-150200.3.56.1 * openSUSE Leap 15.5 (noarch) * mybatis-3.5.6-150200.5.6.1 * mybatis-javadoc-3.5.6-150200.5.6.1 ## References: * https://www.suse.com/security/cve/CVE-2023-6152.html * https://www.suse.com/security/cve/CVE-2024-1313.html * https://bugzilla.suse.com/show_bug.cgi?id=1219912 * https://bugzilla.suse.com/show_bug.cgi?id=1222155 * https://jira.suse.com/browse/MSQA-760 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 6 12:30:40 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 06 May 2024 12:30:40 -0000 Subject: SUSE-SU-2024:1525-1: important: Security update for SUSE Manager Salt Bundle Message-ID: <171499864099.9288.14212257879398047314@smelt2.prg2.suse.org> # Security update for SUSE Manager Salt Bundle Announcement ID: SUSE-SU-2024:1525-1 Rating: important References: * bsc#1211649 * bsc#1211888 * bsc#1216850 * bsc#1218482 * bsc#1219001 * bsc#1219430 * bsc#1219431 * jsc#MSQA-760 Cross-References: * CVE-2024-22231 * CVE-2024-22232 CVSS scores: * CVE-2024-22231 ( SUSE ): 5.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N * CVE-2024-22232 ( SUSE ): 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N Affected Products: * SUSE Manager Client Tools for RHEL, Liberty and Clones 9 An update that solves two vulnerabilities, contains one feature and has five security fixes can now be installed. ## Description: This update fixes the following issues: venv-salt-minion: * CVE-2024-22231: Prevent directory traversal when creating syndic cache directory on the master (bsc#1219430) * CVE-2024-22232: Prevent directory traversal attacks in the master's serve_file method (bsc#1219431) * Convert oscap output to UTF-8 * Make Salt compatible with Python 3.11 * Ignore non-ascii chars in oscap output (bsc#1219001) * Fix detected issues in Salt tests when running on VMs * Make importing seco.range thread safe (bsc#1211649) * Fix problematic tests and allow smooth tests executions on containers * Discover Ansible playbook files as " _.yml " or "_.yaml" files (bsc#1211888) * Prevent exceptions with fileserver.update when called via state (bsc#1218482) * Improve pip target override condition with VENV_PIP_TARGET environment variable (bsc#1216850) * Fixed KeyError in logs when running a state that fails ## Special Instructions and Notes: ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Client Tools for RHEL, Liberty and Clones 9 zypper in -t patch SUSE-EL-9-CLIENT-TOOLS-2024-1525=1 ## Package List: * SUSE Manager Client Tools for RHEL, Liberty and Clones 9 (aarch64 ppc64le s390x x86_64) * venv-salt-minion-3006.0-1.36.3 ## References: * https://www.suse.com/security/cve/CVE-2024-22231.html * https://www.suse.com/security/cve/CVE-2024-22232.html * https://bugzilla.suse.com/show_bug.cgi?id=1211649 * https://bugzilla.suse.com/show_bug.cgi?id=1211888 * https://bugzilla.suse.com/show_bug.cgi?id=1216850 * https://bugzilla.suse.com/show_bug.cgi?id=1218482 * https://bugzilla.suse.com/show_bug.cgi?id=1219001 * https://bugzilla.suse.com/show_bug.cgi?id=1219430 * https://bugzilla.suse.com/show_bug.cgi?id=1219431 * https://jira.suse.com/browse/MSQA-760 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 6 12:30:43 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 06 May 2024 12:30:43 -0000 Subject: SUSE-SU-2024:1522-1: moderate: Security update for SUSE Manager Salt Bundle Message-ID: <171499864324.9288.12627507706869241321@smelt2.prg2.suse.org> # Security update for SUSE Manager Salt Bundle Announcement ID: SUSE-SU-2024:1522-1 Rating: moderate References: * bsc#1211649 * bsc#1211888 * bsc#1216850 * bsc#1218482 * bsc#1219001 * bsc#1219430 * bsc#1219431 * jsc#MSQA-760 Cross-References: * CVE-2024-22231 * CVE-2024-22232 CVSS scores: * CVE-2024-22231 ( SUSE ): 5.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N * CVE-2024-22232 ( SUSE ): 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N Affected Products: * SUSE Manager Client Tools for Debian 12 An update that solves two vulnerabilities, contains one feature and has five security fixes can now be installed. ## Description: This update fixes the following issues: venv-salt-minion: * CVE-2024-22231: Prevent directory traversal when creating syndic cache directory on the master (bsc#1219430) * CVE-2024-22232: Prevent directory traversal attacks in the master's serve_file method (bsc#1219431) * Convert oscap output to UTF-8 * Make Salt compatible with Python 3.11 * Ignore non-ascii chars in oscap output (bsc#1219001) * Fix detected issues in Salt tests when running on VMs * Make importing seco.range thread safe (bsc#1211649) * Fix problematic tests and allow smooth tests executions on containers * Discover Ansible playbook files as " _.yml " or "_.yaml" files (bsc#1211888) * Prevent exceptions with fileserver.update when called via state (bsc#1218482) * Improve pip target override condition with VENV_PIP_TARGET environment variable (bsc#1216850) * Fixed KeyError in logs when running a state that fails ## Special Instructions and Notes: ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Client Tools for Debian 12 zypper in -t patch SUSE-Debian-12-CLIENT-TOOLS-x86_64-2024-1522=1 ## Package List: * SUSE Manager Client Tools for Debian 12 (amd64) * venv-salt-minion-3006.0-2.12.3 ## References: * https://www.suse.com/security/cve/CVE-2024-22231.html * https://www.suse.com/security/cve/CVE-2024-22232.html * https://bugzilla.suse.com/show_bug.cgi?id=1211649 * https://bugzilla.suse.com/show_bug.cgi?id=1211888 * https://bugzilla.suse.com/show_bug.cgi?id=1216850 * https://bugzilla.suse.com/show_bug.cgi?id=1218482 * https://bugzilla.suse.com/show_bug.cgi?id=1219001 * https://bugzilla.suse.com/show_bug.cgi?id=1219430 * https://bugzilla.suse.com/show_bug.cgi?id=1219431 * https://jira.suse.com/browse/MSQA-760 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 6 12:30:47 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 06 May 2024 12:30:47 -0000 Subject: SUSE-SU-2024:1521-1: moderate: Security update for SUSE Manager Salt Bundle Message-ID: <171499864742.9288.8025827629990187440@smelt2.prg2.suse.org> # Security update for SUSE Manager Salt Bundle Announcement ID: SUSE-SU-2024:1521-1 Rating: moderate References: * bsc#1211649 * bsc#1211888 * bsc#1216850 * bsc#1218482 * bsc#1219001 * bsc#1219430 * bsc#1219431 * jsc#MSQA-760 Cross-References: * CVE-2024-22231 * CVE-2024-22232 CVSS scores: * CVE-2024-22231 ( SUSE ): 5.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N * CVE-2024-22232 ( SUSE ): 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N Affected Products: * SUSE Manager Client Tools for Debian 11 An update that solves two vulnerabilities, contains one feature and has five security fixes can now be installed. ## Description: This update fixes the following issues: venv-salt-minion: * CVE-2024-22231: Prevent directory traversal when creating syndic cache directory on the master (bsc#1219430) * CVE-2024-22232: Prevent directory traversal attacks in the master's serve_file method (bsc#1219431) * Convert oscap output to UTF-8 * Make Salt compatible with Python 3.11 * Ignore non-ascii chars in oscap output (bsc#1219001) * Fix detected issues in Salt tests when running on VMs * Make importing seco.range thread safe (bsc#1211649) * Fix problematic tests and allow smooth tests executions on containers * Discover Ansible playbook files as " _.yml " or "_.yaml" files (bsc#1211888) * Prevent exceptions with fileserver.update when called via state (bsc#1218482) * Improve pip target override condition with VENV_PIP_TARGET environment variable (bsc#1216850) * Fixed KeyError in logs when running a state that fails ## Special Instructions and Notes: ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Client Tools for Debian 11 zypper in -t patch SUSE-Debian-11-CLIENT-TOOLS-x86_64-2024-1521=1 ## Package List: * SUSE Manager Client Tools for Debian 11 (amd64) * venv-salt-minion-3006.0-2.50.4 ## References: * https://www.suse.com/security/cve/CVE-2024-22231.html * https://www.suse.com/security/cve/CVE-2024-22232.html * https://bugzilla.suse.com/show_bug.cgi?id=1211649 * https://bugzilla.suse.com/show_bug.cgi?id=1211888 * https://bugzilla.suse.com/show_bug.cgi?id=1216850 * https://bugzilla.suse.com/show_bug.cgi?id=1218482 * https://bugzilla.suse.com/show_bug.cgi?id=1219001 * https://bugzilla.suse.com/show_bug.cgi?id=1219430 * https://bugzilla.suse.com/show_bug.cgi?id=1219431 * https://jira.suse.com/browse/MSQA-760 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 6 12:30:52 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 06 May 2024 12:30:52 -0000 Subject: SUSE-SU-202404:15257-1: moderate: Security update for SUSE Manager Salt Bundle Message-ID: <171499865223.9288.10626771076249707475@smelt2.prg2.suse.org> # Security update for SUSE Manager Salt Bundle Announcement ID: SUSE-SU-202404:15257-1 Rating: moderate References: * bsc#1211649 * bsc#1211888 * bsc#1216850 * bsc#1218482 * bsc#1219001 * bsc#1219430 * bsc#1219431 * jsc#MSQA-760 Cross-References: * CVE-2024-22231 * CVE-2024-22232 CVSS scores: * CVE-2024-22231 ( SUSE ): 5.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N * CVE-2024-22232 ( SUSE ): 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N Affected Products: * SUSE Manager Client Tools for Ubuntu 20.04 2004 An update that solves two vulnerabilities, contains one feature and has five security fixes can now be installed. ## Description: This update fixes the following issues: venv-salt-minion: * CVE-2024-22231: Prevent directory traversal when creating syndic cache directory on the master (bsc#1219430) * CVE-2024-22232: Prevent directory traversal attacks in the master's serve_file method (bsc#1219431) * Convert oscap output to UTF-8 * Make Salt compatible with Python 3.11 * Ignore non-ascii chars in oscap output (bsc#1219001) * Fix detected issues in Salt tests when running on VMs * Make importing seco.range thread safe (bsc#1211649) * Fix problematic tests and allow smooth tests executions on containers * Discover Ansible playbook files as " _.yml " or "_.yaml" files (bsc#1211888) * Prevent exceptions with fileserver.update when called via state (bsc#1218482) * Improve pip target override condition with VENV_PIP_TARGET environment variable (bsc#1216850) * Fixed KeyError in logs when running a state that fails ## Special Instructions and Notes: ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Client Tools for Ubuntu 20.04 2004 zypper in -t patch suse-ubu204ct-client-tools-202404-15257=1 ## Package List: * SUSE Manager Client Tools for Ubuntu 20.04 2004 (amd64) * venv-salt-minion-3006.0-2.52.3 ## References: * https://www.suse.com/security/cve/CVE-2024-22231.html * https://www.suse.com/security/cve/CVE-2024-22232.html * https://bugzilla.suse.com/show_bug.cgi?id=1211649 * https://bugzilla.suse.com/show_bug.cgi?id=1211888 * https://bugzilla.suse.com/show_bug.cgi?id=1216850 * https://bugzilla.suse.com/show_bug.cgi?id=1218482 * https://bugzilla.suse.com/show_bug.cgi?id=1219001 * https://bugzilla.suse.com/show_bug.cgi?id=1219430 * https://bugzilla.suse.com/show_bug.cgi?id=1219431 * https://jira.suse.com/browse/MSQA-760 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 6 12:30:49 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 06 May 2024 12:30:49 -0000 Subject: SUSE-SU-202404:15258-1: moderate: Security update for SUSE Manager Salt Bundle Message-ID: <171499864989.9288.10998471330232906529@smelt2.prg2.suse.org> # Security update for SUSE Manager Salt Bundle Announcement ID: SUSE-SU-202404:15258-1 Rating: moderate References: * bsc#1211649 * bsc#1211888 * bsc#1216850 * bsc#1218482 * bsc#1219001 * bsc#1219430 * bsc#1219431 * jsc#MSQA-760 Cross-References: * CVE-2024-22231 * CVE-2024-22232 CVSS scores: * CVE-2024-22231 ( SUSE ): 5.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N * CVE-2024-22232 ( SUSE ): 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N Affected Products: * SUSE Manager Client Tools for Ubuntu 22.04 2204 An update that solves two vulnerabilities, contains one feature and has five security fixes can now be installed. ## Description: This update fixes the following issues: venv-salt-minion: * CVE-2024-22231: Prevent directory traversal when creating syndic cache directory on the master (bsc#1219430) * CVE-2024-22232: Prevent directory traversal attacks in the master's serve_file method (bsc#1219431) * Convert oscap output to UTF-8 * Make Salt compatible with Python 3.11 * Ignore non-ascii chars in oscap output (bsc#1219001) * Fix detected issues in Salt tests when running on VMs * Make importing seco.range thread safe (bsc#1211649) * Fix problematic tests and allow smooth tests executions on containers * Discover Ansible playbook files as " _.yml " or "_.yaml" files (bsc#1211888) * Prevent exceptions with fileserver.update when called via state (bsc#1218482) * Improve pip target override condition with VENV_PIP_TARGET environment variable (bsc#1216850) * Fixed KeyError in logs when running a state that fails ## Special Instructions and Notes: ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Client Tools for Ubuntu 22.04 2204 zypper in -t patch suse-ubu224ct-client-tools-202404-15258=1 ## Package List: * SUSE Manager Client Tools for Ubuntu 22.04 2204 (amd64) * venv-salt-minion-3006.0-2.43.3 ## References: * https://www.suse.com/security/cve/CVE-2024-22231.html * https://www.suse.com/security/cve/CVE-2024-22232.html * https://bugzilla.suse.com/show_bug.cgi?id=1211649 * https://bugzilla.suse.com/show_bug.cgi?id=1211888 * https://bugzilla.suse.com/show_bug.cgi?id=1216850 * https://bugzilla.suse.com/show_bug.cgi?id=1218482 * https://bugzilla.suse.com/show_bug.cgi?id=1219001 * https://bugzilla.suse.com/show_bug.cgi?id=1219430 * https://bugzilla.suse.com/show_bug.cgi?id=1219431 * https://jira.suse.com/browse/MSQA-760 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 6 12:30:55 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 06 May 2024 12:30:55 -0000 Subject: SUSE-SU-2024:1518-1: important: Security update for SUSE Manager Salt Bundle Message-ID: <171499865537.9288.16404954461565153448@smelt2.prg2.suse.org> # Security update for SUSE Manager Salt Bundle Announcement ID: SUSE-SU-2024:1518-1 Rating: important References: * bsc#1211649 * bsc#1211888 * bsc#1216850 * bsc#1218482 * bsc#1219001 * bsc#1219430 * bsc#1219431 * jsc#MSQA-760 Cross-References: * CVE-2024-22231 * CVE-2024-22232 CVSS scores: * CVE-2024-22231 ( SUSE ): 5.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N * CVE-2024-22232 ( SUSE ): 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N Affected Products: * openSUSE Leap 15.3 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 * SUSE Linux Enterprise Desktop 15 SP1 * SUSE Linux Enterprise Desktop 15 SP2 * SUSE Linux Enterprise Desktop 15 SP3 * SUSE Linux Enterprise Desktop 15 SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 * SUSE Linux Enterprise High Performance Computing 15 SP1 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.0 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP1 * SUSE Linux Enterprise Real Time 15 SP2 * SUSE Linux Enterprise Real Time 15 SP3 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 * SUSE Linux Enterprise Server 15 SP1 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 * SUSE Linux Enterprise Server for SAP Applications 15 SP1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Client Tools for SLE 15 * SUSE Manager Client Tools for SLE Micro 5 * SUSE Manager Proxy 4.3 * SUSE Manager Proxy 4.3 Module 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 * SUSE Manager Server 4.3 Module 4.3 An update that solves two vulnerabilities, contains one feature and has five security fixes can now be installed. ## Description: This update fixes the following issues: venv-salt-minion: * Security issues fixed: * CVE-2024-22231: Prevent directory traversal when creating syndic cache directory on the master (bsc#1219430) * CVE-2024-22232: Prevent directory traversal attacks in the master's serve_file method (bsc#1219431) * Bugs fixed: * Convert oscap output to UTF-8 * Make Salt compatible with Python 3.11 * Ignore non-ascii chars in oscap output (bsc#1219001) * Fix detected issues in Salt tests when running on VMs * Make importing seco.range thread safe (bsc#1211649) * Fix problematic tests and allow smooth tests executions on containers * Discover Ansible playbook files as " _.yml " or "_.yaml" files (bsc#1211888) * Prevent exceptions with fileserver.update when called via state (bsc#1218482) * Improve pip target override condition with VENV_PIP_TARGET environment variable (bsc#1216850) * Fixed KeyError in logs when running a state that fails ## Special Instructions and Notes: ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Client Tools for SLE 15 zypper in -t patch SUSE-SLE-Manager-Tools-15-2024-1518=1 * SUSE Manager Client Tools for SLE Micro 5 zypper in -t patch SUSE-SLE-Manager-Tools-For-Micro-5-2024-1518=1 * SUSE Manager Proxy 4.3 Module 4.3 zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Proxy-4.3-2024-1518=1 * SUSE Manager Server 4.3 Module 4.3 zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Server-4.3-2024-1518=1 ## Package List: * SUSE Manager Client Tools for SLE 15 (aarch64 ppc64le s390x x86_64) * venv-salt-minion-3006.0-150000.3.54.3 * SUSE Manager Client Tools for SLE Micro 5 (aarch64 s390x x86_64) * venv-salt-minion-3006.0-150000.3.54.3 * SUSE Manager Proxy 4.3 Module 4.3 (aarch64 ppc64le s390x x86_64) * venv-salt-minion-3006.0-150000.3.54.3 * SUSE Manager Server 4.3 Module 4.3 (aarch64 ppc64le s390x x86_64) * venv-salt-minion-3006.0-150000.3.54.3 ## References: * https://www.suse.com/security/cve/CVE-2024-22231.html * https://www.suse.com/security/cve/CVE-2024-22232.html * https://bugzilla.suse.com/show_bug.cgi?id=1211649 * https://bugzilla.suse.com/show_bug.cgi?id=1211888 * https://bugzilla.suse.com/show_bug.cgi?id=1216850 * https://bugzilla.suse.com/show_bug.cgi?id=1218482 * https://bugzilla.suse.com/show_bug.cgi?id=1219001 * https://bugzilla.suse.com/show_bug.cgi?id=1219430 * https://bugzilla.suse.com/show_bug.cgi?id=1219431 * https://jira.suse.com/browse/MSQA-760 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 6 12:30:57 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 06 May 2024 12:30:57 -0000 Subject: SUSE-SU-2024:1517-1: important: Security update for SUSE Manager Salt Bundle Message-ID: <171499865787.9288.16737147332006069331@smelt2.prg2.suse.org> # Security update for SUSE Manager Salt Bundle Announcement ID: SUSE-SU-2024:1517-1 Rating: important References: * bsc#1211649 * bsc#1211888 * bsc#1216850 * bsc#1218482 * bsc#1219001 * bsc#1219430 * bsc#1219431 * jsc#MSQA-760 Cross-References: * CVE-2024-22231 * CVE-2024-22232 CVSS scores: * CVE-2024-22231 ( SUSE ): 5.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N * CVE-2024-22232 ( SUSE ): 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N Affected Products: * SUSE Linux Enterprise Desktop 12 * SUSE Linux Enterprise Desktop 12 SP1 * SUSE Linux Enterprise Desktop 12 SP2 * SUSE Linux Enterprise Desktop 12 SP3 * SUSE Linux Enterprise Desktop 12 SP4 * SUSE Linux Enterprise High Performance Computing 12 SP2 * SUSE Linux Enterprise High Performance Computing 12 SP3 * SUSE Linux Enterprise High Performance Computing 12 SP4 * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 * SUSE Linux Enterprise Server 12 SP1 * SUSE Linux Enterprise Server 12 SP2 * SUSE Linux Enterprise Server 12 SP3 * SUSE Linux Enterprise Server 12 SP4 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 * SUSE Linux Enterprise Server for SAP Applications 12 SP1 * SUSE Linux Enterprise Server for SAP Applications 12 SP2 * SUSE Linux Enterprise Server for SAP Applications 12 SP3 * SUSE Linux Enterprise Server for SAP Applications 12 SP4 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Server for the Raspberry Pi 12-SP2 * SUSE Manager Client Tools for SLE 12 An update that solves two vulnerabilities, contains one feature and has five security fixes can now be installed. ## Description: This update fixes the following issues: venv-salt-minion: * Security issues fixed: * CVE-2024-22231: Prevent directory traversal when creating syndic cache directory on the master (bsc#1219430) * CVE-2024-22232: Prevent directory traversal attacks in the master's serve_file method (bsc#1219431) * Bugs fixed: * Convert oscap output to UTF-8 * Make Salt compatible with Python 3.11 * Ignore non-ascii chars in oscap output (bsc#1219001) * Fix detected issues in Salt tests when running on VMs * Make importing seco.range thread safe (bsc#1211649) * Fix problematic tests and allow smooth tests executions on containers * Discover Ansible playbook files as " _.yml " or "_.yaml" files (bsc#1211888) * Prevent exceptions with fileserver.update when called via state (bsc#1218482) * Improve pip target override condition with VENV_PIP_TARGET environment variable (bsc#1216850) * Fixed KeyError in logs when running a state that fails ## Special Instructions and Notes: ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Client Tools for SLE 12 zypper in -t patch SUSE-SLE-Manager-Tools-12-2024-1517=1 ## Package List: * SUSE Manager Client Tools for SLE 12 (aarch64 ppc64le s390x x86_64) * venv-salt-minion-3006.0-3.52.3 ## References: * https://www.suse.com/security/cve/CVE-2024-22231.html * https://www.suse.com/security/cve/CVE-2024-22232.html * https://bugzilla.suse.com/show_bug.cgi?id=1211649 * https://bugzilla.suse.com/show_bug.cgi?id=1211888 * https://bugzilla.suse.com/show_bug.cgi?id=1216850 * https://bugzilla.suse.com/show_bug.cgi?id=1218482 * https://bugzilla.suse.com/show_bug.cgi?id=1219001 * https://bugzilla.suse.com/show_bug.cgi?id=1219430 * https://bugzilla.suse.com/show_bug.cgi?id=1219431 * https://jira.suse.com/browse/MSQA-760 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 6 12:31:04 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 06 May 2024 12:31:04 -0000 Subject: SUSE-SU-202404:15254-1: moderate: Security update for SUSE Manager Client Tools Message-ID: <171499866484.9288.9718729940958871840@smelt2.prg2.suse.org> # Security update for SUSE Manager Client Tools Announcement ID: SUSE-SU-202404:15254-1 Rating: moderate References: * bsc#1211649 * bsc#1211888 * bsc#1216850 * bsc#1218482 * bsc#1219001 * bsc#1219430 * bsc#1219431 * jsc#ECO-3319 * jsc#MSQA-760 Cross-References: * CVE-2024-22231 * CVE-2024-22232 CVSS scores: * CVE-2024-22231 ( SUSE ): 5.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N * CVE-2024-22232 ( SUSE ): 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N Affected Products: * SUSE Manager Client Tools for Ubuntu 20.04 2004 An update that solves two vulnerabilities, contains two features and has five security fixes can now be installed. ## Description: This update fixes the following issues: salt: * Prevent directory traversal when creating syndic cache directory on the master (CVE-2024-22231, bsc#1219430) * Prevent directory traversal attacks in the master's serve_file method (CVE-2024-22232, bsc#1219431) * Convert oscap output to UTF-8 * Make Salt compatible with Python 3.11 * Ignore non-ascii chars in oscap output (bsc#1219001) * Fix detected issues in Salt tests when running on VMs * Make importing seco.range thread safe (bsc#1211649) * Fix problematic tests and allow smooth tests executions on containers * Discover Ansible playbook files as " _.yml " or "_.yaml" files (bsc#1211888) * Provide user(salt)/group(salt) capabilities for RPM 4.19 * Extend dependencies for python3-salt-testsuite and python3-salt packages * Improve Salt and testsuite packages multibuild * Enable multibuild and create test flavor * Additionally we require python-mock just for older Python versions. * Prevent exceptions with fileserver.update when called via state (bsc#1218482) * Improve pip target override condition with VENV_PIP_TARGET environment variable (bsc#1216850) * Fixed KeyError in logs when running a state that fails scap-security-guide: * Updated to 0.1.71 (jsc#ECO-3319) * Add RHEL 9 STIG * Add support for Debian 12 * Update PCI-DSS profile for RHEL * lots of bugfixes and improvements for SLE spacecmd: * Version 4.3.27-0 * Update translation strings ## Special Instructions and Notes: ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Client Tools for Ubuntu 20.04 2004 zypper in -t patch suse-ubu204ct-client-tools-202404-15254=1 ## Package List: * SUSE Manager Client Tools for Ubuntu 20.04 2004 (all) * salt-common-3006.0+ds-1+2.122.2 * salt-minion-3006.0+ds-1+2.122.2 * scap-security-guide-ubuntu-0.1.71-2.41.2 * spacecmd-4.3.27-2.81.2 ## References: * https://www.suse.com/security/cve/CVE-2024-22231.html * https://www.suse.com/security/cve/CVE-2024-22232.html * https://bugzilla.suse.com/show_bug.cgi?id=1211649 * https://bugzilla.suse.com/show_bug.cgi?id=1211888 * https://bugzilla.suse.com/show_bug.cgi?id=1216850 * https://bugzilla.suse.com/show_bug.cgi?id=1218482 * https://bugzilla.suse.com/show_bug.cgi?id=1219001 * https://bugzilla.suse.com/show_bug.cgi?id=1219430 * https://bugzilla.suse.com/show_bug.cgi?id=1219431 * https://jira.suse.com/browse/ECO-3319 * https://jira.suse.com/browse/MSQA-760 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 6 12:31:11 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 06 May 2024 12:31:11 -0000 Subject: SUSE-SU-2024:1509-1: important: Security update for SUSE Manager Client Tools Message-ID: <171499867161.9288.18068556924602677706@smelt2.prg2.suse.org> # Security update for SUSE Manager Client Tools Announcement ID: SUSE-SU-2024:1509-1 Rating: important References: * bsc#1008037 * bsc#1008038 * bsc#1010940 * bsc#1019021 * bsc#1038785 * bsc#1059235 * bsc#1099805 * bsc#1166389 * bsc#1171823 * bsc#1174145 * bsc#1174302 * bsc#1175993 * bsc#1177948 * bsc#1216854 * bsc#1219002 * bsc#1219912 * bsc#1221092 * bsc#1221465 * bsc#1222155 * jsc#MSQA-760 Cross-References: * CVE-2016-8614 * CVE-2016-8628 * CVE-2016-8647 * CVE-2016-9587 * CVE-2017-7550 * CVE-2018-10874 * CVE-2020-10744 * CVE-2020-14330 * CVE-2020-14332 * CVE-2020-14365 * CVE-2020-1753 * CVE-2023-5764 * CVE-2023-6152 * CVE-2024-0690 * CVE-2024-1313 CVSS scores: * CVE-2016-8614 ( NVD ): 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2016-8628 ( NVD ): 9.1 CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H * CVE-2016-8647 ( NVD ): 4.9 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N * CVE-2016-8647 ( NVD ): 2.2 CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:N * CVE-2016-9587 ( NVD ): 8.1 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2017-7550 ( SUSE ): 8.5 CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2017-7550 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2017-7550 ( NVD ): 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2018-10874 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2018-10874 ( NVD ): 7.8 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2020-10744 ( SUSE ): 5.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L * CVE-2020-10744 ( NVD ): 5.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L * CVE-2020-14330 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2020-14330 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2020-14332 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2020-14332 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2020-14365 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2020-14365 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2020-1753 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2023-5764 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N * CVE-2023-5764 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6152 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2024-0690 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0690 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-1313 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N Affected Products: * openSUSE Leap 15.3 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 * SUSE Linux Enterprise Desktop 15 SP1 * SUSE Linux Enterprise Desktop 15 SP2 * SUSE Linux Enterprise Desktop 15 SP3 * SUSE Linux Enterprise Desktop 15 SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 * SUSE Linux Enterprise High Performance Computing 15 SP1 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.0 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP1 * SUSE Linux Enterprise Real Time 15 SP2 * SUSE Linux Enterprise Real Time 15 SP3 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 * SUSE Linux Enterprise Server 15 SP1 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 * SUSE Linux Enterprise Server for SAP Applications 15 SP1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Client Tools for SLE 15 * SUSE Manager Client Tools for SLE Micro 5 * SUSE Manager Proxy 4.3 * SUSE Manager Proxy 4.3 Module 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Package Hub 15 15-SP5 An update that solves 15 vulnerabilities, contains one feature and has four security fixes can now be installed. ## Description: This update fixes the following issues: POS_Image-Graphical7 was updated to version 0.1.1710765237.46af599: * Version 0.1.1710765237.46af599 * Moved image services to dracut-saltboot package * Use salt bundle * Version 0.1.1645440615.7f1328c * Removed deprecated kiwi functions POS_Image-JeOS7 was updated to version 0.1.1710765237.46af599: * Version 0.1.1710765237.46af599 * Moved image services to dracut-saltboot package * Use salt bundle * Version 0.1.1645440615.7f1328c * Removed deprecated kiwi functions ansible received the following fixes: * Security issues fixed: * CVE-2023-5764: Address issues where internal templating can cause unsafe variables to lose their unsafe designation (bsc#1216854) * Breaking changes: assert - Nested templating may result in an inability for the conditional to be evaluated. See the porting guide for more information. * CVE-2024-0690: Address issue where ANSIBLE_NO_LOG was ignored (bsc#1219002) * CVE-2020-14365: Ensure that packages are GPG validated (bsc#1175993) * CVE-2020-10744: Fixed insecure temporary directory creation (bsc#1171823) * CVE-2018-10874: Fixed inventory variables loading from current working directory when running ad-hoc command that can lead to code execution (bsc#1099805) * Bugs fixed: * Don't Require python-coverage, it is needed only for testing (bsc#1177948) dracut-saltboot was updated to version 0.1.1710765237.46af599: * Version 0.1.1710765237.46af599 * Load only first available leaseinfo (bsc#1221092) * Version 0.1.1681904360.84ef141 grafana was updated to version 9.5.18: * Grafana now requires Go 1.20 * Security issues fixed: * CVE-2024-1313: Require same organisation when deleting snapshots (bsc#1222155) * CVE-2023-6152: Add email verification when updating user email (bsc#1219912) * Other non-security related changes: * Version 9.5.17: * [FEATURE] Alerting: Backport use Alertmanager API v2 * Version 9.5.16: * [BUGFIX] Annotations: Split cleanup into separate queries and deletes to avoid deadlocks on MySQL * Version 9.5.15: * [FEATURE] Alerting: Attempt to retry retryable errors * Version 9.5.14: * [BUGFIX] Alerting: Fix state manager to not keep datasource_uid and ref_id labels in state after Error * [BUGFIX] Transformations: Config overrides being lost when config from query transform is applied * [BUGFIX] LDAP: Fix enable users on successfull login * Version 9.5.13: * [BUGFIX] BrowseDashboards: Only remember the most recent expanded folder * [BUGFIX] Licensing: Pass func to update env variables when starting plugin * Version 9.5.12: * [FEATURE] Azure: Add support for Workload Identity authentication * Version 9.5.9: * [FEATURE] SSE: Fix DSNode to not panic when response has empty response * [FEATURE] Prometheus: Handle the response with different field key order * [BUGFIX] LDAP: Fix user disabling mgr-daemon was updated to version 4.3.9-0: * Version 4.3.9-0 * Update translation strings spacecmd was updated to version 4.3.27-0: * Version 4.3.27-0 * Update translation strings spacewalk-client-tools was updated to version 4.3.19-0: * Version 4.3.19-0 * Update translation strings spacewalk-koan was updated to version version 4.3.6-0: * Version 4.3.6-0 * Change Docker image location for test uyuni-common-libs was updated to version 4.3.10-0: * Version 4.3.10-0 * Add support for package signature type V4 RSA/SHA384 * Add support for package signature type V4 RSA/SHA512 (bsc#1221465) uyuni-proxy-systemd-services was updated to version 4.3.12-0: * Version 4.3.12-0 * Update to SUSE Manager 4.3.12 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1509=1 * SUSE Manager Client Tools for SLE 15 zypper in -t patch SUSE-SLE-Manager-Tools-15-2024-1509=1 * SUSE Manager Client Tools for SLE Micro 5 zypper in -t patch SUSE-SLE-Manager-Tools-For-Micro-5-2024-1509=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-1509=1 * SUSE Manager Proxy 4.3 Module 4.3 zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Proxy-4.3-2024-1509=1 ## Package List: * openSUSE Leap 15.5 (noarch) * POS_Image-JeOS7-0.1.1710765237.46af599-150000.1.21.2 * ansible-2.9.27-150000.1.17.2 * ansible-test-2.9.27-150000.1.17.2 * ansible-doc-2.9.27-150000.1.17.2 * spacecmd-4.3.27-150000.3.116.2 * POS_Image-Graphical7-0.1.1710765237.46af599-150000.1.21.2 * dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * golang-github-prometheus-promu-0.14.0-150000.3.18.2 * SUSE Manager Client Tools for SLE 15 (noarch) * python3-spacewalk-koan-4.3.6-150000.3.33.2 * POS_Image-JeOS7-0.1.1710765237.46af599-150000.1.21.2 * ansible-2.9.27-150000.1.17.2 * python3-spacewalk-client-setup-4.3.19-150000.3.89.2 * spacewalk-client-tools-4.3.19-150000.3.89.2 * uyuni-proxy-systemd-services-4.3.12-150000.1.21.2 * mgr-daemon-4.3.9-150000.1.47.2 * ansible-doc-2.9.27-150000.1.17.2 * spacewalk-koan-4.3.6-150000.3.33.2 * spacecmd-4.3.27-150000.3.116.2 * POS_Image-Graphical7-0.1.1710765237.46af599-150000.1.21.2 * spacewalk-client-setup-4.3.19-150000.3.89.2 * python3-spacewalk-check-4.3.19-150000.3.89.2 * python3-spacewalk-client-tools-4.3.19-150000.3.89.2 * dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2 * spacewalk-check-4.3.19-150000.3.89.2 * SUSE Manager Client Tools for SLE 15 (aarch64 ppc64le s390x x86_64) * grafana-debuginfo-9.5.18-150000.1.63.2 * python3-uyuni-common-libs-4.3.10-150000.1.39.2 * grafana-9.5.18-150000.1.63.2 * SUSE Manager Client Tools for SLE Micro 5 (noarch) * uyuni-proxy-systemd-services-4.3.12-150000.1.21.2 * dracut-saltboot-0.1.1710765237.46af599-150000.1.53.2 * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x x86_64) * golang-github-prometheus-promu-0.14.0-150000.3.18.2 * SUSE Manager Proxy 4.3 Module 4.3 (noarch) * ansible-2.9.27-150000.1.17.2 * ansible-doc-2.9.27-150000.1.17.2 * uyuni-proxy-systemd-services-4.3.12-150000.1.21.2 ## References: * https://www.suse.com/security/cve/CVE-2016-8614.html * https://www.suse.com/security/cve/CVE-2016-8628.html * https://www.suse.com/security/cve/CVE-2016-8647.html * https://www.suse.com/security/cve/CVE-2016-9587.html * https://www.suse.com/security/cve/CVE-2017-7550.html * https://www.suse.com/security/cve/CVE-2018-10874.html * https://www.suse.com/security/cve/CVE-2020-10744.html * https://www.suse.com/security/cve/CVE-2020-14330.html * https://www.suse.com/security/cve/CVE-2020-14332.html * https://www.suse.com/security/cve/CVE-2020-14365.html * https://www.suse.com/security/cve/CVE-2020-1753.html * https://www.suse.com/security/cve/CVE-2023-5764.html * https://www.suse.com/security/cve/CVE-2023-6152.html * https://www.suse.com/security/cve/CVE-2024-0690.html * https://www.suse.com/security/cve/CVE-2024-1313.html * https://bugzilla.suse.com/show_bug.cgi?id=1008037 * https://bugzilla.suse.com/show_bug.cgi?id=1008038 * https://bugzilla.suse.com/show_bug.cgi?id=1010940 * https://bugzilla.suse.com/show_bug.cgi?id=1019021 * https://bugzilla.suse.com/show_bug.cgi?id=1038785 * https://bugzilla.suse.com/show_bug.cgi?id=1059235 * https://bugzilla.suse.com/show_bug.cgi?id=1099805 * https://bugzilla.suse.com/show_bug.cgi?id=1166389 * https://bugzilla.suse.com/show_bug.cgi?id=1171823 * https://bugzilla.suse.com/show_bug.cgi?id=1174145 * https://bugzilla.suse.com/show_bug.cgi?id=1174302 * https://bugzilla.suse.com/show_bug.cgi?id=1175993 * https://bugzilla.suse.com/show_bug.cgi?id=1177948 * https://bugzilla.suse.com/show_bug.cgi?id=1216854 * https://bugzilla.suse.com/show_bug.cgi?id=1219002 * https://bugzilla.suse.com/show_bug.cgi?id=1219912 * https://bugzilla.suse.com/show_bug.cgi?id=1221092 * https://bugzilla.suse.com/show_bug.cgi?id=1221465 * https://bugzilla.suse.com/show_bug.cgi?id=1222155 * https://jira.suse.com/browse/MSQA-760 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 6 12:31:15 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 06 May 2024 12:31:15 -0000 Subject: SUSE-SU-2024:1508-1: moderate: Security update for SUSE Manager Client Tools Message-ID: <171499867557.9288.16538518017350094204@smelt2.prg2.suse.org> # Security update for SUSE Manager Client Tools Announcement ID: SUSE-SU-2024:1508-1 Rating: moderate References: * bsc#1219912 * bsc#1221465 * bsc#1222155 * jsc#MSQA-760 * jsc#PED-7893 * jsc#PED-7928 Cross-References: * CVE-2023-6152 * CVE-2024-1313 CVSS scores: * CVE-2023-6152 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2024-1313 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N Affected Products: * SUSE Linux Enterprise Desktop 12 * SUSE Linux Enterprise Desktop 12 SP1 * SUSE Linux Enterprise Desktop 12 SP2 * SUSE Linux Enterprise Desktop 12 SP3 * SUSE Linux Enterprise Desktop 12 SP4 * SUSE Linux Enterprise High Performance Computing 12 SP2 * SUSE Linux Enterprise High Performance Computing 12 SP3 * SUSE Linux Enterprise High Performance Computing 12 SP4 * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 * SUSE Linux Enterprise Server 12 SP1 * SUSE Linux Enterprise Server 12 SP2 * SUSE Linux Enterprise Server 12 SP3 * SUSE Linux Enterprise Server 12 SP4 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 * SUSE Linux Enterprise Server for SAP Applications 12 SP1 * SUSE Linux Enterprise Server for SAP Applications 12 SP2 * SUSE Linux Enterprise Server for SAP Applications 12 SP3 * SUSE Linux Enterprise Server for SAP Applications 12 SP4 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Server for the Raspberry Pi 12-SP2 * SUSE Manager Client Tools for SLE 12 An update that solves two vulnerabilities, contains three features and has one security fix can now be installed. ## Description: This update fixes the following issues: golang-github-prometheus-node_exporter: * Update to 1.7.0 (jsc#PED-7893, jsc#PED-7928): * [FEATURE] Add ZFS freebsd per dataset stats #2753 * [FEATURE] Add cpu vulnerabilities reporting from sysfs #2721 * [ENHANCEMENT] Parallelize stat calls in Linux filesystem collector #1772 * [ENHANCEMENT] Add missing linkspeeds to ethtool collector #2711 * [ENHANCEMENT] Add CPU MHz as the value for node_cpu_info metric #2778 * [ENHANCEMENT] Improve qdisc collector performance #2779 * [ENHANCEMENT] Add include and exclude filter for hwmon collector #2699 * [ENHANCEMENT] Optionally fetch ARP stats via rtnetlink instead of procfs #2777 * [BUFFIX] Fix ZFS arcstats on FreeBSD 14.0+ 2754 * [BUGFIX] Fallback to 32-bit stats in netdev #2757 * [BUGFIX] Close btrfs.FS handle after use #2780 * [BUGFIX] Move RO status before error return #2807 * [BUFFIX] Fix promhttp_metric_handler_errors_total being always active #2808 * [BUGFIX] Fix nfsd v4 index miss #2824 * Update to 1.6.1: (no source code changes in this release) * BuildRequire go1.20 * Update to 1.6.0: * [CHANGE] Fix cpustat when some cpus are offline #2318 * [CHANGE] Remove metrics of offline CPUs in CPU collector #2605 * [CHANGE] Deprecate ntp collector #2603 * [CHANGE] Remove bcache `cache_readaheads_totals` metrics #2583 * [CHANGE] Deprecate supervisord collector #2685 * [FEATURE] Enable uname collector on NetBSD #2559 * [FEATURE] NetBSD support for the meminfo collector #2570 * [FEATURE] NetBSD support for CPU collector #2626 * [FEATURE] Add FreeBSD collector for netisr subsystem #2668 * [FEATURE] Add softirqs collector #2669 * [ENHANCEMENT] Add suspended as a `node_zfs_zpool_state` #2449 * [ENHANCEMENT] Add administrative state of Linux network interfaces #2515 * [ENHANCEMENT] Log current value of GOMAXPROCS #2537 * [ENHANCEMENT] Add profiler options for perf collector #2542 * [ENHANCEMENT] Allow root path as metrics path #2590 * [ENHANCEMENT] Add cpu frequency governor metrics #2569 * [ENHANCEMENT] Add new landing page #2622 * [ENHANCEMENT] Reduce privileges needed for btrfs device stats #2634 * [ENHANCEMENT] Add ZFS `memory_available_bytes` #2687 * [ENHANCEMENT] Use `SCSI_IDENT_SERIAL` as serial in diskstats #2612 * [ENHANCEMENT] Read missing from netlink netclass attributes from sysfs #2669 * [BUGFIX] perf: fixes for automatically detecting the correct tracefs mountpoints #2553 * [BUGFIX] Fix `thermal_zone` collector noise @2554 * [BUGFIX] Fix a problem fetching the user wire count on FreeBSD 2584 * [BUGFIX] interrupts: Fix fields on linux aarch64 #2631 * [BUGFIX] Remove metrics of offline CPUs in CPU collector #2605 * [BUGFIX] Fix OpenBSD filesystem collector string parsing #2637 * [BUGFIX] Fix bad reporting of `node_cpu_seconds_total` in OpenBSD #2663 * Change go_modules archive in _service to use obscpio file grafana: * Packaging improvements: * Changed deprecated `disabled` service mode to `manual` * Drop golang-packaging macros * Drop explicit mod=vendor as it is enabled automatically * Update to version 9.5.18: * [SECURITY] CVE-2024-1313: Require same organisation when deleting snapshots (bsc#1222155) * Update to version 9.5.17: * [FEATURE] Alerting: Backport use Alertmanager API v2 * Require Go 1.20 * Update to version 9.5.16: * [SECURITY] CVE-2023-6152: Add email verification when updating user email (bsc#1219912) * [BUGFIX] Annotations: Split cleanup into separate queries and deletes to avoid deadlocks on MySQL * Update to version 9.5.15: * [FEATURE] Alerting: Attempt to retry retryable errors * Update to version 9.5.14: * [BUGFIX] Alerting: Fix state manager to not keep datasource_uid and ref_id labels in state after Error * [BUGFIX] Transformations: Config overrides being lost when config from query transform is applied * [BUGFIX] LDAP: Fix enable users on successfull login * Update to version 9.5.13: * [BUGFIX] BrowseDashboards: Only remember the most recent expanded folder * [BUGFIX] Licensing: Pass func to update env variables when starting plugin * Update to version 9.5.12: * [FEATURE] Azure: Add support for Workload Identity authentication * Update to version 9.5.9: * [FEATURE] SSE: Fix DSNode to not panic when response has empty response * [FEATURE] Prometheus: Handle the response with different field key order * [BUGFIX] LDAP: Fix user disabling mgr-daemon: * Version 4.3.9-0 * Update translation strings spacecmd: * Version 4.3.27-0 * Update translation strings spacewalk-client-tools: * Version 4.3.19-0 * Update translation strings spacewalk-koan: * Version 4.3.6-0 * Change Docker image location for test uyuni-common-libs: * Version 4.3.10-0 * Add support for package signature type V4 RSA/SHA384 * Add support for package signature type V4 RSA/SHA512 (bsc#1221465) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Client Tools for SLE 12 zypper in -t patch SUSE-SLE-Manager-Tools-12-2024-1508=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1508=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1508=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1508=1 ## Package List: * SUSE Manager Client Tools for SLE 12 (aarch64 ppc64le s390x x86_64) * golang-github-prometheus-promu-0.14.0-1.18.1 * golang-github-prometheus-alertmanager-0.26.0-1.27.2 * golang-github-prometheus-node_exporter-1.7.0-1.30.2 * python2-uyuni-common-libs-4.3.10-1.39.1 * grafana-9.5.18-1.63.1 * SUSE Manager Client Tools for SLE 12 (noarch) * spacewalk-client-setup-4.3.19-52.98.1 * spacecmd-4.3.27-38.139.1 * python2-spacewalk-client-tools-4.3.19-52.98.1 * spacewalk-client-tools-4.3.19-52.98.1 * python2-spacewalk-check-4.3.19-52.98.1 * spacewalk-koan-4.3.6-24.36.1 * spacewalk-check-4.3.19-52.98.1 * mgr-daemon-4.3.9-1.47.1 * python2-spacewalk-koan-4.3.6-24.36.1 * python2-spacewalk-client-setup-4.3.19-52.98.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * golang-github-prometheus-node_exporter-1.7.0-1.30.2 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * golang-github-prometheus-node_exporter-1.7.0-1.30.2 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * golang-github-prometheus-node_exporter-1.7.0-1.30.2 ## References: * https://www.suse.com/security/cve/CVE-2023-6152.html * https://www.suse.com/security/cve/CVE-2024-1313.html * https://bugzilla.suse.com/show_bug.cgi?id=1219912 * https://bugzilla.suse.com/show_bug.cgi?id=1221465 * https://bugzilla.suse.com/show_bug.cgi?id=1222155 * https://jira.suse.com/browse/MSQA-760 * https://jira.suse.com/browse/PED-7893 * https://jira.suse.com/browse/PED-7928 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 6 12:31:22 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 06 May 2024 12:31:22 -0000 Subject: SUSE-SU-2024:1507-1: moderate: Maintenance update for SUSE Manager 4.3: Server, Proxy and Retail Branch Server Message-ID: <171499868297.9288.12237713955843375058@smelt2.prg2.suse.org> # Maintenance update for SUSE Manager 4.3: Server, Proxy and Retail Branch Server Announcement ID: SUSE-SU-2024:1507-1 Rating: moderate References: * bsc#1170848 * bsc#1208572 * bsc#1214340 * bsc#1214387 * bsc#1216085 * bsc#1217204 * bsc#1217874 * bsc#1218764 * bsc#1218805 * bsc#1218931 * bsc#1218957 * bsc#1219061 * bsc#1219233 * bsc#1219634 * bsc#1219875 * bsc#1220101 * bsc#1220169 * bsc#1220194 * bsc#1220221 * bsc#1220376 * bsc#1220705 * bsc#1220726 * bsc#1220903 * bsc#1220980 * bsc#1221111 * bsc#1221182 * bsc#1221279 * bsc#1221465 * bsc#1221571 * bsc#1221784 * bsc#1221922 * bsc#1222110 * bsc#1222347 * jsc#MSQA-760 Cross-References: * CVE-2023-51775 CVSS scores: * CVE-2023-51775 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Manager Proxy 4.3 * SUSE Manager Proxy 4.3 Module 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 * SUSE Manager Server 4.3 Module 4.3 An update that solves one vulnerability, contains one feature and has 32 security fixes can now be installed. ## Recommended update for SUSE Manager Proxy and Retail Branch Server 4.3 ### Description: This update fixes the following issues: mgr-daemon: * Version 4.3.9-0 * Update translation strings spacecmd: * Version 4.3.27-0 * Update translation strings spacewalk-backend: * Version 4.3.28-0 * Strip whitespace from .deb package metadata (bsc#1214387) * Fix inserting NULL into some columns during ISSv1 sync (bsc#1220980) * Add support for package signature type V4 RSA/SHA512 (bsc#1221465) * Unquote HTML-encoded credentials before synchronizing repositories (bsc#1217204) spacewalk-certs-tools: * Version 4.3.23-0 * Fix liberty bootstrapping when zypper is installed (bsc#1222347) * Apply reboot method changes for transactional systems in the bootstrap script spacewalk-client-tools: * Version 4.3.19-0 * Update translation strings spacewalk-web: * Version 4.3.38-0 * Upgrade json5 to 2.2.3 * Upgrade semver to 7.6.0 * Add one-shot action execution to recurring custom state create/edit * Add two filters for rpmlint in package spacewalk-web: explicit-lib- dependency and filename-too-long-for-joliet * Fix virtual systems filters (bsc#1208572) * Improve CLM Create New Filter button * Bump the WebUI version to 4.3.12 uyuni-common-libs: * Version 4.3.10-0 * Add support for package signature type V4 RSA/SHA384 * Add support for package signature type V4 RSA/SHA512 (bsc#1221465) uyuni-proxy-systemd-services: * Version 4.3.12-0 * Update to SUSE Manager 4.3.12 * Version 4.3.11-1 * Update the image version How to apply this update: 1. Log in as root user to the SUSE Manager Proxy or Retail Branch Server. 2. Stop the proxy service: `spacewalk-proxy stop` 3. Apply the patch using either zypper patch or YaST Online Update. 4. Start the Spacewalk service: `spacewalk-proxy start` ## Security update for SUSE Manager Server 4.3 ### Description: This update fixes the following issues: cobbler: * Provide option to use pre-built GRUB bootloader * Prevent parallel executions of cobbler sync actions (bsc#1218764) image-sync-formula: * Update to version 0.1.1711646883.4a44375 * Add missing URL tag * Update license to SPDX syntax inter-server-sync: * Version 0.3.3-1 * Correct primary key export for table suseproductsccrepository (bsc#1220169) jose4j: * CVE-2023-51775: Fix denial of service (CPU consumption) via a large p2c (aka PBES2 Count) value (bsc#1220726) smdba: * Version 1.7.13 * postmaster no longer exists from >=16 and it's an alias for postgresql, using postgresql command spacecmd: * Version 4.3.27-0 * Update translation strings spacewalk-backend: * Version 4.3.28-0 * Strip whitespace from .deb package metadata (bsc#1214387) * Fix inserting NULL into some columns during ISSv1 sync (bsc#1220980) * Add support for package signature type V4 RSA/SHA512 (bsc#1221465) * Unquote HTML-encoded credentials before synchronizing repositories (bsc#1217204) spacewalk-certs-tools: * Version 4.3.23-0 * Fix liberty bootstrapping when zypper is installed (bsc#1222347) * Apply reboot method changes for transactional systems in the bootstrap script spacewalk-client-tools: * Version 4.3.19-0 * Update translation strings spacewalk-config: * Version 4.3.13-0 * Be explicit about default Apache configs being overwritten on updates and point to making custom configs. (bsc#1219061) spacewalk-java: * Version 4.3.73-0 * New API endpoint for getRelevantErrata. It takes multiple servers as argument and it returns an array of maps representing the errata that can be applied to each system * Version 4.3.72-0 * Use execution module call to detect client instance flavor (PAYG/BYOS) in public cloud (bsc#1218805) * Update help text for the custom repo filter field (bsc#1217874) * Fix issue where Salt cannot access autoinstallation files (bsc#1220221) * Fix issue when checking for credential duplication (bsc#1218957) * Fix matching epoch while creating Ubuntu erratas * When an action that belongs to an action chain is unscheduled, unschedule the action chain as well (bsc#1221784) * Reschedule failed SSH actions caused by a connection error due to a scheduled reboot * Fix removal of old IPv6 addresses (bsc#1214340) * Do not automatically add child channels outside of selected base channel (bsc#1220101) * Fix listProxies API call (bsc#1219233) * Fix system.provisionSystem when called via HTTP API (bsc#1219875) * Remove package sync not available message in Software > Packages > Profile since it is no longer available for supported clients (bsc#1221279) * Fix login for read-only users when using HTTP API (bsc#1221111) * Add one-shot action execution to recurring custom state create/edit * Fix a typo in 'Deploy Files' page * Drop system password as identifier on SCC system registration (bsc#1219634, bsc#1221182) * Fix memory size extraction in virtual instances (bsc#1219634) * Fix virtual systems filters (bsc#1208572) * Update license to include the year 2024 * Add timeout for SMTP server connection (bsc#1218931) * Commit Salt event removal in case of process failure (bsc#1218931) * Users with API read only are only allowed to make GET requests * Ignore retry suffix when getting recurring action id from schedule name * Sort CLM project filters by filter name spacewalk-web: * Version 4.3.38-0 * Upgrade json5 to 2.2.3 * Upgrade semver to 7.6.0 * Add one-shot action execution to recurring custom state create/edit * Fix virtual systems filters (bsc#1208572) * Improve CLM Create New Filter button * Bump the WebUI version to 4.3.12 subscription-matcher: * Version 0.37 * add missing part number (bsc#1221922) * Fix penalties logging by initializing the score director consistently * Removed wrong apache-commons-lang dependency * Version 0.36 * Fixed Log4j 2 initialization supportutils-plugin-susemanager: * Version 4.3.11-0 * Add Salt and Reposync connections to minimum required DB connections calculation susemanager: * Version 4.3.35-0 * Add bootstrap repository definition for openSUSE Leap 15.6 * Add bootstrap repository definition for SUSE Linux Enterprise 15 SP6 susemanager-docs_en: * Removed Debian 10 from the list of supported clients * Added new workflow describing updating of clients using recurring actions to Commown Workflows * Added documentation on adding a storage device for VMWare * Documented registercloudguest tools for registering public cloud installation (BYOS) by adding a reference to the Public Cloud Guide * Added information about requirements for the PostgreSQL database to the Installation and Upgrade Guide (bsc#1220376) * Fixed the instructions for SSL Certificates (bsc#1219061) * Remove package sync paragraph in package-management doc since it is not available for Salt clients and traditional clients are no longer supported (bsc#1221279) * Fixed incorrect reference to SUSE Linux Enterprise Server 15 SP5 as base product for SUSE Manager 4.3, even in public cloud * Updated VM based installation for 4.3 VM image with ignition or cloudinit in Installation and Upgrade Guide * Added reference from Hub documentation to Inter-Server Synchronization in Large Deployment Guide * Documented Virtualization Guest and Virtualization Host Formula * Reformatted Supported Clients tables in Client Configuration Guide and Installation and Upgrade Guide * Add documentation about SMTP timeout configuration * Documented SSH key rotation in Salt Guide (bsc#1170848) * Documented liberate formula in Salt Guide * Fixed Prepare on-demand images section in Client Configuration * Fixed a changed configuration parameter for salt-ssh * Added Pay-as-you-go on the Cloud: FAQ document * Updated max-connections tuning recommendation in Large Deployment * Added troubleshooting instructions for setting up in public cloud (BYOS) to Administration Guide * Added section about migrating Enterprise Linux (EL) clients to SUSE Liberty Linux to Client Configuration Guide * Added detailed information about the messages produced by subscription matcher * Added Pay-as-you-go as supported service on Azure to the Public Cloud Guide * Added and fixed configuration details in Troubleshooting Renaming Server in Administration Guide susemanager-schema: * Version 4.3.25-0 * Add update-salt to internal state table susemanager-sls: * Version 4.3.41-0 * Use execution module call to detect client instance flavor (PAYG/BYOS) in public cloud (bsc#1218805) * Do not log dnf needs-restarting output in Salt's log (bsc#1220194) * Dynamically load an SELinux policy for "Push via SSH tunnel" for SELinux enabled clients. This policy allows communication over a custom SSH port * Fix reboot needed detection for SUSE systems * Fix SUSE Liberty Linux bootstrapping when Zypper is installed (bsc#1222347) * Distinguish between different SUSE versions when detecting if a reboot is needed (bsc#1220903, bsc#1221571) * Improve updatestack update in uptodate state * Add a standalone update-salt state * Add pillar check to skip reboot_if_needed state * Recognize .tar.xz and .ext4 image files (bsc#1216085) * Avoid issues on reactivating traditional clients as Salt managed * Fix the case of missing requisites on bootstrap (bsc#1220705) susemanager-sync-data: * Version 4.3.17-0 * AlmaLinux 9 PowerTools was renamed into CRB (bsc#1222110) uyuni-common-libs: * Version 4.3.10-0 * Add support for package signature type V4 RSA/SHA384 * Add support for package signature type V4 RSA/SHA512 (bsc#1221465) uyuni-reportdb-schema: * Version 4.3.10-0 * Provide reportdb upgrade schema path structure How to apply this update: 1. Log in as root user to the SUSE Manager Server. 2. Stop the Spacewalk service: `spacewalk-service stop` 3. Apply the patch using either zypper patch or YaST Online Update. 4. Start the Spacewalk service: `spacewalk-service start` ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Proxy 4.3 Module 4.3 zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Proxy-4.3-2024-1507=1 * SUSE Manager Server 4.3 Module 4.3 zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Server-4.3-2024-1507=1 ## Package List: * SUSE Manager Proxy 4.3 Module 4.3 (noarch) * spacewalk-base-minimal-4.3.38-150400.3.42.6 * python3-spacewalk-certs-tools-4.3.23-150400.3.28.5 * python3-spacewalk-client-setup-4.3.19-150400.3.27.5 * python3-spacewalk-client-tools-4.3.19-150400.3.27.5 * mgr-daemon-4.3.9-150400.3.15.5 * spacewalk-backend-4.3.28-150400.3.41.7 * spacecmd-4.3.27-150400.3.36.5 * spacewalk-certs-tools-4.3.23-150400.3.28.5 * spacewalk-client-setup-4.3.19-150400.3.27.5 * spacewalk-client-tools-4.3.19-150400.3.27.5 * python3-spacewalk-check-4.3.19-150400.3.27.5 * spacewalk-check-4.3.19-150400.3.27.5 * spacewalk-base-minimal-config-4.3.38-150400.3.42.6 * SUSE Manager Proxy 4.3 Module 4.3 (x86_64) * python3-uyuni-common-libs-4.3.10-150400.3.18.4 * SUSE Manager Server 4.3 Module 4.3 (noarch) * spacewalk-java-lib-4.3.73-150400.3.79.1 * susemanager-docs_en-4.3-150400.9.56.4 * spacewalk-backend-package-push-server-4.3.28-150400.3.41.7 * spacewalk-backend-4.3.28-150400.3.41.7 * spacewalk-java-4.3.73-150400.3.79.1 * spacewalk-backend-iss-export-4.3.28-150400.3.41.7 * spacewalk-backend-xmlrpc-4.3.28-150400.3.41.7 * spacewalk-base-4.3.38-150400.3.42.6 * spacewalk-taskomatic-4.3.73-150400.3.79.1 * spacewalk-backend-sql-4.3.28-150400.3.41.7 * spacewalk-backend-sql-postgresql-4.3.28-150400.3.41.7 * python3-spacewalk-certs-tools-4.3.23-150400.3.28.5 * python3-spacewalk-client-tools-4.3.19-150400.3.27.5 * susemanager-docs_en-pdf-4.3-150400.9.56.4 * jose4j-0.5.1-150400.3.9.4 * spacewalk-backend-config-files-tool-4.3.28-150400.3.41.7 * spacecmd-4.3.27-150400.3.36.5 * spacewalk-certs-tools-4.3.23-150400.3.28.5 * susemanager-schema-4.3.25-150400.3.39.5 * spacewalk-backend-config-files-common-4.3.28-150400.3.41.7 * supportutils-plugin-susemanager-4.3.11-150400.3.21.4 * spacewalk-java-config-4.3.73-150400.3.79.1 * image-sync-formula-0.1.1711646883.4a44375-150400.3.18.4 * spacewalk-base-minimal-config-4.3.38-150400.3.42.6 * spacewalk-java-postgresql-4.3.73-150400.3.79.1 * subscription-matcher-0.37-150400.3.22.4 * susemanager-schema-utility-4.3.25-150400.3.39.5 * uyuni-reportdb-schema-4.3.10-150400.3.15.6 * spacewalk-backend-xml-export-libs-4.3.28-150400.3.41.7 * spacewalk-backend-iss-4.3.28-150400.3.41.7 * susemanager-sync-data-4.3.17-150400.3.25.4 * cobbler-3.3.3-150400.5.42.5 * spacewalk-backend-config-files-4.3.28-150400.3.41.7 * spacewalk-backend-applet-4.3.28-150400.3.41.7 * spacewalk-base-minimal-4.3.38-150400.3.42.6 * spacewalk-backend-app-4.3.28-150400.3.41.7 * uyuni-config-modules-4.3.41-150400.3.47.6 * susemanager-sls-4.3.41-150400.3.47.6 * spacewalk-html-4.3.38-150400.3.42.6 * spacewalk-client-tools-4.3.19-150400.3.27.5 * spacewalk-backend-tools-4.3.28-150400.3.41.7 * spacewalk-backend-server-4.3.28-150400.3.41.7 * spacewalk-config-4.3.13-150400.3.15.5 * SUSE Manager Server 4.3 Module 4.3 (ppc64le s390x x86_64) * smdba-1.7.13-0.150400.4.12.4 * susemanager-4.3.35-150400.3.48.6 * inter-server-sync-debuginfo-0.3.3-150400.3.30.4 * inter-server-sync-0.3.3-150400.3.30.4 * susemanager-tools-4.3.35-150400.3.48.6 * python3-uyuni-common-libs-4.3.10-150400.3.18.4 ## References: * https://www.suse.com/security/cve/CVE-2023-51775.html * https://bugzilla.suse.com/show_bug.cgi?id=1170848 * https://bugzilla.suse.com/show_bug.cgi?id=1208572 * https://bugzilla.suse.com/show_bug.cgi?id=1214340 * https://bugzilla.suse.com/show_bug.cgi?id=1214387 * https://bugzilla.suse.com/show_bug.cgi?id=1216085 * https://bugzilla.suse.com/show_bug.cgi?id=1217204 * https://bugzilla.suse.com/show_bug.cgi?id=1217874 * https://bugzilla.suse.com/show_bug.cgi?id=1218764 * https://bugzilla.suse.com/show_bug.cgi?id=1218805 * https://bugzilla.suse.com/show_bug.cgi?id=1218931 * https://bugzilla.suse.com/show_bug.cgi?id=1218957 * https://bugzilla.suse.com/show_bug.cgi?id=1219061 * https://bugzilla.suse.com/show_bug.cgi?id=1219233 * https://bugzilla.suse.com/show_bug.cgi?id=1219634 * https://bugzilla.suse.com/show_bug.cgi?id=1219875 * https://bugzilla.suse.com/show_bug.cgi?id=1220101 * https://bugzilla.suse.com/show_bug.cgi?id=1220169 * https://bugzilla.suse.com/show_bug.cgi?id=1220194 * https://bugzilla.suse.com/show_bug.cgi?id=1220221 * https://bugzilla.suse.com/show_bug.cgi?id=1220376 * https://bugzilla.suse.com/show_bug.cgi?id=1220705 * https://bugzilla.suse.com/show_bug.cgi?id=1220726 * https://bugzilla.suse.com/show_bug.cgi?id=1220903 * https://bugzilla.suse.com/show_bug.cgi?id=1220980 * https://bugzilla.suse.com/show_bug.cgi?id=1221111 * https://bugzilla.suse.com/show_bug.cgi?id=1221182 * https://bugzilla.suse.com/show_bug.cgi?id=1221279 * https://bugzilla.suse.com/show_bug.cgi?id=1221465 * https://bugzilla.suse.com/show_bug.cgi?id=1221571 * https://bugzilla.suse.com/show_bug.cgi?id=1221784 * https://bugzilla.suse.com/show_bug.cgi?id=1221922 * https://bugzilla.suse.com/show_bug.cgi?id=1222110 * https://bugzilla.suse.com/show_bug.cgi?id=1222347 * https://jira.suse.com/browse/MSQA-760 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 6 12:31:30 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 06 May 2024 12:31:30 -0000 Subject: SUSE-SU-2024:1500-1: moderate: Security update for avahi Message-ID: <171499869018.9288.4852425702793479205@smelt2.prg2.suse.org> # Security update for avahi Announcement ID: SUSE-SU-2024:1500-1 Rating: moderate References: * bsc#1215947 * bsc#1216853 Cross-References: * CVE-2023-38470 * CVE-2023-38472 CVSS scores: * CVE-2023-38470 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-38470 ( NVD ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-38472 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-38472 ( NVD ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 * SUSE Linux Enterprise Workstation Extension 12 12-SP5 An update that solves two vulnerabilities can now be installed. ## Description: This update for avahi fixes the following issues: * CVE-2023-38472: Fixed denial of service due to a reachable assertion found in avahi_rdata_parse (bsc#1216853) * CVE-2023-38470: Fixed denial of service due to a reachable assertion found in avahi_escape_label (bsc#1215947) * * * ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Workstation Extension 12 12-SP5 zypper in -t patch SUSE-SLE-WE-12-SP5-2024-1500=1 * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-1500=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1500=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1500=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1500=1 ## Package List: * SUSE Linux Enterprise Workstation Extension 12 12-SP5 (x86_64) * libavahi-ui-gtk3-0-0.6.32-32.27.1 * libavahi-ui0-0.6.32-32.27.1 * avahi-glib2-debugsource-0.6.32-32.27.1 * libavahi-ui0-debuginfo-0.6.32-32.27.1 * libavahi-ui-gtk3-0-debuginfo-0.6.32-32.27.1 * libavahi-gobject0-debuginfo-0.6.32-32.27.1 * libavahi-gobject0-0.6.32-32.27.1 * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * avahi-debugsource-0.6.32-32.27.1 * libhowl0-0.6.32-32.27.1 * typelib-1_0-Avahi-0_6-0.6.32-32.27.1 * libhowl0-debuginfo-0.6.32-32.27.1 * libavahi-gobject0-debuginfo-0.6.32-32.27.1 * avahi-debuginfo-0.6.32-32.27.1 * libavahi-ui-gtk3-0-0.6.32-32.27.1 * libavahi-ui0-0.6.32-32.27.1 * avahi-glib2-debugsource-0.6.32-32.27.1 * libavahi-ui0-debuginfo-0.6.32-32.27.1 * libavahi-devel-0.6.32-32.27.1 * avahi-compat-howl-devel-0.6.32-32.27.1 * libavahi-glib-devel-0.6.32-32.27.1 * libavahi-ui-gtk3-0-debuginfo-0.6.32-32.27.1 * avahi-compat-mDNSResponder-devel-0.6.32-32.27.1 * libavahi-gobject-devel-0.6.32-32.27.1 * libavahi-gobject0-0.6.32-32.27.1 * python-avahi-0.6.32-32.27.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * avahi-debugsource-0.6.32-32.27.1 * avahi-0.6.32-32.27.1 * libavahi-client3-0.6.32-32.27.1 * avahi-debuginfo-0.6.32-32.27.1 * libavahi-client3-debuginfo-0.6.32-32.27.1 * libavahi-common3-0.6.32-32.27.1 * avahi-glib2-debugsource-0.6.32-32.27.1 * libavahi-glib1-0.6.32-32.27.1 * libdns_sd-debuginfo-0.6.32-32.27.1 * libavahi-core7-0.6.32-32.27.1 * avahi-utils-debuginfo-0.6.32-32.27.1 * libavahi-glib1-debuginfo-0.6.32-32.27.1 * libdns_sd-0.6.32-32.27.1 * libavahi-core7-debuginfo-0.6.32-32.27.1 * avahi-utils-0.6.32-32.27.1 * libavahi-common3-debuginfo-0.6.32-32.27.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (noarch) * avahi-lang-0.6.32-32.27.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (x86_64) * avahi-debuginfo-32bit-0.6.32-32.27.1 * libavahi-common3-32bit-0.6.32-32.27.1 * libavahi-client3-32bit-0.6.32-32.27.1 * libdns_sd-debuginfo-32bit-0.6.32-32.27.1 * libavahi-common3-debuginfo-32bit-0.6.32-32.27.1 * libavahi-glib1-32bit-0.6.32-32.27.1 * libavahi-glib1-debuginfo-32bit-0.6.32-32.27.1 * libdns_sd-32bit-0.6.32-32.27.1 * libavahi-client3-debuginfo-32bit-0.6.32-32.27.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * avahi-debugsource-0.6.32-32.27.1 * avahi-0.6.32-32.27.1 * libavahi-client3-0.6.32-32.27.1 * avahi-debuginfo-0.6.32-32.27.1 * libavahi-client3-debuginfo-0.6.32-32.27.1 * libavahi-common3-0.6.32-32.27.1 * avahi-glib2-debugsource-0.6.32-32.27.1 * libavahi-glib1-0.6.32-32.27.1 * libdns_sd-debuginfo-0.6.32-32.27.1 * libavahi-core7-0.6.32-32.27.1 * avahi-utils-debuginfo-0.6.32-32.27.1 * libavahi-glib1-debuginfo-0.6.32-32.27.1 * libdns_sd-0.6.32-32.27.1 * libavahi-core7-debuginfo-0.6.32-32.27.1 * avahi-utils-0.6.32-32.27.1 * libavahi-common3-debuginfo-0.6.32-32.27.1 * SUSE Linux Enterprise Server 12 SP5 (noarch) * avahi-lang-0.6.32-32.27.1 * SUSE Linux Enterprise Server 12 SP5 (s390x x86_64) * avahi-debuginfo-32bit-0.6.32-32.27.1 * libavahi-common3-32bit-0.6.32-32.27.1 * libavahi-client3-32bit-0.6.32-32.27.1 * libdns_sd-debuginfo-32bit-0.6.32-32.27.1 * libavahi-common3-debuginfo-32bit-0.6.32-32.27.1 * libavahi-glib1-32bit-0.6.32-32.27.1 * libavahi-glib1-debuginfo-32bit-0.6.32-32.27.1 * libdns_sd-32bit-0.6.32-32.27.1 * libavahi-client3-debuginfo-32bit-0.6.32-32.27.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * avahi-debugsource-0.6.32-32.27.1 * avahi-0.6.32-32.27.1 * libavahi-client3-0.6.32-32.27.1 * avahi-debuginfo-0.6.32-32.27.1 * libavahi-client3-debuginfo-0.6.32-32.27.1 * libavahi-common3-0.6.32-32.27.1 * avahi-glib2-debugsource-0.6.32-32.27.1 * libavahi-glib1-0.6.32-32.27.1 * libdns_sd-debuginfo-0.6.32-32.27.1 * libavahi-core7-0.6.32-32.27.1 * avahi-utils-debuginfo-0.6.32-32.27.1 * libavahi-glib1-debuginfo-0.6.32-32.27.1 * libdns_sd-0.6.32-32.27.1 * libavahi-core7-debuginfo-0.6.32-32.27.1 * avahi-utils-0.6.32-32.27.1 * libavahi-common3-debuginfo-0.6.32-32.27.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (noarch) * avahi-lang-0.6.32-32.27.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (x86_64) * avahi-debuginfo-32bit-0.6.32-32.27.1 * libavahi-common3-32bit-0.6.32-32.27.1 * libavahi-client3-32bit-0.6.32-32.27.1 * libdns_sd-debuginfo-32bit-0.6.32-32.27.1 * libavahi-common3-debuginfo-32bit-0.6.32-32.27.1 * libavahi-glib1-32bit-0.6.32-32.27.1 * libavahi-glib1-debuginfo-32bit-0.6.32-32.27.1 * libdns_sd-32bit-0.6.32-32.27.1 * libavahi-client3-debuginfo-32bit-0.6.32-32.27.1 ## References: * https://www.suse.com/security/cve/CVE-2023-38470.html * https://www.suse.com/security/cve/CVE-2023-38472.html * https://bugzilla.suse.com/show_bug.cgi?id=1215947 * https://bugzilla.suse.com/show_bug.cgi?id=1216853 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 6 16:30:04 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 06 May 2024 16:30:04 -0000 Subject: SUSE-SU-2024:1151-2: moderate: Security update for curl Message-ID: <171501300420.3039.7872672813296946208@smelt2.prg2.suse.org> # Security update for curl Announcement ID: SUSE-SU-2024:1151-2 Rating: moderate References: * bsc#1221665 * bsc#1221667 Cross-References: * CVE-2024-2004 * CVE-2024-2398 CVSS scores: * CVE-2024-2004 ( SUSE ): 3.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N * CVE-2024-2398 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves two vulnerabilities can now be installed. ## Description: This update for curl fixes the following issues: * CVE-2024-2004: Fix the uUsage of disabled protocol logic. (bsc#1221665) * CVE-2024-2398: Fix HTTP/2 push headers memory-leak. (bsc#1221667) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-1151=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-1151=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-1151=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-1151=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-1151=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-1151=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-1151=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-1151=1 ## Package List: * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * curl-debuginfo-8.0.1-150400.5.44.1 * libcurl-devel-8.0.1-150400.5.44.1 * curl-debugsource-8.0.1-150400.5.44.1 * libcurl4-debuginfo-8.0.1-150400.5.44.1 * libcurl4-8.0.1-150400.5.44.1 * curl-8.0.1-150400.5.44.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64) * libcurl4-32bit-8.0.1-150400.5.44.1 * libcurl4-32bit-debuginfo-8.0.1-150400.5.44.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * curl-debuginfo-8.0.1-150400.5.44.1 * libcurl-devel-8.0.1-150400.5.44.1 * curl-debugsource-8.0.1-150400.5.44.1 * libcurl4-debuginfo-8.0.1-150400.5.44.1 * libcurl4-8.0.1-150400.5.44.1 * curl-8.0.1-150400.5.44.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64) * libcurl4-32bit-8.0.1-150400.5.44.1 * libcurl4-32bit-debuginfo-8.0.1-150400.5.44.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * curl-debuginfo-8.0.1-150400.5.44.1 * libcurl-devel-8.0.1-150400.5.44.1 * curl-debugsource-8.0.1-150400.5.44.1 * libcurl4-32bit-debuginfo-8.0.1-150400.5.44.1 * libcurl4-debuginfo-8.0.1-150400.5.44.1 * libcurl4-32bit-8.0.1-150400.5.44.1 * libcurl4-8.0.1-150400.5.44.1 * curl-8.0.1-150400.5.44.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * curl-debuginfo-8.0.1-150400.5.44.1 * libcurl-devel-8.0.1-150400.5.44.1 * curl-debugsource-8.0.1-150400.5.44.1 * libcurl4-debuginfo-8.0.1-150400.5.44.1 * libcurl4-8.0.1-150400.5.44.1 * curl-8.0.1-150400.5.44.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (x86_64) * libcurl4-32bit-8.0.1-150400.5.44.1 * libcurl4-32bit-debuginfo-8.0.1-150400.5.44.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * curl-debuginfo-8.0.1-150400.5.44.1 * libcurl-devel-8.0.1-150400.5.44.1 * curl-debugsource-8.0.1-150400.5.44.1 * libcurl4-debuginfo-8.0.1-150400.5.44.1 * libcurl4-8.0.1-150400.5.44.1 * curl-8.0.1-150400.5.44.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64) * libcurl4-32bit-8.0.1-150400.5.44.1 * libcurl4-32bit-debuginfo-8.0.1-150400.5.44.1 * SUSE Manager Proxy 4.3 (x86_64) * curl-debuginfo-8.0.1-150400.5.44.1 * libcurl-devel-8.0.1-150400.5.44.1 * curl-debugsource-8.0.1-150400.5.44.1 * libcurl4-32bit-debuginfo-8.0.1-150400.5.44.1 * libcurl4-debuginfo-8.0.1-150400.5.44.1 * libcurl4-32bit-8.0.1-150400.5.44.1 * libcurl4-8.0.1-150400.5.44.1 * curl-8.0.1-150400.5.44.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * curl-debuginfo-8.0.1-150400.5.44.1 * libcurl-devel-8.0.1-150400.5.44.1 * curl-debugsource-8.0.1-150400.5.44.1 * libcurl4-32bit-debuginfo-8.0.1-150400.5.44.1 * libcurl4-debuginfo-8.0.1-150400.5.44.1 * libcurl4-32bit-8.0.1-150400.5.44.1 * libcurl4-8.0.1-150400.5.44.1 * curl-8.0.1-150400.5.44.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * curl-debuginfo-8.0.1-150400.5.44.1 * libcurl-devel-8.0.1-150400.5.44.1 * curl-debugsource-8.0.1-150400.5.44.1 * libcurl4-debuginfo-8.0.1-150400.5.44.1 * libcurl4-8.0.1-150400.5.44.1 * curl-8.0.1-150400.5.44.1 * SUSE Manager Server 4.3 (x86_64) * libcurl4-32bit-8.0.1-150400.5.44.1 * libcurl4-32bit-debuginfo-8.0.1-150400.5.44.1 ## References: * https://www.suse.com/security/cve/CVE-2024-2004.html * https://www.suse.com/security/cve/CVE-2024-2398.html * https://bugzilla.suse.com/show_bug.cgi?id=1221665 * https://bugzilla.suse.com/show_bug.cgi?id=1221667 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 6 16:30:07 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 06 May 2024 16:30:07 -0000 Subject: SUSE-SU-2024:1536-1: important: Security update for flatpak Message-ID: <171501300768.3039.11123117668487833843@smelt2.prg2.suse.org> # Security update for flatpak Announcement ID: SUSE-SU-2024:1536-1 Rating: important References: * bsc#1223110 Cross-References: * CVE-2024-32462 CVSS scores: * CVE-2024-32462 ( SUSE ): 8.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N Affected Products: * Desktop Applications Module 15-SP5 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for flatpak fixes the following issues: * CVE-2024-32462: Fixed arbitrary code execution outside sandbox via malicious app due to insufficient 'command' argument sanitization (bsc#1223110) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-1536=1 openSUSE-SLE-15.5-2024-1536=1 * Desktop Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP5-2024-1536=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * typelib-1_0-Flatpak-1_0-1.14.5-150500.3.9.1 * flatpak-debugsource-1.14.5-150500.3.9.1 * libflatpak0-debuginfo-1.14.5-150500.3.9.1 * flatpak-devel-1.14.5-150500.3.9.1 * flatpak-1.14.5-150500.3.9.1 * flatpak-debuginfo-1.14.5-150500.3.9.1 * libflatpak0-1.14.5-150500.3.9.1 * openSUSE Leap 15.5 (noarch) * system-user-flatpak-1.14.5-150500.3.9.1 * flatpak-remote-flathub-1.14.5-150500.3.9.1 * flatpak-zsh-completion-1.14.5-150500.3.9.1 * Desktop Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * typelib-1_0-Flatpak-1_0-1.14.5-150500.3.9.1 * flatpak-debugsource-1.14.5-150500.3.9.1 * libflatpak0-debuginfo-1.14.5-150500.3.9.1 * flatpak-devel-1.14.5-150500.3.9.1 * flatpak-1.14.5-150500.3.9.1 * flatpak-debuginfo-1.14.5-150500.3.9.1 * libflatpak0-1.14.5-150500.3.9.1 * Desktop Applications Module 15-SP5 (noarch) * system-user-flatpak-1.14.5-150500.3.9.1 * flatpak-remote-flathub-1.14.5-150500.3.9.1 * flatpak-zsh-completion-1.14.5-150500.3.9.1 ## References: * https://www.suse.com/security/cve/CVE-2024-32462.html * https://bugzilla.suse.com/show_bug.cgi?id=1223110 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 6 16:30:09 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 06 May 2024 16:30:09 -0000 Subject: SUSE-SU-2024:1535-1: important: Security update for flatpak Message-ID: <171501300961.3039.7958467951228564234@smelt2.prg2.suse.org> # Security update for flatpak Announcement ID: SUSE-SU-2024:1535-1 Rating: important References: * bsc#1223110 Cross-References: * CVE-2024-32462 CVSS scores: * CVE-2024-32462 ( SUSE ): 8.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves one vulnerability can now be installed. ## Description: This update for flatpak fixes the following issues: * CVE-2024-32462: Fixed arbitrary code execution outside sandbox via malicious app due to insufficient 'command' argument sanitization (bsc#1223110) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-1535=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-1535=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-1535=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-1535=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-1535=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-1535=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * libflatpak0-1.12.8-150400.3.6.1 * flatpak-zsh-completion-1.12.8-150400.3.6.1 * flatpak-debugsource-1.12.8-150400.3.6.1 * typelib-1_0-Flatpak-1_0-1.12.8-150400.3.6.1 * system-user-flatpak-1.12.8-150400.3.6.1 * flatpak-devel-1.12.8-150400.3.6.1 * flatpak-debuginfo-1.12.8-150400.3.6.1 * flatpak-1.12.8-150400.3.6.1 * libflatpak0-debuginfo-1.12.8-150400.3.6.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * libflatpak0-1.12.8-150400.3.6.1 * flatpak-zsh-completion-1.12.8-150400.3.6.1 * flatpak-debugsource-1.12.8-150400.3.6.1 * typelib-1_0-Flatpak-1_0-1.12.8-150400.3.6.1 * system-user-flatpak-1.12.8-150400.3.6.1 * flatpak-devel-1.12.8-150400.3.6.1 * flatpak-debuginfo-1.12.8-150400.3.6.1 * flatpak-1.12.8-150400.3.6.1 * libflatpak0-debuginfo-1.12.8-150400.3.6.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * libflatpak0-1.12.8-150400.3.6.1 * flatpak-zsh-completion-1.12.8-150400.3.6.1 * flatpak-debugsource-1.12.8-150400.3.6.1 * typelib-1_0-Flatpak-1_0-1.12.8-150400.3.6.1 * system-user-flatpak-1.12.8-150400.3.6.1 * flatpak-devel-1.12.8-150400.3.6.1 * flatpak-debuginfo-1.12.8-150400.3.6.1 * flatpak-1.12.8-150400.3.6.1 * libflatpak0-debuginfo-1.12.8-150400.3.6.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * libflatpak0-1.12.8-150400.3.6.1 * flatpak-zsh-completion-1.12.8-150400.3.6.1 * flatpak-debugsource-1.12.8-150400.3.6.1 * typelib-1_0-Flatpak-1_0-1.12.8-150400.3.6.1 * system-user-flatpak-1.12.8-150400.3.6.1 * flatpak-devel-1.12.8-150400.3.6.1 * flatpak-debuginfo-1.12.8-150400.3.6.1 * flatpak-1.12.8-150400.3.6.1 * libflatpak0-debuginfo-1.12.8-150400.3.6.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * libflatpak0-1.12.8-150400.3.6.1 * flatpak-zsh-completion-1.12.8-150400.3.6.1 * flatpak-debugsource-1.12.8-150400.3.6.1 * typelib-1_0-Flatpak-1_0-1.12.8-150400.3.6.1 * system-user-flatpak-1.12.8-150400.3.6.1 * flatpak-devel-1.12.8-150400.3.6.1 * flatpak-debuginfo-1.12.8-150400.3.6.1 * flatpak-1.12.8-150400.3.6.1 * libflatpak0-debuginfo-1.12.8-150400.3.6.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * libflatpak0-1.12.8-150400.3.6.1 * flatpak-zsh-completion-1.12.8-150400.3.6.1 * flatpak-debugsource-1.12.8-150400.3.6.1 * typelib-1_0-Flatpak-1_0-1.12.8-150400.3.6.1 * system-user-flatpak-1.12.8-150400.3.6.1 * flatpak-devel-1.12.8-150400.3.6.1 * flatpak-debuginfo-1.12.8-150400.3.6.1 * flatpak-1.12.8-150400.3.6.1 * libflatpak0-debuginfo-1.12.8-150400.3.6.1 ## References: * https://www.suse.com/security/cve/CVE-2024-32462.html * https://bugzilla.suse.com/show_bug.cgi?id=1223110 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 6 16:30:12 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 06 May 2024 16:30:12 -0000 Subject: SUSE-SU-2024:1534-1: important: Security update for less Message-ID: <171501301255.3039.13241188493450795272@smelt2.prg2.suse.org> # Security update for less Announcement ID: SUSE-SU-2024:1534-1 Rating: important References: * bsc#1222849 Cross-References: * CVE-2024-32487 CVSS scores: * CVE-2024-32487 ( SUSE ): 8.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H Affected Products: * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves one vulnerability can now be installed. ## Description: This update for less fixes the following issues: * CVE-2024-32487: Fixed mishandling of \n character in paths when LESSOPEN is set leads to OS command execution. (bsc#1222849) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-1534=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-1534=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-1534=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-1534=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-1534=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-1534=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-1534=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-1534=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-1534=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-1534=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * less-debugsource-530-150000.3.9.1 * less-debuginfo-530-150000.3.9.1 * less-530-150000.3.9.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * less-debugsource-530-150000.3.9.1 * less-debuginfo-530-150000.3.9.1 * less-530-150000.3.9.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * less-debugsource-530-150000.3.9.1 * less-debuginfo-530-150000.3.9.1 * less-530-150000.3.9.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * less-debugsource-530-150000.3.9.1 * less-debuginfo-530-150000.3.9.1 * less-530-150000.3.9.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * less-debugsource-530-150000.3.9.1 * less-debuginfo-530-150000.3.9.1 * less-530-150000.3.9.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * less-debugsource-530-150000.3.9.1 * less-debuginfo-530-150000.3.9.1 * less-530-150000.3.9.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * less-debugsource-530-150000.3.9.1 * less-debuginfo-530-150000.3.9.1 * less-530-150000.3.9.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * less-debugsource-530-150000.3.9.1 * less-debuginfo-530-150000.3.9.1 * less-530-150000.3.9.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * less-debugsource-530-150000.3.9.1 * less-debuginfo-530-150000.3.9.1 * less-530-150000.3.9.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * less-debugsource-530-150000.3.9.1 * less-debuginfo-530-150000.3.9.1 * less-530-150000.3.9.1 ## References: * https://www.suse.com/security/cve/CVE-2024-32487.html * https://bugzilla.suse.com/show_bug.cgi?id=1222849 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue May 7 08:30:03 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 07 May 2024 08:30:03 -0000 Subject: SUSE-SU-2024:1537-1: important: Security update for the Linux Kernel (Live Patch 41 for SLE 15 SP2) Message-ID: <171507060390.6146.13272368524462529135@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 41 for SLE 15 SP2) Announcement ID: SUSE-SU-2024:1537-1 Rating: important References: * bsc#1216644 * bsc#1219079 * bsc#1219435 Cross-References: * CVE-2023-5717 * CVE-2024-0775 * CVE-2024-1086 CVSS scores: * CVE-2023-5717 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-5717 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-0775 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-0775 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-1086 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-1086 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise Live Patching 15-SP2 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 An update that solves three vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.3.18-150200_24_166 fixes several issues. The following security issues were fixed: * CVE-2024-0775: Fixed a use-after-free flaw was found in the __ext4_remount in fs/ext4/super.c in ext4 (bsc#1219079). * CVE-2023-5717: Fixed a heap out-of-bounds write vulnerability perf component (bsc#1216644). * CVE-2024-1086: Fixed a use-after-free vulnerability related to nft_verdict_init() (bsc#1219435). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP2 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP2-2024-1537=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP2 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150200_24_166-default-8-150200.2.1 * kernel-livepatch-SLE15-SP2_Update_41-debugsource-8-150200.2.1 * kernel-livepatch-5_3_18-150200_24_166-default-debuginfo-8-150200.2.1 ## References: * https://www.suse.com/security/cve/CVE-2023-5717.html * https://www.suse.com/security/cve/CVE-2024-0775.html * https://www.suse.com/security/cve/CVE-2024-1086.html * https://bugzilla.suse.com/show_bug.cgi?id=1216644 * https://bugzilla.suse.com/show_bug.cgi?id=1219079 * https://bugzilla.suse.com/show_bug.cgi?id=1219435 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue May 7 08:30:06 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 07 May 2024 08:30:06 -0000 Subject: SUSE-SU-2024:1541-1: moderate: Security update for xen Message-ID: <171507060665.6146.7186013300294079925@smelt2.prg2.suse.org> # Security update for xen Announcement ID: SUSE-SU-2024:1541-1 Rating: moderate References: * bsc#1027519 * bsc#1221984 * bsc#1222302 * bsc#1222453 Cross-References: * CVE-2023-46842 * CVE-2024-2201 * CVE-2024-31142 CVSS scores: * CVE-2023-46842 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H * CVE-2024-2201 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-31142 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 An update that solves three vulnerabilities and has one security fix can now be installed. ## Description: This update for xen fixes the following issues: * CVE-2024-2201: Mitigation for Native Branch History Injection (XSA-456, bsc#1222453) * CVE-2023-46842: HVM hypercalls may trigger Xen bug check (XSA-454, bsc#1221984) * CVE-2024-31142: Fixed incorrect logic for BTC/SRSO mitigations (XSA-455, bsc#1222302) * Upstream bug fixes (bsc#1027519) ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-1541=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1541=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1541=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1541=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 x86_64) * xen-devel-4.12.4_48-3.109.1 * xen-debugsource-4.12.4_48-3.109.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (x86_64) * xen-debugsource-4.12.4_48-3.109.1 * xen-4.12.4_48-3.109.1 * xen-libs-debuginfo-32bit-4.12.4_48-3.109.1 * xen-tools-debuginfo-4.12.4_48-3.109.1 * xen-libs-4.12.4_48-3.109.1 * xen-tools-domU-debuginfo-4.12.4_48-3.109.1 * xen-libs-debuginfo-4.12.4_48-3.109.1 * xen-tools-4.12.4_48-3.109.1 * xen-doc-html-4.12.4_48-3.109.1 * xen-libs-32bit-4.12.4_48-3.109.1 * xen-tools-domU-4.12.4_48-3.109.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (x86_64) * xen-debugsource-4.12.4_48-3.109.1 * xen-4.12.4_48-3.109.1 * xen-libs-debuginfo-32bit-4.12.4_48-3.109.1 * xen-tools-debuginfo-4.12.4_48-3.109.1 * xen-libs-4.12.4_48-3.109.1 * xen-tools-domU-debuginfo-4.12.4_48-3.109.1 * xen-libs-debuginfo-4.12.4_48-3.109.1 * xen-tools-4.12.4_48-3.109.1 * xen-doc-html-4.12.4_48-3.109.1 * xen-libs-32bit-4.12.4_48-3.109.1 * xen-tools-domU-4.12.4_48-3.109.1 * SUSE Linux Enterprise Server 12 SP5 (x86_64) * xen-debugsource-4.12.4_48-3.109.1 * xen-4.12.4_48-3.109.1 * xen-libs-debuginfo-32bit-4.12.4_48-3.109.1 * xen-tools-debuginfo-4.12.4_48-3.109.1 * xen-libs-4.12.4_48-3.109.1 * xen-tools-domU-debuginfo-4.12.4_48-3.109.1 * xen-libs-debuginfo-4.12.4_48-3.109.1 * xen-tools-4.12.4_48-3.109.1 * xen-doc-html-4.12.4_48-3.109.1 * xen-libs-32bit-4.12.4_48-3.109.1 * xen-tools-domU-4.12.4_48-3.109.1 ## References: * https://www.suse.com/security/cve/CVE-2023-46842.html * https://www.suse.com/security/cve/CVE-2024-2201.html * https://www.suse.com/security/cve/CVE-2024-31142.html * https://bugzilla.suse.com/show_bug.cgi?id=1027519 * https://bugzilla.suse.com/show_bug.cgi?id=1221984 * https://bugzilla.suse.com/show_bug.cgi?id=1222302 * https://bugzilla.suse.com/show_bug.cgi?id=1222453 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue May 7 08:30:08 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 07 May 2024 08:30:08 -0000 Subject: SUSE-SU-2024:1540-1: moderate: Security update for xen Message-ID: <171507060860.6146.850889887631862152@smelt2.prg2.suse.org> # Security update for xen Announcement ID: SUSE-SU-2024:1540-1 Rating: moderate References: * bsc#1221984 * bsc#1222302 * bsc#1222453 Cross-References: * CVE-2023-46842 * CVE-2024-2201 * CVE-2024-31142 CVSS scores: * CVE-2023-46842 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H * CVE-2024-2201 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-31142 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 An update that solves three vulnerabilities can now be installed. ## Description: This update for xen fixes the following issues: * CVE-2024-2201: Mitigation for Native Branch History Injection (XSA-456, bsc#1222453) * CVE-2023-46842: HVM hypercalls may trigger Xen bug check (XSA-454, bsc#1221984) * CVE-2024-31142: Fixed incorrect logic for BTC/SRSO mitigations (XSA-455, bsc#1222302) ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-1540=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-1540=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-1540=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-1540=1 ## Package List: * openSUSE Leap 15.3 (aarch64 x86_64 i586) * xen-debugsource-4.14.6_14-150300.3.72.1 * xen-tools-domU-4.14.6_14-150300.3.72.1 * xen-libs-debuginfo-4.14.6_14-150300.3.72.1 * xen-devel-4.14.6_14-150300.3.72.1 * xen-tools-domU-debuginfo-4.14.6_14-150300.3.72.1 * xen-libs-4.14.6_14-150300.3.72.1 * openSUSE Leap 15.3 (x86_64) * xen-libs-32bit-4.14.6_14-150300.3.72.1 * xen-libs-32bit-debuginfo-4.14.6_14-150300.3.72.1 * openSUSE Leap 15.3 (aarch64 x86_64) * xen-tools-debuginfo-4.14.6_14-150300.3.72.1 * xen-doc-html-4.14.6_14-150300.3.72.1 * xen-tools-4.14.6_14-150300.3.72.1 * xen-4.14.6_14-150300.3.72.1 * openSUSE Leap 15.3 (noarch) * xen-tools-xendomains-wait-disk-4.14.6_14-150300.3.72.1 * openSUSE Leap 15.3 (aarch64_ilp32) * xen-libs-64bit-debuginfo-4.14.6_14-150300.3.72.1 * xen-libs-64bit-4.14.6_14-150300.3.72.1 * SUSE Linux Enterprise Micro 5.1 (x86_64) * xen-debugsource-4.14.6_14-150300.3.72.1 * xen-libs-debuginfo-4.14.6_14-150300.3.72.1 * xen-libs-4.14.6_14-150300.3.72.1 * SUSE Linux Enterprise Micro 5.2 (x86_64) * xen-debugsource-4.14.6_14-150300.3.72.1 * xen-libs-debuginfo-4.14.6_14-150300.3.72.1 * xen-libs-4.14.6_14-150300.3.72.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (x86_64) * xen-debugsource-4.14.6_14-150300.3.72.1 * xen-libs-debuginfo-4.14.6_14-150300.3.72.1 * xen-libs-4.14.6_14-150300.3.72.1 ## References: * https://www.suse.com/security/cve/CVE-2023-46842.html * https://www.suse.com/security/cve/CVE-2024-2201.html * https://www.suse.com/security/cve/CVE-2024-31142.html * https://bugzilla.suse.com/show_bug.cgi?id=1221984 * https://bugzilla.suse.com/show_bug.cgi?id=1222302 * https://bugzilla.suse.com/show_bug.cgi?id=1222453 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue May 7 08:30:10 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 07 May 2024 08:30:10 -0000 Subject: SUSE-SU-2024:1539-1: moderate: Security update for bouncycastle Message-ID: <171507061062.6146.11748979537039501019@smelt2.prg2.suse.org> # Security update for bouncycastle Announcement ID: SUSE-SU-2024:1539-1 Rating: moderate References: * bsc#1223252 Cross-References: * CVE-2024-30171 CVSS scores: * CVE-2024-30171 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * Development Tools Module 15-SP5 * openSUSE Leap 15.5 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for bouncycastle fixes the following issues: Update to version 1.78.1, including fixes for: * CVE-2024-30171: Fixed timing side-channel attacks against RSA decryption (both PKCS#1v1.5 and OAEP). (bsc#1223252) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1539=1 * Development Tools Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2024-1539=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-1539=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-1539=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-1539=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-1539=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-1539=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-1539=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-1539=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-1539=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-1539=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-1539=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-1539=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-1539=1 ## Package List: * openSUSE Leap 15.5 (noarch) * bouncycastle-mail-1.78.1-150200.3.29.1 * bouncycastle-tls-1.78.1-150200.3.29.1 * bouncycastle-jmail-1.78.1-150200.3.29.1 * bouncycastle-pg-1.78.1-150200.3.29.1 * bouncycastle-javadoc-1.78.1-150200.3.29.1 * bouncycastle-util-1.78.1-150200.3.29.1 * bouncycastle-pkix-1.78.1-150200.3.29.1 * bouncycastle-1.78.1-150200.3.29.1 * Development Tools Module 15-SP5 (noarch) * bouncycastle-pg-1.78.1-150200.3.29.1 * bouncycastle-pkix-1.78.1-150200.3.29.1 * bouncycastle-1.78.1-150200.3.29.1 * bouncycastle-util-1.78.1-150200.3.29.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (noarch) * bouncycastle-pg-1.78.1-150200.3.29.1 * bouncycastle-pkix-1.78.1-150200.3.29.1 * bouncycastle-1.78.1-150200.3.29.1 * bouncycastle-util-1.78.1-150200.3.29.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * bouncycastle-pg-1.78.1-150200.3.29.1 * bouncycastle-pkix-1.78.1-150200.3.29.1 * bouncycastle-1.78.1-150200.3.29.1 * bouncycastle-util-1.78.1-150200.3.29.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * bouncycastle-pg-1.78.1-150200.3.29.1 * bouncycastle-pkix-1.78.1-150200.3.29.1 * bouncycastle-1.78.1-150200.3.29.1 * bouncycastle-util-1.78.1-150200.3.29.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * bouncycastle-pg-1.78.1-150200.3.29.1 * bouncycastle-pkix-1.78.1-150200.3.29.1 * bouncycastle-1.78.1-150200.3.29.1 * bouncycastle-util-1.78.1-150200.3.29.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (noarch) * bouncycastle-pg-1.78.1-150200.3.29.1 * bouncycastle-pkix-1.78.1-150200.3.29.1 * bouncycastle-1.78.1-150200.3.29.1 * bouncycastle-util-1.78.1-150200.3.29.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (noarch) * bouncycastle-pg-1.78.1-150200.3.29.1 * bouncycastle-pkix-1.78.1-150200.3.29.1 * bouncycastle-1.78.1-150200.3.29.1 * bouncycastle-util-1.78.1-150200.3.29.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch) * bouncycastle-pg-1.78.1-150200.3.29.1 * bouncycastle-pkix-1.78.1-150200.3.29.1 * bouncycastle-1.78.1-150200.3.29.1 * bouncycastle-util-1.78.1-150200.3.29.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch) * bouncycastle-pg-1.78.1-150200.3.29.1 * bouncycastle-pkix-1.78.1-150200.3.29.1 * bouncycastle-1.78.1-150200.3.29.1 * bouncycastle-util-1.78.1-150200.3.29.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (noarch) * bouncycastle-pg-1.78.1-150200.3.29.1 * bouncycastle-pkix-1.78.1-150200.3.29.1 * bouncycastle-1.78.1-150200.3.29.1 * bouncycastle-util-1.78.1-150200.3.29.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * bouncycastle-pg-1.78.1-150200.3.29.1 * bouncycastle-pkix-1.78.1-150200.3.29.1 * bouncycastle-1.78.1-150200.3.29.1 * bouncycastle-util-1.78.1-150200.3.29.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * bouncycastle-pg-1.78.1-150200.3.29.1 * bouncycastle-pkix-1.78.1-150200.3.29.1 * bouncycastle-1.78.1-150200.3.29.1 * bouncycastle-util-1.78.1-150200.3.29.1 * SUSE Enterprise Storage 7.1 (noarch) * bouncycastle-pg-1.78.1-150200.3.29.1 * bouncycastle-pkix-1.78.1-150200.3.29.1 * bouncycastle-1.78.1-150200.3.29.1 * bouncycastle-util-1.78.1-150200.3.29.1 ## References: * https://www.suse.com/security/cve/CVE-2024-30171.html * https://bugzilla.suse.com/show_bug.cgi?id=1223252 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue May 7 16:30:02 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 07 May 2024 16:30:02 -0000 Subject: SUSE-SU-2024:1545-1: important: Security update for the Linux Kernel (Live Patch 36 for SLE 15 SP2) Message-ID: <171509940269.11798.5612426389199889248@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 36 for SLE 15 SP2) Announcement ID: SUSE-SU-2024:1545-1 Rating: important References: * bsc#1216644 * bsc#1219079 * bsc#1219435 Cross-References: * CVE-2023-5717 * CVE-2024-0775 * CVE-2024-1086 CVSS scores: * CVE-2023-5717 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-5717 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-0775 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-0775 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-1086 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-1086 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise Live Patching 15-SP2 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 An update that solves three vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.3.18-150200_24_151 fixes several issues. The following security issues were fixed: * CVE-2024-0775: Fixed a use-after-free flaw was found in the __ext4_remount in fs/ext4/super.c in ext4 (bsc#1219079). * CVE-2023-5717: Fixed a heap out-of-bounds write vulnerability perf component (bsc#1216644). * CVE-2024-1086: Fixed a use-after-free vulnerability related to nft_verdict_init() (bsc#1219435). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP2 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP2-2024-1545=1 SUSE-SLE- Module-Live-Patching-15-SP2-2024-1546=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP2 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP2_Update_36-debugsource-13-150200.2.1 * kernel-livepatch-5_3_18-150200_24_151-default-debuginfo-13-150200.2.1 * kernel-livepatch-5_3_18-150200_24_148-default-13-150200.2.1 * kernel-livepatch-5_3_18-150200_24_148-default-debuginfo-13-150200.2.1 * kernel-livepatch-SLE15-SP2_Update_35-debugsource-13-150200.2.1 * kernel-livepatch-5_3_18-150200_24_151-default-13-150200.2.1 ## References: * https://www.suse.com/security/cve/CVE-2023-5717.html * https://www.suse.com/security/cve/CVE-2024-0775.html * https://www.suse.com/security/cve/CVE-2024-1086.html * https://bugzilla.suse.com/show_bug.cgi?id=1216644 * https://bugzilla.suse.com/show_bug.cgi?id=1219079 * https://bugzilla.suse.com/show_bug.cgi?id=1219435 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue May 7 16:30:06 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 07 May 2024 16:30:06 -0000 Subject: SUSE-SU-2024:1550-1: important: Security update for less Message-ID: <171509940663.11798.2382441738778358377@smelt2.prg2.suse.org> # Security update for less Announcement ID: SUSE-SU-2024:1550-1 Rating: important References: * bsc#1222849 Cross-References: * CVE-2024-32487 CVSS scores: * CVE-2024-32487 ( SUSE ): 8.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for less fixes the following issues: * CVE-2024-32487: Fixed mishandling of \n character in paths when LESSOPEN is set leads to OS command execution. (bsc#1222849) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1550=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1550=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1550=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * less-debuginfo-458-7.15.1 * less-458-7.15.1 * less-debugsource-458-7.15.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * less-debuginfo-458-7.15.1 * less-458-7.15.1 * less-debugsource-458-7.15.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * less-debuginfo-458-7.15.1 * less-458-7.15.1 * less-debugsource-458-7.15.1 ## References: * https://www.suse.com/security/cve/CVE-2024-32487.html * https://bugzilla.suse.com/show_bug.cgi?id=1222849 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue May 7 16:30:08 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 07 May 2024 16:30:08 -0000 Subject: SUSE-SU-2024:1549-1: important: Security update for sssd Message-ID: <171509940848.11798.3440757239575638989@smelt2.prg2.suse.org> # Security update for sssd Announcement ID: SUSE-SU-2024:1549-1 Rating: important References: * bsc#1223100 Cross-References: * CVE-2023-3758 CVSS scores: * CVE-2023-3758 ( SUSE ): 7.1 CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves one vulnerability can now be installed. ## Description: This update for sssd fixes the following issues: * CVE-2023-3758: Fixed race condition during authorization that lead to GPO policies functioning inconsistently (bsc#1223100) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-1549=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-1549=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-1549=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-1549=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-1549=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-1549=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-1549=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-1549=1 ## Package List: * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * python3-sss_nss_idmap-1.16.1-150300.23.43.1 * sssd-krb5-common-1.16.1-150300.23.43.1 * sssd-wbclient-1.16.1-150300.23.43.1 * libsss_nss_idmap0-debuginfo-1.16.1-150300.23.43.1 * sssd-ad-debuginfo-1.16.1-150300.23.43.1 * python3-sssd-config-1.16.1-150300.23.43.1 * libsss_certmap-devel-1.16.1-150300.23.43.1 * python3-sss-murmur-1.16.1-150300.23.43.1 * libsss_certmap0-debuginfo-1.16.1-150300.23.43.1 * sssd-dbus-1.16.1-150300.23.43.1 * sssd-krb5-common-debuginfo-1.16.1-150300.23.43.1 * sssd-dbus-debuginfo-1.16.1-150300.23.43.1 * sssd-wbclient-devel-1.16.1-150300.23.43.1 * sssd-winbind-idmap-1.16.1-150300.23.43.1 * python3-sss_nss_idmap-debuginfo-1.16.1-150300.23.43.1 * libipa_hbac0-1.16.1-150300.23.43.1 * sssd-krb5-debuginfo-1.16.1-150300.23.43.1 * libipa_hbac0-debuginfo-1.16.1-150300.23.43.1 * libsss_certmap0-1.16.1-150300.23.43.1 * sssd-winbind-idmap-debuginfo-1.16.1-150300.23.43.1 * sssd-ipa-1.16.1-150300.23.43.1 * libsss_simpleifp0-debuginfo-1.16.1-150300.23.43.1 * libsss_simpleifp-devel-1.16.1-150300.23.43.1 * libnfsidmap-sss-1.16.1-150300.23.43.1 * sssd-ad-1.16.1-150300.23.43.1 * sssd-proxy-1.16.1-150300.23.43.1 * libsss_nss_idmap0-1.16.1-150300.23.43.1 * libsss_idmap0-1.16.1-150300.23.43.1 * libsss_idmap-devel-1.16.1-150300.23.43.1 * sssd-proxy-debuginfo-1.16.1-150300.23.43.1 * sssd-tools-debuginfo-1.16.1-150300.23.43.1 * python3-sssd-config-debuginfo-1.16.1-150300.23.43.1 * python3-sss-murmur-debuginfo-1.16.1-150300.23.43.1 * sssd-1.16.1-150300.23.43.1 * libsss_idmap0-debuginfo-1.16.1-150300.23.43.1 * libipa_hbac-devel-1.16.1-150300.23.43.1 * python3-ipa_hbac-debuginfo-1.16.1-150300.23.43.1 * sssd-krb5-1.16.1-150300.23.43.1 * sssd-ldap-debuginfo-1.16.1-150300.23.43.1 * python3-ipa_hbac-1.16.1-150300.23.43.1 * sssd-common-debuginfo-1.16.1-150300.23.43.1 * sssd-debugsource-1.16.1-150300.23.43.1 * libsss_nss_idmap-devel-1.16.1-150300.23.43.1 * sssd-ipa-debuginfo-1.16.1-150300.23.43.1 * libnfsidmap-sss-debuginfo-1.16.1-150300.23.43.1 * sssd-common-1.16.1-150300.23.43.1 * sssd-wbclient-debuginfo-1.16.1-150300.23.43.1 * sssd-ldap-1.16.1-150300.23.43.1 * sssd-tools-1.16.1-150300.23.43.1 * libsss_simpleifp0-1.16.1-150300.23.43.1 * openSUSE Leap 15.3 (x86_64) * sssd-common-32bit-1.16.1-150300.23.43.1 * sssd-common-32bit-debuginfo-1.16.1-150300.23.43.1 * openSUSE Leap 15.3 (aarch64_ilp32) * sssd-common-64bit-debuginfo-1.16.1-150300.23.43.1 * sssd-common-64bit-1.16.1-150300.23.43.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * sssd-krb5-common-1.16.1-150300.23.43.1 * libsss_nss_idmap0-debuginfo-1.16.1-150300.23.43.1 * sssd-ad-debuginfo-1.16.1-150300.23.43.1 * python3-sssd-config-1.16.1-150300.23.43.1 * libsss_certmap-devel-1.16.1-150300.23.43.1 * sssd-krb5-common-debuginfo-1.16.1-150300.23.43.1 * libsss_certmap0-debuginfo-1.16.1-150300.23.43.1 * sssd-dbus-1.16.1-150300.23.43.1 * sssd-dbus-debuginfo-1.16.1-150300.23.43.1 * sssd-winbind-idmap-1.16.1-150300.23.43.1 * libipa_hbac0-1.16.1-150300.23.43.1 * sssd-krb5-debuginfo-1.16.1-150300.23.43.1 * libipa_hbac0-debuginfo-1.16.1-150300.23.43.1 * libsss_certmap0-1.16.1-150300.23.43.1 * sssd-winbind-idmap-debuginfo-1.16.1-150300.23.43.1 * sssd-ipa-1.16.1-150300.23.43.1 * libsss_simpleifp0-debuginfo-1.16.1-150300.23.43.1 * libsss_simpleifp-devel-1.16.1-150300.23.43.1 * sssd-ad-1.16.1-150300.23.43.1 * sssd-proxy-1.16.1-150300.23.43.1 * libsss_nss_idmap0-1.16.1-150300.23.43.1 * libsss_idmap0-1.16.1-150300.23.43.1 * libsss_idmap-devel-1.16.1-150300.23.43.1 * sssd-proxy-debuginfo-1.16.1-150300.23.43.1 * sssd-tools-debuginfo-1.16.1-150300.23.43.1 * python3-sssd-config-debuginfo-1.16.1-150300.23.43.1 * sssd-1.16.1-150300.23.43.1 * libsss_idmap0-debuginfo-1.16.1-150300.23.43.1 * libipa_hbac-devel-1.16.1-150300.23.43.1 * sssd-krb5-1.16.1-150300.23.43.1 * sssd-ldap-debuginfo-1.16.1-150300.23.43.1 * sssd-common-debuginfo-1.16.1-150300.23.43.1 * sssd-debugsource-1.16.1-150300.23.43.1 * libsss_nss_idmap-devel-1.16.1-150300.23.43.1 * sssd-ipa-debuginfo-1.16.1-150300.23.43.1 * sssd-common-1.16.1-150300.23.43.1 * sssd-ldap-1.16.1-150300.23.43.1 * sssd-tools-1.16.1-150300.23.43.1 * libsss_simpleifp0-1.16.1-150300.23.43.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (x86_64) * sssd-common-32bit-1.16.1-150300.23.43.1 * sssd-common-32bit-debuginfo-1.16.1-150300.23.43.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * sssd-krb5-common-1.16.1-150300.23.43.1 * libsss_nss_idmap0-debuginfo-1.16.1-150300.23.43.1 * sssd-ad-debuginfo-1.16.1-150300.23.43.1 * python3-sssd-config-1.16.1-150300.23.43.1 * libsss_certmap-devel-1.16.1-150300.23.43.1 * sssd-krb5-common-debuginfo-1.16.1-150300.23.43.1 * libsss_certmap0-debuginfo-1.16.1-150300.23.43.1 * sssd-dbus-1.16.1-150300.23.43.1 * sssd-dbus-debuginfo-1.16.1-150300.23.43.1 * sssd-winbind-idmap-1.16.1-150300.23.43.1 * libipa_hbac0-1.16.1-150300.23.43.1 * sssd-krb5-debuginfo-1.16.1-150300.23.43.1 * libipa_hbac0-debuginfo-1.16.1-150300.23.43.1 * libsss_certmap0-1.16.1-150300.23.43.1 * sssd-winbind-idmap-debuginfo-1.16.1-150300.23.43.1 * sssd-ipa-1.16.1-150300.23.43.1 * libsss_simpleifp0-debuginfo-1.16.1-150300.23.43.1 * libsss_simpleifp-devel-1.16.1-150300.23.43.1 * sssd-ad-1.16.1-150300.23.43.1 * sssd-proxy-1.16.1-150300.23.43.1 * libsss_nss_idmap0-1.16.1-150300.23.43.1 * libsss_idmap0-1.16.1-150300.23.43.1 * libsss_idmap-devel-1.16.1-150300.23.43.1 * sssd-proxy-debuginfo-1.16.1-150300.23.43.1 * sssd-tools-debuginfo-1.16.1-150300.23.43.1 * python3-sssd-config-debuginfo-1.16.1-150300.23.43.1 * sssd-1.16.1-150300.23.43.1 * libsss_idmap0-debuginfo-1.16.1-150300.23.43.1 * libipa_hbac-devel-1.16.1-150300.23.43.1 * sssd-krb5-1.16.1-150300.23.43.1 * sssd-ldap-debuginfo-1.16.1-150300.23.43.1 * sssd-common-debuginfo-1.16.1-150300.23.43.1 * sssd-debugsource-1.16.1-150300.23.43.1 * libsss_nss_idmap-devel-1.16.1-150300.23.43.1 * sssd-ipa-debuginfo-1.16.1-150300.23.43.1 * sssd-common-1.16.1-150300.23.43.1 * sssd-ldap-1.16.1-150300.23.43.1 * sssd-tools-1.16.1-150300.23.43.1 * libsss_simpleifp0-1.16.1-150300.23.43.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (x86_64) * sssd-common-32bit-1.16.1-150300.23.43.1 * sssd-common-32bit-debuginfo-1.16.1-150300.23.43.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * sssd-krb5-common-1.16.1-150300.23.43.1 * libsss_nss_idmap0-debuginfo-1.16.1-150300.23.43.1 * sssd-ad-debuginfo-1.16.1-150300.23.43.1 * python3-sssd-config-1.16.1-150300.23.43.1 * libsss_certmap-devel-1.16.1-150300.23.43.1 * sssd-krb5-common-debuginfo-1.16.1-150300.23.43.1 * libsss_certmap0-debuginfo-1.16.1-150300.23.43.1 * sssd-dbus-1.16.1-150300.23.43.1 * sssd-dbus-debuginfo-1.16.1-150300.23.43.1 * sssd-winbind-idmap-1.16.1-150300.23.43.1 * libipa_hbac0-1.16.1-150300.23.43.1 * sssd-krb5-debuginfo-1.16.1-150300.23.43.1 * libipa_hbac0-debuginfo-1.16.1-150300.23.43.1 * libsss_certmap0-1.16.1-150300.23.43.1 * sssd-winbind-idmap-debuginfo-1.16.1-150300.23.43.1 * sssd-ipa-1.16.1-150300.23.43.1 * libsss_simpleifp0-debuginfo-1.16.1-150300.23.43.1 * libsss_simpleifp-devel-1.16.1-150300.23.43.1 * sssd-ad-1.16.1-150300.23.43.1 * sssd-proxy-1.16.1-150300.23.43.1 * libsss_nss_idmap0-1.16.1-150300.23.43.1 * libsss_idmap0-1.16.1-150300.23.43.1 * libsss_idmap-devel-1.16.1-150300.23.43.1 * sssd-proxy-debuginfo-1.16.1-150300.23.43.1 * sssd-tools-debuginfo-1.16.1-150300.23.43.1 * python3-sssd-config-debuginfo-1.16.1-150300.23.43.1 * sssd-1.16.1-150300.23.43.1 * libsss_idmap0-debuginfo-1.16.1-150300.23.43.1 * libipa_hbac-devel-1.16.1-150300.23.43.1 * sssd-krb5-1.16.1-150300.23.43.1 * sssd-ldap-debuginfo-1.16.1-150300.23.43.1 * sssd-common-debuginfo-1.16.1-150300.23.43.1 * sssd-debugsource-1.16.1-150300.23.43.1 * libsss_nss_idmap-devel-1.16.1-150300.23.43.1 * sssd-ipa-debuginfo-1.16.1-150300.23.43.1 * sssd-common-1.16.1-150300.23.43.1 * sssd-ldap-1.16.1-150300.23.43.1 * sssd-tools-1.16.1-150300.23.43.1 * libsss_simpleifp0-1.16.1-150300.23.43.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (x86_64) * sssd-common-32bit-1.16.1-150300.23.43.1 * sssd-common-32bit-debuginfo-1.16.1-150300.23.43.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * sssd-krb5-common-1.16.1-150300.23.43.1 * libsss_nss_idmap0-debuginfo-1.16.1-150300.23.43.1 * sssd-ad-debuginfo-1.16.1-150300.23.43.1 * python3-sssd-config-1.16.1-150300.23.43.1 * libsss_certmap-devel-1.16.1-150300.23.43.1 * sssd-krb5-common-debuginfo-1.16.1-150300.23.43.1 * libsss_certmap0-debuginfo-1.16.1-150300.23.43.1 * sssd-dbus-1.16.1-150300.23.43.1 * sssd-dbus-debuginfo-1.16.1-150300.23.43.1 * sssd-winbind-idmap-1.16.1-150300.23.43.1 * libipa_hbac0-1.16.1-150300.23.43.1 * sssd-krb5-debuginfo-1.16.1-150300.23.43.1 * libipa_hbac0-debuginfo-1.16.1-150300.23.43.1 * libsss_certmap0-1.16.1-150300.23.43.1 * sssd-winbind-idmap-debuginfo-1.16.1-150300.23.43.1 * sssd-ipa-1.16.1-150300.23.43.1 * libsss_simpleifp0-debuginfo-1.16.1-150300.23.43.1 * libsss_simpleifp-devel-1.16.1-150300.23.43.1 * sssd-ad-1.16.1-150300.23.43.1 * sssd-proxy-1.16.1-150300.23.43.1 * libsss_nss_idmap0-1.16.1-150300.23.43.1 * libsss_idmap0-1.16.1-150300.23.43.1 * libsss_idmap-devel-1.16.1-150300.23.43.1 * sssd-proxy-debuginfo-1.16.1-150300.23.43.1 * sssd-tools-debuginfo-1.16.1-150300.23.43.1 * python3-sssd-config-debuginfo-1.16.1-150300.23.43.1 * sssd-1.16.1-150300.23.43.1 * libsss_idmap0-debuginfo-1.16.1-150300.23.43.1 * libipa_hbac-devel-1.16.1-150300.23.43.1 * sssd-krb5-1.16.1-150300.23.43.1 * sssd-ldap-debuginfo-1.16.1-150300.23.43.1 * sssd-common-debuginfo-1.16.1-150300.23.43.1 * sssd-debugsource-1.16.1-150300.23.43.1 * libsss_nss_idmap-devel-1.16.1-150300.23.43.1 * sssd-ipa-debuginfo-1.16.1-150300.23.43.1 * sssd-common-1.16.1-150300.23.43.1 * sssd-ldap-1.16.1-150300.23.43.1 * sssd-tools-1.16.1-150300.23.43.1 * libsss_simpleifp0-1.16.1-150300.23.43.1 * SUSE Enterprise Storage 7.1 (x86_64) * sssd-common-32bit-1.16.1-150300.23.43.1 * sssd-common-32bit-debuginfo-1.16.1-150300.23.43.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * libsss_idmap0-1.16.1-150300.23.43.1 * libsss_certmap0-1.16.1-150300.23.43.1 * sssd-krb5-common-1.16.1-150300.23.43.1 * libsss_nss_idmap0-debuginfo-1.16.1-150300.23.43.1 * sssd-ldap-debuginfo-1.16.1-150300.23.43.1 * sssd-common-debuginfo-1.16.1-150300.23.43.1 * sssd-debugsource-1.16.1-150300.23.43.1 * sssd-krb5-common-debuginfo-1.16.1-150300.23.43.1 * libsss_certmap0-debuginfo-1.16.1-150300.23.43.1 * sssd-1.16.1-150300.23.43.1 * sssd-common-1.16.1-150300.23.43.1 * sssd-ldap-1.16.1-150300.23.43.1 * libsss_idmap0-debuginfo-1.16.1-150300.23.43.1 * libsss_nss_idmap0-1.16.1-150300.23.43.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * libsss_idmap0-1.16.1-150300.23.43.1 * libsss_certmap0-1.16.1-150300.23.43.1 * sssd-krb5-common-1.16.1-150300.23.43.1 * libsss_nss_idmap0-debuginfo-1.16.1-150300.23.43.1 * sssd-ldap-debuginfo-1.16.1-150300.23.43.1 * sssd-common-debuginfo-1.16.1-150300.23.43.1 * sssd-debugsource-1.16.1-150300.23.43.1 * sssd-krb5-common-debuginfo-1.16.1-150300.23.43.1 * libsss_certmap0-debuginfo-1.16.1-150300.23.43.1 * sssd-1.16.1-150300.23.43.1 * sssd-common-1.16.1-150300.23.43.1 * sssd-ldap-1.16.1-150300.23.43.1 * libsss_idmap0-debuginfo-1.16.1-150300.23.43.1 * libsss_nss_idmap0-1.16.1-150300.23.43.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * libsss_idmap0-1.16.1-150300.23.43.1 * libsss_certmap0-1.16.1-150300.23.43.1 * sssd-krb5-common-1.16.1-150300.23.43.1 * libsss_nss_idmap0-debuginfo-1.16.1-150300.23.43.1 * sssd-ldap-debuginfo-1.16.1-150300.23.43.1 * sssd-common-debuginfo-1.16.1-150300.23.43.1 * sssd-debugsource-1.16.1-150300.23.43.1 * sssd-krb5-common-debuginfo-1.16.1-150300.23.43.1 * libsss_certmap0-debuginfo-1.16.1-150300.23.43.1 * sssd-1.16.1-150300.23.43.1 * sssd-common-1.16.1-150300.23.43.1 * sssd-ldap-1.16.1-150300.23.43.1 * libsss_idmap0-debuginfo-1.16.1-150300.23.43.1 * libsss_nss_idmap0-1.16.1-150300.23.43.1 ## References: * https://www.suse.com/security/cve/CVE-2023-3758.html * https://bugzilla.suse.com/show_bug.cgi?id=1223100 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue May 7 16:30:12 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 07 May 2024 16:30:12 -0000 Subject: SUSE-SU-2024:1548-1: important: Security update for flatpak Message-ID: <171509941238.11798.8609756185923277931@smelt2.prg2.suse.org> # Security update for flatpak Announcement ID: SUSE-SU-2024:1548-1 Rating: important References: * bsc#1223110 Cross-References: * CVE-2024-32462 CVSS scores: * CVE-2024-32462 ( SUSE ): 8.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for flatpak fixes the following issues: * CVE-2024-32462: Fixed arbitrary code execution outside sandbox via malicious app due to insufficient 'command' argument sanitization (bsc#1223110) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1548=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1548=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1548=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * typelib-1_0-Flatpak-1_0-1.4.2-3.6.1 * libflatpak0-1.4.2-3.6.1 * flatpak-1.4.2-3.6.1 * flatpak-debuginfo-1.4.2-3.6.1 * libflatpak0-debuginfo-1.4.2-3.6.1 * flatpak-debugsource-1.4.2-3.6.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * typelib-1_0-Flatpak-1_0-1.4.2-3.6.1 * libflatpak0-1.4.2-3.6.1 * flatpak-1.4.2-3.6.1 * flatpak-debuginfo-1.4.2-3.6.1 * libflatpak0-debuginfo-1.4.2-3.6.1 * flatpak-debugsource-1.4.2-3.6.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * typelib-1_0-Flatpak-1_0-1.4.2-3.6.1 * libflatpak0-1.4.2-3.6.1 * flatpak-1.4.2-3.6.1 * flatpak-debuginfo-1.4.2-3.6.1 * libflatpak0-debuginfo-1.4.2-3.6.1 * flatpak-debugsource-1.4.2-3.6.1 ## References: * https://www.suse.com/security/cve/CVE-2024-32462.html * https://bugzilla.suse.com/show_bug.cgi?id=1223110 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue May 7 16:30:13 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 07 May 2024 16:30:13 -0000 Subject: SUSE-SU-2024:1547-1: important: Security update for flatpak Message-ID: <171509941388.11798.16182846627526144004@smelt2.prg2.suse.org> # Security update for flatpak Announcement ID: SUSE-SU-2024:1547-1 Rating: important References: * bsc#1223110 Cross-References: * CVE-2024-32462 CVSS scores: * CVE-2024-32462 ( SUSE ): 8.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N Affected Products: * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves one vulnerability can now be installed. ## Description: This update for flatpak fixes the following issues: * CVE-2024-32462: Fixed arbitrary code execution outside sandbox via malicious app due to insufficient 'command' argument sanitization (bsc#1223110) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-1547=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-1547=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-1547=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-1547=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-1547=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-1547=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-1547=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * flatpak-zsh-completion-1.10.8-150200.4.18.1 * flatpak-devel-1.10.8-150200.4.18.1 * flatpak-debuginfo-1.10.8-150200.4.18.1 * libflatpak0-debuginfo-1.10.8-150200.4.18.1 * libflatpak0-1.10.8-150200.4.18.1 * typelib-1_0-Flatpak-1_0-1.10.8-150200.4.18.1 * system-user-flatpak-1.10.8-150200.4.18.1 * flatpak-debugsource-1.10.8-150200.4.18.1 * flatpak-1.10.8-150200.4.18.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * flatpak-zsh-completion-1.10.8-150200.4.18.1 * flatpak-devel-1.10.8-150200.4.18.1 * flatpak-debuginfo-1.10.8-150200.4.18.1 * libflatpak0-debuginfo-1.10.8-150200.4.18.1 * libflatpak0-1.10.8-150200.4.18.1 * typelib-1_0-Flatpak-1_0-1.10.8-150200.4.18.1 * system-user-flatpak-1.10.8-150200.4.18.1 * flatpak-debugsource-1.10.8-150200.4.18.1 * flatpak-1.10.8-150200.4.18.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * flatpak-zsh-completion-1.10.8-150200.4.18.1 * flatpak-devel-1.10.8-150200.4.18.1 * flatpak-debuginfo-1.10.8-150200.4.18.1 * libflatpak0-debuginfo-1.10.8-150200.4.18.1 * libflatpak0-1.10.8-150200.4.18.1 * typelib-1_0-Flatpak-1_0-1.10.8-150200.4.18.1 * system-user-flatpak-1.10.8-150200.4.18.1 * flatpak-debugsource-1.10.8-150200.4.18.1 * flatpak-1.10.8-150200.4.18.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * flatpak-zsh-completion-1.10.8-150200.4.18.1 * flatpak-devel-1.10.8-150200.4.18.1 * flatpak-debuginfo-1.10.8-150200.4.18.1 * libflatpak0-debuginfo-1.10.8-150200.4.18.1 * libflatpak0-1.10.8-150200.4.18.1 * typelib-1_0-Flatpak-1_0-1.10.8-150200.4.18.1 * system-user-flatpak-1.10.8-150200.4.18.1 * flatpak-debugsource-1.10.8-150200.4.18.1 * flatpak-1.10.8-150200.4.18.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * flatpak-zsh-completion-1.10.8-150200.4.18.1 * flatpak-devel-1.10.8-150200.4.18.1 * flatpak-debuginfo-1.10.8-150200.4.18.1 * libflatpak0-debuginfo-1.10.8-150200.4.18.1 * libflatpak0-1.10.8-150200.4.18.1 * typelib-1_0-Flatpak-1_0-1.10.8-150200.4.18.1 * system-user-flatpak-1.10.8-150200.4.18.1 * flatpak-debugsource-1.10.8-150200.4.18.1 * flatpak-1.10.8-150200.4.18.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * flatpak-zsh-completion-1.10.8-150200.4.18.1 * flatpak-devel-1.10.8-150200.4.18.1 * flatpak-debuginfo-1.10.8-150200.4.18.1 * libflatpak0-debuginfo-1.10.8-150200.4.18.1 * libflatpak0-1.10.8-150200.4.18.1 * typelib-1_0-Flatpak-1_0-1.10.8-150200.4.18.1 * system-user-flatpak-1.10.8-150200.4.18.1 * flatpak-debugsource-1.10.8-150200.4.18.1 * flatpak-1.10.8-150200.4.18.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * flatpak-zsh-completion-1.10.8-150200.4.18.1 * flatpak-devel-1.10.8-150200.4.18.1 * flatpak-debuginfo-1.10.8-150200.4.18.1 * libflatpak0-debuginfo-1.10.8-150200.4.18.1 * libflatpak0-1.10.8-150200.4.18.1 * typelib-1_0-Flatpak-1_0-1.10.8-150200.4.18.1 * system-user-flatpak-1.10.8-150200.4.18.1 * flatpak-debugsource-1.10.8-150200.4.18.1 * flatpak-1.10.8-150200.4.18.1 ## References: * https://www.suse.com/security/cve/CVE-2024-32462.html * https://bugzilla.suse.com/show_bug.cgi?id=1223110 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue May 7 20:30:03 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 07 May 2024 20:30:03 -0000 Subject: SUSE-SU-2024:1551-1: important: Security update for the Linux Kernel (Live Patch 40 for SLE 15 SP2) Message-ID: <171511380344.4091.6703428910809321651@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 40 for SLE 15 SP2) Announcement ID: SUSE-SU-2024:1551-1 Rating: important References: * bsc#1216644 * bsc#1219079 * bsc#1219435 Cross-References: * CVE-2023-5717 * CVE-2024-0775 * CVE-2024-1086 CVSS scores: * CVE-2023-5717 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-5717 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-0775 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-0775 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-1086 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-1086 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise Live Patching 15-SP2 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 An update that solves three vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.3.18-150200_24_163 fixes several issues. The following security issues were fixed: * CVE-2024-0775: Fixed a use-after-free flaw was found in the __ext4_remount in fs/ext4/super.c in ext4 (bsc#1219079). * CVE-2023-5717: Fixed a heap out-of-bounds write vulnerability perf component (bsc#1216644). * CVE-2024-1086: Fixed a use-after-free vulnerability related to nft_verdict_init() (bsc#1219435). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP2 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP2-2024-1551=1 SUSE-SLE- Module-Live-Patching-15-SP2-2024-1552=1 SUSE-SLE-Module-Live- Patching-15-SP2-2024-1553=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP2 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP2_Update_37-debugsource-11-150200.2.1 * kernel-livepatch-5_3_18-150200_24_157-default-debuginfo-10-150200.2.1 * kernel-livepatch-5_3_18-150200_24_157-default-10-150200.2.1 * kernel-livepatch-5_3_18-150200_24_154-default-11-150200.2.1 * kernel-livepatch-5_3_18-150200_24_163-default-8-150200.2.1 * kernel-livepatch-SLE15-SP2_Update_38-debugsource-10-150200.2.1 * kernel-livepatch-5_3_18-150200_24_163-default-debuginfo-8-150200.2.1 * kernel-livepatch-SLE15-SP2_Update_40-debugsource-8-150200.2.1 * kernel-livepatch-5_3_18-150200_24_154-default-debuginfo-11-150200.2.1 ## References: * https://www.suse.com/security/cve/CVE-2023-5717.html * https://www.suse.com/security/cve/CVE-2024-0775.html * https://www.suse.com/security/cve/CVE-2024-1086.html * https://bugzilla.suse.com/show_bug.cgi?id=1216644 * https://bugzilla.suse.com/show_bug.cgi?id=1219079 * https://bugzilla.suse.com/show_bug.cgi?id=1219435 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 8 08:30:02 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 08 May 2024 08:30:02 -0000 Subject: SUSE-SU-2024:1554-1: important: Security update for the Linux Kernel (Live Patch 43 for SLE 15 SP2) Message-ID: <171515700238.25328.11361325937878796702@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 43 for SLE 15 SP2) Announcement ID: SUSE-SU-2024:1554-1 Rating: important References: * bsc#1219079 * bsc#1219435 Cross-References: * CVE-2024-0775 * CVE-2024-1086 CVSS scores: * CVE-2024-0775 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-0775 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-1086 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-1086 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise Live Patching 15-SP2 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 An update that solves two vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.3.18-150200_24_172 fixes several issues. The following security issues were fixed: * CVE-2024-0775: Fixed a use-after-free flaw was found in the __ext4_remount in fs/ext4/super.c in ext4 (bsc#1219079). * CVE-2024-1086: Fixed a use-after-free vulnerability related to nft_verdict_init() (bsc#1219435). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP2 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP2-2024-1554=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP2 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150200_24_172-default-6-150200.2.1 * kernel-livepatch-SLE15-SP2_Update_43-debugsource-6-150200.2.1 * kernel-livepatch-5_3_18-150200_24_172-default-debuginfo-6-150200.2.1 ## References: * https://www.suse.com/security/cve/CVE-2024-0775.html * https://www.suse.com/security/cve/CVE-2024-1086.html * https://bugzilla.suse.com/show_bug.cgi?id=1219079 * https://bugzilla.suse.com/show_bug.cgi?id=1219435 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 8 12:30:02 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 08 May 2024 12:30:02 -0000 Subject: SUSE-SU-2024:1557-1: moderate: Security update for rpm Message-ID: <171517140282.28521.6779073231008713316@smelt2.prg2.suse.org> # Security update for rpm Announcement ID: SUSE-SU-2024:1557-1 Rating: moderate References: * bsc#1189495 * bsc#1191175 * bsc#1218686 Cross-References: * CVE-2021-3521 CVSS scores: * CVE-2021-3521 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:N * CVE-2021-3521 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N Affected Products: * Basesystem Module 15-SP5 * Development Tools Module 15-SP5 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap Micro 5.4 * Public Cloud Module 15-SP4 * Public Cloud Module 15-SP5 * Python 3 Module 15-SP5 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Proxy 4.3 Module 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 * SUSE Manager Server 4.3 Module 4.3 An update that solves one vulnerability and has two security fixes can now be installed. ## Description: This update for rpm fixes the following issues: Security fixes: \- CVE-2021-3521: Fixed missing subkey binding signature checking (bsc#1191175) Other fixes: * accept more signature subpackets marked as critical (bsc#1218686) * backport limit support for the autopatch macro (bsc#1189495) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-1557=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-1557=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-1557=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-1557=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-1557=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-1557=1 * openSUSE Leap Micro 5.4 zypper in -t patch openSUSE-Leap-Micro-5.4-2024-1557=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1557=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-1557=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-1557=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-1557=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-1557=1 * Development Tools Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2024-1557=1 * Public Cloud Module 15-SP4 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2024-1557=1 * Public Cloud Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP5-2024-1557=1 * Python 3 Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Python3-15-SP5-2024-1557=1 * SUSE Manager Proxy 4.3 Module 4.3 zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Proxy-4.3-2024-1557=1 * SUSE Manager Server 4.3 Module 4.3 zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Server-4.3-2024-1557=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-1557=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-1557=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-1557=1 ## Package List: * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * rpm-4.14.3-150400.59.16.1 * python311-rpm-debuginfo-4.14.3-150400.59.16.1 * rpm-build-4.14.3-150400.59.16.1 * python311-rpm-4.14.3-150400.59.16.1 * rpm-devel-4.14.3-150400.59.16.1 * rpm-build-debuginfo-4.14.3-150400.59.16.1 * rpm-debugsource-4.14.3-150400.59.16.1 * python3-rpm-4.14.3-150400.59.16.1 * rpm-debuginfo-4.14.3-150400.59.16.1 * python-rpm-debugsource-4.14.3-150400.59.16.1 * python3-rpm-debuginfo-4.14.3-150400.59.16.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (x86_64) * rpm-32bit-4.14.3-150400.59.16.1 * rpm-32bit-debuginfo-4.14.3-150400.59.16.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * rpm-4.14.3-150400.59.16.1 * python311-rpm-debuginfo-4.14.3-150400.59.16.1 * rpm-build-4.14.3-150400.59.16.1 * python311-rpm-4.14.3-150400.59.16.1 * rpm-devel-4.14.3-150400.59.16.1 * rpm-build-debuginfo-4.14.3-150400.59.16.1 * rpm-debugsource-4.14.3-150400.59.16.1 * python3-rpm-4.14.3-150400.59.16.1 * rpm-debuginfo-4.14.3-150400.59.16.1 * python-rpm-debugsource-4.14.3-150400.59.16.1 * python3-rpm-debuginfo-4.14.3-150400.59.16.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64) * rpm-32bit-4.14.3-150400.59.16.1 * rpm-32bit-debuginfo-4.14.3-150400.59.16.1 * SUSE Manager Proxy 4.3 (x86_64) * rpm-4.14.3-150400.59.16.1 * rpm-debuginfo-4.14.3-150400.59.16.1 * rpm-32bit-4.14.3-150400.59.16.1 * rpm-devel-4.14.3-150400.59.16.1 * rpm-debugsource-4.14.3-150400.59.16.1 * python3-rpm-4.14.3-150400.59.16.1 * rpm-32bit-debuginfo-4.14.3-150400.59.16.1 * python-rpm-debugsource-4.14.3-150400.59.16.1 * python3-rpm-debuginfo-4.14.3-150400.59.16.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * rpm-4.14.3-150400.59.16.1 * rpm-debuginfo-4.14.3-150400.59.16.1 * rpm-32bit-4.14.3-150400.59.16.1 * rpm-devel-4.14.3-150400.59.16.1 * rpm-debugsource-4.14.3-150400.59.16.1 * python3-rpm-4.14.3-150400.59.16.1 * rpm-32bit-debuginfo-4.14.3-150400.59.16.1 * python-rpm-debugsource-4.14.3-150400.59.16.1 * python3-rpm-debuginfo-4.14.3-150400.59.16.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * rpm-4.14.3-150400.59.16.1 * rpm-devel-4.14.3-150400.59.16.1 * rpm-debugsource-4.14.3-150400.59.16.1 * python3-rpm-4.14.3-150400.59.16.1 * rpm-debuginfo-4.14.3-150400.59.16.1 * python-rpm-debugsource-4.14.3-150400.59.16.1 * python3-rpm-debuginfo-4.14.3-150400.59.16.1 * SUSE Manager Server 4.3 (x86_64) * rpm-32bit-4.14.3-150400.59.16.1 * rpm-32bit-debuginfo-4.14.3-150400.59.16.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * rpm-4.14.3-150400.59.16.1 * python311-rpm-debuginfo-4.14.3-150400.59.16.1 * rpm-build-4.14.3-150400.59.16.1 * python311-rpm-4.14.3-150400.59.16.1 * rpm-ndb-4.14.3-150400.59.16.1 * rpm-ndb-debugsource-4.14.3-150400.59.16.1 * rpm-build-debuginfo-4.14.3-150400.59.16.1 * rpm-devel-4.14.3-150400.59.16.1 * rpm-ndb-debuginfo-4.14.3-150400.59.16.1 * rpm-debugsource-4.14.3-150400.59.16.1 * python3-rpm-4.14.3-150400.59.16.1 * rpm-imaevmsign-4.14.3-150400.59.16.1 * rpm-debuginfo-4.14.3-150400.59.16.1 * python-rpm-debugsource-4.14.3-150400.59.16.1 * rpm-imaevmsign-debuginfo-4.14.3-150400.59.16.1 * python3-rpm-debuginfo-4.14.3-150400.59.16.1 * openSUSE Leap 15.4 (x86_64) * rpm-ndb-32bit-debuginfo-4.14.3-150400.59.16.1 * rpm-32bit-4.14.3-150400.59.16.1 * rpm-ndb-32bit-4.14.3-150400.59.16.1 * rpm-32bit-debuginfo-4.14.3-150400.59.16.1 * openSUSE Leap 15.4 (aarch64_ilp32) * rpm-64bit-4.14.3-150400.59.16.1 * rpm-64bit-debuginfo-4.14.3-150400.59.16.1 * rpm-ndb-64bit-4.14.3-150400.59.16.1 * rpm-ndb-64bit-debuginfo-4.14.3-150400.59.16.1 * openSUSE Leap Micro 5.4 (aarch64 s390x x86_64) * rpm-4.14.3-150400.59.16.1 * rpm-ndb-4.14.3-150400.59.16.1 * rpm-ndb-debugsource-4.14.3-150400.59.16.1 * rpm-ndb-debuginfo-4.14.3-150400.59.16.1 * rpm-debugsource-4.14.3-150400.59.16.1 * python3-rpm-4.14.3-150400.59.16.1 * rpm-debuginfo-4.14.3-150400.59.16.1 * python-rpm-debugsource-4.14.3-150400.59.16.1 * python3-rpm-debuginfo-4.14.3-150400.59.16.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * rpm-4.14.3-150400.59.16.1 * python311-rpm-debuginfo-4.14.3-150400.59.16.1 * rpm-build-4.14.3-150400.59.16.1 * python311-rpm-4.14.3-150400.59.16.1 * rpm-devel-4.14.3-150400.59.16.1 * rpm-ndb-4.14.3-150400.59.16.1 * rpm-build-debuginfo-4.14.3-150400.59.16.1 * rpm-ndb-debugsource-4.14.3-150400.59.16.1 * rpm-ndb-debuginfo-4.14.3-150400.59.16.1 * rpm-debugsource-4.14.3-150400.59.16.1 * python3-rpm-4.14.3-150400.59.16.1 * rpm-debuginfo-4.14.3-150400.59.16.1 * python-rpm-debugsource-4.14.3-150400.59.16.1 * python3-rpm-debuginfo-4.14.3-150400.59.16.1 * openSUSE Leap 15.5 (x86_64) * rpm-ndb-32bit-debuginfo-4.14.3-150400.59.16.1 * rpm-32bit-4.14.3-150400.59.16.1 * rpm-ndb-32bit-4.14.3-150400.59.16.1 * rpm-32bit-debuginfo-4.14.3-150400.59.16.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * rpm-4.14.3-150400.59.16.1 * rpm-ndb-4.14.3-150400.59.16.1 * rpm-ndb-debugsource-4.14.3-150400.59.16.1 * rpm-ndb-debuginfo-4.14.3-150400.59.16.1 * rpm-debugsource-4.14.3-150400.59.16.1 * python3-rpm-4.14.3-150400.59.16.1 * rpm-debuginfo-4.14.3-150400.59.16.1 * python-rpm-debugsource-4.14.3-150400.59.16.1 * python3-rpm-debuginfo-4.14.3-150400.59.16.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * rpm-4.14.3-150400.59.16.1 * rpm-ndb-4.14.3-150400.59.16.1 * rpm-ndb-debugsource-4.14.3-150400.59.16.1 * rpm-ndb-debuginfo-4.14.3-150400.59.16.1 * rpm-debugsource-4.14.3-150400.59.16.1 * python3-rpm-4.14.3-150400.59.16.1 * rpm-debuginfo-4.14.3-150400.59.16.1 * python-rpm-debugsource-4.14.3-150400.59.16.1 * python3-rpm-debuginfo-4.14.3-150400.59.16.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 s390x x86_64) * rpm-4.14.3-150400.59.16.1 * rpm-ndb-4.14.3-150400.59.16.1 * rpm-ndb-debugsource-4.14.3-150400.59.16.1 * rpm-ndb-debuginfo-4.14.3-150400.59.16.1 * rpm-debugsource-4.14.3-150400.59.16.1 * python3-rpm-4.14.3-150400.59.16.1 * rpm-debuginfo-4.14.3-150400.59.16.1 * python-rpm-debugsource-4.14.3-150400.59.16.1 * python3-rpm-debuginfo-4.14.3-150400.59.16.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * rpm-4.14.3-150400.59.16.1 * rpm-devel-4.14.3-150400.59.16.1 * rpm-debugsource-4.14.3-150400.59.16.1 * python3-rpm-4.14.3-150400.59.16.1 * rpm-debuginfo-4.14.3-150400.59.16.1 * python-rpm-debugsource-4.14.3-150400.59.16.1 * python3-rpm-debuginfo-4.14.3-150400.59.16.1 * Basesystem Module 15-SP5 (x86_64) * rpm-32bit-4.14.3-150400.59.16.1 * rpm-32bit-debuginfo-4.14.3-150400.59.16.1 * Development Tools Module 15-SP5 (aarch64 ppc64le s390x x86_64) * rpm-build-4.14.3-150400.59.16.1 * rpm-build-debuginfo-4.14.3-150400.59.16.1 * rpm-debugsource-4.14.3-150400.59.16.1 * rpm-debuginfo-4.14.3-150400.59.16.1 * Public Cloud Module 15-SP4 (aarch64 ppc64le s390x x86_64) * rpm-ndb-debugsource-4.14.3-150400.59.16.1 * rpm-ndb-debuginfo-4.14.3-150400.59.16.1 * rpm-ndb-4.14.3-150400.59.16.1 * Public Cloud Module 15-SP5 (aarch64 ppc64le s390x x86_64) * rpm-ndb-debugsource-4.14.3-150400.59.16.1 * rpm-ndb-debuginfo-4.14.3-150400.59.16.1 * rpm-ndb-4.14.3-150400.59.16.1 * Python 3 Module 15-SP5 (aarch64 ppc64le s390x x86_64) * python311-rpm-debuginfo-4.14.3-150400.59.16.1 * python311-rpm-4.14.3-150400.59.16.1 * SUSE Manager Proxy 4.3 Module 4.3 (aarch64 ppc64le s390x x86_64) * rpm-build-4.14.3-150400.59.16.1 * rpm-build-debuginfo-4.14.3-150400.59.16.1 * rpm-debugsource-4.14.3-150400.59.16.1 * rpm-debuginfo-4.14.3-150400.59.16.1 * SUSE Manager Server 4.3 Module 4.3 (aarch64 ppc64le s390x x86_64) * rpm-build-4.14.3-150400.59.16.1 * rpm-build-debuginfo-4.14.3-150400.59.16.1 * rpm-debugsource-4.14.3-150400.59.16.1 * rpm-debuginfo-4.14.3-150400.59.16.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * rpm-4.14.3-150400.59.16.1 * python311-rpm-debuginfo-4.14.3-150400.59.16.1 * rpm-build-4.14.3-150400.59.16.1 * python311-rpm-4.14.3-150400.59.16.1 * rpm-devel-4.14.3-150400.59.16.1 * rpm-build-debuginfo-4.14.3-150400.59.16.1 * rpm-debugsource-4.14.3-150400.59.16.1 * python3-rpm-4.14.3-150400.59.16.1 * rpm-debuginfo-4.14.3-150400.59.16.1 * python-rpm-debugsource-4.14.3-150400.59.16.1 * python3-rpm-debuginfo-4.14.3-150400.59.16.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64) * rpm-32bit-4.14.3-150400.59.16.1 * rpm-32bit-debuginfo-4.14.3-150400.59.16.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * rpm-4.14.3-150400.59.16.1 * python311-rpm-debuginfo-4.14.3-150400.59.16.1 * rpm-build-4.14.3-150400.59.16.1 * python311-rpm-4.14.3-150400.59.16.1 * rpm-devel-4.14.3-150400.59.16.1 * rpm-build-debuginfo-4.14.3-150400.59.16.1 * rpm-debugsource-4.14.3-150400.59.16.1 * python3-rpm-4.14.3-150400.59.16.1 * rpm-debuginfo-4.14.3-150400.59.16.1 * python-rpm-debugsource-4.14.3-150400.59.16.1 * python3-rpm-debuginfo-4.14.3-150400.59.16.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64) * rpm-32bit-4.14.3-150400.59.16.1 * rpm-32bit-debuginfo-4.14.3-150400.59.16.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * rpm-4.14.3-150400.59.16.1 * rpm-debuginfo-4.14.3-150400.59.16.1 * python311-rpm-debuginfo-4.14.3-150400.59.16.1 * rpm-build-4.14.3-150400.59.16.1 * rpm-32bit-4.14.3-150400.59.16.1 * python311-rpm-4.14.3-150400.59.16.1 * rpm-devel-4.14.3-150400.59.16.1 * rpm-build-debuginfo-4.14.3-150400.59.16.1 * rpm-debugsource-4.14.3-150400.59.16.1 * python3-rpm-4.14.3-150400.59.16.1 * rpm-32bit-debuginfo-4.14.3-150400.59.16.1 * python-rpm-debugsource-4.14.3-150400.59.16.1 * python3-rpm-debuginfo-4.14.3-150400.59.16.1 ## References: * https://www.suse.com/security/cve/CVE-2021-3521.html * https://bugzilla.suse.com/show_bug.cgi?id=1189495 * https://bugzilla.suse.com/show_bug.cgi?id=1191175 * https://bugzilla.suse.com/show_bug.cgi?id=1218686 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 8 12:30:06 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 08 May 2024 12:30:06 -0000 Subject: SUSE-SU-2024:1556-1: important: Security update for python311 Message-ID: <171517140687.28521.18189931149638021747@smelt2.prg2.suse.org> # Security update for python311 Announcement ID: SUSE-SU-2024:1556-1 Rating: important References: * bsc#1189495 * bsc#1211301 * bsc#1219559 * bsc#1219666 * bsc#1221260 * bsc#1221854 Cross-References: * CVE-2023-52425 * CVE-2023-6597 * CVE-2024-0450 CVSS scores: * CVE-2023-52425 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52425 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6597 ( SUSE ): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-0450 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.5 * Public Cloud Module 15-SP4 * Python 3 Module 15-SP5 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves three vulnerabilities and has three security fixes can now be installed. ## Description: This update for python311 fixes the following issues: * CVE-2024-0450: Fixed "quoted-overlap" issue inside the zipfile module (bsc#1221854). * CVE-2023-6597: Fixed removing tempfile.TemporaryDirectory in some edge cases related to symlinks (bsc#1219666). * CVE-2023-52425: Fixed denial of service (resource consumption) caused by processing large tokens (bsc#1219559). Bug fixes: * Eliminate ResourceWarning which broke the test suite in test_asyncio (bsc#1221260). * Revert use of %autopatch (bsc#1189495). * Use the system-wide crypto-policies (bsc#1211301). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-1556=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1556=1 * Public Cloud Module 15-SP4 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2024-1556=1 * Python 3 Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Python3-15-SP5-2024-1556=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-1556=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-1556=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-1556=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-1556=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-1556=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * python311-testsuite-3.11.9-150400.9.26.1 * python311-doc-3.11.9-150400.9.26.1 * python311-debugsource-3.11.9-150400.9.26.1 * python311-doc-devhelp-3.11.9-150400.9.26.1 * python311-devel-3.11.9-150400.9.26.1 * python311-core-debugsource-3.11.9-150400.9.26.1 * python311-testsuite-debuginfo-3.11.9-150400.9.26.1 * python311-base-debuginfo-3.11.9-150400.9.26.1 * libpython3_11-1_0-debuginfo-3.11.9-150400.9.26.1 * python311-curses-debuginfo-3.11.9-150400.9.26.1 * libpython3_11-1_0-3.11.9-150400.9.26.1 * python311-debuginfo-3.11.9-150400.9.26.1 * python311-dbm-3.11.9-150400.9.26.1 * python311-tk-3.11.9-150400.9.26.1 * python311-idle-3.11.9-150400.9.26.1 * python311-3.11.9-150400.9.26.1 * python311-tools-3.11.9-150400.9.26.1 * python311-dbm-debuginfo-3.11.9-150400.9.26.1 * python311-tk-debuginfo-3.11.9-150400.9.26.1 * python311-curses-3.11.9-150400.9.26.1 * python311-base-3.11.9-150400.9.26.1 * openSUSE Leap 15.4 (x86_64) * libpython3_11-1_0-32bit-debuginfo-3.11.9-150400.9.26.1 * python311-base-32bit-3.11.9-150400.9.26.1 * python311-32bit-debuginfo-3.11.9-150400.9.26.1 * python311-32bit-3.11.9-150400.9.26.1 * libpython3_11-1_0-32bit-3.11.9-150400.9.26.1 * python311-base-32bit-debuginfo-3.11.9-150400.9.26.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libpython3_11-1_0-64bit-3.11.9-150400.9.26.1 * python311-64bit-3.11.9-150400.9.26.1 * python311-base-64bit-debuginfo-3.11.9-150400.9.26.1 * libpython3_11-1_0-64bit-debuginfo-3.11.9-150400.9.26.1 * python311-base-64bit-3.11.9-150400.9.26.1 * python311-64bit-debuginfo-3.11.9-150400.9.26.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * python311-testsuite-3.11.9-150400.9.26.1 * python311-doc-3.11.9-150400.9.26.1 * python311-debugsource-3.11.9-150400.9.26.1 * python311-doc-devhelp-3.11.9-150400.9.26.1 * python311-devel-3.11.9-150400.9.26.1 * python311-core-debugsource-3.11.9-150400.9.26.1 * python311-testsuite-debuginfo-3.11.9-150400.9.26.1 * python311-base-debuginfo-3.11.9-150400.9.26.1 * libpython3_11-1_0-debuginfo-3.11.9-150400.9.26.1 * libpython3_11-1_0-3.11.9-150400.9.26.1 * python311-curses-debuginfo-3.11.9-150400.9.26.1 * python311-debuginfo-3.11.9-150400.9.26.1 * python311-dbm-3.11.9-150400.9.26.1 * python311-tk-3.11.9-150400.9.26.1 * python311-idle-3.11.9-150400.9.26.1 * python311-3.11.9-150400.9.26.1 * python311-tools-3.11.9-150400.9.26.1 * python311-dbm-debuginfo-3.11.9-150400.9.26.1 * python311-tk-debuginfo-3.11.9-150400.9.26.1 * python311-base-3.11.9-150400.9.26.1 * python311-curses-3.11.9-150400.9.26.1 * openSUSE Leap 15.5 (x86_64) * libpython3_11-1_0-32bit-debuginfo-3.11.9-150400.9.26.1 * python311-base-32bit-3.11.9-150400.9.26.1 * python311-32bit-debuginfo-3.11.9-150400.9.26.1 * python311-32bit-3.11.9-150400.9.26.1 * libpython3_11-1_0-32bit-3.11.9-150400.9.26.1 * python311-base-32bit-debuginfo-3.11.9-150400.9.26.1 * Public Cloud Module 15-SP4 (aarch64 ppc64le s390x x86_64) * python311-3.11.9-150400.9.26.1 * python311-base-3.11.9-150400.9.26.1 * libpython3_11-1_0-3.11.9-150400.9.26.1 * Python 3 Module 15-SP5 (aarch64 ppc64le s390x x86_64) * python311-3.11.9-150400.9.26.1 * python311-dbm-3.11.9-150400.9.26.1 * python311-base-debuginfo-3.11.9-150400.9.26.1 * python311-debugsource-3.11.9-150400.9.26.1 * python311-doc-3.11.9-150400.9.26.1 * python311-tk-3.11.9-150400.9.26.1 * python311-doc-devhelp-3.11.9-150400.9.26.1 * python311-dbm-debuginfo-3.11.9-150400.9.26.1 * python311-devel-3.11.9-150400.9.26.1 * python311-tools-3.11.9-150400.9.26.1 * libpython3_11-1_0-debuginfo-3.11.9-150400.9.26.1 * python311-tk-debuginfo-3.11.9-150400.9.26.1 * python311-base-3.11.9-150400.9.26.1 * libpython3_11-1_0-3.11.9-150400.9.26.1 * python311-curses-3.11.9-150400.9.26.1 * python311-curses-debuginfo-3.11.9-150400.9.26.1 * python311-idle-3.11.9-150400.9.26.1 * python311-debuginfo-3.11.9-150400.9.26.1 * python311-core-debugsource-3.11.9-150400.9.26.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * python311-3.11.9-150400.9.26.1 * python311-dbm-3.11.9-150400.9.26.1 * python311-base-debuginfo-3.11.9-150400.9.26.1 * python311-debugsource-3.11.9-150400.9.26.1 * python311-doc-3.11.9-150400.9.26.1 * python311-tk-3.11.9-150400.9.26.1 * python311-doc-devhelp-3.11.9-150400.9.26.1 * python311-dbm-debuginfo-3.11.9-150400.9.26.1 * python311-devel-3.11.9-150400.9.26.1 * python311-tools-3.11.9-150400.9.26.1 * libpython3_11-1_0-debuginfo-3.11.9-150400.9.26.1 * python311-tk-debuginfo-3.11.9-150400.9.26.1 * python311-base-3.11.9-150400.9.26.1 * libpython3_11-1_0-3.11.9-150400.9.26.1 * python311-curses-3.11.9-150400.9.26.1 * python311-curses-debuginfo-3.11.9-150400.9.26.1 * python311-idle-3.11.9-150400.9.26.1 * python311-debuginfo-3.11.9-150400.9.26.1 * python311-core-debugsource-3.11.9-150400.9.26.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * python311-3.11.9-150400.9.26.1 * python311-dbm-3.11.9-150400.9.26.1 * python311-base-debuginfo-3.11.9-150400.9.26.1 * python311-debugsource-3.11.9-150400.9.26.1 * python311-doc-3.11.9-150400.9.26.1 * python311-tk-3.11.9-150400.9.26.1 * python311-doc-devhelp-3.11.9-150400.9.26.1 * python311-dbm-debuginfo-3.11.9-150400.9.26.1 * python311-devel-3.11.9-150400.9.26.1 * python311-tools-3.11.9-150400.9.26.1 * libpython3_11-1_0-debuginfo-3.11.9-150400.9.26.1 * python311-tk-debuginfo-3.11.9-150400.9.26.1 * python311-base-3.11.9-150400.9.26.1 * libpython3_11-1_0-3.11.9-150400.9.26.1 * python311-curses-3.11.9-150400.9.26.1 * python311-curses-debuginfo-3.11.9-150400.9.26.1 * python311-idle-3.11.9-150400.9.26.1 * python311-debuginfo-3.11.9-150400.9.26.1 * python311-core-debugsource-3.11.9-150400.9.26.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * python311-3.11.9-150400.9.26.1 * python311-dbm-3.11.9-150400.9.26.1 * python311-base-debuginfo-3.11.9-150400.9.26.1 * python311-debugsource-3.11.9-150400.9.26.1 * python311-doc-3.11.9-150400.9.26.1 * python311-tk-3.11.9-150400.9.26.1 * python311-doc-devhelp-3.11.9-150400.9.26.1 * python311-dbm-debuginfo-3.11.9-150400.9.26.1 * python311-devel-3.11.9-150400.9.26.1 * python311-tools-3.11.9-150400.9.26.1 * libpython3_11-1_0-debuginfo-3.11.9-150400.9.26.1 * python311-tk-debuginfo-3.11.9-150400.9.26.1 * python311-base-3.11.9-150400.9.26.1 * libpython3_11-1_0-3.11.9-150400.9.26.1 * python311-curses-3.11.9-150400.9.26.1 * python311-curses-debuginfo-3.11.9-150400.9.26.1 * python311-idle-3.11.9-150400.9.26.1 * python311-debuginfo-3.11.9-150400.9.26.1 * python311-core-debugsource-3.11.9-150400.9.26.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * python311-3.11.9-150400.9.26.1 * python311-dbm-3.11.9-150400.9.26.1 * python311-base-debuginfo-3.11.9-150400.9.26.1 * python311-debugsource-3.11.9-150400.9.26.1 * python311-doc-3.11.9-150400.9.26.1 * python311-tk-3.11.9-150400.9.26.1 * python311-doc-devhelp-3.11.9-150400.9.26.1 * python311-dbm-debuginfo-3.11.9-150400.9.26.1 * python311-devel-3.11.9-150400.9.26.1 * python311-tools-3.11.9-150400.9.26.1 * libpython3_11-1_0-debuginfo-3.11.9-150400.9.26.1 * python311-tk-debuginfo-3.11.9-150400.9.26.1 * python311-base-3.11.9-150400.9.26.1 * libpython3_11-1_0-3.11.9-150400.9.26.1 * python311-curses-3.11.9-150400.9.26.1 * python311-curses-debuginfo-3.11.9-150400.9.26.1 * python311-idle-3.11.9-150400.9.26.1 * python311-debuginfo-3.11.9-150400.9.26.1 * python311-core-debugsource-3.11.9-150400.9.26.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * python311-3.11.9-150400.9.26.1 * python311-dbm-3.11.9-150400.9.26.1 * python311-base-debuginfo-3.11.9-150400.9.26.1 * python311-debugsource-3.11.9-150400.9.26.1 * python311-doc-3.11.9-150400.9.26.1 * python311-tk-3.11.9-150400.9.26.1 * python311-doc-devhelp-3.11.9-150400.9.26.1 * python311-dbm-debuginfo-3.11.9-150400.9.26.1 * python311-devel-3.11.9-150400.9.26.1 * python311-tools-3.11.9-150400.9.26.1 * libpython3_11-1_0-debuginfo-3.11.9-150400.9.26.1 * python311-tk-debuginfo-3.11.9-150400.9.26.1 * python311-base-3.11.9-150400.9.26.1 * libpython3_11-1_0-3.11.9-150400.9.26.1 * python311-curses-3.11.9-150400.9.26.1 * python311-curses-debuginfo-3.11.9-150400.9.26.1 * python311-idle-3.11.9-150400.9.26.1 * python311-debuginfo-3.11.9-150400.9.26.1 * python311-core-debugsource-3.11.9-150400.9.26.1 ## References: * https://www.suse.com/security/cve/CVE-2023-52425.html * https://www.suse.com/security/cve/CVE-2023-6597.html * https://www.suse.com/security/cve/CVE-2024-0450.html * https://bugzilla.suse.com/show_bug.cgi?id=1189495 * https://bugzilla.suse.com/show_bug.cgi?id=1211301 * https://bugzilla.suse.com/show_bug.cgi?id=1219559 * https://bugzilla.suse.com/show_bug.cgi?id=1219666 * https://bugzilla.suse.com/show_bug.cgi?id=1221260 * https://bugzilla.suse.com/show_bug.cgi?id=1221854 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 8 16:30:05 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 08 May 2024 16:30:05 -0000 Subject: SUSE-SU-2024:1562-1: important: Security update for the Linux Kernel (Live Patch 40 for SLE 15 SP3) Message-ID: <171518580546.20536.3741155974633937986@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 40 for SLE 15 SP3) Announcement ID: SUSE-SU-2024:1562-1 Rating: important References: * bsc#1219079 * bsc#1219435 * bsc#1220828 Cross-References: * CVE-2024-0775 * CVE-2024-1086 * CVE-2024-26622 CVSS scores: * CVE-2024-0775 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-0775 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-1086 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-1086 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26622 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise Live Patching 15-SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves three vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.3.18-150300_59_147 fixes several issues. The following security issues were fixed: * CVE-2024-0775: Fixed a use-after-free flaw was found in the __ext4_remount in fs/ext4/super.c in ext4 (bsc#1219079). * CVE-2024-26622: Fixed a use-after-free bug in tomoyo_write_control() (bsc#1220828). * CVE-2024-1086: Fixed a use-after-free vulnerability related to nft_verdict_init() (bsc#1219435). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-1562=1 * SUSE Linux Enterprise Live Patching 15-SP3 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2024-1562=1 ## Package List: * openSUSE Leap 15.3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_147-default-6-150300.2.1 * kernel-livepatch-5_3_18-150300_59_147-default-debuginfo-6-150300.2.1 * kernel-livepatch-SLE15-SP3_Update_40-debugsource-6-150300.2.1 * openSUSE Leap 15.3 (x86_64) * kernel-livepatch-5_3_18-150300_59_147-preempt-debuginfo-6-150300.2.1 * kernel-livepatch-5_3_18-150300_59_147-preempt-6-150300.2.1 * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_147-default-6-150300.2.1 ## References: * https://www.suse.com/security/cve/CVE-2024-0775.html * https://www.suse.com/security/cve/CVE-2024-1086.html * https://www.suse.com/security/cve/CVE-2024-26622.html * https://bugzilla.suse.com/show_bug.cgi?id=1219079 * https://bugzilla.suse.com/show_bug.cgi?id=1219435 * https://bugzilla.suse.com/show_bug.cgi?id=1220828 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 8 16:30:08 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 08 May 2024 16:30:08 -0000 Subject: SUSE-SU-2024:1558-1: important: Security update for the Linux Kernel (Live Patch 36 for SLE 15 SP3) Message-ID: <171518580896.20536.6400837717791254127@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 36 for SLE 15 SP3) Announcement ID: SUSE-SU-2024:1558-1 Rating: important References: * bsc#1216644 * bsc#1219079 * bsc#1219435 * bsc#1220828 Cross-References: * CVE-2023-5717 * CVE-2024-0775 * CVE-2024-1086 * CVE-2024-26622 CVSS scores: * CVE-2023-5717 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-5717 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-0775 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-0775 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-1086 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-1086 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26622 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise Live Patching 15-SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves four vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.3.18-150300_59_133 fixes several issues. The following security issues were fixed: * CVE-2024-0775: Fixed a use-after-free flaw was found in the __ext4_remount in fs/ext4/super.c in ext4 (bsc#1219079). * CVE-2023-5717: Fixed a heap out-of-bounds write vulnerability perf component (bsc#1216644). * CVE-2024-26622: Fixed a use-after-free bug in tomoyo_write_control() (bsc#1220828). * CVE-2024-1086: Fixed a use-after-free vulnerability related to nft_verdict_init() (bsc#1219435). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-1561=1 SUSE-2024-1560=1 SUSE-2024-1558=1 SUSE-2024-1559=1 * SUSE Linux Enterprise Live Patching 15-SP3 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2024-1559=1 SUSE-SLE- Module-Live-Patching-15-SP3-2024-1561=1 SUSE-SLE-Module-Live- Patching-15-SP3-2024-1560=1 SUSE-SLE-Module-Live-Patching-15-SP3-2024-1558=1 ## Package List: * openSUSE Leap 15.3 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP3_Update_33-debugsource-11-150300.2.1 * kernel-livepatch-5_3_18-150300_59_127-default-10-150300.2.1 * kernel-livepatch-5_3_18-150300_59_130-default-debuginfo-9-150300.2.1 * kernel-livepatch-5_3_18-150300_59_133-default-debuginfo-8-150300.2.1 * kernel-livepatch-5_3_18-150300_59_124-default-11-150300.2.1 * kernel-livepatch-5_3_18-150300_59_130-default-9-150300.2.1 * kernel-livepatch-5_3_18-150300_59_133-default-8-150300.2.1 * kernel-livepatch-SLE15-SP3_Update_34-debugsource-10-150300.2.1 * kernel-livepatch-5_3_18-150300_59_124-default-debuginfo-11-150300.2.1 * kernel-livepatch-SLE15-SP3_Update_35-debugsource-9-150300.2.1 * kernel-livepatch-SLE15-SP3_Update_36-debugsource-8-150300.2.1 * kernel-livepatch-5_3_18-150300_59_127-default-debuginfo-10-150300.2.1 * openSUSE Leap 15.3 (x86_64) * kernel-livepatch-5_3_18-150300_59_124-preempt-debuginfo-11-150300.2.1 * kernel-livepatch-5_3_18-150300_59_127-preempt-debuginfo-10-150300.2.1 * kernel-livepatch-5_3_18-150300_59_124-preempt-11-150300.2.1 * kernel-livepatch-5_3_18-150300_59_130-preempt-debuginfo-9-150300.2.1 * kernel-livepatch-5_3_18-150300_59_133-preempt-8-150300.2.1 * kernel-livepatch-5_3_18-150300_59_133-preempt-debuginfo-8-150300.2.1 * kernel-livepatch-5_3_18-150300_59_130-preempt-9-150300.2.1 * kernel-livepatch-5_3_18-150300_59_127-preempt-10-150300.2.1 * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_133-default-8-150300.2.1 * kernel-livepatch-5_3_18-150300_59_124-default-11-150300.2.1 * kernel-livepatch-5_3_18-150300_59_127-default-10-150300.2.1 * kernel-livepatch-5_3_18-150300_59_130-default-9-150300.2.1 ## References: * https://www.suse.com/security/cve/CVE-2023-5717.html * https://www.suse.com/security/cve/CVE-2024-0775.html * https://www.suse.com/security/cve/CVE-2024-1086.html * https://www.suse.com/security/cve/CVE-2024-26622.html * https://bugzilla.suse.com/show_bug.cgi?id=1216644 * https://bugzilla.suse.com/show_bug.cgi?id=1219079 * https://bugzilla.suse.com/show_bug.cgi?id=1219435 * https://bugzilla.suse.com/show_bug.cgi?id=1220828 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 9 12:30:06 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 09 May 2024 12:30:06 -0000 Subject: SUSE-SU-2024:1574-1: moderate: Security update for go1.21 Message-ID: <171525780673.13210.12235517580618595021@smelt2.prg2.suse.org> # Security update for go1.21 Announcement ID: SUSE-SU-2024:1574-1 Rating: moderate References: * bsc#1212475 * bsc#1224017 Cross-References: * CVE-2024-24787 CVSS scores: * CVE-2024-24787 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for go1.21 fixes the following issues: Update to go1.21.10: * CVE-2024-24787: cmd/go: arbitrary code execution during build on darwin (bsc#1224017) * net/http: TestRequestLimit/h2 becomes significantly more expensive and slower after x/net at v0.23.0 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-1574=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * go1.21-doc-1.21.10-1.33.1 * go1.21-1.21.10-1.33.1 ## References: * https://www.suse.com/security/cve/CVE-2024-24787.html * https://bugzilla.suse.com/show_bug.cgi?id=1212475 * https://bugzilla.suse.com/show_bug.cgi?id=1224017 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 9 12:30:08 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 09 May 2024 12:30:08 -0000 Subject: SUSE-SU-2024:1573-1: moderate: Security update for go1.22 Message-ID: <171525780871.13210.14557826224658710037@smelt2.prg2.suse.org> # Security update for go1.22 Announcement ID: SUSE-SU-2024:1573-1 Rating: moderate References: * bsc#1218424 * bsc#1224017 * bsc#1224018 Cross-References: * CVE-2024-24787 * CVE-2024-24788 CVSS scores: * CVE-2024-24787 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-24788 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 An update that solves two vulnerabilities and has one security fix can now be installed. ## Description: This update for go1.22 fixes the following issues: Update to go1.22.3: * CVE-2024-24787: cmd/go: arbitrary code execution during build on darwin (bsc#1224017) * CVE-2024-24788: net: high cpu usage in extractExtendedRCode (bsc#1224018) * cmd/compile: Go 1.22.x failed to be bootstrapped from 386 to ppc64le * cmd/compile: changing a hot concrete method to interface method triggers a PGO ICE * runtime: deterministic fallback hashes across process boundary * net/http: TestRequestLimit/h2 becomes significantly more expensive and slower after x/net at v0.23.0 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-1573=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * go1.22-doc-1.22.3-1.9.1 * go1.22-1.22.3-1.9.1 ## References: * https://www.suse.com/security/cve/CVE-2024-24787.html * https://www.suse.com/security/cve/CVE-2024-24788.html * https://bugzilla.suse.com/show_bug.cgi?id=1218424 * https://bugzilla.suse.com/show_bug.cgi?id=1224017 * https://bugzilla.suse.com/show_bug.cgi?id=1224018 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 9 12:30:10 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 09 May 2024 12:30:10 -0000 Subject: SUSE-SU-2024:1572-1: important: Security update for python-Werkzeug Message-ID: <171525781016.13210.4361148027810823597@smelt2.prg2.suse.org> # Security update for python-Werkzeug Announcement ID: SUSE-SU-2024:1572-1 Rating: important References: * bsc#1223979 Cross-References: * CVE-2024-34069 CVSS scores: * CVE-2024-34069 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * Public Cloud Module 12 * SUSE Linux Enterprise High Performance Computing 12 SP2 * SUSE Linux Enterprise High Performance Computing 12 SP3 * SUSE Linux Enterprise High Performance Computing 12 SP4 * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 * SUSE Linux Enterprise Server 12 SP1 * SUSE Linux Enterprise Server 12 SP2 * SUSE Linux Enterprise Server 12 SP3 * SUSE Linux Enterprise Server 12 SP4 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 * SUSE Linux Enterprise Server for SAP Applications 12 SP1 * SUSE Linux Enterprise Server for SAP Applications 12 SP2 * SUSE Linux Enterprise Server for SAP Applications 12 SP3 * SUSE Linux Enterprise Server for SAP Applications 12 SP4 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for python-Werkzeug fixes the following issues: * CVE-2024-34069: Fixed a remote code execution through debugger when interacting with attacker controlled domain (bsc#1223979). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Public Cloud Module 12 zypper in -t patch SUSE-SLE-Module-Public-Cloud-12-2024-1572=1 ## Package List: * Public Cloud Module 12 (noarch) * python-Werkzeug-0.12.2-10.16.1 * python3-Werkzeug-0.12.2-10.16.1 ## References: * https://www.suse.com/security/cve/CVE-2024-34069.html * https://bugzilla.suse.com/show_bug.cgi?id=1223979 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 9 12:30:11 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 09 May 2024 12:30:11 -0000 Subject: SUSE-SU-2024:1571-1: important: Security update for python-pymongo Message-ID: <171525781171.13210.3571482650839532414@smelt2.prg2.suse.org> # Security update for python-pymongo Announcement ID: SUSE-SU-2024:1571-1 Rating: important References: * bsc#1222492 Cross-References: * CVE-2024-21506 CVSS scores: * CVE-2024-21506 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H Affected Products: * openSUSE Leap 15.3 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Package Hub 15 15-SP5 An update that solves one vulnerability can now be installed. ## Description: This update for python-pymongo fixes the following issues: * CVE-2024-21506: Fixed out-of-bounds read in the BSON module (bsc#1222492) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-1571=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1571=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-1571=1 ## Package List: * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * python2-pymongo-3.11.0-150300.3.3.1 * python3-pymongo-3.11.0-150300.3.3.1 * python2-pymongo-debuginfo-3.11.0-150300.3.3.1 * python-pymongo-debugsource-3.11.0-150300.3.3.1 * python-pymongo-debuginfo-3.11.0-150300.3.3.1 * python3-pymongo-debuginfo-3.11.0-150300.3.3.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * python-pymongo-debugsource-3.11.0-150300.3.3.1 * python3-pymongo-debuginfo-3.11.0-150300.3.3.1 * python3-pymongo-3.11.0-150300.3.3.1 * python-pymongo-debuginfo-3.11.0-150300.3.3.1 * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x x86_64) * python-pymongo-debugsource-3.11.0-150300.3.3.1 * python3-pymongo-debuginfo-3.11.0-150300.3.3.1 * python3-pymongo-3.11.0-150300.3.3.1 * python-pymongo-debuginfo-3.11.0-150300.3.3.1 ## References: * https://www.suse.com/security/cve/CVE-2024-21506.html * https://bugzilla.suse.com/show_bug.cgi?id=1222492 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 9 12:30:14 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 09 May 2024 12:30:14 -0000 Subject: SUSE-SU-2024:1568-1: moderate: Security update for ghostscript Message-ID: <171525781492.13210.5671760220267300054@smelt2.prg2.suse.org> # Security update for ghostscript Announcement ID: SUSE-SU-2024:1568-1 Rating: moderate References: * bsc#1223852 Cross-References: * CVE-2023-52722 CVSS scores: * CVE-2023-52722 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for ghostscript fixes the following issues: * CVE-2023-52722: Do not allow eexec seeds other than the Type 1 standard while using SAFER mode (bsc#1223852). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1568=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1568=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1568=1 * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-1568=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * ghostscript-9.52-23.74.1 * ghostscript-debuginfo-9.52-23.74.1 * ghostscript-x11-debuginfo-9.52-23.74.1 * ghostscript-debugsource-9.52-23.74.1 * ghostscript-devel-9.52-23.74.1 * ghostscript-x11-9.52-23.74.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * ghostscript-9.52-23.74.1 * ghostscript-debuginfo-9.52-23.74.1 * ghostscript-x11-debuginfo-9.52-23.74.1 * ghostscript-debugsource-9.52-23.74.1 * ghostscript-devel-9.52-23.74.1 * ghostscript-x11-9.52-23.74.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * ghostscript-9.52-23.74.1 * ghostscript-debuginfo-9.52-23.74.1 * ghostscript-x11-debuginfo-9.52-23.74.1 * ghostscript-debugsource-9.52-23.74.1 * ghostscript-devel-9.52-23.74.1 * ghostscript-x11-9.52-23.74.1 * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * ghostscript-debugsource-9.52-23.74.1 * ghostscript-devel-9.52-23.74.1 * ghostscript-debuginfo-9.52-23.74.1 ## References: * https://www.suse.com/security/cve/CVE-2023-52722.html * https://bugzilla.suse.com/show_bug.cgi?id=1223852 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 9 12:30:13 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 09 May 2024 12:30:13 -0000 Subject: SUSE-SU-2024:1569-1: moderate: Security update for avahi Message-ID: <171525781351.13210.17859873999839531617@smelt2.prg2.suse.org> # Security update for avahi Announcement ID: SUSE-SU-2024:1569-1 Rating: moderate References: * bsc#1216853 Cross-References: * CVE-2023-38472 CVSS scores: * CVE-2023-38472 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-38472 ( NVD ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 An update that solves one vulnerability can now be installed. ## Description: This update for avahi fixes the following issues: * CVE-2023-38472: Fix reachable assertion in avahi_rdata_parse() (bsc#1216853). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-1569=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-1569=1 ## Package List: * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * libavahi-common3-0.7-150100.3.35.1 * avahi-0.7-150100.3.35.1 * avahi-debuginfo-0.7-150100.3.35.1 * avahi-debugsource-0.7-150100.3.35.1 * libavahi-core7-0.7-150100.3.35.1 * libavahi-client3-0.7-150100.3.35.1 * libavahi-common3-debuginfo-0.7-150100.3.35.1 * libavahi-core7-debuginfo-0.7-150100.3.35.1 * libavahi-client3-debuginfo-0.7-150100.3.35.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * libavahi-common3-0.7-150100.3.35.1 * avahi-0.7-150100.3.35.1 * avahi-debuginfo-0.7-150100.3.35.1 * avahi-debugsource-0.7-150100.3.35.1 * libavahi-core7-0.7-150100.3.35.1 * libavahi-client3-0.7-150100.3.35.1 * libavahi-common3-debuginfo-0.7-150100.3.35.1 * libavahi-core7-debuginfo-0.7-150100.3.35.1 * libavahi-client3-debuginfo-0.7-150100.3.35.1 ## References: * https://www.suse.com/security/cve/CVE-2023-38472.html * https://bugzilla.suse.com/show_bug.cgi?id=1216853 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 9 12:30:23 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 09 May 2024 12:30:23 -0000 Subject: SUSE-SU-2024:1563-1: important: Security update for sssd Message-ID: <171525782382.13210.14449986401254721004@smelt2.prg2.suse.org> # Security update for sssd Announcement ID: SUSE-SU-2024:1563-1 Rating: important References: * bsc#1223100 Cross-References: * CVE-2023-3758 CVSS scores: * CVE-2023-3758 ( SUSE ): 7.1 CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 An update that solves one vulnerability can now be installed. ## Description: This update for sssd fixes the following issues: * CVE-2023-3758: Fixed race condition during authorization that lead to GPO policies functioning inconsistently (bsc#1223100) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-1563=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-1563=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-1563=1 ## Package List: * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * libipa_hbac-devel-1.16.1-150200.17.32.1 * sssd-krb5-common-1.16.1-150200.17.32.1 * libsss_simpleifp0-debuginfo-1.16.1-150200.17.32.1 * python3-sssd-config-debuginfo-1.16.1-150200.17.32.1 * sssd-krb5-common-debuginfo-1.16.1-150200.17.32.1 * sssd-ad-1.16.1-150200.17.32.1 * sssd-proxy-1.16.1-150200.17.32.1 * sssd-ipa-1.16.1-150200.17.32.1 * libsss_certmap0-1.16.1-150200.17.32.1 * sssd-proxy-debuginfo-1.16.1-150200.17.32.1 * sssd-tools-debuginfo-1.16.1-150200.17.32.1 * libsss_nss_idmap0-1.16.1-150200.17.32.1 * sssd-ldap-debuginfo-1.16.1-150200.17.32.1 * sssd-ad-debuginfo-1.16.1-150200.17.32.1 * python3-sssd-config-1.16.1-150200.17.32.1 * sssd-winbind-idmap-1.16.1-150200.17.32.1 * libsss_idmap0-1.16.1-150200.17.32.1 * libsss_certmap0-debuginfo-1.16.1-150200.17.32.1 * sssd-dbus-1.16.1-150200.17.32.1 * sssd-krb5-1.16.1-150200.17.32.1 * libsss_idmap-devel-1.16.1-150200.17.32.1 * sssd-common-1.16.1-150200.17.32.1 * libipa_hbac0-1.16.1-150200.17.32.1 * libsss_nss_idmap-devel-1.16.1-150200.17.32.1 * libsss_simpleifp-devel-1.16.1-150200.17.32.1 * sssd-dbus-debuginfo-1.16.1-150200.17.32.1 * libsss_simpleifp0-1.16.1-150200.17.32.1 * sssd-winbind-idmap-debuginfo-1.16.1-150200.17.32.1 * libipa_hbac0-debuginfo-1.16.1-150200.17.32.1 * libsss_idmap0-debuginfo-1.16.1-150200.17.32.1 * sssd-tools-1.16.1-150200.17.32.1 * libsss_certmap-devel-1.16.1-150200.17.32.1 * sssd-1.16.1-150200.17.32.1 * sssd-ldap-1.16.1-150200.17.32.1 * libsss_nss_idmap0-debuginfo-1.16.1-150200.17.32.1 * sssd-ipa-debuginfo-1.16.1-150200.17.32.1 * sssd-debugsource-1.16.1-150200.17.32.1 * sssd-common-debuginfo-1.16.1-150200.17.32.1 * sssd-krb5-debuginfo-1.16.1-150200.17.32.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (x86_64) * sssd-common-32bit-1.16.1-150200.17.32.1 * sssd-common-32bit-debuginfo-1.16.1-150200.17.32.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * libipa_hbac-devel-1.16.1-150200.17.32.1 * sssd-krb5-common-1.16.1-150200.17.32.1 * libsss_simpleifp0-debuginfo-1.16.1-150200.17.32.1 * python3-sssd-config-debuginfo-1.16.1-150200.17.32.1 * sssd-krb5-common-debuginfo-1.16.1-150200.17.32.1 * sssd-ad-1.16.1-150200.17.32.1 * sssd-proxy-1.16.1-150200.17.32.1 * sssd-ipa-1.16.1-150200.17.32.1 * libsss_certmap0-1.16.1-150200.17.32.1 * sssd-proxy-debuginfo-1.16.1-150200.17.32.1 * sssd-tools-debuginfo-1.16.1-150200.17.32.1 * libsss_nss_idmap0-1.16.1-150200.17.32.1 * sssd-ldap-debuginfo-1.16.1-150200.17.32.1 * sssd-ad-debuginfo-1.16.1-150200.17.32.1 * python3-sssd-config-1.16.1-150200.17.32.1 * sssd-winbind-idmap-1.16.1-150200.17.32.1 * libsss_idmap0-1.16.1-150200.17.32.1 * libsss_certmap0-debuginfo-1.16.1-150200.17.32.1 * sssd-dbus-1.16.1-150200.17.32.1 * sssd-krb5-1.16.1-150200.17.32.1 * libsss_idmap-devel-1.16.1-150200.17.32.1 * sssd-common-1.16.1-150200.17.32.1 * libipa_hbac0-1.16.1-150200.17.32.1 * libsss_nss_idmap-devel-1.16.1-150200.17.32.1 * libsss_simpleifp-devel-1.16.1-150200.17.32.1 * sssd-dbus-debuginfo-1.16.1-150200.17.32.1 * libsss_simpleifp0-1.16.1-150200.17.32.1 * sssd-winbind-idmap-debuginfo-1.16.1-150200.17.32.1 * libipa_hbac0-debuginfo-1.16.1-150200.17.32.1 * libsss_idmap0-debuginfo-1.16.1-150200.17.32.1 * sssd-tools-1.16.1-150200.17.32.1 * libsss_certmap-devel-1.16.1-150200.17.32.1 * sssd-1.16.1-150200.17.32.1 * sssd-ldap-1.16.1-150200.17.32.1 * libsss_nss_idmap0-debuginfo-1.16.1-150200.17.32.1 * sssd-ipa-debuginfo-1.16.1-150200.17.32.1 * sssd-debugsource-1.16.1-150200.17.32.1 * sssd-common-debuginfo-1.16.1-150200.17.32.1 * sssd-krb5-debuginfo-1.16.1-150200.17.32.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (x86_64) * sssd-common-32bit-1.16.1-150200.17.32.1 * sssd-common-32bit-debuginfo-1.16.1-150200.17.32.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * libipa_hbac-devel-1.16.1-150200.17.32.1 * sssd-krb5-common-1.16.1-150200.17.32.1 * libsss_simpleifp0-debuginfo-1.16.1-150200.17.32.1 * python3-sssd-config-debuginfo-1.16.1-150200.17.32.1 * sssd-krb5-common-debuginfo-1.16.1-150200.17.32.1 * sssd-ad-1.16.1-150200.17.32.1 * sssd-proxy-1.16.1-150200.17.32.1 * sssd-ipa-1.16.1-150200.17.32.1 * libsss_certmap0-1.16.1-150200.17.32.1 * sssd-proxy-debuginfo-1.16.1-150200.17.32.1 * sssd-tools-debuginfo-1.16.1-150200.17.32.1 * libsss_nss_idmap0-1.16.1-150200.17.32.1 * sssd-ldap-debuginfo-1.16.1-150200.17.32.1 * sssd-ad-debuginfo-1.16.1-150200.17.32.1 * python3-sssd-config-1.16.1-150200.17.32.1 * sssd-winbind-idmap-1.16.1-150200.17.32.1 * libsss_idmap0-1.16.1-150200.17.32.1 * libsss_certmap0-debuginfo-1.16.1-150200.17.32.1 * sssd-dbus-1.16.1-150200.17.32.1 * sssd-krb5-1.16.1-150200.17.32.1 * libsss_idmap-devel-1.16.1-150200.17.32.1 * sssd-common-1.16.1-150200.17.32.1 * libipa_hbac0-1.16.1-150200.17.32.1 * libsss_nss_idmap-devel-1.16.1-150200.17.32.1 * libsss_simpleifp-devel-1.16.1-150200.17.32.1 * sssd-dbus-debuginfo-1.16.1-150200.17.32.1 * libsss_simpleifp0-1.16.1-150200.17.32.1 * sssd-winbind-idmap-debuginfo-1.16.1-150200.17.32.1 * libipa_hbac0-debuginfo-1.16.1-150200.17.32.1 * libsss_idmap0-debuginfo-1.16.1-150200.17.32.1 * sssd-tools-1.16.1-150200.17.32.1 * libsss_certmap-devel-1.16.1-150200.17.32.1 * sssd-1.16.1-150200.17.32.1 * sssd-ldap-1.16.1-150200.17.32.1 * libsss_nss_idmap0-debuginfo-1.16.1-150200.17.32.1 * sssd-ipa-debuginfo-1.16.1-150200.17.32.1 * sssd-debugsource-1.16.1-150200.17.32.1 * sssd-common-debuginfo-1.16.1-150200.17.32.1 * sssd-krb5-debuginfo-1.16.1-150200.17.32.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (x86_64) * sssd-common-32bit-1.16.1-150200.17.32.1 * sssd-common-32bit-debuginfo-1.16.1-150200.17.32.1 ## References: * https://www.suse.com/security/cve/CVE-2023-3758.html * https://bugzilla.suse.com/show_bug.cgi?id=1223100 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 9 16:30:06 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 09 May 2024 16:30:06 -0000 Subject: SUSE-SU-2024:1580-1: important: Security update for the Linux Kernel (Live Patch 39 for SLE 15 SP3) Message-ID: <171527220625.11958.12276418821043499568@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 39 for SLE 15 SP3) Announcement ID: SUSE-SU-2024:1580-1 Rating: important References: * bsc#1219079 * bsc#1219435 * bsc#1220828 Cross-References: * CVE-2024-0775 * CVE-2024-1086 * CVE-2024-26622 CVSS scores: * CVE-2024-0775 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-0775 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-1086 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-1086 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26622 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise Live Patching 15-SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves three vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.3.18-150300_59_144 fixes several issues. The following security issues were fixed: * CVE-2024-0775: Fixed a use-after-free flaw was found in the __ext4_remount in fs/ext4/super.c in ext4 (bsc#1219079). * CVE-2024-26622: Fixed a use-after-free bug in tomoyo_write_control() (bsc#1220828). * CVE-2024-1086: Fixed a use-after-free vulnerability related to nft_verdict_init() (bsc#1219435). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-1580=1 * SUSE Linux Enterprise Live Patching 15-SP3 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2024-1580=1 ## Package List: * openSUSE Leap 15.3 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP3_Update_39-debugsource-6-150300.2.1 * kernel-livepatch-5_3_18-150300_59_144-default-debuginfo-6-150300.2.1 * kernel-livepatch-5_3_18-150300_59_144-default-6-150300.2.1 * openSUSE Leap 15.3 (x86_64) * kernel-livepatch-5_3_18-150300_59_144-preempt-debuginfo-6-150300.2.1 * kernel-livepatch-5_3_18-150300_59_144-preempt-6-150300.2.1 * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_144-default-6-150300.2.1 ## References: * https://www.suse.com/security/cve/CVE-2024-0775.html * https://www.suse.com/security/cve/CVE-2024-1086.html * https://www.suse.com/security/cve/CVE-2024-26622.html * https://bugzilla.suse.com/show_bug.cgi?id=1219079 * https://bugzilla.suse.com/show_bug.cgi?id=1219435 * https://bugzilla.suse.com/show_bug.cgi?id=1220828 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 9 16:30:08 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 09 May 2024 16:30:08 -0000 Subject: SUSE-SU-2024:1579-1: important: Security update for sssd Message-ID: <171527220831.11958.10849134531671056327@smelt2.prg2.suse.org> # Security update for sssd Announcement ID: SUSE-SU-2024:1579-1 Rating: important References: * bsc#1223100 Cross-References: * CVE-2023-3758 CVSS scores: * CVE-2023-3758 ( SUSE ): 7.1 CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for sssd fixes the following issues: * CVE-2023-3758: Fixed race condition during authorization that lead to GPO policies functioning inconsistently (bsc#1223100) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-1579=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-1579=1 * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-1579=1 openSUSE-SLE-15.5-2024-1579=1 ## Package List: * SUSE Linux Enterprise Micro 5.5 (aarch64 s390x x86_64) * libsss_idmap0-debuginfo-2.5.2-150500.10.17.1 * sssd-common-2.5.2-150500.10.17.1 * libsss_certmap0-debuginfo-2.5.2-150500.10.17.1 * sssd-krb5-common-debuginfo-2.5.2-150500.10.17.1 * sssd-ldap-2.5.2-150500.10.17.1 * sssd-debugsource-2.5.2-150500.10.17.1 * libsss_nss_idmap0-debuginfo-2.5.2-150500.10.17.1 * sssd-2.5.2-150500.10.17.1 * sssd-common-debuginfo-2.5.2-150500.10.17.1 * sssd-ldap-debuginfo-2.5.2-150500.10.17.1 * sssd-krb5-common-2.5.2-150500.10.17.1 * libsss_idmap0-2.5.2-150500.10.17.1 * libsss_certmap0-2.5.2-150500.10.17.1 * libsss_nss_idmap0-2.5.2-150500.10.17.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * libsss_certmap0-debuginfo-2.5.2-150500.10.17.1 * sssd-proxy-debuginfo-2.5.2-150500.10.17.1 * libsss_nss_idmap0-debuginfo-2.5.2-150500.10.17.1 * sssd-winbind-idmap-debuginfo-2.5.2-150500.10.17.1 * libsss_idmap-devel-2.5.2-150500.10.17.1 * sssd-dbus-debuginfo-2.5.2-150500.10.17.1 * libsss_certmap0-2.5.2-150500.10.17.1 * libsss_nss_idmap0-2.5.2-150500.10.17.1 * libsss_idmap0-debuginfo-2.5.2-150500.10.17.1 * libipa_hbac-devel-2.5.2-150500.10.17.1 * libsss_simpleifp-devel-2.5.2-150500.10.17.1 * sssd-common-2.5.2-150500.10.17.1 * sssd-ipa-2.5.2-150500.10.17.1 * sssd-debugsource-2.5.2-150500.10.17.1 * sssd-ad-2.5.2-150500.10.17.1 * python3-sssd-config-2.5.2-150500.10.17.1 * libsss_certmap-devel-2.5.2-150500.10.17.1 * sssd-krb5-common-2.5.2-150500.10.17.1 * sssd-ad-debuginfo-2.5.2-150500.10.17.1 * sssd-krb5-2.5.2-150500.10.17.1 * sssd-krb5-debuginfo-2.5.2-150500.10.17.1 * sssd-tools-2.5.2-150500.10.17.1 * sssd-krb5-common-debuginfo-2.5.2-150500.10.17.1 * sssd-winbind-idmap-2.5.2-150500.10.17.1 * sssd-ipa-debuginfo-2.5.2-150500.10.17.1 * libsss_nss_idmap-devel-2.5.2-150500.10.17.1 * sssd-tools-debuginfo-2.5.2-150500.10.17.1 * python3-sssd-config-debuginfo-2.5.2-150500.10.17.1 * sssd-kcm-2.5.2-150500.10.17.1 * sssd-ldap-2.5.2-150500.10.17.1 * libsss_simpleifp0-debuginfo-2.5.2-150500.10.17.1 * sssd-dbus-2.5.2-150500.10.17.1 * sssd-proxy-2.5.2-150500.10.17.1 * sssd-2.5.2-150500.10.17.1 * sssd-common-debuginfo-2.5.2-150500.10.17.1 * sssd-ldap-debuginfo-2.5.2-150500.10.17.1 * sssd-kcm-debuginfo-2.5.2-150500.10.17.1 * libsss_simpleifp0-2.5.2-150500.10.17.1 * libsss_idmap0-2.5.2-150500.10.17.1 * libipa_hbac0-2.5.2-150500.10.17.1 * libipa_hbac0-debuginfo-2.5.2-150500.10.17.1 * Basesystem Module 15-SP5 (x86_64) * sssd-common-32bit-2.5.2-150500.10.17.1 * sssd-common-32bit-debuginfo-2.5.2-150500.10.17.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * libsss_certmap0-debuginfo-2.5.2-150500.10.17.1 * sssd-proxy-debuginfo-2.5.2-150500.10.17.1 * libsss_nss_idmap0-debuginfo-2.5.2-150500.10.17.1 * sssd-winbind-idmap-debuginfo-2.5.2-150500.10.17.1 * libsss_idmap-devel-2.5.2-150500.10.17.1 * python3-sss_nss_idmap-2.5.2-150500.10.17.1 * sssd-dbus-debuginfo-2.5.2-150500.10.17.1 * libsss_certmap0-2.5.2-150500.10.17.1 * libsss_nss_idmap0-2.5.2-150500.10.17.1 * libsss_idmap0-debuginfo-2.5.2-150500.10.17.1 * libipa_hbac-devel-2.5.2-150500.10.17.1 * libsss_simpleifp-devel-2.5.2-150500.10.17.1 * sssd-common-2.5.2-150500.10.17.1 * sssd-ipa-2.5.2-150500.10.17.1 * python3-ipa_hbac-debuginfo-2.5.2-150500.10.17.1 * sssd-debugsource-2.5.2-150500.10.17.1 * libnfsidmap-sss-2.5.2-150500.10.17.1 * sssd-ad-2.5.2-150500.10.17.1 * python3-sssd-config-2.5.2-150500.10.17.1 * libsss_certmap-devel-2.5.2-150500.10.17.1 * sssd-krb5-common-2.5.2-150500.10.17.1 * sssd-ad-debuginfo-2.5.2-150500.10.17.1 * python3-ipa_hbac-2.5.2-150500.10.17.1 * sssd-krb5-2.5.2-150500.10.17.1 * sssd-krb5-debuginfo-2.5.2-150500.10.17.1 * sssd-tools-2.5.2-150500.10.17.1 * sssd-krb5-common-debuginfo-2.5.2-150500.10.17.1 * sssd-winbind-idmap-2.5.2-150500.10.17.1 * sssd-ipa-debuginfo-2.5.2-150500.10.17.1 * libsss_nss_idmap-devel-2.5.2-150500.10.17.1 * sssd-tools-debuginfo-2.5.2-150500.10.17.1 * python3-sssd-config-debuginfo-2.5.2-150500.10.17.1 * sssd-kcm-2.5.2-150500.10.17.1 * sssd-ldap-2.5.2-150500.10.17.1 * libsss_simpleifp0-debuginfo-2.5.2-150500.10.17.1 * sssd-dbus-2.5.2-150500.10.17.1 * sssd-proxy-2.5.2-150500.10.17.1 * libnfsidmap-sss-debuginfo-2.5.2-150500.10.17.1 * sssd-2.5.2-150500.10.17.1 * sssd-common-debuginfo-2.5.2-150500.10.17.1 * sssd-ldap-debuginfo-2.5.2-150500.10.17.1 * sssd-kcm-debuginfo-2.5.2-150500.10.17.1 * python3-sss_nss_idmap-debuginfo-2.5.2-150500.10.17.1 * libsss_simpleifp0-2.5.2-150500.10.17.1 * python3-sss-murmur-2.5.2-150500.10.17.1 * python3-sss-murmur-debuginfo-2.5.2-150500.10.17.1 * libsss_idmap0-2.5.2-150500.10.17.1 * libipa_hbac0-2.5.2-150500.10.17.1 * libipa_hbac0-debuginfo-2.5.2-150500.10.17.1 * openSUSE Leap 15.5 (x86_64) * sssd-common-32bit-2.5.2-150500.10.17.1 * sssd-common-32bit-debuginfo-2.5.2-150500.10.17.1 * openSUSE Leap 15.5 (aarch64_ilp32) * sssd-common-64bit-debuginfo-2.5.2-150500.10.17.1 * sssd-common-64bit-2.5.2-150500.10.17.1 ## References: * https://www.suse.com/security/cve/CVE-2023-3758.html * https://bugzilla.suse.com/show_bug.cgi?id=1223100 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 9 16:30:10 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 09 May 2024 16:30:10 -0000 Subject: SUSE-SU-2024:1578-1: important: Security update for sssd Message-ID: <171527221074.11958.12239700689017529011@smelt2.prg2.suse.org> # Security update for sssd Announcement ID: SUSE-SU-2024:1578-1 Rating: important References: * bsc#1223100 Cross-References: * CVE-2023-3758 CVSS scores: * CVE-2023-3758 ( SUSE ): 7.1 CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * openSUSE Leap Micro 5.3 * openSUSE Leap Micro 5.4 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for sssd fixes the following issues: * CVE-2023-3758: Fixed race condition during authorization that lead to GPO policies functioning inconsistently (bsc#1223100) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-1578=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-1578=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-1578=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-1578=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-1578=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-1578=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-1578=1 * openSUSE Leap Micro 5.3 zypper in -t patch openSUSE-Leap-Micro-5.3-2024-1578=1 * openSUSE Leap Micro 5.4 zypper in -t patch openSUSE-Leap-Micro-5.4-2024-1578=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-1578=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-1578=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-1578=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-1578=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-1578=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-1578=1 ## Package List: * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * libipa_hbac0-2.5.2-150400.4.27.1 * sssd-dbus-debuginfo-2.5.2-150400.4.27.1 * sssd-krb5-common-debuginfo-2.5.2-150400.4.27.1 * sssd-tools-debuginfo-2.5.2-150400.4.27.1 * libsss_nss_idmap-devel-2.5.2-150400.4.27.1 * sssd-proxy-2.5.2-150400.4.27.1 * sssd-common-32bit-2.5.2-150400.4.27.1 * sssd-krb5-2.5.2-150400.4.27.1 * libsss_idmap0-debuginfo-2.5.2-150400.4.27.1 * libsss_idmap0-2.5.2-150400.4.27.1 * libsss_simpleifp0-2.5.2-150400.4.27.1 * sssd-tools-2.5.2-150400.4.27.1 * libsss_certmap-devel-2.5.2-150400.4.27.1 * sssd-ldap-debuginfo-2.5.2-150400.4.27.1 * sssd-ipa-debuginfo-2.5.2-150400.4.27.1 * sssd-winbind-idmap-debuginfo-2.5.2-150400.4.27.1 * libsss_certmap0-2.5.2-150400.4.27.1 * sssd-kcm-2.5.2-150400.4.27.1 * libipa_hbac-devel-2.5.2-150400.4.27.1 * python3-sssd-config-debuginfo-2.5.2-150400.4.27.1 * libsss_simpleifp-devel-2.5.2-150400.4.27.1 * libsss_certmap0-debuginfo-2.5.2-150400.4.27.1 * python3-sssd-config-2.5.2-150400.4.27.1 * libsss_nss_idmap0-debuginfo-2.5.2-150400.4.27.1 * libsss_nss_idmap0-2.5.2-150400.4.27.1 * sssd-common-32bit-debuginfo-2.5.2-150400.4.27.1 * sssd-krb5-debuginfo-2.5.2-150400.4.27.1 * sssd-ad-debuginfo-2.5.2-150400.4.27.1 * sssd-ldap-2.5.2-150400.4.27.1 * sssd-dbus-2.5.2-150400.4.27.1 * sssd-ipa-2.5.2-150400.4.27.1 * libsss_idmap-devel-2.5.2-150400.4.27.1 * sssd-krb5-common-2.5.2-150400.4.27.1 * sssd-proxy-debuginfo-2.5.2-150400.4.27.1 * libsss_simpleifp0-debuginfo-2.5.2-150400.4.27.1 * sssd-2.5.2-150400.4.27.1 * sssd-common-debuginfo-2.5.2-150400.4.27.1 * sssd-common-2.5.2-150400.4.27.1 * sssd-debugsource-2.5.2-150400.4.27.1 * sssd-ad-2.5.2-150400.4.27.1 * sssd-kcm-debuginfo-2.5.2-150400.4.27.1 * libipa_hbac0-debuginfo-2.5.2-150400.4.27.1 * sssd-winbind-idmap-2.5.2-150400.4.27.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * libipa_hbac0-2.5.2-150400.4.27.1 * sssd-dbus-debuginfo-2.5.2-150400.4.27.1 * sssd-krb5-common-debuginfo-2.5.2-150400.4.27.1 * sssd-tools-debuginfo-2.5.2-150400.4.27.1 * libsss_nss_idmap-devel-2.5.2-150400.4.27.1 * sssd-proxy-2.5.2-150400.4.27.1 * sssd-krb5-2.5.2-150400.4.27.1 * libsss_idmap0-debuginfo-2.5.2-150400.4.27.1 * libsss_idmap0-2.5.2-150400.4.27.1 * libsss_simpleifp0-2.5.2-150400.4.27.1 * sssd-tools-2.5.2-150400.4.27.1 * libsss_certmap-devel-2.5.2-150400.4.27.1 * sssd-ldap-debuginfo-2.5.2-150400.4.27.1 * sssd-ipa-debuginfo-2.5.2-150400.4.27.1 * sssd-winbind-idmap-debuginfo-2.5.2-150400.4.27.1 * libsss_certmap0-2.5.2-150400.4.27.1 * sssd-kcm-2.5.2-150400.4.27.1 * libipa_hbac-devel-2.5.2-150400.4.27.1 * python3-sssd-config-debuginfo-2.5.2-150400.4.27.1 * libsss_simpleifp-devel-2.5.2-150400.4.27.1 * libsss_certmap0-debuginfo-2.5.2-150400.4.27.1 * python3-sssd-config-2.5.2-150400.4.27.1 * libsss_nss_idmap0-debuginfo-2.5.2-150400.4.27.1 * libsss_nss_idmap0-2.5.2-150400.4.27.1 * sssd-krb5-debuginfo-2.5.2-150400.4.27.1 * sssd-ad-debuginfo-2.5.2-150400.4.27.1 * sssd-ldap-2.5.2-150400.4.27.1 * sssd-dbus-2.5.2-150400.4.27.1 * sssd-ipa-2.5.2-150400.4.27.1 * libsss_idmap-devel-2.5.2-150400.4.27.1 * sssd-krb5-common-2.5.2-150400.4.27.1 * sssd-proxy-debuginfo-2.5.2-150400.4.27.1 * libsss_simpleifp0-debuginfo-2.5.2-150400.4.27.1 * sssd-2.5.2-150400.4.27.1 * sssd-common-debuginfo-2.5.2-150400.4.27.1 * sssd-common-2.5.2-150400.4.27.1 * sssd-debugsource-2.5.2-150400.4.27.1 * sssd-ad-2.5.2-150400.4.27.1 * sssd-kcm-debuginfo-2.5.2-150400.4.27.1 * libipa_hbac0-debuginfo-2.5.2-150400.4.27.1 * sssd-winbind-idmap-2.5.2-150400.4.27.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (x86_64) * sssd-common-32bit-2.5.2-150400.4.27.1 * sssd-common-32bit-debuginfo-2.5.2-150400.4.27.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * libipa_hbac0-2.5.2-150400.4.27.1 * sssd-dbus-debuginfo-2.5.2-150400.4.27.1 * sssd-krb5-common-debuginfo-2.5.2-150400.4.27.1 * sssd-tools-debuginfo-2.5.2-150400.4.27.1 * libsss_nss_idmap-devel-2.5.2-150400.4.27.1 * sssd-proxy-2.5.2-150400.4.27.1 * sssd-krb5-2.5.2-150400.4.27.1 * libsss_idmap0-debuginfo-2.5.2-150400.4.27.1 * libsss_idmap0-2.5.2-150400.4.27.1 * libsss_simpleifp0-2.5.2-150400.4.27.1 * sssd-tools-2.5.2-150400.4.27.1 * libsss_certmap-devel-2.5.2-150400.4.27.1 * sssd-ldap-debuginfo-2.5.2-150400.4.27.1 * sssd-ipa-debuginfo-2.5.2-150400.4.27.1 * sssd-winbind-idmap-debuginfo-2.5.2-150400.4.27.1 * libsss_certmap0-2.5.2-150400.4.27.1 * sssd-kcm-2.5.2-150400.4.27.1 * libipa_hbac-devel-2.5.2-150400.4.27.1 * python3-sssd-config-debuginfo-2.5.2-150400.4.27.1 * libsss_simpleifp-devel-2.5.2-150400.4.27.1 * libsss_certmap0-debuginfo-2.5.2-150400.4.27.1 * python3-sssd-config-2.5.2-150400.4.27.1 * libsss_nss_idmap0-debuginfo-2.5.2-150400.4.27.1 * libsss_nss_idmap0-2.5.2-150400.4.27.1 * sssd-krb5-debuginfo-2.5.2-150400.4.27.1 * sssd-ad-debuginfo-2.5.2-150400.4.27.1 * sssd-ldap-2.5.2-150400.4.27.1 * sssd-dbus-2.5.2-150400.4.27.1 * sssd-ipa-2.5.2-150400.4.27.1 * libsss_idmap-devel-2.5.2-150400.4.27.1 * sssd-krb5-common-2.5.2-150400.4.27.1 * sssd-proxy-debuginfo-2.5.2-150400.4.27.1 * libsss_simpleifp0-debuginfo-2.5.2-150400.4.27.1 * sssd-2.5.2-150400.4.27.1 * sssd-common-debuginfo-2.5.2-150400.4.27.1 * sssd-common-2.5.2-150400.4.27.1 * sssd-debugsource-2.5.2-150400.4.27.1 * sssd-ad-2.5.2-150400.4.27.1 * sssd-kcm-debuginfo-2.5.2-150400.4.27.1 * libipa_hbac0-debuginfo-2.5.2-150400.4.27.1 * sssd-winbind-idmap-2.5.2-150400.4.27.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64) * sssd-common-32bit-2.5.2-150400.4.27.1 * sssd-common-32bit-debuginfo-2.5.2-150400.4.27.1 * SUSE Manager Proxy 4.3 (x86_64) * libipa_hbac0-2.5.2-150400.4.27.1 * sssd-dbus-debuginfo-2.5.2-150400.4.27.1 * sssd-krb5-common-debuginfo-2.5.2-150400.4.27.1 * sssd-tools-debuginfo-2.5.2-150400.4.27.1 * libsss_nss_idmap-devel-2.5.2-150400.4.27.1 * sssd-proxy-2.5.2-150400.4.27.1 * sssd-common-32bit-2.5.2-150400.4.27.1 * sssd-krb5-2.5.2-150400.4.27.1 * libsss_idmap0-debuginfo-2.5.2-150400.4.27.1 * libsss_idmap0-2.5.2-150400.4.27.1 * libsss_simpleifp0-2.5.2-150400.4.27.1 * sssd-tools-2.5.2-150400.4.27.1 * libsss_certmap-devel-2.5.2-150400.4.27.1 * sssd-ldap-debuginfo-2.5.2-150400.4.27.1 * sssd-ipa-debuginfo-2.5.2-150400.4.27.1 * sssd-winbind-idmap-debuginfo-2.5.2-150400.4.27.1 * libsss_certmap0-2.5.2-150400.4.27.1 * sssd-kcm-2.5.2-150400.4.27.1 * libipa_hbac-devel-2.5.2-150400.4.27.1 * python3-sssd-config-debuginfo-2.5.2-150400.4.27.1 * libsss_simpleifp-devel-2.5.2-150400.4.27.1 * libsss_certmap0-debuginfo-2.5.2-150400.4.27.1 * python3-sssd-config-2.5.2-150400.4.27.1 * libsss_nss_idmap0-debuginfo-2.5.2-150400.4.27.1 * libsss_nss_idmap0-2.5.2-150400.4.27.1 * sssd-common-32bit-debuginfo-2.5.2-150400.4.27.1 * sssd-krb5-debuginfo-2.5.2-150400.4.27.1 * sssd-ad-debuginfo-2.5.2-150400.4.27.1 * sssd-ldap-2.5.2-150400.4.27.1 * sssd-dbus-2.5.2-150400.4.27.1 * sssd-ipa-2.5.2-150400.4.27.1 * libsss_idmap-devel-2.5.2-150400.4.27.1 * sssd-krb5-common-2.5.2-150400.4.27.1 * sssd-proxy-debuginfo-2.5.2-150400.4.27.1 * libsss_simpleifp0-debuginfo-2.5.2-150400.4.27.1 * sssd-2.5.2-150400.4.27.1 * sssd-common-debuginfo-2.5.2-150400.4.27.1 * sssd-common-2.5.2-150400.4.27.1 * sssd-debugsource-2.5.2-150400.4.27.1 * sssd-ad-2.5.2-150400.4.27.1 * sssd-kcm-debuginfo-2.5.2-150400.4.27.1 * libipa_hbac0-debuginfo-2.5.2-150400.4.27.1 * sssd-winbind-idmap-2.5.2-150400.4.27.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * libipa_hbac0-2.5.2-150400.4.27.1 * sssd-dbus-debuginfo-2.5.2-150400.4.27.1 * sssd-krb5-common-debuginfo-2.5.2-150400.4.27.1 * sssd-tools-debuginfo-2.5.2-150400.4.27.1 * libsss_nss_idmap-devel-2.5.2-150400.4.27.1 * sssd-proxy-2.5.2-150400.4.27.1 * sssd-common-32bit-2.5.2-150400.4.27.1 * sssd-krb5-2.5.2-150400.4.27.1 * libsss_idmap0-debuginfo-2.5.2-150400.4.27.1 * libsss_idmap0-2.5.2-150400.4.27.1 * libsss_simpleifp0-2.5.2-150400.4.27.1 * sssd-tools-2.5.2-150400.4.27.1 * libsss_certmap-devel-2.5.2-150400.4.27.1 * sssd-ldap-debuginfo-2.5.2-150400.4.27.1 * sssd-ipa-debuginfo-2.5.2-150400.4.27.1 * sssd-winbind-idmap-debuginfo-2.5.2-150400.4.27.1 * libsss_certmap0-2.5.2-150400.4.27.1 * sssd-kcm-2.5.2-150400.4.27.1 * libipa_hbac-devel-2.5.2-150400.4.27.1 * python3-sssd-config-debuginfo-2.5.2-150400.4.27.1 * libsss_simpleifp-devel-2.5.2-150400.4.27.1 * libsss_certmap0-debuginfo-2.5.2-150400.4.27.1 * python3-sssd-config-2.5.2-150400.4.27.1 * libsss_nss_idmap0-debuginfo-2.5.2-150400.4.27.1 * libsss_nss_idmap0-2.5.2-150400.4.27.1 * sssd-common-32bit-debuginfo-2.5.2-150400.4.27.1 * sssd-krb5-debuginfo-2.5.2-150400.4.27.1 * sssd-ad-debuginfo-2.5.2-150400.4.27.1 * sssd-ldap-2.5.2-150400.4.27.1 * sssd-dbus-2.5.2-150400.4.27.1 * sssd-ipa-2.5.2-150400.4.27.1 * libsss_idmap-devel-2.5.2-150400.4.27.1 * sssd-krb5-common-2.5.2-150400.4.27.1 * sssd-proxy-debuginfo-2.5.2-150400.4.27.1 * libsss_simpleifp0-debuginfo-2.5.2-150400.4.27.1 * sssd-2.5.2-150400.4.27.1 * sssd-common-debuginfo-2.5.2-150400.4.27.1 * sssd-common-2.5.2-150400.4.27.1 * sssd-debugsource-2.5.2-150400.4.27.1 * sssd-ad-2.5.2-150400.4.27.1 * sssd-kcm-debuginfo-2.5.2-150400.4.27.1 * libipa_hbac0-debuginfo-2.5.2-150400.4.27.1 * sssd-winbind-idmap-2.5.2-150400.4.27.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * libipa_hbac0-2.5.2-150400.4.27.1 * sssd-dbus-debuginfo-2.5.2-150400.4.27.1 * sssd-krb5-common-debuginfo-2.5.2-150400.4.27.1 * sssd-tools-debuginfo-2.5.2-150400.4.27.1 * libsss_nss_idmap-devel-2.5.2-150400.4.27.1 * sssd-proxy-2.5.2-150400.4.27.1 * sssd-krb5-2.5.2-150400.4.27.1 * libsss_idmap0-debuginfo-2.5.2-150400.4.27.1 * libsss_idmap0-2.5.2-150400.4.27.1 * libsss_simpleifp0-2.5.2-150400.4.27.1 * sssd-tools-2.5.2-150400.4.27.1 * libsss_certmap-devel-2.5.2-150400.4.27.1 * sssd-ldap-debuginfo-2.5.2-150400.4.27.1 * sssd-ipa-debuginfo-2.5.2-150400.4.27.1 * sssd-winbind-idmap-debuginfo-2.5.2-150400.4.27.1 * libsss_certmap0-2.5.2-150400.4.27.1 * sssd-kcm-2.5.2-150400.4.27.1 * libipa_hbac-devel-2.5.2-150400.4.27.1 * python3-sssd-config-debuginfo-2.5.2-150400.4.27.1 * libsss_simpleifp-devel-2.5.2-150400.4.27.1 * libsss_certmap0-debuginfo-2.5.2-150400.4.27.1 * python3-sssd-config-2.5.2-150400.4.27.1 * libsss_nss_idmap0-debuginfo-2.5.2-150400.4.27.1 * libsss_nss_idmap0-2.5.2-150400.4.27.1 * sssd-krb5-debuginfo-2.5.2-150400.4.27.1 * sssd-ad-debuginfo-2.5.2-150400.4.27.1 * sssd-ldap-2.5.2-150400.4.27.1 * sssd-dbus-2.5.2-150400.4.27.1 * sssd-ipa-2.5.2-150400.4.27.1 * libsss_idmap-devel-2.5.2-150400.4.27.1 * sssd-krb5-common-2.5.2-150400.4.27.1 * sssd-proxy-debuginfo-2.5.2-150400.4.27.1 * libsss_simpleifp0-debuginfo-2.5.2-150400.4.27.1 * sssd-2.5.2-150400.4.27.1 * sssd-common-debuginfo-2.5.2-150400.4.27.1 * sssd-common-2.5.2-150400.4.27.1 * sssd-debugsource-2.5.2-150400.4.27.1 * sssd-ad-2.5.2-150400.4.27.1 * sssd-kcm-debuginfo-2.5.2-150400.4.27.1 * libipa_hbac0-debuginfo-2.5.2-150400.4.27.1 * sssd-winbind-idmap-2.5.2-150400.4.27.1 * SUSE Manager Server 4.3 (x86_64) * sssd-common-32bit-2.5.2-150400.4.27.1 * sssd-common-32bit-debuginfo-2.5.2-150400.4.27.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * libipa_hbac0-2.5.2-150400.4.27.1 * python3-ipa_hbac-debuginfo-2.5.2-150400.4.27.1 * python3-sss_nss_idmap-debuginfo-2.5.2-150400.4.27.1 * sssd-dbus-debuginfo-2.5.2-150400.4.27.1 * sssd-krb5-common-debuginfo-2.5.2-150400.4.27.1 * sssd-tools-debuginfo-2.5.2-150400.4.27.1 * libsss_nss_idmap-devel-2.5.2-150400.4.27.1 * sssd-proxy-2.5.2-150400.4.27.1 * sssd-krb5-2.5.2-150400.4.27.1 * libsss_idmap0-debuginfo-2.5.2-150400.4.27.1 * libsss_idmap0-2.5.2-150400.4.27.1 * libsss_simpleifp0-2.5.2-150400.4.27.1 * sssd-tools-2.5.2-150400.4.27.1 * libsss_certmap-devel-2.5.2-150400.4.27.1 * python3-ipa_hbac-2.5.2-150400.4.27.1 * libnfsidmap-sss-debuginfo-2.5.2-150400.4.27.1 * sssd-ldap-debuginfo-2.5.2-150400.4.27.1 * sssd-ipa-debuginfo-2.5.2-150400.4.27.1 * python3-sss-murmur-2.5.2-150400.4.27.1 * python3-sss-murmur-debuginfo-2.5.2-150400.4.27.1 * sssd-winbind-idmap-debuginfo-2.5.2-150400.4.27.1 * libsss_certmap0-2.5.2-150400.4.27.1 * sssd-kcm-2.5.2-150400.4.27.1 * libipa_hbac-devel-2.5.2-150400.4.27.1 * libsss_simpleifp-devel-2.5.2-150400.4.27.1 * libsss_certmap0-debuginfo-2.5.2-150400.4.27.1 * python3-sssd-config-debuginfo-2.5.2-150400.4.27.1 * python3-sssd-config-2.5.2-150400.4.27.1 * libsss_nss_idmap0-debuginfo-2.5.2-150400.4.27.1 * libsss_nss_idmap0-2.5.2-150400.4.27.1 * sssd-krb5-debuginfo-2.5.2-150400.4.27.1 * sssd-ldap-2.5.2-150400.4.27.1 * sssd-dbus-2.5.2-150400.4.27.1 * sssd-ipa-2.5.2-150400.4.27.1 * python3-sss_nss_idmap-2.5.2-150400.4.27.1 * libsss_idmap-devel-2.5.2-150400.4.27.1 * sssd-krb5-common-2.5.2-150400.4.27.1 * sssd-proxy-debuginfo-2.5.2-150400.4.27.1 * libnfsidmap-sss-2.5.2-150400.4.27.1 * sssd-common-2.5.2-150400.4.27.1 * libsss_simpleifp0-debuginfo-2.5.2-150400.4.27.1 * sssd-2.5.2-150400.4.27.1 * sssd-common-debuginfo-2.5.2-150400.4.27.1 * sssd-ad-debuginfo-2.5.2-150400.4.27.1 * sssd-debugsource-2.5.2-150400.4.27.1 * sssd-ad-2.5.2-150400.4.27.1 * sssd-kcm-debuginfo-2.5.2-150400.4.27.1 * libipa_hbac0-debuginfo-2.5.2-150400.4.27.1 * sssd-winbind-idmap-2.5.2-150400.4.27.1 * openSUSE Leap 15.4 (x86_64) * sssd-common-32bit-2.5.2-150400.4.27.1 * sssd-common-32bit-debuginfo-2.5.2-150400.4.27.1 * openSUSE Leap 15.4 (aarch64_ilp32) * sssd-common-64bit-debuginfo-2.5.2-150400.4.27.1 * sssd-common-64bit-2.5.2-150400.4.27.1 * openSUSE Leap Micro 5.3 (aarch64 x86_64) * libsss_nss_idmap0-debuginfo-2.5.2-150400.4.27.1 * libsss_nss_idmap0-2.5.2-150400.4.27.1 * sssd-ldap-2.5.2-150400.4.27.1 * libsss_certmap0-debuginfo-2.5.2-150400.4.27.1 * sssd-ldap-debuginfo-2.5.2-150400.4.27.1 * sssd-2.5.2-150400.4.27.1 * sssd-common-debuginfo-2.5.2-150400.4.27.1 * sssd-krb5-common-debuginfo-2.5.2-150400.4.27.1 * libsss_certmap0-2.5.2-150400.4.27.1 * sssd-krb5-common-2.5.2-150400.4.27.1 * sssd-common-2.5.2-150400.4.27.1 * sssd-debugsource-2.5.2-150400.4.27.1 * libsss_idmap0-debuginfo-2.5.2-150400.4.27.1 * libsss_idmap0-2.5.2-150400.4.27.1 * openSUSE Leap Micro 5.4 (aarch64 s390x x86_64) * libsss_nss_idmap0-debuginfo-2.5.2-150400.4.27.1 * libsss_nss_idmap0-2.5.2-150400.4.27.1 * sssd-ldap-2.5.2-150400.4.27.1 * libsss_certmap0-debuginfo-2.5.2-150400.4.27.1 * sssd-ldap-debuginfo-2.5.2-150400.4.27.1 * sssd-2.5.2-150400.4.27.1 * sssd-common-debuginfo-2.5.2-150400.4.27.1 * sssd-krb5-common-debuginfo-2.5.2-150400.4.27.1 * libsss_certmap0-2.5.2-150400.4.27.1 * sssd-krb5-common-2.5.2-150400.4.27.1 * sssd-common-2.5.2-150400.4.27.1 * sssd-debugsource-2.5.2-150400.4.27.1 * libsss_idmap0-debuginfo-2.5.2-150400.4.27.1 * libsss_idmap0-2.5.2-150400.4.27.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * libsss_nss_idmap0-debuginfo-2.5.2-150400.4.27.1 * libsss_nss_idmap0-2.5.2-150400.4.27.1 * sssd-ldap-2.5.2-150400.4.27.1 * libsss_certmap0-debuginfo-2.5.2-150400.4.27.1 * sssd-ldap-debuginfo-2.5.2-150400.4.27.1 * sssd-2.5.2-150400.4.27.1 * sssd-common-debuginfo-2.5.2-150400.4.27.1 * sssd-krb5-common-debuginfo-2.5.2-150400.4.27.1 * libsss_certmap0-2.5.2-150400.4.27.1 * sssd-krb5-common-2.5.2-150400.4.27.1 * sssd-common-2.5.2-150400.4.27.1 * sssd-debugsource-2.5.2-150400.4.27.1 * libsss_idmap0-debuginfo-2.5.2-150400.4.27.1 * libsss_idmap0-2.5.2-150400.4.27.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * libsss_nss_idmap0-debuginfo-2.5.2-150400.4.27.1 * libsss_nss_idmap0-2.5.2-150400.4.27.1 * sssd-ldap-2.5.2-150400.4.27.1 * libsss_certmap0-debuginfo-2.5.2-150400.4.27.1 * sssd-ldap-debuginfo-2.5.2-150400.4.27.1 * sssd-2.5.2-150400.4.27.1 * sssd-common-debuginfo-2.5.2-150400.4.27.1 * sssd-krb5-common-debuginfo-2.5.2-150400.4.27.1 * libsss_certmap0-2.5.2-150400.4.27.1 * sssd-krb5-common-2.5.2-150400.4.27.1 * sssd-common-2.5.2-150400.4.27.1 * sssd-debugsource-2.5.2-150400.4.27.1 * libsss_idmap0-debuginfo-2.5.2-150400.4.27.1 * libsss_idmap0-2.5.2-150400.4.27.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * libsss_nss_idmap0-debuginfo-2.5.2-150400.4.27.1 * libsss_nss_idmap0-2.5.2-150400.4.27.1 * sssd-ldap-2.5.2-150400.4.27.1 * libsss_certmap0-debuginfo-2.5.2-150400.4.27.1 * sssd-ldap-debuginfo-2.5.2-150400.4.27.1 * sssd-2.5.2-150400.4.27.1 * sssd-common-debuginfo-2.5.2-150400.4.27.1 * sssd-krb5-common-debuginfo-2.5.2-150400.4.27.1 * libsss_certmap0-2.5.2-150400.4.27.1 * sssd-krb5-common-2.5.2-150400.4.27.1 * sssd-common-2.5.2-150400.4.27.1 * sssd-debugsource-2.5.2-150400.4.27.1 * libsss_idmap0-debuginfo-2.5.2-150400.4.27.1 * libsss_idmap0-2.5.2-150400.4.27.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * libsss_nss_idmap0-debuginfo-2.5.2-150400.4.27.1 * libsss_nss_idmap0-2.5.2-150400.4.27.1 * sssd-ldap-2.5.2-150400.4.27.1 * libsss_certmap0-debuginfo-2.5.2-150400.4.27.1 * sssd-ldap-debuginfo-2.5.2-150400.4.27.1 * sssd-2.5.2-150400.4.27.1 * sssd-common-debuginfo-2.5.2-150400.4.27.1 * sssd-krb5-common-debuginfo-2.5.2-150400.4.27.1 * libsss_certmap0-2.5.2-150400.4.27.1 * sssd-krb5-common-2.5.2-150400.4.27.1 * sssd-common-2.5.2-150400.4.27.1 * sssd-debugsource-2.5.2-150400.4.27.1 * libsss_idmap0-debuginfo-2.5.2-150400.4.27.1 * libsss_idmap0-2.5.2-150400.4.27.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * libipa_hbac0-2.5.2-150400.4.27.1 * sssd-dbus-debuginfo-2.5.2-150400.4.27.1 * sssd-krb5-common-debuginfo-2.5.2-150400.4.27.1 * sssd-tools-debuginfo-2.5.2-150400.4.27.1 * libsss_nss_idmap-devel-2.5.2-150400.4.27.1 * sssd-proxy-2.5.2-150400.4.27.1 * sssd-krb5-2.5.2-150400.4.27.1 * libsss_idmap0-debuginfo-2.5.2-150400.4.27.1 * libsss_idmap0-2.5.2-150400.4.27.1 * libsss_simpleifp0-2.5.2-150400.4.27.1 * sssd-tools-2.5.2-150400.4.27.1 * libsss_certmap-devel-2.5.2-150400.4.27.1 * sssd-ldap-debuginfo-2.5.2-150400.4.27.1 * sssd-ipa-debuginfo-2.5.2-150400.4.27.1 * sssd-winbind-idmap-debuginfo-2.5.2-150400.4.27.1 * libsss_certmap0-2.5.2-150400.4.27.1 * sssd-kcm-2.5.2-150400.4.27.1 * libipa_hbac-devel-2.5.2-150400.4.27.1 * python3-sssd-config-debuginfo-2.5.2-150400.4.27.1 * libsss_simpleifp-devel-2.5.2-150400.4.27.1 * libsss_certmap0-debuginfo-2.5.2-150400.4.27.1 * python3-sssd-config-2.5.2-150400.4.27.1 * libsss_nss_idmap0-debuginfo-2.5.2-150400.4.27.1 * libsss_nss_idmap0-2.5.2-150400.4.27.1 * sssd-krb5-debuginfo-2.5.2-150400.4.27.1 * sssd-ad-debuginfo-2.5.2-150400.4.27.1 * sssd-ldap-2.5.2-150400.4.27.1 * sssd-dbus-2.5.2-150400.4.27.1 * sssd-ipa-2.5.2-150400.4.27.1 * libsss_idmap-devel-2.5.2-150400.4.27.1 * sssd-krb5-common-2.5.2-150400.4.27.1 * sssd-proxy-debuginfo-2.5.2-150400.4.27.1 * libsss_simpleifp0-debuginfo-2.5.2-150400.4.27.1 * sssd-2.5.2-150400.4.27.1 * sssd-common-debuginfo-2.5.2-150400.4.27.1 * sssd-common-2.5.2-150400.4.27.1 * sssd-debugsource-2.5.2-150400.4.27.1 * sssd-ad-2.5.2-150400.4.27.1 * sssd-kcm-debuginfo-2.5.2-150400.4.27.1 * libipa_hbac0-debuginfo-2.5.2-150400.4.27.1 * sssd-winbind-idmap-2.5.2-150400.4.27.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64) * sssd-common-32bit-2.5.2-150400.4.27.1 * sssd-common-32bit-debuginfo-2.5.2-150400.4.27.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * libipa_hbac0-2.5.2-150400.4.27.1 * sssd-dbus-debuginfo-2.5.2-150400.4.27.1 * sssd-krb5-common-debuginfo-2.5.2-150400.4.27.1 * sssd-tools-debuginfo-2.5.2-150400.4.27.1 * libsss_nss_idmap-devel-2.5.2-150400.4.27.1 * sssd-proxy-2.5.2-150400.4.27.1 * sssd-krb5-2.5.2-150400.4.27.1 * libsss_idmap0-debuginfo-2.5.2-150400.4.27.1 * libsss_idmap0-2.5.2-150400.4.27.1 * libsss_simpleifp0-2.5.2-150400.4.27.1 * sssd-tools-2.5.2-150400.4.27.1 * libsss_certmap-devel-2.5.2-150400.4.27.1 * sssd-ldap-debuginfo-2.5.2-150400.4.27.1 * sssd-ipa-debuginfo-2.5.2-150400.4.27.1 * sssd-winbind-idmap-debuginfo-2.5.2-150400.4.27.1 * libsss_certmap0-2.5.2-150400.4.27.1 * sssd-kcm-2.5.2-150400.4.27.1 * libipa_hbac-devel-2.5.2-150400.4.27.1 * python3-sssd-config-debuginfo-2.5.2-150400.4.27.1 * libsss_simpleifp-devel-2.5.2-150400.4.27.1 * libsss_certmap0-debuginfo-2.5.2-150400.4.27.1 * python3-sssd-config-2.5.2-150400.4.27.1 * libsss_nss_idmap0-debuginfo-2.5.2-150400.4.27.1 * libsss_nss_idmap0-2.5.2-150400.4.27.1 * sssd-krb5-debuginfo-2.5.2-150400.4.27.1 * sssd-ad-debuginfo-2.5.2-150400.4.27.1 * sssd-ldap-2.5.2-150400.4.27.1 * sssd-dbus-2.5.2-150400.4.27.1 * sssd-ipa-2.5.2-150400.4.27.1 * libsss_idmap-devel-2.5.2-150400.4.27.1 * sssd-krb5-common-2.5.2-150400.4.27.1 * sssd-proxy-debuginfo-2.5.2-150400.4.27.1 * libsss_simpleifp0-debuginfo-2.5.2-150400.4.27.1 * sssd-2.5.2-150400.4.27.1 * sssd-common-debuginfo-2.5.2-150400.4.27.1 * sssd-common-2.5.2-150400.4.27.1 * sssd-debugsource-2.5.2-150400.4.27.1 * sssd-ad-2.5.2-150400.4.27.1 * sssd-kcm-debuginfo-2.5.2-150400.4.27.1 * libipa_hbac0-debuginfo-2.5.2-150400.4.27.1 * sssd-winbind-idmap-2.5.2-150400.4.27.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64) * sssd-common-32bit-2.5.2-150400.4.27.1 * sssd-common-32bit-debuginfo-2.5.2-150400.4.27.1 ## References: * https://www.suse.com/security/cve/CVE-2023-3758.html * https://bugzilla.suse.com/show_bug.cgi?id=1223100 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 9 20:30:02 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 09 May 2024 20:30:02 -0000 Subject: SUSE-SU-2024:1581-1: important: Security update for the Linux Kernel (Live Patch 39 for SLE 15 SP2) Message-ID: <171528660297.19287.3902682091072493959@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 39 for SLE 15 SP2) Announcement ID: SUSE-SU-2024:1581-1 Rating: important References: * bsc#1216644 * bsc#1219079 * bsc#1219435 Cross-References: * CVE-2023-5717 * CVE-2024-0775 * CVE-2024-1086 CVSS scores: * CVE-2023-5717 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-5717 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-0775 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-0775 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-1086 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-1086 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise Live Patching 15-SP2 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 An update that solves three vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.3.18-150200_24_160 fixes several issues. The following security issues were fixed: * CVE-2024-0775: Fixed a use-after-free flaw was found in the __ext4_remount in fs/ext4/super.c in ext4 (bsc#1219079). * CVE-2023-5717: Fixed a heap out-of-bounds write vulnerability perf component (bsc#1216644). * CVE-2024-1086: Fixed a use-after-free vulnerability related to nft_verdict_init() (bsc#1219435). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP2 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP2-2024-1581=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP2 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150200_24_160-default-debuginfo-9-150200.2.1 * kernel-livepatch-5_3_18-150200_24_160-default-9-150200.2.1 * kernel-livepatch-SLE15-SP2_Update_39-debugsource-9-150200.2.1 ## References: * https://www.suse.com/security/cve/CVE-2023-5717.html * https://www.suse.com/security/cve/CVE-2024-0775.html * https://www.suse.com/security/cve/CVE-2024-1086.html * https://bugzilla.suse.com/show_bug.cgi?id=1216644 * https://bugzilla.suse.com/show_bug.cgi?id=1219079 * https://bugzilla.suse.com/show_bug.cgi?id=1219435 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 10 08:30:06 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 10 May 2024 08:30:06 -0000 Subject: SUSE-SU-2024:1582-1: important: Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP5) Message-ID: <171532980661.16038.828032790238386792@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP5) Announcement ID: SUSE-SU-2024:1582-1 Rating: important References: * bsc#1216644 * bsc#1219079 * bsc#1219435 * bsc#1220828 Cross-References: * CVE-2023-5717 * CVE-2024-0775 * CVE-2024-1086 * CVE-2024-26622 CVSS scores: * CVE-2023-5717 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-5717 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-0775 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-0775 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-1086 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-1086 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26622 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP3 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves four vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_53 fixes several issues. The following security issues were fixed: * CVE-2024-0775: Fixed a use-after-free flaw was found in the __ext4_remount in fs/ext4/super.c in ext4 (bsc#1219079). * CVE-2023-5717: Fixed a heap out-of-bounds write vulnerability perf component (bsc#1216644). * CVE-2024-26622: Fixed a use-after-free bug in tomoyo_write_control() (bsc#1220828). * CVE-2024-1086: Fixed a use-after-free vulnerability related to nft_verdict_init() (bsc#1219435). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP3 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2024-1594=1 SUSE-SLE- Module-Live-Patching-15-SP3-2024-1582=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-1583=1 SUSE-2024-1586=1 SUSE-2024-1584=1 SUSE-2024-1585=1 * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2024-1585=1 SUSE-SLE- Module-Live-Patching-15-SP4-2024-1583=1 SUSE-SLE-Module-Live- Patching-15-SP4-2024-1586=1 SUSE-SLE-Module-Live-Patching-15-SP4-2024-1584=1 * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-1589=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-1589=1 * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-1582=1 SUSE-2024-1594=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_118-default-13-150300.2.1 * kernel-livepatch-5_3_18-150300_59_121-default-13-150300.2.1 * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_60-default-13-150400.2.1 * kernel-livepatch-5_14_21-150400_24_55-default-debuginfo-14-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_10-debugsource-14-150400.2.1 * kernel-livepatch-5_14_21-150400_24_69-default-debuginfo-10-150400.2.1 * kernel-livepatch-5_14_21-150400_24_60-default-debuginfo-13-150400.2.1 * kernel-livepatch-5_14_21-150400_24_55-default-14-150400.2.1 * kernel-livepatch-5_14_21-150400_24_66-default-11-150400.2.1 * kernel-livepatch-5_14_21-150400_24_69-default-10-150400.2.1 * kernel-livepatch-5_14_21-150400_24_66-default-debuginfo-11-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_13-debugsource-11-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_11-debugsource-13-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_14-debugsource-10-150400.2.1 * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_60-default-13-150400.2.1 * kernel-livepatch-5_14_21-150400_24_55-default-debuginfo-14-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_10-debugsource-14-150400.2.1 * kernel-livepatch-5_14_21-150400_24_69-default-debuginfo-10-150400.2.1 * kernel-livepatch-5_14_21-150400_24_60-default-debuginfo-13-150400.2.1 * kernel-livepatch-5_14_21-150400_24_55-default-14-150400.2.1 * kernel-livepatch-5_14_21-150400_24_66-default-11-150400.2.1 * kernel-livepatch-5_14_21-150400_24_69-default-10-150400.2.1 * kernel-livepatch-5_14_21-150400_24_66-default-debuginfo-11-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_13-debugsource-11-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_11-debugsource-13-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_14-debugsource-10-150400.2.1 * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP5_Update_0-debugsource-11-150500.3.1 * kernel-livepatch-5_14_21-150500_53-default-debuginfo-11-150500.3.1 * kernel-livepatch-5_14_21-150500_53-default-11-150500.3.1 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP5_Update_0-debugsource-11-150500.3.1 * kernel-livepatch-5_14_21-150500_53-default-debuginfo-11-150500.3.1 * kernel-livepatch-5_14_21-150500_53-default-11-150500.3.1 * openSUSE Leap 15.3 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP3_Update_32-debugsource-13-150300.2.1 * kernel-livepatch-5_3_18-150300_59_118-default-13-150300.2.1 * kernel-livepatch-5_3_18-150300_59_121-default-debuginfo-13-150300.2.1 * kernel-livepatch-SLE15-SP3_Update_31-debugsource-13-150300.2.1 * kernel-livepatch-5_3_18-150300_59_121-default-13-150300.2.1 * kernel-livepatch-5_3_18-150300_59_118-default-debuginfo-13-150300.2.1 * openSUSE Leap 15.3 (x86_64) * kernel-livepatch-5_3_18-150300_59_121-preempt-debuginfo-13-150300.2.1 * kernel-livepatch-5_3_18-150300_59_118-preempt-debuginfo-13-150300.2.1 * kernel-livepatch-5_3_18-150300_59_121-preempt-13-150300.2.1 * kernel-livepatch-5_3_18-150300_59_118-preempt-13-150300.2.1 ## References: * https://www.suse.com/security/cve/CVE-2023-5717.html * https://www.suse.com/security/cve/CVE-2024-0775.html * https://www.suse.com/security/cve/CVE-2024-1086.html * https://www.suse.com/security/cve/CVE-2024-26622.html * https://bugzilla.suse.com/show_bug.cgi?id=1216644 * https://bugzilla.suse.com/show_bug.cgi?id=1219079 * https://bugzilla.suse.com/show_bug.cgi?id=1219435 * https://bugzilla.suse.com/show_bug.cgi?id=1220828 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 10 08:30:09 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 10 May 2024 08:30:09 -0000 Subject: SUSE-SU-2024:1593-1: important: Security update for ffmpeg Message-ID: <171532980926.16038.4187602157843169831@smelt2.prg2.suse.org> # Security update for ffmpeg Announcement ID: SUSE-SU-2024:1593-1 Rating: important References: * bsc#1223256 Cross-References: * CVE-2023-50010 CVSS scores: * CVE-2023-50010 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * Desktop Applications Module 15-SP5 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Workstation Extension 15 SP5 * SUSE Package Hub 15 15-SP5 An update that solves one vulnerability can now be installed. ## Description: This update for ffmpeg fixes the following issues: * CVE-2023-50010: Fixed an arbitrary code execution via the set_encoder_id() (bsc#1223256). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1593=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-1593=1 * Desktop Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP5-2024-1593=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-1593=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-1593=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-1593=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-1593=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-1593=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-1593=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-1593=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-1593=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-1593=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-1593=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-1593=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-1593=1 * SUSE Linux Enterprise Workstation Extension 15 SP5 zypper in -t patch SUSE-SLE-Product-WE-15-SP5-2024-1593=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-1593=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * libavresample3-debuginfo-3.4.2-150200.11.44.1 * ffmpeg-debuginfo-3.4.2-150200.11.44.1 * libpostproc-devel-3.4.2-150200.11.44.1 * libavdevice57-debuginfo-3.4.2-150200.11.44.1 * libavdevice57-3.4.2-150200.11.44.1 * libavresample-devel-3.4.2-150200.11.44.1 * libswresample-devel-3.4.2-150200.11.44.1 * ffmpeg-debugsource-3.4.2-150200.11.44.1 * ffmpeg-private-devel-3.4.2-150200.11.44.1 * libpostproc54-debuginfo-3.4.2-150200.11.44.1 * libavcodec57-3.4.2-150200.11.44.1 * libavutil55-debuginfo-3.4.2-150200.11.44.1 * libavformat57-debuginfo-3.4.2-150200.11.44.1 * libpostproc54-3.4.2-150200.11.44.1 * libavdevice-devel-3.4.2-150200.11.44.1 * libavformat57-3.4.2-150200.11.44.1 * libswscale-devel-3.4.2-150200.11.44.1 * libavutil55-3.4.2-150200.11.44.1 * libavutil-devel-3.4.2-150200.11.44.1 * libavfilter6-3.4.2-150200.11.44.1 * libswresample2-debuginfo-3.4.2-150200.11.44.1 * libswscale4-debuginfo-3.4.2-150200.11.44.1 * libavfilter6-debuginfo-3.4.2-150200.11.44.1 * ffmpeg-3.4.2-150200.11.44.1 * libavresample3-3.4.2-150200.11.44.1 * libswresample2-3.4.2-150200.11.44.1 * libswscale4-3.4.2-150200.11.44.1 * libavcodec-devel-3.4.2-150200.11.44.1 * libavfilter-devel-3.4.2-150200.11.44.1 * libavformat-devel-3.4.2-150200.11.44.1 * libavcodec57-debuginfo-3.4.2-150200.11.44.1 * openSUSE Leap 15.5 (x86_64) * libavfilter6-32bit-debuginfo-3.4.2-150200.11.44.1 * libavdevice57-32bit-3.4.2-150200.11.44.1 * libavutil55-32bit-debuginfo-3.4.2-150200.11.44.1 * libavresample3-32bit-3.4.2-150200.11.44.1 * libavcodec57-32bit-debuginfo-3.4.2-150200.11.44.1 * libswresample2-32bit-3.4.2-150200.11.44.1 * libavresample3-32bit-debuginfo-3.4.2-150200.11.44.1 * libavutil55-32bit-3.4.2-150200.11.44.1 * libpostproc54-32bit-3.4.2-150200.11.44.1 * libswscale4-32bit-debuginfo-3.4.2-150200.11.44.1 * libavdevice57-32bit-debuginfo-3.4.2-150200.11.44.1 * libavformat57-32bit-3.4.2-150200.11.44.1 * libswscale4-32bit-3.4.2-150200.11.44.1 * libavcodec57-32bit-3.4.2-150200.11.44.1 * libavformat57-32bit-debuginfo-3.4.2-150200.11.44.1 * libpostproc54-32bit-debuginfo-3.4.2-150200.11.44.1 * libswresample2-32bit-debuginfo-3.4.2-150200.11.44.1 * libavfilter6-32bit-3.4.2-150200.11.44.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * libavresample3-debuginfo-3.4.2-150200.11.44.1 * ffmpeg-debuginfo-3.4.2-150200.11.44.1 * libpostproc-devel-3.4.2-150200.11.44.1 * libavdevice57-debuginfo-3.4.2-150200.11.44.1 * libavdevice57-3.4.2-150200.11.44.1 * libavresample-devel-3.4.2-150200.11.44.1 * libswresample-devel-3.4.2-150200.11.44.1 * ffmpeg-debugsource-3.4.2-150200.11.44.1 * ffmpeg-private-devel-3.4.2-150200.11.44.1 * libpostproc54-debuginfo-3.4.2-150200.11.44.1 * libavcodec57-3.4.2-150200.11.44.1 * libavutil55-debuginfo-3.4.2-150200.11.44.1 * libavformat57-debuginfo-3.4.2-150200.11.44.1 * libpostproc54-3.4.2-150200.11.44.1 * libavdevice-devel-3.4.2-150200.11.44.1 * libavformat57-3.4.2-150200.11.44.1 * libswscale-devel-3.4.2-150200.11.44.1 * libavutil55-3.4.2-150200.11.44.1 * libavutil-devel-3.4.2-150200.11.44.1 * libavfilter6-3.4.2-150200.11.44.1 * libswresample2-debuginfo-3.4.2-150200.11.44.1 * libswscale4-debuginfo-3.4.2-150200.11.44.1 * libavfilter6-debuginfo-3.4.2-150200.11.44.1 * ffmpeg-3.4.2-150200.11.44.1 * libavresample3-3.4.2-150200.11.44.1 * libswresample2-3.4.2-150200.11.44.1 * libswscale4-3.4.2-150200.11.44.1 * libavcodec-devel-3.4.2-150200.11.44.1 * libavfilter-devel-3.4.2-150200.11.44.1 * libavformat-devel-3.4.2-150200.11.44.1 * libavcodec57-debuginfo-3.4.2-150200.11.44.1 * openSUSE Leap 15.6 (x86_64) * libavfilter6-32bit-debuginfo-3.4.2-150200.11.44.1 * libavdevice57-32bit-3.4.2-150200.11.44.1 * libavutil55-32bit-debuginfo-3.4.2-150200.11.44.1 * libavresample3-32bit-3.4.2-150200.11.44.1 * libavcodec57-32bit-debuginfo-3.4.2-150200.11.44.1 * libswresample2-32bit-3.4.2-150200.11.44.1 * libavresample3-32bit-debuginfo-3.4.2-150200.11.44.1 * libavutil55-32bit-3.4.2-150200.11.44.1 * libpostproc54-32bit-3.4.2-150200.11.44.1 * libswscale4-32bit-debuginfo-3.4.2-150200.11.44.1 * libavdevice57-32bit-debuginfo-3.4.2-150200.11.44.1 * libavformat57-32bit-3.4.2-150200.11.44.1 * libswscale4-32bit-3.4.2-150200.11.44.1 * libavcodec57-32bit-3.4.2-150200.11.44.1 * libavformat57-32bit-debuginfo-3.4.2-150200.11.44.1 * libpostproc54-32bit-debuginfo-3.4.2-150200.11.44.1 * libswresample2-32bit-debuginfo-3.4.2-150200.11.44.1 * libavfilter6-32bit-3.4.2-150200.11.44.1 * Desktop Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * libswscale4-3.4.2-150200.11.44.1 * libavutil55-debuginfo-3.4.2-150200.11.44.1 * ffmpeg-debuginfo-3.4.2-150200.11.44.1 * libpostproc-devel-3.4.2-150200.11.44.1 * libswresample2-debuginfo-3.4.2-150200.11.44.1 * libswscale4-debuginfo-3.4.2-150200.11.44.1 * libpostproc54-3.4.2-150200.11.44.1 * libavcodec57-3.4.2-150200.11.44.1 * libswscale-devel-3.4.2-150200.11.44.1 * libswresample-devel-3.4.2-150200.11.44.1 * ffmpeg-debugsource-3.4.2-150200.11.44.1 * libswresample2-3.4.2-150200.11.44.1 * libavutil55-3.4.2-150200.11.44.1 * libpostproc54-debuginfo-3.4.2-150200.11.44.1 * libavutil-devel-3.4.2-150200.11.44.1 * libavcodec57-debuginfo-3.4.2-150200.11.44.1 * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x x86_64) * libavresample3-debuginfo-3.4.2-150200.11.44.1 * libavfilter6-3.4.2-150200.11.44.1 * ffmpeg-debuginfo-3.4.2-150200.11.44.1 * libavformat57-debuginfo-3.4.2-150200.11.44.1 * libavfilter6-debuginfo-3.4.2-150200.11.44.1 * libavdevice57-debuginfo-3.4.2-150200.11.44.1 * libavdevice57-3.4.2-150200.11.44.1 * libavformat57-3.4.2-150200.11.44.1 * ffmpeg-3.4.2-150200.11.44.1 * ffmpeg-debugsource-3.4.2-150200.11.44.1 * libavresample3-3.4.2-150200.11.44.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * libavresample3-debuginfo-3.4.2-150200.11.44.1 * ffmpeg-debuginfo-3.4.2-150200.11.44.1 * libpostproc-devel-3.4.2-150200.11.44.1 * libavresample-devel-3.4.2-150200.11.44.1 * libswresample-devel-3.4.2-150200.11.44.1 * ffmpeg-debugsource-3.4.2-150200.11.44.1 * libpostproc54-debuginfo-3.4.2-150200.11.44.1 * libavcodec57-3.4.2-150200.11.44.1 * libavutil55-debuginfo-3.4.2-150200.11.44.1 * libavformat57-debuginfo-3.4.2-150200.11.44.1 * libpostproc54-3.4.2-150200.11.44.1 * libavformat57-3.4.2-150200.11.44.1 * libswscale-devel-3.4.2-150200.11.44.1 * libavutil55-3.4.2-150200.11.44.1 * libavutil-devel-3.4.2-150200.11.44.1 * libswresample2-debuginfo-3.4.2-150200.11.44.1 * libswscale4-debuginfo-3.4.2-150200.11.44.1 * libavresample3-3.4.2-150200.11.44.1 * libswresample2-3.4.2-150200.11.44.1 * libswscale4-3.4.2-150200.11.44.1 * libavcodec57-debuginfo-3.4.2-150200.11.44.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * libavresample3-debuginfo-3.4.2-150200.11.44.1 * ffmpeg-debuginfo-3.4.2-150200.11.44.1 * libpostproc-devel-3.4.2-150200.11.44.1 * libavresample-devel-3.4.2-150200.11.44.1 * libswresample-devel-3.4.2-150200.11.44.1 * ffmpeg-debugsource-3.4.2-150200.11.44.1 * libpostproc54-debuginfo-3.4.2-150200.11.44.1 * libavcodec57-3.4.2-150200.11.44.1 * libavutil55-debuginfo-3.4.2-150200.11.44.1 * libavformat57-debuginfo-3.4.2-150200.11.44.1 * libpostproc54-3.4.2-150200.11.44.1 * libavformat57-3.4.2-150200.11.44.1 * libswscale-devel-3.4.2-150200.11.44.1 * libavutil55-3.4.2-150200.11.44.1 * libavutil-devel-3.4.2-150200.11.44.1 * libswresample2-debuginfo-3.4.2-150200.11.44.1 * libswscale4-debuginfo-3.4.2-150200.11.44.1 * libavresample3-3.4.2-150200.11.44.1 * libswresample2-3.4.2-150200.11.44.1 * libswscale4-3.4.2-150200.11.44.1 * libavcodec57-debuginfo-3.4.2-150200.11.44.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * libavresample3-debuginfo-3.4.2-150200.11.44.1 * libswresample2-3.4.2-150200.11.44.1 * libswscale4-3.4.2-150200.11.44.1 * libavutil55-debuginfo-3.4.2-150200.11.44.1 * ffmpeg-debuginfo-3.4.2-150200.11.44.1 * libavformat57-debuginfo-3.4.2-150200.11.44.1 * libpostproc-devel-3.4.2-150200.11.44.1 * libswresample2-debuginfo-3.4.2-150200.11.44.1 * libswscale4-debuginfo-3.4.2-150200.11.44.1 * libpostproc54-3.4.2-150200.11.44.1 * libavcodec57-3.4.2-150200.11.44.1 * libswscale-devel-3.4.2-150200.11.44.1 * libavformat57-3.4.2-150200.11.44.1 * libswresample-devel-3.4.2-150200.11.44.1 * ffmpeg-debugsource-3.4.2-150200.11.44.1 * libavresample3-3.4.2-150200.11.44.1 * libavutil55-3.4.2-150200.11.44.1 * libpostproc54-debuginfo-3.4.2-150200.11.44.1 * libavutil-devel-3.4.2-150200.11.44.1 * libavcodec57-debuginfo-3.4.2-150200.11.44.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * libavresample3-debuginfo-3.4.2-150200.11.44.1 * libswresample2-3.4.2-150200.11.44.1 * libswscale4-3.4.2-150200.11.44.1 * libavutil55-debuginfo-3.4.2-150200.11.44.1 * ffmpeg-debuginfo-3.4.2-150200.11.44.1 * libavformat57-debuginfo-3.4.2-150200.11.44.1 * libpostproc-devel-3.4.2-150200.11.44.1 * libswresample2-debuginfo-3.4.2-150200.11.44.1 * libswscale4-debuginfo-3.4.2-150200.11.44.1 * libpostproc54-3.4.2-150200.11.44.1 * libavcodec57-3.4.2-150200.11.44.1 * libswscale-devel-3.4.2-150200.11.44.1 * libavformat57-3.4.2-150200.11.44.1 * libswresample-devel-3.4.2-150200.11.44.1 * ffmpeg-debugsource-3.4.2-150200.11.44.1 * libavresample3-3.4.2-150200.11.44.1 * libavutil55-3.4.2-150200.11.44.1 * libpostproc54-debuginfo-3.4.2-150200.11.44.1 * libavutil-devel-3.4.2-150200.11.44.1 * libavcodec57-debuginfo-3.4.2-150200.11.44.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * libavresample3-debuginfo-3.4.2-150200.11.44.1 * ffmpeg-debuginfo-3.4.2-150200.11.44.1 * libpostproc-devel-3.4.2-150200.11.44.1 * libavresample-devel-3.4.2-150200.11.44.1 * libswresample-devel-3.4.2-150200.11.44.1 * ffmpeg-debugsource-3.4.2-150200.11.44.1 * libpostproc54-debuginfo-3.4.2-150200.11.44.1 * libavcodec57-3.4.2-150200.11.44.1 * libavutil55-debuginfo-3.4.2-150200.11.44.1 * libavformat57-debuginfo-3.4.2-150200.11.44.1 * libpostproc54-3.4.2-150200.11.44.1 * libavformat57-3.4.2-150200.11.44.1 * libswscale-devel-3.4.2-150200.11.44.1 * libavutil55-3.4.2-150200.11.44.1 * libavutil-devel-3.4.2-150200.11.44.1 * libswresample2-debuginfo-3.4.2-150200.11.44.1 * libswscale4-debuginfo-3.4.2-150200.11.44.1 * libavresample3-3.4.2-150200.11.44.1 * libswresample2-3.4.2-150200.11.44.1 * libswscale4-3.4.2-150200.11.44.1 * libavcodec-devel-3.4.2-150200.11.44.1 * libavformat-devel-3.4.2-150200.11.44.1 * libavcodec57-debuginfo-3.4.2-150200.11.44.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * libavresample3-debuginfo-3.4.2-150200.11.44.1 * ffmpeg-debuginfo-3.4.2-150200.11.44.1 * libpostproc-devel-3.4.2-150200.11.44.1 * libavresample-devel-3.4.2-150200.11.44.1 * libswresample-devel-3.4.2-150200.11.44.1 * ffmpeg-debugsource-3.4.2-150200.11.44.1 * libpostproc54-debuginfo-3.4.2-150200.11.44.1 * libavcodec57-3.4.2-150200.11.44.1 * libavutil55-debuginfo-3.4.2-150200.11.44.1 * libavformat57-debuginfo-3.4.2-150200.11.44.1 * libpostproc54-3.4.2-150200.11.44.1 * libavformat57-3.4.2-150200.11.44.1 * libswscale-devel-3.4.2-150200.11.44.1 * libavutil55-3.4.2-150200.11.44.1 * libavutil-devel-3.4.2-150200.11.44.1 * libswresample2-debuginfo-3.4.2-150200.11.44.1 * libswscale4-debuginfo-3.4.2-150200.11.44.1 * libavresample3-3.4.2-150200.11.44.1 * libswresample2-3.4.2-150200.11.44.1 * libswscale4-3.4.2-150200.11.44.1 * libavcodec57-debuginfo-3.4.2-150200.11.44.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * libavresample3-debuginfo-3.4.2-150200.11.44.1 * ffmpeg-debuginfo-3.4.2-150200.11.44.1 * libpostproc-devel-3.4.2-150200.11.44.1 * libavresample-devel-3.4.2-150200.11.44.1 * libswresample-devel-3.4.2-150200.11.44.1 * ffmpeg-debugsource-3.4.2-150200.11.44.1 * libpostproc54-debuginfo-3.4.2-150200.11.44.1 * libavcodec57-3.4.2-150200.11.44.1 * libavutil55-debuginfo-3.4.2-150200.11.44.1 * libavformat57-debuginfo-3.4.2-150200.11.44.1 * libpostproc54-3.4.2-150200.11.44.1 * libavformat57-3.4.2-150200.11.44.1 * libswscale-devel-3.4.2-150200.11.44.1 * libavutil55-3.4.2-150200.11.44.1 * libavutil-devel-3.4.2-150200.11.44.1 * libswresample2-debuginfo-3.4.2-150200.11.44.1 * libswscale4-debuginfo-3.4.2-150200.11.44.1 * libavresample3-3.4.2-150200.11.44.1 * libswresample2-3.4.2-150200.11.44.1 * libswscale4-3.4.2-150200.11.44.1 * libavcodec57-debuginfo-3.4.2-150200.11.44.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * libavresample3-debuginfo-3.4.2-150200.11.44.1 * libswresample2-3.4.2-150200.11.44.1 * libswscale4-3.4.2-150200.11.44.1 * libavutil55-debuginfo-3.4.2-150200.11.44.1 * ffmpeg-debuginfo-3.4.2-150200.11.44.1 * libavformat57-debuginfo-3.4.2-150200.11.44.1 * libpostproc-devel-3.4.2-150200.11.44.1 * libswresample2-debuginfo-3.4.2-150200.11.44.1 * libswscale4-debuginfo-3.4.2-150200.11.44.1 * libpostproc54-3.4.2-150200.11.44.1 * libavcodec57-3.4.2-150200.11.44.1 * libswscale-devel-3.4.2-150200.11.44.1 * libavformat57-3.4.2-150200.11.44.1 * libswresample-devel-3.4.2-150200.11.44.1 * ffmpeg-debugsource-3.4.2-150200.11.44.1 * libavresample3-3.4.2-150200.11.44.1 * libavutil55-3.4.2-150200.11.44.1 * libpostproc54-debuginfo-3.4.2-150200.11.44.1 * libavutil-devel-3.4.2-150200.11.44.1 * libavcodec57-debuginfo-3.4.2-150200.11.44.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * libavresample3-debuginfo-3.4.2-150200.11.44.1 * ffmpeg-debuginfo-3.4.2-150200.11.44.1 * libpostproc-devel-3.4.2-150200.11.44.1 * libavresample-devel-3.4.2-150200.11.44.1 * libswresample-devel-3.4.2-150200.11.44.1 * ffmpeg-debugsource-3.4.2-150200.11.44.1 * libpostproc54-debuginfo-3.4.2-150200.11.44.1 * libavcodec57-3.4.2-150200.11.44.1 * libavutil55-debuginfo-3.4.2-150200.11.44.1 * libavformat57-debuginfo-3.4.2-150200.11.44.1 * libpostproc54-3.4.2-150200.11.44.1 * libavformat57-3.4.2-150200.11.44.1 * libswscale-devel-3.4.2-150200.11.44.1 * libavutil55-3.4.2-150200.11.44.1 * libavutil-devel-3.4.2-150200.11.44.1 * libswresample2-debuginfo-3.4.2-150200.11.44.1 * libswscale4-debuginfo-3.4.2-150200.11.44.1 * libavresample3-3.4.2-150200.11.44.1 * libswresample2-3.4.2-150200.11.44.1 * libswscale4-3.4.2-150200.11.44.1 * libavcodec57-debuginfo-3.4.2-150200.11.44.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * libavresample3-debuginfo-3.4.2-150200.11.44.1 * ffmpeg-debuginfo-3.4.2-150200.11.44.1 * libpostproc-devel-3.4.2-150200.11.44.1 * libavresample-devel-3.4.2-150200.11.44.1 * libswresample-devel-3.4.2-150200.11.44.1 * ffmpeg-debugsource-3.4.2-150200.11.44.1 * libpostproc54-debuginfo-3.4.2-150200.11.44.1 * libavcodec57-3.4.2-150200.11.44.1 * libavutil55-debuginfo-3.4.2-150200.11.44.1 * libavformat57-debuginfo-3.4.2-150200.11.44.1 * libpostproc54-3.4.2-150200.11.44.1 * libavformat57-3.4.2-150200.11.44.1 * libswscale-devel-3.4.2-150200.11.44.1 * libavutil55-3.4.2-150200.11.44.1 * libavutil-devel-3.4.2-150200.11.44.1 * libswresample2-debuginfo-3.4.2-150200.11.44.1 * libswscale4-debuginfo-3.4.2-150200.11.44.1 * libavresample3-3.4.2-150200.11.44.1 * libswresample2-3.4.2-150200.11.44.1 * libswscale4-3.4.2-150200.11.44.1 * libavcodec57-debuginfo-3.4.2-150200.11.44.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * libavresample3-debuginfo-3.4.2-150200.11.44.1 * libswresample2-3.4.2-150200.11.44.1 * libswscale4-3.4.2-150200.11.44.1 * libavutil55-debuginfo-3.4.2-150200.11.44.1 * ffmpeg-debuginfo-3.4.2-150200.11.44.1 * libavformat57-debuginfo-3.4.2-150200.11.44.1 * libpostproc-devel-3.4.2-150200.11.44.1 * libswresample2-debuginfo-3.4.2-150200.11.44.1 * libswscale4-debuginfo-3.4.2-150200.11.44.1 * libpostproc54-3.4.2-150200.11.44.1 * libavcodec57-3.4.2-150200.11.44.1 * libswscale-devel-3.4.2-150200.11.44.1 * libavformat57-3.4.2-150200.11.44.1 * libswresample-devel-3.4.2-150200.11.44.1 * ffmpeg-debugsource-3.4.2-150200.11.44.1 * libavresample3-3.4.2-150200.11.44.1 * libavutil55-3.4.2-150200.11.44.1 * libpostproc54-debuginfo-3.4.2-150200.11.44.1 * libavutil-devel-3.4.2-150200.11.44.1 * libavcodec57-debuginfo-3.4.2-150200.11.44.1 * SUSE Linux Enterprise Workstation Extension 15 SP5 (x86_64) * libavresample3-debuginfo-3.4.2-150200.11.44.1 * ffmpeg-debuginfo-3.4.2-150200.11.44.1 * libavcodec-devel-3.4.2-150200.11.44.1 * libavformat57-debuginfo-3.4.2-150200.11.44.1 * libavresample-devel-3.4.2-150200.11.44.1 * libavformat57-3.4.2-150200.11.44.1 * ffmpeg-debugsource-3.4.2-150200.11.44.1 * libavresample3-3.4.2-150200.11.44.1 * libavformat-devel-3.4.2-150200.11.44.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * libavresample3-debuginfo-3.4.2-150200.11.44.1 * ffmpeg-debuginfo-3.4.2-150200.11.44.1 * libpostproc-devel-3.4.2-150200.11.44.1 * libavresample-devel-3.4.2-150200.11.44.1 * libswresample-devel-3.4.2-150200.11.44.1 * ffmpeg-debugsource-3.4.2-150200.11.44.1 * libpostproc54-debuginfo-3.4.2-150200.11.44.1 * libavcodec57-3.4.2-150200.11.44.1 * libavutil55-debuginfo-3.4.2-150200.11.44.1 * libavformat57-debuginfo-3.4.2-150200.11.44.1 * libpostproc54-3.4.2-150200.11.44.1 * libavformat57-3.4.2-150200.11.44.1 * libswscale-devel-3.4.2-150200.11.44.1 * libavutil55-3.4.2-150200.11.44.1 * libavutil-devel-3.4.2-150200.11.44.1 * libswresample2-debuginfo-3.4.2-150200.11.44.1 * libswscale4-debuginfo-3.4.2-150200.11.44.1 * libavresample3-3.4.2-150200.11.44.1 * libswresample2-3.4.2-150200.11.44.1 * libswscale4-3.4.2-150200.11.44.1 * libavcodec57-debuginfo-3.4.2-150200.11.44.1 ## References: * https://www.suse.com/security/cve/CVE-2023-50010.html * https://bugzilla.suse.com/show_bug.cgi?id=1223256 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 10 08:30:12 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 10 May 2024 08:30:12 -0000 Subject: SUSE-SU-2024:1592-1: important: Security update for ffmpeg-4 Message-ID: <171532981297.16038.14890584062732322705@smelt2.prg2.suse.org> # Security update for ffmpeg-4 Announcement ID: SUSE-SU-2024:1592-1 Rating: important References: * bsc#1223256 Cross-References: * CVE-2023-50010 CVSS scores: * CVE-2023-50010 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Workstation Extension 15 SP5 * SUSE Package Hub 15 15-SP5 An update that solves one vulnerability can now be installed. ## Description: This update for ffmpeg-4 fixes the following issues: * CVE-2023-50010: Fixed an arbitrary code execution via the set_encoder_id() (bsc#1223256). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-1592=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1592=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-1592=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-1592=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-1592=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-1592=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-1592=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-1592=1 * SUSE Linux Enterprise Workstation Extension 15 SP5 zypper in -t patch SUSE-SLE-Product-WE-15-SP5-2024-1592=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * ffmpeg-4-libpostproc-devel-4.4-150400.3.27.1 * libavresample4_0-4.4-150400.3.27.1 * libswscale5_9-4.4-150400.3.27.1 * libavutil56_70-4.4-150400.3.27.1 * libswresample3_9-4.4-150400.3.27.1 * libavutil56_70-debuginfo-4.4-150400.3.27.1 * ffmpeg-4-libavfilter-devel-4.4-150400.3.27.1 * ffmpeg-4-libswresample-devel-4.4-150400.3.27.1 * libavfilter7_110-debuginfo-4.4-150400.3.27.1 * ffmpeg-4-private-devel-4.4-150400.3.27.1 * libswresample3_9-debuginfo-4.4-150400.3.27.1 * libavcodec58_134-4.4-150400.3.27.1 * libavdevice58_13-4.4-150400.3.27.1 * ffmpeg-4-4.4-150400.3.27.1 * ffmpeg-4-debuginfo-4.4-150400.3.27.1 * libavdevice58_13-debuginfo-4.4-150400.3.27.1 * libavcodec58_134-debuginfo-4.4-150400.3.27.1 * libpostproc55_9-debuginfo-4.4-150400.3.27.1 * ffmpeg-4-debugsource-4.4-150400.3.27.1 * ffmpeg-4-libswscale-devel-4.4-150400.3.27.1 * libavfilter7_110-4.4-150400.3.27.1 * libpostproc55_9-4.4-150400.3.27.1 * ffmpeg-4-libavformat-devel-4.4-150400.3.27.1 * ffmpeg-4-libavresample-devel-4.4-150400.3.27.1 * ffmpeg-4-libavutil-devel-4.4-150400.3.27.1 * libavresample4_0-debuginfo-4.4-150400.3.27.1 * ffmpeg-4-libavdevice-devel-4.4-150400.3.27.1 * libswscale5_9-debuginfo-4.4-150400.3.27.1 * libavformat58_76-4.4-150400.3.27.1 * ffmpeg-4-libavcodec-devel-4.4-150400.3.27.1 * libavformat58_76-debuginfo-4.4-150400.3.27.1 * openSUSE Leap 15.4 (x86_64) * libavfilter7_110-32bit-debuginfo-4.4-150400.3.27.1 * libavcodec58_134-32bit-debuginfo-4.4-150400.3.27.1 * libavfilter7_110-32bit-4.4-150400.3.27.1 * libpostproc55_9-32bit-debuginfo-4.4-150400.3.27.1 * libavutil56_70-32bit-4.4-150400.3.27.1 * libavformat58_76-32bit-4.4-150400.3.27.1 * libswscale5_9-32bit-4.4-150400.3.27.1 * libavresample4_0-32bit-4.4-150400.3.27.1 * libswscale5_9-32bit-debuginfo-4.4-150400.3.27.1 * libavcodec58_134-32bit-4.4-150400.3.27.1 * libavformat58_76-32bit-debuginfo-4.4-150400.3.27.1 * libavdevice58_13-32bit-debuginfo-4.4-150400.3.27.1 * libswresample3_9-32bit-debuginfo-4.4-150400.3.27.1 * libavdevice58_13-32bit-4.4-150400.3.27.1 * libswresample3_9-32bit-4.4-150400.3.27.1 * libpostproc55_9-32bit-4.4-150400.3.27.1 * libavresample4_0-32bit-debuginfo-4.4-150400.3.27.1 * libavutil56_70-32bit-debuginfo-4.4-150400.3.27.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libavfilter7_110-64bit-4.4-150400.3.27.1 * libavresample4_0-64bit-4.4-150400.3.27.1 * libavcodec58_134-64bit-debuginfo-4.4-150400.3.27.1 * libavutil56_70-64bit-4.4-150400.3.27.1 * libavdevice58_13-64bit-4.4-150400.3.27.1 * libavformat58_76-64bit-debuginfo-4.4-150400.3.27.1 * libpostproc55_9-64bit-4.4-150400.3.27.1 * libavcodec58_134-64bit-4.4-150400.3.27.1 * libswresample3_9-64bit-debuginfo-4.4-150400.3.27.1 * libavfilter7_110-64bit-debuginfo-4.4-150400.3.27.1 * libavresample4_0-64bit-debuginfo-4.4-150400.3.27.1 * libswscale5_9-64bit-4.4-150400.3.27.1 * libavformat58_76-64bit-4.4-150400.3.27.1 * libswscale5_9-64bit-debuginfo-4.4-150400.3.27.1 * libavutil56_70-64bit-debuginfo-4.4-150400.3.27.1 * libpostproc55_9-64bit-debuginfo-4.4-150400.3.27.1 * libavdevice58_13-64bit-debuginfo-4.4-150400.3.27.1 * libswresample3_9-64bit-4.4-150400.3.27.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * ffmpeg-4-libpostproc-devel-4.4-150400.3.27.1 * libavresample4_0-4.4-150400.3.27.1 * libswscale5_9-4.4-150400.3.27.1 * libavutil56_70-4.4-150400.3.27.1 * libswresample3_9-4.4-150400.3.27.1 * libavutil56_70-debuginfo-4.4-150400.3.27.1 * ffmpeg-4-libavfilter-devel-4.4-150400.3.27.1 * ffmpeg-4-libswresample-devel-4.4-150400.3.27.1 * libavfilter7_110-debuginfo-4.4-150400.3.27.1 * ffmpeg-4-private-devel-4.4-150400.3.27.1 * libswresample3_9-debuginfo-4.4-150400.3.27.1 * libavcodec58_134-4.4-150400.3.27.1 * libavdevice58_13-4.4-150400.3.27.1 * ffmpeg-4-4.4-150400.3.27.1 * ffmpeg-4-debuginfo-4.4-150400.3.27.1 * libavdevice58_13-debuginfo-4.4-150400.3.27.1 * libavcodec58_134-debuginfo-4.4-150400.3.27.1 * libpostproc55_9-debuginfo-4.4-150400.3.27.1 * ffmpeg-4-debugsource-4.4-150400.3.27.1 * ffmpeg-4-libswscale-devel-4.4-150400.3.27.1 * libavfilter7_110-4.4-150400.3.27.1 * libpostproc55_9-4.4-150400.3.27.1 * ffmpeg-4-libavformat-devel-4.4-150400.3.27.1 * ffmpeg-4-libavresample-devel-4.4-150400.3.27.1 * ffmpeg-4-libavutil-devel-4.4-150400.3.27.1 * libavresample4_0-debuginfo-4.4-150400.3.27.1 * ffmpeg-4-libavdevice-devel-4.4-150400.3.27.1 * libswscale5_9-debuginfo-4.4-150400.3.27.1 * libavformat58_76-4.4-150400.3.27.1 * ffmpeg-4-libavcodec-devel-4.4-150400.3.27.1 * libavformat58_76-debuginfo-4.4-150400.3.27.1 * openSUSE Leap 15.5 (x86_64) * libavfilter7_110-32bit-debuginfo-4.4-150400.3.27.1 * libavcodec58_134-32bit-debuginfo-4.4-150400.3.27.1 * libavfilter7_110-32bit-4.4-150400.3.27.1 * libpostproc55_9-32bit-debuginfo-4.4-150400.3.27.1 * libavutil56_70-32bit-4.4-150400.3.27.1 * libavformat58_76-32bit-4.4-150400.3.27.1 * libswscale5_9-32bit-4.4-150400.3.27.1 * libavresample4_0-32bit-4.4-150400.3.27.1 * libswscale5_9-32bit-debuginfo-4.4-150400.3.27.1 * libavcodec58_134-32bit-4.4-150400.3.27.1 * libavformat58_76-32bit-debuginfo-4.4-150400.3.27.1 * libavdevice58_13-32bit-debuginfo-4.4-150400.3.27.1 * libswresample3_9-32bit-debuginfo-4.4-150400.3.27.1 * libavdevice58_13-32bit-4.4-150400.3.27.1 * libswresample3_9-32bit-4.4-150400.3.27.1 * libpostproc55_9-32bit-4.4-150400.3.27.1 * libavresample4_0-32bit-debuginfo-4.4-150400.3.27.1 * libavutil56_70-32bit-debuginfo-4.4-150400.3.27.1 * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x x86_64) * ffmpeg-4-libpostproc-devel-4.4-150400.3.27.1 * libavresample4_0-4.4-150400.3.27.1 * libswscale5_9-4.4-150400.3.27.1 * libavutil56_70-4.4-150400.3.27.1 * libswresample3_9-4.4-150400.3.27.1 * libavutil56_70-debuginfo-4.4-150400.3.27.1 * ffmpeg-4-libavfilter-devel-4.4-150400.3.27.1 * ffmpeg-4-libswresample-devel-4.4-150400.3.27.1 * libavfilter7_110-debuginfo-4.4-150400.3.27.1 * ffmpeg-4-private-devel-4.4-150400.3.27.1 * libswresample3_9-debuginfo-4.4-150400.3.27.1 * libavcodec58_134-4.4-150400.3.27.1 * libavdevice58_13-4.4-150400.3.27.1 * ffmpeg-4-4.4-150400.3.27.1 * ffmpeg-4-debuginfo-4.4-150400.3.27.1 * libavdevice58_13-debuginfo-4.4-150400.3.27.1 * libavcodec58_134-debuginfo-4.4-150400.3.27.1 * libpostproc55_9-debuginfo-4.4-150400.3.27.1 * ffmpeg-4-debugsource-4.4-150400.3.27.1 * ffmpeg-4-libswscale-devel-4.4-150400.3.27.1 * libavfilter7_110-4.4-150400.3.27.1 * libpostproc55_9-4.4-150400.3.27.1 * ffmpeg-4-libavformat-devel-4.4-150400.3.27.1 * ffmpeg-4-libavresample-devel-4.4-150400.3.27.1 * ffmpeg-4-libavutil-devel-4.4-150400.3.27.1 * libavresample4_0-debuginfo-4.4-150400.3.27.1 * ffmpeg-4-libavdevice-devel-4.4-150400.3.27.1 * libswscale5_9-debuginfo-4.4-150400.3.27.1 * libavformat58_76-4.4-150400.3.27.1 * ffmpeg-4-libavcodec-devel-4.4-150400.3.27.1 * libavformat58_76-debuginfo-4.4-150400.3.27.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * libpostproc55_9-4.4-150400.3.27.1 * ffmpeg-4-debuginfo-4.4-150400.3.27.1 * libavcodec58_134-debuginfo-4.4-150400.3.27.1 * libpostproc55_9-debuginfo-4.4-150400.3.27.1 * libswresample3_9-debuginfo-4.4-150400.3.27.1 * ffmpeg-4-debugsource-4.4-150400.3.27.1 * libavcodec58_134-4.4-150400.3.27.1 * libavformat58_76-4.4-150400.3.27.1 * libavutil56_70-4.4-150400.3.27.1 * libswresample3_9-4.4-150400.3.27.1 * libavutil56_70-debuginfo-4.4-150400.3.27.1 * libavformat58_76-debuginfo-4.4-150400.3.27.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * libpostproc55_9-4.4-150400.3.27.1 * ffmpeg-4-debuginfo-4.4-150400.3.27.1 * libavcodec58_134-debuginfo-4.4-150400.3.27.1 * libpostproc55_9-debuginfo-4.4-150400.3.27.1 * libswresample3_9-debuginfo-4.4-150400.3.27.1 * ffmpeg-4-debugsource-4.4-150400.3.27.1 * libavcodec58_134-4.4-150400.3.27.1 * libavformat58_76-4.4-150400.3.27.1 * libavutil56_70-4.4-150400.3.27.1 * libswresample3_9-4.4-150400.3.27.1 * libavutil56_70-debuginfo-4.4-150400.3.27.1 * libavformat58_76-debuginfo-4.4-150400.3.27.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * libpostproc55_9-4.4-150400.3.27.1 * ffmpeg-4-debuginfo-4.4-150400.3.27.1 * libswscale5_9-4.4-150400.3.27.1 * libavcodec58_134-debuginfo-4.4-150400.3.27.1 * libpostproc55_9-debuginfo-4.4-150400.3.27.1 * libswscale5_9-debuginfo-4.4-150400.3.27.1 * libswresample3_9-debuginfo-4.4-150400.3.27.1 * ffmpeg-4-debugsource-4.4-150400.3.27.1 * libavcodec58_134-4.4-150400.3.27.1 * libavformat58_76-4.4-150400.3.27.1 * libavutil56_70-4.4-150400.3.27.1 * libswresample3_9-4.4-150400.3.27.1 * libavutil56_70-debuginfo-4.4-150400.3.27.1 * libavformat58_76-debuginfo-4.4-150400.3.27.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * libpostproc55_9-4.4-150400.3.27.1 * ffmpeg-4-debuginfo-4.4-150400.3.27.1 * libavcodec58_134-debuginfo-4.4-150400.3.27.1 * libpostproc55_9-debuginfo-4.4-150400.3.27.1 * libswresample3_9-debuginfo-4.4-150400.3.27.1 * ffmpeg-4-debugsource-4.4-150400.3.27.1 * libavcodec58_134-4.4-150400.3.27.1 * libavformat58_76-4.4-150400.3.27.1 * libavutil56_70-4.4-150400.3.27.1 * libswresample3_9-4.4-150400.3.27.1 * libavutil56_70-debuginfo-4.4-150400.3.27.1 * libavformat58_76-debuginfo-4.4-150400.3.27.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * libpostproc55_9-4.4-150400.3.27.1 * ffmpeg-4-debuginfo-4.4-150400.3.27.1 * libavcodec58_134-debuginfo-4.4-150400.3.27.1 * libpostproc55_9-debuginfo-4.4-150400.3.27.1 * libswresample3_9-debuginfo-4.4-150400.3.27.1 * ffmpeg-4-debugsource-4.4-150400.3.27.1 * libavcodec58_134-4.4-150400.3.27.1 * libavformat58_76-4.4-150400.3.27.1 * libavutil56_70-4.4-150400.3.27.1 * libswresample3_9-4.4-150400.3.27.1 * libavutil56_70-debuginfo-4.4-150400.3.27.1 * libavformat58_76-debuginfo-4.4-150400.3.27.1 * SUSE Linux Enterprise Workstation Extension 15 SP5 (x86_64) * ffmpeg-4-debuginfo-4.4-150400.3.27.1 * libswscale5_9-4.4-150400.3.27.1 * libavcodec58_134-debuginfo-4.4-150400.3.27.1 * libswscale5_9-debuginfo-4.4-150400.3.27.1 * libswresample3_9-debuginfo-4.4-150400.3.27.1 * ffmpeg-4-debugsource-4.4-150400.3.27.1 * libavcodec58_134-4.4-150400.3.27.1 * libavformat58_76-4.4-150400.3.27.1 * libavutil56_70-4.4-150400.3.27.1 * libswresample3_9-4.4-150400.3.27.1 * libavutil56_70-debuginfo-4.4-150400.3.27.1 * libavformat58_76-debuginfo-4.4-150400.3.27.1 ## References: * https://www.suse.com/security/cve/CVE-2023-50010.html * https://bugzilla.suse.com/show_bug.cgi?id=1223256 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 10 08:30:17 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 10 May 2024 08:30:17 -0000 Subject: SUSE-SU-2024:1591-1: important: Security update for python-Werkzeug Message-ID: <171532981725.16038.4453306981871873867@smelt2.prg2.suse.org> # Security update for python-Werkzeug Announcement ID: SUSE-SU-2024:1591-1 Rating: important References: * bsc#1223979 Cross-References: * CVE-2024-34069 CVSS scores: * CVE-2024-34069 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * Python 3 Module 15-SP5 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for python-Werkzeug fixes the following issues: * CVE-2024-34069: Fixed a remote code execution through debugger when interacting with attacker controlled domain (bsc#1223979). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-1591=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-1591=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-1591=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-1591=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1591=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-1591=1 * Python 3 Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Python3-15-SP5-2024-1591=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-1591=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-1591=1 ## Package List: * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (noarch) * python311-Werkzeug-2.3.6-150400.6.9.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch) * python311-Werkzeug-2.3.6-150400.6.9.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * python311-Werkzeug-2.3.6-150400.6.9.1 * openSUSE Leap 15.4 (noarch) * python311-Werkzeug-2.3.6-150400.6.9.1 * openSUSE Leap 15.5 (noarch) * python311-Werkzeug-2.3.6-150400.6.9.1 * openSUSE Leap 15.6 (noarch) * python311-Werkzeug-2.3.6-150400.6.9.1 * Python 3 Module 15-SP5 (noarch) * python311-Werkzeug-2.3.6-150400.6.9.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * python311-Werkzeug-2.3.6-150400.6.9.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * python311-Werkzeug-2.3.6-150400.6.9.1 ## References: * https://www.suse.com/security/cve/CVE-2024-34069.html * https://bugzilla.suse.com/show_bug.cgi?id=1223979 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 10 08:30:19 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 10 May 2024 08:30:19 -0000 Subject: SUSE-SU-2024:1590-1: moderate: Security update for ghostscript Message-ID: <171532981902.16038.11524752728575849170@smelt2.prg2.suse.org> # Security update for ghostscript Announcement ID: SUSE-SU-2024:1590-1 Rating: moderate References: * bsc#1223852 Cross-References: * CVE-2023-52722 CVSS scores: * CVE-2023-52722 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for ghostscript fixes the following issues: * CVE-2023-52722: Do not allow eexec seeds other than the Type 1 standard while using SAFER mode (bsc#1223852). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1590=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-1590=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * ghostscript-debugsource-9.52-150000.188.1 * ghostscript-x11-9.52-150000.188.1 * ghostscript-debuginfo-9.52-150000.188.1 * ghostscript-x11-debuginfo-9.52-150000.188.1 * ghostscript-devel-9.52-150000.188.1 * ghostscript-9.52-150000.188.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * ghostscript-debugsource-9.52-150000.188.1 * ghostscript-x11-9.52-150000.188.1 * ghostscript-debuginfo-9.52-150000.188.1 * ghostscript-x11-debuginfo-9.52-150000.188.1 * ghostscript-devel-9.52-150000.188.1 * ghostscript-9.52-150000.188.1 ## References: * https://www.suse.com/security/cve/CVE-2023-52722.html * https://bugzilla.suse.com/show_bug.cgi?id=1223852 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 10 08:30:22 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 10 May 2024 08:30:22 -0000 Subject: SUSE-SU-2024:1588-1: moderate: Security update for go1.21 Message-ID: <171532982210.16038.7669829885496291625@smelt2.prg2.suse.org> # Security update for go1.21 Announcement ID: SUSE-SU-2024:1588-1 Rating: moderate References: * bsc#1212475 * bsc#1224017 Cross-References: * CVE-2024-24787 CVSS scores: * CVE-2024-24787 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H Affected Products: * Development Tools Module 15-SP5 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for go1.21 fixes the following issues: Update to go1.21.10: * CVE-2024-24787: cmd/go: arbitrary code execution during build on darwin (bsc#1224017) * net/http: TestRequestLimit/h2 becomes significantly more expensive and slower after x/net at v0.23.0 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1588=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-1588=1 * Development Tools Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2024-1588=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-1588=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-1588=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-1588=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-1588=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-1588=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * go1.21-doc-1.21.10-150000.1.33.1 * go1.21-race-1.21.10-150000.1.33.1 * go1.21-1.21.10-150000.1.33.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * go1.21-doc-1.21.10-150000.1.33.1 * go1.21-race-1.21.10-150000.1.33.1 * go1.21-1.21.10-150000.1.33.1 * Development Tools Module 15-SP5 (aarch64 ppc64le s390x x86_64) * go1.21-doc-1.21.10-150000.1.33.1 * go1.21-race-1.21.10-150000.1.33.1 * go1.21-1.21.10-150000.1.33.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * go1.21-doc-1.21.10-150000.1.33.1 * go1.21-race-1.21.10-150000.1.33.1 * go1.21-1.21.10-150000.1.33.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * go1.21-doc-1.21.10-150000.1.33.1 * go1.21-race-1.21.10-150000.1.33.1 * go1.21-1.21.10-150000.1.33.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * go1.21-doc-1.21.10-150000.1.33.1 * go1.21-race-1.21.10-150000.1.33.1 * go1.21-1.21.10-150000.1.33.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * go1.21-doc-1.21.10-150000.1.33.1 * go1.21-1.21.10-150000.1.33.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 x86_64) * go1.21-race-1.21.10-150000.1.33.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * go1.21-doc-1.21.10-150000.1.33.1 * go1.21-1.21.10-150000.1.33.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64) * go1.21-race-1.21.10-150000.1.33.1 ## References: * https://www.suse.com/security/cve/CVE-2024-24787.html * https://bugzilla.suse.com/show_bug.cgi?id=1212475 * https://bugzilla.suse.com/show_bug.cgi?id=1224017 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 10 08:30:24 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 10 May 2024 08:30:24 -0000 Subject: SUSE-SU-2024:1587-1: moderate: Security update for go1.22 Message-ID: <171532982403.16038.13455140381707428394@smelt2.prg2.suse.org> # Security update for go1.22 Announcement ID: SUSE-SU-2024:1587-1 Rating: moderate References: * bsc#1218424 * bsc#1224017 * bsc#1224018 Cross-References: * CVE-2024-24787 * CVE-2024-24788 CVSS scores: * CVE-2024-24787 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-24788 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Affected Products: * Development Tools Module 15-SP5 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves two vulnerabilities and has one security fix can now be installed. ## Description: This update for go1.22 fixes the following issues: Update to go1.22.3: * CVE-2024-24787: cmd/go: arbitrary code execution during build on darwin (bsc#1224017) * CVE-2024-24788: net: high cpu usage in extractExtendedRCode (bsc#1224018) * cmd/compile: Go 1.22.x failed to be bootstrapped from 386 to ppc64le * cmd/compile: changing a hot concrete method to interface method triggers a PGO ICE * runtime: deterministic fallback hashes across process boundary * net/http: TestRequestLimit/h2 becomes significantly more expensive and slower after x/net at v0.23.0 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1587=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-1587=1 * Development Tools Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2024-1587=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * go1.22-1.22.3-150000.1.15.1 * go1.22-race-1.22.3-150000.1.15.1 * go1.22-doc-1.22.3-150000.1.15.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * go1.22-1.22.3-150000.1.15.1 * go1.22-race-1.22.3-150000.1.15.1 * go1.22-doc-1.22.3-150000.1.15.1 * Development Tools Module 15-SP5 (aarch64 ppc64le s390x x86_64) * go1.22-1.22.3-150000.1.15.1 * go1.22-race-1.22.3-150000.1.15.1 * go1.22-doc-1.22.3-150000.1.15.1 ## References: * https://www.suse.com/security/cve/CVE-2024-24787.html * https://www.suse.com/security/cve/CVE-2024-24788.html * https://bugzilla.suse.com/show_bug.cgi?id=1218424 * https://bugzilla.suse.com/show_bug.cgi?id=1224017 * https://bugzilla.suse.com/show_bug.cgi?id=1224018 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 10 12:30:02 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 10 May 2024 12:30:02 -0000 Subject: SUSE-SU-2024:1596-1: important: Security update for the Linux Kernel (Live Patch 12 for SLE 15 SP4) Message-ID: <171534420239.30359.6479835822574993892@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 12 for SLE 15 SP4) Announcement ID: SUSE-SU-2024:1596-1 Rating: important References: * bsc#1216644 * bsc#1219079 * bsc#1219435 * bsc#1220828 Cross-References: * CVE-2023-5717 * CVE-2024-0775 * CVE-2024-1086 * CVE-2024-26622 CVSS scores: * CVE-2023-5717 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-5717 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-0775 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-0775 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-1086 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-1086 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26622 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise Live Patching 15-SP3 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves four vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150400_24_63 fixes several issues. The following security issues were fixed: * CVE-2024-0775: Fixed a use-after-free flaw was found in the __ext4_remount in fs/ext4/super.c in ext4 (bsc#1219079). * CVE-2023-5717: Fixed a heap out-of-bounds write vulnerability perf component (bsc#1216644). * CVE-2024-26622: Fixed a use-after-free bug in tomoyo_write_control() (bsc#1220828). * CVE-2024-1086: Fixed a use-after-free vulnerability related to nft_verdict_init() (bsc#1219435). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2024-1595=1 * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-1596=1 SUSE-2024-1597=1 * SUSE Linux Enterprise Live Patching 15-SP3 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2024-1596=1 SUSE-SLE- Module-Live-Patching-15-SP3-2024-1597=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-1595=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_63-default-debuginfo-13-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_12-debugsource-13-150400.2.1 * kernel-livepatch-5_14_21-150400_24_63-default-13-150400.2.1 * openSUSE Leap 15.3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_138-default-8-150300.2.1 * kernel-livepatch-5_3_18-150300_59_141-default-debuginfo-7-150300.2.1 * kernel-livepatch-5_3_18-150300_59_138-default-debuginfo-8-150300.2.1 * kernel-livepatch-SLE15-SP3_Update_38-debugsource-7-150300.2.1 * kernel-livepatch-SLE15-SP3_Update_37-debugsource-8-150300.2.1 * kernel-livepatch-5_3_18-150300_59_141-default-7-150300.2.1 * openSUSE Leap 15.3 (x86_64) * kernel-livepatch-5_3_18-150300_59_141-preempt-7-150300.2.1 * kernel-livepatch-5_3_18-150300_59_138-preempt-debuginfo-8-150300.2.1 * kernel-livepatch-5_3_18-150300_59_138-preempt-8-150300.2.1 * kernel-livepatch-5_3_18-150300_59_141-preempt-debuginfo-7-150300.2.1 * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_138-default-8-150300.2.1 * kernel-livepatch-5_3_18-150300_59_141-default-7-150300.2.1 * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_63-default-debuginfo-13-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_12-debugsource-13-150400.2.1 * kernel-livepatch-5_14_21-150400_24_63-default-13-150400.2.1 ## References: * https://www.suse.com/security/cve/CVE-2023-5717.html * https://www.suse.com/security/cve/CVE-2024-0775.html * https://www.suse.com/security/cve/CVE-2024-1086.html * https://www.suse.com/security/cve/CVE-2024-26622.html * https://bugzilla.suse.com/show_bug.cgi?id=1216644 * https://bugzilla.suse.com/show_bug.cgi?id=1219079 * https://bugzilla.suse.com/show_bug.cgi?id=1219435 * https://bugzilla.suse.com/show_bug.cgi?id=1220828 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 10 12:30:05 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 10 May 2024 12:30:05 -0000 Subject: SUSE-SU-2024:1598-1: important: Security update for less Message-ID: <171534420502.30359.1154560570675636385@smelt2.prg2.suse.org> # Security update for less Announcement ID: SUSE-SU-2024:1598-1 Rating: important References: * bsc#1222849 Cross-References: * CVE-2024-32487 CVSS scores: * CVE-2024-32487 ( SUSE ): 8.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap Micro 5.3 * openSUSE Leap Micro 5.4 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for less fixes the following issues: * CVE-2024-32487: Fixed mishandling of \n character in paths when LESSOPEN is set leads to OS command execution. (bsc#1222849) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-1598=1 * openSUSE Leap Micro 5.3 zypper in -t patch openSUSE-Leap-Micro-5.3-2024-1598=1 * openSUSE Leap Micro 5.4 zypper in -t patch openSUSE-Leap-Micro-5.4-2024-1598=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1598=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-1598=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-1598=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-1598=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-1598=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-1598=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-1598=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-1598=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-1598=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-1598=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-1598=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-1598=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-1598=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-1598=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-1598=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * less-debuginfo-590-150400.3.9.1 * less-590-150400.3.9.1 * less-debugsource-590-150400.3.9.1 * openSUSE Leap Micro 5.3 (aarch64 x86_64) * less-debuginfo-590-150400.3.9.1 * less-590-150400.3.9.1 * less-debugsource-590-150400.3.9.1 * openSUSE Leap Micro 5.4 (aarch64 s390x x86_64) * less-debuginfo-590-150400.3.9.1 * less-590-150400.3.9.1 * less-debugsource-590-150400.3.9.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * less-debuginfo-590-150400.3.9.1 * less-590-150400.3.9.1 * less-debugsource-590-150400.3.9.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * less-debuginfo-590-150400.3.9.1 * less-590-150400.3.9.1 * less-debugsource-590-150400.3.9.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * less-debuginfo-590-150400.3.9.1 * less-590-150400.3.9.1 * less-debugsource-590-150400.3.9.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * less-debuginfo-590-150400.3.9.1 * less-590-150400.3.9.1 * less-debugsource-590-150400.3.9.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * less-debuginfo-590-150400.3.9.1 * less-590-150400.3.9.1 * less-debugsource-590-150400.3.9.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 s390x x86_64) * less-debuginfo-590-150400.3.9.1 * less-590-150400.3.9.1 * less-debugsource-590-150400.3.9.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * less-debuginfo-590-150400.3.9.1 * less-590-150400.3.9.1 * less-debugsource-590-150400.3.9.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * less-debuginfo-590-150400.3.9.1 * less-590-150400.3.9.1 * less-debugsource-590-150400.3.9.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * less-debuginfo-590-150400.3.9.1 * less-590-150400.3.9.1 * less-debugsource-590-150400.3.9.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * less-debuginfo-590-150400.3.9.1 * less-590-150400.3.9.1 * less-debugsource-590-150400.3.9.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * less-debuginfo-590-150400.3.9.1 * less-590-150400.3.9.1 * less-debugsource-590-150400.3.9.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * less-debuginfo-590-150400.3.9.1 * less-590-150400.3.9.1 * less-debugsource-590-150400.3.9.1 * SUSE Manager Proxy 4.3 (x86_64) * less-debuginfo-590-150400.3.9.1 * less-590-150400.3.9.1 * less-debugsource-590-150400.3.9.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * less-debuginfo-590-150400.3.9.1 * less-590-150400.3.9.1 * less-debugsource-590-150400.3.9.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * less-debuginfo-590-150400.3.9.1 * less-590-150400.3.9.1 * less-debugsource-590-150400.3.9.1 ## References: * https://www.suse.com/security/cve/CVE-2024-32487.html * https://bugzilla.suse.com/show_bug.cgi?id=1222849 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 10 16:30:02 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 10 May 2024 16:30:02 -0000 Subject: SUSE-SU-2024:1605-1: moderate: Security update for tpm2-0-tss Message-ID: <171535860233.13521.16299028979406920056@smelt2.prg2.suse.org> # Security update for tpm2-0-tss Announcement ID: SUSE-SU-2024:1605-1 Rating: moderate References: * bsc#1223690 Cross-References: * CVE-2024-29040 CVSS scores: * CVE-2024-29040 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N Affected Products: * openSUSE Leap 15.3 An update that solves one vulnerability can now be installed. ## Description: This update for tpm2-0-tss fixes the following issues: * CVE-2024-29040: Fixed quote data validation by Fapi_VerifyQuote (bsc#1223690). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-1605=1 ## Package List: * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * libtss2-sys0-2.4.5-150300.3.9.1 * libtss2-esys0-2.4.5-150300.3.9.1 * libtss2-tcti-device0-debuginfo-2.4.5-150300.3.9.1 * tpm2-0-tss-debugsource-2.4.5-150300.3.9.1 * libtss2-fapi0-debuginfo-2.4.5-150300.3.9.1 * libtss2-sys0-debuginfo-2.4.5-150300.3.9.1 * libtss2-tctildr0-debuginfo-2.4.5-150300.3.9.1 * tpm2-0-tss-devel-2.4.5-150300.3.9.1 * tpm2-0-tss-2.4.5-150300.3.9.1 * libtss2-rc0-2.4.5-150300.3.9.1 * libtss2-rc0-debuginfo-2.4.5-150300.3.9.1 * libtss2-esys0-debuginfo-2.4.5-150300.3.9.1 * libtss2-tcti-mssim0-2.4.5-150300.3.9.1 * libtss2-tcti-device0-2.4.5-150300.3.9.1 * libtss2-mu0-debuginfo-2.4.5-150300.3.9.1 * libtss2-tcti-mssim0-debuginfo-2.4.5-150300.3.9.1 * libtss2-fapi0-2.4.5-150300.3.9.1 * libtss2-tctildr0-2.4.5-150300.3.9.1 * libtss2-mu0-2.4.5-150300.3.9.1 * openSUSE Leap 15.3 (x86_64) * libtss2-tcti-device0-32bit-2.4.5-150300.3.9.1 * libtss2-esys0-32bit-2.4.5-150300.3.9.1 * libtss2-tcti-mssim0-32bit-2.4.5-150300.3.9.1 * libtss2-tcti-mssim0-32bit-debuginfo-2.4.5-150300.3.9.1 * libtss2-sys0-32bit-2.4.5-150300.3.9.1 * libtss2-sys0-32bit-debuginfo-2.4.5-150300.3.9.1 * libtss2-mu0-32bit-2.4.5-150300.3.9.1 * libtss2-esys0-32bit-debuginfo-2.4.5-150300.3.9.1 * libtss2-mu0-32bit-debuginfo-2.4.5-150300.3.9.1 * libtss2-tcti-device0-32bit-debuginfo-2.4.5-150300.3.9.1 * openSUSE Leap 15.3 (aarch64_ilp32) * libtss2-tcti-device0-64bit-debuginfo-2.4.5-150300.3.9.1 * libtss2-esys0-64bit-2.4.5-150300.3.9.1 * libtss2-mu0-64bit-debuginfo-2.4.5-150300.3.9.1 * libtss2-esys0-64bit-debuginfo-2.4.5-150300.3.9.1 * libtss2-mu0-64bit-2.4.5-150300.3.9.1 * libtss2-tcti-mssim0-64bit-debuginfo-2.4.5-150300.3.9.1 * libtss2-sys0-64bit-debuginfo-2.4.5-150300.3.9.1 * libtss2-tcti-mssim0-64bit-2.4.5-150300.3.9.1 * libtss2-tcti-device0-64bit-2.4.5-150300.3.9.1 * libtss2-sys0-64bit-2.4.5-150300.3.9.1 ## References: * https://www.suse.com/security/cve/CVE-2024-29040.html * https://bugzilla.suse.com/show_bug.cgi?id=1223690 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 10 20:30:08 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 10 May 2024 20:30:08 -0000 Subject: SUSE-SU-2024:1610-1: important: Security update for freerdp Message-ID: <171537300882.25533.13753154910647917238@smelt2.prg2.suse.org> # Security update for freerdp Announcement ID: SUSE-SU-2024:1610-1 Rating: important References: * bsc#1223293 * bsc#1223294 * bsc#1223295 * bsc#1223296 * bsc#1223297 * bsc#1223298 Cross-References: * CVE-2024-32039 * CVE-2024-32040 * CVE-2024-32041 * CVE-2024-32458 * CVE-2024-32459 * CVE-2024-32460 CVSS scores: * CVE-2024-32039 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-32040 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-32041 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2024-32458 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2024-32459 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2024-32460 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Workstation Extension 15 SP5 * SUSE Package Hub 15 15-SP5 An update that solves six vulnerabilities can now be installed. ## Description: This update for freerdp fixes the following issues: * CVE-2024-32039: Fixed an out-of-bounds write with variables of type uint32 (bsc#1223293) * CVE-2024-32040: Fixed a integer underflow when using the 'NSC' codec (bsc#1223294) * CVE-2024-32041: Fixed an out-of-bounds read in Stream_GetRemainingLength() (bsc#1223295) * CVE-2024-32458: Fixed an out-of-bounds read on pSrcData[] (bsc#1223296) * CVE-2024-32459: Fixed an out-of-bounds read in case SrcSize less than 4 (bsc#1223297) * CVE-2024-32460: Fixed an out-of-bounds read when using '/bpp:32' legacy 'GDI' drawing path (bsc#1223298) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-1610=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1610=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-1610=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-1610=1 * SUSE Linux Enterprise Workstation Extension 15 SP5 zypper in -t patch SUSE-SLE-Product-WE-15-SP5-2024-1610=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * freerdp-debugsource-2.4.0-150400.3.29.1 * libfreerdp2-2.4.0-150400.3.29.1 * freerdp-server-debuginfo-2.4.0-150400.3.29.1 * libwinpr2-debuginfo-2.4.0-150400.3.29.1 * libuwac0-0-2.4.0-150400.3.29.1 * freerdp-debuginfo-2.4.0-150400.3.29.1 * winpr2-devel-2.4.0-150400.3.29.1 * freerdp-2.4.0-150400.3.29.1 * freerdp-wayland-2.4.0-150400.3.29.1 * libuwac0-0-debuginfo-2.4.0-150400.3.29.1 * freerdp-proxy-2.4.0-150400.3.29.1 * freerdp-server-2.4.0-150400.3.29.1 * freerdp-wayland-debuginfo-2.4.0-150400.3.29.1 * libwinpr2-2.4.0-150400.3.29.1 * libfreerdp2-debuginfo-2.4.0-150400.3.29.1 * freerdp-devel-2.4.0-150400.3.29.1 * freerdp-proxy-debuginfo-2.4.0-150400.3.29.1 * uwac0-0-devel-2.4.0-150400.3.29.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * freerdp-debugsource-2.4.0-150400.3.29.1 * libfreerdp2-2.4.0-150400.3.29.1 * freerdp-server-debuginfo-2.4.0-150400.3.29.1 * libwinpr2-debuginfo-2.4.0-150400.3.29.1 * libuwac0-0-2.4.0-150400.3.29.1 * freerdp-debuginfo-2.4.0-150400.3.29.1 * winpr2-devel-2.4.0-150400.3.29.1 * freerdp-2.4.0-150400.3.29.1 * freerdp-wayland-2.4.0-150400.3.29.1 * libuwac0-0-debuginfo-2.4.0-150400.3.29.1 * freerdp-proxy-2.4.0-150400.3.29.1 * freerdp-server-2.4.0-150400.3.29.1 * freerdp-wayland-debuginfo-2.4.0-150400.3.29.1 * libwinpr2-2.4.0-150400.3.29.1 * libfreerdp2-debuginfo-2.4.0-150400.3.29.1 * freerdp-devel-2.4.0-150400.3.29.1 * freerdp-proxy-debuginfo-2.4.0-150400.3.29.1 * uwac0-0-devel-2.4.0-150400.3.29.1 * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x) * freerdp-debugsource-2.4.0-150400.3.29.1 * libfreerdp2-2.4.0-150400.3.29.1 * freerdp-server-debuginfo-2.4.0-150400.3.29.1 * libwinpr2-debuginfo-2.4.0-150400.3.29.1 * libuwac0-0-2.4.0-150400.3.29.1 * freerdp-debuginfo-2.4.0-150400.3.29.1 * winpr2-devel-2.4.0-150400.3.29.1 * freerdp-2.4.0-150400.3.29.1 * freerdp-wayland-2.4.0-150400.3.29.1 * libuwac0-0-debuginfo-2.4.0-150400.3.29.1 * freerdp-proxy-2.4.0-150400.3.29.1 * freerdp-server-2.4.0-150400.3.29.1 * freerdp-wayland-debuginfo-2.4.0-150400.3.29.1 * libwinpr2-2.4.0-150400.3.29.1 * libfreerdp2-debuginfo-2.4.0-150400.3.29.1 * freerdp-devel-2.4.0-150400.3.29.1 * freerdp-proxy-debuginfo-2.4.0-150400.3.29.1 * uwac0-0-devel-2.4.0-150400.3.29.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * freerdp-debugsource-2.4.0-150400.3.29.1 * libfreerdp2-2.4.0-150400.3.29.1 * libwinpr2-debuginfo-2.4.0-150400.3.29.1 * freerdp-debuginfo-2.4.0-150400.3.29.1 * winpr2-devel-2.4.0-150400.3.29.1 * freerdp-2.4.0-150400.3.29.1 * freerdp-proxy-2.4.0-150400.3.29.1 * libwinpr2-2.4.0-150400.3.29.1 * libfreerdp2-debuginfo-2.4.0-150400.3.29.1 * freerdp-devel-2.4.0-150400.3.29.1 * freerdp-proxy-debuginfo-2.4.0-150400.3.29.1 * SUSE Linux Enterprise Workstation Extension 15 SP5 (x86_64) * freerdp-debugsource-2.4.0-150400.3.29.1 * libfreerdp2-2.4.0-150400.3.29.1 * libwinpr2-debuginfo-2.4.0-150400.3.29.1 * freerdp-debuginfo-2.4.0-150400.3.29.1 * winpr2-devel-2.4.0-150400.3.29.1 * freerdp-2.4.0-150400.3.29.1 * freerdp-proxy-2.4.0-150400.3.29.1 * libwinpr2-2.4.0-150400.3.29.1 * libfreerdp2-debuginfo-2.4.0-150400.3.29.1 * freerdp-devel-2.4.0-150400.3.29.1 * freerdp-proxy-debuginfo-2.4.0-150400.3.29.1 ## References: * https://www.suse.com/security/cve/CVE-2024-32039.html * https://www.suse.com/security/cve/CVE-2024-32040.html * https://www.suse.com/security/cve/CVE-2024-32041.html * https://www.suse.com/security/cve/CVE-2024-32458.html * https://www.suse.com/security/cve/CVE-2024-32459.html * https://www.suse.com/security/cve/CVE-2024-32460.html * https://bugzilla.suse.com/show_bug.cgi?id=1223293 * https://bugzilla.suse.com/show_bug.cgi?id=1223294 * https://bugzilla.suse.com/show_bug.cgi?id=1223295 * https://bugzilla.suse.com/show_bug.cgi?id=1223296 * https://bugzilla.suse.com/show_bug.cgi?id=1223297 * https://bugzilla.suse.com/show_bug.cgi?id=1223298 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 10 20:30:11 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 10 May 2024 20:30:11 -0000 Subject: SUSE-SU-2024:1609-1: important: Security update for freerdp Message-ID: <171537301101.25533.7415795376141686568@smelt2.prg2.suse.org> # Security update for freerdp Announcement ID: SUSE-SU-2024:1609-1 Rating: important References: * bsc#1223293 * bsc#1223294 * bsc#1223295 * bsc#1223296 * bsc#1223297 * bsc#1223298 Cross-References: * CVE-2024-32039 * CVE-2024-32040 * CVE-2024-32041 * CVE-2024-32458 * CVE-2024-32459 * CVE-2024-32460 CVSS scores: * CVE-2024-32039 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-32040 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-32041 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2024-32458 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2024-32459 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2024-32460 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 * SUSE Linux Enterprise Workstation Extension 12 12-SP5 An update that solves six vulnerabilities can now be installed. ## Description: This update for freerdp fixes the following issues: * CVE-2024-32039: Fixed an out-of-bounds write with variables of type uint32 (bsc#1223293) * CVE-2024-32040: Fixed a integer underflow when using the 'NSC' codec (bsc#1223294) * CVE-2024-32041: Fixed an out-of-bounds read in Stream_GetRemainingLength() (bsc#1223295) * CVE-2024-32458: Fixed an out-of-bounds read on pSrcData[] (bsc#1223296) * CVE-2024-32459: Fixed an out-of-bounds read in case SrcSize less than 4 (bsc#1223297) * CVE-2024-32460: Fixed an out-of-bounds read when using '/bpp:32' legacy 'GDI' drawing path (bsc#1223298) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-1609=1 * SUSE Linux Enterprise Workstation Extension 12 12-SP5 zypper in -t patch SUSE-SLE-WE-12-SP5-2024-1609=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * libfreerdp2-debuginfo-2.1.2-12.44.1 * freerdp-debuginfo-2.1.2-12.44.1 * libwinpr2-2.1.2-12.44.1 * winpr2-devel-2.1.2-12.44.1 * libwinpr2-debuginfo-2.1.2-12.44.1 * freerdp-devel-2.1.2-12.44.1 * libfreerdp2-2.1.2-12.44.1 * freerdp-debugsource-2.1.2-12.44.1 * SUSE Linux Enterprise Workstation Extension 12 12-SP5 (x86_64) * freerdp-proxy-2.1.2-12.44.1 * libfreerdp2-debuginfo-2.1.2-12.44.1 * freerdp-debuginfo-2.1.2-12.44.1 * libwinpr2-2.1.2-12.44.1 * freerdp-2.1.2-12.44.1 * freerdp-server-2.1.2-12.44.1 * libwinpr2-debuginfo-2.1.2-12.44.1 * libfreerdp2-2.1.2-12.44.1 * freerdp-debugsource-2.1.2-12.44.1 ## References: * https://www.suse.com/security/cve/CVE-2024-32039.html * https://www.suse.com/security/cve/CVE-2024-32040.html * https://www.suse.com/security/cve/CVE-2024-32041.html * https://www.suse.com/security/cve/CVE-2024-32458.html * https://www.suse.com/security/cve/CVE-2024-32459.html * https://www.suse.com/security/cve/CVE-2024-32460.html * https://bugzilla.suse.com/show_bug.cgi?id=1223293 * https://bugzilla.suse.com/show_bug.cgi?id=1223294 * https://bugzilla.suse.com/show_bug.cgi?id=1223295 * https://bugzilla.suse.com/show_bug.cgi?id=1223296 * https://bugzilla.suse.com/show_bug.cgi?id=1223297 * https://bugzilla.suse.com/show_bug.cgi?id=1223298 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 10 20:30:14 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 10 May 2024 20:30:14 -0000 Subject: SUSE-SU-2024:1608-1: important: Security update for python-Werkzeug Message-ID: <171537301433.25533.15908443189951292378@smelt2.prg2.suse.org> # Security update for python-Werkzeug Announcement ID: SUSE-SU-2024:1608-1 Rating: important References: * bsc#1223979 Cross-References: * CVE-2024-34069 CVSS scores: * CVE-2024-34069 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 An update that solves one vulnerability can now be installed. ## Description: This update for python-Werkzeug fixes the following issues: * CVE-2024-34069: Fixed a remote code execution through debugger when interacting with attacker controlled domain (bsc#1223979). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1608=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-1608=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-1608=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-1608=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-1608=1 ## Package List: * openSUSE Leap 15.5 (noarch) * python-Werkzeug-doc-0.14.1-150100.6.9.1 * openSUSE Leap 15.6 (noarch) * python-Werkzeug-doc-0.14.1-150100.6.9.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (noarch) * python3-Werkzeug-0.14.1-150100.6.9.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (noarch) * python3-Werkzeug-0.14.1-150100.6.9.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (noarch) * python3-Werkzeug-0.14.1-150100.6.9.1 ## References: * https://www.suse.com/security/cve/CVE-2024-34069.html * https://bugzilla.suse.com/show_bug.cgi?id=1223979 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 10 20:30:16 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 10 May 2024 20:30:16 -0000 Subject: SUSE-SU-2024:1607-1: important: Security update for python-Pillow Message-ID: <171537301667.25533.10183884871241546270@smelt2.prg2.suse.org> # Security update for python-Pillow Announcement ID: SUSE-SU-2024:1607-1 Rating: important References: * bsc#1185784 * bsc#1185785 * bsc#1185786 * bsc#1185803 * bsc#1185804 * bsc#1185805 Cross-References: * CVE-2021-25287 * CVE-2021-25288 * CVE-2021-28675 * CVE-2021-28676 * CVE-2021-28677 * CVE-2021-28678 CVSS scores: * CVE-2021-25287 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2021-25287 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2021-25288 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2021-25288 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2021-28675 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2021-28675 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2021-28676 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2021-28676 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2021-28677 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2021-28677 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2021-28678 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2021-28678 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.3 * openSUSE Leap 15.5 An update that solves six vulnerabilities can now be installed. ## Description: This update for python-Pillow fixes the following issues: * CVE-2021-25287: out-of-bounds read in J2kDecode in j2ku_graya_la (bsc#1185805) * CVE-2021-25288: out-of-bounds read in J2kDecode in j2ku_gray_i (bsc#1185803) * CVE-2021-28675: DoS in PsdImagePlugin (bsc#1185804) * CVE-2021-28676: infinite loop in FliDecode.c can lead to DoS (bsc#1185786) * CVE-2021-28677: DoS in the open phase via a malicious EPS file (bsc#1185785) * CVE-2021-28678: improper check in BlpImagePlugin can lead to DoS (bsc#1185784) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-1607=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1607=1 ## Package List: * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * python-Pillow-debuginfo-7.2.0-150300.3.12.1 * python3-Pillow-tk-7.2.0-150300.3.12.1 * python-Pillow-debugsource-7.2.0-150300.3.12.1 * python3-Pillow-7.2.0-150300.3.12.1 * python3-Pillow-tk-debuginfo-7.2.0-150300.3.12.1 * python3-Pillow-debuginfo-7.2.0-150300.3.12.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * python-Pillow-debuginfo-7.2.0-150300.3.12.1 * python3-Pillow-tk-7.2.0-150300.3.12.1 * python-Pillow-debugsource-7.2.0-150300.3.12.1 * python3-Pillow-7.2.0-150300.3.12.1 * python3-Pillow-tk-debuginfo-7.2.0-150300.3.12.1 * python3-Pillow-debuginfo-7.2.0-150300.3.12.1 ## References: * https://www.suse.com/security/cve/CVE-2021-25287.html * https://www.suse.com/security/cve/CVE-2021-25288.html * https://www.suse.com/security/cve/CVE-2021-28675.html * https://www.suse.com/security/cve/CVE-2021-28676.html * https://www.suse.com/security/cve/CVE-2021-28677.html * https://www.suse.com/security/cve/CVE-2021-28678.html * https://bugzilla.suse.com/show_bug.cgi?id=1185784 * https://bugzilla.suse.com/show_bug.cgi?id=1185785 * https://bugzilla.suse.com/show_bug.cgi?id=1185786 * https://bugzilla.suse.com/show_bug.cgi?id=1185803 * https://bugzilla.suse.com/show_bug.cgi?id=1185804 * https://bugzilla.suse.com/show_bug.cgi?id=1185805 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 13 12:30:02 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 13 May 2024 12:30:02 -0000 Subject: SUSE-SU-2024:0305-2: moderate: Security update for cpio Message-ID: <171560340237.6034.16283309913400682203@smelt2.prg2.suse.org> # Security update for cpio Announcement ID: SUSE-SU-2024:0305-2 Rating: moderate References: * bsc#1218571 * bsc#1219238 Cross-References: * CVE-2023-7207 CVSS scores: * CVE-2023-7207 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N Affected Products: * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for cpio fixes the following issues: * Fixed cpio not extracting correctly when using --no-absolute-filenames option the security fix for CVE-2023-7207 (bsc#1218571, bsc#1219238) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-305=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-305=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-305=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-305=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-305=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-305=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-305=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-305=1 ## Package List: * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * cpio-2.13-150400.3.6.1 * cpio-mt-debuginfo-2.13-150400.3.6.1 * cpio-debugsource-2.13-150400.3.6.1 * cpio-debuginfo-2.13-150400.3.6.1 * cpio-mt-2.13-150400.3.6.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * cpio-lang-2.13-150400.3.6.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * cpio-2.13-150400.3.6.1 * cpio-mt-debuginfo-2.13-150400.3.6.1 * cpio-debugsource-2.13-150400.3.6.1 * cpio-debuginfo-2.13-150400.3.6.1 * cpio-mt-2.13-150400.3.6.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * cpio-lang-2.13-150400.3.6.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * cpio-2.13-150400.3.6.1 * cpio-mt-debuginfo-2.13-150400.3.6.1 * cpio-debugsource-2.13-150400.3.6.1 * cpio-debuginfo-2.13-150400.3.6.1 * cpio-mt-2.13-150400.3.6.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (noarch) * cpio-lang-2.13-150400.3.6.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * cpio-2.13-150400.3.6.1 * cpio-mt-debuginfo-2.13-150400.3.6.1 * cpio-debugsource-2.13-150400.3.6.1 * cpio-debuginfo-2.13-150400.3.6.1 * cpio-mt-2.13-150400.3.6.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch) * cpio-lang-2.13-150400.3.6.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * cpio-2.13-150400.3.6.1 * cpio-mt-debuginfo-2.13-150400.3.6.1 * cpio-debugsource-2.13-150400.3.6.1 * cpio-debuginfo-2.13-150400.3.6.1 * cpio-mt-2.13-150400.3.6.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * cpio-lang-2.13-150400.3.6.1 * SUSE Manager Proxy 4.3 (x86_64) * cpio-2.13-150400.3.6.1 * cpio-mt-debuginfo-2.13-150400.3.6.1 * cpio-debugsource-2.13-150400.3.6.1 * cpio-debuginfo-2.13-150400.3.6.1 * cpio-mt-2.13-150400.3.6.1 * SUSE Manager Proxy 4.3 (noarch) * cpio-lang-2.13-150400.3.6.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * cpio-2.13-150400.3.6.1 * cpio-mt-debuginfo-2.13-150400.3.6.1 * cpio-debugsource-2.13-150400.3.6.1 * cpio-debuginfo-2.13-150400.3.6.1 * cpio-mt-2.13-150400.3.6.1 * SUSE Manager Retail Branch Server 4.3 (noarch) * cpio-lang-2.13-150400.3.6.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * cpio-2.13-150400.3.6.1 * cpio-mt-debuginfo-2.13-150400.3.6.1 * cpio-debugsource-2.13-150400.3.6.1 * cpio-debuginfo-2.13-150400.3.6.1 * cpio-mt-2.13-150400.3.6.1 * SUSE Manager Server 4.3 (noarch) * cpio-lang-2.13-150400.3.6.1 ## References: * https://www.suse.com/security/cve/CVE-2023-7207.html * https://bugzilla.suse.com/show_bug.cgi?id=1218571 * https://bugzilla.suse.com/show_bug.cgi?id=1219238 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 13 12:30:04 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 13 May 2024 12:30:04 -0000 Subject: SUSE-SU-2024:0638-2: moderate: Security update for gnutls Message-ID: <171560340481.6034.5060943442777713189@smelt2.prg2.suse.org> # Security update for gnutls Announcement ID: SUSE-SU-2024:0638-2 Rating: moderate References: * bsc#1218862 * bsc#1218865 Cross-References: * CVE-2024-0553 * CVE-2024-0567 CVSS scores: * CVE-2024-0553 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-0553 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-0567 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0567 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves two vulnerabilities can now be installed. ## Description: This update for gnutls fixes the following issues: * CVE-2024-0567: Fixed an incorrect rejection of certificate chains with distributed trust (bsc#1218862). * CVE-2024-0553: Fixed a timing attack against the RSA-PSK key exchange, which could lead to the leakage of sensitive data (bsc#1218865). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-638=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-638=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-638=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-638=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-638=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-638=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-638=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-638=1 ## Package List: * SUSE Manager Proxy 4.3 (x86_64) * libgnutls30-32bit-3.7.3-150400.4.41.3 * gnutls-debuginfo-3.7.3-150400.4.41.3 * libgnutls30-hmac-32bit-3.7.3-150400.4.41.3 * libgnutls30-3.7.3-150400.4.41.3 * libgnutls30-hmac-3.7.3-150400.4.41.3 * libgnutls30-debuginfo-3.7.3-150400.4.41.3 * libgnutls30-32bit-debuginfo-3.7.3-150400.4.41.3 * libgnutlsxx28-3.7.3-150400.4.41.3 * libgnutlsxx28-debuginfo-3.7.3-150400.4.41.3 * libgnutls-devel-3.7.3-150400.4.41.3 * libgnutlsxx-devel-3.7.3-150400.4.41.3 * gnutls-debugsource-3.7.3-150400.4.41.3 * gnutls-3.7.3-150400.4.41.3 * SUSE Manager Retail Branch Server 4.3 (x86_64) * libgnutls30-32bit-3.7.3-150400.4.41.3 * gnutls-debuginfo-3.7.3-150400.4.41.3 * libgnutls30-hmac-32bit-3.7.3-150400.4.41.3 * libgnutls30-3.7.3-150400.4.41.3 * libgnutls30-hmac-3.7.3-150400.4.41.3 * libgnutls30-debuginfo-3.7.3-150400.4.41.3 * libgnutls30-32bit-debuginfo-3.7.3-150400.4.41.3 * libgnutlsxx28-3.7.3-150400.4.41.3 * libgnutlsxx28-debuginfo-3.7.3-150400.4.41.3 * libgnutls-devel-3.7.3-150400.4.41.3 * libgnutlsxx-devel-3.7.3-150400.4.41.3 * gnutls-debugsource-3.7.3-150400.4.41.3 * gnutls-3.7.3-150400.4.41.3 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * gnutls-debuginfo-3.7.3-150400.4.41.3 * libgnutls30-3.7.3-150400.4.41.3 * libgnutls30-hmac-3.7.3-150400.4.41.3 * libgnutls30-debuginfo-3.7.3-150400.4.41.3 * libgnutlsxx28-3.7.3-150400.4.41.3 * libgnutlsxx28-debuginfo-3.7.3-150400.4.41.3 * libgnutls-devel-3.7.3-150400.4.41.3 * libgnutlsxx-devel-3.7.3-150400.4.41.3 * gnutls-debugsource-3.7.3-150400.4.41.3 * gnutls-3.7.3-150400.4.41.3 * SUSE Manager Server 4.3 (x86_64) * libgnutls30-32bit-3.7.3-150400.4.41.3 * libgnutls30-32bit-debuginfo-3.7.3-150400.4.41.3 * libgnutls30-hmac-32bit-3.7.3-150400.4.41.3 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * gnutls-debuginfo-3.7.3-150400.4.41.3 * libgnutls30-3.7.3-150400.4.41.3 * libgnutls30-hmac-3.7.3-150400.4.41.3 * libgnutls30-debuginfo-3.7.3-150400.4.41.3 * libgnutlsxx28-3.7.3-150400.4.41.3 * libgnutlsxx28-debuginfo-3.7.3-150400.4.41.3 * libgnutls-devel-3.7.3-150400.4.41.3 * libgnutlsxx-devel-3.7.3-150400.4.41.3 * gnutls-debugsource-3.7.3-150400.4.41.3 * gnutls-3.7.3-150400.4.41.3 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64) * libgnutls30-32bit-3.7.3-150400.4.41.3 * libgnutls30-32bit-debuginfo-3.7.3-150400.4.41.3 * libgnutls30-hmac-32bit-3.7.3-150400.4.41.3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * gnutls-debuginfo-3.7.3-150400.4.41.3 * libgnutls30-3.7.3-150400.4.41.3 * libgnutls30-hmac-3.7.3-150400.4.41.3 * libgnutls30-debuginfo-3.7.3-150400.4.41.3 * libgnutlsxx28-3.7.3-150400.4.41.3 * libgnutlsxx28-debuginfo-3.7.3-150400.4.41.3 * libgnutls-devel-3.7.3-150400.4.41.3 * libgnutlsxx-devel-3.7.3-150400.4.41.3 * gnutls-debugsource-3.7.3-150400.4.41.3 * gnutls-3.7.3-150400.4.41.3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64) * libgnutls30-32bit-3.7.3-150400.4.41.3 * libgnutls30-32bit-debuginfo-3.7.3-150400.4.41.3 * libgnutls30-hmac-32bit-3.7.3-150400.4.41.3 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * libgnutls30-32bit-3.7.3-150400.4.41.3 * gnutls-debuginfo-3.7.3-150400.4.41.3 * libgnutls30-hmac-32bit-3.7.3-150400.4.41.3 * libgnutls30-3.7.3-150400.4.41.3 * libgnutls30-hmac-3.7.3-150400.4.41.3 * libgnutls30-debuginfo-3.7.3-150400.4.41.3 * libgnutls30-32bit-debuginfo-3.7.3-150400.4.41.3 * libgnutlsxx28-3.7.3-150400.4.41.3 * libgnutlsxx28-debuginfo-3.7.3-150400.4.41.3 * libgnutls-devel-3.7.3-150400.4.41.3 * libgnutlsxx-devel-3.7.3-150400.4.41.3 * gnutls-debugsource-3.7.3-150400.4.41.3 * gnutls-3.7.3-150400.4.41.3 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * gnutls-debuginfo-3.7.3-150400.4.41.3 * libgnutls30-3.7.3-150400.4.41.3 * libgnutls30-hmac-3.7.3-150400.4.41.3 * libgnutls30-debuginfo-3.7.3-150400.4.41.3 * libgnutlsxx28-3.7.3-150400.4.41.3 * libgnutlsxx28-debuginfo-3.7.3-150400.4.41.3 * libgnutls-devel-3.7.3-150400.4.41.3 * libgnutlsxx-devel-3.7.3-150400.4.41.3 * gnutls-debugsource-3.7.3-150400.4.41.3 * gnutls-3.7.3-150400.4.41.3 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (x86_64) * libgnutls30-32bit-3.7.3-150400.4.41.3 * libgnutls30-32bit-debuginfo-3.7.3-150400.4.41.3 * libgnutls30-hmac-32bit-3.7.3-150400.4.41.3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * gnutls-debuginfo-3.7.3-150400.4.41.3 * libgnutls30-3.7.3-150400.4.41.3 * libgnutls30-hmac-3.7.3-150400.4.41.3 * libgnutls30-debuginfo-3.7.3-150400.4.41.3 * libgnutlsxx28-3.7.3-150400.4.41.3 * libgnutlsxx28-debuginfo-3.7.3-150400.4.41.3 * libgnutls-devel-3.7.3-150400.4.41.3 * libgnutlsxx-devel-3.7.3-150400.4.41.3 * gnutls-debugsource-3.7.3-150400.4.41.3 * gnutls-3.7.3-150400.4.41.3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64) * libgnutls30-32bit-3.7.3-150400.4.41.3 * libgnutls30-32bit-debuginfo-3.7.3-150400.4.41.3 * libgnutls30-hmac-32bit-3.7.3-150400.4.41.3 ## References: * https://www.suse.com/security/cve/CVE-2024-0553.html * https://www.suse.com/security/cve/CVE-2024-0567.html * https://bugzilla.suse.com/show_bug.cgi?id=1218862 * https://bugzilla.suse.com/show_bug.cgi?id=1218865 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 13 12:30:06 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 13 May 2024 12:30:06 -0000 Subject: SUSE-SU-2024:1622-1: important: Security update for giflib Message-ID: <171560340680.6034.11326658921121070013@smelt2.prg2.suse.org> # Security update for giflib Announcement ID: SUSE-SU-2024:1622-1 Rating: important References: * bsc#1094832 * bsc#1200551 Cross-References: * CVE-2018-11490 * CVE-2021-40633 CVSS scores: * CVE-2018-11490 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2018-11490 ( SUSE ): 4.0 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2018-11490 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2018-11490 ( NVD ): 8.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2021-40633 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2021-40633 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 An update that solves two vulnerabilities can now be installed. ## Description: This update for giflib fixes the following issues: * CVE-2018-11490: Fixed a heap-based buffer overflow in DGifDecompressLine() (bsc#1094832) * CVE-2021-40633: Fixed a denial of service from excessive memory (bsc#1200551) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-1622=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1622=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1622=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1622=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * giflib-devel-5.0.5-13.3.1 * giflib-debugsource-5.0.5-13.3.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * libgif6-5.0.5-13.3.1 * giflib-progs-debuginfo-5.0.5-13.3.1 * giflib-progs-5.0.5-13.3.1 * giflib-debugsource-5.0.5-13.3.1 * libgif6-debuginfo-5.0.5-13.3.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (x86_64) * libgif6-debuginfo-32bit-5.0.5-13.3.1 * libgif6-32bit-5.0.5-13.3.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * libgif6-5.0.5-13.3.1 * giflib-progs-debuginfo-5.0.5-13.3.1 * giflib-progs-5.0.5-13.3.1 * giflib-debugsource-5.0.5-13.3.1 * libgif6-debuginfo-5.0.5-13.3.1 * SUSE Linux Enterprise Server 12 SP5 (s390x x86_64) * libgif6-debuginfo-32bit-5.0.5-13.3.1 * libgif6-32bit-5.0.5-13.3.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * libgif6-5.0.5-13.3.1 * giflib-progs-debuginfo-5.0.5-13.3.1 * giflib-progs-5.0.5-13.3.1 * giflib-debugsource-5.0.5-13.3.1 * libgif6-debuginfo-5.0.5-13.3.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (x86_64) * libgif6-debuginfo-32bit-5.0.5-13.3.1 * libgif6-32bit-5.0.5-13.3.1 ## References: * https://www.suse.com/security/cve/CVE-2018-11490.html * https://www.suse.com/security/cve/CVE-2021-40633.html * https://bugzilla.suse.com/show_bug.cgi?id=1094832 * https://bugzilla.suse.com/show_bug.cgi?id=1200551 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 13 16:30:02 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 13 May 2024 16:30:02 -0000 Subject: SUSE-SU-2024:1627-1: important: Security update for apache2 Message-ID: <171561780241.10640.14174226980905018800@smelt2.prg2.suse.org> # Security update for apache2 Announcement ID: SUSE-SU-2024:1627-1 Rating: important References: * bsc#1221401 * bsc#1222330 * bsc#1222332 Cross-References: * CVE-2023-38709 * CVE-2024-24795 * CVE-2024-27316 CVSS scores: * CVE-2023-38709 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2024-24795 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2024-27316 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 An update that solves three vulnerabilities can now be installed. ## Description: This update for apache2 fixes the following issues: * CVE-2023-38709: Fixed faulty input validation inside the HTTP response splitting code (bsc#1222330). * CVE-2024-24795: Fixed handling of malicious HTTP splitting response headers in multiple modules (bsc#1222332). * CVE-2024-27316: Fixed HTTP/2 CONTINUATION frames that could have been utilized for DoS attacks (bsc#1221401). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-1627=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1627=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1627=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1627=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * apache2-tls13-devel-2.4.51-35.41.1 * apache2-tls13-debugsource-2.4.51-35.41.1 * apache2-devel-2.4.51-35.41.1 * apache2-tls13-debuginfo-2.4.51-35.41.1 * apache2-debugsource-2.4.51-35.41.1 * apache2-debuginfo-2.4.51-35.41.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * apache2-utils-2.4.51-35.41.1 * apache2-tls13-debugsource-2.4.51-35.41.1 * apache2-worker-2.4.51-35.41.1 * apache2-worker-debuginfo-2.4.51-35.41.1 * apache2-example-pages-2.4.51-35.41.1 * apache2-utils-debuginfo-2.4.51-35.41.1 * apache2-prefork-debuginfo-2.4.51-35.41.1 * apache2-tls13-2.4.51-35.41.1 * apache2-tls13-debuginfo-2.4.51-35.41.1 * apache2-tls13-prefork-debuginfo-2.4.51-35.41.1 * apache2-2.4.51-35.41.1 * apache2-tls13-example-pages-2.4.51-35.41.1 * apache2-tls13-prefork-2.4.51-35.41.1 * apache2-debugsource-2.4.51-35.41.1 * apache2-debuginfo-2.4.51-35.41.1 * apache2-tls13-utils-2.4.51-35.41.1 * apache2-tls13-worker-2.4.51-35.41.1 * apache2-tls13-utils-debuginfo-2.4.51-35.41.1 * apache2-tls13-worker-debuginfo-2.4.51-35.41.1 * apache2-prefork-2.4.51-35.41.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (noarch) * apache2-doc-2.4.51-35.41.1 * apache2-tls13-doc-2.4.51-35.41.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * apache2-utils-2.4.51-35.41.1 * apache2-tls13-debugsource-2.4.51-35.41.1 * apache2-worker-2.4.51-35.41.1 * apache2-worker-debuginfo-2.4.51-35.41.1 * apache2-example-pages-2.4.51-35.41.1 * apache2-utils-debuginfo-2.4.51-35.41.1 * apache2-prefork-debuginfo-2.4.51-35.41.1 * apache2-tls13-2.4.51-35.41.1 * apache2-tls13-debuginfo-2.4.51-35.41.1 * apache2-tls13-prefork-debuginfo-2.4.51-35.41.1 * apache2-2.4.51-35.41.1 * apache2-tls13-example-pages-2.4.51-35.41.1 * apache2-tls13-prefork-2.4.51-35.41.1 * apache2-debugsource-2.4.51-35.41.1 * apache2-debuginfo-2.4.51-35.41.1 * apache2-tls13-utils-2.4.51-35.41.1 * apache2-tls13-worker-2.4.51-35.41.1 * apache2-tls13-utils-debuginfo-2.4.51-35.41.1 * apache2-tls13-worker-debuginfo-2.4.51-35.41.1 * apache2-prefork-2.4.51-35.41.1 * SUSE Linux Enterprise Server 12 SP5 (noarch) * apache2-doc-2.4.51-35.41.1 * apache2-tls13-doc-2.4.51-35.41.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * apache2-utils-2.4.51-35.41.1 * apache2-tls13-debugsource-2.4.51-35.41.1 * apache2-worker-2.4.51-35.41.1 * apache2-worker-debuginfo-2.4.51-35.41.1 * apache2-example-pages-2.4.51-35.41.1 * apache2-utils-debuginfo-2.4.51-35.41.1 * apache2-prefork-debuginfo-2.4.51-35.41.1 * apache2-tls13-2.4.51-35.41.1 * apache2-tls13-debuginfo-2.4.51-35.41.1 * apache2-tls13-prefork-debuginfo-2.4.51-35.41.1 * apache2-2.4.51-35.41.1 * apache2-tls13-example-pages-2.4.51-35.41.1 * apache2-tls13-prefork-2.4.51-35.41.1 * apache2-debugsource-2.4.51-35.41.1 * apache2-debuginfo-2.4.51-35.41.1 * apache2-tls13-utils-2.4.51-35.41.1 * apache2-tls13-worker-2.4.51-35.41.1 * apache2-tls13-utils-debuginfo-2.4.51-35.41.1 * apache2-tls13-worker-debuginfo-2.4.51-35.41.1 * apache2-prefork-2.4.51-35.41.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (noarch) * apache2-doc-2.4.51-35.41.1 * apache2-tls13-doc-2.4.51-35.41.1 ## References: * https://www.suse.com/security/cve/CVE-2023-38709.html * https://www.suse.com/security/cve/CVE-2024-24795.html * https://www.suse.com/security/cve/CVE-2024-27316.html * https://bugzilla.suse.com/show_bug.cgi?id=1221401 * https://bugzilla.suse.com/show_bug.cgi?id=1222330 * https://bugzilla.suse.com/show_bug.cgi?id=1222332 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 13 16:30:04 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 13 May 2024 16:30:04 -0000 Subject: SUSE-SU-2024:1626-1: important: Security update for python-pyOpenSSL Message-ID: <171561780423.10640.1376476386691849384@smelt2.prg2.suse.org> # Security update for python-pyOpenSSL Announcement ID: SUSE-SU-2024:1626-1 Rating: important References: * bsc#1021578 * bsc#1111634 * bsc#1111635 Cross-References: * CVE-2018-1000807 * CVE-2018-1000808 CVSS scores: * CVE-2018-1000807 ( SUSE ): 8.1 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2018-1000807 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2018-1000807 ( NVD ): 8.1 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2018-1000808 ( SUSE ): 3.7 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2018-1000808 ( NVD ): 5.9 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves two vulnerabilities and has one security fix can now be installed. ## Description: This update for python-pyOpenSSL fixes the following issues: * CVE-2018-1000807: Fixed a use-after-free in X509 object handling (bsc#1111635) * CVE-2018-1000808: Fixed a use-after-free in PKCS #12 Store (bsc#1111634) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1626=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1626=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1626=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 12 SP5 (noarch) * python3-pyOpenSSL-17.1.0-4.26.1 * python-pyOpenSSL-17.1.0-4.26.1 * SUSE Linux Enterprise Server 12 SP5 (noarch) * python3-pyOpenSSL-17.1.0-4.26.1 * python-pyOpenSSL-17.1.0-4.26.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (noarch) * python3-pyOpenSSL-17.1.0-4.26.1 * python-pyOpenSSL-17.1.0-4.26.1 ## References: * https://www.suse.com/security/cve/CVE-2018-1000807.html * https://www.suse.com/security/cve/CVE-2018-1000808.html * https://bugzilla.suse.com/show_bug.cgi?id=1021578 * https://bugzilla.suse.com/show_bug.cgi?id=1111634 * https://bugzilla.suse.com/show_bug.cgi?id=1111635 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 13 16:30:05 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 13 May 2024 16:30:05 -0000 Subject: SUSE-SU-2024:1625-1: moderate: Security update for opensc Message-ID: <171561780568.10640.13538890566647397904@smelt2.prg2.suse.org> # Security update for opensc Announcement ID: SUSE-SU-2024:1625-1 Rating: moderate References: * bsc#1219386 Cross-References: * CVE-2023-5992 CVSS scores: * CVE-2023-5992 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N * CVE-2023-5992 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for opensc fixes the following issues: * CVE-2023-5992: Fixed a side-channel leaks while stripping encryption PKCS#1 padding (bsc#1219386) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1625=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1625=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1625=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * opensc-0.13.0-3.28.1 * opensc-debuginfo-0.13.0-3.28.1 * opensc-debugsource-0.13.0-3.28.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * opensc-0.13.0-3.28.1 * opensc-debuginfo-0.13.0-3.28.1 * opensc-debugsource-0.13.0-3.28.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * opensc-0.13.0-3.28.1 * opensc-debuginfo-0.13.0-3.28.1 * opensc-debugsource-0.13.0-3.28.1 ## References: * https://www.suse.com/security/cve/CVE-2023-5992.html * https://bugzilla.suse.com/show_bug.cgi?id=1219386 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 13 16:30:07 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 13 May 2024 16:30:07 -0000 Subject: SUSE-SU-2024:1624-1: important: Security update for python-Werkzeug Message-ID: <171561780730.10640.10063120644440642983@smelt2.prg2.suse.org> # Security update for python-Werkzeug Announcement ID: SUSE-SU-2024:1624-1 Rating: important References: * bsc#1223979 Cross-References: * CVE-2024-34069 CVSS scores: * CVE-2024-34069 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.3 * openSUSE Leap 15.5 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 * SUSE Package Hub 15 15-SP5 An update that solves one vulnerability can now be installed. ## Description: This update for python-Werkzeug fixes the following issues: * CVE-2024-34069: Fixed a remote code execution through debugger when interacting with attacker controlled domain (bsc#1223979). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-1624=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1624=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-1624=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-1624=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-1624=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-1624=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-1624=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-1624=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-1624=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-1624=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-1624=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-1624=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-1624=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-1624=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-1624=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-1624=1 ## Package List: * openSUSE Leap 15.3 (noarch) * python3-Werkzeug-1.0.1-150300.3.8.1 * python2-Werkzeug-1.0.1-150300.3.8.1 * openSUSE Leap 15.5 (noarch) * python3-Werkzeug-1.0.1-150300.3.8.1 * Basesystem Module 15-SP5 (noarch) * python3-Werkzeug-1.0.1-150300.3.8.1 * SUSE Package Hub 15 15-SP5 (noarch) * python2-Werkzeug-1.0.1-150300.3.8.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * python3-Werkzeug-1.0.1-150300.3.8.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * python3-Werkzeug-1.0.1-150300.3.8.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * python3-Werkzeug-1.0.1-150300.3.8.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (noarch) * python3-Werkzeug-1.0.1-150300.3.8.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch) * python3-Werkzeug-1.0.1-150300.3.8.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch) * python3-Werkzeug-1.0.1-150300.3.8.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * python3-Werkzeug-1.0.1-150300.3.8.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * python3-Werkzeug-1.0.1-150300.3.8.1 * SUSE Manager Proxy 4.3 (noarch) * python3-Werkzeug-1.0.1-150300.3.8.1 * SUSE Manager Retail Branch Server 4.3 (noarch) * python3-Werkzeug-1.0.1-150300.3.8.1 * SUSE Manager Server 4.3 (noarch) * python3-Werkzeug-1.0.1-150300.3.8.1 * SUSE Enterprise Storage 7.1 (noarch) * python3-Werkzeug-1.0.1-150300.3.8.1 ## References: * https://www.suse.com/security/cve/CVE-2024-34069.html * https://bugzilla.suse.com/show_bug.cgi?id=1223979 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue May 14 08:30:04 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 14 May 2024 08:30:04 -0000 Subject: SUSE-SU-2024:1630-1: important: Security update for perl Message-ID: <171567540468.19724.3454335000768072015@smelt2.prg2.suse.org> # Security update for perl Announcement ID: SUSE-SU-2024:1630-1 Rating: important References: * bsc#1047178 * bsc#1082216 * bsc#1082233 * bsc#1210999 Cross-References: * CVE-2017-6512 * CVE-2018-6798 * CVE-2018-6913 * CVE-2023-31484 CVSS scores: * CVE-2017-6512 ( SUSE ): 5.1 CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2017-6512 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2017-6512 ( NVD ): 5.9 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2018-6798 ( NVD ): 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2018-6913 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2018-6913 ( NVD ): 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2023-31484 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2023-31484 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 An update that solves four vulnerabilities can now be installed. ## Description: This update for perl fixes the following issues: Security issues fixed: * CVE-2018-6913: Fixed space calculation issues in pp_pack.c (bsc#1082216) * CVE-2018-6798: Fixed heap buffer overflow in regexec.c (bsc#1082233) * CVE-2023-31484: Enabled TLS certificate verification in CPAN (bsc#1210999) * CVE-2017-6512: Fixed File::Path rmtree/remove_tree race condition (bsc#1047178) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-1630=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-1630=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-1630=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * perl-base-5.26.1-150000.7.18.1 * perl-debuginfo-5.26.1-150000.7.18.1 * perl-5.26.1-150000.7.18.1 * perl-base-debuginfo-5.26.1-150000.7.18.1 * perl-debugsource-5.26.1-150000.7.18.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (noarch) * perl-doc-5.26.1-150000.7.18.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (x86_64) * perl-32bit-debuginfo-5.26.1-150000.7.18.1 * perl-base-32bit-5.26.1-150000.7.18.1 * perl-base-32bit-debuginfo-5.26.1-150000.7.18.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * perl-base-5.26.1-150000.7.18.1 * perl-debuginfo-5.26.1-150000.7.18.1 * perl-5.26.1-150000.7.18.1 * perl-base-debuginfo-5.26.1-150000.7.18.1 * perl-debugsource-5.26.1-150000.7.18.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (noarch) * perl-doc-5.26.1-150000.7.18.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (x86_64) * perl-32bit-debuginfo-5.26.1-150000.7.18.1 * perl-base-32bit-5.26.1-150000.7.18.1 * perl-base-32bit-debuginfo-5.26.1-150000.7.18.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * perl-base-5.26.1-150000.7.18.1 * perl-debuginfo-5.26.1-150000.7.18.1 * perl-5.26.1-150000.7.18.1 * perl-base-debuginfo-5.26.1-150000.7.18.1 * perl-debugsource-5.26.1-150000.7.18.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (noarch) * perl-doc-5.26.1-150000.7.18.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (x86_64) * perl-32bit-debuginfo-5.26.1-150000.7.18.1 * perl-base-32bit-5.26.1-150000.7.18.1 * perl-base-32bit-debuginfo-5.26.1-150000.7.18.1 ## References: * https://www.suse.com/security/cve/CVE-2017-6512.html * https://www.suse.com/security/cve/CVE-2018-6798.html * https://www.suse.com/security/cve/CVE-2018-6913.html * https://www.suse.com/security/cve/CVE-2023-31484.html * https://bugzilla.suse.com/show_bug.cgi?id=1047178 * https://bugzilla.suse.com/show_bug.cgi?id=1082216 * https://bugzilla.suse.com/show_bug.cgi?id=1082233 * https://bugzilla.suse.com/show_bug.cgi?id=1210999 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue May 14 08:30:07 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 14 May 2024 08:30:07 -0000 Subject: SUSE-SU-2024:1629-1: moderate: Security update for SUSE Manager Client Tools Beta Message-ID: <171567540796.19724.16014586733983194197@smelt2.prg2.suse.org> # Security update for SUSE Manager Client Tools Beta Announcement ID: SUSE-SU-2024:1629-1 Rating: moderate References: * bsc#1014637 * bsc#1156309 * jsc#MSQA-775 Cross-References: * CVE-2016-9566 * CVE-2019-3698 CVSS scores: * CVE-2016-9566 ( SUSE ): 7.3 CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H * CVE-2016-9566 ( NVD ): 7.8 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2019-3698 ( SUSE ): 4.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2019-3698 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * Advanced Systems Management Module 12 * Containers Module 12 * SUSE Linux Enterprise Desktop 12 * SUSE Linux Enterprise Desktop 12 SP1 * SUSE Linux Enterprise Desktop 12 SP2 * SUSE Linux Enterprise Desktop 12 SP3 * SUSE Linux Enterprise Desktop 12 SP4 * SUSE Linux Enterprise High Performance Computing 12 SP2 * SUSE Linux Enterprise High Performance Computing 12 SP3 * SUSE Linux Enterprise High Performance Computing 12 SP4 * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 * SUSE Linux Enterprise Server 12 SP1 * SUSE Linux Enterprise Server 12 SP2 * SUSE Linux Enterprise Server 12 SP3 * SUSE Linux Enterprise Server 12 SP4 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 * SUSE Linux Enterprise Server for SAP Applications 12 SP1 * SUSE Linux Enterprise Server for SAP Applications 12 SP2 * SUSE Linux Enterprise Server for SAP Applications 12 SP3 * SUSE Linux Enterprise Server for SAP Applications 12 SP4 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Server for the Raspberry Pi 12-SP2 * SUSE Linux Enterprise Software Development Kit 12 SP5 * SUSE Linux Enterprise Workstation Extension 12 12-SP5 * SUSE Manager Client Tools Beta for SLE 12 * SUSE Manager Client Tools for SLE 12 An update that solves two vulnerabilities and contains one feature can now be installed. ## Description: This update for SUSE Manager Client Tools Beta fixes the following issues: * Changed codestream origin of SUSE Manager Client Tools Beta (no source changes) icinga in SUSE Manager Client Tools Beta also received the following security fixes: * CVE-2016-9566: Fixed root privilege escalation (bsc#1014637) * CVE-2019-3698 : Symbolic Link (Symlink) following vulnerability in the cronjob allows local attackers to cause cause DoS or potentially escalate privileges by winning a race (bsc#1156309) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Client Tools for SLE 12 zypper in -t patch SUSE-SLE-Manager-Tools-12-2024-1629=1 * SUSE Manager Client Tools Beta for SLE 12 zypper in -t patch SUSE-SLE-Manager-Tools-12-BETA-2024-1629=1 * Advanced Systems Management Module 12 zypper in -t patch SUSE-SLE-Module-Adv-Systems-Management-12-2024-1629=1 * Containers Module 12 zypper in -t patch SUSE-SLE-Module-Containers-12-2024-1629=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1629=1 SUSE-SLE- SAP-12-SP5-2024-1629=1 * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-1629=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1629=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1629=1 * SUSE Linux Enterprise Workstation Extension 12 12-SP5 zypper in -t patch SUSE-SLE-WE-12-SP5-2024-1629=1 ## Package List: * SUSE Manager Client Tools for SLE 12 (noarch) * grafana-sap-providers-1.1-1.7.1 * hwdata-0.314-10.14.1 * sysuser-shadow-2.0-1.9.1 * grafana-sap-netweaver-dashboards-1.0.3+git.1601889366.9f71957-1.10.1 * grafana-ha-cluster-dashboards-1.1.0+git.1605027022.a84d536-1.10.1 * grafana-sleha-provider-1.1.0+git.1605027022.a84d536-1.10.1 * SUSE Manager Client Tools for SLE 12 (aarch64 ppc64le s390x x86_64) * icinga-debugsource-1.13.3-12.8.1 * icinga-www-1.13.3-12.8.1 * libzmq3-4.0.4-15.8.1 * icinga-plugins-eventhandlers-1.13.3-12.8.1 * icinga-idoutils-oracle-1.13.3-12.8.1 * icinga-1.13.3-12.8.1 * icinga-devel-1.13.3-12.8.1 * icinga-idoutils-pgsql-1.13.3-12.8.1 * monitoring-tools-1.13.3-12.8.1 * icinga-debuginfo-1.13.3-12.8.1 * zeromq-debugsource-4.0.4-15.8.1 * icinga-plugins-downtimes-1.13.3-12.8.1 * icinga-idoutils-mysql-1.13.3-12.8.1 * icinga-idoutils-1.13.3-12.8.1 * icinga-www-config-1.13.3-12.8.1 * icinga-doc-1.13.3-12.8.1 * libzmq3-debuginfo-4.0.4-15.8.1 * SUSE Manager Client Tools Beta for SLE 12 (noarch) * grafana-sap-providers-1.1-1.7.1 * sysuser-shadow-2.0-1.9.1 * grafana-sap-netweaver-dashboards-1.0.3+git.1601889366.9f71957-1.10.1 * grafana-ha-cluster-dashboards-1.1.0+git.1605027022.a84d536-1.10.1 * grafana-sleha-provider-1.1.0+git.1605027022.a84d536-1.10.1 * SUSE Manager Client Tools Beta for SLE 12 (aarch64 ppc64le s390x x86_64) * icinga-debugsource-1.13.3-12.8.1 * icinga-www-1.13.3-12.8.1 * libzmq3-4.0.4-15.8.1 * icinga-plugins-eventhandlers-1.13.3-12.8.1 * icinga-idoutils-oracle-1.13.3-12.8.1 * icinga-1.13.3-12.8.1 * icinga-devel-1.13.3-12.8.1 * icinga-idoutils-pgsql-1.13.3-12.8.1 * monitoring-tools-1.13.3-12.8.1 * icinga-debuginfo-1.13.3-12.8.1 * zeromq-debugsource-4.0.4-15.8.1 * icinga-plugins-downtimes-1.13.3-12.8.1 * icinga-idoutils-mysql-1.13.3-12.8.1 * icinga-idoutils-1.13.3-12.8.1 * icinga-www-config-1.13.3-12.8.1 * icinga-doc-1.13.3-12.8.1 * libzmq3-debuginfo-4.0.4-15.8.1 * Advanced Systems Management Module 12 (ppc64le s390x x86_64) * libzmq3-4.0.4-15.8.1 * libzmq3-debuginfo-4.0.4-15.8.1 * zeromq-debugsource-4.0.4-15.8.1 * Containers Module 12 (noarch) * sysuser-shadow-2.0-1.9.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (noarch) * grafana-sap-providers-1.1-1.7.1 * sysuser-shadow-2.0-1.9.1 * grafana-sap-netweaver-dashboards-1.0.3+git.1601889366.9f71957-1.10.1 * grafana-ha-cluster-dashboards-1.1.0+git.1605027022.a84d536-1.10.1 * grafana-sleha-provider-1.1.0+git.1605027022.a84d536-1.10.1 * sysuser-tools-2.0-1.9.1 * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * libzmq3-4.0.4-15.8.1 * zeromq-devel-4.0.4-15.8.1 * libzmq3-debuginfo-4.0.4-15.8.1 * zeromq-debugsource-4.0.4-15.8.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (noarch) * sysuser-shadow-2.0-1.9.1 * sysuser-tools-2.0-1.9.1 * SUSE Linux Enterprise Server 12 SP5 (noarch) * sysuser-shadow-2.0-1.9.1 * sysuser-tools-2.0-1.9.1 * SUSE Linux Enterprise Workstation Extension 12 12-SP5 (x86_64) * libzmq3-4.0.4-15.8.1 * libzmq3-debuginfo-4.0.4-15.8.1 * zeromq-debugsource-4.0.4-15.8.1 ## References: * https://www.suse.com/security/cve/CVE-2016-9566.html * https://www.suse.com/security/cve/CVE-2019-3698.html * https://bugzilla.suse.com/show_bug.cgi?id=1014637 * https://bugzilla.suse.com/show_bug.cgi?id=1156309 * https://jira.suse.com/browse/MSQA-775 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue May 14 12:30:03 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 14 May 2024 12:30:03 -0000 Subject: SUSE-SU-2024:1636-1: moderate: Security update for tpm2.0-tools Message-ID: <171568980369.7579.1349491009877447629@smelt2.prg2.suse.org> # Security update for tpm2.0-tools Announcement ID: SUSE-SU-2024:1636-1 Rating: moderate References: * bsc#1223687 * bsc#1223689 Cross-References: * CVE-2024-29038 * CVE-2024-29039 CVSS scores: * CVE-2024-29038 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2024-29039 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap Micro 5.3 * openSUSE Leap Micro 5.4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves two vulnerabilities can now be installed. ## Description: This update for tpm2.0-tools fixes the following issues: * CVE-2024-29038: Fixed arbitrary quote data validation by tpm2_checkquote (bsc#1223687). * CVE-2024-29039: Fixed pcr selection value to be compared with the attest (bsc#1223689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-1636=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-1636=1 * openSUSE Leap Micro 5.3 zypper in -t patch openSUSE-Leap-Micro-5.3-2024-1636=1 * openSUSE Leap Micro 5.4 zypper in -t patch openSUSE-Leap-Micro-5.4-2024-1636=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1636=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-1636=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-1636=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-1636=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-1636=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-1636=1 ## Package List: * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * tpm2.0-tools-debugsource-5.2-150400.6.3.1 * tpm2.0-tools-5.2-150400.6.3.1 * tpm2.0-tools-debuginfo-5.2-150400.6.3.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * tpm2.0-tools-debugsource-5.2-150400.6.3.1 * tpm2.0-tools-5.2-150400.6.3.1 * tpm2.0-tools-debuginfo-5.2-150400.6.3.1 * openSUSE Leap Micro 5.3 (aarch64 x86_64) * tpm2.0-tools-debugsource-5.2-150400.6.3.1 * tpm2.0-tools-5.2-150400.6.3.1 * tpm2.0-tools-debuginfo-5.2-150400.6.3.1 * openSUSE Leap Micro 5.4 (aarch64 s390x x86_64) * tpm2.0-tools-debugsource-5.2-150400.6.3.1 * tpm2.0-tools-5.2-150400.6.3.1 * tpm2.0-tools-debuginfo-5.2-150400.6.3.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * tpm2.0-tools-debugsource-5.2-150400.6.3.1 * tpm2.0-tools-5.2-150400.6.3.1 * tpm2.0-tools-debuginfo-5.2-150400.6.3.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * tpm2.0-tools-debugsource-5.2-150400.6.3.1 * tpm2.0-tools-5.2-150400.6.3.1 * tpm2.0-tools-debuginfo-5.2-150400.6.3.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * tpm2.0-tools-debugsource-5.2-150400.6.3.1 * tpm2.0-tools-5.2-150400.6.3.1 * tpm2.0-tools-debuginfo-5.2-150400.6.3.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * tpm2.0-tools-debugsource-5.2-150400.6.3.1 * tpm2.0-tools-5.2-150400.6.3.1 * tpm2.0-tools-debuginfo-5.2-150400.6.3.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * tpm2.0-tools-debugsource-5.2-150400.6.3.1 * tpm2.0-tools-5.2-150400.6.3.1 * tpm2.0-tools-debuginfo-5.2-150400.6.3.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 s390x x86_64) * tpm2.0-tools-debugsource-5.2-150400.6.3.1 * tpm2.0-tools-5.2-150400.6.3.1 * tpm2.0-tools-debuginfo-5.2-150400.6.3.1 ## References: * https://www.suse.com/security/cve/CVE-2024-29038.html * https://www.suse.com/security/cve/CVE-2024-29039.html * https://bugzilla.suse.com/show_bug.cgi?id=1223687 * https://bugzilla.suse.com/show_bug.cgi?id=1223689 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue May 14 12:30:07 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 14 May 2024 12:30:07 -0000 Subject: SUSE-SU-2024:1635-1: moderate: Security update for tpm2-0-tss Message-ID: <171568980752.7579.4413183691377739521@smelt2.prg2.suse.org> # Security update for tpm2-0-tss Announcement ID: SUSE-SU-2024:1635-1 Rating: moderate References: * bsc#1223690 Cross-References: * CVE-2024-29040 CVSS scores: * CVE-2024-29040 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap Micro 5.3 * openSUSE Leap Micro 5.4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for tpm2-0-tss fixes the following issues: * CVE-2024-29040: Fixed quote data validation by Fapi_VerifyQuote (bsc#1223690). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-1635=1 * openSUSE Leap Micro 5.3 zypper in -t patch openSUSE-Leap-Micro-5.3-2024-1635=1 * openSUSE Leap Micro 5.4 zypper in -t patch openSUSE-Leap-Micro-5.4-2024-1635=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1635=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-1635=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-1635=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-1635=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-1635=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-1635=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-1635=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * libtss2-sys1-debuginfo-3.1.0-150400.3.6.1 * tpm2-0-tss-devel-3.1.0-150400.3.6.1 * libtss2-tcti-swtpm0-debuginfo-3.1.0-150400.3.6.1 * libtss2-tcti-mssim0-3.1.0-150400.3.6.1 * tpm2-0-tss-3.1.0-150400.3.6.1 * libtss2-tctildr0-3.1.0-150400.3.6.1 * tpm2-0-tss-debugsource-3.1.0-150400.3.6.1 * libtss2-tctildr0-debuginfo-3.1.0-150400.3.6.1 * libtss2-esys0-debuginfo-3.1.0-150400.3.6.1 * libtss2-tcti-device0-3.1.0-150400.3.6.1 * libtss2-esys0-3.1.0-150400.3.6.1 * libtss2-rc0-3.1.0-150400.3.6.1 * libtss2-tcti-cmd0-3.1.0-150400.3.6.1 * libtss2-tcti-pcap0-3.1.0-150400.3.6.1 * libtss2-tcti-swtpm0-3.1.0-150400.3.6.1 * libtss2-fapi1-debuginfo-3.1.0-150400.3.6.1 * libtss2-rc0-debuginfo-3.1.0-150400.3.6.1 * libtss2-mu0-3.1.0-150400.3.6.1 * libtss2-mu0-debuginfo-3.1.0-150400.3.6.1 * libtss2-tcti-cmd0-debuginfo-3.1.0-150400.3.6.1 * libtss2-tcti-mssim0-debuginfo-3.1.0-150400.3.6.1 * libtss2-sys1-3.1.0-150400.3.6.1 * libtss2-fapi1-3.1.0-150400.3.6.1 * libtss2-tcti-device0-debuginfo-3.1.0-150400.3.6.1 * libtss2-tcti-pcap0-debuginfo-3.1.0-150400.3.6.1 * openSUSE Leap 15.4 (x86_64) * libtss2-rc0-32bit-3.1.0-150400.3.6.1 * libtss2-esys0-32bit-debuginfo-3.1.0-150400.3.6.1 * libtss2-sys1-32bit-3.1.0-150400.3.6.1 * libtss2-rc0-32bit-debuginfo-3.1.0-150400.3.6.1 * libtss2-fapi1-32bit-debuginfo-3.1.0-150400.3.6.1 * libtss2-tcti-mssim0-32bit-debuginfo-3.1.0-150400.3.6.1 * libtss2-fapi1-32bit-3.1.0-150400.3.6.1 * libtss2-tcti-swtpm0-32bit-debuginfo-3.1.0-150400.3.6.1 * libtss2-tcti-swtpm0-32bit-3.1.0-150400.3.6.1 * libtss2-tctildr0-32bit-debuginfo-3.1.0-150400.3.6.1 * libtss2-mu0-32bit-3.1.0-150400.3.6.1 * libtss2-tcti-device0-32bit-debuginfo-3.1.0-150400.3.6.1 * libtss2-tcti-device0-32bit-3.1.0-150400.3.6.1 * libtss2-mu0-32bit-debuginfo-3.1.0-150400.3.6.1 * libtss2-tcti-cmd0-32bit-3.1.0-150400.3.6.1 * libtss2-esys0-32bit-3.1.0-150400.3.6.1 * libtss2-tcti-cmd0-32bit-debuginfo-3.1.0-150400.3.6.1 * libtss2-sys1-32bit-debuginfo-3.1.0-150400.3.6.1 * libtss2-tctildr0-32bit-3.1.0-150400.3.6.1 * libtss2-tcti-mssim0-32bit-3.1.0-150400.3.6.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libtss2-rc0-64bit-debuginfo-3.1.0-150400.3.6.1 * libtss2-tcti-device0-64bit-debuginfo-3.1.0-150400.3.6.1 * libtss2-mu0-64bit-debuginfo-3.1.0-150400.3.6.1 * libtss2-tcti-swtpm0-64bit-debuginfo-3.1.0-150400.3.6.1 * libtss2-tcti-cmd0-64bit-debuginfo-3.1.0-150400.3.6.1 * libtss2-esys0-64bit-3.1.0-150400.3.6.1 * libtss2-tctildr0-64bit-debuginfo-3.1.0-150400.3.6.1 * libtss2-fapi1-64bit-debuginfo-3.1.0-150400.3.6.1 * libtss2-tcti-mssim0-64bit-3.1.0-150400.3.6.1 * libtss2-tctildr0-64bit-3.1.0-150400.3.6.1 * libtss2-tcti-cmd0-64bit-3.1.0-150400.3.6.1 * libtss2-tcti-mssim0-64bit-debuginfo-3.1.0-150400.3.6.1 * libtss2-tcti-swtpm0-64bit-3.1.0-150400.3.6.1 * libtss2-esys0-64bit-debuginfo-3.1.0-150400.3.6.1 * libtss2-fapi1-64bit-3.1.0-150400.3.6.1 * libtss2-rc0-64bit-3.1.0-150400.3.6.1 * libtss2-mu0-64bit-3.1.0-150400.3.6.1 * libtss2-sys1-64bit-debuginfo-3.1.0-150400.3.6.1 * libtss2-tcti-device0-64bit-3.1.0-150400.3.6.1 * libtss2-sys1-64bit-3.1.0-150400.3.6.1 * openSUSE Leap Micro 5.3 (aarch64 x86_64) * libtss2-mu0-debuginfo-3.1.0-150400.3.6.1 * libtss2-sys1-3.1.0-150400.3.6.1 * libtss2-tctildr0-3.1.0-150400.3.6.1 * tpm2-0-tss-debugsource-3.1.0-150400.3.6.1 * libtss2-rc0-debuginfo-3.1.0-150400.3.6.1 * libtss2-tctildr0-debuginfo-3.1.0-150400.3.6.1 * libtss2-esys0-debuginfo-3.1.0-150400.3.6.1 * libtss2-fapi1-3.1.0-150400.3.6.1 * libtss2-tcti-device0-3.1.0-150400.3.6.1 * libtss2-esys0-3.1.0-150400.3.6.1 * libtss2-sys1-debuginfo-3.1.0-150400.3.6.1 * libtss2-mu0-3.1.0-150400.3.6.1 * libtss2-rc0-3.1.0-150400.3.6.1 * libtss2-tcti-device0-debuginfo-3.1.0-150400.3.6.1 * libtss2-fapi1-debuginfo-3.1.0-150400.3.6.1 * tpm2-0-tss-3.1.0-150400.3.6.1 * openSUSE Leap Micro 5.4 (aarch64 s390x x86_64) * libtss2-mu0-debuginfo-3.1.0-150400.3.6.1 * libtss2-sys1-3.1.0-150400.3.6.1 * libtss2-tctildr0-3.1.0-150400.3.6.1 * tpm2-0-tss-debugsource-3.1.0-150400.3.6.1 * libtss2-rc0-debuginfo-3.1.0-150400.3.6.1 * libtss2-tctildr0-debuginfo-3.1.0-150400.3.6.1 * libtss2-esys0-debuginfo-3.1.0-150400.3.6.1 * libtss2-fapi1-3.1.0-150400.3.6.1 * libtss2-tcti-device0-3.1.0-150400.3.6.1 * libtss2-esys0-3.1.0-150400.3.6.1 * libtss2-sys1-debuginfo-3.1.0-150400.3.6.1 * libtss2-mu0-3.1.0-150400.3.6.1 * libtss2-rc0-3.1.0-150400.3.6.1 * libtss2-tcti-device0-debuginfo-3.1.0-150400.3.6.1 * libtss2-fapi1-debuginfo-3.1.0-150400.3.6.1 * tpm2-0-tss-3.1.0-150400.3.6.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * libtss2-sys1-debuginfo-3.1.0-150400.3.6.1 * tpm2-0-tss-devel-3.1.0-150400.3.6.1 * libtss2-tcti-swtpm0-debuginfo-3.1.0-150400.3.6.1 * libtss2-tcti-mssim0-3.1.0-150400.3.6.1 * tpm2-0-tss-3.1.0-150400.3.6.1 * libtss2-tctildr0-3.1.0-150400.3.6.1 * tpm2-0-tss-debugsource-3.1.0-150400.3.6.1 * libtss2-tctildr0-debuginfo-3.1.0-150400.3.6.1 * libtss2-esys0-debuginfo-3.1.0-150400.3.6.1 * libtss2-tcti-device0-3.1.0-150400.3.6.1 * libtss2-esys0-3.1.0-150400.3.6.1 * libtss2-rc0-3.1.0-150400.3.6.1 * libtss2-tcti-cmd0-3.1.0-150400.3.6.1 * libtss2-tcti-pcap0-3.1.0-150400.3.6.1 * libtss2-tcti-swtpm0-3.1.0-150400.3.6.1 * libtss2-fapi1-debuginfo-3.1.0-150400.3.6.1 * libtss2-rc0-debuginfo-3.1.0-150400.3.6.1 * libtss2-mu0-3.1.0-150400.3.6.1 * libtss2-mu0-debuginfo-3.1.0-150400.3.6.1 * libtss2-tcti-cmd0-debuginfo-3.1.0-150400.3.6.1 * libtss2-tcti-mssim0-debuginfo-3.1.0-150400.3.6.1 * libtss2-sys1-3.1.0-150400.3.6.1 * libtss2-fapi1-3.1.0-150400.3.6.1 * libtss2-tcti-device0-debuginfo-3.1.0-150400.3.6.1 * libtss2-tcti-pcap0-debuginfo-3.1.0-150400.3.6.1 * openSUSE Leap 15.5 (x86_64) * libtss2-rc0-32bit-3.1.0-150400.3.6.1 * libtss2-esys0-32bit-debuginfo-3.1.0-150400.3.6.1 * libtss2-sys1-32bit-3.1.0-150400.3.6.1 * libtss2-rc0-32bit-debuginfo-3.1.0-150400.3.6.1 * libtss2-fapi1-32bit-debuginfo-3.1.0-150400.3.6.1 * libtss2-tcti-mssim0-32bit-debuginfo-3.1.0-150400.3.6.1 * libtss2-fapi1-32bit-3.1.0-150400.3.6.1 * libtss2-tcti-swtpm0-32bit-debuginfo-3.1.0-150400.3.6.1 * libtss2-tcti-swtpm0-32bit-3.1.0-150400.3.6.1 * libtss2-tctildr0-32bit-debuginfo-3.1.0-150400.3.6.1 * libtss2-mu0-32bit-3.1.0-150400.3.6.1 * libtss2-tcti-device0-32bit-debuginfo-3.1.0-150400.3.6.1 * libtss2-tcti-device0-32bit-3.1.0-150400.3.6.1 * libtss2-mu0-32bit-debuginfo-3.1.0-150400.3.6.1 * libtss2-tcti-cmd0-32bit-3.1.0-150400.3.6.1 * libtss2-esys0-32bit-3.1.0-150400.3.6.1 * libtss2-tcti-cmd0-32bit-debuginfo-3.1.0-150400.3.6.1 * libtss2-sys1-32bit-debuginfo-3.1.0-150400.3.6.1 * libtss2-tctildr0-32bit-3.1.0-150400.3.6.1 * libtss2-tcti-mssim0-32bit-3.1.0-150400.3.6.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * libtss2-mu0-debuginfo-3.1.0-150400.3.6.1 * libtss2-sys1-3.1.0-150400.3.6.1 * libtss2-tctildr0-3.1.0-150400.3.6.1 * tpm2-0-tss-debugsource-3.1.0-150400.3.6.1 * libtss2-rc0-debuginfo-3.1.0-150400.3.6.1 * libtss2-tctildr0-debuginfo-3.1.0-150400.3.6.1 * libtss2-esys0-debuginfo-3.1.0-150400.3.6.1 * libtss2-fapi1-3.1.0-150400.3.6.1 * libtss2-tcti-device0-3.1.0-150400.3.6.1 * libtss2-esys0-3.1.0-150400.3.6.1 * libtss2-sys1-debuginfo-3.1.0-150400.3.6.1 * libtss2-mu0-3.1.0-150400.3.6.1 * libtss2-rc0-3.1.0-150400.3.6.1 * libtss2-tcti-device0-debuginfo-3.1.0-150400.3.6.1 * libtss2-fapi1-debuginfo-3.1.0-150400.3.6.1 * tpm2-0-tss-3.1.0-150400.3.6.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * libtss2-mu0-debuginfo-3.1.0-150400.3.6.1 * libtss2-sys1-3.1.0-150400.3.6.1 * libtss2-tctildr0-3.1.0-150400.3.6.1 * tpm2-0-tss-debugsource-3.1.0-150400.3.6.1 * libtss2-rc0-debuginfo-3.1.0-150400.3.6.1 * libtss2-tctildr0-debuginfo-3.1.0-150400.3.6.1 * libtss2-esys0-debuginfo-3.1.0-150400.3.6.1 * libtss2-fapi1-3.1.0-150400.3.6.1 * libtss2-tcti-device0-3.1.0-150400.3.6.1 * libtss2-esys0-3.1.0-150400.3.6.1 * libtss2-sys1-debuginfo-3.1.0-150400.3.6.1 * libtss2-mu0-3.1.0-150400.3.6.1 * libtss2-rc0-3.1.0-150400.3.6.1 * libtss2-tcti-device0-debuginfo-3.1.0-150400.3.6.1 * libtss2-fapi1-debuginfo-3.1.0-150400.3.6.1 * tpm2-0-tss-3.1.0-150400.3.6.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * libtss2-mu0-debuginfo-3.1.0-150400.3.6.1 * libtss2-sys1-3.1.0-150400.3.6.1 * libtss2-tctildr0-3.1.0-150400.3.6.1 * tpm2-0-tss-debugsource-3.1.0-150400.3.6.1 * libtss2-rc0-debuginfo-3.1.0-150400.3.6.1 * libtss2-tctildr0-debuginfo-3.1.0-150400.3.6.1 * libtss2-esys0-debuginfo-3.1.0-150400.3.6.1 * libtss2-fapi1-3.1.0-150400.3.6.1 * libtss2-tcti-device0-3.1.0-150400.3.6.1 * libtss2-esys0-3.1.0-150400.3.6.1 * libtss2-sys1-debuginfo-3.1.0-150400.3.6.1 * libtss2-mu0-3.1.0-150400.3.6.1 * libtss2-rc0-3.1.0-150400.3.6.1 * libtss2-tcti-device0-debuginfo-3.1.0-150400.3.6.1 * libtss2-fapi1-debuginfo-3.1.0-150400.3.6.1 * tpm2-0-tss-3.1.0-150400.3.6.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * libtss2-mu0-debuginfo-3.1.0-150400.3.6.1 * libtss2-sys1-3.1.0-150400.3.6.1 * libtss2-tctildr0-3.1.0-150400.3.6.1 * tpm2-0-tss-debugsource-3.1.0-150400.3.6.1 * libtss2-rc0-debuginfo-3.1.0-150400.3.6.1 * libtss2-tctildr0-debuginfo-3.1.0-150400.3.6.1 * libtss2-esys0-debuginfo-3.1.0-150400.3.6.1 * libtss2-fapi1-3.1.0-150400.3.6.1 * libtss2-tcti-device0-3.1.0-150400.3.6.1 * libtss2-esys0-3.1.0-150400.3.6.1 * libtss2-sys1-debuginfo-3.1.0-150400.3.6.1 * libtss2-mu0-3.1.0-150400.3.6.1 * libtss2-rc0-3.1.0-150400.3.6.1 * libtss2-tcti-device0-debuginfo-3.1.0-150400.3.6.1 * libtss2-fapi1-debuginfo-3.1.0-150400.3.6.1 * tpm2-0-tss-3.1.0-150400.3.6.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 s390x x86_64) * libtss2-mu0-debuginfo-3.1.0-150400.3.6.1 * libtss2-sys1-3.1.0-150400.3.6.1 * libtss2-tctildr0-3.1.0-150400.3.6.1 * tpm2-0-tss-debugsource-3.1.0-150400.3.6.1 * libtss2-rc0-debuginfo-3.1.0-150400.3.6.1 * libtss2-tctildr0-debuginfo-3.1.0-150400.3.6.1 * libtss2-esys0-debuginfo-3.1.0-150400.3.6.1 * libtss2-fapi1-3.1.0-150400.3.6.1 * libtss2-tcti-device0-3.1.0-150400.3.6.1 * libtss2-esys0-3.1.0-150400.3.6.1 * libtss2-sys1-debuginfo-3.1.0-150400.3.6.1 * libtss2-mu0-3.1.0-150400.3.6.1 * libtss2-rc0-3.1.0-150400.3.6.1 * libtss2-tcti-device0-debuginfo-3.1.0-150400.3.6.1 * libtss2-fapi1-debuginfo-3.1.0-150400.3.6.1 * tpm2-0-tss-3.1.0-150400.3.6.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * libtss2-sys1-debuginfo-3.1.0-150400.3.6.1 * tpm2-0-tss-devel-3.1.0-150400.3.6.1 * libtss2-tcti-swtpm0-debuginfo-3.1.0-150400.3.6.1 * libtss2-tcti-mssim0-3.1.0-150400.3.6.1 * tpm2-0-tss-3.1.0-150400.3.6.1 * libtss2-tctildr0-3.1.0-150400.3.6.1 * tpm2-0-tss-debugsource-3.1.0-150400.3.6.1 * libtss2-tctildr0-debuginfo-3.1.0-150400.3.6.1 * libtss2-esys0-debuginfo-3.1.0-150400.3.6.1 * libtss2-tcti-device0-3.1.0-150400.3.6.1 * libtss2-esys0-3.1.0-150400.3.6.1 * libtss2-rc0-3.1.0-150400.3.6.1 * libtss2-tcti-cmd0-3.1.0-150400.3.6.1 * libtss2-tcti-pcap0-3.1.0-150400.3.6.1 * libtss2-tcti-swtpm0-3.1.0-150400.3.6.1 * libtss2-fapi1-debuginfo-3.1.0-150400.3.6.1 * libtss2-rc0-debuginfo-3.1.0-150400.3.6.1 * libtss2-mu0-3.1.0-150400.3.6.1 * libtss2-mu0-debuginfo-3.1.0-150400.3.6.1 * libtss2-tcti-cmd0-debuginfo-3.1.0-150400.3.6.1 * libtss2-tcti-mssim0-debuginfo-3.1.0-150400.3.6.1 * libtss2-sys1-3.1.0-150400.3.6.1 * libtss2-fapi1-3.1.0-150400.3.6.1 * libtss2-tcti-device0-debuginfo-3.1.0-150400.3.6.1 * libtss2-tcti-pcap0-debuginfo-3.1.0-150400.3.6.1 ## References: * https://www.suse.com/security/cve/CVE-2024-29040.html * https://bugzilla.suse.com/show_bug.cgi?id=1223690 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue May 14 12:30:09 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 14 May 2024 12:30:09 -0000 Subject: SUSE-SU-2024:1634-1: moderate: Security update for openssl-3 Message-ID: <171568980931.7579.8104301305824527939@smelt2.prg2.suse.org> # Security update for openssl-3 Announcement ID: SUSE-SU-2024:1634-1 Rating: moderate References: * bsc#1222548 Cross-References: * CVE-2024-2511 CVSS scores: * CVE-2024-2511 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for openssl-3 fixes the following issues: * CVE-2024-2511: Fixed unconstrained session cache growth in TLSv1.3 (bsc#1222548). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-1634=1 * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-1634=1 openSUSE-SLE-15.5-2024-1634=1 ## Package List: * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * libopenssl3-3.0.8-150500.5.30.1 * openssl-3-3.0.8-150500.5.30.1 * libopenssl3-debuginfo-3.0.8-150500.5.30.1 * openssl-3-debugsource-3.0.8-150500.5.30.1 * libopenssl-3-devel-3.0.8-150500.5.30.1 * openssl-3-debuginfo-3.0.8-150500.5.30.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * libopenssl3-3.0.8-150500.5.30.1 * openssl-3-3.0.8-150500.5.30.1 * libopenssl3-debuginfo-3.0.8-150500.5.30.1 * openssl-3-debugsource-3.0.8-150500.5.30.1 * libopenssl-3-devel-3.0.8-150500.5.30.1 * openssl-3-debuginfo-3.0.8-150500.5.30.1 * openSUSE Leap 15.5 (x86_64) * libopenssl3-32bit-3.0.8-150500.5.30.1 * libopenssl3-32bit-debuginfo-3.0.8-150500.5.30.1 * libopenssl-3-devel-32bit-3.0.8-150500.5.30.1 * openSUSE Leap 15.5 (noarch) * openssl-3-doc-3.0.8-150500.5.30.1 * openSUSE Leap 15.5 (aarch64_ilp32) * libopenssl-3-devel-64bit-3.0.8-150500.5.30.1 * libopenssl3-64bit-3.0.8-150500.5.30.1 * libopenssl3-64bit-debuginfo-3.0.8-150500.5.30.1 ## References: * https://www.suse.com/security/cve/CVE-2024-2511.html * https://bugzilla.suse.com/show_bug.cgi?id=1222548 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue May 14 12:30:11 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 14 May 2024 12:30:11 -0000 Subject: SUSE-SU-2024:1633-1: moderate: Security update for openssl-1_1 Message-ID: <171568981129.7579.10238250653285928083@smelt2.prg2.suse.org> # Security update for openssl-1_1 Announcement ID: SUSE-SU-2024:1633-1 Rating: moderate References: * bsc#1222548 Cross-References: * CVE-2024-2511 CVSS scores: * CVE-2024-2511 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves one vulnerability can now be installed. ## Description: This update for openssl-1_1 fixes the following issues: * CVE-2024-2511: Fixed unconstrained session cache growth in TLSv1.3 (bsc#1222548). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-1633=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-1633=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-1633=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-1633=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-1633=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-1633=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-1633=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-1633=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-1633=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-1633=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * libopenssl1_1-debuginfo-1.1.1d-150200.11.88.1 * libopenssl-1_1-devel-1.1.1d-150200.11.88.1 * libopenssl1_1-hmac-1.1.1d-150200.11.88.1 * openssl-1_1-debuginfo-1.1.1d-150200.11.88.1 * libopenssl1_1-1.1.1d-150200.11.88.1 * openssl-1_1-debugsource-1.1.1d-150200.11.88.1 * openssl-1_1-1.1.1d-150200.11.88.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (x86_64) * libopenssl1_1-hmac-32bit-1.1.1d-150200.11.88.1 * libopenssl1_1-32bit-debuginfo-1.1.1d-150200.11.88.1 * libopenssl1_1-32bit-1.1.1d-150200.11.88.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * libopenssl1_1-debuginfo-1.1.1d-150200.11.88.1 * libopenssl-1_1-devel-1.1.1d-150200.11.88.1 * libopenssl1_1-hmac-1.1.1d-150200.11.88.1 * openssl-1_1-debuginfo-1.1.1d-150200.11.88.1 * libopenssl1_1-1.1.1d-150200.11.88.1 * openssl-1_1-debugsource-1.1.1d-150200.11.88.1 * openssl-1_1-1.1.1d-150200.11.88.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * openssl-1_1-doc-1.1.1d-150200.11.88.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (x86_64) * libopenssl1_1-hmac-32bit-1.1.1d-150200.11.88.1 * libopenssl1_1-32bit-debuginfo-1.1.1d-150200.11.88.1 * libopenssl-1_1-devel-32bit-1.1.1d-150200.11.88.1 * libopenssl1_1-32bit-1.1.1d-150200.11.88.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * libopenssl1_1-debuginfo-1.1.1d-150200.11.88.1 * libopenssl-1_1-devel-1.1.1d-150200.11.88.1 * libopenssl1_1-hmac-1.1.1d-150200.11.88.1 * openssl-1_1-debuginfo-1.1.1d-150200.11.88.1 * libopenssl1_1-1.1.1d-150200.11.88.1 * openssl-1_1-debugsource-1.1.1d-150200.11.88.1 * openssl-1_1-1.1.1d-150200.11.88.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (x86_64) * libopenssl1_1-hmac-32bit-1.1.1d-150200.11.88.1 * libopenssl1_1-32bit-debuginfo-1.1.1d-150200.11.88.1 * libopenssl1_1-32bit-1.1.1d-150200.11.88.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * libopenssl1_1-debuginfo-1.1.1d-150200.11.88.1 * libopenssl-1_1-devel-1.1.1d-150200.11.88.1 * libopenssl1_1-hmac-1.1.1d-150200.11.88.1 * openssl-1_1-debuginfo-1.1.1d-150200.11.88.1 * libopenssl1_1-1.1.1d-150200.11.88.1 * openssl-1_1-debugsource-1.1.1d-150200.11.88.1 * openssl-1_1-1.1.1d-150200.11.88.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch) * openssl-1_1-doc-1.1.1d-150200.11.88.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (x86_64) * libopenssl1_1-hmac-32bit-1.1.1d-150200.11.88.1 * libopenssl1_1-32bit-debuginfo-1.1.1d-150200.11.88.1 * libopenssl-1_1-devel-32bit-1.1.1d-150200.11.88.1 * libopenssl1_1-32bit-1.1.1d-150200.11.88.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * libopenssl1_1-debuginfo-1.1.1d-150200.11.88.1 * libopenssl-1_1-devel-1.1.1d-150200.11.88.1 * libopenssl1_1-hmac-1.1.1d-150200.11.88.1 * openssl-1_1-debuginfo-1.1.1d-150200.11.88.1 * libopenssl1_1-1.1.1d-150200.11.88.1 * openssl-1_1-debugsource-1.1.1d-150200.11.88.1 * openssl-1_1-1.1.1d-150200.11.88.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (x86_64) * libopenssl1_1-hmac-32bit-1.1.1d-150200.11.88.1 * libopenssl1_1-32bit-debuginfo-1.1.1d-150200.11.88.1 * libopenssl1_1-32bit-1.1.1d-150200.11.88.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * libopenssl1_1-debuginfo-1.1.1d-150200.11.88.1 * libopenssl-1_1-devel-1.1.1d-150200.11.88.1 * libopenssl1_1-hmac-1.1.1d-150200.11.88.1 * openssl-1_1-debuginfo-1.1.1d-150200.11.88.1 * libopenssl1_1-1.1.1d-150200.11.88.1 * openssl-1_1-debugsource-1.1.1d-150200.11.88.1 * openssl-1_1-1.1.1d-150200.11.88.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * openssl-1_1-doc-1.1.1d-150200.11.88.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (x86_64) * libopenssl1_1-hmac-32bit-1.1.1d-150200.11.88.1 * libopenssl1_1-32bit-debuginfo-1.1.1d-150200.11.88.1 * libopenssl-1_1-devel-32bit-1.1.1d-150200.11.88.1 * libopenssl1_1-32bit-1.1.1d-150200.11.88.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * libopenssl1_1-debuginfo-1.1.1d-150200.11.88.1 * libopenssl-1_1-devel-1.1.1d-150200.11.88.1 * libopenssl1_1-hmac-1.1.1d-150200.11.88.1 * openssl-1_1-debuginfo-1.1.1d-150200.11.88.1 * libopenssl1_1-1.1.1d-150200.11.88.1 * openssl-1_1-debugsource-1.1.1d-150200.11.88.1 * openssl-1_1-1.1.1d-150200.11.88.1 * SUSE Enterprise Storage 7.1 (noarch) * openssl-1_1-doc-1.1.1d-150200.11.88.1 * SUSE Enterprise Storage 7.1 (x86_64) * libopenssl1_1-hmac-32bit-1.1.1d-150200.11.88.1 * libopenssl1_1-32bit-debuginfo-1.1.1d-150200.11.88.1 * libopenssl-1_1-devel-32bit-1.1.1d-150200.11.88.1 * libopenssl1_1-32bit-1.1.1d-150200.11.88.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * libopenssl1_1-debuginfo-1.1.1d-150200.11.88.1 * libopenssl-1_1-devel-1.1.1d-150200.11.88.1 * libopenssl1_1-hmac-1.1.1d-150200.11.88.1 * openssl-1_1-debuginfo-1.1.1d-150200.11.88.1 * libopenssl1_1-1.1.1d-150200.11.88.1 * openssl-1_1-debugsource-1.1.1d-150200.11.88.1 * openssl-1_1-1.1.1d-150200.11.88.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * libopenssl1_1-debuginfo-1.1.1d-150200.11.88.1 * libopenssl-1_1-devel-1.1.1d-150200.11.88.1 * libopenssl1_1-hmac-1.1.1d-150200.11.88.1 * openssl-1_1-debuginfo-1.1.1d-150200.11.88.1 * libopenssl1_1-1.1.1d-150200.11.88.1 * openssl-1_1-debugsource-1.1.1d-150200.11.88.1 * openssl-1_1-1.1.1d-150200.11.88.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * libopenssl1_1-debuginfo-1.1.1d-150200.11.88.1 * libopenssl-1_1-devel-1.1.1d-150200.11.88.1 * libopenssl1_1-hmac-1.1.1d-150200.11.88.1 * openssl-1_1-debuginfo-1.1.1d-150200.11.88.1 * libopenssl1_1-1.1.1d-150200.11.88.1 * openssl-1_1-debugsource-1.1.1d-150200.11.88.1 * openssl-1_1-1.1.1d-150200.11.88.1 ## References: * https://www.suse.com/security/cve/CVE-2024-2511.html * https://bugzilla.suse.com/show_bug.cgi?id=1222548 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue May 14 16:30:39 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 14 May 2024 16:30:39 -0000 Subject: SUSE-SU-2024:1648-1: important: Security update for the Linux Kernel Message-ID: <171570423938.20442.10006693042455040289@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2024:1648-1 Rating: important References: * bsc#1084332 * bsc#1141539 * bsc#1184509 * bsc#1186060 * bsc#1190317 * bsc#1190576 * bsc#1192145 * bsc#1194516 * bsc#1203935 * bsc#1209657 * bsc#1211592 * bsc#1212514 * bsc#1213456 * bsc#1217339 * bsc#1217987 * bsc#1217988 * bsc#1217989 * bsc#1218220 * bsc#1218336 * bsc#1218479 * bsc#1218562 * bsc#1219104 * bsc#1219169 * bsc#1219170 * bsc#1219618 * bsc#1219623 * bsc#1219847 * bsc#1220320 * bsc#1220366 * bsc#1220394 * bsc#1220411 * bsc#1220416 * bsc#1220418 * bsc#1220422 * bsc#1220442 * bsc#1220445 * bsc#1220505 * bsc#1220521 * bsc#1220528 * bsc#1220536 * bsc#1220538 * bsc#1220554 * bsc#1220572 * bsc#1220580 * bsc#1220611 * bsc#1220625 * bsc#1220628 * bsc#1220637 * bsc#1220640 * bsc#1220662 * bsc#1220687 * bsc#1220692 * bsc#1220703 * bsc#1220706 * bsc#1220739 * bsc#1220742 * bsc#1220743 * bsc#1220745 * bsc#1220751 * bsc#1220768 * bsc#1220769 * bsc#1220777 * bsc#1220790 * bsc#1220794 * bsc#1220829 * bsc#1220836 * bsc#1220843 * bsc#1220846 * bsc#1220850 * bsc#1220871 * bsc#1220927 * bsc#1220960 * bsc#1220985 * bsc#1220987 * bsc#1221044 * bsc#1221046 * bsc#1221048 * bsc#1221058 * bsc#1221060 * bsc#1221061 * bsc#1221077 * bsc#1221082 * bsc#1221088 * bsc#1221162 * bsc#1221277 * bsc#1221293 * bsc#1221337 * bsc#1221532 * bsc#1221541 * bsc#1221548 * bsc#1221575 * bsc#1221605 * bsc#1221608 * bsc#1221617 * bsc#1221791 * bsc#1221816 * bsc#1221825 * bsc#1221830 * bsc#1221862 * bsc#1221934 * bsc#1221949 * bsc#1221952 * bsc#1221953 * bsc#1221965 * bsc#1221966 * bsc#1221967 * bsc#1221969 * bsc#1221972 * bsc#1221973 * bsc#1221977 * bsc#1221979 * bsc#1221988 * bsc#1221991 * bsc#1221993 * bsc#1221994 * bsc#1221997 * bsc#1221998 * bsc#1221999 * bsc#1222000 * bsc#1222001 * bsc#1222002 * bsc#1222117 * bsc#1222294 * bsc#1222300 * bsc#1222357 * bsc#1222379 * bsc#1222422 * bsc#1222428 * bsc#1222449 * bsc#1222503 * bsc#1222559 * bsc#1222585 * bsc#1222609 * bsc#1222610 * bsc#1222613 * bsc#1222618 * bsc#1222619 * bsc#1222624 * bsc#1222630 * bsc#1222632 * bsc#1222660 * bsc#1222662 * bsc#1222664 * bsc#1222666 * bsc#1222669 * bsc#1222671 * bsc#1222677 * bsc#1222706 * bsc#1222720 * bsc#1222765 * bsc#1222770 * bsc#1222772 * bsc#1222787 * bsc#1222790 * bsc#1222812 * bsc#1222836 * bsc#1222869 * bsc#1222876 * bsc#1222878 * bsc#1222881 * bsc#1222883 * bsc#1222888 * bsc#1222952 * bsc#1222961 * bsc#1222975 * bsc#1222976 * bsc#1223016 * bsc#1223035 * bsc#1223049 * bsc#1223051 * bsc#1223057 * bsc#1223058 * bsc#1223060 * bsc#1223187 * bsc#1223189 * bsc#1223198 * bsc#1223203 * bsc#1223315 * bsc#1223432 * bsc#1223509 * bsc#1223512 * bsc#1223513 * bsc#1223516 * bsc#1223518 * bsc#1223626 * bsc#1223627 * bsc#1223664 * bsc#1223686 * bsc#1223693 * bsc#1223712 * bsc#1223715 * bsc#1223735 * bsc#1223744 * bsc#1223745 * bsc#1223770 * bsc#1223781 * bsc#1223819 * bsc#1223824 * bsc#1223827 * bsc#1223837 * bsc#1223842 * bsc#1223843 * bsc#1223844 * bsc#1223883 * bsc#1223885 * bsc#1223921 * bsc#1223941 * bsc#1223952 * bsc#1223953 * bsc#1223954 * jsc#PED-5759 Cross-References: * CVE-2019-25160 * CVE-2020-36312 * CVE-2021-23134 * CVE-2021-46904 * CVE-2021-46905 * CVE-2021-46907 * CVE-2021-46909 * CVE-2021-46938 * CVE-2021-46939 * CVE-2021-46941 * CVE-2021-46950 * CVE-2021-46958 * CVE-2021-46960 * CVE-2021-46963 * CVE-2021-46964 * CVE-2021-46966 * CVE-2021-46975 * CVE-2021-46981 * CVE-2021-46988 * CVE-2021-46990 * CVE-2021-46998 * CVE-2021-47006 * CVE-2021-47015 * CVE-2021-47024 * CVE-2021-47034 * CVE-2021-47045 * CVE-2021-47049 * CVE-2021-47055 * CVE-2021-47056 * CVE-2021-47060 * CVE-2021-47061 * CVE-2021-47063 * CVE-2021-47068 * CVE-2021-47070 * CVE-2021-47071 * CVE-2021-47073 * CVE-2021-47100 * CVE-2021-47101 * CVE-2021-47104 * CVE-2021-47110 * CVE-2021-47112 * CVE-2021-47114 * CVE-2021-47117 * CVE-2021-47118 * CVE-2021-47119 * CVE-2021-47138 * CVE-2021-47141 * CVE-2021-47142 * CVE-2021-47143 * CVE-2021-47146 * CVE-2021-47149 * CVE-2021-47150 * CVE-2021-47153 * CVE-2021-47159 * CVE-2021-47161 * CVE-2021-47162 * CVE-2021-47165 * CVE-2021-47166 * CVE-2021-47167 * CVE-2021-47168 * CVE-2021-47169 * CVE-2021-47171 * CVE-2021-47173 * CVE-2021-47177 * CVE-2021-47179 * CVE-2021-47180 * CVE-2021-47181 * CVE-2021-47182 * CVE-2021-47183 * CVE-2021-47184 * CVE-2021-47185 * CVE-2021-47188 * CVE-2021-47189 * CVE-2021-47198 * CVE-2021-47202 * CVE-2021-47203 * CVE-2021-47204 * CVE-2021-47205 * CVE-2021-47207 * CVE-2021-47211 * CVE-2021-47216 * CVE-2021-47217 * CVE-2022-0487 * CVE-2022-48619 * CVE-2022-48626 * CVE-2022-48636 * CVE-2022-48650 * CVE-2022-48651 * CVE-2022-48667 * CVE-2022-48668 * CVE-2022-48687 * CVE-2022-48688 * CVE-2022-48695 * CVE-2022-48701 * CVE-2023-0160 * CVE-2023-28746 * CVE-2023-35827 * CVE-2023-52454 * CVE-2023-52469 * CVE-2023-52470 * CVE-2023-52474 * CVE-2023-52476 * CVE-2023-52477 * CVE-2023-52486 * CVE-2023-52488 * CVE-2023-52509 * CVE-2023-52515 * CVE-2023-52524 * CVE-2023-52528 * CVE-2023-52575 * CVE-2023-52583 * CVE-2023-52587 * CVE-2023-52590 * CVE-2023-52591 * CVE-2023-52595 * CVE-2023-52598 * CVE-2023-52607 * CVE-2023-52614 * CVE-2023-52620 * CVE-2023-52628 * CVE-2023-52635 * CVE-2023-52639 * CVE-2023-52644 * CVE-2023-52646 * CVE-2023-52650 * CVE-2023-52652 * CVE-2023-52653 * CVE-2023-6270 * CVE-2023-6356 * CVE-2023-6535 * CVE-2023-6536 * CVE-2023-7042 * CVE-2023-7192 * CVE-2024-2201 * CVE-2024-22099 * CVE-2024-23307 * CVE-2024-23848 * CVE-2024-24855 * CVE-2024-24861 * CVE-2024-26614 * CVE-2024-26642 * CVE-2024-26651 * CVE-2024-26671 * CVE-2024-26675 * CVE-2024-26689 * CVE-2024-26704 * CVE-2024-26733 * CVE-2024-26739 * CVE-2024-26743 * CVE-2024-26744 * CVE-2024-26747 * CVE-2024-26754 * CVE-2024-26763 * CVE-2024-26771 * CVE-2024-26772 * CVE-2024-26773 * CVE-2024-26777 * CVE-2024-26778 * CVE-2024-26779 * CVE-2024-26793 * CVE-2024-26805 * CVE-2024-26816 * CVE-2024-26817 * CVE-2024-26839 * CVE-2024-26840 * CVE-2024-26852 * CVE-2024-26855 * CVE-2024-26857 * CVE-2024-26859 * CVE-2024-26878 * CVE-2024-26883 * CVE-2024-26884 * CVE-2024-26898 * CVE-2024-26901 * CVE-2024-26903 * CVE-2024-26907 * CVE-2024-26922 * CVE-2024-26929 * CVE-2024-26930 * CVE-2024-26931 * CVE-2024-26948 * CVE-2024-26993 * CVE-2024-27013 * CVE-2024-27014 * CVE-2024-27043 * CVE-2024-27046 * CVE-2024-27054 * CVE-2024-27072 * CVE-2024-27073 * CVE-2024-27074 * CVE-2024-27075 * CVE-2024-27078 * CVE-2024-27388 CVSS scores: * CVE-2019-25160 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2019-25160 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2020-36312 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2020-36312 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-23134 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-23134 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-46904 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46904 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46905 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2021-46905 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46909 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46909 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46938 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-46939 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46939 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46941 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46941 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46950 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N * CVE-2021-46950 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-46958 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46960 ( SUSE ): 2.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L * CVE-2021-46963 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46964 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46975 ( SUSE ): 3.2 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:N/A:N * CVE-2021-46981 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46988 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46990 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46998 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47006 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47024 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47045 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47049 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47056 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47060 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47061 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47063 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47068 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47070 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2021-47071 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2021-47073 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47100 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47101 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2021-47104 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2021-47110 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47112 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2021-47114 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47117 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47118 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47119 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47138 ( SUSE ): 4.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2021-47141 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47142 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47143 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47146 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47149 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47150 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47153 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47159 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47161 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47162 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47165 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47166 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47167 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47168 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47169 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47171 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47173 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47177 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47179 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47180 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47181 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47182 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47183 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47184 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47185 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47188 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47189 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47198 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47198 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47202 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47203 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47204 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47205 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47207 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47211 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47216 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2021-47217 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-0487 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-0487 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2022-48619 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48619 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48626 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2022-48626 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48636 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48650 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48651 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48667 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2022-48668 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2022-48687 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2022-48688 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48695 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48701 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2023-0160 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-0160 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-28746 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2023-35827 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52454 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52454 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52469 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2023-52469 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52470 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52470 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52474 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N * CVE-2023-52474 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52476 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52477 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52486 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52488 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52509 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52515 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52524 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52528 ( SUSE ): 3.5 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L * CVE-2023-52575 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52583 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52587 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52590 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2023-52591 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2023-52595 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52598 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52607 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52614 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2023-52620 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52628 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52635 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52639 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52644 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52646 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52650 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52652 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2023-52653 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2023-6270 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6270 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6356 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6356 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6535 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6535 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6536 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6536 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-7042 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-7042 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-7192 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-7192 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-2201 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-22099 ( SUSE ): 5.3 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-22099 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-23307 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23848 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2024-23848 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-24855 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-24855 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-24861 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-24861 ( NVD ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-26614 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26642 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26651 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26671 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26675 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26689 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26704 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26733 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26739 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26743 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-26744 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26747 ( SUSE ): 4.3 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26754 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26763 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2024-26771 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26772 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26773 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26777 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26778 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26779 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26793 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26805 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26816 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-26817 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26839 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-26840 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-26852 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26855 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26857 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26859 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26878 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26883 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26883 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26884 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26884 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26898 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26898 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26901 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2024-26901 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26903 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26903 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26907 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26907 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26922 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26929 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26930 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26931 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26948 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26993 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27013 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27014 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27043 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-27046 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27054 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27072 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27073 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27074 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27075 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27078 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27388 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Availability Extension 12 SP5 * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Live Patching 12-SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 * SUSE Linux Enterprise Workstation Extension 12 12-SP5 An update that solves 193 vulnerabilities, contains one feature and has 17 security fixes can now be installed. ## Description: The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2019-25160: Fixed out-of-bounds memory accesses in netlabel (bsc#1220394). * CVE-2020-36312: Fixed an issue in virt/kvm/kvm_main.c that had a kvm_io_bus_unregister_dev memory leak upon a kmalloc failure (bsc#1184509). * CVE-2021-23134: Fixed a use-after-free issue in nfc sockets (bsc#1186060). * CVE-2021-46904: Fixed NULL pointer dereference during tty device unregistration (bsc#1220416). * CVE-2021-46905: Fixed NULL pointer dereference on disconnect regression (bsc#1220418). * CVE-2021-46909: Fixed PCI interrupt mapping in ARM footbridge (bsc#1220442). * CVE-2021-46938: Fixed double free of blk_mq_tag_set in dev remove after table load fails (bsc#1220554). * CVE-2021-46939: Fixed possible hung in trace_clock_global() (bsc#1220580). * CVE-2021-46941: Fixed core softreset when switch mode in usb dwc3 (bsc#1220628). * CVE-2021-46950: Fixed possible data corruption in md/raid1 when ending a failed write request (bsc#1220662). * CVE-2021-46958: Fixed race between transaction aborts and fsyncs that could lead to use-after-free in btrfs (bsc#1220521). * CVE-2021-46960: Fixed wrong error code from smb2_get_enc_key() (bsc#1220528). * CVE-2021-46963: Fixed crash in qla2xxx_mqueuecommand() (bsc#1220536). * CVE-2021-46964: Fixed unreserved extra IRQ vectors in qla2xxx (bsc#1220538). * CVE-2021-46966: Fixed potential use-after-free issue in cm_write() (bsc#1220572). * CVE-2021-46981: Fixed NULL pointer in flush_workqueue (bsc#1220611). * CVE-2021-46988: Fixed possible crash in userfaultfd due to unreleased page (bsc#1220706). * CVE-2021-46990: Fixed crashes when toggling entry flush barrier in powerpc/64s (bsc#1220743). * CVE-2021-46998: Fixed a use after free bug in enic_hard_start_xmit() (bsc#1220625). * CVE-2021-47006: Fixed wrong check in overflow_handler hook in ARM 9064/1 hw_breakpoint (bsc#1220751). * CVE-2021-47015: Fixed RX consumer index logic in the error path in bnxt_en (bsc#1220794). * CVE-2021-47024: Fixed possible memory leak in vsock/virtio when closing socket (bsc#1220637). * CVE-2021-47034: Fixed resolved pte update for kernel memory on radix in powerpc/64s (bsc#1220687). * CVE-2021-47045: Fixed null pointer dereference in lpfc_prep_els_iocb() (bsc#1220640). * CVE-2021-47049: Fixed Use after free in __vmbus_open() (bsc#1220692). * CVE-2021-47055: Fixed missing permissions for locking and badblock ioctls in mtd (bsc#1220768). * CVE-2021-47056: Fixed uninitialized lock in adf_vf2pf_shutdown() (bsc#1220769). * CVE-2021-47060: Fixed a bug in KVM by stop looking for coalesced MMIO zones if the bus is destroyed (bsc#1220742). * CVE-2021-47061: Fixed a bug in KVM by destroy I/O bus devices on unregister failure _after_ sync'ing SRCU (bsc#1220745). * CVE-2021-47063: Fixed possible use-after-free in panel_bridge_detach() (bsc#1220777). * CVE-2021-47068: Fixed a use-after-free issue in llcp_sock_bind/connect (bsc#1220739). * CVE-2021-47070: Fixed memory leak in error handling paths in uio_hv_generic (bsc#1220829). * CVE-2021-47071: Fixed memory leak in error handling paths in uio_hv_generic (bsc#1220846). * CVE-2021-47073: Fixed oops on rmmod dell_smbios init_dell_smbios_wmi() (bsc#1220850). * CVE-2021-47100: Fixed UAF when uninstall in ipmi (bsc#1220985). * CVE-2021-47101: Fixed uninit-value in asix_mdio_read() (bsc#1220987). * CVE-2021-47104: Fixed memory leak in qib_user_sdma_queue_pkts() (bsc#1220960). * CVE-2021-47110: Fixed possible memory corruption when restoring from hibernation in x86/kvm (bsc#1221532). * CVE-2021-47112: Fixed possible memory corruption when restoring from hibernation in x86/kvm (bsc#1221541). * CVE-2021-47114: Fixed data corruption by fallocate in ocfs2 (bsc#1221548). * CVE-2021-47117: Fixed bug on in ext4_es_cache_extent() as ext4_split_extent_at() failed (bsc#1221575). * CVE-2021-47118: Fixed possible use-after-free when initializing `cad_pid` (bsc#1221605). * CVE-2021-47119: Fixed memory leak in ext4_fill_super() (bsc#1221608). * CVE-2021-47138: Fixed possible out-of-bound memory access in cxgb4 when clearing filters (bsc#1221934). * CVE-2021-47141: Fixed possible NULL pointer dereference when freeing irqs (bsc#1221949). * CVE-2021-47142: Fixed a use-after-free in drm/amdgpu (bsc#1221952). * CVE-2021-47143: Fixed possible corruption in net/smc after failed device_add() (bsc#1221988). * CVE-2021-47150: Fixed the potential memory leak in fec_enet_init() (bsc#1221973). * CVE-2021-47153: Fixed wrongly generated interrupt on bus reset in i2c/i801 (bsc#1221969). * CVE-2021-47165: Fixed shutdown crash when component not probed in drm/meson (bsc#1221965). * CVE-2021-47166: Fixed possible corruptionb in nfs_do_recoalesce() (bsc#1221998). * CVE-2021-47167: Fixed an Oopsable condition in __nfs_pageio_add_request() (bsc#1221991). * CVE-2021-47168: Fixed an incorrect limit in filelayout_decode_layout() (bsc#1222002). * CVE-2021-47169: Fixed possible NULL pointer dereference in serial/rp2 (bsc#1222000). * CVE-2021-47171: Fixed memory leak in smsc75xx_bind() (bsc#1221994). * CVE-2021-47173: Fixed memory leak in uss720_probe() (bsc#1221993). * CVE-2021-47177: Fixed sysfs leak in alloc_iommu() (bsc#1221997). * CVE-2021-47179: Fixed a NULL pointer dereference in pnfs_mark_matching_lsegs_return() (bsc#1222001). * CVE-2021-47180: Fixed memory leak in nci_allocate_device() (bsc#1221999). * CVE-2021-47181: Fixed a null pointer dereference caused by calling platform_get_resource() (bsc#1222660). * CVE-2021-47183: Fixed a null pointer dereference during link down processing in scsi lpfc (bsc#1192145, bsc#1222664). * CVE-2021-47185: Fixed a softlockup issue in flush_to_ldisc in tty tty_buffer (bsc#1222669). * CVE-2021-47189: Fixed denial of service due to memory ordering issues between normal and ordered work functions in btrfs (bsc#1222706). * CVE-2021-47202: Fixed NULL pointer dereferences in of_thermal_ functions (bsc#1222878) * CVE-2022-0487: A use-after-free vulnerability was found in rtsx_usb_ms_drv_remove() in drivers/memstick/host/rtsx_usb_ms.c (bsc#1194516). * CVE-2022-48619: Fixed a denial-of-service issue in drivers/input/input.c (bsc#1218220). * CVE-2022-48626: Fixed a potential use-after-free on remove path moxart (bsc#1220366). * CVE-2023-0160: Fixed deadlock flaw in BPF that could allow a local user to potentially crash the system (bsc#1209657). * CVE-2023-28746: Fixed Register File Data Sampling (bsc#1213456). * CVE-2023-35827: Fixed a use-after-free issue in ravb_tx_timeout_work() (bsc#1212514). * CVE-2023-52454: Fixed a kernel panic when host sends an invalid H2C PDU length (bsc#1220320). * CVE-2023-52469: Fixed use-after-free in kv_parse_power_table() (bsc#1220411). * CVE-2023-52470: Fixed null-ptr-deref in radeon_crtc_init() (bsc#122041). * CVE-2023-52474: Fixed bugs with non-PAGE_SIZE-end multi-iovec user SDMA requests in hfi1 (bsc#1220445). * CVE-2023-52476: Fixed possible unhandled page fault via perf sampling NMI during vsyscall (bsc#1220703). * CVE-2023-52477: Fixed USB Hub accesses to uninitialized BOS descriptors (bsc#1220790). * CVE-2023-52486: Fixed possible use-after-free in drm (bsc#1221277). * CVE-2023-52509: Fixed a use-after-free issue in ravb_tx_timeout_work() (bsc#1220836). * CVE-2023-52515: Fixed possible use-after-free in RDMA/srp (bsc#1221048). * CVE-2023-52524: Fixed possible corruption in nfc/llcp (bsc#1220927). * CVE-2023-52528: Fixed uninit-value access in __smsc75xx_read_reg() (bsc#1220843). * CVE-2023-52575: Fixed SBPB enablement for spec_rstack_overflow=off (bsc#1220871). * CVE-2023-52583: Fixed deadlock or deadcode of misusing dget() inside ceph (bsc#1221058). * CVE-2023-52587: Fixed mcast list locking in IB/ipoib (bsc#1221082). * CVE-2023-52590: Fixed a possible ocfs2 filesystem corruption via directory renaming (bsc#1221088). * CVE-2023-52591: Fixed a possible reiserfs filesystem corruption via directory renaming (bsc#1221044). * CVE-2023-52598: Fixed wrong setting of fpc register in s390/ptrace (bsc#1221060). * CVE-2023-52607: Fixed NULL pointer dereference in pgtable_cache_add kasprintf() (bsc#1221061). * CVE-2023-52628: Fixed 4-byte stack OOB write in nftables (bsc#1222117). * CVE-2023-52639: Fixed race during shadow creation in KVM/s390/vsie (bsc#1222300). * CVE-2023-6270: Fixed a use-after-free issue in aoecmd_cfg_pkts (bsc#1218562). * CVE-2023-6356: Fixed a NULL pointer dereference in nvmet_tcp_build_pdu_iovec (bsc#1217987). * CVE-2023-6535: Fixed a NULL pointer dereference in nvmet_tcp_execute_request (bsc#1217988). * CVE-2023-6536: Fixed a NULL pointer dereference in __nvmet_req_complete (bsc#1217989). * CVE-2023-7042: Fixed a NULL pointer dereference vulnerability in ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() (bsc#1218336). * CVE-2023-7192: Fixed a memory leak problem in ctnetlink_create_conntrack in net/netfilter/nf_conntrack_netlink.c (bsc#1218479). * CVE-2024-2201: Fixed information leak in x86/BHI (bsc#1217339). * CVE-2024-22099: Fixed NULL Pointer Dereference vulnerability in /net/bluetooth/rfcomm/core.c (bsc#1219170). * CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5 modules (bsc#1219169). * CVE-2024-24855: Fixed a null pointer dereference due to race condition in scsi device driver in lpfc_unregister_fcf_rescan() function (bsc#1219618). * CVE-2024-24861: Fixed an overflow due to race condition in media/xc4000 device driver in xc4000 xc4000_get_frequency() function (bsc#1219623). * CVE-2024-26614: Fixed the initialization of accept_queue's spinlocks (bsc#1221293). * CVE-2024-26642: Fixed the set of anonymous timeout flag in netfilter nf_tables (bsc#1221830). * CVE-2024-26704: Fixed a double-free of blocks due to wrong extents moved_len in ext4 (bsc#1222422). * CVE-2024-26733: Fixed an overflow in arp_req_get() in arp (bsc#1222585). * CVE-2024-26743: Fixed memory leak in qedr_create_user_qp error flow in rdma/qedr (bsc#1222677) * CVE-2024-26744: Fixed null pointer dereference in srpt_service_guid parameter in rdma/srpt (bsc#1222449) * CVE-2024-26754: Fixed an use-after-free and null-ptr-deref in gtp_genl_dump_pdp() in gtp (bsc#1222632). * CVE-2024-26763: Fixed user corruption via by writing data with O_DIRECT on device in dm-crypt (bsc#1222720). * CVE-2024-26771: Fixed a null pointer dereference on edma_probe in dmaengine ti edma (bsc#1222610) * CVE-2024-26793: Fixed an use-after-free and null-ptr-deref in gtp_newlink() in gtp (bsc#1222428). * CVE-2024-26805: Fixed a kernel-infoleak-after-free in __skb_datagram_iter in netlink (bsc#1222630). * CVE-2024-27043: Fixed a use-after-free in edia/dvbdev in different places (bsc#1223824). * CVE-2024-26840: Fixed a memory leak in cachefiles_add_cache() (bsc#1222976). * CVE-2021-47161: Fixed a resource leak in an error handling path in the error handling path of the probe function in spi spi-fsl-dspi (bsc#1221966). * CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223513). * CVE-2024-26816: Ignore relocations in .notes section when building with CONFIG_XEN_PV=y (bsc#1222624). * CVE-2023-52595: Fixed possible deadlock in wifi/rt2x00 (bsc#1221046). * CVE-2024-26689: Fixed a use-after-free in encode_cap_msg() (bsc#1222503). * CVE-2024-26773: Fixed ext4 block allocation from corrupted group in ext4_mb_try_best_found() (bsc#1222618). * CVE-2021-47182: Fixed scsi_mode_sense() buffer length handling (bsc#1222662). * CVE-2022-48701: Fixed an out-of-bounds bug in __snd_usb_parse_audio_interface() (bsc#1223921). * CVE-2024-26993: Fixed a reference leak in sysfs_break_active_protection() (bsc#1223693) * CVE-2023-52650: Added missing check for of_find_device_by_node() (bsc#1223770) * CVE-2024-26948: Added a dc_state NULL check in dc_state_release (bsc#1223664) * CVE-2024-27013: Limited printing rate when illegal packet received by tun dev (bsc#1223745). * CVE-2024-27014: Prevented deadlock while disabling aRFS (bsc#1223735). * CVE-2024-27046: Handled acti_netdevs allocation failure (bsc#1223827). * CVE-2021-47162: Fixed a possible memory leak in tipc_buf_append (bsc#1221977). * CVE-2024-27072: Removed useless locks in usbtv_video_free() (bsc#1223837). * CVE-2024-27075: Avoided stack overflow warnings with clang (bsc#1223842). * CVE-2024-27073: Fixed a memory leak in budget_av_attach() (bsc#1223843). * CVE-2024-27074: Fixed a memory leak in go7007_load_encoder() (bsc#1223844). * CVE-2024-27078: Fixed a memory leak in tpg_alloc() (bsc#1223781). * CVE-2023-52652: Fixed a possible name leak in ntb_register_device() (bsc#1223686). * CVE-2024-23848: Fixed a use-after-free in cec_queue_msg_fh, related to drivers/media/cec/core/cec-adap.c and drivers/media/cec/core/cec-api.c (bsc#1219104). * CVE-2024-26859: Prevent access to a freed page in page_pool in bnx2x (bsc#1223049). * CVE-2024-26817: Used calloc instead of kzalloc to avoid integer overflow (bsc#1222812) * CVE-2021-47149: Fixed a potential null pointer deref in fmvj18x_get_hwinfo() (bsc#1221972). * CVE-2023-52620: Disallowed timeout for anonymous sets in nf_tables (bsc#1221825). * CVE-2024-26852: Fixed use-after-free in ip6_route_mpath_notify() (bsc#1223057). * CVE-2024-26878: Fixed potential NULL pointer dereference, related to dquots (bsc#1223060). * CVE-2024-26901: Used kzalloc() to fix information leak in do_sys_name_to_handle() (bsc#1223198). * CVE-2024-26671: Fixed an IO hang from sbitmap wakeup race in blk_mq_mark_tag_wait() (bsc#1222357). * CVE-2024-26772: Avoided allocating blocks from corrupted group in ext4_mb_find_by_goal() (bsc#1222613). * CVE-2023-52614: Fixed a buffer overflow in trans_stat_show() (bsc#1221617). * CVE-2024-26855: Fixed a potential NULL pointer dereference in ice_bridge_setlink() (bsc#1223051). * CVE-2024-26857: Made sure to pull inner header in geneve_rx() (bsc#1223058). * CVE-2024-26675: Limited MRU to 64K in ppp_async_ioctl() (bsc#1222379). * CVE-2024-26907: Fixed a fortify source warning while accessing Eth segment in mlx5 (bsc#1223203). * CVE-2023-52488: Converted from _raw_ to _noinc_ regmap functions for FIFO in sc16is7xx (bsc#1221162). * CVE-2024-26922: Validated the parameters of bo mapping operations more clearly (bsc#1223315). * CVE-2021-47184: Fixed NULL pointer dereference on VSI filter sync (bsc#1222666). * CVE-2023-52635: Synchronized devfreq_monitor_[start/stop] for devfreq (bsc#1222294). * CVE-2024-26883: Checked for integer overflow when using roundup_pow_of_two() (bsc#1223035). * CVE-2024-26884: Fixed a bpf hashtab overflow check on 32-bit architectures (bsc#1223189). * CVE-2024-26839: Fixed a memleak in init_credit_return() (bsc#1222975) * CVE-2023-52644: Stop/wake correct queue in DMA Tx path when QoS is disabled in b43 (bsc#1222961). * CVE-2021-47205: Unregistered clocks/resets when unbinding in sunxi-ng (bsc#1222888). * CVE-2021-47211: Fixed a null pointer dereference on pointer cs_desc in usb- audio (bsc#1222869). * CVE-2021-47207: Fixed a null pointer dereference on pointer block in gus (bsc#1222790). * CVE-2024-26779: Fixed a race condition on enabling fast-xmit in mac80211 (bsc#1222772). * CVE-2024-26777: Error out if pixclock equals zero in fbdev/sis (bsc#1222765) * CVE-2024-26778: Error out if pixclock equals zero in fbdev/savage (bsc#1222770) * CVE-2024-26747: Fixed a NULL pointer issue with USB parent module's reference (bsc#1222609). The following non-security bugs were fixed: * Input: adxl34x - do not hardcode interrupt trigger type (git-fixes). * Input: drv260x - sleep between polling GO bit (git-fixes). * Input: ipaq-micro-keys - add error handling for devm_kmemdup. * Input: xpad - add PXN V900 support. * USB: core: Fix deadlock in usb_deauthorize_interface(). * USB: usb-storage: Prevent divide-by-0 error in isd200_ata_command (git- fixes). * atl1c: fix error return code in atl1c_probe() (git-fixes). * atl1e: fix error return code in atl1e_probe() (git-fixes). * bluetooth: btqca: Fixed a coding style error (git-fixes). * bluetooth: btqca: Introduce HCI_EV_VENDOR and use it (git-fixes). * bluetooth: btqcomsmd: Fix command timeout after setting BD address (git- fixes). * bluetooth: hci_intel: Add check for platform_driver_register (git-fixes). * bnx2x: Fix enabling network interfaces without VFs (git-fixes). * bnx2x: Fix missing error code in bnx2x_iov_init_one() (git-fixes). * bpf, sockmap: Fix preempt_rt splat when using raw_spin_lock_t (git-fixes). * drivers: usb: host: Fix deadlock in oxu_bus_suspend() (git-fixes). * ethernet: myri10ge: Fix missing error code in myri10ge_probe() (git-fixes). * ethernet: ucc_geth: fix definition and size of ucc_geth_tx_global_pram (git- fixes). * fuse: do not unhash root (bsc#1223954). * iommu/amd: Increase interrupt remapping table limit to 512 entries (git- fixes). * iommu/amd: Mark interrupt as managed (git-fixes). * iommu/amd: Set DTE[IntTabLen] to represent 512 IRTEs (git-fixes). * iommu/amd: Silence warnings under memory pressure (git-fixes). * iommu: Check if group is NULL before remove device (git-fixes). * kabi fix for pNFS: Fix the pnfs block driver's calculation of layoutget size (git-fixes). * kabi: pci: Add locking to RMW PCI Express Capability Register accessors (kabi). * lan78xx: Add missing return code checks (git-fixes). * lan78xx: Add support to dump lan78xx registers (git-fixes). * lan78xx: Do not access skb_queue_head list pointers directly (git-fixes). * lan78xx: Fix exception on link speed change (git-fixes). * lan78xx: Fix partial packet errors on suspend/resume (git-fixes). * lan78xx: Fix race conditions in suspend/resume handling (git-fixes). * lan78xx: Fix white space and style issues (git-fixes). * lan78xx: Modify error messages (git-fixes). * lan78xx: enable auto speed configuration for LAN7850 if no EEPROM is detected (git-fixes). * net/mlx5: Properly convey driver version to firmware (git-fixes). * net/qla3xxx: fix schedule while atomic in ql_sem_spinlock (git-fixes). * net: Fix features skip in for_each_netdev_feature() (git-fixes). * net: allwinner: Fix some resources leak in the error handling path of the probe and in the remove function (git-fixes). * net: atheros: switch from 'pci_' to 'dma_' API (git-fixes). * net: lan78xx: Allow for VLAN headers in timeout calcs (git-fixes). * net: lan78xx: Make declaration style consistent (git-fixes). * net: lan78xx: Merge memcpy + lexx_to_cpus to get_unaligned_lexx (git-fixes). * net: lan78xx: fix runtime PM count underflow on link stop (git-fixes). * net: lan78xx: remove set but not used variable 'event' (git-fixes). * net: macb: ensure the device is available before accessing GEMGXL control registers (git-fixes). * net: stmmac: free tx skb buffer in stmmac_resume() (git-fixes). * net: sunrpc: Fix an off by one in rpc_sockaddr2uaddr() (git-fixes). * net: usb: lan78xx: Remove lots of set but unused 'ret' variables (git- fixes). * net:usb: Use ARRAY_SIZE instead of calculating the array size (git-fixes). * nfs: Fix O_DIRECT commit verifier handling (git-fixes). * nfs: Fix O_DIRECT locking issues (git-fixes). * nfs: Fix a request reference leak in nfs_direct_write_clear_reqs() (git- fixes). * nfs: Fix an off by one in root_nfs_cat() (git-fixes). * nfs: Fix direct WRITE throughput regression (git-fixes). * nfs: Fix error handling for O_DIRECT write scheduling (git-fixes). * nfs: More O_DIRECT accounting fixes for error paths (git-fixes). * nfs: add atomic_open for NFSv3 to handle O_TRUNC correctly (bsc#1219847). * nfs: avoid spurious warning of lost lock that is being unlocked (bsc#1221791). * nfs: commit errors should be fatal (git-fixes). * nfs: only issue commit in DIO codepath if we have uncommitted data (git- fixes). * nfsd: Fix error cleanup path in nfsd_rename() (git-fixes). * nfsd: Reset cb_seq_status after NFS4ERR_DELAY (git-fixes). * nfsd: Retransmit callbacks after client reconnects (git-fixes). * nfsd: lock_rename() needs both directories to live on the same fs (git- fixes). * nfsv4.1/pnfs: Ensure we handle the error NFS4ERR_RETURNCONFLICT (git-fixes). * pci/aer: Clear MULTI_ERR_COR/UNCOR_RCV bits (git-fixes). * pci/aspm: Avoid link retraining race (git-fixes). * pci/aspm: Disable ASPM on MFD function removal to avoid use-after-free (git- fixes). * pci/aspm: Do not warn if already in common clock mode (git-fixes). * pci/aspm: Factor out pcie_wait_for_retrain() (git-fixes). * pci/aspm: Reduce severity of common clock config message (git-fixes). * pci/aspm: Return 0 or -ETIMEDOUT from pcie_retrain_link() (git-fixes). * pci/aspm: Use RMW accessors for changing LNKCTL (git-fixes). * pci/dpc: Print all TLP Prefixes, not just the first (git-fixes). * pci/iov: Enlarge virtfn sysfs name buffer (git-fixes). * pci/msi: Prevent MSI hardware interrupt number truncation (git-fixes). * pci/pm: Power up all devices during runtime resume (git-fixes). * pci/sysfs: Protect driver's D3cold preference from user space (git-fixes). * pci: Add ACS quirk for Broadcom BCM5750x NICs (git-fixes). * pci: Add function 1 DMA alias quirk for Marvell 88SE9235 (git-fixes). * pci: Add locking to RMW PCI Express Capability Register accessors (git- fixes). * pci: Avoid FLR for AMD FCH AHCI adapters (git-fixes). * pci: Avoid pci_dev_lock() AB/BA deadlock with sriov_numvfs_store() (git- fixes). * pci: Make link retraining use RMW accessors for changing LNKCTL (git-fixes). * pci: Mark 3ware-9650SE Root Port Extended Tags as broken (git-fixes). * pci: Rework pcie_retrain_link() wait loop (git-fixes). * pci: aardvark: Fix setting MSI address (git-fixes). * pci: aardvark: Fix support for MSI interrupts (git-fixes). * pci: dwc: Add unroll iATU space support to dw_pcie_disable_atu() (git- fixes). * pci: endpoint: Do not stop controller when unbinding endpoint function (git- fixes). * pci: hotplug: Allow marking devices as disconnected during bind/unbind (git- fixes). * pci: pciehp: Add pciehp_set_indicators() to set both indicators (git-fixes). * pci: pciehp: Cancel bringup sequence if card is not present (git-fixes). * pci: pciehp: Fix AB-BA deadlock between reset_lock and device_lock (git- fixes). * pci: pciehp: Use RMW accessors for changing LNKCTL (git-fixes). * pci: qcom: Disable write access to read only registers for IP v2.3.3 (git- fixes). * pci: qcom: Fix unbalanced PHY init on probe errors (git-fixes). * pci: qcom: Use DWC helpers for modifying the read-only DBI registers (git- fixes). * pci: switchtec: Return -EFAULT for copy_to_user() errors (git-fixes). * pnfs/flexfiles: Check the layout validity in ff_layout_mirror_prepare_stats (git-fixes). * pnfs: Fix the pnfs block driver's calculation of layoutget size (git-fixes). * rdma/ipoib: Fix error code return in ipoib_mcast_join (bsc#1221082) * s390/mm: Fix clearing storage keys for huge pages (git-fixes bsc#1223883). * s390/mm: Fix storage key clearing for guest huge pages (git-fixes bsc#1223885). * s390/vtime: fix average steal time calculation (git-fixes bsc#1221953). * scsi: qla2xxx: Change debug message during driver unload (bsc1221816). * scsi: qla2xxx: Delay I/O Abort on PCI error (bsc1221816). * scsi: qla2xxx: Fix N2N stuck connection (bsc1221816). * scsi: qla2xxx: Fix command flush on cable pull (bsc1221816). * scsi: qla2xxx: Fix double free of fcport (bsc1221816). * scsi: qla2xxx: Fix double free of the ha->vp_map pointer (bsc1221816). * scsi: qla2xxx: NVME|FCP prefer flag not being honored (bsc1221816). * scsi: qla2xxx: Prevent command send on chip reset (bsc1221816). * scsi: qla2xxx: Split FCE|EFT trace control (bsc1221816). * scsi: qla2xxx: Update manufacturer detail (bsc1221816). * scsi: qla2xxx: Update version to 10.02.09.200-k (bsc1221816). * sr9800: Add check for usbnet_get_endpoints (git-fixes). * sunrpc: Fix RPC client cleaned up the freed pipefs dentries (git-fixes). * sunrpc: fix a memleak in gss_import_v2_context (git-fixes). * sunrpc: fix some memleaks in gssx_dec_option_array (git-fixes). * tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc (bsc#1222619). * tun: honor IOCB_NOWAIT flag (git-fixes). * usb: dwc2: Fix memory leak in dwc2_hcd_init. * usb: dwc2: check return value after calling platform_get_resource() (git- fixes). * usb: dwc3: gadget: Ignore EP queue requests during bus reset (git-fixes). * usb: gadget: Fix issue with config_ep_by_speed function (git-fixes). * usb: mon: Fix atomicity violation in mon_bin_vma_fault (git-fixes). * usb: musb: Modify the "HWVers" register address (git-fixes). * usb: roles: do not get/set_role() when usb_role_switch is unregistered. * usb: serial: option: add Fibocom L7xx modules (git-fixes). * usb: serial: option: do not claim interface 4 for ZTE MF290 (git-fixes). * usb: storage: set 1.50 as the lower bcdDevice for older "Super Top" compatibility (git-fixes). * usb: typec: class: fix typec_altmode_put_partner to put plugs (git-fixes). * usb: usbfs: Do not WARN about excessively large memory allocations. * x86/CPU/AMD: Update the Zenbleed microcode revisions (git-fixes). * x86/bugs: Fix the SRSO mitigation on Zen3/4 (git-fixes). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-HA-12-SP5-2024-1648=1 SUSE-SLE- SERVER-12-SP5-2024-1648=1 * SUSE Linux Enterprise High Availability Extension 12 SP5 zypper in -t patch SUSE-SLE-HA-12-SP5-2024-1648=1 * SUSE Linux Enterprise Live Patching 12-SP5 zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2024-1648=1 * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-1648=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1648=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1648=1 * SUSE Linux Enterprise Workstation Extension 12 12-SP5 zypper in -t patch SUSE-SLE-WE-12-SP5-2024-1648=1 ## Package List: * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * kernel-default-debuginfo-4.12.14-122.212.1 * kernel-default-base-debuginfo-4.12.14-122.212.1 * dlm-kmp-default-debuginfo-4.12.14-122.212.1 * gfs2-kmp-default-4.12.14-122.212.1 * gfs2-kmp-default-debuginfo-4.12.14-122.212.1 * kernel-default-debugsource-4.12.14-122.212.1 * ocfs2-kmp-default-debuginfo-4.12.14-122.212.1 * dlm-kmp-default-4.12.14-122.212.1 * kernel-default-devel-4.12.14-122.212.1 * kernel-default-base-4.12.14-122.212.1 * kernel-syms-4.12.14-122.212.1 * ocfs2-kmp-default-4.12.14-122.212.1 * cluster-md-kmp-default-debuginfo-4.12.14-122.212.1 * cluster-md-kmp-default-4.12.14-122.212.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (nosrc ppc64le x86_64) * kernel-default-4.12.14-122.212.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (noarch) * kernel-source-4.12.14-122.212.1 * kernel-macros-4.12.14-122.212.1 * kernel-devel-4.12.14-122.212.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (x86_64) * kernel-default-devel-debuginfo-4.12.14-122.212.1 * SUSE Linux Enterprise High Availability Extension 12 SP5 (ppc64le s390x x86_64) * kernel-default-debuginfo-4.12.14-122.212.1 * dlm-kmp-default-debuginfo-4.12.14-122.212.1 * gfs2-kmp-default-4.12.14-122.212.1 * gfs2-kmp-default-debuginfo-4.12.14-122.212.1 * kernel-default-debugsource-4.12.14-122.212.1 * ocfs2-kmp-default-debuginfo-4.12.14-122.212.1 * dlm-kmp-default-4.12.14-122.212.1 * ocfs2-kmp-default-4.12.14-122.212.1 * cluster-md-kmp-default-debuginfo-4.12.14-122.212.1 * cluster-md-kmp-default-4.12.14-122.212.1 * SUSE Linux Enterprise High Availability Extension 12 SP5 (nosrc) * kernel-default-4.12.14-122.212.1 * SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64) * kernel-default-debuginfo-4.12.14-122.212.1 * kernel-default-debugsource-4.12.14-122.212.1 * kgraft-patch-4_12_14-122_212-default-1-8.11.1 * kernel-default-kgraft-devel-4.12.14-122.212.1 * kernel-default-kgraft-4.12.14-122.212.1 * SUSE Linux Enterprise Live Patching 12-SP5 (nosrc) * kernel-default-4.12.14-122.212.1 * SUSE Linux Enterprise Software Development Kit 12 SP5 (noarch nosrc) * kernel-docs-4.12.14-122.212.1 * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * kernel-obs-build-4.12.14-122.212.1 * kernel-obs-build-debugsource-4.12.14-122.212.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 nosrc x86_64) * kernel-default-4.12.14-122.212.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * kernel-default-debuginfo-4.12.14-122.212.1 * kernel-default-base-debuginfo-4.12.14-122.212.1 * kernel-default-debugsource-4.12.14-122.212.1 * kernel-default-devel-4.12.14-122.212.1 * kernel-syms-4.12.14-122.212.1 * kernel-default-base-4.12.14-122.212.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (noarch) * kernel-source-4.12.14-122.212.1 * kernel-macros-4.12.14-122.212.1 * kernel-devel-4.12.14-122.212.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (x86_64) * kernel-default-devel-debuginfo-4.12.14-122.212.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-4.12.14-122.212.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * kernel-default-debuginfo-4.12.14-122.212.1 * kernel-default-base-debuginfo-4.12.14-122.212.1 * kernel-default-debugsource-4.12.14-122.212.1 * kernel-default-devel-4.12.14-122.212.1 * kernel-syms-4.12.14-122.212.1 * kernel-default-base-4.12.14-122.212.1 * SUSE Linux Enterprise Server 12 SP5 (noarch) * kernel-source-4.12.14-122.212.1 * kernel-macros-4.12.14-122.212.1 * kernel-devel-4.12.14-122.212.1 * SUSE Linux Enterprise Server 12 SP5 (s390x) * kernel-default-man-4.12.14-122.212.1 * SUSE Linux Enterprise Server 12 SP5 (x86_64) * kernel-default-devel-debuginfo-4.12.14-122.212.1 * SUSE Linux Enterprise Workstation Extension 12 12-SP5 (nosrc) * kernel-default-4.12.14-122.212.1 * SUSE Linux Enterprise Workstation Extension 12 12-SP5 (x86_64) * kernel-default-debuginfo-4.12.14-122.212.1 * kernel-default-extra-4.12.14-122.212.1 * kernel-default-extra-debuginfo-4.12.14-122.212.1 * kernel-default-debugsource-4.12.14-122.212.1 ## References: * https://www.suse.com/security/cve/CVE-2019-25160.html * https://www.suse.com/security/cve/CVE-2020-36312.html * https://www.suse.com/security/cve/CVE-2021-23134.html * https://www.suse.com/security/cve/CVE-2021-46904.html * https://www.suse.com/security/cve/CVE-2021-46905.html * https://www.suse.com/security/cve/CVE-2021-46907.html * https://www.suse.com/security/cve/CVE-2021-46909.html * https://www.suse.com/security/cve/CVE-2021-46938.html * https://www.suse.com/security/cve/CVE-2021-46939.html * https://www.suse.com/security/cve/CVE-2021-46941.html * https://www.suse.com/security/cve/CVE-2021-46950.html * https://www.suse.com/security/cve/CVE-2021-46958.html * https://www.suse.com/security/cve/CVE-2021-46960.html * https://www.suse.com/security/cve/CVE-2021-46963.html * https://www.suse.com/security/cve/CVE-2021-46964.html * https://www.suse.com/security/cve/CVE-2021-46966.html * https://www.suse.com/security/cve/CVE-2021-46975.html * https://www.suse.com/security/cve/CVE-2021-46981.html * https://www.suse.com/security/cve/CVE-2021-46988.html * https://www.suse.com/security/cve/CVE-2021-46990.html * https://www.suse.com/security/cve/CVE-2021-46998.html * https://www.suse.com/security/cve/CVE-2021-47006.html * https://www.suse.com/security/cve/CVE-2021-47015.html * https://www.suse.com/security/cve/CVE-2021-47024.html * https://www.suse.com/security/cve/CVE-2021-47034.html * https://www.suse.com/security/cve/CVE-2021-47045.html * https://www.suse.com/security/cve/CVE-2021-47049.html * https://www.suse.com/security/cve/CVE-2021-47055.html * https://www.suse.com/security/cve/CVE-2021-47056.html * https://www.suse.com/security/cve/CVE-2021-47060.html * https://www.suse.com/security/cve/CVE-2021-47061.html * https://www.suse.com/security/cve/CVE-2021-47063.html * https://www.suse.com/security/cve/CVE-2021-47068.html * https://www.suse.com/security/cve/CVE-2021-47070.html * https://www.suse.com/security/cve/CVE-2021-47071.html * https://www.suse.com/security/cve/CVE-2021-47073.html * https://www.suse.com/security/cve/CVE-2021-47100.html * https://www.suse.com/security/cve/CVE-2021-47101.html * https://www.suse.com/security/cve/CVE-2021-47104.html * https://www.suse.com/security/cve/CVE-2021-47110.html * https://www.suse.com/security/cve/CVE-2021-47112.html * https://www.suse.com/security/cve/CVE-2021-47114.html * https://www.suse.com/security/cve/CVE-2021-47117.html * https://www.suse.com/security/cve/CVE-2021-47118.html * https://www.suse.com/security/cve/CVE-2021-47119.html * https://www.suse.com/security/cve/CVE-2021-47138.html * https://www.suse.com/security/cve/CVE-2021-47141.html * https://www.suse.com/security/cve/CVE-2021-47142.html * https://www.suse.com/security/cve/CVE-2021-47143.html * https://www.suse.com/security/cve/CVE-2021-47146.html * https://www.suse.com/security/cve/CVE-2021-47149.html * https://www.suse.com/security/cve/CVE-2021-47150.html * https://www.suse.com/security/cve/CVE-2021-47153.html * https://www.suse.com/security/cve/CVE-2021-47159.html * https://www.suse.com/security/cve/CVE-2021-47161.html * https://www.suse.com/security/cve/CVE-2021-47162.html * https://www.suse.com/security/cve/CVE-2021-47165.html * https://www.suse.com/security/cve/CVE-2021-47166.html * https://www.suse.com/security/cve/CVE-2021-47167.html * https://www.suse.com/security/cve/CVE-2021-47168.html * https://www.suse.com/security/cve/CVE-2021-47169.html * https://www.suse.com/security/cve/CVE-2021-47171.html * https://www.suse.com/security/cve/CVE-2021-47173.html * https://www.suse.com/security/cve/CVE-2021-47177.html * https://www.suse.com/security/cve/CVE-2021-47179.html * https://www.suse.com/security/cve/CVE-2021-47180.html * https://www.suse.com/security/cve/CVE-2021-47181.html * https://www.suse.com/security/cve/CVE-2021-47182.html * https://www.suse.com/security/cve/CVE-2021-47183.html * https://www.suse.com/security/cve/CVE-2021-47184.html * https://www.suse.com/security/cve/CVE-2021-47185.html * https://www.suse.com/security/cve/CVE-2021-47188.html * https://www.suse.com/security/cve/CVE-2021-47189.html * https://www.suse.com/security/cve/CVE-2021-47198.html * https://www.suse.com/security/cve/CVE-2021-47202.html * https://www.suse.com/security/cve/CVE-2021-47203.html * https://www.suse.com/security/cve/CVE-2021-47204.html * https://www.suse.com/security/cve/CVE-2021-47205.html * https://www.suse.com/security/cve/CVE-2021-47207.html * https://www.suse.com/security/cve/CVE-2021-47211.html * https://www.suse.com/security/cve/CVE-2021-47216.html * https://www.suse.com/security/cve/CVE-2021-47217.html * https://www.suse.com/security/cve/CVE-2022-0487.html * https://www.suse.com/security/cve/CVE-2022-48619.html * https://www.suse.com/security/cve/CVE-2022-48626.html * https://www.suse.com/security/cve/CVE-2022-48636.html * https://www.suse.com/security/cve/CVE-2022-48650.html * https://www.suse.com/security/cve/CVE-2022-48651.html * https://www.suse.com/security/cve/CVE-2022-48667.html * https://www.suse.com/security/cve/CVE-2022-48668.html * https://www.suse.com/security/cve/CVE-2022-48687.html * https://www.suse.com/security/cve/CVE-2022-48688.html * https://www.suse.com/security/cve/CVE-2022-48695.html * https://www.suse.com/security/cve/CVE-2022-48701.html * https://www.suse.com/security/cve/CVE-2023-0160.html * https://www.suse.com/security/cve/CVE-2023-28746.html * https://www.suse.com/security/cve/CVE-2023-35827.html * https://www.suse.com/security/cve/CVE-2023-52454.html * https://www.suse.com/security/cve/CVE-2023-52469.html * https://www.suse.com/security/cve/CVE-2023-52470.html * https://www.suse.com/security/cve/CVE-2023-52474.html * https://www.suse.com/security/cve/CVE-2023-52476.html * https://www.suse.com/security/cve/CVE-2023-52477.html * https://www.suse.com/security/cve/CVE-2023-52486.html * https://www.suse.com/security/cve/CVE-2023-52488.html * https://www.suse.com/security/cve/CVE-2023-52509.html * https://www.suse.com/security/cve/CVE-2023-52515.html * https://www.suse.com/security/cve/CVE-2023-52524.html * https://www.suse.com/security/cve/CVE-2023-52528.html * https://www.suse.com/security/cve/CVE-2023-52575.html * https://www.suse.com/security/cve/CVE-2023-52583.html * https://www.suse.com/security/cve/CVE-2023-52587.html * https://www.suse.com/security/cve/CVE-2023-52590.html * https://www.suse.com/security/cve/CVE-2023-52591.html * https://www.suse.com/security/cve/CVE-2023-52595.html * https://www.suse.com/security/cve/CVE-2023-52598.html * https://www.suse.com/security/cve/CVE-2023-52607.html * https://www.suse.com/security/cve/CVE-2023-52614.html * https://www.suse.com/security/cve/CVE-2023-52620.html * https://www.suse.com/security/cve/CVE-2023-52628.html * https://www.suse.com/security/cve/CVE-2023-52635.html * https://www.suse.com/security/cve/CVE-2023-52639.html * https://www.suse.com/security/cve/CVE-2023-52644.html * https://www.suse.com/security/cve/CVE-2023-52646.html * https://www.suse.com/security/cve/CVE-2023-52650.html * https://www.suse.com/security/cve/CVE-2023-52652.html * https://www.suse.com/security/cve/CVE-2023-52653.html * https://www.suse.com/security/cve/CVE-2023-6270.html * https://www.suse.com/security/cve/CVE-2023-6356.html * https://www.suse.com/security/cve/CVE-2023-6535.html * https://www.suse.com/security/cve/CVE-2023-6536.html * https://www.suse.com/security/cve/CVE-2023-7042.html * https://www.suse.com/security/cve/CVE-2023-7192.html * https://www.suse.com/security/cve/CVE-2024-2201.html * https://www.suse.com/security/cve/CVE-2024-22099.html * https://www.suse.com/security/cve/CVE-2024-23307.html * https://www.suse.com/security/cve/CVE-2024-23848.html * https://www.suse.com/security/cve/CVE-2024-24855.html * https://www.suse.com/security/cve/CVE-2024-24861.html * https://www.suse.com/security/cve/CVE-2024-26614.html * https://www.suse.com/security/cve/CVE-2024-26642.html * https://www.suse.com/security/cve/CVE-2024-26651.html * https://www.suse.com/security/cve/CVE-2024-26671.html * https://www.suse.com/security/cve/CVE-2024-26675.html * https://www.suse.com/security/cve/CVE-2024-26689.html * https://www.suse.com/security/cve/CVE-2024-26704.html * https://www.suse.com/security/cve/CVE-2024-26733.html * https://www.suse.com/security/cve/CVE-2024-26739.html * https://www.suse.com/security/cve/CVE-2024-26743.html * https://www.suse.com/security/cve/CVE-2024-26744.html * https://www.suse.com/security/cve/CVE-2024-26747.html * https://www.suse.com/security/cve/CVE-2024-26754.html * https://www.suse.com/security/cve/CVE-2024-26763.html * https://www.suse.com/security/cve/CVE-2024-26771.html * https://www.suse.com/security/cve/CVE-2024-26772.html * https://www.suse.com/security/cve/CVE-2024-26773.html * https://www.suse.com/security/cve/CVE-2024-26777.html * https://www.suse.com/security/cve/CVE-2024-26778.html * https://www.suse.com/security/cve/CVE-2024-26779.html * https://www.suse.com/security/cve/CVE-2024-26793.html * https://www.suse.com/security/cve/CVE-2024-26805.html * https://www.suse.com/security/cve/CVE-2024-26816.html * https://www.suse.com/security/cve/CVE-2024-26817.html * https://www.suse.com/security/cve/CVE-2024-26839.html * https://www.suse.com/security/cve/CVE-2024-26840.html * https://www.suse.com/security/cve/CVE-2024-26852.html * https://www.suse.com/security/cve/CVE-2024-26855.html * https://www.suse.com/security/cve/CVE-2024-26857.html * https://www.suse.com/security/cve/CVE-2024-26859.html * https://www.suse.com/security/cve/CVE-2024-26878.html * https://www.suse.com/security/cve/CVE-2024-26883.html * https://www.suse.com/security/cve/CVE-2024-26884.html * https://www.suse.com/security/cve/CVE-2024-26898.html * https://www.suse.com/security/cve/CVE-2024-26901.html * https://www.suse.com/security/cve/CVE-2024-26903.html * https://www.suse.com/security/cve/CVE-2024-26907.html * https://www.suse.com/security/cve/CVE-2024-26922.html * https://www.suse.com/security/cve/CVE-2024-26929.html * https://www.suse.com/security/cve/CVE-2024-26930.html * https://www.suse.com/security/cve/CVE-2024-26931.html * https://www.suse.com/security/cve/CVE-2024-26948.html * https://www.suse.com/security/cve/CVE-2024-26993.html * https://www.suse.com/security/cve/CVE-2024-27013.html * https://www.suse.com/security/cve/CVE-2024-27014.html * https://www.suse.com/security/cve/CVE-2024-27043.html * https://www.suse.com/security/cve/CVE-2024-27046.html * https://www.suse.com/security/cve/CVE-2024-27054.html * https://www.suse.com/security/cve/CVE-2024-27072.html * https://www.suse.com/security/cve/CVE-2024-27073.html * https://www.suse.com/security/cve/CVE-2024-27074.html * https://www.suse.com/security/cve/CVE-2024-27075.html * https://www.suse.com/security/cve/CVE-2024-27078.html * https://www.suse.com/security/cve/CVE-2024-27388.html * https://bugzilla.suse.com/show_bug.cgi?id=1084332 * https://bugzilla.suse.com/show_bug.cgi?id=1141539 * https://bugzilla.suse.com/show_bug.cgi?id=1184509 * https://bugzilla.suse.com/show_bug.cgi?id=1186060 * https://bugzilla.suse.com/show_bug.cgi?id=1190317 * https://bugzilla.suse.com/show_bug.cgi?id=1190576 * https://bugzilla.suse.com/show_bug.cgi?id=1192145 * https://bugzilla.suse.com/show_bug.cgi?id=1194516 * https://bugzilla.suse.com/show_bug.cgi?id=1203935 * https://bugzilla.suse.com/show_bug.cgi?id=1209657 * https://bugzilla.suse.com/show_bug.cgi?id=1211592 * https://bugzilla.suse.com/show_bug.cgi?id=1212514 * https://bugzilla.suse.com/show_bug.cgi?id=1213456 * https://bugzilla.suse.com/show_bug.cgi?id=1217339 * https://bugzilla.suse.com/show_bug.cgi?id=1217987 * https://bugzilla.suse.com/show_bug.cgi?id=1217988 * https://bugzilla.suse.com/show_bug.cgi?id=1217989 * https://bugzilla.suse.com/show_bug.cgi?id=1218220 * https://bugzilla.suse.com/show_bug.cgi?id=1218336 * https://bugzilla.suse.com/show_bug.cgi?id=1218479 * https://bugzilla.suse.com/show_bug.cgi?id=1218562 * https://bugzilla.suse.com/show_bug.cgi?id=1219104 * https://bugzilla.suse.com/show_bug.cgi?id=1219169 * https://bugzilla.suse.com/show_bug.cgi?id=1219170 * https://bugzilla.suse.com/show_bug.cgi?id=1219618 * https://bugzilla.suse.com/show_bug.cgi?id=1219623 * https://bugzilla.suse.com/show_bug.cgi?id=1219847 * https://bugzilla.suse.com/show_bug.cgi?id=1220320 * https://bugzilla.suse.com/show_bug.cgi?id=1220366 * https://bugzilla.suse.com/show_bug.cgi?id=1220394 * https://bugzilla.suse.com/show_bug.cgi?id=1220411 * https://bugzilla.suse.com/show_bug.cgi?id=1220416 * https://bugzilla.suse.com/show_bug.cgi?id=1220418 * https://bugzilla.suse.com/show_bug.cgi?id=1220422 * https://bugzilla.suse.com/show_bug.cgi?id=1220442 * https://bugzilla.suse.com/show_bug.cgi?id=1220445 * https://bugzilla.suse.com/show_bug.cgi?id=1220505 * https://bugzilla.suse.com/show_bug.cgi?id=1220521 * https://bugzilla.suse.com/show_bug.cgi?id=1220528 * https://bugzilla.suse.com/show_bug.cgi?id=1220536 * https://bugzilla.suse.com/show_bug.cgi?id=1220538 * https://bugzilla.suse.com/show_bug.cgi?id=1220554 * https://bugzilla.suse.com/show_bug.cgi?id=1220572 * https://bugzilla.suse.com/show_bug.cgi?id=1220580 * https://bugzilla.suse.com/show_bug.cgi?id=1220611 * https://bugzilla.suse.com/show_bug.cgi?id=1220625 * https://bugzilla.suse.com/show_bug.cgi?id=1220628 * https://bugzilla.suse.com/show_bug.cgi?id=1220637 * https://bugzilla.suse.com/show_bug.cgi?id=1220640 * https://bugzilla.suse.com/show_bug.cgi?id=1220662 * https://bugzilla.suse.com/show_bug.cgi?id=1220687 * https://bugzilla.suse.com/show_bug.cgi?id=1220692 * https://bugzilla.suse.com/show_bug.cgi?id=1220703 * https://bugzilla.suse.com/show_bug.cgi?id=1220706 * https://bugzilla.suse.com/show_bug.cgi?id=1220739 * https://bugzilla.suse.com/show_bug.cgi?id=1220742 * https://bugzilla.suse.com/show_bug.cgi?id=1220743 * https://bugzilla.suse.com/show_bug.cgi?id=1220745 * https://bugzilla.suse.com/show_bug.cgi?id=1220751 * https://bugzilla.suse.com/show_bug.cgi?id=1220768 * https://bugzilla.suse.com/show_bug.cgi?id=1220769 * https://bugzilla.suse.com/show_bug.cgi?id=1220777 * https://bugzilla.suse.com/show_bug.cgi?id=1220790 * https://bugzilla.suse.com/show_bug.cgi?id=1220794 * https://bugzilla.suse.com/show_bug.cgi?id=1220829 * https://bugzilla.suse.com/show_bug.cgi?id=1220836 * https://bugzilla.suse.com/show_bug.cgi?id=1220843 * https://bugzilla.suse.com/show_bug.cgi?id=1220846 * https://bugzilla.suse.com/show_bug.cgi?id=1220850 * https://bugzilla.suse.com/show_bug.cgi?id=1220871 * https://bugzilla.suse.com/show_bug.cgi?id=1220927 * https://bugzilla.suse.com/show_bug.cgi?id=1220960 * https://bugzilla.suse.com/show_bug.cgi?id=1220985 * https://bugzilla.suse.com/show_bug.cgi?id=1220987 * https://bugzilla.suse.com/show_bug.cgi?id=1221044 * https://bugzilla.suse.com/show_bug.cgi?id=1221046 * https://bugzilla.suse.com/show_bug.cgi?id=1221048 * https://bugzilla.suse.com/show_bug.cgi?id=1221058 * https://bugzilla.suse.com/show_bug.cgi?id=1221060 * https://bugzilla.suse.com/show_bug.cgi?id=1221061 * https://bugzilla.suse.com/show_bug.cgi?id=1221077 * https://bugzilla.suse.com/show_bug.cgi?id=1221082 * https://bugzilla.suse.com/show_bug.cgi?id=1221088 * https://bugzilla.suse.com/show_bug.cgi?id=1221162 * https://bugzilla.suse.com/show_bug.cgi?id=1221277 * https://bugzilla.suse.com/show_bug.cgi?id=1221293 * https://bugzilla.suse.com/show_bug.cgi?id=1221337 * https://bugzilla.suse.com/show_bug.cgi?id=1221532 * https://bugzilla.suse.com/show_bug.cgi?id=1221541 * https://bugzilla.suse.com/show_bug.cgi?id=1221548 * https://bugzilla.suse.com/show_bug.cgi?id=1221575 * https://bugzilla.suse.com/show_bug.cgi?id=1221605 * https://bugzilla.suse.com/show_bug.cgi?id=1221608 * https://bugzilla.suse.com/show_bug.cgi?id=1221617 * https://bugzilla.suse.com/show_bug.cgi?id=1221791 * https://bugzilla.suse.com/show_bug.cgi?id=1221816 * https://bugzilla.suse.com/show_bug.cgi?id=1221825 * https://bugzilla.suse.com/show_bug.cgi?id=1221830 * https://bugzilla.suse.com/show_bug.cgi?id=1221862 * https://bugzilla.suse.com/show_bug.cgi?id=1221934 * https://bugzilla.suse.com/show_bug.cgi?id=1221949 * https://bugzilla.suse.com/show_bug.cgi?id=1221952 * https://bugzilla.suse.com/show_bug.cgi?id=1221953 * https://bugzilla.suse.com/show_bug.cgi?id=1221965 * https://bugzilla.suse.com/show_bug.cgi?id=1221966 * https://bugzilla.suse.com/show_bug.cgi?id=1221967 * https://bugzilla.suse.com/show_bug.cgi?id=1221969 * https://bugzilla.suse.com/show_bug.cgi?id=1221972 * https://bugzilla.suse.com/show_bug.cgi?id=1221973 * https://bugzilla.suse.com/show_bug.cgi?id=1221977 * https://bugzilla.suse.com/show_bug.cgi?id=1221979 * https://bugzilla.suse.com/show_bug.cgi?id=1221988 * https://bugzilla.suse.com/show_bug.cgi?id=1221991 * https://bugzilla.suse.com/show_bug.cgi?id=1221993 * https://bugzilla.suse.com/show_bug.cgi?id=1221994 * https://bugzilla.suse.com/show_bug.cgi?id=1221997 * https://bugzilla.suse.com/show_bug.cgi?id=1221998 * https://bugzilla.suse.com/show_bug.cgi?id=1221999 * https://bugzilla.suse.com/show_bug.cgi?id=1222000 * https://bugzilla.suse.com/show_bug.cgi?id=1222001 * https://bugzilla.suse.com/show_bug.cgi?id=1222002 * https://bugzilla.suse.com/show_bug.cgi?id=1222117 * https://bugzilla.suse.com/show_bug.cgi?id=1222294 * https://bugzilla.suse.com/show_bug.cgi?id=1222300 * https://bugzilla.suse.com/show_bug.cgi?id=1222357 * https://bugzilla.suse.com/show_bug.cgi?id=1222379 * https://bugzilla.suse.com/show_bug.cgi?id=1222422 * https://bugzilla.suse.com/show_bug.cgi?id=1222428 * https://bugzilla.suse.com/show_bug.cgi?id=1222449 * https://bugzilla.suse.com/show_bug.cgi?id=1222503 * https://bugzilla.suse.com/show_bug.cgi?id=1222559 * https://bugzilla.suse.com/show_bug.cgi?id=1222585 * https://bugzilla.suse.com/show_bug.cgi?id=1222609 * https://bugzilla.suse.com/show_bug.cgi?id=1222610 * https://bugzilla.suse.com/show_bug.cgi?id=1222613 * https://bugzilla.suse.com/show_bug.cgi?id=1222618 * https://bugzilla.suse.com/show_bug.cgi?id=1222619 * https://bugzilla.suse.com/show_bug.cgi?id=1222624 * https://bugzilla.suse.com/show_bug.cgi?id=1222630 * https://bugzilla.suse.com/show_bug.cgi?id=1222632 * https://bugzilla.suse.com/show_bug.cgi?id=1222660 * https://bugzilla.suse.com/show_bug.cgi?id=1222662 * https://bugzilla.suse.com/show_bug.cgi?id=1222664 * https://bugzilla.suse.com/show_bug.cgi?id=1222666 * https://bugzilla.suse.com/show_bug.cgi?id=1222669 * https://bugzilla.suse.com/show_bug.cgi?id=1222671 * https://bugzilla.suse.com/show_bug.cgi?id=1222677 * https://bugzilla.suse.com/show_bug.cgi?id=1222706 * https://bugzilla.suse.com/show_bug.cgi?id=1222720 * https://bugzilla.suse.com/show_bug.cgi?id=1222765 * https://bugzilla.suse.com/show_bug.cgi?id=1222770 * https://bugzilla.suse.com/show_bug.cgi?id=1222772 * https://bugzilla.suse.com/show_bug.cgi?id=1222787 * https://bugzilla.suse.com/show_bug.cgi?id=1222790 * https://bugzilla.suse.com/show_bug.cgi?id=1222812 * https://bugzilla.suse.com/show_bug.cgi?id=1222836 * https://bugzilla.suse.com/show_bug.cgi?id=1222869 * https://bugzilla.suse.com/show_bug.cgi?id=1222876 * https://bugzilla.suse.com/show_bug.cgi?id=1222878 * https://bugzilla.suse.com/show_bug.cgi?id=1222881 * https://bugzilla.suse.com/show_bug.cgi?id=1222883 * https://bugzilla.suse.com/show_bug.cgi?id=1222888 * https://bugzilla.suse.com/show_bug.cgi?id=1222952 * https://bugzilla.suse.com/show_bug.cgi?id=1222961 * https://bugzilla.suse.com/show_bug.cgi?id=1222975 * https://bugzilla.suse.com/show_bug.cgi?id=1222976 * https://bugzilla.suse.com/show_bug.cgi?id=1223016 * https://bugzilla.suse.com/show_bug.cgi?id=1223035 * https://bugzilla.suse.com/show_bug.cgi?id=1223049 * https://bugzilla.suse.com/show_bug.cgi?id=1223051 * https://bugzilla.suse.com/show_bug.cgi?id=1223057 * https://bugzilla.suse.com/show_bug.cgi?id=1223058 * https://bugzilla.suse.com/show_bug.cgi?id=1223060 * https://bugzilla.suse.com/show_bug.cgi?id=1223187 * https://bugzilla.suse.com/show_bug.cgi?id=1223189 * https://bugzilla.suse.com/show_bug.cgi?id=1223198 * https://bugzilla.suse.com/show_bug.cgi?id=1223203 * https://bugzilla.suse.com/show_bug.cgi?id=1223315 * https://bugzilla.suse.com/show_bug.cgi?id=1223432 * https://bugzilla.suse.com/show_bug.cgi?id=1223509 * https://bugzilla.suse.com/show_bug.cgi?id=1223512 * https://bugzilla.suse.com/show_bug.cgi?id=1223513 * https://bugzilla.suse.com/show_bug.cgi?id=1223516 * https://bugzilla.suse.com/show_bug.cgi?id=1223518 * https://bugzilla.suse.com/show_bug.cgi?id=1223626 * https://bugzilla.suse.com/show_bug.cgi?id=1223627 * https://bugzilla.suse.com/show_bug.cgi?id=1223664 * https://bugzilla.suse.com/show_bug.cgi?id=1223686 * https://bugzilla.suse.com/show_bug.cgi?id=1223693 * https://bugzilla.suse.com/show_bug.cgi?id=1223712 * https://bugzilla.suse.com/show_bug.cgi?id=1223715 * https://bugzilla.suse.com/show_bug.cgi?id=1223735 * https://bugzilla.suse.com/show_bug.cgi?id=1223744 * https://bugzilla.suse.com/show_bug.cgi?id=1223745 * https://bugzilla.suse.com/show_bug.cgi?id=1223770 * https://bugzilla.suse.com/show_bug.cgi?id=1223781 * https://bugzilla.suse.com/show_bug.cgi?id=1223819 * https://bugzilla.suse.com/show_bug.cgi?id=1223824 * https://bugzilla.suse.com/show_bug.cgi?id=1223827 * https://bugzilla.suse.com/show_bug.cgi?id=1223837 * https://bugzilla.suse.com/show_bug.cgi?id=1223842 * https://bugzilla.suse.com/show_bug.cgi?id=1223843 * https://bugzilla.suse.com/show_bug.cgi?id=1223844 * https://bugzilla.suse.com/show_bug.cgi?id=1223883 * https://bugzilla.suse.com/show_bug.cgi?id=1223885 * https://bugzilla.suse.com/show_bug.cgi?id=1223921 * https://bugzilla.suse.com/show_bug.cgi?id=1223941 * https://bugzilla.suse.com/show_bug.cgi?id=1223952 * https://bugzilla.suse.com/show_bug.cgi?id=1223953 * https://bugzilla.suse.com/show_bug.cgi?id=1223954 * https://jira.suse.com/browse/PED-5759 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue May 14 16:30:56 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 14 May 2024 16:30:56 -0000 Subject: SUSE-SU-2024:1647-1: important: Security update for the Linux Kernel Message-ID: <171570425648.20442.10596116677061268552@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2024:1647-1 Rating: important References: * bsc#1190576 * bsc#1192145 * bsc#1192354 * bsc#1192837 * bsc#1193629 * bsc#1203906 * bsc#1203935 * bsc#1204614 * bsc#1206881 * bsc#1209657 * bsc#1215221 * bsc#1216223 * bsc#1218336 * bsc#1218479 * bsc#1218562 * bsc#1219104 * bsc#1219126 * bsc#1219169 * bsc#1219170 * bsc#1219264 * bsc#1220342 * bsc#1220703 * bsc#1220761 * bsc#1220883 * bsc#1221044 * bsc#1221061 * bsc#1221088 * bsc#1221293 * bsc#1221299 * bsc#1221612 * bsc#1221830 * bsc#1222117 * bsc#1222422 * bsc#1222430 * bsc#1222435 * bsc#1222482 * bsc#1222503 * bsc#1222536 * bsc#1222559 * bsc#1222585 * bsc#1222618 * bsc#1222624 * bsc#1222660 * bsc#1222662 * bsc#1222664 * bsc#1222666 * bsc#1222671 * bsc#1222703 * bsc#1222704 * bsc#1222706 * bsc#1222709 * bsc#1222721 * bsc#1222726 * bsc#1222773 * bsc#1222776 * bsc#1222785 * bsc#1222787 * bsc#1222790 * bsc#1222791 * bsc#1222792 * bsc#1222796 * bsc#1222824 * bsc#1222829 * bsc#1222832 * bsc#1222836 * bsc#1222838 * bsc#1222866 * bsc#1222867 * bsc#1222869 * bsc#1222876 * bsc#1222878 * bsc#1222879 * bsc#1222881 * bsc#1222883 * bsc#1222888 * bsc#1222894 * bsc#1222901 * bsc#1223016 * bsc#1223187 * bsc#1223380 * bsc#1223474 * bsc#1223475 * bsc#1223477 * bsc#1223479 * bsc#1223482 * bsc#1223484 * bsc#1223487 * bsc#1223503 * bsc#1223505 * bsc#1223509 * bsc#1223513 * bsc#1223516 * bsc#1223517 * bsc#1223518 * bsc#1223519 * bsc#1223522 * bsc#1223523 * bsc#1223705 * bsc#1223824 Cross-References: * CVE-2021-47047 * CVE-2021-47181 * CVE-2021-47182 * CVE-2021-47183 * CVE-2021-47184 * CVE-2021-47185 * CVE-2021-47187 * CVE-2021-47188 * CVE-2021-47189 * CVE-2021-47191 * CVE-2021-47192 * CVE-2021-47193 * CVE-2021-47194 * CVE-2021-47195 * CVE-2021-47196 * CVE-2021-47197 * CVE-2021-47198 * CVE-2021-47199 * CVE-2021-47200 * CVE-2021-47201 * CVE-2021-47202 * CVE-2021-47203 * CVE-2021-47204 * CVE-2021-47205 * CVE-2021-47206 * CVE-2021-47207 * CVE-2021-47209 * CVE-2021-47210 * CVE-2021-47211 * CVE-2021-47212 * CVE-2021-47215 * CVE-2021-47216 * CVE-2021-47217 * CVE-2021-47218 * CVE-2021-47219 * CVE-2022-48631 * CVE-2022-48637 * CVE-2022-48638 * CVE-2022-48647 * CVE-2022-48648 * CVE-2022-48650 * CVE-2022-48651 * CVE-2022-48653 * CVE-2022-48654 * CVE-2022-48655 * CVE-2022-48656 * CVE-2022-48657 * CVE-2022-48660 * CVE-2022-48662 * CVE-2022-48663 * CVE-2022-48667 * CVE-2022-48668 * CVE-2023-0160 * CVE-2023-52476 * CVE-2023-52500 * CVE-2023-52590 * CVE-2023-52591 * CVE-2023-52607 * CVE-2023-52616 * CVE-2023-52628 * CVE-2023-7042 * CVE-2023-7192 * CVE-2024-0841 * CVE-2024-22099 * CVE-2024-23307 * CVE-2024-23848 * CVE-2024-23850 * CVE-2024-26601 * CVE-2024-26610 * CVE-2024-26614 * CVE-2024-26642 * CVE-2024-26687 * CVE-2024-26688 * CVE-2024-26689 * CVE-2024-26704 * CVE-2024-26727 * CVE-2024-26733 * CVE-2024-26739 * CVE-2024-26764 * CVE-2024-26766 * CVE-2024-26773 * CVE-2024-26792 * CVE-2024-26816 * CVE-2024-26898 * CVE-2024-26903 * CVE-2024-27043 * CVE-2024-27389 CVSS scores: * CVE-2021-47181 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47182 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47183 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47184 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47185 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47187 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47188 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47189 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47191 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47193 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47193 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47194 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47194 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47195 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47195 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47196 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47197 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47198 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47198 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47199 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47200 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47201 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47202 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47203 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47204 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47205 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47206 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47207 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47209 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47210 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47211 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47212 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47215 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47216 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2021-47217 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47218 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47219 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2022-48631 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48637 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48638 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48647 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48648 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48650 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48651 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48653 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-48654 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2022-48655 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2022-48655 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48656 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-48657 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-48660 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-48660 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48662 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48662 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48663 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48667 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2022-48668 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2023-0160 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-0160 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52476 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52500 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2023-52590 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2023-52591 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2023-52607 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52616 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52628 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-7042 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-7042 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-7192 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-7192 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0841 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0841 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-22099 ( SUSE ): 5.3 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-22099 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-23307 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23848 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2024-23848 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-23850 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-23850 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26601 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26601 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26610 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-26614 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26642 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26687 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26688 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26689 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26704 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26727 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26733 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26739 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26764 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-26766 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26773 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26792 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26816 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-26898 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26898 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26903 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26903 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27043 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-27389 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap Micro 5.3 * openSUSE Leap Micro 5.4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 An update that solves 87 vulnerabilities and has 12 security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP4 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2024-27389: Fixed pstore inode handling with d_invalidate() (bsc#1223705). * CVE-2024-27043: Fixed a use-after-free in edia/dvbdev in different places (bsc#1223824). * CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5 modules (bsc#1219169). * CVE-2024-23848: Fixed media/cec for possible use-after-free in cec_queue_msg_fh (bsc#1219104). * CVE-2022-48662: Fixed a general protection fault (GPF) in i915_perf_open_ioctl (bsc#1223505). * CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223513). * CVE-2023-52616: Fixed unexpected pointer access in crypto/lib/mpi in mpi_ec_init (bsc#1221612). * CVE-2024-26816: Fixed relocations in .notes section when building with CONFIG_XEN_PV=y by ignoring them (bsc#1222624). * CVE-2021-47207: Fixed a null pointer dereference on pointer block in gus (bsc#1222790). * CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221299). * CVE-2024-26687: Fixed xen/events close evtchn after mapping cleanup (bsc#1222435). * CVE-2024-26601: Fixed ext4 buddy bitmap corruption via fast commit replay (bsc#1220342). * CVE-2024-26764: Fixed IOCB_AIO_RW check in fs/aio before the struct aio_kiocb conversion (bsc#1222721). * CVE-2024-26773: Fixed ext4 block allocation from corrupted group in ext4_mb_try_best_found() (bsc#1222618). * CVE-2024-26766: Fixed SDMA off-by-one error in _pad_sdma_tx_descs() (bsc#1222726). * CVE-2024-26689: Fixed a use-after-free in encode_cap_msg() (bsc#1222503). * CVE-2024-26704: Fixed a double-free of blocks due to wrong extents moved_len in ext4 (bsc#1222422). * CVE-2023-52500: Fixed information leaking when processing OPC_INB_SET_CONTROLLER_CONFIG command (bsc#1220883). * CVE-2023-0160: Fixed deadlock flaw in BPF that could allow a local user to potentially crash the system (bsc#1209657). * CVE-2024-26642: Fixed the set of anonymous timeout flag in netfilter nf_tables (bsc#1221830). * CVE-2023-7192: Fixed a memory leak problem in ctnetlink_create_conntrack in net/netfilter/nf_conntrack_netlink.c (bsc#1218479). * CVE-2024-26614: Fixed the initialization of accept_queue's spinlocks (bsc#1221293). * CVE-2023-52607: Fixed NULL pointer dereference in pgtable_cache_add kasprintf() (bsc#1221061). * CVE-2023-7042: Fixed a null-pointer-dereference in ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() (bsc#1218336). * CVE-2023-52476: Fixed possible unhandled page fault via perf sampling NMI during vsyscall (bsc#1220703). The following non-security bugs were fixed: * Call flush_delayed_fput() from nfsd main-loop (bsc#1223380). * ibmvfc: make 'max_sectors' a module option (bsc#1216223). * scsi: Update max_hw_sectors on rescan (bsc#1216223). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-1647=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-1647=1 * openSUSE Leap Micro 5.3 zypper in -t patch openSUSE-Leap-Micro-5.3-2024-1647=1 * openSUSE Leap Micro 5.4 zypper in -t patch openSUSE-Leap-Micro-5.4-2024-1647=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-1647=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-1647=1 ## Package List: * SUSE Linux Enterprise Micro for Rancher 5.4 (nosrc x86_64) * kernel-rt-5.14.21-150400.15.79.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (x86_64) * kernel-rt-debugsource-5.14.21-150400.15.79.1 * kernel-rt-debuginfo-5.14.21-150400.15.79.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (noarch) * kernel-source-rt-5.14.21-150400.15.79.1 * SUSE Linux Enterprise Micro 5.4 (nosrc x86_64) * kernel-rt-5.14.21-150400.15.79.1 * SUSE Linux Enterprise Micro 5.4 (x86_64) * kernel-rt-debugsource-5.14.21-150400.15.79.1 * kernel-rt-debuginfo-5.14.21-150400.15.79.1 * SUSE Linux Enterprise Micro 5.4 (noarch) * kernel-source-rt-5.14.21-150400.15.79.1 * openSUSE Leap Micro 5.3 (nosrc x86_64) * kernel-rt-5.14.21-150400.15.79.1 * openSUSE Leap Micro 5.3 (x86_64) * kernel-rt-debugsource-5.14.21-150400.15.79.1 * kernel-rt-debuginfo-5.14.21-150400.15.79.1 * openSUSE Leap Micro 5.4 (nosrc x86_64) * kernel-rt-5.14.21-150400.15.79.1 * openSUSE Leap Micro 5.4 (x86_64) * kernel-rt-debugsource-5.14.21-150400.15.79.1 * kernel-rt-debuginfo-5.14.21-150400.15.79.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (nosrc x86_64) * kernel-rt-5.14.21-150400.15.79.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (x86_64) * kernel-rt-debugsource-5.14.21-150400.15.79.1 * kernel-rt-debuginfo-5.14.21-150400.15.79.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (noarch) * kernel-source-rt-5.14.21-150400.15.79.1 * SUSE Linux Enterprise Micro 5.3 (nosrc x86_64) * kernel-rt-5.14.21-150400.15.79.1 * SUSE Linux Enterprise Micro 5.3 (x86_64) * kernel-rt-debugsource-5.14.21-150400.15.79.1 * kernel-rt-debuginfo-5.14.21-150400.15.79.1 * SUSE Linux Enterprise Micro 5.3 (noarch) * kernel-source-rt-5.14.21-150400.15.79.1 ## References: * https://www.suse.com/security/cve/CVE-2021-47047.html * https://www.suse.com/security/cve/CVE-2021-47181.html * https://www.suse.com/security/cve/CVE-2021-47182.html * https://www.suse.com/security/cve/CVE-2021-47183.html * https://www.suse.com/security/cve/CVE-2021-47184.html * https://www.suse.com/security/cve/CVE-2021-47185.html * https://www.suse.com/security/cve/CVE-2021-47187.html * https://www.suse.com/security/cve/CVE-2021-47188.html * https://www.suse.com/security/cve/CVE-2021-47189.html * https://www.suse.com/security/cve/CVE-2021-47191.html * https://www.suse.com/security/cve/CVE-2021-47192.html * https://www.suse.com/security/cve/CVE-2021-47193.html * https://www.suse.com/security/cve/CVE-2021-47194.html * https://www.suse.com/security/cve/CVE-2021-47195.html * https://www.suse.com/security/cve/CVE-2021-47196.html * https://www.suse.com/security/cve/CVE-2021-47197.html * https://www.suse.com/security/cve/CVE-2021-47198.html * https://www.suse.com/security/cve/CVE-2021-47199.html * https://www.suse.com/security/cve/CVE-2021-47200.html * https://www.suse.com/security/cve/CVE-2021-47201.html * https://www.suse.com/security/cve/CVE-2021-47202.html * https://www.suse.com/security/cve/CVE-2021-47203.html * https://www.suse.com/security/cve/CVE-2021-47204.html * https://www.suse.com/security/cve/CVE-2021-47205.html * https://www.suse.com/security/cve/CVE-2021-47206.html * https://www.suse.com/security/cve/CVE-2021-47207.html * https://www.suse.com/security/cve/CVE-2021-47209.html * https://www.suse.com/security/cve/CVE-2021-47210.html * https://www.suse.com/security/cve/CVE-2021-47211.html * https://www.suse.com/security/cve/CVE-2021-47212.html * https://www.suse.com/security/cve/CVE-2021-47215.html * https://www.suse.com/security/cve/CVE-2021-47216.html * https://www.suse.com/security/cve/CVE-2021-47217.html * https://www.suse.com/security/cve/CVE-2021-47218.html * https://www.suse.com/security/cve/CVE-2021-47219.html * https://www.suse.com/security/cve/CVE-2022-48631.html * https://www.suse.com/security/cve/CVE-2022-48637.html * https://www.suse.com/security/cve/CVE-2022-48638.html * https://www.suse.com/security/cve/CVE-2022-48647.html * https://www.suse.com/security/cve/CVE-2022-48648.html * https://www.suse.com/security/cve/CVE-2022-48650.html * https://www.suse.com/security/cve/CVE-2022-48651.html * https://www.suse.com/security/cve/CVE-2022-48653.html * https://www.suse.com/security/cve/CVE-2022-48654.html * https://www.suse.com/security/cve/CVE-2022-48655.html * https://www.suse.com/security/cve/CVE-2022-48656.html * https://www.suse.com/security/cve/CVE-2022-48657.html * https://www.suse.com/security/cve/CVE-2022-48660.html * https://www.suse.com/security/cve/CVE-2022-48662.html * https://www.suse.com/security/cve/CVE-2022-48663.html * https://www.suse.com/security/cve/CVE-2022-48667.html * https://www.suse.com/security/cve/CVE-2022-48668.html * https://www.suse.com/security/cve/CVE-2023-0160.html * https://www.suse.com/security/cve/CVE-2023-52476.html * https://www.suse.com/security/cve/CVE-2023-52500.html * https://www.suse.com/security/cve/CVE-2023-52590.html * https://www.suse.com/security/cve/CVE-2023-52591.html * https://www.suse.com/security/cve/CVE-2023-52607.html * https://www.suse.com/security/cve/CVE-2023-52616.html * https://www.suse.com/security/cve/CVE-2023-52628.html * https://www.suse.com/security/cve/CVE-2023-7042.html * https://www.suse.com/security/cve/CVE-2023-7192.html * https://www.suse.com/security/cve/CVE-2024-0841.html * https://www.suse.com/security/cve/CVE-2024-22099.html * https://www.suse.com/security/cve/CVE-2024-23307.html * https://www.suse.com/security/cve/CVE-2024-23848.html * https://www.suse.com/security/cve/CVE-2024-23850.html * https://www.suse.com/security/cve/CVE-2024-26601.html * https://www.suse.com/security/cve/CVE-2024-26610.html * https://www.suse.com/security/cve/CVE-2024-26614.html * https://www.suse.com/security/cve/CVE-2024-26642.html * https://www.suse.com/security/cve/CVE-2024-26687.html * https://www.suse.com/security/cve/CVE-2024-26688.html * https://www.suse.com/security/cve/CVE-2024-26689.html * https://www.suse.com/security/cve/CVE-2024-26704.html * https://www.suse.com/security/cve/CVE-2024-26727.html * https://www.suse.com/security/cve/CVE-2024-26733.html * https://www.suse.com/security/cve/CVE-2024-26739.html * https://www.suse.com/security/cve/CVE-2024-26764.html * https://www.suse.com/security/cve/CVE-2024-26766.html * https://www.suse.com/security/cve/CVE-2024-26773.html * https://www.suse.com/security/cve/CVE-2024-26792.html * https://www.suse.com/security/cve/CVE-2024-26816.html * https://www.suse.com/security/cve/CVE-2024-26898.html * https://www.suse.com/security/cve/CVE-2024-26903.html * https://www.suse.com/security/cve/CVE-2024-27043.html * https://www.suse.com/security/cve/CVE-2024-27389.html * https://bugzilla.suse.com/show_bug.cgi?id=1190576 * https://bugzilla.suse.com/show_bug.cgi?id=1192145 * https://bugzilla.suse.com/show_bug.cgi?id=1192354 * https://bugzilla.suse.com/show_bug.cgi?id=1192837 * https://bugzilla.suse.com/show_bug.cgi?id=1193629 * https://bugzilla.suse.com/show_bug.cgi?id=1203906 * https://bugzilla.suse.com/show_bug.cgi?id=1203935 * https://bugzilla.suse.com/show_bug.cgi?id=1204614 * https://bugzilla.suse.com/show_bug.cgi?id=1206881 * https://bugzilla.suse.com/show_bug.cgi?id=1209657 * https://bugzilla.suse.com/show_bug.cgi?id=1215221 * https://bugzilla.suse.com/show_bug.cgi?id=1216223 * https://bugzilla.suse.com/show_bug.cgi?id=1218336 * https://bugzilla.suse.com/show_bug.cgi?id=1218479 * https://bugzilla.suse.com/show_bug.cgi?id=1218562 * https://bugzilla.suse.com/show_bug.cgi?id=1219104 * https://bugzilla.suse.com/show_bug.cgi?id=1219126 * https://bugzilla.suse.com/show_bug.cgi?id=1219169 * https://bugzilla.suse.com/show_bug.cgi?id=1219170 * https://bugzilla.suse.com/show_bug.cgi?id=1219264 * https://bugzilla.suse.com/show_bug.cgi?id=1220342 * https://bugzilla.suse.com/show_bug.cgi?id=1220703 * https://bugzilla.suse.com/show_bug.cgi?id=1220761 * https://bugzilla.suse.com/show_bug.cgi?id=1220883 * https://bugzilla.suse.com/show_bug.cgi?id=1221044 * https://bugzilla.suse.com/show_bug.cgi?id=1221061 * https://bugzilla.suse.com/show_bug.cgi?id=1221088 * https://bugzilla.suse.com/show_bug.cgi?id=1221293 * https://bugzilla.suse.com/show_bug.cgi?id=1221299 * https://bugzilla.suse.com/show_bug.cgi?id=1221612 * https://bugzilla.suse.com/show_bug.cgi?id=1221830 * https://bugzilla.suse.com/show_bug.cgi?id=1222117 * https://bugzilla.suse.com/show_bug.cgi?id=1222422 * https://bugzilla.suse.com/show_bug.cgi?id=1222430 * https://bugzilla.suse.com/show_bug.cgi?id=1222435 * https://bugzilla.suse.com/show_bug.cgi?id=1222482 * https://bugzilla.suse.com/show_bug.cgi?id=1222503 * https://bugzilla.suse.com/show_bug.cgi?id=1222536 * https://bugzilla.suse.com/show_bug.cgi?id=1222559 * https://bugzilla.suse.com/show_bug.cgi?id=1222585 * https://bugzilla.suse.com/show_bug.cgi?id=1222618 * https://bugzilla.suse.com/show_bug.cgi?id=1222624 * https://bugzilla.suse.com/show_bug.cgi?id=1222660 * https://bugzilla.suse.com/show_bug.cgi?id=1222662 * https://bugzilla.suse.com/show_bug.cgi?id=1222664 * https://bugzilla.suse.com/show_bug.cgi?id=1222666 * https://bugzilla.suse.com/show_bug.cgi?id=1222671 * https://bugzilla.suse.com/show_bug.cgi?id=1222703 * https://bugzilla.suse.com/show_bug.cgi?id=1222704 * https://bugzilla.suse.com/show_bug.cgi?id=1222706 * https://bugzilla.suse.com/show_bug.cgi?id=1222709 * https://bugzilla.suse.com/show_bug.cgi?id=1222721 * https://bugzilla.suse.com/show_bug.cgi?id=1222726 * https://bugzilla.suse.com/show_bug.cgi?id=1222773 * https://bugzilla.suse.com/show_bug.cgi?id=1222776 * https://bugzilla.suse.com/show_bug.cgi?id=1222785 * https://bugzilla.suse.com/show_bug.cgi?id=1222787 * https://bugzilla.suse.com/show_bug.cgi?id=1222790 * https://bugzilla.suse.com/show_bug.cgi?id=1222791 * https://bugzilla.suse.com/show_bug.cgi?id=1222792 * https://bugzilla.suse.com/show_bug.cgi?id=1222796 * https://bugzilla.suse.com/show_bug.cgi?id=1222824 * https://bugzilla.suse.com/show_bug.cgi?id=1222829 * https://bugzilla.suse.com/show_bug.cgi?id=1222832 * https://bugzilla.suse.com/show_bug.cgi?id=1222836 * https://bugzilla.suse.com/show_bug.cgi?id=1222838 * https://bugzilla.suse.com/show_bug.cgi?id=1222866 * https://bugzilla.suse.com/show_bug.cgi?id=1222867 * https://bugzilla.suse.com/show_bug.cgi?id=1222869 * https://bugzilla.suse.com/show_bug.cgi?id=1222876 * https://bugzilla.suse.com/show_bug.cgi?id=1222878 * https://bugzilla.suse.com/show_bug.cgi?id=1222879 * https://bugzilla.suse.com/show_bug.cgi?id=1222881 * https://bugzilla.suse.com/show_bug.cgi?id=1222883 * https://bugzilla.suse.com/show_bug.cgi?id=1222888 * https://bugzilla.suse.com/show_bug.cgi?id=1222894 * https://bugzilla.suse.com/show_bug.cgi?id=1222901 * https://bugzilla.suse.com/show_bug.cgi?id=1223016 * https://bugzilla.suse.com/show_bug.cgi?id=1223187 * https://bugzilla.suse.com/show_bug.cgi?id=1223380 * https://bugzilla.suse.com/show_bug.cgi?id=1223474 * https://bugzilla.suse.com/show_bug.cgi?id=1223475 * https://bugzilla.suse.com/show_bug.cgi?id=1223477 * https://bugzilla.suse.com/show_bug.cgi?id=1223479 * https://bugzilla.suse.com/show_bug.cgi?id=1223482 * https://bugzilla.suse.com/show_bug.cgi?id=1223484 * https://bugzilla.suse.com/show_bug.cgi?id=1223487 * https://bugzilla.suse.com/show_bug.cgi?id=1223503 * https://bugzilla.suse.com/show_bug.cgi?id=1223505 * https://bugzilla.suse.com/show_bug.cgi?id=1223509 * https://bugzilla.suse.com/show_bug.cgi?id=1223513 * https://bugzilla.suse.com/show_bug.cgi?id=1223516 * https://bugzilla.suse.com/show_bug.cgi?id=1223517 * https://bugzilla.suse.com/show_bug.cgi?id=1223518 * https://bugzilla.suse.com/show_bug.cgi?id=1223519 * https://bugzilla.suse.com/show_bug.cgi?id=1223522 * https://bugzilla.suse.com/show_bug.cgi?id=1223523 * https://bugzilla.suse.com/show_bug.cgi?id=1223705 * https://bugzilla.suse.com/show_bug.cgi?id=1223824 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue May 14 16:31:30 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 14 May 2024 16:31:30 -0000 Subject: SUSE-SU-2024:1646-1: important: Security update for the Linux Kernel Message-ID: <171570429073.20442.2760327968642931128@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2024:1646-1 Rating: important References: * bsc#1141539 * bsc#1190317 * bsc#1190576 * bsc#1192145 * bsc#1194516 * bsc#1203935 * bsc#1209657 * bsc#1211592 * bsc#1217339 * bsc#1217987 * bsc#1217988 * bsc#1217989 * bsc#1218220 * bsc#1218336 * bsc#1218479 * bsc#1218562 * bsc#1219104 * bsc#1219169 * bsc#1219170 * bsc#1219618 * bsc#1219623 * bsc#1219847 * bsc#1220320 * bsc#1220366 * bsc#1220394 * bsc#1220411 * bsc#1220413 * bsc#1220416 * bsc#1220418 * bsc#1220442 * bsc#1220445 * bsc#1220521 * bsc#1220528 * bsc#1220536 * bsc#1220538 * bsc#1220554 * bsc#1220572 * bsc#1220580 * bsc#1220611 * bsc#1220625 * bsc#1220628 * bsc#1220637 * bsc#1220640 * bsc#1220662 * bsc#1220687 * bsc#1220692 * bsc#1220703 * bsc#1220706 * bsc#1220739 * bsc#1220742 * bsc#1220743 * bsc#1220745 * bsc#1220751 * bsc#1220768 * bsc#1220769 * bsc#1220777 * bsc#1220790 * bsc#1220794 * bsc#1220829 * bsc#1220836 * bsc#1220843 * bsc#1220846 * bsc#1220850 * bsc#1220871 * bsc#1220927 * bsc#1220960 * bsc#1220985 * bsc#1220987 * bsc#1221044 * bsc#1221046 * bsc#1221048 * bsc#1221058 * bsc#1221060 * bsc#1221061 * bsc#1221077 * bsc#1221082 * bsc#1221088 * bsc#1221162 * bsc#1221277 * bsc#1221293 * bsc#1221337 * bsc#1221532 * bsc#1221541 * bsc#1221548 * bsc#1221575 * bsc#1221605 * bsc#1221608 * bsc#1221617 * bsc#1221791 * bsc#1221816 * bsc#1221825 * bsc#1221830 * bsc#1221862 * bsc#1221934 * bsc#1221949 * bsc#1221952 * bsc#1221953 * bsc#1221965 * bsc#1221966 * bsc#1221967 * bsc#1221969 * bsc#1221972 * bsc#1221973 * bsc#1221977 * bsc#1221979 * bsc#1221988 * bsc#1221991 * bsc#1221993 * bsc#1221994 * bsc#1221997 * bsc#1221998 * bsc#1221999 * bsc#1222000 * bsc#1222001 * bsc#1222002 * bsc#1222117 * bsc#1222294 * bsc#1222300 * bsc#1222357 * bsc#1222379 * bsc#1222422 * bsc#1222428 * bsc#1222449 * bsc#1222503 * bsc#1222559 * bsc#1222585 * bsc#1222609 * bsc#1222610 * bsc#1222613 * bsc#1222618 * bsc#1222619 * bsc#1222624 * bsc#1222630 * bsc#1222632 * bsc#1222660 * bsc#1222662 * bsc#1222664 * bsc#1222666 * bsc#1222669 * bsc#1222671 * bsc#1222677 * bsc#1222706 * bsc#1222720 * bsc#1222765 * bsc#1222770 * bsc#1222772 * bsc#1222787 * bsc#1222790 * bsc#1222812 * bsc#1222836 * bsc#1222869 * bsc#1222876 * bsc#1222878 * bsc#1222881 * bsc#1222883 * bsc#1222888 * bsc#1222961 * bsc#1222975 * bsc#1222976 * bsc#1223016 * bsc#1223035 * bsc#1223049 * bsc#1223051 * bsc#1223057 * bsc#1223058 * bsc#1223060 * bsc#1223187 * bsc#1223189 * bsc#1223198 * bsc#1223203 * bsc#1223315 * bsc#1223432 * bsc#1223509 * bsc#1223512 * bsc#1223513 * bsc#1223516 * bsc#1223518 * bsc#1223626 * bsc#1223627 * bsc#1223664 * bsc#1223686 * bsc#1223693 * bsc#1223712 * bsc#1223715 * bsc#1223735 * bsc#1223744 * bsc#1223745 * bsc#1223770 * bsc#1223781 * bsc#1223819 * bsc#1223824 * bsc#1223827 * bsc#1223837 * bsc#1223842 * bsc#1223843 * bsc#1223844 * bsc#1223883 * bsc#1223885 * bsc#1223921 * bsc#1223941 * bsc#1223952 * bsc#1223953 * bsc#1223954 * jsc#PED-5759 Cross-References: * CVE-2019-25160 * CVE-2021-46904 * CVE-2021-46905 * CVE-2021-46909 * CVE-2021-46938 * CVE-2021-46939 * CVE-2021-46941 * CVE-2021-46950 * CVE-2021-46958 * CVE-2021-46960 * CVE-2021-46963 * CVE-2021-46964 * CVE-2021-46966 * CVE-2021-46981 * CVE-2021-46988 * CVE-2021-46990 * CVE-2021-46998 * CVE-2021-47006 * CVE-2021-47015 * CVE-2021-47024 * CVE-2021-47034 * CVE-2021-47045 * CVE-2021-47049 * CVE-2021-47055 * CVE-2021-47056 * CVE-2021-47060 * CVE-2021-47061 * CVE-2021-47063 * CVE-2021-47068 * CVE-2021-47070 * CVE-2021-47071 * CVE-2021-47073 * CVE-2021-47100 * CVE-2021-47101 * CVE-2021-47104 * CVE-2021-47110 * CVE-2021-47112 * CVE-2021-47114 * CVE-2021-47117 * CVE-2021-47118 * CVE-2021-47119 * CVE-2021-47138 * CVE-2021-47141 * CVE-2021-47142 * CVE-2021-47143 * CVE-2021-47146 * CVE-2021-47149 * CVE-2021-47150 * CVE-2021-47153 * CVE-2021-47159 * CVE-2021-47161 * CVE-2021-47162 * CVE-2021-47165 * CVE-2021-47166 * CVE-2021-47167 * CVE-2021-47168 * CVE-2021-47169 * CVE-2021-47171 * CVE-2021-47173 * CVE-2021-47177 * CVE-2021-47179 * CVE-2021-47180 * CVE-2021-47181 * CVE-2021-47182 * CVE-2021-47183 * CVE-2021-47184 * CVE-2021-47185 * CVE-2021-47188 * CVE-2021-47189 * CVE-2021-47198 * CVE-2021-47202 * CVE-2021-47203 * CVE-2021-47204 * CVE-2021-47205 * CVE-2021-47207 * CVE-2021-47211 * CVE-2021-47216 * CVE-2021-47217 * CVE-2022-0487 * CVE-2022-48619 * CVE-2022-48626 * CVE-2022-48636 * CVE-2022-48650 * CVE-2022-48651 * CVE-2022-48667 * CVE-2022-48668 * CVE-2022-48687 * CVE-2022-48688 * CVE-2022-48695 * CVE-2022-48701 * CVE-2023-0160 * CVE-2023-52454 * CVE-2023-52469 * CVE-2023-52470 * CVE-2023-52474 * CVE-2023-52476 * CVE-2023-52477 * CVE-2023-52486 * CVE-2023-52488 * CVE-2023-52509 * CVE-2023-52515 * CVE-2023-52524 * CVE-2023-52528 * CVE-2023-52575 * CVE-2023-52583 * CVE-2023-52587 * CVE-2023-52590 * CVE-2023-52591 * CVE-2023-52595 * CVE-2023-52598 * CVE-2023-52607 * CVE-2023-52614 * CVE-2023-52620 * CVE-2023-52628 * CVE-2023-52635 * CVE-2023-52639 * CVE-2023-52644 * CVE-2023-52646 * CVE-2023-52650 * CVE-2023-52652 * CVE-2023-52653 * CVE-2023-6270 * CVE-2023-6356 * CVE-2023-6535 * CVE-2023-6536 * CVE-2023-7042 * CVE-2023-7192 * CVE-2024-2201 * CVE-2024-22099 * CVE-2024-23307 * CVE-2024-23848 * CVE-2024-24855 * CVE-2024-24861 * CVE-2024-26614 * CVE-2024-26642 * CVE-2024-26651 * CVE-2024-26671 * CVE-2024-26675 * CVE-2024-26689 * CVE-2024-26704 * CVE-2024-26733 * CVE-2024-26739 * CVE-2024-26743 * CVE-2024-26744 * CVE-2024-26747 * CVE-2024-26754 * CVE-2024-26763 * CVE-2024-26771 * CVE-2024-26772 * CVE-2024-26773 * CVE-2024-26777 * CVE-2024-26778 * CVE-2024-26779 * CVE-2024-26793 * CVE-2024-26805 * CVE-2024-26816 * CVE-2024-26817 * CVE-2024-26839 * CVE-2024-26840 * CVE-2024-26852 * CVE-2024-26855 * CVE-2024-26857 * CVE-2024-26859 * CVE-2024-26878 * CVE-2024-26883 * CVE-2024-26884 * CVE-2024-26898 * CVE-2024-26901 * CVE-2024-26903 * CVE-2024-26907 * CVE-2024-26922 * CVE-2024-26929 * CVE-2024-26930 * CVE-2024-26931 * CVE-2024-26948 * CVE-2024-26993 * CVE-2024-27013 * CVE-2024-27014 * CVE-2024-27043 * CVE-2024-27046 * CVE-2024-27054 * CVE-2024-27072 * CVE-2024-27073 * CVE-2024-27074 * CVE-2024-27075 * CVE-2024-27078 * CVE-2024-27388 CVSS scores: * CVE-2019-25160 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2019-25160 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2021-46904 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46904 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46905 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2021-46905 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46909 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46909 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46938 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-46939 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46939 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46941 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46941 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46950 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N * CVE-2021-46950 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-46958 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46960 ( SUSE ): 2.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L * CVE-2021-46963 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46964 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46981 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46988 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46990 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46998 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47006 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47024 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47045 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47049 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47056 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47060 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47061 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47063 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47068 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47070 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2021-47071 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2021-47073 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47100 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47101 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2021-47104 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2021-47110 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47112 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2021-47114 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47117 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47118 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47119 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47138 ( SUSE ): 4.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2021-47141 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47142 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47143 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47146 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47149 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47150 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47153 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47159 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47161 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47162 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47165 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47166 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47167 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47168 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47169 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47171 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47173 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47177 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47179 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47180 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47181 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47182 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47183 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47184 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47185 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47188 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47189 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47198 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47198 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47202 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47203 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47204 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47205 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47207 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47211 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47216 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2021-47217 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-0487 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-0487 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2022-48619 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48619 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48626 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2022-48626 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48636 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48650 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48651 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48667 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2022-48668 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2022-48687 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2022-48688 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48695 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48701 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2023-0160 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-0160 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52454 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52454 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52469 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2023-52469 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52470 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52470 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52474 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N * CVE-2023-52474 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52476 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52477 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52486 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52488 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52509 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52515 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52524 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52528 ( SUSE ): 3.5 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L * CVE-2023-52575 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52583 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52587 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52590 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2023-52591 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2023-52595 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52598 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52607 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52614 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2023-52620 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52628 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52635 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52639 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52644 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52646 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52650 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52652 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2023-52653 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2023-6270 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6270 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6356 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6356 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6535 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6535 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6536 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6536 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-7042 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-7042 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-7192 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-7192 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-2201 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-22099 ( SUSE ): 5.3 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-22099 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-23307 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23848 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2024-23848 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-24855 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-24855 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-24861 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-24861 ( NVD ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-26614 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26642 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26651 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26671 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26675 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26689 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26704 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26733 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26739 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26743 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-26744 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26747 ( SUSE ): 4.3 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26754 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26763 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2024-26771 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26772 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26773 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26777 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26778 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26779 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26793 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26805 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26816 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-26817 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26839 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-26840 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-26852 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26855 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26857 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26859 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26878 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26883 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26883 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26884 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26884 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26898 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26898 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26901 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2024-26901 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26903 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26903 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26907 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26907 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26922 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26929 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26930 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26931 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26948 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26993 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27013 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27014 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27043 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-27046 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27054 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27072 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27073 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27074 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27075 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27078 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27388 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Real Time 12 SP5 * SUSE Linux Enterprise Server 12 SP5 An update that solves 187 vulnerabilities, contains one feature and has 16 security fixes can now be installed. ## Description: The SUSE Linux Enterprise 12 SP5 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2019-25160: Fixed out-of-bounds memory accesses in netlabel (bsc#1220394). * CVE-2021-46904: Fixed NULL pointer dereference during tty device unregistration (bsc#1220416). * CVE-2021-46905: Fixed NULL pointer dereference on disconnect regression (bsc#1220418). * CVE-2021-46909: Fixed a PCI interrupt mapping in ARM footbridge (bsc#1220442). * CVE-2021-46938: Fixed a double free of blk_mq_tag_set in dev remove after table load fails in dm rq (bsc#1220554). * CVE-2021-46939: Fixed a denial of service in trace_clock_global() in tracing (bsc#1220580). * CVE-2021-46941: Fixed core softreset when switch mode in usb dwc3 (bsc#1220628). * CVE-2021-46950: Fixed a data corruption bug in raid1 arrays using bitmaps in md/raid1 (bsc#1220662). * CVE-2021-46958: Fixed a race between transaction aborts and fsyncs leading to use-after-free in btrfs (bsc#1220521). * CVE-2021-46960: Fixed a warning on smb2_get_enc_key in cifs (bsc#1220528). * CVE-2021-46963: Fixed crash in qla2xxx_mqueuecommand() (bsc#1220536). * CVE-2021-46964: Fixed unreserved extra IRQ vectors in qla2xxx (bsc#1220538). * CVE-2021-46966: Fixed potential use-after-free issue in cm_write() (bsc#1220572). * CVE-2021-46981: Fixed a NULL pointer in flush_workqueue in nbd (bsc#1220611). * CVE-2021-46988: Fixed release page in error path to avoid BUG_ON (bsc#1220706). * CVE-2021-46990: Fixed a denial of service when toggling entry flush barrier in powerpc/64s (bsc#1220743). * CVE-2021-46998: Fixed an use after free bug in enic_hard_start_xmit in ethernet/enic (bsc#1220625). * CVE-2021-47006: Fixed wrong check in overflow_handler hook in ARM 9064/1 hw_breakpoint (bsc#1220751). * CVE-2021-47015: Fixed a RX consumer index logic in the error path in bnxt_rx_pkt() in bnxt_en (bsc#1220794). * CVE-2021-47024: Fixed possible memory leak in vsock/virtio when closing socket (bsc#1220637). * CVE-2021-47034: Fixed a kernel memory fault for pte update on radix in powerpc/64s (bsc#1220687). * CVE-2021-47045: Fixed a null pointer dereference in lpfc_prep_els_iocb() in scsi lpfc (bsc#1220640). * CVE-2021-47049: Fixed an after free in __vmbus_open() in hv vmbus (bsc#1220692). * CVE-2021-47055: Fixed missing permissions for locking and badblock ioctls in mtd (bsc#1220768). * CVE-2021-47056: Fixed a user-memory-access error on vf2pf_lock in crypto (bsc#1220769). * CVE-2021-47060: Fixed a bug in KVM by stop looking for coalesced MMIO zones if the bus is destroyed (bsc#1220742). * CVE-2021-47061: Fixed a bug in KVM by destroy I/O bus devices on unregister failure _after_ sync'ing SRCU (bsc#1220745). * CVE-2021-47063: Fixed a potential use-after-free during bridge detach in drm bridge/panel (bsc#1220777). * CVE-2021-47068: Fixed a use-after-free issue in llcp_sock_bind/connect (bsc#1220739). * CVE-2021-47070: Fixed memory leak in error handling paths in uio_hv_generic (bsc#1220829). * CVE-2021-47071: Fixed a memory leak in error handling paths in hv_uio_cleanup() in uio_hv_generic (bsc#1220846). * CVE-2021-47073: Fixed oops on rmmod dell_smbios init_dell_smbios_wmi() (bsc#1220850). * CVE-2021-47100: Fixed UAF when uninstall in ipmi (bsc#1220985). * CVE-2021-47101: Fixed uninit-value in asix_mdio_read() (bsc#1220987). * CVE-2021-47104: Fixed memory leak in qib_user_sdma_queue_pkts() (bsc#1220960). * CVE-2021-47110: Fixed possible memory corruption when restoring from hibernation in x86/kvm (bsc#1221532). * CVE-2021-47112: Fixed possible memory corruption when restoring from hibernation in x86/kvm (bsc#1221541). * CVE-2021-47114: Fixed a data corruption by fallocate in ocfs2 (bsc#1221548). * CVE-2021-47117: Fixed a crash in ext4_es_cache_extent as ext4_split_extent_at failed in ext4 (bsc#1221575). * CVE-2021-47118: Fixed an use-after-free in init task's struct pid in pid (bsc#1221605). * CVE-2021-47119: Fixed a memory leak in ext4_fill_super in ext4 (bsc#1221608). * CVE-2021-47138: Fixed an out-of-bound memory access during clearing filters in cxgb4 (bsc#1221934). * CVE-2021-47141: Fixed a null pointer dereference on priv->msix_vectors when driver is unloaded in gve (bsc#1221949). * CVE-2021-47142: Fixed an use-after-free on ttm->sg in drm/amdgpu (bsc#1221952). * CVE-2021-47143: Fixed possible corruption in net/smc after failed device_add() (bsc#1221988). * CVE-2021-47149: Fixed a potential null pointer deref in fmvj18x_get_hwinfo() (bsc#1221972). * CVE-2021-47150: Fixed the potential memory leak in fec_enet_init() (bsc#1221973). * CVE-2021-47153: Fixed wrongly generated interrupt on bus reset in i2c/i801 (bsc#1221969). * CVE-2021-47161: Fixed a resource leak in an error handling path in the error handling path of the probe function in spi spi-fsl-dspi (bsc#1221966). * CVE-2021-47162: Fixed a possible memory leak in tipc_buf_append (bsc#1221977). * CVE-2021-47165: Fixed shutdown crash when component not probed in drm/meson (bsc#1221965). * CVE-2021-47166: Fixed a data corruption of pg_bytes_written in nfs_do_recoalesce() in nfs (bsc#1221998). * CVE-2021-47167: Fixed an oopsable condition in __nfs_pageio_add_request() in nfs (bsc#1221991). * CVE-2021-47168: Fixed an incorrect limit in filelayout_decode_layout() in nfs (bsc#1222002). * CVE-2021-47169: Fixed a NULL pointer dereference in rp2_probe in serial rp2 (bsc#1222000). * CVE-2021-47171: Fixed a memory leak in smsc75xx_bind in net usb (bsc#1221994). * CVE-2021-47173: Fixed a memory leak in uss720_probe in misc/uss720 (bsc#1221993). * CVE-2021-47177: Fixed a sysfs leak in alloc_iommu() in iommu/vt-d (bsc#1221997). * CVE-2021-47179: Fixed a NULL pointer dereference in pnfs_mark_matching_lsegs_return() in nfsv4 (bsc#1222001). * CVE-2021-47180: Fixed a memory leak in nci_allocate_device nfcmrvl_disconnect in nfc nci (bsc#1221999). * CVE-2021-47181: Fixed a null pointer dereference caused by calling platform_get_resource() (bsc#1222660). * CVE-2021-47182: Fixed scsi_mode_sense() buffer length handling (bsc#1222662). * CVE-2021-47183: Fixed a null pointer dereference during link down processing in scsi lpfc (bsc#1192145, bsc#1222664). * CVE-2021-47184: Fixed NULL pointer dereference on VSI filter sync (bsc#1222666). * CVE-2021-47185: Fixed a softlockup issue in flush_to_ldisc in tty tty_buffer (bsc#1222669). * CVE-2021-47189: Fixed denial of service due to memory ordering issues between normal and ordered work functions in btrfs (bsc#1222706). * CVE-2021-47202: Fixed NULL pointer dereferences in of_thermal_ functions in thermal (bsc#1222878) * CVE-2021-47205: Unregistered clocks/resets when unbinding in sunxi-ng (bsc#1222888). * CVE-2021-47207: Fixed a null pointer dereference on pointer block in gus (bsc#1222790). * CVE-2021-47211: Fixed a null pointer dereference on pointer cs_desc in usb- audio (bsc#1222869). * CVE-2022-0487: Fixed use-after-free in moxart_remove in moxart-mmc (bsc#1194516). * CVE-2022-48619: Fixed a denial-of-service issue in drivers/input/input.c (bsc#1218220). * CVE-2022-48626: Fixed a potential use-after-free on remove path moxart (bsc#1220366). * CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223513). * CVE-2022-48701: Fixed an out-of-bounds bug in __snd_usb_parse_audio_interface() (bsc#1223921). * CVE-2023-0160: Fixed deadlock flaw in BPF that could allow a local user to potentially crash the system (bsc#1209657). * CVE-2023-52454: Fixed a kernel panic when host sends an invalid H2C PDU length (bsc#1220320). * CVE-2023-52469: Fixed a use-after-free in kv_parse_power_table (bsc#1220411). * CVE-2023-52470: Fixed null-ptr-deref in radeon_crtc_init() (bsc#1220413). * CVE-2023-52474: Fixed a vulnerability with non-PAGE_SIZE-end multi-iovec user SDMA requests (bsc#1220445). * CVE-2023-52476: Fixed possible unhandled page fault via perf sampling NMI during vsyscall (bsc#1220703). * CVE-2023-52477: Fixed USB Hub accesses to uninitialized BOS descriptors (bsc#1220790). * CVE-2023-52486: Fixed possible use-after-free in drm (bsc#1221277). * CVE-2023-52488: Fixed serial/sc16is7xx convert from _raw_ to _noinc_ regmap functions for FIFO (bsc#1221162). * CVE-2023-52509: Fixed a use-after-free issue in ravb_tx_timeout_work() (bsc#1220836). * CVE-2023-52515: Fixed possible use-after-free in RDMA/srp (bsc#1221048). * CVE-2023-52524: Fixed possible corruption in nfc/llcp (bsc#1220927). * CVE-2023-52528: Fixed uninit-value access in __smsc75xx_read_reg() (bsc#1220843). * CVE-2023-52575: Fixed SBPB enablement for spec_rstack_overflow=off (bsc#1220871). * CVE-2023-52583: Fixed deadlock or deadcode of misusing dget() inside ceph (bsc#1221058). * CVE-2023-52587: Fixed mcast list locking in IB/ipoib (bsc#1221082). * CVE-2023-52590: Fixed a possible ocfs2 filesystem corruption via directory renaming (bsc#1221088). * CVE-2023-52591: Fixed a possible reiserfs filesystem corruption via directory renaming (bsc#1221044). * CVE-2023-52595: Fixed possible deadlock in wifi/rt2x00 (bsc#1221046). * CVE-2023-52598: Fixed wrong setting of fpc register in s390/ptrace (bsc#1221060). * CVE-2023-52607: Fixed a null-pointer-dereference in pgtable_cache_add kasprintf() (bsc#1221061). * CVE-2023-52614: Fixed PM/devfreq buffer overflow in trans_stat_show (bsc#1221617). * CVE-2023-52620: Fixed netfilter/nf_tables to disallow timeout for anonymous sets never used from userspace (bsc#1221825). * CVE-2023-52628: Fixed 4-byte stack OOB write in nftables (bsc#1222117). * CVE-2023-52635: Fixed PM/devfreq to synchronize devfreq_monitor_[start/stop] (bsc#1222294). * CVE-2023-52639: Fixed race during shadow creation in KVM/s390/vsie Fixed (bsc#1222300). * CVE-2023-52644: Stop/wake correct queue in DMA Tx path when QoS is disabled in b43 (bsc#1222961). * CVE-2023-52650: Added missing check for of_find_device_by_node() (bsc#1223770) * CVE-2023-52652: Fixed NTB for possible name leak in ntb_register_device() (bsc#1223686). * CVE-2023-6270: Fixed a use-after-free issue in aoecmd_cfg_pkts (bsc#1218562). * CVE-2023-6356: Fixed a NULL pointer dereference in nvmet_tcp_build_pdu_iovec (bsc#1217987). * CVE-2023-6535: Fixed a NULL pointer dereference in nvmet_tcp_execute_request (bsc#1217988). * CVE-2023-6536: Fixed a NULL pointer dereference in __nvmet_req_complete (bsc#1217989). * CVE-2023-7042: Fixed a null-pointer-dereference in ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() (bsc#1218336). * CVE-2023-7192: Fixed a memory leak problem in ctnetlink_create_conntrack in net/netfilter/nf_conntrack_netlink.c (bsc#1218479). * CVE-2024-2201: Fixed information leak in x86/BHI (bsc#1217339). * CVE-2024-22099: Fixed a null-pointer-dereference in rfcomm_check_security (bsc#1219170). * CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5 modules (bsc#1219169). * CVE-2024-23848: Fixed media/cec for possible use-after-free in cec_queue_msg_fh (bsc#1219104). * CVE-2024-24855: Fixed a null pointer dereference due to race condition in scsi device driver in lpfc_unregister_fcf_rescan() function (bsc#1219618). * CVE-2024-24861: Fixed an overflow due to race condition in media/xc4000 device driver in xc4000 xc4000_get_frequency() function (bsc#1219623). * CVE-2024-26614: Fixed the initialization of accept_queue's spinlocks (bsc#1221293). * CVE-2024-26642: Fixed the set of anonymous timeout flag in netfilter nf_tables (bsc#1221830). * CVE-2024-26671: Fixed blk-mq IO hang from sbitmap wakeup race (bsc#1222357). * CVE-2024-26675: Fixed ppp_async to limit MRU to 64K (bsc#1222379). * CVE-2024-26689: Fixed a use-after-free in encode_cap_msg() (bsc#1222503). * CVE-2024-26704: Fixed a double-free of blocks due to wrong extents moved_len in ext4 (bsc#1222422). * CVE-2024-26733: Fixed an overflow in arp_req_get() in arp (bsc#1222585). * CVE-2024-26743: Fixed memory leak in qedr_create_user_qp error flow in rdma/qedr (bsc#1222677) * CVE-2024-26744: Fixed null pointer dereference in srpt_service_guid parameter in rdma/srpt (bsc#1222449) * CVE-2024-26747: Fixed a NULL pointer issue with USB parent module's reference (bsc#1222609). * CVE-2024-26754: Fixed an use-after-free and null-ptr-deref in gtp_genl_dump_pdp() in gtp (bsc#1222632). * CVE-2024-26763: Fixed user corruption via by writing data with O_DIRECT on device in dm-crypt (bsc#1222720). * CVE-2024-26771: Fixed a null pointer dereference on edma_probe in dmaengine ti edma (bsc#1222610) * CVE-2024-26772: Fixed ext4 to avoid allocating blocks from corrupted group in ext4_mb_find_by_goal() (bsc#1222613). * CVE-2024-26773: Fixed ext4 block allocation from corrupted group in ext4_mb_try_best_found() (bsc#1222618). * CVE-2024-26777: Error out if pixclock equals zero in fbdev/sis (bsc#1222765) * CVE-2024-26778: Error out if pixclock equals zero in fbdev/savage (bsc#1222770) * CVE-2024-26779: Fixed a race condition on enabling fast-xmit in mac80211 (bsc#1222772). * CVE-2024-26793: Fixed an use-after-free and null-ptr-deref in gtp_newlink() in gtp (bsc#1222428). * CVE-2024-26805: Fixed a kernel-infoleak-after-free in __skb_datagram_iter in netlink (bsc#1222630). * CVE-2024-26816: Fixed relocations in .notes section when building with CONFIG_XEN_PV=y by ignoring them (bsc#1222624). * CVE-2024-26817: Fixed amdkfd to use calloc instead of kzalloc to avoid integer overflow (bsc#1222812). * CVE-2024-26839: Fixed a memleak in init_credit_return() (bsc#1222975) * CVE-2024-26840: Fixed a memory leak in cachefiles_add_cache() (bsc#1222976). * CVE-2024-26852: Fixed net/ipv6 to avoid possible UAF in ip6_route_mpath_notify() (bsc#1223057). * CVE-2024-26855: Fixed net/ice potential NULL pointer dereference in ice_bridge_setlink() (bsc#1223051). * CVE-2024-26857: Fixed geneve to make sure to pull inner header in geneve_rx() (bsc#1223058). * CVE-2024-26859: Prevent access to a freed page in page_pool in bnx2x (bsc#1223049). * CVE-2024-26878: Fixed quota for potential NULL pointer dereference (bsc#1223060). * CVE-2024-26883: Fixed bpf stackmap overflow check on 32-bit arches (bsc#1223035). * CVE-2024-26884: Fixed bpf hashtab overflow check on 32-bit arches (bsc#1223189). * CVE-2024-26901: Fixed do_sys_name_to_handle() to use kzalloc() to prevent kernel-infoleak (bsc#1223198). * CVE-2024-26907: Fixed a fortify source warning while accessing Eth segment in mlx5 (bsc#1223203). * CVE-2024-26922: Validated the parameters of bo mapping operations more clearly (bsc#1223315). * CVE-2024-26948: Fixed drm/amd/display by adding dc_state NULL check in dc_state_release (bsc#1223664). * CVE-2024-26993: Fixed fs/sysfs reference leak in sysfs_break_active_protection() (bsc#1223693). * CVE-2024-27013: Fixed tun limit printing rate when illegal packet received by tun device (bsc#1223745). * CVE-2024-27014: Fixed net/mlx5e to prevent deadlock while disabling aRFS (bsc#1223735). * CVE-2024-27043: Fixed a use-after-free in edia/dvbdev in different places (bsc#1223824). * CVE-2024-27046: Fixed nfp/flower handling acti_netdevs allocation failure (bsc#1223827). * CVE-2024-27072: Removed useless locks in usbtv_video_free() (bsc#1223837). * CVE-2024-27073: Fixed a memory leak in budget_av_attach() (bsc#1223843). * CVE-2024-27074: Fixed a memory leak in go7007_load_encoder() (bsc#1223844). * CVE-2024-27075: Avoided stack overflow warnings with clang (bsc#1223842). * CVE-2024-27078: Fixed a memory leak in tpg_alloc() (bsc#1223781). The following non-security bugs were fixed: * Input: adxl34x - do not hardcode interrupt trigger type (git-fixes). * Input: drv260x - sleep between polling GO bit (git-fixes). * Input: ipaq-micro-keys - add error handling for devm_kmemdup. * Input: xpad - add PXN V900 support. * USB: core: Fix deadlock in usb_deauthorize_interface(). * USB: usb-storage: Prevent divide-by-0 error in isd200_ata_command (git- fixes). * atl1c: fix error return code in atl1c_probe() (git-fixes). * atl1e: fix error return code in atl1e_probe() (git-fixes). * bluetooth: btqca: Fixed a coding style error (git-fixes). * bluetooth: btqca: Introduce HCI_EV_VENDOR and use it (git-fixes). * bluetooth: btqcomsmd: Fix command timeout after setting BD address (git- fixes). * bluetooth: hci_intel: Add check for platform_driver_register (git-fixes). * bnx2x: Fix enabling network interfaces without VFs (git-fixes). * bnx2x: Fix missing error code in bnx2x_iov_init_one() (git-fixes). * bpf, sockmap: Fix preempt_rt splat when using raw_spin_lock_t (git-fixes). * doc/README.SUSE: Update information about module support status (jsc#PED-5759) * drivers: usb: host: Fix deadlock in oxu_bus_suspend() (git-fixes). * ethernet: myri10ge: Fix missing error code in myri10ge_probe() (git-fixes). * ethernet: ucc_geth: fix definition and size of ucc_geth_tx_global_pram (git- fixes). * fuse: do not unhash root (bsc#1223954). * iommu/amd: Increase interrupt remapping table limit to 512 entries (git- fixes). * iommu/amd: Mark interrupt as managed (git-fixes). * iommu/amd: Set DTE[IntTabLen] to represent 512 IRTEs (git-fixes). * iommu/amd: Silence warnings under memory pressure (git-fixes). * iommu: Check if group is NULL before remove device (git-fixes). * kabi fix for pNFS: Fix the pnfs block driver's calculation of layoutget size (git-fixes). * kabi: PCI: Add locking to RMW PCI Express Capability Register accessors (kabi). * lan78xx: Add missing return code checks (git-fixes). * lan78xx: Add support to dump lan78xx registers (git-fixes). * lan78xx: Do not access skb_queue_head list pointers directly (git-fixes). * lan78xx: Fix exception on link speed change (git-fixes). * lan78xx: Fix partial packet errors on suspend/resume (git-fixes). * lan78xx: Fix race conditions in suspend/resume handling (git-fixes). * lan78xx: Fix white space and style issues (git-fixes). * lan78xx: Modify error messages (git-fixes). * lan78xx: enable auto speed configuration for LAN7850 if no EEPROM is detected (git-fixes). * net/mlx5: Properly convey driver version to firmware (git-fixes). * net/qla3xxx: fix schedule while atomic in ql_sem_spinlock (git-fixes). * net: Fix features skip in for_each_netdev_feature() (git-fixes). * net: allwinner: Fix some resources leak in the error handling path of the probe and in the remove function (git-fixes). * net: atheros: switch from 'pci_' to 'dma_' API (git-fixes). * net: lan78xx: Allow for VLAN headers in timeout calcs (git-fixes). * net: lan78xx: Make declaration style consistent (git-fixes). * net: lan78xx: Merge memcpy + lexx_to_cpus to get_unaligned_lexx (git-fixes). * net: lan78xx: fix runtime PM count underflow on link stop (git-fixes). * net: lan78xx: remove set but not used variable 'event' (git-fixes). * net: macb: ensure the device is available before accessing GEMGXL control registers (git-fixes). * net: stmmac: free tx skb buffer in stmmac_resume() (git-fixes). * net: sunrpc: Fix an off by one in rpc_sockaddr2uaddr() (git-fixes). * net: usb: Use ARRAY_SIZE instead of calculating the array size (git-fixes). * net: usb: lan78xx: Remove lots of set but unused 'ret' variables (git- fixes). * nfs: Fix O_DIRECT commit verifier handling (git-fixes). * nfs: Fix O_DIRECT locking issues (git-fixes). * nfs: Fix a request reference leak in nfs_direct_write_clear_reqs() (git- fixes). * nfs: Fix an off by one in root_nfs_cat() (git-fixes). * nfs: Fix direct WRITE throughput regression (git-fixes). * nfs: Fix error handling for O_DIRECT write scheduling (git-fixes). * nfs: More O_DIRECT accounting fixes for error paths (git-fixes). * nfs: add atomic_open for NFSv3 to handle O_TRUNC correctly (bsc#1219847). * nfs: avoid spurious warning of lost lock that is being unlocked (bsc#1221791). * nfs: commit errors should be fatal (git-fixes). * nfs: only issue commit in DIO codepath if we have uncommitted data (git- fixes). * nfsd: Fix error cleanup path in nfsd_rename() (git-fixes). * nfsd: Reset cb_seq_status after NFS4ERR_DELAY (git-fixes). * nfsd: Retransmit callbacks after client reconnects (git-fixes). * nfsd: lock_rename() needs both directories to live on the same fs (git- fixes). * nfsv4.1/pnfs: Ensure we handle the error NFS4ERR_RETURNCONFLICT (git-fixes). * pci/aer: Clear MULTI_ERR_COR/UNCOR_RCV bits (git-fixes). * pci/aspm: Avoid link retraining race (git-fixes). * pci/aspm: Disable ASPM on MFD function removal to avoid use-after-free (git- fixes). * pci/aspm: Do not warn if already in common clock mode (git-fixes). * pci/aspm: Factor out pcie_wait_for_retrain() (git-fixes). * pci/aspm: Reduce severity of common clock config message (git-fixes). * pci/aspm: Return 0 or -ETIMEDOUT from pcie_retrain_link() (git-fixes). * pci/aspm: Use RMW accessors for changing LNKCTL (git-fixes). * pci/dpc: Print all TLP Prefixes, not just the first (git-fixes). * pci/iov: Enlarge virtfn sysfs name buffer (git-fixes). * pci/msi: Prevent MSI hardware interrupt number truncation (git-fixes). * pci/pm: Power up all devices during runtime resume (git-fixes). * pci/sysfs: Protect driver's D3cold preference from user space (git-fixes). * pci: Add ACS quirk for Broadcom BCM5750x NICs (git-fixes). * pci: Add function 1 DMA alias quirk for Marvell 88SE9235 (git-fixes). * pci: Add locking to RMW PCI Express Capability Register accessors (git- fixes). * pci: Avoid FLR for AMD FCH AHCI adapters (git-fixes). * pci: Avoid pci_dev_lock() AB/BA deadlock with sriov_numvfs_store() (git- fixes). * pci: Make link retraining use RMW accessors for changing LNKCTL (git-fixes). * pci: Mark 3ware-9650SE Root Port Extended Tags as broken (git-fixes). * pci: Rework pcie_retrain_link() wait loop (git-fixes). * pci: aardvark: Fix setting MSI address (git-fixes). * pci: aardvark: Fix support for MSI interrupts (git-fixes). * pci: dwc: Add unroll iATU space support to dw_pcie_disable_atu() (git- fixes). * pci: endpoint: Do not stop controller when unbinding endpoint function (git- fixes). * pci: hotplug: Allow marking devices as disconnected during bind/unbind (git- fixes). * pci: pciehp: Add pciehp_set_indicators() to set both indicators (git-fixes). * pci: pciehp: Cancel bringup sequence if card is not present (git-fixes). * pci: pciehp: Fix AB-BA deadlock between reset_lock and device_lock (git- fixes). * pci: pciehp: Use RMW accessors for changing LNKCTL (git-fixes). * pci: qcom: Disable write access to read only registers for IP v2.3.3 (git- fixes). * pci: qcom: Fix unbalanced PHY init on probe errors (git-fixes). * pci: qcom: Use DWC helpers for modifying the read-only DBI registers (git- fixes). * pci: switchtec: Return -EFAULT for copy_to_user() errors (git-fixes). * pnfs/flexfiles: Check the layout validity in ff_layout_mirror_prepare_stats (git-fixes). * pnfs: Fix the pnfs block driver's calculation of layoutget size (git-fixes). * rdma/ipoib: Fix error code return in ipoib_mcast_join (bsc#1221082) * s390/mm: Fix clearing storage keys for huge pages (git-fixes bsc#1223883). * s390/mm: Fix storage key clearing for guest huge pages (git-fixes bsc#1223885). * s390/vtime: fix average steal time calculation (git-fixes bsc#1221953). * scsi: qla2xxx: Change debug message during driver unload (bsc1221816). * scsi: qla2xxx: Delay I/O Abort on PCI error (bsc1221816). * scsi: qla2xxx: Fix N2N stuck connection (bsc1221816). * scsi: qla2xxx: Fix command flush on cable pull (bsc1221816). * scsi: qla2xxx: Fix double free of fcport (bsc1221816). * scsi: qla2xxx: Fix double free of the ha->vp_map pointer (bsc1221816). * scsi: qla2xxx: NVME|FCP prefer flag not being honored (bsc1221816). * scsi: qla2xxx: Prevent command send on chip reset (bsc1221816). * scsi: qla2xxx: Split FCE|EFT trace control (bsc1221816). * scsi: qla2xxx: Update manufacturer detail (bsc1221816). * scsi: qla2xxx: Update version to 10.02.09.200-k (bsc1221816). * sr9800: Add check for usbnet_get_endpoints (git-fixes). * sunrpc: Fix RPC client cleaned up the freed pipefs dentries (git-fixes). * sunrpc: fix a memleak in gss_import_v2_context (git-fixes). * sunrpc: fix some memleaks in gssx_dec_option_array (git-fixes). * tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc (bsc#1222619). * tun: honor IOCB_NOWAIT flag (git-fixes). * usb: dwc2: Fix memory leak in dwc2_hcd_init. * usb: dwc2: check return value after calling platform_get_resource() (git- fixes). * usb: dwc3: gadget: Ignore EP queue requests during bus reset (git-fixes). * usb: gadget: Fix issue with config_ep_by_speed function (git-fixes). * usb: mon: Fix atomicity violation in mon_bin_vma_fault (git-fixes). * usb: musb: Modify the "HWVers" register address (git-fixes). * usb: roles: do not get/set_role() when usb_role_switch is unregistered. * usb: serial: option: add Fibocom L7xx modules (git-fixes). * usb: serial: option: do not claim interface 4 for ZTE MF290 (git-fixes). * usb: storage: set 1.50 as the lower bcdDevice for older "Super Top" compatibility (git-fixes). * usb: typec: class: fix typec_altmode_put_partner to put plugs (git-fixes). * usb: usbfs: Do not WARN about excessively large memory allocations. * x86/CPU/AMD: Update the Zenbleed microcode revisions (git-fixes). * x86/bugs: Fix the SRSO mitigation on Zen3/4 (git-fixes). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Real Time 12 SP5 zypper in -t patch SUSE-SLE-RT-12-SP5-2024-1646=1 ## Package List: * SUSE Linux Enterprise Real Time 12 SP5 (x86_64) * gfs2-kmp-rt-debuginfo-4.12.14-10.182.1 * kernel-rt-base-4.12.14-10.182.1 * kernel-rt-base-debuginfo-4.12.14-10.182.1 * kernel-rt-devel-debuginfo-4.12.14-10.182.1 * kernel-syms-rt-4.12.14-10.182.1 * kernel-rt_debug-debugsource-4.12.14-10.182.1 * ocfs2-kmp-rt-4.12.14-10.182.1 * dlm-kmp-rt-4.12.14-10.182.1 * kernel-rt_debug-debuginfo-4.12.14-10.182.1 * cluster-md-kmp-rt-debuginfo-4.12.14-10.182.1 * kernel-rt-devel-4.12.14-10.182.1 * gfs2-kmp-rt-4.12.14-10.182.1 * cluster-md-kmp-rt-4.12.14-10.182.1 * kernel-rt-debugsource-4.12.14-10.182.1 * kernel-rt-debuginfo-4.12.14-10.182.1 * dlm-kmp-rt-debuginfo-4.12.14-10.182.1 * ocfs2-kmp-rt-debuginfo-4.12.14-10.182.1 * kernel-rt_debug-devel-debuginfo-4.12.14-10.182.1 * kernel-rt_debug-devel-4.12.14-10.182.1 * SUSE Linux Enterprise Real Time 12 SP5 (noarch) * kernel-devel-rt-4.12.14-10.182.1 * kernel-source-rt-4.12.14-10.182.1 * SUSE Linux Enterprise Real Time 12 SP5 (nosrc x86_64) * kernel-rt_debug-4.12.14-10.182.1 * kernel-rt-4.12.14-10.182.1 ## References: * https://www.suse.com/security/cve/CVE-2019-25160.html * https://www.suse.com/security/cve/CVE-2021-46904.html * https://www.suse.com/security/cve/CVE-2021-46905.html * https://www.suse.com/security/cve/CVE-2021-46909.html * https://www.suse.com/security/cve/CVE-2021-46938.html * https://www.suse.com/security/cve/CVE-2021-46939.html * https://www.suse.com/security/cve/CVE-2021-46941.html * https://www.suse.com/security/cve/CVE-2021-46950.html * https://www.suse.com/security/cve/CVE-2021-46958.html * https://www.suse.com/security/cve/CVE-2021-46960.html * https://www.suse.com/security/cve/CVE-2021-46963.html * https://www.suse.com/security/cve/CVE-2021-46964.html * https://www.suse.com/security/cve/CVE-2021-46966.html * https://www.suse.com/security/cve/CVE-2021-46981.html * https://www.suse.com/security/cve/CVE-2021-46988.html * https://www.suse.com/security/cve/CVE-2021-46990.html * https://www.suse.com/security/cve/CVE-2021-46998.html * https://www.suse.com/security/cve/CVE-2021-47006.html * https://www.suse.com/security/cve/CVE-2021-47015.html * https://www.suse.com/security/cve/CVE-2021-47024.html * https://www.suse.com/security/cve/CVE-2021-47034.html * https://www.suse.com/security/cve/CVE-2021-47045.html * https://www.suse.com/security/cve/CVE-2021-47049.html * https://www.suse.com/security/cve/CVE-2021-47055.html * https://www.suse.com/security/cve/CVE-2021-47056.html * https://www.suse.com/security/cve/CVE-2021-47060.html * https://www.suse.com/security/cve/CVE-2021-47061.html * https://www.suse.com/security/cve/CVE-2021-47063.html * https://www.suse.com/security/cve/CVE-2021-47068.html * https://www.suse.com/security/cve/CVE-2021-47070.html * https://www.suse.com/security/cve/CVE-2021-47071.html * https://www.suse.com/security/cve/CVE-2021-47073.html * https://www.suse.com/security/cve/CVE-2021-47100.html * https://www.suse.com/security/cve/CVE-2021-47101.html * https://www.suse.com/security/cve/CVE-2021-47104.html * https://www.suse.com/security/cve/CVE-2021-47110.html * https://www.suse.com/security/cve/CVE-2021-47112.html * https://www.suse.com/security/cve/CVE-2021-47114.html * https://www.suse.com/security/cve/CVE-2021-47117.html * https://www.suse.com/security/cve/CVE-2021-47118.html * https://www.suse.com/security/cve/CVE-2021-47119.html * https://www.suse.com/security/cve/CVE-2021-47138.html * https://www.suse.com/security/cve/CVE-2021-47141.html * https://www.suse.com/security/cve/CVE-2021-47142.html * https://www.suse.com/security/cve/CVE-2021-47143.html * https://www.suse.com/security/cve/CVE-2021-47146.html * https://www.suse.com/security/cve/CVE-2021-47149.html * https://www.suse.com/security/cve/CVE-2021-47150.html * https://www.suse.com/security/cve/CVE-2021-47153.html * https://www.suse.com/security/cve/CVE-2021-47159.html * https://www.suse.com/security/cve/CVE-2021-47161.html * https://www.suse.com/security/cve/CVE-2021-47162.html * https://www.suse.com/security/cve/CVE-2021-47165.html * https://www.suse.com/security/cve/CVE-2021-47166.html * https://www.suse.com/security/cve/CVE-2021-47167.html * https://www.suse.com/security/cve/CVE-2021-47168.html * https://www.suse.com/security/cve/CVE-2021-47169.html * https://www.suse.com/security/cve/CVE-2021-47171.html * https://www.suse.com/security/cve/CVE-2021-47173.html * https://www.suse.com/security/cve/CVE-2021-47177.html * https://www.suse.com/security/cve/CVE-2021-47179.html * https://www.suse.com/security/cve/CVE-2021-47180.html * https://www.suse.com/security/cve/CVE-2021-47181.html * https://www.suse.com/security/cve/CVE-2021-47182.html * https://www.suse.com/security/cve/CVE-2021-47183.html * https://www.suse.com/security/cve/CVE-2021-47184.html * https://www.suse.com/security/cve/CVE-2021-47185.html * https://www.suse.com/security/cve/CVE-2021-47188.html * https://www.suse.com/security/cve/CVE-2021-47189.html * https://www.suse.com/security/cve/CVE-2021-47198.html * https://www.suse.com/security/cve/CVE-2021-47202.html * https://www.suse.com/security/cve/CVE-2021-47203.html * https://www.suse.com/security/cve/CVE-2021-47204.html * https://www.suse.com/security/cve/CVE-2021-47205.html * https://www.suse.com/security/cve/CVE-2021-47207.html * https://www.suse.com/security/cve/CVE-2021-47211.html * https://www.suse.com/security/cve/CVE-2021-47216.html * https://www.suse.com/security/cve/CVE-2021-47217.html * https://www.suse.com/security/cve/CVE-2022-0487.html * https://www.suse.com/security/cve/CVE-2022-48619.html * https://www.suse.com/security/cve/CVE-2022-48626.html * https://www.suse.com/security/cve/CVE-2022-48636.html * https://www.suse.com/security/cve/CVE-2022-48650.html * https://www.suse.com/security/cve/CVE-2022-48651.html * https://www.suse.com/security/cve/CVE-2022-48667.html * https://www.suse.com/security/cve/CVE-2022-48668.html * https://www.suse.com/security/cve/CVE-2022-48687.html * https://www.suse.com/security/cve/CVE-2022-48688.html * https://www.suse.com/security/cve/CVE-2022-48695.html * https://www.suse.com/security/cve/CVE-2022-48701.html * https://www.suse.com/security/cve/CVE-2023-0160.html * https://www.suse.com/security/cve/CVE-2023-52454.html * https://www.suse.com/security/cve/CVE-2023-52469.html * https://www.suse.com/security/cve/CVE-2023-52470.html * https://www.suse.com/security/cve/CVE-2023-52474.html * https://www.suse.com/security/cve/CVE-2023-52476.html * https://www.suse.com/security/cve/CVE-2023-52477.html * https://www.suse.com/security/cve/CVE-2023-52486.html * https://www.suse.com/security/cve/CVE-2023-52488.html * https://www.suse.com/security/cve/CVE-2023-52509.html * https://www.suse.com/security/cve/CVE-2023-52515.html * https://www.suse.com/security/cve/CVE-2023-52524.html * https://www.suse.com/security/cve/CVE-2023-52528.html * https://www.suse.com/security/cve/CVE-2023-52575.html * https://www.suse.com/security/cve/CVE-2023-52583.html * https://www.suse.com/security/cve/CVE-2023-52587.html * https://www.suse.com/security/cve/CVE-2023-52590.html * https://www.suse.com/security/cve/CVE-2023-52591.html * https://www.suse.com/security/cve/CVE-2023-52595.html * https://www.suse.com/security/cve/CVE-2023-52598.html * https://www.suse.com/security/cve/CVE-2023-52607.html * https://www.suse.com/security/cve/CVE-2023-52614.html * https://www.suse.com/security/cve/CVE-2023-52620.html * https://www.suse.com/security/cve/CVE-2023-52628.html * https://www.suse.com/security/cve/CVE-2023-52635.html * https://www.suse.com/security/cve/CVE-2023-52639.html * https://www.suse.com/security/cve/CVE-2023-52644.html * https://www.suse.com/security/cve/CVE-2023-52646.html * https://www.suse.com/security/cve/CVE-2023-52650.html * https://www.suse.com/security/cve/CVE-2023-52652.html * https://www.suse.com/security/cve/CVE-2023-52653.html * https://www.suse.com/security/cve/CVE-2023-6270.html * https://www.suse.com/security/cve/CVE-2023-6356.html * https://www.suse.com/security/cve/CVE-2023-6535.html * https://www.suse.com/security/cve/CVE-2023-6536.html * https://www.suse.com/security/cve/CVE-2023-7042.html * https://www.suse.com/security/cve/CVE-2023-7192.html * https://www.suse.com/security/cve/CVE-2024-2201.html * https://www.suse.com/security/cve/CVE-2024-22099.html * https://www.suse.com/security/cve/CVE-2024-23307.html * https://www.suse.com/security/cve/CVE-2024-23848.html * https://www.suse.com/security/cve/CVE-2024-24855.html * https://www.suse.com/security/cve/CVE-2024-24861.html * https://www.suse.com/security/cve/CVE-2024-26614.html * https://www.suse.com/security/cve/CVE-2024-26642.html * https://www.suse.com/security/cve/CVE-2024-26651.html * https://www.suse.com/security/cve/CVE-2024-26671.html * https://www.suse.com/security/cve/CVE-2024-26675.html * https://www.suse.com/security/cve/CVE-2024-26689.html * https://www.suse.com/security/cve/CVE-2024-26704.html * https://www.suse.com/security/cve/CVE-2024-26733.html * https://www.suse.com/security/cve/CVE-2024-26739.html * https://www.suse.com/security/cve/CVE-2024-26743.html * https://www.suse.com/security/cve/CVE-2024-26744.html * https://www.suse.com/security/cve/CVE-2024-26747.html * https://www.suse.com/security/cve/CVE-2024-26754.html * https://www.suse.com/security/cve/CVE-2024-26763.html * https://www.suse.com/security/cve/CVE-2024-26771.html * https://www.suse.com/security/cve/CVE-2024-26772.html * https://www.suse.com/security/cve/CVE-2024-26773.html * https://www.suse.com/security/cve/CVE-2024-26777.html * https://www.suse.com/security/cve/CVE-2024-26778.html * https://www.suse.com/security/cve/CVE-2024-26779.html * https://www.suse.com/security/cve/CVE-2024-26793.html * https://www.suse.com/security/cve/CVE-2024-26805.html * https://www.suse.com/security/cve/CVE-2024-26816.html * https://www.suse.com/security/cve/CVE-2024-26817.html * https://www.suse.com/security/cve/CVE-2024-26839.html * https://www.suse.com/security/cve/CVE-2024-26840.html * https://www.suse.com/security/cve/CVE-2024-26852.html * https://www.suse.com/security/cve/CVE-2024-26855.html * https://www.suse.com/security/cve/CVE-2024-26857.html * https://www.suse.com/security/cve/CVE-2024-26859.html * https://www.suse.com/security/cve/CVE-2024-26878.html * https://www.suse.com/security/cve/CVE-2024-26883.html * https://www.suse.com/security/cve/CVE-2024-26884.html * https://www.suse.com/security/cve/CVE-2024-26898.html * https://www.suse.com/security/cve/CVE-2024-26901.html * https://www.suse.com/security/cve/CVE-2024-26903.html * https://www.suse.com/security/cve/CVE-2024-26907.html * https://www.suse.com/security/cve/CVE-2024-26922.html * https://www.suse.com/security/cve/CVE-2024-26929.html * https://www.suse.com/security/cve/CVE-2024-26930.html * https://www.suse.com/security/cve/CVE-2024-26931.html * https://www.suse.com/security/cve/CVE-2024-26948.html * https://www.suse.com/security/cve/CVE-2024-26993.html * https://www.suse.com/security/cve/CVE-2024-27013.html * https://www.suse.com/security/cve/CVE-2024-27014.html * https://www.suse.com/security/cve/CVE-2024-27043.html * https://www.suse.com/security/cve/CVE-2024-27046.html * https://www.suse.com/security/cve/CVE-2024-27054.html * https://www.suse.com/security/cve/CVE-2024-27072.html * https://www.suse.com/security/cve/CVE-2024-27073.html * https://www.suse.com/security/cve/CVE-2024-27074.html * https://www.suse.com/security/cve/CVE-2024-27075.html * https://www.suse.com/security/cve/CVE-2024-27078.html * https://www.suse.com/security/cve/CVE-2024-27388.html * https://bugzilla.suse.com/show_bug.cgi?id=1141539 * https://bugzilla.suse.com/show_bug.cgi?id=1190317 * https://bugzilla.suse.com/show_bug.cgi?id=1190576 * https://bugzilla.suse.com/show_bug.cgi?id=1192145 * https://bugzilla.suse.com/show_bug.cgi?id=1194516 * https://bugzilla.suse.com/show_bug.cgi?id=1203935 * https://bugzilla.suse.com/show_bug.cgi?id=1209657 * https://bugzilla.suse.com/show_bug.cgi?id=1211592 * https://bugzilla.suse.com/show_bug.cgi?id=1217339 * https://bugzilla.suse.com/show_bug.cgi?id=1217987 * https://bugzilla.suse.com/show_bug.cgi?id=1217988 * https://bugzilla.suse.com/show_bug.cgi?id=1217989 * https://bugzilla.suse.com/show_bug.cgi?id=1218220 * https://bugzilla.suse.com/show_bug.cgi?id=1218336 * https://bugzilla.suse.com/show_bug.cgi?id=1218479 * https://bugzilla.suse.com/show_bug.cgi?id=1218562 * https://bugzilla.suse.com/show_bug.cgi?id=1219104 * https://bugzilla.suse.com/show_bug.cgi?id=1219169 * https://bugzilla.suse.com/show_bug.cgi?id=1219170 * https://bugzilla.suse.com/show_bug.cgi?id=1219618 * https://bugzilla.suse.com/show_bug.cgi?id=1219623 * https://bugzilla.suse.com/show_bug.cgi?id=1219847 * https://bugzilla.suse.com/show_bug.cgi?id=1220320 * https://bugzilla.suse.com/show_bug.cgi?id=1220366 * https://bugzilla.suse.com/show_bug.cgi?id=1220394 * https://bugzilla.suse.com/show_bug.cgi?id=1220411 * https://bugzilla.suse.com/show_bug.cgi?id=1220413 * https://bugzilla.suse.com/show_bug.cgi?id=1220416 * https://bugzilla.suse.com/show_bug.cgi?id=1220418 * https://bugzilla.suse.com/show_bug.cgi?id=1220442 * https://bugzilla.suse.com/show_bug.cgi?id=1220445 * https://bugzilla.suse.com/show_bug.cgi?id=1220521 * https://bugzilla.suse.com/show_bug.cgi?id=1220528 * https://bugzilla.suse.com/show_bug.cgi?id=1220536 * https://bugzilla.suse.com/show_bug.cgi?id=1220538 * https://bugzilla.suse.com/show_bug.cgi?id=1220554 * https://bugzilla.suse.com/show_bug.cgi?id=1220572 * https://bugzilla.suse.com/show_bug.cgi?id=1220580 * https://bugzilla.suse.com/show_bug.cgi?id=1220611 * https://bugzilla.suse.com/show_bug.cgi?id=1220625 * https://bugzilla.suse.com/show_bug.cgi?id=1220628 * https://bugzilla.suse.com/show_bug.cgi?id=1220637 * https://bugzilla.suse.com/show_bug.cgi?id=1220640 * https://bugzilla.suse.com/show_bug.cgi?id=1220662 * https://bugzilla.suse.com/show_bug.cgi?id=1220687 * https://bugzilla.suse.com/show_bug.cgi?id=1220692 * https://bugzilla.suse.com/show_bug.cgi?id=1220703 * https://bugzilla.suse.com/show_bug.cgi?id=1220706 * https://bugzilla.suse.com/show_bug.cgi?id=1220739 * https://bugzilla.suse.com/show_bug.cgi?id=1220742 * https://bugzilla.suse.com/show_bug.cgi?id=1220743 * https://bugzilla.suse.com/show_bug.cgi?id=1220745 * https://bugzilla.suse.com/show_bug.cgi?id=1220751 * https://bugzilla.suse.com/show_bug.cgi?id=1220768 * https://bugzilla.suse.com/show_bug.cgi?id=1220769 * https://bugzilla.suse.com/show_bug.cgi?id=1220777 * https://bugzilla.suse.com/show_bug.cgi?id=1220790 * https://bugzilla.suse.com/show_bug.cgi?id=1220794 * https://bugzilla.suse.com/show_bug.cgi?id=1220829 * https://bugzilla.suse.com/show_bug.cgi?id=1220836 * https://bugzilla.suse.com/show_bug.cgi?id=1220843 * https://bugzilla.suse.com/show_bug.cgi?id=1220846 * https://bugzilla.suse.com/show_bug.cgi?id=1220850 * https://bugzilla.suse.com/show_bug.cgi?id=1220871 * https://bugzilla.suse.com/show_bug.cgi?id=1220927 * https://bugzilla.suse.com/show_bug.cgi?id=1220960 * https://bugzilla.suse.com/show_bug.cgi?id=1220985 * https://bugzilla.suse.com/show_bug.cgi?id=1220987 * https://bugzilla.suse.com/show_bug.cgi?id=1221044 * https://bugzilla.suse.com/show_bug.cgi?id=1221046 * https://bugzilla.suse.com/show_bug.cgi?id=1221048 * https://bugzilla.suse.com/show_bug.cgi?id=1221058 * https://bugzilla.suse.com/show_bug.cgi?id=1221060 * https://bugzilla.suse.com/show_bug.cgi?id=1221061 * https://bugzilla.suse.com/show_bug.cgi?id=1221077 * https://bugzilla.suse.com/show_bug.cgi?id=1221082 * https://bugzilla.suse.com/show_bug.cgi?id=1221088 * https://bugzilla.suse.com/show_bug.cgi?id=1221162 * https://bugzilla.suse.com/show_bug.cgi?id=1221277 * https://bugzilla.suse.com/show_bug.cgi?id=1221293 * https://bugzilla.suse.com/show_bug.cgi?id=1221337 * https://bugzilla.suse.com/show_bug.cgi?id=1221532 * https://bugzilla.suse.com/show_bug.cgi?id=1221541 * https://bugzilla.suse.com/show_bug.cgi?id=1221548 * https://bugzilla.suse.com/show_bug.cgi?id=1221575 * https://bugzilla.suse.com/show_bug.cgi?id=1221605 * https://bugzilla.suse.com/show_bug.cgi?id=1221608 * https://bugzilla.suse.com/show_bug.cgi?id=1221617 * https://bugzilla.suse.com/show_bug.cgi?id=1221791 * https://bugzilla.suse.com/show_bug.cgi?id=1221816 * https://bugzilla.suse.com/show_bug.cgi?id=1221825 * https://bugzilla.suse.com/show_bug.cgi?id=1221830 * https://bugzilla.suse.com/show_bug.cgi?id=1221862 * https://bugzilla.suse.com/show_bug.cgi?id=1221934 * https://bugzilla.suse.com/show_bug.cgi?id=1221949 * https://bugzilla.suse.com/show_bug.cgi?id=1221952 * https://bugzilla.suse.com/show_bug.cgi?id=1221953 * https://bugzilla.suse.com/show_bug.cgi?id=1221965 * https://bugzilla.suse.com/show_bug.cgi?id=1221966 * https://bugzilla.suse.com/show_bug.cgi?id=1221967 * https://bugzilla.suse.com/show_bug.cgi?id=1221969 * https://bugzilla.suse.com/show_bug.cgi?id=1221972 * https://bugzilla.suse.com/show_bug.cgi?id=1221973 * https://bugzilla.suse.com/show_bug.cgi?id=1221977 * https://bugzilla.suse.com/show_bug.cgi?id=1221979 * https://bugzilla.suse.com/show_bug.cgi?id=1221988 * https://bugzilla.suse.com/show_bug.cgi?id=1221991 * https://bugzilla.suse.com/show_bug.cgi?id=1221993 * https://bugzilla.suse.com/show_bug.cgi?id=1221994 * https://bugzilla.suse.com/show_bug.cgi?id=1221997 * https://bugzilla.suse.com/show_bug.cgi?id=1221998 * https://bugzilla.suse.com/show_bug.cgi?id=1221999 * https://bugzilla.suse.com/show_bug.cgi?id=1222000 * https://bugzilla.suse.com/show_bug.cgi?id=1222001 * https://bugzilla.suse.com/show_bug.cgi?id=1222002 * https://bugzilla.suse.com/show_bug.cgi?id=1222117 * https://bugzilla.suse.com/show_bug.cgi?id=1222294 * https://bugzilla.suse.com/show_bug.cgi?id=1222300 * https://bugzilla.suse.com/show_bug.cgi?id=1222357 * https://bugzilla.suse.com/show_bug.cgi?id=1222379 * https://bugzilla.suse.com/show_bug.cgi?id=1222422 * https://bugzilla.suse.com/show_bug.cgi?id=1222428 * https://bugzilla.suse.com/show_bug.cgi?id=1222449 * https://bugzilla.suse.com/show_bug.cgi?id=1222503 * https://bugzilla.suse.com/show_bug.cgi?id=1222559 * https://bugzilla.suse.com/show_bug.cgi?id=1222585 * https://bugzilla.suse.com/show_bug.cgi?id=1222609 * https://bugzilla.suse.com/show_bug.cgi?id=1222610 * https://bugzilla.suse.com/show_bug.cgi?id=1222613 * https://bugzilla.suse.com/show_bug.cgi?id=1222618 * https://bugzilla.suse.com/show_bug.cgi?id=1222619 * https://bugzilla.suse.com/show_bug.cgi?id=1222624 * https://bugzilla.suse.com/show_bug.cgi?id=1222630 * https://bugzilla.suse.com/show_bug.cgi?id=1222632 * https://bugzilla.suse.com/show_bug.cgi?id=1222660 * https://bugzilla.suse.com/show_bug.cgi?id=1222662 * https://bugzilla.suse.com/show_bug.cgi?id=1222664 * https://bugzilla.suse.com/show_bug.cgi?id=1222666 * https://bugzilla.suse.com/show_bug.cgi?id=1222669 * https://bugzilla.suse.com/show_bug.cgi?id=1222671 * https://bugzilla.suse.com/show_bug.cgi?id=1222677 * https://bugzilla.suse.com/show_bug.cgi?id=1222706 * https://bugzilla.suse.com/show_bug.cgi?id=1222720 * https://bugzilla.suse.com/show_bug.cgi?id=1222765 * https://bugzilla.suse.com/show_bug.cgi?id=1222770 * https://bugzilla.suse.com/show_bug.cgi?id=1222772 * https://bugzilla.suse.com/show_bug.cgi?id=1222787 * https://bugzilla.suse.com/show_bug.cgi?id=1222790 * https://bugzilla.suse.com/show_bug.cgi?id=1222812 * https://bugzilla.suse.com/show_bug.cgi?id=1222836 * https://bugzilla.suse.com/show_bug.cgi?id=1222869 * https://bugzilla.suse.com/show_bug.cgi?id=1222876 * https://bugzilla.suse.com/show_bug.cgi?id=1222878 * https://bugzilla.suse.com/show_bug.cgi?id=1222881 * https://bugzilla.suse.com/show_bug.cgi?id=1222883 * https://bugzilla.suse.com/show_bug.cgi?id=1222888 * https://bugzilla.suse.com/show_bug.cgi?id=1222961 * https://bugzilla.suse.com/show_bug.cgi?id=1222975 * https://bugzilla.suse.com/show_bug.cgi?id=1222976 * https://bugzilla.suse.com/show_bug.cgi?id=1223016 * https://bugzilla.suse.com/show_bug.cgi?id=1223035 * https://bugzilla.suse.com/show_bug.cgi?id=1223049 * https://bugzilla.suse.com/show_bug.cgi?id=1223051 * https://bugzilla.suse.com/show_bug.cgi?id=1223057 * https://bugzilla.suse.com/show_bug.cgi?id=1223058 * https://bugzilla.suse.com/show_bug.cgi?id=1223060 * https://bugzilla.suse.com/show_bug.cgi?id=1223187 * https://bugzilla.suse.com/show_bug.cgi?id=1223189 * https://bugzilla.suse.com/show_bug.cgi?id=1223198 * https://bugzilla.suse.com/show_bug.cgi?id=1223203 * https://bugzilla.suse.com/show_bug.cgi?id=1223315 * https://bugzilla.suse.com/show_bug.cgi?id=1223432 * https://bugzilla.suse.com/show_bug.cgi?id=1223509 * https://bugzilla.suse.com/show_bug.cgi?id=1223512 * https://bugzilla.suse.com/show_bug.cgi?id=1223513 * https://bugzilla.suse.com/show_bug.cgi?id=1223516 * https://bugzilla.suse.com/show_bug.cgi?id=1223518 * https://bugzilla.suse.com/show_bug.cgi?id=1223626 * https://bugzilla.suse.com/show_bug.cgi?id=1223627 * https://bugzilla.suse.com/show_bug.cgi?id=1223664 * https://bugzilla.suse.com/show_bug.cgi?id=1223686 * https://bugzilla.suse.com/show_bug.cgi?id=1223693 * https://bugzilla.suse.com/show_bug.cgi?id=1223712 * https://bugzilla.suse.com/show_bug.cgi?id=1223715 * https://bugzilla.suse.com/show_bug.cgi?id=1223735 * https://bugzilla.suse.com/show_bug.cgi?id=1223744 * https://bugzilla.suse.com/show_bug.cgi?id=1223745 * https://bugzilla.suse.com/show_bug.cgi?id=1223770 * https://bugzilla.suse.com/show_bug.cgi?id=1223781 * https://bugzilla.suse.com/show_bug.cgi?id=1223819 * https://bugzilla.suse.com/show_bug.cgi?id=1223824 * https://bugzilla.suse.com/show_bug.cgi?id=1223827 * https://bugzilla.suse.com/show_bug.cgi?id=1223837 * https://bugzilla.suse.com/show_bug.cgi?id=1223842 * https://bugzilla.suse.com/show_bug.cgi?id=1223843 * https://bugzilla.suse.com/show_bug.cgi?id=1223844 * https://bugzilla.suse.com/show_bug.cgi?id=1223883 * https://bugzilla.suse.com/show_bug.cgi?id=1223885 * https://bugzilla.suse.com/show_bug.cgi?id=1223921 * https://bugzilla.suse.com/show_bug.cgi?id=1223941 * https://bugzilla.suse.com/show_bug.cgi?id=1223952 * https://bugzilla.suse.com/show_bug.cgi?id=1223953 * https://bugzilla.suse.com/show_bug.cgi?id=1223954 * https://jira.suse.com/browse/PED-5759 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue May 14 16:31:49 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 14 May 2024 16:31:49 -0000 Subject: SUSE-SU-2024:1645-1: important: Security update for the Linux Kernel Message-ID: <171570430907.20442.8744273086622341530@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2024:1645-1 Rating: important References: * bsc#1190576 * bsc#1192145 * bsc#1200313 * bsc#1201489 * bsc#1203906 * bsc#1203935 * bsc#1204614 * bsc#1211592 * bsc#1218562 * bsc#1218917 * bsc#1219169 * bsc#1219170 * bsc#1219264 * bsc#1220513 * bsc#1220755 * bsc#1220854 * bsc#1221113 * bsc#1221299 * bsc#1221543 * bsc#1221545 * bsc#1222449 * bsc#1222482 * bsc#1222503 * bsc#1222559 * bsc#1222624 * bsc#1222666 * bsc#1222709 * bsc#1222790 * bsc#1222792 * bsc#1222829 * bsc#1222876 * bsc#1222881 * bsc#1222883 * bsc#1222894 * bsc#1222976 * bsc#1223016 * bsc#1223057 * bsc#1223111 * bsc#1223187 * bsc#1223202 * bsc#1223475 * bsc#1223482 * bsc#1223509 * bsc#1223513 * bsc#1223522 * bsc#1223824 * bsc#1223921 * bsc#1223923 * bsc#1223931 * bsc#1223941 * bsc#1223948 * bsc#1223952 * bsc#1223963 Cross-References: * CVE-2021-46955 * CVE-2021-47041 * CVE-2021-47074 * CVE-2021-47113 * CVE-2021-47131 * CVE-2021-47184 * CVE-2021-47194 * CVE-2021-47198 * CVE-2021-47201 * CVE-2021-47203 * CVE-2021-47206 * CVE-2021-47207 * CVE-2021-47212 * CVE-2021-47216 * CVE-2022-48631 * CVE-2022-48638 * CVE-2022-48650 * CVE-2022-48651 * CVE-2022-48654 * CVE-2022-48672 * CVE-2022-48686 * CVE-2022-48687 * CVE-2022-48693 * CVE-2022-48695 * CVE-2022-48701 * CVE-2022-48702 * CVE-2024-0639 * CVE-2024-23307 * CVE-2024-26610 * CVE-2024-26688 * CVE-2024-26689 * CVE-2024-26739 * CVE-2024-26744 * CVE-2024-26816 * CVE-2024-26840 * CVE-2024-26852 * CVE-2024-26862 * CVE-2024-26898 * CVE-2024-26903 * CVE-2024-26906 * CVE-2024-27043 CVSS scores: * CVE-2021-46955 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2021-47041 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47074 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2021-47113 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47131 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47184 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47194 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47194 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47198 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47198 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47201 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47203 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47206 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47207 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47212 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47216 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2022-48631 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48638 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48650 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48651 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48654 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2022-48672 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2022-48686 ( SUSE ): 3.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2022-48687 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2022-48693 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48695 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48701 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2022-48702 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L * CVE-2024-0639 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0639 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-23307 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26610 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-26688 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26689 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26739 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26744 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26816 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-26840 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-26852 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26862 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-26898 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26898 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26903 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26903 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26906 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27043 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 An update that solves 41 vulnerabilities and has 12 security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2024-26840: Fixed a memory leak in cachefiles_add_cache() (bsc#1222976). * CVE-2021-47113: Abort btrfs rename_exchange if we fail to insert the second ref (bsc#1221543). * CVE-2021-47131: Fixed a use-after-free after the TLS device goes down and up (bsc#1221545). * CVE-2024-26852: Fixed net/ipv6 to avoid possible UAF in ip6_route_mpath_notify() (bsc#1223057). * CVE-2021-46955: Fixed an out-of-bounds read with openvswitch, when fragmenting IPv4 packets (bsc#1220513). * CVE-2024-26862: Fixed packet annotate data-races around ignore_outgoing (bsc#1223111). * CVE-2024-0639: Fixed a denial-of-service vulnerability due to a deadlock found in sctp_auto_asconf_init in net/sctp/socket.c (bsc#1218917). * CVE-2024-27043: Fixed a use-after-free in edia/dvbdev in different places (bsc#1223824). * CVE-2022-48631: Fixed a bug in ext4, when parsing extents where eh_entries == 0 and eh_depth > 0 (bsc#1223475). * CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5 modules (bsc#1219169). * CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223513). * CVE-2024-26906: Disallowed vsyscall page read for copy_from_kernel_nofault() (bsc#1223202). * CVE-2024-26816: Fixed relocations in .notes section when building with CONFIG_XEN_PV=y by ignoring them (bsc#1222624). * CVE-2021-47207: Fixed a null pointer dereference on pointer block in gus (bsc#1222790). * CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221299). * CVE-2024-26689: Fixed a use-after-free in encode_cap_msg() (bsc#1222503). * CVE-2021-47041: Don't set sk_user_data without write_lock (bsc#1220755). * CVE-2021-47074: Fixed memory leak in nvme_loop_create_ctrl() (bsc#1220854). * CVE-2024-26744: Fixed null pointer dereference in srpt_service_guid parameter in rdma/srpt (bsc#1222449). The following non-security bugs were fixed: * dm rq: do not queue request to blk-mq during DM suspend (bsc#1221113). * dm: rearrange core declarations for extended use from dm-zone.c (bsc#1221113). * net/tls: Remove the context from the list in tls_device_down (bsc#1221545). * tls: Fix context leak on tls_device_down (bsc#1221545). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-1645=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-1645=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-1645=1 ## Package List: * SUSE Linux Enterprise Micro 5.1 (nosrc x86_64) * kernel-rt-5.3.18-150300.169.1 * SUSE Linux Enterprise Micro 5.1 (x86_64) * kernel-rt-debugsource-5.3.18-150300.169.1 * kernel-rt-debuginfo-5.3.18-150300.169.1 * SUSE Linux Enterprise Micro 5.1 (noarch) * kernel-source-rt-5.3.18-150300.169.1 * SUSE Linux Enterprise Micro 5.2 (nosrc x86_64) * kernel-rt-5.3.18-150300.169.1 * SUSE Linux Enterprise Micro 5.2 (x86_64) * kernel-rt-debugsource-5.3.18-150300.169.1 * kernel-rt-debuginfo-5.3.18-150300.169.1 * SUSE Linux Enterprise Micro 5.2 (noarch) * kernel-source-rt-5.3.18-150300.169.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (nosrc x86_64) * kernel-rt-5.3.18-150300.169.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (x86_64) * kernel-rt-debugsource-5.3.18-150300.169.1 * kernel-rt-debuginfo-5.3.18-150300.169.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (noarch) * kernel-source-rt-5.3.18-150300.169.1 ## References: * https://www.suse.com/security/cve/CVE-2021-46955.html * https://www.suse.com/security/cve/CVE-2021-47041.html * https://www.suse.com/security/cve/CVE-2021-47074.html * https://www.suse.com/security/cve/CVE-2021-47113.html * https://www.suse.com/security/cve/CVE-2021-47131.html * https://www.suse.com/security/cve/CVE-2021-47184.html * https://www.suse.com/security/cve/CVE-2021-47194.html * https://www.suse.com/security/cve/CVE-2021-47198.html * https://www.suse.com/security/cve/CVE-2021-47201.html * https://www.suse.com/security/cve/CVE-2021-47203.html * https://www.suse.com/security/cve/CVE-2021-47206.html * https://www.suse.com/security/cve/CVE-2021-47207.html * https://www.suse.com/security/cve/CVE-2021-47212.html * https://www.suse.com/security/cve/CVE-2021-47216.html * https://www.suse.com/security/cve/CVE-2022-48631.html * https://www.suse.com/security/cve/CVE-2022-48638.html * https://www.suse.com/security/cve/CVE-2022-48650.html * https://www.suse.com/security/cve/CVE-2022-48651.html * https://www.suse.com/security/cve/CVE-2022-48654.html * https://www.suse.com/security/cve/CVE-2022-48672.html * https://www.suse.com/security/cve/CVE-2022-48686.html * https://www.suse.com/security/cve/CVE-2022-48687.html * https://www.suse.com/security/cve/CVE-2022-48693.html * https://www.suse.com/security/cve/CVE-2022-48695.html * https://www.suse.com/security/cve/CVE-2022-48701.html * https://www.suse.com/security/cve/CVE-2022-48702.html * https://www.suse.com/security/cve/CVE-2024-0639.html * https://www.suse.com/security/cve/CVE-2024-23307.html * https://www.suse.com/security/cve/CVE-2024-26610.html * https://www.suse.com/security/cve/CVE-2024-26688.html * https://www.suse.com/security/cve/CVE-2024-26689.html * https://www.suse.com/security/cve/CVE-2024-26739.html * https://www.suse.com/security/cve/CVE-2024-26744.html * https://www.suse.com/security/cve/CVE-2024-26816.html * https://www.suse.com/security/cve/CVE-2024-26840.html * https://www.suse.com/security/cve/CVE-2024-26852.html * https://www.suse.com/security/cve/CVE-2024-26862.html * https://www.suse.com/security/cve/CVE-2024-26898.html * https://www.suse.com/security/cve/CVE-2024-26903.html * https://www.suse.com/security/cve/CVE-2024-26906.html * https://www.suse.com/security/cve/CVE-2024-27043.html * https://bugzilla.suse.com/show_bug.cgi?id=1190576 * https://bugzilla.suse.com/show_bug.cgi?id=1192145 * https://bugzilla.suse.com/show_bug.cgi?id=1200313 * https://bugzilla.suse.com/show_bug.cgi?id=1201489 * https://bugzilla.suse.com/show_bug.cgi?id=1203906 * https://bugzilla.suse.com/show_bug.cgi?id=1203935 * https://bugzilla.suse.com/show_bug.cgi?id=1204614 * https://bugzilla.suse.com/show_bug.cgi?id=1211592 * https://bugzilla.suse.com/show_bug.cgi?id=1218562 * https://bugzilla.suse.com/show_bug.cgi?id=1218917 * https://bugzilla.suse.com/show_bug.cgi?id=1219169 * https://bugzilla.suse.com/show_bug.cgi?id=1219170 * https://bugzilla.suse.com/show_bug.cgi?id=1219264 * https://bugzilla.suse.com/show_bug.cgi?id=1220513 * https://bugzilla.suse.com/show_bug.cgi?id=1220755 * https://bugzilla.suse.com/show_bug.cgi?id=1220854 * https://bugzilla.suse.com/show_bug.cgi?id=1221113 * https://bugzilla.suse.com/show_bug.cgi?id=1221299 * https://bugzilla.suse.com/show_bug.cgi?id=1221543 * https://bugzilla.suse.com/show_bug.cgi?id=1221545 * https://bugzilla.suse.com/show_bug.cgi?id=1222449 * https://bugzilla.suse.com/show_bug.cgi?id=1222482 * https://bugzilla.suse.com/show_bug.cgi?id=1222503 * https://bugzilla.suse.com/show_bug.cgi?id=1222559 * https://bugzilla.suse.com/show_bug.cgi?id=1222624 * https://bugzilla.suse.com/show_bug.cgi?id=1222666 * https://bugzilla.suse.com/show_bug.cgi?id=1222709 * https://bugzilla.suse.com/show_bug.cgi?id=1222790 * https://bugzilla.suse.com/show_bug.cgi?id=1222792 * https://bugzilla.suse.com/show_bug.cgi?id=1222829 * https://bugzilla.suse.com/show_bug.cgi?id=1222876 * https://bugzilla.suse.com/show_bug.cgi?id=1222881 * https://bugzilla.suse.com/show_bug.cgi?id=1222883 * https://bugzilla.suse.com/show_bug.cgi?id=1222894 * https://bugzilla.suse.com/show_bug.cgi?id=1222976 * https://bugzilla.suse.com/show_bug.cgi?id=1223016 * https://bugzilla.suse.com/show_bug.cgi?id=1223057 * https://bugzilla.suse.com/show_bug.cgi?id=1223111 * https://bugzilla.suse.com/show_bug.cgi?id=1223187 * https://bugzilla.suse.com/show_bug.cgi?id=1223202 * https://bugzilla.suse.com/show_bug.cgi?id=1223475 * https://bugzilla.suse.com/show_bug.cgi?id=1223482 * https://bugzilla.suse.com/show_bug.cgi?id=1223509 * https://bugzilla.suse.com/show_bug.cgi?id=1223513 * https://bugzilla.suse.com/show_bug.cgi?id=1223522 * https://bugzilla.suse.com/show_bug.cgi?id=1223824 * https://bugzilla.suse.com/show_bug.cgi?id=1223921 * https://bugzilla.suse.com/show_bug.cgi?id=1223923 * https://bugzilla.suse.com/show_bug.cgi?id=1223931 * https://bugzilla.suse.com/show_bug.cgi?id=1223941 * https://bugzilla.suse.com/show_bug.cgi?id=1223948 * https://bugzilla.suse.com/show_bug.cgi?id=1223952 * https://bugzilla.suse.com/show_bug.cgi?id=1223963 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue May 14 16:32:30 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 14 May 2024 16:32:30 -0000 Subject: SUSE-SU-2024:1644-1: important: Security update for the Linux Kernel Message-ID: <171570435085.20442.5167126944615455997@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2024:1644-1 Rating: important References: * bsc#1141539 * bsc#1190576 * bsc#1192145 * bsc#1192837 * bsc#1193629 * bsc#1196869 * bsc#1200313 * bsc#1201308 * bsc#1201489 * bsc#1203906 * bsc#1203935 * bsc#1204614 * bsc#1207361 * bsc#1211592 * bsc#1213573 * bsc#1217339 * bsc#1217408 * bsc#1218562 * bsc#1218917 * bsc#1219104 * bsc#1219126 * bsc#1219141 * bsc#1219169 * bsc#1219170 * bsc#1219264 * bsc#1220342 * bsc#1220569 * bsc#1220761 * bsc#1221042 * bsc#1221044 * bsc#1221080 * bsc#1221084 * bsc#1221088 * bsc#1221299 * bsc#1221612 * bsc#1221617 * bsc#1221645 * bsc#1221825 * bsc#1222294 * bsc#1222307 * bsc#1222357 * bsc#1222368 * bsc#1222379 * bsc#1222385 * bsc#1222424 * bsc#1222430 * bsc#1222435 * bsc#1222482 * bsc#1222559 * bsc#1222585 * bsc#1222613 * bsc#1222615 * bsc#1222618 * bsc#1222624 * bsc#1222666 * bsc#1222669 * bsc#1222671 * bsc#1222703 * bsc#1222704 * bsc#1222709 * bsc#1222710 * bsc#1222721 * bsc#1222726 * bsc#1222773 * bsc#1222776 * bsc#1222785 * bsc#1222787 * bsc#1222790 * bsc#1222791 * bsc#1222792 * bsc#1222793 * bsc#1222796 * bsc#1222812 * bsc#1222824 * bsc#1222829 * bsc#1222832 * bsc#1222836 * bsc#1222838 * bsc#1222866 * bsc#1222867 * bsc#1222869 * bsc#1222870 * bsc#1222876 * bsc#1222878 * bsc#1222879 * bsc#1222881 * bsc#1222883 * bsc#1222888 * bsc#1222894 * bsc#1222901 * bsc#1222968 * bsc#1222976 * bsc#1223012 * bsc#1223014 * bsc#1223016 * bsc#1223024 * bsc#1223033 * bsc#1223034 * bsc#1223035 * bsc#1223036 * bsc#1223037 * bsc#1223041 * bsc#1223042 * bsc#1223051 * bsc#1223052 * bsc#1223056 * bsc#1223057 * bsc#1223058 * bsc#1223060 * bsc#1223061 * bsc#1223065 * bsc#1223066 * bsc#1223076 * bsc#1223078 * bsc#1223111 * bsc#1223115 * bsc#1223118 * bsc#1223119 * bsc#1223140 * bsc#1223187 * bsc#1223189 * bsc#1223190 * bsc#1223191 * bsc#1223196 * bsc#1223197 * bsc#1223198 * bsc#1223207 * bsc#1223275 * bsc#1223323 * bsc#1223360 * bsc#1223369 * bsc#1223380 * bsc#1223432 * bsc#1223473 * bsc#1223474 * bsc#1223475 * bsc#1223477 * bsc#1223478 * bsc#1223479 * bsc#1223481 * bsc#1223482 * bsc#1223484 * bsc#1223487 * bsc#1223490 * bsc#1223496 * bsc#1223498 * bsc#1223499 * bsc#1223501 * bsc#1223502 * bsc#1223503 * bsc#1223505 * bsc#1223509 * bsc#1223511 * bsc#1223512 * bsc#1223513 * bsc#1223516 * bsc#1223517 * bsc#1223518 * bsc#1223519 * bsc#1223520 * bsc#1223522 * bsc#1223523 * bsc#1223525 * bsc#1223536 * bsc#1223539 * bsc#1223574 * bsc#1223595 * bsc#1223598 * bsc#1223628 * bsc#1223634 * bsc#1223640 * bsc#1223643 * bsc#1223644 * bsc#1223645 * bsc#1223646 * bsc#1223648 * bsc#1223655 * bsc#1223657 * bsc#1223660 * bsc#1223661 * bsc#1223663 * bsc#1223664 * bsc#1223668 * bsc#1223670 * bsc#1223679 * bsc#1223686 * bsc#1223693 * bsc#1223705 * bsc#1223714 * bsc#1223735 * bsc#1223738 * bsc#1223745 * bsc#1223784 * bsc#1223785 * bsc#1223790 * bsc#1223816 * bsc#1223821 * bsc#1223822 * bsc#1223823 * bsc#1223824 * bsc#1223827 * bsc#1223834 * bsc#1223858 * bsc#1223875 * bsc#1223876 * bsc#1223877 * bsc#1223878 * bsc#1223879 * bsc#1223894 * bsc#1223921 * bsc#1223922 * bsc#1223923 * bsc#1223924 * bsc#1223929 * bsc#1223931 * bsc#1223932 * bsc#1223934 * bsc#1223941 * bsc#1223948 * bsc#1223949 * bsc#1223950 * bsc#1223951 * bsc#1223952 * bsc#1223953 * bsc#1223956 * bsc#1223957 * bsc#1223960 * bsc#1223962 * bsc#1223963 * bsc#1223964 * bsc#1223996 * jsc#PED-7167 Cross-References: * CVE-2021-47047 * CVE-2021-47184 * CVE-2021-47185 * CVE-2021-47187 * CVE-2021-47188 * CVE-2021-47191 * CVE-2021-47192 * CVE-2021-47193 * CVE-2021-47194 * CVE-2021-47195 * CVE-2021-47196 * CVE-2021-47197 * CVE-2021-47198 * CVE-2021-47199 * CVE-2021-47200 * CVE-2021-47201 * CVE-2021-47202 * CVE-2021-47203 * CVE-2021-47204 * CVE-2021-47205 * CVE-2021-47206 * CVE-2021-47207 * CVE-2021-47209 * CVE-2021-47210 * CVE-2021-47211 * CVE-2021-47212 * CVE-2021-47214 * CVE-2021-47215 * CVE-2021-47216 * CVE-2021-47217 * CVE-2021-47218 * CVE-2021-47219 * CVE-2022-48631 * CVE-2022-48632 * CVE-2022-48634 * CVE-2022-48636 * CVE-2022-48637 * CVE-2022-48638 * CVE-2022-48639 * CVE-2022-48640 * CVE-2022-48642 * CVE-2022-48644 * CVE-2022-48646 * CVE-2022-48647 * CVE-2022-48648 * CVE-2022-48650 * CVE-2022-48651 * CVE-2022-48652 * CVE-2022-48653 * CVE-2022-48654 * CVE-2022-48655 * CVE-2022-48656 * CVE-2022-48657 * CVE-2022-48658 * CVE-2022-48659 * CVE-2022-48660 * CVE-2022-48662 * CVE-2022-48663 * CVE-2022-48667 * CVE-2022-48668 * CVE-2022-48671 * CVE-2022-48672 * CVE-2022-48673 * CVE-2022-48675 * CVE-2022-48686 * CVE-2022-48687 * CVE-2022-48688 * CVE-2022-48690 * CVE-2022-48692 * CVE-2022-48693 * CVE-2022-48694 * CVE-2022-48695 * CVE-2022-48697 * CVE-2022-48698 * CVE-2022-48699 * CVE-2022-48700 * CVE-2022-48701 * CVE-2022-48702 * CVE-2022-48703 * CVE-2022-48704 * CVE-2023-2860 * CVE-2023-52585 * CVE-2023-52589 * CVE-2023-52590 * CVE-2023-52591 * CVE-2023-52593 * CVE-2023-52614 * CVE-2023-52616 * CVE-2023-52620 * CVE-2023-52635 * CVE-2023-52645 * CVE-2023-52646 * CVE-2023-52652 * CVE-2023-6270 * CVE-2024-0639 * CVE-2024-0841 * CVE-2024-2201 * CVE-2024-22099 * CVE-2024-23307 * CVE-2024-23848 * CVE-2024-23850 * CVE-2024-26601 * CVE-2024-26610 * CVE-2024-26656 * CVE-2024-26671 * CVE-2024-26673 * CVE-2024-26675 * CVE-2024-26679 * CVE-2024-26687 * CVE-2024-26688 * CVE-2024-26700 * CVE-2024-26702 * CVE-2024-26733 * CVE-2024-26739 * CVE-2024-26764 * CVE-2024-26766 * CVE-2024-26772 * CVE-2024-26773 * CVE-2024-26783 * CVE-2024-26791 * CVE-2024-26792 * CVE-2024-26816 * CVE-2024-26817 * CVE-2024-26820 * CVE-2024-26825 * CVE-2024-26830 * CVE-2024-26833 * CVE-2024-26836 * CVE-2024-26840 * CVE-2024-26843 * CVE-2024-26852 * CVE-2024-26853 * CVE-2024-26855 * CVE-2024-26856 * CVE-2024-26857 * CVE-2024-26861 * CVE-2024-26862 * CVE-2024-26866 * CVE-2024-26872 * CVE-2024-26875 * CVE-2024-26876 * CVE-2024-26877 * CVE-2024-26878 * CVE-2024-26879 * CVE-2024-26881 * CVE-2024-26882 * CVE-2024-26883 * CVE-2024-26884 * CVE-2024-26885 * CVE-2024-26891 * CVE-2024-26893 * CVE-2024-26895 * CVE-2024-26896 * CVE-2024-26897 * CVE-2024-26898 * CVE-2024-26901 * CVE-2024-26903 * CVE-2024-26915 * CVE-2024-26917 * CVE-2024-26927 * CVE-2024-26933 * CVE-2024-26939 * CVE-2024-26948 * CVE-2024-26950 * CVE-2024-26951 * CVE-2024-26955 * CVE-2024-26956 * CVE-2024-26960 * CVE-2024-26965 * CVE-2024-26966 * CVE-2024-26969 * CVE-2024-26970 * CVE-2024-26972 * CVE-2024-26979 * CVE-2024-26981 * CVE-2024-26982 * CVE-2024-26993 * CVE-2024-27013 * CVE-2024-27014 * CVE-2024-27030 * CVE-2024-27038 * CVE-2024-27039 * CVE-2024-27041 * CVE-2024-27042 * CVE-2024-27043 * CVE-2024-27046 * CVE-2024-27056 * CVE-2024-27059 * CVE-2024-27062 * CVE-2024-27389 CVSS scores: * CVE-2021-47184 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47185 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47187 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47188 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47191 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47193 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47193 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47194 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47194 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47195 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47195 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47196 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47197 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47198 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47198 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47199 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47200 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47201 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47202 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47203 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47204 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47205 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47206 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47207 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47209 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47210 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47211 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47212 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47214 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47215 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47216 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2021-47217 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47218 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47219 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2022-48631 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48632 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48634 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48636 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48637 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48638 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48639 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48640 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48642 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-48644 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48646 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48647 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48648 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48650 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48651 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48652 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48653 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-48654 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2022-48655 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2022-48655 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48656 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-48657 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-48658 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48658 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48659 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48659 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48660 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-48660 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48662 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48662 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48663 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48667 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2022-48668 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2022-48671 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48672 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2022-48673 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48675 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48686 ( SUSE ): 3.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2022-48687 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2022-48688 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48690 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48692 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48693 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48694 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48695 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48697 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2022-48698 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-48699 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48700 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-48701 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2022-48702 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L * CVE-2022-48703 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48704 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-2860 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2023-2860 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2023-52585 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52589 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52590 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2023-52591 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2023-52593 ( SUSE ): 5.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2023-52614 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2023-52616 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52620 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52635 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52645 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52645 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52646 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52652 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2023-6270 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6270 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-0639 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0639 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0841 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0841 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-2201 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-22099 ( SUSE ): 5.3 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-22099 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-23307 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23848 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2024-23848 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-23850 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-23850 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26601 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26601 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26610 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-26656 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26671 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26673 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26675 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26679 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26687 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26688 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26700 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26702 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26733 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26739 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26764 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-26766 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26772 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26773 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26783 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26791 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26792 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26816 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-26817 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26820 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26825 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26830 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26833 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26836 ( SUSE ): 4.3 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-26840 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-26843 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26852 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26853 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26855 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26856 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26857 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26861 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26862 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-26866 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26872 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26875 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26876 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26877 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-26878 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26879 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26881 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26881 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26882 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26882 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26883 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26883 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26884 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26884 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26885 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26885 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26891 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26893 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26895 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26896 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26897 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26898 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26898 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26901 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2024-26901 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26903 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26903 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26915 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26917 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26927 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26933 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26939 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26948 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26950 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26951 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26955 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26956 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26960 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26965 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26966 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26969 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26970 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26972 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26979 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26981 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26982 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26993 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27013 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27014 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27030 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-27038 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27039 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27041 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27042 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2024-27043 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-27046 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27056 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27059 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27062 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27389 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.5 * Public Cloud Module 15-SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves 190 vulnerabilities, contains one feature and has 41 security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP5 Azure kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2024-27389: Fixed pstore inode handling with d_invalidate() (bsc#1223705). * CVE-2024-27062: Fixed nouveau lock inside client object tree (bsc#1223834). * CVE-2024-27056: Fixed wifi/iwlwifi/mvm to ensure offloading TID queue exists (bsc#1223822). * CVE-2024-27046: Fixed nfp/flower handling acti_netdevs allocation failure (bsc#1223827). * CVE-2024-27043: Fixed a use-after-free in edia/dvbdev in different places (bsc#1223824). * CVE-2024-27042: Fixed drm/amdgpu for potential out-of-bounds access in amdgpu_discovery_reg_base_init() (bsc#1223823). * CVE-2024-27041: Fixed drm/amd/display NULL checks for adev->dm.dc in amdgpu_dm_fini() (bsc#1223714). * CVE-2024-27039: Fixed clk/hisilicon/hi3559a an erroneous devm_kfree() (bsc#1223821). * CVE-2024-27038: Fixed clk_core_get NULL pointer dereference (bsc#1223816). * CVE-2024-27030: Fixed octeontx2-af to use separate handlers for interrupts (bsc#1223790). * CVE-2024-27014: Fixed net/mlx5e to prevent deadlock while disabling aRFS (bsc#1223735). * CVE-2024-27013: Fixed tun limit printing rate when illegal packet received by tun device (bsc#1223745). * CVE-2024-26993: Fixed fs/sysfs reference leak in sysfs_break_active_protection() (bsc#1223693). * CVE-2024-26982: Fixed Squashfs inode number check not to be an invalid value of zero (bsc#1223634). * CVE-2024-26970: Fixed clk/qcom/gcc-ipq6018 termination of frequency table arrays (bsc#1223644). * CVE-2024-26969: Fixed clk/qcom/gcc-ipq8074 termination of frequency table arrays (bsc#1223645). * CVE-2024-26966: Fixed clk/qcom/mmcc-apq8084 termination of frequency table arrays (bsc#1223646). * CVE-2024-26965: Fixed clk/qcom/mmcc-msm8974 termination of frequency table arrays (bsc#1223648). * CVE-2024-26960: Fixed mm/swap race between free_swap_and_cache() and swapoff() (bsc#1223655). * CVE-2024-26951: Fixed wireguard/netlink check for dangling peer via is_dead instead of empty list (bsc#1223660). * CVE-2024-26950: Fixed wireguard/netlink to access device through ctx instead of peer (bsc#1223661). * CVE-2024-26948: Fixed drm/amd/display by adding dc_state NULL check in dc_state_release (bsc#1223664). * CVE-2024-26939: Fixed drm/i915/vma UAF on destroy against retire race (bsc#1223679). * CVE-2024-26927: Fixed ASoC/SOF bounds checking to firmware data Smatch (bsc#1223525). * CVE-2024-26915: Fixed drm/amdgpu reset IH OVERFLOW_CLEAR bit (bsc#1223207). * CVE-2024-26901: Fixed do_sys_name_to_handle() to use kzalloc() to prevent kernel-infoleak (bsc#1223198). * CVE-2024-26898: Fixed aoe potential use-after-free problem in aoecmd_cfg_pkts (bsc#1223016). * CVE-2024-26896: Fixed wifi/wfx memory leak when starting AP (bsc#1223042). * CVE-2024-26893: Fixed firmware/arm_scmi for possible double free in SMC transport cleanup path (bsc#1223196). * CVE-2024-26885: Fixed bpf DEVMAP_HASH overflow check on 32-bit arches (bsc#1223190). * CVE-2024-26884: Fixed bpf hashtab overflow check on 32-bit arches (bsc#1223189). * CVE-2024-26883: Fixed bpf stackmap overflow check on 32-bit arches (bsc#1223035). * CVE-2024-26882: Fixed net/ip_tunnel to make sure to pull inner header in ip_tunnel_rcv() (bsc#1223034). * CVE-2024-26881: Fixed net/hns3 kernel crash when 1588 is received on HIP08 devices (bsc#1223041). * CVE-2024-26879: Fixed clk/meson by adding missing clocks to axg_clk_regmaps (bsc#1223066). * CVE-2024-26878: Fixed quota for potential NULL pointer dereference (bsc#1223060). * CVE-2024-26876: Fixed drm/bridge/adv7511 crash on irq during probe (bsc#1223119). * CVE-2024-26866: Fixed spi/spi-fsl-lpspi by removing redundant spi_controller_put call (bsc#1223024). * CVE-2024-26862: Fixed packet annotate data-races around ignore_outgoing (bsc#1223111). * CVE-2024-26861: Fixed wireguard/receive annotate data-race around receiving_counter.counter (bsc#1223076). * CVE-2024-26857: Fixed geneve to make sure to pull inner header in geneve_rx() (bsc#1223058). * CVE-2024-26856: Fixed use-after-free inside sparx5_del_mact_entry (bsc#1223052). * CVE-2024-26855: Fixed net/ice potential NULL pointer dereference in ice_bridge_setlink() (bsc#1223051). * CVE-2024-26853: Fixed igc returning frame twice in XDP_REDIRECT (bsc#1223061). * CVE-2024-26852: Fixed net/ipv6 to avoid possible UAF in ip6_route_mpath_notify() (bsc#1223057). * CVE-2024-26840: Fixed a memory leak in cachefiles_add_cache() (bsc#1222976). * CVE-2024-26836: Fixed platform/x86/think-lmi password opcode ordering for workstations (bsc#1222968). * CVE-2024-26830: Fixed i40e to not allow untrusted VF to remove administratively set MAC (bsc#1223012). * CVE-2024-26817: Fixed amdkfd to use calloc instead of kzalloc to avoid integer overflow (bsc#1222812). * CVE-2024-26816: Fixed relocations in .notes section when building with CONFIG_XEN_PV=y by ignoring them (bsc#1222624). * CVE-2024-26791: Fixed btrfs/dev-replace properly validate device names (bsc#1222793). * CVE-2024-26783: Fixed mm/vmscan bug when calling wakeup_kswapd() with a wrong zone index (bsc#1222615). * CVE-2024-26773: Fixed ext4 block allocation from corrupted group in ext4_mb_try_best_found() (bsc#1222618). * CVE-2024-26772: Fixed ext4 to avoid allocating blocks from corrupted group in ext4_mb_find_by_goal() (bsc#1222613). * CVE-2024-26766: Fixed SDMA off-by-one error in _pad_sdma_tx_descs() (bsc#1222726). * CVE-2024-26764: Fixed IOCB_AIO_RW check in fs/aio before the struct aio_kiocb conversion (bsc#1222721). * CVE-2024-26733: Fixed an overflow in arp_req_get() in arp (bsc#1222585). * CVE-2024-26700: Fixed drm/amd/display MST Null pointer dereference for RV (bsc#1222870). * CVE-2024-26687: Fixed xen/events close evtchn after mapping cleanup (bsc#1222435). * CVE-2024-26679: Fixed inet read sk->sk_family once in inet_recv_error() (bsc#1222385). * CVE-2024-26675: Fixed ppp_async to limit MRU to 64K (bsc#1222379). * CVE-2024-26673: Fixed netfilter/nft_ct layer 3 and 4 protocol sanitization (bsc#1222368). * CVE-2024-26671: Fixed blk-mq IO hang from sbitmap wakeup race (bsc#1222357). * CVE-2024-26656: Fixed drm/amdgpu use-after-free bug (bsc#1222307). * CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221299). * CVE-2024-26601: Fixed ext4 buddy bitmap corruption via fast commit replay (bsc#1220342). * CVE-2024-23850: Fixed double free of anonymous device after snapshot creation failure (bsc#1219126). * CVE-2024-23848: Fixed media/cec for possible use-after-free in cec_queue_msg_fh (bsc#1219104). * CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5 modules (bsc#1219169). * CVE-2024-22099: Fixed a null-pointer-dereference in rfcomm_check_security (bsc#1219170). * CVE-2024-2201: Fixed information leak in x86/BHI (bsc#1217339). * CVE-2024-0841: Fixed a null pointer dereference in the hugetlbfs_fill_super function in hugetlbfs (HugeTLB pages) functionality (bsc#1219264). * CVE-2024-0639: Fixed a denial-of-service vulnerability due to a deadlock found in sctp_auto_asconf_init in net/sctp/socket.c (bsc#1218917). * CVE-2023-6270: Fixed a use-after-free issue in aoecmd_cfg_pkts (bsc#1218562). * CVE-2023-52652: Fixed NTB for possible name leak in ntb_register_device() (bsc#1223686). * CVE-2023-52645: Fixed pmdomain/mediatek race conditions with genpd (bsc#1223033). * CVE-2023-52635: Fixed PM/devfreq to synchronize devfreq_monitor_[start/stop] (bsc#1222294). * CVE-2023-52620: Fixed netfilter/nf_tables to disallow timeout for anonymous sets never used from userspace (bsc#1221825). * CVE-2023-52616: Fixed unexpected pointer access in crypto/lib/mpi in mpi_ec_init (bsc#1221612). * CVE-2023-52614: Fixed PM/devfreq buffer overflow in trans_stat_show (bsc#1221617). * CVE-2023-52593: Fixed wifi/wfx possible NULL pointer dereference in wfx_set_mfp_ap() (bsc#1221042). * CVE-2023-52591: Fixed a possible reiserfs filesystem corruption via directory renaming (bsc#1221044). * CVE-2023-52590: Fixed a possible ocfs2 filesystem corruption via directory renaming (bsc#1221088). * CVE-2023-52589: Fixed media/rkisp1 IRQ disable race issue (bsc#1221084). * CVE-2023-52585: Fixed drm/amdgpu for possible NULL pointer dereference in amdgpu_ras_query_error_status_helper() (bsc#1221080). * CVE-2022-48662: Fixed a general protection fault (GPF) in i915_perf_open_ioctl (bsc#1223505). * CVE-2022-48659: Fixed mm/slub to return errno if kmalloc() fails (bsc#1223498). * CVE-2022-48658: Fixed mm/slub to avoid a problem in flush_cpu_slab()/__free_slab() task context (bsc#1223496). * CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223513). * CVE-2022-48642: Fixed netfilter/nf_tables percpu memory leak at nf_tables_addchain() (bsc#1223478). * CVE-2022-48640: Fixed bonding for possible NULL pointer dereference in bond_rr_gen_slave_id (bsc#1223499). * CVE-2022-48631: Fixed a bug in ext4, when parsing extents where eh_entries == 0 and eh_depth > 0 (bsc#1223475). * CVE-2021-47214: Fixed hugetlb/userfaultfd during restore reservation in hugetlb_mcopy_atomic_pte() (bsc#1222710). * CVE-2021-47211: Fixed a null pointer dereference on pointer cs_desc in usb- audio (bsc#1222869). * CVE-2021-47207: Fixed a null pointer dereference on pointer block in gus (bsc#1222790). * CVE-2021-47205: Unregistered clocks/resets when unbinding in sunxi-ng (bsc#1222888). * CVE-2021-47202: Fixed NULL pointer dereferences in of_thermal_ functions (bsc#1222878) * CVE-2021-47200: Fixed drm/prime for possible use-after-free in mmap within drm_gem_ttm_mmap() and drm_gem_ttm_mmap() (bsc#1222838). * CVE-2021-47195: Fixed use-after-free inside SPI via add_lock mutex (bsc#1222832). * CVE-2021-47185: Fixed a softlockup issue in flush_to_ldisc in tty tty_buffer (bsc#1222669). * CVE-2021-47184: Fixed NULL pointer dereference on VSI filter sync (bsc#1222666). The following non-security bugs were fixed: * ALSA: firewire-lib: handle quirk to calculate payload quadlets as data block counter (stable-fixes). * ALSA: hda/realtek - Enable audio jacks of Haier Boyue G42 with ALC269VC (stable-fixes). * ALSA: hda/realtek - Fix inactive headset mic jack (stable-fixes). * ALSA: hda/realtek: Add quirk for HP SnowWhite laptops (stable-fixes). * ALSA: hda/realtek: Fix mute led of HP Laptop 15-da3001TU (stable-fixes). * ALSA: hda: intel-sdw-acpi: fix usage of device_get_named_child_node() (git- fixes). * ALSA: scarlett2: Add Focusrite Clarett 2Pre and 4Pre USB support (stable- fixes). * ALSA: scarlett2: Add Focusrite Clarett+ 2Pre and 4Pre support (stable- fixes). * ALSA: scarlett2: Add correct product series name to messages (stable-fixes). * ALSA: scarlett2: Add support for Clarett 8Pre USB (stable-fixes). * ALSA: scarlett2: Default mixer driver to enabled (stable-fixes). * ALSA: scarlett2: Move USB IDs out from device_info struct (stable-fixes). * ASoC: meson: axg-card: make links nonatomic (git-fixes). * ASoC: meson: axg-tdm-interface: manage formatters in trigger (git-fixes). * ASoC: meson: cards: select SND_DYNAMIC_MINORS (git-fixes). * ASoC: soc-core.c: Skip dummy codec when adding platforms (stable-fixes). * ASoC: tegra: Fix DSPK 16-bit playback (git-fixes). * ASoC: ti: davinci-mcasp: Fix race condition during probe (git-fixes). * Bluetooth: Add new quirk for broken read key length on ATS2851 (git-fixes). * Bluetooth: Fix TOCTOU in HCI debugfs implementation (git-fixes). * Bluetooth: Fix memory leak in hci_req_sync_complete() (git-fixes). * Bluetooth: Fix type of len in {l2cap,sco}_sock_getsockopt_old() (stable- fixes). * Bluetooth: L2CAP: Fix not validating setsockopt user input (git-fixes). * Bluetooth: RFCOMM: Fix not validating setsockopt user input (git-fixes). * Bluetooth: SCO: Fix not validating setsockopt user input (git-fixes). * Bluetooth: add quirk for broken address properties (git-fixes). * Bluetooth: btintel: Fix null ptr deref in btintel_read_version (stable- fixes). * Bluetooth: btintel: Fixe build regression (git-fixes). * Bluetooth: btusb: Add Realtek RTL8852BE support ID 0x0bda:0x4853 (stable- fixes). * Bluetooth: hci_event: Fix sending HCI_OP_READ_ENC_KEY_SIZE (git-fixes). * Bluetooth: hci_event: set the conn encrypted before conn establishes (stable-fixes). * Bluetooth: hci_sock: Fix not validating setsockopt user input (git-fixes). * Bluetooth: qca: fix NULL-deref on non-serdev suspend (git-fixes). * Documentation: Add missing documentation for EXPORT_OP flags (stable-fixes). * HID: intel-ish-hid: ipc: Fix dev_err usage with uninitialized dev->devc (git-fixes). * HID: logitech-dj: allow mice to use all types of reports (git-fixes). * HID: uhid: Use READ_ONCE()/WRITE_ONCE() for ->running (stable-fixes). * Input: allocate keycode for Display refresh rate toggle (stable-fixes). * Input: synaptics-rmi4 - fail probing if memory allocation for "phys" fails (stable-fixes). * NFC: trf7970a: disable all regulators on removal (git-fixes). * PCI: rpaphp: Error out on busy status from get-sensor-state (bsc#1223369 ltc#205888). * RDMA/cm: Print the old state when cm_destroy_id gets timeout (git-fixes). * Reapply "drm/qxl: simplify qxl_fence_wait" (stable-fixes). * Revert "ACPI: PM: Block ASUS B1400CEAE from suspend to idle by default" (stable-fixes). * Revert "drm/qxl: simplify qxl_fence_wait" (git-fixes). * Revert "ice: Fix ice VF reset during iavf initialization (jsc#PED-376)." (bsc#1223275) * Revert "usb: cdc-wdm: close race between read and workqueue" (git-fixes). * Revert "usb: phy: generic: Get the vbus supply" (git-fixes). * USB: UAS: return ENODEV when submit urbs fail with device not attached (stable-fixes). * USB: core: Add hub_get() and hub_put() routines (git-fixes). * USB: core: Fix access violation during port device removal (git-fixes). * USB: core: Fix deadlock in port "disable" sysfs attribute (git-fixes). * USB: serial: add device ID for VeriFone adapter (stable-fixes). * USB: serial: cp210x: add ID for MGP Instruments PDS100 (stable-fixes). * USB: serial: cp210x: add pid/vid for TDK NC0110013M and MM0110113M (stable- fixes). * USB: serial: ftdi_sio: add support for GMC Z216C Adapter IR-USB (stable- fixes). * USB: serial: option: add Fibocom FM135-GL variants (stable-fixes). * USB: serial: option: add Lonsung U8300/U9300 product (stable-fixes). * USB: serial: option: add MeiG Smart SLM320 product (stable-fixes). * USB: serial: option: add Rolling RW101-GL and RW135-GL support (stable- fixes). * USB: serial: option: add Telit FN920C04 rmnet compositions (stable-fixes). * USB: serial: option: add support for Fibocom FM650/FG650 (stable-fixes). * USB: serial: option: support Quectel EM060K sub-models (stable-fixes). * nfsd: Fixed mount kerberized nfs4 share issue (git-fixes bsc#1223858). * s390: Fixed kernel backtrack (bsc#1141539 git-fixes). * nfsd: Fixed mount issue with KOTD (bsc#1223380 bsc#1217408 bsc#1223640). * s390: Fixed LPM of lpar failure with error HSCLA2CF in 19th loops (jsc#PED-542 git-fixes bsc#1213573 ltc#203238). * ahci: asm1064: asm1166: do not limit reported ports (git-fixes). * ahci: asm1064: correct count of reported ports (stable-fixes). * arm64: dts: imx8-ss-conn: fix usdhc wrong lpcg clock order (git-fixes) * arm64: dts: rockchip: Remove unsupported node from the Pinebook Pro (git- fixes) * arm64: dts: rockchip: enable internal pull-up for Q7_THRM# on RK3399 (git- fixes) * arm64: dts: rockchip: enable internal pull-up on PCIE_WAKE# for (git-fixes) * arm64: dts: rockchip: enable internal pull-up on Q7_USB_ID for RK3399 (git- fixes) * arm64: dts: rockchip: fix rk3328 hdmi ports node (git-fixes) * arm64: dts: rockchip: fix rk3399 hdmi ports node (git-fixes) * arm64: hibernate: Fix level3 translation fault in swsusp_save() (git-fixes). * ax25: fix use-after-free bugs caused by ax25_ds_del_timer (git-fixes). * batman-adv: Avoid infinite loop trying to resize local TT (git-fixes). * clk: Get runtime PM before walking tree during disable_unused (git-fixes). * clk: Initialize struct clk_core kref earlier (stable-fixes). * clk: Mark 'all_lists' as const (stable-fixes). * clk: Print an info line before disabling unused clocks (stable-fixes). * clk: Remove prepare_lock hold assertion in __clk_release() (git-fixes). * clk: remove extra empty line (stable-fixes). * comedi: vmk80xx: fix incomplete endpoint checking (git-fixes). * dma: xilinx_dpdma: Fix locking (git-fixes). * dmaengine: idxd: Fix oops during rmmod on single-CPU platforms (git-fixes). * dmaengine: owl: fix register access functions (git-fixes). * dmaengine: tegra186: Fix residual calculation (git-fixes). * docs: Document the FAN_FS_ERROR event (stable-fixes). * drm-print: add drm_dbg_driver to improve namespace symmetry (stable-fixes). * drm/amd/display: Do not recursively call manual trigger programming (stable- fixes). * drm/amd/display: Fix nanosec stat overflow (stable-fixes). * drm/amd/display: fix disable otg wa logic in DCN316 (stable-fixes). * drm/amd/pm: fixes a random hang in S4 for SMU v13.0.4/11 (stable-fixes). * drm/amdgpu/sdma5.2: use legacy HDP flush for SDMA2/3 (stable-fixes). * drm/amdgpu: Fix leak when GPU memory allocation fails (stable-fixes). * drm/amdgpu: Reset dGPU if suspend got aborted (stable-fixes). * drm/amdgpu: always force full reset for SOC21 (stable-fixes). * drm/amdgpu: fix incorrect active rb bitmap for gfx11 (stable-fixes). * drm/amdgpu: fix incorrect number of active RBs for gfx11 (stable-fixes). * drm/amdgpu: once more fix the call oder in amdgpu_ttm_move() v2 (git-fixes). * drm/amdgpu: validate the parameters of bo mapping operations more clearly (git-fixes). * drm/amdkfd: Reset GPU on queue preemption failure (stable-fixes). * drm/ast: Fix soft lockup (git-fixes). * drm/client: Fully protect modes[] with dev->mode_config.mutex (stable- fixes). * drm/i915/cdclk: Fix CDCLK programming order when pipes are active (git- fixes). * drm/i915/vrr: Disable VRR when using bigjoiner (stable-fixes). * drm/i915: Disable port sync when bigjoiner is used (stable-fixes). * drm/msm/dp: fix typo in dp_display_handle_port_status_changed() (git-fixes). * drm/nouveau/nvkm: add a replacement for nvkm_notify (bsc#1223834) * drm/panel: ili9341: Respect deferred probe (git-fixes). * drm/panel: ili9341: Use predefined error codes (git-fixes). * drm/panel: visionox-rm69299: do not unregister DSI device (git-fixes). * drm/vc4: do not check if plane->state->fb == state->fb (stable-fixes). * drm/vmwgfx: Enable DMA mappings with SEV (git-fixes). * drm/vmwgfx: Fix crtc's atomic check conditional (git-fixes). * drm/vmwgfx: Fix invalid reads in fence signaled events (git-fixes). * drm/vmwgfx: Sort primary plane formats by order of preference (git-fixes). * drm: nv04: Fix out of bounds access (git-fixes). * drm: panel-orientation-quirks: Add quirk for GPD Win Mini (stable-fixes). * drm: panel-orientation-quirks: Add quirk for Lenovo Legion Go (stable- fixes). * dump_stack: Do not get cpu_sync for panic CPU (bsc#1223574). * fbdev: fix incorrect address computation in deferred IO (git-fixes). * fbdev: viafb: fix typo in hw_bitblt_1 and hw_bitblt_2 (stable-fixes). * fbmon: prevent division by zero in fb_videomode_from_videomode() (stable- fixes). * fuse: do not unhash root (bsc#1223951). * fuse: fix root lookup with nonzero generation (bsc#1223950). * hwmon: (amc6821) add of_match table (stable-fixes). * i2c: pxa: hide unused icr_bits[] variable (git-fixes). * i2c: smbus: fix NULL function pointer dereference (git-fixes). * i40e: Fix VF MAC filter removal (git-fixes). * idma64: Do not try to serve interrupts when device is powered off (git- fixes). * iio: accel: mxc4005: Interrupt handling fixes (git-fixes). * iio:imu: adis16475: Fix sync mode setting (git-fixes). * init/main.c: Fix potential static_command_line memory overflow (git-fixes). * ipv6/addrconf: fix a potential refcount underflow for idev (git-fixes). * irqchip/gic-v3-its: Prevent double free on error (git-fixes). * kprobes: Fix possible use-after-free issue on kprobe registration (git- fixes). * livepatch: Fix missing newline character in klp_resolve_symbols() (bsc#1223539). * media: cec: core: remove length check of Timer Status (stable-fixes). * media: sta2x11: fix irq handler cast (stable-fixes). * mei: me: add arrow lake point H DID (stable-fixes). * mei: me: add arrow lake point S DID (stable-fixes). * mei: me: disable RPL-S on SPS and IGN firmwares (git-fixes). * mm/vmscan: make sure wakeup_kswapd with managed zone (bsc#1223473). * mmc: sdhci-msm: pervent access to suspended controller (git-fixes). * mtd: diskonchip: work around ubsan link failure (stable-fixes). * net: bridge: vlan: fix memory leak in __allowed_ingress (git-fixes). * net: fix a memleak when uncloning an skb dst and its metadata (git-fixes). * net: fix skb leak in __skb_tstamp_tx() (git-fixes). * net: ipv6: ensure we call ipv6_mc_down() at most once (git-fixes). * net: mld: fix reference count leak in mld_{query | report}_work() (git- fixes). * net: stream: purge sk_error_queue in sk_stream_kill_queues() (git-fixes). * net: usb: ax88179_178a: avoid writing the mac address before first reading (git-fixes). * net: usb: ax88179_178a: stop lying about skb->truesize (git-fixes). * net: vlan: fix underflow for the real_dev refcnt (git-fixes). * net: vmxnet3: Fix NULL pointer dereference in vmxnet3_rq_rx_complete() (bsc#1223360). * netfilter: br_netfilter: Drop dst references before setting (git-fixes). * netfilter: ipt_CLUSTERIP: fix refcount leak in clusterip_tg_check() (git- fixes). * netfilter: nft_ct: fix l3num expectations with inet pseudo family (git- fixes). * nfsd: use __fput_sync() to avoid delayed closing of files (bsc#1223380 bsc#1217408). * nilfs2: fix OOB in nilfs_set_de_type (git-fixes). * nilfs2: fix OOB in nilfs_set_de_type (git-fixes). * nouveau: fix function cast warning (git-fixes). * nouveau: fix instmem race condition around ptr stores (git-fixes). * phy: tegra: xusb: Add API to retrieve the port number of phy (stable-fixes). * pinctrl: renesas: checker: Limit cfg reg enum checks to provided IDs (stable-fixes). * platform/x86: intel-vbtn: Update tablet mode switch at end of probe (git- fixes). * platform/x86: touchscreen_dmi: Add an extra entry for a variant of the Chuwi Vi8 tablet (stable-fixes). * powerpc/kasan: Do not instrument non-maskable or raw interrupts (bsc#1223191). * powerpc/rtas: define pr_fmt and convert printk call sites (bsc#1223369 ltc#205888). * powerpc/rtas: export rtas_error_rc() for reuse (bsc#1223369 ltc#205888). * powerpc: Avoid nmi_enter/nmi_exit in real mode interrupt (bsc#1221645 ltc#205739 bsc#1223191). * powerpc: Refactor verification of MSR_RI (bsc#1223191). * printk: Add this_cpu_in_panic() (bsc#1223574). * printk: Adjust mapping for 32bit seq macros (bsc#1223574). * printk: Avoid non-panic CPUs writing to ringbuffer (bsc#1223574). * printk: Disable passing console lock owner completely during panic() (bsc#1223574). * printk: Drop console_sem during panic (bsc#1223574). * printk: Rename abandon_console_lock_in_panic() to other_cpu_in_panic() (bsc#1223574). * printk: Use prb_first_seq() as base for 32bit seq macros (bsc#1223574). * printk: Wait for all reserved records with pr_flush() (bsc#1223574). * printk: nbcon: Relocate 32bit seq macros (bsc#1223574). * printk: ringbuffer: Clarify special lpos values (bsc#1223574). * printk: ringbuffer: Cleanup reader terminology (bsc#1223574). * printk: ringbuffer: Do not skip non-finalized records with prb_next_seq() (bsc#1223574). * printk: ringbuffer: Improve prb_next_seq() performance (bsc#1223574). * printk: ringbuffer: Skip non-finalized records in panic (bsc#1223574). * pstore/zone: Add a null pointer check to the psz_kmsg_read (stable-fixes). * ring-buffer: Only update pages_touched when a new page is touched (git- fixes). * ring-buffer: use READ_ONCE() to read cpu_buffer->commit_page in concurrent environment (git-fixes). * s390/cio: Ensure the copied buf is NUL terminated (git-fixes bsc#1223875). * s390/decompressor: fix misaligned symbol build error (git-fixes bsc#1223785). * s390/mm: Fix clearing storage keys for huge pages (git-fixes bsc#1223877). * s390/mm: Fix storage key clearing for guest huge pages (git-fixes bsc#1223878). * s390/qeth: Fix kernel panic after setting hsuid (git-fixes bsc#1223879). * s390/scm: fix virtual vs physical address confusion (git-fixes bsc#1223784). * s390/vdso: Add CFI for RA register to asm macro vdso_func (git-fixes bsc#1223876). * s390/vdso: drop '-fPIC' from LDFLAGS (git-fixes bsc#1223598). * s390/zcrypt: fix reference counting on zcrypt card objects (git-fixes bsc#1223595). * serial/pmac_zilog: Remove flawed mitigation for rx irq flood (git-fixes). * serial: core: Provide port lock wrappers (stable-fixes). * serial: core: fix kernel-doc for uart_port_unlock_irqrestore() (git-fixes). * serial: mxs-auart: add spinlock around changing cts state (git-fixes). * slimbus: qcom-ngd-ctrl: Add timeout for wait operation (git-fixes). * speakup: Avoid crash on very long word (git-fixes). * speakup: Fix 8bit characters from direct synth (git-fixes). * spi: hisi-kunpeng: Delete the dump interface of data registers in debugfs (git-fixes). * tcp/udp: Fix memleaks of sk and zerocopy skbs with TX timestamp (git-fixes). * thunderbolt: Avoid notify PM core about runtime PM resume (stable-fixes). * thunderbolt: Fix wake configurations after device unplug (stable-fixes). * tracing/net_sched: Fix tracepoints that save qdisc_dev() as a string (git- fixes). * tracing: Show size of requested perf buffer (git-fixes). * usb: Disable USB3 LPM at shutdown (stable-fixes). * usb: Fix regression caused by invalid ep0 maxpacket in virtual SuperSpeed device (git-fixes). * usb: dwc2: host: Fix dereference issue in DDMA completion flow (git-fixes). * usb: dwc3: core: Prevent phy suspend during init (Git-fixes). * usb: gadget: composite: fix OS descriptors w_value logic (git-fixes). * usb: gadget: f_fs: Fix a race condition when processing setup packets (git- fixes). * usb: gadget: f_ncm: Fix UAF ncm object at re-bind after usb ep transport error (stable-fixes). * usb: gadget: tegra-xudc: Fix USB3 PHY retrieval logic (git-fixes). * usb: ohci: Prevent missed ohci interrupts (git-fixes). * usb: sl811-hcd: only defined function checkdone if QUIRK2 is defined (stable-fixes). * usb: typec: tcpci: add generic tcpci fallback compatible (stable-fixes). * usb: typec: tcpm: Check for port partner validity before consuming it (git- fixes). * usb: typec: tcpm: unregister existing source caps before re-registration (bsc#1220569). * usb: typec: ucsi: Ack unsupported commands (stable-fixes). * usb: typec: ucsi: Clear UCSI_CCI_RESET_COMPLETE before reset (stable-fixes). * usb: typec: ucsi: Fix connector check on init (git-fixes). * usb: udc: remove warning when queue disabled ep (stable-fixes). * virtio: treat alloc_dax() -EOPNOTSUPP failure as non-fatal (bsc#1223949). * wifi: ath9k: fix LNA selection in ath_ant_try_scan() (stable-fixes). * wifi: iwlwifi: mvm: remove old PASN station when adding a new one (git- fixes). * wifi: iwlwifi: mvm: return uid from iwl_mvm_build_scan_cmd (git-fixes). * wifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes (stable- fixes). * wifi: nl80211: do not free NULL coalescing rule (git-fixes). * x86/bugs: Cache the value of MSR_IA32_ARCH_CAPABILITIES (git-fixes). * x86/bugs: Fix BHI documentation (git-fixes). * x86/bugs: Fix BHI handling of RRSBA (git-fixes). * x86/bugs: Fix BHI retpoline check (git-fixes). * x86/bugs: Fix return type of spectre_bhi_state() (git-fixes). * x86/bugs: Rename various 'ia32_cap' variables to 'x86_arch_cap_msr' (git- fixes). * x86/cpufeatures: Fix dependencies for GFNI, VAES, and VPCLMULQDQ (git- fixes). * x86/mm: Ensure input to pfn_to_kaddr() is treated as a 64-bit type (jsc#PED-7167 git-fixes). * x86/sev: Skip ROM range scans and validation for SEV-SNP guests (jsc#PED-7167 git-fixes). * xfrm6: fix inet6_dev refcount underflow problem (git-fixes). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1644=1 SUSE-2024-1644=1 * Public Cloud Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP5-2024-1644=1 ## Package List: * openSUSE Leap 15.5 (aarch64 x86_64) * cluster-md-kmp-azure-debuginfo-5.14.21-150500.33.51.1 * ocfs2-kmp-azure-debuginfo-5.14.21-150500.33.51.1 * reiserfs-kmp-azure-5.14.21-150500.33.51.1 * kernel-azure-extra-debuginfo-5.14.21-150500.33.51.1 * kernel-azure-debuginfo-5.14.21-150500.33.51.1 * gfs2-kmp-azure-debuginfo-5.14.21-150500.33.51.1 * dlm-kmp-azure-5.14.21-150500.33.51.1 * kernel-azure-debugsource-5.14.21-150500.33.51.1 * kselftests-kmp-azure-5.14.21-150500.33.51.1 * kernel-azure-devel-5.14.21-150500.33.51.1 * dlm-kmp-azure-debuginfo-5.14.21-150500.33.51.1 * kernel-azure-livepatch-devel-5.14.21-150500.33.51.1 * cluster-md-kmp-azure-5.14.21-150500.33.51.1 * kernel-azure-extra-5.14.21-150500.33.51.1 * kernel-azure-optional-debuginfo-5.14.21-150500.33.51.1 * kernel-azure-optional-5.14.21-150500.33.51.1 * reiserfs-kmp-azure-debuginfo-5.14.21-150500.33.51.1 * kselftests-kmp-azure-debuginfo-5.14.21-150500.33.51.1 * ocfs2-kmp-azure-5.14.21-150500.33.51.1 * kernel-azure-devel-debuginfo-5.14.21-150500.33.51.1 * kernel-syms-azure-5.14.21-150500.33.51.1 * gfs2-kmp-azure-5.14.21-150500.33.51.1 * openSUSE Leap 15.5 (aarch64 nosrc x86_64) * kernel-azure-5.14.21-150500.33.51.1 * openSUSE Leap 15.5 (x86_64) * kernel-azure-vdso-debuginfo-5.14.21-150500.33.51.1 * kernel-azure-vdso-5.14.21-150500.33.51.1 * openSUSE Leap 15.5 (noarch) * kernel-source-azure-5.14.21-150500.33.51.1 * kernel-devel-azure-5.14.21-150500.33.51.1 * Public Cloud Module 15-SP5 (aarch64 nosrc x86_64) * kernel-azure-5.14.21-150500.33.51.1 * Public Cloud Module 15-SP5 (aarch64 x86_64) * kernel-azure-devel-5.14.21-150500.33.51.1 * kernel-azure-debugsource-5.14.21-150500.33.51.1 * kernel-azure-debuginfo-5.14.21-150500.33.51.1 * kernel-azure-devel-debuginfo-5.14.21-150500.33.51.1 * kernel-syms-azure-5.14.21-150500.33.51.1 * Public Cloud Module 15-SP5 (noarch) * kernel-source-azure-5.14.21-150500.33.51.1 * kernel-devel-azure-5.14.21-150500.33.51.1 ## References: * https://www.suse.com/security/cve/CVE-2021-47047.html * https://www.suse.com/security/cve/CVE-2021-47184.html * https://www.suse.com/security/cve/CVE-2021-47185.html * https://www.suse.com/security/cve/CVE-2021-47187.html * https://www.suse.com/security/cve/CVE-2021-47188.html * https://www.suse.com/security/cve/CVE-2021-47191.html * https://www.suse.com/security/cve/CVE-2021-47192.html * https://www.suse.com/security/cve/CVE-2021-47193.html * https://www.suse.com/security/cve/CVE-2021-47194.html * https://www.suse.com/security/cve/CVE-2021-47195.html * https://www.suse.com/security/cve/CVE-2021-47196.html * https://www.suse.com/security/cve/CVE-2021-47197.html * https://www.suse.com/security/cve/CVE-2021-47198.html * https://www.suse.com/security/cve/CVE-2021-47199.html * https://www.suse.com/security/cve/CVE-2021-47200.html * https://www.suse.com/security/cve/CVE-2021-47201.html * https://www.suse.com/security/cve/CVE-2021-47202.html * https://www.suse.com/security/cve/CVE-2021-47203.html * https://www.suse.com/security/cve/CVE-2021-47204.html * https://www.suse.com/security/cve/CVE-2021-47205.html * https://www.suse.com/security/cve/CVE-2021-47206.html * https://www.suse.com/security/cve/CVE-2021-47207.html * https://www.suse.com/security/cve/CVE-2021-47209.html * https://www.suse.com/security/cve/CVE-2021-47210.html * https://www.suse.com/security/cve/CVE-2021-47211.html * https://www.suse.com/security/cve/CVE-2021-47212.html * https://www.suse.com/security/cve/CVE-2021-47214.html * https://www.suse.com/security/cve/CVE-2021-47215.html * https://www.suse.com/security/cve/CVE-2021-47216.html * https://www.suse.com/security/cve/CVE-2021-47217.html * https://www.suse.com/security/cve/CVE-2021-47218.html * https://www.suse.com/security/cve/CVE-2021-47219.html * https://www.suse.com/security/cve/CVE-2022-48631.html * https://www.suse.com/security/cve/CVE-2022-48632.html * https://www.suse.com/security/cve/CVE-2022-48634.html * https://www.suse.com/security/cve/CVE-2022-48636.html * https://www.suse.com/security/cve/CVE-2022-48637.html * https://www.suse.com/security/cve/CVE-2022-48638.html * https://www.suse.com/security/cve/CVE-2022-48639.html * https://www.suse.com/security/cve/CVE-2022-48640.html * https://www.suse.com/security/cve/CVE-2022-48642.html * https://www.suse.com/security/cve/CVE-2022-48644.html * https://www.suse.com/security/cve/CVE-2022-48646.html * https://www.suse.com/security/cve/CVE-2022-48647.html * https://www.suse.com/security/cve/CVE-2022-48648.html * https://www.suse.com/security/cve/CVE-2022-48650.html * https://www.suse.com/security/cve/CVE-2022-48651.html * https://www.suse.com/security/cve/CVE-2022-48652.html * https://www.suse.com/security/cve/CVE-2022-48653.html * https://www.suse.com/security/cve/CVE-2022-48654.html * https://www.suse.com/security/cve/CVE-2022-48655.html * https://www.suse.com/security/cve/CVE-2022-48656.html * https://www.suse.com/security/cve/CVE-2022-48657.html * https://www.suse.com/security/cve/CVE-2022-48658.html * https://www.suse.com/security/cve/CVE-2022-48659.html * https://www.suse.com/security/cve/CVE-2022-48660.html * https://www.suse.com/security/cve/CVE-2022-48662.html * https://www.suse.com/security/cve/CVE-2022-48663.html * https://www.suse.com/security/cve/CVE-2022-48667.html * https://www.suse.com/security/cve/CVE-2022-48668.html * https://www.suse.com/security/cve/CVE-2022-48671.html * https://www.suse.com/security/cve/CVE-2022-48672.html * https://www.suse.com/security/cve/CVE-2022-48673.html * https://www.suse.com/security/cve/CVE-2022-48675.html * https://www.suse.com/security/cve/CVE-2022-48686.html * https://www.suse.com/security/cve/CVE-2022-48687.html * https://www.suse.com/security/cve/CVE-2022-48688.html * https://www.suse.com/security/cve/CVE-2022-48690.html * https://www.suse.com/security/cve/CVE-2022-48692.html * https://www.suse.com/security/cve/CVE-2022-48693.html * https://www.suse.com/security/cve/CVE-2022-48694.html * https://www.suse.com/security/cve/CVE-2022-48695.html * https://www.suse.com/security/cve/CVE-2022-48697.html * https://www.suse.com/security/cve/CVE-2022-48698.html * https://www.suse.com/security/cve/CVE-2022-48699.html * https://www.suse.com/security/cve/CVE-2022-48700.html * https://www.suse.com/security/cve/CVE-2022-48701.html * https://www.suse.com/security/cve/CVE-2022-48702.html * https://www.suse.com/security/cve/CVE-2022-48703.html * https://www.suse.com/security/cve/CVE-2022-48704.html * https://www.suse.com/security/cve/CVE-2023-2860.html * https://www.suse.com/security/cve/CVE-2023-52585.html * https://www.suse.com/security/cve/CVE-2023-52589.html * https://www.suse.com/security/cve/CVE-2023-52590.html * https://www.suse.com/security/cve/CVE-2023-52591.html * https://www.suse.com/security/cve/CVE-2023-52593.html * https://www.suse.com/security/cve/CVE-2023-52614.html * https://www.suse.com/security/cve/CVE-2023-52616.html * https://www.suse.com/security/cve/CVE-2023-52620.html * https://www.suse.com/security/cve/CVE-2023-52635.html * https://www.suse.com/security/cve/CVE-2023-52645.html * https://www.suse.com/security/cve/CVE-2023-52646.html * https://www.suse.com/security/cve/CVE-2023-52652.html * https://www.suse.com/security/cve/CVE-2023-6270.html * https://www.suse.com/security/cve/CVE-2024-0639.html * https://www.suse.com/security/cve/CVE-2024-0841.html * https://www.suse.com/security/cve/CVE-2024-2201.html * https://www.suse.com/security/cve/CVE-2024-22099.html * https://www.suse.com/security/cve/CVE-2024-23307.html * https://www.suse.com/security/cve/CVE-2024-23848.html * https://www.suse.com/security/cve/CVE-2024-23850.html * https://www.suse.com/security/cve/CVE-2024-26601.html * https://www.suse.com/security/cve/CVE-2024-26610.html * https://www.suse.com/security/cve/CVE-2024-26656.html * https://www.suse.com/security/cve/CVE-2024-26671.html * https://www.suse.com/security/cve/CVE-2024-26673.html * https://www.suse.com/security/cve/CVE-2024-26675.html * https://www.suse.com/security/cve/CVE-2024-26679.html * https://www.suse.com/security/cve/CVE-2024-26687.html * https://www.suse.com/security/cve/CVE-2024-26688.html * https://www.suse.com/security/cve/CVE-2024-26700.html * https://www.suse.com/security/cve/CVE-2024-26702.html * https://www.suse.com/security/cve/CVE-2024-26733.html * https://www.suse.com/security/cve/CVE-2024-26739.html * https://www.suse.com/security/cve/CVE-2024-26764.html * https://www.suse.com/security/cve/CVE-2024-26766.html * https://www.suse.com/security/cve/CVE-2024-26772.html * https://www.suse.com/security/cve/CVE-2024-26773.html * https://www.suse.com/security/cve/CVE-2024-26783.html * https://www.suse.com/security/cve/CVE-2024-26791.html * https://www.suse.com/security/cve/CVE-2024-26792.html * https://www.suse.com/security/cve/CVE-2024-26816.html * https://www.suse.com/security/cve/CVE-2024-26817.html * https://www.suse.com/security/cve/CVE-2024-26820.html * https://www.suse.com/security/cve/CVE-2024-26825.html * https://www.suse.com/security/cve/CVE-2024-26830.html * https://www.suse.com/security/cve/CVE-2024-26833.html * https://www.suse.com/security/cve/CVE-2024-26836.html * https://www.suse.com/security/cve/CVE-2024-26840.html * https://www.suse.com/security/cve/CVE-2024-26843.html * https://www.suse.com/security/cve/CVE-2024-26852.html * https://www.suse.com/security/cve/CVE-2024-26853.html * https://www.suse.com/security/cve/CVE-2024-26855.html * https://www.suse.com/security/cve/CVE-2024-26856.html * https://www.suse.com/security/cve/CVE-2024-26857.html * https://www.suse.com/security/cve/CVE-2024-26861.html * https://www.suse.com/security/cve/CVE-2024-26862.html * https://www.suse.com/security/cve/CVE-2024-26866.html * https://www.suse.com/security/cve/CVE-2024-26872.html * https://www.suse.com/security/cve/CVE-2024-26875.html * https://www.suse.com/security/cve/CVE-2024-26876.html * https://www.suse.com/security/cve/CVE-2024-26877.html * https://www.suse.com/security/cve/CVE-2024-26878.html * https://www.suse.com/security/cve/CVE-2024-26879.html * https://www.suse.com/security/cve/CVE-2024-26881.html * https://www.suse.com/security/cve/CVE-2024-26882.html * https://www.suse.com/security/cve/CVE-2024-26883.html * https://www.suse.com/security/cve/CVE-2024-26884.html * https://www.suse.com/security/cve/CVE-2024-26885.html * https://www.suse.com/security/cve/CVE-2024-26891.html * https://www.suse.com/security/cve/CVE-2024-26893.html * https://www.suse.com/security/cve/CVE-2024-26895.html * https://www.suse.com/security/cve/CVE-2024-26896.html * https://www.suse.com/security/cve/CVE-2024-26897.html * https://www.suse.com/security/cve/CVE-2024-26898.html * https://www.suse.com/security/cve/CVE-2024-26901.html * https://www.suse.com/security/cve/CVE-2024-26903.html * https://www.suse.com/security/cve/CVE-2024-26915.html * https://www.suse.com/security/cve/CVE-2024-26917.html * https://www.suse.com/security/cve/CVE-2024-26927.html * https://www.suse.com/security/cve/CVE-2024-26933.html * https://www.suse.com/security/cve/CVE-2024-26939.html * https://www.suse.com/security/cve/CVE-2024-26948.html * https://www.suse.com/security/cve/CVE-2024-26950.html * https://www.suse.com/security/cve/CVE-2024-26951.html * https://www.suse.com/security/cve/CVE-2024-26955.html * https://www.suse.com/security/cve/CVE-2024-26956.html * https://www.suse.com/security/cve/CVE-2024-26960.html * https://www.suse.com/security/cve/CVE-2024-26965.html * https://www.suse.com/security/cve/CVE-2024-26966.html * https://www.suse.com/security/cve/CVE-2024-26969.html * https://www.suse.com/security/cve/CVE-2024-26970.html * https://www.suse.com/security/cve/CVE-2024-26972.html * https://www.suse.com/security/cve/CVE-2024-26979.html * https://www.suse.com/security/cve/CVE-2024-26981.html * https://www.suse.com/security/cve/CVE-2024-26982.html * https://www.suse.com/security/cve/CVE-2024-26993.html * https://www.suse.com/security/cve/CVE-2024-27013.html * https://www.suse.com/security/cve/CVE-2024-27014.html * https://www.suse.com/security/cve/CVE-2024-27030.html * https://www.suse.com/security/cve/CVE-2024-27038.html * https://www.suse.com/security/cve/CVE-2024-27039.html * https://www.suse.com/security/cve/CVE-2024-27041.html * https://www.suse.com/security/cve/CVE-2024-27042.html * https://www.suse.com/security/cve/CVE-2024-27043.html * https://www.suse.com/security/cve/CVE-2024-27046.html * https://www.suse.com/security/cve/CVE-2024-27056.html * https://www.suse.com/security/cve/CVE-2024-27059.html * https://www.suse.com/security/cve/CVE-2024-27062.html * https://www.suse.com/security/cve/CVE-2024-27389.html * https://bugzilla.suse.com/show_bug.cgi?id=1141539 * https://bugzilla.suse.com/show_bug.cgi?id=1190576 * https://bugzilla.suse.com/show_bug.cgi?id=1192145 * https://bugzilla.suse.com/show_bug.cgi?id=1192837 * https://bugzilla.suse.com/show_bug.cgi?id=1193629 * https://bugzilla.suse.com/show_bug.cgi?id=1196869 * https://bugzilla.suse.com/show_bug.cgi?id=1200313 * https://bugzilla.suse.com/show_bug.cgi?id=1201308 * https://bugzilla.suse.com/show_bug.cgi?id=1201489 * https://bugzilla.suse.com/show_bug.cgi?id=1203906 * https://bugzilla.suse.com/show_bug.cgi?id=1203935 * https://bugzilla.suse.com/show_bug.cgi?id=1204614 * https://bugzilla.suse.com/show_bug.cgi?id=1207361 * https://bugzilla.suse.com/show_bug.cgi?id=1211592 * https://bugzilla.suse.com/show_bug.cgi?id=1213573 * https://bugzilla.suse.com/show_bug.cgi?id=1217339 * https://bugzilla.suse.com/show_bug.cgi?id=1217408 * https://bugzilla.suse.com/show_bug.cgi?id=1218562 * https://bugzilla.suse.com/show_bug.cgi?id=1218917 * https://bugzilla.suse.com/show_bug.cgi?id=1219104 * https://bugzilla.suse.com/show_bug.cgi?id=1219126 * https://bugzilla.suse.com/show_bug.cgi?id=1219141 * https://bugzilla.suse.com/show_bug.cgi?id=1219169 * https://bugzilla.suse.com/show_bug.cgi?id=1219170 * https://bugzilla.suse.com/show_bug.cgi?id=1219264 * https://bugzilla.suse.com/show_bug.cgi?id=1220342 * https://bugzilla.suse.com/show_bug.cgi?id=1220569 * https://bugzilla.suse.com/show_bug.cgi?id=1220761 * https://bugzilla.suse.com/show_bug.cgi?id=1221042 * https://bugzilla.suse.com/show_bug.cgi?id=1221044 * https://bugzilla.suse.com/show_bug.cgi?id=1221080 * https://bugzilla.suse.com/show_bug.cgi?id=1221084 * https://bugzilla.suse.com/show_bug.cgi?id=1221088 * https://bugzilla.suse.com/show_bug.cgi?id=1221299 * https://bugzilla.suse.com/show_bug.cgi?id=1221612 * https://bugzilla.suse.com/show_bug.cgi?id=1221617 * https://bugzilla.suse.com/show_bug.cgi?id=1221645 * https://bugzilla.suse.com/show_bug.cgi?id=1221825 * https://bugzilla.suse.com/show_bug.cgi?id=1222294 * https://bugzilla.suse.com/show_bug.cgi?id=1222307 * https://bugzilla.suse.com/show_bug.cgi?id=1222357 * https://bugzilla.suse.com/show_bug.cgi?id=1222368 * https://bugzilla.suse.com/show_bug.cgi?id=1222379 * https://bugzilla.suse.com/show_bug.cgi?id=1222385 * https://bugzilla.suse.com/show_bug.cgi?id=1222424 * https://bugzilla.suse.com/show_bug.cgi?id=1222430 * https://bugzilla.suse.com/show_bug.cgi?id=1222435 * https://bugzilla.suse.com/show_bug.cgi?id=1222482 * https://bugzilla.suse.com/show_bug.cgi?id=1222559 * https://bugzilla.suse.com/show_bug.cgi?id=1222585 * https://bugzilla.suse.com/show_bug.cgi?id=1222613 * https://bugzilla.suse.com/show_bug.cgi?id=1222615 * https://bugzilla.suse.com/show_bug.cgi?id=1222618 * https://bugzilla.suse.com/show_bug.cgi?id=1222624 * https://bugzilla.suse.com/show_bug.cgi?id=1222666 * https://bugzilla.suse.com/show_bug.cgi?id=1222669 * https://bugzilla.suse.com/show_bug.cgi?id=1222671 * https://bugzilla.suse.com/show_bug.cgi?id=1222703 * https://bugzilla.suse.com/show_bug.cgi?id=1222704 * https://bugzilla.suse.com/show_bug.cgi?id=1222709 * https://bugzilla.suse.com/show_bug.cgi?id=1222710 * https://bugzilla.suse.com/show_bug.cgi?id=1222721 * https://bugzilla.suse.com/show_bug.cgi?id=1222726 * https://bugzilla.suse.com/show_bug.cgi?id=1222773 * https://bugzilla.suse.com/show_bug.cgi?id=1222776 * https://bugzilla.suse.com/show_bug.cgi?id=1222785 * https://bugzilla.suse.com/show_bug.cgi?id=1222787 * https://bugzilla.suse.com/show_bug.cgi?id=1222790 * https://bugzilla.suse.com/show_bug.cgi?id=1222791 * https://bugzilla.suse.com/show_bug.cgi?id=1222792 * https://bugzilla.suse.com/show_bug.cgi?id=1222793 * https://bugzilla.suse.com/show_bug.cgi?id=1222796 * https://bugzilla.suse.com/show_bug.cgi?id=1222812 * https://bugzilla.suse.com/show_bug.cgi?id=1222824 * https://bugzilla.suse.com/show_bug.cgi?id=1222829 * https://bugzilla.suse.com/show_bug.cgi?id=1222832 * https://bugzilla.suse.com/show_bug.cgi?id=1222836 * https://bugzilla.suse.com/show_bug.cgi?id=1222838 * https://bugzilla.suse.com/show_bug.cgi?id=1222866 * https://bugzilla.suse.com/show_bug.cgi?id=1222867 * https://bugzilla.suse.com/show_bug.cgi?id=1222869 * https://bugzilla.suse.com/show_bug.cgi?id=1222870 * https://bugzilla.suse.com/show_bug.cgi?id=1222876 * https://bugzilla.suse.com/show_bug.cgi?id=1222878 * https://bugzilla.suse.com/show_bug.cgi?id=1222879 * https://bugzilla.suse.com/show_bug.cgi?id=1222881 * https://bugzilla.suse.com/show_bug.cgi?id=1222883 * https://bugzilla.suse.com/show_bug.cgi?id=1222888 * https://bugzilla.suse.com/show_bug.cgi?id=1222894 * https://bugzilla.suse.com/show_bug.cgi?id=1222901 * https://bugzilla.suse.com/show_bug.cgi?id=1222968 * https://bugzilla.suse.com/show_bug.cgi?id=1222976 * https://bugzilla.suse.com/show_bug.cgi?id=1223012 * https://bugzilla.suse.com/show_bug.cgi?id=1223014 * https://bugzilla.suse.com/show_bug.cgi?id=1223016 * https://bugzilla.suse.com/show_bug.cgi?id=1223024 * https://bugzilla.suse.com/show_bug.cgi?id=1223033 * https://bugzilla.suse.com/show_bug.cgi?id=1223034 * https://bugzilla.suse.com/show_bug.cgi?id=1223035 * https://bugzilla.suse.com/show_bug.cgi?id=1223036 * https://bugzilla.suse.com/show_bug.cgi?id=1223037 * https://bugzilla.suse.com/show_bug.cgi?id=1223041 * https://bugzilla.suse.com/show_bug.cgi?id=1223042 * https://bugzilla.suse.com/show_bug.cgi?id=1223051 * https://bugzilla.suse.com/show_bug.cgi?id=1223052 * https://bugzilla.suse.com/show_bug.cgi?id=1223056 * https://bugzilla.suse.com/show_bug.cgi?id=1223057 * https://bugzilla.suse.com/show_bug.cgi?id=1223058 * https://bugzilla.suse.com/show_bug.cgi?id=1223060 * https://bugzilla.suse.com/show_bug.cgi?id=1223061 * https://bugzilla.suse.com/show_bug.cgi?id=1223065 * https://bugzilla.suse.com/show_bug.cgi?id=1223066 * https://bugzilla.suse.com/show_bug.cgi?id=1223076 * https://bugzilla.suse.com/show_bug.cgi?id=1223078 * https://bugzilla.suse.com/show_bug.cgi?id=1223111 * https://bugzilla.suse.com/show_bug.cgi?id=1223115 * https://bugzilla.suse.com/show_bug.cgi?id=1223118 * https://bugzilla.suse.com/show_bug.cgi?id=1223119 * https://bugzilla.suse.com/show_bug.cgi?id=1223140 * https://bugzilla.suse.com/show_bug.cgi?id=1223187 * https://bugzilla.suse.com/show_bug.cgi?id=1223189 * https://bugzilla.suse.com/show_bug.cgi?id=1223190 * https://bugzilla.suse.com/show_bug.cgi?id=1223191 * https://bugzilla.suse.com/show_bug.cgi?id=1223196 * https://bugzilla.suse.com/show_bug.cgi?id=1223197 * https://bugzilla.suse.com/show_bug.cgi?id=1223198 * https://bugzilla.suse.com/show_bug.cgi?id=1223207 * https://bugzilla.suse.com/show_bug.cgi?id=1223275 * https://bugzilla.suse.com/show_bug.cgi?id=1223323 * https://bugzilla.suse.com/show_bug.cgi?id=1223360 * https://bugzilla.suse.com/show_bug.cgi?id=1223369 * https://bugzilla.suse.com/show_bug.cgi?id=1223380 * https://bugzilla.suse.com/show_bug.cgi?id=1223432 * https://bugzilla.suse.com/show_bug.cgi?id=1223473 * https://bugzilla.suse.com/show_bug.cgi?id=1223474 * https://bugzilla.suse.com/show_bug.cgi?id=1223475 * https://bugzilla.suse.com/show_bug.cgi?id=1223477 * https://bugzilla.suse.com/show_bug.cgi?id=1223478 * https://bugzilla.suse.com/show_bug.cgi?id=1223479 * https://bugzilla.suse.com/show_bug.cgi?id=1223481 * https://bugzilla.suse.com/show_bug.cgi?id=1223482 * https://bugzilla.suse.com/show_bug.cgi?id=1223484 * https://bugzilla.suse.com/show_bug.cgi?id=1223487 * https://bugzilla.suse.com/show_bug.cgi?id=1223490 * https://bugzilla.suse.com/show_bug.cgi?id=1223496 * https://bugzilla.suse.com/show_bug.cgi?id=1223498 * https://bugzilla.suse.com/show_bug.cgi?id=1223499 * https://bugzilla.suse.com/show_bug.cgi?id=1223501 * https://bugzilla.suse.com/show_bug.cgi?id=1223502 * https://bugzilla.suse.com/show_bug.cgi?id=1223503 * https://bugzilla.suse.com/show_bug.cgi?id=1223505 * https://bugzilla.suse.com/show_bug.cgi?id=1223509 * https://bugzilla.suse.com/show_bug.cgi?id=1223511 * https://bugzilla.suse.com/show_bug.cgi?id=1223512 * https://bugzilla.suse.com/show_bug.cgi?id=1223513 * https://bugzilla.suse.com/show_bug.cgi?id=1223516 * https://bugzilla.suse.com/show_bug.cgi?id=1223517 * https://bugzilla.suse.com/show_bug.cgi?id=1223518 * https://bugzilla.suse.com/show_bug.cgi?id=1223519 * https://bugzilla.suse.com/show_bug.cgi?id=1223520 * https://bugzilla.suse.com/show_bug.cgi?id=1223522 * https://bugzilla.suse.com/show_bug.cgi?id=1223523 * https://bugzilla.suse.com/show_bug.cgi?id=1223525 * https://bugzilla.suse.com/show_bug.cgi?id=1223536 * https://bugzilla.suse.com/show_bug.cgi?id=1223539 * https://bugzilla.suse.com/show_bug.cgi?id=1223574 * https://bugzilla.suse.com/show_bug.cgi?id=1223595 * https://bugzilla.suse.com/show_bug.cgi?id=1223598 * https://bugzilla.suse.com/show_bug.cgi?id=1223628 * https://bugzilla.suse.com/show_bug.cgi?id=1223634 * https://bugzilla.suse.com/show_bug.cgi?id=1223640 * https://bugzilla.suse.com/show_bug.cgi?id=1223643 * https://bugzilla.suse.com/show_bug.cgi?id=1223644 * https://bugzilla.suse.com/show_bug.cgi?id=1223645 * https://bugzilla.suse.com/show_bug.cgi?id=1223646 * https://bugzilla.suse.com/show_bug.cgi?id=1223648 * https://bugzilla.suse.com/show_bug.cgi?id=1223655 * https://bugzilla.suse.com/show_bug.cgi?id=1223657 * https://bugzilla.suse.com/show_bug.cgi?id=1223660 * https://bugzilla.suse.com/show_bug.cgi?id=1223661 * https://bugzilla.suse.com/show_bug.cgi?id=1223663 * https://bugzilla.suse.com/show_bug.cgi?id=1223664 * https://bugzilla.suse.com/show_bug.cgi?id=1223668 * https://bugzilla.suse.com/show_bug.cgi?id=1223670 * https://bugzilla.suse.com/show_bug.cgi?id=1223679 * https://bugzilla.suse.com/show_bug.cgi?id=1223686 * https://bugzilla.suse.com/show_bug.cgi?id=1223693 * https://bugzilla.suse.com/show_bug.cgi?id=1223705 * https://bugzilla.suse.com/show_bug.cgi?id=1223714 * https://bugzilla.suse.com/show_bug.cgi?id=1223735 * https://bugzilla.suse.com/show_bug.cgi?id=1223738 * https://bugzilla.suse.com/show_bug.cgi?id=1223745 * https://bugzilla.suse.com/show_bug.cgi?id=1223784 * https://bugzilla.suse.com/show_bug.cgi?id=1223785 * https://bugzilla.suse.com/show_bug.cgi?id=1223790 * https://bugzilla.suse.com/show_bug.cgi?id=1223816 * https://bugzilla.suse.com/show_bug.cgi?id=1223821 * https://bugzilla.suse.com/show_bug.cgi?id=1223822 * https://bugzilla.suse.com/show_bug.cgi?id=1223823 * https://bugzilla.suse.com/show_bug.cgi?id=1223824 * https://bugzilla.suse.com/show_bug.cgi?id=1223827 * https://bugzilla.suse.com/show_bug.cgi?id=1223834 * https://bugzilla.suse.com/show_bug.cgi?id=1223858 * https://bugzilla.suse.com/show_bug.cgi?id=1223875 * https://bugzilla.suse.com/show_bug.cgi?id=1223876 * https://bugzilla.suse.com/show_bug.cgi?id=1223877 * https://bugzilla.suse.com/show_bug.cgi?id=1223878 * https://bugzilla.suse.com/show_bug.cgi?id=1223879 * https://bugzilla.suse.com/show_bug.cgi?id=1223894 * https://bugzilla.suse.com/show_bug.cgi?id=1223921 * https://bugzilla.suse.com/show_bug.cgi?id=1223922 * https://bugzilla.suse.com/show_bug.cgi?id=1223923 * https://bugzilla.suse.com/show_bug.cgi?id=1223924 * https://bugzilla.suse.com/show_bug.cgi?id=1223929 * https://bugzilla.suse.com/show_bug.cgi?id=1223931 * https://bugzilla.suse.com/show_bug.cgi?id=1223932 * https://bugzilla.suse.com/show_bug.cgi?id=1223934 * https://bugzilla.suse.com/show_bug.cgi?id=1223941 * https://bugzilla.suse.com/show_bug.cgi?id=1223948 * https://bugzilla.suse.com/show_bug.cgi?id=1223949 * https://bugzilla.suse.com/show_bug.cgi?id=1223950 * https://bugzilla.suse.com/show_bug.cgi?id=1223951 * https://bugzilla.suse.com/show_bug.cgi?id=1223952 * https://bugzilla.suse.com/show_bug.cgi?id=1223953 * https://bugzilla.suse.com/show_bug.cgi?id=1223956 * https://bugzilla.suse.com/show_bug.cgi?id=1223957 * https://bugzilla.suse.com/show_bug.cgi?id=1223960 * https://bugzilla.suse.com/show_bug.cgi?id=1223962 * https://bugzilla.suse.com/show_bug.cgi?id=1223963 * https://bugzilla.suse.com/show_bug.cgi?id=1223964 * https://bugzilla.suse.com/show_bug.cgi?id=1223996 * https://jira.suse.com/browse/PED-7167 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue May 14 16:33:09 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 14 May 2024 16:33:09 -0000 Subject: SUSE-SU-2024:1643-1: important: Security update for the Linux Kernel Message-ID: <171570438952.20442.2997957700796516839@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2024:1643-1 Rating: important References: * bsc#1084332 * bsc#1141539 * bsc#1184509 * bsc#1186060 * bsc#1190317 * bsc#1190576 * bsc#1192145 * bsc#1194516 * bsc#1197894 * bsc#1203935 * bsc#1209657 * bsc#1211592 * bsc#1212514 * bsc#1213456 * bsc#1215221 * bsc#1217339 * bsc#1217987 * bsc#1217988 * bsc#1217989 * bsc#1218220 * bsc#1218336 * bsc#1218479 * bsc#1218562 * bsc#1218917 * bsc#1219104 * bsc#1219169 * bsc#1219170 * bsc#1219618 * bsc#1219623 * bsc#1219847 * bsc#1220320 * bsc#1220366 * bsc#1220394 * bsc#1220411 * bsc#1220413 * bsc#1220416 * bsc#1220418 * bsc#1220442 * bsc#1220445 * bsc#1220513 * bsc#1220521 * bsc#1220528 * bsc#1220536 * bsc#1220538 * bsc#1220554 * bsc#1220572 * bsc#1220580 * bsc#1220611 * bsc#1220625 * bsc#1220628 * bsc#1220637 * bsc#1220640 * bsc#1220662 * bsc#1220687 * bsc#1220692 * bsc#1220703 * bsc#1220706 * bsc#1220739 * bsc#1220742 * bsc#1220743 * bsc#1220745 * bsc#1220751 * bsc#1220768 * bsc#1220769 * bsc#1220777 * bsc#1220790 * bsc#1220794 * bsc#1220829 * bsc#1220836 * bsc#1220843 * bsc#1220846 * bsc#1220850 * bsc#1220871 * bsc#1220927 * bsc#1220960 * bsc#1220985 * bsc#1220987 * bsc#1221044 * bsc#1221046 * bsc#1221048 * bsc#1221058 * bsc#1221060 * bsc#1221061 * bsc#1221077 * bsc#1221082 * bsc#1221088 * bsc#1221162 * bsc#1221277 * bsc#1221293 * bsc#1221337 * bsc#1221532 * bsc#1221541 * bsc#1221543 * bsc#1221545 * bsc#1221548 * bsc#1221575 * bsc#1221605 * bsc#1221608 * bsc#1221617 * bsc#1221791 * bsc#1221816 * bsc#1221825 * bsc#1221830 * bsc#1221862 * bsc#1221934 * bsc#1221949 * bsc#1221952 * bsc#1221953 * bsc#1221965 * bsc#1221966 * bsc#1221967 * bsc#1221969 * bsc#1221972 * bsc#1221973 * bsc#1221977 * bsc#1221979 * bsc#1221988 * bsc#1221991 * bsc#1221993 * bsc#1221994 * bsc#1221997 * bsc#1221998 * bsc#1221999 * bsc#1222000 * bsc#1222001 * bsc#1222002 * bsc#1222117 * bsc#1222294 * bsc#1222300 * bsc#1222357 * bsc#1222379 * bsc#1222422 * bsc#1222428 * bsc#1222449 * bsc#1222503 * bsc#1222559 * bsc#1222585 * bsc#1222609 * bsc#1222610 * bsc#1222613 * bsc#1222618 * bsc#1222619 * bsc#1222624 * bsc#1222630 * bsc#1222632 * bsc#1222660 * bsc#1222662 * bsc#1222664 * bsc#1222666 * bsc#1222669 * bsc#1222671 * bsc#1222677 * bsc#1222706 * bsc#1222720 * bsc#1222765 * bsc#1222770 * bsc#1222772 * bsc#1222787 * bsc#1222790 * bsc#1222793 * bsc#1222812 * bsc#1222836 * bsc#1222869 * bsc#1222876 * bsc#1222878 * bsc#1222881 * bsc#1222883 * bsc#1222888 * bsc#1222952 * bsc#1222961 * bsc#1222975 * bsc#1222976 * bsc#1223016 * bsc#1223035 * bsc#1223049 * bsc#1223051 * bsc#1223057 * bsc#1223058 * bsc#1223060 * bsc#1223119 * bsc#1223187 * bsc#1223189 * bsc#1223198 * bsc#1223203 * bsc#1223315 * bsc#1223432 * bsc#1223509 * bsc#1223512 * bsc#1223513 * bsc#1223516 * bsc#1223518 * bsc#1223539 * bsc#1223540 * bsc#1223626 * bsc#1223627 * bsc#1223664 * bsc#1223686 * bsc#1223693 * bsc#1223712 * bsc#1223715 * bsc#1223735 * bsc#1223744 * bsc#1223745 * bsc#1223770 * bsc#1223781 * bsc#1223802 * bsc#1223819 * bsc#1223824 * bsc#1223827 * bsc#1223837 * bsc#1223842 * bsc#1223843 * bsc#1223844 * bsc#1223883 * bsc#1223885 * bsc#1223921 * bsc#1223923 * bsc#1223931 * bsc#1223941 * bsc#1223952 * bsc#1223953 * bsc#1223954 * bsc#1223969 * jsc#PED-5759 Cross-References: * CVE-2019-25160 * CVE-2020-36312 * CVE-2021-23134 * CVE-2021-46904 * CVE-2021-46905 * CVE-2021-46909 * CVE-2021-46938 * CVE-2021-46939 * CVE-2021-46941 * CVE-2021-46950 * CVE-2021-46955 * CVE-2021-46958 * CVE-2021-46960 * CVE-2021-46963 * CVE-2021-46964 * CVE-2021-46966 * CVE-2021-46981 * CVE-2021-46988 * CVE-2021-46990 * CVE-2021-46998 * CVE-2021-47006 * CVE-2021-47015 * CVE-2021-47024 * CVE-2021-47034 * CVE-2021-47045 * CVE-2021-47049 * CVE-2021-47055 * CVE-2021-47056 * CVE-2021-47060 * CVE-2021-47061 * CVE-2021-47063 * CVE-2021-47068 * CVE-2021-47070 * CVE-2021-47071 * CVE-2021-47073 * CVE-2021-47100 * CVE-2021-47101 * CVE-2021-47104 * CVE-2021-47110 * CVE-2021-47112 * CVE-2021-47113 * CVE-2021-47114 * CVE-2021-47117 * CVE-2021-47118 * CVE-2021-47119 * CVE-2021-47131 * CVE-2021-47138 * CVE-2021-47141 * CVE-2021-47142 * CVE-2021-47143 * CVE-2021-47146 * CVE-2021-47149 * CVE-2021-47150 * CVE-2021-47153 * CVE-2021-47159 * CVE-2021-47161 * CVE-2021-47162 * CVE-2021-47165 * CVE-2021-47166 * CVE-2021-47167 * CVE-2021-47168 * CVE-2021-47169 * CVE-2021-47171 * CVE-2021-47173 * CVE-2021-47177 * CVE-2021-47179 * CVE-2021-47180 * CVE-2021-47181 * CVE-2021-47182 * CVE-2021-47183 * CVE-2021-47184 * CVE-2021-47185 * CVE-2021-47188 * CVE-2021-47189 * CVE-2021-47198 * CVE-2021-47202 * CVE-2021-47203 * CVE-2021-47204 * CVE-2021-47205 * CVE-2021-47207 * CVE-2021-47211 * CVE-2021-47216 * CVE-2021-47217 * CVE-2022-0487 * CVE-2022-48619 * CVE-2022-48626 * CVE-2022-48636 * CVE-2022-48650 * CVE-2022-48651 * CVE-2022-48667 * CVE-2022-48668 * CVE-2022-48672 * CVE-2022-48687 * CVE-2022-48688 * CVE-2022-48695 * CVE-2022-48701 * CVE-2022-48702 * CVE-2023-0160 * CVE-2023-28746 * CVE-2023-35827 * CVE-2023-4881 * CVE-2023-52454 * CVE-2023-52469 * CVE-2023-52470 * CVE-2023-52474 * CVE-2023-52476 * CVE-2023-52477 * CVE-2023-52486 * CVE-2023-52488 * CVE-2023-52509 * CVE-2023-52515 * CVE-2023-52524 * CVE-2023-52528 * CVE-2023-52575 * CVE-2023-52583 * CVE-2023-52587 * CVE-2023-52590 * CVE-2023-52591 * CVE-2023-52595 * CVE-2023-52598 * CVE-2023-52607 * CVE-2023-52614 * CVE-2023-52620 * CVE-2023-52628 * CVE-2023-52635 * CVE-2023-52639 * CVE-2023-52644 * CVE-2023-52646 * CVE-2023-52650 * CVE-2023-52652 * CVE-2023-52653 * CVE-2023-6270 * CVE-2023-6356 * CVE-2023-6535 * CVE-2023-6536 * CVE-2023-7042 * CVE-2023-7192 * CVE-2024-0639 * CVE-2024-2201 * CVE-2024-22099 * CVE-2024-23307 * CVE-2024-23848 * CVE-2024-24855 * CVE-2024-24861 * CVE-2024-26614 * CVE-2024-26642 * CVE-2024-26651 * CVE-2024-26671 * CVE-2024-26675 * CVE-2024-26689 * CVE-2024-26704 * CVE-2024-26733 * CVE-2024-26739 * CVE-2024-26743 * CVE-2024-26744 * CVE-2024-26747 * CVE-2024-26754 * CVE-2024-26763 * CVE-2024-26771 * CVE-2024-26772 * CVE-2024-26773 * CVE-2024-26777 * CVE-2024-26778 * CVE-2024-26779 * CVE-2024-26791 * CVE-2024-26793 * CVE-2024-26805 * CVE-2024-26816 * CVE-2024-26817 * CVE-2024-26839 * CVE-2024-26840 * CVE-2024-26852 * CVE-2024-26855 * CVE-2024-26857 * CVE-2024-26859 * CVE-2024-26876 * CVE-2024-26878 * CVE-2024-26883 * CVE-2024-26884 * CVE-2024-26898 * CVE-2024-26901 * CVE-2024-26903 * CVE-2024-26907 * CVE-2024-26922 * CVE-2024-26929 * CVE-2024-26930 * CVE-2024-26931 * CVE-2024-26948 * CVE-2024-26993 * CVE-2024-27008 * CVE-2024-27013 * CVE-2024-27014 * CVE-2024-27043 * CVE-2024-27046 * CVE-2024-27054 * CVE-2024-27072 * CVE-2024-27073 * CVE-2024-27074 * CVE-2024-27075 * CVE-2024-27078 * CVE-2024-27388 CVSS scores: * CVE-2019-25160 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2019-25160 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2020-36312 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2020-36312 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-23134 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-23134 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-46904 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46904 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46905 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2021-46905 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46909 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46909 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46938 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-46939 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46939 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46941 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46941 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46950 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N * CVE-2021-46950 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-46955 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2021-46958 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46960 ( SUSE ): 2.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L * CVE-2021-46963 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46964 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46981 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46988 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46990 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46998 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47006 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47024 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47045 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47049 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47056 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47060 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47061 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47063 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47068 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47070 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2021-47071 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2021-47073 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47100 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47101 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2021-47104 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2021-47110 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47112 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2021-47113 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47114 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47117 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47118 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47119 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47131 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47138 ( SUSE ): 4.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2021-47141 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47142 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47143 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47146 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47149 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47150 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47153 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47159 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47161 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47162 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47165 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47166 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47167 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47168 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47169 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47171 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47173 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47177 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47179 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47180 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47181 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47182 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47183 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47184 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47185 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47188 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47189 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47198 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47198 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47202 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47203 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47204 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47205 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47207 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47211 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47216 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2021-47217 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-0487 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-0487 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2022-48619 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48619 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48626 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2022-48626 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48636 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48650 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48651 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48667 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2022-48668 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2022-48672 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2022-48687 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2022-48688 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48695 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48701 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2022-48702 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L * CVE-2023-0160 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-0160 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-28746 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2023-35827 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-4881 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L * CVE-2023-4881 ( NVD ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2023-52454 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52454 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52469 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2023-52469 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52470 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52470 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52474 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N * CVE-2023-52474 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52476 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52477 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52486 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52488 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52509 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52515 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52524 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52528 ( SUSE ): 3.5 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L * CVE-2023-52575 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52583 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52587 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52590 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2023-52591 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2023-52595 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52598 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52607 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52614 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2023-52620 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52628 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52635 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52639 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52644 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52646 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52650 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52652 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2023-52653 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2023-6270 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6270 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6356 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6356 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6535 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6535 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6536 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6536 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-7042 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-7042 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-7192 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-7192 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0639 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0639 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-2201 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-22099 ( SUSE ): 5.3 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-22099 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-23307 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23848 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2024-23848 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-24855 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-24855 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-24861 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-24861 ( NVD ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-26614 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26642 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26651 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26671 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26675 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26689 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26704 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26733 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26739 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26743 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-26744 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26747 ( SUSE ): 4.3 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26754 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26763 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2024-26771 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26772 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26773 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26777 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26778 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26779 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26791 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26793 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26805 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26816 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-26817 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26839 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-26840 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-26852 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26855 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26857 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26859 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26876 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26878 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26883 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26883 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26884 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26884 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26898 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26898 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26901 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2024-26901 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26903 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26903 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26907 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26907 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26922 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26929 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26930 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26931 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26948 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26993 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27008 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2024-27013 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27014 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27043 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-27046 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27054 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27072 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27073 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27074 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27075 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27078 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27388 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves 201 vulnerabilities, contains one feature and has 22 security fixes can now be installed. ## Description: The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2019-25160: Fixed out-of-bounds memory accesses in netlabel (bsc#1220394). * CVE-2020-36312: Fixed an issue in virt/kvm/kvm_main.c that had a kvm_io_bus_unregister_dev memory leak upon a kmalloc failure (bsc#1184509). * CVE-2021-23134: Fixed a use-after-free issue in nfc sockets (bsc#1186060). * CVE-2021-46904: Fixed NULL pointer dereference during tty device unregistration (bsc#1220416). * CVE-2021-46905: Fixed NULL pointer dereference on disconnect regression (bsc#1220418). * CVE-2021-46909: Fixed a PCI interrupt mapping in ARM footbridge (bsc#1220442). * CVE-2021-46938: Fixed a double free of blk_mq_tag_set in dev remove after table load fails in dm rq (bsc#1220554). * CVE-2021-46939: Fixed a denial of service in trace_clock_global() in tracing (bsc#1220580). * CVE-2021-46941: Fixed core softreset when switch mode in usb dwc3 (bsc#1220628). * CVE-2021-46950: Fixed a data corruption bug in raid1 arrays using bitmaps in md/raid1 (bsc#1220662). * CVE-2021-46955: Fixed an out-of-bounds read with openvswitch, when fragmenting IPv4 packets (bsc#1220513). * CVE-2021-46958: Fixed a race between transaction aborts and fsyncs leading to use-after-free in btrfs (bsc#1220521). * CVE-2021-46960: Fixed a warning on smb2_get_enc_key in cifs (bsc#1220528). * CVE-2021-46963: Fixed crash in qla2xxx_mqueuecommand() (bsc#1220536). * CVE-2021-46964: Fixed unreserved extra IRQ vectors in qla2xxx (bsc#1220538). * CVE-2021-46966: Fixed potential use-after-free issue in cm_write() (bsc#1220572). * CVE-2021-46981: Fixed a NULL pointer in flush_workqueue in nbd (bsc#1220611). * CVE-2021-46988: Fixed release page in error path to avoid BUG_ON (bsc#1220706). * CVE-2021-46990: Fixed a denial of service when toggling entry flush barrier in powerpc/64s (bsc#1220743). * CVE-2021-46998: Fixed an use after free bug in enic_hard_start_xmit in ethernet/enic (bsc#1220625). * CVE-2021-47006: Fixed wrong check in overflow_handler hook in ARM 9064/1 hw_breakpoint (bsc#1220751). * CVE-2021-47015: Fixed a RX consumer index logic in the error path in bnxt_rx_pkt() in bnxt_en (bsc#1220794). * CVE-2021-47024: Fixed possible memory leak in vsock/virtio when closing socket (bsc#1220637). * CVE-2021-47034: Fixed a kernel memory fault for pte update on radix in powerpc/64s (bsc#1220687). * CVE-2021-47045: Fixed a null pointer dereference in lpfc_prep_els_iocb() in scsi lpfc (bsc#1220640). * CVE-2021-47049: Fixed an after free in __vmbus_open() in hv vmbus (bsc#1220692). * CVE-2021-47055: Fixed missing permissions for locking and badblock ioctls in mtd (bsc#1220768). * CVE-2021-47056: Fixed a user-memory-access error on vf2pf_lock in crypto (bsc#1220769). * CVE-2021-47060: Fixed a bug in KVM by stop looking for coalesced MMIO zones if the bus is destroyed (bsc#1220742). * CVE-2021-47061: Fixed a bug in KVM by destroy I/O bus devices on unregister failure _after_ sync'ing SRCU (bsc#1220745). * CVE-2021-47063: Fixed a potential use-after-free during bridge detach in drm bridge/panel (bsc#1220777). * CVE-2021-47068: Fixed a use-after-free issue in llcp_sock_bind/connect (bsc#1220739). * CVE-2021-47070: Fixed memory leak in error handling paths in uio_hv_generic (bsc#1220829). * CVE-2021-47071: Fixed a memory leak in error handling paths in hv_uio_cleanup() in uio_hv_generic (bsc#1220846). * CVE-2021-47073: Fixed oops on rmmod dell_smbios init_dell_smbios_wmi() (bsc#1220850). * CVE-2021-47100: Fixed UAF when uninstall in ipmi (bsc#1220985). * CVE-2021-47101: Fixed uninit-value in asix_mdio_read() (bsc#1220987). * CVE-2021-47104: Fixed memory leak in qib_user_sdma_queue_pkts() (bsc#1220960). * CVE-2021-47110: Fixed possible memory corruption when restoring from hibernation in x86/kvm (bsc#1221532). * CVE-2021-47112: Fixed possible memory corruption when restoring from hibernation in x86/kvm (bsc#1221541). * CVE-2021-47113: Abort btrfs rename_exchange if we fail to insert the second ref (bsc#1221543). * CVE-2021-47114: Fixed a data corruption by fallocate in ocfs2 (bsc#1221548). * CVE-2021-47117: Fixed a crash in ext4_es_cache_extent as ext4_split_extent_at failed in ext4 (bsc#1221575). * CVE-2021-47118: Fixed an use-after-free in init task's struct pid in pid (bsc#1221605). * CVE-2021-47119: Fixed a memory leak in ext4_fill_super in ext4 (bsc#1221608). * CVE-2021-47131: Fixed a use-after-free after the TLS device goes down and up (bsc#1221545). * CVE-2021-47138: Fixed an out-of-bound memory access during clearing filters in cxgb4 (bsc#1221934). * CVE-2021-47141: Fixed a null pointer dereference on priv->msix_vectors when driver is unloaded in gve (bsc#1221949). * CVE-2021-47142: Fixed an use-after-free on ttm->sg in drm/amdgpu (bsc#1221952). * CVE-2021-47143: Fixed possible corruption in net/smc after failed device_add() (bsc#1221988). * CVE-2021-47149: Fixed a potential null pointer deref in fmvj18x_get_hwinfo() (bsc#1221972). * CVE-2021-47150: Fixed the potential memory leak in fec_enet_init() (bsc#1221973). * CVE-2021-47153: Fixed wrongly generated interrupt on bus reset in i2c/i801 (bsc#1221969). * CVE-2021-47161: Fixed a resource leak in an error handling path in the error handling path of the probe function in spi spi-fsl-dspi (bsc#1221966). * CVE-2021-47162: Fixed a possible memory leak in tipc_buf_append (bsc#1221977). * CVE-2021-47165: Fixed shutdown crash when component not probed in drm/meson (bsc#1221965). * CVE-2021-47166: Fixed a data corruption of pg_bytes_written in nfs_do_recoalesce() in nfs (bsc#1221998). * CVE-2021-47167: Fixed an oopsable condition in __nfs_pageio_add_request() in nfs (bsc#1221991). * CVE-2021-47168: Fixed an incorrect limit in filelayout_decode_layout() in nfs (bsc#1222002). * CVE-2021-47169: Fixed a NULL pointer dereference in rp2_probe in serial rp2 (bsc#1222000). * CVE-2021-47171: Fixed a memory leak in smsc75xx_bind in net usb (bsc#1221994). * CVE-2021-47173: Fixed a memory leak in uss720_probe in misc/uss720 (bsc#1221993). * CVE-2021-47177: Fixed a sysfs leak in alloc_iommu() in iommu/vt-d (bsc#1221997). * CVE-2021-47179: Fixed a NULL pointer dereference in pnfs_mark_matching_lsegs_return() in nfsv4 (bsc#1222001). * CVE-2021-47180: Fixed a memory leak in nci_allocate_device nfcmrvl_disconnect in nfc nci (bsc#1221999). * CVE-2021-47181: Fixed a null pointer dereference caused by calling platform_get_resource() (bsc#1222660). * CVE-2021-47182: Fixed scsi_mode_sense() buffer length handling (bsc#1222662). * CVE-2021-47183: Fixed a null pointer dereference during link down processing in scsi lpfc (bsc#1192145, bsc#1222664). * CVE-2021-47184: Fixed NULL pointer dereference on VSI filter sync (bsc#1222666). * CVE-2021-47185: Fixed a softlockup issue in flush_to_ldisc in tty tty_buffer (bsc#1222669). * CVE-2021-47189: Fixed denial of service due to memory ordering issues between normal and ordered work functions in btrfs (bsc#1222706). * CVE-2021-47202: Fixed NULL pointer dereferences in of_thermal_ functions in thermal (bsc#1222878) * CVE-2021-47205: Unregistered clocks/resets when unbinding in sunxi-ng (bsc#1222888). * CVE-2021-47207: Fixed a null pointer dereference on pointer block in gus (bsc#1222790). * CVE-2021-47211: Fixed a null pointer dereference on pointer cs_desc in usb- audio (bsc#1222869). * CVE-2022-0487: Fixed an use-after-free vulnerability in rtsx_usb_ms_drv_remove() in drivers/memstick/host/rtsx_usb_ms.c (bsc#1194516). * CVE-2022-48619: Fixed a denial-of-service issue in drivers/input/input.c (bsc#1218220). * CVE-2022-48626: Fixed a potential use-after-free on remove path moxart (bsc#1220366). * CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223513). * CVE-2022-48672: Fixed off-by-one error in unflatten_dt_nodes() (bsc#1223931). * CVE-2022-48701: Fixed an out-of-bounds bug in __snd_usb_parse_audio_interface() (bsc#1223921). * CVE-2022-48702: Fixed out of bounds access in snd_emu10k1_pcm_channel_alloc() (bsc#1223923). * CVE-2023-0160: Fixed deadlock flaw in BPF that could allow a local user to potentially crash the system (bsc#1209657). * CVE-2023-28746: Fixed Register File Data Sampling (bsc#1213456). * CVE-2023-35827: Fixed a use-after-free issue in ravb_tx_timeout_work() (bsc#1212514). * CVE-2023-4881: Fixed a out-of-bounds write flaw in the netfilter subsystem that could lead to potential information disclosure or a denial of service (bsc#1215221). * CVE-2023-52454: Fixed a kernel panic when host sends an invalid H2C PDU length (bsc#1220320). * CVE-2023-52469: Fixed a use-after-free in kv_parse_power_table (bsc#1220411). * CVE-2023-52470: Fixed null-ptr-deref in radeon_crtc_init() (bsc#1220413). * CVE-2023-52474: Fixed a vulnerability with non-PAGE_SIZE-end multi-iovec user SDMA requests (bsc#1220445). * CVE-2023-52476: Fixed possible unhandled page fault via perf sampling NMI during vsyscall (bsc#1220703). * CVE-2023-52477: Fixed USB Hub accesses to uninitialized BOS descriptors (bsc#1220790). * CVE-2023-52486: Fixed possible use-after-free in drm (bsc#1221277). * CVE-2023-52488: Fixed serial/sc16is7xx convert from _raw_ to _noinc_ regmap functions for FIFO (bsc#1221162). * CVE-2023-52509: Fixed a use-after-free issue in ravb_tx_timeout_work() (bsc#1220836). * CVE-2023-52515: Fixed possible use-after-free in RDMA/srp (bsc#1221048). * CVE-2023-52524: Fixed possible corruption in nfc/llcp (bsc#1220927). * CVE-2023-52528: Fixed uninit-value access in __smsc75xx_read_reg() (bsc#1220843). * CVE-2023-52575: Fixed SBPB enablement for spec_rstack_overflow=off (bsc#1220871). * CVE-2023-52583: Fixed deadlock or deadcode of misusing dget() inside ceph (bsc#1221058). * CVE-2023-52587: Fixed mcast list locking in IB/ipoib (bsc#1221082). * CVE-2023-52590: Fixed a possible ocfs2 filesystem corruption via directory renaming (bsc#1221088). * CVE-2023-52591: Fixed a possible reiserfs filesystem corruption via directory renaming (bsc#1221044). * CVE-2023-52595: Fixed possible deadlock in wifi/rt2x00 (bsc#1221046). * CVE-2023-52598: Fixed wrong setting of fpc register in s390/ptrace (bsc#1221060). * CVE-2023-52607: Fixed a null-pointer-dereference in pgtable_cache_add kasprintf() (bsc#1221061). * CVE-2023-52614: Fixed PM/devfreq buffer overflow in trans_stat_show (bsc#1221617). * CVE-2023-52620: Fixed netfilter/nf_tables to disallow timeout for anonymous sets never used from userspace (bsc#1221825). * CVE-2023-52628: Fixed 4-byte stack OOB write in nftables (bsc#1222117). * CVE-2023-52635: Fixed PM/devfreq to synchronize devfreq_monitor_[start/stop] (bsc#1222294). * CVE-2023-52639: Fixed race during shadow creation in KVM/s390/vsie Fixed (bsc#1222300). * CVE-2023-52644: Stop/wake correct queue in DMA Tx path when QoS is disabled in b43 (bsc#1222961). * CVE-2023-52650: Added missing check for of_find_device_by_node() (bsc#1223770) * CVE-2023-52652: Fixed NTB for possible name leak in ntb_register_device() (bsc#1223686). * CVE-2023-6270: Fixed a use-after-free issue in aoecmd_cfg_pkts (bsc#1218562). * CVE-2023-6356: Fixed a NULL pointer dereference in nvmet_tcp_build_pdu_iovec (bsc#1217987). * CVE-2023-6535: Fixed a NULL pointer dereference in nvmet_tcp_execute_request (bsc#1217988). * CVE-2023-6536: Fixed a NULL pointer dereference in __nvmet_req_complete (bsc#1217989). * CVE-2023-7042: Fixed a null-pointer-dereference in ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() (bsc#1218336). * CVE-2023-7192: Fixed a memory leak problem in ctnetlink_create_conntrack in net/netfilter/nf_conntrack_netlink.c (bsc#1218479). * CVE-2024-0639: Fixed a denial-of-service vulnerability due to a deadlock found in sctp_auto_asconf_init in net/sctp/socket.c (bsc#1218917). * CVE-2024-2201: Fixed information leak in x86/BHI (bsc#1217339). * CVE-2024-22099: Fixed a null-pointer-dereference in rfcomm_check_security (bsc#1219170). * CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5 modules (bsc#1219169). * CVE-2024-23848: Fixed media/cec for possible use-after-free in cec_queue_msg_fh (bsc#1219104). * CVE-2024-24855: Fixed race condition in lpfc_unregister_fcf_rescan() that could lead to a kernel panic or denial of service issue (bsc#1219618). * CVE-2024-24861: Fixed race condition in xc4000_get_frequency() that could lead to malfunction or denial of service issue (bsc#1219623). * CVE-2024-26614: Fixed the initialization of accept_queue's spinlocks (bsc#1221293). * CVE-2024-26642: Fixed the set of anonymous timeout flag in netfilter nf_tables (bsc#1221830). * CVE-2024-26671: Fixed blk-mq IO hang from sbitmap wakeup race (bsc#1222357). * CVE-2024-26675: Fixed ppp_async to limit MRU to 64K (bsc#1222379). * CVE-2024-26689: Fixed a use-after-free in encode_cap_msg() (bsc#1222503). * CVE-2024-26704: fixed double-free of blocks due to wrong extents moved_len in ext4 (bsc#1222422). * CVE-2024-26733: Fixed an overflow in arp_req_get() in arp (bsc#1222585). * CVE-2024-26743: Fixed memory leak in qedr_create_user_qp error flow in rdma/qedr (bsc#1222677) * CVE-2024-26744: Fixed null pointer dereference in srpt_service_guid parameter in rdma/srpt (bsc#1222449) * CVE-2024-26747: Fixed a NULL pointer issue with USB parent module's reference (bsc#1222609). * CVE-2024-26754: Fixed ab use-after-free and null-ptr-deref in gtp_genl_dump_pdp() in gtp (bsc#1222632). * CVE-2024-26763: Fixed user corruption via by writing data with O_DIRECT on device in dm-crypt (bsc#1222720). * CVE-2024-26771: Fixed a null pointer dereference on edma_probe in dmaengine ti edma (bsc#1222610) * CVE-2024-26772: Fixed ext4 to avoid allocating blocks from corrupted group in ext4_mb_find_by_goal() (bsc#1222613). * CVE-2024-26773: Fixed ext4 block allocation from corrupted group in ext4_mb_try_best_found() (bsc#1222618). * CVE-2024-26777: Error out if pixclock equals zero in fbdev/sis (bsc#1222765) * CVE-2024-26778: Error out if pixclock equals zero in fbdev/savage (bsc#1222770) * CVE-2024-26779: Fixed a race condition on enabling fast-xmit in mac80211 (bsc#1222772). * CVE-2024-26791: Properly validated device names in btrfs dev-replace (bsc#1222793) * CVE-2024-26793: fixed use-after-free and null-ptr-deref in gtp_newlink() (bsc#1222428). * CVE-2024-26805: Fixed a kernel-infoleak-after-free in __skb_datagram_iter in netlink (bsc#1222630). * CVE-2024-26816: Fixed relocations in .notes section when building with CONFIG_XEN_PV=y by ignoring them (bsc#1222624). * CVE-2024-26817: Fixed amdkfd to use calloc instead of kzalloc to avoid integer overflow (bsc#1222812). * CVE-2024-26839: Fixed a memory leak in init_credit_return() (bsc#1222975) * CVE-2024-26840: Fixed a memory leak in cachefiles_add_cache() (bsc#1222976). * CVE-2024-26852: Fixed net/ipv6 to avoid possible UAF in ip6_route_mpath_notify() (bsc#1223057). * CVE-2024-26855: Fixed net/ice potential NULL pointer dereference in ice_bridge_setlink() (bsc#1223051). * CVE-2024-26857: Fixed geneve to make sure to pull inner header in geneve_rx() (bsc#1223058). * CVE-2024-26859: Prevent access to a freed page in page_pool in bnx2x (bsc#1223049). * CVE-2024-26876: Fixed crash on irq during probe, related to adv7511_probe() (bsc#1223119). * CVE-2024-26878: Fixed quota for potential NULL pointer dereference (bsc#1223060). * CVE-2024-26883: Fixed bpf stackmap overflow check on 32-bit arches (bsc#1223035). * CVE-2024-26884: Fixed bpf hashtab overflow check on 32-bit arches (bsc#1223189). * CVE-2024-26901: Fixed do_sys_name_to_handle() to use kzalloc() to prevent kernel-infoleak (bsc#1223198). * CVE-2024-26907: Fixed a fortify source warning while accessing Eth segment in mlx5 (bsc#1223203). * CVE-2024-26922: Validated the parameters of bo mapping operations more clearly (bsc#1223315). * CVE-2024-26948: Fixed drm/amd/display by adding dc_state NULL check in dc_state_release (bsc#1223664). * CVE-2024-26993: Fixed fs/sysfs reference leak in sysfs_break_active_protection() (bsc#1223693). * CVE-2024-27008: Fixed out of bounds access in nv04 (CVE-2024-27008 bsc#1223802). * CVE-2024-27013: Fixed tun limit printing rate when illegal packet received by tun device (bsc#1223745). * CVE-2024-27014: Fixed net/mlx5e to prevent deadlock while disabling aRFS (bsc#1223735). * CVE-2024-27043: Fixed a use-after-free in edia/dvbdev in different places (bsc#1223824). * CVE-2024-27046: Fixed nfp/flower handling acti_netdevs allocation failure (bsc#1223827). * CVE-2024-27072: Removed useless locks in usbtv_video_free() (bsc#1223837). * CVE-2024-27073: Fixed a memory leak in budget_av_attach() (bsc#1223843). * CVE-2024-27074: Fixed a memory leak in go7007_load_encoder() (bsc#1223844). * CVE-2024-27075: Avoided stack overflow warnings with clang (bsc#1223842). * CVE-2024-27078: Fixed a memory leak in tpg_alloc() (bsc#1223781). The following non-security bugs were fixed: * Input: adxl34x - do not hardcode interrupt trigger type (git-fixes). * Input: drv260x - sleep between polling GO bit (git-fixes). * Input: ipaq-micro-keys - add error handling for devm_kmemdup. * Input: xpad - add PXN V900 support. * USB: core: Fix deadlock in usb_deauthorize_interface(). * USB: usb-storage: Prevent divide-by-0 error in isd200_ata_command (git- fixes). * atl1c: fix error return code in atl1c_probe() (git-fixes). * atl1e: fix error return code in atl1e_probe() (git-fixes). * bluetooth: btqca: Fixed a coding style error (git-fixes). * bluetooth: btqca: Introduce HCI_EV_VENDOR and use it (git-fixes). * bluetooth: btqcomsmd: Fix command timeout after setting BD address (git- fixes). * bluetooth: hci_intel: Add check for platform_driver_register (git-fixes). * bnx2x: Fix enabling network interfaces without VFs (git-fixes). * bnx2x: Fix missing error code in bnx2x_iov_init_one() (git-fixes). * bpf, sockmap: Fix preempt_rt splat when using raw_spin_lock_t (git-fixes). * drivers: usb: host: Fix deadlock in oxu_bus_suspend() (git-fixes). * ethernet: myri10ge: Fix missing error code in myri10ge_probe() (git-fixes). * ethernet: ucc_geth: fix definition and size of ucc_geth_tx_global_pram (git- fixes). * fuse: do not unhash root (bsc#1223954). * iommu/amd: Increase interrupt remapping table limit to 512 entries (git- fixes). * iommu/amd: Mark interrupt as managed (git-fixes). * iommu/amd: Set DTE[IntTabLen] to represent 512 IRTEs (git-fixes). * iommu/amd: Silence warnings under memory pressure (git-fixes). * iommu: Check if group is NULL before remove device (git-fixes). * kabi fix for pNFS: Fix the pnfs block driver's calculation of layoutget size (git-fixes). * kabi: PCI: Add locking to RMW PCI Express Capability Register accessors (kabi). * lan78xx: Add missing return code checks (git-fixes). * lan78xx: Add support to dump lan78xx registers (git-fixes). * lan78xx: Do not access skb_queue_head list pointers directly (git-fixes). * lan78xx: Fix exception on link speed change (git-fixes). * lan78xx: Fix partial packet errors on suspend/resume (git-fixes). * lan78xx: Fix race conditions in suspend/resume handling (git-fixes). * lan78xx: Fix white space and style issues (git-fixes). * lan78xx: Modify error messages (git-fixes). * lan78xx: enable auto speed configuration for LAN7850 if no EEPROM is detected (git-fixes). * livepatch: Fix missing newline character in klp_resolve_symbols() (bsc#1223539). * net/mlx5: Properly convey driver version to firmware (git-fixes). * net/qla3xxx: fix schedule while atomic in ql_sem_spinlock (git-fixes). * net/tls: Remove the context from the list in tls_device_down (bsc#1221545). * net: Fix features skip in for_each_netdev_feature() (git-fixes). * net: allwinner: Fix some resources leak in the error handling path of the probe and in the remove function (git-fixes). * net: atheros: switch from 'pci_' to 'dma_' API (git-fixes). * net: lan78xx: Allow for VLAN headers in timeout calcs (git-fixes). * net: lan78xx: Make declaration style consistent (git-fixes). * net: lan78xx: Merge memcpy + lexx_to_cpus to get_unaligned_lexx (git-fixes). * net: lan78xx: fix runtime PM count underflow on link stop (git-fixes). * net: lan78xx: remove set but not used variable 'event' (git-fixes). * net: macb: ensure the device is available before accessing GEMGXL control registers (git-fixes). * net: stmmac: free tx skb buffer in stmmac_resume() (git-fixes). * net: sunrpc: Fix an off by one in rpc_sockaddr2uaddr() (git-fixes). * net: usb: lan78xx: Remove lots of set but unused 'ret' variables (git- fixes). * net:usb: Use ARRAY_SIZE instead of calculating the array size (git-fixes). * nfs: add atomic_open for NFSv3 to handle O_TRUNC correctly (bsc#1219847). * nfs: avoid spurious warning of lost lock that is being unlocked (bsc#1221791). * nfs: commit errors should be fatal (git-fixes). * nfs: fix O_DIRECT commit verifier handling (git-fixes). * nfs: fix O_DIRECT locking issues (git-fixes). * nfs: fix a request reference leak in nfs_direct_write_clear_reqs() (git- fixes). * nfs: fix an off by one in root_nfs_cat() (git-fixes). * nfs: fix direct WRITE throughput regression (git-fixes). * nfs: fix error handling for O_DIRECT write scheduling (git-fixes). * nfs: more O_DIRECT accounting fixes for error paths (git-fixes). * nfs: only issue commit in DIO codepath if we have uncommitted data (git- fixes). * nfsd: Fix error cleanup path in nfsd_rename() (git-fixes). * nfsd: Reset cb_seq_status after NFS4ERR_DELAY (git-fixes). * nfsd: Retransmit callbacks after client reconnects (git-fixes). * nfsd: lock_rename() needs both directories to live on the same fs (git- fixes). * nfsv4.1/pnfs: Ensure we handle the error NFS4ERR_RETURNCONFLICT (git-fixes). * pNFS/flexfiles: Check the layout validity in ff_layout_mirror_prepare_stats (git-fixes). * pNFS: Fix the pnfs block driver's calculation of layoutget size (git-fixes). * pci/aer: Clear MULTI_ERR_COR/UNCOR_RCV bits (git-fixes). * pci/aspm: Avoid link retraining race (git-fixes). * pci/aspm: Disable ASPM on MFD function removal to avoid use-after-free (git- fixes). * pci/aspm: Do not warn if already in common clock mode (git-fixes). * pci/aspm: Factor out pcie_wait_for_retrain() (git-fixes). * pci/aspm: Reduce severity of common clock config message (git-fixes). * pci/aspm: Return 0 or -ETIMEDOUT from pcie_retrain_link() (git-fixes). * pci/aspm: Use RMW accessors for changing LNKCTL (git-fixes). * pci/dpc: Print all TLP Prefixes, not just the first (git-fixes). * pci/iov: Enlarge virtfn sysfs name buffer (git-fixes). * pci/msi: Prevent MSI hardware interrupt number truncation (git-fixes). * pci/pm: Power up all devices during runtime resume (git-fixes). * pci/sysfs: Protect driver's D3cold preference from user space (git-fixes). * pci: Add ACS quirk for Broadcom BCM5750x NICs (git-fixes). * pci: Add function 1 DMA alias quirk for Marvell 88SE9235 (git-fixes). * pci: Add locking to RMW PCI Express Capability Register accessors (git- fixes). * pci: Avoid FLR for AMD FCH AHCI adapters (git-fixes). * pci: Avoid pci_dev_lock() AB/BA deadlock with sriov_numvfs_store() (git- fixes). * pci: Make link retraining use RMW accessors for changing LNKCTL (git-fixes). * pci: Mark 3ware-9650SE Root Port Extended Tags as broken (git-fixes). * pci: Rework pcie_retrain_link() wait loop (git-fixes). * pci: aardvark: Fix setting MSI address (git-fixes). * pci: aardvark: Fix support for MSI interrupts (git-fixes). * pci: dwc: Add unroll iATU space support to dw_pcie_disable_atu() (git- fixes). * pci: endpoint: Do not stop controller when unbinding endpoint function (git- fixes). * pci: hotplug: Allow marking devices as disconnected during bind/unbind (git- fixes). * pci: pciehp: Add pciehp_set_indicators() to set both indicators (git-fixes). * pci: pciehp: Cancel bringup sequence if card is not present (git-fixes). * pci: pciehp: Fix AB-BA deadlock between reset_lock and device_lock (git- fixes). * pci: pciehp: Use RMW accessors for changing LNKCTL (git-fixes). * pci: qcom: Disable write access to read only registers for IP v2.3.3 (git- fixes). * pci: qcom: Fix unbalanced PHY init on probe errors (git-fixes). * pci: qcom: Use DWC helpers for modifying the read-only DBI registers (git- fixes). * pci: switchtec: Return -EFAULT for copy_to_user() errors (git-fixes). * printk: Disable passing console lock owner completely during panic() (bsc#1197894). * printk: Update @console_may_schedule in console_trylock_spinning() (bsc#1223969). * rdma/ipoib: Fix error code return in ipoib_mcast_join (bsc#1221082) * s390/mm: Fix clearing storage keys for huge pages (git-fixes bsc#1223883). * s390/mm: Fix storage key clearing for guest huge pages (git-fixes bsc#1223885). * s390/vtime: fix average steal time calculation (git-fixes bsc#1221953). * scsi: qla2xxx: Change debug message during driver unload (bsc1221816). * scsi: qla2xxx: Delay I/O Abort on PCI error (bsc1221816). * scsi: qla2xxx: Fix N2N stuck connection (bsc1221816). * scsi: qla2xxx: Fix command flush on cable pull (bsc1221816). * scsi: qla2xxx: Fix double free of fcport (bsc1221816). * scsi: qla2xxx: Fix double free of the ha->vp_map pointer (bsc1221816). * scsi: qla2xxx: NVME|FCP prefer flag not being honored (bsc1221816). * scsi: qla2xxx: Prevent command send on chip reset (bsc1221816). * scsi: qla2xxx: Split FCE|EFT trace control (bsc1221816). * scsi: qla2xxx: Update manufacturer detail (bsc1221816). * scsi: qla2xxx: Update version to 10.02.09.200-k (bsc1221816). * sr9800: Add check for usbnet_get_endpoints (git-fixes). * sunrpc: Fix RPC client cleaned up the freed pipefs dentries (git-fixes). * sunrpc: fix a memleak in gss_import_v2_context (git-fixes). * sunrpc: fix some memleaks in gssx_dec_option_array (git-fixes). * tls: Fix context leak on tls_device_down (bsc#1221545). * tty/sysrq: replace smp_processor_id() with get_cpu() (bsc#1223540). * tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc (bsc#1222619). * tun: honor IOCB_NOWAIT flag (git-fixes). * usb: dwc2: Fix memory leak in dwc2_hcd_init. * usb: dwc2: check return value after calling platform_get_resource() (git- fixes). * usb: dwc3: gadget: Ignore EP queue requests during bus reset (git-fixes). * usb: gadget: Fix issue with config_ep_by_speed function (git-fixes). * usb: mon: Fix atomicity violation in mon_bin_vma_fault (git-fixes). * usb: musb: Modify the "HWVers" register address (git-fixes). * usb: roles: do not get/set_role() when usb_role_switch is unregistered. * usb: serial: option: add Fibocom L7xx modules (git-fixes). * usb: serial: option: do not claim interface 4 for ZTE MF290 (git-fixes). * usb: storage: set 1.50 as the lower bcdDevice for older "Super Top" compatibility (git-fixes). * usb: typec: class: fix typec_altmode_put_partner to put plugs (git-fixes). * usb: usbfs: Do not WARN about excessively large memory allocations. * x86/CPU/AMD: Update the Zenbleed microcode revisions (git-fixes). * x86/bugs: Fix the SRSO mitigation on Zen3/4 (git-fixes). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1643=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1643=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1643=1 ## Package List: * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (nosrc x86_64) * kernel-azure-4.12.14-16.182.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (x86_64) * kernel-azure-base-debuginfo-4.12.14-16.182.1 * kernel-syms-azure-4.12.14-16.182.1 * kernel-azure-debuginfo-4.12.14-16.182.1 * kernel-azure-debugsource-4.12.14-16.182.1 * kernel-azure-devel-4.12.14-16.182.1 * kernel-azure-base-4.12.14-16.182.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (noarch) * kernel-devel-azure-4.12.14-16.182.1 * kernel-source-azure-4.12.14-16.182.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (nosrc x86_64) * kernel-azure-4.12.14-16.182.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (x86_64) * kernel-azure-base-debuginfo-4.12.14-16.182.1 * kernel-syms-azure-4.12.14-16.182.1 * kernel-azure-debuginfo-4.12.14-16.182.1 * kernel-azure-debugsource-4.12.14-16.182.1 * kernel-azure-devel-4.12.14-16.182.1 * kernel-azure-base-4.12.14-16.182.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (noarch) * kernel-devel-azure-4.12.14-16.182.1 * kernel-source-azure-4.12.14-16.182.1 * SUSE Linux Enterprise Server 12 SP5 (nosrc x86_64) * kernel-azure-4.12.14-16.182.1 * SUSE Linux Enterprise Server 12 SP5 (x86_64) * kernel-azure-base-debuginfo-4.12.14-16.182.1 * kernel-syms-azure-4.12.14-16.182.1 * kernel-azure-debuginfo-4.12.14-16.182.1 * kernel-azure-debugsource-4.12.14-16.182.1 * kernel-azure-devel-4.12.14-16.182.1 * kernel-azure-base-4.12.14-16.182.1 * SUSE Linux Enterprise Server 12 SP5 (noarch) * kernel-devel-azure-4.12.14-16.182.1 * kernel-source-azure-4.12.14-16.182.1 ## References: * https://www.suse.com/security/cve/CVE-2019-25160.html * https://www.suse.com/security/cve/CVE-2020-36312.html * https://www.suse.com/security/cve/CVE-2021-23134.html * https://www.suse.com/security/cve/CVE-2021-46904.html * https://www.suse.com/security/cve/CVE-2021-46905.html * https://www.suse.com/security/cve/CVE-2021-46909.html * https://www.suse.com/security/cve/CVE-2021-46938.html * https://www.suse.com/security/cve/CVE-2021-46939.html * https://www.suse.com/security/cve/CVE-2021-46941.html * https://www.suse.com/security/cve/CVE-2021-46950.html * https://www.suse.com/security/cve/CVE-2021-46955.html * https://www.suse.com/security/cve/CVE-2021-46958.html * https://www.suse.com/security/cve/CVE-2021-46960.html * https://www.suse.com/security/cve/CVE-2021-46963.html * https://www.suse.com/security/cve/CVE-2021-46964.html * https://www.suse.com/security/cve/CVE-2021-46966.html * https://www.suse.com/security/cve/CVE-2021-46981.html * https://www.suse.com/security/cve/CVE-2021-46988.html * https://www.suse.com/security/cve/CVE-2021-46990.html * https://www.suse.com/security/cve/CVE-2021-46998.html * https://www.suse.com/security/cve/CVE-2021-47006.html * https://www.suse.com/security/cve/CVE-2021-47015.html * https://www.suse.com/security/cve/CVE-2021-47024.html * https://www.suse.com/security/cve/CVE-2021-47034.html * https://www.suse.com/security/cve/CVE-2021-47045.html * https://www.suse.com/security/cve/CVE-2021-47049.html * https://www.suse.com/security/cve/CVE-2021-47055.html * https://www.suse.com/security/cve/CVE-2021-47056.html * https://www.suse.com/security/cve/CVE-2021-47060.html * https://www.suse.com/security/cve/CVE-2021-47061.html * https://www.suse.com/security/cve/CVE-2021-47063.html * https://www.suse.com/security/cve/CVE-2021-47068.html * https://www.suse.com/security/cve/CVE-2021-47070.html * https://www.suse.com/security/cve/CVE-2021-47071.html * https://www.suse.com/security/cve/CVE-2021-47073.html * https://www.suse.com/security/cve/CVE-2021-47100.html * https://www.suse.com/security/cve/CVE-2021-47101.html * https://www.suse.com/security/cve/CVE-2021-47104.html * https://www.suse.com/security/cve/CVE-2021-47110.html * https://www.suse.com/security/cve/CVE-2021-47112.html * https://www.suse.com/security/cve/CVE-2021-47113.html * https://www.suse.com/security/cve/CVE-2021-47114.html * https://www.suse.com/security/cve/CVE-2021-47117.html * https://www.suse.com/security/cve/CVE-2021-47118.html * https://www.suse.com/security/cve/CVE-2021-47119.html * https://www.suse.com/security/cve/CVE-2021-47131.html * https://www.suse.com/security/cve/CVE-2021-47138.html * https://www.suse.com/security/cve/CVE-2021-47141.html * https://www.suse.com/security/cve/CVE-2021-47142.html * https://www.suse.com/security/cve/CVE-2021-47143.html * https://www.suse.com/security/cve/CVE-2021-47146.html * https://www.suse.com/security/cve/CVE-2021-47149.html * https://www.suse.com/security/cve/CVE-2021-47150.html * https://www.suse.com/security/cve/CVE-2021-47153.html * https://www.suse.com/security/cve/CVE-2021-47159.html * https://www.suse.com/security/cve/CVE-2021-47161.html * https://www.suse.com/security/cve/CVE-2021-47162.html * https://www.suse.com/security/cve/CVE-2021-47165.html * https://www.suse.com/security/cve/CVE-2021-47166.html * https://www.suse.com/security/cve/CVE-2021-47167.html * https://www.suse.com/security/cve/CVE-2021-47168.html * https://www.suse.com/security/cve/CVE-2021-47169.html * https://www.suse.com/security/cve/CVE-2021-47171.html * https://www.suse.com/security/cve/CVE-2021-47173.html * https://www.suse.com/security/cve/CVE-2021-47177.html * https://www.suse.com/security/cve/CVE-2021-47179.html * https://www.suse.com/security/cve/CVE-2021-47180.html * https://www.suse.com/security/cve/CVE-2021-47181.html * https://www.suse.com/security/cve/CVE-2021-47182.html * https://www.suse.com/security/cve/CVE-2021-47183.html * https://www.suse.com/security/cve/CVE-2021-47184.html * https://www.suse.com/security/cve/CVE-2021-47185.html * https://www.suse.com/security/cve/CVE-2021-47188.html * https://www.suse.com/security/cve/CVE-2021-47189.html * https://www.suse.com/security/cve/CVE-2021-47198.html * https://www.suse.com/security/cve/CVE-2021-47202.html * https://www.suse.com/security/cve/CVE-2021-47203.html * https://www.suse.com/security/cve/CVE-2021-47204.html * https://www.suse.com/security/cve/CVE-2021-47205.html * https://www.suse.com/security/cve/CVE-2021-47207.html * https://www.suse.com/security/cve/CVE-2021-47211.html * https://www.suse.com/security/cve/CVE-2021-47216.html * https://www.suse.com/security/cve/CVE-2021-47217.html * https://www.suse.com/security/cve/CVE-2022-0487.html * https://www.suse.com/security/cve/CVE-2022-48619.html * https://www.suse.com/security/cve/CVE-2022-48626.html * https://www.suse.com/security/cve/CVE-2022-48636.html * https://www.suse.com/security/cve/CVE-2022-48650.html * https://www.suse.com/security/cve/CVE-2022-48651.html * https://www.suse.com/security/cve/CVE-2022-48667.html * https://www.suse.com/security/cve/CVE-2022-48668.html * https://www.suse.com/security/cve/CVE-2022-48672.html * https://www.suse.com/security/cve/CVE-2022-48687.html * https://www.suse.com/security/cve/CVE-2022-48688.html * https://www.suse.com/security/cve/CVE-2022-48695.html * https://www.suse.com/security/cve/CVE-2022-48701.html * https://www.suse.com/security/cve/CVE-2022-48702.html * https://www.suse.com/security/cve/CVE-2023-0160.html * https://www.suse.com/security/cve/CVE-2023-28746.html * https://www.suse.com/security/cve/CVE-2023-35827.html * https://www.suse.com/security/cve/CVE-2023-4881.html * https://www.suse.com/security/cve/CVE-2023-52454.html * https://www.suse.com/security/cve/CVE-2023-52469.html * https://www.suse.com/security/cve/CVE-2023-52470.html * https://www.suse.com/security/cve/CVE-2023-52474.html * https://www.suse.com/security/cve/CVE-2023-52476.html * https://www.suse.com/security/cve/CVE-2023-52477.html * https://www.suse.com/security/cve/CVE-2023-52486.html * https://www.suse.com/security/cve/CVE-2023-52488.html * https://www.suse.com/security/cve/CVE-2023-52509.html * https://www.suse.com/security/cve/CVE-2023-52515.html * https://www.suse.com/security/cve/CVE-2023-52524.html * https://www.suse.com/security/cve/CVE-2023-52528.html * https://www.suse.com/security/cve/CVE-2023-52575.html * https://www.suse.com/security/cve/CVE-2023-52583.html * https://www.suse.com/security/cve/CVE-2023-52587.html * https://www.suse.com/security/cve/CVE-2023-52590.html * https://www.suse.com/security/cve/CVE-2023-52591.html * https://www.suse.com/security/cve/CVE-2023-52595.html * https://www.suse.com/security/cve/CVE-2023-52598.html * https://www.suse.com/security/cve/CVE-2023-52607.html * https://www.suse.com/security/cve/CVE-2023-52614.html * https://www.suse.com/security/cve/CVE-2023-52620.html * https://www.suse.com/security/cve/CVE-2023-52628.html * https://www.suse.com/security/cve/CVE-2023-52635.html * https://www.suse.com/security/cve/CVE-2023-52639.html * https://www.suse.com/security/cve/CVE-2023-52644.html * https://www.suse.com/security/cve/CVE-2023-52646.html * https://www.suse.com/security/cve/CVE-2023-52650.html * https://www.suse.com/security/cve/CVE-2023-52652.html * https://www.suse.com/security/cve/CVE-2023-52653.html * https://www.suse.com/security/cve/CVE-2023-6270.html * https://www.suse.com/security/cve/CVE-2023-6356.html * https://www.suse.com/security/cve/CVE-2023-6535.html * https://www.suse.com/security/cve/CVE-2023-6536.html * https://www.suse.com/security/cve/CVE-2023-7042.html * https://www.suse.com/security/cve/CVE-2023-7192.html * https://www.suse.com/security/cve/CVE-2024-0639.html * https://www.suse.com/security/cve/CVE-2024-2201.html * https://www.suse.com/security/cve/CVE-2024-22099.html * https://www.suse.com/security/cve/CVE-2024-23307.html * https://www.suse.com/security/cve/CVE-2024-23848.html * https://www.suse.com/security/cve/CVE-2024-24855.html * https://www.suse.com/security/cve/CVE-2024-24861.html * https://www.suse.com/security/cve/CVE-2024-26614.html * https://www.suse.com/security/cve/CVE-2024-26642.html * https://www.suse.com/security/cve/CVE-2024-26651.html * https://www.suse.com/security/cve/CVE-2024-26671.html * https://www.suse.com/security/cve/CVE-2024-26675.html * https://www.suse.com/security/cve/CVE-2024-26689.html * https://www.suse.com/security/cve/CVE-2024-26704.html * https://www.suse.com/security/cve/CVE-2024-26733.html * https://www.suse.com/security/cve/CVE-2024-26739.html * https://www.suse.com/security/cve/CVE-2024-26743.html * https://www.suse.com/security/cve/CVE-2024-26744.html * https://www.suse.com/security/cve/CVE-2024-26747.html * https://www.suse.com/security/cve/CVE-2024-26754.html * https://www.suse.com/security/cve/CVE-2024-26763.html * https://www.suse.com/security/cve/CVE-2024-26771.html * https://www.suse.com/security/cve/CVE-2024-26772.html * https://www.suse.com/security/cve/CVE-2024-26773.html * https://www.suse.com/security/cve/CVE-2024-26777.html * https://www.suse.com/security/cve/CVE-2024-26778.html * https://www.suse.com/security/cve/CVE-2024-26779.html * https://www.suse.com/security/cve/CVE-2024-26791.html * https://www.suse.com/security/cve/CVE-2024-26793.html * https://www.suse.com/security/cve/CVE-2024-26805.html * https://www.suse.com/security/cve/CVE-2024-26816.html * https://www.suse.com/security/cve/CVE-2024-26817.html * https://www.suse.com/security/cve/CVE-2024-26839.html * https://www.suse.com/security/cve/CVE-2024-26840.html * https://www.suse.com/security/cve/CVE-2024-26852.html * https://www.suse.com/security/cve/CVE-2024-26855.html * https://www.suse.com/security/cve/CVE-2024-26857.html * https://www.suse.com/security/cve/CVE-2024-26859.html * https://www.suse.com/security/cve/CVE-2024-26876.html * https://www.suse.com/security/cve/CVE-2024-26878.html * https://www.suse.com/security/cve/CVE-2024-26883.html * https://www.suse.com/security/cve/CVE-2024-26884.html * https://www.suse.com/security/cve/CVE-2024-26898.html * https://www.suse.com/security/cve/CVE-2024-26901.html * https://www.suse.com/security/cve/CVE-2024-26903.html * https://www.suse.com/security/cve/CVE-2024-26907.html * https://www.suse.com/security/cve/CVE-2024-26922.html * https://www.suse.com/security/cve/CVE-2024-26929.html * https://www.suse.com/security/cve/CVE-2024-26930.html * https://www.suse.com/security/cve/CVE-2024-26931.html * https://www.suse.com/security/cve/CVE-2024-26948.html * https://www.suse.com/security/cve/CVE-2024-26993.html * https://www.suse.com/security/cve/CVE-2024-27008.html * https://www.suse.com/security/cve/CVE-2024-27013.html * https://www.suse.com/security/cve/CVE-2024-27014.html * https://www.suse.com/security/cve/CVE-2024-27043.html * https://www.suse.com/security/cve/CVE-2024-27046.html * https://www.suse.com/security/cve/CVE-2024-27054.html * https://www.suse.com/security/cve/CVE-2024-27072.html * https://www.suse.com/security/cve/CVE-2024-27073.html * https://www.suse.com/security/cve/CVE-2024-27074.html * https://www.suse.com/security/cve/CVE-2024-27075.html * https://www.suse.com/security/cve/CVE-2024-27078.html * https://www.suse.com/security/cve/CVE-2024-27388.html * https://bugzilla.suse.com/show_bug.cgi?id=1084332 * https://bugzilla.suse.com/show_bug.cgi?id=1141539 * https://bugzilla.suse.com/show_bug.cgi?id=1184509 * https://bugzilla.suse.com/show_bug.cgi?id=1186060 * https://bugzilla.suse.com/show_bug.cgi?id=1190317 * https://bugzilla.suse.com/show_bug.cgi?id=1190576 * https://bugzilla.suse.com/show_bug.cgi?id=1192145 * https://bugzilla.suse.com/show_bug.cgi?id=1194516 * https://bugzilla.suse.com/show_bug.cgi?id=1197894 * https://bugzilla.suse.com/show_bug.cgi?id=1203935 * https://bugzilla.suse.com/show_bug.cgi?id=1209657 * https://bugzilla.suse.com/show_bug.cgi?id=1211592 * https://bugzilla.suse.com/show_bug.cgi?id=1212514 * https://bugzilla.suse.com/show_bug.cgi?id=1213456 * https://bugzilla.suse.com/show_bug.cgi?id=1215221 * https://bugzilla.suse.com/show_bug.cgi?id=1217339 * https://bugzilla.suse.com/show_bug.cgi?id=1217987 * https://bugzilla.suse.com/show_bug.cgi?id=1217988 * https://bugzilla.suse.com/show_bug.cgi?id=1217989 * https://bugzilla.suse.com/show_bug.cgi?id=1218220 * https://bugzilla.suse.com/show_bug.cgi?id=1218336 * https://bugzilla.suse.com/show_bug.cgi?id=1218479 * https://bugzilla.suse.com/show_bug.cgi?id=1218562 * https://bugzilla.suse.com/show_bug.cgi?id=1218917 * https://bugzilla.suse.com/show_bug.cgi?id=1219104 * https://bugzilla.suse.com/show_bug.cgi?id=1219169 * https://bugzilla.suse.com/show_bug.cgi?id=1219170 * https://bugzilla.suse.com/show_bug.cgi?id=1219618 * https://bugzilla.suse.com/show_bug.cgi?id=1219623 * https://bugzilla.suse.com/show_bug.cgi?id=1219847 * https://bugzilla.suse.com/show_bug.cgi?id=1220320 * https://bugzilla.suse.com/show_bug.cgi?id=1220366 * https://bugzilla.suse.com/show_bug.cgi?id=1220394 * https://bugzilla.suse.com/show_bug.cgi?id=1220411 * https://bugzilla.suse.com/show_bug.cgi?id=1220413 * https://bugzilla.suse.com/show_bug.cgi?id=1220416 * https://bugzilla.suse.com/show_bug.cgi?id=1220418 * https://bugzilla.suse.com/show_bug.cgi?id=1220442 * https://bugzilla.suse.com/show_bug.cgi?id=1220445 * https://bugzilla.suse.com/show_bug.cgi?id=1220513 * https://bugzilla.suse.com/show_bug.cgi?id=1220521 * https://bugzilla.suse.com/show_bug.cgi?id=1220528 * https://bugzilla.suse.com/show_bug.cgi?id=1220536 * https://bugzilla.suse.com/show_bug.cgi?id=1220538 * https://bugzilla.suse.com/show_bug.cgi?id=1220554 * https://bugzilla.suse.com/show_bug.cgi?id=1220572 * https://bugzilla.suse.com/show_bug.cgi?id=1220580 * https://bugzilla.suse.com/show_bug.cgi?id=1220611 * https://bugzilla.suse.com/show_bug.cgi?id=1220625 * https://bugzilla.suse.com/show_bug.cgi?id=1220628 * https://bugzilla.suse.com/show_bug.cgi?id=1220637 * https://bugzilla.suse.com/show_bug.cgi?id=1220640 * https://bugzilla.suse.com/show_bug.cgi?id=1220662 * https://bugzilla.suse.com/show_bug.cgi?id=1220687 * https://bugzilla.suse.com/show_bug.cgi?id=1220692 * https://bugzilla.suse.com/show_bug.cgi?id=1220703 * https://bugzilla.suse.com/show_bug.cgi?id=1220706 * https://bugzilla.suse.com/show_bug.cgi?id=1220739 * https://bugzilla.suse.com/show_bug.cgi?id=1220742 * https://bugzilla.suse.com/show_bug.cgi?id=1220743 * https://bugzilla.suse.com/show_bug.cgi?id=1220745 * https://bugzilla.suse.com/show_bug.cgi?id=1220751 * https://bugzilla.suse.com/show_bug.cgi?id=1220768 * https://bugzilla.suse.com/show_bug.cgi?id=1220769 * https://bugzilla.suse.com/show_bug.cgi?id=1220777 * https://bugzilla.suse.com/show_bug.cgi?id=1220790 * https://bugzilla.suse.com/show_bug.cgi?id=1220794 * https://bugzilla.suse.com/show_bug.cgi?id=1220829 * https://bugzilla.suse.com/show_bug.cgi?id=1220836 * https://bugzilla.suse.com/show_bug.cgi?id=1220843 * https://bugzilla.suse.com/show_bug.cgi?id=1220846 * https://bugzilla.suse.com/show_bug.cgi?id=1220850 * https://bugzilla.suse.com/show_bug.cgi?id=1220871 * https://bugzilla.suse.com/show_bug.cgi?id=1220927 * https://bugzilla.suse.com/show_bug.cgi?id=1220960 * https://bugzilla.suse.com/show_bug.cgi?id=1220985 * https://bugzilla.suse.com/show_bug.cgi?id=1220987 * https://bugzilla.suse.com/show_bug.cgi?id=1221044 * https://bugzilla.suse.com/show_bug.cgi?id=1221046 * https://bugzilla.suse.com/show_bug.cgi?id=1221048 * https://bugzilla.suse.com/show_bug.cgi?id=1221058 * https://bugzilla.suse.com/show_bug.cgi?id=1221060 * https://bugzilla.suse.com/show_bug.cgi?id=1221061 * https://bugzilla.suse.com/show_bug.cgi?id=1221077 * https://bugzilla.suse.com/show_bug.cgi?id=1221082 * https://bugzilla.suse.com/show_bug.cgi?id=1221088 * https://bugzilla.suse.com/show_bug.cgi?id=1221162 * https://bugzilla.suse.com/show_bug.cgi?id=1221277 * https://bugzilla.suse.com/show_bug.cgi?id=1221293 * https://bugzilla.suse.com/show_bug.cgi?id=1221337 * https://bugzilla.suse.com/show_bug.cgi?id=1221532 * https://bugzilla.suse.com/show_bug.cgi?id=1221541 * https://bugzilla.suse.com/show_bug.cgi?id=1221543 * https://bugzilla.suse.com/show_bug.cgi?id=1221545 * https://bugzilla.suse.com/show_bug.cgi?id=1221548 * https://bugzilla.suse.com/show_bug.cgi?id=1221575 * https://bugzilla.suse.com/show_bug.cgi?id=1221605 * https://bugzilla.suse.com/show_bug.cgi?id=1221608 * https://bugzilla.suse.com/show_bug.cgi?id=1221617 * https://bugzilla.suse.com/show_bug.cgi?id=1221791 * https://bugzilla.suse.com/show_bug.cgi?id=1221816 * https://bugzilla.suse.com/show_bug.cgi?id=1221825 * https://bugzilla.suse.com/show_bug.cgi?id=1221830 * https://bugzilla.suse.com/show_bug.cgi?id=1221862 * https://bugzilla.suse.com/show_bug.cgi?id=1221934 * https://bugzilla.suse.com/show_bug.cgi?id=1221949 * https://bugzilla.suse.com/show_bug.cgi?id=1221952 * https://bugzilla.suse.com/show_bug.cgi?id=1221953 * https://bugzilla.suse.com/show_bug.cgi?id=1221965 * https://bugzilla.suse.com/show_bug.cgi?id=1221966 * https://bugzilla.suse.com/show_bug.cgi?id=1221967 * https://bugzilla.suse.com/show_bug.cgi?id=1221969 * https://bugzilla.suse.com/show_bug.cgi?id=1221972 * https://bugzilla.suse.com/show_bug.cgi?id=1221973 * https://bugzilla.suse.com/show_bug.cgi?id=1221977 * https://bugzilla.suse.com/show_bug.cgi?id=1221979 * https://bugzilla.suse.com/show_bug.cgi?id=1221988 * https://bugzilla.suse.com/show_bug.cgi?id=1221991 * https://bugzilla.suse.com/show_bug.cgi?id=1221993 * https://bugzilla.suse.com/show_bug.cgi?id=1221994 * https://bugzilla.suse.com/show_bug.cgi?id=1221997 * https://bugzilla.suse.com/show_bug.cgi?id=1221998 * https://bugzilla.suse.com/show_bug.cgi?id=1221999 * https://bugzilla.suse.com/show_bug.cgi?id=1222000 * https://bugzilla.suse.com/show_bug.cgi?id=1222001 * https://bugzilla.suse.com/show_bug.cgi?id=1222002 * https://bugzilla.suse.com/show_bug.cgi?id=1222117 * https://bugzilla.suse.com/show_bug.cgi?id=1222294 * https://bugzilla.suse.com/show_bug.cgi?id=1222300 * https://bugzilla.suse.com/show_bug.cgi?id=1222357 * https://bugzilla.suse.com/show_bug.cgi?id=1222379 * https://bugzilla.suse.com/show_bug.cgi?id=1222422 * https://bugzilla.suse.com/show_bug.cgi?id=1222428 * https://bugzilla.suse.com/show_bug.cgi?id=1222449 * https://bugzilla.suse.com/show_bug.cgi?id=1222503 * https://bugzilla.suse.com/show_bug.cgi?id=1222559 * https://bugzilla.suse.com/show_bug.cgi?id=1222585 * https://bugzilla.suse.com/show_bug.cgi?id=1222609 * https://bugzilla.suse.com/show_bug.cgi?id=1222610 * https://bugzilla.suse.com/show_bug.cgi?id=1222613 * https://bugzilla.suse.com/show_bug.cgi?id=1222618 * https://bugzilla.suse.com/show_bug.cgi?id=1222619 * https://bugzilla.suse.com/show_bug.cgi?id=1222624 * https://bugzilla.suse.com/show_bug.cgi?id=1222630 * https://bugzilla.suse.com/show_bug.cgi?id=1222632 * https://bugzilla.suse.com/show_bug.cgi?id=1222660 * https://bugzilla.suse.com/show_bug.cgi?id=1222662 * https://bugzilla.suse.com/show_bug.cgi?id=1222664 * https://bugzilla.suse.com/show_bug.cgi?id=1222666 * https://bugzilla.suse.com/show_bug.cgi?id=1222669 * https://bugzilla.suse.com/show_bug.cgi?id=1222671 * https://bugzilla.suse.com/show_bug.cgi?id=1222677 * https://bugzilla.suse.com/show_bug.cgi?id=1222706 * https://bugzilla.suse.com/show_bug.cgi?id=1222720 * https://bugzilla.suse.com/show_bug.cgi?id=1222765 * https://bugzilla.suse.com/show_bug.cgi?id=1222770 * https://bugzilla.suse.com/show_bug.cgi?id=1222772 * https://bugzilla.suse.com/show_bug.cgi?id=1222787 * https://bugzilla.suse.com/show_bug.cgi?id=1222790 * https://bugzilla.suse.com/show_bug.cgi?id=1222793 * https://bugzilla.suse.com/show_bug.cgi?id=1222812 * https://bugzilla.suse.com/show_bug.cgi?id=1222836 * https://bugzilla.suse.com/show_bug.cgi?id=1222869 * https://bugzilla.suse.com/show_bug.cgi?id=1222876 * https://bugzilla.suse.com/show_bug.cgi?id=1222878 * https://bugzilla.suse.com/show_bug.cgi?id=1222881 * https://bugzilla.suse.com/show_bug.cgi?id=1222883 * https://bugzilla.suse.com/show_bug.cgi?id=1222888 * https://bugzilla.suse.com/show_bug.cgi?id=1222952 * https://bugzilla.suse.com/show_bug.cgi?id=1222961 * https://bugzilla.suse.com/show_bug.cgi?id=1222975 * https://bugzilla.suse.com/show_bug.cgi?id=1222976 * https://bugzilla.suse.com/show_bug.cgi?id=1223016 * https://bugzilla.suse.com/show_bug.cgi?id=1223035 * https://bugzilla.suse.com/show_bug.cgi?id=1223049 * https://bugzilla.suse.com/show_bug.cgi?id=1223051 * https://bugzilla.suse.com/show_bug.cgi?id=1223057 * https://bugzilla.suse.com/show_bug.cgi?id=1223058 * https://bugzilla.suse.com/show_bug.cgi?id=1223060 * https://bugzilla.suse.com/show_bug.cgi?id=1223119 * https://bugzilla.suse.com/show_bug.cgi?id=1223187 * https://bugzilla.suse.com/show_bug.cgi?id=1223189 * https://bugzilla.suse.com/show_bug.cgi?id=1223198 * https://bugzilla.suse.com/show_bug.cgi?id=1223203 * https://bugzilla.suse.com/show_bug.cgi?id=1223315 * https://bugzilla.suse.com/show_bug.cgi?id=1223432 * https://bugzilla.suse.com/show_bug.cgi?id=1223509 * https://bugzilla.suse.com/show_bug.cgi?id=1223512 * https://bugzilla.suse.com/show_bug.cgi?id=1223513 * https://bugzilla.suse.com/show_bug.cgi?id=1223516 * https://bugzilla.suse.com/show_bug.cgi?id=1223518 * https://bugzilla.suse.com/show_bug.cgi?id=1223539 * https://bugzilla.suse.com/show_bug.cgi?id=1223540 * https://bugzilla.suse.com/show_bug.cgi?id=1223626 * https://bugzilla.suse.com/show_bug.cgi?id=1223627 * https://bugzilla.suse.com/show_bug.cgi?id=1223664 * https://bugzilla.suse.com/show_bug.cgi?id=1223686 * https://bugzilla.suse.com/show_bug.cgi?id=1223693 * https://bugzilla.suse.com/show_bug.cgi?id=1223712 * https://bugzilla.suse.com/show_bug.cgi?id=1223715 * https://bugzilla.suse.com/show_bug.cgi?id=1223735 * https://bugzilla.suse.com/show_bug.cgi?id=1223744 * https://bugzilla.suse.com/show_bug.cgi?id=1223745 * https://bugzilla.suse.com/show_bug.cgi?id=1223770 * https://bugzilla.suse.com/show_bug.cgi?id=1223781 * https://bugzilla.suse.com/show_bug.cgi?id=1223802 * https://bugzilla.suse.com/show_bug.cgi?id=1223819 * https://bugzilla.suse.com/show_bug.cgi?id=1223824 * https://bugzilla.suse.com/show_bug.cgi?id=1223827 * https://bugzilla.suse.com/show_bug.cgi?id=1223837 * https://bugzilla.suse.com/show_bug.cgi?id=1223842 * https://bugzilla.suse.com/show_bug.cgi?id=1223843 * https://bugzilla.suse.com/show_bug.cgi?id=1223844 * https://bugzilla.suse.com/show_bug.cgi?id=1223883 * https://bugzilla.suse.com/show_bug.cgi?id=1223885 * https://bugzilla.suse.com/show_bug.cgi?id=1223921 * https://bugzilla.suse.com/show_bug.cgi?id=1223923 * https://bugzilla.suse.com/show_bug.cgi?id=1223931 * https://bugzilla.suse.com/show_bug.cgi?id=1223941 * https://bugzilla.suse.com/show_bug.cgi?id=1223952 * https://bugzilla.suse.com/show_bug.cgi?id=1223953 * https://bugzilla.suse.com/show_bug.cgi?id=1223954 * https://bugzilla.suse.com/show_bug.cgi?id=1223969 * https://jira.suse.com/browse/PED-5759 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue May 14 16:33:20 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 14 May 2024 16:33:20 -0000 Subject: SUSE-SU-2024:1642-1: important: Security update for the Linux Kernel Message-ID: <171570440051.20442.11559782366374197763@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2024:1642-1 Rating: important References: * bsc#1190576 * bsc#1192145 * bsc#1200313 * bsc#1201489 * bsc#1203906 * bsc#1203935 * bsc#1204614 * bsc#1211592 * bsc#1218562 * bsc#1218917 * bsc#1219169 * bsc#1219170 * bsc#1219264 * bsc#1220513 * bsc#1220755 * bsc#1220854 * bsc#1221113 * bsc#1221299 * bsc#1221543 * bsc#1221545 * bsc#1222449 * bsc#1222482 * bsc#1222503 * bsc#1222559 * bsc#1222585 * bsc#1222624 * bsc#1222666 * bsc#1222669 * bsc#1222709 * bsc#1222790 * bsc#1222792 * bsc#1222829 * bsc#1222876 * bsc#1222878 * bsc#1222881 * bsc#1222883 * bsc#1222894 * bsc#1222976 * bsc#1223016 * bsc#1223057 * bsc#1223111 * bsc#1223187 * bsc#1223202 * bsc#1223475 * bsc#1223482 * bsc#1223509 * bsc#1223513 * bsc#1223522 * bsc#1223824 * bsc#1223921 * bsc#1223923 * bsc#1223931 * bsc#1223941 * bsc#1223948 * bsc#1223952 * bsc#1223963 Cross-References: * CVE-2021-46955 * CVE-2021-47041 * CVE-2021-47074 * CVE-2021-47113 * CVE-2021-47131 * CVE-2021-47184 * CVE-2021-47185 * CVE-2021-47194 * CVE-2021-47198 * CVE-2021-47201 * CVE-2021-47202 * CVE-2021-47203 * CVE-2021-47206 * CVE-2021-47207 * CVE-2021-47212 * CVE-2021-47216 * CVE-2022-48631 * CVE-2022-48638 * CVE-2022-48650 * CVE-2022-48651 * CVE-2022-48654 * CVE-2022-48672 * CVE-2022-48686 * CVE-2022-48687 * CVE-2022-48693 * CVE-2022-48695 * CVE-2022-48701 * CVE-2022-48702 * CVE-2023-2860 * CVE-2023-6270 * CVE-2024-0639 * CVE-2024-0841 * CVE-2024-22099 * CVE-2024-23307 * CVE-2024-26610 * CVE-2024-26688 * CVE-2024-26689 * CVE-2024-26733 * CVE-2024-26739 * CVE-2024-26744 * CVE-2024-26816 * CVE-2024-26840 * CVE-2024-26852 * CVE-2024-26862 * CVE-2024-26898 * CVE-2024-26903 * CVE-2024-26906 * CVE-2024-27043 CVSS scores: * CVE-2021-46955 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2021-47041 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47074 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2021-47113 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47131 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47184 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47185 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47194 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47194 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47198 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47198 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47201 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47202 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47203 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47206 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47207 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47212 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47216 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2022-48631 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48638 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48650 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48651 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48654 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2022-48672 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2022-48686 ( SUSE ): 3.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2022-48687 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2022-48693 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48695 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48701 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2022-48702 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L * CVE-2023-2860 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2023-2860 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2023-6270 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6270 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-0639 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0639 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0841 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0841 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-22099 ( SUSE ): 5.3 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-22099 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-23307 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26610 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-26688 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26689 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26733 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26739 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26744 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26816 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-26840 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-26852 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26862 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-26898 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26898 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26903 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26903 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26906 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27043 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Availability Extension 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Live Patching 15-SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 Business Critical Linux 15-SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Manager Proxy 4.2 * SUSE Manager Retail Branch Server 4.2 * SUSE Manager Server 4.2 An update that solves 48 vulnerabilities and has eight security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2024-26840: Fixed a memory leak in cachefiles_add_cache() (bsc#1222976). * CVE-2021-47113: Abort btrfs rename_exchange if we fail to insert the second ref (bsc#1221543). * CVE-2021-47131: Fixed a use-after-free after the TLS device goes down and up (bsc#1221545). * CVE-2024-26852: Fixed net/ipv6 to avoid possible UAF in ip6_route_mpath_notify() (bsc#1223057). * CVE-2021-46955: Fixed an out-of-bounds read with openvswitch, when fragmenting IPv4 packets (bsc#1220513). * CVE-2024-26862: Fixed packet annotate data-races around ignore_outgoing (bsc#1223111). * CVE-2024-0639: Fixed a denial-of-service vulnerability due to a deadlock found in sctp_auto_asconf_init in net/sctp/socket.c (bsc#1218917). * CVE-2024-27043: Fixed a use-after-free in edia/dvbdev in different places (bsc#1223824). * CVE-2022-48631: Fixed a bug in ext4, when parsing extents where eh_entries == 0 and eh_depth > 0 (bsc#1223475). * CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5 modules (bsc#1219169). * CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223513). * CVE-2024-26906: Disallowed vsyscall page read for copy_from_kernel_nofault() (bsc#1223202). * CVE-2024-26816: Fixed relocations in .notes section when building with CONFIG_XEN_PV=y by ignoring them (bsc#1222624). * CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221299). * CVE-2024-26689: Fixed a use-after-free in encode_cap_msg() (bsc#1222503). * CVE-2021-47041: Don't set sk_user_data without write_lock (bsc#1220755). * CVE-2021-47074: Fixed memory leak in nvme_loop_create_ctrl() (bsc#1220854). * CVE-2024-26744: Fixed null pointer dereference in srpt_service_guid parameter in rdma/srpt (bsc#1222449). The following non-security bugs were fixed: * dm rq: do not queue request to blk-mq during DM suspend (bsc#1221113). * dm: rearrange core declarations for extended use from dm-zone.c (bsc#1221113). * net/tls: Remove the context from the list in tls_device_down (bsc#1221545). * tls: Fix context leak on tls_device_down (bsc#1221545). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-1642=1 * SUSE Linux Enterprise Live Patching 15-SP3 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2024-1642=1 * SUSE Linux Enterprise High Availability Extension 15 SP3 zypper in -t patch SUSE-SLE-Product-HA-15-SP3-2024-1642=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-1642=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-1642=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-1642=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-1642=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-1642=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-1642=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-1642=1 ## Package List: * openSUSE Leap 15.3 (noarch nosrc) * kernel-docs-5.3.18-150300.59.161.2 * openSUSE Leap 15.3 (noarch) * kernel-macros-5.3.18-150300.59.161.1 * kernel-docs-html-5.3.18-150300.59.161.2 * kernel-devel-5.3.18-150300.59.161.1 * kernel-source-vanilla-5.3.18-150300.59.161.1 * kernel-source-5.3.18-150300.59.161.1 * openSUSE Leap 15.3 (nosrc ppc64le x86_64) * kernel-kvmsmall-5.3.18-150300.59.161.1 * kernel-debug-5.3.18-150300.59.161.1 * openSUSE Leap 15.3 (ppc64le x86_64) * kernel-debug-livepatch-devel-5.3.18-150300.59.161.1 * kernel-kvmsmall-devel-5.3.18-150300.59.161.1 * kernel-debug-devel-debuginfo-5.3.18-150300.59.161.1 * kernel-kvmsmall-devel-debuginfo-5.3.18-150300.59.161.1 * kernel-debug-debuginfo-5.3.18-150300.59.161.1 * kernel-kvmsmall-debuginfo-5.3.18-150300.59.161.1 * kernel-debug-devel-5.3.18-150300.59.161.1 * kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.161.1 * kernel-kvmsmall-debugsource-5.3.18-150300.59.161.1 * kernel-debug-debugsource-5.3.18-150300.59.161.1 * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64) * kernel-default-devel-5.3.18-150300.59.161.1 * kernel-default-base-5.3.18-150300.59.161.1.150300.18.94.1 * gfs2-kmp-default-5.3.18-150300.59.161.1 * reiserfs-kmp-default-debuginfo-5.3.18-150300.59.161.1 * kernel-default-livepatch-devel-5.3.18-150300.59.161.1 * kernel-obs-build-debugsource-5.3.18-150300.59.161.1 * kernel-syms-5.3.18-150300.59.161.1 * reiserfs-kmp-default-5.3.18-150300.59.161.1 * kernel-default-base-rebuild-5.3.18-150300.59.161.1.150300.18.94.1 * ocfs2-kmp-default-5.3.18-150300.59.161.1 * kernel-default-debugsource-5.3.18-150300.59.161.1 * cluster-md-kmp-default-debuginfo-5.3.18-150300.59.161.1 * cluster-md-kmp-default-5.3.18-150300.59.161.1 * gfs2-kmp-default-debuginfo-5.3.18-150300.59.161.1 * kernel-default-debuginfo-5.3.18-150300.59.161.1 * kernel-default-optional-5.3.18-150300.59.161.1 * kernel-default-extra-5.3.18-150300.59.161.1 * kernel-default-livepatch-5.3.18-150300.59.161.1 * kernel-default-extra-debuginfo-5.3.18-150300.59.161.1 * kselftests-kmp-default-debuginfo-5.3.18-150300.59.161.1 * dlm-kmp-default-5.3.18-150300.59.161.1 * kselftests-kmp-default-5.3.18-150300.59.161.1 * ocfs2-kmp-default-debuginfo-5.3.18-150300.59.161.1 * kernel-obs-build-5.3.18-150300.59.161.1 * kernel-obs-qa-5.3.18-150300.59.161.1 * kernel-default-devel-debuginfo-5.3.18-150300.59.161.1 * kernel-default-optional-debuginfo-5.3.18-150300.59.161.1 * dlm-kmp-default-debuginfo-5.3.18-150300.59.161.1 * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-5.3.18-150300.59.161.1 * openSUSE Leap 15.3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_161-default-1-150300.7.3.1 * kernel-livepatch-SLE15-SP3_Update_44-debugsource-1-150300.7.3.1 * kernel-livepatch-5_3_18-150300_59_161-default-debuginfo-1-150300.7.3.1 * openSUSE Leap 15.3 (x86_64) * kernel-livepatch-5_3_18-150300_59_161-preempt-1-150300.7.3.1 * kernel-livepatch-5_3_18-150300_59_161-preempt-debuginfo-1-150300.7.3.1 * openSUSE Leap 15.3 (aarch64 x86_64) * kernel-preempt-livepatch-devel-5.3.18-150300.59.161.1 * kernel-preempt-devel-5.3.18-150300.59.161.1 * kernel-preempt-optional-5.3.18-150300.59.161.1 * ocfs2-kmp-preempt-5.3.18-150300.59.161.1 * dlm-kmp-preempt-debuginfo-5.3.18-150300.59.161.1 * gfs2-kmp-preempt-5.3.18-150300.59.161.1 * kernel-preempt-extra-5.3.18-150300.59.161.1 * cluster-md-kmp-preempt-debuginfo-5.3.18-150300.59.161.1 * kernel-preempt-extra-debuginfo-5.3.18-150300.59.161.1 * reiserfs-kmp-preempt-debuginfo-5.3.18-150300.59.161.1 * kernel-preempt-devel-debuginfo-5.3.18-150300.59.161.1 * ocfs2-kmp-preempt-debuginfo-5.3.18-150300.59.161.1 * gfs2-kmp-preempt-debuginfo-5.3.18-150300.59.161.1 * kselftests-kmp-preempt-debuginfo-5.3.18-150300.59.161.1 * cluster-md-kmp-preempt-5.3.18-150300.59.161.1 * kernel-preempt-debuginfo-5.3.18-150300.59.161.1 * kernel-preempt-debugsource-5.3.18-150300.59.161.1 * kselftests-kmp-preempt-5.3.18-150300.59.161.1 * kernel-preempt-optional-debuginfo-5.3.18-150300.59.161.1 * reiserfs-kmp-preempt-5.3.18-150300.59.161.1 * dlm-kmp-preempt-5.3.18-150300.59.161.1 * openSUSE Leap 15.3 (aarch64 nosrc x86_64) * kernel-preempt-5.3.18-150300.59.161.1 * openSUSE Leap 15.3 (nosrc s390x) * kernel-zfcpdump-5.3.18-150300.59.161.1 * openSUSE Leap 15.3 (s390x) * kernel-zfcpdump-debuginfo-5.3.18-150300.59.161.1 * kernel-zfcpdump-debugsource-5.3.18-150300.59.161.1 * openSUSE Leap 15.3 (nosrc) * dtb-aarch64-5.3.18-150300.59.161.1 * openSUSE Leap 15.3 (aarch64) * kselftests-kmp-64kb-debuginfo-5.3.18-150300.59.161.1 * kernel-64kb-optional-5.3.18-150300.59.161.1 * ocfs2-kmp-64kb-5.3.18-150300.59.161.1 * dlm-kmp-64kb-5.3.18-150300.59.161.1 * gfs2-kmp-64kb-debuginfo-5.3.18-150300.59.161.1 * cluster-md-kmp-64kb-5.3.18-150300.59.161.1 * kernel-64kb-devel-debuginfo-5.3.18-150300.59.161.1 * dtb-nvidia-5.3.18-150300.59.161.1 * dtb-socionext-5.3.18-150300.59.161.1 * dtb-amd-5.3.18-150300.59.161.1 * dtb-altera-5.3.18-150300.59.161.1 * dtb-arm-5.3.18-150300.59.161.1 * dtb-qcom-5.3.18-150300.59.161.1 * cluster-md-kmp-64kb-debuginfo-5.3.18-150300.59.161.1 * kernel-64kb-extra-debuginfo-5.3.18-150300.59.161.1 * dtb-lg-5.3.18-150300.59.161.1 * dtb-al-5.3.18-150300.59.161.1 * reiserfs-kmp-64kb-debuginfo-5.3.18-150300.59.161.1 * dtb-hisilicon-5.3.18-150300.59.161.1 * reiserfs-kmp-64kb-5.3.18-150300.59.161.1 * kselftests-kmp-64kb-5.3.18-150300.59.161.1 * dtb-xilinx-5.3.18-150300.59.161.1 * kernel-64kb-livepatch-devel-5.3.18-150300.59.161.1 * dtb-zte-5.3.18-150300.59.161.1 * dtb-freescale-5.3.18-150300.59.161.1 * dtb-allwinner-5.3.18-150300.59.161.1 * kernel-64kb-debugsource-5.3.18-150300.59.161.1 * gfs2-kmp-64kb-5.3.18-150300.59.161.1 * dtb-cavium-5.3.18-150300.59.161.1 * dtb-sprd-5.3.18-150300.59.161.1 * dtb-rockchip-5.3.18-150300.59.161.1 * kernel-64kb-extra-5.3.18-150300.59.161.1 * kernel-64kb-optional-debuginfo-5.3.18-150300.59.161.1 * dtb-amlogic-5.3.18-150300.59.161.1 * dlm-kmp-64kb-debuginfo-5.3.18-150300.59.161.1 * kernel-64kb-devel-5.3.18-150300.59.161.1 * dtb-renesas-5.3.18-150300.59.161.1 * ocfs2-kmp-64kb-debuginfo-5.3.18-150300.59.161.1 * dtb-broadcom-5.3.18-150300.59.161.1 * dtb-apm-5.3.18-150300.59.161.1 * dtb-mediatek-5.3.18-150300.59.161.1 * kernel-64kb-debuginfo-5.3.18-150300.59.161.1 * dtb-exynos-5.3.18-150300.59.161.1 * dtb-marvell-5.3.18-150300.59.161.1 * openSUSE Leap 15.3 (aarch64 nosrc) * kernel-64kb-5.3.18-150300.59.161.1 * SUSE Linux Enterprise Live Patching 15-SP3 (nosrc) * kernel-default-5.3.18-150300.59.161.1 * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64) * kernel-default-debugsource-5.3.18-150300.59.161.1 * kernel-livepatch-5_3_18-150300_59_161-default-1-150300.7.3.1 * kernel-default-livepatch-devel-5.3.18-150300.59.161.1 * kernel-default-debuginfo-5.3.18-150300.59.161.1 * kernel-default-livepatch-5.3.18-150300.59.161.1 * SUSE Linux Enterprise High Availability Extension 15 SP3 (aarch64 ppc64le s390x x86_64) * kernel-default-debugsource-5.3.18-150300.59.161.1 * dlm-kmp-default-5.3.18-150300.59.161.1 * ocfs2-kmp-default-debuginfo-5.3.18-150300.59.161.1 * gfs2-kmp-default-5.3.18-150300.59.161.1 * cluster-md-kmp-default-debuginfo-5.3.18-150300.59.161.1 * cluster-md-kmp-default-5.3.18-150300.59.161.1 * gfs2-kmp-default-debuginfo-5.3.18-150300.59.161.1 * kernel-default-debuginfo-5.3.18-150300.59.161.1 * dlm-kmp-default-debuginfo-5.3.18-150300.59.161.1 * ocfs2-kmp-default-5.3.18-150300.59.161.1 * SUSE Linux Enterprise High Availability Extension 15 SP3 (nosrc) * kernel-default-5.3.18-150300.59.161.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 nosrc) * kernel-64kb-5.3.18-150300.59.161.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64) * kernel-64kb-debugsource-5.3.18-150300.59.161.1 * kernel-64kb-devel-5.3.18-150300.59.161.1 * kernel-64kb-debuginfo-5.3.18-150300.59.161.1 * kernel-64kb-devel-debuginfo-5.3.18-150300.59.161.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 nosrc x86_64) * kernel-default-5.3.18-150300.59.161.1 * kernel-preempt-5.3.18-150300.59.161.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * kernel-default-devel-5.3.18-150300.59.161.1 * kernel-default-base-5.3.18-150300.59.161.1.150300.18.94.1 * kernel-preempt-debugsource-5.3.18-150300.59.161.1 * kernel-default-debugsource-5.3.18-150300.59.161.1 * kernel-preempt-devel-5.3.18-150300.59.161.1 * kernel-syms-5.3.18-150300.59.161.1 * reiserfs-kmp-default-debuginfo-5.3.18-150300.59.161.1 * kernel-obs-build-5.3.18-150300.59.161.1 * reiserfs-kmp-default-5.3.18-150300.59.161.1 * kernel-default-debuginfo-5.3.18-150300.59.161.1 * kernel-default-devel-debuginfo-5.3.18-150300.59.161.1 * kernel-preempt-devel-debuginfo-5.3.18-150300.59.161.1 * kernel-obs-build-debugsource-5.3.18-150300.59.161.1 * kernel-preempt-debuginfo-5.3.18-150300.59.161.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * kernel-devel-5.3.18-150300.59.161.1 * kernel-macros-5.3.18-150300.59.161.1 * kernel-source-5.3.18-150300.59.161.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch nosrc) * kernel-docs-5.3.18-150300.59.161.2 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 nosrc) * kernel-64kb-5.3.18-150300.59.161.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64) * kernel-64kb-debugsource-5.3.18-150300.59.161.1 * kernel-64kb-devel-5.3.18-150300.59.161.1 * kernel-64kb-debuginfo-5.3.18-150300.59.161.1 * kernel-64kb-devel-debuginfo-5.3.18-150300.59.161.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-5.3.18-150300.59.161.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * kernel-default-devel-5.3.18-150300.59.161.1 * kernel-default-base-5.3.18-150300.59.161.1.150300.18.94.1 * kernel-default-debugsource-5.3.18-150300.59.161.1 * kernel-syms-5.3.18-150300.59.161.1 * reiserfs-kmp-default-debuginfo-5.3.18-150300.59.161.1 * kernel-obs-build-5.3.18-150300.59.161.1 * reiserfs-kmp-default-5.3.18-150300.59.161.1 * kernel-default-debuginfo-5.3.18-150300.59.161.1 * kernel-default-devel-debuginfo-5.3.18-150300.59.161.1 * kernel-obs-build-debugsource-5.3.18-150300.59.161.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch) * kernel-devel-5.3.18-150300.59.161.1 * kernel-macros-5.3.18-150300.59.161.1 * kernel-source-5.3.18-150300.59.161.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch nosrc) * kernel-docs-5.3.18-150300.59.161.2 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 nosrc x86_64) * kernel-preempt-5.3.18-150300.59.161.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 x86_64) * kernel-preempt-devel-debuginfo-5.3.18-150300.59.161.1 * kernel-preempt-debugsource-5.3.18-150300.59.161.1 * kernel-preempt-debuginfo-5.3.18-150300.59.161.1 * kernel-preempt-devel-5.3.18-150300.59.161.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (nosrc s390x) * kernel-zfcpdump-5.3.18-150300.59.161.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (s390x) * kernel-zfcpdump-debuginfo-5.3.18-150300.59.161.1 * kernel-zfcpdump-debugsource-5.3.18-150300.59.161.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (nosrc ppc64le x86_64) * kernel-default-5.3.18-150300.59.161.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * kernel-default-devel-5.3.18-150300.59.161.1 * kernel-default-base-5.3.18-150300.59.161.1.150300.18.94.1 * kernel-default-debugsource-5.3.18-150300.59.161.1 * kernel-syms-5.3.18-150300.59.161.1 * reiserfs-kmp-default-debuginfo-5.3.18-150300.59.161.1 * kernel-obs-build-5.3.18-150300.59.161.1 * reiserfs-kmp-default-5.3.18-150300.59.161.1 * kernel-default-debuginfo-5.3.18-150300.59.161.1 * kernel-default-devel-debuginfo-5.3.18-150300.59.161.1 * kernel-obs-build-debugsource-5.3.18-150300.59.161.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * kernel-devel-5.3.18-150300.59.161.1 * kernel-macros-5.3.18-150300.59.161.1 * kernel-source-5.3.18-150300.59.161.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch nosrc) * kernel-docs-5.3.18-150300.59.161.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (nosrc x86_64) * kernel-preempt-5.3.18-150300.59.161.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (x86_64) * kernel-preempt-devel-debuginfo-5.3.18-150300.59.161.1 * kernel-preempt-debugsource-5.3.18-150300.59.161.1 * kernel-preempt-debuginfo-5.3.18-150300.59.161.1 * kernel-preempt-devel-5.3.18-150300.59.161.1 * SUSE Enterprise Storage 7.1 (aarch64 nosrc) * kernel-64kb-5.3.18-150300.59.161.1 * SUSE Enterprise Storage 7.1 (aarch64) * kernel-64kb-debugsource-5.3.18-150300.59.161.1 * kernel-64kb-devel-5.3.18-150300.59.161.1 * kernel-64kb-debuginfo-5.3.18-150300.59.161.1 * kernel-64kb-devel-debuginfo-5.3.18-150300.59.161.1 * SUSE Enterprise Storage 7.1 (aarch64 nosrc x86_64) * kernel-default-5.3.18-150300.59.161.1 * kernel-preempt-5.3.18-150300.59.161.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * kernel-default-devel-5.3.18-150300.59.161.1 * kernel-default-base-5.3.18-150300.59.161.1.150300.18.94.1 * kernel-preempt-debugsource-5.3.18-150300.59.161.1 * kernel-default-debugsource-5.3.18-150300.59.161.1 * kernel-preempt-devel-5.3.18-150300.59.161.1 * kernel-syms-5.3.18-150300.59.161.1 * reiserfs-kmp-default-debuginfo-5.3.18-150300.59.161.1 * kernel-obs-build-5.3.18-150300.59.161.1 * reiserfs-kmp-default-5.3.18-150300.59.161.1 * kernel-default-debuginfo-5.3.18-150300.59.161.1 * kernel-default-devel-debuginfo-5.3.18-150300.59.161.1 * kernel-preempt-devel-debuginfo-5.3.18-150300.59.161.1 * kernel-obs-build-debugsource-5.3.18-150300.59.161.1 * kernel-preempt-debuginfo-5.3.18-150300.59.161.1 * SUSE Enterprise Storage 7.1 (noarch) * kernel-devel-5.3.18-150300.59.161.1 * kernel-macros-5.3.18-150300.59.161.1 * kernel-source-5.3.18-150300.59.161.1 * SUSE Enterprise Storage 7.1 (noarch nosrc) * kernel-docs-5.3.18-150300.59.161.2 * SUSE Linux Enterprise Micro 5.1 (aarch64 nosrc s390x x86_64) * kernel-default-5.3.18-150300.59.161.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * kernel-default-base-5.3.18-150300.59.161.1.150300.18.94.1 * kernel-default-debugsource-5.3.18-150300.59.161.1 * kernel-default-debuginfo-5.3.18-150300.59.161.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 nosrc s390x x86_64) * kernel-default-5.3.18-150300.59.161.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 x86_64) * kernel-default-base-5.3.18-150300.59.161.1.150300.18.94.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * kernel-default-debugsource-5.3.18-150300.59.161.1 * kernel-default-debuginfo-5.3.18-150300.59.161.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 nosrc s390x x86_64) * kernel-default-5.3.18-150300.59.161.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 x86_64) * kernel-default-base-5.3.18-150300.59.161.1.150300.18.94.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * kernel-default-debugsource-5.3.18-150300.59.161.1 * kernel-default-debuginfo-5.3.18-150300.59.161.1 ## References: * https://www.suse.com/security/cve/CVE-2021-46955.html * https://www.suse.com/security/cve/CVE-2021-47041.html * https://www.suse.com/security/cve/CVE-2021-47074.html * https://www.suse.com/security/cve/CVE-2021-47113.html * https://www.suse.com/security/cve/CVE-2021-47131.html * https://www.suse.com/security/cve/CVE-2021-47184.html * https://www.suse.com/security/cve/CVE-2021-47185.html * https://www.suse.com/security/cve/CVE-2021-47194.html * https://www.suse.com/security/cve/CVE-2021-47198.html * https://www.suse.com/security/cve/CVE-2021-47201.html * https://www.suse.com/security/cve/CVE-2021-47202.html * https://www.suse.com/security/cve/CVE-2021-47203.html * https://www.suse.com/security/cve/CVE-2021-47206.html * https://www.suse.com/security/cve/CVE-2021-47207.html * https://www.suse.com/security/cve/CVE-2021-47212.html * https://www.suse.com/security/cve/CVE-2021-47216.html * https://www.suse.com/security/cve/CVE-2022-48631.html * https://www.suse.com/security/cve/CVE-2022-48638.html * https://www.suse.com/security/cve/CVE-2022-48650.html * https://www.suse.com/security/cve/CVE-2022-48651.html * https://www.suse.com/security/cve/CVE-2022-48654.html * https://www.suse.com/security/cve/CVE-2022-48672.html * https://www.suse.com/security/cve/CVE-2022-48686.html * https://www.suse.com/security/cve/CVE-2022-48687.html * https://www.suse.com/security/cve/CVE-2022-48693.html * https://www.suse.com/security/cve/CVE-2022-48695.html * https://www.suse.com/security/cve/CVE-2022-48701.html * https://www.suse.com/security/cve/CVE-2022-48702.html * https://www.suse.com/security/cve/CVE-2023-2860.html * https://www.suse.com/security/cve/CVE-2023-6270.html * https://www.suse.com/security/cve/CVE-2024-0639.html * https://www.suse.com/security/cve/CVE-2024-0841.html * https://www.suse.com/security/cve/CVE-2024-22099.html * https://www.suse.com/security/cve/CVE-2024-23307.html * https://www.suse.com/security/cve/CVE-2024-26610.html * https://www.suse.com/security/cve/CVE-2024-26688.html * https://www.suse.com/security/cve/CVE-2024-26689.html * https://www.suse.com/security/cve/CVE-2024-26733.html * https://www.suse.com/security/cve/CVE-2024-26739.html * https://www.suse.com/security/cve/CVE-2024-26744.html * https://www.suse.com/security/cve/CVE-2024-26816.html * https://www.suse.com/security/cve/CVE-2024-26840.html * https://www.suse.com/security/cve/CVE-2024-26852.html * https://www.suse.com/security/cve/CVE-2024-26862.html * https://www.suse.com/security/cve/CVE-2024-26898.html * https://www.suse.com/security/cve/CVE-2024-26903.html * https://www.suse.com/security/cve/CVE-2024-26906.html * https://www.suse.com/security/cve/CVE-2024-27043.html * https://bugzilla.suse.com/show_bug.cgi?id=1190576 * https://bugzilla.suse.com/show_bug.cgi?id=1192145 * https://bugzilla.suse.com/show_bug.cgi?id=1200313 * https://bugzilla.suse.com/show_bug.cgi?id=1201489 * https://bugzilla.suse.com/show_bug.cgi?id=1203906 * https://bugzilla.suse.com/show_bug.cgi?id=1203935 * https://bugzilla.suse.com/show_bug.cgi?id=1204614 * https://bugzilla.suse.com/show_bug.cgi?id=1211592 * https://bugzilla.suse.com/show_bug.cgi?id=1218562 * https://bugzilla.suse.com/show_bug.cgi?id=1218917 * https://bugzilla.suse.com/show_bug.cgi?id=1219169 * https://bugzilla.suse.com/show_bug.cgi?id=1219170 * https://bugzilla.suse.com/show_bug.cgi?id=1219264 * https://bugzilla.suse.com/show_bug.cgi?id=1220513 * https://bugzilla.suse.com/show_bug.cgi?id=1220755 * https://bugzilla.suse.com/show_bug.cgi?id=1220854 * https://bugzilla.suse.com/show_bug.cgi?id=1221113 * https://bugzilla.suse.com/show_bug.cgi?id=1221299 * https://bugzilla.suse.com/show_bug.cgi?id=1221543 * https://bugzilla.suse.com/show_bug.cgi?id=1221545 * https://bugzilla.suse.com/show_bug.cgi?id=1222449 * https://bugzilla.suse.com/show_bug.cgi?id=1222482 * https://bugzilla.suse.com/show_bug.cgi?id=1222503 * https://bugzilla.suse.com/show_bug.cgi?id=1222559 * https://bugzilla.suse.com/show_bug.cgi?id=1222585 * https://bugzilla.suse.com/show_bug.cgi?id=1222624 * https://bugzilla.suse.com/show_bug.cgi?id=1222666 * https://bugzilla.suse.com/show_bug.cgi?id=1222669 * https://bugzilla.suse.com/show_bug.cgi?id=1222709 * https://bugzilla.suse.com/show_bug.cgi?id=1222790 * https://bugzilla.suse.com/show_bug.cgi?id=1222792 * https://bugzilla.suse.com/show_bug.cgi?id=1222829 * https://bugzilla.suse.com/show_bug.cgi?id=1222876 * https://bugzilla.suse.com/show_bug.cgi?id=1222878 * https://bugzilla.suse.com/show_bug.cgi?id=1222881 * https://bugzilla.suse.com/show_bug.cgi?id=1222883 * https://bugzilla.suse.com/show_bug.cgi?id=1222894 * https://bugzilla.suse.com/show_bug.cgi?id=1222976 * https://bugzilla.suse.com/show_bug.cgi?id=1223016 * https://bugzilla.suse.com/show_bug.cgi?id=1223057 * https://bugzilla.suse.com/show_bug.cgi?id=1223111 * https://bugzilla.suse.com/show_bug.cgi?id=1223187 * https://bugzilla.suse.com/show_bug.cgi?id=1223202 * https://bugzilla.suse.com/show_bug.cgi?id=1223475 * https://bugzilla.suse.com/show_bug.cgi?id=1223482 * https://bugzilla.suse.com/show_bug.cgi?id=1223509 * https://bugzilla.suse.com/show_bug.cgi?id=1223513 * https://bugzilla.suse.com/show_bug.cgi?id=1223522 * https://bugzilla.suse.com/show_bug.cgi?id=1223824 * https://bugzilla.suse.com/show_bug.cgi?id=1223921 * https://bugzilla.suse.com/show_bug.cgi?id=1223923 * https://bugzilla.suse.com/show_bug.cgi?id=1223931 * https://bugzilla.suse.com/show_bug.cgi?id=1223941 * https://bugzilla.suse.com/show_bug.cgi?id=1223948 * https://bugzilla.suse.com/show_bug.cgi?id=1223952 * https://bugzilla.suse.com/show_bug.cgi?id=1223963 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue May 14 16:33:37 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 14 May 2024 16:33:37 -0000 Subject: SUSE-SU-2024:1641-1: important: Security update for the Linux Kernel Message-ID: <171570441785.20442.17379553814708969007@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2024:1641-1 Rating: important References: * bsc#1192145 * bsc#1209657 * bsc#1215221 * bsc#1216223 * bsc#1218336 * bsc#1218479 * bsc#1218562 * bsc#1219104 * bsc#1219126 * bsc#1219169 * bsc#1219170 * bsc#1219264 * bsc#1220342 * bsc#1220703 * bsc#1220761 * bsc#1220883 * bsc#1221044 * bsc#1221061 * bsc#1221088 * bsc#1221293 * bsc#1221299 * bsc#1221612 * bsc#1221725 * bsc#1221830 * bsc#1222117 * bsc#1222422 * bsc#1222430 * bsc#1222435 * bsc#1222482 * bsc#1222503 * bsc#1222536 * bsc#1222559 * bsc#1222585 * bsc#1222618 * bsc#1222624 * bsc#1222660 * bsc#1222662 * bsc#1222664 * bsc#1222666 * bsc#1222669 * bsc#1222671 * bsc#1222703 * bsc#1222704 * bsc#1222706 * bsc#1222709 * bsc#1222721 * bsc#1222726 * bsc#1222773 * bsc#1222776 * bsc#1222785 * bsc#1222787 * bsc#1222790 * bsc#1222791 * bsc#1222792 * bsc#1222796 * bsc#1222824 * bsc#1222829 * bsc#1222832 * bsc#1222836 * bsc#1222838 * bsc#1222866 * bsc#1222867 * bsc#1222869 * bsc#1222876 * bsc#1222878 * bsc#1222879 * bsc#1222881 * bsc#1222883 * bsc#1222888 * bsc#1222894 * bsc#1222901 * bsc#1223016 * bsc#1223187 * bsc#1223380 * bsc#1223474 * bsc#1223475 * bsc#1223477 * bsc#1223479 * bsc#1223482 * bsc#1223484 * bsc#1223487 * bsc#1223503 * bsc#1223505 * bsc#1223509 * bsc#1223513 * bsc#1223516 * bsc#1223517 * bsc#1223518 * bsc#1223519 * bsc#1223522 * bsc#1223523 * bsc#1223705 * bsc#1223824 Cross-References: * CVE-2021-47047 * CVE-2021-47181 * CVE-2021-47182 * CVE-2021-47183 * CVE-2021-47184 * CVE-2021-47185 * CVE-2021-47187 * CVE-2021-47188 * CVE-2021-47189 * CVE-2021-47191 * CVE-2021-47192 * CVE-2021-47193 * CVE-2021-47194 * CVE-2021-47195 * CVE-2021-47196 * CVE-2021-47197 * CVE-2021-47198 * CVE-2021-47199 * CVE-2021-47200 * CVE-2021-47201 * CVE-2021-47202 * CVE-2021-47203 * CVE-2021-47204 * CVE-2021-47205 * CVE-2021-47206 * CVE-2021-47207 * CVE-2021-47209 * CVE-2021-47210 * CVE-2021-47211 * CVE-2021-47212 * CVE-2021-47215 * CVE-2021-47216 * CVE-2021-47217 * CVE-2021-47218 * CVE-2021-47219 * CVE-2022-48631 * CVE-2022-48637 * CVE-2022-48638 * CVE-2022-48647 * CVE-2022-48648 * CVE-2022-48650 * CVE-2022-48651 * CVE-2022-48653 * CVE-2022-48654 * CVE-2022-48655 * CVE-2022-48656 * CVE-2022-48657 * CVE-2022-48660 * CVE-2022-48662 * CVE-2022-48663 * CVE-2022-48667 * CVE-2022-48668 * CVE-2023-0160 * CVE-2023-4881 * CVE-2023-52476 * CVE-2023-52500 * CVE-2023-52590 * CVE-2023-52591 * CVE-2023-52607 * CVE-2023-52616 * CVE-2023-52628 * CVE-2023-6270 * CVE-2023-7042 * CVE-2023-7192 * CVE-2024-0841 * CVE-2024-22099 * CVE-2024-23307 * CVE-2024-23848 * CVE-2024-23850 * CVE-2024-25742 * CVE-2024-26601 * CVE-2024-26610 * CVE-2024-26614 * CVE-2024-26642 * CVE-2024-26687 * CVE-2024-26688 * CVE-2024-26689 * CVE-2024-26704 * CVE-2024-26727 * CVE-2024-26733 * CVE-2024-26739 * CVE-2024-26764 * CVE-2024-26766 * CVE-2024-26773 * CVE-2024-26792 * CVE-2024-26816 * CVE-2024-26898 * CVE-2024-26903 * CVE-2024-27043 * CVE-2024-27389 CVSS scores: * CVE-2021-47181 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47182 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47183 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47184 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47185 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47187 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47188 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47189 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47191 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47193 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47193 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47194 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47194 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47195 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47195 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47196 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47197 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47198 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47198 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47199 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47200 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47201 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47202 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47203 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47204 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47205 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47206 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47207 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47209 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47210 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47211 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47212 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47215 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47216 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2021-47217 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47218 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47219 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2022-48631 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48637 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48638 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48647 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48648 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48650 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48651 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48653 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-48654 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2022-48655 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2022-48655 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48656 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-48657 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-48660 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-48660 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48662 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48662 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48663 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48667 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2022-48668 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2023-0160 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-0160 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-4881 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L * CVE-2023-4881 ( NVD ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2023-52476 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52500 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2023-52590 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2023-52591 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2023-52607 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52616 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52628 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6270 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6270 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-7042 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-7042 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-7192 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-7192 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0841 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0841 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-22099 ( SUSE ): 5.3 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-22099 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-23307 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23848 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2024-23848 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-23850 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-23850 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-25742 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26601 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26601 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26610 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-26614 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26642 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26687 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26688 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26689 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26704 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26727 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26733 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26739 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26764 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-26766 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26773 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26792 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26816 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-26898 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26898 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26903 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26903 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27043 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-27389 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.4 * openSUSE Leap Micro 5.3 * openSUSE Leap Micro 5.4 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise High Availability Extension 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves 90 vulnerabilities and has three security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP4 LTSS kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2024-27389: Fixed pstore inode handling with d_invalidate() (bsc#1223705). * CVE-2024-27043: Fixed a use-after-free in edia/dvbdev in different places (bsc#1223824). * CVE-2024-26816: Ignore relocations in .notes section when building with CONFIG_XEN_PV=y (bsc#1222624). * CVE-2024-26773: Fixed ext4 block allocation from corrupted group in ext4_mb_try_best_found() (bsc#1222618). * CVE-2024-26766: Fixed SDMA off-by-one error in _pad_sdma_tx_descs() (bsc#1222726). * CVE-2024-26764: Fixed IOCB_AIO_RW check in fs/aio before the struct aio_kiocb conversion (bsc#1222721). * CVE-2024-26733: Fixed an overflow in arp_req_get() in arp (bsc#1222585). * CVE-2024-26727: Fixed assertion if a newly created btrfs subvolume already gets read (bsc#1222536). * CVE-2024-26704: Fixed a double-free of blocks due to wrong extents moved_len in ext4 (bsc#1222422). * CVE-2024-26689: Fixed a use-after-free in encode_cap_msg() (bsc#1222503). * CVE-2024-26687: Fixed xen/events close evtchn after mapping cleanup (bsc#1222435). * CVE-2024-26642: Fixed the set of anonymous timeout flag in netfilter nf_tables (bsc#1221830). * CVE-2024-26614: Fixed the initialization of accept_queue's spinlocks (bsc#1221293). * CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221299). * CVE-2024-26601: Fixed ext4 buddy bitmap corruption via fast commit replay (bsc#1220342). * CVE-2024-25742: Fixed insufficient validation during #VC instruction emulation in x86/sev (bsc#1221725). * CVE-2024-23850: Fixed double free of anonymous device after snapshot creation failure (bsc#1219126). * CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5 modules (bsc#1219169). * CVE-2024-22099: Fixed a null-pointer-dereference in rfcomm_check_security (bsc#1219170). * CVE-2024-0841: Fixed a null pointer dereference in the hugetlbfs_fill_super function in hugetlbfs (HugeTLB pages) functionality (bsc#1219264). * CVE-2023-7192: Fixed a memory leak problem in ctnetlink_create_conntrack in net/netfilter/nf_conntrack_netlink.c (bsc#1218479). * CVE-2023-7042: Fixed a null-pointer-dereference in ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() (bsc#1218336). * CVE-2023-6270: Fixed a use-after-free issue in aoecmd_cfg_pkts (bsc#1218562). * CVE-2023-52628: Fixed 4-byte stack OOB write in nftables (bsc#1222117). * CVE-2023-52616: Fixed unexpected pointer access in crypto/lib/mpi in mpi_ec_init (bsc#1221612). * CVE-2023-52607: Fixed NULL pointer dereference in pgtable_cache_add kasprintf() (bsc#1221061). * CVE-2023-52591: Fixed a possible reiserfs filesystem corruption via directory renaming (bsc#1221044). * CVE-2023-52590: Fixed a possible ocfs2 filesystem corruption via directory renaming (bsc#1221088). * CVE-2023-52500: Fixed information leaking when processing OPC_INB_SET_CONTROLLER_CONFIG command (bsc#1220883). * CVE-2023-52476: Fixed possible unhandled page fault via perf sampling NMI during vsyscall (bsc#1220703). * CVE-2023-4881: Fixed a out-of-bounds write flaw in the netfilter subsystem that could lead to potential information disclosure or a denial of service (bsc#1215221). * CVE-2023-0160: Fixed deadlock flaw in BPF that could allow a local user to potentially crash the system (bsc#1209657). * CVE-2022-48662: Fixed a general protection fault (GPF) in i915_perf_open_ioctl (bsc#1223505). * CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223513). * CVE-2021-47202: Fixed NULL pointer dereferences in of_thermal_ functions (bsc#1222878) * CVE-2021-47195: Fixed use-after-free inside SPI via add_lock mutex (bsc#1222832). * CVE-2021-47189: Fixed denial of service due to memory ordering issues between normal and ordered work functions in btrfs (bsc#1222706). * CVE-2021-47185: Fixed a softlockup issue in flush_to_ldisc in tty tty_buffer (bsc#1222669). * CVE-2021-47183: Fixed a null pointer dereference during link down processing in scsi lpfc (bsc#1192145, bsc#1222664). * CVE-2021-47182: Fixed scsi_mode_sense() buffer length handling (bsc#1222662). * CVE-2021-47181: Fixed a null pointer dereference caused by calling platform_get_resource() (bsc#1222660). The following non-security bugs were fixed: * Call flush_delayed_fput() from nfsd main-loop (bsc#1223380). * ibmvfc: make 'max_sectors' a module option (bsc#1216223). * scsi: Update max_hw_sectors on rescan (bsc#1216223). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap Micro 5.4 zypper in -t patch openSUSE-Leap-Micro-5.4-2024-1641=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-1641=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-1641=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-1641=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-1641=1 * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2024-1641=1 Please note that this is the initial kernel livepatch without fixes itself, this package is later updated by separate standalone kernel livepatch updates. * SUSE Linux Enterprise High Availability Extension 15 SP4 zypper in -t patch SUSE-SLE-Product-HA-15-SP4-2024-1641=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-1641=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-1641=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-1641=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-1641=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-1641=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-1641=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-1641=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-1641=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-1641=1 * openSUSE Leap Micro 5.3 zypper in -t patch openSUSE-Leap-Micro-5.3-2024-1641=1 ## Package List: * openSUSE Leap Micro 5.4 (aarch64 nosrc s390x x86_64) * kernel-default-5.14.21-150400.24.119.1 * openSUSE Leap Micro 5.4 (aarch64 x86_64) * kernel-default-base-5.14.21-150400.24.119.1.150400.24.56.1 * openSUSE Leap Micro 5.4 (aarch64 s390x x86_64) * kernel-default-debugsource-5.14.21-150400.24.119.1 * kernel-default-debuginfo-5.14.21-150400.24.119.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 nosrc s390x x86_64) * kernel-default-5.14.21-150400.24.119.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 x86_64) * kernel-default-base-5.14.21-150400.24.119.1.150400.24.56.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * kernel-default-debugsource-5.14.21-150400.24.119.1 * kernel-default-debuginfo-5.14.21-150400.24.119.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 nosrc s390x x86_64) * kernel-default-5.14.21-150400.24.119.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 x86_64) * kernel-default-base-5.14.21-150400.24.119.1.150400.24.56.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * kernel-default-debugsource-5.14.21-150400.24.119.1 * kernel-default-debuginfo-5.14.21-150400.24.119.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 nosrc s390x x86_64) * kernel-default-5.14.21-150400.24.119.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 x86_64) * kernel-default-base-5.14.21-150400.24.119.1.150400.24.56.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * kernel-default-debugsource-5.14.21-150400.24.119.1 * kernel-default-debuginfo-5.14.21-150400.24.119.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 nosrc s390x x86_64) * kernel-default-5.14.21-150400.24.119.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 x86_64) * kernel-default-base-5.14.21-150400.24.119.1.150400.24.56.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * kernel-default-debugsource-5.14.21-150400.24.119.1 * kernel-default-debuginfo-5.14.21-150400.24.119.1 * SUSE Linux Enterprise Live Patching 15-SP4 (nosrc) * kernel-default-5.14.21-150400.24.119.1 * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-default-livepatch-devel-5.14.21-150400.24.119.1 * kernel-livepatch-SLE15-SP4_Update_26-debugsource-1-150400.9.3.1 * kernel-default-debugsource-5.14.21-150400.24.119.1 * kernel-default-debuginfo-5.14.21-150400.24.119.1 * kernel-livepatch-5_14_21-150400_24_119-default-1-150400.9.3.1 * kernel-default-livepatch-5.14.21-150400.24.119.1 * kernel-livepatch-5_14_21-150400_24_119-default-debuginfo-1-150400.9.3.1 * SUSE Linux Enterprise High Availability Extension 15 SP4 (aarch64 ppc64le s390x x86_64) * ocfs2-kmp-default-debuginfo-5.14.21-150400.24.119.1 * gfs2-kmp-default-5.14.21-150400.24.119.1 * cluster-md-kmp-default-debuginfo-5.14.21-150400.24.119.1 * ocfs2-kmp-default-5.14.21-150400.24.119.1 * gfs2-kmp-default-debuginfo-5.14.21-150400.24.119.1 * kernel-default-debugsource-5.14.21-150400.24.119.1 * kernel-default-debuginfo-5.14.21-150400.24.119.1 * dlm-kmp-default-debuginfo-5.14.21-150400.24.119.1 * cluster-md-kmp-default-5.14.21-150400.24.119.1 * dlm-kmp-default-5.14.21-150400.24.119.1 * SUSE Linux Enterprise High Availability Extension 15 SP4 (nosrc) * kernel-default-5.14.21-150400.24.119.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 nosrc) * kernel-64kb-5.14.21-150400.24.119.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64) * kernel-64kb-devel-5.14.21-150400.24.119.1 * kernel-64kb-devel-debuginfo-5.14.21-150400.24.119.1 * kernel-64kb-debuginfo-5.14.21-150400.24.119.1 * kernel-64kb-debugsource-5.14.21-150400.24.119.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 nosrc x86_64) * kernel-default-5.14.21-150400.24.119.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * kernel-syms-5.14.21-150400.24.119.1 * kernel-default-base-5.14.21-150400.24.119.1.150400.24.56.1 * reiserfs-kmp-default-5.14.21-150400.24.119.1 * kernel-default-debugsource-5.14.21-150400.24.119.1 * kernel-default-debuginfo-5.14.21-150400.24.119.1 * kernel-default-devel-5.14.21-150400.24.119.1 * kernel-default-devel-debuginfo-5.14.21-150400.24.119.1 * kernel-obs-build-5.14.21-150400.24.119.1 * reiserfs-kmp-default-debuginfo-5.14.21-150400.24.119.1 * kernel-obs-build-debugsource-5.14.21-150400.24.119.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * kernel-devel-5.14.21-150400.24.119.1 * kernel-macros-5.14.21-150400.24.119.1 * kernel-source-5.14.21-150400.24.119.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch nosrc) * kernel-docs-5.14.21-150400.24.119.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 nosrc) * kernel-64kb-5.14.21-150400.24.119.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64) * kernel-64kb-devel-5.14.21-150400.24.119.1 * kernel-64kb-devel-debuginfo-5.14.21-150400.24.119.1 * kernel-64kb-debuginfo-5.14.21-150400.24.119.1 * kernel-64kb-debugsource-5.14.21-150400.24.119.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 nosrc x86_64) * kernel-default-5.14.21-150400.24.119.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * kernel-syms-5.14.21-150400.24.119.1 * kernel-default-base-5.14.21-150400.24.119.1.150400.24.56.1 * reiserfs-kmp-default-5.14.21-150400.24.119.1 * kernel-default-debugsource-5.14.21-150400.24.119.1 * kernel-default-debuginfo-5.14.21-150400.24.119.1 * kernel-default-devel-5.14.21-150400.24.119.1 * kernel-default-devel-debuginfo-5.14.21-150400.24.119.1 * kernel-obs-build-5.14.21-150400.24.119.1 * reiserfs-kmp-default-debuginfo-5.14.21-150400.24.119.1 * kernel-obs-build-debugsource-5.14.21-150400.24.119.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * kernel-devel-5.14.21-150400.24.119.1 * kernel-macros-5.14.21-150400.24.119.1 * kernel-source-5.14.21-150400.24.119.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch nosrc) * kernel-docs-5.14.21-150400.24.119.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (nosrc x86_64) * kernel-default-5.14.21-150400.24.119.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * kernel-default-extra-5.14.21-150400.24.119.1 * kernel-syms-5.14.21-150400.24.119.1 * kernel-default-base-5.14.21-150400.24.119.1.150400.24.56.1 * kernel-default-extra-debuginfo-5.14.21-150400.24.119.1 * kernel-default-debugsource-5.14.21-150400.24.119.1 * kernel-default-debuginfo-5.14.21-150400.24.119.1 * kernel-default-devel-5.14.21-150400.24.119.1 * kernel-default-devel-debuginfo-5.14.21-150400.24.119.1 * kernel-obs-build-5.14.21-150400.24.119.1 * kernel-obs-build-debugsource-5.14.21-150400.24.119.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (noarch) * kernel-devel-5.14.21-150400.24.119.1 * kernel-macros-5.14.21-150400.24.119.1 * kernel-source-5.14.21-150400.24.119.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (noarch nosrc) * kernel-docs-5.14.21-150400.24.119.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 nosrc) * kernel-64kb-5.14.21-150400.24.119.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64) * kernel-64kb-devel-5.14.21-150400.24.119.1 * kernel-64kb-devel-debuginfo-5.14.21-150400.24.119.1 * kernel-64kb-debuginfo-5.14.21-150400.24.119.1 * kernel-64kb-debugsource-5.14.21-150400.24.119.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-5.14.21-150400.24.119.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le x86_64) * kernel-default-base-5.14.21-150400.24.119.1.150400.24.56.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * kernel-default-devel-debuginfo-5.14.21-150400.24.119.1 * kernel-syms-5.14.21-150400.24.119.1 * reiserfs-kmp-default-5.14.21-150400.24.119.1 * kernel-default-debugsource-5.14.21-150400.24.119.1 * kernel-default-debuginfo-5.14.21-150400.24.119.1 * kernel-obs-build-5.14.21-150400.24.119.1 * kernel-default-devel-5.14.21-150400.24.119.1 * reiserfs-kmp-default-debuginfo-5.14.21-150400.24.119.1 * kernel-obs-build-debugsource-5.14.21-150400.24.119.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch) * kernel-devel-5.14.21-150400.24.119.1 * kernel-macros-5.14.21-150400.24.119.1 * kernel-source-5.14.21-150400.24.119.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch nosrc) * kernel-docs-5.14.21-150400.24.119.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (nosrc s390x) * kernel-zfcpdump-5.14.21-150400.24.119.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (s390x) * kernel-zfcpdump-debugsource-5.14.21-150400.24.119.1 * kernel-zfcpdump-debuginfo-5.14.21-150400.24.119.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (nosrc ppc64le x86_64) * kernel-default-5.14.21-150400.24.119.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * kernel-syms-5.14.21-150400.24.119.1 * kernel-default-base-5.14.21-150400.24.119.1.150400.24.56.1 * reiserfs-kmp-default-5.14.21-150400.24.119.1 * kernel-default-debugsource-5.14.21-150400.24.119.1 * kernel-default-debuginfo-5.14.21-150400.24.119.1 * kernel-default-devel-5.14.21-150400.24.119.1 * kernel-default-devel-debuginfo-5.14.21-150400.24.119.1 * kernel-obs-build-5.14.21-150400.24.119.1 * reiserfs-kmp-default-debuginfo-5.14.21-150400.24.119.1 * kernel-obs-build-debugsource-5.14.21-150400.24.119.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * kernel-devel-5.14.21-150400.24.119.1 * kernel-macros-5.14.21-150400.24.119.1 * kernel-source-5.14.21-150400.24.119.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch nosrc) * kernel-docs-5.14.21-150400.24.119.1 * SUSE Manager Proxy 4.3 (nosrc x86_64) * kernel-default-5.14.21-150400.24.119.1 * SUSE Manager Proxy 4.3 (x86_64) * kernel-syms-5.14.21-150400.24.119.1 * kernel-default-base-5.14.21-150400.24.119.1.150400.24.56.1 * kernel-default-debugsource-5.14.21-150400.24.119.1 * kernel-default-debuginfo-5.14.21-150400.24.119.1 * kernel-default-devel-5.14.21-150400.24.119.1 * kernel-default-devel-debuginfo-5.14.21-150400.24.119.1 * SUSE Manager Proxy 4.3 (noarch) * kernel-devel-5.14.21-150400.24.119.1 * kernel-macros-5.14.21-150400.24.119.1 * kernel-source-5.14.21-150400.24.119.1 * SUSE Manager Retail Branch Server 4.3 (nosrc x86_64) * kernel-default-5.14.21-150400.24.119.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * kernel-default-base-5.14.21-150400.24.119.1.150400.24.56.1 * kernel-default-debugsource-5.14.21-150400.24.119.1 * kernel-default-debuginfo-5.14.21-150400.24.119.1 * kernel-default-devel-5.14.21-150400.24.119.1 * kernel-default-devel-debuginfo-5.14.21-150400.24.119.1 * SUSE Manager Retail Branch Server 4.3 (noarch) * kernel-devel-5.14.21-150400.24.119.1 * kernel-macros-5.14.21-150400.24.119.1 * SUSE Manager Server 4.3 (nosrc ppc64le s390x x86_64) * kernel-default-5.14.21-150400.24.119.1 * SUSE Manager Server 4.3 (ppc64le x86_64) * kernel-default-base-5.14.21-150400.24.119.1.150400.24.56.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * kernel-syms-5.14.21-150400.24.119.1 * kernel-default-debugsource-5.14.21-150400.24.119.1 * kernel-default-debuginfo-5.14.21-150400.24.119.1 * kernel-default-devel-5.14.21-150400.24.119.1 * kernel-default-devel-debuginfo-5.14.21-150400.24.119.1 * SUSE Manager Server 4.3 (noarch) * kernel-devel-5.14.21-150400.24.119.1 * kernel-macros-5.14.21-150400.24.119.1 * kernel-source-5.14.21-150400.24.119.1 * SUSE Manager Server 4.3 (nosrc s390x) * kernel-zfcpdump-5.14.21-150400.24.119.1 * SUSE Manager Server 4.3 (s390x) * kernel-zfcpdump-debugsource-5.14.21-150400.24.119.1 * kernel-zfcpdump-debuginfo-5.14.21-150400.24.119.1 * openSUSE Leap 15.4 (noarch nosrc) * kernel-docs-5.14.21-150400.24.119.1 * openSUSE Leap 15.4 (noarch) * kernel-devel-5.14.21-150400.24.119.1 * kernel-source-vanilla-5.14.21-150400.24.119.1 * kernel-macros-5.14.21-150400.24.119.1 * kernel-docs-html-5.14.21-150400.24.119.1 * kernel-source-5.14.21-150400.24.119.1 * openSUSE Leap 15.4 (nosrc ppc64le x86_64) * kernel-debug-5.14.21-150400.24.119.1 * openSUSE Leap 15.4 (ppc64le x86_64) * kernel-debug-debuginfo-5.14.21-150400.24.119.1 * kernel-debug-livepatch-devel-5.14.21-150400.24.119.1 * kernel-debug-debugsource-5.14.21-150400.24.119.1 * kernel-debug-devel-5.14.21-150400.24.119.1 * kernel-debug-devel-debuginfo-5.14.21-150400.24.119.1 * openSUSE Leap 15.4 (aarch64 ppc64le x86_64) * kernel-kvmsmall-devel-debuginfo-5.14.21-150400.24.119.1 * kernel-kvmsmall-debugsource-5.14.21-150400.24.119.1 * kernel-kvmsmall-devel-5.14.21-150400.24.119.1 * kernel-default-base-5.14.21-150400.24.119.1.150400.24.56.1 * kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.119.1 * kernel-default-base-rebuild-5.14.21-150400.24.119.1.150400.24.56.1 * kernel-kvmsmall-debuginfo-5.14.21-150400.24.119.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64) * cluster-md-kmp-default-debuginfo-5.14.21-150400.24.119.1 * kernel-default-extra-debuginfo-5.14.21-150400.24.119.1 * ocfs2-kmp-default-5.14.21-150400.24.119.1 * gfs2-kmp-default-debuginfo-5.14.21-150400.24.119.1 * kernel-default-debuginfo-5.14.21-150400.24.119.1 * dlm-kmp-default-debuginfo-5.14.21-150400.24.119.1 * kernel-default-devel-5.14.21-150400.24.119.1 * cluster-md-kmp-default-5.14.21-150400.24.119.1 * reiserfs-kmp-default-debuginfo-5.14.21-150400.24.119.1 * kernel-obs-build-debugsource-5.14.21-150400.24.119.1 * kernel-default-extra-5.14.21-150400.24.119.1 * ocfs2-kmp-default-debuginfo-5.14.21-150400.24.119.1 * kernel-obs-qa-5.14.21-150400.24.119.1 * reiserfs-kmp-default-5.14.21-150400.24.119.1 * kernel-obs-build-5.14.21-150400.24.119.1 * kernel-default-livepatch-5.14.21-150400.24.119.1 * dlm-kmp-default-5.14.21-150400.24.119.1 * kernel-default-optional-debuginfo-5.14.21-150400.24.119.1 * kernel-default-optional-5.14.21-150400.24.119.1 * kselftests-kmp-default-5.14.21-150400.24.119.1 * gfs2-kmp-default-5.14.21-150400.24.119.1 * kernel-default-devel-debuginfo-5.14.21-150400.24.119.1 * kernel-default-livepatch-devel-5.14.21-150400.24.119.1 * kselftests-kmp-default-debuginfo-5.14.21-150400.24.119.1 * kernel-syms-5.14.21-150400.24.119.1 * kernel-default-debugsource-5.14.21-150400.24.119.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-5.14.21-150400.24.119.1 * openSUSE Leap 15.4 (aarch64 nosrc ppc64le x86_64) * kernel-kvmsmall-5.14.21-150400.24.119.1 * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP4_Update_26-debugsource-1-150400.9.3.1 * kernel-livepatch-5_14_21-150400_24_119-default-debuginfo-1-150400.9.3.1 * kernel-livepatch-5_14_21-150400_24_119-default-1-150400.9.3.1 * openSUSE Leap 15.4 (nosrc s390x) * kernel-zfcpdump-5.14.21-150400.24.119.1 * openSUSE Leap 15.4 (s390x) * kernel-zfcpdump-debugsource-5.14.21-150400.24.119.1 * kernel-zfcpdump-debuginfo-5.14.21-150400.24.119.1 * openSUSE Leap 15.4 (nosrc) * dtb-aarch64-5.14.21-150400.24.119.1 * openSUSE Leap 15.4 (aarch64) * dtb-nvidia-5.14.21-150400.24.119.1 * dtb-rockchip-5.14.21-150400.24.119.1 * kselftests-kmp-64kb-5.14.21-150400.24.119.1 * dtb-freescale-5.14.21-150400.24.119.1 * kselftests-kmp-64kb-debuginfo-5.14.21-150400.24.119.1 * dtb-apm-5.14.21-150400.24.119.1 * ocfs2-kmp-64kb-5.14.21-150400.24.119.1 * kernel-64kb-livepatch-devel-5.14.21-150400.24.119.1 * dtb-mediatek-5.14.21-150400.24.119.1 * dtb-amazon-5.14.21-150400.24.119.1 * kernel-64kb-devel-debuginfo-5.14.21-150400.24.119.1 * dlm-kmp-64kb-5.14.21-150400.24.119.1 * kernel-64kb-debugsource-5.14.21-150400.24.119.1 * gfs2-kmp-64kb-5.14.21-150400.24.119.1 * reiserfs-kmp-64kb-debuginfo-5.14.21-150400.24.119.1 * dtb-arm-5.14.21-150400.24.119.1 * dtb-marvell-5.14.21-150400.24.119.1 * dlm-kmp-64kb-debuginfo-5.14.21-150400.24.119.1 * gfs2-kmp-64kb-debuginfo-5.14.21-150400.24.119.1 * dtb-renesas-5.14.21-150400.24.119.1 * reiserfs-kmp-64kb-5.14.21-150400.24.119.1 * dtb-altera-5.14.21-150400.24.119.1 * dtb-lg-5.14.21-150400.24.119.1 * dtb-socionext-5.14.21-150400.24.119.1 * dtb-xilinx-5.14.21-150400.24.119.1 * cluster-md-kmp-64kb-5.14.21-150400.24.119.1 * dtb-amlogic-5.14.21-150400.24.119.1 * dtb-hisilicon-5.14.21-150400.24.119.1 * dtb-broadcom-5.14.21-150400.24.119.1 * dtb-amd-5.14.21-150400.24.119.1 * ocfs2-kmp-64kb-debuginfo-5.14.21-150400.24.119.1 * dtb-exynos-5.14.21-150400.24.119.1 * kernel-64kb-extra-debuginfo-5.14.21-150400.24.119.1 * dtb-cavium-5.14.21-150400.24.119.1 * dtb-apple-5.14.21-150400.24.119.1 * dtb-qcom-5.14.21-150400.24.119.1 * dtb-sprd-5.14.21-150400.24.119.1 * kernel-64kb-optional-debuginfo-5.14.21-150400.24.119.1 * kernel-64kb-debuginfo-5.14.21-150400.24.119.1 * kernel-64kb-optional-5.14.21-150400.24.119.1 * kernel-64kb-devel-5.14.21-150400.24.119.1 * dtb-allwinner-5.14.21-150400.24.119.1 * kernel-64kb-extra-5.14.21-150400.24.119.1 * cluster-md-kmp-64kb-debuginfo-5.14.21-150400.24.119.1 * openSUSE Leap 15.4 (aarch64 nosrc) * kernel-64kb-5.14.21-150400.24.119.1 * openSUSE Leap Micro 5.3 (aarch64 nosrc x86_64) * kernel-default-5.14.21-150400.24.119.1 * openSUSE Leap Micro 5.3 (aarch64 x86_64) * kernel-default-base-5.14.21-150400.24.119.1.150400.24.56.1 * kernel-default-debugsource-5.14.21-150400.24.119.1 * kernel-default-debuginfo-5.14.21-150400.24.119.1 ## References: * https://www.suse.com/security/cve/CVE-2021-47047.html * https://www.suse.com/security/cve/CVE-2021-47181.html * https://www.suse.com/security/cve/CVE-2021-47182.html * https://www.suse.com/security/cve/CVE-2021-47183.html * https://www.suse.com/security/cve/CVE-2021-47184.html * https://www.suse.com/security/cve/CVE-2021-47185.html * https://www.suse.com/security/cve/CVE-2021-47187.html * https://www.suse.com/security/cve/CVE-2021-47188.html * https://www.suse.com/security/cve/CVE-2021-47189.html * https://www.suse.com/security/cve/CVE-2021-47191.html * https://www.suse.com/security/cve/CVE-2021-47192.html * https://www.suse.com/security/cve/CVE-2021-47193.html * https://www.suse.com/security/cve/CVE-2021-47194.html * https://www.suse.com/security/cve/CVE-2021-47195.html * https://www.suse.com/security/cve/CVE-2021-47196.html * https://www.suse.com/security/cve/CVE-2021-47197.html * https://www.suse.com/security/cve/CVE-2021-47198.html * https://www.suse.com/security/cve/CVE-2021-47199.html * https://www.suse.com/security/cve/CVE-2021-47200.html * https://www.suse.com/security/cve/CVE-2021-47201.html * https://www.suse.com/security/cve/CVE-2021-47202.html * https://www.suse.com/security/cve/CVE-2021-47203.html * https://www.suse.com/security/cve/CVE-2021-47204.html * https://www.suse.com/security/cve/CVE-2021-47205.html * https://www.suse.com/security/cve/CVE-2021-47206.html * https://www.suse.com/security/cve/CVE-2021-47207.html * https://www.suse.com/security/cve/CVE-2021-47209.html * https://www.suse.com/security/cve/CVE-2021-47210.html * https://www.suse.com/security/cve/CVE-2021-47211.html * https://www.suse.com/security/cve/CVE-2021-47212.html * https://www.suse.com/security/cve/CVE-2021-47215.html * https://www.suse.com/security/cve/CVE-2021-47216.html * https://www.suse.com/security/cve/CVE-2021-47217.html * https://www.suse.com/security/cve/CVE-2021-47218.html * https://www.suse.com/security/cve/CVE-2021-47219.html * https://www.suse.com/security/cve/CVE-2022-48631.html * https://www.suse.com/security/cve/CVE-2022-48637.html * https://www.suse.com/security/cve/CVE-2022-48638.html * https://www.suse.com/security/cve/CVE-2022-48647.html * https://www.suse.com/security/cve/CVE-2022-48648.html * https://www.suse.com/security/cve/CVE-2022-48650.html * https://www.suse.com/security/cve/CVE-2022-48651.html * https://www.suse.com/security/cve/CVE-2022-48653.html * https://www.suse.com/security/cve/CVE-2022-48654.html * https://www.suse.com/security/cve/CVE-2022-48655.html * https://www.suse.com/security/cve/CVE-2022-48656.html * https://www.suse.com/security/cve/CVE-2022-48657.html * https://www.suse.com/security/cve/CVE-2022-48660.html * https://www.suse.com/security/cve/CVE-2022-48662.html * https://www.suse.com/security/cve/CVE-2022-48663.html * https://www.suse.com/security/cve/CVE-2022-48667.html * https://www.suse.com/security/cve/CVE-2022-48668.html * https://www.suse.com/security/cve/CVE-2023-0160.html * https://www.suse.com/security/cve/CVE-2023-4881.html * https://www.suse.com/security/cve/CVE-2023-52476.html * https://www.suse.com/security/cve/CVE-2023-52500.html * https://www.suse.com/security/cve/CVE-2023-52590.html * https://www.suse.com/security/cve/CVE-2023-52591.html * https://www.suse.com/security/cve/CVE-2023-52607.html * https://www.suse.com/security/cve/CVE-2023-52616.html * https://www.suse.com/security/cve/CVE-2023-52628.html * https://www.suse.com/security/cve/CVE-2023-6270.html * https://www.suse.com/security/cve/CVE-2023-7042.html * https://www.suse.com/security/cve/CVE-2023-7192.html * https://www.suse.com/security/cve/CVE-2024-0841.html * https://www.suse.com/security/cve/CVE-2024-22099.html * https://www.suse.com/security/cve/CVE-2024-23307.html * https://www.suse.com/security/cve/CVE-2024-23848.html * https://www.suse.com/security/cve/CVE-2024-23850.html * https://www.suse.com/security/cve/CVE-2024-25742.html * https://www.suse.com/security/cve/CVE-2024-26601.html * https://www.suse.com/security/cve/CVE-2024-26610.html * https://www.suse.com/security/cve/CVE-2024-26614.html * https://www.suse.com/security/cve/CVE-2024-26642.html * https://www.suse.com/security/cve/CVE-2024-26687.html * https://www.suse.com/security/cve/CVE-2024-26688.html * https://www.suse.com/security/cve/CVE-2024-26689.html * https://www.suse.com/security/cve/CVE-2024-26704.html * https://www.suse.com/security/cve/CVE-2024-26727.html * https://www.suse.com/security/cve/CVE-2024-26733.html * https://www.suse.com/security/cve/CVE-2024-26739.html * https://www.suse.com/security/cve/CVE-2024-26764.html * https://www.suse.com/security/cve/CVE-2024-26766.html * https://www.suse.com/security/cve/CVE-2024-26773.html * https://www.suse.com/security/cve/CVE-2024-26792.html * https://www.suse.com/security/cve/CVE-2024-26816.html * https://www.suse.com/security/cve/CVE-2024-26898.html * https://www.suse.com/security/cve/CVE-2024-26903.html * https://www.suse.com/security/cve/CVE-2024-27043.html * https://www.suse.com/security/cve/CVE-2024-27389.html * https://bugzilla.suse.com/show_bug.cgi?id=1192145 * https://bugzilla.suse.com/show_bug.cgi?id=1209657 * https://bugzilla.suse.com/show_bug.cgi?id=1215221 * https://bugzilla.suse.com/show_bug.cgi?id=1216223 * https://bugzilla.suse.com/show_bug.cgi?id=1218336 * https://bugzilla.suse.com/show_bug.cgi?id=1218479 * https://bugzilla.suse.com/show_bug.cgi?id=1218562 * https://bugzilla.suse.com/show_bug.cgi?id=1219104 * https://bugzilla.suse.com/show_bug.cgi?id=1219126 * https://bugzilla.suse.com/show_bug.cgi?id=1219169 * https://bugzilla.suse.com/show_bug.cgi?id=1219170 * https://bugzilla.suse.com/show_bug.cgi?id=1219264 * https://bugzilla.suse.com/show_bug.cgi?id=1220342 * https://bugzilla.suse.com/show_bug.cgi?id=1220703 * https://bugzilla.suse.com/show_bug.cgi?id=1220761 * https://bugzilla.suse.com/show_bug.cgi?id=1220883 * https://bugzilla.suse.com/show_bug.cgi?id=1221044 * https://bugzilla.suse.com/show_bug.cgi?id=1221061 * https://bugzilla.suse.com/show_bug.cgi?id=1221088 * https://bugzilla.suse.com/show_bug.cgi?id=1221293 * https://bugzilla.suse.com/show_bug.cgi?id=1221299 * https://bugzilla.suse.com/show_bug.cgi?id=1221612 * https://bugzilla.suse.com/show_bug.cgi?id=1221725 * https://bugzilla.suse.com/show_bug.cgi?id=1221830 * https://bugzilla.suse.com/show_bug.cgi?id=1222117 * https://bugzilla.suse.com/show_bug.cgi?id=1222422 * https://bugzilla.suse.com/show_bug.cgi?id=1222430 * https://bugzilla.suse.com/show_bug.cgi?id=1222435 * https://bugzilla.suse.com/show_bug.cgi?id=1222482 * https://bugzilla.suse.com/show_bug.cgi?id=1222503 * https://bugzilla.suse.com/show_bug.cgi?id=1222536 * https://bugzilla.suse.com/show_bug.cgi?id=1222559 * https://bugzilla.suse.com/show_bug.cgi?id=1222585 * https://bugzilla.suse.com/show_bug.cgi?id=1222618 * https://bugzilla.suse.com/show_bug.cgi?id=1222624 * https://bugzilla.suse.com/show_bug.cgi?id=1222660 * https://bugzilla.suse.com/show_bug.cgi?id=1222662 * https://bugzilla.suse.com/show_bug.cgi?id=1222664 * https://bugzilla.suse.com/show_bug.cgi?id=1222666 * https://bugzilla.suse.com/show_bug.cgi?id=1222669 * https://bugzilla.suse.com/show_bug.cgi?id=1222671 * https://bugzilla.suse.com/show_bug.cgi?id=1222703 * https://bugzilla.suse.com/show_bug.cgi?id=1222704 * https://bugzilla.suse.com/show_bug.cgi?id=1222706 * https://bugzilla.suse.com/show_bug.cgi?id=1222709 * https://bugzilla.suse.com/show_bug.cgi?id=1222721 * https://bugzilla.suse.com/show_bug.cgi?id=1222726 * https://bugzilla.suse.com/show_bug.cgi?id=1222773 * https://bugzilla.suse.com/show_bug.cgi?id=1222776 * https://bugzilla.suse.com/show_bug.cgi?id=1222785 * https://bugzilla.suse.com/show_bug.cgi?id=1222787 * https://bugzilla.suse.com/show_bug.cgi?id=1222790 * https://bugzilla.suse.com/show_bug.cgi?id=1222791 * https://bugzilla.suse.com/show_bug.cgi?id=1222792 * https://bugzilla.suse.com/show_bug.cgi?id=1222796 * https://bugzilla.suse.com/show_bug.cgi?id=1222824 * https://bugzilla.suse.com/show_bug.cgi?id=1222829 * https://bugzilla.suse.com/show_bug.cgi?id=1222832 * https://bugzilla.suse.com/show_bug.cgi?id=1222836 * https://bugzilla.suse.com/show_bug.cgi?id=1222838 * https://bugzilla.suse.com/show_bug.cgi?id=1222866 * https://bugzilla.suse.com/show_bug.cgi?id=1222867 * https://bugzilla.suse.com/show_bug.cgi?id=1222869 * https://bugzilla.suse.com/show_bug.cgi?id=1222876 * https://bugzilla.suse.com/show_bug.cgi?id=1222878 * https://bugzilla.suse.com/show_bug.cgi?id=1222879 * https://bugzilla.suse.com/show_bug.cgi?id=1222881 * https://bugzilla.suse.com/show_bug.cgi?id=1222883 * https://bugzilla.suse.com/show_bug.cgi?id=1222888 * https://bugzilla.suse.com/show_bug.cgi?id=1222894 * https://bugzilla.suse.com/show_bug.cgi?id=1222901 * https://bugzilla.suse.com/show_bug.cgi?id=1223016 * https://bugzilla.suse.com/show_bug.cgi?id=1223187 * https://bugzilla.suse.com/show_bug.cgi?id=1223380 * https://bugzilla.suse.com/show_bug.cgi?id=1223474 * https://bugzilla.suse.com/show_bug.cgi?id=1223475 * https://bugzilla.suse.com/show_bug.cgi?id=1223477 * https://bugzilla.suse.com/show_bug.cgi?id=1223479 * https://bugzilla.suse.com/show_bug.cgi?id=1223482 * https://bugzilla.suse.com/show_bug.cgi?id=1223484 * https://bugzilla.suse.com/show_bug.cgi?id=1223487 * https://bugzilla.suse.com/show_bug.cgi?id=1223503 * https://bugzilla.suse.com/show_bug.cgi?id=1223505 * https://bugzilla.suse.com/show_bug.cgi?id=1223509 * https://bugzilla.suse.com/show_bug.cgi?id=1223513 * https://bugzilla.suse.com/show_bug.cgi?id=1223516 * https://bugzilla.suse.com/show_bug.cgi?id=1223517 * https://bugzilla.suse.com/show_bug.cgi?id=1223518 * https://bugzilla.suse.com/show_bug.cgi?id=1223519 * https://bugzilla.suse.com/show_bug.cgi?id=1223522 * https://bugzilla.suse.com/show_bug.cgi?id=1223523 * https://bugzilla.suse.com/show_bug.cgi?id=1223705 * https://bugzilla.suse.com/show_bug.cgi?id=1223824 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue May 14 16:33:49 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 14 May 2024 16:33:49 -0000 Subject: SUSE-SU-2024:1639-1: important: Security update for python-arcomplete, python-Fabric, python-PyGithub, python-antlr4-python3-runtime, python-avro, python-chardet, python-distro, python-docker, python-fakeredis, python-fixedint, pyth Message-ID: <171570442969.20442.9450563022672893924@smelt2.prg2.suse.org> # Security update for python-arcomplete, python-Fabric, python-PyGithub, python- antlr4-python3-runtime, python-avro, python-chardet, python-distro, python- docker, python-fakeredis, python-fixedint, pyth Announcement ID: SUSE-SU-2024:1639-1 Rating: important References: * bsc#1209571 * bsc#1209811 * bsc#1209812 * bsc#1216606 * bsc#1222880 * bsc#761162 Cross-References: * CVE-2023-28858 * CVE-2023-28859 CVSS scores: * CVE-2023-28858 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2023-28858 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2023-28859 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2023-28859 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * Public Cloud Module 15-SP4 * Public Cloud Module 15-SP5 * Python 3 Module 15-SP5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves two vulnerabilities and has four security fixes can now be installed. ## Description: This update for python-argcomplete, python-Fabric, python-PyGithub, python- antlr4-python3-runtime, python-avro, python-chardet, python-distro, python- docker, python-fakeredis, python-fixedint, python-httplib2, python-httpretty, python-javaproperties, python-jsondiff, python-knack, python-marshmallow, python-opencensus, python-opencensus-context, python-opencensus-ext-threading, python-opentelemetry-api, python-opentelemetry-sdk, python-opentelemetry- semantic-conventions, python-opentelemetry-test-utils, python-pycomposefile, python-pydash, python-redis, python-retrying, python-semver, python-sshtunnel, python-strictyaml, python-sure, python-vcrpy, python-xmltodict contains the following fixes: Changes in python-argcomplete \- Update to 3.3.0 (bsc#1222880): * Preserve compatibility with argparse option tuples of length 4. This update is required to use argcomplete on Python 3.11.9+ or 3.12.3+. \- update to 3.2.3: * Allow register-python-argcomplete output to be used as lazy-loaded zsh completion module (#475) \- Move debug_stream initialization to helper method to allow fd 9 behavior to be overridden in subclasses (#471) * update to 3.2.2: * Expand tilde in zsh * Remove coverage check * Fix zsh test failures: avoid coloring terminal * update to 3.2.1: * Allow explicit zsh global completion activation (#467) * Fix and test global completion in zsh (#463, #466) * Add ?yes option to activate-global-python-argcomplete (#461) * Test suite improvements * drop without_zsh.patch: obsolete * update to 3.1.6: * Respect user choice in activate-global-python-argcomplete * Escape colon in zsh completions. Fixes #456 * Call _default as a fallback in zsh global completion * update to 3.1.4: * Call _default as a fallback in zsh global completion * zsh: Allow to use external script (#453) * Add support for Python 3.12 and drop EOL 3.6 and 3.7 (#449) * Use homebrew prefix by default * zsh: Allow to use external script (#453) Changes in python-Fabric: \- Update to 3.2.2 \- add fix-test-deps.patch to remove vendored dependencies *[Bug]: fabric.runners.Remote failed to properly deregister its SIGWINCH signal handler on shutdown; in rare situations this could cause tracebacks when the Python process receives SIGWINCH while no remote session is active. This has been fixed. * [Bug] #2204: The signal handling functionality added in Fabric 2.6 caused unrecoverable tracebacks when invoked from inside a thread (such as the use of fabric.group.ThreadingGroup) under certain interpreter versions. This has been fixed by simply refusing to register signal handlers when not in the main thread. Thanks to Francesco Giordano and others for the reports. * [Bug]: Neglected to actually add deprecated to our runtime dependency specification (it was still in our development dependencies). This has been fixed. * [Feature]: Enhanced fabric.testing in ways large and small: Backwards-compatibly merged the functionality of MockSFTP into MockRemote (may be opted-into by instantiating the latter with enable_sftp=True) so you can mock out both SSH and SFTP functionality in the same test, which was previously impossible. It also means you can use this in a Pytest autouse fixture to prevent any tests from accidentally hitting the network! A new pytest fixture, remote_with_sftp, has been added which leverages the previous bullet point (an all-in-one fixture suitable for, eg, preventing any incidental ssh/sftp attempts during test execution). A pile of documentation and test enhancements (yes, testing our testing helpers is a thing). * [Support]: Added a new runtime dependency on the Deprecated library. * [Support]: Language update: applied s/sanity/safety/g to the codebase (with the few actual API members using the term now marked deprecated & new ones added in the meantime, mostly in fabric.testing). * [Feature]: Add a new CLI flag to fab, fab --list-agent-keys, which will attempt to connect to your local SSH agent and print a key list, similarly to ssh-add -l. This is mostly useful for expectations-checking Fabric and Paramiko?s agent functionality, or for situations where you might not have ssh-add handy. * [Feature]: Implement opt-in support for Paramiko 3.2?s AuthStrategy machinery, as follows: Added a new module and class, fabric.auth.OpenSSHAuthStrategy, which leverages aforementioned new Paramiko functionality to marry loaded SSH config files with Fabric-level and runtime- level parameters, arriving at what should be OpenSSH-client-compatible authentication behavior. See its API docs for details. Added new configuration settings: authentication.strategy_class, which defaults to None, but can be set to OpenSSHAuthStrategy to opt-in to the new behavior. authentication.identities, which defaults to the empty list, and can be a list of private key paths for use by the new strategy class. * [Bug] #2263: Explicitly add our dependency on decorator to setup.py instead of using Invoke?s old, now removed, vendored copy of same. This allows Fabric to happily use Invoke 2.1 and above * Update to 3.0.1 * [Bug] #2241: A typo prevented Fabric?s command runner from properly calling its superclass stop() method, which in tandem with a related Invoke bug meant messy or long shutdowns in many scenarios. * Changes from 3.0.0 * [Feature]: Change the default configuration value for inline_ssh_env from False to True, to better align with the practicalities of common SSH server configurations. * Warning This change is backwards incompatible if you were using environment-variable-setting kwargs or config settings, such as Connection.run(command, env={'SOME': 'ENV VARS'}), and were not already explicitly specifying the value of inline_ssh_env. * [Bug] #1981: (fixed in #2195) Automatically close any open SFTP session during fabric.connection.Connection.close; this avoids issues encountered upon re-opening a previously-closed connection object. * [Support]: Drop support for Python <3.6, including Python 2. * Warning This is a backwards incompatible change if you are not yet on Python 3.6 or above; however, pip shouldn?t offer you this version of Fabric as long as your pip version understands python_requires metadata. * Drop remove-mock.patch because now in upstream. * Drop remove-pathlib2.patch because now in upstream. * Add %{?sle15_python_module_pythons} * Remove conditional definition of python_module. * Add patch remove-pathlib2.patch: * Drop install_requires on pathlib2. * Update to 2.7.1: * [Bug] #1924: (also #2007) Overhaul behavior and testing re: merging together different sources for the key_filename parameter in Connection.connect_kwargs. This fixes a number of type-related errors (string objects have no extend attribute, cannot add lists to strings, etc). * Update to 2.7.0: * Add ~fabric.connection.Connection.shell, a belated port of the v1 open_shell() feature. * Forward local terminal resizes to the remote end, when applicable. (For the technical: this means we now turn SIGWINCH into SSH window-change messages.) * Update ~fabric.connection.Connection temporarily so that it doesn't incidentally apply replace_env=True to local shell commands, only remote ones. * Add patch remove-mock.patch: * Use unittest.mock, instead of mock * pytest-relaxed now supports pytest 6, so test on all python versions. * Don't test on python310 -- gh#bitprophet/pytest-relaxed#12 (This is mainly required by azure-cli in the primary python3 flavor) * Update to 2.6.0: * [Feature] #1999: Add sudo support to Group. Thanks to Bonnie Hardin for the report and to Winston Nolan for an early patchset. * [Feature] #1810: Add put/get support to Group. * [Feature] #1868: Ported a feature from v1: interpolating the local path argument in Transfer.get with connection and remote filepath attributes. For example, cxn.get(remote="/var/log/foo.log", local="{host}/") is now feasible for storing a file in per-host-named directories or files, and in fact Group.get does this by default. * [Feature]: When the local path argument to Transfer.get contains nonexistent directories, they are now created instead of raising an error. Warning: This change introduces a new runtime dependency: pathlib2. * [Bug]: Fix a handful of issues in the handling and mocking of SFTP local paths and os.path members within fabric.testing; this should remove some occasional ?useless Mocks? as well as hewing closer to the real behavior of things like os.path.abspath re: path normalization. * Update Requires from setup.py Changes in python-PyGithub: \- Switch package to modern Python Stack on SLE-15 \+ Add %{?sle15_python_module_pythons} \+ Drop %{?!python_module:%define python_module() python-%{ **} python3-%{** }} \+ Drop %define skip_python2 1 * Update to 1.57 Breaking Changes * Add support for Python 3.11, drop support for Python 3.6 (#2332) (1e2f10d) Bug Fixes & Improvements * Speed up get requested reviewers and teams for pr (#2349) (6725ece) * [WorkflowRun] - Add missing attributes (run_started_at & run_attempt), remove deprecated unicode type (#2273) (3a6235b) * Add support for repository autolink references (#2016) (0fadd6b) * Add retry and pool_size to typing (#2151) (784a3ef) * Fix/types for repo topic team (#2341) (db9337a) * Add class Artifact (#2313) (#2319) (437ff84) * Update to 1.56 This is the last release that will support Python 3.6. *Bug Fixes & Improvements Create repo from template (#2090) (b50283a) Improve signature of Repository.create_repo (#2118) (001970d) Add support for 'visibility' attribute preview for Repositories (#1872) (8d1397a) Add Repository.rename_branch method (#2089) (6452ddf) Add function to delete pending reviews on a pull request (#1897) (c8a945b) Cover all code paths in search_commits (#2087) (f1faf94) Correctly deal when PaginatedList's data is a dict (#2084) (93b92cd) Add two_factor_authentication in AuthenticatedUser. (#1972) (4f00cbf) Add ProjectCard.edit() to the type stub (#2080) (d417e4c) Add method to delete Workflow runs (#2078) (b1c8eec) Implement organization.cancel_invitation() (#2072) (53fb498) Feat: Add html_url property in Team Class. (#1983) (6570892) Add support for Python 3.10 (#2073) (aa694f8) Add github actions secrets to org (#2006) (bc5e595) Correct replay for Organization.create_project() test (#2075) (fcc1236) Fix install command example (#2043) (99e00a2) Fix: #1671 Convert Python Bool to API Parameter for Authenticated User Notifications (#2001) (1da600a) Do not transform requestHeaders when logging (#1965) (1265747) Add type to OrderedDict (#1954) (ed7d0fe) Add Commit.get_pulls() to pyi (#1958) (b466470) Adding headers in GithubException is a breaking change (#1931) (d1644e3) * Update to 1.55: * Remove client_id/client_secret authentication (#1888) (901af8c8) * Adjust to Github API changes regarding emails (#1890) (2c77cfad) * This impacts what AuthenticatedUser.get_emails() returns * Export headers in GithubException (#1887) (ddd437a7) * Do not import from unpackaged paths in typing (#1926) (27ba7838) * Implement hash for CompletableGithubObject (#1922) (4faff23c) * Use right variable in both get_check_runs() (#1889) (3003e065) * fix bad assertions in github.Project.edit (#1817) (6bae9e5c) * Add support for deleting repository secrets (#1868) (696793de) * Adding github actions secrets (#1681) (c90c050e) * Drop support for Python 3.5 (#1770) (63e4fae9) * Fix stubs file for Repository (fab682a5) * The Github.get_installation(integer) method has been removed. * Repository.create_deployment()'s payload parameter is now a dictionary. * Add support for Check Suites (#1764) (6d501b28) * Add missing preview features of Deployment and Deployment Statuses API * Add Support for Check Runs (#1727) (c77c0676) * Add WorkflowRun.workflow_id (#1737) (78a29a7c) * Added support for the Self-Hosted actions runners API (#1684) (24251f4b) * Fix Branch protection status in the examples (#1729) (88800844) * Filter the DeprecationWarning in Team tests (#1728) (23f47539) * Added get_installations() to Organizations (#1695) (b42fb244) * Fix #1507: Add new Teams: Add or update team repository endpoint * Added support for `Repository.get_workflow_runs` parameters * feat(pullrequest): add the rebaseable attribute (#1690) (ee4c7a7e) * Add support for deleting reactions (#1708) (f7d203c0) * Add get_timeline() to Issue's type stubs (#1663) (6bc9ecc8) * Update to 1.53: * Add method get_team_membership for user to Team (#1658) (749e8d35) * PaginatedList's totalCount is 0 if no last page (#1641) (69b37b4a) * Add initial support for Github Apps. (#1631) (260558c1) * Add delete_branch_on_merge arg to Repository.edit type stub (#1639) (15b5ae0c) * upload_asset with data in memory (#1601) (a7786393) * Make Issue.closed_by nullable (#1629) (06dae387) * Add support for workflow dispatch event (#1625) (16850ef1) * Do not check reaction_type before sending (#1592) (136a3e80) * more flexible header splitting (#1616) (85e71361) * Add support for deployment statuses (#1588) (048c8a1d) * Adds the 'twitter_username' attribute to NamedUser. (#1585) (079f75a7) * Add support for Workflow Runs (#1583) (4fb1d23f) * Small documentation correction in Repository.py (#1565) (f0f6ec83) * Remove "api_preview" parameter from type stubs and docstrings (#1559) (cc1b884c) * Repository.update_file() content also accepts bytes (#1543) (9fb8588b) * Fix Repository.get_issues stub (#1540) (b40b75f8) * Check all arguments of NamedUser.get_repos() (#1532) (69bfc325) * Remove RateLimit.rate (#1529) (7abf6004) * PullRequestReview is not a completable object (#1528) (19fc43ab) * Remove pointless setters in GitReleaseAsset (#1527) (1dd1cf9c) * Drop some unimplemented methods in GitRef (#1525) (d4b61311) * Fixed formatting of docstrings for `Repository.create_git_tag_and_release()` and `StatsPunchCard`. (#1520) (ce400bc7) * Remove Repository.topics (#1505) (53d58d2b) * Correct Repository.get_workflows() (#1518) (8727003f) * correct Repository.stargazers_count return type to int (#1513) (b5737d41) * Raise a FutureWarning on use of client_{id,secret} (#1506) (2475fa66) * Improve type signature for create_from_raw_data (#1503) (c7b5eff0) * feat(column): move, edit and delete project columns (#1497) (a32a8965) * Add support for Workflows (#1496) (a1ed7c0e) * Add OAuth support for GitHub applications (4b437110) * Create AccessToken entity (4a6468aa) * Extend installation attributes (61808da1) * Update to 1.51 * New features * PyGithub now supports type checking * Ability to retrieve public events * Add and handle the maintainer_can_modify attribute in PullRequest * List matching references * Add create_repository_dispatch * Add some Organization and Repository attributes. * Add create project method * Bug Fixes & Improvements * Drop use of shadow-cat for draft PRs * AuthenticatedUser.get_organization_membership() should be str * Drop documentation for len() of PaginatedList * Fix param name of projectcard's move function * Correct typos found with codespell * Export IncompletableObject in the github namespace * Add GitHub Action workflow for checks * Drop unneeded ignore rule for flake8 * Use pytest to parametrize tests * Type stubs are now packaged with the build * Get the project column by id * Drop parametrized and pytest-cov from BuildRequires. * Update to 1.47 * Bug Fixes & Improvements * Add support to edit and delete a project (#1434) (f11f739) * Add method for fetching pull requests associated with a commit (#1433) (0c55381) * Add "get_repo_permission" to Team class (#1416) (219bde5) * Add list projects support, update tests (#1431) (e44d11d) * Don't transform completely in PullRequest.*assignees (#1428) (b1c3549) * Add create_project support, add tests (#1429) (bf62f75) * Add draft attribute, update test (bd28524) * Docstring for Repository.create_git_tag_and_release (#1425) (bfeacde) * Create a tox docs environment (#1426) (b30c09a) * Add Deployments API (#1424) (3d93ee1) * Add support for editing project cards (#1418) (425280c) * Add draft flag parameter, update tests (bd0211e) * Switch to using pytest (#1423) (c822dd1) * Fix GitMembership with a hammer (#1420) (f2939eb) * Add support to reply to a Pull request comment (#1374) (1c82573) * PullRequest.update_branch(): allow expected_head_sha to be empty (#1412) (806130e) * Implement ProjectCard.delete() (#1417) (aeb27b7) * Add pre-commit plugin for black/isort/flake8 (#1398) (08b1c47) * Add tox (#1388) (125536f) * Open file in text mode in scripts/add_attribute.py (#1396) (0396a49) * Silence most ResourceWarnings (#1393) (dd31a70) * Assert more attributes in Membership (#1391) (d6dee01) * Assert on changed Repository attributes (#1390) (6e3ceb1) * Add reset to the repr for Rate (#1389) (0829af8) * Update to 1.46 * Bug Fixes & Improvements * Add repo edit support for delete_branch_on_merge * Fix mistake in Repository.create_fork() * Correct two attributes in Invitation * Search repo issues by string label * Correct Repository.create_git_tag_and_release() * exposed seats and filled_seats for Github Organization Plan * Repository.create_project() body is optional * Implement move action for ProjectCard * Tidy up ProjectCard.get_content() * Added nested teams and parent * Correct parameter for Label.edit * doc: example of Pull Request creation * Fix PyPI wheel deployment * No longer build Python 2 package * Drop BuildRequires on mock, no longer required * Drop no-hardcoded-dep.patch, no longer required * Update to 1.45: * Breaking Changes * Branch.edit_{user,team} _push_restrictions() have been removed The new API is: Branch.add_ {user,team} _push_restrictions() to add new members Branch.replace_ {user,team} _push_restrictions() to replace all members Branch.remove_ {user,team}_push_restrictions() to remove members * The api_preview parameter to Github() has been removed. * Bug Fixes & Improvements * Allow sha=None for InputGitTreeElement * Support github timeline events. * Add support for update branch * Refactor Logging tests * Fix rtd build * Apply black to whole codebase * Fix class used returning pull request comments * Support for create_fork * Use Repository.get_contents() in tests * Allow GithubObject.update() to be passed headers * Correct URL for assignees on PRs * Use inclusive ordered comparison for 'parameterized' requirement * Deprecate Repository.get_dir_contents() * Apply some polish to manage.sh * Refresh no-hardcoded-dep.patch * Add patch to not pull in hardcoded dependencies: * no-hardcoded-dep.patch * Update to 1.44.1: * Too many changes to enumerate. * Drop PyGithub-drop-network-tests.patch, the test in question no longer requires network access. * Drop fix-httpretty-dep.patch, the httpretty requirement has been relaxed upstream. * Use %python_expand to run the test suite, it works fine on Python 3 now. * Add mock and parameterized to BuildRequires, the test suite requires them. * Update to 1.43.8: * Add two factor attributes on organizations (#1132) (a073168) * Add Repository methods for pending invitations (#1159) (57af1e0) * Adds get_issue_events to PullRequest object (#1154) (acd515a) * Add invitee and inviter to Invitation (#1156) (0f2beac) * Adding support for pending team invitations (#993) (edab176) * Add support for custom base_url in GithubIntegration class (#1093) (6cd0d64) * GithubIntegration: enable getting installation (#1135) (1818704) * Add sorting capability to Organization.get_repos() (#1139) (ef6f009) * Add new Organization.get_team_by_slug method (#1144) (4349bca) * Add description field when creating a new team (#1125) (4a37860) * Handle a path of / in Repository.get_contents() (#1070) (102c820) * Add issue lock/unlock (#1107) (ec7bbcf) * Fix bug in recursive repository contents example (#1166) (8b6b450) * Allow name to be specified for upload_asset (#1151) (8d2a6b5) * Fixes #1106 for GitHub Enterprise API (#1110) (5406579) * Update to 1.43.7: * Exclude tests from PyPI distribution (#1031) (78d283b9) * Add codecov badge (#1090) (4c0b54c0) * Update to 1.43.6: * New features o Add support for Python 3.7 (#1028) (6faa00ac) o Adding HTTP retry functionality via urllib3 (#1002) (5ae7af55) o Add new dismiss() method on PullRequestReview (#1053) (8ef71b1b) o Add since and before to get_notifications (#1074) (7ee6c417) o Add url parameter to include anonymous contributors in get_contributors (#1075) (293846be) o Provide option to extend expiration of jwt token (#1068) (86a9d8e9) * Bug Fixes & Improvements o Fix the default parameter for PullRequest.create_review (#1058) (118def30) o Fix get_access_token (#1042) (6a89eb64) o Fix Organization.add_to_members role passing (#1039) (480f91cf) * Deprecation o Remove Status API (6efd6318) * Add patch fix-httpretty-dep.patch Changes in python-antlr4-python3-runtime: * Switch package to modern Python Stack on SLE-15 * Add %{?sle15_python_module_pythons} * Drop %{?!python_module:%define python_module() python-%{ **} python3-%{** }} * Drop %define skip_python2 1 * Drop support for older Python 3.x versions * fix build for python 3.12 * require setuptools * Update to version 4.13.1 csharp target * [CSharp] Fix for #4386 -- change signatures for ReportAttemptingFullContext() and ReportContextSensitivity() to be identical to all other targets (target:csharp, type:cleanup) go target * Move GetText(), SetText(), and String() from CommonToken to BaseToken (target:go, type:cleanup) * Restore "Obtained from string" source name. (target:go, type:cleanup) * fix: Fix very minor code issues spotted by goreportcard.com (target:go, type:cleanup) java target * Java: suppress this-escape warning introduced in JDK 21. (actions, target:java) javascript target * Adds default targets for babel configuration (target:javascript) * fix dependabot warnings (target:javascript, type:cleanup) swift target * [SWIFT] Add Antlr4Dynamic product (target:swift) * Cleanup duplicate SwiftTarget code (target:swift, type:cleanup) dart target * [Dart] Fix for #4320--export additional types (type:bug, target:dart) * from version 4.13.0 Issues fixed * antlr4 jar doubled in size in 4.9.3 (unicode, comp:performance) * Go: exponentially bad/absymal performance as of ... (type:bug, target:go) * Go runtime panic (type:bug, target:go) Improvements, features * Update LexerATNSimulator.cs with virtual Consume (type:improvement, target:csharp) * Feature/fixembedding (type:improvement, target:go, comp:performance) * Provide Javascript port of TokenStreamRewriter (type:feature, target:javascript, target:typescript) * from version 4.12.0 Issues fixed * github actions now fail for python2 and ubuntu clang and ubuntu swift (comp:runtime, comp:build, comp:testing) * js mergeArrays output differs from java (atn-analysis, target:javascript) * C++ target fails Performance/DropLoopEntryBranchInLRRule_4.txt (atn- analysis, type:bug, target:cpp) * Wrong grammarFileName in generated code (code-gen, type:bug) * C++ crashes on new test ParserExec/ListLabelsOnRuleRefStartOfAlt.txt (atn- analysis, type:bug, target:cpp) * [JavaScript runtime] Bad field name, bad comments (type:bug) Improvements, features * Fully qualify std::move invocations to fix -Wunqualified-std-cast-call (type:improvement, target:cpp) * Extract FileUtils updates by @ericvergnaud (type:improvement, cross- platform-issue, comp:testing) * Extract unit test updates by @ericvergnaud needed for TypeScript (type:improvement, comp:testing) * [Go target] Fix for #3926: Add accessors for tree navigation to interfaces in generated parser (trees-contexts, code-gen, type:improvement, target:go) * GitHub Workflows security hardening (actions, type:improvement, comp:testing) * from version 4.11.1 * Just fixes 4.11.0 release issue. I forgot to change runtime tool version so it didn't say SNAPSHOT. * from version 4.11.0 Issues fixed * Disable failing CI tests in master (comp:build, comp:testing) * Create accessor for Go-based IntervalSet.intervals (target:go) * Grammar Name Conflict Golang with SPARQL issue (target:go, type:cleanup) * Dependency declaration error in ANTLR 4.10.1 (comp:build) * Drop old version of Visual Studio C++ (2013, 2015, 2017) (comp:build, target:cpp) * Circular grammar inclusion causes stack overflow in the tool. (comp:tool, type:bug) * Cpp, Go, JavaScript, Python2/3: Template rendering error. (code-gen, comp:runtime, target:java, target:javascript, target:python2, target:python3, target:go) Improvements, features * Augment error message during testing to include full cause of problem. (type:improvement, comp:testing) * Include swift & tool verification in CI workflow (type:improvement, comp:build, cross-platform-issue, target:swift) * Issue #3783: CI Check Builds (type:improvement, comp:build, cross-platform- issue, comp:testing) * Parallel lock free testing, remove potential deadlocks, cache static data, go to descriptor via test (comp:runtime, type:improvement, comp:testing) * update getting-started doc (type:improvement, comp:doc) * Getting Started has error (type:improvement, comp:doc) * new nuget directory for building ANTLR4 C++ runtime as 3 Nuget packages (type:improvement, comp:build, target:cpp) * Add interp tool like TestRig (comp:tool, type:feature) * Issue 3720: Java 2 Security issue (type:improvement, target:java) * Cpp: Disable warnings for external project (type:bug, type:improvement, target:cpp) * Fix Docker README for arm OS user (type:improvement, comp:doc) * from version 4.10.1 * [C++] Remove reference to antlrcpp:s2ws * Update publishing instruction for Dart * from version 4.10.0 Issues fixed * C++ runtime: Version identifier macro ? (target:cpp, type:cleanup) * Generating XPath lexer/parser (actions, type:bug) * do we need this C++ ATN serialization? (target:cpp, type:cleanup) * Incorrect type of token with number 0xFFFF because of incorrect ATN serialization (atn-analysis, type:bug) * Clean up ATN serialization: rm UUID and shifting by value of 2 (atn- analysis, type:cleanup) * The parseFile method of the InterpreterDataReader class is missing code: "line = br.readLine();" (type:bug, target:java) * antlr.runtime.standard 4.9.3 invalid strong name. (type:bug, comp:build, target:csharp) * Serialized ATN data element 810567 element 11 out of range 0..65535 (atn- analysis, type:cleanup) * Go target, unable to check when custom error strategy is in recovery mode (target:go) * Escape issue for characeters (grammars, type:bug) * antlr4 java.lang.NullPointerException Antlr 4 4.8 (grammars, comp:tool, type:bug) * UnsupportedOperationException while generating code for large grammars. (atn-analysis, type:cleanup) * Add a more understandable message than "Serialized ATN data element .... element ... out of range 0..65535" (atn-analysis, type:cleanup) * avoid java.lang.StackOverflowError (lexers, error-handling) * Getting this error: Exception in thread "main" java.lang.UnsupportedOperationException: Serialized ATN data element out of range (atn-analysis, type:cleanup) Improvements, features * Updated getting started with Cpp documentation. (type:improvement, comp:doc) * Escape bad words during grammar generation (code-gen, type:improvement) * Implement caseInsensitive option (lexers, options, type:improvement) * Some tool bugfixes (error-handling, comp:tool, type:improvement, type:cleanup) * Run testsuite using the tests/run.py script instead of %pyunittest * Switch build systemd from setuptools to pyproject.toml * Update BuildRequires from pyproject.toml * Update filename pattern in %files section * Update to version 4.9.3 Issues fixed * Swift Target Crashes with Multi-Threading * JavaScript Runtime bug * Go target, cannot use superClass for the lexer grammar! * Python runtime is inconsistent with Java * FunctionDef source extract using getText() * Provide .NET Framework target in the csharp nuget package * Go target for Antlr tool, type ",int8" => "int8" * Flutter/Dart web support * Allow Antlr Javascript runtime to be loaded into Kindle Touch * Fix Go test suite * Weird error Improvements, features * [C++] Use faster alternative to dynamic_cast when not testing inherit * Stackoverflow after upgrading from 4.6 to 4.7 * from version 4.9.2 Issues fixed * CSharp and Java produce different results for identical input, identical tokens Improvements, features * Moved away from travis-ci.com * Source upstream tarball from Github since PyPi tarball no longer ships testsuite * Update to version 4.9.1. * Improve python3 performance by adding slots * Fix incorrect python token string templates * Add testing. * Skip python2 because this is for python3. * Use python_alternative Changes in python-avro: * Switch package to modern Python Stack on SLE-15 * Add %{?sle15_python_module_pythons} * Drop %define skip_python2 1 * Update to version 1.11.3: * See jira board for all the fixes addressed in this release: https://issues.apache.org/jira/browse/AVRO-3855?jql=project%3DAVRO%20AND%20fixVersion%3D1.11.3 * Drop py311.patch: fixed upstream. * Add py311.patch to make tests compatible with python 3.11 gh#apache/avro#1961 * Update to 1.11.1 (from GitHub release notes): * Avro specification * Clarify which names are allowed to be qualified with namespaces * Inconsistent behaviour on types as invalid names * Clarify how fullnames are created, with example * IDL: add syntax to create optional fields * Improve docs for logical type annotation * Python * Scale assignment optimization * "Scale" property from decimal object * Byte reading in avro.io does not assert bytes read * validate the default value of an enum field * Pass LogicalType to BytesDecimalSchema * Website * Website refactor * Document IDL support in IDEs Changes in python-chardet: * update to 5.2.0: * Adds support for running chardet CLI via `python -m chardet` Changes in python-distro: \- Switch to autosetup macro. * update to 1.9.0: * Refactor distro.info() method to return an InfoDict [#360] * Ignore the file '/etc/board-release' [#353] * Ignore the file '/etc/ec2_version' [#359] * Test on modern versions of CPython and PyPy and macOS [#362] * Add support for ALT Linux Server 10.1 distribution [#354] * Add Debian Testing to the tests [#356] * Update archlinux resource for tests [#352] * Remove duplicate files calling %fdupes * add sle15_python_module_pythons * update to 1.8.0: * Lowered `LinuxDistribution._distro_release_info` method complexity [#327] * Added official support for Buildroot distribution [#329] * Added official support for Guix distribution [#330] * Added support for `/etc/debian_version` [#333] & [#349] * Fixed a typography in CONTRIBUTING.md [#340] * Improved README.md "Usage" code block [#343] * Bumped black to v22.3.0 in pre-commit.ci configuration [#331] * Enabled GitHub Dependabot to keep GitHub Actions up to date [#335] * remove shebang from distro.py * update to version 1.7.0: * BACKWARD COMPATIBILITY: * Dropped support for EOL Pythons 2.7, 3.4 and 3.5 [#281] * Dropped support for LSB and `uname` back-ends when `--root-dir` is specified [#311] * Moved `distro.py` to `src/distro/distro.py` [#315] * ENHANCEMENTS: * Documented that `distro.version()` can return an empty string on rolling releases [#312] * Documented support for Python 3.10 [#316] * Added official support for Rocky Linux distribution [#318] * Added a shebang to `distro.py` to allow standalone execution [#313] * Added support for AIX platforms [#311] * Added compliance for PEP-561 [#315] * BUG FIXES: * Fixed `include_uname` parameter oversight [#305] * Fixed crash when `uname -rs` output is empty [#304] * Fixed Amazon Linux identifier in `distro.id()` documentation [#318] * Fixed OpenSuse >= 15 support [#319] * Fixed encoding issues when opening distro release files [#324] * Fixed `linux_distribution` regression introduced in [#230] [#325] * Tests: Set locale to UTF-8 to fix tests on Leap 15.3. * Expliciting setting of locale is not necessary anymore (gh#python- distro/distro#223). * Update to version 1.6.0 * Deprecated the distro.linux_distribution() function. Use distro.id(), distro.version() and distro.name() instead [#296] * Deprecated Python 2.7, 3.4 and 3.5 support. Further releases will only support Python 3.6+ * Added type hints to distro module [#269] * Added **version** for checking distro version [#292] * Added support for arbitrary rootfs via the root_dir parameter [#247] * Added the --root-dir option to CLI [#161] * Added fallback to /usr/lib/os-release when /etc/os-release isn't available [#262] * Fixed subprocess.CalledProcessError when running lsb_release [#261] * Ignore /etc/iredmail-release file while parsing distribution [#268] * Use a binary file for /dev/null to avoid TextIOWrapper overhead [#271] * use %pytest macro * Enable tests properly (this is pytest, not unittest), Changes in python- docker: * update to 7.0.0: * Removed SSL version (`ssl_version`) and explicit hostname check (`assert_hostname`) options (#3185) * Python 3.7+ supports TLSv1.3 by default * Websocket support is no longer included by default (#3123) * Use `pip install docker[websockets]` to include `websocket- client` dependency * By default, `docker-py` hijacks the TCP connection and does not use Websockets * Websocket client is only required to use `attach_socket(container, ws=True)` * Python 3.7 no longer supported (reached end-of-life June 2023) (#3187) * Python 3.12 support (#3185) * Full `networking_config` support for `containers.create()` * Replaces `network_driver_opt` (added in 6.1.0) * Add `health()` property to container that returns status (e.g. `unhealthy`) * Add `pause` option to `container.commit()` (#3159) * Add support for bind mount propagation (e.g. `rshared`, `private`) * Add support for `filters`, `keep_storage`, and `all` in `prune_builds()` on API v1.39+ (#3192) * Consistently return `docker.errors.NotFound` on 404 responses * Validate tag format before push (#3191) * update to 6.1.3: * Bugfixes * Fix eventlet compatibility (#3132) * update to 6.1.2: * Bugfixes * Fix for socket timeouts on long docker exec calls (#3125) * Respect timeout param on Windows (#3112) * update to 6.1.1: * Upgrade Notes (6.1.x) * Errors are no longer returned during client initialization if the credential helper cannot be found. A warning will be emitted instead, and an error is returned if the credential helper is used. * Bugfixes * Fix containers.stats() hanging with stream=True * Correct return type in docs for containers.diff() method * update to 6.1.0: * Upgrade Notes * Errors are no longer returned during client initialization if the credential helper cannot be found. A warning will be emitted instead, and an error is returned if the credential helper is used. * Features * Python 3.11 support * Use poll() instead of select() on non-Windows platforms * New API fields * network_driver_opt on container run / create * one-shot on container stats * status on services list * Bugfixes * Support for requests 2.29.0+ and urllib3 2.x * Do not strip characters from volume names * Fix connection leak on container.exec_* operations * Fix errors closing named pipes on Windows * update to 6.0.1: * Notice This version is not compatible with requests 2.29+ or urllib3 2.x. Either add requests < 2.29 and urllib3 < 2 to your requirements or upgrade to to the latest docker-py release. * Bugfixes * Fix for The pipe has been ended errors on Windows (#3056) * Support floats for timestamps in Docker logs (since / until) (#3031) * update to 6.0.0: * Upgrade Notes * Minimum supported Python version is 3.7+ * When installing with pip, the docker[tls] extra is deprecated and a no-op, use docker for same functionality (TLS support is always available now) * Native Python SSH client (used by default / use_ssh_client=False) will now * reject unknown host keys with paramiko.ssh_exception.SSHException * Short IDs are now 12 characters instead of 10 characters (same as Docker CLI) * Version metadata is now exposed as **version** * Features * Python 3.10 support * Automatically negotiate most secure TLS version * Add platform (e.g. linux/amd64, darwin/arm64) to container create & run * Add support for GlobalJob and ReplicatedJobs for Swarm * Add remove() method on Image * Add force param to disable() on Plugin * Bugfixes * Fix install issues on Windows related to pywin32 * Do not accept unknown SSH host keys in native Python SSH mode * Use 12 character short IDs for consistency with Docker CLI * Ignore trailing whitespace in .dockerignore files * Fix IPv6 host parsing when explicit port specified * Fix ProxyCommand option for SSH connections * Do not spawn extra subshell when launching external SSH client * Improve exception semantics to preserve context * Documentation improvements (formatting, examples, typos, missing params) * Miscellaneous * Upgrade dependencies in requirements.txt to latest versions * Remove extraneous transitive dependencies * Eliminate usages of deprecated functions/methods * Test suite reliability improvements * GitHub Actions workflows for linting, unit tests, integration tests, and publishing releases * add sle15_python_module_pythons * python-six is not required as well * python-mock actually not required for build * update to 5.0.3: * Add cap_add and cap_drop parameters to service create and ContainerSpec * Add templating parameter to config create * Bump urllib3 to 1.26.5 * Bump requests to 2.26.0 * Remove support for Python 2.7 * Make Python 3.6 the minimum version supported * Update to 4.4.4 From project changelog: 4.4.4 Bugfixes Remove LD_LIBRARY_PATH and SSL_CERT_FILE environment variables when shelling out to the ssh client 4.4.3 Features Add support for docker.types.Placement.MaxReplicas Bugfixes Fix SSH port parsing when shelling out to the ssh client 4.4.2 Bugfixes Fix SSH connection bug where the hostname was incorrectly trimmed and the error was hidden Fix docs example Miscellaneous Add Python3.8 and 3.9 in setup.py classifier list 4.4.1 Bugfixes Avoid setting unsuported parameter for subprocess.Popen on Windows Replace use of deprecated "filter" argument on ""docker/api/image" * update to 4.4.0: * Add an alternative SSH connection to the paramiko one, based on shelling out to the SSh client. Similar to the behaviour of Docker cli * Default image tag to `latest` on `pull` * Fix plugin model upgrade * Fix examples URL in ulimits * Improve exception messages for server and client errors * Bump cryptography from 2.3 to 3.2 * Set default API version to `auto` * Fix conversion to bytes for `float` * Support OpenSSH `identityfile` option * Add `DeviceRequest` type to expose host resources such as GPUs * Add support for `DriverOpts` in EndpointConfig * Disable compression by default when using container.get_archive method * Update default API version to v1.39 * Update test engine version to 19.03.12 * update to 4.2.2: * Fix context load for non-docker endpoints * update to 4.2.1: * Add option on when to use `tls` on Context constructor * Make context orchestrator field optional * Bump required version of pycreds to 0.4.0 (sync with requirements.txt) * update to 3.7.0 (mandatory for latest docker-compose) * add python-dockerpycreds dependency in the spec file rebase hide_py_pckgmgmt.patch Changes in python-fakeredis: * update to 2.21.0: * Implement all TOP-K commands (`TOPK.INFO`, `TOPK.LIST`, `TOPK.RESERVE`, * `TOPK.ADD`, `TOPK.COUNT`, `TOPK.QUERY`, `TOPK.INCRBY`) #278 * Implement all cuckoo filter commands #276 * Implement all Count-Min Sketch commands #277 * Fix XREAD blocking bug #274 #275 * EXAT option does not work #279 * update to 2.20.1: * Fix `XREAD` bug #256 * Testing for python 3.12 * update to 2.20.0: * Implement `BITFIELD` command #247 * Implement `COMMAND`, `COMMAND INFO`, `COMMAND COUNT` #248 * Remove unnecessary BR on python-lupa * update to 2.19.0: * Implement Bloom filters commands #239 * Fix error on blocking XREADGROUP #237 * update to 2.18.1: * Fix stream type issue #233 * update to 2.18.0: * Implement `PUBSUB NUMPAT` #195, `SSUBSCRIBE` #199, `SPUBLISH` #198, `SUNSUBSCRIBE` #200, `PUBSUB SHARDCHANNELS` #196, `PUBSUB SHARDNUMSUB` #197 * Fix All aio.FakeRedis instances share the same server #218 * update to 2.17.0: * Implement `LPOS` #207, `LMPOP` #184, and `BLMPOP` #183 * Implement `ZMPOP` #191, `BZMPOP` #186 * Fix incorrect error msg for group not found #210 * fix: use same server_key within pipeline when issued watch issue with ZRANGE and ZRANGESTORE with BYLEX #214 * Implemented support for `JSON.MSET` #174, `JSON.MERGE` #181 * Add support for version for async FakeRedis #205 * Updated how to test django_rq #204 * update to 2.15.0: * Implemented support for various stream groups commands: * `XGROUP CREATE` #161, `XGROUP DESTROY` #164, `XGROUP SETID` #165, `XGROUP DELCONSUMER` #162, * `XGROUP CREATECONSUMER` #163, `XINFO GROUPS` #168, `XINFO CONSUMERS` #168, `XINFO STREAM` #169, `XREADGROUP` #171, * `XACK` #157, `XPENDING` #170, `XCLAIM` #159, `XAUTOCLAIM` * Implemented sorted set commands: * `ZRANDMEMBER` #192, `ZDIFF` #187, `ZINTER` #189, `ZUNION` #194, `ZDIFFSTORE` #188, * `ZINTERCARD` #190, `ZRANGESTORE` #193 * Implemented list commands: * `BLMOVE` #182, * Improved documentation. * Fix documentation link * Fix requirement for packaging.Version #177 * Implement `HRANDFIELD` #156 * Implement `JSON.MSET` * Improve streams code * update to 2.13.0: * Fixed xadd timestamp (fixes #151) (#152) * Implement XDEL #153 * Improve test code * Fix reported security issue * Add support for `Connection.read_response` arguments used in redis-py 4.5.5 and 5.0.0 * Adding state for scan commands (#99) * Improved documentation (added async sample, etc.) * update to 2.12.0: * Implement `XREAD` #147 * Unique FakeServer when no connection params are provided * Minor fixes supporting multiple connections * Update documentation * connection parameters awareness: * Creating multiple clients with the same connection parameters will result in the same server data structure. * Fix creating fakeredis.aioredis using url with user/password * add sle15_python_module_pythons * Update to 2.10.3: * Support for redis-py 5.0.0b1 * Include tests in sdist (#133) * Fix import used in GenericCommandsMixin.randomkey (#135) * Fix async_timeout usage on py3.11 (#132) * Enable testing django-cache using FakeConnection. * All geo commands implemented * Fix bug for xrange * Fix bug for xrevrange * Implement XTRIM * Add support for MAXLEN, MAXID, LIMIT arguments for XADD command * Add support for ZRANGE arguments for ZRANGE command #127 * Relax python version requirement #128 * Support for redis-py 4.5.0 #125 * update to 2.7.1: * Fix import error for NoneType (#120) * Implement * JSON.ARRINDEX * JSON.OBJLEN * JSON.OBJKEYS * JSON.ARRPOP * JSON.ARRTRIM * JSON.NUMINCRBY * JSON.NUMMULTBY * XADD * XLEN * XRANGE * XREVRANGE * Implement `JSON.TYPE`, `JSON.ARRLEN` and `JSON.ARRAPPEND` * Fix encoding of None (#118) * update to v2.5.0: * Implement support for BITPOS (bitmap command) (#112) * Fix json mget when dict is returned (#114) * fix: properly export (#116) * Extract param handling (#113) * update to v2.4.0: * Implement LCS (#111), BITOP (#110) * Fix bug checking type in scan_iter (#109) * Implement GETEX (#102) * Implement support for JSON.STRAPPEND (json command) (#98) * Implement JSON.STRLEN, JSON.TOGGLE and fix bugs with JSON.DEL (#96) * Implement PUBSUB CHANNELS, PUBSUB NUMSUB * Implement JSON.CLEAR (#87) * Support for redis-py v4.4.0 * Implement json.mget (#85) * Initial json module support - JSON.GET, JSON.SET and JSON.DEL (#80) * fix: add nowait for asyncio disconnect (#76) * Refactor how commands are registered (#79) * Refactor tests from redispy4_plus (#77) * Remove support for aioredis separate from redis-py (redis-py versions 4.1.2 and below). (#65) * Add support for redis-py v4.4rc4 (#73) * Add mypy support (#74) * Implement support for zmscore by @the-wondersmith in #67 * What's Changed * implement GETDEL and SINTERCARD support by @cunla in #57 * Test get float-type behavior by @cunla in #59 * Implement BZPOPMIN/BZPOPMAX support by @cunla in #60 * drop fakeredis-pr54-fix-ensure_str.patch (upstream) * Update to 1.9.3 * Removed python-six dependency * zadd support for GT/LT by @cunla in #49 * Remove six dependency by @cunla in #51 * Add host to conn_pool_args by @cunla in #51 * Drop python-fakeredis-no-six.patch which was incomplete * all commits, including the missing ones in release now * Add fakeredis-pr54-fix-ensure_str.patch * use upstream https://github.com/cunla/fakeredis-py/pull/51/ * modified patches % python-fakeredis-no-six.patch (refreshed) * version update to 1.9.1 * Zrange byscore by @cunla in #44 * Expire options by @cunla in #46 * Enable redis7 support by @cunla in #42 * added patches fix https://github.com/cunla/fakeredis-py/issues/50 * python-fakeredis-no-six.patch * Update to 1.8.1 * fix: allow redis 4.3.* by @terencehonles in #30 * Release 1.8 * Fix handling url with username and password by @cunla in #27 * Refactor tests by @cunla in #28 * Release 1.7.6 * add IMOVE operation by @BGroever in #11 * Add SMISMEMBER command by @OlegZv in #20 * fix: work with redis.asyncio by @zhongkechen in #10 * Migrate to poetry by @cunla in #12 * Create annotation for redis4+ tests by @cunla in #14 * Make aioredis and lupa optional dependencies by @cunla in #16 * Remove aioredis requirement if redis-py 4.2+ by @ikornaselur in #19 * update to 1.7.0 * Change a number of corner-case behaviours to match Redis 6.2.6. * Fix DeprecationWarning for sampling from a set * Improved support for constructor arguments * Support redis-py 4 * Add support for GET option to SET * PERSIST and EXPIRE should invalidate watches * Update to 1.6.1 * # 305 Some packaging modernisation * # 306 Fix FakeRedisMixin.from_url for unix sockets * # 308 Remove use of async_generator from tests * Release 1.6.0 * # 304 Support aioredis 2 * # 302 Switch CI from Travis CI to Github Actions * update to 1.5.2 * support python 3.9 * support aioredis * Disable py2 as upstream actually disabled python2 support competely * The syntax simply is not compatible * Update to 1.3.0: * No upstream changelog * python2 tests are dysfunctional, test with python3 only * Update to 1.0.5: * No upstream changelog * Update to 1.0.4: * various bugfixes all around * Update to v1.0.3 * Support for redis 3.2 (no effective changes in v1.0.2) * Initial spec for v1.0.1 Changes in python-fixedint: * Switch build system from setuptools to pyproject.toml * Add python-pip and python-wheel to BuildRequires * Replace %python_build with %pyproject_wheel * Replace %python_install with %pyproject_install * Fix capitalization in Summary * Limit Python files matched in %files section * Switch package to modern Python Stack on SLE-15 * Add %{?sle15_python_module_pythons} * Drop %{?!python_module:%define python_module() python-%{ **} python3-%{** }} * Initial build * Version 0.2.0 Changes in python-httplib2: * require setuptools * Clean up SPEC file. * Add %{?sle15_python_module_pythons} * update to 0.22.0: * https: disable_ssl_certificate_validation caused ValueError: Cannot set verify_mode to CERT_NONE when check_hostname is enabled * Update to 0.21.0: * http: `Content-Encoding: deflate` must accept zlib encapsulation * https://github.com/httplib2/httplib2/pull/230 * Begin support and CI against CPython 3.10 and 3.11. * update to 0.20.4: proxy: support proxy urls with ipv6 address Tests compatible with Python3.10 and recent pytest. * add pyparsing dependency * update to 0.20.2: auth: support pyparsing v3 proxy: correct extraction of errno from pysocks ProxyConnectionError IMPORTANT cacerts: remove expired DST Root CA X3, add ISRG Root X1, X2 * update to 0.19.1: * auth header parsing performance optimizations; Thanks to Paul McGuire * Use mock from the standard library on Python>=3.3 set first, othewise a "ValueError: Cannot set verify_mode to CERT_NONE when check_hostname instead (bnc#761162) item not in cache \- initial version of python-httplib2 (0.2.0) Changes in python-httpretty: \- Add patch 0001-Fix- test_417_openssl.py-if-pyOpenSSL-not-available.patch: * Fix tests without pyOpenSSL support in urllib3 * Allow building with python-urllib3 >= 2.x * Do not use python-boto3 when building in SLE where it's currently not available for python311 * Add %{?sle15_python_module_pythons} * skip failing testsuite tests after requests update * Add patch relax-test-callback-response.patch: * Relax timeout for test_callback_response (bsc#1209571) * Add patch 460-miliseconds_tests.patch (gh#gabrielfalcao/HTTPretty#460): * Correct tests for s390x and aarch64 because of timeout failures after 2 miliseconds * Fix test suite: * Remove nose idioms * Remove outdated test skips * Add patch double-slash-paths.patch: * http.request may replace // with /, handle that in the testcase. * Add 453-fix-tests-pytest.patch (gh#gabrielfalcao/HTTPretty#449) to make tests compatible with pytest. * Add patch remove-mock.patch: * Use unittest.mock in the functional tests. * specfile: * update copyright year * update to version 1.1.4: * Bugfix: #435 Fallback to WARNING when logging.getLogger().level is None. * changes from version 1.1.3: * Bugfix: #430 Respect socket timeout. * changes from version 1.1.2: * Bugfix: #426 Segmentation fault when running against a large amount of tests with pytest --mypy. * changes from version 1.1.1: * Bugfix: httpretty.disable() injects pyopenssl into :py:mod:`urllib3` even if it originally wasn't #417 * Bugfix: "Incompatibility with boto3 S3 put_object" #416 * Bugfix: "Regular expression for URL -> TypeError: wrap_socket() missing 1 required" #413 * Bugfix: "Making requests to non-stadard port throws TimeoutError "#387 * changes from version 1.1.0: * Feature: Display mismatched URL within UnmockedError whenever possible. #388 * Feature: Display mismatched URL via logging. #419 * Add new properties to :py:class:`httpretty.core.HTTPrettyRequest` (protocol, host, url, path, method). * Updater to 1.0.5 * Bugfix: Support socket.socketpair() . #402 * Bugfix: Prevent exceptions from re-applying monkey patches. #406 * Release 1.0.4 * Python 3.8 and 3.9 support. #407 * Update to 1.0.3 * Fix compatibility with urllib3>=1.26. #410 * Replace nose with nose2 * avoid reading DNS resolver settings gh#gabrielfalcao/HTTPretty#405 * remove unnecessary test packages * Update to 1.0.2 * Drop Python 2 support. * Fix usage with redis and improve overall real-socket passthrough. * Fix TypeError: wrap_socket() missing 1 required positional argument: 'sock'. * Fix simple typo: neighter -> neither. * Updated documentation for register_uri concerning using ports. * Clarify relation between `enabled` and `httprettized` in API docs. * Align signature with builtin socket. * Version update to 0.9.6: * Many fixes all around * Support for python 3.7 * Make sure we really run the tests * Remove superfluous devel dependency for noarch package Changes in python-javaproperties: \- Switch package to modern Python Stack on SLE-15 \+ Add %{?sle15_python_module_pythons} * version update to 0.8.1 v0.8.1 (2021-10-05) * * * * Fix a typing issue in Python 3.9 * Support Python 3.10 v0.8.0 (2020-11-28) * * * * Drop support for Python 2.7, 3.4, and 3.5 * Support Python 3.9 * `ensure_ascii` parameter added to `PropertiesFile.dump()` and `PropertiesFile.dumps()` * **Bugfix** : When parsing XML input, empty `<entry>` tags now produce an empty string as a value, not `None` * Added type annotations * `Properties` and `PropertiesFile` no longer raise `TypeError` when given a non-string key or value, as type correctness is now expected to be enforced through static type checking * The `PropertiesElement` classes returned by `parse()` are no longer subclasses of `namedtuple`, but they can still be iterated over to retrieve their fields like a tuple * python-six is not required Changes in python-jsondiff: * Switch build system from setuptools to pyproject.toml * Add python-pip and python-wheel to BuildRequires * Replace %python_build with %pyproject_wheel * Replace %python_install with %pyproject_install * Limit Python files matched in %files section * Add %{?sle15_python_module_pythons} * Update to version 2.0.0 * Removed deprecated function * Remove deprecated jsondiff entry point * from version 1.3.1 * Optionally allow different escape_str than '$' * Clarified the readme, closes #23 * Fixed readme * Remove jsondiff command from %install, %post, %postun and %files sections Changes in python-knack: * Switch package to modern Python Stack on SLE-15 * Add %{?sle15_python_module_pythons} * Drop %{?!python_module:%define python_module() python-%{ **} python3-%{** }} * Drop %define skip_python2 1 * Update to version 0.11.0 * Declare support for Python 3.11 and drop support for Python 3.7 (#275) * Stop converting argument's `bool` default value to `DefaultInt` (#273) * Update to version 0.10.1 * Support bytearray serialization (#268) * Update to version 0.10.0 * Enable Virtual Terminal mode on legacy Windows terminal to support ANSI escape sequences (#265) * Drop Python 3.6 support (#259) * python-mock is not required for build Changes in python-marshmallow: * Switch build system from setuptools to pyproject.toml * Add python-pip and python-wheel to BuildRequires * Replace %python_build with %pyproject_wheel * Replace %python_install with %pyproject_install * Limit Python files matched in %files section * update to 3.20.2: * Bug fixes: - Fix Nested field type hint for lambda Schema types (:pr:`2164`). * Other changes: - Officially support Python 3.12 (:pr:`2188`). * update to 3.20.1: * Fix call to `get_declared_fields`: pass `dict_cls` again * Add `absolute` parameter to `URL` validator and `Url` * Use Abstract Base Classes to define `FieldABC` and `SchemaABC` * Use `OrderedSet` as default `set_class`. Schemas are now ordered by default. * Handle `OSError` and `OverflowError` in `utils.from_timestamp` (:pr:`2102`). * Fix the default inheritance of nested partial schemas * Officially support Python 3.11 (:pr:`2067`). * Drop support for Python 3.7 (:pr:`2135`). * Switch documentation to be within the main package on SLE15 * rename docs subpackage to the more common doc name * Update to 3.19.0 * Add timestamp and timestamp_ms formats to fields.DateTime (#612). Thanks @vgavro for the suggestion and thanks @vanHoi for the PR. Changes in python-opencensus: \- Add Obsoletes for old python3 package on SLE-15 \- Switch build system from setuptools to pyproject.toml \+ Add python-pip and python-wheel to BuildRequires \+ Replace %python_build with %pyproject_wheel \+ Replace %python_install with %pyproject_install \- Update to 0.11.4 * Changed bit-mapping for `httpx` and `fastapi` integrations \- Refresh patches for new version * opencensus-pr1002-remove-mock.patch \- Switch package to modern Python Stack on SLE-15 * Add %{?sle15_python_module_pythons} * Drop %{?!python_module:%define python_module() python-%{ **} python3-%{** }} * update to 0.11.3 * Updated azure modules * sorry, six is still needed :( * update to 0.11.2: * Updated `azure`, `fastapi`,`flask` modules * Updated `azure`, `httpx` modules * Update to 0.11.0 * Updated `azure`, `context`, `flask`, `requests` modules * from version 0.10.0 * Add kwargs to derived gauge (#1135) * from version 0.9.0 * Make sure handler.flush() doesn't deadlock (#1112) * Refresh patches for new version * opencensus-pr1002-remove-mock.patch * Update Requires from setup.py Changes in python-opencensus-context: \- Clean up the SPEC file \- Switch package to modern Python Stack on SLE-15 \+ Add %{?sle15_python_module_pythons} \+ Drop %{?!python_module:%define python_module() python-%{ **} python3-%{** }} \- Update to 0.1.3 * Move `version.py` file into `runtime_context` folder (#1143) Changes in python-opencensus-ext-threading: \- Switch package to modern Python Stack on SLE-15 \+ Add %{?sle15_python_module_pythons} \+ Drop %{?!python_module:%define python_module() python-%{ **} python3-%{** }} \+ Drop build support for Python 2.x Changes in python-opentelemetry-api: \- update to 1.23.0: * Use Attribute rather than boundattribute in logrecord (#3567) * Fix flush error when no LoggerProvider configured for LoggingHandler (#3608) * Fix OTLPMetricExporter ignores preferred_aggregation property (#3603) * Logs: set observed_timestamp field (#3565) * Add missing Resource SchemaURL in OTLP exporters (#3652) * Fix loglevel warning text (#3566) * Prometheus Exporter string representation for target_info labels (#3659) * Logs: ObservedTimestamp field is missing in console exporter output (#3564) * Fix explicit bucket histogram aggregation (#3429) * Add code.lineno, code.function and code.filepath to all logs (#3645) * Add Synchronous Gauge instrument (#3462) * Drop support for 3.7 (#3668) * Include key in attribute sequence warning (#3639) * Upgrade markupsafe, Flask and related dependencies to dev and test environments (#3609) * Handle HTTP 2XX responses as successful in OTLP exporters (#3623) * Improve Resource Detector timeout messaging (#3645) * Add Proxy classes for logging (#3575) * Remove dependency on 'backoff' library (#3679) * update to 1.22.0: * Prometheus exporter sanitize info metric (#3572) * Remove Jaeger exporters (#3554) * Log stacktrace on `UNKNOWN` status OTLP export error (#3536) * Fix OTLPExporterMixin shutdown timeout period (#3524) * Handle `taskName` `logrecord` attribute (#3557) * update to 1.21.0: * Fix `SumAggregation`(#3390) * Fix handling of empty metric collection cycles (#3335) * Fix error when no LoggerProvider configured for LoggingHandler (#3423) * Make `opentelemetry_metrics_exporter` entrypoint support pull exporters (#3428) * Allow instrument names to have '/' and up to 255 characters (#3442) * Do not load Resource on sdk import (#3447) * Update semantic conventions to version 1.21.0 (#3251) * Add missing schema_url in global api for logging and metrics (#3251) * Prometheus exporter support for auto instrumentation (#3413) * Modify Prometheus exporter to translate non-monotonic Sums into Gauges (#3306) * Update the body type in the log ($3343) * Add max_scale option to Exponential Bucket Histogram Aggregation (#3323) * Use BoundedAttributes instead of raw dict to extract attributes from LogRecord (#3310) * Support dropped_attributes_count in LogRecord and exporters (#3351) * Add unit to view instrument selection criteria (#3341) * Upgrade opentelemetry-proto to 0.20 and regen #3355) * Include endpoint in Grpc transient error warning #3362) * Fixed bug where logging export is tracked as trace #3375) * Select histogram aggregation with an environment variable * Move Protobuf encoding to its own package (#3169) * Add experimental feature to detect resource detectors in auto instrumentation (#3181) * Fix exporting of ExponentialBucketHistogramAggregation from opentelemetry.sdk.metrics.view (#3240) * Fix headers types mismatch for OTLP Exporters (#3226) * Fix suppress instrumentation for log batch processor (#3223) * Add speced out environment variables and arguments for BatchLogRecordProcessor (#3237) * Fix `ParentBased` sampler for implicit parent spans. Fix also `trace_state` erasure for dropped spans or spans sampled by the `TraceIdRatioBased` sampler. Changes in python-opentelemetry-sdk: * Add missing python-wheel build dependency to BuildRequires * update to 1.23.0: * Use Attribute rather than boundattribute in logrecord (#3567) * Fix flush error when no LoggerProvider configured for LoggingHandler (#3608) * Fix OTLPMetricExporter ignores preferred_aggregation property (#3603) * Logs: set observed_timestamp field (#3565) * Add missing Resource SchemaURL in OTLP exporters (#3652) * Fix loglevel warning text (#3566) * Prometheus Exporter string representation for target_info labels (#3659) * Logs: ObservedTimestamp field is missing in console exporter output (#3564) * Fix explicit bucket histogram aggregation (#3429) * Add code.lineno, code.function and code.filepath to all logs (#3645) * Add Synchronous Gauge instrument (#3462) * Drop support for 3.7 (#3668) * Include key in attribute sequence warning (#3639) * Upgrade markupsafe, Flask and related dependencies to dev and test environments (#3609) * Handle HTTP 2XX responses as successful in OTLP exporters (#3623) * Improve Resource Detector timeout messaging (#3645) * Add Proxy classes for logging (#3575) * Remove dependency on 'backoff' library (#3679) * update to 1.23.0: * Use Attribute rather than boundattribute in logrecord (#3567) * Fix flush error when no LoggerProvider configured for LoggingHandler (#3608) * Fix OTLPMetricExporter ignores preferred_aggregation property (#3603) * Logs: set observed_timestamp field (#3565) * Add missing Resource SchemaURL in OTLP exporters (#3652) * Fix loglevel warning text (#3566) * Prometheus Exporter string representation for target_info labels (#3659) * Logs: ObservedTimestamp field is missing in console exporter output (#3564) * Fix explicit bucket histogram aggregation (#3429) * Add code.lineno, code.function and code.filepath to all logs (#3645) * Add Synchronous Gauge instrument (#3462) * Drop support for 3.7 (#3668) * Include key in attribute sequence warning (#3639) * Upgrade markupsafe, Flask and related dependencies to dev and test environments (#3609) * Handle HTTP 2XX responses as successful in OTLP exporters (#3623) * Improve Resource Detector timeout messaging (#3645) * Add Proxy classes for logging (#3575) * Remove dependency on 'backoff' library (#3679) * Switch package to modern Python Stack on SLE-15 * Add %{?sle15_python_module_pythons} * Initial package (1.22.0) Changes in python-opentelemetry-semantic- conventions: * update to 0.44b0: * Use Attribute rather than boundattribute in logrecord (#3567) * Fix flush error when no LoggerProvider configured for LoggingHandler (#3608) * Fix OTLPMetricExporter ignores preferred_aggregation property (#3603) * Logs: set observed_timestamp field (#3565) * Add missing Resource SchemaURL in OTLP exporters (#3652) * Fix loglevel warning text (#3566) * Prometheus Exporter string representation for target_info labels (#3659) * Logs: ObservedTimestamp field is missing in console exporter output (#3564) * Fix explicit bucket histogram aggregation (#3429) * Add code.lineno, code.function and code.filepath to all logs (#3645) * Add Synchronous Gauge instrument (#3462) * Drop support for 3.7 (#3668) * Include key in attribute sequence warning (#3639) * Upgrade markupsafe, Flask and related dependencies to dev and test environments (#3609) * Handle HTTP 2XX responses as successful in OTLP exporters (#3623) * Improve Resource Detector timeout messaging (#3645) * Add Proxy classes for logging (#3575) * Remove dependency on 'backoff' library (#3679) * update to 0.43b0: * Prometheus exporter sanitize info metric * Remove Jaeger exporters * Log stacktrace on `UNKNOWN` status OTLP export error * Fix OTLPExporterMixin shutdown timeout period * Handle `taskName` `logrecord` attribute * Fix `SumAggregation` * Fix handling of empty metric collection cycles * Fix error when no LoggerProvider configured for LoggingHandler * Make `opentelemetry_metrics_exporter` entrypoint support pull exporters * Allow instrument names to have '/' and up to 255 characters * Do not load Resource on sdk import * Update semantic conventions to version 1.21.0 * Add missing schema_url in global api for logging and metrics * Prometheus exporter support for auto instrumentation * Drop `setuptools` runtime requirement. * Update the body type in the log ($3343) * Add max_scale option to Exponential Bucket Histogram Aggregation * Use BoundedAttributes instead of raw dict to extract attributes from LogRecord * Support dropped_attributes_count in LogRecord and exporters * Add unit to view instrument selection criteria * Upgrade opentelemetry-proto to 0.20 and regen #3355) * Include endpoint in Grpc transient error warning #3362) * Fixed bug where logging export is tracked as trace #3375) * Select histogram aggregation with an environment variable * Move Protobuf encoding to its own package * Add experimental feature to detect resource detectors in auto instrumentation * Fix exporting of ExponentialBucketHistogramAggregation from opentelemetry.sdk.metrics.view * Fix headers types mismatch for OTLP Exporters * Fix suppress instrumentation for log batch processor * Add speced out environment variables and arguments for BatchLogRecordProcessor * Initial build * Version 0.25b2 Changes in python-opentelemetry-test-utils: * update to 0.44b0: * Use Attribute rather than boundattribute in logrecord (#3567) * Fix flush error when no LoggerProvider configured for LoggingHandler (#3608) * Fix OTLPMetricExporter ignores preferred_aggregation property (#3603) * Logs: set observed_timestamp field (#3565) * Add missing Resource SchemaURL in OTLP exporters (#3652) * Fix loglevel warning text (#3566) * Prometheus Exporter string representation for target_info labels (#3659) * Logs: ObservedTimestamp field is missing in console exporter output (#3564) * Fix explicit bucket histogram aggregation (#3429) * Add code.lineno, code.function and code.filepath to all logs (#3645) * Add Synchronous Gauge instrument (#3462) * Drop support for 3.7 (#3668) * Include key in attribute sequence warning (#3639) * Upgrade markupsafe, Flask and related dependencies to dev and test environments (#3609) * Handle HTTP 2XX responses as successful in OTLP exporters (#3623) * Improve Resource Detector timeout messaging (#3645) * Add Proxy classes for logging (#3575) * Remove dependency on 'backoff' library (#3679) * Initial package (0.43b0) Changes in python-pycomposefile: * Switch package to modern Python Stack on SLE-15 * Add %{?sle15_python_module_pythons} * Initial build * Version 0.0.30 Changes in python-pydash: * Switch package to modern Python Stack on SLE-15 * Add %{?sle15_python_module_pythons} * Drop %{?!python_module:%define python_module() python-%{ **} python3-%{** }} * Update to version 6.0.2 * Only prevent access to object paths containing `__globals__` or `__builtins__` instead of all dunder-methods for non-dict/list objects. * from version 6.0.1 * Fix exception raised due to mishandling of non-string keys in functions like `get()` for non-dict/list objects that used integer index references like `"[0]"`. * from version 6.0.0 * Prevent access to object paths containing dunder-methods in functions like `get()` for non-dict/list objects. Attempting to access dunder-methods using get-path keys will raise a `KeyError` (e.g. `get(SomeClass(), '__init__'` will raise). Access to dict keys are unaffected (e.g. `get({"__init__": True}, "__init__")` will return `True`). ( **breaking change** ) * Add support for Python 3.11. * Drop support for Python 3.6 ( **breaking change** ) * from version 5.1.2 * Remove unnecessary type check and conversion for `exceptions` argument in `pydash.retry`. * from version 5.1.1 * Add support for Python 3.10. * Fix timing assertion issue in test for `pydash.delay` where it could fail on certain environments. * Switch build system from setuptools to pyproject.toml * Update BuildRequires from pyproject.toml * version update to 5.1.0 v5.1.0 (2021-10-02) * * * * Support matches-style callbacks on non-dictionary objects that are compatible with `pydash.get` in functions like `pydash.find`. v5.0.2 (2021-07-15) * * * * Fix compatibility issue between `pydash.py_` / `pydash._` and `typing.Protocol` \+ `typing.runtime_checkable` that caused an exception to be raised for `isinstance(py_, SomeRuntimeCheckableProtocol)`. v5.0.1 (2021-06-27) * * * * Fix bug in `merge_with` that prevented custom iteratee from being used when recursively merging. Thanks weineel_! v5.0.0 (2021-03-29) * * * * Drop support for Python 2.7. ( **breaking change** ) * Improve Unicode word splitting in string functions to be inline with Lodash. Thanks mervynlee94_! ( **breaking change** ) * `camel_case` * `human_case` * `kebab_case` * `lower_case` * `pascal_case` * `separator_case` * `slugify` * `snake_case` * `start_case` * `upper_case` * Optimize regular expression constants used in `pydash.strings` by pre- compiling them to regular expression pattern objects. v4.9.3 (2021-03-03) * * * * Fix regression introduced in `v4.8.0` that caused `merge` and `merge_with` to raise an exception when passing `None` as the first argument. v4.9.2 (2020-12-24) * * * * Fix regression introduced in `v4.9.1` that broke `pydash.get` for dictionaries and dot-delimited keys that reference integer dict-keys. v4.9.1 (2020-12-14) * * * * Fix bug in `get/has` that caused `defaultdict` objects to get populated on key access. v4.9.0 (2020-10-27) * * * * Add `default_to_any`. Thanks gonzalonaveira_! * Fix mishandling of key names containing `\.` in `set_`, `set_with`, and `update_with` where the `.` was not treated as a literal value within the key name. Thanks zhaowb_! * python-mock is not required for build * Activate test suite * Update to v4.8.0 * Initial spec for v4.7.6 Changes in python-redis: * Switch build system from setuptools to pyproject.toml * Add python-pip and python-wheel to BuildRequires * Replace %python_build with %pyproject_wheel * Replace %python_install with %pyproject_install * add https://github.com/redis/redis-py/pull/3005 as Close-various-objects- created-during-asyncio-tests.patch to fix tests for python 3.12 * Add patch to increase timeouts in s390x where tests take longer to run: * increase-test-timeout.patch * Disable broken tests for ppc64le, bsc#1216606 * Add pytest.ini source needed to run tests * Remove/disable broken tests because of suse environment * drop tox.ini. seems it does no longer exist in 5.0.1 * add support to easily disable the testsuite at build time * update to 5.0.1 * New Features * Provide aclose() / close() for classes requiring lifetime management (#2898) * Add support for ModuleCommands in cluster (#2951) * Add support for multiple values in RPUSHX (#2949) * Add Redis.from_pool() class method, for explicitly owning and closing a ConnectionPool (#2913) * Bug Fixes * Fixing monitor parsing for messages containing specific substrings (#2950) * Cluster determine slot command name need to be upper (#2919) * Support timeout = 0 in search query (#2934) * Fix async sentinel: add push_request keyword argument to read_response (#2922) * Fix protocol checking for search commands (#2923) * Fix: SentinelManagedConnection.read_response() got an unexpected keyword argument 'push_request' (#2894) * Fix: automatically close connection pool for async Sentinel (#2900) * Save a reference to created async tasks, to avoid tasks potentially disappearing (#2816) * Avoid reference cycling by the garbage collector during response reading (#2932) * Maintenance * Type hint improvements (#2952) * Replace clear_connect_callbacks with _deregister_connect_callback (#2955) * Async fixes, remove del and other things (#2870) * Add pagination, sorting and grouping examples to search json example (#2890) * Remove process-id checks from asyncio. Asyncio and fork() does not mix. (#2911) * Fix resource usage and cleanup Mocks in the unit tests (#2936) * Remove mentions of tox (#2929) * Add 7.2 to supported Redis versions (#2896) * Fix resource warnings in unit tests (#2899) * Fix typo in redis-stream-example.ipynb (#2918) * Deprecate RedisGraph (#2927) * Fix redis 7.2.0 tests (#2902) * Fix test_scorer (search) (#2920) * changes from 5.0.0 * What's new? * Triggers and Functions support Triggers and Functions allow you to execute server-side functions triggered when key values are modified or created in Redis, a stream entry arrival, or explicitly calling them. Simply put, you can replace Lua scripts with easy-to-develop JavaScript or TypeScript code. Move your business logic closer to the data to ensure a lower latency, and forget about updating dependent key values manually in your code. Try it for yourself with Quick start * Full Redis 7.2 and RESP3 support * Python 3.7 End-of-Life * Python 3.7 has reached its end-of-life (EOL) as of June 1. This means that starting from this date, Python 3.7 will no longer receive any updates, including security patches, bug fixes, or improvements. If you continue to use Python 3.7 post-EOL, you may expose your projects and systems to potential security vulnerabilities. We ended its support in this version and strongly recommend migrating to Python 3.10. * Bug Fixes * Fix timeout retrying on pipeline execution (#2812) * Fix socket garbage collection (#2859) * Maintenance * Updating client license to clear, MIT (#2884) * Add py.typed in accordance with PEP-561 (#2738) * Dependabot label change (#2880) * Fix type hints in SearchCommands (#2817) * Add sync modules (except search) tests to cluster CI (#2850) * Fix a duplicate word in CONTRIBUTING.md (#2848) * Fixing doc builds (#2869) * Change cluster docker to edge and enable debug command (#2853) * changes from 4.6.0 * Experimental Features * Support JSON.MERGE command (#2761) * Support JSON.MSET command (#2766) * New Features * Extract abstract async connection class (#2734) * Add support for WAITAOF (#2760) * Introduce OutOfMemoryError exception for Redis write command rejections due to OOM errors (#2778) * Add WITHSCORE argument to ZRANK (#2758) * Bug Fixes * Fix dead weakref in sentinel connection causing ReferenceError (#2767) (#2771) * Fix Key Error in parse_xinfo_stream (#2788) * Remove unnecessary **del** handlers (#2755) * Added support for missing argument to SentinelManagedConnection.read_response() (#2756) * Maintenance * Fix type hint for retry_on_error in async cluster (#2804) * Clean up documents and fix some redirects (#2801) * Add unit tests for the connect method of all Redis connection classes (#2631) * Docstring formatting fix (#2796) * update to 4.5.5: * Add support for CLIENT NO-TOUCH * Add support for CLUSTER MYSHARDID * Add "address_remap" feature to RedisCluster * Add WITHSCORES argument to ZREVRANK command * Improve error output for master discovery * Fix XADD: allow non negative maxlen * Fix create single connection client from url * Optionally disable disconnects in read_response * Fix SLOWLOG GET return value * Fix potential race condition during disconnection * Return response in case of KeyError * Fix incorrect usage of once flag in async Sentinel * Fix memory leak caused by hiredis in asyncio case * Really do not use asyncio's timeout lib before 3.11.2 * add sle15_python_module_pythons * Update to 4.5.4: * Security * Cancelling an async future does not, properly trigger, leading to a potential data leak in specific cases. (CVE-2023-28858, bsc#1209811) * Cancelling an async future does not, properly trigger, leading to a potential data leak in specific cases. (CVE-2023-28859, bsc#1209812) * New Features * Introduce AbstractConnection so that UnixDomainSocketConnection can call super().init (#2588) * Added queue_class to REDIS_ALLOWED_KEYS (#2577) * Made search document subscriptable (#2615) * Sped up the protocol parsing (#2596) * Use hiredis::pack_command to serialized the commands. (#2570) * Add support for unlink in cluster pipeline (#2562) * Bug Fixes * Fixing cancelled async futures (#2666) * Fix: do not use asyncio's timeout lib before 3.11.2 (#2659) * Fix UDS in v4.5.2: UnixDomainSocketConnection missing constructor argument (#2630) * CWE-404 AsyncIO Race Condition Fix (#2624, #2579) * Fix behaviour of async PythonParser to match RedisParser as for issue #2349 (#2582) * Replace async_timeout by asyncio.timeout (#2602) * Update json().arrindex() default values (#2611) * Fix #2581 UnixDomainSocketConnection object has no attribute _command_packer (#2583) * Fix issue with pack_commands returning an empty byte sequence (#2416) * Async HiredisParser should finish parsing after a Connection.disconnect() (#2557) * Check for none, prior to raising exception (#2569) * Tuple function cannot be passed more than one argument (#2573) * Synchronise concurrent command calls to single-client to single-client mode (#2568) * Async: added 'blocking' argument to call lock method (#2454) * Added a replacement for the default cluster node in the event of failure. (#2463) * Fixed geosearch: Wrong number of arguments for geosearch command (#2464) * Clean up BuildRequires and Requires. * Disable broken test test_xautoclaim gh#redis/redis-py#2554 * udpate to 4.3.5: * Add support for TIMESERIES 1.8 (#2296) * Graph - add counters for removed labels and properties (#2292) * Add support for TDIGEST.QUANTILE extensions (#2317) * Add TDIGEST.TRIMMED_MEAN (#2300) * Add support for async GRAPH module (#2273) * Support TDIGEST.MERGESTORE and make compression optional on TDIGEST.CREATE (#2319) * Adding reserve as an alias for create, so that we have BF.RESERVE and CF.RESERVE accuratenly supported (#2331) * Fix async connection.is_connected to return a boolean value (#2278) * Fix: workaround asyncio bug on connection reset by peer (#2259) * Fix crash: key expire while search (#2270) * Async cluster: fix concurrent pipeline (#2280) * Fix async SEARCH pipeline (#2316) * Fix KeyError in async cluster - initialize before execute multi key commands (#2439) * Supply chain risk reduction: remove dependency on library named deprecated (#2386) * Search test - Ignore order of the items in the response (#2322) * Fix GRAPH.LIST & TDIGEST.QUANTILE tests (#2335) * Fix TimeSeries range aggregation (twa) tests (#2358) * Mark TOPK.COUNT as deprecated (#2363) * update to 4.3.4: * Fix backward compatibility from 4.3.2 in Lock.acquire() * Fix XAUTOCLAIM to return the full response, instead of only keys 2+ * Added dynamic_startup_nodes configuration to RedisCluster. * Fix retries in async mode * Async cluster: fix simultaneous initialize * Uppercased commands in CommandsParser.get_keys * Late eval of the skip condition in async tests * Reuse the old nodes' connections when a cluster topology refresh is being done * Docs: add pipeline examples * Correct retention_msecs value * Cluster: use pipeline to execute split commands * Docs: Add a note about client_setname and client_name difference * Delete unused redismod.conf, remove duplicate Source entry for tox.ini * Add redismod.conf and tox.ini as Sources to SPEC file. * Update to version 4.3.3 * Fix Lock crash, and versioning 4.3.3 (#2210) * Async cluster: improve docs (#2208) * Release 4.3.2 * SHUTDOWN - add support for the new NOW, FORCE and ABORT modifiers (#2150) * Adding pipeline support for async cluster (#2199) * Support CF.MEXISTS + Clean bf/commands.py (#2184) * Extending query_params for FT.PROFILE (#2198) * Implementing ClusterPipeline Lock (#2190) * Set default response_callbacks to redis.asyncio.cluster.ClusterNode (#2201) * Add default None for maxlen at xtrim command (#2188) * Async cluster: add/update typing (#2195) * Changed list type to single element type (#2203) * Made sync lock consistent and added types to it (#2137) * Async cluster: optimisations (#2205) * Fix typos in README (#2206) * Fix modules links to https://redis.io/commands/ (#2185) * Update to version 4.3.1 * Allow negative `retries` for `Retry` class to retry forever * Add `items` parameter to `hset` signature * Create codeql-analysis.yml (#1988). Thanks @chayim * Add limited support for Lua scripting with RedisCluster * Implement `.lock()` method on RedisCluster * Fix cursor returned by SCAN for RedisCluster & change default target to PRIMARIES * Fix scan_iter for RedisCluster * Remove verbose logging when initializing ClusterPubSub, ClusterPipeline or RedisCluster * Fix broken connection writer lock-up for asyncio (#2065) * Fix auth bug when provided with no username (#2086) * Release 4.1.3 * Fix flushdb and flushall (#1926) * Add redis5 and redis4 dockers (#1871) * Change json.clear test multi to be up to date with redisjson (#1922) * Fixing volume for unstable_cluster docker (#1914) * Update changes file with changes since 4.0.0-beta2 (#1915) * Release 4.1.2 * Invalid OCSP certificates should raise ConnectionError on failed validation (#1907) * Added retry mechanism on socket timeouts when connecting to the server (#1895) * LMOVE, BLMOVE return incorrect responses (#1906) * Fixing AttributeError in UnixDomainSocketConnection (#1903) * Fixing TypeError in GraphCommands.explain (#1901) * For tests, increasing wait time for the cluster (#1908) * Increased pubsub's wait_for_messages timeout to prevent flaky tests (#1893) * README code snippets formatted to highlight properly (#1888) * Fix link in the main page (#1897) * Documentation fixes: JSON Example, SSL Connection Examples, RTD version (#1887) * Direct link to readthedocs (#1885) * Release 4.1.1 * Add retries to connections in Sentinel Pools (#1879) * OCSP Stapling Support (#1873) * Define incr/decr as aliases of incrby/decrby (#1874) * FT.CREATE - support MAXTEXTFIELDS, TEMPORARY, NOHL, NOFREQS, SKIPINITIALSCAN (#1847) * Timeseries docs fix (#1877) * get_connection: catch OSError too (#1832) * Set keys var otherwise variable not created (#1853) * Clusters should optionally require full slot coverage (#1845) * Triple quote docstrings in client.py PEP 257 (#1876) * syncing requirements (#1870) * Typo and typing in GraphCommands documentation (#1855) * Allowing poetry and redis-py to install together (#1854) * setup.py: Add project_urls for PyPI (#1867) * Support test with redis unstable docker (#1850) * Connection examples (#1835) * Documentation cleanup (#1841) * Release 4.1.0 * OCSP stapling support (#1820) * Support for SELECT (#1825) * Support for specifying error types with retry (#1817) * Support for RESET command since Redis 6.2.0 (#1824) * Support CLIENT TRACKING (#1612) * Support WRITE in CLIENT PAUSE (#1549) * JSON set_file and set_path support (#1818) * Allow ssl_ca_path with rediss:// urls (#1814) * Support for password-encrypted SSL private keys (#1782) * Support SYNC and PSYNC (#1741) * Retry on error exception and timeout fixes (#1821) * Fixing read race condition during pubsub (#1737) * Fixing exception in listen (#1823) * Fixed MovedError, and stopped iterating through startup nodes when slots are fully covered (#1819) * Socket not closing after server disconnect (#1797) * Single sourcing the package version (#1791) * Ensure redis_connect_func is set on uds connection (#1794) * SRTALGO - Skip for redis versions greater than 7.0.0 (#1831) * Documentation updates (#1822) * Add CI action to install package from repository commit hash (#1781) (#1790) * Fix link in lmove docstring (#1793) * Disabling JSON.DEBUG tests (#1787) * Migrated targeted nodes to kwargs in Cluster Mode (#1762) * Added support for MONITOR in clusters (#1756) * Adding ROLE Command (#1610) * Integrate RedisBloom support (#1683) * Adding RedisGraph support (#1556) * Allow overriding connection class via keyword arguments (#1752) * Aggregation LOAD * support for RediSearch (#1735) * Adding cluster, bloom, and graph docs (#1779) * Add packaging to setup_requires, and use >= to play nice to setup.py (fixes #1625) (#1780) * Fixing the license link in the readme (#1778) * Removing distutils from tests (#1773) * Fix cluster ACL tests (#1774) * Improved RedisCluster's reinitialize_steps and documentation (#1765) * Added black and isort (#1734) * Link Documents for all module commands (#1711) * Pyupgrade + flynt + f-strings (#1759) * Remove unused aggregation subclasses in RediSearch (#1754) * Adding RedisCluster client to support Redis Cluster Mode (#1660) * Support RediSearch FT.PROFILE command (#1727) * Adding support for non-decodable commands (#1731) * COMMAND GETKEYS support (#1738) * RedisJSON 2.0.4 behaviour support (#1747) * Removing deprecating distutils (PEP 632) (#1730) * Updating PR template (#1745) * Removing duplication of Script class (#1751) * Splitting documentation for read the docs (#1743) * Improve code coverage for aggregation tests (#1713) * Fixing COMMAND GETKEYS tests (#1750) * GitHub release improvements (#1684) * Release 4.0.2 * Restoring Sentinel commands to redis client (#1723) * Better removal of hiredis warning (#1726) * Adding links to redis documents in function calls (#1719) * Release 4.0.1 * Removing command on initial connections (#1722) * Removing hiredis warning when not installed (#1721) * Release 4.0.0 * FT.EXPLAINCLI intentionally raising NotImplementedError * Restoring ZRANGE desc for Redis < 6.2.0 (#1697) * Response parsing occasionally fails to parse floats (#1692) * Re-enabling read-the-docs (#1707) * Call HSET after FT.CREATE to avoid keyspace scan (#1706) * Unit tests fixes for compatibility (#1703) * Improve documentation about Locks (#1701) * Fixes to allow --redis-url to pass through all tests (#1700) * Fix unit tests running against Redis 4.0.0 (#1699) * Search alias test fix (#1695) * Adding RediSearch/RedisJSON tests (#1691) * Updating codecov rules (#1689) * Tests to validate custom JSON decoders (#1681) * Added breaking icon to release drafter (#1702) * Removing dependency on six (#1676) * Re-enable pipeline support for JSON and TimeSeries (#1674) * Export Sentinel, and SSL like other classes (#1671) * Restore zrange functionality for older versions of Redis (#1670) * Fixed garbage collection deadlock (#1578) * Tests to validate built python packages (#1678) * Sleep for flaky search test (#1680) * Test function renames, to match standards (#1679) * Docstring improvements for Redis class (#1675) * Fix georadius tests (#1672) * Improvements to JSON coverage (#1666) * Add python_requires setuptools check for python > 3.6 (#1656) * SMISMEMBER support (#1667) * Exposing the module version in loaded_modules (#1648) * RedisTimeSeries support (#1652) * Support for json multipath ($) (#1663) * Added boolean parsing to PEXPIRE and PEXPIREAT (#1665) * Add python_requires setuptools check for python > 3.6 (#1656) * Adding vulture for static analysis (#1655) * Starting to clean the docs (#1657) * Update README.md (#1654) * Adding description format for package (#1651) * Publish to pypi as releases are generated with the release drafter (#1647) * Restore actions to prs (#1653) * Fixing the package to include commands (#1649) * Re-enabling codecov as part of CI process (#1646) * Adding support for redisearch (#1640) Thanks @chayim * redisjson support (#1636) Thanks @chayim * Sentinel: Add SentinelManagedSSLConnection (#1419) Thanks @AbdealiJK * Enable floating parameters in SET (ex and px) (#1635) Thanks @AvitalFineRedis * Add warning when hiredis not installed. Recommend installation. (#1621) Thanks @adiamzn * Raising NotImplementedError for SCRIPT DEBUG and DEBUG SEGFAULT (#1624) Thanks @chayim * CLIENT REDIR command support (#1623) Thanks @chayim * REPLICAOF command implementation (#1622) Thanks @chayim * Add support to NX XX and CH to GEOADD (#1605) Thanks @AvitalFineRedis * Add support to ZRANGE and ZRANGESTORE parameters (#1603) Thanks @AvitalFineRedis * Pre 6.2 redis should default to None for script flush (#1641) Thanks @chayim * Add FULL option to XINFO SUMMARY (#1638) Thanks @agusdmb * Geosearch test should use any=True (#1594) Thanks @Andrew-Chen-Wang * Removing packaging dependency (#1626) Thanks @chayim * Fix client_kill_filter docs for skimpy (#1596) Thanks @Andrew-Chen-Wang * Normalize minid and maxlen docs (#1593) Thanks @Andrew-Chen-Wang * Update docs for multiple usernames for ACL DELUSER (#1595) Thanks @Andrew-Chen-Wang * Fix grammar of get param in set command (#1588) Thanks @Andrew-Chen-Wang * Fix docs for client_kill_filter (#1584) Thanks @Andrew-Chen-Wang * Convert README & CONTRIBUTING from rst to md (#1633) Thanks @davidylee * Test BYLEX param in zrangestore (#1634) Thanks @AvitalFineRedis * Tox integrations with invoke and docker (#1632) Thanks @chayim * Adding the release drafter to help simplify release notes (#1618). Thanks @chayim * BACKWARDS INCOMPATIBLE: Removed support for end of life Python 2.7. #1318 * BACKWARDS INCOMPATIBLE: All values within Redis URLs are unquoted via urllib.parse.unquote. Prior versions of redis-py supported this by specifying the `decode_components` flag to the `from_url` functions. This is now done by default and cannot be disabled. #589 * POTENTIALLY INCOMPATIBLE: Redis commands were moved into a mixin (see commands.py). Anyone importing `redis.client` to access commands directly should import `redis.commands`. #1534, #1550 * Removed technical debt on REDIS_6_VERSION placeholder. Thanks @chayim #1582. * Various docus fixes. Thanks @Andrew-Chen-Wang #1585, #1586. * Support for LOLWUT command, available since Redis 5.0.0. Thanks @brainix #1568. * Added support for CLIENT REPLY, available in Redis 3.2.0. Thanks @chayim #1581. * Support for Auto-reconnect PubSub on get_message. Thanks @luhn #1574. * Fix RST syntax error in README/ Thanks @JanCBrammer #1451. * IDLETIME and FREQ support for RESTORE. Thanks @chayim #1580. * Supporting args with MODULE LOAD. Thanks @chayim #1579. * Updating RedisLabs with Redis. Thanks @gkorland #1575. * Added support for ASYNC to SCRIPT FLUSH available in Redis 6.2.0. Thanks @chayim. #1567 * Added CLIENT LIST fix to support multiple client ids available in Redis 2.8.12. Thanks @chayim #1563. * Added DISCARD support for pipelines available in Redis 2.0.0. Thanks @chayim #1565. * Added ACL DELUSER support for deleting lists of users available in Redis 6.2.0. Thanks @chayim. #1562 * Added CLIENT TRACKINFO support available in Redis 6.2.0. Thanks @chayim. #1560 * Added GEOSEARCH and GEOSEARCHSTORE support available in Redis 6.2.0. Thanks @AvitalFine Redis. #1526 * Added LPUSHX support for lists available in Redis 4.0.0. Thanks @chayim. #1559 * Added support for QUIT available in Redis 1.0.0. Thanks @chayim. #1558 * Added support for COMMAND COUNT available in Redis 2.8.13. Thanks @chayim. #1554. * Added CREATECONSUMER support for XGROUP available in Redis 6.2.0. Thanks @AvitalFineRedis. #1553 * Including slowly complexity in INFO if available. Thanks @ian28223 #1489. * Added support for STRALGO available in Redis 6.0.0. Thanks @AvitalFineRedis. #1528 * Addes support for ZMSCORE available in Redis 6.2.0. Thanks @2014BDuck and @jiekun.zhu. #1437 * Support MINID and LIMIT on XADD available in Redis 6.2.0. Thanks @AvitalFineRedis. #1548 * Added sentinel commands FLUSHCONFIG, CKQUORUM, FAILOVER, and RESET available in Redis 2.8.12. Thanks @otherpirate. #834 * Migrated Version instead of StrictVersion for Python 3.10. Thanks @tirkarthi. #1552 * Added retry mechanism with backoff. Thanks @nbraun-amazon. #1494 * Migrated commands to a mixin. Thanks @chayim. #1534 * Added support for ZUNION, available in Redis 6.2.0. Thanks @AvitalFineRedis. #1522 * Added support for CLIENT LIST with ID, available in Redis 6.2.0. Thanks @chayim. #1505 * Added support for MINID and LIMIT with xtrim, available in Reds 6.2.0. Thanks @chayim. #1508 * Implemented LMOVE and BLMOVE commands, available in Redis 6.2.0. Thanks @chayim. #1504 * Added GET argument to SET command, available in Redis 6.2.0. Thanks @2014BDuck. #1412 * Documentation fixes. Thanks @enjoy-binbin @jonher937. #1496 #1532 * Added support for XAUTOCLAIM, available in Redis 6.2.0. Thanks @AvitalFineRedis. #1529 * Added IDLE support for XPENDING, available in Redis 6.2.0. Thanks @AvitalFineRedis. #1523 * Add a count parameter to lpop/rpop, available in Redis 6.2.0. Thanks @wavenator. #1487 * Added a (pypy) trove classifier for Python 3.9. Thanks @D3X. #1535 * Added ZINTER support, available in Redis 6.2.0. Thanks @AvitalFineRedis. #1520 * Added ZINTER support, available in Redis 6.2.0. Thanks @AvitalFineRedis. #1520 * Added ZDIFF and ZDIFFSTORE support, available in Redis 6.2.0. Thanks @AvitalFineRedis. #1518 * Added ZRANGESTORE support, available in Redis 6.2.0. Thanks @AvitalFineRedis. #1521 * Added LT and GT support for ZADD, available in Redis 6.2.0. Thanks @chayim. #1509 * Added ZRANDMEMBER support, available in Redis 6.2.0. Thanks @AvitalFineRedis. #1519 * Added GETDEL support, available in Redis 6.2.0. Thanks @AvitalFineRedis. #1514 * Added CLIENT KILL laddr filter, available in Redis 6.2.0. Thanks @chayim. #1506 * Added CLIENT UNPAUSE, available in Redis 6.2.0. Thanks @chayim. #1512 * Added NOMKSTREAM support for XADD, available in Redis 6.2.0. Thanks @chayim. #1507 * Added HRANDFIELD support, available in Redis 6.2.0. Thanks @AvitalFineRedis. #1513 * Added CLIENT INFO support, available in Redis 6.2.0. Thanks @AvitalFineRedis. #1517 * Added GETEX support, available in Redis 6.2.0. Thanks @AvitalFineRedis. #1515 * Added support for COPY command, available in Redis 6.2.0. Thanks @malinaa96. #1492 * Provide a development and testing environment via docker. Thanks @abrookins. #1365 * Added support for the LPOS command available in Redis 6.0.6. Thanks @aparcar #1353/#1354 * Added support for the ACL LOG command available in Redis 6. Thanks @2014BDuck. #1307 * Added support for ABSTTL option of the RESTORE command available in Redis 5.0. Thanks @charettes. #1423 * Drop account-defaults-redis.patch merged upstream * Add account-defaults-redis.patch which fixes failing tests by taking into consideration redis defaults, not overwriting them (gh#andymccurdy/redis- py#1499). * Skipp two tests because of gh#andymccurdy/redis-py#1459. * update to 3.5.3 * Restore try/except clauses to **del** methods. These will be removed in 4.0 when more explicit resource management if enforced. #1339 * Update the master_address when Sentinels promote a new master. #847 * Update SentinelConnectionPool to not forcefully disconnect other in-use connections which can negatively affect threaded applications. #1345 3.5.2 * Tune the locking in ConnectionPool.get_connection so that the lock is not held while waiting for the socket to establish and validate the TCP connection. 3.5.1 * Fix for HSET argument validation to allow any non-None key. Thanks @AleksMat, #1337, #1341 3.5.0 * Removed exception trapping from **del** methods. redis-py objects that hold various resources implement **del** cleanup methods to release those resources when the object goes out of scope. This provides a fallback for when these objects aren't explicitly closed by user code. Prior to this change any errors encountered in closing these resources would be hidden from the user. Thanks @jdufresne. #1281 * Expanded support for connection strings specifying a username connecting to pre-v6 servers. #1274 * Optimized Lock's blocking_timeout and sleep. If the lock cannot be acquired and the sleep value would cause the loop to sleep beyond blocking_timeout, fail immediately. Thanks @clslgrnc. #1263 * Added support for passing Python memoryviews to Redis command args that expect strings or bytes. The memoryview instance is sent directly to the socket such that there are zero copies made of the underlying data during command packing. Thanks @Cody-G. #1265, #1285 * HSET command now can accept multiple pairs. HMSET has been marked as deprecated now. Thanks to @laixintao #1271 * Don't manually DISCARD when encountering an ExecAbortError. Thanks @nickgaya, #1300/#1301 * Reset the watched state of pipelines after calling exec. This saves a roundtrip to the server by not having to call UNWATCH within Pipeline.reset(). Thanks @nickgaya, #1299/#1302 * Added the KEEPTTL option for the SET command. Thanks @laixintao #1304/#1280 * Added the MEMORY STATS command. #1268 * Lock.extend() now has a new option, `replace_ttl`. When False (the default), Lock.extend() adds the `additional_time` to the lock's existing TTL. When replace_ttl=True, the lock's existing TTL is replaced with the value of `additional_time`. * Add testing and support for PyPy. * downgrade requires for redis to recommends * Better error handling Changes in python-retrying: * Switch package to modern Python Stack on SLE-15 * Add %{?sle15_python_module_pythons} * require setuptools * Switch to pyproject macros. * Stop using greedy globs in %files. * Update to version 1.3.4 * Added Greg Roodt as maintainer * Formatted code with black * Updated repository references * Improve summary. * Remove superfluous devel dependency for noarch package * Initial package Changes in python-semver: * update to 3.0.2: * :pr:`418`: Replace :class:`~collection.OrderedDict` with :class:`dict`. * The dict datatype is ordered since Python 3.7. As we do not support Python 3.6 anymore, it can be considered safe to avoid :class:`~collection.OrderedDict`. * :pr:`431`: Clarify version policy for the different semver versions (v2, v3, >v3) and the supported Python versions. * :gh:`432`: Improve external doc links to Python and Pydantic. * :pr:`417`: Amend GitHub Actions to check against MacOS. * remove obsolete setup-remove-asterisk.patch * update to version 3.0.1: * Remove incorrect dependencies from build-system section of pyproject.toml by @mgorny in #405 * correct typo in function description of next_version by @treee111 in #406 * Improve GitHub Action by @tomschr in #408 * Add CITATION.cff for citation by @tomschr in #409 * Add Version class to **all** export. Fix #410 by @Soneji in #411 * Configure docformatter by @tomschr in #412 * Prepare version 3.0.1 by @tomschr in #413 * update to version 3.0.0: * Bugfixes * :gh:`291`: Disallow negative numbers in VersionInfo arguments for `major`, `minor`, and `patch`. * :gh:`310`: Rework API documentation. Follow a more "semi-manual" attempt and add auto directives into :file:`docs/api.rst`. * :gh:`344`: Allow empty string, a string with a prefix, or `None` as token in :meth:`~semver.version.Version.bump_build` and :meth:`~semver.version.Version.bump_prerelease`. * :pr:`384`: General cleanup, reformat files: * Reformat source code with black again as some config options did accidentely exclude the semver source code. Mostly remove some includes/excludes in the black config. * Integrate concurrency in GH Action * Ignore Python files on project dirs in .gitignore * Remove unused patterns in MANIFEST.in * Use `extend-exclude` for flake in :file:`setup.cfg`` and adapt list. * Use `skip_install=True` in :file:`tox.ini` for black * :pr:`393`: Fix command :command:`python -m semver` to avoid the error "invalid choice" * :pr:`396`: Calling :meth:`~semver.version.Version.parse` on a derived class will show correct type of derived class. * Deprecations * :gh:`169`: Deprecate CLI functions not imported from `semver.cli`. * :gh:`234`: In :file:`setup.py` simplified file and remove `Tox` and `Clean` classes * :gh:`284`: Deprecate the use of :meth:`~Version.isvalid`. Rename :meth:`~semver.version.Version.isvalid` to :meth:`~semver.version.Version.is_valid` for consistency reasons with :meth:`~semver.version.Version.is_compatible`. * :pr:`402`: Keep :func:`semver.compare <semver._deprecated.compare>`. Although it breaks consistency with module level functions, it seems it's a much needed/used function. It's still unclear if we should deprecate this function or not (that's why we use :py:exc:`PendingDeprecationWarning`). As we don't have a uniform initializer yet, this function stays in the :file:`_deprecated.py` file for the time being until we find a better solution. See :gh:`258` for details. * Features * Remove :file:`semver.py` * Create :file:`src/semver/__init__.py` * Create :file:`src/semver/cli.py` for all CLI methods * Create :file:`src/semver/_deprecated.py` for the `deprecated` decorator and other deprecated functions * Create :file:`src/semver/__main__.py` to allow calling the CLI using :command:`python -m semver` * Create :file:`src/semver/_types.py` to hold type aliases * Create :file:`src/semver/version.py` to hold the :class:`Version` class (old name :class:`VersionInfo`) and its utility functions * Create :file:`src/semver/__about__.py` for all the metadata variables * :gh:`213`: Add typing information * :gh:`284`: Implement :meth:`~semver.version.Version.is_compatible` to make "is self compatible with X". * :gh:`305`: Rename :class:`~semver.version.VersionInfo` to :class:`~semver.version.Version` but keep an alias for compatibility * add setup-remove-asterisk.patch to fix build error * update to version 3.0.0-dev.4: * Bug Fixes: * :gh:`374`: Correct Towncrier's config entries in the :file:`pyproject.toml` file. The old entries `[[tool.towncrier.type]]` are deprecated and need to be replaced by `[tool.towncrier.fragment.<TYPE>]`. * Deprecations: * :gh:`372`: Deprecate support for Python 3.6. Python 3.6 reached its end of life and isn't supported anymore. At the time of writing (Dec 2022), the lowest version is 3.7. Although the `poll <https://github.com/python- semver/python-semver/discussions/371>`_ didn't cast many votes, the majority agree to remove support for Python 3.6. * Improved Documentation: * :gh:`335`: Add new section "Converting versions between PyPI and semver" the limitations and possible use cases to convert from one into the other versioning scheme. * :gh:`340`: Describe how to get version from a file * :gh:`343`: Describe combining Pydantic with semver in the "Advanced topic" section. * :gh:`350`: Restructure usage section. Create subdirectory "usage/" and splitted all section into different files. * :gh:`351`: Introduce new topics for: * "Migration to semver3" * "Advanced topics" * Features: * :pr:`359`: Add optional parameter `optional_minor_and_patch` in :meth:`.Version.parse` to allow optional minor and patch parts. * :pr:`362`: Make :meth:`.Version.match` accept a bare version string as match expression, defaulting to equality testing. * :gh:`364`: Enhance :file:`pyproject.toml` to make it possible to use the :command:`pyproject-build` command from the build module. For more information, see :ref:`build-semver`. * :gh:`365`: Improve :file:`pyproject.toml`. * Use setuptools, add metadata. Taken approach from `A Practical Guide to Setuptools and Pyproject.toml <https://godatadriven.com/blog/a-practical- guide-to-setuptools-and-pyproject-toml/>`_. * Doc: Describe building of semver * Remove :file:`.travis.yml` in :file:`MANIFEST.in` (not needed anymore) * Distinguish between Python 3.6 and others in :file:`tox.ini` * Add skip_missing_interpreters option for :file:`tox.ini` * GH Action: Upgrade setuptools and setuptools-scm and test against 3.11.0-rc.2 * Trivial/Internal Changes: * :gh:`378`: Fix some typos in Towncrier configuration * switch to the tagged version rather than a gh branch tarball * fix support for Python 3.10 with update to development version: * update to revision g4d2df08: * Changes for the upcoming release can be found in: * the `"changelog.d" directory <https://github.com/python- semver/python-semver/tree/master/changelog.d>`_: * in our repository.: * update to version 3.0.0-dev.2: * Deprecations: * :gh:`169`: Deprecate CLI functions not imported from `semver.cli`. * Features: * :gh:`169`: Create semver package and split code among different modules in the packages. * Remove :file:`semver.py` * Create :file:`src/semver/__init__.py` * Create :file:`src/semver/cli.py` for all CLI methods * Create :file:`src/semver/_deprecated.py` for the `deprecated` decorator and other deprecated functions * Create :file:`src/semver/__main__.py` to allow calling the CLI using :command:`python -m semver` * Create :file:`src/semver/_types.py` to hold type aliases * Create :file:`src/semver/version.py` to hold the :class:`Version` class (old name :class:`VersionInfo`) and its utility functions * Create :file:`src/semver/__about__.py` for all the metadata variables * :gh:`305`: Rename :class:`VersionInfo` to :class:`Version` but keep an alias for compatibility * Improved Documentation: * :gh:`304`: Several improvements in documentation: * Reorganize API documentation. * Add migration chapter from semver2 to semver3. * Distinguish between changlog for version 2 and 3 * :gh:`305`: Add note about :class:`Version` rename. * Trivial/Internal Changes: * :gh:`169`: Adapted infrastructure code to the new project layout. * Replace :file:`setup.py` with :file:`setup.cfg` because the :file:`setup.cfg` is easier to use * Adapt documentation code snippets where needed * Adapt tests * Changed the `deprecated` to hardcode the `semver` package name in the warning. Increase coverage to 100% for all non-deprecated APIs * :gh:`304`: Support PEP-561 :file:`py.typed`. According to the mentioned PEP: "Package maintainers who wish to support type checking of their code MUST add a marker file named :file:`py.typed` to their package supporting typing." Add package_data to :file:`setup.cfg` to include this marker in dist and whl file. * update to version 3.0.0-dev.1: * Deprecations: * :pr:`290`: For semver 3.0.0-alpha0: * Remove anything related to Python2 * In :file:`tox.ini` and :file:`.travis.yml` Remove targets py27, py34, py35, and pypy. Add py38, py39, and nightly (allow to fail) * In :file:`setup.py` simplified file and remove `Tox` and `Clean` classes * Remove old Python versions (2.7, 3.4, 3.5, and pypy) from Travis * :gh:`234`: In :file:`setup.py` simplified file and remove `Tox` and `Clean` classes * Features: * :pr:`290`: Create semver 3.0.0-alpha0 * Update :file:`README.rst`, mention maintenance branch `maint/v2`. * Remove old code mainly used for Python2 compatibility, adjusted code to support Python3 features. * Split test suite into separate files under :file:`tests/` directory * Adjust and update :file:`setup.py`. Requires Python >=3.6.* Extract metadata directly from source (affects all the `__version__`, `__author__` etc. variables) * :gh:`270`: Configure Towncrier (:pr:`273`:) * Add :file:`changelog.d/.gitignore` to keep this directory * Create :file:`changelog.d/README.rst` with some descriptions * Add :file:`changelog.d/_template.rst` as Towncrier template * Add `[tool.towncrier]` section in :file:`pyproject.toml` * Add "changelog" target into :file:`tox.ini`. Use it like :command:`tox -e changelog -- CMD` whereas `CMD` is a Towncrier command. The default :command:`tox -e changelog` calls Towncrier to create a draft of the changelog file and output it to stdout. * Update documentation and add include a new section "Changelog" included from :file:`changelog.d/README.rst`. * :gh:`276`: Document how to create a sublass from :class:`VersionInfo` class * :gh:`213`: Add typing information * Bug Fixes: * :gh:`291`: Disallow negative numbers in VersionInfo arguments for `major`, `minor`, and `patch`. * Improved Documentation: * :pr:`290`: Several improvements in the documentation: * New layout to distinguish from the semver2 development line. * Create new logo. * Remove any occurances of Python2. * Describe changelog process with Towncrier. * Update the release process. * Trivial/Internal Changes: * :pr:`290`: Add supported Python versions to :command:`black`. * PR #62. Support custom default names for pre and build Changes in python- sshtunnel: * Require update-alternatives for the scriptlets. * Switch build system from setuptools to pyproject.toml * Add python-pip and python-wheel to BuildRequires * Replace %python_build with %pyproject_wheel * Replace %python_install with %pyproject_install * Limit Python files matched in %files section * Use %sle15_python_module_pythons * do not require python-mock for build * update to 0.4.0: * Change the daemon mod flag for all tunnel threads (is not fully backward compatible) to prevent unexpected hangs (`#219`_) + Add docker based end to end functinal tests for Mongo/Postgres/MySQL * Add docker based end to end hangs tests * Fix host key directory detection * Unify default ssh config folder to `~/.ssh` * Increase open connection timeout to 10 secods * Change default with context behavior to use `.stop(force=True)` on exit * Remove useless `daemon_forward_servers = True` hack for hangs prevention * Set transport keepalive to 5 second by default * Set default transport timeout to 0.1 * Deprecate and remove `block_on_close` option * Fix "deadlocks" / "tunneling hangs" * Add `.stop(force=True)` for force close active connections * Fixes bug with orphan thread for a tunnel that is DOWN * Support IPv6 without proxy command. Use built-in paramiko create socket logic. The logic tries to use ipv6 socket family first, then ipv4 socket family. Changes in python-strictyaml: * require setuptools * update to 1.7.3: * REFACTOR : Fix pipeline. * TOOLING : Improvements to pyenv multi-environment tester. * FEATURE : Upgraded package to use pyproject.toml files * REFACTOR : Fixed linter errors. * TOOLING : Build wheel and sdist that both work. * Add %{?sle15_python_module_pythons} * Update to 1.6.2 No relevant code changes. see details changelog: https://hitchdev.com/strictyaml/changelog/#latest * update to 1.6.1 too many changes to be listed here see detailed changelog: https://hitchdev.com/strictyaml/changelog/ * update to 1.4.4 * Add support for NaN and infinity representations * Optional keys in mappings and set value to None * Support underscores in int and decimal * NullNone - parse 'null' as None like YAML 1.2 does. * Bundle last propertly working ruamel.yaml version in with strictyaml. * version update to 1.0.6 * BUGFIX : Fix accidental python 2 breakage. * BUGFIX : Accidental misrecognition of boolean values as numbers - cause of #85. * BUGFIX : Fix for #86 - handle changing multiline strings. * BUGFIX: handle deprecated collections import in the parser (#82) * Update to 1.0.5: * BUGFIX : Fixed python 2 bug introduced when fixing #72. * FEATURE : Include tests / stories in package. * BUG: issue #72. Now setitem uses schema. * Expand %description. * Initial spec for v1.0.3 Changes in python-sure: * Switch build system from setuptools to pyproject.toml * Add python-pip and python-wheel to BuildRequires * Replace %python_build with %pyproject_wheel * Replace %python_install with %pyproject_install * update to 2.0.1: * Fixes CI build (Github Actions) * Fixes broken tests * Housekeeping: Licensing * Disable nosetests for testing leaving only pytest as supported test-runner for now * Add %{?sle15_python_module_pythons} * Remove mock from BuildRequires. * Rebase python-sure-no-mock.patch to remove one missed import. * do not require mock for build nor runtime * added patches fix https://github.com/gabrielfalcao/sure/pull/161 * python-sure-no-mock.patch * Update to 2.0.0 * No longer patch the builtin dir() function, which fixes pytest in some cases such as projects using gevent. * switch to pytest * Version update to 1.4.11: * Reading the version dynamically was causing import errors that caused error when installing package. Refs #144 Changes in python-vcrpy: \- Update to 6.0.1 * BREAKING: Fix issue with httpx support (thanks @parkerhancock) in #784. * BREAKING: Drop support for `boto` (vcrpy still supports boto3, but is dropping the deprecated `boto` support in this release. (thanks @jairhenrique) * Fix compatibility issue with Python 3.12 (thanks @hartwork) * Drop simplejson (fixes some compatibility issues) (thanks @jairhenrique) * Run CI on Python 3.12 and PyPy 3.9-3.10 (thanks @mgorny) * Various linting and docs improvements (thanks @jairhenrique) * Tornado fixes (thanks @graingert) * version update to 5.1.0 * Use ruff for linting (instead of current flake8/isort/pyflakes) - thanks @jairhenrique * Enable rule B (flake8-bugbear) on ruff - thanks @jairhenrique * Configure read the docs V2 - thanks @jairhenrique * Fix typo in docs - thanks @quasimik * Make json.loads of Python >=3.6 decode bytes by itself - thanks @hartwork * Fix body matcher for chunked requests (fixes #734) - thanks @hartwork * Fix query param filter for aiohttp (fixes #517) - thanks @hartwork and @salomvary * Remove unnecessary dependency on six. - thanks @charettes * build(deps): update sphinx requirement from <7 to <8 - thanks @jairhenrique * Add action to validate docs - thanks @jairhenrique * Add editorconfig file - thanks @jairhenrique * Drop iscoroutinefunction fallback function for unsupported python thanks @jairhenrique * for changelog for older releases refer to https://github.com/kevin1024/vcrpy/releases * six is not required * Use sle15_python_module_pythons * Restrict urllib3 < 2 -- gh#kevin1024/vcrpy#688 * Update to version 4.2.1 * Fix a bug where the first request in a redirect chain was not being recorded with aiohttp * Various typos and small fixes, thanks @jairhenrique, @timgates42 * Update to 4.1.1: * Fix HTTPX support for versions greater than 0.15 (thanks @jairhenrique) * Include a trailing newline on json cassettes (thanks @AaronRobson) * Update to 4.1.0: * Add support for httpx!! (thanks @herdigiorgi) * Add the new allow_playback_repeats option (thanks @tysonholub) * Several aiohttp improvements (cookie support, multiple headers with same key) (Thanks @pauloromeira) * Use enums for record modes (thanks @aaronbannin) * Bugfix: Do not redirect on 304 in aiohttp (Thanks @royjs) * Bugfix: Fix test suite by switching to mockbin (thanks @jairhenrique) * Remove patch 0001-Revert-v4.0.x-Remove-legacy-python-and-add-python3.8.patch as we dropped py2 integration support on Tumbleweed * Added patch 0001-Revert-v4.0.x-Remove-legacy-python-and-add-python3.8.patch * Enable python2 again since it breaks many packages * Fix locale on Leap * update to version 4.0.2 * Remove Python2 support * Add Python 3.8 TravisCI support * Correct mock imports Changes in python-xmltodict: \- Clean up the SPEC file. * add sle15_python_module_pythons * update to 0.13.0: * Add install info to readme for openSUSE. (#205) * Support defaultdict for namespace mapping (#211) * parse(generator) is now possible (#212) * Processing comments on parsing from xml to dict (connected to #109) (#221) * Add expand_iter kw to unparse to expand iterables (#213) * Fixed some typos * Add support for python3.8 * Drop Jython/Python 2 and add Python 3.9/3.10. * Drop OrderedDict in Python >= 3.7 * Do not use len() to determine if a sequence is empty * Add more namespace attribute tests * Fix encoding issue in setup.py * Add patch skip-tests-expat-245.patch: * Do not run tests that make no sense with a current Expat. Changes in python-asgiref: First package shipment. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-1639=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1639=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-1639=1 * Public Cloud Module 15-SP4 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2024-1639=1 * Public Cloud Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP5-2024-1639=1 * Python 3 Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Python3-15-SP5-2024-1639=1 ## Package List: * openSUSE Leap 15.4 (noarch) * python311-Twisted-http2-22.10.0-150400.5.17.4 * python311-isodate-0.6.1-150400.12.7.2 * python311-lexicon-2.0.1-150400.10.7.1 * python311-sortedcontainers-2.4.0-150400.8.7.4 * python311-opentelemetry-semantic-conventions-0.44b0-150400.9.3.1 * python311-requests-oauthlib-1.3.1-150400.12.7.1 * python311-fakeredis-2.21.0-150400.9.3.4 * python311-paramiko-3.4.0-150400.13.10.4 * python311-scp-0.14.5-150400.12.7.4 * python311-tabulate-0.9.0-150400.11.7.4 * python311-chardet-5.2.0-150400.13.7.2 * python311-pydash-6.0.2-150400.9.4.1 * python311-service_identity-23.1.0-150400.8.7.1 * python311-opencensus-ext-threading-0.1.2-150400.10.6.1 * python311-oauthlib-3.2.2-150400.12.7.4 * python311-httpretty-1.1.4-150400.11.4.1 * python311-opencensus-0.11.4-150400.10.6.3 * python311-antlr4-python3-runtime-4.13.1-150400.10.4.1 * python311-Twisted-tls-22.10.0-150400.5.17.4 * python311-PyGithub-1.57-150400.10.4.4 * python311-fixedint-0.2.0-150400.9.3.1 * python-paramiko-doc-3.4.0-150400.13.10.4 * python-tqdm-bash-completion-4.66.1-150400.9.7.4 * python311-typing_extensions-4.5.0-150400.3.9.1 * python311-Twisted-22.10.0-150400.5.17.4 * python311-semver-3.0.2-150400.10.4.1 * python311-Deprecated-1.2.14-150400.10.7.2 * python311-opentelemetry-test-utils-0.44b0-150400.9.3.1 * python311-pyparsing-3.0.9-150400.5.7.4 * python311-vcrpy-6.0.1-150400.7.4.4 * python311-sshtunnel-0.4.0-150400.5.4.4 * python311-xmltodict-0.13.0-150400.12.4.1 * python311-zipp-3.15.0-150400.10.7.1 * python311-opentelemetry-api-1.23.0-150400.10.7.1 * python311-websocket-client-1.5.1-150400.13.7.1 * python311-httplib2-0.22.0-150400.10.4.1 * python311-strictyaml-1.7.3-150400.9.3.4 * python311-Automat-22.10.0-150400.3.7.2 * python311-Twisted-conch-22.10.0-150400.5.17.4 * python311-javaproperties-0.8.1-150400.10.4.4 * python311-wheel-0.40.0-150400.13.7.4 * python311-blinker-1.6.2-150400.12.7.4 * python311-decorator-5.1.1-150400.12.7.4 * python311-tqdm-4.66.1-150400.9.7.4 * python311-hyperlink-21.0.0-150400.12.7.4 * python311-Pygments-2.15.1-150400.7.7.4 * python311-Twisted-conch_nacl-22.10.0-150400.5.17.4 * python311-distro-1.9.0-150400.12.4.1 * python311-Twisted-all_non_platform-22.10.0-150400.5.17.4 * python311-aiosignal-1.3.1-150400.9.7.2 * python311-humanfriendly-10.0-150400.13.7.4 * python311-incremental-22.10.0-150400.3.7.2 * python311-marshmallow-3.20.2-150400.9.7.1 * python311-pkginfo-1.9.6-150400.7.7.1 * python311-portalocker-2.7.0-150400.10.7.4 * python311-async_timeout-4.0.2-150400.10.7.2 * python311-Twisted-contextvars-22.10.0-150400.5.17.4 * python311-Twisted-serial-22.10.0-150400.5.17.4 * python311-invoke-2.1.2-150400.10.7.4 * python311-asgiref-3.6.0-150400.9.7.3 * python311-pip-22.3.1-150400.17.16.4 * python311-PyJWT-2.8.0-150400.8.7.2 * python311-fluidity-sm-0.2.0-150400.10.7.2 * python311-redis-5.0.1-150400.12.4.4 * python311-constantly-15.1.0-150400.12.7.2 * python311-pycomposefile-0.0.30-150400.9.3.1 * python311-importlib-metadata-6.8.0-150400.10.9.2 * python311-retrying-1.3.4-150400.12.4.1 * python311-opentelemetry-sdk-1.23.0-150400.9.3.1 * python311-avro-1.11.3-150400.10.4.1 * python311-knack-0.11.0-150400.10.4.4 * python311-pathspec-0.11.1-150400.9.7.2 * python311-opencensus-context-0.1.3-150400.10.6.1 * python311-Fabric-3.2.2-150400.10.4.1 * python311-sure-2.0.1-150400.12.4.4 * python311-docker-7.0.0-150400.8.4.4 * python311-argcomplete-3.3.0-150400.12.12.2 * python311-jsondiff-2.0.0-150400.10.4.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * python311-multidict-6.0.4-150400.7.7.4 * python311-aiohttp-debuginfo-3.9.3-150400.10.18.4 * python-zope.interface-debugsource-6.0-150400.12.7.4 * python311-frozenlist-debuginfo-1.3.3-150400.9.7.2 * python311-psutil-debuginfo-5.9.5-150400.6.9.4 * python-frozenlist-debugsource-1.3.3-150400.9.7.2 * python311-aiohttp-3.9.3-150400.10.18.4 * python311-zope.interface-6.0-150400.12.7.4 * python311-wrapt-1.15.0-150400.12.7.1 * python-multidict-debugsource-6.0.4-150400.7.7.4 * python-yarl-debugsource-1.9.2-150400.8.7.4 * python-psutil-debugsource-5.9.5-150400.6.9.4 * python311-yarl-debuginfo-1.9.2-150400.8.7.4 * python311-frozenlist-1.3.3-150400.9.7.2 * python-wrapt-debugsource-1.15.0-150400.12.7.1 * python311-zope.interface-debuginfo-6.0-150400.12.7.4 * python-aiohttp-debugsource-3.9.3-150400.10.18.4 * python311-multidict-debuginfo-6.0.4-150400.7.7.4 * python311-yarl-1.9.2-150400.8.7.4 * python311-wrapt-debuginfo-1.15.0-150400.12.7.1 * python311-psutil-5.9.5-150400.6.9.4 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * python311-multidict-6.0.4-150400.7.7.4 * python311-aiohttp-debuginfo-3.9.3-150400.10.18.4 * python-zope.interface-debugsource-6.0-150400.12.7.4 * python311-frozenlist-debuginfo-1.3.3-150400.9.7.2 * python311-psutil-debuginfo-5.9.5-150400.6.9.4 * python-frozenlist-debugsource-1.3.3-150400.9.7.2 * python311-aiohttp-3.9.3-150400.10.18.4 * python311-zope.interface-6.0-150400.12.7.4 * python311-wrapt-1.15.0-150400.12.7.1 * python-multidict-debugsource-6.0.4-150400.7.7.4 * python-yarl-debugsource-1.9.2-150400.8.7.4 * python-psutil-debugsource-5.9.5-150400.6.9.4 * python311-yarl-debuginfo-1.9.2-150400.8.7.4 * python311-frozenlist-1.3.3-150400.9.7.2 * python-wrapt-debugsource-1.15.0-150400.12.7.1 * python311-zope.interface-debuginfo-6.0-150400.12.7.4 * python-aiohttp-debugsource-3.9.3-150400.10.18.4 * python311-multidict-debuginfo-6.0.4-150400.7.7.4 * python311-yarl-1.9.2-150400.8.7.4 * python311-wrapt-debuginfo-1.15.0-150400.12.7.1 * python311-psutil-5.9.5-150400.6.9.4 * openSUSE Leap 15.5 (noarch) * python311-Twisted-http2-22.10.0-150400.5.17.4 * python311-isodate-0.6.1-150400.12.7.2 * python311-lexicon-2.0.1-150400.10.7.1 * python311-sortedcontainers-2.4.0-150400.8.7.4 * python311-requests-oauthlib-1.3.1-150400.12.7.1 * python311-paramiko-3.4.0-150400.13.10.4 * python311-scp-0.14.5-150400.12.7.4 * python311-tabulate-0.9.0-150400.11.7.4 * python311-chardet-5.2.0-150400.13.7.2 * python311-service_identity-23.1.0-150400.8.7.1 * python311-oauthlib-3.2.2-150400.12.7.4 * python-paramiko-doc-3.4.0-150400.13.10.4 * python311-Twisted-tls-22.10.0-150400.5.17.4 * python-tqdm-bash-completion-4.66.1-150400.9.7.4 * python311-typing_extensions-4.5.0-150400.3.9.1 * python311-Twisted-22.10.0-150400.5.17.4 * python311-Deprecated-1.2.14-150400.10.7.2 * python311-pyparsing-3.0.9-150400.5.7.4 * python311-zipp-3.15.0-150400.10.7.1 * python311-opentelemetry-api-1.23.0-150400.10.7.1 * python311-websocket-client-1.5.1-150400.13.7.1 * python311-Automat-22.10.0-150400.3.7.2 * python311-Twisted-conch-22.10.0-150400.5.17.4 * python311-wheel-0.40.0-150400.13.7.4 * python311-blinker-1.6.2-150400.12.7.4 * python311-decorator-5.1.1-150400.12.7.4 * python311-tqdm-4.66.1-150400.9.7.4 * python311-hyperlink-21.0.0-150400.12.7.4 * python311-Pygments-2.15.1-150400.7.7.4 * python311-Twisted-conch_nacl-22.10.0-150400.5.17.4 * python311-distro-1.9.0-150400.12.4.1 * python311-Twisted-all_non_platform-22.10.0-150400.5.17.4 * python311-aiosignal-1.3.1-150400.9.7.2 * python311-humanfriendly-10.0-150400.13.7.4 * python311-incremental-22.10.0-150400.3.7.2 * python311-pkginfo-1.9.6-150400.7.7.1 * python311-portalocker-2.7.0-150400.10.7.4 * python311-async_timeout-4.0.2-150400.10.7.2 * python311-Twisted-contextvars-22.10.0-150400.5.17.4 * python311-Twisted-serial-22.10.0-150400.5.17.4 * python311-invoke-2.1.2-150400.10.7.4 * python311-pip-22.3.1-150400.17.16.4 * python311-PyJWT-2.8.0-150400.8.7.2 * python311-fluidity-sm-0.2.0-150400.10.7.2 * python311-constantly-15.1.0-150400.12.7.2 * python311-importlib-metadata-6.8.0-150400.10.9.2 * python311-pathspec-0.11.1-150400.9.7.2 * python311-argcomplete-3.3.0-150400.12.12.2 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * python311-multidict-6.0.4-150400.7.7.4 * python311-aiohttp-debuginfo-3.9.3-150400.10.18.4 * python-zope.interface-debugsource-6.0-150400.12.7.4 * python311-frozenlist-debuginfo-1.3.3-150400.9.7.2 * python311-psutil-debuginfo-5.9.5-150400.6.9.4 * python-frozenlist-debugsource-1.3.3-150400.9.7.2 * python311-aiohttp-3.9.3-150400.10.18.4 * python311-zope.interface-6.0-150400.12.7.4 * python311-wrapt-1.15.0-150400.12.7.1 * python-multidict-debugsource-6.0.4-150400.7.7.4 * python-yarl-debugsource-1.9.2-150400.8.7.4 * python-psutil-debugsource-5.9.5-150400.6.9.4 * python311-yarl-debuginfo-1.9.2-150400.8.7.4 * python311-frozenlist-1.3.3-150400.9.7.2 * python-wrapt-debugsource-1.15.0-150400.12.7.1 * python311-zope.interface-debuginfo-6.0-150400.12.7.4 * python-aiohttp-debugsource-3.9.3-150400.10.18.4 * python311-multidict-debuginfo-6.0.4-150400.7.7.4 * python311-yarl-1.9.2-150400.8.7.4 * python311-wrapt-debuginfo-1.15.0-150400.12.7.1 * python311-psutil-5.9.5-150400.6.9.4 * openSUSE Leap 15.6 (noarch) * python311-Twisted-http2-22.10.0-150400.5.17.4 * python311-isodate-0.6.1-150400.12.7.2 * python311-lexicon-2.0.1-150400.10.7.1 * python311-sortedcontainers-2.4.0-150400.8.7.4 * python311-requests-oauthlib-1.3.1-150400.12.7.1 * python311-paramiko-3.4.0-150400.13.10.4 * python311-scp-0.14.5-150400.12.7.4 * python311-tabulate-0.9.0-150400.11.7.4 * python311-chardet-5.2.0-150400.13.7.2 * python311-service_identity-23.1.0-150400.8.7.1 * python311-oauthlib-3.2.2-150400.12.7.4 * python-paramiko-doc-3.4.0-150400.13.10.4 * python311-Twisted-tls-22.10.0-150400.5.17.4 * python-tqdm-bash-completion-4.66.1-150400.9.7.4 * python311-Twisted-22.10.0-150400.5.17.4 * python311-Deprecated-1.2.14-150400.10.7.2 * python311-pyparsing-3.0.9-150400.5.7.4 * python311-opentelemetry-api-1.23.0-150400.10.7.1 * python311-websocket-client-1.5.1-150400.13.7.1 * python311-Automat-22.10.0-150400.3.7.2 * python311-Twisted-conch-22.10.0-150400.5.17.4 * python311-blinker-1.6.2-150400.12.7.4 * python311-decorator-5.1.1-150400.12.7.4 * python311-tqdm-4.66.1-150400.9.7.4 * python311-hyperlink-21.0.0-150400.12.7.4 * python311-Pygments-2.15.1-150400.7.7.4 * python311-Twisted-conch_nacl-22.10.0-150400.5.17.4 * python311-humanfriendly-10.0-150400.13.7.4 * python311-Twisted-all_non_platform-22.10.0-150400.5.17.4 * python311-aiosignal-1.3.1-150400.9.7.2 * python311-incremental-22.10.0-150400.3.7.2 * python311-marshmallow-3.20.2-150400.9.7.1 * python311-pkginfo-1.9.6-150400.7.7.1 * python311-portalocker-2.7.0-150400.10.7.4 * python311-async_timeout-4.0.2-150400.10.7.2 * python311-Twisted-contextvars-22.10.0-150400.5.17.4 * python311-Twisted-serial-22.10.0-150400.5.17.4 * python311-invoke-2.1.2-150400.10.7.4 * python311-asgiref-3.6.0-150400.9.7.3 * python311-pip-22.3.1-150400.17.16.4 * python311-PyJWT-2.8.0-150400.8.7.2 * python311-fluidity-sm-0.2.0-150400.10.7.2 * python311-constantly-15.1.0-150400.12.7.2 * python311-importlib-metadata-6.8.0-150400.10.9.2 * python311-pathspec-0.11.1-150400.9.7.2 * python311-argcomplete-3.3.0-150400.12.12.2 * Public Cloud Module 15-SP4 (noarch) * python311-isodate-0.6.1-150400.12.7.2 * python311-lexicon-2.0.1-150400.10.7.1 * python311-sortedcontainers-2.4.0-150400.8.7.4 * python311-opentelemetry-semantic-conventions-0.44b0-150400.9.3.1 * python311-requests-oauthlib-1.3.1-150400.12.7.1 * python311-fakeredis-2.21.0-150400.9.3.4 * python311-paramiko-3.4.0-150400.13.10.4 * python311-scp-0.14.5-150400.12.7.4 * python311-tabulate-0.9.0-150400.11.7.4 * python311-chardet-5.2.0-150400.13.7.2 * python311-pydash-6.0.2-150400.9.4.1 * python311-service_identity-23.1.0-150400.8.7.1 * python311-opencensus-0.11.4-150400.10.6.3 * python311-oauthlib-3.2.2-150400.12.7.4 * python311-httpretty-1.1.4-150400.11.4.1 * python311-opencensus-ext-threading-0.1.2-150400.10.6.1 * python311-antlr4-python3-runtime-4.13.1-150400.10.4.1 * python311-Twisted-tls-22.10.0-150400.5.17.4 * python311-PyGithub-1.57-150400.10.4.4 * python311-fixedint-0.2.0-150400.9.3.1 * python311-typing_extensions-4.5.0-150400.3.9.1 * python311-Twisted-22.10.0-150400.5.17.4 * python311-semver-3.0.2-150400.10.4.1 * python311-Deprecated-1.2.14-150400.10.7.2 * python311-opentelemetry-test-utils-0.44b0-150400.9.3.1 * python311-pyparsing-3.0.9-150400.5.7.4 * python311-vcrpy-6.0.1-150400.7.4.4 * python311-sshtunnel-0.4.0-150400.5.4.4 * python311-xmltodict-0.13.0-150400.12.4.1 * python311-zipp-3.15.0-150400.10.7.1 * python311-opentelemetry-api-1.23.0-150400.10.7.1 * python311-websocket-client-1.5.1-150400.13.7.1 * python311-httplib2-0.22.0-150400.10.4.1 * python311-strictyaml-1.7.3-150400.9.3.4 * python311-Automat-22.10.0-150400.3.7.2 * python311-javaproperties-0.8.1-150400.10.4.4 * python311-wheel-0.40.0-150400.13.7.4 * python311-blinker-1.6.2-150400.12.7.4 * python311-decorator-5.1.1-150400.12.7.4 * python311-tqdm-4.66.1-150400.9.7.4 * python311-hyperlink-21.0.0-150400.12.7.4 * python311-Pygments-2.15.1-150400.7.7.4 * python311-humanfriendly-10.0-150400.13.7.4 * python311-distro-1.9.0-150400.12.4.1 * python311-aiosignal-1.3.1-150400.9.7.2 * python311-incremental-22.10.0-150400.3.7.2 * python311-marshmallow-3.20.2-150400.9.7.1 * python311-pkginfo-1.9.6-150400.7.7.1 * python311-portalocker-2.7.0-150400.10.7.4 * python311-async_timeout-4.0.2-150400.10.7.2 * python311-invoke-2.1.2-150400.10.7.4 * python311-pip-22.3.1-150400.17.16.4 * python311-redis-5.0.1-150400.12.4.4 * python311-asgiref-3.6.0-150400.9.7.3 * python311-PyJWT-2.8.0-150400.8.7.2 * python311-fluidity-sm-0.2.0-150400.10.7.2 * python311-constantly-15.1.0-150400.12.7.2 * python311-pycomposefile-0.0.30-150400.9.3.1 * python311-importlib-metadata-6.8.0-150400.10.9.2 * python311-retrying-1.3.4-150400.12.4.1 * python311-opentelemetry-sdk-1.23.0-150400.9.3.1 * python311-avro-1.11.3-150400.10.4.1 * python311-knack-0.11.0-150400.10.4.4 * python311-pathspec-0.11.1-150400.9.7.2 * python311-opencensus-context-0.1.3-150400.10.6.1 * python311-Fabric-3.2.2-150400.10.4.1 * python311-sure-2.0.1-150400.12.4.4 * python311-docker-7.0.0-150400.8.4.4 * python311-argcomplete-3.3.0-150400.12.12.2 * python311-jsondiff-2.0.0-150400.10.4.1 * Public Cloud Module 15-SP4 (aarch64 ppc64le s390x x86_64) * python311-frozenlist-1.3.3-150400.9.7.2 * python311-multidict-6.0.4-150400.7.7.4 * python311-aiohttp-3.9.3-150400.10.18.4 * python311-zope.interface-6.0-150400.12.7.4 * python311-wrapt-1.15.0-150400.12.7.1 * python311-yarl-1.9.2-150400.8.7.4 * python311-psutil-5.9.5-150400.6.9.4 * Public Cloud Module 15-SP5 (noarch) * python311-opentelemetry-semantic-conventions-0.44b0-150400.9.3.1 * python311-fakeredis-2.21.0-150400.9.3.4 * python311-chardet-5.2.0-150400.13.7.2 * python311-pydash-6.0.2-150400.9.4.1 * python311-opencensus-ext-threading-0.1.2-150400.10.6.1 * python311-opencensus-0.11.4-150400.10.6.3 * python311-httpretty-1.1.4-150400.11.4.1 * python311-fixedint-0.2.0-150400.9.3.1 * python311-antlr4-python3-runtime-4.13.1-150400.10.4.1 * python311-PyGithub-1.57-150400.10.4.4 * python311-semver-3.0.2-150400.10.4.1 * python311-opentelemetry-test-utils-0.44b0-150400.9.3.1 * python311-vcrpy-6.0.1-150400.7.4.4 * python311-sshtunnel-0.4.0-150400.5.4.4 * python311-xmltodict-0.13.0-150400.12.4.1 * python311-opentelemetry-api-1.23.0-150400.10.7.1 * python311-httplib2-0.22.0-150400.10.4.1 * python311-strictyaml-1.7.3-150400.9.3.4 * python311-javaproperties-0.8.1-150400.10.4.4 * python311-distro-1.9.0-150400.12.4.1 * python311-marshmallow-3.20.2-150400.9.7.1 * python311-redis-5.0.1-150400.12.4.4 * python311-asgiref-3.6.0-150400.9.7.3 * python311-pycomposefile-0.0.30-150400.9.3.1 * python311-retrying-1.3.4-150400.12.4.1 * python311-opentelemetry-sdk-1.23.0-150400.9.3.1 * python311-avro-1.11.3-150400.10.4.1 * python311-knack-0.11.0-150400.10.4.4 * python311-opencensus-context-0.1.3-150400.10.6.1 * python311-Fabric-3.2.2-150400.10.4.1 * python311-sure-2.0.1-150400.12.4.4 * python311-docker-7.0.0-150400.8.4.4 * python311-jsondiff-2.0.0-150400.10.4.1 * Python 3 Module 15-SP5 (aarch64 ppc64le s390x x86_64) * python311-multidict-6.0.4-150400.7.7.4 * python311-aiohttp-debuginfo-3.9.3-150400.10.18.4 * python-zope.interface-debugsource-6.0-150400.12.7.4 * python311-frozenlist-debuginfo-1.3.3-150400.9.7.2 * python311-psutil-debuginfo-5.9.5-150400.6.9.4 * python-frozenlist-debugsource-1.3.3-150400.9.7.2 * python311-aiohttp-3.9.3-150400.10.18.4 * python311-zope.interface-6.0-150400.12.7.4 * python311-wrapt-1.15.0-150400.12.7.1 * python-multidict-debugsource-6.0.4-150400.7.7.4 * python-yarl-debugsource-1.9.2-150400.8.7.4 * python-psutil-debugsource-5.9.5-150400.6.9.4 * python311-yarl-debuginfo-1.9.2-150400.8.7.4 * python311-frozenlist-1.3.3-150400.9.7.2 * python-wrapt-debugsource-1.15.0-150400.12.7.1 * python311-zope.interface-debuginfo-6.0-150400.12.7.4 * python-aiohttp-debugsource-3.9.3-150400.10.18.4 * python311-multidict-debuginfo-6.0.4-150400.7.7.4 * python311-yarl-1.9.2-150400.8.7.4 * python311-wrapt-debuginfo-1.15.0-150400.12.7.1 * python311-psutil-5.9.5-150400.6.9.4 * Python 3 Module 15-SP5 (noarch) * python311-Twisted-http2-22.10.0-150400.5.17.4 * python311-isodate-0.6.1-150400.12.7.2 * python311-lexicon-2.0.1-150400.10.7.1 * python311-sortedcontainers-2.4.0-150400.8.7.4 * python311-requests-oauthlib-1.3.1-150400.12.7.1 * python311-paramiko-3.4.0-150400.13.10.4 * python311-scp-0.14.5-150400.12.7.4 * python311-tabulate-0.9.0-150400.11.7.4 * python311-chardet-5.2.0-150400.13.7.2 * python311-service_identity-23.1.0-150400.8.7.1 * python311-oauthlib-3.2.2-150400.12.7.4 * python-paramiko-doc-3.4.0-150400.13.10.4 * python311-Twisted-tls-22.10.0-150400.5.17.4 * python-tqdm-bash-completion-4.66.1-150400.9.7.4 * python311-typing_extensions-4.5.0-150400.3.9.1 * python311-Twisted-22.10.0-150400.5.17.4 * python311-Deprecated-1.2.14-150400.10.7.2 * python311-pyparsing-3.0.9-150400.5.7.4 * python311-zipp-3.15.0-150400.10.7.1 * python311-opentelemetry-api-1.23.0-150400.10.7.1 * python311-websocket-client-1.5.1-150400.13.7.1 * python311-Automat-22.10.0-150400.3.7.2 * python311-Twisted-conch-22.10.0-150400.5.17.4 * python311-wheel-0.40.0-150400.13.7.4 * python311-blinker-1.6.2-150400.12.7.4 * python311-decorator-5.1.1-150400.12.7.4 * python311-tqdm-4.66.1-150400.9.7.4 * python311-hyperlink-21.0.0-150400.12.7.4 * python311-Pygments-2.15.1-150400.7.7.4 * python311-Twisted-conch_nacl-22.10.0-150400.5.17.4 * python311-distro-1.9.0-150400.12.4.1 * python311-Twisted-all_non_platform-22.10.0-150400.5.17.4 * python311-aiosignal-1.3.1-150400.9.7.2 * python311-humanfriendly-10.0-150400.13.7.4 * python311-incremental-22.10.0-150400.3.7.2 * python311-pkginfo-1.9.6-150400.7.7.1 * python311-portalocker-2.7.0-150400.10.7.4 * python311-async_timeout-4.0.2-150400.10.7.2 * python311-Twisted-contextvars-22.10.0-150400.5.17.4 * python311-Twisted-serial-22.10.0-150400.5.17.4 * python311-invoke-2.1.2-150400.10.7.4 * python311-pip-22.3.1-150400.17.16.4 * python311-PyJWT-2.8.0-150400.8.7.2 * python311-fluidity-sm-0.2.0-150400.10.7.2 * python311-constantly-15.1.0-150400.12.7.2 * python311-importlib-metadata-6.8.0-150400.10.9.2 * python311-pathspec-0.11.1-150400.9.7.2 * python311-argcomplete-3.3.0-150400.12.12.2 ## References: * https://www.suse.com/security/cve/CVE-2023-28858.html * https://www.suse.com/security/cve/CVE-2023-28859.html * https://bugzilla.suse.com/show_bug.cgi?id=1209571 * https://bugzilla.suse.com/show_bug.cgi?id=1209811 * https://bugzilla.suse.com/show_bug.cgi?id=1209812 * https://bugzilla.suse.com/show_bug.cgi?id=1216606 * https://bugzilla.suse.com/show_bug.cgi?id=1222880 * https://bugzilla.suse.com/show_bug.cgi?id=761162 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 15 08:30:08 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 15 May 2024 08:30:08 -0000 Subject: SUSE-SU-2024:1650-1: important: Security update for the Linux Kernel Message-ID: <171576180897.6524.14469256779720441650@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2024:1650-1 Rating: important References: * bsc#1190576 * bsc#1192145 * bsc#1204614 * bsc#1211592 * bsc#1218562 * bsc#1218917 * bsc#1219169 * bsc#1219170 * bsc#1219264 * bsc#1220513 * bsc#1220755 * bsc#1220854 * bsc#1221543 * bsc#1221545 * bsc#1222449 * bsc#1222482 * bsc#1222503 * bsc#1222559 * bsc#1222585 * bsc#1222624 * bsc#1222666 * bsc#1222669 * bsc#1222709 * bsc#1222790 * bsc#1222792 * bsc#1222829 * bsc#1222881 * bsc#1222883 * bsc#1222894 * bsc#1222976 * bsc#1223016 * bsc#1223057 * bsc#1223111 * bsc#1223187 * bsc#1223202 * bsc#1223475 * bsc#1223482 * bsc#1223513 * bsc#1223824 * bsc#1223952 Cross-References: * CVE-2021-46955 * CVE-2021-47041 * CVE-2021-47074 * CVE-2021-47113 * CVE-2021-47131 * CVE-2021-47184 * CVE-2021-47185 * CVE-2021-47194 * CVE-2021-47198 * CVE-2021-47201 * CVE-2021-47203 * CVE-2021-47206 * CVE-2021-47207 * CVE-2021-47212 * CVE-2022-48631 * CVE-2022-48651 * CVE-2022-48654 * CVE-2022-48687 * CVE-2023-2860 * CVE-2023-6270 * CVE-2024-0639 * CVE-2024-0841 * CVE-2024-22099 * CVE-2024-23307 * CVE-2024-26688 * CVE-2024-26689 * CVE-2024-26733 * CVE-2024-26739 * CVE-2024-26744 * CVE-2024-26816 * CVE-2024-26840 * CVE-2024-26852 * CVE-2024-26862 * CVE-2024-26898 * CVE-2024-26903 * CVE-2024-26906 * CVE-2024-27043 CVSS scores: * CVE-2021-46955 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2021-47041 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47074 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2021-47113 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47131 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47184 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47185 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47194 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47194 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47198 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47198 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47201 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47203 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47206 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47207 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47212 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48631 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48651 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48654 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2022-48687 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2023-2860 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2023-2860 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2023-6270 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6270 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-0639 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0639 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0841 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0841 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-22099 ( SUSE ): 5.3 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-22099 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-23307 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26688 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26689 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26733 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26739 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26744 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26816 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-26840 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-26852 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26862 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-26898 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26898 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26903 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26903 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26906 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27043 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Availability Extension 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Live Patching 15-SP2 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 Business Critical Linux 15-SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Manager Proxy 4.1 * SUSE Manager Retail Branch Server 4.1 * SUSE Manager Server 4.1 An update that solves 37 vulnerabilities and has three security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2024-26840: Fixed a memory leak in cachefiles_add_cache() (bsc#1222976). * CVE-2021-47113: Abort btrfs rename_exchange if we fail to insert the second ref (bsc#1221543). * CVE-2021-47131: Fixed a use-after-free after the TLS device goes down and up (bsc#1221545). * CVE-2024-26852: Fixed net/ipv6 to avoid possible UAF in ip6_route_mpath_notify() (bsc#1223057). * CVE-2021-46955: Fixed an out-of-bounds read with openvswitch, when fragmenting IPv4 packets (bsc#1220513). * CVE-2024-26862: Fixed packet annotate data-races around ignore_outgoing (bsc#1223111). * CVE-2024-0639: Fixed a denial-of-service vulnerability due to a deadlock found in sctp_auto_asconf_init in net/sctp/socket.c (bsc#1218917). * CVE-2024-27043: Fixed a use-after-free in edia/dvbdev in different places (bsc#1223824). * CVE-2022-48631: Fixed a bug in ext4, when parsing extents where eh_entries == 0 and eh_depth > 0 (bsc#1223475). * CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5 modules (bsc#1219169). * CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223513). * CVE-2024-26816: Fixed relocations in .notes section when building with CONFIG_XEN_PV=y by ignoring them (bsc#1222624). * CVE-2024-26906: Disallowed vsyscall page read for copy_from_kernel_nofault() (bsc#1223202). * CVE-2024-26689: Fixed a use-after-free in encode_cap_msg() (bsc#1222503). * CVE-2021-47041: Don't set sk_user_data without write_lock (bsc#1220755). * CVE-2021-47074: Fixed memory leak in nvme_loop_create_ctrl() (bsc#1220854). * CVE-2024-26744: Fixed null pointer dereference in srpt_service_guid parameter in rdma/srpt (bsc#1222449). The following non-security bugs were fixed: * net/tls: Remove the context from the list in tls_device_down (bsc#1221545). * tls: Fix context leak on tls_device_down (bsc#1221545). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP2 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP2-2024-1650=1 * SUSE Linux Enterprise High Availability Extension 15 SP2 zypper in -t patch SUSE-SLE-Product-HA-15-SP2-2024-1650=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-1650=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-1650=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-1650=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP2 (nosrc) * kernel-default-5.3.18-150200.24.191.1 * SUSE Linux Enterprise Live Patching 15-SP2 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150200_24_191-default-debuginfo-1-150200.5.3.1 * kernel-livepatch-SLE15-SP2_Update_48-debugsource-1-150200.5.3.1 * kernel-default-livepatch-5.3.18-150200.24.191.1 * kernel-default-debuginfo-5.3.18-150200.24.191.1 * kernel-livepatch-5_3_18-150200_24_191-default-1-150200.5.3.1 * kernel-default-livepatch-devel-5.3.18-150200.24.191.1 * kernel-default-debugsource-5.3.18-150200.24.191.1 * SUSE Linux Enterprise High Availability Extension 15 SP2 (aarch64 ppc64le s390x x86_64) * cluster-md-kmp-default-5.3.18-150200.24.191.1 * ocfs2-kmp-default-debuginfo-5.3.18-150200.24.191.1 * gfs2-kmp-default-5.3.18-150200.24.191.1 * cluster-md-kmp-default-debuginfo-5.3.18-150200.24.191.1 * gfs2-kmp-default-debuginfo-5.3.18-150200.24.191.1 * kernel-default-debuginfo-5.3.18-150200.24.191.1 * dlm-kmp-default-5.3.18-150200.24.191.1 * ocfs2-kmp-default-5.3.18-150200.24.191.1 * dlm-kmp-default-debuginfo-5.3.18-150200.24.191.1 * kernel-default-debugsource-5.3.18-150200.24.191.1 * SUSE Linux Enterprise High Availability Extension 15 SP2 (nosrc) * kernel-default-5.3.18-150200.24.191.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 nosrc x86_64) * kernel-default-5.3.18-150200.24.191.1 * kernel-preempt-5.3.18-150200.24.191.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * kernel-default-base-5.3.18-150200.24.191.1.150200.9.97.1 * kernel-preempt-devel-debuginfo-5.3.18-150200.24.191.1 * kernel-obs-build-5.3.18-150200.24.191.1 * kernel-syms-5.3.18-150200.24.191.1 * kernel-preempt-debugsource-5.3.18-150200.24.191.1 * kernel-obs-build-debugsource-5.3.18-150200.24.191.1 * kernel-default-devel-5.3.18-150200.24.191.1 * kernel-default-debuginfo-5.3.18-150200.24.191.1 * kernel-preempt-debuginfo-5.3.18-150200.24.191.1 * kernel-default-devel-debuginfo-5.3.18-150200.24.191.1 * kernel-preempt-devel-5.3.18-150200.24.191.1 * kernel-default-debugsource-5.3.18-150200.24.191.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (noarch) * kernel-macros-5.3.18-150200.24.191.1 * kernel-source-5.3.18-150200.24.191.1 * kernel-devel-5.3.18-150200.24.191.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (noarch nosrc) * kernel-docs-5.3.18-150200.24.191.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-5.3.18-150200.24.191.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * kernel-default-base-5.3.18-150200.24.191.1.150200.9.97.1 * kernel-obs-build-5.3.18-150200.24.191.1 * kernel-syms-5.3.18-150200.24.191.1 * reiserfs-kmp-default-5.3.18-150200.24.191.1 * kernel-obs-build-debugsource-5.3.18-150200.24.191.1 * kernel-default-devel-5.3.18-150200.24.191.1 * kernel-default-debuginfo-5.3.18-150200.24.191.1 * reiserfs-kmp-default-debuginfo-5.3.18-150200.24.191.1 * kernel-default-devel-debuginfo-5.3.18-150200.24.191.1 * kernel-default-debugsource-5.3.18-150200.24.191.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (noarch) * kernel-macros-5.3.18-150200.24.191.1 * kernel-source-5.3.18-150200.24.191.1 * kernel-devel-5.3.18-150200.24.191.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (noarch nosrc) * kernel-docs-5.3.18-150200.24.191.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 nosrc x86_64) * kernel-preempt-5.3.18-150200.24.191.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * kernel-preempt-debugsource-5.3.18-150200.24.191.1 * kernel-preempt-devel-debuginfo-5.3.18-150200.24.191.1 * kernel-preempt-debuginfo-5.3.18-150200.24.191.1 * kernel-preempt-devel-5.3.18-150200.24.191.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (nosrc ppc64le x86_64) * kernel-default-5.3.18-150200.24.191.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * kernel-default-base-5.3.18-150200.24.191.1.150200.9.97.1 * kernel-obs-build-5.3.18-150200.24.191.1 * kernel-syms-5.3.18-150200.24.191.1 * reiserfs-kmp-default-5.3.18-150200.24.191.1 * kernel-obs-build-debugsource-5.3.18-150200.24.191.1 * kernel-default-devel-5.3.18-150200.24.191.1 * kernel-default-debuginfo-5.3.18-150200.24.191.1 * reiserfs-kmp-default-debuginfo-5.3.18-150200.24.191.1 * kernel-default-devel-debuginfo-5.3.18-150200.24.191.1 * kernel-default-debugsource-5.3.18-150200.24.191.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (noarch) * kernel-macros-5.3.18-150200.24.191.1 * kernel-source-5.3.18-150200.24.191.1 * kernel-devel-5.3.18-150200.24.191.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (noarch nosrc) * kernel-docs-5.3.18-150200.24.191.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (nosrc x86_64) * kernel-preempt-5.3.18-150200.24.191.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (x86_64) * kernel-preempt-debugsource-5.3.18-150200.24.191.1 * kernel-preempt-devel-debuginfo-5.3.18-150200.24.191.1 * kernel-preempt-debuginfo-5.3.18-150200.24.191.1 * kernel-preempt-devel-5.3.18-150200.24.191.1 ## References: * https://www.suse.com/security/cve/CVE-2021-46955.html * https://www.suse.com/security/cve/CVE-2021-47041.html * https://www.suse.com/security/cve/CVE-2021-47074.html * https://www.suse.com/security/cve/CVE-2021-47113.html * https://www.suse.com/security/cve/CVE-2021-47131.html * https://www.suse.com/security/cve/CVE-2021-47184.html * https://www.suse.com/security/cve/CVE-2021-47185.html * https://www.suse.com/security/cve/CVE-2021-47194.html * https://www.suse.com/security/cve/CVE-2021-47198.html * https://www.suse.com/security/cve/CVE-2021-47201.html * https://www.suse.com/security/cve/CVE-2021-47203.html * https://www.suse.com/security/cve/CVE-2021-47206.html * https://www.suse.com/security/cve/CVE-2021-47207.html * https://www.suse.com/security/cve/CVE-2021-47212.html * https://www.suse.com/security/cve/CVE-2022-48631.html * https://www.suse.com/security/cve/CVE-2022-48651.html * https://www.suse.com/security/cve/CVE-2022-48654.html * https://www.suse.com/security/cve/CVE-2022-48687.html * https://www.suse.com/security/cve/CVE-2023-2860.html * https://www.suse.com/security/cve/CVE-2023-6270.html * https://www.suse.com/security/cve/CVE-2024-0639.html * https://www.suse.com/security/cve/CVE-2024-0841.html * https://www.suse.com/security/cve/CVE-2024-22099.html * https://www.suse.com/security/cve/CVE-2024-23307.html * https://www.suse.com/security/cve/CVE-2024-26688.html * https://www.suse.com/security/cve/CVE-2024-26689.html * https://www.suse.com/security/cve/CVE-2024-26733.html * https://www.suse.com/security/cve/CVE-2024-26739.html * https://www.suse.com/security/cve/CVE-2024-26744.html * https://www.suse.com/security/cve/CVE-2024-26816.html * https://www.suse.com/security/cve/CVE-2024-26840.html * https://www.suse.com/security/cve/CVE-2024-26852.html * https://www.suse.com/security/cve/CVE-2024-26862.html * https://www.suse.com/security/cve/CVE-2024-26898.html * https://www.suse.com/security/cve/CVE-2024-26903.html * https://www.suse.com/security/cve/CVE-2024-26906.html * https://www.suse.com/security/cve/CVE-2024-27043.html * https://bugzilla.suse.com/show_bug.cgi?id=1190576 * https://bugzilla.suse.com/show_bug.cgi?id=1192145 * https://bugzilla.suse.com/show_bug.cgi?id=1204614 * https://bugzilla.suse.com/show_bug.cgi?id=1211592 * https://bugzilla.suse.com/show_bug.cgi?id=1218562 * https://bugzilla.suse.com/show_bug.cgi?id=1218917 * https://bugzilla.suse.com/show_bug.cgi?id=1219169 * https://bugzilla.suse.com/show_bug.cgi?id=1219170 * https://bugzilla.suse.com/show_bug.cgi?id=1219264 * https://bugzilla.suse.com/show_bug.cgi?id=1220513 * https://bugzilla.suse.com/show_bug.cgi?id=1220755 * https://bugzilla.suse.com/show_bug.cgi?id=1220854 * https://bugzilla.suse.com/show_bug.cgi?id=1221543 * https://bugzilla.suse.com/show_bug.cgi?id=1221545 * https://bugzilla.suse.com/show_bug.cgi?id=1222449 * https://bugzilla.suse.com/show_bug.cgi?id=1222482 * https://bugzilla.suse.com/show_bug.cgi?id=1222503 * https://bugzilla.suse.com/show_bug.cgi?id=1222559 * https://bugzilla.suse.com/show_bug.cgi?id=1222585 * https://bugzilla.suse.com/show_bug.cgi?id=1222624 * https://bugzilla.suse.com/show_bug.cgi?id=1222666 * https://bugzilla.suse.com/show_bug.cgi?id=1222669 * https://bugzilla.suse.com/show_bug.cgi?id=1222709 * https://bugzilla.suse.com/show_bug.cgi?id=1222790 * https://bugzilla.suse.com/show_bug.cgi?id=1222792 * https://bugzilla.suse.com/show_bug.cgi?id=1222829 * https://bugzilla.suse.com/show_bug.cgi?id=1222881 * https://bugzilla.suse.com/show_bug.cgi?id=1222883 * https://bugzilla.suse.com/show_bug.cgi?id=1222894 * https://bugzilla.suse.com/show_bug.cgi?id=1222976 * https://bugzilla.suse.com/show_bug.cgi?id=1223016 * https://bugzilla.suse.com/show_bug.cgi?id=1223057 * https://bugzilla.suse.com/show_bug.cgi?id=1223111 * https://bugzilla.suse.com/show_bug.cgi?id=1223187 * https://bugzilla.suse.com/show_bug.cgi?id=1223202 * https://bugzilla.suse.com/show_bug.cgi?id=1223475 * https://bugzilla.suse.com/show_bug.cgi?id=1223482 * https://bugzilla.suse.com/show_bug.cgi?id=1223513 * https://bugzilla.suse.com/show_bug.cgi?id=1223824 * https://bugzilla.suse.com/show_bug.cgi?id=1223952 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 15 08:30:12 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 15 May 2024 08:30:12 -0000 Subject: SUSE-SU-2024:1657-1: moderate: Security update for python3 Message-ID: <171576181262.6524.12523603142016315910@smelt2.prg2.suse.org> # Security update for python3 Announcement ID: SUSE-SU-2024:1657-1 Rating: moderate References: * bsc#1219559 Cross-References: * CVE-2023-52425 CVSS scores: * CVE-2023-52425 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52425 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP2 * SUSE Linux Enterprise High Performance Computing 12 SP3 * SUSE Linux Enterprise High Performance Computing 12 SP4 * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 * SUSE Linux Enterprise Server 12 SP1 * SUSE Linux Enterprise Server 12 SP2 * SUSE Linux Enterprise Server 12 SP3 * SUSE Linux Enterprise Server 12 SP4 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 * SUSE Linux Enterprise Server for SAP Applications 12 SP1 * SUSE Linux Enterprise Server for SAP Applications 12 SP2 * SUSE Linux Enterprise Server for SAP Applications 12 SP3 * SUSE Linux Enterprise Server for SAP Applications 12 SP4 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 * Web and Scripting Module 12 An update that solves one vulnerability can now be installed. ## Description: This update for python3 fixes the following issues: * CVE-2023-52425: Fixed etree XMLPullParser tests for Expat >=2.6.0 with reparse deferral (bsc#1219559). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Web and Scripting Module 12 zypper in -t patch SUSE-SLE-Module-Web-Scripting-12-2024-1657=1 * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-1657=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1657=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1657=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1657=1 ## Package List: * Web and Scripting Module 12 (aarch64 ppc64le s390x x86_64) * python3-base-3.4.10-25.127.1 * python3-base-debugsource-3.4.10-25.127.1 * python3-debuginfo-3.4.10-25.127.1 * python3-base-debuginfo-3.4.10-25.127.1 * libpython3_4m1_0-3.4.10-25.127.1 * python3-3.4.10-25.127.1 * libpython3_4m1_0-debuginfo-3.4.10-25.127.1 * python3-curses-3.4.10-25.127.1 * python3-debugsource-3.4.10-25.127.1 * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * python3-dbm-debuginfo-3.4.10-25.127.1 * python3-base-debugsource-3.4.10-25.127.1 * python3-debuginfo-3.4.10-25.127.1 * python3-base-debuginfo-3.4.10-25.127.1 * python3-devel-3.4.10-25.127.1 * python3-debugsource-3.4.10-25.127.1 * python3-dbm-3.4.10-25.127.1 * SUSE Linux Enterprise Software Development Kit 12 SP5 (ppc64le s390x x86_64) * python3-devel-debuginfo-3.4.10-25.127.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * python3-base-3.4.10-25.127.1 * python3-base-debugsource-3.4.10-25.127.1 * python3-curses-debuginfo-3.4.10-25.127.1 * python3-tk-3.4.10-25.127.1 * python3-debuginfo-3.4.10-25.127.1 * python3-base-debuginfo-3.4.10-25.127.1 * python3-devel-3.4.10-25.127.1 * python3-tk-debuginfo-3.4.10-25.127.1 * libpython3_4m1_0-3.4.10-25.127.1 * python3-3.4.10-25.127.1 * libpython3_4m1_0-debuginfo-3.4.10-25.127.1 * python3-curses-3.4.10-25.127.1 * python3-debugsource-3.4.10-25.127.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (x86_64) * python3-base-debuginfo-32bit-3.4.10-25.127.1 * libpython3_4m1_0-debuginfo-32bit-3.4.10-25.127.1 * libpython3_4m1_0-32bit-3.4.10-25.127.1 * python3-devel-debuginfo-3.4.10-25.127.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * python3-base-3.4.10-25.127.1 * python3-base-debugsource-3.4.10-25.127.1 * python3-curses-debuginfo-3.4.10-25.127.1 * python3-tk-3.4.10-25.127.1 * python3-debuginfo-3.4.10-25.127.1 * python3-base-debuginfo-3.4.10-25.127.1 * python3-devel-3.4.10-25.127.1 * python3-tk-debuginfo-3.4.10-25.127.1 * libpython3_4m1_0-3.4.10-25.127.1 * python3-3.4.10-25.127.1 * libpython3_4m1_0-debuginfo-3.4.10-25.127.1 * python3-curses-3.4.10-25.127.1 * python3-debugsource-3.4.10-25.127.1 * SUSE Linux Enterprise Server 12 SP5 (ppc64le s390x x86_64) * python3-devel-debuginfo-3.4.10-25.127.1 * SUSE Linux Enterprise Server 12 SP5 (s390x x86_64) * python3-base-debuginfo-32bit-3.4.10-25.127.1 * libpython3_4m1_0-debuginfo-32bit-3.4.10-25.127.1 * libpython3_4m1_0-32bit-3.4.10-25.127.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * python3-base-3.4.10-25.127.1 * python3-base-debugsource-3.4.10-25.127.1 * python3-curses-debuginfo-3.4.10-25.127.1 * python3-tk-3.4.10-25.127.1 * python3-debuginfo-3.4.10-25.127.1 * python3-base-debuginfo-3.4.10-25.127.1 * python3-devel-3.4.10-25.127.1 * python3-devel-debuginfo-3.4.10-25.127.1 * python3-tk-debuginfo-3.4.10-25.127.1 * libpython3_4m1_0-3.4.10-25.127.1 * python3-3.4.10-25.127.1 * libpython3_4m1_0-debuginfo-3.4.10-25.127.1 * python3-curses-3.4.10-25.127.1 * python3-debugsource-3.4.10-25.127.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (x86_64) * python3-base-debuginfo-32bit-3.4.10-25.127.1 * libpython3_4m1_0-debuginfo-32bit-3.4.10-25.127.1 * libpython3_4m1_0-32bit-3.4.10-25.127.1 ## References: * https://www.suse.com/security/cve/CVE-2023-52425.html * https://bugzilla.suse.com/show_bug.cgi?id=1219559 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 15 08:30:19 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 15 May 2024 08:30:19 -0000 Subject: SUSE-SU-2024:1653-1: moderate: Security update for postgresql15 Message-ID: <171576181999.6524.11587054796567062826@smelt2.prg2.suse.org> # Security update for postgresql15 Announcement ID: SUSE-SU-2024:1653-1 Rating: moderate References: * bsc#1224038 * bsc#1224051 Cross-References: * CVE-2024-4317 CVSS scores: * CVE-2024-4317 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for postgresql15 fixes the following issues: PostgreSQL upgrade to version 15.7 (bsc#1224051): * CVE-2024-4317: Fixed visibility restriction of pg_stats_ext and pg_stats_ext_exprs entries to the table owner (bsc#1224038). Bug fixes: * Fix incompatibility with LLVM 18. * Prepare for PostgreSQL 17. * Make sure all compilation and doc generation happens in %build. * Require LLVM <= 17 for now, because LLVM 18 doesn't seem to work. * Remove constraints file because improved memory usage for s390x * Use %patch -P N instead of deprecated %patchN. Release notes: * https://www.postgresql.org/docs/release/15.7/ ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-1653=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1653=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1653=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1653=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * postgresql15-devel-15.7-3.25.1 * postgresql15-server-devel-debuginfo-15.7-3.25.1 * postgresql15-devel-debuginfo-15.7-3.25.1 * postgresql15-server-devel-15.7-3.25.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * postgresql15-contrib-debuginfo-15.7-3.25.1 * postgresql15-plpython-debuginfo-15.7-3.25.1 * postgresql15-debugsource-15.7-3.25.1 * postgresql15-pltcl-debuginfo-15.7-3.25.1 * postgresql15-debuginfo-15.7-3.25.1 * postgresql15-plperl-15.7-3.25.1 * postgresql15-server-15.7-3.25.1 * postgresql15-plperl-debuginfo-15.7-3.25.1 * postgresql15-server-debuginfo-15.7-3.25.1 * postgresql15-plpython-15.7-3.25.1 * postgresql15-pltcl-15.7-3.25.1 * postgresql15-contrib-15.7-3.25.1 * postgresql15-15.7-3.25.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (noarch) * postgresql15-docs-15.7-3.25.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * postgresql15-contrib-debuginfo-15.7-3.25.1 * postgresql15-plpython-debuginfo-15.7-3.25.1 * postgresql15-debugsource-15.7-3.25.1 * postgresql15-pltcl-debuginfo-15.7-3.25.1 * postgresql15-debuginfo-15.7-3.25.1 * postgresql15-plperl-15.7-3.25.1 * postgresql15-server-15.7-3.25.1 * postgresql15-plperl-debuginfo-15.7-3.25.1 * postgresql15-server-debuginfo-15.7-3.25.1 * postgresql15-plpython-15.7-3.25.1 * postgresql15-pltcl-15.7-3.25.1 * postgresql15-contrib-15.7-3.25.1 * postgresql15-15.7-3.25.1 * SUSE Linux Enterprise Server 12 SP5 (noarch) * postgresql15-docs-15.7-3.25.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * postgresql15-contrib-debuginfo-15.7-3.25.1 * postgresql15-plpython-debuginfo-15.7-3.25.1 * postgresql15-debugsource-15.7-3.25.1 * postgresql15-pltcl-debuginfo-15.7-3.25.1 * postgresql15-debuginfo-15.7-3.25.1 * postgresql15-plperl-15.7-3.25.1 * postgresql15-server-15.7-3.25.1 * postgresql15-plperl-debuginfo-15.7-3.25.1 * postgresql15-server-debuginfo-15.7-3.25.1 * postgresql15-plpython-15.7-3.25.1 * postgresql15-pltcl-15.7-3.25.1 * postgresql15-contrib-15.7-3.25.1 * postgresql15-15.7-3.25.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (noarch) * postgresql15-docs-15.7-3.25.1 ## References: * https://www.suse.com/security/cve/CVE-2024-4317.html * https://bugzilla.suse.com/show_bug.cgi?id=1224038 * https://bugzilla.suse.com/show_bug.cgi?id=1224051 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 15 08:30:21 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 15 May 2024 08:30:21 -0000 Subject: SUSE-SU-2024:1652-1: moderate: Security update for postgresql16 Message-ID: <171576182166.6524.2337526854740507569@smelt2.prg2.suse.org> # Security update for postgresql16 Announcement ID: SUSE-SU-2024:1652-1 Rating: moderate References: * bsc#1224038 * bsc#1224051 Cross-References: * CVE-2024-4317 CVSS scores: * CVE-2024-4317 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.5 * Server Applications Module 15-SP5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Package Hub 15 15-SP5 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for postgresql16 fixes the following issues: PostgreSQL upgrade to version 16.3 (bsc#1224051): * CVE-2024-4317: Fixed visibility restriction of pg_stats_ext and pg_stats_ext_exprs entries to the table owner (bsc#1224038). Bug fixes: * Fix incompatibility with LLVM 18. * Prepare for PostgreSQL 17. * Make sure all compilation and doc generation happens in %build. * Require LLVM <= 17 for now, because LLVM 18 doesn't seem to work. * Remove constraints file because improved memory usage for s390x * Use %patch -P N instead of deprecated %patchN. Release notes: * https://www.postgresql.org/docs/release/16.3/ ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1652=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-1652=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-1652=1 * Server Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP5-2024-1652=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * postgresql16-pltcl-debuginfo-16.3-150200.5.13.1 * postgresql16-devel-debuginfo-16.3-150200.5.13.1 * postgresql16-server-devel-16.3-150200.5.13.1 * postgresql16-plpython-debuginfo-16.3-150200.5.13.1 * postgresql16-devel-mini-debuginfo-16.3-150200.5.13.1 * postgresql16-test-16.3-150200.5.13.1 * libecpg6-16.3-150200.5.13.1 * postgresql16-llvmjit-debuginfo-16.3-150200.5.13.1 * postgresql16-plperl-debuginfo-16.3-150200.5.13.1 * postgresql16-server-16.3-150200.5.13.1 * postgresql16-contrib-debuginfo-16.3-150200.5.13.1 * postgresql16-mini-debugsource-16.3-150200.5.13.1 * postgresql16-server-debuginfo-16.3-150200.5.13.1 * libecpg6-debuginfo-16.3-150200.5.13.1 * postgresql16-devel-16.3-150200.5.13.1 * postgresql16-pltcl-16.3-150200.5.13.1 * postgresql16-contrib-16.3-150200.5.13.1 * libpq5-debuginfo-16.3-150200.5.13.1 * postgresql16-devel-mini-16.3-150200.5.13.1 * libpq5-16.3-150200.5.13.1 * postgresql16-llvmjit-16.3-150200.5.13.1 * postgresql16-debuginfo-16.3-150200.5.13.1 * postgresql16-debugsource-16.3-150200.5.13.1 * postgresql16-16.3-150200.5.13.1 * postgresql16-server-devel-debuginfo-16.3-150200.5.13.1 * postgresql16-llvmjit-devel-16.3-150200.5.13.1 * postgresql16-plperl-16.3-150200.5.13.1 * postgresql16-plpython-16.3-150200.5.13.1 * openSUSE Leap 15.5 (x86_64) * libpq5-32bit-16.3-150200.5.13.1 * libpq5-32bit-debuginfo-16.3-150200.5.13.1 * libecpg6-32bit-16.3-150200.5.13.1 * libecpg6-32bit-debuginfo-16.3-150200.5.13.1 * openSUSE Leap 15.5 (noarch) * postgresql16-docs-16.3-150200.5.13.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * libpq5-debuginfo-16.3-150200.5.13.1 * libpq5-16.3-150200.5.13.1 * postgresql16-debuginfo-16.3-150200.5.13.1 * postgresql16-16.3-150200.5.13.1 * postgresql16-debugsource-16.3-150200.5.13.1 * Basesystem Module 15-SP5 (x86_64) * libpq5-32bit-debuginfo-16.3-150200.5.13.1 * libpq5-32bit-16.3-150200.5.13.1 * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x x86_64) * postgresql16-test-16.3-150200.5.13.1 * postgresql16-llvmjit-debuginfo-16.3-150200.5.13.1 * postgresql16-llvmjit-16.3-150200.5.13.1 * postgresql16-llvmjit-devel-16.3-150200.5.13.1 * Server Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * postgresql16-pltcl-debuginfo-16.3-150200.5.13.1 * postgresql16-contrib-16.3-150200.5.13.1 * postgresql16-devel-debuginfo-16.3-150200.5.13.1 * postgresql16-plpython-debuginfo-16.3-150200.5.13.1 * libecpg6-16.3-150200.5.13.1 * postgresql16-plperl-debuginfo-16.3-150200.5.13.1 * postgresql16-server-16.3-150200.5.13.1 * postgresql16-contrib-debuginfo-16.3-150200.5.13.1 * postgresql16-pltcl-16.3-150200.5.13.1 * postgresql16-server-debuginfo-16.3-150200.5.13.1 * libecpg6-debuginfo-16.3-150200.5.13.1 * postgresql16-server-devel-16.3-150200.5.13.1 * postgresql16-debuginfo-16.3-150200.5.13.1 * postgresql16-plperl-16.3-150200.5.13.1 * postgresql16-server-devel-debuginfo-16.3-150200.5.13.1 * postgresql16-devel-16.3-150200.5.13.1 * postgresql16-plpython-16.3-150200.5.13.1 * postgresql16-debugsource-16.3-150200.5.13.1 * Server Applications Module 15-SP5 (noarch) * postgresql16-docs-16.3-150200.5.13.1 ## References: * https://www.suse.com/security/cve/CVE-2024-4317.html * https://bugzilla.suse.com/show_bug.cgi?id=1224038 * https://bugzilla.suse.com/show_bug.cgi?id=1224051 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 15 08:30:24 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 15 May 2024 08:30:24 -0000 Subject: SUSE-SU-2024:1651-1: moderate: Security update for postgresql16 Message-ID: <171576182479.6524.8289997502073501319@smelt2.prg2.suse.org> # Security update for postgresql16 Announcement ID: SUSE-SU-2024:1651-1 Rating: moderate References: * bsc#1224038 * bsc#1224051 Cross-References: * CVE-2024-4317 CVSS scores: * CVE-2024-4317 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for postgresql16 fixes the following issues: PostgreSQL upgrade to version 16.3 (bsc#1224051): * CVE-2024-4317: Fixed visibility restriction of pg_stats_ext and pg_stats_ext_exprs entries to the table owner (bsc#1224038). Bug fixes: * Fix incompatibility with LLVM 18. * Prepare for PostgreSQL 17. * Make sure all compilation and doc generation happens in %build. * Require LLVM <= 17 for now, because LLVM 18 doesn't seem to work. * Remove constraints file because improved memory usage for s390x * Use %patch -P N instead of deprecated %patchN. Release notes: * https://www.postgresql.org/docs/release/16.3/ ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-1651=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1651=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1651=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1651=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * postgresql16-server-devel-debuginfo-16.3-3.13.1 * postgresql16-devel-debuginfo-16.3-3.13.1 * postgresql16-server-devel-16.3-3.13.1 * postgresql16-devel-16.3-3.13.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * postgresql16-plpython-16.3-3.13.1 * postgresql16-debuginfo-16.3-3.13.1 * postgresql16-server-debuginfo-16.3-3.13.1 * postgresql16-16.3-3.13.1 * postgresql16-debugsource-16.3-3.13.1 * postgresql16-plperl-debuginfo-16.3-3.13.1 * libecpg6-debuginfo-16.3-3.13.1 * postgresql16-plpython-debuginfo-16.3-3.13.1 * postgresql16-plperl-16.3-3.13.1 * libecpg6-16.3-3.13.1 * postgresql16-contrib-16.3-3.13.1 * postgresql16-pltcl-16.3-3.13.1 * postgresql16-contrib-debuginfo-16.3-3.13.1 * postgresql16-pltcl-debuginfo-16.3-3.13.1 * libpq5-debuginfo-16.3-3.13.1 * postgresql16-server-16.3-3.13.1 * libpq5-16.3-3.13.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (noarch) * postgresql16-docs-16.3-3.13.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (x86_64) * libpq5-32bit-16.3-3.13.1 * libecpg6-32bit-16.3-3.13.1 * libecpg6-debuginfo-32bit-16.3-3.13.1 * libpq5-debuginfo-32bit-16.3-3.13.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * postgresql16-plpython-16.3-3.13.1 * postgresql16-debuginfo-16.3-3.13.1 * postgresql16-server-debuginfo-16.3-3.13.1 * postgresql16-16.3-3.13.1 * postgresql16-debugsource-16.3-3.13.1 * postgresql16-plperl-debuginfo-16.3-3.13.1 * libecpg6-debuginfo-16.3-3.13.1 * postgresql16-plpython-debuginfo-16.3-3.13.1 * postgresql16-plperl-16.3-3.13.1 * libecpg6-16.3-3.13.1 * postgresql16-contrib-16.3-3.13.1 * postgresql16-pltcl-16.3-3.13.1 * postgresql16-contrib-debuginfo-16.3-3.13.1 * postgresql16-pltcl-debuginfo-16.3-3.13.1 * libpq5-debuginfo-16.3-3.13.1 * postgresql16-server-16.3-3.13.1 * libpq5-16.3-3.13.1 * SUSE Linux Enterprise Server 12 SP5 (noarch) * postgresql16-docs-16.3-3.13.1 * SUSE Linux Enterprise Server 12 SP5 (s390x x86_64) * libpq5-32bit-16.3-3.13.1 * libecpg6-32bit-16.3-3.13.1 * libecpg6-debuginfo-32bit-16.3-3.13.1 * libpq5-debuginfo-32bit-16.3-3.13.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * postgresql16-plpython-16.3-3.13.1 * postgresql16-debuginfo-16.3-3.13.1 * postgresql16-server-debuginfo-16.3-3.13.1 * postgresql16-16.3-3.13.1 * postgresql16-debugsource-16.3-3.13.1 * postgresql16-plperl-debuginfo-16.3-3.13.1 * libecpg6-debuginfo-16.3-3.13.1 * postgresql16-plpython-debuginfo-16.3-3.13.1 * postgresql16-plperl-16.3-3.13.1 * libecpg6-16.3-3.13.1 * postgresql16-contrib-16.3-3.13.1 * postgresql16-pltcl-16.3-3.13.1 * postgresql16-contrib-debuginfo-16.3-3.13.1 * postgresql16-pltcl-debuginfo-16.3-3.13.1 * libpq5-debuginfo-16.3-3.13.1 * postgresql16-server-16.3-3.13.1 * libpq5-16.3-3.13.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (noarch) * postgresql16-docs-16.3-3.13.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (x86_64) * libpq5-32bit-16.3-3.13.1 * libecpg6-32bit-16.3-3.13.1 * libecpg6-debuginfo-32bit-16.3-3.13.1 * libpq5-debuginfo-32bit-16.3-3.13.1 ## References: * https://www.suse.com/security/cve/CVE-2024-4317.html * https://bugzilla.suse.com/show_bug.cgi?id=1224038 * https://bugzilla.suse.com/show_bug.cgi?id=1224051 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 15 12:30:54 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 15 May 2024 12:30:54 -0000 Subject: SUSE-SU-2024:1659-1: important: Security update for the Linux Kernel Message-ID: <171577625454.30449.2304594519677618113@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2024:1659-1 Rating: important References: * bsc#1177529 * bsc#1192145 * bsc#1211592 * bsc#1217408 * bsc#1218562 * bsc#1218917 * bsc#1219104 * bsc#1219126 * bsc#1219169 * bsc#1219170 * bsc#1219264 * bsc#1220342 * bsc#1220569 * bsc#1220761 * bsc#1220901 * bsc#1220915 * bsc#1220935 * bsc#1221042 * bsc#1221044 * bsc#1221080 * bsc#1221084 * bsc#1221088 * bsc#1221162 * bsc#1221299 * bsc#1221612 * bsc#1221617 * bsc#1221645 * bsc#1221791 * bsc#1221825 * bsc#1222011 * bsc#1222051 * bsc#1222247 * bsc#1222266 * bsc#1222294 * bsc#1222307 * bsc#1222357 * bsc#1222368 * bsc#1222379 * bsc#1222416 * bsc#1222422 * bsc#1222424 * bsc#1222427 * bsc#1222428 * bsc#1222430 * bsc#1222431 * bsc#1222435 * bsc#1222437 * bsc#1222445 * bsc#1222449 * bsc#1222482 * bsc#1222503 * bsc#1222520 * bsc#1222536 * bsc#1222549 * bsc#1222550 * bsc#1222557 * bsc#1222559 * bsc#1222585 * bsc#1222586 * bsc#1222596 * bsc#1222609 * bsc#1222610 * bsc#1222613 * bsc#1222615 * bsc#1222618 * bsc#1222624 * bsc#1222630 * bsc#1222632 * bsc#1222660 * bsc#1222662 * bsc#1222664 * bsc#1222666 * bsc#1222669 * bsc#1222671 * bsc#1222677 * bsc#1222678 * bsc#1222680 * bsc#1222703 * bsc#1222704 * bsc#1222706 * bsc#1222709 * bsc#1222710 * bsc#1222720 * bsc#1222721 * bsc#1222724 * bsc#1222726 * bsc#1222727 * bsc#1222764 * bsc#1222772 * bsc#1222773 * bsc#1222776 * bsc#1222781 * bsc#1222784 * bsc#1222785 * bsc#1222787 * bsc#1222790 * bsc#1222791 * bsc#1222792 * bsc#1222796 * bsc#1222798 * bsc#1222801 * bsc#1222812 * bsc#1222824 * bsc#1222829 * bsc#1222832 * bsc#1222836 * bsc#1222838 * bsc#1222866 * bsc#1222867 * bsc#1222869 * bsc#1222876 * bsc#1222878 * bsc#1222879 * bsc#1222881 * bsc#1222883 * bsc#1222888 * bsc#1222894 * bsc#1222901 * bsc#1222968 * bsc#1223012 * bsc#1223014 * bsc#1223016 * bsc#1223024 * bsc#1223030 * bsc#1223033 * bsc#1223034 * bsc#1223035 * bsc#1223036 * bsc#1223037 * bsc#1223041 * bsc#1223042 * bsc#1223051 * bsc#1223052 * bsc#1223056 * bsc#1223057 * bsc#1223058 * bsc#1223060 * bsc#1223061 * bsc#1223065 * bsc#1223066 * bsc#1223067 * bsc#1223068 * bsc#1223076 * bsc#1223078 * bsc#1223111 * bsc#1223115 * bsc#1223118 * bsc#1223187 * bsc#1223189 * bsc#1223190 * bsc#1223191 * bsc#1223196 * bsc#1223197 * bsc#1223198 * bsc#1223275 * bsc#1223323 * bsc#1223369 * bsc#1223380 * bsc#1223473 * bsc#1223474 * bsc#1223475 * bsc#1223477 * bsc#1223478 * bsc#1223479 * bsc#1223481 * bsc#1223482 * bsc#1223484 * bsc#1223487 * bsc#1223490 * bsc#1223496 * bsc#1223498 * bsc#1223499 * bsc#1223501 * bsc#1223502 * bsc#1223503 * bsc#1223505 * bsc#1223509 * bsc#1223511 * bsc#1223512 * bsc#1223513 * bsc#1223516 * bsc#1223517 * bsc#1223518 * bsc#1223519 * bsc#1223520 * bsc#1223522 * bsc#1223523 * bsc#1223525 * bsc#1223539 * bsc#1223574 * bsc#1223595 * bsc#1223598 * bsc#1223634 * bsc#1223643 * bsc#1223644 * bsc#1223645 * bsc#1223646 * bsc#1223648 * bsc#1223655 * bsc#1223657 * bsc#1223660 * bsc#1223661 * bsc#1223663 * bsc#1223664 * bsc#1223668 * bsc#1223686 * bsc#1223693 * bsc#1223705 * bsc#1223714 * bsc#1223735 * bsc#1223745 * bsc#1223784 * bsc#1223785 * bsc#1223790 * bsc#1223816 * bsc#1223821 * bsc#1223822 * bsc#1223824 * bsc#1223827 * bsc#1223834 * bsc#1223875 * bsc#1223876 * bsc#1223877 * bsc#1223878 * bsc#1223879 * bsc#1223894 * bsc#1223921 * bsc#1223922 * bsc#1223923 * bsc#1223924 * bsc#1223929 * bsc#1223931 * bsc#1223932 * bsc#1223934 * bsc#1223941 * bsc#1223948 * bsc#1223949 * bsc#1223950 * bsc#1223951 * bsc#1223952 * bsc#1223953 * bsc#1223956 * bsc#1223957 * bsc#1223960 * bsc#1223962 * bsc#1223963 * bsc#1223964 * jsc#PED-7167 * jsc#PED-7619 Cross-References: * CVE-2021-47047 * CVE-2021-47181 * CVE-2021-47182 * CVE-2021-47183 * CVE-2021-47184 * CVE-2021-47185 * CVE-2021-47187 * CVE-2021-47188 * CVE-2021-47189 * CVE-2021-47191 * CVE-2021-47192 * CVE-2021-47193 * CVE-2021-47194 * CVE-2021-47195 * CVE-2021-47196 * CVE-2021-47197 * CVE-2021-47198 * CVE-2021-47199 * CVE-2021-47200 * CVE-2021-47201 * CVE-2021-47202 * CVE-2021-47203 * CVE-2021-47204 * CVE-2021-47205 * CVE-2021-47206 * CVE-2021-47207 * CVE-2021-47209 * CVE-2021-47210 * CVE-2021-47211 * CVE-2021-47212 * CVE-2021-47214 * CVE-2021-47215 * CVE-2021-47216 * CVE-2021-47217 * CVE-2021-47218 * CVE-2021-47219 * CVE-2022-48631 * CVE-2022-48632 * CVE-2022-48634 * CVE-2022-48636 * CVE-2022-48637 * CVE-2022-48638 * CVE-2022-48639 * CVE-2022-48640 * CVE-2022-48642 * CVE-2022-48644 * CVE-2022-48646 * CVE-2022-48647 * CVE-2022-48648 * CVE-2022-48650 * CVE-2022-48651 * CVE-2022-48652 * CVE-2022-48653 * CVE-2022-48654 * CVE-2022-48655 * CVE-2022-48656 * CVE-2022-48657 * CVE-2022-48658 * CVE-2022-48659 * CVE-2022-48660 * CVE-2022-48662 * CVE-2022-48663 * CVE-2022-48667 * CVE-2022-48668 * CVE-2022-48671 * CVE-2022-48672 * CVE-2022-48673 * CVE-2022-48675 * CVE-2022-48686 * CVE-2022-48687 * CVE-2022-48688 * CVE-2022-48690 * CVE-2022-48692 * CVE-2022-48693 * CVE-2022-48694 * CVE-2022-48695 * CVE-2022-48697 * CVE-2022-48698 * CVE-2022-48700 * CVE-2022-48701 * CVE-2022-48702 * CVE-2022-48703 * CVE-2022-48704 * CVE-2023-2860 * CVE-2023-52488 * CVE-2023-52503 * CVE-2023-52561 * CVE-2023-52585 * CVE-2023-52589 * CVE-2023-52590 * CVE-2023-52591 * CVE-2023-52593 * CVE-2023-52614 * CVE-2023-52616 * CVE-2023-52620 * CVE-2023-52627 * CVE-2023-52635 * CVE-2023-52636 * CVE-2023-52645 * CVE-2023-52652 * CVE-2023-6270 * CVE-2024-0639 * CVE-2024-0841 * CVE-2024-22099 * CVE-2024-23307 * CVE-2024-23848 * CVE-2024-23850 * CVE-2024-26601 * CVE-2024-26610 * CVE-2024-26656 * CVE-2024-26660 * CVE-2024-26671 * CVE-2024-26673 * CVE-2024-26675 * CVE-2024-26680 * CVE-2024-26681 * CVE-2024-26684 * CVE-2024-26685 * CVE-2024-26687 * CVE-2024-26688 * CVE-2024-26689 * CVE-2024-26696 * CVE-2024-26697 * CVE-2024-26702 * CVE-2024-26704 * CVE-2024-26718 * CVE-2024-26722 * CVE-2024-26727 * CVE-2024-26733 * CVE-2024-26736 * CVE-2024-26737 * CVE-2024-26739 * CVE-2024-26743 * CVE-2024-26744 * CVE-2024-26745 * CVE-2024-26747 * CVE-2024-26749 * CVE-2024-26751 * CVE-2024-26754 * CVE-2024-26760 * CVE-2024-26763 * CVE-2024-26764 * CVE-2024-26766 * CVE-2024-26769 * CVE-2024-26771 * CVE-2024-26772 * CVE-2024-26773 * CVE-2024-26776 * CVE-2024-26779 * CVE-2024-26783 * CVE-2024-26787 * CVE-2024-26790 * CVE-2024-26792 * CVE-2024-26793 * CVE-2024-26798 * CVE-2024-26805 * CVE-2024-26807 * CVE-2024-26816 * CVE-2024-26817 * CVE-2024-26820 * CVE-2024-26825 * CVE-2024-26830 * CVE-2024-26833 * CVE-2024-26836 * CVE-2024-26843 * CVE-2024-26848 * CVE-2024-26852 * CVE-2024-26853 * CVE-2024-26855 * CVE-2024-26856 * CVE-2024-26857 * CVE-2024-26861 * CVE-2024-26862 * CVE-2024-26866 * CVE-2024-26872 * CVE-2024-26875 * CVE-2024-26878 * CVE-2024-26879 * CVE-2024-26881 * CVE-2024-26882 * CVE-2024-26883 * CVE-2024-26884 * CVE-2024-26885 * CVE-2024-26891 * CVE-2024-26893 * CVE-2024-26895 * CVE-2024-26896 * CVE-2024-26897 * CVE-2024-26898 * CVE-2024-26901 * CVE-2024-26903 * CVE-2024-26917 * CVE-2024-26927 * CVE-2024-26948 * CVE-2024-26950 * CVE-2024-26951 * CVE-2024-26955 * CVE-2024-26956 * CVE-2024-26960 * CVE-2024-26965 * CVE-2024-26966 * CVE-2024-26969 * CVE-2024-26970 * CVE-2024-26972 * CVE-2024-26981 * CVE-2024-26982 * CVE-2024-26993 * CVE-2024-27013 * CVE-2024-27014 * CVE-2024-27030 * CVE-2024-27038 * CVE-2024-27039 * CVE-2024-27041 * CVE-2024-27043 * CVE-2024-27046 * CVE-2024-27056 * CVE-2024-27062 * CVE-2024-27389 CVSS scores: * CVE-2021-47181 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47182 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47183 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47184 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47185 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47187 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47188 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47189 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47191 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47193 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47193 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47194 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47194 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47195 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47195 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47196 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47197 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47198 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47198 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47199 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47200 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47201 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47202 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47203 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47204 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47205 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47206 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47207 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47209 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47210 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47211 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47212 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47214 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47215 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47216 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2021-47217 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47218 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47219 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2022-48631 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48632 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48634 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48636 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48637 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48638 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48639 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48640 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48642 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-48644 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48646 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48647 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48648 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48650 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48651 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48652 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48653 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-48654 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2022-48655 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2022-48655 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48656 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-48657 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-48658 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48658 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48659 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48659 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48660 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-48660 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48662 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48662 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48663 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48667 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2022-48668 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2022-48671 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48672 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2022-48673 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48675 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48686 ( SUSE ): 3.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2022-48687 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2022-48688 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48690 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48692 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48693 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48694 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48695 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48697 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2022-48698 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-48700 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-48701 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2022-48702 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L * CVE-2022-48703 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48704 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-2860 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2023-2860 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2023-52488 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52503 ( SUSE ): 4.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2023-52561 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52585 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52589 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52590 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2023-52591 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2023-52593 ( SUSE ): 5.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2023-52614 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2023-52616 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52620 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52627 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52635 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52636 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52645 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52645 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52652 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2023-6270 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6270 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-0639 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0639 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0841 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0841 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-22099 ( SUSE ): 5.3 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-22099 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-23307 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23848 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2024-23848 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-23850 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-23850 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26601 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26601 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26610 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-26656 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26660 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26671 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26673 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26675 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26680 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26681 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26684 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26685 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26687 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26688 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26689 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26696 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26697 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26702 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26704 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26718 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26722 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26727 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26733 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26736 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26737 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26739 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26743 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-26744 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26745 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26747 ( SUSE ): 4.3 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26749 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-26751 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-26754 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26760 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26763 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2024-26764 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-26766 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26769 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26771 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26772 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26773 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26776 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26779 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26783 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26787 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26790 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26792 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26793 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26798 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26805 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26807 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26816 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-26817 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26820 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26825 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26830 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26833 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26836 ( SUSE ): 4.3 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-26843 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26848 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-26852 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26853 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26855 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26856 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26857 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26861 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26862 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-26866 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26872 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26875 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26878 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26879 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26881 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26881 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26882 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26882 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26883 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26883 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26884 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26884 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26885 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26885 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26891 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26893 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26895 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26896 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26897 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26898 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26898 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26901 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2024-26901 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26903 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26903 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26917 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26927 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26948 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26950 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26951 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26955 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26956 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26960 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26965 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26966 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26969 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26970 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26972 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26981 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26982 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26993 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27013 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27014 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27030 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-27038 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27039 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27041 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27043 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-27046 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27056 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27062 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27389 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP5 * Development Tools Module 15-SP5 * Legacy Module 15-SP5 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Availability Extension 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Workstation Extension 15 SP5 An update that solves 218 vulnerabilities, contains two features and has 29 security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2024-26760: Fixed scsi/target/pscsi bio_put() for error case (bsc#1222596). * CVE-2024-27389: Fixed pstore inode handling with d_invalidate() (bsc#1223705). * CVE-2024-27062: Fixed nouveau lock inside client object tree (bsc#1223834). * CVE-2024-27056: Fixed wifi/iwlwifi/mvm to ensure offloading TID queue exists (bsc#1223822). * CVE-2024-27046: Fixed nfp/flower handling acti_netdevs allocation failure (bsc#1223827). * CVE-2024-27043: Fixed a use-after-free in edia/dvbdev in different places (bsc#1223824). * CVE-2024-27041: Fixed drm/amd/display NULL checks for adev->dm.dc in amdgpu_dm_fini() (bsc#1223714). * CVE-2024-27039: Fixed clk/hisilicon/hi3559a an erroneous devm_kfree() (bsc#1223821). * CVE-2024-27038: Fixed clk_core_get NULL pointer dereference (bsc#1223816). * CVE-2024-27030: Fixed octeontx2-af to use separate handlers for interrupts (bsc#1223790). * CVE-2024-27014: Fixed net/mlx5e to prevent deadlock while disabling aRFS (bsc#1223735). * CVE-2024-27013: Fixed tun limit printing rate when illegal packet received by tun device (bsc#1223745). * CVE-2024-26993: Fixed fs/sysfs reference leak in sysfs_break_active_protection() (bsc#1223693). * CVE-2024-26982: Fixed Squashfs inode number check not to be an invalid value of zero (bsc#1223634). * CVE-2024-26970: Fixed clk/qcom/gcc-ipq6018 termination of frequency table arrays (bsc#1223644). * CVE-2024-26969: Fixed clk/qcom/gcc-ipq8074 termination of frequency table arrays (bsc#1223645). * CVE-2024-26966: Fixed clk/qcom/mmcc-apq8084 termination of frequency table arrays (bsc#1223646). * CVE-2024-26965: Fixed clk/qcom/mmcc-msm8974 termination of frequency table arrays (bsc#1223648). * CVE-2024-26960: Fixed mm/swap race between free_swap_and_cache() and swapoff() (bsc#1223655). * CVE-2024-26951: Fixed wireguard/netlink check for dangling peer via is_dead instead of empty list (bsc#1223660). * CVE-2024-26950: Fixed wireguard/netlink to access device through ctx instead of peer (bsc#1223661). * CVE-2024-26948: Fixed drm/amd/display by adding dc_state NULL check in dc_state_release (bsc#1223664). * CVE-2024-26927: Fixed ASoC/SOF bounds checking to firmware data Smatch (bsc#1223525). * CVE-2024-26901: Fixed do_sys_name_to_handle() to use kzalloc() to prevent kernel-infoleak (bsc#1223198). * CVE-2024-26896: Fixed wifi/wfx memory leak when starting AP (bsc#1223042). * CVE-2024-26893: Fixed firmware/arm_scmi for possible double free in SMC transport cleanup path (bsc#1223196). * CVE-2024-26885: Fixed bpf DEVMAP_HASH overflow check on 32-bit arches (bsc#1223190). * CVE-2024-26884: Fixed bpf hashtab overflow check on 32-bit arches (bsc#1223189). * CVE-2024-26883: Fixed bpf stackmap overflow check on 32-bit arches (bsc#1223035). * CVE-2024-26882: Fixed net/ip_tunnel to make sure to pull inner header in ip_tunnel_rcv() (bsc#1223034). * CVE-2024-26881: Fixed net/hns3 kernel crash when 1588 is received on HIP08 devices (bsc#1223041). * CVE-2024-26879: Fixed clk/meson by adding missing clocks to axg_clk_regmaps (bsc#1223066). * CVE-2024-26878: Fixed quota for potential NULL pointer dereference (bsc#1223060). * CVE-2024-26866: Fixed spi/spi-fsl-lpspi by removing redundant spi_controller_put call (bsc#1223024). * CVE-2024-26862: Fixed packet annotate data-races around ignore_outgoing (bsc#1223111). * CVE-2024-26861: Fixed wireguard/receive annotate data-race around receiving_counter.counter (bsc#1223076). * CVE-2024-26857: Fixed geneve to make sure to pull inner header in geneve_rx() (bsc#1223058). * CVE-2024-26856: Fixed use-after-free inside sparx5_del_mact_entry (bsc#1223052). * CVE-2024-26855: Fixed net/ice potential NULL pointer dereference in ice_bridge_setlink() (bsc#1223051). * CVE-2024-26853: Fixed igc returning frame twice in XDP_REDIRECT (bsc#1223061). * CVE-2024-26852: Fixed net/ipv6 to avoid possible UAF in ip6_route_mpath_notify() (bsc#1223057). * CVE-2024-26848: Fixed afs endless loop in directory parsing (bsc#1223030). * CVE-2024-26836: Fixed platform/x86/think-lmi password opcode ordering for workstations (bsc#1222968). * CVE-2024-26830: Fixed i40e to not allow untrusted VF to remove administratively set MAC (bsc#1223012). * CVE-2024-26817: Fixed amdkfd to use calloc instead of kzalloc to avoid integer overflow (bsc#1222812). * CVE-2024-26816: Fixed relocations in .notes section when building with CONFIG_XEN_PV=y by ignoring them (bsc#1222624). * CVE-2024-26807: Fixed spi/cadence-qspi NULL pointer reference in runtime PM hooks (bsc#1222801). * CVE-2024-26805: Fixed a kernel-infoleak-after-free in __skb_datagram_iter in netlink (bsc#1222630). * CVE-2024-26793: Fixed an use-after-free and null-ptr-deref in gtp_newlink() in gtp (bsc#1222428). * CVE-2024-26783: Fixed mm/vmscan bug when calling wakeup_kswapd() with a wrong zone index (bsc#1222615). * CVE-2024-26773: Fixed ext4 block allocation from corrupted group in ext4_mb_try_best_found() (bsc#1222618). * CVE-2024-26772: Fixed ext4 to avoid allocating blocks from corrupted group in ext4_mb_find_by_goal() (bsc#1222613). * CVE-2024-26771: Fixed a null pointer dereference on edma_probe in dmaengine ti edma (bsc#1222610) * CVE-2024-26766: Fixed SDMA off-by-one error in _pad_sdma_tx_descs() (bsc#1222726). * CVE-2024-26764: Fixed IOCB_AIO_RW check in fs/aio before the struct aio_kiocb conversion (bsc#1222721). * CVE-2024-26763: Fixed user corruption via by writing data with O_DIRECT on device in dm-crypt (bsc#1222720). * CVE-2024-26754: Fixed an use-after-free and null-ptr-deref in gtp_genl_dump_pdp() in gtp (bsc#1222632). * CVE-2024-26751: Fixed ARM/ep93xx terminator to gpiod_lookup_table (bsc#1222724). * CVE-2024-26744: Fixed null pointer dereference in srpt_service_guid parameter in rdma/srpt (bsc#1222449). * CVE-2024-26743: Fixed memory leak in qedr_create_user_qp error flow in rdma/qedr (bsc#1222677). * CVE-2024-26737: Fixed selftests/bpf racing between bpf_timer_cancel_and_free and bpf_timer_cancel (bsc#1222557). * CVE-2024-26733: Fixed an overflow in arp_req_get() in arp (bsc#1222585). * CVE-2024-26727: Fixed assertion if a newly created btrfs subvolume already gets read (bsc#1222536). * CVE-2024-26718: Fixed dm-crypt/dm-verity disable tasklets (bsc#1222416). * CVE-2024-26704: Fixed a double-free of blocks due to wrong extents moved_len in ext4 (bsc#1222422). * CVE-2024-26696: Fixed nilfs2 hang in nilfs_lookup_dirty_data_buffers() (bsc#1222549). * CVE-2024-26689: Fixed a use-after-free in encode_cap_msg() (bsc#1222503). * CVE-2024-26687: Fixed xen/events close evtchn after mapping cleanup (bsc#1222435). * CVE-2024-26685: Fixed nilfs2 potential bug in end_buffer_async_write (bsc#1222437). * CVE-2024-26684: Fixed net/stmmac/xgmac handling of DPP safety error for DMA channels (bsc#1222445). * CVE-2024-26681: Fixed netdevsim to avoid potential loop in nsim_dev_trap_report_work() (bsc#1222431). * CVE-2024-26680: Fixed net/atlantic DMA mapping for PTP hwts ring (bsc#1222427). * CVE-2024-26675: Fixed ppp_async to limit MRU to 64K (bsc#1222379). * CVE-2024-26673: Fixed netfilter/nft_ct layer 3 and 4 protocol sanitization (bsc#1222368). * CVE-2024-26671: Fixed blk-mq IO hang from sbitmap wakeup race (bsc#1222357). * CVE-2024-26660: Fixed drm/amd/display bounds check for stream encoder creation (bsc#1222266). * CVE-2024-26656: Fixed drm/amdgpu use-after-free bug (bsc#1222307). * CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221299). * CVE-2024-26601: Fixed ext4 buddy bitmap corruption via fast commit replay (bsc#1220342). * CVE-2024-23850: Fixed double free of anonymous device after snapshot creation failure (bsc#1219126). * CVE-2024-23848: Fixed media/cec for possible use-after-free in cec_queue_msg_fh (bsc#1219104). * CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5 modules (bsc#1219169). * CVE-2024-22099: Fixed a null-pointer-dereference in rfcomm_check_security (bsc#1219170). * CVE-2024-0841: Fixed a null pointer dereference in the hugetlbfs_fill_super function in hugetlbfs (HugeTLB pages) functionality (bsc#1219264). * CVE-2024-0639: Fixed a denial-of-service vulnerability due to a deadlock found in sctp_auto_asconf_init in net/sctp/socket.c (bsc#1218917). * CVE-2023-6270: Fixed a use-after-free issue in aoecmd_cfg_pkts (bsc#1218562). * CVE-2023-52652: Fixed NTB for possible name leak in ntb_register_device() (bsc#1223686). * CVE-2023-52645: Fixed pmdomain/mediatek race conditions with genpd (bsc#1223033). * CVE-2023-52636: Fixed libceph cursor init when preparing sparse read in msgr2 (bsc#1222247). * CVE-2023-52635: Fixed PM/devfreq to synchronize devfreq_monitor_[start/stop] (bsc#1222294). * CVE-2023-52627: Fixed iio:adc:ad7091r exports into IIO_AD7091R namespace (bsc#1222051). * CVE-2023-52620: Fixed netfilter/nf_tables to disallow timeout for anonymous sets never used from userspace (bsc#1221825). * CVE-2023-52616: Fixed unexpected pointer access in crypto/lib/mpi in mpi_ec_init (bsc#1221612). * CVE-2023-52614: Fixed PM/devfreq buffer overflow in trans_stat_show (bsc#1221617). * CVE-2023-52593: Fixed wifi/wfx possible NULL pointer dereference in wfx_set_mfp_ap() (bsc#1221042). * CVE-2023-52591: Fixed a possible reiserfs filesystem corruption via directory renaming (bsc#1221044). * CVE-2023-52590: Fixed a possible ocfs2 filesystem corruption via directory renaming (bsc#1221088). * CVE-2023-52589: Fixed media/rkisp1 IRQ disable race issue (bsc#1221084). * CVE-2023-52585: Fixed drm/amdgpu for possible NULL pointer dereference in amdgpu_ras_query_error_status_helper() (bsc#1221080). * CVE-2023-52561: Fixed arm64/dts/qcom/sdm845-db845c to mark cont splash memory region (bsc#1220935). * CVE-2023-52503: Fixed tee/amdtee use-after-free vulnerability in amdtee_close_session (bsc#1220915). * CVE-2023-52488: Fixed serial/sc16is7xx convert from _raw_ to _noinc_ regmap functions for FIFO (bsc#1221162). * CVE-2022-48662: Fixed a general protection fault (GPF) in i915_perf_open_ioctl (bsc#1223505). * CVE-2022-48659: Fixed mm/slub to return errno if kmalloc() fails (bsc#1223498). * CVE-2022-48658: Fixed mm/slub to avoid a problem in flush_cpu_slab()/__free_slab() task context (bsc#1223496). * CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223513). * CVE-2022-48642: Fixed netfilter/nf_tables percpu memory leak at nf_tables_addchain() (bsc#1223478). * CVE-2022-48640: Fixed bonding for possible NULL pointer dereference in bond_rr_gen_slave_id (bsc#1223499). * CVE-2022-48631: Fixed a bug in ext4, when parsing extents where eh_entries == 0 and eh_depth > 0 (bsc#1223475). * CVE-2021-47214: Fixed hugetlb/userfaultfd during restore reservation in hugetlb_mcopy_atomic_pte() (bsc#1222710). * CVE-2021-47202: Fixed NULL pointer dereferences in of_thermal_ functions (bsc#1222878) * CVE-2021-47200: Fixed drm/prime for possible use-after-free in mmap within drm_gem_ttm_mmap() and drm_gem_ttm_mmap() (bsc#1222838). * CVE-2021-47195: Fixed use-after-free inside SPI via add_lock mutex (bsc#1222832). * CVE-2021-47189: Fixed denial of service due to memory ordering issues between normal and ordered work functions in btrfs (bsc#1222706). * CVE-2021-47185: Fixed a softlockup issue in flush_to_ldisc in tty tty_buffer (bsc#1222669). * CVE-2021-47183: Fixed a null pointer dereference during link down processing in scsi lpfc (bsc#1192145, bsc#1222664). * CVE-2021-47182: Fixed scsi_mode_sense() buffer length handling (bsc#1222662). * CVE-2021-47181: Fixed a null pointer dereference caused by calling platform_get_resource() (bsc#1222660). The following non-security bugs were fixed: * ALSA: firewire-lib: handle quirk to calculate payload quadlets as data block counter (stable-fixes). * ALSA: hda/realtek - Enable audio jacks of Haier Boyue G42 with ALC269VC (stable-fixes). * ALSA: hda/realtek - Fix inactive headset mic jack (stable-fixes). * ALSA: hda/realtek: Add quirk for HP SnowWhite laptops (stable-fixes). * ALSA: hda/realtek: Fix mute led of HP Laptop 15-da3001TU (stable-fixes). * ALSA: hda: intel-sdw-acpi: fix usage of device_get_named_child_node() (git- fixes). * ALSA: scarlett2: Add Focusrite Clarett 2Pre and 4Pre USB support (stable- fixes). * ALSA: scarlett2: Add Focusrite Clarett+ 2Pre and 4Pre support (stable- fixes). * ALSA: scarlett2: Add correct product series name to messages (stable-fixes). * ALSA: scarlett2: Add support for Clarett 8Pre USB (stable-fixes). * ALSA: scarlett2: Default mixer driver to enabled (stable-fixes). * ALSA: scarlett2: Move USB IDs out from device_info struct (stable-fixes). * ASoC: meson: axg-card: make links nonatomic (git-fixes). * ASoC: meson: axg-tdm-interface: manage formatters in trigger (git-fixes). * ASoC: meson: cards: select SND_DYNAMIC_MINORS (git-fixes). * ASoC: soc-core.c: Skip dummy codec when adding platforms (stable-fixes). * ASoC: tegra: Fix DSPK 16-bit playback (git-fixes). * ASoC: ti: davinci-mcasp: Fix race condition during probe (git-fixes). * Bluetooth: Add new quirk for broken read key length on ATS2851 (git-fixes). * Bluetooth: Fix TOCTOU in HCI debugfs implementation (git-fixes). * Bluetooth: Fix memory leak in hci_req_sync_complete() (git-fixes). * Bluetooth: Fix type of len in {l2cap,sco}_sock_getsockopt_old() (stable- fixes). * Bluetooth: L2CAP: Fix not validating setsockopt user input (git-fixes). * Bluetooth: RFCOMM: Fix not validating setsockopt user input (git-fixes). * Bluetooth: SCO: Fix not validating setsockopt user input (git-fixes). * Bluetooth: add quirk for broken address properties (git-fixes). * Bluetooth: btintel: Fix null ptr deref in btintel_read_version (stable- fixes). * Bluetooth: btintel: Fixe build regression (git-fixes). * Bluetooth: btusb: Add Realtek RTL8852BE support ID 0x0bda:0x4853 (stable- fixes). * Bluetooth: hci_event: Fix sending HCI_OP_READ_ENC_KEY_SIZE (git-fixes). * Bluetooth: hci_event: set the conn encrypted before conn establishes (stable-fixes). * Bluetooth: hci_sock: Fix not validating setsockopt user input (git-fixes). * Bluetooth: qca: fix NULL-deref on non-serdev suspend (git-fixes). * Documentation: Add missing documentation for EXPORT_OP flags (stable-fixes). * HID: intel-ish-hid: ipc: Fix dev_err usage with uninitialized dev->devc (git-fixes). * HID: logitech-dj: allow mice to use all types of reports (git-fixes). * HID: uhid: Use READ_ONCE()/WRITE_ONCE() for ->running (stable-fixes). * Input: synaptics-rmi4 - fail probing if memory allocation for "phys" fails (stable-fixes). * NFC: trf7970a: disable all regulators on removal (git-fixes). * NFS: avoid spurious warning of lost lock that is being unlocked (bsc#1221791). * PCI/AER: Block runtime suspend when handling errors (git-fixes). * PCI/DPC: Quirk PIO log size for Intel Ice Lake Root Ports (git-fixes). * PCI/DPC: Quirk PIO log size for Intel Raptor Lake Root Ports (git-fixes). * PCI/DPC: Quirk PIO log size for certain Intel Root Ports (git-fixes). * PCI/PM: Drain runtime-idle callbacks before driver removal (git-fixes). * PCI: Drop pci_device_remove() test of pci_dev->driver (git-fixes). * PCI: rpaphp: Error out on busy status from get-sensor-state (bsc#1223369 ltc#205888). * RAS: Avoid build errors when CONFIG_DEBUG_FS=n (jsc#PED-7619). * RDMA/cm: Print the old state when cm_destroy_id gets timeout (git-fixes). * RDMA/cm: add timeout to cm_destroy_id wait (git-fixes) * Reapply "drm/qxl: simplify qxl_fence_wait" (stable-fixes). * Revert "ACPI: PM: Block ASUS B1400CEAE from suspend to idle by default" (stable-fixes). * Revert "drm/qxl: simplify qxl_fence_wait" (git-fixes). * Revert "ice: Fix ice VF reset during iavf initialization (jsc#PED-376)." (bsc#1223275) * Revert "usb: cdc-wdm: close race between read and workqueue" (git-fixes). * Revert "usb: phy: generic: Get the vbus supply" (git-fixes). * USB: UAS: return ENODEV when submit urbs fail with device not attached (stable-fixes). * USB: serial: add device ID for VeriFone adapter (stable-fixes). * USB: serial: cp210x: add ID for MGP Instruments PDS100 (stable-fixes). * USB: serial: cp210x: add pid/vid for TDK NC0110013M and MM0110113M (stable- fixes). * USB: serial: ftdi_sio: add support for GMC Z216C Adapter IR-USB (stable- fixes). * USB: serial: option: add Fibocom FM135-GL variants (stable-fixes). * USB: serial: option: add Lonsung U8300/U9300 product (stable-fixes). * USB: serial: option: add MeiG Smart SLM320 product (stable-fixes). * USB: serial: option: add Rolling RW101-GL and RW135-GL support (stable- fixes). * USB: serial: option: add Telit FN920C04 rmnet compositions (stable-fixes). * USB: serial: option: add support for Fibocom FM650/FG650 (stable-fixes). * USB: serial: option: support Quectel EM060K sub-models (stable-fixes). * ahci: asm1064: asm1166: do not limit reported ports (git-fixes). * ahci: asm1064: correct count of reported ports (stable-fixes). * arm64: dts: imx8-ss-conn: fix usdhc wrong lpcg clock order (git-fixes) * arm64: dts: rockchip: Remove unsupported node from the Pinebook Pro (git- fixes) * arm64: dts: rockchip: enable internal pull-up for Q7_THRM# on RK3399 (git- fixes) * arm64: dts: rockchip: enable internal pull-up on PCIE_WAKE# for (git-fixes) * arm64: dts: rockchip: enable internal pull-up on Q7_USB_ID for RK3399 (git- fixes) * arm64: dts: rockchip: fix rk3328 hdmi ports node (git-fixes) * arm64: dts: rockchip: fix rk3399 hdmi ports node (git-fixes) * arm64: hibernate: Fix level3 translation fault in swsusp_save() (git-fixes). * ax25: fix use-after-free bugs caused by ax25_ds_del_timer (git-fixes). * batman-adv: Avoid infinite loop trying to resize local TT (git-fixes). * bcache: Fix __bch_btree_node_alloc to make the failure behavior consistent (git-fixes). * bcache: Remove dead references to cache_readaheads (git-fixes). * bcache: Remove unnecessary NULL point check in node allocations (git-fixes). * bcache: add code comments for bch_btree_node_get() and __bch_btree_node_alloc() (git-fixes). * bcache: avoid NULL checking to c->root in run_cache_set() (git-fixes). * bcache: avoid oversize memory allocation by small stripe_size (git-fixes). * bcache: bset: Fix comment typos (git-fixes). * bcache: check return value from btree_node_alloc_replacement() (git-fixes). * bcache: fix NULL pointer reference in cached_dev_detach_finish (git-fixes). * bcache: fix error info in register_bcache() (git-fixes). * bcache: fixup bcache_dev_sectors_dirty_add() multithreaded CPU false sharing (git-fixes). * bcache: fixup btree_cache_wait list damage (git-fixes). * bcache: fixup init dirty data errors (git-fixes). * bcache: fixup lock c->root error (git-fixes). * bcache: fixup multi-threaded bch_sectors_dirty_init() wake-up race (git- fixes). * bcache: move calc_cached_dev_sectors to proper place on backing device detach (git-fixes). * bcache: move uapi header bcache.h to bcache code directory (git-fixes). * bcache: prevent potential division by zero error (git-fixes). * bcache: remove EXPERIMENTAL for Kconfig option 'Asynchronous device registration' (git-fixes). * bcache: remove redundant assignment to variable cur_idx (git-fixes). * bcache: remove the backing_dev_name field from struct cached_dev (git- fixes). * bcache: remove the cache_dev_name field from struct cache (git-fixes). * bcache: remove unnecessary flush_workqueue (git-fixes). * bcache: remove unused bch_mark_cache_readahead function def in stats.h (git- fixes). * bcache: replace a mistaken IS_ERR() by IS_ERR_OR_NULL() in btree_gc_coalesce() (git-fixes). * bcache: replace snprintf in show functions with sysfs_emit (git-fixes). * bcache: revert replacing IS_ERR_OR_NULL with IS_ERR (git-fixes). * bcache: use bvec_kmap_local in bch_data_verify (git-fixes). * bcache: use bvec_kmap_local in bio_csum (git-fixes). * bcache: use default_groups in kobj_type (git-fixes). * bcache:: fix repeated words in comments (git-fixes). * ceph: stop copying to iter at EOF on sync reads (bsc#1223068). * ceph: switch to corrected encoding of max_xattr_size in mdsmap (bsc#1223067). * clk: Get runtime PM before walking tree during disable_unused (git-fixes). * clk: Initialize struct clk_core kref earlier (stable-fixes). * clk: Mark 'all_lists' as const (stable-fixes). * clk: Print an info line before disabling unused clocks (stable-fixes). * clk: Remove prepare_lock hold assertion in __clk_release() (git-fixes). * clk: remove extra empty line (stable-fixes). * comedi: vmk80xx: fix incomplete endpoint checking (git-fixes). * dm cache policy smq: ensure IO does not prevent cleaner policy progress (git-fixes). * dm cache: add cond_resched() to various workqueue loops (git-fixes). * dm clone: call kmem_cache_destroy() in dm_clone_init() error path (git- fixes). * dm crypt: add cond_resched() to dmcrypt_write() (git-fixes). * dm crypt: avoid accessing uninitialized tasklet (git-fixes). * dm flakey: do not corrupt the zero page (git-fixes). * dm flakey: fix a bug with 32-bit highmem systems (git-fixes). * dm flakey: fix a crash with invalid table line (git-fixes). * dm flakey: fix logic when corrupting a bio (git-fixes). * dm init: add dm-mod.waitfor to wait for asynchronously probed block devices (git-fixes). * dm integrity: call kmem_cache_destroy() in dm_integrity_init() error path (git-fixes). * dm integrity: fix out-of-range warning (git-fixes). * dm integrity: reduce vmalloc space footprint on 32-bit architectures (git- fixes). * dm raid: clean up four equivalent goto tags in raid_ctr() (git-fixes). * dm raid: fix false positive for requeue needed during reshape (git-fixes). * dm raid: fix missing reconfig_mutex unlock in raid_ctr() error paths (git- fixes). * dm stats: check for and propagate alloc_percpu failure (git-fixes). * dm thin metadata: Fix ABBA deadlock by resetting dm_bufio_client (git- fixes). * dm thin metadata: check fail_io before using data_sm (git-fixes). * dm thin: add cond_resched() to various workqueue loops (git-fixes). * dm thin: fix deadlock when swapping to thin device (bsc#1177529). * dm verity: do not perform FEC for failed readahead IO (git-fixes). * dm verity: fix error handling for check_at_most_once on FEC (git-fixes). * dm zoned: free dmz->ddev array in dmz_put_zoned_devices (git-fixes). * dm-delay: fix a race between delay_presuspend and delay_bio (git-fixes). * dm-integrity: do not modify bio's immutable bio_vec in integrity_metadata() (git-fixes). * dm-raid: fix lockdep waring in "pers->hot_add_disk" (git-fixes). * dm-verity, dm-crypt: align "struct bvec_iter" correctly (git-fixes). * dm-verity: align struct dm_verity_fec_io properly (git-fixes). * dm: add cond_resched() to dm_wq_work() (git-fixes). * dm: call the resume method on internal suspend (git-fixes). * dm: do not lock fs when the map is NULL during suspend or resume (git- fixes). * dm: do not lock fs when the map is NULL in process of resume (git-fixes). * dm: remove flush_scheduled_work() during local_exit() (git-fixes). * dm: send just one event on resize, not two (git-fixes). * dma: xilinx_dpdma: Fix locking (git-fixes). * dmaengine: idxd: Fix oops during rmmod on single-CPU platforms (git-fixes). * dmaengine: owl: fix register access functions (git-fixes). * dmaengine: tegra186: Fix residual calculation (git-fixes). * docs: Document the FAN_FS_ERROR event (stable-fixes). * drm-print: add drm_dbg_driver to improve namespace symmetry (stable-fixes). * drm/amd/display: Do not recursively call manual trigger programming (stable- fixes). * drm/amd/display: Fix nanosec stat overflow (stable-fixes). * drm/amd/display: fix disable otg wa logic in DCN316 (stable-fixes). * drm/amd/pm: fixes a random hang in S4 for SMU v13.0.4/11 (stable-fixes). * drm/amdgpu/sdma5.2: use legacy HDP flush for SDMA2/3 (stable-fixes). * drm/amdgpu: Fix leak when GPU memory allocation fails (stable-fixes). * drm/amdgpu: Reset dGPU if suspend got aborted (stable-fixes). * drm/amdgpu: always force full reset for SOC21 (stable-fixes). * drm/amdgpu: fix incorrect active rb bitmap for gfx11 (stable-fixes). * drm/amdgpu: fix incorrect number of active RBs for gfx11 (stable-fixes). * drm/amdgpu: once more fix the call oder in amdgpu_ttm_move() v2 (git-fixes). * drm/amdgpu: validate the parameters of bo mapping operations more clearly (git-fixes). * drm/amdkfd: Reset GPU on queue preemption failure (stable-fixes). * drm/ast: Fix soft lockup (git-fixes). * drm/client: Fully protect modes[] with dev->mode_config.mutex (stable- fixes). * drm/i915/cdclk: Fix CDCLK programming order when pipes are active (git- fixes). * drm/i915/vrr: Disable VRR when using bigjoiner (stable-fixes). * drm/i915: Disable port sync when bigjoiner is used (stable-fixes). * drm/msm/dp: fix typo in dp_display_handle_port_status_changed() (git-fixes). * drm/nouveau/nvkm: add a replacement for nvkm_notify (bsc#1223834) * drm/panel: ili9341: Respect deferred probe (git-fixes). * drm/panel: ili9341: Use predefined error codes (git-fixes). * drm/panel: visionox-rm69299: do not unregister DSI device (git-fixes). * drm/vc4: do not check if plane->state->fb == state->fb (stable-fixes). * drm/vmwgfx: Enable DMA mappings with SEV (git-fixes). * drm/vmwgfx: Fix crtc's atomic check conditional (git-fixes). * drm/vmwgfx: Fix invalid reads in fence signaled events (git-fixes). * drm/vmwgfx: Sort primary plane formats by order of preference (git-fixes). * drm: nv04: Fix out of bounds access (git-fixes). * drm: panel-orientation-quirks: Add quirk for GPD Win Mini (stable-fixes). * drm: panel-orientation-quirks: Add quirk for Lenovo Legion Go (stable- fixes). * dump_stack: Do not get cpu_sync for panic CPU (bsc#1223574). * fbdev: fix incorrect address computation in deferred IO (git-fixes). * fbdev: viafb: fix typo in hw_bitblt_1 and hw_bitblt_2 (stable-fixes). * fbmon: prevent division by zero in fb_videomode_from_videomode() (stable- fixes). * fix build warning * fuse: do not unhash root (bsc#1223951). * fuse: fix root lookup with nonzero generation (bsc#1223950). * hwmon: (amc6821) add of_match table (stable-fixes). * i2c: pxa: hide unused icr_bits[] variable (git-fixes). * i2c: smbus: fix NULL function pointer dereference (git-fixes). * i40e: Fix VF MAC filter removal (git-fixes). * idma64: Do not try to serve interrupts when device is powered off (git- fixes). * iio: accel: mxc4005: Interrupt handling fixes (git-fixes). * iio:imu: adis16475: Fix sync mode setting (git-fixes). * init/main.c: Fix potential static_command_line memory overflow (git-fixes). * iommu/amd: Add a length limitation for the ivrs_acpihid command-line parameter (git-fixes). * iommu/amd: Fix "Guest Virtual APIC Table Root Pointer" configuration in IRTE (git-fixes). * iommu/amd: Fix domain flush size when syncing iotlb (git-fixes). * iommu/amd: Fix error handling for pdev_pri_ats_enable() (git-fixes). * iommu/arm-smmu-qcom: Limit the SMR groups to 128 (git-fixes). * iommu/arm-smmu-v3: Acknowledge pri/event queue overflow if any (git-fixes). * iommu/fsl: fix all kernel-doc warnings in fsl_pamu.c (git-fixes). * iommu/iova: Fix alloc iova overflows issue (git-fixes). * iommu/mediatek: Flush IOTLB completely only if domain has been attached (git-fixes). * iommu/rockchip: Fix unwind goto issue (git-fixes). * iommu/sprd: Release dma buffer to avoid memory leak (git-fixes). * iommu/vt-d: Allocate local memory for page request queue (git-fixes). * iommu/vt-d: Allow zero SAGAW if second-stage not supported (git-fixes). * iommu/vt-d: Fix error handling in sva enable/disable paths (git-fixes). * iommu: Fix error unwind in iommu_group_alloc() (git-fixes). * ipv6/addrconf: fix a potential refcount underflow for idev (git-fixes). * kABI: Adjust trace_iterator.wait_index (git-fixes). * kprobes: Fix double free of kretprobe_holder (bsc#1220901). * kprobes: Fix possible use-after-free issue on kprobe registration (git- fixes). * libnvdimm/of_pmem: Use devm_kstrdup instead of kstrdup and check its return value (git-fixes). * libnvdimm/region: Allow setting align attribute on regions without mappings (git-fixes). * livepatch: Fix missing newline character in klp_resolve_symbols() (bsc#1223539). * md/raid1: fix choose next idle in read_balance() (git-fixes). * md: Do not clear MD_CLOSING when the raid is about to stop (git-fixes). * md: do not clear MD_RECOVERY_FROZEN for new dm-raid until resume (git- fixes). * media: cec: core: remove length check of Timer Status (stable-fixes). * media: sta2x11: fix irq handler cast (stable-fixes). * mei: me: add arrow lake point H DID (stable-fixes). * mei: me: add arrow lake point S DID (stable-fixes). * mei: me: disable RPL-S on SPS and IGN firmwares (git-fixes). * mm/vmscan: make sure wakeup_kswapd with managed zone (bsc#1223473). * mmc: sdhci-msm: pervent access to suspended controller (git-fixes). * mtd: diskonchip: work around ubsan link failure (stable-fixes). * nd_btt: Make BTT lanes preemptible (git-fixes). * net: bridge: vlan: fix memory leak in __allowed_ingress (git-fixes). * net: fix a memleak when uncloning an skb dst and its metadata (git-fixes). * net: fix skb leak in __skb_tstamp_tx() (git-fixes). * net: ipv6: ensure we call ipv6_mc_down() at most once (git-fixes). * net: mld: fix reference count leak in mld_{query | report}_work() (git- fixes). * net: stream: purge sk_error_queue in sk_stream_kill_queues() (git-fixes). * net: usb: ax88179_178a: avoid the interface always configured as random address (git-fixes). * net: usb: ax88179_178a: avoid writing the mac address before first reading (git-fixes). * net: usb: ax88179_178a: stop lying about skb->truesize (git-fixes). * net: vlan: fix underflow for the real_dev refcnt (git-fixes). * netfilter: br_netfilter: Drop dst references before setting (git-fixes). * netfilter: ipt_CLUSTERIP: fix refcount leak in clusterip_tg_check() (git- fixes). * netfilter: nft_ct: fix l3num expectations with inet pseudo family (git- fixes). * nfsd: use __fput_sync() to avoid delayed closing of files (bsc#1223380 bsc#1217408). * nilfs2: fix OOB in nilfs_set_de_type (git-fixes). * nilfs2: fix OOB in nilfs_set_de_type (git-fixes). * nouveau: fix function cast warning (git-fixes). * nouveau: fix instmem race condition around ptr stores (git-fixes). * nvdimm/namespace: drop nested variable in create_namespace_pmem() (git- fixes). * nvdimm: Allow overwrite in the presence of disabled dimms (git-fixes). * nvdimm: Fix badblocks clear off-by-one error (git-fixes). * nvdimm: Fix dereference after free in register_nvdimm_pmu() (git-fixes). * nvdimm: Fix firmware activation deadlock scenarios (git-fixes). * nvdimm: Fix memleak of pmu attr_groups in unregister_nvdimm_pmu() (git- fixes). * pci_iounmap(): Fix MMIO mapping leak (git-fixes). * phy: tegra: xusb: Add API to retrieve the port number of phy (stable-fixes). * pinctrl: renesas: checker: Limit cfg reg enum checks to provided IDs (stable-fixes). * platform/x86: touchscreen_dmi: Add an extra entry for a variant of the Chuwi Vi8 tablet (stable-fixes). * powerpc/kasan: Do not instrument non-maskable or raw interrupts (bsc#1223191). * powerpc/pseries/iommu: LPAR panics when rebooted with a frozen PE (bsc#1222011 ltc#205900). * powerpc/rtas: define pr_fmt and convert printk call sites (bsc#1223369 ltc#205888). * powerpc/rtas: export rtas_error_rc() for reuse (bsc#1223369 ltc#205888). * powerpc: Avoid nmi_enter/nmi_exit in real mode interrupt (bsc#1221645 ltc#205739 bsc#1223191). * powerpc: Refactor verification of MSR_RI (bsc#1223191). * printk: Add this_cpu_in_panic() (bsc#1223574). * printk: Adjust mapping for 32bit seq macros (bsc#1223574). * printk: Avoid non-panic CPUs writing to ringbuffer (bsc#1223574). * printk: Disable passing console lock owner completely during panic() (bsc#1223574). * printk: Drop console_sem during panic (bsc#1223574). * printk: Rename abandon_console_lock_in_panic() to other_cpu_in_panic() (bsc#1223574). * printk: Use prb_first_seq() as base for 32bit seq macros (bsc#1223574). * printk: Wait for all reserved records with pr_flush() (bsc#1223574). * printk: nbcon: Relocate 32bit seq macros (bsc#1223574). * printk: ringbuffer: Clarify special lpos values (bsc#1223574). * printk: ringbuffer: Cleanup reader terminology (bsc#1223574). * printk: ringbuffer: Do not skip non-finalized records with prb_next_seq() (bsc#1223574). * printk: ringbuffer: Improve prb_next_seq() performance (bsc#1223574). * printk: ringbuffer: Skip non-finalized records in panic (bsc#1223574). * pstore/zone: Add a null pointer check to the psz_kmsg_read (stable-fixes). * ring-buffer: Do not set shortest_full when full target is hit (git-fixes). * ring-buffer: Fix full_waiters_pending in poll (git-fixes). * ring-buffer: Fix resetting of shortest_full (git-fixes). * ring-buffer: Fix waking up ring buffer readers (git-fixes). * ring-buffer: Make wake once of ring_buffer_wait() more robust (git-fixes). * ring-buffer: Use wait_event_interruptible() in ring_buffer_wait() (git- fixes). * ring-buffer: use READ_ONCE() to read cpu_buffer->commit_page in concurrent environment (git-fixes). * s390/cio: Ensure the copied buf is NUL terminated (git-fixes bsc#1223875). * s390/decompressor: fix misaligned symbol build error (git-fixes bsc#1223785). * s390/mm: Fix clearing storage keys for huge pages (git-fixes bsc#1223877). * s390/mm: Fix storage key clearing for guest huge pages (git-fixes bsc#1223878). * s390/qeth: Fix kernel panic after setting hsuid (git-fixes bsc#1223879). * s390/scm: fix virtual vs physical address confusion (git-fixes bsc#1223784). * s390/vdso: Add CFI for RA register to asm macro vdso_func (git-fixes bsc#1223876). * s390/vdso: drop '-fPIC' from LDFLAGS (git-fixes bsc#1223598). * s390/zcrypt: fix reference counting on zcrypt card objects (git-fixes bsc#1223595). * serial/pmac_zilog: Remove flawed mitigation for rx irq flood (git-fixes). * serial: core: Provide port lock wrappers (stable-fixes). * serial: core: fix kernel-doc for uart_port_unlock_irqrestore() (git-fixes). * serial: mxs-auart: add spinlock around changing cts state (git-fixes). * slimbus: qcom-ngd-ctrl: Add timeout for wait operation (git-fixes). * speakup: Avoid crash on very long word (git-fixes). * speakup: Fix 8bit characters from direct synth (git-fixes). * tcp/udp: Fix memleaks of sk and zerocopy skbs with TX timestamp (git-fixes). * thunderbolt: Avoid notify PM core about runtime PM resume (stable-fixes). * thunderbolt: Fix wake configurations after device unplug (stable-fixes). * tracing/net_sched: Fix tracepoints that save qdisc_dev() as a string (git- fixes). * tracing/ring-buffer: Fix wait_on_pipe() race (git-fixes). * tracing: Have saved_cmdlines arrays all in one allocation (git-fixes). * tracing: Remove precision vsnprintf() check from print event (git-fixes). * tracing: Show size of requested perf buffer (git-fixes). * tracing: Use .flush() call to wake up readers (git-fixes). * usb: Disable USB3 LPM at shutdown (stable-fixes). * usb: Fix regression caused by invalid ep0 maxpacket in virtual SuperSpeed device (git-fixes). * usb: dwc2: host: Fix dereference issue in DDMA completion flow (git-fixes). * usb: gadget: composite: fix OS descriptors w_value logic (git-fixes). * usb: gadget: f_fs: Fix a race condition when processing setup packets (git- fixes). * usb: gadget: f_ncm: Fix UAF ncm object at re-bind after usb ep transport error (stable-fixes). * usb: gadget: tegra-xudc: Fix USB3 PHY retrieval logic (git-fixes). * usb: ohci: Prevent missed ohci interrupts (git-fixes). * usb: sl811-hcd: only defined function checkdone if QUIRK2 is defined (stable-fixes). * usb: typec: tcpci: add generic tcpci fallback compatible (stable-fixes). * usb: typec: tcpm: Check for port partner validity before consuming it (git- fixes). * usb: typec: tcpm: unregister existing source caps before re-registration (bsc#1220569). * usb: typec: ucsi: Ack unsupported commands (stable-fixes). * usb: typec: ucsi: Clear UCSI_CCI_RESET_COMPLETE before reset (stable-fixes). * usb: typec: ucsi: Fix connector check on init (git-fixes). * usb: udc: remove warning when queue disabled ep (stable-fixes). * vdpa/mlx5: Allow CVQ size changes (git-fixes). * virtio: treat alloc_dax() -EOPNOTSUPP failure as non-fatal (bsc#1223949). * wifi: ath9k: fix LNA selection in ath_ant_try_scan() (stable-fixes). * wifi: iwlwifi: mvm: remove old PASN station when adding a new one (git- fixes). * wifi: iwlwifi: mvm: return uid from iwl_mvm_build_scan_cmd (git-fixes). * wifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes (stable- fixes). * wifi: nl80211: do not free NULL coalescing rule (git-fixes). * x86/cpufeatures: Fix dependencies for GFNI, VAES, and VPCLMULQDQ (git- fixes). * x86/mm: Ensure input to pfn_to_kaddr() is treated as a 64-bit type (jsc#PED-7167 git-fixes). * x86/sev: Skip ROM range scans and validation for SEV-SNP guests (jsc#PED-7167 git-fixes). * x86/xen: Add some null pointer checking to smp.c (git-fixes). * x86/xen: add CPU dependencies for 32-bit build (git-fixes). * x86/xen: fix percpu vcpu_info allocation (git-fixes). * xen-netback: properly sync TX responses (git-fixes). * xen-netfront: Add missing skb_mark_for_recycle (git-fixes). * xen/gntdev: Fix the abuse of underlying struct page in DMA-buf import (git- fixes). * xen/xenbus: document will_handle argument for xenbus_watch_path() (git- fixes). * xfrm6: fix inet6_dev refcount underflow problem (git-fixes). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-1659=1 openSUSE-SLE-15.5-2024-1659=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-1659=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-1659=1 * Development Tools Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2024-1659=1 * Legacy Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Legacy-15-SP5-2024-1659=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-1659=1 Please note that this is the initial kernel livepatch without fixes itself, this package is later updated by separate standalone kernel livepatch updates. * SUSE Linux Enterprise High Availability Extension 15 SP5 zypper in -t patch SUSE-SLE-Product-HA-15-SP5-2024-1659=1 * SUSE Linux Enterprise Workstation Extension 15 SP5 zypper in -t patch SUSE-SLE-Product-WE-15-SP5-2024-1659=1 ## Package List: * openSUSE Leap 15.5 (noarch nosrc) * kernel-docs-5.14.21-150500.55.62.2 * openSUSE Leap 15.5 (noarch) * kernel-devel-5.14.21-150500.55.62.2 * kernel-macros-5.14.21-150500.55.62.2 * kernel-source-vanilla-5.14.21-150500.55.62.2 * kernel-docs-html-5.14.21-150500.55.62.2 * kernel-source-5.14.21-150500.55.62.2 * openSUSE Leap 15.5 (nosrc ppc64le x86_64) * kernel-debug-5.14.21-150500.55.62.2 * openSUSE Leap 15.5 (ppc64le x86_64) * kernel-debug-debugsource-5.14.21-150500.55.62.2 * kernel-debug-devel-5.14.21-150500.55.62.2 * kernel-debug-devel-debuginfo-5.14.21-150500.55.62.2 * kernel-debug-debuginfo-5.14.21-150500.55.62.2 * kernel-debug-livepatch-devel-5.14.21-150500.55.62.2 * openSUSE Leap 15.5 (x86_64) * kernel-debug-vdso-5.14.21-150500.55.62.2 * kernel-default-vdso-5.14.21-150500.55.62.2 * kernel-kvmsmall-vdso-5.14.21-150500.55.62.2 * kernel-kvmsmall-vdso-debuginfo-5.14.21-150500.55.62.2 * kernel-default-vdso-debuginfo-5.14.21-150500.55.62.2 * kernel-debug-vdso-debuginfo-5.14.21-150500.55.62.2 * openSUSE Leap 15.5 (aarch64 ppc64le x86_64) * kernel-kvmsmall-devel-debuginfo-5.14.21-150500.55.62.2 * kernel-default-base-5.14.21-150500.55.62.2.150500.6.27.2 * kernel-kvmsmall-livepatch-devel-5.14.21-150500.55.62.2 * kernel-kvmsmall-debugsource-5.14.21-150500.55.62.2 * kernel-kvmsmall-devel-5.14.21-150500.55.62.2 * kernel-default-base-rebuild-5.14.21-150500.55.62.2.150500.6.27.2 * kernel-kvmsmall-debuginfo-5.14.21-150500.55.62.2 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * kernel-obs-build-5.14.21-150500.55.62.2 * gfs2-kmp-default-debuginfo-5.14.21-150500.55.62.2 * kernel-default-livepatch-devel-5.14.21-150500.55.62.2 * kernel-default-optional-5.14.21-150500.55.62.2 * kernel-default-optional-debuginfo-5.14.21-150500.55.62.2 * dlm-kmp-default-5.14.21-150500.55.62.2 * kernel-default-devel-debuginfo-5.14.21-150500.55.62.2 * dlm-kmp-default-debuginfo-5.14.21-150500.55.62.2 * reiserfs-kmp-default-5.14.21-150500.55.62.2 * ocfs2-kmp-default-debuginfo-5.14.21-150500.55.62.2 * cluster-md-kmp-default-debuginfo-5.14.21-150500.55.62.2 * kernel-default-extra-debuginfo-5.14.21-150500.55.62.2 * reiserfs-kmp-default-debuginfo-5.14.21-150500.55.62.2 * ocfs2-kmp-default-5.14.21-150500.55.62.2 * kselftests-kmp-default-debuginfo-5.14.21-150500.55.62.2 * kernel-obs-build-debugsource-5.14.21-150500.55.62.2 * cluster-md-kmp-default-5.14.21-150500.55.62.2 * kernel-obs-qa-5.14.21-150500.55.62.1 * gfs2-kmp-default-5.14.21-150500.55.62.2 * kernel-default-livepatch-5.14.21-150500.55.62.2 * kernel-syms-5.14.21-150500.55.62.1 * kernel-default-debuginfo-5.14.21-150500.55.62.2 * kernel-default-debugsource-5.14.21-150500.55.62.2 * kselftests-kmp-default-5.14.21-150500.55.62.2 * kernel-default-extra-5.14.21-150500.55.62.2 * kernel-default-devel-5.14.21-150500.55.62.2 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-5.14.21-150500.55.62.2 * openSUSE Leap 15.5 (aarch64 nosrc ppc64le x86_64) * kernel-kvmsmall-5.14.21-150500.55.62.2 * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP5_Update_13-debugsource-1-150500.11.3.2 * kernel-livepatch-5_14_21-150500_55_62-default-1-150500.11.3.2 * kernel-livepatch-5_14_21-150500_55_62-default-debuginfo-1-150500.11.3.2 * openSUSE Leap 15.5 (nosrc s390x) * kernel-zfcpdump-5.14.21-150500.55.62.2 * openSUSE Leap 15.5 (s390x) * kernel-zfcpdump-debuginfo-5.14.21-150500.55.62.2 * kernel-zfcpdump-debugsource-5.14.21-150500.55.62.2 * openSUSE Leap 15.5 (nosrc) * dtb-aarch64-5.14.21-150500.55.62.1 * openSUSE Leap 15.5 (aarch64) * dtb-apple-5.14.21-150500.55.62.1 * dtb-socionext-5.14.21-150500.55.62.1 * dlm-kmp-64kb-debuginfo-5.14.21-150500.55.62.2 * kernel-64kb-extra-debuginfo-5.14.21-150500.55.62.2 * kernel-64kb-livepatch-devel-5.14.21-150500.55.62.2 * kselftests-kmp-64kb-debuginfo-5.14.21-150500.55.62.2 * dtb-xilinx-5.14.21-150500.55.62.1 * dtb-mediatek-5.14.21-150500.55.62.1 * dtb-amlogic-5.14.21-150500.55.62.1 * dtb-lg-5.14.21-150500.55.62.1 * dtb-hisilicon-5.14.21-150500.55.62.1 * gfs2-kmp-64kb-5.14.21-150500.55.62.2 * cluster-md-kmp-64kb-debuginfo-5.14.21-150500.55.62.2 * dtb-renesas-5.14.21-150500.55.62.1 * dtb-sprd-5.14.21-150500.55.62.1 * dtb-qcom-5.14.21-150500.55.62.1 * kernel-64kb-extra-5.14.21-150500.55.62.2 * dtb-apm-5.14.21-150500.55.62.1 * dlm-kmp-64kb-5.14.21-150500.55.62.2 * kernel-64kb-devel-5.14.21-150500.55.62.2 * ocfs2-kmp-64kb-5.14.21-150500.55.62.2 * kselftests-kmp-64kb-5.14.21-150500.55.62.2 * kernel-64kb-debugsource-5.14.21-150500.55.62.2 * reiserfs-kmp-64kb-5.14.21-150500.55.62.2 * reiserfs-kmp-64kb-debuginfo-5.14.21-150500.55.62.2 * ocfs2-kmp-64kb-debuginfo-5.14.21-150500.55.62.2 * dtb-amazon-5.14.21-150500.55.62.1 * dtb-allwinner-5.14.21-150500.55.62.1 * dtb-exynos-5.14.21-150500.55.62.1 * kernel-64kb-optional-debuginfo-5.14.21-150500.55.62.2 * dtb-freescale-5.14.21-150500.55.62.1 * dtb-nvidia-5.14.21-150500.55.62.1 * dtb-rockchip-5.14.21-150500.55.62.1 * dtb-arm-5.14.21-150500.55.62.1 * dtb-cavium-5.14.21-150500.55.62.1 * dtb-broadcom-5.14.21-150500.55.62.1 * dtb-amd-5.14.21-150500.55.62.1 * gfs2-kmp-64kb-debuginfo-5.14.21-150500.55.62.2 * kernel-64kb-optional-5.14.21-150500.55.62.2 * dtb-altera-5.14.21-150500.55.62.1 * cluster-md-kmp-64kb-5.14.21-150500.55.62.2 * dtb-marvell-5.14.21-150500.55.62.1 * kernel-64kb-devel-debuginfo-5.14.21-150500.55.62.2 * kernel-64kb-debuginfo-5.14.21-150500.55.62.2 * openSUSE Leap 15.5 (aarch64 nosrc) * kernel-64kb-5.14.21-150500.55.62.2 * SUSE Linux Enterprise Micro 5.5 (aarch64 nosrc s390x x86_64) * kernel-default-5.14.21-150500.55.62.2 * SUSE Linux Enterprise Micro 5.5 (aarch64 x86_64) * kernel-default-base-5.14.21-150500.55.62.2.150500.6.27.2 * SUSE Linux Enterprise Micro 5.5 (aarch64 s390x x86_64) * kernel-default-debuginfo-5.14.21-150500.55.62.2 * kernel-default-debugsource-5.14.21-150500.55.62.2 * Basesystem Module 15-SP5 (aarch64 nosrc) * kernel-64kb-5.14.21-150500.55.62.2 * Basesystem Module 15-SP5 (aarch64) * kernel-64kb-devel-5.14.21-150500.55.62.2 * kernel-64kb-devel-debuginfo-5.14.21-150500.55.62.2 * kernel-64kb-debuginfo-5.14.21-150500.55.62.2 * kernel-64kb-debugsource-5.14.21-150500.55.62.2 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-5.14.21-150500.55.62.2 * Basesystem Module 15-SP5 (aarch64 ppc64le x86_64) * kernel-default-base-5.14.21-150500.55.62.2.150500.6.27.2 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * kernel-default-debuginfo-5.14.21-150500.55.62.2 * kernel-default-devel-debuginfo-5.14.21-150500.55.62.2 * kernel-default-debugsource-5.14.21-150500.55.62.2 * kernel-default-devel-5.14.21-150500.55.62.2 * Basesystem Module 15-SP5 (noarch) * kernel-devel-5.14.21-150500.55.62.2 * kernel-macros-5.14.21-150500.55.62.2 * Basesystem Module 15-SP5 (nosrc s390x) * kernel-zfcpdump-5.14.21-150500.55.62.2 * Basesystem Module 15-SP5 (s390x) * kernel-zfcpdump-debuginfo-5.14.21-150500.55.62.2 * kernel-zfcpdump-debugsource-5.14.21-150500.55.62.2 * Development Tools Module 15-SP5 (noarch nosrc) * kernel-docs-5.14.21-150500.55.62.2 * Development Tools Module 15-SP5 (aarch64 ppc64le s390x x86_64) * kernel-obs-build-5.14.21-150500.55.62.2 * kernel-syms-5.14.21-150500.55.62.1 * kernel-obs-build-debugsource-5.14.21-150500.55.62.2 * Development Tools Module 15-SP5 (noarch) * kernel-source-5.14.21-150500.55.62.2 * Legacy Module 15-SP5 (nosrc) * kernel-default-5.14.21-150500.55.62.2 * Legacy Module 15-SP5 (aarch64 ppc64le s390x x86_64) * kernel-default-debuginfo-5.14.21-150500.55.62.2 * kernel-default-debugsource-5.14.21-150500.55.62.2 * reiserfs-kmp-default-5.14.21-150500.55.62.2 * reiserfs-kmp-default-debuginfo-5.14.21-150500.55.62.2 * SUSE Linux Enterprise Live Patching 15-SP5 (nosrc) * kernel-default-5.14.21-150500.55.62.2 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_62-default-1-150500.11.3.2 * kernel-default-livepatch-5.14.21-150500.55.62.2 * kernel-default-debuginfo-5.14.21-150500.55.62.2 * kernel-livepatch-5_14_21-150500_55_62-default-debuginfo-1-150500.11.3.2 * kernel-livepatch-SLE15-SP5_Update_13-debugsource-1-150500.11.3.2 * kernel-default-livepatch-devel-5.14.21-150500.55.62.2 * kernel-default-debugsource-5.14.21-150500.55.62.2 * SUSE Linux Enterprise High Availability Extension 15 SP5 (aarch64 ppc64le s390x x86_64) * cluster-md-kmp-default-5.14.21-150500.55.62.2 * gfs2-kmp-default-debuginfo-5.14.21-150500.55.62.2 * ocfs2-kmp-default-debuginfo-5.14.21-150500.55.62.2 * cluster-md-kmp-default-debuginfo-5.14.21-150500.55.62.2 * gfs2-kmp-default-5.14.21-150500.55.62.2 * dlm-kmp-default-5.14.21-150500.55.62.2 * kernel-default-debuginfo-5.14.21-150500.55.62.2 * ocfs2-kmp-default-5.14.21-150500.55.62.2 * dlm-kmp-default-debuginfo-5.14.21-150500.55.62.2 * kernel-default-debugsource-5.14.21-150500.55.62.2 * SUSE Linux Enterprise High Availability Extension 15 SP5 (nosrc) * kernel-default-5.14.21-150500.55.62.2 * SUSE Linux Enterprise Workstation Extension 15 SP5 (nosrc) * kernel-default-5.14.21-150500.55.62.2 * SUSE Linux Enterprise Workstation Extension 15 SP5 (x86_64) * kernel-default-debuginfo-5.14.21-150500.55.62.2 * kernel-default-debugsource-5.14.21-150500.55.62.2 * kernel-default-extra-debuginfo-5.14.21-150500.55.62.2 * kernel-default-extra-5.14.21-150500.55.62.2 ## References: * https://www.suse.com/security/cve/CVE-2021-47047.html * https://www.suse.com/security/cve/CVE-2021-47181.html * https://www.suse.com/security/cve/CVE-2021-47182.html * https://www.suse.com/security/cve/CVE-2021-47183.html * https://www.suse.com/security/cve/CVE-2021-47184.html * https://www.suse.com/security/cve/CVE-2021-47185.html * https://www.suse.com/security/cve/CVE-2021-47187.html * https://www.suse.com/security/cve/CVE-2021-47188.html * https://www.suse.com/security/cve/CVE-2021-47189.html * https://www.suse.com/security/cve/CVE-2021-47191.html * https://www.suse.com/security/cve/CVE-2021-47192.html * https://www.suse.com/security/cve/CVE-2021-47193.html * https://www.suse.com/security/cve/CVE-2021-47194.html * https://www.suse.com/security/cve/CVE-2021-47195.html * https://www.suse.com/security/cve/CVE-2021-47196.html * https://www.suse.com/security/cve/CVE-2021-47197.html * https://www.suse.com/security/cve/CVE-2021-47198.html * https://www.suse.com/security/cve/CVE-2021-47199.html * https://www.suse.com/security/cve/CVE-2021-47200.html * https://www.suse.com/security/cve/CVE-2021-47201.html * https://www.suse.com/security/cve/CVE-2021-47202.html * https://www.suse.com/security/cve/CVE-2021-47203.html * https://www.suse.com/security/cve/CVE-2021-47204.html * https://www.suse.com/security/cve/CVE-2021-47205.html * https://www.suse.com/security/cve/CVE-2021-47206.html * https://www.suse.com/security/cve/CVE-2021-47207.html * https://www.suse.com/security/cve/CVE-2021-47209.html * https://www.suse.com/security/cve/CVE-2021-47210.html * https://www.suse.com/security/cve/CVE-2021-47211.html * https://www.suse.com/security/cve/CVE-2021-47212.html * https://www.suse.com/security/cve/CVE-2021-47214.html * https://www.suse.com/security/cve/CVE-2021-47215.html * https://www.suse.com/security/cve/CVE-2021-47216.html * https://www.suse.com/security/cve/CVE-2021-47217.html * https://www.suse.com/security/cve/CVE-2021-47218.html * https://www.suse.com/security/cve/CVE-2021-47219.html * https://www.suse.com/security/cve/CVE-2022-48631.html * https://www.suse.com/security/cve/CVE-2022-48632.html * https://www.suse.com/security/cve/CVE-2022-48634.html * https://www.suse.com/security/cve/CVE-2022-48636.html * https://www.suse.com/security/cve/CVE-2022-48637.html * https://www.suse.com/security/cve/CVE-2022-48638.html * https://www.suse.com/security/cve/CVE-2022-48639.html * https://www.suse.com/security/cve/CVE-2022-48640.html * https://www.suse.com/security/cve/CVE-2022-48642.html * https://www.suse.com/security/cve/CVE-2022-48644.html * https://www.suse.com/security/cve/CVE-2022-48646.html * https://www.suse.com/security/cve/CVE-2022-48647.html * https://www.suse.com/security/cve/CVE-2022-48648.html * https://www.suse.com/security/cve/CVE-2022-48650.html * https://www.suse.com/security/cve/CVE-2022-48651.html * https://www.suse.com/security/cve/CVE-2022-48652.html * https://www.suse.com/security/cve/CVE-2022-48653.html * https://www.suse.com/security/cve/CVE-2022-48654.html * https://www.suse.com/security/cve/CVE-2022-48655.html * https://www.suse.com/security/cve/CVE-2022-48656.html * https://www.suse.com/security/cve/CVE-2022-48657.html * https://www.suse.com/security/cve/CVE-2022-48658.html * https://www.suse.com/security/cve/CVE-2022-48659.html * https://www.suse.com/security/cve/CVE-2022-48660.html * https://www.suse.com/security/cve/CVE-2022-48662.html * https://www.suse.com/security/cve/CVE-2022-48663.html * https://www.suse.com/security/cve/CVE-2022-48667.html * https://www.suse.com/security/cve/CVE-2022-48668.html * https://www.suse.com/security/cve/CVE-2022-48671.html * https://www.suse.com/security/cve/CVE-2022-48672.html * https://www.suse.com/security/cve/CVE-2022-48673.html * https://www.suse.com/security/cve/CVE-2022-48675.html * https://www.suse.com/security/cve/CVE-2022-48686.html * https://www.suse.com/security/cve/CVE-2022-48687.html * https://www.suse.com/security/cve/CVE-2022-48688.html * https://www.suse.com/security/cve/CVE-2022-48690.html * https://www.suse.com/security/cve/CVE-2022-48692.html * https://www.suse.com/security/cve/CVE-2022-48693.html * https://www.suse.com/security/cve/CVE-2022-48694.html * https://www.suse.com/security/cve/CVE-2022-48695.html * https://www.suse.com/security/cve/CVE-2022-48697.html * https://www.suse.com/security/cve/CVE-2022-48698.html * https://www.suse.com/security/cve/CVE-2022-48700.html * https://www.suse.com/security/cve/CVE-2022-48701.html * https://www.suse.com/security/cve/CVE-2022-48702.html * https://www.suse.com/security/cve/CVE-2022-48703.html * https://www.suse.com/security/cve/CVE-2022-48704.html * https://www.suse.com/security/cve/CVE-2023-2860.html * https://www.suse.com/security/cve/CVE-2023-52488.html * https://www.suse.com/security/cve/CVE-2023-52503.html * https://www.suse.com/security/cve/CVE-2023-52561.html * https://www.suse.com/security/cve/CVE-2023-52585.html * https://www.suse.com/security/cve/CVE-2023-52589.html * https://www.suse.com/security/cve/CVE-2023-52590.html * https://www.suse.com/security/cve/CVE-2023-52591.html * https://www.suse.com/security/cve/CVE-2023-52593.html * https://www.suse.com/security/cve/CVE-2023-52614.html * https://www.suse.com/security/cve/CVE-2023-52616.html * https://www.suse.com/security/cve/CVE-2023-52620.html * https://www.suse.com/security/cve/CVE-2023-52627.html * https://www.suse.com/security/cve/CVE-2023-52635.html * https://www.suse.com/security/cve/CVE-2023-52636.html * https://www.suse.com/security/cve/CVE-2023-52645.html * https://www.suse.com/security/cve/CVE-2023-52652.html * https://www.suse.com/security/cve/CVE-2023-6270.html * https://www.suse.com/security/cve/CVE-2024-0639.html * https://www.suse.com/security/cve/CVE-2024-0841.html * https://www.suse.com/security/cve/CVE-2024-22099.html * https://www.suse.com/security/cve/CVE-2024-23307.html * https://www.suse.com/security/cve/CVE-2024-23848.html * https://www.suse.com/security/cve/CVE-2024-23850.html * https://www.suse.com/security/cve/CVE-2024-26601.html * https://www.suse.com/security/cve/CVE-2024-26610.html * https://www.suse.com/security/cve/CVE-2024-26656.html * https://www.suse.com/security/cve/CVE-2024-26660.html * https://www.suse.com/security/cve/CVE-2024-26671.html * https://www.suse.com/security/cve/CVE-2024-26673.html * https://www.suse.com/security/cve/CVE-2024-26675.html * https://www.suse.com/security/cve/CVE-2024-26680.html * https://www.suse.com/security/cve/CVE-2024-26681.html * https://www.suse.com/security/cve/CVE-2024-26684.html * https://www.suse.com/security/cve/CVE-2024-26685.html * https://www.suse.com/security/cve/CVE-2024-26687.html * https://www.suse.com/security/cve/CVE-2024-26688.html * https://www.suse.com/security/cve/CVE-2024-26689.html * https://www.suse.com/security/cve/CVE-2024-26696.html * https://www.suse.com/security/cve/CVE-2024-26697.html * https://www.suse.com/security/cve/CVE-2024-26702.html * https://www.suse.com/security/cve/CVE-2024-26704.html * https://www.suse.com/security/cve/CVE-2024-26718.html * https://www.suse.com/security/cve/CVE-2024-26722.html * https://www.suse.com/security/cve/CVE-2024-26727.html * https://www.suse.com/security/cve/CVE-2024-26733.html * https://www.suse.com/security/cve/CVE-2024-26736.html * https://www.suse.com/security/cve/CVE-2024-26737.html * https://www.suse.com/security/cve/CVE-2024-26739.html * https://www.suse.com/security/cve/CVE-2024-26743.html * https://www.suse.com/security/cve/CVE-2024-26744.html * https://www.suse.com/security/cve/CVE-2024-26745.html * https://www.suse.com/security/cve/CVE-2024-26747.html * https://www.suse.com/security/cve/CVE-2024-26749.html * https://www.suse.com/security/cve/CVE-2024-26751.html * https://www.suse.com/security/cve/CVE-2024-26754.html * https://www.suse.com/security/cve/CVE-2024-26760.html * https://www.suse.com/security/cve/CVE-2024-26763.html * https://www.suse.com/security/cve/CVE-2024-26764.html * https://www.suse.com/security/cve/CVE-2024-26766.html * https://www.suse.com/security/cve/CVE-2024-26769.html * https://www.suse.com/security/cve/CVE-2024-26771.html * https://www.suse.com/security/cve/CVE-2024-26772.html * https://www.suse.com/security/cve/CVE-2024-26773.html * https://www.suse.com/security/cve/CVE-2024-26776.html * https://www.suse.com/security/cve/CVE-2024-26779.html * https://www.suse.com/security/cve/CVE-2024-26783.html * https://www.suse.com/security/cve/CVE-2024-26787.html * https://www.suse.com/security/cve/CVE-2024-26790.html * https://www.suse.com/security/cve/CVE-2024-26792.html * https://www.suse.com/security/cve/CVE-2024-26793.html * https://www.suse.com/security/cve/CVE-2024-26798.html * https://www.suse.com/security/cve/CVE-2024-26805.html * https://www.suse.com/security/cve/CVE-2024-26807.html * https://www.suse.com/security/cve/CVE-2024-26816.html * https://www.suse.com/security/cve/CVE-2024-26817.html * https://www.suse.com/security/cve/CVE-2024-26820.html * https://www.suse.com/security/cve/CVE-2024-26825.html * https://www.suse.com/security/cve/CVE-2024-26830.html * https://www.suse.com/security/cve/CVE-2024-26833.html * https://www.suse.com/security/cve/CVE-2024-26836.html * https://www.suse.com/security/cve/CVE-2024-26843.html * https://www.suse.com/security/cve/CVE-2024-26848.html * https://www.suse.com/security/cve/CVE-2024-26852.html * https://www.suse.com/security/cve/CVE-2024-26853.html * https://www.suse.com/security/cve/CVE-2024-26855.html * https://www.suse.com/security/cve/CVE-2024-26856.html * https://www.suse.com/security/cve/CVE-2024-26857.html * https://www.suse.com/security/cve/CVE-2024-26861.html * https://www.suse.com/security/cve/CVE-2024-26862.html * https://www.suse.com/security/cve/CVE-2024-26866.html * https://www.suse.com/security/cve/CVE-2024-26872.html * https://www.suse.com/security/cve/CVE-2024-26875.html * https://www.suse.com/security/cve/CVE-2024-26878.html * https://www.suse.com/security/cve/CVE-2024-26879.html * https://www.suse.com/security/cve/CVE-2024-26881.html * https://www.suse.com/security/cve/CVE-2024-26882.html * https://www.suse.com/security/cve/CVE-2024-26883.html * https://www.suse.com/security/cve/CVE-2024-26884.html * https://www.suse.com/security/cve/CVE-2024-26885.html * https://www.suse.com/security/cve/CVE-2024-26891.html * https://www.suse.com/security/cve/CVE-2024-26893.html * https://www.suse.com/security/cve/CVE-2024-26895.html * https://www.suse.com/security/cve/CVE-2024-26896.html * https://www.suse.com/security/cve/CVE-2024-26897.html * https://www.suse.com/security/cve/CVE-2024-26898.html * https://www.suse.com/security/cve/CVE-2024-26901.html * https://www.suse.com/security/cve/CVE-2024-26903.html * https://www.suse.com/security/cve/CVE-2024-26917.html * https://www.suse.com/security/cve/CVE-2024-26927.html * https://www.suse.com/security/cve/CVE-2024-26948.html * https://www.suse.com/security/cve/CVE-2024-26950.html * https://www.suse.com/security/cve/CVE-2024-26951.html * https://www.suse.com/security/cve/CVE-2024-26955.html * https://www.suse.com/security/cve/CVE-2024-26956.html * https://www.suse.com/security/cve/CVE-2024-26960.html * https://www.suse.com/security/cve/CVE-2024-26965.html * https://www.suse.com/security/cve/CVE-2024-26966.html * https://www.suse.com/security/cve/CVE-2024-26969.html * https://www.suse.com/security/cve/CVE-2024-26970.html * https://www.suse.com/security/cve/CVE-2024-26972.html * https://www.suse.com/security/cve/CVE-2024-26981.html * https://www.suse.com/security/cve/CVE-2024-26982.html * https://www.suse.com/security/cve/CVE-2024-26993.html * https://www.suse.com/security/cve/CVE-2024-27013.html * https://www.suse.com/security/cve/CVE-2024-27014.html * https://www.suse.com/security/cve/CVE-2024-27030.html * https://www.suse.com/security/cve/CVE-2024-27038.html * https://www.suse.com/security/cve/CVE-2024-27039.html * https://www.suse.com/security/cve/CVE-2024-27041.html * https://www.suse.com/security/cve/CVE-2024-27043.html * https://www.suse.com/security/cve/CVE-2024-27046.html * https://www.suse.com/security/cve/CVE-2024-27056.html * https://www.suse.com/security/cve/CVE-2024-27062.html * https://www.suse.com/security/cve/CVE-2024-27389.html * https://bugzilla.suse.com/show_bug.cgi?id=1177529 * https://bugzilla.suse.com/show_bug.cgi?id=1192145 * https://bugzilla.suse.com/show_bug.cgi?id=1211592 * https://bugzilla.suse.com/show_bug.cgi?id=1217408 * https://bugzilla.suse.com/show_bug.cgi?id=1218562 * https://bugzilla.suse.com/show_bug.cgi?id=1218917 * https://bugzilla.suse.com/show_bug.cgi?id=1219104 * https://bugzilla.suse.com/show_bug.cgi?id=1219126 * https://bugzilla.suse.com/show_bug.cgi?id=1219169 * https://bugzilla.suse.com/show_bug.cgi?id=1219170 * https://bugzilla.suse.com/show_bug.cgi?id=1219264 * https://bugzilla.suse.com/show_bug.cgi?id=1220342 * https://bugzilla.suse.com/show_bug.cgi?id=1220569 * https://bugzilla.suse.com/show_bug.cgi?id=1220761 * https://bugzilla.suse.com/show_bug.cgi?id=1220901 * https://bugzilla.suse.com/show_bug.cgi?id=1220915 * https://bugzilla.suse.com/show_bug.cgi?id=1220935 * https://bugzilla.suse.com/show_bug.cgi?id=1221042 * https://bugzilla.suse.com/show_bug.cgi?id=1221044 * https://bugzilla.suse.com/show_bug.cgi?id=1221080 * https://bugzilla.suse.com/show_bug.cgi?id=1221084 * https://bugzilla.suse.com/show_bug.cgi?id=1221088 * https://bugzilla.suse.com/show_bug.cgi?id=1221162 * https://bugzilla.suse.com/show_bug.cgi?id=1221299 * https://bugzilla.suse.com/show_bug.cgi?id=1221612 * https://bugzilla.suse.com/show_bug.cgi?id=1221617 * https://bugzilla.suse.com/show_bug.cgi?id=1221645 * https://bugzilla.suse.com/show_bug.cgi?id=1221791 * https://bugzilla.suse.com/show_bug.cgi?id=1221825 * https://bugzilla.suse.com/show_bug.cgi?id=1222011 * https://bugzilla.suse.com/show_bug.cgi?id=1222051 * https://bugzilla.suse.com/show_bug.cgi?id=1222247 * https://bugzilla.suse.com/show_bug.cgi?id=1222266 * https://bugzilla.suse.com/show_bug.cgi?id=1222294 * https://bugzilla.suse.com/show_bug.cgi?id=1222307 * https://bugzilla.suse.com/show_bug.cgi?id=1222357 * https://bugzilla.suse.com/show_bug.cgi?id=1222368 * https://bugzilla.suse.com/show_bug.cgi?id=1222379 * https://bugzilla.suse.com/show_bug.cgi?id=1222416 * https://bugzilla.suse.com/show_bug.cgi?id=1222422 * https://bugzilla.suse.com/show_bug.cgi?id=1222424 * https://bugzilla.suse.com/show_bug.cgi?id=1222427 * https://bugzilla.suse.com/show_bug.cgi?id=1222428 * https://bugzilla.suse.com/show_bug.cgi?id=1222430 * https://bugzilla.suse.com/show_bug.cgi?id=1222431 * https://bugzilla.suse.com/show_bug.cgi?id=1222435 * https://bugzilla.suse.com/show_bug.cgi?id=1222437 * https://bugzilla.suse.com/show_bug.cgi?id=1222445 * https://bugzilla.suse.com/show_bug.cgi?id=1222449 * https://bugzilla.suse.com/show_bug.cgi?id=1222482 * https://bugzilla.suse.com/show_bug.cgi?id=1222503 * https://bugzilla.suse.com/show_bug.cgi?id=1222520 * https://bugzilla.suse.com/show_bug.cgi?id=1222536 * https://bugzilla.suse.com/show_bug.cgi?id=1222549 * https://bugzilla.suse.com/show_bug.cgi?id=1222550 * https://bugzilla.suse.com/show_bug.cgi?id=1222557 * https://bugzilla.suse.com/show_bug.cgi?id=1222559 * https://bugzilla.suse.com/show_bug.cgi?id=1222585 * https://bugzilla.suse.com/show_bug.cgi?id=1222586 * https://bugzilla.suse.com/show_bug.cgi?id=1222596 * https://bugzilla.suse.com/show_bug.cgi?id=1222609 * https://bugzilla.suse.com/show_bug.cgi?id=1222610 * https://bugzilla.suse.com/show_bug.cgi?id=1222613 * https://bugzilla.suse.com/show_bug.cgi?id=1222615 * https://bugzilla.suse.com/show_bug.cgi?id=1222618 * https://bugzilla.suse.com/show_bug.cgi?id=1222624 * https://bugzilla.suse.com/show_bug.cgi?id=1222630 * https://bugzilla.suse.com/show_bug.cgi?id=1222632 * https://bugzilla.suse.com/show_bug.cgi?id=1222660 * https://bugzilla.suse.com/show_bug.cgi?id=1222662 * https://bugzilla.suse.com/show_bug.cgi?id=1222664 * https://bugzilla.suse.com/show_bug.cgi?id=1222666 * https://bugzilla.suse.com/show_bug.cgi?id=1222669 * https://bugzilla.suse.com/show_bug.cgi?id=1222671 * https://bugzilla.suse.com/show_bug.cgi?id=1222677 * https://bugzilla.suse.com/show_bug.cgi?id=1222678 * https://bugzilla.suse.com/show_bug.cgi?id=1222680 * https://bugzilla.suse.com/show_bug.cgi?id=1222703 * https://bugzilla.suse.com/show_bug.cgi?id=1222704 * https://bugzilla.suse.com/show_bug.cgi?id=1222706 * https://bugzilla.suse.com/show_bug.cgi?id=1222709 * https://bugzilla.suse.com/show_bug.cgi?id=1222710 * https://bugzilla.suse.com/show_bug.cgi?id=1222720 * https://bugzilla.suse.com/show_bug.cgi?id=1222721 * https://bugzilla.suse.com/show_bug.cgi?id=1222724 * https://bugzilla.suse.com/show_bug.cgi?id=1222726 * https://bugzilla.suse.com/show_bug.cgi?id=1222727 * https://bugzilla.suse.com/show_bug.cgi?id=1222764 * https://bugzilla.suse.com/show_bug.cgi?id=1222772 * https://bugzilla.suse.com/show_bug.cgi?id=1222773 * https://bugzilla.suse.com/show_bug.cgi?id=1222776 * https://bugzilla.suse.com/show_bug.cgi?id=1222781 * https://bugzilla.suse.com/show_bug.cgi?id=1222784 * https://bugzilla.suse.com/show_bug.cgi?id=1222785 * https://bugzilla.suse.com/show_bug.cgi?id=1222787 * https://bugzilla.suse.com/show_bug.cgi?id=1222790 * https://bugzilla.suse.com/show_bug.cgi?id=1222791 * https://bugzilla.suse.com/show_bug.cgi?id=1222792 * https://bugzilla.suse.com/show_bug.cgi?id=1222796 * https://bugzilla.suse.com/show_bug.cgi?id=1222798 * https://bugzilla.suse.com/show_bug.cgi?id=1222801 * https://bugzilla.suse.com/show_bug.cgi?id=1222812 * https://bugzilla.suse.com/show_bug.cgi?id=1222824 * https://bugzilla.suse.com/show_bug.cgi?id=1222829 * https://bugzilla.suse.com/show_bug.cgi?id=1222832 * https://bugzilla.suse.com/show_bug.cgi?id=1222836 * https://bugzilla.suse.com/show_bug.cgi?id=1222838 * https://bugzilla.suse.com/show_bug.cgi?id=1222866 * https://bugzilla.suse.com/show_bug.cgi?id=1222867 * https://bugzilla.suse.com/show_bug.cgi?id=1222869 * https://bugzilla.suse.com/show_bug.cgi?id=1222876 * https://bugzilla.suse.com/show_bug.cgi?id=1222878 * https://bugzilla.suse.com/show_bug.cgi?id=1222879 * https://bugzilla.suse.com/show_bug.cgi?id=1222881 * https://bugzilla.suse.com/show_bug.cgi?id=1222883 * https://bugzilla.suse.com/show_bug.cgi?id=1222888 * https://bugzilla.suse.com/show_bug.cgi?id=1222894 * https://bugzilla.suse.com/show_bug.cgi?id=1222901 * https://bugzilla.suse.com/show_bug.cgi?id=1222968 * https://bugzilla.suse.com/show_bug.cgi?id=1223012 * https://bugzilla.suse.com/show_bug.cgi?id=1223014 * https://bugzilla.suse.com/show_bug.cgi?id=1223016 * https://bugzilla.suse.com/show_bug.cgi?id=1223024 * https://bugzilla.suse.com/show_bug.cgi?id=1223030 * https://bugzilla.suse.com/show_bug.cgi?id=1223033 * https://bugzilla.suse.com/show_bug.cgi?id=1223034 * https://bugzilla.suse.com/show_bug.cgi?id=1223035 * https://bugzilla.suse.com/show_bug.cgi?id=1223036 * https://bugzilla.suse.com/show_bug.cgi?id=1223037 * https://bugzilla.suse.com/show_bug.cgi?id=1223041 * https://bugzilla.suse.com/show_bug.cgi?id=1223042 * https://bugzilla.suse.com/show_bug.cgi?id=1223051 * https://bugzilla.suse.com/show_bug.cgi?id=1223052 * https://bugzilla.suse.com/show_bug.cgi?id=1223056 * https://bugzilla.suse.com/show_bug.cgi?id=1223057 * https://bugzilla.suse.com/show_bug.cgi?id=1223058 * https://bugzilla.suse.com/show_bug.cgi?id=1223060 * https://bugzilla.suse.com/show_bug.cgi?id=1223061 * https://bugzilla.suse.com/show_bug.cgi?id=1223065 * https://bugzilla.suse.com/show_bug.cgi?id=1223066 * https://bugzilla.suse.com/show_bug.cgi?id=1223067 * https://bugzilla.suse.com/show_bug.cgi?id=1223068 * https://bugzilla.suse.com/show_bug.cgi?id=1223076 * https://bugzilla.suse.com/show_bug.cgi?id=1223078 * https://bugzilla.suse.com/show_bug.cgi?id=1223111 * https://bugzilla.suse.com/show_bug.cgi?id=1223115 * https://bugzilla.suse.com/show_bug.cgi?id=1223118 * https://bugzilla.suse.com/show_bug.cgi?id=1223187 * https://bugzilla.suse.com/show_bug.cgi?id=1223189 * https://bugzilla.suse.com/show_bug.cgi?id=1223190 * https://bugzilla.suse.com/show_bug.cgi?id=1223191 * https://bugzilla.suse.com/show_bug.cgi?id=1223196 * https://bugzilla.suse.com/show_bug.cgi?id=1223197 * https://bugzilla.suse.com/show_bug.cgi?id=1223198 * https://bugzilla.suse.com/show_bug.cgi?id=1223275 * https://bugzilla.suse.com/show_bug.cgi?id=1223323 * https://bugzilla.suse.com/show_bug.cgi?id=1223369 * https://bugzilla.suse.com/show_bug.cgi?id=1223380 * https://bugzilla.suse.com/show_bug.cgi?id=1223473 * https://bugzilla.suse.com/show_bug.cgi?id=1223474 * https://bugzilla.suse.com/show_bug.cgi?id=1223475 * https://bugzilla.suse.com/show_bug.cgi?id=1223477 * https://bugzilla.suse.com/show_bug.cgi?id=1223478 * https://bugzilla.suse.com/show_bug.cgi?id=1223479 * https://bugzilla.suse.com/show_bug.cgi?id=1223481 * https://bugzilla.suse.com/show_bug.cgi?id=1223482 * https://bugzilla.suse.com/show_bug.cgi?id=1223484 * https://bugzilla.suse.com/show_bug.cgi?id=1223487 * https://bugzilla.suse.com/show_bug.cgi?id=1223490 * https://bugzilla.suse.com/show_bug.cgi?id=1223496 * https://bugzilla.suse.com/show_bug.cgi?id=1223498 * https://bugzilla.suse.com/show_bug.cgi?id=1223499 * https://bugzilla.suse.com/show_bug.cgi?id=1223501 * https://bugzilla.suse.com/show_bug.cgi?id=1223502 * https://bugzilla.suse.com/show_bug.cgi?id=1223503 * https://bugzilla.suse.com/show_bug.cgi?id=1223505 * https://bugzilla.suse.com/show_bug.cgi?id=1223509 * https://bugzilla.suse.com/show_bug.cgi?id=1223511 * https://bugzilla.suse.com/show_bug.cgi?id=1223512 * https://bugzilla.suse.com/show_bug.cgi?id=1223513 * https://bugzilla.suse.com/show_bug.cgi?id=1223516 * https://bugzilla.suse.com/show_bug.cgi?id=1223517 * https://bugzilla.suse.com/show_bug.cgi?id=1223518 * https://bugzilla.suse.com/show_bug.cgi?id=1223519 * https://bugzilla.suse.com/show_bug.cgi?id=1223520 * https://bugzilla.suse.com/show_bug.cgi?id=1223522 * https://bugzilla.suse.com/show_bug.cgi?id=1223523 * https://bugzilla.suse.com/show_bug.cgi?id=1223525 * https://bugzilla.suse.com/show_bug.cgi?id=1223539 * https://bugzilla.suse.com/show_bug.cgi?id=1223574 * https://bugzilla.suse.com/show_bug.cgi?id=1223595 * https://bugzilla.suse.com/show_bug.cgi?id=1223598 * https://bugzilla.suse.com/show_bug.cgi?id=1223634 * https://bugzilla.suse.com/show_bug.cgi?id=1223643 * https://bugzilla.suse.com/show_bug.cgi?id=1223644 * https://bugzilla.suse.com/show_bug.cgi?id=1223645 * https://bugzilla.suse.com/show_bug.cgi?id=1223646 * https://bugzilla.suse.com/show_bug.cgi?id=1223648 * https://bugzilla.suse.com/show_bug.cgi?id=1223655 * https://bugzilla.suse.com/show_bug.cgi?id=1223657 * https://bugzilla.suse.com/show_bug.cgi?id=1223660 * https://bugzilla.suse.com/show_bug.cgi?id=1223661 * https://bugzilla.suse.com/show_bug.cgi?id=1223663 * https://bugzilla.suse.com/show_bug.cgi?id=1223664 * https://bugzilla.suse.com/show_bug.cgi?id=1223668 * https://bugzilla.suse.com/show_bug.cgi?id=1223686 * https://bugzilla.suse.com/show_bug.cgi?id=1223693 * https://bugzilla.suse.com/show_bug.cgi?id=1223705 * https://bugzilla.suse.com/show_bug.cgi?id=1223714 * https://bugzilla.suse.com/show_bug.cgi?id=1223735 * https://bugzilla.suse.com/show_bug.cgi?id=1223745 * https://bugzilla.suse.com/show_bug.cgi?id=1223784 * https://bugzilla.suse.com/show_bug.cgi?id=1223785 * https://bugzilla.suse.com/show_bug.cgi?id=1223790 * https://bugzilla.suse.com/show_bug.cgi?id=1223816 * https://bugzilla.suse.com/show_bug.cgi?id=1223821 * https://bugzilla.suse.com/show_bug.cgi?id=1223822 * https://bugzilla.suse.com/show_bug.cgi?id=1223824 * https://bugzilla.suse.com/show_bug.cgi?id=1223827 * https://bugzilla.suse.com/show_bug.cgi?id=1223834 * https://bugzilla.suse.com/show_bug.cgi?id=1223875 * https://bugzilla.suse.com/show_bug.cgi?id=1223876 * https://bugzilla.suse.com/show_bug.cgi?id=1223877 * https://bugzilla.suse.com/show_bug.cgi?id=1223878 * https://bugzilla.suse.com/show_bug.cgi?id=1223879 * https://bugzilla.suse.com/show_bug.cgi?id=1223894 * https://bugzilla.suse.com/show_bug.cgi?id=1223921 * https://bugzilla.suse.com/show_bug.cgi?id=1223922 * https://bugzilla.suse.com/show_bug.cgi?id=1223923 * https://bugzilla.suse.com/show_bug.cgi?id=1223924 * https://bugzilla.suse.com/show_bug.cgi?id=1223929 * https://bugzilla.suse.com/show_bug.cgi?id=1223931 * https://bugzilla.suse.com/show_bug.cgi?id=1223932 * https://bugzilla.suse.com/show_bug.cgi?id=1223934 * https://bugzilla.suse.com/show_bug.cgi?id=1223941 * https://bugzilla.suse.com/show_bug.cgi?id=1223948 * https://bugzilla.suse.com/show_bug.cgi?id=1223949 * https://bugzilla.suse.com/show_bug.cgi?id=1223950 * https://bugzilla.suse.com/show_bug.cgi?id=1223951 * https://bugzilla.suse.com/show_bug.cgi?id=1223952 * https://bugzilla.suse.com/show_bug.cgi?id=1223953 * https://bugzilla.suse.com/show_bug.cgi?id=1223956 * https://bugzilla.suse.com/show_bug.cgi?id=1223957 * https://bugzilla.suse.com/show_bug.cgi?id=1223960 * https://bugzilla.suse.com/show_bug.cgi?id=1223962 * https://bugzilla.suse.com/show_bug.cgi?id=1223963 * https://bugzilla.suse.com/show_bug.cgi?id=1223964 * https://jira.suse.com/browse/PED-7167 * https://jira.suse.com/browse/PED-7619 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 16 08:30:05 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 16 May 2024 08:30:05 -0000 Subject: SUSE-SU-2024:1667-1: moderate: Security update for python Message-ID: <171584820503.6890.12781381269440346387@smelt2.prg2.suse.org> # Security update for python Announcement ID: SUSE-SU-2024:1667-1 Rating: moderate References: * bsc#1214675 * bsc#1219306 * bsc#1219559 * bsc#1220970 * bsc#1222537 Cross-References: * CVE-2022-48560 * CVE-2023-27043 * CVE-2023-52425 CVSS scores: * CVE-2022-48560 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48560 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-27043 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2023-27043 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2023-52425 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52425 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Workstation Extension 12 12-SP5 An update that solves three vulnerabilities and has two security fixes can now be installed. ## Description: This update for python fixes the following issues: * CVE-2023-52425: Fixed using the system libexpat (bsc#1219559). * CVE-2023-27043: Modifed fix for unicode string handling in email.utils.parseaddr() (bsc#1222537). * CVE-2022-48560: Fixed use-after-free in Python via heappushpop in heapq (bsc#1214675). Bug fixes: * Switch off tests. ONLY FOR FACTORY!!! (bsc#1219306). * Build with -std=gnu89 to build correctly with gcc14 (bsc#1220970). * Switch from %patchN style to the %patch -P N one. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Workstation Extension 12 12-SP5 zypper in -t patch SUSE-SLE-WE-12-SP5-2024-1667=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1667=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1667=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1667=1 ## Package List: * SUSE Linux Enterprise Workstation Extension 12 12-SP5 (x86_64) * python-base-debugsource-2.7.18-33.32.1 * python-base-debuginfo-2.7.18-33.32.1 * python-devel-2.7.18-33.32.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * python-xml-debuginfo-2.7.18-33.32.1 * python-xml-2.7.18-33.32.1 * python-2.7.18-33.32.1 * python-debugsource-2.7.18-33.32.1 * libpython2_7-1_0-2.7.18-33.32.1 * python-base-debugsource-2.7.18-33.32.1 * python-debuginfo-2.7.18-33.32.1 * python-base-2.7.18-33.32.1 * python-curses-debuginfo-2.7.18-33.32.1 * python-curses-2.7.18-33.32.1 * python-gdbm-2.7.18-33.32.1 * python-devel-2.7.18-33.32.1 * python-idle-2.7.18-33.32.1 * python-base-debuginfo-2.7.18-33.32.1 * python-tk-2.7.18-33.32.1 * python-tk-debuginfo-2.7.18-33.32.1 * libpython2_7-1_0-debuginfo-2.7.18-33.32.1 * python-gdbm-debuginfo-2.7.18-33.32.1 * python-demo-2.7.18-33.32.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (noarch) * python-doc-2.7.18-33.32.1 * python-doc-pdf-2.7.18-33.32.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (x86_64) * python-base-32bit-2.7.18-33.32.1 * python-base-debuginfo-32bit-2.7.18-33.32.1 * libpython2_7-1_0-32bit-2.7.18-33.32.1 * python-debuginfo-32bit-2.7.18-33.32.1 * libpython2_7-1_0-debuginfo-32bit-2.7.18-33.32.1 * python-32bit-2.7.18-33.32.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * python-xml-debuginfo-2.7.18-33.32.1 * python-xml-2.7.18-33.32.1 * python-2.7.18-33.32.1 * python-debugsource-2.7.18-33.32.1 * libpython2_7-1_0-2.7.18-33.32.1 * python-base-debugsource-2.7.18-33.32.1 * python-debuginfo-2.7.18-33.32.1 * python-base-2.7.18-33.32.1 * python-curses-debuginfo-2.7.18-33.32.1 * python-curses-2.7.18-33.32.1 * python-gdbm-2.7.18-33.32.1 * python-devel-2.7.18-33.32.1 * python-idle-2.7.18-33.32.1 * python-base-debuginfo-2.7.18-33.32.1 * python-tk-2.7.18-33.32.1 * python-tk-debuginfo-2.7.18-33.32.1 * libpython2_7-1_0-debuginfo-2.7.18-33.32.1 * python-gdbm-debuginfo-2.7.18-33.32.1 * python-demo-2.7.18-33.32.1 * SUSE Linux Enterprise Server 12 SP5 (noarch) * python-doc-2.7.18-33.32.1 * python-doc-pdf-2.7.18-33.32.1 * SUSE Linux Enterprise Server 12 SP5 (s390x x86_64) * python-base-32bit-2.7.18-33.32.1 * python-base-debuginfo-32bit-2.7.18-33.32.1 * libpython2_7-1_0-32bit-2.7.18-33.32.1 * python-debuginfo-32bit-2.7.18-33.32.1 * libpython2_7-1_0-debuginfo-32bit-2.7.18-33.32.1 * python-32bit-2.7.18-33.32.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * python-xml-debuginfo-2.7.18-33.32.1 * python-xml-2.7.18-33.32.1 * python-2.7.18-33.32.1 * python-debugsource-2.7.18-33.32.1 * libpython2_7-1_0-2.7.18-33.32.1 * python-base-debugsource-2.7.18-33.32.1 * python-debuginfo-2.7.18-33.32.1 * python-base-2.7.18-33.32.1 * python-curses-debuginfo-2.7.18-33.32.1 * python-curses-2.7.18-33.32.1 * python-gdbm-2.7.18-33.32.1 * python-devel-2.7.18-33.32.1 * python-idle-2.7.18-33.32.1 * python-base-debuginfo-2.7.18-33.32.1 * python-tk-2.7.18-33.32.1 * python-tk-debuginfo-2.7.18-33.32.1 * libpython2_7-1_0-debuginfo-2.7.18-33.32.1 * python-gdbm-debuginfo-2.7.18-33.32.1 * python-demo-2.7.18-33.32.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (noarch) * python-doc-2.7.18-33.32.1 * python-doc-pdf-2.7.18-33.32.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (x86_64) * python-base-32bit-2.7.18-33.32.1 * python-base-debuginfo-32bit-2.7.18-33.32.1 * libpython2_7-1_0-32bit-2.7.18-33.32.1 * python-debuginfo-32bit-2.7.18-33.32.1 * libpython2_7-1_0-debuginfo-32bit-2.7.18-33.32.1 * python-32bit-2.7.18-33.32.1 ## References: * https://www.suse.com/security/cve/CVE-2022-48560.html * https://www.suse.com/security/cve/CVE-2023-27043.html * https://www.suse.com/security/cve/CVE-2023-52425.html * https://bugzilla.suse.com/show_bug.cgi?id=1214675 * https://bugzilla.suse.com/show_bug.cgi?id=1219306 * https://bugzilla.suse.com/show_bug.cgi?id=1219559 * https://bugzilla.suse.com/show_bug.cgi?id=1220970 * https://bugzilla.suse.com/show_bug.cgi?id=1222537 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 17 08:30:03 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 17 May 2024 08:30:03 -0000 Subject: SUSE-SU-2024:1675-1: important: Security update for glibc Message-ID: <171593460376.20675.11084533014635528802@smelt2.prg2.suse.org> # Security update for glibc Announcement ID: SUSE-SU-2024:1675-1 Rating: important References: * bsc#1222992 * bsc#1223423 * bsc#1223424 * bsc#1223425 Cross-References: * CVE-2024-2961 * CVE-2024-33599 * CVE-2024-33600 * CVE-2024-33601 * CVE-2024-33602 CVSS scores: * CVE-2024-2961 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H * CVE-2024-33599 ( SUSE ): 7.6 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-33600 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-33601 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-33602 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 An update that solves five vulnerabilities can now be installed. ## Description: This update for glibc fixes the following issues: * nscd: Fixed use-after-free in addgetnetgrentX (BZ #23520) * CVE-2024-33599: nscd: Fixed Stack-based buffer overflow in netgroup cache (bsc#1223423, BZ #31677) * CVE-2024-33600: nscd: Avoid null pointer crashes after notfound response (bsc#1223424, BZ #31678) * CVE-2024-33600: nscd: Do not send missing not-found response in addgetnetgrentX (bsc#1223424, BZ #31678) * CVE-2024-33602: netgroup: Use two buffers in addgetnetgrentX (CVE-2024-33601, bsc#1223425, BZ #31680) * CVE-2024-33602; Use time_t for return type of addgetnetgrentX (bsc#1223425) * CVE-2024-2961: iconv: ISO-2022-CN-EXT: Fixed out-of-bound writes when writing escape sequence (bsc#1222992) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-1675=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1675=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1675=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1675=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * glibc-debuginfo-2.22-114.34.1 * glibc-debugsource-2.22-114.34.1 * glibc-devel-static-2.22-114.34.1 * SUSE Linux Enterprise Software Development Kit 12 SP5 (noarch) * glibc-info-2.22-114.34.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * glibc-devel-2.22-114.34.1 * glibc-locale-debuginfo-2.22-114.34.1 * glibc-2.22-114.34.1 * glibc-profile-2.22-114.34.1 * glibc-debuginfo-2.22-114.34.1 * glibc-debugsource-2.22-114.34.1 * nscd-debuginfo-2.22-114.34.1 * nscd-2.22-114.34.1 * glibc-devel-debuginfo-2.22-114.34.1 * glibc-locale-2.22-114.34.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (noarch) * glibc-i18ndata-2.22-114.34.1 * glibc-info-2.22-114.34.1 * glibc-html-2.22-114.34.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (x86_64) * glibc-locale-debuginfo-32bit-2.22-114.34.1 * glibc-devel-32bit-2.22-114.34.1 * glibc-profile-32bit-2.22-114.34.1 * glibc-devel-debuginfo-32bit-2.22-114.34.1 * glibc-debuginfo-32bit-2.22-114.34.1 * glibc-locale-32bit-2.22-114.34.1 * glibc-32bit-2.22-114.34.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * glibc-devel-2.22-114.34.1 * glibc-locale-debuginfo-2.22-114.34.1 * glibc-2.22-114.34.1 * glibc-profile-2.22-114.34.1 * glibc-debuginfo-2.22-114.34.1 * glibc-debugsource-2.22-114.34.1 * nscd-debuginfo-2.22-114.34.1 * nscd-2.22-114.34.1 * glibc-devel-debuginfo-2.22-114.34.1 * glibc-locale-2.22-114.34.1 * SUSE Linux Enterprise Server 12 SP5 (noarch) * glibc-i18ndata-2.22-114.34.1 * glibc-info-2.22-114.34.1 * glibc-html-2.22-114.34.1 * SUSE Linux Enterprise Server 12 SP5 (s390x x86_64) * glibc-locale-debuginfo-32bit-2.22-114.34.1 * glibc-devel-32bit-2.22-114.34.1 * glibc-profile-32bit-2.22-114.34.1 * glibc-devel-debuginfo-32bit-2.22-114.34.1 * glibc-debuginfo-32bit-2.22-114.34.1 * glibc-locale-32bit-2.22-114.34.1 * glibc-32bit-2.22-114.34.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * glibc-devel-2.22-114.34.1 * glibc-locale-debuginfo-2.22-114.34.1 * glibc-2.22-114.34.1 * glibc-profile-2.22-114.34.1 * glibc-debuginfo-2.22-114.34.1 * glibc-debugsource-2.22-114.34.1 * nscd-debuginfo-2.22-114.34.1 * nscd-2.22-114.34.1 * glibc-devel-debuginfo-2.22-114.34.1 * glibc-locale-2.22-114.34.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (noarch) * glibc-i18ndata-2.22-114.34.1 * glibc-info-2.22-114.34.1 * glibc-html-2.22-114.34.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (x86_64) * glibc-locale-debuginfo-32bit-2.22-114.34.1 * glibc-devel-32bit-2.22-114.34.1 * glibc-profile-32bit-2.22-114.34.1 * glibc-devel-debuginfo-32bit-2.22-114.34.1 * glibc-debuginfo-32bit-2.22-114.34.1 * glibc-locale-32bit-2.22-114.34.1 * glibc-32bit-2.22-114.34.1 ## References: * https://www.suse.com/security/cve/CVE-2024-2961.html * https://www.suse.com/security/cve/CVE-2024-33599.html * https://www.suse.com/security/cve/CVE-2024-33600.html * https://www.suse.com/security/cve/CVE-2024-33601.html * https://www.suse.com/security/cve/CVE-2024-33602.html * https://bugzilla.suse.com/show_bug.cgi?id=1222992 * https://bugzilla.suse.com/show_bug.cgi?id=1223423 * https://bugzilla.suse.com/show_bug.cgi?id=1223424 * https://bugzilla.suse.com/show_bug.cgi?id=1223425 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 17 08:30:08 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 17 May 2024 08:30:08 -0000 Subject: SUSE-SU-2024:1673-1: critical: Security update for python-Pillow Message-ID: <171593460800.20675.1943424678612077033@smelt2.prg2.suse.org> # Security update for python-Pillow Announcement ID: SUSE-SU-2024:1673-1 Rating: critical References: * bsc#1180833 * bsc#1183101 * bsc#1183102 * bsc#1183103 * bsc#1183105 * bsc#1183107 * bsc#1183108 * bsc#1183110 * bsc#1188574 * bsc#1190229 * bsc#1194551 * bsc#1194552 Cross-References: * CVE-2020-35654 * CVE-2021-23437 * CVE-2021-25289 * CVE-2021-25290 * CVE-2021-25292 * CVE-2021-25293 * CVE-2021-27921 * CVE-2021-27922 * CVE-2021-27923 * CVE-2021-34552 * CVE-2022-22815 * CVE-2022-22816 CVSS scores: * CVE-2020-35654 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2020-35654 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2021-23437 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2021-23437 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2021-25289 ( SUSE ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2021-25289 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2021-25290 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2021-25290 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2021-25292 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2021-25292 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2021-25293 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2021-25293 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2021-27921 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2021-27921 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2021-27922 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2021-27922 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2021-27923 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2021-27923 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2021-34552 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2021-34552 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2022-22815 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N * CVE-2022-22815 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L * CVE-2022-22816 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N * CVE-2022-22816 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L Affected Products: * openSUSE Leap 15.3 * openSUSE Leap 15.5 An update that solves 12 vulnerabilities can now be installed. ## Description: This update for python-Pillow fixes the following issues: * Fixed ImagePath.Path array handling (bsc#1194552, CVE-2022-22815, bsc#1194551, CVE-2022-22816) * Use snprintf instead of sprintf (bsc#1188574, CVE-2021-34552) * Fix Memory DOS in Icns, Ico and Blp Image Plugins. (bsc#1183110, CVE-2021-27921, bsc#1183108, CVE-2021-27922, bsc#1183107, CVE-2021-27923) * Fix OOB read in SgiRleDecode.c (bsc#1183102, CVE-2021-25293) * Use more specific regex chars to prevent ReDoS (bsc#1183101, CVE-2021-25292) * Fix negative size read in TiffDecode.c (bsc#1183105, CVE-2021-25290) * Raise ValueError if color specifier is too long (bsc#1190229, CVE-2021-23437) * Incorrect error code checking in TiffDecode.c (bsc#1183103, CVE-2021-25289) * OOB Write in TiffDecode.c (bsc#1180833, CVE-2020-35654) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-1673=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1673=1 ## Package List: * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * python-Pillow-debugsource-7.2.0-150300.3.15.1 * python3-Pillow-tk-7.2.0-150300.3.15.1 * python-Pillow-debuginfo-7.2.0-150300.3.15.1 * python3-Pillow-7.2.0-150300.3.15.1 * python3-Pillow-debuginfo-7.2.0-150300.3.15.1 * python3-Pillow-tk-debuginfo-7.2.0-150300.3.15.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * python-Pillow-debugsource-7.2.0-150300.3.15.1 * python3-Pillow-tk-7.2.0-150300.3.15.1 * python-Pillow-debuginfo-7.2.0-150300.3.15.1 * python3-Pillow-7.2.0-150300.3.15.1 * python3-Pillow-debuginfo-7.2.0-150300.3.15.1 * python3-Pillow-tk-debuginfo-7.2.0-150300.3.15.1 ## References: * https://www.suse.com/security/cve/CVE-2020-35654.html * https://www.suse.com/security/cve/CVE-2021-23437.html * https://www.suse.com/security/cve/CVE-2021-25289.html * https://www.suse.com/security/cve/CVE-2021-25290.html * https://www.suse.com/security/cve/CVE-2021-25292.html * https://www.suse.com/security/cve/CVE-2021-25293.html * https://www.suse.com/security/cve/CVE-2021-27921.html * https://www.suse.com/security/cve/CVE-2021-27922.html * https://www.suse.com/security/cve/CVE-2021-27923.html * https://www.suse.com/security/cve/CVE-2021-34552.html * https://www.suse.com/security/cve/CVE-2022-22815.html * https://www.suse.com/security/cve/CVE-2022-22816.html * https://bugzilla.suse.com/show_bug.cgi?id=1180833 * https://bugzilla.suse.com/show_bug.cgi?id=1183101 * https://bugzilla.suse.com/show_bug.cgi?id=1183102 * https://bugzilla.suse.com/show_bug.cgi?id=1183103 * https://bugzilla.suse.com/show_bug.cgi?id=1183105 * https://bugzilla.suse.com/show_bug.cgi?id=1183107 * https://bugzilla.suse.com/show_bug.cgi?id=1183108 * https://bugzilla.suse.com/show_bug.cgi?id=1183110 * https://bugzilla.suse.com/show_bug.cgi?id=1188574 * https://bugzilla.suse.com/show_bug.cgi?id=1190229 * https://bugzilla.suse.com/show_bug.cgi?id=1194551 * https://bugzilla.suse.com/show_bug.cgi?id=1194552 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 17 16:30:07 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 17 May 2024 16:30:07 -0000 Subject: SUSE-SU-2024:1676-1: important: Security update for MozillaFirefox Message-ID: <171596340715.32592.6014217994467812869@smelt2.prg2.suse.org> # Security update for MozillaFirefox Announcement ID: SUSE-SU-2024:1676-1 Rating: important References: * bsc#1222535 * bsc#1224056 Cross-References: * CVE-2024-2609 * CVE-2024-3302 * CVE-2024-3852 * CVE-2024-3854 * CVE-2024-3857 * CVE-2024-3859 * CVE-2024-3861 * CVE-2024-3863 * CVE-2024-3864 * CVE-2024-4367 * CVE-2024-4767 * CVE-2024-4768 * CVE-2024-4769 * CVE-2024-4770 * CVE-2024-4777 CVSS scores: * CVE-2024-2609 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2024-4367 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-4767 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2024-4768 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2024-4769 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2024-4770 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-4777 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 An update that solves 15 vulnerabilities can now be installed. ## Description: This update for MozillaFirefox fixes the following issues: Update to version 115.11.0 ESR (bsc#1224056): * CVE-2024-4367: Arbitrary JavaScript execution in PDF.js * CVE-2024-4767: IndexedDB files retained in private browsing mode * CVE-2024-4768: Potential permissions request bypass via clickjacking * CVE-2024-4769: Cross-origin responses could be distinguished between script and non-script content-types * CVE-2024-4770: Use-after-free could occur when printing to PDF * CVE-2024-4777: Memory safety bugs fixed in Firefox 126, Firefox ESR 115.11, and Thunderbird 115.11 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1676=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1676=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1676=1 * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-1676=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * MozillaFirefox-translations-common-115.11.0-112.212.1 * MozillaFirefox-debugsource-115.11.0-112.212.1 * MozillaFirefox-115.11.0-112.212.1 * MozillaFirefox-debuginfo-115.11.0-112.212.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (noarch) * MozillaFirefox-devel-115.11.0-112.212.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * MozillaFirefox-translations-common-115.11.0-112.212.1 * MozillaFirefox-debugsource-115.11.0-112.212.1 * MozillaFirefox-115.11.0-112.212.1 * MozillaFirefox-debuginfo-115.11.0-112.212.1 * SUSE Linux Enterprise Server 12 SP5 (noarch) * MozillaFirefox-devel-115.11.0-112.212.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * MozillaFirefox-translations-common-115.11.0-112.212.1 * MozillaFirefox-debugsource-115.11.0-112.212.1 * MozillaFirefox-115.11.0-112.212.1 * MozillaFirefox-debuginfo-115.11.0-112.212.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (noarch) * MozillaFirefox-devel-115.11.0-112.212.1 * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * MozillaFirefox-debugsource-115.11.0-112.212.1 * MozillaFirefox-debuginfo-115.11.0-112.212.1 * SUSE Linux Enterprise Software Development Kit 12 SP5 (noarch) * MozillaFirefox-devel-115.11.0-112.212.1 ## References: * https://www.suse.com/security/cve/CVE-2024-2609.html * https://www.suse.com/security/cve/CVE-2024-3302.html * https://www.suse.com/security/cve/CVE-2024-3852.html * https://www.suse.com/security/cve/CVE-2024-3854.html * https://www.suse.com/security/cve/CVE-2024-3857.html * https://www.suse.com/security/cve/CVE-2024-3859.html * https://www.suse.com/security/cve/CVE-2024-3861.html * https://www.suse.com/security/cve/CVE-2024-3863.html * https://www.suse.com/security/cve/CVE-2024-3864.html * https://www.suse.com/security/cve/CVE-2024-4367.html * https://www.suse.com/security/cve/CVE-2024-4767.html * https://www.suse.com/security/cve/CVE-2024-4768.html * https://www.suse.com/security/cve/CVE-2024-4769.html * https://www.suse.com/security/cve/CVE-2024-4770.html * https://www.suse.com/security/cve/CVE-2024-4777.html * https://bugzilla.suse.com/show_bug.cgi?id=1222535 * https://bugzilla.suse.com/show_bug.cgi?id=1224056 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 17 20:30:07 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 17 May 2024 20:30:07 -0000 Subject: SUSE-SU-2024:1677-1: important: Security update for the Linux Kernel RT (Live Patch 7 for SLE 15 SP5) Message-ID: <171597780777.5012.17571607475332546513@smelt2.prg2.suse.org> # Security update for the Linux Kernel RT (Live Patch 7 for SLE 15 SP5) Announcement ID: SUSE-SU-2024:1677-1 Rating: important References: * bsc#1216644 * bsc#1218259 * bsc#1220211 * bsc#1220832 * bsc#1221302 * bsc#1222685 * bsc#1222882 * bsc#1223514 Cross-References: * CVE-2022-48651 * CVE-2023-52502 * CVE-2023-6546 * CVE-2023-6931 * CVE-2024-26585 * CVE-2024-26610 * CVE-2024-26766 CVSS scores: * CVE-2022-48651 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52502 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6931 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6931 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26585 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26585 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26610 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-26766 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves seven vulnerabilities and has one security fix can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_13_24 fixes several issues. The following security issues were fixed: * CVE-2023-6931: Fixed a heap out-of-bounds write vulnerability in perf_read_group() (bsc#1216644). * CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221302). * CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223514). * CVE-2024-26766: Fixed SDMA off-by-one error in _pad_sdma_tx_descs() (bsc#1222882). * CVE-2023-52502: Fixed a race condition in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() (bsc#1220832). * CVE-2024-26585: Fixed race between tx work scheduling and socket close for tls (bsc#1220211). * CVE-2023-6546: Fixed a race condition that could lead to a use-after-free in the GSM 0710 tty multiplexor (bsc#1222685). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-1677=1 SUSE-2024-1678=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-1677=1 SUSE-SLE- Module-Live-Patching-15-SP5-2024-1678=1 ## Package List: * openSUSE Leap 15.5 (x86_64) * kernel-livepatch-5_14_21-150500_13_24-rt-debuginfo-8-150500.2.1 * kernel-livepatch-5_14_21-150500_13_24-rt-8-150500.2.1 * kernel-livepatch-5_14_21-150500_13_11-rt-debuginfo-10-150500.2.1 * kernel-livepatch-SLE15-SP5-RT_Update_3-debugsource-10-150500.2.1 * kernel-livepatch-5_14_21-150500_13_11-rt-10-150500.2.1 * kernel-livepatch-SLE15-SP5-RT_Update_7-debugsource-8-150500.2.1 * SUSE Linux Enterprise Live Patching 15-SP5 (x86_64) * kernel-livepatch-5_14_21-150500_13_24-rt-debuginfo-8-150500.2.1 * kernel-livepatch-5_14_21-150500_13_24-rt-8-150500.2.1 * kernel-livepatch-5_14_21-150500_13_11-rt-debuginfo-10-150500.2.1 * kernel-livepatch-SLE15-SP5-RT_Update_3-debugsource-10-150500.2.1 * kernel-livepatch-5_14_21-150500_13_11-rt-10-150500.2.1 * kernel-livepatch-SLE15-SP5-RT_Update_7-debugsource-8-150500.2.1 ## References: * https://www.suse.com/security/cve/CVE-2022-48651.html * https://www.suse.com/security/cve/CVE-2023-52502.html * https://www.suse.com/security/cve/CVE-2023-6546.html * https://www.suse.com/security/cve/CVE-2023-6931.html * https://www.suse.com/security/cve/CVE-2024-26585.html * https://www.suse.com/security/cve/CVE-2024-26610.html * https://www.suse.com/security/cve/CVE-2024-26766.html * https://bugzilla.suse.com/show_bug.cgi?id=1216644 * https://bugzilla.suse.com/show_bug.cgi?id=1218259 * https://bugzilla.suse.com/show_bug.cgi?id=1220211 * https://bugzilla.suse.com/show_bug.cgi?id=1220832 * https://bugzilla.suse.com/show_bug.cgi?id=1221302 * https://bugzilla.suse.com/show_bug.cgi?id=1222685 * https://bugzilla.suse.com/show_bug.cgi?id=1222882 * https://bugzilla.suse.com/show_bug.cgi?id=1223514 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 17 20:30:04 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 17 May 2024 20:30:04 -0000 Subject: SUSE-SU-2024:1679-1: important: Security update for the Linux Kernel RT (Live Patch 8 for SLE 15 SP5) Message-ID: <171597780457.5012.4933988039931209741@smelt2.prg2.suse.org> # Security update for the Linux Kernel RT (Live Patch 8 for SLE 15 SP5) Announcement ID: SUSE-SU-2024:1679-1 Rating: important References: * bsc#1220211 * bsc#1220832 * bsc#1221302 * bsc#1222685 * bsc#1222882 * bsc#1223514 Cross-References: * CVE-2022-48651 * CVE-2023-52502 * CVE-2023-6546 * CVE-2024-26585 * CVE-2024-26610 * CVE-2024-26766 CVSS scores: * CVE-2022-48651 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52502 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26585 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26585 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26610 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-26766 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves six vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_13_27 fixes several issues. The following security issues were fixed: * CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221302). * CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223514). * CVE-2024-26766: Fixed SDMA off-by-one error in _pad_sdma_tx_descs() (bsc#1222882). * CVE-2023-52502: Fixed a race condition in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() (bsc#1220832). * CVE-2024-26585: Fixed race between tx work scheduling and socket close for tls (bsc#1220211). * CVE-2023-6546: Fixed a race condition that could lead to a use-after-free in the GSM 0710 tty multiplexor (bsc#1222685). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-1679=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-1679=1 ## Package List: * openSUSE Leap 15.5 (x86_64) * kernel-livepatch-SLE15-SP5-RT_Update_8-debugsource-7-150500.2.1 * kernel-livepatch-5_14_21-150500_13_27-rt-debuginfo-7-150500.2.1 * kernel-livepatch-5_14_21-150500_13_27-rt-7-150500.2.1 * SUSE Linux Enterprise Live Patching 15-SP5 (x86_64) * kernel-livepatch-SLE15-SP5-RT_Update_8-debugsource-7-150500.2.1 * kernel-livepatch-5_14_21-150500_13_27-rt-debuginfo-7-150500.2.1 * kernel-livepatch-5_14_21-150500_13_27-rt-7-150500.2.1 ## References: * https://www.suse.com/security/cve/CVE-2022-48651.html * https://www.suse.com/security/cve/CVE-2023-52502.html * https://www.suse.com/security/cve/CVE-2023-6546.html * https://www.suse.com/security/cve/CVE-2024-26585.html * https://www.suse.com/security/cve/CVE-2024-26610.html * https://www.suse.com/security/cve/CVE-2024-26766.html * https://bugzilla.suse.com/show_bug.cgi?id=1220211 * https://bugzilla.suse.com/show_bug.cgi?id=1220832 * https://bugzilla.suse.com/show_bug.cgi?id=1221302 * https://bugzilla.suse.com/show_bug.cgi?id=1222685 * https://bugzilla.suse.com/show_bug.cgi?id=1222882 * https://bugzilla.suse.com/show_bug.cgi?id=1223514 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 20 08:30:03 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 20 May 2024 08:30:03 -0000 Subject: SUSE-SU-2024:1683-1: important: Security update for the Linux Kernel RT (Live Patch 13 for SLE 15 SP5) Message-ID: <171619380347.17072.3287422908609537944@smelt2.prg2.suse.org> # Security update for the Linux Kernel RT (Live Patch 13 for SLE 15 SP5) Announcement ID: SUSE-SU-2024:1683-1 Rating: important References: * bsc#1221302 * bsc#1223514 Cross-References: * CVE-2022-48651 * CVE-2024-26610 CVSS scores: * CVE-2022-48651 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26610 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves two vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_13_47 fixes several issues. The following security issues were fixed: * CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221302). * CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223514). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-1683=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-1683=1 ## Package List: * openSUSE Leap 15.5 (x86_64) * kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo-2-150500.11.6.1 * kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource-2-150500.11.6.1 * kernel-livepatch-5_14_21-150500_13_47-rt-2-150500.11.6.1 * SUSE Linux Enterprise Live Patching 15-SP5 (x86_64) * kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo-2-150500.11.6.1 * kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource-2-150500.11.6.1 * kernel-livepatch-5_14_21-150500_13_47-rt-2-150500.11.6.1 ## References: * https://www.suse.com/security/cve/CVE-2022-48651.html * https://www.suse.com/security/cve/CVE-2024-26610.html * https://bugzilla.suse.com/show_bug.cgi?id=1221302 * https://bugzilla.suse.com/show_bug.cgi?id=1223514 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 20 08:30:06 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 20 May 2024 08:30:06 -0000 Subject: SUSE-SU-2024:1682-1: important: Security update for the Linux Kernel RT (Live Patch 10 for SLE 15 SP5) Message-ID: <171619380656.17072.14498681700816381081@smelt2.prg2.suse.org> # Security update for the Linux Kernel RT (Live Patch 10 for SLE 15 SP5) Announcement ID: SUSE-SU-2024:1682-1 Rating: important References: * bsc#1219296 * bsc#1220211 * bsc#1220828 * bsc#1220832 * bsc#1221302 * bsc#1222685 * bsc#1222882 * bsc#1223514 Cross-References: * CVE-2022-48651 * CVE-2023-52340 * CVE-2023-52502 * CVE-2023-6546 * CVE-2024-26585 * CVE-2024-26610 * CVE-2024-26622 * CVE-2024-26766 CVSS scores: * CVE-2022-48651 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52340 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52502 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26585 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26585 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26610 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-26622 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26766 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves eight vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_13_35 fixes several issues. The following security issues were fixed: * CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221302). * CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223514). * CVE-2024-26766: Fixed SDMA off-by-one error in _pad_sdma_tx_descs() (bsc#1222882). * CVE-2023-52502: Fixed a race condition in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() (bsc#1220832). * CVE-2024-26585: Fixed race between tx work scheduling and socket close for tls (bsc#1220211). * CVE-2023-6546: Fixed a race condition that could lead to a use-after-free in the GSM 0710 tty multiplexor (bsc#1222685). * CVE-2024-26622: Fixed a use-after-free with tomoyo_write_control() (bsc#1220828). * CVE-2023-52340: Fixed a denial of service related to ICMPv6 'Packet Too Big' packets (bsc#1219296). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-1682=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-1682=1 ## Package List: * openSUSE Leap 15.5 (x86_64) * kernel-livepatch-5_14_21-150500_13_35-rt-4-150500.11.8.1 * kernel-livepatch-SLE15-SP5-RT_Update_10-debugsource-4-150500.11.8.1 * kernel-livepatch-5_14_21-150500_13_35-rt-debuginfo-4-150500.11.8.1 * SUSE Linux Enterprise Live Patching 15-SP5 (x86_64) * kernel-livepatch-5_14_21-150500_13_35-rt-4-150500.11.8.1 * kernel-livepatch-SLE15-SP5-RT_Update_10-debugsource-4-150500.11.8.1 * kernel-livepatch-5_14_21-150500_13_35-rt-debuginfo-4-150500.11.8.1 ## References: * https://www.suse.com/security/cve/CVE-2022-48651.html * https://www.suse.com/security/cve/CVE-2023-52340.html * https://www.suse.com/security/cve/CVE-2023-52502.html * https://www.suse.com/security/cve/CVE-2023-6546.html * https://www.suse.com/security/cve/CVE-2024-26585.html * https://www.suse.com/security/cve/CVE-2024-26610.html * https://www.suse.com/security/cve/CVE-2024-26622.html * https://www.suse.com/security/cve/CVE-2024-26766.html * https://bugzilla.suse.com/show_bug.cgi?id=1219296 * https://bugzilla.suse.com/show_bug.cgi?id=1220211 * https://bugzilla.suse.com/show_bug.cgi?id=1220828 * https://bugzilla.suse.com/show_bug.cgi?id=1220832 * https://bugzilla.suse.com/show_bug.cgi?id=1221302 * https://bugzilla.suse.com/show_bug.cgi?id=1222685 * https://bugzilla.suse.com/show_bug.cgi?id=1222882 * https://bugzilla.suse.com/show_bug.cgi?id=1223514 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 20 08:30:09 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 20 May 2024 08:30:09 -0000 Subject: SUSE-SU-2024:1680-1: important: Security update for the Linux Kernel RT (Live Patch 6 for SLE 15 SP5) Message-ID: <171619380952.17072.13460639455080650090@smelt2.prg2.suse.org> # Security update for the Linux Kernel RT (Live Patch 6 for SLE 15 SP5) Announcement ID: SUSE-SU-2024:1680-1 Rating: important References: * bsc#1216644 * bsc#1218259 * bsc#1220211 * bsc#1220832 * bsc#1221302 * bsc#1222685 * bsc#1222882 * bsc#1223514 Cross-References: * CVE-2022-48651 * CVE-2023-52502 * CVE-2023-6546 * CVE-2023-6931 * CVE-2024-26585 * CVE-2024-26610 * CVE-2024-26766 CVSS scores: * CVE-2022-48651 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52502 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6931 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6931 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26585 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26585 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26610 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-26766 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves seven vulnerabilities and has one security fix can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_13_21 fixes several issues. The following security issues were fixed: * CVE-2023-6931: Fixed a heap out-of-bounds write vulnerability in perf_read_group() (bsc#1216644). * CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221302). * CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223514). * CVE-2024-26766: Fixed SDMA off-by-one error in _pad_sdma_tx_descs() (bsc#1222882). * CVE-2023-52502: Fixed a race condition in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() (bsc#1220832). * CVE-2024-26585: Fixed race between tx work scheduling and socket close for tls (bsc#1220211). * CVE-2023-6546: Fixed a race condition that could lead to a use-after-free in the GSM 0710 tty multiplexor (bsc#1222685). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-1680=1 SUSE-2024-1681=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-1680=1 SUSE-SLE- Module-Live-Patching-15-SP5-2024-1681=1 ## Package List: * openSUSE Leap 15.5 (x86_64) * kernel-livepatch-5_14_21-150500_13_5-rt-12-150500.2.1 * kernel-livepatch-SLE15-SP5-RT_Update_1-debugsource-12-150500.2.1 * kernel-livepatch-5_14_21-150500_13_5-rt-debuginfo-12-150500.2.1 * kernel-livepatch-5_14_21-150500_13_21-rt-debuginfo-8-150500.2.1 * kernel-livepatch-SLE15-SP5-RT_Update_6-debugsource-8-150500.2.1 * kernel-livepatch-5_14_21-150500_13_21-rt-8-150500.2.1 * SUSE Linux Enterprise Live Patching 15-SP5 (x86_64) * kernel-livepatch-5_14_21-150500_13_5-rt-12-150500.2.1 * kernel-livepatch-SLE15-SP5-RT_Update_1-debugsource-12-150500.2.1 * kernel-livepatch-5_14_21-150500_13_5-rt-debuginfo-12-150500.2.1 * kernel-livepatch-5_14_21-150500_13_21-rt-debuginfo-8-150500.2.1 * kernel-livepatch-SLE15-SP5-RT_Update_6-debugsource-8-150500.2.1 * kernel-livepatch-5_14_21-150500_13_21-rt-8-150500.2.1 ## References: * https://www.suse.com/security/cve/CVE-2022-48651.html * https://www.suse.com/security/cve/CVE-2023-52502.html * https://www.suse.com/security/cve/CVE-2023-6546.html * https://www.suse.com/security/cve/CVE-2023-6931.html * https://www.suse.com/security/cve/CVE-2024-26585.html * https://www.suse.com/security/cve/CVE-2024-26610.html * https://www.suse.com/security/cve/CVE-2024-26766.html * https://bugzilla.suse.com/show_bug.cgi?id=1216644 * https://bugzilla.suse.com/show_bug.cgi?id=1218259 * https://bugzilla.suse.com/show_bug.cgi?id=1220211 * https://bugzilla.suse.com/show_bug.cgi?id=1220832 * https://bugzilla.suse.com/show_bug.cgi?id=1221302 * https://bugzilla.suse.com/show_bug.cgi?id=1222685 * https://bugzilla.suse.com/show_bug.cgi?id=1222882 * https://bugzilla.suse.com/show_bug.cgi?id=1223514 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 20 08:30:11 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 20 May 2024 08:30:11 -0000 Subject: SUSE-SU-2024:1684-1: important: Security update for ucode-intel Message-ID: <171619381164.17072.15118250189187358159@smelt2.prg2.suse.org> # Security update for ucode-intel Announcement ID: SUSE-SU-2024:1684-1 Rating: important References: * bsc#1224277 Cross-References: * CVE-2023-45733 * CVE-2023-45745 * CVE-2023-46103 * CVE-2023-47855 CVSS scores: * CVE-2023-45733 ( SUSE ): 2.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N * CVE-2023-45745 ( SUSE ): 7.9 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N * CVE-2023-46103 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-47855 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves four vulnerabilities can now be installed. ## Description: This update for ucode-intel fixes the following issues: Intel CPU Microcode was updated to the 20240514 release (bsc#1224277) * CVE-2023-45733: Fixed a potential security vulnerability in some Intel? Processors that may have allowed information disclosure. * CVE-2023-46103: Fixed a potential security vulnerability in Intel? Core? Ultra Processors that may have allowed denial of service. * CVE-2023-45745,CVE-2023-47855: Fixed a potential security vulnerabilities in some Intel? Trust Domain Extensions (TDX) module software that may have allowed escalation of privilege. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1684=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1684=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1684=1 ## Package List: * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (x86_64) * ucode-intel-debuginfo-20240514-137.1 * ucode-intel-20240514-137.1 * ucode-intel-debugsource-20240514-137.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (x86_64) * ucode-intel-debuginfo-20240514-137.1 * ucode-intel-20240514-137.1 * ucode-intel-debugsource-20240514-137.1 * SUSE Linux Enterprise Server 12 SP5 (x86_64) * ucode-intel-debuginfo-20240514-137.1 * ucode-intel-20240514-137.1 * ucode-intel-debugsource-20240514-137.1 ## References: * https://www.suse.com/security/cve/CVE-2023-45733.html * https://www.suse.com/security/cve/CVE-2023-45745.html * https://www.suse.com/security/cve/CVE-2023-46103.html * https://www.suse.com/security/cve/CVE-2023-47855.html * https://bugzilla.suse.com/show_bug.cgi?id=1224277 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 20 16:30:03 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 20 May 2024 16:30:03 -0000 Subject: SUSE-SU-2024:1695-1: important: Security update for the Linux Kernel RT (Live Patch 5 for SLE 15 SP5) Message-ID: <171622260397.31710.4754070362419266006@smelt2.prg2.suse.org> # Security update for the Linux Kernel RT (Live Patch 5 for SLE 15 SP5) Announcement ID: SUSE-SU-2024:1695-1 Rating: important References: * bsc#1216644 * bsc#1218259 * bsc#1220211 * bsc#1220832 * bsc#1221302 * bsc#1222685 * bsc#1222882 * bsc#1223514 Cross-References: * CVE-2022-48651 * CVE-2023-52502 * CVE-2023-6546 * CVE-2023-6931 * CVE-2024-26585 * CVE-2024-26610 * CVE-2024-26766 CVSS scores: * CVE-2022-48651 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52502 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6931 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6931 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26585 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26585 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26610 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-26766 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves seven vulnerabilities and has one security fix can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_13_18 fixes several issues. The following security issues were fixed: * CVE-2023-6931: Fixed a heap out-of-bounds write vulnerability in perf_read_group() (bsc#1216644). * CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221302). * CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223514). * CVE-2024-26766: Fixed SDMA off-by-one error in _pad_sdma_tx_descs() (bsc#1222882). * CVE-2023-52502: Fixed a race condition in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() (bsc#1220832). * CVE-2024-26585: Fixed race between tx work scheduling and socket close for tls (bsc#1220211). * CVE-2023-6546: Fixed a race condition that could lead to a use-after-free in the GSM 0710 tty multiplexor (bsc#1222685). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-1695=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-1695=1 ## Package List: * openSUSE Leap 15.5 (x86_64) * kernel-livepatch-5_14_21-150500_13_18-rt-9-150500.2.1 * kernel-livepatch-SLE15-SP5-RT_Update_5-debugsource-9-150500.2.1 * kernel-livepatch-5_14_21-150500_13_18-rt-debuginfo-9-150500.2.1 * SUSE Linux Enterprise Live Patching 15-SP5 (x86_64) * kernel-livepatch-5_14_21-150500_13_18-rt-9-150500.2.1 * kernel-livepatch-SLE15-SP5-RT_Update_5-debugsource-9-150500.2.1 * kernel-livepatch-5_14_21-150500_13_18-rt-debuginfo-9-150500.2.1 ## References: * https://www.suse.com/security/cve/CVE-2022-48651.html * https://www.suse.com/security/cve/CVE-2023-52502.html * https://www.suse.com/security/cve/CVE-2023-6546.html * https://www.suse.com/security/cve/CVE-2023-6931.html * https://www.suse.com/security/cve/CVE-2024-26585.html * https://www.suse.com/security/cve/CVE-2024-26610.html * https://www.suse.com/security/cve/CVE-2024-26766.html * https://bugzilla.suse.com/show_bug.cgi?id=1216644 * https://bugzilla.suse.com/show_bug.cgi?id=1218259 * https://bugzilla.suse.com/show_bug.cgi?id=1220211 * https://bugzilla.suse.com/show_bug.cgi?id=1220832 * https://bugzilla.suse.com/show_bug.cgi?id=1221302 * https://bugzilla.suse.com/show_bug.cgi?id=1222685 * https://bugzilla.suse.com/show_bug.cgi?id=1222882 * https://bugzilla.suse.com/show_bug.cgi?id=1223514 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 20 16:30:08 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 20 May 2024 16:30:08 -0000 Subject: SUSE-SU-2024:1694-1: important: Security update for the Linux Kernel (Live Patch 54 for SLE 12 SP5) Message-ID: <171622260846.31710.3603711751131752748@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 54 for SLE 12 SP5) Announcement ID: SUSE-SU-2024:1694-1 Rating: important References: * bsc#1210619 * bsc#1222685 * bsc#1223514 Cross-References: * CVE-2022-48651 * CVE-2023-1829 * CVE-2023-6546 CVSS scores: * CVE-2022-48651 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-1829 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-1829 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Live Patching 12-SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves three vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 4.12.14-122_201 fixes several issues. The following security issues were fixed: * CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223514). * CVE-2023-6546: Fixed a race condition that could lead to a use-after-free in the GSM 0710 tty multiplexor (bsc#1222685). * CVE-2023-1829: Fixed a use-after-free in tcindex that can lead local privilege escalation (bsc#1210619). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 12-SP5 zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2024-1694=1 ## Package List: * SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64) * kgraft-patch-4_12_14-122_201-default-3-8.10.1 ## References: * https://www.suse.com/security/cve/CVE-2022-48651.html * https://www.suse.com/security/cve/CVE-2023-1829.html * https://www.suse.com/security/cve/CVE-2023-6546.html * https://bugzilla.suse.com/show_bug.cgi?id=1210619 * https://bugzilla.suse.com/show_bug.cgi?id=1222685 * https://bugzilla.suse.com/show_bug.cgi?id=1223514 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 20 16:30:10 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 20 May 2024 16:30:10 -0000 Subject: SUSE-SU-2024:1692-1: important: Security update for the Linux Kernel (Live Patch 52 for SLE 12 SP5) Message-ID: <171622261021.31710.6704181097639700176@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 52 for SLE 12 SP5) Announcement ID: SUSE-SU-2024:1692-1 Rating: important References: * bsc#1220211 * bsc#1220832 * bsc#1222685 * bsc#1223514 Cross-References: * CVE-2022-48651 * CVE-2023-52502 * CVE-2023-6546 * CVE-2024-26585 CVSS scores: * CVE-2022-48651 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52502 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26585 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26585 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Live Patching 12-SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves four vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 4.12.14-122_189 fixes several issues. The following security issues were fixed: * CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223514). * CVE-2023-52502: Fixed a race condition in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() (bsc#1220832). * CVE-2024-26585: Fixed race between tx work scheduling and socket close for tls (bsc#1220211). * CVE-2023-6546: Fixed a race condition that could lead to a use-after-free in the GSM 0710 tty multiplexor (bsc#1222685). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 12-SP5 zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2024-1692=1 SUSE-SLE-Live- Patching-12-SP5-2024-1693=1 ## Package List: * SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64) * kgraft-patch-4_12_14-122_186-default-7-2.1 * kgraft-patch-4_12_14-122_189-default-6-2.1 ## References: * https://www.suse.com/security/cve/CVE-2022-48651.html * https://www.suse.com/security/cve/CVE-2023-52502.html * https://www.suse.com/security/cve/CVE-2023-6546.html * https://www.suse.com/security/cve/CVE-2024-26585.html * https://bugzilla.suse.com/show_bug.cgi?id=1220211 * https://bugzilla.suse.com/show_bug.cgi?id=1220832 * https://bugzilla.suse.com/show_bug.cgi?id=1222685 * https://bugzilla.suse.com/show_bug.cgi?id=1223514 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 20 16:30:12 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 20 May 2024 16:30:12 -0000 Subject: SUSE-SU-2024:1686-1: important: Security update for the Linux Kernel (Live Patch 50 for SLE 12 SP5) Message-ID: <171622261217.31710.3344367759085306826@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 50 for SLE 12 SP5) Announcement ID: SUSE-SU-2024:1686-1 Rating: important References: * bsc#1216644 * bsc#1218259 * bsc#1220211 * bsc#1220832 * bsc#1222685 * bsc#1223514 Cross-References: * CVE-2022-48651 * CVE-2023-52502 * CVE-2023-6546 * CVE-2023-6931 * CVE-2024-26585 CVSS scores: * CVE-2022-48651 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52502 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6931 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6931 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26585 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26585 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Live Patching 12-SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves five vulnerabilities and has one security fix can now be installed. ## Description: This update for the Linux Kernel 4.12.14-122_183 fixes several issues. The following security issues were fixed: * CVE-2023-6931: Fixed a heap out-of-bounds write vulnerability in perf_read_group() (bsc#1216644). * CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223514). * CVE-2023-52502: Fixed a race condition in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() (bsc#1220832). * CVE-2024-26585: Fixed race between tx work scheduling and socket close for tls (bsc#1220211). * CVE-2023-6546: Fixed a race condition that could lead to a use-after-free in the GSM 0710 tty multiplexor (bsc#1222685). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 12-SP5 zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2024-1686=1 SUSE-SLE-Live- Patching-12-SP5-2024-1687=1 SUSE-SLE-Live-Patching-12-SP5-2024-1688=1 SUSE-SLE- Live-Patching-12-SP5-2024-1689=1 SUSE-SLE-Live-Patching-12-SP5-2024-1690=1 SUSE- SLE-Live-Patching-12-SP5-2024-1691=1 ## Package List: * SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64) * kgraft-patch-4_12_14-122_176-default-9-2.1 * kgraft-patch-4_12_14-122_179-default-8-2.1 * kgraft-patch-4_12_14-122_162-default-13-2.1 * kgraft-patch-4_12_14-122_159-default-14-2.1 * kgraft-patch-4_12_14-122_165-default-12-2.1 * kgraft-patch-4_12_14-122_183-default-8-2.1 ## References: * https://www.suse.com/security/cve/CVE-2022-48651.html * https://www.suse.com/security/cve/CVE-2023-52502.html * https://www.suse.com/security/cve/CVE-2023-6546.html * https://www.suse.com/security/cve/CVE-2023-6931.html * https://www.suse.com/security/cve/CVE-2024-26585.html * https://bugzilla.suse.com/show_bug.cgi?id=1216644 * https://bugzilla.suse.com/show_bug.cgi?id=1218259 * https://bugzilla.suse.com/show_bug.cgi?id=1220211 * https://bugzilla.suse.com/show_bug.cgi?id=1220832 * https://bugzilla.suse.com/show_bug.cgi?id=1222685 * https://bugzilla.suse.com/show_bug.cgi?id=1223514 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 20 16:30:14 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 20 May 2024 16:30:14 -0000 Subject: SUSE-SU-2024:1685-1: important: Security update for the Linux Kernel RT (Live Patch 9 for SLE 15 SP5) Message-ID: <171622261437.31710.10261242617335785687@smelt2.prg2.suse.org> # Security update for the Linux Kernel RT (Live Patch 9 for SLE 15 SP5) Announcement ID: SUSE-SU-2024:1685-1 Rating: important References: * bsc#1220211 * bsc#1220832 * bsc#1221302 * bsc#1222685 * bsc#1222882 * bsc#1223514 Cross-References: * CVE-2022-48651 * CVE-2023-52502 * CVE-2023-6546 * CVE-2024-26585 * CVE-2024-26610 * CVE-2024-26766 CVSS scores: * CVE-2022-48651 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52502 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26585 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26585 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26610 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-26766 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves six vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_13_30 fixes several issues. The following security issues were fixed: * CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221302). * CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223514). * CVE-2024-26766: Fixed SDMA off-by-one error in _pad_sdma_tx_descs() (bsc#1222882). * CVE-2023-52502: Fixed a race condition in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() (bsc#1220832). * CVE-2024-26585: Fixed race between tx work scheduling and socket close for tls (bsc#1220211). * CVE-2023-6546: Fixed a race condition that could lead to a use-after-free in the GSM 0710 tty multiplexor (bsc#1222685). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-1685=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-1685=1 ## Package List: * openSUSE Leap 15.5 (x86_64) * kernel-livepatch-5_14_21-150500_13_30-rt-debuginfo-6-150500.2.1 * kernel-livepatch-5_14_21-150500_13_30-rt-6-150500.2.1 * kernel-livepatch-SLE15-SP5-RT_Update_9-debugsource-6-150500.2.1 * SUSE Linux Enterprise Live Patching 15-SP5 (x86_64) * kernel-livepatch-5_14_21-150500_13_30-rt-debuginfo-6-150500.2.1 * kernel-livepatch-5_14_21-150500_13_30-rt-6-150500.2.1 * kernel-livepatch-SLE15-SP5-RT_Update_9-debugsource-6-150500.2.1 ## References: * https://www.suse.com/security/cve/CVE-2022-48651.html * https://www.suse.com/security/cve/CVE-2023-52502.html * https://www.suse.com/security/cve/CVE-2023-6546.html * https://www.suse.com/security/cve/CVE-2024-26585.html * https://www.suse.com/security/cve/CVE-2024-26610.html * https://www.suse.com/security/cve/CVE-2024-26766.html * https://bugzilla.suse.com/show_bug.cgi?id=1220211 * https://bugzilla.suse.com/show_bug.cgi?id=1220832 * https://bugzilla.suse.com/show_bug.cgi?id=1221302 * https://bugzilla.suse.com/show_bug.cgi?id=1222685 * https://bugzilla.suse.com/show_bug.cgi?id=1222882 * https://bugzilla.suse.com/show_bug.cgi?id=1223514 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 20 20:30:05 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 20 May 2024 20:30:05 -0000 Subject: SUSE-SU-2024:1696-1: important: Security update for the Linux Kernel (Live Patch 37 for SLE 15 SP3) Message-ID: <171623700562.841.10120227988977020862@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 37 for SLE 15 SP3) Announcement ID: SUSE-SU-2024:1696-1 Rating: important References: * bsc#1216644 * bsc#1218259 * bsc#1220211 * bsc#1220832 * bsc#1221302 * bsc#1222685 * bsc#1223514 Cross-References: * CVE-2022-48651 * CVE-2023-52502 * CVE-2023-6546 * CVE-2023-6931 * CVE-2024-26585 * CVE-2024-26610 CVSS scores: * CVE-2022-48651 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52502 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6931 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6931 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26585 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26585 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26610 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise Live Patching 15-SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves six vulnerabilities and has one security fix can now be installed. ## Description: This update for the Linux Kernel 5.3.18-150300_59_138 fixes several issues. The following security issues were fixed: * CVE-2023-6931: Fixed a heap out-of-bounds write vulnerability in perf_read_group() (bsc#1216644). * CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221302). * CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223514). * CVE-2023-52502: Fixed a race condition in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() (bsc#1220832). * CVE-2024-26585: Fixed race between tx work scheduling and socket close for tls (bsc#1220211). * CVE-2023-6546: Fixed a race condition that could lead to a use-after-free in the GSM 0710 tty multiplexor (bsc#1222685). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-1696=1 * SUSE Linux Enterprise Live Patching 15-SP3 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2024-1696=1 ## Package List: * openSUSE Leap 15.3 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP3_Update_37-debugsource-9-150300.2.1 * kernel-livepatch-5_3_18-150300_59_138-default-9-150300.2.1 * kernel-livepatch-5_3_18-150300_59_138-default-debuginfo-9-150300.2.1 * openSUSE Leap 15.3 (x86_64) * kernel-livepatch-5_3_18-150300_59_138-preempt-9-150300.2.1 * kernel-livepatch-5_3_18-150300_59_138-preempt-debuginfo-9-150300.2.1 * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_138-default-9-150300.2.1 ## References: * https://www.suse.com/security/cve/CVE-2022-48651.html * https://www.suse.com/security/cve/CVE-2023-52502.html * https://www.suse.com/security/cve/CVE-2023-6546.html * https://www.suse.com/security/cve/CVE-2023-6931.html * https://www.suse.com/security/cve/CVE-2024-26585.html * https://www.suse.com/security/cve/CVE-2024-26610.html * https://bugzilla.suse.com/show_bug.cgi?id=1216644 * https://bugzilla.suse.com/show_bug.cgi?id=1218259 * https://bugzilla.suse.com/show_bug.cgi?id=1220211 * https://bugzilla.suse.com/show_bug.cgi?id=1220832 * https://bugzilla.suse.com/show_bug.cgi?id=1221302 * https://bugzilla.suse.com/show_bug.cgi?id=1222685 * https://bugzilla.suse.com/show_bug.cgi?id=1223514 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 20 20:30:08 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 20 May 2024 20:30:08 -0000 Subject: SUSE-SU-2024:1704-1: low: Security update for cairo Message-ID: <171623700898.841.5302893345708894908@smelt2.prg2.suse.org> # Security update for cairo Announcement ID: SUSE-SU-2024:1704-1 Rating: low References: * bsc#1122321 Cross-References: * CVE-2019-6462 CVSS scores: * CVE-2019-6462 ( SUSE ): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2019-6462 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2019-6462 ( NVD ): 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP5 * Desktop Applications Module 15-SP5 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap Micro 5.3 * openSUSE Leap Micro 5.4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for cairo fixes the following issues: * CVE-2019-6462: Fixed a potentially infinite loop (bsc#1122321). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-1704=1 * openSUSE Leap Micro 5.3 zypper in -t patch openSUSE-Leap-Micro-5.3-2024-1704=1 * openSUSE Leap Micro 5.4 zypper in -t patch openSUSE-Leap-Micro-5.4-2024-1704=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1704=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-1704=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-1704=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-1704=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-1704=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-1704=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-1704=1 * Desktop Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP5-2024-1704=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * libcairo-script-interpreter2-debuginfo-1.16.0-150400.11.3.1 * cairo-devel-1.16.0-150400.11.3.1 * libcairo2-debuginfo-1.16.0-150400.11.3.1 * cairo-debugsource-1.16.0-150400.11.3.1 * libcairo2-1.16.0-150400.11.3.1 * libcairo-gobject2-1.16.0-150400.11.3.1 * libcairo-script-interpreter2-1.16.0-150400.11.3.1 * cairo-tools-1.16.0-150400.11.3.1 * libcairo-gobject2-debuginfo-1.16.0-150400.11.3.1 * cairo-tools-debuginfo-1.16.0-150400.11.3.1 * openSUSE Leap 15.4 (x86_64) * libcairo-gobject2-32bit-debuginfo-1.16.0-150400.11.3.1 * libcairo2-32bit-debuginfo-1.16.0-150400.11.3.1 * libcairo-script-interpreter2-32bit-1.16.0-150400.11.3.1 * libcairo-gobject2-32bit-1.16.0-150400.11.3.1 * libcairo2-32bit-1.16.0-150400.11.3.1 * cairo-devel-32bit-1.16.0-150400.11.3.1 * libcairo-script-interpreter2-32bit-debuginfo-1.16.0-150400.11.3.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libcairo-gobject2-64bit-debuginfo-1.16.0-150400.11.3.1 * libcairo-gobject2-64bit-1.16.0-150400.11.3.1 * libcairo2-64bit-1.16.0-150400.11.3.1 * libcairo2-64bit-debuginfo-1.16.0-150400.11.3.1 * libcairo-script-interpreter2-64bit-debuginfo-1.16.0-150400.11.3.1 * libcairo-script-interpreter2-64bit-1.16.0-150400.11.3.1 * cairo-devel-64bit-1.16.0-150400.11.3.1 * openSUSE Leap Micro 5.3 (aarch64 x86_64) * libcairo2-debuginfo-1.16.0-150400.11.3.1 * libcairo2-1.16.0-150400.11.3.1 * libcairo-gobject2-1.16.0-150400.11.3.1 * libcairo-gobject2-debuginfo-1.16.0-150400.11.3.1 * cairo-debugsource-1.16.0-150400.11.3.1 * openSUSE Leap Micro 5.4 (aarch64 s390x x86_64) * libcairo2-debuginfo-1.16.0-150400.11.3.1 * libcairo2-1.16.0-150400.11.3.1 * libcairo-gobject2-1.16.0-150400.11.3.1 * libcairo-gobject2-debuginfo-1.16.0-150400.11.3.1 * cairo-debugsource-1.16.0-150400.11.3.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * libcairo-script-interpreter2-debuginfo-1.16.0-150400.11.3.1 * cairo-devel-1.16.0-150400.11.3.1 * libcairo2-debuginfo-1.16.0-150400.11.3.1 * cairo-debugsource-1.16.0-150400.11.3.1 * libcairo2-1.16.0-150400.11.3.1 * libcairo-gobject2-1.16.0-150400.11.3.1 * libcairo-script-interpreter2-1.16.0-150400.11.3.1 * cairo-tools-1.16.0-150400.11.3.1 * libcairo-gobject2-debuginfo-1.16.0-150400.11.3.1 * cairo-tools-debuginfo-1.16.0-150400.11.3.1 * openSUSE Leap 15.5 (x86_64) * libcairo-gobject2-32bit-debuginfo-1.16.0-150400.11.3.1 * libcairo2-32bit-debuginfo-1.16.0-150400.11.3.1 * libcairo-script-interpreter2-32bit-1.16.0-150400.11.3.1 * libcairo-gobject2-32bit-1.16.0-150400.11.3.1 * libcairo2-32bit-1.16.0-150400.11.3.1 * cairo-devel-32bit-1.16.0-150400.11.3.1 * libcairo-script-interpreter2-32bit-debuginfo-1.16.0-150400.11.3.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * libcairo2-debuginfo-1.16.0-150400.11.3.1 * libcairo2-1.16.0-150400.11.3.1 * libcairo-gobject2-1.16.0-150400.11.3.1 * libcairo-gobject2-debuginfo-1.16.0-150400.11.3.1 * cairo-debugsource-1.16.0-150400.11.3.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * libcairo2-debuginfo-1.16.0-150400.11.3.1 * libcairo2-1.16.0-150400.11.3.1 * libcairo-gobject2-1.16.0-150400.11.3.1 * libcairo-gobject2-debuginfo-1.16.0-150400.11.3.1 * cairo-debugsource-1.16.0-150400.11.3.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * libcairo2-debuginfo-1.16.0-150400.11.3.1 * libcairo2-1.16.0-150400.11.3.1 * libcairo-gobject2-1.16.0-150400.11.3.1 * libcairo-gobject2-debuginfo-1.16.0-150400.11.3.1 * cairo-debugsource-1.16.0-150400.11.3.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * libcairo2-debuginfo-1.16.0-150400.11.3.1 * libcairo2-1.16.0-150400.11.3.1 * libcairo-gobject2-1.16.0-150400.11.3.1 * libcairo-gobject2-debuginfo-1.16.0-150400.11.3.1 * cairo-debugsource-1.16.0-150400.11.3.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 s390x x86_64) * libcairo2-debuginfo-1.16.0-150400.11.3.1 * libcairo2-1.16.0-150400.11.3.1 * libcairo-gobject2-1.16.0-150400.11.3.1 * libcairo-gobject2-debuginfo-1.16.0-150400.11.3.1 * cairo-debugsource-1.16.0-150400.11.3.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * libcairo-script-interpreter2-debuginfo-1.16.0-150400.11.3.1 * cairo-devel-1.16.0-150400.11.3.1 * libcairo2-debuginfo-1.16.0-150400.11.3.1 * libcairo2-1.16.0-150400.11.3.1 * libcairo-gobject2-1.16.0-150400.11.3.1 * libcairo-script-interpreter2-1.16.0-150400.11.3.1 * libcairo-gobject2-debuginfo-1.16.0-150400.11.3.1 * cairo-debugsource-1.16.0-150400.11.3.1 * Desktop Applications Module 15-SP5 (x86_64) * libcairo2-32bit-1.16.0-150400.11.3.1 * libcairo2-32bit-debuginfo-1.16.0-150400.11.3.1 ## References: * https://www.suse.com/security/cve/CVE-2019-6462.html * https://bugzilla.suse.com/show_bug.cgi?id=1122321 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 20 20:30:10 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 20 May 2024 20:30:10 -0000 Subject: SUSE-SU-2024:1703-1: moderate: Security update for postgresql14 Message-ID: <171623701097.841.11063931135384417896@smelt2.prg2.suse.org> # Security update for postgresql14 Announcement ID: SUSE-SU-2024:1703-1 Rating: moderate References: * bsc#1224038 * bsc#1224051 Cross-References: * CVE-2024-4317 CVSS scores: * CVE-2024-4317 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for postgresql14 fixes the following issues: PostgreSQL upgrade to version 14.12 (bsc#1224051): * CVE-2024-4317: Fixed visibility restriction of pg_stats_ext and pg_stats_ext_exprs entries to the table owner (bsc#1224038). Bug fixes: * Fix incompatibility with LLVM 18. * Prepare for PostgreSQL 17. * Make sure all compilation and doc generation happens in %build. * Require LLVM <= 17 for now, because LLVM 18 doesn't seem to work. * Remove constraints file because improved memory usage for s390x * Use %patch -P N instead of deprecated %patchN. Release notes: * https://www.postgresql.org/docs/release/14.12/ ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-1703=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1703=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1703=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1703=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * postgresql14-devel-14.12-3.41.1 * postgresql14-devel-debuginfo-14.12-3.41.1 * postgresql14-debugsource-14.12-3.41.1 * SUSE Linux Enterprise Software Development Kit 12 SP5 (ppc64le s390x x86_64) * postgresql14-server-devel-14.12-3.41.1 * postgresql14-server-devel-debuginfo-14.12-3.41.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * postgresql14-contrib-debuginfo-14.12-3.41.1 * postgresql14-plperl-14.12-3.41.1 * postgresql14-pltcl-debuginfo-14.12-3.41.1 * postgresql14-contrib-14.12-3.41.1 * postgresql14-server-debuginfo-14.12-3.41.1 * postgresql14-plperl-debuginfo-14.12-3.41.1 * postgresql14-plpython-debuginfo-14.12-3.41.1 * postgresql14-debugsource-14.12-3.41.1 * postgresql14-14.12-3.41.1 * postgresql14-pltcl-14.12-3.41.1 * postgresql14-server-14.12-3.41.1 * postgresql14-debuginfo-14.12-3.41.1 * postgresql14-plpython-14.12-3.41.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (noarch) * postgresql14-docs-14.12-3.41.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * postgresql14-contrib-debuginfo-14.12-3.41.1 * postgresql14-plperl-14.12-3.41.1 * postgresql14-pltcl-debuginfo-14.12-3.41.1 * postgresql14-contrib-14.12-3.41.1 * postgresql14-server-debuginfo-14.12-3.41.1 * postgresql14-plperl-debuginfo-14.12-3.41.1 * postgresql14-plpython-debuginfo-14.12-3.41.1 * postgresql14-debugsource-14.12-3.41.1 * postgresql14-14.12-3.41.1 * postgresql14-pltcl-14.12-3.41.1 * postgresql14-server-14.12-3.41.1 * postgresql14-debuginfo-14.12-3.41.1 * postgresql14-plpython-14.12-3.41.1 * SUSE Linux Enterprise Server 12 SP5 (noarch) * postgresql14-docs-14.12-3.41.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * postgresql14-contrib-debuginfo-14.12-3.41.1 * postgresql14-plperl-14.12-3.41.1 * postgresql14-pltcl-debuginfo-14.12-3.41.1 * postgresql14-contrib-14.12-3.41.1 * postgresql14-server-debuginfo-14.12-3.41.1 * postgresql14-plperl-debuginfo-14.12-3.41.1 * postgresql14-plpython-debuginfo-14.12-3.41.1 * postgresql14-debugsource-14.12-3.41.1 * postgresql14-14.12-3.41.1 * postgresql14-pltcl-14.12-3.41.1 * postgresql14-server-14.12-3.41.1 * postgresql14-debuginfo-14.12-3.41.1 * postgresql14-plpython-14.12-3.41.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (noarch) * postgresql14-docs-14.12-3.41.1 ## References: * https://www.suse.com/security/cve/CVE-2024-4317.html * https://bugzilla.suse.com/show_bug.cgi?id=1224038 * https://bugzilla.suse.com/show_bug.cgi?id=1224051 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 20 20:30:13 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 20 May 2024 20:30:13 -0000 Subject: SUSE-SU-2024:1702-1: moderate: Security update for krb5 Message-ID: <171623701336.841.3246033679779645699@smelt2.prg2.suse.org> # Security update for krb5 Announcement ID: SUSE-SU-2024:1702-1 Rating: moderate References: * bsc#1189929 Cross-References: * CVE-2021-37750 CVSS scores: * CVE-2021-37750 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-37750 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for krb5 fixes the following issues: Fixed inside previous release (v1.16.3-46.3.1): * CVE-2021-37750: Fixed KDC null pointer dereference via a FAST inner body that lacked a server field (bsc#1189929). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-1702=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1702=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1702=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1702=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * krb5-debugsource-1.16.3-46.12.1 * krb5-devel-1.16.3-46.12.1 * krb5-debuginfo-1.16.3-46.12.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * krb5-plugin-preauth-otp-debuginfo-1.16.3-46.12.1 * krb5-plugin-kdb-ldap-debuginfo-1.16.3-46.12.1 * krb5-plugin-preauth-pkinit-debuginfo-1.16.3-46.12.1 * krb5-client-1.16.3-46.12.1 * krb5-debugsource-1.16.3-46.12.1 * krb5-server-debuginfo-1.16.3-46.12.1 * krb5-client-debuginfo-1.16.3-46.12.1 * krb5-plugin-kdb-ldap-1.16.3-46.12.1 * krb5-plugin-preauth-pkinit-1.16.3-46.12.1 * krb5-1.16.3-46.12.1 * krb5-doc-1.16.3-46.12.1 * krb5-plugin-preauth-otp-1.16.3-46.12.1 * krb5-server-1.16.3-46.12.1 * krb5-debuginfo-1.16.3-46.12.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (x86_64) * krb5-32bit-1.16.3-46.12.1 * krb5-debuginfo-32bit-1.16.3-46.12.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * krb5-plugin-preauth-otp-debuginfo-1.16.3-46.12.1 * krb5-plugin-kdb-ldap-debuginfo-1.16.3-46.12.1 * krb5-plugin-preauth-pkinit-debuginfo-1.16.3-46.12.1 * krb5-client-1.16.3-46.12.1 * krb5-debugsource-1.16.3-46.12.1 * krb5-server-debuginfo-1.16.3-46.12.1 * krb5-client-debuginfo-1.16.3-46.12.1 * krb5-plugin-kdb-ldap-1.16.3-46.12.1 * krb5-plugin-preauth-pkinit-1.16.3-46.12.1 * krb5-1.16.3-46.12.1 * krb5-doc-1.16.3-46.12.1 * krb5-plugin-preauth-otp-1.16.3-46.12.1 * krb5-server-1.16.3-46.12.1 * krb5-debuginfo-1.16.3-46.12.1 * SUSE Linux Enterprise Server 12 SP5 (s390x x86_64) * krb5-32bit-1.16.3-46.12.1 * krb5-debuginfo-32bit-1.16.3-46.12.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * krb5-plugin-preauth-otp-debuginfo-1.16.3-46.12.1 * krb5-plugin-kdb-ldap-debuginfo-1.16.3-46.12.1 * krb5-plugin-preauth-pkinit-debuginfo-1.16.3-46.12.1 * krb5-client-1.16.3-46.12.1 * krb5-debugsource-1.16.3-46.12.1 * krb5-server-debuginfo-1.16.3-46.12.1 * krb5-client-debuginfo-1.16.3-46.12.1 * krb5-plugin-kdb-ldap-1.16.3-46.12.1 * krb5-plugin-preauth-pkinit-1.16.3-46.12.1 * krb5-1.16.3-46.12.1 * krb5-doc-1.16.3-46.12.1 * krb5-plugin-preauth-otp-1.16.3-46.12.1 * krb5-server-1.16.3-46.12.1 * krb5-debuginfo-1.16.3-46.12.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (x86_64) * krb5-32bit-1.16.3-46.12.1 * krb5-debuginfo-32bit-1.16.3-46.12.1 ## References: * https://www.suse.com/security/cve/CVE-2021-37750.html * https://bugzilla.suse.com/show_bug.cgi?id=1189929 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 20 20:30:14 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 20 May 2024 20:30:14 -0000 Subject: SUSE-SU-2024:1700-1: low: Security update for libosinfo Message-ID: <171623701473.841.15585521755122231468@smelt2.prg2.suse.org> # Security update for libosinfo Announcement ID: SUSE-SU-2024:1700-1 Rating: low References: * bsc#1140749 Cross-References: * CVE-2019-13313 CVSS scores: * CVE-2019-13313 ( SUSE ): 2.8 CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N * CVE-2019-13313 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2019-13313 ( NVD ): 7.8 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for libosinfo fixes the following issues: * CVE-2019-13313: Fixed password leak via command line argument inside osinfo- install-script (bsc#1140749). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-1700=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1700=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1700=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1700=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * libosinfo-debugsource-1.2.0-3.3.2 * libosinfo-debuginfo-1.2.0-3.3.2 * libosinfo-devel-1.2.0-3.3.2 * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * typelib-1_0-Libosinfo-1_0-1.2.0-3.3.2 * libosinfo-debugsource-1.2.0-3.3.2 * libosinfo-1_0-0-1.2.0-3.3.2 * libosinfo-1.2.0-3.3.2 * libosinfo-debuginfo-1.2.0-3.3.2 * libosinfo-1_0-0-debuginfo-1.2.0-3.3.2 * SUSE Linux Enterprise High Performance Computing 12 SP5 (noarch) * libosinfo-lang-1.2.0-3.3.2 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * typelib-1_0-Libosinfo-1_0-1.2.0-3.3.2 * libosinfo-debugsource-1.2.0-3.3.2 * libosinfo-1_0-0-1.2.0-3.3.2 * libosinfo-1.2.0-3.3.2 * libosinfo-debuginfo-1.2.0-3.3.2 * libosinfo-1_0-0-debuginfo-1.2.0-3.3.2 * SUSE Linux Enterprise Server 12 SP5 (noarch) * libosinfo-lang-1.2.0-3.3.2 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * typelib-1_0-Libosinfo-1_0-1.2.0-3.3.2 * libosinfo-debugsource-1.2.0-3.3.2 * libosinfo-1_0-0-1.2.0-3.3.2 * libosinfo-1.2.0-3.3.2 * libosinfo-debuginfo-1.2.0-3.3.2 * libosinfo-1_0-0-debuginfo-1.2.0-3.3.2 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (noarch) * libosinfo-lang-1.2.0-3.3.2 ## References: * https://www.suse.com/security/cve/CVE-2019-13313.html * https://bugzilla.suse.com/show_bug.cgi?id=1140749 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 20 20:30:16 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 20 May 2024 20:30:16 -0000 Subject: SUSE-SU-2024:1699-1: important: Security update for gdk-pixbuf Message-ID: <171623701614.841.626124216860665090@smelt2.prg2.suse.org> # Security update for gdk-pixbuf Announcement ID: SUSE-SU-2024:1699-1 Rating: important References: * bsc#1219276 Cross-References: * CVE-2022-48622 CVSS scores: * CVE-2022-48622 ( SUSE ): 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H * CVE-2022-48622 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for gdk-pixbuf fixes the following issues: * CVE-2022-48622: Fixed files rejection with multiple anih chunks (bsc#1219276). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-1699=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1699=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1699=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1699=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * gdk-pixbuf-devel-2.34.0-19.20.1 * gdk-pixbuf-debugsource-2.34.0-19.20.1 * gdk-pixbuf-devel-debuginfo-2.34.0-19.20.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * gdk-pixbuf-query-loaders-debuginfo-2.34.0-19.20.1 * libgdk_pixbuf-2_0-0-debuginfo-2.34.0-19.20.1 * libgdk_pixbuf-2_0-0-2.34.0-19.20.1 * gdk-pixbuf-query-loaders-2.34.0-19.20.1 * gdk-pixbuf-debugsource-2.34.0-19.20.1 * typelib-1_0-GdkPixbuf-2_0-2.34.0-19.20.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (noarch) * gdk-pixbuf-lang-2.34.0-19.20.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (x86_64) * gdk-pixbuf-query-loaders-32bit-2.34.0-19.20.1 * libgdk_pixbuf-2_0-0-32bit-2.34.0-19.20.1 * libgdk_pixbuf-2_0-0-debuginfo-32bit-2.34.0-19.20.1 * gdk-pixbuf-query-loaders-debuginfo-32bit-2.34.0-19.20.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * gdk-pixbuf-query-loaders-debuginfo-2.34.0-19.20.1 * libgdk_pixbuf-2_0-0-debuginfo-2.34.0-19.20.1 * libgdk_pixbuf-2_0-0-2.34.0-19.20.1 * gdk-pixbuf-query-loaders-2.34.0-19.20.1 * gdk-pixbuf-debugsource-2.34.0-19.20.1 * typelib-1_0-GdkPixbuf-2_0-2.34.0-19.20.1 * SUSE Linux Enterprise Server 12 SP5 (noarch) * gdk-pixbuf-lang-2.34.0-19.20.1 * SUSE Linux Enterprise Server 12 SP5 (s390x x86_64) * gdk-pixbuf-query-loaders-32bit-2.34.0-19.20.1 * libgdk_pixbuf-2_0-0-32bit-2.34.0-19.20.1 * libgdk_pixbuf-2_0-0-debuginfo-32bit-2.34.0-19.20.1 * gdk-pixbuf-query-loaders-debuginfo-32bit-2.34.0-19.20.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * gdk-pixbuf-query-loaders-debuginfo-2.34.0-19.20.1 * libgdk_pixbuf-2_0-0-debuginfo-2.34.0-19.20.1 * libgdk_pixbuf-2_0-0-2.34.0-19.20.1 * gdk-pixbuf-query-loaders-2.34.0-19.20.1 * gdk-pixbuf-debugsource-2.34.0-19.20.1 * typelib-1_0-GdkPixbuf-2_0-2.34.0-19.20.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (noarch) * gdk-pixbuf-lang-2.34.0-19.20.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (x86_64) * gdk-pixbuf-query-loaders-32bit-2.34.0-19.20.1 * libgdk_pixbuf-2_0-0-32bit-2.34.0-19.20.1 * libgdk_pixbuf-2_0-0-debuginfo-32bit-2.34.0-19.20.1 * gdk-pixbuf-query-loaders-debuginfo-32bit-2.34.0-19.20.1 ## References: * https://www.suse.com/security/cve/CVE-2022-48622.html * https://bugzilla.suse.com/show_bug.cgi?id=1219276 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 20 20:30:17 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 20 May 2024 20:30:17 -0000 Subject: SUSE-SU-2024:1698-1: moderate: Security update for python310 Message-ID: <171623701795.841.6526689355173781503@smelt2.prg2.suse.org> # Security update for python310 Announcement ID: SUSE-SU-2024:1698-1 Rating: moderate References: * bsc#1219559 Cross-References: * CVE-2023-52425 CVSS scores: * CVE-2023-52425 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52425 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap 15.6 An update that solves one vulnerability can now be installed. ## Description: This update for python310 fixes the following issues: * CVE-2023-52425: Fixed using the system libexpat (bsc#1219559). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-1698=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1698=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-1698=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * python310-doc-3.10.14-150400.4.48.1 * python310-base-3.10.14-150400.4.48.1 * libpython3_10-1_0-3.10.14-150400.4.48.1 * python310-3.10.14-150400.4.48.1 * python310-testsuite-3.10.14-150400.4.48.1 * python310-curses-3.10.14-150400.4.48.1 * python310-tk-3.10.14-150400.4.48.1 * python310-doc-devhelp-3.10.14-150400.4.48.1 * python310-idle-3.10.14-150400.4.48.1 * python310-debuginfo-3.10.14-150400.4.48.1 * python310-curses-debuginfo-3.10.14-150400.4.48.1 * python310-dbm-debuginfo-3.10.14-150400.4.48.1 * python310-debugsource-3.10.14-150400.4.48.1 * python310-devel-3.10.14-150400.4.48.1 * python310-base-debuginfo-3.10.14-150400.4.48.1 * python310-testsuite-debuginfo-3.10.14-150400.4.48.1 * python310-tools-3.10.14-150400.4.48.1 * python310-tk-debuginfo-3.10.14-150400.4.48.1 * python310-core-debugsource-3.10.14-150400.4.48.1 * python310-dbm-3.10.14-150400.4.48.1 * libpython3_10-1_0-debuginfo-3.10.14-150400.4.48.1 * openSUSE Leap 15.4 (x86_64) * libpython3_10-1_0-32bit-3.10.14-150400.4.48.1 * python310-32bit-3.10.14-150400.4.48.1 * python310-base-32bit-debuginfo-3.10.14-150400.4.48.1 * python310-32bit-debuginfo-3.10.14-150400.4.48.1 * python310-base-32bit-3.10.14-150400.4.48.1 * libpython3_10-1_0-32bit-debuginfo-3.10.14-150400.4.48.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libpython3_10-1_0-64bit-3.10.14-150400.4.48.1 * libpython3_10-1_0-64bit-debuginfo-3.10.14-150400.4.48.1 * python310-64bit-debuginfo-3.10.14-150400.4.48.1 * python310-base-64bit-3.10.14-150400.4.48.1 * python310-base-64bit-debuginfo-3.10.14-150400.4.48.1 * python310-64bit-3.10.14-150400.4.48.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * python310-doc-3.10.14-150400.4.48.1 * python310-base-3.10.14-150400.4.48.1 * libpython3_10-1_0-3.10.14-150400.4.48.1 * python310-3.10.14-150400.4.48.1 * python310-testsuite-3.10.14-150400.4.48.1 * python310-curses-3.10.14-150400.4.48.1 * python310-tk-3.10.14-150400.4.48.1 * python310-doc-devhelp-3.10.14-150400.4.48.1 * python310-idle-3.10.14-150400.4.48.1 * python310-debuginfo-3.10.14-150400.4.48.1 * python310-curses-debuginfo-3.10.14-150400.4.48.1 * python310-dbm-debuginfo-3.10.14-150400.4.48.1 * python310-debugsource-3.10.14-150400.4.48.1 * python310-devel-3.10.14-150400.4.48.1 * python310-base-debuginfo-3.10.14-150400.4.48.1 * python310-testsuite-debuginfo-3.10.14-150400.4.48.1 * python310-tools-3.10.14-150400.4.48.1 * python310-tk-debuginfo-3.10.14-150400.4.48.1 * python310-core-debugsource-3.10.14-150400.4.48.1 * python310-dbm-3.10.14-150400.4.48.1 * libpython3_10-1_0-debuginfo-3.10.14-150400.4.48.1 * openSUSE Leap 15.5 (x86_64) * python310-32bit-3.10.14-150400.4.48.1 * libpython3_10-1_0-32bit-3.10.14-150400.4.48.1 * python310-base-32bit-debuginfo-3.10.14-150400.4.48.1 * python310-32bit-debuginfo-3.10.14-150400.4.48.1 * python310-base-32bit-3.10.14-150400.4.48.1 * libpython3_10-1_0-32bit-debuginfo-3.10.14-150400.4.48.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * python310-doc-3.10.14-150400.4.48.1 * python310-base-3.10.14-150400.4.48.1 * libpython3_10-1_0-3.10.14-150400.4.48.1 * python310-3.10.14-150400.4.48.1 * python310-testsuite-3.10.14-150400.4.48.1 * python310-curses-3.10.14-150400.4.48.1 * python310-tk-3.10.14-150400.4.48.1 * python310-doc-devhelp-3.10.14-150400.4.48.1 * python310-idle-3.10.14-150400.4.48.1 * python310-debuginfo-3.10.14-150400.4.48.1 * python310-curses-debuginfo-3.10.14-150400.4.48.1 * python310-dbm-debuginfo-3.10.14-150400.4.48.1 * python310-debugsource-3.10.14-150400.4.48.1 * python310-devel-3.10.14-150400.4.48.1 * python310-base-debuginfo-3.10.14-150400.4.48.1 * python310-testsuite-debuginfo-3.10.14-150400.4.48.1 * python310-tools-3.10.14-150400.4.48.1 * python310-tk-debuginfo-3.10.14-150400.4.48.1 * python310-core-debugsource-3.10.14-150400.4.48.1 * python310-dbm-3.10.14-150400.4.48.1 * libpython3_10-1_0-debuginfo-3.10.14-150400.4.48.1 * openSUSE Leap 15.6 (x86_64) * python310-32bit-3.10.14-150400.4.48.1 * libpython3_10-1_0-32bit-3.10.14-150400.4.48.1 * python310-base-32bit-debuginfo-3.10.14-150400.4.48.1 * python310-32bit-debuginfo-3.10.14-150400.4.48.1 * python310-base-32bit-3.10.14-150400.4.48.1 * libpython3_10-1_0-32bit-debuginfo-3.10.14-150400.4.48.1 ## References: * https://www.suse.com/security/cve/CVE-2023-52425.html * https://bugzilla.suse.com/show_bug.cgi?id=1219559 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue May 21 08:30:12 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 21 May 2024 08:30:12 -0000 Subject: SUSE-SU-2024:1709-1: important: Security update for the Linux Kernel (Live Patch 42 for SLE 15 SP2) Message-ID: <171628021260.20387.10063993110441971542@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 42 for SLE 15 SP2) Announcement ID: SUSE-SU-2024:1709-1 Rating: important References: * bsc#1216644 * bsc#1218259 * bsc#1220211 * bsc#1220832 * bsc#1222685 * bsc#1223514 Cross-References: * CVE-2022-48651 * CVE-2023-52502 * CVE-2023-6546 * CVE-2023-6931 * CVE-2024-26585 CVSS scores: * CVE-2022-48651 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52502 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6931 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6931 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26585 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26585 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise Live Patching 15-SP2 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 An update that solves five vulnerabilities and has one security fix can now be installed. ## Description: This update for the Linux Kernel 5.3.18-150200_24_169 fixes several issues. The following security issues were fixed: * CVE-2023-6931: Fixed a heap out-of-bounds write vulnerability in perf_read_group() (bsc#1216644). * CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223514). * CVE-2023-52502: Fixed a race condition in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() (bsc#1220832). * CVE-2024-26585: Fixed race between tx work scheduling and socket close for tls (bsc#1220211). * CVE-2023-6546: Fixed a race condition that could lead to a use-after-free in the GSM 0710 tty multiplexor (bsc#1222685). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP2 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP2-2024-1709=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP2 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150200_24_169-default-debuginfo-9-150200.2.1 * kernel-livepatch-5_3_18-150200_24_169-default-9-150200.2.1 * kernel-livepatch-SLE15-SP2_Update_42-debugsource-9-150200.2.1 ## References: * https://www.suse.com/security/cve/CVE-2022-48651.html * https://www.suse.com/security/cve/CVE-2023-52502.html * https://www.suse.com/security/cve/CVE-2023-6546.html * https://www.suse.com/security/cve/CVE-2023-6931.html * https://www.suse.com/security/cve/CVE-2024-26585.html * https://bugzilla.suse.com/show_bug.cgi?id=1216644 * https://bugzilla.suse.com/show_bug.cgi?id=1218259 * https://bugzilla.suse.com/show_bug.cgi?id=1220211 * https://bugzilla.suse.com/show_bug.cgi?id=1220832 * https://bugzilla.suse.com/show_bug.cgi?id=1222685 * https://bugzilla.suse.com/show_bug.cgi?id=1223514 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue May 21 08:30:15 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 21 May 2024 08:30:15 -0000 Subject: SUSE-SU-2024:1708-1: important: Security update for the Linux Kernel (Live Patch 42 for SLE 15 SP3) Message-ID: <171628021551.20387.16824773544181223400@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 42 for SLE 15 SP3) Announcement ID: SUSE-SU-2024:1708-1 Rating: important References: * bsc#1210619 * bsc#1218487 * bsc#1221302 * bsc#1222685 * bsc#1223514 Cross-References: * CVE-2022-48651 * CVE-2023-1829 * CVE-2023-6531 * CVE-2023-6546 * CVE-2024-26610 CVSS scores: * CVE-2022-48651 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-1829 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-1829 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6531 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6531 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26610 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise Live Patching 15-SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves five vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.3.18-150300_59_153 fixes several issues. The following security issues were fixed: * CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221302). * CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223514). * CVE-2023-6546: Fixed a race condition that could lead to a use-after-free in the GSM 0710 tty multiplexor (bsc#1222685). * CVE-2023-6531: Fixed a use-after-free due to a race with the deletion of a SKB in unix_stream_read_generic() (bsc#1218487). * CVE-2023-1829: Fixed a use-after-free in tcindex that can lead local privilege escalation (bsc#1210619). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-1708=1 * SUSE Linux Enterprise Live Patching 15-SP3 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2024-1708=1 ## Package List: * openSUSE Leap 15.3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_153-default-3-150300.7.6.1 * kernel-livepatch-5_3_18-150300_59_153-default-debuginfo-3-150300.7.6.1 * kernel-livepatch-SLE15-SP3_Update_42-debugsource-3-150300.7.6.1 * openSUSE Leap 15.3 (x86_64) * kernel-livepatch-5_3_18-150300_59_153-preempt-3-150300.7.6.1 * kernel-livepatch-5_3_18-150300_59_153-preempt-debuginfo-3-150300.7.6.1 * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_153-default-3-150300.7.6.1 ## References: * https://www.suse.com/security/cve/CVE-2022-48651.html * https://www.suse.com/security/cve/CVE-2023-1829.html * https://www.suse.com/security/cve/CVE-2023-6531.html * https://www.suse.com/security/cve/CVE-2023-6546.html * https://www.suse.com/security/cve/CVE-2024-26610.html * https://bugzilla.suse.com/show_bug.cgi?id=1210619 * https://bugzilla.suse.com/show_bug.cgi?id=1218487 * https://bugzilla.suse.com/show_bug.cgi?id=1221302 * https://bugzilla.suse.com/show_bug.cgi?id=1222685 * https://bugzilla.suse.com/show_bug.cgi?id=1223514 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue May 21 08:30:17 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 21 May 2024 08:30:17 -0000 Subject: SUSE-SU-2024:1707-1: important: Security update for the Linux Kernel (Live Patch 41 for SLE 15 SP3) Message-ID: <171628021798.20387.15371719053274471448@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 41 for SLE 15 SP3) Announcement ID: SUSE-SU-2024:1707-1 Rating: important References: * bsc#1220211 * bsc#1220832 * bsc#1221302 * bsc#1222685 * bsc#1223514 Cross-References: * CVE-2022-48651 * CVE-2023-52502 * CVE-2023-6546 * CVE-2024-26585 * CVE-2024-26610 CVSS scores: * CVE-2022-48651 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52502 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26585 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26585 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26610 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise Live Patching 15-SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves five vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.3.18-150300_59_150 fixes several issues. The following security issues were fixed: * CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221302). * CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223514). * CVE-2023-52502: Fixed a race condition in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() (bsc#1220832). * CVE-2024-26585: Fixed race between tx work scheduling and socket close for tls (bsc#1220211). * CVE-2023-6546: Fixed a race condition that could lead to a use-after-free in the GSM 0710 tty multiplexor (bsc#1222685). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-1707=1 * SUSE Linux Enterprise Live Patching 15-SP3 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2024-1707=1 ## Package List: * openSUSE Leap 15.3 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP3_Update_41-debugsource-6-150300.2.1 * kernel-livepatch-5_3_18-150300_59_150-default-6-150300.2.1 * kernel-livepatch-5_3_18-150300_59_150-default-debuginfo-6-150300.2.1 * openSUSE Leap 15.3 (x86_64) * kernel-livepatch-5_3_18-150300_59_150-preempt-debuginfo-6-150300.2.1 * kernel-livepatch-5_3_18-150300_59_150-preempt-6-150300.2.1 * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_150-default-6-150300.2.1 ## References: * https://www.suse.com/security/cve/CVE-2022-48651.html * https://www.suse.com/security/cve/CVE-2023-52502.html * https://www.suse.com/security/cve/CVE-2023-6546.html * https://www.suse.com/security/cve/CVE-2024-26585.html * https://www.suse.com/security/cve/CVE-2024-26610.html * https://bugzilla.suse.com/show_bug.cgi?id=1220211 * https://bugzilla.suse.com/show_bug.cgi?id=1220832 * https://bugzilla.suse.com/show_bug.cgi?id=1221302 * https://bugzilla.suse.com/show_bug.cgi?id=1222685 * https://bugzilla.suse.com/show_bug.cgi?id=1223514 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue May 21 08:30:21 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 21 May 2024 08:30:21 -0000 Subject: SUSE-SU-2024:1706-1: important: Security update for the Linux Kernel (Live Patch 38 for SLE 15 SP3) Message-ID: <171628022133.20387.1026622999318703235@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 38 for SLE 15 SP3) Announcement ID: SUSE-SU-2024:1706-1 Rating: important References: * bsc#1216644 * bsc#1218259 * bsc#1220211 * bsc#1220832 * bsc#1221302 * bsc#1222685 * bsc#1223514 Cross-References: * CVE-2022-48651 * CVE-2023-52502 * CVE-2023-6546 * CVE-2023-6931 * CVE-2024-26585 * CVE-2024-26610 CVSS scores: * CVE-2022-48651 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52502 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6931 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6931 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26585 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26585 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26610 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise Live Patching 15-SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves six vulnerabilities and has one security fix can now be installed. ## Description: This update for the Linux Kernel 5.3.18-150300_59_141 fixes several issues. The following security issues were fixed: * CVE-2023-6931: Fixed a heap out-of-bounds write vulnerability in perf_read_group() (bsc#1216644). * CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221302). * CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223514). * CVE-2023-52502: Fixed a race condition in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() (bsc#1220832). * CVE-2024-26585: Fixed race between tx work scheduling and socket close for tls (bsc#1220211). * CVE-2023-6546: Fixed a race condition that could lead to a use-after-free in the GSM 0710 tty multiplexor (bsc#1222685). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-1706=1 * SUSE Linux Enterprise Live Patching 15-SP3 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2024-1706=1 ## Package List: * openSUSE Leap 15.3 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP3_Update_38-debugsource-8-150300.2.1 * kernel-livepatch-5_3_18-150300_59_141-default-8-150300.2.1 * kernel-livepatch-5_3_18-150300_59_141-default-debuginfo-8-150300.2.1 * openSUSE Leap 15.3 (x86_64) * kernel-livepatch-5_3_18-150300_59_141-preempt-8-150300.2.1 * kernel-livepatch-5_3_18-150300_59_141-preempt-debuginfo-8-150300.2.1 * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_141-default-8-150300.2.1 ## References: * https://www.suse.com/security/cve/CVE-2022-48651.html * https://www.suse.com/security/cve/CVE-2023-52502.html * https://www.suse.com/security/cve/CVE-2023-6546.html * https://www.suse.com/security/cve/CVE-2023-6931.html * https://www.suse.com/security/cve/CVE-2024-26585.html * https://www.suse.com/security/cve/CVE-2024-26610.html * https://bugzilla.suse.com/show_bug.cgi?id=1216644 * https://bugzilla.suse.com/show_bug.cgi?id=1218259 * https://bugzilla.suse.com/show_bug.cgi?id=1220211 * https://bugzilla.suse.com/show_bug.cgi?id=1220832 * https://bugzilla.suse.com/show_bug.cgi?id=1221302 * https://bugzilla.suse.com/show_bug.cgi?id=1222685 * https://bugzilla.suse.com/show_bug.cgi?id=1223514 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue May 21 08:30:25 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 21 May 2024 08:30:25 -0000 Subject: SUSE-SU-2024:1705-1: important: Security update for the Linux Kernel (Live Patch 8 for SLE 15 SP5) Message-ID: <171628022543.20387.161752739187884652@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 8 for SLE 15 SP5) Announcement ID: SUSE-SU-2024:1705-1 Rating: important References: * bsc#1220211 * bsc#1220832 * bsc#1221302 * bsc#1222685 * bsc#1222882 * bsc#1223514 Cross-References: * CVE-2022-48651 * CVE-2023-52502 * CVE-2023-6546 * CVE-2024-26585 * CVE-2024-26610 * CVE-2024-26766 CVSS scores: * CVE-2022-48651 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52502 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26585 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26585 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26610 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-26766 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves six vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_55_39 fixes several issues. The following security issues were fixed: * CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221302). * CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223514). * CVE-2024-26766: Fixed SDMA off-by-one error in _pad_sdma_tx_descs() (bsc#1222882). * CVE-2023-52502: Fixed a race condition in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() (bsc#1220832). * CVE-2024-26585: Fixed race between tx work scheduling and socket close for tls (bsc#1220211). * CVE-2023-6546: Fixed a race condition that could lead to a use-after-free in the GSM 0710 tty multiplexor (bsc#1222685). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-1705=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-1705=1 ## Package List: * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP5_Update_8-debugsource-7-150500.2.1 * kernel-livepatch-5_14_21-150500_55_39-default-7-150500.2.1 * kernel-livepatch-5_14_21-150500_55_39-default-debuginfo-7-150500.2.1 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP5_Update_8-debugsource-7-150500.2.1 * kernel-livepatch-5_14_21-150500_55_39-default-7-150500.2.1 * kernel-livepatch-5_14_21-150500_55_39-default-debuginfo-7-150500.2.1 ## References: * https://www.suse.com/security/cve/CVE-2022-48651.html * https://www.suse.com/security/cve/CVE-2023-52502.html * https://www.suse.com/security/cve/CVE-2023-6546.html * https://www.suse.com/security/cve/CVE-2024-26585.html * https://www.suse.com/security/cve/CVE-2024-26610.html * https://www.suse.com/security/cve/CVE-2024-26766.html * https://bugzilla.suse.com/show_bug.cgi?id=1220211 * https://bugzilla.suse.com/show_bug.cgi?id=1220832 * https://bugzilla.suse.com/show_bug.cgi?id=1221302 * https://bugzilla.suse.com/show_bug.cgi?id=1222685 * https://bugzilla.suse.com/show_bug.cgi?id=1222882 * https://bugzilla.suse.com/show_bug.cgi?id=1223514 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue May 21 12:30:03 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 21 May 2024 12:30:03 -0000 Subject: SUSE-SU-2024:1723-1: important: Security update for the Linux Kernel RT (Live Patch 11 for SLE 15 SP5) Message-ID: <171629460304.20458.8052703597940796209@smelt2.prg2.suse.org> # Security update for the Linux Kernel RT (Live Patch 11 for SLE 15 SP5) Announcement ID: SUSE-SU-2024:1723-1 Rating: important References: * bsc#1220832 * bsc#1221302 * bsc#1222685 * bsc#1223514 Cross-References: * CVE-2022-48651 * CVE-2023-52502 * CVE-2023-6546 * CVE-2024-26610 CVSS scores: * CVE-2022-48651 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52502 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26610 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves four vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_13_38 fixes several issues. The following security issues were fixed: * CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221302). * CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223514). * CVE-2023-52502: Fixed a race condition in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() (bsc#1220832). * CVE-2023-6546: Fixed a race condition that could lead to a use-after-free in the GSM 0710 tty multiplexor (bsc#1222685). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-1723=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-1723=1 ## Package List: * openSUSE Leap 15.5 (x86_64) * kernel-livepatch-5_14_21-150500_13_38-rt-debuginfo-2-150500.11.6.1 * kernel-livepatch-5_14_21-150500_13_38-rt-2-150500.11.6.1 * kernel-livepatch-SLE15-SP5-RT_Update_11-debugsource-2-150500.11.6.1 * SUSE Linux Enterprise Live Patching 15-SP5 (x86_64) * kernel-livepatch-5_14_21-150500_13_38-rt-debuginfo-2-150500.11.6.1 * kernel-livepatch-5_14_21-150500_13_38-rt-2-150500.11.6.1 * kernel-livepatch-SLE15-SP5-RT_Update_11-debugsource-2-150500.11.6.1 ## References: * https://www.suse.com/security/cve/CVE-2022-48651.html * https://www.suse.com/security/cve/CVE-2023-52502.html * https://www.suse.com/security/cve/CVE-2023-6546.html * https://www.suse.com/security/cve/CVE-2024-26610.html * https://bugzilla.suse.com/show_bug.cgi?id=1220832 * https://bugzilla.suse.com/show_bug.cgi?id=1221302 * https://bugzilla.suse.com/show_bug.cgi?id=1222685 * https://bugzilla.suse.com/show_bug.cgi?id=1223514 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue May 21 12:30:05 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 21 May 2024 12:30:05 -0000 Subject: SUSE-SU-2024:1720-1: important: Security update for the Linux Kernel (Live Patch 36 for SLE 15 SP3) Message-ID: <171629460588.20458.1501934678268080064@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 36 for SLE 15 SP3) Announcement ID: SUSE-SU-2024:1720-1 Rating: important References: * bsc#1216644 * bsc#1218259 * bsc#1220211 * bsc#1220832 * bsc#1221302 * bsc#1222685 * bsc#1223514 Cross-References: * CVE-2022-48651 * CVE-2023-52502 * CVE-2023-6546 * CVE-2023-6931 * CVE-2024-26585 * CVE-2024-26610 CVSS scores: * CVE-2022-48651 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52502 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6931 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6931 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26585 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26585 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26610 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise Live Patching 15-SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves six vulnerabilities and has one security fix can now be installed. ## Description: This update for the Linux Kernel 5.3.18-150300_59_133 fixes several issues. The following security issues were fixed: * CVE-2023-6931: Fixed a heap out-of-bounds write vulnerability in perf_read_group() (bsc#1216644). * CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221302). * CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223514). * CVE-2023-52502: Fixed a race condition in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() (bsc#1220832). * CVE-2024-26585: Fixed race between tx work scheduling and socket close for tls (bsc#1220211). * CVE-2023-6546: Fixed a race condition that could lead to a use-after-free in the GSM 0710 tty multiplexor (bsc#1222685). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP3 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2024-1720=1 SUSE-SLE- Module-Live-Patching-15-SP3-2024-1721=1 * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-1721=1 SUSE-2024-1720=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_133-default-9-150300.2.1 * kernel-livepatch-5_3_18-150300_59_130-default-10-150300.2.1 * openSUSE Leap 15.3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_133-default-debuginfo-9-150300.2.1 * kernel-livepatch-5_3_18-150300_59_130-default-10-150300.2.1 * kernel-livepatch-SLE15-SP3_Update_36-debugsource-9-150300.2.1 * kernel-livepatch-5_3_18-150300_59_130-default-debuginfo-10-150300.2.1 * kernel-livepatch-5_3_18-150300_59_133-default-9-150300.2.1 * kernel-livepatch-SLE15-SP3_Update_35-debugsource-10-150300.2.1 * openSUSE Leap 15.3 (x86_64) * kernel-livepatch-5_3_18-150300_59_133-preempt-9-150300.2.1 * kernel-livepatch-5_3_18-150300_59_133-preempt-debuginfo-9-150300.2.1 * kernel-livepatch-5_3_18-150300_59_130-preempt-debuginfo-10-150300.2.1 * kernel-livepatch-5_3_18-150300_59_130-preempt-10-150300.2.1 ## References: * https://www.suse.com/security/cve/CVE-2022-48651.html * https://www.suse.com/security/cve/CVE-2023-52502.html * https://www.suse.com/security/cve/CVE-2023-6546.html * https://www.suse.com/security/cve/CVE-2023-6931.html * https://www.suse.com/security/cve/CVE-2024-26585.html * https://www.suse.com/security/cve/CVE-2024-26610.html * https://bugzilla.suse.com/show_bug.cgi?id=1216644 * https://bugzilla.suse.com/show_bug.cgi?id=1218259 * https://bugzilla.suse.com/show_bug.cgi?id=1220211 * https://bugzilla.suse.com/show_bug.cgi?id=1220832 * https://bugzilla.suse.com/show_bug.cgi?id=1221302 * https://bugzilla.suse.com/show_bug.cgi?id=1222685 * https://bugzilla.suse.com/show_bug.cgi?id=1223514 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue May 21 12:30:10 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 21 May 2024 12:30:10 -0000 Subject: SUSE-SU-2024:1719-1: important: Security update for the Linux Kernel (Live Patch 46 for SLE 15 SP2) Message-ID: <171629461012.20458.4037652987558708587@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 46 for SLE 15 SP2) Announcement ID: SUSE-SU-2024:1719-1 Rating: important References: * bsc#1210619 * bsc#1218487 * bsc#1222685 * bsc#1223514 Cross-References: * CVE-2022-48651 * CVE-2023-1829 * CVE-2023-6531 * CVE-2023-6546 CVSS scores: * CVE-2022-48651 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-1829 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-1829 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6531 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6531 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise Live Patching 15-SP2 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 An update that solves four vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.3.18-150200_24_183 fixes several issues. The following security issues were fixed: * CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223514). * CVE-2023-6546: Fixed a race condition that could lead to a use-after-free in the GSM 0710 tty multiplexor (bsc#1222685). * CVE-2023-6531: Fixed a use-after-free due to a race with the deletion of a SKB in unix_stream_read_generic() (bsc#1218487). * CVE-2023-1829: Fixed a use-after-free in tcindex that can lead local privilege escalation (bsc#1210619). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP2 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP2-2024-1719=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP2 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150200_24_183-default-debuginfo-3-150200.5.6.1 * kernel-livepatch-SLE15-SP2_Update_46-debugsource-3-150200.5.6.1 * kernel-livepatch-5_3_18-150200_24_183-default-3-150200.5.6.1 ## References: * https://www.suse.com/security/cve/CVE-2022-48651.html * https://www.suse.com/security/cve/CVE-2023-1829.html * https://www.suse.com/security/cve/CVE-2023-6531.html * https://www.suse.com/security/cve/CVE-2023-6546.html * https://bugzilla.suse.com/show_bug.cgi?id=1210619 * https://bugzilla.suse.com/show_bug.cgi?id=1218487 * https://bugzilla.suse.com/show_bug.cgi?id=1222685 * https://bugzilla.suse.com/show_bug.cgi?id=1223514 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue May 21 12:30:12 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 21 May 2024 12:30:12 -0000 Subject: SUSE-SU-2024:1713-1: important: Security update for the Linux Kernel (Live Patch 45 for SLE 15 SP2) Message-ID: <171629461218.20458.2118159649801007242@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 45 for SLE 15 SP2) Announcement ID: SUSE-SU-2024:1713-1 Rating: important References: * bsc#1220211 * bsc#1220832 * bsc#1222685 * bsc#1223514 Cross-References: * CVE-2022-48651 * CVE-2023-52502 * CVE-2023-6546 * CVE-2024-26585 CVSS scores: * CVE-2022-48651 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52502 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26585 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26585 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise Live Patching 15-SP2 * SUSE Linux Enterprise Live Patching 12-SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 An update that solves four vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.3.18-150200_24_178 fixes several issues. The following security issues were fixed: * CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223514). * CVE-2023-52502: Fixed a race condition in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() (bsc#1220832). * CVE-2024-26585: Fixed race between tx work scheduling and socket close for tls (bsc#1220211). * CVE-2023-6546: Fixed a race condition that could lead to a use-after-free in the GSM 0710 tty multiplexor (bsc#1222685). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 12-SP5 zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2024-1713=1 * SUSE Linux Enterprise Live Patching 15-SP2 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP2-2024-1715=1 SUSE-SLE- Module-Live-Patching-15-SP2-2024-1718=1 SUSE-SLE-Module-Live- Patching-15-SP2-2024-1722=1 ## Package List: * SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64) * kgraft-patch-4_12_14-122_194-default-4-2.1 * SUSE Linux Enterprise Live Patching 15-SP2 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150200_24_172-default-7-150200.2.1 * kernel-livepatch-5_3_18-150200_24_178-default-5-150200.2.1 * kernel-livepatch-5_3_18-150200_24_175-default-debuginfo-8-150200.2.1 * kernel-livepatch-5_3_18-150200_24_178-default-debuginfo-5-150200.2.1 * kernel-livepatch-SLE15-SP2_Update_44-debugsource-8-150200.2.1 * kernel-livepatch-SLE15-SP2_Update_45-debugsource-5-150200.2.1 * kernel-livepatch-5_3_18-150200_24_175-default-8-150200.2.1 * kernel-livepatch-SLE15-SP2_Update_43-debugsource-7-150200.2.1 * kernel-livepatch-5_3_18-150200_24_172-default-debuginfo-7-150200.2.1 ## References: * https://www.suse.com/security/cve/CVE-2022-48651.html * https://www.suse.com/security/cve/CVE-2023-52502.html * https://www.suse.com/security/cve/CVE-2023-6546.html * https://www.suse.com/security/cve/CVE-2024-26585.html * https://bugzilla.suse.com/show_bug.cgi?id=1220211 * https://bugzilla.suse.com/show_bug.cgi?id=1220832 * https://bugzilla.suse.com/show_bug.cgi?id=1222685 * https://bugzilla.suse.com/show_bug.cgi?id=1223514 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue May 21 12:30:14 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 21 May 2024 12:30:14 -0000 Subject: SUSE-SU-2024:1712-1: important: Security update for the Linux Kernel (Live Patch 39 for SLE 15 SP2) Message-ID: <171629461432.20458.1483846051722926811@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 39 for SLE 15 SP2) Announcement ID: SUSE-SU-2024:1712-1 Rating: important References: * bsc#1216644 * bsc#1218259 * bsc#1220211 * bsc#1220832 * bsc#1222685 * bsc#1223514 Cross-References: * CVE-2022-48651 * CVE-2023-52502 * CVE-2023-6546 * CVE-2023-6931 * CVE-2024-26585 CVSS scores: * CVE-2022-48651 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52502 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6931 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6931 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26585 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26585 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise Live Patching 15-SP2 * SUSE Linux Enterprise Live Patching 12-SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 An update that solves five vulnerabilities and has one security fix can now be installed. ## Description: This update for the Linux Kernel 5.3.18-150200_24_160 fixes several issues. The following security issues were fixed: * CVE-2023-6931: Fixed a heap out-of-bounds write vulnerability in perf_read_group() (bsc#1216644). * CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223514). * CVE-2023-52502: Fixed a race condition in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() (bsc#1220832). * CVE-2024-26585: Fixed race between tx work scheduling and socket close for tls (bsc#1220211). * CVE-2023-6546: Fixed a race condition that could lead to a use-after-free in the GSM 0710 tty multiplexor (bsc#1222685). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP2 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP2-2024-1716=1 SUSE-SLE- Module-Live-Patching-15-SP2-2024-1717=1 * SUSE Linux Enterprise Live Patching 12-SP5 zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2024-1712=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP2 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150200_24_151-default-debuginfo-14-150200.2.1 * kernel-livepatch-SLE15-SP2_Update_36-debugsource-14-150200.2.1 * kernel-livepatch-5_3_18-150200_24_160-default-10-150200.2.1 * kernel-livepatch-5_3_18-150200_24_151-default-14-150200.2.1 * kernel-livepatch-SLE15-SP2_Update_39-debugsource-10-150200.2.1 * kernel-livepatch-5_3_18-150200_24_160-default-debuginfo-10-150200.2.1 * SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64) * kgraft-patch-4_12_14-122_173-default-10-2.1 ## References: * https://www.suse.com/security/cve/CVE-2022-48651.html * https://www.suse.com/security/cve/CVE-2023-52502.html * https://www.suse.com/security/cve/CVE-2023-6546.html * https://www.suse.com/security/cve/CVE-2023-6931.html * https://www.suse.com/security/cve/CVE-2024-26585.html * https://bugzilla.suse.com/show_bug.cgi?id=1216644 * https://bugzilla.suse.com/show_bug.cgi?id=1218259 * https://bugzilla.suse.com/show_bug.cgi?id=1220211 * https://bugzilla.suse.com/show_bug.cgi?id=1220832 * https://bugzilla.suse.com/show_bug.cgi?id=1222685 * https://bugzilla.suse.com/show_bug.cgi?id=1223514 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue May 21 12:30:17 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 21 May 2024 12:30:17 -0000 Subject: SUSE-SU-2024:1711-1: important: Security update for the Linux Kernel (Live Patch 10 for SLE 15 SP5) Message-ID: <171629461707.20458.11236373553988896243@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 10 for SLE 15 SP5) Announcement ID: SUSE-SU-2024:1711-1 Rating: important References: * bsc#1219296 * bsc#1220211 * bsc#1220828 * bsc#1220832 * bsc#1221302 * bsc#1222685 * bsc#1222882 * bsc#1223514 Cross-References: * CVE-2022-48651 * CVE-2023-52340 * CVE-2023-52502 * CVE-2023-6546 * CVE-2024-26585 * CVE-2024-26610 * CVE-2024-26622 * CVE-2024-26766 CVSS scores: * CVE-2022-48651 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52340 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52502 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26585 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26585 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26610 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-26622 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26766 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves eight vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_55_49 fixes several issues. The following security issues were fixed: * CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221302). * CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223514). * CVE-2024-26766: Fixed SDMA off-by-one error in _pad_sdma_tx_descs() (bsc#1222882). * CVE-2023-52502: Fixed a race condition in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() (bsc#1220832). * CVE-2024-26585: Fixed race between tx work scheduling and socket close for tls (bsc#1220211). * CVE-2023-6546: Fixed a race condition that could lead to a use-after-free in the GSM 0710 tty multiplexor (bsc#1222685). * CVE-2024-26622: Fixed a use-after-free with tomoyo_write_control() (bsc#1220828). * CVE-2023-52340: Fixed a denial of service related to ICMPv6 'Packet Too Big' packets (bsc#1219296). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-1711=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-1711=1 ## Package List: * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_49-default-4-150500.11.8.1 * kernel-livepatch-SLE15-SP5_Update_10-debugsource-4-150500.11.8.1 * kernel-livepatch-5_14_21-150500_55_49-default-debuginfo-4-150500.11.8.1 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_49-default-4-150500.11.8.1 * kernel-livepatch-SLE15-SP5_Update_10-debugsource-4-150500.11.8.1 * kernel-livepatch-5_14_21-150500_55_49-default-debuginfo-4-150500.11.8.1 ## References: * https://www.suse.com/security/cve/CVE-2022-48651.html * https://www.suse.com/security/cve/CVE-2023-52340.html * https://www.suse.com/security/cve/CVE-2023-52502.html * https://www.suse.com/security/cve/CVE-2023-6546.html * https://www.suse.com/security/cve/CVE-2024-26585.html * https://www.suse.com/security/cve/CVE-2024-26610.html * https://www.suse.com/security/cve/CVE-2024-26622.html * https://www.suse.com/security/cve/CVE-2024-26766.html * https://bugzilla.suse.com/show_bug.cgi?id=1219296 * https://bugzilla.suse.com/show_bug.cgi?id=1220211 * https://bugzilla.suse.com/show_bug.cgi?id=1220828 * https://bugzilla.suse.com/show_bug.cgi?id=1220832 * https://bugzilla.suse.com/show_bug.cgi?id=1221302 * https://bugzilla.suse.com/show_bug.cgi?id=1222685 * https://bugzilla.suse.com/show_bug.cgi?id=1222882 * https://bugzilla.suse.com/show_bug.cgi?id=1223514 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue May 21 16:30:55 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 21 May 2024 16:30:55 -0000 Subject: SUSE-SU-2024:1648-2: important: Security update for the Linux Kernel Message-ID: <171630905533.28235.11882412925059020504@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2024:1648-2 Rating: important References: * bsc#1084332 * bsc#1141539 * bsc#1184509 * bsc#1186060 * bsc#1190317 * bsc#1190576 * bsc#1192145 * bsc#1194516 * bsc#1203935 * bsc#1209657 * bsc#1211592 * bsc#1212514 * bsc#1213456 * bsc#1217339 * bsc#1217987 * bsc#1217988 * bsc#1217989 * bsc#1218220 * bsc#1218336 * bsc#1218479 * bsc#1218562 * bsc#1219104 * bsc#1219169 * bsc#1219170 * bsc#1219618 * bsc#1219623 * bsc#1219847 * bsc#1220320 * bsc#1220366 * bsc#1220394 * bsc#1220411 * bsc#1220416 * bsc#1220418 * bsc#1220422 * bsc#1220442 * bsc#1220445 * bsc#1220505 * bsc#1220521 * bsc#1220528 * bsc#1220536 * bsc#1220538 * bsc#1220554 * bsc#1220572 * bsc#1220580 * bsc#1220611 * bsc#1220625 * bsc#1220628 * bsc#1220637 * bsc#1220640 * bsc#1220662 * bsc#1220687 * bsc#1220692 * bsc#1220703 * bsc#1220706 * bsc#1220739 * bsc#1220742 * bsc#1220743 * bsc#1220745 * bsc#1220751 * bsc#1220768 * bsc#1220769 * bsc#1220777 * bsc#1220790 * bsc#1220794 * bsc#1220829 * bsc#1220836 * bsc#1220843 * bsc#1220846 * bsc#1220850 * bsc#1220871 * bsc#1220927 * bsc#1220960 * bsc#1220985 * bsc#1220987 * bsc#1221044 * bsc#1221046 * bsc#1221048 * bsc#1221058 * bsc#1221060 * bsc#1221061 * bsc#1221077 * bsc#1221082 * bsc#1221088 * bsc#1221162 * bsc#1221277 * bsc#1221293 * bsc#1221337 * bsc#1221532 * bsc#1221541 * bsc#1221548 * bsc#1221575 * bsc#1221605 * bsc#1221608 * bsc#1221617 * bsc#1221791 * bsc#1221816 * bsc#1221825 * bsc#1221830 * bsc#1221862 * bsc#1221934 * bsc#1221949 * bsc#1221952 * bsc#1221953 * bsc#1221965 * bsc#1221966 * bsc#1221967 * bsc#1221969 * bsc#1221972 * bsc#1221973 * bsc#1221977 * bsc#1221979 * bsc#1221988 * bsc#1221991 * bsc#1221993 * bsc#1221994 * bsc#1221997 * bsc#1221998 * bsc#1221999 * bsc#1222000 * bsc#1222001 * bsc#1222002 * bsc#1222117 * bsc#1222294 * bsc#1222300 * bsc#1222357 * bsc#1222379 * bsc#1222422 * bsc#1222428 * bsc#1222449 * bsc#1222503 * bsc#1222559 * bsc#1222585 * bsc#1222609 * bsc#1222610 * bsc#1222613 * bsc#1222618 * bsc#1222619 * bsc#1222624 * bsc#1222630 * bsc#1222632 * bsc#1222660 * bsc#1222662 * bsc#1222664 * bsc#1222666 * bsc#1222669 * bsc#1222671 * bsc#1222677 * bsc#1222706 * bsc#1222720 * bsc#1222765 * bsc#1222770 * bsc#1222772 * bsc#1222787 * bsc#1222790 * bsc#1222812 * bsc#1222836 * bsc#1222869 * bsc#1222876 * bsc#1222878 * bsc#1222881 * bsc#1222883 * bsc#1222888 * bsc#1222952 * bsc#1222961 * bsc#1222975 * bsc#1222976 * bsc#1223016 * bsc#1223035 * bsc#1223049 * bsc#1223051 * bsc#1223057 * bsc#1223058 * bsc#1223060 * bsc#1223187 * bsc#1223189 * bsc#1223198 * bsc#1223203 * bsc#1223315 * bsc#1223432 * bsc#1223509 * bsc#1223512 * bsc#1223513 * bsc#1223516 * bsc#1223518 * bsc#1223626 * bsc#1223627 * bsc#1223664 * bsc#1223686 * bsc#1223693 * bsc#1223712 * bsc#1223715 * bsc#1223735 * bsc#1223744 * bsc#1223745 * bsc#1223770 * bsc#1223781 * bsc#1223819 * bsc#1223824 * bsc#1223827 * bsc#1223837 * bsc#1223842 * bsc#1223843 * bsc#1223844 * bsc#1223883 * bsc#1223885 * bsc#1223921 * bsc#1223941 * bsc#1223952 * bsc#1223953 * bsc#1223954 * jsc#PED-5759 Cross-References: * CVE-2019-25160 * CVE-2020-36312 * CVE-2021-23134 * CVE-2021-46904 * CVE-2021-46905 * CVE-2021-46907 * CVE-2021-46909 * CVE-2021-46938 * CVE-2021-46939 * CVE-2021-46941 * CVE-2021-46950 * CVE-2021-46958 * CVE-2021-46960 * CVE-2021-46963 * CVE-2021-46964 * CVE-2021-46966 * CVE-2021-46975 * CVE-2021-46981 * CVE-2021-46988 * CVE-2021-46990 * CVE-2021-46998 * CVE-2021-47006 * CVE-2021-47015 * CVE-2021-47024 * CVE-2021-47034 * CVE-2021-47045 * CVE-2021-47049 * CVE-2021-47055 * CVE-2021-47056 * CVE-2021-47060 * CVE-2021-47061 * CVE-2021-47063 * CVE-2021-47068 * CVE-2021-47070 * CVE-2021-47071 * CVE-2021-47073 * CVE-2021-47100 * CVE-2021-47101 * CVE-2021-47104 * CVE-2021-47110 * CVE-2021-47112 * CVE-2021-47114 * CVE-2021-47117 * CVE-2021-47118 * CVE-2021-47119 * CVE-2021-47138 * CVE-2021-47141 * CVE-2021-47142 * CVE-2021-47143 * CVE-2021-47146 * CVE-2021-47149 * CVE-2021-47150 * CVE-2021-47153 * CVE-2021-47159 * CVE-2021-47161 * CVE-2021-47162 * CVE-2021-47165 * CVE-2021-47166 * CVE-2021-47167 * CVE-2021-47168 * CVE-2021-47169 * CVE-2021-47171 * CVE-2021-47173 * CVE-2021-47177 * CVE-2021-47179 * CVE-2021-47180 * CVE-2021-47181 * CVE-2021-47182 * CVE-2021-47183 * CVE-2021-47184 * CVE-2021-47185 * CVE-2021-47188 * CVE-2021-47189 * CVE-2021-47198 * CVE-2021-47202 * CVE-2021-47203 * CVE-2021-47204 * CVE-2021-47205 * CVE-2021-47207 * CVE-2021-47211 * CVE-2021-47216 * CVE-2021-47217 * CVE-2022-0487 * CVE-2022-48619 * CVE-2022-48626 * CVE-2022-48636 * CVE-2022-48650 * CVE-2022-48651 * CVE-2022-48667 * CVE-2022-48668 * CVE-2022-48687 * CVE-2022-48688 * CVE-2022-48695 * CVE-2022-48701 * CVE-2023-0160 * CVE-2023-28746 * CVE-2023-35827 * CVE-2023-52454 * CVE-2023-52469 * CVE-2023-52470 * CVE-2023-52474 * CVE-2023-52476 * CVE-2023-52477 * CVE-2023-52486 * CVE-2023-52488 * CVE-2023-52509 * CVE-2023-52515 * CVE-2023-52524 * CVE-2023-52528 * CVE-2023-52575 * CVE-2023-52583 * CVE-2023-52587 * CVE-2023-52590 * CVE-2023-52591 * CVE-2023-52595 * CVE-2023-52598 * CVE-2023-52607 * CVE-2023-52614 * CVE-2023-52620 * CVE-2023-52628 * CVE-2023-52635 * CVE-2023-52639 * CVE-2023-52644 * CVE-2023-52646 * CVE-2023-52650 * CVE-2023-52652 * CVE-2023-52653 * CVE-2023-6270 * CVE-2023-6356 * CVE-2023-6535 * CVE-2023-6536 * CVE-2023-7042 * CVE-2023-7192 * CVE-2024-2201 * CVE-2024-22099 * CVE-2024-23307 * CVE-2024-23848 * CVE-2024-24855 * CVE-2024-24861 * CVE-2024-26614 * CVE-2024-26642 * CVE-2024-26651 * CVE-2024-26671 * CVE-2024-26675 * CVE-2024-26689 * CVE-2024-26704 * CVE-2024-26733 * CVE-2024-26739 * CVE-2024-26743 * CVE-2024-26744 * CVE-2024-26747 * CVE-2024-26754 * CVE-2024-26763 * CVE-2024-26771 * CVE-2024-26772 * CVE-2024-26773 * CVE-2024-26777 * CVE-2024-26778 * CVE-2024-26779 * CVE-2024-26793 * CVE-2024-26805 * CVE-2024-26816 * CVE-2024-26817 * CVE-2024-26839 * CVE-2024-26840 * CVE-2024-26852 * CVE-2024-26855 * CVE-2024-26857 * CVE-2024-26859 * CVE-2024-26878 * CVE-2024-26883 * CVE-2024-26884 * CVE-2024-26898 * CVE-2024-26901 * CVE-2024-26903 * CVE-2024-26907 * CVE-2024-26922 * CVE-2024-26929 * CVE-2024-26930 * CVE-2024-26931 * CVE-2024-26948 * CVE-2024-26993 * CVE-2024-27013 * CVE-2024-27014 * CVE-2024-27043 * CVE-2024-27046 * CVE-2024-27054 * CVE-2024-27072 * CVE-2024-27073 * CVE-2024-27074 * CVE-2024-27075 * CVE-2024-27078 * CVE-2024-27388 CVSS scores: * CVE-2019-25160 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2019-25160 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2020-36312 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2020-36312 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-23134 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-23134 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-46904 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46904 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46905 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2021-46905 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46907 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:N * CVE-2021-46909 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46909 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46938 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-46939 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46939 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46941 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46941 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46950 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N * CVE-2021-46950 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-46958 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46960 ( SUSE ): 2.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L * CVE-2021-46963 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46964 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46966 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2021-46975 ( SUSE ): 3.2 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:N/A:N * CVE-2021-46981 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46988 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46990 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46998 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47006 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47015 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47024 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47034 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47045 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47049 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47055 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47056 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47060 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47061 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47063 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47068 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47070 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2021-47071 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2021-47073 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47100 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47101 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2021-47104 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2021-47110 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47112 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2021-47114 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47117 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47118 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47119 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47138 ( SUSE ): 4.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2021-47141 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47142 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47143 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47146 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47149 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47150 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47153 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47159 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47161 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47162 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47165 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47166 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47167 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47168 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47169 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47171 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47171 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47173 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47173 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47177 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47179 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47179 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47180 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47181 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47182 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47183 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47184 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47185 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47188 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47189 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47198 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47198 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47202 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47203 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47204 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47205 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47207 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47211 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47216 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2021-47217 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-0487 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-0487 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2022-48619 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48619 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48626 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2022-48626 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48636 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48650 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48651 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48667 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2022-48668 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2022-48687 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2022-48688 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48695 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48701 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2023-0160 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-0160 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-28746 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2023-35827 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52454 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52454 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52469 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2023-52469 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52470 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52470 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52474 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N * CVE-2023-52474 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52476 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52477 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52486 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52488 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52509 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52515 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52524 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52528 ( SUSE ): 3.5 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L * CVE-2023-52575 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52583 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52587 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52590 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2023-52591 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2023-52595 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52598 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52607 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52614 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2023-52620 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52628 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52635 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52639 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52644 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52646 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52650 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52652 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2023-52653 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2023-6270 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6270 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6356 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6356 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6535 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6535 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6536 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6536 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-7042 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-7042 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-7192 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-7192 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-2201 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-22099 ( SUSE ): 5.3 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-22099 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-23307 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23848 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2024-23848 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-24855 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-24855 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-24861 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-24861 ( NVD ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-26614 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26642 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26651 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26671 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26675 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26689 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26704 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26733 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26739 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26743 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-26744 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26747 ( SUSE ): 4.3 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26754 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26763 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2024-26771 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26772 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26773 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26777 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26778 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26779 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26793 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26805 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26816 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-26817 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26839 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-26840 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-26852 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26855 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26857 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26859 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26878 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26883 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26883 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26884 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26884 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26898 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26898 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26901 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2024-26901 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26903 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26903 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26907 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:N * CVE-2024-26907 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26922 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26929 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26930 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26931 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26948 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26993 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27013 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27014 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27043 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-27046 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27054 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27072 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27073 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27074 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27075 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27078 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27388 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Availability Extension 12 SP5 * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Live Patching 12-SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 * SUSE Linux Enterprise Workstation Extension 12 12-SP5 An update that solves 193 vulnerabilities, contains one feature and has 17 security fixes can now be installed. ## Description: The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security bugfixes. NOTE: This update was retracted due to data corruptions on NFS filesystems. The following security bugs were fixed: * CVE-2019-25160: Fixed out-of-bounds memory accesses in netlabel (bsc#1220394). * CVE-2020-36312: Fixed an issue in virt/kvm/kvm_main.c that had a kvm_io_bus_unregister_dev memory leak upon a kmalloc failure (bsc#1184509). * CVE-2021-23134: Fixed a use-after-free issue in nfc sockets (bsc#1186060). * CVE-2021-46904: Fixed NULL pointer dereference during tty device unregistration (bsc#1220416). * CVE-2021-46905: Fixed NULL pointer dereference on disconnect regression (bsc#1220418). * CVE-2021-46909: Fixed PCI interrupt mapping in ARM footbridge (bsc#1220442). * CVE-2021-46938: Fixed double free of blk_mq_tag_set in dev remove after table load fails (bsc#1220554). * CVE-2021-46939: Fixed possible hung in trace_clock_global() (bsc#1220580). * CVE-2021-46941: Fixed core softreset when switch mode in usb dwc3 (bsc#1220628). * CVE-2021-46950: Fixed possible data corruption in md/raid1 when ending a failed write request (bsc#1220662). * CVE-2021-46958: Fixed race between transaction aborts and fsyncs that could lead to use-after-free in btrfs (bsc#1220521). * CVE-2021-46960: Fixed wrong error code from smb2_get_enc_key() (bsc#1220528). * CVE-2021-46963: Fixed crash in qla2xxx_mqueuecommand() (bsc#1220536). * CVE-2021-46964: Fixed unreserved extra IRQ vectors in qla2xxx (bsc#1220538). * CVE-2021-46966: Fixed potential use-after-free issue in cm_write() (bsc#1220572). * CVE-2021-46981: Fixed NULL pointer in flush_workqueue (bsc#1220611). * CVE-2021-46988: Fixed possible crash in userfaultfd due to unreleased page (bsc#1220706). * CVE-2021-46990: Fixed crashes when toggling entry flush barrier in powerpc/64s (bsc#1220743). * CVE-2021-46998: Fixed a use after free bug in enic_hard_start_xmit() (bsc#1220625). * CVE-2021-47006: Fixed wrong check in overflow_handler hook in ARM 9064/1 hw_breakpoint (bsc#1220751). * CVE-2021-47015: Fixed RX consumer index logic in the error path in bnxt_en (bsc#1220794). * CVE-2021-47024: Fixed possible memory leak in vsock/virtio when closing socket (bsc#1220637). * CVE-2021-47034: Fixed resolved pte update for kernel memory on radix in powerpc/64s (bsc#1220687). * CVE-2021-47045: Fixed null pointer dereference in lpfc_prep_els_iocb() (bsc#1220640). * CVE-2021-47049: Fixed Use after free in __vmbus_open() (bsc#1220692). * CVE-2021-47055: Fixed missing permissions for locking and badblock ioctls in mtd (bsc#1220768). * CVE-2021-47056: Fixed uninitialized lock in adf_vf2pf_shutdown() (bsc#1220769). * CVE-2021-47060: Fixed a bug in KVM by stop looking for coalesced MMIO zones if the bus is destroyed (bsc#1220742). * CVE-2021-47061: Fixed a bug in KVM by destroy I/O bus devices on unregister failure _after_ sync'ing SRCU (bsc#1220745). * CVE-2021-47063: Fixed possible use-after-free in panel_bridge_detach() (bsc#1220777). * CVE-2021-47068: Fixed a use-after-free issue in llcp_sock_bind/connect (bsc#1220739). * CVE-2021-47070: Fixed memory leak in error handling paths in uio_hv_generic (bsc#1220829). * CVE-2021-47071: Fixed memory leak in error handling paths in uio_hv_generic (bsc#1220846). * CVE-2021-47073: Fixed oops on rmmod dell_smbios init_dell_smbios_wmi() (bsc#1220850). * CVE-2021-47100: Fixed UAF when uninstall in ipmi (bsc#1220985). * CVE-2021-47101: Fixed uninit-value in asix_mdio_read() (bsc#1220987). * CVE-2021-47104: Fixed memory leak in qib_user_sdma_queue_pkts() (bsc#1220960). * CVE-2021-47110: Fixed possible memory corruption when restoring from hibernation in x86/kvm (bsc#1221532). * CVE-2021-47112: Fixed possible memory corruption when restoring from hibernation in x86/kvm (bsc#1221541). * CVE-2021-47114: Fixed data corruption by fallocate in ocfs2 (bsc#1221548). * CVE-2021-47117: Fixed bug on in ext4_es_cache_extent() as ext4_split_extent_at() failed (bsc#1221575). * CVE-2021-47118: Fixed possible use-after-free when initializing `cad_pid` (bsc#1221605). * CVE-2021-47119: Fixed memory leak in ext4_fill_super() (bsc#1221608). * CVE-2021-47138: Fixed possible out-of-bound memory access in cxgb4 when clearing filters (bsc#1221934). * CVE-2021-47141: Fixed possible NULL pointer dereference when freeing irqs (bsc#1221949). * CVE-2021-47142: Fixed a use-after-free in drm/amdgpu (bsc#1221952). * CVE-2021-47143: Fixed possible corruption in net/smc after failed device_add() (bsc#1221988). * CVE-2021-47150: Fixed the potential memory leak in fec_enet_init() (bsc#1221973). * CVE-2021-47153: Fixed wrongly generated interrupt on bus reset in i2c/i801 (bsc#1221969). * CVE-2021-47165: Fixed shutdown crash when component not probed in drm/meson (bsc#1221965). * CVE-2021-47166: Fixed possible corruptionb in nfs_do_recoalesce() (bsc#1221998). * CVE-2021-47167: Fixed an Oopsable condition in __nfs_pageio_add_request() (bsc#1221991). * CVE-2021-47168: Fixed an incorrect limit in filelayout_decode_layout() (bsc#1222002). * CVE-2021-47169: Fixed possible NULL pointer dereference in serial/rp2 (bsc#1222000). * CVE-2021-47171: Fixed memory leak in smsc75xx_bind() (bsc#1221994). * CVE-2021-47173: Fixed memory leak in uss720_probe() (bsc#1221993). * CVE-2021-47177: Fixed sysfs leak in alloc_iommu() (bsc#1221997). * CVE-2021-47179: Fixed a NULL pointer dereference in pnfs_mark_matching_lsegs_return() (bsc#1222001). * CVE-2021-47180: Fixed memory leak in nci_allocate_device() (bsc#1221999). * CVE-2021-47181: Fixed a null pointer dereference caused by calling platform_get_resource() (bsc#1222660). * CVE-2021-47183: Fixed a null pointer dereference during link down processing in scsi lpfc (bsc#1192145, bsc#1222664). * CVE-2021-47185: Fixed a softlockup issue in flush_to_ldisc in tty tty_buffer (bsc#1222669). * CVE-2021-47189: Fixed denial of service due to memory ordering issues between normal and ordered work functions in btrfs (bsc#1222706). * CVE-2021-47202: Fixed NULL pointer dereferences in of_thermal_ functions (bsc#1222878) * CVE-2022-0487: A use-after-free vulnerability was found in rtsx_usb_ms_drv_remove() in drivers/memstick/host/rtsx_usb_ms.c (bsc#1194516). * CVE-2022-48619: Fixed a denial-of-service issue in drivers/input/input.c (bsc#1218220). * CVE-2022-48626: Fixed a potential use-after-free on remove path moxart (bsc#1220366). * CVE-2023-0160: Fixed deadlock flaw in BPF that could allow a local user to potentially crash the system (bsc#1209657). * CVE-2023-28746: Fixed Register File Data Sampling (bsc#1213456). * CVE-2023-35827: Fixed a use-after-free issue in ravb_tx_timeout_work() (bsc#1212514). * CVE-2023-52454: Fixed a kernel panic when host sends an invalid H2C PDU length (bsc#1220320). * CVE-2023-52469: Fixed use-after-free in kv_parse_power_table() (bsc#1220411). * CVE-2023-52470: Fixed null-ptr-deref in radeon_crtc_init() (bsc#122041). * CVE-2023-52474: Fixed bugs with non-PAGE_SIZE-end multi-iovec user SDMA requests in hfi1 (bsc#1220445). * CVE-2023-52476: Fixed possible unhandled page fault via perf sampling NMI during vsyscall (bsc#1220703). * CVE-2023-52477: Fixed USB Hub accesses to uninitialized BOS descriptors (bsc#1220790). * CVE-2023-52486: Fixed possible use-after-free in drm (bsc#1221277). * CVE-2023-52509: Fixed a use-after-free issue in ravb_tx_timeout_work() (bsc#1220836). * CVE-2023-52515: Fixed possible use-after-free in RDMA/srp (bsc#1221048). * CVE-2023-52524: Fixed possible corruption in nfc/llcp (bsc#1220927). * CVE-2023-52528: Fixed uninit-value access in __smsc75xx_read_reg() (bsc#1220843). * CVE-2023-52575: Fixed SBPB enablement for spec_rstack_overflow=off (bsc#1220871). * CVE-2023-52583: Fixed deadlock or deadcode of misusing dget() inside ceph (bsc#1221058). * CVE-2023-52587: Fixed mcast list locking in IB/ipoib (bsc#1221082). * CVE-2023-52590: Fixed a possible ocfs2 filesystem corruption via directory renaming (bsc#1221088). * CVE-2023-52591: Fixed a possible reiserfs filesystem corruption via directory renaming (bsc#1221044). * CVE-2023-52598: Fixed wrong setting of fpc register in s390/ptrace (bsc#1221060). * CVE-2023-52607: Fixed NULL pointer dereference in pgtable_cache_add kasprintf() (bsc#1221061). * CVE-2023-52628: Fixed 4-byte stack OOB write in nftables (bsc#1222117). * CVE-2023-52639: Fixed race during shadow creation in KVM/s390/vsie (bsc#1222300). * CVE-2023-6270: Fixed a use-after-free issue in aoecmd_cfg_pkts (bsc#1218562). * CVE-2023-6356: Fixed a NULL pointer dereference in nvmet_tcp_build_pdu_iovec (bsc#1217987). * CVE-2023-6535: Fixed a NULL pointer dereference in nvmet_tcp_execute_request (bsc#1217988). * CVE-2023-6536: Fixed a NULL pointer dereference in __nvmet_req_complete (bsc#1217989). * CVE-2023-7042: Fixed a NULL pointer dereference vulnerability in ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() (bsc#1218336). * CVE-2023-7192: Fixed a memory leak problem in ctnetlink_create_conntrack in net/netfilter/nf_conntrack_netlink.c (bsc#1218479). * CVE-2024-2201: Fixed information leak in x86/BHI (bsc#1217339). * CVE-2024-22099: Fixed NULL Pointer Dereference vulnerability in /net/bluetooth/rfcomm/core.c (bsc#1219170). * CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5 modules (bsc#1219169). * CVE-2024-24855: Fixed a null pointer dereference due to race condition in scsi device driver in lpfc_unregister_fcf_rescan() function (bsc#1219618). * CVE-2024-24861: Fixed an overflow due to race condition in media/xc4000 device driver in xc4000 xc4000_get_frequency() function (bsc#1219623). * CVE-2024-26614: Fixed the initialization of accept_queue's spinlocks (bsc#1221293). * CVE-2024-26642: Fixed the set of anonymous timeout flag in netfilter nf_tables (bsc#1221830). * CVE-2024-26704: Fixed a double-free of blocks due to wrong extents moved_len in ext4 (bsc#1222422). * CVE-2024-26733: Fixed an overflow in arp_req_get() in arp (bsc#1222585). * CVE-2024-26743: Fixed memory leak in qedr_create_user_qp error flow in rdma/qedr (bsc#1222677) * CVE-2024-26744: Fixed null pointer dereference in srpt_service_guid parameter in rdma/srpt (bsc#1222449) * CVE-2024-26754: Fixed an use-after-free and null-ptr-deref in gtp_genl_dump_pdp() in gtp (bsc#1222632). * CVE-2024-26763: Fixed user corruption via by writing data with O_DIRECT on device in dm-crypt (bsc#1222720). * CVE-2024-26771: Fixed a null pointer dereference on edma_probe in dmaengine ti edma (bsc#1222610) * CVE-2024-26793: Fixed an use-after-free and null-ptr-deref in gtp_newlink() in gtp (bsc#1222428). * CVE-2024-26805: Fixed a kernel-infoleak-after-free in __skb_datagram_iter in netlink (bsc#1222630). * CVE-2024-27043: Fixed a use-after-free in edia/dvbdev in different places (bsc#1223824). * CVE-2024-26840: Fixed a memory leak in cachefiles_add_cache() (bsc#1222976). * CVE-2021-47161: Fixed a resource leak in an error handling path in the error handling path of the probe function in spi spi-fsl-dspi (bsc#1221966). * CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223513). * CVE-2024-26816: Ignore relocations in .notes section when building with CONFIG_XEN_PV=y (bsc#1222624). * CVE-2023-52595: Fixed possible deadlock in wifi/rt2x00 (bsc#1221046). * CVE-2024-26689: Fixed a use-after-free in encode_cap_msg() (bsc#1222503). * CVE-2024-26773: Fixed ext4 block allocation from corrupted group in ext4_mb_try_best_found() (bsc#1222618). * CVE-2021-47182: Fixed scsi_mode_sense() buffer length handling (bsc#1222662). * CVE-2022-48701: Fixed an out-of-bounds bug in __snd_usb_parse_audio_interface() (bsc#1223921). * CVE-2024-26993: Fixed a reference leak in sysfs_break_active_protection() (bsc#1223693) * CVE-2023-52650: Added missing check for of_find_device_by_node() (bsc#1223770) * CVE-2024-26948: Added a dc_state NULL check in dc_state_release (bsc#1223664) * CVE-2024-27013: Limited printing rate when illegal packet received by tun dev (bsc#1223745). * CVE-2024-27014: Prevented deadlock while disabling aRFS (bsc#1223735). * CVE-2024-27046: Handled acti_netdevs allocation failure (bsc#1223827). * CVE-2021-47162: Fixed a possible memory leak in tipc_buf_append (bsc#1221977). * CVE-2024-27072: Removed useless locks in usbtv_video_free() (bsc#1223837). * CVE-2024-27075: Avoided stack overflow warnings with clang (bsc#1223842). * CVE-2024-27073: Fixed a memory leak in budget_av_attach() (bsc#1223843). * CVE-2024-27074: Fixed a memory leak in go7007_load_encoder() (bsc#1223844). * CVE-2024-27078: Fixed a memory leak in tpg_alloc() (bsc#1223781). * CVE-2023-52652: Fixed a possible name leak in ntb_register_device() (bsc#1223686). * CVE-2024-23848: Fixed a use-after-free in cec_queue_msg_fh, related to drivers/media/cec/core/cec-adap.c and drivers/media/cec/core/cec-api.c (bsc#1219104). * CVE-2024-26859: Prevent access to a freed page in page_pool in bnx2x (bsc#1223049). * CVE-2024-26817: Used calloc instead of kzalloc to avoid integer overflow (bsc#1222812) * CVE-2021-47149: Fixed a potential null pointer deref in fmvj18x_get_hwinfo() (bsc#1221972). * CVE-2023-52620: Disallowed timeout for anonymous sets in nf_tables (bsc#1221825). * CVE-2024-26852: Fixed use-after-free in ip6_route_mpath_notify() (bsc#1223057). * CVE-2024-26878: Fixed potential NULL pointer dereference, related to dquots (bsc#1223060). * CVE-2024-26901: Used kzalloc() to fix information leak in do_sys_name_to_handle() (bsc#1223198). * CVE-2024-26671: Fixed an IO hang from sbitmap wakeup race in blk_mq_mark_tag_wait() (bsc#1222357). * CVE-2024-26772: Avoided allocating blocks from corrupted group in ext4_mb_find_by_goal() (bsc#1222613). * CVE-2023-52614: Fixed a buffer overflow in trans_stat_show() (bsc#1221617). * CVE-2024-26855: Fixed a potential NULL pointer dereference in ice_bridge_setlink() (bsc#1223051). * CVE-2024-26857: Made sure to pull inner header in geneve_rx() (bsc#1223058). * CVE-2024-26675: Limited MRU to 64K in ppp_async_ioctl() (bsc#1222379). * CVE-2024-26907: Fixed a fortify source warning while accessing Eth segment in mlx5 (bsc#1223203). * CVE-2023-52488: Converted from _raw_ to _noinc_ regmap functions for FIFO in sc16is7xx (bsc#1221162). * CVE-2024-26922: Validated the parameters of bo mapping operations more clearly (bsc#1223315). * CVE-2021-47184: Fixed NULL pointer dereference on VSI filter sync (bsc#1222666). * CVE-2023-52635: Synchronized devfreq_monitor_[start/stop] for devfreq (bsc#1222294). * CVE-2024-26883: Checked for integer overflow when using roundup_pow_of_two() (bsc#1223035). * CVE-2024-26884: Fixed a bpf hashtab overflow check on 32-bit architectures (bsc#1223189). * CVE-2024-26839: Fixed a memleak in init_credit_return() (bsc#1222975) * CVE-2023-52644: Stop/wake correct queue in DMA Tx path when QoS is disabled in b43 (bsc#1222961). * CVE-2021-47205: Unregistered clocks/resets when unbinding in sunxi-ng (bsc#1222888). * CVE-2021-47211: Fixed a null pointer dereference on pointer cs_desc in usb- audio (bsc#1222869). * CVE-2021-47207: Fixed a null pointer dereference on pointer block in gus (bsc#1222790). * CVE-2024-26779: Fixed a race condition on enabling fast-xmit in mac80211 (bsc#1222772). * CVE-2024-26777: Error out if pixclock equals zero in fbdev/sis (bsc#1222765) * CVE-2024-26778: Error out if pixclock equals zero in fbdev/savage (bsc#1222770) * CVE-2024-26747: Fixed a NULL pointer issue with USB parent module's reference (bsc#1222609). The following non-security bugs were fixed: * Input: adxl34x - do not hardcode interrupt trigger type (git-fixes). * Input: drv260x - sleep between polling GO bit (git-fixes). * Input: ipaq-micro-keys - add error handling for devm_kmemdup. * Input: xpad - add PXN V900 support. * USB: core: Fix deadlock in usb_deauthorize_interface(). * USB: usb-storage: Prevent divide-by-0 error in isd200_ata_command (git- fixes). * atl1c: fix error return code in atl1c_probe() (git-fixes). * atl1e: fix error return code in atl1e_probe() (git-fixes). * bluetooth: btqca: Fixed a coding style error (git-fixes). * bluetooth: btqca: Introduce HCI_EV_VENDOR and use it (git-fixes). * bluetooth: btqcomsmd: Fix command timeout after setting BD address (git- fixes). * bluetooth: hci_intel: Add check for platform_driver_register (git-fixes). * bnx2x: Fix enabling network interfaces without VFs (git-fixes). * bnx2x: Fix missing error code in bnx2x_iov_init_one() (git-fixes). * bpf, sockmap: Fix preempt_rt splat when using raw_spin_lock_t (git-fixes). * drivers: usb: host: Fix deadlock in oxu_bus_suspend() (git-fixes). * ethernet: myri10ge: Fix missing error code in myri10ge_probe() (git-fixes). * ethernet: ucc_geth: fix definition and size of ucc_geth_tx_global_pram (git- fixes). * fuse: do not unhash root (bsc#1223954). * iommu/amd: Increase interrupt remapping table limit to 512 entries (git- fixes). * iommu/amd: Mark interrupt as managed (git-fixes). * iommu/amd: Set DTE[IntTabLen] to represent 512 IRTEs (git-fixes). * iommu/amd: Silence warnings under memory pressure (git-fixes). * iommu: Check if group is NULL before remove device (git-fixes). * kabi fix for pNFS: Fix the pnfs block driver's calculation of layoutget size (git-fixes). * kabi: pci: Add locking to RMW PCI Express Capability Register accessors (kabi). * lan78xx: Add missing return code checks (git-fixes). * lan78xx: Add support to dump lan78xx registers (git-fixes). * lan78xx: Do not access skb_queue_head list pointers directly (git-fixes). * lan78xx: Fix exception on link speed change (git-fixes). * lan78xx: Fix partial packet errors on suspend/resume (git-fixes). * lan78xx: Fix race conditions in suspend/resume handling (git-fixes). * lan78xx: Fix white space and style issues (git-fixes). * lan78xx: Modify error messages (git-fixes). * lan78xx: enable auto speed configuration for LAN7850 if no EEPROM is detected (git-fixes). * net/mlx5: Properly convey driver version to firmware (git-fixes). * net/qla3xxx: fix schedule while atomic in ql_sem_spinlock (git-fixes). * net: Fix features skip in for_each_netdev_feature() (git-fixes). * net: allwinner: Fix some resources leak in the error handling path of the probe and in the remove function (git-fixes). * net: atheros: switch from 'pci_' to 'dma_' API (git-fixes). * net: lan78xx: Allow for VLAN headers in timeout calcs (git-fixes). * net: lan78xx: Make declaration style consistent (git-fixes). * net: lan78xx: Merge memcpy + lexx_to_cpus to get_unaligned_lexx (git-fixes). * net: lan78xx: fix runtime PM count underflow on link stop (git-fixes). * net: lan78xx: remove set but not used variable 'event' (git-fixes). * net: macb: ensure the device is available before accessing GEMGXL control registers (git-fixes). * net: stmmac: free tx skb buffer in stmmac_resume() (git-fixes). * net: sunrpc: Fix an off by one in rpc_sockaddr2uaddr() (git-fixes). * net: usb: lan78xx: Remove lots of set but unused 'ret' variables (git- fixes). * net:usb: Use ARRAY_SIZE instead of calculating the array size (git-fixes). * nfs: Fix O_DIRECT commit verifier handling (git-fixes). * nfs: Fix O_DIRECT locking issues (git-fixes). * nfs: Fix a request reference leak in nfs_direct_write_clear_reqs() (git- fixes). * nfs: Fix an off by one in root_nfs_cat() (git-fixes). * nfs: Fix direct WRITE throughput regression (git-fixes). * nfs: Fix error handling for O_DIRECT write scheduling (git-fixes). * nfs: More O_DIRECT accounting fixes for error paths (git-fixes). * nfs: add atomic_open for NFSv3 to handle O_TRUNC correctly (bsc#1219847). * nfs: avoid spurious warning of lost lock that is being unlocked (bsc#1221791). * nfs: commit errors should be fatal (git-fixes). * nfs: only issue commit in DIO codepath if we have uncommitted data (git- fixes). * nfsd: Fix error cleanup path in nfsd_rename() (git-fixes). * nfsd: Reset cb_seq_status after NFS4ERR_DELAY (git-fixes). * nfsd: Retransmit callbacks after client reconnects (git-fixes). * nfsd: lock_rename() needs both directories to live on the same fs (git- fixes). * nfsv4.1/pnfs: Ensure we handle the error NFS4ERR_RETURNCONFLICT (git-fixes). * pci/aer: Clear MULTI_ERR_COR/UNCOR_RCV bits (git-fixes). * pci/aspm: Avoid link retraining race (git-fixes). * pci/aspm: Disable ASPM on MFD function removal to avoid use-after-free (git- fixes). * pci/aspm: Do not warn if already in common clock mode (git-fixes). * pci/aspm: Factor out pcie_wait_for_retrain() (git-fixes). * pci/aspm: Reduce severity of common clock config message (git-fixes). * pci/aspm: Return 0 or -ETIMEDOUT from pcie_retrain_link() (git-fixes). * pci/aspm: Use RMW accessors for changing LNKCTL (git-fixes). * pci/dpc: Print all TLP Prefixes, not just the first (git-fixes). * pci/iov: Enlarge virtfn sysfs name buffer (git-fixes). * pci/msi: Prevent MSI hardware interrupt number truncation (git-fixes). * pci/pm: Power up all devices during runtime resume (git-fixes). * pci/sysfs: Protect driver's D3cold preference from user space (git-fixes). * pci: Add ACS quirk for Broadcom BCM5750x NICs (git-fixes). * pci: Add function 1 DMA alias quirk for Marvell 88SE9235 (git-fixes). * pci: Add locking to RMW PCI Express Capability Register accessors (git- fixes). * pci: Avoid FLR for AMD FCH AHCI adapters (git-fixes). * pci: Avoid pci_dev_lock() AB/BA deadlock with sriov_numvfs_store() (git- fixes). * pci: Make link retraining use RMW accessors for changing LNKCTL (git-fixes). * pci: Mark 3ware-9650SE Root Port Extended Tags as broken (git-fixes). * pci: Rework pcie_retrain_link() wait loop (git-fixes). * pci: aardvark: Fix setting MSI address (git-fixes). * pci: aardvark: Fix support for MSI interrupts (git-fixes). * pci: dwc: Add unroll iATU space support to dw_pcie_disable_atu() (git- fixes). * pci: endpoint: Do not stop controller when unbinding endpoint function (git- fixes). * pci: hotplug: Allow marking devices as disconnected during bind/unbind (git- fixes). * pci: pciehp: Add pciehp_set_indicators() to set both indicators (git-fixes). * pci: pciehp: Cancel bringup sequence if card is not present (git-fixes). * pci: pciehp: Fix AB-BA deadlock between reset_lock and device_lock (git- fixes). * pci: pciehp: Use RMW accessors for changing LNKCTL (git-fixes). * pci: qcom: Disable write access to read only registers for IP v2.3.3 (git- fixes). * pci: qcom: Fix unbalanced PHY init on probe errors (git-fixes). * pci: qcom: Use DWC helpers for modifying the read-only DBI registers (git- fixes). * pci: switchtec: Return -EFAULT for copy_to_user() errors (git-fixes). * pnfs/flexfiles: Check the layout validity in ff_layout_mirror_prepare_stats (git-fixes). * pnfs: Fix the pnfs block driver's calculation of layoutget size (git-fixes). * rdma/ipoib: Fix error code return in ipoib_mcast_join (bsc#1221082) * s390/mm: Fix clearing storage keys for huge pages (git-fixes bsc#1223883). * s390/mm: Fix storage key clearing for guest huge pages (git-fixes bsc#1223885). * s390/vtime: fix average steal time calculation (git-fixes bsc#1221953). * scsi: qla2xxx: Change debug message during driver unload (bsc1221816). * scsi: qla2xxx: Delay I/O Abort on PCI error (bsc1221816). * scsi: qla2xxx: Fix N2N stuck connection (bsc1221816). * scsi: qla2xxx: Fix command flush on cable pull (bsc1221816). * scsi: qla2xxx: Fix double free of fcport (bsc1221816). * scsi: qla2xxx: Fix double free of the ha->vp_map pointer (bsc1221816). * scsi: qla2xxx: NVME|FCP prefer flag not being honored (bsc1221816). * scsi: qla2xxx: Prevent command send on chip reset (bsc1221816). * scsi: qla2xxx: Split FCE|EFT trace control (bsc1221816). * scsi: qla2xxx: Update manufacturer detail (bsc1221816). * scsi: qla2xxx: Update version to 10.02.09.200-k (bsc1221816). * sr9800: Add check for usbnet_get_endpoints (git-fixes). * sunrpc: Fix RPC client cleaned up the freed pipefs dentries (git-fixes). * sunrpc: fix a memleak in gss_import_v2_context (git-fixes). * sunrpc: fix some memleaks in gssx_dec_option_array (git-fixes). * tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc (bsc#1222619). * tun: honor IOCB_NOWAIT flag (git-fixes). * usb: dwc2: Fix memory leak in dwc2_hcd_init. * usb: dwc2: check return value after calling platform_get_resource() (git- fixes). * usb: dwc3: gadget: Ignore EP queue requests during bus reset (git-fixes). * usb: gadget: Fix issue with config_ep_by_speed function (git-fixes). * usb: mon: Fix atomicity violation in mon_bin_vma_fault (git-fixes). * usb: musb: Modify the "HWVers" register address (git-fixes). * usb: roles: do not get/set_role() when usb_role_switch is unregistered. * usb: serial: option: add Fibocom L7xx modules (git-fixes). * usb: serial: option: do not claim interface 4 for ZTE MF290 (git-fixes). * usb: storage: set 1.50 as the lower bcdDevice for older "Super Top" compatibility (git-fixes). * usb: typec: class: fix typec_altmode_put_partner to put plugs (git-fixes). * usb: usbfs: Do not WARN about excessively large memory allocations. * x86/CPU/AMD: Update the Zenbleed microcode revisions (git-fixes). * x86/bugs: Fix the SRSO mitigation on Zen3/4 (git-fixes). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-HA-12-SP5-2024-1648=1 SUSE-SLE- SERVER-12-SP5-2024-1648=1 * SUSE Linux Enterprise High Availability Extension 12 SP5 zypper in -t patch SUSE-SLE-HA-12-SP5-2024-1648=1 * SUSE Linux Enterprise Live Patching 12-SP5 zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2024-1648=1 * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-1648=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1648=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1648=1 * SUSE Linux Enterprise Workstation Extension 12 12-SP5 zypper in -t patch SUSE-SLE-WE-12-SP5-2024-1648=1 ## Package List: * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * kernel-default-debuginfo-4.12.14-122.212.1 * kernel-default-base-debuginfo-4.12.14-122.212.1 * dlm-kmp-default-debuginfo-4.12.14-122.212.1 * gfs2-kmp-default-4.12.14-122.212.1 * gfs2-kmp-default-debuginfo-4.12.14-122.212.1 * kernel-default-debugsource-4.12.14-122.212.1 * ocfs2-kmp-default-debuginfo-4.12.14-122.212.1 * dlm-kmp-default-4.12.14-122.212.1 * kernel-default-devel-4.12.14-122.212.1 * kernel-default-base-4.12.14-122.212.1 * kernel-syms-4.12.14-122.212.1 * ocfs2-kmp-default-4.12.14-122.212.1 * cluster-md-kmp-default-debuginfo-4.12.14-122.212.1 * cluster-md-kmp-default-4.12.14-122.212.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (nosrc ppc64le x86_64) * kernel-default-4.12.14-122.212.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (noarch) * kernel-source-4.12.14-122.212.1 * kernel-macros-4.12.14-122.212.1 * kernel-devel-4.12.14-122.212.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (x86_64) * kernel-default-devel-debuginfo-4.12.14-122.212.1 * SUSE Linux Enterprise High Availability Extension 12 SP5 (ppc64le s390x x86_64) * kernel-default-debuginfo-4.12.14-122.212.1 * dlm-kmp-default-debuginfo-4.12.14-122.212.1 * gfs2-kmp-default-4.12.14-122.212.1 * gfs2-kmp-default-debuginfo-4.12.14-122.212.1 * kernel-default-debugsource-4.12.14-122.212.1 * ocfs2-kmp-default-debuginfo-4.12.14-122.212.1 * dlm-kmp-default-4.12.14-122.212.1 * ocfs2-kmp-default-4.12.14-122.212.1 * cluster-md-kmp-default-debuginfo-4.12.14-122.212.1 * cluster-md-kmp-default-4.12.14-122.212.1 * SUSE Linux Enterprise High Availability Extension 12 SP5 (nosrc) * kernel-default-4.12.14-122.212.1 * SUSE Linux Enterprise Live Patching 12-SP5 (nosrc) * kernel-default-4.12.14-122.212.1 * SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64) * kernel-default-debuginfo-4.12.14-122.212.1 * kernel-default-debugsource-4.12.14-122.212.1 * kgraft-patch-4_12_14-122_212-default-1-8.11.1 * kernel-default-kgraft-devel-4.12.14-122.212.1 * kernel-default-kgraft-4.12.14-122.212.1 * SUSE Linux Enterprise Software Development Kit 12 SP5 (noarch nosrc) * kernel-docs-4.12.14-122.212.1 * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * kernel-obs-build-4.12.14-122.212.1 * kernel-obs-build-debugsource-4.12.14-122.212.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 nosrc x86_64) * kernel-default-4.12.14-122.212.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * kernel-default-debuginfo-4.12.14-122.212.1 * kernel-default-base-debuginfo-4.12.14-122.212.1 * kernel-default-debugsource-4.12.14-122.212.1 * kernel-default-devel-4.12.14-122.212.1 * kernel-syms-4.12.14-122.212.1 * kernel-default-base-4.12.14-122.212.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (noarch) * kernel-source-4.12.14-122.212.1 * kernel-macros-4.12.14-122.212.1 * kernel-devel-4.12.14-122.212.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (x86_64) * kernel-default-devel-debuginfo-4.12.14-122.212.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-4.12.14-122.212.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * kernel-default-debuginfo-4.12.14-122.212.1 * kernel-default-base-debuginfo-4.12.14-122.212.1 * kernel-default-debugsource-4.12.14-122.212.1 * kernel-default-devel-4.12.14-122.212.1 * kernel-syms-4.12.14-122.212.1 * kernel-default-base-4.12.14-122.212.1 * SUSE Linux Enterprise Server 12 SP5 (noarch) * kernel-source-4.12.14-122.212.1 * kernel-macros-4.12.14-122.212.1 * kernel-devel-4.12.14-122.212.1 * SUSE Linux Enterprise Server 12 SP5 (s390x) * kernel-default-man-4.12.14-122.212.1 * SUSE Linux Enterprise Server 12 SP5 (x86_64) * kernel-default-devel-debuginfo-4.12.14-122.212.1 * SUSE Linux Enterprise Workstation Extension 12 12-SP5 (nosrc) * kernel-default-4.12.14-122.212.1 * SUSE Linux Enterprise Workstation Extension 12 12-SP5 (x86_64) * kernel-default-debuginfo-4.12.14-122.212.1 * kernel-default-extra-4.12.14-122.212.1 * kernel-default-extra-debuginfo-4.12.14-122.212.1 * kernel-default-debugsource-4.12.14-122.212.1 ## References: * https://www.suse.com/security/cve/CVE-2019-25160.html * https://www.suse.com/security/cve/CVE-2020-36312.html * https://www.suse.com/security/cve/CVE-2021-23134.html * https://www.suse.com/security/cve/CVE-2021-46904.html * https://www.suse.com/security/cve/CVE-2021-46905.html * https://www.suse.com/security/cve/CVE-2021-46907.html * https://www.suse.com/security/cve/CVE-2021-46909.html * https://www.suse.com/security/cve/CVE-2021-46938.html * https://www.suse.com/security/cve/CVE-2021-46939.html * https://www.suse.com/security/cve/CVE-2021-46941.html * https://www.suse.com/security/cve/CVE-2021-46950.html * https://www.suse.com/security/cve/CVE-2021-46958.html * https://www.suse.com/security/cve/CVE-2021-46960.html * https://www.suse.com/security/cve/CVE-2021-46963.html * https://www.suse.com/security/cve/CVE-2021-46964.html * https://www.suse.com/security/cve/CVE-2021-46966.html * https://www.suse.com/security/cve/CVE-2021-46975.html * https://www.suse.com/security/cve/CVE-2021-46981.html * https://www.suse.com/security/cve/CVE-2021-46988.html * https://www.suse.com/security/cve/CVE-2021-46990.html * https://www.suse.com/security/cve/CVE-2021-46998.html * https://www.suse.com/security/cve/CVE-2021-47006.html * https://www.suse.com/security/cve/CVE-2021-47015.html * https://www.suse.com/security/cve/CVE-2021-47024.html * https://www.suse.com/security/cve/CVE-2021-47034.html * https://www.suse.com/security/cve/CVE-2021-47045.html * https://www.suse.com/security/cve/CVE-2021-47049.html * https://www.suse.com/security/cve/CVE-2021-47055.html * https://www.suse.com/security/cve/CVE-2021-47056.html * https://www.suse.com/security/cve/CVE-2021-47060.html * https://www.suse.com/security/cve/CVE-2021-47061.html * https://www.suse.com/security/cve/CVE-2021-47063.html * https://www.suse.com/security/cve/CVE-2021-47068.html * https://www.suse.com/security/cve/CVE-2021-47070.html * https://www.suse.com/security/cve/CVE-2021-47071.html * https://www.suse.com/security/cve/CVE-2021-47073.html * https://www.suse.com/security/cve/CVE-2021-47100.html * https://www.suse.com/security/cve/CVE-2021-47101.html * https://www.suse.com/security/cve/CVE-2021-47104.html * https://www.suse.com/security/cve/CVE-2021-47110.html * https://www.suse.com/security/cve/CVE-2021-47112.html * https://www.suse.com/security/cve/CVE-2021-47114.html * https://www.suse.com/security/cve/CVE-2021-47117.html * https://www.suse.com/security/cve/CVE-2021-47118.html * https://www.suse.com/security/cve/CVE-2021-47119.html * https://www.suse.com/security/cve/CVE-2021-47138.html * https://www.suse.com/security/cve/CVE-2021-47141.html * https://www.suse.com/security/cve/CVE-2021-47142.html * https://www.suse.com/security/cve/CVE-2021-47143.html * https://www.suse.com/security/cve/CVE-2021-47146.html * https://www.suse.com/security/cve/CVE-2021-47149.html * https://www.suse.com/security/cve/CVE-2021-47150.html * https://www.suse.com/security/cve/CVE-2021-47153.html * https://www.suse.com/security/cve/CVE-2021-47159.html * https://www.suse.com/security/cve/CVE-2021-47161.html * https://www.suse.com/security/cve/CVE-2021-47162.html * https://www.suse.com/security/cve/CVE-2021-47165.html * https://www.suse.com/security/cve/CVE-2021-47166.html * https://www.suse.com/security/cve/CVE-2021-47167.html * https://www.suse.com/security/cve/CVE-2021-47168.html * https://www.suse.com/security/cve/CVE-2021-47169.html * https://www.suse.com/security/cve/CVE-2021-47171.html * https://www.suse.com/security/cve/CVE-2021-47173.html * https://www.suse.com/security/cve/CVE-2021-47177.html * https://www.suse.com/security/cve/CVE-2021-47179.html * https://www.suse.com/security/cve/CVE-2021-47180.html * https://www.suse.com/security/cve/CVE-2021-47181.html * https://www.suse.com/security/cve/CVE-2021-47182.html * https://www.suse.com/security/cve/CVE-2021-47183.html * https://www.suse.com/security/cve/CVE-2021-47184.html * https://www.suse.com/security/cve/CVE-2021-47185.html * https://www.suse.com/security/cve/CVE-2021-47188.html * https://www.suse.com/security/cve/CVE-2021-47189.html * https://www.suse.com/security/cve/CVE-2021-47198.html * https://www.suse.com/security/cve/CVE-2021-47202.html * https://www.suse.com/security/cve/CVE-2021-47203.html * https://www.suse.com/security/cve/CVE-2021-47204.html * https://www.suse.com/security/cve/CVE-2021-47205.html * https://www.suse.com/security/cve/CVE-2021-47207.html * https://www.suse.com/security/cve/CVE-2021-47211.html * https://www.suse.com/security/cve/CVE-2021-47216.html * https://www.suse.com/security/cve/CVE-2021-47217.html * https://www.suse.com/security/cve/CVE-2022-0487.html * https://www.suse.com/security/cve/CVE-2022-48619.html * https://www.suse.com/security/cve/CVE-2022-48626.html * https://www.suse.com/security/cve/CVE-2022-48636.html * https://www.suse.com/security/cve/CVE-2022-48650.html * https://www.suse.com/security/cve/CVE-2022-48651.html * https://www.suse.com/security/cve/CVE-2022-48667.html * https://www.suse.com/security/cve/CVE-2022-48668.html * https://www.suse.com/security/cve/CVE-2022-48687.html * https://www.suse.com/security/cve/CVE-2022-48688.html * https://www.suse.com/security/cve/CVE-2022-48695.html * https://www.suse.com/security/cve/CVE-2022-48701.html * https://www.suse.com/security/cve/CVE-2023-0160.html * https://www.suse.com/security/cve/CVE-2023-28746.html * https://www.suse.com/security/cve/CVE-2023-35827.html * https://www.suse.com/security/cve/CVE-2023-52454.html * https://www.suse.com/security/cve/CVE-2023-52469.html * https://www.suse.com/security/cve/CVE-2023-52470.html * https://www.suse.com/security/cve/CVE-2023-52474.html * https://www.suse.com/security/cve/CVE-2023-52476.html * https://www.suse.com/security/cve/CVE-2023-52477.html * https://www.suse.com/security/cve/CVE-2023-52486.html * https://www.suse.com/security/cve/CVE-2023-52488.html * https://www.suse.com/security/cve/CVE-2023-52509.html * https://www.suse.com/security/cve/CVE-2023-52515.html * https://www.suse.com/security/cve/CVE-2023-52524.html * https://www.suse.com/security/cve/CVE-2023-52528.html * https://www.suse.com/security/cve/CVE-2023-52575.html * https://www.suse.com/security/cve/CVE-2023-52583.html * https://www.suse.com/security/cve/CVE-2023-52587.html * https://www.suse.com/security/cve/CVE-2023-52590.html * https://www.suse.com/security/cve/CVE-2023-52591.html * https://www.suse.com/security/cve/CVE-2023-52595.html * https://www.suse.com/security/cve/CVE-2023-52598.html * https://www.suse.com/security/cve/CVE-2023-52607.html * https://www.suse.com/security/cve/CVE-2023-52614.html * https://www.suse.com/security/cve/CVE-2023-52620.html * https://www.suse.com/security/cve/CVE-2023-52628.html * https://www.suse.com/security/cve/CVE-2023-52635.html * https://www.suse.com/security/cve/CVE-2023-52639.html * https://www.suse.com/security/cve/CVE-2023-52644.html * https://www.suse.com/security/cve/CVE-2023-52646.html * https://www.suse.com/security/cve/CVE-2023-52650.html * https://www.suse.com/security/cve/CVE-2023-52652.html * https://www.suse.com/security/cve/CVE-2023-52653.html * https://www.suse.com/security/cve/CVE-2023-6270.html * https://www.suse.com/security/cve/CVE-2023-6356.html * https://www.suse.com/security/cve/CVE-2023-6535.html * https://www.suse.com/security/cve/CVE-2023-6536.html * https://www.suse.com/security/cve/CVE-2023-7042.html * https://www.suse.com/security/cve/CVE-2023-7192.html * https://www.suse.com/security/cve/CVE-2024-2201.html * https://www.suse.com/security/cve/CVE-2024-22099.html * https://www.suse.com/security/cve/CVE-2024-23307.html * https://www.suse.com/security/cve/CVE-2024-23848.html * https://www.suse.com/security/cve/CVE-2024-24855.html * https://www.suse.com/security/cve/CVE-2024-24861.html * https://www.suse.com/security/cve/CVE-2024-26614.html * https://www.suse.com/security/cve/CVE-2024-26642.html * https://www.suse.com/security/cve/CVE-2024-26651.html * https://www.suse.com/security/cve/CVE-2024-26671.html * https://www.suse.com/security/cve/CVE-2024-26675.html * https://www.suse.com/security/cve/CVE-2024-26689.html * https://www.suse.com/security/cve/CVE-2024-26704.html * https://www.suse.com/security/cve/CVE-2024-26733.html * https://www.suse.com/security/cve/CVE-2024-26739.html * https://www.suse.com/security/cve/CVE-2024-26743.html * https://www.suse.com/security/cve/CVE-2024-26744.html * https://www.suse.com/security/cve/CVE-2024-26747.html * https://www.suse.com/security/cve/CVE-2024-26754.html * https://www.suse.com/security/cve/CVE-2024-26763.html * https://www.suse.com/security/cve/CVE-2024-26771.html * https://www.suse.com/security/cve/CVE-2024-26772.html * https://www.suse.com/security/cve/CVE-2024-26773.html * https://www.suse.com/security/cve/CVE-2024-26777.html * https://www.suse.com/security/cve/CVE-2024-26778.html * https://www.suse.com/security/cve/CVE-2024-26779.html * https://www.suse.com/security/cve/CVE-2024-26793.html * https://www.suse.com/security/cve/CVE-2024-26805.html * https://www.suse.com/security/cve/CVE-2024-26816.html * https://www.suse.com/security/cve/CVE-2024-26817.html * https://www.suse.com/security/cve/CVE-2024-26839.html * https://www.suse.com/security/cve/CVE-2024-26840.html * https://www.suse.com/security/cve/CVE-2024-26852.html * https://www.suse.com/security/cve/CVE-2024-26855.html * https://www.suse.com/security/cve/CVE-2024-26857.html * https://www.suse.com/security/cve/CVE-2024-26859.html * https://www.suse.com/security/cve/CVE-2024-26878.html * https://www.suse.com/security/cve/CVE-2024-26883.html * https://www.suse.com/security/cve/CVE-2024-26884.html * https://www.suse.com/security/cve/CVE-2024-26898.html * https://www.suse.com/security/cve/CVE-2024-26901.html * https://www.suse.com/security/cve/CVE-2024-26903.html * https://www.suse.com/security/cve/CVE-2024-26907.html * https://www.suse.com/security/cve/CVE-2024-26922.html * https://www.suse.com/security/cve/CVE-2024-26929.html * https://www.suse.com/security/cve/CVE-2024-26930.html * https://www.suse.com/security/cve/CVE-2024-26931.html * https://www.suse.com/security/cve/CVE-2024-26948.html * https://www.suse.com/security/cve/CVE-2024-26993.html * https://www.suse.com/security/cve/CVE-2024-27013.html * https://www.suse.com/security/cve/CVE-2024-27014.html * https://www.suse.com/security/cve/CVE-2024-27043.html * https://www.suse.com/security/cve/CVE-2024-27046.html * https://www.suse.com/security/cve/CVE-2024-27054.html * https://www.suse.com/security/cve/CVE-2024-27072.html * https://www.suse.com/security/cve/CVE-2024-27073.html * https://www.suse.com/security/cve/CVE-2024-27074.html * https://www.suse.com/security/cve/CVE-2024-27075.html * https://www.suse.com/security/cve/CVE-2024-27078.html * https://www.suse.com/security/cve/CVE-2024-27388.html * https://bugzilla.suse.com/show_bug.cgi?id=1084332 * https://bugzilla.suse.com/show_bug.cgi?id=1141539 * https://bugzilla.suse.com/show_bug.cgi?id=1184509 * https://bugzilla.suse.com/show_bug.cgi?id=1186060 * https://bugzilla.suse.com/show_bug.cgi?id=1190317 * https://bugzilla.suse.com/show_bug.cgi?id=1190576 * https://bugzilla.suse.com/show_bug.cgi?id=1192145 * https://bugzilla.suse.com/show_bug.cgi?id=1194516 * https://bugzilla.suse.com/show_bug.cgi?id=1203935 * https://bugzilla.suse.com/show_bug.cgi?id=1209657 * https://bugzilla.suse.com/show_bug.cgi?id=1211592 * https://bugzilla.suse.com/show_bug.cgi?id=1212514 * https://bugzilla.suse.com/show_bug.cgi?id=1213456 * https://bugzilla.suse.com/show_bug.cgi?id=1217339 * https://bugzilla.suse.com/show_bug.cgi?id=1217987 * https://bugzilla.suse.com/show_bug.cgi?id=1217988 * https://bugzilla.suse.com/show_bug.cgi?id=1217989 * https://bugzilla.suse.com/show_bug.cgi?id=1218220 * https://bugzilla.suse.com/show_bug.cgi?id=1218336 * https://bugzilla.suse.com/show_bug.cgi?id=1218479 * https://bugzilla.suse.com/show_bug.cgi?id=1218562 * https://bugzilla.suse.com/show_bug.cgi?id=1219104 * https://bugzilla.suse.com/show_bug.cgi?id=1219169 * https://bugzilla.suse.com/show_bug.cgi?id=1219170 * https://bugzilla.suse.com/show_bug.cgi?id=1219618 * https://bugzilla.suse.com/show_bug.cgi?id=1219623 * https://bugzilla.suse.com/show_bug.cgi?id=1219847 * https://bugzilla.suse.com/show_bug.cgi?id=1220320 * https://bugzilla.suse.com/show_bug.cgi?id=1220366 * https://bugzilla.suse.com/show_bug.cgi?id=1220394 * https://bugzilla.suse.com/show_bug.cgi?id=1220411 * https://bugzilla.suse.com/show_bug.cgi?id=1220416 * https://bugzilla.suse.com/show_bug.cgi?id=1220418 * https://bugzilla.suse.com/show_bug.cgi?id=1220422 * https://bugzilla.suse.com/show_bug.cgi?id=1220442 * https://bugzilla.suse.com/show_bug.cgi?id=1220445 * https://bugzilla.suse.com/show_bug.cgi?id=1220505 * https://bugzilla.suse.com/show_bug.cgi?id=1220521 * https://bugzilla.suse.com/show_bug.cgi?id=1220528 * https://bugzilla.suse.com/show_bug.cgi?id=1220536 * https://bugzilla.suse.com/show_bug.cgi?id=1220538 * https://bugzilla.suse.com/show_bug.cgi?id=1220554 * https://bugzilla.suse.com/show_bug.cgi?id=1220572 * https://bugzilla.suse.com/show_bug.cgi?id=1220580 * https://bugzilla.suse.com/show_bug.cgi?id=1220611 * https://bugzilla.suse.com/show_bug.cgi?id=1220625 * https://bugzilla.suse.com/show_bug.cgi?id=1220628 * https://bugzilla.suse.com/show_bug.cgi?id=1220637 * https://bugzilla.suse.com/show_bug.cgi?id=1220640 * https://bugzilla.suse.com/show_bug.cgi?id=1220662 * https://bugzilla.suse.com/show_bug.cgi?id=1220687 * https://bugzilla.suse.com/show_bug.cgi?id=1220692 * https://bugzilla.suse.com/show_bug.cgi?id=1220703 * https://bugzilla.suse.com/show_bug.cgi?id=1220706 * https://bugzilla.suse.com/show_bug.cgi?id=1220739 * https://bugzilla.suse.com/show_bug.cgi?id=1220742 * https://bugzilla.suse.com/show_bug.cgi?id=1220743 * https://bugzilla.suse.com/show_bug.cgi?id=1220745 * https://bugzilla.suse.com/show_bug.cgi?id=1220751 * https://bugzilla.suse.com/show_bug.cgi?id=1220768 * https://bugzilla.suse.com/show_bug.cgi?id=1220769 * https://bugzilla.suse.com/show_bug.cgi?id=1220777 * https://bugzilla.suse.com/show_bug.cgi?id=1220790 * https://bugzilla.suse.com/show_bug.cgi?id=1220794 * https://bugzilla.suse.com/show_bug.cgi?id=1220829 * https://bugzilla.suse.com/show_bug.cgi?id=1220836 * https://bugzilla.suse.com/show_bug.cgi?id=1220843 * https://bugzilla.suse.com/show_bug.cgi?id=1220846 * https://bugzilla.suse.com/show_bug.cgi?id=1220850 * https://bugzilla.suse.com/show_bug.cgi?id=1220871 * https://bugzilla.suse.com/show_bug.cgi?id=1220927 * https://bugzilla.suse.com/show_bug.cgi?id=1220960 * https://bugzilla.suse.com/show_bug.cgi?id=1220985 * https://bugzilla.suse.com/show_bug.cgi?id=1220987 * https://bugzilla.suse.com/show_bug.cgi?id=1221044 * https://bugzilla.suse.com/show_bug.cgi?id=1221046 * https://bugzilla.suse.com/show_bug.cgi?id=1221048 * https://bugzilla.suse.com/show_bug.cgi?id=1221058 * https://bugzilla.suse.com/show_bug.cgi?id=1221060 * https://bugzilla.suse.com/show_bug.cgi?id=1221061 * https://bugzilla.suse.com/show_bug.cgi?id=1221077 * https://bugzilla.suse.com/show_bug.cgi?id=1221082 * https://bugzilla.suse.com/show_bug.cgi?id=1221088 * https://bugzilla.suse.com/show_bug.cgi?id=1221162 * https://bugzilla.suse.com/show_bug.cgi?id=1221277 * https://bugzilla.suse.com/show_bug.cgi?id=1221293 * https://bugzilla.suse.com/show_bug.cgi?id=1221337 * https://bugzilla.suse.com/show_bug.cgi?id=1221532 * https://bugzilla.suse.com/show_bug.cgi?id=1221541 * https://bugzilla.suse.com/show_bug.cgi?id=1221548 * https://bugzilla.suse.com/show_bug.cgi?id=1221575 * https://bugzilla.suse.com/show_bug.cgi?id=1221605 * https://bugzilla.suse.com/show_bug.cgi?id=1221608 * https://bugzilla.suse.com/show_bug.cgi?id=1221617 * https://bugzilla.suse.com/show_bug.cgi?id=1221791 * https://bugzilla.suse.com/show_bug.cgi?id=1221816 * https://bugzilla.suse.com/show_bug.cgi?id=1221825 * https://bugzilla.suse.com/show_bug.cgi?id=1221830 * https://bugzilla.suse.com/show_bug.cgi?id=1221862 * https://bugzilla.suse.com/show_bug.cgi?id=1221934 * https://bugzilla.suse.com/show_bug.cgi?id=1221949 * https://bugzilla.suse.com/show_bug.cgi?id=1221952 * https://bugzilla.suse.com/show_bug.cgi?id=1221953 * https://bugzilla.suse.com/show_bug.cgi?id=1221965 * https://bugzilla.suse.com/show_bug.cgi?id=1221966 * https://bugzilla.suse.com/show_bug.cgi?id=1221967 * https://bugzilla.suse.com/show_bug.cgi?id=1221969 * https://bugzilla.suse.com/show_bug.cgi?id=1221972 * https://bugzilla.suse.com/show_bug.cgi?id=1221973 * https://bugzilla.suse.com/show_bug.cgi?id=1221977 * https://bugzilla.suse.com/show_bug.cgi?id=1221979 * https://bugzilla.suse.com/show_bug.cgi?id=1221988 * https://bugzilla.suse.com/show_bug.cgi?id=1221991 * https://bugzilla.suse.com/show_bug.cgi?id=1221993 * https://bugzilla.suse.com/show_bug.cgi?id=1221994 * https://bugzilla.suse.com/show_bug.cgi?id=1221997 * https://bugzilla.suse.com/show_bug.cgi?id=1221998 * https://bugzilla.suse.com/show_bug.cgi?id=1221999 * https://bugzilla.suse.com/show_bug.cgi?id=1222000 * https://bugzilla.suse.com/show_bug.cgi?id=1222001 * https://bugzilla.suse.com/show_bug.cgi?id=1222002 * https://bugzilla.suse.com/show_bug.cgi?id=1222117 * https://bugzilla.suse.com/show_bug.cgi?id=1222294 * https://bugzilla.suse.com/show_bug.cgi?id=1222300 * https://bugzilla.suse.com/show_bug.cgi?id=1222357 * https://bugzilla.suse.com/show_bug.cgi?id=1222379 * https://bugzilla.suse.com/show_bug.cgi?id=1222422 * https://bugzilla.suse.com/show_bug.cgi?id=1222428 * https://bugzilla.suse.com/show_bug.cgi?id=1222449 * https://bugzilla.suse.com/show_bug.cgi?id=1222503 * https://bugzilla.suse.com/show_bug.cgi?id=1222559 * https://bugzilla.suse.com/show_bug.cgi?id=1222585 * https://bugzilla.suse.com/show_bug.cgi?id=1222609 * https://bugzilla.suse.com/show_bug.cgi?id=1222610 * https://bugzilla.suse.com/show_bug.cgi?id=1222613 * https://bugzilla.suse.com/show_bug.cgi?id=1222618 * https://bugzilla.suse.com/show_bug.cgi?id=1222619 * https://bugzilla.suse.com/show_bug.cgi?id=1222624 * https://bugzilla.suse.com/show_bug.cgi?id=1222630 * https://bugzilla.suse.com/show_bug.cgi?id=1222632 * https://bugzilla.suse.com/show_bug.cgi?id=1222660 * https://bugzilla.suse.com/show_bug.cgi?id=1222662 * https://bugzilla.suse.com/show_bug.cgi?id=1222664 * https://bugzilla.suse.com/show_bug.cgi?id=1222666 * https://bugzilla.suse.com/show_bug.cgi?id=1222669 * https://bugzilla.suse.com/show_bug.cgi?id=1222671 * https://bugzilla.suse.com/show_bug.cgi?id=1222677 * https://bugzilla.suse.com/show_bug.cgi?id=1222706 * https://bugzilla.suse.com/show_bug.cgi?id=1222720 * https://bugzilla.suse.com/show_bug.cgi?id=1222765 * https://bugzilla.suse.com/show_bug.cgi?id=1222770 * https://bugzilla.suse.com/show_bug.cgi?id=1222772 * https://bugzilla.suse.com/show_bug.cgi?id=1222787 * https://bugzilla.suse.com/show_bug.cgi?id=1222790 * https://bugzilla.suse.com/show_bug.cgi?id=1222812 * https://bugzilla.suse.com/show_bug.cgi?id=1222836 * https://bugzilla.suse.com/show_bug.cgi?id=1222869 * https://bugzilla.suse.com/show_bug.cgi?id=1222876 * https://bugzilla.suse.com/show_bug.cgi?id=1222878 * https://bugzilla.suse.com/show_bug.cgi?id=1222881 * https://bugzilla.suse.com/show_bug.cgi?id=1222883 * https://bugzilla.suse.com/show_bug.cgi?id=1222888 * https://bugzilla.suse.com/show_bug.cgi?id=1222952 * https://bugzilla.suse.com/show_bug.cgi?id=1222961 * https://bugzilla.suse.com/show_bug.cgi?id=1222975 * https://bugzilla.suse.com/show_bug.cgi?id=1222976 * https://bugzilla.suse.com/show_bug.cgi?id=1223016 * https://bugzilla.suse.com/show_bug.cgi?id=1223035 * https://bugzilla.suse.com/show_bug.cgi?id=1223049 * https://bugzilla.suse.com/show_bug.cgi?id=1223051 * https://bugzilla.suse.com/show_bug.cgi?id=1223057 * https://bugzilla.suse.com/show_bug.cgi?id=1223058 * https://bugzilla.suse.com/show_bug.cgi?id=1223060 * https://bugzilla.suse.com/show_bug.cgi?id=1223187 * https://bugzilla.suse.com/show_bug.cgi?id=1223189 * https://bugzilla.suse.com/show_bug.cgi?id=1223198 * https://bugzilla.suse.com/show_bug.cgi?id=1223203 * https://bugzilla.suse.com/show_bug.cgi?id=1223315 * https://bugzilla.suse.com/show_bug.cgi?id=1223432 * https://bugzilla.suse.com/show_bug.cgi?id=1223509 * https://bugzilla.suse.com/show_bug.cgi?id=1223512 * https://bugzilla.suse.com/show_bug.cgi?id=1223513 * https://bugzilla.suse.com/show_bug.cgi?id=1223516 * https://bugzilla.suse.com/show_bug.cgi?id=1223518 * https://bugzilla.suse.com/show_bug.cgi?id=1223626 * https://bugzilla.suse.com/show_bug.cgi?id=1223627 * https://bugzilla.suse.com/show_bug.cgi?id=1223664 * https://bugzilla.suse.com/show_bug.cgi?id=1223686 * https://bugzilla.suse.com/show_bug.cgi?id=1223693 * https://bugzilla.suse.com/show_bug.cgi?id=1223712 * https://bugzilla.suse.com/show_bug.cgi?id=1223715 * https://bugzilla.suse.com/show_bug.cgi?id=1223735 * https://bugzilla.suse.com/show_bug.cgi?id=1223744 * https://bugzilla.suse.com/show_bug.cgi?id=1223745 * https://bugzilla.suse.com/show_bug.cgi?id=1223770 * https://bugzilla.suse.com/show_bug.cgi?id=1223781 * https://bugzilla.suse.com/show_bug.cgi?id=1223819 * https://bugzilla.suse.com/show_bug.cgi?id=1223824 * https://bugzilla.suse.com/show_bug.cgi?id=1223827 * https://bugzilla.suse.com/show_bug.cgi?id=1223837 * https://bugzilla.suse.com/show_bug.cgi?id=1223842 * https://bugzilla.suse.com/show_bug.cgi?id=1223843 * https://bugzilla.suse.com/show_bug.cgi?id=1223844 * https://bugzilla.suse.com/show_bug.cgi?id=1223883 * https://bugzilla.suse.com/show_bug.cgi?id=1223885 * https://bugzilla.suse.com/show_bug.cgi?id=1223921 * https://bugzilla.suse.com/show_bug.cgi?id=1223941 * https://bugzilla.suse.com/show_bug.cgi?id=1223952 * https://bugzilla.suse.com/show_bug.cgi?id=1223953 * https://bugzilla.suse.com/show_bug.cgi?id=1223954 * https://jira.suse.com/browse/PED-5759 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue May 21 16:30:58 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 21 May 2024 16:30:58 -0000 Subject: SUSE-SU-2024:1732-1: important: Security update for the Linux Kernel RT (Live Patch 0 for SLE 15 SP5) Message-ID: <171630905894.28235.17483831331107464872@smelt2.prg2.suse.org> # Security update for the Linux Kernel RT (Live Patch 0 for SLE 15 SP5) Announcement ID: SUSE-SU-2024:1732-1 Rating: important References: * bsc#1216644 * bsc#1218259 * bsc#1220211 * bsc#1220832 * bsc#1221302 * bsc#1222685 * bsc#1223514 Cross-References: * CVE-2022-48651 * CVE-2023-52502 * CVE-2023-6546 * CVE-2023-6931 * CVE-2024-26585 * CVE-2024-26610 CVSS scores: * CVE-2022-48651 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52502 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6931 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6931 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26585 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26585 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26610 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves six vulnerabilities and has one security fix can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_11 fixes several issues. The following security issues were fixed: * CVE-2023-6931: Fixed a heap out-of-bounds write vulnerability in perf_read_group() (bsc#1216644). * CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221302). * CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223514). * CVE-2023-52502: Fixed a race condition in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() (bsc#1220832). * CVE-2024-26585: Fixed race between tx work scheduling and socket close for tls (bsc#1220211). * CVE-2023-6546: Fixed a race condition that could lead to a use-after-free in the GSM 0710 tty multiplexor (bsc#1222685). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-1732=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-1732=1 ## Package List: * openSUSE Leap 15.5 (x86_64) * kernel-livepatch-5_14_21-150500_11-rt-13-150500.3.1 * kernel-livepatch-SLE15-SP5-RT_Update_0-debugsource-13-150500.3.1 * kernel-livepatch-5_14_21-150500_11-rt-debuginfo-13-150500.3.1 * SUSE Linux Enterprise Live Patching 15-SP5 (x86_64) * kernel-livepatch-5_14_21-150500_11-rt-13-150500.3.1 * kernel-livepatch-SLE15-SP5-RT_Update_0-debugsource-13-150500.3.1 * kernel-livepatch-5_14_21-150500_11-rt-debuginfo-13-150500.3.1 ## References: * https://www.suse.com/security/cve/CVE-2022-48651.html * https://www.suse.com/security/cve/CVE-2023-52502.html * https://www.suse.com/security/cve/CVE-2023-6546.html * https://www.suse.com/security/cve/CVE-2023-6931.html * https://www.suse.com/security/cve/CVE-2024-26585.html * https://www.suse.com/security/cve/CVE-2024-26610.html * https://bugzilla.suse.com/show_bug.cgi?id=1216644 * https://bugzilla.suse.com/show_bug.cgi?id=1218259 * https://bugzilla.suse.com/show_bug.cgi?id=1220211 * https://bugzilla.suse.com/show_bug.cgi?id=1220832 * https://bugzilla.suse.com/show_bug.cgi?id=1221302 * https://bugzilla.suse.com/show_bug.cgi?id=1222685 * https://bugzilla.suse.com/show_bug.cgi?id=1223514 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue May 21 16:31:04 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 21 May 2024 16:31:04 -0000 Subject: SUSE-SU-2024:1731-1: important: Security update for the Linux Kernel (Live Patch 11 for SLE 15 SP5) Message-ID: <171630906494.28235.8280781886995263849@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 11 for SLE 15 SP5) Announcement ID: SUSE-SU-2024:1731-1 Rating: important References: * bsc#1220832 * bsc#1221302 * bsc#1222685 * bsc#1223514 Cross-References: * CVE-2022-48651 * CVE-2023-52502 * CVE-2023-6546 * CVE-2024-26610 CVSS scores: * CVE-2022-48651 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52502 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26610 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves four vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_55_52 fixes several issues. The following security issues were fixed: * CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221302). * CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223514). * CVE-2023-52502: Fixed a race condition in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() (bsc#1220832). * CVE-2023-6546: Fixed a race condition that could lead to a use-after-free in the GSM 0710 tty multiplexor (bsc#1222685). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-1731=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-1731=1 ## Package List: * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_52-default-2-150500.11.6.1 * kernel-livepatch-5_14_21-150500_55_52-default-debuginfo-2-150500.11.6.1 * kernel-livepatch-SLE15-SP5_Update_11-debugsource-2-150500.11.6.1 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_52-default-2-150500.11.6.1 * kernel-livepatch-5_14_21-150500_55_52-default-debuginfo-2-150500.11.6.1 * kernel-livepatch-SLE15-SP5_Update_11-debugsource-2-150500.11.6.1 ## References: * https://www.suse.com/security/cve/CVE-2022-48651.html * https://www.suse.com/security/cve/CVE-2023-52502.html * https://www.suse.com/security/cve/CVE-2023-6546.html * https://www.suse.com/security/cve/CVE-2024-26610.html * https://bugzilla.suse.com/show_bug.cgi?id=1220832 * https://bugzilla.suse.com/show_bug.cgi?id=1221302 * https://bugzilla.suse.com/show_bug.cgi?id=1222685 * https://bugzilla.suse.com/show_bug.cgi?id=1223514 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue May 21 16:31:07 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 21 May 2024 16:31:07 -0000 Subject: SUSE-SU-2024:1730-1: important: Security update for the Linux Kernel (Live Patch 47 for SLE 15 SP2) Message-ID: <171630906782.28235.5149922119711266813@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 47 for SLE 15 SP2) Announcement ID: SUSE-SU-2024:1730-1 Rating: important References: * bsc#1210619 * bsc#1223514 Cross-References: * CVE-2022-48651 * CVE-2023-1829 CVSS scores: * CVE-2022-48651 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-1829 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-1829 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise Live Patching 15-SP2 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 An update that solves two vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.3.18-150200_24_188 fixes several issues. The following security issues were fixed: * CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223514). * CVE-2023-1829: Fixed a use-after-free in tcindex that can lead local privilege escalation (bsc#1210619). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP2 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP2-2024-1730=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP2 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP2_Update_47-debugsource-2-150200.5.6.1 * kernel-livepatch-5_3_18-150200_24_188-default-2-150200.5.6.1 * kernel-livepatch-5_3_18-150200_24_188-default-debuginfo-2-150200.5.6.1 ## References: * https://www.suse.com/security/cve/CVE-2022-48651.html * https://www.suse.com/security/cve/CVE-2023-1829.html * https://bugzilla.suse.com/show_bug.cgi?id=1210619 * https://bugzilla.suse.com/show_bug.cgi?id=1223514 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue May 21 16:31:09 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 21 May 2024 16:31:09 -0000 Subject: SUSE-SU-2024:1729-1: important: Security update for the Linux Kernel (Live Patch 40 for SLE 15 SP2) Message-ID: <171630906998.28235.7984396704482006343@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 40 for SLE 15 SP2) Announcement ID: SUSE-SU-2024:1729-1 Rating: important References: * bsc#1216644 * bsc#1218259 * bsc#1220211 * bsc#1220832 * bsc#1222685 * bsc#1223514 Cross-References: * CVE-2022-48651 * CVE-2023-52502 * CVE-2023-6546 * CVE-2023-6931 * CVE-2024-26585 CVSS scores: * CVE-2022-48651 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52502 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6931 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6931 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26585 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26585 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise Live Patching 15-SP2 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 An update that solves five vulnerabilities and has one security fix can now be installed. ## Description: This update for the Linux Kernel 5.3.18-150200_24_163 fixes several issues. The following security issues were fixed: * CVE-2023-6931: Fixed a heap out-of-bounds write vulnerability in perf_read_group() (bsc#1216644). * CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223514). * CVE-2023-52502: Fixed a race condition in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() (bsc#1220832). * CVE-2024-26585: Fixed race between tx work scheduling and socket close for tls (bsc#1220211). * CVE-2023-6546: Fixed a race condition that could lead to a use-after-free in the GSM 0710 tty multiplexor (bsc#1222685). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP2 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP2-2024-1729=1 SUSE-SLE- Module-Live-Patching-15-SP2-2024-1733=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP2 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150200_24_163-default-9-150200.2.1 * kernel-livepatch-SLE15-SP2_Update_38-debugsource-11-150200.2.1 * kernel-livepatch-5_3_18-150200_24_157-default-debuginfo-11-150200.2.1 * kernel-livepatch-5_3_18-150200_24_157-default-11-150200.2.1 * kernel-livepatch-5_3_18-150200_24_163-default-debuginfo-9-150200.2.1 * kernel-livepatch-SLE15-SP2_Update_40-debugsource-9-150200.2.1 ## References: * https://www.suse.com/security/cve/CVE-2022-48651.html * https://www.suse.com/security/cve/CVE-2023-52502.html * https://www.suse.com/security/cve/CVE-2023-6546.html * https://www.suse.com/security/cve/CVE-2023-6931.html * https://www.suse.com/security/cve/CVE-2024-26585.html * https://bugzilla.suse.com/show_bug.cgi?id=1216644 * https://bugzilla.suse.com/show_bug.cgi?id=1218259 * https://bugzilla.suse.com/show_bug.cgi?id=1220211 * https://bugzilla.suse.com/show_bug.cgi?id=1220832 * https://bugzilla.suse.com/show_bug.cgi?id=1222685 * https://bugzilla.suse.com/show_bug.cgi?id=1223514 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue May 21 16:31:12 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 21 May 2024 16:31:12 -0000 Subject: SUSE-SU-2024:1726-1: important: Security update for the Linux Kernel (Live Patch 1 for SLE 15 SP5) Message-ID: <171630907251.28235.11762214145497470477@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 1 for SLE 15 SP5) Announcement ID: SUSE-SU-2024:1726-1 Rating: important References: * bsc#1216644 * bsc#1218259 * bsc#1220211 * bsc#1220832 * bsc#1221302 * bsc#1222685 * bsc#1222882 * bsc#1223514 Cross-References: * CVE-2022-48651 * CVE-2023-52502 * CVE-2023-6546 * CVE-2023-6931 * CVE-2024-26585 * CVE-2024-26610 * CVE-2024-26766 CVSS scores: * CVE-2022-48651 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52502 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6931 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6931 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26585 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26585 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26610 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-26766 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves seven vulnerabilities and has one security fix can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_55_7 fixes several issues. The following security issues were fixed: * CVE-2023-6931: Fixed a heap out-of-bounds write vulnerability in perf_read_group() (bsc#1216644). * CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221302). * CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223514). * CVE-2024-26766: Fixed SDMA off-by-one error in _pad_sdma_tx_descs() (bsc#1222882). * CVE-2023-52502: Fixed a race condition in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() (bsc#1220832). * CVE-2024-26585: Fixed race between tx work scheduling and socket close for tls (bsc#1220211). * CVE-2023-6546: Fixed a race condition that could lead to a use-after-free in the GSM 0710 tty multiplexor (bsc#1222685). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-1724=1 SUSE-2024-1725=1 SUSE-2024-1726=1 * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2024-1724=1 SUSE-SLE- Module-Live-Patching-15-SP4-2024-1725=1 SUSE-SLE-Module-Live- Patching-15-SP4-2024-1726=1 * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-1727=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-1727=1 ## Package List: * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_60-default-debuginfo-14-150400.2.1 * kernel-livepatch-5_14_21-150400_24_69-default-debuginfo-11-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_18-debugsource-9-150400.2.1 * kernel-livepatch-5_14_21-150400_24_88-default-9-150400.2.1 * kernel-livepatch-5_14_21-150400_24_60-default-14-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_11-debugsource-14-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_14-debugsource-11-150400.2.1 * kernel-livepatch-5_14_21-150400_24_69-default-11-150400.2.1 * kernel-livepatch-5_14_21-150400_24_88-default-debuginfo-9-150400.2.1 * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_60-default-debuginfo-14-150400.2.1 * kernel-livepatch-5_14_21-150400_24_69-default-debuginfo-11-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_18-debugsource-9-150400.2.1 * kernel-livepatch-5_14_21-150400_24_88-default-9-150400.2.1 * kernel-livepatch-5_14_21-150400_24_60-default-14-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_11-debugsource-14-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_14-debugsource-11-150400.2.1 * kernel-livepatch-5_14_21-150400_24_69-default-11-150400.2.1 * kernel-livepatch-5_14_21-150400_24_88-default-debuginfo-9-150400.2.1 * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_7-default-debuginfo-11-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_1-debugsource-11-150500.2.1 * kernel-livepatch-5_14_21-150500_55_7-default-11-150500.2.1 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_7-default-debuginfo-11-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_1-debugsource-11-150500.2.1 * kernel-livepatch-5_14_21-150500_55_7-default-11-150500.2.1 ## References: * https://www.suse.com/security/cve/CVE-2022-48651.html * https://www.suse.com/security/cve/CVE-2023-52502.html * https://www.suse.com/security/cve/CVE-2023-6546.html * https://www.suse.com/security/cve/CVE-2023-6931.html * https://www.suse.com/security/cve/CVE-2024-26585.html * https://www.suse.com/security/cve/CVE-2024-26610.html * https://www.suse.com/security/cve/CVE-2024-26766.html * https://bugzilla.suse.com/show_bug.cgi?id=1216644 * https://bugzilla.suse.com/show_bug.cgi?id=1218259 * https://bugzilla.suse.com/show_bug.cgi?id=1220211 * https://bugzilla.suse.com/show_bug.cgi?id=1220832 * https://bugzilla.suse.com/show_bug.cgi?id=1221302 * https://bugzilla.suse.com/show_bug.cgi?id=1222685 * https://bugzilla.suse.com/show_bug.cgi?id=1222882 * https://bugzilla.suse.com/show_bug.cgi?id=1223514 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue May 21 16:31:14 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 21 May 2024 16:31:14 -0000 Subject: SUSE-SU-2024:1728-1: important: Security update for glibc Message-ID: <171630907440.28235.1940951168578845073@smelt2.prg2.suse.org> # Security update for glibc Announcement ID: SUSE-SU-2024:1728-1 Rating: important References: * bsc#1222992 Cross-References: * CVE-2024-2961 CVSS scores: * CVE-2024-2961 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H Affected Products: * SUSE Linux Enterprise Server 11 SP4 * SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE 11-SP4 An update that solves one vulnerability can now be installed. ## Description: This update for glibc fixes the following issues: * CVE-2024-2961: iconv: ISO-2022-CN-EXT: fix out-of-bound writes when writing escape sequence (bsc#1222992) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE 11-SP4 zypper in -t patch SUSE-SLE-SERVER-11-SP4-LTSS-EXTREME-CORE-2024-1728=1 * SUSE Linux Enterprise Server 11 SP4 zypper in -t patch SUSE-SLE-SERVER-11-SP4-LTSS-EXTREME-CORE-2024-1728=1 ## Package List: * SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE 11-SP4 (x86_64) * glibc-profile-32bit-2.11.3-17.110.52.1 * glibc-debugsource-2.11.3-17.110.52.1 * glibc-i18ndata-2.11.3-17.110.52.1 * glibc-locale-2.11.3-17.110.52.1 * glibc-devel-32bit-2.11.3-17.110.52.1 * glibc-devel-2.11.3-17.110.52.1 * glibc-debuginfo-32bit-2.11.3-17.110.52.1 * glibc-2.11.3-17.110.52.1 * glibc-locale-32bit-2.11.3-17.110.52.1 * nscd-2.11.3-17.110.52.1 * glibc-profile-2.11.3-17.110.52.1 * glibc-32bit-2.11.3-17.110.52.1 * glibc-html-2.11.3-17.110.52.1 * glibc-debuginfo-2.11.3-17.110.52.1 * glibc-info-2.11.3-17.110.52.1 * SUSE Linux Enterprise Server 11 SP4 (x86_64) * glibc-profile-32bit-2.11.3-17.110.52.1 * glibc-debugsource-2.11.3-17.110.52.1 * glibc-i18ndata-2.11.3-17.110.52.1 * glibc-locale-2.11.3-17.110.52.1 * glibc-devel-32bit-2.11.3-17.110.52.1 * glibc-devel-2.11.3-17.110.52.1 * glibc-debuginfo-32bit-2.11.3-17.110.52.1 * glibc-2.11.3-17.110.52.1 * glibc-locale-32bit-2.11.3-17.110.52.1 * nscd-2.11.3-17.110.52.1 * glibc-profile-2.11.3-17.110.52.1 * glibc-32bit-2.11.3-17.110.52.1 * glibc-html-2.11.3-17.110.52.1 * glibc-debuginfo-2.11.3-17.110.52.1 * glibc-info-2.11.3-17.110.52.1 ## References: * https://www.suse.com/security/cve/CVE-2024-2961.html * https://bugzilla.suse.com/show_bug.cgi?id=1222992 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue May 21 20:30:07 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 21 May 2024 20:30:07 -0000 Subject: SUSE-SU-2024:1740-1: important: Security update for the Linux Kernel (Live Patch 22 for SLE 15 SP4) Message-ID: <171632340719.10814.6499132771357644690@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 22 for SLE 15 SP4) Announcement ID: SUSE-SU-2024:1740-1 Rating: important References: * bsc#1220211 * bsc#1220832 * bsc#1221302 * bsc#1222685 * bsc#1222882 * bsc#1223514 Cross-References: * CVE-2022-48651 * CVE-2023-52502 * CVE-2023-6546 * CVE-2024-26585 * CVE-2024-26610 * CVE-2024-26766 CVSS scores: * CVE-2022-48651 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52502 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26585 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26585 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26610 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-26766 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves six vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150400_24_103 fixes several issues. The following security issues were fixed: * CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221302). * CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223514). * CVE-2024-26766: Fixed SDMA off-by-one error in _pad_sdma_tx_descs() (bsc#1222882). * CVE-2023-52502: Fixed a race condition in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() (bsc#1220832). * CVE-2024-26585: Fixed race between tx work scheduling and socket close for tls (bsc#1220211). * CVE-2023-6546: Fixed a race condition that could lead to a use-after-free in the GSM 0710 tty multiplexor (bsc#1222685). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-1740=1 SUSE-2024-1741=1 * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2024-1740=1 SUSE-SLE- Module-Live-Patching-15-SP4-2024-1741=1 ## Package List: * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_103-default-debuginfo-5-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_22-debugsource-5-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_21-debugsource-7-150400.2.1 * kernel-livepatch-5_14_21-150400_24_100-default-debuginfo-7-150400.2.1 * kernel-livepatch-5_14_21-150400_24_100-default-7-150400.2.1 * kernel-livepatch-5_14_21-150400_24_103-default-5-150400.2.1 * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_103-default-debuginfo-5-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_22-debugsource-5-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_21-debugsource-7-150400.2.1 * kernel-livepatch-5_14_21-150400_24_100-default-debuginfo-7-150400.2.1 * kernel-livepatch-5_14_21-150400_24_100-default-7-150400.2.1 * kernel-livepatch-5_14_21-150400_24_103-default-5-150400.2.1 ## References: * https://www.suse.com/security/cve/CVE-2022-48651.html * https://www.suse.com/security/cve/CVE-2023-52502.html * https://www.suse.com/security/cve/CVE-2023-6546.html * https://www.suse.com/security/cve/CVE-2024-26585.html * https://www.suse.com/security/cve/CVE-2024-26610.html * https://www.suse.com/security/cve/CVE-2024-26766.html * https://bugzilla.suse.com/show_bug.cgi?id=1220211 * https://bugzilla.suse.com/show_bug.cgi?id=1220832 * https://bugzilla.suse.com/show_bug.cgi?id=1221302 * https://bugzilla.suse.com/show_bug.cgi?id=1222685 * https://bugzilla.suse.com/show_bug.cgi?id=1222882 * https://bugzilla.suse.com/show_bug.cgi?id=1223514 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue May 21 20:30:11 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 21 May 2024 20:30:11 -0000 Subject: SUSE-SU-2024:1739-1: important: Security update for the Linux Kernel (Live Patch 20 for SLE 15 SP4) Message-ID: <171632341104.10814.7856607017341286415@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 20 for SLE 15 SP4) Announcement ID: SUSE-SU-2024:1739-1 Rating: important References: * bsc#1216644 * bsc#1218259 * bsc#1220211 * bsc#1220832 * bsc#1221302 * bsc#1222685 * bsc#1222882 * bsc#1223514 Cross-References: * CVE-2022-48651 * CVE-2023-52502 * CVE-2023-6546 * CVE-2023-6931 * CVE-2024-26585 * CVE-2024-26610 * CVE-2024-26766 CVSS scores: * CVE-2022-48651 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52502 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6931 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6931 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26585 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26585 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26610 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-26766 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves seven vulnerabilities and has one security fix can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150400_24_97 fixes several issues. The following security issues were fixed: * CVE-2023-6931: Fixed a heap out-of-bounds write vulnerability in perf_read_group() (bsc#1216644). * CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221302). * CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223514). * CVE-2024-26766: Fixed SDMA off-by-one error in _pad_sdma_tx_descs() (bsc#1222882). * CVE-2023-52502: Fixed a race condition in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() (bsc#1220832). * CVE-2024-26585: Fixed race between tx work scheduling and socket close for tls (bsc#1220211). * CVE-2023-6546: Fixed a race condition that could lead to a use-after-free in the GSM 0710 tty multiplexor (bsc#1222685). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-1739=1 * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2024-1739=1 ## Package List: * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_97-default-7-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_20-debugsource-7-150400.2.1 * kernel-livepatch-5_14_21-150400_24_97-default-debuginfo-7-150400.2.1 * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_97-default-7-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_20-debugsource-7-150400.2.1 * kernel-livepatch-5_14_21-150400_24_97-default-debuginfo-7-150400.2.1 ## References: * https://www.suse.com/security/cve/CVE-2022-48651.html * https://www.suse.com/security/cve/CVE-2023-52502.html * https://www.suse.com/security/cve/CVE-2023-6546.html * https://www.suse.com/security/cve/CVE-2023-6931.html * https://www.suse.com/security/cve/CVE-2024-26585.html * https://www.suse.com/security/cve/CVE-2024-26610.html * https://www.suse.com/security/cve/CVE-2024-26766.html * https://bugzilla.suse.com/show_bug.cgi?id=1216644 * https://bugzilla.suse.com/show_bug.cgi?id=1218259 * https://bugzilla.suse.com/show_bug.cgi?id=1220211 * https://bugzilla.suse.com/show_bug.cgi?id=1220832 * https://bugzilla.suse.com/show_bug.cgi?id=1221302 * https://bugzilla.suse.com/show_bug.cgi?id=1222685 * https://bugzilla.suse.com/show_bug.cgi?id=1222882 * https://bugzilla.suse.com/show_bug.cgi?id=1223514 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue May 21 20:30:14 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 21 May 2024 20:30:14 -0000 Subject: SUSE-SU-2024:1738-1: important: Security update for the Linux Kernel (Live Patch 43 for SLE 15 SP3) Message-ID: <171632341423.10814.8750919011506235675@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 43 for SLE 15 SP3) Announcement ID: SUSE-SU-2024:1738-1 Rating: important References: * bsc#1210619 * bsc#1221302 * bsc#1223514 Cross-References: * CVE-2022-48651 * CVE-2023-1829 * CVE-2024-26610 CVSS scores: * CVE-2022-48651 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-1829 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-1829 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26610 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise Live Patching 15-SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves three vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.3.18-150300_59_158 fixes several issues. The following security issues were fixed: * CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221302). * CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223514). * CVE-2023-1829: Fixed a use-after-free in tcindex that can lead local privilege escalation (bsc#1210619). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-1738=1 * SUSE Linux Enterprise Live Patching 15-SP3 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2024-1738=1 ## Package List: * openSUSE Leap 15.3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_158-default-debuginfo-2-150300.7.6.1 * kernel-livepatch-SLE15-SP3_Update_43-debugsource-2-150300.7.6.1 * kernel-livepatch-5_3_18-150300_59_158-default-2-150300.7.6.1 * openSUSE Leap 15.3 (x86_64) * kernel-livepatch-5_3_18-150300_59_158-preempt-debuginfo-2-150300.7.6.1 * kernel-livepatch-5_3_18-150300_59_158-preempt-2-150300.7.6.1 * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_158-default-2-150300.7.6.1 ## References: * https://www.suse.com/security/cve/CVE-2022-48651.html * https://www.suse.com/security/cve/CVE-2023-1829.html * https://www.suse.com/security/cve/CVE-2024-26610.html * https://bugzilla.suse.com/show_bug.cgi?id=1210619 * https://bugzilla.suse.com/show_bug.cgi?id=1221302 * https://bugzilla.suse.com/show_bug.cgi?id=1223514 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue May 21 20:30:16 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 21 May 2024 20:30:16 -0000 Subject: SUSE-SU-2024:1735-1: important: Security update for the Linux Kernel (Live Patch 37 for SLE 15 SP2) Message-ID: <171632341675.10814.16821741523680676691@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 37 for SLE 15 SP2) Announcement ID: SUSE-SU-2024:1735-1 Rating: important References: * bsc#1216644 * bsc#1218259 * bsc#1220211 * bsc#1220832 * bsc#1222685 * bsc#1223514 Cross-References: * CVE-2022-48651 * CVE-2023-52502 * CVE-2023-6546 * CVE-2023-6931 * CVE-2024-26585 CVSS scores: * CVE-2022-48651 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52502 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6931 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6931 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26585 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26585 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise Live Patching 15-SP2 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 An update that solves five vulnerabilities and has one security fix can now be installed. ## Description: This update for the Linux Kernel 5.3.18-150200_24_154 fixes several issues. The following security issues were fixed: * CVE-2023-6931: Fixed a heap out-of-bounds write vulnerability in perf_read_group() (bsc#1216644). * CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223514). * CVE-2023-52502: Fixed a race condition in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() (bsc#1220832). * CVE-2024-26585: Fixed race between tx work scheduling and socket close for tls (bsc#1220211). * CVE-2023-6546: Fixed a race condition that could lead to a use-after-free in the GSM 0710 tty multiplexor (bsc#1222685). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP2 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP2-2024-1735=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP2 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150200_24_154-default-debuginfo-12-150200.2.1 * kernel-livepatch-SLE15-SP2_Update_37-debugsource-12-150200.2.1 * kernel-livepatch-5_3_18-150200_24_154-default-12-150200.2.1 ## References: * https://www.suse.com/security/cve/CVE-2022-48651.html * https://www.suse.com/security/cve/CVE-2023-52502.html * https://www.suse.com/security/cve/CVE-2023-6546.html * https://www.suse.com/security/cve/CVE-2023-6931.html * https://www.suse.com/security/cve/CVE-2024-26585.html * https://bugzilla.suse.com/show_bug.cgi?id=1216644 * https://bugzilla.suse.com/show_bug.cgi?id=1218259 * https://bugzilla.suse.com/show_bug.cgi?id=1220211 * https://bugzilla.suse.com/show_bug.cgi?id=1220832 * https://bugzilla.suse.com/show_bug.cgi?id=1222685 * https://bugzilla.suse.com/show_bug.cgi?id=1223514 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue May 21 20:30:19 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 21 May 2024 20:30:19 -0000 Subject: SUSE-SU-2024:1736-1: important: Security update for the Linux Kernel (Live Patch 34 for SLE 15 SP3) Message-ID: <171632341951.10814.1308684373223863472@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 34 for SLE 15 SP3) Announcement ID: SUSE-SU-2024:1736-1 Rating: important References: * bsc#1216644 * bsc#1218259 * bsc#1220211 * bsc#1220832 * bsc#1221302 * bsc#1222685 * bsc#1223514 Cross-References: * CVE-2022-48651 * CVE-2023-52502 * CVE-2023-6546 * CVE-2023-6931 * CVE-2024-26585 * CVE-2024-26610 CVSS scores: * CVE-2022-48651 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52502 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6931 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6931 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26585 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26585 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26610 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise Live Patching 15-SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves six vulnerabilities and has one security fix can now be installed. ## Description: This update for the Linux Kernel 5.3.18-150300_59_127 fixes several issues. The following security issues were fixed: * CVE-2023-6931: Fixed a heap out-of-bounds write vulnerability in perf_read_group() (bsc#1216644). * CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221302). * CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223514). * CVE-2023-52502: Fixed a race condition in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() (bsc#1220832). * CVE-2024-26585: Fixed race between tx work scheduling and socket close for tls (bsc#1220211). * CVE-2023-6546: Fixed a race condition that could lead to a use-after-free in the GSM 0710 tty multiplexor (bsc#1222685). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP3 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2024-1737=1 SUSE-SLE- Module-Live-Patching-15-SP3-2024-1734=1 SUSE-SLE-Module-Live- Patching-15-SP3-2024-1736=1 * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-1734=1 SUSE-2024-1736=1 SUSE-2024-1737=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_127-default-11-150300.2.1 * kernel-livepatch-5_3_18-150300_59_124-default-12-150300.2.1 * kernel-livepatch-5_3_18-150300_59_121-default-14-150300.2.1 * openSUSE Leap 15.3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_124-default-12-150300.2.1 * kernel-livepatch-5_3_18-150300_59_127-default-debuginfo-11-150300.2.1 * kernel-livepatch-5_3_18-150300_59_121-default-14-150300.2.1 * kernel-livepatch-5_3_18-150300_59_127-default-11-150300.2.1 * kernel-livepatch-SLE15-SP3_Update_32-debugsource-14-150300.2.1 * kernel-livepatch-5_3_18-150300_59_124-default-debuginfo-12-150300.2.1 * kernel-livepatch-SLE15-SP3_Update_34-debugsource-11-150300.2.1 * kernel-livepatch-SLE15-SP3_Update_33-debugsource-12-150300.2.1 * kernel-livepatch-5_3_18-150300_59_121-default-debuginfo-14-150300.2.1 * openSUSE Leap 15.3 (x86_64) * kernel-livepatch-5_3_18-150300_59_127-preempt-11-150300.2.1 * kernel-livepatch-5_3_18-150300_59_124-preempt-12-150300.2.1 * kernel-livepatch-5_3_18-150300_59_124-preempt-debuginfo-12-150300.2.1 * kernel-livepatch-5_3_18-150300_59_121-preempt-14-150300.2.1 * kernel-livepatch-5_3_18-150300_59_121-preempt-debuginfo-14-150300.2.1 * kernel-livepatch-5_3_18-150300_59_127-preempt-debuginfo-11-150300.2.1 ## References: * https://www.suse.com/security/cve/CVE-2022-48651.html * https://www.suse.com/security/cve/CVE-2023-52502.html * https://www.suse.com/security/cve/CVE-2023-6546.html * https://www.suse.com/security/cve/CVE-2023-6931.html * https://www.suse.com/security/cve/CVE-2024-26585.html * https://www.suse.com/security/cve/CVE-2024-26610.html * https://bugzilla.suse.com/show_bug.cgi?id=1216644 * https://bugzilla.suse.com/show_bug.cgi?id=1218259 * https://bugzilla.suse.com/show_bug.cgi?id=1220211 * https://bugzilla.suse.com/show_bug.cgi?id=1220832 * https://bugzilla.suse.com/show_bug.cgi?id=1221302 * https://bugzilla.suse.com/show_bug.cgi?id=1222685 * https://bugzilla.suse.com/show_bug.cgi?id=1223514 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 22 12:30:02 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 22 May 2024 12:30:02 -0000 Subject: SUSE-SU-2024:1753-1: important: Security update for the Linux Kernel (Live Patch 24 for SLE 15 SP4) Message-ID: <171638100281.8019.4872897706598604337@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 24 for SLE 15 SP4) Announcement ID: SUSE-SU-2024:1753-1 Rating: important References: * bsc#1220832 * bsc#1221302 * bsc#1222685 * bsc#1222882 * bsc#1223514 Cross-References: * CVE-2022-48651 * CVE-2023-52502 * CVE-2023-6546 * CVE-2024-26610 * CVE-2024-26766 CVSS scores: * CVE-2022-48651 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52502 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26610 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-26766 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves five vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150400_24_111 fixes several issues. The following security issues were fixed: * CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221302). * CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223514). * CVE-2024-26766: Fixed SDMA off-by-one error in _pad_sdma_tx_descs() (bsc#1222882). * CVE-2023-52502: Fixed a race condition in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() (bsc#1220832). * CVE-2023-6546: Fixed a race condition that could lead to a use-after-free in the GSM 0710 tty multiplexor (bsc#1222685). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-1753=1 * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2024-1753=1 ## Package List: * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_111-default-debuginfo-2-150400.9.6.1 * kernel-livepatch-5_14_21-150400_24_111-default-2-150400.9.6.1 * kernel-livepatch-SLE15-SP4_Update_24-debugsource-2-150400.9.6.1 * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_111-default-debuginfo-2-150400.9.6.1 * kernel-livepatch-5_14_21-150400_24_111-default-2-150400.9.6.1 * kernel-livepatch-SLE15-SP4_Update_24-debugsource-2-150400.9.6.1 ## References: * https://www.suse.com/security/cve/CVE-2022-48651.html * https://www.suse.com/security/cve/CVE-2023-52502.html * https://www.suse.com/security/cve/CVE-2023-6546.html * https://www.suse.com/security/cve/CVE-2024-26610.html * https://www.suse.com/security/cve/CVE-2024-26766.html * https://bugzilla.suse.com/show_bug.cgi?id=1220832 * https://bugzilla.suse.com/show_bug.cgi?id=1221302 * https://bugzilla.suse.com/show_bug.cgi?id=1222685 * https://bugzilla.suse.com/show_bug.cgi?id=1222882 * https://bugzilla.suse.com/show_bug.cgi?id=1223514 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 22 12:30:05 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 22 May 2024 12:30:05 -0000 Subject: SUSE-SU-2024:1751-1: important: Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP5) Message-ID: <171638100549.8019.5924251206491811368@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP5) Announcement ID: SUSE-SU-2024:1751-1 Rating: important References: * bsc#1216644 * bsc#1218259 * bsc#1220211 * bsc#1220832 * bsc#1221302 * bsc#1222685 * bsc#1223514 Cross-References: * CVE-2022-48651 * CVE-2023-52502 * CVE-2023-6546 * CVE-2023-6931 * CVE-2024-26585 * CVE-2024-26610 CVSS scores: * CVE-2022-48651 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52502 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6931 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6931 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26585 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26585 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26610 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves six vulnerabilities and has one security fix can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_53 fixes several issues. The following security issues were fixed: * CVE-2023-6931: Fixed a heap out-of-bounds write vulnerability in perf_read_group() (bsc#1216644). * CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221302). * CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223514). * CVE-2023-52502: Fixed a race condition in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() (bsc#1220832). * CVE-2024-26585: Fixed race between tx work scheduling and socket close for tls (bsc#1220211). * CVE-2023-6546: Fixed a race condition that could lead to a use-after-free in the GSM 0710 tty multiplexor (bsc#1222685). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-1751=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-1751=1 ## Package List: * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_53-default-12-150500.6.1 * kernel-livepatch-5_14_21-150500_53-default-debuginfo-12-150500.6.1 * kernel-livepatch-SLE15-SP5_Update_0-debugsource-12-150500.6.1 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_53-default-12-150500.6.1 * kernel-livepatch-5_14_21-150500_53-default-debuginfo-12-150500.6.1 * kernel-livepatch-SLE15-SP5_Update_0-debugsource-12-150500.6.1 ## References: * https://www.suse.com/security/cve/CVE-2022-48651.html * https://www.suse.com/security/cve/CVE-2023-52502.html * https://www.suse.com/security/cve/CVE-2023-6546.html * https://www.suse.com/security/cve/CVE-2023-6931.html * https://www.suse.com/security/cve/CVE-2024-26585.html * https://www.suse.com/security/cve/CVE-2024-26610.html * https://bugzilla.suse.com/show_bug.cgi?id=1216644 * https://bugzilla.suse.com/show_bug.cgi?id=1218259 * https://bugzilla.suse.com/show_bug.cgi?id=1220211 * https://bugzilla.suse.com/show_bug.cgi?id=1220832 * https://bugzilla.suse.com/show_bug.cgi?id=1221302 * https://bugzilla.suse.com/show_bug.cgi?id=1222685 * https://bugzilla.suse.com/show_bug.cgi?id=1223514 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 22 12:30:07 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 22 May 2024 12:30:07 -0000 Subject: SUSE-SU-2024:1750-1: important: Security update for the Linux Kernel (Live Patch 25 for SLE 15 SP4) Message-ID: <171638100763.8019.7964755991188931176@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 25 for SLE 15 SP4) Announcement ID: SUSE-SU-2024:1750-1 Rating: important References: * bsc#1221302 * bsc#1222882 * bsc#1223514 Cross-References: * CVE-2022-48651 * CVE-2024-26610 * CVE-2024-26766 CVSS scores: * CVE-2022-48651 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26610 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-26766 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves three vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150400_24_116 fixes several issues. The following security issues were fixed: * CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221302). * CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223514). * CVE-2024-26766: Fixed SDMA off-by-one error in _pad_sdma_tx_descs() (bsc#1222882). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-1750=1 * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2024-1750=1 ## Package List: * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_116-default-debuginfo-2-150400.9.8.1 * kernel-livepatch-5_14_21-150400_24_116-default-2-150400.9.8.1 * kernel-livepatch-SLE15-SP4_Update_25-debugsource-2-150400.9.8.1 * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_116-default-debuginfo-2-150400.9.8.1 * kernel-livepatch-5_14_21-150400_24_116-default-2-150400.9.8.1 * kernel-livepatch-SLE15-SP4_Update_25-debugsource-2-150400.9.8.1 ## References: * https://www.suse.com/security/cve/CVE-2022-48651.html * https://www.suse.com/security/cve/CVE-2024-26610.html * https://www.suse.com/security/cve/CVE-2024-26766.html * https://bugzilla.suse.com/show_bug.cgi?id=1221302 * https://bugzilla.suse.com/show_bug.cgi?id=1222882 * https://bugzilla.suse.com/show_bug.cgi?id=1223514 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 22 12:30:11 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 22 May 2024 12:30:11 -0000 Subject: SUSE-SU-2024:1749-1: important: Security update for the Linux Kernel (Live Patch 23 for SLE 15 SP4) Message-ID: <171638101173.8019.6052513081499436524@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 23 for SLE 15 SP4) Announcement ID: SUSE-SU-2024:1749-1 Rating: important References: * bsc#1219296 * bsc#1220211 * bsc#1220828 * bsc#1220832 * bsc#1221302 * bsc#1222685 * bsc#1222882 * bsc#1223514 Cross-References: * CVE-2022-48651 * CVE-2023-52340 * CVE-2023-52502 * CVE-2023-6546 * CVE-2024-26585 * CVE-2024-26610 * CVE-2024-26622 * CVE-2024-26766 CVSS scores: * CVE-2022-48651 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52340 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52502 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26585 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26585 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26610 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-26622 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26766 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves eight vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150400_24_108 fixes several issues. The following security issues were fixed: * CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221302). * CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223514). * CVE-2024-26766: Fixed SDMA off-by-one error in _pad_sdma_tx_descs() (bsc#1222882). * CVE-2023-52502: Fixed a race condition in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() (bsc#1220832). * CVE-2024-26585: Fixed race between tx work scheduling and socket close for tls (bsc#1220211). * CVE-2023-6546: Fixed a race condition that could lead to a use-after-free in the GSM 0710 tty multiplexor (bsc#1222685). * CVE-2024-26622: Fixed a use-after-free with tomoyo_write_control() (bsc#1220828). * CVE-2023-52340: Fixed a denial of service related to ICMPv6 'Packet Too Big' packets (bsc#1219296). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2024-1749=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-1749=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_108-default-debuginfo-4-150400.9.8.1 * kernel-livepatch-SLE15-SP4_Update_23-debugsource-4-150400.9.8.1 * kernel-livepatch-5_14_21-150400_24_108-default-4-150400.9.8.1 * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_108-default-debuginfo-4-150400.9.8.1 * kernel-livepatch-SLE15-SP4_Update_23-debugsource-4-150400.9.8.1 * kernel-livepatch-5_14_21-150400_24_108-default-4-150400.9.8.1 ## References: * https://www.suse.com/security/cve/CVE-2022-48651.html * https://www.suse.com/security/cve/CVE-2023-52340.html * https://www.suse.com/security/cve/CVE-2023-52502.html * https://www.suse.com/security/cve/CVE-2023-6546.html * https://www.suse.com/security/cve/CVE-2024-26585.html * https://www.suse.com/security/cve/CVE-2024-26610.html * https://www.suse.com/security/cve/CVE-2024-26622.html * https://www.suse.com/security/cve/CVE-2024-26766.html * https://bugzilla.suse.com/show_bug.cgi?id=1219296 * https://bugzilla.suse.com/show_bug.cgi?id=1220211 * https://bugzilla.suse.com/show_bug.cgi?id=1220828 * https://bugzilla.suse.com/show_bug.cgi?id=1220832 * https://bugzilla.suse.com/show_bug.cgi?id=1221302 * https://bugzilla.suse.com/show_bug.cgi?id=1222685 * https://bugzilla.suse.com/show_bug.cgi?id=1222882 * https://bugzilla.suse.com/show_bug.cgi?id=1223514 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 22 12:30:14 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 22 May 2024 12:30:14 -0000 Subject: SUSE-SU-2024:1746-1: important: Security update for the Linux Kernel (Live Patch 40 for SLE 15 SP3) Message-ID: <171638101424.8019.14250417188796441424@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 40 for SLE 15 SP3) Announcement ID: SUSE-SU-2024:1746-1 Rating: important References: * bsc#1220211 * bsc#1220832 * bsc#1221302 * bsc#1222685 * bsc#1223514 Cross-References: * CVE-2022-48651 * CVE-2023-52502 * CVE-2023-6546 * CVE-2024-26585 * CVE-2024-26610 CVSS scores: * CVE-2022-48651 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52502 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26585 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26585 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26610 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise Live Patching 15-SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves five vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.3.18-150300_59_147 fixes several issues. The following security issues were fixed: * CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221302). * CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223514). * CVE-2023-52502: Fixed a race condition in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() (bsc#1220832). * CVE-2024-26585: Fixed race between tx work scheduling and socket close for tls (bsc#1220211). * CVE-2023-6546: Fixed a race condition that could lead to a use-after-free in the GSM 0710 tty multiplexor (bsc#1222685). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-1746=1 SUSE-2024-1747=1 * SUSE Linux Enterprise Live Patching 15-SP3 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2024-1746=1 SUSE-SLE- Module-Live-Patching-15-SP3-2024-1747=1 ## Package List: * openSUSE Leap 15.3 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP3_Update_40-debugsource-7-150300.2.1 * kernel-livepatch-5_3_18-150300_59_144-default-7-150300.2.1 * kernel-livepatch-5_3_18-150300_59_144-default-debuginfo-7-150300.2.1 * kernel-livepatch-5_3_18-150300_59_147-default-debuginfo-7-150300.2.1 * kernel-livepatch-SLE15-SP3_Update_39-debugsource-7-150300.2.1 * kernel-livepatch-5_3_18-150300_59_147-default-7-150300.2.1 * openSUSE Leap 15.3 (x86_64) * kernel-livepatch-5_3_18-150300_59_147-preempt-debuginfo-7-150300.2.1 * kernel-livepatch-5_3_18-150300_59_144-preempt-debuginfo-7-150300.2.1 * kernel-livepatch-5_3_18-150300_59_147-preempt-7-150300.2.1 * kernel-livepatch-5_3_18-150300_59_144-preempt-7-150300.2.1 * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_144-default-7-150300.2.1 * kernel-livepatch-5_3_18-150300_59_147-default-7-150300.2.1 ## References: * https://www.suse.com/security/cve/CVE-2022-48651.html * https://www.suse.com/security/cve/CVE-2023-52502.html * https://www.suse.com/security/cve/CVE-2023-6546.html * https://www.suse.com/security/cve/CVE-2024-26585.html * https://www.suse.com/security/cve/CVE-2024-26610.html * https://bugzilla.suse.com/show_bug.cgi?id=1220211 * https://bugzilla.suse.com/show_bug.cgi?id=1220832 * https://bugzilla.suse.com/show_bug.cgi?id=1221302 * https://bugzilla.suse.com/show_bug.cgi?id=1222685 * https://bugzilla.suse.com/show_bug.cgi?id=1223514 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 22 12:30:17 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 22 May 2024 12:30:17 -0000 Subject: SUSE-SU-2024:1748-1: important: Security update for the Linux Kernel (Live Patch 3 for SLE 15 SP5) Message-ID: <171638101702.8019.10927866475277842334@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 3 for SLE 15 SP5) Announcement ID: SUSE-SU-2024:1748-1 Rating: important References: * bsc#1216644 * bsc#1218259 * bsc#1220211 * bsc#1220832 * bsc#1221302 * bsc#1222685 * bsc#1222882 * bsc#1223514 Cross-References: * CVE-2022-48651 * CVE-2023-52502 * CVE-2023-6546 * CVE-2023-6931 * CVE-2024-26585 * CVE-2024-26610 * CVE-2024-26766 CVSS scores: * CVE-2022-48651 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52502 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6931 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6931 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26585 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26585 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26610 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-26766 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves seven vulnerabilities and has one security fix can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_55_19 fixes several issues. The following security issues were fixed: * CVE-2023-6931: Fixed a heap out-of-bounds write vulnerability in perf_read_group() (bsc#1216644). * CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221302). * CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223514). * CVE-2024-26766: Fixed SDMA off-by-one error in _pad_sdma_tx_descs() (bsc#1222882). * CVE-2023-52502: Fixed a race condition in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() (bsc#1220832). * CVE-2024-26585: Fixed race between tx work scheduling and socket close for tls (bsc#1220211). * CVE-2023-6546: Fixed a race condition that could lead to a use-after-free in the GSM 0710 tty multiplexor (bsc#1222685). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-1743=1 SUSE-2024-1744=1 SUSE-2024-1745=1 SUSE-2024-1748=1 * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2024-1748=1 SUSE-SLE- Module-Live-Patching-15-SP4-2024-1743=1 SUSE-SLE-Module-Live- Patching-15-SP4-2024-1744=1 SUSE-SLE-Module-Live-Patching-15-SP4-2024-1745=1 * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-1754=1 SUSE-2024-1752=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-1752=1 SUSE-SLE- Module-Live-Patching-15-SP5-2024-1754=1 ## Package List: * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_81-default-debuginfo-10-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_13-debugsource-12-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_12-debugsource-14-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_16-debugsource-10-150400.2.1 * kernel-livepatch-5_14_21-150400_24_66-default-debuginfo-12-150400.2.1 * kernel-livepatch-5_14_21-150400_24_66-default-12-150400.2.1 * kernel-livepatch-5_14_21-150400_24_63-default-14-150400.2.1 * kernel-livepatch-5_14_21-150400_24_74-default-debuginfo-11-150400.2.1 * kernel-livepatch-5_14_21-150400_24_74-default-11-150400.2.1 * kernel-livepatch-5_14_21-150400_24_81-default-10-150400.2.1 * kernel-livepatch-5_14_21-150400_24_63-default-debuginfo-14-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_15-debugsource-11-150400.2.1 * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_81-default-debuginfo-10-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_13-debugsource-12-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_12-debugsource-14-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_16-debugsource-10-150400.2.1 * kernel-livepatch-5_14_21-150400_24_66-default-debuginfo-12-150400.2.1 * kernel-livepatch-5_14_21-150400_24_66-default-12-150400.2.1 * kernel-livepatch-5_14_21-150400_24_63-default-14-150400.2.1 * kernel-livepatch-5_14_21-150400_24_74-default-debuginfo-11-150400.2.1 * kernel-livepatch-5_14_21-150400_24_74-default-11-150400.2.1 * kernel-livepatch-5_14_21-150400_24_81-default-10-150400.2.1 * kernel-livepatch-5_14_21-150400_24_63-default-debuginfo-14-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_15-debugsource-11-150400.2.1 * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP5_Update_2-debugsource-11-150500.2.1 * kernel-livepatch-5_14_21-150500_55_19-default-debuginfo-10-150500.2.1 * kernel-livepatch-5_14_21-150500_55_12-default-debuginfo-11-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_3-debugsource-10-150500.2.1 * kernel-livepatch-5_14_21-150500_55_12-default-11-150500.2.1 * kernel-livepatch-5_14_21-150500_55_19-default-10-150500.2.1 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP5_Update_2-debugsource-11-150500.2.1 * kernel-livepatch-5_14_21-150500_55_19-default-debuginfo-10-150500.2.1 * kernel-livepatch-5_14_21-150500_55_12-default-debuginfo-11-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_3-debugsource-10-150500.2.1 * kernel-livepatch-5_14_21-150500_55_12-default-11-150500.2.1 * kernel-livepatch-5_14_21-150500_55_19-default-10-150500.2.1 ## References: * https://www.suse.com/security/cve/CVE-2022-48651.html * https://www.suse.com/security/cve/CVE-2023-52502.html * https://www.suse.com/security/cve/CVE-2023-6546.html * https://www.suse.com/security/cve/CVE-2023-6931.html * https://www.suse.com/security/cve/CVE-2024-26585.html * https://www.suse.com/security/cve/CVE-2024-26610.html * https://www.suse.com/security/cve/CVE-2024-26766.html * https://bugzilla.suse.com/show_bug.cgi?id=1216644 * https://bugzilla.suse.com/show_bug.cgi?id=1218259 * https://bugzilla.suse.com/show_bug.cgi?id=1220211 * https://bugzilla.suse.com/show_bug.cgi?id=1220832 * https://bugzilla.suse.com/show_bug.cgi?id=1221302 * https://bugzilla.suse.com/show_bug.cgi?id=1222685 * https://bugzilla.suse.com/show_bug.cgi?id=1222882 * https://bugzilla.suse.com/show_bug.cgi?id=1223514 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 22 12:30:19 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 22 May 2024 12:30:19 -0000 Subject: SUSE-SU-2024:1742-1: important: Security update for the Linux Kernel (Live Patch 41 for SLE 15 SP2) Message-ID: <171638101975.8019.7347123954800205812@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 41 for SLE 15 SP2) Announcement ID: SUSE-SU-2024:1742-1 Rating: important References: * bsc#1216644 * bsc#1218259 * bsc#1220211 * bsc#1220832 * bsc#1222685 * bsc#1223514 Cross-References: * CVE-2022-48651 * CVE-2023-52502 * CVE-2023-6546 * CVE-2023-6931 * CVE-2024-26585 CVSS scores: * CVE-2022-48651 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52502 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6931 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6931 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26585 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26585 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise Live Patching 15-SP2 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 An update that solves five vulnerabilities and has one security fix can now be installed. ## Description: This update for the Linux Kernel 5.3.18-150200_24_166 fixes several issues. The following security issues were fixed: * CVE-2023-6931: Fixed a heap out-of-bounds write vulnerability in perf_read_group() (bsc#1216644). * CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223514). * CVE-2023-52502: Fixed a race condition in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() (bsc#1220832). * CVE-2024-26585: Fixed race between tx work scheduling and socket close for tls (bsc#1220211). * CVE-2023-6546: Fixed a race condition that could lead to a use-after-free in the GSM 0710 tty multiplexor (bsc#1222685). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP2 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP2-2024-1742=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP2 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150200_24_166-default-debuginfo-9-150200.2.1 * kernel-livepatch-5_3_18-150200_24_166-default-9-150200.2.1 * kernel-livepatch-SLE15-SP2_Update_41-debugsource-9-150200.2.1 ## References: * https://www.suse.com/security/cve/CVE-2022-48651.html * https://www.suse.com/security/cve/CVE-2023-52502.html * https://www.suse.com/security/cve/CVE-2023-6546.html * https://www.suse.com/security/cve/CVE-2023-6931.html * https://www.suse.com/security/cve/CVE-2024-26585.html * https://bugzilla.suse.com/show_bug.cgi?id=1216644 * https://bugzilla.suse.com/show_bug.cgi?id=1218259 * https://bugzilla.suse.com/show_bug.cgi?id=1220211 * https://bugzilla.suse.com/show_bug.cgi?id=1220832 * https://bugzilla.suse.com/show_bug.cgi?id=1222685 * https://bugzilla.suse.com/show_bug.cgi?id=1223514 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 22 16:30:06 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 22 May 2024 16:30:06 -0000 Subject: SUSE-SU-2024:1760-1: important: Security update for the Linux Kernel (Live Patch 12 for SLE 15 SP5) Message-ID: <171639540607.32074.10091020447055759897@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 12 for SLE 15 SP5) Announcement ID: SUSE-SU-2024:1760-1 Rating: important References: * bsc#1221302 * bsc#1223514 Cross-References: * CVE-2022-48651 * CVE-2024-26610 CVSS scores: * CVE-2022-48651 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26610 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves two vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_55_59 fixes several issues. The following security issues were fixed: * CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221302). * CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223514). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-1760=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-1760=1 ## Package List: * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_59-default-debuginfo-2-150500.11.10.1 * kernel-livepatch-5_14_21-150500_55_59-default-2-150500.11.10.1 * kernel-livepatch-SLE15-SP5_Update_12-debugsource-2-150500.11.10.1 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_59-default-debuginfo-2-150500.11.10.1 * kernel-livepatch-5_14_21-150500_55_59-default-2-150500.11.10.1 * kernel-livepatch-SLE15-SP5_Update_12-debugsource-2-150500.11.10.1 ## References: * https://www.suse.com/security/cve/CVE-2022-48651.html * https://www.suse.com/security/cve/CVE-2024-26610.html * https://bugzilla.suse.com/show_bug.cgi?id=1221302 * https://bugzilla.suse.com/show_bug.cgi?id=1223514 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 22 16:30:10 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 22 May 2024 16:30:10 -0000 Subject: SUSE-SU-2024:1759-1: important: Security update for the Linux Kernel (Live Patch 9 for SLE 15 SP5) Message-ID: <171639541044.32074.13294442361867399970@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 9 for SLE 15 SP5) Announcement ID: SUSE-SU-2024:1759-1 Rating: important References: * bsc#1220211 * bsc#1220832 * bsc#1221302 * bsc#1222685 * bsc#1222882 * bsc#1223514 Cross-References: * CVE-2022-48651 * CVE-2023-52502 * CVE-2023-6546 * CVE-2024-26585 * CVE-2024-26610 * CVE-2024-26766 CVSS scores: * CVE-2022-48651 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52502 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26585 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26585 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26610 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-26766 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves six vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_55_44 fixes several issues. The following security issues were fixed: * CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221302). * CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223514). * CVE-2024-26766: Fixed SDMA off-by-one error in _pad_sdma_tx_descs() (bsc#1222882). * CVE-2023-52502: Fixed a race condition in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() (bsc#1220832). * CVE-2024-26585: Fixed race between tx work scheduling and socket close for tls (bsc#1220211). * CVE-2023-6546: Fixed a race condition that could lead to a use-after-free in the GSM 0710 tty multiplexor (bsc#1222685). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-1759=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-1759=1 ## Package List: * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP5_Update_9-debugsource-6-150500.2.1 * kernel-livepatch-5_14_21-150500_55_44-default-debuginfo-6-150500.2.1 * kernel-livepatch-5_14_21-150500_55_44-default-6-150500.2.1 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP5_Update_9-debugsource-6-150500.2.1 * kernel-livepatch-5_14_21-150500_55_44-default-debuginfo-6-150500.2.1 * kernel-livepatch-5_14_21-150500_55_44-default-6-150500.2.1 ## References: * https://www.suse.com/security/cve/CVE-2022-48651.html * https://www.suse.com/security/cve/CVE-2023-52502.html * https://www.suse.com/security/cve/CVE-2023-6546.html * https://www.suse.com/security/cve/CVE-2024-26585.html * https://www.suse.com/security/cve/CVE-2024-26610.html * https://www.suse.com/security/cve/CVE-2024-26766.html * https://bugzilla.suse.com/show_bug.cgi?id=1220211 * https://bugzilla.suse.com/show_bug.cgi?id=1220832 * https://bugzilla.suse.com/show_bug.cgi?id=1221302 * https://bugzilla.suse.com/show_bug.cgi?id=1222685 * https://bugzilla.suse.com/show_bug.cgi?id=1222882 * https://bugzilla.suse.com/show_bug.cgi?id=1223514 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 22 16:30:14 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 22 May 2024 16:30:14 -0000 Subject: SUSE-SU-2024:1757-1: important: Security update for the Linux Kernel (Live Patch 7 for SLE 15 SP5) Message-ID: <171639541433.32074.3092494370544378823@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 7 for SLE 15 SP5) Announcement ID: SUSE-SU-2024:1757-1 Rating: important References: * bsc#1216644 * bsc#1218259 * bsc#1220211 * bsc#1220832 * bsc#1221302 * bsc#1222685 * bsc#1222882 * bsc#1223514 Cross-References: * CVE-2022-48651 * CVE-2023-52502 * CVE-2023-6546 * CVE-2023-6931 * CVE-2024-26585 * CVE-2024-26610 * CVE-2024-26766 CVSS scores: * CVE-2022-48651 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52502 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6931 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6931 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26585 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26585 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26610 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-26766 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves seven vulnerabilities and has one security fix can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_55_36 fixes several issues. The following security issues were fixed: * CVE-2023-6931: Fixed a heap out-of-bounds write vulnerability in perf_read_group() (bsc#1216644). * CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221302). * CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223514). * CVE-2024-26766: Fixed SDMA off-by-one error in _pad_sdma_tx_descs() (bsc#1222882). * CVE-2023-52502: Fixed a race condition in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() (bsc#1220832). * CVE-2024-26585: Fixed race between tx work scheduling and socket close for tls (bsc#1220211). * CVE-2023-6546: Fixed a race condition that could lead to a use-after-free in the GSM 0710 tty multiplexor (bsc#1222685). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-1757=1 * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2024-1757=1 * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-1756=1 SUSE-2024-1755=1 SUSE-2024-1758=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-1756=1 SUSE-SLE- Module-Live-Patching-15-SP5-2024-1755=1 SUSE-SLE-Module-Live- Patching-15-SP5-2024-1758=1 ## Package List: * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_92-default-8-150400.2.1 * kernel-livepatch-5_14_21-150400_24_92-default-debuginfo-8-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_19-debugsource-8-150400.2.1 * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_92-default-8-150400.2.1 * kernel-livepatch-5_14_21-150400_24_92-default-debuginfo-8-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_19-debugsource-8-150400.2.1 * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_28-default-debuginfo-9-150500.2.1 * kernel-livepatch-5_14_21-150500_55_36-default-debuginfo-7-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_6-debugsource-8-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_7-debugsource-7-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_5-debugsource-9-150500.2.1 * kernel-livepatch-5_14_21-150500_55_36-default-7-150500.2.1 * kernel-livepatch-5_14_21-150500_55_28-default-9-150500.2.1 * kernel-livepatch-5_14_21-150500_55_31-default-debuginfo-8-150500.2.1 * kernel-livepatch-5_14_21-150500_55_31-default-8-150500.2.1 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_28-default-debuginfo-9-150500.2.1 * kernel-livepatch-5_14_21-150500_55_36-default-debuginfo-7-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_6-debugsource-8-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_7-debugsource-7-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_5-debugsource-9-150500.2.1 * kernel-livepatch-5_14_21-150500_55_36-default-7-150500.2.1 * kernel-livepatch-5_14_21-150500_55_28-default-9-150500.2.1 * kernel-livepatch-5_14_21-150500_55_31-default-debuginfo-8-150500.2.1 * kernel-livepatch-5_14_21-150500_55_31-default-8-150500.2.1 ## References: * https://www.suse.com/security/cve/CVE-2022-48651.html * https://www.suse.com/security/cve/CVE-2023-52502.html * https://www.suse.com/security/cve/CVE-2023-6546.html * https://www.suse.com/security/cve/CVE-2023-6931.html * https://www.suse.com/security/cve/CVE-2024-26585.html * https://www.suse.com/security/cve/CVE-2024-26610.html * https://www.suse.com/security/cve/CVE-2024-26766.html * https://bugzilla.suse.com/show_bug.cgi?id=1216644 * https://bugzilla.suse.com/show_bug.cgi?id=1218259 * https://bugzilla.suse.com/show_bug.cgi?id=1220211 * https://bugzilla.suse.com/show_bug.cgi?id=1220832 * https://bugzilla.suse.com/show_bug.cgi?id=1221302 * https://bugzilla.suse.com/show_bug.cgi?id=1222685 * https://bugzilla.suse.com/show_bug.cgi?id=1222882 * https://bugzilla.suse.com/show_bug.cgi?id=1223514 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 22 16:30:17 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 22 May 2024 16:30:17 -0000 Subject: SUSE-SU-2024:1762-1: important: Security update for perl Message-ID: <171639541707.32074.13899899090589897528@smelt2.prg2.suse.org> # Security update for perl Announcement ID: SUSE-SU-2024:1762-1 Rating: important References: * bsc#1082216 * bsc#1082233 * bsc#1213638 Cross-References: * CVE-2018-6798 * CVE-2018-6913 CVSS scores: * CVE-2018-6798 ( NVD ): 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2018-6913 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2018-6913 ( NVD ): 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP5 * Basesystem Module 15-SP6 * Development Tools Module 15-SP5 * Development Tools Module 15-SP6 * openSUSE Leap 15.3 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * openSUSE Leap Micro 5.3 * openSUSE Leap Micro 5.4 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 * SUSE Package Hub 15 15-SP5 * SUSE Package Hub 15 15-SP6 An update that solves two vulnerabilities and has one security fix can now be installed. ## Description: This update for perl fixes the following issues: Security issues fixed: * CVE-2018-6913: Fixed space calculation issues in pp_pack.c (bsc#1082216) * CVE-2018-6798: Fixed heap buffer overflow in regexec.c (bsc#1082233) Non-security issue fixed: * make Net::FTP work with TLS 1.3 (bsc#1213638) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-1762=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-1762=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-1762=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-1762=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-1762=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-1762=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-1762=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-1762=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-1762=1 * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-1762=1 * openSUSE Leap Micro 5.3 zypper in -t patch openSUSE-Leap-Micro-5.3-2024-1762=1 * openSUSE Leap Micro 5.4 zypper in -t patch openSUSE-Leap-Micro-5.4-2024-1762=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1762=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-1762=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-1762=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-1762=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-1762=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-1762=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-1762=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-1762=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-1762=1 * Development Tools Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2024-1762=1 * Development Tools Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2024-1762=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-1762=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-1762=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-1762=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-1762=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-1762=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-1762=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-1762=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-1762=1 ## Package List: * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * perl-5.26.1-150300.17.17.1 * perl-core-DB_File-5.26.1-150300.17.17.1 * perl-base-debuginfo-5.26.1-150300.17.17.1 * perl-debuginfo-5.26.1-150300.17.17.1 * perl-core-DB_File-debuginfo-5.26.1-150300.17.17.1 * perl-base-5.26.1-150300.17.17.1 * perl-debugsource-5.26.1-150300.17.17.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * perl-doc-5.26.1-150300.17.17.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (x86_64) * perl-base-32bit-debuginfo-5.26.1-150300.17.17.1 * perl-32bit-debuginfo-5.26.1-150300.17.17.1 * perl-base-32bit-5.26.1-150300.17.17.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * perl-5.26.1-150300.17.17.1 * perl-core-DB_File-5.26.1-150300.17.17.1 * perl-base-debuginfo-5.26.1-150300.17.17.1 * perl-debuginfo-5.26.1-150300.17.17.1 * perl-core-DB_File-debuginfo-5.26.1-150300.17.17.1 * perl-base-5.26.1-150300.17.17.1 * perl-debugsource-5.26.1-150300.17.17.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * perl-doc-5.26.1-150300.17.17.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64) * perl-base-32bit-debuginfo-5.26.1-150300.17.17.1 * perl-32bit-debuginfo-5.26.1-150300.17.17.1 * perl-base-32bit-5.26.1-150300.17.17.1 * SUSE Manager Proxy 4.3 (x86_64) * perl-5.26.1-150300.17.17.1 * perl-core-DB_File-5.26.1-150300.17.17.1 * perl-base-32bit-5.26.1-150300.17.17.1 * perl-base-debuginfo-5.26.1-150300.17.17.1 * perl-debuginfo-5.26.1-150300.17.17.1 * perl-core-DB_File-debuginfo-5.26.1-150300.17.17.1 * perl-base-5.26.1-150300.17.17.1 * perl-base-32bit-debuginfo-5.26.1-150300.17.17.1 * perl-32bit-debuginfo-5.26.1-150300.17.17.1 * perl-debugsource-5.26.1-150300.17.17.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * perl-5.26.1-150300.17.17.1 * perl-core-DB_File-5.26.1-150300.17.17.1 * perl-base-32bit-5.26.1-150300.17.17.1 * perl-base-debuginfo-5.26.1-150300.17.17.1 * perl-debuginfo-5.26.1-150300.17.17.1 * perl-core-DB_File-debuginfo-5.26.1-150300.17.17.1 * perl-base-5.26.1-150300.17.17.1 * perl-base-32bit-debuginfo-5.26.1-150300.17.17.1 * perl-32bit-debuginfo-5.26.1-150300.17.17.1 * perl-debugsource-5.26.1-150300.17.17.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * perl-5.26.1-150300.17.17.1 * perl-core-DB_File-5.26.1-150300.17.17.1 * perl-base-debuginfo-5.26.1-150300.17.17.1 * perl-debuginfo-5.26.1-150300.17.17.1 * perl-core-DB_File-debuginfo-5.26.1-150300.17.17.1 * perl-base-5.26.1-150300.17.17.1 * perl-debugsource-5.26.1-150300.17.17.1 * SUSE Manager Server 4.3 (x86_64) * perl-base-32bit-debuginfo-5.26.1-150300.17.17.1 * perl-32bit-debuginfo-5.26.1-150300.17.17.1 * perl-base-32bit-5.26.1-150300.17.17.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * perl-5.26.1-150300.17.17.1 * perl-core-DB_File-5.26.1-150300.17.17.1 * perl-base-debuginfo-5.26.1-150300.17.17.1 * perl-debuginfo-5.26.1-150300.17.17.1 * perl-core-DB_File-debuginfo-5.26.1-150300.17.17.1 * perl-base-5.26.1-150300.17.17.1 * perl-debugsource-5.26.1-150300.17.17.1 * SUSE Enterprise Storage 7.1 (noarch) * perl-doc-5.26.1-150300.17.17.1 * SUSE Enterprise Storage 7.1 (x86_64) * perl-base-32bit-debuginfo-5.26.1-150300.17.17.1 * perl-32bit-debuginfo-5.26.1-150300.17.17.1 * perl-base-32bit-5.26.1-150300.17.17.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * perl-5.26.1-150300.17.17.1 * perl-base-debuginfo-5.26.1-150300.17.17.1 * perl-debuginfo-5.26.1-150300.17.17.1 * perl-base-5.26.1-150300.17.17.1 * perl-debugsource-5.26.1-150300.17.17.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * perl-5.26.1-150300.17.17.1 * perl-base-debuginfo-5.26.1-150300.17.17.1 * perl-debuginfo-5.26.1-150300.17.17.1 * perl-base-5.26.1-150300.17.17.1 * perl-debugsource-5.26.1-150300.17.17.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * perl-5.26.1-150300.17.17.1 * perl-base-debuginfo-5.26.1-150300.17.17.1 * perl-debuginfo-5.26.1-150300.17.17.1 * perl-base-5.26.1-150300.17.17.1 * perl-debugsource-5.26.1-150300.17.17.1 * openSUSE Leap 15.3 (x86_64) * perl-base-32bit-5.26.1-150300.17.17.1 * perl-core-DB_File-32bit-debuginfo-5.26.1-150300.17.17.1 * perl-core-DB_File-32bit-5.26.1-150300.17.17.1 * perl-32bit-5.26.1-150300.17.17.1 * perl-base-32bit-debuginfo-5.26.1-150300.17.17.1 * perl-32bit-debuginfo-5.26.1-150300.17.17.1 * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * perl-5.26.1-150300.17.17.1 * perl-core-DB_File-5.26.1-150300.17.17.1 * perl-base-debuginfo-5.26.1-150300.17.17.1 * perl-debuginfo-5.26.1-150300.17.17.1 * perl-core-DB_File-debuginfo-5.26.1-150300.17.17.1 * perl-base-5.26.1-150300.17.17.1 * perl-debugsource-5.26.1-150300.17.17.1 * openSUSE Leap 15.3 (noarch) * perl-doc-5.26.1-150300.17.17.1 * openSUSE Leap 15.3 (aarch64_ilp32) * perl-core-DB_File-64bit-debuginfo-5.26.1-150300.17.17.1 * perl-base-64bit-debuginfo-5.26.1-150300.17.17.1 * perl-64bit-5.26.1-150300.17.17.1 * perl-64bit-debuginfo-5.26.1-150300.17.17.1 * perl-core-DB_File-64bit-5.26.1-150300.17.17.1 * perl-base-64bit-5.26.1-150300.17.17.1 * openSUSE Leap Micro 5.3 (aarch64 x86_64) * perl-5.26.1-150300.17.17.1 * perl-base-debuginfo-5.26.1-150300.17.17.1 * perl-debuginfo-5.26.1-150300.17.17.1 * perl-base-5.26.1-150300.17.17.1 * perl-debugsource-5.26.1-150300.17.17.1 * openSUSE Leap Micro 5.4 (aarch64 s390x x86_64) * perl-5.26.1-150300.17.17.1 * perl-base-debuginfo-5.26.1-150300.17.17.1 * perl-debuginfo-5.26.1-150300.17.17.1 * perl-base-5.26.1-150300.17.17.1 * perl-debugsource-5.26.1-150300.17.17.1 * openSUSE Leap 15.5 (x86_64) * perl-base-32bit-5.26.1-150300.17.17.1 * perl-core-DB_File-32bit-debuginfo-5.26.1-150300.17.17.1 * perl-core-DB_File-32bit-5.26.1-150300.17.17.1 * perl-32bit-5.26.1-150300.17.17.1 * perl-base-32bit-debuginfo-5.26.1-150300.17.17.1 * perl-32bit-debuginfo-5.26.1-150300.17.17.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * perl-5.26.1-150300.17.17.1 * perl-core-DB_File-5.26.1-150300.17.17.1 * perl-base-debuginfo-5.26.1-150300.17.17.1 * perl-debuginfo-5.26.1-150300.17.17.1 * perl-core-DB_File-debuginfo-5.26.1-150300.17.17.1 * perl-base-5.26.1-150300.17.17.1 * perl-debugsource-5.26.1-150300.17.17.1 * openSUSE Leap 15.5 (noarch) * perl-doc-5.26.1-150300.17.17.1 * openSUSE Leap 15.6 (x86_64) * perl-base-32bit-5.26.1-150300.17.17.1 * perl-core-DB_File-32bit-debuginfo-5.26.1-150300.17.17.1 * perl-core-DB_File-32bit-5.26.1-150300.17.17.1 * perl-32bit-5.26.1-150300.17.17.1 * perl-base-32bit-debuginfo-5.26.1-150300.17.17.1 * perl-32bit-debuginfo-5.26.1-150300.17.17.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * perl-5.26.1-150300.17.17.1 * perl-core-DB_File-5.26.1-150300.17.17.1 * perl-base-debuginfo-5.26.1-150300.17.17.1 * perl-debuginfo-5.26.1-150300.17.17.1 * perl-core-DB_File-debuginfo-5.26.1-150300.17.17.1 * perl-base-5.26.1-150300.17.17.1 * perl-debugsource-5.26.1-150300.17.17.1 * openSUSE Leap 15.6 (noarch) * perl-doc-5.26.1-150300.17.17.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * perl-5.26.1-150300.17.17.1 * perl-base-debuginfo-5.26.1-150300.17.17.1 * perl-debuginfo-5.26.1-150300.17.17.1 * perl-base-5.26.1-150300.17.17.1 * perl-debugsource-5.26.1-150300.17.17.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * perl-5.26.1-150300.17.17.1 * perl-base-debuginfo-5.26.1-150300.17.17.1 * perl-debuginfo-5.26.1-150300.17.17.1 * perl-base-5.26.1-150300.17.17.1 * perl-debugsource-5.26.1-150300.17.17.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * perl-5.26.1-150300.17.17.1 * perl-base-debuginfo-5.26.1-150300.17.17.1 * perl-debuginfo-5.26.1-150300.17.17.1 * perl-base-5.26.1-150300.17.17.1 * perl-debugsource-5.26.1-150300.17.17.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * perl-5.26.1-150300.17.17.1 * perl-base-debuginfo-5.26.1-150300.17.17.1 * perl-debuginfo-5.26.1-150300.17.17.1 * perl-base-5.26.1-150300.17.17.1 * perl-debugsource-5.26.1-150300.17.17.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 s390x x86_64) * perl-5.26.1-150300.17.17.1 * perl-base-debuginfo-5.26.1-150300.17.17.1 * perl-debuginfo-5.26.1-150300.17.17.1 * perl-base-5.26.1-150300.17.17.1 * perl-debugsource-5.26.1-150300.17.17.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * perl-5.26.1-150300.17.17.1 * perl-core-DB_File-5.26.1-150300.17.17.1 * perl-base-debuginfo-5.26.1-150300.17.17.1 * perl-debuginfo-5.26.1-150300.17.17.1 * perl-core-DB_File-debuginfo-5.26.1-150300.17.17.1 * perl-base-5.26.1-150300.17.17.1 * perl-debugsource-5.26.1-150300.17.17.1 * Basesystem Module 15-SP5 (x86_64) * perl-base-32bit-debuginfo-5.26.1-150300.17.17.1 * perl-32bit-debuginfo-5.26.1-150300.17.17.1 * perl-base-32bit-5.26.1-150300.17.17.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * perl-5.26.1-150300.17.17.1 * perl-core-DB_File-5.26.1-150300.17.17.1 * perl-base-debuginfo-5.26.1-150300.17.17.1 * perl-debuginfo-5.26.1-150300.17.17.1 * perl-core-DB_File-debuginfo-5.26.1-150300.17.17.1 * perl-base-5.26.1-150300.17.17.1 * perl-debugsource-5.26.1-150300.17.17.1 * Basesystem Module 15-SP6 (x86_64) * perl-base-32bit-debuginfo-5.26.1-150300.17.17.1 * perl-32bit-debuginfo-5.26.1-150300.17.17.1 * perl-base-32bit-5.26.1-150300.17.17.1 * Development Tools Module 15-SP5 (noarch) * perl-doc-5.26.1-150300.17.17.1 * Development Tools Module 15-SP6 (noarch) * perl-doc-5.26.1-150300.17.17.1 * SUSE Package Hub 15 15-SP5 (x86_64) * perl-debuginfo-5.26.1-150300.17.17.1 * perl-32bit-5.26.1-150300.17.17.1 * perl-32bit-debuginfo-5.26.1-150300.17.17.1 * perl-debugsource-5.26.1-150300.17.17.1 * SUSE Package Hub 15 15-SP6 (x86_64) * perl-debuginfo-5.26.1-150300.17.17.1 * perl-32bit-5.26.1-150300.17.17.1 * perl-32bit-debuginfo-5.26.1-150300.17.17.1 * perl-debugsource-5.26.1-150300.17.17.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * perl-5.26.1-150300.17.17.1 * perl-core-DB_File-5.26.1-150300.17.17.1 * perl-base-debuginfo-5.26.1-150300.17.17.1 * perl-debuginfo-5.26.1-150300.17.17.1 * perl-core-DB_File-debuginfo-5.26.1-150300.17.17.1 * perl-base-5.26.1-150300.17.17.1 * perl-debugsource-5.26.1-150300.17.17.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * perl-doc-5.26.1-150300.17.17.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (x86_64) * perl-base-32bit-debuginfo-5.26.1-150300.17.17.1 * perl-32bit-debuginfo-5.26.1-150300.17.17.1 * perl-base-32bit-5.26.1-150300.17.17.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * perl-5.26.1-150300.17.17.1 * perl-core-DB_File-5.26.1-150300.17.17.1 * perl-base-debuginfo-5.26.1-150300.17.17.1 * perl-debuginfo-5.26.1-150300.17.17.1 * perl-core-DB_File-debuginfo-5.26.1-150300.17.17.1 * perl-base-5.26.1-150300.17.17.1 * perl-debugsource-5.26.1-150300.17.17.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * perl-doc-5.26.1-150300.17.17.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64) * perl-base-32bit-debuginfo-5.26.1-150300.17.17.1 * perl-32bit-debuginfo-5.26.1-150300.17.17.1 * perl-base-32bit-5.26.1-150300.17.17.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * perl-5.26.1-150300.17.17.1 * perl-core-DB_File-5.26.1-150300.17.17.1 * perl-base-debuginfo-5.26.1-150300.17.17.1 * perl-debuginfo-5.26.1-150300.17.17.1 * perl-core-DB_File-debuginfo-5.26.1-150300.17.17.1 * perl-base-5.26.1-150300.17.17.1 * perl-debugsource-5.26.1-150300.17.17.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * perl-doc-5.26.1-150300.17.17.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64) * perl-base-32bit-debuginfo-5.26.1-150300.17.17.1 * perl-32bit-debuginfo-5.26.1-150300.17.17.1 * perl-base-32bit-5.26.1-150300.17.17.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * perl-5.26.1-150300.17.17.1 * perl-core-DB_File-5.26.1-150300.17.17.1 * perl-base-32bit-5.26.1-150300.17.17.1 * perl-base-debuginfo-5.26.1-150300.17.17.1 * perl-debuginfo-5.26.1-150300.17.17.1 * perl-core-DB_File-debuginfo-5.26.1-150300.17.17.1 * perl-base-5.26.1-150300.17.17.1 * perl-base-32bit-debuginfo-5.26.1-150300.17.17.1 * perl-32bit-debuginfo-5.26.1-150300.17.17.1 * perl-debugsource-5.26.1-150300.17.17.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (noarch) * perl-doc-5.26.1-150300.17.17.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * perl-5.26.1-150300.17.17.1 * perl-core-DB_File-5.26.1-150300.17.17.1 * perl-base-debuginfo-5.26.1-150300.17.17.1 * perl-debuginfo-5.26.1-150300.17.17.1 * perl-core-DB_File-debuginfo-5.26.1-150300.17.17.1 * perl-base-5.26.1-150300.17.17.1 * perl-debugsource-5.26.1-150300.17.17.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch) * perl-doc-5.26.1-150300.17.17.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (x86_64) * perl-base-32bit-debuginfo-5.26.1-150300.17.17.1 * perl-32bit-debuginfo-5.26.1-150300.17.17.1 * perl-base-32bit-5.26.1-150300.17.17.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * perl-5.26.1-150300.17.17.1 * perl-core-DB_File-5.26.1-150300.17.17.1 * perl-base-debuginfo-5.26.1-150300.17.17.1 * perl-debuginfo-5.26.1-150300.17.17.1 * perl-core-DB_File-debuginfo-5.26.1-150300.17.17.1 * perl-base-5.26.1-150300.17.17.1 * perl-debugsource-5.26.1-150300.17.17.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch) * perl-doc-5.26.1-150300.17.17.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (x86_64) * perl-base-32bit-debuginfo-5.26.1-150300.17.17.1 * perl-32bit-debuginfo-5.26.1-150300.17.17.1 * perl-base-32bit-5.26.1-150300.17.17.1 ## References: * https://www.suse.com/security/cve/CVE-2018-6798.html * https://www.suse.com/security/cve/CVE-2018-6913.html * https://bugzilla.suse.com/show_bug.cgi?id=1082216 * https://bugzilla.suse.com/show_bug.cgi?id=1082233 * https://bugzilla.suse.com/show_bug.cgi?id=1213638 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 23 12:30:02 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 23 May 2024 12:30:02 -0000 Subject: SUSE-SU-2024:1768-1: moderate: Security update for postgresql14 Message-ID: <171646740213.4787.7683900903504466665@smelt2.prg2.suse.org> # Security update for postgresql14 Announcement ID: SUSE-SU-2024:1768-1 Rating: moderate References: * bsc#1224038 * bsc#1224051 Cross-References: * CVE-2024-4317 CVSS scores: * CVE-2024-4317 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Products: * Legacy Module 15-SP5 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Package Hub 15 15-SP5 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for postgresql14 fixes the following issues: PostgreSQL upgrade to version 14.12 (bsc#1224051): * CVE-2024-4317: Fixed visibility restriction of pg_stats_ext and pg_stats_ext_exprs entries to the table owner (bsc#1224038). Bug fixes: * Fix incompatibility with LLVM 18. * Prepare for PostgreSQL 17. * Make sure all compilation and doc generation happens in %build. * Require LLVM <= 17 for now, because LLVM 18 doesn't seem to work. * Remove constraints file because improved memory usage for s390x * Use %patch -P N instead of deprecated %patchN. Release notes: * https://www.postgresql.org/docs/release/14.12/ ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1768=1 * Legacy Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Legacy-15-SP5-2024-1768=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-1768=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * postgresql14-plperl-14.12-150200.5.44.1 * postgresql14-plpython-debuginfo-14.12-150200.5.44.1 * postgresql14-plpython-14.12-150200.5.44.1 * postgresql14-contrib-14.12-150200.5.44.1 * postgresql14-debugsource-14.12-150200.5.44.1 * postgresql14-test-14.12-150200.5.44.1 * postgresql14-llvmjit-debuginfo-14.12-150200.5.44.1 * postgresql14-server-14.12-150200.5.44.1 * postgresql14-contrib-debuginfo-14.12-150200.5.44.1 * postgresql14-pltcl-debuginfo-14.12-150200.5.44.1 * postgresql14-llvmjit-14.12-150200.5.44.1 * postgresql14-debuginfo-14.12-150200.5.44.1 * postgresql14-llvmjit-devel-14.12-150200.5.44.1 * postgresql14-devel-14.12-150200.5.44.1 * postgresql14-pltcl-14.12-150200.5.44.1 * postgresql14-14.12-150200.5.44.1 * postgresql14-server-devel-14.12-150200.5.44.1 * postgresql14-devel-debuginfo-14.12-150200.5.44.1 * postgresql14-server-devel-debuginfo-14.12-150200.5.44.1 * postgresql14-server-debuginfo-14.12-150200.5.44.1 * postgresql14-plperl-debuginfo-14.12-150200.5.44.1 * openSUSE Leap 15.5 (noarch) * postgresql14-docs-14.12-150200.5.44.1 * Legacy Module 15-SP5 (aarch64 ppc64le s390x x86_64) * postgresql14-plperl-14.12-150200.5.44.1 * postgresql14-devel-debuginfo-14.12-150200.5.44.1 * postgresql14-plperl-debuginfo-14.12-150200.5.44.1 * postgresql14-plpython-debuginfo-14.12-150200.5.44.1 * postgresql14-pltcl-debuginfo-14.12-150200.5.44.1 * postgresql14-llvmjit-14.12-150200.5.44.1 * postgresql14-debuginfo-14.12-150200.5.44.1 * postgresql14-contrib-14.12-150200.5.44.1 * postgresql14-14.12-150200.5.44.1 * postgresql14-plpython-14.12-150200.5.44.1 * postgresql14-server-14.12-150200.5.44.1 * postgresql14-debugsource-14.12-150200.5.44.1 * postgresql14-llvmjit-devel-14.12-150200.5.44.1 * postgresql14-server-devel-debuginfo-14.12-150200.5.44.1 * postgresql14-server-devel-14.12-150200.5.44.1 * postgresql14-server-debuginfo-14.12-150200.5.44.1 * postgresql14-devel-14.12-150200.5.44.1 * postgresql14-llvmjit-debuginfo-14.12-150200.5.44.1 * postgresql14-contrib-debuginfo-14.12-150200.5.44.1 * postgresql14-pltcl-14.12-150200.5.44.1 * Legacy Module 15-SP5 (noarch) * postgresql14-docs-14.12-150200.5.44.1 * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x x86_64) * postgresql14-llvmjit-14.12-150200.5.44.1 * postgresql14-debuginfo-14.12-150200.5.44.1 * postgresql14-debugsource-14.12-150200.5.44.1 * postgresql14-test-14.12-150200.5.44.1 * postgresql14-llvmjit-debuginfo-14.12-150200.5.44.1 ## References: * https://www.suse.com/security/cve/CVE-2024-4317.html * https://bugzilla.suse.com/show_bug.cgi?id=1224038 * https://bugzilla.suse.com/show_bug.cgi?id=1224051 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 23 12:30:04 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 23 May 2024 12:30:04 -0000 Subject: SUSE-SU-2024:1767-1: important: Security update for python-sqlparse Message-ID: <171646740431.4787.1401020064594358527@smelt2.prg2.suse.org> # Security update for python-sqlparse Announcement ID: SUSE-SU-2024:1767-1 Rating: important References: * bsc#1223603 Cross-References: * CVE-2024-4340 CVSS scores: * CVE-2024-4340 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.5 * Public Cloud Module 15-SP4 * Public Cloud Module 15-SP5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for python-sqlparse fixes the following issues: * CVE-2024-4340: Catch RecursionError to avoid a denial of service. (bsc#1223603) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-1767=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1767=1 * Public Cloud Module 15-SP4 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2024-1767=1 * Public Cloud Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP5-2024-1767=1 ## Package List: * openSUSE Leap 15.4 (noarch) * python311-sqlparse-0.4.4-150400.6.7.1 * openSUSE Leap 15.5 (noarch) * python311-sqlparse-0.4.4-150400.6.7.1 * Public Cloud Module 15-SP4 (noarch) * python311-sqlparse-0.4.4-150400.6.7.1 * Public Cloud Module 15-SP5 (noarch) * python311-sqlparse-0.4.4-150400.6.7.1 ## References: * https://www.suse.com/security/cve/CVE-2024-4340.html * https://bugzilla.suse.com/show_bug.cgi?id=1223603 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 23 16:30:03 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 23 May 2024 16:30:03 -0000 Subject: SUSE-SU-2024:1770-1: important: Security update for MozillaFirefox Message-ID: <171648180367.23396.17549646905608030585@smelt2.prg2.suse.org> # Security update for MozillaFirefox Announcement ID: SUSE-SU-2024:1770-1 Rating: important References: * bsc#1222535 * bsc#1224056 Cross-References: * CVE-2024-2609 * CVE-2024-3302 * CVE-2024-3852 * CVE-2024-3854 * CVE-2024-3857 * CVE-2024-3859 * CVE-2024-3861 * CVE-2024-3863 * CVE-2024-3864 * CVE-2024-4367 * CVE-2024-4767 * CVE-2024-4768 * CVE-2024-4769 * CVE-2024-4770 * CVE-2024-4777 CVSS scores: * CVE-2024-2609 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2024-3302 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-3852 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-3854 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-3857 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-3859 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2024-3861 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2024-3863 ( SUSE ): 5.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2024-3864 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-4367 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-4767 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2024-4768 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2024-4769 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2024-4770 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-4777 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Affected Products: * Desktop Applications Module 15-SP5 * Desktop Applications Module 15-SP6 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves 15 vulnerabilities can now be installed. ## Description: This update for MozillaFirefox fixes the following issues: Update to version 115.11.0 ESR (bsc#1224056): * CVE-2024-4367: Arbitrary JavaScript execution in PDF.js * CVE-2024-4767: IndexedDB files retained in private browsing mode * CVE-2024-4768: Potential permissions request bypass via clickjacking * CVE-2024-4769: Cross-origin responses could be distinguished between script and non-script content-types * CVE-2024-4770: Use-after-free could occur when printing to PDF * CVE-2024-4777: Memory safety bugs fixed in Firefox 126, Firefox ESR 115.11, and Thunderbird 115.11 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1770=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-1770=1 * Desktop Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP5-2024-1770=1 * Desktop Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2024-1770=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-1770=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-1770=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-1770=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-1770=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-1770=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-1770=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-1770=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-1770=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-1770=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-1770=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-1770=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-1770=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * MozillaFirefox-branding-upstream-115.11.0-150200.152.137.2 * MozillaFirefox-translations-other-115.11.0-150200.152.137.2 * MozillaFirefox-115.11.0-150200.152.137.2 * MozillaFirefox-debuginfo-115.11.0-150200.152.137.2 * MozillaFirefox-translations-common-115.11.0-150200.152.137.2 * MozillaFirefox-debugsource-115.11.0-150200.152.137.2 * openSUSE Leap 15.5 (noarch) * MozillaFirefox-devel-115.11.0-150200.152.137.2 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * MozillaFirefox-branding-upstream-115.11.0-150200.152.137.2 * MozillaFirefox-translations-other-115.11.0-150200.152.137.2 * MozillaFirefox-115.11.0-150200.152.137.2 * MozillaFirefox-debuginfo-115.11.0-150200.152.137.2 * MozillaFirefox-translations-common-115.11.0-150200.152.137.2 * MozillaFirefox-debugsource-115.11.0-150200.152.137.2 * openSUSE Leap 15.6 (noarch) * MozillaFirefox-devel-115.11.0-150200.152.137.2 * Desktop Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * MozillaFirefox-translations-other-115.11.0-150200.152.137.2 * MozillaFirefox-115.11.0-150200.152.137.2 * MozillaFirefox-debuginfo-115.11.0-150200.152.137.2 * MozillaFirefox-translations-common-115.11.0-150200.152.137.2 * MozillaFirefox-debugsource-115.11.0-150200.152.137.2 * Desktop Applications Module 15-SP5 (noarch) * MozillaFirefox-devel-115.11.0-150200.152.137.2 * Desktop Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * MozillaFirefox-translations-other-115.11.0-150200.152.137.2 * MozillaFirefox-115.11.0-150200.152.137.2 * MozillaFirefox-debuginfo-115.11.0-150200.152.137.2 * MozillaFirefox-translations-common-115.11.0-150200.152.137.2 * MozillaFirefox-debugsource-115.11.0-150200.152.137.2 * Desktop Applications Module 15-SP6 (noarch) * MozillaFirefox-devel-115.11.0-150200.152.137.2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * MozillaFirefox-translations-other-115.11.0-150200.152.137.2 * MozillaFirefox-115.11.0-150200.152.137.2 * MozillaFirefox-debuginfo-115.11.0-150200.152.137.2 * MozillaFirefox-translations-common-115.11.0-150200.152.137.2 * MozillaFirefox-debugsource-115.11.0-150200.152.137.2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (noarch) * MozillaFirefox-devel-115.11.0-150200.152.137.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * MozillaFirefox-translations-other-115.11.0-150200.152.137.2 * MozillaFirefox-115.11.0-150200.152.137.2 * MozillaFirefox-debuginfo-115.11.0-150200.152.137.2 * MozillaFirefox-translations-common-115.11.0-150200.152.137.2 * MozillaFirefox-debugsource-115.11.0-150200.152.137.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * MozillaFirefox-devel-115.11.0-150200.152.137.2 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * MozillaFirefox-translations-other-115.11.0-150200.152.137.2 * MozillaFirefox-115.11.0-150200.152.137.2 * MozillaFirefox-debuginfo-115.11.0-150200.152.137.2 * MozillaFirefox-translations-common-115.11.0-150200.152.137.2 * MozillaFirefox-debugsource-115.11.0-150200.152.137.2 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * MozillaFirefox-devel-115.11.0-150200.152.137.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * MozillaFirefox-translations-other-115.11.0-150200.152.137.2 * MozillaFirefox-115.11.0-150200.152.137.2 * MozillaFirefox-debuginfo-115.11.0-150200.152.137.2 * MozillaFirefox-translations-common-115.11.0-150200.152.137.2 * MozillaFirefox-debugsource-115.11.0-150200.152.137.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * MozillaFirefox-devel-115.11.0-150200.152.137.2 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * MozillaFirefox-translations-other-115.11.0-150200.152.137.2 * MozillaFirefox-115.11.0-150200.152.137.2 * MozillaFirefox-debuginfo-115.11.0-150200.152.137.2 * MozillaFirefox-translations-common-115.11.0-150200.152.137.2 * MozillaFirefox-debugsource-115.11.0-150200.152.137.2 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (noarch) * MozillaFirefox-devel-115.11.0-150200.152.137.2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * MozillaFirefox-translations-other-115.11.0-150200.152.137.2 * MozillaFirefox-115.11.0-150200.152.137.2 * MozillaFirefox-debuginfo-115.11.0-150200.152.137.2 * MozillaFirefox-translations-common-115.11.0-150200.152.137.2 * MozillaFirefox-debugsource-115.11.0-150200.152.137.2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (noarch) * MozillaFirefox-devel-115.11.0-150200.152.137.2 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * MozillaFirefox-translations-other-115.11.0-150200.152.137.2 * MozillaFirefox-115.11.0-150200.152.137.2 * MozillaFirefox-debuginfo-115.11.0-150200.152.137.2 * MozillaFirefox-translations-common-115.11.0-150200.152.137.2 * MozillaFirefox-debugsource-115.11.0-150200.152.137.2 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch) * MozillaFirefox-devel-115.11.0-150200.152.137.2 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * MozillaFirefox-translations-other-115.11.0-150200.152.137.2 * MozillaFirefox-115.11.0-150200.152.137.2 * MozillaFirefox-debuginfo-115.11.0-150200.152.137.2 * MozillaFirefox-translations-common-115.11.0-150200.152.137.2 * MozillaFirefox-debugsource-115.11.0-150200.152.137.2 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch) * MozillaFirefox-devel-115.11.0-150200.152.137.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * MozillaFirefox-translations-other-115.11.0-150200.152.137.2 * MozillaFirefox-115.11.0-150200.152.137.2 * MozillaFirefox-debuginfo-115.11.0-150200.152.137.2 * MozillaFirefox-translations-common-115.11.0-150200.152.137.2 * MozillaFirefox-debugsource-115.11.0-150200.152.137.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (noarch) * MozillaFirefox-devel-115.11.0-150200.152.137.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * MozillaFirefox-translations-other-115.11.0-150200.152.137.2 * MozillaFirefox-115.11.0-150200.152.137.2 * MozillaFirefox-debuginfo-115.11.0-150200.152.137.2 * MozillaFirefox-translations-common-115.11.0-150200.152.137.2 * MozillaFirefox-debugsource-115.11.0-150200.152.137.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * MozillaFirefox-devel-115.11.0-150200.152.137.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * MozillaFirefox-translations-other-115.11.0-150200.152.137.2 * MozillaFirefox-115.11.0-150200.152.137.2 * MozillaFirefox-debuginfo-115.11.0-150200.152.137.2 * MozillaFirefox-translations-common-115.11.0-150200.152.137.2 * MozillaFirefox-debugsource-115.11.0-150200.152.137.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * MozillaFirefox-devel-115.11.0-150200.152.137.2 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * MozillaFirefox-translations-other-115.11.0-150200.152.137.2 * MozillaFirefox-115.11.0-150200.152.137.2 * MozillaFirefox-debuginfo-115.11.0-150200.152.137.2 * MozillaFirefox-translations-common-115.11.0-150200.152.137.2 * MozillaFirefox-debugsource-115.11.0-150200.152.137.2 * SUSE Enterprise Storage 7.1 (noarch) * MozillaFirefox-devel-115.11.0-150200.152.137.2 ## References: * https://www.suse.com/security/cve/CVE-2024-2609.html * https://www.suse.com/security/cve/CVE-2024-3302.html * https://www.suse.com/security/cve/CVE-2024-3852.html * https://www.suse.com/security/cve/CVE-2024-3854.html * https://www.suse.com/security/cve/CVE-2024-3857.html * https://www.suse.com/security/cve/CVE-2024-3859.html * https://www.suse.com/security/cve/CVE-2024-3861.html * https://www.suse.com/security/cve/CVE-2024-3863.html * https://www.suse.com/security/cve/CVE-2024-3864.html * https://www.suse.com/security/cve/CVE-2024-4367.html * https://www.suse.com/security/cve/CVE-2024-4767.html * https://www.suse.com/security/cve/CVE-2024-4768.html * https://www.suse.com/security/cve/CVE-2024-4769.html * https://www.suse.com/security/cve/CVE-2024-4770.html * https://www.suse.com/security/cve/CVE-2024-4777.html * https://bugzilla.suse.com/show_bug.cgi?id=1222535 * https://bugzilla.suse.com/show_bug.cgi?id=1224056 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 23 20:30:05 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 23 May 2024 20:30:05 -0000 Subject: SUSE-SU-2024:1771-1: important: Security update for ucode-intel Message-ID: <171649620599.28590.10428923435044131285@smelt2.prg2.suse.org> # Security update for ucode-intel Announcement ID: SUSE-SU-2024:1771-1 Rating: important References: * bsc#1224277 Cross-References: * CVE-2023-45733 * CVE-2023-45745 * CVE-2023-46103 * CVE-2023-47855 CVSS scores: * CVE-2023-45733 ( SUSE ): 2.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N * CVE-2023-45745 ( SUSE ): 7.9 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N * CVE-2023-46103 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-47855 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N Affected Products: * Basesystem Module 15-SP5 * Basesystem Module 15-SP6 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * openSUSE Leap Micro 5.3 * openSUSE Leap Micro 5.4 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves four vulnerabilities can now be installed. ## Description: This update for ucode-intel fixes the following issues: Intel CPU Microcode was updated to the 20240514 release (bsc#1224277) * CVE-2023-45733: Fixed a potential security vulnerability in some Intel? Processors that may have allowed information disclosure. * CVE-2023-46103: Fixed a potential security vulnerability in Intel? Core? Ultra Processors that may have allowed denial of service. * CVE-2023-45745,CVE-2023-47855: Fixed a potential security vulnerabilities in some Intel? Trust Domain Extensions (TDX) module software that may have allowed escalation of privilege. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap Micro 5.3 zypper in -t patch openSUSE-Leap-Micro-5.3-2024-1771=1 * openSUSE Leap Micro 5.4 zypper in -t patch openSUSE-Leap-Micro-5.4-2024-1771=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1771=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-1771=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-1771=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-1771=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-1771=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-1771=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-1771=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-1771=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-1771=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-1771=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-1771=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-1771=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-1771=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-1771=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-1771=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-1771=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-1771=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-1771=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-1771=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-1771=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-1771=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-1771=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-1771=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-1771=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-1771=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-1771=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-1771=1 ## Package List: * openSUSE Leap Micro 5.3 (x86_64) * ucode-intel-20240514-150200.41.1 * openSUSE Leap Micro 5.4 (x86_64) * ucode-intel-20240514-150200.41.1 * openSUSE Leap 15.5 (x86_64) * ucode-intel-20240514-150200.41.1 * openSUSE Leap 15.6 (x86_64) * ucode-intel-20240514-150200.41.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (x86_64) * ucode-intel-20240514-150200.41.1 * SUSE Linux Enterprise Micro 5.3 (x86_64) * ucode-intel-20240514-150200.41.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (x86_64) * ucode-intel-20240514-150200.41.1 * SUSE Linux Enterprise Micro 5.4 (x86_64) * ucode-intel-20240514-150200.41.1 * SUSE Linux Enterprise Micro 5.5 (x86_64) * ucode-intel-20240514-150200.41.1 * Basesystem Module 15-SP5 (x86_64) * ucode-intel-20240514-150200.41.1 * Basesystem Module 15-SP6 (x86_64) * ucode-intel-20240514-150200.41.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (x86_64) * ucode-intel-20240514-150200.41.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (x86_64) * ucode-intel-20240514-150200.41.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64) * ucode-intel-20240514-150200.41.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64) * ucode-intel-20240514-150200.41.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * ucode-intel-20240514-150200.41.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (x86_64) * ucode-intel-20240514-150200.41.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (x86_64) * ucode-intel-20240514-150200.41.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (x86_64) * ucode-intel-20240514-150200.41.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (x86_64) * ucode-intel-20240514-150200.41.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (x86_64) * ucode-intel-20240514-150200.41.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64) * ucode-intel-20240514-150200.41.1 * SUSE Manager Proxy 4.3 (x86_64) * ucode-intel-20240514-150200.41.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * ucode-intel-20240514-150200.41.1 * SUSE Manager Server 4.3 (x86_64) * ucode-intel-20240514-150200.41.1 * SUSE Enterprise Storage 7.1 (x86_64) * ucode-intel-20240514-150200.41.1 * SUSE Linux Enterprise Micro 5.1 (x86_64) * ucode-intel-20240514-150200.41.1 * SUSE Linux Enterprise Micro 5.2 (x86_64) * ucode-intel-20240514-150200.41.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (x86_64) * ucode-intel-20240514-150200.41.1 ## References: * https://www.suse.com/security/cve/CVE-2023-45733.html * https://www.suse.com/security/cve/CVE-2023-45745.html * https://www.suse.com/security/cve/CVE-2023-46103.html * https://www.suse.com/security/cve/CVE-2023-47855.html * https://bugzilla.suse.com/show_bug.cgi?id=1224277 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 24 12:30:04 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 24 May 2024 12:30:04 -0000 Subject: SUSE-SU-2024:1773-1: moderate: Security update for opensc Message-ID: <171655380430.30561.10709313370198339824@smelt2.prg2.suse.org> # Security update for opensc Announcement ID: SUSE-SU-2024:1773-1 Rating: moderate References: * bsc#1219386 Cross-References: * CVE-2023-5992 CVSS scores: * CVE-2023-5992 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N * CVE-2023-5992 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 An update that solves one vulnerability can now be installed. ## Description: This update for opensc fixes the following issues: * CVE-2023-5992: Fixed a side-channel leaks while stripping encryption PKCS#1 padding (bsc#1219386) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-1773=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-1773=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-1773=1 ## Package List: * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * opensc-0.19.0-150100.3.28.1 * opensc-debugsource-0.19.0-150100.3.28.1 * opensc-debuginfo-0.19.0-150100.3.28.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * opensc-0.19.0-150100.3.28.1 * opensc-debugsource-0.19.0-150100.3.28.1 * opensc-debuginfo-0.19.0-150100.3.28.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * opensc-0.19.0-150100.3.28.1 * opensc-debugsource-0.19.0-150100.3.28.1 * opensc-debuginfo-0.19.0-150100.3.28.1 ## References: * https://www.suse.com/security/cve/CVE-2023-5992.html * https://bugzilla.suse.com/show_bug.cgi?id=1219386 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 24 16:30:05 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 24 May 2024 16:30:05 -0000 Subject: SUSE-SU-2024:1777-1: moderate: Security update for postgresql15 Message-ID: <171656820531.24355.17955659157227698348@smelt2.prg2.suse.org> # Security update for postgresql15 Announcement ID: SUSE-SU-2024:1777-1 Rating: moderate References: * bsc#1224038 * bsc#1224051 Cross-References: * CVE-2024-4317 CVSS scores: * CVE-2024-4317 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.5 * Server Applications Module 15-SP5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for postgresql15 fixes the following issues: PostgreSQL upgrade to version 15.7 (bsc#1224051): * CVE-2024-4317: Fixed visibility restriction of pg_stats_ext and pg_stats_ext_exprs entries to the table owner (bsc#1224038). Bug fixes: * Fix incompatibility with LLVM 18. * Prepare for PostgreSQL 17. * Make sure all compilation and doc generation happens in %build. * Require LLVM <= 17 for now, because LLVM 18 doesn't seem to work. * Remove constraints file because improved memory usage for s390x * Use %patch -P N instead of deprecated %patchN. Release notes: * https://www.postgresql.org/docs/release/15.7/ ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1777=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-1777=1 * Server Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP5-2024-1777=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * postgresql15-plpython-15.7-150200.5.27.1 * postgresql15-server-devel-15.7-150200.5.27.1 * postgresql15-llvmjit-debuginfo-15.7-150200.5.27.1 * postgresql15-devel-15.7-150200.5.27.1 * postgresql15-contrib-15.7-150200.5.27.1 * postgresql15-pltcl-15.7-150200.5.27.1 * postgresql15-pltcl-debuginfo-15.7-150200.5.27.1 * postgresql15-debuginfo-15.7-150200.5.27.1 * postgresql15-devel-debuginfo-15.7-150200.5.27.1 * postgresql15-plperl-debuginfo-15.7-150200.5.27.1 * postgresql15-plperl-15.7-150200.5.27.1 * postgresql15-server-15.7-150200.5.27.1 * postgresql15-plpython-debuginfo-15.7-150200.5.27.1 * postgresql15-llvmjit-15.7-150200.5.27.1 * postgresql15-contrib-debuginfo-15.7-150200.5.27.1 * postgresql15-15.7-150200.5.27.1 * postgresql15-llvmjit-devel-15.7-150200.5.27.1 * postgresql15-server-debuginfo-15.7-150200.5.27.1 * postgresql15-debugsource-15.7-150200.5.27.1 * postgresql15-test-15.7-150200.5.27.1 * postgresql15-server-devel-debuginfo-15.7-150200.5.27.1 * openSUSE Leap 15.5 (noarch) * postgresql15-docs-15.7-150200.5.27.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * postgresql15-15.7-150200.5.27.1 * postgresql15-debuginfo-15.7-150200.5.27.1 * postgresql15-debugsource-15.7-150200.5.27.1 * Server Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * postgresql15-plperl-debuginfo-15.7-150200.5.27.1 * postgresql15-pltcl-15.7-150200.5.27.1 * postgresql15-pltcl-debuginfo-15.7-150200.5.27.1 * postgresql15-devel-15.7-150200.5.27.1 * postgresql15-plperl-15.7-150200.5.27.1 * postgresql15-plpython-15.7-150200.5.27.1 * postgresql15-server-devel-15.7-150200.5.27.1 * postgresql15-server-15.7-150200.5.27.1 * postgresql15-plpython-debuginfo-15.7-150200.5.27.1 * postgresql15-debuginfo-15.7-150200.5.27.1 * postgresql15-contrib-debuginfo-15.7-150200.5.27.1 * postgresql15-debugsource-15.7-150200.5.27.1 * postgresql15-devel-debuginfo-15.7-150200.5.27.1 * postgresql15-contrib-15.7-150200.5.27.1 * postgresql15-server-debuginfo-15.7-150200.5.27.1 * postgresql15-server-devel-debuginfo-15.7-150200.5.27.1 * Server Applications Module 15-SP5 (noarch) * postgresql15-docs-15.7-150200.5.27.1 ## References: * https://www.suse.com/security/cve/CVE-2024-4317.html * https://bugzilla.suse.com/show_bug.cgi?id=1224038 * https://bugzilla.suse.com/show_bug.cgi?id=1224051 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 24 16:30:10 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 24 May 2024 16:30:10 -0000 Subject: SUSE-SU-2024:1775-1: important: Security update for libfastjson Message-ID: <171656821093.24355.15893467076140652946@smelt2.prg2.suse.org> # Security update for libfastjson Announcement ID: SUSE-SU-2024:1775-1 Rating: important References: * bsc#1171479 Cross-References: * CVE-2020-12762 CVSS scores: * CVE-2020-12762 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2020-12762 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves one vulnerability can now be installed. ## Description: This update for libfastjson fixes the following issues: * CVE-2020-12762: Fixed integer overflow and out-of-bounds write via a large JSON file (bsc#1171479). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-1775=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-1775=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-1775=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-1775=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-1775=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-1775=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-1775=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * libfastjson-debugsource-0.99.8-150000.3.3.1 * libfastjson4-debuginfo-0.99.8-150000.3.3.1 * libfastjson-devel-0.99.8-150000.3.3.1 * libfastjson4-0.99.8-150000.3.3.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * libfastjson-debugsource-0.99.8-150000.3.3.1 * libfastjson4-debuginfo-0.99.8-150000.3.3.1 * libfastjson-devel-0.99.8-150000.3.3.1 * libfastjson4-0.99.8-150000.3.3.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * libfastjson-debugsource-0.99.8-150000.3.3.1 * libfastjson4-debuginfo-0.99.8-150000.3.3.1 * libfastjson-devel-0.99.8-150000.3.3.1 * libfastjson4-0.99.8-150000.3.3.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * libfastjson-debugsource-0.99.8-150000.3.3.1 * libfastjson4-debuginfo-0.99.8-150000.3.3.1 * libfastjson-devel-0.99.8-150000.3.3.1 * libfastjson4-0.99.8-150000.3.3.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * libfastjson-debugsource-0.99.8-150000.3.3.1 * libfastjson4-debuginfo-0.99.8-150000.3.3.1 * libfastjson-devel-0.99.8-150000.3.3.1 * libfastjson4-0.99.8-150000.3.3.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * libfastjson-debugsource-0.99.8-150000.3.3.1 * libfastjson4-debuginfo-0.99.8-150000.3.3.1 * libfastjson-devel-0.99.8-150000.3.3.1 * libfastjson4-0.99.8-150000.3.3.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * libfastjson-debugsource-0.99.8-150000.3.3.1 * libfastjson4-debuginfo-0.99.8-150000.3.3.1 * libfastjson-devel-0.99.8-150000.3.3.1 * libfastjson4-0.99.8-150000.3.3.1 ## References: * https://www.suse.com/security/cve/CVE-2020-12762.html * https://bugzilla.suse.com/show_bug.cgi?id=1171479 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 24 16:30:13 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 24 May 2024 16:30:13 -0000 Subject: SUSE-SU-2024:1774-1: important: Security update for python3 Message-ID: <171656821367.24355.8305406352922707616@smelt2.prg2.suse.org> # Security update for python3 Announcement ID: SUSE-SU-2024:1774-1 Rating: important References: * bsc#1219559 * bsc#1220664 * bsc#1221563 * bsc#1221854 * bsc#1222075 Cross-References: * CVE-2023-52425 * CVE-2024-0450 CVSS scores: * CVE-2023-52425 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52425 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0450 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 An update that solves two vulnerabilities and has three security fixes can now be installed. ## Description: This update for python3 fixes the following issues: * CVE-2023-52425: Fixed backport so it uses features sniffing, not just comparing version number (bsc#1219559). * CVE-2024-0450: Fixed detecting the vulnerability of "quoted-overlap" zipbomb (bsc#1221854). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-1774=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-1774=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-1774=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-1774=1 ## Package List: * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * libpython3_6m1_0-3.6.15-150000.3.147.1 * libpython3_6m1_0-debuginfo-3.6.15-150000.3.147.1 * python3-3.6.15-150000.3.147.1 * python3-base-debuginfo-3.6.15-150000.3.147.1 * python3-debugsource-3.6.15-150000.3.147.1 * python3-debuginfo-3.6.15-150000.3.147.1 * python3-base-3.6.15-150000.3.147.1 * python3-core-debugsource-3.6.15-150000.3.147.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * libpython3_6m1_0-3.6.15-150000.3.147.1 * libpython3_6m1_0-debuginfo-3.6.15-150000.3.147.1 * python3-curses-3.6.15-150000.3.147.1 * python3-curses-debuginfo-3.6.15-150000.3.147.1 * python3-3.6.15-150000.3.147.1 * python3-dbm-3.6.15-150000.3.147.1 * python3-devel-debuginfo-3.6.15-150000.3.147.1 * python3-base-debuginfo-3.6.15-150000.3.147.1 * python3-dbm-debuginfo-3.6.15-150000.3.147.1 * python3-tk-3.6.15-150000.3.147.1 * python3-tk-debuginfo-3.6.15-150000.3.147.1 * python3-debugsource-3.6.15-150000.3.147.1 * python3-debuginfo-3.6.15-150000.3.147.1 * python3-tools-3.6.15-150000.3.147.1 * python3-idle-3.6.15-150000.3.147.1 * python3-devel-3.6.15-150000.3.147.1 * python3-base-3.6.15-150000.3.147.1 * python3-core-debugsource-3.6.15-150000.3.147.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * libpython3_6m1_0-3.6.15-150000.3.147.1 * libpython3_6m1_0-debuginfo-3.6.15-150000.3.147.1 * python3-curses-3.6.15-150000.3.147.1 * python3-curses-debuginfo-3.6.15-150000.3.147.1 * python3-3.6.15-150000.3.147.1 * python3-dbm-3.6.15-150000.3.147.1 * python3-devel-debuginfo-3.6.15-150000.3.147.1 * python3-base-debuginfo-3.6.15-150000.3.147.1 * python3-dbm-debuginfo-3.6.15-150000.3.147.1 * python3-tk-3.6.15-150000.3.147.1 * python3-tk-debuginfo-3.6.15-150000.3.147.1 * python3-debugsource-3.6.15-150000.3.147.1 * python3-debuginfo-3.6.15-150000.3.147.1 * python3-tools-3.6.15-150000.3.147.1 * python3-idle-3.6.15-150000.3.147.1 * python3-devel-3.6.15-150000.3.147.1 * python3-base-3.6.15-150000.3.147.1 * python3-core-debugsource-3.6.15-150000.3.147.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * libpython3_6m1_0-3.6.15-150000.3.147.1 * libpython3_6m1_0-debuginfo-3.6.15-150000.3.147.1 * python3-curses-3.6.15-150000.3.147.1 * python3-curses-debuginfo-3.6.15-150000.3.147.1 * python3-3.6.15-150000.3.147.1 * python3-dbm-3.6.15-150000.3.147.1 * python3-devel-debuginfo-3.6.15-150000.3.147.1 * python3-base-debuginfo-3.6.15-150000.3.147.1 * python3-dbm-debuginfo-3.6.15-150000.3.147.1 * python3-tk-3.6.15-150000.3.147.1 * python3-tk-debuginfo-3.6.15-150000.3.147.1 * python3-debugsource-3.6.15-150000.3.147.1 * python3-debuginfo-3.6.15-150000.3.147.1 * python3-tools-3.6.15-150000.3.147.1 * python3-idle-3.6.15-150000.3.147.1 * python3-devel-3.6.15-150000.3.147.1 * python3-base-3.6.15-150000.3.147.1 * python3-core-debugsource-3.6.15-150000.3.147.1 ## References: * https://www.suse.com/security/cve/CVE-2023-52425.html * https://www.suse.com/security/cve/CVE-2024-0450.html * https://bugzilla.suse.com/show_bug.cgi?id=1219559 * https://bugzilla.suse.com/show_bug.cgi?id=1220664 * https://bugzilla.suse.com/show_bug.cgi?id=1221563 * https://bugzilla.suse.com/show_bug.cgi?id=1221854 * https://bugzilla.suse.com/show_bug.cgi?id=1222075 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 27 16:30:09 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 27 May 2024 16:30:09 -0000 Subject: SUSE-SU-2024:1789-1: moderate: Security update for openssl-3 Message-ID: <171682740946.18612.17577795744319839649@smelt2.prg2.suse.org> # Security update for openssl-3 Announcement ID: SUSE-SU-2024:1789-1 Rating: moderate References: * bsc#1224388 Cross-References: * CVE-2024-4603 CVSS scores: * CVE-2024-4603 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for openssl-3 fixes the following issues: * CVE-2024-4603: Fixed DSA parameter checks for excessive sizes before validating (bsc#1224388). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-1789=1 openSUSE-SLE-15.5-2024-1789=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-1789=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * libopenssl3-3.0.8-150500.5.33.1 * openssl-3-debugsource-3.0.8-150500.5.33.1 * libopenssl-3-devel-3.0.8-150500.5.33.1 * openssl-3-3.0.8-150500.5.33.1 * libopenssl3-debuginfo-3.0.8-150500.5.33.1 * openssl-3-debuginfo-3.0.8-150500.5.33.1 * openSUSE Leap 15.5 (x86_64) * libopenssl-3-devel-32bit-3.0.8-150500.5.33.1 * libopenssl3-32bit-3.0.8-150500.5.33.1 * libopenssl3-32bit-debuginfo-3.0.8-150500.5.33.1 * openSUSE Leap 15.5 (noarch) * openssl-3-doc-3.0.8-150500.5.33.1 * openSUSE Leap 15.5 (aarch64_ilp32) * libopenssl-3-devel-64bit-3.0.8-150500.5.33.1 * libopenssl3-64bit-3.0.8-150500.5.33.1 * libopenssl3-64bit-debuginfo-3.0.8-150500.5.33.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * libopenssl3-3.0.8-150500.5.33.1 * openssl-3-debugsource-3.0.8-150500.5.33.1 * libopenssl-3-devel-3.0.8-150500.5.33.1 * openssl-3-3.0.8-150500.5.33.1 * libopenssl3-debuginfo-3.0.8-150500.5.33.1 * openssl-3-debuginfo-3.0.8-150500.5.33.1 ## References: * https://www.suse.com/security/cve/CVE-2024-4603.html * https://bugzilla.suse.com/show_bug.cgi?id=1224388 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 27 16:30:15 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 27 May 2024 16:30:15 -0000 Subject: SUSE-SU-2024:1787-1: important: Security update for the Linux Kernel Message-ID: <171682741536.18612.8325982989514364899@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2024:1787-1 Rating: important References: * bsc#1223858 * bsc#1224169 * bsc#1224340 Affected Products: * Basesystem Module 15-SP5 * Development Tools Module 15-SP5 * Legacy Module 15-SP5 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Availability Extension 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Workstation Extension 15 SP5 An update that has three security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security bugfixes. This update fixes a regression with kerberized nfs4 shares in the previous update (bsc#1223858). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-1787=1 openSUSE-SLE-15.5-2024-1787=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-1787=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-1787=1 * Development Tools Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2024-1787=1 * Legacy Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Legacy-15-SP5-2024-1787=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-1787=1 Please note that this is the initial kernel livepatch without fixes itself, this package is later updated by separate standalone kernel livepatch updates. * SUSE Linux Enterprise High Availability Extension 15 SP5 zypper in -t patch SUSE-SLE-Product-HA-15-SP5-2024-1787=1 * SUSE Linux Enterprise Workstation Extension 15 SP5 zypper in -t patch SUSE-SLE-Product-WE-15-SP5-2024-1787=1 ## Package List: * openSUSE Leap 15.5 (noarch nosrc) * kernel-docs-5.14.21-150500.55.65.1 * openSUSE Leap 15.5 (noarch) * kernel-source-vanilla-5.14.21-150500.55.65.1 * kernel-macros-5.14.21-150500.55.65.1 * kernel-docs-html-5.14.21-150500.55.65.1 * kernel-source-5.14.21-150500.55.65.1 * kernel-devel-5.14.21-150500.55.65.1 * openSUSE Leap 15.5 (nosrc ppc64le x86_64) * kernel-debug-5.14.21-150500.55.65.1 * openSUSE Leap 15.5 (ppc64le x86_64) * kernel-debug-devel-5.14.21-150500.55.65.1 * kernel-debug-devel-debuginfo-5.14.21-150500.55.65.1 * kernel-debug-debugsource-5.14.21-150500.55.65.1 * kernel-debug-debuginfo-5.14.21-150500.55.65.1 * kernel-debug-livepatch-devel-5.14.21-150500.55.65.1 * openSUSE Leap 15.5 (x86_64) * kernel-debug-vdso-5.14.21-150500.55.65.1 * kernel-kvmsmall-vdso-debuginfo-5.14.21-150500.55.65.1 * kernel-default-vdso-5.14.21-150500.55.65.1 * kernel-kvmsmall-vdso-5.14.21-150500.55.65.1 * kernel-debug-vdso-debuginfo-5.14.21-150500.55.65.1 * kernel-default-vdso-debuginfo-5.14.21-150500.55.65.1 * openSUSE Leap 15.5 (aarch64 ppc64le x86_64) * kernel-kvmsmall-debuginfo-5.14.21-150500.55.65.1 * kernel-kvmsmall-debugsource-5.14.21-150500.55.65.1 * kernel-default-base-5.14.21-150500.55.65.1.150500.6.29.1 * kernel-kvmsmall-livepatch-devel-5.14.21-150500.55.65.1 * kernel-kvmsmall-devel-5.14.21-150500.55.65.1 * kernel-kvmsmall-devel-debuginfo-5.14.21-150500.55.65.1 * kernel-default-base-rebuild-5.14.21-150500.55.65.1.150500.6.29.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * kernel-obs-qa-5.14.21-150500.55.65.1 * cluster-md-kmp-default-debuginfo-5.14.21-150500.55.65.1 * ocfs2-kmp-default-debuginfo-5.14.21-150500.55.65.1 * kselftests-kmp-default-debuginfo-5.14.21-150500.55.65.1 * kernel-default-livepatch-devel-5.14.21-150500.55.65.1 * kernel-default-debugsource-5.14.21-150500.55.65.1 * kernel-default-optional-debuginfo-5.14.21-150500.55.65.1 * dlm-kmp-default-debuginfo-5.14.21-150500.55.65.1 * kernel-obs-build-debugsource-5.14.21-150500.55.65.1 * gfs2-kmp-default-debuginfo-5.14.21-150500.55.65.1 * gfs2-kmp-default-5.14.21-150500.55.65.1 * reiserfs-kmp-default-5.14.21-150500.55.65.1 * kernel-default-extra-5.14.21-150500.55.65.1 * dlm-kmp-default-5.14.21-150500.55.65.1 * kernel-default-devel-5.14.21-150500.55.65.1 * kselftests-kmp-default-5.14.21-150500.55.65.1 * kernel-obs-build-5.14.21-150500.55.65.1 * kernel-default-livepatch-5.14.21-150500.55.65.1 * kernel-default-optional-5.14.21-150500.55.65.1 * reiserfs-kmp-default-debuginfo-5.14.21-150500.55.65.1 * cluster-md-kmp-default-5.14.21-150500.55.65.1 * kernel-default-debuginfo-5.14.21-150500.55.65.1 * kernel-default-devel-debuginfo-5.14.21-150500.55.65.1 * kernel-default-extra-debuginfo-5.14.21-150500.55.65.1 * ocfs2-kmp-default-5.14.21-150500.55.65.1 * kernel-syms-5.14.21-150500.55.65.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-5.14.21-150500.55.65.1 * openSUSE Leap 15.5 (aarch64 nosrc ppc64le x86_64) * kernel-kvmsmall-5.14.21-150500.55.65.1 * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_65-default-1-150500.11.3.1 * kernel-livepatch-5_14_21-150500_55_65-default-debuginfo-1-150500.11.3.1 * kernel-livepatch-SLE15-SP5_Update_14-debugsource-1-150500.11.3.1 * openSUSE Leap 15.5 (nosrc s390x) * kernel-zfcpdump-5.14.21-150500.55.65.1 * openSUSE Leap 15.5 (s390x) * kernel-zfcpdump-debugsource-5.14.21-150500.55.65.1 * kernel-zfcpdump-debuginfo-5.14.21-150500.55.65.1 * openSUSE Leap 15.5 (nosrc) * dtb-aarch64-5.14.21-150500.55.65.1 * openSUSE Leap 15.5 (aarch64) * dlm-kmp-64kb-debuginfo-5.14.21-150500.55.65.1 * kernel-64kb-extra-5.14.21-150500.55.65.1 * kselftests-kmp-64kb-debuginfo-5.14.21-150500.55.65.1 * kernel-64kb-debugsource-5.14.21-150500.55.65.1 * dtb-amd-5.14.21-150500.55.65.1 * dtb-exynos-5.14.21-150500.55.65.1 * dtb-apple-5.14.21-150500.55.65.1 * dtb-broadcom-5.14.21-150500.55.65.1 * kernel-64kb-debuginfo-5.14.21-150500.55.65.1 * dtb-marvell-5.14.21-150500.55.65.1 * cluster-md-kmp-64kb-debuginfo-5.14.21-150500.55.65.1 * reiserfs-kmp-64kb-5.14.21-150500.55.65.1 * kernel-64kb-optional-debuginfo-5.14.21-150500.55.65.1 * ocfs2-kmp-64kb-5.14.21-150500.55.65.1 * dlm-kmp-64kb-5.14.21-150500.55.65.1 * kernel-64kb-optional-5.14.21-150500.55.65.1 * dtb-nvidia-5.14.21-150500.55.65.1 * dtb-sprd-5.14.21-150500.55.65.1 * kernel-64kb-devel-5.14.21-150500.55.65.1 * ocfs2-kmp-64kb-debuginfo-5.14.21-150500.55.65.1 * reiserfs-kmp-64kb-debuginfo-5.14.21-150500.55.65.1 * gfs2-kmp-64kb-debuginfo-5.14.21-150500.55.65.1 * dtb-xilinx-5.14.21-150500.55.65.1 * kernel-64kb-devel-debuginfo-5.14.21-150500.55.65.1 * dtb-amazon-5.14.21-150500.55.65.1 * dtb-mediatek-5.14.21-150500.55.65.1 * dtb-lg-5.14.21-150500.55.65.1 * dtb-amlogic-5.14.21-150500.55.65.1 * dtb-rockchip-5.14.21-150500.55.65.1 * cluster-md-kmp-64kb-5.14.21-150500.55.65.1 * dtb-allwinner-5.14.21-150500.55.65.1 * kselftests-kmp-64kb-5.14.21-150500.55.65.1 * dtb-hisilicon-5.14.21-150500.55.65.1 * dtb-freescale-5.14.21-150500.55.65.1 * gfs2-kmp-64kb-5.14.21-150500.55.65.1 * dtb-socionext-5.14.21-150500.55.65.1 * dtb-altera-5.14.21-150500.55.65.1 * dtb-renesas-5.14.21-150500.55.65.1 * dtb-arm-5.14.21-150500.55.65.1 * dtb-apm-5.14.21-150500.55.65.1 * kernel-64kb-extra-debuginfo-5.14.21-150500.55.65.1 * dtb-qcom-5.14.21-150500.55.65.1 * kernel-64kb-livepatch-devel-5.14.21-150500.55.65.1 * dtb-cavium-5.14.21-150500.55.65.1 * openSUSE Leap 15.5 (aarch64 nosrc) * kernel-64kb-5.14.21-150500.55.65.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 nosrc s390x x86_64) * kernel-default-5.14.21-150500.55.65.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 x86_64) * kernel-default-base-5.14.21-150500.55.65.1.150500.6.29.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 s390x x86_64) * kernel-default-debugsource-5.14.21-150500.55.65.1 * kernel-default-debuginfo-5.14.21-150500.55.65.1 * Basesystem Module 15-SP5 (aarch64 nosrc) * kernel-64kb-5.14.21-150500.55.65.1 * Basesystem Module 15-SP5 (aarch64) * kernel-64kb-devel-debuginfo-5.14.21-150500.55.65.1 * kernel-64kb-devel-5.14.21-150500.55.65.1 * kernel-64kb-debuginfo-5.14.21-150500.55.65.1 * kernel-64kb-debugsource-5.14.21-150500.55.65.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-5.14.21-150500.55.65.1 * Basesystem Module 15-SP5 (aarch64 ppc64le x86_64) * kernel-default-base-5.14.21-150500.55.65.1.150500.6.29.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * kernel-default-debugsource-5.14.21-150500.55.65.1 * kernel-default-devel-debuginfo-5.14.21-150500.55.65.1 * kernel-default-debuginfo-5.14.21-150500.55.65.1 * kernel-default-devel-5.14.21-150500.55.65.1 * Basesystem Module 15-SP5 (noarch) * kernel-macros-5.14.21-150500.55.65.1 * kernel-devel-5.14.21-150500.55.65.1 * Basesystem Module 15-SP5 (nosrc s390x) * kernel-zfcpdump-5.14.21-150500.55.65.1 * Basesystem Module 15-SP5 (s390x) * kernel-zfcpdump-debugsource-5.14.21-150500.55.65.1 * kernel-zfcpdump-debuginfo-5.14.21-150500.55.65.1 * Development Tools Module 15-SP5 (noarch nosrc) * kernel-docs-5.14.21-150500.55.65.1 * Development Tools Module 15-SP5 (aarch64 ppc64le s390x x86_64) * kernel-obs-build-5.14.21-150500.55.65.1 * kernel-obs-build-debugsource-5.14.21-150500.55.65.1 * kernel-syms-5.14.21-150500.55.65.1 * Development Tools Module 15-SP5 (noarch) * kernel-source-5.14.21-150500.55.65.1 * Legacy Module 15-SP5 (nosrc) * kernel-default-5.14.21-150500.55.65.1 * Legacy Module 15-SP5 (aarch64 ppc64le s390x x86_64) * kernel-default-debugsource-5.14.21-150500.55.65.1 * reiserfs-kmp-default-5.14.21-150500.55.65.1 * kernel-default-debuginfo-5.14.21-150500.55.65.1 * reiserfs-kmp-default-debuginfo-5.14.21-150500.55.65.1 * SUSE Linux Enterprise Live Patching 15-SP5 (nosrc) * kernel-default-5.14.21-150500.55.65.1 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_65-default-1-150500.11.3.1 * kernel-default-livepatch-devel-5.14.21-150500.55.65.1 * kernel-livepatch-SLE15-SP5_Update_14-debugsource-1-150500.11.3.1 * kernel-default-debuginfo-5.14.21-150500.55.65.1 * kernel-default-debugsource-5.14.21-150500.55.65.1 * kernel-livepatch-5_14_21-150500_55_65-default-debuginfo-1-150500.11.3.1 * kernel-default-livepatch-5.14.21-150500.55.65.1 * SUSE Linux Enterprise High Availability Extension 15 SP5 (aarch64 ppc64le s390x x86_64) * cluster-md-kmp-default-5.14.21-150500.55.65.1 * kernel-default-debuginfo-5.14.21-150500.55.65.1 * kernel-default-debugsource-5.14.21-150500.55.65.1 * dlm-kmp-default-debuginfo-5.14.21-150500.55.65.1 * gfs2-kmp-default-debuginfo-5.14.21-150500.55.65.1 * gfs2-kmp-default-5.14.21-150500.55.65.1 * ocfs2-kmp-default-5.14.21-150500.55.65.1 * cluster-md-kmp-default-debuginfo-5.14.21-150500.55.65.1 * ocfs2-kmp-default-debuginfo-5.14.21-150500.55.65.1 * dlm-kmp-default-5.14.21-150500.55.65.1 * SUSE Linux Enterprise High Availability Extension 15 SP5 (nosrc) * kernel-default-5.14.21-150500.55.65.1 * SUSE Linux Enterprise Workstation Extension 15 SP5 (nosrc) * kernel-default-5.14.21-150500.55.65.1 * SUSE Linux Enterprise Workstation Extension 15 SP5 (x86_64) * kernel-default-debugsource-5.14.21-150500.55.65.1 * kernel-default-extra-5.14.21-150500.55.65.1 * kernel-default-debuginfo-5.14.21-150500.55.65.1 * kernel-default-extra-debuginfo-5.14.21-150500.55.65.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1223858 * https://bugzilla.suse.com/show_bug.cgi?id=1224169 * https://bugzilla.suse.com/show_bug.cgi?id=1224340 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 27 16:30:12 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 27 May 2024 16:30:12 -0000 Subject: SUSE-SU-2024:1788-1: important: Security update for apache2 Message-ID: <171682741283.18612.957906200086125605@smelt2.prg2.suse.org> # Security update for apache2 Announcement ID: SUSE-SU-2024:1788-1 Rating: important References: * bsc#1221401 * bsc#1222330 * bsc#1222332 Cross-References: * CVE-2023-38709 * CVE-2024-24795 * CVE-2024-27316 CVSS scores: * CVE-2023-38709 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2024-24795 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2024-27316 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves three vulnerabilities can now be installed. ## Description: This update for apache2 fixes the following issues: * CVE-2023-38709: Fixed faulty input validation inside the HTTP response splitting code (bsc#1222330). * CVE-2024-24795: Fixed handling of malicious HTTP splitting response headers in multiple modules (bsc#1222332). * CVE-2024-27316: Fixed HTTP/2 CONTINUATION frames that could have been utilized for DoS attacks (bsc#1221401). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-1788=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-1788=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-1788=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-1788=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-1788=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-1788=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-1788=1 ## Package List: * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * apache2-2.4.51-150200.3.62.1 * apache2-debugsource-2.4.51-150200.3.62.1 * apache2-debuginfo-2.4.51-150200.3.62.1 * apache2-worker-debuginfo-2.4.51-150200.3.62.1 * apache2-utils-2.4.51-150200.3.62.1 * apache2-prefork-debuginfo-2.4.51-150200.3.62.1 * apache2-prefork-2.4.51-150200.3.62.1 * apache2-worker-2.4.51-150200.3.62.1 * apache2-utils-debuginfo-2.4.51-150200.3.62.1 * apache2-devel-2.4.51-150200.3.62.1 * SUSE Enterprise Storage 7.1 (noarch) * apache2-doc-2.4.51-150200.3.62.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * apache2-2.4.51-150200.3.62.1 * apache2-debugsource-2.4.51-150200.3.62.1 * apache2-debuginfo-2.4.51-150200.3.62.1 * apache2-worker-debuginfo-2.4.51-150200.3.62.1 * apache2-utils-2.4.51-150200.3.62.1 * apache2-prefork-debuginfo-2.4.51-150200.3.62.1 * apache2-prefork-2.4.51-150200.3.62.1 * apache2-worker-2.4.51-150200.3.62.1 * apache2-utils-debuginfo-2.4.51-150200.3.62.1 * apache2-devel-2.4.51-150200.3.62.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (noarch) * apache2-doc-2.4.51-150200.3.62.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * apache2-2.4.51-150200.3.62.1 * apache2-debugsource-2.4.51-150200.3.62.1 * apache2-debuginfo-2.4.51-150200.3.62.1 * apache2-worker-debuginfo-2.4.51-150200.3.62.1 * apache2-utils-2.4.51-150200.3.62.1 * apache2-prefork-debuginfo-2.4.51-150200.3.62.1 * apache2-prefork-2.4.51-150200.3.62.1 * apache2-worker-2.4.51-150200.3.62.1 * apache2-utils-debuginfo-2.4.51-150200.3.62.1 * apache2-devel-2.4.51-150200.3.62.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * apache2-doc-2.4.51-150200.3.62.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * apache2-2.4.51-150200.3.62.1 * apache2-debugsource-2.4.51-150200.3.62.1 * apache2-debuginfo-2.4.51-150200.3.62.1 * apache2-worker-debuginfo-2.4.51-150200.3.62.1 * apache2-utils-2.4.51-150200.3.62.1 * apache2-prefork-debuginfo-2.4.51-150200.3.62.1 * apache2-prefork-2.4.51-150200.3.62.1 * apache2-worker-2.4.51-150200.3.62.1 * apache2-utils-debuginfo-2.4.51-150200.3.62.1 * apache2-devel-2.4.51-150200.3.62.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (noarch) * apache2-doc-2.4.51-150200.3.62.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * apache2-2.4.51-150200.3.62.1 * apache2-debugsource-2.4.51-150200.3.62.1 * apache2-debuginfo-2.4.51-150200.3.62.1 * apache2-worker-debuginfo-2.4.51-150200.3.62.1 * apache2-utils-2.4.51-150200.3.62.1 * apache2-prefork-debuginfo-2.4.51-150200.3.62.1 * apache2-prefork-2.4.51-150200.3.62.1 * apache2-worker-2.4.51-150200.3.62.1 * apache2-utils-debuginfo-2.4.51-150200.3.62.1 * apache2-devel-2.4.51-150200.3.62.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch) * apache2-doc-2.4.51-150200.3.62.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * apache2-2.4.51-150200.3.62.1 * apache2-debugsource-2.4.51-150200.3.62.1 * apache2-debuginfo-2.4.51-150200.3.62.1 * apache2-worker-debuginfo-2.4.51-150200.3.62.1 * apache2-utils-2.4.51-150200.3.62.1 * apache2-prefork-debuginfo-2.4.51-150200.3.62.1 * apache2-prefork-2.4.51-150200.3.62.1 * apache2-worker-2.4.51-150200.3.62.1 * apache2-utils-debuginfo-2.4.51-150200.3.62.1 * apache2-devel-2.4.51-150200.3.62.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (noarch) * apache2-doc-2.4.51-150200.3.62.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * apache2-2.4.51-150200.3.62.1 * apache2-debugsource-2.4.51-150200.3.62.1 * apache2-debuginfo-2.4.51-150200.3.62.1 * apache2-worker-debuginfo-2.4.51-150200.3.62.1 * apache2-utils-2.4.51-150200.3.62.1 * apache2-prefork-debuginfo-2.4.51-150200.3.62.1 * apache2-prefork-2.4.51-150200.3.62.1 * apache2-worker-2.4.51-150200.3.62.1 * apache2-utils-debuginfo-2.4.51-150200.3.62.1 * apache2-devel-2.4.51-150200.3.62.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * apache2-doc-2.4.51-150200.3.62.1 ## References: * https://www.suse.com/security/cve/CVE-2023-38709.html * https://www.suse.com/security/cve/CVE-2024-24795.html * https://www.suse.com/security/cve/CVE-2024-27316.html * https://bugzilla.suse.com/show_bug.cgi?id=1221401 * https://bugzilla.suse.com/show_bug.cgi?id=1222330 * https://bugzilla.suse.com/show_bug.cgi?id=1222332 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 27 20:30:05 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 27 May 2024 20:30:05 -0000 Subject: SUSE-SU-2024:1793-1: moderate: Security update for java-1_8_0-openj9 Message-ID: <171684180543.12437.5635861596330800974@smelt2.prg2.suse.org> # Security update for java-1_8_0-openj9 Announcement ID: SUSE-SU-2024:1793-1 Rating: moderate References: * bsc#1213470 * bsc#1222979 * bsc#1222983 * bsc#1222984 * bsc#1222986 Cross-References: * CVE-2024-21011 * CVE-2024-21068 * CVE-2024-21085 * CVE-2024-21094 CVSS scores: * CVE-2024-21011 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-21068 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2024-21085 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-21094 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N Affected Products: * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Package Hub 15 15-SP5 * SUSE Package Hub 15 15-SP6 An update that solves four vulnerabilities and has one security fix can now be installed. ## Description: This update for java-1_8_0-openj9 fixes the following issues: Update to OpenJDK 8u412 build 08 with OpenJ9 0.44.0 virtual machine: * CVE-2024-21094: Fixed C2 compilation failure with "Exceeded _node_regs array" (bsc#1222986). * CVE-2024-21011: Fixed long Exception message leading to crash (bsc#1222979). * CVE-2024-21085: Fixed Pack200 excessive memory allocation (bsc#1222984). * CVE-2024-21068: Fixed integer overflow in C1 compiler address generation (bsc#1222983). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-1793=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-1793=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-1793=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1793=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * java-1_8_0-openj9-headless-debuginfo-1.8.0.412-150200.3.45.2 * java-1_8_0-openj9-debuginfo-1.8.0.412-150200.3.45.2 * java-1_8_0-openj9-devel-1.8.0.412-150200.3.45.2 * java-1_8_0-openj9-demo-debuginfo-1.8.0.412-150200.3.45.2 * java-1_8_0-openj9-demo-1.8.0.412-150200.3.45.2 * java-1_8_0-openj9-debugsource-1.8.0.412-150200.3.45.2 * java-1_8_0-openj9-src-1.8.0.412-150200.3.45.2 * java-1_8_0-openj9-1.8.0.412-150200.3.45.2 * java-1_8_0-openj9-accessibility-1.8.0.412-150200.3.45.2 * java-1_8_0-openj9-headless-1.8.0.412-150200.3.45.2 * java-1_8_0-openj9-devel-debuginfo-1.8.0.412-150200.3.45.2 * openSUSE Leap 15.6 (noarch) * java-1_8_0-openj9-javadoc-1.8.0.412-150200.3.45.2 * SUSE Package Hub 15 15-SP5 (ppc64le s390x) * java-1_8_0-openj9-headless-debuginfo-1.8.0.412-150200.3.45.2 * java-1_8_0-openj9-debuginfo-1.8.0.412-150200.3.45.2 * java-1_8_0-openj9-devel-1.8.0.412-150200.3.45.2 * java-1_8_0-openj9-demo-debuginfo-1.8.0.412-150200.3.45.2 * java-1_8_0-openj9-demo-1.8.0.412-150200.3.45.2 * java-1_8_0-openj9-debugsource-1.8.0.412-150200.3.45.2 * java-1_8_0-openj9-src-1.8.0.412-150200.3.45.2 * java-1_8_0-openj9-1.8.0.412-150200.3.45.2 * java-1_8_0-openj9-accessibility-1.8.0.412-150200.3.45.2 * java-1_8_0-openj9-headless-1.8.0.412-150200.3.45.2 * java-1_8_0-openj9-devel-debuginfo-1.8.0.412-150200.3.45.2 * SUSE Package Hub 15 15-SP6 (ppc64le s390x) * java-1_8_0-openj9-headless-debuginfo-1.8.0.412-150200.3.45.2 * java-1_8_0-openj9-debuginfo-1.8.0.412-150200.3.45.2 * java-1_8_0-openj9-devel-1.8.0.412-150200.3.45.2 * java-1_8_0-openj9-demo-debuginfo-1.8.0.412-150200.3.45.2 * java-1_8_0-openj9-demo-1.8.0.412-150200.3.45.2 * java-1_8_0-openj9-debugsource-1.8.0.412-150200.3.45.2 * java-1_8_0-openj9-src-1.8.0.412-150200.3.45.2 * java-1_8_0-openj9-1.8.0.412-150200.3.45.2 * java-1_8_0-openj9-accessibility-1.8.0.412-150200.3.45.2 * java-1_8_0-openj9-headless-1.8.0.412-150200.3.45.2 * java-1_8_0-openj9-devel-debuginfo-1.8.0.412-150200.3.45.2 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * java-1_8_0-openj9-headless-debuginfo-1.8.0.412-150200.3.45.2 * java-1_8_0-openj9-debuginfo-1.8.0.412-150200.3.45.2 * java-1_8_0-openj9-devel-1.8.0.412-150200.3.45.2 * java-1_8_0-openj9-demo-debuginfo-1.8.0.412-150200.3.45.2 * java-1_8_0-openj9-demo-1.8.0.412-150200.3.45.2 * java-1_8_0-openj9-debugsource-1.8.0.412-150200.3.45.2 * java-1_8_0-openj9-src-1.8.0.412-150200.3.45.2 * java-1_8_0-openj9-1.8.0.412-150200.3.45.2 * java-1_8_0-openj9-accessibility-1.8.0.412-150200.3.45.2 * java-1_8_0-openj9-headless-1.8.0.412-150200.3.45.2 * java-1_8_0-openj9-devel-debuginfo-1.8.0.412-150200.3.45.2 * openSUSE Leap 15.5 (noarch) * java-1_8_0-openj9-javadoc-1.8.0.412-150200.3.45.2 ## References: * https://www.suse.com/security/cve/CVE-2024-21011.html * https://www.suse.com/security/cve/CVE-2024-21068.html * https://www.suse.com/security/cve/CVE-2024-21085.html * https://www.suse.com/security/cve/CVE-2024-21094.html * https://bugzilla.suse.com/show_bug.cgi?id=1213470 * https://bugzilla.suse.com/show_bug.cgi?id=1222979 * https://bugzilla.suse.com/show_bug.cgi?id=1222983 * https://bugzilla.suse.com/show_bug.cgi?id=1222984 * https://bugzilla.suse.com/show_bug.cgi?id=1222986 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue May 28 16:30:03 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 28 May 2024 16:30:03 -0000 Subject: SUSE-SU-2024:1804-1: critical: Security update for the Linux Kernel Message-ID: <171691380339.27874.1756186127823783317@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2024:1804-1 Rating: critical References: * bsc#1224785 Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Real Time 12 SP5 * SUSE Linux Enterprise Server 12 SP5 An update that has one security fix can now be installed. ## Description: The SUSE Linux Enterprise 12 SP5 RT kernel was updated to receive various security bugfixes. The update is fixing a regression with nfs that could lead to data corruption. The following bugs were fixed: * nfs: Fix error handling for O_DIRECT write scheduling (bsc#1224785). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Real Time 12 SP5 zypper in -t patch SUSE-SLE-RT-12-SP5-2024-1804=1 ## Package List: * SUSE Linux Enterprise Real Time 12 SP5 (x86_64) * dlm-kmp-rt-4.12.14-10.185.1 * kernel-rt-base-4.12.14-10.185.1 * kernel-rt-devel-4.12.14-10.185.1 * dlm-kmp-rt-debuginfo-4.12.14-10.185.1 * cluster-md-kmp-rt-4.12.14-10.185.1 * cluster-md-kmp-rt-debuginfo-4.12.14-10.185.1 * gfs2-kmp-rt-debuginfo-4.12.14-10.185.1 * kernel-rt_debug-devel-4.12.14-10.185.1 * kernel-rt_debug-devel-debuginfo-4.12.14-10.185.1 * kernel-rt_debug-debugsource-4.12.14-10.185.1 * kernel-rt-debugsource-4.12.14-10.185.1 * kernel-rt-devel-debuginfo-4.12.14-10.185.1 * kernel-rt-base-debuginfo-4.12.14-10.185.1 * kernel-syms-rt-4.12.14-10.185.1 * ocfs2-kmp-rt-4.12.14-10.185.1 * ocfs2-kmp-rt-debuginfo-4.12.14-10.185.1 * kernel-rt_debug-debuginfo-4.12.14-10.185.1 * kernel-rt-debuginfo-4.12.14-10.185.1 * gfs2-kmp-rt-4.12.14-10.185.1 * SUSE Linux Enterprise Real Time 12 SP5 (noarch) * kernel-source-rt-4.12.14-10.185.1 * kernel-devel-rt-4.12.14-10.185.1 * SUSE Linux Enterprise Real Time 12 SP5 (nosrc x86_64) * kernel-rt_debug-4.12.14-10.185.1 * kernel-rt-4.12.14-10.185.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1224785 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue May 28 16:30:05 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 28 May 2024 16:30:05 -0000 Subject: SUSE-SU-2024:1803-1: important: Security update for xdg-desktop-portal Message-ID: <171691380520.27874.1454498808418027119@smelt2.prg2.suse.org> # Security update for xdg-desktop-portal Announcement ID: SUSE-SU-2024:1803-1 Rating: important References: * bsc#1223110 Cross-References: * CVE-2024-32462 CVSS scores: * CVE-2024-32462 ( SUSE ): 8.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N Affected Products: * Desktop Applications Module 15-SP5 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for xdg-desktop-portal fixes the following issues: * CVE-2024-32462: Fixed sandbox escape via RequestBackground portal (bsc#1223110). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-1803=1 openSUSE-SLE-15.5-2024-1803=1 * Desktop Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP5-2024-1803=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * xdg-desktop-portal-1.16.0-150500.3.6.1 * xdg-desktop-portal-devel-1.16.0-150500.3.6.1 * xdg-desktop-portal-debugsource-1.16.0-150500.3.6.1 * xdg-desktop-portal-debuginfo-1.16.0-150500.3.6.1 * openSUSE Leap 15.5 (noarch) * xdg-desktop-portal-lang-1.16.0-150500.3.6.1 * Desktop Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * xdg-desktop-portal-1.16.0-150500.3.6.1 * xdg-desktop-portal-devel-1.16.0-150500.3.6.1 * xdg-desktop-portal-debugsource-1.16.0-150500.3.6.1 * xdg-desktop-portal-debuginfo-1.16.0-150500.3.6.1 * Desktop Applications Module 15-SP5 (noarch) * xdg-desktop-portal-lang-1.16.0-150500.3.6.1 ## References: * https://www.suse.com/security/cve/CVE-2024-32462.html * https://bugzilla.suse.com/show_bug.cgi?id=1223110 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue May 28 16:30:10 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 28 May 2024 16:30:10 -0000 Subject: SUSE-SU-2024:1801-1: important: Security update for the Linux Kernel Message-ID: <171691381095.27874.7068011981011650704@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2024:1801-1 Rating: important References: * bsc#1223858 * bsc#1224169 * bsc#1224340 Affected Products: * openSUSE Leap 15.5 * Public Cloud Module 15-SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that has three security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP5 Azure kernel was updated to receive various security bugfixes. This update fixes a regression with kerberized nfs4 shares in the previous update (bsc#1223858). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1801=1 SUSE-2024-1801=1 * Public Cloud Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP5-2024-1801=1 ## Package List: * openSUSE Leap 15.5 (aarch64 x86_64) * kernel-azure-debugsource-5.14.21-150500.33.54.1 * kernel-azure-extra-5.14.21-150500.33.54.1 * cluster-md-kmp-azure-debuginfo-5.14.21-150500.33.54.1 * kernel-azure-devel-debuginfo-5.14.21-150500.33.54.1 * cluster-md-kmp-azure-5.14.21-150500.33.54.1 * kernel-azure-debuginfo-5.14.21-150500.33.54.1 * dlm-kmp-azure-5.14.21-150500.33.54.1 * gfs2-kmp-azure-5.14.21-150500.33.54.1 * kernel-azure-devel-5.14.21-150500.33.54.1 * kernel-azure-optional-5.14.21-150500.33.54.1 * kernel-syms-azure-5.14.21-150500.33.54.1 * reiserfs-kmp-azure-5.14.21-150500.33.54.1 * kernel-azure-livepatch-devel-5.14.21-150500.33.54.1 * kselftests-kmp-azure-debuginfo-5.14.21-150500.33.54.1 * ocfs2-kmp-azure-debuginfo-5.14.21-150500.33.54.1 * dlm-kmp-azure-debuginfo-5.14.21-150500.33.54.1 * kernel-azure-extra-debuginfo-5.14.21-150500.33.54.1 * reiserfs-kmp-azure-debuginfo-5.14.21-150500.33.54.1 * kernel-azure-optional-debuginfo-5.14.21-150500.33.54.1 * gfs2-kmp-azure-debuginfo-5.14.21-150500.33.54.1 * ocfs2-kmp-azure-5.14.21-150500.33.54.1 * kselftests-kmp-azure-5.14.21-150500.33.54.1 * openSUSE Leap 15.5 (aarch64 nosrc x86_64) * kernel-azure-5.14.21-150500.33.54.1 * openSUSE Leap 15.5 (x86_64) * kernel-azure-vdso-debuginfo-5.14.21-150500.33.54.1 * kernel-azure-vdso-5.14.21-150500.33.54.1 * openSUSE Leap 15.5 (noarch) * kernel-devel-azure-5.14.21-150500.33.54.1 * kernel-source-azure-5.14.21-150500.33.54.1 * Public Cloud Module 15-SP5 (aarch64 nosrc x86_64) * kernel-azure-5.14.21-150500.33.54.1 * Public Cloud Module 15-SP5 (aarch64 x86_64) * kernel-azure-debugsource-5.14.21-150500.33.54.1 * kernel-azure-debuginfo-5.14.21-150500.33.54.1 * kernel-syms-azure-5.14.21-150500.33.54.1 * kernel-azure-devel-debuginfo-5.14.21-150500.33.54.1 * kernel-azure-devel-5.14.21-150500.33.54.1 * Public Cloud Module 15-SP5 (noarch) * kernel-devel-azure-5.14.21-150500.33.54.1 * kernel-source-azure-5.14.21-150500.33.54.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1223858 * https://bugzilla.suse.com/show_bug.cgi?id=1224169 * https://bugzilla.suse.com/show_bug.cgi?id=1224340 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue May 28 20:30:02 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 28 May 2024 20:30:02 -0000 Subject: SUSE-SU-2024:1805-1: important: Security update for glibc-livepatches Message-ID: <171692820272.633.11217521686174802317@smelt2.prg2.suse.org> # Security update for glibc-livepatches Announcement ID: SUSE-SU-2024:1805-1 Rating: important References: * bsc#1223019 Cross-References: * CVE-2024-2961 CVSS scores: * CVE-2024-2961 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for glibc-livepatches fixes the following issues: * CVE-2024-2961: Fixed that the iconv() function in the GNU C Library may overflow the output buffer passed to it by up to 4 bytes when converting strings to the ISO-2022-CN-EXT character set (bsc#1223019). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-1805=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-1805=1 * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2024-1805=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP5 (x86_64) * glibc-livepatches-0.1-150400.3.3.1 * openSUSE Leap 15.4 (x86_64) * glibc-livepatches-0.1-150400.3.3.1 * glibc-livepatches-debuginfo-0.1-150400.3.3.1 * glibc-livepatches-debugsource-0.1-150400.3.3.1 * SUSE Linux Enterprise Live Patching 15-SP4 (x86_64) * glibc-livepatches-0.1-150400.3.3.1 ## References: * https://www.suse.com/security/cve/CVE-2024-2961.html * https://bugzilla.suse.com/show_bug.cgi?id=1223019 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 29 08:30:06 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 29 May 2024 08:30:06 -0000 Subject: SUSE-SU-2024:0461-2: important: Security update for libxml2 Message-ID: <171697140631.25860.7685460030345541701@smelt2.prg2.suse.org> # Security update for libxml2 Announcement ID: SUSE-SU-2024:0461-2 Rating: important References: * bsc#1219576 Cross-References: * CVE-2024-25062 CVSS scores: * CVE-2024-25062 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-25062 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves one vulnerability can now be installed. ## Description: This update for libxml2 fixes the following issues: * CVE-2024-25062: Fixed use-after-free in XMLReader (bsc#1219576). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-461=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-461=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-461=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-461=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-461=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-461=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-461=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-461=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-461=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-461=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-461=1 ## Package List: * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * libxml2-tools-debuginfo-2.9.7-150000.3.66.1 * libxml2-2-debuginfo-2.9.7-150000.3.66.1 * python3-libxml2-python-debuginfo-2.9.7-150000.3.66.1 * python3-libxml2-python-2.9.7-150000.3.66.1 * libxml2-devel-2.9.7-150000.3.66.1 * python2-libxml2-python-debuginfo-2.9.7-150000.3.66.1 * libxml2-debugsource-2.9.7-150000.3.66.1 * libxml2-2-2.9.7-150000.3.66.1 * libxml2-tools-2.9.7-150000.3.66.1 * python2-libxml2-python-2.9.7-150000.3.66.1 * python-libxml2-python-debugsource-2.9.7-150000.3.66.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (x86_64) * libxml2-2-32bit-2.9.7-150000.3.66.1 * libxml2-2-32bit-debuginfo-2.9.7-150000.3.66.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * libxml2-tools-debuginfo-2.9.7-150000.3.66.1 * libxml2-2-debuginfo-2.9.7-150000.3.66.1 * python3-libxml2-python-debuginfo-2.9.7-150000.3.66.1 * python3-libxml2-python-2.9.7-150000.3.66.1 * libxml2-devel-2.9.7-150000.3.66.1 * libxml2-debugsource-2.9.7-150000.3.66.1 * libxml2-2-2.9.7-150000.3.66.1 * libxml2-tools-2.9.7-150000.3.66.1 * python-libxml2-python-debugsource-2.9.7-150000.3.66.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (x86_64) * libxml2-2-32bit-2.9.7-150000.3.66.1 * libxml2-2-32bit-debuginfo-2.9.7-150000.3.66.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * libxml2-tools-debuginfo-2.9.7-150000.3.66.1 * libxml2-2-debuginfo-2.9.7-150000.3.66.1 * python3-libxml2-python-debuginfo-2.9.7-150000.3.66.1 * python3-libxml2-python-2.9.7-150000.3.66.1 * libxml2-devel-2.9.7-150000.3.66.1 * python2-libxml2-python-debuginfo-2.9.7-150000.3.66.1 * libxml2-debugsource-2.9.7-150000.3.66.1 * libxml2-2-2.9.7-150000.3.66.1 * libxml2-tools-2.9.7-150000.3.66.1 * python2-libxml2-python-2.9.7-150000.3.66.1 * python-libxml2-python-debugsource-2.9.7-150000.3.66.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (x86_64) * libxml2-2-32bit-2.9.7-150000.3.66.1 * libxml2-2-32bit-debuginfo-2.9.7-150000.3.66.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * libxml2-tools-debuginfo-2.9.7-150000.3.66.1 * libxml2-2-debuginfo-2.9.7-150000.3.66.1 * python3-libxml2-python-debuginfo-2.9.7-150000.3.66.1 * python3-libxml2-python-2.9.7-150000.3.66.1 * libxml2-devel-2.9.7-150000.3.66.1 * libxml2-debugsource-2.9.7-150000.3.66.1 * libxml2-2-2.9.7-150000.3.66.1 * libxml2-tools-2.9.7-150000.3.66.1 * python-libxml2-python-debugsource-2.9.7-150000.3.66.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (x86_64) * libxml2-2-32bit-2.9.7-150000.3.66.1 * libxml2-2-32bit-debuginfo-2.9.7-150000.3.66.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * libxml2-tools-debuginfo-2.9.7-150000.3.66.1 * libxml2-2-debuginfo-2.9.7-150000.3.66.1 * python3-libxml2-python-debuginfo-2.9.7-150000.3.66.1 * python3-libxml2-python-2.9.7-150000.3.66.1 * libxml2-devel-2.9.7-150000.3.66.1 * libxml2-debugsource-2.9.7-150000.3.66.1 * libxml2-2-2.9.7-150000.3.66.1 * libxml2-tools-2.9.7-150000.3.66.1 * python-libxml2-python-debugsource-2.9.7-150000.3.66.1 * SUSE Enterprise Storage 7.1 (x86_64) * libxml2-2-32bit-2.9.7-150000.3.66.1 * libxml2-2-32bit-debuginfo-2.9.7-150000.3.66.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * python3-libxml2-python-debuginfo-2.9.7-150000.3.66.1 * python3-libxml2-python-2.9.7-150000.3.66.1 * python-libxml2-python-debugsource-2.9.7-150000.3.66.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * libxml2-tools-debuginfo-2.9.7-150000.3.66.1 * libxml2-2-debuginfo-2.9.7-150000.3.66.1 * libxml2-debugsource-2.9.7-150000.3.66.1 * libxml2-2-2.9.7-150000.3.66.1 * libxml2-tools-2.9.7-150000.3.66.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * libxml2-tools-debuginfo-2.9.7-150000.3.66.1 * libxml2-2-debuginfo-2.9.7-150000.3.66.1 * python3-libxml2-python-debuginfo-2.9.7-150000.3.66.1 * python3-libxml2-python-2.9.7-150000.3.66.1 * libxml2-debugsource-2.9.7-150000.3.66.1 * libxml2-2-2.9.7-150000.3.66.1 * libxml2-tools-2.9.7-150000.3.66.1 * python-libxml2-python-debugsource-2.9.7-150000.3.66.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * libxml2-tools-debuginfo-2.9.7-150000.3.66.1 * libxml2-2-debuginfo-2.9.7-150000.3.66.1 * python3-libxml2-python-debuginfo-2.9.7-150000.3.66.1 * python3-libxml2-python-2.9.7-150000.3.66.1 * libxml2-debugsource-2.9.7-150000.3.66.1 * libxml2-2-2.9.7-150000.3.66.1 * libxml2-tools-2.9.7-150000.3.66.1 * python-libxml2-python-debugsource-2.9.7-150000.3.66.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * libxml2-tools-debuginfo-2.9.7-150000.3.66.1 * libxml2-2-debuginfo-2.9.7-150000.3.66.1 * python3-libxml2-python-debuginfo-2.9.7-150000.3.66.1 * python3-libxml2-python-2.9.7-150000.3.66.1 * libxml2-devel-2.9.7-150000.3.66.1 * python2-libxml2-python-debuginfo-2.9.7-150000.3.66.1 * libxml2-debugsource-2.9.7-150000.3.66.1 * libxml2-2-2.9.7-150000.3.66.1 * libxml2-tools-2.9.7-150000.3.66.1 * python2-libxml2-python-2.9.7-150000.3.66.1 * python-libxml2-python-debugsource-2.9.7-150000.3.66.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (x86_64) * libxml2-2-32bit-2.9.7-150000.3.66.1 * libxml2-2-32bit-debuginfo-2.9.7-150000.3.66.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * libxml2-tools-debuginfo-2.9.7-150000.3.66.1 * libxml2-2-debuginfo-2.9.7-150000.3.66.1 * python3-libxml2-python-debuginfo-2.9.7-150000.3.66.1 * python3-libxml2-python-2.9.7-150000.3.66.1 * libxml2-devel-2.9.7-150000.3.66.1 * libxml2-debugsource-2.9.7-150000.3.66.1 * libxml2-2-2.9.7-150000.3.66.1 * libxml2-tools-2.9.7-150000.3.66.1 * python-libxml2-python-debugsource-2.9.7-150000.3.66.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (x86_64) * libxml2-2-32bit-2.9.7-150000.3.66.1 * libxml2-2-32bit-debuginfo-2.9.7-150000.3.66.1 ## References: * https://www.suse.com/security/cve/CVE-2024-25062.html * https://bugzilla.suse.com/show_bug.cgi?id=1219576 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 29 08:30:11 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 29 May 2024 08:30:11 -0000 Subject: SUSE-SU-2024:1808-1: moderate: Security update for openssl-1_1 Message-ID: <171697141163.25860.10615047388456429048@smelt2.prg2.suse.org> # Security update for openssl-1_1 Announcement ID: SUSE-SU-2024:1808-1 Rating: moderate References: * bsc#1222548 Cross-References: * CVE-2024-2511 CVSS scores: * CVE-2024-2511 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for openssl-1_1 fixes the following issues: * CVE-2024-2511: Fixed unconstrained session cache growth in TLSv1.3 (bsc#1222548). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-1808=1 openSUSE-SLE-15.5-2024-1808=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-1808=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-1808=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * libopenssl1_1-debuginfo-1.1.1l-150500.17.28.2 * openssl-1_1-debugsource-1.1.1l-150500.17.28.2 * libopenssl1_1-hmac-1.1.1l-150500.17.28.2 * openssl-1_1-1.1.1l-150500.17.28.2 * openssl-1_1-debuginfo-1.1.1l-150500.17.28.2 * libopenssl1_1-1.1.1l-150500.17.28.2 * libopenssl-1_1-devel-1.1.1l-150500.17.28.2 * openSUSE Leap 15.5 (x86_64) * libopenssl1_1-32bit-1.1.1l-150500.17.28.2 * libopenssl1_1-hmac-32bit-1.1.1l-150500.17.28.2 * libopenssl1_1-32bit-debuginfo-1.1.1l-150500.17.28.2 * libopenssl-1_1-devel-32bit-1.1.1l-150500.17.28.2 * openSUSE Leap 15.5 (noarch) * openssl-1_1-doc-1.1.1l-150500.17.28.2 * openSUSE Leap 15.5 (aarch64_ilp32) * libopenssl1_1-64bit-1.1.1l-150500.17.28.2 * libopenssl1_1-64bit-debuginfo-1.1.1l-150500.17.28.2 * libopenssl1_1-hmac-64bit-1.1.1l-150500.17.28.2 * libopenssl-1_1-devel-64bit-1.1.1l-150500.17.28.2 * SUSE Linux Enterprise Micro 5.5 (aarch64 s390x x86_64) * libopenssl1_1-debuginfo-1.1.1l-150500.17.28.2 * openssl-1_1-debugsource-1.1.1l-150500.17.28.2 * libopenssl1_1-hmac-1.1.1l-150500.17.28.2 * openssl-1_1-1.1.1l-150500.17.28.2 * openssl-1_1-debuginfo-1.1.1l-150500.17.28.2 * libopenssl1_1-1.1.1l-150500.17.28.2 * libopenssl-1_1-devel-1.1.1l-150500.17.28.2 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * libopenssl1_1-debuginfo-1.1.1l-150500.17.28.2 * openssl-1_1-debugsource-1.1.1l-150500.17.28.2 * libopenssl1_1-hmac-1.1.1l-150500.17.28.2 * openssl-1_1-1.1.1l-150500.17.28.2 * openssl-1_1-debuginfo-1.1.1l-150500.17.28.2 * libopenssl1_1-1.1.1l-150500.17.28.2 * libopenssl-1_1-devel-1.1.1l-150500.17.28.2 * Basesystem Module 15-SP5 (x86_64) * libopenssl1_1-32bit-1.1.1l-150500.17.28.2 * libopenssl1_1-hmac-32bit-1.1.1l-150500.17.28.2 * libopenssl1_1-32bit-debuginfo-1.1.1l-150500.17.28.2 ## References: * https://www.suse.com/security/cve/CVE-2024-2511.html * https://bugzilla.suse.com/show_bug.cgi?id=1222548 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 29 08:30:15 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 29 May 2024 08:30:15 -0000 Subject: SUSE-SU-2024:1807-1: important: Security update for git Message-ID: <171697141522.25860.16416469888584509636@smelt2.prg2.suse.org> # Security update for git Announcement ID: SUSE-SU-2024:1807-1 Rating: important References: * bsc#1224168 * bsc#1224170 * bsc#1224171 * bsc#1224172 * bsc#1224173 Cross-References: * CVE-2024-32002 * CVE-2024-32004 * CVE-2024-32020 * CVE-2024-32021 * CVE-2024-32465 CVSS scores: * CVE-2024-32002 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-32002 ( NVD ): 9.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H * CVE-2024-32004 ( SUSE ): 8.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H * CVE-2024-32020 ( SUSE ): 3.9 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:L * CVE-2024-32021 ( SUSE ): 3.9 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:L * CVE-2024-32465 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP5 * Development Tools Module 15-SP5 * openSUSE Leap 15.3 * openSUSE Leap 15.5 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves five vulnerabilities can now be installed. ## Description: This update for git fixes the following issues: * CVE-2024-32002: Fixed recursive clones on case-insensitive filesystems that support symbolic links are susceptible to case confusion (bsc#1224168). * CVE-2024-32004: Fixed arbitrary code execution during local clones (bsc#1224170). * CVE-2024-32020: Fixed file overwriting vulnerability during local clones (bsc#1224171). * CVE-2024-32021: Fixed git may create hardlinks to arbitrary user-readable files (bsc#1224172). * CVE-2024-32465: Fixed arbitrary code execution during clone operations (bsc#1224173). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1807=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-1807=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-1807=1 * Development Tools Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2024-1807=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-1807=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-1807=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-1807=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-1807=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-1807=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-1807=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-1807=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-1807=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-1807=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-1807=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-1807=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-1807=1 * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-1807=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * git-credential-libsecret-2.35.3-150300.10.39.1 * git-credential-libsecret-debuginfo-2.35.3-150300.10.39.1 * git-daemon-2.35.3-150300.10.39.1 * git-core-debuginfo-2.35.3-150300.10.39.1 * git-core-2.35.3-150300.10.39.1 * git-cvs-2.35.3-150300.10.39.1 * git-daemon-debuginfo-2.35.3-150300.10.39.1 * git-2.35.3-150300.10.39.1 * git-svn-2.35.3-150300.10.39.1 * gitk-2.35.3-150300.10.39.1 * git-credential-gnome-keyring-debuginfo-2.35.3-150300.10.39.1 * perl-Git-2.35.3-150300.10.39.1 * git-credential-gnome-keyring-2.35.3-150300.10.39.1 * git-email-2.35.3-150300.10.39.1 * git-arch-2.35.3-150300.10.39.1 * git-debugsource-2.35.3-150300.10.39.1 * git-gui-2.35.3-150300.10.39.1 * git-p4-2.35.3-150300.10.39.1 * git-debuginfo-2.35.3-150300.10.39.1 * git-web-2.35.3-150300.10.39.1 * openSUSE Leap 15.5 (noarch) * git-doc-2.35.3-150300.10.39.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 s390x x86_64) * git-core-debuginfo-2.35.3-150300.10.39.1 * git-core-2.35.3-150300.10.39.1 * git-2.35.3-150300.10.39.1 * perl-Git-2.35.3-150300.10.39.1 * git-debugsource-2.35.3-150300.10.39.1 * git-debuginfo-2.35.3-150300.10.39.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * git-debuginfo-2.35.3-150300.10.39.1 * git-debugsource-2.35.3-150300.10.39.1 * git-core-debuginfo-2.35.3-150300.10.39.1 * git-core-2.35.3-150300.10.39.1 * Development Tools Module 15-SP5 (aarch64 ppc64le s390x x86_64) * git-daemon-2.35.3-150300.10.39.1 * gitk-2.35.3-150300.10.39.1 * git-cvs-2.35.3-150300.10.39.1 * git-daemon-debuginfo-2.35.3-150300.10.39.1 * git-2.35.3-150300.10.39.1 * git-svn-2.35.3-150300.10.39.1 * perl-Git-2.35.3-150300.10.39.1 * git-email-2.35.3-150300.10.39.1 * git-arch-2.35.3-150300.10.39.1 * git-debugsource-2.35.3-150300.10.39.1 * git-gui-2.35.3-150300.10.39.1 * git-debuginfo-2.35.3-150300.10.39.1 * git-web-2.35.3-150300.10.39.1 * Development Tools Module 15-SP5 (noarch) * git-doc-2.35.3-150300.10.39.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * git-daemon-2.35.3-150300.10.39.1 * git-core-debuginfo-2.35.3-150300.10.39.1 * git-core-2.35.3-150300.10.39.1 * git-cvs-2.35.3-150300.10.39.1 * git-daemon-debuginfo-2.35.3-150300.10.39.1 * git-2.35.3-150300.10.39.1 * git-svn-2.35.3-150300.10.39.1 * gitk-2.35.3-150300.10.39.1 * perl-Git-2.35.3-150300.10.39.1 * git-email-2.35.3-150300.10.39.1 * git-arch-2.35.3-150300.10.39.1 * git-debugsource-2.35.3-150300.10.39.1 * git-gui-2.35.3-150300.10.39.1 * git-debuginfo-2.35.3-150300.10.39.1 * git-web-2.35.3-150300.10.39.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * git-doc-2.35.3-150300.10.39.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * git-daemon-2.35.3-150300.10.39.1 * git-core-debuginfo-2.35.3-150300.10.39.1 * git-core-2.35.3-150300.10.39.1 * git-cvs-2.35.3-150300.10.39.1 * git-daemon-debuginfo-2.35.3-150300.10.39.1 * git-2.35.3-150300.10.39.1 * git-svn-2.35.3-150300.10.39.1 * gitk-2.35.3-150300.10.39.1 * perl-Git-2.35.3-150300.10.39.1 * git-email-2.35.3-150300.10.39.1 * git-arch-2.35.3-150300.10.39.1 * git-debugsource-2.35.3-150300.10.39.1 * git-gui-2.35.3-150300.10.39.1 * git-debuginfo-2.35.3-150300.10.39.1 * git-web-2.35.3-150300.10.39.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * git-doc-2.35.3-150300.10.39.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * git-daemon-2.35.3-150300.10.39.1 * git-core-debuginfo-2.35.3-150300.10.39.1 * git-core-2.35.3-150300.10.39.1 * git-cvs-2.35.3-150300.10.39.1 * git-daemon-debuginfo-2.35.3-150300.10.39.1 * git-2.35.3-150300.10.39.1 * git-svn-2.35.3-150300.10.39.1 * gitk-2.35.3-150300.10.39.1 * perl-Git-2.35.3-150300.10.39.1 * git-email-2.35.3-150300.10.39.1 * git-arch-2.35.3-150300.10.39.1 * git-debugsource-2.35.3-150300.10.39.1 * git-gui-2.35.3-150300.10.39.1 * git-debuginfo-2.35.3-150300.10.39.1 * git-web-2.35.3-150300.10.39.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * git-doc-2.35.3-150300.10.39.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * git-daemon-2.35.3-150300.10.39.1 * git-core-debuginfo-2.35.3-150300.10.39.1 * git-core-2.35.3-150300.10.39.1 * git-cvs-2.35.3-150300.10.39.1 * git-daemon-debuginfo-2.35.3-150300.10.39.1 * git-2.35.3-150300.10.39.1 * git-svn-2.35.3-150300.10.39.1 * gitk-2.35.3-150300.10.39.1 * perl-Git-2.35.3-150300.10.39.1 * git-email-2.35.3-150300.10.39.1 * git-arch-2.35.3-150300.10.39.1 * git-debugsource-2.35.3-150300.10.39.1 * git-gui-2.35.3-150300.10.39.1 * git-debuginfo-2.35.3-150300.10.39.1 * git-web-2.35.3-150300.10.39.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (noarch) * git-doc-2.35.3-150300.10.39.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * git-daemon-2.35.3-150300.10.39.1 * git-core-debuginfo-2.35.3-150300.10.39.1 * git-core-2.35.3-150300.10.39.1 * git-cvs-2.35.3-150300.10.39.1 * git-daemon-debuginfo-2.35.3-150300.10.39.1 * git-2.35.3-150300.10.39.1 * git-svn-2.35.3-150300.10.39.1 * gitk-2.35.3-150300.10.39.1 * perl-Git-2.35.3-150300.10.39.1 * git-email-2.35.3-150300.10.39.1 * git-arch-2.35.3-150300.10.39.1 * git-debugsource-2.35.3-150300.10.39.1 * git-gui-2.35.3-150300.10.39.1 * git-debuginfo-2.35.3-150300.10.39.1 * git-web-2.35.3-150300.10.39.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch) * git-doc-2.35.3-150300.10.39.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * git-daemon-2.35.3-150300.10.39.1 * git-core-debuginfo-2.35.3-150300.10.39.1 * git-core-2.35.3-150300.10.39.1 * git-cvs-2.35.3-150300.10.39.1 * git-daemon-debuginfo-2.35.3-150300.10.39.1 * git-2.35.3-150300.10.39.1 * git-svn-2.35.3-150300.10.39.1 * gitk-2.35.3-150300.10.39.1 * perl-Git-2.35.3-150300.10.39.1 * git-email-2.35.3-150300.10.39.1 * git-arch-2.35.3-150300.10.39.1 * git-debugsource-2.35.3-150300.10.39.1 * git-gui-2.35.3-150300.10.39.1 * git-debuginfo-2.35.3-150300.10.39.1 * git-web-2.35.3-150300.10.39.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch) * git-doc-2.35.3-150300.10.39.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * git-daemon-2.35.3-150300.10.39.1 * git-core-debuginfo-2.35.3-150300.10.39.1 * git-core-2.35.3-150300.10.39.1 * git-cvs-2.35.3-150300.10.39.1 * git-daemon-debuginfo-2.35.3-150300.10.39.1 * git-2.35.3-150300.10.39.1 * git-svn-2.35.3-150300.10.39.1 * gitk-2.35.3-150300.10.39.1 * perl-Git-2.35.3-150300.10.39.1 * git-email-2.35.3-150300.10.39.1 * git-arch-2.35.3-150300.10.39.1 * git-debugsource-2.35.3-150300.10.39.1 * git-gui-2.35.3-150300.10.39.1 * git-debuginfo-2.35.3-150300.10.39.1 * git-web-2.35.3-150300.10.39.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * git-doc-2.35.3-150300.10.39.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * git-daemon-2.35.3-150300.10.39.1 * git-core-debuginfo-2.35.3-150300.10.39.1 * git-core-2.35.3-150300.10.39.1 * git-cvs-2.35.3-150300.10.39.1 * git-daemon-debuginfo-2.35.3-150300.10.39.1 * git-2.35.3-150300.10.39.1 * git-svn-2.35.3-150300.10.39.1 * gitk-2.35.3-150300.10.39.1 * perl-Git-2.35.3-150300.10.39.1 * git-email-2.35.3-150300.10.39.1 * git-arch-2.35.3-150300.10.39.1 * git-debugsource-2.35.3-150300.10.39.1 * git-gui-2.35.3-150300.10.39.1 * git-debuginfo-2.35.3-150300.10.39.1 * git-web-2.35.3-150300.10.39.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * git-doc-2.35.3-150300.10.39.1 * SUSE Manager Proxy 4.3 (x86_64) * git-debuginfo-2.35.3-150300.10.39.1 * git-debugsource-2.35.3-150300.10.39.1 * git-core-debuginfo-2.35.3-150300.10.39.1 * git-core-2.35.3-150300.10.39.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * git-debuginfo-2.35.3-150300.10.39.1 * git-debugsource-2.35.3-150300.10.39.1 * git-core-debuginfo-2.35.3-150300.10.39.1 * git-core-2.35.3-150300.10.39.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * git-debuginfo-2.35.3-150300.10.39.1 * git-debugsource-2.35.3-150300.10.39.1 * git-core-debuginfo-2.35.3-150300.10.39.1 * git-core-2.35.3-150300.10.39.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * git-daemon-2.35.3-150300.10.39.1 * git-core-debuginfo-2.35.3-150300.10.39.1 * git-core-2.35.3-150300.10.39.1 * git-cvs-2.35.3-150300.10.39.1 * git-daemon-debuginfo-2.35.3-150300.10.39.1 * git-2.35.3-150300.10.39.1 * git-svn-2.35.3-150300.10.39.1 * gitk-2.35.3-150300.10.39.1 * perl-Git-2.35.3-150300.10.39.1 * git-email-2.35.3-150300.10.39.1 * git-arch-2.35.3-150300.10.39.1 * git-debugsource-2.35.3-150300.10.39.1 * git-gui-2.35.3-150300.10.39.1 * git-debuginfo-2.35.3-150300.10.39.1 * git-web-2.35.3-150300.10.39.1 * SUSE Enterprise Storage 7.1 (noarch) * git-doc-2.35.3-150300.10.39.1 * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * git-credential-libsecret-2.35.3-150300.10.39.1 * git-credential-libsecret-debuginfo-2.35.3-150300.10.39.1 * git-daemon-2.35.3-150300.10.39.1 * git-core-debuginfo-2.35.3-150300.10.39.1 * git-core-2.35.3-150300.10.39.1 * git-cvs-2.35.3-150300.10.39.1 * git-daemon-debuginfo-2.35.3-150300.10.39.1 * git-2.35.3-150300.10.39.1 * git-svn-2.35.3-150300.10.39.1 * gitk-2.35.3-150300.10.39.1 * git-credential-gnome-keyring-debuginfo-2.35.3-150300.10.39.1 * perl-Git-2.35.3-150300.10.39.1 * git-credential-gnome-keyring-2.35.3-150300.10.39.1 * git-email-2.35.3-150300.10.39.1 * git-arch-2.35.3-150300.10.39.1 * git-debugsource-2.35.3-150300.10.39.1 * git-gui-2.35.3-150300.10.39.1 * git-p4-2.35.3-150300.10.39.1 * git-debuginfo-2.35.3-150300.10.39.1 * git-web-2.35.3-150300.10.39.1 * openSUSE Leap 15.3 (noarch) * git-doc-2.35.3-150300.10.39.1 ## References: * https://www.suse.com/security/cve/CVE-2024-32002.html * https://www.suse.com/security/cve/CVE-2024-32004.html * https://www.suse.com/security/cve/CVE-2024-32020.html * https://www.suse.com/security/cve/CVE-2024-32021.html * https://www.suse.com/security/cve/CVE-2024-32465.html * https://bugzilla.suse.com/show_bug.cgi?id=1224168 * https://bugzilla.suse.com/show_bug.cgi?id=1224170 * https://bugzilla.suse.com/show_bug.cgi?id=1224171 * https://bugzilla.suse.com/show_bug.cgi?id=1224172 * https://bugzilla.suse.com/show_bug.cgi?id=1224173 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 29 08:30:17 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 29 May 2024 08:30:17 -0000 Subject: SUSE-SU-2024:1806-1: important: Security update for xdg-desktop-portal Message-ID: <171697141748.25860.3111466879293453328@smelt2.prg2.suse.org> # Security update for xdg-desktop-portal Announcement ID: SUSE-SU-2024:1806-1 Rating: important References: * bsc#1223110 Cross-References: * CVE-2024-32462 CVSS scores: * CVE-2024-32462 ( SUSE ): 8.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves one vulnerability can now be installed. ## Description: This update for xdg-desktop-portal fixes the following issues: * CVE-2024-32462: Fixed sandbox escape via RequestBackground portal (bsc#1223110). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-1806=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-1806=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-1806=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-1806=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-1806=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-1806=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * xdg-desktop-portal-devel-1.10.1-150400.3.6.1 * xdg-desktop-portal-debuginfo-1.10.1-150400.3.6.1 * xdg-desktop-portal-1.10.1-150400.3.6.1 * xdg-desktop-portal-debugsource-1.10.1-150400.3.6.1 * openSUSE Leap 15.4 (noarch) * xdg-desktop-portal-lang-1.10.1-150400.3.6.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * xdg-desktop-portal-devel-1.10.1-150400.3.6.1 * xdg-desktop-portal-debuginfo-1.10.1-150400.3.6.1 * xdg-desktop-portal-1.10.1-150400.3.6.1 * xdg-desktop-portal-debugsource-1.10.1-150400.3.6.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * xdg-desktop-portal-lang-1.10.1-150400.3.6.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * xdg-desktop-portal-devel-1.10.1-150400.3.6.1 * xdg-desktop-portal-debuginfo-1.10.1-150400.3.6.1 * xdg-desktop-portal-1.10.1-150400.3.6.1 * xdg-desktop-portal-debugsource-1.10.1-150400.3.6.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * xdg-desktop-portal-lang-1.10.1-150400.3.6.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * xdg-desktop-portal-devel-1.10.1-150400.3.6.1 * xdg-desktop-portal-debuginfo-1.10.1-150400.3.6.1 * xdg-desktop-portal-1.10.1-150400.3.6.1 * xdg-desktop-portal-debugsource-1.10.1-150400.3.6.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (noarch) * xdg-desktop-portal-lang-1.10.1-150400.3.6.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * xdg-desktop-portal-devel-1.10.1-150400.3.6.1 * xdg-desktop-portal-debuginfo-1.10.1-150400.3.6.1 * xdg-desktop-portal-1.10.1-150400.3.6.1 * xdg-desktop-portal-debugsource-1.10.1-150400.3.6.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch) * xdg-desktop-portal-lang-1.10.1-150400.3.6.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * xdg-desktop-portal-devel-1.10.1-150400.3.6.1 * xdg-desktop-portal-debuginfo-1.10.1-150400.3.6.1 * xdg-desktop-portal-1.10.1-150400.3.6.1 * xdg-desktop-portal-debugsource-1.10.1-150400.3.6.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * xdg-desktop-portal-lang-1.10.1-150400.3.6.1 ## References: * https://www.suse.com/security/cve/CVE-2024-32462.html * https://bugzilla.suse.com/show_bug.cgi?id=1223110 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 29 12:30:03 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 29 May 2024 12:30:03 -0000 Subject: SUSE-SU-2024:1813-1: important: Security update for the Linux Kernel Message-ID: <171698580336.26329.17049142379137132352@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2024:1813-1 Rating: important References: * bsc#1223858 * bsc#1224169 * bsc#1224340 Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Real Time Module 15-SP5 An update that has three security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes. This update fixes a regression with kerberized nfs4 shares in the previous update (bsc#1223858). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-1813=1 openSUSE-SLE-15.5-2024-1813=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-1813=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-1813=1 * SUSE Real Time Module 15-SP5 zypper in -t patch SUSE-SLE-Module-RT-15-SP5-2024-1813=1 ## Package List: * openSUSE Leap 15.5 (noarch) * kernel-source-rt-5.14.21-150500.13.55.1 * kernel-devel-rt-5.14.21-150500.13.55.1 * openSUSE Leap 15.5 (x86_64) * kernel-rt-debuginfo-5.14.21-150500.13.55.1 * kernel-rt-livepatch-5.14.21-150500.13.55.1 * dlm-kmp-rt-5.14.21-150500.13.55.1 * kernel-rt-vdso-debuginfo-5.14.21-150500.13.55.1 * kernel-rt_debug-debugsource-5.14.21-150500.13.55.1 * kernel-syms-rt-5.14.21-150500.13.55.1 * kselftests-kmp-rt-5.14.21-150500.13.55.1 * kernel-rt-extra-5.14.21-150500.13.55.1 * kernel-rt-optional-debuginfo-5.14.21-150500.13.55.1 * kernel-rt-vdso-5.14.21-150500.13.55.1 * kernel-livepatch-5_14_21-150500_13_55-rt-1-150500.11.3.1 * kernel-livepatch-SLE15-SP5-RT_Update_15-debugsource-1-150500.11.3.1 * cluster-md-kmp-rt-debuginfo-5.14.21-150500.13.55.1 * kernel-rt-extra-debuginfo-5.14.21-150500.13.55.1 * kernel-rt-devel-debuginfo-5.14.21-150500.13.55.1 * ocfs2-kmp-rt-5.14.21-150500.13.55.1 * reiserfs-kmp-rt-debuginfo-5.14.21-150500.13.55.1 * kernel-rt-devel-5.14.21-150500.13.55.1 * kernel-rt-livepatch-devel-5.14.21-150500.13.55.1 * kernel-rt_debug-devel-debuginfo-5.14.21-150500.13.55.1 * dlm-kmp-rt-debuginfo-5.14.21-150500.13.55.1 * kernel-livepatch-5_14_21-150500_13_55-rt-debuginfo-1-150500.11.3.1 * kernel-rt-debugsource-5.14.21-150500.13.55.1 * kernel-rt_debug-debuginfo-5.14.21-150500.13.55.1 * gfs2-kmp-rt-debuginfo-5.14.21-150500.13.55.1 * kselftests-kmp-rt-debuginfo-5.14.21-150500.13.55.1 * kernel-rt-optional-5.14.21-150500.13.55.1 * reiserfs-kmp-rt-5.14.21-150500.13.55.1 * cluster-md-kmp-rt-5.14.21-150500.13.55.1 * gfs2-kmp-rt-5.14.21-150500.13.55.1 * kernel-rt_debug-devel-5.14.21-150500.13.55.1 * kernel-rt_debug-vdso-5.14.21-150500.13.55.1 * kernel-rt_debug-livepatch-devel-5.14.21-150500.13.55.1 * kernel-rt_debug-vdso-debuginfo-5.14.21-150500.13.55.1 * ocfs2-kmp-rt-debuginfo-5.14.21-150500.13.55.1 * openSUSE Leap 15.5 (nosrc x86_64) * kernel-rt_debug-5.14.21-150500.13.55.1 * kernel-rt-5.14.21-150500.13.55.1 * SUSE Linux Enterprise Micro 5.5 (nosrc x86_64) * kernel-rt-5.14.21-150500.13.55.1 * SUSE Linux Enterprise Micro 5.5 (x86_64) * kernel-rt-debuginfo-5.14.21-150500.13.55.1 * kernel-rt-debugsource-5.14.21-150500.13.55.1 * SUSE Linux Enterprise Micro 5.5 (noarch) * kernel-source-rt-5.14.21-150500.13.55.1 * SUSE Linux Enterprise Live Patching 15-SP5 (x86_64) * kernel-livepatch-5_14_21-150500_13_55-rt-1-150500.11.3.1 * kernel-livepatch-5_14_21-150500_13_55-rt-debuginfo-1-150500.11.3.1 * kernel-livepatch-SLE15-SP5-RT_Update_15-debugsource-1-150500.11.3.1 * SUSE Real Time Module 15-SP5 (x86_64) * kernel-rt-debuginfo-5.14.21-150500.13.55.1 * dlm-kmp-rt-5.14.21-150500.13.55.1 * kernel-rt-vdso-debuginfo-5.14.21-150500.13.55.1 * kernel-rt_debug-debugsource-5.14.21-150500.13.55.1 * kernel-syms-rt-5.14.21-150500.13.55.1 * kernel-rt-vdso-5.14.21-150500.13.55.1 * cluster-md-kmp-rt-debuginfo-5.14.21-150500.13.55.1 * kernel-rt-devel-debuginfo-5.14.21-150500.13.55.1 * ocfs2-kmp-rt-5.14.21-150500.13.55.1 * kernel-rt-devel-5.14.21-150500.13.55.1 * kernel-rt_debug-devel-debuginfo-5.14.21-150500.13.55.1 * dlm-kmp-rt-debuginfo-5.14.21-150500.13.55.1 * kernel-rt_debug-debuginfo-5.14.21-150500.13.55.1 * kernel-rt-debugsource-5.14.21-150500.13.55.1 * gfs2-kmp-rt-debuginfo-5.14.21-150500.13.55.1 * cluster-md-kmp-rt-5.14.21-150500.13.55.1 * gfs2-kmp-rt-5.14.21-150500.13.55.1 * kernel-rt_debug-devel-5.14.21-150500.13.55.1 * kernel-rt_debug-vdso-5.14.21-150500.13.55.1 * kernel-rt_debug-vdso-debuginfo-5.14.21-150500.13.55.1 * ocfs2-kmp-rt-debuginfo-5.14.21-150500.13.55.1 * SUSE Real Time Module 15-SP5 (noarch) * kernel-source-rt-5.14.21-150500.13.55.1 * kernel-devel-rt-5.14.21-150500.13.55.1 * SUSE Real Time Module 15-SP5 (nosrc x86_64) * kernel-rt_debug-5.14.21-150500.13.55.1 * kernel-rt-5.14.21-150500.13.55.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1223858 * https://bugzilla.suse.com/show_bug.cgi?id=1224169 * https://bugzilla.suse.com/show_bug.cgi?id=1224340 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 29 12:30:34 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 29 May 2024 12:30:34 -0000 Subject: SUSE-SU-2024:1815-1: moderate: Security Beta update for SUSE Manager Client Tools Message-ID: <171698583405.26329.9262410505090603545@smelt2.prg2.suse.org> # Security Beta update for SUSE Manager Client Tools Announcement ID: SUSE-SU-2024:1815-1 Rating: moderate References: * bsc#1221465 * bsc#1222155 * bsc#1222277 * bsc#1222731 * jsc#MSQA-775 Cross-References: * CVE-2024-1313 CVSS scores: * CVE-2024-1313 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N Affected Products: * SUSE Linux Enterprise Desktop 12 * SUSE Linux Enterprise Desktop 12 SP1 * SUSE Linux Enterprise Desktop 12 SP2 * SUSE Linux Enterprise Desktop 12 SP3 * SUSE Linux Enterprise Desktop 12 SP4 * SUSE Linux Enterprise High Performance Computing 12 SP2 * SUSE Linux Enterprise High Performance Computing 12 SP3 * SUSE Linux Enterprise High Performance Computing 12 SP4 * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 * SUSE Linux Enterprise Server 12 SP1 * SUSE Linux Enterprise Server 12 SP2 * SUSE Linux Enterprise Server 12 SP3 * SUSE Linux Enterprise Server 12 SP4 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 * SUSE Linux Enterprise Server for SAP Applications 12 SP1 * SUSE Linux Enterprise Server for SAP Applications 12 SP2 * SUSE Linux Enterprise Server for SAP Applications 12 SP3 * SUSE Linux Enterprise Server for SAP Applications 12 SP4 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Server for the Raspberry Pi 12-SP2 * SUSE Manager Client Tools Beta for SLE 12 An update that solves one vulnerability, contains one feature and has three security fixes can now be installed. ## Description: This update fixes the following issues: grafana: * Packaging improvements: * Changed deprecated `disabled` service mode to `manual` * Drop golang-packaging macros * Drop explicit mod=vendor as it is enabled automatically * Update to version 9.5.18: * [SECURITY] CVE-2024-1313: Require same organisation when deleting snapshots (bsc#1222155) * Update to version 9.5.17: * [FEATURE] Alerting: Backport use Alertmanager API v2 mgr-push: * Version 5.0.2-0 * Remove unused code from the traditional stack * Use bundle CA certificate in rhnpush (bsc#1222731) spacecmd: * Version 5.0.6-0 * Update translations uyuni-common-libs: * Version 5.0.3-0 * Add support for package signature type V4 RSA/SHA384 * Add support for package signature type V4 RSA/SHA512 (bsc#1221465) uyuni-tools: * Version 0.1.9-0 * Redact passwords from the API payload in traces * Fix build on Ubuntu 20.04 due to version change * Version 0.1.8-0 * Add 'mgradm support sql' command * Improve GPG help * podman-mount* flag should be used only on Server installation and migration * Add flag groups in help text * Attach Proxy pod to our Podman network * Create support ptf commands * Create mgrpxy upgrade command * Add domain for internal container network * Stop the Server if first user creation failed * Add localization support * Require Podman 4.5.0 for its --shm-size-systemd parameter * Add --podman-mount-www flag for install and migration * Only colorize output if outputting to a terminal * Fix output missing newlines due to the spinner * Add product version and commit id to the version output * Add missing whitespace between podman common arguments and additional ones * Bump the push tag to 5.0.0-RC * Add gpg command to mgradm * Hide message in stdout if SCCcredentials is missing (bsc#1222277) * Redact password in stdout and uyuni-tools.log * Rework distribution mapping to work with distros without .treeinfo data * Add initial installation support for Confidental Computing attestation container * Allow PAM and LDAP authentication using SSSD * Change pull policy default to Always during upgrade * Allow migration with non-root user on source server ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Client Tools Beta for SLE 12 zypper in -t patch SUSE-SLE-Manager-Tools-12-BETA-2024-1815=1 ## Package List: * SUSE Manager Client Tools Beta for SLE 12 (aarch64 ppc64le s390x x86_64) * grafana-9.5.18-4.30.4 * python2-uyuni-common-libs-5.0.3-3.39.3 * mgrctl-0.1.9-3.11.4 * SUSE Manager Client Tools Beta for SLE 12 (noarch) * mgr-push-5.0.2-4.24.5 * spacecmd-5.0.6-41.51.3 * mgrctl-bash-completion-0.1.9-3.11.4 * mgrctl-lang-0.1.9-3.11.4 * python2-mgr-push-5.0.2-4.24.5 * mgrctl-zsh-completion-0.1.9-3.11.4 ## References: * https://www.suse.com/security/cve/CVE-2024-1313.html * https://bugzilla.suse.com/show_bug.cgi?id=1221465 * https://bugzilla.suse.com/show_bug.cgi?id=1222155 * https://bugzilla.suse.com/show_bug.cgi?id=1222277 * https://bugzilla.suse.com/show_bug.cgi?id=1222731 * https://jira.suse.com/browse/MSQA-775 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 29 12:30:38 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 29 May 2024 12:30:38 -0000 Subject: SUSE-SU-2024:1814-1: moderate: Security Beta update for SUSE Manager Client Tools and Salt Message-ID: <171698583858.26329.8769435693190843537@smelt2.prg2.suse.org> # Security Beta update for SUSE Manager Client Tools and Salt Announcement ID: SUSE-SU-2024:1814-1 Rating: moderate References: * bsc#1221465 * bsc#1222155 * bsc#1222277 * bsc#1222731 * jsc#MSQA-775 Cross-References: * CVE-2024-1313 CVSS scores: * CVE-2024-1313 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N Affected Products: * openSUSE Leap 15.3 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 * SUSE Linux Enterprise Desktop 15 SP1 * SUSE Linux Enterprise Desktop 15 SP2 * SUSE Linux Enterprise Desktop 15 SP3 * SUSE Linux Enterprise Desktop 15 SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 * SUSE Linux Enterprise High Performance Computing 15 SP1 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.0 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP1 * SUSE Linux Enterprise Real Time 15 SP2 * SUSE Linux Enterprise Real Time 15 SP3 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 * SUSE Linux Enterprise Server 15 SP1 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 * SUSE Linux Enterprise Server for SAP Applications 15 SP1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Client Tools Beta for SLE 15 * SUSE Manager Client Tools Beta for SLE Micro 5 An update that solves one vulnerability, contains one feature and has three security fixes can now be installed. ## Description: This update fixes the following issues: golang-github-prometheus-node_exporter: * Add `device_error` label for filesystem metrics. * Update rtnetlink library to fix errors during ARP metrics collection. * update to 1.7.0 (jsc#PED-7893, jsc#PED-7928): * [FEATURE] Add ZFS freebsd per dataset stats #2753 * [FEATURE] Add cpu vulnerabilities reporting from sysfs #2721 * [ENHANCEMENT] Parallelize stat calls in Linux filesystem collector #1772 * [ENHANCEMENT] Add missing linkspeeds to ethtool collector #2711 * [ENHANCEMENT] Add CPU MHz as the value for node_cpu_info metric #2778 * [ENHANCEMENT] Improve qdisc collector performance #2779 * [ENHANCEMENT] Add include and exclude filter for hwmon collector #2699 * [ENHANCEMENT] Optionally fetch ARP stats via rtnetlink instead of procfs #2777 * [BUGFIX] Fallback to 32-bit stats in netdev #2757 * [BUGFIX] Close btrfs.FS handle after use #2780 * [BUGFIX] Move RO status before error return #2807 * [BUFFIX] Fix promhttp_metric_handler_errors_total being always active #2808 * [BUGFIX] Fix nfsd v4 index miss #2824 * update to 1.6.1: * Rebuild with updated Go version, no source code changes in this release. * update to 1.6.0: * [CHANGE] Fix cpustat when some cpus are offline #2318 * [CHANGE] Remove metrics of offline CPUs in CPU collector #2605 * [CHANGE] Deprecate ntp collector #2603 * [CHANGE] Remove bcache `cache_readaheads_totals` metrics #2583 * [CHANGE] Deprecate supervisord collector #2685 * [FEATURE] Add softirqs collector #2669 * [ENHANCEMENT] Add suspended as a `node_zfs_zpool_state` #2449 * [ENHANCEMENT] Add administrative state of Linux network interfaces #2515 * [ENHANCEMENT] Log current value of GOMAXPROCS #2537 * [ENHANCEMENT] Add profiler options for perf collector #2542 * [ENHANCEMENT] Allow root path as metrics path #2590 * [ENHANCEMENT] Add cpu frequency governor metrics #2569 * [ENHANCEMENT] Add new landing page #2622 * [ENHANCEMENT] Reduce privileges needed for btrfs device stats #2634 * [ENHANCEMENT] Add ZFS `memory_available_bytes` #2687 * [ENHANCEMENT] Use `SCSI_IDENT_SERIAL` as serial in diskstats #2612 * [ENHANCEMENT] Read missing from netlink netclass attributes from sysfs #2669 * [BUGFIX] perf: fixes for automatically detecting the correct tracefs mountpoints #2553 * [BUGFIX] Fix `thermal_zone` collector noise #2554 * [BUGFIX] interrupts: Fix fields on linux aarch64 #2631 * [BUGFIX] Remove metrics of offline CPUs in CPU collector #2605 grafana: * Packaging improvements: * Changed deprecated `disabled` service mode to `manual` * Drop golang-packaging macros * Drop explicit mod=vendor as it is enabled automatically * Update to version 9.5.18: * [SECURITY] CVE-2024-1313: Require same organisation when deleting snapshots (bsc#1222155) * Update to version 9.5.17: * [FEATURE] Alerting: Backport use Alertmanager API v2 mgr-push: * Version 5.0.2-0 * Remove unused code from the traditional stack * Use bundle CA certificate in rhnpush (bsc#1222731) spacecmd: * Version 5.0.6-0 * Update translations uyuni-common-libs: * Version 5.0.3-0 * Add support for package signature type V4 RSA/SHA384 * Add support for package signature type V4 RSA/SHA512 (bsc#1221465) uyuni-tools: * Version 0.1.9-0 * Redact passwords from the API payload in traces * Fix build on Ubuntu 20.04 due to version change * Version 0.1.8-0 * Add 'mgradm support sql' command * Improve GPG help * podman-mount* flag should be used only on Server installation and migration * Add flag groups in help text * Attach Proxy pod to our Podman network * Create support ptf commands * Create mgrpxy upgrade command * Add domain for internal container network * Stop the Server if first user creation failed * Add localization support * Require Podman 4.5.0 for its --shm-size-systemd parameter * Add --podman-mount-www flag for install and migration * Only colorize output if outputting to a terminal * Fix output missing newlines due to the spinner * Add product version and commit id to the version output * Add missing whitespace between podman common arguments and additional ones * Bump the push tag to 5.0.0-RC * Add gpg command to mgradm * Hide message in stdout if SCCcredentials is missing (bsc#1222277) * Redact password in stdout and uyuni-tools.log * Rework distribution mapping to work with distros without .treeinfo data * Add initial installation support for Confidental Computing attestation container * Allow PAM and LDAP authentication using SSSD * Change pull policy default to Always during upgrade * Allow migration with non-root user on source server ## Special Instructions and Notes: ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Client Tools Beta for SLE Micro 5 zypper in -t patch SUSE-SLE-Manager-Tools-Beta-For-Micro-5-2024-1814=1 * SUSE Manager Client Tools Beta for SLE 15 zypper in -t patch SUSE-SLE-Manager-Tools-15-BETA-2024-1814=1 ## Package List: * SUSE Manager Client Tools Beta for SLE Micro 5 (aarch64 s390x x86_64) * golang-github-prometheus-node_exporter-1.7.0-159000.6.5.5 * mgrctl-0.1.9-159000.3.11.5 * SUSE Manager Client Tools Beta for SLE Micro 5 (noarch) * mgrctl-bash-completion-0.1.9-159000.3.11.5 * mgrctl-zsh-completion-0.1.9-159000.3.11.5 * mgrctl-lang-0.1.9-159000.3.11.5 * SUSE Manager Client Tools Beta for SLE 15 (aarch64 ppc64le s390x x86_64) * python3-uyuni-common-libs-5.0.3-159000.3.39.3 * mgrctl-0.1.9-159000.3.11.5 * grafana-debuginfo-9.5.18-159000.4.33.4 * grafana-9.5.18-159000.4.33.4 * SUSE Manager Client Tools Beta for SLE 15 (noarch) * python3-mgr-push-5.0.2-159000.4.24.5 * mgrctl-lang-0.1.9-159000.3.11.5 * mgrctl-bash-completion-0.1.9-159000.3.11.5 * spacecmd-5.0.6-159000.6.51.4 * mgrctl-zsh-completion-0.1.9-159000.3.11.5 * mgr-push-5.0.2-159000.4.24.5 ## References: * https://www.suse.com/security/cve/CVE-2024-1313.html * https://bugzilla.suse.com/show_bug.cgi?id=1221465 * https://bugzilla.suse.com/show_bug.cgi?id=1222155 * https://bugzilla.suse.com/show_bug.cgi?id=1222277 * https://bugzilla.suse.com/show_bug.cgi?id=1222731 * https://jira.suse.com/browse/MSQA-775 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 29 16:30:07 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 29 May 2024 16:30:07 -0000 Subject: SUSE-SU-2024:1838-1: important: Security update for warewulf4 Message-ID: <171700020734.22495.4938329776091933804@smelt2.prg2.suse.org> # Security update for warewulf4 Announcement ID: SUSE-SU-2024:1838-1 Rating: important References: * bsc#1216994 * bsc#1224124 * bsc#1225402 Cross-References: * CVE-2024-3727 CVSS scores: * CVE-2024-3727 ( SUSE ): 8.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H Affected Products: * HPC Module 15-SP5 * HPC Module 15-SP6 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Server 15 SP6 An update that solves one vulnerability and has two security fixes can now be installed. ## Description: This update for warewulf4 fixes the following issues: * fixed wwctl configure --all doesn't configure ssh (bsc#1225402) * update to 4.5.2 with following changes: * Reorder dnsmasq config to put iPXE last * Update go-digest dependency to fix CVE-2024-3727: digest values not always validated (bsc#1224124) * updated to version 4.5.1 with following changes * wwctl [profile|node] list -a handles now slices correclty * Fix a locking issue with concurrent read/writes for node status * Remove API package as use of this wasn't documented * use tftp.socket for activation (bsc#1216994) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-1838=1 openSUSE-SLE-15.5-2024-1838=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-1838=1 * HPC Module 15-SP5 zypper in -t patch SUSE-SLE-Module-HPC-15-SP5-2024-1838=1 * HPC Module 15-SP6 zypper in -t patch SUSE-SLE-Module-HPC-15-SP6-2024-1838=1 ## Package List: * openSUSE Leap 15.5 (aarch64 x86_64) * warewulf4-4.5.2-150500.6.13.1 * warewulf4-overlay-4.5.2-150500.6.13.1 * openSUSE Leap 15.5 (noarch) * warewulf4-man-4.5.2-150500.6.13.1 * warewulf4-overlay-slurm-4.5.2-150500.6.13.1 * openSUSE Leap 15.6 (aarch64 x86_64) * warewulf4-4.5.2-150500.6.13.1 * warewulf4-overlay-4.5.2-150500.6.13.1 * openSUSE Leap 15.6 (noarch) * warewulf4-man-4.5.2-150500.6.13.1 * warewulf4-overlay-slurm-4.5.2-150500.6.13.1 * HPC Module 15-SP5 (aarch64 x86_64) * warewulf4-4.5.2-150500.6.13.1 * warewulf4-overlay-4.5.2-150500.6.13.1 * HPC Module 15-SP5 (noarch) * warewulf4-man-4.5.2-150500.6.13.1 * warewulf4-overlay-slurm-4.5.2-150500.6.13.1 * HPC Module 15-SP6 (aarch64 x86_64) * warewulf4-4.5.2-150500.6.13.1 * warewulf4-overlay-4.5.2-150500.6.13.1 * HPC Module 15-SP6 (noarch) * warewulf4-man-4.5.2-150500.6.13.1 * warewulf4-overlay-slurm-4.5.2-150500.6.13.1 ## References: * https://www.suse.com/security/cve/CVE-2024-3727.html * https://bugzilla.suse.com/show_bug.cgi?id=1216994 * https://bugzilla.suse.com/show_bug.cgi?id=1224124 * https://bugzilla.suse.com/show_bug.cgi?id=1225402 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 29 16:30:09 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 29 May 2024 16:30:09 -0000 Subject: SUSE-SU-2024:1837-1: low: Security update for nodejs16 Message-ID: <171700020930.22495.4821487270132558572@smelt2.prg2.suse.org> # Security update for nodejs16 Announcement ID: SUSE-SU-2024:1837-1 Rating: low References: * bsc#1222530 * bsc#1222603 Cross-References: * CVE-2024-30260 * CVE-2024-30261 CVSS scores: * CVE-2024-30260 ( SUSE ): 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N * CVE-2024-30261 ( SUSE ): 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N Affected Products: * openSUSE Leap 15.4 An update that solves two vulnerabilities can now be installed. ## Description: This update for nodejs16 fixes the following issues: * CVE-2024-30260: undici: proxy-authorization header not cleared on cross- origin redirect for dispatch, request, stream, pipeline (bsc#1222530) * CVE-2024-30261: undici: Ensure that integrity cannot be tampered with (bsc#1222603) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-1837=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * corepack16-16.20.2-150400.3.36.1 * npm16-16.20.2-150400.3.36.1 * nodejs16-devel-16.20.2-150400.3.36.1 * nodejs16-debuginfo-16.20.2-150400.3.36.1 * nodejs16-debugsource-16.20.2-150400.3.36.1 * nodejs16-16.20.2-150400.3.36.1 * openSUSE Leap 15.4 (noarch) * nodejs16-docs-16.20.2-150400.3.36.1 ## References: * https://www.suse.com/security/cve/CVE-2024-30260.html * https://www.suse.com/security/cve/CVE-2024-30261.html * https://bugzilla.suse.com/show_bug.cgi?id=1222530 * https://bugzilla.suse.com/show_bug.cgi?id=1222603 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 29 16:30:11 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 29 May 2024 16:30:11 -0000 Subject: SUSE-SU-2024:1836-1: low: Security update for nodejs16 Message-ID: <171700021180.22495.17943702188224614301@smelt2.prg2.suse.org> # Security update for nodejs16 Announcement ID: SUSE-SU-2024:1836-1 Rating: low References: * bsc#1222530 * bsc#1222603 Cross-References: * CVE-2024-30260 * CVE-2024-30261 CVSS scores: * CVE-2024-30260 ( SUSE ): 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N * CVE-2024-30261 ( SUSE ): 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP2 * SUSE Linux Enterprise High Performance Computing 12 SP3 * SUSE Linux Enterprise High Performance Computing 12 SP4 * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 * SUSE Linux Enterprise Server 12 SP1 * SUSE Linux Enterprise Server 12 SP2 * SUSE Linux Enterprise Server 12 SP3 * SUSE Linux Enterprise Server 12 SP4 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 * SUSE Linux Enterprise Server for SAP Applications 12 SP1 * SUSE Linux Enterprise Server for SAP Applications 12 SP2 * SUSE Linux Enterprise Server for SAP Applications 12 SP3 * SUSE Linux Enterprise Server for SAP Applications 12 SP4 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * Web and Scripting Module 12 An update that solves two vulnerabilities can now be installed. ## Description: This update for nodejs16 fixes the following issues: * CVE-2024-30260: undici: proxy-authorization header not cleared on cross- origin redirect for dispatch, request, stream, pipeline (bsc#1222530) * CVE-2024-30261: undici: Ensure that integrity cannot be tampered with (bsc#1222603) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Web and Scripting Module 12 zypper in -t patch SUSE-SLE-Module-Web-Scripting-12-2024-1836=1 ## Package List: * Web and Scripting Module 12 (aarch64 ppc64le s390x x86_64) * npm16-16.20.2-8.45.1 * nodejs16-16.20.2-8.45.1 * nodejs16-debugsource-16.20.2-8.45.1 * nodejs16-debuginfo-16.20.2-8.45.1 * nodejs16-devel-16.20.2-8.45.1 * Web and Scripting Module 12 (noarch) * nodejs16-docs-16.20.2-8.45.1 ## References: * https://www.suse.com/security/cve/CVE-2024-30260.html * https://www.suse.com/security/cve/CVE-2024-30261.html * https://bugzilla.suse.com/show_bug.cgi?id=1222530 * https://bugzilla.suse.com/show_bug.cgi?id=1222603 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 29 16:30:13 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 29 May 2024 16:30:13 -0000 Subject: SUSE-SU-2024:1835-1: important: Security update for freerdp Message-ID: <171700021377.22495.7486139454492337693@smelt2.prg2.suse.org> # Security update for freerdp Announcement ID: SUSE-SU-2024:1835-1 Rating: important References: * bsc#1223346 * bsc#1223347 * bsc#1223348 * bsc#1223353 Cross-References: * CVE-2024-32658 * CVE-2024-32659 * CVE-2024-32660 * CVE-2024-32661 CVSS scores: * CVE-2024-32658 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-32659 ( SUSE ): 7.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H * CVE-2024-32660 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-32661 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 * SUSE Linux Enterprise Workstation Extension 12 12-SP5 An update that solves four vulnerabilities can now be installed. ## Description: This update for freerdp fixes the following issues: * CVE-2024-32658: Fixed out-of-bounds read in Interleaved RLE Bitmap Codec (bsc#1223353). * CVE-2024-32659: Fixed out-of-bounds read if `((nWidth == 0) and (nHeight == 0))` (bsc#1223346) * CVE-2024-32660: Fixed client crash via invalid huge allocation size (bsc#1223347) * CVE-2024-32661: Fixed client NULL pointer dereference (bsc#1223348) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-1835=1 * SUSE Linux Enterprise Workstation Extension 12 12-SP5 zypper in -t patch SUSE-SLE-WE-12-SP5-2024-1835=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * winpr2-devel-2.1.2-12.47.1 * freerdp-debuginfo-2.1.2-12.47.1 * libwinpr2-debuginfo-2.1.2-12.47.1 * libwinpr2-2.1.2-12.47.1 * freerdp-devel-2.1.2-12.47.1 * libfreerdp2-2.1.2-12.47.1 * libfreerdp2-debuginfo-2.1.2-12.47.1 * freerdp-debugsource-2.1.2-12.47.1 * SUSE Linux Enterprise Workstation Extension 12 12-SP5 (x86_64) * freerdp-server-2.1.2-12.47.1 * freerdp-2.1.2-12.47.1 * freerdp-proxy-2.1.2-12.47.1 * freerdp-debuginfo-2.1.2-12.47.1 * libwinpr2-debuginfo-2.1.2-12.47.1 * libwinpr2-2.1.2-12.47.1 * libfreerdp2-2.1.2-12.47.1 * libfreerdp2-debuginfo-2.1.2-12.47.1 * freerdp-debugsource-2.1.2-12.47.1 ## References: * https://www.suse.com/security/cve/CVE-2024-32658.html * https://www.suse.com/security/cve/CVE-2024-32659.html * https://www.suse.com/security/cve/CVE-2024-32660.html * https://www.suse.com/security/cve/CVE-2024-32661.html * https://bugzilla.suse.com/show_bug.cgi?id=1223346 * https://bugzilla.suse.com/show_bug.cgi?id=1223347 * https://bugzilla.suse.com/show_bug.cgi?id=1223348 * https://bugzilla.suse.com/show_bug.cgi?id=1223353 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 29 16:30:15 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 29 May 2024 16:30:15 -0000 Subject: SUSE-SU-2024:1834-1: critical: Security update for the Linux Kernel Message-ID: <171700021567.22495.4097834096337105209@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2024:1834-1 Rating: critical References: * bsc#1224785 Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that has one security fix can now be installed. ## Description: The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security bugfixes. The update is fixing a regression with nfs that could lead to data corruption. The following non-security bugs were fixed: * nfs: Fix error handling for O_DIRECT write scheduling (bsc#1224785). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1834=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1834=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1834=1 ## Package List: * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (nosrc x86_64) * kernel-azure-4.12.14-16.185.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (x86_64) * kernel-azure-base-4.12.14-16.185.1 * kernel-azure-debuginfo-4.12.14-16.185.1 * kernel-azure-devel-4.12.14-16.185.1 * kernel-syms-azure-4.12.14-16.185.1 * kernel-azure-base-debuginfo-4.12.14-16.185.1 * kernel-azure-debugsource-4.12.14-16.185.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (noarch) * kernel-source-azure-4.12.14-16.185.1 * kernel-devel-azure-4.12.14-16.185.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (nosrc x86_64) * kernel-azure-4.12.14-16.185.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (x86_64) * kernel-azure-base-4.12.14-16.185.1 * kernel-azure-debuginfo-4.12.14-16.185.1 * kernel-azure-devel-4.12.14-16.185.1 * kernel-syms-azure-4.12.14-16.185.1 * kernel-azure-base-debuginfo-4.12.14-16.185.1 * kernel-azure-debugsource-4.12.14-16.185.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (noarch) * kernel-source-azure-4.12.14-16.185.1 * kernel-devel-azure-4.12.14-16.185.1 * SUSE Linux Enterprise Server 12 SP5 (nosrc x86_64) * kernel-azure-4.12.14-16.185.1 * SUSE Linux Enterprise Server 12 SP5 (x86_64) * kernel-azure-base-4.12.14-16.185.1 * kernel-azure-debuginfo-4.12.14-16.185.1 * kernel-azure-devel-4.12.14-16.185.1 * kernel-syms-azure-4.12.14-16.185.1 * kernel-azure-base-debuginfo-4.12.14-16.185.1 * kernel-azure-debugsource-4.12.14-16.185.1 * SUSE Linux Enterprise Server 12 SP5 (noarch) * kernel-source-azure-4.12.14-16.185.1 * kernel-devel-azure-4.12.14-16.185.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1224785 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 29 16:30:17 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 29 May 2024 16:30:17 -0000 Subject: SUSE-SU-2024:1833-1: low: Security update for glib2 Message-ID: <171700021745.22495.29793164065969076@smelt2.prg2.suse.org> # Security update for glib2 Announcement ID: SUSE-SU-2024:1833-1 Rating: low References: * bsc#1224044 Cross-References: * CVE-2024-34397 CVSS scores: * CVE-2024-34397 ( SUSE ): 3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 * SUSE Linux Enterprise Workstation Extension 12 12-SP5 An update that solves one vulnerability can now be installed. ## Description: This update for glib2 fixes the following issues: * CVE-2024-34397: Fixed signal subscription unicast spoofing vulnerability (bsc#1224044). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-1833=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1833=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1833=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1833=1 * SUSE Linux Enterprise Workstation Extension 12 12-SP5 zypper in -t patch SUSE-SLE-WE-12-SP5-2024-1833=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * libgio-fam-2.48.2-12.37.1 * glib2-debugsource-2.48.2-12.37.1 * glib2-devel-static-2.48.2-12.37.1 * libgio-fam-debuginfo-2.48.2-12.37.1 * glib2-devel-debuginfo-2.48.2-12.37.1 * glib2-devel-2.48.2-12.37.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * glib2-tools-2.48.2-12.37.1 * libgthread-2_0-0-2.48.2-12.37.1 * glib2-debugsource-2.48.2-12.37.1 * libgio-2_0-0-2.48.2-12.37.1 * libgthread-2_0-0-debuginfo-2.48.2-12.37.1 * libglib-2_0-0-2.48.2-12.37.1 * glib2-tools-debuginfo-2.48.2-12.37.1 * libgobject-2_0-0-debuginfo-2.48.2-12.37.1 * libgmodule-2_0-0-2.48.2-12.37.1 * libgmodule-2_0-0-debuginfo-2.48.2-12.37.1 * libgio-2_0-0-debuginfo-2.48.2-12.37.1 * libglib-2_0-0-debuginfo-2.48.2-12.37.1 * libgobject-2_0-0-2.48.2-12.37.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (noarch) * glib2-lang-2.48.2-12.37.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (x86_64) * libgthread-2_0-0-debuginfo-32bit-2.48.2-12.37.1 * libglib-2_0-0-32bit-2.48.2-12.37.1 * libgio-2_0-0-32bit-2.48.2-12.37.1 * libgobject-2_0-0-debuginfo-32bit-2.48.2-12.37.1 * libglib-2_0-0-debuginfo-32bit-2.48.2-12.37.1 * libgmodule-2_0-0-debuginfo-32bit-2.48.2-12.37.1 * libgio-2_0-0-debuginfo-32bit-2.48.2-12.37.1 * libgmodule-2_0-0-32bit-2.48.2-12.37.1 * libgthread-2_0-0-32bit-2.48.2-12.37.1 * libgobject-2_0-0-32bit-2.48.2-12.37.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * glib2-tools-2.48.2-12.37.1 * libgthread-2_0-0-2.48.2-12.37.1 * glib2-debugsource-2.48.2-12.37.1 * libgio-2_0-0-2.48.2-12.37.1 * libgthread-2_0-0-debuginfo-2.48.2-12.37.1 * libglib-2_0-0-2.48.2-12.37.1 * glib2-tools-debuginfo-2.48.2-12.37.1 * libgobject-2_0-0-debuginfo-2.48.2-12.37.1 * libgmodule-2_0-0-2.48.2-12.37.1 * libgmodule-2_0-0-debuginfo-2.48.2-12.37.1 * libgio-2_0-0-debuginfo-2.48.2-12.37.1 * libglib-2_0-0-debuginfo-2.48.2-12.37.1 * libgobject-2_0-0-2.48.2-12.37.1 * SUSE Linux Enterprise Server 12 SP5 (noarch) * glib2-lang-2.48.2-12.37.1 * SUSE Linux Enterprise Server 12 SP5 (s390x x86_64) * libgthread-2_0-0-debuginfo-32bit-2.48.2-12.37.1 * libglib-2_0-0-32bit-2.48.2-12.37.1 * libgio-2_0-0-32bit-2.48.2-12.37.1 * libgobject-2_0-0-debuginfo-32bit-2.48.2-12.37.1 * libglib-2_0-0-debuginfo-32bit-2.48.2-12.37.1 * libgmodule-2_0-0-debuginfo-32bit-2.48.2-12.37.1 * libgio-2_0-0-debuginfo-32bit-2.48.2-12.37.1 * libgmodule-2_0-0-32bit-2.48.2-12.37.1 * libgthread-2_0-0-32bit-2.48.2-12.37.1 * libgobject-2_0-0-32bit-2.48.2-12.37.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * glib2-tools-2.48.2-12.37.1 * libgthread-2_0-0-2.48.2-12.37.1 * glib2-debugsource-2.48.2-12.37.1 * libgio-2_0-0-2.48.2-12.37.1 * libgthread-2_0-0-debuginfo-2.48.2-12.37.1 * libglib-2_0-0-2.48.2-12.37.1 * glib2-tools-debuginfo-2.48.2-12.37.1 * libgobject-2_0-0-debuginfo-2.48.2-12.37.1 * libgmodule-2_0-0-2.48.2-12.37.1 * libgmodule-2_0-0-debuginfo-2.48.2-12.37.1 * libgio-2_0-0-debuginfo-2.48.2-12.37.1 * libglib-2_0-0-debuginfo-2.48.2-12.37.1 * libgobject-2_0-0-2.48.2-12.37.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (noarch) * glib2-lang-2.48.2-12.37.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (x86_64) * libgthread-2_0-0-debuginfo-32bit-2.48.2-12.37.1 * libglib-2_0-0-32bit-2.48.2-12.37.1 * libgio-2_0-0-32bit-2.48.2-12.37.1 * libgobject-2_0-0-debuginfo-32bit-2.48.2-12.37.1 * libglib-2_0-0-debuginfo-32bit-2.48.2-12.37.1 * libgmodule-2_0-0-debuginfo-32bit-2.48.2-12.37.1 * libgio-2_0-0-debuginfo-32bit-2.48.2-12.37.1 * libgmodule-2_0-0-32bit-2.48.2-12.37.1 * libgthread-2_0-0-32bit-2.48.2-12.37.1 * libgobject-2_0-0-32bit-2.48.2-12.37.1 * SUSE Linux Enterprise Workstation Extension 12 12-SP5 (x86_64) * libgio-fam-2.48.2-12.37.1 * libgio-fam-debuginfo-2.48.2-12.37.1 * glib2-debugsource-2.48.2-12.37.1 ## References: * https://www.suse.com/security/cve/CVE-2024-34397.html * https://bugzilla.suse.com/show_bug.cgi?id=1224044 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 29 16:30:18 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 29 May 2024 16:30:18 -0000 Subject: SUSE-SU-2024:1832-1: important: Security update for xdg-desktop-portal Message-ID: <171700021890.22495.2605181541933326863@smelt2.prg2.suse.org> # Security update for xdg-desktop-portal Announcement ID: SUSE-SU-2024:1832-1 Rating: important References: * bsc#1223110 Cross-References: * CVE-2024-32462 CVSS scores: * CVE-2024-32462 ( SUSE ): 8.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for xdg-desktop-portal fixes the following issues: * CVE-2024-32462: Fixed sandbox escape via RequestBackground portal (bsc#1223110). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1832=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1832=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1832=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * xdg-desktop-portal-debuginfo-1.4.2-3.3.1 * xdg-desktop-portal-1.4.2-3.3.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (noarch) * xdg-desktop-portal-lang-1.4.2-3.3.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * xdg-desktop-portal-debuginfo-1.4.2-3.3.1 * xdg-desktop-portal-1.4.2-3.3.1 * SUSE Linux Enterprise Server 12 SP5 (noarch) * xdg-desktop-portal-lang-1.4.2-3.3.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * xdg-desktop-portal-debuginfo-1.4.2-3.3.1 * xdg-desktop-portal-1.4.2-3.3.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (noarch) * xdg-desktop-portal-lang-1.4.2-3.3.1 ## References: * https://www.suse.com/security/cve/CVE-2024-32462.html * https://bugzilla.suse.com/show_bug.cgi?id=1223110 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 29 16:30:20 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 29 May 2024 16:30:20 -0000 Subject: SUSE-SU-2024:1831-1: important: Security update for xdg-desktop-portal Message-ID: <171700022045.22495.10733758814132868686@smelt2.prg2.suse.org> # Security update for xdg-desktop-portal Announcement ID: SUSE-SU-2024:1831-1 Rating: important References: * bsc#1223110 Cross-References: * CVE-2024-32462 CVSS scores: * CVE-2024-32462 ( SUSE ): 8.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N Affected Products: * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves one vulnerability can now be installed. ## Description: This update for xdg-desktop-portal fixes the following issues: * CVE-2024-32462: Fixed sandbox escape via RequestBackground portal (bsc#1223110). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-1831=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-1831=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-1831=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-1831=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-1831=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-1831=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-1831=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * xdg-desktop-portal-1.8.0-150200.5.6.1 * xdg-desktop-portal-debugsource-1.8.0-150200.5.6.1 * xdg-desktop-portal-debuginfo-1.8.0-150200.5.6.1 * xdg-desktop-portal-devel-1.8.0-150200.5.6.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (noarch) * xdg-desktop-portal-lang-1.8.0-150200.5.6.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * xdg-desktop-portal-1.8.0-150200.5.6.1 * xdg-desktop-portal-debugsource-1.8.0-150200.5.6.1 * xdg-desktop-portal-debuginfo-1.8.0-150200.5.6.1 * xdg-desktop-portal-devel-1.8.0-150200.5.6.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * xdg-desktop-portal-lang-1.8.0-150200.5.6.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * xdg-desktop-portal-1.8.0-150200.5.6.1 * xdg-desktop-portal-debugsource-1.8.0-150200.5.6.1 * xdg-desktop-portal-debuginfo-1.8.0-150200.5.6.1 * xdg-desktop-portal-devel-1.8.0-150200.5.6.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (noarch) * xdg-desktop-portal-lang-1.8.0-150200.5.6.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * xdg-desktop-portal-1.8.0-150200.5.6.1 * xdg-desktop-portal-debugsource-1.8.0-150200.5.6.1 * xdg-desktop-portal-debuginfo-1.8.0-150200.5.6.1 * xdg-desktop-portal-devel-1.8.0-150200.5.6.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch) * xdg-desktop-portal-lang-1.8.0-150200.5.6.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * xdg-desktop-portal-1.8.0-150200.5.6.1 * xdg-desktop-portal-debugsource-1.8.0-150200.5.6.1 * xdg-desktop-portal-debuginfo-1.8.0-150200.5.6.1 * xdg-desktop-portal-devel-1.8.0-150200.5.6.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (noarch) * xdg-desktop-portal-lang-1.8.0-150200.5.6.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * xdg-desktop-portal-1.8.0-150200.5.6.1 * xdg-desktop-portal-debugsource-1.8.0-150200.5.6.1 * xdg-desktop-portal-debuginfo-1.8.0-150200.5.6.1 * xdg-desktop-portal-devel-1.8.0-150200.5.6.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * xdg-desktop-portal-lang-1.8.0-150200.5.6.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * xdg-desktop-portal-1.8.0-150200.5.6.1 * xdg-desktop-portal-debugsource-1.8.0-150200.5.6.1 * xdg-desktop-portal-debuginfo-1.8.0-150200.5.6.1 * xdg-desktop-portal-devel-1.8.0-150200.5.6.1 * SUSE Enterprise Storage 7.1 (noarch) * xdg-desktop-portal-lang-1.8.0-150200.5.6.1 ## References: * https://www.suse.com/security/cve/CVE-2024-32462.html * https://bugzilla.suse.com/show_bug.cgi?id=1223110 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 29 16:30:22 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 29 May 2024 16:30:22 -0000 Subject: SUSE-SU-2024:1830-1: low: Security update for glib2 Message-ID: <171700022206.22495.2393124274646492409@smelt2.prg2.suse.org> # Security update for glib2 Announcement ID: SUSE-SU-2024:1830-1 Rating: low References: * bsc#1224044 Cross-References: * CVE-2024-34397 CVSS scores: * CVE-2024-34397 ( SUSE ): 3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap Micro 5.3 * openSUSE Leap Micro 5.4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for glib2 fixes the following issues: * CVE-2024-34397: Fixed signal subscription unicast spoofing vulnerability (bsc#1224044). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-1830=1 * openSUSE Leap Micro 5.3 zypper in -t patch openSUSE-Leap-Micro-5.3-2024-1830=1 * openSUSE Leap Micro 5.4 zypper in -t patch openSUSE-Leap-Micro-5.4-2024-1830=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1830=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-1830=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-1830=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-1830=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-1830=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-1830=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-1830=1 ## Package List: * openSUSE Leap 15.4 (noarch) * glib2-lang-2.70.5-150400.3.11.1 * gio-branding-upstream-2.70.5-150400.3.11.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * libgio-2_0-0-2.70.5-150400.3.11.1 * libgobject-2_0-0-2.70.5-150400.3.11.1 * libgmodule-2_0-0-2.70.5-150400.3.11.1 * glib2-tests-devel-2.70.5-150400.3.11.1 * glib2-tools-debuginfo-2.70.5-150400.3.11.1 * glib2-tools-2.70.5-150400.3.11.1 * libglib-2_0-0-2.70.5-150400.3.11.1 * libglib-2_0-0-debuginfo-2.70.5-150400.3.11.1 * glib2-devel-debuginfo-2.70.5-150400.3.11.1 * glib2-tests-devel-debuginfo-2.70.5-150400.3.11.1 * libgthread-2_0-0-2.70.5-150400.3.11.1 * libgthread-2_0-0-debuginfo-2.70.5-150400.3.11.1 * glib2-devel-static-2.70.5-150400.3.11.1 * libgobject-2_0-0-debuginfo-2.70.5-150400.3.11.1 * glib2-devel-2.70.5-150400.3.11.1 * glib2-doc-2.70.5-150400.3.11.1 * libgio-2_0-0-debuginfo-2.70.5-150400.3.11.1 * libgmodule-2_0-0-debuginfo-2.70.5-150400.3.11.1 * glib2-debugsource-2.70.5-150400.3.11.1 * openSUSE Leap 15.4 (x86_64) * libglib-2_0-0-32bit-debuginfo-2.70.5-150400.3.11.1 * libgobject-2_0-0-32bit-2.70.5-150400.3.11.1 * glib2-devel-32bit-2.70.5-150400.3.11.1 * libgobject-2_0-0-32bit-debuginfo-2.70.5-150400.3.11.1 * libgio-2_0-0-32bit-debuginfo-2.70.5-150400.3.11.1 * glib2-tools-32bit-2.70.5-150400.3.11.1 * glib2-devel-32bit-debuginfo-2.70.5-150400.3.11.1 * libgio-2_0-0-32bit-2.70.5-150400.3.11.1 * libgthread-2_0-0-32bit-debuginfo-2.70.5-150400.3.11.1 * glib2-tools-32bit-debuginfo-2.70.5-150400.3.11.1 * libgmodule-2_0-0-32bit-debuginfo-2.70.5-150400.3.11.1 * libglib-2_0-0-32bit-2.70.5-150400.3.11.1 * libgthread-2_0-0-32bit-2.70.5-150400.3.11.1 * libgmodule-2_0-0-32bit-2.70.5-150400.3.11.1 * openSUSE Leap 15.4 (aarch64_ilp32) * glib2-tools-64bit-2.70.5-150400.3.11.1 * libgmodule-2_0-0-64bit-2.70.5-150400.3.11.1 * libgio-2_0-0-64bit-debuginfo-2.70.5-150400.3.11.1 * libgmodule-2_0-0-64bit-debuginfo-2.70.5-150400.3.11.1 * glib2-devel-64bit-debuginfo-2.70.5-150400.3.11.1 * libgobject-2_0-0-64bit-debuginfo-2.70.5-150400.3.11.1 * libgio-2_0-0-64bit-2.70.5-150400.3.11.1 * libglib-2_0-0-64bit-2.70.5-150400.3.11.1 * libgobject-2_0-0-64bit-2.70.5-150400.3.11.1 * libglib-2_0-0-64bit-debuginfo-2.70.5-150400.3.11.1 * libgthread-2_0-0-64bit-debuginfo-2.70.5-150400.3.11.1 * libgthread-2_0-0-64bit-2.70.5-150400.3.11.1 * glib2-devel-64bit-2.70.5-150400.3.11.1 * glib2-tools-64bit-debuginfo-2.70.5-150400.3.11.1 * openSUSE Leap Micro 5.3 (aarch64 x86_64) * libgio-2_0-0-2.70.5-150400.3.11.1 * libgobject-2_0-0-2.70.5-150400.3.11.1 * libgmodule-2_0-0-2.70.5-150400.3.11.1 * glib2-tools-debuginfo-2.70.5-150400.3.11.1 * libglib-2_0-0-2.70.5-150400.3.11.1 * glib2-tools-2.70.5-150400.3.11.1 * libglib-2_0-0-debuginfo-2.70.5-150400.3.11.1 * libgobject-2_0-0-debuginfo-2.70.5-150400.3.11.1 * libgio-2_0-0-debuginfo-2.70.5-150400.3.11.1 * libgmodule-2_0-0-debuginfo-2.70.5-150400.3.11.1 * glib2-debugsource-2.70.5-150400.3.11.1 * openSUSE Leap Micro 5.4 (aarch64 s390x x86_64) * libgio-2_0-0-2.70.5-150400.3.11.1 * libgobject-2_0-0-2.70.5-150400.3.11.1 * libgmodule-2_0-0-2.70.5-150400.3.11.1 * glib2-tools-debuginfo-2.70.5-150400.3.11.1 * libglib-2_0-0-2.70.5-150400.3.11.1 * glib2-tools-2.70.5-150400.3.11.1 * libglib-2_0-0-debuginfo-2.70.5-150400.3.11.1 * libgobject-2_0-0-debuginfo-2.70.5-150400.3.11.1 * libgio-2_0-0-debuginfo-2.70.5-150400.3.11.1 * libgmodule-2_0-0-debuginfo-2.70.5-150400.3.11.1 * glib2-debugsource-2.70.5-150400.3.11.1 * openSUSE Leap 15.5 (noarch) * glib2-lang-2.70.5-150400.3.11.1 * gio-branding-upstream-2.70.5-150400.3.11.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * libgio-2_0-0-2.70.5-150400.3.11.1 * libgobject-2_0-0-2.70.5-150400.3.11.1 * libgmodule-2_0-0-2.70.5-150400.3.11.1 * glib2-tests-devel-2.70.5-150400.3.11.1 * glib2-tools-debuginfo-2.70.5-150400.3.11.1 * glib2-tools-2.70.5-150400.3.11.1 * libglib-2_0-0-2.70.5-150400.3.11.1 * libglib-2_0-0-debuginfo-2.70.5-150400.3.11.1 * glib2-devel-debuginfo-2.70.5-150400.3.11.1 * glib2-tests-devel-debuginfo-2.70.5-150400.3.11.1 * libgthread-2_0-0-2.70.5-150400.3.11.1 * libgthread-2_0-0-debuginfo-2.70.5-150400.3.11.1 * glib2-devel-static-2.70.5-150400.3.11.1 * libgobject-2_0-0-debuginfo-2.70.5-150400.3.11.1 * glib2-doc-2.70.5-150400.3.11.1 * glib2-devel-2.70.5-150400.3.11.1 * libgio-2_0-0-debuginfo-2.70.5-150400.3.11.1 * libgmodule-2_0-0-debuginfo-2.70.5-150400.3.11.1 * glib2-debugsource-2.70.5-150400.3.11.1 * openSUSE Leap 15.5 (x86_64) * libglib-2_0-0-32bit-debuginfo-2.70.5-150400.3.11.1 * libgobject-2_0-0-32bit-2.70.5-150400.3.11.1 * glib2-devel-32bit-2.70.5-150400.3.11.1 * libgobject-2_0-0-32bit-debuginfo-2.70.5-150400.3.11.1 * libgio-2_0-0-32bit-debuginfo-2.70.5-150400.3.11.1 * glib2-tools-32bit-2.70.5-150400.3.11.1 * glib2-devel-32bit-debuginfo-2.70.5-150400.3.11.1 * libgio-2_0-0-32bit-2.70.5-150400.3.11.1 * libgthread-2_0-0-32bit-debuginfo-2.70.5-150400.3.11.1 * glib2-tools-32bit-debuginfo-2.70.5-150400.3.11.1 * libgmodule-2_0-0-32bit-debuginfo-2.70.5-150400.3.11.1 * libglib-2_0-0-32bit-2.70.5-150400.3.11.1 * libgthread-2_0-0-32bit-2.70.5-150400.3.11.1 * libgmodule-2_0-0-32bit-2.70.5-150400.3.11.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * libgio-2_0-0-2.70.5-150400.3.11.1 * libgobject-2_0-0-2.70.5-150400.3.11.1 * libgmodule-2_0-0-2.70.5-150400.3.11.1 * glib2-tools-debuginfo-2.70.5-150400.3.11.1 * libglib-2_0-0-2.70.5-150400.3.11.1 * glib2-tools-2.70.5-150400.3.11.1 * libglib-2_0-0-debuginfo-2.70.5-150400.3.11.1 * libgobject-2_0-0-debuginfo-2.70.5-150400.3.11.1 * libgio-2_0-0-debuginfo-2.70.5-150400.3.11.1 * libgmodule-2_0-0-debuginfo-2.70.5-150400.3.11.1 * glib2-debugsource-2.70.5-150400.3.11.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * libgio-2_0-0-2.70.5-150400.3.11.1 * libgobject-2_0-0-2.70.5-150400.3.11.1 * libgmodule-2_0-0-2.70.5-150400.3.11.1 * glib2-tools-debuginfo-2.70.5-150400.3.11.1 * libglib-2_0-0-2.70.5-150400.3.11.1 * glib2-tools-2.70.5-150400.3.11.1 * libglib-2_0-0-debuginfo-2.70.5-150400.3.11.1 * libgobject-2_0-0-debuginfo-2.70.5-150400.3.11.1 * libgio-2_0-0-debuginfo-2.70.5-150400.3.11.1 * libgmodule-2_0-0-debuginfo-2.70.5-150400.3.11.1 * glib2-debugsource-2.70.5-150400.3.11.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * libgio-2_0-0-2.70.5-150400.3.11.1 * libgobject-2_0-0-2.70.5-150400.3.11.1 * libgmodule-2_0-0-2.70.5-150400.3.11.1 * glib2-tools-debuginfo-2.70.5-150400.3.11.1 * libglib-2_0-0-2.70.5-150400.3.11.1 * glib2-tools-2.70.5-150400.3.11.1 * libglib-2_0-0-debuginfo-2.70.5-150400.3.11.1 * libgobject-2_0-0-debuginfo-2.70.5-150400.3.11.1 * libgio-2_0-0-debuginfo-2.70.5-150400.3.11.1 * libgmodule-2_0-0-debuginfo-2.70.5-150400.3.11.1 * glib2-debugsource-2.70.5-150400.3.11.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * libgio-2_0-0-2.70.5-150400.3.11.1 * libgobject-2_0-0-2.70.5-150400.3.11.1 * libgmodule-2_0-0-2.70.5-150400.3.11.1 * glib2-tools-debuginfo-2.70.5-150400.3.11.1 * libglib-2_0-0-2.70.5-150400.3.11.1 * glib2-tools-2.70.5-150400.3.11.1 * libglib-2_0-0-debuginfo-2.70.5-150400.3.11.1 * libgobject-2_0-0-debuginfo-2.70.5-150400.3.11.1 * libgio-2_0-0-debuginfo-2.70.5-150400.3.11.1 * libgmodule-2_0-0-debuginfo-2.70.5-150400.3.11.1 * glib2-debugsource-2.70.5-150400.3.11.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 s390x x86_64) * libgio-2_0-0-2.70.5-150400.3.11.1 * libgobject-2_0-0-2.70.5-150400.3.11.1 * libgmodule-2_0-0-2.70.5-150400.3.11.1 * glib2-tools-debuginfo-2.70.5-150400.3.11.1 * libglib-2_0-0-2.70.5-150400.3.11.1 * glib2-tools-2.70.5-150400.3.11.1 * libglib-2_0-0-debuginfo-2.70.5-150400.3.11.1 * libgobject-2_0-0-debuginfo-2.70.5-150400.3.11.1 * libgio-2_0-0-debuginfo-2.70.5-150400.3.11.1 * libgmodule-2_0-0-debuginfo-2.70.5-150400.3.11.1 * glib2-debugsource-2.70.5-150400.3.11.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * libgio-2_0-0-2.70.5-150400.3.11.1 * libgobject-2_0-0-2.70.5-150400.3.11.1 * libgmodule-2_0-0-2.70.5-150400.3.11.1 * glib2-tools-debuginfo-2.70.5-150400.3.11.1 * libglib-2_0-0-2.70.5-150400.3.11.1 * glib2-tools-2.70.5-150400.3.11.1 * libglib-2_0-0-debuginfo-2.70.5-150400.3.11.1 * libgthread-2_0-0-2.70.5-150400.3.11.1 * glib2-devel-debuginfo-2.70.5-150400.3.11.1 * libgthread-2_0-0-debuginfo-2.70.5-150400.3.11.1 * libgobject-2_0-0-debuginfo-2.70.5-150400.3.11.1 * glib2-devel-2.70.5-150400.3.11.1 * libgio-2_0-0-debuginfo-2.70.5-150400.3.11.1 * libgmodule-2_0-0-debuginfo-2.70.5-150400.3.11.1 * glib2-debugsource-2.70.5-150400.3.11.1 * Basesystem Module 15-SP5 (noarch) * glib2-lang-2.70.5-150400.3.11.1 * Basesystem Module 15-SP5 (x86_64) * libglib-2_0-0-32bit-debuginfo-2.70.5-150400.3.11.1 * libgobject-2_0-0-32bit-2.70.5-150400.3.11.1 * libgobject-2_0-0-32bit-debuginfo-2.70.5-150400.3.11.1 * libgio-2_0-0-32bit-debuginfo-2.70.5-150400.3.11.1 * libgio-2_0-0-32bit-2.70.5-150400.3.11.1 * libgmodule-2_0-0-32bit-debuginfo-2.70.5-150400.3.11.1 * libglib-2_0-0-32bit-2.70.5-150400.3.11.1 * libgmodule-2_0-0-32bit-2.70.5-150400.3.11.1 ## References: * https://www.suse.com/security/cve/CVE-2024-34397.html * https://bugzilla.suse.com/show_bug.cgi?id=1224044 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 29 20:30:06 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 29 May 2024 20:30:06 -0000 Subject: SUSE-SU-2024:1847-1: important: Security update for python36 Message-ID: <171701460632.22874.10388493324658938337@smelt2.prg2.suse.org> # Security update for python36 Announcement ID: SUSE-SU-2024:1847-1 Rating: important References: * bsc#1214691 * bsc#1219559 * bsc#1219666 * bsc#1220664 * bsc#1221563 * bsc#1221854 * bsc#1222075 * bsc#1222109 Cross-References: * CVE-2022-48566 * CVE-2023-52425 * CVE-2023-6597 * CVE-2024-0450 CVSS scores: * CVE-2022-48566 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:N * CVE-2022-48566 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2023-52425 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52425 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6597 ( SUSE ): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-0450 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 An update that solves four vulnerabilities and has four security fixes can now be installed. ## Description: This update for python36 fixes the following issues: * CVE-2023-52425: Fixed backport so it uses features sniffing, not just comparing version number (bsc#1219559). * CVE-2024-0450: Fixed detecting the vulnerability of "quoted-overlap" zipbomb (bsc#1221854). * CVE-2023-6597: Fixed symlink bug in cleanup of tempfile.TemporaryDirectory (bsc#1219666). * CVE-2022-48566: Fixed compare_digest constant-time (bsc#1214691). Bug fixes: * Fixed syslog making default "ident from sys.argv[0] (bsc#1222109). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-1847=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1847=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1847=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1847=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * python36-devel-3.6.15-55.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * python36-base-3.6.15-55.1 * libpython3_6m1_0-debuginfo-3.6.15-55.1 * python36-debugsource-3.6.15-55.1 * python36-base-debuginfo-3.6.15-55.1 * python36-debuginfo-3.6.15-55.1 * libpython3_6m1_0-3.6.15-55.1 * python36-3.6.15-55.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (x86_64) * libpython3_6m1_0-debuginfo-32bit-3.6.15-55.1 * libpython3_6m1_0-32bit-3.6.15-55.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * python36-base-3.6.15-55.1 * libpython3_6m1_0-debuginfo-3.6.15-55.1 * python36-debugsource-3.6.15-55.1 * python36-base-debuginfo-3.6.15-55.1 * python36-debuginfo-3.6.15-55.1 * libpython3_6m1_0-3.6.15-55.1 * python36-3.6.15-55.1 * SUSE Linux Enterprise Server 12 SP5 (s390x x86_64) * libpython3_6m1_0-debuginfo-32bit-3.6.15-55.1 * libpython3_6m1_0-32bit-3.6.15-55.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * python36-base-3.6.15-55.1 * libpython3_6m1_0-debuginfo-3.6.15-55.1 * python36-debugsource-3.6.15-55.1 * python36-base-debuginfo-3.6.15-55.1 * python36-debuginfo-3.6.15-55.1 * libpython3_6m1_0-3.6.15-55.1 * python36-3.6.15-55.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (x86_64) * libpython3_6m1_0-debuginfo-32bit-3.6.15-55.1 * libpython3_6m1_0-32bit-3.6.15-55.1 ## References: * https://www.suse.com/security/cve/CVE-2022-48566.html * https://www.suse.com/security/cve/CVE-2023-52425.html * https://www.suse.com/security/cve/CVE-2023-6597.html * https://www.suse.com/security/cve/CVE-2024-0450.html * https://bugzilla.suse.com/show_bug.cgi?id=1214691 * https://bugzilla.suse.com/show_bug.cgi?id=1219559 * https://bugzilla.suse.com/show_bug.cgi?id=1219666 * https://bugzilla.suse.com/show_bug.cgi?id=1220664 * https://bugzilla.suse.com/show_bug.cgi?id=1221563 * https://bugzilla.suse.com/show_bug.cgi?id=1221854 * https://bugzilla.suse.com/show_bug.cgi?id=1222075 * https://bugzilla.suse.com/show_bug.cgi?id=1222109 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 29 20:30:07 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 29 May 2024 20:30:07 -0000 Subject: SUSE-SU-2024:1846-1: important: Security update for libfastjson Message-ID: <171701460797.22874.8448597380207720510@smelt2.prg2.suse.org> # Security update for libfastjson Announcement ID: SUSE-SU-2024:1846-1 Rating: important References: * bsc#1171479 Cross-References: * CVE-2020-12762 CVSS scores: * CVE-2020-12762 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2020-12762 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for libfastjson fixes the following issues: * CVE-2020-12762: Fixed integer overflow and out-of-bounds write via a large JSON file (bsc#1171479). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1846=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1846=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1846=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * libfastjson4-0.99.8-3.6.1 * libfastjson4-debuginfo-0.99.8-3.6.1 * libfastjson-debugsource-0.99.8-3.6.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * libfastjson4-0.99.8-3.6.1 * libfastjson4-debuginfo-0.99.8-3.6.1 * libfastjson-debugsource-0.99.8-3.6.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * libfastjson4-0.99.8-3.6.1 * libfastjson4-debuginfo-0.99.8-3.6.1 * libfastjson-debugsource-0.99.8-3.6.1 ## References: * https://www.suse.com/security/cve/CVE-2020-12762.html * https://bugzilla.suse.com/show_bug.cgi?id=1171479 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 29 20:30:10 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 29 May 2024 20:30:10 -0000 Subject: SUSE-SU-2024:1845-1: important: Security update for java-1_8_0-ibm Message-ID: <171701461011.22874.3466522230190527446@smelt2.prg2.suse.org> # Security update for java-1_8_0-ibm Announcement ID: SUSE-SU-2024:1845-1 Rating: important References: * bsc#1222979 * bsc#1222983 * bsc#1222984 * bsc#1222986 * bsc#1222987 * bsc#1223470 * bsc#1224164 Cross-References: * CVE-2023-38264 * CVE-2024-21011 * CVE-2024-21012 * CVE-2024-21068 * CVE-2024-21085 * CVE-2024-21094 CVSS scores: * CVE-2023-38264 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-21011 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-21012 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2024-21068 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2024-21085 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-21094 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 An update that solves six vulnerabilities and has one security fix can now be installed. ## Description: This update for java-1_8_0-ibm fixes the following issues: Update to Java 8.0 Service Refresh 8 Fix Pack 25 (bsc#1223470): * CVE-2023-38264: Fixed Object Request Broker (ORB) denial of service (bsc#1224164). * CVE-2024-21094: Fixed C2 compilation fails with "Exceeded _node_regs array" (bsc#1222986). * CVE-2024-21068: Fixed integer overflow in C1 compiler address generation (bsc#1222983). * CVE-2024-21085: Fixed Pack200 excessive memory allocation (bsc#1222984). * CVE-2024-21011: Fixed Long Exception message leading to crash (bsc#1222979). * CVE-2024-21012: Fixed HTTP/2 client improper reverse DNS lookup (bsc#1222987). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-1845=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1845=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1845=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1845=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (nosrc) * java-1_8_0-ibm-1.8.0_sr8.25-30.123.1 * SUSE Linux Enterprise Software Development Kit 12 SP5 (ppc64le s390x x86_64) * java-1_8_0-ibm-devel-1.8.0_sr8.25-30.123.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (nosrc ppc64le x86_64) * java-1_8_0-ibm-1.8.0_sr8.25-30.123.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * java-1_8_0-ibm-devel-1.8.0_sr8.25-30.123.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (x86_64) * java-1_8_0-ibm-alsa-1.8.0_sr8.25-30.123.1 * java-1_8_0-ibm-plugin-1.8.0_sr8.25-30.123.1 * SUSE Linux Enterprise Server 12 SP5 (nosrc ppc64le s390x x86_64) * java-1_8_0-ibm-1.8.0_sr8.25-30.123.1 * SUSE Linux Enterprise Server 12 SP5 (ppc64le s390x x86_64) * java-1_8_0-ibm-devel-1.8.0_sr8.25-30.123.1 * SUSE Linux Enterprise Server 12 SP5 (x86_64) * java-1_8_0-ibm-alsa-1.8.0_sr8.25-30.123.1 * java-1_8_0-ibm-plugin-1.8.0_sr8.25-30.123.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (nosrc x86_64) * java-1_8_0-ibm-1.8.0_sr8.25-30.123.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (x86_64) * java-1_8_0-ibm-devel-1.8.0_sr8.25-30.123.1 * java-1_8_0-ibm-alsa-1.8.0_sr8.25-30.123.1 * java-1_8_0-ibm-plugin-1.8.0_sr8.25-30.123.1 ## References: * https://www.suse.com/security/cve/CVE-2023-38264.html * https://www.suse.com/security/cve/CVE-2024-21011.html * https://www.suse.com/security/cve/CVE-2024-21012.html * https://www.suse.com/security/cve/CVE-2024-21068.html * https://www.suse.com/security/cve/CVE-2024-21085.html * https://www.suse.com/security/cve/CVE-2024-21094.html * https://bugzilla.suse.com/show_bug.cgi?id=1222979 * https://bugzilla.suse.com/show_bug.cgi?id=1222983 * https://bugzilla.suse.com/show_bug.cgi?id=1222984 * https://bugzilla.suse.com/show_bug.cgi?id=1222986 * https://bugzilla.suse.com/show_bug.cgi?id=1222987 * https://bugzilla.suse.com/show_bug.cgi?id=1223470 * https://bugzilla.suse.com/show_bug.cgi?id=1224164 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 29 20:30:11 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 29 May 2024 20:30:11 -0000 Subject: SUSE-SU-2024:1844-1: moderate: Security update for python Message-ID: <171701461172.22874.10110798599450493201@smelt2.prg2.suse.org> # Security update for python Announcement ID: SUSE-SU-2024:1844-1 Rating: moderate References: * bsc#1221854 Cross-References: * CVE-2024-0450 CVSS scores: * CVE-2024-0450 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Workstation Extension 12 12-SP5 An update that solves one vulnerability can now be installed. ## Description: This update for python fixes the following issues: * CVE-2024-0450: Fixed detecting the vulnerability of "quoted-overlap" zipbomb (bsc#1221854). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1844=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1844=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1844=1 * SUSE Linux Enterprise Workstation Extension 12 12-SP5 zypper in -t patch SUSE-SLE-WE-12-SP5-2024-1844=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * libpython2_7-1_0-2.7.18-33.35.1 * python-2.7.18-33.35.1 * python-debugsource-2.7.18-33.35.1 * python-gdbm-debuginfo-2.7.18-33.35.1 * python-xml-2.7.18-33.35.1 * python-xml-debuginfo-2.7.18-33.35.1 * python-curses-2.7.18-33.35.1 * python-debuginfo-2.7.18-33.35.1 * python-base-2.7.18-33.35.1 * libpython2_7-1_0-debuginfo-2.7.18-33.35.1 * python-gdbm-2.7.18-33.35.1 * python-tk-debuginfo-2.7.18-33.35.1 * python-curses-debuginfo-2.7.18-33.35.1 * python-demo-2.7.18-33.35.1 * python-base-debugsource-2.7.18-33.35.1 * python-devel-2.7.18-33.35.1 * python-tk-2.7.18-33.35.1 * python-base-debuginfo-2.7.18-33.35.1 * python-idle-2.7.18-33.35.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (noarch) * python-doc-2.7.18-33.35.1 * python-doc-pdf-2.7.18-33.35.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (x86_64) * python-32bit-2.7.18-33.35.1 * libpython2_7-1_0-32bit-2.7.18-33.35.1 * python-debuginfo-32bit-2.7.18-33.35.1 * libpython2_7-1_0-debuginfo-32bit-2.7.18-33.35.1 * python-base-32bit-2.7.18-33.35.1 * python-base-debuginfo-32bit-2.7.18-33.35.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * libpython2_7-1_0-2.7.18-33.35.1 * python-2.7.18-33.35.1 * python-debugsource-2.7.18-33.35.1 * python-gdbm-debuginfo-2.7.18-33.35.1 * python-xml-2.7.18-33.35.1 * python-xml-debuginfo-2.7.18-33.35.1 * python-curses-2.7.18-33.35.1 * python-debuginfo-2.7.18-33.35.1 * python-base-2.7.18-33.35.1 * libpython2_7-1_0-debuginfo-2.7.18-33.35.1 * python-gdbm-2.7.18-33.35.1 * python-tk-debuginfo-2.7.18-33.35.1 * python-curses-debuginfo-2.7.18-33.35.1 * python-demo-2.7.18-33.35.1 * python-base-debugsource-2.7.18-33.35.1 * python-devel-2.7.18-33.35.1 * python-tk-2.7.18-33.35.1 * python-base-debuginfo-2.7.18-33.35.1 * python-idle-2.7.18-33.35.1 * SUSE Linux Enterprise Server 12 SP5 (noarch) * python-doc-2.7.18-33.35.1 * python-doc-pdf-2.7.18-33.35.1 * SUSE Linux Enterprise Server 12 SP5 (s390x x86_64) * python-32bit-2.7.18-33.35.1 * libpython2_7-1_0-32bit-2.7.18-33.35.1 * python-debuginfo-32bit-2.7.18-33.35.1 * libpython2_7-1_0-debuginfo-32bit-2.7.18-33.35.1 * python-base-32bit-2.7.18-33.35.1 * python-base-debuginfo-32bit-2.7.18-33.35.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * libpython2_7-1_0-2.7.18-33.35.1 * python-2.7.18-33.35.1 * python-debugsource-2.7.18-33.35.1 * python-gdbm-debuginfo-2.7.18-33.35.1 * python-xml-2.7.18-33.35.1 * python-xml-debuginfo-2.7.18-33.35.1 * python-curses-2.7.18-33.35.1 * python-debuginfo-2.7.18-33.35.1 * python-base-2.7.18-33.35.1 * libpython2_7-1_0-debuginfo-2.7.18-33.35.1 * python-gdbm-2.7.18-33.35.1 * python-tk-debuginfo-2.7.18-33.35.1 * python-curses-debuginfo-2.7.18-33.35.1 * python-demo-2.7.18-33.35.1 * python-base-debugsource-2.7.18-33.35.1 * python-devel-2.7.18-33.35.1 * python-tk-2.7.18-33.35.1 * python-base-debuginfo-2.7.18-33.35.1 * python-idle-2.7.18-33.35.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (noarch) * python-doc-2.7.18-33.35.1 * python-doc-pdf-2.7.18-33.35.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (x86_64) * python-32bit-2.7.18-33.35.1 * libpython2_7-1_0-32bit-2.7.18-33.35.1 * python-debuginfo-32bit-2.7.18-33.35.1 * libpython2_7-1_0-debuginfo-32bit-2.7.18-33.35.1 * python-base-32bit-2.7.18-33.35.1 * python-base-debuginfo-32bit-2.7.18-33.35.1 * SUSE Linux Enterprise Workstation Extension 12 12-SP5 (x86_64) * python-base-debuginfo-2.7.18-33.35.1 * python-devel-2.7.18-33.35.1 * python-base-debugsource-2.7.18-33.35.1 ## References: * https://www.suse.com/security/cve/CVE-2024-0450.html * https://bugzilla.suse.com/show_bug.cgi?id=1221854 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 29 20:30:13 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 29 May 2024 20:30:13 -0000 Subject: SUSE-SU-2024:1843-1: moderate: Security update for python3 Message-ID: <171701461337.22874.5445842690686386241@smelt2.prg2.suse.org> # Security update for python3 Announcement ID: SUSE-SU-2024:1843-1 Rating: moderate References: * bsc#1221854 Cross-References: * CVE-2024-0450 CVSS scores: * CVE-2024-0450 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP2 * SUSE Linux Enterprise High Performance Computing 12 SP3 * SUSE Linux Enterprise High Performance Computing 12 SP4 * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 * SUSE Linux Enterprise Server 12 SP1 * SUSE Linux Enterprise Server 12 SP2 * SUSE Linux Enterprise Server 12 SP3 * SUSE Linux Enterprise Server 12 SP4 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 * SUSE Linux Enterprise Server for SAP Applications 12 SP1 * SUSE Linux Enterprise Server for SAP Applications 12 SP2 * SUSE Linux Enterprise Server for SAP Applications 12 SP3 * SUSE Linux Enterprise Server for SAP Applications 12 SP4 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 * Web and Scripting Module 12 An update that solves one vulnerability can now be installed. ## Description: This update for python3 fixes the following issues: * CVE-2024-0450: Fixed detecting the vulnerability of "quoted-overlap" zipbomb (bsc#1221854). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Web and Scripting Module 12 zypper in -t patch SUSE-SLE-Module-Web-Scripting-12-2024-1843=1 * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-1843=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1843=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1843=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1843=1 ## Package List: * Web and Scripting Module 12 (aarch64 ppc64le s390x x86_64) * python3-debugsource-3.4.10-25.130.1 * python3-base-debugsource-3.4.10-25.130.1 * python3-debuginfo-3.4.10-25.130.1 * libpython3_4m1_0-debuginfo-3.4.10-25.130.1 * python3-3.4.10-25.130.1 * python3-base-3.4.10-25.130.1 * python3-base-debuginfo-3.4.10-25.130.1 * libpython3_4m1_0-3.4.10-25.130.1 * python3-curses-3.4.10-25.130.1 * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * python3-debugsource-3.4.10-25.130.1 * python3-debuginfo-3.4.10-25.130.1 * python3-base-debugsource-3.4.10-25.130.1 * python3-devel-3.4.10-25.130.1 * python3-dbm-3.4.10-25.130.1 * python3-base-debuginfo-3.4.10-25.130.1 * python3-dbm-debuginfo-3.4.10-25.130.1 * SUSE Linux Enterprise Software Development Kit 12 SP5 (ppc64le s390x x86_64) * python3-devel-debuginfo-3.4.10-25.130.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * python3-tk-debuginfo-3.4.10-25.130.1 * python3-debugsource-3.4.10-25.130.1 * python3-curses-debuginfo-3.4.10-25.130.1 * python3-base-debugsource-3.4.10-25.130.1 * python3-debuginfo-3.4.10-25.130.1 * python3-devel-3.4.10-25.130.1 * libpython3_4m1_0-debuginfo-3.4.10-25.130.1 * python3-3.4.10-25.130.1 * python3-base-3.4.10-25.130.1 * python3-base-debuginfo-3.4.10-25.130.1 * python3-tk-3.4.10-25.130.1 * libpython3_4m1_0-3.4.10-25.130.1 * python3-curses-3.4.10-25.130.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (x86_64) * python3-devel-debuginfo-3.4.10-25.130.1 * libpython3_4m1_0-debuginfo-32bit-3.4.10-25.130.1 * libpython3_4m1_0-32bit-3.4.10-25.130.1 * python3-base-debuginfo-32bit-3.4.10-25.130.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * python3-tk-debuginfo-3.4.10-25.130.1 * python3-debugsource-3.4.10-25.130.1 * python3-curses-debuginfo-3.4.10-25.130.1 * python3-base-debugsource-3.4.10-25.130.1 * python3-debuginfo-3.4.10-25.130.1 * python3-devel-3.4.10-25.130.1 * libpython3_4m1_0-debuginfo-3.4.10-25.130.1 * python3-3.4.10-25.130.1 * python3-base-3.4.10-25.130.1 * python3-base-debuginfo-3.4.10-25.130.1 * python3-tk-3.4.10-25.130.1 * libpython3_4m1_0-3.4.10-25.130.1 * python3-curses-3.4.10-25.130.1 * SUSE Linux Enterprise Server 12 SP5 (ppc64le s390x x86_64) * python3-devel-debuginfo-3.4.10-25.130.1 * SUSE Linux Enterprise Server 12 SP5 (s390x x86_64) * libpython3_4m1_0-debuginfo-32bit-3.4.10-25.130.1 * libpython3_4m1_0-32bit-3.4.10-25.130.1 * python3-base-debuginfo-32bit-3.4.10-25.130.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * python3-tk-debuginfo-3.4.10-25.130.1 * python3-debugsource-3.4.10-25.130.1 * python3-curses-debuginfo-3.4.10-25.130.1 * python3-base-debugsource-3.4.10-25.130.1 * python3-debuginfo-3.4.10-25.130.1 * python3-devel-3.4.10-25.130.1 * libpython3_4m1_0-debuginfo-3.4.10-25.130.1 * python3-3.4.10-25.130.1 * python3-base-3.4.10-25.130.1 * python3-devel-debuginfo-3.4.10-25.130.1 * python3-base-debuginfo-3.4.10-25.130.1 * python3-tk-3.4.10-25.130.1 * libpython3_4m1_0-3.4.10-25.130.1 * python3-curses-3.4.10-25.130.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (x86_64) * libpython3_4m1_0-debuginfo-32bit-3.4.10-25.130.1 * libpython3_4m1_0-32bit-3.4.10-25.130.1 * python3-base-debuginfo-32bit-3.4.10-25.130.1 ## References: * https://www.suse.com/security/cve/CVE-2024-0450.html * https://bugzilla.suse.com/show_bug.cgi?id=1221854 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 29 20:30:15 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 29 May 2024 20:30:15 -0000 Subject: SUSE-SU-2024:1842-1: important: Security update for gdk-pixbuf Message-ID: <171701461551.22874.2465092839857912117@smelt2.prg2.suse.org> # Security update for gdk-pixbuf Announcement ID: SUSE-SU-2024:1842-1 Rating: important References: * bsc#1219276 Cross-References: * CVE-2022-48622 CVSS scores: * CVE-2022-48622 ( SUSE ): 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H * CVE-2022-48622 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves one vulnerability can now be installed. ## Description: This update for gdk-pixbuf fixes the following issues: * CVE-2022-48622: Fixed files rejection with multiple anih chunks (bsc#1219276). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-1842=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-1842=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-1842=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-1842=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-1842=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-1842=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-1842=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-1842=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-1842=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * gdk-pixbuf-thumbnailer-2.40.0-150200.3.12.1 * typelib-1_0-GdkPixbuf-2_0-2.40.0-150200.3.12.1 * libgdk_pixbuf-2_0-0-2.40.0-150200.3.12.1 * gdk-pixbuf-devel-debuginfo-2.40.0-150200.3.12.1 * gdk-pixbuf-debugsource-2.40.0-150200.3.12.1 * gdk-pixbuf-thumbnailer-debuginfo-2.40.0-150200.3.12.1 * gdk-pixbuf-query-loaders-2.40.0-150200.3.12.1 * typelib-1_0-GdkPixdata-2_0-2.40.0-150200.3.12.1 * gdk-pixbuf-query-loaders-debuginfo-2.40.0-150200.3.12.1 * gdk-pixbuf-devel-2.40.0-150200.3.12.1 * libgdk_pixbuf-2_0-0-debuginfo-2.40.0-150200.3.12.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (noarch) * gdk-pixbuf-lang-2.40.0-150200.3.12.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (x86_64) * libgdk_pixbuf-2_0-0-32bit-debuginfo-2.40.0-150200.3.12.1 * gdk-pixbuf-query-loaders-32bit-debuginfo-2.40.0-150200.3.12.1 * libgdk_pixbuf-2_0-0-32bit-2.40.0-150200.3.12.1 * gdk-pixbuf-query-loaders-32bit-2.40.0-150200.3.12.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * gdk-pixbuf-thumbnailer-2.40.0-150200.3.12.1 * typelib-1_0-GdkPixbuf-2_0-2.40.0-150200.3.12.1 * libgdk_pixbuf-2_0-0-2.40.0-150200.3.12.1 * gdk-pixbuf-devel-debuginfo-2.40.0-150200.3.12.1 * gdk-pixbuf-debugsource-2.40.0-150200.3.12.1 * gdk-pixbuf-thumbnailer-debuginfo-2.40.0-150200.3.12.1 * gdk-pixbuf-query-loaders-2.40.0-150200.3.12.1 * typelib-1_0-GdkPixdata-2_0-2.40.0-150200.3.12.1 * gdk-pixbuf-query-loaders-debuginfo-2.40.0-150200.3.12.1 * gdk-pixbuf-devel-2.40.0-150200.3.12.1 * libgdk_pixbuf-2_0-0-debuginfo-2.40.0-150200.3.12.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * gdk-pixbuf-lang-2.40.0-150200.3.12.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (x86_64) * gdk-pixbuf-query-loaders-32bit-debuginfo-2.40.0-150200.3.12.1 * libgdk_pixbuf-2_0-0-32bit-debuginfo-2.40.0-150200.3.12.1 * libgdk_pixbuf-2_0-0-32bit-2.40.0-150200.3.12.1 * gdk-pixbuf-query-loaders-32bit-2.40.0-150200.3.12.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * gdk-pixbuf-thumbnailer-2.40.0-150200.3.12.1 * typelib-1_0-GdkPixbuf-2_0-2.40.0-150200.3.12.1 * libgdk_pixbuf-2_0-0-2.40.0-150200.3.12.1 * gdk-pixbuf-devel-debuginfo-2.40.0-150200.3.12.1 * gdk-pixbuf-debugsource-2.40.0-150200.3.12.1 * gdk-pixbuf-thumbnailer-debuginfo-2.40.0-150200.3.12.1 * gdk-pixbuf-query-loaders-2.40.0-150200.3.12.1 * typelib-1_0-GdkPixdata-2_0-2.40.0-150200.3.12.1 * gdk-pixbuf-query-loaders-debuginfo-2.40.0-150200.3.12.1 * gdk-pixbuf-devel-2.40.0-150200.3.12.1 * libgdk_pixbuf-2_0-0-debuginfo-2.40.0-150200.3.12.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (noarch) * gdk-pixbuf-lang-2.40.0-150200.3.12.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (x86_64) * libgdk_pixbuf-2_0-0-32bit-debuginfo-2.40.0-150200.3.12.1 * gdk-pixbuf-query-loaders-32bit-debuginfo-2.40.0-150200.3.12.1 * libgdk_pixbuf-2_0-0-32bit-2.40.0-150200.3.12.1 * gdk-pixbuf-query-loaders-32bit-2.40.0-150200.3.12.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * gdk-pixbuf-thumbnailer-2.40.0-150200.3.12.1 * typelib-1_0-GdkPixbuf-2_0-2.40.0-150200.3.12.1 * libgdk_pixbuf-2_0-0-2.40.0-150200.3.12.1 * gdk-pixbuf-devel-debuginfo-2.40.0-150200.3.12.1 * gdk-pixbuf-debugsource-2.40.0-150200.3.12.1 * gdk-pixbuf-thumbnailer-debuginfo-2.40.0-150200.3.12.1 * gdk-pixbuf-query-loaders-2.40.0-150200.3.12.1 * typelib-1_0-GdkPixdata-2_0-2.40.0-150200.3.12.1 * gdk-pixbuf-query-loaders-debuginfo-2.40.0-150200.3.12.1 * gdk-pixbuf-devel-2.40.0-150200.3.12.1 * libgdk_pixbuf-2_0-0-debuginfo-2.40.0-150200.3.12.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch) * gdk-pixbuf-lang-2.40.0-150200.3.12.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (x86_64) * gdk-pixbuf-query-loaders-32bit-debuginfo-2.40.0-150200.3.12.1 * libgdk_pixbuf-2_0-0-32bit-debuginfo-2.40.0-150200.3.12.1 * libgdk_pixbuf-2_0-0-32bit-2.40.0-150200.3.12.1 * gdk-pixbuf-query-loaders-32bit-2.40.0-150200.3.12.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * gdk-pixbuf-thumbnailer-2.40.0-150200.3.12.1 * typelib-1_0-GdkPixbuf-2_0-2.40.0-150200.3.12.1 * libgdk_pixbuf-2_0-0-2.40.0-150200.3.12.1 * gdk-pixbuf-devel-debuginfo-2.40.0-150200.3.12.1 * gdk-pixbuf-debugsource-2.40.0-150200.3.12.1 * gdk-pixbuf-thumbnailer-debuginfo-2.40.0-150200.3.12.1 * gdk-pixbuf-query-loaders-2.40.0-150200.3.12.1 * typelib-1_0-GdkPixdata-2_0-2.40.0-150200.3.12.1 * gdk-pixbuf-query-loaders-debuginfo-2.40.0-150200.3.12.1 * gdk-pixbuf-devel-2.40.0-150200.3.12.1 * libgdk_pixbuf-2_0-0-debuginfo-2.40.0-150200.3.12.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (noarch) * gdk-pixbuf-lang-2.40.0-150200.3.12.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (x86_64) * libgdk_pixbuf-2_0-0-32bit-debuginfo-2.40.0-150200.3.12.1 * gdk-pixbuf-query-loaders-32bit-debuginfo-2.40.0-150200.3.12.1 * libgdk_pixbuf-2_0-0-32bit-2.40.0-150200.3.12.1 * gdk-pixbuf-query-loaders-32bit-2.40.0-150200.3.12.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * gdk-pixbuf-thumbnailer-2.40.0-150200.3.12.1 * typelib-1_0-GdkPixbuf-2_0-2.40.0-150200.3.12.1 * libgdk_pixbuf-2_0-0-2.40.0-150200.3.12.1 * gdk-pixbuf-devel-debuginfo-2.40.0-150200.3.12.1 * gdk-pixbuf-debugsource-2.40.0-150200.3.12.1 * gdk-pixbuf-thumbnailer-debuginfo-2.40.0-150200.3.12.1 * gdk-pixbuf-query-loaders-2.40.0-150200.3.12.1 * typelib-1_0-GdkPixdata-2_0-2.40.0-150200.3.12.1 * gdk-pixbuf-query-loaders-debuginfo-2.40.0-150200.3.12.1 * gdk-pixbuf-devel-2.40.0-150200.3.12.1 * libgdk_pixbuf-2_0-0-debuginfo-2.40.0-150200.3.12.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * gdk-pixbuf-lang-2.40.0-150200.3.12.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (x86_64) * gdk-pixbuf-query-loaders-32bit-debuginfo-2.40.0-150200.3.12.1 * libgdk_pixbuf-2_0-0-32bit-debuginfo-2.40.0-150200.3.12.1 * libgdk_pixbuf-2_0-0-32bit-2.40.0-150200.3.12.1 * gdk-pixbuf-query-loaders-32bit-2.40.0-150200.3.12.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * gdk-pixbuf-thumbnailer-2.40.0-150200.3.12.1 * typelib-1_0-GdkPixbuf-2_0-2.40.0-150200.3.12.1 * libgdk_pixbuf-2_0-0-2.40.0-150200.3.12.1 * gdk-pixbuf-devel-debuginfo-2.40.0-150200.3.12.1 * gdk-pixbuf-debugsource-2.40.0-150200.3.12.1 * gdk-pixbuf-thumbnailer-debuginfo-2.40.0-150200.3.12.1 * gdk-pixbuf-query-loaders-2.40.0-150200.3.12.1 * typelib-1_0-GdkPixdata-2_0-2.40.0-150200.3.12.1 * gdk-pixbuf-query-loaders-debuginfo-2.40.0-150200.3.12.1 * gdk-pixbuf-devel-2.40.0-150200.3.12.1 * libgdk_pixbuf-2_0-0-debuginfo-2.40.0-150200.3.12.1 * SUSE Enterprise Storage 7.1 (noarch) * gdk-pixbuf-lang-2.40.0-150200.3.12.1 * SUSE Enterprise Storage 7.1 (x86_64) * gdk-pixbuf-query-loaders-32bit-debuginfo-2.40.0-150200.3.12.1 * libgdk_pixbuf-2_0-0-32bit-debuginfo-2.40.0-150200.3.12.1 * libgdk_pixbuf-2_0-0-32bit-2.40.0-150200.3.12.1 * gdk-pixbuf-query-loaders-32bit-2.40.0-150200.3.12.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * typelib-1_0-GdkPixbuf-2_0-2.40.0-150200.3.12.1 * libgdk_pixbuf-2_0-0-2.40.0-150200.3.12.1 * gdk-pixbuf-debugsource-2.40.0-150200.3.12.1 * gdk-pixbuf-query-loaders-2.40.0-150200.3.12.1 * gdk-pixbuf-query-loaders-debuginfo-2.40.0-150200.3.12.1 * libgdk_pixbuf-2_0-0-debuginfo-2.40.0-150200.3.12.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * typelib-1_0-GdkPixbuf-2_0-2.40.0-150200.3.12.1 * libgdk_pixbuf-2_0-0-2.40.0-150200.3.12.1 * gdk-pixbuf-debugsource-2.40.0-150200.3.12.1 * gdk-pixbuf-query-loaders-2.40.0-150200.3.12.1 * gdk-pixbuf-query-loaders-debuginfo-2.40.0-150200.3.12.1 * libgdk_pixbuf-2_0-0-debuginfo-2.40.0-150200.3.12.1 ## References: * https://www.suse.com/security/cve/CVE-2022-48622.html * https://bugzilla.suse.com/show_bug.cgi?id=1219276 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 30 12:30:14 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 30 May 2024 12:30:14 -0000 Subject: SUSE-SU-2024:1557-2: moderate: Security update for rpm Message-ID: <171707221401.3435.357522892694680382@smelt2.prg2.suse.org> # Security update for rpm Announcement ID: SUSE-SU-2024:1557-2 Rating: moderate References: * bsc#1189495 * bsc#1191175 * bsc#1218686 Cross-References: * CVE-2021-3521 CVSS scores: * CVE-2021-3521 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:N * CVE-2021-3521 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N Affected Products: * Basesystem Module 15-SP6 * Development Tools Module 15-SP6 * openSUSE Leap 15.6 * Public Cloud Module 15-SP6 * Python 3 Module 15-SP6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability and has two security fixes can now be installed. ## Description: This update for rpm fixes the following issues: Security fixes: \- CVE-2021-3521: Fixed missing subkey binding signature checking (bsc#1191175) Other fixes: * accept more signature subpackets marked as critical (bsc#1218686) * backport limit support for the autopatch macro (bsc#1189495) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-1557=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-1557=1 * Development Tools Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2024-1557=1 * Public Cloud Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP6-2024-1557=1 * Python 3 Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Python3-15-SP6-2024-1557=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * rpm-4.14.3-150400.59.16.1 * python311-rpm-debuginfo-4.14.3-150400.59.16.1 * rpm-build-4.14.3-150400.59.16.1 * python311-rpm-4.14.3-150400.59.16.1 * rpm-devel-4.14.3-150400.59.16.1 * rpm-ndb-4.14.3-150400.59.16.1 * rpm-build-debuginfo-4.14.3-150400.59.16.1 * rpm-ndb-debugsource-4.14.3-150400.59.16.1 * rpm-imaevmsign-4.14.3-150400.59.16.1 * rpm-debugsource-4.14.3-150400.59.16.1 * python3-rpm-4.14.3-150400.59.16.1 * rpm-ndb-debuginfo-4.14.3-150400.59.16.1 * rpm-debuginfo-4.14.3-150400.59.16.1 * python-rpm-debugsource-4.14.3-150400.59.16.1 * rpm-imaevmsign-debuginfo-4.14.3-150400.59.16.1 * python3-rpm-debuginfo-4.14.3-150400.59.16.1 * openSUSE Leap 15.6 (x86_64) * rpm-ndb-32bit-debuginfo-4.14.3-150400.59.16.1 * rpm-32bit-4.14.3-150400.59.16.1 * rpm-ndb-32bit-4.14.3-150400.59.16.1 * rpm-32bit-debuginfo-4.14.3-150400.59.16.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * rpm-4.14.3-150400.59.16.1 * rpm-devel-4.14.3-150400.59.16.1 * rpm-imaevmsign-4.14.3-150400.59.16.1 * rpm-debugsource-4.14.3-150400.59.16.1 * python3-rpm-4.14.3-150400.59.16.1 * rpm-debuginfo-4.14.3-150400.59.16.1 * python-rpm-debugsource-4.14.3-150400.59.16.1 * rpm-imaevmsign-debuginfo-4.14.3-150400.59.16.1 * python3-rpm-debuginfo-4.14.3-150400.59.16.1 * Basesystem Module 15-SP6 (x86_64) * rpm-32bit-4.14.3-150400.59.16.1 * rpm-32bit-debuginfo-4.14.3-150400.59.16.1 * Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64) * rpm-build-4.14.3-150400.59.16.1 * rpm-build-debuginfo-4.14.3-150400.59.16.1 * rpm-debugsource-4.14.3-150400.59.16.1 * rpm-debuginfo-4.14.3-150400.59.16.1 * Public Cloud Module 15-SP6 (aarch64 ppc64le s390x x86_64) * rpm-ndb-debugsource-4.14.3-150400.59.16.1 * rpm-ndb-debuginfo-4.14.3-150400.59.16.1 * rpm-ndb-4.14.3-150400.59.16.1 * Python 3 Module 15-SP6 (aarch64 ppc64le s390x x86_64) * python-rpm-debugsource-4.14.3-150400.59.16.1 * python311-rpm-debuginfo-4.14.3-150400.59.16.1 * python311-rpm-4.14.3-150400.59.16.1 ## References: * https://www.suse.com/security/cve/CVE-2021-3521.html * https://bugzilla.suse.com/show_bug.cgi?id=1189495 * https://bugzilla.suse.com/show_bug.cgi?id=1191175 * https://bugzilla.suse.com/show_bug.cgi?id=1218686 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 30 16:30:56 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 30 May 2024 16:30:56 -0000 Subject: SUSE-SU-2024:1870-1: important: Security update for the Linux Kernel Message-ID: <171708665623.6327.3886713703993455442@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2024:1870-1 Rating: important References: * bsc#1084332 * bsc#1141539 * bsc#1184509 * bsc#1186060 * bsc#1190317 * bsc#1190576 * bsc#1192145 * bsc#1194516 * bsc#1203935 * bsc#1209657 * bsc#1211592 * bsc#1212514 * bsc#1213456 * bsc#1217339 * bsc#1217987 * bsc#1217988 * bsc#1217989 * bsc#1218220 * bsc#1218336 * bsc#1218479 * bsc#1218562 * bsc#1219104 * bsc#1219169 * bsc#1219170 * bsc#1219618 * bsc#1219623 * bsc#1219847 * bsc#1220320 * bsc#1220366 * bsc#1220394 * bsc#1220411 * bsc#1220416 * bsc#1220418 * bsc#1220422 * bsc#1220442 * bsc#1220445 * bsc#1220505 * bsc#1220521 * bsc#1220528 * bsc#1220536 * bsc#1220538 * bsc#1220554 * bsc#1220572 * bsc#1220580 * bsc#1220611 * bsc#1220625 * bsc#1220628 * bsc#1220637 * bsc#1220640 * bsc#1220662 * bsc#1220687 * bsc#1220692 * bsc#1220703 * bsc#1220706 * bsc#1220739 * bsc#1220742 * bsc#1220743 * bsc#1220745 * bsc#1220751 * bsc#1220768 * bsc#1220769 * bsc#1220777 * bsc#1220790 * bsc#1220794 * bsc#1220829 * bsc#1220836 * bsc#1220843 * bsc#1220846 * bsc#1220850 * bsc#1220871 * bsc#1220927 * bsc#1220960 * bsc#1220985 * bsc#1220987 * bsc#1221044 * bsc#1221046 * bsc#1221048 * bsc#1221058 * bsc#1221060 * bsc#1221061 * bsc#1221077 * bsc#1221082 * bsc#1221088 * bsc#1221162 * bsc#1221277 * bsc#1221293 * bsc#1221337 * bsc#1221532 * bsc#1221541 * bsc#1221548 * bsc#1221575 * bsc#1221605 * bsc#1221608 * bsc#1221617 * bsc#1221791 * bsc#1221816 * bsc#1221825 * bsc#1221830 * bsc#1221862 * bsc#1221934 * bsc#1221949 * bsc#1221952 * bsc#1221953 * bsc#1221965 * bsc#1221966 * bsc#1221967 * bsc#1221969 * bsc#1221972 * bsc#1221973 * bsc#1221977 * bsc#1221979 * bsc#1221988 * bsc#1221991 * bsc#1221993 * bsc#1221994 * bsc#1221997 * bsc#1221998 * bsc#1221999 * bsc#1222000 * bsc#1222001 * bsc#1222002 * bsc#1222117 * bsc#1222294 * bsc#1222300 * bsc#1222357 * bsc#1222379 * bsc#1222422 * bsc#1222428 * bsc#1222449 * bsc#1222503 * bsc#1222559 * bsc#1222585 * bsc#1222609 * bsc#1222610 * bsc#1222613 * bsc#1222618 * bsc#1222619 * bsc#1222624 * bsc#1222630 * bsc#1222632 * bsc#1222660 * bsc#1222662 * bsc#1222664 * bsc#1222666 * bsc#1222669 * bsc#1222671 * bsc#1222677 * bsc#1222706 * bsc#1222720 * bsc#1222765 * bsc#1222770 * bsc#1222772 * bsc#1222787 * bsc#1222790 * bsc#1222812 * bsc#1222836 * bsc#1222869 * bsc#1222876 * bsc#1222878 * bsc#1222881 * bsc#1222883 * bsc#1222888 * bsc#1222952 * bsc#1222961 * bsc#1222975 * bsc#1222976 * bsc#1223016 * bsc#1223035 * bsc#1223049 * bsc#1223051 * bsc#1223057 * bsc#1223058 * bsc#1223060 * bsc#1223187 * bsc#1223189 * bsc#1223198 * bsc#1223203 * bsc#1223315 * bsc#1223432 * bsc#1223509 * bsc#1223512 * bsc#1223513 * bsc#1223516 * bsc#1223518 * bsc#1223626 * bsc#1223627 * bsc#1223664 * bsc#1223686 * bsc#1223693 * bsc#1223712 * bsc#1223715 * bsc#1223735 * bsc#1223744 * bsc#1223745 * bsc#1223770 * bsc#1223781 * bsc#1223819 * bsc#1223824 * bsc#1223827 * bsc#1223837 * bsc#1223842 * bsc#1223843 * bsc#1223844 * bsc#1223883 * bsc#1223885 * bsc#1223921 * bsc#1223941 * bsc#1223952 * bsc#1223953 * bsc#1223954 * bsc#1224785 * jsc#PED-5759 Cross-References: * CVE-2019-25160 * CVE-2020-36312 * CVE-2021-23134 * CVE-2021-46904 * CVE-2021-46905 * CVE-2021-46907 * CVE-2021-46909 * CVE-2021-46938 * CVE-2021-46939 * CVE-2021-46941 * CVE-2021-46950 * CVE-2021-46958 * CVE-2021-46960 * CVE-2021-46963 * CVE-2021-46964 * CVE-2021-46966 * CVE-2021-46975 * CVE-2021-46981 * CVE-2021-46988 * CVE-2021-46990 * CVE-2021-46998 * CVE-2021-47006 * CVE-2021-47015 * CVE-2021-47024 * CVE-2021-47034 * CVE-2021-47045 * CVE-2021-47049 * CVE-2021-47055 * CVE-2021-47056 * CVE-2021-47060 * CVE-2021-47061 * CVE-2021-47063 * CVE-2021-47068 * CVE-2021-47070 * CVE-2021-47071 * CVE-2021-47073 * CVE-2021-47100 * CVE-2021-47101 * CVE-2021-47104 * CVE-2021-47110 * CVE-2021-47112 * CVE-2021-47114 * CVE-2021-47117 * CVE-2021-47118 * CVE-2021-47119 * CVE-2021-47138 * CVE-2021-47141 * CVE-2021-47142 * CVE-2021-47143 * CVE-2021-47146 * CVE-2021-47149 * CVE-2021-47150 * CVE-2021-47153 * CVE-2021-47159 * CVE-2021-47161 * CVE-2021-47162 * CVE-2021-47165 * CVE-2021-47166 * CVE-2021-47167 * CVE-2021-47168 * CVE-2021-47169 * CVE-2021-47171 * CVE-2021-47173 * CVE-2021-47177 * CVE-2021-47179 * CVE-2021-47180 * CVE-2021-47181 * CVE-2021-47182 * CVE-2021-47183 * CVE-2021-47184 * CVE-2021-47185 * CVE-2021-47188 * CVE-2021-47189 * CVE-2021-47198 * CVE-2021-47202 * CVE-2021-47203 * CVE-2021-47204 * CVE-2021-47205 * CVE-2021-47207 * CVE-2021-47211 * CVE-2021-47216 * CVE-2021-47217 * CVE-2022-0487 * CVE-2022-48619 * CVE-2022-48626 * CVE-2022-48636 * CVE-2022-48650 * CVE-2022-48651 * CVE-2022-48667 * CVE-2022-48668 * CVE-2022-48687 * CVE-2022-48688 * CVE-2022-48695 * CVE-2022-48701 * CVE-2023-0160 * CVE-2023-28746 * CVE-2023-35827 * CVE-2023-52454 * CVE-2023-52469 * CVE-2023-52470 * CVE-2023-52474 * CVE-2023-52476 * CVE-2023-52477 * CVE-2023-52486 * CVE-2023-52488 * CVE-2023-52509 * CVE-2023-52515 * CVE-2023-52524 * CVE-2023-52528 * CVE-2023-52575 * CVE-2023-52583 * CVE-2023-52587 * CVE-2023-52590 * CVE-2023-52591 * CVE-2023-52595 * CVE-2023-52598 * CVE-2023-52607 * CVE-2023-52614 * CVE-2023-52620 * CVE-2023-52628 * CVE-2023-52635 * CVE-2023-52639 * CVE-2023-52644 * CVE-2023-52646 * CVE-2023-52650 * CVE-2023-52652 * CVE-2023-52653 * CVE-2023-6270 * CVE-2023-6356 * CVE-2023-6535 * CVE-2023-6536 * CVE-2023-7042 * CVE-2023-7192 * CVE-2024-2201 * CVE-2024-22099 * CVE-2024-23307 * CVE-2024-23848 * CVE-2024-24855 * CVE-2024-24861 * CVE-2024-26614 * CVE-2024-26642 * CVE-2024-26651 * CVE-2024-26671 * CVE-2024-26675 * CVE-2024-26689 * CVE-2024-26704 * CVE-2024-26733 * CVE-2024-26739 * CVE-2024-26743 * CVE-2024-26744 * CVE-2024-26747 * CVE-2024-26754 * CVE-2024-26763 * CVE-2024-26771 * CVE-2024-26772 * CVE-2024-26773 * CVE-2024-26777 * CVE-2024-26778 * CVE-2024-26779 * CVE-2024-26793 * CVE-2024-26805 * CVE-2024-26816 * CVE-2024-26817 * CVE-2024-26839 * CVE-2024-26840 * CVE-2024-26852 * CVE-2024-26855 * CVE-2024-26857 * CVE-2024-26859 * CVE-2024-26878 * CVE-2024-26883 * CVE-2024-26884 * CVE-2024-26898 * CVE-2024-26901 * CVE-2024-26903 * CVE-2024-26907 * CVE-2024-26922 * CVE-2024-26929 * CVE-2024-26930 * CVE-2024-26931 * CVE-2024-26948 * CVE-2024-26993 * CVE-2024-27013 * CVE-2024-27014 * CVE-2024-27043 * CVE-2024-27046 * CVE-2024-27054 * CVE-2024-27072 * CVE-2024-27073 * CVE-2024-27074 * CVE-2024-27075 * CVE-2024-27078 * CVE-2024-27388 CVSS scores: * CVE-2019-25160 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2019-25160 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2020-36312 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2020-36312 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-23134 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-23134 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-46904 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46904 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46905 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2021-46905 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46907 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:N * CVE-2021-46909 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46909 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46938 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-46939 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46939 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46941 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46941 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46950 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N * CVE-2021-46950 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-46958 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46960 ( SUSE ): 2.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L * CVE-2021-46963 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46964 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46966 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2021-46975 ( SUSE ): 3.2 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:N/A:N * CVE-2021-46981 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46988 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46990 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46998 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47006 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47015 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47024 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47034 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47045 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47049 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47055 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47056 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47060 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47061 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47063 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47068 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47070 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2021-47071 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2021-47073 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47100 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47101 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2021-47104 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2021-47110 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47112 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2021-47114 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47117 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47118 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47119 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47138 ( SUSE ): 4.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2021-47141 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47142 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47143 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47146 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47149 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47150 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47153 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47159 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47161 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47162 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47165 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47166 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47167 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47168 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47169 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47171 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47171 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47173 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47173 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47177 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47179 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47179 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47180 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47181 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47182 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47183 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47184 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47185 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47188 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47189 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47198 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47198 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47202 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47203 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47204 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47205 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47207 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47211 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47216 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2021-47217 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-0487 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-0487 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2022-48619 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48619 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48626 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2022-48626 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48636 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48650 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48651 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48667 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2022-48668 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2022-48687 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2022-48687 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2022-48688 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48688 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48695 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48701 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2023-0160 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-0160 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-28746 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2023-35827 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52454 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52454 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52469 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2023-52469 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52470 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52470 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52474 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N * CVE-2023-52474 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52476 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52477 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52486 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52488 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52509 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52515 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52524 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52528 ( SUSE ): 3.5 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L * CVE-2023-52575 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52583 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52587 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52590 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2023-52591 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2023-52595 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52598 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52607 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52614 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2023-52620 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52628 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52635 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52639 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52644 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52646 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52650 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52652 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2023-52653 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2023-6270 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6270 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6356 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6356 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6535 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6535 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6536 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6536 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-7042 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-7042 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-7192 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-7192 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-2201 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-22099 ( SUSE ): 5.3 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-22099 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-23307 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23848 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2024-23848 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-24855 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-24855 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-24861 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-24861 ( NVD ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-26614 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26642 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26651 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26671 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26675 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26689 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26704 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26733 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26739 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26743 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-26744 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26747 ( SUSE ): 4.3 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26754 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26763 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2024-26771 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26772 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26773 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26777 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26778 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26779 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26793 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26805 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26816 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-26817 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26839 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-26840 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-26852 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26855 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26857 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26859 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26878 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26883 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26883 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26884 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26884 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26898 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26898 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26901 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2024-26901 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26903 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26903 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26907 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:N * CVE-2024-26907 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26922 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26929 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26929 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26930 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26930 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26931 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26948 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26993 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27013 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27013 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27014 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27014 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27043 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-27046 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27054 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27072 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27073 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27074 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27075 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27078 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27388 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Availability Extension 12 SP5 * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Live Patching 12-SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 * SUSE Linux Enterprise Workstation Extension 12 12-SP5 An update that solves 193 vulnerabilities, contains one feature and has 18 security fixes can now be installed. ## Description: The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2019-25160: Fixed out-of-bounds memory accesses in netlabel (bsc#1220394). * CVE-2020-36312: Fixed an issue in virt/kvm/kvm_main.c that had a kvm_io_bus_unregister_dev memory leak upon a kmalloc failure (bsc#1184509). * CVE-2021-23134: Fixed a use-after-free issue in nfc sockets (bsc#1186060). * CVE-2021-46904: Fixed NULL pointer dereference during tty device unregistration (bsc#1220416). * CVE-2021-46905: Fixed NULL pointer dereference on disconnect regression (bsc#1220418). * CVE-2021-46909: Fixed PCI interrupt mapping in ARM footbridge (bsc#1220442). * CVE-2021-46938: Fixed double free of blk_mq_tag_set in dev remove after table load fails (bsc#1220554). * CVE-2021-46939: Fixed possible hung in trace_clock_global() (bsc#1220580). * CVE-2021-46941: Fixed core softreset when switch mode in usb dwc3 (bsc#1220628). * CVE-2021-46950: Fixed possible data corruption in md/raid1 when ending a failed write request (bsc#1220662). * CVE-2021-46958: Fixed race between transaction aborts and fsyncs that could lead to use-after-free in btrfs (bsc#1220521). * CVE-2021-46960: Fixed wrong error code from smb2_get_enc_key() (bsc#1220528). * CVE-2021-46963: Fixed crash in qla2xxx_mqueuecommand() (bsc#1220536). * CVE-2021-46964: Fixed unreserved extra IRQ vectors in qla2xxx (bsc#1220538). * CVE-2021-46966: Fixed potential use-after-free issue in cm_write() (bsc#1220572). * CVE-2021-46981: Fixed NULL pointer in flush_workqueue (bsc#1220611). * CVE-2021-46988: Fixed possible crash in userfaultfd due to unreleased page (bsc#1220706). * CVE-2021-46990: Fixed crashes when toggling entry flush barrier in powerpc/64s (bsc#1220743). * CVE-2021-46998: Fixed a use after free bug in enic_hard_start_xmit() (bsc#1220625). * CVE-2021-47006: Fixed wrong check in overflow_handler hook in ARM 9064/1 hw_breakpoint (bsc#1220751). * CVE-2021-47015: Fixed RX consumer index logic in the error path in bnxt_en (bsc#1220794). * CVE-2021-47024: Fixed possible memory leak in vsock/virtio when closing socket (bsc#1220637). * CVE-2021-47034: Fixed resolved pte update for kernel memory on radix in powerpc/64s (bsc#1220687). * CVE-2021-47045: Fixed null pointer dereference in lpfc_prep_els_iocb() (bsc#1220640). * CVE-2021-47049: Fixed Use after free in __vmbus_open() (bsc#1220692). * CVE-2021-47055: Fixed missing permissions for locking and badblock ioctls in mtd (bsc#1220768). * CVE-2021-47056: Fixed uninitialized lock in adf_vf2pf_shutdown() (bsc#1220769). * CVE-2021-47060: Fixed a bug in KVM by stop looking for coalesced MMIO zones if the bus is destroyed (bsc#1220742). * CVE-2021-47061: Fixed a bug in KVM by destroy I/O bus devices on unregister failure _after_ sync'ing SRCU (bsc#1220745). * CVE-2021-47063: Fixed possible use-after-free in panel_bridge_detach() (bsc#1220777). * CVE-2021-47068: Fixed a use-after-free issue in llcp_sock_bind/connect (bsc#1220739). * CVE-2021-47070: Fixed memory leak in error handling paths in uio_hv_generic (bsc#1220829). * CVE-2021-47071: Fixed memory leak in error handling paths in uio_hv_generic (bsc#1220846). * CVE-2021-47073: Fixed oops on rmmod dell_smbios init_dell_smbios_wmi() (bsc#1220850). * CVE-2021-47100: Fixed UAF when uninstall in ipmi (bsc#1220985). * CVE-2021-47101: Fixed uninit-value in asix_mdio_read() (bsc#1220987). * CVE-2021-47104: Fixed memory leak in qib_user_sdma_queue_pkts() (bsc#1220960). * CVE-2021-47110: Fixed possible memory corruption when restoring from hibernation in x86/kvm (bsc#1221532). * CVE-2021-47112: Fixed possible memory corruption when restoring from hibernation in x86/kvm (bsc#1221541). * CVE-2021-47114: Fixed data corruption by fallocate in ocfs2 (bsc#1221548). * CVE-2021-47117: Fixed bug on in ext4_es_cache_extent() as ext4_split_extent_at() failed (bsc#1221575). * CVE-2021-47118: Fixed possible use-after-free when initializing `cad_pid` (bsc#1221605). * CVE-2021-47119: Fixed memory leak in ext4_fill_super() (bsc#1221608). * CVE-2021-47138: Fixed possible out-of-bound memory access in cxgb4 when clearing filters (bsc#1221934). * CVE-2021-47141: Fixed possible NULL pointer dereference when freeing irqs (bsc#1221949). * CVE-2021-47142: Fixed a use-after-free in drm/amdgpu (bsc#1221952). * CVE-2021-47143: Fixed possible corruption in net/smc after failed device_add() (bsc#1221988). * CVE-2021-47150: Fixed the potential memory leak in fec_enet_init() (bsc#1221973). * CVE-2021-47153: Fixed wrongly generated interrupt on bus reset in i2c/i801 (bsc#1221969). * CVE-2021-47165: Fixed shutdown crash when component not probed in drm/meson (bsc#1221965). * CVE-2021-47166: Fixed possible corruptionb in nfs_do_recoalesce() (bsc#1221998). * CVE-2021-47167: Fixed an Oopsable condition in __nfs_pageio_add_request() (bsc#1221991). * CVE-2021-47168: Fixed an incorrect limit in filelayout_decode_layout() (bsc#1222002). * CVE-2021-47169: Fixed possible NULL pointer dereference in serial/rp2 (bsc#1222000). * CVE-2021-47171: Fixed memory leak in smsc75xx_bind() (bsc#1221994). * CVE-2021-47173: Fixed memory leak in uss720_probe() (bsc#1221993). * CVE-2021-47177: Fixed sysfs leak in alloc_iommu() (bsc#1221997). * CVE-2021-47179: Fixed a NULL pointer dereference in pnfs_mark_matching_lsegs_return() (bsc#1222001). * CVE-2021-47180: Fixed memory leak in nci_allocate_device() (bsc#1221999). * CVE-2021-47181: Fixed a null pointer dereference caused by calling platform_get_resource() (bsc#1222660). * CVE-2021-47183: Fixed a null pointer dereference during link down processing in scsi lpfc (bsc#1192145, bsc#1222664). * CVE-2021-47185: Fixed a softlockup issue in flush_to_ldisc in tty tty_buffer (bsc#1222669). * CVE-2021-47189: Fixed denial of service due to memory ordering issues between normal and ordered work functions in btrfs (bsc#1222706). * CVE-2021-47202: Fixed NULL pointer dereferences in of_thermal_ functions (bsc#1222878) * CVE-2022-0487: A use-after-free vulnerability was found in rtsx_usb_ms_drv_remove() in drivers/memstick/host/rtsx_usb_ms.c (bsc#1194516). * CVE-2022-48619: Fixed a denial-of-service issue in drivers/input/input.c (bsc#1218220). * CVE-2022-48626: Fixed a potential use-after-free on remove path moxart (bsc#1220366). * CVE-2023-0160: Fixed deadlock flaw in BPF that could allow a local user to potentially crash the system (bsc#1209657). * CVE-2023-28746: Fixed Register File Data Sampling (bsc#1213456). * CVE-2023-35827: Fixed a use-after-free issue in ravb_tx_timeout_work() (bsc#1212514). * CVE-2023-52454: Fixed a kernel panic when host sends an invalid H2C PDU length (bsc#1220320). * CVE-2023-52469: Fixed use-after-free in kv_parse_power_table() (bsc#1220411). * CVE-2023-52470: Fixed null-ptr-deref in radeon_crtc_init() (bsc#122041). * CVE-2023-52474: Fixed bugs with non-PAGE_SIZE-end multi-iovec user SDMA requests in hfi1 (bsc#1220445). * CVE-2023-52476: Fixed possible unhandled page fault via perf sampling NMI during vsyscall (bsc#1220703). * CVE-2023-52477: Fixed USB Hub accesses to uninitialized BOS descriptors (bsc#1220790). * CVE-2023-52486: Fixed possible use-after-free in drm (bsc#1221277). * CVE-2023-52509: Fixed a use-after-free issue in ravb_tx_timeout_work() (bsc#1220836). * CVE-2023-52515: Fixed possible use-after-free in RDMA/srp (bsc#1221048). * CVE-2023-52524: Fixed possible corruption in nfc/llcp (bsc#1220927). * CVE-2023-52528: Fixed uninit-value access in __smsc75xx_read_reg() (bsc#1220843). * CVE-2023-52575: Fixed SBPB enablement for spec_rstack_overflow=off (bsc#1220871). * CVE-2023-52583: Fixed deadlock or deadcode of misusing dget() inside ceph (bsc#1221058). * CVE-2023-52587: Fixed mcast list locking in IB/ipoib (bsc#1221082). * CVE-2023-52590: Fixed a possible ocfs2 filesystem corruption via directory renaming (bsc#1221088). * CVE-2023-52591: Fixed a possible reiserfs filesystem corruption via directory renaming (bsc#1221044). * CVE-2023-52598: Fixed wrong setting of fpc register in s390/ptrace (bsc#1221060). * CVE-2023-52607: Fixed NULL pointer dereference in pgtable_cache_add kasprintf() (bsc#1221061). * CVE-2023-52628: Fixed 4-byte stack OOB write in nftables (bsc#1222117). * CVE-2023-52639: Fixed race during shadow creation in KVM/s390/vsie (bsc#1222300). * CVE-2023-6270: Fixed a use-after-free issue in aoecmd_cfg_pkts (bsc#1218562). * CVE-2023-6356: Fixed a NULL pointer dereference in nvmet_tcp_build_pdu_iovec (bsc#1217987). * CVE-2023-6535: Fixed a NULL pointer dereference in nvmet_tcp_execute_request (bsc#1217988). * CVE-2023-6536: Fixed a NULL pointer dereference in __nvmet_req_complete (bsc#1217989). * CVE-2023-7042: Fixed a NULL pointer dereference vulnerability in ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() (bsc#1218336). * CVE-2023-7192: Fixed a memory leak problem in ctnetlink_create_conntrack in net/netfilter/nf_conntrack_netlink.c (bsc#1218479). * CVE-2024-2201: Fixed information leak in x86/BHI (bsc#1217339). * CVE-2024-22099: Fixed NULL Pointer Dereference vulnerability in /net/bluetooth/rfcomm/core.c (bsc#1219170). * CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5 modules (bsc#1219169). * CVE-2024-24855: Fixed a null pointer dereference due to race condition in scsi device driver in lpfc_unregister_fcf_rescan() function (bsc#1219618). * CVE-2024-24861: Fixed an overflow due to race condition in media/xc4000 device driver in xc4000 xc4000_get_frequency() function (bsc#1219623). * CVE-2024-26614: Fixed the initialization of accept_queue's spinlocks (bsc#1221293). * CVE-2024-26642: Fixed the set of anonymous timeout flag in netfilter nf_tables (bsc#1221830). * CVE-2024-26704: Fixed a double-free of blocks due to wrong extents moved_len in ext4 (bsc#1222422). * CVE-2024-26733: Fixed an overflow in arp_req_get() in arp (bsc#1222585). * CVE-2024-26743: Fixed memory leak in qedr_create_user_qp error flow in rdma/qedr (bsc#1222677) * CVE-2024-26744: Fixed null pointer dereference in srpt_service_guid parameter in rdma/srpt (bsc#1222449) * CVE-2024-26754: Fixed an use-after-free and null-ptr-deref in gtp_genl_dump_pdp() in gtp (bsc#1222632). * CVE-2024-26763: Fixed user corruption via by writing data with O_DIRECT on device in dm-crypt (bsc#1222720). * CVE-2024-26771: Fixed a null pointer dereference on edma_probe in dmaengine ti edma (bsc#1222610) * CVE-2024-26793: Fixed an use-after-free and null-ptr-deref in gtp_newlink() in gtp (bsc#1222428). * CVE-2024-26805: Fixed a kernel-infoleak-after-free in __skb_datagram_iter in netlink (bsc#1222630). * CVE-2024-27043: Fixed a use-after-free in edia/dvbdev in different places (bsc#1223824). * CVE-2024-26840: Fixed a memory leak in cachefiles_add_cache() (bsc#1222976). * CVE-2021-47161: Fixed a resource leak in an error handling path in the error handling path of the probe function in spi spi-fsl-dspi (bsc#1221966). * CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223513). * CVE-2024-26816: Ignore relocations in .notes section when building with CONFIG_XEN_PV=y (bsc#1222624). * CVE-2023-52595: Fixed possible deadlock in wifi/rt2x00 (bsc#1221046). * CVE-2024-26689: Fixed a use-after-free in encode_cap_msg() (bsc#1222503). * CVE-2024-26773: Fixed ext4 block allocation from corrupted group in ext4_mb_try_best_found() (bsc#1222618). * CVE-2021-47182: Fixed scsi_mode_sense() buffer length handling (bsc#1222662). * CVE-2022-48701: Fixed an out-of-bounds bug in __snd_usb_parse_audio_interface() (bsc#1223921). * CVE-2024-26993: Fixed a reference leak in sysfs_break_active_protection() (bsc#1223693) * CVE-2023-52650: Added missing check for of_find_device_by_node() (bsc#1223770) * CVE-2024-26948: Added a dc_state NULL check in dc_state_release (bsc#1223664) * CVE-2024-27013: Limited printing rate when illegal packet received by tun dev (bsc#1223745). * CVE-2024-27014: Prevented deadlock while disabling aRFS (bsc#1223735). * CVE-2024-27046: Handled acti_netdevs allocation failure (bsc#1223827). * CVE-2021-47162: Fixed a possible memory leak in tipc_buf_append (bsc#1221977). * CVE-2024-27072: Removed useless locks in usbtv_video_free() (bsc#1223837). * CVE-2024-27075: Avoided stack overflow warnings with clang (bsc#1223842). * CVE-2024-27073: Fixed a memory leak in budget_av_attach() (bsc#1223843). * CVE-2024-27074: Fixed a memory leak in go7007_load_encoder() (bsc#1223844). * CVE-2024-27078: Fixed a memory leak in tpg_alloc() (bsc#1223781). * CVE-2023-52652: Fixed a possible name leak in ntb_register_device() (bsc#1223686). * CVE-2024-23848: Fixed a use-after-free in cec_queue_msg_fh, related to drivers/media/cec/core/cec-adap.c and drivers/media/cec/core/cec-api.c (bsc#1219104). * CVE-2024-26859: Prevent access to a freed page in page_pool in bnx2x (bsc#1223049). * CVE-2024-26817: Used calloc instead of kzalloc to avoid integer overflow (bsc#1222812) * CVE-2021-47149: Fixed a potential null pointer deref in fmvj18x_get_hwinfo() (bsc#1221972). * CVE-2023-52620: Disallowed timeout for anonymous sets in nf_tables (bsc#1221825). * CVE-2024-26852: Fixed use-after-free in ip6_route_mpath_notify() (bsc#1223057). * CVE-2024-26878: Fixed potential NULL pointer dereference, related to dquots (bsc#1223060). * CVE-2024-26901: Used kzalloc() to fix information leak in do_sys_name_to_handle() (bsc#1223198). * CVE-2024-26671: Fixed an IO hang from sbitmap wakeup race in blk_mq_mark_tag_wait() (bsc#1222357). * CVE-2024-26772: Avoided allocating blocks from corrupted group in ext4_mb_find_by_goal() (bsc#1222613). * CVE-2023-52614: Fixed a buffer overflow in trans_stat_show() (bsc#1221617). * CVE-2024-26855: Fixed a potential NULL pointer dereference in ice_bridge_setlink() (bsc#1223051). * CVE-2024-26857: Made sure to pull inner header in geneve_rx() (bsc#1223058). * CVE-2024-26675: Limited MRU to 64K in ppp_async_ioctl() (bsc#1222379). * CVE-2024-26907: Fixed a fortify source warning while accessing Eth segment in mlx5 (bsc#1223203). * CVE-2023-52488: Converted from _raw_ to _noinc_ regmap functions for FIFO in sc16is7xx (bsc#1221162). * CVE-2024-26922: Validated the parameters of bo mapping operations more clearly (bsc#1223315). * CVE-2021-47184: Fixed NULL pointer dereference on VSI filter sync (bsc#1222666). * CVE-2023-52635: Synchronized devfreq_monitor_[start/stop] for devfreq (bsc#1222294). * CVE-2024-26883: Checked for integer overflow when using roundup_pow_of_two() (bsc#1223035). * CVE-2024-26884: Fixed a bpf hashtab overflow check on 32-bit architectures (bsc#1223189). * CVE-2024-26839: Fixed a memleak in init_credit_return() (bsc#1222975) * CVE-2023-52644: Stop/wake correct queue in DMA Tx path when QoS is disabled in b43 (bsc#1222961). * CVE-2021-47205: Unregistered clocks/resets when unbinding in sunxi-ng (bsc#1222888). * CVE-2021-47211: Fixed a null pointer dereference on pointer cs_desc in usb- audio (bsc#1222869). * CVE-2021-47207: Fixed a null pointer dereference on pointer block in gus (bsc#1222790). * CVE-2024-26779: Fixed a race condition on enabling fast-xmit in mac80211 (bsc#1222772). * CVE-2024-26777: Error out if pixclock equals zero in fbdev/sis (bsc#1222765) * CVE-2024-26778: Error out if pixclock equals zero in fbdev/savage (bsc#1222770) * CVE-2024-26747: Fixed a NULL pointer issue with USB parent module's reference (bsc#1222609). The following non-security bugs were fixed: * Input: adxl34x - do not hardcode interrupt trigger type (git-fixes). * Input: drv260x - sleep between polling GO bit (git-fixes). * Input: ipaq-micro-keys - add error handling for devm_kmemdup. * Input: xpad - add PXN V900 support. * USB: core: Fix deadlock in usb_deauthorize_interface(). * USB: usb-storage: Prevent divide-by-0 error in isd200_ata_command (git- fixes). * atl1c: fix error return code in atl1c_probe() (git-fixes). * atl1e: fix error return code in atl1e_probe() (git-fixes). * bluetooth: btqca: Fixed a coding style error (git-fixes). * bluetooth: btqca: Introduce HCI_EV_VENDOR and use it (git-fixes). * bluetooth: btqcomsmd: Fix command timeout after setting BD address (git- fixes). * bluetooth: hci_intel: Add check for platform_driver_register (git-fixes). * bnx2x: Fix enabling network interfaces without VFs (git-fixes). * bnx2x: Fix missing error code in bnx2x_iov_init_one() (git-fixes). * bpf, sockmap: Fix preempt_rt splat when using raw_spin_lock_t (git-fixes). * drivers: usb: host: Fix deadlock in oxu_bus_suspend() (git-fixes). * ethernet: myri10ge: Fix missing error code in myri10ge_probe() (git-fixes). * ethernet: ucc_geth: fix definition and size of ucc_geth_tx_global_pram (git- fixes). * fuse: do not unhash root (bsc#1223954). * iommu/amd: Increase interrupt remapping table limit to 512 entries (git- fixes). * iommu/amd: Mark interrupt as managed (git-fixes). * iommu/amd: Set DTE[IntTabLen] to represent 512 IRTEs (git-fixes). * iommu/amd: Silence warnings under memory pressure (git-fixes). * iommu: Check if group is NULL before remove device (git-fixes). * kabi fix for pNFS: Fix the pnfs block driver's calculation of layoutget size (git-fixes). * kabi: pci: Add locking to RMW PCI Express Capability Register accessors (kabi). * lan78xx: Add missing return code checks (git-fixes). * lan78xx: Add support to dump lan78xx registers (git-fixes). * lan78xx: Do not access skb_queue_head list pointers directly (git-fixes). * lan78xx: Fix exception on link speed change (git-fixes). * lan78xx: Fix partial packet errors on suspend/resume (git-fixes). * lan78xx: Fix race conditions in suspend/resume handling (git-fixes). * lan78xx: Fix white space and style issues (git-fixes). * lan78xx: Modify error messages (git-fixes). * lan78xx: enable auto speed configuration for LAN7850 if no EEPROM is detected (git-fixes). * net/mlx5: Properly convey driver version to firmware (git-fixes). * net/qla3xxx: fix schedule while atomic in ql_sem_spinlock (git-fixes). * net: Fix features skip in for_each_netdev_feature() (git-fixes). * net: allwinner: Fix some resources leak in the error handling path of the probe and in the remove function (git-fixes). * net: atheros: switch from 'pci_' to 'dma_' API (git-fixes). * net: lan78xx: Allow for VLAN headers in timeout calcs (git-fixes). * net: lan78xx: Make declaration style consistent (git-fixes). * net: lan78xx: Merge memcpy + lexx_to_cpus to get_unaligned_lexx (git-fixes). * net: lan78xx: fix runtime PM count underflow on link stop (git-fixes). * net: lan78xx: remove set but not used variable 'event' (git-fixes). * net: macb: ensure the device is available before accessing GEMGXL control registers (git-fixes). * net: stmmac: free tx skb buffer in stmmac_resume() (git-fixes). * net: sunrpc: Fix an off by one in rpc_sockaddr2uaddr() (git-fixes). * net: usb: lan78xx: Remove lots of set but unused 'ret' variables (git- fixes). * net:usb: Use ARRAY_SIZE instead of calculating the array size (git-fixes). * nfs: Fix O_DIRECT commit verifier handling (git-fixes). * nfs: Fix O_DIRECT locking issues (git-fixes). * nfs: Fix error handling for O_DIRECT write scheduling (bsc#1224785). * nfs: Fix a request reference leak in nfs_direct_write_clear_reqs() (git- fixes). * nfs: Fix an off by one in root_nfs_cat() (git-fixes). * nfs: Fix direct WRITE throughput regression (git-fixes). * nfs: Fix error handling for O_DIRECT write scheduling (git-fixes). * nfs: More O_DIRECT accounting fixes for error paths (git-fixes). * nfs: add atomic_open for NFSv3 to handle O_TRUNC correctly (bsc#1219847). * nfs: avoid spurious warning of lost lock that is being unlocked (bsc#1221791). * nfs: commit errors should be fatal (git-fixes). * nfs: only issue commit in DIO codepath if we have uncommitted data (git- fixes). * nfsd: Fix error cleanup path in nfsd_rename() (git-fixes). * nfsd: Reset cb_seq_status after NFS4ERR_DELAY (git-fixes). * nfsd: Retransmit callbacks after client reconnects (git-fixes). * nfsd: lock_rename() needs both directories to live on the same fs (git- fixes). * nfsv4.1/pnfs: Ensure we handle the error NFS4ERR_RETURNCONFLICT (git-fixes). * pci/aer: Clear MULTI_ERR_COR/UNCOR_RCV bits (git-fixes). * pci/aspm: Avoid link retraining race (git-fixes). * pci/aspm: Disable ASPM on MFD function removal to avoid use-after-free (git- fixes). * pci/aspm: Do not warn if already in common clock mode (git-fixes). * pci/aspm: Factor out pcie_wait_for_retrain() (git-fixes). * pci/aspm: Reduce severity of common clock config message (git-fixes). * pci/aspm: Return 0 or -ETIMEDOUT from pcie_retrain_link() (git-fixes). * pci/aspm: Use RMW accessors for changing LNKCTL (git-fixes). * pci/dpc: Print all TLP Prefixes, not just the first (git-fixes). * pci/iov: Enlarge virtfn sysfs name buffer (git-fixes). * pci/msi: Prevent MSI hardware interrupt number truncation (git-fixes). * pci/pm: Power up all devices during runtime resume (git-fixes). * pci/sysfs: Protect driver's D3cold preference from user space (git-fixes). * pci: Add ACS quirk for Broadcom BCM5750x NICs (git-fixes). * pci: Add function 1 DMA alias quirk for Marvell 88SE9235 (git-fixes). * pci: Add locking to RMW PCI Express Capability Register accessors (git- fixes). * pci: Avoid FLR for AMD FCH AHCI adapters (git-fixes). * pci: Avoid pci_dev_lock() AB/BA deadlock with sriov_numvfs_store() (git- fixes). * pci: Make link retraining use RMW accessors for changing LNKCTL (git-fixes). * pci: Mark 3ware-9650SE Root Port Extended Tags as broken (git-fixes). * pci: Rework pcie_retrain_link() wait loop (git-fixes). * pci: aardvark: Fix setting MSI address (git-fixes). * pci: aardvark: Fix support for MSI interrupts (git-fixes). * pci: dwc: Add unroll iATU space support to dw_pcie_disable_atu() (git- fixes). * pci: endpoint: Do not stop controller when unbinding endpoint function (git- fixes). * pci: hotplug: Allow marking devices as disconnected during bind/unbind (git- fixes). * pci: pciehp: Add pciehp_set_indicators() to set both indicators (git-fixes). * pci: pciehp: Cancel bringup sequence if card is not present (git-fixes). * pci: pciehp: Fix AB-BA deadlock between reset_lock and device_lock (git- fixes). * pci: pciehp: Use RMW accessors for changing LNKCTL (git-fixes). * pci: qcom: Disable write access to read only registers for IP v2.3.3 (git- fixes). * pci: qcom: Fix unbalanced PHY init on probe errors (git-fixes). * pci: qcom: Use DWC helpers for modifying the read-only DBI registers (git- fixes). * pci: switchtec: Return -EFAULT for copy_to_user() errors (git-fixes). * pnfs/flexfiles: Check the layout validity in ff_layout_mirror_prepare_stats (git-fixes). * pnfs: Fix the pnfs block driver's calculation of layoutget size (git-fixes). * rdma/ipoib: Fix error code return in ipoib_mcast_join (bsc#1221082) * s390/mm: Fix clearing storage keys for huge pages (git-fixes bsc#1223883). * s390/mm: Fix storage key clearing for guest huge pages (git-fixes bsc#1223885). * s390/vtime: fix average steal time calculation (git-fixes bsc#1221953). * scsi: qla2xxx: Change debug message during driver unload (bsc1221816). * scsi: qla2xxx: Delay I/O Abort on PCI error (bsc1221816). * scsi: qla2xxx: Fix N2N stuck connection (bsc1221816). * scsi: qla2xxx: Fix command flush on cable pull (bsc1221816). * scsi: qla2xxx: Fix double free of fcport (bsc1221816). * scsi: qla2xxx: Fix double free of the ha->vp_map pointer (bsc1221816). * scsi: qla2xxx: NVME|FCP prefer flag not being honored (bsc1221816). * scsi: qla2xxx: Prevent command send on chip reset (bsc1221816). * scsi: qla2xxx: Split FCE|EFT trace control (bsc1221816). * scsi: qla2xxx: Update manufacturer detail (bsc1221816). * scsi: qla2xxx: Update version to 10.02.09.200-k (bsc1221816). * sr9800: Add check for usbnet_get_endpoints (git-fixes). * sunrpc: Fix RPC client cleaned up the freed pipefs dentries (git-fixes). * sunrpc: fix a memleak in gss_import_v2_context (git-fixes). * sunrpc: fix some memleaks in gssx_dec_option_array (git-fixes). * tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc (bsc#1222619). * tun: honor IOCB_NOWAIT flag (git-fixes). * usb: dwc2: Fix memory leak in dwc2_hcd_init. * usb: dwc2: check return value after calling platform_get_resource() (git- fixes). * usb: dwc3: gadget: Ignore EP queue requests during bus reset (git-fixes). * usb: gadget: Fix issue with config_ep_by_speed function (git-fixes). * usb: mon: Fix atomicity violation in mon_bin_vma_fault (git-fixes). * usb: musb: Modify the "HWVers" register address (git-fixes). * usb: roles: do not get/set_role() when usb_role_switch is unregistered. * usb: serial: option: add Fibocom L7xx modules (git-fixes). * usb: serial: option: do not claim interface 4 for ZTE MF290 (git-fixes). * usb: storage: set 1.50 as the lower bcdDevice for older "Super Top" compatibility (git-fixes). * usb: typec: class: fix typec_altmode_put_partner to put plugs (git-fixes). * usb: usbfs: Do not WARN about excessively large memory allocations. * x86/CPU/AMD: Update the Zenbleed microcode revisions (git-fixes). * x86/bugs: Fix the SRSO mitigation on Zen3/4 (git-fixes). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-HA-12-SP5-2024-1870=1 SUSE-SLE- SERVER-12-SP5-2024-1870=1 * SUSE Linux Enterprise High Availability Extension 12 SP5 zypper in -t patch SUSE-SLE-HA-12-SP5-2024-1870=1 * SUSE Linux Enterprise Live Patching 12-SP5 zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2024-1870=1 * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-1870=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1870=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1870=1 * SUSE Linux Enterprise Workstation Extension 12 12-SP5 zypper in -t patch SUSE-SLE-WE-12-SP5-2024-1870=1 ## Package List: * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * kernel-default-base-4.12.14-122.216.1 * cluster-md-kmp-default-debuginfo-4.12.14-122.216.1 * kernel-default-base-debuginfo-4.12.14-122.216.1 * dlm-kmp-default-debuginfo-4.12.14-122.216.1 * ocfs2-kmp-default-debuginfo-4.12.14-122.216.1 * gfs2-kmp-default-debuginfo-4.12.14-122.216.1 * kernel-default-debugsource-4.12.14-122.216.1 * cluster-md-kmp-default-4.12.14-122.216.1 * kernel-default-devel-4.12.14-122.216.1 * kernel-default-debuginfo-4.12.14-122.216.1 * ocfs2-kmp-default-4.12.14-122.216.1 * dlm-kmp-default-4.12.14-122.216.1 * kernel-syms-4.12.14-122.216.1 * gfs2-kmp-default-4.12.14-122.216.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (nosrc ppc64le x86_64) * kernel-default-4.12.14-122.216.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (noarch) * kernel-macros-4.12.14-122.216.1 * kernel-devel-4.12.14-122.216.1 * kernel-source-4.12.14-122.216.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (x86_64) * kernel-default-devel-debuginfo-4.12.14-122.216.1 * SUSE Linux Enterprise High Availability Extension 12 SP5 (ppc64le s390x x86_64) * cluster-md-kmp-default-debuginfo-4.12.14-122.216.1 * dlm-kmp-default-debuginfo-4.12.14-122.216.1 * ocfs2-kmp-default-debuginfo-4.12.14-122.216.1 * gfs2-kmp-default-debuginfo-4.12.14-122.216.1 * kernel-default-debugsource-4.12.14-122.216.1 * cluster-md-kmp-default-4.12.14-122.216.1 * kernel-default-debuginfo-4.12.14-122.216.1 * ocfs2-kmp-default-4.12.14-122.216.1 * dlm-kmp-default-4.12.14-122.216.1 * gfs2-kmp-default-4.12.14-122.216.1 * SUSE Linux Enterprise High Availability Extension 12 SP5 (nosrc) * kernel-default-4.12.14-122.216.1 * SUSE Linux Enterprise Live Patching 12-SP5 (nosrc) * kernel-default-4.12.14-122.216.1 * SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64) * kgraft-patch-4_12_14-122_216-default-1-8.3.1 * kernel-default-kgraft-devel-4.12.14-122.216.1 * kernel-default-debugsource-4.12.14-122.216.1 * kernel-default-debuginfo-4.12.14-122.216.1 * kernel-default-kgraft-4.12.14-122.216.1 * SUSE Linux Enterprise Software Development Kit 12 SP5 (noarch nosrc) * kernel-docs-4.12.14-122.216.1 * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * kernel-obs-build-4.12.14-122.216.1 * kernel-obs-build-debugsource-4.12.14-122.216.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 nosrc x86_64) * kernel-default-4.12.14-122.216.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * kernel-default-base-4.12.14-122.216.1 * kernel-default-base-debuginfo-4.12.14-122.216.1 * kernel-default-debugsource-4.12.14-122.216.1 * kernel-default-devel-4.12.14-122.216.1 * kernel-default-debuginfo-4.12.14-122.216.1 * kernel-syms-4.12.14-122.216.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (noarch) * kernel-macros-4.12.14-122.216.1 * kernel-devel-4.12.14-122.216.1 * kernel-source-4.12.14-122.216.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (x86_64) * kernel-default-devel-debuginfo-4.12.14-122.216.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-4.12.14-122.216.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * kernel-default-base-4.12.14-122.216.1 * kernel-default-base-debuginfo-4.12.14-122.216.1 * kernel-default-debugsource-4.12.14-122.216.1 * kernel-default-devel-4.12.14-122.216.1 * kernel-default-debuginfo-4.12.14-122.216.1 * kernel-syms-4.12.14-122.216.1 * SUSE Linux Enterprise Server 12 SP5 (noarch) * kernel-macros-4.12.14-122.216.1 * kernel-devel-4.12.14-122.216.1 * kernel-source-4.12.14-122.216.1 * SUSE Linux Enterprise Server 12 SP5 (s390x) * kernel-default-man-4.12.14-122.216.1 * SUSE Linux Enterprise Server 12 SP5 (x86_64) * kernel-default-devel-debuginfo-4.12.14-122.216.1 * SUSE Linux Enterprise Workstation Extension 12 12-SP5 (nosrc) * kernel-default-4.12.14-122.216.1 * SUSE Linux Enterprise Workstation Extension 12 12-SP5 (x86_64) * kernel-default-extra-4.12.14-122.216.1 * kernel-default-debugsource-4.12.14-122.216.1 * kernel-default-extra-debuginfo-4.12.14-122.216.1 * kernel-default-debuginfo-4.12.14-122.216.1 ## References: * https://www.suse.com/security/cve/CVE-2019-25160.html * https://www.suse.com/security/cve/CVE-2020-36312.html * https://www.suse.com/security/cve/CVE-2021-23134.html * https://www.suse.com/security/cve/CVE-2021-46904.html * https://www.suse.com/security/cve/CVE-2021-46905.html * https://www.suse.com/security/cve/CVE-2021-46907.html * https://www.suse.com/security/cve/CVE-2021-46909.html * https://www.suse.com/security/cve/CVE-2021-46938.html * https://www.suse.com/security/cve/CVE-2021-46939.html * https://www.suse.com/security/cve/CVE-2021-46941.html * https://www.suse.com/security/cve/CVE-2021-46950.html * https://www.suse.com/security/cve/CVE-2021-46958.html * https://www.suse.com/security/cve/CVE-2021-46960.html * https://www.suse.com/security/cve/CVE-2021-46963.html * https://www.suse.com/security/cve/CVE-2021-46964.html * https://www.suse.com/security/cve/CVE-2021-46966.html * https://www.suse.com/security/cve/CVE-2021-46975.html * https://www.suse.com/security/cve/CVE-2021-46981.html * https://www.suse.com/security/cve/CVE-2021-46988.html * https://www.suse.com/security/cve/CVE-2021-46990.html * https://www.suse.com/security/cve/CVE-2021-46998.html * https://www.suse.com/security/cve/CVE-2021-47006.html * https://www.suse.com/security/cve/CVE-2021-47015.html * https://www.suse.com/security/cve/CVE-2021-47024.html * https://www.suse.com/security/cve/CVE-2021-47034.html * https://www.suse.com/security/cve/CVE-2021-47045.html * https://www.suse.com/security/cve/CVE-2021-47049.html * https://www.suse.com/security/cve/CVE-2021-47055.html * https://www.suse.com/security/cve/CVE-2021-47056.html * https://www.suse.com/security/cve/CVE-2021-47060.html * https://www.suse.com/security/cve/CVE-2021-47061.html * https://www.suse.com/security/cve/CVE-2021-47063.html * https://www.suse.com/security/cve/CVE-2021-47068.html * https://www.suse.com/security/cve/CVE-2021-47070.html * https://www.suse.com/security/cve/CVE-2021-47071.html * https://www.suse.com/security/cve/CVE-2021-47073.html * https://www.suse.com/security/cve/CVE-2021-47100.html * https://www.suse.com/security/cve/CVE-2021-47101.html * https://www.suse.com/security/cve/CVE-2021-47104.html * https://www.suse.com/security/cve/CVE-2021-47110.html * https://www.suse.com/security/cve/CVE-2021-47112.html * https://www.suse.com/security/cve/CVE-2021-47114.html * https://www.suse.com/security/cve/CVE-2021-47117.html * https://www.suse.com/security/cve/CVE-2021-47118.html * https://www.suse.com/security/cve/CVE-2021-47119.html * https://www.suse.com/security/cve/CVE-2021-47138.html * https://www.suse.com/security/cve/CVE-2021-47141.html * https://www.suse.com/security/cve/CVE-2021-47142.html * https://www.suse.com/security/cve/CVE-2021-47143.html * https://www.suse.com/security/cve/CVE-2021-47146.html * https://www.suse.com/security/cve/CVE-2021-47149.html * https://www.suse.com/security/cve/CVE-2021-47150.html * https://www.suse.com/security/cve/CVE-2021-47153.html * https://www.suse.com/security/cve/CVE-2021-47159.html * https://www.suse.com/security/cve/CVE-2021-47161.html * https://www.suse.com/security/cve/CVE-2021-47162.html * https://www.suse.com/security/cve/CVE-2021-47165.html * https://www.suse.com/security/cve/CVE-2021-47166.html * https://www.suse.com/security/cve/CVE-2021-47167.html * https://www.suse.com/security/cve/CVE-2021-47168.html * https://www.suse.com/security/cve/CVE-2021-47169.html * https://www.suse.com/security/cve/CVE-2021-47171.html * https://www.suse.com/security/cve/CVE-2021-47173.html * https://www.suse.com/security/cve/CVE-2021-47177.html * https://www.suse.com/security/cve/CVE-2021-47179.html * https://www.suse.com/security/cve/CVE-2021-47180.html * https://www.suse.com/security/cve/CVE-2021-47181.html * https://www.suse.com/security/cve/CVE-2021-47182.html * https://www.suse.com/security/cve/CVE-2021-47183.html * https://www.suse.com/security/cve/CVE-2021-47184.html * https://www.suse.com/security/cve/CVE-2021-47185.html * https://www.suse.com/security/cve/CVE-2021-47188.html * https://www.suse.com/security/cve/CVE-2021-47189.html * https://www.suse.com/security/cve/CVE-2021-47198.html * https://www.suse.com/security/cve/CVE-2021-47202.html * https://www.suse.com/security/cve/CVE-2021-47203.html * https://www.suse.com/security/cve/CVE-2021-47204.html * https://www.suse.com/security/cve/CVE-2021-47205.html * https://www.suse.com/security/cve/CVE-2021-47207.html * https://www.suse.com/security/cve/CVE-2021-47211.html * https://www.suse.com/security/cve/CVE-2021-47216.html * https://www.suse.com/security/cve/CVE-2021-47217.html * https://www.suse.com/security/cve/CVE-2022-0487.html * https://www.suse.com/security/cve/CVE-2022-48619.html * https://www.suse.com/security/cve/CVE-2022-48626.html * https://www.suse.com/security/cve/CVE-2022-48636.html * https://www.suse.com/security/cve/CVE-2022-48650.html * https://www.suse.com/security/cve/CVE-2022-48651.html * https://www.suse.com/security/cve/CVE-2022-48667.html * https://www.suse.com/security/cve/CVE-2022-48668.html * https://www.suse.com/security/cve/CVE-2022-48687.html * https://www.suse.com/security/cve/CVE-2022-48688.html * https://www.suse.com/security/cve/CVE-2022-48695.html * https://www.suse.com/security/cve/CVE-2022-48701.html * https://www.suse.com/security/cve/CVE-2023-0160.html * https://www.suse.com/security/cve/CVE-2023-28746.html * https://www.suse.com/security/cve/CVE-2023-35827.html * https://www.suse.com/security/cve/CVE-2023-52454.html * https://www.suse.com/security/cve/CVE-2023-52469.html * https://www.suse.com/security/cve/CVE-2023-52470.html * https://www.suse.com/security/cve/CVE-2023-52474.html * https://www.suse.com/security/cve/CVE-2023-52476.html * https://www.suse.com/security/cve/CVE-2023-52477.html * https://www.suse.com/security/cve/CVE-2023-52486.html * https://www.suse.com/security/cve/CVE-2023-52488.html * https://www.suse.com/security/cve/CVE-2023-52509.html * https://www.suse.com/security/cve/CVE-2023-52515.html * https://www.suse.com/security/cve/CVE-2023-52524.html * https://www.suse.com/security/cve/CVE-2023-52528.html * https://www.suse.com/security/cve/CVE-2023-52575.html * https://www.suse.com/security/cve/CVE-2023-52583.html * https://www.suse.com/security/cve/CVE-2023-52587.html * https://www.suse.com/security/cve/CVE-2023-52590.html * https://www.suse.com/security/cve/CVE-2023-52591.html * https://www.suse.com/security/cve/CVE-2023-52595.html * https://www.suse.com/security/cve/CVE-2023-52598.html * https://www.suse.com/security/cve/CVE-2023-52607.html * https://www.suse.com/security/cve/CVE-2023-52614.html * https://www.suse.com/security/cve/CVE-2023-52620.html * https://www.suse.com/security/cve/CVE-2023-52628.html * https://www.suse.com/security/cve/CVE-2023-52635.html * https://www.suse.com/security/cve/CVE-2023-52639.html * https://www.suse.com/security/cve/CVE-2023-52644.html * https://www.suse.com/security/cve/CVE-2023-52646.html * https://www.suse.com/security/cve/CVE-2023-52650.html * https://www.suse.com/security/cve/CVE-2023-52652.html * https://www.suse.com/security/cve/CVE-2023-52653.html * https://www.suse.com/security/cve/CVE-2023-6270.html * https://www.suse.com/security/cve/CVE-2023-6356.html * https://www.suse.com/security/cve/CVE-2023-6535.html * https://www.suse.com/security/cve/CVE-2023-6536.html * https://www.suse.com/security/cve/CVE-2023-7042.html * https://www.suse.com/security/cve/CVE-2023-7192.html * https://www.suse.com/security/cve/CVE-2024-2201.html * https://www.suse.com/security/cve/CVE-2024-22099.html * https://www.suse.com/security/cve/CVE-2024-23307.html * https://www.suse.com/security/cve/CVE-2024-23848.html * https://www.suse.com/security/cve/CVE-2024-24855.html * https://www.suse.com/security/cve/CVE-2024-24861.html * https://www.suse.com/security/cve/CVE-2024-26614.html * https://www.suse.com/security/cve/CVE-2024-26642.html * https://www.suse.com/security/cve/CVE-2024-26651.html * https://www.suse.com/security/cve/CVE-2024-26671.html * https://www.suse.com/security/cve/CVE-2024-26675.html * https://www.suse.com/security/cve/CVE-2024-26689.html * https://www.suse.com/security/cve/CVE-2024-26704.html * https://www.suse.com/security/cve/CVE-2024-26733.html * https://www.suse.com/security/cve/CVE-2024-26739.html * https://www.suse.com/security/cve/CVE-2024-26743.html * https://www.suse.com/security/cve/CVE-2024-26744.html * https://www.suse.com/security/cve/CVE-2024-26747.html * https://www.suse.com/security/cve/CVE-2024-26754.html * https://www.suse.com/security/cve/CVE-2024-26763.html * https://www.suse.com/security/cve/CVE-2024-26771.html * https://www.suse.com/security/cve/CVE-2024-26772.html * https://www.suse.com/security/cve/CVE-2024-26773.html * https://www.suse.com/security/cve/CVE-2024-26777.html * https://www.suse.com/security/cve/CVE-2024-26778.html * https://www.suse.com/security/cve/CVE-2024-26779.html * https://www.suse.com/security/cve/CVE-2024-26793.html * https://www.suse.com/security/cve/CVE-2024-26805.html * https://www.suse.com/security/cve/CVE-2024-26816.html * https://www.suse.com/security/cve/CVE-2024-26817.html * https://www.suse.com/security/cve/CVE-2024-26839.html * https://www.suse.com/security/cve/CVE-2024-26840.html * https://www.suse.com/security/cve/CVE-2024-26852.html * https://www.suse.com/security/cve/CVE-2024-26855.html * https://www.suse.com/security/cve/CVE-2024-26857.html * https://www.suse.com/security/cve/CVE-2024-26859.html * https://www.suse.com/security/cve/CVE-2024-26878.html * https://www.suse.com/security/cve/CVE-2024-26883.html * https://www.suse.com/security/cve/CVE-2024-26884.html * https://www.suse.com/security/cve/CVE-2024-26898.html * https://www.suse.com/security/cve/CVE-2024-26901.html * https://www.suse.com/security/cve/CVE-2024-26903.html * https://www.suse.com/security/cve/CVE-2024-26907.html * https://www.suse.com/security/cve/CVE-2024-26922.html * https://www.suse.com/security/cve/CVE-2024-26929.html * https://www.suse.com/security/cve/CVE-2024-26930.html * https://www.suse.com/security/cve/CVE-2024-26931.html * https://www.suse.com/security/cve/CVE-2024-26948.html * https://www.suse.com/security/cve/CVE-2024-26993.html * https://www.suse.com/security/cve/CVE-2024-27013.html * https://www.suse.com/security/cve/CVE-2024-27014.html * https://www.suse.com/security/cve/CVE-2024-27043.html * https://www.suse.com/security/cve/CVE-2024-27046.html * https://www.suse.com/security/cve/CVE-2024-27054.html * https://www.suse.com/security/cve/CVE-2024-27072.html * https://www.suse.com/security/cve/CVE-2024-27073.html * https://www.suse.com/security/cve/CVE-2024-27074.html * https://www.suse.com/security/cve/CVE-2024-27075.html * https://www.suse.com/security/cve/CVE-2024-27078.html * https://www.suse.com/security/cve/CVE-2024-27388.html * https://bugzilla.suse.com/show_bug.cgi?id=1084332 * https://bugzilla.suse.com/show_bug.cgi?id=1141539 * https://bugzilla.suse.com/show_bug.cgi?id=1184509 * https://bugzilla.suse.com/show_bug.cgi?id=1186060 * https://bugzilla.suse.com/show_bug.cgi?id=1190317 * https://bugzilla.suse.com/show_bug.cgi?id=1190576 * https://bugzilla.suse.com/show_bug.cgi?id=1192145 * https://bugzilla.suse.com/show_bug.cgi?id=1194516 * https://bugzilla.suse.com/show_bug.cgi?id=1203935 * https://bugzilla.suse.com/show_bug.cgi?id=1209657 * https://bugzilla.suse.com/show_bug.cgi?id=1211592 * https://bugzilla.suse.com/show_bug.cgi?id=1212514 * https://bugzilla.suse.com/show_bug.cgi?id=1213456 * https://bugzilla.suse.com/show_bug.cgi?id=1217339 * https://bugzilla.suse.com/show_bug.cgi?id=1217987 * https://bugzilla.suse.com/show_bug.cgi?id=1217988 * https://bugzilla.suse.com/show_bug.cgi?id=1217989 * https://bugzilla.suse.com/show_bug.cgi?id=1218220 * https://bugzilla.suse.com/show_bug.cgi?id=1218336 * https://bugzilla.suse.com/show_bug.cgi?id=1218479 * https://bugzilla.suse.com/show_bug.cgi?id=1218562 * https://bugzilla.suse.com/show_bug.cgi?id=1219104 * https://bugzilla.suse.com/show_bug.cgi?id=1219169 * https://bugzilla.suse.com/show_bug.cgi?id=1219170 * https://bugzilla.suse.com/show_bug.cgi?id=1219618 * https://bugzilla.suse.com/show_bug.cgi?id=1219623 * https://bugzilla.suse.com/show_bug.cgi?id=1219847 * https://bugzilla.suse.com/show_bug.cgi?id=1220320 * https://bugzilla.suse.com/show_bug.cgi?id=1220366 * https://bugzilla.suse.com/show_bug.cgi?id=1220394 * https://bugzilla.suse.com/show_bug.cgi?id=1220411 * https://bugzilla.suse.com/show_bug.cgi?id=1220416 * https://bugzilla.suse.com/show_bug.cgi?id=1220418 * https://bugzilla.suse.com/show_bug.cgi?id=1220422 * https://bugzilla.suse.com/show_bug.cgi?id=1220442 * https://bugzilla.suse.com/show_bug.cgi?id=1220445 * https://bugzilla.suse.com/show_bug.cgi?id=1220505 * https://bugzilla.suse.com/show_bug.cgi?id=1220521 * https://bugzilla.suse.com/show_bug.cgi?id=1220528 * https://bugzilla.suse.com/show_bug.cgi?id=1220536 * https://bugzilla.suse.com/show_bug.cgi?id=1220538 * https://bugzilla.suse.com/show_bug.cgi?id=1220554 * https://bugzilla.suse.com/show_bug.cgi?id=1220572 * https://bugzilla.suse.com/show_bug.cgi?id=1220580 * https://bugzilla.suse.com/show_bug.cgi?id=1220611 * https://bugzilla.suse.com/show_bug.cgi?id=1220625 * https://bugzilla.suse.com/show_bug.cgi?id=1220628 * https://bugzilla.suse.com/show_bug.cgi?id=1220637 * https://bugzilla.suse.com/show_bug.cgi?id=1220640 * https://bugzilla.suse.com/show_bug.cgi?id=1220662 * https://bugzilla.suse.com/show_bug.cgi?id=1220687 * https://bugzilla.suse.com/show_bug.cgi?id=1220692 * https://bugzilla.suse.com/show_bug.cgi?id=1220703 * https://bugzilla.suse.com/show_bug.cgi?id=1220706 * https://bugzilla.suse.com/show_bug.cgi?id=1220739 * https://bugzilla.suse.com/show_bug.cgi?id=1220742 * https://bugzilla.suse.com/show_bug.cgi?id=1220743 * https://bugzilla.suse.com/show_bug.cgi?id=1220745 * https://bugzilla.suse.com/show_bug.cgi?id=1220751 * https://bugzilla.suse.com/show_bug.cgi?id=1220768 * https://bugzilla.suse.com/show_bug.cgi?id=1220769 * https://bugzilla.suse.com/show_bug.cgi?id=1220777 * https://bugzilla.suse.com/show_bug.cgi?id=1220790 * https://bugzilla.suse.com/show_bug.cgi?id=1220794 * https://bugzilla.suse.com/show_bug.cgi?id=1220829 * https://bugzilla.suse.com/show_bug.cgi?id=1220836 * https://bugzilla.suse.com/show_bug.cgi?id=1220843 * https://bugzilla.suse.com/show_bug.cgi?id=1220846 * https://bugzilla.suse.com/show_bug.cgi?id=1220850 * https://bugzilla.suse.com/show_bug.cgi?id=1220871 * https://bugzilla.suse.com/show_bug.cgi?id=1220927 * https://bugzilla.suse.com/show_bug.cgi?id=1220960 * https://bugzilla.suse.com/show_bug.cgi?id=1220985 * https://bugzilla.suse.com/show_bug.cgi?id=1220987 * https://bugzilla.suse.com/show_bug.cgi?id=1221044 * https://bugzilla.suse.com/show_bug.cgi?id=1221046 * https://bugzilla.suse.com/show_bug.cgi?id=1221048 * https://bugzilla.suse.com/show_bug.cgi?id=1221058 * https://bugzilla.suse.com/show_bug.cgi?id=1221060 * https://bugzilla.suse.com/show_bug.cgi?id=1221061 * https://bugzilla.suse.com/show_bug.cgi?id=1221077 * https://bugzilla.suse.com/show_bug.cgi?id=1221082 * https://bugzilla.suse.com/show_bug.cgi?id=1221088 * https://bugzilla.suse.com/show_bug.cgi?id=1221162 * https://bugzilla.suse.com/show_bug.cgi?id=1221277 * https://bugzilla.suse.com/show_bug.cgi?id=1221293 * https://bugzilla.suse.com/show_bug.cgi?id=1221337 * https://bugzilla.suse.com/show_bug.cgi?id=1221532 * https://bugzilla.suse.com/show_bug.cgi?id=1221541 * https://bugzilla.suse.com/show_bug.cgi?id=1221548 * https://bugzilla.suse.com/show_bug.cgi?id=1221575 * https://bugzilla.suse.com/show_bug.cgi?id=1221605 * https://bugzilla.suse.com/show_bug.cgi?id=1221608 * https://bugzilla.suse.com/show_bug.cgi?id=1221617 * https://bugzilla.suse.com/show_bug.cgi?id=1221791 * https://bugzilla.suse.com/show_bug.cgi?id=1221816 * https://bugzilla.suse.com/show_bug.cgi?id=1221825 * https://bugzilla.suse.com/show_bug.cgi?id=1221830 * https://bugzilla.suse.com/show_bug.cgi?id=1221862 * https://bugzilla.suse.com/show_bug.cgi?id=1221934 * https://bugzilla.suse.com/show_bug.cgi?id=1221949 * https://bugzilla.suse.com/show_bug.cgi?id=1221952 * https://bugzilla.suse.com/show_bug.cgi?id=1221953 * https://bugzilla.suse.com/show_bug.cgi?id=1221965 * https://bugzilla.suse.com/show_bug.cgi?id=1221966 * https://bugzilla.suse.com/show_bug.cgi?id=1221967 * https://bugzilla.suse.com/show_bug.cgi?id=1221969 * https://bugzilla.suse.com/show_bug.cgi?id=1221972 * https://bugzilla.suse.com/show_bug.cgi?id=1221973 * https://bugzilla.suse.com/show_bug.cgi?id=1221977 * https://bugzilla.suse.com/show_bug.cgi?id=1221979 * https://bugzilla.suse.com/show_bug.cgi?id=1221988 * https://bugzilla.suse.com/show_bug.cgi?id=1221991 * https://bugzilla.suse.com/show_bug.cgi?id=1221993 * https://bugzilla.suse.com/show_bug.cgi?id=1221994 * https://bugzilla.suse.com/show_bug.cgi?id=1221997 * https://bugzilla.suse.com/show_bug.cgi?id=1221998 * https://bugzilla.suse.com/show_bug.cgi?id=1221999 * https://bugzilla.suse.com/show_bug.cgi?id=1222000 * https://bugzilla.suse.com/show_bug.cgi?id=1222001 * https://bugzilla.suse.com/show_bug.cgi?id=1222002 * https://bugzilla.suse.com/show_bug.cgi?id=1222117 * https://bugzilla.suse.com/show_bug.cgi?id=1222294 * https://bugzilla.suse.com/show_bug.cgi?id=1222300 * https://bugzilla.suse.com/show_bug.cgi?id=1222357 * https://bugzilla.suse.com/show_bug.cgi?id=1222379 * https://bugzilla.suse.com/show_bug.cgi?id=1222422 * https://bugzilla.suse.com/show_bug.cgi?id=1222428 * https://bugzilla.suse.com/show_bug.cgi?id=1222449 * https://bugzilla.suse.com/show_bug.cgi?id=1222503 * https://bugzilla.suse.com/show_bug.cgi?id=1222559 * https://bugzilla.suse.com/show_bug.cgi?id=1222585 * https://bugzilla.suse.com/show_bug.cgi?id=1222609 * https://bugzilla.suse.com/show_bug.cgi?id=1222610 * https://bugzilla.suse.com/show_bug.cgi?id=1222613 * https://bugzilla.suse.com/show_bug.cgi?id=1222618 * https://bugzilla.suse.com/show_bug.cgi?id=1222619 * https://bugzilla.suse.com/show_bug.cgi?id=1222624 * https://bugzilla.suse.com/show_bug.cgi?id=1222630 * https://bugzilla.suse.com/show_bug.cgi?id=1222632 * https://bugzilla.suse.com/show_bug.cgi?id=1222660 * https://bugzilla.suse.com/show_bug.cgi?id=1222662 * https://bugzilla.suse.com/show_bug.cgi?id=1222664 * https://bugzilla.suse.com/show_bug.cgi?id=1222666 * https://bugzilla.suse.com/show_bug.cgi?id=1222669 * https://bugzilla.suse.com/show_bug.cgi?id=1222671 * https://bugzilla.suse.com/show_bug.cgi?id=1222677 * https://bugzilla.suse.com/show_bug.cgi?id=1222706 * https://bugzilla.suse.com/show_bug.cgi?id=1222720 * https://bugzilla.suse.com/show_bug.cgi?id=1222765 * https://bugzilla.suse.com/show_bug.cgi?id=1222770 * https://bugzilla.suse.com/show_bug.cgi?id=1222772 * https://bugzilla.suse.com/show_bug.cgi?id=1222787 * https://bugzilla.suse.com/show_bug.cgi?id=1222790 * https://bugzilla.suse.com/show_bug.cgi?id=1222812 * https://bugzilla.suse.com/show_bug.cgi?id=1222836 * https://bugzilla.suse.com/show_bug.cgi?id=1222869 * https://bugzilla.suse.com/show_bug.cgi?id=1222876 * https://bugzilla.suse.com/show_bug.cgi?id=1222878 * https://bugzilla.suse.com/show_bug.cgi?id=1222881 * https://bugzilla.suse.com/show_bug.cgi?id=1222883 * https://bugzilla.suse.com/show_bug.cgi?id=1222888 * https://bugzilla.suse.com/show_bug.cgi?id=1222952 * https://bugzilla.suse.com/show_bug.cgi?id=1222961 * https://bugzilla.suse.com/show_bug.cgi?id=1222975 * https://bugzilla.suse.com/show_bug.cgi?id=1222976 * https://bugzilla.suse.com/show_bug.cgi?id=1223016 * https://bugzilla.suse.com/show_bug.cgi?id=1223035 * https://bugzilla.suse.com/show_bug.cgi?id=1223049 * https://bugzilla.suse.com/show_bug.cgi?id=1223051 * https://bugzilla.suse.com/show_bug.cgi?id=1223057 * https://bugzilla.suse.com/show_bug.cgi?id=1223058 * https://bugzilla.suse.com/show_bug.cgi?id=1223060 * https://bugzilla.suse.com/show_bug.cgi?id=1223187 * https://bugzilla.suse.com/show_bug.cgi?id=1223189 * https://bugzilla.suse.com/show_bug.cgi?id=1223198 * https://bugzilla.suse.com/show_bug.cgi?id=1223203 * https://bugzilla.suse.com/show_bug.cgi?id=1223315 * https://bugzilla.suse.com/show_bug.cgi?id=1223432 * https://bugzilla.suse.com/show_bug.cgi?id=1223509 * https://bugzilla.suse.com/show_bug.cgi?id=1223512 * https://bugzilla.suse.com/show_bug.cgi?id=1223513 * https://bugzilla.suse.com/show_bug.cgi?id=1223516 * https://bugzilla.suse.com/show_bug.cgi?id=1223518 * https://bugzilla.suse.com/show_bug.cgi?id=1223626 * https://bugzilla.suse.com/show_bug.cgi?id=1223627 * https://bugzilla.suse.com/show_bug.cgi?id=1223664 * https://bugzilla.suse.com/show_bug.cgi?id=1223686 * https://bugzilla.suse.com/show_bug.cgi?id=1223693 * https://bugzilla.suse.com/show_bug.cgi?id=1223712 * https://bugzilla.suse.com/show_bug.cgi?id=1223715 * https://bugzilla.suse.com/show_bug.cgi?id=1223735 * https://bugzilla.suse.com/show_bug.cgi?id=1223744 * https://bugzilla.suse.com/show_bug.cgi?id=1223745 * https://bugzilla.suse.com/show_bug.cgi?id=1223770 * https://bugzilla.suse.com/show_bug.cgi?id=1223781 * https://bugzilla.suse.com/show_bug.cgi?id=1223819 * https://bugzilla.suse.com/show_bug.cgi?id=1223824 * https://bugzilla.suse.com/show_bug.cgi?id=1223827 * https://bugzilla.suse.com/show_bug.cgi?id=1223837 * https://bugzilla.suse.com/show_bug.cgi?id=1223842 * https://bugzilla.suse.com/show_bug.cgi?id=1223843 * https://bugzilla.suse.com/show_bug.cgi?id=1223844 * https://bugzilla.suse.com/show_bug.cgi?id=1223883 * https://bugzilla.suse.com/show_bug.cgi?id=1223885 * https://bugzilla.suse.com/show_bug.cgi?id=1223921 * https://bugzilla.suse.com/show_bug.cgi?id=1223941 * https://bugzilla.suse.com/show_bug.cgi?id=1223952 * https://bugzilla.suse.com/show_bug.cgi?id=1223953 * https://bugzilla.suse.com/show_bug.cgi?id=1223954 * https://bugzilla.suse.com/show_bug.cgi?id=1224785 * https://jira.suse.com/browse/PED-5759 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 31 08:30:06 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 31 May 2024 08:30:06 -0000 Subject: SUSE-SU-2024:1882-1: important: Security update for gstreamer-plugins-base Message-ID: <171714420608.22822.10494844527171428048@smelt2.prg2.suse.org> # Security update for gstreamer-plugins-base Announcement ID: SUSE-SU-2024:1882-1 Rating: important References: * bsc#1224806 Cross-References: * CVE-2024-4453 CVSS scores: * CVE-2024-4453 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Package Hub 15 15-SP5 An update that solves one vulnerability can now be installed. ## Description: This update for gstreamer-plugins-base fixes the following issues: * CVE-2024-4453: Fixed lack of proper validation of user-supplied data when parsing EXIF metadata (bsc#1224806) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-1882=1 openSUSE-SLE-15.5-2024-1882=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-1882=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-1882=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-1882=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * libgstrtp-1_0-0-debuginfo-1.22.0-150500.3.8.2 * typelib-1_0-GstGLX11-1_0-1.22.0-150500.3.8.2 * libgsttag-1_0-0-debuginfo-1.22.0-150500.3.8.2 * libgstallocators-1_0-0-1.22.0-150500.3.8.2 * libgstriff-1_0-0-debuginfo-1.22.0-150500.3.8.2 * libgstrtsp-1_0-0-debuginfo-1.22.0-150500.3.8.2 * libgstpbutils-1_0-0-debuginfo-1.22.0-150500.3.8.2 * libgstaudio-1_0-0-1.22.0-150500.3.8.2 * typelib-1_0-GstAllocators-1_0-1.22.0-150500.3.8.2 * libgstvideo-1_0-0-1.22.0-150500.3.8.2 * typelib-1_0-GstTag-1_0-1.22.0-150500.3.8.2 * typelib-1_0-GstRtp-1_0-1.22.0-150500.3.8.2 * typelib-1_0-GstRtsp-1_0-1.22.0-150500.3.8.2 * libgstsdp-1_0-0-1.22.0-150500.3.8.2 * libgstgl-1_0-0-debuginfo-1.22.0-150500.3.8.2 * libgstsdp-1_0-0-debuginfo-1.22.0-150500.3.8.2 * libgstvideo-1_0-0-debuginfo-1.22.0-150500.3.8.2 * libgstfft-1_0-0-1.22.0-150500.3.8.2 * libgstpbutils-1_0-0-1.22.0-150500.3.8.2 * gstreamer-plugins-base-devel-1.22.0-150500.3.8.2 * libgstrtsp-1_0-0-1.22.0-150500.3.8.2 * typelib-1_0-GstPbutils-1_0-1.22.0-150500.3.8.2 * libgstapp-1_0-0-1.22.0-150500.3.8.2 * libgstriff-1_0-0-1.22.0-150500.3.8.2 * libgstfft-1_0-0-debuginfo-1.22.0-150500.3.8.2 * libgsttag-1_0-0-1.22.0-150500.3.8.2 * gstreamer-plugins-base-debuginfo-1.22.0-150500.3.8.2 * libgstrtp-1_0-0-1.22.0-150500.3.8.2 * typelib-1_0-GstAudio-1_0-1.22.0-150500.3.8.2 * typelib-1_0-GstSdp-1_0-1.22.0-150500.3.8.2 * libgstapp-1_0-0-debuginfo-1.22.0-150500.3.8.2 * typelib-1_0-GstVideo-1_0-1.22.0-150500.3.8.2 * libgstgl-1_0-0-1.22.0-150500.3.8.2 * gstreamer-plugins-base-debugsource-1.22.0-150500.3.8.2 * typelib-1_0-GstGLWayland-1_0-1.22.0-150500.3.8.2 * typelib-1_0-GstGL-1_0-1.22.0-150500.3.8.2 * libgstallocators-1_0-0-debuginfo-1.22.0-150500.3.8.2 * typelib-1_0-GstApp-1_0-1.22.0-150500.3.8.2 * typelib-1_0-GstGLEGL-1_0-1.22.0-150500.3.8.2 * libgstaudio-1_0-0-debuginfo-1.22.0-150500.3.8.2 * gstreamer-plugins-base-1.22.0-150500.3.8.2 * openSUSE Leap 15.5 (x86_64) * libgstsdp-1_0-0-32bit-1.22.0-150500.3.8.2 * libgstpbutils-1_0-0-32bit-debuginfo-1.22.0-150500.3.8.2 * libgstsdp-1_0-0-32bit-debuginfo-1.22.0-150500.3.8.2 * libgstpbutils-1_0-0-32bit-1.22.0-150500.3.8.2 * libgstriff-1_0-0-32bit-debuginfo-1.22.0-150500.3.8.2 * libgstaudio-1_0-0-32bit-1.22.0-150500.3.8.2 * libgstapp-1_0-0-32bit-debuginfo-1.22.0-150500.3.8.2 * libgstriff-1_0-0-32bit-1.22.0-150500.3.8.2 * gstreamer-plugins-base-32bit-1.22.0-150500.3.8.2 * libgstrtp-1_0-0-32bit-debuginfo-1.22.0-150500.3.8.2 * libgstfft-1_0-0-32bit-1.22.0-150500.3.8.2 * libgstapp-1_0-0-32bit-1.22.0-150500.3.8.2 * libgstaudio-1_0-0-32bit-debuginfo-1.22.0-150500.3.8.2 * libgstgl-1_0-0-32bit-debuginfo-1.22.0-150500.3.8.2 * libgstrtsp-1_0-0-32bit-debuginfo-1.22.0-150500.3.8.2 * libgstallocators-1_0-0-32bit-debuginfo-1.22.0-150500.3.8.2 * libgsttag-1_0-0-32bit-1.22.0-150500.3.8.2 * libgstrtp-1_0-0-32bit-1.22.0-150500.3.8.2 * libgstallocators-1_0-0-32bit-1.22.0-150500.3.8.2 * libgstvideo-1_0-0-32bit-debuginfo-1.22.0-150500.3.8.2 * libgstvideo-1_0-0-32bit-1.22.0-150500.3.8.2 * gstreamer-plugins-base-devel-32bit-1.22.0-150500.3.8.2 * libgsttag-1_0-0-32bit-debuginfo-1.22.0-150500.3.8.2 * libgstgl-1_0-0-32bit-1.22.0-150500.3.8.2 * libgstfft-1_0-0-32bit-debuginfo-1.22.0-150500.3.8.2 * gstreamer-plugins-base-32bit-debuginfo-1.22.0-150500.3.8.2 * libgstrtsp-1_0-0-32bit-1.22.0-150500.3.8.2 * openSUSE Leap 15.5 (noarch) * gstreamer-plugins-base-lang-1.22.0-150500.3.8.2 * openSUSE Leap 15.5 (aarch64_ilp32) * libgstrtsp-1_0-0-64bit-1.22.0-150500.3.8.2 * libgstaudio-1_0-0-64bit-debuginfo-1.22.0-150500.3.8.2 * libgstsdp-1_0-0-64bit-1.22.0-150500.3.8.2 * libgstgl-1_0-0-64bit-1.22.0-150500.3.8.2 * libgstaudio-1_0-0-64bit-1.22.0-150500.3.8.2 * libgstrtsp-1_0-0-64bit-debuginfo-1.22.0-150500.3.8.2 * libgstpbutils-1_0-0-64bit-debuginfo-1.22.0-150500.3.8.2 * libgstfft-1_0-0-64bit-1.22.0-150500.3.8.2 * libgstallocators-1_0-0-64bit-1.22.0-150500.3.8.2 * gstreamer-plugins-base-64bit-debuginfo-1.22.0-150500.3.8.2 * libgstrtp-1_0-0-64bit-debuginfo-1.22.0-150500.3.8.2 * libgstvideo-1_0-0-64bit-1.22.0-150500.3.8.2 * libgstriff-1_0-0-64bit-1.22.0-150500.3.8.2 * libgstfft-1_0-0-64bit-debuginfo-1.22.0-150500.3.8.2 * libgstrtp-1_0-0-64bit-1.22.0-150500.3.8.2 * gstreamer-plugins-base-devel-64bit-1.22.0-150500.3.8.2 * libgstapp-1_0-0-64bit-1.22.0-150500.3.8.2 * libgstallocators-1_0-0-64bit-debuginfo-1.22.0-150500.3.8.2 * libgstvideo-1_0-0-64bit-debuginfo-1.22.0-150500.3.8.2 * gstreamer-plugins-base-64bit-1.22.0-150500.3.8.2 * libgstsdp-1_0-0-64bit-debuginfo-1.22.0-150500.3.8.2 * libgstpbutils-1_0-0-64bit-1.22.0-150500.3.8.2 * libgstgl-1_0-0-64bit-debuginfo-1.22.0-150500.3.8.2 * libgstriff-1_0-0-64bit-debuginfo-1.22.0-150500.3.8.2 * libgstapp-1_0-0-64bit-debuginfo-1.22.0-150500.3.8.2 * libgsttag-1_0-0-64bit-debuginfo-1.22.0-150500.3.8.2 * libgsttag-1_0-0-64bit-1.22.0-150500.3.8.2 * SUSE Linux Enterprise Micro 5.5 (aarch64 s390x x86_64) * libgstgl-1_0-0-debuginfo-1.22.0-150500.3.8.2 * libgstapp-1_0-0-1.22.0-150500.3.8.2 * libgsttag-1_0-0-debuginfo-1.22.0-150500.3.8.2 * libgstvideo-1_0-0-debuginfo-1.22.0-150500.3.8.2 * libgstallocators-1_0-0-1.22.0-150500.3.8.2 * libgstriff-1_0-0-1.22.0-150500.3.8.2 * libgstallocators-1_0-0-debuginfo-1.22.0-150500.3.8.2 * libgsttag-1_0-0-1.22.0-150500.3.8.2 * gstreamer-plugins-base-debuginfo-1.22.0-150500.3.8.2 * libgstgl-1_0-0-1.22.0-150500.3.8.2 * libgstpbutils-1_0-0-1.22.0-150500.3.8.2 * libgstriff-1_0-0-debuginfo-1.22.0-150500.3.8.2 * libgstaudio-1_0-0-debuginfo-1.22.0-150500.3.8.2 * libgstapp-1_0-0-debuginfo-1.22.0-150500.3.8.2 * libgstpbutils-1_0-0-debuginfo-1.22.0-150500.3.8.2 * libgstaudio-1_0-0-1.22.0-150500.3.8.2 * gstreamer-plugins-base-debugsource-1.22.0-150500.3.8.2 * libgstvideo-1_0-0-1.22.0-150500.3.8.2 * gstreamer-plugins-base-1.22.0-150500.3.8.2 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * libgstrtp-1_0-0-debuginfo-1.22.0-150500.3.8.2 * typelib-1_0-GstGLX11-1_0-1.22.0-150500.3.8.2 * libgsttag-1_0-0-debuginfo-1.22.0-150500.3.8.2 * libgstallocators-1_0-0-1.22.0-150500.3.8.2 * libgstriff-1_0-0-debuginfo-1.22.0-150500.3.8.2 * libgstrtsp-1_0-0-debuginfo-1.22.0-150500.3.8.2 * libgstpbutils-1_0-0-debuginfo-1.22.0-150500.3.8.2 * libgstaudio-1_0-0-1.22.0-150500.3.8.2 * typelib-1_0-GstAllocators-1_0-1.22.0-150500.3.8.2 * libgstvideo-1_0-0-1.22.0-150500.3.8.2 * typelib-1_0-GstTag-1_0-1.22.0-150500.3.8.2 * typelib-1_0-GstRtp-1_0-1.22.0-150500.3.8.2 * typelib-1_0-GstRtsp-1_0-1.22.0-150500.3.8.2 * libgstsdp-1_0-0-1.22.0-150500.3.8.2 * libgstgl-1_0-0-debuginfo-1.22.0-150500.3.8.2 * libgstsdp-1_0-0-debuginfo-1.22.0-150500.3.8.2 * libgstvideo-1_0-0-debuginfo-1.22.0-150500.3.8.2 * libgstfft-1_0-0-1.22.0-150500.3.8.2 * libgstpbutils-1_0-0-1.22.0-150500.3.8.2 * gstreamer-plugins-base-devel-1.22.0-150500.3.8.2 * libgstrtsp-1_0-0-1.22.0-150500.3.8.2 * typelib-1_0-GstPbutils-1_0-1.22.0-150500.3.8.2 * libgstapp-1_0-0-1.22.0-150500.3.8.2 * libgstriff-1_0-0-1.22.0-150500.3.8.2 * libgstfft-1_0-0-debuginfo-1.22.0-150500.3.8.2 * libgsttag-1_0-0-1.22.0-150500.3.8.2 * gstreamer-plugins-base-debuginfo-1.22.0-150500.3.8.2 * libgstrtp-1_0-0-1.22.0-150500.3.8.2 * typelib-1_0-GstAudio-1_0-1.22.0-150500.3.8.2 * typelib-1_0-GstSdp-1_0-1.22.0-150500.3.8.2 * libgstapp-1_0-0-debuginfo-1.22.0-150500.3.8.2 * typelib-1_0-GstVideo-1_0-1.22.0-150500.3.8.2 * libgstgl-1_0-0-1.22.0-150500.3.8.2 * gstreamer-plugins-base-debugsource-1.22.0-150500.3.8.2 * typelib-1_0-GstGLWayland-1_0-1.22.0-150500.3.8.2 * typelib-1_0-GstGL-1_0-1.22.0-150500.3.8.2 * libgstallocators-1_0-0-debuginfo-1.22.0-150500.3.8.2 * typelib-1_0-GstApp-1_0-1.22.0-150500.3.8.2 * typelib-1_0-GstGLEGL-1_0-1.22.0-150500.3.8.2 * libgstaudio-1_0-0-debuginfo-1.22.0-150500.3.8.2 * gstreamer-plugins-base-1.22.0-150500.3.8.2 * Basesystem Module 15-SP5 (noarch) * gstreamer-plugins-base-lang-1.22.0-150500.3.8.2 * SUSE Package Hub 15 15-SP5 (x86_64) * libgsttag-1_0-0-32bit-1.22.0-150500.3.8.2 * libgsttag-1_0-0-32bit-debuginfo-1.22.0-150500.3.8.2 * gstreamer-plugins-base-debuginfo-1.22.0-150500.3.8.2 * gstreamer-plugins-base-32bit-debuginfo-1.22.0-150500.3.8.2 * libgstaudio-1_0-0-32bit-debuginfo-1.22.0-150500.3.8.2 * libgstaudio-1_0-0-32bit-1.22.0-150500.3.8.2 * libgstvideo-1_0-0-32bit-debuginfo-1.22.0-150500.3.8.2 * gstreamer-plugins-base-debugsource-1.22.0-150500.3.8.2 * libgstvideo-1_0-0-32bit-1.22.0-150500.3.8.2 ## References: * https://www.suse.com/security/cve/CVE-2024-4453.html * https://bugzilla.suse.com/show_bug.cgi?id=1224806 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 31 08:30:08 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 31 May 2024 08:30:08 -0000 Subject: SUSE-SU-2024:1880-1: moderate: Security update for python-requests Message-ID: <171714420836.22822.11180697974409405633@smelt2.prg2.suse.org> # Security update for python-requests Announcement ID: SUSE-SU-2024:1880-1 Rating: moderate References: * bsc#1224788 Cross-References: * CVE-2024-35195 CVSS scores: * CVE-2024-35195 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N Affected Products: * Basesystem Module 15-SP5 * Basesystem Module 15-SP6 * openSUSE Leap 15.3 * openSUSE Leap 15.5 * openSUSE Leap Micro 5.3 * openSUSE Leap Micro 5.4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for python-requests fixes the following issues: * CVE-2024-35195: Fixed cert verification regardless of changes to the value of `verify` (bsc#1224788). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-1880=1 * openSUSE Leap Micro 5.3 zypper in -t patch openSUSE-Leap-Micro-5.3-2024-1880=1 * openSUSE Leap Micro 5.4 zypper in -t patch openSUSE-Leap-Micro-5.4-2024-1880=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1880=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-1880=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-1880=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-1880=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-1880=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-1880=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-1880=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-1880=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-1880=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-1880=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-1880=1 ## Package List: * openSUSE Leap 15.3 (noarch) * python3-requests-2.25.1-150300.3.9.1 * python2-requests-2.25.1-150300.3.9.1 * openSUSE Leap Micro 5.3 (noarch) * python3-requests-2.25.1-150300.3.9.1 * openSUSE Leap Micro 5.4 (noarch) * python3-requests-2.25.1-150300.3.9.1 * openSUSE Leap 15.5 (noarch) * python3-requests-2.25.1-150300.3.9.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (noarch) * python3-requests-2.25.1-150300.3.9.1 * SUSE Linux Enterprise Micro 5.3 (noarch) * python3-requests-2.25.1-150300.3.9.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (noarch) * python3-requests-2.25.1-150300.3.9.1 * SUSE Linux Enterprise Micro 5.4 (noarch) * python3-requests-2.25.1-150300.3.9.1 * SUSE Linux Enterprise Micro 5.5 (noarch) * python3-requests-2.25.1-150300.3.9.1 * Basesystem Module 15-SP5 (noarch) * python3-requests-2.25.1-150300.3.9.1 * Basesystem Module 15-SP6 (noarch) * python3-requests-2.25.1-150300.3.9.1 * SUSE Linux Enterprise Micro 5.1 (noarch) * python3-requests-2.25.1-150300.3.9.1 * SUSE Linux Enterprise Micro 5.2 (noarch) * python3-requests-2.25.1-150300.3.9.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (noarch) * python3-requests-2.25.1-150300.3.9.1 ## References: * https://www.suse.com/security/cve/CVE-2024-35195.html * https://bugzilla.suse.com/show_bug.cgi?id=1224788 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 31 08:30:20 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 31 May 2024 08:30:20 -0000 Subject: SUSE-SU-2024:1874-1: important: Security update for Java Message-ID: <171714422067.22822.11247599928138747012@smelt2.prg2.suse.org> # Security update for Java Announcement ID: SUSE-SU-2024:1874-1 Rating: important References: * bsc#1187446 * bsc#1224410 Cross-References: * CVE-2021-33813 CVSS scores: * CVE-2021-33813 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2021-33813 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP5 * Basesystem Module 15-SP6 * Development Tools Module 15-SP5 * Development Tools Module 15-SP6 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 * SUSE Manager Server 4.3 Module 4.3 * SUSE Package Hub 15 15-SP6 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for Java fixes thefollowing issues: apiguardian was updated to vesion 1.1.2: * Added LICENSE/NOTICE to the generated jar * Allow @API to be declared at the package level * Explain usage of Status.DEPRECATED * Include OSGi metadata in manifest assertj-core was implemented at version 3.25.3: * New package implementation needed by Junit5 byte-buddy was updated to version v1.14.16: * `byte-buddy` is required by `assertj-core` * Changes in version v1.14.16: * Update ASM and introduce support for Java 23. * Changes in version v1.14.15: * Allow attaching from root on J9. * Changes of v1.14.14: * Adjust type validation to accept additional names that are legal in the class file format. * Fix dynamic attach on Windows when a service user is active. * Avoid failure when using Android's strict mode. dom4j was updated to version 2.1.4: * Improvements and potentially breaking changes: * Added new factory method org.dom4j.io.SAXReader.createDefault(). It has more secure defaults than new SAXReader(), which uses system XMLReaderFactory.createXMLReader() or SAXParserFactory.newInstance().newSAXParser(). * If you use some optional dependency of dom4j (for example Jaxen, xsdlib etc.), you need to specify an explicit dependency on it in your project. They are no longer marked as a mandatory transitive dependency by dom4j. * Following SAX parser features are disabled by default in DocumentHelper.parse() for security reasons (they were enabled in previous versions): * http://xml.org/sax/properties/external-general-entities * http://xml.org/sax/properties/external-parameter-entities * Other changes: * Do not depend on jtidy, since it is not used during build * Fixed license to Plexus * JPMS: Add the Automatic-Module-Name attribute to the manifest. * Make a separate flavour for a minimal `dom4j-bootstrap` package used to build `jaxen` and full `dom4j` * Updated pull-parser version * Reuse the writeAttribute method in writeAttributes * Support build on OS with non-UTF8 as default charset * Gradle: add an automatic module name * Use Correct License Name "Plexus" * Possible vulnerability of DocumentHelper.parseText() to XML injection * CVS directories left in the source tree * XMLWriter does not escape supplementary unicode characters correctly * writer.writeOpen(x) doesn't write namespaces * Fixed concurrency problem with QNameCache * All dependencies are optional * SAXReader: hardcoded namespace features * Validate QNames * StringIndexOutOfBoundsException in XMLWriter.writeElementContent() * TreeNode has grown some generics * QName serialization fix * DocumentException initialize with nested exception * Accidentally occurring error in a multi-threaded test * Added compatibility with W3C DOM Level 3 * Use Java generics hamcrest: * `hamcrest-core` has been replaced by `hamcrest` (no source changes) junit had the following change: * Require hamcrest >= 2.2 junit5 was updated to version 5.10.2: * Conditional execution based on OS architectures * Configurable cleanup mode for @TempDir * Configurable thread mode for @Timeout * Custom class loader support for class/method selectors, @MethodSource, @EnabledIf, and @DisabledIf * Dry-run mode for test execution * Failure threshold for @RepeatedTest * Fixed build with the latest open-test-reporting milestone * Fixed dependencies in module-info.java files * Fixed unreported exception error that is fatal with JDK 21 * Improved configurability of parallel execution * New @SelectMethod support in test @Suite classes. * New ConsoleLauncher subcommand for test discovery without execution * New convenience base classes for implementing ArgumentsProvider and ArgumentConverter * New IterationSelector * New LauncherInterceptor SPI * New NamespacedHierarchicalStore for use in third-party test engines * New TempDirFactory SPI for customizing how temporary directories are created * New testfeed details mode for ConsoleLauncher * New TestInstancePreConstructCallback extension API * Numerous bug fixes and minor improvements * Parameter injection for @MethodSource methods * Promotion of various experimental APIs to stable * Reusable parameter resolution for custom extension methods via ExecutableInvoker * Stacktrace pruning to hide internal JUnit calls * The binaries are compatible with java 1.8 * Various improvements to ConsoleLauncher * XML reports in new Open Test Reporting format jdom: * Security issues fixed: * CVE-2021-33813: Fixed an XXE issue in SAXBuilder in JDOM through 2.0.6 allows attackers to cause a denial of service via a crafted HTTP request (bsc#1187446) * Other changes and bugs fixed: * Fixed wrong entries in changelog (bsc#1224410) * The packages `jaxen`, `saxpath` and `xom` are now separate standalone packages instead of being part of `jdom` jaxen was implemented at version 2.0.0: * New standalone RPM package implementation, originally part of `jdom` source package * Classpaths are much smaller and less complex, and will suppress a lot of noise from static analysis tools. * The Jaxen core code is also a little smaller and has fixed a few minor bugs in XPath evaluation * Despite the major version bump, this should be a drop in replacement for almost every project. The two major possible incompatibilities are: * The minimum supported Java version is now 1.5, up from 1.4 in 1.2.0 and 1.3 in 1.1.6. * dom4j, XOM, and JDOM are now optional dependencies so if a project was depending on them to be loaded transitively it will need to add explicit dependencies to build. jopt-simple: * Included jopt-simple to Package Hub 15 SP5 (no source changes) objectweb-asm was updated to version 9.7: * New Opcodes.V23 constant for Java 23 * Bugs fixed * Fixed unit test regression in dex2jar. * Fixed 'ClassNode#outerClass' with incorrect JavaDocs. * asm-bom packaging should be 'pom'. * The Textifier prints a supplementary space at the end of each method that throws at least one exception. open-test-reporting: * Included `open-test-reporting-events` and `open-test-reporting-schema` to the channels as they are runtime dependencies of Junit5 (no source changes) saxpath was implemented at version 1.0 FCS: * New standalone RPM package implementation, originally part of `jdom` source package (openSUSE Leap 15.5 package only) xom was implemented at version 1.3.9: * New standalone RPM package implementation, originally part of `jdom` source package * The Nodes and Elements classes are iterable so you can use the enhanced for loop syntax on instances of these classes. * The copy() method is now covariant. * Adds Automatic-Moduole-Name to jar * Remove direct dependency on xml-apis:xml-apis artifact since these classes are now available in the core runtime. * Eliminate usage of com.sun classes to make XOM compatible with JDK 16. * Replace remaining usages of StringBuffer with StringBuilder to slightly improve performance. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1874=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-1874=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-1874=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-1874=1 * Development Tools Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2024-1874=1 * Development Tools Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2024-1874=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-1874=1 * SUSE Manager Server 4.3 Module 4.3 zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Server-4.3-2024-1874=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-1874=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-1874=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-1874=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-1874=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-1874=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-1874=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-1874=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-1874=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-1874=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-1874=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-1874=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-1874=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-1874=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-1874=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-1874=1 ## Package List: * openSUSE Leap 15.5 (noarch) * junit5-minimal-5.10.2-150200.3.10.2 * jopt-simple-javadoc-5.0.4-150200.3.4.3 * junit5-guide-5.10.2-150200.3.10.3 * apiguardian-javadoc-1.1.2-150200.3.10.2 * junit5-5.10.2-150200.3.10.3 * junit5-javadoc-5.10.2-150200.3.10.3 * jopt-simple-5.0.4-150200.3.4.3 * dom4j-demo-2.1.4-150200.12.10.2 * xom-1.3.9-150200.5.3.3 * junit-manual-4.13.2-150200.3.15.2 * byte-buddy-1.14.16-150200.5.7.1 * jdom-1.1.3-150200.12.8.2 * objectweb-asm-9.7-150200.3.15.2 * objectweb-asm-javadoc-9.7-150200.3.15.2 * saxpath-1.0-150200.5.3.3 * apiguardian-1.1.2-150200.3.10.2 * jaxen-2.0.0-150200.5.3.1 * open-test-reporting-events-0.1.0~M2-150200.5.7.2 * dom4j-2.1.4-150200.12.10.2 * hamcrest-2.2-150200.12.17.2 * assertj-core-3.25.3-150200.5.4.3 * junit5-bom-5.10.2-150200.3.10.3 * junit-4.13.2-150200.3.15.2 * dom4j-javadoc-2.1.4-150200.12.10.2 * open-test-reporting-schema-0.1.0~M2-150200.5.7.2 * junit-javadoc-4.13.2-150200.3.15.2 * hamcrest-javadoc-2.2-150200.12.17.2 * openSUSE Leap 15.6 (noarch) * junit5-minimal-5.10.2-150200.3.10.2 * jopt-simple-javadoc-5.0.4-150200.3.4.3 * junit5-guide-5.10.2-150200.3.10.3 * apiguardian-javadoc-1.1.2-150200.3.10.2 * junit5-5.10.2-150200.3.10.3 * junit5-javadoc-5.10.2-150200.3.10.3 * jopt-simple-5.0.4-150200.3.4.3 * dom4j-demo-2.1.4-150200.12.10.2 * xom-1.3.9-150200.5.3.3 * junit-manual-4.13.2-150200.3.15.2 * byte-buddy-1.14.16-150200.5.7.1 * jdom-1.1.3-150200.12.8.2 * objectweb-asm-9.7-150200.3.15.2 * objectweb-asm-javadoc-9.7-150200.3.15.2 * saxpath-1.0-150200.5.3.3 * apiguardian-1.1.2-150200.3.10.2 * jaxen-2.0.0-150200.5.3.1 * open-test-reporting-events-0.1.0~M2-150200.5.7.2 * dom4j-2.1.4-150200.12.10.2 * hamcrest-2.2-150200.12.17.2 * assertj-core-3.25.3-150200.5.4.3 * junit5-bom-5.10.2-150200.3.10.3 * junit-4.13.2-150200.3.15.2 * dom4j-javadoc-2.1.4-150200.12.10.2 * open-test-reporting-schema-0.1.0~M2-150200.5.7.2 * junit-javadoc-4.13.2-150200.3.15.2 * hamcrest-javadoc-2.2-150200.12.17.2 * Basesystem Module 15-SP5 (noarch) * objectweb-asm-9.7-150200.3.15.2 * Basesystem Module 15-SP6 (noarch) * objectweb-asm-9.7-150200.3.15.2 * Development Tools Module 15-SP5 (noarch) * jaxen-2.0.0-150200.5.3.1 * hamcrest-2.2-150200.12.17.2 * junit-4.13.2-150200.3.15.2 * jdom-1.1.3-150200.12.8.2 * dom4j-2.1.4-150200.12.10.2 * xom-1.3.9-150200.5.3.3 * Development Tools Module 15-SP6 (noarch) * jaxen-2.0.0-150200.5.3.1 * hamcrest-2.2-150200.12.17.2 * junit-4.13.2-150200.3.15.2 * jdom-1.1.3-150200.12.8.2 * dom4j-2.1.4-150200.12.10.2 * xom-1.3.9-150200.5.3.3 * SUSE Package Hub 15 15-SP6 (noarch) * apiguardian-1.1.2-150200.3.10.2 * assertj-core-3.25.3-150200.5.4.3 * open-test-reporting-events-0.1.0~M2-150200.5.7.2 * junit5-minimal-5.10.2-150200.3.10.2 * byte-buddy-1.14.16-150200.5.7.1 * open-test-reporting-schema-0.1.0~M2-150200.5.7.2 * junit5-5.10.2-150200.3.10.3 * jopt-simple-5.0.4-150200.3.4.3 * SUSE Manager Server 4.3 Module 4.3 (noarch) * jaxen-2.0.0-150200.5.3.1 * jdom-1.1.3-150200.12.8.2 * objectweb-asm-9.7-150200.3.15.2 * dom4j-2.1.4-150200.12.10.2 * xom-1.3.9-150200.5.3.3 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (noarch) * jaxen-2.0.0-150200.5.3.1 * hamcrest-2.2-150200.12.17.2 * junit-4.13.2-150200.3.15.2 * jdom-1.1.3-150200.12.8.2 * objectweb-asm-9.7-150200.3.15.2 * dom4j-2.1.4-150200.12.10.2 * xom-1.3.9-150200.5.3.3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * jaxen-2.0.0-150200.5.3.1 * hamcrest-2.2-150200.12.17.2 * junit-4.13.2-150200.3.15.2 * jdom-1.1.3-150200.12.8.2 * objectweb-asm-9.7-150200.3.15.2 * dom4j-2.1.4-150200.12.10.2 * xom-1.3.9-150200.5.3.3 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * jaxen-2.0.0-150200.5.3.1 * hamcrest-2.2-150200.12.17.2 * junit-4.13.2-150200.3.15.2 * jdom-1.1.3-150200.12.8.2 * objectweb-asm-9.7-150200.3.15.2 * dom4j-2.1.4-150200.12.10.2 * xom-1.3.9-150200.5.3.3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * jaxen-2.0.0-150200.5.3.1 * hamcrest-2.2-150200.12.17.2 * junit-4.13.2-150200.3.15.2 * jdom-1.1.3-150200.12.8.2 * objectweb-asm-9.7-150200.3.15.2 * dom4j-2.1.4-150200.12.10.2 * xom-1.3.9-150200.5.3.3 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (noarch) * jaxen-2.0.0-150200.5.3.1 * hamcrest-2.2-150200.12.17.2 * junit-4.13.2-150200.3.15.2 * jdom-1.1.3-150200.12.8.2 * objectweb-asm-9.7-150200.3.15.2 * dom4j-2.1.4-150200.12.10.2 * xom-1.3.9-150200.5.3.3 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (noarch) * jaxen-2.0.0-150200.5.3.1 * hamcrest-2.2-150200.12.17.2 * junit-4.13.2-150200.3.15.2 * jdom-1.1.3-150200.12.8.2 * objectweb-asm-9.7-150200.3.15.2 * dom4j-2.1.4-150200.12.10.2 * xom-1.3.9-150200.5.3.3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch) * jaxen-2.0.0-150200.5.3.1 * hamcrest-2.2-150200.12.17.2 * junit-4.13.2-150200.3.15.2 * jdom-1.1.3-150200.12.8.2 * objectweb-asm-9.7-150200.3.15.2 * dom4j-2.1.4-150200.12.10.2 * xom-1.3.9-150200.5.3.3 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch) * jaxen-2.0.0-150200.5.3.1 * hamcrest-2.2-150200.12.17.2 * junit-4.13.2-150200.3.15.2 * jdom-1.1.3-150200.12.8.2 * objectweb-asm-9.7-150200.3.15.2 * dom4j-2.1.4-150200.12.10.2 * xom-1.3.9-150200.5.3.3 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (noarch) * jaxen-2.0.0-150200.5.3.1 * hamcrest-2.2-150200.12.17.2 * junit-4.13.2-150200.3.15.2 * jdom-1.1.3-150200.12.8.2 * objectweb-asm-9.7-150200.3.15.2 * dom4j-2.1.4-150200.12.10.2 * xom-1.3.9-150200.5.3.3 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * jaxen-2.0.0-150200.5.3.1 * hamcrest-2.2-150200.12.17.2 * junit-4.13.2-150200.3.15.2 * jdom-1.1.3-150200.12.8.2 * objectweb-asm-9.7-150200.3.15.2 * dom4j-2.1.4-150200.12.10.2 * xom-1.3.9-150200.5.3.3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * jaxen-2.0.0-150200.5.3.1 * hamcrest-2.2-150200.12.17.2 * junit-4.13.2-150200.3.15.2 * jdom-1.1.3-150200.12.8.2 * objectweb-asm-9.7-150200.3.15.2 * dom4j-2.1.4-150200.12.10.2 * xom-1.3.9-150200.5.3.3 * SUSE Manager Proxy 4.3 (noarch) * objectweb-asm-9.7-150200.3.15.2 * SUSE Manager Retail Branch Server 4.3 (noarch) * objectweb-asm-9.7-150200.3.15.2 * SUSE Manager Server 4.3 (noarch) * objectweb-asm-9.7-150200.3.15.2 * SUSE Enterprise Storage 7.1 (noarch) * jaxen-2.0.0-150200.5.3.1 * hamcrest-2.2-150200.12.17.2 * junit-4.13.2-150200.3.15.2 * jdom-1.1.3-150200.12.8.2 * objectweb-asm-9.7-150200.3.15.2 * dom4j-2.1.4-150200.12.10.2 * xom-1.3.9-150200.5.3.3 ## References: * https://www.suse.com/security/cve/CVE-2021-33813.html * https://bugzilla.suse.com/show_bug.cgi?id=1187446 * https://bugzilla.suse.com/show_bug.cgi?id=1224410 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 31 12:30:02 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 31 May 2024 12:30:02 -0000 Subject: SUSE-SU-2024:1886-1: important: Security update for gstreamer-plugins-base Message-ID: <171715860242.29929.4013543582891887828@smelt2.prg2.suse.org> # Security update for gstreamer-plugins-base Announcement ID: SUSE-SU-2024:1886-1 Rating: important References: * bsc#1224806 Cross-References: * CVE-2024-4453 CVSS scores: * CVE-2024-4453 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * SUSE Enterprise Storage 7 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves one vulnerability can now be installed. ## Description: This update for gstreamer-plugins-base fixes the following issues: * CVE-2024-4453: Fixed lack of proper validation of user-supplied data when parsing EXIF metadata (bsc#1224806) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-1886=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-1886=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-1886=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-1886=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-1886=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-1886=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-1886=1 * SUSE Enterprise Storage 7 zypper in -t patch SUSE-Storage-7-2024-1886=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-1886=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-1886=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * typelib-1_0-GstSdp-1_0-1.16.3-150200.4.14.2 * libgstriff-1_0-0-1.16.3-150200.4.14.2 * gstreamer-plugins-base-devel-1.16.3-150200.4.14.2 * libgstaudio-1_0-0-debuginfo-1.16.3-150200.4.14.2 * gstreamer-plugins-base-debuginfo-1.16.3-150200.4.14.2 * libgstapp-1_0-0-1.16.3-150200.4.14.2 * gstreamer-plugins-base-debugsource-1.16.3-150200.4.14.2 * libgstpbutils-1_0-0-1.16.3-150200.4.14.2 * libgstvideo-1_0-0-1.16.3-150200.4.14.2 * typelib-1_0-GstRtp-1_0-1.16.3-150200.4.14.2 * libgstrtp-1_0-0-1.16.3-150200.4.14.2 * typelib-1_0-GstRtsp-1_0-1.16.3-150200.4.14.2 * libgstallocators-1_0-0-debuginfo-1.16.3-150200.4.14.2 * typelib-1_0-GstTag-1_0-1.16.3-150200.4.14.2 * typelib-1_0-GstPbutils-1_0-1.16.3-150200.4.14.2 * libgstgl-1_0-0-debuginfo-1.16.3-150200.4.14.2 * libgstvideo-1_0-0-debuginfo-1.16.3-150200.4.14.2 * typelib-1_0-GstAllocators-1_0-1.16.3-150200.4.14.2 * libgstriff-1_0-0-debuginfo-1.16.3-150200.4.14.2 * typelib-1_0-GstGL-1_0-1.16.3-150200.4.14.2 * libgstsdp-1_0-0-debuginfo-1.16.3-150200.4.14.2 * libgsttag-1_0-0-1.16.3-150200.4.14.2 * libgstfft-1_0-0-debuginfo-1.16.3-150200.4.14.2 * libgstsdp-1_0-0-1.16.3-150200.4.14.2 * typelib-1_0-GstApp-1_0-1.16.3-150200.4.14.2 * libgstgl-1_0-0-1.16.3-150200.4.14.2 * libgsttag-1_0-0-debuginfo-1.16.3-150200.4.14.2 * typelib-1_0-GstAudio-1_0-1.16.3-150200.4.14.2 * libgstallocators-1_0-0-1.16.3-150200.4.14.2 * libgstpbutils-1_0-0-debuginfo-1.16.3-150200.4.14.2 * libgstrtsp-1_0-0-debuginfo-1.16.3-150200.4.14.2 * libgstrtsp-1_0-0-1.16.3-150200.4.14.2 * libgstaudio-1_0-0-1.16.3-150200.4.14.2 * typelib-1_0-GstVideo-1_0-1.16.3-150200.4.14.2 * libgstfft-1_0-0-1.16.3-150200.4.14.2 * gstreamer-plugins-base-1.16.3-150200.4.14.2 * libgstrtp-1_0-0-debuginfo-1.16.3-150200.4.14.2 * libgstapp-1_0-0-debuginfo-1.16.3-150200.4.14.2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (noarch) * gstreamer-plugins-base-lang-1.16.3-150200.4.14.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * typelib-1_0-GstSdp-1_0-1.16.3-150200.4.14.2 * libgstriff-1_0-0-1.16.3-150200.4.14.2 * gstreamer-plugins-base-devel-1.16.3-150200.4.14.2 * libgstaudio-1_0-0-debuginfo-1.16.3-150200.4.14.2 * gstreamer-plugins-base-debuginfo-1.16.3-150200.4.14.2 * libgstapp-1_0-0-1.16.3-150200.4.14.2 * gstreamer-plugins-base-debugsource-1.16.3-150200.4.14.2 * libgstpbutils-1_0-0-1.16.3-150200.4.14.2 * libgstvideo-1_0-0-1.16.3-150200.4.14.2 * typelib-1_0-GstRtp-1_0-1.16.3-150200.4.14.2 * libgstrtp-1_0-0-1.16.3-150200.4.14.2 * typelib-1_0-GstRtsp-1_0-1.16.3-150200.4.14.2 * libgstallocators-1_0-0-debuginfo-1.16.3-150200.4.14.2 * typelib-1_0-GstTag-1_0-1.16.3-150200.4.14.2 * typelib-1_0-GstPbutils-1_0-1.16.3-150200.4.14.2 * libgstgl-1_0-0-debuginfo-1.16.3-150200.4.14.2 * libgstvideo-1_0-0-debuginfo-1.16.3-150200.4.14.2 * typelib-1_0-GstAllocators-1_0-1.16.3-150200.4.14.2 * libgstriff-1_0-0-debuginfo-1.16.3-150200.4.14.2 * typelib-1_0-GstGL-1_0-1.16.3-150200.4.14.2 * libgstsdp-1_0-0-debuginfo-1.16.3-150200.4.14.2 * libgsttag-1_0-0-1.16.3-150200.4.14.2 * libgstfft-1_0-0-debuginfo-1.16.3-150200.4.14.2 * libgstsdp-1_0-0-1.16.3-150200.4.14.2 * typelib-1_0-GstApp-1_0-1.16.3-150200.4.14.2 * libgstgl-1_0-0-1.16.3-150200.4.14.2 * libgsttag-1_0-0-debuginfo-1.16.3-150200.4.14.2 * typelib-1_0-GstAudio-1_0-1.16.3-150200.4.14.2 * libgstallocators-1_0-0-1.16.3-150200.4.14.2 * libgstpbutils-1_0-0-debuginfo-1.16.3-150200.4.14.2 * libgstrtsp-1_0-0-debuginfo-1.16.3-150200.4.14.2 * libgstrtsp-1_0-0-1.16.3-150200.4.14.2 * libgstaudio-1_0-0-1.16.3-150200.4.14.2 * typelib-1_0-GstVideo-1_0-1.16.3-150200.4.14.2 * libgstfft-1_0-0-1.16.3-150200.4.14.2 * gstreamer-plugins-base-1.16.3-150200.4.14.2 * libgstrtp-1_0-0-debuginfo-1.16.3-150200.4.14.2 * libgstapp-1_0-0-debuginfo-1.16.3-150200.4.14.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * gstreamer-plugins-base-lang-1.16.3-150200.4.14.2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * typelib-1_0-GstSdp-1_0-1.16.3-150200.4.14.2 * libgstriff-1_0-0-1.16.3-150200.4.14.2 * gstreamer-plugins-base-devel-1.16.3-150200.4.14.2 * libgstaudio-1_0-0-debuginfo-1.16.3-150200.4.14.2 * gstreamer-plugins-base-debuginfo-1.16.3-150200.4.14.2 * libgstapp-1_0-0-1.16.3-150200.4.14.2 * gstreamer-plugins-base-debugsource-1.16.3-150200.4.14.2 * libgstpbutils-1_0-0-1.16.3-150200.4.14.2 * libgstvideo-1_0-0-1.16.3-150200.4.14.2 * typelib-1_0-GstRtp-1_0-1.16.3-150200.4.14.2 * libgstrtp-1_0-0-1.16.3-150200.4.14.2 * typelib-1_0-GstRtsp-1_0-1.16.3-150200.4.14.2 * libgstallocators-1_0-0-debuginfo-1.16.3-150200.4.14.2 * typelib-1_0-GstTag-1_0-1.16.3-150200.4.14.2 * typelib-1_0-GstPbutils-1_0-1.16.3-150200.4.14.2 * libgstgl-1_0-0-debuginfo-1.16.3-150200.4.14.2 * libgstvideo-1_0-0-debuginfo-1.16.3-150200.4.14.2 * typelib-1_0-GstAllocators-1_0-1.16.3-150200.4.14.2 * libgstriff-1_0-0-debuginfo-1.16.3-150200.4.14.2 * typelib-1_0-GstGL-1_0-1.16.3-150200.4.14.2 * libgstsdp-1_0-0-debuginfo-1.16.3-150200.4.14.2 * libgsttag-1_0-0-1.16.3-150200.4.14.2 * libgstfft-1_0-0-debuginfo-1.16.3-150200.4.14.2 * libgstsdp-1_0-0-1.16.3-150200.4.14.2 * typelib-1_0-GstApp-1_0-1.16.3-150200.4.14.2 * libgstgl-1_0-0-1.16.3-150200.4.14.2 * libgsttag-1_0-0-debuginfo-1.16.3-150200.4.14.2 * typelib-1_0-GstAudio-1_0-1.16.3-150200.4.14.2 * libgstallocators-1_0-0-1.16.3-150200.4.14.2 * libgstpbutils-1_0-0-debuginfo-1.16.3-150200.4.14.2 * libgstrtsp-1_0-0-debuginfo-1.16.3-150200.4.14.2 * libgstrtsp-1_0-0-1.16.3-150200.4.14.2 * libgstaudio-1_0-0-1.16.3-150200.4.14.2 * typelib-1_0-GstVideo-1_0-1.16.3-150200.4.14.2 * libgstfft-1_0-0-1.16.3-150200.4.14.2 * gstreamer-plugins-base-1.16.3-150200.4.14.2 * libgstrtp-1_0-0-debuginfo-1.16.3-150200.4.14.2 * libgstapp-1_0-0-debuginfo-1.16.3-150200.4.14.2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (noarch) * gstreamer-plugins-base-lang-1.16.3-150200.4.14.2 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * typelib-1_0-GstSdp-1_0-1.16.3-150200.4.14.2 * libgstriff-1_0-0-1.16.3-150200.4.14.2 * gstreamer-plugins-base-devel-1.16.3-150200.4.14.2 * libgstaudio-1_0-0-debuginfo-1.16.3-150200.4.14.2 * gstreamer-plugins-base-debuginfo-1.16.3-150200.4.14.2 * libgstapp-1_0-0-1.16.3-150200.4.14.2 * gstreamer-plugins-base-debugsource-1.16.3-150200.4.14.2 * libgstpbutils-1_0-0-1.16.3-150200.4.14.2 * libgstvideo-1_0-0-1.16.3-150200.4.14.2 * typelib-1_0-GstRtp-1_0-1.16.3-150200.4.14.2 * libgstrtp-1_0-0-1.16.3-150200.4.14.2 * typelib-1_0-GstRtsp-1_0-1.16.3-150200.4.14.2 * libgstallocators-1_0-0-debuginfo-1.16.3-150200.4.14.2 * typelib-1_0-GstTag-1_0-1.16.3-150200.4.14.2 * typelib-1_0-GstPbutils-1_0-1.16.3-150200.4.14.2 * libgstgl-1_0-0-debuginfo-1.16.3-150200.4.14.2 * libgstvideo-1_0-0-debuginfo-1.16.3-150200.4.14.2 * typelib-1_0-GstAllocators-1_0-1.16.3-150200.4.14.2 * libgstriff-1_0-0-debuginfo-1.16.3-150200.4.14.2 * typelib-1_0-GstGL-1_0-1.16.3-150200.4.14.2 * libgstsdp-1_0-0-debuginfo-1.16.3-150200.4.14.2 * libgsttag-1_0-0-1.16.3-150200.4.14.2 * libgstfft-1_0-0-debuginfo-1.16.3-150200.4.14.2 * libgstsdp-1_0-0-1.16.3-150200.4.14.2 * typelib-1_0-GstApp-1_0-1.16.3-150200.4.14.2 * libgstgl-1_0-0-1.16.3-150200.4.14.2 * libgsttag-1_0-0-debuginfo-1.16.3-150200.4.14.2 * typelib-1_0-GstAudio-1_0-1.16.3-150200.4.14.2 * libgstallocators-1_0-0-1.16.3-150200.4.14.2 * libgstpbutils-1_0-0-debuginfo-1.16.3-150200.4.14.2 * libgstrtsp-1_0-0-debuginfo-1.16.3-150200.4.14.2 * libgstrtsp-1_0-0-1.16.3-150200.4.14.2 * libgstaudio-1_0-0-1.16.3-150200.4.14.2 * typelib-1_0-GstVideo-1_0-1.16.3-150200.4.14.2 * libgstfft-1_0-0-1.16.3-150200.4.14.2 * gstreamer-plugins-base-1.16.3-150200.4.14.2 * libgstrtp-1_0-0-debuginfo-1.16.3-150200.4.14.2 * libgstapp-1_0-0-debuginfo-1.16.3-150200.4.14.2 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch) * gstreamer-plugins-base-lang-1.16.3-150200.4.14.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * typelib-1_0-GstSdp-1_0-1.16.3-150200.4.14.2 * libgstriff-1_0-0-1.16.3-150200.4.14.2 * gstreamer-plugins-base-devel-1.16.3-150200.4.14.2 * libgstaudio-1_0-0-debuginfo-1.16.3-150200.4.14.2 * gstreamer-plugins-base-debuginfo-1.16.3-150200.4.14.2 * libgstapp-1_0-0-1.16.3-150200.4.14.2 * gstreamer-plugins-base-debugsource-1.16.3-150200.4.14.2 * libgstpbutils-1_0-0-1.16.3-150200.4.14.2 * libgstvideo-1_0-0-1.16.3-150200.4.14.2 * typelib-1_0-GstRtp-1_0-1.16.3-150200.4.14.2 * libgstrtp-1_0-0-1.16.3-150200.4.14.2 * typelib-1_0-GstRtsp-1_0-1.16.3-150200.4.14.2 * libgstallocators-1_0-0-debuginfo-1.16.3-150200.4.14.2 * typelib-1_0-GstTag-1_0-1.16.3-150200.4.14.2 * typelib-1_0-GstPbutils-1_0-1.16.3-150200.4.14.2 * libgstgl-1_0-0-debuginfo-1.16.3-150200.4.14.2 * libgstvideo-1_0-0-debuginfo-1.16.3-150200.4.14.2 * typelib-1_0-GstAllocators-1_0-1.16.3-150200.4.14.2 * libgstriff-1_0-0-debuginfo-1.16.3-150200.4.14.2 * typelib-1_0-GstGL-1_0-1.16.3-150200.4.14.2 * libgstsdp-1_0-0-debuginfo-1.16.3-150200.4.14.2 * libgsttag-1_0-0-1.16.3-150200.4.14.2 * libgstfft-1_0-0-debuginfo-1.16.3-150200.4.14.2 * libgstsdp-1_0-0-1.16.3-150200.4.14.2 * typelib-1_0-GstApp-1_0-1.16.3-150200.4.14.2 * libgstgl-1_0-0-1.16.3-150200.4.14.2 * libgsttag-1_0-0-debuginfo-1.16.3-150200.4.14.2 * typelib-1_0-GstAudio-1_0-1.16.3-150200.4.14.2 * libgstallocators-1_0-0-1.16.3-150200.4.14.2 * libgstpbutils-1_0-0-debuginfo-1.16.3-150200.4.14.2 * libgstrtsp-1_0-0-debuginfo-1.16.3-150200.4.14.2 * libgstrtsp-1_0-0-1.16.3-150200.4.14.2 * libgstaudio-1_0-0-1.16.3-150200.4.14.2 * typelib-1_0-GstVideo-1_0-1.16.3-150200.4.14.2 * libgstfft-1_0-0-1.16.3-150200.4.14.2 * gstreamer-plugins-base-1.16.3-150200.4.14.2 * libgstrtp-1_0-0-debuginfo-1.16.3-150200.4.14.2 * libgstapp-1_0-0-debuginfo-1.16.3-150200.4.14.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (noarch) * gstreamer-plugins-base-lang-1.16.3-150200.4.14.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * typelib-1_0-GstSdp-1_0-1.16.3-150200.4.14.2 * libgstriff-1_0-0-1.16.3-150200.4.14.2 * gstreamer-plugins-base-devel-1.16.3-150200.4.14.2 * libgstaudio-1_0-0-debuginfo-1.16.3-150200.4.14.2 * gstreamer-plugins-base-debuginfo-1.16.3-150200.4.14.2 * libgstapp-1_0-0-1.16.3-150200.4.14.2 * gstreamer-plugins-base-debugsource-1.16.3-150200.4.14.2 * libgstpbutils-1_0-0-1.16.3-150200.4.14.2 * libgstvideo-1_0-0-1.16.3-150200.4.14.2 * typelib-1_0-GstRtp-1_0-1.16.3-150200.4.14.2 * libgstrtp-1_0-0-1.16.3-150200.4.14.2 * typelib-1_0-GstRtsp-1_0-1.16.3-150200.4.14.2 * libgstallocators-1_0-0-debuginfo-1.16.3-150200.4.14.2 * typelib-1_0-GstTag-1_0-1.16.3-150200.4.14.2 * typelib-1_0-GstPbutils-1_0-1.16.3-150200.4.14.2 * libgstgl-1_0-0-debuginfo-1.16.3-150200.4.14.2 * libgstvideo-1_0-0-debuginfo-1.16.3-150200.4.14.2 * typelib-1_0-GstAllocators-1_0-1.16.3-150200.4.14.2 * libgstriff-1_0-0-debuginfo-1.16.3-150200.4.14.2 * typelib-1_0-GstGL-1_0-1.16.3-150200.4.14.2 * libgstsdp-1_0-0-debuginfo-1.16.3-150200.4.14.2 * libgsttag-1_0-0-1.16.3-150200.4.14.2 * libgstfft-1_0-0-debuginfo-1.16.3-150200.4.14.2 * libgstsdp-1_0-0-1.16.3-150200.4.14.2 * typelib-1_0-GstApp-1_0-1.16.3-150200.4.14.2 * libgstgl-1_0-0-1.16.3-150200.4.14.2 * libgsttag-1_0-0-debuginfo-1.16.3-150200.4.14.2 * typelib-1_0-GstAudio-1_0-1.16.3-150200.4.14.2 * libgstallocators-1_0-0-1.16.3-150200.4.14.2 * libgstpbutils-1_0-0-debuginfo-1.16.3-150200.4.14.2 * libgstrtsp-1_0-0-debuginfo-1.16.3-150200.4.14.2 * libgstrtsp-1_0-0-1.16.3-150200.4.14.2 * libgstaudio-1_0-0-1.16.3-150200.4.14.2 * typelib-1_0-GstVideo-1_0-1.16.3-150200.4.14.2 * libgstfft-1_0-0-1.16.3-150200.4.14.2 * gstreamer-plugins-base-1.16.3-150200.4.14.2 * libgstrtp-1_0-0-debuginfo-1.16.3-150200.4.14.2 * libgstapp-1_0-0-debuginfo-1.16.3-150200.4.14.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * gstreamer-plugins-base-lang-1.16.3-150200.4.14.2 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * typelib-1_0-GstSdp-1_0-1.16.3-150200.4.14.2 * libgstriff-1_0-0-1.16.3-150200.4.14.2 * gstreamer-plugins-base-devel-1.16.3-150200.4.14.2 * libgstaudio-1_0-0-debuginfo-1.16.3-150200.4.14.2 * gstreamer-plugins-base-debuginfo-1.16.3-150200.4.14.2 * libgstapp-1_0-0-1.16.3-150200.4.14.2 * gstreamer-plugins-base-debugsource-1.16.3-150200.4.14.2 * libgstpbutils-1_0-0-1.16.3-150200.4.14.2 * libgstvideo-1_0-0-1.16.3-150200.4.14.2 * typelib-1_0-GstRtp-1_0-1.16.3-150200.4.14.2 * libgstrtp-1_0-0-1.16.3-150200.4.14.2 * typelib-1_0-GstRtsp-1_0-1.16.3-150200.4.14.2 * libgstallocators-1_0-0-debuginfo-1.16.3-150200.4.14.2 * typelib-1_0-GstTag-1_0-1.16.3-150200.4.14.2 * typelib-1_0-GstPbutils-1_0-1.16.3-150200.4.14.2 * libgstgl-1_0-0-debuginfo-1.16.3-150200.4.14.2 * libgstvideo-1_0-0-debuginfo-1.16.3-150200.4.14.2 * typelib-1_0-GstAllocators-1_0-1.16.3-150200.4.14.2 * libgstriff-1_0-0-debuginfo-1.16.3-150200.4.14.2 * typelib-1_0-GstGL-1_0-1.16.3-150200.4.14.2 * libgstsdp-1_0-0-debuginfo-1.16.3-150200.4.14.2 * libgsttag-1_0-0-1.16.3-150200.4.14.2 * libgstfft-1_0-0-debuginfo-1.16.3-150200.4.14.2 * libgstsdp-1_0-0-1.16.3-150200.4.14.2 * typelib-1_0-GstApp-1_0-1.16.3-150200.4.14.2 * libgstgl-1_0-0-1.16.3-150200.4.14.2 * libgsttag-1_0-0-debuginfo-1.16.3-150200.4.14.2 * typelib-1_0-GstAudio-1_0-1.16.3-150200.4.14.2 * libgstallocators-1_0-0-1.16.3-150200.4.14.2 * libgstpbutils-1_0-0-debuginfo-1.16.3-150200.4.14.2 * libgstrtsp-1_0-0-debuginfo-1.16.3-150200.4.14.2 * libgstrtsp-1_0-0-1.16.3-150200.4.14.2 * libgstaudio-1_0-0-1.16.3-150200.4.14.2 * typelib-1_0-GstVideo-1_0-1.16.3-150200.4.14.2 * libgstfft-1_0-0-1.16.3-150200.4.14.2 * gstreamer-plugins-base-1.16.3-150200.4.14.2 * libgstrtp-1_0-0-debuginfo-1.16.3-150200.4.14.2 * libgstapp-1_0-0-debuginfo-1.16.3-150200.4.14.2 * SUSE Enterprise Storage 7.1 (noarch) * gstreamer-plugins-base-lang-1.16.3-150200.4.14.2 * SUSE Enterprise Storage 7 (aarch64 x86_64) * typelib-1_0-GstSdp-1_0-1.16.3-150200.4.14.2 * libgstriff-1_0-0-1.16.3-150200.4.14.2 * gstreamer-plugins-base-devel-1.16.3-150200.4.14.2 * libgstaudio-1_0-0-debuginfo-1.16.3-150200.4.14.2 * gstreamer-plugins-base-debuginfo-1.16.3-150200.4.14.2 * libgstapp-1_0-0-1.16.3-150200.4.14.2 * gstreamer-plugins-base-debugsource-1.16.3-150200.4.14.2 * libgstpbutils-1_0-0-1.16.3-150200.4.14.2 * libgstvideo-1_0-0-1.16.3-150200.4.14.2 * typelib-1_0-GstRtp-1_0-1.16.3-150200.4.14.2 * libgstrtp-1_0-0-1.16.3-150200.4.14.2 * typelib-1_0-GstRtsp-1_0-1.16.3-150200.4.14.2 * libgstallocators-1_0-0-debuginfo-1.16.3-150200.4.14.2 * typelib-1_0-GstTag-1_0-1.16.3-150200.4.14.2 * typelib-1_0-GstPbutils-1_0-1.16.3-150200.4.14.2 * libgstgl-1_0-0-debuginfo-1.16.3-150200.4.14.2 * libgstvideo-1_0-0-debuginfo-1.16.3-150200.4.14.2 * typelib-1_0-GstAllocators-1_0-1.16.3-150200.4.14.2 * libgstriff-1_0-0-debuginfo-1.16.3-150200.4.14.2 * typelib-1_0-GstGL-1_0-1.16.3-150200.4.14.2 * libgstsdp-1_0-0-debuginfo-1.16.3-150200.4.14.2 * libgsttag-1_0-0-1.16.3-150200.4.14.2 * libgstfft-1_0-0-debuginfo-1.16.3-150200.4.14.2 * libgstsdp-1_0-0-1.16.3-150200.4.14.2 * typelib-1_0-GstApp-1_0-1.16.3-150200.4.14.2 * libgstgl-1_0-0-1.16.3-150200.4.14.2 * libgsttag-1_0-0-debuginfo-1.16.3-150200.4.14.2 * typelib-1_0-GstAudio-1_0-1.16.3-150200.4.14.2 * libgstallocators-1_0-0-1.16.3-150200.4.14.2 * libgstpbutils-1_0-0-debuginfo-1.16.3-150200.4.14.2 * libgstrtsp-1_0-0-debuginfo-1.16.3-150200.4.14.2 * libgstrtsp-1_0-0-1.16.3-150200.4.14.2 * libgstaudio-1_0-0-1.16.3-150200.4.14.2 * typelib-1_0-GstVideo-1_0-1.16.3-150200.4.14.2 * libgstfft-1_0-0-1.16.3-150200.4.14.2 * gstreamer-plugins-base-1.16.3-150200.4.14.2 * libgstrtp-1_0-0-debuginfo-1.16.3-150200.4.14.2 * libgstapp-1_0-0-debuginfo-1.16.3-150200.4.14.2 * SUSE Enterprise Storage 7 (noarch) * gstreamer-plugins-base-lang-1.16.3-150200.4.14.2 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * libgsttag-1_0-0-debuginfo-1.16.3-150200.4.14.2 * libgstriff-1_0-0-1.16.3-150200.4.14.2 * libgstallocators-1_0-0-1.16.3-150200.4.14.2 * libgsttag-1_0-0-1.16.3-150200.4.14.2 * libgstallocators-1_0-0-debuginfo-1.16.3-150200.4.14.2 * libgstpbutils-1_0-0-debuginfo-1.16.3-150200.4.14.2 * libgstvideo-1_0-0-1.16.3-150200.4.14.2 * libgstaudio-1_0-0-debuginfo-1.16.3-150200.4.14.2 * libgstgl-1_0-0-debuginfo-1.16.3-150200.4.14.2 * gstreamer-plugins-base-debuginfo-1.16.3-150200.4.14.2 * libgstgl-1_0-0-1.16.3-150200.4.14.2 * libgstaudio-1_0-0-1.16.3-150200.4.14.2 * libgstvideo-1_0-0-debuginfo-1.16.3-150200.4.14.2 * libgstapp-1_0-0-1.16.3-150200.4.14.2 * gstreamer-plugins-base-debugsource-1.16.3-150200.4.14.2 * libgstpbutils-1_0-0-1.16.3-150200.4.14.2 * gstreamer-plugins-base-1.16.3-150200.4.14.2 * libgstriff-1_0-0-debuginfo-1.16.3-150200.4.14.2 * libgstapp-1_0-0-debuginfo-1.16.3-150200.4.14.2 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * libgsttag-1_0-0-debuginfo-1.16.3-150200.4.14.2 * libgstriff-1_0-0-1.16.3-150200.4.14.2 * libgstallocators-1_0-0-1.16.3-150200.4.14.2 * libgsttag-1_0-0-1.16.3-150200.4.14.2 * libgstallocators-1_0-0-debuginfo-1.16.3-150200.4.14.2 * libgstpbutils-1_0-0-debuginfo-1.16.3-150200.4.14.2 * libgstvideo-1_0-0-1.16.3-150200.4.14.2 * libgstaudio-1_0-0-debuginfo-1.16.3-150200.4.14.2 * libgstgl-1_0-0-debuginfo-1.16.3-150200.4.14.2 * gstreamer-plugins-base-debuginfo-1.16.3-150200.4.14.2 * libgstgl-1_0-0-1.16.3-150200.4.14.2 * libgstaudio-1_0-0-1.16.3-150200.4.14.2 * libgstvideo-1_0-0-debuginfo-1.16.3-150200.4.14.2 * libgstapp-1_0-0-1.16.3-150200.4.14.2 * gstreamer-plugins-base-debugsource-1.16.3-150200.4.14.2 * libgstpbutils-1_0-0-1.16.3-150200.4.14.2 * gstreamer-plugins-base-1.16.3-150200.4.14.2 * libgstriff-1_0-0-debuginfo-1.16.3-150200.4.14.2 * libgstapp-1_0-0-debuginfo-1.16.3-150200.4.14.2 ## References: * https://www.suse.com/security/cve/CVE-2024-4453.html * https://bugzilla.suse.com/show_bug.cgi?id=1224806 -------------- next part -------------- An HTML attachment was scrubbed... URL: